From aee94f452bfcae5e958820dd1ceb4ba9e975c2e4 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 13 Oct 2021 16:49:41 +0200 Subject: [PATCH 0001/1882] Initial deploy --- flake.lock | 93 ++++++++++++++++ flake.nix | 25 +++++ hosts/bastion/configuration.nix | 135 +++++++++++++++++++++++ hosts/bastion/hardware-configuration.nix | 25 +++++ 4 files changed, 278 insertions(+) create mode 100644 flake.lock create mode 100644 flake.nix create mode 100644 hosts/bastion/configuration.nix create mode 100644 hosts/bastion/hardware-configuration.nix diff --git a/flake.lock b/flake.lock new file mode 100644 index 00000000..627d1afd --- /dev/null +++ b/flake.lock @@ -0,0 +1,93 @@ +{ + "nodes": { + "deploy-rs": { + "inputs": { + "flake-compat": "flake-compat", + "nixpkgs": "nixpkgs", + "utils": "utils" + }, + "locked": { + "lastModified": 1632822684, + "narHash": "sha256-lt7eayYmgsD5OQwpb1XYfHpxttn43bWo7G7hIJs+zJw=", + "owner": "serokell", + "repo": "deploy-rs", + "rev": "9a02de4373e0ec272d08a417b269a28ac8b961b4", + "type": "github" + }, + "original": { + "owner": "serokell", + "repo": "deploy-rs", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1627913399, + "narHash": "sha256-hY8g6H2KFL8ownSiFeMOjwPC8P0ueXpCVEbxgda3pko=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "12c64ca55c1014cdc1b16ed5a804aa8576601ff2", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1632086102, + "narHash": "sha256-wVTcf0UclFS+zHtfPToB13jIO7n0U9N50MuRbPjQViE=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e0ce3c683ae677cf5aab597d645520cddd13392b", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1634134746, + "narHash": "sha256-+v03gm5X1obM4XpeTfSFZVE3oaWB6g4LyA/OmdPcg04=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "222c332c19761c91aabe119681584c7982c27e04", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "root": { + "inputs": { + "deploy-rs": "deploy-rs", + "nixpkgs": "nixpkgs_2" + } + }, + "utils": { + "locked": { + "lastModified": 1631561581, + "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "7e5bf3925f6fbdfaf50a2a7ca0be2879c4261d19", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 00000000..b1368ddf --- /dev/null +++ b/flake.nix @@ -0,0 +1,25 @@ +{ + description = "Delft Deployment"; + + inputs.deploy-rs.url = "github:serokell/deploy-rs"; + + outputs = { self, nixpkgs, deploy-rs }: { + nixosConfigurations.bastion = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ ./hosts/bastion/configuration.nix ]; + }; + + deploy.nodes.bastion = { + hostname = "localhost"; + fastConnection = true; + profiles.system = { + user = "root"; + path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.bastion; + }; + + }; + + checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; + }; + +} diff --git a/hosts/bastion/configuration.nix b/hosts/bastion/configuration.nix new file mode 100644 index 00000000..1edb7464 --- /dev/null +++ b/hosts/bastion/configuration.nix @@ -0,0 +1,135 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + # boot.loader.grub.efiSupport = true; + # boot.loader.grub.efiInstallAsRemovable = true; + # boot.loader.efi.efiSysMountPoint = "/boot/efi"; + # Define on which hard drive you want to install Grub. + boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only + + networking.hostName = "bastion"; # Define your hostname. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + + # Set your time zone. + time.timeZone = "Europe/Amsterdam"; + + # The global useDHCP flag is deprecated, therefore explicitly set to false here. + # Per-interface useDHCP will be mandatory in the future, so this generated config + # replicates the default behaviour. + networking.useDHCP = false; + networking.interfaces.ens18.useDHCP = true; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Select internationalisation properties. + # i18n.defaultLocale = "en_US.UTF-8"; + # console = { + # font = "Lat2-Terminus16"; + # keyMap = "us"; + # }; + + # Enable the X11 windowing system. + # services.xserver.enable = true; + +security.sudo.wheelNeedsPassword = false; + + + + # Configure keymap in X11 + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = "eurosign:e"; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + # users.users.jane = { + # isNormalUser = true; + # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. + # }; + + # List packages installed in system profile. To search, run: + # $ nix search wget + # environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + # firefox + # ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + services.openssh.permitRootLogin = "without-password"; + + #services.openssh.passwordAuthentication = true; + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + #networking.firewall.enable = false; + + environment.systemPackages = with pkgs; [git rsync htop neovim]; + + users.extraUsers.root.openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAiOUE5yEKMXvKMoQJxfAKbLi5GGOQptzUbWuAVIOnQG+AXJetF/D4Qj68X/0LGEEX78aA4Tb4rNa4imv95+I2rRvRcz8U/9sWoSdfzXLT6KjMqW/4+iNGNFEd0jx92HxPU1Sir6rOGWVwxcayEGO4NJXAjE0LvNMN0+4c9TaH4FZ1hLhyjAdkh5KgPP48JbubqI0zf+BlTJJCWDz3MtN9CHn2nERjGRodYHjq3WTwGXyq7o7Tfmko7C0CE2gBuz4f3LJdH2vz+ghkL5vzFnxzq9QgucJoRr+Pjons71L1622ZLFFHsmicJIEofOUgTrwiD5yayijp/izVFdUvUoB20w==" + ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.05"; # Did you read the comment? + + + # Flakes + nix = { + package = pkgs.nixUnstable; + extraOptions = '' + experimental-features = nix-command flakes + ''; + }; + + users.extraUsers.victor = { + isNormalUser = true; + extraGroups = [ "wheel" ]; + openssh.authorizedKeys.keys = [ +"ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAiOUE5yEKMXvKMoQJxfAKbLi5GGOQptzUbWuAVIOnQG+A +XJetF/D4Qj68X/0LGEEX78aA4Tb4rNa4imv95+I2rRvRcz8U/9sWoSdfzXLT6KjMqW/4+iNGNFEd0jx92HxPU1Sir +6rOGWVwxcayEGO4NJXAjE0LvNMN0+4c9TaH4FZ1hLhyjAdkh5KgPP48JbubqI0zf+BlTJJCWDz3MtN9CHn2nERjGR +odYHjq3WTwGXyq7o7Tfmko7C0CE2gBuz4f3LJdH2vz+ghkL5vzFnxzq9QgucJoRr+Pjons71L1622ZLFFHsmicJIE +ofOUgTrwiD5yayijp/izVFdUvUoB20w==" ]; + }; +} + diff --git a/hosts/bastion/hardware-configuration.nix b/hosts/bastion/hardware-configuration.nix new file mode 100644 index 00000000..1e9cf592 --- /dev/null +++ b/hosts/bastion/hardware-configuration.nix @@ -0,0 +1,25 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/e8427097-8545-4924-b033-2659fcf9adca"; + fsType = "ext4"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; } + ]; + +} -- 2.47.1 From 42fd6e087ce450235a72b99aa4c388e5cb7404f2 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Wed, 13 Oct 2021 18:17:45 +0200 Subject: [PATCH 0002/1882] add common config --- common/default.nix | 47 +++++ common/generic-lxc.nix | 18 ++ common/generic-vm.nix | 14 ++ common/services/default.nix | 8 + common/services/flood.nix | 150 ++++++++++++++++ common/services/unpackerr.nix | 307 ++++++++++++++++++++++++++++++++ common/services/vmagent.nix | 114 ++++++++++++ common/users/default.nix | 65 +++++++ flake.nix | 6 +- hosts/bastion/configuration.nix | 110 +----------- 10 files changed, 729 insertions(+), 110 deletions(-) create mode 100644 common/default.nix create mode 100644 common/generic-lxc.nix create mode 100644 common/generic-vm.nix create mode 100644 common/services/default.nix create mode 100644 common/services/flood.nix create mode 100644 common/services/unpackerr.nix create mode 100644 common/services/vmagent.nix create mode 100644 common/users/default.nix diff --git a/common/default.nix b/common/default.nix new file mode 100644 index 00000000..9036a33a --- /dev/null +++ b/common/default.nix @@ -0,0 +1,47 @@ +# Common/default.nix + +# Inputs for this module, we don't use anything so can be empty. +{ ... }: + +{ + imports = [ + # User account definitions + ./users + ./services + ]; + + # Clean /tmp on boot. + boot.cleanTmpDir = true; + + # Set your time zone. + time.timeZone = "Europe/Amsterdam"; + + # Nix Settings + nix = { + package = pkgs.nixUnstable; + autoOptimiseStore = true; + binaryCaches = [ + "https://cachix.cachix.org" + "https://nix-community.cachix.org" + "https://nixpkgs-review-bot.cachix.org" + ]; + binaryCachePublicKeys = [ + "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + "nixpkgs-review-bot.cachix.org-1:eppgiDjPk7Hkzzz7XlUesk3rcEHqNDozGOrcLc8IqwE=" + ]; + trustedUsers = [ "root" "victor" ]; + extraOptions = '' + experimental-features = nix-command flakes + ''; + }; + + nixpkgs.config.allowUnfree = true; + + # Limit the systemd journal to 100 MB of disk or the + # last 7 days of logs, whichever happens first. + services.journald.extraConfig = '' + SystemMaxUse=100M + MaxFileSec=7day + ''; +} diff --git a/common/generic-lxc.nix b/common/generic-lxc.nix new file mode 100644 index 00000000..c492b91d --- /dev/null +++ b/common/generic-lxc.nix @@ -0,0 +1,18 @@ +{ ... }: { + # See also: https://blog.xirion.net/posts/nixos-proxmox-lxc/ + + # Import nixos lxc config + imports = [ + + ]; + + # Supress systemd services that don't work (correctly) on LXC + systemd.suppressedSystemUnits = [ + "dev-mqueue.mount" + "sys-kernel-debug.mount" + "sys-fs-fuse-connections.mount" + ]; + + # Enable SSH daemon support. + services.openssh.enable = true; +} diff --git a/common/generic-vm.nix b/common/generic-vm.nix new file mode 100644 index 00000000..de732089 --- /dev/null +++ b/common/generic-vm.nix @@ -0,0 +1,14 @@ +{ lib, ... }: { + # The global useDHCP flag is deprecated, therefore explicitly set to false here. + # Per-interface useDHCP will be mandatory in the future, so this generated config + # replicates the default behaviour. + networking.useDHCP = false; + networking.interfaces.ens18.useDHCP = lib.mkDefault true; + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + services.openssh.permitRootLogin = lib.mkDefault "yes"; + + # Enable qemu guest agent + services.qemuGuest.enable = true; +} diff --git a/common/services/default.nix b/common/services/default.nix new file mode 100644 index 00000000..9fa6e606 --- /dev/null +++ b/common/services/default.nix @@ -0,0 +1,8 @@ +{ config, lib, pkgs, ... }: +{ + imports = [ + ./flood.nix + ./unpackerr.nix + ./vmagent.nix + ]; +} diff --git a/common/services/flood.nix b/common/services/flood.nix new file mode 100644 index 00000000..3616bfac --- /dev/null +++ b/common/services/flood.nix @@ -0,0 +1,150 @@ +{ config, pkgs, lib, ... }: +with lib; +let cfg = config.services.flood; +in +{ + options.services.flood = { + enable = mkEnableOption "flood"; + + user = mkOption { + default = "flood"; + type = types.str; + description = '' + User account under which flood runs. + ''; + }; + + group = mkOption { + type = types.str; + default = "rtorrent"; + description = '' + Group under which flood runs. + Flood needs to have the correct permissions if accessing rtorrent through the socket. + ''; + }; + + package = mkOption { + type = types.package; + default = pkgs.flood; + defaultText = "pkgs.flood"; + description = '' + The flood package to use. + ''; + }; + + host = mkOption { + type = types.str; + default = "127.0.0.1"; + description = '' + Address flood binds to. + ''; + }; + + port = mkOption { + type = types.port; + default = 3000; + description = '' + The flood web port. + ''; + }; + + openFirewall = mkOption { + type = types.bool; + default = false; + description = '' + Whether to open the firewall for the port in . + ''; + }; + + rpcSocket = mkOption { + type = types.str; + readOnly = true; + default = "/run/rtorrent/rpc.sock"; + description = '' + RPC socket path. + (Only used when auth=none). + ''; + }; + + dataDir = mkOption { + type = types.str; + default = "/var/lib/flood"; + description = '' + The directory where flood stores its data files. + ''; + }; + + downloadDir = mkOption { + type = types.str; + default = "/var/lib/rtorrent/download"; + description = '' + Root directory for downloaded files. + ''; + }; + + authMode = mkOption { + type = types.str; + default = "none"; + description = '' + Access control and user management method. + Either 'default' or 'none'. + ''; + }; + + ssl = mkOption { + type = types.bool; + default = false; + description = '' + Enable SSL. + key.pem and fullchain.pem needed in runtime directory. + ''; + }; + + baseURI = mkOption { + type = types.str; + default = "/"; + description = '' + This URI will prefix all of Flood's HTTP requests + ''; + }; + }; + + config = mkIf cfg.enable { + # Create group if set to default + users.groups = mkIf (cfg.group == "rtorrent") { + rtorrent = { }; + }; + + # Create user if set to default + users.users = mkIf (cfg.user == "flood") { + flood = { + group = cfg.group; + shell = pkgs.bashInteractive; + home = cfg.dataDir; + description = "flood Daemon user"; + isSystemUser = true; + }; + }; + + # Open firewall if option is set to do so. + networking.firewall.allowedTCPPorts = mkIf (cfg.openFirewall) [ cfg.port ]; + + # The actual service + systemd.services.flood = { + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + description = "flood system service"; + serviceConfig = { + User = cfg.user; + Group = cfg.group; + Type = "simple"; + Restart = "on-failure"; + WorkingDirectory = cfg.dataDir; + ExecStart = "${cfg.package}/bin/flood --baseuri ${cfg.baseURI} --rundir ${cfg.dataDir} --host ${cfg.host} --port ${toString cfg.port} ${if cfg.ssl then "--ssl" else ""} --auth ${cfg.authMode} --rtsocket ${cfg.rpcSocket} --allowedpath ${cfg.downloadDir}"; + }; + }; + + # This is needed to create the dataDir with the correct permissions. + systemd.tmpfiles.rules = [ "d '${cfg.dataDir}' 0755 ${cfg.user} ${cfg.group} -" ]; + }; +} diff --git a/common/services/unpackerr.nix b/common/services/unpackerr.nix new file mode 100644 index 00000000..7135b06e --- /dev/null +++ b/common/services/unpackerr.nix @@ -0,0 +1,307 @@ +{ config, pkgs, lib, ... }: +with lib; +let + cfg = config.services.unpackerr; + mkStarrOptions = { name, url }: { + url = mkOption { + type = types.str; + default = ""; + example = "${url}"; + description = '' + The URL to access ${name} + ''; + }; + apiKey = mkOption { + type = types.str; + default = ""; + description = '' + The API key for accessing ${name} + ''; + }; + paths = mkOption { + type = types.str; + default = ""; + example = "/downloads,/moreDownloads"; + description = '' + List of paths where content is downloaded for ${name} + ''; + }; + protocols = mkOption { + type = types.str; + default = "torrent"; + example = "torrent,usenet"; + description = '' + Protocols to process + ''; + }; + timeout = mkOption { + type = types.str; + default = "10s"; + description = '' + How long to wait for ${name} to respond + ''; + }; + deleteOrginal = mkOption { + type = types.bool; + default = false; + description = '' + Delete archives after import? + Recommend not setting this to true + ''; + }; + deleteDelay = mkOption { + type = types.str; + default = "5m"; + description = '' + Extracts are deleted this long after import. `-1` to disable. + ''; + }; + }; +in +{ + options.services.unpackerr = { + enable = mkEnableOption "unpackerr"; + + user = mkOption { + default = "unpackerr"; + type = types.str; + description = '' + User account under which unpackerr runs. + ''; + }; + + group = mkOption { + type = types.str; + default = "unpackerr"; + description = '' + Group under which unpackerr runs. + ''; + }; + + package = mkOption { + type = types.package; + default = pkgs.unpackerr; + defaultText = "pkgs.unpackerr"; + description = '' + The unpackerr package to use. + ''; + }; + + debug = mkOption { + type = types.bool; + default = false; + description = '' + Turns on more logs. + ''; + }; + + interval = mkOption { + type = types.str; + default = "2m"; + description = '' + How often apps are polled, recommended 1m to 5m + ''; + }; + + startDelay = mkOption { + type = types.str; + default = "1m"; + description = '' + Files are queued at least this long before extraction + ''; + }; + + retryDelay = mkOption { + type = types.str; + default = "5m"; + description = '' + Failed extractions are retried after at least this long + ''; + }; + + maxRetries = mkOption { + type = types.int; + default = 3; + description = '' + Times to retry failed extractions. `0` = unlimited. + ''; + }; + + parallel = mkOption { + type = types.int; + default = 1; + description = '' + Concurrent extractions, 1 is recommended. + ''; + }; + + fileMode = mkOption { + type = types.str; + default = "0644"; + description = '' + Extracted files are written with this mode + ''; + }; + + dirMode = mkOption { + type = types.str; + default = "0755"; + description = '' + Extracted folders are written with this mode + ''; + }; + + sonarr = mkStarrOptions { name = "Sonarr"; url = "http://localhost:8989"; }; + + radarr = mkStarrOptions { name = "Radarr"; url = "http://localhost:7878"; }; + + lidarr = mkStarrOptions { name = "Lidarr"; url = "http://localhost:8686"; }; + + readarr = mkStarrOptions { name = "Readarr"; url = "http://localhost:8787"; }; + + folder = { + path = mkOption { + type = types.str; + default = ""; + description = '' + folder path, not for Starr apps. + ''; + }; + extractPath = mkOption { + type = types.str; + default = ""; + description = '' + Where to extract to, Defaults to . + ''; + }; + deleteAfter = mkOption { + type = types.str; + default = ""; + example = "10m"; + description = '' + Delete extracted files and/or archives after this duration, `0` to disable. + ''; + }; + deleteOrginal = mkOption { + type = types.bool; + default = false; + description = '' + Delete archives after extraction + ''; + }; + deleteFiles = mkOption { + type = types.bool; + default = false; + description = '' + Delete extracted files after successful extraction + ''; + }; + moveBack = mkOption { + type = types.bool; + default = false; + description = '' + Move extracted items back into original folder + ''; + }; + }; + + extraConfig = mkOption { + type = types.attrs; + default = {}; + description = '' + Extra environment variables + ''; + example = { + UN_WEBHOOK_0_URL = "http://example.com"; + }; + }; + }; + + config = mkIf cfg.enable { + # Create group if set to default + users.groups = mkIf (cfg.group == "unpackerr") { + unpackerr = { }; + }; + + # Create user if set to default + users.users = mkIf (cfg.user == "unpackerr") { + unpackerr = { + group = cfg.group; + shell = pkgs.bashInteractive; + createHome = false; + description = "unpackerr Daemon user"; + isSystemUser = true; + }; + }; + + # The actual service + systemd.services.unpackerr = { + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + description = "unpackerr system service"; + # Filter out all unset variables else unpackerr complains + environment = filterAttrs (n: v: stringLength v > 0) { + # General options + UN_DEBUG = "${toString cfg.debug}"; + UN_INTERVAL = "${cfg.interval}"; + UN_START_DELAY = "${cfg.startDelay}"; + UN_RETRY_DELAY = "${cfg.retryDelay}"; + UN_MAX_RETRIES = "${toString cfg.maxRetries}"; + UN_PARALLEL = "${toString cfg.parallel}"; + UN_FILE_MODE = "${cfg.fileMode}"; + UN_DIR_MODE = "${cfg.dirMode}"; + + # Sonarr + UN_SONARR_0_URL = "${cfg.sonarr.url}"; + UN_SONARR_0_API_KEY = "${cfg.sonarr.apiKey}"; + UN_SONARR_0_PATHS_0 = "${cfg.sonarr.paths}"; + UN_SONARR_0_PROTOCOLS = "${cfg.sonarr.protocols}"; + UN_SONARR_0_TIMEOUT = "${cfg.sonarr.timeout}"; + UN_SONARR_0_DELETE_ORIG = "${toString cfg.sonarr.deleteOrginal}"; + UN_SONARR_0_DELETE_DELAY = "${cfg.sonarr.deleteDelay}"; + + # Radarr + UN_RADARR_0_URL = "${cfg.radarr.url}"; + UN_RADARR_0_API_KEY = "${cfg.radarr.apiKey}"; + UN_RADARR_0_PATHS_0 = "${cfg.radarr.paths}"; + UN_RADARR_0_PROTOCOLS = "${cfg.radarr.protocols}"; + UN_RADARR_0_TIMEOUT = "${cfg.radarr.timeout}"; + UN_RADARR_0_DELETE_ORIG = "${toString cfg.radarr.deleteOrginal}"; + UN_RADARR_0_DELETE_DELAY = "${cfg.radarr.deleteDelay}"; + + # Lidarr + UN_LIDARR_0_URL = "${cfg.lidarr.url}"; + UN_LIDARR_0_API_KEY = "${cfg.lidarr.apiKey}"; + UN_LIDARR_0_PATHS_0 = "${cfg.lidarr.paths}"; + UN_LIDARR_0_PROTOCOLS = "${cfg.lidarr.protocols}"; + UN_LIDARR_0_TIMEOUT = "${cfg.lidarr.timeout}"; + UN_LIDARR_0_DELETE_ORIG = "${toString cfg.lidarr.deleteOrginal}"; + UN_LIDARR_0_DELETE_DELAY = "${cfg.lidarr.deleteDelay}"; + + # Readarr + UN_READARR_0_URL = "${cfg.readarr.url}"; + UN_READARR_0_API_KEY = "${cfg.readarr.apiKey}"; + UN_READARR_0_PATHS_0 = "${cfg.readarr.paths}"; + UN_READARR_0_PROTOCOLS = "${cfg.readarr.protocols}"; + UN_READARR_0_TIMEOUT = "${cfg.readarr.timeout}"; + UN_READARR_0_DELETE_ORIG = "${toString cfg.readarr.deleteOrginal}"; + UN_READARR_0_DELETE_DELAY = "${cfg.readarr.deleteDelay}"; + + # Folder + UN_FOLDER_0_PATH = "${cfg.folder.path}"; + UN_FOLDER_0_EXTRACT_PATH = "${cfg.folder.extractPath}"; + UN_FOLDER_0_DELETE_AFTER = "${cfg.folder.deleteAfter}"; + UN_FOLDER_0_DELETE_ORIGINAL = "${toString cfg.folder.deleteOrginal}"; + UN_FOLDER_0_DELETE_FILES = "${toString cfg.folder.deleteFiles}"; + UN_FOLDER_0_MOVE_BACK = "${toString cfg.folder.moveBack}"; + } // cfg.extraConfig; + serviceConfig = { + User = cfg.user; + Group = cfg.group; + Type = "simple"; + Restart = "on-failure"; + ExecStart = "${cfg.package}/bin/unpackerr"; + }; + }; + }; +} diff --git a/common/services/vmagent.nix b/common/services/vmagent.nix new file mode 100644 index 00000000..677b3d1f --- /dev/null +++ b/common/services/vmagent.nix @@ -0,0 +1,114 @@ +{ config, pkgs, lib, ... }: +with lib; +let cfg = config.services.vmagent; +in +{ + options.services.vmagent = { + enable = mkEnableOption "vmagent"; + + user = mkOption { + default = "vmagent"; + type = types.str; + description = '' + User account under which vmagent runs. + ''; + }; + + group = mkOption { + type = types.str; + default = "vmagent"; + description = '' + Group under which vmagent runs. + ''; + }; + + package = mkOption { + default = pkgs.v.vmagent; + defaultText = "pkgs.v.vmagent"; + type = types.package; + description = '' + vmagent package to use. + ''; + }; + + dataDir = mkOption { + type = types.str; + default = "/var/lib/vmagent"; + description = '' + The directory where vmagent stores its data files. + ''; + }; + + remoteWriteUrl = mkOption { + default = "http://localhost:8428/api/v1/write"; + type = types.str; + description = '' + The remote storage endpoint such as VictoriaMetrics + ''; + }; + + prometheusConfig = mkOption { + default = ""; + type = types.str; + example = '' + global: + scrape_interval: 5s + scrape_configs: + - job_name: 'apache' + static_configs: + - targets: ['apache-exporter:9117'] + ''; + description = '' + Config for prometheus style metrics + ''; + }; + + openFirewall = mkOption { + type = types.bool; + default = false; + description = '' + Whether to open the firewall for the default ports. + ''; + }; + }; + + config = mkIf cfg.enable { + # Create group if set to default + users.groups = mkIf (cfg.group == "vmagent") { + vmagent = { }; + }; + + # Create user if set to default + users.users = mkIf (cfg.user == "vmagent") { + vmagent = { + group = cfg.group; + shell = pkgs.bashInteractive; + description = "vmagent Daemon user"; + home = cfg.dataDir; + isSystemUser = true; + }; + }; + + # Open firewall if option is set to do so. + networking.firewall.allowedTCPPorts = mkIf (cfg.openFirewall) [ 8429 ]; + + # The actual service + systemd.services.vmagent = let + prometheusConfig = pkgs.writeText "prometheus.yml" cfg.prometheusConfig; + in { + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + description = "vmagent system service"; + serviceConfig = { + User = cfg.user; + Group = cfg.group; + Type = "simple"; + Restart = "on-failure"; + WorkingDirectory = cfg.dataDir; + ExecStart = "${cfg.package}/bin/vmagent -remoteWrite.url=${cfg.remoteWriteUrl} -promscrape.config=${prometheusConfig}"; + }; + }; + + systemd.tmpfiles.rules = [ "d '${cfg.dataDir}' 0755 ${cfg.user} ${cfg.group} -" ]; + }; +} diff --git a/common/users/default.nix b/common/users/default.nix new file mode 100644 index 00000000..c685da99 --- /dev/null +++ b/common/users/default.nix @@ -0,0 +1,65 @@ +# common/users/default.nix + +# Inputs to this NixOS module, in this case we are +# using `pkgs` so we can have some user specific packages and config +# to configure the root ssh key. +{ config, pkgs, ... }: + +{ + # Setup ZSH to use grml config + programs.zsh = { + enable = true; + enableCompletion = true; + syntaxHighlighting.enable = true; + interactiveShellInit = '' + source "${pkgs.grml-zsh-config}/etc/zsh/zshrc" + source "${pkgs.fzf}/share/fzf/key-bindings.zsh" + source "${pkgs.fzf}/share/fzf/completion.zsh" + eval "$(${pkgs.zoxide}/bin/zoxide init zsh)" + ''; + # otherwise it'll override the grml prompt + promptInit = ""; + }; + + environment.pathsToLink = [ "/share/zsh" ]; + + # Disable sudo prompt for `wheel` users. + security.sudo.wheelNeedsPassword = false; + + # The block that specifies my user account. + users.extraUsers.victor = { + # This account is intended for a non-system user. + isNormalUser = true; + + # My default shell + shell = pkgs.zsh; + + # My SSH keys. + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDC3alaexJkUAi/81weIGGTNrkRf+x0UT0wTWNENOc8bakmgzPg0STopCwHYAHoNHDC1dorVpVfCqWsAx9ta9KOCvqo3BS7rOWlASSna2fejvnNZAy6yzdvWq8Bclg7U40ic8ubnLw7l9nompHk7kzwVN6a6wqVfM5aefEXpaE4rlXu56yF81RR1TaWMnTvD7JMzyeDHt29DPdw+/ivOy3SXC8lUOukQLycNYduBO911gegkKH7mRNrqgYCuV6PF38CZPAhboC0JbpMKsiHInfY6iTrST035JIuVfEG0oRlW7BSsSfafPBlstyvf63mjjCJ13/47PyvkxWB47UYtYUjtQvrlzQtGlxyljyARL6x6RC6WY2Hluej4kWRVrJNRtDZAx+AeYa2jgUeD+RWPUQuXYLXs+0F1A7/y/m3FiuBMpB6neptX/jRY7aI1XDZiO23Pyui0pCsl9c8PQFltwvL1N32miRGhA/2DPhrKgpLRcRNglwRPZSkc+3er1cuUrs= victor@eevee" + "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjJmG5W+uO+KTOmzknOfzkjbCtOCpO9tSxLN2BG6hxCsKPN1U31WDiajeHrZFselpWG80710Ne3wAlWduU3aUTeXdms0N99F7CbIFHXRqU0aEu4FN3WDuv0bRLoc+Ern9V7R4DvtxyNFd66yLzvzfT2/0nudiIkWV6W8qF4W6wJF+/TVTYcwZzVTBfpqUG9LMyMB1e6c0DYISmIGT0Q5s0sb2Hrs5Xa2Q7vgAevHJJzPojGQ+zcK/nHos4/glnDGoj9iyj55zB48LycLxjpFL9GAZfBZPi0SXVRy3gEVPkeger0e4OSumYiEbZhcV3MdtffSIHmq3ehgXi0FyBeMhsw== victor@xirion.net" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMMbdjysLnmwJD5Fs/SjBPstdIQNUxy8zFHP0GlhHMJB victor@bastion" + ]; + + # Make me admin + extraGroups = [ "wheel" ]; + }; + + # Configure the root account + users.extraUsers.root = { + # Allow my SSH keys for logging in as root. + openssh.authorizedKeys.keys = config.users.users.victor.openssh.authorizedKeys.keys; + # Also use zsh for root + shell = pkgs.zsh; + }; + + # Setup packages available everywhere + environment.systemPackages = with pkgs; [ + fzf + git + htop + rsync + neovim + zoxide + ]; +} diff --git a/flake.nix b/flake.nix index b1368ddf..22a47374 100644 --- a/flake.nix +++ b/flake.nix @@ -9,17 +9,15 @@ modules = [ ./hosts/bastion/configuration.nix ]; }; - deploy.nodes.bastion = { + deploy.nodes.bastion = { hostname = "localhost"; fastConnection = true; profiles.system = { user = "root"; path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.bastion; }; - }; - checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; + checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; }; - } diff --git a/hosts/bastion/configuration.nix b/hosts/bastion/configuration.nix index 1edb7464..9cc5e45d 100644 --- a/hosts/bastion/configuration.nix +++ b/hosts/bastion/configuration.nix @@ -6,104 +6,23 @@ { imports = - [ # Include the results of the hardware scan. + [ + ../../common + ../../common/generic-vim.nix + # Include the results of the hardware scan. ./hardware-configuration.nix ]; # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; boot.loader.grub.version = 2; - # boot.loader.grub.efiSupport = true; - # boot.loader.grub.efiInstallAsRemovable = true; - # boot.loader.efi.efiSysMountPoint = "/boot/efi"; - # Define on which hard drive you want to install Grub. boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only networking.hostName = "bastion"; # Define your hostname. - # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # Set your time zone. time.timeZone = "Europe/Amsterdam"; - - # The global useDHCP flag is deprecated, therefore explicitly set to false here. - # Per-interface useDHCP will be mandatory in the future, so this generated config - # replicates the default behaviour. - networking.useDHCP = false; - networking.interfaces.ens18.useDHCP = true; - - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - - # Select internationalisation properties. - # i18n.defaultLocale = "en_US.UTF-8"; - # console = { - # font = "Lat2-Terminus16"; - # keyMap = "us"; - # }; - - # Enable the X11 windowing system. - # services.xserver.enable = true; - -security.sudo.wheelNeedsPassword = false; - - - # Configure keymap in X11 - # services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e"; - - # Enable CUPS to print documents. - # services.printing.enable = true; - - # Enable sound. - # sound.enable = true; - # hardware.pulseaudio.enable = true; - - # Enable touchpad support (enabled default in most desktopManager). - # services.xserver.libinput.enable = true; - - # Define a user account. Don't forget to set a password with ‘passwd’. - # users.users.jane = { - # isNormalUser = true; - # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. - # }; - - # List packages installed in system profile. To search, run: - # $ nix search wget - # environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget - # firefox - # ]; - - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; - - # List services that you want to enable: - - # Enable the OpenSSH daemon. - services.openssh.enable = true; - services.openssh.permitRootLogin = "without-password"; - - #services.openssh.passwordAuthentication = true; - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - #networking.firewall.enable = false; - - environment.systemPackages = with pkgs; [git rsync htop neovim]; - - users.extraUsers.root.openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAiOUE5yEKMXvKMoQJxfAKbLi5GGOQptzUbWuAVIOnQG+AXJetF/D4Qj68X/0LGEEX78aA4Tb4rNa4imv95+I2rRvRcz8U/9sWoSdfzXLT6KjMqW/4+iNGNFEd0jx92HxPU1Sir6rOGWVwxcayEGO4NJXAjE0LvNMN0+4c9TaH4FZ1hLhyjAdkh5KgPP48JbubqI0zf+BlTJJCWDz3MtN9CHn2nERjGRodYHjq3WTwGXyq7o7Tfmko7C0CE2gBuz4f3LJdH2vz+ghkL5vzFnxzq9QgucJoRr+Pjons71L1622ZLFFHsmicJIEofOUgTrwiD5yayijp/izVFdUvUoB20w==" - ]; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave @@ -111,25 +30,4 @@ security.sudo.wheelNeedsPassword = false; # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "21.05"; # Did you read the comment? - - - # Flakes - nix = { - package = pkgs.nixUnstable; - extraOptions = '' - experimental-features = nix-command flakes - ''; - }; - - users.extraUsers.victor = { - isNormalUser = true; - extraGroups = [ "wheel" ]; - openssh.authorizedKeys.keys = [ -"ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAiOUE5yEKMXvKMoQJxfAKbLi5GGOQptzUbWuAVIOnQG+A -XJetF/D4Qj68X/0LGEEX78aA4Tb4rNa4imv95+I2rRvRcz8U/9sWoSdfzXLT6KjMqW/4+iNGNFEd0jx92HxPU1Sir -6rOGWVwxcayEGO4NJXAjE0LvNMN0+4c9TaH4FZ1hLhyjAdkh5KgPP48JbubqI0zf+BlTJJCWDz3MtN9CHn2nERjGR -odYHjq3WTwGXyq7o7Tfmko7C0CE2gBuz4f3LJdH2vz+ghkL5vzFnxzq9QgucJoRr+Pjons71L1622ZLFFHsmicJIE -ofOUgTrwiD5yayijp/izVFdUvUoB20w==" ]; - }; } - -- 2.47.1 From 5dacf51f6aff23a4aeec345d2d03b911032ee20e Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 13 Oct 2021 18:36:55 +0200 Subject: [PATCH 0003/1882] fixed deployment --- common/default.nix | 5 +---- flake.lock | 6 +++--- hosts/bastion/configuration.nix | 2 +- 3 files changed, 5 insertions(+), 8 deletions(-) diff --git a/common/default.nix b/common/default.nix index 9036a33a..e6d82f97 100644 --- a/common/default.nix +++ b/common/default.nix @@ -1,7 +1,4 @@ -# Common/default.nix - -# Inputs for this module, we don't use anything so can be empty. -{ ... }: +{ pkgs, ... }: { imports = [ diff --git a/flake.lock b/flake.lock index 627d1afd..da306925 100644 --- a/flake.lock +++ b/flake.lock @@ -54,11 +54,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1634134746, - "narHash": "sha256-+v03gm5X1obM4XpeTfSFZVE3oaWB6g4LyA/OmdPcg04=", + "lastModified": 1634139026, + "narHash": "sha256-RSRz6cBOkhhXTmhEN7bz3u/DhKoO0P1OWbCEbDFmbi4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "222c332c19761c91aabe119681584c7982c27e04", + "rev": "f1220d72a3a06b0fbac1999b5c8a097d1d10cc0f", "type": "github" }, "original": { diff --git a/hosts/bastion/configuration.nix b/hosts/bastion/configuration.nix index 9cc5e45d..27edd150 100644 --- a/hosts/bastion/configuration.nix +++ b/hosts/bastion/configuration.nix @@ -8,7 +8,7 @@ imports = [ ../../common - ../../common/generic-vim.nix + ../../common/generic-vm.nix # Include the results of the hardware scan. ./hardware-configuration.nix ]; -- 2.47.1 From 8c3e7bd1a234864e08a265a960b09577a65f791b Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Thu, 14 Oct 2021 00:04:24 +0200 Subject: [PATCH 0004/1882] cleaned up config --- hosts/bastion/configuration.nix | 19 ++++++++++++++----- hosts/bastion/hardware-configuration.nix | 9 +++++---- 2 files changed, 19 insertions(+), 9 deletions(-) diff --git a/hosts/bastion/configuration.nix b/hosts/bastion/configuration.nix index 27edd150..5eae66d1 100644 --- a/hosts/bastion/configuration.nix +++ b/hosts/bastion/configuration.nix @@ -7,22 +7,23 @@ { imports = [ - ../../common - ../../common/generic-vm.nix # Include the results of the hardware scan. ./hardware-configuration.nix + # Import common config + ../../common/generic-vm.nix + ../../common ]; # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; boot.loader.grub.version = 2; - boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only + boot.loader.grub.device = "/dev/sda"; - networking.hostName = "bastion"; # Define your hostname. + networking.hostName = "bastion"; # Set your time zone. time.timeZone = "Europe/Amsterdam"; - + # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave @@ -30,4 +31,12 @@ # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "21.05"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ + ripgrep + rsync + tmux + vault + ]; } diff --git a/hosts/bastion/hardware-configuration.nix b/hosts/bastion/hardware-configuration.nix index 1e9cf592..9c5d168d 100644 --- a/hosts/bastion/hardware-configuration.nix +++ b/hosts/bastion/hardware-configuration.nix @@ -5,7 +5,8 @@ { imports = - [ (modulesPath + "/profiles/qemu-guest.nix") + [ + (modulesPath + "/profiles/qemu-guest.nix") ]; boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; @@ -14,12 +15,12 @@ boot.extraModulePackages = [ ]; fileSystems."/" = - { device = "/dev/disk/by-uuid/e8427097-8545-4924-b033-2659fcf9adca"; + { + device = "/dev/disk/by-uuid/e8427097-8545-4924-b033-2659fcf9adca"; fsType = "ext4"; }; swapDevices = - [ { device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; } - ]; + [{ device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; }]; } -- 2.47.1 From 5e407639d5db3cfbe2b67189e30e51b01653991f Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 17 Oct 2021 11:11:52 +0200 Subject: [PATCH 0005/1882] Initial commit --- .gitignore | 33 +++++++++++++++++++++++++++++++++ .terraform.lock.hcl | 23 +++++++++++++++++++++++ main.tf | 12 ++++++++++++ 3 files changed, 68 insertions(+) create mode 100644 .gitignore create mode 100644 .terraform.lock.hcl create mode 100644 main.tf diff --git a/.gitignore b/.gitignore new file mode 100644 index 00000000..d9548c95 --- /dev/null +++ b/.gitignore @@ -0,0 +1,33 @@ +# Local .terraform directories +**/.terraform/* + +# .tfstate files +*.tfstate +*.tfstate.* + +# Crash log files +crash.log + +# Exclude all .tfvars files, which are likely to contain sentitive data, such as +# password, private keys, and other secrets. These should not be part of version +# control as they are data points which are potentially sensitive and subject +# to change depending on the environment. +# +*.tfvars + +# Ignore override files as they are usually used to override resources locally and so +# are not checked in +override.tf +override.tf.json +*_override.tf +*_override.tf.json + +# Include override files you do wish to add to version control using negated pattern +# +# !example_override.tf + +# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan +# example: *tfplan* + +# Ignore CLI configuration files +.terraformrc diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl new file mode 100644 index 00000000..3650d5c7 --- /dev/null +++ b/.terraform.lock.hcl @@ -0,0 +1,23 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/telmate/proxmox" { + version = "2.8.0" + constraints = "2.8.0" + hashes = [ + "h1:RmEhNI5/T73g8+gSqy20MSgszjTquC+srhIflQWlNRE=", + "zh:210fe85f6bdc51196dbda2c12de5fd0ddd597704fc91f5a08346cebd7493ff42", + "zh:360ad867389041aacc3184632e682a068daae20271c51ab31ea49ce77076c31e", + "zh:386243cab8be04b485d9ac7b1cb6d603bc800c0c69453eca0a13e64a69f1c43c", + "zh:3b46ad0d6b517d84dca252ec64df6b9d1ff2d4376ed69fb0679d19f3308756eb", + "zh:3f1a1292da7d2e5d7e67179c26d26fc865f822576d72d6723d299d483a9a0c56", + "zh:41e513e107f692250519f37a3656c6172093e53d037a447228fc5a025e89954f", + "zh:496938004d56eea7c8e4e7401a53fcaabeaa9475aa1b7152787968b5aaae946e", + "zh:6755a0a470c4af9058c9c1f18f0f63fd8d6e6cfa928665beb16dc7043b50b5f1", + "zh:78208afc9d8be564b886ac4f4bc1d8c20a0f7cb2bebdced97622b45e8df0c591", + "zh:a5a40c9a50c5daa095877ab25a86bdf8dbceaf457b81fc8dd02629a50c3b56e1", + "zh:d89d5de3e3716353859d40ecdd75033bc873732989117f9b9baf7a87788c493e", + "zh:e1b20fd36a5fb7587821377c61f92e9e926743f71e381ee54336d0475a23524a", + "zh:f5da99f1a00a9637c8988f2115f84157836627927800628576cfe7b0e53e967e", + ] +} diff --git a/main.tf b/main.tf new file mode 100644 index 00000000..7fa27b2d --- /dev/null +++ b/main.tf @@ -0,0 +1,12 @@ +terraform { + required_providers { + proxmox = { + source = "telmate/proxmox" + version = "2.8.0" + } + } +} + +provider "proxmox" { + pm_api_url = "https://10.42.42.42:8006/api2/json" +} -- 2.47.1 From 120ad6fbeadc2d9a8d66df867960beef67705a88 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 17 Oct 2021 12:04:23 +0200 Subject: [PATCH 0006/1882] added: NixOS Template LXC --- main.tf | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/main.tf b/main.tf index 7fa27b2d..373f8585 100644 --- a/main.tf +++ b/main.tf @@ -9,4 +9,31 @@ terraform { provider "proxmox" { pm_api_url = "https://10.42.42.42:8006/api2/json" + pm_tls_insecure = true } + +# For full info see: https://blog.xirion.net/posts/nixos-proxmox-lxc/ +resource "proxmox_lxc" "nixos-template" { + target_node = "nuc" + description = "NixOS LXC Template" + hostname = "nixos-template" + ostemplate = "local:vztmpl/nixos-unstable-default_156198829_amd64.tar.xz" + ostype = "unmanaged" + unprivileged = true + + features { + nesting = true + } + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + } +} + -- 2.47.1 From 1eccd56d57bebe704db517427456254c740c6c52 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 17 Oct 2021 12:34:50 +0200 Subject: [PATCH 0007/1882] added: Template NixOS config --- hosts/bastion/configuration.nix | 3 --- hosts/template/configuration.nix | 28 ++++++++++++++++++++++++++++ 2 files changed, 28 insertions(+), 3 deletions(-) create mode 100644 hosts/template/configuration.nix diff --git a/hosts/bastion/configuration.nix b/hosts/bastion/configuration.nix index 5eae66d1..60338e44 100644 --- a/hosts/bastion/configuration.nix +++ b/hosts/bastion/configuration.nix @@ -21,9 +21,6 @@ networking.hostName = "bastion"; - # Set your time zone. - time.timeZone = "Europe/Amsterdam"; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/hosts/template/configuration.nix b/hosts/template/configuration.nix new file mode 100644 index 00000000..1cf5e76e --- /dev/null +++ b/hosts/template/configuration.nix @@ -0,0 +1,28 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = + [ + # Import common config + ../../common/generic-lxc.nix + ../../common + ]; + + + networking.hostName = "nixos-template"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.05"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; []; +} -- 2.47.1 From fc3e0b9a7d39d5e26ce4281467cbe6e475c5d12b Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 17 Oct 2021 12:38:16 +0200 Subject: [PATCH 0008/1882] fix: push everything --- flake.nix | 16 ++++++++++++++++ hosts/bastion/configuration.nix | 1 + 2 files changed, 17 insertions(+) diff --git a/flake.nix b/flake.nix index 22a47374..a22cdf94 100644 --- a/flake.nix +++ b/flake.nix @@ -2,6 +2,7 @@ description = "Delft Deployment"; inputs.deploy-rs.url = "github:serokell/deploy-rs"; + inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small"; outputs = { self, nixpkgs, deploy-rs }: { nixosConfigurations.bastion = nixpkgs.lib.nixosSystem { @@ -9,6 +10,11 @@ modules = [ ./hosts/bastion/configuration.nix ]; }; + nixosConfigurations.template = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ ./hosts/template/configuration.nix ]; + }; + deploy.nodes.bastion = { hostname = "localhost"; fastConnection = true; @@ -18,6 +24,16 @@ }; }; + deploy.nodes.template = { + sshUser = "root"; + hostname = "10.42.42.5"; + fastConnection = true; + profiles.system = { + user = "root"; + path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.template; + }; + }; + checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; }; } diff --git a/hosts/bastion/configuration.nix b/hosts/bastion/configuration.nix index 60338e44..988dceba 100644 --- a/hosts/bastion/configuration.nix +++ b/hosts/bastion/configuration.nix @@ -31,6 +31,7 @@ # Additional packages environment.systemPackages = with pkgs; [ + vim ripgrep rsync tmux -- 2.47.1 From d3b5e93217d4f782ce73ed23ed844b5ac0c7d704 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 17 Oct 2021 13:00:47 +0200 Subject: [PATCH 0009/1882] finished template lxc config --- common/generic-lxc.nix | 5 ----- common/users/default.nix | 8 ++++---- flake.lock | 12 +++++++----- flake.nix | 2 +- 4 files changed, 12 insertions(+), 15 deletions(-) diff --git a/common/generic-lxc.nix b/common/generic-lxc.nix index c492b91d..8de709a5 100644 --- a/common/generic-lxc.nix +++ b/common/generic-lxc.nix @@ -1,11 +1,6 @@ { ... }: { # See also: https://blog.xirion.net/posts/nixos-proxmox-lxc/ - # Import nixos lxc config - imports = [ - - ]; - # Supress systemd services that don't work (correctly) on LXC systemd.suppressedSystemUnits = [ "dev-mqueue.mount" diff --git a/common/users/default.nix b/common/users/default.nix index c685da99..e087dd11 100644 --- a/common/users/default.nix +++ b/common/users/default.nix @@ -36,9 +36,9 @@ # My SSH keys. openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDC3alaexJkUAi/81weIGGTNrkRf+x0UT0wTWNENOc8bakmgzPg0STopCwHYAHoNHDC1dorVpVfCqWsAx9ta9KOCvqo3BS7rOWlASSna2fejvnNZAy6yzdvWq8Bclg7U40ic8ubnLw7l9nompHk7kzwVN6a6wqVfM5aefEXpaE4rlXu56yF81RR1TaWMnTvD7JMzyeDHt29DPdw+/ivOy3SXC8lUOukQLycNYduBO911gegkKH7mRNrqgYCuV6PF38CZPAhboC0JbpMKsiHInfY6iTrST035JIuVfEG0oRlW7BSsSfafPBlstyvf63mjjCJ13/47PyvkxWB47UYtYUjtQvrlzQtGlxyljyARL6x6RC6WY2Hluej4kWRVrJNRtDZAx+AeYa2jgUeD+RWPUQuXYLXs+0F1A7/y/m3FiuBMpB6neptX/jRY7aI1XDZiO23Pyui0pCsl9c8PQFltwvL1N32miRGhA/2DPhrKgpLRcRNglwRPZSkc+3er1cuUrs= victor@eevee" - "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjJmG5W+uO+KTOmzknOfzkjbCtOCpO9tSxLN2BG6hxCsKPN1U31WDiajeHrZFselpWG80710Ne3wAlWduU3aUTeXdms0N99F7CbIFHXRqU0aEu4FN3WDuv0bRLoc+Ern9V7R4DvtxyNFd66yLzvzfT2/0nudiIkWV6W8qF4W6wJF+/TVTYcwZzVTBfpqUG9LMyMB1e6c0DYISmIGT0Q5s0sb2Hrs5Xa2Q7vgAevHJJzPojGQ+zcK/nHos4/glnDGoj9iyj55zB48LycLxjpFL9GAZfBZPi0SXVRy3gEVPkeger0e4OSumYiEbZhcV3MdtffSIHmq3ehgXi0FyBeMhsw== victor@xirion.net" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMMbdjysLnmwJD5Fs/SjBPstdIQNUxy8zFHP0GlhHMJB victor@bastion" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOFuxekX5WzX4GjbshtjaGyQcvMUgClugnK6T+OYIxw9 victor@null" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8llUcEBHsLqotFZc++LNP2fjItuuzeUsu5ObXecYNj victor@eevee" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBhJAp7NWlHgwDYd2z6VNROy5RkeZHRINFLsFvwT4b3 victor@bastion" ]; # Make me admin @@ -59,7 +59,7 @@ git htop rsync - neovim + vim zoxide ]; } diff --git a/flake.lock b/flake.lock index da306925..fd94c0ff 100644 --- a/flake.lock +++ b/flake.lock @@ -54,16 +54,18 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1634139026, - "narHash": "sha256-RSRz6cBOkhhXTmhEN7bz3u/DhKoO0P1OWbCEbDFmbi4=", + "lastModified": 1634384442, + "narHash": "sha256-MhfbUuaFVKH8tX33YeSPu0wQGeK9qDJY+4J3qT8VTSo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f1220d72a3a06b0fbac1999b5c8a097d1d10cc0f", + "rev": "0478f8b360288a4be8c71bf11e42fcaf09b8b773", "type": "github" }, "original": { - "id": "nixpkgs", - "type": "indirect" + "owner": "NixOS", + "ref": "nixos-unstable-small", + "repo": "nixpkgs", + "type": "github" } }, "root": { diff --git a/flake.nix b/flake.nix index a22cdf94..00c31f48 100644 --- a/flake.nix +++ b/flake.nix @@ -12,7 +12,7 @@ nixosConfigurations.template = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; - modules = [ ./hosts/template/configuration.nix ]; + modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/template/configuration.nix ]; }; deploy.nodes.bastion = { -- 2.47.1 From 18ec1212b3429de0616c906669d7ecdd69625065 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 17 Oct 2021 15:14:29 +0200 Subject: [PATCH 0010/1882] deploy vault node --- .terraform.lock.hcl | 10 ++++++++-- main.tf | 30 ++++++++++++++++++++++++++++-- 2 files changed, 36 insertions(+), 4 deletions(-) diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl index 3650d5c7..31231a0d 100644 --- a/.terraform.lock.hcl +++ b/.terraform.lock.hcl @@ -1,9 +1,15 @@ # This file is maintained automatically by "terraform init". # Manual edits may be lost in future updates. +provider "registry.example.com/telmate/proxmox" { + version = "9.9.9" + hashes = [ + "h1:BnhIwXbxNF0NLvXes4/WiLGEldeU5UZWlLg3vrO/kog=", + ] +} + provider "registry.terraform.io/telmate/proxmox" { - version = "2.8.0" - constraints = "2.8.0" + version = "2.8.0" hashes = [ "h1:RmEhNI5/T73g8+gSqy20MSgszjTquC+srhIflQWlNRE=", "zh:210fe85f6bdc51196dbda2c12de5fd0ddd597704fc91f5a08346cebd7493ff42", diff --git a/main.tf b/main.tf index 373f8585..f1d640ed 100644 --- a/main.tf +++ b/main.tf @@ -1,8 +1,7 @@ terraform { required_providers { proxmox = { - source = "telmate/proxmox" - version = "2.8.0" + source = "registry.example.com/telmate/proxmox" } } } @@ -20,6 +19,10 @@ resource "proxmox_lxc" "nixos-template" { ostemplate = "local:vztmpl/nixos-unstable-default_156198829_amd64.tar.xz" ostype = "unmanaged" unprivileged = true + vmid = "101" + template = true + + memory = 1024 features { nesting = true @@ -34,6 +37,29 @@ resource "proxmox_lxc" "nixos-template" { name = "eth0" bridge = "vmbr0" ip = "dhcp" + hwaddr = "22:D7:C1:FF:9D:5F" } } +resource "proxmox_lxc" "vault" { + target_node = "nuc" + description = "Vault Secrets Management" + hostname = "vault" + unprivileged = true + vmid = "102" + clone = "101" + + memory = 1024 + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + hwaddr = "16:2B:87:55:0C:0C" + } +} -- 2.47.1 From 41adab8a705d6b62a990ecb2174abeb317ab8e0e Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 17 Oct 2021 15:14:53 +0200 Subject: [PATCH 0011/1882] Deploy vault node --- flake.nix | 11 +++++------ hosts/{template => vault}/configuration.nix | 2 +- 2 files changed, 6 insertions(+), 7 deletions(-) rename hosts/{template => vault}/configuration.nix (95%) diff --git a/flake.nix b/flake.nix index 00c31f48..c2dbebd2 100644 --- a/flake.nix +++ b/flake.nix @@ -10,9 +10,9 @@ modules = [ ./hosts/bastion/configuration.nix ]; }; - nixosConfigurations.template = nixpkgs.lib.nixosSystem { + nixosConfigurations.vault = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; - modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/template/configuration.nix ]; + modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/vault/configuration.nix ]; }; deploy.nodes.bastion = { @@ -24,13 +24,12 @@ }; }; - deploy.nodes.template = { - sshUser = "root"; - hostname = "10.42.42.5"; + deploy.nodes.vault = { + hostname = "10.42.42.6"; fastConnection = true; profiles.system = { user = "root"; - path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.template; + path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.vault; }; }; diff --git a/hosts/template/configuration.nix b/hosts/vault/configuration.nix similarity index 95% rename from hosts/template/configuration.nix rename to hosts/vault/configuration.nix index 1cf5e76e..61949b08 100644 --- a/hosts/template/configuration.nix +++ b/hosts/vault/configuration.nix @@ -13,7 +13,7 @@ ]; - networking.hostName = "nixos-template"; + networking.hostName = "vault"; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions -- 2.47.1 From 7a9316438132a6ecadce5d08f50c141aa70d4370 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 17 Oct 2021 15:17:35 +0200 Subject: [PATCH 0012/1882] update nixpkgs --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index fd94c0ff..6197c091 100644 --- a/flake.lock +++ b/flake.lock @@ -54,11 +54,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1634384442, - "narHash": "sha256-MhfbUuaFVKH8tX33YeSPu0wQGeK9qDJY+4J3qT8VTSo=", + "lastModified": 1634464758, + "narHash": "sha256-JHIo7avIOF6AIRg06BfUuwPbsUJjNcI0++j7vg2j6LI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0478f8b360288a4be8c71bf11e42fcaf09b8b773", + "rev": "06bc193d23e65790f4c37b88d33ddee3363802f6", "type": "github" }, "original": { -- 2.47.1 From 08d203af04ef519ad74ebaa8345e97e0c2b1a424 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 17 Oct 2021 16:00:17 +0200 Subject: [PATCH 0013/1882] configure vault --- hosts/vault/configuration.nix | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/hosts/vault/configuration.nix b/hosts/vault/configuration.nix index 61949b08..c061b752 100644 --- a/hosts/vault/configuration.nix +++ b/hosts/vault/configuration.nix @@ -25,4 +25,19 @@ # Additional packages environment.systemPackages = with pkgs; []; + + # Vault + networking.firewall.allowedTCPPorts = [ 8200 ]; + + services.vault = { + enable = true; + # bin version includes the UI + package = pkgs.vault-bin; + address = "0.0.0.0:8200"; + storageBackend = "file"; + storagePath = "/var/lib/vault"; + extraConfig = '' + ui = true + ''; + }; } -- 2.47.1 From f9d1498a3c47746d1557451661006a877fd1f8ac Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 17 Oct 2021 16:36:51 +0200 Subject: [PATCH 0014/1882] configure vault provider --- .terraform.lock.hcl | 19 +++++++++++++++++++ main.tf | 12 +++--------- vault.tf | 9 +++++++++ version.tf | 12 ++++++++++++ 4 files changed, 43 insertions(+), 9 deletions(-) create mode 100644 vault.tf create mode 100644 version.tf diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl index 31231a0d..274cfbbb 100644 --- a/.terraform.lock.hcl +++ b/.terraform.lock.hcl @@ -8,6 +8,25 @@ provider "registry.example.com/telmate/proxmox" { ] } +provider "registry.terraform.io/hashicorp/vault" { + version = "2.24.1" + constraints = "2.24.1" + hashes = [ + "h1:MUzJ+jOOPBoyGNWGjESE+t2rIjTobw08Y73jgU+d+EU=", + "zh:1968be03bbc83c9f512a60f0a018cb0cf4c9a4a0f9e606f9a7436ae06108200f", + "zh:23ef25b530dcf2f60692e261d2a56c112138d79a739f2c720bee818cf040a20f", + "zh:2b80879cf8110254eeeb55b36ce542e9cdaefc047d450368ff0ca631b29d41d6", + "zh:3d803047407a4e7ccb51cd88b38648e50517e70b97842ae1262b5c5a92eb8ede", + "zh:7edfd0323a839903e7fc5f45acce8dd61c43b356c09016e1bd43d6880bd82be6", + "zh:7efa2c6d1d0bac9478adb27fc68035ca9dc2107dae55d921a760a8ad237eb691", + "zh:a1f9d34e2ac8b3a3d177faef4f11690068919ef7d73256def6685cfd9282f83d", + "zh:a6c34746e0085ae49e3845fc58597d2d5778fcb2136fedb413b3e30ba77dd2bd", + "zh:a73eb4bc061b5babd7ea4d5f3f85f4b4c6d379982098411a29a7d7459fc37ab2", + "zh:aadecf464ead4ae30821495d8181e842c18a2537c018245509a96532eeaf7678", + "zh:e3ae8c48804065fa4f85095002f945adbd5cd3966c0b1afced7d839007586105", + ] +} + provider "registry.terraform.io/telmate/proxmox" { version = "2.8.0" hashes = [ diff --git a/main.tf b/main.tf index f1d640ed..32ce7cb2 100644 --- a/main.tf +++ b/main.tf @@ -1,13 +1,7 @@ -terraform { - required_providers { - proxmox = { - source = "registry.example.com/telmate/proxmox" - } - } -} - provider "proxmox" { pm_api_url = "https://10.42.42.42:8006/api2/json" + pm_user = data.vault_generic_secret.proxmox_auth.data["user"] + pm_password = data.vault_generic_secret.proxmox_auth.data["pass"] pm_tls_insecure = true } @@ -45,7 +39,7 @@ resource "proxmox_lxc" "vault" { target_node = "nuc" description = "Vault Secrets Management" hostname = "vault" - unprivileged = true + unprivileged = false # needed for mlock vmid = "102" clone = "101" diff --git a/vault.tf b/vault.tf new file mode 100644 index 00000000..73d2d7d9 --- /dev/null +++ b/vault.tf @@ -0,0 +1,9 @@ +provider "vault" { + address = "http://10.42.42.6:8200" + skip_tls_verify = true +} + +# Proxmox authentication for terraform +data "vault_generic_secret" "proxmox_auth" { + path = "secrets/proxmox/terraform_auth" +} diff --git a/version.tf b/version.tf new file mode 100644 index 00000000..7905084e --- /dev/null +++ b/version.tf @@ -0,0 +1,12 @@ +terraform { + required_providers { + proxmox = { + # Locally installed from git repo for LXC cloning support + source = "registry.example.com/telmate/proxmox" + } + vault = { + source = "hashicorp/vault" + version = "2.24.1" + } + } +} -- 2.47.1 From 44cecdb12d6321e44a79fcb59e31a7f7ff41cd05 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 17 Oct 2021 21:02:10 +0200 Subject: [PATCH 0015/1882] deployed k3s-node1 --- main.tf | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/main.tf b/main.tf index 32ce7cb2..1e5b9177 100644 --- a/main.tf +++ b/main.tf @@ -57,3 +57,30 @@ resource "proxmox_lxc" "vault" { hwaddr = "16:2B:87:55:0C:0C" } } + +resource "proxmox_vm_qemu" "k3s-node1" { + name = "k3s-node1" + target_node = "nuc" + vmid = 103 + clone = "bastion" + + memory = 2048 + cores = 4 + + agent = 1 + define_connection_info = false + boot = "order=scsi0;ide2;net0" + + network { + model = "virtio" + macaddr = "2E:F8:55:23:D9:9B" + bridge = "vmbr0" + } + + disk { + type = "scsi" + storage = "local-zfs" + size = "64G" + ssd = 1 + } +} -- 2.47.1 From b5c246468e75fb7859f88ae3854dddb6d7cf0232 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 17 Oct 2021 21:02:20 +0200 Subject: [PATCH 0016/1882] deployed k3s-node1 --- flake.nix | 14 +++++++++++ hosts/k3s/configuration.nix | 36 ++++++++++++++++++++++++++++ hosts/k3s/hardware-configuration.nix | 26 ++++++++++++++++++++ hosts/vault/configuration.nix | 1 + 4 files changed, 77 insertions(+) create mode 100644 hosts/k3s/configuration.nix create mode 100644 hosts/k3s/hardware-configuration.nix diff --git a/flake.nix b/flake.nix index c2dbebd2..b59723a5 100644 --- a/flake.nix +++ b/flake.nix @@ -10,6 +10,11 @@ modules = [ ./hosts/bastion/configuration.nix ]; }; + nixosConfigurations.k3s = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ ./hosts/k3s/configuration.nix ]; + }; + nixosConfigurations.vault = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/vault/configuration.nix ]; @@ -24,6 +29,15 @@ }; }; + deploy.nodes.k3s-node1 = { + hostname = "10.42.42.10"; + fastConnection = true; + profiles.system = { + user = "root"; + path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.k3s; + }; + }; + deploy.nodes.vault = { hostname = "10.42.42.6"; fastConnection = true; diff --git a/hosts/k3s/configuration.nix b/hosts/k3s/configuration.nix new file mode 100644 index 00000000..e75bb297 --- /dev/null +++ b/hosts/k3s/configuration.nix @@ -0,0 +1,36 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = + [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + # Import common config + ../../common/generic-vm.nix + ../../common + ]; + + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.device = "/dev/sda"; + + networking.hostName = "k3s-node1"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.05"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ + vim + ]; +} diff --git a/hosts/k3s/hardware-configuration.nix b/hosts/k3s/hardware-configuration.nix new file mode 100644 index 00000000..9c5d168d --- /dev/null +++ b/hosts/k3s/hardware-configuration.nix @@ -0,0 +1,26 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { + device = "/dev/disk/by-uuid/e8427097-8545-4924-b033-2659fcf9adca"; + fsType = "ext4"; + }; + + swapDevices = + [{ device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; }]; + +} diff --git a/hosts/vault/configuration.nix b/hosts/vault/configuration.nix index c061b752..6ba1188b 100644 --- a/hosts/vault/configuration.nix +++ b/hosts/vault/configuration.nix @@ -37,6 +37,7 @@ storageBackend = "file"; storagePath = "/var/lib/vault"; extraConfig = '' + api_addr = "10.42.42.6:8200" ui = true ''; }; -- 2.47.1 From 13e3ccb7b0cc30be175e9488adf4a1abaddfafde Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 17 Oct 2021 21:26:38 +0200 Subject: [PATCH 0017/1882] enable k3s --- hosts/k3s/configuration.nix | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/hosts/k3s/configuration.nix b/hosts/k3s/configuration.nix index e75bb297..0d13a034 100644 --- a/hosts/k3s/configuration.nix +++ b/hosts/k3s/configuration.nix @@ -31,6 +31,28 @@ # Additional packages environment.systemPackages = with pkgs; [ + iptables vim ]; + + # Disable the firewall + networking.firewall.enable = false; + + # Force-enable Cgroupv2 + systemd.enableUnifiedCgroupHierarchy = lib.mkForce true; + + # Ensure `mount` and `grep` are available + systemd.services.k3s.path = [ pkgs.gnugrep pkgs.utillinux ]; + + services.k3s = { + enable = true; + role = "server"; + + extraFlags = builtins.toString [ + "--data-dir=/var/lib/k3s" # Set data dir to var lib + "--cluster-init" # Enable embedded etcd + "--disable=servicelb" # disable servicelb + "--no-deploy=traefik" # we want to configure traefik ourselves (or use nginx instead) + ]; + }; } -- 2.47.1 From 40166f0c26c7f50ceacf1c9e0b1e1f7d17d44856 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 17 Oct 2021 23:34:05 +0200 Subject: [PATCH 0018/1882] added rg fzf --- common/users/default.nix | 4 +++- hosts/k3s/configuration.nix | 26 +++++++++++--------------- 2 files changed, 14 insertions(+), 16 deletions(-) diff --git a/common/users/default.nix b/common/users/default.nix index e087dd11..459cce48 100644 --- a/common/users/default.nix +++ b/common/users/default.nix @@ -13,6 +13,7 @@ syntaxHighlighting.enable = true; interactiveShellInit = '' source "${pkgs.grml-zsh-config}/etc/zsh/zshrc" + export FZF_DEFAULT_COMMAND="${pkgs.ripgrep}/bin/rg --files --follow" source "${pkgs.fzf}/share/fzf/key-bindings.zsh" source "${pkgs.fzf}/share/fzf/completion.zsh" eval "$(${pkgs.zoxide}/bin/zoxide init zsh)" @@ -20,7 +21,7 @@ # otherwise it'll override the grml prompt promptInit = ""; }; - + environment.pathsToLink = [ "/share/zsh" ]; # Disable sudo prompt for `wheel` users. @@ -59,6 +60,7 @@ git htop rsync + ripgrep vim zoxide ]; diff --git a/hosts/k3s/configuration.nix b/hosts/k3s/configuration.nix index 0d13a034..6a9bd9b7 100644 --- a/hosts/k3s/configuration.nix +++ b/hosts/k3s/configuration.nix @@ -1,9 +1,4 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - { config, pkgs, ... }: - { imports = [ @@ -35,24 +30,25 @@ vim ]; - # Disable the firewall + # Disable the firewall as we need all the ports networking.firewall.enable = false; # Force-enable Cgroupv2 systemd.enableUnifiedCgroupHierarchy = lib.mkForce true; - # Ensure `mount` and `grep` are available + # Ensure `mount` and `grep` are available systemd.services.k3s.path = [ pkgs.gnugrep pkgs.utillinux ]; + # Enable k3s as a master node services.k3s = { - enable = true; - role = "server"; + enable = true; + role = "server"; - extraFlags = builtins.toString [ - "--data-dir=/var/lib/k3s" # Set data dir to var lib - "--cluster-init" # Enable embedded etcd - "--disable=servicelb" # disable servicelb - "--no-deploy=traefik" # we want to configure traefik ourselves (or use nginx instead) - ]; + extraFlags = builtins.toString [ + "--data-dir=/var/lib/k3s" # Set data dir to var lib + "--cluster-init" # Enable embedded etcd + "--disable=servicelb" # disable servicelb + "--no-deploy=traefik" # we want to configure traefik ourselves (or use nginx instead) + ]; }; } -- 2.47.1 From 1508e6a45c6daf78354e853c59568334821b2dbd Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 17 Oct 2021 23:34:40 +0200 Subject: [PATCH 0019/1882] fix k3s deployment --- hosts/k3s/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/k3s/configuration.nix b/hosts/k3s/configuration.nix index 6a9bd9b7..5fa03fa5 100644 --- a/hosts/k3s/configuration.nix +++ b/hosts/k3s/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ config, pkgs, lib, ... }: { imports = [ -- 2.47.1 From e4c23d01bc95a86d0354286d9789f1f391887d8d Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 17 Oct 2021 23:38:49 +0200 Subject: [PATCH 0020/1882] more ram for k3s --- main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/main.tf b/main.tf index 1e5b9177..248b227c 100644 --- a/main.tf +++ b/main.tf @@ -44,7 +44,7 @@ resource "proxmox_lxc" "vault" { clone = "101" memory = 1024 - + rootfs { storage = "local-zfs" size = "8G" @@ -64,7 +64,7 @@ resource "proxmox_vm_qemu" "k3s-node1" { vmid = 103 clone = "bastion" - memory = 2048 + memory = 8192 cores = 4 agent = 1 -- 2.47.1 From 79c0ea4bcb4c252c265d94dc909c41a32ea1e4c6 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Mon, 18 Oct 2021 18:53:54 +0200 Subject: [PATCH 0021/1882] deploy mosquitto --- main.tf | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 248b227c..9628e1f2 100644 --- a/main.tf +++ b/main.tf @@ -58,6 +58,28 @@ resource "proxmox_lxc" "vault" { } } +resource "proxmox_lxc" "mosquitto" { + target_node = "nuc" + description = "mosquitto mqtt broker" + hostname = "mosquitto" + vmid = 104 + clone = 101 + + memory = 1024 + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + hwaddr = "C6:F9:8B:3D:9E:37" + } +} + resource "proxmox_vm_qemu" "k3s-node1" { name = "k3s-node1" target_node = "nuc" @@ -68,7 +90,6 @@ resource "proxmox_vm_qemu" "k3s-node1" { cores = 4 agent = 1 - define_connection_info = false boot = "order=scsi0;ide2;net0" network { -- 2.47.1 From 4c65c14ee8bd7042679f6e82837bd58ba88de52b Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Mon, 18 Oct 2021 18:54:07 +0200 Subject: [PATCH 0022/1882] deploy mosquitto --- flake.nix | 14 ++++++++++++++ hosts/mosquitto/configuration.nix | 27 +++++++++++++++++++++++++++ 2 files changed, 41 insertions(+) create mode 100644 hosts/mosquitto/configuration.nix diff --git a/flake.nix b/flake.nix index b59723a5..b12a0a9f 100644 --- a/flake.nix +++ b/flake.nix @@ -20,6 +20,11 @@ modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/vault/configuration.nix ]; }; + nixosConfigurations.mosquitto = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/mosquitto/configuration.nix ]; + }; + deploy.nodes.bastion = { hostname = "localhost"; fastConnection = true; @@ -47,6 +52,15 @@ }; }; + deploy.nodes.mosquitto = { + hostname = "10.42.42.7"; + fastConnection = true; + profiles.system = { + user = "root"; + path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.mosquitto; + }; + }; + checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; }; } diff --git a/hosts/mosquitto/configuration.nix b/hosts/mosquitto/configuration.nix new file mode 100644 index 00000000..c1ff6529 --- /dev/null +++ b/hosts/mosquitto/configuration.nix @@ -0,0 +1,27 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = + [ + # Import common config + ../../common/generic-lxc.nix + ../../common + ]; + + networking.hostName = "mosquitto"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.05"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; []; +} -- 2.47.1 From 35a60ad122665c55916a90667254c52165c73cf7 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Mon, 18 Oct 2021 18:58:24 +0200 Subject: [PATCH 0023/1882] enable mosquitto --- hosts/mosquitto/configuration.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/hosts/mosquitto/configuration.nix b/hosts/mosquitto/configuration.nix index c1ff6529..4abab28f 100644 --- a/hosts/mosquitto/configuration.nix +++ b/hosts/mosquitto/configuration.nix @@ -24,4 +24,11 @@ # Additional packages environment.systemPackages = with pkgs; []; + + services.mosquitto = { + enable = true; + port = 1883; + }; + + networking.firewall.allowedTCPPorts = [ config.services.mosquitto.port ]; } -- 2.47.1 From 7fe56e78ea00ce1805d8d6e93626aca0aee22234 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 18 Oct 2021 19:23:34 +0200 Subject: [PATCH 0024/1882] fixed mosquitto config --- hosts/mosquitto/configuration.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/hosts/mosquitto/configuration.nix b/hosts/mosquitto/configuration.nix index 4abab28f..828b5d2d 100644 --- a/hosts/mosquitto/configuration.nix +++ b/hosts/mosquitto/configuration.nix @@ -26,8 +26,15 @@ environment.systemPackages = with pkgs; []; services.mosquitto = { + users = { + victor = { + acl = ["topic readwrite #"]; + }; + }; enable = true; port = 1883; + host = "0.0.0.0"; + allowAnonymous = true; }; networking.firewall.allowedTCPPorts = [ config.services.mosquitto.port ]; -- 2.47.1 From 913213e22849073ba7d6fcd7d59ab25a6357e4f0 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Mon, 18 Oct 2021 20:45:12 +0200 Subject: [PATCH 0025/1882] enable zigbee2mqtt --- flake.nix | 2 +- hosts/mosquitto/configuration.nix | 22 ++++++++++++++++++++++ 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index b12a0a9f..686febbe 100644 --- a/flake.nix +++ b/flake.nix @@ -26,7 +26,7 @@ }; deploy.nodes.bastion = { - hostname = "localhost"; + hostname = "10.42.42.4"; fastConnection = true; profiles.system = { user = "root"; diff --git a/hosts/mosquitto/configuration.nix b/hosts/mosquitto/configuration.nix index 828b5d2d..0ee6eb24 100644 --- a/hosts/mosquitto/configuration.nix +++ b/hosts/mosquitto/configuration.nix @@ -30,6 +30,9 @@ victor = { acl = ["topic readwrite #"]; }; + zigbee2mqtt = { + acl = ["topic readwrite #"]; + }; }; enable = true; port = 1883; @@ -37,5 +40,24 @@ allowAnonymous = true; }; + services.zigbee2mqtt = { + enable = true; + dataDir = "/var/lib/zigbee2mqtt"; + settings = { + homeassistant = false; + permit_join = true; + + serial = { + port = "/dev/ttyUSB0"; + }; + + mqtt = { + base_topic = "zigbee2mqtt"; + server = "mqtt://localhost:${toString config.services.mosquitto.port}"; + user = "zigbee2mqtt"; + }; + }; + }; + networking.firewall.allowedTCPPorts = [ config.services.mosquitto.port ]; } -- 2.47.1 From 605d9d6b5415007882a0911076bc732e6048a7be Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Mon, 18 Oct 2021 21:09:55 +0200 Subject: [PATCH 0026/1882] topic readwrite # --- hosts/mosquitto/configuration.nix | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/hosts/mosquitto/configuration.nix b/hosts/mosquitto/configuration.nix index 0ee6eb24..81d773c3 100644 --- a/hosts/mosquitto/configuration.nix +++ b/hosts/mosquitto/configuration.nix @@ -26,18 +26,13 @@ environment.systemPackages = with pkgs; []; services.mosquitto = { - users = { - victor = { - acl = ["topic readwrite #"]; - }; - zigbee2mqtt = { - acl = ["topic readwrite #"]; - }; - }; + users = {}; enable = true; + port = 1883; host = "0.0.0.0"; allowAnonymous = true; + aclExtraConf = "topic readwrite #"; }; services.zigbee2mqtt = { -- 2.47.1 From 8e494833f4d26edc67a522ab77cb5bc4724d8d17 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Mon, 18 Oct 2021 21:37:56 +0200 Subject: [PATCH 0027/1882] zigbee2mqtt: enable home assistant --- hosts/mosquitto/configuration.nix | 12 +++++++-- hosts/vault.1/configuration.nix | 44 +++++++++++++++++++++++++++++++ 2 files changed, 54 insertions(+), 2 deletions(-) create mode 100644 hosts/vault.1/configuration.nix diff --git a/hosts/mosquitto/configuration.nix b/hosts/mosquitto/configuration.nix index 81d773c3..dfd29b8b 100644 --- a/hosts/mosquitto/configuration.nix +++ b/hosts/mosquitto/configuration.nix @@ -26,11 +26,19 @@ environment.systemPackages = with pkgs; []; services.mosquitto = { - users = {}; + users = { + victor = { + acl = ["topic readwrite #"]; + }; + zigbee2mqtt = { + acl = ["topic readwrite #"]; + }; + }; enable = true; port = 1883; host = "0.0.0.0"; + allowAnonymous = true; aclExtraConf = "topic readwrite #"; }; @@ -39,7 +47,7 @@ enable = true; dataDir = "/var/lib/zigbee2mqtt"; settings = { - homeassistant = false; + homeassistant = true; permit_join = true; serial = { diff --git a/hosts/vault.1/configuration.nix b/hosts/vault.1/configuration.nix new file mode 100644 index 00000000..6ba1188b --- /dev/null +++ b/hosts/vault.1/configuration.nix @@ -0,0 +1,44 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = + [ + # Import common config + ../../common/generic-lxc.nix + ../../common + ]; + + + networking.hostName = "vault"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.05"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; []; + + # Vault + networking.firewall.allowedTCPPorts = [ 8200 ]; + + services.vault = { + enable = true; + # bin version includes the UI + package = pkgs.vault-bin; + address = "0.0.0.0:8200"; + storageBackend = "file"; + storagePath = "/var/lib/vault"; + extraConfig = '' + api_addr = "10.42.42.6:8200" + ui = true + ''; + }; +} -- 2.47.1 From 914594651bbf8d57ee6b121cbc341fe27dee310b Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Mon, 18 Oct 2021 23:26:26 +0200 Subject: [PATCH 0028/1882] nginx: init --- flake.nix | 14 ++++++++++++ hosts/{vault.1 => nginx}/configuration.nix | 25 +++++++++++----------- 2 files changed, 26 insertions(+), 13 deletions(-) rename hosts/{vault.1 => nginx}/configuration.nix (75%) diff --git a/flake.nix b/flake.nix index 686febbe..77fb9840 100644 --- a/flake.nix +++ b/flake.nix @@ -25,6 +25,11 @@ modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/mosquitto/configuration.nix ]; }; + nixosConfigurations.nginx = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/nginx/configuration.nix ]; + }; + deploy.nodes.bastion = { hostname = "10.42.42.4"; fastConnection = true; @@ -61,6 +66,15 @@ }; }; + deploy.nodes.nginx = { + hostname = "10.42.42.9"; + fastConnection = true; + profiles.system = { + user = "root"; + path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.nginx; + }; + }; + checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; }; } diff --git a/hosts/vault.1/configuration.nix b/hosts/nginx/configuration.nix similarity index 75% rename from hosts/vault.1/configuration.nix rename to hosts/nginx/configuration.nix index 6ba1188b..a78c08d8 100644 --- a/hosts/vault.1/configuration.nix +++ b/hosts/nginx/configuration.nix @@ -26,19 +26,18 @@ # Additional packages environment.systemPackages = with pkgs; []; - # Vault - networking.firewall.allowedTCPPorts = [ 8200 ]; - - services.vault = { + services.nginx = { enable = true; - # bin version includes the UI - package = pkgs.vault-bin; - address = "0.0.0.0:8200"; - storageBackend = "file"; - storagePath = "/var/lib/vault"; - extraConfig = '' - api_addr = "10.42.42.6:8200" - ui = true - ''; + recommendedProxySettings = true; + recommendedTlsSettings = true; + + virtualHosts."ha.0x76.dev" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://10.42.42.8:8123/"; + proxyWebsockets = true; + }; + }; }; } -- 2.47.1 From a93b14bb6914af51cc199726f9a493e46470c244 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Mon, 18 Oct 2021 23:31:35 +0200 Subject: [PATCH 0029/1882] nginx: acme settings --- hosts/nginx/configuration.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hosts/nginx/configuration.nix b/hosts/nginx/configuration.nix index a78c08d8..67946710 100644 --- a/hosts/nginx/configuration.nix +++ b/hosts/nginx/configuration.nix @@ -40,4 +40,6 @@ }; }; }; + + security.acme.email = "victorheld12@gmail.com"; } -- 2.47.1 From eeedacfa9e139f6e9fba865309a8229228efc86a Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Mon, 18 Oct 2021 23:32:11 +0200 Subject: [PATCH 0030/1882] nginx: acme settings --- hosts/nginx/configuration.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/nginx/configuration.nix b/hosts/nginx/configuration.nix index 67946710..2b352eff 100644 --- a/hosts/nginx/configuration.nix +++ b/hosts/nginx/configuration.nix @@ -42,4 +42,5 @@ }; security.acme.email = "victorheld12@gmail.com"; + security.acme.acceptTerms = true; } -- 2.47.1 From 95d1522bccd1c37c87bda550394ec322d68d84e2 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 19 Oct 2021 02:02:35 +0200 Subject: [PATCH 0031/1882] nginx: fix up --- hosts/nginx/configuration.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/hosts/nginx/configuration.nix b/hosts/nginx/configuration.nix index 2b352eff..6137c15c 100644 --- a/hosts/nginx/configuration.nix +++ b/hosts/nginx/configuration.nix @@ -13,7 +13,7 @@ ]; - networking.hostName = "vault"; + networking.hostName = "nginx"; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions @@ -26,6 +26,8 @@ # Additional packages environment.systemPackages = with pkgs; []; + networking.firewall.allowedTCPPorts = [ 80 443 ]; + services.nginx = { enable = true; recommendedProxySettings = true; -- 2.47.1 From c7312a68b5ac771364239cab4eab8dfb0a61c00b Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Tue, 19 Oct 2021 02:02:56 +0200 Subject: [PATCH 0032/1882] nginx: deploy --- main.tf | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/main.tf b/main.tf index 9628e1f2..39ecfe80 100644 --- a/main.tf +++ b/main.tf @@ -80,6 +80,28 @@ resource "proxmox_lxc" "mosquitto" { } } +resource "proxmox_lxc" "nginx" { + target_node = "nuc" + description = "nginx reverse proxy" + hostname = "nginx" + vmid = 106 + clone = 101 + + memory = 512 + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + hwaddr = "6A:C2:89:85:CF:A6" + } +} + resource "proxmox_vm_qemu" "k3s-node1" { name = "k3s-node1" target_node = "nuc" -- 2.47.1 From f431bcd53cdb3be4e1c0b940968fb53519357751 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 19 Oct 2021 21:21:42 +0200 Subject: [PATCH 0033/1882] bastion: add kube tools --- flake.lock | 6 +++--- hosts/bastion/configuration.nix | 12 +++++++++++- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index 6197c091..6ad1d499 100644 --- a/flake.lock +++ b/flake.lock @@ -54,11 +54,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1634464758, - "narHash": "sha256-JHIo7avIOF6AIRg06BfUuwPbsUJjNcI0++j7vg2j6LI=", + "lastModified": 1634638999, + "narHash": "sha256-4TWC/3iXsMqTDUu2MJSaCn4xGJpBnlDR+/SL/Aaz2XU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "06bc193d23e65790f4c37b88d33ddee3363802f6", + "rev": "a323570a264da96a0b0bcc1c9aa017794acdc752", "type": "github" }, "original": { diff --git a/hosts/bastion/configuration.nix b/hosts/bastion/configuration.nix index 988dceba..ca7c418d 100644 --- a/hosts/bastion/configuration.nix +++ b/hosts/bastion/configuration.nix @@ -31,10 +31,20 @@ # Additional packages environment.systemPackages = with pkgs; [ - vim + fluxcd + k9s + kubectl + kubectx + nodejs-14_x ripgrep rsync tmux vault + vim ]; + + programs.gnupg.agent = { + enable = true; + pinentryFlavor = "curses"; + }; } -- 2.47.1 From 4c574117b4144eae2e8e56229bec22dea122c9a2 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sat, 23 Oct 2021 12:54:20 +0200 Subject: [PATCH 0034/1882] updated proxmox-terraform to 2.9.0 --- .terraform.lock.hcl | 38 ++++++++++++++++---------------------- main.tf | 3 +++ version.tf | 4 ++-- 3 files changed, 21 insertions(+), 24 deletions(-) diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl index 274cfbbb..516a6231 100644 --- a/.terraform.lock.hcl +++ b/.terraform.lock.hcl @@ -1,13 +1,6 @@ # This file is maintained automatically by "terraform init". # Manual edits may be lost in future updates. -provider "registry.example.com/telmate/proxmox" { - version = "9.9.9" - hashes = [ - "h1:BnhIwXbxNF0NLvXes4/WiLGEldeU5UZWlLg3vrO/kog=", - ] -} - provider "registry.terraform.io/hashicorp/vault" { version = "2.24.1" constraints = "2.24.1" @@ -28,21 +21,22 @@ provider "registry.terraform.io/hashicorp/vault" { } provider "registry.terraform.io/telmate/proxmox" { - version = "2.8.0" + version = "2.9.0" + constraints = "2.9.0" hashes = [ - "h1:RmEhNI5/T73g8+gSqy20MSgszjTquC+srhIflQWlNRE=", - "zh:210fe85f6bdc51196dbda2c12de5fd0ddd597704fc91f5a08346cebd7493ff42", - "zh:360ad867389041aacc3184632e682a068daae20271c51ab31ea49ce77076c31e", - "zh:386243cab8be04b485d9ac7b1cb6d603bc800c0c69453eca0a13e64a69f1c43c", - "zh:3b46ad0d6b517d84dca252ec64df6b9d1ff2d4376ed69fb0679d19f3308756eb", - "zh:3f1a1292da7d2e5d7e67179c26d26fc865f822576d72d6723d299d483a9a0c56", - "zh:41e513e107f692250519f37a3656c6172093e53d037a447228fc5a025e89954f", - "zh:496938004d56eea7c8e4e7401a53fcaabeaa9475aa1b7152787968b5aaae946e", - "zh:6755a0a470c4af9058c9c1f18f0f63fd8d6e6cfa928665beb16dc7043b50b5f1", - "zh:78208afc9d8be564b886ac4f4bc1d8c20a0f7cb2bebdced97622b45e8df0c591", - "zh:a5a40c9a50c5daa095877ab25a86bdf8dbceaf457b81fc8dd02629a50c3b56e1", - "zh:d89d5de3e3716353859d40ecdd75033bc873732989117f9b9baf7a87788c493e", - "zh:e1b20fd36a5fb7587821377c61f92e9e926743f71e381ee54336d0475a23524a", - "zh:f5da99f1a00a9637c8988f2115f84157836627927800628576cfe7b0e53e967e", + "h1:2emsswGg3BBrWiYV9GhR1MfR7r6sREVvC3qGX56UOv8=", + "zh:05b3556ffd47f7791e51c600bc281562c35d54fcb2768fe19c5faf08fd10d8f3", + "zh:0ae37a5adb0f9f6409c5363b5ac9f0eb3ed95698b82bb6827a86469a2d103edd", + "zh:0d0487486fd9cb3b064d7495082fb6fb75705dfadf43262a2abb18bc2a76da29", + "zh:12b66f4616bbd011533c5d4254abfa782ebc33619fb439619646283d831a6b3c", + "zh:3c0f9396c75230746f824fe65e5ffb27b277504be23f2771392019e89700c3a9", + "zh:5410169fc01ac9358f766d155e3b199541c25caf3a74ecada84202ecdf68cf75", + "zh:582cd15439da18358f24214addc90085860237a5bc8bb41d57c8e6115032c0c2", + "zh:97ef5e28d4863b52868dd436392b4bbba6dc12e3927ba4d33702538adfbe83c0", + "zh:a1631929b77ac97d38b2a340f598d10005ff75745546f04ea171a4042f98a894", + "zh:ae5116c32ad7b0e0573522c9158583a77a98ec52bbce14dc3ce00c03328c0b4f", + "zh:c164cedfef4ab70dc25fb2c0c25a091c5d8a6b09d58725fc4296b37cb9b133a2", + "zh:c6aed31aceaf6a923859e9e2af26a8e45559d0680bc3524207886ee0556968c2", + "zh:cffbee36856bac5ec527a8f83d52edbead3ac73e0ffbe77a958c175a78929ad6", ] } diff --git a/main.tf b/main.tf index 39ecfe80..7550830e 100644 --- a/main.tf +++ b/main.tf @@ -64,6 +64,7 @@ resource "proxmox_lxc" "mosquitto" { hostname = "mosquitto" vmid = 104 clone = 101 + unprivileged = true memory = 1024 @@ -86,6 +87,7 @@ resource "proxmox_lxc" "nginx" { hostname = "nginx" vmid = 106 clone = 101 + unprivileged = true memory = 512 @@ -107,6 +109,7 @@ resource "proxmox_vm_qemu" "k3s-node1" { target_node = "nuc" vmid = 103 clone = "bastion" + tablet = false memory = 8192 cores = 4 diff --git a/version.tf b/version.tf index 7905084e..5beb9d46 100644 --- a/version.tf +++ b/version.tf @@ -1,8 +1,8 @@ terraform { required_providers { proxmox = { - # Locally installed from git repo for LXC cloning support - source = "registry.example.com/telmate/proxmox" + source = "telmate/proxmox" + version = "2.9.0" } vault = { source = "hashicorp/vault" -- 2.47.1 From a1190957f8f791525d1fede4103379a5277e8f37 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 25 Oct 2021 12:50:04 +0200 Subject: [PATCH 0035/1882] Updated mosquitto and formatted files --- common/default.nix | 7 +--- common/generic-lxc.nix | 6 +-- common/services/default.nix | 9 +---- common/services/flood.nix | 14 ++++--- common/services/unpackerr.nix | 33 +++++++++------ common/services/vmagent.nix | 13 +++--- common/users/default.nix | 10 +---- flake.lock | 6 +-- hosts/bastion/configuration.nix | 18 ++++----- hosts/bastion/hardware-configuration.nix | 17 +++----- hosts/k3s/configuration.nix | 23 +++++------ hosts/k3s/hardware-configuration.nix | 17 +++----- hosts/mosquitto/configuration.nix | 51 +++++++++++------------- hosts/nginx/configuration.nix | 23 +++++++---- hosts/vault/configuration.nix | 14 +++---- 15 files changed, 116 insertions(+), 145 deletions(-) diff --git a/common/default.nix b/common/default.nix index e6d82f97..0ed836ce 100644 --- a/common/default.nix +++ b/common/default.nix @@ -17,11 +17,8 @@ nix = { package = pkgs.nixUnstable; autoOptimiseStore = true; - binaryCaches = [ - "https://cachix.cachix.org" - "https://nix-community.cachix.org" - "https://nixpkgs-review-bot.cachix.org" - ]; + binaryCaches = + [ "https://cachix.cachix.org" "https://nix-community.cachix.org" "https://nixpkgs-review-bot.cachix.org" ]; binaryCachePublicKeys = [ "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" diff --git a/common/generic-lxc.nix b/common/generic-lxc.nix index 8de709a5..1bf6c58c 100644 --- a/common/generic-lxc.nix +++ b/common/generic-lxc.nix @@ -2,11 +2,7 @@ # See also: https://blog.xirion.net/posts/nixos-proxmox-lxc/ # Supress systemd services that don't work (correctly) on LXC - systemd.suppressedSystemUnits = [ - "dev-mqueue.mount" - "sys-kernel-debug.mount" - "sys-fs-fuse-connections.mount" - ]; + systemd.suppressedSystemUnits = [ "dev-mqueue.mount" "sys-kernel-debug.mount" "sys-fs-fuse-connections.mount" ]; # Enable SSH daemon support. services.openssh.enable = true; diff --git a/common/services/default.nix b/common/services/default.nix index 9fa6e606..192c8355 100644 --- a/common/services/default.nix +++ b/common/services/default.nix @@ -1,8 +1 @@ -{ config, lib, pkgs, ... }: -{ - imports = [ - ./flood.nix - ./unpackerr.nix - ./vmagent.nix - ]; -} +{ config, lib, pkgs, ... }: { imports = [ ./flood.nix ./unpackerr.nix ./vmagent.nix ]; } diff --git a/common/services/flood.nix b/common/services/flood.nix index 3616bfac..cd698d83 100644 --- a/common/services/flood.nix +++ b/common/services/flood.nix @@ -1,8 +1,7 @@ { config, pkgs, lib, ... }: with lib; let cfg = config.services.flood; -in -{ +in { options.services.flood = { enable = mkEnableOption "flood"; @@ -111,9 +110,7 @@ in config = mkIf cfg.enable { # Create group if set to default - users.groups = mkIf (cfg.group == "rtorrent") { - rtorrent = { }; - }; + users.groups = mkIf (cfg.group == "rtorrent") { rtorrent = { }; }; # Create user if set to default users.users = mkIf (cfg.user == "flood") { @@ -140,7 +137,12 @@ in Type = "simple"; Restart = "on-failure"; WorkingDirectory = cfg.dataDir; - ExecStart = "${cfg.package}/bin/flood --baseuri ${cfg.baseURI} --rundir ${cfg.dataDir} --host ${cfg.host} --port ${toString cfg.port} ${if cfg.ssl then "--ssl" else ""} --auth ${cfg.authMode} --rtsocket ${cfg.rpcSocket} --allowedpath ${cfg.downloadDir}"; + ExecStart = + "${cfg.package}/bin/flood --baseuri ${cfg.baseURI} --rundir ${cfg.dataDir} --host ${cfg.host} --port ${ + toString cfg.port + } ${ + if cfg.ssl then "--ssl" else "" + } --auth ${cfg.authMode} --rtsocket ${cfg.rpcSocket} --allowedpath ${cfg.downloadDir}"; }; }; diff --git a/common/services/unpackerr.nix b/common/services/unpackerr.nix index 7135b06e..e1d88c37 100644 --- a/common/services/unpackerr.nix +++ b/common/services/unpackerr.nix @@ -57,8 +57,7 @@ let ''; }; }; -in -{ +in { options.services.unpackerr = { enable = mkEnableOption "unpackerr"; @@ -151,13 +150,25 @@ in ''; }; - sonarr = mkStarrOptions { name = "Sonarr"; url = "http://localhost:8989"; }; + sonarr = mkStarrOptions { + name = "Sonarr"; + url = "http://localhost:8989"; + }; - radarr = mkStarrOptions { name = "Radarr"; url = "http://localhost:7878"; }; + radarr = mkStarrOptions { + name = "Radarr"; + url = "http://localhost:7878"; + }; - lidarr = mkStarrOptions { name = "Lidarr"; url = "http://localhost:8686"; }; + lidarr = mkStarrOptions { + name = "Lidarr"; + url = "http://localhost:8686"; + }; - readarr = mkStarrOptions { name = "Readarr"; url = "http://localhost:8787"; }; + readarr = mkStarrOptions { + name = "Readarr"; + url = "http://localhost:8787"; + }; folder = { path = mkOption { @@ -207,21 +218,17 @@ in extraConfig = mkOption { type = types.attrs; - default = {}; + default = { }; description = '' Extra environment variables ''; - example = { - UN_WEBHOOK_0_URL = "http://example.com"; - }; + example = { UN_WEBHOOK_0_URL = "http://example.com"; }; }; }; config = mkIf cfg.enable { # Create group if set to default - users.groups = mkIf (cfg.group == "unpackerr") { - unpackerr = { }; - }; + users.groups = mkIf (cfg.group == "unpackerr") { unpackerr = { }; }; # Create user if set to default users.users = mkIf (cfg.user == "unpackerr") { diff --git a/common/services/vmagent.nix b/common/services/vmagent.nix index 677b3d1f..5ca3e4c9 100644 --- a/common/services/vmagent.nix +++ b/common/services/vmagent.nix @@ -1,8 +1,7 @@ { config, pkgs, lib, ... }: with lib; let cfg = config.services.vmagent; -in -{ +in { options.services.vmagent = { enable = mkEnableOption "vmagent"; @@ -74,9 +73,7 @@ in config = mkIf cfg.enable { # Create group if set to default - users.groups = mkIf (cfg.group == "vmagent") { - vmagent = { }; - }; + users.groups = mkIf (cfg.group == "vmagent") { vmagent = { }; }; # Create user if set to default users.users = mkIf (cfg.user == "vmagent") { @@ -93,8 +90,7 @@ in networking.firewall.allowedTCPPorts = mkIf (cfg.openFirewall) [ 8429 ]; # The actual service - systemd.services.vmagent = let - prometheusConfig = pkgs.writeText "prometheus.yml" cfg.prometheusConfig; + systemd.services.vmagent = let prometheusConfig = pkgs.writeText "prometheus.yml" cfg.prometheusConfig; in { wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; @@ -105,7 +101,8 @@ in Type = "simple"; Restart = "on-failure"; WorkingDirectory = cfg.dataDir; - ExecStart = "${cfg.package}/bin/vmagent -remoteWrite.url=${cfg.remoteWriteUrl} -promscrape.config=${prometheusConfig}"; + ExecStart = + "${cfg.package}/bin/vmagent -remoteWrite.url=${cfg.remoteWriteUrl} -promscrape.config=${prometheusConfig}"; }; }; diff --git a/common/users/default.nix b/common/users/default.nix index 459cce48..4514f132 100644 --- a/common/users/default.nix +++ b/common/users/default.nix @@ -55,13 +55,5 @@ }; # Setup packages available everywhere - environment.systemPackages = with pkgs; [ - fzf - git - htop - rsync - ripgrep - vim - zoxide - ]; + environment.systemPackages = with pkgs; [ fzf git htop rsync ripgrep vim zoxide ]; } diff --git a/flake.lock b/flake.lock index 6ad1d499..018b202c 100644 --- a/flake.lock +++ b/flake.lock @@ -54,11 +54,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1634638999, - "narHash": "sha256-4TWC/3iXsMqTDUu2MJSaCn4xGJpBnlDR+/SL/Aaz2XU=", + "lastModified": 1635141467, + "narHash": "sha256-H+TVE6tBSm4nAepm7HRfW7AcrndI5e4+TJwCQo4/z+s=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a323570a264da96a0b0bcc1c9aa017794acdc752", + "rev": "38d21595b8fb0a744aa31c5794013bf42cf98fa9", "type": "github" }, "original": { diff --git a/hosts/bastion/configuration.nix b/hosts/bastion/configuration.nix index ca7c418d..06bd4fca 100644 --- a/hosts/bastion/configuration.nix +++ b/hosts/bastion/configuration.nix @@ -5,14 +5,13 @@ { config, pkgs, ... }: { - imports = - [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - # Import common config - ../../common/generic-vm.nix - ../../common - ]; + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + # Import common config + ../../common/generic-vm.nix + ../../common + ]; # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; @@ -36,13 +35,14 @@ kubectl kubectx nodejs-14_x + nixfmt ripgrep rsync tmux vault vim ]; - + # programs.gnupg.agent = { enable = true; pinentryFlavor = "curses"; diff --git a/hosts/bastion/hardware-configuration.nix b/hosts/bastion/hardware-configuration.nix index 9c5d168d..9c6082ba 100644 --- a/hosts/bastion/hardware-configuration.nix +++ b/hosts/bastion/hardware-configuration.nix @@ -4,23 +4,18 @@ { config, lib, pkgs, modulesPath, ... }: { - imports = - [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { - device = "/dev/disk/by-uuid/e8427097-8545-4924-b033-2659fcf9adca"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/e8427097-8545-4924-b033-2659fcf9adca"; + fsType = "ext4"; + }; - swapDevices = - [{ device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; }]; + swapDevices = [{ device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; }]; } diff --git a/hosts/k3s/configuration.nix b/hosts/k3s/configuration.nix index 5fa03fa5..0af4b9e7 100644 --- a/hosts/k3s/configuration.nix +++ b/hosts/k3s/configuration.nix @@ -1,13 +1,11 @@ -{ config, pkgs, lib, ... }: -{ - imports = - [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - # Import common config - ../../common/generic-vm.nix - ../../common - ]; +{ config, pkgs, lib, ... }: { + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + # Import common config + ../../common/generic-vm.nix + ../../common + ]; # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; @@ -25,10 +23,7 @@ system.stateVersion = "21.05"; # Did you read the comment? # Additional packages - environment.systemPackages = with pkgs; [ - iptables - vim - ]; + environment.systemPackages = with pkgs; [ iptables vim ]; # Disable the firewall as we need all the ports networking.firewall.enable = false; diff --git a/hosts/k3s/hardware-configuration.nix b/hosts/k3s/hardware-configuration.nix index 9c5d168d..9c6082ba 100644 --- a/hosts/k3s/hardware-configuration.nix +++ b/hosts/k3s/hardware-configuration.nix @@ -4,23 +4,18 @@ { config, lib, pkgs, modulesPath, ... }: { - imports = - [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { - device = "/dev/disk/by-uuid/e8427097-8545-4924-b033-2659fcf9adca"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/e8427097-8545-4924-b033-2659fcf9adca"; + fsType = "ext4"; + }; - swapDevices = - [{ device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; }]; + swapDevices = [{ device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; }]; } diff --git a/hosts/mosquitto/configuration.nix b/hosts/mosquitto/configuration.nix index dfd29b8b..b4ec43be 100644 --- a/hosts/mosquitto/configuration.nix +++ b/hosts/mosquitto/configuration.nix @@ -3,14 +3,13 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: - -{ - imports = - [ - # Import common config - ../../common/generic-lxc.nix - ../../common - ]; +let mosquittoPort = 1883; +in { + imports = [ + # Import common config + ../../common/generic-lxc.nix + ../../common + ]; networking.hostName = "mosquitto"; @@ -23,24 +22,22 @@ system.stateVersion = "21.05"; # Did you read the comment? # Additional packages - environment.systemPackages = with pkgs; []; + environment.systemPackages = with pkgs; [ ]; services.mosquitto = { - users = { - victor = { - acl = ["topic readwrite #"]; - }; - zigbee2mqtt = { - acl = ["topic readwrite #"]; - }; - }; + enable = true; - port = 1883; - host = "0.0.0.0"; - - allowAnonymous = true; - aclExtraConf = "topic readwrite #"; + listeners = [{ + port = 1883; + settings.allow_anonymous = true; + acl = [ "topic readwrite #" ]; + users = { + victor = { acl = [ "readwrite #" ]; }; + zigbee2mqtt = { acl = [ "readwrite #" ]; }; + }; + }]; + }; services.zigbee2mqtt = { @@ -50,17 +47,17 @@ homeassistant = true; permit_join = true; - serial = { - port = "/dev/ttyUSB0"; - }; + serial = { port = "/dev/ttyUSB0"; }; mqtt = { base_topic = "zigbee2mqtt"; - server = "mqtt://localhost:${toString config.services.mosquitto.port}"; + server = "mqtt://localhost:${toString mosquittoPort}"; user = "zigbee2mqtt"; }; + + frontend = { port = 8080; }; }; }; - networking.firewall.allowedTCPPorts = [ config.services.mosquitto.port ]; + networking.firewall.allowedTCPPorts = [ mosquittoPort config.services.zigbee2mqtt.settings.frontend.port ]; } diff --git a/hosts/nginx/configuration.nix b/hosts/nginx/configuration.nix index 6137c15c..f9862493 100644 --- a/hosts/nginx/configuration.nix +++ b/hosts/nginx/configuration.nix @@ -5,13 +5,11 @@ { config, pkgs, ... }: { - imports = - [ - # Import common config - ../../common/generic-lxc.nix - ../../common - ]; - + imports = [ + # Import common config + ../../common/generic-lxc.nix + ../../common + ]; networking.hostName = "nginx"; @@ -24,7 +22,7 @@ system.stateVersion = "21.05"; # Did you read the comment? # Additional packages - environment.systemPackages = with pkgs; []; + environment.systemPackages = with pkgs; [ ]; networking.firewall.allowedTCPPorts = [ 80 443 ]; @@ -41,6 +39,15 @@ proxyWebsockets = true; }; }; + + virtualHosts."zookeeper.0x76.dev" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://10.42.43.28:8085/"; + proxyWebsockets = true; + }; + }; }; security.acme.email = "victorheld12@gmail.com"; diff --git a/hosts/vault/configuration.nix b/hosts/vault/configuration.nix index 6ba1188b..19c46c08 100644 --- a/hosts/vault/configuration.nix +++ b/hosts/vault/configuration.nix @@ -5,13 +5,11 @@ { config, pkgs, ... }: { - imports = - [ - # Import common config - ../../common/generic-lxc.nix - ../../common - ]; - + imports = [ + # Import common config + ../../common/generic-lxc.nix + ../../common + ]; networking.hostName = "vault"; @@ -24,7 +22,7 @@ system.stateVersion = "21.05"; # Did you read the comment? # Additional packages - environment.systemPackages = with pkgs; []; + environment.systemPackages = with pkgs; [ ]; # Vault networking.firewall.allowedTCPPorts = [ 8200 ]; -- 2.47.1 From 79838b09e48001c04b2fa91f9998ee3ffde1a862 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Tue, 26 Oct 2021 15:14:54 +0200 Subject: [PATCH 0036/1882] add: namespace 'presidential paradise' --- cluster/core/kustomization.yaml | 4 ++++ cluster/core/namespaces/kustomization.yaml | 4 ++++ cluster/core/namespaces/presidential-paradise.yaml | 6 ++++++ 3 files changed, 14 insertions(+) create mode 100644 cluster/core/kustomization.yaml create mode 100644 cluster/core/namespaces/kustomization.yaml create mode 100644 cluster/core/namespaces/presidential-paradise.yaml diff --git a/cluster/core/kustomization.yaml b/cluster/core/kustomization.yaml new file mode 100644 index 00000000..4b61208f --- /dev/null +++ b/cluster/core/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - namespaces diff --git a/cluster/core/namespaces/kustomization.yaml b/cluster/core/namespaces/kustomization.yaml new file mode 100644 index 00000000..2bf74525 --- /dev/null +++ b/cluster/core/namespaces/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - presidential-paradise.yaml diff --git a/cluster/core/namespaces/presidential-paradise.yaml b/cluster/core/namespaces/presidential-paradise.yaml new file mode 100644 index 00000000..a1fcc809 --- /dev/null +++ b/cluster/core/namespaces/presidential-paradise.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: presidential-paradise + -- 2.47.1 From 45d5e3a0c42d3a4a9ae041a26cd0c9ea7d44d138 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Tue, 26 Oct 2021 16:33:27 +0200 Subject: [PATCH 0037/1882] add: networking namespace && metallb-charts --- README.md | 1 + cluster/core/namespaces/kustomization.yaml | 1 + cluster/core/namespaces/networking.yaml | 5 +++++ cluster/flux-system/charts/helm/kustomization.yaml | 4 ++++ cluster/flux-system/charts/helm/metallb-charts.yaml | 10 ++++++++++ cluster/flux-system/charts/kustomization.yaml | 5 +++++ cluster/flux-system/kustomization.yaml | 1 + 7 files changed, 27 insertions(+) create mode 100644 README.md create mode 100644 cluster/core/namespaces/networking.yaml create mode 100644 cluster/flux-system/charts/helm/kustomization.yaml create mode 100644 cluster/flux-system/charts/helm/metallb-charts.yaml create mode 100644 cluster/flux-system/charts/kustomization.yaml diff --git a/README.md b/README.md new file mode 100644 index 00000000..a0ed78f8 --- /dev/null +++ b/README.md @@ -0,0 +1 @@ +# Kubernetes Cluster diff --git a/cluster/core/namespaces/kustomization.yaml b/cluster/core/namespaces/kustomization.yaml index 2bf74525..8b2dd57b 100644 --- a/cluster/core/namespaces/kustomization.yaml +++ b/cluster/core/namespaces/kustomization.yaml @@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - presidential-paradise.yaml + - networking.yaml diff --git a/cluster/core/namespaces/networking.yaml b/cluster/core/namespaces/networking.yaml new file mode 100644 index 00000000..fa9575ea --- /dev/null +++ b/cluster/core/namespaces/networking.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: networking diff --git a/cluster/flux-system/charts/helm/kustomization.yaml b/cluster/flux-system/charts/helm/kustomization.yaml new file mode 100644 index 00000000..326c3ccc --- /dev/null +++ b/cluster/flux-system/charts/helm/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - metallb-charts.yaml diff --git a/cluster/flux-system/charts/helm/metallb-charts.yaml b/cluster/flux-system/charts/helm/metallb-charts.yaml new file mode 100644 index 00000000..9f91c086 --- /dev/null +++ b/cluster/flux-system/charts/helm/metallb-charts.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1beta1 +kind: HelmRepository +metadata: + name: metallb-charts + namespace: flux-system +spec: + interval: 15m0s + url: https://metallb.github.io/metallb + diff --git a/cluster/flux-system/charts/kustomization.yaml b/cluster/flux-system/charts/kustomization.yaml new file mode 100644 index 00000000..dadf6d60 --- /dev/null +++ b/cluster/flux-system/charts/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - helm + diff --git a/cluster/flux-system/kustomization.yaml b/cluster/flux-system/kustomization.yaml index 3842229e..2974f2db 100644 --- a/cluster/flux-system/kustomization.yaml +++ b/cluster/flux-system/kustomization.yaml @@ -3,3 +3,4 @@ kind: Kustomization resources: - gotk-components.yaml - gotk-sync.yaml +- charts -- 2.47.1 From 299d0203dfe3375aa47ccab0de65156e1e4e82f5 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Tue, 26 Oct 2021 16:38:53 +0200 Subject: [PATCH 0038/1882] add: metallb --- cluster/core/networking/kustomization.yaml | 5 +++ .../core/networking/metallb/helm-release.yaml | 31 +++++++++++++++++++ .../networking/metallb/kustomization.yaml | 5 +++ 3 files changed, 41 insertions(+) create mode 100644 cluster/core/networking/kustomization.yaml create mode 100644 cluster/core/networking/metallb/helm-release.yaml create mode 100644 cluster/core/networking/metallb/kustomization.yaml diff --git a/cluster/core/networking/kustomization.yaml b/cluster/core/networking/kustomization.yaml new file mode 100644 index 00000000..716c6aff --- /dev/null +++ b/cluster/core/networking/kustomization.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - metallb diff --git a/cluster/core/networking/metallb/helm-release.yaml b/cluster/core/networking/metallb/helm-release.yaml new file mode 100644 index 00000000..a976d462 --- /dev/null +++ b/cluster/core/networking/metallb/helm-release.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: metallb + namespace: networking +spec: + interval: 5m + chart: + spec: + # renovate: registryUrl=https://metallb.github.io/metallb + chart: metallb + version: 0.10.3 + sourceRef: + kind: HelmRepository + name: metallb-charts + namespace: flux-system + interval: 5m + values: + configInline: + address-pools: + - name: default + protocol: layer2 + addresses: + - 10.42.42.150-192.168.42.200 + speaker: + tolerations: + - effect: "NoExecute" + operator: "Exists" + - effect: "NoSchedule" + operator: "Exists" diff --git a/cluster/core/networking/metallb/kustomization.yaml b/cluster/core/networking/metallb/kustomization.yaml new file mode 100644 index 00000000..2fa2de20 --- /dev/null +++ b/cluster/core/networking/metallb/kustomization.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - helm-release.yaml -- 2.47.1 From 18d64a9b0e929184c22a3cfc0432df4101fe59a8 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Tue, 26 Oct 2021 16:43:19 +0200 Subject: [PATCH 0039/1882] fix: add metallb properly to kustomization.yaml --- cluster/core/kustomization.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cluster/core/kustomization.yaml b/cluster/core/kustomization.yaml index 4b61208f..04425b4c 100644 --- a/cluster/core/kustomization.yaml +++ b/cluster/core/kustomization.yaml @@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - namespaces + - metallb -- 2.47.1 From 225bf1c38e7d2df93801cfbce99014746a5037bc Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Tue, 26 Oct 2021 16:44:31 +0200 Subject: [PATCH 0040/1882] fix: add networking to kustomization instead of metallb --- cluster/core/kustomization.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/core/kustomization.yaml b/cluster/core/kustomization.yaml index 04425b4c..bf0a6d5c 100644 --- a/cluster/core/kustomization.yaml +++ b/cluster/core/kustomization.yaml @@ -2,4 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - namespaces - - metallb + - networking -- 2.47.1 From c4b4926f6fbd99da0cc89d336dac01fb403d6b44 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Wed, 27 Oct 2021 12:00:35 +0200 Subject: [PATCH 0041/1882] change layout --- cluster/base/core.yaml | 15 +++++++++++++++ cluster/base/crds.yaml | 13 +++++++++++++ .../flux-system/charts/helm/kustomization.yaml | 0 .../flux-system/charts/helm/metallb-charts.yaml | 0 .../flux-system/charts/kustomization.yaml | 0 .../{ => base}/flux-system/gotk-components.yaml | 0 cluster/{ => base}/flux-system/gotk-sync.yaml | 0 cluster/{ => base}/flux-system/kustomization.yaml | 0 cluster/crds/kustomization.yaml | 3 +++ 9 files changed, 31 insertions(+) create mode 100644 cluster/base/core.yaml create mode 100644 cluster/base/crds.yaml rename cluster/{ => base}/flux-system/charts/helm/kustomization.yaml (100%) rename cluster/{ => base}/flux-system/charts/helm/metallb-charts.yaml (100%) rename cluster/{ => base}/flux-system/charts/kustomization.yaml (100%) rename cluster/{ => base}/flux-system/gotk-components.yaml (100%) rename cluster/{ => base}/flux-system/gotk-sync.yaml (100%) rename cluster/{ => base}/flux-system/kustomization.yaml (100%) create mode 100644 cluster/crds/kustomization.yaml diff --git a/cluster/base/core.yaml b/cluster/base/core.yaml new file mode 100644 index 00000000..17c7870f --- /dev/null +++ b/cluster/base/core.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +kind: Kustomization +metadata: + name: core + namespace: flux-system +spec: + interval: 10m0s + dependsOn: + - name: crds + path: ./cluster/core + prune: false + sourceRef: + kind: GitRepository + name: flux-system diff --git a/cluster/base/crds.yaml b/cluster/base/crds.yaml new file mode 100644 index 00000000..c938c9b5 --- /dev/null +++ b/cluster/base/crds.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +kind: Kustomization +metadata: + name: crds + namespace: flux-system +spec: + interval: 10m0s + path: ./cluster/crds + prune: false + sourceRef: + kind: GitRepository + name: flux-system diff --git a/cluster/flux-system/charts/helm/kustomization.yaml b/cluster/base/flux-system/charts/helm/kustomization.yaml similarity index 100% rename from cluster/flux-system/charts/helm/kustomization.yaml rename to cluster/base/flux-system/charts/helm/kustomization.yaml diff --git a/cluster/flux-system/charts/helm/metallb-charts.yaml b/cluster/base/flux-system/charts/helm/metallb-charts.yaml similarity index 100% rename from cluster/flux-system/charts/helm/metallb-charts.yaml rename to cluster/base/flux-system/charts/helm/metallb-charts.yaml diff --git a/cluster/flux-system/charts/kustomization.yaml b/cluster/base/flux-system/charts/kustomization.yaml similarity index 100% rename from cluster/flux-system/charts/kustomization.yaml rename to cluster/base/flux-system/charts/kustomization.yaml diff --git a/cluster/flux-system/gotk-components.yaml b/cluster/base/flux-system/gotk-components.yaml similarity index 100% rename from cluster/flux-system/gotk-components.yaml rename to cluster/base/flux-system/gotk-components.yaml diff --git a/cluster/flux-system/gotk-sync.yaml b/cluster/base/flux-system/gotk-sync.yaml similarity index 100% rename from cluster/flux-system/gotk-sync.yaml rename to cluster/base/flux-system/gotk-sync.yaml diff --git a/cluster/flux-system/kustomization.yaml b/cluster/base/flux-system/kustomization.yaml similarity index 100% rename from cluster/flux-system/kustomization.yaml rename to cluster/base/flux-system/kustomization.yaml diff --git a/cluster/crds/kustomization.yaml b/cluster/crds/kustomization.yaml new file mode 100644 index 00000000..b83b23e5 --- /dev/null +++ b/cluster/crds/kustomization.yaml @@ -0,0 +1,3 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: [] -- 2.47.1 From 640e5f3c3968ba2443336f967c68934ade6cc7f6 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Wed, 27 Oct 2021 12:09:16 +0200 Subject: [PATCH 0042/1882] Update README.md --- README.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/README.md b/README.md index a0ed78f8..948ec850 100644 --- a/README.md +++ b/README.md @@ -1 +1,14 @@ # Kubernetes Cluster +This is my personal Kubernetes Cluster. [Flux] watches this git repo and reconciles and changes made to the cluster. + +## Directory structure +The main directory is `cluster`, it contains the following subdirectories in the order that flux will apply them: +* **base**: the entrypoint for Flux +* **crds**: contains the CRDs that are needed for anything running in the cluster, these get applied earlier to make sure they exist +* **core**: important core infrastructure applications, grouped by namespace, that should never be pruned +* **apps**: common applications that are allowed to be pruned by flux + +## References +Heavily inspired by: [onedr0p's cluster](https://github.com/onedr0p/home-cluster) + +[Flux]: https://github.com/fluxcd/flux2 -- 2.47.1 From 27a821d67ac9d72c638f8979cb622191584cb541 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Wed, 27 Oct 2021 12:52:45 +0200 Subject: [PATCH 0043/1882] add: traefik CRDs --- cluster/crds/kustomization.yaml | 3 ++- cluster/crds/traefik/crds.yaml | 30 +++++++++++++++++++++++++ cluster/crds/traefik/kustomization.yaml | 4 ++++ 3 files changed, 36 insertions(+), 1 deletion(-) create mode 100644 cluster/crds/traefik/crds.yaml create mode 100644 cluster/crds/traefik/kustomization.yaml diff --git a/cluster/crds/kustomization.yaml b/cluster/crds/kustomization.yaml index b83b23e5..15e57e2b 100644 --- a/cluster/crds/kustomization.yaml +++ b/cluster/crds/kustomization.yaml @@ -1,3 +1,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -resources: [] +resources: + - traefik diff --git a/cluster/crds/traefik/crds.yaml b/cluster/crds/traefik/crds.yaml new file mode 100644 index 00000000..fa7428c9 --- /dev/null +++ b/cluster/crds/traefik/crds.yaml @@ -0,0 +1,30 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1beta1 +kind: GitRepository +metadata: + name: traefik-crd-source + namespace: flux-system +spec: + interval: 30m + url: https://github.com/traefik/traefik-helm-chart.git + ref: + # renovate: registryUrl=https://helm.traefik.io/traefik chart=traefik + tag: v10.6.0 + ignore: | + # exclude all + /* + # path to crds + !/traefik/crds/ +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +kind: Kustomization +metadata: + name: traefik-crds + namespace: flux-system +spec: + interval: 15m + prune: false + wait: true + sourceRef: + kind: GitRepository + name: traefik-crd-source diff --git a/cluster/crds/traefik/kustomization.yaml b/cluster/crds/traefik/kustomization.yaml new file mode 100644 index 00000000..2ed3b351 --- /dev/null +++ b/cluster/crds/traefik/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - crds.yaml -- 2.47.1 From 862c914468cc062ef7397be7ea12dd2bbdee9bf5 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Wed, 27 Oct 2021 15:00:59 +0200 Subject: [PATCH 0044/1882] add traefik --- cluster/apps/kustomization.yaml | 4 ++ cluster/apps/networking/kustomization.yaml | 4 ++ .../apps/networking/traefik/helm-release.yaml | 67 +++++++++++++++++++ .../networking/traefik/kustomization.yaml | 4 ++ cluster/base/apps.yaml | 15 +++++ .../charts/helm/kustomization.yaml | 1 + .../charts/helm/traefik-charts.yaml | 10 +++ 7 files changed, 105 insertions(+) create mode 100644 cluster/apps/kustomization.yaml create mode 100644 cluster/apps/networking/kustomization.yaml create mode 100644 cluster/apps/networking/traefik/helm-release.yaml create mode 100644 cluster/apps/networking/traefik/kustomization.yaml create mode 100644 cluster/base/apps.yaml create mode 100644 cluster/base/flux-system/charts/helm/traefik-charts.yaml diff --git a/cluster/apps/kustomization.yaml b/cluster/apps/kustomization.yaml new file mode 100644 index 00000000..1a8401e1 --- /dev/null +++ b/cluster/apps/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - networking diff --git a/cluster/apps/networking/kustomization.yaml b/cluster/apps/networking/kustomization.yaml new file mode 100644 index 00000000..0ad868a3 --- /dev/null +++ b/cluster/apps/networking/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - traefik diff --git a/cluster/apps/networking/traefik/helm-release.yaml b/cluster/apps/networking/traefik/helm-release.yaml new file mode 100644 index 00000000..91a489aa --- /dev/null +++ b/cluster/apps/networking/traefik/helm-release.yaml @@ -0,0 +1,67 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: traefik + namespace: networking +spec: + interval: 5m + chart: + spec: + # renovate: registryUrl=https://helm.traefik.io/traefik + chart: traefik + version: 10.6.0 + sourceRef: + kind: HelmRepository + name: traefik-charts + namespace: flux-system + interval: 5m + values: + image: + name: traefik + deployment: + kind: Deployment + replicas: 2 + service: + enabled: true + type: LoadBalancer + spec: + externalIPs: + - 10.42.42.150 + externalTrafficPolicy: Local + logs: + general: + level: WARN + ingressClass: + enabled: true + isDefaultClass: true + fallbackApiVersion: v1 + globalArguments: + - "--providers.kubernetesingress.ingressclass=traefik" + - "--entryPoints.websecure.forwardedHeaders.trustedIPs=10.42.42.0/23" + additionalArguments: + - "--providers.kubernetesingress.ingressendpoint.ip=10.42.42.150" + ports: + traefik: + port: 9000 + expose: true + web: + port: 8000 + exposedPort: 8000 + expose: true + websecure: + port: 8443 + exposedPort: 8443 + expose: true + pilot: + enabled: false + experimental: + plugins: + enabled: false + affinity: {} + resources: + requests: + memory: 100Mi + cpu: 500m + limits: + memory: 500Mi diff --git a/cluster/apps/networking/traefik/kustomization.yaml b/cluster/apps/networking/traefik/kustomization.yaml new file mode 100644 index 00000000..34a8531c --- /dev/null +++ b/cluster/apps/networking/traefik/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - helm-release.yaml diff --git a/cluster/base/apps.yaml b/cluster/base/apps.yaml new file mode 100644 index 00000000..71aa43d8 --- /dev/null +++ b/cluster/base/apps.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +kind: Kustomization +metadata: + name: apps + namespace: flux-system +spec: + interval: 10m0s + dependsOn: + - name: core + path: ./cluster/apps + prune: true + sourceRef: + kind: GitRepository + name: flux-system diff --git a/cluster/base/flux-system/charts/helm/kustomization.yaml b/cluster/base/flux-system/charts/helm/kustomization.yaml index 326c3ccc..65d6813f 100644 --- a/cluster/base/flux-system/charts/helm/kustomization.yaml +++ b/cluster/base/flux-system/charts/helm/kustomization.yaml @@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - metallb-charts.yaml + - traefik-charts.yaml diff --git a/cluster/base/flux-system/charts/helm/traefik-charts.yaml b/cluster/base/flux-system/charts/helm/traefik-charts.yaml new file mode 100644 index 00000000..dda0b320 --- /dev/null +++ b/cluster/base/flux-system/charts/helm/traefik-charts.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1beta1 +kind: HelmRepository +metadata: + name: traefik-charts + namespace: flux-system +spec: + interval: 15m + url: https://helm.traefik.io/traefik + timeout: 3m -- 2.47.1 From 5857b6512f613b7766631f6f06432e5399a3a6ba Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Wed, 27 Oct 2021 15:26:13 +0200 Subject: [PATCH 0045/1882] add: wooloofan.club (temp. whoami container) --- cluster/apps/kustomization.yaml | 1 + .../presidential-paradise/kustomization.yaml | 4 ++ .../wooloofanclub/kustomization.yaml | 4 ++ .../wooloofanclub/wooloo.yaml | 53 +++++++++++++++++++ 4 files changed, 62 insertions(+) create mode 100644 cluster/apps/presidential-paradise/kustomization.yaml create mode 100644 cluster/apps/presidential-paradise/wooloofanclub/kustomization.yaml create mode 100644 cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml diff --git a/cluster/apps/kustomization.yaml b/cluster/apps/kustomization.yaml index 1a8401e1..b075bbef 100644 --- a/cluster/apps/kustomization.yaml +++ b/cluster/apps/kustomization.yaml @@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - networking + - presidential-paradise diff --git a/cluster/apps/presidential-paradise/kustomization.yaml b/cluster/apps/presidential-paradise/kustomization.yaml new file mode 100644 index 00000000..d5ef44b4 --- /dev/null +++ b/cluster/apps/presidential-paradise/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - wooloofanclub diff --git a/cluster/apps/presidential-paradise/wooloofanclub/kustomization.yaml b/cluster/apps/presidential-paradise/wooloofanclub/kustomization.yaml new file mode 100644 index 00000000..1f8410fb --- /dev/null +++ b/cluster/apps/presidential-paradise/wooloofanclub/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - wooloo.yaml diff --git a/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml b/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml new file mode 100644 index 00000000..46767396 --- /dev/null +++ b/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml @@ -0,0 +1,53 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: wooloofan-club + namespace: presidential-paradise + labels: + app: wooloofan-club +spec: + replicas: 1 + selector: + matchLabels: + app: wooloofan-club + template: + metadata: + labels: + app: wooloofan-club + spec: + containers: + - name: wooloofan-club + image: containous/whoami + ports: + - containerPort: 80 +--- +apiVersion: v1 +kind: Service +metadata: + name: wooloofan-club-service + namespace: presidential-paradise +spec: + selector: + app: wooloofan-club + ports: + - protocol: TCP + port: 80 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: wooloofan-club-ingress + namespace: presidential-paradise +spec: + ingressClassName: "traefik" + rules: + - host: "wooloofan.club" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: wooloofan-club-service + port: + number: 80 -- 2.47.1 From 4f5eedf20f85b73843985c1082a5ff21052fd93e Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Wed, 27 Oct 2021 15:33:29 +0200 Subject: [PATCH 0046/1882] update: wooloofan.club to real container + add whoami subdomain --- .../wooloofanclub/wooloo.yaml | 45 +++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml b/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml index 46767396..fd2d56df 100644 --- a/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml +++ b/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml @@ -17,6 +17,29 @@ spec: spec: containers: - name: wooloofan-club + image: 0x76/wooloofan.club + ports: + - containerPort: 80 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: wooloofan-club-whoami + namespace: presidential-paradise + labels: + app: wooloofan-club-whoami +spec: + replicas: 1 + selector: + matchLabels: + app: wooloofan-club-whoami + template: + metadata: + labels: + app: wooloofan-club-whoami + spec: + containers: + - name: wooloofan-club-whoami image: containous/whoami ports: - containerPort: 80 @@ -33,6 +56,18 @@ spec: - protocol: TCP port: 80 --- +apiVersion: v1 +kind: Service +metadata: + name: wooloofan-club-whoami-service + namespace: presidential-paradise +spec: + selector: + app: wooloofan-club-whoami + ports: + - protocol: TCP + port: 80 +--- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: @@ -51,3 +86,13 @@ spec: name: wooloofan-club-service port: number: 80 + - host: "whoami.wooloofan.club" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: wooloofan-club-whoami-service + port: + number: 80 -- 2.47.1 From 4613f66cf2e761e0cf5e19990c7b4be7aca66913 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 27 Oct 2021 16:06:22 +0200 Subject: [PATCH 0047/1882] nginx: wooloofan.club --- hosts/nginx/configuration.nix | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/hosts/nginx/configuration.nix b/hosts/nginx/configuration.nix index f9862493..9fbfc5a3 100644 --- a/hosts/nginx/configuration.nix +++ b/hosts/nginx/configuration.nix @@ -31,6 +31,7 @@ recommendedProxySettings = true; recommendedTlsSettings = true; + virtualHosts."ha.0x76.dev" = { enableACME = true; forceSSL = true; @@ -48,6 +49,25 @@ proxyWebsockets = true; }; }; + + # TODO: Make a function for adding hostnames to k8s endpoint(s). + virtualHosts."wooloofan.club" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://10.42.42.150:8000/"; + proxyWebsockets = true; + }; + }; + + virtualHosts."whoami.wooloofan.club" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://10.42.42.150:8000/"; + proxyWebsockets = true; + }; + }; }; security.acme.email = "victorheld12@gmail.com"; -- 2.47.1 From 13e466deb8e7b5be993a2eaf60b80f22d32dbd8a Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Thu, 28 Oct 2021 12:30:33 +0200 Subject: [PATCH 0048/1882] Bump -- 2.47.1 From 49590597ce2881149f60b65a6ec10648f1c8c55b Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Thu, 28 Oct 2021 12:32:04 +0200 Subject: [PATCH 0049/1882] flux: change path --- cluster/base/flux-system/gotk-sync.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/base/flux-system/gotk-sync.yaml b/cluster/base/flux-system/gotk-sync.yaml index a9b1c9b4..671309fd 100644 --- a/cluster/base/flux-system/gotk-sync.yaml +++ b/cluster/base/flux-system/gotk-sync.yaml @@ -19,7 +19,7 @@ metadata: namespace: flux-system spec: interval: 10m0s - path: ./cluster + path: ./cluster/base prune: true sourceRef: kind: GitRepository -- 2.47.1 From e84bc79e6ff2e05e8270fde881194291ac4d67a3 Mon Sep 17 00:00:00 2001 From: Flux <> Date: Thu, 28 Oct 2021 12:37:03 +0200 Subject: [PATCH 0050/1882] Add Flux v0.19.1 component manifests --- cluster/base/flux-system/gotk-components.yaml | 2123 +++++++++++++++++ 1 file changed, 2123 insertions(+) diff --git a/cluster/base/flux-system/gotk-components.yaml b/cluster/base/flux-system/gotk-components.yaml index 16f44d3e..6be397d8 100644 --- a/cluster/base/flux-system/gotk-components.yaml +++ b/cluster/base/flux-system/gotk-components.yaml @@ -2016,6 +2016,1955 @@ status: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.5.0 + creationTimestamp: null + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.19.1 + name: imagepolicies.image.toolkit.fluxcd.io +spec: + group: image.toolkit.fluxcd.io + names: + kind: ImagePolicy + listKind: ImagePolicyList + plural: imagepolicies + singular: imagepolicy + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.latestImage + name: LatestImage + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ImagePolicy is the Schema for the imagepolicies API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ImagePolicySpec defines the parameters for calculating the + ImagePolicy + properties: + filterTags: + description: FilterTags enables filtering for only a subset of tags + based on a set of rules. If no rules are provided, all the tags + from the repository will be ordered and compared. + properties: + extract: + description: Extract allows a capture group to be extracted from + the specified regular expression pattern, useful before tag + evaluation. + type: string + pattern: + description: Pattern specifies a regular expression pattern used + to filter for image tags. + type: string + type: object + imageRepositoryRef: + description: ImageRepositoryRef points at the object specifying the + image being scanned + properties: + name: + description: Name of the referent + type: string + required: + - name + type: object + policy: + description: Policy gives the particulars of the policy to be followed + in selecting the most recent image + properties: + alphabetical: + description: Alphabetical set of rules to use for alphabetical + ordering of the tags. + properties: + order: + default: asc + description: Order specifies the sorting order of the tags. + Given the letters of the alphabet as tags, ascending order + would select Z, and descending order would select A. + enum: + - asc + - desc + type: string + type: object + numerical: + description: Numerical set of rules to use for numerical ordering + of the tags. + properties: + order: + default: asc + description: Order specifies the sorting order of the tags. + Given the integer values from 0 to 9 as tags, ascending + order would select 9, and descending order would select + 0. + enum: + - asc + - desc + type: string + type: object + semver: + description: SemVer gives a semantic version range to check against + the tags available. + properties: + range: + description: Range gives a semver range for the image tag; + the highest version within the range that's a tag yields + the latest image. + type: string + required: + - range + type: object + type: object + required: + - imageRepositoryRef + - policy + type: object + status: + description: ImagePolicyStatus defines the observed state of ImagePolicy + properties: + conditions: + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + latestImage: + description: LatestImage gives the first in the list of images scanned + by the image repository, when filtered and ordered according to + the policy. + type: string + observedGeneration: + format: int64 + type: integer + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.latestImage + name: LatestImage + type: string + name: v1alpha2 + schema: + openAPIV3Schema: + description: ImagePolicy is the Schema for the imagepolicies API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ImagePolicySpec defines the parameters for calculating the + ImagePolicy + properties: + filterTags: + description: FilterTags enables filtering for only a subset of tags + based on a set of rules. If no rules are provided, all the tags + from the repository will be ordered and compared. + properties: + extract: + description: Extract allows a capture group to be extracted from + the specified regular expression pattern, useful before tag + evaluation. + type: string + pattern: + description: Pattern specifies a regular expression pattern used + to filter for image tags. + type: string + type: object + imageRepositoryRef: + description: ImageRepositoryRef points at the object specifying the + image being scanned + properties: + name: + description: Name of the referent + type: string + required: + - name + type: object + policy: + description: Policy gives the particulars of the policy to be followed + in selecting the most recent image + properties: + alphabetical: + description: Alphabetical set of rules to use for alphabetical + ordering of the tags. + properties: + order: + default: asc + description: Order specifies the sorting order of the tags. + Given the letters of the alphabet as tags, ascending order + would select Z, and descending order would select A. + enum: + - asc + - desc + type: string + type: object + numerical: + description: Numerical set of rules to use for numerical ordering + of the tags. + properties: + order: + default: asc + description: Order specifies the sorting order of the tags. + Given the integer values from 0 to 9 as tags, ascending + order would select 9, and descending order would select + 0. + enum: + - asc + - desc + type: string + type: object + semver: + description: SemVer gives a semantic version range to check against + the tags available. + properties: + range: + description: Range gives a semver range for the image tag; + the highest version within the range that's a tag yields + the latest image. + type: string + required: + - range + type: object + type: object + required: + - imageRepositoryRef + - policy + type: object + status: + description: ImagePolicyStatus defines the observed state of ImagePolicy + properties: + conditions: + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + latestImage: + description: LatestImage gives the first in the list of images scanned + by the image repository, when filtered and ordered according to + the policy. + type: string + observedGeneration: + format: int64 + type: integer + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.latestImage + name: LatestImage + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: ImagePolicy is the Schema for the imagepolicies API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ImagePolicySpec defines the parameters for calculating the + ImagePolicy + properties: + filterTags: + description: FilterTags enables filtering for only a subset of tags + based on a set of rules. If no rules are provided, all the tags + from the repository will be ordered and compared. + properties: + extract: + description: Extract allows a capture group to be extracted from + the specified regular expression pattern, useful before tag + evaluation. + type: string + pattern: + description: Pattern specifies a regular expression pattern used + to filter for image tags. + type: string + type: object + imageRepositoryRef: + description: ImageRepositoryRef points at the object specifying the + image being scanned + properties: + name: + description: Name of the referent + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference + type: string + required: + - name + type: object + policy: + description: Policy gives the particulars of the policy to be followed + in selecting the most recent image + properties: + alphabetical: + description: Alphabetical set of rules to use for alphabetical + ordering of the tags. + properties: + order: + default: asc + description: Order specifies the sorting order of the tags. + Given the letters of the alphabet as tags, ascending order + would select Z, and descending order would select A. + enum: + - asc + - desc + type: string + type: object + numerical: + description: Numerical set of rules to use for numerical ordering + of the tags. + properties: + order: + default: asc + description: Order specifies the sorting order of the tags. + Given the integer values from 0 to 9 as tags, ascending + order would select 9, and descending order would select + 0. + enum: + - asc + - desc + type: string + type: object + semver: + description: SemVer gives a semantic version range to check against + the tags available. + properties: + range: + description: Range gives a semver range for the image tag; + the highest version within the range that's a tag yields + the latest image. + type: string + required: + - range + type: object + type: object + required: + - imageRepositoryRef + - policy + type: object + status: + description: ImagePolicyStatus defines the observed state of ImagePolicy + properties: + conditions: + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + latestImage: + description: LatestImage gives the first in the list of images scanned + by the image repository, when filtered and ordered according to + the policy. + type: string + observedGeneration: + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.5.0 + creationTimestamp: null + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.19.1 + name: imagerepositories.image.toolkit.fluxcd.io +spec: + group: image.toolkit.fluxcd.io + names: + kind: ImageRepository + listKind: ImageRepositoryList + plural: imagerepositories + singular: imagerepository + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.lastScanResult.scanTime + name: Last scan + type: string + - jsonPath: .status.lastScanResult.tagCount + name: Tags + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ImageRepository is the Schema for the imagerepositories API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ImageRepositorySpec defines the parameters for scanning an + image repository, e.g., `fluxcd/flux`. + properties: + certSecretRef: + description: "CertSecretRef can be given the name of a secret containing + either or both of \n - a PEM-encoded client certificate (`certFile`) + and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) + \n and whichever are supplied, will be used for connecting to the + \ registry. The client cert and key are useful if you are authenticating + with a certificate; the CA cert is useful if you are using a self-signed + server certificate." + properties: + name: + description: Name of the referent + type: string + required: + - name + type: object + image: + description: Image is the name of the image repository + type: string + interval: + description: Interval is the length of time to wait between scans + of the image repository. + type: string + secretRef: + description: SecretRef can be given the name of a secret containing + credentials to use for the image registry. The secret should be + created with `kubectl create secret docker-registry`, or the equivalent. + properties: + name: + description: Name of the referent + type: string + required: + - name + type: object + suspend: + description: This flag tells the controller to suspend subsequent + image scans. It does not apply to already started scans. Defaults + to false. + type: boolean + timeout: + description: Timeout for image scanning. Defaults to 'Interval' duration. + type: string + type: object + status: + description: ImageRepositoryStatus defines the observed state of ImageRepository + properties: + canonicalImageName: + description: CanonicalName is the name of the image repository with + all the implied bits made explicit; e.g., `docker.io/library/alpine` + rather than `alpine`. + type: string + conditions: + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change can be detected. + type: string + lastScanResult: + description: LastScanResult contains the number of fetched tags. + properties: + scanTime: + format: date-time + type: string + tagCount: + type: integer + required: + - tagCount + type: object + observedGeneration: + description: ObservedGeneration is the last reconciled generation. + format: int64 + type: integer + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.lastScanResult.scanTime + name: Last scan + type: string + - jsonPath: .status.lastScanResult.tagCount + name: Tags + type: string + name: v1alpha2 + schema: + openAPIV3Schema: + description: ImageRepository is the Schema for the imagerepositories API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ImageRepositorySpec defines the parameters for scanning an + image repository, e.g., `fluxcd/flux`. + properties: + certSecretRef: + description: "CertSecretRef can be given the name of a secret containing + either or both of \n - a PEM-encoded client certificate (`certFile`) + and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) + \n and whichever are supplied, will be used for connecting to the + \ registry. The client cert and key are useful if you are authenticating + with a certificate; the CA cert is useful if you are using a self-signed + server certificate." + properties: + name: + description: Name of the referent + type: string + required: + - name + type: object + image: + description: Image is the name of the image repository + type: string + interval: + description: Interval is the length of time to wait between scans + of the image repository. + type: string + secretRef: + description: SecretRef can be given the name of a secret containing + credentials to use for the image registry. The secret should be + created with `kubectl create secret docker-registry`, or the equivalent. + properties: + name: + description: Name of the referent + type: string + required: + - name + type: object + suspend: + description: This flag tells the controller to suspend subsequent + image scans. It does not apply to already started scans. Defaults + to false. + type: boolean + timeout: + description: Timeout for image scanning. Defaults to 'Interval' duration. + type: string + type: object + status: + description: ImageRepositoryStatus defines the observed state of ImageRepository + properties: + canonicalImageName: + description: CanonicalName is the name of the image repository with + all the implied bits made explicit; e.g., `docker.io/library/alpine` + rather than `alpine`. + type: string + conditions: + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change can be detected. + type: string + lastScanResult: + description: LastScanResult contains the number of fetched tags. + properties: + scanTime: + format: date-time + type: string + tagCount: + type: integer + required: + - tagCount + type: object + observedGeneration: + description: ObservedGeneration is the last reconciled generation. + format: int64 + type: integer + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.lastScanResult.scanTime + name: Last scan + type: string + - jsonPath: .status.lastScanResult.tagCount + name: Tags + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: ImageRepository is the Schema for the imagerepositories API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ImageRepositorySpec defines the parameters for scanning an + image repository, e.g., `fluxcd/flux`. + properties: + accessFrom: + description: AccessFrom defines an ACL for allowing cross-namespace + references to the ImageRepository object based on the caller's namespace + labels. + properties: + namespaceSelectors: + items: + properties: + matchLabels: + additionalProperties: + type: string + type: object + type: object + type: array + type: object + certSecretRef: + description: "CertSecretRef can be given the name of a secret containing + either or both of \n - a PEM-encoded client certificate (`certFile`) + and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) + \n and whichever are supplied, will be used for connecting to the + \ registry. The client cert and key are useful if you are authenticating + with a certificate; the CA cert is useful if you are using a self-signed + server certificate." + properties: + name: + description: Name of the referent + type: string + required: + - name + type: object + image: + description: Image is the name of the image repository + type: string + interval: + description: Interval is the length of time to wait between scans + of the image repository. + type: string + secretRef: + description: SecretRef can be given the name of a secret containing + credentials to use for the image registry. The secret should be + created with `kubectl create secret docker-registry`, or the equivalent. + properties: + name: + description: Name of the referent + type: string + required: + - name + type: object + suspend: + description: This flag tells the controller to suspend subsequent + image scans. It does not apply to already started scans. Defaults + to false. + type: boolean + timeout: + description: Timeout for image scanning. Defaults to 'Interval' duration. + type: string + type: object + status: + description: ImageRepositoryStatus defines the observed state of ImageRepository + properties: + canonicalImageName: + description: CanonicalName is the name of the image repository with + all the implied bits made explicit; e.g., `docker.io/library/alpine` + rather than `alpine`. + type: string + conditions: + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change can be detected. + type: string + lastScanResult: + description: LastScanResult contains the number of fetched tags. + properties: + scanTime: + format: date-time + type: string + tagCount: + type: integer + required: + - tagCount + type: object + observedGeneration: + description: ObservedGeneration is the last reconciled generation. + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.5.0 + creationTimestamp: null + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.19.1 + name: imageupdateautomations.image.toolkit.fluxcd.io +spec: + group: image.toolkit.fluxcd.io + names: + kind: ImageUpdateAutomation + listKind: ImageUpdateAutomationList + plural: imageupdateautomations + singular: imageupdateautomation + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.lastAutomationRunTime + name: Last run + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ImageUpdateAutomation is the Schema for the imageupdateautomations + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ImageUpdateAutomationSpec defines the desired state of ImageUpdateAutomation + properties: + checkout: + description: Checkout gives the parameters for cloning the git repository, + ready to make changes. + properties: + branch: + description: Branch gives the branch to clone from the git repository. + If `.spec.push` is not supplied, commits will also be pushed + to this branch. + type: string + gitRepositoryRef: + description: GitRepositoryRef refers to the resource giving access + details to a git repository to update files in. + properties: + name: + description: Name of the referent + type: string + required: + - name + type: object + required: + - branch + - gitRepositoryRef + type: object + commit: + description: Commit specifies how to commit to the git repository. + properties: + authorEmail: + description: AuthorEmail gives the email to provide when making + a commit + type: string + authorName: + description: AuthorName gives the name to provide when making + a commit + type: string + messageTemplate: + description: MessageTemplate provides a template for the commit + message, into which will be interpolated the details of the + change made. + type: string + signingKey: + description: SigningKey provides the option to sign commits with + a GPG key + properties: + secretRef: + description: SecretRef holds the name to a secret that contains + a 'git.asc' key corresponding to the ASCII Armored file + containing the GPG signing keypair as the value. It must + be in the same namespace as the ImageUpdateAutomation. + properties: + name: + description: Name of the referent + type: string + required: + - name + type: object + type: object + required: + - authorEmail + - authorName + type: object + interval: + description: Interval gives an lower bound for how often the automation + run should be attempted. + type: string + push: + description: Push specifies how and where to push commits made by + the automation. If missing, commits are pushed (back) to `.spec.checkout.branch`. + properties: + branch: + description: Branch specifies that commits should be pushed to + the branch named. The branch is created using `.spec.checkout.branch` + as the starting point, if it doesn't already exist. + type: string + required: + - branch + type: object + suspend: + description: Suspend tells the controller to not run this automation, + until it is unset (or set to false). Defaults to false. + type: boolean + update: + default: + strategy: Setters + description: Update gives the specification for how to update the + files in the repository. This can be left empty, to use the default + value. + properties: + path: + description: Path to the directory containing the manifests to + be updated. Defaults to 'None', which translates to the root + path of the GitRepositoryRef. + type: string + strategy: + default: Setters + description: Strategy names the strategy to be used. + enum: + - Setters + type: string + required: + - strategy + type: object + required: + - checkout + - commit + - interval + type: object + status: + description: ImageUpdateAutomationStatus defines the observed state of + ImageUpdateAutomation + properties: + conditions: + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastAutomationRunTime: + description: LastAutomationRunTime records the last time the controller + ran this automation through to completion (even if no updates were + made). + format: date-time + type: string + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change can be detected. + type: string + lastPushCommit: + description: LastPushCommit records the SHA1 of the last commit made + by the controller, for this automation object + type: string + lastPushTime: + description: LastPushTime records the time of the last pushed change. + format: date-time + type: string + observedGeneration: + format: int64 + type: integer + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.lastAutomationRunTime + name: Last run + type: string + name: v1alpha2 + schema: + openAPIV3Schema: + description: ImageUpdateAutomation is the Schema for the imageupdateautomations + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ImageUpdateAutomationSpec defines the desired state of ImageUpdateAutomation + properties: + git: + description: GitSpec contains all the git-specific definitions. This + is technically optional, but in practice mandatory until there are + other kinds of source allowed. + properties: + checkout: + description: Checkout gives the parameters for cloning the git + repository, ready to make changes. If not present, the `spec.ref` + field from the referenced `GitRepository` or its default will + be used. + properties: + ref: + description: Reference gives a branch, tag or commit to clone + from the Git repository. + properties: + branch: + default: master + description: The Git branch to checkout, defaults to master. + type: string + commit: + description: The Git commit SHA to checkout, if specified + Tag filters will be ignored. + type: string + semver: + description: The Git tag semver expression, takes precedence + over Tag. + type: string + tag: + description: The Git tag to checkout, takes precedence + over Branch. + type: string + type: object + required: + - ref + type: object + commit: + description: Commit specifies how to commit to the git repository. + properties: + author: + description: Author gives the email and optionally the name + to use as the author of commits. + properties: + email: + description: Email gives the email to provide when making + a commit. + type: string + name: + description: Name gives the name to provide when making + a commit. + type: string + required: + - email + type: object + messageTemplate: + description: MessageTemplate provides a template for the commit + message, into which will be interpolated the details of + the change made. + type: string + signingKey: + description: SigningKey provides the option to sign commits + with a GPG key + properties: + secretRef: + description: SecretRef holds the name to a secret that + contains a 'git.asc' key corresponding to the ASCII + Armored file containing the GPG signing keypair as the + value. It must be in the same namespace as the ImageUpdateAutomation. + properties: + name: + description: Name of the referent + type: string + required: + - name + type: object + type: object + required: + - author + type: object + push: + description: Push specifies how and where to push commits made + by the automation. If missing, commits are pushed (back) to + `.spec.checkout.branch` or its default. + properties: + branch: + description: Branch specifies that commits should be pushed + to the branch named. The branch is created using `.spec.checkout.branch` + as the starting point, if it doesn't already exist. + type: string + required: + - branch + type: object + required: + - commit + type: object + interval: + description: Interval gives an lower bound for how often the automation + run should be attempted. + type: string + sourceRef: + description: SourceRef refers to the resource giving access details + to a git repository. + properties: + apiVersion: + description: API version of the referent + type: string + kind: + default: GitRepository + description: Kind of the referent + enum: + - GitRepository + type: string + name: + description: Name of the referent + type: string + required: + - kind + - name + type: object + suspend: + description: Suspend tells the controller to not run this automation, + until it is unset (or set to false). Defaults to false. + type: boolean + update: + default: + strategy: Setters + description: Update gives the specification for how to update the + files in the repository. This can be left empty, to use the default + value. + properties: + path: + description: Path to the directory containing the manifests to + be updated. Defaults to 'None', which translates to the root + path of the GitRepositoryRef. + type: string + strategy: + default: Setters + description: Strategy names the strategy to be used. + enum: + - Setters + type: string + required: + - strategy + type: object + required: + - interval + - sourceRef + type: object + status: + description: ImageUpdateAutomationStatus defines the observed state of + ImageUpdateAutomation + properties: + conditions: + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastAutomationRunTime: + description: LastAutomationRunTime records the last time the controller + ran this automation through to completion (even if no updates were + made). + format: date-time + type: string + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change can be detected. + type: string + lastPushCommit: + description: LastPushCommit records the SHA1 of the last commit made + by the controller, for this automation object + type: string + lastPushTime: + description: LastPushTime records the time of the last pushed change. + format: date-time + type: string + observedGeneration: + format: int64 + type: integer + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.lastAutomationRunTime + name: Last run + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: ImageUpdateAutomation is the Schema for the imageupdateautomations + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ImageUpdateAutomationSpec defines the desired state of ImageUpdateAutomation + properties: + git: + description: GitSpec contains all the git-specific definitions. This + is technically optional, but in practice mandatory until there are + other kinds of source allowed. + properties: + checkout: + description: Checkout gives the parameters for cloning the git + repository, ready to make changes. If not present, the `spec.ref` + field from the referenced `GitRepository` or its default will + be used. + properties: + ref: + description: Reference gives a branch, tag or commit to clone + from the Git repository. + properties: + branch: + default: master + description: The Git branch to checkout, defaults to master. + type: string + commit: + description: The Git commit SHA to checkout, if specified + Tag filters will be ignored. + type: string + semver: + description: The Git tag semver expression, takes precedence + over Tag. + type: string + tag: + description: The Git tag to checkout, takes precedence + over Branch. + type: string + type: object + required: + - ref + type: object + commit: + description: Commit specifies how to commit to the git repository. + properties: + author: + description: Author gives the email and optionally the name + to use as the author of commits. + properties: + email: + description: Email gives the email to provide when making + a commit. + type: string + name: + description: Name gives the name to provide when making + a commit. + type: string + required: + - email + type: object + messageTemplate: + description: MessageTemplate provides a template for the commit + message, into which will be interpolated the details of + the change made. + type: string + signingKey: + description: SigningKey provides the option to sign commits + with a GPG key + properties: + secretRef: + description: SecretRef holds the name to a secret that + contains a 'git.asc' key corresponding to the ASCII + Armored file containing the GPG signing keypair as the + value. It must be in the same namespace as the ImageUpdateAutomation. + properties: + name: + description: Name of the referent + type: string + required: + - name + type: object + type: object + required: + - author + type: object + push: + description: Push specifies how and where to push commits made + by the automation. If missing, commits are pushed (back) to + `.spec.checkout.branch` or its default. + properties: + branch: + description: Branch specifies that commits should be pushed + to the branch named. The branch is created using `.spec.checkout.branch` + as the starting point, if it doesn't already exist. + type: string + required: + - branch + type: object + required: + - commit + type: object + interval: + description: Interval gives an lower bound for how often the automation + run should be attempted. + type: string + sourceRef: + description: SourceRef refers to the resource giving access details + to a git repository. + properties: + apiVersion: + description: API version of the referent + type: string + kind: + default: GitRepository + description: Kind of the referent + enum: + - GitRepository + type: string + name: + description: Name of the referent + type: string + required: + - kind + - name + type: object + suspend: + description: Suspend tells the controller to not run this automation, + until it is unset (or set to false). Defaults to false. + type: boolean + update: + default: + strategy: Setters + description: Update gives the specification for how to update the + files in the repository. This can be left empty, to use the default + value. + properties: + path: + description: Path to the directory containing the manifests to + be updated. Defaults to 'None', which translates to the root + path of the GitRepositoryRef. + type: string + strategy: + default: Setters + description: Strategy names the strategy to be used. + enum: + - Setters + type: string + required: + - strategy + type: object + required: + - interval + - sourceRef + type: object + status: + description: ImageUpdateAutomationStatus defines the observed state of + ImageUpdateAutomation + properties: + conditions: + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastAutomationRunTime: + description: LastAutomationRunTime records the last time the controller + ran this automation through to completion (even if no updates were + made). + format: date-time + type: string + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change can be detected. + type: string + lastPushCommit: + description: LastPushCommit records the SHA1 of the last commit made + by the controller, for this automation object + type: string + lastPushTime: + description: LastPushTime records the time of the last pushed change. + format: date-time + type: string + observedGeneration: + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.5.0 @@ -3521,6 +5470,26 @@ metadata: --- apiVersion: v1 kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.19.1 + name: image-automation-controller + namespace: flux-system +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.19.1 + name: image-reflector-controller + namespace: flux-system +--- +apiVersion: v1 +kind: ServiceAccount metadata: labels: app.kubernetes.io/instance: flux-system @@ -3817,6 +5786,160 @@ spec: --- apiVersion: apps/v1 kind: Deployment +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.19.1 + control-plane: controller + name: image-automation-controller + namespace: flux-system +spec: + replicas: 1 + selector: + matchLabels: + app: image-automation-controller + template: + metadata: + annotations: + prometheus.io/port: "8080" + prometheus.io/scrape: "true" + labels: + app: image-automation-controller + spec: + containers: + - args: + - --events-addr=http://notification-controller/ + - --watch-all-namespaces=true + - --log-level=info + - --log-encoding=json + - --enable-leader-election + env: + - name: RUNTIME_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: ghcr.io/fluxcd/image-automation-controller:v0.15.0 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: healthz + name: manager + ports: + - containerPort: 8080 + name: http-prom + - containerPort: 9440 + name: healthz + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz + resources: + limits: + cpu: 1000m + memory: 1Gi + requests: + cpu: 100m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + volumeMounts: + - mountPath: /tmp + name: temp + nodeSelector: + kubernetes.io/os: linux + securityContext: + fsGroup: 1337 + serviceAccountName: image-automation-controller + terminationGracePeriodSeconds: 10 + volumes: + - emptyDir: {} + name: temp +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.19.1 + control-plane: controller + name: image-reflector-controller + namespace: flux-system +spec: + replicas: 1 + selector: + matchLabels: + app: image-reflector-controller + template: + metadata: + annotations: + prometheus.io/port: "8080" + prometheus.io/scrape: "true" + labels: + app: image-reflector-controller + spec: + containers: + - args: + - --events-addr=http://notification-controller/ + - --watch-all-namespaces=true + - --log-level=info + - --log-encoding=json + - --enable-leader-election + env: + - name: RUNTIME_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: ghcr.io/fluxcd/image-reflector-controller:v0.13.0 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: healthz + name: manager + ports: + - containerPort: 8080 + name: http-prom + - containerPort: 9440 + name: healthz + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz + resources: + limits: + cpu: 1000m + memory: 1Gi + requests: + cpu: 100m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + volumeMounts: + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + nodeSelector: + kubernetes.io/os: linux + securityContext: + fsGroup: 1337 + serviceAccountName: image-reflector-controller + terminationGracePeriodSeconds: 10 + volumes: + - emptyDir: {} + name: temp + - emptyDir: {} + name: data +--- +apiVersion: apps/v1 +kind: Deployment metadata: labels: app.kubernetes.io/instance: flux-system -- 2.47.1 From 952340b1f4b2657cf445ff6c59534c5f2b36eb1b Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Thu, 28 Oct 2021 12:38:27 +0200 Subject: [PATCH 0051/1882] readme: add bootstrap info --- README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.md b/README.md index 948ec850..9f52e95e 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,12 @@ The main directory is `cluster`, it contains the following subdirectories in the * **core**: important core infrastructure applications, grouped by namespace, that should never be pruned * **apps**: common applications that are allowed to be pruned by flux +## Bootstrap +The cluster was bootstrapped using the following command: +``` +flux bootstrap git --url=ssh://git@git.xirion.net:2222/olympus/flux.git --branch=main --path=cluster/base/ --ssh-key-algorithm=ed25519 --components-extra=image-reflector-controller,image-automation-controller +``` + ## References Heavily inspired by: [onedr0p's cluster](https://github.com/onedr0p/home-cluster) -- 2.47.1 From 5f28844cea0d487ca6fef77bc71f0a55514517c4 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Thu, 28 Oct 2021 17:44:32 +0200 Subject: [PATCH 0052/1882] add: zookeeper --- .../presidential-paradise/kustomization.yaml | 1 + .../zookeeper/deployment.yaml | 45 +++++++++++++++++++ .../zookeeper/ingress.yaml | 18 ++++++++ .../zookeeper/kustomization.yaml | 6 +++ .../presidential-paradise/zookeeper/svc.yaml | 24 ++++++++++ 5 files changed, 94 insertions(+) create mode 100644 cluster/apps/presidential-paradise/zookeeper/deployment.yaml create mode 100644 cluster/apps/presidential-paradise/zookeeper/ingress.yaml create mode 100644 cluster/apps/presidential-paradise/zookeeper/kustomization.yaml create mode 100644 cluster/apps/presidential-paradise/zookeeper/svc.yaml diff --git a/cluster/apps/presidential-paradise/kustomization.yaml b/cluster/apps/presidential-paradise/kustomization.yaml index d5ef44b4..cd9cd51d 100644 --- a/cluster/apps/presidential-paradise/kustomization.yaml +++ b/cluster/apps/presidential-paradise/kustomization.yaml @@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - wooloofanclub + - zookeeper diff --git a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml new file mode 100644 index 00000000..1a3ebc5d --- /dev/null +++ b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml @@ -0,0 +1,45 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: zookeeper + namespace: presidential-paradise + labels: + app: zookeeper +spec: + replicas: 3 + selector: + matchLabels: + app: zookeeper + strategy: + type: RollingUpdate + rollingUpdate: + maxSurge: 34% + maxUnavailable: 34% + template: + metadata: + name: zookeeper + labels: + app: zookeeper + spec: + containers: + - name: zookeeper + image: ghcr.io/nullx76/zookeeper:latest + ports: + - containerPort: 8085 + env: + - name: LANG + value: C.UTF-8 + - name: HOSTNAME + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: SERVICE_NAME + value: zookeeper-private.default.svc.cluster.local + resources: {} + securityContext: + privileged: false + procMount: Default + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + terminationGracePeriodSeconds: 30 diff --git a/cluster/apps/presidential-paradise/zookeeper/ingress.yaml b/cluster/apps/presidential-paradise/zookeeper/ingress.yaml new file mode 100644 index 00000000..40c98a2b --- /dev/null +++ b/cluster/apps/presidential-paradise/zookeeper/ingress.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: zookeeper + namespace: presidential-paradise +spec: + rules: + - host: "zookeeper.0x76.dev" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: zookeeper + port: + number: 8085 + diff --git a/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml b/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml new file mode 100644 index 00000000..5b33a50e --- /dev/null +++ b/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - deployment.yaml + - svc.yaml + - ingress.yaml diff --git a/cluster/apps/presidential-paradise/zookeeper/svc.yaml b/cluster/apps/presidential-paradise/zookeeper/svc.yaml new file mode 100644 index 00000000..ea3bfa1f --- /dev/null +++ b/cluster/apps/presidential-paradise/zookeeper/svc.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + name: zookeeper-private + namespace: presidential-paradise +spec: + clusterIP: None + ports: + - name: epmd + port: 4369 + selector: + app: zookeeper +--- +apiVersion: v1 +kind: Service +metadata: + name: zookeeper + namespace: presidential-paradise +spec: + ports: + - name: http + port: 8085 + selector: + app: zookeeper -- 2.47.1 From 3329b1fb47026747a663d572009649f13c8fe1cc Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Thu, 28 Oct 2021 17:48:40 +0200 Subject: [PATCH 0053/1882] zookeeper: change tag --- cluster/apps/presidential-paradise/zookeeper/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml index 1a3ebc5d..12cb0c5c 100644 --- a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml @@ -23,7 +23,7 @@ spec: spec: containers: - name: zookeeper - image: ghcr.io/nullx76/zookeeper:latest + image: ghcr.io/nullx76/zookeeper:manual ports: - containerPort: 8085 env: -- 2.47.1 From 3e1aa0a5b723e920977110fcd7e7d0a7eefb9ba6 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Thu, 28 Oct 2021 17:50:02 +0200 Subject: [PATCH 0054/1882] zookeeper: change tag (again) --- cluster/apps/presidential-paradise/zookeeper/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml index 12cb0c5c..c464580f 100644 --- a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml @@ -23,7 +23,7 @@ spec: spec: containers: - name: zookeeper - image: ghcr.io/nullx76/zookeeper:manual + image: docker.io/0x76/zookeeper:manual ports: - containerPort: 8085 env: -- 2.47.1 From f35923b438474738c63e12b241557fa527b18690 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Thu, 28 Oct 2021 17:51:35 +0200 Subject: [PATCH 0055/1882] zookeeper: undeploy (for now) --- cluster/apps/presidential-paradise/kustomization.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/cluster/apps/presidential-paradise/kustomization.yaml b/cluster/apps/presidential-paradise/kustomization.yaml index cd9cd51d..d5ef44b4 100644 --- a/cluster/apps/presidential-paradise/kustomization.yaml +++ b/cluster/apps/presidential-paradise/kustomization.yaml @@ -2,4 +2,3 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - wooloofanclub - - zookeeper -- 2.47.1 From a0e5dd9a63ab0c5dac576dd3482636d27a1e188c Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Thu, 28 Oct 2021 18:20:27 +0200 Subject: [PATCH 0056/1882] crds: external-secrets --- cluster/crds/external-secrets/crds.yaml | 31 +++++++++++++++++++ .../crds/external-secrets/kustomization.yaml | 4 +++ cluster/crds/kustomization.yaml | 1 + 3 files changed, 36 insertions(+) create mode 100644 cluster/crds/external-secrets/crds.yaml create mode 100644 cluster/crds/external-secrets/kustomization.yaml diff --git a/cluster/crds/external-secrets/crds.yaml b/cluster/crds/external-secrets/crds.yaml new file mode 100644 index 00000000..ae88a33d --- /dev/null +++ b/cluster/crds/external-secrets/crds.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1beta1 +kind: GitRepository +metadata: + name: external-secrets-crd-source + namespace: flux-system +spec: + interval: 30m + url: https://github.com/external-secrets/external-secrets.git + ref: + # renovate: registryUrl=https://charts.external-secrets.io chart=external-secrets + tag: v0.3.7 + ignore: | + # exclude all + /* + # path to crds + !/deploy/crds/ +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +kind: Kustomization +metadata: + name: external-secrets-crds + namespace: flux-system +spec: + interval: 15m + prune: false + wait: true + sourceRef: + kind: GitRepository + name: external-secrets-crd-source + diff --git a/cluster/crds/external-secrets/kustomization.yaml b/cluster/crds/external-secrets/kustomization.yaml new file mode 100644 index 00000000..2ed3b351 --- /dev/null +++ b/cluster/crds/external-secrets/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - crds.yaml diff --git a/cluster/crds/kustomization.yaml b/cluster/crds/kustomization.yaml index 15e57e2b..f2ee43c6 100644 --- a/cluster/crds/kustomization.yaml +++ b/cluster/crds/kustomization.yaml @@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - traefik + - external-secrets -- 2.47.1 From 4d159059f1e11ac692ce87785598735bed042651 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Thu, 28 Oct 2021 18:26:24 +0200 Subject: [PATCH 0057/1882] namespaces: add external-secrets --- cluster/core/namespaces/external-secrets.yaml | 5 +++++ cluster/core/namespaces/kustomization.yaml | 2 ++ 2 files changed, 7 insertions(+) create mode 100644 cluster/core/namespaces/external-secrets.yaml diff --git a/cluster/core/namespaces/external-secrets.yaml b/cluster/core/namespaces/external-secrets.yaml new file mode 100644 index 00000000..591aac5d --- /dev/null +++ b/cluster/core/namespaces/external-secrets.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: external-secrets diff --git a/cluster/core/namespaces/kustomization.yaml b/cluster/core/namespaces/kustomization.yaml index 8b2dd57b..5f33cedc 100644 --- a/cluster/core/namespaces/kustomization.yaml +++ b/cluster/core/namespaces/kustomization.yaml @@ -3,3 +3,5 @@ kind: Kustomization resources: - presidential-paradise.yaml - networking.yaml + - external-secrets.yaml + -- 2.47.1 From 6ca75c2b73d89698d955003752da0698399f0213 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Thu, 28 Oct 2021 18:40:32 +0200 Subject: [PATCH 0058/1882] charts: add external-secrets --- .../charts/helm/external-secrets-charts.yaml | 10 ++++++++++ .../base/flux-system/charts/helm/kustomization.yaml | 2 ++ 2 files changed, 12 insertions(+) create mode 100644 cluster/base/flux-system/charts/helm/external-secrets-charts.yaml diff --git a/cluster/base/flux-system/charts/helm/external-secrets-charts.yaml b/cluster/base/flux-system/charts/helm/external-secrets-charts.yaml new file mode 100644 index 00000000..2d49244d --- /dev/null +++ b/cluster/base/flux-system/charts/helm/external-secrets-charts.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1beta1 +kind: HelmRepository +metadata: + name: external-secrets-charts + namespace: flux-system +spec: + interval: 15m0s + url: https://charts.external-secrets.io + diff --git a/cluster/base/flux-system/charts/helm/kustomization.yaml b/cluster/base/flux-system/charts/helm/kustomization.yaml index 65d6813f..cc37fadd 100644 --- a/cluster/base/flux-system/charts/helm/kustomization.yaml +++ b/cluster/base/flux-system/charts/helm/kustomization.yaml @@ -3,3 +3,5 @@ kind: Kustomization resources: - metallb-charts.yaml - traefik-charts.yaml + - external-secrets-charts.yaml + -- 2.47.1 From 4b0f7fe2f67f1bcd795d9b888d8526b10fa26ee3 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Thu, 28 Oct 2021 18:47:10 +0200 Subject: [PATCH 0059/1882] external-secrets: added it --- .../external-secrets/helm-release.yaml | 22 +++++++++++++++++++ .../external-secrets/kustomization.yaml | 5 +++++ .../core/external-secrets/kustomization.yaml | 5 +++++ cluster/core/kustomization.yaml | 2 ++ 4 files changed, 34 insertions(+) create mode 100644 cluster/core/external-secrets/external-secrets/helm-release.yaml create mode 100644 cluster/core/external-secrets/external-secrets/kustomization.yaml create mode 100644 cluster/core/external-secrets/kustomization.yaml diff --git a/cluster/core/external-secrets/external-secrets/helm-release.yaml b/cluster/core/external-secrets/external-secrets/helm-release.yaml new file mode 100644 index 00000000..60789741 --- /dev/null +++ b/cluster/core/external-secrets/external-secrets/helm-release.yaml @@ -0,0 +1,22 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: external-secrets + namespace: external-secrets +spec: + interval: 5m + chart: + spec: + # renovate: registryUrl=https://charts.external-secrets.io + chart: external-secrets + version: 0.3.7 + sourceRef: + kind: HelmRepository + name: external-secrets-charts + namespace: flux-system + interval: 5m + values: + configInline: + installCRDs: false + diff --git a/cluster/core/external-secrets/external-secrets/kustomization.yaml b/cluster/core/external-secrets/external-secrets/kustomization.yaml new file mode 100644 index 00000000..2fa2de20 --- /dev/null +++ b/cluster/core/external-secrets/external-secrets/kustomization.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - helm-release.yaml diff --git a/cluster/core/external-secrets/kustomization.yaml b/cluster/core/external-secrets/kustomization.yaml new file mode 100644 index 00000000..cf78af62 --- /dev/null +++ b/cluster/core/external-secrets/kustomization.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - external-secrets diff --git a/cluster/core/kustomization.yaml b/cluster/core/kustomization.yaml index bf0a6d5c..88687c77 100644 --- a/cluster/core/kustomization.yaml +++ b/cluster/core/kustomization.yaml @@ -3,3 +3,5 @@ kind: Kustomization resources: - namespaces - networking + - external-secrets + -- 2.47.1 From 579f8a7c268455df3fb040ece6b3074d9e231936 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Thu, 28 Oct 2021 18:57:26 +0200 Subject: [PATCH 0060/1882] external-secrets: skip crds --- .../core/external-secrets/external-secrets/helm-release.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cluster/core/external-secrets/external-secrets/helm-release.yaml b/cluster/core/external-secrets/external-secrets/helm-release.yaml index 60789741..4d146868 100644 --- a/cluster/core/external-secrets/external-secrets/helm-release.yaml +++ b/cluster/core/external-secrets/external-secrets/helm-release.yaml @@ -19,4 +19,7 @@ spec: values: configInline: installCRDs: false - + install: + crds: Skip + upgrade: + crds: Skip \ No newline at end of file -- 2.47.1 From d149cd50d4fcba055f21f31f4c44eb75cfa6dc26 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Thu, 28 Oct 2021 19:06:12 +0200 Subject: [PATCH 0061/1882] external-secrets: skip crds (again) --- .../core/external-secrets/external-secrets/helm-release.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cluster/core/external-secrets/external-secrets/helm-release.yaml b/cluster/core/external-secrets/external-secrets/helm-release.yaml index 4d146868..8466118c 100644 --- a/cluster/core/external-secrets/external-secrets/helm-release.yaml +++ b/cluster/core/external-secrets/external-secrets/helm-release.yaml @@ -17,8 +17,7 @@ spec: namespace: flux-system interval: 5m values: - configInline: - installCRDs: false + installCRDs: false install: crds: Skip upgrade: -- 2.47.1 From 888b33fa772bc75af511d1f251e45ae3522487f9 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Fri, 29 Oct 2021 20:21:25 +0200 Subject: [PATCH 0062/1882] external-secrets: add vault store --- .../external-secrets/kustomization.yaml | 1 + .../external-secrets/vault-secret-store.yaml | 26 +++++++++++++++++++ 2 files changed, 27 insertions(+) create mode 100644 cluster/core/external-secrets/external-secrets/vault-secret-store.yaml diff --git a/cluster/core/external-secrets/external-secrets/kustomization.yaml b/cluster/core/external-secrets/external-secrets/kustomization.yaml index 2fa2de20..28844c0b 100644 --- a/cluster/core/external-secrets/external-secrets/kustomization.yaml +++ b/cluster/core/external-secrets/external-secrets/kustomization.yaml @@ -3,3 +3,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - helm-release.yaml + - vault-secret-store diff --git a/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml b/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml new file mode 100644 index 00000000..929866ed --- /dev/null +++ b/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml @@ -0,0 +1,26 @@ +apiVersion: external-secrets.io/v1alpha1 +kind: ClusterSecretStore +metadata: + name: vault + namespace: external-secrets +spec: + provider: + vault: + server: "http://10.42.42.6:8200" + path: "k8s" + version: "v2" + auth: + # VaultAppRole authenticates with Vault using the + # App Role auth mechanism + # https://www.vaultproject.io/docs/auth/approle + appRole: + # Path where the App Role authentication backend is mounted + path: "approle" + # RoleID configured in the App Role authentication backend + roleId: "bb841a0e-45c1-9dab-36f0-f72647d6aff0" + # Reference to a key in a K8 Secret that contains the App Role SecretId + # (not commited in git) + secretRef: + name: "vault-secret-id" + namespace: "external-secrets" + key: "secret-id" -- 2.47.1 From 3649baa5e45c8105ac5b7709d8f153ffc3003f6c Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Fri, 29 Oct 2021 20:22:31 +0200 Subject: [PATCH 0063/1882] external-secrets: add vault store (fix) --- .../core/external-secrets/external-secrets/kustomization.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/core/external-secrets/external-secrets/kustomization.yaml b/cluster/core/external-secrets/external-secrets/kustomization.yaml index 28844c0b..686d8782 100644 --- a/cluster/core/external-secrets/external-secrets/kustomization.yaml +++ b/cluster/core/external-secrets/external-secrets/kustomization.yaml @@ -3,4 +3,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - helm-release.yaml - - vault-secret-store + - vault-secret-store.yaml -- 2.47.1 From f209adfa41b0f46770b7e6362aeddf511ddbb086 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Fri, 29 Oct 2021 21:11:54 +0200 Subject: [PATCH 0064/1882] zookeeper: re-add w/ secrets --- .../presidential-paradise/kustomization.yaml | 1 + .../zookeeper/deployment.yaml | 3 ++ .../zookeeper/external-secret.yaml | 30 +++++++++++++++++++ .../zookeeper/kustomization.yaml | 1 + 4 files changed, 35 insertions(+) create mode 100644 cluster/apps/presidential-paradise/zookeeper/external-secret.yaml diff --git a/cluster/apps/presidential-paradise/kustomization.yaml b/cluster/apps/presidential-paradise/kustomization.yaml index d5ef44b4..cd9cd51d 100644 --- a/cluster/apps/presidential-paradise/kustomization.yaml +++ b/cluster/apps/presidential-paradise/kustomization.yaml @@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - wooloofanclub + - zookeeper diff --git a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml index c464580f..8eb34af2 100644 --- a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml @@ -26,6 +26,9 @@ spec: image: docker.io/0x76/zookeeper:manual ports: - containerPort: 8085 + envFrom: + - secretRef: + name: zookeeper env: - name: LANG value: C.UTF-8 diff --git a/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml b/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml new file mode 100644 index 00000000..744b5164 --- /dev/null +++ b/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml @@ -0,0 +1,30 @@ +apiVersion: external-secrets.io/v1alpha1 +kind: ExternalSecret +metadata: + name: zookeeper + namespace: presidential-paradise +spec: + refreshInterval: "5m" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: zookeeper + namespace: presidential-paradise + data: + - secretKey: DISCORD_APP_ID + remoteRef: + key: k8s/presidential-paradise/zookeeper + property: discord_app_id + - secretKey: DISCORD_PUBLIC_KEY + remoteRef: + key: k8s/presidential-paradise/zookeeper + property: discord_public_key + - secretKey: DISCORD_TOKEN + remoteRef: + key: k8s/presidential-paradise/zookeeper + property: discord_token + - secretKey: TWITTER_TOKEN + remoteRef: + key: k8s/presidential-paradise/zookeeper + property: twitter_token diff --git a/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml b/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml index 5b33a50e..3716bd7e 100644 --- a/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml @@ -1,6 +1,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: + - external-secret.yaml - deployment.yaml - svc.yaml - ingress.yaml -- 2.47.1 From 0c513ccf39ed8e3a428129438891b519fd5d7ed3 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Fri, 29 Oct 2021 21:12:55 +0200 Subject: [PATCH 0065/1882] zookeeper: re-add w/ secrets (fix) --- .../apps/presidential-paradise/zookeeper/external-secret.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml b/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml index 744b5164..d880c6fb 100644 --- a/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml @@ -10,7 +10,6 @@ spec: kind: ClusterSecretStore target: name: zookeeper - namespace: presidential-paradise data: - secretKey: DISCORD_APP_ID remoteRef: -- 2.47.1 From a6e7132252ecf62fd93042b5657be3235981e97b Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Fri, 29 Oct 2021 21:26:22 +0200 Subject: [PATCH 0066/1882] external-secrets: reconfig vault --- .../external-secrets/vault-secret-store.yaml | 26 +++++++++++-------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml b/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml index 929866ed..916d7e25 100644 --- a/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml +++ b/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml @@ -13,14 +13,18 @@ spec: # VaultAppRole authenticates with Vault using the # App Role auth mechanism # https://www.vaultproject.io/docs/auth/approle - appRole: - # Path where the App Role authentication backend is mounted - path: "approle" - # RoleID configured in the App Role authentication backend - roleId: "bb841a0e-45c1-9dab-36f0-f72647d6aff0" - # Reference to a key in a K8 Secret that contains the App Role SecretId - # (not commited in git) - secretRef: - name: "vault-secret-id" - namespace: "external-secrets" - key: "secret-id" + tokenSecretRef: + name: "vault-secret-id" + namespace: "external-secrets" + key: "token" + # appRole: + # # Path where the App Role authentication backend is mounted + # path: "approle" + # # RoleID configured in the App Role authentication backend + # roleId: "bb841a0e-45c1-9dab-36f0-f72647d6aff0" + # # Reference to a key in a K8 Secret that contains the App Role SecretId + # # (not commited in git) + # secretRef: + # name: "vault-secret-id" + # namespace: "external-secrets" + # key: "secret-id" -- 2.47.1 From e22c22a58a50c1f5e44e61fb44e641ade5a09e2a Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Fri, 29 Oct 2021 21:30:31 +0200 Subject: [PATCH 0067/1882] external-secrets: change back to approle and remove prefix --- .../zookeeper/external-secret.yaml | 8 ++--- .../external-secrets/vault-secret-store.yaml | 30 +++++++++---------- 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml b/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml index d880c6fb..e506c034 100644 --- a/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml @@ -13,17 +13,17 @@ spec: data: - secretKey: DISCORD_APP_ID remoteRef: - key: k8s/presidential-paradise/zookeeper + key: presidential-paradise/zookeeper property: discord_app_id - secretKey: DISCORD_PUBLIC_KEY remoteRef: - key: k8s/presidential-paradise/zookeeper + key: presidential-paradise/zookeeper property: discord_public_key - secretKey: DISCORD_TOKEN remoteRef: - key: k8s/presidential-paradise/zookeeper + key: presidential-paradise/zookeeper property: discord_token - secretKey: TWITTER_TOKEN remoteRef: - key: k8s/presidential-paradise/zookeeper + key: presidential-paradise/zookeeper property: twitter_token diff --git a/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml b/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml index 916d7e25..e10a2566 100644 --- a/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml +++ b/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml @@ -13,18 +13,18 @@ spec: # VaultAppRole authenticates with Vault using the # App Role auth mechanism # https://www.vaultproject.io/docs/auth/approle - tokenSecretRef: - name: "vault-secret-id" - namespace: "external-secrets" - key: "token" - # appRole: - # # Path where the App Role authentication backend is mounted - # path: "approle" - # # RoleID configured in the App Role authentication backend - # roleId: "bb841a0e-45c1-9dab-36f0-f72647d6aff0" - # # Reference to a key in a K8 Secret that contains the App Role SecretId - # # (not commited in git) - # secretRef: - # name: "vault-secret-id" - # namespace: "external-secrets" - # key: "secret-id" + # tokenSecretRef: + # name: "vault-secret-id" + # namespace: "external-secrets" + # key: "token" + appRole: + # Path where the App Role authentication backend is mounted + path: "approle" + # RoleID configured in the App Role authentication backend + roleId: "bb841a0e-45c1-9dab-36f0-f72647d6aff0" + # Reference to a key in a K8 Secret that contains the App Role SecretId + # (not commited in git) + secretRef: + name: "vault-secret-id" + namespace: "external-secrets" + key: "secret-id" -- 2.47.1 From b9519be477ca28d56a21c7456047130b6df721b5 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Fri, 29 Oct 2021 21:33:16 +0200 Subject: [PATCH 0068/1882] external-secrets: back to token again?? --- .../external-secrets/vault-secret-store.yaml | 30 +++++++++---------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml b/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml index e10a2566..916d7e25 100644 --- a/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml +++ b/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml @@ -13,18 +13,18 @@ spec: # VaultAppRole authenticates with Vault using the # App Role auth mechanism # https://www.vaultproject.io/docs/auth/approle - # tokenSecretRef: - # name: "vault-secret-id" - # namespace: "external-secrets" - # key: "token" - appRole: - # Path where the App Role authentication backend is mounted - path: "approle" - # RoleID configured in the App Role authentication backend - roleId: "bb841a0e-45c1-9dab-36f0-f72647d6aff0" - # Reference to a key in a K8 Secret that contains the App Role SecretId - # (not commited in git) - secretRef: - name: "vault-secret-id" - namespace: "external-secrets" - key: "secret-id" + tokenSecretRef: + name: "vault-secret-id" + namespace: "external-secrets" + key: "token" + # appRole: + # # Path where the App Role authentication backend is mounted + # path: "approle" + # # RoleID configured in the App Role authentication backend + # roleId: "bb841a0e-45c1-9dab-36f0-f72647d6aff0" + # # Reference to a key in a K8 Secret that contains the App Role SecretId + # # (not commited in git) + # secretRef: + # name: "vault-secret-id" + # namespace: "external-secrets" + # key: "secret-id" -- 2.47.1 From af83663b9f23fe42191bf5a6e1e5a4e60f348aca Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Fri, 29 Oct 2021 22:25:42 +0200 Subject: [PATCH 0069/1882] unstage zookeeper --- cluster/apps/presidential-paradise/kustomization.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/apps/presidential-paradise/kustomization.yaml b/cluster/apps/presidential-paradise/kustomization.yaml index cd9cd51d..bf59f128 100644 --- a/cluster/apps/presidential-paradise/kustomization.yaml +++ b/cluster/apps/presidential-paradise/kustomization.yaml @@ -2,4 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - wooloofanclub - - zookeeper + # - zookeeper -- 2.47.1 From 77ca28d27bcff34584a84be168552cbc1f4713c0 Mon Sep 17 00:00:00 2001 From: Flux <> Date: Fri, 29 Oct 2021 22:30:24 +0200 Subject: [PATCH 0070/1882] Add Flux v0.20.0 component manifests --- cluster/base/flux-system/gotk-components.yaml | 73 +++++++++---------- 1 file changed, 36 insertions(+), 37 deletions(-) diff --git a/cluster/base/flux-system/gotk-components.yaml b/cluster/base/flux-system/gotk-components.yaml index 6be397d8..9f993039 100644 --- a/cluster/base/flux-system/gotk-components.yaml +++ b/cluster/base/flux-system/gotk-components.yaml @@ -4,7 +4,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: flux-system --- apiVersion: apiextensions.k8s.io/v1 @@ -16,7 +16,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -228,7 +228,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -459,7 +459,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -559,7 +559,6 @@ spec: defaults to master branch. properties: branch: - default: master description: The Git branch to checkout, defaults to master. type: string commit: @@ -790,7 +789,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1045,7 +1044,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -1805,7 +1804,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2023,7 +2022,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: imagepolicies.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -2612,7 +2611,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: imagerepositories.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3170,7 +3169,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: imageupdateautomations.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3972,7 +3971,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -5047,7 +5046,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5247,7 +5246,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5464,7 +5463,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: helm-controller namespace: flux-system --- @@ -5474,7 +5473,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: image-automation-controller namespace: flux-system --- @@ -5484,7 +5483,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: image-reflector-controller namespace: flux-system --- @@ -5494,7 +5493,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: kustomize-controller namespace: flux-system --- @@ -5504,7 +5503,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: notification-controller namespace: flux-system --- @@ -5514,7 +5513,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: source-controller namespace: flux-system --- @@ -5524,7 +5523,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: crd-controller-flux-system rules: - apiGroups: @@ -5605,7 +5604,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -5625,7 +5624,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -5657,7 +5656,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 control-plane: controller name: notification-controller namespace: flux-system @@ -5677,7 +5676,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 control-plane: controller name: source-controller namespace: flux-system @@ -5697,7 +5696,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 control-plane: controller name: webhook-receiver namespace: flux-system @@ -5717,7 +5716,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 control-plane: controller name: helm-controller namespace: flux-system @@ -5790,7 +5789,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 control-plane: controller name: image-automation-controller namespace: flux-system @@ -5819,7 +5818,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-automation-controller:v0.15.0 + image: ghcr.io/fluxcd/image-automation-controller:v0.16.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5865,7 +5864,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 control-plane: controller name: image-reflector-controller namespace: flux-system @@ -5944,7 +5943,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 control-plane: controller name: kustomize-controller namespace: flux-system @@ -6019,7 +6018,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 control-plane: controller name: notification-controller namespace: flux-system @@ -6095,7 +6094,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 control-plane: controller name: source-controller namespace: flux-system @@ -6128,7 +6127,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/source-controller:v0.16.1 + image: ghcr.io/fluxcd/source-controller:v0.17.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6179,7 +6178,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: allow-egress namespace: flux-system spec: @@ -6199,7 +6198,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: allow-scraping namespace: flux-system spec: @@ -6219,7 +6218,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.19.1 + app.kubernetes.io/version: v0.20.0 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From 9c2c5da57a23da4653fe5a87766a5ea5b65e859e Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Fri, 29 Oct 2021 22:44:40 +0200 Subject: [PATCH 0071/1882] external-secrets: back to approle --- .../external-secrets/vault-secret-store.yaml | 26 ++++++++----------- 1 file changed, 11 insertions(+), 15 deletions(-) diff --git a/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml b/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml index 916d7e25..929866ed 100644 --- a/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml +++ b/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml @@ -13,18 +13,14 @@ spec: # VaultAppRole authenticates with Vault using the # App Role auth mechanism # https://www.vaultproject.io/docs/auth/approle - tokenSecretRef: - name: "vault-secret-id" - namespace: "external-secrets" - key: "token" - # appRole: - # # Path where the App Role authentication backend is mounted - # path: "approle" - # # RoleID configured in the App Role authentication backend - # roleId: "bb841a0e-45c1-9dab-36f0-f72647d6aff0" - # # Reference to a key in a K8 Secret that contains the App Role SecretId - # # (not commited in git) - # secretRef: - # name: "vault-secret-id" - # namespace: "external-secrets" - # key: "secret-id" + appRole: + # Path where the App Role authentication backend is mounted + path: "approle" + # RoleID configured in the App Role authentication backend + roleId: "bb841a0e-45c1-9dab-36f0-f72647d6aff0" + # Reference to a key in a K8 Secret that contains the App Role SecretId + # (not commited in git) + secretRef: + name: "vault-secret-id" + namespace: "external-secrets" + key: "secret-id" -- 2.47.1 From 0ddfd835b42990dffa0dbec14ab223920c0292f4 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Fri, 29 Oct 2021 22:46:35 +0200 Subject: [PATCH 0072/1882] zookeeper: include --- cluster/apps/presidential-paradise/kustomization.yaml | 2 +- cluster/apps/presidential-paradise/zookeeper/ingress.yaml | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/cluster/apps/presidential-paradise/kustomization.yaml b/cluster/apps/presidential-paradise/kustomization.yaml index bf59f128..cd9cd51d 100644 --- a/cluster/apps/presidential-paradise/kustomization.yaml +++ b/cluster/apps/presidential-paradise/kustomization.yaml @@ -2,4 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - wooloofanclub - # - zookeeper + - zookeeper diff --git a/cluster/apps/presidential-paradise/zookeeper/ingress.yaml b/cluster/apps/presidential-paradise/zookeeper/ingress.yaml index 40c98a2b..7f9d7fe6 100644 --- a/cluster/apps/presidential-paradise/zookeeper/ingress.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/ingress.yaml @@ -15,4 +15,3 @@ spec: name: zookeeper port: number: 8085 - -- 2.47.1 From 982204ace411ef5b28aa2470a1db8c10fb201b80 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Fri, 29 Oct 2021 22:48:13 +0200 Subject: [PATCH 0073/1882] Revert "zookeeper: include" This reverts commit 0ddfd835b42990dffa0dbec14ab223920c0292f4. --- cluster/apps/presidential-paradise/kustomization.yaml | 2 +- cluster/apps/presidential-paradise/zookeeper/ingress.yaml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/cluster/apps/presidential-paradise/kustomization.yaml b/cluster/apps/presidential-paradise/kustomization.yaml index cd9cd51d..bf59f128 100644 --- a/cluster/apps/presidential-paradise/kustomization.yaml +++ b/cluster/apps/presidential-paradise/kustomization.yaml @@ -2,4 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - wooloofanclub - - zookeeper + # - zookeeper diff --git a/cluster/apps/presidential-paradise/zookeeper/ingress.yaml b/cluster/apps/presidential-paradise/zookeeper/ingress.yaml index 7f9d7fe6..40c98a2b 100644 --- a/cluster/apps/presidential-paradise/zookeeper/ingress.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/ingress.yaml @@ -15,3 +15,4 @@ spec: name: zookeeper port: number: 8085 + -- 2.47.1 From 8097205c2e6e42117b37337544424c2b0a000e34 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Fri, 29 Oct 2021 23:06:46 +0200 Subject: [PATCH 0074/1882] zookeeper: change tag --- cluster/apps/presidential-paradise/kustomization.yaml | 2 +- cluster/apps/presidential-paradise/zookeeper/deployment.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cluster/apps/presidential-paradise/kustomization.yaml b/cluster/apps/presidential-paradise/kustomization.yaml index bf59f128..cd9cd51d 100644 --- a/cluster/apps/presidential-paradise/kustomization.yaml +++ b/cluster/apps/presidential-paradise/kustomization.yaml @@ -2,4 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - wooloofanclub - # - zookeeper + - zookeeper diff --git a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml index 8eb34af2..40188067 100644 --- a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml @@ -23,7 +23,7 @@ spec: spec: containers: - name: zookeeper - image: docker.io/0x76/zookeeper:manual + image: docker.io/0x76/zookeeper:latest ports: - containerPort: 8085 envFrom: -- 2.47.1 From 2740f2cbfbc73093588bdac2731c9c9879e33635 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Fri, 29 Oct 2021 23:09:20 +0200 Subject: [PATCH 0075/1882] zookeeper: fix service name --- cluster/apps/presidential-paradise/zookeeper/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml index 40188067..43a4f2b4 100644 --- a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml @@ -37,7 +37,7 @@ spec: fieldRef: fieldPath: status.podIP - name: SERVICE_NAME - value: zookeeper-private.default.svc.cluster.local + value: zookeeper-private.presidential-paradise.svc.cluster.local resources: {} securityContext: privileged: false -- 2.47.1 From 87e842a75754c981e5596273f41efbae02d53314 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Fri, 29 Oct 2021 23:39:12 +0200 Subject: [PATCH 0076/1882] zookeeper: stuff --- cluster/apps/presidential-paradise/kustomization.yaml | 2 +- .../apps/presidential-paradise/zookeeper/deployment.yaml | 7 +++++-- .../presidential-paradise/zookeeper/external-secret.yaml | 4 ++++ cluster/apps/presidential-paradise/zookeeper/svc.yaml | 3 +++ 4 files changed, 13 insertions(+), 3 deletions(-) diff --git a/cluster/apps/presidential-paradise/kustomization.yaml b/cluster/apps/presidential-paradise/kustomization.yaml index cd9cd51d..bf59f128 100644 --- a/cluster/apps/presidential-paradise/kustomization.yaml +++ b/cluster/apps/presidential-paradise/kustomization.yaml @@ -2,4 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - wooloofanclub - - zookeeper + # - zookeeper diff --git a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml index 43a4f2b4..193f992e 100644 --- a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml @@ -25,14 +25,17 @@ spec: - name: zookeeper image: docker.io/0x76/zookeeper:latest ports: - - containerPort: 8085 + - name: web + containerPort: 8085 + - name: epmd + containerPort: 4369 envFrom: - secretRef: name: zookeeper env: - name: LANG value: C.UTF-8 - - name: HOSTNAME + - name: RELEASE_NODE_IP valueFrom: fieldRef: fieldPath: status.podIP diff --git a/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml b/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml index e506c034..6a4803c8 100644 --- a/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml @@ -27,3 +27,7 @@ spec: remoteRef: key: presidential-paradise/zookeeper property: twitter_token + - secretKey: ERLANG_COOKIE + remoteRef: + key: presidential-paradise/zookeeper + property: erlang_cookie diff --git a/cluster/apps/presidential-paradise/zookeeper/svc.yaml b/cluster/apps/presidential-paradise/zookeeper/svc.yaml index ea3bfa1f..d5dc285c 100644 --- a/cluster/apps/presidential-paradise/zookeeper/svc.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/svc.yaml @@ -8,6 +8,8 @@ spec: ports: - name: epmd port: 4369 + targetPort: epmd + protocol: TCP selector: app: zookeeper --- @@ -19,6 +21,7 @@ metadata: spec: ports: - name: http + targetPort: web port: 8085 selector: app: zookeeper -- 2.47.1 From 06f0ddff013af65f976ea2d522fd776ae66d5814 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sat, 30 Oct 2021 13:24:17 +0200 Subject: [PATCH 0077/1882] zookeeper: nth try --- cluster/apps/presidential-paradise/zookeeper/deployment.yaml | 2 +- .../apps/presidential-paradise/zookeeper/external-secret.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml index 193f992e..e4ebd97a 100644 --- a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml @@ -35,7 +35,7 @@ spec: env: - name: LANG value: C.UTF-8 - - name: RELEASE_NODE_IP + - name: HOSTNAME valueFrom: fieldRef: fieldPath: status.podIP diff --git a/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml b/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml index 6a4803c8..317b1fd0 100644 --- a/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml @@ -27,7 +27,7 @@ spec: remoteRef: key: presidential-paradise/zookeeper property: twitter_token - - secretKey: ERLANG_COOKIE + - secretKey: RELEASE_COOKIE remoteRef: key: presidential-paradise/zookeeper property: erlang_cookie -- 2.47.1 From 5125237d9bd0d3c0c3738290ba62ca7dda117c97 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sat, 30 Oct 2021 13:25:53 +0200 Subject: [PATCH 0078/1882] zookeeper: actually enable it --- cluster/apps/presidential-paradise/kustomization.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/apps/presidential-paradise/kustomization.yaml b/cluster/apps/presidential-paradise/kustomization.yaml index bf59f128..cd9cd51d 100644 --- a/cluster/apps/presidential-paradise/kustomization.yaml +++ b/cluster/apps/presidential-paradise/kustomization.yaml @@ -2,4 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - wooloofanclub - # - zookeeper + - zookeeper -- 2.47.1 From d61b7a376ce3ac27fa7cf82fc8ffb8ed2f25ca3e Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 30 Oct 2021 15:59:28 +0200 Subject: [PATCH 0079/1882] deploy zookeeper, k3s --- hosts/k3s/configuration.nix | 1 + hosts/nginx/configuration.nix | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/hosts/k3s/configuration.nix b/hosts/k3s/configuration.nix index 0af4b9e7..7de2f512 100644 --- a/hosts/k3s/configuration.nix +++ b/hosts/k3s/configuration.nix @@ -44,6 +44,7 @@ "--cluster-init" # Enable embedded etcd "--disable=servicelb" # disable servicelb "--no-deploy=traefik" # we want to configure traefik ourselves (or use nginx instead) + "--cluster-cidr=10.69.0.0/16" # the default of 10.42.0.0/16 clashes with my own network ]; }; } diff --git a/hosts/nginx/configuration.nix b/hosts/nginx/configuration.nix index 9fbfc5a3..44b2ea3f 100644 --- a/hosts/nginx/configuration.nix +++ b/hosts/nginx/configuration.nix @@ -41,16 +41,16 @@ }; }; + # TODO: Make a function for adding hostnames to k8s endpoint(s). virtualHosts."zookeeper.0x76.dev" = { enableACME = true; forceSSL = true; locations."/" = { - proxyPass = "http://10.42.43.28:8085/"; + proxyPass = "http://10.42.42.150:8000/"; proxyWebsockets = true; }; }; - # TODO: Make a function for adding hostnames to k8s endpoint(s). virtualHosts."wooloofan.club" = { enableACME = true; forceSSL = true; -- 2.47.1 From 73af29186b0fc1bada7a49a68ad09fef1ecb6ab5 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 30 Oct 2021 18:31:37 +0200 Subject: [PATCH 0080/1882] updates and simplified nginx config --- flake.lock | 6 ++--- hosts/nginx/configuration.nix | 44 +++++++++++------------------------ 2 files changed, 17 insertions(+), 33 deletions(-) diff --git a/flake.lock b/flake.lock index 018b202c..a7ba9f05 100644 --- a/flake.lock +++ b/flake.lock @@ -54,11 +54,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1635141467, - "narHash": "sha256-H+TVE6tBSm4nAepm7HRfW7AcrndI5e4+TJwCQo4/z+s=", + "lastModified": 1635587056, + "narHash": "sha256-2RzriuQ8OEvY+wRUTpCgIiNNuFukKa7CiEAA0b2gsew=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "38d21595b8fb0a744aa31c5794013bf42cf98fa9", + "rev": "e49cd51ebcbb916e2481555aad8d9548807e9d12", "type": "github" }, "original": { diff --git a/hosts/nginx/configuration.nix b/hosts/nginx/configuration.nix index 44b2ea3f..85f06303 100644 --- a/hosts/nginx/configuration.nix +++ b/hosts/nginx/configuration.nix @@ -3,8 +3,16 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: - -{ +let + k8s_proxy = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://10.42.42.150:8000/"; + proxyWebsockets = true; + }; + }; +in { imports = [ # Import common config ../../common/generic-lxc.nix @@ -31,7 +39,6 @@ recommendedProxySettings = true; recommendedTlsSettings = true; - virtualHosts."ha.0x76.dev" = { enableACME = true; forceSSL = true; @@ -41,33 +48,10 @@ }; }; - # TODO: Make a function for adding hostnames to k8s endpoint(s). - virtualHosts."zookeeper.0x76.dev" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://10.42.42.150:8000/"; - proxyWebsockets = true; - }; - }; - - virtualHosts."wooloofan.club" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://10.42.42.150:8000/"; - proxyWebsockets = true; - }; - }; - - virtualHosts."whoami.wooloofan.club" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://10.42.42.150:8000/"; - proxyWebsockets = true; - }; - }; + # Kubernetes endpoints + virtualHosts."zookeeper.0x76.dev" = k8s_proxy; + virtualHosts."wooloofan.club" = k8s_proxy; + virtualHosts."whoami.wooloofan.club" = k8s_proxy; }; security.acme.email = "victorheld12@gmail.com"; -- 2.47.1 From de3715d0336fd0b5f9ff257c46bcba2861743d9e Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sat, 30 Oct 2021 19:40:30 +0200 Subject: [PATCH 0081/1882] zookeeper: scale back --- cluster/apps/presidential-paradise/zookeeper/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml index e4ebd97a..d753cceb 100644 --- a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml @@ -6,7 +6,7 @@ metadata: labels: app: zookeeper spec: - replicas: 3 + replicas: 1 selector: matchLabels: app: zookeeper -- 2.47.1 From f3c70b48e814a6a7c2099a521441795e1b5bcbf5 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sat, 30 Oct 2021 21:07:17 +0200 Subject: [PATCH 0082/1882] presidential-paradise: add registry.xirion.net creds --- .../presidential-paradise/kustomization.yaml | 1 + .../xirion-registry-creds.yaml | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+) create mode 100644 cluster/apps/presidential-paradise/xirion-registry-creds.yaml diff --git a/cluster/apps/presidential-paradise/kustomization.yaml b/cluster/apps/presidential-paradise/kustomization.yaml index cd9cd51d..3fb84555 100644 --- a/cluster/apps/presidential-paradise/kustomization.yaml +++ b/cluster/apps/presidential-paradise/kustomization.yaml @@ -1,5 +1,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: + - xirion-registry-creds.yaml - wooloofanclub - zookeeper diff --git a/cluster/apps/presidential-paradise/xirion-registry-creds.yaml b/cluster/apps/presidential-paradise/xirion-registry-creds.yaml new file mode 100644 index 00000000..8a91e432 --- /dev/null +++ b/cluster/apps/presidential-paradise/xirion-registry-creds.yaml @@ -0,0 +1,19 @@ +apiVersion: external-secrets.io/v1alpha1 +kind: ExternalSecret +metadata: + name: xirion-registry-creds + namespace: presidential-paradise +spec: + refreshInterval: "5m" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: xirion-registry-creds + template: + type: kubernetes.io/dockerconfigjson + data: + - secretKey: .dockerconfigjson + remoteRef: + key: xirion-registry-creds + property: dockerconfigjson -- 2.47.1 From 4a843e54720d47d1682a2008ababdd1969e94f54 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sat, 30 Oct 2021 21:18:18 +0200 Subject: [PATCH 0083/1882] 0x76.dev: deploy --- .../presidential-paradise/0x76.dev/0x76.yaml | 53 +++++++++++++++++++ .../0x76.dev/kustomization.yaml | 4 ++ .../presidential-paradise/kustomization.yaml | 1 + 3 files changed, 58 insertions(+) create mode 100644 cluster/apps/presidential-paradise/0x76.dev/0x76.yaml create mode 100644 cluster/apps/presidential-paradise/0x76.dev/kustomization.yaml diff --git a/cluster/apps/presidential-paradise/0x76.dev/0x76.yaml b/cluster/apps/presidential-paradise/0x76.dev/0x76.yaml new file mode 100644 index 00000000..1d6e73d6 --- /dev/null +++ b/cluster/apps/presidential-paradise/0x76.dev/0x76.yaml @@ -0,0 +1,53 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: 0x76.dev + namespace: presidential-paradise + labels: + app: 0x76.dev +spec: + replicas: 1 + selector: + matchLabels: + app: 0x76.dev + template: + metadata: + labels: + app: 0x76.dev + spec: + containers: + - name: 0x76.dev + image: registry.xirion.net/library/0x76.dev + ports: + - containerPort: 8080 +--- +apiVersion: v1 +kind: Service +metadata: + name: 0x76.dev-service + namespace: presidential-paradise +spec: + selector: + app: 0x76.dev + ports: + - protocol: TCP + port: 8080 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: 0x76.dev-ingress + namespace: presidential-paradise +spec: + ingressClassName: "traefik" + rules: + - host: "0x76.dev" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: 0x76.dev-service + port: + number: 8080 diff --git a/cluster/apps/presidential-paradise/0x76.dev/kustomization.yaml b/cluster/apps/presidential-paradise/0x76.dev/kustomization.yaml new file mode 100644 index 00000000..1f8410fb --- /dev/null +++ b/cluster/apps/presidential-paradise/0x76.dev/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - wooloo.yaml diff --git a/cluster/apps/presidential-paradise/kustomization.yaml b/cluster/apps/presidential-paradise/kustomization.yaml index 3fb84555..b6bf981b 100644 --- a/cluster/apps/presidential-paradise/kustomization.yaml +++ b/cluster/apps/presidential-paradise/kustomization.yaml @@ -2,5 +2,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - xirion-registry-creds.yaml + - 0x76.dev - wooloofanclub - zookeeper -- 2.47.1 From a7b38196583ab2324f5c13414728f2ab9966893e Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sat, 30 Oct 2021 21:20:02 +0200 Subject: [PATCH 0084/1882] 0x76.dev: remove '.' --- .../apps/presidential-paradise/{0x76.dev => 0x76dev}/0x76.yaml | 0 .../{0x76.dev => 0x76dev}/kustomization.yaml | 0 cluster/apps/presidential-paradise/kustomization.yaml | 2 +- 3 files changed, 1 insertion(+), 1 deletion(-) rename cluster/apps/presidential-paradise/{0x76.dev => 0x76dev}/0x76.yaml (100%) rename cluster/apps/presidential-paradise/{0x76.dev => 0x76dev}/kustomization.yaml (100%) diff --git a/cluster/apps/presidential-paradise/0x76.dev/0x76.yaml b/cluster/apps/presidential-paradise/0x76dev/0x76.yaml similarity index 100% rename from cluster/apps/presidential-paradise/0x76.dev/0x76.yaml rename to cluster/apps/presidential-paradise/0x76dev/0x76.yaml diff --git a/cluster/apps/presidential-paradise/0x76.dev/kustomization.yaml b/cluster/apps/presidential-paradise/0x76dev/kustomization.yaml similarity index 100% rename from cluster/apps/presidential-paradise/0x76.dev/kustomization.yaml rename to cluster/apps/presidential-paradise/0x76dev/kustomization.yaml diff --git a/cluster/apps/presidential-paradise/kustomization.yaml b/cluster/apps/presidential-paradise/kustomization.yaml index b6bf981b..fb65b5ab 100644 --- a/cluster/apps/presidential-paradise/kustomization.yaml +++ b/cluster/apps/presidential-paradise/kustomization.yaml @@ -2,6 +2,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - xirion-registry-creds.yaml - - 0x76.dev + - 0x76dev - wooloofanclub - zookeeper -- 2.47.1 From 405fdf3b2662b0a4e94d0efcf7526c297b9ca578 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sat, 30 Oct 2021 21:20:53 +0200 Subject: [PATCH 0085/1882] 0x76.dev: fix kustom --- cluster/apps/presidential-paradise/0x76dev/kustomization.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/apps/presidential-paradise/0x76dev/kustomization.yaml b/cluster/apps/presidential-paradise/0x76dev/kustomization.yaml index 1f8410fb..1a4998ed 100644 --- a/cluster/apps/presidential-paradise/0x76dev/kustomization.yaml +++ b/cluster/apps/presidential-paradise/0x76dev/kustomization.yaml @@ -1,4 +1,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - wooloo.yaml + - 0x76.yaml -- 2.47.1 From a510f20dc583b09390f9b5eba3270c745f50f4e3 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sat, 30 Oct 2021 21:21:45 +0200 Subject: [PATCH 0086/1882] 0x76.dev: fix more removal of '.' --- .../presidential-paradise/0x76dev/0x76.yaml | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/cluster/apps/presidential-paradise/0x76dev/0x76.yaml b/cluster/apps/presidential-paradise/0x76dev/0x76.yaml index 1d6e73d6..8cac36b5 100644 --- a/cluster/apps/presidential-paradise/0x76dev/0x76.yaml +++ b/cluster/apps/presidential-paradise/0x76dev/0x76.yaml @@ -1,34 +1,34 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: 0x76.dev + name: 0x76dev namespace: presidential-paradise labels: - app: 0x76.dev + app: 0x76dev spec: replicas: 1 selector: matchLabels: - app: 0x76.dev + app: 0x76dev template: metadata: labels: - app: 0x76.dev + app: 0x76dev spec: containers: - - name: 0x76.dev - image: registry.xirion.net/library/0x76.dev + - name: 0x76dev + image: registry.xirion.net/library/0x76dev ports: - containerPort: 8080 --- apiVersion: v1 kind: Service metadata: - name: 0x76.dev-service + name: 0x76dev-service namespace: presidential-paradise spec: selector: - app: 0x76.dev + app: 0x76dev ports: - protocol: TCP port: 8080 @@ -36,7 +36,7 @@ spec: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: 0x76.dev-ingress + name: 0x76dev-ingress namespace: presidential-paradise spec: ingressClassName: "traefik" @@ -48,6 +48,6 @@ spec: pathType: Prefix backend: service: - name: 0x76.dev-service + name: 0x76dev-service port: number: 8080 -- 2.47.1 From cee1a39e4a1079fc366e25e1756b91834d1e350b Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sat, 30 Oct 2021 21:25:36 +0200 Subject: [PATCH 0087/1882] 0x76.dev: fix: remove leading 0 --- .../presidential-paradise/0x76dev/0x76.yaml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/cluster/apps/presidential-paradise/0x76dev/0x76.yaml b/cluster/apps/presidential-paradise/0x76dev/0x76.yaml index 8cac36b5..718b1dc3 100644 --- a/cluster/apps/presidential-paradise/0x76dev/0x76.yaml +++ b/cluster/apps/presidential-paradise/0x76dev/0x76.yaml @@ -1,22 +1,22 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: 0x76dev + name: x76dev namespace: presidential-paradise labels: - app: 0x76dev + app: x76dev spec: replicas: 1 selector: matchLabels: - app: 0x76dev + app: x76dev template: metadata: labels: - app: 0x76dev + app: x76dev spec: containers: - - name: 0x76dev + - name: x76dev image: registry.xirion.net/library/0x76dev ports: - containerPort: 8080 @@ -24,11 +24,11 @@ spec: apiVersion: v1 kind: Service metadata: - name: 0x76dev-service + name: x76dev-service namespace: presidential-paradise spec: selector: - app: 0x76dev + app: x76dev ports: - protocol: TCP port: 8080 @@ -36,7 +36,7 @@ spec: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: 0x76dev-ingress + name: x76dev-ingress namespace: presidential-paradise spec: ingressClassName: "traefik" @@ -48,6 +48,6 @@ spec: pathType: Prefix backend: service: - name: 0x76dev-service + name: x76dev-service port: number: 8080 -- 2.47.1 From 92e12cf7ddb518fadc066cdb8dccc9ee840458c3 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sat, 30 Oct 2021 21:27:23 +0200 Subject: [PATCH 0088/1882] 0x76.dev: fix: image name --- cluster/apps/presidential-paradise/0x76dev/0x76.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/apps/presidential-paradise/0x76dev/0x76.yaml b/cluster/apps/presidential-paradise/0x76dev/0x76.yaml index 718b1dc3..b56ad9ab 100644 --- a/cluster/apps/presidential-paradise/0x76dev/0x76.yaml +++ b/cluster/apps/presidential-paradise/0x76dev/0x76.yaml @@ -17,7 +17,7 @@ spec: spec: containers: - name: x76dev - image: registry.xirion.net/library/0x76dev + image: registry.xirion.net/library/0x76.dev ports: - containerPort: 8080 --- -- 2.47.1 From ce8d40fb8ac0c4818849fbd1b37a86e94fe6819e Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sat, 30 Oct 2021 21:32:41 +0200 Subject: [PATCH 0089/1882] 0x76.dev: add image pull secrets --- .../presidential-paradise/0x76dev/0x76.yaml | 30 ++++++++++--------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/cluster/apps/presidential-paradise/0x76dev/0x76.yaml b/cluster/apps/presidential-paradise/0x76dev/0x76.yaml index b56ad9ab..74dd9a4d 100644 --- a/cluster/apps/presidential-paradise/0x76dev/0x76.yaml +++ b/cluster/apps/presidential-paradise/0x76dev/0x76.yaml @@ -16,10 +16,12 @@ spec: app: x76dev spec: containers: - - name: x76dev - image: registry.xirion.net/library/0x76.dev - ports: - - containerPort: 8080 + - name: x76dev + image: registry.xirion.net/library/0x76.dev + ports: + - containerPort: 8080 + imagePullSecrets: + - name: xirion-registry-creds --- apiVersion: v1 kind: Service @@ -41,13 +43,13 @@ metadata: spec: ingressClassName: "traefik" rules: - - host: "0x76.dev" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: x76dev-service - port: - number: 8080 + - host: "0x76.dev" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: x76dev-service + port: + number: 8080 -- 2.47.1 From 7e4ca3ee870e40977ff99aa1b61b2102a4956b92 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 31 Oct 2021 12:37:28 +0100 Subject: [PATCH 0090/1882] flux,zookeeper: add image update automation --- .../zookeeper/deployment.yaml | 2 +- .../zookeeper/image-updater.yaml | 22 +++++++++++++++++ .../zookeeper/kustomization.yaml | 1 + .../flux-system/image-update-automation.yaml | 24 +++++++++++++++++++ cluster/base/flux-system/kustomization.yaml | 1 + 5 files changed, 49 insertions(+), 1 deletion(-) create mode 100644 cluster/apps/presidential-paradise/zookeeper/image-updater.yaml create mode 100644 cluster/base/flux-system/image-update-automation.yaml diff --git a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml index d753cceb..c301bb9c 100644 --- a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml @@ -23,7 +23,7 @@ spec: spec: containers: - name: zookeeper - image: docker.io/0x76/zookeeper:latest + image: registry.xirion.net/library/zookeeper:0.2.0 # {"$imagepolicy": "presidential-paradise:zookeeper"} ports: - name: web containerPort: 8085 diff --git a/cluster/apps/presidential-paradise/zookeeper/image-updater.yaml b/cluster/apps/presidential-paradise/zookeeper/image-updater.yaml new file mode 100644 index 00000000..e8cebaf3 --- /dev/null +++ b/cluster/apps/presidential-paradise/zookeeper/image-updater.yaml @@ -0,0 +1,22 @@ +apiVersion: image.toolkit.fluxcd.io/v1beta1 +kind: ImageRepository +metadata: + name: zookeeper + namespace: presidential-paradise +spec: + image: registry.xirion.net/library/zookeeper + interval: 1m0s + secretRef: + name: xirion-registry-creds +--- +apiVersion: image.toolkit.fluxcd.io/v1beta1 +kind: ImagePolicy +metadata: + name: zookeeper + namespace: presidential-paradise +spec: + imageRepositoryRef: + name: zookeeper + policy: + semver: + range: "*" diff --git a/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml b/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml index 3716bd7e..536f4bab 100644 --- a/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml @@ -2,6 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - external-secret.yaml + - image-updater.yaml - deployment.yaml - svc.yaml - ingress.yaml diff --git a/cluster/base/flux-system/image-update-automation.yaml b/cluster/base/flux-system/image-update-automation.yaml new file mode 100644 index 00000000..2c8d2352 --- /dev/null +++ b/cluster/base/flux-system/image-update-automation.yaml @@ -0,0 +1,24 @@ +apiVersion: image.toolkit.fluxcd.io/v1beta1 +kind: ImageUpdateAutomation +metadata: + name: flux-system + namespace: flux-system +spec: + interval: 1m0s + sourceRef: + kind: GitRepository + name: flux-system + git: + checkout: + ref: + branch: main + commit: + author: + email: fluxcdbot@users.noreply.github.com + name: fluxcdbot + messageTemplate: '{{range .Updated.Images}}{{println .}}{{end}}' + push: + branch: main + update: + path: ./cluster/ + strategy: Setters diff --git a/cluster/base/flux-system/kustomization.yaml b/cluster/base/flux-system/kustomization.yaml index 2974f2db..e57a2e46 100644 --- a/cluster/base/flux-system/kustomization.yaml +++ b/cluster/base/flux-system/kustomization.yaml @@ -3,4 +3,5 @@ kind: Kustomization resources: - gotk-components.yaml - gotk-sync.yaml +- image-update-automation.yaml - charts -- 2.47.1 From f1ffa9c343ddb5220c13db1cf911599b32a05275 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 31 Oct 2021 12:46:21 +0100 Subject: [PATCH 0091/1882] make ImageUpdateAutomation namespace specific --- cluster/apps/presidential-paradise/zookeeper/deployment.yaml | 2 +- cluster/base/flux-system/image-update-automation.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml index c301bb9c..3dff3011 100644 --- a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml @@ -23,7 +23,7 @@ spec: spec: containers: - name: zookeeper - image: registry.xirion.net/library/zookeeper:0.2.0 # {"$imagepolicy": "presidential-paradise:zookeeper"} + image: registry.xirion.net/library/zookeeper:0.2.0 # {"$imagepolicy": "presidential-paradise:zookeeper"} ports: - name: web containerPort: 8085 diff --git a/cluster/base/flux-system/image-update-automation.yaml b/cluster/base/flux-system/image-update-automation.yaml index 2c8d2352..0802cf7a 100644 --- a/cluster/base/flux-system/image-update-automation.yaml +++ b/cluster/base/flux-system/image-update-automation.yaml @@ -2,7 +2,7 @@ apiVersion: image.toolkit.fluxcd.io/v1beta1 kind: ImageUpdateAutomation metadata: name: flux-system - namespace: flux-system + namespace: presidential-paradise spec: interval: 1m0s sourceRef: @@ -20,5 +20,5 @@ spec: push: branch: main update: - path: ./cluster/ + path: ./cluster/apps/presidential-paradise strategy: Setters -- 2.47.1 From ca6142adb125508dbe629d53e3a3a8af065055f6 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 31 Oct 2021 12:47:52 +0100 Subject: [PATCH 0092/1882] update ref git repo --- cluster/base/flux-system/image-update-automation.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cluster/base/flux-system/image-update-automation.yaml b/cluster/base/flux-system/image-update-automation.yaml index 0802cf7a..85d3e3e0 100644 --- a/cluster/base/flux-system/image-update-automation.yaml +++ b/cluster/base/flux-system/image-update-automation.yaml @@ -8,6 +8,7 @@ spec: sourceRef: kind: GitRepository name: flux-system + namespace: flux-system git: checkout: ref: -- 2.47.1 From 740e2b9198c2750dbc630b3f001866c2c581c13a Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 31 Oct 2021 12:54:47 +0100 Subject: [PATCH 0093/1882] flux: shuffle image update automation to proper namespaces --- .../zookeeper/deployment.yaml | 2 +- .../image-update-automation.yaml | 5 ++--- .../kustomization.yaml | 5 +++++ .../image-update-automation/zookeeper.yaml} | 4 ++-- cluster/base/flux-system/kustomization.yaml | 3 ++- .../flux-system/xirion-registry-creds.yaml | 19 +++++++++++++++++++ 6 files changed, 31 insertions(+), 7 deletions(-) rename cluster/base/flux-system/{ => image-update-automation}/image-update-automation.yaml (81%) create mode 100644 cluster/base/flux-system/image-update-automation/kustomization.yaml rename cluster/{apps/presidential-paradise/zookeeper/image-updater.yaml => base/flux-system/image-update-automation/zookeeper.yaml} (84%) create mode 100644 cluster/base/flux-system/xirion-registry-creds.yaml diff --git a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml index 3dff3011..5054c403 100644 --- a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml @@ -23,7 +23,7 @@ spec: spec: containers: - name: zookeeper - image: registry.xirion.net/library/zookeeper:0.2.0 # {"$imagepolicy": "presidential-paradise:zookeeper"} + image: registry.xirion.net/library/zookeeper:0.2.0 # {"$imagepolicy": "flux-system:zookeeper"} ports: - name: web containerPort: 8085 diff --git a/cluster/base/flux-system/image-update-automation.yaml b/cluster/base/flux-system/image-update-automation/image-update-automation.yaml similarity index 81% rename from cluster/base/flux-system/image-update-automation.yaml rename to cluster/base/flux-system/image-update-automation/image-update-automation.yaml index 85d3e3e0..2c8d2352 100644 --- a/cluster/base/flux-system/image-update-automation.yaml +++ b/cluster/base/flux-system/image-update-automation/image-update-automation.yaml @@ -2,13 +2,12 @@ apiVersion: image.toolkit.fluxcd.io/v1beta1 kind: ImageUpdateAutomation metadata: name: flux-system - namespace: presidential-paradise + namespace: flux-system spec: interval: 1m0s sourceRef: kind: GitRepository name: flux-system - namespace: flux-system git: checkout: ref: @@ -21,5 +20,5 @@ spec: push: branch: main update: - path: ./cluster/apps/presidential-paradise + path: ./cluster/ strategy: Setters diff --git a/cluster/base/flux-system/image-update-automation/kustomization.yaml b/cluster/base/flux-system/image-update-automation/kustomization.yaml new file mode 100644 index 00000000..42c052f0 --- /dev/null +++ b/cluster/base/flux-system/image-update-automation/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- image-update-automation.yaml +- zookeeper.yaml diff --git a/cluster/apps/presidential-paradise/zookeeper/image-updater.yaml b/cluster/base/flux-system/image-update-automation/zookeeper.yaml similarity index 84% rename from cluster/apps/presidential-paradise/zookeeper/image-updater.yaml rename to cluster/base/flux-system/image-update-automation/zookeeper.yaml index e8cebaf3..6c95f6d2 100644 --- a/cluster/apps/presidential-paradise/zookeeper/image-updater.yaml +++ b/cluster/base/flux-system/image-update-automation/zookeeper.yaml @@ -2,7 +2,7 @@ apiVersion: image.toolkit.fluxcd.io/v1beta1 kind: ImageRepository metadata: name: zookeeper - namespace: presidential-paradise + namespace: flux-system spec: image: registry.xirion.net/library/zookeeper interval: 1m0s @@ -13,7 +13,7 @@ apiVersion: image.toolkit.fluxcd.io/v1beta1 kind: ImagePolicy metadata: name: zookeeper - namespace: presidential-paradise + namespace: flux-system spec: imageRepositoryRef: name: zookeeper diff --git a/cluster/base/flux-system/kustomization.yaml b/cluster/base/flux-system/kustomization.yaml index e57a2e46..fb0f20c8 100644 --- a/cluster/base/flux-system/kustomization.yaml +++ b/cluster/base/flux-system/kustomization.yaml @@ -3,5 +3,6 @@ kind: Kustomization resources: - gotk-components.yaml - gotk-sync.yaml -- image-update-automation.yaml +- xirion-registry-creds.yaml +- image-update-automation - charts diff --git a/cluster/base/flux-system/xirion-registry-creds.yaml b/cluster/base/flux-system/xirion-registry-creds.yaml new file mode 100644 index 00000000..72503ebd --- /dev/null +++ b/cluster/base/flux-system/xirion-registry-creds.yaml @@ -0,0 +1,19 @@ +apiVersion: external-secrets.io/v1alpha1 +kind: ExternalSecret +metadata: + name: xirion-registry-creds + namespace: flux-system +spec: + refreshInterval: "5m" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: xirion-registry-creds + template: + type: kubernetes.io/dockerconfigjson + data: + - secretKey: .dockerconfigjson + remoteRef: + key: xirion-registry-creds + property: dockerconfigjson -- 2.47.1 From b5f464ed63940a9912c7ca2c658a30cf5f095bfd Mon Sep 17 00:00:00 2001 From: fluxcdbot Date: Sun, 31 Oct 2021 11:54:55 +0000 Subject: [PATCH 0094/1882] registry.xirion.net/library/zookeeper:0.2.4 --- .../zookeeper/deployment.yaml | 50 +++++++++---------- 1 file changed, 25 insertions(+), 25 deletions(-) diff --git a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml index 5054c403..d0351f28 100644 --- a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml @@ -22,30 +22,30 @@ spec: app: zookeeper spec: containers: - - name: zookeeper - image: registry.xirion.net/library/zookeeper:0.2.0 # {"$imagepolicy": "flux-system:zookeeper"} - ports: - - name: web - containerPort: 8085 - - name: epmd - containerPort: 4369 - envFrom: - - secretRef: - name: zookeeper - env: - - name: LANG - value: C.UTF-8 - - name: HOSTNAME - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: SERVICE_NAME - value: zookeeper-private.presidential-paradise.svc.cluster.local - resources: {} - securityContext: - privileged: false - procMount: Default - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File + - name: zookeeper + image: registry.xirion.net/library/zookeeper:0.2.4 # {"$imagepolicy": "flux-system:zookeeper"} + ports: + - name: web + containerPort: 8085 + - name: epmd + containerPort: 4369 + envFrom: + - secretRef: + name: zookeeper + env: + - name: LANG + value: C.UTF-8 + - name: HOSTNAME + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: SERVICE_NAME + value: zookeeper-private.presidential-paradise.svc.cluster.local + resources: {} + securityContext: + privileged: false + procMount: Default + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File dnsPolicy: ClusterFirst terminationGracePeriodSeconds: 30 -- 2.47.1 From b2acd92b1da602cb16ae819f6ad894bcf1bcf03a Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 31 Oct 2021 13:04:21 +0100 Subject: [PATCH 0095/1882] zookeeper: add imagepullsecrets --- cluster/apps/presidential-paradise/zookeeper/deployment.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml index d0351f28..ddbaa4d8 100644 --- a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml @@ -21,6 +21,8 @@ spec: labels: app: zookeeper spec: + imagePullSecrets: + - name: xirion-registry-creds containers: - name: zookeeper image: registry.xirion.net/library/zookeeper:0.2.4 # {"$imagepolicy": "flux-system:zookeeper"} -- 2.47.1 From a4509d8598729bc1798b646ace45124aa21c7009 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 31 Oct 2021 13:06:01 +0100 Subject: [PATCH 0096/1882] zookeeper: remove image automation from kustom --- cluster/apps/presidential-paradise/zookeeper/kustomization.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml b/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml index 536f4bab..3716bd7e 100644 --- a/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml @@ -2,7 +2,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - external-secret.yaml - - image-updater.yaml - deployment.yaml - svc.yaml - ingress.yaml -- 2.47.1 From 194ff571289d0926ea871b7a293045ad78b25bc4 Mon Sep 17 00:00:00 2001 From: Flux <> Date: Wed, 3 Nov 2021 00:21:53 +0100 Subject: [PATCH 0097/1882] Add Flux v0.21.0 component manifests --- cluster/base/flux-system/gotk-components.yaml | 70 +++++++++---------- 1 file changed, 35 insertions(+), 35 deletions(-) diff --git a/cluster/base/flux-system/gotk-components.yaml b/cluster/base/flux-system/gotk-components.yaml index 9f993039..e55fadd5 100644 --- a/cluster/base/flux-system/gotk-components.yaml +++ b/cluster/base/flux-system/gotk-components.yaml @@ -4,7 +4,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: flux-system --- apiVersion: apiextensions.k8s.io/v1 @@ -16,7 +16,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -228,7 +228,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -459,7 +459,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -789,7 +789,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1044,7 +1044,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -1804,7 +1804,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2022,7 +2022,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: imagepolicies.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -2611,7 +2611,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: imagerepositories.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3169,7 +3169,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: imageupdateautomations.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3971,7 +3971,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -5046,7 +5046,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5246,7 +5246,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5463,7 +5463,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: helm-controller namespace: flux-system --- @@ -5473,7 +5473,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: image-automation-controller namespace: flux-system --- @@ -5483,7 +5483,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: image-reflector-controller namespace: flux-system --- @@ -5493,7 +5493,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: kustomize-controller namespace: flux-system --- @@ -5503,7 +5503,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: notification-controller namespace: flux-system --- @@ -5513,7 +5513,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: source-controller namespace: flux-system --- @@ -5523,7 +5523,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: crd-controller-flux-system rules: - apiGroups: @@ -5604,7 +5604,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -5624,7 +5624,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -5656,7 +5656,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 control-plane: controller name: notification-controller namespace: flux-system @@ -5676,7 +5676,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 control-plane: controller name: source-controller namespace: flux-system @@ -5696,7 +5696,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 control-plane: controller name: webhook-receiver namespace: flux-system @@ -5716,7 +5716,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 control-plane: controller name: helm-controller namespace: flux-system @@ -5789,7 +5789,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 control-plane: controller name: image-automation-controller namespace: flux-system @@ -5864,7 +5864,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 control-plane: controller name: image-reflector-controller namespace: flux-system @@ -5943,7 +5943,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 control-plane: controller name: kustomize-controller namespace: flux-system @@ -6018,7 +6018,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 control-plane: controller name: notification-controller namespace: flux-system @@ -6094,7 +6094,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 control-plane: controller name: source-controller namespace: flux-system @@ -6127,7 +6127,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/source-controller:v0.17.0 + image: ghcr.io/fluxcd/source-controller:v0.17.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6178,7 +6178,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: allow-egress namespace: flux-system spec: @@ -6198,7 +6198,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: allow-scraping namespace: flux-system spec: @@ -6218,7 +6218,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.21.0 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From d995c5e4ff5accf5e862d091ce3629c83247e170 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 3 Nov 2021 00:52:39 +0100 Subject: [PATCH 0098/1882] Minor changes --- common/users/default.nix | 8 ++++++-- flake.lock | 6 +++--- hosts/nginx/configuration.nix | 1 + 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/common/users/default.nix b/common/users/default.nix index 4514f132..8f7f6f11 100644 --- a/common/users/default.nix +++ b/common/users/default.nix @@ -21,9 +21,13 @@ # otherwise it'll override the grml prompt promptInit = ""; }; - + environment.pathsToLink = [ "/share/zsh" ]; + # Install Neovim and set it as alias for vi(m) + programs.neovim.enable = true; + programs.neovim.viAlias = true; + # Disable sudo prompt for `wheel` users. security.sudo.wheelNeedsPassword = false; @@ -55,5 +59,5 @@ }; # Setup packages available everywhere - environment.systemPackages = with pkgs; [ fzf git htop rsync ripgrep vim zoxide ]; + environment.systemPackages = with pkgs; [ fzf git htop rsync ripgrep zoxide ]; } diff --git a/flake.lock b/flake.lock index a7ba9f05..915caae0 100644 --- a/flake.lock +++ b/flake.lock @@ -54,11 +54,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1635587056, - "narHash": "sha256-2RzriuQ8OEvY+wRUTpCgIiNNuFukKa7CiEAA0b2gsew=", + "lastModified": 1635835164, + "narHash": "sha256-E8MI6D+uX5O7MJwfEa+MZb7L9tonbbn4VZDkqkLZeQc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e49cd51ebcbb916e2481555aad8d9548807e9d12", + "rev": "94d91a448b87a70204485bd768977c07575911e8", "type": "github" }, "original": { diff --git a/hosts/nginx/configuration.nix b/hosts/nginx/configuration.nix index 85f06303..56edd745 100644 --- a/hosts/nginx/configuration.nix +++ b/hosts/nginx/configuration.nix @@ -49,6 +49,7 @@ in { }; # Kubernetes endpoints + virtualHosts."0x76.dev" = k8s_proxy; virtualHosts."zookeeper.0x76.dev" = k8s_proxy; virtualHosts."wooloofan.club" = k8s_proxy; virtualHosts."whoami.wooloofan.club" = k8s_proxy; -- 2.47.1 From 12fcf36eb0cf27a9a832c8b22ea506d4b76fb329 Mon Sep 17 00:00:00 2001 From: fluxcdbot Date: Wed, 3 Nov 2021 14:39:12 +0000 Subject: [PATCH 0099/1882] registry.xirion.net/library/zookeeper:0.2.5 --- cluster/apps/presidential-paradise/zookeeper/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml index ddbaa4d8..718630d2 100644 --- a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml @@ -25,7 +25,7 @@ spec: - name: xirion-registry-creds containers: - name: zookeeper - image: registry.xirion.net/library/zookeeper:0.2.4 # {"$imagepolicy": "flux-system:zookeeper"} + image: registry.xirion.net/library/zookeeper:0.2.5 # {"$imagepolicy": "flux-system:zookeeper"} ports: - name: web containerPort: 8085 -- 2.47.1 From 3e16d61a859d4fa03f529950b8a832e6c935bbcd Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Wed, 3 Nov 2021 22:47:44 +0100 Subject: [PATCH 0100/1882] add consul node --- main.tf | 119 +++++++++++++++++++++++++++++++++----------------------- 1 file changed, 71 insertions(+), 48 deletions(-) diff --git a/main.tf b/main.tf index 7550830e..b5d33787 100644 --- a/main.tf +++ b/main.tf @@ -1,20 +1,20 @@ provider "proxmox" { - pm_api_url = "https://10.42.42.42:8006/api2/json" - pm_user = data.vault_generic_secret.proxmox_auth.data["user"] - pm_password = data.vault_generic_secret.proxmox_auth.data["pass"] + pm_api_url = "https://10.42.42.42:8006/api2/json" + pm_user = data.vault_generic_secret.proxmox_auth.data["user"] + pm_password = data.vault_generic_secret.proxmox_auth.data["pass"] pm_tls_insecure = true } # For full info see: https://blog.xirion.net/posts/nixos-proxmox-lxc/ resource "proxmox_lxc" "nixos-template" { - target_node = "nuc" - description = "NixOS LXC Template" - hostname = "nixos-template" - ostemplate = "local:vztmpl/nixos-unstable-default_156198829_amd64.tar.xz" - ostype = "unmanaged" + target_node = "nuc" + description = "NixOS LXC Template" + hostname = "nixos-template" + ostemplate = "local:vztmpl/nixos-unstable-default_156198829_amd64.tar.xz" + ostype = "unmanaged" unprivileged = true - vmid = "101" - template = true + vmid = "101" + template = true memory = 1024 @@ -24,109 +24,132 @@ resource "proxmox_lxc" "nixos-template" { rootfs { storage = "local-zfs" - size = "8G" + size = "8G" } network { - name = "eth0" + name = "eth0" bridge = "vmbr0" - ip = "dhcp" + ip = "dhcp" hwaddr = "22:D7:C1:FF:9D:5F" } } resource "proxmox_lxc" "vault" { - target_node = "nuc" - description = "Vault Secrets Management" - hostname = "vault" + target_node = "nuc" + description = "Vault Secrets Management" + hostname = "vault" unprivileged = false # needed for mlock - vmid = "102" - clone = "101" + vmid = "102" + clone = "101" memory = 1024 rootfs { storage = "local-zfs" - size = "8G" + size = "8G" } network { - name = "eth0" + name = "eth0" bridge = "vmbr0" - ip = "dhcp" + ip = "dhcp" hwaddr = "16:2B:87:55:0C:0C" } } resource "proxmox_lxc" "mosquitto" { - target_node = "nuc" - description = "mosquitto mqtt broker" - hostname = "mosquitto" - vmid = 104 - clone = 101 + target_node = "nuc" + description = "mosquitto mqtt broker" + hostname = "mosquitto" + vmid = 104 + clone = 101 unprivileged = true memory = 1024 rootfs { storage = "local-zfs" - size = "8G" + size = "8G" } network { - name = "eth0" + name = "eth0" bridge = "vmbr0" - ip = "dhcp" + ip = "dhcp" hwaddr = "C6:F9:8B:3D:9E:37" } } resource "proxmox_lxc" "nginx" { - target_node = "nuc" - description = "nginx reverse proxy" - hostname = "nginx" - vmid = 106 - clone = 101 + target_node = "nuc" + description = "nginx reverse proxy" + hostname = "nginx" + vmid = 106 + clone = 101 unprivileged = true memory = 512 rootfs { storage = "local-zfs" - size = "8G" + size = "8G" } network { - name = "eth0" + name = "eth0" bridge = "vmbr0" - ip = "dhcp" + ip = "dhcp" hwaddr = "6A:C2:89:85:CF:A6" } } resource "proxmox_vm_qemu" "k3s-node1" { - name = "k3s-node1" + name = "k3s-node1" target_node = "nuc" - vmid = 103 - clone = "bastion" - tablet = false + vmid = 103 + clone = "bastion" + tablet = false memory = 8192 - cores = 4 + cores = 4 agent = 1 - boot = "order=scsi0;ide2;net0" + boot = "order=scsi0;ide2;net0" network { - model = "virtio" + model = "virtio" macaddr = "2E:F8:55:23:D9:9B" - bridge = "vmbr0" + bridge = "vmbr0" } disk { - type = "scsi" + type = "scsi" storage = "local-zfs" - size = "64G" - ssd = 1 + size = "64G" + ssd = 1 + } +} + +resource "proxmox_lxc" "consul" { + target_node = "nuc" + description = "consul service mesh" + hostname = "consul" + vmid = 107 + clone = 101 + unprivileged = true + + memory = 512 + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + hwaddr = "D6:DE:07:41:73:81" } } -- 2.47.1 From 528ecd8bea5acbb951f5a8a280fdb40fd140e792 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 3 Nov 2021 22:55:03 +0100 Subject: [PATCH 0101/1882] add consul --- flake.lock | 8 +++---- flake.nix | 16 ++++++++++++- hosts/consul/configuration.nix | 41 ++++++++++++++++++++++++++++++++++ hosts/vault/configuration.nix | 18 ++------------- 4 files changed, 62 insertions(+), 21 deletions(-) create mode 100644 hosts/consul/configuration.nix diff --git a/flake.lock b/flake.lock index 915caae0..257001c3 100644 --- a/flake.lock +++ b/flake.lock @@ -54,16 +54,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1635835164, - "narHash": "sha256-E8MI6D+uX5O7MJwfEa+MZb7L9tonbbn4VZDkqkLZeQc=", + "lastModified": 1635844945, + "narHash": "sha256-tZcL307dj28jgEU1Wdn+zwG9neyW0H2+ZjdVhvJxh9g=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "94d91a448b87a70204485bd768977c07575911e8", + "rev": "b67e752c29f18a0ca5534a07661366d6a2c2e649", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable-small", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 77fb9840..8af83132 100644 --- a/flake.nix +++ b/flake.nix @@ -2,7 +2,7 @@ description = "Delft Deployment"; inputs.deploy-rs.url = "github:serokell/deploy-rs"; - inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small"; + inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; outputs = { self, nixpkgs, deploy-rs }: { nixosConfigurations.bastion = nixpkgs.lib.nixosSystem { @@ -30,6 +30,11 @@ modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/nginx/configuration.nix ]; }; + nixosConfigurations.consul = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/consul/configuration.nix ]; + }; + deploy.nodes.bastion = { hostname = "10.42.42.4"; fastConnection = true; @@ -75,6 +80,15 @@ }; }; + deploy.nodes.consul = { + hostname = "10.42.42.14"; + fastConnection = true; + profiles.system = { + user = "root"; + path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.consul; + }; + }; + checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; }; } diff --git a/hosts/consul/configuration.nix b/hosts/consul/configuration.nix new file mode 100644 index 00000000..73735782 --- /dev/null +++ b/hosts/consul/configuration.nix @@ -0,0 +1,41 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = [ + # Import common config + ../../common/generic-lxc.nix + ../../common + ]; + + networking.hostName = "vault"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.05"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + # Vault + networking.firewall.allowedTCPPorts = [ 8200 ]; + + services.vault = { + enable = true; + # bin version includes the UI + package = pkgs.vault-bin; + address = "0.0.0.0:8200"; + storageBackend = "file"; + storagePath = "/var/lib/vault"; + extraConfig = '' + ui = true + ''; + }; +} diff --git a/hosts/vault/configuration.nix b/hosts/vault/configuration.nix index 19c46c08..28e3e5d5 100644 --- a/hosts/vault/configuration.nix +++ b/hosts/vault/configuration.nix @@ -11,7 +11,7 @@ ../../common ]; - networking.hostName = "vault"; + networking.hostName = "consul"; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions @@ -24,19 +24,5 @@ # Additional packages environment.systemPackages = with pkgs; [ ]; - # Vault - networking.firewall.allowedTCPPorts = [ 8200 ]; - - services.vault = { - enable = true; - # bin version includes the UI - package = pkgs.vault-bin; - address = "0.0.0.0:8200"; - storageBackend = "file"; - storagePath = "/var/lib/vault"; - extraConfig = '' - api_addr = "10.42.42.6:8200" - ui = true - ''; - }; + networking.firewall.allowedTCPPorts = [ ]; } -- 2.47.1 From 4d8dc807e4fad7b174268dafea8c8241c5a62ee3 Mon Sep 17 00:00:00 2001 From: fluxcdbot Date: Thu, 4 Nov 2021 11:19:42 +0000 Subject: [PATCH 0102/1882] registry.xirion.net/library/zookeeper:0.3.0 --- cluster/apps/presidential-paradise/zookeeper/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml index 718630d2..9cf8f1fa 100644 --- a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml @@ -25,7 +25,7 @@ spec: - name: xirion-registry-creds containers: - name: zookeeper - image: registry.xirion.net/library/zookeeper:0.2.5 # {"$imagepolicy": "flux-system:zookeeper"} + image: registry.xirion.net/library/zookeeper:0.3.0 # {"$imagepolicy": "flux-system:zookeeper"} ports: - name: web containerPort: 8085 -- 2.47.1 From 55ea4414aafb4801e9999bd9bb47ec05e4475701 Mon Sep 17 00:00:00 2001 From: fluxcdbot Date: Fri, 5 Nov 2021 00:50:58 +0000 Subject: [PATCH 0103/1882] registry.xirion.net/library/zookeeper:0.3.1 --- cluster/apps/presidential-paradise/zookeeper/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml index 9cf8f1fa..1404435d 100644 --- a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml +++ b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml @@ -25,7 +25,7 @@ spec: - name: xirion-registry-creds containers: - name: zookeeper - image: registry.xirion.net/library/zookeeper:0.3.0 # {"$imagepolicy": "flux-system:zookeeper"} + image: registry.xirion.net/library/zookeeper:0.3.1 # {"$imagepolicy": "flux-system:zookeeper"} ports: - name: web containerPort: 8085 -- 2.47.1 From 4a4cb3f59b714c9c54af8335b181e2995a30872e Mon Sep 17 00:00:00 2001 From: Flux <> Date: Fri, 12 Nov 2021 01:18:50 +0100 Subject: [PATCH 0104/1882] Add Flux v0.22.1 component manifests --- cluster/base/flux-system/gotk-components.yaml | 94 ++++++++++--------- 1 file changed, 48 insertions(+), 46 deletions(-) diff --git a/cluster/base/flux-system/gotk-components.yaml b/cluster/base/flux-system/gotk-components.yaml index e55fadd5..19d4394c 100644 --- a/cluster/base/flux-system/gotk-components.yaml +++ b/cluster/base/flux-system/gotk-components.yaml @@ -1,10 +1,14 @@ +--- +# This manifest was generated by flux. DO NOT EDIT. +# Flux Version: v0.22.1 +# Components: source-controller,kustomize-controller,helm-controller,notification-controller,image-reflector-controller,image-automation-controller apiVersion: v1 kind: Namespace metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: flux-system --- apiVersion: apiextensions.k8s.io/v1 @@ -16,7 +20,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -228,7 +232,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -459,7 +463,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -789,7 +793,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1044,7 +1048,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -1804,7 +1808,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2022,7 +2026,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: imagepolicies.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -2611,7 +2615,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: imagerepositories.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3169,7 +3173,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: imageupdateautomations.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3452,7 +3456,6 @@ spec: from the Git repository. properties: branch: - default: master description: The Git branch to checkout, defaults to master. type: string commit: @@ -3724,7 +3727,6 @@ spec: from the Git repository. properties: branch: - default: master description: The Git branch to checkout, defaults to master. type: string commit: @@ -3971,7 +3973,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -5046,7 +5048,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5246,7 +5248,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5463,7 +5465,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: helm-controller namespace: flux-system --- @@ -5473,7 +5475,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: image-automation-controller namespace: flux-system --- @@ -5483,7 +5485,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: image-reflector-controller namespace: flux-system --- @@ -5493,7 +5495,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: kustomize-controller namespace: flux-system --- @@ -5503,7 +5505,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: notification-controller namespace: flux-system --- @@ -5513,7 +5515,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: source-controller namespace: flux-system --- @@ -5523,7 +5525,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: crd-controller-flux-system rules: - apiGroups: @@ -5604,7 +5606,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -5624,7 +5626,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -5656,7 +5658,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 control-plane: controller name: notification-controller namespace: flux-system @@ -5676,7 +5678,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 control-plane: controller name: source-controller namespace: flux-system @@ -5696,7 +5698,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 control-plane: controller name: webhook-receiver namespace: flux-system @@ -5716,7 +5718,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 control-plane: controller name: helm-controller namespace: flux-system @@ -5735,7 +5737,7 @@ spec: spec: containers: - args: - - --events-addr=http://notification-controller/ + - --events-addr=http://notification-controller.flux-system.svc.cluster.local/ - --watch-all-namespaces=true - --log-level=info - --log-encoding=json @@ -5745,7 +5747,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.12.1 + image: ghcr.io/fluxcd/helm-controller:v0.12.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5789,7 +5791,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 control-plane: controller name: image-automation-controller namespace: flux-system @@ -5808,7 +5810,7 @@ spec: spec: containers: - args: - - --events-addr=http://notification-controller/ + - --events-addr=http://notification-controller.flux-system.svc.cluster.local/ - --watch-all-namespaces=true - --log-level=info - --log-encoding=json @@ -5818,7 +5820,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-automation-controller:v0.16.0 + image: ghcr.io/fluxcd/image-automation-controller:v0.17.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5864,7 +5866,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 control-plane: controller name: image-reflector-controller namespace: flux-system @@ -5883,7 +5885,7 @@ spec: spec: containers: - args: - - --events-addr=http://notification-controller/ + - --events-addr=http://notification-controller.flux-system.svc.cluster.local/ - --watch-all-namespaces=true - --log-level=info - --log-encoding=json @@ -5893,7 +5895,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-reflector-controller:v0.13.0 + image: ghcr.io/fluxcd/image-reflector-controller:v0.13.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5943,7 +5945,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 control-plane: controller name: kustomize-controller namespace: flux-system @@ -5962,7 +5964,7 @@ spec: spec: containers: - args: - - --events-addr=http://notification-controller/ + - --events-addr=http://notification-controller.flux-system.svc.cluster.local/ - --watch-all-namespaces=true - --log-level=info - --log-encoding=json @@ -5972,7 +5974,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.16.0 + image: ghcr.io/fluxcd/kustomize-controller:v0.17.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6018,7 +6020,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 control-plane: controller name: notification-controller namespace: flux-system @@ -6094,7 +6096,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 control-plane: controller name: source-controller namespace: flux-system @@ -6115,7 +6117,7 @@ spec: spec: containers: - args: - - --events-addr=http://notification-controller/ + - --events-addr=http://notification-controller.flux-system.svc.cluster.local/ - --watch-all-namespaces=true - --log-level=info - --log-encoding=json @@ -6127,7 +6129,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/source-controller:v0.17.1 + image: ghcr.io/fluxcd/source-controller:v0.17.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6178,7 +6180,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: allow-egress namespace: flux-system spec: @@ -6198,7 +6200,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: allow-scraping namespace: flux-system spec: @@ -6218,7 +6220,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.21.0 + app.kubernetes.io/version: v0.22.1 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From fa8e32de4fb06e6a9743261c84b5a31a741f152c Mon Sep 17 00:00:00 2001 From: Flux <> Date: Fri, 12 Nov 2021 01:18:51 +0100 Subject: [PATCH 0105/1882] Add Flux sync manifests --- cluster/base/flux-system/gotk-sync.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cluster/base/flux-system/gotk-sync.yaml b/cluster/base/flux-system/gotk-sync.yaml index 671309fd..3cc95125 100644 --- a/cluster/base/flux-system/gotk-sync.yaml +++ b/cluster/base/flux-system/gotk-sync.yaml @@ -1,3 +1,4 @@ +# This manifest was generated by flux. DO NOT EDIT. --- apiVersion: source.toolkit.fluxcd.io/v1beta1 kind: GitRepository -- 2.47.1 From 02dd2402aabcc0ed4a08f2228e49f2c3bea2e1aa Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 12 Nov 2021 09:43:50 +0100 Subject: [PATCH 0106/1882] fix deployments --- flake.lock | 8 ++++---- flake.nix | 2 +- hosts/consul/configuration.nix | 17 ++--------------- hosts/nginx/configuration.nix | 9 +++++++++ hosts/vault/configuration.nix | 17 +++++++++++++++-- 5 files changed, 31 insertions(+), 22 deletions(-) diff --git a/flake.lock b/flake.lock index 257001c3..fa226b5c 100644 --- a/flake.lock +++ b/flake.lock @@ -54,16 +54,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1635844945, - "narHash": "sha256-tZcL307dj28jgEU1Wdn+zwG9neyW0H2+ZjdVhvJxh9g=", + "lastModified": 1636623366, + "narHash": "sha256-jOQMlv9qFSj0U66HB+ujZoapty0UbewmSNbX8+3ujUQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b67e752c29f18a0ca5534a07661366d6a2c2e649", + "rev": "c5ed8beb478a8ca035f033f659b60c89500a3034", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable", + "ref": "master", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 8af83132..e53e439d 100644 --- a/flake.nix +++ b/flake.nix @@ -2,7 +2,7 @@ description = "Delft Deployment"; inputs.deploy-rs.url = "github:serokell/deploy-rs"; - inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + inputs.nixpkgs.url = "github:NixOS/nixpkgs/master"; outputs = { self, nixpkgs, deploy-rs }: { nixosConfigurations.bastion = nixpkgs.lib.nixosSystem { diff --git a/hosts/consul/configuration.nix b/hosts/consul/configuration.nix index 73735782..28e3e5d5 100644 --- a/hosts/consul/configuration.nix +++ b/hosts/consul/configuration.nix @@ -11,7 +11,7 @@ ../../common ]; - networking.hostName = "vault"; + networking.hostName = "consul"; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions @@ -24,18 +24,5 @@ # Additional packages environment.systemPackages = with pkgs; [ ]; - # Vault - networking.firewall.allowedTCPPorts = [ 8200 ]; - - services.vault = { - enable = true; - # bin version includes the UI - package = pkgs.vault-bin; - address = "0.0.0.0:8200"; - storageBackend = "file"; - storagePath = "/var/lib/vault"; - extraConfig = '' - ui = true - ''; - }; + networking.firewall.allowedTCPPorts = [ ]; } diff --git a/hosts/nginx/configuration.nix b/hosts/nginx/configuration.nix index 56edd745..fa0de25f 100644 --- a/hosts/nginx/configuration.nix +++ b/hosts/nginx/configuration.nix @@ -48,6 +48,15 @@ in { }; }; + virtualHosts."zookeeper-dev.0x76.dev" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://10.42.43.28:8085/"; + proxyWebsockets = true; + }; + }; + # Kubernetes endpoints virtualHosts."0x76.dev" = k8s_proxy; virtualHosts."zookeeper.0x76.dev" = k8s_proxy; diff --git a/hosts/vault/configuration.nix b/hosts/vault/configuration.nix index 28e3e5d5..73735782 100644 --- a/hosts/vault/configuration.nix +++ b/hosts/vault/configuration.nix @@ -11,7 +11,7 @@ ../../common ]; - networking.hostName = "consul"; + networking.hostName = "vault"; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions @@ -24,5 +24,18 @@ # Additional packages environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ ]; + # Vault + networking.firewall.allowedTCPPorts = [ 8200 ]; + + services.vault = { + enable = true; + # bin version includes the UI + package = pkgs.vault-bin; + address = "0.0.0.0:8200"; + storageBackend = "file"; + storagePath = "/var/lib/vault"; + extraConfig = '' + ui = true + ''; + }; } -- 2.47.1 From 1a21062e595942b5f68e45f678c3b921d4a1e503 Mon Sep 17 00:00:00 2001 From: Flux <> Date: Mon, 15 Nov 2021 14:26:57 +0100 Subject: [PATCH 0107/1882] Add Flux v0.23.0 component manifests --- cluster/base/flux-system/gotk-components.yaml | 88 +++++++++---------- 1 file changed, 44 insertions(+), 44 deletions(-) diff --git a/cluster/base/flux-system/gotk-components.yaml b/cluster/base/flux-system/gotk-components.yaml index 19d4394c..2db9961a 100644 --- a/cluster/base/flux-system/gotk-components.yaml +++ b/cluster/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.22.1 +# Flux Version: v0.23.0 # Components: source-controller,kustomize-controller,helm-controller,notification-controller,image-reflector-controller,image-automation-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: flux-system --- apiVersion: apiextensions.k8s.io/v1 @@ -20,7 +20,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -232,7 +232,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -337,7 +337,7 @@ spec: Bucket sync. properties: checksum: - description: Checksum is the SHA1 checksum of the artifact. + description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -463,7 +463,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -637,7 +637,7 @@ spec: repository sync. properties: checksum: - description: Checksum is the SHA1 checksum of the artifact. + description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -736,7 +736,7 @@ spec: description: Artifact represents the output of a source synchronisation. properties: checksum: - description: Checksum is the SHA1 checksum of the artifact. + description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -793,7 +793,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -923,7 +923,7 @@ spec: chart sync. properties: checksum: - description: Checksum is the SHA1 checksum of the artifact. + description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -1048,7 +1048,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -1808,7 +1808,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1901,7 +1901,7 @@ spec: repository sync. properties: checksum: - description: Checksum is the SHA1 checksum of the artifact. + description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -2026,7 +2026,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: imagepolicies.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -2615,7 +2615,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: imagerepositories.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3173,7 +3173,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: imageupdateautomations.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3973,7 +3973,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -5048,7 +5048,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5248,7 +5248,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5465,7 +5465,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: helm-controller namespace: flux-system --- @@ -5475,7 +5475,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: image-automation-controller namespace: flux-system --- @@ -5485,7 +5485,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: image-reflector-controller namespace: flux-system --- @@ -5495,7 +5495,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: kustomize-controller namespace: flux-system --- @@ -5505,7 +5505,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: notification-controller namespace: flux-system --- @@ -5515,7 +5515,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: source-controller namespace: flux-system --- @@ -5525,7 +5525,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: crd-controller-flux-system rules: - apiGroups: @@ -5606,7 +5606,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -5626,7 +5626,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -5658,7 +5658,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 control-plane: controller name: notification-controller namespace: flux-system @@ -5678,7 +5678,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 control-plane: controller name: source-controller namespace: flux-system @@ -5698,7 +5698,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 control-plane: controller name: webhook-receiver namespace: flux-system @@ -5718,7 +5718,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 control-plane: controller name: helm-controller namespace: flux-system @@ -5747,7 +5747,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.12.2 + image: ghcr.io/fluxcd/helm-controller:v0.13.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5791,7 +5791,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 control-plane: controller name: image-automation-controller namespace: flux-system @@ -5866,7 +5866,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 control-plane: controller name: image-reflector-controller namespace: flux-system @@ -5895,7 +5895,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-reflector-controller:v0.13.1 + image: ghcr.io/fluxcd/image-reflector-controller:v0.13.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5945,7 +5945,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 control-plane: controller name: kustomize-controller namespace: flux-system @@ -5974,7 +5974,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.17.0 + image: ghcr.io/fluxcd/kustomize-controller:v0.18.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6020,7 +6020,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 control-plane: controller name: notification-controller namespace: flux-system @@ -6096,7 +6096,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 control-plane: controller name: source-controller namespace: flux-system @@ -6129,7 +6129,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/source-controller:v0.17.2 + image: ghcr.io/fluxcd/source-controller:v0.18.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6180,7 +6180,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: allow-egress namespace: flux-system spec: @@ -6200,7 +6200,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: allow-scraping namespace: flux-system spec: @@ -6220,7 +6220,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.22.1 + app.kubernetes.io/version: v0.23.0 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From 004ef64c8e8f895aa22e5d5c495e11ba892acda1 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Mon, 15 Nov 2021 14:38:07 +0100 Subject: [PATCH 0108/1882] traefik: update to 10.6.2 --- cluster/apps/networking/traefik/helm-release.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cluster/apps/networking/traefik/helm-release.yaml b/cluster/apps/networking/traefik/helm-release.yaml index 91a489aa..18f40826 100644 --- a/cluster/apps/networking/traefik/helm-release.yaml +++ b/cluster/apps/networking/traefik/helm-release.yaml @@ -10,7 +10,7 @@ spec: spec: # renovate: registryUrl=https://helm.traefik.io/traefik chart: traefik - version: 10.6.0 + version: 10.6.2 sourceRef: kind: HelmRepository name: traefik-charts @@ -39,7 +39,7 @@ spec: globalArguments: - "--providers.kubernetesingress.ingressclass=traefik" - "--entryPoints.websecure.forwardedHeaders.trustedIPs=10.42.42.0/23" - additionalArguments: + additionalArguments: - "--providers.kubernetesingress.ingressendpoint.ip=10.42.42.150" ports: traefik: -- 2.47.1 From 235c387bf246f1afa767ea23c1c841df77d9d7cb Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Mon, 15 Nov 2021 14:38:25 +0100 Subject: [PATCH 0109/1882] meta: add bootstrap script --- bootstrap.sh | 2 ++ 1 file changed, 2 insertions(+) create mode 100755 bootstrap.sh diff --git a/bootstrap.sh b/bootstrap.sh new file mode 100755 index 00000000..29f0d6be --- /dev/null +++ b/bootstrap.sh @@ -0,0 +1,2 @@ +#!/bin/sh +flux bootstrap git --url=ssh://git@git.xirion.net:2222/olympus/flux.git --branch=main --path=cluster/base/ --ssh-key-algorithm=ed25519 --components-extra=image-reflector-controller,image-automation-controller -- 2.47.1 From 57e0c3e15534303076055628a469603c385f383a Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Mon, 15 Nov 2021 14:40:00 +0100 Subject: [PATCH 0110/1882] crds: update traefik --- cluster/crds/traefik/crds.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/crds/traefik/crds.yaml b/cluster/crds/traefik/crds.yaml index fa7428c9..89e3fa1e 100644 --- a/cluster/crds/traefik/crds.yaml +++ b/cluster/crds/traefik/crds.yaml @@ -9,7 +9,7 @@ spec: url: https://github.com/traefik/traefik-helm-chart.git ref: # renovate: registryUrl=https://helm.traefik.io/traefik chart=traefik - tag: v10.6.0 + tag: v10.6.2 ignore: | # exclude all /* -- 2.47.1 From 3f3decd50e8c84bdaaf081cf9e69c53a7d9777f6 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 16 Nov 2021 13:51:27 +0100 Subject: [PATCH 0111/1882] update 2021-11-16 --- common/default.nix | 2 +- flake.lock | 6 +++--- hosts/nginx/configuration.nix | 1 + 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/common/default.nix b/common/default.nix index 0ed836ce..eddc08e8 100644 --- a/common/default.nix +++ b/common/default.nix @@ -26,7 +26,7 @@ ]; trustedUsers = [ "root" "victor" ]; extraOptions = '' - experimental-features = nix-command flakes + experimental-features = nix-command flakes ca-references ''; }; diff --git a/flake.lock b/flake.lock index fa226b5c..b7acada1 100644 --- a/flake.lock +++ b/flake.lock @@ -54,11 +54,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1636623366, - "narHash": "sha256-jOQMlv9qFSj0U66HB+ujZoapty0UbewmSNbX8+3ujUQ=", + "lastModified": 1637058895, + "narHash": "sha256-LeibxDl00pSZTqLazKr3qUIhL9K/7LPJdpNYqT3nOMc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c5ed8beb478a8ca035f033f659b60c89500a3034", + "rev": "6abc7cd907ea06424e7963e949cf554a6b3914c2", "type": "github" }, "original": { diff --git a/hosts/nginx/configuration.nix b/hosts/nginx/configuration.nix index fa0de25f..60fa8f9d 100644 --- a/hosts/nginx/configuration.nix +++ b/hosts/nginx/configuration.nix @@ -66,4 +66,5 @@ in { security.acme.email = "victorheld12@gmail.com"; security.acme.acceptTerms = true; + security.acme.preliminarySelfsigned = false; } -- 2.47.1 From c0b31b3606d9d187290a05a2d0264564fb2d8d32 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 16 Nov 2021 16:28:55 +0100 Subject: [PATCH 0112/1882] Add vault-secrets (part 1) --- flake.lock | 247 +++++++++++++++++++++++++++++++- flake.nix | 216 ++++++++++++++++------------ hosts/bastion/configuration.nix | 19 ++- 3 files changed, 387 insertions(+), 95 deletions(-) diff --git a/flake.lock b/flake.lock index b7acada1..a1d2ffcf 100644 --- a/flake.lock +++ b/flake.lock @@ -36,6 +36,148 @@ "type": "github" } }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1627913399, + "narHash": "sha256-hY8g6H2KFL8ownSiFeMOjwPC8P0ueXpCVEbxgda3pko=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "12c64ca55c1014cdc1b16ed5a804aa8576601ff2", + "type": "github" + }, + "original": { + "id": "flake-compat", + "type": "indirect" + } + }, + "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1627913399, + "narHash": "sha256-hY8g6H2KFL8ownSiFeMOjwPC8P0ueXpCVEbxgda3pko=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "12c64ca55c1014cdc1b16ed5a804aa8576601ff2", + "type": "github" + }, + "original": { + "id": "flake-compat", + "type": "indirect" + } + }, + "flake-utils": { + "locked": { + "lastModified": 1631561581, + "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "7e5bf3925f6fbdfaf50a2a7ca0be2879c4261d19", + "type": "github" + }, + "original": { + "id": "flake-utils", + "type": "indirect" + } + }, + "flake-utils_2": { + "locked": { + "lastModified": 1631561581, + "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "7e5bf3925f6fbdfaf50a2a7ca0be2879c4261d19", + "type": "github" + }, + "original": { + "id": "flake-utils", + "type": "indirect" + } + }, + "gitignore-nix": { + "flake": false, + "locked": { + "lastModified": 1611672876, + "narHash": "sha256-qHu3uZ/o9jBHiA3MEKHJ06k7w4heOhA+4HCSIvflRxo=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "211907489e9f198594c0eb0ca9256a1949c9d412", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "lowdown-src": { + "flake": false, + "locked": { + "lastModified": 1632468475, + "narHash": "sha256-NNOm9CbdA8cuwbvaBHslGbPTiU6bh1Ao+MpEPx4rSGo=", + "owner": "kristapsdz", + "repo": "lowdown", + "rev": "6bd668af3fd098bdd07a1bedd399564141e275da", + "type": "github" + }, + "original": { + "owner": "kristapsdz", + "repo": "lowdown", + "type": "github" + } + }, + "lowdown-src_2": { + "flake": false, + "locked": { + "lastModified": 1632468475, + "narHash": "sha256-NNOm9CbdA8cuwbvaBHslGbPTiU6bh1Ao+MpEPx4rSGo=", + "owner": "kristapsdz", + "repo": "lowdown", + "rev": "6bd668af3fd098bdd07a1bedd399564141e275da", + "type": "github" + }, + "original": { + "owner": "kristapsdz", + "repo": "lowdown", + "type": "github" + } + }, + "nix": { + "inputs": { + "lowdown-src": "lowdown-src", + "nixpkgs": "nixpkgs_3" + }, + "locked": { + "lastModified": 1633098935, + "narHash": "sha256-UtuBczommNLwUNEnfRI7822z4vPA7OoRKsgAZ8zsHQI=", + "owner": "nixos", + "repo": "nix", + "rev": "4f496150eb4e0012914c11f0a3ff4df2412b1d09", + "type": "github" + }, + "original": { + "id": "nix", + "type": "indirect" + } + }, + "nix_2": { + "inputs": { + "lowdown-src": "lowdown-src_2", + "nixpkgs": "nixpkgs_5" + }, + "locked": { + "lastModified": 1633098935, + "narHash": "sha256-UtuBczommNLwUNEnfRI7822z4vPA7OoRKsgAZ8zsHQI=", + "owner": "nixos", + "repo": "nix", + "rev": "4f496150eb4e0012914c11f0a3ff4df2412b1d09", + "type": "github" + }, + "original": { + "id": "nix", + "type": "indirect" + } + }, "nixpkgs": { "locked": { "lastModified": 1632086102, @@ -68,10 +210,92 @@ "type": "github" } }, + "nixpkgs_3": { + "locked": { + "lastModified": 1632864508, + "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "82891b5e2c2359d7e58d08849e4c89511ab94234", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-21.05-small", + "type": "indirect" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1632495107, + "narHash": "sha256-4NGE56r+FJGBaCYu3CTH4O83Ys4TrtnEPXrvdwg1TDs=", + "owner": "serokell", + "repo": "nixpkgs", + "rev": "be220b2dc47092c1e739bf6aaf630f29e71fe1c4", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1632864508, + "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "82891b5e2c2359d7e58d08849e4c89511ab94234", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-21.05-small", + "type": "indirect" + } + }, + "nixpkgs_6": { + "locked": { + "lastModified": 1632495107, + "narHash": "sha256-4NGE56r+FJGBaCYu3CTH4O83Ys4TrtnEPXrvdwg1TDs=", + "owner": "serokell", + "repo": "nixpkgs", + "rev": "be220b2dc47092c1e739bf6aaf630f29e71fe1c4", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, "root": { "inputs": { "deploy-rs": "deploy-rs", - "nixpkgs": "nixpkgs_2" + "nixpkgs": "nixpkgs_2", + "serokell-nix": "serokell-nix", + "vault-secrets": "vault-secrets" + } + }, + "serokell-nix": { + "inputs": { + "flake-compat": "flake-compat_2", + "flake-utils": "flake-utils", + "gitignore-nix": "gitignore-nix", + "nix": "nix", + "nixpkgs": "nixpkgs_4" + }, + "locked": { + "lastModified": 1636829084, + "narHash": "sha256-ZlfUAsiJt0uq5TBrtBWYwuoFaxJu3LiHKTHrLePI+Do=", + "owner": "serokell", + "repo": "serokell.nix", + "rev": "3feedad5710f94ae18483249b7e7d12d4549f4b4", + "type": "github" + }, + "original": { + "owner": "serokell", + "repo": "serokell.nix", + "type": "github" } }, "utils": { @@ -88,6 +312,27 @@ "repo": "flake-utils", "type": "github" } + }, + "vault-secrets": { + "inputs": { + "flake-compat": "flake-compat_3", + "flake-utils": "flake-utils_2", + "nix": "nix_2", + "nixpkgs": "nixpkgs_6" + }, + "locked": { + "lastModified": 1633626134, + "narHash": "sha256-fvd+l1iuH+ufwNIt6ppZnIfMs+BEj5dtIAKmGKTbaCQ=", + "owner": "serokell", + "repo": "vault-secrets", + "rev": "1bf4a02eea83d3042bd3d1e2f2266b15077b48b4", + "type": "github" + }, + "original": { + "owner": "serokell", + "repo": "vault-secrets", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index e53e439d..7f231984 100644 --- a/flake.nix +++ b/flake.nix @@ -1,94 +1,132 @@ { description = "Delft Deployment"; - inputs.deploy-rs.url = "github:serokell/deploy-rs"; - inputs.nixpkgs.url = "github:NixOS/nixpkgs/master"; - - outputs = { self, nixpkgs, deploy-rs }: { - nixosConfigurations.bastion = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ ./hosts/bastion/configuration.nix ]; - }; - - nixosConfigurations.k3s = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ ./hosts/k3s/configuration.nix ]; - }; - - nixosConfigurations.vault = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/vault/configuration.nix ]; - }; - - nixosConfigurations.mosquitto = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/mosquitto/configuration.nix ]; - }; - - nixosConfigurations.nginx = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/nginx/configuration.nix ]; - }; - - nixosConfigurations.consul = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./hosts/consul/configuration.nix ]; - }; - - deploy.nodes.bastion = { - hostname = "10.42.42.4"; - fastConnection = true; - profiles.system = { - user = "root"; - path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.bastion; - }; - }; - - deploy.nodes.k3s-node1 = { - hostname = "10.42.42.10"; - fastConnection = true; - profiles.system = { - user = "root"; - path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.k3s; - }; - }; - - deploy.nodes.vault = { - hostname = "10.42.42.6"; - fastConnection = true; - profiles.system = { - user = "root"; - path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.vault; - }; - }; - - deploy.nodes.mosquitto = { - hostname = "10.42.42.7"; - fastConnection = true; - profiles.system = { - user = "root"; - path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.mosquitto; - }; - }; - - deploy.nodes.nginx = { - hostname = "10.42.42.9"; - fastConnection = true; - profiles.system = { - user = "root"; - path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.nginx; - }; - }; - - deploy.nodes.consul = { - hostname = "10.42.42.14"; - fastConnection = true; - profiles.system = { - user = "root"; - path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.consul; - }; - }; - - checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; + inputs = { + deploy-rs.url = "github:serokell/deploy-rs"; + nixpkgs.url = "github:NixOS/nixpkgs/master"; + serokell-nix.url = "github:serokell/serokell.nix"; + vault-secrets.url = "github:serokell/vault-secrets"; }; + + outputs = { self, nixpkgs, deploy-rs, vault-secrets, serokell-nix, ... }: + let system = "x86_64-linux"; + in { + nixosConfigurations.bastion = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ ./hosts/bastion/configuration.nix ]; + }; + + nixosConfigurations.k3s = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ ./hosts/k3s/configuration.nix ]; + }; + + nixosConfigurations.vault = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" + ./hosts/vault/configuration.nix + ]; + }; + + nixosConfigurations.mosquitto = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" + ./hosts/mosquitto/configuration.nix + ]; + }; + + nixosConfigurations.nginx = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" + ./hosts/nginx/configuration.nix + ]; + }; + + nixosConfigurations.consul = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" + ./hosts/consul/configuration.nix + ]; + }; + + deploy.nodes.bastion = { + hostname = "10.42.42.4"; + fastConnection = true; + profiles.system = { + user = "root"; + path = deploy-rs.lib.x86_64-linux.activate.nixos + self.nixosConfigurations.bastion; + }; + }; + + deploy.nodes.k3s-node1 = { + hostname = "10.42.42.10"; + fastConnection = true; + profiles.system = { + user = "root"; + path = deploy-rs.lib.x86_64-linux.activate.nixos + self.nixosConfigurations.k3s; + }; + }; + + deploy.nodes.vault = { + hostname = "10.42.42.6"; + fastConnection = true; + profiles.system = { + user = "root"; + path = deploy-rs.lib.x86_64-linux.activate.nixos + self.nixosConfigurations.vault; + }; + }; + + deploy.nodes.mosquitto = { + hostname = "10.42.42.7"; + fastConnection = true; + profiles.system = { + user = "root"; + path = deploy-rs.lib.x86_64-linux.activate.nixos + self.nixosConfigurations.mosquitto; + }; + }; + + deploy.nodes.nginx = { + hostname = "10.42.42.9"; + fastConnection = true; + profiles.system = { + user = "root"; + path = deploy-rs.lib.x86_64-linux.activate.nixos + self.nixosConfigurations.nginx; + }; + }; + + deploy.nodes.consul = { + hostname = "10.42.42.14"; + fastConnection = true; + profiles.system = { + user = "root"; + path = deploy-rs.lib.x86_64-linux.activate.nixos + self.nixosConfigurations.consul; + }; + }; + + devShell.${system} = let + pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} + [ vault-secrets.overlay ]; + in pkgs.mkShell { + buildInputs = [ + deploy-rs.packages.${system}.deploy-rs + pkgs.vault + (pkgs.vault-push-approle-envs self) + (pkgs.vault-push-approles self) + pkgs.nixUnstable + ]; + }; + + checks = builtins.mapAttrs + (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; + }; } diff --git a/hosts/bastion/configuration.nix b/hosts/bastion/configuration.nix index 06bd4fca..833e9216 100644 --- a/hosts/bastion/configuration.nix +++ b/hosts/bastion/configuration.nix @@ -2,9 +2,18 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: - -{ +{ pkgs, ... }: +let + fix-vscode = pkgs.writeScriptBin "fix-vscode" '' + #!${pkgs.stdenv.shell} + if [[ -d "$HOME/.vscode-server/bin" ]]; then + for versiondir in "$HOME"/.vscode-server/bin/*; do + rm "$versiondir/node" + ln -s "${pkgs.nodejs-14_x}/bin/node" "$versiondir/node" + done + fi + ''; +in { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix @@ -30,11 +39,11 @@ # Additional packages environment.systemPackages = with pkgs; [ + fix-vscode fluxcd k9s kubectl kubectx - nodejs-14_x nixfmt ripgrep rsync @@ -42,7 +51,7 @@ vault vim ]; - # + programs.gnupg.agent = { enable = true; pinentryFlavor = "curses"; -- 2.47.1 From a5a720598089bf109e2934dbdec9de1798c5a2a8 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 16 Nov 2021 21:52:43 +0100 Subject: [PATCH 0113/1882] mkDeploy && mkLxcSystem --- flake.nix | 128 +++++++++++++++--------------------------------------- 1 file changed, 36 insertions(+), 92 deletions(-) diff --git a/flake.nix b/flake.nix index 7f231984..37aee79d 100644 --- a/flake.nix +++ b/flake.nix @@ -1,6 +1,8 @@ { description = "Delft Deployment"; + # Based on: https://github.com/serokell/pegasus-infra/blob/master/flake.nix + inputs = { deploy-rs.url = "github:serokell/deploy-rs"; nixpkgs.url = "github:NixOS/nixpkgs/master"; @@ -8,8 +10,27 @@ vault-secrets.url = "github:serokell/vault-secrets"; }; - outputs = { self, nixpkgs, deploy-rs, vault-secrets, serokell-nix, ... }: - let system = "x86_64-linux"; + outputs = { self, nixpkgs, deploy-rs, vault-secrets, serokell-nix, ... }@inputs: + let + system = "x86_64-linux"; + mkLxcSystem = host: + nixpkgs.lib.nixosSystem { + inherit system; + modules = [ + ./hosts/${host}/configuration.nix + "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" + ]; + specialArgs = { inputs = inputs; }; + }; + + mkDeploy = hostname: profile: { + hostname = hostname; + fastConnection = true; + profiles.system = { + user = "root"; + path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.${profile}; + }; + }; in { nixosConfigurations.bastion = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; @@ -21,98 +42,21 @@ modules = [ ./hosts/k3s/configuration.nix ]; }; - nixosConfigurations.vault = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" - ./hosts/vault/configuration.nix - ]; - }; + # LXC Containers + nixosConfigurations.vault = mkLxcSystem "vault"; + nixosConfigurations.mosquitto = mkLxcSystem "mosquitto"; + nixosConfigurations.nginx = mkLxcSystem "nginx"; + nixosConfigurations.consul = mkLxcSystem "consul"; - nixosConfigurations.mosquitto = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" - ./hosts/mosquitto/configuration.nix - ]; - }; - - nixosConfigurations.nginx = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" - ./hosts/nginx/configuration.nix - ]; - }; - - nixosConfigurations.consul = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" - ./hosts/consul/configuration.nix - ]; - }; - - deploy.nodes.bastion = { - hostname = "10.42.42.4"; - fastConnection = true; - profiles.system = { - user = "root"; - path = deploy-rs.lib.x86_64-linux.activate.nixos - self.nixosConfigurations.bastion; - }; - }; - - deploy.nodes.k3s-node1 = { - hostname = "10.42.42.10"; - fastConnection = true; - profiles.system = { - user = "root"; - path = deploy-rs.lib.x86_64-linux.activate.nixos - self.nixosConfigurations.k3s; - }; - }; - - deploy.nodes.vault = { - hostname = "10.42.42.6"; - fastConnection = true; - profiles.system = { - user = "root"; - path = deploy-rs.lib.x86_64-linux.activate.nixos - self.nixosConfigurations.vault; - }; - }; - - deploy.nodes.mosquitto = { - hostname = "10.42.42.7"; - fastConnection = true; - profiles.system = { - user = "root"; - path = deploy-rs.lib.x86_64-linux.activate.nixos - self.nixosConfigurations.mosquitto; - }; - }; - - deploy.nodes.nginx = { - hostname = "10.42.42.9"; - fastConnection = true; - profiles.system = { - user = "root"; - path = deploy-rs.lib.x86_64-linux.activate.nixos - self.nixosConfigurations.nginx; - }; - }; - - deploy.nodes.consul = { - hostname = "10.42.42.14"; - fastConnection = true; - profiles.system = { - user = "root"; - path = deploy-rs.lib.x86_64-linux.activate.nixos - self.nixosConfigurations.consul; - }; - }; + # Deploys + deploy.nodes.bastion = mkDeploy "10.42.42.4" "bastion"; + deploy.nodes.k3s-node1 = mkDeploy "10.42.42.10" "k3s"; + deploy.nodes.vault = mkDeploy "10.42.42.6" "vault"; + deploy.nodes.mosquitto = mkDeploy "10.42.42.7" "mosquitto"; + deploy.nodes.nginx = mkDeploy "10.42.42.9" "nginx"; + deploy.nodes.consul = mkDeploy "10.42.42.14" "consul"; + # Use by running `nix develop` devShell.${system} = let pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ]; -- 2.47.1 From 8daeef9e151c36b29e08aeccb7f3c87616e5d0ee Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 17 Nov 2021 00:55:01 +0100 Subject: [PATCH 0114/1882] improve mkSystem func --- flake.nix | 38 ++++++++++++++++---------------------- 1 file changed, 16 insertions(+), 22 deletions(-) diff --git a/flake.nix b/flake.nix index 37aee79d..34ee9c78 100644 --- a/flake.nix +++ b/flake.nix @@ -10,19 +10,19 @@ vault-secrets.url = "github:serokell/vault-secrets"; }; - outputs = { self, nixpkgs, deploy-rs, vault-secrets, serokell-nix, ... }@inputs: + outputs = + { self, nixpkgs, deploy-rs, vault-secrets, serokell-nix, ... }@inputs: let system = "x86_64-linux"; - mkLxcSystem = host: + mkSystem = { host, lxc ? true }: nixpkgs.lib.nixosSystem { inherit system; - modules = [ - ./hosts/${host}/configuration.nix - "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" - ]; - specialArgs = { inputs = inputs; }; + modules = [ ./hosts/${host}/configuration.nix ] ++ (if lxc then + [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ] + else + [ ]); + specialArgs.inputs = inputs; }; - mkDeploy = hostname: profile: { hostname = hostname; fastConnection = true; @@ -32,21 +32,15 @@ }; }; in { - nixosConfigurations.bastion = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ ./hosts/bastion/configuration.nix ]; - }; + # VMs + nixosConfigurations.bastion = mkSystem { host = "bastion"; lxc = false; }; + nixosConfigurations.k3s = mkSystem { host = "k3s"; lxc = false; }; - nixosConfigurations.k3s = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ ./hosts/k3s/configuration.nix ]; - }; - - # LXC Containers - nixosConfigurations.vault = mkLxcSystem "vault"; - nixosConfigurations.mosquitto = mkLxcSystem "mosquitto"; - nixosConfigurations.nginx = mkLxcSystem "nginx"; - nixosConfigurations.consul = mkLxcSystem "consul"; + # LXCs + nixosConfigurations.vault = mkSystem { host = "vault"; }; + nixosConfigurations.mosquitto = mkSystem { host = "mosquitto"; }; + nixosConfigurations.nginx = mkSystem { host = "nginx"; }; + nixosConfigurations.consul = mkSystem { host = "consul"; }; # Deploys deploy.nodes.bastion = mkDeploy "10.42.42.4" "bastion"; -- 2.47.1 From 996caabc8a811d67bfe235389808d2d01f49dc76 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 20 Nov 2021 23:41:11 +0100 Subject: [PATCH 0115/1882] various updates --- common.nix | 12 ++++++++++++ flake.lock | 12 ++++++------ flake.nix | 5 +++-- hosts/mosquitto/configuration.nix | 2 +- 4 files changed, 22 insertions(+), 9 deletions(-) create mode 100644 common.nix diff --git a/common.nix b/common.nix new file mode 100644 index 00000000..6612aa3c --- /dev/null +++ b/common.nix @@ -0,0 +1,12 @@ +{ config, inputs, ... }: +{ + imports = [ + inputs.vault-secrets.nixosModules.vault-secrets + ]; + + vault-secrets = { + vaultPrefix = "nixos/${config.networking.hostName}"; + vaultAddress = "http://10.42.42.6:8200/"; + approlePrefix = "olympus-${config.networking.hostName}"; + }; +} diff --git a/flake.lock b/flake.lock index a1d2ffcf..7018cb28 100644 --- a/flake.lock +++ b/flake.lock @@ -196,11 +196,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1637058895, - "narHash": "sha256-LeibxDl00pSZTqLazKr3qUIhL9K/7LPJdpNYqT3nOMc=", + "lastModified": 1637348621, + "narHash": "sha256-dTxccBfFK5ViweuYqx2GwtDo+m9SBSjyBZj0+zMds5M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6abc7cd907ea06424e7963e949cf554a6b3914c2", + "rev": "2d97acad3b9cc16063b554d850a8fe1c2e7bb36d", "type": "github" }, "original": { @@ -285,11 +285,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1636829084, - "narHash": "sha256-ZlfUAsiJt0uq5TBrtBWYwuoFaxJu3LiHKTHrLePI+Do=", + "lastModified": 1637273221, + "narHash": "sha256-ByBCiWlVprVgYGGy2ma7W0DKbtp4Xmj7S5whFrIzO3Q=", "owner": "serokell", "repo": "serokell.nix", - "rev": "3feedad5710f94ae18483249b7e7d12d4549f4b4", + "rev": "1649eceabbe6e148b3c1b322b716e873d312599f", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 34ee9c78..31082b6c 100644 --- a/flake.nix +++ b/flake.nix @@ -17,7 +17,7 @@ mkSystem = { host, lxc ? true }: nixpkgs.lib.nixosSystem { inherit system; - modules = [ ./hosts/${host}/configuration.nix ] ++ (if lxc then + modules = [ ./hosts/${host}/configuration.nix ./common.nix ] ++ (if lxc then [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ] else [ ]); @@ -44,7 +44,7 @@ # Deploys deploy.nodes.bastion = mkDeploy "10.42.42.4" "bastion"; - deploy.nodes.k3s-node1 = mkDeploy "10.42.42.10" "k3s"; + deploy.nodes.k3s = mkDeploy "10.42.42.10" "k3s"; deploy.nodes.vault = mkDeploy "10.42.42.6" "vault"; deploy.nodes.mosquitto = mkDeploy "10.42.42.7" "mosquitto"; deploy.nodes.nginx = mkDeploy "10.42.42.9" "nginx"; @@ -55,6 +55,7 @@ pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ]; in pkgs.mkShell { + VAULT_ADDR = "http://10.42.42.6:8200/"; buildInputs = [ deploy-rs.packages.${system}.deploy-rs pkgs.vault diff --git a/hosts/mosquitto/configuration.nix b/hosts/mosquitto/configuration.nix index b4ec43be..e72b9351 100644 --- a/hosts/mosquitto/configuration.nix +++ b/hosts/mosquitto/configuration.nix @@ -45,7 +45,7 @@ in { dataDir = "/var/lib/zigbee2mqtt"; settings = { homeassistant = true; - permit_join = true; + permit_join = false; serial = { port = "/dev/ttyUSB0"; }; -- 2.47.1 From 68822bcbfaa2fe389fbb3bf4892dd9dedfe3f8f0 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 21 Nov 2021 13:34:39 +0100 Subject: [PATCH 0116/1882] moved nixos to a dir --- flake.nix | 2 +- common.nix => nixos/common.nix | 0 {common => nixos/common}/default.nix | 0 {common => nixos/common}/generic-lxc.nix | 0 {common => nixos/common}/generic-vm.nix | 0 {common => nixos/common}/services/default.nix | 0 {common => nixos/common}/services/flood.nix | 0 {common => nixos/common}/services/unpackerr.nix | 0 {common => nixos/common}/services/vmagent.nix | 0 {common => nixos/common}/users/default.nix | 0 {hosts => nixos/hosts}/bastion/configuration.nix | 0 {hosts => nixos/hosts}/bastion/hardware-configuration.nix | 0 {hosts => nixos/hosts}/consul/configuration.nix | 0 {hosts => nixos/hosts}/k3s/configuration.nix | 0 {hosts => nixos/hosts}/k3s/hardware-configuration.nix | 0 {hosts => nixos/hosts}/mosquitto/configuration.nix | 0 {hosts => nixos/hosts}/nginx/configuration.nix | 0 {hosts => nixos/hosts}/vault/configuration.nix | 0 18 files changed, 1 insertion(+), 1 deletion(-) rename common.nix => nixos/common.nix (100%) rename {common => nixos/common}/default.nix (100%) rename {common => nixos/common}/generic-lxc.nix (100%) rename {common => nixos/common}/generic-vm.nix (100%) rename {common => nixos/common}/services/default.nix (100%) rename {common => nixos/common}/services/flood.nix (100%) rename {common => nixos/common}/services/unpackerr.nix (100%) rename {common => nixos/common}/services/vmagent.nix (100%) rename {common => nixos/common}/users/default.nix (100%) rename {hosts => nixos/hosts}/bastion/configuration.nix (100%) rename {hosts => nixos/hosts}/bastion/hardware-configuration.nix (100%) rename {hosts => nixos/hosts}/consul/configuration.nix (100%) rename {hosts => nixos/hosts}/k3s/configuration.nix (100%) rename {hosts => nixos/hosts}/k3s/hardware-configuration.nix (100%) rename {hosts => nixos/hosts}/mosquitto/configuration.nix (100%) rename {hosts => nixos/hosts}/nginx/configuration.nix (100%) rename {hosts => nixos/hosts}/vault/configuration.nix (100%) diff --git a/flake.nix b/flake.nix index 31082b6c..8a8d7bab 100644 --- a/flake.nix +++ b/flake.nix @@ -17,7 +17,7 @@ mkSystem = { host, lxc ? true }: nixpkgs.lib.nixosSystem { inherit system; - modules = [ ./hosts/${host}/configuration.nix ./common.nix ] ++ (if lxc then + modules = [ ./nixos/hosts/${host}/configuration.nix ./nixos/common.nix ] ++ (if lxc then [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ] else [ ]); diff --git a/common.nix b/nixos/common.nix similarity index 100% rename from common.nix rename to nixos/common.nix diff --git a/common/default.nix b/nixos/common/default.nix similarity index 100% rename from common/default.nix rename to nixos/common/default.nix diff --git a/common/generic-lxc.nix b/nixos/common/generic-lxc.nix similarity index 100% rename from common/generic-lxc.nix rename to nixos/common/generic-lxc.nix diff --git a/common/generic-vm.nix b/nixos/common/generic-vm.nix similarity index 100% rename from common/generic-vm.nix rename to nixos/common/generic-vm.nix diff --git a/common/services/default.nix b/nixos/common/services/default.nix similarity index 100% rename from common/services/default.nix rename to nixos/common/services/default.nix diff --git a/common/services/flood.nix b/nixos/common/services/flood.nix similarity index 100% rename from common/services/flood.nix rename to nixos/common/services/flood.nix diff --git a/common/services/unpackerr.nix b/nixos/common/services/unpackerr.nix similarity index 100% rename from common/services/unpackerr.nix rename to nixos/common/services/unpackerr.nix diff --git a/common/services/vmagent.nix b/nixos/common/services/vmagent.nix similarity index 100% rename from common/services/vmagent.nix rename to nixos/common/services/vmagent.nix diff --git a/common/users/default.nix b/nixos/common/users/default.nix similarity index 100% rename from common/users/default.nix rename to nixos/common/users/default.nix diff --git a/hosts/bastion/configuration.nix b/nixos/hosts/bastion/configuration.nix similarity index 100% rename from hosts/bastion/configuration.nix rename to nixos/hosts/bastion/configuration.nix diff --git a/hosts/bastion/hardware-configuration.nix b/nixos/hosts/bastion/hardware-configuration.nix similarity index 100% rename from hosts/bastion/hardware-configuration.nix rename to nixos/hosts/bastion/hardware-configuration.nix diff --git a/hosts/consul/configuration.nix b/nixos/hosts/consul/configuration.nix similarity index 100% rename from hosts/consul/configuration.nix rename to nixos/hosts/consul/configuration.nix diff --git a/hosts/k3s/configuration.nix b/nixos/hosts/k3s/configuration.nix similarity index 100% rename from hosts/k3s/configuration.nix rename to nixos/hosts/k3s/configuration.nix diff --git a/hosts/k3s/hardware-configuration.nix b/nixos/hosts/k3s/hardware-configuration.nix similarity index 100% rename from hosts/k3s/hardware-configuration.nix rename to nixos/hosts/k3s/hardware-configuration.nix diff --git a/hosts/mosquitto/configuration.nix b/nixos/hosts/mosquitto/configuration.nix similarity index 100% rename from hosts/mosquitto/configuration.nix rename to nixos/hosts/mosquitto/configuration.nix diff --git a/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix similarity index 100% rename from hosts/nginx/configuration.nix rename to nixos/hosts/nginx/configuration.nix diff --git a/hosts/vault/configuration.nix b/nixos/hosts/vault/configuration.nix similarity index 100% rename from hosts/vault/configuration.nix rename to nixos/hosts/vault/configuration.nix -- 2.47.1 From 55e9426514820e7ae75aa6200719ab5fff1c06f9 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 21 Nov 2021 13:47:26 +0100 Subject: [PATCH 0117/1882] flux: update url --- flux/README.md | 6 ------ flux/bootstrap.sh | 2 +- flux/cluster/base/flux-system/gotk-sync.yaml | 2 +- 3 files changed, 2 insertions(+), 8 deletions(-) diff --git a/flux/README.md b/flux/README.md index 9f52e95e..948ec850 100644 --- a/flux/README.md +++ b/flux/README.md @@ -8,12 +8,6 @@ The main directory is `cluster`, it contains the following subdirectories in the * **core**: important core infrastructure applications, grouped by namespace, that should never be pruned * **apps**: common applications that are allowed to be pruned by flux -## Bootstrap -The cluster was bootstrapped using the following command: -``` -flux bootstrap git --url=ssh://git@git.xirion.net:2222/olympus/flux.git --branch=main --path=cluster/base/ --ssh-key-algorithm=ed25519 --components-extra=image-reflector-controller,image-automation-controller -``` - ## References Heavily inspired by: [onedr0p's cluster](https://github.com/onedr0p/home-cluster) diff --git a/flux/bootstrap.sh b/flux/bootstrap.sh index 29f0d6be..90d7b4a7 100755 --- a/flux/bootstrap.sh +++ b/flux/bootstrap.sh @@ -1,2 +1,2 @@ #!/bin/sh -flux bootstrap git --url=ssh://git@git.xirion.net:2222/olympus/flux.git --branch=main --path=cluster/base/ --ssh-key-algorithm=ed25519 --components-extra=image-reflector-controller,image-automation-controller +flux bootstrap git --url=ssh://git@git.xirion.net:2222/0x76/infrastructure.git --branch=main --path=cluster/base/ --ssh-key-algorithm=ed25519 --components-extra=image-reflector-controller,image-automation-controller diff --git a/flux/cluster/base/flux-system/gotk-sync.yaml b/flux/cluster/base/flux-system/gotk-sync.yaml index 3cc95125..3be41edc 100644 --- a/flux/cluster/base/flux-system/gotk-sync.yaml +++ b/flux/cluster/base/flux-system/gotk-sync.yaml @@ -11,7 +11,7 @@ spec: branch: main secretRef: name: flux-system - url: ssh://git@git.xirion.net:2222/olympus/flux.git + url: ssh://git@git.xirion.net:2222/0x76/infrastructure.git --- apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 kind: Kustomization -- 2.47.1 From a44cf6f86f5cce75e92ef6d79a395df9b7bd520c Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 21 Nov 2021 13:49:39 +0100 Subject: [PATCH 0118/1882] flux: fix path --- flux/bootstrap.sh | 2 +- flux/cluster/base/apps.yaml | 2 +- flux/cluster/base/core.yaml | 2 +- flux/cluster/base/crds.yaml | 2 +- flux/cluster/base/flux-system/gotk-sync.yaml | 2 +- .../image-update-automation/image-update-automation.yaml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/flux/bootstrap.sh b/flux/bootstrap.sh index 90d7b4a7..b5d05021 100755 --- a/flux/bootstrap.sh +++ b/flux/bootstrap.sh @@ -1,2 +1,2 @@ #!/bin/sh -flux bootstrap git --url=ssh://git@git.xirion.net:2222/0x76/infrastructure.git --branch=main --path=cluster/base/ --ssh-key-algorithm=ed25519 --components-extra=image-reflector-controller,image-automation-controller +flux bootstrap git --url=ssh://git@git.xirion.net:2222/0x76/infrastructure.git --branch=main --path=flux/cluster/base/ --ssh-key-algorithm=ed25519 --components-extra=image-reflector-controller,image-automation-controller diff --git a/flux/cluster/base/apps.yaml b/flux/cluster/base/apps.yaml index 71aa43d8..cd4f7685 100644 --- a/flux/cluster/base/apps.yaml +++ b/flux/cluster/base/apps.yaml @@ -8,7 +8,7 @@ spec: interval: 10m0s dependsOn: - name: core - path: ./cluster/apps + path: ./flux/cluster/apps prune: true sourceRef: kind: GitRepository diff --git a/flux/cluster/base/core.yaml b/flux/cluster/base/core.yaml index 17c7870f..51375b4c 100644 --- a/flux/cluster/base/core.yaml +++ b/flux/cluster/base/core.yaml @@ -8,7 +8,7 @@ spec: interval: 10m0s dependsOn: - name: crds - path: ./cluster/core + path: ./flux/cluster/core prune: false sourceRef: kind: GitRepository diff --git a/flux/cluster/base/crds.yaml b/flux/cluster/base/crds.yaml index c938c9b5..cf080f85 100644 --- a/flux/cluster/base/crds.yaml +++ b/flux/cluster/base/crds.yaml @@ -6,7 +6,7 @@ metadata: namespace: flux-system spec: interval: 10m0s - path: ./cluster/crds + path: ./flux/cluster/crds prune: false sourceRef: kind: GitRepository diff --git a/flux/cluster/base/flux-system/gotk-sync.yaml b/flux/cluster/base/flux-system/gotk-sync.yaml index 3be41edc..ba2e481a 100644 --- a/flux/cluster/base/flux-system/gotk-sync.yaml +++ b/flux/cluster/base/flux-system/gotk-sync.yaml @@ -20,7 +20,7 @@ metadata: namespace: flux-system spec: interval: 10m0s - path: ./cluster/base + path: ./flux/cluster/base prune: true sourceRef: kind: GitRepository diff --git a/flux/cluster/base/flux-system/image-update-automation/image-update-automation.yaml b/flux/cluster/base/flux-system/image-update-automation/image-update-automation.yaml index 2c8d2352..e140eb75 100644 --- a/flux/cluster/base/flux-system/image-update-automation/image-update-automation.yaml +++ b/flux/cluster/base/flux-system/image-update-automation/image-update-automation.yaml @@ -20,5 +20,5 @@ spec: push: branch: main update: - path: ./cluster/ + path: ./flux/cluster/ strategy: Setters -- 2.47.1 From 9cde99ce165f9d85b5c8e1bc21f5b2ac8e7957dc Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 21 Nov 2021 14:05:15 +0100 Subject: [PATCH 0119/1882] terraform: updates --- terraform/.terraform.lock.hcl | 32 ++++++++++++++++---------------- terraform/main.tf | 7 +++---- terraform/version.tf | 2 +- 3 files changed, 20 insertions(+), 21 deletions(-) diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl index 516a6231..52d100bf 100644 --- a/terraform/.terraform.lock.hcl +++ b/terraform/.terraform.lock.hcl @@ -21,22 +21,22 @@ provider "registry.terraform.io/hashicorp/vault" { } provider "registry.terraform.io/telmate/proxmox" { - version = "2.9.0" - constraints = "2.9.0" + version = "2.9.1" + constraints = "2.9.1" hashes = [ - "h1:2emsswGg3BBrWiYV9GhR1MfR7r6sREVvC3qGX56UOv8=", - "zh:05b3556ffd47f7791e51c600bc281562c35d54fcb2768fe19c5faf08fd10d8f3", - "zh:0ae37a5adb0f9f6409c5363b5ac9f0eb3ed95698b82bb6827a86469a2d103edd", - "zh:0d0487486fd9cb3b064d7495082fb6fb75705dfadf43262a2abb18bc2a76da29", - "zh:12b66f4616bbd011533c5d4254abfa782ebc33619fb439619646283d831a6b3c", - "zh:3c0f9396c75230746f824fe65e5ffb27b277504be23f2771392019e89700c3a9", - "zh:5410169fc01ac9358f766d155e3b199541c25caf3a74ecada84202ecdf68cf75", - "zh:582cd15439da18358f24214addc90085860237a5bc8bb41d57c8e6115032c0c2", - "zh:97ef5e28d4863b52868dd436392b4bbba6dc12e3927ba4d33702538adfbe83c0", - "zh:a1631929b77ac97d38b2a340f598d10005ff75745546f04ea171a4042f98a894", - "zh:ae5116c32ad7b0e0573522c9158583a77a98ec52bbce14dc3ce00c03328c0b4f", - "zh:c164cedfef4ab70dc25fb2c0c25a091c5d8a6b09d58725fc4296b37cb9b133a2", - "zh:c6aed31aceaf6a923859e9e2af26a8e45559d0680bc3524207886ee0556968c2", - "zh:cffbee36856bac5ec527a8f83d52edbead3ac73e0ffbe77a958c175a78929ad6", + "h1:91quPBtAGz3lgEROnowk4dSJiqKEBClbhbw8Xv42Oaw=", + "zh:07a621cc6e9a55892137b42a41e73a4108e067fb534b71b06b65a0022ddde8aa", + "zh:16e031c63f5fda44b61b12c742c9886842774dc3bc88b62fc92ea0e0286d1ec1", + "zh:17b2d78ed14266a581815713bb81d796fb3367728860e774e1e56bc5f888f601", + "zh:37f6a506810d93eaa80f0428ea5409ce210d209006883d9d9a0e513d2818e3be", + "zh:5f439991b9441ebe19f8fe902cdfd0593d546930e47b7d62a7e04d9a7bcb8364", + "zh:707da4a88509bbde66c1ad6b6084633be74943bdf5108c13d9ff4c21b6c88638", + "zh:7d7664c01c0c15f67f1fad9aab3f0a064f8a3f8071b679bb3f8a8a3de7aecf2c", + "zh:7f1231b723d326b9d4e46eb03b5c0011303c4add8a54628ac674fe2669690431", + "zh:85d32d9777972fa08eeec5e5d480bb90f5877442f9740412b132c394de295702", + "zh:bbb9f52948d25a937838a809c9cc0e4e412e0f7c7df559d7c24fb3a9abfd720e", + "zh:bfe2d40f7195ed145655601054af78648493890e33e83aff30e7a21a2f1e765b", + "zh:de46e5597ca86aec52b3e569ca36f42fff5717c01d8274b9c580a98e0899b24d", + "zh:f251a74241c4eec1f2ceaed14151a0ff091c9f1d9856fe501935e7eab85ce822", ] } diff --git a/terraform/main.tf b/terraform/main.tf index b5d33787..8c7acd0d 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -13,7 +13,7 @@ resource "proxmox_lxc" "nixos-template" { ostemplate = "local:vztmpl/nixos-unstable-default_156198829_amd64.tar.xz" ostype = "unmanaged" unprivileged = true - vmid = "101" + vmid = 101 template = true memory = 1024 @@ -40,9 +40,8 @@ resource "proxmox_lxc" "vault" { description = "Vault Secrets Management" hostname = "vault" unprivileged = false # needed for mlock - vmid = "102" - clone = "101" - + vmid = 102 + clone = "101" memory = 1024 rootfs { diff --git a/terraform/version.tf b/terraform/version.tf index 5beb9d46..f762c5a4 100644 --- a/terraform/version.tf +++ b/terraform/version.tf @@ -2,7 +2,7 @@ terraform { required_providers { proxmox = { source = "telmate/proxmox" - version = "2.9.0" + version = "2.9.1" } vault = { source = "hashicorp/vault" -- 2.47.1 From 91c59b132ec72139bb6decfe15bcf67dc4ef094f Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 21 Nov 2021 14:35:09 +0100 Subject: [PATCH 0120/1882] nixos: invert common dependency --- flake.nix | 20 ++++++++++++++------ nixos/common.nix | 12 ------------ nixos/common/default.nix | 12 +++++++++++- nixos/common/generic-lxc.nix | 3 --- nixos/common/generic-vm.nix | 4 ---- nixos/hosts/bastion/configuration.nix | 3 --- nixos/hosts/consul/configuration.nix | 3 --- nixos/hosts/k3s/configuration.nix | 3 --- nixos/hosts/mosquitto/configuration.nix | 3 --- nixos/hosts/nginx/configuration.nix | 3 --- nixos/hosts/vault/configuration.nix | 3 --- 11 files changed, 25 insertions(+), 44 deletions(-) delete mode 100644 nixos/common.nix diff --git a/flake.nix b/flake.nix index 8a8d7bab..0001c314 100644 --- a/flake.nix +++ b/flake.nix @@ -17,10 +17,12 @@ mkSystem = { host, lxc ? true }: nixpkgs.lib.nixosSystem { inherit system; - modules = [ ./nixos/hosts/${host}/configuration.nix ./nixos/common.nix ] ++ (if lxc then - [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ] - else - [ ]); + modules = [ ./nixos/hosts/${host}/configuration.nix ./nixos/common ] + ++ (if lxc then [ + "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" + ./nixos/common/generic-lxc.nix + ] else + [ ./nixos/common/generic-vm.nix ]); specialArgs.inputs = inputs; }; mkDeploy = hostname: profile: { @@ -33,8 +35,14 @@ }; in { # VMs - nixosConfigurations.bastion = mkSystem { host = "bastion"; lxc = false; }; - nixosConfigurations.k3s = mkSystem { host = "k3s"; lxc = false; }; + nixosConfigurations.bastion = mkSystem { + host = "bastion"; + lxc = false; + }; + nixosConfigurations.k3s = mkSystem { + host = "k3s"; + lxc = false; + }; # LXCs nixosConfigurations.vault = mkSystem { host = "vault"; }; diff --git a/nixos/common.nix b/nixos/common.nix deleted file mode 100644 index 6612aa3c..00000000 --- a/nixos/common.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ config, inputs, ... }: -{ - imports = [ - inputs.vault-secrets.nixosModules.vault-secrets - ]; - - vault-secrets = { - vaultPrefix = "nixos/${config.networking.hostName}"; - vaultAddress = "http://10.42.42.6:8200/"; - approlePrefix = "olympus-${config.networking.hostName}"; - }; -} diff --git a/nixos/common/default.nix b/nixos/common/default.nix index eddc08e8..c7723662 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -1,7 +1,8 @@ -{ pkgs, ... }: +{ config, inputs, pkgs, ... }: { imports = [ + inputs.vault-secrets.nixosModules.vault-secrets # User account definitions ./users ./services @@ -38,4 +39,13 @@ SystemMaxUse=100M MaxFileSec=7day ''; + + # Enable SSH daemon support. + services.openssh.enable = true; + + vault-secrets = { + vaultPrefix = "nixos/${config.networking.hostName}"; + vaultAddress = "http://10.42.42.6:8200/"; + approlePrefix = "olympus-${config.networking.hostName}"; + }; } diff --git a/nixos/common/generic-lxc.nix b/nixos/common/generic-lxc.nix index 1bf6c58c..a28b7089 100644 --- a/nixos/common/generic-lxc.nix +++ b/nixos/common/generic-lxc.nix @@ -3,7 +3,4 @@ # Supress systemd services that don't work (correctly) on LXC systemd.suppressedSystemUnits = [ "dev-mqueue.mount" "sys-kernel-debug.mount" "sys-fs-fuse-connections.mount" ]; - - # Enable SSH daemon support. - services.openssh.enable = true; } diff --git a/nixos/common/generic-vm.nix b/nixos/common/generic-vm.nix index de732089..66aba486 100644 --- a/nixos/common/generic-vm.nix +++ b/nixos/common/generic-vm.nix @@ -5,10 +5,6 @@ networking.useDHCP = false; networking.interfaces.ens18.useDHCP = lib.mkDefault true; - # Enable the OpenSSH daemon. - services.openssh.enable = true; - services.openssh.permitRootLogin = lib.mkDefault "yes"; - # Enable qemu guest agent services.qemuGuest.enable = true; } diff --git a/nixos/hosts/bastion/configuration.nix b/nixos/hosts/bastion/configuration.nix index 833e9216..7b5cc723 100644 --- a/nixos/hosts/bastion/configuration.nix +++ b/nixos/hosts/bastion/configuration.nix @@ -17,9 +17,6 @@ in { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix - # Import common config - ../../common/generic-vm.nix - ../../common ]; # Use the GRUB 2 boot loader. diff --git a/nixos/hosts/consul/configuration.nix b/nixos/hosts/consul/configuration.nix index 28e3e5d5..949dfb77 100644 --- a/nixos/hosts/consul/configuration.nix +++ b/nixos/hosts/consul/configuration.nix @@ -6,9 +6,6 @@ { imports = [ - # Import common config - ../../common/generic-lxc.nix - ../../common ]; networking.hostName = "consul"; diff --git a/nixos/hosts/k3s/configuration.nix b/nixos/hosts/k3s/configuration.nix index 7de2f512..4dceed6c 100644 --- a/nixos/hosts/k3s/configuration.nix +++ b/nixos/hosts/k3s/configuration.nix @@ -2,9 +2,6 @@ imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix - # Import common config - ../../common/generic-vm.nix - ../../common ]; # Use the GRUB 2 boot loader. diff --git a/nixos/hosts/mosquitto/configuration.nix b/nixos/hosts/mosquitto/configuration.nix index e72b9351..29b1924e 100644 --- a/nixos/hosts/mosquitto/configuration.nix +++ b/nixos/hosts/mosquitto/configuration.nix @@ -6,9 +6,6 @@ let mosquittoPort = 1883; in { imports = [ - # Import common config - ../../common/generic-lxc.nix - ../../common ]; networking.hostName = "mosquitto"; diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index 60fa8f9d..c28bc317 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -14,9 +14,6 @@ let }; in { imports = [ - # Import common config - ../../common/generic-lxc.nix - ../../common ]; networking.hostName = "nginx"; diff --git a/nixos/hosts/vault/configuration.nix b/nixos/hosts/vault/configuration.nix index 73735782..533f8b94 100644 --- a/nixos/hosts/vault/configuration.nix +++ b/nixos/hosts/vault/configuration.nix @@ -6,9 +6,6 @@ { imports = [ - # Import common config - ../../common/generic-lxc.nix - ../../common ]; networking.hostName = "vault"; -- 2.47.1 From d7e1e93d7ff92729c0a4e669485ee85133355f1a Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 21 Nov 2021 15:50:29 +0100 Subject: [PATCH 0121/1882] nixos: integrate functions made by j00lz see: https://git.voidcorp.nl/j00lz/nixos-configs/src/commit/953ffb8d862a1bd8541cf98450c96ae3b4d69e8c/flake.nix --- flake.nix | 79 ++++++++++++++++++++++++++++--------------------- nixos/hosts.nix | 35 ++++++++++++++++++++++ 2 files changed, 80 insertions(+), 34 deletions(-) create mode 100644 nixos/hosts.nix diff --git a/flake.nix b/flake.nix index 0001c314..46fb29b4 100644 --- a/flake.nix +++ b/flake.nix @@ -1,7 +1,9 @@ { description = "Delft Deployment"; - # Based on: https://github.com/serokell/pegasus-infra/blob/master/flake.nix + # Based on: + # * https://github.com/serokell/pegasus-infra/blob/master/flake.nix + # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix inputs = { deploy-rs.url = "github:serokell/deploy-rs"; @@ -13,11 +15,17 @@ outputs = { self, nixpkgs, deploy-rs, vault-secrets, serokell-nix, ... }@inputs: let + inherit (nixpkgs) lib; + inherit (builtins) filter; system = "x86_64-linux"; - mkSystem = { host, lxc ? true }: - nixpkgs.lib.nixosSystem { + merge = a: b: a // b; + + # Create a nixosConfiguration based on a foldername (nixname) and if the host is an LXC container or a VM. + mkConfig = nixname: lxc: + lib.nixosSystem { inherit system; - modules = [ ./nixos/hosts/${host}/configuration.nix ./nixos/common ] + modules = + [ "${./.}/nixos/hosts/${nixname}/configuration.nix" ./nixos/common ] ++ (if lxc then [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./nixos/common/generic-lxc.nix @@ -25,38 +33,36 @@ [ ./nixos/common/generic-vm.nix ]); specialArgs.inputs = inputs; }; + + # Create a deploy-rs config based on profile- and hostname. mkDeploy = hostname: profile: { - hostname = hostname; + inherit hostname; fastConnection = true; profiles.system = { user = "root"; - path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.${profile}; + path = deploy-rs.lib.${system}.activate.nixos + self.nixosConfigurations.${profile}; }; }; + + # Convert a host from hosts.nix to something nixosConfigurations understands + hostToConfig = { hostname, nixname ? hostname, lxc ? true, ... }: + merge { + "${nixname}" = mkConfig nixname lxc; + }; + + # Same as above, but for the nodes part of deploy. + hostToDeploy = { ip, hostname, nixname ? hostname, ... }: + merge { + "${nixname}" = mkDeploy ip nixname; + }; + + # Import all nixos host definitions that are actual nix machines + nixHosts = filter ({ nix ? true, ... }: nix) (import ./nixos/hosts.nix); in { - # VMs - nixosConfigurations.bastion = mkSystem { - host = "bastion"; - lxc = false; - }; - nixosConfigurations.k3s = mkSystem { - host = "k3s"; - lxc = false; - }; - - # LXCs - nixosConfigurations.vault = mkSystem { host = "vault"; }; - nixosConfigurations.mosquitto = mkSystem { host = "mosquitto"; }; - nixosConfigurations.nginx = mkSystem { host = "nginx"; }; - nixosConfigurations.consul = mkSystem { host = "consul"; }; - - # Deploys - deploy.nodes.bastion = mkDeploy "10.42.42.4" "bastion"; - deploy.nodes.k3s = mkDeploy "10.42.42.10" "k3s"; - deploy.nodes.vault = mkDeploy "10.42.42.6" "vault"; - deploy.nodes.mosquitto = mkDeploy "10.42.42.7" "mosquitto"; - deploy.nodes.nginx = mkDeploy "10.42.42.9" "nginx"; - deploy.nodes.consul = mkDeploy "10.42.42.14" "consul"; + # Make the config and deploy sets + nixosConfigurations = lib.foldr hostToConfig { } nixHosts; + deploy.nodes = lib.foldr hostToDeploy { } nixHosts; # Use by running `nix develop` devShell.${system} = let @@ -64,12 +70,17 @@ [ vault-secrets.overlay ]; in pkgs.mkShell { VAULT_ADDR = "http://10.42.42.6:8200/"; - buildInputs = [ + buildInputs = with pkgs; [ deploy-rs.packages.${system}.deploy-rs - pkgs.vault - (pkgs.vault-push-approle-envs self) - (pkgs.vault-push-approles self) - pkgs.nixUnstable + fluxcd + k9s + kubectl + kubectx + nixfmt + nixUnstable + vault + (vault-push-approle-envs self) + (vault-push-approles self) ]; }; diff --git a/nixos/hosts.nix b/nixos/hosts.nix new file mode 100644 index 00000000..d1abf259 --- /dev/null +++ b/nixos/hosts.nix @@ -0,0 +1,35 @@ +[ + { + hostname = "bastion"; + ip = "10.42.42.4"; + mac = "82:F0:7C:CB:BD:6D"; + lxc = false; + } + { + hostname = "k3s-node1"; + nixname = "k3s"; + ip = "10.42.42.10"; + mac = "2E:F8:55:23:D9:9B"; + lxc = false; + } + { + hostname = "vault"; + ip = "10.42.42.6"; + mac = "16:2B:87:55:0C:0C"; + } + { + hostname = "mosquitto"; + ip = "10.42.42.7"; + mac = "16:2B:87:55:0C:0C"; + } + { + hostname = "nginx"; + ip = "10.42.42.9"; + mac = "16:2B:87:55:0C:0C"; + } + { + hostname = "consul"; + ip = "10.42.42.14"; + mac = "16:2B:87:55:0C:0C"; + } +] -- 2.47.1 From e0ca875df087051ab06eecca2c2bc4d806ac45c7 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 21 Nov 2021 16:01:56 +0100 Subject: [PATCH 0122/1882] nixos: fix macs --- nixos/hosts.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/nixos/hosts.nix b/nixos/hosts.nix index d1abf259..d8f0eecd 100644 --- a/nixos/hosts.nix +++ b/nixos/hosts.nix @@ -20,16 +20,16 @@ { hostname = "mosquitto"; ip = "10.42.42.7"; - mac = "16:2B:87:55:0C:0C"; + mac = "C6:F9:8B:3D:9E:37"; } { hostname = "nginx"; ip = "10.42.42.9"; - mac = "16:2B:87:55:0C:0C"; + mac = "6A:C2:89:85:CF:A6"; } { hostname = "consul"; ip = "10.42.42.14"; - mac = "16:2B:87:55:0C:0C"; + mac = "D6:DE:07:41:73:81"; } ] -- 2.47.1 From c3f86d5ae5b8d3a792c4f6e92550f1d215404cb6 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 21 Nov 2021 16:32:30 +0100 Subject: [PATCH 0123/1882] nixos: refactor flake --- flake.nix | 49 +++++++++++++++--------------------- nixos/hosts.nix => hosts.nix | 2 +- 2 files changed, 21 insertions(+), 30 deletions(-) rename nixos/hosts.nix => hosts.nix (96%) diff --git a/flake.nix b/flake.nix index 46fb29b4..6f4a69da 100644 --- a/flake.nix +++ b/flake.nix @@ -18,14 +18,13 @@ inherit (nixpkgs) lib; inherit (builtins) filter; system = "x86_64-linux"; - merge = a: b: a // b; # Create a nixosConfiguration based on a foldername (nixname) and if the host is an LXC container or a VM. - mkConfig = nixname: lxc: - lib.nixosSystem { + mkConfig = { hostname, profile ? hostname, lxc ? true, ... }: { + "${profile}" = lib.nixosSystem { inherit system; modules = - [ "${./.}/nixos/hosts/${nixname}/configuration.nix" ./nixos/common ] + [ "${./.}/nixos/hosts/${profile}/configuration.nix" ./nixos/common ] ++ (if lxc then [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./nixos/common/generic-lxc.nix @@ -33,36 +32,26 @@ [ ./nixos/common/generic-vm.nix ]); specialArgs.inputs = inputs; }; + }; - # Create a deploy-rs config based on profile- and hostname. - mkDeploy = hostname: profile: { - inherit hostname; - fastConnection = true; - profiles.system = { - user = "root"; - path = deploy-rs.lib.${system}.activate.nixos - self.nixosConfigurations.${profile}; + # Same as above, but for the nodes part of deploy. + mkDeploy = { ip, hostname, profile ? hostname, ... }: { + "${hostname}" = { + hostname = ip; + fastConnection = true; + profiles.system = { + user = "root"; + path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.${profile}; + }; }; }; - # Convert a host from hosts.nix to something nixosConfigurations understands - hostToConfig = { hostname, nixname ? hostname, lxc ? true, ... }: - merge { - "${nixname}" = mkConfig nixname lxc; - }; - - # Same as above, but for the nodes part of deploy. - hostToDeploy = { ip, hostname, nixname ? hostname, ... }: - merge { - "${nixname}" = mkDeploy ip nixname; - }; - # Import all nixos host definitions that are actual nix machines - nixHosts = filter ({ nix ? true, ... }: nix) (import ./nixos/hosts.nix); + nixHosts = filter ({ nix ? true, ... }: nix) (import ./hosts.nix); in { # Make the config and deploy sets - nixosConfigurations = lib.foldr hostToConfig { } nixHosts; - deploy.nodes = lib.foldr hostToDeploy { } nixHosts; + nixosConfigurations = lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; + deploy.nodes = lib.foldr (el: acc: acc // mkDeploy el) { } nixHosts; # Use by running `nix develop` devShell.${system} = let @@ -70,12 +59,15 @@ [ vault-secrets.overlay ]; in pkgs.mkShell { VAULT_ADDR = "http://10.42.42.6:8200/"; + # This only support bash so just execute zsh in bash as a workaround :/ + shellHook = "${pkgs.zsh}/bin/zsh; exit"; buildInputs = with pkgs; [ deploy-rs.packages.${system}.deploy-rs fluxcd k9s kubectl kubectx + terraform nixfmt nixUnstable vault @@ -84,7 +76,6 @@ ]; }; - checks = builtins.mapAttrs - (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; + checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; }; } diff --git a/nixos/hosts.nix b/hosts.nix similarity index 96% rename from nixos/hosts.nix rename to hosts.nix index d8f0eecd..49eab260 100644 --- a/nixos/hosts.nix +++ b/hosts.nix @@ -7,7 +7,7 @@ } { hostname = "k3s-node1"; - nixname = "k3s"; + profile = "k3s"; ip = "10.42.42.10"; mac = "2E:F8:55:23:D9:9B"; lxc = false; -- 2.47.1 From b965765312bf867d2811c1d3a6a755264abe54b9 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 21 Nov 2021 19:30:19 +0100 Subject: [PATCH 0124/1882] nixos: add dns server --- flake.lock | 8 +- flake.nix | 19 +++-- hosts.nix | 102 +++++++++++++++++-------- nixos/hosts/dns/configuration.nix | 66 ++++++++++++++++ nixos/hosts/template/configuration.nix | 24 ++++++ 5 files changed, 175 insertions(+), 44 deletions(-) create mode 100644 nixos/hosts/dns/configuration.nix create mode 100644 nixos/hosts/template/configuration.nix diff --git a/flake.lock b/flake.lock index 7018cb28..1485c8de 100644 --- a/flake.lock +++ b/flake.lock @@ -196,16 +196,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1637348621, - "narHash": "sha256-dTxccBfFK5ViweuYqx2GwtDo+m9SBSjyBZj0+zMds5M=", + "lastModified": 1637469704, + "narHash": "sha256-tNbrZZDHCLBw5/3REe8Dm/WMYiAXgXy7n5GuhRn5lI0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2d97acad3b9cc16063b554d850a8fe1c2e7bb36d", + "rev": "296032dd5ff5e4c266782e73f9c00ee044f19c70", "type": "github" }, "original": { "owner": "NixOS", - "ref": "master", + "ref": "nixos-unstable-small", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 6f4a69da..e442592c 100644 --- a/flake.nix +++ b/flake.nix @@ -7,7 +7,7 @@ inputs = { deploy-rs.url = "github:serokell/deploy-rs"; - nixpkgs.url = "github:NixOS/nixpkgs/master"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small"; serokell-nix.url = "github:serokell/serokell.nix"; vault-secrets.url = "github:serokell/vault-secrets"; }; @@ -16,8 +16,9 @@ { self, nixpkgs, deploy-rs, vault-secrets, serokell-nix, ... }@inputs: let inherit (nixpkgs) lib; - inherit (builtins) filter; + inherit (builtins) filter mapAttrs; system = "x86_64-linux"; + hosts = import ./hosts.nix; # Create a nixosConfiguration based on a foldername (nixname) and if the host is an LXC container or a VM. mkConfig = { hostname, profile ? hostname, lxc ? true, ... }: { @@ -30,7 +31,7 @@ ./nixos/common/generic-lxc.nix ] else [ ./nixos/common/generic-vm.nix ]); - specialArgs.inputs = inputs; + specialArgs = { inherit hosts inputs; }; }; }; @@ -41,16 +42,19 @@ fastConnection = true; profiles.system = { user = "root"; - path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.${profile}; + path = deploy-rs.lib.${system}.activate.nixos + self.nixosConfigurations.${profile}; }; }; }; # Import all nixos host definitions that are actual nix machines - nixHosts = filter ({ nix ? true, ... }: nix) (import ./hosts.nix); + nixHosts = filter ({ nix ? true, ... }: nix) hosts; in { # Make the config and deploy sets - nixosConfigurations = lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; + nixosConfigurations = + lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; + deploy.nodes = lib.foldr (el: acc: acc // mkDeploy el) { } nixHosts; # Use by running `nix develop` @@ -76,6 +80,7 @@ ]; }; - checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; + checks = mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) + deploy-rs.lib; }; } diff --git a/hosts.nix b/hosts.nix index 49eab260..8b4a3c10 100644 --- a/hosts.nix +++ b/hosts.nix @@ -1,35 +1,71 @@ [ - { - hostname = "bastion"; - ip = "10.42.42.4"; - mac = "82:F0:7C:CB:BD:6D"; - lxc = false; - } - { - hostname = "k3s-node1"; - profile = "k3s"; - ip = "10.42.42.10"; - mac = "2E:F8:55:23:D9:9B"; - lxc = false; - } - { - hostname = "vault"; - ip = "10.42.42.6"; - mac = "16:2B:87:55:0C:0C"; - } - { - hostname = "mosquitto"; - ip = "10.42.42.7"; - mac = "C6:F9:8B:3D:9E:37"; - } - { - hostname = "nginx"; - ip = "10.42.42.9"; - mac = "6A:C2:89:85:CF:A6"; - } - { - hostname = "consul"; - ip = "10.42.42.14"; - mac = "D6:DE:07:41:73:81"; - } + { + hostname = "edgerouter"; + ip = "10.42.42.1"; + mac = "B4:FB:E4:53:9C:0A"; + nix = false; + } + { + hostname = "nuc"; + ip = "10.42.42.42"; + mac = "1C:69:7A:62:30:88"; + nix = false; + } + { + hostname = "LGwebOSTV"; + ip = "10.42.42.13"; + mac = "74:40:be:48:85:a4"; + nix = false; + } + { + hostname = "home-assistant"; + ip = "10.42.42.8"; + mac = "74:40:be:48:85:a4"; + nix = false; + } + { + hostname = "bastion"; + ip = "10.42.42.4"; + mac = "82:F0:7C:CB:BD:6D"; + lxc = false; + } + { + hostname = "k3s-node1"; + profile = "k3s"; + ip = "10.42.42.10"; + mac = "2E:F8:55:23:D9:9B"; + lxc = false; + } + { + hostname = "vault"; + ip = "10.42.42.6"; + mac = "16:2B:87:55:0C:0C"; + } + { + hostname = "mosquitto"; + ip = "10.42.42.7"; + mac = "C6:F9:8B:3D:9E:37"; + } + { + hostname = "nginx"; + ip = "10.42.42.9"; + mac = "6A:C2:89:85:CF:A6"; + } + { + hostname = "consul"; + ip = "10.42.42.14"; + mac = "D6:DE:07:41:73:81"; + } + { + hostname = "dns-1"; + profile = "dns"; + ip = "10.42.42.15"; + mac = "5E:F6:36:23:16:E3"; + } + { + hostname = "dns-2"; + profile = "dns"; + ip = "10.42.42.16"; + mac = "B6:04:0B:CD:0F:9F"; + } ] diff --git a/nixos/hosts/dns/configuration.nix b/nixos/hosts/dns/configuration.nix new file mode 100644 index 00000000..565d124b --- /dev/null +++ b/nixos/hosts/dns/configuration.nix @@ -0,0 +1,66 @@ +{ config, pkgs, hosts, ... }: +let + localdomain = "olympus"; + localData = { hostname, ip, ... }: ''"${hostname}.${localdomain}. A ${ip}"''; + ptrData = { hostname, ip, ... }: ''"${ip} ${hostname}.${localdomain}"''; +in { + imports = [ ]; + + networking.hostName = "dns"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ dig ]; + + networking.firewall.allowedTCPPorts = [ 53 ]; + networking.firewall.allowedUDPPorts = [ 53 ]; + + services.unbound = { + enable = true; + settings = { + server = { + use-syslog = "yes"; + module-config = ''"validator iterator"''; + interface-automatic = "yes"; + interface = [ "0.0.0.0" "::0" ]; + + local-zone = ''"${localdomain}." transparent''; + local-data = map localData hosts; + local-data-ptr = map ptrData hosts; + + access-control = [ + "127.0.0.1/32 allow_snoop" + "::1 allow_snoop" + "10.42.0.0/16 allow" + "127.0.0.0/8 allow" + "192.168.2.0/24 allow" + "::1/128 allow" + ]; + private-address = [ + "127.0.0.0/8" + "10.0.0.0/8" + "::ffff:a00:0/104" + "172.16.0.0/12" + "::ffff:ac10:0/108" + "169.254.0.0/16" + "::ffff:a9fe:0/112" + "192.168.0.0/16" + "::ffff:c0a8:0/112" + "fd00::/8" + "fe80::/10" + ]; + }; + # forward-zone = { + # name = ''"."''; + # forward-addr = [ "8.8.8.8" "9.9.9.9" ]; + # }; + }; + }; +} diff --git a/nixos/hosts/template/configuration.nix b/nixos/hosts/template/configuration.nix new file mode 100644 index 00000000..0feed4a6 --- /dev/null +++ b/nixos/hosts/template/configuration.nix @@ -0,0 +1,24 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = [ ]; + + networking.hostName = "template"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ ]; +} -- 2.47.1 From a967b6ab05c8a1573123ffec22308010ba2c3432 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 21 Nov 2021 20:26:08 +0100 Subject: [PATCH 0125/1882] nixos: dns ipv6 support --- hosts.nix | 3 +++ nixos/hosts/dns/configuration.nix | 8 ++++++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/hosts.nix b/hosts.nix index 8b4a3c10..69fe10e7 100644 --- a/hosts.nix +++ b/hosts.nix @@ -2,6 +2,7 @@ { hostname = "edgerouter"; ip = "10.42.42.1"; + ip6 = "2001:41f0:9639:1:b6fb:e4ff:fe53:9c0"; mac = "B4:FB:E4:53:9C:0A"; nix = false; } @@ -9,6 +10,7 @@ hostname = "nuc"; ip = "10.42.42.42"; mac = "1C:69:7A:62:30:88"; + ip6 = ""; nix = false; } { @@ -20,6 +22,7 @@ { hostname = "home-assistant"; ip = "10.42.42.8"; + ip6 = "2001:41f0:9639:1:bfe7:3fd9:75de:cbee"; mac = "74:40:be:48:85:a4"; nix = false; } diff --git a/nixos/hosts/dns/configuration.nix b/nixos/hosts/dns/configuration.nix index 565d124b..c450dcbe 100644 --- a/nixos/hosts/dns/configuration.nix +++ b/nixos/hosts/dns/configuration.nix @@ -1,8 +1,12 @@ { config, pkgs, hosts, ... }: let localdomain = "olympus"; + ipv6Hosts = builtins.filter (builtins.hasAttr ip6) hosts; + localData = { hostname, ip, ... }: ''"${hostname}.${localdomain}. A ${ip}"''; + local6Data = { hostname, ip6, ... }: ''"${hostname}.${localdomain}. AAAA ${ip6}"''; ptrData = { hostname, ip, ... }: ''"${ip} ${hostname}.${localdomain}"''; + ptr6Data = { hostname, ip6, ... }: ''"${ip6} ${hostname}.${localdomain}"''; in { imports = [ ]; @@ -32,8 +36,8 @@ in { interface = [ "0.0.0.0" "::0" ]; local-zone = ''"${localdomain}." transparent''; - local-data = map localData hosts; - local-data-ptr = map ptrData hosts; + local-data = (map localData hosts) ++ (map local6Data ipv6Hosts); + local-data-ptr = (map ptrData hosts); access-control = [ "127.0.0.1/32 allow_snoop" -- 2.47.1 From 8f0eb95dda7684a7e453ae8160264e888d934802 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 21 Nov 2021 21:56:17 +0100 Subject: [PATCH 0126/1882] nixos: cleanup --- hosts.nix | 1 - nixos/common/default.nix | 1 + nixos/hosts/dns/configuration.nix | 14 +++++------ nixos/hosts/mosquitto/configuration.nix | 6 ++--- nixos/hosts/nginx/configuration.nix | 32 ++++++------------------- nixos/hosts/vault/configuration.nix | 11 ++++----- nixos/pkgs/default.nix | 10 ++++++++ 7 files changed, 31 insertions(+), 44 deletions(-) create mode 100644 nixos/pkgs/default.nix diff --git a/hosts.nix b/hosts.nix index 69fe10e7..0b373068 100644 --- a/hosts.nix +++ b/hosts.nix @@ -10,7 +10,6 @@ hostname = "nuc"; ip = "10.42.42.42"; mac = "1C:69:7A:62:30:88"; - ip6 = ""; nix = false; } { diff --git a/nixos/common/default.nix b/nixos/common/default.nix index c7723662..f7d99087 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -32,6 +32,7 @@ }; nixpkgs.config.allowUnfree = true; + nixpkgs.overlays = [ (import ../pkgs) ]; # Limit the systemd journal to 100 MB of disk or the # last 7 days of logs, whichever happens first. diff --git a/nixos/hosts/dns/configuration.nix b/nixos/hosts/dns/configuration.nix index c450dcbe..d4535f46 100644 --- a/nixos/hosts/dns/configuration.nix +++ b/nixos/hosts/dns/configuration.nix @@ -1,7 +1,8 @@ { config, pkgs, hosts, ... }: -let +let + inherit (builtins) filter hasAttr; localdomain = "olympus"; - ipv6Hosts = builtins.filter (builtins.hasAttr ip6) hosts; + ipv6Hosts = filter (hasAttr "ip6") hosts; localData = { hostname, ip, ... }: ''"${hostname}.${localdomain}. A ${ip}"''; local6Data = { hostname, ip6, ... }: ''"${hostname}.${localdomain}. AAAA ${ip6}"''; @@ -21,13 +22,14 @@ in { system.stateVersion = "21.11"; # Did you read the comment? # Additional packages - environment.systemPackages = with pkgs; [ dig ]; + environment.systemPackages = with pkgs; [ dig dog drill ]; networking.firewall.allowedTCPPorts = [ 53 ]; networking.firewall.allowedUDPPorts = [ 53 ]; services.unbound = { enable = true; + package = pkgs.v.unbound; settings = { server = { use-syslog = "yes"; @@ -37,7 +39,7 @@ in { local-zone = ''"${localdomain}." transparent''; local-data = (map localData hosts) ++ (map local6Data ipv6Hosts); - local-data-ptr = (map ptrData hosts); + local-data-ptr = (map ptrData hosts) ++ (map ptr6Data ipv6Hosts); access-control = [ "127.0.0.1/32 allow_snoop" @@ -61,10 +63,6 @@ in { "fe80::/10" ]; }; - # forward-zone = { - # name = ''"."''; - # forward-addr = [ "8.8.8.8" "9.9.9.9" ]; - # }; }; }; } diff --git a/nixos/hosts/mosquitto/configuration.nix b/nixos/hosts/mosquitto/configuration.nix index 29b1924e..5a13ba51 100644 --- a/nixos/hosts/mosquitto/configuration.nix +++ b/nixos/hosts/mosquitto/configuration.nix @@ -5,8 +5,7 @@ { config, pkgs, ... }: let mosquittoPort = 1883; in { - imports = [ - ]; + imports = [ ]; networking.hostName = "mosquitto"; @@ -56,5 +55,6 @@ in { }; }; - networking.firewall.allowedTCPPorts = [ mosquittoPort config.services.zigbee2mqtt.settings.frontend.port ]; + networking.firewall.allowedTCPPorts = + [ mosquittoPort config.services.zigbee2mqtt.settings.frontend.port ]; } diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index c28bc317..98163520 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -1,20 +1,16 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - { config, pkgs, ... }: let - k8s_proxy = { + proxy = url: { enableACME = true; forceSSL = true; locations."/" = { - proxyPass = "http://10.42.42.150:8000/"; + proxyPass = url; proxyWebsockets = true; }; }; + k8s_proxy = proxy "http://10.42.42.150:8000/"; in { - imports = [ - ]; + imports = [ ]; networking.hostName = "nginx"; @@ -36,23 +32,9 @@ in { recommendedProxySettings = true; recommendedTlsSettings = true; - virtualHosts."ha.0x76.dev" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://10.42.42.8:8123/"; - proxyWebsockets = true; - }; - }; - - virtualHosts."zookeeper-dev.0x76.dev" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://10.42.43.28:8085/"; - proxyWebsockets = true; - }; - }; + # Reverse Proxies + virtualHosts."ha.0x76.dev" = proxy "http://10.42.42.8:8123/"; + virtualHosts."zookeeper-dev.0x76.dev" = proxy "http://10.42.43.28:8085/"; # Kubernetes endpoints virtualHosts."0x76.dev" = k8s_proxy; diff --git a/nixos/hosts/vault/configuration.nix b/nixos/hosts/vault/configuration.nix index 533f8b94..95539419 100644 --- a/nixos/hosts/vault/configuration.nix +++ b/nixos/hosts/vault/configuration.nix @@ -3,11 +3,8 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: - -{ - imports = [ - ]; - +let port = 8200; +in { networking.hostName = "vault"; # This value determines the NixOS release from which the default @@ -22,13 +19,13 @@ environment.systemPackages = with pkgs; [ ]; # Vault - networking.firewall.allowedTCPPorts = [ 8200 ]; + networking.firewall.allowedTCPPorts = [ port ]; services.vault = { enable = true; # bin version includes the UI package = pkgs.vault-bin; - address = "0.0.0.0:8200"; + address = "0.0.0.0:${toString port}"; storageBackend = "file"; storagePath = "/var/lib/vault"; extraConfig = '' diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix new file mode 100644 index 00000000..42fa93ad --- /dev/null +++ b/nixos/pkgs/default.nix @@ -0,0 +1,10 @@ +final: prev: { + v = { + unbound = prev.unbound.override { + withSystemd = true; + withDoH = true; + withDNSCrypt = true; + withTFO = true; + }; + }; +} -- 2.47.1 From db17ea36e7b32fb9a658cf4196148a09c713a5fb Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 21 Nov 2021 22:01:29 +0100 Subject: [PATCH 0127/1882] flux: update charts --- .../core/external-secrets/external-secrets/helm-release.yaml | 4 ++-- flux/cluster/core/networking/metallb/helm-release.yaml | 2 +- flux/cluster/crds/external-secrets/crds.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml b/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml index 8466118c..5b663051 100644 --- a/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml +++ b/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml @@ -10,7 +10,7 @@ spec: spec: # renovate: registryUrl=https://charts.external-secrets.io chart: external-secrets - version: 0.3.7 + version: 0.3.8 sourceRef: kind: HelmRepository name: external-secrets-charts @@ -21,4 +21,4 @@ spec: install: crds: Skip upgrade: - crds: Skip \ No newline at end of file + crds: Skip diff --git a/flux/cluster/core/networking/metallb/helm-release.yaml b/flux/cluster/core/networking/metallb/helm-release.yaml index a976d462..b47e4eac 100644 --- a/flux/cluster/core/networking/metallb/helm-release.yaml +++ b/flux/cluster/core/networking/metallb/helm-release.yaml @@ -10,7 +10,7 @@ spec: spec: # renovate: registryUrl=https://metallb.github.io/metallb chart: metallb - version: 0.10.3 + version: 0.11.0 sourceRef: kind: HelmRepository name: metallb-charts diff --git a/flux/cluster/crds/external-secrets/crds.yaml b/flux/cluster/crds/external-secrets/crds.yaml index ae88a33d..40354495 100644 --- a/flux/cluster/crds/external-secrets/crds.yaml +++ b/flux/cluster/crds/external-secrets/crds.yaml @@ -9,7 +9,7 @@ spec: url: https://github.com/external-secrets/external-secrets.git ref: # renovate: registryUrl=https://charts.external-secrets.io chart=external-secrets - tag: v0.3.7 + tag: v0.3.8 ignore: | # exclude all /* -- 2.47.1 From d7dc003e28e70d23351f147a77c7e44adbc362a4 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 21 Nov 2021 22:16:45 +0100 Subject: [PATCH 0128/1882] misc: Add Readme --- README.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 00000000..dc0862d4 --- /dev/null +++ b/README.md @@ -0,0 +1,14 @@ +# 0x76's Infrastructure +This repository contains my IaC and GitOps code. + +## Directory Structure +`flake.nix` is a NixOS flake which is the entrypoint for my NixOS config, it also contains a 'DevShell' containing all the tools needed +to deploy the infrastructure, this can be accessed running `nix develop`. +* **flux**: Kubernetes manifests as managed by [Flux] +* **nixos**: Nix configurations for my NixOS LXCs and VMs, deployed using [deploy-rs]. +* **terraform**: Terraform config for deploying said VMs and Containers onto Proxmox, using [terraform-provider-proxmox] + + +[Flux]: https://github.com/fluxcd/flux2 +[deploy-rs]: https://github.com/serokell/deploy-rs +[terraform-provider-proxmox]: https://github.com/Telmate/terraform-provider-proxmox -- 2.47.1 From 2c690f21482c86c4adcf665126927780cd8452f8 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 22 Nov 2021 00:10:21 +0100 Subject: [PATCH 0129/1882] add minio --- .vscode/extensions.json | 9 ++++++++ flake.lock | 6 +++--- flake.nix | 29 +++++++++++++++---------- hosts.nix | 6 ++++++ nixos/common/default.nix | 16 ++++++++------ nixos/hosts/minio/configuration.nix | 33 +++++++++++++++++++++++++++++ 6 files changed, 79 insertions(+), 20 deletions(-) create mode 100644 .vscode/extensions.json create mode 100644 nixos/hosts/minio/configuration.nix diff --git a/.vscode/extensions.json b/.vscode/extensions.json new file mode 100644 index 00000000..abc2c093 --- /dev/null +++ b/.vscode/extensions.json @@ -0,0 +1,9 @@ +{ + "recommendations": [ + "hashicorp.terraform", + "ms-kubernetes-tools.vscode-kubernetes-tools", + "jnoortheen.nix-ide", + "brettm12345.nixfmt-vscode", + "redhat.vscode-yaml" + ] +} diff --git a/flake.lock b/flake.lock index 1485c8de..85ec027a 100644 --- a/flake.lock +++ b/flake.lock @@ -196,11 +196,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1637469704, - "narHash": "sha256-tNbrZZDHCLBw5/3REe8Dm/WMYiAXgXy7n5GuhRn5lI0=", + "lastModified": 1637509688, + "narHash": "sha256-NcKdyLZflWeSrwgavNGIG7LcP6XBcYGne04HIzWP1D4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "296032dd5ff5e4c266782e73f9c00ee044f19c70", + "rev": "53edfe1d1c51c38e2adc4d8eb37a7a2657e3fe01", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index e442592c..6d389156 100644 --- a/flake.nix +++ b/flake.nix @@ -25,7 +25,7 @@ "${profile}" = lib.nixosSystem { inherit system; modules = - [ "${./.}/nixos/hosts/${profile}/configuration.nix" ./nixos/common ] + [ ./nixos/common ./nixos/hosts/${profile}/configuration.nix ] ++ (if lxc then [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./nixos/common/generic-lxc.nix @@ -50,21 +50,28 @@ # Import all nixos host definitions that are actual nix machines nixHosts = filter ({ nix ? true, ... }: nix) hosts; + + pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} + [ vault-secrets.overlay ]; in { # Make the config and deploy sets - nixosConfigurations = - lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; - + nixosConfigurations = lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; deploy.nodes = lib.foldr (el: acc: acc // mkDeploy el) { } nixHosts; + apps.x86_64-linux.vault-push-approles = { + type = "app"; + program = "${pkgs.vault-push-approles self}/bin/vault-push-approles"; + }; + apps.x86_64-linux.vault-push-approle-envs = { + type = "app"; + program = + "${pkgs.vault-push-approle-envs self}/bin/vault-push-approle-envs"; + }; + # Use by running `nix develop` - devShell.${system} = let - pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} - [ vault-secrets.overlay ]; - in pkgs.mkShell { + devShell.${system} = pkgs.mkShell { VAULT_ADDR = "http://10.42.42.6:8200/"; # This only support bash so just execute zsh in bash as a workaround :/ - shellHook = "${pkgs.zsh}/bin/zsh; exit"; buildInputs = with pkgs; [ deploy-rs.packages.${system}.deploy-rs fluxcd @@ -75,8 +82,8 @@ nixfmt nixUnstable vault - (vault-push-approle-envs self) - (vault-push-approles self) + (vault-push-approle-envs self { }) + (vault-push-approles self { }) ]; }; diff --git a/hosts.nix b/hosts.nix index 0b373068..310314ef 100644 --- a/hosts.nix +++ b/hosts.nix @@ -70,4 +70,10 @@ ip = "10.42.42.16"; mac = "B6:04:0B:CD:0F:9F"; } + { + hostname = "minio"; + profile = "dns"; + ip = "10.42.42.17"; + mac = "0A:06:5E:E7:9A:0C"; + } ] diff --git a/nixos/common/default.nix b/nixos/common/default.nix index f7d99087..026dadf6 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -18,8 +18,11 @@ nix = { package = pkgs.nixUnstable; autoOptimiseStore = true; - binaryCaches = - [ "https://cachix.cachix.org" "https://nix-community.cachix.org" "https://nixpkgs-review-bot.cachix.org" ]; + binaryCaches = [ + "https://cachix.cachix.org" + "https://nix-community.cachix.org" + "https://nixpkgs-review-bot.cachix.org" + ]; binaryCachePublicKeys = [ "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" @@ -45,8 +48,9 @@ services.openssh.enable = true; vault-secrets = { - vaultPrefix = "nixos/${config.networking.hostName}"; - vaultAddress = "http://10.42.42.6:8200/"; - approlePrefix = "olympus-${config.networking.hostName}"; - }; + vaultPrefix = "nixos/${config.networking.hostName}"; + vaultAddress = "http://10.42.42.6:8200/"; + approlePrefix = "olympus-${config.networking.hostName}"; + }; + } diff --git a/nixos/hosts/minio/configuration.nix b/nixos/hosts/minio/configuration.nix new file mode 100644 index 00000000..0b758860 --- /dev/null +++ b/nixos/hosts/minio/configuration.nix @@ -0,0 +1,33 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: +let +vs = config.vault-secrets.secrets; +in +{ + imports = [ ]; + + networking.hostName = "minio"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ 9000 9001 ]; + + vault-secrets.secrets.minio = { }; + + services.minio = { + enable = true; + rootCredentialsFile = "${vs.minio}/environment"; + }; +} -- 2.47.1 From 99bdbd6b597d692da750e839693acd58b1204e57 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 23 Nov 2021 14:26:40 +0100 Subject: [PATCH 0130/1882] nixos: add dhcp server --- flake.nix | 3 +- hosts.nix | 54 ++++++++++++++++++------------ nixos/common/default.nix | 4 +-- nixos/hosts/dhcp/configuration.nix | 52 ++++++++++++++++++++++++++++ 4 files changed, 87 insertions(+), 26 deletions(-) create mode 100644 nixos/hosts/dhcp/configuration.nix diff --git a/flake.nix b/flake.nix index 6d389156..1f11e136 100644 --- a/flake.nix +++ b/flake.nix @@ -87,7 +87,6 @@ ]; }; - checks = mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) - deploy-rs.lib; + checks = mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; }; } diff --git a/hosts.nix b/hosts.nix index 310314ef..4cdc7002 100644 --- a/hosts.nix +++ b/hosts.nix @@ -7,23 +7,15 @@ nix = false; } { - hostname = "nuc"; - ip = "10.42.42.42"; - mac = "1C:69:7A:62:30:88"; + hostname = "unifi-ap"; + ip = "10.42.42.2"; + mac = "b4:fb:e4:f3:ff:1b"; nix = false; } { - hostname = "LGwebOSTV"; - ip = "10.42.42.13"; - mac = "74:40:be:48:85:a4"; - nix = false; - } - { - hostname = "home-assistant"; - ip = "10.42.42.8"; - ip6 = "2001:41f0:9639:1:bfe7:3fd9:75de:cbee"; - mac = "74:40:be:48:85:a4"; - nix = false; + hostname = "dhcp"; + ip = "10.42.42.3"; + mac = "3E:2D:E8:AA:E2:81"; } { hostname = "bastion"; @@ -31,13 +23,6 @@ mac = "82:F0:7C:CB:BD:6D"; lxc = false; } - { - hostname = "k3s-node1"; - profile = "k3s"; - ip = "10.42.42.10"; - mac = "2E:F8:55:23:D9:9B"; - lxc = false; - } { hostname = "vault"; ip = "10.42.42.6"; @@ -48,11 +33,31 @@ ip = "10.42.42.7"; mac = "C6:F9:8B:3D:9E:37"; } + { + hostname = "home-assistant"; + ip = "10.42.42.8"; + ip6 = "2001:41f0:9639:1:bfe7:3fd9:75de:cbee"; + mac = "74:40:be:48:85:a4"; + nix = false; + } { hostname = "nginx"; ip = "10.42.42.9"; mac = "6A:C2:89:85:CF:A6"; } + { + hostname = "k3s-node1"; + profile = "k3s"; + ip = "10.42.42.10"; + mac = "2E:F8:55:23:D9:9B"; + lxc = false; + } + { + hostname = "WoolooTV"; + ip = "10.42.42.13"; + mac = "74:40:be:48:85:a4"; + nix = false; + } { hostname = "consul"; ip = "10.42.42.14"; @@ -72,8 +77,13 @@ } { hostname = "minio"; - profile = "dns"; ip = "10.42.42.17"; mac = "0A:06:5E:E7:9A:0C"; } + { + hostname = "nuc"; + ip = "10.42.42.42"; + mac = "1C:69:7A:62:30:88"; + nix = false; + } ] diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 026dadf6..000ec678 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -48,8 +48,8 @@ services.openssh.enable = true; vault-secrets = { - vaultPrefix = "nixos/${config.networking.hostName}"; - vaultAddress = "http://10.42.42.6:8200/"; + vaultPrefix = "nixos"; + vaultAddress = "http://vault.olympus:8200/"; approlePrefix = "olympus-${config.networking.hostName}"; }; diff --git a/nixos/hosts/dhcp/configuration.nix b/nixos/hosts/dhcp/configuration.nix new file mode 100644 index 00000000..1451139c --- /dev/null +++ b/nixos/hosts/dhcp/configuration.nix @@ -0,0 +1,52 @@ +{ config, pkgs, hosts, ... }: +let + hostToDhcp = { hostname, mac, ip, ... }: { + ethernetAddress = mac; + hostName = hostname; + ipAddress = ip; + }; +in { + imports = [ ]; + + networking = { + hostName = "dhcp"; + defaultGateway = "10.42.42.1"; + nameservers = [ "10.42.42.15" "10.42.42.16" ]; + interfaces.eth0 = { + useDHCP = false; # It turns out the barber just doesn't shave + ipv4.addresses = [{ + address = "10.42.42.3"; + prefixLength = 23; + }]; + }; + }; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedUDPPorts = [ 67 ]; + + services.dhcpd4 = { + enable = true; + extraConfig = '' + option subnet-mask 255.255.254.0; + option broadcast-address 10.42.43.255; + option routers 10.42.42.1; + option domain-name-servers 10.42.42.15, 10.42.42.16; + option domain-name "olympus"; + option domain-search "olympus"; + subnet 10.42.42.0 netmask 255.255.254.0 { + range 10.42.43.1 10.42.43.254; + } + ''; + machines = map hostToDhcp hosts; + }; +} -- 2.47.1 From cc80f0afa72cd9b4acb69843b1e0fcbd20157505 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 23 Nov 2021 17:44:00 +0100 Subject: [PATCH 0131/1882] Harden OpenSSH --- flake.nix | 10 ++++++---- hosts.nix | 11 ++++++++++- nixos/common/default.nix | 7 +++++-- 3 files changed, 21 insertions(+), 7 deletions(-) diff --git a/flake.nix b/flake.nix index 1f11e136..e43d9788 100644 --- a/flake.nix +++ b/flake.nix @@ -51,8 +51,10 @@ # Import all nixos host definitions that are actual nix machines nixHosts = filter ({ nix ? true, ... }: nix) hosts; - pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} - [ vault-secrets.overlay ]; + pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ]; + + deployChecks = mapAttrs (_: lib: lib.deployChecks self.deploy) deploy-rs.lib; + checks = {}; in { # Make the config and deploy sets nixosConfigurations = lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; @@ -70,7 +72,7 @@ # Use by running `nix develop` devShell.${system} = pkgs.mkShell { - VAULT_ADDR = "http://10.42.42.6:8200/"; + VAULT_ADDR = "http://vault.olympus:8200/"; # This only support bash so just execute zsh in bash as a workaround :/ buildInputs = with pkgs; [ deploy-rs.packages.${system}.deploy-rs @@ -87,6 +89,6 @@ ]; }; - checks = mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; + checks = lib.recursiveUpdate deployChecks checks; }; } diff --git a/hosts.nix b/hosts.nix index 4cdc7002..6436bfdd 100644 --- a/hosts.nix +++ b/hosts.nix @@ -21,6 +21,7 @@ hostname = "bastion"; ip = "10.42.42.4"; mac = "82:F0:7C:CB:BD:6D"; + ip6 = "2001:41f0:9639:1:80f0:7cff:fecb:bd6d"; lxc = false; } { @@ -37,12 +38,13 @@ hostname = "home-assistant"; ip = "10.42.42.8"; ip6 = "2001:41f0:9639:1:bfe7:3fd9:75de:cbee"; - mac = "74:40:be:48:85:a4"; + mac = "9E:60:78:ED:81:B4"; nix = false; } { hostname = "nginx"; ip = "10.42.42.9"; + ip6 = "2001:41f0:9639:1:68c2:89ff:fe85:cfa6"; mac = "6A:C2:89:85:CF:A6"; } { @@ -86,4 +88,11 @@ mac = "1C:69:7A:62:30:88"; nix = false; } + { + hostname = "eevee"; + ip = "10.42.42.69"; + ip6 = "2001:41f0:9639:1:a83:e416:dc99:5ed3"; + mac = "34:97:f6:93:9A:AA"; + nix = false; + } ] diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 000ec678..da4c9f2e 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -45,12 +45,15 @@ ''; # Enable SSH daemon support. - services.openssh.enable = true; + services.openssh = { + enable = true; + passwordAuthentication = false; + permitRootLogin = "no"; + }; vault-secrets = { vaultPrefix = "nixos"; vaultAddress = "http://vault.olympus:8200/"; approlePrefix = "olympus-${config.networking.hostName}"; }; - } -- 2.47.1 From f19679529cb2805ae0faf4bb7b6aba8560242223 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Tue, 23 Nov 2021 22:33:05 +0100 Subject: [PATCH 0132/1882] terraform: import proxmox state --- terraform/.terraform.lock.hcl | 32 +++--- terraform/lxc.tf | 193 ++++++++++++++++++++++++++++++++++ terraform/main.tf | 111 +++---------------- terraform/version.tf | 2 +- terraform/vms.tf | 76 +++++++++++++ 5 files changed, 298 insertions(+), 116 deletions(-) create mode 100644 terraform/lxc.tf create mode 100644 terraform/vms.tf diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl index 52d100bf..516a6231 100644 --- a/terraform/.terraform.lock.hcl +++ b/terraform/.terraform.lock.hcl @@ -21,22 +21,22 @@ provider "registry.terraform.io/hashicorp/vault" { } provider "registry.terraform.io/telmate/proxmox" { - version = "2.9.1" - constraints = "2.9.1" + version = "2.9.0" + constraints = "2.9.0" hashes = [ - "h1:91quPBtAGz3lgEROnowk4dSJiqKEBClbhbw8Xv42Oaw=", - "zh:07a621cc6e9a55892137b42a41e73a4108e067fb534b71b06b65a0022ddde8aa", - "zh:16e031c63f5fda44b61b12c742c9886842774dc3bc88b62fc92ea0e0286d1ec1", - "zh:17b2d78ed14266a581815713bb81d796fb3367728860e774e1e56bc5f888f601", - "zh:37f6a506810d93eaa80f0428ea5409ce210d209006883d9d9a0e513d2818e3be", - "zh:5f439991b9441ebe19f8fe902cdfd0593d546930e47b7d62a7e04d9a7bcb8364", - "zh:707da4a88509bbde66c1ad6b6084633be74943bdf5108c13d9ff4c21b6c88638", - "zh:7d7664c01c0c15f67f1fad9aab3f0a064f8a3f8071b679bb3f8a8a3de7aecf2c", - "zh:7f1231b723d326b9d4e46eb03b5c0011303c4add8a54628ac674fe2669690431", - "zh:85d32d9777972fa08eeec5e5d480bb90f5877442f9740412b132c394de295702", - "zh:bbb9f52948d25a937838a809c9cc0e4e412e0f7c7df559d7c24fb3a9abfd720e", - "zh:bfe2d40f7195ed145655601054af78648493890e33e83aff30e7a21a2f1e765b", - "zh:de46e5597ca86aec52b3e569ca36f42fff5717c01d8274b9c580a98e0899b24d", - "zh:f251a74241c4eec1f2ceaed14151a0ff091c9f1d9856fe501935e7eab85ce822", + "h1:2emsswGg3BBrWiYV9GhR1MfR7r6sREVvC3qGX56UOv8=", + "zh:05b3556ffd47f7791e51c600bc281562c35d54fcb2768fe19c5faf08fd10d8f3", + "zh:0ae37a5adb0f9f6409c5363b5ac9f0eb3ed95698b82bb6827a86469a2d103edd", + "zh:0d0487486fd9cb3b064d7495082fb6fb75705dfadf43262a2abb18bc2a76da29", + "zh:12b66f4616bbd011533c5d4254abfa782ebc33619fb439619646283d831a6b3c", + "zh:3c0f9396c75230746f824fe65e5ffb27b277504be23f2771392019e89700c3a9", + "zh:5410169fc01ac9358f766d155e3b199541c25caf3a74ecada84202ecdf68cf75", + "zh:582cd15439da18358f24214addc90085860237a5bc8bb41d57c8e6115032c0c2", + "zh:97ef5e28d4863b52868dd436392b4bbba6dc12e3927ba4d33702538adfbe83c0", + "zh:a1631929b77ac97d38b2a340f598d10005ff75745546f04ea171a4042f98a894", + "zh:ae5116c32ad7b0e0573522c9158583a77a98ec52bbce14dc3ce00c03328c0b4f", + "zh:c164cedfef4ab70dc25fb2c0c25a091c5d8a6b09d58725fc4296b37cb9b133a2", + "zh:c6aed31aceaf6a923859e9e2af26a8e45559d0680bc3524207886ee0556968c2", + "zh:cffbee36856bac5ec527a8f83d52edbead3ac73e0ffbe77a958c175a78929ad6", ] } diff --git a/terraform/lxc.tf b/terraform/lxc.tf new file mode 100644 index 00000000..a1293c69 --- /dev/null +++ b/terraform/lxc.tf @@ -0,0 +1,193 @@ +resource "proxmox_lxc" "vault" { + target_node = "nuc" + description = "Vault Secrets Management" + hostname = "vault" + unprivileged = false # needed for mlock + vmid = 102 + clone = "101" + memory = 1024 + onboot = true + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + ip6 = "auto" + hwaddr = "16:2B:87:55:0C:0C" + } +} + +resource "proxmox_lxc" "mosquitto" { + target_node = "nuc" + description = "mosquitto mqtt broker" + hostname = "mosquitto" + vmid = 104 + clone = 101 + unprivileged = true + onboot = true + + memory = 1024 + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + ip6 = "auto" + hwaddr = "C6:F9:8B:3D:9E:37" + } +} + +resource "proxmox_lxc" "nginx" { + target_node = "nuc" + description = "nginx reverse proxy" + hostname = "nginx" + vmid = 106 + clone = 101 + unprivileged = true + onboot = true + + memory = 512 + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + ip6 = "auto" + hwaddr = "6A:C2:89:85:CF:A6" + } +} + +resource "proxmox_lxc" "consul" { + target_node = "nuc" + description = "consul service mesh" + hostname = "consul" + vmid = 107 + unprivileged = true + onboot = true + + memory = 512 + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + ip6 = "auto" + hwaddr = "D6:DE:07:41:73:81" + } +} + +resource "proxmox_lxc" "dns-1" { + target_node = "nuc" + hostname = "dns" + vmid = 109 + unprivileged = true + onboot = true + startup = "order=1" + cores = 1 + + memory = 512 + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + ip6 = "auto" + hwaddr = "D6:DE:07:41:73:81" + } +} + +resource "proxmox_lxc" "dns-2" { + target_node = "nuc" + hostname = "dns" + vmid = 110 + unprivileged = true + onboot = true + startup = "order=1" + cores = 1 + + memory = 512 + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + ip6 = "auto" + hwaddr = "B6:04:0B:CD:0F:9F" + } +} + +resource "proxmox_lxc" "minio" { + target_node = "nuc" + hostname = "minio" + vmid = 111 + unprivileged = true + onboot = true + cores = 1 + + memory = 512 + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + ip6 = "auto" + hwaddr = "0A:06:5E:E7:9A:0C" + } +} + +resource "proxmox_lxc" "dhcp" { + target_node = "nuc" + hostname = "dhcp" + vmid = 112 + unprivileged = true + onboot = true + cores = 1 + + memory = 512 + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + hwaddr = "3E:2D:E8:AA:E2:81" + } +} diff --git a/terraform/main.tf b/terraform/main.tf index 8c7acd0d..7082b59c 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -31,62 +31,20 @@ resource "proxmox_lxc" "nixos-template" { name = "eth0" bridge = "vmbr0" ip = "dhcp" + ip6 = "auto" hwaddr = "22:D7:C1:FF:9D:5F" } } -resource "proxmox_lxc" "vault" { +resource "proxmox_lxc" "nixos-template-2" { target_node = "nuc" - description = "Vault Secrets Management" - hostname = "vault" - unprivileged = false # needed for mlock - vmid = 102 - clone = "101" - memory = 1024 - - rootfs { - storage = "local-zfs" - size = "8G" - } - - network { - name = "eth0" - bridge = "vmbr0" - ip = "dhcp" - hwaddr = "16:2B:87:55:0C:0C" - } -} - -resource "proxmox_lxc" "mosquitto" { - target_node = "nuc" - description = "mosquitto mqtt broker" - hostname = "mosquitto" - vmid = 104 - clone = 101 - unprivileged = true - - memory = 1024 - - rootfs { - storage = "local-zfs" - size = "8G" - } - - network { - name = "eth0" - bridge = "vmbr0" - ip = "dhcp" - hwaddr = "C6:F9:8B:3D:9E:37" - } -} - -resource "proxmox_lxc" "nginx" { - target_node = "nuc" - description = "nginx reverse proxy" - hostname = "nginx" - vmid = 106 - clone = 101 + description = "NixOS LXC Template" + hostname = "nixos-template" + ostype = "unmanaged" unprivileged = true + vmid = 108 + template = true + cores = 1 memory = 512 @@ -95,60 +53,15 @@ resource "proxmox_lxc" "nginx" { size = "8G" } - network { - name = "eth0" - bridge = "vmbr0" - ip = "dhcp" - hwaddr = "6A:C2:89:85:CF:A6" - } -} - -resource "proxmox_vm_qemu" "k3s-node1" { - name = "k3s-node1" - target_node = "nuc" - vmid = 103 - clone = "bastion" - tablet = false - - memory = 8192 - cores = 4 - - agent = 1 - boot = "order=scsi0;ide2;net0" - - network { - model = "virtio" - macaddr = "2E:F8:55:23:D9:9B" - bridge = "vmbr0" - } - - disk { - type = "scsi" - storage = "local-zfs" - size = "64G" - ssd = 1 - } -} - -resource "proxmox_lxc" "consul" { - target_node = "nuc" - description = "consul service mesh" - hostname = "consul" - vmid = 107 - clone = 101 - unprivileged = true - - memory = 512 - - rootfs { - storage = "local-zfs" - size = "8G" + features { + nesting = true } network { name = "eth0" bridge = "vmbr0" ip = "dhcp" - hwaddr = "D6:DE:07:41:73:81" + ip6 = "auto" + hwaddr = "FA:71:3F:31:34:41" } } diff --git a/terraform/version.tf b/terraform/version.tf index f762c5a4..5beb9d46 100644 --- a/terraform/version.tf +++ b/terraform/version.tf @@ -2,7 +2,7 @@ terraform { required_providers { proxmox = { source = "telmate/proxmox" - version = "2.9.1" + version = "2.9.0" } vault = { source = "hashicorp/vault" diff --git a/terraform/vms.tf b/terraform/vms.tf new file mode 100644 index 00000000..fbb73acf --- /dev/null +++ b/terraform/vms.tf @@ -0,0 +1,76 @@ +resource "proxmox_vm_qemu" "bastion" { + name = "bastion" + vmid = 100 + target_node = "nuc" + onboot = true + tablet = false + full_clone = false + + memory = 4096 + cores = 4 + + agent = 1 + boot = "order=scsi0;ide2;net0" + + disk { + size = "64G" + storage = "local-zfs" + type = "scsi" + ssd = 1 + } + + network { + model = "virtio" + macaddr = "82:F0:7C:CB:BD:6D" + bridge = "vmbr0" + } +} + +resource "proxmox_vm_qemu" "k3s-node1" { + name = "k3s-node1" + target_node = "nuc" + vmid = 103 + clone = "bastion" + tablet = false + + memory = 8192 + cores = 4 + + agent = 1 + boot = "order=scsi0;ide2;net0" + + network { + model = "virtio" + macaddr = "2E:F8:55:23:D9:9B" + bridge = "vmbr0" + } + + disk { + type = "scsi" + storage = "local-zfs" + size = "64G" + ssd = 1 + } +} + +resource "proxmox_vm_qemu" "home-assistant" { + name = "home-assistant" + vmid = 105 + target_node = "nuc" + onboot = true + tablet = false + full_clone = false + bios = "ovmf" + + memory = 2048 + cores = 4 + + agent = 1 + boot = "order=sata0" + + network { + model = "virtio" + macaddr = "9E:60:78:ED:81:B4" + bridge = "vmbr0" + } +} -- 2.47.1 From bdabf8995d464496f661bae9b7d0432e27d2eff0 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Wed, 24 Nov 2021 10:05:55 +0100 Subject: [PATCH 0133/1882] terraform: fix dns-1 mac --- terraform/lxc.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/lxc.tf b/terraform/lxc.tf index a1293c69..b45a4917 100644 --- a/terraform/lxc.tf +++ b/terraform/lxc.tf @@ -117,7 +117,7 @@ resource "proxmox_lxc" "dns-1" { bridge = "vmbr0" ip = "dhcp" ip6 = "auto" - hwaddr = "D6:DE:07:41:73:81" + hwaddr = "5E:F6:36:23:16:E3" } } -- 2.47.1 From db847545b3967c70f4657bf8b7554c8b0fda1bb6 Mon Sep 17 00:00:00 2001 From: Flux <> Date: Wed, 24 Nov 2021 14:53:17 +0100 Subject: [PATCH 0134/1882] Add Flux v0.24.0 component manifests --- .../base/flux-system/gotk-components.yaml | 199 ++++++++++++++---- 1 file changed, 158 insertions(+), 41 deletions(-) diff --git a/flux/cluster/base/flux-system/gotk-components.yaml b/flux/cluster/base/flux-system/gotk-components.yaml index 2db9961a..71f648a8 100644 --- a/flux/cluster/base/flux-system/gotk-components.yaml +++ b/flux/cluster/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.23.0 +# Flux Version: v0.24.0 # Components: source-controller,kustomize-controller,helm-controller,notification-controller,image-reflector-controller,image-automation-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: flux-system --- apiVersion: apiextensions.k8s.io/v1 @@ -20,7 +20,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -232,7 +232,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -277,6 +277,33 @@ spec: description: BucketSpec defines the desired state of an S3 compatible bucket properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object bucketName: description: The bucket name. type: string @@ -463,7 +490,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -509,6 +536,33 @@ spec: spec: description: GitRepositorySpec defines the desired state of a Git repository. properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object gitImplementation: default: go-git description: Determines which git client library to use. Defaults @@ -793,7 +847,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -848,6 +902,33 @@ spec: spec: description: HelmChartSpec defines the desired state of a Helm chart. properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object chart: description: The name or path the Helm chart is available at in the SourceRef. @@ -1048,7 +1129,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -1808,7 +1889,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1854,6 +1935,33 @@ spec: spec: description: HelmRepositorySpec defines the reference to a Helm repository. properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object interval: description: The interval at which to check the upstream for updates. type: string @@ -2026,7 +2134,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: imagepolicies.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -2138,6 +2246,8 @@ spec: - policy type: object status: + default: + observedGeneration: -1 description: ImagePolicyStatus defines the observed state of ImagePolicy properties: conditions: @@ -2215,6 +2325,7 @@ spec: the policy. type: string observedGeneration: + description: ObservedGeneration is the last reconciled generation. format: int64 type: integer type: object @@ -2615,7 +2726,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: imagerepositories.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -2697,6 +2808,8 @@ spec: type: string type: object status: + default: + observedGeneration: -1 description: ImageRepositoryStatus defines the observed state of ImageRepository properties: canonicalImageName: @@ -3173,7 +3286,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: imageupdateautomations.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3973,7 +4086,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -5048,7 +5161,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5120,6 +5233,10 @@ spec: required: - name type: object + suspend: + description: This flag tells the controller to suspend subsequent + events handling. Defaults to false. + type: boolean type: description: Type of provider enum: @@ -5248,7 +5365,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5465,7 +5582,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: helm-controller namespace: flux-system --- @@ -5475,7 +5592,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: image-automation-controller namespace: flux-system --- @@ -5485,7 +5602,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: image-reflector-controller namespace: flux-system --- @@ -5495,7 +5612,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: kustomize-controller namespace: flux-system --- @@ -5505,7 +5622,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: notification-controller namespace: flux-system --- @@ -5515,7 +5632,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: source-controller namespace: flux-system --- @@ -5525,7 +5642,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: crd-controller-flux-system rules: - apiGroups: @@ -5606,7 +5723,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -5626,7 +5743,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -5658,7 +5775,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 control-plane: controller name: notification-controller namespace: flux-system @@ -5678,7 +5795,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 control-plane: controller name: source-controller namespace: flux-system @@ -5698,7 +5815,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 control-plane: controller name: webhook-receiver namespace: flux-system @@ -5718,7 +5835,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 control-plane: controller name: helm-controller namespace: flux-system @@ -5747,7 +5864,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.13.0 + image: ghcr.io/fluxcd/helm-controller:v0.14.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5791,7 +5908,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 control-plane: controller name: image-automation-controller namespace: flux-system @@ -5820,7 +5937,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-automation-controller:v0.17.1 + image: ghcr.io/fluxcd/image-automation-controller:v0.18.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5866,7 +5983,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 control-plane: controller name: image-reflector-controller namespace: flux-system @@ -5895,7 +6012,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-reflector-controller:v0.13.2 + image: ghcr.io/fluxcd/image-reflector-controller:v0.14.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5945,7 +6062,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 control-plane: controller name: kustomize-controller namespace: flux-system @@ -5974,7 +6091,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.18.0 + image: ghcr.io/fluxcd/kustomize-controller:v0.18.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6020,7 +6137,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 control-plane: controller name: notification-controller namespace: flux-system @@ -6048,7 +6165,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v0.18.1 + image: ghcr.io/fluxcd/notification-controller:v0.19.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6096,7 +6213,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 control-plane: controller name: source-controller namespace: flux-system @@ -6129,7 +6246,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/source-controller:v0.18.0 + image: ghcr.io/fluxcd/source-controller:v0.19.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6180,7 +6297,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: allow-egress namespace: flux-system spec: @@ -6200,7 +6317,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: allow-scraping namespace: flux-system spec: @@ -6220,7 +6337,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.23.0 + app.kubernetes.io/version: v0.24.0 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From 6bfb0bbd7dc20609b3621af837ae29b35d7db1e1 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 24 Nov 2021 22:41:26 +0100 Subject: [PATCH 0135/1882] nixos, terraform: minor updates --- flake.lock | 6 +++--- flake.nix | 6 +++--- hosts.nix | 3 ++- nixos/common/default.nix | 2 +- terraform/vault.tf | 4 ++-- 5 files changed, 11 insertions(+), 10 deletions(-) diff --git a/flake.lock b/flake.lock index 85ec027a..c5928807 100644 --- a/flake.lock +++ b/flake.lock @@ -196,11 +196,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1637509688, - "narHash": "sha256-NcKdyLZflWeSrwgavNGIG7LcP6XBcYGne04HIzWP1D4=", + "lastModified": 1637605846, + "narHash": "sha256-Llelj1pYeAhGLftPxM2ixSgAfdPBAZOnpBZtpvaZ3Xo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "53edfe1d1c51c38e2adc4d8eb37a7a2657e3fe01", + "rev": "d00918ccaf7e1532d35db2f1e3d44db3da39b851", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index e43d9788..28e67bc9 100644 --- a/flake.nix +++ b/flake.nix @@ -25,7 +25,7 @@ "${profile}" = lib.nixosSystem { inherit system; modules = - [ ./nixos/common ./nixos/hosts/${profile}/configuration.nix ] + [ ./nixos/common "${./.}/nixos/hosts/${profile}/configuration.nix" ] ++ (if lxc then [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./nixos/common/generic-lxc.nix @@ -54,7 +54,7 @@ pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ]; deployChecks = mapAttrs (_: lib: lib.deployChecks self.deploy) deploy-rs.lib; - checks = {}; + checks = { }; in { # Make the config and deploy sets nixosConfigurations = lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; @@ -84,8 +84,8 @@ nixfmt nixUnstable vault - (vault-push-approle-envs self { }) (vault-push-approles self { }) + (vault-push-approle-envs self { }) ]; }; diff --git a/hosts.nix b/hosts.nix index 6436bfdd..edfa9456 100644 --- a/hosts.nix +++ b/hosts.nix @@ -20,8 +20,8 @@ { hostname = "bastion"; ip = "10.42.42.4"; - mac = "82:F0:7C:CB:BD:6D"; ip6 = "2001:41f0:9639:1:80f0:7cff:fecb:bd6d"; + mac = "82:F0:7C:CB:BD:6D"; lxc = false; } { @@ -85,6 +85,7 @@ { hostname = "nuc"; ip = "10.42.42.42"; + ip6 = "2001:41f0:9639:1::42"; mac = "1C:69:7A:62:30:88"; nix = false; } diff --git a/nixos/common/default.nix b/nixos/common/default.nix index da4c9f2e..6545b538 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -52,7 +52,7 @@ }; vault-secrets = { - vaultPrefix = "nixos"; + vaultPrefix = "secrets/nixos"; vaultAddress = "http://vault.olympus:8200/"; approlePrefix = "olympus-${config.networking.hostName}"; }; diff --git a/terraform/vault.tf b/terraform/vault.tf index 73d2d7d9..16bb28f3 100644 --- a/terraform/vault.tf +++ b/terraform/vault.tf @@ -1,9 +1,9 @@ provider "vault" { - address = "http://10.42.42.6:8200" + address = "http://vault:8200" skip_tls_verify = true } # Proxmox authentication for terraform data "vault_generic_secret" "proxmox_auth" { - path = "secrets/proxmox/terraform_auth" + path = "secrets/terraform/proxmox_credentials" } -- 2.47.1 From ad26c6b9d80b71723c015d2c4620886cf0c9b520 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Wed, 24 Nov 2021 23:03:04 +0100 Subject: [PATCH 0136/1882] terraform: push state to minio --- terraform/.terraform.lock.hcl | 32 ++++++++++++++++---------------- terraform/main.tf | 17 +++++++++++++++++ terraform/vault.tf | 4 ++++ terraform/version.tf | 2 +- 4 files changed, 38 insertions(+), 17 deletions(-) diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl index 516a6231..0db9d8c4 100644 --- a/terraform/.terraform.lock.hcl +++ b/terraform/.terraform.lock.hcl @@ -21,22 +21,22 @@ provider "registry.terraform.io/hashicorp/vault" { } provider "registry.terraform.io/telmate/proxmox" { - version = "2.9.0" - constraints = "2.9.0" + version = "2.9.3" + constraints = "2.9.3" hashes = [ - "h1:2emsswGg3BBrWiYV9GhR1MfR7r6sREVvC3qGX56UOv8=", - "zh:05b3556ffd47f7791e51c600bc281562c35d54fcb2768fe19c5faf08fd10d8f3", - "zh:0ae37a5adb0f9f6409c5363b5ac9f0eb3ed95698b82bb6827a86469a2d103edd", - "zh:0d0487486fd9cb3b064d7495082fb6fb75705dfadf43262a2abb18bc2a76da29", - "zh:12b66f4616bbd011533c5d4254abfa782ebc33619fb439619646283d831a6b3c", - "zh:3c0f9396c75230746f824fe65e5ffb27b277504be23f2771392019e89700c3a9", - "zh:5410169fc01ac9358f766d155e3b199541c25caf3a74ecada84202ecdf68cf75", - "zh:582cd15439da18358f24214addc90085860237a5bc8bb41d57c8e6115032c0c2", - "zh:97ef5e28d4863b52868dd436392b4bbba6dc12e3927ba4d33702538adfbe83c0", - "zh:a1631929b77ac97d38b2a340f598d10005ff75745546f04ea171a4042f98a894", - "zh:ae5116c32ad7b0e0573522c9158583a77a98ec52bbce14dc3ce00c03328c0b4f", - "zh:c164cedfef4ab70dc25fb2c0c25a091c5d8a6b09d58725fc4296b37cb9b133a2", - "zh:c6aed31aceaf6a923859e9e2af26a8e45559d0680bc3524207886ee0556968c2", - "zh:cffbee36856bac5ec527a8f83d52edbead3ac73e0ffbe77a958c175a78929ad6", + "h1:ncggek/h3O6fvTrni58gn4gwMsTuaXY6OZ5doRrHn/o=", + "zh:0f29f4b20eed363f1564a091cfce4eec3c5d758357efeb703aadb2237617d660", + "zh:10f6e846ebe59625ac9bc3d1fcecda901fe6a31187bb3738c0f17409f5cffd7d", + "zh:2780eeba2c6f67f1e4992a7d9e24bf41f5bf68afb7472679b9a38682aeceaa8d", + "zh:36446bcabd54b0f476963a41c3dbac9135c48185616707124c0756082aca156c", + "zh:6068f51bb11bbccd24b08ab09d9df345b4fb7b33e4295e6c7566bbd759b51175", + "zh:8907f5807531aa7a915527da2e91c5681c6db7e5a30baa5a83fc014c452da3c7", + "zh:915c4dcf76b8cd04420a0e5d72c18c853b8000fa05a54b32fa3e803a75c267b6", + "zh:9cb1807d9c7602354ab97128d8c22abc6cffd9501fdc70bb6a21a3815f0df6f1", + "zh:aa3d12f5e43f52bc0837b51acf754e9ea8a9c04681644662d82a2883f3a25bdd", + "zh:ae811aa63aa8e6f53b728f97d4d5ead9819a6ddf44cf1c0d5cb20144099db1d5", + "zh:ba0a05aa3d5f06a22366fe022035345b088e50e9a9ca6771439cd68fd548c49d", + "zh:ca663c4bfffced0086295e88fa722a501b82f62f8a81a4ac264647042736d6cf", + "zh:d59846038ef81edb9fbbfa69127db907aa534a8e3c8cba69333d554de8661185", ] } diff --git a/terraform/main.tf b/terraform/main.tf index 7082b59c..1f41c0ee 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -5,6 +5,23 @@ provider "proxmox" { pm_tls_insecure = true } + + +terraform { + backend "s3" { + bucket = "terraform" + key = "terraform.tfstate" + region = "us-east-1" + endpoint = "http://minio:9000" + force_path_style = true + skip_requesting_account_id = true + skip_credentials_validation = true + skip_get_ec2_platforms = true + skip_metadata_api_check = true + skip_region_validation = true + } +} + # For full info see: https://blog.xirion.net/posts/nixos-proxmox-lxc/ resource "proxmox_lxc" "nixos-template" { target_node = "nuc" diff --git a/terraform/vault.tf b/terraform/vault.tf index 16bb28f3..7755a743 100644 --- a/terraform/vault.tf +++ b/terraform/vault.tf @@ -7,3 +7,7 @@ provider "vault" { data "vault_generic_secret" "proxmox_auth" { path = "secrets/terraform/proxmox_credentials" } + +data "vault_generic_secret" "minio_auth" { + path = "secrets/terraform/minio_credentials" +} diff --git a/terraform/version.tf b/terraform/version.tf index 5beb9d46..2ed92893 100644 --- a/terraform/version.tf +++ b/terraform/version.tf @@ -2,7 +2,7 @@ terraform { required_providers { proxmox = { source = "telmate/proxmox" - version = "2.9.0" + version = "2.9.3" } vault = { source = "hashicorp/vault" -- 2.47.1 From 48f27dcba2f09987a65e22d956094612690a484b Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Thu, 25 Nov 2021 00:15:19 +0100 Subject: [PATCH 0137/1882] nix,terraform: auto generate tf variables based on hosts.nix --- flake.nix | 27 +++++++- result | 1 + terraform/hosts.auto.tfvars.json | 52 +++++++++++++++ terraform/main.tf | 82 +++++------------------- terraform/{lxc.tf => proxmox_lxc.tf} | 77 +++++++++++++++++++--- terraform/{vms.tf => proxmox_vm_qemu.tf} | 6 +- terraform/vault.tf | 13 ---- terraform/{version.tf => versions.tf} | 0 8 files changed, 165 insertions(+), 93 deletions(-) create mode 120000 result create mode 100644 terraform/hosts.auto.tfvars.json rename terraform/{lxc.tf => proxmox_lxc.tf} (67%) rename terraform/{vms.tf => proxmox_vm_qemu.tf} (90%) delete mode 100644 terraform/vault.tf rename terraform/{version.tf => versions.tf} (100%) diff --git a/flake.nix b/flake.nix index 28e67bc9..630de2c0 100644 --- a/flake.nix +++ b/flake.nix @@ -48,16 +48,31 @@ }; }; + # Generates hosts.auto.tfvars.json for Terraform + genTFVars = let + hostToVar = z@{ hostname, mac, ... }: { + "${hostname}" = { inherit mac; }; + }; + hostSet = lib.foldr (el: acc: acc // hostToVar el) { } hosts; + json = builtins.toJSON { hosts = hostSet; }; + in pkgs.writeScriptBin "gen-tf-vars" '' + echo '${json}' | ${pkgs.jq}/bin/jq > terraform/hosts.auto.tfvars.json; + echo "Generated Terraform Variables"; + ''; + # Import all nixos host definitions that are actual nix machines nixHosts = filter ({ nix ? true, ... }: nix) hosts; - pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ]; + pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} + [ vault-secrets.overlay ]; - deployChecks = mapAttrs (_: lib: lib.deployChecks self.deploy) deploy-rs.lib; + deployChecks = + mapAttrs (_: lib: lib.deployChecks self.deploy) deploy-rs.lib; checks = { }; in { # Make the config and deploy sets - nixosConfigurations = lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; + nixosConfigurations = + lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; deploy.nodes = lib.foldr (el: acc: acc // mkDeploy el) { } nixHosts; apps.x86_64-linux.vault-push-approles = { @@ -70,6 +85,11 @@ "${pkgs.vault-push-approle-envs self}/bin/vault-push-approle-envs"; }; + apps.x86_64-linux.tfvars = { + type = "app"; + program = "${genTFVars}/bin/gen-tf-vars"; + }; + # Use by running `nix develop` devShell.${system} = pkgs.mkShell { VAULT_ADDR = "http://vault.olympus:8200/"; @@ -86,6 +106,7 @@ vault (vault-push-approles self { }) (vault-push-approle-envs self { }) + genTFVars ]; }; diff --git a/result b/result new file mode 120000 index 00000000..aa1e5b2f --- /dev/null +++ b/result @@ -0,0 +1 @@ +/nix/store/0z1qg2m6fjz3wpb93z3cjrvkr198rp6y-tf \ No newline at end of file diff --git a/terraform/hosts.auto.tfvars.json b/terraform/hosts.auto.tfvars.json new file mode 100644 index 00000000..1498605c --- /dev/null +++ b/terraform/hosts.auto.tfvars.json @@ -0,0 +1,52 @@ +{ + "hosts": { + "WoolooTV": { + "mac": "74:40:be:48:85:a4" + }, + "bastion": { + "mac": "82:F0:7C:CB:BD:6D" + }, + "consul": { + "mac": "D6:DE:07:41:73:81" + }, + "dhcp": { + "mac": "3E:2D:E8:AA:E2:81" + }, + "dns-1": { + "mac": "5E:F6:36:23:16:E3" + }, + "dns-2": { + "mac": "B6:04:0B:CD:0F:9F" + }, + "edgerouter": { + "mac": "B4:FB:E4:53:9C:0A" + }, + "eevee": { + "mac": "34:97:f6:93:9A:AA" + }, + "home-assistant": { + "mac": "9E:60:78:ED:81:B4" + }, + "k3s-node1": { + "mac": "2E:F8:55:23:D9:9B" + }, + "minio": { + "mac": "0A:06:5E:E7:9A:0C" + }, + "mosquitto": { + "mac": "C6:F9:8B:3D:9E:37" + }, + "nginx": { + "mac": "6A:C2:89:85:CF:A6" + }, + "nuc": { + "mac": "1C:69:7A:62:30:88" + }, + "unifi-ap": { + "mac": "b4:fb:e4:f3:ff:1b" + }, + "vault": { + "mac": "16:2B:87:55:0C:0C" + } + } +} diff --git a/terraform/main.tf b/terraform/main.tf index 1f41c0ee..49f13aad 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -1,12 +1,3 @@ -provider "proxmox" { - pm_api_url = "https://10.42.42.42:8006/api2/json" - pm_user = data.vault_generic_secret.proxmox_auth.data["user"] - pm_password = data.vault_generic_secret.proxmox_auth.data["pass"] - pm_tls_insecure = true -} - - - terraform { backend "s3" { bucket = "terraform" @@ -22,63 +13,22 @@ terraform { } } -# For full info see: https://blog.xirion.net/posts/nixos-proxmox-lxc/ -resource "proxmox_lxc" "nixos-template" { - target_node = "nuc" - description = "NixOS LXC Template" - hostname = "nixos-template" - ostemplate = "local:vztmpl/nixos-unstable-default_156198829_amd64.tar.xz" - ostype = "unmanaged" - unprivileged = true - vmid = 101 - template = true - - memory = 1024 - - features { - nesting = true - } - - rootfs { - storage = "local-zfs" - size = "8G" - } - - network { - name = "eth0" - bridge = "vmbr0" - ip = "dhcp" - ip6 = "auto" - hwaddr = "22:D7:C1:FF:9D:5F" - } +provider "proxmox" { + pm_api_url = "https://10.42.42.42:8006/api2/json" + pm_user = data.vault_generic_secret.proxmox_auth.data["user"] + pm_password = data.vault_generic_secret.proxmox_auth.data["pass"] + pm_tls_insecure = true } -resource "proxmox_lxc" "nixos-template-2" { - target_node = "nuc" - description = "NixOS LXC Template" - hostname = "nixos-template" - ostype = "unmanaged" - unprivileged = true - vmid = 108 - template = true - cores = 1 - - memory = 512 - - rootfs { - storage = "local-zfs" - size = "8G" - } - - features { - nesting = true - } - - network { - name = "eth0" - bridge = "vmbr0" - ip = "dhcp" - ip6 = "auto" - hwaddr = "FA:71:3F:31:34:41" - } +provider "vault" { + address = "http://vault:8200" + skip_tls_verify = true } + +# Proxmox authentication for terraform +data "vault_generic_secret" "proxmox_auth" { + path = "secrets/terraform/proxmox_credentials" +} + +# Imported from hosts.auto.tfvars.json +variable "hosts" { } diff --git a/terraform/lxc.tf b/terraform/proxmox_lxc.tf similarity index 67% rename from terraform/lxc.tf rename to terraform/proxmox_lxc.tf index b45a4917..f1dbf883 100644 --- a/terraform/lxc.tf +++ b/terraform/proxmox_lxc.tf @@ -1,3 +1,64 @@ +# For full info see: https://blog.xirion.net/posts/nixos-proxmox-lxc/ +resource "proxmox_lxc" "nixos-template" { + target_node = "nuc" + description = "NixOS LXC Template" + hostname = "nixos-template" + ostemplate = "local:vztmpl/nixos-unstable-default_156198829_amd64.tar.xz" + ostype = "unmanaged" + unprivileged = true + vmid = 101 + template = true + + memory = 1024 + + features { + nesting = true + } + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + ip6 = "auto" + hwaddr = "22:D7:C1:FF:9D:5F" + } +} + +resource "proxmox_lxc" "nixos-template-2" { + target_node = "nuc" + description = "NixOS LXC Template" + hostname = "nixos-template" + ostype = "unmanaged" + unprivileged = true + vmid = 108 + template = true + cores = 1 + + memory = 512 + + rootfs { + storage = "local-zfs" + size = "8G" + } + + features { + nesting = true + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + ip6 = "auto" + hwaddr = "FA:71:3F:31:34:41" + } +} + resource "proxmox_lxc" "vault" { target_node = "nuc" description = "Vault Secrets Management" @@ -18,7 +79,7 @@ resource "proxmox_lxc" "vault" { bridge = "vmbr0" ip = "dhcp" ip6 = "auto" - hwaddr = "16:2B:87:55:0C:0C" + hwaddr = var.hosts.vault.mac } } @@ -43,7 +104,7 @@ resource "proxmox_lxc" "mosquitto" { bridge = "vmbr0" ip = "dhcp" ip6 = "auto" - hwaddr = "C6:F9:8B:3D:9E:37" + hwaddr = var.hosts.mosquitto.mac } } @@ -68,7 +129,7 @@ resource "proxmox_lxc" "nginx" { bridge = "vmbr0" ip = "dhcp" ip6 = "auto" - hwaddr = "6A:C2:89:85:CF:A6" + hwaddr = var.hosts.nginx.mac } } @@ -92,7 +153,7 @@ resource "proxmox_lxc" "consul" { bridge = "vmbr0" ip = "dhcp" ip6 = "auto" - hwaddr = "D6:DE:07:41:73:81" + hwaddr = var.hosts.consul.mac } } @@ -117,7 +178,7 @@ resource "proxmox_lxc" "dns-1" { bridge = "vmbr0" ip = "dhcp" ip6 = "auto" - hwaddr = "5E:F6:36:23:16:E3" + hwaddr = var.hosts.dns-1.mac } } @@ -142,7 +203,7 @@ resource "proxmox_lxc" "dns-2" { bridge = "vmbr0" ip = "dhcp" ip6 = "auto" - hwaddr = "B6:04:0B:CD:0F:9F" + hwaddr = var.hosts.dns-2.mac } } @@ -166,7 +227,7 @@ resource "proxmox_lxc" "minio" { bridge = "vmbr0" ip = "dhcp" ip6 = "auto" - hwaddr = "0A:06:5E:E7:9A:0C" + hwaddr = var.hosts.minio.mac } } @@ -188,6 +249,6 @@ resource "proxmox_lxc" "dhcp" { network { name = "eth0" bridge = "vmbr0" - hwaddr = "3E:2D:E8:AA:E2:81" + hwaddr = var.hosts.dhcp.mac } } diff --git a/terraform/vms.tf b/terraform/proxmox_vm_qemu.tf similarity index 90% rename from terraform/vms.tf rename to terraform/proxmox_vm_qemu.tf index fbb73acf..a402a6a2 100644 --- a/terraform/vms.tf +++ b/terraform/proxmox_vm_qemu.tf @@ -21,7 +21,7 @@ resource "proxmox_vm_qemu" "bastion" { network { model = "virtio" - macaddr = "82:F0:7C:CB:BD:6D" + macaddr = var.hosts.bastion.mac bridge = "vmbr0" } } @@ -41,7 +41,7 @@ resource "proxmox_vm_qemu" "k3s-node1" { network { model = "virtio" - macaddr = "2E:F8:55:23:D9:9B" + macaddr = var.hosts.k3s-node1.mac bridge = "vmbr0" } @@ -70,7 +70,7 @@ resource "proxmox_vm_qemu" "home-assistant" { network { model = "virtio" - macaddr = "9E:60:78:ED:81:B4" + macaddr = var.hosts.home-assistant.mac bridge = "vmbr0" } } diff --git a/terraform/vault.tf b/terraform/vault.tf deleted file mode 100644 index 7755a743..00000000 --- a/terraform/vault.tf +++ /dev/null @@ -1,13 +0,0 @@ -provider "vault" { - address = "http://vault:8200" - skip_tls_verify = true -} - -# Proxmox authentication for terraform -data "vault_generic_secret" "proxmox_auth" { - path = "secrets/terraform/proxmox_credentials" -} - -data "vault_generic_secret" "minio_auth" { - path = "secrets/terraform/minio_credentials" -} diff --git a/terraform/version.tf b/terraform/versions.tf similarity index 100% rename from terraform/version.tf rename to terraform/versions.tf -- 2.47.1 From 05e84cf6fa922daa7a3523efd69459f84c22b548 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Thu, 25 Nov 2021 11:58:56 +0100 Subject: [PATCH 0138/1882] terraform: add victoriametrics --- hosts.nix | 5 +++++ terraform/hosts.auto.tfvars.json | 3 +++ terraform/proxmox_lxc.tf | 31 +++++++++++++++++++++++++++---- terraform/proxmox_vm_qemu.tf | 1 + 4 files changed, 36 insertions(+), 4 deletions(-) diff --git a/hosts.nix b/hosts.nix index edfa9456..5db11cf9 100644 --- a/hosts.nix +++ b/hosts.nix @@ -82,6 +82,11 @@ ip = "10.42.42.17"; mac = "0A:06:5E:E7:9A:0C"; } + { + hostname = "victoriametrics"; + ip = "10.42.42.18"; + mac = "A9:E4:AA:7C:7E:EB"; + } { hostname = "nuc"; ip = "10.42.42.42"; diff --git a/terraform/hosts.auto.tfvars.json b/terraform/hosts.auto.tfvars.json index 1498605c..8ae9e269 100644 --- a/terraform/hosts.auto.tfvars.json +++ b/terraform/hosts.auto.tfvars.json @@ -47,6 +47,9 @@ }, "vault": { "mac": "16:2B:87:55:0C:0C" + }, + "victoriametrics": { + "mac": "A9:E4:AA:7C:7E:EB" } } } diff --git a/terraform/proxmox_lxc.tf b/terraform/proxmox_lxc.tf index f1dbf883..afde3029 100644 --- a/terraform/proxmox_lxc.tf +++ b/terraform/proxmox_lxc.tf @@ -66,9 +66,10 @@ resource "proxmox_lxc" "vault" { unprivileged = false # needed for mlock vmid = 102 clone = "101" - memory = 1024 onboot = true + memory = 1024 + rootfs { storage = "local-zfs" size = "8G" @@ -110,7 +111,6 @@ resource "proxmox_lxc" "mosquitto" { resource "proxmox_lxc" "nginx" { target_node = "nuc" - description = "nginx reverse proxy" hostname = "nginx" vmid = 106 clone = 101 @@ -203,7 +203,7 @@ resource "proxmox_lxc" "dns-2" { bridge = "vmbr0" ip = "dhcp" ip6 = "auto" - hwaddr = var.hosts.dns-2.mac + hwaddr = var.hosts.dns-2.mac } } @@ -227,7 +227,7 @@ resource "proxmox_lxc" "minio" { bridge = "vmbr0" ip = "dhcp" ip6 = "auto" - hwaddr = var.hosts.minio.mac + hwaddr = var.hosts.minio.mac } } @@ -252,3 +252,26 @@ resource "proxmox_lxc" "dhcp" { hwaddr = var.hosts.dhcp.mac } } + +resource "proxmox_lxc" "victoriametrics" { + target_node = "nuc" + hostname = "victoriametrics" + vmid = 113 + clone = 108 + unprivileged = true + onboot = true + cores = 1 + + memory = 512 + + rootfs { + storage = "local-zfs" + size = "25G" + } + + network { + name = "eth0" + bridge = "vmbr0" + hwaddr = var.hosts.victoriametrics.mac + } +} diff --git a/terraform/proxmox_vm_qemu.tf b/terraform/proxmox_vm_qemu.tf index a402a6a2..3d505633 100644 --- a/terraform/proxmox_vm_qemu.tf +++ b/terraform/proxmox_vm_qemu.tf @@ -32,6 +32,7 @@ resource "proxmox_vm_qemu" "k3s-node1" { vmid = 103 clone = "bastion" tablet = false + onboot = true memory = 8192 cores = 4 -- 2.47.1 From a42730779783665445a70e693189b113fdca3970 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 2 Dec 2021 16:34:48 +0100 Subject: [PATCH 0139/1882] add victoriametrics --- flake.nix | 42 +++++++++-------- hosts.nix | 4 +- nixos/hosts/minio/configuration.nix | 6 +-- nixos/hosts/victoriametrics/configuration.nix | 46 +++++++++++++++++++ terraform/hosts.auto.tfvars.json | 2 +- terraform/proxmox_lxc.tf | 38 +++++++-------- 6 files changed, 92 insertions(+), 46 deletions(-) create mode 100644 nixos/hosts/victoriametrics/configuration.nix diff --git a/flake.nix b/flake.nix index 630de2c0..f270ec48 100644 --- a/flake.nix +++ b/flake.nix @@ -24,13 +24,14 @@ mkConfig = { hostname, profile ? hostname, lxc ? true, ... }: { "${profile}" = lib.nixosSystem { inherit system; - modules = - [ ./nixos/common "${./.}/nixos/hosts/${profile}/configuration.nix" ] - ++ (if lxc then [ - "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" - ./nixos/common/generic-lxc.nix - ] else - [ ./nixos/common/generic-vm.nix ]); + modules = [ + ./nixos/common + "${./.}/nixos/hosts/${profile}/configuration.nix" + ] ++ (if lxc then [ + "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" + ./nixos/common/generic-lxc.nix + ] else + [ ./nixos/common/generic-vm.nix ]); specialArgs = { inherit hosts inputs; }; }; }; @@ -75,19 +76,20 @@ lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; deploy.nodes = lib.foldr (el: acc: acc // mkDeploy el) { } nixHosts; - apps.x86_64-linux.vault-push-approles = { - type = "app"; - program = "${pkgs.vault-push-approles self}/bin/vault-push-approles"; - }; - apps.x86_64-linux.vault-push-approle-envs = { - type = "app"; - program = - "${pkgs.vault-push-approle-envs self}/bin/vault-push-approle-envs"; - }; - - apps.x86_64-linux.tfvars = { - type = "app"; - program = "${genTFVars}/bin/gen-tf-vars"; + apps.${system} = { + vault-push-approles = { + type = "app"; + program = "${pkgs.vault-push-approles self}/bin/vault-push-approles"; + }; + vault-push-approle-envs = { + type = "app"; + program = + "${pkgs.vault-push-approle-envs self}/bin/vault-push-approle-envs"; + }; + tfvars = { + type = "app"; + program = "${genTFVars}/bin/gen-tf-vars"; + }; }; # Use by running `nix develop` diff --git a/hosts.nix b/hosts.nix index 5db11cf9..8b12632e 100644 --- a/hosts.nix +++ b/hosts.nix @@ -84,8 +84,8 @@ } { hostname = "victoriametrics"; - ip = "10.42.42.18"; - mac = "A9:E4:AA:7C:7E:EB"; + ip = "10.42.42.19"; + mac = "9E:91:61:35:84:1F"; } { hostname = "nuc"; diff --git a/nixos/hosts/minio/configuration.nix b/nixos/hosts/minio/configuration.nix index 0b758860..35df6915 100644 --- a/nixos/hosts/minio/configuration.nix +++ b/nixos/hosts/minio/configuration.nix @@ -3,10 +3,8 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: -let -vs = config.vault-secrets.secrets; -in -{ +let vs = config.vault-secrets.secrets; +in { imports = [ ]; networking.hostName = "minio"; diff --git a/nixos/hosts/victoriametrics/configuration.nix b/nixos/hosts/victoriametrics/configuration.nix new file mode 100644 index 00000000..6d4b4d23 --- /dev/null +++ b/nixos/hosts/victoriametrics/configuration.nix @@ -0,0 +1,46 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: +let + vmPort = 8428; + vs = config.vault-secrets.secrets; +in { + imports = [ ]; + + networking.hostName = "victoriametrics"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ vmPort config.services.grafana.port ]; + networking.firewall.allowedUDPPorts = [ vmPort ]; + + services.victoriametrics = { + enable = true; + listenAddress = ":${toString vmPort}"; + # Data Retention period in months + retentionPeriod = 12; + }; + + vault-secrets.secrets.grafana = { + user = "grafana"; + group = "grafana"; + }; + + services.grafana = { + enable = true; + addr = "0.0.0.0"; + port = 2342; + security.adminPasswordFile = "${vs.grafana}/password"; + }; +} diff --git a/terraform/hosts.auto.tfvars.json b/terraform/hosts.auto.tfvars.json index 8ae9e269..6ffa1bf1 100644 --- a/terraform/hosts.auto.tfvars.json +++ b/terraform/hosts.auto.tfvars.json @@ -49,7 +49,7 @@ "mac": "16:2B:87:55:0C:0C" }, "victoriametrics": { - "mac": "A9:E4:AA:7C:7E:EB" + "mac": "9E:91:61:35:84:1F" } } } diff --git a/terraform/proxmox_lxc.tf b/terraform/proxmox_lxc.tf index afde3029..6b165019 100644 --- a/terraform/proxmox_lxc.tf +++ b/terraform/proxmox_lxc.tf @@ -253,25 +253,25 @@ resource "proxmox_lxc" "dhcp" { } } -resource "proxmox_lxc" "victoriametrics" { - target_node = "nuc" - hostname = "victoriametrics" - vmid = 113 - clone = 108 - unprivileged = true - onboot = true - cores = 1 +# resource "proxmox_lxc" "victoriametrics" { +# target_node = "nuc" +# hostname = "victoriametrics" +# vmid = 113 +# clone = 108 +# unprivileged = true +# onboot = true +# cores = 1 - memory = 512 +# memory = 512 - rootfs { - storage = "local-zfs" - size = "25G" - } +# rootfs { +# storage = "local-zfs" +# size = "25G" +# } - network { - name = "eth0" - bridge = "vmbr0" - hwaddr = var.hosts.victoriametrics.mac - } -} +# network { +# name = "eth0" +# bridge = "vmbr0" +# hwaddr = var.hosts.victoriametrics.mac +# } +# } -- 2.47.1 From 7e06d5eeaf21375163631486ac44175716a33ba7 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 12 Dec 2021 15:51:56 +0100 Subject: [PATCH 0140/1882] nixos: prelim plausible --- flake.lock | 18 ++++----- hosts.nix | 5 +++ nixos/.gitignore | 1 + nixos/hosts/bastion/configuration.nix | 1 + nixos/hosts/nginx/configuration.nix | 9 ++--- nixos/hosts/plausible/configuration.nix | 42 +++++++++++++++++++++ nixos/pkgs/clickhouse/.gitignore | 1 + nixos/pkgs/clickhouse/clickhouse.nix | 1 + nixos/pkgs/clickhouse/default.nix | 49 +++++++++++++++++++++++++ nixos/pkgs/default.nix | 2 + result | 1 - 11 files changed, 115 insertions(+), 15 deletions(-) create mode 100644 nixos/.gitignore create mode 100644 nixos/hosts/plausible/configuration.nix create mode 100644 nixos/pkgs/clickhouse/.gitignore create mode 100644 nixos/pkgs/clickhouse/clickhouse.nix create mode 100644 nixos/pkgs/clickhouse/default.nix delete mode 120000 result diff --git a/flake.lock b/flake.lock index c5928807..b0fc4cb4 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1632822684, - "narHash": "sha256-lt7eayYmgsD5OQwpb1XYfHpxttn43bWo7G7hIJs+zJw=", + "lastModified": 1638665590, + "narHash": "sha256-nhtfL3z4TizWHemyZvgLvq11FhYX5Ya4ke+t6Np5PKQ=", "owner": "serokell", "repo": "deploy-rs", - "rev": "9a02de4373e0ec272d08a417b269a28ac8b961b4", + "rev": "715e92a13018bc1745fb680b5860af0c5641026a", "type": "github" }, "original": { @@ -196,11 +196,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1637605846, - "narHash": "sha256-Llelj1pYeAhGLftPxM2ixSgAfdPBAZOnpBZtpvaZ3Xo=", + "lastModified": 1638918949, + "narHash": "sha256-HDAM4N7dBB0zVgoflnWyVDrGx4oiIUaEjI8YDwk0FFU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d00918ccaf7e1532d35db2f1e3d44db3da39b851", + "rev": "4d07862ea6ed637ee85f868d1bf8a833878bc05e", "type": "github" }, "original": { @@ -285,11 +285,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1637273221, - "narHash": "sha256-ByBCiWlVprVgYGGy2ma7W0DKbtp4Xmj7S5whFrIzO3Q=", + "lastModified": 1638383949, + "narHash": "sha256-k7oMUrp1cMBj59uihyocJVqi4jbU16ycHQqGTJxH1b0=", "owner": "serokell", "repo": "serokell.nix", - "rev": "1649eceabbe6e148b3c1b322b716e873d312599f", + "rev": "faebe5b14155d045ae5d3f76193c8e99e664af1b", "type": "github" }, "original": { diff --git a/hosts.nix b/hosts.nix index 8b12632e..038d0374 100644 --- a/hosts.nix +++ b/hosts.nix @@ -82,6 +82,11 @@ ip = "10.42.42.17"; mac = "0A:06:5E:E7:9A:0C"; } + { + hostname = "plausible"; + ip = "10.42.42.18"; + mac = "82:34:70:FA:44:6F"; + } { hostname = "victoriametrics"; ip = "10.42.42.19"; diff --git a/nixos/.gitignore b/nixos/.gitignore new file mode 100644 index 00000000..1cd791b5 --- /dev/null +++ b/nixos/.gitignore @@ -0,0 +1 @@ +result/ diff --git a/nixos/hosts/bastion/configuration.nix b/nixos/hosts/bastion/configuration.nix index 7b5cc723..5668c0b9 100644 --- a/nixos/hosts/bastion/configuration.nix +++ b/nixos/hosts/bastion/configuration.nix @@ -36,6 +36,7 @@ in { # Additional packages environment.systemPackages = with pkgs; [ + binutils fix-vscode fluxcd k9s diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index 98163520..81f89378 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -8,10 +8,8 @@ let proxyWebsockets = true; }; }; - k8s_proxy = proxy "http://10.42.42.150:8000/"; + k8s_proxy = proxy "http://10.42.42.10:8000/"; in { - imports = [ ]; - networking.hostName = "nginx"; # This value determines the NixOS release from which the default @@ -34,7 +32,8 @@ in { # Reverse Proxies virtualHosts."ha.0x76.dev" = proxy "http://10.42.42.8:8123/"; - virtualHosts."zookeeper-dev.0x76.dev" = proxy "http://10.42.43.28:8085/"; + virtualHosts."zookeeper-dev.0x76.dev" = proxy "http://eevee.olympus:8085/"; + virtualHosts."analytics.0x76.dev" = proxy "http://plausible.olympus:8000/"; # Kubernetes endpoints virtualHosts."0x76.dev" = k8s_proxy; @@ -45,5 +44,5 @@ in { security.acme.email = "victorheld12@gmail.com"; security.acme.acceptTerms = true; - security.acme.preliminarySelfsigned = false; + security.acme.preliminarySelfsigned = true; } diff --git a/nixos/hosts/plausible/configuration.nix b/nixos/hosts/plausible/configuration.nix new file mode 100644 index 00000000..a4c0b258 --- /dev/null +++ b/nixos/hosts/plausible/configuration.nix @@ -0,0 +1,42 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: +let + vs = config.vault-secrets.secrets; + cfg = config.services.plausible; +in { + imports = [ ]; + + networking.hostName = "plausible"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ cfg.server.port ]; + networking.firewall.allowedUDPPorts = [ ]; + + vault-secrets.secrets.plausible = { }; + + services.plausible = { + enable = false; + server = { + baseUrl = "https://analytics.0x76.dev"; + secretKeybaseFile = "${vs.plausible}/secretkeybase"; + }; + adminUser = { + activate = true; + email = "plausible@xirion.net"; + passwordFile = "${vs.plausible}/password"; + }; + }; +} diff --git a/nixos/pkgs/clickhouse/.gitignore b/nixos/pkgs/clickhouse/.gitignore new file mode 100644 index 00000000..b2be92b7 --- /dev/null +++ b/nixos/pkgs/clickhouse/.gitignore @@ -0,0 +1 @@ +result diff --git a/nixos/pkgs/clickhouse/clickhouse.nix b/nixos/pkgs/clickhouse/clickhouse.nix new file mode 100644 index 00000000..be3c3bf5 --- /dev/null +++ b/nixos/pkgs/clickhouse/clickhouse.nix @@ -0,0 +1 @@ +let pkgs = import {}; in pkgs.callPackage (./default.nix) { } diff --git a/nixos/pkgs/clickhouse/default.nix b/nixos/pkgs/clickhouse/default.nix new file mode 100644 index 00000000..7ed89cdb --- /dev/null +++ b/nixos/pkgs/clickhouse/default.nix @@ -0,0 +1,49 @@ +{ stdenv, dpkg, autoPatchelfHook, fetchurl, lib, glibc }: +stdenv.mkDerivation rec { + pname = "clickhouse"; + version = "21.11.5.33"; + + broken = stdenv.buildPlatform.is32bit; + + sourceRoot = "."; + + srcs = [ + (fetchurl { + url = + "https://github.com/ClickHouse/ClickHouse/releases/download/v${version}-stable/clickhouse-common-static-${version}.tgz"; + sha256 = "sha256-WYSxRQWj6We5v3trMZ0r9xr0kyApyEL444os7yTw8fI="; + }) + (fetchurl { + url = + "https://github.com/ClickHouse/ClickHouse/releases/download/v${version}-stable/clickhouse-server-${version}.tgz"; + sha256 = "sha256-mxEObzTlW1A7p8END24H/ovxF/PsmmoPWvEjbRmS9X0="; + }) + ]; + + nativeBuildInputs = [ autoPatchelfHook ]; + buildInputs = [ + glibc + ]; + # hardeningDisable = [ "format" ]; + + installPhase = '' + mkdir -p $out/{bin,etc} + cp -av clickhouse-server-${version}/usr/bin/* $out/bin/ + cp -av clickhouse-server-${version}/etc/clickhouse-server $out/etc/ + cp -av clickhouse-common-static-${version}/usr/bin/* $out/bin/ + + runHook postInstall + ''; + + postInstall = '' + sed -i -e '\!/var/log/clickhouse-server/clickhouse-server\.log!d' $out/etc/clickhouse-server/config.xml + substituteInPlace $out/etc/clickhouse-server/config.xml --replace "/var/log/clickhouse-server/clickhouse-server.err.log" "1" + ''; + + meta = with lib; { + homepage = "https://clickhouse.tech/"; + description = "Column-oriented database management system"; + license = licenses.asl20; + platforms = platforms.linux; + }; +} diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index 42fa93ad..0e944e3c 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -1,4 +1,6 @@ final: prev: { + clickhouse = prev.callPackage ./clickhouse { }; + v = { unbound = prev.unbound.override { withSystemd = true; diff --git a/result b/result deleted file mode 120000 index aa1e5b2f..00000000 --- a/result +++ /dev/null @@ -1 +0,0 @@ -/nix/store/0z1qg2m6fjz3wpb93z3cjrvkr198rp6y-tf \ No newline at end of file -- 2.47.1 From 4e8015446751e5fffd054338bd669ffa2bfa07e9 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 12 Dec 2021 18:47:14 +0100 Subject: [PATCH 0141/1882] nixos: add unifi --- hosts.nix | 5 +++++ nixos/hosts/unifi/configuration.nix | 32 +++++++++++++++++++++++++++++ 2 files changed, 37 insertions(+) create mode 100644 nixos/hosts/unifi/configuration.nix diff --git a/hosts.nix b/hosts.nix index 038d0374..a39debd7 100644 --- a/hosts.nix +++ b/hosts.nix @@ -92,6 +92,11 @@ ip = "10.42.42.19"; mac = "9E:91:61:35:84:1F"; } + { + hostname = "unifi"; + ip = "10.42.42.20"; + mac = "1A:88:A0:B0:65:B4"; + } { hostname = "nuc"; ip = "10.42.42.42"; diff --git a/nixos/hosts/unifi/configuration.nix b/nixos/hosts/unifi/configuration.nix new file mode 100644 index 00000000..22701ebc --- /dev/null +++ b/nixos/hosts/unifi/configuration.nix @@ -0,0 +1,32 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, lib, ... }: + +{ + imports = [ ]; + + networking.hostName = "unifi"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ 8443 ]; + + environment.noXlibs = lib.mkForce false; + + services.unifi = { + enable = true; + openPorts = true; + unifiPackage = pkgs.unifi; + }; +} -- 2.47.1 From 48a11eaa3208c093f58780f24be333330c18453f Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 31 Mar 2022 12:25:45 +0200 Subject: [PATCH 0142/1882] minor updates --- flake.lock | 38 ++++++++++++++--------------- flake.nix | 2 +- hosts.nix | 6 +++++ nixos/common/default.nix | 28 +++++++++++---------- nixos/hosts/nginx/configuration.nix | 4 +-- nixos/hosts/unifi/configuration.nix | 2 +- 6 files changed, 44 insertions(+), 36 deletions(-) diff --git a/flake.lock b/flake.lock index b0fc4cb4..ec53ba11 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1638665590, - "narHash": "sha256-nhtfL3z4TizWHemyZvgLvq11FhYX5Ya4ke+t6Np5PKQ=", + "lastModified": 1648475189, + "narHash": "sha256-gAGAS6IagwoUr1B0ohE3iR6sZ8hP4LSqzYLC8Mq3WGU=", "owner": "serokell", "repo": "deploy-rs", - "rev": "715e92a13018bc1745fb680b5860af0c5641026a", + "rev": "83e0c78291cd08cb827ba0d553ad9158ae5a95c3", "type": "github" }, "original": { @@ -23,11 +23,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1627913399, - "narHash": "sha256-hY8g6H2KFL8ownSiFeMOjwPC8P0ueXpCVEbxgda3pko=", + "lastModified": 1648199409, + "narHash": "sha256-JwPKdC2PoVBkG6E+eWw3j6BMR6sL3COpYWfif7RVb8Y=", "owner": "edolstra", "repo": "flake-compat", - "rev": "12c64ca55c1014cdc1b16ed5a804aa8576601ff2", + "rev": "64a525ee38886ab9028e6f61790de0832aa3ef03", "type": "github" }, "original": { @@ -180,11 +180,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1632086102, - "narHash": "sha256-wVTcf0UclFS+zHtfPToB13jIO7n0U9N50MuRbPjQViE=", + "lastModified": 1648219316, + "narHash": "sha256-Ctij+dOi0ZZIfX5eMhgwugfvB+WZSrvVNAyAuANOsnQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e0ce3c683ae677cf5aab597d645520cddd13392b", + "rev": "30d3d79b7d3607d56546dd2a6b49e156ba0ec634", "type": "github" }, "original": { @@ -196,16 +196,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1638918949, - "narHash": "sha256-HDAM4N7dBB0zVgoflnWyVDrGx4oiIUaEjI8YDwk0FFU=", + "lastModified": 1648632716, + "narHash": "sha256-kCmnDeiaMsdhfnNKjxdOzwRh2H6eQb8yWAL+nNabC/Y=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4d07862ea6ed637ee85f868d1bf8a833878bc05e", + "rev": "710fed5a2483f945b14f4a58af2cd3676b42d8c8", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable-small", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -285,11 +285,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1638383949, - "narHash": "sha256-k7oMUrp1cMBj59uihyocJVqi4jbU16ycHQqGTJxH1b0=", + "lastModified": 1644387507, + "narHash": "sha256-PX1sWtet0N0s83SKdZVR0zFJ1CiN86Cw/IEeQe1s4MY=", "owner": "serokell", "repo": "serokell.nix", - "rev": "faebe5b14155d045ae5d3f76193c8e99e664af1b", + "rev": "e40718ac932e7c629c5f863ed27c72d516dc1356", "type": "github" }, "original": { @@ -300,11 +300,11 @@ }, "utils": { "locked": { - "lastModified": 1631561581, - "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=", + "lastModified": 1648297722, + "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "7e5bf3925f6fbdfaf50a2a7ca0be2879c4261d19", + "rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index f270ec48..839fd546 100644 --- a/flake.nix +++ b/flake.nix @@ -7,7 +7,7 @@ inputs = { deploy-rs.url = "github:serokell/deploy-rs"; - nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; serokell-nix.url = "github:serokell/serokell.nix"; vault-secrets.url = "github:serokell/vault-secrets"; }; diff --git a/hosts.nix b/hosts.nix index a39debd7..9e22346e 100644 --- a/hosts.nix +++ b/hosts.nix @@ -97,6 +97,12 @@ ip = "10.42.42.20"; mac = "1A:88:A0:B0:65:B4"; } + { + hostname = "zmeura"; + ip = "10.42.42.24"; + mac = "b8:27:eb:d5:e0:f5"; + nix = false; + } { hostname = "nuc"; ip = "10.42.42.42"; diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 6545b538..34a7d23e 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -17,20 +17,22 @@ # Nix Settings nix = { package = pkgs.nixUnstable; - autoOptimiseStore = true; - binaryCaches = [ - "https://cachix.cachix.org" - "https://nix-community.cachix.org" - "https://nixpkgs-review-bot.cachix.org" - ]; - binaryCachePublicKeys = [ - "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=" - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - "nixpkgs-review-bot.cachix.org-1:eppgiDjPk7Hkzzz7XlUesk3rcEHqNDozGOrcLc8IqwE=" - ]; - trustedUsers = [ "root" "victor" ]; + settings = { + auto-optimise-store = true; + trusted-users = [ "root" "victor" ]; + substituters = [ + "https://cachix.cachix.org" + "https://nix-community.cachix.org" + "https://nixpkgs-review-bot.cachix.org" + ]; + trusted-public-keys = [ + "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + "nixpkgs-review-bot.cachix.org-1:eppgiDjPk7Hkzzz7XlUesk3rcEHqNDozGOrcLc8IqwE=" + ]; + }; extraOptions = '' - experimental-features = nix-command flakes ca-references + experimental-features = nix-command flakes ''; }; diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index 81f89378..78676bce 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -8,7 +8,7 @@ let proxyWebsockets = true; }; }; - k8s_proxy = proxy "http://10.42.42.10:8000/"; + k8s_proxy = proxy "http://10.42.42.150:8000/"; in { networking.hostName = "nginx"; @@ -42,7 +42,7 @@ in { virtualHosts."whoami.wooloofan.club" = k8s_proxy; }; - security.acme.email = "victorheld12@gmail.com"; + security.acme.defaults.email = "victorheld12@gmail.com"; security.acme.acceptTerms = true; security.acme.preliminarySelfsigned = true; } diff --git a/nixos/hosts/unifi/configuration.nix b/nixos/hosts/unifi/configuration.nix index 22701ebc..c2e6d5db 100644 --- a/nixos/hosts/unifi/configuration.nix +++ b/nixos/hosts/unifi/configuration.nix @@ -26,7 +26,7 @@ services.unifi = { enable = true; - openPorts = true; unifiPackage = pkgs.unifi; + openFirewall = true; }; } -- 2.47.1 From 9e6dc1200031c327d7c6df2035776c3d32d9f6d3 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 4 Apr 2022 13:46:01 +0200 Subject: [PATCH 0143/1882] updated --- flake.nix | 2 +- hosts.nix | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 839fd546..14efdd66 100644 --- a/flake.nix +++ b/flake.nix @@ -93,7 +93,7 @@ }; # Use by running `nix develop` - devShell.${system} = pkgs.mkShell { + devShells.${system}.default = pkgs.mkShell { VAULT_ADDR = "http://vault.olympus:8200/"; # This only support bash so just execute zsh in bash as a workaround :/ buildInputs = with pkgs; [ diff --git a/hosts.nix b/hosts.nix index 9e22346e..747d493c 100644 --- a/hosts.nix +++ b/hosts.nix @@ -86,6 +86,7 @@ hostname = "plausible"; ip = "10.42.42.18"; mac = "82:34:70:FA:44:6F"; + nix = false; } { hostname = "victoriametrics"; -- 2.47.1 From 88e48a3a1fb722930d7382d8085069821dcc3742 Mon Sep 17 00:00:00 2001 From: Flux <> Date: Sat, 9 Apr 2022 16:01:51 +0200 Subject: [PATCH 0144/1882] Add Flux v0.28.5 component manifests --- .../base/flux-system/gotk-components.yaml | 1717 +++++++++++++++-- 1 file changed, 1539 insertions(+), 178 deletions(-) diff --git a/flux/cluster/base/flux-system/gotk-components.yaml b/flux/cluster/base/flux-system/gotk-components.yaml index 71f648a8..35d3661a 100644 --- a/flux/cluster/base/flux-system/gotk-components.yaml +++ b/flux/cluster/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.24.0 +# Flux Version: v0.28.5 # Components: source-controller,kustomize-controller,helm-controller,notification-controller,image-reflector-controller,image-automation-controller apiVersion: v1 kind: Namespace @@ -8,19 +8,21 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 + pod-security.kubernetes.io/warn: restricted + pod-security.kubernetes.io/warn-version: latest name: flux-system --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -32,15 +34,15 @@ spec: scope: Namespaced versions: - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date name: v1beta1 schema: openAPIV3Schema: @@ -92,6 +94,15 @@ spec: - ImagePolicy - ImageUpdateAutomation type: string + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object name: description: Name of the referent maxLength: 53 @@ -116,7 +127,7 @@ spec: description: Send events using this provider. properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -227,12 +238,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -244,8 +255,8 @@ spec: scope: Namespaced versions: - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL + - jsonPath: .spec.endpoint + name: Endpoint type: string - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready @@ -338,7 +349,7 @@ spec: for the Bucket. properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -348,8 +359,8 @@ spec: of this source. type: boolean timeout: - default: 20s - description: The timeout for download operations, defaults to 20s. + default: 60s + description: The timeout for download operations, defaults to 60s. type: string required: - bucketName @@ -357,6 +368,8 @@ spec: - interval type: object status: + default: + observedGeneration: -1 description: BucketStatus defines the observed state of a bucket properties: artifact: @@ -458,7 +471,8 @@ spec: type: array lastHandledReconcileAt: description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change can be detected. + reconcile request value, so a change of the annotation value can + be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. @@ -471,6 +485,255 @@ spec: type: object type: object served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.endpoint + name: Endpoint + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: Bucket is the Schema for the buckets API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BucketSpec specifies the required configuration to produce + an Artifact for an object storage bucket. + properties: + accessFrom: + description: 'AccessFrom specifies an Access Control List for allowing + cross-namespace references to this object. NOTE: Not implemented, + provisional as of https://github.com/fluxcd/flux2/pull/2092' + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + bucketName: + description: BucketName is the name of the object storage bucket. + type: string + endpoint: + description: Endpoint is the object storage address the BucketName + is located at. + type: string + ignore: + description: Ignore overrides the set of excluded patterns in the + .sourceignore format (which is the same as .gitignore). If not provided, + a default will be used, consult the documentation for your version + to find out what those are. + type: string + insecure: + description: Insecure allows connecting to a non-TLS HTTP Endpoint. + type: boolean + interval: + description: Interval at which to check the Endpoint for updates. + type: string + provider: + default: generic + description: Provider of the object storage bucket. Defaults to 'generic', + which expects an S3 (API) compatible object storage. + enum: + - generic + - aws + - gcp + - azure + type: string + region: + description: Region of the Endpoint where the BucketName is located + in. + type: string + secretRef: + description: SecretRef specifies the Secret containing authentication + credentials for the Bucket. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: Suspend tells the controller to suspend the reconciliation + of this Bucket. + type: boolean + timeout: + default: 60s + description: Timeout for fetch operations, defaults to 60s. + type: string + required: + - bucketName + - endpoint + - interval + type: object + status: + default: + observedGeneration: -1 + description: BucketStatus records the observed state of a Bucket. + properties: + artifact: + description: Artifact represents the last successful Bucket reconciliation. + properties: + checksum: + description: Checksum is the SHA256 checksum of the Artifact file. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of the Artifact. + format: date-time + type: string + path: + description: Path is the relative file path of the Artifact. It + can be used to locate the file in the root of the Artifact storage + on the local file system of the controller managing the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: URL is the HTTP address of the Artifact as exposed + by the controller managing the Source. It can be used to retrieve + the Artifact for consumption, e.g. by another controller applying + the Artifact contents. + type: string + required: + - path + - url + type: object + conditions: + description: Conditions holds the conditions for the Bucket. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation of + the Bucket object. + format: int64 + type: integer + url: + description: URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact + data is recommended. + type: string + type: object + type: object + served: true storage: true subresources: status: {} @@ -485,12 +748,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -591,7 +854,7 @@ spec: description: Reference to a GitRepository to include. properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -638,7 +901,7 @@ spec: and known_hosts fields. properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -648,9 +911,9 @@ spec: of this source. type: boolean timeout: - default: 20s + default: 60s description: The timeout for remote Git operations like cloning, defaults - to 20s. + to 60s. type: string url: description: The repository URL, can be a HTTP/S or SSH address. @@ -671,7 +934,7 @@ spec: trusted Git authors. properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -684,6 +947,8 @@ spec: - url type: object status: + default: + observedGeneration: -1 description: GitRepositoryStatus defines the observed state of a Git repository. properties: artifact: @@ -815,7 +1080,8 @@ spec: type: array lastHandledReconcileAt: description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change can be detected. + reconcile request value, so a change of the annotation value can + be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. @@ -828,6 +1094,373 @@ spec: type: object type: object served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: GitRepository is the Schema for the gitrepositories API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: GitRepositorySpec specifies the required configuration to + produce an Artifact for a Git repository. + properties: + accessFrom: + description: 'AccessFrom specifies an Access Control List for allowing + cross-namespace references to this object. NOTE: Not implemented, + provisional as of https://github.com/fluxcd/flux2/pull/2092' + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + gitImplementation: + default: go-git + description: GitImplementation specifies which Git client library + implementation to use. Defaults to 'go-git', valid values are ('go-git', + 'libgit2'). + enum: + - go-git + - libgit2 + type: string + ignore: + description: Ignore overrides the set of excluded patterns in the + .sourceignore format (which is the same as .gitignore). If not provided, + a default will be used, consult the documentation for your version + to find out what those are. + type: string + include: + description: Include specifies a list of GitRepository resources which + Artifacts should be included in the Artifact produced for this GitRepository. + items: + description: GitRepositoryInclude specifies a local reference to + a GitRepository which Artifact (sub-)contents must be included, + and where they should be placed. + properties: + fromPath: + description: FromPath specifies the path to copy contents from, + defaults to the root of the Artifact. + type: string + repository: + description: GitRepositoryRef specifies the GitRepository which + Artifact contents must be included. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + toPath: + description: ToPath specifies the path to copy contents to, + defaults to the name of the GitRepositoryRef. + type: string + required: + - repository + type: object + type: array + interval: + description: Interval at which to check the GitRepository for updates. + type: string + recurseSubmodules: + description: RecurseSubmodules enables the initialization of all submodules + within the GitRepository as cloned from the URL, using their default + settings. This option is available only when using the 'go-git' + GitImplementation. + type: boolean + ref: + description: Reference specifies the Git reference to resolve and + monitor for changes, defaults to the 'master' branch. + properties: + branch: + description: "Branch to check out, defaults to 'master' if no + other field is defined. \n When GitRepositorySpec.GitImplementation + is set to 'go-git', a shallow clone of the specified branch + is performed." + type: string + commit: + description: "Commit SHA to check out, takes precedence over all + reference fields. \n When GitRepositorySpec.GitImplementation + is set to 'go-git', this can be combined with Branch to shallow + clone the branch, in which the commit is expected to exist." + type: string + semver: + description: SemVer tag expression to check out, takes precedence + over Tag. + type: string + tag: + description: Tag to check out, takes precedence over Branch. + type: string + type: object + secretRef: + description: SecretRef specifies the Secret containing authentication + credentials for the GitRepository. For HTTPS repositories the Secret + must contain 'username' and 'password' fields. For SSH repositories + the Secret must contain 'identity', 'identity.pub' and 'known_hosts' + fields. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: Suspend tells the controller to suspend the reconciliation + of this GitRepository. + type: boolean + timeout: + default: 60s + description: Timeout for Git operations like cloning, defaults to + 60s. + type: string + url: + description: URL specifies the Git repository URL, it can be an HTTP/S + or SSH address. + pattern: ^(http|https|ssh):// + type: string + verify: + description: Verification specifies the configuration to verify the + Git commit signature(s). + properties: + mode: + description: Mode specifies what Git object should be verified, + currently ('head'). + enum: + - head + type: string + secretRef: + description: SecretRef specifies the Secret containing the public + keys of trusted Git authors. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - mode + type: object + required: + - interval + - url + type: object + status: + default: + observedGeneration: -1 + description: GitRepositoryStatus records the observed state of a Git repository. + properties: + artifact: + description: Artifact represents the last successful GitRepository + reconciliation. + properties: + checksum: + description: Checksum is the SHA256 checksum of the Artifact file. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of the Artifact. + format: date-time + type: string + path: + description: Path is the relative file path of the Artifact. It + can be used to locate the file in the root of the Artifact storage + on the local file system of the controller managing the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: URL is the HTTP address of the Artifact as exposed + by the controller managing the Source. It can be used to retrieve + the Artifact for consumption, e.g. by another controller applying + the Artifact contents. + type: string + required: + - path + - url + type: object + conditions: + description: Conditions holds the conditions for the GitRepository. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + includedArtifacts: + description: IncludedArtifacts contains a list of the last successfully + included Artifacts as instructed by GitRepositorySpec.Include. + items: + description: Artifact represents the output of a Source reconciliation. + properties: + checksum: + description: Checksum is the SHA256 checksum of the Artifact + file. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of the Artifact. + format: date-time + type: string + path: + description: Path is the relative file path of the Artifact. + It can be used to locate the file in the root of the Artifact + storage on the local file system of the controller managing + the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: URL is the HTTP address of the Artifact as exposed + by the controller managing the Source. It can be used to retrieve + the Artifact for consumption, e.g. by another controller applying + the Artifact contents. + type: string + required: + - path + - url + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation of + the GitRepository object. + format: int64 + type: integer + url: + description: URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise GitRepositoryStatus.Artifact + data is recommended. + type: string + type: object + type: object + served: true storage: true subresources: status: {} @@ -842,12 +1475,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -997,6 +1630,8 @@ spec: - sourceRef type: object status: + default: + observedGeneration: -1 description: HelmChartStatus defines the observed state of the HelmChart. properties: artifact: @@ -1098,7 +1733,8 @@ spec: type: array lastHandledReconcileAt: description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change can be detected. + reconcile request value, so a change of the annotation value can + be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. @@ -1110,6 +1746,287 @@ spec: type: object type: object served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.chart + name: Chart + type: string + - jsonPath: .spec.version + name: Version + type: string + - jsonPath: .spec.sourceRef.kind + name: Source Kind + type: string + - jsonPath: .spec.sourceRef.name + name: Source Name + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: HelmChart is the Schema for the helmcharts API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HelmChartSpec specifies the desired state of a Helm chart. + properties: + accessFrom: + description: 'AccessFrom specifies an Access Control List for allowing + cross-namespace references to this object. NOTE: Not implemented, + provisional as of https://github.com/fluxcd/flux2/pull/2092' + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + chart: + description: Chart is the name or path the Helm chart is available + at in the SourceRef. + type: string + interval: + description: Interval is the interval at which to check the Source + for updates. + type: string + reconcileStrategy: + default: ChartVersion + description: ReconcileStrategy determines what enables the creation + of a new artifact. Valid values are ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their + behavior. Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: SourceRef is the reference to the Source the chart is + available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent, valid values are ('HelmRepository', + 'GitRepository', 'Bucket'). + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + type: string + required: + - kind + - name + type: object + suspend: + description: Suspend tells the controller to suspend the reconciliation + of this source. + type: boolean + valuesFile: + description: ValuesFile is an alternative values file to use as the + default chart values, expected to be a relative path in the SourceRef. + Deprecated in favor of ValuesFiles, for backwards compatibility + the file specified here is merged before the ValuesFiles items. + Ignored when omitted. + type: string + valuesFiles: + description: ValuesFiles is an alternative list of values files to + use as the chart values (values.yaml is not included by default), + expected to be a relative path in the SourceRef. Values files are + merged in the order of this list with the last file overriding the + first. Ignored when omitted. + items: + type: string + type: array + version: + default: '*' + description: Version is the chart version semver expression, ignored + for charts from GitRepository and Bucket sources. Defaults to latest + when omitted. + type: string + required: + - chart + - interval + - sourceRef + type: object + status: + default: + observedGeneration: -1 + description: HelmChartStatus records the observed state of the HelmChart. + properties: + artifact: + description: Artifact represents the output of the last successful + reconciliation. + properties: + checksum: + description: Checksum is the SHA256 checksum of the Artifact file. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of the Artifact. + format: date-time + type: string + path: + description: Path is the relative file path of the Artifact. It + can be used to locate the file in the root of the Artifact storage + on the local file system of the controller managing the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: URL is the HTTP address of the Artifact as exposed + by the controller managing the Source. It can be used to retrieve + the Artifact for consumption, e.g. by another controller applying + the Artifact contents. + type: string + required: + - path + - url + type: object + conditions: + description: Conditions holds the conditions for the HelmChart. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedChartName: + description: ObservedChartName is the last observed chart name as + specified by the resolved chart reference. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation of + the HelmChart object. + format: int64 + type: integer + observedSourceArtifactRevision: + description: ObservedSourceArtifactRevision is the last observed Artifact.Revision + of the HelmChartSpec.SourceRef. + type: string + url: + description: URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact + data is recommended. + type: string + type: object + type: object + served: true storage: true subresources: status: {} @@ -1124,12 +2041,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -1143,15 +2060,15 @@ spec: scope: Namespaced versions: - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date name: v2beta1 schema: openAPIV3Schema: @@ -1173,11 +2090,11 @@ spec: description: HelmReleaseSpec defines the desired state of a Helm release. properties: chart: - description: Chart defines the template of the v1beta1.HelmChart that + description: Chart defines the template of the v1beta2.HelmChart that should be created for this HelmRelease. properties: spec: - description: Spec holds the template for the v1beta1.HelmChartSpec + description: Spec holds the template for the v1beta2.HelmChartSpec for this HelmRelease. properties: chart: @@ -1185,7 +2102,7 @@ spec: at in the SourceRef. type: string interval: - description: Interval at which to check the v1beta1.Source + description: Interval at which to check the v1beta2.Source for updates. Defaults to 'HelmReleaseSpec.Interval'. type: string reconcileStrategy: @@ -1199,7 +2116,7 @@ spec: - Revision type: string sourceRef: - description: The name and namespace of the v1beta1.Source + description: The name and namespace of the v1beta2.Source the chart is available at. properties: apiVersion: @@ -1244,7 +2161,7 @@ spec: version: default: '*' description: Version semver expression, ignored for charts - from v1beta1.GitRepository and v1beta1.Bucket sources. Defaults + from v1beta2.GitRepository and v1beta2.Bucket sources. Defaults to latest when omitted. type: string required: @@ -1255,18 +2172,19 @@ spec: - spec type: object dependsOn: - description: DependsOn may contain a dependency.CrossNamespaceDependencyReference + description: DependsOn may contain a meta.NamespacedObjectReference slice with references to HelmRelease resources that must be ready before this HelmRelease can be reconciled. items: - description: CrossNamespaceDependencyReference holds the reference - to a dependency. + description: NamespacedObjectReference contains enough information + to locate the referenced Kubernetes resource object in any namespace. properties: name: - description: Name holds the name reference of a dependency. + description: Name of the referent. type: string namespace: - description: Namespace holds the namespace reference of a dependency. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name @@ -1373,7 +2291,7 @@ spec: for reconciling the HelmRelease. properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -1423,6 +2341,61 @@ spec: - name type: object type: array + patches: + description: Strategic merge and JSON patches, defined as + inline YAML objects, capable of targeting objects based + on kind, label and annotation selectors. + items: + description: Patch contains an inline StrategicMerge or + JSON6902 patch, and the target the patch should be applied + to. + properties: + patch: + description: Patch contains an inline StrategicMerge + patch or an inline JSON6902 patch with an array + of operation objects. + type: string + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: AnnotationSelector is a string that + follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: Group is the API group to select + resources from. Together with Version and Kind + it is capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: Kind of the API Group to select resources + from. Together with Group and Version it is + capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: LabelSelector is a string that follows + the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: Version of the API Group to select + resources from. Together with Group and Kind + it is capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + type: object + type: array patchesJson6902: description: JSON 6902 patches, defined as inline YAML objects. items: @@ -1434,11 +2407,20 @@ spec: with an array of operation objects. items: description: JSON6902 is a JSON6902 operation object. - https://tools.ietf.org/html/rfc6902#section-4 + https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: + description: From contains a JSON-pointer value + that references a location within the target + document where the operation is performed. + The meaning of the value depends on the value + of Op, and is NOT taken into account by all + operations. type: string op: + description: Op indicates the operation to perform. + Its value MUST be one of "add", "remove", + "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -1448,8 +2430,17 @@ spec: - copy type: string path: + description: Path contains the JSON-pointer + value that references a location within the + target document where the operation is performed. + The meaning of the value depends on the value + of Op. type: string value: + description: Value contains a valid JSON structure. + The meaning of the value depends on the value + of Op, and is NOT taken into account by all + operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -1603,6 +2594,10 @@ spec: description: DisableHooks prevents hooks from running during the Helm rollback action. type: boolean + disableWait: + description: DisableWait disables waiting for all the resources + to be deleted after a Helm uninstall is performed. + type: boolean keepHistory: description: KeepHistory tells Helm to remove all associated resources and mark the release as deleted, but retain the release history. @@ -1852,7 +2847,8 @@ spec: type: string lastHandledReconcileAt: description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change can be detected. + reconcile request value, so a change of the annotation value can + be detected. type: string lastReleaseRevision: description: LastReleaseRevision is the revision of the last successful @@ -1884,12 +2880,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1980,7 +2976,7 @@ spec: certFile and keyFile, and/or caCert fields. properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -2002,6 +2998,8 @@ spec: - url type: object status: + default: + observedGeneration: -1 description: HelmRepositoryStatus defines the observed state of the HelmRepository. properties: artifact: @@ -2103,7 +3101,8 @@ spec: type: array lastHandledReconcileAt: description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change can be detected. + reconcile request value, so a change of the annotation value can + be detected. type: string observedGeneration: description: ObservedGeneration is the last observed generation. @@ -2115,6 +3114,239 @@ spec: type: object type: object served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: HelmRepository is the Schema for the helmrepositories API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HelmRepositorySpec specifies the required configuration to + produce an Artifact for a Helm repository index YAML. + properties: + accessFrom: + description: 'AccessFrom specifies an Access Control List for allowing + cross-namespace references to this object. NOTE: Not implemented, + provisional as of https://github.com/fluxcd/flux2/pull/2092' + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + interval: + description: Interval at which to check the URL for updates. + type: string + passCredentials: + description: PassCredentials allows the credentials from the SecretRef + to be passed on to a host that does not match the host as defined + in URL. This may be required if the host of the advertised chart + URLs in the index differ from the defined URL. Enabling this should + be done with caution, as it can potentially result in credentials + getting stolen in a MITM-attack. + type: boolean + secretRef: + description: SecretRef specifies the Secret containing authentication + credentials for the HelmRepository. For HTTP/S basic auth the secret + must contain 'username' and 'password' fields. For TLS the secret + must contain a 'certFile' and 'keyFile', and/or 'caCert' fields. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: Suspend tells the controller to suspend the reconciliation + of this HelmRepository. + type: boolean + timeout: + default: 60s + description: Timeout of the index fetch operation, defaults to 60s. + type: string + url: + description: URL of the Helm repository, a valid URL contains at least + a protocol and host. + type: string + required: + - interval + - url + type: object + status: + default: + observedGeneration: -1 + description: HelmRepositoryStatus records the observed state of the HelmRepository. + properties: + artifact: + description: Artifact represents the last successful HelmRepository + reconciliation. + properties: + checksum: + description: Checksum is the SHA256 checksum of the Artifact file. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of the Artifact. + format: date-time + type: string + path: + description: Path is the relative file path of the Artifact. It + can be used to locate the file in the root of the Artifact storage + on the local file system of the controller managing the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: URL is the HTTP address of the Artifact as exposed + by the controller managing the Source. It can be used to retrieve + the Artifact for consumption, e.g. by another controller applying + the Artifact contents. + type: string + required: + - path + - url + type: object + conditions: + description: Conditions holds the conditions for the HelmRepository. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation of + the HelmRepository object. + format: int64 + type: integer + url: + description: URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise HelmRepositoryStatus.Artifact + data is recommended. + type: string + type: object + type: object + served: true storage: true subresources: status: {} @@ -2129,12 +3361,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: imagepolicies.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -2190,7 +3422,7 @@ spec: image being scanned properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -2246,8 +3478,6 @@ spec: - policy type: object status: - default: - observedGeneration: -1 description: ImagePolicyStatus defines the observed state of ImagePolicy properties: conditions: @@ -2325,7 +3555,6 @@ spec: the policy. type: string observedGeneration: - description: ObservedGeneration is the last reconciled generation. format: int64 type: integer type: object @@ -2379,7 +3608,7 @@ spec: image being scanned properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -2565,11 +3794,11 @@ spec: image being scanned properties: name: - description: Name of the referent + description: Name of the referent. type: string namespace: description: Namespace of the referent, when not specified it - acts as LocalObjectReference + acts as LocalObjectReference. type: string required: - name @@ -2625,6 +3854,8 @@ spec: - policy type: object status: + default: + observedGeneration: -1 description: ImagePolicyStatus defines the observed state of ImagePolicy properties: conditions: @@ -2721,12 +3952,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: imagerepositories.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -2775,7 +4006,7 @@ spec: server certificate." properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -2793,7 +4024,7 @@ spec: created with `kubectl create secret docker-registry`, or the equivalent. properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -2808,8 +4039,6 @@ spec: type: string type: object status: - default: - observedGeneration: -1 description: ImageRepositoryStatus defines the observed state of ImageRepository properties: canonicalImageName: @@ -2888,7 +4117,8 @@ spec: type: array lastHandledReconcileAt: description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change can be detected. + reconcile request value, so a change of the annotation value can + be detected. type: string lastScanResult: description: LastScanResult contains the number of fetched tags. @@ -2949,7 +4179,7 @@ spec: server certificate." properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -2967,7 +4197,7 @@ spec: created with `kubectl create secret docker-registry`, or the equivalent. properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -3060,7 +4290,8 @@ spec: type: array lastHandledReconcileAt: description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change can be detected. + reconcile request value, so a change of the annotation value can + be detected. type: string lastScanResult: description: LastScanResult contains the number of fetched tags. @@ -3117,14 +4348,27 @@ spec: labels. properties: namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. properties: matchLabels: additionalProperties: type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. type: object type: object type: array + required: + - namespaceSelectors type: object certSecretRef: description: "CertSecretRef can be given the name of a secret containing @@ -3136,7 +4380,7 @@ spec: server certificate." properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -3154,7 +4398,7 @@ spec: created with `kubectl create secret docker-registry`, or the equivalent. properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -3169,6 +4413,8 @@ spec: type: string type: object status: + default: + observedGeneration: -1 description: ImageRepositoryStatus defines the observed state of ImageRepository properties: canonicalImageName: @@ -3247,7 +4493,8 @@ spec: type: array lastHandledReconcileAt: description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change can be detected. + reconcile request value, so a change of the annotation value can + be detected. type: string lastScanResult: description: LastScanResult contains the number of fetched tags. @@ -3281,12 +4528,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: imageupdateautomations.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3336,7 +4583,7 @@ spec: details to a git repository to update files in. properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -3372,7 +4619,7 @@ spec: be in the same namespace as the ImageUpdateAutomation. properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -3509,7 +4756,8 @@ spec: type: string lastHandledReconcileAt: description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change can be detected. + reconcile request value, so a change of the annotation value can + be detected. type: string lastPushCommit: description: LastPushCommit records the SHA1 of the last commit made @@ -3621,7 +4869,7 @@ spec: value. It must be in the same namespace as the ImageUpdateAutomation. properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -3780,7 +5028,8 @@ spec: type: string lastHandledReconcileAt: description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change can be detected. + reconcile request value, so a change of the annotation value can + be detected. type: string lastPushCommit: description: LastPushCommit records the SHA1 of the last commit made @@ -3840,19 +5089,24 @@ spec: from the Git repository. properties: branch: - description: The Git branch to checkout, defaults to master. + description: "Branch to check out, defaults to 'master' + if no other field is defined. \n When GitRepositorySpec.GitImplementation + is set to 'go-git', a shallow clone of the specified + branch is performed." type: string commit: - description: The Git commit SHA to checkout, if specified - Tag filters will be ignored. + description: "Commit SHA to check out, takes precedence + over all reference fields. \n When GitRepositorySpec.GitImplementation + is set to 'go-git', this can be combined with Branch + to shallow clone the branch, in which the commit is + expected to exist." type: string semver: - description: The Git tag semver expression, takes precedence - over Tag. + description: SemVer tag expression to check out, takes + precedence over Tag. type: string tag: - description: The Git tag to checkout, takes precedence - over Branch. + description: Tag to check out, takes precedence over Branch. type: string type: object required: @@ -3892,7 +5146,7 @@ spec: value. It must be in the same namespace as the ImageUpdateAutomation. properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -3926,16 +5180,20 @@ spec: to a git repository. properties: apiVersion: - description: API version of the referent + description: API version of the referent. type: string kind: default: GitRepository - description: Kind of the referent + description: Kind of the referent. enum: - GitRepository type: string name: - description: Name of the referent + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, defaults to the namespace + of the Kubernetes resource object that contains the reference. type: string required: - kind @@ -3971,6 +5229,8 @@ spec: - sourceRef type: object status: + default: + observedGeneration: -1 description: ImageUpdateAutomationStatus defines the observed state of ImageUpdateAutomation properties: @@ -4051,7 +5311,8 @@ spec: type: string lastHandledReconcileAt: description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change can be detected. + reconcile request value, so a change of the annotation value can + be detected. type: string lastPushCommit: description: LastPushCommit records the SHA1 of the last commit made @@ -4081,12 +5342,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -4143,7 +5404,7 @@ spec: used for decryption. properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -4152,18 +5413,19 @@ spec: - provider type: object dependsOn: - description: DependsOn may contain a dependency.CrossNamespaceDependencyReference + description: DependsOn may contain a meta.NamespacedObjectReference slice with references to Kustomization resources that must be ready before this Kustomization can be reconciled. items: - description: CrossNamespaceDependencyReference holds the reference - to a dependency. + description: NamespacedObjectReference contains enough information + to locate the referenced Kubernetes resource object in any namespace. properties: name: - description: Name holds the name reference of a dependency. + description: Name of the referent. type: string namespace: - description: Namespace holds the namespace reference of a dependency. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name @@ -4178,21 +5440,22 @@ spec: description: A list of resources to be included in the health assessment. items: description: NamespacedObjectKindReference contains enough information - to let you locate the typed referenced object in any namespace + to locate the typed referenced Kubernetes resource object in any + namespace. properties: apiVersion: description: API version of the referent, if not specified the - Kubernetes preferred version will be used + Kubernetes preferred version will be used. type: string kind: - description: Kind of the referent + description: Kind of the referent. type: string name: - description: Name of the referent + description: Name of the referent. type: string namespace: description: Namespace of the referent, when not specified it - acts as LocalObjectReference + acts as LocalObjectReference. type: string required: - kind @@ -4245,7 +5508,7 @@ spec: for reconciling the Kustomization. properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -4256,13 +5519,12 @@ spec: objects, capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains either a StrategicMerge or a JSON6902 - patch, either a file or inline, and the target the patch should - be applied to. + description: Patch contains an inline StrategicMerge or JSON6902 + patch, and the target the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with - an array of operation objects. + description: Patch contains an inline StrategicMerge patch or + an inline JSON6902 patch with an array of operation objects. type: string target: description: Target points to the resources that the patch document @@ -4313,11 +5575,18 @@ spec: description: Patch contains the JSON6902 patch document with an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://tools.ietf.org/html/rfc6902#section-4 + description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: + description: From contains a JSON-pointer value that references + a location within the target document where the operation + is performed. The meaning of the value depends on the + value of Op, and is NOT taken into account by all operations. type: string op: + description: Op indicates the operation to perform. Its + value MUST be one of "add", "remove", "replace", "move", + "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -4327,8 +5596,15 @@ spec: - copy type: string path: + description: Path contains the JSON-pointer value that + references a location within the target document where + the operation is performed. The meaning of the value + depends on the value of Op. type: string value: + description: Value contains a valid JSON structure. The + meaning of the value depends on the value of Op, and + is NOT taken into account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -4581,7 +5857,8 @@ spec: type: string lastHandledReconcileAt: description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change can be detected. + reconcile request value, so a change of the annotation value can + be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -4622,15 +5899,15 @@ spec: subresources: status: {} - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date name: v1beta2 schema: openAPIV3Schema: @@ -4666,7 +5943,7 @@ spec: used for decryption. properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -4675,18 +5952,19 @@ spec: - provider type: object dependsOn: - description: DependsOn may contain a dependency.CrossNamespaceDependencyReference + description: DependsOn may contain a meta.NamespacedObjectReference slice with references to Kustomization resources that must be ready before this Kustomization can be reconciled. items: - description: CrossNamespaceDependencyReference holds the reference - to a dependency. + description: NamespacedObjectReference contains enough information + to locate the referenced Kubernetes resource object in any namespace. properties: name: - description: Name holds the name reference of a dependency. + description: Name of the referent. type: string namespace: - description: Namespace holds the namespace reference of a dependency. + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. type: string required: - name @@ -4701,21 +5979,22 @@ spec: description: A list of resources to be included in the health assessment. items: description: NamespacedObjectKindReference contains enough information - to let you locate the typed referenced object in any namespace + to locate the typed referenced Kubernetes resource object in any + namespace. properties: apiVersion: description: API version of the referent, if not specified the - Kubernetes preferred version will be used + Kubernetes preferred version will be used. type: string kind: - description: Kind of the referent + description: Kind of the referent. type: string name: - description: Name of the referent + description: Name of the referent. type: string namespace: description: Namespace of the referent, when not specified it - acts as LocalObjectReference + acts as LocalObjectReference. type: string required: - kind @@ -4768,7 +6047,7 @@ spec: for reconciling the Kustomization. properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -4779,13 +6058,12 @@ spec: objects, capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains either a StrategicMerge or a JSON6902 - patch, either a file or inline, and the target the patch should - be applied to. + description: Patch contains an inline StrategicMerge or JSON6902 + patch, and the target the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with - an array of operation objects. + description: Patch contains an inline StrategicMerge patch or + an inline JSON6902 patch with an array of operation objects. type: string target: description: Target points to the resources that the patch document @@ -4837,11 +6115,18 @@ spec: description: Patch contains the JSON6902 patch document with an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://tools.ietf.org/html/rfc6902#section-4 + description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: + description: From contains a JSON-pointer value that references + a location within the target document where the operation + is performed. The meaning of the value depends on the + value of Op, and is NOT taken into account by all operations. type: string op: + description: Op indicates the operation to perform. Its + value MUST be one of "add", "remove", "replace", "move", + "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -4851,8 +6136,15 @@ spec: - copy type: string path: + description: Path contains the JSON-pointer value that + references a location within the target document where + the operation is performed. The meaning of the value + depends on the value of Op. type: string value: + description: Value contains a valid JSON structure. The + meaning of the value depends on the value of Op, and + is NOT taken into account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -4949,6 +6241,14 @@ spec: maxLength: 253 minLength: 1 type: string + optional: + default: false + description: Optional indicates whether the referenced resource + must exist, or whether to tolerate its absence. If true + and the referenced resource is absent, proceed as if the + resource was present but empty, without any variables + defined. + type: boolean required: - kind - name @@ -5133,7 +6433,8 @@ spec: type: string lastHandledReconcileAt: description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change can be detected. + reconcile request value, so a change of the annotation value can + be detected. type: string observedGeneration: description: ObservedGeneration is the last reconciled generation. @@ -5156,12 +6457,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5173,15 +6474,15 @@ spec: scope: Namespaced versions: - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date name: v1beta1 schema: openAPIV3Schema: @@ -5211,7 +6512,7 @@ spec: a PEM-encoded CA certificate (`caFile`) properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -5228,7 +6529,7 @@ spec: using "address" as data key properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -5258,6 +6559,7 @@ spec: - matrix - opsgenie - alertmanager + - grafana type: string username: description: Bot username for this provider @@ -5360,12 +6662,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5377,15 +6679,15 @@ spec: scope: Namespaced versions: - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date name: v1beta1 schema: openAPIV3Schema: @@ -5434,6 +6736,15 @@ spec: - ImagePolicy - ImageUpdateAutomation type: string + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object name: description: Name of the referent maxLength: 53 @@ -5453,7 +6764,7 @@ spec: the payload authenticity properties: name: - description: Name of the referent + description: Name of the referent. type: string required: - name @@ -5582,7 +6893,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: helm-controller namespace: flux-system --- @@ -5592,7 +6903,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: image-automation-controller namespace: flux-system --- @@ -5602,7 +6913,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: image-reflector-controller namespace: flux-system --- @@ -5612,7 +6923,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: kustomize-controller namespace: flux-system --- @@ -5622,7 +6933,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: notification-controller namespace: flux-system --- @@ -5632,7 +6943,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: source-controller namespace: flux-system --- @@ -5642,7 +6953,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: crd-controller-flux-system rules: - apiGroups: @@ -5723,7 +7034,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -5743,7 +7054,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -5775,7 +7086,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 control-plane: controller name: notification-controller namespace: flux-system @@ -5795,7 +7106,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 control-plane: controller name: source-controller namespace: flux-system @@ -5815,7 +7126,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 control-plane: controller name: webhook-receiver namespace: flux-system @@ -5835,7 +7146,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 control-plane: controller name: helm-controller namespace: flux-system @@ -5854,7 +7165,7 @@ spec: spec: containers: - args: - - --events-addr=http://notification-controller.flux-system.svc.cluster.local/ + - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ - --watch-all-namespaces=true - --log-level=info - --log-encoding=json @@ -5864,7 +7175,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.14.0 + image: ghcr.io/fluxcd/helm-controller:v0.18.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5874,6 +7185,7 @@ spec: ports: - containerPort: 8080 name: http-prom + protocol: TCP - containerPort: 9440 name: healthz protocol: TCP @@ -5890,12 +7202,20 @@ spec: memory: 64Mi securityContext: allowPrivilegeEscalation: false + capabilities: + drop: + - ALL readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault volumeMounts: - mountPath: /tmp name: temp nodeSelector: kubernetes.io/os: linux + securityContext: + fsGroup: 1337 serviceAccountName: helm-controller terminationGracePeriodSeconds: 600 volumes: @@ -5908,7 +7228,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 control-plane: controller name: image-automation-controller namespace: flux-system @@ -5927,7 +7247,7 @@ spec: spec: containers: - args: - - --events-addr=http://notification-controller.flux-system.svc.cluster.local/ + - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ - --watch-all-namespaces=true - --log-level=info - --log-encoding=json @@ -5937,7 +7257,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-automation-controller:v0.18.0 + image: ghcr.io/fluxcd/image-automation-controller:v0.21.3 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5947,6 +7267,7 @@ spec: ports: - containerPort: 8080 name: http-prom + protocol: TCP - containerPort: 9440 name: healthz protocol: TCP @@ -5963,7 +7284,13 @@ spec: memory: 64Mi securityContext: allowPrivilegeEscalation: false + capabilities: + drop: + - ALL readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault volumeMounts: - mountPath: /tmp name: temp @@ -5983,7 +7310,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 control-plane: controller name: image-reflector-controller namespace: flux-system @@ -6002,7 +7329,7 @@ spec: spec: containers: - args: - - --events-addr=http://notification-controller.flux-system.svc.cluster.local/ + - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ - --watch-all-namespaces=true - --log-level=info - --log-encoding=json @@ -6012,7 +7339,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-reflector-controller:v0.14.0 + image: ghcr.io/fluxcd/image-reflector-controller:v0.17.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6022,6 +7349,7 @@ spec: ports: - containerPort: 8080 name: http-prom + protocol: TCP - containerPort: 9440 name: healthz protocol: TCP @@ -6038,7 +7366,13 @@ spec: memory: 64Mi securityContext: allowPrivilegeEscalation: false + capabilities: + drop: + - ALL readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault volumeMounts: - mountPath: /tmp name: temp @@ -6062,7 +7396,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 control-plane: controller name: kustomize-controller namespace: flux-system @@ -6081,7 +7415,7 @@ spec: spec: containers: - args: - - --events-addr=http://notification-controller.flux-system.svc.cluster.local/ + - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ - --watch-all-namespaces=true - --log-level=info - --log-encoding=json @@ -6091,7 +7425,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.18.1 + image: ghcr.io/fluxcd/kustomize-controller:v0.22.3 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6101,6 +7435,7 @@ spec: ports: - containerPort: 8080 name: http-prom + protocol: TCP - containerPort: 9440 name: healthz protocol: TCP @@ -6117,7 +7452,13 @@ spec: memory: 64Mi securityContext: allowPrivilegeEscalation: false + capabilities: + drop: + - ALL readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault volumeMounts: - mountPath: /tmp name: temp @@ -6137,7 +7478,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 control-plane: controller name: notification-controller namespace: flux-system @@ -6165,7 +7506,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v0.19.0 + image: ghcr.io/fluxcd/notification-controller:v0.23.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6175,10 +7516,13 @@ spec: ports: - containerPort: 9090 name: http + protocol: TCP - containerPort: 9292 name: http-webhook + protocol: TCP - containerPort: 8080 name: http-prom + protocol: TCP - containerPort: 9440 name: healthz protocol: TCP @@ -6195,12 +7539,20 @@ spec: memory: 64Mi securityContext: allowPrivilegeEscalation: false + capabilities: + drop: + - ALL readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault volumeMounts: - mountPath: /tmp name: temp nodeSelector: kubernetes.io/os: linux + securityContext: + fsGroup: 1337 serviceAccountName: notification-controller terminationGracePeriodSeconds: 10 volumes: @@ -6213,7 +7565,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 control-plane: controller name: source-controller namespace: flux-system @@ -6234,7 +7586,7 @@ spec: spec: containers: - args: - - --events-addr=http://notification-controller.flux-system.svc.cluster.local/ + - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ - --watch-all-namespaces=true - --log-level=info - --log-encoding=json @@ -6246,7 +7598,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/source-controller:v0.19.0 + image: ghcr.io/fluxcd/source-controller:v0.22.5 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6256,10 +7608,13 @@ spec: ports: - containerPort: 9090 name: http + protocol: TCP - containerPort: 8080 name: http-prom + protocol: TCP - containerPort: 9440 name: healthz + protocol: TCP readinessProbe: httpGet: path: / @@ -6273,7 +7628,13 @@ spec: memory: 64Mi securityContext: allowPrivilegeEscalation: false + capabilities: + drop: + - ALL readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault volumeMounts: - mountPath: /data name: data @@ -6297,7 +7658,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: allow-egress namespace: flux-system spec: @@ -6317,7 +7678,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: allow-scraping namespace: flux-system spec: @@ -6337,7 +7698,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.24.0 + app.kubernetes.io/version: v0.28.5 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From 6b0debf7a138c21bcb16bab8b2d16cc6193bc96c Mon Sep 17 00:00:00 2001 From: Flux <> Date: Sat, 9 Apr 2022 16:01:51 +0200 Subject: [PATCH 0145/1882] Add Flux sync manifests --- flux/cluster/base/flux-system/gotk-sync.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/base/flux-system/gotk-sync.yaml b/flux/cluster/base/flux-system/gotk-sync.yaml index ba2e481a..a1736b6f 100644 --- a/flux/cluster/base/flux-system/gotk-sync.yaml +++ b/flux/cluster/base/flux-system/gotk-sync.yaml @@ -1,6 +1,6 @@ # This manifest was generated by flux. DO NOT EDIT. --- -apiVersion: source.toolkit.fluxcd.io/v1beta1 +apiVersion: source.toolkit.fluxcd.io/v1beta2 kind: GitRepository metadata: name: flux-system -- 2.47.1 From f5299b9f78b3ccce775cc313ff7218ff3f53579b Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Thu, 28 Apr 2022 17:26:05 +0200 Subject: [PATCH 0146/1882] nixos: minecraft --- hosts.nix | 5 ++++ nixos/hosts/minecraft/configuration.nix | 38 +++++++++++++++++++++++++ 2 files changed, 43 insertions(+) create mode 100644 nixos/hosts/minecraft/configuration.nix diff --git a/hosts.nix b/hosts.nix index 747d493c..2f45c6b2 100644 --- a/hosts.nix +++ b/hosts.nix @@ -98,6 +98,11 @@ ip = "10.42.42.20"; mac = "1A:88:A0:B0:65:B4"; } + { + hostname = "minecraft"; + ip = "10.42.42.21"; + mac = "EA:30:73:E4:B6:69"; + } { hostname = "zmeura"; ip = "10.42.42.24"; diff --git a/nixos/hosts/minecraft/configuration.nix b/nixos/hosts/minecraft/configuration.nix new file mode 100644 index 00000000..91031cf8 --- /dev/null +++ b/nixos/hosts/minecraft/configuration.nix @@ -0,0 +1,38 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: +{ + imports = [ ]; + + networking.hostName = "minecraft"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + services.minecraft-server = { + enable = true; + declarative = true; + eula = true; + openFirewall = true; + serverProperties = { + server-port = 25565; + motd = "blahaj minecraft server!"; + white-list = true; + }; + whitelist = { + "0x76" = "5513404a-81a2-4c84-b952-18661b1803e7"; + }; + + package = pkgs.papermc; + }; +} -- 2.47.1 From 1e5fb89bfd3e1a6a0fff1c8e20237e18e5e52488 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Thu, 28 Apr 2022 17:32:33 +0200 Subject: [PATCH 0147/1882] nixos: minecraft: disable disable X11 --- nixos/hosts/minecraft/configuration.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/nixos/hosts/minecraft/configuration.nix b/nixos/hosts/minecraft/configuration.nix index 91031cf8..32b28fdc 100644 --- a/nixos/hosts/minecraft/configuration.nix +++ b/nixos/hosts/minecraft/configuration.nix @@ -19,6 +19,8 @@ # Additional packages environment.systemPackages = with pkgs; [ ]; + environment.noXlibs = lib.mkForce false; + services.minecraft-server = { enable = true; declarative = true; -- 2.47.1 From d525c437071eb11c600c3e6371cc80dd3ee64be6 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 28 Apr 2022 17:17:15 +0200 Subject: [PATCH 0148/1882] updates? --- .hosts.nix.swp | Bin 0 -> 12288 bytes flake.lock | 12 ++++++------ nixos/hosts/bastion/configuration.nix | 1 + nixos/hosts/plausible/configuration.nix | 1 + 4 files changed, 8 insertions(+), 6 deletions(-) create mode 100644 .hosts.nix.swp diff --git a/.hosts.nix.swp b/.hosts.nix.swp new file mode 100644 index 0000000000000000000000000000000000000000..f540e1361c8c021ffa2ce65a74b45ba30fc63191 GIT binary patch literal 12288 zcmeI2O^Dr86vtCVs_l$ci*9t0jxH?nX7cs&aZ16L_W_EE_%U6SF7nw4zL!j2l3`|~ zip7l!7YYh?Au1>e3U*PkT?j68A-E9S2nudo6mcP16bs@%?b4)F)? zdiKWcuoX-JrT|lbDZmt93NQtj0!#s>z^+vwS>40Ei0E(1cd(IP_f)R=uk6AUUz%Eq4ayf3_EnqK#$N&F}zyJTegX8`IKY_2o8(3bKLjfJU9nF0k45g za2y;1PXh_u3ogxZ+&AC?I1kQ&x4;?jBoILh90v2?@BJM2Gx!pG3O)uOf>%KbmO&qM zz)|o3m;=Az4_!fK)-T^Ox(_jNw;4z?pyTP4c9$dZ++JP^?MerFo3(f!sJO!Qr zkAerm0r2~+@Chz~@4y9c7Q6{w2OGcwCJ;dj90mu$73A*+a1ne2-Usi3SHLOoFgOGb zfH^S9_b#kg7BW+SDZmu?{}njF@%(AP^LP!7Kg#>oF!qj221b^HfdyG1LnB`$Lnfm` zozBAacCe~uw);w=A{ybvXJ}|LMszF+ZREcDPbbaQhJ}^?G*^Dib%*M-+gsHQ`IBcCHjXay& zHhBX1?Rqbgl8=|YY>vEiY*ifP!iyd3i8=zA0;z2>i}k_kmgps+#%>x0eo$}L=#wFm zDw5nLT_JIhFRz#t>(VoQl`%lFl5ya~6$ecfq$58HX#x#8q$s2|c`OoG7HD;7rEy>n zt3{D(By>nnsokf(mKCSaZP<*KkC#o4f-s0GTgc6tDhUb+CUtux49IATSk29@jw3%9 zPAb?9r?T*T*%wAz)9Slg*SRkQKTt_lNsbFq~CLLU9K?N3M1ER&`|AAS0dfW_SGFwr>KFZ^H9~D zY`X80?_r7KTUS?XY2>rP z7mv|$^pgip%i5_YQ=x%LeTCZiQh@|s?@NWPP6C@Kn=NsQZm!f)p-VY5&pqjlqcrix JxeUj-{{YU4d8GgV literal 0 HcmV?d00001 diff --git a/flake.lock b/flake.lock index ec53ba11..25467e55 100644 --- a/flake.lock +++ b/flake.lock @@ -196,11 +196,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1648632716, - "narHash": "sha256-kCmnDeiaMsdhfnNKjxdOzwRh2H6eQb8yWAL+nNabC/Y=", + "lastModified": 1650701402, + "narHash": "sha256-XKfstdtqDg+O+gNBx1yGVKWIhLgfEDg/e2lvJSsp9vU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "710fed5a2483f945b14f4a58af2cd3676b42d8c8", + "rev": "bc41b01dd7a9fdffd32d9b03806798797532a5fe", "type": "github" }, "original": { @@ -285,11 +285,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1644387507, - "narHash": "sha256-PX1sWtet0N0s83SKdZVR0zFJ1CiN86Cw/IEeQe1s4MY=", + "lastModified": 1649618806, + "narHash": "sha256-yxgmHPk7EiAYfVytISvtQ5uuCWcnZRs3pFxXFbqUUD8=", "owner": "serokell", "repo": "serokell.nix", - "rev": "e40718ac932e7c629c5f863ed27c72d516dc1356", + "rev": "8663c86146ada9b3169546bae6c5746e362ec86f", "type": "github" }, "original": { diff --git a/nixos/hosts/bastion/configuration.nix b/nixos/hosts/bastion/configuration.nix index 5668c0b9..8910d783 100644 --- a/nixos/hosts/bastion/configuration.nix +++ b/nixos/hosts/bastion/configuration.nix @@ -43,6 +43,7 @@ in { kubectl kubectx nixfmt + nix-prefetch-git ripgrep rsync tmux diff --git a/nixos/hosts/plausible/configuration.nix b/nixos/hosts/plausible/configuration.nix index a4c0b258..20ca0596 100644 --- a/nixos/hosts/plausible/configuration.nix +++ b/nixos/hosts/plausible/configuration.nix @@ -29,6 +29,7 @@ in { services.plausible = { enable = false; + releaseCookiePath = "${vs.plausible}/cookie"; server = { baseUrl = "https://analytics.0x76.dev"; secretKeybaseFile = "${vs.plausible}/secretkeybase"; -- 2.47.1 From aec776d1cb85ef29ed7c9e226419686e5a0abeda Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 29 Apr 2022 22:24:44 +0200 Subject: [PATCH 0149/1882] add gitea --- .hosts.nix.swp | Bin 12288 -> 0 bytes flake.lock | 18 +++++----- flake.nix | 2 +- hosts.nix | 5 +++ nixos/hosts/bastion/configuration.nix | 6 ++-- nixos/hosts/gitea/configuration.nix | 43 ++++++++++++++++++++++++ nixos/hosts/minecraft/configuration.nix | 3 +- nixos/hosts/nginx/configuration.nix | 3 +- 8 files changed, 66 insertions(+), 14 deletions(-) delete mode 100644 .hosts.nix.swp create mode 100644 nixos/hosts/gitea/configuration.nix diff --git a/.hosts.nix.swp b/.hosts.nix.swp deleted file mode 100644 index f540e1361c8c021ffa2ce65a74b45ba30fc63191..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 12288 zcmeI2O^Dr86vtCVs_l$ci*9t0jxH?nX7cs&aZ16L_W_EE_%U6SF7nw4zL!j2l3`|~ zip7l!7YYh?Au1>e3U*PkT?j68A-E9S2nudo6mcP16bs@%?b4)F)? zdiKWcuoX-JrT|lbDZmt93NQtj0!#s>z^+vwS>40Ei0E(1cd(IP_f)R=uk6AUUz%Eq4ayf3_EnqK#$N&F}zyJTegX8`IKY_2o8(3bKLjfJU9nF0k45g za2y;1PXh_u3ogxZ+&AC?I1kQ&x4;?jBoILh90v2?@BJM2Gx!pG3O)uOf>%KbmO&qM zz)|o3m;=Az4_!fK)-T^Ox(_jNw;4z?pyTP4c9$dZ++JP^?MerFo3(f!sJO!Qr zkAerm0r2~+@Chz~@4y9c7Q6{w2OGcwCJ;dj90mu$73A*+a1ne2-Usi3SHLOoFgOGb zfH^S9_b#kg7BW+SDZmu?{}njF@%(AP^LP!7Kg#>oF!qj221b^HfdyG1LnB`$Lnfm` zozBAacCe~uw);w=A{ybvXJ}|LMszF+ZREcDPbbaQhJ}^?G*^Dib%*M-+gsHQ`IBcCHjXay& zHhBX1?Rqbgl8=|YY>vEiY*ifP!iyd3i8=zA0;z2>i}k_kmgps+#%>x0eo$}L=#wFm zDw5nLT_JIhFRz#t>(VoQl`%lFl5ya~6$ecfq$58HX#x#8q$s2|c`OoG7HD;7rEy>n zt3{D(By>nnsokf(mKCSaZP<*KkC#o4f-s0GTgc6tDhUb+CUtux49IATSk29@jw3%9 zPAb?9r?T*T*%wAz)9Slg*SRkQKTt_lNsbFq~CLLU9K?N3M1ER&`|AAS0dfW_SGFwr>KFZ^H9~D zY`X80?_r7KTUS?XY2>rP z7mv|$^pgip%i5_YQ=x%LeTCZiQh@|s?@NWPP6C@Kn=NsQZm!f)p-VY5&pqjlqcrix JxeUj-{{YU4d8GgV diff --git a/flake.lock b/flake.lock index 25467e55..27115172 100644 --- a/flake.lock +++ b/flake.lock @@ -196,16 +196,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1650701402, - "narHash": "sha256-XKfstdtqDg+O+gNBx1yGVKWIhLgfEDg/e2lvJSsp9vU=", - "owner": "NixOS", + "lastModified": 1651233872, + "narHash": "sha256-87MbbcxR/lvRVFp+peNqWBcrbrGFmRlbnzskeZkvuNY=", + "owner": "NULLx76", "repo": "nixpkgs", - "rev": "bc41b01dd7a9fdffd32d9b03806798797532a5fe", + "rev": "85f977180abcb7a89bc9cc7c8f325026f3fb4b9e", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixos-unstable", + "owner": "NULLx76", + "ref": "papermc-update-1.18.2-313", "repo": "nixpkgs", "type": "github" } @@ -285,11 +285,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1649618806, - "narHash": "sha256-yxgmHPk7EiAYfVytISvtQ5uuCWcnZRs3pFxXFbqUUD8=", + "lastModified": 1650983357, + "narHash": "sha256-gejH/rmDTcTvQeWrYzamFLvi0tXd2nDDBCA7/bHIhxE=", "owner": "serokell", "repo": "serokell.nix", - "rev": "8663c86146ada9b3169546bae6c5746e362ec86f", + "rev": "621f2698ec1c870c65a408a9470caa73adc3ca87", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 14efdd66..880c862e 100644 --- a/flake.nix +++ b/flake.nix @@ -7,7 +7,7 @@ inputs = { deploy-rs.url = "github:serokell/deploy-rs"; - nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:NULLx76/nixpkgs/papermc-update-1.18.2-313"; serokell-nix.url = "github:serokell/serokell.nix"; vault-secrets.url = "github:serokell/vault-secrets"; }; diff --git a/hosts.nix b/hosts.nix index 2f45c6b2..9fd728d6 100644 --- a/hosts.nix +++ b/hosts.nix @@ -103,6 +103,11 @@ ip = "10.42.42.21"; mac = "EA:30:73:E4:B6:69"; } + { + hostname = "gitea"; + ip = "10.42.42.22"; + mac = "DE:5F:B0:83:6F:34"; + } { hostname = "zmeura"; ip = "10.42.42.24"; diff --git a/nixos/hosts/bastion/configuration.nix b/nixos/hosts/bastion/configuration.nix index 8910d783..ee7cb342 100644 --- a/nixos/hosts/bastion/configuration.nix +++ b/nixos/hosts/bastion/configuration.nix @@ -9,7 +9,7 @@ let if [[ -d "$HOME/.vscode-server/bin" ]]; then for versiondir in "$HOME"/.vscode-server/bin/*; do rm "$versiondir/node" - ln -s "${pkgs.nodejs-14_x}/bin/node" "$versiondir/node" + ln -s "${pkgs.nodejs-16_x}/bin/node" "$versiondir/node" done fi ''; @@ -42,9 +42,11 @@ in { k9s kubectl kubectx - nixfmt nix-prefetch-git + nixpkgs-fmt + nixpkgs-review ripgrep + rnix-lsp rsync tmux vault diff --git a/nixos/hosts/gitea/configuration.nix b/nixos/hosts/gitea/configuration.nix new file mode 100644 index 00000000..57788609 --- /dev/null +++ b/nixos/hosts/gitea/configuration.nix @@ -0,0 +1,43 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ lib, config, pkgs, ... }: +{ + imports = [ ]; + + networking.hostName = "gitea"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + environment.noXlibs = lib.mkForce false; + + networking.firewall.allowedTCPPorts = [ config.services.gitea.httpPort ]; + + services.gitea = { + enable = true; + domain = "git.0x76.dev"; + rootUrl = "https://git.0x76.dev"; + lfs.enable = true; + dump.type = "tar.gz"; + database.type = "postgres"; + ssh.clonePort = 42; + disableRegistration = true; + + settings = { + ui = { + DEFAULT_THEME = "arc-green"; + USE_SERVICE_WORKER = true; + }; + }; + }; +} diff --git a/nixos/hosts/minecraft/configuration.nix b/nixos/hosts/minecraft/configuration.nix index 32b28fdc..cdd60b47 100644 --- a/nixos/hosts/minecraft/configuration.nix +++ b/nixos/hosts/minecraft/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: +{ lib, config, pkgs, ... }: { imports = [ ]; @@ -33,6 +33,7 @@ }; whitelist = { "0x76" = "5513404a-81a2-4c84-b952-18661b1803e7"; + red_shifts = "e0afdee5-e776-49a9-a0cd-c8753faf4255"; }; package = pkgs.papermc; diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index 78676bce..3a462ef3 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -31,9 +31,10 @@ in { recommendedTlsSettings = true; # Reverse Proxies - virtualHosts."ha.0x76.dev" = proxy "http://10.42.42.8:8123/"; + virtualHosts."ha.0x76.dev" = proxy "http://home-assistant.olympus:8123/"; virtualHosts."zookeeper-dev.0x76.dev" = proxy "http://eevee.olympus:8085/"; virtualHosts."analytics.0x76.dev" = proxy "http://plausible.olympus:8000/"; + virtualHosts."git.0x76.dev" = proxy "http://gitea.olympus:3000"; # Kubernetes endpoints virtualHosts."0x76.dev" = k8s_proxy; -- 2.47.1 From 617b854263eca3719755c841c327ccc8111e56f6 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 5 May 2022 15:16:37 +0200 Subject: [PATCH 0150/1882] minecraft --- flake.lock | 93 +++++++++++++++++++++---- flake.nix | 4 ++ nixos/common/default.nix | 2 +- nixos/hosts/minecraft/configuration.nix | 11 ++- 4 files changed, 95 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 27115172..e00e1850 100644 --- a/flake.lock +++ b/flake.lock @@ -67,6 +67,21 @@ } }, "flake-utils": { + "locked": { + "lastModified": 1644229661, + "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { "locked": { "lastModified": 1631561581, "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=", @@ -80,7 +95,7 @@ "type": "indirect" } }, - "flake-utils_2": { + "flake-utils_3": { "locked": { "lastModified": 1631561581, "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=", @@ -142,10 +157,29 @@ "type": "github" } }, + "minecraft-servers": { + "inputs": { + "nixpkgs": "nixpkgs_2", + "utils": "utils_2" + }, + "locked": { + "lastModified": 1651222568, + "narHash": "sha256-7qdugZJHKcGIv+KPPTpY7wZhw3pNJ3zR4lVOuf0LduI=", + "owner": "jyooru", + "repo": "nix-minecraft-servers", + "rev": "62fe6124dc65a84144f83cdbdbc2aa4c0a8cc29f", + "type": "github" + }, + "original": { + "owner": "jyooru", + "repo": "nix-minecraft-servers", + "type": "github" + } + }, "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs_3" + "nixpkgs": "nixpkgs_4" }, "locked": { "lastModified": 1633098935, @@ -163,7 +197,7 @@ "nix_2": { "inputs": { "lowdown-src": "lowdown-src_2", - "nixpkgs": "nixpkgs_5" + "nixpkgs": "nixpkgs_6" }, "locked": { "lastModified": 1633098935, @@ -195,6 +229,22 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1646506091, + "narHash": "sha256-sWNAJE2m+HOh1jtXlHcnhxsj6/sXrHgbqVNcVRlveK4=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "3e644bd62489b516292c816f70bf0052c693b3c7", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1651233872, "narHash": "sha256-87MbbcxR/lvRVFp+peNqWBcrbrGFmRlbnzskeZkvuNY=", @@ -210,7 +260,7 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_4": { "locked": { "lastModified": 1632864508, "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", @@ -225,7 +275,7 @@ "type": "indirect" } }, - "nixpkgs_4": { + "nixpkgs_5": { "locked": { "lastModified": 1632495107, "narHash": "sha256-4NGE56r+FJGBaCYu3CTH4O83Ys4TrtnEPXrvdwg1TDs=", @@ -239,7 +289,7 @@ "type": "indirect" } }, - "nixpkgs_5": { + "nixpkgs_6": { "locked": { "lastModified": 1632864508, "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", @@ -254,7 +304,7 @@ "type": "indirect" } }, - "nixpkgs_6": { + "nixpkgs_7": { "locked": { "lastModified": 1632495107, "narHash": "sha256-4NGE56r+FJGBaCYu3CTH4O83Ys4TrtnEPXrvdwg1TDs=", @@ -271,7 +321,8 @@ "root": { "inputs": { "deploy-rs": "deploy-rs", - "nixpkgs": "nixpkgs_2", + "minecraft-servers": "minecraft-servers", + "nixpkgs": "nixpkgs_3", "serokell-nix": "serokell-nix", "vault-secrets": "vault-secrets" } @@ -279,10 +330,10 @@ "serokell-nix": { "inputs": { "flake-compat": "flake-compat_2", - "flake-utils": "flake-utils", + "flake-utils": "flake-utils_2", "gitignore-nix": "gitignore-nix", "nix": "nix", - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_5" }, "locked": { "lastModified": 1650983357, @@ -313,12 +364,30 @@ "type": "github" } }, + "utils_2": { + "inputs": { + "flake-utils": "flake-utils" + }, + "locked": { + "lastModified": 1647259887, + "narHash": "sha256-yEkMbEHVO9qydluQ3uHGWX1PkfZhgDKxnd1rhZYZ72w=", + "owner": "gytis-ivaskevicius", + "repo": "flake-utils-plus", + "rev": "06dba5f3b4fa2cc0bfc98ce9cd6f9a4d8db11d46", + "type": "github" + }, + "original": { + "owner": "gytis-ivaskevicius", + "repo": "flake-utils-plus", + "type": "github" + } + }, "vault-secrets": { "inputs": { "flake-compat": "flake-compat_3", - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils_3", "nix": "nix_2", - "nixpkgs": "nixpkgs_6" + "nixpkgs": "nixpkgs_7" }, "locked": { "lastModified": 1633626134, diff --git a/flake.nix b/flake.nix index 880c862e..72a0c1fb 100644 --- a/flake.nix +++ b/flake.nix @@ -10,6 +10,7 @@ nixpkgs.url = "github:NULLx76/nixpkgs/papermc-update-1.18.2-313"; serokell-nix.url = "github:serokell/serokell.nix"; vault-secrets.url = "github:serokell/vault-secrets"; + minecraft-servers.url = "github:jyooru/nix-minecraft-servers"; }; outputs = @@ -27,6 +28,9 @@ modules = [ ./nixos/common "${./.}/nixos/hosts/${profile}/configuration.nix" + ({ pkgs, ... }: { + nixpkgs.overlays = [ ]; + }) ] ++ (if lxc then [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./nixos/common/generic-lxc.nix diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 34a7d23e..d2812adf 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -37,7 +37,7 @@ }; nixpkgs.config.allowUnfree = true; - nixpkgs.overlays = [ (import ../pkgs) ]; + nixpkgs.overlays = [ (import ../pkgs) inputs.minecraft-servers.overlay ]; # Limit the systemd journal to 100 MB of disk or the # last 7 days of logs, whichever happens first. diff --git a/nixos/hosts/minecraft/configuration.nix b/nixos/hosts/minecraft/configuration.nix index cdd60b47..53ccfaeb 100644 --- a/nixos/hosts/minecraft/configuration.nix +++ b/nixos/hosts/minecraft/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ lib, config, pkgs, ... }: +{ lib, config, pkgs, inputs, ... }: { imports = [ ]; @@ -21,8 +21,13 @@ environment.noXlibs = lib.mkForce false; + networking.firewall.allowedTCPPorts = [ config.services.minecraft-server.serverProperties."rcon.port"]; + services.minecraft-server = { enable = true; + package = pkgs.minecraftServers.purpur_1_18_2; + jvmOpts = "--add-modules=jdk.incubator.vector -Xmx2048M -Xms2048M"; + declarative = true; eula = true; openFirewall = true; @@ -30,12 +35,14 @@ server-port = 25565; motd = "blahaj minecraft server!"; white-list = true; + enable-rcon = true; + "timings.enabled" = false; }; whitelist = { "0x76" = "5513404a-81a2-4c84-b952-18661b1803e7"; red_shifts = "e0afdee5-e776-49a9-a0cd-c8753faf4255"; + iampilot = "4055515e-0567-4610-972e-8e530a5a9ccb"; }; - package = pkgs.papermc; }; } -- 2.47.1 From 97dbb873731c13fe4a64384312a45619bce631fa Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 6 May 2022 17:41:05 +0200 Subject: [PATCH 0151/1882] added wireguard --- flake.lock | 24 ++++----- flake.nix | 5 +- hosts.nix | 10 ++++ nixos/hosts/headscale/configuration.nix | 72 +++++++++++++++++++++++++ nixos/hosts/minecraft/configuration.nix | 5 +- nixos/hosts/minio/configuration.nix | 9 +++- nixos/hosts/mosquitto/configuration.nix | 7 ++- nixos/hosts/nginx/configuration.nix | 46 +++++++++++++++- nixos/hosts/plausible/configuration.nix | 5 +- nixos/hosts/wireguard/configuration.nix | 50 +++++++++++++++++ 10 files changed, 204 insertions(+), 29 deletions(-) create mode 100644 nixos/hosts/headscale/configuration.nix create mode 100644 nixos/hosts/wireguard/configuration.nix diff --git a/flake.lock b/flake.lock index e00e1850..cd70f4b0 100644 --- a/flake.lock +++ b/flake.lock @@ -163,11 +163,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1651222568, - "narHash": "sha256-7qdugZJHKcGIv+KPPTpY7wZhw3pNJ3zR4lVOuf0LduI=", + "lastModified": 1651799536, + "narHash": "sha256-+y4oD+E3PseG5jRhlfpBCSLOs1TKKtCWL/AsFCPXQYU=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "62fe6124dc65a84144f83cdbdbc2aa4c0a8cc29f", + "rev": "1d9335ce68b66262a25037c81e81f49363e5cb04", "type": "github" }, "original": { @@ -246,16 +246,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1651233872, - "narHash": "sha256-87MbbcxR/lvRVFp+peNqWBcrbrGFmRlbnzskeZkvuNY=", - "owner": "NULLx76", + "lastModified": 1651827164, + "narHash": "sha256-w1niZCq4rhXX+23xLvrA5KR9OqT/72e5Mx/pfz/bZYU=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "85f977180abcb7a89bc9cc7c8f325026f3fb4b9e", + "rev": "98000933d72a97632caf0db0027ea3eb2e5e7f29", "type": "github" }, "original": { - "owner": "NULLx76", - "ref": "papermc-update-1.18.2-313", + "owner": "nixos", + "ref": "nixos-unstable-small", "repo": "nixpkgs", "type": "github" } @@ -336,11 +336,11 @@ "nixpkgs": "nixpkgs_5" }, "locked": { - "lastModified": 1650983357, - "narHash": "sha256-gejH/rmDTcTvQeWrYzamFLvi0tXd2nDDBCA7/bHIhxE=", + "lastModified": 1651674183, + "narHash": "sha256-voNo/SzDmjXdk77gq2PRe7E+yJlw/zNuyHij8lNiZDE=", "owner": "serokell", "repo": "serokell.nix", - "rev": "621f2698ec1c870c65a408a9470caa73adc3ca87", + "rev": "826a2c4c8987766640885f4dc8af344e90abb149", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 72a0c1fb..e0a378d0 100644 --- a/flake.nix +++ b/flake.nix @@ -7,7 +7,7 @@ inputs = { deploy-rs.url = "github:serokell/deploy-rs"; - nixpkgs.url = "github:NULLx76/nixpkgs/papermc-update-1.18.2-313"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; serokell-nix.url = "github:serokell/serokell.nix"; vault-secrets.url = "github:serokell/vault-secrets"; minecraft-servers.url = "github:jyooru/nix-minecraft-servers"; @@ -28,9 +28,6 @@ modules = [ ./nixos/common "${./.}/nixos/hosts/${profile}/configuration.nix" - ({ pkgs, ... }: { - nixpkgs.overlays = [ ]; - }) ] ++ (if lxc then [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./nixos/common/generic-lxc.nix diff --git a/hosts.nix b/hosts.nix index 9fd728d6..ac78c543 100644 --- a/hosts.nix +++ b/hosts.nix @@ -108,12 +108,22 @@ ip = "10.42.42.22"; mac = "DE:5F:B0:83:6F:34"; } + { + hostname = "headscale"; + ip = "10.42.42.23"; + mac = "76:31:39:8B:2D:43"; + } { hostname = "zmeura"; ip = "10.42.42.24"; mac = "b8:27:eb:d5:e0:f5"; nix = false; } + { + hostname = "wireguard"; + ip = "10.42.42.25"; + mac = "1E:ED:97:2C:C3:9D"; + } { hostname = "nuc"; ip = "10.42.42.42"; diff --git a/nixos/hosts/headscale/configuration.nix b/nixos/hosts/headscale/configuration.nix new file mode 100644 index 00000000..db446096 --- /dev/null +++ b/nixos/hosts/headscale/configuration.nix @@ -0,0 +1,72 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ lib, config, pkgs, inputs, ... }: +{ + imports = [ ]; + + networking.hostName = "headscale"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + environment.noXlibs = lib.mkForce false; + + networking.firewall.allowedTCPPorts = [ config.services.headscale.port 50443 ]; + + services.postgresql = + let + db_name = config.services.headscale.database.name; + db_user = config.services.headscale.database.user; + in + { + enable = false; + package = pkgs.postgresql_13; + ensureDatabases = [ db_name ]; + authentication = "host ${db_name} ${db_user} 127.0.0.1/32 trust"; + ensureUsers = [ + { + name = db_user; + ensurePermissions = { "DATABASE ${db_name}" = "ALL PRIVILEGES"; }; + } + ]; + }; + + services.headscale = { + enable = false; + address = "0.0.0.0"; + serverUrl = "https://vpn.0x76.dev"; + logLevel = "debug"; + + settings = { + grpc_listen_addr = "0.0.0.0:50443"; + grpc_allow_insecure = true; + + ip_prefixes = [ + "fd7a:115c:a1e0::/48" + "100.64.0.0/10" + ]; + }; + + database = { + type = "postgres"; + port = config.services.postgresql.port; + name = "headscale"; + user = "headscale"; + host = "127.0.0.1"; + }; + }; + + systemd.services.headscale.environment = { + GIN_MODE = "release"; + }; +} diff --git a/nixos/hosts/minecraft/configuration.nix b/nixos/hosts/minecraft/configuration.nix index 53ccfaeb..1b0bba5c 100644 --- a/nixos/hosts/minecraft/configuration.nix +++ b/nixos/hosts/minecraft/configuration.nix @@ -21,11 +21,11 @@ environment.noXlibs = lib.mkForce false; - networking.firewall.allowedTCPPorts = [ config.services.minecraft-server.serverProperties."rcon.port"]; + networking.firewall.allowedTCPPorts = [ ]; services.minecraft-server = { enable = true; - package = pkgs.minecraftServers.purpur_1_18_2; + package = pkgs.minecraftServers.purpur_1_18; jvmOpts = "--add-modules=jdk.incubator.vector -Xmx2048M -Xms2048M"; declarative = true; @@ -43,6 +43,5 @@ red_shifts = "e0afdee5-e776-49a9-a0cd-c8753faf4255"; iampilot = "4055515e-0567-4610-972e-8e530a5a9ccb"; }; - }; } diff --git a/nixos/hosts/minio/configuration.nix b/nixos/hosts/minio/configuration.nix index 35df6915..ad3b26d4 100644 --- a/nixos/hosts/minio/configuration.nix +++ b/nixos/hosts/minio/configuration.nix @@ -3,7 +3,10 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: -let vs = config.vault-secrets.secrets; +let + vs = config.vault-secrets.secrets; + listenPort = 9000; + consolePort = 9001; in { imports = [ ]; @@ -20,12 +23,14 @@ in { # Additional packages environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ 9000 9001 ]; + networking.firewall.allowedTCPPorts = [ listenPort consolePort ]; vault-secrets.secrets.minio = { }; services.minio = { enable = true; rootCredentialsFile = "${vs.minio}/environment"; + listenAddress = ":${toString listenPort}"; + consoleAddress = ":${toString consolePort}"; }; } diff --git a/nixos/hosts/mosquitto/configuration.nix b/nixos/hosts/mosquitto/configuration.nix index 5a13ba51..1fbe8b32 100644 --- a/nixos/hosts/mosquitto/configuration.nix +++ b/nixos/hosts/mosquitto/configuration.nix @@ -4,7 +4,8 @@ { config, pkgs, ... }: let mosquittoPort = 1883; -in { +in +{ imports = [ ]; networking.hostName = "mosquitto"; @@ -21,11 +22,9 @@ in { environment.systemPackages = with pkgs; [ ]; services.mosquitto = { - enable = true; - listeners = [{ - port = 1883; + port = mosquittoPort; settings.allow_anonymous = true; acl = [ "topic readwrite #" ]; users = { diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index 3a462ef3..5a155350 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -9,7 +9,8 @@ let }; }; k8s_proxy = proxy "http://10.42.42.150:8000/"; -in { +in +{ networking.hostName = "nginx"; # This value determines the NixOS release from which the default @@ -33,7 +34,7 @@ in { # Reverse Proxies virtualHosts."ha.0x76.dev" = proxy "http://home-assistant.olympus:8123/"; virtualHosts."zookeeper-dev.0x76.dev" = proxy "http://eevee.olympus:8085/"; - virtualHosts."analytics.0x76.dev" = proxy "http://plausible.olympus:8000/"; + # virtualHosts."analytics.0x76.dev" = proxy "http://plausible.olympus:8000/"; virtualHosts."git.0x76.dev" = proxy "http://gitea.olympus:3000"; # Kubernetes endpoints @@ -41,6 +42,47 @@ in { virtualHosts."zookeeper.0x76.dev" = k8s_proxy; virtualHosts."wooloofan.club" = k8s_proxy; virtualHosts."whoami.wooloofan.club" = k8s_proxy; + + # Headscale + virtualHosts."vpn.0x76.dev" = { + enableACME = true; + forceSSL = true; + + locations = { + "/headscale." = { + extraConfig = '' + grpc_pass grpc://headscale.olympus:50443; + ''; + priority = 1; + }; + + # "/metrics" = { + # proxyPass = "http://plausible.olympus:9090"; + # extraConfig = '' + # allow 10.0.0.0/8; + # allow 100.64.0.0/16; + # deny all; + # ''; + # priority = 2; + # }; + + "/" = { + proxyPass = "http://headscale.olympus:8080"; + proxyWebsockets = true; + extraConfig = '' + keepalive_requests 100000; + keepalive_timeout 160s; + proxy_buffering off; + proxy_connect_timeout 75; + proxy_ignore_client_abort on; + proxy_read_timeout 900s; + proxy_send_timeout 600; + send_timeout 600; + ''; + priority = 99; + }; + }; + }; }; security.acme.defaults.email = "victorheld12@gmail.com"; diff --git a/nixos/hosts/plausible/configuration.nix b/nixos/hosts/plausible/configuration.nix index 20ca0596..999c2ef8 100644 --- a/nixos/hosts/plausible/configuration.nix +++ b/nixos/hosts/plausible/configuration.nix @@ -3,10 +3,11 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: -let +let vs = config.vault-secrets.secrets; cfg = config.services.plausible; -in { +in +{ imports = [ ]; networking.hostName = "plausible"; diff --git a/nixos/hosts/wireguard/configuration.nix b/nixos/hosts/wireguard/configuration.nix new file mode 100644 index 00000000..68c4554f --- /dev/null +++ b/nixos/hosts/wireguard/configuration.nix @@ -0,0 +1,50 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ lib, config, pkgs, inputs, ... }: +let vs = config.vault-secrets.secrets; in +{ + imports = [ ]; + + networking.hostName = "wireguard"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ wireguard-tools ]; + + environment.noXlibs = lib.mkForce false; + + networking.firewall.allowedUDPPorts = [ config.networking.wireguard.interfaces.wg0.listenPort ]; + + vault-secrets.secrets.wireguard = { + services = [ "wireguard-wg0" ]; + }; + + networking.nat = { + enable = true; + internalInterfaces = [ "wg0" ]; + externalInterface = "eth0"; + }; + + networking.wireguard.interfaces.wg0 = { + ips = [ "10.100.0.1/24" ]; + listenPort = 51820; + privateKeyFile = "${vs.wireguard}/privateKey"; + + peers = [ + { + # Phone + publicKey = "K+99mvSYs4urcclreQDLA1pekD4xtu/mpS2uVWw8Bws="; + allowedIPs = [ "10.100.0.2/32" ]; + } + ]; + }; +} -- 2.47.1 From 69afb7a9c36e1aa98835d5832ec119f48340408f Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 6 May 2022 18:31:03 +0200 Subject: [PATCH 0152/1882] update bootstrap url --- flux/bootstrap.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/bootstrap.sh b/flux/bootstrap.sh index b5d05021..9316f981 100755 --- a/flux/bootstrap.sh +++ b/flux/bootstrap.sh @@ -1,2 +1,2 @@ #!/bin/sh -flux bootstrap git --url=ssh://git@git.xirion.net:2222/0x76/infrastructure.git --branch=main --path=flux/cluster/base/ --ssh-key-algorithm=ed25519 --components-extra=image-reflector-controller,image-automation-controller +flux bootstrap git --url=ssh://gitea@git.0x76.dev:42/v/infrastructure.git --branch=main --path=flux/cluster/base/ --ssh-key-algorithm=ed25519 --components-extra=image-reflector-controller,image-automation-controller -- 2.47.1 From 7a633e08a5da3910e7a7add49177340dfbef5cc6 Mon Sep 17 00:00:00 2001 From: Flux <> Date: Fri, 6 May 2022 18:45:54 +0200 Subject: [PATCH 0153/1882] Add Flux v0.30.2 component manifests --- .../base/flux-system/gotk-components.yaml | 160 ++++++++++-------- 1 file changed, 94 insertions(+), 66 deletions(-) diff --git a/flux/cluster/base/flux-system/gotk-components.yaml b/flux/cluster/base/flux-system/gotk-components.yaml index 35d3661a..c7d383c5 100644 --- a/flux/cluster/base/flux-system/gotk-components.yaml +++ b/flux/cluster/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.28.5 +# Flux Version: v0.30.2 # Components: source-controller,kustomize-controller,helm-controller,notification-controller,image-reflector-controller,image-automation-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -22,7 +22,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -243,7 +243,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -753,7 +753,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -897,8 +897,8 @@ spec: secretRef: description: The secret name containing the Git credentials. For HTTPS repositories the secret must contain username and password fields. - For SSH repositories the secret must contain identity, identity.pub - and known_hosts fields. + For SSH repositories the secret must contain identity and known_hosts + fields. properties: name: description: Name of the referent. @@ -1241,8 +1241,7 @@ spec: description: SecretRef specifies the Secret containing authentication credentials for the GitRepository. For HTTPS repositories the Secret must contain 'username' and 'password' fields. For SSH repositories - the Secret must contain 'identity', 'identity.pub' and 'known_hosts' - fields. + the Secret must contain 'identity' and 'known_hosts' fields. properties: name: description: Name of the referent. @@ -1480,7 +1479,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2046,7 +2045,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -2278,20 +2277,28 @@ spec: type: string kubeConfig: description: KubeConfig for reconciling the HelmRelease on a remote - cluster. When specified, KubeConfig takes precedence over ServiceAccountName. + cluster. When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at + the target cluster. If the --default-service-account flag is set, + its value will be used as a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. properties: secretRef: description: SecretRef holds the name to a secret that contains - a 'value' key with the kubeconfig file as the value. It must - be in the same namespace as the HelmRelease. It is recommended - that the kubeconfig is self-contained, and the secret is regularly - updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without - adding binaries and credentials to the Pod that is responsible - for reconciling the HelmRelease. + a key with the kubeconfig file as the value. If no key is specified + the key will default to 'value'. The secret must be in the same + namespace as the HelmRelease. It is recommended that the kubeconfig + is self-contained, and the secret is regularly updated if credentials + such as a cloud-access-token expire. Cloud specific `cmd-path` + auth helpers will not function without adding binaries and credentials + to the Pod that is responsible for reconciling the HelmRelease. properties: + key: + description: Key in the Secret, when not specified an implementation-specific + default key is used. + type: string name: - description: Name of the referent. + description: Name of the Secret. type: string required: - name @@ -2885,7 +2892,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3366,7 +3373,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: imagepolicies.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3957,7 +3964,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: imagerepositories.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -4403,6 +4410,11 @@ spec: required: - name type: object + serviceAccountName: + description: ServiceAccountName is the name of the Kubernetes ServiceAccount + used to authenticate the image pull if the service account has attached + pull secrets. + type: string suspend: description: This flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults @@ -4533,7 +4545,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: imageupdateautomations.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -5347,7 +5359,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -6033,21 +6045,28 @@ spec: type: string kubeConfig: description: The KubeConfig for reconciling the Kustomization on a - remote cluster. When specified, KubeConfig takes precedence over - ServiceAccountName. + remote cluster. When used in combination with KustomizationSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at + the target cluster. If the --default-service-account flag is set, + its value will be used as a controller level fallback for when KustomizationSpec.ServiceAccountName + is empty. properties: secretRef: - description: SecretRef holds the name to a secret that contains - a 'value' key with the kubeconfig file as the value. It must - be in the same namespace as the Kustomization. It is recommended - that the kubeconfig is self-contained, and the secret is regularly - updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without - adding binaries and credentials to the Pod that is responsible - for reconciling the Kustomization. + description: SecretRef holds the name of a secret that contains + a key with the kubeconfig file as the value. If no key is set, + the key will default to 'value'. The secret must be in the same + namespace as the Kustomization. It is recommended that the kubeconfig + is self-contained, and the secret is regularly updated if credentials + such as a cloud-access-token expire. Cloud specific `cmd-path` + auth helpers will not function without adding binaries and credentials + to the Pod that is responsible for reconciling the Kustomization. properties: + key: + description: Key in the Secret, when not specified an implementation-specific + default key is used. + type: string name: - description: Name of the referent. + description: Name of the Secret. type: string required: - name @@ -6462,7 +6481,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6667,7 +6686,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6893,7 +6912,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: helm-controller namespace: flux-system --- @@ -6903,7 +6922,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: image-automation-controller namespace: flux-system --- @@ -6913,7 +6932,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: image-reflector-controller namespace: flux-system --- @@ -6923,7 +6942,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: kustomize-controller namespace: flux-system --- @@ -6933,7 +6952,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: notification-controller namespace: flux-system --- @@ -6943,7 +6962,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: source-controller namespace: flux-system --- @@ -6953,7 +6972,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: crd-controller-flux-system rules: - apiGroups: @@ -6991,6 +7010,8 @@ rules: resources: - namespaces - secrets + - configmaps + - serviceaccounts verbs: - get - list @@ -7006,7 +7027,6 @@ rules: - "" resources: - configmaps - - configmaps/status verbs: - get - list @@ -7015,6 +7035,14 @@ rules: - update - patch - delete +- apiGroups: + - "" + resources: + - configmaps/status + verbs: + - get + - update + - patch - apiGroups: - coordination.k8s.io resources: @@ -7034,7 +7062,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -7054,7 +7082,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -7086,7 +7114,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 control-plane: controller name: notification-controller namespace: flux-system @@ -7106,7 +7134,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 control-plane: controller name: source-controller namespace: flux-system @@ -7126,7 +7154,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 control-plane: controller name: webhook-receiver namespace: flux-system @@ -7146,7 +7174,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 control-plane: controller name: helm-controller namespace: flux-system @@ -7175,7 +7203,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.18.2 + image: ghcr.io/fluxcd/helm-controller:v0.21.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7228,7 +7256,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 control-plane: controller name: image-automation-controller namespace: flux-system @@ -7257,7 +7285,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-automation-controller:v0.21.3 + image: ghcr.io/fluxcd/image-automation-controller:v0.22.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7310,7 +7338,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 control-plane: controller name: image-reflector-controller namespace: flux-system @@ -7339,7 +7367,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-reflector-controller:v0.17.1 + image: ghcr.io/fluxcd/image-reflector-controller:v0.18.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7396,7 +7424,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 control-plane: controller name: kustomize-controller namespace: flux-system @@ -7425,7 +7453,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.22.3 + image: ghcr.io/fluxcd/kustomize-controller:v0.25.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7478,7 +7506,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 control-plane: controller name: notification-controller namespace: flux-system @@ -7506,7 +7534,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v0.23.2 + image: ghcr.io/fluxcd/notification-controller:v0.23.5 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7565,7 +7593,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 control-plane: controller name: source-controller namespace: flux-system @@ -7598,7 +7626,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/source-controller:v0.22.5 + image: ghcr.io/fluxcd/source-controller:v0.24.4 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7658,7 +7686,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: allow-egress namespace: flux-system spec: @@ -7678,7 +7706,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: allow-scraping namespace: flux-system spec: @@ -7698,7 +7726,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From c9b91d3f26e0a0ec4c25055637eb80d645e169d0 Mon Sep 17 00:00:00 2001 From: Flux <> Date: Fri, 6 May 2022 18:45:54 +0200 Subject: [PATCH 0154/1882] Add Flux sync manifests --- flux/cluster/base/flux-system/gotk-sync.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/base/flux-system/gotk-sync.yaml b/flux/cluster/base/flux-system/gotk-sync.yaml index a1736b6f..dae2663b 100644 --- a/flux/cluster/base/flux-system/gotk-sync.yaml +++ b/flux/cluster/base/flux-system/gotk-sync.yaml @@ -11,7 +11,7 @@ spec: branch: main secretRef: name: flux-system - url: ssh://git@git.xirion.net:2222/0x76/infrastructure.git + url: ssh://gitea@git.0x76.dev:42/v/infrastructure.git --- apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 kind: Kustomization -- 2.47.1 From f3cfba981f1d0aec869a6a3306dd1781023a9056 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 6 May 2022 21:39:00 +0200 Subject: [PATCH 0155/1882] remove headscale --- hosts.nix | 10 ++-- nixos/hosts/headscale/configuration.nix | 72 ------------------------- 2 files changed, 5 insertions(+), 77 deletions(-) delete mode 100644 nixos/hosts/headscale/configuration.nix diff --git a/hosts.nix b/hosts.nix index ac78c543..50ccd641 100644 --- a/hosts.nix +++ b/hosts.nix @@ -108,11 +108,11 @@ ip = "10.42.42.22"; mac = "DE:5F:B0:83:6F:34"; } - { - hostname = "headscale"; - ip = "10.42.42.23"; - mac = "76:31:39:8B:2D:43"; - } + # { + # hostname = "TBD"; + # ip = "10.42.42.23"; + # mac = "AA:AA:AA:AA:AA:AA"; + # } { hostname = "zmeura"; ip = "10.42.42.24"; diff --git a/nixos/hosts/headscale/configuration.nix b/nixos/hosts/headscale/configuration.nix deleted file mode 100644 index db446096..00000000 --- a/nixos/hosts/headscale/configuration.nix +++ /dev/null @@ -1,72 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ lib, config, pkgs, inputs, ... }: -{ - imports = [ ]; - - networking.hostName = "headscale"; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "21.11"; # Did you read the comment? - - # Additional packages - environment.systemPackages = with pkgs; [ ]; - - environment.noXlibs = lib.mkForce false; - - networking.firewall.allowedTCPPorts = [ config.services.headscale.port 50443 ]; - - services.postgresql = - let - db_name = config.services.headscale.database.name; - db_user = config.services.headscale.database.user; - in - { - enable = false; - package = pkgs.postgresql_13; - ensureDatabases = [ db_name ]; - authentication = "host ${db_name} ${db_user} 127.0.0.1/32 trust"; - ensureUsers = [ - { - name = db_user; - ensurePermissions = { "DATABASE ${db_name}" = "ALL PRIVILEGES"; }; - } - ]; - }; - - services.headscale = { - enable = false; - address = "0.0.0.0"; - serverUrl = "https://vpn.0x76.dev"; - logLevel = "debug"; - - settings = { - grpc_listen_addr = "0.0.0.0:50443"; - grpc_allow_insecure = true; - - ip_prefixes = [ - "fd7a:115c:a1e0::/48" - "100.64.0.0/10" - ]; - }; - - database = { - type = "postgres"; - port = config.services.postgresql.port; - name = "headscale"; - user = "headscale"; - host = "127.0.0.1"; - }; - }; - - systemd.services.headscale.environment = { - GIN_MODE = "release"; - }; -} -- 2.47.1 From 15ce6620a63edd716034acc9701071fb90493670 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 8 May 2022 02:13:44 +0200 Subject: [PATCH 0156/1882] nginx: enable brotli --- flake.lock | 107 ++++++++++++++++++++++------ flake.nix | 44 ++++++------ nixos/hosts/nginx/configuration.nix | 44 ++---------- terraform/hosts.auto.tfvars.json | 18 +++++ 4 files changed, 133 insertions(+), 80 deletions(-) diff --git a/flake.lock b/flake.lock index cd70f4b0..6f63c27c 100644 --- a/flake.lock +++ b/flake.lock @@ -20,6 +20,25 @@ "type": "github" } }, + "deploy-rs_2": { + "inputs": { + "flake-compat": "flake-compat_2", + "nixpkgs": "nixpkgs_4", + "utils": "utils_3" + }, + "locked": { + "lastModified": 1648475189, + "narHash": "sha256-gAGAS6IagwoUr1B0ohE3iR6sZ8hP4LSqzYLC8Mq3WGU=", + "owner": "serokell", + "repo": "deploy-rs", + "rev": "83e0c78291cd08cb827ba0d553ad9158ae5a95c3", + "type": "github" + }, + "original": { + "id": "deploy-rs", + "type": "indirect" + } + }, "flake-compat": { "flake": false, "locked": { @@ -37,6 +56,22 @@ } }, "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1648199409, + "narHash": "sha256-JwPKdC2PoVBkG6E+eWw3j6BMR6sL3COpYWfif7RVb8Y=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "64a525ee38886ab9028e6f61790de0832aa3ef03", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_3": { "flake": false, "locked": { "lastModified": 1627913399, @@ -51,7 +86,7 @@ "type": "indirect" } }, - "flake-compat_3": { + "flake-compat_4": { "flake": false, "locked": { "lastModified": 1627913399, @@ -163,11 +198,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1651799536, - "narHash": "sha256-+y4oD+E3PseG5jRhlfpBCSLOs1TKKtCWL/AsFCPXQYU=", + "lastModified": 1651886476, + "narHash": "sha256-fSPA5BEsoHx6ab5c2sK1apHcFbTs86SjwT63zXSuj/E=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "1d9335ce68b66262a25037c81e81f49363e5cb04", + "rev": "bbd8bc980d45d910f2673d3abfcc6617f2c3d122", "type": "github" }, "original": { @@ -179,7 +214,7 @@ "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_5" }, "locked": { "lastModified": 1633098935, @@ -197,7 +232,7 @@ "nix_2": { "inputs": { "lowdown-src": "lowdown-src_2", - "nixpkgs": "nixpkgs_6" + "nixpkgs": "nixpkgs_7" }, "locked": { "lastModified": 1633098935, @@ -246,21 +281,37 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1651827164, - "narHash": "sha256-w1niZCq4rhXX+23xLvrA5KR9OqT/72e5Mx/pfz/bZYU=", + "lastModified": 1651934509, + "narHash": "sha256-xofDh2dBoE9s4Lx2h815/qdULHlFRjdDvp0jDk2OHp8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "98000933d72a97632caf0db0027ea3eb2e5e7f29", + "rev": "c7a2979f4cec15b45e6a052b77ae590631426c9f", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable-small", + "ref": "master", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_4": { + "locked": { + "lastModified": 1648219316, + "narHash": "sha256-Ctij+dOi0ZZIfX5eMhgwugfvB+WZSrvVNAyAuANOsnQ=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "30d3d79b7d3607d56546dd2a6b49e156ba0ec634", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { "locked": { "lastModified": 1632864508, "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", @@ -275,7 +326,7 @@ "type": "indirect" } }, - "nixpkgs_5": { + "nixpkgs_6": { "locked": { "lastModified": 1632495107, "narHash": "sha256-4NGE56r+FJGBaCYu3CTH4O83Ys4TrtnEPXrvdwg1TDs=", @@ -289,7 +340,7 @@ "type": "indirect" } }, - "nixpkgs_6": { + "nixpkgs_7": { "locked": { "lastModified": 1632864508, "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", @@ -304,7 +355,7 @@ "type": "indirect" } }, - "nixpkgs_7": { + "nixpkgs_8": { "locked": { "lastModified": 1632495107, "narHash": "sha256-4NGE56r+FJGBaCYu3CTH4O83Ys4TrtnEPXrvdwg1TDs=", @@ -329,18 +380,19 @@ }, "serokell-nix": { "inputs": { - "flake-compat": "flake-compat_2", + "deploy-rs": "deploy-rs_2", + "flake-compat": "flake-compat_3", "flake-utils": "flake-utils_2", "gitignore-nix": "gitignore-nix", "nix": "nix", - "nixpkgs": "nixpkgs_5" + "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1651674183, - "narHash": "sha256-voNo/SzDmjXdk77gq2PRe7E+yJlw/zNuyHij8lNiZDE=", + "lastModified": 1651884062, + "narHash": "sha256-gr3BGy0yJL4Qx2NdbzEUAI3+Hi558AAVUAczaz6423w=", "owner": "serokell", "repo": "serokell.nix", - "rev": "826a2c4c8987766640885f4dc8af344e90abb149", + "rev": "3d533eb5b37142d6a3a8dea5ea3c159ad6595eb7", "type": "github" }, "original": { @@ -382,12 +434,27 @@ "type": "github" } }, + "utils_3": { + "locked": { + "lastModified": 1648297722, + "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "vault-secrets": { "inputs": { - "flake-compat": "flake-compat_3", + "flake-compat": "flake-compat_4", "flake-utils": "flake-utils_3", "nix": "nix_2", - "nixpkgs": "nixpkgs_7" + "nixpkgs": "nixpkgs_8" }, "locked": { "lastModified": 1633626134, diff --git a/flake.nix b/flake.nix index e0a378d0..ca4f50f6 100644 --- a/flake.nix +++ b/flake.nix @@ -7,7 +7,7 @@ inputs = { deploy-rs.url = "github:serokell/deploy-rs"; - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; + nixpkgs.url = "github:nixos/nixpkgs/master"; serokell-nix.url = "github:serokell/serokell.nix"; vault-secrets.url = "github:serokell/vault-secrets"; minecraft-servers.url = "github:jyooru/nix-minecraft-servers"; @@ -44,40 +44,43 @@ fastConnection = true; profiles.system = { user = "root"; - path = deploy-rs.lib.${system}.activate.nixos - self.nixosConfigurations.${profile}; + path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.${profile}; }; }; }; # Generates hosts.auto.tfvars.json for Terraform - genTFVars = let - hostToVar = z@{ hostname, mac, ... }: { - "${hostname}" = { inherit mac; }; - }; - hostSet = lib.foldr (el: acc: acc // hostToVar el) { } hosts; - json = builtins.toJSON { hosts = hostSet; }; - in pkgs.writeScriptBin "gen-tf-vars" '' - echo '${json}' | ${pkgs.jq}/bin/jq > terraform/hosts.auto.tfvars.json; - echo "Generated Terraform Variables"; - ''; + genTFVars = + let + hostToVar = z@{ hostname, mac, ... }: { + "${hostname}" = { inherit mac; }; + }; + hostSet = lib.foldr (el: acc: acc // hostToVar el) { } hosts; + json = builtins.toJSON { hosts = hostSet; }; + in + pkgs.writeScriptBin "gen-tf-vars" '' + echo '${json}' | ${pkgs.jq}/bin/jq > terraform/hosts.auto.tfvars.json; + echo "Generated Terraform Variables"; + ''; # Import all nixos host definitions that are actual nix machines nixHosts = filter ({ nix ? true, ... }: nix) hosts; - pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} - [ vault-secrets.overlay ]; + pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ]; - deployChecks = - mapAttrs (_: lib: lib.deployChecks self.deploy) deploy-rs.lib; + deployChecks = mapAttrs (_: lib: lib.deployChecks self.deploy) deploy-rs.lib; checks = { }; - in { + in + { # Make the config and deploy sets - nixosConfigurations = - lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; + nixosConfigurations = lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; deploy.nodes = lib.foldr (el: acc: acc // mkDeploy el) { } nixHosts; apps.${system} = { + # deploy = { + # type = "app"; + # program = "${deploy-rs.packages.${system}.deploy-rs}/bin/deploy"; + # }; vault-push-approles = { type = "app"; program = "${pkgs.vault-push-approles self}/bin/vault-push-approles"; @@ -97,6 +100,7 @@ devShells.${system}.default = pkgs.mkShell { VAULT_ADDR = "http://vault.olympus:8200/"; # This only support bash so just execute zsh in bash as a workaround :/ + shellHook = "zsh"; buildInputs = with pkgs; [ deploy-rs.packages.${system}.deploy-rs fluxcd diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index 5a155350..4cfe86ce 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -31,6 +31,10 @@ in recommendedProxySettings = true; recommendedTlsSettings = true; + package = pkgs.nginxMainline.override { + modules = with pkgs.nginxModules; [ brotli ]; + }; + # Reverse Proxies virtualHosts."ha.0x76.dev" = proxy "http://home-assistant.olympus:8123/"; virtualHosts."zookeeper-dev.0x76.dev" = proxy "http://eevee.olympus:8085/"; @@ -43,46 +47,6 @@ in virtualHosts."wooloofan.club" = k8s_proxy; virtualHosts."whoami.wooloofan.club" = k8s_proxy; - # Headscale - virtualHosts."vpn.0x76.dev" = { - enableACME = true; - forceSSL = true; - - locations = { - "/headscale." = { - extraConfig = '' - grpc_pass grpc://headscale.olympus:50443; - ''; - priority = 1; - }; - - # "/metrics" = { - # proxyPass = "http://plausible.olympus:9090"; - # extraConfig = '' - # allow 10.0.0.0/8; - # allow 100.64.0.0/16; - # deny all; - # ''; - # priority = 2; - # }; - - "/" = { - proxyPass = "http://headscale.olympus:8080"; - proxyWebsockets = true; - extraConfig = '' - keepalive_requests 100000; - keepalive_timeout 160s; - proxy_buffering off; - proxy_connect_timeout 75; - proxy_ignore_client_abort on; - proxy_read_timeout 900s; - proxy_send_timeout 600; - send_timeout 600; - ''; - priority = 99; - }; - }; - }; }; security.acme.defaults.email = "victorheld12@gmail.com"; diff --git a/terraform/hosts.auto.tfvars.json b/terraform/hosts.auto.tfvars.json index 6ffa1bf1..2ac54e16 100644 --- a/terraform/hosts.auto.tfvars.json +++ b/terraform/hosts.auto.tfvars.json @@ -24,12 +24,18 @@ "eevee": { "mac": "34:97:f6:93:9A:AA" }, + "gitea": { + "mac": "DE:5F:B0:83:6F:34" + }, "home-assistant": { "mac": "9E:60:78:ED:81:B4" }, "k3s-node1": { "mac": "2E:F8:55:23:D9:9B" }, + "minecraft": { + "mac": "EA:30:73:E4:B6:69" + }, "minio": { "mac": "0A:06:5E:E7:9A:0C" }, @@ -42,6 +48,12 @@ "nuc": { "mac": "1C:69:7A:62:30:88" }, + "plausible": { + "mac": "82:34:70:FA:44:6F" + }, + "unifi": { + "mac": "1A:88:A0:B0:65:B4" + }, "unifi-ap": { "mac": "b4:fb:e4:f3:ff:1b" }, @@ -50,6 +62,12 @@ }, "victoriametrics": { "mac": "9E:91:61:35:84:1F" + }, + "wireguard": { + "mac": "1E:ED:97:2C:C3:9D" + }, + "zmeura": { + "mac": "b8:27:eb:d5:e0:f5" } } } -- 2.47.1 From 5a0df81197acd75d0e1fbf7309f4b09deab6bdb9 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 8 May 2022 13:26:27 +0200 Subject: [PATCH 0157/1882] updated nix --- flake.lock | 18 +++++++++--------- flake.nix | 8 ++++---- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/flake.lock b/flake.lock index 6f63c27c..21971f60 100644 --- a/flake.lock +++ b/flake.lock @@ -198,11 +198,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1651886476, - "narHash": "sha256-fSPA5BEsoHx6ab5c2sK1apHcFbTs86SjwT63zXSuj/E=", + "lastModified": 1651978388, + "narHash": "sha256-RIMWD6myYtmeP2ryPPNIMNZ5D6NpUD9chvrD8yy/1J0=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "bbd8bc980d45d910f2673d3abfcc6617f2c3d122", + "rev": "8900142d65675c721b3a6cdbb98e4ea8d8118a71", "type": "github" }, "original": { @@ -265,11 +265,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1646506091, - "narHash": "sha256-sWNAJE2m+HOh1jtXlHcnhxsj6/sXrHgbqVNcVRlveK4=", + "lastModified": 1651927509, + "narHash": "sha256-fGVGUdEsriuAL1vkUh29FlOQmEkPRnSfRGImWYaVjos=", "owner": "nixos", "repo": "nixpkgs", - "rev": "3e644bd62489b516292c816f70bf0052c693b3c7", + "rev": "2fdb6f2e08e7989b03a2a1aa8538d99e3eeea881", "type": "github" }, "original": { @@ -281,11 +281,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1651934509, - "narHash": "sha256-xofDh2dBoE9s4Lx2h815/qdULHlFRjdDvp0jDk2OHp8=", + "lastModified": 1652007072, + "narHash": "sha256-GXP/3f1/qYx++Ys7cnyOQuvPhIjov56QC/hGwHyL280=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c7a2979f4cec15b45e6a052b77ae590631426c9f", + "rev": "52f31d531b68d92f901310ea3a48999ac182df73", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index ca4f50f6..6614616b 100644 --- a/flake.nix +++ b/flake.nix @@ -77,10 +77,10 @@ deploy.nodes = lib.foldr (el: acc: acc // mkDeploy el) { } nixHosts; apps.${system} = { - # deploy = { - # type = "app"; - # program = "${deploy-rs.packages.${system}.deploy-rs}/bin/deploy"; - # }; + deploy = { + type = "app"; + program = "${deploy-rs.packages.${system}.deploy-rs}/bin/deploy"; + }; vault-push-approles = { type = "app"; program = "${pkgs.vault-push-approles self}/bin/vault-push-approles"; -- 2.47.1 From a5096ab3163ae2661ea164a33c1484dbb9d25cae Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 13 May 2022 16:31:59 +0200 Subject: [PATCH 0158/1882] things --- flake.lock | 18 +++++++++--------- flake.nix | 4 ++-- hosts.nix | 1 - nixos/hosts/plausible/configuration.nix | 6 ++++-- nixos/pkgs/default.nix | 2 +- 5 files changed, 16 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 21971f60..9550776f 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1648475189, - "narHash": "sha256-gAGAS6IagwoUr1B0ohE3iR6sZ8hP4LSqzYLC8Mq3WGU=", + "lastModified": 1652079807, + "narHash": "sha256-aCs1EwO9K2yJ1DcT4+4g7BMlJBWP7Xjs4k5i8ueR8PU=", "owner": "serokell", "repo": "deploy-rs", - "rev": "83e0c78291cd08cb827ba0d553ad9158ae5a95c3", + "rev": "690f698b18345d894784752b5fa93b9b8f3cc29f", "type": "github" }, "original": { @@ -198,11 +198,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1651978388, - "narHash": "sha256-RIMWD6myYtmeP2ryPPNIMNZ5D6NpUD9chvrD8yy/1J0=", + "lastModified": 1652168810, + "narHash": "sha256-84F11nA1dixXi2wKXYNQxJuDjirXZxoz9LnWzh72Jw4=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "8900142d65675c721b3a6cdbb98e4ea8d8118a71", + "rev": "346324ed142697c44cbb0f3fcfadf6e84be9281e", "type": "github" }, "original": { @@ -281,11 +281,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1652007072, - "narHash": "sha256-GXP/3f1/qYx++Ys7cnyOQuvPhIjov56QC/hGwHyL280=", + "lastModified": 1652302275, + "narHash": "sha256-OFhH+klAOesP+nhEM5icPOxfwv6MD4RB4hikewIS3yE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "52f31d531b68d92f901310ea3a48999ac182df73", + "rev": "2b6405afa8a67dc12eb0f6989e85b5d80c7d25e4", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 6614616b..893eac17 100644 --- a/flake.nix +++ b/flake.nix @@ -111,8 +111,8 @@ nixfmt nixUnstable vault - (vault-push-approles self { }) - (vault-push-approle-envs self { }) + # (vault-push-approles self { }) + # (vault-push-approle-envs self { }) genTFVars ]; }; diff --git a/hosts.nix b/hosts.nix index 50ccd641..f88bd498 100644 --- a/hosts.nix +++ b/hosts.nix @@ -86,7 +86,6 @@ hostname = "plausible"; ip = "10.42.42.18"; mac = "82:34:70:FA:44:6F"; - nix = false; } { hostname = "victoriametrics"; diff --git a/nixos/hosts/plausible/configuration.nix b/nixos/hosts/plausible/configuration.nix index 999c2ef8..15449c18 100644 --- a/nixos/hosts/plausible/configuration.nix +++ b/nixos/hosts/plausible/configuration.nix @@ -29,8 +29,10 @@ in vault-secrets.secrets.plausible = { }; services.plausible = { - enable = false; - releaseCookiePath = "${vs.plausible}/cookie"; + enable = true; + releaseCookiePath = "${pkgs.runCommand "cookie" { } '' + ${pkgs.openssl}/bin/openssl rand -base64 64 >"$out" + ''}"; server = { baseUrl = "https://analytics.0x76.dev"; secretKeybaseFile = "${vs.plausible}/secretkeybase"; diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index 0e944e3c..67a0f134 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -1,5 +1,5 @@ final: prev: { - clickhouse = prev.callPackage ./clickhouse { }; + # clickhouse = prev.callPackage ./clickhouse { }; v = { unbound = prev.unbound.override { -- 2.47.1 From 9848586766e39b3e4286adc51690355c5727557e Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 15 May 2022 01:24:06 +0200 Subject: [PATCH 0159/1882] deploy hedgedoc --- flake.lock | 18 +++--- flake.nix | 3 +- hosts.nix | 10 ++-- nixos/hosts/hedgedoc/configuration.nix | 78 ++++++++++++++++++++++++++ nixos/hosts/nginx/configuration.nix | 2 +- 5 files changed, 95 insertions(+), 16 deletions(-) create mode 100644 nixos/hosts/hedgedoc/configuration.nix diff --git a/flake.lock b/flake.lock index 9550776f..30f9defb 100644 --- a/flake.lock +++ b/flake.lock @@ -198,11 +198,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1652168810, - "narHash": "sha256-84F11nA1dixXi2wKXYNQxJuDjirXZxoz9LnWzh72Jw4=", + "lastModified": 1652405436, + "narHash": "sha256-+B05vhYU64vIs2r0h+43qnI19eA20J48I3qv/bisIWY=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "346324ed142697c44cbb0f3fcfadf6e84be9281e", + "rev": "9f8da33e00fbf9f0d9e28d8d87c792ff6980dc11", "type": "github" }, "original": { @@ -281,16 +281,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1652302275, - "narHash": "sha256-OFhH+klAOesP+nhEM5icPOxfwv6MD4RB4hikewIS3yE=", - "owner": "nixos", + "lastModified": 1652543897, + "narHash": "sha256-KOXHQQKEw20XuBqOk0m06T44m7PhgxyBdxdy5A8Zq/4=", + "owner": "NULLx76", "repo": "nixpkgs", - "rev": "2b6405afa8a67dc12eb0f6989e85b5d80c7d25e4", + "rev": "d14aae0cf608a325a717bb4d617d69bac934dfae", "type": "github" }, "original": { - "owner": "nixos", - "ref": "master", + "owner": "NULLx76", + "ref": "fix-hedgedoc", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 893eac17..154e1c6d 100644 --- a/flake.nix +++ b/flake.nix @@ -7,7 +7,8 @@ inputs = { deploy-rs.url = "github:serokell/deploy-rs"; - nixpkgs.url = "github:nixos/nixpkgs/master"; + # nixpkgs.url = "github:nixos/nixpkgs/master"; + nixpkgs.url ="github:NULLx76/nixpkgs/fix-hedgedoc"; serokell-nix.url = "github:serokell/serokell.nix"; vault-secrets.url = "github:serokell/vault-secrets"; minecraft-servers.url = "github:jyooru/nix-minecraft-servers"; diff --git a/hosts.nix b/hosts.nix index f88bd498..1fba2143 100644 --- a/hosts.nix +++ b/hosts.nix @@ -107,11 +107,11 @@ ip = "10.42.42.22"; mac = "DE:5F:B0:83:6F:34"; } - # { - # hostname = "TBD"; - # ip = "10.42.42.23"; - # mac = "AA:AA:AA:AA:AA:AA"; - # } + { + hostname = "hedgedoc"; + ip = "10.42.42.23"; + mac = "86:BC:0C:18:BC:9B"; + } { hostname = "zmeura"; ip = "10.42.42.24"; diff --git a/nixos/hosts/hedgedoc/configuration.nix b/nixos/hosts/hedgedoc/configuration.nix new file mode 100644 index 00000000..82f398a8 --- /dev/null +++ b/nixos/hosts/hedgedoc/configuration.nix @@ -0,0 +1,78 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ lib, config, pkgs, inputs, ... }: +let + db_name = "hedgedoc"; + db_user = "hedgedoc"; + vs = config.vault-secrets.secrets; +in +{ + imports = [ ]; + + networking.hostName = "hedgedoc"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + environment.noXlibs = lib.mkForce false; + + networking.firewall.allowedTCPPorts = [ config.services.hedgedoc.configuration.port ]; + + vault-secrets.secrets.hedgedoc = { }; + + services.postgresql = + { + enable = true; + package = pkgs.postgresql_13; + ensureDatabases = [ db_name ]; + # authentication = "host ${db_name} ${db_user} 127.0.0.1/32 trust"; + ensureUsers = [ + { + name = db_user; + ensurePermissions = { "DATABASE ${db_name}" = "ALL PRIVILEGES"; }; + } + ]; + }; + + services.hedgedoc = { + enable = true; + environmentFile = "${vs.hedgedoc}/environment"; + configuration = { + host = "0.0.0.0"; + port = 3000; + sessionSecret = "$SESSION_SECRET"; + domain = "md.0x76.dev"; + protocolUseSSL = true; + hsts.enable = true; + allowOrigin = [ + config.services.hedgedoc.configuration.domain + "hedgedoc" + ]; + allowEmailRegister = false; + imageUploadType = "minio"; + db = { + dialect = "postgres"; + username = db_user; + database = db_name; + host = "/run/postgresql"; + }; + s3bucket = "hedgedoc"; + minio = { + secure = false; + endPoint = "minio.olympus"; + accessKey = "$MINIO_ACCESS_KEY"; + secretKey = "$MINIO_SECRET_KEY"; + }; + }; + }; +} diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index 4cfe86ce..f96fa16e 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -38,7 +38,7 @@ in # Reverse Proxies virtualHosts."ha.0x76.dev" = proxy "http://home-assistant.olympus:8123/"; virtualHosts."zookeeper-dev.0x76.dev" = proxy "http://eevee.olympus:8085/"; - # virtualHosts."analytics.0x76.dev" = proxy "http://plausible.olympus:8000/"; + virtualHosts."md.0x76.dev" = proxy "http://hedgedoc.olympus:3000/"; virtualHosts."git.0x76.dev" = proxy "http://gitea.olympus:3000"; # Kubernetes endpoints -- 2.47.1 From ed88c499c3b01c8647ff4f5679c07216bd63a224 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 15 May 2022 10:54:26 +0200 Subject: [PATCH 0160/1882] hedgedoc: configure minio properly --- nixos/hosts/hedgedoc/configuration.nix | 9 ++++++--- nixos/hosts/nginx/configuration.nix | 2 ++ 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/nixos/hosts/hedgedoc/configuration.nix b/nixos/hosts/hedgedoc/configuration.nix index 82f398a8..66fec373 100644 --- a/nixos/hosts/hedgedoc/configuration.nix +++ b/nixos/hosts/hedgedoc/configuration.nix @@ -35,7 +35,6 @@ in enable = true; package = pkgs.postgresql_13; ensureDatabases = [ db_name ]; - # authentication = "host ${db_name} ${db_user} 127.0.0.1/32 trust"; ensureUsers = [ { name = db_user; @@ -59,6 +58,9 @@ in "hedgedoc" ]; allowEmailRegister = false; + allowAnonymousEdits = true; + allowFreeURL = true; + requireFreeURLAuthentication = true; imageUploadType = "minio"; db = { dialect = "postgres"; @@ -68,8 +70,9 @@ in }; s3bucket = "hedgedoc"; minio = { - secure = false; - endPoint = "minio.olympus"; + secure = true; + endPoint = "o.0x76.dev"; + port = 443; accessKey = "$MINIO_ACCESS_KEY"; secretKey = "$MINIO_SECRET_KEY"; }; diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index f96fa16e..51153718 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -30,6 +30,7 @@ in enable = true; recommendedProxySettings = true; recommendedTlsSettings = true; + recommendedOptimisation = true; package = pkgs.nginxMainline.override { modules = with pkgs.nginxModules; [ brotli ]; @@ -40,6 +41,7 @@ in virtualHosts."zookeeper-dev.0x76.dev" = proxy "http://eevee.olympus:8085/"; virtualHosts."md.0x76.dev" = proxy "http://hedgedoc.olympus:3000/"; virtualHosts."git.0x76.dev" = proxy "http://gitea.olympus:3000"; + virtualHosts."o.0x76.dev" = proxy "http://minio.olympus:9000"; # Kubernetes endpoints virtualHosts."0x76.dev" = k8s_proxy; -- 2.47.1 From 2e1f27f41d4b0cb41f63d6995b5730fed0044003 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 15 May 2022 16:08:27 +0200 Subject: [PATCH 0161/1882] hedgedoc: add github auth --- flake.lock | 20 ++++++++++---------- flake.nix | 2 +- nixos/common/default.nix | 5 ++++- nixos/hosts/hedgedoc/configuration.nix | 6 +++++- 4 files changed, 20 insertions(+), 13 deletions(-) diff --git a/flake.lock b/flake.lock index 30f9defb..c6a75e09 100644 --- a/flake.lock +++ b/flake.lock @@ -198,11 +198,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1652405436, - "narHash": "sha256-+B05vhYU64vIs2r0h+43qnI19eA20J48I3qv/bisIWY=", + "lastModified": 1652589151, + "narHash": "sha256-urnzpw+gz5SAl70jw1ChZm65oqnX5duE6AHgcv5+Chs=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "9f8da33e00fbf9f0d9e28d8d87c792ff6980dc11", + "rev": "4fc33b94eed52c063d49d1179acd36c184b62bf4", "type": "github" }, "original": { @@ -265,11 +265,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1651927509, - "narHash": "sha256-fGVGUdEsriuAL1vkUh29FlOQmEkPRnSfRGImWYaVjos=", + "lastModified": 1652133925, + "narHash": "sha256-kfATGChLe9/fQVZkXN9G71JAVMlhePv1qDbaRKklkQs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "2fdb6f2e08e7989b03a2a1aa8538d99e3eeea881", + "rev": "51d859cdab1ef58755bd342d45352fc607f5e59b", "type": "github" }, "original": { @@ -281,16 +281,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1652543897, - "narHash": "sha256-KOXHQQKEw20XuBqOk0m06T44m7PhgxyBdxdy5A8Zq/4=", + "lastModified": 1652608635, + "narHash": "sha256-B4BbT+Gl4MHBvtT/tzq6MaH1wjR59FGfLat02pTyWTM=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "d14aae0cf608a325a717bb4d617d69bac934dfae", + "rev": "e9b1375878a798850457c7c86af2795451b489b1", "type": "github" }, "original": { "owner": "NULLx76", - "ref": "fix-hedgedoc", + "ref": "update-hedgedoc-module", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 154e1c6d..127b6527 100644 --- a/flake.nix +++ b/flake.nix @@ -8,7 +8,7 @@ inputs = { deploy-rs.url = "github:serokell/deploy-rs"; # nixpkgs.url = "github:nixos/nixpkgs/master"; - nixpkgs.url ="github:NULLx76/nixpkgs/fix-hedgedoc"; + nixpkgs.url = "github:NULLx76/nixpkgs/update-hedgedoc-module"; serokell-nix.url = "github:serokell/serokell.nix"; vault-secrets.url = "github:serokell/vault-secrets"; minecraft-servers.url = "github:jyooru/nix-minecraft-servers"; diff --git a/nixos/common/default.nix b/nixos/common/default.nix index d2812adf..7ce33056 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -37,7 +37,10 @@ }; nixpkgs.config.allowUnfree = true; - nixpkgs.overlays = [ (import ../pkgs) inputs.minecraft-servers.overlay ]; + nixpkgs.overlays = [ + (import ../pkgs) + inputs.minecraft-servers.overlays.default + ]; # Limit the systemd journal to 100 MB of disk or the # last 7 days of logs, whichever happens first. diff --git a/nixos/hosts/hedgedoc/configuration.nix b/nixos/hosts/hedgedoc/configuration.nix index 66fec373..f0135e4f 100644 --- a/nixos/hosts/hedgedoc/configuration.nix +++ b/nixos/hosts/hedgedoc/configuration.nix @@ -58,7 +58,7 @@ in "hedgedoc" ]; allowEmailRegister = false; - allowAnonymousEdits = true; + allowAnonymousEdits = false; allowFreeURL = true; requireFreeURLAuthentication = true; imageUploadType = "minio"; @@ -76,6 +76,10 @@ in accessKey = "$MINIO_ACCESS_KEY"; secretKey = "$MINIO_SECRET_KEY"; }; + github = { + clientID = "$GITHUB_CLIENTID"; + clientSecret = "$GITHUB_CLIENTSECRET"; + }; }; }; } -- 2.47.1 From 73ce586206d074378027290eb2106487abb9ce6c Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 16 May 2022 14:17:45 +0200 Subject: [PATCH 0162/1882] nginx: brotli --- nixos/hosts/nginx/configuration.nix | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index 51153718..7425c01c 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -51,6 +51,17 @@ in }; + services.nginx.commonHttpConfig = '' + brotli on; + brotli_comp_level 6; + brotli_static on; + brotli_types application/atom+xml application/javascript application/json application/rss+xml + application/vnd.ms-fontobject application/x-font-opentype application/x-font-truetype + application/x-font-ttf application/x-javascript application/xhtml+xml application/xml + font/eot font/opentype font/otf font/truetype image/svg+xml image/vnd.microsoft.icon + image/x-icon image/x-win-bitmap text/css text/javascript text/plain text/xml; + ''; + security.acme.defaults.email = "victorheld12@gmail.com"; security.acme.acceptTerms = true; security.acme.preliminarySelfsigned = true; -- 2.47.1 From 3b85e288700b54677507365708862ad2c4699f92 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 16 May 2022 14:17:55 +0200 Subject: [PATCH 0163/1882] hedgedoc: fixed perms --- nixos/hosts/gitea/configuration.nix | 2 ++ nixos/hosts/hedgedoc/configuration.nix | 11 ++++++----- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/nixos/hosts/gitea/configuration.nix b/nixos/hosts/gitea/configuration.nix index 57788609..6f9f14ca 100644 --- a/nixos/hosts/gitea/configuration.nix +++ b/nixos/hosts/gitea/configuration.nix @@ -32,6 +32,8 @@ database.type = "postgres"; ssh.clonePort = 42; disableRegistration = true; + cookieSecure = true; + settings = { ui = { diff --git a/nixos/hosts/hedgedoc/configuration.nix b/nixos/hosts/hedgedoc/configuration.nix index f0135e4f..903749b0 100644 --- a/nixos/hosts/hedgedoc/configuration.nix +++ b/nixos/hosts/hedgedoc/configuration.nix @@ -57,8 +57,9 @@ in config.services.hedgedoc.configuration.domain "hedgedoc" ]; + allowAnonymous = false; allowEmailRegister = false; - allowAnonymousEdits = false; + allowAnonymousEdits = true; allowFreeURL = true; requireFreeURLAuthentication = true; imageUploadType = "minio"; @@ -76,10 +77,10 @@ in accessKey = "$MINIO_ACCESS_KEY"; secretKey = "$MINIO_SECRET_KEY"; }; - github = { - clientID = "$GITHUB_CLIENTID"; - clientSecret = "$GITHUB_CLIENTSECRET"; - }; + # github = { + # clientID = "$GITHUB_CLIENTID"; + # clientSecret = "$GITHUB_CLIENTSECRET"; + # }; }; }; } -- 2.47.1 From e868a3e71ec0ad5b08ec20d3d38a51d37bd7d077 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 16 May 2022 15:29:09 +0200 Subject: [PATCH 0164/1882] add db --- hosts.nix | 5 +++ nixos/hosts/database/configuration.nix | 43 ++++++++++++++++++++++++++ 2 files changed, 48 insertions(+) create mode 100644 nixos/hosts/database/configuration.nix diff --git a/hosts.nix b/hosts.nix index 1fba2143..10591315 100644 --- a/hosts.nix +++ b/hosts.nix @@ -123,6 +123,11 @@ ip = "10.42.42.25"; mac = "1E:ED:97:2C:C3:9D"; } + { + hostname = "database"; + ip = "10.42.42.26"; + mac = "CE:6E:96:87:18:1B"; + } { hostname = "nuc"; ip = "10.42.42.42"; diff --git a/nixos/hosts/database/configuration.nix b/nixos/hosts/database/configuration.nix new file mode 100644 index 00000000..22022400 --- /dev/null +++ b/nixos/hosts/database/configuration.nix @@ -0,0 +1,43 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: +let + databases = [ "authentik" ]; + +in +{ + imports = [ ]; + + networking.hostName = "database"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ config.services.postgresql.port ]; + + services.postgresql = + { + enable = true; + package = pkgs.postgresql_14; + ensureDatabases = databases; + enableTCPIP = true; + # Allow all hosts on the server subnet, should probably lock this down more in the future + authentication = "host all all 10.42.42.0/24 trust"; + ensureUsers = map + (name: { + inherit name; + ensurePermissions = { "DATABASE ${name}" = "ALL PRIVILEGES"; }; + }) + databases; + }; +} -- 2.47.1 From 9abcaa80c792a1e5dacabdfad910d5396c2c685a Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 16 May 2022 15:31:42 +0200 Subject: [PATCH 0165/1882] add authentik namespace --- flux/cluster/apps/authentik/kustomization.yaml | 2 ++ flux/cluster/apps/kustomization.yaml | 1 + flux/cluster/core/namespaces/authentik.yaml | 5 +++++ flux/cluster/core/namespaces/kustomization.yaml | 1 + 4 files changed, 9 insertions(+) create mode 100644 flux/cluster/apps/authentik/kustomization.yaml create mode 100644 flux/cluster/core/namespaces/authentik.yaml diff --git a/flux/cluster/apps/authentik/kustomization.yaml b/flux/cluster/apps/authentik/kustomization.yaml new file mode 100644 index 00000000..4ea1bcca --- /dev/null +++ b/flux/cluster/apps/authentik/kustomization.yaml @@ -0,0 +1,2 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization diff --git a/flux/cluster/apps/kustomization.yaml b/flux/cluster/apps/kustomization.yaml index b075bbef..190001b1 100644 --- a/flux/cluster/apps/kustomization.yaml +++ b/flux/cluster/apps/kustomization.yaml @@ -3,3 +3,4 @@ kind: Kustomization resources: - networking - presidential-paradise + - authentik \ No newline at end of file diff --git a/flux/cluster/core/namespaces/authentik.yaml b/flux/cluster/core/namespaces/authentik.yaml new file mode 100644 index 00000000..ae71e15e --- /dev/null +++ b/flux/cluster/core/namespaces/authentik.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: authentik diff --git a/flux/cluster/core/namespaces/kustomization.yaml b/flux/cluster/core/namespaces/kustomization.yaml index 5f33cedc..753e131b 100644 --- a/flux/cluster/core/namespaces/kustomization.yaml +++ b/flux/cluster/core/namespaces/kustomization.yaml @@ -4,4 +4,5 @@ resources: - presidential-paradise.yaml - networking.yaml - external-secrets.yaml + - authentik.yaml -- 2.47.1 From 27b0e0b83a6878de78f2f5d082bf34b01b8161b5 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 16 May 2022 15:37:12 +0200 Subject: [PATCH 0166/1882] flux: update charts --- flux/cluster/apps/networking/traefik/helm-release.yaml | 2 +- .../core/external-secrets/external-secrets/helm-release.yaml | 2 +- flux/cluster/core/networking/metallb/helm-release.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/flux/cluster/apps/networking/traefik/helm-release.yaml b/flux/cluster/apps/networking/traefik/helm-release.yaml index 18f40826..5f785e18 100644 --- a/flux/cluster/apps/networking/traefik/helm-release.yaml +++ b/flux/cluster/apps/networking/traefik/helm-release.yaml @@ -10,7 +10,7 @@ spec: spec: # renovate: registryUrl=https://helm.traefik.io/traefik chart: traefik - version: 10.6.2 + version: 10.19.5 sourceRef: kind: HelmRepository name: traefik-charts diff --git a/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml b/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml index 5b663051..2f9876fd 100644 --- a/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml +++ b/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml @@ -10,7 +10,7 @@ spec: spec: # renovate: registryUrl=https://charts.external-secrets.io chart: external-secrets - version: 0.3.8 + version: 0.5.3 sourceRef: kind: HelmRepository name: external-secrets-charts diff --git a/flux/cluster/core/networking/metallb/helm-release.yaml b/flux/cluster/core/networking/metallb/helm-release.yaml index b47e4eac..e9d2cfd8 100644 --- a/flux/cluster/core/networking/metallb/helm-release.yaml +++ b/flux/cluster/core/networking/metallb/helm-release.yaml @@ -10,7 +10,7 @@ spec: spec: # renovate: registryUrl=https://metallb.github.io/metallb chart: metallb - version: 0.11.0 + version: 0.12.1 sourceRef: kind: HelmRepository name: metallb-charts -- 2.47.1 From c53b9dcd0cb7ecb7e19f77462d1e1831648dbcdd Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 16 May 2022 15:39:28 +0200 Subject: [PATCH 0167/1882] flux: update crds --- flux/cluster/crds/external-secrets/crds.yaml | 2 +- flux/cluster/crds/traefik/crds.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/flux/cluster/crds/external-secrets/crds.yaml b/flux/cluster/crds/external-secrets/crds.yaml index 40354495..00c89d3e 100644 --- a/flux/cluster/crds/external-secrets/crds.yaml +++ b/flux/cluster/crds/external-secrets/crds.yaml @@ -9,7 +9,7 @@ spec: url: https://github.com/external-secrets/external-secrets.git ref: # renovate: registryUrl=https://charts.external-secrets.io chart=external-secrets - tag: v0.3.8 + tag: v0.5.3 ignore: | # exclude all /* diff --git a/flux/cluster/crds/traefik/crds.yaml b/flux/cluster/crds/traefik/crds.yaml index 89e3fa1e..74099933 100644 --- a/flux/cluster/crds/traefik/crds.yaml +++ b/flux/cluster/crds/traefik/crds.yaml @@ -9,7 +9,7 @@ spec: url: https://github.com/traefik/traefik-helm-chart.git ref: # renovate: registryUrl=https://helm.traefik.io/traefik chart=traefik - tag: v10.6.2 + tag: v10.19.5 ignore: | # exclude all /* -- 2.47.1 From 75c63c07f6d771d61fb48a71827b4524a4e5ba98 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 16 May 2022 15:45:46 +0200 Subject: [PATCH 0168/1882] flux: update crds versions --- .../apps/presidential-paradise/xirion-registry-creds.yaml | 2 +- .../apps/presidential-paradise/zookeeper/external-secret.yaml | 2 +- flux/cluster/base/flux-system/xirion-registry-creds.yaml | 2 +- .../external-secrets/external-secrets/vault-secret-store.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/flux/cluster/apps/presidential-paradise/xirion-registry-creds.yaml b/flux/cluster/apps/presidential-paradise/xirion-registry-creds.yaml index 8a91e432..c43b5896 100644 --- a/flux/cluster/apps/presidential-paradise/xirion-registry-creds.yaml +++ b/flux/cluster/apps/presidential-paradise/xirion-registry-creds.yaml @@ -1,4 +1,4 @@ -apiVersion: external-secrets.io/v1alpha1 +apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret metadata: name: xirion-registry-creds diff --git a/flux/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml b/flux/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml index 317b1fd0..a2a2499a 100644 --- a/flux/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml +++ b/flux/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml @@ -1,4 +1,4 @@ -apiVersion: external-secrets.io/v1alpha1 +apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret metadata: name: zookeeper diff --git a/flux/cluster/base/flux-system/xirion-registry-creds.yaml b/flux/cluster/base/flux-system/xirion-registry-creds.yaml index 72503ebd..abba4e09 100644 --- a/flux/cluster/base/flux-system/xirion-registry-creds.yaml +++ b/flux/cluster/base/flux-system/xirion-registry-creds.yaml @@ -1,4 +1,4 @@ -apiVersion: external-secrets.io/v1alpha1 +apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret metadata: name: xirion-registry-creds diff --git a/flux/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml b/flux/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml index 929866ed..c621731f 100644 --- a/flux/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml +++ b/flux/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml @@ -1,4 +1,4 @@ -apiVersion: external-secrets.io/v1alpha1 +apiVersion: external-secrets.io/v1beta1 kind: ClusterSecretStore metadata: name: vault -- 2.47.1 From 8a0145f5f1b81fbf4b9da821376d42dd9ffb8db3 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 18 May 2022 11:43:11 +0200 Subject: [PATCH 0169/1882] authentik: add chart --- .../base/flux-system/charts/helm/authentik-charts.yaml | 10 ++++++++++ .../base/flux-system/charts/helm/kustomization.yaml | 2 +- 2 files changed, 11 insertions(+), 1 deletion(-) create mode 100644 flux/cluster/base/flux-system/charts/helm/authentik-charts.yaml diff --git a/flux/cluster/base/flux-system/charts/helm/authentik-charts.yaml b/flux/cluster/base/flux-system/charts/helm/authentik-charts.yaml new file mode 100644 index 00000000..6366bd70 --- /dev/null +++ b/flux/cluster/base/flux-system/charts/helm/authentik-charts.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1beta1 +kind: HelmRepository +metadata: + name: authentik-charts + namespace: flux-system +spec: + interval: 15m + url: https://charts.goauthentik.io/ + timeout: 3m diff --git a/flux/cluster/base/flux-system/charts/helm/kustomization.yaml b/flux/cluster/base/flux-system/charts/helm/kustomization.yaml index cc37fadd..bf552457 100644 --- a/flux/cluster/base/flux-system/charts/helm/kustomization.yaml +++ b/flux/cluster/base/flux-system/charts/helm/kustomization.yaml @@ -4,4 +4,4 @@ resources: - metallb-charts.yaml - traefik-charts.yaml - external-secrets-charts.yaml - + - authentik-charts.yaml -- 2.47.1 From e07f7bf6ab8af9276c927c684b19eed31ff357c5 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 18 May 2022 12:05:23 +0200 Subject: [PATCH 0170/1882] authentik: deploy --- .../apps/authentik/external-secret.yaml | 17 +++++++ flux/cluster/apps/authentik/helm-release.yaml | 44 +++++++++++++++++++ .../cluster/apps/authentik/kustomization.yaml | 3 ++ nixos/hosts/nginx/configuration.nix | 1 + 4 files changed, 65 insertions(+) create mode 100644 flux/cluster/apps/authentik/external-secret.yaml create mode 100644 flux/cluster/apps/authentik/helm-release.yaml diff --git a/flux/cluster/apps/authentik/external-secret.yaml b/flux/cluster/apps/authentik/external-secret.yaml new file mode 100644 index 00000000..e7a2abfa --- /dev/null +++ b/flux/cluster/apps/authentik/external-secret.yaml @@ -0,0 +1,17 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: authentik + namespace: authentik +spec: + refreshInterval: "5m" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: authentik + data: + - secretKey: secret_key + remoteRef: + key: authentik/authentik + property: secret_key diff --git a/flux/cluster/apps/authentik/helm-release.yaml b/flux/cluster/apps/authentik/helm-release.yaml new file mode 100644 index 00000000..670dc616 --- /dev/null +++ b/flux/cluster/apps/authentik/helm-release.yaml @@ -0,0 +1,44 @@ +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: authentik + namespace: identity-system +spec: + interval: 1m0s + chart: + spec: + # renovate: registryUrl=https://charts.goauthentik.io + chart: authentik + version: 2022.4.3 + sourceRef: + kind: HelmRepository + name: authentik-charts + namespace: flux-system + interval: 5m + valuesFrom: + - kind: Secret + name: authentik + valuesKey: secret_key + targetPath: authentik.secret_key + optional: false + values: + authentik: + error_reporting: + enabled: true + postgresql: + host: "database.olympus" + name: "authentik" + user: "authentik" + redis: + enabled: true + architecture: standalone + auth: + enabled: false + ingress: + enabled: true + ingressClassName: "traefik" + hosts: + - host: id.0x76.dev + paths: + - path: "/" + pathType: Prefix diff --git a/flux/cluster/apps/authentik/kustomization.yaml b/flux/cluster/apps/authentik/kustomization.yaml index 4ea1bcca..9a89122f 100644 --- a/flux/cluster/apps/authentik/kustomization.yaml +++ b/flux/cluster/apps/authentik/kustomization.yaml @@ -1,2 +1,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +resources: + - external-secret.yaml + - helm-release.yaml diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index 7425c01c..fc57621e 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -45,6 +45,7 @@ in # Kubernetes endpoints virtualHosts."0x76.dev" = k8s_proxy; + virtualHosts."id.0x76.dev" = k8s_proxy; virtualHosts."zookeeper.0x76.dev" = k8s_proxy; virtualHosts."wooloofan.club" = k8s_proxy; virtualHosts."whoami.wooloofan.club" = k8s_proxy; -- 2.47.1 From 577e4a990f1fcb4e6bac5cc1f051a98836280233 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 18 May 2022 12:07:24 +0200 Subject: [PATCH 0171/1882] authentik: fix namespace --- flux/cluster/apps/authentik/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/authentik/helm-release.yaml b/flux/cluster/apps/authentik/helm-release.yaml index 670dc616..7523b567 100644 --- a/flux/cluster/apps/authentik/helm-release.yaml +++ b/flux/cluster/apps/authentik/helm-release.yaml @@ -2,7 +2,7 @@ apiVersion: helm.toolkit.fluxcd.io/v2beta1 kind: HelmRelease metadata: name: authentik - namespace: identity-system + namespace: authentik spec: interval: 1m0s chart: -- 2.47.1 From 37ec955d043d7bead63aacb4a666af8931c11572 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 18 May 2022 12:31:37 +0200 Subject: [PATCH 0172/1882] update traefik config --- flux/cluster/apps/networking/traefik/helm-release.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/flux/cluster/apps/networking/traefik/helm-release.yaml b/flux/cluster/apps/networking/traefik/helm-release.yaml index 5f785e18..3ad11444 100644 --- a/flux/cluster/apps/networking/traefik/helm-release.yaml +++ b/flux/cluster/apps/networking/traefik/helm-release.yaml @@ -36,11 +36,12 @@ spec: enabled: true isDefaultClass: true fallbackApiVersion: v1 - globalArguments: - - "--providers.kubernetesingress.ingressclass=traefik" - - "--entryPoints.websecure.forwardedHeaders.trustedIPs=10.42.42.0/23" + globalArguments: [] additionalArguments: + - "--providers.kubernetesingress.ingressclass=traefik" - "--providers.kubernetesingress.ingressendpoint.ip=10.42.42.150" + - "--entryPoints.web.forwardedHeaders.insecure=true" + - "--entryPoints.websecure.forwardedHeaders.insecure=true" ports: traefik: port: 9000 -- 2.47.1 From b22999d78af9cfce47f4b6f3abddf0e863e4e335 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 18 May 2022 15:56:40 +0200 Subject: [PATCH 0173/1882] hedgedoc: add authentik --- nixos/hosts/hedgedoc/configuration.nix | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/nixos/hosts/hedgedoc/configuration.nix b/nixos/hosts/hedgedoc/configuration.nix index 903749b0..c3d04291 100644 --- a/nixos/hosts/hedgedoc/configuration.nix +++ b/nixos/hosts/hedgedoc/configuration.nix @@ -77,10 +77,20 @@ in accessKey = "$MINIO_ACCESS_KEY"; secretKey = "$MINIO_SECRET_KEY"; }; - # github = { - # clientID = "$GITHUB_CLIENTID"; - # clientSecret = "$GITHUB_CLIENTSECRET"; - # }; + email = true; + oauth2 = let url = "https://id.0x76.dev"; in + { + providerName = "authentik"; + clientID = "$AUTHENTIK_CLIENTID"; + clientSecret = "$AUTHENTIK_CLIENTSECRET"; + scope = "openid email profile"; + userProfileURL = "${url}/application/o/userinfo/"; + tokenURL = "${url}/application/o/token/"; + authorizationURL = "${url}/application/o/authorize/"; + userProfileUsernameAttr = "preferred_username"; + userProfileDisplayNameAttr = "name"; + userProfileEmailAttr = "email"; + }; }; }; } -- 2.47.1 From e857d0d7490f314c03004ffd5e68d22c17194174 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 18 May 2022 16:14:37 +0200 Subject: [PATCH 0174/1882] flux: prepare for renovate --- flux/cluster/apps/gitops/kustomization.yaml | 4 ++++ .../apps/gitops/renovate/external-secret.yaml | 17 +++++++++++++++++ .../apps/gitops/renovate/kustomization.yaml | 4 ++++ flux/cluster/apps/kustomization.yaml | 3 ++- flux/cluster/core/namespaces/gitops.yaml | 5 +++++ flux/cluster/core/namespaces/kustomization.yaml | 1 + 6 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 flux/cluster/apps/gitops/kustomization.yaml create mode 100644 flux/cluster/apps/gitops/renovate/external-secret.yaml create mode 100644 flux/cluster/apps/gitops/renovate/kustomization.yaml create mode 100644 flux/cluster/core/namespaces/gitops.yaml diff --git a/flux/cluster/apps/gitops/kustomization.yaml b/flux/cluster/apps/gitops/kustomization.yaml new file mode 100644 index 00000000..4ddab702 --- /dev/null +++ b/flux/cluster/apps/gitops/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - renovate diff --git a/flux/cluster/apps/gitops/renovate/external-secret.yaml b/flux/cluster/apps/gitops/renovate/external-secret.yaml new file mode 100644 index 00000000..fbf70f26 --- /dev/null +++ b/flux/cluster/apps/gitops/renovate/external-secret.yaml @@ -0,0 +1,17 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: authentik + namespace: gitops +spec: + refreshInterval: "5m" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: authentik + data: + - secretKey: RENOVATE_TOKEN + remoteRef: + key: gitops/renovate + property: gitea_token diff --git a/flux/cluster/apps/gitops/renovate/kustomization.yaml b/flux/cluster/apps/gitops/renovate/kustomization.yaml new file mode 100644 index 00000000..020b7516 --- /dev/null +++ b/flux/cluster/apps/gitops/renovate/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - external-secret.yaml diff --git a/flux/cluster/apps/kustomization.yaml b/flux/cluster/apps/kustomization.yaml index 190001b1..3f6840a0 100644 --- a/flux/cluster/apps/kustomization.yaml +++ b/flux/cluster/apps/kustomization.yaml @@ -3,4 +3,5 @@ kind: Kustomization resources: - networking - presidential-paradise - - authentik \ No newline at end of file + - authentik + - gitops diff --git a/flux/cluster/core/namespaces/gitops.yaml b/flux/cluster/core/namespaces/gitops.yaml new file mode 100644 index 00000000..4ac5db77 --- /dev/null +++ b/flux/cluster/core/namespaces/gitops.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: gitops diff --git a/flux/cluster/core/namespaces/kustomization.yaml b/flux/cluster/core/namespaces/kustomization.yaml index 753e131b..fcca7cfa 100644 --- a/flux/cluster/core/namespaces/kustomization.yaml +++ b/flux/cluster/core/namespaces/kustomization.yaml @@ -5,4 +5,5 @@ resources: - networking.yaml - external-secrets.yaml - authentik.yaml + - gitops.yaml -- 2.47.1 From 4d747c26c0457f8aafb4bc9774b523030f852033 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 18 May 2022 17:22:45 +0200 Subject: [PATCH 0175/1882] renovate: v/infrastructure (?) --- .../apps/gitops/renovate/external-secret.yaml | 2 +- .../apps/gitops/renovate/kustomization.yaml | 1 + .../renovate/renovate-infrastructure.yaml | 62 +++++++++++++++++++ 3 files changed, 64 insertions(+), 1 deletion(-) create mode 100644 flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml diff --git a/flux/cluster/apps/gitops/renovate/external-secret.yaml b/flux/cluster/apps/gitops/renovate/external-secret.yaml index fbf70f26..ae63c3f0 100644 --- a/flux/cluster/apps/gitops/renovate/external-secret.yaml +++ b/flux/cluster/apps/gitops/renovate/external-secret.yaml @@ -1,7 +1,7 @@ apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret metadata: - name: authentik + name: renovate namespace: gitops spec: refreshInterval: "5m" diff --git a/flux/cluster/apps/gitops/renovate/kustomization.yaml b/flux/cluster/apps/gitops/renovate/kustomization.yaml index 020b7516..215e80bc 100644 --- a/flux/cluster/apps/gitops/renovate/kustomization.yaml +++ b/flux/cluster/apps/gitops/renovate/kustomization.yaml @@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - external-secret.yaml + - renovate-infrastructure.yaml diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml new file mode 100644 index 00000000..bfd14f89 --- /dev/null +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -0,0 +1,62 @@ +--- +apiVersion: batch/v1 +kind: CronJob +metadata: + name: renovate-infrastructure + namespace: gitops +spec: + schedule: '@hourly' + concurrencyPolicy: Forbid + jobTemplate: + spec: + template: + spec: + volumes: + - name: config-volume + configMap: + name: renovate-config + - name: work-volume + emptyDir: {} + containers: + - name: renovate + image: renovate/renovate:32.61 + volumeMounts: + - name: config-volume + mountPath: /opt/renovate/ + - name: work-volume + mountPath: /tmp/renovate/ + env: + - name: LOG_LEVEL + value: debug + - name: RENOVATE_ENDPOINT + value: 'https://git.0x76.dev/api/v1/' + - name: RENOVATE_PLATFORM + value: gitea + - name: RENOVATE_AUTODISCOVER + value: 'false' + - name: RENOVATE_GIT_AUTHOR + value: 'Renovate Bot ' + - name: RENOVATE_CONFIG_FILE + value: '/opt/renovate/config.json' + - name: RENOVATE_BASE_DIR + value: '/tmp/renovate' + envFrom: + - secretRef: + name: renovate + restartPolicy: Never +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: renovate-config +data: + config.json: |- + { + "repositories": ["v/infrastructure"], + "flux": { + "fileMatch": ["flux/.+\\.yaml$"] + }, + "kubernetes": { + "fileMatch": ["flux/.+\\.yaml$"] + } + } -- 2.47.1 From 14f6183ca3aec77248c2bc2d5b94450c32e2af73 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 18 May 2022 17:24:53 +0200 Subject: [PATCH 0176/1882] renovate: v/infrastructure (?2) --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index bfd14f89..7bf6f44c 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -49,6 +49,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: renovate-config + namespace: gitops data: config.json: |- { -- 2.47.1 From 3b0345c93a290cd8637400f87edcf4acb1ac3253 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 18 May 2022 17:35:44 +0200 Subject: [PATCH 0177/1882] renovate: v/infrastructure (?3) --- flux/cluster/apps/gitops/renovate/external-secret.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/external-secret.yaml b/flux/cluster/apps/gitops/renovate/external-secret.yaml index ae63c3f0..2b15c740 100644 --- a/flux/cluster/apps/gitops/renovate/external-secret.yaml +++ b/flux/cluster/apps/gitops/renovate/external-secret.yaml @@ -9,7 +9,7 @@ spec: name: vault kind: ClusterSecretStore target: - name: authentik + name: renovate data: - secretKey: RENOVATE_TOKEN remoteRef: -- 2.47.1 From 1e6ca00284daaf3d25436612a61022dc81afbc11 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 18 May 2022 15:37:42 +0000 Subject: [PATCH 0178/1882] chore(deps): add renovate.json --- renovate.json | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 renovate.json diff --git a/renovate.json b/renovate.json new file mode 100644 index 00000000..7190a60b --- /dev/null +++ b/renovate.json @@ -0,0 +1,3 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json" +} -- 2.47.1 From 9056bb28cfb94b21d4827cbc02b078fecb14aa6a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 18 May 2022 15:44:23 +0000 Subject: [PATCH 0179/1882] chore(deps): update terraform vault to v3 --- terraform/.terraform.lock.hcl | 27 +++++++++++++-------------- terraform/versions.tf | 2 +- 2 files changed, 14 insertions(+), 15 deletions(-) diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl index 0db9d8c4..89eebf60 100644 --- a/terraform/.terraform.lock.hcl +++ b/terraform/.terraform.lock.hcl @@ -2,21 +2,20 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/vault" { - version = "2.24.1" - constraints = "2.24.1" + version = "3.5.0" + constraints = "3.5.0" hashes = [ - "h1:MUzJ+jOOPBoyGNWGjESE+t2rIjTobw08Y73jgU+d+EU=", - "zh:1968be03bbc83c9f512a60f0a018cb0cf4c9a4a0f9e606f9a7436ae06108200f", - "zh:23ef25b530dcf2f60692e261d2a56c112138d79a739f2c720bee818cf040a20f", - "zh:2b80879cf8110254eeeb55b36ce542e9cdaefc047d450368ff0ca631b29d41d6", - "zh:3d803047407a4e7ccb51cd88b38648e50517e70b97842ae1262b5c5a92eb8ede", - "zh:7edfd0323a839903e7fc5f45acce8dd61c43b356c09016e1bd43d6880bd82be6", - "zh:7efa2c6d1d0bac9478adb27fc68035ca9dc2107dae55d921a760a8ad237eb691", - "zh:a1f9d34e2ac8b3a3d177faef4f11690068919ef7d73256def6685cfd9282f83d", - "zh:a6c34746e0085ae49e3845fc58597d2d5778fcb2136fedb413b3e30ba77dd2bd", - "zh:a73eb4bc061b5babd7ea4d5f3f85f4b4c6d379982098411a29a7d7459fc37ab2", - "zh:aadecf464ead4ae30821495d8181e842c18a2537c018245509a96532eeaf7678", - "zh:e3ae8c48804065fa4f85095002f945adbd5cd3966c0b1afced7d839007586105", + "h1:4ZThRNvvX5jAwqwIxAKP2rQuB+HppJ60TRvkSVGg7QY=", + "h1:Nm2MVqiWTwGljC4Rd+0BSOSfn05v0eq7bs5DGaTnvsI=", + "h1:Ozo11iz11na+n9NggGcBCiwPa70058PeqOwTlrUm4dY=", + "h1:UifkraQ6hcl+KR3IEcU6QhMxy9eGe+LQq8zAH2V1xtU=", + "h1:VClLhV319qXswTvVWzQsoJYriON63WFnbPRVLkdEX24=", + "h1:Yqv4nraqqab//lMOjNVQ6PbOmbUBzZU83IronbsQUt4=", + "h1:gEAs6Q4jfp9+8DQBZIxlbP7rXAFTE60xlZJYGnY2gw8=", + "h1:h46FfSpD5E/Vta9/7eo50p+m2EU8UVxbFrBwRzzRb5w=", + "h1:mSfotoHz+H4nsuVm24bqZTcCanG7sHF0MHDNtnO0948=", + "h1:pkcIwDnoKHVKjFnnd6McjeoR1vWFWsOIBI8frXJ65xY=", + "h1:wqDl2+PKBaMvMh/H+WtYf8qkOYgC9XFHId//T3VV+YA=", ] } diff --git a/terraform/versions.tf b/terraform/versions.tf index 2ed92893..989ad808 100644 --- a/terraform/versions.tf +++ b/terraform/versions.tf @@ -6,7 +6,7 @@ terraform { } vault = { source = "hashicorp/vault" - version = "2.24.1" + version = "3.5.0" } } } -- 2.47.1 From 798b3609f6179e159e914851ee75676d7694ef21 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 18 May 2022 15:44:08 +0000 Subject: [PATCH 0180/1882] chore(deps): update terraform proxmox to v2.9.10 --- terraform/.terraform.lock.hcl | 32 ++++++++++++++++---------------- terraform/versions.tf | 2 +- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl index 89eebf60..141d17e5 100644 --- a/terraform/.terraform.lock.hcl +++ b/terraform/.terraform.lock.hcl @@ -20,22 +20,22 @@ provider "registry.terraform.io/hashicorp/vault" { } provider "registry.terraform.io/telmate/proxmox" { - version = "2.9.3" - constraints = "2.9.3" + version = "2.9.10" + constraints = "2.9.10" hashes = [ - "h1:ncggek/h3O6fvTrni58gn4gwMsTuaXY6OZ5doRrHn/o=", - "zh:0f29f4b20eed363f1564a091cfce4eec3c5d758357efeb703aadb2237617d660", - "zh:10f6e846ebe59625ac9bc3d1fcecda901fe6a31187bb3738c0f17409f5cffd7d", - "zh:2780eeba2c6f67f1e4992a7d9e24bf41f5bf68afb7472679b9a38682aeceaa8d", - "zh:36446bcabd54b0f476963a41c3dbac9135c48185616707124c0756082aca156c", - "zh:6068f51bb11bbccd24b08ab09d9df345b4fb7b33e4295e6c7566bbd759b51175", - "zh:8907f5807531aa7a915527da2e91c5681c6db7e5a30baa5a83fc014c452da3c7", - "zh:915c4dcf76b8cd04420a0e5d72c18c853b8000fa05a54b32fa3e803a75c267b6", - "zh:9cb1807d9c7602354ab97128d8c22abc6cffd9501fdc70bb6a21a3815f0df6f1", - "zh:aa3d12f5e43f52bc0837b51acf754e9ea8a9c04681644662d82a2883f3a25bdd", - "zh:ae811aa63aa8e6f53b728f97d4d5ead9819a6ddf44cf1c0d5cb20144099db1d5", - "zh:ba0a05aa3d5f06a22366fe022035345b088e50e9a9ca6771439cd68fd548c49d", - "zh:ca663c4bfffced0086295e88fa722a501b82f62f8a81a4ac264647042736d6cf", - "zh:d59846038ef81edb9fbbfa69127db907aa534a8e3c8cba69333d554de8661185", + "h1:/5Yci1cg4jZL2aya/cG8evNOgHwonYuuC6p1O07FhTc=", + "h1:/A5aHl/Ip3RkJ7abHIP33Hcf4kF2to3cA9PAp1f92Pk=", + "h1:/yUt/okb+f5dPxfaOUdvGikZhphX85kqGxzhPWHKQu0=", + "h1:87Zg9ZYrIh4Ed5KdsUPhGrXfeLQSZgU3OolWShQ2GXE=", + "h1:Al8lODr0F0ERJcwDNLTGzy0k8EidSZ5F/SYU9AfwtFU=", + "h1:VGqwHu3t75A4yup/Axvuh0X1mPTgh+TJn0ZGaObdne8=", + "h1:e1ncMGe7uwGibNXnt0h/M1SbIZGRiSHVFLzmrzQulYQ=", + "h1:mKgUaboSiulLR8RAHHr7w/VapyEKyQFzj8G+LjOjaLs=", + "h1:nd095azyjqcSPMfzFereNWKMBrBlnN12IYfOVt3eMR4=", + "h1:qkLV8lRnu69eYjBfaXeBRVCNqZnMdoLnsdxK3zEnacY=", + "h1:skq+tLPQ7FF2olylHwmYYxsj/lIoGrbiNjpOjYBlfQI=", + "h1:uOEAJ+AFin0XMlo0IcdKH5RVvTs1E8FCUPPnTWp+sbs=", + "h1:xZ731FmD4jCWlS2ralf1BX1pu/NKnM8u8zpBeFOhvnk=", + "h1:yPqHOIhTyxt8c1WVWB6Qv2TZfG2R5NCQdnLGKAQZox0=", ] } diff --git a/terraform/versions.tf b/terraform/versions.tf index 989ad808..68370458 100644 --- a/terraform/versions.tf +++ b/terraform/versions.tf @@ -2,7 +2,7 @@ terraform { required_providers { proxmox = { source = "telmate/proxmox" - version = "2.9.3" + version = "2.9.10" } vault = { source = "hashicorp/vault" -- 2.47.1 From f8b976b4939565448140fc52e53768748e840bda Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 18 May 2022 15:44:09 +0000 Subject: [PATCH 0181/1882] chore(deps): update dependency renovate/renovate to v32.62 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 7bf6f44c..8c60e234 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.61 + image: renovate/renovate:32.62 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 06fc2f589884fa1106df9422cc0c02a559b9d85f Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 18 May 2022 19:01:22 +0200 Subject: [PATCH 0182/1882] renovate: add github token --- flux/cluster/apps/gitops/renovate/external-secret.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/flux/cluster/apps/gitops/renovate/external-secret.yaml b/flux/cluster/apps/gitops/renovate/external-secret.yaml index 2b15c740..854c4a80 100644 --- a/flux/cluster/apps/gitops/renovate/external-secret.yaml +++ b/flux/cluster/apps/gitops/renovate/external-secret.yaml @@ -15,3 +15,7 @@ spec: remoteRef: key: gitops/renovate property: gitea_token + - secretKey: GITHUB_COM_TOKEN + remoteRef: + key: gitops/renovate + property: github_token -- 2.47.1 From 1e8ca32a60b867b90528c8e29af4925d1a410d07 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 18 May 2022 19:25:49 +0200 Subject: [PATCH 0183/1882] renovate: add helm-values --- .../cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 8c60e234..8b01a373 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -53,10 +53,14 @@ metadata: data: config.json: |- { + "extends": ["github>whitesource/merge-confidence:beta"], "repositories": ["v/infrastructure"], "flux": { "fileMatch": ["flux/.+\\.yaml$"] }, + "helm-values": { + "fileMatch": ["flux/.+\\.yaml$"] + } "kubernetes": { "fileMatch": ["flux/.+\\.yaml$"] } -- 2.47.1 From 4c31a52631f75ebf0369d7b7adf8e608f214aaef Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 18 May 2022 19:49:38 +0200 Subject: [PATCH 0184/1882] update renovatge bot commiter --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 8b01a373..104d192e 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -35,7 +35,7 @@ spec: - name: RENOVATE_AUTODISCOVER value: 'false' - name: RENOVATE_GIT_AUTHOR - value: 'Renovate Bot ' + value: 'Renovate Bot ' - name: RENOVATE_CONFIG_FILE value: '/opt/renovate/config.json' - name: RENOVATE_BASE_DIR -- 2.47.1 From 6841f05d36debdd7cb6ad5a99329a5a1bdae537e Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 18 May 2022 20:19:25 +0200 Subject: [PATCH 0185/1882] renovate: removed unexpected '\' on line 10 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 104d192e..b46b2325 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -60,7 +60,7 @@ data: }, "helm-values": { "fileMatch": ["flux/.+\\.yaml$"] - } + }, "kubernetes": { "fileMatch": ["flux/.+\\.yaml$"] } -- 2.47.1 From d6354e76ea30f9bd12a15d89180b9fcefed5c9c9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 18 May 2022 20:00:26 +0000 Subject: [PATCH 0186/1882] chore(deps): update terraform vault to v3.6.0 --- terraform/.terraform.lock.hcl | 26 +++++++++++++------------- terraform/versions.tf | 2 +- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl index 141d17e5..857c1522 100644 --- a/terraform/.terraform.lock.hcl +++ b/terraform/.terraform.lock.hcl @@ -2,20 +2,20 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/vault" { - version = "3.5.0" - constraints = "3.5.0" + version = "3.6.0" + constraints = "3.6.0" hashes = [ - "h1:4ZThRNvvX5jAwqwIxAKP2rQuB+HppJ60TRvkSVGg7QY=", - "h1:Nm2MVqiWTwGljC4Rd+0BSOSfn05v0eq7bs5DGaTnvsI=", - "h1:Ozo11iz11na+n9NggGcBCiwPa70058PeqOwTlrUm4dY=", - "h1:UifkraQ6hcl+KR3IEcU6QhMxy9eGe+LQq8zAH2V1xtU=", - "h1:VClLhV319qXswTvVWzQsoJYriON63WFnbPRVLkdEX24=", - "h1:Yqv4nraqqab//lMOjNVQ6PbOmbUBzZU83IronbsQUt4=", - "h1:gEAs6Q4jfp9+8DQBZIxlbP7rXAFTE60xlZJYGnY2gw8=", - "h1:h46FfSpD5E/Vta9/7eo50p+m2EU8UVxbFrBwRzzRb5w=", - "h1:mSfotoHz+H4nsuVm24bqZTcCanG7sHF0MHDNtnO0948=", - "h1:pkcIwDnoKHVKjFnnd6McjeoR1vWFWsOIBI8frXJ65xY=", - "h1:wqDl2+PKBaMvMh/H+WtYf8qkOYgC9XFHId//T3VV+YA=", + "h1:1qQq34L5UGo8R93fWsSWUIwHGTdouOcBQb832QVf8NA=", + "h1:2yU3L2PPltZrQFSc/4YWnVgUg2gwUmIFPSR/0iqUDEg=", + "h1:HECX5EGlh1HeIG8T7eRPfKYl4iG+bxvRRt6oer2oSKE=", + "h1:Ha+CZaGNGfI+oc+ZMcKhqonnux3AcTGyhVbW5tzAFlI=", + "h1:HovP+62TRZUE6V9yke0oW/7+vDwnCPAwwhgKEzyNWYk=", + "h1:K13Hcl+F08z2bRHvf1/METKNCClJqaIfha9Vjuv8Cqc=", + "h1:bXAbuGy5MStp9n4dqmeueEutLHuuWpYWZBFb6YrPWu8=", + "h1:helsVBMPFBQPoVHTx7jFtwWB8ZbIAcYlD/MQVDJYKDs=", + "h1:jXdg6tLuMdTeq+L3KFyQUqibcyRCofco4jYSoWB1gYE=", + "h1:uqDt1zjV33VA3BhXSlZ0FunmU1VBl+6PUJnPNygqgic=", + "h1:xCVeXsWwTk3JIWW2vEHRD5i3pQh7/fY9iC/LMDBnhgo=", ] } diff --git a/terraform/versions.tf b/terraform/versions.tf index 68370458..4f4ab399 100644 --- a/terraform/versions.tf +++ b/terraform/versions.tf @@ -6,7 +6,7 @@ terraform { } vault = { source = "hashicorp/vault" - version = "3.5.0" + version = "3.6.0" } } } -- 2.47.1 From 6d8889c166864bfec9f0affcb4f8aea32d2814ae Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 19 May 2022 02:00:17 +0000 Subject: [PATCH 0187/1882] chore(deps): update dependency renovate/renovate to v32.63 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index b46b2325..d62ad14f 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.62 + image: renovate/renovate:32.63 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 49552a9327686613aca4ad01c79d0886cc019cfb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 19 May 2022 21:00:17 +0000 Subject: [PATCH 0188/1882] chore(deps): update dependency renovate/renovate to v32.64 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index d62ad14f..71cec2a1 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.63 + image: renovate/renovate:32.64 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 80344a8f44ed8398ddbf41ed851c920e45ce3032 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 20 May 2022 10:51:15 +0200 Subject: [PATCH 0189/1882] renovate: automerge renovate --- flake.lock | 20 +++++++++---------- flake.nix | 2 +- .../renovate/renovate-infrastructure.yaml | 9 ++++++++- 3 files changed, 19 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index c6a75e09..dff07f80 100644 --- a/flake.lock +++ b/flake.lock @@ -198,11 +198,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1652589151, - "narHash": "sha256-urnzpw+gz5SAl70jw1ChZm65oqnX5duE6AHgcv5+Chs=", + "lastModified": 1652836211, + "narHash": "sha256-+RKdIiGZgNCpZuT+Jb33iJ9vxLfS9JKXGVY0RHJQUZ0=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "4fc33b94eed52c063d49d1179acd36c184b62bf4", + "rev": "9a523a917319a85d9dc8314e4972225ac2867a36", "type": "github" }, "original": { @@ -281,16 +281,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1652608635, - "narHash": "sha256-B4BbT+Gl4MHBvtT/tzq6MaH1wjR59FGfLat02pTyWTM=", + "lastModified": 1652966559, + "narHash": "sha256-YW0DT863C8G6nnbzdF988ux3GHe3MCznRU4yjGlEqco=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "e9b1375878a798850457c7c86af2795451b489b1", + "rev": "555ee90387157055779af7f4d2a19ff712609a1f", "type": "github" }, "original": { "owner": "NULLx76", - "ref": "update-hedgedoc-module", + "ref": "0x76", "repo": "nixpkgs", "type": "github" } @@ -388,11 +388,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1651884062, - "narHash": "sha256-gr3BGy0yJL4Qx2NdbzEUAI3+Hi558AAVUAczaz6423w=", + "lastModified": 1652965520, + "narHash": "sha256-vQ3WK7OzxAFNhy6UncQBC9wMr1+Dxd6Awvj/ZNTZuz0=", "owner": "serokell", "repo": "serokell.nix", - "rev": "3d533eb5b37142d6a3a8dea5ea3c159ad6595eb7", + "rev": "5150ea7a11e638329e70319186eb6b3941aba964", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 127b6527..2564a639 100644 --- a/flake.nix +++ b/flake.nix @@ -8,7 +8,7 @@ inputs = { deploy-rs.url = "github:serokell/deploy-rs"; # nixpkgs.url = "github:nixos/nixpkgs/master"; - nixpkgs.url = "github:NULLx76/nixpkgs/update-hedgedoc-module"; + nixpkgs.url = "github:NULLx76/nixpkgs/0x76"; serokell-nix.url = "github:serokell/serokell.nix"; vault-secrets.url = "github:serokell/vault-secrets"; minecraft-servers.url = "github:jyooru/nix-minecraft-servers"; diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 71cec2a1..fe7ba1ef 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -63,5 +63,12 @@ data: }, "kubernetes": { "fileMatch": ["flux/.+\\.yaml$"] - } + }, + "packageRules": [ + "automerge": true, + "automergeType": "branch", + "matchPackageNames": [ + "renovate/renovate" + ] + ] } -- 2.47.1 From b0aa3390827eeb62eca958457cf8aa30176868a6 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 20 May 2022 11:13:11 +0200 Subject: [PATCH 0190/1882] renovate: automerge renovate fix --- .../renovate/renovate-infrastructure.yaml | 34 ++++++++++--------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index fe7ba1ef..b6be9411 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -5,18 +5,18 @@ metadata: name: renovate-infrastructure namespace: gitops spec: - schedule: '@hourly' + schedule: "@hourly" concurrencyPolicy: Forbid jobTemplate: spec: template: spec: volumes: - - name: config-volume - configMap: - name: renovate-config - - name: work-volume - emptyDir: {} + - name: config-volume + configMap: + name: renovate-config + - name: work-volume + emptyDir: {} containers: - name: renovate image: renovate/renovate:32.64 @@ -29,17 +29,17 @@ spec: - name: LOG_LEVEL value: debug - name: RENOVATE_ENDPOINT - value: 'https://git.0x76.dev/api/v1/' + value: "https://git.0x76.dev/api/v1/" - name: RENOVATE_PLATFORM value: gitea - name: RENOVATE_AUTODISCOVER - value: 'false' + value: "false" - name: RENOVATE_GIT_AUTHOR - value: 'Renovate Bot ' + value: "Renovate Bot " - name: RENOVATE_CONFIG_FILE - value: '/opt/renovate/config.json' + value: "/opt/renovate/config.json" - name: RENOVATE_BASE_DIR - value: '/tmp/renovate' + value: "/tmp/renovate" envFrom: - secretRef: name: renovate @@ -65,10 +65,12 @@ data: "fileMatch": ["flux/.+\\.yaml$"] }, "packageRules": [ - "automerge": true, - "automergeType": "branch", - "matchPackageNames": [ - "renovate/renovate" - ] + { + "automerge": true, + "automergeType": "branch", + "matchPackageNames": [ + "renovate/renovate" + ] + } ] } -- 2.47.1 From 9e4ac8ae74f6bebdfefe19cca15debb18e8601e3 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 20 May 2022 11:30:33 +0200 Subject: [PATCH 0191/1882] renovate: add ghcr auth --- .../apps/gitops/renovate/renovate-infrastructure.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index b6be9411..2363fc88 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -64,6 +64,14 @@ data: "kubernetes": { "fileMatch": ["flux/.+\\.yaml$"] }, + hostRules: [ + { + hostType: 'docker', + matchHost: 'ghcr.io', + username: 'NULLx76', + password: process.env.GITHUB_COM_TOKEN + } + ], "packageRules": [ { "automerge": true, -- 2.47.1 From 21c1d51d589f874e806dd204bf0f4144739e20a3 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 20 May 2022 11:33:54 +0200 Subject: [PATCH 0192/1882] renovate: add ghcr auth fix --- .../apps/gitops/renovate/renovate-infrastructure.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 2363fc88..bcd980c8 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -64,12 +64,12 @@ data: "kubernetes": { "fileMatch": ["flux/.+\\.yaml$"] }, - hostRules: [ + "hostRules": [ { - hostType: 'docker', - matchHost: 'ghcr.io', - username: 'NULLx76', - password: process.env.GITHUB_COM_TOKEN + "hostType": "docker", + "matchHost": "ghcr.io", + "username": "NULLx76", + "password": process.env.GITHUB_COM_TOKEN } ], "packageRules": [ -- 2.47.1 From fe5c0246e504517417ebe3ca76cb3df983e1d23e Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 20 May 2022 11:40:28 +0200 Subject: [PATCH 0193/1882] renovate: convert to config.js --- .../apps/gitops/renovate/renovate-infrastructure.yaml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index bcd980c8..a7a3979a 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -37,7 +37,7 @@ spec: - name: RENOVATE_GIT_AUTHOR value: "Renovate Bot " - name: RENOVATE_CONFIG_FILE - value: "/opt/renovate/config.json" + value: "/opt/renovate/config.js" - name: RENOVATE_BASE_DIR value: "/tmp/renovate" envFrom: @@ -51,9 +51,8 @@ metadata: name: renovate-config namespace: gitops data: - config.json: |- - { - "extends": ["github>whitesource/merge-confidence:beta"], + config.js: |- + module.exports = { "repositories": ["v/infrastructure"], "flux": { "fileMatch": ["flux/.+\\.yaml$"] @@ -81,4 +80,4 @@ data: ] } ] - } + }; -- 2.47.1 From c6f0b742de1d2d5e53d3d3341379b4584ebdc9c8 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 22 May 2022 20:23:26 +0200 Subject: [PATCH 0194/1882] flux: added goldilocks + vpa --- flux/cluster/apps/kustomization.yaml | 1 + .../monitoring/goldilocks/helm-release.yaml | 22 +++++++++++++++++ .../monitoring/goldilocks/kustomization.yaml | 4 ++++ .../apps/monitoring/kustomization.yaml | 5 ++++ .../apps/monitoring/vpa/helm-release.yaml | 24 +++++++++++++++++++ .../apps/monitoring/vpa/kustomization.yaml | 4 ++++ .../charts/helm/fairwinds-charts.yaml | 9 +++++++ .../charts/helm/kustomization.yaml | 1 + flux/cluster/core/namespaces/monitoring.yaml | 5 ++++ 9 files changed, 75 insertions(+) create mode 100644 flux/cluster/apps/monitoring/goldilocks/helm-release.yaml create mode 100644 flux/cluster/apps/monitoring/goldilocks/kustomization.yaml create mode 100644 flux/cluster/apps/monitoring/kustomization.yaml create mode 100644 flux/cluster/apps/monitoring/vpa/helm-release.yaml create mode 100644 flux/cluster/apps/monitoring/vpa/kustomization.yaml create mode 100644 flux/cluster/base/flux-system/charts/helm/fairwinds-charts.yaml create mode 100644 flux/cluster/core/namespaces/monitoring.yaml diff --git a/flux/cluster/apps/kustomization.yaml b/flux/cluster/apps/kustomization.yaml index 3f6840a0..a6b3f3f8 100644 --- a/flux/cluster/apps/kustomization.yaml +++ b/flux/cluster/apps/kustomization.yaml @@ -5,3 +5,4 @@ resources: - presidential-paradise - authentik - gitops + - monitoring diff --git a/flux/cluster/apps/monitoring/goldilocks/helm-release.yaml b/flux/cluster/apps/monitoring/goldilocks/helm-release.yaml new file mode 100644 index 00000000..f1f94ff6 --- /dev/null +++ b/flux/cluster/apps/monitoring/goldilocks/helm-release.yaml @@ -0,0 +1,22 @@ +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: goldilocks + namespace: monitoring +spec: + interval: 5m + chart: + spec: + chart: goldilocks + version: 6.1.2 + sourceRef: + kind: HelmRepository + name: fairwinds-charts + namespace: flux-system + interval: 5m + timeout: 20m + values: + dashboard: + replicaCount: 1 + ingress: + enabled: false diff --git a/flux/cluster/apps/monitoring/goldilocks/kustomization.yaml b/flux/cluster/apps/monitoring/goldilocks/kustomization.yaml new file mode 100644 index 00000000..34a8531c --- /dev/null +++ b/flux/cluster/apps/monitoring/goldilocks/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - helm-release.yaml diff --git a/flux/cluster/apps/monitoring/kustomization.yaml b/flux/cluster/apps/monitoring/kustomization.yaml new file mode 100644 index 00000000..c5206e7f --- /dev/null +++ b/flux/cluster/apps/monitoring/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - vpa + - goldilocks diff --git a/flux/cluster/apps/monitoring/vpa/helm-release.yaml b/flux/cluster/apps/monitoring/vpa/helm-release.yaml new file mode 100644 index 00000000..79a0614a --- /dev/null +++ b/flux/cluster/apps/monitoring/vpa/helm-release.yaml @@ -0,0 +1,24 @@ +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: vpa + namespace: monitoring +spec: + interval: 5m + chart: + spec: + chart: vpa + version: 1.3.0 + sourceRef: + kind: HelmRepository + name: fairwinds-charts + namespace: flux-system + interval: 5m + timeout: 20m + values: + recommender: + enabled: true + updater: + enabled: false + admissionController: + enabled: false diff --git a/flux/cluster/apps/monitoring/vpa/kustomization.yaml b/flux/cluster/apps/monitoring/vpa/kustomization.yaml new file mode 100644 index 00000000..34a8531c --- /dev/null +++ b/flux/cluster/apps/monitoring/vpa/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - helm-release.yaml diff --git a/flux/cluster/base/flux-system/charts/helm/fairwinds-charts.yaml b/flux/cluster/base/flux-system/charts/helm/fairwinds-charts.yaml new file mode 100644 index 00000000..a74526cd --- /dev/null +++ b/flux/cluster/base/flux-system/charts/helm/fairwinds-charts.yaml @@ -0,0 +1,9 @@ +apiVersion: source.toolkit.fluxcd.io/v1beta1 +kind: HelmRepository +metadata: + name: fairwinds-charts + namespace: flux-system +spec: + interval: 15m + url: https://charts.fairwinds.com/stable + timeout: 3m diff --git a/flux/cluster/base/flux-system/charts/helm/kustomization.yaml b/flux/cluster/base/flux-system/charts/helm/kustomization.yaml index bf552457..5390daca 100644 --- a/flux/cluster/base/flux-system/charts/helm/kustomization.yaml +++ b/flux/cluster/base/flux-system/charts/helm/kustomization.yaml @@ -5,3 +5,4 @@ resources: - traefik-charts.yaml - external-secrets-charts.yaml - authentik-charts.yaml + - fairwinds-charts.yaml diff --git a/flux/cluster/core/namespaces/monitoring.yaml b/flux/cluster/core/namespaces/monitoring.yaml new file mode 100644 index 00000000..ff7ae1b9 --- /dev/null +++ b/flux/cluster/core/namespaces/monitoring.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: monitoring -- 2.47.1 From 6766abda09e6f9998417fccf36211f740d1b1fed Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 22 May 2022 20:30:59 +0200 Subject: [PATCH 0195/1882] flux: fix namespace --- flake.lock | 12 ++++++------ flux/cluster/core/namespaces/kustomization.yaml | 1 + hosts.nix | 1 + 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index dff07f80..64450408 100644 --- a/flake.lock +++ b/flake.lock @@ -281,11 +281,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1652966559, - "narHash": "sha256-YW0DT863C8G6nnbzdF988ux3GHe3MCznRU4yjGlEqco=", + "lastModified": 1653052942, + "narHash": "sha256-Dt0jodCSLHVqE7yVxIoX1q4jA5uAWbVJHnaDa8HkJ4A=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "555ee90387157055779af7f4d2a19ff712609a1f", + "rev": "3c55de3b23f016898219cf6b02dd5ef365898023", "type": "github" }, "original": { @@ -388,11 +388,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1652965520, - "narHash": "sha256-vQ3WK7OzxAFNhy6UncQBC9wMr1+Dxd6Awvj/ZNTZuz0=", + "lastModified": 1652967482, + "narHash": "sha256-wFiXqPQzx9B3p2z1SqfL6zURUfLIKgKSUCIDr6OdKUE=", "owner": "serokell", "repo": "serokell.nix", - "rev": "5150ea7a11e638329e70319186eb6b3941aba964", + "rev": "d90dc16c0a90288a0615e17f8ec4c6544fc8cc7a", "type": "github" }, "original": { diff --git a/flux/cluster/core/namespaces/kustomization.yaml b/flux/cluster/core/namespaces/kustomization.yaml index fcca7cfa..d75f8fc1 100644 --- a/flux/cluster/core/namespaces/kustomization.yaml +++ b/flux/cluster/core/namespaces/kustomization.yaml @@ -6,4 +6,5 @@ resources: - external-secrets.yaml - authentik.yaml - gitops.yaml + - monitoring.yaml diff --git a/hosts.nix b/hosts.nix index 10591315..6747fc68 100644 --- a/hosts.nix +++ b/hosts.nix @@ -86,6 +86,7 @@ hostname = "plausible"; ip = "10.42.42.18"; mac = "82:34:70:FA:44:6F"; + nix = false; } { hostname = "victoriametrics"; -- 2.47.1 From 7506af63460c1af49201bc983e1a5cfdf1d116aa Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 22 May 2022 20:40:09 +0200 Subject: [PATCH 0196/1882] flux: add goldilocks labels --- flux/cluster/core/namespaces/authentik.yaml | 2 ++ flux/cluster/core/namespaces/kustomization.yaml | 1 - flux/cluster/core/namespaces/presidential-paradise.yaml | 3 ++- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/flux/cluster/core/namespaces/authentik.yaml b/flux/cluster/core/namespaces/authentik.yaml index ae71e15e..511463c3 100644 --- a/flux/cluster/core/namespaces/authentik.yaml +++ b/flux/cluster/core/namespaces/authentik.yaml @@ -3,3 +3,5 @@ apiVersion: v1 kind: Namespace metadata: name: authentik + labels: + goldilocks.fairwinds.com/enabled: "true" diff --git a/flux/cluster/core/namespaces/kustomization.yaml b/flux/cluster/core/namespaces/kustomization.yaml index d75f8fc1..5bdccac2 100644 --- a/flux/cluster/core/namespaces/kustomization.yaml +++ b/flux/cluster/core/namespaces/kustomization.yaml @@ -7,4 +7,3 @@ resources: - authentik.yaml - gitops.yaml - monitoring.yaml - diff --git a/flux/cluster/core/namespaces/presidential-paradise.yaml b/flux/cluster/core/namespaces/presidential-paradise.yaml index a1fcc809..caafab0d 100644 --- a/flux/cluster/core/namespaces/presidential-paradise.yaml +++ b/flux/cluster/core/namespaces/presidential-paradise.yaml @@ -3,4 +3,5 @@ apiVersion: v1 kind: Namespace metadata: name: presidential-paradise - + labels: + goldilocks.fairwinds.com/enabled: "true" -- 2.47.1 From 591890a1bce36a7f80340075bf0f4b2e3276cb06 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 22 May 2022 19:00:20 +0000 Subject: [PATCH 0197/1882] chore(deps): update helm release vpa to v1.3.2 --- flux/cluster/apps/monitoring/vpa/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/monitoring/vpa/helm-release.yaml b/flux/cluster/apps/monitoring/vpa/helm-release.yaml index 79a0614a..b62b8fc0 100644 --- a/flux/cluster/apps/monitoring/vpa/helm-release.yaml +++ b/flux/cluster/apps/monitoring/vpa/helm-release.yaml @@ -8,7 +8,7 @@ spec: chart: spec: chart: vpa - version: 1.3.0 + version: 1.3.2 sourceRef: kind: HelmRepository name: fairwinds-charts -- 2.47.1 From 4561ce2f3214fbf3abaf23b066cc087ea49a1e29 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 22 May 2022 21:51:05 +0200 Subject: [PATCH 0198/1882] add polaris --- .../apps/monitoring/kustomization.yaml | 1 + .../apps/monitoring/polaris/helm-release.yaml | 21 +++++++++++++++++++ .../monitoring/polaris/kustomization.yaml | 4 ++++ nixos/hosts/bastion/configuration.nix | 1 + 4 files changed, 27 insertions(+) create mode 100644 flux/cluster/apps/monitoring/polaris/helm-release.yaml create mode 100644 flux/cluster/apps/monitoring/polaris/kustomization.yaml diff --git a/flux/cluster/apps/monitoring/kustomization.yaml b/flux/cluster/apps/monitoring/kustomization.yaml index c5206e7f..98bb16bb 100644 --- a/flux/cluster/apps/monitoring/kustomization.yaml +++ b/flux/cluster/apps/monitoring/kustomization.yaml @@ -3,3 +3,4 @@ kind: Kustomization resources: - vpa - goldilocks + - polaris diff --git a/flux/cluster/apps/monitoring/polaris/helm-release.yaml b/flux/cluster/apps/monitoring/polaris/helm-release.yaml new file mode 100644 index 00000000..3bc2b497 --- /dev/null +++ b/flux/cluster/apps/monitoring/polaris/helm-release.yaml @@ -0,0 +1,21 @@ +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: polaris + namespace: monitoring +spec: + interval: 5m + chart: + spec: + chart: polaris + version: 5.1.0 + sourceRef: + kind: HelmRepository + name: fairwinds-charts + namespace: flux-system + interval: 5m + timeout: 20m + values: + dashboard: + replicas: 1 + enable: true diff --git a/flux/cluster/apps/monitoring/polaris/kustomization.yaml b/flux/cluster/apps/monitoring/polaris/kustomization.yaml new file mode 100644 index 00000000..34a8531c --- /dev/null +++ b/flux/cluster/apps/monitoring/polaris/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - helm-release.yaml diff --git a/nixos/hosts/bastion/configuration.nix b/nixos/hosts/bastion/configuration.nix index ee7cb342..0042a4cd 100644 --- a/nixos/hosts/bastion/configuration.nix +++ b/nixos/hosts/bastion/configuration.nix @@ -37,6 +37,7 @@ in { # Additional packages environment.systemPackages = with pkgs; [ binutils + checkov fix-vscode fluxcd k9s -- 2.47.1 From fefc44c089ace433dcf687e8c18eced667062201 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 23 May 2022 12:28:09 +0200 Subject: [PATCH 0199/1882] update authentik --- flux/cluster/apps/authentik/helm-release.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/flux/cluster/apps/authentik/helm-release.yaml b/flux/cluster/apps/authentik/helm-release.yaml index 7523b567..553f98f0 100644 --- a/flux/cluster/apps/authentik/helm-release.yaml +++ b/flux/cluster/apps/authentik/helm-release.yaml @@ -22,6 +22,9 @@ spec: targetPath: authentik.secret_key optional: false values: + image: + repository: ghcr.io/goauthentik/server + tag: 2022.5.1 authentik: error_reporting: enabled: true -- 2.47.1 From 8b0360dc183e50314df79300d4e3642cea151115 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 23 May 2022 11:00:15 +0000 Subject: [PATCH 0200/1882] chore(deps): update helm values ghcr.io/goauthentik/server to v2022.5.2 --- flux/cluster/apps/authentik/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/authentik/helm-release.yaml b/flux/cluster/apps/authentik/helm-release.yaml index 553f98f0..8cd1b145 100644 --- a/flux/cluster/apps/authentik/helm-release.yaml +++ b/flux/cluster/apps/authentik/helm-release.yaml @@ -24,7 +24,7 @@ spec: values: image: repository: ghcr.io/goauthentik/server - tag: 2022.5.1 + tag: 2022.5.2 authentik: error_reporting: enabled: true -- 2.47.1 From d454cfb1bb85283df1902f38e6870646672d61a1 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 24 May 2022 21:06:38 +0200 Subject: [PATCH 0201/1882] renovate: change automerge type --- flake.lock | 174 +++--------------- flake.nix | 12 +- .../renovate/renovate-infrastructure.yaml | 2 +- 3 files changed, 40 insertions(+), 148 deletions(-) diff --git a/flake.lock b/flake.lock index 64450408..010425b8 100644 --- a/flake.lock +++ b/flake.lock @@ -3,7 +3,9 @@ "deploy-rs": { "inputs": { "flake-compat": "flake-compat", - "nixpkgs": "nixpkgs", + "nixpkgs": [ + "nixpkgs" + ], "utils": "utils" }, "locked": { @@ -20,25 +22,6 @@ "type": "github" } }, - "deploy-rs_2": { - "inputs": { - "flake-compat": "flake-compat_2", - "nixpkgs": "nixpkgs_4", - "utils": "utils_3" - }, - "locked": { - "lastModified": 1648475189, - "narHash": "sha256-gAGAS6IagwoUr1B0ohE3iR6sZ8hP4LSqzYLC8Mq3WGU=", - "owner": "serokell", - "repo": "deploy-rs", - "rev": "83e0c78291cd08cb827ba0d553ad9158ae5a95c3", - "type": "github" - }, - "original": { - "id": "deploy-rs", - "type": "indirect" - } - }, "flake-compat": { "flake": false, "locked": { @@ -56,22 +39,6 @@ } }, "flake-compat_2": { - "flake": false, - "locked": { - "lastModified": 1648199409, - "narHash": "sha256-JwPKdC2PoVBkG6E+eWw3j6BMR6sL3COpYWfif7RVb8Y=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "64a525ee38886ab9028e6f61790de0832aa3ef03", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_3": { "flake": false, "locked": { "lastModified": 1627913399, @@ -86,7 +53,7 @@ "type": "indirect" } }, - "flake-compat_4": { + "flake-compat_3": { "flake": false, "locked": { "lastModified": 1627913399, @@ -194,15 +161,17 @@ }, "minecraft-servers": { "inputs": { - "nixpkgs": "nixpkgs_2", + "nixpkgs": [ + "nixpkgs" + ], "utils": "utils_2" }, "locked": { - "lastModified": 1652836211, - "narHash": "sha256-+RKdIiGZgNCpZuT+Jb33iJ9vxLfS9JKXGVY0RHJQUZ0=", + "lastModified": 1653182293, + "narHash": "sha256-eLl3PHCzpX8eFES+S9WrC8jGhWjczbTvWAPMeuJOd4s=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "9a523a917319a85d9dc8314e4972225ac2867a36", + "rev": "f09d761e4063e9158555817d03b0f2a7f2bff709", "type": "github" }, "original": { @@ -214,7 +183,7 @@ "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs_5" + "nixpkgs": "nixpkgs_2" }, "locked": { "lastModified": 1633098935, @@ -232,7 +201,7 @@ "nix_2": { "inputs": { "lowdown-src": "lowdown-src_2", - "nixpkgs": "nixpkgs_7" + "nixpkgs": "nixpkgs_3" }, "locked": { "lastModified": 1633098935, @@ -248,38 +217,6 @@ } }, "nixpkgs": { - "locked": { - "lastModified": 1648219316, - "narHash": "sha256-Ctij+dOi0ZZIfX5eMhgwugfvB+WZSrvVNAyAuANOsnQ=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "30d3d79b7d3607d56546dd2a6b49e156ba0ec634", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1652133925, - "narHash": "sha256-kfATGChLe9/fQVZkXN9G71JAVMlhePv1qDbaRKklkQs=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "51d859cdab1ef58755bd342d45352fc607f5e59b", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { "locked": { "lastModified": 1653052942, "narHash": "sha256-Dt0jodCSLHVqE7yVxIoX1q4jA5uAWbVJHnaDa8HkJ4A=", @@ -295,23 +232,7 @@ "type": "github" } }, - "nixpkgs_4": { - "locked": { - "lastModified": 1648219316, - "narHash": "sha256-Ctij+dOi0ZZIfX5eMhgwugfvB+WZSrvVNAyAuANOsnQ=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "30d3d79b7d3607d56546dd2a6b49e156ba0ec634", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_5": { + "nixpkgs_2": { "locked": { "lastModified": 1632864508, "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", @@ -326,21 +247,7 @@ "type": "indirect" } }, - "nixpkgs_6": { - "locked": { - "lastModified": 1632495107, - "narHash": "sha256-4NGE56r+FJGBaCYu3CTH4O83Ys4TrtnEPXrvdwg1TDs=", - "owner": "serokell", - "repo": "nixpkgs", - "rev": "be220b2dc47092c1e739bf6aaf630f29e71fe1c4", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "type": "indirect" - } - }, - "nixpkgs_7": { + "nixpkgs_3": { "locked": { "lastModified": 1632864508, "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", @@ -355,44 +262,34 @@ "type": "indirect" } }, - "nixpkgs_8": { - "locked": { - "lastModified": 1632495107, - "narHash": "sha256-4NGE56r+FJGBaCYu3CTH4O83Ys4TrtnEPXrvdwg1TDs=", - "owner": "serokell", - "repo": "nixpkgs", - "rev": "be220b2dc47092c1e739bf6aaf630f29e71fe1c4", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "type": "indirect" - } - }, "root": { "inputs": { "deploy-rs": "deploy-rs", "minecraft-servers": "minecraft-servers", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs", "serokell-nix": "serokell-nix", "vault-secrets": "vault-secrets" } }, "serokell-nix": { "inputs": { - "deploy-rs": "deploy-rs_2", - "flake-compat": "flake-compat_3", + "deploy-rs": [ + "deploy-rs" + ], + "flake-compat": "flake-compat_2", "flake-utils": "flake-utils_2", "gitignore-nix": "gitignore-nix", "nix": "nix", - "nixpkgs": "nixpkgs_6" + "nixpkgs": [ + "nixpkgs" + ] }, "locked": { - "lastModified": 1652967482, - "narHash": "sha256-wFiXqPQzx9B3p2z1SqfL6zURUfLIKgKSUCIDr6OdKUE=", + "lastModified": 1653109065, + "narHash": "sha256-E4kflprq80xWtt/ApTP0lAyi4oryFV/FI53S+VmiI0Q=", "owner": "serokell", "repo": "serokell.nix", - "rev": "d90dc16c0a90288a0615e17f8ec4c6544fc8cc7a", + "rev": "bbccb5df8013b1bd86b8445bd8e39c396a0521cc", "type": "github" }, "original": { @@ -434,27 +331,14 @@ "type": "github" } }, - "utils_3": { - "locked": { - "lastModified": 1648297722, - "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, "vault-secrets": { "inputs": { - "flake-compat": "flake-compat_4", + "flake-compat": "flake-compat_3", "flake-utils": "flake-utils_3", "nix": "nix_2", - "nixpkgs": "nixpkgs_8" + "nixpkgs": [ + "nixpkgs" + ] }, "locked": { "lastModified": 1633626134, diff --git a/flake.nix b/flake.nix index 2564a639..c2dd2d5c 100644 --- a/flake.nix +++ b/flake.nix @@ -6,12 +6,20 @@ # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix inputs = { - deploy-rs.url = "github:serokell/deploy-rs"; - # nixpkgs.url = "github:nixos/nixpkgs/master"; nixpkgs.url = "github:NULLx76/nixpkgs/0x76"; + + deploy-rs.url = "github:serokell/deploy-rs"; + deploy-rs.inputs.nixpkgs.follows = "nixpkgs"; + serokell-nix.url = "github:serokell/serokell.nix"; + serokell-nix.inputs.nixpkgs.follows = "nixpkgs"; + serokell-nix.inputs.deploy-rs.follows = "deploy-rs"; + vault-secrets.url = "github:serokell/vault-secrets"; + vault-secrets.inputs.nixpkgs.follows = "nixpkgs"; + minecraft-servers.url = "github:jyooru/nix-minecraft-servers"; + minecraft-servers.inputs.nixpkgs.follows = "nixpkgs"; }; outputs = diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index a7a3979a..29a5fabd 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -74,7 +74,7 @@ data: "packageRules": [ { "automerge": true, - "automergeType": "branch", + "automergeType": "pr", "matchPackageNames": [ "renovate/renovate" ] -- 2.47.1 From 042a665401b835c6d953da8e9cfc9050f6ec347b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 24 May 2022 19:15:46 +0000 Subject: [PATCH 0202/1882] chore(deps): update dependency renovate/renovate to v32.66 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 29a5fabd..afb215dc 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.64 + image: renovate/renovate:32.66 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 688d098c5561e7b23061376df099d1c810d40003 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 May 2022 12:19:44 +0200 Subject: [PATCH 0203/1882] add agola --- flake.lock | 18 ++-- flux/cluster/apps/gitops/agola/configmap.yaml | 83 +++++++++++++++++++ .../cluster/apps/gitops/agola/deployment.yaml | 53 ++++++++++++ .../apps/gitops/agola/external-secret.yaml | 30 +++++++ flux/cluster/apps/gitops/agola/ingress.yaml | 18 ++++ .../apps/gitops/agola/kustomization.yaml | 8 ++ flux/cluster/apps/gitops/agola/services.yaml | 36 ++++++++ flux/cluster/apps/gitops/kustomization.yaml | 1 + nixos/hosts/database/configuration.nix | 2 +- nixos/hosts/nginx/configuration.nix | 2 +- 10 files changed, 240 insertions(+), 11 deletions(-) create mode 100644 flux/cluster/apps/gitops/agola/configmap.yaml create mode 100644 flux/cluster/apps/gitops/agola/deployment.yaml create mode 100644 flux/cluster/apps/gitops/agola/external-secret.yaml create mode 100644 flux/cluster/apps/gitops/agola/ingress.yaml create mode 100644 flux/cluster/apps/gitops/agola/kustomization.yaml create mode 100644 flux/cluster/apps/gitops/agola/services.yaml diff --git a/flake.lock b/flake.lock index 010425b8..ddd8d3ef 100644 --- a/flake.lock +++ b/flake.lock @@ -167,11 +167,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1653182293, - "narHash": "sha256-eLl3PHCzpX8eFES+S9WrC8jGhWjczbTvWAPMeuJOd4s=", + "lastModified": 1653372067, + "narHash": "sha256-1+fD3EHTbUSoKcabe9WadVe9fFnG5f2ODWC+WpR8exc=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "f09d761e4063e9158555817d03b0f2a7f2bff709", + "rev": "6008e29999eb32bd7880ae53e13f83d9181f04bb", "type": "github" }, "original": { @@ -218,11 +218,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1653052942, - "narHash": "sha256-Dt0jodCSLHVqE7yVxIoX1q4jA5uAWbVJHnaDa8HkJ4A=", + "lastModified": 1653427793, + "narHash": "sha256-h6y/I5O/QTawjny6GfovRSUbaEAvswfRXFMuOhVYwBQ=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "3c55de3b23f016898219cf6b02dd5ef365898023", + "rev": "bef8053f86b8702d57601972f782186b7269db69", "type": "github" }, "original": { @@ -285,11 +285,11 @@ ] }, "locked": { - "lastModified": 1653109065, - "narHash": "sha256-E4kflprq80xWtt/ApTP0lAyi4oryFV/FI53S+VmiI0Q=", + "lastModified": 1653404524, + "narHash": "sha256-Mu3qgXABzAM9T+4dWmV3OOYFydxv28al7cTdiUK6h3s=", "owner": "serokell", "repo": "serokell.nix", - "rev": "bbccb5df8013b1bd86b8445bd8e39c396a0521cc", + "rev": "3b39a9000c7652cf7693b70c13c7e1564b0cf333", "type": "github" }, "original": { diff --git a/flux/cluster/apps/gitops/agola/configmap.yaml b/flux/cluster/apps/gitops/agola/configmap.yaml new file mode 100644 index 00000000..c2b8b534 --- /dev/null +++ b/flux/cluster/apps/gitops/agola/configmap.yaml @@ -0,0 +1,83 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: agola + namespace: gitops +data: + config.yml: | + gateway: + # The api url that clients will call + # Change this to the exposed "agola" service IP + apiExposedURL: "https://agola.0x76.dev" + # The web interface url that clients will use + # Change this to the exposed "agola" service IP + webExposedURL: "https://agola.0x76.dev" + + runserviceURL: "http://agola-internal:4000" + configstoreURL: "http://agola-internal:4002" + gitserverURL: "http://agola-internal:4003" + web: + listenAddress: ":8000" + tokenSigning: + # hmac or rsa (it possible use rsa) + method: hmac + # key to use when signing with hmac + key: $SIGNING_KEY + adminToken: "$ADMIN_TOKEN" + + scheduler: + runserviceURL: "http://agola-internal:4000" + + notification: + webExposedURL: "https://agola.0x76.dev" + runserviceURL: "http://agola-internal:4000" + configstoreURL: "http://agola-internal:4002" + db: + type: postgres + connString: "postgres://agola_notif@database/agola_notif?sslmode=disable" + + configstore: + dataDir: /mnt/agola/local/configstore + db: + type: postgres + connString: "postgres://agola_config@database/agola_config?sslmode=disable" + objectStorage: + type: s3 + endpoint: "http://minio:9000" + bucket: agola-configstore + accessKey: $MINIO_ACCESS_KEY + secretAccessKey: $MINIO_SECRET_ACCESS_KEY + web: + listenAddress: ":4002" + + runservice: + #debug: true + dataDir: /mnt/agola/local/runservice + db: + type: postgres + connString: "postgres://agola_runservice@database/agola_runservice?sslmode=disable" + objectStorage: + type: s3 + endpoint: "http://minio:9000" + bucket: agola-runservice + accessKey: $MINIO_ACCESS_KEY + secretAccessKey: $MINIO_SECRET_ACCESS_KEY + web: + listenAddress: ":4000" + + executor: + dataDir: /mnt/agola/local/executor + # The directory containing the toolbox compiled for the various supported architectures + toolboxPath: ./bin + runserviceURL: "http://agola-internal:4000" + web: + listenAddress: ":4001" + activeTasksLimit: 2 + driver: + type: kubernetes + + gitserver: + dataDir: /mnt/agola/local/gitserver + gatewayURL: "http://agola-internal:8000" + web: + listenAddress: ":4003" diff --git a/flux/cluster/apps/gitops/agola/deployment.yaml b/flux/cluster/apps/gitops/agola/deployment.yaml new file mode 100644 index 00000000..02155c06 --- /dev/null +++ b/flux/cluster/apps/gitops/agola/deployment.yaml @@ -0,0 +1,53 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: agola + namespace: gitops +spec: + replicas: 1 + selector: + matchLabels: + app: agola + template: + metadata: + labels: + app: agola + spec: + initContainers: + - name: config + image: 0x76/envsubst + args: ["sh", "-c", "cat /mnt/agola/config/config.yml | envsubst > /mnt/agola/local/config.yml"] + volumeMounts: + - mountPath: /mnt/agola/local + name: agola-localdata + - mountPath: /mnt/agola/config + name: config-volume + envFrom: + - secretRef: + name: agola + containers: + - name: agola + image: sorintlab/agola:v0.7.0 + command: + - /bin/agola + - serve + - "--config" + - /mnt/agola/local/config.yml + - "--components" + - all-base,executor + ports: + - containerPort: 8000 + - containerPort: 4000 + - containerPort: 4002 + - containerPort: 4003 + volumeMounts: + - name: config-volume + mountPath: /mnt/agola/config + - name: agola-localdata + mountPath: /mnt/agola/local + volumes: + - name: config-volume + configMap: + name: agola + - name: agola-localdata + emptyDir: {} diff --git a/flux/cluster/apps/gitops/agola/external-secret.yaml b/flux/cluster/apps/gitops/agola/external-secret.yaml new file mode 100644 index 00000000..1566021c --- /dev/null +++ b/flux/cluster/apps/gitops/agola/external-secret.yaml @@ -0,0 +1,30 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: agola + namespace: gitops +spec: + refreshInterval: "5m" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: authentik + data: + - secretKey: ADMIN_TOKEN + remoteRef: + key: gitops/agola + property: admin_token + - secretKey: SIGNING_KEY + remoteRef: + key: gitops/agola + property: signing_key + - secretKey: MINIO_ACCESS_KEY + remoteRef: + key: gitops/agola + property: minio_access_key + - secretKey: MINIO_SECRET_ACCESS_KEY + remoteRef: + key: gitops/agola + property: minio_secret_access_key + \ No newline at end of file diff --git a/flux/cluster/apps/gitops/agola/ingress.yaml b/flux/cluster/apps/gitops/agola/ingress.yaml new file mode 100644 index 00000000..f62024d4 --- /dev/null +++ b/flux/cluster/apps/gitops/agola/ingress.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: agola + namespace: gitops +spec: + ingressClassName: traefik + rules: + - host: agola.0x76.dev + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: agola + port: + number: 8000 diff --git a/flux/cluster/apps/gitops/agola/kustomization.yaml b/flux/cluster/apps/gitops/agola/kustomization.yaml new file mode 100644 index 00000000..c696da40 --- /dev/null +++ b/flux/cluster/apps/gitops/agola/kustomization.yaml @@ -0,0 +1,8 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - configmap.yaml + - deployment.yaml + - external-secret.yaml + - ingress.yaml + - services.yaml diff --git a/flux/cluster/apps/gitops/agola/services.yaml b/flux/cluster/apps/gitops/agola/services.yaml new file mode 100644 index 00000000..173f69c3 --- /dev/null +++ b/flux/cluster/apps/gitops/agola/services.yaml @@ -0,0 +1,36 @@ +# The client service. It's a node port for easier testing on minikube. Change +# it to become a LoadBalancer if needed. +apiVersion: v1 +kind: Service +metadata: + name: agola + namespace: gitops +spec: + ports: + - port: 8000 + name: api + selector: + app: agola +--- +# The service for internal components communication. +# We are using an headless service since some k8s deployment doesn't have +# hairpin mode enabled and pods cannot communicate with themself via a +# service +apiVersion: v1 +kind: Service +metadata: + name: agola-internal + namespace: gitops +spec: + ports: + - port: 8000 + name: api + - port: 4000 + name: runservice + - port: 4002 + name: configstore + - port: 4003 + name: gitserver + selector: + app: agola + clusterIP: None diff --git a/flux/cluster/apps/gitops/kustomization.yaml b/flux/cluster/apps/gitops/kustomization.yaml index 4ddab702..b60d1cea 100644 --- a/flux/cluster/apps/gitops/kustomization.yaml +++ b/flux/cluster/apps/gitops/kustomization.yaml @@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - renovate + - agola diff --git a/nixos/hosts/database/configuration.nix b/nixos/hosts/database/configuration.nix index 22022400..fc5331bb 100644 --- a/nixos/hosts/database/configuration.nix +++ b/nixos/hosts/database/configuration.nix @@ -4,7 +4,7 @@ { config, pkgs, ... }: let - databases = [ "authentik" ]; + databases = [ "authentik" "agola_notif" "agola_config" "agola_runservice"]; in { diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index fc57621e..f7b0b756 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -46,10 +46,10 @@ in # Kubernetes endpoints virtualHosts."0x76.dev" = k8s_proxy; virtualHosts."id.0x76.dev" = k8s_proxy; + virtualHosts."agola.0x76.dev" = k8s_proxy; virtualHosts."zookeeper.0x76.dev" = k8s_proxy; virtualHosts."wooloofan.club" = k8s_proxy; virtualHosts."whoami.wooloofan.club" = k8s_proxy; - }; services.nginx.commonHttpConfig = '' -- 2.47.1 From 940de9312d955d03f47d00cebf9a999237d977fa Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 May 2022 12:21:00 +0200 Subject: [PATCH 0204/1882] add agola.1 --- flux/cluster/apps/gitops/agola/external-secret.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/agola/external-secret.yaml b/flux/cluster/apps/gitops/agola/external-secret.yaml index 1566021c..5bae7d71 100644 --- a/flux/cluster/apps/gitops/agola/external-secret.yaml +++ b/flux/cluster/apps/gitops/agola/external-secret.yaml @@ -9,7 +9,7 @@ spec: name: vault kind: ClusterSecretStore target: - name: authentik + name: agola data: - secretKey: ADMIN_TOKEN remoteRef: -- 2.47.1 From 3bd7672b7a26d7f7e2a0321e3ece86177ca27ed5 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 May 2022 12:25:18 +0200 Subject: [PATCH 0205/1882] agola: update urls --- flux/cluster/apps/gitops/agola/configmap.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/flux/cluster/apps/gitops/agola/configmap.yaml b/flux/cluster/apps/gitops/agola/configmap.yaml index c2b8b534..a0dd51db 100644 --- a/flux/cluster/apps/gitops/agola/configmap.yaml +++ b/flux/cluster/apps/gitops/agola/configmap.yaml @@ -34,16 +34,16 @@ data: configstoreURL: "http://agola-internal:4002" db: type: postgres - connString: "postgres://agola_notif@database/agola_notif?sslmode=disable" + connString: "postgres://agola_notif@10.42.42.26/agola_notif?sslmode=disable" configstore: dataDir: /mnt/agola/local/configstore db: type: postgres - connString: "postgres://agola_config@database/agola_config?sslmode=disable" + connString: "postgres://agola_config@10.42.42.26/agola_config?sslmode=disable" objectStorage: type: s3 - endpoint: "http://minio:9000" + endpoint: "https://o.0x76.dev" bucket: agola-configstore accessKey: $MINIO_ACCESS_KEY secretAccessKey: $MINIO_SECRET_ACCESS_KEY @@ -55,10 +55,10 @@ data: dataDir: /mnt/agola/local/runservice db: type: postgres - connString: "postgres://agola_runservice@database/agola_runservice?sslmode=disable" + connString: "postgres://agola_runservice@10.42.42.26/agola_runservice?sslmode=disable" objectStorage: type: s3 - endpoint: "http://minio:9000" + endpoint: "https://o.0x76.dev" bucket: agola-runservice accessKey: $MINIO_ACCESS_KEY secretAccessKey: $MINIO_SECRET_ACCESS_KEY -- 2.47.1 From 89c21f3ab47bf646d46ece3443af0adc88fb59cf Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 May 2022 12:30:51 +0200 Subject: [PATCH 0206/1882] agola: add rbac --- .../apps/gitops/agola/kustomization.yaml | 1 + flux/cluster/apps/gitops/agola/rbac.yaml | 59 +++++++++++++++++++ 2 files changed, 60 insertions(+) create mode 100644 flux/cluster/apps/gitops/agola/rbac.yaml diff --git a/flux/cluster/apps/gitops/agola/kustomization.yaml b/flux/cluster/apps/gitops/agola/kustomization.yaml index c696da40..fd47e5f6 100644 --- a/flux/cluster/apps/gitops/agola/kustomization.yaml +++ b/flux/cluster/apps/gitops/agola/kustomization.yaml @@ -5,4 +5,5 @@ resources: - deployment.yaml - external-secret.yaml - ingress.yaml + - rbac.yaml - services.yaml diff --git a/flux/cluster/apps/gitops/agola/rbac.yaml b/flux/cluster/apps/gitops/agola/rbac.yaml new file mode 100644 index 00000000..9f8ec3c5 --- /dev/null +++ b/flux/cluster/apps/gitops/agola/rbac.yaml @@ -0,0 +1,59 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: agola + namespace: gitops +rules: +- apiGroups: + - "" + resources: + - nodes + verbs: + - "*" +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: Role +metadata: + name: agola + namespace: gitops +rules: +- apiGroups: + - "" + - "coordination.k8s.io" + resources: + - nodes + - pods + - pods/exec + - configmaps + - leases + - secrets + verbs: + - "*" +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: RoleBinding +metadata: + name: agola + namespace: gitops +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: agola +subjects: +- kind: ServiceAccount + name: default + namespace: gitops +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: agola + namespace: gitops +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: agola +subjects: +- kind: ServiceAccount + name: default + namespace: gitops -- 2.47.1 From 155f39e0fb1895ebee0890e98f9f8f8dd0379b6f Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 May 2022 12:33:29 +0200 Subject: [PATCH 0207/1882] agola: update rbac apiVersion --- flux/cluster/apps/gitops/agola/rbac.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flux/cluster/apps/gitops/agola/rbac.yaml b/flux/cluster/apps/gitops/agola/rbac.yaml index 9f8ec3c5..14e8cf4e 100644 --- a/flux/cluster/apps/gitops/agola/rbac.yaml +++ b/flux/cluster/apps/gitops/agola/rbac.yaml @@ -1,4 +1,4 @@ -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: agola @@ -11,7 +11,7 @@ rules: verbs: - "*" --- -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: agola @@ -30,7 +30,7 @@ rules: verbs: - "*" --- -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: agola @@ -44,7 +44,7 @@ subjects: name: default namespace: gitops --- -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: agola -- 2.47.1 From 494f1247bf417d647c2f3c4e52dd5a951e89ded8 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 May 2022 12:54:20 +0200 Subject: [PATCH 0208/1882] enable debug --- flux/cluster/apps/gitops/agola/configmap.yaml | 2 +- flux/cluster/apps/gitops/agola/rbac.yaml | 48 +++++++++---------- 2 files changed, 25 insertions(+), 25 deletions(-) diff --git a/flux/cluster/apps/gitops/agola/configmap.yaml b/flux/cluster/apps/gitops/agola/configmap.yaml index a0dd51db..5fddbdba 100644 --- a/flux/cluster/apps/gitops/agola/configmap.yaml +++ b/flux/cluster/apps/gitops/agola/configmap.yaml @@ -51,7 +51,7 @@ data: listenAddress: ":4002" runservice: - #debug: true + debug: true dataDir: /mnt/agola/local/runservice db: type: postgres diff --git a/flux/cluster/apps/gitops/agola/rbac.yaml b/flux/cluster/apps/gitops/agola/rbac.yaml index 14e8cf4e..77352263 100644 --- a/flux/cluster/apps/gitops/agola/rbac.yaml +++ b/flux/cluster/apps/gitops/agola/rbac.yaml @@ -4,12 +4,12 @@ metadata: name: agola namespace: gitops rules: -- apiGroups: - - "" - resources: - - nodes - verbs: - - "*" + - apiGroups: + - "" + resources: + - nodes + verbs: + - "*" --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role @@ -17,18 +17,18 @@ metadata: name: agola namespace: gitops rules: -- apiGroups: - - "" - - "coordination.k8s.io" - resources: - - nodes - - pods - - pods/exec - - configmaps - - leases - - secrets - verbs: - - "*" + - apiGroups: + - "" + - "coordination.k8s.io" + resources: + - nodes + - pods + - pods/exec + - configmaps + - leases + - secrets + verbs: + - "*" --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -40,9 +40,9 @@ roleRef: kind: Role name: agola subjects: -- kind: ServiceAccount - name: default - namespace: gitops + - kind: ServiceAccount + name: default + namespace: gitops --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -54,6 +54,6 @@ roleRef: kind: ClusterRole name: agola subjects: -- kind: ServiceAccount - name: default - namespace: gitops + - kind: ServiceAccount + name: default + namespace: gitops -- 2.47.1 From 2445e4c2af7daab7222284513d3de83a86f4261e Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 May 2022 13:05:06 +0200 Subject: [PATCH 0209/1882] agola: logging --- flux/cluster/apps/gitops/agola/deployment.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/flux/cluster/apps/gitops/agola/deployment.yaml b/flux/cluster/apps/gitops/agola/deployment.yaml index 02155c06..647fa60e 100644 --- a/flux/cluster/apps/gitops/agola/deployment.yaml +++ b/flux/cluster/apps/gitops/agola/deployment.yaml @@ -35,6 +35,7 @@ spec: - /mnt/agola/local/config.yml - "--components" - all-base,executor + - "--embedded-etcd" ports: - containerPort: 8000 - containerPort: 4000 -- 2.47.1 From 2ac128b5abfa98f647f83d5884a6bd4cb01e609a Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 May 2022 13:11:17 +0200 Subject: [PATCH 0210/1882] agola: logging --- flux/cluster/apps/gitops/agola/deployment.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/agola/deployment.yaml b/flux/cluster/apps/gitops/agola/deployment.yaml index 647fa60e..836901c1 100644 --- a/flux/cluster/apps/gitops/agola/deployment.yaml +++ b/flux/cluster/apps/gitops/agola/deployment.yaml @@ -35,7 +35,8 @@ spec: - /mnt/agola/local/config.yml - "--components" - all-base,executor - - "--embedded-etcd" + - "--debug" + - "--detailed-errors" ports: - containerPort: 8000 - containerPort: 4000 -- 2.47.1 From 900630c25bd2fea6f4fd0ff62295fb09e9add43d Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 May 2022 13:17:32 +0200 Subject: [PATCH 0211/1882] agola: logging --- flux/cluster/apps/gitops/agola/configmap.yaml | 3 ++- flux/cluster/apps/gitops/agola/deployment.yaml | 1 - 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/flux/cluster/apps/gitops/agola/configmap.yaml b/flux/cluster/apps/gitops/agola/configmap.yaml index 5fddbdba..5386c816 100644 --- a/flux/cluster/apps/gitops/agola/configmap.yaml +++ b/flux/cluster/apps/gitops/agola/configmap.yaml @@ -37,6 +37,7 @@ data: connString: "postgres://agola_notif@10.42.42.26/agola_notif?sslmode=disable" configstore: + debug: true dataDir: /mnt/agola/local/configstore db: type: postgres @@ -51,7 +52,7 @@ data: listenAddress: ":4002" runservice: - debug: true + # debug: true dataDir: /mnt/agola/local/runservice db: type: postgres diff --git a/flux/cluster/apps/gitops/agola/deployment.yaml b/flux/cluster/apps/gitops/agola/deployment.yaml index 836901c1..9eab6da8 100644 --- a/flux/cluster/apps/gitops/agola/deployment.yaml +++ b/flux/cluster/apps/gitops/agola/deployment.yaml @@ -35,7 +35,6 @@ spec: - /mnt/agola/local/config.yml - "--components" - all-base,executor - - "--debug" - "--detailed-errors" ports: - containerPort: 8000 -- 2.47.1 From 66ea6c231a3160fba1860ab1a7cf2be44ed51844 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 May 2022 13:30:25 +0200 Subject: [PATCH 0212/1882] temp disable agola --- flux/cluster/apps/gitops/agola/deployment.yaml | 1 - flux/cluster/apps/gitops/kustomization.yaml | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/flux/cluster/apps/gitops/agola/deployment.yaml b/flux/cluster/apps/gitops/agola/deployment.yaml index 9eab6da8..02155c06 100644 --- a/flux/cluster/apps/gitops/agola/deployment.yaml +++ b/flux/cluster/apps/gitops/agola/deployment.yaml @@ -35,7 +35,6 @@ spec: - /mnt/agola/local/config.yml - "--components" - all-base,executor - - "--detailed-errors" ports: - containerPort: 8000 - containerPort: 4000 diff --git a/flux/cluster/apps/gitops/kustomization.yaml b/flux/cluster/apps/gitops/kustomization.yaml index b60d1cea..86a92e43 100644 --- a/flux/cluster/apps/gitops/kustomization.yaml +++ b/flux/cluster/apps/gitops/kustomization.yaml @@ -2,4 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - renovate - - agola + # - agola -- 2.47.1 From 6229d4693ed604cdc55a97e8d59723117b0271a6 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 May 2022 13:39:49 +0200 Subject: [PATCH 0213/1882] switch agola to git version --- flux/cluster/apps/gitops/agola/deployment.yaml | 2 +- flux/cluster/apps/gitops/kustomization.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/flux/cluster/apps/gitops/agola/deployment.yaml b/flux/cluster/apps/gitops/agola/deployment.yaml index 02155c06..f2e87e6e 100644 --- a/flux/cluster/apps/gitops/agola/deployment.yaml +++ b/flux/cluster/apps/gitops/agola/deployment.yaml @@ -27,7 +27,7 @@ spec: name: agola containers: - name: agola - image: sorintlab/agola:v0.7.0 + image: 0x76/agola:edge command: - /bin/agola - serve diff --git a/flux/cluster/apps/gitops/kustomization.yaml b/flux/cluster/apps/gitops/kustomization.yaml index 86a92e43..b60d1cea 100644 --- a/flux/cluster/apps/gitops/kustomization.yaml +++ b/flux/cluster/apps/gitops/kustomization.yaml @@ -2,4 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - renovate - # - agola + - agola -- 2.47.1 From 0b7043601e429efbe19cf9f31c722c45a2a3d267 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 May 2022 14:04:09 +0200 Subject: [PATCH 0214/1882] agola gateway debug --- flux/cluster/apps/gitops/agola/configmap.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/agola/configmap.yaml b/flux/cluster/apps/gitops/agola/configmap.yaml index 5386c816..69407575 100644 --- a/flux/cluster/apps/gitops/agola/configmap.yaml +++ b/flux/cluster/apps/gitops/agola/configmap.yaml @@ -6,6 +6,7 @@ metadata: data: config.yml: | gateway: + debug: true # The api url that clients will call # Change this to the exposed "agola" service IP apiExposedURL: "https://agola.0x76.dev" @@ -37,7 +38,7 @@ data: connString: "postgres://agola_notif@10.42.42.26/agola_notif?sslmode=disable" configstore: - debug: true + # debug: true dataDir: /mnt/agola/local/configstore db: type: postgres -- 2.47.1 From e76126775cd5a6ad2f782148739c32d3b0a1bc68 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 May 2022 14:08:42 +0200 Subject: [PATCH 0215/1882] agola debug --- flux/cluster/apps/gitops/agola/configmap.yaml | 1 - flux/cluster/apps/gitops/agola/deployment.yaml | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/agola/configmap.yaml b/flux/cluster/apps/gitops/agola/configmap.yaml index 69407575..338045f9 100644 --- a/flux/cluster/apps/gitops/agola/configmap.yaml +++ b/flux/cluster/apps/gitops/agola/configmap.yaml @@ -6,7 +6,6 @@ metadata: data: config.yml: | gateway: - debug: true # The api url that clients will call # Change this to the exposed "agola" service IP apiExposedURL: "https://agola.0x76.dev" diff --git a/flux/cluster/apps/gitops/agola/deployment.yaml b/flux/cluster/apps/gitops/agola/deployment.yaml index f2e87e6e..04351883 100644 --- a/flux/cluster/apps/gitops/agola/deployment.yaml +++ b/flux/cluster/apps/gitops/agola/deployment.yaml @@ -35,6 +35,7 @@ spec: - /mnt/agola/local/config.yml - "--components" - all-base,executor + - "--debug" ports: - containerPort: 8000 - containerPort: 4000 -- 2.47.1 From a397b8a1f161dfaebe0fac50c0a842a460e604cf Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 May 2022 14:12:48 +0200 Subject: [PATCH 0216/1882] temp disable agola --- flux/cluster/apps/gitops/agola/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/agola/deployment.yaml b/flux/cluster/apps/gitops/agola/deployment.yaml index 04351883..16d9d580 100644 --- a/flux/cluster/apps/gitops/agola/deployment.yaml +++ b/flux/cluster/apps/gitops/agola/deployment.yaml @@ -35,7 +35,7 @@ spec: - /mnt/agola/local/config.yml - "--components" - all-base,executor - - "--debug" + # - "--debug" ports: - containerPort: 8000 - containerPort: 4000 -- 2.47.1 From 20bf415ea7eacdd43d147f0d03dcfd237cae60f6 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 May 2022 15:17:06 +0200 Subject: [PATCH 0217/1882] drop agola, too buggy --- flux/cluster/apps/gitops/agola/configmap.yaml | 84 ------------------- .../cluster/apps/gitops/agola/deployment.yaml | 54 ------------ .../apps/gitops/agola/external-secret.yaml | 30 ------- flux/cluster/apps/gitops/agola/ingress.yaml | 18 ---- .../apps/gitops/agola/kustomization.yaml | 9 -- flux/cluster/apps/gitops/agola/rbac.yaml | 59 ------------- flux/cluster/apps/gitops/agola/services.yaml | 36 -------- flux/cluster/apps/gitops/kustomization.yaml | 1 - nixos/hosts/database/configuration.nix | 2 +- 9 files changed, 1 insertion(+), 292 deletions(-) delete mode 100644 flux/cluster/apps/gitops/agola/configmap.yaml delete mode 100644 flux/cluster/apps/gitops/agola/deployment.yaml delete mode 100644 flux/cluster/apps/gitops/agola/external-secret.yaml delete mode 100644 flux/cluster/apps/gitops/agola/ingress.yaml delete mode 100644 flux/cluster/apps/gitops/agola/kustomization.yaml delete mode 100644 flux/cluster/apps/gitops/agola/rbac.yaml delete mode 100644 flux/cluster/apps/gitops/agola/services.yaml diff --git a/flux/cluster/apps/gitops/agola/configmap.yaml b/flux/cluster/apps/gitops/agola/configmap.yaml deleted file mode 100644 index 338045f9..00000000 --- a/flux/cluster/apps/gitops/agola/configmap.yaml +++ /dev/null @@ -1,84 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: agola - namespace: gitops -data: - config.yml: | - gateway: - # The api url that clients will call - # Change this to the exposed "agola" service IP - apiExposedURL: "https://agola.0x76.dev" - # The web interface url that clients will use - # Change this to the exposed "agola" service IP - webExposedURL: "https://agola.0x76.dev" - - runserviceURL: "http://agola-internal:4000" - configstoreURL: "http://agola-internal:4002" - gitserverURL: "http://agola-internal:4003" - web: - listenAddress: ":8000" - tokenSigning: - # hmac or rsa (it possible use rsa) - method: hmac - # key to use when signing with hmac - key: $SIGNING_KEY - adminToken: "$ADMIN_TOKEN" - - scheduler: - runserviceURL: "http://agola-internal:4000" - - notification: - webExposedURL: "https://agola.0x76.dev" - runserviceURL: "http://agola-internal:4000" - configstoreURL: "http://agola-internal:4002" - db: - type: postgres - connString: "postgres://agola_notif@10.42.42.26/agola_notif?sslmode=disable" - - configstore: - # debug: true - dataDir: /mnt/agola/local/configstore - db: - type: postgres - connString: "postgres://agola_config@10.42.42.26/agola_config?sslmode=disable" - objectStorage: - type: s3 - endpoint: "https://o.0x76.dev" - bucket: agola-configstore - accessKey: $MINIO_ACCESS_KEY - secretAccessKey: $MINIO_SECRET_ACCESS_KEY - web: - listenAddress: ":4002" - - runservice: - # debug: true - dataDir: /mnt/agola/local/runservice - db: - type: postgres - connString: "postgres://agola_runservice@10.42.42.26/agola_runservice?sslmode=disable" - objectStorage: - type: s3 - endpoint: "https://o.0x76.dev" - bucket: agola-runservice - accessKey: $MINIO_ACCESS_KEY - secretAccessKey: $MINIO_SECRET_ACCESS_KEY - web: - listenAddress: ":4000" - - executor: - dataDir: /mnt/agola/local/executor - # The directory containing the toolbox compiled for the various supported architectures - toolboxPath: ./bin - runserviceURL: "http://agola-internal:4000" - web: - listenAddress: ":4001" - activeTasksLimit: 2 - driver: - type: kubernetes - - gitserver: - dataDir: /mnt/agola/local/gitserver - gatewayURL: "http://agola-internal:8000" - web: - listenAddress: ":4003" diff --git a/flux/cluster/apps/gitops/agola/deployment.yaml b/flux/cluster/apps/gitops/agola/deployment.yaml deleted file mode 100644 index 16d9d580..00000000 --- a/flux/cluster/apps/gitops/agola/deployment.yaml +++ /dev/null @@ -1,54 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: agola - namespace: gitops -spec: - replicas: 1 - selector: - matchLabels: - app: agola - template: - metadata: - labels: - app: agola - spec: - initContainers: - - name: config - image: 0x76/envsubst - args: ["sh", "-c", "cat /mnt/agola/config/config.yml | envsubst > /mnt/agola/local/config.yml"] - volumeMounts: - - mountPath: /mnt/agola/local - name: agola-localdata - - mountPath: /mnt/agola/config - name: config-volume - envFrom: - - secretRef: - name: agola - containers: - - name: agola - image: 0x76/agola:edge - command: - - /bin/agola - - serve - - "--config" - - /mnt/agola/local/config.yml - - "--components" - - all-base,executor - # - "--debug" - ports: - - containerPort: 8000 - - containerPort: 4000 - - containerPort: 4002 - - containerPort: 4003 - volumeMounts: - - name: config-volume - mountPath: /mnt/agola/config - - name: agola-localdata - mountPath: /mnt/agola/local - volumes: - - name: config-volume - configMap: - name: agola - - name: agola-localdata - emptyDir: {} diff --git a/flux/cluster/apps/gitops/agola/external-secret.yaml b/flux/cluster/apps/gitops/agola/external-secret.yaml deleted file mode 100644 index 5bae7d71..00000000 --- a/flux/cluster/apps/gitops/agola/external-secret.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: agola - namespace: gitops -spec: - refreshInterval: "5m" - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: agola - data: - - secretKey: ADMIN_TOKEN - remoteRef: - key: gitops/agola - property: admin_token - - secretKey: SIGNING_KEY - remoteRef: - key: gitops/agola - property: signing_key - - secretKey: MINIO_ACCESS_KEY - remoteRef: - key: gitops/agola - property: minio_access_key - - secretKey: MINIO_SECRET_ACCESS_KEY - remoteRef: - key: gitops/agola - property: minio_secret_access_key - \ No newline at end of file diff --git a/flux/cluster/apps/gitops/agola/ingress.yaml b/flux/cluster/apps/gitops/agola/ingress.yaml deleted file mode 100644 index f62024d4..00000000 --- a/flux/cluster/apps/gitops/agola/ingress.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: agola - namespace: gitops -spec: - ingressClassName: traefik - rules: - - host: agola.0x76.dev - http: - paths: - - pathType: Prefix - path: "/" - backend: - service: - name: agola - port: - number: 8000 diff --git a/flux/cluster/apps/gitops/agola/kustomization.yaml b/flux/cluster/apps/gitops/agola/kustomization.yaml deleted file mode 100644 index fd47e5f6..00000000 --- a/flux/cluster/apps/gitops/agola/kustomization.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - configmap.yaml - - deployment.yaml - - external-secret.yaml - - ingress.yaml - - rbac.yaml - - services.yaml diff --git a/flux/cluster/apps/gitops/agola/rbac.yaml b/flux/cluster/apps/gitops/agola/rbac.yaml deleted file mode 100644 index 77352263..00000000 --- a/flux/cluster/apps/gitops/agola/rbac.yaml +++ /dev/null @@ -1,59 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: agola - namespace: gitops -rules: - - apiGroups: - - "" - resources: - - nodes - verbs: - - "*" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: agola - namespace: gitops -rules: - - apiGroups: - - "" - - "coordination.k8s.io" - resources: - - nodes - - pods - - pods/exec - - configmaps - - leases - - secrets - verbs: - - "*" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: agola - namespace: gitops -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: agola -subjects: - - kind: ServiceAccount - name: default - namespace: gitops ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: agola - namespace: gitops -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: agola -subjects: - - kind: ServiceAccount - name: default - namespace: gitops diff --git a/flux/cluster/apps/gitops/agola/services.yaml b/flux/cluster/apps/gitops/agola/services.yaml deleted file mode 100644 index 173f69c3..00000000 --- a/flux/cluster/apps/gitops/agola/services.yaml +++ /dev/null @@ -1,36 +0,0 @@ -# The client service. It's a node port for easier testing on minikube. Change -# it to become a LoadBalancer if needed. -apiVersion: v1 -kind: Service -metadata: - name: agola - namespace: gitops -spec: - ports: - - port: 8000 - name: api - selector: - app: agola ---- -# The service for internal components communication. -# We are using an headless service since some k8s deployment doesn't have -# hairpin mode enabled and pods cannot communicate with themself via a -# service -apiVersion: v1 -kind: Service -metadata: - name: agola-internal - namespace: gitops -spec: - ports: - - port: 8000 - name: api - - port: 4000 - name: runservice - - port: 4002 - name: configstore - - port: 4003 - name: gitserver - selector: - app: agola - clusterIP: None diff --git a/flux/cluster/apps/gitops/kustomization.yaml b/flux/cluster/apps/gitops/kustomization.yaml index b60d1cea..4ddab702 100644 --- a/flux/cluster/apps/gitops/kustomization.yaml +++ b/flux/cluster/apps/gitops/kustomization.yaml @@ -2,4 +2,3 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - renovate - - agola diff --git a/nixos/hosts/database/configuration.nix b/nixos/hosts/database/configuration.nix index fc5331bb..22022400 100644 --- a/nixos/hosts/database/configuration.nix +++ b/nixos/hosts/database/configuration.nix @@ -4,7 +4,7 @@ { config, pkgs, ... }: let - databases = [ "authentik" "agola_notif" "agola_config" "agola_runservice"]; + databases = [ "authentik" ]; in { -- 2.47.1 From 0e10064a4f894c8822124ea0c485f40448376cbc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 25 May 2022 09:00:13 +0000 Subject: [PATCH 0218/1882] chore(deps): update helm release traefik to v10.20.0 --- flux/cluster/apps/networking/traefik/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/networking/traefik/helm-release.yaml b/flux/cluster/apps/networking/traefik/helm-release.yaml index 3ad11444..dbfd8855 100644 --- a/flux/cluster/apps/networking/traefik/helm-release.yaml +++ b/flux/cluster/apps/networking/traefik/helm-release.yaml @@ -10,7 +10,7 @@ spec: spec: # renovate: registryUrl=https://helm.traefik.io/traefik chart: traefik - version: 10.19.5 + version: 10.20.0 sourceRef: kind: HelmRepository name: traefik-charts -- 2.47.1 From f262041014d52797293ac864a7b34f20f69ad80b Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 May 2022 20:57:31 +0200 Subject: [PATCH 0219/1882] renovate: fix crds --- .../renovate/renovate-infrastructure.yaml | 24 ++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index afb215dc..d3c8e679 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -55,13 +55,13 @@ data: module.exports = { "repositories": ["v/infrastructure"], "flux": { - "fileMatch": ["flux/.+\\.yaml$"] + "fileMatch": ["flux/.+\\.ya?ml$"] }, "helm-values": { - "fileMatch": ["flux/.+\\.yaml$"] + "fileMatch": ["flux/.+\\.ya?ml$"] }, "kubernetes": { - "fileMatch": ["flux/.+\\.yaml$"] + "fileMatch": ["flux/.+\\.ya?ml$"] }, "hostRules": [ { @@ -79,5 +79,23 @@ data: "renovate/renovate" ] } + ], + "regexManagers": [ + { + "description": "Process GitRepository CRD dependencies - Chart and Github Release are the same version", + "fileMatch": ["flux/cluster/crds/.+\\.ya?ml$"], + "matchStrings": [ + "registryUrl=(?\\S+) chart=(?\\S+)\n.*?(?[^-\\s]*)\n" + ], + "datasourceTemplate": "helm" + }, + { + "description": "Process Kustomization CRD dependencies - Image and Github Release are the same version", + "fileMatch": ["flux/cluster/crds/.+\\.ya?ml$"], + "matchStrings": [ + "datasource=(?\\S+) image=(?\\S+)\n.*?-\\s(.*?)\/(?[^/]+)\/[^/]+\n" + ], + "datasourceTemplate": "docker" + } ] }; -- 2.47.1 From a3ac4b8cc0f1d17dce78bef3a688d3e7ec91b9f4 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 May 2022 21:03:23 +0200 Subject: [PATCH 0220/1882] traefik: update crds --- flux/cluster/crds/traefik/crds.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/crds/traefik/crds.yaml b/flux/cluster/crds/traefik/crds.yaml index 74099933..517c5914 100644 --- a/flux/cluster/crds/traefik/crds.yaml +++ b/flux/cluster/crds/traefik/crds.yaml @@ -9,7 +9,7 @@ spec: url: https://github.com/traefik/traefik-helm-chart.git ref: # renovate: registryUrl=https://helm.traefik.io/traefik chart=traefik - tag: v10.19.5 + tag: v10.20.0 ignore: | # exclude all /* -- 2.47.1 From 0de792fd0dbec8c509a7baeb9dc563167ad6c17c Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 26 May 2022 14:34:01 +0200 Subject: [PATCH 0221/1882] deploy umami --- flux/cluster/apps/kustomization.yaml | 1 + flux/cluster/apps/olympus/kustomization.yaml | 5 +++ .../apps/olympus/umami/deployment.yaml | 32 +++++++++++++++++++ .../apps/olympus/umami/external-secret.yaml | 17 ++++++++++ flux/cluster/apps/olympus/umami/ingress.yaml | 17 ++++++++++ .../apps/olympus/umami/kustomization.yaml | 6 ++++ flux/cluster/apps/olympus/umami/svc.yaml | 12 +++++++ .../apps/olympus/xirion-registry-creds.yaml | 19 +++++++++++ .../zookeeper/ingress.yaml | 1 - flux/cluster/core/namespaces/olympus.yaml | 7 ++++ nixos/hosts/database/configuration.nix | 2 +- nixos/hosts/nginx/configuration.nix | 2 +- 12 files changed, 118 insertions(+), 3 deletions(-) create mode 100644 flux/cluster/apps/olympus/kustomization.yaml create mode 100644 flux/cluster/apps/olympus/umami/deployment.yaml create mode 100644 flux/cluster/apps/olympus/umami/external-secret.yaml create mode 100644 flux/cluster/apps/olympus/umami/ingress.yaml create mode 100644 flux/cluster/apps/olympus/umami/kustomization.yaml create mode 100644 flux/cluster/apps/olympus/umami/svc.yaml create mode 100644 flux/cluster/apps/olympus/xirion-registry-creds.yaml create mode 100644 flux/cluster/core/namespaces/olympus.yaml diff --git a/flux/cluster/apps/kustomization.yaml b/flux/cluster/apps/kustomization.yaml index a6b3f3f8..05bf7ef7 100644 --- a/flux/cluster/apps/kustomization.yaml +++ b/flux/cluster/apps/kustomization.yaml @@ -6,3 +6,4 @@ resources: - authentik - gitops - monitoring + - olympus diff --git a/flux/cluster/apps/olympus/kustomization.yaml b/flux/cluster/apps/olympus/kustomization.yaml new file mode 100644 index 00000000..7d674414 --- /dev/null +++ b/flux/cluster/apps/olympus/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - xirion-registry-creds.yaml + - umami diff --git a/flux/cluster/apps/olympus/umami/deployment.yaml b/flux/cluster/apps/olympus/umami/deployment.yaml new file mode 100644 index 00000000..32b5e0b2 --- /dev/null +++ b/flux/cluster/apps/olympus/umami/deployment.yaml @@ -0,0 +1,32 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: umami + namespace: olympus + labels: + app: umami +spec: + replicas: 1 + selector: + matchLabels: + app: umami + template: + metadata: + labels: + app: umami + spec: + containers: + - name: umami + imagePullPolicy: IfNotPresent + image: ghcr.io/mikecao/umami:postgresql-v1.31.0 + ports: + - containerPort: 3000 + name: web + env: + - name: DATABASE_TYPE + value: postgres + - name: DATABASE_URL + value: "postgresql://umami@10.42.42.26/umami" + envFrom: + - secretRef: + name: umami diff --git a/flux/cluster/apps/olympus/umami/external-secret.yaml b/flux/cluster/apps/olympus/umami/external-secret.yaml new file mode 100644 index 00000000..49a91f16 --- /dev/null +++ b/flux/cluster/apps/olympus/umami/external-secret.yaml @@ -0,0 +1,17 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: umami + namespace: olympus +spec: + refreshInterval: "5m" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: umami + data: + - secretKey: HASH_SALT + remoteRef: + key: olympus/umami + property: hash_salt diff --git a/flux/cluster/apps/olympus/umami/ingress.yaml b/flux/cluster/apps/olympus/umami/ingress.yaml new file mode 100644 index 00000000..d96e0b3e --- /dev/null +++ b/flux/cluster/apps/olympus/umami/ingress.yaml @@ -0,0 +1,17 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: umami + namespace: olympus +spec: + rules: + - host: "analytics.0x76.dev" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: umami + port: + number: 80 diff --git a/flux/cluster/apps/olympus/umami/kustomization.yaml b/flux/cluster/apps/olympus/umami/kustomization.yaml new file mode 100644 index 00000000..60d441c8 --- /dev/null +++ b/flux/cluster/apps/olympus/umami/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - deployment.yaml + - ingress.yaml + - svc.yaml diff --git a/flux/cluster/apps/olympus/umami/svc.yaml b/flux/cluster/apps/olympus/umami/svc.yaml new file mode 100644 index 00000000..042d1e1d --- /dev/null +++ b/flux/cluster/apps/olympus/umami/svc.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: umami + namespace: olympus +spec: + selector: + app: umami + ports: + - protocol: TCP + port: 80 + targetPort: web diff --git a/flux/cluster/apps/olympus/xirion-registry-creds.yaml b/flux/cluster/apps/olympus/xirion-registry-creds.yaml new file mode 100644 index 00000000..54996c33 --- /dev/null +++ b/flux/cluster/apps/olympus/xirion-registry-creds.yaml @@ -0,0 +1,19 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: xirion-registry-creds + namespace: olympus +spec: + refreshInterval: "5m" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: xirion-registry-creds + template: + type: kubernetes.io/dockerconfigjson + data: + - secretKey: .dockerconfigjson + remoteRef: + key: xirion-registry-creds + property: dockerconfigjson diff --git a/flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml b/flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml index 40c98a2b..7f9d7fe6 100644 --- a/flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml +++ b/flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml @@ -15,4 +15,3 @@ spec: name: zookeeper port: number: 8085 - diff --git a/flux/cluster/core/namespaces/olympus.yaml b/flux/cluster/core/namespaces/olympus.yaml new file mode 100644 index 00000000..cbea7e35 --- /dev/null +++ b/flux/cluster/core/namespaces/olympus.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: olympus + labels: + goldilocks.fairwinds.com/enabled: "true" diff --git a/nixos/hosts/database/configuration.nix b/nixos/hosts/database/configuration.nix index 22022400..52f9f05b 100644 --- a/nixos/hosts/database/configuration.nix +++ b/nixos/hosts/database/configuration.nix @@ -4,7 +4,7 @@ { config, pkgs, ... }: let - databases = [ "authentik" ]; + databases = [ "authentik" "umami" ]; in { diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index f7b0b756..5523deeb 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -46,7 +46,7 @@ in # Kubernetes endpoints virtualHosts."0x76.dev" = k8s_proxy; virtualHosts."id.0x76.dev" = k8s_proxy; - virtualHosts."agola.0x76.dev" = k8s_proxy; + virtualHosts."analytics.0x76.dev" = k8s_proxy; virtualHosts."zookeeper.0x76.dev" = k8s_proxy; virtualHosts."wooloofan.club" = k8s_proxy; virtualHosts."whoami.wooloofan.club" = k8s_proxy; -- 2.47.1 From a9925b30933d5254f33c0e17be7c3570aabc6442 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 26 May 2022 14:35:51 +0200 Subject: [PATCH 0222/1882] properly include new namespace --- flux/cluster/core/namespaces/kustomization.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/flux/cluster/core/namespaces/kustomization.yaml b/flux/cluster/core/namespaces/kustomization.yaml index 5bdccac2..08073deb 100644 --- a/flux/cluster/core/namespaces/kustomization.yaml +++ b/flux/cluster/core/namespaces/kustomization.yaml @@ -7,3 +7,4 @@ resources: - authentik.yaml - gitops.yaml - monitoring.yaml + - olympus.yaml -- 2.47.1 From 7969db10aa73661890e360c7e9a085d0bec89a9f Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 26 May 2022 14:39:06 +0200 Subject: [PATCH 0223/1882] properly include secret --- flux/cluster/apps/olympus/umami/kustomization.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/flux/cluster/apps/olympus/umami/kustomization.yaml b/flux/cluster/apps/olympus/umami/kustomization.yaml index 60d441c8..765ad860 100644 --- a/flux/cluster/apps/olympus/umami/kustomization.yaml +++ b/flux/cluster/apps/olympus/umami/kustomization.yaml @@ -2,5 +2,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - deployment.yaml + - external-secret.yaml - ingress.yaml - svc.yaml -- 2.47.1 From 5cacb7192f52d9a89bd11d3d4e3715b17ba1d2cf Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 26 May 2022 16:05:38 +0200 Subject: [PATCH 0224/1882] umami: add script.js rewrite --- flux/cluster/apps/olympus/umami/ingress.yaml | 2 ++ flux/cluster/apps/olympus/umami/kustomization.yaml | 1 + flux/cluster/apps/olympus/umami/middleware.yaml | 9 +++++++++ 3 files changed, 12 insertions(+) create mode 100644 flux/cluster/apps/olympus/umami/middleware.yaml diff --git a/flux/cluster/apps/olympus/umami/ingress.yaml b/flux/cluster/apps/olympus/umami/ingress.yaml index d96e0b3e..50454747 100644 --- a/flux/cluster/apps/olympus/umami/ingress.yaml +++ b/flux/cluster/apps/olympus/umami/ingress.yaml @@ -3,6 +3,8 @@ kind: Ingress metadata: name: umami namespace: olympus + annotations: + traefik.ingress.kubernetes.io/router.middlewares: umami-replace-js@kubernetescrd spec: rules: - host: "analytics.0x76.dev" diff --git a/flux/cluster/apps/olympus/umami/kustomization.yaml b/flux/cluster/apps/olympus/umami/kustomization.yaml index 765ad860..aaae3abf 100644 --- a/flux/cluster/apps/olympus/umami/kustomization.yaml +++ b/flux/cluster/apps/olympus/umami/kustomization.yaml @@ -5,3 +5,4 @@ resources: - external-secret.yaml - ingress.yaml - svc.yaml + - middleware.yaml diff --git a/flux/cluster/apps/olympus/umami/middleware.yaml b/flux/cluster/apps/olympus/umami/middleware.yaml new file mode 100644 index 00000000..bcf1cbfe --- /dev/null +++ b/flux/cluster/apps/olympus/umami/middleware.yaml @@ -0,0 +1,9 @@ +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: umami-replace-js + namespace: olympus +spec: + replacePathRegex: + regex: ^/script\.js + replacement: /umami.js -- 2.47.1 From 70861cd64e28b3002f57ba25ca53cc8be4387618 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 26 May 2022 16:23:49 +0200 Subject: [PATCH 0225/1882] traefik: enable crds in olympus --- flux/cluster/apps/networking/traefik/helm-release.yaml | 6 ++++++ flux/cluster/apps/olympus/umami/middleware.yaml | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/flux/cluster/apps/networking/traefik/helm-release.yaml b/flux/cluster/apps/networking/traefik/helm-release.yaml index dbfd8855..3df4b2bc 100644 --- a/flux/cluster/apps/networking/traefik/helm-release.yaml +++ b/flux/cluster/apps/networking/traefik/helm-release.yaml @@ -60,6 +60,12 @@ spec: plugins: enabled: false affinity: {} + providers: + kubernetesCRD: + enabled: true + namespaces: + - networking + - olympus resources: requests: memory: 100Mi diff --git a/flux/cluster/apps/olympus/umami/middleware.yaml b/flux/cluster/apps/olympus/umami/middleware.yaml index bcf1cbfe..7edc11e5 100644 --- a/flux/cluster/apps/olympus/umami/middleware.yaml +++ b/flux/cluster/apps/olympus/umami/middleware.yaml @@ -2,7 +2,7 @@ apiVersion: traefik.containo.us/v1alpha1 kind: Middleware metadata: name: umami-replace-js - namespace: olympus + namespace: networking spec: replacePathRegex: regex: ^/script\.js -- 2.47.1 From fd0990374de656814bfe87e4ac24716a0ffc7995 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 26 May 2022 16:28:01 +0200 Subject: [PATCH 0226/1882] fix middleware name --- flux/cluster/apps/olympus/umami/ingress.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/olympus/umami/ingress.yaml b/flux/cluster/apps/olympus/umami/ingress.yaml index 50454747..c0702e71 100644 --- a/flux/cluster/apps/olympus/umami/ingress.yaml +++ b/flux/cluster/apps/olympus/umami/ingress.yaml @@ -4,7 +4,7 @@ metadata: name: umami namespace: olympus annotations: - traefik.ingress.kubernetes.io/router.middlewares: umami-replace-js@kubernetescrd + traefik.ingress.kubernetes.io/router.middlewares: olympus-umami-replace-js@kubernetescrd spec: rules: - host: "analytics.0x76.dev" -- 2.47.1 From 6ef31ff98ad35435ddf5fd0205512b1a7ef7b314 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 26 May 2022 16:31:40 +0200 Subject: [PATCH 0227/1882] fix middleware name 2 --- flux/cluster/apps/olympus/umami/ingress.yaml | 2 +- flux/cluster/apps/olympus/umami/middleware.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/flux/cluster/apps/olympus/umami/ingress.yaml b/flux/cluster/apps/olympus/umami/ingress.yaml index c0702e71..5d1f5976 100644 --- a/flux/cluster/apps/olympus/umami/ingress.yaml +++ b/flux/cluster/apps/olympus/umami/ingress.yaml @@ -4,7 +4,7 @@ metadata: name: umami namespace: olympus annotations: - traefik.ingress.kubernetes.io/router.middlewares: olympus-umami-replace-js@kubernetescrd + traefik.ingress.kubernetes.io/router.middlewares: olympus-umamijs@kubernetescrd spec: rules: - host: "analytics.0x76.dev" diff --git a/flux/cluster/apps/olympus/umami/middleware.yaml b/flux/cluster/apps/olympus/umami/middleware.yaml index 7edc11e5..dbc1cab3 100644 --- a/flux/cluster/apps/olympus/umami/middleware.yaml +++ b/flux/cluster/apps/olympus/umami/middleware.yaml @@ -1,8 +1,8 @@ apiVersion: traefik.containo.us/v1alpha1 kind: Middleware metadata: - name: umami-replace-js - namespace: networking + name: umamijs + namespace: olympus spec: replacePathRegex: regex: ^/script\.js -- 2.47.1 From 65904fd0d66923ee1f8b716a4bb41d0177a3d145 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 26 May 2022 16:42:08 +0200 Subject: [PATCH 0228/1882] change analytics url --- flux/cluster/apps/olympus/umami/ingress.yaml | 2 +- nixos/hosts/nginx/configuration.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/flux/cluster/apps/olympus/umami/ingress.yaml b/flux/cluster/apps/olympus/umami/ingress.yaml index 5d1f5976..50d9f4fd 100644 --- a/flux/cluster/apps/olympus/umami/ingress.yaml +++ b/flux/cluster/apps/olympus/umami/ingress.yaml @@ -7,7 +7,7 @@ metadata: traefik.ingress.kubernetes.io/router.middlewares: olympus-umamijs@kubernetescrd spec: rules: - - host: "analytics.0x76.dev" + - host: "msg.0x76.dev" http: paths: - path: / diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index 5523deeb..75bb5317 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -46,7 +46,7 @@ in # Kubernetes endpoints virtualHosts."0x76.dev" = k8s_proxy; virtualHosts."id.0x76.dev" = k8s_proxy; - virtualHosts."analytics.0x76.dev" = k8s_proxy; + virtualHosts."msg.0x76.dev" = k8s_proxy; virtualHosts."zookeeper.0x76.dev" = k8s_proxy; virtualHosts."wooloofan.club" = k8s_proxy; virtualHosts."whoami.wooloofan.club" = k8s_proxy; -- 2.47.1 From b52ae09230c81361cabfe2e7a718f1740a8f89ab Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 26 May 2022 17:00:14 +0000 Subject: [PATCH 0229/1882] chore(deps): update helm release authentik to v2022.5.1 --- flux/cluster/apps/authentik/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/authentik/helm-release.yaml b/flux/cluster/apps/authentik/helm-release.yaml index 8cd1b145..d80d1532 100644 --- a/flux/cluster/apps/authentik/helm-release.yaml +++ b/flux/cluster/apps/authentik/helm-release.yaml @@ -9,7 +9,7 @@ spec: spec: # renovate: registryUrl=https://charts.goauthentik.io chart: authentik - version: 2022.4.3 + version: 2022.5.1 sourceRef: kind: HelmRepository name: authentik-charts -- 2.47.1 From 6d9bd1fe54f760680ea152c462467a8117f91533 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 27 May 2022 11:41:22 +0200 Subject: [PATCH 0230/1882] add colmena dep --- flake.lock | 109 +++++++++++++++++++++++++++++++++++++++++++---------- flake.nix | 3 ++ 2 files changed, 93 insertions(+), 19 deletions(-) diff --git a/flake.lock b/flake.lock index ddd8d3ef..7bcd9ff0 100644 --- a/flake.lock +++ b/flake.lock @@ -1,19 +1,42 @@ { "nodes": { - "deploy-rs": { + "colmena": { "inputs": { "flake-compat": "flake-compat", "nixpkgs": [ "nixpkgs" ], + "stable": "stable", "utils": "utils" }, "locked": { - "lastModified": 1652079807, - "narHash": "sha256-aCs1EwO9K2yJ1DcT4+4g7BMlJBWP7Xjs4k5i8ueR8PU=", + "lastModified": 1653210933, + "narHash": "sha256-n6Hk/zPHcjloi0E/miKGnXrWROha90uan2CFQV7oaqI=", + "owner": "zhaofengli", + "repo": "colmena", + "rev": "429a0f5aa1d1bac06234e2f0c02d5b63a850d940", + "type": "github" + }, + "original": { + "owner": "zhaofengli", + "repo": "colmena", + "type": "github" + } + }, + "deploy-rs": { + "inputs": { + "flake-compat": "flake-compat_2", + "nixpkgs": [ + "nixpkgs" + ], + "utils": "utils_2" + }, + "locked": { + "lastModified": 1653594315, + "narHash": "sha256-kJ0ENmnQJ4qL2FeYKZba9kvv1KmIuB3NVpBwMeI7AJQ=", "owner": "serokell", "repo": "deploy-rs", - "rev": "690f698b18345d894784752b5fa93b9b8f3cc29f", + "rev": "184349d8149436748986d1bdba087e4149e9c160", "type": "github" }, "original": { @@ -23,6 +46,22 @@ } }, "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { "flake": false, "locked": { "lastModified": 1648199409, @@ -38,7 +77,7 @@ "type": "github" } }, - "flake-compat_2": { + "flake-compat_3": { "flake": false, "locked": { "lastModified": 1627913399, @@ -53,7 +92,7 @@ "type": "indirect" } }, - "flake-compat_3": { + "flake-compat_4": { "flake": false, "locked": { "lastModified": 1627913399, @@ -164,14 +203,14 @@ "nixpkgs": [ "nixpkgs" ], - "utils": "utils_2" + "utils": "utils_3" }, "locked": { - "lastModified": 1653372067, - "narHash": "sha256-1+fD3EHTbUSoKcabe9WadVe9fFnG5f2ODWC+WpR8exc=", + "lastModified": 1653614444, + "narHash": "sha256-JDXshcep5PjUx+AM68FunQgpFtS+B8/U/ow0gROln+k=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "6008e29999eb32bd7880ae53e13f83d9181f04bb", + "rev": "0147a798063462fb2c4644cdb7936d050d3b704f", "type": "github" }, "original": { @@ -218,11 +257,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1653427793, - "narHash": "sha256-h6y/I5O/QTawjny6GfovRSUbaEAvswfRXFMuOhVYwBQ=", + "lastModified": 1653602240, + "narHash": "sha256-Gt3J9eZQ12H6niBjmqd6cNCY4g/EDbcMTRGyCmAQurA=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "bef8053f86b8702d57601972f782186b7269db69", + "rev": "c2f9aad978affdbfd20578bc84a4f0a170ff8a6f", "type": "github" }, "original": { @@ -264,6 +303,7 @@ }, "root": { "inputs": { + "colmena": "colmena", "deploy-rs": "deploy-rs", "minecraft-servers": "minecraft-servers", "nixpkgs": "nixpkgs", @@ -276,7 +316,7 @@ "deploy-rs": [ "deploy-rs" ], - "flake-compat": "flake-compat_2", + "flake-compat": "flake-compat_3", "flake-utils": "flake-utils_2", "gitignore-nix": "gitignore-nix", "nix": "nix", @@ -285,11 +325,11 @@ ] }, "locked": { - "lastModified": 1653404524, - "narHash": "sha256-Mu3qgXABzAM9T+4dWmV3OOYFydxv28al7cTdiUK6h3s=", + "lastModified": 1653431509, + "narHash": "sha256-4PUKylYuWy0Wlaz8lmbuKq7ok3biV/P6GeLKyO1opEk=", "owner": "serokell", "repo": "serokell.nix", - "rev": "3b39a9000c7652cf7693b70c13c7e1564b0cf333", + "rev": "b69317c1304a9c51d7a20ec36ab31f853887e96d", "type": "github" }, "original": { @@ -298,7 +338,38 @@ "type": "github" } }, + "stable": { + "locked": { + "lastModified": 1653087707, + "narHash": "sha256-zfno3snrzZTWQ2B7K53QHrGZwrjnJLTRPalymrSsziU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "cbd40c72b2603ab54e7208f99f9b35fc158bc009", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-21.11", + "repo": "nixpkgs", + "type": "github" + } + }, "utils": { + "locked": { + "lastModified": 1649676176, + "narHash": "sha256-OWKJratjt2RW151VUlJPRALb7OU2S5s+f0vLj4o1bHM=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "a4b154ebbdc88c8498a5c7b01589addc9e9cb678", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "utils_2": { "locked": { "lastModified": 1648297722, "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=", @@ -313,7 +384,7 @@ "type": "github" } }, - "utils_2": { + "utils_3": { "inputs": { "flake-utils": "flake-utils" }, @@ -333,7 +404,7 @@ }, "vault-secrets": { "inputs": { - "flake-compat": "flake-compat_3", + "flake-compat": "flake-compat_4", "flake-utils": "flake-utils_3", "nix": "nix_2", "nixpkgs": [ diff --git a/flake.nix b/flake.nix index c2dd2d5c..810bdbbb 100644 --- a/flake.nix +++ b/flake.nix @@ -10,6 +10,9 @@ deploy-rs.url = "github:serokell/deploy-rs"; deploy-rs.inputs.nixpkgs.follows = "nixpkgs"; + + colmena.url = "github:zhaofengli/colmena"; + colmena.inputs.nixpkgs.follows = "nixpkgs"; serokell-nix.url = "github:serokell/serokell.nix"; serokell-nix.inputs.nixpkgs.follows = "nixpkgs"; -- 2.47.1 From 9d5d218eb4d1d92b13efcc9defd08f72875856a1 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 27 May 2022 13:15:08 +0200 Subject: [PATCH 0231/1882] renovate: flux ignore some things --- .../apps/gitops/renovate/renovate-infrastructure.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index d3c8e679..4c5f7b77 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -80,6 +80,15 @@ data: ] } ], + // ignore individual fluxcd images + "ignoreDeps": [ + "ghcr.io/fluxcd/helm-controller", + "ghcr.io/fluxcd/image-automation-controller", + "ghcr.io/fluxcd/image-reflector-controller", + "ghcr.io/fluxcd/kustomize-controller", + "ghcr.io/fluxcd/notification-controller", + "ghcr.io/fluxcd/source-controller" + ], "regexManagers": [ { "description": "Process GitRepository CRD dependencies - Chart and Github Release are the same version", -- 2.47.1 From 6bd183d274de2f61c94c2ed5e24ce9228ada4ab3 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 27 May 2022 15:20:29 +0200 Subject: [PATCH 0232/1882] deploy drone --- .../apps/gitops/drone/external-secret.yaml | 27 ++++++++++++++ .../apps/gitops/drone/kustomization.yaml | 6 ++++ flux/cluster/apps/gitops/drone/runner.yaml | 35 +++++++++++++++++++ flux/cluster/apps/gitops/drone/server.yaml | 30 ++++++++++++++++ .../flux-system/charts/helm/drone-charts.yaml | 10 ++++++ .../charts/helm/kustomization.yaml | 1 + flux/cluster/core/namespaces/drone-build.yaml | 5 +++ .../core/namespaces/kustomization.yaml | 1 + nixos/hosts/database/configuration.nix | 3 +- nixos/hosts/nginx/configuration.nix | 1 + 10 files changed, 117 insertions(+), 2 deletions(-) create mode 100644 flux/cluster/apps/gitops/drone/external-secret.yaml create mode 100644 flux/cluster/apps/gitops/drone/kustomization.yaml create mode 100644 flux/cluster/apps/gitops/drone/runner.yaml create mode 100644 flux/cluster/apps/gitops/drone/server.yaml create mode 100644 flux/cluster/base/flux-system/charts/helm/drone-charts.yaml create mode 100644 flux/cluster/core/namespaces/drone-build.yaml diff --git a/flux/cluster/apps/gitops/drone/external-secret.yaml b/flux/cluster/apps/gitops/drone/external-secret.yaml new file mode 100644 index 00000000..b8f2845a --- /dev/null +++ b/flux/cluster/apps/gitops/drone/external-secret.yaml @@ -0,0 +1,27 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: drone + namespace: gitops +spec: + refreshInterval: "5m" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: drone + data: + - secretKey: DRONE_RPC_SECRET + remoteRef: + key: gitops/drone + property: drone_rpc_secret + + - secretKey: DRONE_GITEA_CLIENT_ID + remoteRef: + key: gitops/drone + property: drone_gitea_client_id + + - secretKey: DRONE_GITEA_CLIENT_SECRET + remoteRef: + key: gitops/drone + property: drone_gitea_client_secret diff --git a/flux/cluster/apps/gitops/drone/kustomization.yaml b/flux/cluster/apps/gitops/drone/kustomization.yaml new file mode 100644 index 00000000..8839b330 --- /dev/null +++ b/flux/cluster/apps/gitops/drone/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - server.yaml + - runner.yaml + - external-secret.yaml diff --git a/flux/cluster/apps/gitops/drone/runner.yaml b/flux/cluster/apps/gitops/drone/runner.yaml new file mode 100644 index 00000000..a00518f4 --- /dev/null +++ b/flux/cluster/apps/gitops/drone/runner.yaml @@ -0,0 +1,35 @@ +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: drone-runner-kube + namespace: gitops +spec: + interval: 1h + chart: + spec: + chart: drone-runner-kube + version: 0.1.8 + sourceRef: + kind: HelmRepository + name: drone-charts + namespace: flux-system + valuesFrom: + - kind: Secret + name: drone + valuesKey: DRONE_RPC_SECRET + targetPath: env.DRONE_RPC_SECRET + values: + image: + repository: drone/drone-runner-kube + tag: 1.0.0-rc.3 + ingress: + enabled: true + host: drone.0x76.dev + paths: + - path: / + pathType: Prefix + rbac: + buildNamespaces: + - drone-build + env: + DRONE_NAMESPACE_DEFAULT: drone-build diff --git a/flux/cluster/apps/gitops/drone/server.yaml b/flux/cluster/apps/gitops/drone/server.yaml new file mode 100644 index 00000000..df4a0e8f --- /dev/null +++ b/flux/cluster/apps/gitops/drone/server.yaml @@ -0,0 +1,30 @@ +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: drone + namespace: gitops +spec: + interval: 1h + chart: + spec: + chart: drone + version: 0.2.5 + sourceRef: + kind: HelmRepository + name: drone-charts + namespace: flux-system + values: + image: + repository: drone/drone + tag: 2.12.0 + persistentVolume: + enabled: false + extraSecretNamesForEnvFrom: + - drone + env: + DRONE_DATABASE_DRIVER: postgres + DRONE_DATABASE_DATASOURCE: postgres://drone@10.42.42.26/drone?sslmode=disable + DRONE_GIT_ALWAYS_AUTH: true + DRONE_GITEA_SERVER: https://git.0x76.dev + DRONE_SERVER_HOST: drone.0x76.dev + DRONE_SERVER_PROTO: https diff --git a/flux/cluster/base/flux-system/charts/helm/drone-charts.yaml b/flux/cluster/base/flux-system/charts/helm/drone-charts.yaml new file mode 100644 index 00000000..e88ec5a5 --- /dev/null +++ b/flux/cluster/base/flux-system/charts/helm/drone-charts.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1beta1 +kind: HelmRepository +metadata: + name: drone-charts + namespace: flux-system +spec: + interval: 15m + url: https://charts.drone.io + timeout: 3m diff --git a/flux/cluster/base/flux-system/charts/helm/kustomization.yaml b/flux/cluster/base/flux-system/charts/helm/kustomization.yaml index 5390daca..462fbd74 100644 --- a/flux/cluster/base/flux-system/charts/helm/kustomization.yaml +++ b/flux/cluster/base/flux-system/charts/helm/kustomization.yaml @@ -6,3 +6,4 @@ resources: - external-secrets-charts.yaml - authentik-charts.yaml - fairwinds-charts.yaml + - drone-charts.yaml diff --git a/flux/cluster/core/namespaces/drone-build.yaml b/flux/cluster/core/namespaces/drone-build.yaml new file mode 100644 index 00000000..de9788d4 --- /dev/null +++ b/flux/cluster/core/namespaces/drone-build.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: drone-build diff --git a/flux/cluster/core/namespaces/kustomization.yaml b/flux/cluster/core/namespaces/kustomization.yaml index 08073deb..0dfe9d5e 100644 --- a/flux/cluster/core/namespaces/kustomization.yaml +++ b/flux/cluster/core/namespaces/kustomization.yaml @@ -8,3 +8,4 @@ resources: - gitops.yaml - monitoring.yaml - olympus.yaml + - drone-build.yaml diff --git a/nixos/hosts/database/configuration.nix b/nixos/hosts/database/configuration.nix index 52f9f05b..5e3f68ff 100644 --- a/nixos/hosts/database/configuration.nix +++ b/nixos/hosts/database/configuration.nix @@ -4,8 +4,7 @@ { config, pkgs, ... }: let - databases = [ "authentik" "umami" ]; - + databases = [ "authentik" "umami" "drone" ]; in { imports = [ ]; diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index 75bb5317..949c5b72 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -45,6 +45,7 @@ in # Kubernetes endpoints virtualHosts."0x76.dev" = k8s_proxy; + virtualHosts."drone.0x76.dev" = k8s_proxy; virtualHosts."id.0x76.dev" = k8s_proxy; virtualHosts."msg.0x76.dev" = k8s_proxy; virtualHosts."zookeeper.0x76.dev" = k8s_proxy; -- 2.47.1 From 33cc555d8ffcf86aa52bf423cb8108c37bbb8f68 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 27 May 2022 15:23:54 +0200 Subject: [PATCH 0233/1882] deploy drone 2 --- flux/cluster/apps/gitops/kustomization.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/flux/cluster/apps/gitops/kustomization.yaml b/flux/cluster/apps/gitops/kustomization.yaml index 4ddab702..91f0de33 100644 --- a/flux/cluster/apps/gitops/kustomization.yaml +++ b/flux/cluster/apps/gitops/kustomization.yaml @@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - renovate + - drone -- 2.47.1 From 2564b7b6b71b41f421d81ac9b81b0c9ea3ceaa9d Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 27 May 2022 15:26:33 +0200 Subject: [PATCH 0234/1882] drone: fix ingress --- flux/cluster/apps/gitops/drone/server.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/flux/cluster/apps/gitops/drone/server.yaml b/flux/cluster/apps/gitops/drone/server.yaml index df4a0e8f..e9b27a8e 100644 --- a/flux/cluster/apps/gitops/drone/server.yaml +++ b/flux/cluster/apps/gitops/drone/server.yaml @@ -17,6 +17,12 @@ spec: image: repository: drone/drone tag: 2.12.0 + ingress: + enabled: true + host: drone.0x76.dev + paths: + - path: / + pathType: Prefix persistentVolume: enabled: false extraSecretNamesForEnvFrom: -- 2.47.1 From 90577983f1c89f38b137abe76bce52614312d26b Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 27 May 2022 15:29:23 +0200 Subject: [PATCH 0235/1882] drone: fix ingress 2 --- flux/cluster/apps/gitops/drone/runner.yaml | 6 ------ flux/cluster/apps/gitops/drone/server.yaml | 9 +++++---- 2 files changed, 5 insertions(+), 10 deletions(-) diff --git a/flux/cluster/apps/gitops/drone/runner.yaml b/flux/cluster/apps/gitops/drone/runner.yaml index a00518f4..e9b29b12 100644 --- a/flux/cluster/apps/gitops/drone/runner.yaml +++ b/flux/cluster/apps/gitops/drone/runner.yaml @@ -22,12 +22,6 @@ spec: image: repository: drone/drone-runner-kube tag: 1.0.0-rc.3 - ingress: - enabled: true - host: drone.0x76.dev - paths: - - path: / - pathType: Prefix rbac: buildNamespaces: - drone-build diff --git a/flux/cluster/apps/gitops/drone/server.yaml b/flux/cluster/apps/gitops/drone/server.yaml index e9b27a8e..26e1edac 100644 --- a/flux/cluster/apps/gitops/drone/server.yaml +++ b/flux/cluster/apps/gitops/drone/server.yaml @@ -19,10 +19,11 @@ spec: tag: 2.12.0 ingress: enabled: true - host: drone.0x76.dev - paths: - - path: / - pathType: Prefix + hosts: + - host: drone.0x76.dev + paths: + - path: / + pathType: Prefix persistentVolume: enabled: false extraSecretNamesForEnvFrom: -- 2.47.1 From e5eac34588fb0d85ef655640d99771b60691bec1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 28 May 2022 14:00:18 +0000 Subject: [PATCH 0236/1882] chore(deps): update dependency renovate/renovate to v32.68 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 4c5f7b77..837386bd 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.66 + image: renovate/renovate:32.68 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From d58ccc36e27493faa557d73abb4688fe80a144c3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 28 May 2022 12:00:18 +0000 Subject: [PATCH 0237/1882] chore(deps): update helm values ghcr.io/goauthentik/server to v2022.5.3 --- flux/cluster/apps/authentik/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/authentik/helm-release.yaml b/flux/cluster/apps/authentik/helm-release.yaml index d80d1532..559e6673 100644 --- a/flux/cluster/apps/authentik/helm-release.yaml +++ b/flux/cluster/apps/authentik/helm-release.yaml @@ -24,7 +24,7 @@ spec: values: image: repository: ghcr.io/goauthentik/server - tag: 2022.5.2 + tag: 2022.5.3 authentik: error_reporting: enabled: true -- 2.47.1 From c2659a9982a1de42cbe975c4fdfa3f0d069780dd Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 29 May 2022 16:09:24 +0200 Subject: [PATCH 0238/1882] drone ci --- .drone.yml | 8 ++++++++ Dockerfile | 0 2 files changed, 8 insertions(+) create mode 100644 .drone.yml create mode 100644 Dockerfile diff --git a/.drone.yml b/.drone.yml new file mode 100644 index 00000000..b64f207c --- /dev/null +++ b/.drone.yml @@ -0,0 +1,8 @@ +kind: pipeline +type: kubernetes +name: default +steps: + - name: kubeval + image: garethr/kubeval + commands: + - kubeval --ignore-missing-schemas-d ./flux/ diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..e69de29b -- 2.47.1 From 9af5a5130d1198f07320b1c9ae356209057e8c2f Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 29 May 2022 16:11:26 +0200 Subject: [PATCH 0239/1882] fix ci --- .drone.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index b64f207c..98318a51 100644 --- a/.drone.yml +++ b/.drone.yml @@ -5,4 +5,4 @@ steps: - name: kubeval image: garethr/kubeval commands: - - kubeval --ignore-missing-schemas-d ./flux/ + - kubeval --ignore-missing-schemas -d ./flux/ -- 2.47.1 From fa4f21a63f657eea70237f391a010ae201aa0d3d Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 29 May 2022 17:16:34 +0200 Subject: [PATCH 0240/1882] yamllint --- .drone.yml | 4 +- .yamllint.yaml | 24 ++++++++ .../apps/authentik/external-secret.yaml | 8 +-- flux/cluster/apps/authentik/helm-release.yaml | 2 +- .../apps/gitops/drone/external-secret.yaml | 24 ++++---- flux/cluster/apps/gitops/drone/runner.yaml | 2 +- .../apps/gitops/renovate/external-secret.yaml | 16 +++--- .../renovate/renovate-infrastructure.yaml | 2 +- .../apps/networking/kustomization.yaml | 2 +- .../apps/networking/traefik/helm-release.yaml | 2 +- .../apps/olympus/umami/external-secret.yaml | 8 +-- flux/cluster/apps/olympus/umami/ingress.yaml | 20 +++---- .../wooloofanclub/wooloo.yaml | 56 +++++++++---------- .../zookeeper/external-secret.yaml | 40 ++++++------- .../zookeeper/ingress.yaml | 20 +++---- .../presidential-paradise/zookeeper/svc.yaml | 14 ++--- .../kustomization.yaml | 4 +- .../base/flux-system/kustomization.yaml | 10 ++-- flux/cluster/crds/external-secrets/crds.yaml | 1 - 19 files changed, 141 insertions(+), 118 deletions(-) create mode 100644 .yamllint.yaml diff --git a/.drone.yml b/.drone.yml index 98318a51..dd2f7bb7 100644 --- a/.drone.yml +++ b/.drone.yml @@ -3,6 +3,6 @@ type: kubernetes name: default steps: - name: kubeval - image: garethr/kubeval + image: registry.gitlab.com/pipeline-components/yamllint commands: - - kubeval --ignore-missing-schemas -d ./flux/ + - yamllint -c .yamllint.taml . diff --git a/.yamllint.yaml b/.yamllint.yaml new file mode 100644 index 00000000..efbcd467 --- /dev/null +++ b/.yamllint.yaml @@ -0,0 +1,24 @@ +--- +ignore: | + charts/ + docs/ + .private/ + .terraform/ + .vscode/ + gotk-components.yaml +extends: default +rules: + empty-lines: + max-end: 1 + truthy: + allowed-values: ["true", "false", "on"] + comments: + min-spaces-from-content: 1 + line-length: disable + braces: + min-spaces-inside: 0 + max-spaces-inside: 1 + brackets: + min-spaces-inside: 0 + max-spaces-inside: 0 + indentation: enable diff --git a/flux/cluster/apps/authentik/external-secret.yaml b/flux/cluster/apps/authentik/external-secret.yaml index e7a2abfa..a7789afc 100644 --- a/flux/cluster/apps/authentik/external-secret.yaml +++ b/flux/cluster/apps/authentik/external-secret.yaml @@ -11,7 +11,7 @@ spec: target: name: authentik data: - - secretKey: secret_key - remoteRef: - key: authentik/authentik - property: secret_key + - secretKey: secret_key + remoteRef: + key: authentik/authentik + property: secret_key diff --git a/flux/cluster/apps/authentik/helm-release.yaml b/flux/cluster/apps/authentik/helm-release.yaml index 559e6673..5860d27e 100644 --- a/flux/cluster/apps/authentik/helm-release.yaml +++ b/flux/cluster/apps/authentik/helm-release.yaml @@ -5,7 +5,7 @@ metadata: namespace: authentik spec: interval: 1m0s - chart: + chart: spec: # renovate: registryUrl=https://charts.goauthentik.io chart: authentik diff --git a/flux/cluster/apps/gitops/drone/external-secret.yaml b/flux/cluster/apps/gitops/drone/external-secret.yaml index b8f2845a..11894ddc 100644 --- a/flux/cluster/apps/gitops/drone/external-secret.yaml +++ b/flux/cluster/apps/gitops/drone/external-secret.yaml @@ -11,17 +11,17 @@ spec: target: name: drone data: - - secretKey: DRONE_RPC_SECRET - remoteRef: - key: gitops/drone - property: drone_rpc_secret + - secretKey: DRONE_RPC_SECRET + remoteRef: + key: gitops/drone + property: drone_rpc_secret - - secretKey: DRONE_GITEA_CLIENT_ID - remoteRef: - key: gitops/drone - property: drone_gitea_client_id + - secretKey: DRONE_GITEA_CLIENT_ID + remoteRef: + key: gitops/drone + property: drone_gitea_client_id - - secretKey: DRONE_GITEA_CLIENT_SECRET - remoteRef: - key: gitops/drone - property: drone_gitea_client_secret + - secretKey: DRONE_GITEA_CLIENT_SECRET + remoteRef: + key: gitops/drone + property: drone_gitea_client_secret diff --git a/flux/cluster/apps/gitops/drone/runner.yaml b/flux/cluster/apps/gitops/drone/runner.yaml index e9b29b12..0d5cd558 100644 --- a/flux/cluster/apps/gitops/drone/runner.yaml +++ b/flux/cluster/apps/gitops/drone/runner.yaml @@ -24,6 +24,6 @@ spec: tag: 1.0.0-rc.3 rbac: buildNamespaces: - - drone-build + - drone-build env: DRONE_NAMESPACE_DEFAULT: drone-build diff --git a/flux/cluster/apps/gitops/renovate/external-secret.yaml b/flux/cluster/apps/gitops/renovate/external-secret.yaml index 854c4a80..23606bce 100644 --- a/flux/cluster/apps/gitops/renovate/external-secret.yaml +++ b/flux/cluster/apps/gitops/renovate/external-secret.yaml @@ -11,11 +11,11 @@ spec: target: name: renovate data: - - secretKey: RENOVATE_TOKEN - remoteRef: - key: gitops/renovate - property: gitea_token - - secretKey: GITHUB_COM_TOKEN - remoteRef: - key: gitops/renovate - property: github_token + - secretKey: RENOVATE_TOKEN + remoteRef: + key: gitops/renovate + property: gitea_token + - secretKey: GITHUB_COM_TOKEN + remoteRef: + key: gitops/renovate + property: github_token diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 837386bd..24b048e4 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -87,7 +87,7 @@ data: "ghcr.io/fluxcd/image-reflector-controller", "ghcr.io/fluxcd/kustomize-controller", "ghcr.io/fluxcd/notification-controller", - "ghcr.io/fluxcd/source-controller" + "ghcr.io/fluxcd/source-controller" ], "regexManagers": [ { diff --git a/flux/cluster/apps/networking/kustomization.yaml b/flux/cluster/apps/networking/kustomization.yaml index 0ad868a3..8f492af6 100644 --- a/flux/cluster/apps/networking/kustomization.yaml +++ b/flux/cluster/apps/networking/kustomization.yaml @@ -1,4 +1,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -resources: +resources: - traefik diff --git a/flux/cluster/apps/networking/traefik/helm-release.yaml b/flux/cluster/apps/networking/traefik/helm-release.yaml index 3df4b2bc..5842d6a5 100644 --- a/flux/cluster/apps/networking/traefik/helm-release.yaml +++ b/flux/cluster/apps/networking/traefik/helm-release.yaml @@ -59,7 +59,7 @@ spec: experimental: plugins: enabled: false - affinity: {} + affinity: {} providers: kubernetesCRD: enabled: true diff --git a/flux/cluster/apps/olympus/umami/external-secret.yaml b/flux/cluster/apps/olympus/umami/external-secret.yaml index 49a91f16..213a9450 100644 --- a/flux/cluster/apps/olympus/umami/external-secret.yaml +++ b/flux/cluster/apps/olympus/umami/external-secret.yaml @@ -11,7 +11,7 @@ spec: target: name: umami data: - - secretKey: HASH_SALT - remoteRef: - key: olympus/umami - property: hash_salt + - secretKey: HASH_SALT + remoteRef: + key: olympus/umami + property: hash_salt diff --git a/flux/cluster/apps/olympus/umami/ingress.yaml b/flux/cluster/apps/olympus/umami/ingress.yaml index 50d9f4fd..375dad1e 100644 --- a/flux/cluster/apps/olympus/umami/ingress.yaml +++ b/flux/cluster/apps/olympus/umami/ingress.yaml @@ -7,13 +7,13 @@ metadata: traefik.ingress.kubernetes.io/router.middlewares: olympus-umamijs@kubernetescrd spec: rules: - - host: "msg.0x76.dev" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: umami - port: - number: 80 + - host: "msg.0x76.dev" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: umami + port: + number: 80 diff --git a/flux/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml b/flux/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml index fd2d56df..c839834c 100644 --- a/flux/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml +++ b/flux/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml @@ -16,10 +16,10 @@ spec: app: wooloofan-club spec: containers: - - name: wooloofan-club - image: 0x76/wooloofan.club - ports: - - containerPort: 80 + - name: wooloofan-club + image: 0x76/wooloofan.club + ports: + - containerPort: 80 --- apiVersion: apps/v1 kind: Deployment @@ -39,10 +39,10 @@ spec: app: wooloofan-club-whoami spec: containers: - - name: wooloofan-club-whoami - image: containous/whoami - ports: - - containerPort: 80 + - name: wooloofan-club-whoami + image: containous/whoami + ports: + - containerPort: 80 --- apiVersion: v1 kind: Service @@ -76,23 +76,23 @@ metadata: spec: ingressClassName: "traefik" rules: - - host: "wooloofan.club" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: wooloofan-club-service - port: - number: 80 - - host: "whoami.wooloofan.club" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: wooloofan-club-whoami-service - port: - number: 80 + - host: "wooloofan.club" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: wooloofan-club-service + port: + number: 80 + - host: "whoami.wooloofan.club" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: wooloofan-club-whoami-service + port: + number: 80 diff --git a/flux/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml b/flux/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml index a2a2499a..fac7c6f0 100644 --- a/flux/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml +++ b/flux/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml @@ -11,23 +11,23 @@ spec: target: name: zookeeper data: - - secretKey: DISCORD_APP_ID - remoteRef: - key: presidential-paradise/zookeeper - property: discord_app_id - - secretKey: DISCORD_PUBLIC_KEY - remoteRef: - key: presidential-paradise/zookeeper - property: discord_public_key - - secretKey: DISCORD_TOKEN - remoteRef: - key: presidential-paradise/zookeeper - property: discord_token - - secretKey: TWITTER_TOKEN - remoteRef: - key: presidential-paradise/zookeeper - property: twitter_token - - secretKey: RELEASE_COOKIE - remoteRef: - key: presidential-paradise/zookeeper - property: erlang_cookie + - secretKey: DISCORD_APP_ID + remoteRef: + key: presidential-paradise/zookeeper + property: discord_app_id + - secretKey: DISCORD_PUBLIC_KEY + remoteRef: + key: presidential-paradise/zookeeper + property: discord_public_key + - secretKey: DISCORD_TOKEN + remoteRef: + key: presidential-paradise/zookeeper + property: discord_token + - secretKey: TWITTER_TOKEN + remoteRef: + key: presidential-paradise/zookeeper + property: twitter_token + - secretKey: RELEASE_COOKIE + remoteRef: + key: presidential-paradise/zookeeper + property: erlang_cookie diff --git a/flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml b/flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml index 7f9d7fe6..44a42803 100644 --- a/flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml +++ b/flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml @@ -5,13 +5,13 @@ metadata: namespace: presidential-paradise spec: rules: - - host: "zookeeper.0x76.dev" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: zookeeper - port: - number: 8085 + - host: "zookeeper.0x76.dev" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: zookeeper + port: + number: 8085 diff --git a/flux/cluster/apps/presidential-paradise/zookeeper/svc.yaml b/flux/cluster/apps/presidential-paradise/zookeeper/svc.yaml index d5dc285c..e6ec808d 100644 --- a/flux/cluster/apps/presidential-paradise/zookeeper/svc.yaml +++ b/flux/cluster/apps/presidential-paradise/zookeeper/svc.yaml @@ -6,10 +6,10 @@ metadata: spec: clusterIP: None ports: - - name: epmd - port: 4369 - targetPort: epmd - protocol: TCP + - name: epmd + port: 4369 + targetPort: epmd + protocol: TCP selector: app: zookeeper --- @@ -20,8 +20,8 @@ metadata: namespace: presidential-paradise spec: ports: - - name: http - targetPort: web - port: 8085 + - name: http + targetPort: web + port: 8085 selector: app: zookeeper diff --git a/flux/cluster/base/flux-system/image-update-automation/kustomization.yaml b/flux/cluster/base/flux-system/image-update-automation/kustomization.yaml index 42c052f0..d370ea66 100644 --- a/flux/cluster/base/flux-system/image-update-automation/kustomization.yaml +++ b/flux/cluster/base/flux-system/image-update-automation/kustomization.yaml @@ -1,5 +1,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: -- image-update-automation.yaml -- zookeeper.yaml + - image-update-automation.yaml + - zookeeper.yaml diff --git a/flux/cluster/base/flux-system/kustomization.yaml b/flux/cluster/base/flux-system/kustomization.yaml index fb0f20c8..c3635442 100644 --- a/flux/cluster/base/flux-system/kustomization.yaml +++ b/flux/cluster/base/flux-system/kustomization.yaml @@ -1,8 +1,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: -- gotk-components.yaml -- gotk-sync.yaml -- xirion-registry-creds.yaml -- image-update-automation -- charts + - gotk-components.yaml + - gotk-sync.yaml + - xirion-registry-creds.yaml + - image-update-automation + - charts diff --git a/flux/cluster/crds/external-secrets/crds.yaml b/flux/cluster/crds/external-secrets/crds.yaml index 00c89d3e..652b06c7 100644 --- a/flux/cluster/crds/external-secrets/crds.yaml +++ b/flux/cluster/crds/external-secrets/crds.yaml @@ -28,4 +28,3 @@ spec: sourceRef: kind: GitRepository name: external-secrets-crd-source - -- 2.47.1 From 33d98a61c98eedcbcc4888c37106a7d16d467b14 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 29 May 2022 17:17:04 +0200 Subject: [PATCH 0241/1882] yamllint fixed --- .drone.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.drone.yml b/.drone.yml index dd2f7bb7..27c73b87 100644 --- a/.drone.yml +++ b/.drone.yml @@ -2,7 +2,7 @@ kind: pipeline type: kubernetes name: default steps: - - name: kubeval + - name: yamllint image: registry.gitlab.com/pipeline-components/yamllint commands: - - yamllint -c .yamllint.taml . + - yamllint -c .yamllint.yaml . -- 2.47.1 From 2b58c526ce2ab6adb063cad09e59df616ea53671 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 May 2022 11:00:19 +0000 Subject: [PATCH 0242/1882] chore(deps): update dependency renovate/renovate to v32.70 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 24b048e4..7c577f0b 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.68 + image: renovate/renovate:32.70 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From e928c15d8a02d76f37ab7d9a7efe877792e19f48 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 May 2022 18:00:20 +0000 Subject: [PATCH 0243/1882] chore(deps): update dependency renovate/renovate to v32.71 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 7c577f0b..806c15b0 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.70 + image: renovate/renovate:32.71 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From da3ced9f1a55783cf5dd7ddad327152862c4fe13 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Wed, 1 Jun 2022 10:54:40 +0200 Subject: [PATCH 0244/1882] renovate: change crd matching --- .../renovate/renovate-infrastructure.yaml | 20 ++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 24b048e4..049f903f 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -91,20 +91,22 @@ data: ], "regexManagers": [ { - "description": "Process GitRepository CRD dependencies - Chart and Github Release are the same version", - "fileMatch": ["flux/cluster/crds/.+\\.ya?ml$"], + "fileMatch": [ + "flux/cluster/crds/traefik/.+\\.ya?ml$" + ], "matchStrings": [ - "registryUrl=(?\\S+) chart=(?\\S+)\n.*?(?[^-\\s]*)\n" + "registryUrl=(?.*?) chart=(?.*?)\n *tag: v(?.*)\n" ], "datasourceTemplate": "helm" }, { - "description": "Process Kustomization CRD dependencies - Image and Github Release are the same version", - "fileMatch": ["flux/cluster/crds/.+\\.ya?ml$"], - "matchStrings": [ - "datasource=(?\\S+) image=(?\\S+)\n.*?-\\s(.*?)\/(?[^/]+)\/[^/]+\n" + "fileMatch": [ + "flux/cluster/crds/external-secrets/.+\\.ya?ml$" ], - "datasourceTemplate": "docker" - } + "matchStrings": [ + "registryUrl=(?.*?) chart=(?.*?)\n *tag: helm-chart-(?.*)\n" + ], + "datasourceTemplate": "helm" + }, ] }; -- 2.47.1 From d6cb575d3082a5b2f738aa51f0510efd8b04db3e Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Wed, 1 Jun 2022 11:00:18 +0200 Subject: [PATCH 0245/1882] change external secrets helm tag --- flux/cluster/crds/external-secrets/crds.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/crds/external-secrets/crds.yaml b/flux/cluster/crds/external-secrets/crds.yaml index 652b06c7..2270dffc 100644 --- a/flux/cluster/crds/external-secrets/crds.yaml +++ b/flux/cluster/crds/external-secrets/crds.yaml @@ -9,7 +9,7 @@ spec: url: https://github.com/external-secrets/external-secrets.git ref: # renovate: registryUrl=https://charts.external-secrets.io chart=external-secrets - tag: v0.5.3 + tag: helm-chart-0.5.3 ignore: | # exclude all /* -- 2.47.1 From f60bf0647e904e13d691f00c1be26dcdb911c12a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Jun 2022 09:00:47 +0000 Subject: [PATCH 0246/1882] chore(deps): update helm release external-secrets to v0.5.5 --- .../core/external-secrets/external-secrets/helm-release.yaml | 2 +- flux/cluster/crds/external-secrets/crds.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml b/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml index 2f9876fd..0a96e7bf 100644 --- a/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml +++ b/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml @@ -10,7 +10,7 @@ spec: spec: # renovate: registryUrl=https://charts.external-secrets.io chart: external-secrets - version: 0.5.3 + version: 0.5.5 sourceRef: kind: HelmRepository name: external-secrets-charts diff --git a/flux/cluster/crds/external-secrets/crds.yaml b/flux/cluster/crds/external-secrets/crds.yaml index 2270dffc..200a59bf 100644 --- a/flux/cluster/crds/external-secrets/crds.yaml +++ b/flux/cluster/crds/external-secrets/crds.yaml @@ -9,7 +9,7 @@ spec: url: https://github.com/external-secrets/external-secrets.git ref: # renovate: registryUrl=https://charts.external-secrets.io chart=external-secrets - tag: helm-chart-0.5.3 + tag: helm-chart-0.5.5 ignore: | # exclude all /* -- 2.47.1 From 1187b558c3c2afdf946da6443f7275aab8897f95 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Jun 2022 08:57:22 +0000 Subject: [PATCH 0247/1882] chore(deps): update helm release traefik to v10.20.1 --- flux/cluster/apps/networking/traefik/helm-release.yaml | 2 +- flux/cluster/crds/traefik/crds.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/flux/cluster/apps/networking/traefik/helm-release.yaml b/flux/cluster/apps/networking/traefik/helm-release.yaml index 5842d6a5..04cb7be6 100644 --- a/flux/cluster/apps/networking/traefik/helm-release.yaml +++ b/flux/cluster/apps/networking/traefik/helm-release.yaml @@ -10,7 +10,7 @@ spec: spec: # renovate: registryUrl=https://helm.traefik.io/traefik chart: traefik - version: 10.20.0 + version: 10.20.1 sourceRef: kind: HelmRepository name: traefik-charts diff --git a/flux/cluster/crds/traefik/crds.yaml b/flux/cluster/crds/traefik/crds.yaml index 517c5914..960ad3da 100644 --- a/flux/cluster/crds/traefik/crds.yaml +++ b/flux/cluster/crds/traefik/crds.yaml @@ -9,7 +9,7 @@ spec: url: https://github.com/traefik/traefik-helm-chart.git ref: # renovate: registryUrl=https://helm.traefik.io/traefik chart=traefik - tag: v10.20.0 + tag: v10.20.1 ignore: | # exclude all /* -- 2.47.1 From 2da52a420ccb4c63e45ffd2369b5e40fbbba06b7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Jun 2022 17:00:13 +0000 Subject: [PATCH 0248/1882] chore(deps): update helm release external-secrets to v0.5.6 --- .../core/external-secrets/external-secrets/helm-release.yaml | 2 +- flux/cluster/crds/external-secrets/crds.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml b/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml index 0a96e7bf..cabae28a 100644 --- a/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml +++ b/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml @@ -10,7 +10,7 @@ spec: spec: # renovate: registryUrl=https://charts.external-secrets.io chart: external-secrets - version: 0.5.5 + version: 0.5.6 sourceRef: kind: HelmRepository name: external-secrets-charts diff --git a/flux/cluster/crds/external-secrets/crds.yaml b/flux/cluster/crds/external-secrets/crds.yaml index 200a59bf..f8c9193e 100644 --- a/flux/cluster/crds/external-secrets/crds.yaml +++ b/flux/cluster/crds/external-secrets/crds.yaml @@ -9,7 +9,7 @@ spec: url: https://github.com/external-secrets/external-secrets.git ref: # renovate: registryUrl=https://charts.external-secrets.io chart=external-secrets - tag: helm-chart-0.5.5 + tag: helm-chart-0.5.6 ignore: | # exclude all /* -- 2.47.1 From 25af40b27c4dd98b485978215e92106209c75acc Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 2 Jun 2022 12:21:29 +0200 Subject: [PATCH 0249/1882] flake update --- flake.lock | 18 +++++++++--------- flake.nix | 2 +- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/flake.lock b/flake.lock index 7bcd9ff0..115f9d24 100644 --- a/flake.lock +++ b/flake.lock @@ -206,11 +206,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1653614444, - "narHash": "sha256-JDXshcep5PjUx+AM68FunQgpFtS+B8/U/ow0gROln+k=", + "lastModified": 1653700859, + "narHash": "sha256-R1zR4U6s0ZpRkI/bAkWWyMaUVTvUnF/R7LydzGvLuHM=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "0147a798063462fb2c4644cdb7936d050d3b704f", + "rev": "27d4153324679e45a34f8c68dd740b50379cac69", "type": "github" }, "original": { @@ -257,16 +257,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1653602240, - "narHash": "sha256-Gt3J9eZQ12H6niBjmqd6cNCY4g/EDbcMTRGyCmAQurA=", - "owner": "NULLx76", + "lastModified": 1653850161, + "narHash": "sha256-r9jwqAX3wG0XMOs2RNNXK66pjz5b2+veXDSyp1m5QGU=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "c2f9aad978affdbfd20578bc84a4f0a170ff8a6f", + "rev": "757046a257a8569de866aaf39a7e615551c7cfab", "type": "github" }, "original": { - "owner": "NULLx76", - "ref": "0x76", + "owner": "nixos", + "ref": "master", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 810bdbbb..9f40b94d 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix inputs = { - nixpkgs.url = "github:NULLx76/nixpkgs/0x76"; + nixpkgs.url = "github:nixos/nixpkgs/master"; deploy-rs.url = "github:serokell/deploy-rs"; deploy-rs.inputs.nixpkgs.follows = "nixpkgs"; -- 2.47.1 From 6537ced392dd1690ada9085210d94cff159cc2bd Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 3 Jun 2022 15:46:47 +0200 Subject: [PATCH 0250/1882] renovate automerge branch --- flake.lock | 30 +++++++++---------- flake.nix | 2 +- .../renovate/renovate-infrastructure.yaml | 2 +- nixos/hosts/hedgedoc/configuration.nix | 6 ++-- 4 files changed, 20 insertions(+), 20 deletions(-) diff --git a/flake.lock b/flake.lock index 115f9d24..2969a7e6 100644 --- a/flake.lock +++ b/flake.lock @@ -10,11 +10,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1653210933, - "narHash": "sha256-n6Hk/zPHcjloi0E/miKGnXrWROha90uan2CFQV7oaqI=", + "lastModified": 1654213409, + "narHash": "sha256-9mgH75wnd78zHOzBeFEwWyHXltaNRNr7v7p8Lr6vA1U=", "owner": "zhaofengli", "repo": "colmena", - "rev": "429a0f5aa1d1bac06234e2f0c02d5b63a850d940", + "rev": "7c1e91a09f1e9eebbf46806a3b349559c36808a2", "type": "github" }, "original": { @@ -206,11 +206,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1653700859, - "narHash": "sha256-R1zR4U6s0ZpRkI/bAkWWyMaUVTvUnF/R7LydzGvLuHM=", + "lastModified": 1654218788, + "narHash": "sha256-0xsD029/xPLWMMa5QKU2SjHikPcFISHYb//dxCoUvWw=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "27d4153324679e45a34f8c68dd740b50379cac69", + "rev": "5a5704cf74ffb0d35139d3f625d1a628dd5206d4", "type": "github" }, "original": { @@ -257,16 +257,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1653850161, - "narHash": "sha256-r9jwqAX3wG0XMOs2RNNXK66pjz5b2+veXDSyp1m5QGU=", - "owner": "nixos", + "lastModified": 1654258420, + "narHash": "sha256-H6oJnoRzsQIwpNfMFnqGex+6dZ1YL6TGFQfRzyEO5R8=", + "owner": "NULLx76", "repo": "nixpkgs", - "rev": "757046a257a8569de866aaf39a7e615551c7cfab", + "rev": "5506d60e56272eee4a1b111cf05dfa585a91f68d", "type": "github" }, "original": { - "owner": "nixos", - "ref": "master", + "owner": "NULLx76", + "ref": "0x76", "repo": "nixpkgs", "type": "github" } @@ -325,11 +325,11 @@ ] }, "locked": { - "lastModified": 1653431509, - "narHash": "sha256-4PUKylYuWy0Wlaz8lmbuKq7ok3biV/P6GeLKyO1opEk=", + "lastModified": 1654167282, + "narHash": "sha256-A/9JJRBIPJVFypPhpgOUxBExy/8evpEg8G75BVdZrLg=", "owner": "serokell", "repo": "serokell.nix", - "rev": "b69317c1304a9c51d7a20ec36ab31f853887e96d", + "rev": "da787295c6af0a650ee2c811ab8ef136a596d4ce", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 9f40b94d..810bdbbb 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix inputs = { - nixpkgs.url = "github:nixos/nixpkgs/master"; + nixpkgs.url = "github:NULLx76/nixpkgs/0x76"; deploy-rs.url = "github:serokell/deploy-rs"; deploy-rs.inputs.nixpkgs.follows = "nixpkgs"; diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 89632773..144e35be 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -74,7 +74,7 @@ data: "packageRules": [ { "automerge": true, - "automergeType": "pr", + "automergeType": "branch", "matchPackageNames": [ "renovate/renovate" ] diff --git a/nixos/hosts/hedgedoc/configuration.nix b/nixos/hosts/hedgedoc/configuration.nix index c3d04291..dbb8dd3f 100644 --- a/nixos/hosts/hedgedoc/configuration.nix +++ b/nixos/hosts/hedgedoc/configuration.nix @@ -26,7 +26,7 @@ in environment.noXlibs = lib.mkForce false; - networking.firewall.allowedTCPPorts = [ config.services.hedgedoc.configuration.port ]; + networking.firewall.allowedTCPPorts = [ config.services.hedgedoc.settings.port ]; vault-secrets.secrets.hedgedoc = { }; @@ -46,7 +46,7 @@ in services.hedgedoc = { enable = true; environmentFile = "${vs.hedgedoc}/environment"; - configuration = { + settings = { host = "0.0.0.0"; port = 3000; sessionSecret = "$SESSION_SECRET"; @@ -54,7 +54,7 @@ in protocolUseSSL = true; hsts.enable = true; allowOrigin = [ - config.services.hedgedoc.configuration.domain + config.services.hedgedoc.settings.domain "hedgedoc" ]; allowAnonymous = false; -- 2.47.1 From ee8dd1022a7e41eb126c5d67e1552a77cdcd57de Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Jun 2022 13:49:59 +0000 Subject: [PATCH 0251/1882] chore(deps): update dependency renovate/renovate to v32.73 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 144e35be..74c7d3b5 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.71 + image: renovate/renovate:32.73 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 2441b7c151df501392f2e0ac42a2995f8950871b Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 3 Jun 2022 16:35:55 +0200 Subject: [PATCH 0252/1882] Revert "hedgedoc update" --- flake.lock | 12 ++++++------ flake.nix | 2 +- nixos/hosts/hedgedoc/configuration.nix | 6 +++--- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/flake.lock b/flake.lock index 2969a7e6..69331b55 100644 --- a/flake.lock +++ b/flake.lock @@ -257,16 +257,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1654258420, - "narHash": "sha256-H6oJnoRzsQIwpNfMFnqGex+6dZ1YL6TGFQfRzyEO5R8=", - "owner": "NULLx76", + "lastModified": 1654019511, + "narHash": "sha256-s3fcwUxa2rV2ZmSbdOtisNmXqeqnF9IFrvhPQL5GCBU=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "5506d60e56272eee4a1b111cf05dfa585a91f68d", + "rev": "692517bf851f2d8d999f0ad50f53fa1d2dd5c8f9", "type": "github" }, "original": { - "owner": "NULLx76", - "ref": "0x76", + "owner": "nixos", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 810bdbbb..b6792efa 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix inputs = { - nixpkgs.url = "github:NULLx76/nixpkgs/0x76"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; deploy-rs.url = "github:serokell/deploy-rs"; deploy-rs.inputs.nixpkgs.follows = "nixpkgs"; diff --git a/nixos/hosts/hedgedoc/configuration.nix b/nixos/hosts/hedgedoc/configuration.nix index dbb8dd3f..c3d04291 100644 --- a/nixos/hosts/hedgedoc/configuration.nix +++ b/nixos/hosts/hedgedoc/configuration.nix @@ -26,7 +26,7 @@ in environment.noXlibs = lib.mkForce false; - networking.firewall.allowedTCPPorts = [ config.services.hedgedoc.settings.port ]; + networking.firewall.allowedTCPPorts = [ config.services.hedgedoc.configuration.port ]; vault-secrets.secrets.hedgedoc = { }; @@ -46,7 +46,7 @@ in services.hedgedoc = { enable = true; environmentFile = "${vs.hedgedoc}/environment"; - settings = { + configuration = { host = "0.0.0.0"; port = 3000; sessionSecret = "$SESSION_SECRET"; @@ -54,7 +54,7 @@ in protocolUseSSL = true; hsts.enable = true; allowOrigin = [ - config.services.hedgedoc.settings.domain + config.services.hedgedoc.configuration.domain "hedgedoc" ]; allowAnonymous = false; -- 2.47.1 From d7f2f8bef0b9dfbb8c43654fb105718cb76ae03b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 4 Jun 2022 11:01:10 +0000 Subject: [PATCH 0253/1882] chore(deps): update dependency renovate/renovate to v32.74 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 74c7d3b5..e46c50ae 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.73 + image: renovate/renovate:32.74 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From f87de06cffc8290f618ab11fa3d7899e4a68bd60 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 4 Jun 2022 21:00:15 +0000 Subject: [PATCH 0254/1882] chore(deps): update helm values ghcr.io/goauthentik/server to v2022.6.1 --- flux/cluster/apps/authentik/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/authentik/helm-release.yaml b/flux/cluster/apps/authentik/helm-release.yaml index 5860d27e..731d61f8 100644 --- a/flux/cluster/apps/authentik/helm-release.yaml +++ b/flux/cluster/apps/authentik/helm-release.yaml @@ -24,7 +24,7 @@ spec: values: image: repository: ghcr.io/goauthentik/server - tag: 2022.5.3 + tag: 2022.6.1 authentik: error_reporting: enabled: true -- 2.47.1 From 927cc13470252c85ebdbd30beb6877790511cea0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Jun 2022 08:01:11 +0000 Subject: [PATCH 0255/1882] chore(deps): update dependency renovate/renovate to v32.76 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index e46c50ae..0f5647c7 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.74 + image: renovate/renovate:32.76 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 9c97adbafe6d89f571b434c8c4070a0b7ccf735f Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 7 Jun 2022 16:05:45 +0200 Subject: [PATCH 0256/1882] remove clickhouse package --- nixos/pkgs/clickhouse/.gitignore | 1 - nixos/pkgs/clickhouse/clickhouse.nix | 1 - nixos/pkgs/clickhouse/default.nix | 49 ---------------------------- 3 files changed, 51 deletions(-) delete mode 100644 nixos/pkgs/clickhouse/.gitignore delete mode 100644 nixos/pkgs/clickhouse/clickhouse.nix delete mode 100644 nixos/pkgs/clickhouse/default.nix diff --git a/nixos/pkgs/clickhouse/.gitignore b/nixos/pkgs/clickhouse/.gitignore deleted file mode 100644 index b2be92b7..00000000 --- a/nixos/pkgs/clickhouse/.gitignore +++ /dev/null @@ -1 +0,0 @@ -result diff --git a/nixos/pkgs/clickhouse/clickhouse.nix b/nixos/pkgs/clickhouse/clickhouse.nix deleted file mode 100644 index be3c3bf5..00000000 --- a/nixos/pkgs/clickhouse/clickhouse.nix +++ /dev/null @@ -1 +0,0 @@ -let pkgs = import {}; in pkgs.callPackage (./default.nix) { } diff --git a/nixos/pkgs/clickhouse/default.nix b/nixos/pkgs/clickhouse/default.nix deleted file mode 100644 index 7ed89cdb..00000000 --- a/nixos/pkgs/clickhouse/default.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ stdenv, dpkg, autoPatchelfHook, fetchurl, lib, glibc }: -stdenv.mkDerivation rec { - pname = "clickhouse"; - version = "21.11.5.33"; - - broken = stdenv.buildPlatform.is32bit; - - sourceRoot = "."; - - srcs = [ - (fetchurl { - url = - "https://github.com/ClickHouse/ClickHouse/releases/download/v${version}-stable/clickhouse-common-static-${version}.tgz"; - sha256 = "sha256-WYSxRQWj6We5v3trMZ0r9xr0kyApyEL444os7yTw8fI="; - }) - (fetchurl { - url = - "https://github.com/ClickHouse/ClickHouse/releases/download/v${version}-stable/clickhouse-server-${version}.tgz"; - sha256 = "sha256-mxEObzTlW1A7p8END24H/ovxF/PsmmoPWvEjbRmS9X0="; - }) - ]; - - nativeBuildInputs = [ autoPatchelfHook ]; - buildInputs = [ - glibc - ]; - # hardeningDisable = [ "format" ]; - - installPhase = '' - mkdir -p $out/{bin,etc} - cp -av clickhouse-server-${version}/usr/bin/* $out/bin/ - cp -av clickhouse-server-${version}/etc/clickhouse-server $out/etc/ - cp -av clickhouse-common-static-${version}/usr/bin/* $out/bin/ - - runHook postInstall - ''; - - postInstall = '' - sed -i -e '\!/var/log/clickhouse-server/clickhouse-server\.log!d' $out/etc/clickhouse-server/config.xml - substituteInPlace $out/etc/clickhouse-server/config.xml --replace "/var/log/clickhouse-server/clickhouse-server.err.log" "1" - ''; - - meta = with lib; { - homepage = "https://clickhouse.tech/"; - description = "Column-oriented database management system"; - license = licenses.asl20; - platforms = platforms.linux; - }; -} -- 2.47.1 From da6bc519eee9f12ff7d25208f705d7e548049ecf Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 7 Jun 2022 23:57:57 +0200 Subject: [PATCH 0257/1882] manually upgrade renovate --- flake.lock | 36 +++++++++---------- .../renovate/renovate-infrastructure.yaml | 2 +- nixos/pkgs/default.nix | 9 +++-- 3 files changed, 26 insertions(+), 21 deletions(-) diff --git a/flake.lock b/flake.lock index 69331b55..909fe269 100644 --- a/flake.lock +++ b/flake.lock @@ -10,11 +10,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1654213409, - "narHash": "sha256-9mgH75wnd78zHOzBeFEwWyHXltaNRNr7v7p8Lr6vA1U=", + "lastModified": 1654325492, + "narHash": "sha256-+eegOXTfWyVygrqWCid1pg5IdCjmh0G8o5uA93IQFdA=", "owner": "zhaofengli", "repo": "colmena", - "rev": "7c1e91a09f1e9eebbf46806a3b349559c36808a2", + "rev": "b5629dca833fc0bd545898c2dd2d9d5ae1fd5066", "type": "github" }, "original": { @@ -206,11 +206,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1654218788, - "narHash": "sha256-0xsD029/xPLWMMa5QKU2SjHikPcFISHYb//dxCoUvWw=", + "lastModified": 1654583212, + "narHash": "sha256-TNM2Y4lnCnGsmRfYRVoYzaApSL3GE9NDad0ApJ4CCOg=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "5a5704cf74ffb0d35139d3f625d1a628dd5206d4", + "rev": "3423f5faf24744490963f1024da214c37f199a9f", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1654019511, - "narHash": "sha256-s3fcwUxa2rV2ZmSbdOtisNmXqeqnF9IFrvhPQL5GCBU=", + "lastModified": 1654230545, + "narHash": "sha256-8Vlwf0x8ow6pPOK2a04bT+pxIeRnM1+O0Xv9/CuDzRs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "692517bf851f2d8d999f0ad50f53fa1d2dd5c8f9", + "rev": "236cc2971ac72acd90f0ae3a797f9f83098b17ec", "type": "github" }, "original": { @@ -325,11 +325,11 @@ ] }, "locked": { - "lastModified": 1654167282, - "narHash": "sha256-A/9JJRBIPJVFypPhpgOUxBExy/8evpEg8G75BVdZrLg=", + "lastModified": 1654503399, + "narHash": "sha256-io7/mE1uPMznvFILtRSUafuaofyOqaQZKjSQLR6qTZk=", "owner": "serokell", "repo": "serokell.nix", - "rev": "da787295c6af0a650ee2c811ab8ef136a596d4ce", + "rev": "eb14d979cc8257663dd94d6098a86c8c1ce99e72", "type": "github" }, "original": { @@ -340,11 +340,11 @@ }, "stable": { "locked": { - "lastModified": 1653087707, - "narHash": "sha256-zfno3snrzZTWQ2B7K53QHrGZwrjnJLTRPalymrSsziU=", + "lastModified": 1653996475, + "narHash": "sha256-r/UA7h3Dfgf4dlOCkakpqejf1Tagfb+6T+9OdT0qBgU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cbd40c72b2603ab54e7208f99f9b35fc158bc009", + "rev": "ec6eaba9dfcfdd11547d75a193e91e26701bf7e3", "type": "github" }, "original": { @@ -356,11 +356,11 @@ }, "utils": { "locked": { - "lastModified": 1649676176, - "narHash": "sha256-OWKJratjt2RW151VUlJPRALb7OU2S5s+f0vLj4o1bHM=", + "lastModified": 1653893745, + "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "a4b154ebbdc88c8498a5c7b01589addc9e9cb678", + "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1", "type": "github" }, "original": { diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 0f5647c7..1ed2d74d 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.76 + image: renovate/renovate:32.78 volumeMounts: - name: config-volume mountPath: /opt/renovate/ diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index 67a0f134..feb82c26 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -1,6 +1,11 @@ final: prev: { - # clickhouse = prev.callPackage ./clickhouse { }; - + hedgedoc = prev.hedgedoc.overrideAttrs (old: { + # see https://github.com/NixOS/nixpkgs/issues/176127#issuecomment-1146782555 + preBuild = '' + export HOME=$TMPDIR + ''; + }); + v = { unbound = prev.unbound.override { withSystemd = true; -- 2.47.1 From 4108128891b11137ef142e7c6316d5dd4cfb2874 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Jun 2022 22:04:54 +0000 Subject: [PATCH 0258/1882] chore(deps): update helm release authentik to v2022.6.1 --- flux/cluster/apps/authentik/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/authentik/helm-release.yaml b/flux/cluster/apps/authentik/helm-release.yaml index 731d61f8..cdc7ea2a 100644 --- a/flux/cluster/apps/authentik/helm-release.yaml +++ b/flux/cluster/apps/authentik/helm-release.yaml @@ -9,7 +9,7 @@ spec: spec: # renovate: registryUrl=https://charts.goauthentik.io chart: authentik - version: 2022.5.1 + version: 2022.6.1 sourceRef: kind: HelmRepository name: authentik-charts -- 2.47.1 From b0cddcd70cdc645f54b0b7d89c917ca9f405521f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Jun 2022 22:04:52 +0000 Subject: [PATCH 0259/1882] chore(deps): update helm values ghcr.io/goauthentik/server to v2022.6.2 --- flux/cluster/apps/authentik/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/authentik/helm-release.yaml b/flux/cluster/apps/authentik/helm-release.yaml index cdc7ea2a..92b15ecd 100644 --- a/flux/cluster/apps/authentik/helm-release.yaml +++ b/flux/cluster/apps/authentik/helm-release.yaml @@ -24,7 +24,7 @@ spec: values: image: repository: ghcr.io/goauthentik/server - tag: 2022.6.1 + tag: 2022.6.2 authentik: error_reporting: enabled: true -- 2.47.1 From a4e861612c473d7dd05f9b2fe0d639c3c27885a6 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 8 Jun 2022 00:20:22 +0200 Subject: [PATCH 0260/1882] renovate, binarySource: install --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 1ed2d74d..13e9d566 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -53,6 +53,7 @@ metadata: data: config.js: |- module.exports = { + "binarySource": "install", "repositories": ["v/infrastructure"], "flux": { "fileMatch": ["flux/.+\\.ya?ml$"] -- 2.47.1 From a3709d3d634e12b9c1addd5d3de8ccfd484c1bc6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Jun 2022 22:23:21 +0000 Subject: [PATCH 0261/1882] chore(deps): update dependency fluxcd/flux2 to v0.31.0 --- .../base/flux-system/gotk-components.yaml | 105 +++++++++++------- 1 file changed, 64 insertions(+), 41 deletions(-) diff --git a/flux/cluster/base/flux-system/gotk-components.yaml b/flux/cluster/base/flux-system/gotk-components.yaml index c7d383c5..edc50993 100644 --- a/flux/cluster/base/flux-system/gotk-components.yaml +++ b/flux/cluster/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.30.2 +# Flux Version: v0.31.0 # Components: source-controller,kustomize-controller,helm-controller,notification-controller,image-reflector-controller,image-automation-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -22,7 +22,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -243,7 +243,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -753,7 +753,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1401,6 +1401,15 @@ spec: - type type: object type: array + contentConfigChecksum: + description: 'ContentConfigChecksum is a checksum of all the configurations + related to the content of the source artifact: - .spec.ignore - + .spec.recurseSubmodules - .spec.included and the checksum of the + included artifacts observed in .status.observedGeneration version + of the object. This can be used to determine if the content of the + included repository has changed. It has the format of `:`, + for example: `sha256:`.' + type: string includedArtifacts: description: IncludedArtifacts contains a list of the last successfully included Artifacts as instructed by GitRepositorySpec.Include. @@ -1479,7 +1488,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2045,7 +2054,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -2892,7 +2901,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3217,6 +3226,13 @@ spec: default: 60s description: Timeout of the index fetch operation, defaults to 60s. type: string + type: + description: Type of the HelmRepository. When this field is set to "oci", + the URL field value must be prefixed with "oci://". + enum: + - default + - oci + type: string url: description: URL of the Helm repository, a valid URL contains at least a protocol and host. @@ -3373,7 +3389,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: imagepolicies.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3964,7 +3980,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: imagerepositories.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -4392,6 +4408,12 @@ spec: required: - name type: object + exclusionList: + description: ExclusionList is a list of regex strings used to exclude + certain tags from being stored in the database. + items: + type: string + type: array image: description: Image is the name of the image repository type: string @@ -4545,7 +4567,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: imageupdateautomations.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -5359,7 +5381,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -6481,7 +6503,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6579,6 +6601,7 @@ spec: - opsgenie - alertmanager - grafana + - githubdispatch type: string username: description: Bot username for this provider @@ -6686,7 +6709,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6912,7 +6935,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: helm-controller namespace: flux-system --- @@ -6922,7 +6945,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: image-automation-controller namespace: flux-system --- @@ -6932,7 +6955,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: image-reflector-controller namespace: flux-system --- @@ -6942,7 +6965,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: kustomize-controller namespace: flux-system --- @@ -6952,7 +6975,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: notification-controller namespace: flux-system --- @@ -6962,7 +6985,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: source-controller namespace: flux-system --- @@ -6972,7 +6995,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: crd-controller-flux-system rules: - apiGroups: @@ -7062,7 +7085,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -7082,7 +7105,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -7114,7 +7137,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 control-plane: controller name: notification-controller namespace: flux-system @@ -7134,7 +7157,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 control-plane: controller name: source-controller namespace: flux-system @@ -7154,7 +7177,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 control-plane: controller name: webhook-receiver namespace: flux-system @@ -7174,7 +7197,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 control-plane: controller name: helm-controller namespace: flux-system @@ -7203,7 +7226,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.21.0 + image: ghcr.io/fluxcd/helm-controller:v0.22.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7256,7 +7279,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 control-plane: controller name: image-automation-controller namespace: flux-system @@ -7285,7 +7308,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-automation-controller:v0.22.1 + image: ghcr.io/fluxcd/image-automation-controller:v0.23.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7338,7 +7361,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 control-plane: controller name: image-reflector-controller namespace: flux-system @@ -7367,7 +7390,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-reflector-controller:v0.18.0 + image: ghcr.io/fluxcd/image-reflector-controller:v0.19.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7424,7 +7447,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 control-plane: controller name: kustomize-controller namespace: flux-system @@ -7453,7 +7476,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.25.0 + image: ghcr.io/fluxcd/kustomize-controller:v0.26.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7506,7 +7529,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 control-plane: controller name: notification-controller namespace: flux-system @@ -7534,7 +7557,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v0.23.5 + image: ghcr.io/fluxcd/notification-controller:v0.24.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7593,7 +7616,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 control-plane: controller name: source-controller namespace: flux-system @@ -7626,7 +7649,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/source-controller:v0.24.4 + image: ghcr.io/fluxcd/source-controller:v0.25.3 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7686,7 +7709,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: allow-egress namespace: flux-system spec: @@ -7706,7 +7729,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: allow-scraping namespace: flux-system spec: @@ -7726,7 +7749,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.30.2 + app.kubernetes.io/version: v0.31.0 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From a78808b4e8093bb9f3d8fc5e9167ad5ef0af5d10 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Jun 2022 14:00:16 +0000 Subject: [PATCH 0262/1882] chore(deps): update dependency fluxcd/flux2 to v0.31.1 --- .../base/flux-system/gotk-components.yaml | 80 +++++++++---------- 1 file changed, 40 insertions(+), 40 deletions(-) diff --git a/flux/cluster/base/flux-system/gotk-components.yaml b/flux/cluster/base/flux-system/gotk-components.yaml index edc50993..8ce6fca8 100644 --- a/flux/cluster/base/flux-system/gotk-components.yaml +++ b/flux/cluster/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.31.0 +# Flux Version: v0.31.1 # Components: source-controller,kustomize-controller,helm-controller,notification-controller,image-reflector-controller,image-automation-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -22,7 +22,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -243,7 +243,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -753,7 +753,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1488,7 +1488,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2054,7 +2054,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -2901,7 +2901,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3389,7 +3389,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: imagepolicies.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3980,7 +3980,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: imagerepositories.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -4567,7 +4567,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: imageupdateautomations.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -5381,7 +5381,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -6503,7 +6503,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6709,7 +6709,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6935,7 +6935,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: helm-controller namespace: flux-system --- @@ -6945,7 +6945,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: image-automation-controller namespace: flux-system --- @@ -6955,7 +6955,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: image-reflector-controller namespace: flux-system --- @@ -6965,7 +6965,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: kustomize-controller namespace: flux-system --- @@ -6975,7 +6975,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: notification-controller namespace: flux-system --- @@ -6985,7 +6985,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: source-controller namespace: flux-system --- @@ -6995,7 +6995,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: crd-controller-flux-system rules: - apiGroups: @@ -7085,7 +7085,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -7105,7 +7105,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -7137,7 +7137,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 control-plane: controller name: notification-controller namespace: flux-system @@ -7157,7 +7157,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 control-plane: controller name: source-controller namespace: flux-system @@ -7177,7 +7177,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 control-plane: controller name: webhook-receiver namespace: flux-system @@ -7197,7 +7197,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 control-plane: controller name: helm-controller namespace: flux-system @@ -7226,7 +7226,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.22.0 + image: ghcr.io/fluxcd/helm-controller:v0.22.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7279,7 +7279,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 control-plane: controller name: image-automation-controller namespace: flux-system @@ -7308,7 +7308,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-automation-controller:v0.23.0 + image: ghcr.io/fluxcd/image-automation-controller:v0.23.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7361,7 +7361,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 control-plane: controller name: image-reflector-controller namespace: flux-system @@ -7390,7 +7390,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-reflector-controller:v0.19.0 + image: ghcr.io/fluxcd/image-reflector-controller:v0.19.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7447,7 +7447,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 control-plane: controller name: kustomize-controller namespace: flux-system @@ -7476,7 +7476,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.26.0 + image: ghcr.io/fluxcd/kustomize-controller:v0.26.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7529,7 +7529,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 control-plane: controller name: notification-controller namespace: flux-system @@ -7616,7 +7616,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 control-plane: controller name: source-controller namespace: flux-system @@ -7649,7 +7649,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/source-controller:v0.25.3 + image: ghcr.io/fluxcd/source-controller:v0.25.5 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7709,7 +7709,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: allow-egress namespace: flux-system spec: @@ -7729,7 +7729,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: allow-scraping namespace: flux-system spec: @@ -7749,7 +7749,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.0 + app.kubernetes.io/version: v0.31.1 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From 5c5d820832345c56eab784490e38c7f1a00ee58d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Jun 2022 15:01:15 +0000 Subject: [PATCH 0263/1882] chore(deps): update dependency renovate/renovate to v32.80 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 13e9d566..12ac6454 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.78 + image: renovate/renovate:32.80 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 0536e4c0169c72745f1e5ee1f12709d609780c01 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Jun 2022 06:01:18 +0000 Subject: [PATCH 0264/1882] chore(deps): update dependency renovate/renovate to v32.81 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 12ac6454..40aa51b5 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.80 + image: renovate/renovate:32.81 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From d1f2674e47efe3bb061b6d44d7a5b08441a92bff Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Jun 2022 13:01:15 +0000 Subject: [PATCH 0265/1882] chore(deps): update dependency renovate/renovate to v32.82 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 40aa51b5..5ec48cc1 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.81 + image: renovate/renovate:32.82 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From fb38c09df7a3b79899142b49a015a75a6dee971d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Jun 2022 22:01:14 +0000 Subject: [PATCH 0266/1882] chore(deps): update dependency renovate/renovate to v32.83 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 5ec48cc1..64f1f550 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.82 + image: renovate/renovate:32.83 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From faaa526cf2c6ee99e9e1f1f8c9d089885b34bfbd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Jun 2022 18:00:12 +0000 Subject: [PATCH 0267/1882] chore(deps): update helm release vpa to v1.4.0 --- flux/cluster/apps/monitoring/vpa/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/monitoring/vpa/helm-release.yaml b/flux/cluster/apps/monitoring/vpa/helm-release.yaml index b62b8fc0..22504ab7 100644 --- a/flux/cluster/apps/monitoring/vpa/helm-release.yaml +++ b/flux/cluster/apps/monitoring/vpa/helm-release.yaml @@ -8,7 +8,7 @@ spec: chart: spec: chart: vpa - version: 1.3.2 + version: 1.4.0 sourceRef: kind: HelmRepository name: fairwinds-charts -- 2.47.1 From 878334bed7652484a2b1f50502fa95510194d659 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 12 Jun 2022 12:25:46 +0200 Subject: [PATCH 0268/1882] Minor updates --- .gitignore | 1 + Dockerfile | 0 flake.lock | 24 +++++----- flake.nix | 17 ++++--- hosts.nix | 9 ++-- .../{template => _template}/configuration.nix | 2 +- nixos/hosts/bastion/configuration.nix | 4 ++ nixos/hosts/gitea/configuration.nix | 3 +- nixos/hosts/k3s/configuration.nix | 11 +++-- nixos/hosts/plausible/configuration.nix | 46 ------------------- 10 files changed, 41 insertions(+), 76 deletions(-) create mode 100644 .gitignore delete mode 100644 Dockerfile rename nixos/hosts/{template => _template}/configuration.nix (93%) delete mode 100644 nixos/hosts/plausible/configuration.nix diff --git a/.gitignore b/.gitignore new file mode 100644 index 00000000..b2be92b7 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +result diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index e69de29b..00000000 diff --git a/flake.lock b/flake.lock index 909fe269..d2d24344 100644 --- a/flake.lock +++ b/flake.lock @@ -10,11 +10,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1654325492, - "narHash": "sha256-+eegOXTfWyVygrqWCid1pg5IdCjmh0G8o5uA93IQFdA=", + "lastModified": 1654885765, + "narHash": "sha256-BU8uDapI/ZS1B/K0M1n/AvQ3ZIwBk0NMytM49WqZo8w=", "owner": "zhaofengli", "repo": "colmena", - "rev": "b5629dca833fc0bd545898c2dd2d9d5ae1fd5066", + "rev": "1b3c272b5873f809c18434924d99967c73d4e2cf", "type": "github" }, "original": { @@ -206,11 +206,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1654583212, - "narHash": "sha256-TNM2Y4lnCnGsmRfYRVoYzaApSL3GE9NDad0ApJ4CCOg=", + "lastModified": 1654910231, + "narHash": "sha256-BGKT7IL+IrZLBQFJ0PxC8lFUV4Y3IONmi/SbaabsWlY=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "3423f5faf24744490963f1024da214c37f199a9f", + "rev": "14465ed2e2804484d1d456afee0d8fded6eb05bd", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1654230545, - "narHash": "sha256-8Vlwf0x8ow6pPOK2a04bT+pxIeRnM1+O0Xv9/CuDzRs=", + "lastModified": 1654682581, + "narHash": "sha256-Jb1PQCwKgwdNAp907eR5zPzuxV+kRroA3UIxUxCMJ9s=", "owner": "nixos", "repo": "nixpkgs", - "rev": "236cc2971ac72acd90f0ae3a797f9f83098b17ec", + "rev": "e0169d7a9d324afebf5679551407756c77af8930", "type": "github" }, "original": { @@ -325,11 +325,11 @@ ] }, "locked": { - "lastModified": 1654503399, - "narHash": "sha256-io7/mE1uPMznvFILtRSUafuaofyOqaQZKjSQLR6qTZk=", + "lastModified": 1654872670, + "narHash": "sha256-96CAJ3AujffxOECfEMFvonrznS/xPvP+R6oKYkD3UVw=", "owner": "serokell", "repo": "serokell.nix", - "rev": "eb14d979cc8257663dd94d6098a86c8c1ce99e72", + "rev": "faf02c7b2ac9900ae44c2068a10237c5db73f692", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index b6792efa..604c60b8 100644 --- a/flake.nix +++ b/flake.nix @@ -7,17 +7,17 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; - + deploy-rs.url = "github:serokell/deploy-rs"; deploy-rs.inputs.nixpkgs.follows = "nixpkgs"; colmena.url = "github:zhaofengli/colmena"; colmena.inputs.nixpkgs.follows = "nixpkgs"; - + serokell-nix.url = "github:serokell/serokell.nix"; serokell-nix.inputs.nixpkgs.follows = "nixpkgs"; serokell-nix.inputs.deploy-rs.follows = "deploy-rs"; - + vault-secrets.url = "github:serokell/vault-secrets"; vault-secrets.inputs.nixpkgs.follows = "nixpkgs"; @@ -80,8 +80,6 @@ pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ]; - deployChecks = mapAttrs (_: lib: lib.deployChecks self.deploy) deploy-rs.lib; - checks = { }; in { # Make the config and deploy sets @@ -112,7 +110,7 @@ devShells.${system}.default = pkgs.mkShell { VAULT_ADDR = "http://vault.olympus:8200/"; # This only support bash so just execute zsh in bash as a workaround :/ - shellHook = "zsh"; + shellHook = "zsh; exit $?"; buildInputs = with pkgs; [ deploy-rs.packages.${system}.deploy-rs fluxcd @@ -129,6 +127,11 @@ ]; }; - checks = lib.recursiveUpdate deployChecks checks; + # Filter out non-system checks: https://github.com/NixOS/nixpkgs/issues/175875#issuecomment-1152996862 + checks = lib.filterAttrs + (a: _: a == system) + (builtins.mapAttrs + (system: deployLib: deployLib.deployChecks self.deploy) + deploy-rs.lib); }; } diff --git a/hosts.nix b/hosts.nix index 6747fc68..a4d23b3f 100644 --- a/hosts.nix +++ b/hosts.nix @@ -82,12 +82,9 @@ ip = "10.42.42.17"; mac = "0A:06:5E:E7:9A:0C"; } - { - hostname = "plausible"; - ip = "10.42.42.18"; - mac = "82:34:70:FA:44:6F"; - nix = false; - } + # { + # ip = "10.42.42.18"; + # } { hostname = "victoriametrics"; ip = "10.42.42.19"; diff --git a/nixos/hosts/template/configuration.nix b/nixos/hosts/_template/configuration.nix similarity index 93% rename from nixos/hosts/template/configuration.nix rename to nixos/hosts/_template/configuration.nix index 0feed4a6..b33d3f0b 100644 --- a/nixos/hosts/template/configuration.nix +++ b/nixos/hosts/_template/configuration.nix @@ -15,7 +15,7 @@ # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "21.11"; # Did you read the comment? + system.stateVersion = "22.11"; # Did you read the comment? # Additional packages environment.systemPackages = with pkgs; [ ]; diff --git a/nixos/hosts/bastion/configuration.nix b/nixos/hosts/bastion/configuration.nix index 0042a4cd..ce4b96c5 100644 --- a/nixos/hosts/bastion/configuration.nix +++ b/nixos/hosts/bastion/configuration.nix @@ -34,6 +34,10 @@ in { # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "21.05"; # Did you read the comment? + virtualisation.podman = { + enable = true; + }; + # Additional packages environment.systemPackages = with pkgs; [ binutils diff --git a/nixos/hosts/gitea/configuration.nix b/nixos/hosts/gitea/configuration.nix index 6f9f14ca..f59a01a8 100644 --- a/nixos/hosts/gitea/configuration.nix +++ b/nixos/hosts/gitea/configuration.nix @@ -23,6 +23,8 @@ networking.firewall.allowedTCPPorts = [ config.services.gitea.httpPort ]; + services.openssh.startWhenNeeded = false; + services.gitea = { enable = true; domain = "git.0x76.dev"; @@ -34,7 +36,6 @@ disableRegistration = true; cookieSecure = true; - settings = { ui = { DEFAULT_THEME = "arc-green"; diff --git a/nixos/hosts/k3s/configuration.nix b/nixos/hosts/k3s/configuration.nix index 4dceed6c..8cba9ebd 100644 --- a/nixos/hosts/k3s/configuration.nix +++ b/nixos/hosts/k3s/configuration.nix @@ -5,9 +5,14 @@ ]; # Use the GRUB 2 boot loader. - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - boot.loader.grub.device = "/dev/sda"; + boot.loader.grub = { + enable = true; + version = 2; + device = "/dev/sda"; + }; + + boot.kernel.sysctl."fs.inotify.max_user_instances" = 2147483647; # INT_MAX, dynamically limited based on available memory + boot.kernel.sysctl."fs.inotify.max_user_watches" = 1048576; networking.hostName = "k3s-node1"; diff --git a/nixos/hosts/plausible/configuration.nix b/nixos/hosts/plausible/configuration.nix deleted file mode 100644 index 15449c18..00000000 --- a/nixos/hosts/plausible/configuration.nix +++ /dev/null @@ -1,46 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, ... }: -let - vs = config.vault-secrets.secrets; - cfg = config.services.plausible; -in -{ - imports = [ ]; - - networking.hostName = "plausible"; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "21.11"; # Did you read the comment? - - # Additional packages - environment.systemPackages = with pkgs; [ ]; - - networking.firewall.allowedTCPPorts = [ cfg.server.port ]; - networking.firewall.allowedUDPPorts = [ ]; - - vault-secrets.secrets.plausible = { }; - - services.plausible = { - enable = true; - releaseCookiePath = "${pkgs.runCommand "cookie" { } '' - ${pkgs.openssl}/bin/openssl rand -base64 64 >"$out" - ''}"; - server = { - baseUrl = "https://analytics.0x76.dev"; - secretKeybaseFile = "${vs.plausible}/secretkeybase"; - }; - adminUser = { - activate = true; - email = "plausible@xirion.net"; - passwordFile = "${vs.plausible}/password"; - }; - }; -} -- 2.47.1 From 08b8e24c8cd1a8d2ba02f3d0b7371e46d9ced39c Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 12 Jun 2022 17:06:32 +0200 Subject: [PATCH 0269/1882] add nixos CI --- .drone.yml | 4 ++++ flake.nix | 4 +++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index 27c73b87..87116198 100644 --- a/.drone.yml +++ b/.drone.yml @@ -6,3 +6,7 @@ steps: image: registry.gitlab.com/pipeline-components/yamllint commands: - yamllint -c .yamllint.yaml . + - name: nix flake check + image: nixos/nix:master + commands: + - nix --extra-experimental-features nix-command --extra-experimental-features flakes flake check --no-build diff --git a/flake.nix b/flake.nix index 604c60b8..095cf3f7 100644 --- a/flake.nix +++ b/flake.nix @@ -86,7 +86,9 @@ nixosConfigurations = lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; deploy.nodes = lib.foldr (el: acc: acc // mkDeploy el) { } nixHosts; - apps.${system} = { + + apps.${system} = rec { + default = deploy; deploy = { type = "app"; program = "${deploy-rs.packages.${system}.deploy-rs}/bin/deploy"; -- 2.47.1 From 4d9b231497c07f789c320c1845fac25e5ae313e2 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 12 Jun 2022 17:19:13 +0200 Subject: [PATCH 0270/1882] remove nix ci --- .drone.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.drone.yml b/.drone.yml index 87116198..286c62a4 100644 --- a/.drone.yml +++ b/.drone.yml @@ -9,4 +9,5 @@ steps: - name: nix flake check image: nixos/nix:master commands: + - nix --extra-experimental-features nix-command --extra-experimental-features flakes flake prefetch - nix --extra-experimental-features nix-command --extra-experimental-features flakes flake check --no-build -- 2.47.1 From 84ea6a597654d49f3d2a5f67e8bc7b22db11472b Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 13 Jun 2022 12:19:45 +0200 Subject: [PATCH 0271/1882] actually remove ci --- .drone.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.drone.yml b/.drone.yml index 286c62a4..27c73b87 100644 --- a/.drone.yml +++ b/.drone.yml @@ -6,8 +6,3 @@ steps: image: registry.gitlab.com/pipeline-components/yamllint commands: - yamllint -c .yamllint.yaml . - - name: nix flake check - image: nixos/nix:master - commands: - - nix --extra-experimental-features nix-command --extra-experimental-features flakes flake prefetch - - nix --extra-experimental-features nix-command --extra-experimental-features flakes flake check --no-build -- 2.47.1 From 138b3ac7dc2ba22f6c5951e5f9dc8fc3e1efa7bc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Jun 2022 09:03:55 +0000 Subject: [PATCH 0272/1882] chore(deps): update dependency renovate/renovate to v32.85 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 64f1f550..717185e0 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.83 + image: renovate/renovate:32.85 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 432a7159c6793a8e349808e77945024aec71ea2d Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 14 Jun 2022 13:07:06 +0200 Subject: [PATCH 0273/1882] relieve some strain on gitea --- flake.lock | 12 ++++++------ .../image-update-automation.yaml | 2 +- .../image-update-automation/zookeeper.yaml | 2 +- nixos/hosts/gitea/configuration.nix | 5 +++++ 4 files changed, 13 insertions(+), 8 deletions(-) diff --git a/flake.lock b/flake.lock index d2d24344..7c7bdc3c 100644 --- a/flake.lock +++ b/flake.lock @@ -206,11 +206,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1654910231, - "narHash": "sha256-BGKT7IL+IrZLBQFJ0PxC8lFUV4Y3IONmi/SbaabsWlY=", + "lastModified": 1655171212, + "narHash": "sha256-WWryDfkz5Gg4FnIQDTPKNIB8oQsA81/qxub3cmOqCNc=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "14465ed2e2804484d1d456afee0d8fded6eb05bd", + "rev": "e8521e4982cb0eb8ac1534d137383fd9eff47100", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1654682581, - "narHash": "sha256-Jb1PQCwKgwdNAp907eR5zPzuxV+kRroA3UIxUxCMJ9s=", + "lastModified": 1655130522, + "narHash": "sha256-5dzlxE4okyu+M39yeVtHWQXzDZQxFF5rUB1iY9R6Lb4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e0169d7a9d324afebf5679551407756c77af8930", + "rev": "13f08d71ceff5101321e0291854495a1ec153a5e", "type": "github" }, "original": { diff --git a/flux/cluster/base/flux-system/image-update-automation/image-update-automation.yaml b/flux/cluster/base/flux-system/image-update-automation/image-update-automation.yaml index e140eb75..bc1fdf2e 100644 --- a/flux/cluster/base/flux-system/image-update-automation/image-update-automation.yaml +++ b/flux/cluster/base/flux-system/image-update-automation/image-update-automation.yaml @@ -4,7 +4,7 @@ metadata: name: flux-system namespace: flux-system spec: - interval: 1m0s + interval: 15m0s sourceRef: kind: GitRepository name: flux-system diff --git a/flux/cluster/base/flux-system/image-update-automation/zookeeper.yaml b/flux/cluster/base/flux-system/image-update-automation/zookeeper.yaml index 6c95f6d2..7aba21cf 100644 --- a/flux/cluster/base/flux-system/image-update-automation/zookeeper.yaml +++ b/flux/cluster/base/flux-system/image-update-automation/zookeeper.yaml @@ -5,7 +5,7 @@ metadata: namespace: flux-system spec: image: registry.xirion.net/library/zookeeper - interval: 1m0s + interval: 15m0s secretRef: name: xirion-registry-creds --- diff --git a/nixos/hosts/gitea/configuration.nix b/nixos/hosts/gitea/configuration.nix index f59a01a8..848982f9 100644 --- a/nixos/hosts/gitea/configuration.nix +++ b/nixos/hosts/gitea/configuration.nix @@ -25,6 +25,11 @@ services.openssh.startWhenNeeded = false; + services.fail2ban = { + enable = true; + maxretry = 3; + }; + services.gitea = { enable = true; domain = "git.0x76.dev"; -- 2.47.1 From 224dbb58c822808805d56e94b0dc47c8dc135862 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 14 Jun 2022 17:09:06 +0200 Subject: [PATCH 0274/1882] remove image update automation --- .../image-update-automation.yaml | 24 ------------------- .../kustomization.yaml | 5 ---- .../image-update-automation/zookeeper.yaml | 22 ----------------- .../base/flux-system/kustomization.yaml | 1 - 4 files changed, 52 deletions(-) delete mode 100644 flux/cluster/base/flux-system/image-update-automation/image-update-automation.yaml delete mode 100644 flux/cluster/base/flux-system/image-update-automation/kustomization.yaml delete mode 100644 flux/cluster/base/flux-system/image-update-automation/zookeeper.yaml diff --git a/flux/cluster/base/flux-system/image-update-automation/image-update-automation.yaml b/flux/cluster/base/flux-system/image-update-automation/image-update-automation.yaml deleted file mode 100644 index bc1fdf2e..00000000 --- a/flux/cluster/base/flux-system/image-update-automation/image-update-automation.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: image.toolkit.fluxcd.io/v1beta1 -kind: ImageUpdateAutomation -metadata: - name: flux-system - namespace: flux-system -spec: - interval: 15m0s - sourceRef: - kind: GitRepository - name: flux-system - git: - checkout: - ref: - branch: main - commit: - author: - email: fluxcdbot@users.noreply.github.com - name: fluxcdbot - messageTemplate: '{{range .Updated.Images}}{{println .}}{{end}}' - push: - branch: main - update: - path: ./flux/cluster/ - strategy: Setters diff --git a/flux/cluster/base/flux-system/image-update-automation/kustomization.yaml b/flux/cluster/base/flux-system/image-update-automation/kustomization.yaml deleted file mode 100644 index d370ea66..00000000 --- a/flux/cluster/base/flux-system/image-update-automation/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - image-update-automation.yaml - - zookeeper.yaml diff --git a/flux/cluster/base/flux-system/image-update-automation/zookeeper.yaml b/flux/cluster/base/flux-system/image-update-automation/zookeeper.yaml deleted file mode 100644 index 7aba21cf..00000000 --- a/flux/cluster/base/flux-system/image-update-automation/zookeeper.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: image.toolkit.fluxcd.io/v1beta1 -kind: ImageRepository -metadata: - name: zookeeper - namespace: flux-system -spec: - image: registry.xirion.net/library/zookeeper - interval: 15m0s - secretRef: - name: xirion-registry-creds ---- -apiVersion: image.toolkit.fluxcd.io/v1beta1 -kind: ImagePolicy -metadata: - name: zookeeper - namespace: flux-system -spec: - imageRepositoryRef: - name: zookeeper - policy: - semver: - range: "*" diff --git a/flux/cluster/base/flux-system/kustomization.yaml b/flux/cluster/base/flux-system/kustomization.yaml index c3635442..9b07814f 100644 --- a/flux/cluster/base/flux-system/kustomization.yaml +++ b/flux/cluster/base/flux-system/kustomization.yaml @@ -4,5 +4,4 @@ resources: - gotk-components.yaml - gotk-sync.yaml - xirion-registry-creds.yaml - - image-update-automation - charts -- 2.47.1 From eefd31e5637d48537d3035f5e870b9c68905b626 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Jun 2022 18:01:16 +0000 Subject: [PATCH 0275/1882] chore(deps): update dependency renovate/renovate to v32.86 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 717185e0..c8f6e5b0 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.85 + image: renovate/renovate:32.86 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From b1abc994195fe2fcd875e7bc66fea1130d903729 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Jun 2022 23:01:15 +0000 Subject: [PATCH 0276/1882] chore(deps): update dependency renovate/renovate to v32.87 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index c8f6e5b0..fc9ca604 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.86 + image: renovate/renovate:32.87 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 8ffe3a0e8bda8396d7f32792c7def69c79bc0a6d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Jun 2022 23:01:15 +0000 Subject: [PATCH 0277/1882] chore(deps): update dependency renovate/renovate to v32.88 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index fc9ca604..b57363cc 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.87 + image: renovate/renovate:32.88 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 14bc60b642f7c46054c9a27f39bf1894acc9a18e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Jun 2022 16:01:16 +0000 Subject: [PATCH 0278/1882] chore(deps): update dependency renovate/renovate to v32.89 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index b57363cc..bac9d31a 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.88 + image: renovate/renovate:32.89 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 82940bd0b7672abe8f6e47abeb813a5abe6a20cb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Jun 2022 11:00:14 +0000 Subject: [PATCH 0279/1882] chore(deps): update helm values drone/drone to v2.12.1 --- flux/cluster/apps/gitops/drone/server.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/drone/server.yaml b/flux/cluster/apps/gitops/drone/server.yaml index 26e1edac..546f6717 100644 --- a/flux/cluster/apps/gitops/drone/server.yaml +++ b/flux/cluster/apps/gitops/drone/server.yaml @@ -16,7 +16,7 @@ spec: values: image: repository: drone/drone - tag: 2.12.0 + tag: 2.12.1 ingress: enabled: true hosts: -- 2.47.1 From 49525882443d06b45ddeac66c3b9af9d83efbceb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Jun 2022 13:00:14 +0000 Subject: [PATCH 0280/1882] chore(deps): update helm release traefik to v10.21.1 --- flux/cluster/apps/networking/traefik/helm-release.yaml | 2 +- flux/cluster/crds/traefik/crds.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/flux/cluster/apps/networking/traefik/helm-release.yaml b/flux/cluster/apps/networking/traefik/helm-release.yaml index 04cb7be6..77789c76 100644 --- a/flux/cluster/apps/networking/traefik/helm-release.yaml +++ b/flux/cluster/apps/networking/traefik/helm-release.yaml @@ -10,7 +10,7 @@ spec: spec: # renovate: registryUrl=https://helm.traefik.io/traefik chart: traefik - version: 10.20.1 + version: 10.21.1 sourceRef: kind: HelmRepository name: traefik-charts diff --git a/flux/cluster/crds/traefik/crds.yaml b/flux/cluster/crds/traefik/crds.yaml index 960ad3da..854bf2ea 100644 --- a/flux/cluster/crds/traefik/crds.yaml +++ b/flux/cluster/crds/traefik/crds.yaml @@ -9,7 +9,7 @@ spec: url: https://github.com/traefik/traefik-helm-chart.git ref: # renovate: registryUrl=https://helm.traefik.io/traefik chart=traefik - tag: v10.20.1 + tag: v10.21.1 ignore: | # exclude all /* -- 2.47.1 From a1eb999879f9b9b9d838a379e8c3bfb1de48e0ac Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Jun 2022 23:01:29 +0000 Subject: [PATCH 0281/1882] chore(deps): update terraform vault to v3.7.0 --- terraform/.terraform.lock.hcl | 26 +++++++++++++------------- terraform/versions.tf | 2 +- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl index 857c1522..ec94e5b3 100644 --- a/terraform/.terraform.lock.hcl +++ b/terraform/.terraform.lock.hcl @@ -2,20 +2,20 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/vault" { - version = "3.6.0" - constraints = "3.6.0" + version = "3.7.0" + constraints = "3.7.0" hashes = [ - "h1:1qQq34L5UGo8R93fWsSWUIwHGTdouOcBQb832QVf8NA=", - "h1:2yU3L2PPltZrQFSc/4YWnVgUg2gwUmIFPSR/0iqUDEg=", - "h1:HECX5EGlh1HeIG8T7eRPfKYl4iG+bxvRRt6oer2oSKE=", - "h1:Ha+CZaGNGfI+oc+ZMcKhqonnux3AcTGyhVbW5tzAFlI=", - "h1:HovP+62TRZUE6V9yke0oW/7+vDwnCPAwwhgKEzyNWYk=", - "h1:K13Hcl+F08z2bRHvf1/METKNCClJqaIfha9Vjuv8Cqc=", - "h1:bXAbuGy5MStp9n4dqmeueEutLHuuWpYWZBFb6YrPWu8=", - "h1:helsVBMPFBQPoVHTx7jFtwWB8ZbIAcYlD/MQVDJYKDs=", - "h1:jXdg6tLuMdTeq+L3KFyQUqibcyRCofco4jYSoWB1gYE=", - "h1:uqDt1zjV33VA3BhXSlZ0FunmU1VBl+6PUJnPNygqgic=", - "h1:xCVeXsWwTk3JIWW2vEHRD5i3pQh7/fY9iC/LMDBnhgo=", + "h1:1iaCuOSuivmE5uQLDi5uAh8IWWCBhx6um/wrR8PbwM8=", + "h1:A0gfpK/2twePnZsXRO0bwZUu66FIXZfI5jRvDufbTQE=", + "h1:BTzld8ynMono7s5SPlJ5m7lSShcVDsGk99Z4rg588Fc=", + "h1:EZMX/TxwqGOOletzDSyXYzjVdHZStA1spCTvhSkevZU=", + "h1:NGDad23y/OaHFvAv1azAB16Rbc07YaQ15wfvSvdTlSA=", + "h1:UsdBM6FUwdSyH4gnFsPnDEmmZd136bZh+s0oV9SF87c=", + "h1:dJ75Fouc/4lWGII4LGV2YZUMYiYahGULpjDbC6cgSTU=", + "h1:gAJqiShSzKBi77avwgXYetL8mJwU+k6qaZAI+IDrf6c=", + "h1:idawLPCbZgHIb+NRLJs4YdIcQgACqYiT5VwQfChkn+w=", + "h1:tpJRzoeSYrvlgwnHpC1xZ+oSZEcx19sgu7rpXAFqGzk=", + "h1:yzVlnIzvioNnoVi7rDiOl9oXni4SKbEAcPiovJG6kKM=", ] } diff --git a/terraform/versions.tf b/terraform/versions.tf index 4f4ab399..9b0b4c68 100644 --- a/terraform/versions.tf +++ b/terraform/versions.tf @@ -6,7 +6,7 @@ terraform { } vault = { source = "hashicorp/vault" - version = "3.6.0" + version = "3.7.0" } } } -- 2.47.1 From d636f3e5183ad3d0308bfea974bbdd3a0b5d4c36 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Jun 2022 01:01:14 +0000 Subject: [PATCH 0282/1882] chore(deps): update dependency renovate/renovate to v32.90 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index bac9d31a..4527cc7e 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.89 + image: renovate/renovate:32.90 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From a978983dac573b427e99305340b0fd37f9590ce3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Jun 2022 13:01:18 +0000 Subject: [PATCH 0283/1882] chore(deps): update dependency renovate/renovate to v32.91 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 4527cc7e..d9d307e6 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.90 + image: renovate/renovate:32.91 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From f1b9c1014f798dd43521ebc1636bea4604d7aca2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Jun 2022 14:01:21 +0000 Subject: [PATCH 0284/1882] chore(deps): update dependency renovate/renovate to v32.92 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index d9d307e6..9aace914 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.91 + image: renovate/renovate:32.92 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 20628429f41c9206efc7cf1d742638e7ac8d417d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Jun 2022 21:00:17 +0000 Subject: [PATCH 0285/1882] chore(deps): update helm values ghcr.io/goauthentik/server to v2022.6.3 --- flux/cluster/apps/authentik/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/authentik/helm-release.yaml b/flux/cluster/apps/authentik/helm-release.yaml index 92b15ecd..885842ad 100644 --- a/flux/cluster/apps/authentik/helm-release.yaml +++ b/flux/cluster/apps/authentik/helm-release.yaml @@ -24,7 +24,7 @@ spec: values: image: repository: ghcr.io/goauthentik/server - tag: 2022.6.2 + tag: 2022.6.3 authentik: error_reporting: enabled: true -- 2.47.1 From 45ae57e32ba474a7950dac1bdb905cdb077db41c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Jun 2022 14:01:16 +0000 Subject: [PATCH 0286/1882] chore(deps): update dependency renovate/renovate to v32.93 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 9aace914..2a2884f6 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.92 + image: renovate/renovate:32.93 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From c2aea12626eac7579660d3da2fef73a447ab8759 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Jun 2022 15:01:16 +0000 Subject: [PATCH 0287/1882] chore(deps): update helm release goldilocks to v6.1.3 --- flux/cluster/apps/monitoring/goldilocks/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/monitoring/goldilocks/helm-release.yaml b/flux/cluster/apps/monitoring/goldilocks/helm-release.yaml index f1f94ff6..2d3be001 100644 --- a/flux/cluster/apps/monitoring/goldilocks/helm-release.yaml +++ b/flux/cluster/apps/monitoring/goldilocks/helm-release.yaml @@ -8,7 +8,7 @@ spec: chart: spec: chart: goldilocks - version: 6.1.2 + version: 6.1.3 sourceRef: kind: HelmRepository name: fairwinds-charts -- 2.47.1 From 956950c20df1b470a117f8a18e88e2a1e2fd4e09 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Jun 2022 21:01:14 +0000 Subject: [PATCH 0288/1882] chore(deps): update dependency renovate/renovate to v32.94 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 2a2884f6..8aaafca2 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.93 + image: renovate/renovate:32.94 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From a4f5c721ef766f863aa578564bf79d07426a42bf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Jun 2022 13:01:14 +0000 Subject: [PATCH 0289/1882] chore(deps): update dependency renovate/renovate to v32.95 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 8aaafca2..e065a474 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.94 + image: renovate/renovate:32.95 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From c46407307548cd08c5f681381f57fff765224679 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Jun 2022 02:01:13 +0000 Subject: [PATCH 0290/1882] chore(deps): update dependency renovate/renovate to v32.96 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index e065a474..da3e3716 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.95 + image: renovate/renovate:32.96 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 0887c2798d2d8c54ccc6b4ac7efcf40aef30aab0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Jun 2022 12:01:15 +0000 Subject: [PATCH 0291/1882] chore(deps): update dependency renovate/renovate to v32.97 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index da3e3716..162cee14 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.96 + image: renovate/renovate:32.97 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From f288142c301cdc421791ff7faec0e011c8b3b11f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Jun 2022 14:01:16 +0000 Subject: [PATCH 0292/1882] chore(deps): update helm release authentik to v2022.6.3 --- flux/cluster/apps/authentik/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/authentik/helm-release.yaml b/flux/cluster/apps/authentik/helm-release.yaml index 885842ad..a887db4d 100644 --- a/flux/cluster/apps/authentik/helm-release.yaml +++ b/flux/cluster/apps/authentik/helm-release.yaml @@ -9,7 +9,7 @@ spec: spec: # renovate: registryUrl=https://charts.goauthentik.io chart: authentik - version: 2022.6.1 + version: 2022.6.3 sourceRef: kind: HelmRepository name: authentik-charts -- 2.47.1 From 1865127a16d46ce3a4f8f50439956415766bf840 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Jun 2022 17:00:14 +0000 Subject: [PATCH 0293/1882] chore(deps): update helm release traefik to v10.22.0 --- flux/cluster/apps/networking/traefik/helm-release.yaml | 2 +- flux/cluster/crds/traefik/crds.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/flux/cluster/apps/networking/traefik/helm-release.yaml b/flux/cluster/apps/networking/traefik/helm-release.yaml index 77789c76..7a2f6347 100644 --- a/flux/cluster/apps/networking/traefik/helm-release.yaml +++ b/flux/cluster/apps/networking/traefik/helm-release.yaml @@ -10,7 +10,7 @@ spec: spec: # renovate: registryUrl=https://helm.traefik.io/traefik chart: traefik - version: 10.21.1 + version: 10.22.0 sourceRef: kind: HelmRepository name: traefik-charts diff --git a/flux/cluster/crds/traefik/crds.yaml b/flux/cluster/crds/traefik/crds.yaml index 854bf2ea..2ed87b77 100644 --- a/flux/cluster/crds/traefik/crds.yaml +++ b/flux/cluster/crds/traefik/crds.yaml @@ -9,7 +9,7 @@ spec: url: https://github.com/traefik/traefik-helm-chart.git ref: # renovate: registryUrl=https://helm.traefik.io/traefik chart=traefik - tag: v10.21.1 + tag: v10.22.0 ignore: | # exclude all /* -- 2.47.1 From b4a93fdd61eb55b56ac09bb91aefbacefe149ab9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Jun 2022 16:05:00 +0000 Subject: [PATCH 0294/1882] chore(deps): update helm release external-secrets to v0.5.7 --- .../core/external-secrets/external-secrets/helm-release.yaml | 2 +- flux/cluster/crds/external-secrets/crds.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml b/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml index cabae28a..8f9cee7b 100644 --- a/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml +++ b/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml @@ -10,7 +10,7 @@ spec: spec: # renovate: registryUrl=https://charts.external-secrets.io chart: external-secrets - version: 0.5.6 + version: 0.5.7 sourceRef: kind: HelmRepository name: external-secrets-charts diff --git a/flux/cluster/crds/external-secrets/crds.yaml b/flux/cluster/crds/external-secrets/crds.yaml index f8c9193e..420702f1 100644 --- a/flux/cluster/crds/external-secrets/crds.yaml +++ b/flux/cluster/crds/external-secrets/crds.yaml @@ -9,7 +9,7 @@ spec: url: https://github.com/external-secrets/external-secrets.git ref: # renovate: registryUrl=https://charts.external-secrets.io chart=external-secrets - tag: helm-chart-0.5.6 + tag: helm-chart-0.5.7 ignore: | # exclude all /* -- 2.47.1 From a19d2ee789ee8160eb2b7db6850964e2c8308c52 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Jun 2022 12:01:15 +0000 Subject: [PATCH 0295/1882] chore(deps): update helm release drone to v0.3.0 --- flux/cluster/apps/gitops/drone/server.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/drone/server.yaml b/flux/cluster/apps/gitops/drone/server.yaml index 546f6717..833f6acb 100644 --- a/flux/cluster/apps/gitops/drone/server.yaml +++ b/flux/cluster/apps/gitops/drone/server.yaml @@ -8,7 +8,7 @@ spec: chart: spec: chart: drone - version: 0.2.5 + version: 0.3.0 sourceRef: kind: HelmRepository name: drone-charts -- 2.47.1 From 2b9cda4b6296f13aaa7bdae51837c19f9786d819 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Jun 2022 14:09:00 +0000 Subject: [PATCH 0296/1882] chore(deps): update dependency fluxcd/flux2 to v0.31.2 --- .../base/flux-system/gotk-components.yaml | 76 +++++++++---------- 1 file changed, 38 insertions(+), 38 deletions(-) diff --git a/flux/cluster/base/flux-system/gotk-components.yaml b/flux/cluster/base/flux-system/gotk-components.yaml index 8ce6fca8..fc298dcc 100644 --- a/flux/cluster/base/flux-system/gotk-components.yaml +++ b/flux/cluster/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.31.1 +# Flux Version: v0.31.2 # Components: source-controller,kustomize-controller,helm-controller,notification-controller,image-reflector-controller,image-automation-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -22,7 +22,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -243,7 +243,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -753,7 +753,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1488,7 +1488,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2054,7 +2054,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -2901,7 +2901,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3389,7 +3389,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: imagepolicies.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3980,7 +3980,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: imagerepositories.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -4567,7 +4567,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: imageupdateautomations.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -5381,7 +5381,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -6503,7 +6503,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6709,7 +6709,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6935,7 +6935,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: helm-controller namespace: flux-system --- @@ -6945,7 +6945,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: image-automation-controller namespace: flux-system --- @@ -6955,7 +6955,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: image-reflector-controller namespace: flux-system --- @@ -6965,7 +6965,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: kustomize-controller namespace: flux-system --- @@ -6975,7 +6975,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: notification-controller namespace: flux-system --- @@ -6985,7 +6985,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: source-controller namespace: flux-system --- @@ -6995,7 +6995,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: crd-controller-flux-system rules: - apiGroups: @@ -7085,7 +7085,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -7105,7 +7105,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -7137,7 +7137,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 control-plane: controller name: notification-controller namespace: flux-system @@ -7157,7 +7157,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 control-plane: controller name: source-controller namespace: flux-system @@ -7177,7 +7177,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 control-plane: controller name: webhook-receiver namespace: flux-system @@ -7197,7 +7197,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 control-plane: controller name: helm-controller namespace: flux-system @@ -7279,7 +7279,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 control-plane: controller name: image-automation-controller namespace: flux-system @@ -7308,7 +7308,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-automation-controller:v0.23.2 + image: ghcr.io/fluxcd/image-automation-controller:v0.23.4 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7361,7 +7361,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 control-plane: controller name: image-reflector-controller namespace: flux-system @@ -7390,7 +7390,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-reflector-controller:v0.19.1 + image: ghcr.io/fluxcd/image-reflector-controller:v0.19.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7447,7 +7447,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 control-plane: controller name: kustomize-controller namespace: flux-system @@ -7529,7 +7529,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 control-plane: controller name: notification-controller namespace: flux-system @@ -7616,7 +7616,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 control-plane: controller name: source-controller namespace: flux-system @@ -7649,7 +7649,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/source-controller:v0.25.5 + image: ghcr.io/fluxcd/source-controller:v0.25.8 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7709,7 +7709,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: allow-egress namespace: flux-system spec: @@ -7729,7 +7729,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: allow-scraping namespace: flux-system spec: @@ -7749,7 +7749,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.1 + app.kubernetes.io/version: v0.31.2 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From ae5a0c472555da8b8a4ed16834fd3fa5e5605d5d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Jun 2022 09:01:14 +0000 Subject: [PATCH 0297/1882] chore(deps): update dependency renovate/renovate to v32.98 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 162cee14..d097014b 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.97 + image: renovate/renovate:32.98 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 480a06b305bdd52dcc239cecb831371e3171f5d0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Jun 2022 17:01:12 +0000 Subject: [PATCH 0298/1882] chore(deps): update dependency renovate/renovate to v32.99 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index d097014b..6c66fdf5 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.98 + image: renovate/renovate:32.99 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 5ec9f195c073d7ff3868171aa345b42ec0ba59b3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Jun 2022 14:00:14 +0000 Subject: [PATCH 0299/1882] chore(deps): update helm release traefik to v10.23.0 --- flux/cluster/apps/networking/traefik/helm-release.yaml | 2 +- flux/cluster/crds/traefik/crds.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/flux/cluster/apps/networking/traefik/helm-release.yaml b/flux/cluster/apps/networking/traefik/helm-release.yaml index 7a2f6347..4004c7c1 100644 --- a/flux/cluster/apps/networking/traefik/helm-release.yaml +++ b/flux/cluster/apps/networking/traefik/helm-release.yaml @@ -10,7 +10,7 @@ spec: spec: # renovate: registryUrl=https://helm.traefik.io/traefik chart: traefik - version: 10.22.0 + version: 10.23.0 sourceRef: kind: HelmRepository name: traefik-charts diff --git a/flux/cluster/crds/traefik/crds.yaml b/flux/cluster/crds/traefik/crds.yaml index 2ed87b77..ed3fe77c 100644 --- a/flux/cluster/crds/traefik/crds.yaml +++ b/flux/cluster/crds/traefik/crds.yaml @@ -9,7 +9,7 @@ spec: url: https://github.com/traefik/traefik-helm-chart.git ref: # renovate: registryUrl=https://helm.traefik.io/traefik chart=traefik - tag: v10.22.0 + tag: v10.23.0 ignore: | # exclude all /* -- 2.47.1 From 56cc47b3f2998a2b211a37dd7c604cfdbf9f8cc6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Jun 2022 21:00:13 +0000 Subject: [PATCH 0300/1882] chore(deps): update helm release drone to v0.3.1 --- flux/cluster/apps/gitops/drone/server.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/drone/server.yaml b/flux/cluster/apps/gitops/drone/server.yaml index 833f6acb..a40f179c 100644 --- a/flux/cluster/apps/gitops/drone/server.yaml +++ b/flux/cluster/apps/gitops/drone/server.yaml @@ -8,7 +8,7 @@ spec: chart: spec: chart: drone - version: 0.3.0 + version: 0.3.1 sourceRef: kind: HelmRepository name: drone-charts -- 2.47.1 From 44fea7277ea7f9e2d40dd8d77295b451baf93817 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 29 Jun 2022 19:01:14 +0000 Subject: [PATCH 0301/1882] chore(deps): update dependency renovate/renovate to v32.100 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 6c66fdf5..12aa7b95 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.99 + image: renovate/renovate:32.100 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 5d24747a34d58fbd31f19891dbd11748daafe06d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 29 Jun 2022 15:00:19 +0000 Subject: [PATCH 0302/1882] chore(deps): update helm release drone-runner-kube to v0.1.9 --- flux/cluster/apps/gitops/drone/runner.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/drone/runner.yaml b/flux/cluster/apps/gitops/drone/runner.yaml index 0d5cd558..840ae5e0 100644 --- a/flux/cluster/apps/gitops/drone/runner.yaml +++ b/flux/cluster/apps/gitops/drone/runner.yaml @@ -8,7 +8,7 @@ spec: chart: spec: chart: drone-runner-kube - version: 0.1.8 + version: 0.1.9 sourceRef: kind: HelmRepository name: drone-charts -- 2.47.1 From 98a246380f710535e4b40901e7f662a796970443 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 30 Jun 2022 10:00:14 +0000 Subject: [PATCH 0303/1882] chore(deps): update helm release traefik to v10.24.0 --- flux/cluster/apps/networking/traefik/helm-release.yaml | 2 +- flux/cluster/crds/traefik/crds.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/flux/cluster/apps/networking/traefik/helm-release.yaml b/flux/cluster/apps/networking/traefik/helm-release.yaml index 4004c7c1..4f31cbd7 100644 --- a/flux/cluster/apps/networking/traefik/helm-release.yaml +++ b/flux/cluster/apps/networking/traefik/helm-release.yaml @@ -10,7 +10,7 @@ spec: spec: # renovate: registryUrl=https://helm.traefik.io/traefik chart: traefik - version: 10.23.0 + version: 10.24.0 sourceRef: kind: HelmRepository name: traefik-charts diff --git a/flux/cluster/crds/traefik/crds.yaml b/flux/cluster/crds/traefik/crds.yaml index ed3fe77c..a46320b0 100644 --- a/flux/cluster/crds/traefik/crds.yaml +++ b/flux/cluster/crds/traefik/crds.yaml @@ -9,7 +9,7 @@ spec: url: https://github.com/traefik/traefik-helm-chart.git ref: # renovate: registryUrl=https://helm.traefik.io/traefik chart=traefik - tag: v10.23.0 + tag: v10.24.0 ignore: | # exclude all /* -- 2.47.1 From 72b7b46b7a6b23aef7d0950f56e18237f9fffac5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 29 Jun 2022 15:00:18 +0000 Subject: [PATCH 0304/1882] chore(deps): update dependency fluxcd/flux2 to v0.31.3 --- .../base/flux-system/gotk-components.yaml | 74 +++++++++---------- 1 file changed, 37 insertions(+), 37 deletions(-) diff --git a/flux/cluster/base/flux-system/gotk-components.yaml b/flux/cluster/base/flux-system/gotk-components.yaml index fc298dcc..55e1531f 100644 --- a/flux/cluster/base/flux-system/gotk-components.yaml +++ b/flux/cluster/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.31.2 +# Flux Version: v0.31.3 # Components: source-controller,kustomize-controller,helm-controller,notification-controller,image-reflector-controller,image-automation-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -22,7 +22,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -243,7 +243,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -753,7 +753,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1488,7 +1488,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2054,7 +2054,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -2901,7 +2901,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3389,7 +3389,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: imagepolicies.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3980,7 +3980,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: imagerepositories.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -4567,7 +4567,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: imageupdateautomations.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -5381,7 +5381,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -6503,7 +6503,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6709,7 +6709,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6935,7 +6935,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: helm-controller namespace: flux-system --- @@ -6945,7 +6945,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: image-automation-controller namespace: flux-system --- @@ -6955,7 +6955,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: image-reflector-controller namespace: flux-system --- @@ -6965,7 +6965,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: kustomize-controller namespace: flux-system --- @@ -6975,7 +6975,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: notification-controller namespace: flux-system --- @@ -6985,7 +6985,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: source-controller namespace: flux-system --- @@ -6995,7 +6995,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: crd-controller-flux-system rules: - apiGroups: @@ -7085,7 +7085,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -7105,7 +7105,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -7137,7 +7137,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 control-plane: controller name: notification-controller namespace: flux-system @@ -7157,7 +7157,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 control-plane: controller name: source-controller namespace: flux-system @@ -7177,7 +7177,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 control-plane: controller name: webhook-receiver namespace: flux-system @@ -7197,7 +7197,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 control-plane: controller name: helm-controller namespace: flux-system @@ -7279,7 +7279,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 control-plane: controller name: image-automation-controller namespace: flux-system @@ -7361,7 +7361,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 control-plane: controller name: image-reflector-controller namespace: flux-system @@ -7447,7 +7447,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 control-plane: controller name: kustomize-controller namespace: flux-system @@ -7476,7 +7476,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.26.1 + image: ghcr.io/fluxcd/kustomize-controller:v0.26.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7529,7 +7529,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 control-plane: controller name: notification-controller namespace: flux-system @@ -7616,7 +7616,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 control-plane: controller name: source-controller namespace: flux-system @@ -7649,7 +7649,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/source-controller:v0.25.8 + image: ghcr.io/fluxcd/source-controller:v0.25.9 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7709,7 +7709,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: allow-egress namespace: flux-system spec: @@ -7729,7 +7729,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: allow-scraping namespace: flux-system spec: @@ -7749,7 +7749,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.2 + app.kubernetes.io/version: v0.31.3 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From 3015298d9a295858a565d3d7347594f5ff993a9a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 1 Jul 2022 14:01:16 +0000 Subject: [PATCH 0305/1882] chore(deps): update dependency renovate/renovate to v32.102 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 12aa7b95..7be173a2 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.100 + image: renovate/renovate:32.102 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From fa83e83f89182037483c5e156b9f7865e7201efd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 2 Jul 2022 13:01:24 +0000 Subject: [PATCH 0306/1882] chore(deps): update dependency renovate/renovate to v32.103 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 7be173a2..c6948a35 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.102 + image: renovate/renovate:32.103 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From ef27f80606e546817a97fb90e2374d02a3c1f060 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 3 Jul 2022 16:01:12 +0000 Subject: [PATCH 0307/1882] chore(deps): update dependency renovate/renovate to v32.104 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index c6948a35..cb636103 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.103 + image: renovate/renovate:32.104 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 1372f4bfb666894ca680879ee19ab8242d78a3bf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 4 Jul 2022 01:01:11 +0000 Subject: [PATCH 0308/1882] chore(deps): update dependency renovate/renovate to v32.105 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index cb636103..23f10d2a 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.104 + image: renovate/renovate:32.105 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 2e2e90be8282c85b29e62b5a8cb33650e689df86 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 4 Jul 2022 20:00:15 +0000 Subject: [PATCH 0309/1882] chore(deps): update helm values ghcr.io/goauthentik/server to v2022.7.1 --- flux/cluster/apps/authentik/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/authentik/helm-release.yaml b/flux/cluster/apps/authentik/helm-release.yaml index a887db4d..18751bca 100644 --- a/flux/cluster/apps/authentik/helm-release.yaml +++ b/flux/cluster/apps/authentik/helm-release.yaml @@ -24,7 +24,7 @@ spec: values: image: repository: ghcr.io/goauthentik/server - tag: 2022.6.3 + tag: 2022.7.1 authentik: error_reporting: enabled: true -- 2.47.1 From 2b580ecbadc7ff86817ef8e5955cf2a282401271 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 7 Jul 2022 13:01:13 +0000 Subject: [PATCH 0310/1882] chore(deps): update dependency renovate/renovate to v32.106 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 23f10d2a..f66d3b00 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.105 + image: renovate/renovate:32.106 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From e779756b6609ba50e5736f64c268ebfc6c5c8f69 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 7 Jul 2022 15:04:45 +0000 Subject: [PATCH 0311/1882] chore(deps): update dependency renovate/renovate to v32.107 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index f66d3b00..052df02f 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.106 + image: renovate/renovate:32.107 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 9d951887a9deac4e0e7f5cce2f12ce172cc53ac8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 11 Jul 2022 02:01:12 +0000 Subject: [PATCH 0312/1882] chore(deps): update dependency renovate/renovate to v32.109 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 052df02f..f43cb309 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.107 + image: renovate/renovate:32.109 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From e5abbd2448966f260a9f8a19e8a248894bef48cf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 11 Jul 2022 12:01:15 +0000 Subject: [PATCH 0313/1882] chore(deps): update dependency renovate/renovate to v32.110 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index f43cb309..8c4119cb 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.109 + image: renovate/renovate:32.110 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 79f8a57553dfeae31f34f38534744e04778a90cf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 12 Jul 2022 12:01:15 +0000 Subject: [PATCH 0314/1882] chore(deps): update dependency renovate/renovate to v32.111 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 8c4119cb..5580ef40 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.110 + image: renovate/renovate:32.111 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 62fec872990e1220ae5c8a7c6a468249d0c19480 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 13 Jul 2022 22:01:15 +0000 Subject: [PATCH 0315/1882] chore(deps): update dependency renovate/renovate to v32.112 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 5580ef40..956723fa 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.111 + image: renovate/renovate:32.112 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 03f4d31267dd0b9090500d98893c6ef12090a428 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 14 Jul 2022 08:01:18 +0000 Subject: [PATCH 0316/1882] chore(deps): update dependency renovate/renovate to v32.114 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 956723fa..79e69eb1 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.112 + image: renovate/renovate:32.114 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From b5d846f1619470b5f85e45ea089042f2a79c17b2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 12 Jul 2022 22:00:16 +0000 Subject: [PATCH 0317/1882] chore(deps): update helm release goldilocks to v6.1.4 --- flux/cluster/apps/monitoring/goldilocks/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/monitoring/goldilocks/helm-release.yaml b/flux/cluster/apps/monitoring/goldilocks/helm-release.yaml index 2d3be001..9c3d2a22 100644 --- a/flux/cluster/apps/monitoring/goldilocks/helm-release.yaml +++ b/flux/cluster/apps/monitoring/goldilocks/helm-release.yaml @@ -8,7 +8,7 @@ spec: chart: spec: chart: goldilocks - version: 6.1.3 + version: 6.1.4 sourceRef: kind: HelmRepository name: fairwinds-charts -- 2.47.1 From 5fdc36ca6bbc7cd1992890b011b0fe03e941599e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 14 Jul 2022 06:00:19 +0000 Subject: [PATCH 0318/1882] chore(deps): update helm release polaris to v5.4.1 --- flux/cluster/apps/monitoring/polaris/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/monitoring/polaris/helm-release.yaml b/flux/cluster/apps/monitoring/polaris/helm-release.yaml index 3bc2b497..bd25c58c 100644 --- a/flux/cluster/apps/monitoring/polaris/helm-release.yaml +++ b/flux/cluster/apps/monitoring/polaris/helm-release.yaml @@ -8,7 +8,7 @@ spec: chart: spec: chart: polaris - version: 5.1.0 + version: 5.4.1 sourceRef: kind: HelmRepository name: fairwinds-charts -- 2.47.1 From 394c8ac4163877c68abc899b1ecc8aaea34a157f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 6 Jul 2022 21:00:41 +0000 Subject: [PATCH 0319/1882] chore(deps): update helm values ghcr.io/goauthentik/server to v2022.7.2 --- flux/cluster/apps/authentik/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/authentik/helm-release.yaml b/flux/cluster/apps/authentik/helm-release.yaml index 18751bca..55229fb2 100644 --- a/flux/cluster/apps/authentik/helm-release.yaml +++ b/flux/cluster/apps/authentik/helm-release.yaml @@ -24,7 +24,7 @@ spec: values: image: repository: ghcr.io/goauthentik/server - tag: 2022.7.1 + tag: 2022.7.2 authentik: error_reporting: enabled: true -- 2.47.1 From 9e9caf8ddd8da61a43586b1c78fb4e53d7922c03 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 12 Jul 2022 14:01:54 +0000 Subject: [PATCH 0320/1882] chore(deps): update helm release external-secrets to v0.5.8 --- .../core/external-secrets/external-secrets/helm-release.yaml | 2 +- flux/cluster/crds/external-secrets/crds.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml b/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml index 8f9cee7b..33b8e065 100644 --- a/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml +++ b/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml @@ -10,7 +10,7 @@ spec: spec: # renovate: registryUrl=https://charts.external-secrets.io chart: external-secrets - version: 0.5.7 + version: 0.5.8 sourceRef: kind: HelmRepository name: external-secrets-charts diff --git a/flux/cluster/crds/external-secrets/crds.yaml b/flux/cluster/crds/external-secrets/crds.yaml index 420702f1..bdd41646 100644 --- a/flux/cluster/crds/external-secrets/crds.yaml +++ b/flux/cluster/crds/external-secrets/crds.yaml @@ -9,7 +9,7 @@ spec: url: https://github.com/external-secrets/external-secrets.git ref: # renovate: registryUrl=https://charts.external-secrets.io chart=external-secrets - tag: helm-chart-0.5.7 + tag: helm-chart-0.5.8 ignore: | # exclude all /* -- 2.47.1 From 9381fb00d61605521d8ca7b198846ea81e89ec03 Mon Sep 17 00:00:00 2001 From: renovate Date: Thu, 14 Jul 2022 19:50:19 +0200 Subject: [PATCH 0321/1882] chore(deps): update helm release authentik to v2022.7.2 (#50) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [authentik](https://goauthentik.io) ([source](https://github.com/goauthentik/helm)) | minor | `2022.6.3` -> `2022.7.2` | --- ### Release Notes
goauthentik/helm ### [`v2022.7.2`](https://github.com/goauthentik/helm/releases/tag/authentik-2022.7.2) [Compare Source](https://github.com/goauthentik/helm/compare/authentik-2022.6.3...authentik-2022.7.2) authentik is an open-source Identity Provider focused on flexibility and versatility
--- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Co-authored-by: Renovate Bot Co-authored-by: v Reviewed-on: https://git.0x76.dev/v/infrastructure/pulls/50 Co-authored-by: renovate Co-committed-by: renovate --- flux/cluster/apps/authentik/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/authentik/helm-release.yaml b/flux/cluster/apps/authentik/helm-release.yaml index 55229fb2..dde6fcdc 100644 --- a/flux/cluster/apps/authentik/helm-release.yaml +++ b/flux/cluster/apps/authentik/helm-release.yaml @@ -9,7 +9,7 @@ spec: spec: # renovate: registryUrl=https://charts.goauthentik.io chart: authentik - version: 2022.6.3 + version: 2022.7.2 sourceRef: kind: HelmRepository name: authentik-charts -- 2.47.1 From e34c98638f80c3a46c69089940cbf8504155d925 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 14 Jul 2022 20:01:14 +0000 Subject: [PATCH 0322/1882] chore(deps): update dependency renovate/renovate to v32.115 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 79e69eb1..3ed89942 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.114 + image: renovate/renovate:32.115 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From c6cedcc11e01553758049e12cb0a0f755029b5ab Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 15 Jul 2022 18:01:16 +0000 Subject: [PATCH 0323/1882] chore(deps): update dependency renovate/renovate to v32.117 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 3ed89942..fb690953 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.115 + image: renovate/renovate:32.117 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 12fd5867d1d7f6004708352b60c73c0bfe1168f6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 17 Jul 2022 04:01:12 +0000 Subject: [PATCH 0324/1882] chore(deps): update dependency renovate/renovate to v32.118 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index fb690953..143b2fe2 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.117 + image: renovate/renovate:32.118 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 9808af40eeeedb24323863ae83971c51592449e8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 18 Jul 2022 13:01:19 +0000 Subject: [PATCH 0325/1882] chore(deps): update dependency renovate/renovate to v32.119 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 143b2fe2..3d99684f 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.118 + image: renovate/renovate:32.119 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 1ba9b72696e31af1dbb03d049ef4e22dedd44736 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 19 Jul 2022 12:04:45 +0200 Subject: [PATCH 0326/1882] updates --- flake.lock | 44 ++++++++++++++++++++++---------------------- flux/bootstrap.sh | 2 +- 2 files changed, 23 insertions(+), 23 deletions(-) diff --git a/flake.lock b/flake.lock index 7c7bdc3c..876e5cf7 100644 --- a/flake.lock +++ b/flake.lock @@ -10,11 +10,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1654885765, - "narHash": "sha256-BU8uDapI/ZS1B/K0M1n/AvQ3ZIwBk0NMytM49WqZo8w=", + "lastModified": 1656722469, + "narHash": "sha256-NGSX4B4hQzJcNGMZU4FO+V7AZiJHWGNR5PqwJvOSIyI=", "owner": "zhaofengli", "repo": "colmena", - "rev": "1b3c272b5873f809c18434924d99967c73d4e2cf", + "rev": "fbf25faa241edf4b2285eefe383770ef0851e443", "type": "github" }, "original": { @@ -206,11 +206,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1655171212, - "narHash": "sha256-WWryDfkz5Gg4FnIQDTPKNIB8oQsA81/qxub3cmOqCNc=", + "lastModified": 1656727679, + "narHash": "sha256-Bx4/yN/tYpWxdjq0Sed8O2SOcwRKA6c0ZAERgF51GbI=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "e8521e4982cb0eb8ac1534d137383fd9eff47100", + "rev": "434a0cadd7195cedd0e26fb606980c4f586cb70b", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1655130522, - "narHash": "sha256-5dzlxE4okyu+M39yeVtHWQXzDZQxFF5rUB1iY9R6Lb4=", + "lastModified": 1656461576, + "narHash": "sha256-rlmmw6lIlkMQIiB+NsnO8wQYWTfle8TA41UREPLP5VY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "13f08d71ceff5101321e0291854495a1ec153a5e", + "rev": "cf3ab54b4afe2b7477faa1dd0b65bf74c055d70c", "type": "github" }, "original": { @@ -325,11 +325,11 @@ ] }, "locked": { - "lastModified": 1654872670, - "narHash": "sha256-96CAJ3AujffxOECfEMFvonrznS/xPvP+R6oKYkD3UVw=", + "lastModified": 1655492394, + "narHash": "sha256-bmiET3gLIv6T3+jPJi0hm9GurjwrddlmtuxTpFDYJZw=", "owner": "serokell", "repo": "serokell.nix", - "rev": "faf02c7b2ac9900ae44c2068a10237c5db73f692", + "rev": "ca5235bd249a64991d2e813084aea5d521ca0088", "type": "github" }, "original": { @@ -340,16 +340,16 @@ }, "stable": { "locked": { - "lastModified": 1653996475, - "narHash": "sha256-r/UA7h3Dfgf4dlOCkakpqejf1Tagfb+6T+9OdT0qBgU=", + "lastModified": 1656433693, + "narHash": "sha256-m29hSYsu2U+tnBo5v1/2RGo3lYY6KKb52MHV/89NeCs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ec6eaba9dfcfdd11547d75a193e91e26701bf7e3", + "rev": "babb041b7167008af3faca4c78f9dd8c6e83ef3a", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-21.11", + "ref": "nixos-22.05", "repo": "nixpkgs", "type": "github" } @@ -389,11 +389,11 @@ "flake-utils": "flake-utils" }, "locked": { - "lastModified": 1647259887, - "narHash": "sha256-yEkMbEHVO9qydluQ3uHGWX1PkfZhgDKxnd1rhZYZ72w=", + "lastModified": 1652704544, + "narHash": "sha256-UTKE33tYgCmDszaVyWA33a8mtegM5xfH4fH8w4y6TxA=", "owner": "gytis-ivaskevicius", "repo": "flake-utils-plus", - "rev": "06dba5f3b4fa2cc0bfc98ce9cd6f9a4d8db11d46", + "rev": "f8d6d1f87b6177e3bc674c29f247bdbf897ba274", "type": "github" }, "original": { @@ -412,11 +412,11 @@ ] }, "locked": { - "lastModified": 1633626134, - "narHash": "sha256-fvd+l1iuH+ufwNIt6ppZnIfMs+BEj5dtIAKmGKTbaCQ=", + "lastModified": 1655914948, + "narHash": "sha256-9/NrBoUoVXUSVl6wnbEqrtgs1Yr1Bl/j0WYz7ANZ9tk=", "owner": "serokell", "repo": "vault-secrets", - "rev": "1bf4a02eea83d3042bd3d1e2f2266b15077b48b4", + "rev": "4b8608e48c6748382fa32131d69c2f01a48874ed", "type": "github" }, "original": { diff --git a/flux/bootstrap.sh b/flux/bootstrap.sh index 9316f981..165e7a9e 100755 --- a/flux/bootstrap.sh +++ b/flux/bootstrap.sh @@ -1,2 +1,2 @@ #!/bin/sh -flux bootstrap git --url=ssh://gitea@git.0x76.dev:42/v/infrastructure.git --branch=main --path=flux/cluster/base/ --ssh-key-algorithm=ed25519 --components-extra=image-reflector-controller,image-automation-controller +flux bootstrap git --url=ssh://gitea@git.0x76.dev:42/v/infrastructure.git --branch=main --path=flux/cluster/base/ --ssh-key-algorithm=ed25519 -- 2.47.1 From 3c13bd7d11038cc4e4248776b775701db0aa267e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 18 Jul 2022 16:00:14 +0000 Subject: [PATCH 0327/1882] chore(deps): update helm release authentik to v2022.7.3 --- flux/cluster/apps/authentik/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/authentik/helm-release.yaml b/flux/cluster/apps/authentik/helm-release.yaml index dde6fcdc..2aa2ee8a 100644 --- a/flux/cluster/apps/authentik/helm-release.yaml +++ b/flux/cluster/apps/authentik/helm-release.yaml @@ -9,7 +9,7 @@ spec: spec: # renovate: registryUrl=https://charts.goauthentik.io chart: authentik - version: 2022.7.2 + version: 2022.7.3 sourceRef: kind: HelmRepository name: authentik-charts -- 2.47.1 From fe04f8dcd2dcbe9cb50394d758f0240bbabe1ec5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 18 Jul 2022 10:00:16 +0000 Subject: [PATCH 0328/1882] chore(deps): update dependency fluxcd/flux2 to v0.31.4 --- .../base/flux-system/gotk-components.yaml | 80 +++++++++---------- 1 file changed, 40 insertions(+), 40 deletions(-) diff --git a/flux/cluster/base/flux-system/gotk-components.yaml b/flux/cluster/base/flux-system/gotk-components.yaml index 55e1531f..38db8b82 100644 --- a/flux/cluster/base/flux-system/gotk-components.yaml +++ b/flux/cluster/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.31.3 +# Flux Version: v0.31.4 # Components: source-controller,kustomize-controller,helm-controller,notification-controller,image-reflector-controller,image-automation-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -22,7 +22,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -243,7 +243,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -753,7 +753,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1488,7 +1488,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2054,7 +2054,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -2901,7 +2901,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3389,7 +3389,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: imagepolicies.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3980,7 +3980,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: imagerepositories.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -4567,7 +4567,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: imageupdateautomations.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -5381,7 +5381,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -6503,7 +6503,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6709,7 +6709,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6935,7 +6935,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: helm-controller namespace: flux-system --- @@ -6945,7 +6945,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: image-automation-controller namespace: flux-system --- @@ -6955,7 +6955,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: image-reflector-controller namespace: flux-system --- @@ -6965,7 +6965,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: kustomize-controller namespace: flux-system --- @@ -6975,7 +6975,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: notification-controller namespace: flux-system --- @@ -6985,7 +6985,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: source-controller namespace: flux-system --- @@ -6995,7 +6995,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: crd-controller-flux-system rules: - apiGroups: @@ -7085,7 +7085,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -7105,7 +7105,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -7137,7 +7137,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 control-plane: controller name: notification-controller namespace: flux-system @@ -7157,7 +7157,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 control-plane: controller name: source-controller namespace: flux-system @@ -7177,7 +7177,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 control-plane: controller name: webhook-receiver namespace: flux-system @@ -7197,7 +7197,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 control-plane: controller name: helm-controller namespace: flux-system @@ -7226,7 +7226,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.22.1 + image: ghcr.io/fluxcd/helm-controller:v0.22.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7279,7 +7279,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 control-plane: controller name: image-automation-controller namespace: flux-system @@ -7308,7 +7308,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-automation-controller:v0.23.4 + image: ghcr.io/fluxcd/image-automation-controller:v0.23.5 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7361,7 +7361,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 control-plane: controller name: image-reflector-controller namespace: flux-system @@ -7447,7 +7447,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 control-plane: controller name: kustomize-controller namespace: flux-system @@ -7476,7 +7476,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.26.2 + image: ghcr.io/fluxcd/kustomize-controller:v0.26.3 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7529,7 +7529,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 control-plane: controller name: notification-controller namespace: flux-system @@ -7557,7 +7557,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v0.24.0 + image: ghcr.io/fluxcd/notification-controller:v0.24.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7616,7 +7616,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 control-plane: controller name: source-controller namespace: flux-system @@ -7649,7 +7649,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/source-controller:v0.25.9 + image: ghcr.io/fluxcd/source-controller:v0.25.10 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7709,7 +7709,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: allow-egress namespace: flux-system spec: @@ -7729,7 +7729,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: allow-scraping namespace: flux-system spec: @@ -7749,7 +7749,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.3 + app.kubernetes.io/version: v0.31.4 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From 9594fdd83a8d349503453b5a85b76e64d6de13bb Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 19 Jul 2022 12:30:00 +0200 Subject: [PATCH 0329/1882] update metallb to 0.13.3 with CRDs --- flux/cluster/core/networking/metallb/address-pool.yaml | 8 ++++++++ flux/cluster/core/networking/metallb/helm-release.yaml | 10 +++------- .../cluster/core/networking/metallb/kustomization.yaml | 2 ++ .../core/networking/metallb/l2advertisement.yaml | 8 ++++++++ 4 files changed, 21 insertions(+), 7 deletions(-) create mode 100644 flux/cluster/core/networking/metallb/address-pool.yaml create mode 100644 flux/cluster/core/networking/metallb/l2advertisement.yaml diff --git a/flux/cluster/core/networking/metallb/address-pool.yaml b/flux/cluster/core/networking/metallb/address-pool.yaml new file mode 100644 index 00000000..5a56125e --- /dev/null +++ b/flux/cluster/core/networking/metallb/address-pool.yaml @@ -0,0 +1,8 @@ +apiVersion: metallb.io/v1beta1 +kind: IPAddressPool +metadata: + name: main-pool + namespace: networking +spec: + addresses: + - 10.42.42.150-192.168.42.200 \ No newline at end of file diff --git a/flux/cluster/core/networking/metallb/helm-release.yaml b/flux/cluster/core/networking/metallb/helm-release.yaml index e9d2cfd8..c9cb0361 100644 --- a/flux/cluster/core/networking/metallb/helm-release.yaml +++ b/flux/cluster/core/networking/metallb/helm-release.yaml @@ -10,19 +10,15 @@ spec: spec: # renovate: registryUrl=https://metallb.github.io/metallb chart: metallb - version: 0.12.1 + version: 0.13.3 sourceRef: kind: HelmRepository name: metallb-charts namespace: flux-system interval: 5m values: - configInline: - address-pools: - - name: default - protocol: layer2 - addresses: - - 10.42.42.150-192.168.42.200 + crds: + enabled: true speaker: tolerations: - effect: "NoExecute" diff --git a/flux/cluster/core/networking/metallb/kustomization.yaml b/flux/cluster/core/networking/metallb/kustomization.yaml index 2fa2de20..806406f7 100644 --- a/flux/cluster/core/networking/metallb/kustomization.yaml +++ b/flux/cluster/core/networking/metallb/kustomization.yaml @@ -3,3 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - helm-release.yaml + - address-pool.yaml + - l2advertisement.yaml diff --git a/flux/cluster/core/networking/metallb/l2advertisement.yaml b/flux/cluster/core/networking/metallb/l2advertisement.yaml new file mode 100644 index 00000000..a6215146 --- /dev/null +++ b/flux/cluster/core/networking/metallb/l2advertisement.yaml @@ -0,0 +1,8 @@ +apiVersion: metallb.io/v1beta1 +kind: L2Advertisement +metadata: + name: main-pool + namespace: networking +spec: + ipAddressPools: + - main-pool -- 2.47.1 From c05bb0b1596f1f4f52d3f0ed9336f789de576b9a Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 19 Jul 2022 12:31:49 +0200 Subject: [PATCH 0330/1882] temp disable crds, and enable next run --- flux/cluster/core/networking/metallb/kustomization.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/flux/cluster/core/networking/metallb/kustomization.yaml b/flux/cluster/core/networking/metallb/kustomization.yaml index 806406f7..4fe8d45b 100644 --- a/flux/cluster/core/networking/metallb/kustomization.yaml +++ b/flux/cluster/core/networking/metallb/kustomization.yaml @@ -3,5 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - helm-release.yaml - - address-pool.yaml - - l2advertisement.yaml + # - address-pool.yaml + # - l2advertisement.yaml -- 2.47.1 From de204fd58a3a4a56044473cb6cac70c65ae310cc Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 19 Jul 2022 12:34:10 +0200 Subject: [PATCH 0331/1882] re-enable crds --- flux/cluster/core/networking/metallb/kustomization.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/flux/cluster/core/networking/metallb/kustomization.yaml b/flux/cluster/core/networking/metallb/kustomization.yaml index 4fe8d45b..806406f7 100644 --- a/flux/cluster/core/networking/metallb/kustomization.yaml +++ b/flux/cluster/core/networking/metallb/kustomization.yaml @@ -3,5 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - helm-release.yaml - # - address-pool.yaml - # - l2advertisement.yaml + - address-pool.yaml + - l2advertisement.yaml -- 2.47.1 From 0af1a7756ed212f4a122a2498fb62eab64c69a76 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 19 Jul 2022 12:44:21 +0200 Subject: [PATCH 0332/1882] fix yamllint --- flux/cluster/core/networking/metallb/address-pool.yaml | 2 +- flux/cluster/core/networking/metallb/l2advertisement.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/flux/cluster/core/networking/metallb/address-pool.yaml b/flux/cluster/core/networking/metallb/address-pool.yaml index 5a56125e..22ca7a65 100644 --- a/flux/cluster/core/networking/metallb/address-pool.yaml +++ b/flux/cluster/core/networking/metallb/address-pool.yaml @@ -5,4 +5,4 @@ metadata: namespace: networking spec: addresses: - - 10.42.42.150-192.168.42.200 \ No newline at end of file + - 10.42.42.150-192.168.42.200 diff --git a/flux/cluster/core/networking/metallb/l2advertisement.yaml b/flux/cluster/core/networking/metallb/l2advertisement.yaml index a6215146..c14b1aa4 100644 --- a/flux/cluster/core/networking/metallb/l2advertisement.yaml +++ b/flux/cluster/core/networking/metallb/l2advertisement.yaml @@ -5,4 +5,4 @@ metadata: namespace: networking spec: ipAddressPools: - - main-pool + - main-pool -- 2.47.1 From fa4878203febcb44bb7a4538ca264ec9d145276b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 20 Jul 2022 13:01:18 +0000 Subject: [PATCH 0333/1882] chore(deps): update dependency renovate/renovate to v32.120 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 3d99684f..25c0d9ff 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.119 + image: renovate/renovate:32.120 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From a72a8826f24ccee8e07320ee7c8b47604122a2fe Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 21 Jul 2022 07:01:12 +0000 Subject: [PATCH 0334/1882] chore(deps): update dependency renovate/renovate to v32.121 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 25c0d9ff..794467ae 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.120 + image: renovate/renovate:32.121 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 7f3ca62bdf7c27f94cb5668645545087ab4dcc78 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 21 Jul 2022 15:01:16 +0000 Subject: [PATCH 0335/1882] chore(deps): update dependency renovate/renovate to v32.122 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 794467ae..dd4fd88f 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.121 + image: renovate/renovate:32.122 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 844612db1bf085cbc362c299942f357badbc92ac Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 22 Jul 2022 17:01:13 +0000 Subject: [PATCH 0336/1882] chore(deps): update dependency renovate/renovate to v32.123 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index dd4fd88f..7273832a 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.122 + image: renovate/renovate:32.123 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 2eae877a8c326cbbd15eed09873ce71e0c43729a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 22 Jul 2022 19:02:51 +0000 Subject: [PATCH 0337/1882] chore(deps): update dependency renovate/renovate to v32.125 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 7273832a..68a508c9 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.123 + image: renovate/renovate:32.125 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 341fa94756a6e8db8c782d979232f3564c435003 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 24 Jul 2022 10:01:13 +0000 Subject: [PATCH 0338/1882] chore(deps): update dependency renovate/renovate to v32.126 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 68a508c9..53bd5d3b 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.125 + image: renovate/renovate:32.126 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From a765cf643b3fa7c05259af52a7244c87af5f563b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 24 Jul 2022 21:01:12 +0000 Subject: [PATCH 0339/1882] chore(deps): update dependency renovate/renovate to v32.127 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 53bd5d3b..371f025b 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.126 + image: renovate/renovate:32.127 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From b03ccf60c5b7d985eec61a4fc08d1487370d0927 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 26 Jul 2022 14:01:20 +0000 Subject: [PATCH 0340/1882] chore(deps): update dependency renovate/renovate to v32.131 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 371f025b..47d537f6 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.127 + image: renovate/renovate:32.131 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From a852b22c406c30685c7cf6d8323135ea45d467d1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 26 Jul 2022 21:00:22 +0000 Subject: [PATCH 0341/1882] chore(deps): update terraform vault to v3.8.0 --- terraform/.terraform.lock.hcl | 26 +++++++++++++------------- terraform/versions.tf | 2 +- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl index ec94e5b3..5172ff14 100644 --- a/terraform/.terraform.lock.hcl +++ b/terraform/.terraform.lock.hcl @@ -2,20 +2,20 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/vault" { - version = "3.7.0" - constraints = "3.7.0" + version = "3.8.0" + constraints = "3.8.0" hashes = [ - "h1:1iaCuOSuivmE5uQLDi5uAh8IWWCBhx6um/wrR8PbwM8=", - "h1:A0gfpK/2twePnZsXRO0bwZUu66FIXZfI5jRvDufbTQE=", - "h1:BTzld8ynMono7s5SPlJ5m7lSShcVDsGk99Z4rg588Fc=", - "h1:EZMX/TxwqGOOletzDSyXYzjVdHZStA1spCTvhSkevZU=", - "h1:NGDad23y/OaHFvAv1azAB16Rbc07YaQ15wfvSvdTlSA=", - "h1:UsdBM6FUwdSyH4gnFsPnDEmmZd136bZh+s0oV9SF87c=", - "h1:dJ75Fouc/4lWGII4LGV2YZUMYiYahGULpjDbC6cgSTU=", - "h1:gAJqiShSzKBi77avwgXYetL8mJwU+k6qaZAI+IDrf6c=", - "h1:idawLPCbZgHIb+NRLJs4YdIcQgACqYiT5VwQfChkn+w=", - "h1:tpJRzoeSYrvlgwnHpC1xZ+oSZEcx19sgu7rpXAFqGzk=", - "h1:yzVlnIzvioNnoVi7rDiOl9oXni4SKbEAcPiovJG6kKM=", + "h1:7fwbqW8EpFSgGmp23JCn01OSzjp/bJA5jCXqaAMpfIs=", + "h1:8lg4gIGn8DCwvJHAJEFfQNVzYOZO7f6y7o4hEvvGZXM=", + "h1:AdhWQXOClR+vhEw086YTTfqGh2KrBwqZQQETTugQ2hA=", + "h1:F+1vJ14D9nNx3sNrCbKxvpJZ+QnVmD1p/ITbYPlkRg4=", + "h1:PpBRbK394epLJrYBANF5AsmqN3OPsDxk15NGS1Q2LIs=", + "h1:T4UoPuJbAio9ZML6vpNV4bIe5Tp6f5UFGTRBtkEv/vM=", + "h1:WL4JpK+LTxmTaNNXKprpHrMMzENYyQTBLal0fHVweE4=", + "h1:eHd28140YcjNCU9HtdZ8M1Mdb17XroVUoI2UIyqo7hE=", + "h1:luFm8DTlv6WPReGc3LDMCwt6LfBuHXJL4AV2ET4gNJQ=", + "h1:vsEgjE+Rad+XqL1Xav3WJyw1+A4dxl30pWwX2+y4I9k=", + "h1:yUcSQPjRUtow4vSEjM3a7ZhxAXXuehBXMQE4X2BKk3w=", ] } diff --git a/terraform/versions.tf b/terraform/versions.tf index 9b0b4c68..0dc7eddc 100644 --- a/terraform/versions.tf +++ b/terraform/versions.tf @@ -6,7 +6,7 @@ terraform { } vault = { source = "hashicorp/vault" - version = "3.7.0" + version = "3.8.0" } } } -- 2.47.1 From 48c731e312da252768f725870f2dc743c317bd9d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 21 Jul 2022 13:00:15 +0000 Subject: [PATCH 0342/1882] chore(deps): update helm release metallb to v0.13.4 --- flux/cluster/core/networking/metallb/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/core/networking/metallb/helm-release.yaml b/flux/cluster/core/networking/metallb/helm-release.yaml index c9cb0361..f1a00d8f 100644 --- a/flux/cluster/core/networking/metallb/helm-release.yaml +++ b/flux/cluster/core/networking/metallb/helm-release.yaml @@ -10,7 +10,7 @@ spec: spec: # renovate: registryUrl=https://metallb.github.io/metallb chart: metallb - version: 0.13.3 + version: 0.13.4 sourceRef: kind: HelmRepository name: metallb-charts -- 2.47.1 From 2c75254526b1c26657399cfa81ce06cd0538671f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 25 Jul 2022 14:00:16 +0000 Subject: [PATCH 0343/1882] chore(deps): update helm release drone-runner-kube to v0.1.10 --- flux/cluster/apps/gitops/drone/runner.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/drone/runner.yaml b/flux/cluster/apps/gitops/drone/runner.yaml index 840ae5e0..abb0e97b 100644 --- a/flux/cluster/apps/gitops/drone/runner.yaml +++ b/flux/cluster/apps/gitops/drone/runner.yaml @@ -8,7 +8,7 @@ spec: chart: spec: chart: drone-runner-kube - version: 0.1.9 + version: 0.1.10 sourceRef: kind: HelmRepository name: drone-charts -- 2.47.1 From 3e12bec972947c58d74a20e493843414feb650ba Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 20 Jul 2022 09:00:16 +0000 Subject: [PATCH 0344/1882] chore(deps): update helm values ghcr.io/goauthentik/server to v2022.7.3 --- flux/cluster/apps/authentik/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/authentik/helm-release.yaml b/flux/cluster/apps/authentik/helm-release.yaml index 2aa2ee8a..c21a4815 100644 --- a/flux/cluster/apps/authentik/helm-release.yaml +++ b/flux/cluster/apps/authentik/helm-release.yaml @@ -24,7 +24,7 @@ spec: values: image: repository: ghcr.io/goauthentik/server - tag: 2022.7.2 + tag: 2022.7.3 authentik: error_reporting: enabled: true -- 2.47.1 From d8d537e324ee1ec024de18f506cd2cd703d29ad5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 27 Jul 2022 17:00:18 +0000 Subject: [PATCH 0345/1882] chore(deps): update dependency fluxcd/flux2 to v0.31.5 --- .../base/flux-system/gotk-components.yaml | 74 +++++++++---------- 1 file changed, 37 insertions(+), 37 deletions(-) diff --git a/flux/cluster/base/flux-system/gotk-components.yaml b/flux/cluster/base/flux-system/gotk-components.yaml index 38db8b82..cfab466b 100644 --- a/flux/cluster/base/flux-system/gotk-components.yaml +++ b/flux/cluster/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.31.4 +# Flux Version: v0.31.5 # Components: source-controller,kustomize-controller,helm-controller,notification-controller,image-reflector-controller,image-automation-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -22,7 +22,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -243,7 +243,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -753,7 +753,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1488,7 +1488,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2054,7 +2054,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -2901,7 +2901,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3389,7 +3389,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: imagepolicies.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3980,7 +3980,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: imagerepositories.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -4567,7 +4567,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: imageupdateautomations.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -5381,7 +5381,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -6503,7 +6503,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6709,7 +6709,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6935,7 +6935,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: helm-controller namespace: flux-system --- @@ -6945,7 +6945,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: image-automation-controller namespace: flux-system --- @@ -6955,7 +6955,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: image-reflector-controller namespace: flux-system --- @@ -6965,7 +6965,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: kustomize-controller namespace: flux-system --- @@ -6975,7 +6975,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: notification-controller namespace: flux-system --- @@ -6985,7 +6985,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: source-controller namespace: flux-system --- @@ -6995,7 +6995,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: crd-controller-flux-system rules: - apiGroups: @@ -7085,7 +7085,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -7105,7 +7105,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -7137,7 +7137,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 control-plane: controller name: notification-controller namespace: flux-system @@ -7157,7 +7157,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 control-plane: controller name: source-controller namespace: flux-system @@ -7177,7 +7177,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 control-plane: controller name: webhook-receiver namespace: flux-system @@ -7197,7 +7197,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 control-plane: controller name: helm-controller namespace: flux-system @@ -7279,7 +7279,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 control-plane: controller name: image-automation-controller namespace: flux-system @@ -7361,7 +7361,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 control-plane: controller name: image-reflector-controller namespace: flux-system @@ -7390,7 +7390,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-reflector-controller:v0.19.2 + image: ghcr.io/fluxcd/image-reflector-controller:v0.19.4 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7447,7 +7447,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 control-plane: controller name: kustomize-controller namespace: flux-system @@ -7529,7 +7529,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 control-plane: controller name: notification-controller namespace: flux-system @@ -7616,7 +7616,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 control-plane: controller name: source-controller namespace: flux-system @@ -7649,7 +7649,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/source-controller:v0.25.10 + image: ghcr.io/fluxcd/source-controller:v0.25.11 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7709,7 +7709,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: allow-egress namespace: flux-system spec: @@ -7729,7 +7729,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: allow-scraping namespace: flux-system spec: @@ -7749,7 +7749,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.4 + app.kubernetes.io/version: v0.31.5 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From 0bbea5954ccd625e8383ccd60490d0ac1bb4eac8 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 28 Jul 2022 12:36:55 +0200 Subject: [PATCH 0346/1882] pre-commit synapse --- flake.lock | 30 +++++++++++++------------- hosts.nix | 6 ++++++ nixos/hosts/bastion/configuration.nix | 4 ++++ nixos/hosts/hedgedoc/configuration.nix | 6 +++--- nixos/hosts/synapse/configuration.nix | 24 +++++++++++++++++++++ 5 files changed, 52 insertions(+), 18 deletions(-) create mode 100644 nixos/hosts/synapse/configuration.nix diff --git a/flake.lock b/flake.lock index 876e5cf7..954eac31 100644 --- a/flake.lock +++ b/flake.lock @@ -10,11 +10,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1656722469, - "narHash": "sha256-NGSX4B4hQzJcNGMZU4FO+V7AZiJHWGNR5PqwJvOSIyI=", + "lastModified": 1658094154, + "narHash": "sha256-9g9hZ27VxPDqOM+v+JUVV5XkYCjnu7yWrOPV/zIgBYA=", "owner": "zhaofengli", "repo": "colmena", - "rev": "fbf25faa241edf4b2285eefe383770ef0851e443", + "rev": "5d2f12851596678316ed1f0b53ff1ec624d5ebac", "type": "github" }, "original": { @@ -206,11 +206,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1656727679, - "narHash": "sha256-Bx4/yN/tYpWxdjq0Sed8O2SOcwRKA6c0ZAERgF51GbI=", + "lastModified": 1658982026, + "narHash": "sha256-P5SjpQsfmLWKqmFUewkYgW3vd7UW5gBtatw2ZYJ3+N4=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "434a0cadd7195cedd0e26fb606980c4f586cb70b", + "rev": "30a8e061a1cd578dae6f54172d6932dfb075e765", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1656461576, - "narHash": "sha256-rlmmw6lIlkMQIiB+NsnO8wQYWTfle8TA41UREPLP5VY=", + "lastModified": 1658826464, + "narHash": "sha256-94ZTF0uIX/iZdiD4RJ5f933ak/OM4XLl7hF+gCa4Iuk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "cf3ab54b4afe2b7477faa1dd0b65bf74c055d70c", + "rev": "ce49cb7792a7ffd65ef352dda1110a4e4a204eac", "type": "github" }, "original": { @@ -325,11 +325,11 @@ ] }, "locked": { - "lastModified": 1655492394, - "narHash": "sha256-bmiET3gLIv6T3+jPJi0hm9GurjwrddlmtuxTpFDYJZw=", + "lastModified": 1657869996, + "narHash": "sha256-RWgKXjdAm+kpk45uKnJMcjNcxzmLyRbg5XAH7aLEruU=", "owner": "serokell", "repo": "serokell.nix", - "rev": "ca5235bd249a64991d2e813084aea5d521ca0088", + "rev": "599cef82b41643f529a23e5be3955f567c979ec0", "type": "github" }, "original": { @@ -389,11 +389,11 @@ "flake-utils": "flake-utils" }, "locked": { - "lastModified": 1652704544, - "narHash": "sha256-UTKE33tYgCmDszaVyWA33a8mtegM5xfH4fH8w4y6TxA=", + "lastModified": 1657226504, + "narHash": "sha256-GIYNjuq4mJlFgqKsZ+YrgzWm0IpA4axA3MCrdKYj7gs=", "owner": "gytis-ivaskevicius", "repo": "flake-utils-plus", - "rev": "f8d6d1f87b6177e3bc674c29f247bdbf897ba274", + "rev": "2bf0f91643c2e5ae38c1b26893ac2927ac9bd82a", "type": "github" }, "original": { diff --git a/hosts.nix b/hosts.nix index a4d23b3f..196efaec 100644 --- a/hosts.nix +++ b/hosts.nix @@ -126,6 +126,12 @@ ip = "10.42.42.26"; mac = "CE:6E:96:87:18:1B"; } + { + hostname = "bookwyrm"; + ip = "10.42.42.27"; + mac = "9E:8A:6C:39:27:DE"; + nix = false; + } { hostname = "nuc"; ip = "10.42.42.42"; diff --git a/nixos/hosts/bastion/configuration.nix b/nixos/hosts/bastion/configuration.nix index ce4b96c5..c26cc8f6 100644 --- a/nixos/hosts/bastion/configuration.nix +++ b/nixos/hosts/bastion/configuration.nix @@ -6,9 +6,13 @@ let fix-vscode = pkgs.writeScriptBin "fix-vscode" '' #!${pkgs.stdenv.shell} + # Check if vscode-server dir exists if [[ -d "$HOME/.vscode-server/bin" ]]; then + # For every bin folder within for versiondir in "$HOME"/.vscode-server/bin/*; do + # Remove bundled node (dynamic links are borked for nix) rm "$versiondir/node" + # symlink node form the nixpkg ln -s "${pkgs.nodejs-16_x}/bin/node" "$versiondir/node" done fi diff --git a/nixos/hosts/hedgedoc/configuration.nix b/nixos/hosts/hedgedoc/configuration.nix index c3d04291..dbb8dd3f 100644 --- a/nixos/hosts/hedgedoc/configuration.nix +++ b/nixos/hosts/hedgedoc/configuration.nix @@ -26,7 +26,7 @@ in environment.noXlibs = lib.mkForce false; - networking.firewall.allowedTCPPorts = [ config.services.hedgedoc.configuration.port ]; + networking.firewall.allowedTCPPorts = [ config.services.hedgedoc.settings.port ]; vault-secrets.secrets.hedgedoc = { }; @@ -46,7 +46,7 @@ in services.hedgedoc = { enable = true; environmentFile = "${vs.hedgedoc}/environment"; - configuration = { + settings = { host = "0.0.0.0"; port = 3000; sessionSecret = "$SESSION_SECRET"; @@ -54,7 +54,7 @@ in protocolUseSSL = true; hsts.enable = true; allowOrigin = [ - config.services.hedgedoc.configuration.domain + config.services.hedgedoc.settings.domain "hedgedoc" ]; allowAnonymous = false; diff --git a/nixos/hosts/synapse/configuration.nix b/nixos/hosts/synapse/configuration.nix new file mode 100644 index 00000000..0d255400 --- /dev/null +++ b/nixos/hosts/synapse/configuration.nix @@ -0,0 +1,24 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = [ ]; + + networking.hostName = "synapse"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ ]; +} -- 2.47.1 From 6e3b07a67fc37d1a00110ed065b0b733b8cb60d7 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 28 Jul 2022 14:23:32 +0200 Subject: [PATCH 0347/1882] setup matrix/synapse --- hosts.nix | 5 +++ nixos/hosts/nginx/configuration.nix | 27 +++++++++++++ nixos/hosts/synapse/configuration.nix | 57 ++++++++++++++++++++++++++- 3 files changed, 87 insertions(+), 2 deletions(-) diff --git a/hosts.nix b/hosts.nix index 196efaec..63d9d40c 100644 --- a/hosts.nix +++ b/hosts.nix @@ -132,6 +132,11 @@ mac = "9E:8A:6C:39:27:DE"; nix = false; } + { + hostname = "synapse"; + ip = "10.42.42.28"; + mac = "9E:86:D3:46:EE:AE"; + } { hostname = "nuc"; ip = "10.42.42.42"; diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index 949c5b72..aa77cfc9 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -9,6 +9,16 @@ let }; }; k8s_proxy = proxy "http://10.42.42.150:8000/"; + clientConfig = { + "m.homeserver".base_url = "https://chat.meowy.tech"; + "m.identity_server" = {}; + }; + serverConfig."m.server" = "chat.meowy.tech:443"; + mkWellKnown = data: '' + add_header Content-Type application/json; + add_header Access-Control-Allow-Origin *; + return 200 '${builtins.toJSON data}'; + ''; in { networking.hostName = "nginx"; @@ -43,6 +53,23 @@ in virtualHosts."git.0x76.dev" = proxy "http://gitea.olympus:3000"; virtualHosts."o.0x76.dev" = proxy "http://minio.olympus:9000"; + # Meow + virtualHosts."meowy.tech" = { + enableACME = true; + forceSSL = true; + locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig; + locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig; + }; + virtualHosts."chat.meowy.tech" = { + enableACME = true; + forceSSL = true; + locations."/".extraConfig = '' + return 404; + ''; + locations."/_matrix".proxyPass = "http://synapse.olympus:8008"; + locations."/_synapse/client".proxyPass = "http://synapse.olympus:8008"; + }; + # Kubernetes endpoints virtualHosts."0x76.dev" = k8s_proxy; virtualHosts."drone.0x76.dev" = k8s_proxy; diff --git a/nixos/hosts/synapse/configuration.nix b/nixos/hosts/synapse/configuration.nix index 0d255400..2d909a2f 100644 --- a/nixos/hosts/synapse/configuration.nix +++ b/nixos/hosts/synapse/configuration.nix @@ -3,7 +3,10 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: - +let + vs = config.vault-secrets.secrets; + port = 8008; +in { imports = [ ]; @@ -20,5 +23,55 @@ # Additional packages environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ ]; + networking.firewall.allowedTCPPorts = [ port ]; + + vault-secrets.secrets.synapse = { + user = "matrix-synapse"; + group = "matrix-synapse"; + services = [ "matrix-synapse" ]; + }; + + services.postgresql = { + enable = true; + initialScript = pkgs.writeText "synapse-init.sql" '' + CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse'; + CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" + TEMPLATE template0 + LC_COLLATE = "C" + LC_CTYPE = "C"; + ''; + }; + + services.matrix-synapse = { + enable = true; + withJemalloc = true; + + extraConfigFiles = [ + "${vs.synapse}/macaroon_secret_key" + "${vs.synapse}/registration_shared_secret" + "${vs.synapse}/form_secret" + "${vs.synapse}/turn_shared_secret" + ]; + + settings = + { + server_name = "meowy.tech"; + public_baseurl = "https://chat.meowy.tech"; + listeners = [ + { + inherit port; + bind_addresses = [ "0.0.0.0" ]; + type = "http"; + tls = false; + x_forwarded = true; + resources = [ + { + names = [ "client" "federation" ]; + compress = true; + } + ]; + } + ]; + }; + }; } -- 2.47.1 From 2d85d6179334093a099f1dbbc5ce6e356b1d6e39 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 28 Jul 2022 17:01:28 +0200 Subject: [PATCH 0348/1882] finish up synapse --- nixos/hosts/nginx/configuration.nix | 30 ++++++++++-- nixos/hosts/synapse/configuration.nix | 70 +++++++++++++++------------ 2 files changed, 66 insertions(+), 34 deletions(-) diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index aa77cfc9..170a2ced 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -10,8 +10,11 @@ let }; k8s_proxy = proxy "http://10.42.42.150:8000/"; clientConfig = { - "m.homeserver".base_url = "https://chat.meowy.tech"; - "m.identity_server" = {}; + "m.homeserver" = { + base_url = "https://chat.meowy.tech"; + server_name = "meowy.tech"; + }; + "m.identity_server" = { }; }; serverConfig."m.server" = "chat.meowy.tech:443"; mkWellKnown = data: '' @@ -57,6 +60,10 @@ in virtualHosts."meowy.tech" = { enableACME = true; forceSSL = true; + locations."/".extraConfig = '' + add_header Content-Type 'text/html; charset=UTF-8'; + return 200 meow; + ''; locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig; locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig; }; @@ -64,11 +71,28 @@ in enableACME = true; forceSSL = true; locations."/".extraConfig = '' - return 404; + return 307 https://element.chat.meowy.tech; ''; locations."/_matrix".proxyPass = "http://synapse.olympus:8008"; locations."/_synapse/client".proxyPass = "http://synapse.olympus:8008"; }; + virtualHosts."element.chat.meowy.tech" = { + enableACME = true; + forceSSL = true; + + root = pkgs.element-web.override { + conf = { + default_server_config = clientConfig; + show_labs_settings = true; + brand = "chat.meowy.tech"; + }; + }; + }; + virtualHosts."admin.chat.meowy.tech" = { + enableACME = true; + forceSSL = true; + root = pkgs.synapse-admin; + }; # Kubernetes endpoints virtualHosts."0x76.dev" = k8s_proxy; diff --git a/nixos/hosts/synapse/configuration.nix b/nixos/hosts/synapse/configuration.nix index 2d909a2f..677003fc 100644 --- a/nixos/hosts/synapse/configuration.nix +++ b/nixos/hosts/synapse/configuration.nix @@ -29,7 +29,7 @@ in user = "matrix-synapse"; group = "matrix-synapse"; services = [ "matrix-synapse" ]; - }; + }; services.postgresql = { enable = true; @@ -42,36 +42,44 @@ in ''; }; - services.matrix-synapse = { - enable = true; - withJemalloc = true; + services.matrix-synapse = + let + extraConfig = builtins.toFile "extraConfig.yaml" '' + registration_requires_token: true + ''; + in + { + enable = true; + withJemalloc = true; - extraConfigFiles = [ - "${vs.synapse}/macaroon_secret_key" - "${vs.synapse}/registration_shared_secret" - "${vs.synapse}/form_secret" - "${vs.synapse}/turn_shared_secret" - ]; + extraConfigFiles = [ + "${vs.synapse}/macaroon_secret_key" + "${vs.synapse}/registration_shared_secret" + "${vs.synapse}/form_secret" + "${vs.synapse}/turn_shared_secret" + extraConfig + ]; - settings = - { - server_name = "meowy.tech"; - public_baseurl = "https://chat.meowy.tech"; - listeners = [ - { - inherit port; - bind_addresses = [ "0.0.0.0" ]; - type = "http"; - tls = false; - x_forwarded = true; - resources = [ - { - names = [ "client" "federation" ]; - compress = true; - } - ]; - } - ]; - }; - }; + settings = + { + server_name = "meowy.tech"; + enable_registration = true; + public_baseurl = "https://chat.meowy.tech"; + listeners = [ + { + inherit port; + bind_addresses = [ "0.0.0.0" ]; + type = "http"; + tls = false; + x_forwarded = true; + resources = [ + { + names = [ "client" "federation" ]; + compress = true; + } + ]; + } + ]; + }; + }; } -- 2.47.1 From 8978dd5b8cdcb71dba88e20ee456ea338575f72e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 28 Jul 2022 17:01:13 +0000 Subject: [PATCH 0349/1882] chore(deps): update dependency renovate/renovate to v32.132 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 47d537f6..06594378 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.131 + image: renovate/renovate:32.132 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From b108d02f59071136e874a31d23157d82f60790a3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 28 Jul 2022 20:01:15 +0000 Subject: [PATCH 0350/1882] chore(deps): update dependency renovate/renovate to v32.133 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index 06594378..f02c6eb0 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.132 + image: renovate/renovate:32.133 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From bf21b3b7c8647158d5c1377e10c9b098ad0eed56 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 29 Jul 2022 13:02:03 +0200 Subject: [PATCH 0351/1882] add synapse metrics --- nixos/common/services/vmagent.nix | 61 ++++++++++--------- nixos/hosts/nginx/configuration.nix | 2 +- nixos/hosts/synapse/configuration.nix | 16 ++++- nixos/hosts/victoriametrics/configuration.nix | 23 ++++++- nixos/pkgs/default.nix | 2 + nixos/pkgs/vmagent/default.nix | 23 +++++++ 6 files changed, 95 insertions(+), 32 deletions(-) create mode 100644 nixos/pkgs/vmagent/default.nix diff --git a/nixos/common/services/vmagent.nix b/nixos/common/services/vmagent.nix index 5ca3e4c9..31c2723e 100644 --- a/nixos/common/services/vmagent.nix +++ b/nixos/common/services/vmagent.nix @@ -1,7 +1,10 @@ { config, pkgs, lib, ... }: with lib; -let cfg = config.services.vmagent; -in { +let + cfg = config.services.vmagent; + settingsFormat = pkgs.formats.json { }; +in +{ options.services.vmagent = { enable = mkEnableOption "vmagent"; @@ -22,8 +25,8 @@ in { }; package = mkOption { - default = pkgs.v.vmagent; - defaultText = "pkgs.v.vmagent"; + default = pkgs.vmagent; + defaultText = "pkgs.vmagent"; type = types.package; description = '' vmagent package to use. @@ -47,16 +50,17 @@ in { }; prometheusConfig = mkOption { - default = ""; - type = types.str; - example = '' - global: - scrape_interval: 5s - scrape_configs: - - job_name: 'apache' - static_configs: - - targets: ['apache-exporter:9117'] - ''; + type = lib.types.submodule { + freeformType = settingsFormat.type; + }; + # example = '' + # global: + # scrape_interval: 5s + # scrape_configs: + # - job_name: 'apache' + # static_configs: + # - targets: ['apache-exporter:9117'] + # ''; description = '' Config for prometheus style metrics ''; @@ -90,21 +94,22 @@ in { networking.firewall.allowedTCPPorts = mkIf (cfg.openFirewall) [ 8429 ]; # The actual service - systemd.services.vmagent = let prometheusConfig = pkgs.writeText "prometheus.yml" cfg.prometheusConfig; - in { - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; - description = "vmagent system service"; - serviceConfig = { - User = cfg.user; - Group = cfg.group; - Type = "simple"; - Restart = "on-failure"; - WorkingDirectory = cfg.dataDir; - ExecStart = - "${cfg.package}/bin/vmagent -remoteWrite.url=${cfg.remoteWriteUrl} -promscrape.config=${prometheusConfig}"; + systemd.services.vmagent = + let prometheusConfig = settingsFormat.generate "prometheusConfig.yaml" cfg.prometheusConfig; + in { + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + description = "vmagent system service"; + serviceConfig = { + User = cfg.user; + Group = cfg.group; + Type = "simple"; + Restart = "on-failure"; + WorkingDirectory = cfg.dataDir; + ExecStart = + "${cfg.package}/bin/vmagent -remoteWrite.url=${cfg.remoteWriteUrl} -promscrape.config=${prometheusConfig}"; + }; }; - }; systemd.tmpfiles.rules = [ "d '${cfg.dataDir}' 0755 ${cfg.user} ${cfg.group} -" ]; }; diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index 170a2ced..c11fa6a4 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -62,7 +62,7 @@ in forceSSL = true; locations."/".extraConfig = '' add_header Content-Type 'text/html; charset=UTF-8'; - return 200 meow; + return 200 '

meow

'; ''; locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig; locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig; diff --git a/nixos/hosts/synapse/configuration.nix b/nixos/hosts/synapse/configuration.nix index 677003fc..84d2e724 100644 --- a/nixos/hosts/synapse/configuration.nix +++ b/nixos/hosts/synapse/configuration.nix @@ -6,6 +6,7 @@ let vs = config.vault-secrets.secrets; port = 8008; + metricsPort = 9000; in { imports = [ ]; @@ -23,7 +24,7 @@ in # Additional packages environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ port ]; + networking.firewall.allowedTCPPorts = [ port metricsPort ]; vault-secrets.secrets.synapse = { user = "matrix-synapse"; @@ -65,6 +66,7 @@ in server_name = "meowy.tech"; enable_registration = true; public_baseurl = "https://chat.meowy.tech"; + enable_metrics = true; listeners = [ { inherit port; @@ -79,6 +81,18 @@ in } ]; } + { + port = metricsPort; + bind_addresses = [ "0.0.0.0" ]; + type = "metrics"; + tls = false; + resources = [ + { + names = [ "metrics" ]; + compress = false; + } + ]; + } ]; }; }; diff --git a/nixos/hosts/victoriametrics/configuration.nix b/nixos/hosts/victoriametrics/configuration.nix index 6d4b4d23..5fd05325 100644 --- a/nixos/hosts/victoriametrics/configuration.nix +++ b/nixos/hosts/victoriametrics/configuration.nix @@ -6,7 +6,8 @@ let vmPort = 8428; vs = config.vault-secrets.secrets; -in { +in +{ imports = [ ]; networking.hostName = "victoriametrics"; @@ -32,7 +33,25 @@ in { retentionPeriod = 12; }; - vault-secrets.secrets.grafana = { + services.vmagent = { + enable = true; + openFirewall = true; + prometheusConfig = { + global.scrape_interval = "5s"; + scrape_configs = [ + { + job_name = "synapse"; + metrics_path = "/_synapse/metrics"; + static_configs = [{ + targets = [ "synapse.olympus:9000" ]; + labels.app = "synapse"; + }]; + } + ]; + }; + }; + + vault-secrets.secrets.grafana = { user = "grafana"; group = "grafana"; }; diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index feb82c26..f9333741 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -6,6 +6,8 @@ final: prev: { ''; }); + vmagent = prev.callPackage ./vmagent { }; + v = { unbound = prev.unbound.override { withSystemd = true; diff --git a/nixos/pkgs/vmagent/default.nix b/nixos/pkgs/vmagent/default.nix new file mode 100644 index 00000000..2a1984dc --- /dev/null +++ b/nixos/pkgs/vmagent/default.nix @@ -0,0 +1,23 @@ +{ lib, fetchFromGitHub, buildGoModule }: +buildGoModule rec { + pname = "vmagent"; + version = "1.79.0"; + + src = fetchFromGitHub { + owner = "VictoriaMetrics"; + repo = "VictoriaMetrics"; + rev = "v${version}"; + sha256 = "sha256-+LirbGbKeazXMtgVh5kZP+KEk/fDbSxceZ26OlE0hbY="; + }; + + vendorSha256 = null; + + subPackages = [ "app/vmagent" ]; + + meta = with lib; { + description = "VictoriaMetrics metrics scraper"; + homepage = "https://github.com/VictoriaMetrics/VictoriaMetrics/tree/master/app/vmagent"; + license = licenses.asl20; + platforms = platforms.linux; + }; +} -- 2.47.1 From 1461f863bddfcb57782a019c21e243c7e3097eb3 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 29 Jul 2022 21:43:49 +0200 Subject: [PATCH 0352/1882] add laura vpn clinet --- flake.lock | 12 ++++++------ hosts.nix | 1 + nixos/hosts/nginx/configuration.nix | 1 + nixos/hosts/victoriametrics/configuration.nix | 7 ++++++- nixos/hosts/wireguard/configuration.nix | 5 +++++ 5 files changed, 19 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index 954eac31..474ac5b9 100644 --- a/flake.lock +++ b/flake.lock @@ -206,11 +206,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1658982026, - "narHash": "sha256-P5SjpQsfmLWKqmFUewkYgW3vd7UW5gBtatw2ZYJ3+N4=", + "lastModified": 1659059370, + "narHash": "sha256-JrD97kjloTgkuHRCHbvTCFJLnRQTICYwbR4QzXk6nnU=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "30a8e061a1cd578dae6f54172d6932dfb075e765", + "rev": "927bd0ae6473b431ccab8aff20eb04eb4323d627", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1658826464, - "narHash": "sha256-94ZTF0uIX/iZdiD4RJ5f933ak/OM4XLl7hF+gCa4Iuk=", + "lastModified": 1658985157, + "narHash": "sha256-f8JN0mQGSaEfw6HjMST0yViBTln/kzfTxe+qHutzvEI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "ce49cb7792a7ffd65ef352dda1110a4e4a204eac", + "rev": "bba87fc2a33618d86233fbdddc6b84971e6b5558", "type": "github" }, "original": { diff --git a/hosts.nix b/hosts.nix index 63d9d40c..3bc4bc37 100644 --- a/hosts.nix +++ b/hosts.nix @@ -99,6 +99,7 @@ hostname = "minecraft"; ip = "10.42.42.21"; mac = "EA:30:73:E4:B6:69"; + nix = false; } { hostname = "gitea"; diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index c11fa6a4..0cd0c544 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -55,6 +55,7 @@ in virtualHosts."md.0x76.dev" = proxy "http://hedgedoc.olympus:3000/"; virtualHosts."git.0x76.dev" = proxy "http://gitea.olympus:3000"; virtualHosts."o.0x76.dev" = proxy "http://minio.olympus:9000"; + virtualHosts."grafana.0x76.dev" = proxy "http://victoriametrics.olympus:2342"; # Meow virtualHosts."meowy.tech" = { diff --git a/nixos/hosts/victoriametrics/configuration.nix b/nixos/hosts/victoriametrics/configuration.nix index 5fd05325..22350d2b 100644 --- a/nixos/hosts/victoriametrics/configuration.nix +++ b/nixos/hosts/victoriametrics/configuration.nix @@ -37,7 +37,10 @@ in enable = true; openFirewall = true; prometheusConfig = { - global.scrape_interval = "5s"; + global = { + scrape_interval = "1m"; + scrape_timeout = "30s"; + }; scrape_configs = [ { job_name = "synapse"; @@ -60,6 +63,8 @@ in enable = true; addr = "0.0.0.0"; port = 2342; + domain = "grafana.0x76.dev"; + rootUrl = "https://grafana.0x76.dev"; security.adminPasswordFile = "${vs.grafana}/password"; }; } diff --git a/nixos/hosts/wireguard/configuration.nix b/nixos/hosts/wireguard/configuration.nix index 68c4554f..b83c4988 100644 --- a/nixos/hosts/wireguard/configuration.nix +++ b/nixos/hosts/wireguard/configuration.nix @@ -45,6 +45,11 @@ let vs = config.vault-secrets.secrets; in publicKey = "K+99mvSYs4urcclreQDLA1pekD4xtu/mpS2uVWw8Bws="; allowedIPs = [ "10.100.0.2/32" ]; } + { + # Laura's laptop + publicKey = "ZWIaDGrASlTkEK75j10VeGCvrIGfpk4GPobmqcYX2D0="; + allowedIPs = [ "10.100.0.3/32" ]; + } ]; }; } -- 2.47.1 From c98052d1562555151eadb6bebb332cae658ef2c2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 29 Jul 2022 20:01:16 +0000 Subject: [PATCH 0353/1882] chore(deps): update dependency renovate/renovate to v32.134 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index f02c6eb0..e6c5baf7 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.133 + image: renovate/renovate:32.134 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 7f7a6432bf1fc1f0b9f30499c014dbddb9f58977 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 19 Jul 2022 10:40:55 +0000 Subject: [PATCH 0354/1882] chore(deps): update helm release drone to v0.5.0 --- flux/cluster/apps/gitops/drone/server.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/drone/server.yaml b/flux/cluster/apps/gitops/drone/server.yaml index a40f179c..e435144b 100644 --- a/flux/cluster/apps/gitops/drone/server.yaml +++ b/flux/cluster/apps/gitops/drone/server.yaml @@ -8,7 +8,7 @@ spec: chart: spec: chart: drone - version: 0.3.1 + version: 0.5.0 sourceRef: kind: HelmRepository name: drone-charts -- 2.47.1 From 0e203b6ecabe0ada678bc7acb1dd90091d5581ed Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 30 Jul 2022 12:22:08 +0200 Subject: [PATCH 0355/1882] updated common config --- nixos/common/users/default.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index 8f7f6f11..96ae9ceb 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -21,7 +21,7 @@ # otherwise it'll override the grml prompt promptInit = ""; }; - + environment.pathsToLink = [ "/share/zsh" ]; # Install Neovim and set it as alias for vi(m) @@ -44,6 +44,7 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOFuxekX5WzX4GjbshtjaGyQcvMUgClugnK6T+OYIxw9 victor@null" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8llUcEBHsLqotFZc++LNP2fjItuuzeUsu5ObXecYNj victor@eevee" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBhJAp7NWlHgwDYd2z6VNROy5RkeZHRINFLsFvwT4b3 victor@bastion" + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIM3TqXaApX2JZsgfZd7PKVFMecDgqTHKibpSzgdXNpYAAAAABHNzaDo= solov2-le" ]; # Make me admin @@ -59,5 +60,5 @@ }; # Setup packages available everywhere - environment.systemPackages = with pkgs; [ fzf git htop rsync ripgrep zoxide ]; + environment.systemPackages = with pkgs; [ fzf git htop ncdu rsync ripgrep zoxide ]; } -- 2.47.1 From ccfbd0b477a7ddca29ffbfd49690a31b992c23d1 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 30 Jul 2022 12:22:19 +0200 Subject: [PATCH 0356/1882] more metrics --- flake.lock | 18 ++++++------- hosts.nix | 10 +++----- nixos/hosts/consul/configuration.nix | 25 ------------------- nixos/hosts/nginx/configuration.nix | 8 ++++++ nixos/hosts/victoriametrics/configuration.nix | 18 ++++++++++++- nixos/hosts/wireguard/configuration.nix | 9 ++++++- 6 files changed, 46 insertions(+), 42 deletions(-) delete mode 100644 nixos/hosts/consul/configuration.nix diff --git a/flake.lock b/flake.lock index 474ac5b9..20c5d67f 100644 --- a/flake.lock +++ b/flake.lock @@ -10,11 +10,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1658094154, - "narHash": "sha256-9g9hZ27VxPDqOM+v+JUVV5XkYCjnu7yWrOPV/zIgBYA=", + "lastModified": 1659157989, + "narHash": "sha256-XHyjblfOAhoHwIDfPxYqAbvYzCO0/XjntULV6Dmavo8=", "owner": "zhaofengli", "repo": "colmena", - "rev": "5d2f12851596678316ed1f0b53ff1ec624d5ebac", + "rev": "34bb2e46747e69c9a34f94583330ad9a9f5ad20a", "type": "github" }, "original": { @@ -206,11 +206,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1659059370, - "narHash": "sha256-JrD97kjloTgkuHRCHbvTCFJLnRQTICYwbR4QzXk6nnU=", + "lastModified": 1659144434, + "narHash": "sha256-FlfgEhzZTG39j+7IoDFFjED8asI3vWcOZSGmz5rpMdk=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "927bd0ae6473b431ccab8aff20eb04eb4323d627", + "rev": "65702e6e4bd0d368b8a5f4efd8ea84c5ad9a604c", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1658985157, - "narHash": "sha256-f8JN0mQGSaEfw6HjMST0yViBTln/kzfTxe+qHutzvEI=", + "lastModified": 1659077768, + "narHash": "sha256-P0XIHBVty6WIuIrk2DZNvLcYev9956y1prT4zL212H8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "bba87fc2a33618d86233fbdddc6b84971e6b5558", + "rev": "2a93ea177c3d7700b934bf95adfe00c435f696b8", "type": "github" }, "original": { diff --git a/hosts.nix b/hosts.nix index 3bc4bc37..02fb68f2 100644 --- a/hosts.nix +++ b/hosts.nix @@ -60,11 +60,9 @@ mac = "74:40:be:48:85:a4"; nix = false; } - { - hostname = "consul"; - ip = "10.42.42.14"; - mac = "D6:DE:07:41:73:81"; - } + # { + # ip = "10.42.42.14"; + # } { hostname = "dns-1"; profile = "dns"; @@ -83,7 +81,7 @@ mac = "0A:06:5E:E7:9A:0C"; } # { - # ip = "10.42.42.18"; + # ip = "10.42.42.18"; # } { hostname = "victoriametrics"; diff --git a/nixos/hosts/consul/configuration.nix b/nixos/hosts/consul/configuration.nix deleted file mode 100644 index 949dfb77..00000000 --- a/nixos/hosts/consul/configuration.nix +++ /dev/null @@ -1,25 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, ... }: - -{ - imports = [ - ]; - - networking.hostName = "consul"; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "21.05"; # Did you read the comment? - - # Additional packages - environment.systemPackages = with pkgs; [ ]; - - networking.firewall.allowedTCPPorts = [ ]; -} diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index 0cd0c544..d8c5afea 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -41,6 +41,7 @@ in services.nginx = { enable = true; + statusPage = true; recommendedProxySettings = true; recommendedTlsSettings = true; recommendedOptimisation = true; @@ -119,4 +120,11 @@ in security.acme.defaults.email = "victorheld12@gmail.com"; security.acme.acceptTerms = true; security.acme.preliminarySelfsigned = true; + + services.prometheus.exporters = { + nginx = { + enable = true; + openFirewall = true; + }; + }; } diff --git a/nixos/hosts/victoriametrics/configuration.nix b/nixos/hosts/victoriametrics/configuration.nix index 22350d2b..2a5372f6 100644 --- a/nixos/hosts/victoriametrics/configuration.nix +++ b/nixos/hosts/victoriametrics/configuration.nix @@ -37,11 +37,20 @@ in enable = true; openFirewall = true; prometheusConfig = { - global = { + global = { scrape_interval = "1m"; scrape_timeout = "30s"; }; scrape_configs = [ + { + job_name = "nginx"; + static_configs = [ + { + targets = [ "nginx.olympus:9113" ]; + labels.app = "nginx"; + } + ]; + } { job_name = "synapse"; metrics_path = "/_synapse/metrics"; @@ -50,6 +59,13 @@ in labels.app = "synapse"; }]; } + { + job_name = "wireguard"; + static_configs = [{ + targets = [ "wireguard.olympus:9586" ]; + labels.app = "wireguard"; + }]; + } ]; }; }; diff --git a/nixos/hosts/wireguard/configuration.nix b/nixos/hosts/wireguard/configuration.nix index b83c4988..27236a24 100644 --- a/nixos/hosts/wireguard/configuration.nix +++ b/nixos/hosts/wireguard/configuration.nix @@ -22,7 +22,9 @@ let vs = config.vault-secrets.secrets; in environment.noXlibs = lib.mkForce false; - networking.firewall.allowedUDPPorts = [ config.networking.wireguard.interfaces.wg0.listenPort ]; + networking.firewall.allowedUDPPorts = [ + config.networking.wireguard.interfaces.wg0.listenPort + ]; vault-secrets.secrets.wireguard = { services = [ "wireguard-wg0" ]; @@ -34,6 +36,11 @@ let vs = config.vault-secrets.secrets; in externalInterface = "eth0"; }; + services.prometheus.exporters.wireguard = { + enable = true; + openFirewall = true; + }; + networking.wireguard.interfaces.wg0 = { ips = [ "10.100.0.1/24" ]; listenPort = 51820; -- 2.47.1 From f56ed00acf3d4fc6d23bbf74cbfc85c35583fc81 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 30 Jul 2022 12:30:50 +0200 Subject: [PATCH 0357/1882] hopefully fix drone runner https://github.com/drone/charts/issues/84 --- flux/cluster/apps/gitops/drone/runner.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/flux/cluster/apps/gitops/drone/runner.yaml b/flux/cluster/apps/gitops/drone/runner.yaml index abb0e97b..1cc17c02 100644 --- a/flux/cluster/apps/gitops/drone/runner.yaml +++ b/flux/cluster/apps/gitops/drone/runner.yaml @@ -27,3 +27,4 @@ spec: - drone-build env: DRONE_NAMESPACE_DEFAULT: drone-build + DRONE_RPC_HOST: "drone:8080" -- 2.47.1 From 799c41ec586590f3298a9e3f6526796911d5220b Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 30 Jul 2022 13:12:10 +0200 Subject: [PATCH 0358/1882] switched single host to colmena --- flake.nix | 36 ++++++++++++++++++++++--- hosts.nix | 1 - nixos/common/default.nix | 7 +---- nixos/hosts/bastion/configuration.nix | 2 +- nixos/hosts/minecraft/configuration.nix | 2 +- 5 files changed, 36 insertions(+), 12 deletions(-) diff --git a/flake.nix b/flake.nix index 095cf3f7..105f09c5 100644 --- a/flake.nix +++ b/flake.nix @@ -26,7 +26,7 @@ }; outputs = - { self, nixpkgs, deploy-rs, vault-secrets, serokell-nix, ... }@inputs: + { self, nixpkgs, deploy-rs, vault-secrets, serokell-nix, minecraft-servers, ... }@inputs: let inherit (nixpkgs) lib; inherit (builtins) filter mapAttrs; @@ -83,8 +83,37 @@ in { # Make the config and deploy sets - nixosConfigurations = lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; - deploy.nodes = lib.foldr (el: acc: acc // mkDeploy el) { } nixHosts; + # nixosConfigurations = lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; + # deploy.nodes = lib.foldr (el: acc: acc // mkDeploy el) { } nixHosts; + + colmena = { + meta = { + nixpkgs = import nixpkgs { + system = "x86_64-linux"; + overlays = [ + (import ./nixos/pkgs) + minecraft-servers.overlays.default + ]; + specialArgs = { + inherit hosts; + }; + }; + }; + + minecraft = { + imports = [ + vault-secrets.nixosModules.vault-secrets + ./nixos/common + "${./.}/nixos/hosts/minecraft/configuration.nix" + "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" + ./nixos/common/generic-lxc.nix + ]; + deployment = { + targetHost = "10.42.42.21"; + targetUser = "victor"; + }; + }; + }; apps.${system} = rec { @@ -114,6 +143,7 @@ # This only support bash so just execute zsh in bash as a workaround :/ shellHook = "zsh; exit $?"; buildInputs = with pkgs; [ + colmena deploy-rs.packages.${system}.deploy-rs fluxcd k9s diff --git a/hosts.nix b/hosts.nix index 02fb68f2..4b3a9a5d 100644 --- a/hosts.nix +++ b/hosts.nix @@ -97,7 +97,6 @@ hostname = "minecraft"; ip = "10.42.42.21"; mac = "EA:30:73:E4:B6:69"; - nix = false; } { hostname = "gitea"; diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 7ce33056..a17e5fd6 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -1,8 +1,7 @@ -{ config, inputs, pkgs, ... }: +{ config, pkgs, ... }: { imports = [ - inputs.vault-secrets.nixosModules.vault-secrets # User account definitions ./users ./services @@ -37,10 +36,6 @@ }; nixpkgs.config.allowUnfree = true; - nixpkgs.overlays = [ - (import ../pkgs) - inputs.minecraft-servers.overlays.default - ]; # Limit the systemd journal to 100 MB of disk or the # last 7 days of logs, whichever happens first. diff --git a/nixos/hosts/bastion/configuration.nix b/nixos/hosts/bastion/configuration.nix index c26cc8f6..8a2309f6 100644 --- a/nixos/hosts/bastion/configuration.nix +++ b/nixos/hosts/bastion/configuration.nix @@ -45,7 +45,7 @@ in { # Additional packages environment.systemPackages = with pkgs; [ binutils - checkov + colmena fix-vscode fluxcd k9s diff --git a/nixos/hosts/minecraft/configuration.nix b/nixos/hosts/minecraft/configuration.nix index 1b0bba5c..3b5fcf68 100644 --- a/nixos/hosts/minecraft/configuration.nix +++ b/nixos/hosts/minecraft/configuration.nix @@ -24,7 +24,7 @@ networking.firewall.allowedTCPPorts = [ ]; services.minecraft-server = { - enable = true; + enable = false; package = pkgs.minecraftServers.purpur_1_18; jvmOpts = "--add-modules=jdk.incubator.vector -Xmx2048M -Xms2048M"; -- 2.47.1 From d80ffb138cd52ed1efca20f6bda7737f9ae48bd0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 30 Jul 2022 12:01:11 +0000 Subject: [PATCH 0359/1882] chore(deps): update dependency renovate/renovate to v32.135 --- flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml index e6c5baf7..9ee49dd9 100644 --- a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ b/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.134 + image: renovate/renovate:32.135 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From ee9a017c467036778b32882cd2441e5d65d9f8a2 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 30 Jul 2022 16:42:46 +0200 Subject: [PATCH 0360/1882] remove deploy-rs --- flake.lock | 86 +++++++++++++++++++++++------------------- flake.nix | 108 ++++++++++++++++------------------------------------- 2 files changed, 80 insertions(+), 114 deletions(-) diff --git a/flake.lock b/flake.lock index 20c5d67f..dd5b9e22 100644 --- a/flake.lock +++ b/flake.lock @@ -26,23 +26,20 @@ "deploy-rs": { "inputs": { "flake-compat": "flake-compat_2", - "nixpkgs": [ - "nixpkgs" - ], - "utils": "utils_2" + "nixpkgs": "nixpkgs_2", + "utils": "utils_3" }, "locked": { - "lastModified": 1653594315, - "narHash": "sha256-kJ0ENmnQJ4qL2FeYKZba9kvv1KmIuB3NVpBwMeI7AJQ=", + "lastModified": 1648475189, + "narHash": "sha256-gAGAS6IagwoUr1B0ohE3iR6sZ8hP4LSqzYLC8Mq3WGU=", "owner": "serokell", "repo": "deploy-rs", - "rev": "184349d8149436748986d1bdba087e4149e9c160", + "rev": "83e0c78291cd08cb827ba0d553ad9158ae5a95c3", "type": "github" }, "original": { - "owner": "serokell", - "repo": "deploy-rs", - "type": "github" + "id": "deploy-rs", + "type": "indirect" } }, "flake-compat": { @@ -203,7 +200,7 @@ "nixpkgs": [ "nixpkgs" ], - "utils": "utils_3" + "utils": "utils_2" }, "locked": { "lastModified": 1659144434, @@ -222,7 +219,7 @@ "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs_2" + "nixpkgs": "nixpkgs_3" }, "locked": { "lastModified": 1633098935, @@ -240,7 +237,7 @@ "nix_2": { "inputs": { "lowdown-src": "lowdown-src_2", - "nixpkgs": "nixpkgs_3" + "nixpkgs": "nixpkgs_4" }, "locked": { "lastModified": 1633098935, @@ -273,17 +270,18 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1632864508, - "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", + "lastModified": 1648219316, + "narHash": "sha256-Ctij+dOi0ZZIfX5eMhgwugfvB+WZSrvVNAyAuANOsnQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "82891b5e2c2359d7e58d08849e4c89511ab94234", + "rev": "30d3d79b7d3607d56546dd2a6b49e156ba0ec634", "type": "github" }, "original": { - "id": "nixpkgs", - "ref": "nixos-21.05-small", - "type": "indirect" + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" } }, "nixpkgs_3": { @@ -301,10 +299,24 @@ "type": "indirect" } }, + "nixpkgs_4": { + "locked": { + "lastModified": 1632864508, + "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "82891b5e2c2359d7e58d08849e4c89511ab94234", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-21.05-small", + "type": "indirect" + } + }, "root": { "inputs": { "colmena": "colmena", - "deploy-rs": "deploy-rs", "minecraft-servers": "minecraft-servers", "nixpkgs": "nixpkgs", "serokell-nix": "serokell-nix", @@ -313,9 +325,7 @@ }, "serokell-nix": { "inputs": { - "deploy-rs": [ - "deploy-rs" - ], + "deploy-rs": "deploy-rs", "flake-compat": "flake-compat_3", "flake-utils": "flake-utils_2", "gitignore-nix": "gitignore-nix", @@ -370,21 +380,6 @@ } }, "utils_2": { - "locked": { - "lastModified": 1648297722, - "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "utils_3": { "inputs": { "flake-utils": "flake-utils" }, @@ -402,6 +397,21 @@ "type": "github" } }, + "utils_3": { + "locked": { + "lastModified": 1648297722, + "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "vault-secrets": { "inputs": { "flake-compat": "flake-compat_4", diff --git a/flake.nix b/flake.nix index 105f09c5..215c76cb 100644 --- a/flake.nix +++ b/flake.nix @@ -8,15 +8,11 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; - deploy-rs.url = "github:serokell/deploy-rs"; - deploy-rs.inputs.nixpkgs.follows = "nixpkgs"; - colmena.url = "github:zhaofengli/colmena"; colmena.inputs.nixpkgs.follows = "nixpkgs"; serokell-nix.url = "github:serokell/serokell.nix"; serokell-nix.inputs.nixpkgs.follows = "nixpkgs"; - serokell-nix.inputs.deploy-rs.follows = "deploy-rs"; vault-secrets.url = "github:serokell/vault-secrets"; vault-secrets.inputs.nixpkgs.follows = "nixpkgs"; @@ -26,13 +22,14 @@ }; outputs = - { self, nixpkgs, deploy-rs, vault-secrets, serokell-nix, minecraft-servers, ... }@inputs: + { self, nixpkgs, vault-secrets, serokell-nix, minecraft-servers, ... }@inputs: let inherit (nixpkgs) lib; inherit (builtins) filter mapAttrs; system = "x86_64-linux"; hosts = import ./hosts.nix; + # TODO: consolidate with mkColmenaHost # Create a nixosConfiguration based on a foldername (nixname) and if the host is an LXC container or a VM. mkConfig = { hostname, profile ? hostname, lxc ? true, ... }: { "${profile}" = lib.nixosSystem { @@ -49,79 +46,53 @@ }; }; - # Same as above, but for the nodes part of deploy. - mkDeploy = { ip, hostname, profile ? hostname, ... }: { + # Import all nixos host definitions that are actual nix machines + nixHosts = filter ({ nix ? true, ... }: nix) hosts; + + mkColmenaHost = { ip, hostname, profile ? hostname, lxc ? true, ... }: { "${hostname}" = { - hostname = ip; - fastConnection = true; - profiles.system = { - user = "root"; - path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.${profile}; + imports = [ + vault-secrets.nixosModules.vault-secrets + ./nixos/common + "${./.}/nixos/hosts/${profile}/configuration.nix" + ] ++ (if lxc then [ + "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" + ./nixos/common/generic-lxc.nix + ] else [ ./nixos/common/generic-vm.nix ]); + + deployment = { + targetHost = ip; + targetUser = null; # Defaults to $USER }; }; }; - # Generates hosts.auto.tfvars.json for Terraform - genTFVars = - let - hostToVar = z@{ hostname, mac, ... }: { - "${hostname}" = { inherit mac; }; - }; - hostSet = lib.foldr (el: acc: acc // hostToVar el) { } hosts; - json = builtins.toJSON { hosts = hostSet; }; - in - pkgs.writeScriptBin "gen-tf-vars" '' - echo '${json}' | ${pkgs.jq}/bin/jq > terraform/hosts.auto.tfvars.json; - echo "Generated Terraform Variables"; - ''; - - # Import all nixos host definitions that are actual nix machines - nixHosts = filter ({ nix ? true, ... }: nix) hosts; - pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ]; in { # Make the config and deploy sets - # nixosConfigurations = lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; - # deploy.nodes = lib.foldr (el: acc: acc // mkDeploy el) { } nixHosts; + nixosConfigurations = lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; - colmena = { - meta = { - nixpkgs = import nixpkgs { - system = "x86_64-linux"; - overlays = [ - (import ./nixos/pkgs) - minecraft-servers.overlays.default - ]; + colmena = lib.foldr (el: acc: acc // mkColmenaHost el) + { + meta = { + nixpkgs = import nixpkgs { + system = "x86_64-linux"; + overlays = [ + (import ./nixos/pkgs) + vault-secrets.overlay + minecraft-servers.overlays.default + ]; + }; specialArgs = { inherit hosts; }; }; - }; - - minecraft = { - imports = [ - vault-secrets.nixosModules.vault-secrets - ./nixos/common - "${./.}/nixos/hosts/minecraft/configuration.nix" - "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" - ./nixos/common/generic-lxc.nix - ]; - deployment = { - targetHost = "10.42.42.21"; - targetUser = "victor"; - }; - }; - }; - + } + nixHosts; apps.${system} = rec { - default = deploy; - deploy = { - type = "app"; - program = "${deploy-rs.packages.${system}.deploy-rs}/bin/deploy"; - }; vault-push-approles = { type = "app"; program = "${pkgs.vault-push-approles self}/bin/vault-push-approles"; @@ -131,10 +102,6 @@ program = "${pkgs.vault-push-approle-envs self}/bin/vault-push-approle-envs"; }; - tfvars = { - type = "app"; - program = "${genTFVars}/bin/gen-tf-vars"; - }; }; # Use by running `nix develop` @@ -144,7 +111,6 @@ shellHook = "zsh; exit $?"; buildInputs = with pkgs; [ colmena - deploy-rs.packages.${system}.deploy-rs fluxcd k9s kubectl @@ -153,17 +119,7 @@ nixfmt nixUnstable vault - # (vault-push-approles self { }) - # (vault-push-approle-envs self { }) - genTFVars ]; }; - - # Filter out non-system checks: https://github.com/NixOS/nixpkgs/issues/175875#issuecomment-1152996862 - checks = lib.filterAttrs - (a: _: a == system) - (builtins.mapAttrs - (system: deployLib: deployLib.deployChecks self.deploy) - deploy-rs.lib); }; } -- 2.47.1 From 5f5cfcb8d18634feb376e9763b4b07f8b3b4c1ea Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 30 Jul 2022 17:15:58 +0200 Subject: [PATCH 0361/1882] most of colmena done --- flake.nix | 59 +++++++++++++++++++++++-------------------------------- 1 file changed, 25 insertions(+), 34 deletions(-) diff --git a/flake.nix b/flake.nix index 215c76cb..efa8789f 100644 --- a/flake.nix +++ b/flake.nix @@ -28,38 +28,32 @@ inherit (builtins) filter mapAttrs; system = "x86_64-linux"; hosts = import ./hosts.nix; + specialArgs = { inherit hosts inputs; }; + # Filter all nixos host definitions that are actual nix machines + nixHosts = filter ({ nix ? true, ... }: nix) hosts; + + resolveImports = { hostname, profile ? hostname, lxc ? true, ... }: [ + vault-secrets.nixosModules.vault-secrets + ./nixos/common + "${./.}/nixos/hosts/${profile}/configuration.nix" + ] ++ (if lxc then [ + "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" + ./nixos/common/generic-lxc.nix + ] + else [ ./nixos/common/generic-vm.nix ]); - # TODO: consolidate with mkColmenaHost # Create a nixosConfiguration based on a foldername (nixname) and if the host is an LXC container or a VM. - mkConfig = { hostname, profile ? hostname, lxc ? true, ... }: { + mkConfig = { hostname, profile ? hostname, lxc ? true, ... }@host: { "${profile}" = lib.nixosSystem { inherit system; - modules = [ - ./nixos/common - "${./.}/nixos/hosts/${profile}/configuration.nix" - ] ++ (if lxc then [ - "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" - ./nixos/common/generic-lxc.nix - ] else - [ ./nixos/common/generic-vm.nix ]); - specialArgs = { inherit hosts inputs; }; + inherit specialArgs; + modules = resolveImports host; }; }; - # Import all nixos host definitions that are actual nix machines - nixHosts = filter ({ nix ? true, ... }: nix) hosts; - - mkColmenaHost = { ip, hostname, profile ? hostname, lxc ? true, ... }: { + mkColmenaHost = { ip, hostname, profile ? hostname, lxc ? true, ... }@host: { "${hostname}" = { - imports = [ - vault-secrets.nixosModules.vault-secrets - ./nixos/common - "${./.}/nixos/hosts/${profile}/configuration.nix" - ] ++ (if lxc then [ - "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" - ./nixos/common/generic-lxc.nix - ] else [ ./nixos/common/generic-vm.nix ]); - + imports = resolveImports host; deployment = { targetHost = ip; targetUser = null; # Defaults to $USER @@ -67,8 +61,7 @@ }; }; - pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ]; - + legacyPackages = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ]; in { # Make the config and deploy sets @@ -78,16 +71,14 @@ { meta = { nixpkgs = import nixpkgs { - system = "x86_64-linux"; + inherit system; overlays = [ (import ./nixos/pkgs) vault-secrets.overlay minecraft-servers.overlays.default ]; }; - specialArgs = { - inherit hosts; - }; + inherit specialArgs; }; } nixHosts; @@ -95,21 +86,21 @@ apps.${system} = rec { vault-push-approles = { type = "app"; - program = "${pkgs.vault-push-approles self}/bin/vault-push-approles"; + program = "${legacyPackages.vault-push-approles self}/bin/vault-push-approles"; }; vault-push-approle-envs = { type = "app"; program = - "${pkgs.vault-push-approle-envs self}/bin/vault-push-approle-envs"; + "${legacyPackages.vault-push-approle-envs self}/bin/vault-push-approle-envs"; }; }; # Use by running `nix develop` - devShells.${system}.default = pkgs.mkShell { + devShells.${system}.default = legacyPackages.mkShell { VAULT_ADDR = "http://vault.olympus:8200/"; # This only support bash so just execute zsh in bash as a workaround :/ shellHook = "zsh; exit $?"; - buildInputs = with pkgs; [ + buildInputs = with legacyPackages; [ colmena fluxcd k9s -- 2.47.1 From 34dd2d59846fd6d1354c83975251ef8ec55c431e Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 30 Jul 2022 18:02:40 +0200 Subject: [PATCH 0362/1882] colmena last touches --- flake.nix | 38 +++++++++------------------ nixos/common/default.nix | 14 +++++++++- nixos/common/users/default.nix | 2 +- nixos/hosts/bastion/configuration.nix | 1 - 4 files changed, 26 insertions(+), 29 deletions(-) diff --git a/flake.nix b/flake.nix index efa8789f..8d99ab86 100644 --- a/flake.nix +++ b/flake.nix @@ -22,7 +22,7 @@ }; outputs = - { self, nixpkgs, vault-secrets, serokell-nix, minecraft-servers, ... }@inputs: + { self, nixpkgs, vault-secrets, serokell-nix, minecraft-servers, colmena, ... }@inputs: let inherit (nixpkgs) lib; inherit (builtins) filter mapAttrs; @@ -32,8 +32,8 @@ # Filter all nixos host definitions that are actual nix machines nixHosts = filter ({ nix ? true, ... }: nix) hosts; + # Resolve imports based on a foldername (nixname) and if the host is an LXC container or a VM. resolveImports = { hostname, profile ? hostname, lxc ? true, ... }: [ - vault-secrets.nixosModules.vault-secrets ./nixos/common "${./.}/nixos/hosts/${profile}/configuration.nix" ] ++ (if lxc then [ @@ -42,16 +42,14 @@ ] else [ ./nixos/common/generic-vm.nix ]); - # Create a nixosConfiguration based on a foldername (nixname) and if the host is an LXC container or a VM. - mkConfig = { hostname, profile ? hostname, lxc ? true, ... }@host: { - "${profile}" = lib.nixosSystem { - inherit system; - inherit specialArgs; - modules = resolveImports host; + mkConfig = { hostname, ... }@host: { + "${hostname}" = lib.nixosSystem { + inherit system specialArgs; + modules = resolveImports host; }; }; - mkColmenaHost = { ip, hostname, profile ? hostname, lxc ? true, ... }@host: { + mkColmenaHost = { ip, hostname, ... }@host: { "${hostname}" = { imports = resolveImports host; deployment = { @@ -61,7 +59,7 @@ }; }; - legacyPackages = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ]; + pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ]; in { # Make the config and deploy sets @@ -74,7 +72,6 @@ inherit system; overlays = [ (import ./nixos/pkgs) - vault-secrets.overlay minecraft-servers.overlays.default ]; }; @@ -83,25 +80,12 @@ } nixHosts; - apps.${system} = rec { - vault-push-approles = { - type = "app"; - program = "${legacyPackages.vault-push-approles self}/bin/vault-push-approles"; - }; - vault-push-approle-envs = { - type = "app"; - program = - "${legacyPackages.vault-push-approle-envs self}/bin/vault-push-approle-envs"; - }; - }; - # Use by running `nix develop` - devShells.${system}.default = legacyPackages.mkShell { + devShells.${system}.default = pkgs.mkShell { VAULT_ADDR = "http://vault.olympus:8200/"; # This only support bash so just execute zsh in bash as a workaround :/ shellHook = "zsh; exit $?"; - buildInputs = with legacyPackages; [ - colmena + buildInputs = with pkgs; [ fluxcd k9s kubectl @@ -110,6 +94,8 @@ nixfmt nixUnstable vault + (vault-push-approle-envs self) + (vault-push-approle-approles self) ]; }; }; diff --git a/nixos/common/default.nix b/nixos/common/default.nix index a17e5fd6..9c0ef6ec 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -1,7 +1,8 @@ -{ config, pkgs, ... }: +{ config, pkgs, inputs, ... }: { imports = [ + inputs.vault-secrets.nixosModules.vault-secrets # User account definitions ./users ./services @@ -23,13 +24,24 @@ "https://cachix.cachix.org" "https://nix-community.cachix.org" "https://nixpkgs-review-bot.cachix.org" + "https://colmena.cachix.org" ]; trusted-public-keys = [ "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "nixpkgs-review-bot.cachix.org-1:eppgiDjPk7Hkzzz7XlUesk3rcEHqNDozGOrcLc8IqwE=" + "colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg=" ]; }; + gc = { + dates = "weekly"; + automatic = true; + randomizedDelaySec = "45min"; + }; + optimise = { + automatic = true; + dates = "weekly"; + }; extraOptions = '' experimental-features = nix-command flakes ''; diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index 96ae9ceb..5cb68dfe 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -48,7 +48,7 @@ ]; # Make me admin - extraGroups = [ "wheel" ]; + extraGroups = [ "systemd-journal" "wheel" ]; }; # Configure the root account diff --git a/nixos/hosts/bastion/configuration.nix b/nixos/hosts/bastion/configuration.nix index 8a2309f6..5d9adbb0 100644 --- a/nixos/hosts/bastion/configuration.nix +++ b/nixos/hosts/bastion/configuration.nix @@ -45,7 +45,6 @@ in { # Additional packages environment.systemPackages = with pkgs; [ binutils - colmena fix-vscode fluxcd k9s -- 2.47.1 From 1f937300ff57a423524e5c55de5c4c2e2b1fab0c Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 30 Jul 2022 22:16:44 +0200 Subject: [PATCH 0363/1882] start set up for multi-location nixos flake --- flake.nix | 19 ++++++++++++------- nixos/common/default.nix | 3 ++- nixos/hosts/default.nix | 4 ++++ .../{ => olympus}/_template/configuration.nix | 0 .../{ => olympus}/bastion/configuration.nix | 0 .../bastion/hardware-configuration.nix | 0 .../{ => olympus}/database/configuration.nix | 0 hosts.nix => nixos/hosts/olympus/default.nix | 1 + .../{ => olympus}/dhcp/configuration.nix | 3 ++- .../hosts/{ => olympus}/dns/configuration.nix | 8 +++++--- .../{ => olympus}/gitea/configuration.nix | 0 .../{ => olympus}/hedgedoc/configuration.nix | 0 .../hosts/{ => olympus}/k3s/configuration.nix | 0 .../k3s/hardware-configuration.nix | 0 .../{ => olympus}/minecraft/configuration.nix | 0 .../{ => olympus}/minio/configuration.nix | 0 .../{ => olympus}/mosquitto/configuration.nix | 0 .../{ => olympus}/nginx/configuration.nix | 0 .../{ => olympus}/synapse/configuration.nix | 0 .../{ => olympus}/unifi/configuration.nix | 0 .../{ => olympus}/vault/configuration.nix | 0 .../victoriametrics/configuration.nix | 0 .../{ => olympus}/wireguard/configuration.nix | 0 23 files changed, 26 insertions(+), 12 deletions(-) create mode 100644 nixos/hosts/default.nix rename nixos/hosts/{ => olympus}/_template/configuration.nix (100%) rename nixos/hosts/{ => olympus}/bastion/configuration.nix (100%) rename nixos/hosts/{ => olympus}/bastion/hardware-configuration.nix (100%) rename nixos/hosts/{ => olympus}/database/configuration.nix (100%) rename hosts.nix => nixos/hosts/olympus/default.nix (99%) rename nixos/hosts/{ => olympus}/dhcp/configuration.nix (96%) rename nixos/hosts/{ => olympus}/dns/configuration.nix (88%) rename nixos/hosts/{ => olympus}/gitea/configuration.nix (100%) rename nixos/hosts/{ => olympus}/hedgedoc/configuration.nix (100%) rename nixos/hosts/{ => olympus}/k3s/configuration.nix (100%) rename nixos/hosts/{ => olympus}/k3s/hardware-configuration.nix (100%) rename nixos/hosts/{ => olympus}/minecraft/configuration.nix (100%) rename nixos/hosts/{ => olympus}/minio/configuration.nix (100%) rename nixos/hosts/{ => olympus}/mosquitto/configuration.nix (100%) rename nixos/hosts/{ => olympus}/nginx/configuration.nix (100%) rename nixos/hosts/{ => olympus}/synapse/configuration.nix (100%) rename nixos/hosts/{ => olympus}/unifi/configuration.nix (100%) rename nixos/hosts/{ => olympus}/vault/configuration.nix (100%) rename nixos/hosts/{ => olympus}/victoriametrics/configuration.nix (100%) rename nixos/hosts/{ => olympus}/wireguard/configuration.nix (100%) diff --git a/flake.nix b/flake.nix index 8d99ab86..3cb3feb6 100644 --- a/flake.nix +++ b/flake.nix @@ -25,17 +25,21 @@ { self, nixpkgs, vault-secrets, serokell-nix, minecraft-servers, colmena, ... }@inputs: let inherit (nixpkgs) lib; - inherit (builtins) filter mapAttrs; + inherit (builtins) filter mapAttrs attrValues concatLists; system = "x86_64-linux"; - hosts = import ./hosts.nix; - specialArgs = { inherit hosts inputs; }; + # import and add location qualifier to all hosts + hosts = mapAttrs (location: lhosts: map ({ tags ? [ ], ... }@x: x // { tags = [ location ] ++ tags; inherit location; }) lhosts) (import ./nixos/hosts); + # flatten hosts to single list + flat_hosts = concatLists (attrValues hosts); # Filter all nixos host definitions that are actual nix machines - nixHosts = filter ({ nix ? true, ... }: nix) hosts; + nixHosts = filter ({ nix ? true, ... }: nix) flat_hosts; + # Define args each module gets access to (access to hosts is useful for DNS/DHCP) + specialArgs = { inherit hosts flat_hosts inputs; }; # Resolve imports based on a foldername (nixname) and if the host is an LXC container or a VM. - resolveImports = { hostname, profile ? hostname, lxc ? true, ... }: [ + resolveImports = { hostname, location, profile ? hostname, lxc ? true, ... }: [ ./nixos/common - "${./.}/nixos/hosts/${profile}/configuration.nix" + "${./.}/nixos/hosts/${location}/${profile}/configuration.nix" ] ++ (if lxc then [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ./nixos/common/generic-lxc.nix @@ -49,10 +53,11 @@ }; }; - mkColmenaHost = { ip, hostname, ... }@host: { + mkColmenaHost = { ip, hostname, tags, ... }@host: { "${hostname}" = { imports = resolveImports host; deployment = { + inherit tags; targetHost = ip; targetUser = null; # Defaults to $USER }; diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 9c0ef6ec..bc1478bc 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -40,7 +40,7 @@ }; optimise = { automatic = true; - dates = "weekly"; + dates = [ "weekly" ]; }; extraOptions = '' experimental-features = nix-command flakes @@ -63,6 +63,7 @@ permitRootLogin = "no"; }; + # TODO: Location dependent vault-secrets = { vaultPrefix = "secrets/nixos"; vaultAddress = "http://vault.olympus:8200/"; diff --git a/nixos/hosts/default.nix b/nixos/hosts/default.nix new file mode 100644 index 00000000..b325b5b3 --- /dev/null +++ b/nixos/hosts/default.nix @@ -0,0 +1,4 @@ +{ + olympus = import ./olympus; + hades = []; +} diff --git a/nixos/hosts/_template/configuration.nix b/nixos/hosts/olympus/_template/configuration.nix similarity index 100% rename from nixos/hosts/_template/configuration.nix rename to nixos/hosts/olympus/_template/configuration.nix diff --git a/nixos/hosts/bastion/configuration.nix b/nixos/hosts/olympus/bastion/configuration.nix similarity index 100% rename from nixos/hosts/bastion/configuration.nix rename to nixos/hosts/olympus/bastion/configuration.nix diff --git a/nixos/hosts/bastion/hardware-configuration.nix b/nixos/hosts/olympus/bastion/hardware-configuration.nix similarity index 100% rename from nixos/hosts/bastion/hardware-configuration.nix rename to nixos/hosts/olympus/bastion/hardware-configuration.nix diff --git a/nixos/hosts/database/configuration.nix b/nixos/hosts/olympus/database/configuration.nix similarity index 100% rename from nixos/hosts/database/configuration.nix rename to nixos/hosts/olympus/database/configuration.nix diff --git a/hosts.nix b/nixos/hosts/olympus/default.nix similarity index 99% rename from hosts.nix rename to nixos/hosts/olympus/default.nix index 4b3a9a5d..95bac891 100644 --- a/hosts.nix +++ b/nixos/hosts/olympus/default.nix @@ -46,6 +46,7 @@ ip = "10.42.42.9"; ip6 = "2001:41f0:9639:1:68c2:89ff:fe85:cfa6"; mac = "6A:C2:89:85:CF:A6"; + tags = [ "web" ]; } { hostname = "k3s-node1"; diff --git a/nixos/hosts/dhcp/configuration.nix b/nixos/hosts/olympus/dhcp/configuration.nix similarity index 96% rename from nixos/hosts/dhcp/configuration.nix rename to nixos/hosts/olympus/dhcp/configuration.nix index 1451139c..339f7315 100644 --- a/nixos/hosts/dhcp/configuration.nix +++ b/nixos/hosts/olympus/dhcp/configuration.nix @@ -5,6 +5,7 @@ let hostName = hostname; ipAddress = ip; }; + hosts' = hosts.olympus; in { imports = [ ]; @@ -47,6 +48,6 @@ in { range 10.42.43.1 10.42.43.254; } ''; - machines = map hostToDhcp hosts; + machines = map hostToDhcp hosts'; }; } diff --git a/nixos/hosts/dns/configuration.nix b/nixos/hosts/olympus/dns/configuration.nix similarity index 88% rename from nixos/hosts/dns/configuration.nix rename to nixos/hosts/olympus/dns/configuration.nix index d4535f46..2dd32df4 100644 --- a/nixos/hosts/dns/configuration.nix +++ b/nixos/hosts/olympus/dns/configuration.nix @@ -2,7 +2,9 @@ let inherit (builtins) filter hasAttr; localdomain = "olympus"; - ipv6Hosts = filter (hasAttr "ip6") hosts; + # TODO: use location attr in hosts + hosts' = hosts.${localdomain}; + ipv6Hosts = filter (hasAttr "ip6") hosts'; localData = { hostname, ip, ... }: ''"${hostname}.${localdomain}. A ${ip}"''; local6Data = { hostname, ip6, ... }: ''"${hostname}.${localdomain}. AAAA ${ip6}"''; @@ -38,8 +40,8 @@ in { interface = [ "0.0.0.0" "::0" ]; local-zone = ''"${localdomain}." transparent''; - local-data = (map localData hosts) ++ (map local6Data ipv6Hosts); - local-data-ptr = (map ptrData hosts) ++ (map ptr6Data ipv6Hosts); + local-data = (map localData hosts') ++ (map local6Data ipv6Hosts); + local-data-ptr = (map ptrData hosts') ++ (map ptr6Data ipv6Hosts); access-control = [ "127.0.0.1/32 allow_snoop" diff --git a/nixos/hosts/gitea/configuration.nix b/nixos/hosts/olympus/gitea/configuration.nix similarity index 100% rename from nixos/hosts/gitea/configuration.nix rename to nixos/hosts/olympus/gitea/configuration.nix diff --git a/nixos/hosts/hedgedoc/configuration.nix b/nixos/hosts/olympus/hedgedoc/configuration.nix similarity index 100% rename from nixos/hosts/hedgedoc/configuration.nix rename to nixos/hosts/olympus/hedgedoc/configuration.nix diff --git a/nixos/hosts/k3s/configuration.nix b/nixos/hosts/olympus/k3s/configuration.nix similarity index 100% rename from nixos/hosts/k3s/configuration.nix rename to nixos/hosts/olympus/k3s/configuration.nix diff --git a/nixos/hosts/k3s/hardware-configuration.nix b/nixos/hosts/olympus/k3s/hardware-configuration.nix similarity index 100% rename from nixos/hosts/k3s/hardware-configuration.nix rename to nixos/hosts/olympus/k3s/hardware-configuration.nix diff --git a/nixos/hosts/minecraft/configuration.nix b/nixos/hosts/olympus/minecraft/configuration.nix similarity index 100% rename from nixos/hosts/minecraft/configuration.nix rename to nixos/hosts/olympus/minecraft/configuration.nix diff --git a/nixos/hosts/minio/configuration.nix b/nixos/hosts/olympus/minio/configuration.nix similarity index 100% rename from nixos/hosts/minio/configuration.nix rename to nixos/hosts/olympus/minio/configuration.nix diff --git a/nixos/hosts/mosquitto/configuration.nix b/nixos/hosts/olympus/mosquitto/configuration.nix similarity index 100% rename from nixos/hosts/mosquitto/configuration.nix rename to nixos/hosts/olympus/mosquitto/configuration.nix diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix similarity index 100% rename from nixos/hosts/nginx/configuration.nix rename to nixos/hosts/olympus/nginx/configuration.nix diff --git a/nixos/hosts/synapse/configuration.nix b/nixos/hosts/olympus/synapse/configuration.nix similarity index 100% rename from nixos/hosts/synapse/configuration.nix rename to nixos/hosts/olympus/synapse/configuration.nix diff --git a/nixos/hosts/unifi/configuration.nix b/nixos/hosts/olympus/unifi/configuration.nix similarity index 100% rename from nixos/hosts/unifi/configuration.nix rename to nixos/hosts/olympus/unifi/configuration.nix diff --git a/nixos/hosts/vault/configuration.nix b/nixos/hosts/olympus/vault/configuration.nix similarity index 100% rename from nixos/hosts/vault/configuration.nix rename to nixos/hosts/olympus/vault/configuration.nix diff --git a/nixos/hosts/victoriametrics/configuration.nix b/nixos/hosts/olympus/victoriametrics/configuration.nix similarity index 100% rename from nixos/hosts/victoriametrics/configuration.nix rename to nixos/hosts/olympus/victoriametrics/configuration.nix diff --git a/nixos/hosts/wireguard/configuration.nix b/nixos/hosts/olympus/wireguard/configuration.nix similarity index 100% rename from nixos/hosts/wireguard/configuration.nix rename to nixos/hosts/olympus/wireguard/configuration.nix -- 2.47.1 From 378e3831e4bf3450436a3e0877ca5ec630404626 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 30 Jul 2022 22:57:42 +0200 Subject: [PATCH 0364/1882] set hostname toplevel --- flake.nix | 6 +++++- nixos/hosts/olympus/bastion/configuration.nix | 2 -- nixos/hosts/olympus/database/configuration.nix | 2 -- nixos/hosts/olympus/dhcp/configuration.nix | 1 - nixos/hosts/olympus/dns/configuration.nix | 2 -- nixos/hosts/olympus/gitea/configuration.nix | 2 -- nixos/hosts/olympus/hedgedoc/configuration.nix | 2 -- nixos/hosts/olympus/k3s/configuration.nix | 2 -- nixos/hosts/olympus/minecraft/configuration.nix | 2 -- nixos/hosts/olympus/minio/configuration.nix | 2 -- nixos/hosts/olympus/mosquitto/configuration.nix | 2 -- nixos/hosts/olympus/nginx/configuration.nix | 2 -- nixos/hosts/olympus/synapse/configuration.nix | 2 -- nixos/hosts/olympus/unifi/configuration.nix | 2 -- nixos/hosts/olympus/vault/configuration.nix | 2 -- nixos/hosts/olympus/victoriametrics/configuration.nix | 2 -- nixos/hosts/olympus/wireguard/configuration.nix | 2 -- 17 files changed, 5 insertions(+), 32 deletions(-) diff --git a/flake.nix b/flake.nix index 3cb3feb6..e9983bc2 100644 --- a/flake.nix +++ b/flake.nix @@ -53,9 +53,13 @@ }; }; - mkColmenaHost = { ip, hostname, tags, ... }@host: { + mkColmenaHost = { ip, hostname, tags, location, ... }@host: { "${hostname}" = { imports = resolveImports host; + networking = { + hostName = hostname; + domain = location; + }; deployment = { inherit tags; targetHost = ip; diff --git a/nixos/hosts/olympus/bastion/configuration.nix b/nixos/hosts/olympus/bastion/configuration.nix index 5d9adbb0..c79003f1 100644 --- a/nixos/hosts/olympus/bastion/configuration.nix +++ b/nixos/hosts/olympus/bastion/configuration.nix @@ -28,8 +28,6 @@ in { boot.loader.grub.version = 2; boot.loader.grub.device = "/dev/sda"; - networking.hostName = "bastion"; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/olympus/database/configuration.nix b/nixos/hosts/olympus/database/configuration.nix index 5e3f68ff..7fb8861a 100644 --- a/nixos/hosts/olympus/database/configuration.nix +++ b/nixos/hosts/olympus/database/configuration.nix @@ -9,8 +9,6 @@ in { imports = [ ]; - networking.hostName = "database"; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/olympus/dhcp/configuration.nix b/nixos/hosts/olympus/dhcp/configuration.nix index 339f7315..9c7db31a 100644 --- a/nixos/hosts/olympus/dhcp/configuration.nix +++ b/nixos/hosts/olympus/dhcp/configuration.nix @@ -10,7 +10,6 @@ in { imports = [ ]; networking = { - hostName = "dhcp"; defaultGateway = "10.42.42.1"; nameservers = [ "10.42.42.15" "10.42.42.16" ]; interfaces.eth0 = { diff --git a/nixos/hosts/olympus/dns/configuration.nix b/nixos/hosts/olympus/dns/configuration.nix index 2dd32df4..21b81a5c 100644 --- a/nixos/hosts/olympus/dns/configuration.nix +++ b/nixos/hosts/olympus/dns/configuration.nix @@ -13,8 +13,6 @@ let in { imports = [ ]; - networking.hostName = "dns"; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/olympus/gitea/configuration.nix b/nixos/hosts/olympus/gitea/configuration.nix index 848982f9..f0cc409f 100644 --- a/nixos/hosts/olympus/gitea/configuration.nix +++ b/nixos/hosts/olympus/gitea/configuration.nix @@ -6,8 +6,6 @@ { imports = [ ]; - networking.hostName = "gitea"; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/olympus/hedgedoc/configuration.nix b/nixos/hosts/olympus/hedgedoc/configuration.nix index dbb8dd3f..1f06d8df 100644 --- a/nixos/hosts/olympus/hedgedoc/configuration.nix +++ b/nixos/hosts/olympus/hedgedoc/configuration.nix @@ -11,8 +11,6 @@ in { imports = [ ]; - networking.hostName = "hedgedoc"; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/olympus/k3s/configuration.nix b/nixos/hosts/olympus/k3s/configuration.nix index 8cba9ebd..a6d715ae 100644 --- a/nixos/hosts/olympus/k3s/configuration.nix +++ b/nixos/hosts/olympus/k3s/configuration.nix @@ -14,8 +14,6 @@ boot.kernel.sysctl."fs.inotify.max_user_instances" = 2147483647; # INT_MAX, dynamically limited based on available memory boot.kernel.sysctl."fs.inotify.max_user_watches" = 1048576; - networking.hostName = "k3s-node1"; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/olympus/minecraft/configuration.nix b/nixos/hosts/olympus/minecraft/configuration.nix index 3b5fcf68..35a58446 100644 --- a/nixos/hosts/olympus/minecraft/configuration.nix +++ b/nixos/hosts/olympus/minecraft/configuration.nix @@ -6,8 +6,6 @@ { imports = [ ]; - networking.hostName = "minecraft"; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/olympus/minio/configuration.nix b/nixos/hosts/olympus/minio/configuration.nix index ad3b26d4..a73bf0bb 100644 --- a/nixos/hosts/olympus/minio/configuration.nix +++ b/nixos/hosts/olympus/minio/configuration.nix @@ -10,8 +10,6 @@ let in { imports = [ ]; - networking.hostName = "minio"; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/olympus/mosquitto/configuration.nix b/nixos/hosts/olympus/mosquitto/configuration.nix index 1fbe8b32..a30040e8 100644 --- a/nixos/hosts/olympus/mosquitto/configuration.nix +++ b/nixos/hosts/olympus/mosquitto/configuration.nix @@ -8,8 +8,6 @@ in { imports = [ ]; - networking.hostName = "mosquitto"; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index d8c5afea..a9ccc831 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -24,8 +24,6 @@ let ''; in { - networking.hostName = "nginx"; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/olympus/synapse/configuration.nix b/nixos/hosts/olympus/synapse/configuration.nix index 84d2e724..088fd81b 100644 --- a/nixos/hosts/olympus/synapse/configuration.nix +++ b/nixos/hosts/olympus/synapse/configuration.nix @@ -11,8 +11,6 @@ in { imports = [ ]; - networking.hostName = "synapse"; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/olympus/unifi/configuration.nix b/nixos/hosts/olympus/unifi/configuration.nix index c2e6d5db..b7cb490b 100644 --- a/nixos/hosts/olympus/unifi/configuration.nix +++ b/nixos/hosts/olympus/unifi/configuration.nix @@ -7,8 +7,6 @@ { imports = [ ]; - networking.hostName = "unifi"; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/olympus/vault/configuration.nix b/nixos/hosts/olympus/vault/configuration.nix index 95539419..23e416ac 100644 --- a/nixos/hosts/olympus/vault/configuration.nix +++ b/nixos/hosts/olympus/vault/configuration.nix @@ -5,8 +5,6 @@ { config, pkgs, ... }: let port = 8200; in { - networking.hostName = "vault"; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/olympus/victoriametrics/configuration.nix b/nixos/hosts/olympus/victoriametrics/configuration.nix index 2a5372f6..57331a9d 100644 --- a/nixos/hosts/olympus/victoriametrics/configuration.nix +++ b/nixos/hosts/olympus/victoriametrics/configuration.nix @@ -10,8 +10,6 @@ in { imports = [ ]; - networking.hostName = "victoriametrics"; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/olympus/wireguard/configuration.nix b/nixos/hosts/olympus/wireguard/configuration.nix index 27236a24..16ffd625 100644 --- a/nixos/hosts/olympus/wireguard/configuration.nix +++ b/nixos/hosts/olympus/wireguard/configuration.nix @@ -7,8 +7,6 @@ let vs = config.vault-secrets.secrets; in { imports = [ ]; - networking.hostName = "wireguard"; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave -- 2.47.1 From 1e3192f8659c7c98e2b2a491ebb4d0caed1b1019 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 30 Jul 2022 23:17:06 +0200 Subject: [PATCH 0365/1882] make dns multi-location aware --- flake.nix | 5 +++-- nixos/hosts/olympus/dns/configuration.nix | 21 +++++++++++---------- 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/flake.nix b/flake.nix index e9983bc2..a2f0d1f0 100644 --- a/flake.nix +++ b/flake.nix @@ -95,6 +95,7 @@ # This only support bash so just execute zsh in bash as a workaround :/ shellHook = "zsh; exit $?"; buildInputs = with pkgs; [ + colmena.packages.x86_64-linux.colmena fluxcd k9s kubectl @@ -103,8 +104,8 @@ nixfmt nixUnstable vault - (vault-push-approle-envs self) - (vault-push-approle-approles self) + # (vault-push-approle-envs self) + # (vault-push-approle-approles self) ]; }; }; diff --git a/nixos/hosts/olympus/dns/configuration.nix b/nixos/hosts/olympus/dns/configuration.nix index 21b81a5c..7173acc8 100644 --- a/nixos/hosts/olympus/dns/configuration.nix +++ b/nixos/hosts/olympus/dns/configuration.nix @@ -1,15 +1,15 @@ -{ config, pkgs, hosts, ... }: +{ config, pkgs, hosts, flat_hosts, ... }: let - inherit (builtins) filter hasAttr; - localdomain = "olympus"; - # TODO: use location attr in hosts - hosts' = hosts.${localdomain}; + inherit (builtins) filter hasAttr attrNames; + hosts' = flat_hosts; + domains = attrNames hosts; + ipv6Hosts = filter (hasAttr "ip6") hosts'; - localData = { hostname, ip, ... }: ''"${hostname}.${localdomain}. A ${ip}"''; - local6Data = { hostname, ip6, ... }: ''"${hostname}.${localdomain}. AAAA ${ip6}"''; - ptrData = { hostname, ip, ... }: ''"${ip} ${hostname}.${localdomain}"''; - ptr6Data = { hostname, ip6, ... }: ''"${ip6} ${hostname}.${localdomain}"''; + localData = { hostname, location, ip, ... }: ''"${hostname}.${location}. A ${ip}"''; + local6Data = { hostname, location, ip6, ... }: ''"${hostname}.${location}. AAAA ${ip6}"''; + ptrData = { hostname, location, ip, ... }: ''"${ip} ${hostname}.${location}"''; + ptr6Data = { hostname, location, ip6, ... }: ''"${ip6} ${hostname}.${location}"''; in { imports = [ ]; @@ -37,7 +37,7 @@ in { interface-automatic = "yes"; interface = [ "0.0.0.0" "::0" ]; - local-zone = ''"${localdomain}." transparent''; + local-zone = map (localdomain: ''"${localdomain}}." transparent'') domains; local-data = (map localData hosts') ++ (map local6Data ipv6Hosts); local-data-ptr = (map ptrData hosts') ++ (map ptr6Data ipv6Hosts); @@ -46,6 +46,7 @@ in { "::1 allow_snoop" "10.42.0.0/16 allow" "127.0.0.0/8 allow" + "192.168.0.0/23 allow" "192.168.2.0/24 allow" "::1/128 allow" ]; -- 2.47.1 From ecfc36e0174c0c9597e5a7b124956e420db3e7a7 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 30 Jul 2022 23:35:52 +0200 Subject: [PATCH 0366/1882] final changes for tonight --- flake.nix | 7 ++++--- nixos/common/default.nix | 11 +++-------- nixos/common/users/default.nix | 2 +- nixos/hosts/default.nix | 2 +- nixos/hosts/hades/default.nix | 1 + nixos/hosts/olympus/_template/configuration.nix | 2 -- nixos/hosts/olympus/dhcp/configuration.nix | 7 ++++--- 7 files changed, 14 insertions(+), 18 deletions(-) create mode 100644 nixos/hosts/hades/default.nix diff --git a/flake.nix b/flake.nix index a2f0d1f0..90a08b15 100644 --- a/flake.nix +++ b/flake.nix @@ -71,9 +71,10 @@ pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ]; in { - # Make the config and deploy sets + # Make the nixosConfigurations, mostly for vault-secrets nixosConfigurations = lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; + # Make the coleman configuration colmena = lib.foldr (el: acc: acc // mkColmenaHost el) { meta = { @@ -104,8 +105,8 @@ nixfmt nixUnstable vault - # (vault-push-approle-envs self) - # (vault-push-approle-approles self) + (vault-push-approle-envs self) + (vault-push-approle-approles self) ]; }; }; diff --git a/nixos/common/default.nix b/nixos/common/default.nix index bc1478bc..215ad9be 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -1,4 +1,4 @@ -{ config, pkgs, inputs, ... }: +{ config, lib, pkgs, inputs, ... }: { imports = [ @@ -32,11 +32,7 @@ "nixpkgs-review-bot.cachix.org-1:eppgiDjPk7Hkzzz7XlUesk3rcEHqNDozGOrcLc8IqwE=" "colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg=" ]; - }; - gc = { - dates = "weekly"; - automatic = true; - randomizedDelaySec = "45min"; + # Also use zsh for root; }; optimise = { automatic = true; @@ -63,8 +59,7 @@ permitRootLogin = "no"; }; - # TODO: Location dependent - vault-secrets = { + vault-secrets = lib.mkIf (config.networking.domain == "olympus") { vaultPrefix = "secrets/nixos"; vaultAddress = "http://vault.olympus:8200/"; approlePrefix = "olympus-${config.networking.hostName}"; diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index 5cb68dfe..3036bae2 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -54,7 +54,7 @@ # Configure the root account users.extraUsers.root = { # Allow my SSH keys for logging in as root. - openssh.authorizedKeys.keys = config.users.users.victor.openssh.authorizedKeys.keys; + openssh.authorizedKeys.keys = config.users.extraUsers.victor.openssh.authorizedKeys.keys; # Also use zsh for root shell = pkgs.zsh; }; diff --git a/nixos/hosts/default.nix b/nixos/hosts/default.nix index b325b5b3..a09236d0 100644 --- a/nixos/hosts/default.nix +++ b/nixos/hosts/default.nix @@ -1,4 +1,4 @@ { + hades = import ./hades; olympus = import ./olympus; - hades = []; } diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix new file mode 100644 index 00000000..fe51488c --- /dev/null +++ b/nixos/hosts/hades/default.nix @@ -0,0 +1 @@ +[] diff --git a/nixos/hosts/olympus/_template/configuration.nix b/nixos/hosts/olympus/_template/configuration.nix index b33d3f0b..e660f641 100644 --- a/nixos/hosts/olympus/_template/configuration.nix +++ b/nixos/hosts/olympus/_template/configuration.nix @@ -7,8 +7,6 @@ { imports = [ ]; - networking.hostName = "template"; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/olympus/dhcp/configuration.nix b/nixos/hosts/olympus/dhcp/configuration.nix index 9c7db31a..afd5cf9f 100644 --- a/nixos/hosts/olympus/dhcp/configuration.nix +++ b/nixos/hosts/olympus/dhcp/configuration.nix @@ -5,7 +5,8 @@ let hostName = hostname; ipAddress = ip; }; - hosts' = hosts.olympus; + localDomain = config.networking.domain; + hosts' = hosts.${localDomain}; in { imports = [ ]; @@ -41,8 +42,8 @@ in { option broadcast-address 10.42.43.255; option routers 10.42.42.1; option domain-name-servers 10.42.42.15, 10.42.42.16; - option domain-name "olympus"; - option domain-search "olympus"; + option domain-name "${localDomain}"; + option domain-search "${localDomain}"; subnet 10.42.42.0 netmask 255.255.254.0 { range 10.42.43.1 10.42.43.254; } -- 2.47.1 From 2f3a7c081edffa029ba66e7fa4f47863dc67a8b4 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 31 Jul 2022 10:52:05 +0200 Subject: [PATCH 0367/1882] switch to nixos-unstable-small --- flake.lock | 14 +++++++------- flake.nix | 6 +++--- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/flake.lock b/flake.lock index dd5b9e22..252ed4a1 100644 --- a/flake.lock +++ b/flake.lock @@ -203,11 +203,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1659144434, - "narHash": "sha256-FlfgEhzZTG39j+7IoDFFjED8asI3vWcOZSGmz5rpMdk=", + "lastModified": 1659232680, + "narHash": "sha256-arnkjPUVeZsNVNrlg/pWcQzkGZVpG9INcE7Cp6GieOY=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "65702e6e4bd0d368b8a5f4efd8ea84c5ad9a604c", + "rev": "190b7aaf522ca7aa217cac94f59b4357268ebe5b", "type": "github" }, "original": { @@ -254,16 +254,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1659077768, - "narHash": "sha256-P0XIHBVty6WIuIrk2DZNvLcYev9956y1prT4zL212H8=", + "lastModified": 1659242643, + "narHash": "sha256-Xq81/wdhzOBEO0cjMRWfI3XG/E3dlYEvYpXpZhTUTwY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "2a93ea177c3d7700b934bf95adfe00c435f696b8", + "rev": "b2544f1301520be456fc33d296e6c9a5f6126391", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable", + "ref": "nixos-unstable-small", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 90a08b15..789c1899 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; colmena.url = "github:zhaofengli/colmena"; colmena.inputs.nixpkgs.follows = "nixpkgs"; @@ -105,8 +105,8 @@ nixfmt nixUnstable vault - (vault-push-approle-envs self) - (vault-push-approle-approles self) + # (vault-push-approle-envs self) + # (vault-push-approle-approles self) ]; }; }; -- 2.47.1 From 9cf1d45eb845364ea64373f89452989063e14533 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 31 Jul 2022 11:01:36 +0200 Subject: [PATCH 0368/1882] use fqdn for hosts --- flake.nix | 6 +++--- nixos/hosts/olympus/nginx/configuration.nix | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.nix b/flake.nix index 789c1899..a25bcd74 100644 --- a/flake.nix +++ b/flake.nix @@ -46,15 +46,15 @@ ] else [ ./nixos/common/generic-vm.nix ]); - mkConfig = { hostname, ... }@host: { - "${hostname}" = lib.nixosSystem { + mkConfig = { hostname, location, ... }@host: { + "${hostname}.${location}" = lib.nixosSystem { inherit system specialArgs; modules = resolveImports host; }; }; mkColmenaHost = { ip, hostname, tags, location, ... }@host: { - "${hostname}" = { + "${hostname}.${location}" = { imports = resolveImports host; networking = { hostName = hostname; diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index a9ccc831..714cff14 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ config, pkgs, nodes, ... }: let proxy = url: { enableACME = true; -- 2.47.1 From fc28592bdef7fa6c0995715135a925ac78dd61a5 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 31 Jul 2022 16:12:03 +0200 Subject: [PATCH 0369/1882] add agatheme --- nixos/hosts/olympus/gitea/configuration.nix | 36 +++++++++++++++++++-- nixos/pkgs/default.nix | 2 ++ nixos/pkgs/gitea-agatheme/default.nix | 15 +++++++++ 3 files changed, 50 insertions(+), 3 deletions(-) create mode 100644 nixos/pkgs/gitea-agatheme/default.nix diff --git a/nixos/hosts/olympus/gitea/configuration.nix b/nixos/hosts/olympus/gitea/configuration.nix index f0cc409f..10790f5b 100644 --- a/nixos/hosts/olympus/gitea/configuration.nix +++ b/nixos/hosts/olympus/gitea/configuration.nix @@ -28,6 +28,15 @@ maxretry = 3; }; + system.activationScripts.gitea-theme = + let + target_dir = "${config.services.gitea.stateDir}/custom/public/css/"; + in + lib.stringAfter [ "var" ] '' + mkdir -p ${target_dir} + ln -s ${pkgs.v.gitea-agatheme} "${target_dir}/theme-agatheme.css" + ''; + services.gitea = { enable = true; domain = "git.0x76.dev"; @@ -38,11 +47,32 @@ ssh.clonePort = 42; disableRegistration = true; cookieSecure = true; - + settings = { + repository = { + "ENABLE_PUSH_CREATE_USER" = true; + "DEFAULT_PUSH_CREATE_PRIVATE" = false; + }; + service = { + "DEFAULT_KEEP_EMAIL_PRIVATE" = true; + }; + indexer = { + "REPO_INDEXER_ENABLED" = true; + "REPO_INDEXER_PATH" = "indexers/repos.bleve"; + "UPDATE_BUFFER_LEN" = 20; + "MAX_FILE_SIZE" = 1048576; + "REPO_INDEXER_EXCLUDE" = "node_modules/**"; + }; ui = { - DEFAULT_THEME = "arc-green"; - USE_SERVICE_WORKER = true; + "THEMES" = "gitea,arc-green,agatheme"; + "DEFAULT_THEME" = "agatheme"; + "USE_SERVICE_WORKER" = true; + }; + server = { + "LANDING_PAGE" = "explore"; + }; + session = { + "PROVIDER" = "db"; }; }; }; diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index f9333741..c460bc60 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -15,5 +15,7 @@ final: prev: { withDNSCrypt = true; withTFO = true; }; + + gitea-agatheme = prev.callPackage ./gitea-agatheme { }; }; } diff --git a/nixos/pkgs/gitea-agatheme/default.nix b/nixos/pkgs/gitea-agatheme/default.nix new file mode 100644 index 00000000..e3ee02bd --- /dev/null +++ b/nixos/pkgs/gitea-agatheme/default.nix @@ -0,0 +1,15 @@ +{ lib, stdenv, fetchurl }: stdenv.mkDerivation rec { + pname = "gitea-agatheme"; + version = "1.1"; + + src = fetchurl { + url = "https://git.lain.faith/attachments/4c2c2237-1e67-458e-8acd-92a20d382777"; + sha256 = "sha256-uwtg6BAR5J28Ls3naQkJg7xBEfZPXVS5INH+bsVn4Uk="; + }; + + phases = [ "installPhase" ]; + + installPhase = '' + cp $src $out + ''; +} -- 2.47.1 From 355bffe6d635c76b8d4bdd13d8c79763be44c623 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 20 Aug 2022 10:32:30 +0200 Subject: [PATCH 0370/1882] disable k3s until: https://github.com/k3s-io/k3s/pull/5882 is in a release --- flake.lock | 79 +++++++++++++++++------ nixos/hosts/olympus/k3s/configuration.nix | 3 +- 2 files changed, 61 insertions(+), 21 deletions(-) diff --git a/flake.lock b/flake.lock index 252ed4a1..e2b77e64 100644 --- a/flake.lock +++ b/flake.lock @@ -3,6 +3,7 @@ "colmena": { "inputs": { "flake-compat": "flake-compat", + "nix-eval-jobs": "nix-eval-jobs", "nixpkgs": [ "nixpkgs" ], @@ -10,11 +11,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1659157989, - "narHash": "sha256-XHyjblfOAhoHwIDfPxYqAbvYzCO0/XjntULV6Dmavo8=", + "lastModified": 1660720183, + "narHash": "sha256-ijhji1zWZgrdhiMG2GhsGpom/wXSr7tfowj9cKmEmew=", "owner": "zhaofengli", "repo": "colmena", - "rev": "34bb2e46747e69c9a34f94583330ad9a9f5ad20a", + "rev": "797297b609457a1a85e18fb00b609df9d9436916", "type": "github" }, "original": { @@ -105,6 +106,21 @@ } }, "flake-utils": { + "locked": { + "lastModified": 1659877975, + "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { "locked": { "lastModified": 1644229661, "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=", @@ -119,7 +135,7 @@ "type": "github" } }, - "flake-utils_2": { + "flake-utils_3": { "locked": { "lastModified": 1631561581, "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=", @@ -133,7 +149,7 @@ "type": "indirect" } }, - "flake-utils_3": { + "flake-utils_4": { "locked": { "lastModified": 1631561581, "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=", @@ -203,11 +219,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1659232680, - "narHash": "sha256-arnkjPUVeZsNVNrlg/pWcQzkGZVpG9INcE7Cp6GieOY=", + "lastModified": 1660631203, + "narHash": "sha256-F4jZRBJHwynDYoSQ6Dbzgi5sYaoZZ8jKgwle0N3oB4E=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "190b7aaf522ca7aa217cac94f59b4357268ebe5b", + "rev": "0858887b08d32e61e88b4bc75675f6362bc5d771", "type": "github" }, "original": { @@ -234,6 +250,29 @@ "type": "indirect" } }, + "nix-eval-jobs": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": [ + "colmena", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1660713017, + "narHash": "sha256-w6KLNkT/2fI7UvPg3NoKj7gve4CgUHpyWOFq0BUwW7o=", + "owner": "zhaofengli", + "repo": "nix-eval-jobs", + "rev": "b4c078a4870c5b1a5b74420ca1dca41f4d75b7cc", + "type": "github" + }, + "original": { + "owner": "zhaofengli", + "ref": "colmena", + "repo": "nix-eval-jobs", + "type": "github" + } + }, "nix_2": { "inputs": { "lowdown-src": "lowdown-src_2", @@ -254,11 +293,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1659242643, - "narHash": "sha256-Xq81/wdhzOBEO0cjMRWfI3XG/E3dlYEvYpXpZhTUTwY=", + "lastModified": 1660639432, + "narHash": "sha256-2WDiboOCfB0LhvnDVMXOAr8ZLDfm3WdO54CkoDPwN1A=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b2544f1301520be456fc33d296e6c9a5f6126391", + "rev": "6c6409e965a6c883677be7b9d87a95fab6c3472e", "type": "github" }, "original": { @@ -327,7 +366,7 @@ "inputs": { "deploy-rs": "deploy-rs", "flake-compat": "flake-compat_3", - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils_3", "gitignore-nix": "gitignore-nix", "nix": "nix", "nixpkgs": [ @@ -350,11 +389,11 @@ }, "stable": { "locked": { - "lastModified": 1656433693, - "narHash": "sha256-m29hSYsu2U+tnBo5v1/2RGo3lYY6KKb52MHV/89NeCs=", + "lastModified": 1660496378, + "narHash": "sha256-sgAhmrC1iSnl5T2VPPiMpciH1aRw5c7PYEdXX6jd6Gk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "babb041b7167008af3faca4c78f9dd8c6e83ef3a", + "rev": "879121648fe522b38cc1cf75aef160a14a1f2e7b", "type": "github" }, "original": { @@ -366,11 +405,11 @@ }, "utils": { "locked": { - "lastModified": 1653893745, - "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=", + "lastModified": 1659877975, + "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", "owner": "numtide", "repo": "flake-utils", - "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1", + "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", "type": "github" }, "original": { @@ -381,7 +420,7 @@ }, "utils_2": { "inputs": { - "flake-utils": "flake-utils" + "flake-utils": "flake-utils_2" }, "locked": { "lastModified": 1657226504, @@ -415,7 +454,7 @@ "vault-secrets": { "inputs": { "flake-compat": "flake-compat_4", - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils_4", "nix": "nix_2", "nixpkgs": [ "nixpkgs" diff --git a/nixos/hosts/olympus/k3s/configuration.nix b/nixos/hosts/olympus/k3s/configuration.nix index a6d715ae..cb51352b 100644 --- a/nixos/hosts/olympus/k3s/configuration.nix +++ b/nixos/hosts/olympus/k3s/configuration.nix @@ -33,10 +33,11 @@ # Ensure `mount` and `grep` are available systemd.services.k3s.path = [ pkgs.gnugrep pkgs.utillinux ]; + systemd.services.k3s.serviceConfig.TimeoutStartSec = 3000; # Enable k3s as a master node services.k3s = { - enable = true; + enable = false; role = "server"; extraFlags = builtins.toString [ -- 2.47.1 From d8881225932e11a92d6f7d289407b424ac049d49 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 20 Aug 2022 10:32:59 +0200 Subject: [PATCH 0371/1882] gitea & bookwyrm --- nixos/hosts/olympus/gitea/configuration.nix | 6 +++--- nixos/hosts/olympus/nginx/configuration.nix | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/nixos/hosts/olympus/gitea/configuration.nix b/nixos/hosts/olympus/gitea/configuration.nix index 10790f5b..7105f71b 100644 --- a/nixos/hosts/olympus/gitea/configuration.nix +++ b/nixos/hosts/olympus/gitea/configuration.nix @@ -34,7 +34,7 @@ in lib.stringAfter [ "var" ] '' mkdir -p ${target_dir} - ln -s ${pkgs.v.gitea-agatheme} "${target_dir}/theme-agatheme.css" + ln -sf ${pkgs.v.gitea-agatheme} "${target_dir}/theme-agatheme.css" ''; services.gitea = { @@ -45,8 +45,6 @@ dump.type = "tar.gz"; database.type = "postgres"; ssh.clonePort = 42; - disableRegistration = true; - cookieSecure = true; settings = { repository = { @@ -55,6 +53,7 @@ }; service = { "DEFAULT_KEEP_EMAIL_PRIVATE" = true; + "DISABLE_REGISTRATION" = true; }; indexer = { "REPO_INDEXER_ENABLED" = true; @@ -73,6 +72,7 @@ }; session = { "PROVIDER" = "db"; + "COOKIE_SECURE" = true; }; }; }; diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 714cff14..924be44f 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -93,6 +93,7 @@ in forceSSL = true; root = pkgs.synapse-admin; }; + virtualHosts."books.meowy.tech" = proxy "http://bookwyrm:8001"; # Kubernetes endpoints virtualHosts."0x76.dev" = k8s_proxy; -- 2.47.1 From 5772a41a683de9d548c4f51d2b7da74ba67eb503 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 20 Aug 2022 12:34:41 +0300 Subject: [PATCH 0372/1882] add lappy --- nixos/hosts/other/null/configuration.nix | 130 ++++++++++++++++++ .../other/null/hardware-configuration.nix | 38 +++++ 2 files changed, 168 insertions(+) create mode 100644 nixos/hosts/other/null/configuration.nix create mode 100644 nixos/hosts/other/null/hardware-configuration.nix diff --git a/nixos/hosts/other/null/configuration.nix b/nixos/hosts/other/null/configuration.nix new file mode 100644 index 00000000..c7e88339 --- /dev/null +++ b/nixos/hosts/other/null/configuration.nix @@ -0,0 +1,130 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + + # Bootloader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.loader.efi.efiSysMountPoint = "/boot/efi"; + + networking.hostName = "nixos"; # Define your hostname. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Enable networking + networking.networkmanager.enable = true; + + # Set your time zone. + time.timeZone = "Europe/Amsterdam"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_GB.utf8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_DK.utf8"; + LC_IDENTIFICATION = "en_DK.utf8"; + LC_MEASUREMENT = "en_DK.utf8"; + LC_MONETARY = "en_DK.utf8"; + LC_NAME = "en_DK.utf8"; + LC_NUMERIC = "en_DK.utf8"; + LC_PAPER = "en_DK.utf8"; + LC_TELEPHONE = "en_DK.utf8"; + LC_TIME = "en_DK.utf8"; + }; + + # Enable the X11 windowing system. + services.xserver.enable = true; + + # Enable the GNOME Desktop Environment. + services.xserver.displayManager.gdm.enable = true; + services.xserver.desktopManager.gnome.enable = true; + + # Configure keymap in X11 + services.xserver = { + layout = "us"; + xkbVariant = "altgr-intl"; + }; + + # Enable CUPS to print documents. + services.printing.enable = true; + + # Enable sound with pipewire. + sound.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.v = { + isNormalUser = true; + description = "v"; + extraGroups = [ "networkmanager" "wheel" ]; + packages = with pkgs; [ + firefox + # thunderbird + ]; + }; + + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + # services.openssh.enable = true; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.05"; # Did you read the comment? + +} diff --git a/nixos/hosts/other/null/hardware-configuration.nix b/nixos/hosts/other/null/hardware-configuration.nix new file mode 100644 index 00000000..2b682312 --- /dev/null +++ b/nixos/hosts/other/null/hardware-configuration.nix @@ -0,0 +1,38 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c"; + fsType = "btrfs"; + options = [ "subvol=@" ]; + }; + + fileSystems."/boot/efi" = + { device = "/dev/disk/by-uuid/445C-AF67"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; + + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} -- 2.47.1 From ed884c79853763076bc99c7a30ba9261e299f7e6 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 20 Aug 2022 11:38:55 +0200 Subject: [PATCH 0373/1882] add lappy to colmena --- flake.nix | 15 +++++++++++++++ nixos/hosts/other/null/configuration.nix | 8 -------- 2 files changed, 15 insertions(+), 8 deletions(-) diff --git a/flake.nix b/flake.nix index a25bcd74..d8244d34 100644 --- a/flake.nix +++ b/flake.nix @@ -77,6 +77,21 @@ # Make the coleman configuration colmena = lib.foldr (el: acc: acc // mkColmenaHost el) { + + null = { ... }: { + networking.hostName = "null"; + + imports = [ + ./nixos/common + ./nixos/hosts/other/null/configuration.nix + ]; + + deployment = { + allowLocalDeployment = true; + targetHost = null; + }; + }; + meta = { nixpkgs = import nixpkgs { inherit system; diff --git a/nixos/hosts/other/null/configuration.nix b/nixos/hosts/other/null/configuration.nix index c7e88339..88bd8b7e 100644 --- a/nixos/hosts/other/null/configuration.nix +++ b/nixos/hosts/other/null/configuration.nix @@ -15,13 +15,6 @@ boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.efiSysMountPoint = "/boot/efi"; - networking.hostName = "nixos"; # Define your hostname. - # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. - - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - # Enable networking networking.networkmanager.enable = true; @@ -86,7 +79,6 @@ extraGroups = [ "networkmanager" "wheel" ]; packages = with pkgs; [ firefox - # thunderbird ]; }; -- 2.47.1 From 1411cbb4a48afa8c79a86691408e15aa04e0c4e4 Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 20 Aug 2022 11:51:40 +0200 Subject: [PATCH 0374/1882] set ssh key --- nixos/common/users/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index 3036bae2..eb13a7d4 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -41,7 +41,7 @@ # My SSH keys. openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOFuxekX5WzX4GjbshtjaGyQcvMUgClugnK6T+OYIxw9 victor@null" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKME+A5zu36tMIsY+PBoboizgAzt6xReUNrKRBkxvl3i victor@null" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8llUcEBHsLqotFZc++LNP2fjItuuzeUsu5ObXecYNj victor@eevee" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBhJAp7NWlHgwDYd2z6VNROy5RkeZHRINFLsFvwT4b3 victor@bastion" "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIM3TqXaApX2JZsgfZd7PKVFMecDgqTHKibpSzgdXNpYAAAAABHNzaDo= solov2-le" -- 2.47.1 From ddaf32e68a4123391537966b38822504580554dc Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 20 Aug 2022 12:16:29 +0200 Subject: [PATCH 0375/1882] more laptop config --- nixos/common/default.nix | 2 +- nixos/common/users/default.nix | 2 +- nixos/hosts/other/null/configuration.nix | 78 ++++++++----------- .../other/null/hardware-configuration.nix | 2 +- 4 files changed, 37 insertions(+), 47 deletions(-) diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 215ad9be..ea519eff 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -12,7 +12,7 @@ boot.cleanTmpDir = true; # Set your time zone. - time.timeZone = "Europe/Amsterdam"; + time.timeZone = lib.mkDefault "Europe/Amsterdam"; # Nix Settings nix = { diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index eb13a7d4..20a19bde 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -48,7 +48,7 @@ ]; # Make me admin - extraGroups = [ "systemd-journal" "wheel" ]; + extraGroups = [ "systemd-journal" "wheel" "networkmanager" ]; }; # Configure the root account diff --git a/nixos/hosts/other/null/configuration.nix b/nixos/hosts/other/null/configuration.nix index 88bd8b7e..69726625 100644 --- a/nixos/hosts/other/null/configuration.nix +++ b/nixos/hosts/other/null/configuration.nix @@ -3,10 +3,19 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: - +let + nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" '' + export __NV_PRIME_RENDER_OFFLOAD=1 + export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 + export __GLX_VENDOR_LIBRARY_NAME=nvidia + export __VK_LAYER_NV_optimus=NVIDIA_only + exec "$@" + ''; +in { imports = - [ # Include the results of the hardware scan. + [ + # Include the results of the hardware scan. ./hardware-configuration.nix ]; @@ -18,9 +27,6 @@ # Enable networking networking.networkmanager.enable = true; - # Set your time zone. - time.timeZone = "Europe/Amsterdam"; - # Select internationalisation properties. i18n.defaultLocale = "en_GB.utf8"; @@ -47,6 +53,26 @@ services.xserver = { layout = "us"; xkbVariant = "altgr-intl"; + xkbOptions = "caps:swapescape"; + + + videoDrivers = [ "nvidia" ]; + }; + + # modesetting + # hardware.nvidia.modesetting.enable = true; + hardware.nvidia.prime = { + offload.enable = true; + intelBusId = "PCI:0:2:0"; + nvidiaBusId = "PCI:1:0:0"; + }; + + specialisation = { + external-display.configuration = { + system.nixos.tags = [ "external-display" ]; + hardware.nvidia.prime.offload.enable = lib.mkForce false; + hardware.nvidia.powerManagement.enable = lib.mkForce false; + }; }; # Enable CUPS to print documents. @@ -69,48 +95,12 @@ #media-session.enable = true; }; - # Enable touchpad support (enabled default in most desktopManager). - # services.xserver.libinput.enable = true; - - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.v = { - isNormalUser = true; - description = "v"; - extraGroups = [ "networkmanager" "wheel" ]; - packages = with pkgs; [ - firefox - ]; - }; - - # Allow unfree packages - nixpkgs.config.allowUnfree = true; - - # List packages installed in system profile. To search, run: - # $ nix search wget environment.systemPackages = with pkgs; [ - vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget + pciutils + nvidia-offload + vim ]; - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; - - # List services that you want to enable: - - # Enable the OpenSSH daemon. - # services.openssh.enable = true; - - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/other/null/hardware-configuration.nix b/nixos/hosts/other/null/hardware-configuration.nix index 2b682312..8b01aa8b 100644 --- a/nixos/hosts/other/null/hardware-configuration.nix +++ b/nixos/hosts/other/null/hardware-configuration.nix @@ -31,7 +31,7 @@ # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; + networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -- 2.47.1 From b028ddcdc5e84e43dd452f216c481b08bccb5ae5 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 20 Aug 2022 12:55:59 +0200 Subject: [PATCH 0376/1882] add hm --- flake.lock | 43 +++++++++++++++++-- flake.nix | 8 +++- nixos/hosts/other/null/configuration.nix | 27 ++++++------ .../other/null/hardware-configuration.nix | 2 +- nixos/hosts/other/null/home.nix | 11 +++++ 5 files changed, 74 insertions(+), 17 deletions(-) create mode 100644 nixos/hosts/other/null/home.nix diff --git a/flake.lock b/flake.lock index e2b77e64..8bbfed5a 100644 --- a/flake.lock +++ b/flake.lock @@ -28,7 +28,7 @@ "inputs": { "flake-compat": "flake-compat_2", "nixpkgs": "nixpkgs_2", - "utils": "utils_3" + "utils": "utils_4" }, "locked": { "lastModified": 1648475189, @@ -179,6 +179,27 @@ "type": "github" } }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "utils": "utils_2" + }, + "locked": { + "lastModified": 1660574517, + "narHash": "sha256-Lp5D2pAPrM3iAc1eeR0iGwz5rM+SYOWzVxI3p17nlrU=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "688e5c85b7537f308b82167c8eb4ecfb70a49861", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, "lowdown-src": { "flake": false, "locked": { @@ -216,7 +237,7 @@ "nixpkgs": [ "nixpkgs" ], - "utils": "utils_2" + "utils": "utils_3" }, "locked": { "lastModified": 1660631203, @@ -356,6 +377,7 @@ "root": { "inputs": { "colmena": "colmena", + "home-manager": "home-manager", "minecraft-servers": "minecraft-servers", "nixpkgs": "nixpkgs", "serokell-nix": "serokell-nix", @@ -419,6 +441,21 @@ } }, "utils_2": { + "locked": { + "lastModified": 1653893745, + "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "utils_3": { "inputs": { "flake-utils": "flake-utils_2" }, @@ -436,7 +473,7 @@ "type": "github" } }, - "utils_3": { + "utils_4": { "locked": { "lastModified": 1648297722, "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=", diff --git a/flake.nix b/flake.nix index d8244d34..02d18faa 100644 --- a/flake.nix +++ b/flake.nix @@ -19,10 +19,15 @@ minecraft-servers.url = "github:jyooru/nix-minecraft-servers"; minecraft-servers.inputs.nixpkgs.follows = "nixpkgs"; + + home-manager = { + url = "github:nix-community/home-manager"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; outputs = - { self, nixpkgs, vault-secrets, serokell-nix, minecraft-servers, colmena, ... }@inputs: + { self, nixpkgs, vault-secrets, serokell-nix, minecraft-servers, colmena, home-manager, ... }@inputs: let inherit (nixpkgs) lib; inherit (builtins) filter mapAttrs attrValues concatLists; @@ -84,6 +89,7 @@ imports = [ ./nixos/common ./nixos/hosts/other/null/configuration.nix + home-manager.nixosModules.home-manager ]; deployment = { diff --git a/nixos/hosts/other/null/configuration.nix b/nixos/hosts/other/null/configuration.nix index 69726625..a1d3e4c4 100644 --- a/nixos/hosts/other/null/configuration.nix +++ b/nixos/hosts/other/null/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: +{ config, pkgs, lib, ... }: let nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" '' export __NV_PRIME_RENDER_OFFLOAD=1 @@ -19,6 +19,12 @@ in ./hardware-configuration.nix ]; + # home-manager + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.victor = import ./home.nix; + + # Bootloader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -26,6 +32,9 @@ in # Enable networking networking.networkmanager.enable = true; + networking.interfaces.wlp0s20f3.useDHCP = true; + + fileSystems."/".options = [ "compress=zstd" ]; # Select internationalisation properties. i18n.defaultLocale = "en_GB.utf8"; @@ -49,17 +58,13 @@ in services.xserver.displayManager.gdm.enable = true; services.xserver.desktopManager.gnome.enable = true; - # Configure keymap in X11 services.xserver = { layout = "us"; xkbVariant = "altgr-intl"; xkbOptions = "caps:swapescape"; - - videoDrivers = [ "nvidia" ]; }; - # modesetting # hardware.nvidia.modesetting.enable = true; hardware.nvidia.prime = { offload.enable = true; @@ -67,13 +72,9 @@ in nvidiaBusId = "PCI:1:0:0"; }; - specialisation = { - external-display.configuration = { - system.nixos.tags = [ "external-display" ]; - hardware.nvidia.prime.offload.enable = lib.mkForce false; - hardware.nvidia.powerManagement.enable = lib.mkForce false; - }; - }; + hardware.opengl.extraPackages = with pkgs; [ + vaapiVdpau + ]; # Enable CUPS to print documents. services.printing.enable = true; @@ -101,6 +102,8 @@ in vim ]; + services.fstrim.enable = true; + # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/other/null/hardware-configuration.nix b/nixos/hosts/other/null/hardware-configuration.nix index 8b01aa8b..2b682312 100644 --- a/nixos/hosts/other/null/hardware-configuration.nix +++ b/nixos/hosts/other/null/hardware-configuration.nix @@ -31,7 +31,7 @@ # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; - networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; diff --git a/nixos/hosts/other/null/home.nix b/nixos/hosts/other/null/home.nix new file mode 100644 index 00000000..c5c71d1f --- /dev/null +++ b/nixos/hosts/other/null/home.nix @@ -0,0 +1,11 @@ +{ config, pkgs, ... }: { + home.username = "victor"; + home.homeDirectory = "/home/victor"; + home.stateVersion = "22.05"; + + programs.home-manager.enable = true; + programs.firefox = { + enable = true; + package = pkgs.firefox-devedition-bin; + }; +} -- 2.47.1 From 1d9d7b2ef4838313499989b3537cb0f23bb44a21 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 20 Aug 2022 13:12:42 +0200 Subject: [PATCH 0377/1882] more config --- nixos/hosts/other/null/configuration.nix | 1 + nixos/hosts/other/null/home.nix | 9 +++++++++ 2 files changed, 10 insertions(+) diff --git a/nixos/hosts/other/null/configuration.nix b/nixos/hosts/other/null/configuration.nix index a1d3e4c4..cefe5244 100644 --- a/nixos/hosts/other/null/configuration.nix +++ b/nixos/hosts/other/null/configuration.nix @@ -97,6 +97,7 @@ in }; environment.systemPackages = with pkgs; [ + gnome.gnome-tweaks pciutils nvidia-offload vim diff --git a/nixos/hosts/other/null/home.nix b/nixos/hosts/other/null/home.nix index c5c71d1f..0d3f71f8 100644 --- a/nixos/hosts/other/null/home.nix +++ b/nixos/hosts/other/null/home.nix @@ -3,9 +3,18 @@ home.homeDirectory = "/home/victor"; home.stateVersion = "22.05"; + home.packages = with pkgs; [ + arc-theme + discord + ]; + programs.home-manager.enable = true; programs.firefox = { enable = true; package = pkgs.firefox-devedition-bin; }; + programs.vscode = { + enable = true; + package = pkgs.vscode.fhs; + }; } -- 2.47.1 From 6d93ee13fe86bc1b4f0c45d0e179675eb502bdd3 Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 20 Aug 2022 13:31:09 +0200 Subject: [PATCH 0378/1882] even more lappy config --- nixos/hosts/other/null/home.nix | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/nixos/hosts/other/null/home.nix b/nixos/hosts/other/null/home.nix index 0d3f71f8..5d5f49fa 100644 --- a/nixos/hosts/other/null/home.nix +++ b/nixos/hosts/other/null/home.nix @@ -4,8 +4,8 @@ home.stateVersion = "22.05"; home.packages = with pkgs; [ - arc-theme discord + rnix-lsp ]; programs.home-manager.enable = true; @@ -15,6 +15,16 @@ }; programs.vscode = { enable = true; - package = pkgs.vscode.fhs; + package = pkgs.vscode.fhs; }; + + gtk = { + enable = true; + theme = { + name = "Arc-Darker"; + package = pkgs.arc-theme; + }; + }; + + services.syncthing.enable = true; } -- 2.47.1 From 25074a7a85c124fdbf5ef2e32bbb3897e3bd34ec Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 20 Aug 2022 13:54:45 +0200 Subject: [PATCH 0379/1882] updates --- nixos/hosts/olympus/default.nix | 1 + nixos/hosts/olympus/gitea/configuration.nix | 2 +- nixos/hosts/other/null/configuration.nix | 6 ++++++ nixos/pkgs/default.nix | 2 ++ 4 files changed, 10 insertions(+), 1 deletion(-) diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 95bac891..980504ae 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -98,6 +98,7 @@ hostname = "minecraft"; ip = "10.42.42.21"; mac = "EA:30:73:E4:B6:69"; + nix = false; } { hostname = "gitea"; diff --git a/nixos/hosts/olympus/gitea/configuration.nix b/nixos/hosts/olympus/gitea/configuration.nix index 7105f71b..dd867c52 100644 --- a/nixos/hosts/olympus/gitea/configuration.nix +++ b/nixos/hosts/olympus/gitea/configuration.nix @@ -44,7 +44,6 @@ lfs.enable = true; dump.type = "tar.gz"; database.type = "postgres"; - ssh.clonePort = 42; settings = { repository = { @@ -69,6 +68,7 @@ }; server = { "LANDING_PAGE" = "explore"; + "SSH_PORT" = 42; }; session = { "PROVIDER" = "db"; diff --git a/nixos/hosts/other/null/configuration.nix b/nixos/hosts/other/null/configuration.nix index cefe5244..815c0a46 100644 --- a/nixos/hosts/other/null/configuration.nix +++ b/nixos/hosts/other/null/configuration.nix @@ -103,6 +103,12 @@ in vim ]; + programs.steam = { + enable = true; + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = true; + }; + services.fstrim.enable = true; # This value determines the NixOS release from which the default diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index c460bc60..211f868b 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -6,6 +6,8 @@ final: prev: { ''; }); + discord = prev.discord.override { withOpenASAR = true; }; + vmagent = prev.callPackage ./vmagent { }; v = { -- 2.47.1 From 067c14f36f4152021dedfa1bee07120f7322ecb2 Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 20 Aug 2022 15:49:40 +0200 Subject: [PATCH 0380/1882] things --- flake.lock | 18 ++++++++--------- .../hosts/olympus/wireguard/configuration.nix | 5 +++++ nixos/hosts/other/null/configuration.nix | 20 +++++++++++++++++++ nixos/hosts/other/null/home.nix | 1 + 4 files changed, 35 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 8bbfed5a..179407dc 100644 --- a/flake.lock +++ b/flake.lock @@ -11,11 +11,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1660720183, - "narHash": "sha256-ijhji1zWZgrdhiMG2GhsGpom/wXSr7tfowj9cKmEmew=", + "lastModified": 1660758990, + "narHash": "sha256-1vmRcG7JAR3KMVpn2z5LQYoAQlY6cWUYSIP77gfpHbo=", "owner": "zhaofengli", "repo": "colmena", - "rev": "797297b609457a1a85e18fb00b609df9d9436916", + "rev": "3fbc5eeb11e6b9abf66e38ab32d85a2edf9f76e1", "type": "github" }, "original": { @@ -240,11 +240,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1660631203, - "narHash": "sha256-F4jZRBJHwynDYoSQ6Dbzgi5sYaoZZ8jKgwle0N3oB4E=", + "lastModified": 1660873686, + "narHash": "sha256-yVGakhnCi9NmTrErFDw29aeqIIRGdza4ql/0KJdWpeA=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "0858887b08d32e61e88b4bc75675f6362bc5d771", + "rev": "241c330c28241fc1a9c7ee22708ed0b2dde1ae80", "type": "github" }, "original": { @@ -314,11 +314,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1660639432, - "narHash": "sha256-2WDiboOCfB0LhvnDVMXOAr8ZLDfm3WdO54CkoDPwN1A=", + "lastModified": 1660941658, + "narHash": "sha256-yY6hu6IT+OwFrozJSUTkEpR7MoENdLOl/p4YDTluczg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6c6409e965a6c883677be7b9d87a95fab6c3472e", + "rev": "6039648c50c7c0858b5e506c6298773a98e0f066", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/wireguard/configuration.nix b/nixos/hosts/olympus/wireguard/configuration.nix index 16ffd625..36b4175e 100644 --- a/nixos/hosts/olympus/wireguard/configuration.nix +++ b/nixos/hosts/olympus/wireguard/configuration.nix @@ -55,6 +55,11 @@ let vs = config.vault-secrets.secrets; in publicKey = "ZWIaDGrASlTkEK75j10VeGCvrIGfpk4GPobmqcYX2D0="; allowedIPs = [ "10.100.0.3/32" ]; } + { + # Laptop + publicKey = "L8myt2bcdja7M+i+9eatdQRW8relPUoZZ9lEKSLe+m8="; + allowedIPs = [ "10.100.0.4/32" ]; + } ]; }; } diff --git a/nixos/hosts/other/null/configuration.nix b/nixos/hosts/other/null/configuration.nix index 815c0a46..558ade71 100644 --- a/nixos/hosts/other/null/configuration.nix +++ b/nixos/hosts/other/null/configuration.nix @@ -57,6 +57,7 @@ in # Enable the GNOME Desktop Environment. services.xserver.displayManager.gdm.enable = true; services.xserver.desktopManager.gnome.enable = true; + services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; services.xserver = { layout = "us"; @@ -101,6 +102,10 @@ in pciutils nvidia-offload vim + wireguard-tools + + gnomeExtensions.appindicator + gnomeExtensions.wireguard-indicator ]; programs.steam = { @@ -111,6 +116,21 @@ in services.fstrim.enable = true; + # Allow reverse path for wireguard + networking.firewall = { + # if packets are still dropped, they will show up in dmesg + logReversePathDrops = true; + # wireguard trips rpfilter up + extraCommands = '' + ip46tables -t raw -I nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN + ip46tables -t raw -I nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN + ''; + extraStopCommands = '' + ip46tables -t raw -D nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN || true + ip46tables -t raw -D nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN || true + ''; + }; + # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/other/null/home.nix b/nixos/hosts/other/null/home.nix index 5d5f49fa..14cdec72 100644 --- a/nixos/hosts/other/null/home.nix +++ b/nixos/hosts/other/null/home.nix @@ -6,6 +6,7 @@ home.packages = with pkgs; [ discord rnix-lsp + fusee-launcher ]; programs.home-manager.enable = true; -- 2.47.1 From 6bff4474674122342975396e3e28116be43da745 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 20 Aug 2022 19:29:57 +0200 Subject: [PATCH 0381/1882] rename other to thalassa --- flake.nix | 3 +-- nixos/hosts/thalassa/default.nix | 7 +++++++ nixos/hosts/{other => thalassa}/null/configuration.nix | 0 .../{other => thalassa}/null/hardware-configuration.nix | 0 nixos/hosts/{other => thalassa}/null/home.nix | 0 5 files changed, 8 insertions(+), 2 deletions(-) create mode 100644 nixos/hosts/thalassa/default.nix rename nixos/hosts/{other => thalassa}/null/configuration.nix (100%) rename nixos/hosts/{other => thalassa}/null/hardware-configuration.nix (100%) rename nixos/hosts/{other => thalassa}/null/home.nix (100%) diff --git a/flake.nix b/flake.nix index 02d18faa..bab9c2e5 100644 --- a/flake.nix +++ b/flake.nix @@ -82,13 +82,12 @@ # Make the coleman configuration colmena = lib.foldr (el: acc: acc // mkColmenaHost el) { - null = { ... }: { networking.hostName = "null"; imports = [ ./nixos/common - ./nixos/hosts/other/null/configuration.nix + ./nixos/hosts/thalassa/null/configuration.nix home-manager.nixosModules.home-manager ]; diff --git a/nixos/hosts/thalassa/default.nix b/nixos/hosts/thalassa/default.nix new file mode 100644 index 00000000..1c0f6778 --- /dev/null +++ b/nixos/hosts/thalassa/default.nix @@ -0,0 +1,7 @@ +[ + { + hostname = "null"; + mac = ""; + type = "local"; + } +] diff --git a/nixos/hosts/other/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix similarity index 100% rename from nixos/hosts/other/null/configuration.nix rename to nixos/hosts/thalassa/null/configuration.nix diff --git a/nixos/hosts/other/null/hardware-configuration.nix b/nixos/hosts/thalassa/null/hardware-configuration.nix similarity index 100% rename from nixos/hosts/other/null/hardware-configuration.nix rename to nixos/hosts/thalassa/null/hardware-configuration.nix diff --git a/nixos/hosts/other/null/home.nix b/nixos/hosts/thalassa/null/home.nix similarity index 100% rename from nixos/hosts/other/null/home.nix rename to nixos/hosts/thalassa/null/home.nix -- 2.47.1 From bc118b064bbf3c566523d4c32a99e0f7c2a93e2c Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 21 Aug 2022 10:22:41 +0200 Subject: [PATCH 0382/1882] some more laptop config --- flake.lock | 6 +++--- nixos/hosts/thalassa/null/configuration.nix | 4 +++- nixos/hosts/thalassa/null/home.nix | 8 ++++++++ 3 files changed, 14 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index 179407dc..7c017bb9 100644 --- a/flake.lock +++ b/flake.lock @@ -314,11 +314,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1660941658, - "narHash": "sha256-yY6hu6IT+OwFrozJSUTkEpR7MoENdLOl/p4YDTluczg=", + "lastModified": 1660984654, + "narHash": "sha256-fDcsh8rm2o8cj+WFL8Y2cAqnsej0UGJa+Sy8U2nFg0Q=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6039648c50c7c0858b5e506c6298773a98e0f066", + "rev": "392c83491dcc21d17ab8ea1f809f8f7bd567a5a3", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 558ade71..131d0eec 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -24,11 +24,11 @@ in home-manager.useUserPackages = true; home-manager.users.victor = import ./home.nix; - # Bootloader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.efiSysMountPoint = "/boot/efi"; + boot.kernelPackages = pkgs.linuxPackages_latest; # Enable networking networking.networkmanager.enable = true; @@ -77,6 +77,8 @@ in vaapiVdpau ]; + virtualisation.podman.enable = true; + # Enable CUPS to print documents. services.printing.enable = true; diff --git a/nixos/hosts/thalassa/null/home.nix b/nixos/hosts/thalassa/null/home.nix index 14cdec72..5fbf5f3f 100644 --- a/nixos/hosts/thalassa/null/home.nix +++ b/nixos/hosts/thalassa/null/home.nix @@ -7,6 +7,14 @@ discord rnix-lsp fusee-launcher + neofetch + fluxcd + k9s + kubectl + nixpkgs-review + ripgrep + rsync + tmux ]; programs.home-manager.enable = true; -- 2.47.1 From 1bbb1d5d90946a2338109c06395a1320db5a932b Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 21 Aug 2022 11:42:17 +0200 Subject: [PATCH 0383/1882] refactor flake --- flake.nix | 68 ++++------------------ nixos/hosts/default.nix | 1 + nixos/hosts/olympus/default.nix | 4 +- nixos/hosts/olympus/dhcp/configuration.nix | 2 +- nixos/hosts/olympus/dns/configuration.nix | 17 +++--- nixos/hosts/thalassa/default.nix | 1 - util.nix | 51 ++++++++++++++++ 7 files changed, 75 insertions(+), 69 deletions(-) create mode 100644 util.nix diff --git a/flake.nix b/flake.nix index bab9c2e5..6a48d7df 100644 --- a/flake.nix +++ b/flake.nix @@ -31,73 +31,30 @@ let inherit (nixpkgs) lib; inherit (builtins) filter mapAttrs attrValues concatLists; + + util = import ./util.nix inputs; + system = "x86_64-linux"; - # import and add location qualifier to all hosts - hosts = mapAttrs (location: lhosts: map ({ tags ? [ ], ... }@x: x // { tags = [ location ] ++ tags; inherit location; }) lhosts) (import ./nixos/hosts); + # import and add realm to list of tags + hosts = mapAttrs util.add_realm_to_tags (import ./nixos/hosts); # flatten hosts to single list - flat_hosts = concatLists (attrValues hosts); - # Filter all nixos host definitions that are actual nix machines - nixHosts = filter ({ nix ? true, ... }: nix) flat_hosts; + flat_hosts = util.flatten_hosts hosts; + # Filter out all non-nixos hosts + nixHosts = util.filter_nix_hosts flat_hosts; + # Define args each module gets access to (access to hosts is useful for DNS/DHCP) specialArgs = { inherit hosts flat_hosts inputs; }; - - # Resolve imports based on a foldername (nixname) and if the host is an LXC container or a VM. - resolveImports = { hostname, location, profile ? hostname, lxc ? true, ... }: [ - ./nixos/common - "${./.}/nixos/hosts/${location}/${profile}/configuration.nix" - ] ++ (if lxc then [ - "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" - ./nixos/common/generic-lxc.nix - ] - else [ ./nixos/common/generic-vm.nix ]); - - mkConfig = { hostname, location, ... }@host: { - "${hostname}.${location}" = lib.nixosSystem { - inherit system specialArgs; - modules = resolveImports host; - }; - }; - - mkColmenaHost = { ip, hostname, tags, location, ... }@host: { - "${hostname}.${location}" = { - imports = resolveImports host; - networking = { - hostName = hostname; - domain = location; - }; - deployment = { - inherit tags; - targetHost = ip; - targetUser = null; # Defaults to $USER - }; - }; - }; - pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ]; in { # Make the nixosConfigurations, mostly for vault-secrets - nixosConfigurations = lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; + nixosConfigurations = util.mkNixosConfigurations specialArgs hosts; # Make the coleman configuration - colmena = lib.foldr (el: acc: acc // mkColmenaHost el) + colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el) { - null = { ... }: { - networking.hostName = "null"; - - imports = [ - ./nixos/common - ./nixos/hosts/thalassa/null/configuration.nix - home-manager.nixosModules.home-manager - ]; - - deployment = { - allowLocalDeployment = true; - targetHost = null; - }; - }; - meta = { + inherit specialArgs; nixpkgs = import nixpkgs { inherit system; overlays = [ @@ -105,7 +62,6 @@ minecraft-servers.overlays.default ]; }; - inherit specialArgs; }; } nixHosts; diff --git a/nixos/hosts/default.nix b/nixos/hosts/default.nix index a09236d0..7859c057 100644 --- a/nixos/hosts/default.nix +++ b/nixos/hosts/default.nix @@ -1,4 +1,5 @@ { hades = import ./hades; olympus = import ./olympus; + thalassa = import ./thalassa; } diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 980504ae..ceb5978d 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -22,7 +22,7 @@ ip = "10.42.42.4"; ip6 = "2001:41f0:9639:1:80f0:7cff:fecb:bd6d"; mac = "82:F0:7C:CB:BD:6D"; - lxc = false; + type = "vm"; } { hostname = "vault"; @@ -53,7 +53,7 @@ profile = "k3s"; ip = "10.42.42.10"; mac = "2E:F8:55:23:D9:9B"; - lxc = false; + type = "vm"; } { hostname = "WoolooTV"; diff --git a/nixos/hosts/olympus/dhcp/configuration.nix b/nixos/hosts/olympus/dhcp/configuration.nix index afd5cf9f..43f735e8 100644 --- a/nixos/hosts/olympus/dhcp/configuration.nix +++ b/nixos/hosts/olympus/dhcp/configuration.nix @@ -6,7 +6,7 @@ let ipAddress = ip; }; localDomain = config.networking.domain; - hosts' = hosts.${localDomain}; + hosts' = builtins.filter (builtins.hasAttr "ip") hosts.${localDomain}; in { imports = [ ]; diff --git a/nixos/hosts/olympus/dns/configuration.nix b/nixos/hosts/olympus/dns/configuration.nix index 7173acc8..c794d89b 100644 --- a/nixos/hosts/olympus/dns/configuration.nix +++ b/nixos/hosts/olympus/dns/configuration.nix @@ -1,15 +1,14 @@ { config, pkgs, hosts, flat_hosts, ... }: let inherit (builtins) filter hasAttr attrNames; - hosts' = flat_hosts; domains = attrNames hosts; + ipv4Host = filter (hasAttr "ip") flat_hosts; + ipv6Hosts = filter (hasAttr "ip6") flat_hosts; - ipv6Hosts = filter (hasAttr "ip6") hosts'; - - localData = { hostname, location, ip, ... }: ''"${hostname}.${location}. A ${ip}"''; - local6Data = { hostname, location, ip6, ... }: ''"${hostname}.${location}. AAAA ${ip6}"''; - ptrData = { hostname, location, ip, ... }: ''"${ip} ${hostname}.${location}"''; - ptr6Data = { hostname, location, ip6, ... }: ''"${ip6} ${hostname}.${location}"''; + localData = { hostname, realm, ip, ... }: ''"${hostname}.${realm}. A ${ip}"''; + local6Data = { hostname, realm, ip6, ... }: ''"${hostname}.${realm}. AAAA ${ip6}"''; + ptrData = { hostname, realm, ip, ... }: ''"${ip} ${hostname}.${realm}"''; + ptr6Data = { hostname, realm, ip6, ... }: ''"${ip6} ${hostname}.${realm}"''; in { imports = [ ]; @@ -38,8 +37,8 @@ in { interface = [ "0.0.0.0" "::0" ]; local-zone = map (localdomain: ''"${localdomain}}." transparent'') domains; - local-data = (map localData hosts') ++ (map local6Data ipv6Hosts); - local-data-ptr = (map ptrData hosts') ++ (map ptr6Data ipv6Hosts); + local-data = (map localData ipv4Host) ++ (map local6Data ipv6Hosts); + local-data-ptr = (map ptrData ipv4Host) ++ (map ptr6Data ipv6Hosts); access-control = [ "127.0.0.1/32 allow_snoop" diff --git a/nixos/hosts/thalassa/default.nix b/nixos/hosts/thalassa/default.nix index 1c0f6778..54f43a97 100644 --- a/nixos/hosts/thalassa/default.nix +++ b/nixos/hosts/thalassa/default.nix @@ -1,7 +1,6 @@ [ { hostname = "null"; - mac = ""; type = "local"; } ] diff --git a/util.nix b/util.nix new file mode 100644 index 00000000..20eba700 --- /dev/null +++ b/util.nix @@ -0,0 +1,51 @@ +{ nixpkgs, home-manager, ... }: +let + inherit (nixpkgs) lib; + inherit (builtins) filter mapAttrs attrValues concatLists; + import_cases = { + "lxc" = [ + "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" + ./nixos/common/generic-lxc.nix + ]; + "vm" = [ + ./nixos/common/generic-vm.nix + ]; + "local" = [ + home-manager.nixosModules.home-manager + ]; + }; + resolve_imports = { hostname, realm, profile ? hostname, type ? "lxc", ... }: [ + ./nixos/common + "${./.}/nixos/hosts/${realm}/${profile}/configuration.nix" + ] ++ import_cases.${type}; +in +rec { + add_realm_to_tags = realm: hosts: map ({ tags ? [ ], ... }@host: host // { tags = [ realm ] ++ tags; inherit realm; }) hosts; + flatten_hosts = hosts: concatLists (attrValues hosts); + filter_nix_hosts = hosts: filter ({ nix ? true, ... }: nix) hosts; + + mkNixosSystem = specialArgs: { hostname, realm, system ? "x86_64-linux", ... }@host: { + "${hostname}.${realm}" = lib.nixosSystem { + inherit system specialArgs; + modules = resolve_imports host; + }; + }; + + mkColmenaHost = { ip ? null, hostname, tags, realm, type ? "lxc", ... }@host: { + "${hostname}.${realm}" = { + imports = resolve_imports host; + networking = { + hostName = hostname; + domain = realm; + }; + deployment = { + inherit tags; + targetHost = ip; + allowLocalDeployment = (type == "local"); + targetUser = null; # Defaults to $USER + }; + }; + }; + + mkNixosConfigurations = specialArgs: hosts: lib.foldr (el: acc: acc // mkNixosSystem specialArgs el) { } hosts; +} -- 2.47.1 From 5ff4a2c3a4d66fa4a9bd6a1fa827acd88f0b12b0 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 21 Aug 2022 11:51:49 +0200 Subject: [PATCH 0384/1882] apply-local script --- flake.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 6a48d7df..598b6029 100644 --- a/flake.nix +++ b/flake.nix @@ -71,7 +71,13 @@ VAULT_ADDR = "http://vault.olympus:8200/"; # This only support bash so just execute zsh in bash as a workaround :/ shellHook = "zsh; exit $?"; - buildInputs = with pkgs; [ + buildInputs = with pkgs; let + apply-local = pkgs.writeScriptBin "apply-local" '' + #!${pkgs.stdenv.shell} + "${colmena.packages.x86_64-linux.colmena}"/bin/colmena apply-local --sudo --node "$(cat /proc/sys/kernel/hostname).$(cat /proc/sys/kernel/domainname)" + ''; + in + [ colmena.packages.x86_64-linux.colmena fluxcd k9s -- 2.47.1 From 8d56b29c3eb02664a92d0194b8fbe455244fcaac Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 21 Aug 2022 12:01:19 +0200 Subject: [PATCH 0385/1882] add packages --- flake.nix | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/flake.nix b/flake.nix index 598b6029..2cc1513a 100644 --- a/flake.nix +++ b/flake.nix @@ -45,6 +45,12 @@ # Define args each module gets access to (access to hosts is useful for DNS/DHCP) specialArgs = { inherit hosts flat_hosts inputs; }; pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ]; + + # Script to apply local colmena deployments + apply-local = pkgs.writeScriptBin "apply-local" '' + #!${pkgs.stdenv.shell} + "${colmena.packages.x86_64-linux.colmena}"/bin/colmena apply-local --sudo --node "$(cat /proc/sys/kernel/hostname).$(cat /proc/sys/kernel/domainname)" + ''; in { # Make the nixosConfigurations, mostly for vault-secrets @@ -66,18 +72,16 @@ } nixHosts; + packages.x86_64-linux.default = colmena.packages.x86_64-linux.colmena; + packages.x86_64-linux.apply-local = apply-local; + # Use by running `nix develop` devShells.${system}.default = pkgs.mkShell { VAULT_ADDR = "http://vault.olympus:8200/"; # This only support bash so just execute zsh in bash as a workaround :/ shellHook = "zsh; exit $?"; - buildInputs = with pkgs; let - apply-local = pkgs.writeScriptBin "apply-local" '' - #!${pkgs.stdenv.shell} - "${colmena.packages.x86_64-linux.colmena}"/bin/colmena apply-local --sudo --node "$(cat /proc/sys/kernel/hostname).$(cat /proc/sys/kernel/domainname)" - ''; - in - [ + buildInputs = with pkgs; [ + apply-local colmena.packages.x86_64-linux.colmena fluxcd k9s -- 2.47.1 From 12c415edf7e970a8dc86ae1b0f02ca5f51ccbfa2 Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 22 Aug 2022 08:36:08 +0200 Subject: [PATCH 0386/1882] laptop: various updates --- flake.lock | 12 ++++++------ nixos/hosts/thalassa/null/home.nix | 27 +++++++++++++++++++++++++-- 2 files changed, 31 insertions(+), 8 deletions(-) diff --git a/flake.lock b/flake.lock index 7c017bb9..827ae62b 100644 --- a/flake.lock +++ b/flake.lock @@ -240,11 +240,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1660873686, - "narHash": "sha256-yVGakhnCi9NmTrErFDw29aeqIIRGdza4ql/0KJdWpeA=", + "lastModified": 1661132611, + "narHash": "sha256-VnavdFBMTAbod1C9Wsfa0XJqrERCJXXZp4GNLsnewuA=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "241c330c28241fc1a9c7ee22708ed0b2dde1ae80", + "rev": "fe603eb27a0b920b3f6116c03e5f9cfc64cf98e8", "type": "github" }, "original": { @@ -314,11 +314,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1660984654, - "narHash": "sha256-fDcsh8rm2o8cj+WFL8Y2cAqnsej0UGJa+Sy8U2nFg0Q=", + "lastModified": 1661119194, + "narHash": "sha256-PDcdGfv/HIx1i23fiYnpmD1dV1HSzoPbl/utRRnFygg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "392c83491dcc21d17ab8ea1f809f8f7bd567a5a3", + "rev": "5cccf8e32927aef22b074a4cc7520e024ca6a14a", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/null/home.nix b/nixos/hosts/thalassa/null/home.nix index 5fbf5f3f..a1dc7662 100644 --- a/nixos/hosts/thalassa/null/home.nix +++ b/nixos/hosts/thalassa/null/home.nix @@ -14,9 +14,26 @@ nixpkgs-review ripgrep rsync - tmux + rustup + rust-analyzer + steam-run + texlive.combined.scheme-full ]; + programs.git = { + enable = true; + package = pkgs.gitAndTools.gitFull; + userName = "Victor"; + userEmail = "victor@xirion.net"; + }; + + programs.tmux = { + enable = true; + shortcut = "b"; + terminal = "screen-256color"; + clock24 = true; + }; + programs.home-manager.enable = true; programs.firefox = { enable = true; @@ -24,7 +41,13 @@ }; programs.vscode = { enable = true; - package = pkgs.vscode.fhs; + package = pkgs.vscode; + extensions = with pkgs.vscode-extensions; [ + matklad.rust-analyzer + jnoortheen.nix-ide + james-yu.latex-workshop + valentjn.vscode-ltex + ]; }; gtk = { -- 2.47.1 From 09f38ef5bff195ed31ac101108ba6afa9b9d4f14 Mon Sep 17 00:00:00 2001 From: victor Date: Tue, 23 Aug 2022 22:31:19 +0200 Subject: [PATCH 0387/1882] dconf --- .envrc | 1 + .gitignore | 1 + flake.lock | 12 +- flake.nix | 12 +- nixos/common/default.nix | 1 + nixos/hosts/thalassa/null/configuration.nix | 19 +- nixos/hosts/thalassa/null/dconf.nix | 267 ++++++++++++++++++++ nixos/hosts/thalassa/null/home.nix | 58 ++++- util.nix | 6 +- 9 files changed, 364 insertions(+), 13 deletions(-) create mode 100644 .envrc create mode 100644 nixos/hosts/thalassa/null/dconf.nix diff --git a/.envrc b/.envrc new file mode 100644 index 00000000..3550a30f --- /dev/null +++ b/.envrc @@ -0,0 +1 @@ +use flake diff --git a/.gitignore b/.gitignore index b2be92b7..d1da3a8f 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ result +.direnv \ No newline at end of file diff --git a/flake.lock b/flake.lock index 827ae62b..30b4a50e 100644 --- a/flake.lock +++ b/flake.lock @@ -314,16 +314,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1661119194, - "narHash": "sha256-PDcdGfv/HIx1i23fiYnpmD1dV1HSzoPbl/utRRnFygg=", - "owner": "nixos", + "lastModified": 1661208473, + "narHash": "sha256-EcoSSCrhc/qkoACcbB1Q2zi1jiFvb93kb4SS1AbviFw=", + "owner": "NULLx76", "repo": "nixpkgs", - "rev": "5cccf8e32927aef22b074a4cc7520e024ca6a14a", + "rev": "a73f576bc51a194b6cf77580f84b60c610e0bbbe", "type": "github" }, "original": { - "owner": "nixos", - "ref": "nixos-unstable-small", + "owner": "NULLx76", + "ref": "direnv-vscode-extension", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 2cc1513a..30a41722 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; + nixpkgs.url = "github:NULLx76/nixpkgs/direnv-vscode-extension"; colmena.url = "github:zhaofengli/colmena"; colmena.inputs.nixpkgs.follows = "nixpkgs"; @@ -49,7 +49,12 @@ # Script to apply local colmena deployments apply-local = pkgs.writeScriptBin "apply-local" '' #!${pkgs.stdenv.shell} - "${colmena.packages.x86_64-linux.colmena}"/bin/colmena apply-local --sudo --node "$(cat /proc/sys/kernel/hostname).$(cat /proc/sys/kernel/domainname)" + "${colmena.packages.x86_64-linux.colmena}"/bin/colmena apply-local --sudo + ''; + + dump-dconf = pkgs.writeScriptBin "dump-dconf" '' + #!${pkgs.stdenv.shell} + dconf dump / | dconf2nix > nixos/hosts/thalassa/null/dconf.nix ''; in { @@ -79,9 +84,10 @@ devShells.${system}.default = pkgs.mkShell { VAULT_ADDR = "http://vault.olympus:8200/"; # This only support bash so just execute zsh in bash as a workaround :/ - shellHook = "zsh; exit $?"; + # shellHook = "zsh; exit $?"; buildInputs = with pkgs; [ apply-local + dump-dconf colmena.packages.x86_64-linux.colmena fluxcd k9s diff --git a/nixos/common/default.nix b/nixos/common/default.nix index ea519eff..c1eb6a53 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -17,6 +17,7 @@ # Nix Settings nix = { package = pkgs.nixUnstable; + registry.nixpkgs.flake = inputs.nixpkgs; settings = { auto-optimise-store = true; trusted-users = [ "root" "victor" ]; diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 131d0eec..d9d7d8f1 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -26,6 +26,7 @@ in # Bootloader. boot.loader.systemd-boot.enable = true; + boot.loader.systemd-boot.configurationLimit = 6; boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.efiSysMountPoint = "/boot/efi"; boot.kernelPackages = pkgs.linuxPackages_latest; @@ -35,6 +36,16 @@ in networking.interfaces.wlp0s20f3.useDHCP = true; fileSystems."/".options = [ "compress=zstd" ]; + # Filesystem dedup + services.beesd.filesystems = { + root = { + spec = "LABEL=nixos"; + hashTableSizeMB = 256; + verbosity = "crit"; + extraOptions = [ "--loadavg-target" "2.0" ]; + }; + }; + # Select internationalisation properties. i18n.defaultLocale = "en_GB.utf8"; @@ -100,12 +111,13 @@ in }; environment.systemPackages = with pkgs; [ - gnome.gnome-tweaks pciutils nvidia-offload vim wireguard-tools + gnome.gnome-tweaks + gnome.dconf-editor gnomeExtensions.appindicator gnomeExtensions.wireguard-indicator ]; @@ -133,6 +145,11 @@ in ''; }; + nix.extraOptions = '' + keep-outputs = true + keep-derivations = true + ''; + # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/thalassa/null/dconf.nix b/nixos/hosts/thalassa/null/dconf.nix new file mode 100644 index 00000000..a63028f1 --- /dev/null +++ b/nixos/hosts/thalassa/null/dconf.nix @@ -0,0 +1,267 @@ +# Generated via dconf2nix: https://github.com/gvolpe/dconf2nix +{ lib, ... }: + +with lib.hm.gvariant; + +{ + dconf.settings = { + "apps/seahorse/listing" = { + keyrings-selected = [ "secret-service:///org/freedesktop/secrets/collection/login" ]; + }; + + "apps/seahorse/windows/key-manager" = { + height = 476; + width = 600; + }; + + "ca/desrt/dconf-editor" = { + saved-pathbar-path = "/org/gnome/settings-daemon/plugins/media-keys/custom0/binding"; + saved-view = "/org/gnome/settings-daemon/plugins/media-keys/custom0/binding"; + window-height = 500; + window-is-maximized = false; + window-width = 540; + }; + + "com/uploadedlobster/peek" = { + persist-window-geometry = mkTuple [ 953 214 ]; + recording-output-format = "webm"; + recording-start-delay = 1; + }; + + "es/atareao/wireguard-indicator" = { + darktheme = false; + nmcli = true; + services = [ "service1|wg-quick@wg0.service" "service2|wg-quick@wg1.service" ]; + sudo = false; + }; + + "org/gnome/Totem" = { + active-plugins = [ "vimeo" "variable-rate" "skipto" "screenshot" "screensaver" "save-file" "rotation" "recent" "movie-properties" "open-directory" "mpris" "autoload-subtitles" "apple-trailers" ]; + subtitle-encoding = "UTF-8"; + }; + + "org/gnome/calendar" = { + active-view = "month"; + window-maximized = true; + window-size = mkTuple [ 768 600 ]; + }; + + "org/gnome/control-center" = { + last-panel = "keyboard"; + window-state = mkTuple [ 980 640 ]; + }; + + "org/gnome/desktop/app-folders" = { + folder-children = [ "Utilities" "YaST" ]; + }; + + "org/gnome/desktop/app-folders/folders/Utilities" = { + apps = [ "gnome-abrt.desktop" "gnome-system-log.desktop" "nm-connection-editor.desktop" "org.gnome.baobab.desktop" "org.gnome.Connections.desktop" "org.gnome.DejaDup.desktop" "org.gnome.Dictionary.desktop" "org.gnome.DiskUtility.desktop" "org.gnome.eog.desktop" "org.gnome.Evince.desktop" "org.gnome.FileRoller.desktop" "org.gnome.fonts.desktop" "org.gnome.seahorse.Application.desktop" "org.gnome.tweaks.desktop" "org.gnome.Usage.desktop" "vinagre.desktop" ]; + categories = [ "X-GNOME-Utilities" ]; + name = "X-GNOME-Utilities.directory"; + translate = true; + }; + + "org/gnome/desktop/app-folders/folders/YaST" = { + categories = [ "X-SuSE-YaST" ]; + name = "suse-yast.directory"; + translate = true; + }; + + "org/gnome/desktop/input-sources" = { + sources = [ (mkTuple [ "xkb" "us+altgr-intl" ]) ]; + xkb-options = [ "terminate:ctrl_alt_bksp" "caps:swapescape" ]; + }; + + "org/gnome/desktop/interface" = { + color-scheme = "default"; + font-antialiasing = "grayscale"; + font-hinting = "slight"; + gtk-theme = "Arc-Darker"; + show-battery-percentage = true; + }; + + "org/gnome/desktop/notifications" = { + application-children = [ "gnome-power-panel" "code" "org-gnome-console" "codium" "discord" "org-gnome-totem" "com-uploadedlobster-peek" ]; + }; + + "org/gnome/desktop/notifications/application/code" = { + application-id = "code.desktop"; + }; + + "org/gnome/desktop/notifications/application/codium" = { + application-id = "codium.desktop"; + }; + + "org/gnome/desktop/notifications/application/com-uploadedlobster-peek" = { + application-id = "com.uploadedlobster.peek.desktop"; + }; + + "org/gnome/desktop/notifications/application/discord" = { + application-id = "discord.desktop"; + }; + + "org/gnome/desktop/notifications/application/gnome-power-panel" = { + application-id = "gnome-power-panel.desktop"; + }; + + "org/gnome/desktop/notifications/application/org-gnome-console" = { + application-id = "org.gnome.Console.desktop"; + }; + + "org/gnome/desktop/notifications/application/org-gnome-totem" = { + application-id = "org.gnome.Totem.desktop"; + }; + + "org/gnome/desktop/peripherals/touchpad" = { + tap-to-click = true; + two-finger-scrolling-enabled = true; + }; + + "org/gnome/desktop/search-providers" = { + sort-order = [ "org.gnome.Contacts.desktop" "org.gnome.Documents.desktop" "org.gnome.Nautilus.desktop" ]; + }; + + "org/gnome/desktop/session" = { + idle-delay = mkUint32 300; + }; + + "org/gnome/desktop/sound" = { + event-sounds = true; + theme-name = "__custom"; + }; + + "org/gnome/desktop/wm/keybindings" = { + move-to-workspace-1 = [ "exclam" ]; + move-to-workspace-2 = [ "at" ]; + move-to-workspace-3 = [ "numbersign" ]; + move-to-workspace-4 = [ "dollar" ]; + switch-to-workspace-1 = [ "1" ]; + switch-to-workspace-2 = [ "2" ]; + switch-to-workspace-3 = [ "3" ]; + switch-to-workspace-4 = [ "4" ]; + switch-to-workspace-5 = [ "5" ]; + switch-to-workspace-6 = [ "6" ]; + switch-to-workspace-7 = [ "7" ]; + switch-to-workspace-8 = [ "8" ]; + switch-to-workspace-9 = [ "9" ]; + }; + + "org/gnome/desktop/wm/preferences" = { + focus-mode = "sloppy"; + num-workspaces = 9; + }; + + "org/gnome/epiphany" = { + ask-for-default = false; + }; + + "org/gnome/epiphany/state" = { + is-maximized = false; + window-position = mkTuple [ (-1) (-1) ]; + window-size = mkTuple [ 1024 768 ]; + }; + + "org/gnome/evolution-data-server" = { + migrated = true; + network-monitor-gio-name = ""; + }; + + "org/gnome/file-roller/dialogs/extract" = { + recreate-folders = true; + skip-newer = false; + }; + + "org/gnome/file-roller/listing" = { + show-path = false; + }; + + "org/gnome/mutter" = { + attach-modal-dialogs = true; + dynamic-workspaces = false; + edge-tiling = true; + focus-change-on-pointer-rest = true; + workspaces-only-on-primary = false; + }; + + "org/gnome/nautilus/preferences" = { + default-folder-viewer = "icon-view"; + search-filter-time-type = "last_modified"; + }; + + "org/gnome/nautilus/window-state" = { + initial-size = mkTuple [ 890 550 ]; + maximized = false; + }; + + "org/gnome/nm-applet/eap/97297cfa-75d0-4653-84a7-67940e6e828a" = { + ignore-ca-cert = true; + ignore-phase2-ca-cert = false; + }; + + "org/gnome/settings-daemon/plugins/media-keys" = { + custom-keybindings = [ "/org/gnome/settings-daemon/plugins/media-keys/custom0/" ]; + }; + + "org/gnome/settings-daemon/plugins/media-keys/custom0" = { + binding = "Return"; + command = "kgx"; + name = "Open Terminal"; + }; + + "org/gnome/settings-daemon/plugins/power" = { + power-button-action = "suspend"; + }; + + "org/gnome/shell" = { + disabled-extensions = [ "window-list@gnome-shell-extensions.gcampax.github.com" ]; + enabled-extensions = [ "wireguard-indicator@atareao.es" "appindicatorsupport@rgcjonas.gmail.com" ]; + favorite-apps = [ "firefox.desktop" "org.gnome.Nautilus.desktop" "org.gnome.Console.desktop" ]; + had-bluetooth-devices-setup = true; + welcome-dialog-last-shown-version = "42.4"; + }; + + "org/gnome/shell/app-switcher" = { + current-workspace-only = true; + }; + + "org/gnome/shell/keybindings" = { + switch-to-application-1 = []; + switch-to-application-2 = []; + switch-to-application-3 = []; + switch-to-application-4 = []; + }; + + "org/gnome/shell/world-clocks" = { + locations = "@av []"; + }; + + "org/gnome/tweaks" = { + show-extensions-notice = false; + }; + + "org/gtk/settings/file-chooser" = { + date-format = "regular"; + location-mode = "path-bar"; + show-hidden = false; + show-size-column = true; + show-type-column = true; + sidebar-width = 157; + sort-column = "name"; + sort-directories-first = false; + sort-order = "ascending"; + type-format = "category"; + window-position = mkTuple [ 0 32 ]; + window-size = mkTuple [ 1203 902 ]; + }; + + "system/locale" = { + region = "en_DK.UTF-8"; + }; + + "system/proxy" = { + mode = "none"; + }; + + }; +} diff --git a/nixos/hosts/thalassa/null/home.nix b/nixos/hosts/thalassa/null/home.nix index a1dc7662..97bdc4d6 100644 --- a/nixos/hosts/thalassa/null/home.nix +++ b/nixos/hosts/thalassa/null/home.nix @@ -1,8 +1,12 @@ -{ config, pkgs, ... }: { +{ config, pkgs, lib, ... }: { home.username = "victor"; home.homeDirectory = "/home/victor"; home.stateVersion = "22.05"; + imports = [ + ./dconf.nix + ]; + home.packages = with pkgs; [ discord rnix-lsp @@ -18,6 +22,8 @@ rust-analyzer steam-run texlive.combined.scheme-full + retroarchFull + peek ]; programs.git = { @@ -44,11 +50,20 @@ package = pkgs.vscode; extensions = with pkgs.vscode-extensions; [ matklad.rust-analyzer + mkhl.direnv jnoortheen.nix-ide james-yu.latex-workshop valentjn.vscode-ltex ]; }; + programs.direnv = { + enable = true; + nix-direnv = { + enable = true; + }; + }; + + programs.zsh.enable = true; gtk = { enable = true; @@ -59,4 +74,45 @@ }; services.syncthing.enable = true; + + # dconf.settings = + # let + # inherit (builtins) length head tail listToAttrs genList; + # range = a: b: if a < b then [ a ] ++ range (a + 1) b else [ ]; + # globalPath = "org/gnome/settings-daemon/plugins/media-keys"; + # path = "${globalPath}/custom-keybindings"; + # mkPath = id: "${globalPath}/custom${toString id}"; + # isEmpty = list: length list == 0; + # mkSettings = settings: + # let + # checkSettings = { name, command, binding }@this: this; + # aux = i: list: + # if isEmpty list then [ ] else + # let + # hd = head list; + # tl = tail list; + # name = mkPath i; + # in + # aux (i + 1) tl ++ [{ + # name = mkPath i; + # value = checkSettings hd; + # }]; + # settingsList = (aux 0 settings); + # in + # listToAttrs (settingsList ++ [ + # { + # name = globalPath; + # value = { + # custom-keybindings = genList (i: "/${mkPath i}/") (length settingsList); + # }; + # } + # ]); + # in + # mkSettings [ + # { + # name = "Open Terminal"; + # command = "kgx"; + # binding = "Return"; + # } + # ]; } diff --git a/util.nix b/util.nix index 20eba700..0fed2b31 100644 --- a/util.nix +++ b/util.nix @@ -31,8 +31,10 @@ rec { }; }; - mkColmenaHost = { ip ? null, hostname, tags, realm, type ? "lxc", ... }@host: { - "${hostname}.${realm}" = { + mkColmenaHost = { ip ? null, hostname, tags, realm, type ? "lxc", ... }@host: let + name = if realm == "thalassa" then hostname else "${hostname}.${realm}"; + in{ + "${name}" = { imports = resolve_imports host; networking = { hostName = hostname; -- 2.47.1 From c79f514dbe83e0dc71d5a8b2ebf1886c280a134f Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 24 Aug 2022 18:17:29 +0200 Subject: [PATCH 0388/1882] initial version of my new laptop setup --- flake.lock | 80 ++++++-- flake.nix | 2 + nixos/common/default.nix | 2 + nixos/hosts/olympus/nginx/configuration.nix | 1 + nixos/hosts/olympus/synapse/configuration.nix | 1 + nixos/hosts/thalassa/null/configuration.nix | 60 +++++- nixos/hosts/thalassa/null/dconf.nix | 12 +- nixos/hosts/thalassa/null/home.nix | 61 ++---- .../hosts/thalassa/null/hyprland/default.nix | 105 +++++++++++ .../thalassa/null/hyprland/eww/default.nix | 38 ++++ .../hosts/thalassa/null/hyprland/eww/eww.scss | 178 ++++++++++++++++++ .../hosts/thalassa/null/hyprland/eww/eww.yuck | 133 +++++++++++++ .../null/hyprland/eww/scripts/battery.sh | 31 +++ .../null/hyprland/eww/scripts/volume.sh | 15 ++ .../null/hyprland/eww/scripts/wifi.sh | 16 ++ .../null/hyprland/eww/scripts/workspaces.lua | 30 +++ .../null/hyprland/eww/scripts/workspaces.sh | 8 + util.nix | 3 +- 18 files changed, 709 insertions(+), 67 deletions(-) create mode 100644 nixos/hosts/thalassa/null/hyprland/default.nix create mode 100644 nixos/hosts/thalassa/null/hyprland/eww/default.nix create mode 100644 nixos/hosts/thalassa/null/hyprland/eww/eww.scss create mode 100644 nixos/hosts/thalassa/null/hyprland/eww/eww.yuck create mode 100755 nixos/hosts/thalassa/null/hyprland/eww/scripts/battery.sh create mode 100755 nixos/hosts/thalassa/null/hyprland/eww/scripts/volume.sh create mode 100755 nixos/hosts/thalassa/null/hyprland/eww/scripts/wifi.sh create mode 100755 nixos/hosts/thalassa/null/hyprland/eww/scripts/workspaces.lua create mode 100755 nixos/hosts/thalassa/null/hyprland/eww/scripts/workspaces.sh diff --git a/flake.lock b/flake.lock index 30b4a50e..5408fbdb 100644 --- a/flake.lock +++ b/flake.lock @@ -27,7 +27,7 @@ "deploy-rs": { "inputs": { "flake-compat": "flake-compat_2", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "utils": "utils_4" }, "locked": { @@ -187,11 +187,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1660574517, - "narHash": "sha256-Lp5D2pAPrM3iAc1eeR0iGwz5rM+SYOWzVxI3p17nlrU=", + "lastModified": 1661323822, + "narHash": "sha256-1UGGcQ00uSo5cPTwL7C3S1zkcScbpF0WzspvnceWkbQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "688e5c85b7537f308b82167c8eb4ecfb70a49861", + "rev": "1d81e6295ca530603478114f4977402d51299ad8", "type": "github" }, "original": { @@ -200,6 +200,25 @@ "type": "github" } }, + "hyprland": { + "inputs": { + "nixpkgs": "nixpkgs", + "wlroots": "wlroots" + }, + "locked": { + "lastModified": 1661332451, + "narHash": "sha256-Ikd8XUJ3rQLYz6z+OMrecpXD2CvrPHM3VIfadkpxGTI=", + "owner": "hyprwm", + "repo": "Hyprland", + "rev": "9366c187dce5ed5104f85898c8d3a8531f221e3e", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "Hyprland", + "type": "github" + } + }, "lowdown-src": { "flake": false, "locked": { @@ -240,11 +259,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1661132611, - "narHash": "sha256-VnavdFBMTAbod1C9Wsfa0XJqrERCJXXZp4GNLsnewuA=", + "lastModified": 1661219530, + "narHash": "sha256-jLKEpwbkp3ryXho5RT5hjhLjBOZelGm6X5JWUUxuwsA=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "fe603eb27a0b920b3f6116c03e5f9cfc64cf98e8", + "rev": "e624f6c056d95df8d6335d12bed0fe3c5af05159", "type": "github" }, "original": { @@ -256,7 +275,7 @@ "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs_3" + "nixpkgs": "nixpkgs_4" }, "locked": { "lastModified": 1633098935, @@ -297,7 +316,7 @@ "nix_2": { "inputs": { "lowdown-src": "lowdown-src_2", - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_5" }, "locked": { "lastModified": 1633098935, @@ -313,6 +332,22 @@ } }, "nixpkgs": { + "locked": { + "lastModified": 1660908602, + "narHash": "sha256-SwZ85IPWvC4NxxFhWhRMTJpApSHbY1u4YK2UFWEBWvY=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "495b19d5b3e62b4ec7e846bdfb6ef3d9c3b83492", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { "locked": { "lastModified": 1661208473, "narHash": "sha256-EcoSSCrhc/qkoACcbB1Q2zi1jiFvb93kb4SS1AbviFw=", @@ -328,7 +363,7 @@ "type": "github" } }, - "nixpkgs_2": { + "nixpkgs_3": { "locked": { "lastModified": 1648219316, "narHash": "sha256-Ctij+dOi0ZZIfX5eMhgwugfvB+WZSrvVNAyAuANOsnQ=", @@ -344,7 +379,7 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_4": { "locked": { "lastModified": 1632864508, "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", @@ -359,7 +394,7 @@ "type": "indirect" } }, - "nixpkgs_4": { + "nixpkgs_5": { "locked": { "lastModified": 1632864508, "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", @@ -378,8 +413,9 @@ "inputs": { "colmena": "colmena", "home-manager": "home-manager", + "hyprland": "hyprland", "minecraft-servers": "minecraft-servers", - "nixpkgs": "nixpkgs", + "nixpkgs": "nixpkgs_2", "serokell-nix": "serokell-nix", "vault-secrets": "vault-secrets" } @@ -510,6 +546,24 @@ "repo": "vault-secrets", "type": "github" } + }, + "wlroots": { + "flake": false, + "locked": { + "host": "gitlab.freedesktop.org", + "lastModified": 1660930713, + "narHash": "sha256-bY7q1NqG/sjCUAWPn/Ne9NCigLlPlH5Lk1WCMqv3rTU=", + "owner": "wlroots", + "repo": "wlroots", + "rev": "7c575922c05e4d5fd9a403c2aa631a54c7531d44", + "type": "gitlab" + }, + "original": { + "host": "gitlab.freedesktop.org", + "owner": "wlroots", + "repo": "wlroots", + "type": "gitlab" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 30a41722..c4d941cf 100644 --- a/flake.nix +++ b/flake.nix @@ -24,6 +24,8 @@ url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; + + hyprland.url = "github:hyprwm/Hyprland"; }; outputs = diff --git a/nixos/common/default.nix b/nixos/common/default.nix index c1eb6a53..8c082a0b 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -26,12 +26,14 @@ "https://nix-community.cachix.org" "https://nixpkgs-review-bot.cachix.org" "https://colmena.cachix.org" + "https://hyprland.cachix.org" ]; trusted-public-keys = [ "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "nixpkgs-review-bot.cachix.org-1:eppgiDjPk7Hkzzz7XlUesk3rcEHqNDozGOrcLc8IqwE=" "colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg=" + "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" ]; # Also use zsh for root; }; diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 924be44f..288d68d3 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -43,6 +43,7 @@ in recommendedProxySettings = true; recommendedTlsSettings = true; recommendedOptimisation = true; + clientMaxBodySize = "100m"; package = pkgs.nginxMainline.override { modules = with pkgs.nginxModules; [ brotli ]; diff --git a/nixos/hosts/olympus/synapse/configuration.nix b/nixos/hosts/olympus/synapse/configuration.nix index 088fd81b..c6c7b187 100644 --- a/nixos/hosts/olympus/synapse/configuration.nix +++ b/nixos/hosts/olympus/synapse/configuration.nix @@ -65,6 +65,7 @@ in enable_registration = true; public_baseurl = "https://chat.meowy.tech"; enable_metrics = true; + max_upload_size = "100m"; listeners = [ { inherit port; diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index d9d7d8f1..1d1c9fa2 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, lib, ... }: +{ config, pkgs, lib, inputs, ... }: let nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" '' export __NV_PRIME_RENDER_OFFLOAD=1 @@ -23,6 +23,31 @@ in home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.users.victor = import ./home.nix; + home-manager.sharedModules = [ + inputs.hyprland.homeManagerModules.default + ]; + + fonts = { + fonts = with pkgs; [ + material-design-icons + noto-fonts + noto-fonts-cjk + noto-fonts-emoji + dejavu_fonts + (nerdfonts.override { fonts = [ "DejaVuSansMono" "Noto" "Ubuntu" "DroidSansMono" ]; }) + ]; + + enableDefaultFonts = false; + + fontconfig = { + defaultFonts = { + monospace = [ "DejaVuSansMono Nerd Font Mono" "Noto Color Emoji" ]; + sansSerif = [ "DejaVu Sans" "DejaVuSansMono Nerd Font Mono" "Noto Color Emoji" ]; + serif = [ "DejaVu Serif" "DejaVuSansMono Nerd Font Mono" "Noto Color Emoji" ]; + emoji = [ "Noto Color Emoji" ]; + }; + }; + }; # Bootloader. boot.loader.systemd-boot.enable = true; @@ -63,12 +88,28 @@ in }; # Enable the X11 windowing system. - services.xserver.enable = true; + # services.xserver.enable = true; # Enable the GNOME Desktop Environment. - services.xserver.displayManager.gdm.enable = true; - services.xserver.desktopManager.gnome.enable = true; - services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; + # services.xserver.displayManager.gdm.enable = true; + # services.xserver.desktopManager.gnome.enable = true; + # services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; + + xdg = { + portal = { + enable = true; + wlr.enable = true; + extraPortals = with pkgs; [ + # xdg-desktop-portal-gtk + ]; + }; + }; + + # Hyprland + programs.hyprland = { + enable = true; + package = null; # Managed by home manager + }; services.xserver = { layout = "us"; @@ -115,11 +156,12 @@ in nvidia-offload vim wireguard-tools + slurp - gnome.gnome-tweaks - gnome.dconf-editor - gnomeExtensions.appindicator - gnomeExtensions.wireguard-indicator + #gnome.gnome-tweaks + #gnome.dconf-editor + #gnomeExtensions.appindicator + #gnomeExtensions.wireguard-indicator ]; programs.steam = { diff --git a/nixos/hosts/thalassa/null/dconf.nix b/nixos/hosts/thalassa/null/dconf.nix index a63028f1..c26c7b39 100644 --- a/nixos/hosts/thalassa/null/dconf.nix +++ b/nixos/hosts/thalassa/null/dconf.nix @@ -149,7 +149,7 @@ with lib.hm.gvariant; "org/gnome/desktop/wm/preferences" = { focus-mode = "sloppy"; - num-workspaces = 9; + num-workspaces = 6; }; "org/gnome/epiphany" = { @@ -173,7 +173,17 @@ with lib.hm.gvariant; }; "org/gnome/file-roller/listing" = { + list-mode = "as-folder"; + name-column-width = 250; show-path = false; + sort-method = "name"; + sort-type = "ascending"; + }; + + "org/gnome/file-roller/ui" = { + sidebar-width = 200; + window-height = 480; + window-width = 600; }; "org/gnome/mutter" = { diff --git a/nixos/hosts/thalassa/null/home.nix b/nixos/hosts/thalassa/null/home.nix index 97bdc4d6..ec34c88d 100644 --- a/nixos/hosts/thalassa/null/home.nix +++ b/nixos/hosts/thalassa/null/home.nix @@ -1,12 +1,18 @@ { config, pkgs, lib, ... }: { + programs.home-manager.enable = true; home.username = "victor"; home.homeDirectory = "/home/victor"; home.stateVersion = "22.05"; imports = [ ./dconf.nix + ./hyprland ]; + home.sessionVariables = { + MOZ_ENABLE_WAYLAND = 1; + }; + home.packages = with pkgs; [ discord rnix-lsp @@ -23,9 +29,18 @@ steam-run texlive.combined.scheme-full retroarchFull - peek + python3 ]; + programs.alacritty = { + enable = true; + }; + + programs.rofi = { + enable = true; + package = pkgs.rofi-wayland; + }; + programs.git = { enable = true; package = pkgs.gitAndTools.gitFull; @@ -40,11 +55,11 @@ clock24 = true; }; - programs.home-manager.enable = true; programs.firefox = { enable = true; package = pkgs.firefox-devedition-bin; }; + programs.vscode = { enable = true; package = pkgs.vscode; @@ -56,6 +71,7 @@ valentjn.vscode-ltex ]; }; + programs.direnv = { enable = true; nix-direnv = { @@ -74,45 +90,4 @@ }; services.syncthing.enable = true; - - # dconf.settings = - # let - # inherit (builtins) length head tail listToAttrs genList; - # range = a: b: if a < b then [ a ] ++ range (a + 1) b else [ ]; - # globalPath = "org/gnome/settings-daemon/plugins/media-keys"; - # path = "${globalPath}/custom-keybindings"; - # mkPath = id: "${globalPath}/custom${toString id}"; - # isEmpty = list: length list == 0; - # mkSettings = settings: - # let - # checkSettings = { name, command, binding }@this: this; - # aux = i: list: - # if isEmpty list then [ ] else - # let - # hd = head list; - # tl = tail list; - # name = mkPath i; - # in - # aux (i + 1) tl ++ [{ - # name = mkPath i; - # value = checkSettings hd; - # }]; - # settingsList = (aux 0 settings); - # in - # listToAttrs (settingsList ++ [ - # { - # name = globalPath; - # value = { - # custom-keybindings = genList (i: "/${mkPath i}/") (length settingsList); - # }; - # } - # ]); - # in - # mkSettings [ - # { - # name = "Open Terminal"; - # command = "kgx"; - # binding = "Return"; - # } - # ]; } diff --git a/nixos/hosts/thalassa/null/hyprland/default.nix b/nixos/hosts/thalassa/null/hyprland/default.nix new file mode 100644 index 00000000..3fa1e514 --- /dev/null +++ b/nixos/hosts/thalassa/null/hyprland/default.nix @@ -0,0 +1,105 @@ +{ pkgs, ... }: { + imports = [ + ./eww + ]; + + home.packages = with pkgs; [ + wofi # Wayland rofi + grim # Screenshot tool + wf-recorder # Screenrecorder + wl-clipboard # Clipboard manager + ]; + + wayland.windowManager.hyprland = { + enable = true; + extraConfig = '' + exec-once=eww daemon + exec-once=eww open bar + + monitor=eDP-1,1920x1080@60,0x0,1 + monitor=eDP-1,addreserved,0,0,48,0 + + general { + layout = dwindle + } + + input { + kb_options=caps:escape + touchpad { + natural_scroll= true + } + } + + gestures { + workspace_swipe = true + } + + misc { + no_vfr = false + } + + dwindle { + pseudotile=true + } + + bind=SUPER,RETURN,exec,alacritty + bind=SUPER,f,exec,firefox-devedition + bind=SUPER,d,exec,rofi -show run + + bind=,Print,exec,grim -g "$(slurp)" - | wl-copy -t image/png + bind=SUPER,W,killactive, + bind=SUPER,M,exit, + bind=SUPER,S,togglefloating, + bind=SUPER,P,pseudo, + + bind=SUPER,left,movefocus,l + bind=SUPER,right,movefocus,r + bind=SUPER,up,movefocus,u + bind=SUPER,down,movefocus,d + + bind=SUPER,1,workspace,1 + bind=SUPER,2,workspace,2 + bind=SUPER,3,workspace,3 + bind=SUPER,4,workspace,4 + bind=SUPER,5,workspace,5 + bind=SUPER,6,workspace,6 + bind=SUPER,7,workspace,7 + bind=SUPER,8,workspace,8 + bind=SUPER,9,workspace,9 + bind=SUPER,0,workspace,10 + + bind=ALT,1,movetoworkspace,1 + bind=ALT,2,movetoworkspace,2 + bind=ALT,3,movetoworkspace,3 + bind=ALT,4,movetoworkspace,4 + bind=ALT,5,movetoworkspace,5 + bind=ALT,6,movetoworkspace,6 + bind=ALT,7,movetoworkspace,7 + bind=ALT,8,movetoworkspace,8 + bind=ALT,9,movetoworkspace,9 + bind=ALT,0,movetoworkspace,10 + + bind=SUPER,mouse_down,workspace,e+1 + bind=SUPER,mouse_up,workspace,e-1 + + bind=SUPER,g,togglegroup + bind=SUPER,tab,changegroupactive + + # Firefox notifications + windowrule=float,title:^(\s*)$ + windowrule=nofocus,title:^(\s*)$ + windowrule=move 1569 0,title:^(\s*)$ + windowrule=opacity 0.8,title:^(\s*)$ + windowrule=rounding 3,title:^(\s*)$ + windowrule=animation popin,title:^(\s*)$ + + bind=,XF86MonBrightnessUp,exec,brightnessctl set +5% + bind=,XF86MonBrightnessDown,exec,brightnessctl set 5%- + bind=,XF86MonRaiseVolume,exec,pamixer -i 5 + bind=,XF86MonLowerVolume,exec,pamixer -d 5 + bind=,XF86AudioMute,exec,pamixer -t + + animation=workspaces,1,8,default,slidevert + ''; + }; +} diff --git a/nixos/hosts/thalassa/null/hyprland/eww/default.nix b/nixos/hosts/thalassa/null/hyprland/eww/default.nix new file mode 100644 index 00000000..682a1068 --- /dev/null +++ b/nixos/hosts/thalassa/null/hyprland/eww/default.nix @@ -0,0 +1,38 @@ +{ pkgs, ... }: { + home.packages = with pkgs; [ + eww-wayland + brightnessctl + pamixer + lua + (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) + ]; + + home.file.".config/eww/eww.yuck".source = ./eww.yuck; + home.file.".config/eww/eww.scss".source = ./eww.scss; + + # scripts + home.file.".config/eww/scripts/battery.sh" = { + source = ./scripts/battery.sh; + executable = true; + }; + + home.file.".config/eww/scripts/volume.sh" = { + source = ./scripts/volume.sh; + executable = true; + }; + + home.file.".config/eww/scripts/wifi.sh" = { + source = ./scripts/wifi.sh; + executable = true; + }; + + home.file.".config/eww/scripts/workspaces.sh" = { + source = ./scripts/workspaces.sh; + executable = true; + }; + + home.file.".config/eww/scripts/workspaces.lua" = { + source = ./scripts/workspaces.lua; + executable = true; + }; +} diff --git a/nixos/hosts/thalassa/null/hyprland/eww/eww.scss b/nixos/hosts/thalassa/null/hyprland/eww/eww.scss new file mode 100644 index 00000000..ccc93cc8 --- /dev/null +++ b/nixos/hosts/thalassa/null/hyprland/eww/eww.scss @@ -0,0 +1,178 @@ +$base: #44465c; +$blue: #3fc6de; +$surface0: #44465c; +$surface1: #44465c; +$text: #d9e0ee; +$overlay0: #6e738d; +$red: #ec6a88; +$peach: #efb993; +$yellow: #efb993; +$mauve: #b072d1; +$green: #3fdaa4; +$mantle: #292a37; +$crust: #2e303e; +$light-gray: #9699b7; + +* { + all: unset; //Unsets everything so you can style everything from scratch + font-family: "JetBrainsMono" +} + +.icon { + font-family: monospace; + font-size: 1.4rem; +} + + +button { + transition: background-color 200ms, color 200ms; +} + +.active { + color: $green; + font-size: 1.4rem; +} + +.inactive { + color: $base; + font-size: 1.4rem; +} + +.inactive:hover { + color: $light-gray; +} + +.bar { + background-color: $mantle; + border-left: 4px dotted $red; +} + +.wifi { + font-size: 2rem; + color: $blue; +} + +.clock { + font-weight: bold; + background-color: $base; + color: $text; + border-radius: 10px; + padding: 0.2rem; + margin: 0.5rem; +} + + +.date { + font-size: 1.5rem; +} + +.reg-btn { + font-size: 2rem; + margin: 2px 8px; + border-radius: 10px; +} + +.powerbutton { + color: $red; +} + +.powerbutton:hover { + background-color: $base; +} + +.powerbutton:active { + background-color: $red; + color: $mantle; +} + +.battery { + font-size: 1.5rem; + color: $green; +} + +.volume { + font-size: 1.5rem; + color: $blue; +} + +// Credits AlphaTechnolog +.powermenu-box { + padding: 0 2px; + margin: 7px 7px 7px 0px; + background: inherit; + + .dispatcher { + border-radius: 15px; + background: $base; + color: $red; + font-size: 14px; + padding: 0 14px 0 10px; + + &:hover { + background-color: $surface0; + } + + &:active { + background-color: $surface1; + } + } +} + +// powermenu +.powermenu-container { + background: $crust; + color: $text; + padding: 10px; + font-size: 55px; + + transition: all 200ms cubic-bezier(.1, -0.00, .0, 1.49); + + .btn { + margin: 1rem; + } + + // shutdown + .shutdown-btn-box .btn { + color: $red; + border-radius: 15px; + background-color: $mantle; + + &:hover { + background-color: $base; + } + + &:active { + background-color: $surface1; + } + } + + // reboot + .reboot-btn-box .btn { + color: $mauve; + border-radius: 15px; + background-color: $mantle; + + &:hover { + background-color: $base; + } + + &:active { + background-color: $surface1; + } + } + + // exit + .exit-btn-box .btn { + color: $yellow; + border-radius: 15px; + background-color: $mantle; + + &:hover { + background-color: $base; + } + + &:active { + background-color: $surface1; + } + } +} \ No newline at end of file diff --git a/nixos/hosts/thalassa/null/hyprland/eww/eww.yuck b/nixos/hosts/thalassa/null/hyprland/eww/eww.yuck new file mode 100644 index 00000000..2f3d495c --- /dev/null +++ b/nixos/hosts/thalassa/null/hyprland/eww/eww.yuck @@ -0,0 +1,133 @@ +(defwidget bar [] + (centerbox :orientation "v" :hexpand false + (box :valign "start" :hexpand false :vexpand true :orientation "v" :space-evenly false + (powerbutton) + ) + + (workspaces :halign "center" :vexpand true :hexpand false :orientation "v") + + (box :valign "end" :hexpand false :vexpand true :orientation "v" :space-evenly false + (wifi) + (volume) + (battery) + (time) + ) + ) +) + +;; Variables +; (defvar time false) +; (defvar cal false) + +;; ━━━ WIFI ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ +(defvar wifi "{}") +(defpoll wifi :interval "30s" "./scripts/wifi.sh") + +(defwidget wifi [] + (box :vexpand false :hexpand false :orientation "v" + (label :text {wifi.icon} + :limit-width 10 + :tooltip {wifi.status} + :class "wifi" + ) + ) +) + +;; ━━━ BATTERY ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ +(defvar battery "{}") +(defpoll battery :interval "60s" "./scripts/battery.sh") + +(defwidget battery [] + (label :text {battery.icon} + :limit-width 10 + :tooltip "${battery.status}: ${battery.percent}" + :class "battery" + ) +) + +;; ━━━ VOLUME ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ +(defvar volume "{}") +(defpoll volume :interval "1s" "./scripts/volume.sh") +(defwidget volume [] + (eventbox :onclick "pamixer -t" + (label :text {volume.icon} + :limit-width 10 + :tooltip "${volume.percent}%" + :class "volume" + ) + ) +) + +;; ━━━ TIME ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ +(defpoll hour :interval "10s" "date +%H") +(defpoll minute :interval "10s" "date +%M") +(defpoll dateVar :interval "600s" "date '+%A %d.%m.%y'") + +(defwidget time [] + (eventbox :cursor "hand" :hexpand false :vexpand false + :tooltip "${dateVar}" + (box :orientation "v" :hexpand false :vexpand false :space-evenly false :class "clock" + (button :class "date" + :onclick "" "${hour}") + + (button :class "date" + :onclick "" "${minute}") + ) + ) +) + +(defwidget powerbutton [] + (eventbox :cursor "hand" + (button :class "reg-btn powerbutton" + :onclick "eww open powermenu --toggle &" "") + ) +) +(defwidget powermenucontent [] + (box :orientation "h" + :class "powermenu-container" + (box :class "shutdown-btn-box" + :orientation "h" + (button :class "btn" + :tooltip "Shutdown" + :onclick "eww close powermenu && shutdown now" + "⏻") + ) + (box :class "reboot-btn-box" + :orientation "h" + (button :class "btn" + :tooltip "Reboot" + :onclick "eww close powermenu && reboot" + "") + ) + (box :class "exit-btn-box" + :orientation "h" + (button :class "btn" + :tooltip "Suspend" + :onclick "systemctl suspend" + "⏾") + ) + ) +) + +(defwindow powermenu + :monitor 0 + :geometry (geometry :x "0%" + :y "0%" + :width "30%" + :height "15%" + :anchor "center center") + :wm-ignore true + (powermenucontent)) + +(deflisten workspaces_listen "./scripts/workspaces.sh") +(defwidget workspaces [] + (literal :content workspaces_listen)) + +(defwindow bar + :monitor 0 + :exclusive false + :geometry (geometry :height "1080px" :x "-4px" :y "0px" + :width "52px" + :anchor "top left") + :stacking "fg" + (bar)) diff --git a/nixos/hosts/thalassa/null/hyprland/eww/scripts/battery.sh b/nixos/hosts/thalassa/null/hyprland/eww/scripts/battery.sh new file mode 100755 index 00000000..e7d46a10 --- /dev/null +++ b/nixos/hosts/thalassa/null/hyprland/eww/scripts/battery.sh @@ -0,0 +1,31 @@ +#!/usr/bin/env bash + +bat=/sys/class/power_supply/BAT0 +per="$(cat "$bat/capacity")" +status="$(cat "$bat/status")" + +if [ "$per" -gt "90" ]; then + icon="" +elif [ "$per" -gt "80" ]; then + icon="" +elif [ "$per" -gt "70" ]; then + icon="" +elif [ "$per" -gt "60" ]; then + icon="" +elif [ "$per" -gt "50" ]; then + icon="" +elif [ "$per" -gt "40" ]; then + icon="" +elif [ "$per" -gt "30" ]; then + icon="" +elif [ "$per" -gt "20" ]; then + icon="" +elif [ "$per" -gt "10" ]; then + icon="" +elif [ "$per" -gt "0" ]; then + icon="" +else + icon="" +fi + +echo "{\"percent\": \"$per\", \"icon\": \"$icon\", \"charging\": \"$charging\", \"visible\": \"true\", \"status\": \"$status\"}" diff --git a/nixos/hosts/thalassa/null/hyprland/eww/scripts/volume.sh b/nixos/hosts/thalassa/null/hyprland/eww/scripts/volume.sh new file mode 100755 index 00000000..1f94e319 --- /dev/null +++ b/nixos/hosts/thalassa/null/hyprland/eww/scripts/volume.sh @@ -0,0 +1,15 @@ +#!/bin/sh + +per="$(pamixer --get-volume)" + +if pamixer --get-mute | grep -q true; then + icon="婢" +elif [ "$per" -gt 66 ]; then + icon="墳" # high +elif [ "$per" -gt 33 ]; then + icon="奔" # med +else + icon="奄" #low +fi + +printf "{\"icon\": \"${icon}\", \"percent\": \"${per}\"}" diff --git a/nixos/hosts/thalassa/null/hyprland/eww/scripts/wifi.sh b/nixos/hosts/thalassa/null/hyprland/eww/scripts/wifi.sh new file mode 100755 index 00000000..ced14488 --- /dev/null +++ b/nixos/hosts/thalassa/null/hyprland/eww/scripts/wifi.sh @@ -0,0 +1,16 @@ +#!/bin/sh + +if nmcli g | rg -q "\bconnected\b"; then + icon="󰤨" + ssid=$(nmcli -t -f name connection show --active) + if echo $ssid | rg -q "Wired"; then + status="Connected via cable" + else + status="Connected to ${ssid}" + fi +else + icon="󰤭" + status="offline" +fi + +printf "{\"icon\": \"${icon}\", \"status\": \"${status}\"}" diff --git a/nixos/hosts/thalassa/null/hyprland/eww/scripts/workspaces.lua b/nixos/hosts/thalassa/null/hyprland/eww/scripts/workspaces.lua new file mode 100755 index 00000000..cb0ec28c --- /dev/null +++ b/nixos/hosts/thalassa/null/hyprland/eww/scripts/workspaces.lua @@ -0,0 +1,30 @@ +#!/usr/bin/env lua + +function trim(s) + return (string.gsub(s, "^%s*(.-)%s*$", "%1")) +end + +aw = io.popen("hyprctl monitors | grep active | sed 's/()/(1)/g' | sort | awk 'NR>1{print $1}' RS='(' FS=')'") +active_workspace = aw:read("*a") +aw:close() + +ew = io.popen("hyprctl workspaces | grep ID | sed 's/()/(1)/g' | sort | awk 'NR>1{print $1}' RS='(' FS=')'") +existing_workspaces = ew:read("*a") +ew:close() + +box = "(box :orientation \"v\" :spacing 1 :space-evenly \"true\" " + +for i = 1, #existing_workspaces do + local c = existing_workspaces:sub(i,i) + if tonumber(c) == tonumber(active_workspace) then + local btn = "(button :class \"active\" :onclick \"hyprctl dispatch workspace "..c.." \" \"\")" + box = box .. btn + elseif c ~= "\n" then + local btn = "(button :class \"inactive\" :onclick \"hyprctl dispatch workspace "..c.."\" \"\")" + box = box .. btn + end +end + +box = box .. ")" + +print(box) diff --git a/nixos/hosts/thalassa/null/hyprland/eww/scripts/workspaces.sh b/nixos/hosts/thalassa/null/hyprland/eww/scripts/workspaces.sh new file mode 100755 index 00000000..c8eedd49 --- /dev/null +++ b/nixos/hosts/thalassa/null/hyprland/eww/scripts/workspaces.sh @@ -0,0 +1,8 @@ +#!/bin/sh +workspaces() { +./scripts/workspaces.lua +} +workspaces +tail -f /tmp/hypr/$HYPRLAND_INSTANCE_SIGNATURE/hyprland.log | grep --line-buffered "Changed to workspace" | while read -r; do +workspaces +done diff --git a/util.nix b/util.nix index 0fed2b31..ae4bd8d5 100644 --- a/util.nix +++ b/util.nix @@ -1,4 +1,4 @@ -{ nixpkgs, home-manager, ... }: +{ nixpkgs, home-manager, hyprland, ... }: let inherit (nixpkgs) lib; inherit (builtins) filter mapAttrs attrValues concatLists; @@ -12,6 +12,7 @@ let ]; "local" = [ home-manager.nixosModules.home-manager + hyprland.nixosModules.default ]; }; resolve_imports = { hostname, realm, profile ? hostname, type ? "lxc", ... }: [ -- 2.47.1 From 4fed5d2c38e133ea2b0b2d4c60a68bfcb7f8e6a4 Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 24 Aug 2022 23:44:40 +0200 Subject: [PATCH 0389/1882] more laptop config --- flake.lock | 12 ++-- nixos/hosts/thalassa/null/README.md | 2 + nixos/hosts/thalassa/null/configuration.nix | 68 +++++++++++++------ .../hosts/thalassa/null/hyprland/default.nix | 38 +++++++++-- .../thalassa/null/hyprland/eww/default.nix | 1 - .../null/hyprland/eww/scripts/workspaces.lua | 19 ++---- 6 files changed, 92 insertions(+), 48 deletions(-) create mode 100644 nixos/hosts/thalassa/null/README.md diff --git a/flake.lock b/flake.lock index 5408fbdb..11e8115f 100644 --- a/flake.lock +++ b/flake.lock @@ -187,11 +187,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1661323822, - "narHash": "sha256-1UGGcQ00uSo5cPTwL7C3S1zkcScbpF0WzspvnceWkbQ=", + "lastModified": 1661371005, + "narHash": "sha256-PfWRIyJQhBtVhENqmVcI+C9kisctmzos+nrH+feGX3U=", "owner": "nix-community", "repo": "home-manager", - "rev": "1d81e6295ca530603478114f4977402d51299ad8", + "rev": "b382b59faf717c5b36f4cd8e1c5d96cdabd382c9", "type": "github" }, "original": { @@ -206,11 +206,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1661332451, - "narHash": "sha256-Ikd8XUJ3rQLYz6z+OMrecpXD2CvrPHM3VIfadkpxGTI=", + "lastModified": 1661371527, + "narHash": "sha256-gOfHnXvncOW3+zTAMFFMgVqFOBcTaI4gdiKBd7gN7go=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "9366c187dce5ed5104f85898c8d3a8531f221e3e", + "rev": "e92469121d37af387cb7fa507ae6ac6225cb9ebc", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/null/README.md b/nixos/hosts/thalassa/null/README.md new file mode 100644 index 00000000..446bf7b7 --- /dev/null +++ b/nixos/hosts/thalassa/null/README.md @@ -0,0 +1,2 @@ +# null +This folder contains the NixOS configuration for my laptop, with hostname `null`. \ No newline at end of file diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 1d1c9fa2..987ad989 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -9,8 +9,26 @@ let export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 export __GLX_VENDOR_LIBRARY_NAME=nvidia export __VK_LAYER_NV_optimus=NVIDIA_only + export LIBVA_DRIVER_NAME=nvidia + export GBM_BACKEND=nvidia-drm + exec "$@" ''; + run-hyprland = pkgs.writeShellScriptBin "run-hyprland" '' + export _JAVA_AWT_WM_NONREPARENTING=1 + export XCURSOR_SIZE=24 + + export CLUTTER_BACKEND=wayland + export XDG_SESSION_TYPE=wayland + export QT_WAYLAND_DISABLE_WINDOWDECORATION=1 + export MOZ_ENABLE_WAYLAND=1 + export WLR_NO_HARDWARE_CURSORS=1 + export WLR_BACKEND=vulkan + export QT_QPA_PLATFORM=wayland + export GDK_BACKEND=wayland + + exec Hyprland + ''; in { imports = @@ -27,6 +45,8 @@ in inputs.hyprland.homeManagerModules.default ]; + programs.light.enable = true; + fonts = { fonts = with pkgs; [ material-design-icons @@ -71,7 +91,6 @@ in }; }; - # Select internationalisation properties. i18n.defaultLocale = "en_GB.utf8"; @@ -87,20 +106,12 @@ in LC_TIME = "en_DK.utf8"; }; - # Enable the X11 windowing system. - # services.xserver.enable = true; - - # Enable the GNOME Desktop Environment. - # services.xserver.displayManager.gdm.enable = true; - # services.xserver.desktopManager.gnome.enable = true; - # services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; - xdg = { portal = { enable = true; wlr.enable = true; extraPortals = with pkgs; [ - # xdg-desktop-portal-gtk + xdg-desktop-portal-gtk ]; }; }; @@ -111,7 +122,14 @@ in package = null; # Managed by home manager }; + environment.loginShellInit = '' + if [[ "$(tty)" == /dev/tty1 ]]; then + ${run-hyprland}/bin/run-hyprland + fi + ''; + services.xserver = { + # enable = true; layout = "us"; xkbVariant = "altgr-intl"; xkbOptions = "caps:swapescape"; @@ -119,15 +137,24 @@ in }; # hardware.nvidia.modesetting.enable = true; - hardware.nvidia.prime = { - offload.enable = true; - intelBusId = "PCI:0:2:0"; - nvidiaBusId = "PCI:1:0:0"; + hardware.nvidia = { + # open = true; + prime = { + offload.enable = true; + intelBusId = "PCI:0:2:0"; + nvidiaBusId = "PCI:1:0:0"; + }; }; - hardware.opengl.extraPackages = with pkgs; [ - vaapiVdpau - ]; + hardware.opengl = { + enable = true; + extraPackages = with pkgs; [ + vaapiVdpau + intel-media-driver # LIBVA_DRIVER_NAME=iHD + vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) + libvdpau-va-gl + ]; + }; virtualisation.podman.enable = true; @@ -154,14 +181,11 @@ in environment.systemPackages = with pkgs; [ pciutils nvidia-offload + run-hyprland vim wireguard-tools slurp - - #gnome.gnome-tweaks - #gnome.dconf-editor - #gnomeExtensions.appindicator - #gnomeExtensions.wireguard-indicator + gdb ]; programs.steam = { diff --git a/nixos/hosts/thalassa/null/hyprland/default.nix b/nixos/hosts/thalassa/null/hyprland/default.nix index 3fa1e514..6b9dcdcb 100644 --- a/nixos/hosts/thalassa/null/hyprland/default.nix +++ b/nixos/hosts/thalassa/null/hyprland/default.nix @@ -8,8 +8,37 @@ grim # Screenshot tool wf-recorder # Screenrecorder wl-clipboard # Clipboard manager + networkmanager_dmenu ]; + home.file.".config/networkmanager-dmenu/config.ini".text = '' + [dmenu] + dmenu_command = rofi -dmenu -i + # # Note that dmenu_command can contain arguments as well like: + # # `dmenu_command = rofi -dmenu -i -theme nmdm` + # # `dmenu_command = rofi -dmenu -width 30 -i` + # # `dmenu_command = dmenu -i -l 25 -b -nb #909090 -nf #303030` + # (Default: False) use rofi highlighting instead of '==' + rofi_highlight = true + # compact = # (Default: False). Remove extra spacing from display + # pinentry = # (Default: None) e.g. `pinentry-gtk` + # wifi_chars = + wifi_chars = ▂▄▆█ + # list_saved = # (Default: False) list saved connections + + [dmenu_passphrase] + # # Uses the -password flag for Rofi, -x for bemenu. For dmenu, sets -nb and + # # -nf to the same color or uses -P if the dmenu password patch is applied + # # https://tools.suckless.org/dmenu/patches/password/ + # obscure = True + # obscure_color = #222222 + + [editor] + # terminal = + terminal = alacritty + # gui_if_available = (Default: True) + ''; + wayland.windowManager.hyprland = { enable = true; extraConfig = '' @@ -18,6 +47,7 @@ monitor=eDP-1,1920x1080@60,0x0,1 monitor=eDP-1,addreserved,0,0,48,0 + monitor=,preferred,auto,1 general { layout = dwindle @@ -48,7 +78,7 @@ bind=,Print,exec,grim -g "$(slurp)" - | wl-copy -t image/png bind=SUPER,W,killactive, - bind=SUPER,M,exit, + bind=SUPERSHIFT,Q,exit, bind=SUPER,S,togglefloating, bind=SUPER,P,pseudo, @@ -93,13 +123,11 @@ windowrule=rounding 3,title:^(\s*)$ windowrule=animation popin,title:^(\s*)$ - bind=,XF86MonBrightnessUp,exec,brightnessctl set +5% - bind=,XF86MonBrightnessDown,exec,brightnessctl set 5%- + bind=,XF86MonBrightnessUp,exec,light -A 5 + bind=,XF86MonBrightnessDown,exec,light -U 5 bind=,XF86MonRaiseVolume,exec,pamixer -i 5 bind=,XF86MonLowerVolume,exec,pamixer -d 5 bind=,XF86AudioMute,exec,pamixer -t - - animation=workspaces,1,8,default,slidevert ''; }; } diff --git a/nixos/hosts/thalassa/null/hyprland/eww/default.nix b/nixos/hosts/thalassa/null/hyprland/eww/default.nix index 682a1068..7a53d25a 100644 --- a/nixos/hosts/thalassa/null/hyprland/eww/default.nix +++ b/nixos/hosts/thalassa/null/hyprland/eww/default.nix @@ -1,7 +1,6 @@ { pkgs, ... }: { home.packages = with pkgs; [ eww-wayland - brightnessctl pamixer lua (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) diff --git a/nixos/hosts/thalassa/null/hyprland/eww/scripts/workspaces.lua b/nixos/hosts/thalassa/null/hyprland/eww/scripts/workspaces.lua index cb0ec28c..43b14785 100755 --- a/nixos/hosts/thalassa/null/hyprland/eww/scripts/workspaces.lua +++ b/nixos/hosts/thalassa/null/hyprland/eww/scripts/workspaces.lua @@ -1,26 +1,17 @@ #!/usr/bin/env lua -function trim(s) - return (string.gsub(s, "^%s*(.-)%s*$", "%1")) -end - aw = io.popen("hyprctl monitors | grep active | sed 's/()/(1)/g' | sort | awk 'NR>1{print $1}' RS='(' FS=')'") active_workspace = aw:read("*a") aw:close() -ew = io.popen("hyprctl workspaces | grep ID | sed 's/()/(1)/g' | sort | awk 'NR>1{print $1}' RS='(' FS=')'") -existing_workspaces = ew:read("*a") -ew:close() - box = "(box :orientation \"v\" :spacing 1 :space-evenly \"true\" " -for i = 1, #existing_workspaces do - local c = existing_workspaces:sub(i,i) - if tonumber(c) == tonumber(active_workspace) then - local btn = "(button :class \"active\" :onclick \"hyprctl dispatch workspace "..c.." \" \"\")" +for i = 1,10 do + if i == tonumber(active_workspace) then + local btn = "(button :class \"active\" :onclick \"hyprctl dispatch workspace "..i.." \" \"\")" box = box .. btn - elseif c ~= "\n" then - local btn = "(button :class \"inactive\" :onclick \"hyprctl dispatch workspace "..c.."\" \"\")" + else + local btn = "(button :class \"inactive\" :onclick \"hyprctl dispatch workspace "..i.."\" \"\")" box = box .. btn end end -- 2.47.1 From b62cf0bebc1cec7bdbb28daea77c5f200f0bd95a Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 25 Aug 2022 10:24:31 +0200 Subject: [PATCH 0390/1882] updated k3s and vmagent --- flake.lock | 8 ++++---- flake.nix | 16 +++++++--------- nixos/hosts/olympus/k3s/configuration.nix | 2 +- nixos/pkgs/vmagent/default.nix | 5 +++-- 4 files changed, 15 insertions(+), 16 deletions(-) diff --git a/flake.lock b/flake.lock index 11e8115f..d8827222 100644 --- a/flake.lock +++ b/flake.lock @@ -349,16 +349,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1661208473, - "narHash": "sha256-EcoSSCrhc/qkoACcbB1Q2zi1jiFvb93kb4SS1AbviFw=", + "lastModified": 1661414334, + "narHash": "sha256-9uL8a3v1L9FNCJIhhXZzNQJLS8dq1S0vd03cDrbc0Lw=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "a73f576bc51a194b6cf77580f84b60c610e0bbbe", + "rev": "ed0a4bf92a7b00da1497d87846c068af92919f54", "type": "github" }, "original": { "owner": "NULLx76", - "ref": "direnv-vscode-extension", + "ref": "0x76", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index c4d941cf..32e8b132 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix inputs = { - nixpkgs.url = "github:NULLx76/nixpkgs/direnv-vscode-extension"; + nixpkgs.url = "github:NULLx76/nixpkgs/0x76"; colmena.url = "github:zhaofengli/colmena"; colmena.inputs.nixpkgs.follows = "nixpkgs"; @@ -46,7 +46,11 @@ # Define args each module gets access to (access to hosts is useful for DNS/DHCP) specialArgs = { inherit hosts flat_hosts inputs; }; - pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ]; + pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ + (import ./nixos/pkgs) + vault-secrets.overlay + minecraft-servers.overlays.default + ]; # Script to apply local colmena deployments apply-local = pkgs.writeScriptBin "apply-local" '' @@ -68,14 +72,8 @@ { meta = { inherit specialArgs; - nixpkgs = import nixpkgs { - inherit system; - overlays = [ - (import ./nixos/pkgs) - minecraft-servers.overlays.default - ]; + nixpkgs = pkgs; }; - }; } nixHosts; diff --git a/nixos/hosts/olympus/k3s/configuration.nix b/nixos/hosts/olympus/k3s/configuration.nix index cb51352b..4524c4b7 100644 --- a/nixos/hosts/olympus/k3s/configuration.nix +++ b/nixos/hosts/olympus/k3s/configuration.nix @@ -37,7 +37,7 @@ # Enable k3s as a master node services.k3s = { - enable = false; + enable = true; role = "server"; extraFlags = builtins.toString [ diff --git a/nixos/pkgs/vmagent/default.nix b/nixos/pkgs/vmagent/default.nix index 2a1984dc..c9fdcd2c 100644 --- a/nixos/pkgs/vmagent/default.nix +++ b/nixos/pkgs/vmagent/default.nix @@ -1,13 +1,14 @@ { lib, fetchFromGitHub, buildGoModule }: buildGoModule rec { pname = "vmagent"; - version = "1.79.0"; + version = "1.80.0"; src = fetchFromGitHub { owner = "VictoriaMetrics"; repo = "VictoriaMetrics"; rev = "v${version}"; - sha256 = "sha256-+LirbGbKeazXMtgVh5kZP+KEk/fDbSxceZ26OlE0hbY="; + sha256 = "sha256-SIwl8Mgbkk/z3xZ6wCmce7D2T2A2+dcuQ607BOsfrkQ="; + # sha256 = lib.fakeSha256; }; vendorSha256 = null; -- 2.47.1 From 525f4ce03b58b622a276498f6d6748e3f77909fc Mon Sep 17 00:00:00 2001 From: victor Date: Thu, 25 Aug 2022 13:33:35 +0200 Subject: [PATCH 0391/1882] null: add wallpaper --- flake.lock | 27 ++++++++++++++++--- flake.nix | 13 ++++----- nixos/hosts/thalassa/null/configuration.nix | 2 -- nixos/hosts/thalassa/null/home.nix | 5 +--- .../hosts/thalassa/null/hyprland/default.nix | 15 +++++++++-- 5 files changed, 45 insertions(+), 17 deletions(-) diff --git a/flake.lock b/flake.lock index d8827222..2bb3bbc3 100644 --- a/flake.lock +++ b/flake.lock @@ -219,6 +219,26 @@ "type": "github" } }, + "hyprpaper": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1661277513, + "narHash": "sha256-MnSImhrvAwpGXC85u8juDgTImcrztJ2DEo8nRBhTMfY=", + "owner": "hyprwm", + "repo": "hyprpaper", + "rev": "0faf74054136bb4ffe7c13fefb18ab41dbf62959", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprpaper", + "type": "github" + } + }, "lowdown-src": { "flake": false, "locked": { @@ -349,11 +369,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1661414334, - "narHash": "sha256-9uL8a3v1L9FNCJIhhXZzNQJLS8dq1S0vd03cDrbc0Lw=", + "lastModified": 1661417153, + "narHash": "sha256-wASLYEuPIoInMow71HhPPtDGWllBL8pDlP7l3kg2XII=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "ed0a4bf92a7b00da1497d87846c068af92919f54", + "rev": "ef0026af97075a88449bfe5cdb762501ff57d233", "type": "github" }, "original": { @@ -414,6 +434,7 @@ "colmena": "colmena", "home-manager": "home-manager", "hyprland": "hyprland", + "hyprpaper": "hyprpaper", "minecraft-servers": "minecraft-servers", "nixpkgs": "nixpkgs_2", "serokell-nix": "serokell-nix", diff --git a/flake.nix b/flake.nix index 32e8b132..4c4dd704 100644 --- a/flake.nix +++ b/flake.nix @@ -20,16 +20,16 @@ minecraft-servers.url = "github:jyooru/nix-minecraft-servers"; minecraft-servers.inputs.nixpkgs.follows = "nixpkgs"; - home-manager = { - url = "github:nix-community/home-manager"; - inputs.nixpkgs.follows = "nixpkgs"; - }; + home-manager.url = "github:nix-community/home-manager"; + home-manager.inputs.nixpkgs.follows = "nixpkgs"; hyprland.url = "github:hyprwm/Hyprland"; + hyprpaper.url = "github:hyprwm/hyprpaper"; + hyprpaper.inputs.nixpkgs.follows = "nixpkgs"; }; outputs = - { self, nixpkgs, vault-secrets, serokell-nix, minecraft-servers, colmena, home-manager, ... }@inputs: + { self, nixpkgs, vault-secrets, serokell-nix, minecraft-servers, colmena, home-manager, hyprpaper, ... }@inputs: let inherit (nixpkgs) lib; inherit (builtins) filter mapAttrs attrValues concatLists; @@ -50,6 +50,7 @@ (import ./nixos/pkgs) vault-secrets.overlay minecraft-servers.overlays.default + hyprpaper.overlays.default ]; # Script to apply local colmena deployments @@ -73,7 +74,7 @@ meta = { inherit specialArgs; nixpkgs = pkgs; - }; + }; } nixHosts; diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 987ad989..38636f67 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -45,8 +45,6 @@ in inputs.hyprland.homeManagerModules.default ]; - programs.light.enable = true; - fonts = { fonts = with pkgs; [ material-design-icons diff --git a/nixos/hosts/thalassa/null/home.nix b/nixos/hosts/thalassa/null/home.nix index ec34c88d..455ea502 100644 --- a/nixos/hosts/thalassa/null/home.nix +++ b/nixos/hosts/thalassa/null/home.nix @@ -9,10 +9,6 @@ ./hyprland ]; - home.sessionVariables = { - MOZ_ENABLE_WAYLAND = 1; - }; - home.packages = with pkgs; [ discord rnix-lsp @@ -30,6 +26,7 @@ texlive.combined.scheme-full retroarchFull python3 + element-desktop-wayland ]; programs.alacritty = { diff --git a/nixos/hosts/thalassa/null/hyprland/default.nix b/nixos/hosts/thalassa/null/hyprland/default.nix index 6b9dcdcb..f03d483c 100644 --- a/nixos/hosts/thalassa/null/hyprland/default.nix +++ b/nixos/hosts/thalassa/null/hyprland/default.nix @@ -9,8 +9,11 @@ wf-recorder # Screenrecorder wl-clipboard # Clipboard manager networkmanager_dmenu + brightnessctl ]; + programs.mako.enable = true; + home.file.".config/networkmanager-dmenu/config.ini".text = '' [dmenu] dmenu_command = rofi -dmenu -i @@ -39,9 +42,17 @@ # gui_if_available = (Default: True) ''; + home.file.".config/hypr/hyprpaper.conf".text = '' + ipc = off + preload = ~/cloud/Pictures/Wallpapers-Laptop/wallpaper-nix.png + wallpaper = eDP-1,~/cloud/Pictures/Wallpapers-Laptop/wallpaper-nix.png + + ''; + wayland.windowManager.hyprland = { enable = true; extraConfig = '' + exec-once=${pkgs.hyprpaper}/bin/hyprpaper exec-once=eww daemon exec-once=eww open bar @@ -123,8 +134,8 @@ windowrule=rounding 3,title:^(\s*)$ windowrule=animation popin,title:^(\s*)$ - bind=,XF86MonBrightnessUp,exec,light -A 5 - bind=,XF86MonBrightnessDown,exec,light -U 5 + bind=,XF86MonBrightnessUp,exec,brightnessctl -q s +5% + bind=,XF86MonBrightnessDown,exec,brightnessctl -q s 5%- bind=,XF86MonRaiseVolume,exec,pamixer -i 5 bind=,XF86MonLowerVolume,exec,pamixer -d 5 bind=,XF86AudioMute,exec,pamixer -t -- 2.47.1 From 99bbbbeb1e8ae8ab8ac9350741eb630a934b9176 Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 27 Aug 2022 23:58:28 +0200 Subject: [PATCH 0392/1882] laptop, large refactor and some new stuff --- flake.lock | 36 +-- flake.nix | 2 +- nixos/hosts/thalassa/null/configuration.nix | 34 ++- nixos/hosts/thalassa/null/dconf.nix | 277 ------------------ nixos/hosts/thalassa/null/home.nix | 90 ------ nixos/hosts/thalassa/null/home/default.nix | 133 +++++++++ .../null/{hyprland => home}/eww/default.nix | 5 - .../null/{hyprland => home}/eww/eww.scss | 78 ++++- .../null/{hyprland => home}/eww/eww.yuck | 65 +++- .../{hyprland => home}/eww/scripts/volume.sh | 0 .../{hyprland => home}/eww/scripts/wifi.sh | 0 .../eww/scripts/workspaces.lua | 0 .../eww/scripts/workspaces.sh | 0 .../null/{ => home}/hyprland/default.nix | 48 +-- .../null/hyprland/eww/scripts/battery.sh | 31 -- 15 files changed, 307 insertions(+), 492 deletions(-) delete mode 100644 nixos/hosts/thalassa/null/dconf.nix delete mode 100644 nixos/hosts/thalassa/null/home.nix create mode 100644 nixos/hosts/thalassa/null/home/default.nix rename nixos/hosts/thalassa/null/{hyprland => home}/eww/default.nix (86%) rename nixos/hosts/thalassa/null/{hyprland => home}/eww/eww.scss (71%) rename nixos/hosts/thalassa/null/{hyprland => home}/eww/eww.yuck (66%) rename nixos/hosts/thalassa/null/{hyprland => home}/eww/scripts/volume.sh (100%) rename nixos/hosts/thalassa/null/{hyprland => home}/eww/scripts/wifi.sh (100%) rename nixos/hosts/thalassa/null/{hyprland => home}/eww/scripts/workspaces.lua (100%) rename nixos/hosts/thalassa/null/{hyprland => home}/eww/scripts/workspaces.sh (100%) rename nixos/hosts/thalassa/null/{ => home}/hyprland/default.nix (63%) delete mode 100755 nixos/hosts/thalassa/null/hyprland/eww/scripts/battery.sh diff --git a/flake.lock b/flake.lock index 2bb3bbc3..377c4048 100644 --- a/flake.lock +++ b/flake.lock @@ -187,11 +187,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1661371005, - "narHash": "sha256-PfWRIyJQhBtVhENqmVcI+C9kisctmzos+nrH+feGX3U=", + "lastModified": 1661573386, + "narHash": "sha256-pBEg8iY00Af/SAtU2dlmOAv+2x7kScaGlFRDjNoVJO8=", "owner": "nix-community", "repo": "home-manager", - "rev": "b382b59faf717c5b36f4cd8e1c5d96cdabd382c9", + "rev": "d89bdff445eadff03fe414e9c30486bc8166b72b", "type": "github" }, "original": { @@ -206,11 +206,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1661371527, - "narHash": "sha256-gOfHnXvncOW3+zTAMFFMgVqFOBcTaI4gdiKBd7gN7go=", + "lastModified": 1661598115, + "narHash": "sha256-KL3VtSjHMYaTQDQ4MAtw7VTRu4XlyGY79byEnwb8CZs=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "e92469121d37af387cb7fa507ae6ac6225cb9ebc", + "rev": "5d63152219514ecbe861cb70e9359adc0c5b2878", "type": "github" }, "original": { @@ -279,11 +279,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1661219530, - "narHash": "sha256-jLKEpwbkp3ryXho5RT5hjhLjBOZelGm6X5JWUUxuwsA=", + "lastModified": 1661565271, + "narHash": "sha256-GTa5fSSifG57cDaklJfVj4MpWl/1vqiSPu4My2wLkVc=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "e624f6c056d95df8d6335d12bed0fe3c5af05159", + "rev": "4724b9ab810125bc71dbbeca22237532cb61831b", "type": "github" }, "original": { @@ -369,16 +369,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1661417153, - "narHash": "sha256-wASLYEuPIoInMow71HhPPtDGWllBL8pDlP7l3kg2XII=", - "owner": "NULLx76", + "lastModified": 1661580117, + "narHash": "sha256-hMWvEFqwk2E9Rb3+3yi8qu9Wo2eXnJX8mENVspA++3c=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "ef0026af97075a88449bfe5cdb762501ff57d233", + "rev": "e500665539e3abae0494c4db5d10cccb84de47ba", "type": "github" }, "original": { - "owner": "NULLx76", - "ref": "0x76", + "owner": "NixOS", + "ref": "nixos-unstable-small", "repo": "nixpkgs", "type": "github" } @@ -453,11 +453,11 @@ ] }, "locked": { - "lastModified": 1657869996, - "narHash": "sha256-RWgKXjdAm+kpk45uKnJMcjNcxzmLyRbg5XAH7aLEruU=", + "lastModified": 1661430987, + "narHash": "sha256-kDCTfkOFP+cbS7DDf1WZNUuur/1PldfAygEZeDYiFNY=", "owner": "serokell", "repo": "serokell.nix", - "rev": "599cef82b41643f529a23e5be3955f567c979ec0", + "rev": "70ccee98be9fac4bf7064ef4d66adbfe09e5d277", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 4c4dd704..56c12fdc 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix inputs = { - nixpkgs.url = "github:NULLx76/nixpkgs/0x76"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small"; colmena.url = "github:zhaofengli/colmena"; colmena.inputs.nixpkgs.follows = "nixpkgs"; diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 38636f67..f7d5b9b7 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -40,7 +40,7 @@ in # home-manager home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; - home-manager.users.victor = import ./home.nix; + home-manager.users.victor = import ./home; home-manager.sharedModules = [ inputs.hyprland.homeManagerModules.default ]; @@ -52,16 +52,16 @@ in noto-fonts-cjk noto-fonts-emoji dejavu_fonts - (nerdfonts.override { fonts = [ "DejaVuSansMono" "Noto" "Ubuntu" "DroidSansMono" ]; }) + (nerdfonts.override { fonts = [ "DejaVuSansMono" "Ubuntu" "DroidSansMono" "NerdFontsSymbolsOnly" ]; }) ]; enableDefaultFonts = false; fontconfig = { defaultFonts = { - monospace = [ "DejaVuSansMono Nerd Font Mono" "Noto Color Emoji" ]; - sansSerif = [ "DejaVu Sans" "DejaVuSansMono Nerd Font Mono" "Noto Color Emoji" ]; - serif = [ "DejaVu Serif" "DejaVuSansMono Nerd Font Mono" "Noto Color Emoji" ]; + monospace = [ "DejaVuSansMono Nerd Font" "Noto Color Emoji" ]; + sansSerif = [ "DejaVu Sans" "DejaVuSansMono Nerd Font" "Noto Color Emoji" ]; + serif = [ "DejaVu Serif" "DejaVuSansMono Nerd Font" "Noto Color Emoji" ]; emoji = [ "Noto Color Emoji" ]; }; }; @@ -93,17 +93,23 @@ in i18n.defaultLocale = "en_GB.utf8"; i18n.extraLocaleSettings = { - LC_ADDRESS = "en_DK.utf8"; - LC_IDENTIFICATION = "en_DK.utf8"; - LC_MEASUREMENT = "en_DK.utf8"; - LC_MONETARY = "en_DK.utf8"; - LC_NAME = "en_DK.utf8"; - LC_NUMERIC = "en_DK.utf8"; - LC_PAPER = "en_DK.utf8"; - LC_TELEPHONE = "en_DK.utf8"; - LC_TIME = "en_DK.utf8"; + LC_ADDRESS = "nl_NL.UTF-8"; + LC_IDENTIFICATION = "nl_NL.UTF-8"; + LC_MEASUREMENT = "nl_NL.UTF-8"; + LC_MONETARY = "nl_NL.UTF-8"; + LC_NAME = "nl_NL.UTF-8"; + LC_NUMERIC = "nl_NL.UTF-8"; + LC_PAPER = "nl_NL.UTF-8"; + LC_TELEPHONE = "nl_NL.UTF-8"; + LC_TIME = "en_DK.UTF-8"; }; + i18n.supportedLocales = [ + "en_GB.UTF-8/UTF-8" + "nl_NL.UTF-8/UTF-8" + "en_DK.UTF-8/UTF-8" + ]; + xdg = { portal = { enable = true; diff --git a/nixos/hosts/thalassa/null/dconf.nix b/nixos/hosts/thalassa/null/dconf.nix deleted file mode 100644 index c26c7b39..00000000 --- a/nixos/hosts/thalassa/null/dconf.nix +++ /dev/null @@ -1,277 +0,0 @@ -# Generated via dconf2nix: https://github.com/gvolpe/dconf2nix -{ lib, ... }: - -with lib.hm.gvariant; - -{ - dconf.settings = { - "apps/seahorse/listing" = { - keyrings-selected = [ "secret-service:///org/freedesktop/secrets/collection/login" ]; - }; - - "apps/seahorse/windows/key-manager" = { - height = 476; - width = 600; - }; - - "ca/desrt/dconf-editor" = { - saved-pathbar-path = "/org/gnome/settings-daemon/plugins/media-keys/custom0/binding"; - saved-view = "/org/gnome/settings-daemon/plugins/media-keys/custom0/binding"; - window-height = 500; - window-is-maximized = false; - window-width = 540; - }; - - "com/uploadedlobster/peek" = { - persist-window-geometry = mkTuple [ 953 214 ]; - recording-output-format = "webm"; - recording-start-delay = 1; - }; - - "es/atareao/wireguard-indicator" = { - darktheme = false; - nmcli = true; - services = [ "service1|wg-quick@wg0.service" "service2|wg-quick@wg1.service" ]; - sudo = false; - }; - - "org/gnome/Totem" = { - active-plugins = [ "vimeo" "variable-rate" "skipto" "screenshot" "screensaver" "save-file" "rotation" "recent" "movie-properties" "open-directory" "mpris" "autoload-subtitles" "apple-trailers" ]; - subtitle-encoding = "UTF-8"; - }; - - "org/gnome/calendar" = { - active-view = "month"; - window-maximized = true; - window-size = mkTuple [ 768 600 ]; - }; - - "org/gnome/control-center" = { - last-panel = "keyboard"; - window-state = mkTuple [ 980 640 ]; - }; - - "org/gnome/desktop/app-folders" = { - folder-children = [ "Utilities" "YaST" ]; - }; - - "org/gnome/desktop/app-folders/folders/Utilities" = { - apps = [ "gnome-abrt.desktop" "gnome-system-log.desktop" "nm-connection-editor.desktop" "org.gnome.baobab.desktop" "org.gnome.Connections.desktop" "org.gnome.DejaDup.desktop" "org.gnome.Dictionary.desktop" "org.gnome.DiskUtility.desktop" "org.gnome.eog.desktop" "org.gnome.Evince.desktop" "org.gnome.FileRoller.desktop" "org.gnome.fonts.desktop" "org.gnome.seahorse.Application.desktop" "org.gnome.tweaks.desktop" "org.gnome.Usage.desktop" "vinagre.desktop" ]; - categories = [ "X-GNOME-Utilities" ]; - name = "X-GNOME-Utilities.directory"; - translate = true; - }; - - "org/gnome/desktop/app-folders/folders/YaST" = { - categories = [ "X-SuSE-YaST" ]; - name = "suse-yast.directory"; - translate = true; - }; - - "org/gnome/desktop/input-sources" = { - sources = [ (mkTuple [ "xkb" "us+altgr-intl" ]) ]; - xkb-options = [ "terminate:ctrl_alt_bksp" "caps:swapescape" ]; - }; - - "org/gnome/desktop/interface" = { - color-scheme = "default"; - font-antialiasing = "grayscale"; - font-hinting = "slight"; - gtk-theme = "Arc-Darker"; - show-battery-percentage = true; - }; - - "org/gnome/desktop/notifications" = { - application-children = [ "gnome-power-panel" "code" "org-gnome-console" "codium" "discord" "org-gnome-totem" "com-uploadedlobster-peek" ]; - }; - - "org/gnome/desktop/notifications/application/code" = { - application-id = "code.desktop"; - }; - - "org/gnome/desktop/notifications/application/codium" = { - application-id = "codium.desktop"; - }; - - "org/gnome/desktop/notifications/application/com-uploadedlobster-peek" = { - application-id = "com.uploadedlobster.peek.desktop"; - }; - - "org/gnome/desktop/notifications/application/discord" = { - application-id = "discord.desktop"; - }; - - "org/gnome/desktop/notifications/application/gnome-power-panel" = { - application-id = "gnome-power-panel.desktop"; - }; - - "org/gnome/desktop/notifications/application/org-gnome-console" = { - application-id = "org.gnome.Console.desktop"; - }; - - "org/gnome/desktop/notifications/application/org-gnome-totem" = { - application-id = "org.gnome.Totem.desktop"; - }; - - "org/gnome/desktop/peripherals/touchpad" = { - tap-to-click = true; - two-finger-scrolling-enabled = true; - }; - - "org/gnome/desktop/search-providers" = { - sort-order = [ "org.gnome.Contacts.desktop" "org.gnome.Documents.desktop" "org.gnome.Nautilus.desktop" ]; - }; - - "org/gnome/desktop/session" = { - idle-delay = mkUint32 300; - }; - - "org/gnome/desktop/sound" = { - event-sounds = true; - theme-name = "__custom"; - }; - - "org/gnome/desktop/wm/keybindings" = { - move-to-workspace-1 = [ "exclam" ]; - move-to-workspace-2 = [ "at" ]; - move-to-workspace-3 = [ "numbersign" ]; - move-to-workspace-4 = [ "dollar" ]; - switch-to-workspace-1 = [ "1" ]; - switch-to-workspace-2 = [ "2" ]; - switch-to-workspace-3 = [ "3" ]; - switch-to-workspace-4 = [ "4" ]; - switch-to-workspace-5 = [ "5" ]; - switch-to-workspace-6 = [ "6" ]; - switch-to-workspace-7 = [ "7" ]; - switch-to-workspace-8 = [ "8" ]; - switch-to-workspace-9 = [ "9" ]; - }; - - "org/gnome/desktop/wm/preferences" = { - focus-mode = "sloppy"; - num-workspaces = 6; - }; - - "org/gnome/epiphany" = { - ask-for-default = false; - }; - - "org/gnome/epiphany/state" = { - is-maximized = false; - window-position = mkTuple [ (-1) (-1) ]; - window-size = mkTuple [ 1024 768 ]; - }; - - "org/gnome/evolution-data-server" = { - migrated = true; - network-monitor-gio-name = ""; - }; - - "org/gnome/file-roller/dialogs/extract" = { - recreate-folders = true; - skip-newer = false; - }; - - "org/gnome/file-roller/listing" = { - list-mode = "as-folder"; - name-column-width = 250; - show-path = false; - sort-method = "name"; - sort-type = "ascending"; - }; - - "org/gnome/file-roller/ui" = { - sidebar-width = 200; - window-height = 480; - window-width = 600; - }; - - "org/gnome/mutter" = { - attach-modal-dialogs = true; - dynamic-workspaces = false; - edge-tiling = true; - focus-change-on-pointer-rest = true; - workspaces-only-on-primary = false; - }; - - "org/gnome/nautilus/preferences" = { - default-folder-viewer = "icon-view"; - search-filter-time-type = "last_modified"; - }; - - "org/gnome/nautilus/window-state" = { - initial-size = mkTuple [ 890 550 ]; - maximized = false; - }; - - "org/gnome/nm-applet/eap/97297cfa-75d0-4653-84a7-67940e6e828a" = { - ignore-ca-cert = true; - ignore-phase2-ca-cert = false; - }; - - "org/gnome/settings-daemon/plugins/media-keys" = { - custom-keybindings = [ "/org/gnome/settings-daemon/plugins/media-keys/custom0/" ]; - }; - - "org/gnome/settings-daemon/plugins/media-keys/custom0" = { - binding = "Return"; - command = "kgx"; - name = "Open Terminal"; - }; - - "org/gnome/settings-daemon/plugins/power" = { - power-button-action = "suspend"; - }; - - "org/gnome/shell" = { - disabled-extensions = [ "window-list@gnome-shell-extensions.gcampax.github.com" ]; - enabled-extensions = [ "wireguard-indicator@atareao.es" "appindicatorsupport@rgcjonas.gmail.com" ]; - favorite-apps = [ "firefox.desktop" "org.gnome.Nautilus.desktop" "org.gnome.Console.desktop" ]; - had-bluetooth-devices-setup = true; - welcome-dialog-last-shown-version = "42.4"; - }; - - "org/gnome/shell/app-switcher" = { - current-workspace-only = true; - }; - - "org/gnome/shell/keybindings" = { - switch-to-application-1 = []; - switch-to-application-2 = []; - switch-to-application-3 = []; - switch-to-application-4 = []; - }; - - "org/gnome/shell/world-clocks" = { - locations = "@av []"; - }; - - "org/gnome/tweaks" = { - show-extensions-notice = false; - }; - - "org/gtk/settings/file-chooser" = { - date-format = "regular"; - location-mode = "path-bar"; - show-hidden = false; - show-size-column = true; - show-type-column = true; - sidebar-width = 157; - sort-column = "name"; - sort-directories-first = false; - sort-order = "ascending"; - type-format = "category"; - window-position = mkTuple [ 0 32 ]; - window-size = mkTuple [ 1203 902 ]; - }; - - "system/locale" = { - region = "en_DK.UTF-8"; - }; - - "system/proxy" = { - mode = "none"; - }; - - }; -} diff --git a/nixos/hosts/thalassa/null/home.nix b/nixos/hosts/thalassa/null/home.nix deleted file mode 100644 index 455ea502..00000000 --- a/nixos/hosts/thalassa/null/home.nix +++ /dev/null @@ -1,90 +0,0 @@ -{ config, pkgs, lib, ... }: { - programs.home-manager.enable = true; - home.username = "victor"; - home.homeDirectory = "/home/victor"; - home.stateVersion = "22.05"; - - imports = [ - ./dconf.nix - ./hyprland - ]; - - home.packages = with pkgs; [ - discord - rnix-lsp - fusee-launcher - neofetch - fluxcd - k9s - kubectl - nixpkgs-review - ripgrep - rsync - rustup - rust-analyzer - steam-run - texlive.combined.scheme-full - retroarchFull - python3 - element-desktop-wayland - ]; - - programs.alacritty = { - enable = true; - }; - - programs.rofi = { - enable = true; - package = pkgs.rofi-wayland; - }; - - programs.git = { - enable = true; - package = pkgs.gitAndTools.gitFull; - userName = "Victor"; - userEmail = "victor@xirion.net"; - }; - - programs.tmux = { - enable = true; - shortcut = "b"; - terminal = "screen-256color"; - clock24 = true; - }; - - programs.firefox = { - enable = true; - package = pkgs.firefox-devedition-bin; - }; - - programs.vscode = { - enable = true; - package = pkgs.vscode; - extensions = with pkgs.vscode-extensions; [ - matklad.rust-analyzer - mkhl.direnv - jnoortheen.nix-ide - james-yu.latex-workshop - valentjn.vscode-ltex - ]; - }; - - programs.direnv = { - enable = true; - nix-direnv = { - enable = true; - }; - }; - - programs.zsh.enable = true; - - gtk = { - enable = true; - theme = { - name = "Arc-Darker"; - package = pkgs.arc-theme; - }; - }; - - services.syncthing.enable = true; -} diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix new file mode 100644 index 00000000..39fc6872 --- /dev/null +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -0,0 +1,133 @@ +{ config, pkgs, lib, fetchFromGithub, ... }: +let + rofi = fetchTarball { + url = "https://github.com/adi1090x/rofi/archive/refs/heads/master.zip"; + sha256 = "0wq8v758gnk1wjdqyqmda5rlxlpv33l3sdf3rb3nx834vc5hr1rn"; + }; +in +{ + programs.home-manager.enable = true; + home.username = "victor"; + home.homeDirectory = "/home/victor"; + home.stateVersion = "22.05"; + + imports = [ + ./hyprland + ./eww + ]; + + home.packages = with pkgs; [ + discord + rnix-lsp + fusee-launcher + neofetch + fluxcd + k9s + kubectl + nixpkgs-review + ripgrep + rsync + rustup + rust-analyzer + steam-run + texlive.combined.scheme-full + retroarchFull + python3 + element-desktop-wayland + + gnome.gnome-font-viewer + + wofi # Wayland rofi + grim # Screenshot tool + wf-recorder # Screenrecorder + wl-clipboard # Clipboard manager + networkmanager_dmenu + brightnessctl + ]; + + programs.alacritty = { + enable = true; + }; + + programs.git = { + enable = true; + package = pkgs.gitAndTools.gitFull; + userName = "Victor"; + userEmail = "victor@xirion.net"; + }; + + programs.tmux = { + enable = true; + shortcut = "b"; + terminal = "screen-256color"; + clock24 = true; + }; + + programs.firefox = { + enable = true; + package = pkgs.firefox-devedition-bin; + }; + + programs.vscode = { + enable = true; + package = pkgs.vscode; + extensions = with pkgs.vscode-extensions; [ + matklad.rust-analyzer + mkhl.direnv + jnoortheen.nix-ide + james-yu.latex-workshop + valentjn.vscode-ltex + ]; + }; + + programs.direnv = { + enable = true; + nix-direnv = { + enable = true; + }; + }; + + programs.zsh.enable = true; + + gtk = { + enable = true; + theme = { + name = "Catppuccin-Purple-Dark"; + package = pkgs.catppuccin-gtk; + }; + iconTheme = { + name = "Arc"; + package = pkgs.arc-icon-theme; + }; + }; + + services.syncthing.enable = true; + + home.file.".config/networkmanager-dmenu/config.ini".text = '' + [dmenu] + dmenu_command = wofi --dmenu -i + # # Note that dmenu_command can contain arguments as well like: + # # `dmenu_command = rofi -dmenu -i -theme nmdm` + # # `dmenu_command = rofi -dmenu -width 30 -i` + # # `dmenu_command = dmenu -i -l 25 -b -nb #909090 -nf #303030` + # (Default: False) use rofi highlighting instead of '==' + rofi_highlight = true + # compact = # (Default: False). Remove extra spacing from display + # pinentry = # (Default: None) e.g. `pinentry-gtk` + # wifi_chars = + wifi_chars = ▂▄▆█ + # list_saved = # (Default: False) list saved connections + + [dmenu_passphrase] + # # Uses the -password flag for Rofi, -x for bemenu. For dmenu, sets -nb and + # # -nf to the same color or uses -P if the dmenu password patch is applied + # # https://tools.suckless.org/dmenu/patches/password/ + # obscure = True + # obscure_color = #222222 + + [editor] + # terminal = + terminal = alacritty + # gui_if_available = (Default: True) + ''; +} diff --git a/nixos/hosts/thalassa/null/hyprland/eww/default.nix b/nixos/hosts/thalassa/null/home/eww/default.nix similarity index 86% rename from nixos/hosts/thalassa/null/hyprland/eww/default.nix rename to nixos/hosts/thalassa/null/home/eww/default.nix index 7a53d25a..da3b738b 100644 --- a/nixos/hosts/thalassa/null/hyprland/eww/default.nix +++ b/nixos/hosts/thalassa/null/home/eww/default.nix @@ -10,11 +10,6 @@ home.file.".config/eww/eww.scss".source = ./eww.scss; # scripts - home.file.".config/eww/scripts/battery.sh" = { - source = ./scripts/battery.sh; - executable = true; - }; - home.file.".config/eww/scripts/volume.sh" = { source = ./scripts/volume.sh; executable = true; diff --git a/nixos/hosts/thalassa/null/hyprland/eww/eww.scss b/nixos/hosts/thalassa/null/home/eww/eww.scss similarity index 71% rename from nixos/hosts/thalassa/null/hyprland/eww/eww.scss rename to nixos/hosts/thalassa/null/home/eww/eww.scss index ccc93cc8..8a3decee 100644 --- a/nixos/hosts/thalassa/null/hyprland/eww/eww.scss +++ b/nixos/hosts/thalassa/null/home/eww/eww.scss @@ -23,7 +23,6 @@ $light-gray: #9699b7; font-size: 1.4rem; } - button { transition: background-color 200ms, color 200ms; } @@ -124,6 +123,7 @@ button { color: $text; padding: 10px; font-size: 55px; + border-radius: 5px; transition: all 200ms cubic-bezier(.1, -0.00, .0, 1.49); @@ -175,4 +175,78 @@ button { background-color: $surface1; } } -} \ No newline at end of file +} + +// battery menu +.batterywindow { + background-color: $mantle; + border-radius: 5px; + font-size: 18px; + font-weight: normal; + color: $text; + + progressbar { + border-radius: 5px; + } + + progressbar progress { + background-color: $green; + } + + progressbar trough { + background-color: $base; + } + + .batterymenu { + padding: 10px; + } + +} + +// Calendar +.cal { + background-color: $mantle; + border-radius: 5px; + font-size: 18px; + font-weight: normal; + + .cal-in { + padding: 0px 10px 0px 10px; + color: $text; + + .cal { + &.highlight { + padding: 20px; + } + + padding: 5px 5px 5px 5px; + margin-left: 10px; + } + } +} + +calender { + color: $text; +} + +calendar:selected { + color: $mauve; +} + +calendar.header { + color: $overlay0; + font-weight: bold; +} + +calendar.button { + color: $base; +} + +calendar.highlight { + color: $overlay0; + font-weight: bold; +} + +calendar:indeterminate { + color: $text; +} diff --git a/nixos/hosts/thalassa/null/hyprland/eww/eww.yuck b/nixos/hosts/thalassa/null/home/eww/eww.yuck similarity index 66% rename from nixos/hosts/thalassa/null/hyprland/eww/eww.yuck rename to nixos/hosts/thalassa/null/home/eww/eww.yuck index 2f3d495c..67676012 100644 --- a/nixos/hosts/thalassa/null/hyprland/eww/eww.yuck +++ b/nixos/hosts/thalassa/null/home/eww/eww.yuck @@ -34,17 +34,44 @@ ) ;; ━━━ BATTERY ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ -(defvar battery "{}") -(defpoll battery :interval "60s" "./scripts/battery.sh") - (defwidget battery [] - (label :text {battery.icon} + (eventbox :onclick "eww open batterywindow --toggle" + (label :text `${ + EWW_BATTERY.BAT0.status == "Charging" ? "" : + EWW_BATTERY.BAT0.capacity < 10 ? "" : + EWW_BATTERY.BAT0.capacity < 20 ? "" : + EWW_BATTERY.BAT0.capacity < 30 ? "" : + EWW_BATTERY.BAT0.capacity < 40 ? "" : + EWW_BATTERY.BAT0.capacity < 50 ? "" : + EWW_BATTERY.BAT0.capacity < 60 ? "" : + EWW_BATTERY.BAT0.capacity < 70 ? "" : + EWW_BATTERY.BAT0.capacity < 80 ? "" : + EWW_BATTERY.BAT0.capacity < 90 ? "" : "" + }` :limit-width 10 - :tooltip "${battery.status}: ${battery.percent}" + :tooltip "${EWW_BATTERY.BAT0.status}: ${EWW_BATTERY.BAT0.capacity}%" :class "battery" + )) +) + +(defwidget batterymenu [] + (box :orientation "v" + :class "batterymenu" + (label :text "${EWW_BATTERY.BAT0.status}: ${EWW_BATTERY.BAT0.capacity}%") + (progress :value "${EWW_BATTERY.BAT0.capacity}" :orientation "h") ; TODO: change class (and color) on low juice ) ) +(defwindow batterywindow + :monitor 0 + :geometry (geometry + :x "53px" + :y "30px" + :anchor "bottom left" + ) + (batterymenu) +) + ;; ━━━ VOLUME ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ (defvar volume "{}") (defpoll volume :interval "1s" "./scripts/volume.sh") @@ -66,16 +93,36 @@ (defwidget time [] (eventbox :cursor "hand" :hexpand false :vexpand false :tooltip "${dateVar}" + :onclick "eww open calendar --toggle &" (box :orientation "v" :hexpand false :vexpand false :space-evenly false :class "clock" - (button :class "date" - :onclick "" "${hour}") + (label :class "date" :text "${hour}") - (button :class "date" - :onclick "" "${minute}") + (label :class "date" :text "${minute}") ) ) ) +;; Calendar +(defpoll calendar_day :interval "20h" "date '+%d'") +(defpoll calendar_year :interval "20h" "date '+%Y'") +(defwidget cal [] + (box :class "cal" :orientation "v" + (box :class "cal-in" + (calendar :class "cal" + :day calendar_day + :year calendar_year)))) + +(defwindow calendar + :monitor 0 + :geometry (geometry :x "53px" + :y "5px" + :anchor "bottom left" + :width "270px" + :height "60px") + (cal)) + +;; powermenu + (defwidget powerbutton [] (eventbox :cursor "hand" (button :class "reg-btn powerbutton" diff --git a/nixos/hosts/thalassa/null/hyprland/eww/scripts/volume.sh b/nixos/hosts/thalassa/null/home/eww/scripts/volume.sh similarity index 100% rename from nixos/hosts/thalassa/null/hyprland/eww/scripts/volume.sh rename to nixos/hosts/thalassa/null/home/eww/scripts/volume.sh diff --git a/nixos/hosts/thalassa/null/hyprland/eww/scripts/wifi.sh b/nixos/hosts/thalassa/null/home/eww/scripts/wifi.sh similarity index 100% rename from nixos/hosts/thalassa/null/hyprland/eww/scripts/wifi.sh rename to nixos/hosts/thalassa/null/home/eww/scripts/wifi.sh diff --git a/nixos/hosts/thalassa/null/hyprland/eww/scripts/workspaces.lua b/nixos/hosts/thalassa/null/home/eww/scripts/workspaces.lua similarity index 100% rename from nixos/hosts/thalassa/null/hyprland/eww/scripts/workspaces.lua rename to nixos/hosts/thalassa/null/home/eww/scripts/workspaces.lua diff --git a/nixos/hosts/thalassa/null/hyprland/eww/scripts/workspaces.sh b/nixos/hosts/thalassa/null/home/eww/scripts/workspaces.sh similarity index 100% rename from nixos/hosts/thalassa/null/hyprland/eww/scripts/workspaces.sh rename to nixos/hosts/thalassa/null/home/eww/scripts/workspaces.sh diff --git a/nixos/hosts/thalassa/null/hyprland/default.nix b/nixos/hosts/thalassa/null/home/hyprland/default.nix similarity index 63% rename from nixos/hosts/thalassa/null/hyprland/default.nix rename to nixos/hosts/thalassa/null/home/hyprland/default.nix index f03d483c..3576afd2 100644 --- a/nixos/hosts/thalassa/null/hyprland/default.nix +++ b/nixos/hosts/thalassa/null/home/hyprland/default.nix @@ -1,52 +1,8 @@ { pkgs, ... }: { - imports = [ - ./eww - ]; - - home.packages = with pkgs; [ - wofi # Wayland rofi - grim # Screenshot tool - wf-recorder # Screenrecorder - wl-clipboard # Clipboard manager - networkmanager_dmenu - brightnessctl - ]; - - programs.mako.enable = true; - - home.file.".config/networkmanager-dmenu/config.ini".text = '' - [dmenu] - dmenu_command = rofi -dmenu -i - # # Note that dmenu_command can contain arguments as well like: - # # `dmenu_command = rofi -dmenu -i -theme nmdm` - # # `dmenu_command = rofi -dmenu -width 30 -i` - # # `dmenu_command = dmenu -i -l 25 -b -nb #909090 -nf #303030` - # (Default: False) use rofi highlighting instead of '==' - rofi_highlight = true - # compact = # (Default: False). Remove extra spacing from display - # pinentry = # (Default: None) e.g. `pinentry-gtk` - # wifi_chars = - wifi_chars = ▂▄▆█ - # list_saved = # (Default: False) list saved connections - - [dmenu_passphrase] - # # Uses the -password flag for Rofi, -x for bemenu. For dmenu, sets -nb and - # # -nf to the same color or uses -P if the dmenu password patch is applied - # # https://tools.suckless.org/dmenu/patches/password/ - # obscure = True - # obscure_color = #222222 - - [editor] - # terminal = - terminal = alacritty - # gui_if_available = (Default: True) - ''; - home.file.".config/hypr/hyprpaper.conf".text = '' ipc = off preload = ~/cloud/Pictures/Wallpapers-Laptop/wallpaper-nix.png wallpaper = eDP-1,~/cloud/Pictures/Wallpapers-Laptop/wallpaper-nix.png - ''; wayland.windowManager.hyprland = { @@ -77,6 +33,8 @@ misc { no_vfr = false + disable_hyprland_logo = true + disable_splash_rendering = true } dwindle { @@ -85,7 +43,7 @@ bind=SUPER,RETURN,exec,alacritty bind=SUPER,f,exec,firefox-devedition - bind=SUPER,d,exec,rofi -show run + bind=SUPER,d,exec,wofi --show run,drun bind=,Print,exec,grim -g "$(slurp)" - | wl-copy -t image/png bind=SUPER,W,killactive, diff --git a/nixos/hosts/thalassa/null/hyprland/eww/scripts/battery.sh b/nixos/hosts/thalassa/null/hyprland/eww/scripts/battery.sh deleted file mode 100755 index e7d46a10..00000000 --- a/nixos/hosts/thalassa/null/hyprland/eww/scripts/battery.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/usr/bin/env bash - -bat=/sys/class/power_supply/BAT0 -per="$(cat "$bat/capacity")" -status="$(cat "$bat/status")" - -if [ "$per" -gt "90" ]; then - icon="" -elif [ "$per" -gt "80" ]; then - icon="" -elif [ "$per" -gt "70" ]; then - icon="" -elif [ "$per" -gt "60" ]; then - icon="" -elif [ "$per" -gt "50" ]; then - icon="" -elif [ "$per" -gt "40" ]; then - icon="" -elif [ "$per" -gt "30" ]; then - icon="" -elif [ "$per" -gt "20" ]; then - icon="" -elif [ "$per" -gt "10" ]; then - icon="" -elif [ "$per" -gt "0" ]; then - icon="" -else - icon="" -fi - -echo "{\"percent\": \"$per\", \"icon\": \"$icon\", \"charging\": \"$charging\", \"visible\": \"true\", \"status\": \"$status\"}" -- 2.47.1 From 4e22cce60e222f0142b0c8a35fef8ffbb4d6deb8 Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 28 Aug 2022 23:47:34 +0200 Subject: [PATCH 0393/1882] laptop: bink --- flake.lock | 24 ++-- nixos/hosts/thalassa/null/home/default.nix | 2 +- nixos/hosts/thalassa/null/home/eww/eww.scss | 151 +++++--------------- nixos/hosts/thalassa/null/home/eww/eww.yuck | 77 ++-------- 4 files changed, 66 insertions(+), 188 deletions(-) diff --git a/flake.lock b/flake.lock index 377c4048..0a6686da 100644 --- a/flake.lock +++ b/flake.lock @@ -11,11 +11,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1660758990, - "narHash": "sha256-1vmRcG7JAR3KMVpn2z5LQYoAQlY6cWUYSIP77gfpHbo=", + "lastModified": 1661669123, + "narHash": "sha256-nXslD8Sbs6G9/MN7HOr+YrBCCmUdS/MpEuxJGlWeSgM=", "owner": "zhaofengli", "repo": "colmena", - "rev": "3fbc5eeb11e6b9abf66e38ab32d85a2edf9f76e1", + "rev": "e7356e2c5cbc19be6e04d284c943b24bbde81a9b", "type": "github" }, "original": { @@ -206,11 +206,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1661598115, - "narHash": "sha256-KL3VtSjHMYaTQDQ4MAtw7VTRu4XlyGY79byEnwb8CZs=", + "lastModified": 1661698908, + "narHash": "sha256-CkdZIP11mxahqOuADBkuKFP/dokMn6mj2ZyiicJ2utU=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "5d63152219514ecbe861cb70e9359adc0c5b2878", + "rev": "c757fa54e10bd0f486c70e32ecca366247281824", "type": "github" }, "original": { @@ -279,11 +279,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1661565271, - "narHash": "sha256-GTa5fSSifG57cDaklJfVj4MpWl/1vqiSPu4My2wLkVc=", + "lastModified": 1661652237, + "narHash": "sha256-HYZazJYnrSvgTN26lSI5JC8iTxTeGb+MrbSDb+k6b6I=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "4724b9ab810125bc71dbbeca22237532cb61831b", + "rev": "3982e2afdb23f980e07a473472bf333178a87a5c", "type": "github" }, "original": { @@ -369,11 +369,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1661580117, - "narHash": "sha256-hMWvEFqwk2E9Rb3+3yi8qu9Wo2eXnJX8mENVspA++3c=", + "lastModified": 1661663669, + "narHash": "sha256-TsVDHYX9boTJPsgzGrQLZN5hv5V96pUVL5RgK5yLKPY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e500665539e3abae0494c4db5d10cccb84de47ba", + "rev": "6cae4be2a768154ae9815d8238f00b03a89ea21f", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 39fc6872..27303bc3 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -92,7 +92,7 @@ in gtk = { enable = true; theme = { - name = "Catppuccin-Purple-Dark"; + name = "Catppuccin-Pink-Dark"; package = pkgs.catppuccin-gtk; }; iconTheme = { diff --git a/nixos/hosts/thalassa/null/home/eww/eww.scss b/nixos/hosts/thalassa/null/home/eww/eww.scss index 8a3decee..b3cb3fda 100644 --- a/nixos/hosts/thalassa/null/home/eww/eww.scss +++ b/nixos/hosts/thalassa/null/home/eww/eww.scss @@ -1,23 +1,42 @@ -$base: #44465c; -$blue: #3fc6de; -$surface0: #44465c; -$surface1: #44465c; -$text: #d9e0ee; -$overlay0: #6e738d; -$red: #ec6a88; -$peach: #efb993; -$yellow: #efb993; -$mauve: #b072d1; -$green: #3fdaa4; -$mantle: #292a37; -$crust: #2e303e; $light-gray: #9699b7; +$rosewater: #f2d5cf; +$flamingo: #eebebe; +$pink: #f4b8e4; +$mauve: #ca9ee6; +$red: #e78284; +$maroon: #ea999c; +$peach: #ef9f76; +$yellow: #e5c890; +$green: #a6d189; +$teal: #81c8be; +$sky: #99d1db; +$sapphire: #85c1dc; +$blue: #8caaee; +$lavender: #babbf1; +$text: #c6d0f5; +$subtext1: #b5bfe2; +$subtext0: #a5adce; +$overlay2: #949cbb; +$overlay1: #838ba7; +$overlay0: #737994; +$surface2: #626880; +$surface1: #51576d; +$surface0: #414559; +$base: #303446; +$mantle: #292c3c; +$crust: #232634; + * { all: unset; //Unsets everything so you can style everything from scratch font-family: "JetBrainsMono" } +tooltip { + background-color: $base; + border-radius: 5px +} + .icon { font-family: monospace; font-size: 1.4rem; @@ -28,7 +47,7 @@ button { } .active { - color: $green; + color: $pink; font-size: 1.4rem; } @@ -48,7 +67,7 @@ button { .wifi { font-size: 2rem; - color: $blue; + color: $mauve; } .clock { @@ -63,6 +82,7 @@ button { .date { font-size: 1.5rem; + color: $text; } .reg-btn { @@ -71,110 +91,15 @@ button { border-radius: 10px; } -.powerbutton { - color: $red; -} - -.powerbutton:hover { - background-color: $base; -} - -.powerbutton:active { - background-color: $red; - color: $mantle; -} .battery { font-size: 1.5rem; - color: $green; + color: $teal; } .volume { font-size: 1.5rem; - color: $blue; -} - -// Credits AlphaTechnolog -.powermenu-box { - padding: 0 2px; - margin: 7px 7px 7px 0px; - background: inherit; - - .dispatcher { - border-radius: 15px; - background: $base; - color: $red; - font-size: 14px; - padding: 0 14px 0 10px; - - &:hover { - background-color: $surface0; - } - - &:active { - background-color: $surface1; - } - } -} - -// powermenu -.powermenu-container { - background: $crust; - color: $text; - padding: 10px; - font-size: 55px; - border-radius: 5px; - - transition: all 200ms cubic-bezier(.1, -0.00, .0, 1.49); - - .btn { - margin: 1rem; - } - - // shutdown - .shutdown-btn-box .btn { - color: $red; - border-radius: 15px; - background-color: $mantle; - - &:hover { - background-color: $base; - } - - &:active { - background-color: $surface1; - } - } - - // reboot - .reboot-btn-box .btn { - color: $mauve; - border-radius: 15px; - background-color: $mantle; - - &:hover { - background-color: $base; - } - - &:active { - background-color: $surface1; - } - } - - // exit - .exit-btn-box .btn { - color: $yellow; - border-radius: 15px; - background-color: $mantle; - - &:hover { - background-color: $base; - } - - &:active { - background-color: $surface1; - } - } + color: $mauve; } // battery menu @@ -249,4 +174,4 @@ calendar.highlight { calendar:indeterminate { color: $text; -} +} \ No newline at end of file diff --git a/nixos/hosts/thalassa/null/home/eww/eww.yuck b/nixos/hosts/thalassa/null/home/eww/eww.yuck index 67676012..fbf04d3d 100644 --- a/nixos/hosts/thalassa/null/home/eww/eww.yuck +++ b/nixos/hosts/thalassa/null/home/eww/eww.yuck @@ -1,7 +1,6 @@ (defwidget bar [] (centerbox :orientation "v" :hexpand false (box :valign "start" :hexpand false :vexpand true :orientation "v" :space-evenly false - (powerbutton) ) (workspaces :halign "center" :vexpand true :hexpand false :orientation "v") @@ -36,22 +35,21 @@ ;; ━━━ BATTERY ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ (defwidget battery [] (eventbox :onclick "eww open batterywindow --toggle" - (label :text `${ - EWW_BATTERY.BAT0.status == "Charging" ? "" : - EWW_BATTERY.BAT0.capacity < 10 ? "" : - EWW_BATTERY.BAT0.capacity < 20 ? "" : - EWW_BATTERY.BAT0.capacity < 30 ? "" : - EWW_BATTERY.BAT0.capacity < 40 ? "" : - EWW_BATTERY.BAT0.capacity < 50 ? "" : - EWW_BATTERY.BAT0.capacity < 60 ? "" : - EWW_BATTERY.BAT0.capacity < 70 ? "" : - EWW_BATTERY.BAT0.capacity < 80 ? "" : - EWW_BATTERY.BAT0.capacity < 90 ? "" : "" - }` - :limit-width 10 - :tooltip "${EWW_BATTERY.BAT0.status}: ${EWW_BATTERY.BAT0.capacity}%" - :class "battery" - )) + (label :text `${ + EWW_BATTERY.BAT0.status == "Charging" ? "" : + EWW_BATTERY.BAT0.capacity < 10 ? "" : + EWW_BATTERY.BAT0.capacity < 20 ? "" : + EWW_BATTERY.BAT0.capacity < 30 ? "" : + EWW_BATTERY.BAT0.capacity < 40 ? "" : + EWW_BATTERY.BAT0.capacity < 50 ? "" : + EWW_BATTERY.BAT0.capacity < 60 ? "" : + EWW_BATTERY.BAT0.capacity < 70 ? "" : + EWW_BATTERY.BAT0.capacity < 80 ? "" : + EWW_BATTERY.BAT0.capacity < 90 ? "" : "" + }` + :limit-width 10 + :class "battery" + )) ) (defwidget batterymenu [] @@ -121,51 +119,6 @@ :height "60px") (cal)) -;; powermenu - -(defwidget powerbutton [] - (eventbox :cursor "hand" - (button :class "reg-btn powerbutton" - :onclick "eww open powermenu --toggle &" "") - ) -) -(defwidget powermenucontent [] - (box :orientation "h" - :class "powermenu-container" - (box :class "shutdown-btn-box" - :orientation "h" - (button :class "btn" - :tooltip "Shutdown" - :onclick "eww close powermenu && shutdown now" - "⏻") - ) - (box :class "reboot-btn-box" - :orientation "h" - (button :class "btn" - :tooltip "Reboot" - :onclick "eww close powermenu && reboot" - "") - ) - (box :class "exit-btn-box" - :orientation "h" - (button :class "btn" - :tooltip "Suspend" - :onclick "systemctl suspend" - "⏾") - ) - ) -) - -(defwindow powermenu - :monitor 0 - :geometry (geometry :x "0%" - :y "0%" - :width "30%" - :height "15%" - :anchor "center center") - :wm-ignore true - (powermenucontent)) - (deflisten workspaces_listen "./scripts/workspaces.sh") (defwidget workspaces [] (literal :content workspaces_listen)) -- 2.47.1 From c713b1810eb13e8b6360c63957fac22fe71412ca Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 29 Aug 2022 22:05:10 +0200 Subject: [PATCH 0394/1882] laptop: pink :cherry_blossom: --- flake.lock | 12 ++--- flake.nix | 2 +- nixos/hosts/thalassa/null/home/default.nix | 54 ++++++++++++++----- .../thalassa/null/home/hyprland/default.nix | 5 +- nixos/pkgs/catppuccin/cursors/default.nix | 29 ++++++++++ nixos/pkgs/default.nix | 2 + 6 files changed, 83 insertions(+), 21 deletions(-) create mode 100644 nixos/pkgs/catppuccin/cursors/default.nix diff --git a/flake.lock b/flake.lock index 0a6686da..9a6ccd9e 100644 --- a/flake.lock +++ b/flake.lock @@ -369,16 +369,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1661663669, - "narHash": "sha256-TsVDHYX9boTJPsgzGrQLZN5hv5V96pUVL5RgK5yLKPY=", - "owner": "NixOS", + "lastModified": 1661762682, + "narHash": "sha256-/i8xAhsX8MwiEucLIX+t7rNcsddFzbEOr/BROFSLeo4=", + "owner": "NULLx76", "repo": "nixpkgs", - "rev": "6cae4be2a768154ae9815d8238f00b03a89ea21f", + "rev": "fab092ddd75ec258d0b46611ba1730f33d041b10", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixos-unstable-small", + "owner": "NULLx76", + "ref": "vscode-catppuccin", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 56c12fdc..fe68483f 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small"; + nixpkgs.url = "github:NULLx76/nixpkgs/vscode-catppuccin"; colmena.url = "github:zhaofengli/colmena"; colmena.inputs.nixpkgs.follows = "nixpkgs"; diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 27303bc3..8c2fa2a6 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -1,10 +1,4 @@ { config, pkgs, lib, fetchFromGithub, ... }: -let - rofi = fetchTarball { - url = "https://github.com/adi1090x/rofi/archive/refs/heads/master.zip"; - sha256 = "0wq8v758gnk1wjdqyqmda5rlxlpv33l3sdf3rb3nx834vc5hr1rn"; - }; -in { programs.home-manager.enable = true; home.username = "victor"; @@ -34,19 +28,41 @@ in retroarchFull python3 element-desktop-wayland - + gnome.gnome-font-viewer - + wofi # Wayland rofi grim # Screenshot tool wf-recorder # Screenrecorder wl-clipboard # Clipboard manager networkmanager_dmenu brightnessctl + libnotify ]; - programs.alacritty = { + programs.foot = { enable = true; + # Note, pink and blue are switched + settings.colors = { + foreground = "c6d0f5"; # Text + background = "303446"; # Base + regular0 = "51576d"; # Surface 1 + regular1 = "e78284"; # red + regular2 = "a6d189"; # green + regular3 = "e5c890"; # yellow + regular4 = "f4b8e4"; # pink + regular5 = "8caaee"; # blue + regular6 = "81c8be"; # teal + regular7 = "b5bfe2"; # Subtext 1 + bright0 = "626880"; # Surface 2 + bright1 = "e78284"; # red + bright2 = "a6d189"; # green + bright3 = "e5c890"; # yellow + bright4 = "f4b8e4"; # pink + bright5 = "8caaee"; # blue + bright6 = "81c8be"; # teal + bright7 = "a5adce"; # Subtext 0 + }; }; programs.git = { @@ -56,6 +72,14 @@ in userEmail = "victor@xirion.net"; }; + programs.mako = { + enable = true; + backgroundColor = "#292c3c"; + borderRadius = 5; + borderColor = "#f4b8e4"; + textColor = "#c6d0f5"; + }; + programs.tmux = { enable = true; shortcut = "b"; @@ -72,10 +96,11 @@ in enable = true; package = pkgs.vscode; extensions = with pkgs.vscode-extensions; [ + catppuccin.catppuccin-vsc + james-yu.latex-workshop + jnoortheen.nix-ide matklad.rust-analyzer mkhl.direnv - jnoortheen.nix-ide - james-yu.latex-workshop valentjn.vscode-ltex ]; }; @@ -99,11 +124,16 @@ in name = "Arc"; package = pkgs.arc-icon-theme; }; + cursorTheme = { + name = "Catppuccin-Frappe-Pink-Cursors"; + package = pkgs.catppuccin.cursors; + size = 32; + }; }; services.syncthing.enable = true; - home.file.".config/networkmanager-dmenu/config.ini".text = '' + home.file.".config/networkmanager-dmenu/config.ini".text = '' [dmenu] dmenu_command = wofi --dmenu -i # # Note that dmenu_command can contain arguments as well like: diff --git a/nixos/hosts/thalassa/null/home/hyprland/default.nix b/nixos/hosts/thalassa/null/home/hyprland/default.nix index 3576afd2..ad162dac 100644 --- a/nixos/hosts/thalassa/null/home/hyprland/default.nix +++ b/nixos/hosts/thalassa/null/home/hyprland/default.nix @@ -9,6 +9,7 @@ enable = true; extraConfig = '' exec-once=${pkgs.hyprpaper}/bin/hyprpaper + exec-once=hyprctl setcursor Catppuccin-Frappe-Pink-Cursors 32 exec-once=eww daemon exec-once=eww open bar @@ -18,6 +19,7 @@ general { layout = dwindle + col.active_border = 0xfff4b8e4 } input { @@ -41,7 +43,7 @@ pseudotile=true } - bind=SUPER,RETURN,exec,alacritty + bind=SUPER,RETURN,exec,foot bind=SUPER,f,exec,firefox-devedition bind=SUPER,d,exec,wofi --show run,drun @@ -86,7 +88,6 @@ # Firefox notifications windowrule=float,title:^(\s*)$ - windowrule=nofocus,title:^(\s*)$ windowrule=move 1569 0,title:^(\s*)$ windowrule=opacity 0.8,title:^(\s*)$ windowrule=rounding 3,title:^(\s*)$ diff --git a/nixos/pkgs/catppuccin/cursors/default.nix b/nixos/pkgs/catppuccin/cursors/default.nix new file mode 100644 index 00000000..fb301e32 --- /dev/null +++ b/nixos/pkgs/catppuccin/cursors/default.nix @@ -0,0 +1,29 @@ +{ stdenv, lib, fetchFromGitHub, xorg, inkscape }: + +stdenv.mkDerivation rec { + pname = "catppuccin-cursors"; + version = "0.2.0"; + + src = fetchFromGitHub { + owner = "catppuccin"; + repo = "cursors"; + rev = "3d3023606939471c45cff7b643bffc5d5d4ff29c"; + sha256 = "sha256-0wb84q1VtD1myIRxrfQMn9n6w1gFzMA1rHkPqXuXLP0="; + }; + + nativeBuildInputs = [ + xorg.xcursorgen + inkscape + ]; + + installPhase = '' + PREFIX="/" DESTDIR=$out make install + ''; + + meta = with lib; { + description = "Soothing pastel mouse cursors"; + homepage = "https://github.com/catppuccin/cursors"; + license = licenses.gpl2; + platforms = platforms.linux; + }; +} diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index 211f868b..00d25de6 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -10,6 +10,8 @@ final: prev: { vmagent = prev.callPackage ./vmagent { }; + catppuccin.cursors = prev.callPackage ./catppuccin/cursors { }; + v = { unbound = prev.unbound.override { withSystemd = true; -- 2.47.1 From 66fba58eda89482812e3ee8fac8c1876ef7e1e90 Mon Sep 17 00:00:00 2001 From: victor Date: Tue, 30 Aug 2022 22:38:00 +0200 Subject: [PATCH 0395/1882] laptop, various updates --- flake.lock | 26 ++++---- flake.nix | 12 +--- nixos/common/users/default.nix | 11 ++-- nixos/hosts/thalassa/null/configuration.nix | 7 ++- nixos/hosts/thalassa/null/home/default.nix | 60 ++++++------------- .../thalassa/null/home/hyprland/default.nix | 9 +-- 6 files changed, 46 insertions(+), 79 deletions(-) diff --git a/flake.lock b/flake.lock index 9a6ccd9e..72f992b3 100644 --- a/flake.lock +++ b/flake.lock @@ -187,11 +187,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1661573386, - "narHash": "sha256-pBEg8iY00Af/SAtU2dlmOAv+2x7kScaGlFRDjNoVJO8=", + "lastModified": 1661824092, + "narHash": "sha256-nSWLWytlXbeLrx5A+r5Pso7CvVrX5EgmIIXW/EXvPHQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "d89bdff445eadff03fe414e9c30486bc8166b72b", + "rev": "5bd66dc6cd967033489c69d486402b75d338eeb6", "type": "github" }, "original": { @@ -206,11 +206,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1661698908, - "narHash": "sha256-CkdZIP11mxahqOuADBkuKFP/dokMn6mj2ZyiicJ2utU=", + "lastModified": 1661888127, + "narHash": "sha256-7oRh2X4lyykcFlHSppIo7fB1fuc8HguxxfZOTexkFQA=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "c757fa54e10bd0f486c70e32ecca366247281824", + "rev": "1cf46fd6a26cb16104a39a4fe73ca7ccd6c1ba36", "type": "github" }, "original": { @@ -279,11 +279,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1661652237, - "narHash": "sha256-HYZazJYnrSvgTN26lSI5JC8iTxTeGb+MrbSDb+k6b6I=", + "lastModified": 1661824817, + "narHash": "sha256-rKKTjwIVRD5YyD4/X0HMgQkPunAI1rb9vwP2l3M7NWY=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "3982e2afdb23f980e07a473472bf333178a87a5c", + "rev": "835355ef3f51f9ba1a75a35315f997b189337d81", "type": "github" }, "original": { @@ -369,16 +369,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1661762682, - "narHash": "sha256-/i8xAhsX8MwiEucLIX+t7rNcsddFzbEOr/BROFSLeo4=", + "lastModified": 1661850929, + "narHash": "sha256-YQxPKEF1jpDIrNARAIdaU0pR1KgjBHuTwXDeAseTfnY=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "fab092ddd75ec258d0b46611ba1730f33d041b10", + "rev": "f9e6ebf0e94a0f82f6d913708a57b86dd4740cbd", "type": "github" }, "original": { "owner": "NULLx76", - "ref": "vscode-catppuccin", + "ref": "0x76", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index fe68483f..939fc137 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix inputs = { - nixpkgs.url = "github:NULLx76/nixpkgs/vscode-catppuccin"; + nixpkgs.url = "github:NULLx76/nixpkgs/0x76"; colmena.url = "github:zhaofengli/colmena"; colmena.inputs.nixpkgs.follows = "nixpkgs"; @@ -56,12 +56,7 @@ # Script to apply local colmena deployments apply-local = pkgs.writeScriptBin "apply-local" '' #!${pkgs.stdenv.shell} - "${colmena.packages.x86_64-linux.colmena}"/bin/colmena apply-local --sudo - ''; - - dump-dconf = pkgs.writeScriptBin "dump-dconf" '' - #!${pkgs.stdenv.shell} - dconf dump / | dconf2nix > nixos/hosts/thalassa/null/dconf.nix + "${colmena.packages.x86_64-linux.colmena}"/bin/colmena apply-local --sudo $@ ''; in { @@ -84,11 +79,8 @@ # Use by running `nix develop` devShells.${system}.default = pkgs.mkShell { VAULT_ADDR = "http://vault.olympus:8200/"; - # This only support bash so just execute zsh in bash as a workaround :/ - # shellHook = "zsh; exit $?"; buildInputs = with pkgs; [ apply-local - dump-dconf colmena.packages.x86_64-linux.colmena fluxcd k9s diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index 20a19bde..e597d6cf 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -3,7 +3,7 @@ # Inputs to this NixOS module, in this case we are # using `pkgs` so we can have some user specific packages and config # to configure the root ssh key. -{ config, pkgs, ... }: +{ config, pkgs, lib, ... }: { # Setup ZSH to use grml config @@ -25,11 +25,14 @@ environment.pathsToLink = [ "/share/zsh" ]; # Install Neovim and set it as alias for vi(m) - programs.neovim.enable = true; - programs.neovim.viAlias = true; + programs.neovim = { + enable = true; + viAlias = true; + defaultEditor = true; + }; # Disable sudo prompt for `wheel` users. - security.sudo.wheelNeedsPassword = false; + security.sudo.wheelNeedsPassword = lib.mkDefault false; # The block that specifies my user account. users.extraUsers.victor = { diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index f7d5b9b7..835bc4ff 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -45,6 +45,10 @@ in inputs.hyprland.homeManagerModules.default ]; + security.pam.services.swaylock = { }; + + security.sudo.wheelNeedsPassword = true; + fonts = { fonts = with pkgs; [ material-design-icons @@ -190,6 +194,8 @@ in wireguard-tools slurp gdb + + swaylock-effects ]; programs.steam = { @@ -227,5 +233,4 @@ in # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.05"; # Did you read the comment? - } diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 8c2fa2a6..a848ee71 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -11,33 +11,35 @@ ]; home.packages = with pkgs; [ + brightnessctl discord - rnix-lsp - fusee-launcher - neofetch + calibre + element-desktop-wayland fluxcd + fusee-launcher + gimp + gnome.eog + gnome.file-roller + gnome.gnome-font-viewer + gnome.nautilus + grim # Screenshot tool k9s kubectl + libnotify + neofetch nixpkgs-review + python3 + retroarchFull ripgrep + rnix-lsp rsync - rustup rust-analyzer + rustup steam-run texlive.combined.scheme-full - retroarchFull - python3 - element-desktop-wayland - - gnome.gnome-font-viewer - - wofi # Wayland rofi - grim # Screenshot tool wf-recorder # Screenrecorder wl-clipboard # Clipboard manager - networkmanager_dmenu - brightnessctl - libnotify + wofi # Wayland rofi ]; programs.foot = { @@ -132,32 +134,4 @@ }; services.syncthing.enable = true; - - home.file.".config/networkmanager-dmenu/config.ini".text = '' - [dmenu] - dmenu_command = wofi --dmenu -i - # # Note that dmenu_command can contain arguments as well like: - # # `dmenu_command = rofi -dmenu -i -theme nmdm` - # # `dmenu_command = rofi -dmenu -width 30 -i` - # # `dmenu_command = dmenu -i -l 25 -b -nb #909090 -nf #303030` - # (Default: False) use rofi highlighting instead of '==' - rofi_highlight = true - # compact = # (Default: False). Remove extra spacing from display - # pinentry = # (Default: None) e.g. `pinentry-gtk` - # wifi_chars = - wifi_chars = ▂▄▆█ - # list_saved = # (Default: False) list saved connections - - [dmenu_passphrase] - # # Uses the -password flag for Rofi, -x for bemenu. For dmenu, sets -nb and - # # -nf to the same color or uses -P if the dmenu password patch is applied - # # https://tools.suckless.org/dmenu/patches/password/ - # obscure = True - # obscure_color = #222222 - - [editor] - # terminal = - terminal = alacritty - # gui_if_available = (Default: True) - ''; } diff --git a/nixos/hosts/thalassa/null/home/hyprland/default.nix b/nixos/hosts/thalassa/null/home/hyprland/default.nix index ad162dac..7cbff73b 100644 --- a/nixos/hosts/thalassa/null/home/hyprland/default.nix +++ b/nixos/hosts/thalassa/null/home/hyprland/default.nix @@ -9,7 +9,7 @@ enable = true; extraConfig = '' exec-once=${pkgs.hyprpaper}/bin/hyprpaper - exec-once=hyprctl setcursor Catppuccin-Frappe-Pink-Cursors 32 + exec-once=hyprctlhyprpap setcursor Catppuccin-Frappe-Pink-Cursors 32 exec-once=eww daemon exec-once=eww open bar @@ -86,13 +86,6 @@ bind=SUPER,g,togglegroup bind=SUPER,tab,changegroupactive - # Firefox notifications - windowrule=float,title:^(\s*)$ - windowrule=move 1569 0,title:^(\s*)$ - windowrule=opacity 0.8,title:^(\s*)$ - windowrule=rounding 3,title:^(\s*)$ - windowrule=animation popin,title:^(\s*)$ - bind=,XF86MonBrightnessUp,exec,brightnessctl -q s +5% bind=,XF86MonBrightnessDown,exec,brightnessctl -q s 5%- bind=,XF86MonRaiseVolume,exec,pamixer -i 5 -- 2.47.1 From fdbd87d25bea27cf05b93bd983bfc55f9734905e Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 31 Aug 2022 16:43:53 +0200 Subject: [PATCH 0396/1882] updates --- flake.lock | 12 ++++++------ nixos/hosts/olympus/synapse/configuration.nix | 2 +- nixos/hosts/thalassa/null/home/default.nix | 1 + 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index 72f992b3..a0b0e032 100644 --- a/flake.lock +++ b/flake.lock @@ -206,11 +206,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1661888127, - "narHash": "sha256-7oRh2X4lyykcFlHSppIo7fB1fuc8HguxxfZOTexkFQA=", + "lastModified": 1661937972, + "narHash": "sha256-/qMWX2/jplrtMoh1/6saFjNzU84IVTDV0iEXZ1y0UM0=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "1cf46fd6a26cb16104a39a4fe73ca7ccd6c1ba36", + "rev": "0ad261aa9c408aa43b8ff846acf9dab97e29b927", "type": "github" }, "original": { @@ -453,11 +453,11 @@ ] }, "locked": { - "lastModified": 1661430987, - "narHash": "sha256-kDCTfkOFP+cbS7DDf1WZNUuur/1PldfAygEZeDYiFNY=", + "lastModified": 1661942860, + "narHash": "sha256-HHEAjAh/yx7h6RWQ6sYgnwZ0LJ4eut3y32vO/pD7Gjw=", "owner": "serokell", "repo": "serokell.nix", - "rev": "70ccee98be9fac4bf7064ef4d66adbfe09e5d277", + "rev": "8c69cd4712106631f46eebd4815515b169aa37aa", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/synapse/configuration.nix b/nixos/hosts/olympus/synapse/configuration.nix index c6c7b187..bb7dbffc 100644 --- a/nixos/hosts/olympus/synapse/configuration.nix +++ b/nixos/hosts/olympus/synapse/configuration.nix @@ -65,7 +65,7 @@ in enable_registration = true; public_baseurl = "https://chat.meowy.tech"; enable_metrics = true; - max_upload_size = "100m"; + # max_upload_size = "100m"; listeners = [ { inherit port; diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index a848ee71..36d8ee73 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -103,6 +103,7 @@ jnoortheen.nix-ide matklad.rust-analyzer mkhl.direnv + tamasfe.even-better-toml valentjn.vscode-ltex ]; }; -- 2.47.1 From 3c2c5d93806c10cf11b45301ef13212467c81dcd Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 3 Sep 2022 20:42:43 +0200 Subject: [PATCH 0397/1882] updates --- flake.lock | 24 +++++++++---------- flake.nix | 3 ++- nixos/hosts/thalassa/null/home/default.nix | 1 + .../thalassa/null/home/hyprland/default.nix | 6 +++++ 4 files changed, 21 insertions(+), 13 deletions(-) diff --git a/flake.lock b/flake.lock index a0b0e032..11a86a69 100644 --- a/flake.lock +++ b/flake.lock @@ -11,11 +11,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1661669123, - "narHash": "sha256-nXslD8Sbs6G9/MN7HOr+YrBCCmUdS/MpEuxJGlWeSgM=", + "lastModified": 1662079751, + "narHash": "sha256-XdhfCDhH+AYZg6uHw8Sd9+V7BmqZWZZ//99VFTrDyhM=", "owner": "zhaofengli", "repo": "colmena", - "rev": "e7356e2c5cbc19be6e04d284c943b24bbde81a9b", + "rev": "52b594a167266d25b13690361231acd3e731a690", "type": "github" }, "original": { @@ -279,11 +279,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1661824817, - "narHash": "sha256-rKKTjwIVRD5YyD4/X0HMgQkPunAI1rb9vwP2l3M7NWY=", + "lastModified": 1662169888, + "narHash": "sha256-vXcEbRINemb+ype/JQohaU8TyzUbclOFwiv+soYn6wI=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "835355ef3f51f9ba1a75a35315f997b189337d81", + "rev": "7921fbc0656f8e8c5a95f1142aaf07bf6253aa55", "type": "github" }, "original": { @@ -353,11 +353,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1660908602, - "narHash": "sha256-SwZ85IPWvC4NxxFhWhRMTJpApSHbY1u4YK2UFWEBWvY=", + "lastModified": 1661931183, + "narHash": "sha256-0+2KzcexiJCB3Il5t7cZAM2RXNRfm5/gMCwhcZJxLuQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "495b19d5b3e62b4ec7e846bdfb6ef3d9c3b83492", + "rev": "97747d3209efde533f7b1b28f1be11619f556a06", "type": "github" }, "original": { @@ -572,11 +572,11 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1660930713, - "narHash": "sha256-bY7q1NqG/sjCUAWPn/Ne9NCigLlPlH5Lk1WCMqv3rTU=", + "lastModified": 1661882030, + "narHash": "sha256-Kw0MG4rXdTnbndVLLCNwkXDmNszwdQZmm7pwI1R3Kds=", "owner": "wlroots", "repo": "wlroots", - "rev": "7c575922c05e4d5fd9a403c2aa631a54c7531d44", + "rev": "fd0b0276c9ecc159549acff48b932b83ec3b4f12", "type": "gitlab" }, "original": { diff --git a/flake.nix b/flake.nix index 939fc137..78da71a3 100644 --- a/flake.nix +++ b/flake.nix @@ -29,7 +29,7 @@ }; outputs = - { self, nixpkgs, vault-secrets, serokell-nix, minecraft-servers, colmena, home-manager, hyprpaper, ... }@inputs: + { self, nixpkgs, vault-secrets, serokell-nix, minecraft-servers, colmena, home-manager, hyprpaper, hyprland, ... }@inputs: let inherit (nixpkgs) lib; inherit (builtins) filter mapAttrs attrValues concatLists; @@ -51,6 +51,7 @@ vault-secrets.overlay minecraft-servers.overlays.default hyprpaper.overlays.default + hyprland.overlays.default ]; # Script to apply local colmena deployments diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 36d8ee73..35c14e87 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -40,6 +40,7 @@ wf-recorder # Screenrecorder wl-clipboard # Clipboard manager wofi # Wayland rofi + ]; programs.foot = { diff --git a/nixos/hosts/thalassa/null/home/hyprland/default.nix b/nixos/hosts/thalassa/null/home/hyprland/default.nix index 7cbff73b..292db18d 100644 --- a/nixos/hosts/thalassa/null/home/hyprland/default.nix +++ b/nixos/hosts/thalassa/null/home/hyprland/default.nix @@ -5,11 +5,17 @@ wallpaper = eDP-1,~/cloud/Pictures/Wallpapers-Laptop/wallpaper-nix.png ''; + home.file.".xsettingsd".text = '' + Gtk/CursorThemeName "Catppuccin-Frappe-Pink-Cursors" + Net/ThemeName "Catppuccin-Pink-Dark" + ''; + wayland.windowManager.hyprland = { enable = true; extraConfig = '' exec-once=${pkgs.hyprpaper}/bin/hyprpaper exec-once=hyprctlhyprpap setcursor Catppuccin-Frappe-Pink-Cursors 32 + exec-once=${pkgs.xsettingsd}/bin/xsettingsd exec-once=eww daemon exec-once=eww open bar -- 2.47.1 From 803579c420414759003c85aab412d28528b56892 Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 3 Sep 2022 22:28:42 +0200 Subject: [PATCH 0398/1882] hyprland fixed --- flake.lock | 6 +++--- nixos/hosts/thalassa/null/home/hyprland/default.nix | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index 11a86a69..e65b0499 100644 --- a/flake.lock +++ b/flake.lock @@ -206,11 +206,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1661937972, - "narHash": "sha256-/qMWX2/jplrtMoh1/6saFjNzU84IVTDV0iEXZ1y0UM0=", + "lastModified": 1662236559, + "narHash": "sha256-lWjIORBU+NdZezAlqcXYwBsWyyB6GFH/WFnsPYUMmTo=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "0ad261aa9c408aa43b8ff846acf9dab97e29b927", + "rev": "1664f81cae6bd0e159de835f09d4f0d7105fe07e", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/null/home/hyprland/default.nix b/nixos/hosts/thalassa/null/home/hyprland/default.nix index 292db18d..5a1b63e7 100644 --- a/nixos/hosts/thalassa/null/home/hyprland/default.nix +++ b/nixos/hosts/thalassa/null/home/hyprland/default.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: { +{ pkgs, inputs, ... }: { home.file.".config/hypr/hyprpaper.conf".text = '' ipc = off preload = ~/cloud/Pictures/Wallpapers-Laptop/wallpaper-nix.png -- 2.47.1 From b146f56e4f6f01a1a9c6b2d97a0603c473c50396 Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 5 Sep 2022 14:52:11 +0200 Subject: [PATCH 0399/1882] laptop: fix cursor and add pam u2f --- flake.lock | 12 ++++++------ nixos/common/users/default.nix | 13 +++++++++++-- nixos/hosts/thalassa/null/configuration.nix | 11 ++++++++++- nixos/hosts/thalassa/null/home/default.nix | 1 + nixos/hosts/thalassa/null/home/hyprland/default.nix | 8 ++++---- 5 files changed, 32 insertions(+), 13 deletions(-) diff --git a/flake.lock b/flake.lock index e65b0499..e96b8a06 100644 --- a/flake.lock +++ b/flake.lock @@ -206,11 +206,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1662236559, - "narHash": "sha256-lWjIORBU+NdZezAlqcXYwBsWyyB6GFH/WFnsPYUMmTo=", + "lastModified": 1662312458, + "narHash": "sha256-FAWHn2aMytRc7AciZABnemaIdTL8ed0Vw66V7nRII3Q=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "1664f81cae6bd0e159de835f09d4f0d7105fe07e", + "rev": "6afab12b91baddb6d4a9c348e3fb2bf8c4e6e6ea", "type": "github" }, "original": { @@ -369,11 +369,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1661850929, - "narHash": "sha256-YQxPKEF1jpDIrNARAIdaU0pR1KgjBHuTwXDeAseTfnY=", + "lastModified": 1662296777, + "narHash": "sha256-NE/f95zRetFGw+H5fpvB3ye9AM72mc9x/71YL9Fkzpk=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "f9e6ebf0e94a0f82f6d913708a57b86dd4740cbd", + "rev": "e027345597b2a62e38f31d76fa71efccf5cbd8a2", "type": "github" }, "original": { diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index e597d6cf..a79906b9 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -28,7 +28,6 @@ programs.neovim = { enable = true; viAlias = true; - defaultEditor = true; }; # Disable sudo prompt for `wheel` users. @@ -63,5 +62,15 @@ }; # Setup packages available everywhere - environment.systemPackages = with pkgs; [ fzf git htop ncdu rsync ripgrep zoxide ]; + environment.systemPackages = with pkgs; [ + fzf + git + helix + htop + ncdu + ripgrep + rsync + zoxide + ]; + } diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 835bc4ff..b5a16ceb 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -195,7 +195,7 @@ in slurp gdb - swaylock-effects + swaylock-effects # Has to be installed globally so that pam module works ]; programs.steam = { @@ -226,6 +226,15 @@ in keep-derivations = true ''; + # Enables logging in with my Solokey + security.pam.u2f = { + enable = true; + debug = false; + cue = true; + control = "sufficient"; + authFile = "/etc/u2f-mappings"; # use `pamu2fcfg` from `pkgs.pam_u2f` to generate this config + }; + # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 35c14e87..ce581d57 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -106,6 +106,7 @@ mkhl.direnv tamasfe.even-better-toml valentjn.vscode-ltex + vscodevim.vim ]; }; diff --git a/nixos/hosts/thalassa/null/home/hyprland/default.nix b/nixos/hosts/thalassa/null/home/hyprland/default.nix index 5a1b63e7..61d3544e 100644 --- a/nixos/hosts/thalassa/null/home/hyprland/default.nix +++ b/nixos/hosts/thalassa/null/home/hyprland/default.nix @@ -1,8 +1,8 @@ { pkgs, inputs, ... }: { home.file.".config/hypr/hyprpaper.conf".text = '' ipc = off - preload = ~/cloud/Pictures/Wallpapers-Laptop/wallpaper-nix.png - wallpaper = eDP-1,~/cloud/Pictures/Wallpapers-Laptop/wallpaper-nix.png + preload = ~/cloud/Pictures/Wallpapers-Laptop/wallpaper-nix-pink.png + wallpaper = eDP-1,~/cloud/Pictures/Wallpapers-Laptop/wallpaper-nix-pink.png ''; home.file.".xsettingsd".text = '' @@ -14,8 +14,8 @@ enable = true; extraConfig = '' exec-once=${pkgs.hyprpaper}/bin/hyprpaper - exec-once=hyprctlhyprpap setcursor Catppuccin-Frappe-Pink-Cursors 32 - exec-once=${pkgs.xsettingsd}/bin/xsettingsd + exec-once=hyprctl setcursor Catppuccin-Frappe-Pink-Cursors 32 + exec-once=${pkgs.xsettingsd}/bin/xsettingsd & exec-once=eww daemon exec-once=eww open bar -- 2.47.1 From 34f8e5cb61ebb578424c38d6aad8321fb4ebfe22 Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 5 Sep 2022 16:12:17 +0200 Subject: [PATCH 0400/1882] laptop: initial setup for theme.nix --- flake.lock | 12 +-- nixos/hosts/thalassa/null/home/default.nix | 26 +----- nixos/hosts/thalassa/null/home/eww/eww.scss | 29 +------ nixos/hosts/thalassa/null/home/theme.nix | 92 +++++++++++++++++++++ 4 files changed, 102 insertions(+), 57 deletions(-) create mode 100644 nixos/hosts/thalassa/null/home/theme.nix diff --git a/flake.lock b/flake.lock index e96b8a06..c2c01a5c 100644 --- a/flake.lock +++ b/flake.lock @@ -187,11 +187,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1661824092, - "narHash": "sha256-nSWLWytlXbeLrx5A+r5Pso7CvVrX5EgmIIXW/EXvPHQ=", + "lastModified": 1662381277, + "narHash": "sha256-ytrms5bE5d/XLkge/b91yLTh5iA9YuPz3Wp7/ZqWdnw=", "owner": "nix-community", "repo": "home-manager", - "rev": "5bd66dc6cd967033489c69d486402b75d338eeb6", + "rev": "de079ec3714e7b201c17cbe03b62be8d6dc7b3c0", "type": "github" }, "original": { @@ -206,11 +206,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1662312458, - "narHash": "sha256-FAWHn2aMytRc7AciZABnemaIdTL8ed0Vw66V7nRII3Q=", + "lastModified": 1662378652, + "narHash": "sha256-+GN9ZKyCh3p0fVsVYqPaq0csJlIFOohCCqG3QuQJemg=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "6afab12b91baddb6d4a9c348e3fb2bf8c4e6e6ea", + "rev": "a74b8033ca97bdfc53a0a8aaf3aec9aec56fa410", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index ce581d57..d1f16c9f 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -8,6 +8,7 @@ imports = [ ./hyprland ./eww + ./theme.nix ]; home.packages = with pkgs; [ @@ -45,27 +46,7 @@ programs.foot = { enable = true; - # Note, pink and blue are switched - settings.colors = { - foreground = "c6d0f5"; # Text - background = "303446"; # Base - regular0 = "51576d"; # Surface 1 - regular1 = "e78284"; # red - regular2 = "a6d189"; # green - regular3 = "e5c890"; # yellow - regular4 = "f4b8e4"; # pink - regular5 = "8caaee"; # blue - regular6 = "81c8be"; # teal - regular7 = "b5bfe2"; # Subtext 1 - bright0 = "626880"; # Surface 2 - bright1 = "e78284"; # red - bright2 = "a6d189"; # green - bright3 = "e5c890"; # yellow - bright4 = "f4b8e4"; # pink - bright5 = "8caaee"; # blue - bright6 = "81c8be"; # teal - bright7 = "a5adce"; # Subtext 0 - }; + }; programs.git = { @@ -77,10 +58,7 @@ programs.mako = { enable = true; - backgroundColor = "#292c3c"; borderRadius = 5; - borderColor = "#f4b8e4"; - textColor = "#c6d0f5"; }; programs.tmux = { diff --git a/nixos/hosts/thalassa/null/home/eww/eww.scss b/nixos/hosts/thalassa/null/home/eww/eww.scss index b3cb3fda..ff48fd27 100644 --- a/nixos/hosts/thalassa/null/home/eww/eww.scss +++ b/nixos/hosts/thalassa/null/home/eww/eww.scss @@ -1,31 +1,6 @@ -$light-gray: #9699b7; +@import url(./colours.scss); -$rosewater: #f2d5cf; -$flamingo: #eebebe; -$pink: #f4b8e4; -$mauve: #ca9ee6; -$red: #e78284; -$maroon: #ea999c; -$peach: #ef9f76; -$yellow: #e5c890; -$green: #a6d189; -$teal: #81c8be; -$sky: #99d1db; -$sapphire: #85c1dc; -$blue: #8caaee; -$lavender: #babbf1; -$text: #c6d0f5; -$subtext1: #b5bfe2; -$subtext0: #a5adce; -$overlay2: #949cbb; -$overlay1: #838ba7; -$overlay0: #737994; -$surface2: #626880; -$surface1: #51576d; -$surface0: #414559; -$base: #303446; -$mantle: #292c3c; -$crust: #232634; +$light-gray: #9699b7; * { all: unset; //Unsets everything so you can style everything from scratch diff --git a/nixos/hosts/thalassa/null/home/theme.nix b/nixos/hosts/thalassa/null/home/theme.nix new file mode 100644 index 00000000..c74e81a2 --- /dev/null +++ b/nixos/hosts/thalassa/null/home/theme.nix @@ -0,0 +1,92 @@ +{ ... }: +let + # Catpuccin Frappe Pink + colour = rec { + rosewater = "f2d5cf"; + flamingo = "eebebe"; + pink = "f4b8e4"; + mauve = "ca9ee6"; + red = "e78284"; + maroon = "ea999c"; + peach = "ef9f76"; + yellow = "e5c890"; + green = "a6d189"; + teal = "81c8be"; + sky = "99d1db"; + sapphire = "85c1dc"; + blue = "8caaee"; + lavender = "babbf1"; + text = "c6d0f5"; + subtext1 = "b5bfe2"; + subtext0 = "a5adce"; + overlay2 = "949cbb"; + overlay1 = "838ba7"; + overlay0 = "737994"; + surface2 = "626880"; + surface1 = "51576d"; + surface0 = "414559"; + base = "303446"; + mantle = "292c3c"; + crust = "232634"; + + hex = builtins.mapAttrs (name: value: "#${value}") colour; + }; +in +{ + home.file.".config/eww/colours.scss".text = '' + $rosewater: #${colour.rosewater}; + $flamingo: #${colour.flamingo}; + $pink: #${colour.pink}; + $mauve: #${colour.mauve}; + $red: #${colour.red}; + $maroon: #${colour.maroon}; + $peach: #${colour.peach}; + $yellow: #${colour.yellow}; + $green: #${colour.green}; + $teal: #${colour.teal}; + $sky: #${colour.sky}; + $sapphire: #${colour.sapphire}; + $blue: #${colour.blue}; + $lavender: #${colour.lavender}; + $text: #${colour.text}; + $subtext1: #${colour.subtext1}; + $subtext0: #${colour.subtext0}; + $overlay2: #${colour.overlay2}; + $overlay1: #${colour.overlay1}; + $overlay0: #${colour.overlay0}; + $surface2: #${colour.surface2}; + $surface1: #${colour.surface1}; + $surface0: #${colour.surface0}; + $base: #${colour.base}; + $mantle: #${colour.mantle}; + $crust: #${colour.crust}; + ''; + + # Note, pink and blue are switched + programs.foot.settings.colors = { + foreground = colour.text; # Text + background = colour.base; # Base + regular0 = colour.surface1; # Surface 1 + regular1 = colour.red; # red + regular2 = colour.green; # green + regular3 = colour.yellow; # yellow + regular4 = colour.pink; # pink + regular5 = colour.blue; # blue + regular6 = colour.teal; # teal + regular7 = colour.subtext1; # Subtext 1 + bright0 = colour.surface2; # Surface 2 + bright1 = colour.red; # red + bright2 = colour.green; # green + bright3 = colour.yellow; # yellow + bright4 = colour.pink; # pink + bright5 = colour.blue; # blue + bright6 = colour.teal; # teal + bright7 = colour.subtext0; # Subtext 0 + }; + + programs.mako = { + backgroundColor = colour.hex.mantle; + borderColor = colour.hex.pink; + textColor = colour.hex.text; + }; +} -- 2.47.1 From 8be9000dc1432b412e0e20d88986aa99ae22369d Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 7 Sep 2022 13:57:45 +0200 Subject: [PATCH 0401/1882] laptop cfg --- flake.lock | 18 ++++++------- nixos/hosts/thalassa/null/configuration.nix | 9 +++---- nixos/hosts/thalassa/null/home/default.nix | 2 +- nixos/hosts/thalassa/null/home/eww/eww.scss | 28 ++++++++++++++++++-- nixos/hosts/thalassa/null/home/theme.nix | 29 --------------------- 5 files changed, 40 insertions(+), 46 deletions(-) diff --git a/flake.lock b/flake.lock index c2c01a5c..e98d180d 100644 --- a/flake.lock +++ b/flake.lock @@ -187,11 +187,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1662381277, - "narHash": "sha256-ytrms5bE5d/XLkge/b91yLTh5iA9YuPz3Wp7/ZqWdnw=", + "lastModified": 1662472236, + "narHash": "sha256-epA5KzVUxw9ZV+st2aU4oFfJGyIcYleTpX28wsCQQP4=", "owner": "nix-community", "repo": "home-manager", - "rev": "de079ec3714e7b201c17cbe03b62be8d6dc7b3c0", + "rev": "de94878b6b83f7f2cfda9cdff005417a6d7ac82c", "type": "github" }, "original": { @@ -206,11 +206,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1662378652, - "narHash": "sha256-+GN9ZKyCh3p0fVsVYqPaq0csJlIFOohCCqG3QuQJemg=", + "lastModified": 1662487199, + "narHash": "sha256-U4M9TdcGU/YMMP4pCcTldxiecPb40X4hHvuyH6+oSiU=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "a74b8033ca97bdfc53a0a8aaf3aec9aec56fa410", + "rev": "789eedd115917bc0ae7e5ee7317af67295439fd8", "type": "github" }, "original": { @@ -369,11 +369,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1662296777, - "narHash": "sha256-NE/f95zRetFGw+H5fpvB3ye9AM72mc9x/71YL9Fkzpk=", + "lastModified": 1662488521, + "narHash": "sha256-+Lg/WMWyvpgsk0eSq0/0I1jkZ70oOCc2W3LMYk6pHTU=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "e027345597b2a62e38f31d76fa71efccf5cbd8a2", + "rev": "ab265225e8c1abb533f9d650c3f68a090001ebd0", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index b5a16ceb..c0e2291f 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -16,7 +16,7 @@ let ''; run-hyprland = pkgs.writeShellScriptBin "run-hyprland" '' export _JAVA_AWT_WM_NONREPARENTING=1 - export XCURSOR_SIZE=24 + export XCURSOR_SIZE=32 export CLUTTER_BACKEND=wayland export XDG_SESSION_TYPE=wayland @@ -26,6 +26,7 @@ let export WLR_BACKEND=vulkan export QT_QPA_PLATFORM=wayland export GDK_BACKEND=wayland + export SDL_VIDEODRIVER=wayland exec Hyprland ''; @@ -131,22 +132,20 @@ in }; environment.loginShellInit = '' - if [[ "$(tty)" == /dev/tty1 ]]; then + if [ -z $DISPLAY ] && [ "$(tty)" = "/dev/tty1" ]; then ${run-hyprland}/bin/run-hyprland fi ''; services.xserver = { - # enable = true; + enable = false; layout = "us"; xkbVariant = "altgr-intl"; xkbOptions = "caps:swapescape"; videoDrivers = [ "nvidia" ]; }; - # hardware.nvidia.modesetting.enable = true; hardware.nvidia = { - # open = true; prime = { offload.enable = true; intelBusId = "PCI:0:2:0"; diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index d1f16c9f..19c4cf0a 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -18,6 +18,7 @@ element-desktop-wayland fluxcd fusee-launcher + gcc gimp gnome.eog gnome.file-roller @@ -41,7 +42,6 @@ wf-recorder # Screenrecorder wl-clipboard # Clipboard manager wofi # Wayland rofi - ]; programs.foot = { diff --git a/nixos/hosts/thalassa/null/home/eww/eww.scss b/nixos/hosts/thalassa/null/home/eww/eww.scss index ff48fd27..877db8f7 100644 --- a/nixos/hosts/thalassa/null/home/eww/eww.scss +++ b/nixos/hosts/thalassa/null/home/eww/eww.scss @@ -1,5 +1,29 @@ -@import url(./colours.scss); - +$rosewater: #f2d5cf; +$flamingo: #eebebe; +$pink: #f4b8e4; +$mauve: #ca9ee6; +$red: #e78284; +$maroon: #ea999c; +$peach: #ef9f76; +$yellow: #e5c890; +$green: #a6d189; +$teal: #81c8be; +$sky: #99d1db; +$sapphire: #85c1dc; +$blue: #8caaee; +$lavender: #babbf1; +$text: #c6d0f5; +$subtext1: #b5bfe2; +$subtext0: #a5adce; +$overlay2: #949cbb; +$overlay1: #838ba7; +$overlay0: #737994; +$surface2: #626880; +$surface1: #51576d; +$surface0: #414559; +$base: #303446; +$mantle: #292c3c; +$crust: #232634; $light-gray: #9699b7; * { diff --git a/nixos/hosts/thalassa/null/home/theme.nix b/nixos/hosts/thalassa/null/home/theme.nix index c74e81a2..a4f2ee13 100644 --- a/nixos/hosts/thalassa/null/home/theme.nix +++ b/nixos/hosts/thalassa/null/home/theme.nix @@ -33,35 +33,6 @@ let }; in { - home.file.".config/eww/colours.scss".text = '' - $rosewater: #${colour.rosewater}; - $flamingo: #${colour.flamingo}; - $pink: #${colour.pink}; - $mauve: #${colour.mauve}; - $red: #${colour.red}; - $maroon: #${colour.maroon}; - $peach: #${colour.peach}; - $yellow: #${colour.yellow}; - $green: #${colour.green}; - $teal: #${colour.teal}; - $sky: #${colour.sky}; - $sapphire: #${colour.sapphire}; - $blue: #${colour.blue}; - $lavender: #${colour.lavender}; - $text: #${colour.text}; - $subtext1: #${colour.subtext1}; - $subtext0: #${colour.subtext0}; - $overlay2: #${colour.overlay2}; - $overlay1: #${colour.overlay1}; - $overlay0: #${colour.overlay0}; - $surface2: #${colour.surface2}; - $surface1: #${colour.surface1}; - $surface0: #${colour.surface0}; - $base: #${colour.base}; - $mantle: #${colour.mantle}; - $crust: #${colour.crust}; - ''; - # Note, pink and blue are switched programs.foot.settings.colors = { foreground = colour.text; # Text -- 2.47.1 From c54dff4fb1445d093afe8d05e7d094052791d0a4 Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 7 Sep 2022 14:25:42 +0200 Subject: [PATCH 0402/1882] update laptop --- flake.lock | 145 ++++++++++++++++---- flake.nix | 4 +- nixos/hosts/thalassa/null/configuration.nix | 6 +- nixos/hosts/thalassa/null/home/default.nix | 10 +- 4 files changed, 135 insertions(+), 30 deletions(-) diff --git a/flake.lock b/flake.lock index e98d180d..1b7993bf 100644 --- a/flake.lock +++ b/flake.lock @@ -27,7 +27,7 @@ "deploy-rs": { "inputs": { "flake-compat": "flake-compat_2", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "utils": "utils_4" }, "locked": { @@ -43,6 +43,28 @@ "type": "indirect" } }, + "fenix": { + "inputs": { + "nixpkgs": [ + "riff", + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src" + }, + "locked": { + "lastModified": 1662186434, + "narHash": "sha256-N867s0Z20q9LNirVftWoKAmkEARmmHXZHyRTEmekf94=", + "owner": "nix-community", + "repo": "fenix", + "rev": "e228867146581fa5e4be25dafc0dd68fdd22f0ad", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, "flake-compat": { "flake": false, "locked": { @@ -206,11 +228,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1662487199, - "narHash": "sha256-U4M9TdcGU/YMMP4pCcTldxiecPb40X4hHvuyH6+oSiU=", + "lastModified": 1662548716, + "narHash": "sha256-HKkDvjqLn0652ovUk/8u7uFOF3CEq3F3D/EnewrlROY=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "789eedd115917bc0ae7e5ee7317af67295439fd8", + "rev": "6e195a6b8cb98e96d15c51003da4b17154c55ff3", "type": "github" }, "original": { @@ -279,11 +301,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1662169888, - "narHash": "sha256-vXcEbRINemb+ype/JQohaU8TyzUbclOFwiv+soYn6wI=", + "lastModified": 1662515805, + "narHash": "sha256-788jXPFYYYWI8CxHD3IkbjtWMJwcplQWkbdhn5q0qtY=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "7921fbc0656f8e8c5a95f1142aaf07bf6253aa55", + "rev": "2673c4de1c961c433862ccdc64c2c39ea9112736", "type": "github" }, "original": { @@ -292,10 +314,31 @@ "type": "github" } }, + "naersk": { + "inputs": { + "nixpkgs": [ + "riff", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1662220400, + "narHash": "sha256-9o2OGQqu4xyLZP9K6kNe1pTHnyPz0Wr3raGYnr9AIgY=", + "owner": "nix-community", + "repo": "naersk", + "rev": "6944160c19cb591eb85bbf9b2f2768a935623ed3", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "naersk", + "type": "github" + } + }, "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_5" }, "locked": { "lastModified": 1633098935, @@ -336,7 +379,7 @@ "nix_2": { "inputs": { "lowdown-src": "lowdown-src_2", - "nixpkgs": "nixpkgs_5" + "nixpkgs": "nixpkgs_6" }, "locked": { "lastModified": 1633098935, @@ -384,6 +427,22 @@ } }, "nixpkgs_3": { + "locked": { + "lastModified": 1662099760, + "narHash": "sha256-MdZLCTJPeHi/9fg6R9fiunyDwP3XHJqDd51zWWz9px0=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "67e45078141102f45eff1589a831aeaa3182b41e", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-22.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { "locked": { "lastModified": 1648219316, "narHash": "sha256-Ctij+dOi0ZZIfX5eMhgwugfvB+WZSrvVNAyAuANOsnQ=", @@ -399,21 +458,6 @@ "type": "github" } }, - "nixpkgs_4": { - "locked": { - "lastModified": 1632864508, - "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "82891b5e2c2359d7e58d08849e4c89511ab94234", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "ref": "nixos-21.05-small", - "type": "indirect" - } - }, "nixpkgs_5": { "locked": { "lastModified": 1632864508, @@ -429,6 +473,41 @@ "type": "indirect" } }, + "nixpkgs_6": { + "locked": { + "lastModified": 1632864508, + "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "82891b5e2c2359d7e58d08849e4c89511ab94234", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-21.05-small", + "type": "indirect" + } + }, + "riff": { + "inputs": { + "fenix": "fenix", + "naersk": "naersk", + "nixpkgs": "nixpkgs_3" + }, + "locked": { + "lastModified": 1662511960, + "narHash": "sha256-YyDpkCmP4IslmGPLI5Npd9Y2PbW4J81o3McB7pnRxXU=", + "owner": "DeterminateSystems", + "repo": "riff", + "rev": "0dbdb5fca5a4c1bbe2a3a81938d9dad13cc4a9ae", + "type": "github" + }, + "original": { + "owner": "DeterminateSystems", + "repo": "riff", + "type": "github" + } + }, "root": { "inputs": { "colmena": "colmena", @@ -437,10 +516,28 @@ "hyprpaper": "hyprpaper", "minecraft-servers": "minecraft-servers", "nixpkgs": "nixpkgs_2", + "riff": "riff", "serokell-nix": "serokell-nix", "vault-secrets": "vault-secrets" } }, + "rust-analyzer-src": { + "flake": false, + "locked": { + "lastModified": 1662066014, + "narHash": "sha256-DE4FsE2sxd9nFtG+8+lnv/IBbtf+6rAlKjIdfpWN488=", + "owner": "rust-lang", + "repo": "rust-analyzer", + "rev": "93c52e41ec0d297c7512adf5936d8c464c820618", + "type": "github" + }, + "original": { + "owner": "rust-lang", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, "serokell-nix": { "inputs": { "deploy-rs": "deploy-rs", diff --git a/flake.nix b/flake.nix index 78da71a3..f212e531 100644 --- a/flake.nix +++ b/flake.nix @@ -26,10 +26,12 @@ hyprland.url = "github:hyprwm/Hyprland"; hyprpaper.url = "github:hyprwm/hyprpaper"; hyprpaper.inputs.nixpkgs.follows = "nixpkgs"; + + riff.url = "github:DeterminateSystems/riff"; }; outputs = - { self, nixpkgs, vault-secrets, serokell-nix, minecraft-servers, colmena, home-manager, hyprpaper, hyprland, ... }@inputs: + { self, nixpkgs, vault-secrets, serokell-nix, minecraft-servers, colmena, home-manager, hyprpaper, hyprland, riff, ... }@inputs: let inherit (nixpkgs) lib; inherit (builtins) filter mapAttrs attrValues concatLists; diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index c0e2291f..cfb7d5a5 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -42,9 +42,9 @@ in home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.users.victor = import ./home; - home-manager.sharedModules = [ - inputs.hyprland.homeManagerModules.default - ]; + home-manager.extraSpecialArgs = { + inherit inputs; + }; security.pam.services.swaylock = { }; diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 19c4cf0a..7ac7a2eb 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, fetchFromGithub, ... }: +{ config, pkgs, lib, inputs, ... }: { programs.home-manager.enable = true; home.username = "victor"; @@ -6,6 +6,7 @@ home.stateVersion = "22.05"; imports = [ + inputs.hyprland.homeManagerModules.default ./hyprland ./eww ./theme.nix @@ -42,11 +43,12 @@ wf-recorder # Screenrecorder wl-clipboard # Clipboard manager wofi # Wayland rofi + + inputs.riff.packages.x86_64-linux.riff ]; programs.foot = { enable = true; - }; programs.git = { @@ -95,6 +97,10 @@ }; }; + programs.zsh.sessionVariables = { + DIRENV_LOG_FORMAT = ""; + }; + programs.zsh.enable = true; gtk = { -- 2.47.1 From af8634cd42bbd6da812f071cb37a1e0abd74fe1d Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 9 Sep 2022 11:57:22 +0200 Subject: [PATCH 0403/1882] disabled k3s for now --- flake.lock | 30 +++++++++++++++--------------- nixos/hosts/olympus/default.nix | 14 +++++++------- 2 files changed, 22 insertions(+), 22 deletions(-) diff --git a/flake.lock b/flake.lock index 1b7993bf..8427af71 100644 --- a/flake.lock +++ b/flake.lock @@ -209,11 +209,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1662472236, - "narHash": "sha256-epA5KzVUxw9ZV+st2aU4oFfJGyIcYleTpX28wsCQQP4=", + "lastModified": 1662659484, + "narHash": "sha256-+uanOaNQCOkwZhzdtLEce1L8IZcGhTgEw8mXKVLGVxQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "de94878b6b83f7f2cfda9cdff005417a6d7ac82c", + "rev": "4cfc0a1e02c6374f66acdfd2ff8ae3e87c80c818", "type": "github" }, "original": { @@ -228,11 +228,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1662548716, - "narHash": "sha256-HKkDvjqLn0652ovUk/8u7uFOF3CEq3F3D/EnewrlROY=", + "lastModified": 1662670949, + "narHash": "sha256-VB/34YMiW9mL6sdEAnYOqi1sjOiJcu8ZmQx3R8PI2iI=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "6e195a6b8cb98e96d15c51003da4b17154c55ff3", + "rev": "928158bbfb906bd871738d60610d85634d1f8c7e", "type": "github" }, "original": { @@ -301,11 +301,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1662515805, - "narHash": "sha256-788jXPFYYYWI8CxHD3IkbjtWMJwcplQWkbdhn5q0qtY=", + "lastModified": 1662688833, + "narHash": "sha256-OYM3f5725gKnFQp21Ph2dsjzFjwKorsDZxZlzIzDN3s=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "2673c4de1c961c433862ccdc64c2c39ea9112736", + "rev": "90585ebc121d46e330673322b824596c7b8c8393", "type": "github" }, "original": { @@ -412,11 +412,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1662488521, - "narHash": "sha256-+Lg/WMWyvpgsk0eSq0/0I1jkZ70oOCc2W3LMYk6pHTU=", + "lastModified": 1662706500, + "narHash": "sha256-aGLVvP1H5Y9rmbVpP9/5esO/4lmDkGxIVgq1AGDiDTM=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "ab265225e8c1abb533f9d650c3f68a090001ebd0", + "rev": "98eb447a5320ea4a93ebb92f5d7367e18c3dbbee", "type": "github" }, "original": { @@ -495,11 +495,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1662511960, - "narHash": "sha256-YyDpkCmP4IslmGPLI5Npd9Y2PbW4J81o3McB7pnRxXU=", + "lastModified": 1662656610, + "narHash": "sha256-5mz1SsMNXMoacixgFxfVHLwp1ycX+sW4T5/G9KHF68E=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "0dbdb5fca5a4c1bbe2a3a81938d9dad13cc4a9ae", + "rev": "895037519e9fcc1bdb6e709d4ffa34ed71851c96", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index ceb5978d..c51b5f9c 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -48,13 +48,13 @@ mac = "6A:C2:89:85:CF:A6"; tags = [ "web" ]; } - { - hostname = "k3s-node1"; - profile = "k3s"; - ip = "10.42.42.10"; - mac = "2E:F8:55:23:D9:9B"; - type = "vm"; - } + # { + # hostname = "k3s-node1"; + # profile = "k3s"; + # ip = "10.42.42.10"; + # mac = "2E:F8:55:23:D9:9B"; + # type = "vm"; + # } { hostname = "WoolooTV"; ip = "10.42.42.13"; -- 2.47.1 From 60b36f3709f7db91ca2daf435937a046aba178e8 Mon Sep 17 00:00:00 2001 From: victor Date: Fri, 9 Sep 2022 19:02:32 +0200 Subject: [PATCH 0404/1882] add github actions --- .github/workflows/nixos.yml | 20 ++++++++++++++++ flake.lock | 24 +++++++++---------- nixos/hosts/thalassa/null/configuration.nix | 3 ++- nixos/hosts/thalassa/null/home/default.nix | 7 ++++-- .../hosts/thalassa/null/home/eww/default.nix | 2 +- nixos/hosts/thalassa/null/home/theme.nix | 1 + 6 files changed, 41 insertions(+), 16 deletions(-) create mode 100644 .github/workflows/nixos.yml diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml new file mode 100644 index 00000000..f9e86df4 --- /dev/null +++ b/.github/workflows/nixos.yml @@ -0,0 +1,20 @@ +name: NixOS + +jobs: + build: + runs-on: ubuntu-18.04 + steps: + - uses: actions/checkout@v2.3.2 + + - name: "Install Nix ❄️" + uses: cachix/install-nix-action@v15 + + - name: "Install Cachix ❄️" + uses: cachix/cachix-action@v10 + with: + name: 0x76-infra + authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" + + - name: "Build NixOS config ❄️" + run: | + nix run '.#' build diff --git a/flake.lock b/flake.lock index 8427af71..d74ddd9f 100644 --- a/flake.lock +++ b/flake.lock @@ -209,11 +209,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1662659484, - "narHash": "sha256-+uanOaNQCOkwZhzdtLEce1L8IZcGhTgEw8mXKVLGVxQ=", + "lastModified": 1662736595, + "narHash": "sha256-43viuA7wymW9shuGxFE5U3XGauucm7sQc83P8cvNLLo=", "owner": "nix-community", "repo": "home-manager", - "rev": "4cfc0a1e02c6374f66acdfd2ff8ae3e87c80c818", + "rev": "b92826d0c4a6a7c50fece3caaeaa0cb08536a3f3", "type": "github" }, "original": { @@ -228,11 +228,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1662670949, - "narHash": "sha256-VB/34YMiW9mL6sdEAnYOqi1sjOiJcu8ZmQx3R8PI2iI=", + "lastModified": 1662732084, + "narHash": "sha256-uW9KRO0zNC2xPISInFCFP0Nqko1x/DLI+jrhndERuRQ=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "928158bbfb906bd871738d60610d85634d1f8c7e", + "rev": "9370c7aa8a0f43b4471626f95013e1bf55539c19", "type": "github" }, "original": { @@ -412,11 +412,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1662706500, - "narHash": "sha256-aGLVvP1H5Y9rmbVpP9/5esO/4lmDkGxIVgq1AGDiDTM=", + "lastModified": 1662729926, + "narHash": "sha256-klAcKYYKVtd3a/34kfi4bqUKlL4GJqh9iYWictDpsJg=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "98eb447a5320ea4a93ebb92f5d7367e18c3dbbee", + "rev": "cc6ef9492eba324cc2482127f0778b8178a186bd", "type": "github" }, "original": { @@ -495,11 +495,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1662656610, - "narHash": "sha256-5mz1SsMNXMoacixgFxfVHLwp1ycX+sW4T5/G9KHF68E=", + "lastModified": 1662734285, + "narHash": "sha256-6WHeR4k640SnTqxusciQ6zfB6of20cjMjM3wwaIgzNQ=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "895037519e9fcc1bdb6e709d4ffa34ed71851c96", + "rev": "bbb08d8ec46d8eb0317a10bc828c25ce8be42c58", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index cfb7d5a5..4267cc97 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -120,10 +120,11 @@ in enable = true; wlr.enable = true; extraPortals = with pkgs; [ - xdg-desktop-portal-gtk + # xdg-desktop-portal-gtk ]; }; }; + services.dbus.enable = true; # Hyprland programs.hyprland = { diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 7ac7a2eb..9219382c 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -43,7 +43,6 @@ wf-recorder # Screenrecorder wl-clipboard # Clipboard manager wofi # Wayland rofi - inputs.riff.packages.x86_64-linux.riff ]; @@ -51,6 +50,11 @@ enable = true; }; + programs.exa = { + enable = true; + enableAliases = true; + }; + programs.git = { enable = true; package = pkgs.gitAndTools.gitFull; @@ -60,7 +64,6 @@ programs.mako = { enable = true; - borderRadius = 5; }; programs.tmux = { diff --git a/nixos/hosts/thalassa/null/home/eww/default.nix b/nixos/hosts/thalassa/null/home/eww/default.nix index da3b738b..29accf27 100644 --- a/nixos/hosts/thalassa/null/home/eww/default.nix +++ b/nixos/hosts/thalassa/null/home/eww/default.nix @@ -7,7 +7,7 @@ ]; home.file.".config/eww/eww.yuck".source = ./eww.yuck; - home.file.".config/eww/eww.scss".source = ./eww.scss; + home.file.".config/eww/eww.scss".text = builtins.readFile ./eww.scss; # scripts home.file.".config/eww/scripts/volume.sh" = { diff --git a/nixos/hosts/thalassa/null/home/theme.nix b/nixos/hosts/thalassa/null/home/theme.nix index a4f2ee13..870403f2 100644 --- a/nixos/hosts/thalassa/null/home/theme.nix +++ b/nixos/hosts/thalassa/null/home/theme.nix @@ -59,5 +59,6 @@ in backgroundColor = colour.hex.mantle; borderColor = colour.hex.pink; textColor = colour.hex.text; + borderRadius = 5; }; } -- 2.47.1 From 328d6e0194a8e85c4b7228a2b12d665d34802a6e Mon Sep 17 00:00:00 2001 From: victor Date: Fri, 9 Sep 2022 19:04:23 +0200 Subject: [PATCH 0405/1882] ammend github action --- .github/workflows/nixos.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index f9e86df4..9ca6290f 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -1,5 +1,9 @@ name: NixOS +on: + push: + branches: [main] + jobs: build: runs-on: ubuntu-18.04 -- 2.47.1 From a977870dd332225ce05a10e542a720462e3828f8 Mon Sep 17 00:00:00 2001 From: victor Date: Fri, 9 Sep 2022 20:48:13 +0200 Subject: [PATCH 0406/1882] gha: added free-disk-space task --- .github/workflows/nixos.yml | 17 ++++++++++++++++- nixos/common/default.nix | 2 ++ 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index 9ca6290f..c297f790 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -6,10 +6,25 @@ on: jobs: build: - runs-on: ubuntu-18.04 + runs-on: ubuntu-latest steps: - uses: actions/checkout@v2.3.2 + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@main + with: + # this might remove tools that are actually needed, + # if set to "true" but frees about 6 GB + tool-cache: true + + # all of these default to true, but feel free to set to + # "false" if necessary for your workflow + android: true + dotnet: true + haskell: true + large-packages: true + swap-storage: true + - name: "Install Nix ❄️" uses: cachix/install-nix-action@v15 diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 8c082a0b..4b4bbf7c 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -27,6 +27,7 @@ "https://nixpkgs-review-bot.cachix.org" "https://colmena.cachix.org" "https://hyprland.cachix.org" + "https://0x76-infra.cachix.org" ]; trusted-public-keys = [ "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=" @@ -34,6 +35,7 @@ "nixpkgs-review-bot.cachix.org-1:eppgiDjPk7Hkzzz7XlUesk3rcEHqNDozGOrcLc8IqwE=" "colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg=" "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" + "0x76-infra.cachix.org-1:dC1qp+VEN3jj5pdK4URlXR9hf3atT+MnpKGu6PZjMc8=" ]; # Also use zsh for root; }; -- 2.47.1 From 125fd58220decdb27ad9000b8c673bfc60ba6e29 Mon Sep 17 00:00:00 2001 From: victor Date: Fri, 9 Sep 2022 22:58:15 +0200 Subject: [PATCH 0407/1882] minor update; test gha --- flake.lock | 12 ++++++------ nixos/hosts/olympus/nginx/configuration.nix | 1 + 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index d74ddd9f..201e70cc 100644 --- a/flake.lock +++ b/flake.lock @@ -228,11 +228,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1662732084, - "narHash": "sha256-uW9KRO0zNC2xPISInFCFP0Nqko1x/DLI+jrhndERuRQ=", + "lastModified": 1662743291, + "narHash": "sha256-pbkozo4JeRgvB97KYhgYlAkfWp1BNsv0vftXtkedwuE=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "9370c7aa8a0f43b4471626f95013e1bf55539c19", + "rev": "f663fa209ce72571bd4c551a19757ccd58b3fb7f", "type": "github" }, "original": { @@ -495,11 +495,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1662734285, - "narHash": "sha256-6WHeR4k640SnTqxusciQ6zfB6of20cjMjM3wwaIgzNQ=", + "lastModified": 1662744797, + "narHash": "sha256-raV+TEPsy8JK4ELgGoQZ96JkbnfDbfywVSZuTrtZ9eI=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "bbb08d8ec46d8eb0317a10bc828c25ce8be42c58", + "rev": "73d62f3a0d8410a35b9b2d6d391468e2cce1d55b", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 288d68d3..a94d2fea 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -56,6 +56,7 @@ in virtualHosts."git.0x76.dev" = proxy "http://gitea.olympus:3000"; virtualHosts."o.0x76.dev" = proxy "http://minio.olympus:9000"; virtualHosts."grafana.0x76.dev" = proxy "http://victoriametrics.olympus:2342"; + virtualHosts."andreea.redshifts.xyz" = proxy "http://zmeura.olympus:8008"; # Meow virtualHosts."meowy.tech" = { -- 2.47.1 From fc55c0addc80149da0ecc5d3c4151390e17708c2 Mon Sep 17 00:00:00 2001 From: victor Date: Fri, 9 Sep 2022 23:23:48 +0200 Subject: [PATCH 0408/1882] update readme --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index dc0862d4..6d1f8d2e 100644 --- a/README.md +++ b/README.md @@ -1,14 +1,14 @@ -# 0x76's Infrastructure +# 0x76's Infrastructure [![NixOS](https://github.com/NULLx76/infrastructure/actions/workflows/nixos.yml/badge.svg)](https://github.com/NULLx76/infrastructure/actions/workflows/nixos.yml) This repository contains my IaC and GitOps code. ## Directory Structure `flake.nix` is a NixOS flake which is the entrypoint for my NixOS config, it also contains a 'DevShell' containing all the tools needed to deploy the infrastructure, this can be accessed running `nix develop`. * **flux**: Kubernetes manifests as managed by [Flux] -* **nixos**: Nix configurations for my NixOS LXCs and VMs, deployed using [deploy-rs]. +* **nixos**: Nix configurations for my NixOS LXCs and VMs, deployed using [colmena]. * **terraform**: Terraform config for deploying said VMs and Containers onto Proxmox, using [terraform-provider-proxmox] [Flux]: https://github.com/fluxcd/flux2 -[deploy-rs]: https://github.com/serokell/deploy-rs +[deploy-rs]: https://colmena.cli.rs/unstable/ [terraform-provider-proxmox]: https://github.com/Telmate/terraform-provider-proxmox -- 2.47.1 From 1ee95b1f9c81e7a2a8f826996f4c71016b05169e Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 10 Sep 2022 10:27:48 +0200 Subject: [PATCH 0409/1882] add s2s wireguard --- list-nix-store.sh | 27 +++++++++++++++++++ .../hosts/olympus/wireguard/configuration.nix | 8 ++++++ 2 files changed, 35 insertions(+) create mode 100755 list-nix-store.sh diff --git a/list-nix-store.sh b/list-nix-store.sh new file mode 100755 index 00000000..1a78156f --- /dev/null +++ b/list-nix-store.sh @@ -0,0 +1,27 @@ +#!/usr/bin/env bash +# Small utility to replace `nix path-info --all` +set -euo pipefail + +for file in /nix/store/*; do + case "$file" in + *.drv) + # Avoid .drv as they are not generally useful + continue + ;; + *.drv.chroot) + # Avoid .drv.chroot as they are not generally useful + continue + ;; + *.check) + # Skip .check file produced by --keep-failed + continue + ;; + *.lock) + # Skip .lock files + continue + ;; + *) + echo "$file" + ;; + esac +done diff --git a/nixos/hosts/olympus/wireguard/configuration.nix b/nixos/hosts/olympus/wireguard/configuration.nix index 36b4175e..f2c83649 100644 --- a/nixos/hosts/olympus/wireguard/configuration.nix +++ b/nixos/hosts/olympus/wireguard/configuration.nix @@ -60,6 +60,14 @@ let vs = config.vault-secrets.secrets; in publicKey = "L8myt2bcdja7M+i+9eatdQRW8relPUoZZ9lEKSLe+m8="; allowedIPs = [ "10.100.0.4/32" ]; } + { + # Aerdenhout + # Useful setup video for opnsense: https://www.youtube.com/watch?v=RoXHe5dqCM0 + # https://docs.opnsense.org/manual/how-tos/wireguard-s2s.html + publicKey = "KgqLhmUMX6kyTjRoa/GOCrZOvXNE5HWYuOr/T3v8/VI="; + allowedIPs = [ "10.100.0.5/32" "192.168.0.0/23" "10.10.10.0/24"]; + endpoint = "80.60.83.220:51820"; + } ]; }; } -- 2.47.1 From 6ae076296e418bf9f06a235e88df23d2e1b760c0 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 10 Sep 2022 10:46:34 +0200 Subject: [PATCH 0410/1882] first multi-site deploy working :tada: --- nixos/hosts/hades/bastion/configuration.nix | 29 +++++++++++++++++++++ nixos/hosts/hades/default.nix | 14 +++++++++- nixos/hosts/olympus/default.nix | 2 ++ 3 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 nixos/hosts/hades/bastion/configuration.nix diff --git a/nixos/hosts/hades/bastion/configuration.nix b/nixos/hosts/hades/bastion/configuration.nix new file mode 100644 index 00000000..eaac5fea --- /dev/null +++ b/nixos/hosts/hades/bastion/configuration.nix @@ -0,0 +1,29 @@ +{ config, pkgs, lib, ... }: +{ + networking.interfaces.eth0.useDHCP = true; + + # mosh ssh + programs.mosh.enable = true; + + environment.systemPackages = with pkgs; [ + cachix + direnv + git-crypt + nix-update + nodejs-14_x + pinentry-curses + ripgrep + rsync + tmux + vault + ]; + + environment.noXlibs = lib.mkForce false; + + system.stateVersion = "21.05"; + + programs.gnupg.agent = { + enable = true; + pinentryFlavor = "curses"; + }; +} diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index fe51488c..a396ee66 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -1 +1,13 @@ -[] +[ + { + hostname = "archlinux"; + ip = "192.168.0.200"; + mac = "00:0c:29:e4:0d:17"; + nix = false; + } + { + hostname = "bastion"; + ip = "192.168.0.114"; + mac = "66:14:8e:b2:50:c4"; + } +] diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index c51b5f9c..4a50db6a 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -69,12 +69,14 @@ profile = "dns"; ip = "10.42.42.15"; mac = "5E:F6:36:23:16:E3"; + tags = [ "dns" ]; } { hostname = "dns-2"; profile = "dns"; ip = "10.42.42.16"; mac = "B6:04:0B:CD:0F:9F"; + tags = [ "dns" ]; } { hostname = "minio"; -- 2.47.1 From 6878e2b786ed8db7f3af3c0224874fd0a16b67e2 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 10 Sep 2022 15:10:01 +0200 Subject: [PATCH 0411/1882] migrating hades hosts to this repo --- .vscode/snippets.code-snippets | 31 + nixos/hosts/hades/default.nix | 198 +- nixos/hosts/hades/jackett/configuration.nix | 11 + nixos/hosts/hades/radarr/configuration.nix | 16 + nixos/hosts/hades/sonarr/configuration.nix | 16 + nixos/hosts/olympus/dhcp/configuration.nix | 3 +- nixos/hosts/olympus/dns/configuration.nix | 2 +- nixos/pkgs/default.nix | 20 +- nixos/pkgs/glitch-soc/default.nix | 123 + nixos/pkgs/glitch-soc/gemset.nix | 3123 +++++++++++++++++++ nixos/pkgs/glitch-soc/source.nix | 11 + nixos/pkgs/glitch-soc/update.nix | 30 + nixos/pkgs/glitch-soc/update.sh | 98 + nixos/pkgs/glitch-soc/version.nix | 1 + nixos/pkgs/vmagent/default.nix | 7 +- 15 files changed, 3672 insertions(+), 18 deletions(-) create mode 100644 .vscode/snippets.code-snippets create mode 100644 nixos/hosts/hades/jackett/configuration.nix create mode 100644 nixos/hosts/hades/radarr/configuration.nix create mode 100644 nixos/hosts/hades/sonarr/configuration.nix create mode 100644 nixos/pkgs/glitch-soc/default.nix create mode 100644 nixos/pkgs/glitch-soc/gemset.nix create mode 100644 nixos/pkgs/glitch-soc/source.nix create mode 100644 nixos/pkgs/glitch-soc/update.nix create mode 100755 nixos/pkgs/glitch-soc/update.sh create mode 100644 nixos/pkgs/glitch-soc/version.nix diff --git a/.vscode/snippets.code-snippets b/.vscode/snippets.code-snippets new file mode 100644 index 00000000..cc364cc7 --- /dev/null +++ b/.vscode/snippets.code-snippets @@ -0,0 +1,31 @@ +{ + // Place your infrastructure workspace snippets here. Each snippet is defined under a snippet name and has a scope, prefix, body and + // description. Add comma separated ids of the languages where the snippet is applicable in the scope field. If scope + // is left empty or omitted, the snippet gets applied to all languages. The prefix is what is + // used to trigger the snippet and the body will be expanded and inserted. Possible variables are: + // $1, $2 for tab stops, $0 for the final cursor position, and ${1:label}, ${2:another} for placeholders. + // Placeholders with the same ids are connected. + // Example: + // "Print to console": { + // "scope": "javascript,typescript", + // "prefix": "log", + // "body": [ + // "console.log('$1');", + // "$2" + // ], + // "description": "Log output to console" + // } + "Create Host": { + "scope": "nix", + "prefix": "new_host", + "body": [ + "{", + " hostname = \"$1\";", + " ip = \"$2\";", + " mac = \"$3\";", + " nix = ${4|false,true|};", + "}", + "$0" + ] + } +} diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index a396ee66..f43b9694 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -1,8 +1,62 @@ [ { - hostname = "archlinux"; - ip = "192.168.0.200"; - mac = "00:0c:29:e4:0d:17"; + hostname = "opnsense"; + ip = "192.168.0.1"; + mac = "00:0d:b9:56:b1:d8"; + nix = false; + } + { + hostname = "nyx-bmc"; + ip = "192.168.0.99"; + mac = "d0:50:99:f3:fa:42"; + nix = false; + } + { + hostname = "nyx"; + ip = "192.168.0.100"; + mac = "d0:50:99:de:99:4c"; + nix = false; + } + { + hostname = "unifi"; + ip = "192.168.0.101"; + mac = "5a:00:b7:6c:d1:e2"; + nix = false; + } + { + hostname = "plex"; + ip = "192.168.0.102"; + mac = "00:0c:29:a1:4e:28"; + nix = false; + } + { + hostname = "MariaDB"; + ip = "192.168.0.109"; + mac = "00:0c:29:23:4f:12"; + nix = false; + } + { + hostname = "bitwarden_rs"; + ip = "192.168.0.110"; + mac = "00:0c:29:f5:98:00"; + nix = false; + } + { + hostname = "rtorrent"; + ip = "192.168.0.111"; + mac = "7a:5f:9b:62:49:91"; + nix = false; + } + { + hostname = "minio"; + ip = "192.168.0.112"; + mac = "ae:c6:94:bb:c5:d9"; + nix = false; + } + { + hostname = "cshub2"; + ip = "192.168.0.113"; + mac = "26:8c:f6:f4:21:76"; nix = false; } { @@ -10,4 +64,142 @@ ip = "192.168.0.114"; mac = "66:14:8e:b2:50:c4"; } + { + hostname = "storage"; + ip = "192.168.0.115"; + mac = "00:50:56:91:0d:69"; + nix = false; + } + { + hostname = "unpackerr"; + ip = "192.168.0.116"; + mac = "06:8a:8e:3e:43:45"; + nix = false; + } + { + hostname = "thelounge"; + ip = "192.168.0.117"; + mac = "00:0c:29:2a:69:8f"; + nix = false; + } + { + hostname = "mail"; + ip = "192.168.0.118"; + mac = "00:50:56:91:3b:03"; + nix = false; + } + { + hostname = "radarr2"; + ip = "192.168.0.120"; + mac = "5e:d3:75:93:56:ee"; + profile = "radarr"; + } + { + hostname = "jackett2"; + ip = "192.168.0.121"; + mac = "4e:e7:64:b7:88:b8"; + profile = "jackett"; + } + { + hostname = "nginx"; + ip = "192.168.0.123"; + mac = "00:0c:29:9b:10:82"; + nix = false; + } + { + hostname = "pve-storage"; + ip = "192.168.0.124"; + mac = "d4:3d:7e:35:0a:bf"; + nix = false; + } + { + hostname = "database"; + ip = "192.168.0.126"; + mac = "82:e8:71:7f:37:b4"; + nix = false; + } + { + hostname = "dn42"; + ip = "192.168.0.127"; + mac = "12:fa:24:02:65:e6"; + nix = false; + } + { + hostname = "docker-registry-proxy"; + ip = "192.168.0.128"; + mac = "0e:11:65:62:66:9f"; + nix = false; + } + { + hostname = "hassio"; + ip = "192.168.0.129"; + mac = "e6:80:32:fb:00:75"; + nix = false; + } + { + hostname = "docker-registry"; + ip = "192.168.0.130"; + mac = "5e:0e:a6:cf:64:70"; + nix = false; + } + { + hostname = "minecraft"; + ip = "192.168.0.131"; + mac = "00:0c:29:9b:e1:c4"; + nix = false; + } + { + hostname = "sonarr2"; + ip = "192.168.0.132"; + mac = "ea:ac:be:53:18:27"; + profile = "sonarr"; + } + { + hostname = "postgres"; + ip = "192.168.0.133"; + mac = "6e:92:a9:5e:4c:e2"; + nix = false; + } + { + hostname = "vault"; + ip = "192.168.0.134"; + mac = "56:20:62:16:8a:11"; + nix = false; + } + { + hostname = "vmetrics"; + ip = "192.168.0.135"; + mac = "96:10:41:fd:2a:0a"; + nix = false; + } + { + hostname = "mastodon"; + ip = "192.168.0.138"; + mac = "52:60:8a:06:86:9c"; + nix = false; + } + { + hostname = "lidarr"; + ip = "192.168.0.139"; + mac = "7a:0f:25:e5:7f:e5"; + nix = false; + } + { + hostname = "prowlarr"; + ip = "192.168.0.140"; + mac = "3a:67:8e:98:0c:a2"; + nix = false; + } + { + hostname = "archlinux"; + ip = "192.168.0.200"; + mac = "00:0c:29:e4:0d:17"; + nix = false; + } + { + hostname = "HP781AFC"; + ip = "192.168.0.201"; + mac = "f4:ce:46:78:1a:fc"; + nix = false; + } ] diff --git a/nixos/hosts/hades/jackett/configuration.nix b/nixos/hosts/hades/jackett/configuration.nix new file mode 100644 index 00000000..e749d648 --- /dev/null +++ b/nixos/hosts/hades/jackett/configuration.nix @@ -0,0 +1,11 @@ +{ config, pkgs, ... }: +{ + system.stateVersion = "21.05"; + networking.interfaces.eth0.useDHCP = true; + + services.jackett = { + enable = true; + dataDir = "/var/lib/jackett/"; + openFirewall = true; + }; +} diff --git a/nixos/hosts/hades/radarr/configuration.nix b/nixos/hosts/hades/radarr/configuration.nix new file mode 100644 index 00000000..1ba806c7 --- /dev/null +++ b/nixos/hosts/hades/radarr/configuration.nix @@ -0,0 +1,16 @@ +{ config, pkgs, ... }: +{ + system.stateVersion = "21.05"; + networking.interfaces.eth0.useDHCP = true; + + fileSystems."/mnt/storage" = { + device = "storage:/mnt/storage"; + fsType = "nfs"; + }; + + services.radarr = { + enable = true; + dataDir = "/data/radarr"; + openFirewall = true; + }; +} diff --git a/nixos/hosts/hades/sonarr/configuration.nix b/nixos/hosts/hades/sonarr/configuration.nix new file mode 100644 index 00000000..d9d9ce4a --- /dev/null +++ b/nixos/hosts/hades/sonarr/configuration.nix @@ -0,0 +1,16 @@ +{ config, pkgs, ... }: +{ + system.stateVersion = "21.05"; + networking.interfaces.eth0.useDHCP = true; + + fileSystems."/mnt/storage" = { + device = "storage:/mnt/storage"; + fsType = "nfs"; + }; + + services.sonarr = { + enable = true; + dataDir = "/data/sonarr"; + openFirewall = true; + }; +} diff --git a/nixos/hosts/olympus/dhcp/configuration.nix b/nixos/hosts/olympus/dhcp/configuration.nix index 43f735e8..86390824 100644 --- a/nixos/hosts/olympus/dhcp/configuration.nix +++ b/nixos/hosts/olympus/dhcp/configuration.nix @@ -1,12 +1,13 @@ { config, pkgs, hosts, ... }: let + inherit (builtins) filter hasAttr; hostToDhcp = { hostname, mac, ip, ... }: { ethernetAddress = mac; hostName = hostname; ipAddress = ip; }; localDomain = config.networking.domain; - hosts' = builtins.filter (builtins.hasAttr "ip") hosts.${localDomain}; + hosts' = filter (h: hasAttr "ip" h && hasAttr "mac" h) hosts.${localDomain}; in { imports = [ ]; diff --git a/nixos/hosts/olympus/dns/configuration.nix b/nixos/hosts/olympus/dns/configuration.nix index c794d89b..b1098d54 100644 --- a/nixos/hosts/olympus/dns/configuration.nix +++ b/nixos/hosts/olympus/dns/configuration.nix @@ -28,7 +28,7 @@ in { services.unbound = { enable = true; - package = pkgs.v.unbound; + package = pkgs.unbound; settings = { server = { use-syslog = "yes"; diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index 00d25de6..51ef0eff 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -8,18 +8,20 @@ final: prev: { discord = prev.discord.override { withOpenASAR = true; }; - vmagent = prev.callPackage ./vmagent { }; - catppuccin.cursors = prev.callPackage ./catppuccin/cursors { }; - v = { - unbound = prev.unbound.override { - withSystemd = true; - withDoH = true; - withDNSCrypt = true; - withTFO = true; - }; + unbound = prev.unbound.override { + withSystemd = true; + withDoH = true; + withDNSCrypt = true; + withTFO = true; + }; + v = { + glitch-soc = prev.callPackage ./glitch-soc { }; + + + vmagent = prev.callPackage ./vmagent { }; gitea-agatheme = prev.callPackage ./gitea-agatheme { }; }; } diff --git a/nixos/pkgs/glitch-soc/default.nix b/nixos/pkgs/glitch-soc/default.nix new file mode 100644 index 00000000..128651be --- /dev/null +++ b/nixos/pkgs/glitch-soc/default.nix @@ -0,0 +1,123 @@ +{ lib, stdenv, nodejs-slim, mkYarnPackage, fetchFromGitHub, bundlerEnv, nixosTests +, yarn, callPackage, imagemagick, ffmpeg, file, ruby_3_0, writeShellScript +, fetchYarnDeps, fixup_yarn_lock + + # Allow building a fork or custom version of Mastodon: +, pname ? "mastodon" +, version ? import ./version.nix +, srcOverride ? null +, dependenciesDir ? ./. # Should contain gemset.nix, yarn.nix and package.json. +}: + +stdenv.mkDerivation rec { + inherit pname version; + + # Using overrideAttrs on src does not build the gems and modules with the overridden src. + # Putting the callPackage up in the arguments list also does not work. + src = if srcOverride != null then srcOverride else callPackage ./source.nix {}; + + yarnOfflineCache = fetchYarnDeps { + yarnLock = "${src}/yarn.lock"; + sha256 = "sha256-b0XNhcCcTtYEdy1ZzRGwOrLpgpsMlt9qLf5CBa+1BL8="; + }; + + mastodon-gems = bundlerEnv { + name = "${pname}-gems-${version}"; + inherit version; + ruby = ruby_3_0; + gemdir = src; + gemset = dependenciesDir + "/gemset.nix"; + # This fix (copied from https://github.com/NixOS/nixpkgs/pull/76765) replaces the gem + # symlinks with directories, resolving this error when running rake: + # /nix/store/451rhxkggw53h7253izpbq55nrhs7iv0-mastodon-gems-3.0.1/lib/ruby/gems/2.6.0/gems/bundler-1.17.3/lib/bundler/settings.rb:6:in `': uninitialized constant Bundler::Settings (NameError) + postBuild = '' + for gem in "$out"/lib/ruby/gems/*/gems/*; do + cp -a "$gem/" "$gem.new" + rm "$gem" + # needed on macOS, otherwise the mv yields permission denied + chmod +w "$gem.new" + mv "$gem.new" "$gem" + done + ''; + }; + + mastodon-modules = stdenv.mkDerivation { + pname = "${pname}-modules"; + inherit src version; + + nativeBuildInputs = [ fixup_yarn_lock nodejs-slim yarn mastodon-gems mastodon-gems.wrappedRuby ]; + + RAILS_ENV = "production"; + NODE_ENV = "production"; + + buildPhase = '' + export HOME=$PWD + fixup_yarn_lock ~/yarn.lock + yarn config --offline set yarn-offline-mirror ${yarnOfflineCache} + yarn install --offline --frozen-lockfile --ignore-engines --ignore-scripts --no-progress + + patchShebangs ~/bin + patchShebangs ~/node_modules + + # skip running yarn install + rm -rf ~/bin/yarn + + OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder \ + rails assets:precompile + yarn cache clean --offline + rm -rf ~/node_modules/.cache + ''; + + installPhase = '' + mkdir -p $out/public + cp -r node_modules $out/node_modules + cp -r public/assets $out/public + cp -r public/packs $out/public + ''; + }; + + propagatedBuildInputs = [ imagemagick ffmpeg file mastodon-gems.wrappedRuby ]; + buildInputs = [ mastodon-gems nodejs-slim ]; + + buildPhase = '' + ln -s ${mastodon-modules}/node_modules node_modules + ln -s ${mastodon-modules}/public/assets public/assets + ln -s ${mastodon-modules}/public/packs public/packs + + patchShebangs bin/ + for b in $(ls ${mastodon-gems}/bin/) + do + if [ ! -f bin/$b ]; then + ln -s ${mastodon-gems}/bin/$b bin/$b + fi + done + + rm -rf log + ln -s /var/log/mastodon log + ln -s /tmp tmp + ''; + + installPhase = let + run-streaming = writeShellScript "run-streaming.sh" '' + # NixOS helper script to consistently use the same NodeJS version the package was built with. + ${nodejs-slim}/bin/node ./streaming + ''; + in '' + mkdir -p $out + cp -r * $out/ + ln -s ${run-streaming} $out/run-streaming.sh + ''; + + passthru = { + tests.mastodon = nixosTests.mastodon; + updateScript = callPackage ./update.nix {}; + }; + + meta = with lib; { + description = "Self-hosted, globally interconnected microblogging software based on ActivityPub"; + homepage = "https://joinmastodon.org"; + license = licenses.agpl3Plus; + platforms = [ "x86_64-linux" "i686-linux" "aarch64-linux" ]; + maintainers = with maintainers; [ petabyteboy happy-river erictapen izorkin ]; + }; +} diff --git a/nixos/pkgs/glitch-soc/gemset.nix b/nixos/pkgs/glitch-soc/gemset.nix new file mode 100644 index 00000000..c0c5f1ad --- /dev/null +++ b/nixos/pkgs/glitch-soc/gemset.nix @@ -0,0 +1,3123 @@ +{ + actioncable = { + dependencies = ["actionpack" "activesupport" "nio4r" "websocket-driver"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0p8zkh5ww16y8n1jp12y1gjrmll7m7305c91p419f10qrw4x8cgc"; + type = "gem"; + }; + version = "6.1.6"; + }; + actionmailbox = { + dependencies = ["actionpack" "activejob" "activerecord" "activestorage" "activesupport" "mail"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0z52r7k3ig09zjvfcb8xnrl9vl0ssii22c2h7gx26nq8wb7yjkwq"; + type = "gem"; + }; + version = "6.1.6"; + }; + actionmailer = { + dependencies = ["actionpack" "actionview" "activejob" "activesupport" "mail" "rails-dom-testing"]; + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "186bkhrp8j81nrw5xznbi0nyhk49gdv6ynd80pcyk5lxhfkiw1wc"; + type = "gem"; + }; + version = "6.1.6"; + }; + actionpack = { + dependencies = ["actionview" "activesupport" "rack" "rack-test" "rails-dom-testing" "rails-html-sanitizer"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1walbq04v4qvgnz39cbfhz9bzhsf14q1h7gd0kgjy3frld6ysrhb"; + type = "gem"; + }; + version = "6.1.6"; + }; + actiontext = { + dependencies = ["actionpack" "activerecord" "activestorage" "activesupport" "nokogiri"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0s6v0vnnm8zrxc3pr058r8bvgs6fxgjhadbc5r1sv1mrbyvvm1h0"; + type = "gem"; + }; + version = "6.1.6"; + }; + actionview = { + dependencies = ["activesupport" "builder" "erubi" "rails-dom-testing" "rails-html-sanitizer"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "05r0h7pvc0szqmgnra0j3j8ap7dmiyw9s6qksx41v5cxknmfi0h3"; + type = "gem"; + }; + version = "6.1.6"; + }; + active_model_serializers = { + dependencies = ["actionpack" "activemodel" "case_transform" "jsonapi-renderer"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0xdp7cpj3yj3wl4vj0nqq44kzjavlxi1wq3cf9zp0whkir0ym0gy"; + type = "gem"; + }; + version = "0.10.13"; + }; + active_record_query_trace = { + groups = ["development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "19888wjdpqvr2kaci6v6jyjw9pjf682zb1iyx2lz12mpdmy3500n"; + type = "gem"; + }; + version = "1.8"; + }; + activejob = { + dependencies = ["activesupport" "globalid"]; + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0gjvxrzdbg0dsyqx7wsmxqfvlpl37zvzq3d1cylhb5qslsw6ml05"; + type = "gem"; + }; + version = "6.1.6"; + }; + activemodel = { + dependencies = ["activesupport"]; + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1f0ai51icvvx5q0jd1l89k0dlwzpsrkqlj6x43f8qc4bd1ya9glx"; + type = "gem"; + }; + version = "6.1.6"; + }; + activerecord = { + dependencies = ["activemodel" "activesupport"]; + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0khjnkvmiyap1g3rvw9hp16mzai4smqcg5hxhq28pll25ljzxdbp"; + type = "gem"; + }; + version = "6.1.6"; + }; + activestorage = { + dependencies = ["actionpack" "activejob" "activerecord" "activesupport" "marcel" "mini_mime"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "03w600j4jzgfycy2xm6cxry3q5rpvx1jvr7msy1jx65sa2shgjha"; + type = "gem"; + }; + version = "6.1.6"; + }; + activesupport = { + dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo" "zeitwerk"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "08wzpwgdm03vzb8gqr8bvfdarb89g5ah0skvwqk6qv87p55xqkyw"; + type = "gem"; + }; + version = "6.1.6"; + }; + addressable = { + dependencies = ["public_suffix"]; + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1ypdmpdn20hxp5vwxz3zc04r5xcwqc25qszdlg41h8ghdqbllwmw"; + type = "gem"; + }; + version = "2.8.1"; + }; + aes_key_wrap = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "19bn0y70qm6mfj4y1m0j3s8ggh6dvxwrwrj5vfamhdrpddsz8ddr"; + type = "gem"; + }; + version = "1.1.0"; + }; + airbrussh = { + dependencies = ["sshkit"]; + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0x55y3ynkda76pwnsvrrjlvxfcc7yn1irad8radll9c9cif41jqv"; + type = "gem"; + }; + version = "1.4.1"; + }; + android_key_attestation = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "02spc1sh7zsljl02v9d5rdb717b628vw2k7jkkplifyjk4db0zj6"; + type = "gem"; + }; + version = "0.3.0"; + }; + annotate = { + dependencies = ["activerecord" "rake"]; + groups = ["development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1lw0fxb5mirsdp3bp20gjyvs7clvi19jbxnrm2ihm20kzfhvlqcs"; + type = "gem"; + }; + version = "3.2.0"; + }; + ast = { + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "04nc8x27hlzlrr5c2gn7mar4vdr0apw5xg22wp6m8dx3wqr04a0y"; + type = "gem"; + }; + version = "2.4.2"; + }; + attr_encrypted = { + dependencies = ["encryptor"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ncv2az1zlj33bsllr6q1qdvbw42gv91lxq0ryclbv8l8xh841jg"; + type = "gem"; + }; + version = "3.1.0"; + }; + attr_required = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1g22axmi2rhhy7w8c3x6gppsawxqavbrnxpnmphh22fk7cwi0kh2"; + type = "gem"; + }; + version = "1.0.1"; + }; + awrence = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0gj8f8c54r9cabkm41s59sa1ca5wpbipw7gq3sfl87x9296227fx"; + type = "gem"; + }; + version = "1.2.1"; + }; + aws-eventstream = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1pyis1nvnbjxk12a43xvgj2gv0mvp4cnkc1gzw0v1018r61399gz"; + type = "gem"; + }; + version = "1.2.0"; + }; + aws-partitions = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0vqb2bfq5db7x66f4n4z30c953y5q8pwwl2067nxhz6j0c486pzm"; + type = "gem"; + }; + version = "1.587.0"; + }; + aws-sdk-core = { + dependencies = ["aws-eventstream" "aws-partitions" "aws-sigv4" "jmespath"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0hajbavfngn99hcz6n20162jygvwdflldvnlrza7z32hizawaaan"; + type = "gem"; + }; + version = "3.130.2"; + }; + aws-sdk-kms = { + dependencies = ["aws-sdk-core" "aws-sigv4"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "14dcfqqdx1dy7qwrdyqdvqjs53kswm4njvg34f61jpl9xi3h2yf3"; + type = "gem"; + }; + version = "1.56.0"; + }; + aws-sdk-s3 = { + dependencies = ["aws-sdk-core" "aws-sdk-kms" "aws-sigv4"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1r6dxz3llgxbbm66jq5mkzk0i6qsxwv0d9s0ipwb23vv3bgp23yf"; + type = "gem"; + }; + version = "1.114.0"; + }; + aws-sigv4 = { + dependencies = ["aws-eventstream"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0xp7diwq7nv4vvxrl9x3lis2l4x6bissrfzbfyy6rv5bmj5w109z"; + type = "gem"; + }; + version = "1.5.0"; + }; + bcrypt = { + groups = ["default" "pam_authentication"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1rakdhrnlclrpy7sihi9ipwdh7fjkkvzga171464lq6rzp07cf65"; + type = "gem"; + }; + version = "3.1.17"; + }; + better_errors = { + dependencies = ["coderay" "erubi" "rack"]; + groups = ["development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "11220lfzhsyf5fcril3qd689kgg46qlpiiaj00hc9mh4mcbc3vrr"; + type = "gem"; + }; + version = "2.9.1"; + }; + better_html = { + dependencies = ["actionview" "activesupport" "ast" "erubi" "html_tokenizer" "parser" "smart_properties"]; + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1sssv94gg7bnxiqn5pbbpf8rdnmw3iyj2qwn2pbgxxs8xmmq158b"; + type = "gem"; + }; + version = "1.0.16"; + }; + bindata = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "06lqi4svq5qls9f7nnvd2zmjdqmi2sf82sq78ci5d78fq0z5x2vr"; + type = "gem"; + }; + version = "2.4.10"; + }; + binding_of_caller = { + dependencies = ["debug_inspector"]; + groups = ["development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "078n2dkpgsivcf0pr50981w95nfc2bsrp3wpf9wnxz1qsp8jbb9s"; + type = "gem"; + }; + version = "1.0.0"; + }; + blurhash = { + dependencies = ["ffi"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1rs61mwdiyriq8mb8na2sfrqzz8igls04md63ajyhk4yj8d2j0sz"; + type = "gem"; + }; + version = "0.1.6"; + }; + bootsnap = { + dependencies = ["msgpack"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0y1ycmvyd7swp6gy85m7znwilvb61zzcx6najgq0d1glq0p2hwy6"; + type = "gem"; + }; + version = "1.13.0"; + }; + brakeman = { + groups = ["development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0zr2p0w4ckv65cv3vdwnk9f3yydmjdmw75x7dskx1gqr9j9q3306"; + type = "gem"; + }; + version = "5.3.1"; + }; + browser = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0q1yzvbqp0mykswipq3w00ljw9fgkhjfrij3hkwi7cx85r14n6gw"; + type = "gem"; + }; + version = "4.2.0"; + }; + brpoplpush-redis_script = { + dependencies = ["concurrent-ruby" "redis"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0rjm184dhlw35ymi8ifpl5155vwl6wfzdc5qjvzv634gc365yz9j"; + type = "gem"; + }; + version = "0.1.2"; + }; + builder = { + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "045wzckxpwcqzrjr353cxnyaxgf0qg22jh00dcx7z38cys5g1jlr"; + type = "gem"; + }; + version = "3.2.4"; + }; + bullet = { + dependencies = ["activesupport" "uniform_notifier"]; + groups = ["development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "06rmq3s8q6xndxxl7qid9nf3hiaahs71jyiyyk3bx31hns1vkcci"; + type = "gem"; + }; + version = "7.0.3"; + }; + bundler-audit = { + dependencies = ["thor"]; + groups = ["development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0gdx0019vj04n1512shhdx7hwphzqmdpw4vva2k551nd47y1dixx"; + type = "gem"; + }; + version = "0.9.1"; + }; + byebug = { + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0nx3yjf4xzdgb8jkmk2344081gqr22pgjqnmjg2q64mj5d6r9194"; + type = "gem"; + }; + version = "11.1.3"; + }; + capistrano = { + dependencies = ["airbrussh" "i18n" "rake" "sshkit"]; + groups = ["development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1673k8yzy4gl96f1xjj6zf1r2pgm2h042vdsiw03wqx4ygbq2las"; + type = "gem"; + }; + version = "3.17.1"; + }; + capistrano-bundler = { + dependencies = ["capistrano"]; + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "168kyi0gv2s84jm533m8rg0dii50flr06n6s2ci6kzsib3n9n8dr"; + type = "gem"; + }; + version = "2.0.1"; + }; + capistrano-rails = { + dependencies = ["capistrano" "capistrano-bundler"]; + groups = ["development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1iyhs77bff09g18dlz0li5f44khjwpqc09gk5hzcnf5v9yvijpg9"; + type = "gem"; + }; + version = "1.6.2"; + }; + capistrano-rbenv = { + dependencies = ["capistrano" "sshkit"]; + groups = ["development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1x9m1i5zd0wx122zw3m40zprlmxk9d47bd6w61k81wr4qsvkk3rw"; + type = "gem"; + }; + version = "2.2.0"; + }; + capistrano-yarn = { + dependencies = ["capistrano"]; + groups = ["development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1zdg2s061vl5b8114n909mrjb2hc1qx0i4wqx9nacsrcjgyp07l9"; + type = "gem"; + }; + version = "2.0.2"; + }; + capybara = { + dependencies = ["addressable" "matrix" "mini_mime" "nokogiri" "rack" "rack-test" "regexp_parser" "xpath"]; + groups = ["test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "05df76mfhfab6d7ir0qy5xf1ad6kqdh2p6vfqv7nhlx45k1y4ysg"; + type = "gem"; + }; + version = "3.37.1"; + }; + case_transform = { + dependencies = ["activesupport"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0fzyws6spn5arqf6q604dh9mrj84a36k5hsc8z7jgcpfvhc49bg2"; + type = "gem"; + }; + version = "0.2"; + }; + cbor = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0511idr8xps9625nh3kxr68sdy6l3xy2kcz7r57g47fxb1v18jj3"; + type = "gem"; + }; + version = "0.5.9.6"; + }; + charlock_holmes = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0hybw8jw9ryvz5zrki3gc9r88jqy373m6v46ynxsdzv1ysiyr40p"; + type = "gem"; + }; + version = "0.7.7"; + }; + chewy = { + dependencies = ["activesupport" "elasticsearch" "elasticsearch-dsl"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1jfdz0z27p839m09xmw5anrw5jp3jd5hd5gnx4vlk6kk520cy6sf"; + type = "gem"; + }; + version = "7.2.4"; + }; + chunky_png = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1znw5x86hmm9vfhidwdsijz8m38pqgmv98l9ryilvky0aldv7mc9"; + type = "gem"; + }; + version = "1.4.0"; + }; + climate_control = { + groups = ["test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0q11v0iabvr6rif0d025xh078ili5frrihlj0m04zfg7lgvagxji"; + type = "gem"; + }; + version = "0.2.0"; + }; + cocoon = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "038z97pkhvsqbh6cmyyzj58ya968p24k7r0f0rx7sa2kjvk193yh"; + type = "gem"; + }; + version = "1.2.15"; + }; + coderay = { + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0jvxqxzply1lwp7ysn94zjhh57vc14mcshw1ygw14ib8lhc00lyw"; + type = "gem"; + }; + version = "1.1.3"; + }; + color_diff = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "01dpvqlzybpb3pkcwd9ik5sbjw283618ywvdphxslhiy8ps3kp4r"; + type = "gem"; + }; + version = "0.1"; + }; + concurrent-ruby = { + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0s4fpn3mqiizpmpy2a24k4v365pv75y50292r8ajrv4i1p5b2k14"; + type = "gem"; + }; + version = "1.1.10"; + }; + connection_pool = { + groups = ["default" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ffdxhgirgc86qb42yvmfj6v1v0x4lvi0pxn9zhghkff44wzra0k"; + type = "gem"; + }; + version = "2.2.5"; + }; + cose = { + dependencies = ["cbor" "openssl-signature_algorithm"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0cf29s40xf6a9k0idswfbabkswr0k5iqfrg61v40bzfrv0fdg440"; + type = "gem"; + }; + version = "1.2.1"; + }; + crack = { + dependencies = ["rexml"]; + groups = ["default" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1cr1kfpw3vkhysvkk3wg7c54m75kd68mbm9rs5azdjdq57xid13r"; + type = "gem"; + }; + version = "0.4.5"; + }; + crass = { + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0pfl5c0pyqaparxaqxi6s4gfl21bdldwiawrc0aknyvflli60lfw"; + type = "gem"; + }; + version = "1.0.6"; + }; + css_parser = { + dependencies = ["addressable"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "04c4dl8cm5rjr50k9qa6yl9r05fk9zcb1zxh0y0cdahxlsgcydfw"; + type = "gem"; + }; + version = "1.7.1"; + }; + debug_inspector = { + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1lswmjwxf1clzaimikhiwd9s1n07qkyz7a9xwng64j4fxsajykqp"; + type = "gem"; + }; + version = "1.0.0"; + }; + devise = { + dependencies = ["bcrypt" "orm_adapter" "railties" "responders" "warden"]; + groups = ["default" "pam_authentication"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0gl0b4jqf7ysv3rg99sgxa5y9va2k13p0si3a88pr7m8g6z8pm7x"; + type = "gem"; + }; + version = "4.8.1"; + }; + devise-two-factor = { + dependencies = ["activesupport" "attr_encrypted" "devise" "railties" "rotp"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "04f5rb8fg4cvzm32v413z3h53wc0fgxg927q8rqd546hdrlx4j35"; + type = "gem"; + }; + version = "4.0.2"; + }; + devise_pam_authenticatable2 = { + dependencies = ["devise" "rpam2"]; + groups = ["pam_authentication"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "13ipl52pkhc6vxp8ca31viwv01237bi2bfk3b1fixq1x46nf87p2"; + type = "gem"; + }; + version = "9.2.0"; + }; + diff-lcs = { + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0rwvjahnp7cpmracd8x732rjgnilqv2sx7d1gfrysslc3h039fa9"; + type = "gem"; + }; + version = "1.5.0"; + }; + discard = { + dependencies = ["activerecord"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1xavjhccyyzn9z6fz3034vgvzprc983mbrq6n9sc0drfw7m3vrip"; + type = "gem"; + }; + version = "1.2.1"; + }; + docile = { + groups = ["default" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0wi81lynfdvbwhrc4ws746g3j8761vian4m9gxamdj9rjwj9jhls"; + type = "gem"; + }; + version = "1.3.4"; + }; + domain_name = { + dependencies = ["unf"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0lcqjsmixjp52bnlgzh4lg9ppsk52x9hpwdjd53k8jnbah2602h0"; + type = "gem"; + }; + version = "0.5.20190701"; + }; + doorkeeper = { + dependencies = ["railties"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "188ybg2cgghcp5r1jpfnbx3anf0z8fzlla72jra0vgwkdylk7qkz"; + type = "gem"; + }; + version = "5.5.4"; + }; + dotenv = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1n0pi8x8ql5h1mijvm8lgn6bhq4xjb5a500p5r1krq4s6j9lg565"; + type = "gem"; + }; + version = "2.8.1"; + }; + dotenv-rails = { + dependencies = ["dotenv" "railties"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0v0gcbxzypcvy6fqq4gp80jb310xvdwj5n8qw9ci67g5yjvq2nxh"; + type = "gem"; + }; + version = "2.8.1"; + }; + ed25519 = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0zb2dr2ihb1qiknn5iaj1ha1w9p7lj9yq5waasndlfadz225ajji"; + type = "gem"; + }; + version = "1.3.0"; + }; + elasticsearch = { + dependencies = ["elasticsearch-api" "elasticsearch-transport"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0havyxmvl157a653prspnbhgdchlx44xqxl170v1im5ggxwavcaq"; + type = "gem"; + }; + version = "7.13.3"; + }; + elasticsearch-api = { + dependencies = ["multi_json"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0bmssarkk7lqkjdn8c9j7jvxcnn4hg1zcmhsky8bfvc99k33b3w8"; + type = "gem"; + }; + version = "7.13.3"; + }; + elasticsearch-dsl = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "174m3fwm3mawbkjg2xbmqvljq7ava4s95m8vpg5khcvfj506wxfk"; + type = "gem"; + }; + version = "0.1.10"; + }; + elasticsearch-transport = { + dependencies = ["faraday" "multi_json"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0blfii8qvj0m6bg9sbfynxc40in7zfmw2wpi4clv7d9gclk053db"; + type = "gem"; + }; + version = "7.13.3"; + }; + encryptor = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0s8rvfl0vn8w7k1sgkc234060jh468s3zd45xa64p1jdmfa3zwmb"; + type = "gem"; + }; + version = "3.0.0"; + }; + erubi = { + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "09l8lz3j00m898li0yfsnb6ihc63rdvhw3k5xczna5zrjk104f2l"; + type = "gem"; + }; + version = "1.10.0"; + }; + et-orbi = { + dependencies = ["tzinfo"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1d2z4ky2v15dpcz672i2p7lb2nc793dasq3yq3660h2az53kss9v"; + type = "gem"; + }; + version = "1.2.7"; + }; + excon = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "05is0kb650j8wrdi4rgkdls662chnhdg2p64pgq3zkd3d7l2a9zw"; + type = "gem"; + }; + version = "0.76.0"; + }; + fabrication = { + groups = ["development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0bxssmjp49whzq2zv7w751gr4nkdaiwcxd1vda0byigwyrnj6f5q"; + type = "gem"; + }; + version = "2.30.0"; + }; + faker = { + dependencies = ["i18n"]; + groups = ["test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1na8p9r9zdvz75aihjczhamlygrjs9dj7pcbxgg8vfavrx8d89b5"; + type = "gem"; + }; + version = "2.22.0"; + }; + faraday = { + dependencies = ["faraday-em_http" "faraday-em_synchrony" "faraday-excon" "faraday-httpclient" "faraday-multipart" "faraday-net_http" "faraday-net_http_persistent" "faraday-patron" "faraday-rack" "faraday-retry" "ruby2_keywords"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0y32gj994ll3zlcqjmwp78r7s03iiwayij6fz2pjpkfywgvp71s6"; + type = "gem"; + }; + version = "1.9.3"; + }; + faraday-em_http = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "12cnqpbak4vhikrh2cdn94assh3yxza8rq2p9w2j34bqg5q4qgbs"; + type = "gem"; + }; + version = "1.0.0"; + }; + faraday-em_synchrony = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1vgrbhkp83sngv6k4mii9f2s9v5lmp693hylfxp2ssfc60fas3a6"; + type = "gem"; + }; + version = "1.0.0"; + }; + faraday-excon = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0h09wkb0k0bhm6dqsd47ac601qiaah8qdzjh8gvxfd376x1chmdh"; + type = "gem"; + }; + version = "1.1.0"; + }; + faraday-httpclient = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0fyk0jd3ks7fdn8nv3spnwjpzx2lmxmg2gh4inz3by1zjzqg33sc"; + type = "gem"; + }; + version = "1.0.1"; + }; + faraday-multipart = { + dependencies = ["multipart-post"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "03qfi9020ynf7hkdiaq01sd2mllvw7fg4qiin3pk028b4wv23j3j"; + type = "gem"; + }; + version = "1.0.3"; + }; + faraday-net_http = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1fi8sda5hc54v1w3mqfl5yz09nhx35kglyx72w7b8xxvdr0cwi9j"; + type = "gem"; + }; + version = "1.0.1"; + }; + faraday-net_http_persistent = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0dc36ih95qw3rlccffcb0vgxjhmipsvxhn6cw71l7ffs0f7vq30b"; + type = "gem"; + }; + version = "1.2.0"; + }; + faraday-patron = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "19wgsgfq0xkski1g7m96snv39la3zxz6x7nbdgiwhg5v82rxfb6w"; + type = "gem"; + }; + version = "1.0.0"; + }; + faraday-rack = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1h184g4vqql5jv9s9im6igy00jp6mrah2h14py6mpf9bkabfqq7g"; + type = "gem"; + }; + version = "1.0.0"; + }; + faraday-retry = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "153i967yrwnswqgvnnajgwp981k9p50ys1h80yz3q94rygs59ldd"; + type = "gem"; + }; + version = "1.0.3"; + }; + fast_blank = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1shpmamyzyhyxmv95r96ja5rylzaw60r19647d0fdm7y2h2c77r6"; + type = "gem"; + }; + version = "1.0.1"; + }; + fastimage = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0nnggg20za5vamdpkgrxxa32z33d8hf0g2bciswkhqnc6amb3yjr"; + type = "gem"; + }; + version = "2.2.6"; + }; + ffi = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1862ydmclzy1a0cjbvm8dz7847d9rch495ib0zb64y84d3xd4bkg"; + type = "gem"; + }; + version = "1.15.5"; + }; + ffi-compiler = { + dependencies = ["ffi" "rake"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0c2caqm9wqnbidcb8dj4wd3s902z15qmgxplwyfyqbwa0ydki7q1"; + type = "gem"; + }; + version = "1.0.1"; + }; + fog-core = { + dependencies = ["builder" "excon" "formatador" "mime-types"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1agd6xgzk0rxrsjdpn94v4hy89s0nm2cs4zg2p880w2dan9xgrak"; + type = "gem"; + }; + version = "2.1.0"; + }; + fog-json = { + dependencies = ["fog-core" "multi_json"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1zj8llzc119zafbmfa4ai3z5s7c4vp9akfs0f9l2piyvcarmlkyx"; + type = "gem"; + }; + version = "1.2.0"; + }; + fog-openstack = { + dependencies = ["fog-core" "fog-json" "ipaddress"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "11j18h61d3p0pcp9k5346lbj1lahab1dqybkrx9338932lmjn7ap"; + type = "gem"; + }; + version = "0.3.10"; + }; + formatador = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1gc26phrwlmlqrmz4bagq1wd5b7g64avpx0ghxr9xdxcvmlii0l0"; + type = "gem"; + }; + version = "0.2.5"; + }; + fugit = { + dependencies = ["et-orbi" "raabro"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "16xki30md6bygc62yi2s1y002vq6dm3bhjcjb9pl5dpr3al3fa1j"; + type = "gem"; + }; + version = "1.5.3"; + }; + fuubar = { + dependencies = ["rspec-core" "ruby-progressbar"]; + groups = ["development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1028vn7j3kc5qqwswrf3has3qm4j9xva70xmzb3n29i89f0afwmj"; + type = "gem"; + }; + version = "2.5.1"; + }; + gitlab-omniauth-openid-connect = { + dependencies = ["addressable" "omniauth" "openid_connect"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0lqizfap12ica5c6q74ldarzmbpmhgl156bap9xhamrlm4za4i7a"; + type = "gem"; + }; + version = "0.10.0"; + }; + globalid = { + dependencies = ["activesupport"]; + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1n5yc058i8xhi1fwcp1w7mfi6xaxfmrifdb4r4hjfff33ldn8lqj"; + type = "gem"; + }; + version = "1.0.0"; + }; + hamlit = { + dependencies = ["temple" "thor" "tilt"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "06imnwpzvpagwn0b9a8kwv7hncii32flmafz20z95hd77hhr6ab7"; + type = "gem"; + }; + version = "2.13.0"; + }; + hamlit-rails = { + dependencies = ["actionpack" "activesupport" "hamlit" "railties"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0v75yd6x0nwky83smd9hw5ym9h0pi32jrzbnvq55pzj0rc95gg2p"; + type = "gem"; + }; + version = "0.2.3"; + }; + hashdiff = { + groups = ["default" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1nynpl0xbj0nphqx1qlmyggq58ms1phf5i03hk64wcc0a17x1m1c"; + type = "gem"; + }; + version = "1.0.1"; + }; + hashie = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1nh3arcrbz1rc1cr59qm53sdhqm137b258y8rcb4cvd3y98lwv4x"; + type = "gem"; + }; + version = "5.0.0"; + }; + hcaptcha = { + dependencies = ["json"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0fh6391zlv2ikvzqj2gymb70k1avk1j9da8bzgw0scsz2wqq98m2"; + type = "gem"; + }; + version = "7.1.0"; + }; + highline = { + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0yclf57n2j3cw8144ania99h1zinf8q3f5zrhqa754j6gl95rp9d"; + type = "gem"; + }; + version = "2.0.3"; + }; + hiredis = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "04jj8k7lxqxw24sp0jiravigdkgsyrpprxpxm71ba93x1wr2w1bz"; + type = "gem"; + }; + version = "0.6.3"; + }; + hkdf = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "04fixg0a51n4vy0j6c1hvisa2yl33m3jrrpxpb5sq6j511vjriil"; + type = "gem"; + }; + version = "0.3.0"; + }; + html_tokenizer = { + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0dq6685sdzdn53mkzags6mvx3l0afcx6xma664zij6y3dxj2a7p8"; + type = "gem"; + }; + version = "0.0.7"; + }; + htmlentities = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1nkklqsn8ir8wizzlakncfv42i32wc0w9hxp00hvdlgjr7376nhj"; + type = "gem"; + }; + version = "4.3.4"; + }; + http = { + dependencies = ["addressable" "http-cookie" "http-form_data" "llhttp-ffi"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0jn1y6sfxpfaq0hcblv8hhyxzam8n39kvypi07q2vxaimh6ly7mj"; + type = "gem"; + }; + version = "5.1.0"; + }; + http-cookie = { + dependencies = ["domain_name"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "13rilvlv8kwbzqfb644qp6hrbsj82cbqmnzcvqip1p6vqx36sxbk"; + type = "gem"; + }; + version = "1.0.5"; + }; + http-form_data = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1wx591jdhy84901pklh1n9sgh74gnvq1qyqxwchni1yrc49ynknc"; + type = "gem"; + }; + version = "2.3.0"; + }; + http_accept_language = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0d0nlfz9vm4jr1l6q0chx4rp2hrnrfbx3gadc1dz930lbbaz0hq0"; + type = "gem"; + }; + version = "2.1.1"; + }; + httpclient = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "19mxmvghp7ki3klsxwrlwr431li7hm1lczhhj8z4qihl2acy8l99"; + type = "gem"; + }; + version = "2.8.3"; + }; + httplog = { + dependencies = ["rack" "rainbow"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1dr7cj8km01kjsiwrx7n3qxr264ga13ll15s4h9dbbyj5m8kxqd2"; + type = "gem"; + }; + version = "1.5.0"; + }; + i18n = { + dependencies = ["concurrent-ruby"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1vdcchz7jli1p0gnc669a7bj3q1fv09y9ppf0y3k0vb1jwdwrqwi"; + type = "gem"; + }; + version = "1.12.0"; + }; + i18n-tasks = { + dependencies = ["activesupport" "ast" "better_html" "erubi" "highline" "i18n" "parser" "rails-i18n" "rainbow" "terminal-table"]; + groups = ["development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ahckdzg7k464pv1lxdcmxf51wlf480d5y2fvmz2dkcn39p7477b"; + type = "gem"; + }; + version = "1.0.11"; + }; + idn-ruby = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1xjr8nxpq6vsa4kd7pvd14xxiba9y4dais1yyz4dj567hsqdrhcm"; + type = "gem"; + }; + version = "0.1.4"; + }; + ipaddress = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1x86s0s11w202j6ka40jbmywkrx8fhq8xiy8mwvnkhllj57hqr45"; + type = "gem"; + }; + version = "0.8.3"; + }; + jmespath = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1mnvb80cdg7fzdcs3xscv21p28w4igk5sj5m7m81xp8v2ks87jj0"; + type = "gem"; + }; + version = "1.6.1"; + }; + json = { + groups = ["default" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0yk5d10yvspkc5jyvx9gc1a9pn1z8v4k2hvjk1l88zixwf3wf3cl"; + type = "gem"; + }; + version = "2.6.2"; + }; + json-canonicalization = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "179h6jfdsp9dmzyma7s7ykv1ia43r6z8x96j335q99p6mc5sk5qv"; + type = "gem"; + }; + version = "0.3.0"; + }; + json-jwt = { + dependencies = ["activesupport" "aes_key_wrap" "bindata"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0nzbk1mrbf9mnvjpn3bxy8a85rjf94qmfdnvk78mjzk8pa0fvgdr"; + type = "gem"; + }; + version = "1.13.0"; + }; + json-ld = { + dependencies = ["htmlentities" "json-canonicalization" "link_header" "multi_json" "rack" "rdf"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1aq71is278w69brhg4yp0f4ldxmy2nyj45c1rfbf73qi945mrbln"; + type = "gem"; + }; + version = "3.2.3"; + }; + json-ld-preloaded = { + dependencies = ["json-ld" "rdf"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0h0pfxyrsbifzhwfxj1ppaxbk7v2z8mw53a0mi49i986wyspxlgv"; + type = "gem"; + }; + version = "3.2.0"; + }; + jsonapi-renderer = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ys4drd0k9rw5ixf8n8fx8v0pjh792w4myh0cpdspd317l1lpi5m"; + type = "gem"; + }; + version = "0.2.2"; + }; + jwt = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1lsk71qh5d7bm1qqrjvcwhp4h71ckkdbzxnw4xkd9cin8gjfvvr6"; + type = "gem"; + }; + version = "2.4.1"; + }; + kaminari = { + dependencies = ["activesupport" "kaminari-actionview" "kaminari-activerecord" "kaminari-core"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0gia8irryvfhcr6bsr64kpisbgdbqjsqfgrk12a11incmpwny1y4"; + type = "gem"; + }; + version = "1.2.2"; + }; + kaminari-actionview = { + dependencies = ["actionview" "kaminari-core"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "02f9ghl3a9b5q7l079d3yzmqjwkr4jigi7sldbps992rigygcc0k"; + type = "gem"; + }; + version = "1.2.2"; + }; + kaminari-activerecord = { + dependencies = ["activerecord" "kaminari-core"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0c148z97s1cqivzbwrak149z7kl1rdmj7dxk6rpkasimmdxsdlqd"; + type = "gem"; + }; + version = "1.2.2"; + }; + kaminari-core = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1zw3pg6kj39y7jxakbx7if59pl28lhk98fx71ks5lr3hfgn6zliv"; + type = "gem"; + }; + version = "1.2.2"; + }; + kt-paperclip = { + dependencies = ["activemodel" "activesupport" "marcel" "mime-types" "terrapin"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "08ngapld22knlkyn0dhhddkfm4vfj0lgmwj4y6x4mhi2hzfwxcxr"; + type = "gem"; + }; + version = "7.1.1"; + }; + launchy = { + dependencies = ["addressable"]; + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1xdyvr5j0gjj7b10kgvh8ylxnwk3wx19my42wqn9h82r4p246hlm"; + type = "gem"; + }; + version = "2.5.0"; + }; + letter_opener = { + dependencies = ["launchy"]; + groups = ["development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1y5d4ip4l12v58bgazadl45iv3a5j7jp2gwg96b6jy378zn42a1d"; + type = "gem"; + }; + version = "1.8.1"; + }; + letter_opener_web = { + dependencies = ["actionmailer" "letter_opener" "railties" "rexml"]; + groups = ["development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0vvvaz2ngaxv0s6sj25gdvp73vd8pfl8q3jharadg18p3va0m1ik"; + type = "gem"; + }; + version = "2.0.0"; + }; + link_header = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1yamrdq4rywmnpdhbygnkkl9fdy249fg5r851nrkkxr97gj5rihm"; + type = "gem"; + }; + version = "0.0.8"; + }; + llhttp-ffi = { + dependencies = ["ffi-compiler" "rake"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "00dh6zmqdj59rhcya0l4b9aaxq6n8xizfbil93k0g06gndyk5xz5"; + type = "gem"; + }; + version = "0.4.0"; + }; + lograge = { + dependencies = ["actionpack" "activesupport" "railties" "request_store"]; + groups = ["production"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "15pjm9pa5m3mbv9xvfgfr16q4jyaznsg8y63jz9x4jqr8npw0vx3"; + type = "gem"; + }; + version = "0.12.0"; + }; + loofah = { + dependencies = ["crass" "nokogiri"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "18ymp6l3bv7abz07k6qbbi9c9vsiahq30d2smh4qzsvag8j5m5v1"; + type = "gem"; + }; + version = "2.18.0"; + }; + mail = { + dependencies = ["mini_mime"]; + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "00wwz6ys0502dpk8xprwcqfwyf3hmnx6lgxaiq6vj43mkx43sapc"; + type = "gem"; + }; + version = "2.7.1"; + }; + makara = { + dependencies = ["activerecord"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0a6x6w1ij484s1z0wp667d6v0zb8bylhhr3av10yz60a2nz4r1l7"; + type = "gem"; + }; + version = "0.5.1"; + }; + marcel = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0kky3yiwagsk8gfbzn3mvl2fxlh3b39v6nawzm4wpjs6xxvvc4x0"; + type = "gem"; + }; + version = "1.0.2"; + }; + mario-redis-lock = { + dependencies = ["redis"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1v9wdjcjqzpns2migxp4a5b4w82mipi0fwihbqz3q2qj2qm7wc17"; + type = "gem"; + }; + version = "1.2.1"; + }; + matrix = { + groups = ["default" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1h2cgkpzkh3dd0flnnwfq6f3nl2b1zff9lvqz8xs853ssv5kq23i"; + type = "gem"; + }; + version = "0.4.2"; + }; + memory_profiler = { + groups = ["development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0s8qaf19yr4lhvdxk3cy3ifc47cgxdz2jybg6hzxsy9gh88c1f7v"; + type = "gem"; + }; + version = "1.0.0"; + }; + method_source = { + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1pnyh44qycnf9mzi1j6fywd5fkskv3x7nmsqrrws0rjn5dd4ayfp"; + type = "gem"; + }; + version = "1.0.0"; + }; + microformats = { + dependencies = ["json" "nokogiri"]; + groups = ["test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "094m75yw2cvadpvj4rawy6s4ykx9nvv8dhikxrp8zng2ywlaqmic"; + type = "gem"; + }; + version = "4.4.1"; + }; + mime-types = { + dependencies = ["mime-types-data"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ipw892jbksbxxcrlx9g5ljq60qx47pm24ywgfbyjskbcl78pkvb"; + type = "gem"; + }; + version = "3.4.1"; + }; + mime-types-data = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "003gd7mcay800k2q4pb2zn8lwwgci4bhi42v2jvlidm8ksx03i6q"; + type = "gem"; + }; + version = "3.2022.0105"; + }; + mini_mime = { + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0lbim375gw2dk6383qirz13hgdmxlan0vc5da2l072j3qw6fqjm5"; + type = "gem"; + }; + version = "1.1.2"; + }; + mini_portile2 = { + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0rapl1sfmfi3bfr68da4ca16yhc0pp93vjwkj7y3rdqrzy3b41hy"; + type = "gem"; + }; + version = "2.8.0"; + }; + minitest = { + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "14a9ign0hj3z3j4cpfplj2djaskx3skzyx4fl3x53d7saxmhrgn1"; + type = "gem"; + }; + version = "5.16.2"; + }; + msgpack = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "02af38s49111wglqzcjcpa7bwg6psjgysrjvgk05h3x4zchb6gd5"; + type = "gem"; + }; + version = "1.5.4"; + }; + multi_json = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0pb1g1y3dsiahavspyzkdy39j4q377009f6ix0bh1ag4nqw43l0z"; + type = "gem"; + }; + version = "1.15.0"; + }; + multipart-post = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1zgw9zlwh2a6i1yvhhc4a84ry1hv824d6g2iw2chs3k5aylpmpfj"; + type = "gem"; + }; + version = "2.1.1"; + }; + net-ldap = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1ycw0qsw3hap8svakl0i30jkj0ffd4lpyrn17a1j0w8mz5ainmsj"; + type = "gem"; + }; + version = "0.17.1"; + }; + net-scp = { + dependencies = ["net-ssh"]; + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1q4kxfvx1v4awv8kgincishi7h16dj9sn74gz8x92i81668j1wgm"; + type = "gem"; + }; + version = "4.0.0.rc1"; + }; + net-ssh = { + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1qp3i8bi7ji1np0530bp2p9zrrn6galvmbsivxwpkjdpjdyn19sr"; + type = "gem"; + }; + version = "7.0.1"; + }; + nio4r = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0xk64wghkscs6bv2n22853k2nh39d131c6rfpnlw12mbjnnv9v1v"; + type = "gem"; + }; + version = "2.5.8"; + }; + nokogiri = { + dependencies = ["mini_portile2" "racc"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0g7axlq2y6gzmixzzzhw3fn6nhrhg469jj8gfr7gs8igiclpkhkr"; + type = "gem"; + }; + version = "1.13.8"; + }; + nsa = { + dependencies = ["activesupport" "concurrent-ruby" "sidekiq" "statsd-ruby"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1jzs1n71pi6najhs9h8jx156gzgk3h9bwjr60vazizwdz3mm69ia"; + type = "gem"; + }; + version = "0.2.8"; + }; + oj = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ihfnl0maszdq821h6mivr8xickjab6ccyncnm5rn2vgrj6imwxf"; + type = "gem"; + }; + version = "3.13.21"; + }; + omniauth = { + dependencies = ["hashie" "rack"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1jn9j54l5h7xcba2vjq74l1dk0xrwvsjxam4qhylpi52nw0h5502"; + type = "gem"; + }; + version = "1.9.2"; + }; + omniauth-cas = { + dependencies = ["addressable" "nokogiri" "omniauth"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0kzlh1nac4yz70917cdcsk0r23gy5h7i0x5kbmkvkpbgk6gvrb0z"; + type = "gem"; + }; + version = "2.0.0"; + }; + omniauth-rails_csrf_protection = { + dependencies = ["actionpack" "omniauth"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0xgkxwg17w39q3yjqcj0fm6hdkw37qm1l82dvm9zxn6q2pbzm2zv"; + type = "gem"; + }; + version = "0.1.2"; + }; + omniauth-saml = { + dependencies = ["omniauth" "ruby-saml"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0gxl14lbksnjkl8dfn23lsjkk63md77icm5racrh6fsp5n4ni9d4"; + type = "gem"; + }; + version = "1.10.3"; + }; + openid_connect = { + dependencies = ["activemodel" "attr_required" "json-jwt" "rack-oauth2" "swd" "tzinfo" "validate_email" "validate_url" "webfinger"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0w474bz3s1hqhilvrddr33l2nkyikypaczp3808w0345jr88b5m7"; + type = "gem"; + }; + version = "1.3.0"; + }; + openssl = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1azzx975qr078isvg8i0hmsr2l98kgnlfrnbb2jdm9b5kwifx1h4"; + type = "gem"; + }; + version = "3.0.0"; + }; + openssl-signature_algorithm = { + dependencies = ["openssl"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0rwjga70kbg0rmwgksb2if34ndh9cy0fgrimkx3hjz9c68ssvpxg"; + type = "gem"; + }; + version = "1.2.1"; + }; + orm_adapter = { + groups = ["default" "pam_authentication"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1fg9jpjlzf5y49qs9mlpdrgs5rpcyihq1s4k79nv9js0spjhnpda"; + type = "gem"; + }; + version = "0.5.0"; + }; + ox = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "054xq22rwj26jag43s5fb4vb4x2252dz6rvgjn42id8ycs51my2w"; + type = "gem"; + }; + version = "2.14.11"; + }; + parallel = { + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "07vnk6bb54k4yc06xnwck7php50l09vvlw1ga8wdz0pia461zpzb"; + type = "gem"; + }; + version = "1.22.1"; + }; + parser = { + dependencies = ["ast"]; + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0xhfghgidj8cbdnqp01f7kvnrv1f60izpkd9dhxsvpdzkfsdg97d"; + type = "gem"; + }; + version = "3.1.2.0"; + }; + parslet = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "01pnw6ymz6nynklqvqxs4bcai25kcvnd5x4id9z3vd1rbmlk0lfl"; + type = "gem"; + }; + version = "2.0.0"; + }; + pastel = { + dependencies = ["tty-color"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0xash2gj08dfjvq4hy6l1z22s5v30fhizwgs10d6nviggpxsj7a8"; + type = "gem"; + }; + version = "0.8.0"; + }; + pg = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1ypj64nhq3grs9zh40vmyfyhmxlhljjsbg5q0jxhlxg5v76ij0mb"; + type = "gem"; + }; + version = "1.4.3"; + }; + pghero = { + dependencies = ["activerecord"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1v0cszy9lgjqn3ax8pbj5fg01pg83wyl41wzid3g35h4xdxz1d4a"; + type = "gem"; + }; + version = "2.8.3"; + }; + pkg-config = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0v9vmkmpha34lwdhig08kb7z4wk3xmw49dvkl99nz9llxhzqr5hl"; + type = "gem"; + }; + version = "1.4.9"; + }; + posix-spawn = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0cmb0svalqcxfzlzc5fvrci12b79x7bakasr8gkl3q5rz6di1q52"; + type = "gem"; + }; + version = "0.3.15"; + }; + premailer = { + dependencies = ["addressable" "css_parser" "htmlentities"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1f0zz3vwv1kyr43chvrpvhb8wm9qgcaz8ckc1lj2jxfp6xsss971"; + type = "gem"; + }; + version = "1.14.2"; + }; + premailer-rails = { + dependencies = ["actionmailer" "premailer"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0q23clzqgzxcg1jld7hn5jy2yqxvana3iw66vmjgzz7y4ylf97b6"; + type = "gem"; + }; + version = "1.11.1"; + }; + private_address_check = { + groups = ["production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "05phz0vscfh9chv90yc9091pifw3cpwkh76flnhrmvja1q3na4cy"; + type = "gem"; + }; + version = "0.5.0"; + }; + pry = { + dependencies = ["coderay" "method_source"]; + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0m445x8fwcjdyv2bc0glzss2nbm1ll51bq45knixapc7cl3dzdlr"; + type = "gem"; + }; + version = "0.14.1"; + }; + pry-byebug = { + dependencies = ["byebug" "pry"]; + groups = ["development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1y41al94ks07166qbp2200yzyr5y60hm7xaiw4lxpgsm4b1pbyf8"; + type = "gem"; + }; + version = "3.10.1"; + }; + pry-rails = { + dependencies = ["pry"]; + groups = ["development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1cf4ii53w2hdh7fn8vhqpzkymmchjbwij4l3m7s6fsxvb9bn51j6"; + type = "gem"; + }; + version = "0.3.9"; + }; + public_suffix = { + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0sqw1zls6227bgq38sxb2hs8nkdz4hn1zivs27mjbniswfy4zvi6"; + type = "gem"; + }; + version = "5.0.0"; + }; + puma = { + dependencies = ["nio4r"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0qzq0c791kacv68hgk9zqsd1p7zx1y1rr9j10rn9yphibb8jj436"; + type = "gem"; + }; + version = "5.6.5"; + }; + pundit = { + dependencies = ["activesupport"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "17z2f7w3syh3c04c8m1v9pvb9pfpymk8b5plszr5l24hx374xvsd"; + type = "gem"; + }; + version = "2.2.0"; + }; + raabro = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "10m8bln9d00dwzjil1k42i5r7l82x25ysbi45fwyv4932zsrzynl"; + type = "gem"; + }; + version = "1.4.0"; + }; + racc = { + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0la56m0z26j3mfn1a9lf2l03qx1xifanndf9p3vx1azf6sqy7v9d"; + type = "gem"; + }; + version = "1.6.0"; + }; + rack = { + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0axc6w0rs4yj0pksfll1hjgw1k6a5q0xi2lckh91knfb72v348pa"; + type = "gem"; + }; + version = "2.2.4"; + }; + rack-attack = { + dependencies = ["rack"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "049s3y3dpl6dn478g912y6f9nzclnnkl30psrbc2w5kaihj5szhq"; + type = "gem"; + }; + version = "6.6.1"; + }; + rack-cors = { + dependencies = ["rack"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0jvs0mq8jrsz86jva91mgql16daprpa3qaipzzfvngnnqr5680j7"; + type = "gem"; + }; + version = "1.1.1"; + }; + rack-oauth2 = { + dependencies = ["activesupport" "attr_required" "httpclient" "json-jwt" "rack"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0gxxr209r8h3nxhc9h731khv6yswiv9hc6q2pg672v530xmknznw"; + type = "gem"; + }; + version = "1.19.0"; + }; + rack-proxy = { + dependencies = ["rack"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0jdr2r5phr3q7d6k9cnxjwlkaps0my0n43wq9mzw3xdqhg9wa3d6"; + type = "gem"; + }; + version = "0.7.0"; + }; + rack-test = { + dependencies = ["rack"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0rjl709krgf499dhjdapg580l2qaj9d91pwzk8ck8fpnazlx1bdd"; + type = "gem"; + }; + version = "2.0.2"; + }; + rails = { + dependencies = ["actioncable" "actionmailbox" "actionmailer" "actionpack" "actiontext" "actionview" "activejob" "activemodel" "activerecord" "activestorage" "activesupport" "railties" "sprockets-rails"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "06wzq30c2f9jhsbkxwg9n18xwyh66fnpbndkrvq1c4mrl2rx478z"; + type = "gem"; + }; + version = "6.1.6"; + }; + rails-controller-testing = { + dependencies = ["actionpack" "actionview" "activesupport"]; + groups = ["test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "151f303jcvs8s149mhx2g5mn67487x0blrf9dzl76q1nb7dlh53l"; + type = "gem"; + }; + version = "1.0.5"; + }; + rails-dom-testing = { + dependencies = ["activesupport" "nokogiri"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1lfq2a7kp2x64dzzi5p4cjcbiv62vxh9lyqk2f0rqq3fkzrw8h5i"; + type = "gem"; + }; + version = "2.0.3"; + }; + rails-html-sanitizer = { + dependencies = ["loofah"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1mj0b7ay10a2fgwj70kjw7mlyrp7a5la8lx8zmwhy40bkansdfrf"; + type = "gem"; + }; + version = "1.4.3"; + }; + rails-i18n = { + dependencies = ["i18n" "railties"]; + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "05mcgv748vppnm3fnml37wjy3dw61wj8vfw14ldaj1yx1bmkhb07"; + type = "gem"; + }; + version = "6.0.0"; + }; + rails-settings-cached = { + dependencies = ["rails"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0wyhyls0aqb1iw7mnaldg39w3mnbi3anmpbvb52rjwkpj2mchhnc"; + type = "gem"; + }; + version = "0.6.6"; + }; + railties = { + dependencies = ["actionpack" "activesupport" "method_source" "rake" "thor"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "16dyjmy42v51acmx1ba2xxncvx368ss5rww6bsf1lwgyk4vqn41h"; + type = "gem"; + }; + version = "6.1.6"; + }; + rainbow = { + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0smwg4mii0fm38pyb5fddbmrdpifwv22zv3d3px2xx497am93503"; + type = "gem"; + }; + version = "3.1.1"; + }; + rake = { + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "15whn7p9nrkxangbs9hh75q585yfn66lv0v2mhj6q6dl6x8bzr2w"; + type = "gem"; + }; + version = "13.0.6"; + }; + rdf = { + dependencies = ["link_header"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0799a5hqh7rjkqnbfb5cq62m2dx4zlnnag3xy1l4jyjywsk7v5kv"; + type = "gem"; + }; + version = "3.2.9"; + }; + rdf-normalize = { + dependencies = ["rdf"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ysa8v2xw0ln4kdwhkg6mh71v5wbancsz5cf945kbk47m1ybn271"; + type = "gem"; + }; + version = "0.5.0"; + }; + redcarpet = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0bvk8yyns5s1ls437z719y5sdv9fr8kfs8dmr6g8s761dv5n8zvi"; + type = "gem"; + }; + version = "3.5.1"; + }; + redis = { + groups = ["default" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "03r9739q3vq38g456snf3rk9hadf955bs5im6qs6m69h19mrz2yw"; + type = "gem"; + }; + version = "4.5.1"; + }; + redis-namespace = { + dependencies = ["redis"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "04l61lpb3s2xkwj36l7b543lhciv19z514kxnmnbh5fg70grc8q9"; + type = "gem"; + }; + version = "1.9.0"; + }; + regexp_parser = { + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1rfd3q17p7q7pa67844q8b16ipy6ksh8mkzynpm1zldqbb9x4xm0"; + type = "gem"; + }; + version = "2.5.0"; + }; + request_store = { + dependencies = ["rack"]; + groups = ["default" "production"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "13ppgmsbrqah08j06bybd3cddv6dml79yzyjn7r8j1src78h98h7"; + type = "gem"; + }; + version = "1.5.1"; + }; + responders = { + dependencies = ["actionpack" "railties"]; + groups = ["default" "pam_authentication"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "14kjykc6rpdh24sshg9savqdajya2dislc1jmbzg91w9967f4gv1"; + type = "gem"; + }; + version = "3.0.1"; + }; + rexml = { + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "08ximcyfjy94pm1rhcx04ny1vx2sk0x4y185gzn86yfsbzwkng53"; + type = "gem"; + }; + version = "3.2.5"; + }; + rotp = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "11q7rkjx40yi6lpylgl2jkpy162mjw7mswrcgcax86vgpbpjx6i3"; + type = "gem"; + }; + version = "6.2.0"; + }; + rpam2 = { + groups = ["default" "pam_authentication"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1zvli3s4z1hf2l7gyfickm5i3afjrnycc3ihbiax6ji6arpbyf33"; + type = "gem"; + }; + version = "4.0.2"; + }; + rqrcode = { + dependencies = ["chunky_png" "rqrcode_core"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0s97q1rqmw7rzsdr500hr4f2k6s24n8qk1klciz5q94zvdrygx3p"; + type = "gem"; + }; + version = "2.1.2"; + }; + rqrcode_core = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "06ld6386hbdhy5h0k09axmgn424kavpc8f27k1vjhknjhbf8jjfg"; + type = "gem"; + }; + version = "1.2.0"; + }; + rspec-core = { + dependencies = ["rspec-support"]; + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "118hkfw9b11hvvalr7qlylwal5h8dihagm9xg7k4gskg7587hca6"; + type = "gem"; + }; + version = "3.11.0"; + }; + rspec-expectations = { + dependencies = ["diff-lcs" "rspec-support"]; + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "001ihayil7jpfxdlxlhakvz02kx0nk5m1w0bz6z8izdx0nc8bh53"; + type = "gem"; + }; + version = "3.11.0"; + }; + rspec-mocks = { + dependencies = ["diff-lcs" "rspec-support"]; + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "07vagjxdm5a6s103y8zkcnja6avpl8r196hrpiffmg7sk83dqdsm"; + type = "gem"; + }; + version = "3.11.1"; + }; + rspec-rails = { + dependencies = ["actionpack" "activesupport" "railties" "rspec-core" "rspec-expectations" "rspec-mocks" "rspec-support"]; + groups = ["development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1cqw7bhj4a4rhh1x9i5gjm9r91ckhjyngw0zcr7jw2jnfis10d7l"; + type = "gem"; + }; + version = "5.1.2"; + }; + rspec-sidekiq = { + dependencies = ["rspec-core" "sidekiq"]; + groups = ["test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1spzw3sc2p0n9qfb89y1v8igd60y7c5z9w2hjqqbbgbyjvy0agp8"; + type = "gem"; + }; + version = "3.1.0"; + }; + rspec-support = { + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0xfk4pla77251n39zf4n792m1rhg5sn1kp63yvpvvysany34la03"; + type = "gem"; + }; + version = "3.11.0"; + }; + rspec_junit_formatter = { + dependencies = ["rspec-core"]; + groups = ["test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1jqh5v1kjisncfzf9z0hghkaiqab086rcgy21cy3djg828sm1bxk"; + type = "gem"; + }; + version = "0.5.1"; + }; + rubocop = { + dependencies = ["parallel" "parser" "rainbow" "regexp_parser" "rexml" "rubocop-ast" "ruby-progressbar" "unicode-display_width"]; + groups = ["development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "088xzzq6vjsgi2cj9rnz2jlj5mghmgq1j250pn5zy8yqd39vxz71"; + type = "gem"; + }; + version = "1.30.1"; + }; + rubocop-ast = { + dependencies = ["parser"]; + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1b3p4wy68jkyq8vhm5y568wlhsihy3ilnp2c6ig18xcw1slnkypl"; + type = "gem"; + }; + version = "1.18.0"; + }; + rubocop-rails = { + dependencies = ["activesupport" "rack" "rubocop"]; + groups = ["development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "19x0d6jmryky5sx50qgsan1g0gxb7lcgrmfrwjsa5w6shcyvbp8c"; + type = "gem"; + }; + version = "2.15.0"; + }; + ruby-progressbar = { + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "02nmaw7yx9kl7rbaan5pl8x5nn0y4j5954mzrkzi9i3dhsrps4nc"; + type = "gem"; + }; + version = "1.11.0"; + }; + ruby-saml = { + dependencies = ["nokogiri" "rexml"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1706dyk5jdma75bnl9rhmx8vgzjw12ixnj3y32inmpcgzgsvs76k"; + type = "gem"; + }; + version = "1.13.0"; + }; + ruby2_keywords = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1vz322p8n39hz3b4a9gkmz9y7a5jaz41zrm2ywf31dvkqm03glgz"; + type = "gem"; + }; + version = "0.0.5"; + }; + rufus-scheduler = { + dependencies = ["fugit"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1jvxcvsqhalndc1wh7zfdqfg78j5sx57vrgsh54pjsm1d73q79hc"; + type = "gem"; + }; + version = "3.8.1"; + }; + safety_net_attestation = { + dependencies = ["jwt"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1khq0y5w7lf2b9a220298hphf3pakd216jc9a4x4a9pdwxs2vgln"; + type = "gem"; + }; + version = "0.4.0"; + }; + sanitize = { + dependencies = ["crass" "nokogiri"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1zq8pxmsd1abw18zz6mazsm2jfpwmbgdxbpawb7bmwvkb2c5yyc1"; + type = "gem"; + }; + version = "6.0.0"; + }; + scenic = { + dependencies = ["activerecord" "railties"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0cl14f5lfidbvcx52q49xnxc4dccyrzyv38qjkda8dh07zsksw85"; + type = "gem"; + }; + version = "1.6.0"; + }; + semantic_range = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1dlp97vg95plrsaaqj7x8l7z9vsjbhnqk4rw1l30gy26lmxpfrih"; + type = "gem"; + }; + version = "3.0.0"; + }; + sidekiq = { + dependencies = ["connection_pool" "rack" "redis"]; + groups = ["default" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1c6sskq3ivpll14jqbmp09bkrz64i08j9dg8m2a7p5akkzklwiil"; + type = "gem"; + }; + version = "6.5.5"; + }; + sidekiq-bulk = { + dependencies = ["sidekiq"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "08nyxzmgf742irafy3l4fj09d4s5pyvsh0dzlh8y4hl51rgkh4xv"; + type = "gem"; + }; + version = "0.2.0"; + }; + sidekiq-scheduler = { + dependencies = ["redis" "rufus-scheduler" "sidekiq" "tilt"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "031ifqpjn51s91ki5svmkv8n4dzky4lxx4vi8pxlv5y9bwgf30gx"; + type = "gem"; + }; + version = "4.0.2"; + }; + sidekiq-unique-jobs = { + dependencies = ["brpoplpush-redis_script" "concurrent-ruby" "sidekiq" "thor"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "13s723wy8sh8x7ff1b1r0vxk6y6ygcjvpirjp0inl5824ds15s12"; + type = "gem"; + }; + version = "7.1.27"; + }; + simple-navigation = { + dependencies = ["activesupport"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1wc1rapwhqymcjfxmlgam4cvbyhnzfxada2damq88ij2p77pjz4q"; + type = "gem"; + }; + version = "4.4.0"; + }; + simple_form = { + dependencies = ["actionpack" "activemodel"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "09raw1gw0db9hfddgvzjwpk4hj1ng4dfq3igak80jkvhg4jdg7jp"; + type = "gem"; + }; + version = "5.1.0"; + }; + simplecov = { + dependencies = ["docile" "simplecov-html" "simplecov_json_formatter"]; + groups = ["test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1hrv046jll6ad1s964gsmcq4hvkr3zzr6jc7z1mns22mvfpbc3cr"; + type = "gem"; + }; + version = "0.21.2"; + }; + simplecov-html = { + groups = ["default" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0yx01bxa8pbf9ip4hagqkp5m0mqfnwnw2xk8kjraiywz4lrss6jb"; + type = "gem"; + }; + version = "0.12.3"; + }; + simplecov_json_formatter = { + groups = ["default" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0cl3j7p3b5q7sxsx1va63c8imc5x6g99xablz08qrmqhpi0d6g6j"; + type = "gem"; + }; + version = "0.1.2"; + }; + smart_properties = { + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0jrqssk9qhwrpq41arm712226vpcr458xv6xaqbk8cp94a0kycpr"; + type = "gem"; + }; + version = "1.17.0"; + }; + sprockets = { + dependencies = ["concurrent-ruby" "rack"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "182jw5a0fbqah5w9jancvfmjbk88h8bxdbwnl4d3q809rpxdg8ay"; + type = "gem"; + }; + version = "3.7.2"; + }; + sprockets-rails = { + dependencies = ["actionpack" "activesupport" "sprockets"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1b9i14qb27zs56hlcc2hf139l0ghbqnjpmfi0054dxycaxvk5min"; + type = "gem"; + }; + version = "3.4.2"; + }; + sshkit = { + dependencies = ["net-scp" "net-ssh"]; + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1szshiw7bzizi380z1hkdbwhjdaixb5bgbx7c3wf7970mjdashkd"; + type = "gem"; + }; + version = "1.21.2"; + }; + stackprof = { + groups = ["development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1bpmrz2vw59gw556y5hsha3xlrvfv4qwck4wg2r39qf2bp2hcr1b"; + type = "gem"; + }; + version = "0.2.21"; + }; + statsd-ruby = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "028136c463nbravckxb1qi5c5nnv9r6vh2cyhiry423lac4xz79n"; + type = "gem"; + }; + version = "1.5.0"; + }; + stoplight = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1628qf2ynldqz20h5lkaivk166qknk15gxg130n9pvz568k1sdp8"; + type = "gem"; + }; + version = "3.0.0"; + }; + strong_migrations = { + dependencies = ["activerecord"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0yk45ri2rnp00x4mdsvwdzdd9yziqxj5v9sjk74nzw0y927y3m1w"; + type = "gem"; + }; + version = "0.7.9"; + }; + swd = { + dependencies = ["activesupport" "attr_required" "httpclient"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "12b3q2sw42nnilfb51nlqdv07f31vdv2j595kd99asnkw4cjlf5w"; + type = "gem"; + }; + version = "1.3.0"; + }; + temple = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "060zzj7c2kicdfk6cpnn40n9yjnhfrr13d0rsbdhdij68chp2861"; + type = "gem"; + }; + version = "0.8.2"; + }; + terminal-table = { + dependencies = ["unicode-display_width"]; + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "14dfmfjppmng5hwj7c5ka6qdapawm3h6k9lhn8zj001ybypvclgr"; + type = "gem"; + }; + version = "3.0.2"; + }; + terrapin = { + dependencies = ["climate_control"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0p18f05r0c5s70571gqig3z2ym74wx79s6rd45sprp207bqskzn9"; + type = "gem"; + }; + version = "0.6.0"; + }; + thor = { + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0inl77jh4ia03jw3iqm5ipr76ghal3hyjrd6r8zqsswwvi9j2xdi"; + type = "gem"; + }; + version = "1.2.1"; + }; + tilt = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0rn8z8hda4h41a64l0zhkiwz2vxw9b1nb70gl37h1dg2k874yrlv"; + type = "gem"; + }; + version = "2.0.10"; + }; + tpm-key_attestation = { + dependencies = ["bindata" "openssl" "openssl-signature_algorithm"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0kyq8z36953snxksv2xmc71znw7zykzis5r23hx3k06dij71vxsy"; + type = "gem"; + }; + version = "0.11.0"; + }; + tty-color = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0aik4kmhwwrmkysha7qibi2nyzb4c8kp42bd5vxnf8sf7b53g73g"; + type = "gem"; + }; + version = "0.6.0"; + }; + tty-cursor = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0j5zw041jgkmn605ya1zc151bxgxl6v192v2i26qhxx7ws2l2lvr"; + type = "gem"; + }; + version = "0.7.1"; + }; + tty-prompt = { + dependencies = ["pastel" "tty-reader"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1j4y8ik82azjxshgd4i1v4wwhsv3g9cngpygxqkkz69qaa8cxnzw"; + type = "gem"; + }; + version = "0.23.1"; + }; + tty-reader = { + dependencies = ["tty-cursor" "tty-screen" "wisper"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1cf2k7w7d84hshg4kzrjvk9pkyc2g1m3nx2n1rpmdcf0hp4p4af6"; + type = "gem"; + }; + version = "0.9.0"; + }; + tty-screen = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "18jr6s1cg8yb26wzkqa6874q0z93rq0y5aw092kdqazk71y6a235"; + type = "gem"; + }; + version = "0.8.1"; + }; + twitter-text = { + dependencies = ["idn-ruby" "unf"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1dnmp0bj3l01nbb52zby2c7hrazcdwfg846knkrjdfl0yfmv793z"; + type = "gem"; + }; + version = "3.1.0"; + }; + tzinfo = { + dependencies = ["concurrent-ruby"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0rx114mpqnw2k4h98vc0rs0x0bmf0img84yh8mkkjkal07cjydf5"; + type = "gem"; + }; + version = "2.0.5"; + }; + tzinfo-data = { + dependencies = ["tzinfo"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0k62nrh30sinsfbs17w8cahydf3vm3j14l0l0ba78vfh429cv4i3"; + type = "gem"; + }; + version = "1.2022.3"; + }; + unf = { + dependencies = ["unf_ext"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0bh2cf73i2ffh4fcpdn9ir4mhq8zi50ik0zqa1braahzadx536a9"; + type = "gem"; + }; + version = "0.1.4"; + }; + unf_ext = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1yj2nz2l101vr1x9w2k83a0fag1xgnmjwp8w8rw4ik2rwcz65fch"; + type = "gem"; + }; + version = "0.0.8.2"; + }; + unicode-display_width = { + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0csjm9shhfik0ci9mgimb7hf3xgh7nx45rkd9rzgdz6vkwr8rzxn"; + type = "gem"; + }; + version = "2.1.0"; + }; + uniform_notifier = { + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1dfvqixshwvm82b9qwdidvnkavdj7s0fbdbmyd4knkl6l3j9xcwr"; + type = "gem"; + }; + version = "1.16.0"; + }; + validate_email = { + dependencies = ["activemodel" "mail"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1r1fz29l699arka177c9xw7409d1a3ff95bf7a6pmc97slb91zlx"; + type = "gem"; + }; + version = "0.1.6"; + }; + validate_url = { + dependencies = ["activemodel" "public_suffix"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0lblym140w5n88ijyfgcvkxvpfj8m6z00rxxf2ckmmhk0x61dzkj"; + type = "gem"; + }; + version = "1.0.15"; + }; + warden = { + dependencies = ["rack"]; + groups = ["default" "pam_authentication"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1l7gl7vms023w4clg02pm4ky9j12la2vzsixi2xrv9imbn44ys26"; + type = "gem"; + }; + version = "1.2.9"; + }; + webauthn = { + dependencies = ["android_key_attestation" "awrence" "bindata" "cbor" "cose" "openssl" "safety_net_attestation" "tpm-key_attestation"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1gs21q8krknb3db4s87l7xhzihp46ldsf6ql6689g2j0489l6da1"; + type = "gem"; + }; + version = "2.5.2"; + }; + webfinger = { + dependencies = ["activesupport" "httpclient"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "18jj50b44a471ig7hw1ax90wxaaz40acmrf6cm7m2iyshlffy53q"; + type = "gem"; + }; + version = "1.2.0"; + }; + webmock = { + dependencies = ["addressable" "crack" "hashdiff"]; + groups = ["test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1myj44wvbbqvv18ragv3ihl0h61acgnfwrnj3lccdgp49bgmbjal"; + type = "gem"; + }; + version = "3.18.1"; + }; + webpacker = { + dependencies = ["activesupport" "rack-proxy" "railties" "semantic_range"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1cq6m5qwm3bmi7hkjfmbg2cs4qjq4wswlrwcfk8l1svfqbi135v3"; + type = "gem"; + }; + version = "5.4.3"; + }; + webpush = { + dependencies = ["hkdf" "jwt"]; + groups = ["default"]; + platforms = []; + source = { + fetchSubmodules = false; + rev = "f14a4d52e201128b1b00245d11b6de80d6cfdcd9"; + sha256 = "1gz34809xwyaqprxmjdyvzsxc63rdnmxn8w44iqkhpi3dzmkacmp"; + type = "git"; + url = "https://github.com/ClearlyClaire/webpush.git"; + }; + version = "0.3.8"; + }; + websocket-driver = { + dependencies = ["websocket-extensions"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0a3bwxd9v3ghrxzjc4vxmf4xa18c6m4xqy5wb0yk5c6b9psc7052"; + type = "gem"; + }; + version = "0.7.5"; + }; + websocket-extensions = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0hc2g9qps8lmhibl5baa91b4qx8wqw872rgwagml78ydj8qacsqw"; + type = "gem"; + }; + version = "0.1.5"; + }; + wisper = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1rpsi0ziy78cj82sbyyywby4d0aw0a5q84v65qd28vqn79fbq5yf"; + type = "gem"; + }; + version = "2.0.1"; + }; + xorcist = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1dbbiy8xlcfvn9ais37xfb5rci4liwakkmxzbkp72wmvlgcrf339"; + type = "gem"; + }; + version = "1.1.3"; + }; + xpath = { + dependencies = ["nokogiri"]; + groups = ["default" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0bh8lk9hvlpn7vmi6h4hkcwjzvs2y0cmkk3yjjdr8fxvj6fsgzbd"; + type = "gem"; + }; + version = "3.2.0"; + }; + zeitwerk = { + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0xjdr2szxvn3zb1sb5l8nfd6k9jr3b4qqbbg1mj9grf68m3fxckc"; + type = "gem"; + }; + version = "2.6.0"; + }; +} diff --git a/nixos/pkgs/glitch-soc/source.nix b/nixos/pkgs/glitch-soc/source.nix new file mode 100644 index 00000000..fcd2ac81 --- /dev/null +++ b/nixos/pkgs/glitch-soc/source.nix @@ -0,0 +1,11 @@ +# This file was generated by pkgs.mastodon.updateScript. +{ fetchgit, applyPatches }: let + src = fetchgit { + url = "https://github.com/NULLx76/glitch-soc.git"; + rev = "475fbad464ec97dcb639d37cb53168cc59327b86"; + sha256 = "0f226mr7y3qn1pw2na1qvs4g067474626fxm3wh96yw15gqjw2gj"; + }; +in applyPatches { + inherit src; + patches = []; +} diff --git a/nixos/pkgs/glitch-soc/update.nix b/nixos/pkgs/glitch-soc/update.nix new file mode 100644 index 00000000..1bd557a7 --- /dev/null +++ b/nixos/pkgs/glitch-soc/update.nix @@ -0,0 +1,30 @@ +{ pkgs +, runCommand +, lib +, makeWrapper +, yarn2nix +, bundix +, coreutils +, diffutils +, nix-prefetch-git +, gnused +, jq +}: +let + binPath = lib.makeBinPath [ yarn2nix bundix coreutils diffutils nix-prefetch-git gnused jq ]; +in +runCommand "mastodon-update-script" +{ + nativeBuildInputs = [ makeWrapper ]; + + meta = { + maintainers = with lib.maintainers; [ happy-river ]; + description = "Utility to generate Nix expressions for Mastodon's dependencies"; + platforms = lib.platforms.unix; + }; +} '' + mkdir -p $out/bin + cp ${./update.sh} $out/bin/update.sh + patchShebangs $out/bin/update.sh + wrapProgram $out/bin/update.sh --prefix PATH : ${binPath} +'' diff --git a/nixos/pkgs/glitch-soc/update.sh b/nixos/pkgs/glitch-soc/update.sh new file mode 100755 index 00000000..3a0686a7 --- /dev/null +++ b/nixos/pkgs/glitch-soc/update.sh @@ -0,0 +1,98 @@ +#!/usr/bin/env bash +set -e + +URL=https://github.com/mastodon/mastodon.git + +POSITIONAL=() +while [[ $# -gt 0 ]]; do + key="$1" + + case $key in + --url) + URL="$2" + shift # past argument + shift # past value + ;; + --ver) + VERSION="$2" + shift # past argument + shift # past value + ;; + --rev) + REVISION="$2" + shift # past argument + shift # past value + ;; + --patches) + PATCHES="$2" + shift # past argument + shift # past value + ;; + *) # unknown option + POSITIONAL+=("$1") + shift # past argument + ;; + esac +done + +if [[ -z "$VERSION" || -n "$POSITIONAL" ]]; then + echo "Usage: update.sh [--url URL] --ver VERSION [--rev REVISION] [--patches PATCHES]" + echo "URL may be any path acceptable to 'git clone' and VERSION the" + echo "semantic version number. If VERSION is not a revision acceptable to" + echo "'git checkout', you must provide one in REVISION. If URL is not" + echo "provided, it defaults to https://github.com/mastodon/mastodon.git." + echo "PATCHES, if provided, should be one or more Nix expressions" + echo "separated by spaces." + exit 1 +fi + +if [[ -z "$REVISION" ]]; then + REVISION="$VERSION" +fi + +rm -f gemset.nix version.nix source.nix +TARGET_DIR="$PWD" + + +WORK_DIR=$(mktemp -d) + +# Check that working directory was created. +if [[ ! "$WORK_DIR" || ! -d "$WORK_DIR" ]]; then + echo "Could not create temporary directory" + exit 1 +fi + +# Delete the working directory on exit. +function cleanup { + # Report errors, if any, from nix-prefetch-git + grep "fatal" $WORK_DIR/nix-prefetch-git.out >/dev/stderr || true + rm -rf "$WORK_DIR" +} +trap cleanup EXIT + +echo "Fetching source code $REVISION from $URL" +JSON=$(nix-prefetch-git --url "$URL" --rev "$REVISION" 2> $WORK_DIR/nix-prefetch-git.out) +SHA=$(echo $JSON | jq -r .sha256) +FETCHED_SOURCE_DIR=$(grep '^path is' $WORK_DIR/nix-prefetch-git.out | sed 's/^path is //') + +echo "Creating version.nix" +echo \"$VERSION\" | sed 's/^"v/"/' > version.nix + +cat > source.nix << EOF +# This file was generated by pkgs.mastodon.updateScript. +{ fetchgit, applyPatches }: let + src = fetchgit { + url = "$URL"; + rev = "$REVISION"; + sha256 = "$SHA"; + }; +in applyPatches { + inherit src; + patches = [$PATCHES]; +} +EOF +SOURCE_DIR="$(nix-build --no-out-link -E '(import {}).callPackage ./source.nix {}')" + +echo "Creating gemset.nix" +bundix --lockfile="$SOURCE_DIR/Gemfile.lock" --gemfile="$SOURCE_DIR/Gemfile" +echo "" >> $TARGET_DIR/gemset.nix # Create trailing newline to please EditorConfig checks diff --git a/nixos/pkgs/glitch-soc/version.nix b/nixos/pkgs/glitch-soc/version.nix new file mode 100644 index 00000000..d23f68c2 --- /dev/null +++ b/nixos/pkgs/glitch-soc/version.nix @@ -0,0 +1 @@ +"3.5.3" diff --git a/nixos/pkgs/vmagent/default.nix b/nixos/pkgs/vmagent/default.nix index c9fdcd2c..e939e3e9 100644 --- a/nixos/pkgs/vmagent/default.nix +++ b/nixos/pkgs/vmagent/default.nix @@ -1,20 +1,19 @@ { lib, fetchFromGitHub, buildGoModule }: buildGoModule rec { pname = "vmagent"; - version = "1.80.0"; + version = "1.59.0"; src = fetchFromGitHub { owner = "VictoriaMetrics"; repo = "VictoriaMetrics"; rev = "v${version}"; - sha256 = "sha256-SIwl8Mgbkk/z3xZ6wCmce7D2T2A2+dcuQ607BOsfrkQ="; - # sha256 = lib.fakeSha256; + sha256 = "1mfdhv20m2xqsg37pdv4vbxdg8iri79grc4g4p9ph0js9yd6nbys"; }; vendorSha256 = null; subPackages = [ "app/vmagent" ]; - + meta = with lib; { description = "VictoriaMetrics metrics scraper"; homepage = "https://github.com/VictoriaMetrics/VictoriaMetrics/tree/master/app/vmagent"; -- 2.47.1 From 2eb6f9a42511fba815c8dd6ffcc31235e88ade48 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 10 Sep 2022 15:14:57 +0200 Subject: [PATCH 0412/1882] undo unify unbound --- nixos/hosts/olympus/dns/configuration.nix | 2 +- nixos/pkgs/default.nix | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/nixos/hosts/olympus/dns/configuration.nix b/nixos/hosts/olympus/dns/configuration.nix index b1098d54..c794d89b 100644 --- a/nixos/hosts/olympus/dns/configuration.nix +++ b/nixos/hosts/olympus/dns/configuration.nix @@ -28,7 +28,7 @@ in { services.unbound = { enable = true; - package = pkgs.unbound; + package = pkgs.v.unbound; settings = { server = { use-syslog = "yes"; diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index 51ef0eff..c97f4beb 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -10,17 +10,17 @@ final: prev: { catppuccin.cursors = prev.callPackage ./catppuccin/cursors { }; - unbound = prev.unbound.override { - withSystemd = true; - withDoH = true; - withDNSCrypt = true; - withTFO = true; - }; + v = { glitch-soc = prev.callPackage ./glitch-soc { }; - + unbound = prev.unbound.override { + withSystemd = true; + withDoH = true; + withDNSCrypt = true; + withTFO = true; + }; vmagent = prev.callPackage ./vmagent { }; gitea-agatheme = prev.callPackage ./gitea-agatheme { }; }; -- 2.47.1 From 5b8ac77646a81c43d01b8120fc20c67e67bb464e Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 10 Sep 2022 16:21:21 +0200 Subject: [PATCH 0413/1882] updates and prowlarr --- flake.lock | 24 ++++++++--------- flake.nix | 2 +- list-nix-store.sh | 27 -------------------- nixos/hosts/hades/default.nix | 1 - nixos/hosts/hades/prowlarr/configuration.nix | 10 ++++++++ nixos/pkgs/default.nix | 3 +-- 6 files changed, 24 insertions(+), 43 deletions(-) delete mode 100755 list-nix-store.sh create mode 100644 nixos/hosts/hades/prowlarr/configuration.nix diff --git a/flake.lock b/flake.lock index 201e70cc..d75fa2b0 100644 --- a/flake.lock +++ b/flake.lock @@ -209,11 +209,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1662736595, - "narHash": "sha256-43viuA7wymW9shuGxFE5U3XGauucm7sQc83P8cvNLLo=", + "lastModified": 1662759269, + "narHash": "sha256-lt8bAfEZudCQb+MxoNKmenhMTXhu3RCCyLYxU9t5FFk=", "owner": "nix-community", "repo": "home-manager", - "rev": "b92826d0c4a6a7c50fece3caaeaa0cb08536a3f3", + "rev": "9f7fe353b613d0e45d7a5cdbd1f13c96c15803dd", "type": "github" }, "original": { @@ -228,11 +228,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1662743291, - "narHash": "sha256-pbkozo4JeRgvB97KYhgYlAkfWp1BNsv0vftXtkedwuE=", + "lastModified": 1662808262, + "narHash": "sha256-NCavxa3knCEJHwP4J0Om15ZfL6BqH+ksz+LbgpYV4ac=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "f663fa209ce72571bd4c551a19757ccd58b3fb7f", + "rev": "d94fe3d063a910cab64fbdc132f6aa168a52e14d", "type": "github" }, "original": { @@ -301,11 +301,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1662688833, - "narHash": "sha256-OYM3f5725gKnFQp21Ph2dsjzFjwKorsDZxZlzIzDN3s=", + "lastModified": 1662774856, + "narHash": "sha256-vgvkBNzRs3Ukwc2sVAoPGeSglltNqLHEvbxmE89fB0I=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "90585ebc121d46e330673322b824596c7b8c8393", + "rev": "d5934f64d688bba60c633b8966170b575a220867", "type": "github" }, "original": { @@ -414,14 +414,14 @@ "locked": { "lastModified": 1662729926, "narHash": "sha256-klAcKYYKVtd3a/34kfi4bqUKlL4GJqh9iYWictDpsJg=", - "owner": "NULLx76", + "owner": "NixOS", "repo": "nixpkgs", "rev": "cc6ef9492eba324cc2482127f0778b8178a186bd", "type": "github" }, "original": { - "owner": "NULLx76", - "ref": "0x76", + "owner": "NixOS", + "ref": "nixos-unstable-small", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index f212e531..57e434c2 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix inputs = { - nixpkgs.url = "github:NULLx76/nixpkgs/0x76"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small"; colmena.url = "github:zhaofengli/colmena"; colmena.inputs.nixpkgs.follows = "nixpkgs"; diff --git a/list-nix-store.sh b/list-nix-store.sh deleted file mode 100755 index 1a78156f..00000000 --- a/list-nix-store.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/usr/bin/env bash -# Small utility to replace `nix path-info --all` -set -euo pipefail - -for file in /nix/store/*; do - case "$file" in - *.drv) - # Avoid .drv as they are not generally useful - continue - ;; - *.drv.chroot) - # Avoid .drv.chroot as they are not generally useful - continue - ;; - *.check) - # Skip .check file produced by --keep-failed - continue - ;; - *.lock) - # Skip .lock files - continue - ;; - *) - echo "$file" - ;; - esac -done diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index f43b9694..0c65eff4 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -188,7 +188,6 @@ hostname = "prowlarr"; ip = "192.168.0.140"; mac = "3a:67:8e:98:0c:a2"; - nix = false; } { hostname = "archlinux"; diff --git a/nixos/hosts/hades/prowlarr/configuration.nix b/nixos/hosts/hades/prowlarr/configuration.nix new file mode 100644 index 00000000..e1b2035b --- /dev/null +++ b/nixos/hosts/hades/prowlarr/configuration.nix @@ -0,0 +1,10 @@ +{ config, pkgs, ... }: +{ + networking.interfaces.eth0.useDHCP = true; + system.stateVersion = "21.05"; + + services.prowlarr = { + enable = true; + openFirewall = true; + }; +} diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index c97f4beb..1f307954 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -10,7 +10,7 @@ final: prev: { catppuccin.cursors = prev.callPackage ./catppuccin/cursors { }; - + vmagent = prev.callPackage ./vmagent { }; v = { glitch-soc = prev.callPackage ./glitch-soc { }; @@ -21,7 +21,6 @@ final: prev: { withDNSCrypt = true; withTFO = true; }; - vmagent = prev.callPackage ./vmagent { }; gitea-agatheme = prev.callPackage ./gitea-agatheme { }; }; } -- 2.47.1 From c0ec0f9754a25a5c7c353ec8ad943f7a9a90f34e Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 10 Sep 2022 19:44:16 +0200 Subject: [PATCH 0414/1882] fix flake check errors + add gha --- .github/workflows/nixos.yml | 18 +++++++++++++++ flake.nix | 4 ++-- util.nix | 44 +++++++++++++++++++++++-------------- 3 files changed, 48 insertions(+), 18 deletions(-) diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index c297f790..073086b5 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -37,3 +37,21 @@ jobs: - name: "Build NixOS config ❄️" run: | nix run '.#' build + check: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2.3.2 + + - name: "Install Nix ❄️" + uses: cachix/install-nix-action@v15 + + - name: "Install Cachix ❄️" + uses: cachix/cachix-action@v10 + with: + name: 0x76-infra + authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" + + - name: "Build NixOS config ❄️" + run: | + nix flake check + diff --git a/flake.nix b/flake.nix index 57e434c2..749a4b66 100644 --- a/flake.nix +++ b/flake.nix @@ -36,7 +36,7 @@ inherit (nixpkgs) lib; inherit (builtins) filter mapAttrs attrValues concatLists; - util = import ./util.nix inputs; + util = import ./util.nix inputs; system = "x86_64-linux"; # import and add realm to list of tags @@ -64,7 +64,7 @@ in { # Make the nixosConfigurations, mostly for vault-secrets - nixosConfigurations = util.mkNixosConfigurations specialArgs hosts; + nixosConfigurations = util.mkNixosConfigurations specialArgs nixHosts; # Make the coleman configuration colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el) diff --git a/util.nix b/util.nix index ae4bd8d5..a33e6667 100644 --- a/util.nix +++ b/util.nix @@ -28,27 +28,39 @@ rec { mkNixosSystem = specialArgs: { hostname, realm, system ? "x86_64-linux", ... }@host: { "${hostname}.${realm}" = lib.nixosSystem { inherit system specialArgs; - modules = resolve_imports host; + modules = + [ + ({ config, pkgs, ... }: { + nixpkgs.overlays = [ (import ./nixos/pkgs) ]; + networking = { + hostName = hostname; + domain = realm; + }; + }) + ] ++ + (resolve_imports host); }; }; - mkColmenaHost = { ip ? null, hostname, tags, realm, type ? "lxc", ... }@host: let - name = if realm == "thalassa" then hostname else "${hostname}.${realm}"; - in{ - "${name}" = { - imports = resolve_imports host; - networking = { - hostName = hostname; - domain = realm; - }; - deployment = { - inherit tags; - targetHost = ip; - allowLocalDeployment = (type == "local"); - targetUser = null; # Defaults to $USER + mkColmenaHost = { ip ? null, hostname, tags, realm, type ? "lxc", ... }@host: + let + name = if realm == "thalassa" then hostname else "${hostname}.${realm}"; + in + { + "${name}" = { + imports = resolve_imports host; + networking = { + hostName = hostname; + domain = realm; + }; + deployment = { + inherit tags; + targetHost = ip; + allowLocalDeployment = (type == "local"); + targetUser = null; # Defaults to $USER + }; }; }; - }; mkNixosConfigurations = specialArgs: hosts: lib.foldr (el: acc: acc // mkNixosSystem specialArgs el) { } hosts; } -- 2.47.1 From a0445f0b9c4b6b4a42e59d289bf90d9187e0590a Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 10 Sep 2022 19:49:04 +0200 Subject: [PATCH 0415/1882] added webcord --- .github/workflows/nixos.yml | 2 +- flake.nix | 4 ++++ nixos/hosts/thalassa/null/home/default.nix | 5 +++-- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index 073086b5..3736b324 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -51,7 +51,7 @@ jobs: name: 0x76-infra authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" - - name: "Build NixOS config ❄️" + - name: "Check NixOS Flake ❄️" run: | nix flake check diff --git a/flake.nix b/flake.nix index 749a4b66..018078ed 100644 --- a/flake.nix +++ b/flake.nix @@ -8,6 +8,7 @@ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small"; + colmena.url = "github:zhaofengli/colmena"; colmena.inputs.nixpkgs.follows = "nixpkgs"; @@ -28,6 +29,9 @@ hyprpaper.inputs.nixpkgs.follows = "nixpkgs"; riff.url = "github:DeterminateSystems/riff"; + + webcord.url = "github:fufexan/webcord-flake"; + webcord.inputs.nixpkgs.follows = "nixpkgs"; }; outputs = diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 9219382c..dc709604 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -14,8 +14,8 @@ home.packages = with pkgs; [ brightnessctl - discord calibre + discord element-desktop-wayland fluxcd fusee-launcher @@ -26,6 +26,8 @@ gnome.gnome-font-viewer gnome.nautilus grim # Screenshot tool + inputs.riff.packages.${pkgs.system}.riff + inputs.webcord.packages.${pkgs.system}.default k9s kubectl libnotify @@ -43,7 +45,6 @@ wf-recorder # Screenrecorder wl-clipboard # Clipboard manager wofi # Wayland rofi - inputs.riff.packages.x86_64-linux.riff ]; programs.foot = { -- 2.47.1 From 93c52e3f61dd287bd304aac3668c29a09c0180df Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 10 Sep 2022 19:50:08 +0200 Subject: [PATCH 0416/1882] fix eww --- flake.lock | 273 +++++++++++++++++++- nixos/hosts/thalassa/null/home/default.nix | 2 +- nixos/hosts/thalassa/null/home/eww/eww.yuck | 6 - nixos/pkgs/default.nix | 2 +- 4 files changed, 274 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index d75fa2b0..e7bf7b39 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,29 @@ { "nodes": { + "alejandra": { + "inputs": { + "fenix": "fenix_2", + "flakeCompat": "flakeCompat", + "nixpkgs": [ + "webcord", + "dream2nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1658427149, + "narHash": "sha256-ToD/1z/q5VHsLMrS2h96vjJoLho59eNRtknOUd19ey8=", + "owner": "kamadorueda", + "repo": "alejandra", + "rev": "f5a22afd2adfb249b4e68e0b33aa1f0fb73fb1be", + "type": "github" + }, + "original": { + "owner": "kamadorueda", + "repo": "alejandra", + "type": "github" + } + }, "colmena": { "inputs": { "flake-compat": "flake-compat", @@ -24,6 +48,22 @@ "type": "github" } }, + "crane": { + "flake": false, + "locked": { + "lastModified": 1654444508, + "narHash": "sha256-4OBvQ4V7jyt7afs6iKUvRzJ1u/9eYnKzVQbeQdiamuY=", + "owner": "ipetkov", + "repo": "crane", + "rev": "db5482bf225acc3160899124a1df5a617cfa27b5", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, "deploy-rs": { "inputs": { "flake-compat": "flake-compat_2", @@ -43,6 +83,51 @@ "type": "indirect" } }, + "devshell": { + "flake": false, + "locked": { + "lastModified": 1653917170, + "narHash": "sha256-FyxOnEE/V4PNEcMU62ikY4FfYPo349MOhMM97HS0XEo=", + "owner": "numtide", + "repo": "devshell", + "rev": "fc7a3e3adde9bbcab68af6d1e3c6eb738e296a92", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "devshell", + "type": "github" + } + }, + "dream2nix": { + "inputs": { + "alejandra": "alejandra", + "crane": "crane", + "devshell": "devshell", + "flake-utils-pre-commit": "flake-utils-pre-commit", + "gomod2nix": "gomod2nix", + "mach-nix": "mach-nix", + "nixpkgs": [ + "webcord", + "nixpkgs" + ], + "poetry2nix": "poetry2nix", + "pre-commit-hooks": "pre-commit-hooks" + }, + "locked": { + "lastModified": 1661948914, + "narHash": "sha256-596RJgybMFUOWKkoMehqT5a7XuR6JkJg5zyqX/t1LuY=", + "owner": "nix-community", + "repo": "dream2nix", + "rev": "dc3530785e7388398c40c2b4f5893a674b8bd557", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "dream2nix", + "type": "github" + } + }, "fenix": { "inputs": { "nixpkgs": [ @@ -65,6 +150,30 @@ "type": "github" } }, + "fenix_2": { + "inputs": { + "nixpkgs": [ + "webcord", + "dream2nix", + "alejandra", + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src_2" + }, + "locked": { + "lastModified": 1657607339, + "narHash": "sha256-HaqoAwlbVVZH2n4P3jN2FFPMpVuhxDy1poNOR7kzODc=", + "owner": "nix-community", + "repo": "fenix", + "rev": "b814c83d9e6aa5a28d0cf356ecfdafb2505ad37d", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, "flake-compat": { "flake": false, "locked": { @@ -142,6 +251,21 @@ "type": "github" } }, + "flake-utils-pre-commit": { + "locked": { + "lastModified": 1644229661, + "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "flake-utils_2": { "locked": { "lastModified": 1644229661, @@ -185,6 +309,22 @@ "type": "indirect" } }, + "flakeCompat": { + "flake": false, + "locked": { + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "gitignore-nix": { "flake": false, "locked": { @@ -201,6 +341,22 @@ "type": "github" } }, + "gomod2nix": { + "flake": false, + "locked": { + "lastModified": 1627572165, + "narHash": "sha256-MFpwnkvQpauj799b4QTBJQFEddbD02+Ln5k92QyHOSk=", + "owner": "tweag", + "repo": "gomod2nix", + "rev": "67f22dd738d092c6ba88e420350ada0ed4992ae8", + "type": "github" + }, + "original": { + "owner": "tweag", + "repo": "gomod2nix", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -293,6 +449,21 @@ "type": "github" } }, + "mach-nix": { + "flake": false, + "locked": { + "lastModified": 1634711045, + "narHash": "sha256-m5A2Ty88NChLyFhXucECj6+AuiMZPHXNbw+9Kcs7F6Y=", + "owner": "DavHau", + "repo": "mach-nix", + "rev": "4433f74a97b94b596fa6cd9b9c0402104aceef5d", + "type": "github" + }, + "original": { + "id": "mach-nix", + "type": "indirect" + } + }, "minecraft-servers": { "inputs": { "nixpkgs": [ @@ -488,6 +659,50 @@ "type": "indirect" } }, + "poetry2nix": { + "flake": false, + "locked": { + "lastModified": 1632969109, + "narHash": "sha256-jPDclkkiAy5m2gGLBlKgH+lQtbF7tL4XxBrbSzw+Ioc=", + "owner": "nix-community", + "repo": "poetry2nix", + "rev": "aee8f04296c39d88155e05d25cfc59dfdd41cc77", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "1.21.0", + "repo": "poetry2nix", + "type": "github" + } + }, + "pre-commit-hooks": { + "inputs": { + "flake-utils": [ + "webcord", + "dream2nix", + "flake-utils-pre-commit" + ], + "nixpkgs": [ + "webcord", + "dream2nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1646153636, + "narHash": "sha256-AlWHMzK+xJ1mG267FdT8dCq/HvLCA6jwmx2ZUy5O8tY=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "b6bc0b21e1617e2b07d8205e7fae7224036dfa4b", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, "riff": { "inputs": { "fenix": "fenix", @@ -518,7 +733,8 @@ "nixpkgs": "nixpkgs_2", "riff": "riff", "serokell-nix": "serokell-nix", - "vault-secrets": "vault-secrets" + "vault-secrets": "vault-secrets", + "webcord": "webcord" } }, "rust-analyzer-src": { @@ -538,6 +754,23 @@ "type": "github" } }, + "rust-analyzer-src_2": { + "flake": false, + "locked": { + "lastModified": 1657557289, + "narHash": "sha256-PRW+nUwuqNTRAEa83SfX+7g+g8nQ+2MMbasQ9nt6+UM=", + "owner": "rust-lang", + "repo": "rust-analyzer", + "rev": "caf23f29144b371035b864a1017dbc32573ad56d", + "type": "github" + }, + "original": { + "owner": "rust-lang", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, "serokell-nix": { "inputs": { "deploy-rs": "deploy-rs", @@ -665,6 +898,44 @@ "type": "github" } }, + "webcord": { + "inputs": { + "dream2nix": "dream2nix", + "nixpkgs": [ + "nixpkgs" + ], + "webcord": "webcord_2" + }, + "locked": { + "lastModified": 1662387088, + "narHash": "sha256-eB9O9UIkeKHKyCF5oNw3a+wukeaLQMNl4OvJIeR5hRo=", + "owner": "fufexan", + "repo": "webcord-flake", + "rev": "6a2a625df8a607c4a42aa921877ad65be73a2eb0", + "type": "github" + }, + "original": { + "owner": "fufexan", + "repo": "webcord-flake", + "type": "github" + } + }, + "webcord_2": { + "flake": false, + "locked": { + "lastModified": 1661854465, + "narHash": "sha256-/2f+Jb/1MstWtzbnG/gNLG/ds8K7qultXWfb5nlth08=", + "owner": "SpacingBat3", + "repo": "WebCord", + "rev": "83ad1578b2cbcb1c4e5470ca85a0a6e6f5f8c42e", + "type": "github" + }, + "original": { + "owner": "SpacingBat3", + "repo": "WebCord", + "type": "github" + } + }, "wlroots": { "flake": false, "locked": { diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index dc709604..4f878385 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -15,7 +15,6 @@ home.packages = with pkgs; [ brightnessctl calibre - discord element-desktop-wayland fluxcd fusee-launcher @@ -40,6 +39,7 @@ rsync rust-analyzer rustup + solo2-cli steam-run texlive.combined.scheme-full wf-recorder # Screenrecorder diff --git a/nixos/hosts/thalassa/null/home/eww/eww.yuck b/nixos/hosts/thalassa/null/home/eww/eww.yuck index fbf04d3d..187cabfa 100644 --- a/nixos/hosts/thalassa/null/home/eww/eww.yuck +++ b/nixos/hosts/thalassa/null/home/eww/eww.yuck @@ -14,12 +14,7 @@ ) ) -;; Variables -; (defvar time false) -; (defvar cal false) - ;; ━━━ WIFI ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ -(defvar wifi "{}") (defpoll wifi :interval "30s" "./scripts/wifi.sh") (defwidget wifi [] @@ -71,7 +66,6 @@ ) ;; ━━━ VOLUME ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ -(defvar volume "{}") (defpoll volume :interval "1s" "./scripts/volume.sh") (defwidget volume [] (eventbox :onclick "pamixer -t" diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index 1f307954..5f51e6b9 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -6,7 +6,7 @@ final: prev: { ''; }); - discord = prev.discord.override { withOpenASAR = true; }; + discord-canary = prev.discord-canary.override { withOpenASAR = true; }; catppuccin.cursors = prev.callPackage ./catppuccin/cursors { }; -- 2.47.1 From 193138be43bcd9e77f9d091b88ead2da1b0ad306 Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 11 Sep 2022 19:38:26 +0200 Subject: [PATCH 0417/1882] updates --- flake.lock | 18 +++++++++--------- .../thalassa/null/home/hyprland/default.nix | 3 ++- 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/flake.lock b/flake.lock index e7bf7b39..5a7a1901 100644 --- a/flake.lock +++ b/flake.lock @@ -384,11 +384,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1662808262, - "narHash": "sha256-NCavxa3knCEJHwP4J0Om15ZfL6BqH+ksz+LbgpYV4ac=", + "lastModified": 1662832677, + "narHash": "sha256-iznPgUPjzOt0j3zB3LUAhYLX5L+6k+UMsluDasa5p80=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "d94fe3d063a910cab64fbdc132f6aa168a52e14d", + "rev": "f024d7114fe08f505ec9af40ee8cd471fbb6c09b", "type": "github" }, "original": { @@ -583,11 +583,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1662729926, - "narHash": "sha256-klAcKYYKVtd3a/34kfi4bqUKlL4GJqh9iYWictDpsJg=", + "lastModified": 1662901081, + "narHash": "sha256-FHd7a3ZfFTlcaYffeWhfDwPd4XeUsScjMEEoWHMqp44=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cc6ef9492eba324cc2482127f0778b8178a186bd", + "rev": "cc46999e0a45051412f736264cdf30da8d429460", "type": "github" }, "original": { @@ -907,11 +907,11 @@ "webcord": "webcord_2" }, "locked": { - "lastModified": 1662387088, - "narHash": "sha256-eB9O9UIkeKHKyCF5oNw3a+wukeaLQMNl4OvJIeR5hRo=", + "lastModified": 1662901119, + "narHash": "sha256-tab8KTHTzJjAm7s/n0tk2ZsI6VNr69WqQiiVbQrUm2o=", "owner": "fufexan", "repo": "webcord-flake", - "rev": "6a2a625df8a607c4a42aa921877ad65be73a2eb0", + "rev": "529d1721ed91cc7166c2c7b81f8f4bd23ae678b7", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/null/home/hyprland/default.nix b/nixos/hosts/thalassa/null/home/hyprland/default.nix index 61d3544e..e39d3422 100644 --- a/nixos/hosts/thalassa/null/home/hyprland/default.nix +++ b/nixos/hosts/thalassa/null/home/hyprland/default.nix @@ -16,6 +16,7 @@ exec-once=${pkgs.hyprpaper}/bin/hyprpaper exec-once=hyprctl setcursor Catppuccin-Frappe-Pink-Cursors 32 exec-once=${pkgs.xsettingsd}/bin/xsettingsd & + exec-once=foot --server & exec-once=eww daemon exec-once=eww open bar @@ -49,7 +50,7 @@ pseudotile=true } - bind=SUPER,RETURN,exec,foot + bind=SUPER,RETURN,exec,footclient bind=SUPER,f,exec,firefox-devedition bind=SUPER,d,exec,wofi --show run,drun -- 2.47.1 From 8498de2d90ceec407ebd3a2e79f6b21ea3e806f1 Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 12 Sep 2022 10:05:31 +0200 Subject: [PATCH 0418/1882] laptop: refactor --- flake.lock | 24 +++---- nixos/hosts/thalassa/null/home/default.nix | 19 +----- nixos/hosts/thalassa/null/home/eww/eww.scss | 26 ------- .../{hyprland/default.nix => hyprland.nix} | 5 -- nixos/hosts/thalassa/null/home/theme.nix | 68 +++++++++++++++++-- 5 files changed, 74 insertions(+), 68 deletions(-) rename nixos/hosts/thalassa/null/home/{hyprland/default.nix => hyprland.nix} (95%) diff --git a/flake.lock b/flake.lock index 5a7a1901..cb67d7a3 100644 --- a/flake.lock +++ b/flake.lock @@ -384,11 +384,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1662832677, - "narHash": "sha256-iznPgUPjzOt0j3zB3LUAhYLX5L+6k+UMsluDasa5p80=", + "lastModified": 1662922102, + "narHash": "sha256-5OZiMlsmN1SISveS0dsuuu38RX6k4QjcZoKmZFWplFw=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "f024d7114fe08f505ec9af40ee8cd471fbb6c09b", + "rev": "b49d7007b57a4890d63262fa031cf63ee09e0ed0", "type": "github" }, "original": { @@ -472,11 +472,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1662774856, - "narHash": "sha256-vgvkBNzRs3Ukwc2sVAoPGeSglltNqLHEvbxmE89fB0I=", + "lastModified": 1662966897, + "narHash": "sha256-ZMxjO9eGPj/NnqqzNwaJQV7zwxOtYhm5bEW3u4isziE=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "d5934f64d688bba60c633b8966170b575a220867", + "rev": "0812eb875aa86bd0da8eb27c30f4a96ecddd1406", "type": "github" }, "original": { @@ -583,11 +583,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1662901081, - "narHash": "sha256-FHd7a3ZfFTlcaYffeWhfDwPd4XeUsScjMEEoWHMqp44=", + "lastModified": 1662940775, + "narHash": "sha256-SIgHTMjM+PqXWaXDzXsy/XmrDuTu7zpPvizgS7C9n+M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cc46999e0a45051412f736264cdf30da8d429460", + "rev": "faa93c4e19e79e7a6de31d6d3492b8f00760ca82", "type": "github" }, "original": { @@ -907,11 +907,11 @@ "webcord": "webcord_2" }, "locked": { - "lastModified": 1662901119, - "narHash": "sha256-tab8KTHTzJjAm7s/n0tk2ZsI6VNr69WqQiiVbQrUm2o=", + "lastModified": 1662959566, + "narHash": "sha256-rajDG3utME/F6TdwIUPs44soARIx59+NOZPNCJzeUqA=", "owner": "fufexan", "repo": "webcord-flake", - "rev": "529d1721ed91cc7166c2c7b81f8f4bd23ae678b7", + "rev": "f1f6a0a7278459bcbfe792ad8caf7e029eeb1c32", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 4f878385..4dfb35f8 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -7,7 +7,7 @@ imports = [ inputs.hyprland.homeManagerModules.default - ./hyprland + ./hyprland.nix ./eww ./theme.nix ]; @@ -107,22 +107,5 @@ programs.zsh.enable = true; - gtk = { - enable = true; - theme = { - name = "Catppuccin-Pink-Dark"; - package = pkgs.catppuccin-gtk; - }; - iconTheme = { - name = "Arc"; - package = pkgs.arc-icon-theme; - }; - cursorTheme = { - name = "Catppuccin-Frappe-Pink-Cursors"; - package = pkgs.catppuccin.cursors; - size = 32; - }; - }; - services.syncthing.enable = true; } diff --git a/nixos/hosts/thalassa/null/home/eww/eww.scss b/nixos/hosts/thalassa/null/home/eww/eww.scss index 877db8f7..d51ad001 100644 --- a/nixos/hosts/thalassa/null/home/eww/eww.scss +++ b/nixos/hosts/thalassa/null/home/eww/eww.scss @@ -1,29 +1,3 @@ -$rosewater: #f2d5cf; -$flamingo: #eebebe; -$pink: #f4b8e4; -$mauve: #ca9ee6; -$red: #e78284; -$maroon: #ea999c; -$peach: #ef9f76; -$yellow: #e5c890; -$green: #a6d189; -$teal: #81c8be; -$sky: #99d1db; -$sapphire: #85c1dc; -$blue: #8caaee; -$lavender: #babbf1; -$text: #c6d0f5; -$subtext1: #b5bfe2; -$subtext0: #a5adce; -$overlay2: #949cbb; -$overlay1: #838ba7; -$overlay0: #737994; -$surface2: #626880; -$surface1: #51576d; -$surface0: #414559; -$base: #303446; -$mantle: #292c3c; -$crust: #232634; $light-gray: #9699b7; * { diff --git a/nixos/hosts/thalassa/null/home/hyprland/default.nix b/nixos/hosts/thalassa/null/home/hyprland.nix similarity index 95% rename from nixos/hosts/thalassa/null/home/hyprland/default.nix rename to nixos/hosts/thalassa/null/home/hyprland.nix index e39d3422..e37d85bc 100644 --- a/nixos/hosts/thalassa/null/home/hyprland/default.nix +++ b/nixos/hosts/thalassa/null/home/hyprland.nix @@ -5,11 +5,6 @@ wallpaper = eDP-1,~/cloud/Pictures/Wallpapers-Laptop/wallpaper-nix-pink.png ''; - home.file.".xsettingsd".text = '' - Gtk/CursorThemeName "Catppuccin-Frappe-Pink-Cursors" - Net/ThemeName "Catppuccin-Pink-Dark" - ''; - wayland.windowManager.hyprland = { enable = true; extraConfig = '' diff --git a/nixos/hosts/thalassa/null/home/theme.nix b/nixos/hosts/thalassa/null/home/theme.nix index 870403f2..d87b91d3 100644 --- a/nixos/hosts/thalassa/null/home/theme.nix +++ b/nixos/hosts/thalassa/null/home/theme.nix @@ -1,6 +1,9 @@ -{ ... }: +{ lib, ... }: let - # Catpuccin Frappe Pink + inherit (builtins) mapAttrs; + + theme = "Catppuccin-Pink-Dark"; + cursorTheme = "Catppuccin-Frappe-Pink-Cursors"; colour = rec { rosewater = "f2d5cf"; flamingo = "eebebe"; @@ -17,22 +20,44 @@ let blue = "8caaee"; lavender = "babbf1"; text = "c6d0f5"; - subtext1 = "b5bfe2"; subtext0 = "a5adce"; + subtext1 = "b5bfe2"; overlay2 = "949cbb"; - overlay1 = "838ba7"; overlay0 = "737994"; - surface2 = "626880"; - surface1 = "51576d"; + overlay1 = "838ba7"; surface0 = "414559"; + surface1 = "51576d"; + surface2 = "626880"; base = "303446"; mantle = "292c3c"; crust = "232634"; - hex = builtins.mapAttrs (name: value: "#${value}") colour; + hex = mapAttrs (name: value: "#${value}") colour; }; in { + home.file.".xsettingsd".text = '' + Net/ThemeName "${theme}" + Gtk/CursorThemeName "${cursorTheme}" + ''; + + gtk = { + enable = true; + theme = { + name = theme; + package = pkgs.catppuccin-gtk; + }; + iconTheme = { + name = "Arc"; + package = pkgs.arc-icon-theme; + }; + cursorTheme = { + name = cursorTheme; + package = pkgs.catppuccin.cursors; + size = 32; + }; + }; + # Note, pink and blue are switched programs.foot.settings.colors = { foreground = colour.text; # Text @@ -61,4 +86,33 @@ in textColor = colour.hex.text; borderRadius = 5; }; + + home.file.".config/eww/eww.scss".text = lib.mkBefore '' + $rosewater: ${colour.hex.rosewater}; + $flamingo: ${colour.hex.flamingo}; + $pink: ${colour.hex.pink}; + $mauve: ${colour.hex.mauve}; + $red: ${colour.hex.red}; + $maroon: ${colour.hex.maroon}; + $peach: ${colour.hex.peach}; + $yellow: ${colour.hex.yellow}; + $green: ${colour.hex.green}; + $teal: ${colour.hex.teal}; + $sky: ${colour.hex.sky}; + $sapphire: ${colour.hex.sapphire}; + $blue: ${colour.hex.blue}; + $lavender: ${colour.hex.lavender}; + $text: ${colour.hex.text}; + $subtext0: ${colour.hex.subtext0}; + $subtext1: ${colour.hex.subtext1}; + $overlay0: ${colour.hex.overlay0}; + $overlay1: ${colour.hex.overlay1}; + $overlay2: ${colour.hex.overlay2}; + $surface0: ${colour.hex.surface0}; + $surface1: ${colour.hex.surface1}; + $surface2: ${colour.hex.surface2}; + $base: ${colour.hex.base}; + $mantle: ${colour.hex.mantle}; + $crust: ${colour.hex.crust}; + ''; } -- 2.47.1 From 551caf522188ae5d77dc33142ca914cb9e5d2111 Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 12 Sep 2022 14:32:40 +0200 Subject: [PATCH 0419/1882] minor edits --- flake.lock | 6 +++--- nixos/hosts/thalassa/null/home/hyprland.nix | 20 ++++++++++---------- nixos/hosts/thalassa/null/home/theme.nix | 2 +- 3 files changed, 14 insertions(+), 14 deletions(-) diff --git a/flake.lock b/flake.lock index cb67d7a3..ebe07f3f 100644 --- a/flake.lock +++ b/flake.lock @@ -783,11 +783,11 @@ ] }, "locked": { - "lastModified": 1661942860, - "narHash": "sha256-HHEAjAh/yx7h6RWQ6sYgnwZ0LJ4eut3y32vO/pD7Gjw=", + "lastModified": 1662982457, + "narHash": "sha256-FkllT92wW49B9N2Q2p9Yq0luMvrhVcJ5aGfaZnm4mdI=", "owner": "serokell", "repo": "serokell.nix", - "rev": "8c69cd4712106631f46eebd4815515b169aa37aa", + "rev": "14bd44d7d365cdbb4262eec4d92a8f70b38eaece", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/null/home/hyprland.nix b/nixos/hosts/thalassa/null/home/hyprland.nix index e37d85bc..d2137205 100644 --- a/nixos/hosts/thalassa/null/home/hyprland.nix +++ b/nixos/hosts/thalassa/null/home/hyprland.nix @@ -71,16 +71,16 @@ bind=SUPER,9,workspace,9 bind=SUPER,0,workspace,10 - bind=ALT,1,movetoworkspace,1 - bind=ALT,2,movetoworkspace,2 - bind=ALT,3,movetoworkspace,3 - bind=ALT,4,movetoworkspace,4 - bind=ALT,5,movetoworkspace,5 - bind=ALT,6,movetoworkspace,6 - bind=ALT,7,movetoworkspace,7 - bind=ALT,8,movetoworkspace,8 - bind=ALT,9,movetoworkspace,9 - bind=ALT,0,movetoworkspace,10 + bind=SUPERSHIFT,1,movetoworkspace,1 + bind=SUPERSHIFT,2,movetoworkspace,2 + bind=SUPERSHIFT,3,movetoworkspace,3 + bind=SUPERSHIFT,4,movetoworkspace,4 + bind=SUPERSHIFT,5,movetoworkspace,5 + bind=SUPERSHIFT,6,movetoworkspace,6 + bind=SUPERSHIFT,7,movetoworkspace,7 + bind=SUPERSHIFT,8,movetoworkspace,8 + bind=SUPERSHIFT,9,movetoworkspace,9 + bind=SUPERSHIFT,0,movetoworkspace,10 bind=SUPER,mouse_down,workspace,e+1 bind=SUPER,mouse_up,workspace,e-1 diff --git a/nixos/hosts/thalassa/null/home/theme.nix b/nixos/hosts/thalassa/null/home/theme.nix index d87b91d3..41e9b218 100644 --- a/nixos/hosts/thalassa/null/home/theme.nix +++ b/nixos/hosts/thalassa/null/home/theme.nix @@ -1,4 +1,4 @@ -{ lib, ... }: +{ lib, pkgs, ... }: let inherit (builtins) mapAttrs; -- 2.47.1 From 2d0500eab42cf4ef9668401d0012a991a804920f Mon Sep 17 00:00:00 2001 From: victor Date: Tue, 13 Sep 2022 14:43:23 +0200 Subject: [PATCH 0420/1882] updates --- .gitignore | 3 +- flake.lock | 54 ++++++++------------- flake.nix | 24 ++++++--- nixos/hosts/thalassa/null/configuration.nix | 2 + 4 files changed, 41 insertions(+), 42 deletions(-) diff --git a/.gitignore b/.gitignore index d1da3a8f..263c0ce2 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ result -.direnv \ No newline at end of file +.direnv +.gcroots \ No newline at end of file diff --git a/flake.lock b/flake.lock index ebe07f3f..06c54fa5 100644 --- a/flake.lock +++ b/flake.lock @@ -67,7 +67,7 @@ "deploy-rs": { "inputs": { "flake-compat": "flake-compat_2", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_3", "utils": "utils_4" }, "locked": { @@ -384,11 +384,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1662922102, - "narHash": "sha256-5OZiMlsmN1SISveS0dsuuu38RX6k4QjcZoKmZFWplFw=", + "lastModified": 1663064996, + "narHash": "sha256-gw5AnClp+pm7Qd35QpjYHulz4b0P1j+AW6o6974PIbs=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "b49d7007b57a4890d63262fa031cf63ee09e0ed0", + "rev": "7d4f0a319943f56b1a277ceae198fc3f77615afe", "type": "github" }, "original": { @@ -472,11 +472,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1662966897, - "narHash": "sha256-ZMxjO9eGPj/NnqqzNwaJQV7zwxOtYhm5bEW3u4isziE=", + "lastModified": 1663034396, + "narHash": "sha256-ySk0Jnsndl/XEHV7daBwUpstZzaiWAlFDmFyPa847do=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "0812eb875aa86bd0da8eb27c30f4a96ecddd1406", + "rev": "c796808005d9fa678ca4f2efd4fa835b1679caf1", "type": "github" }, "original": { @@ -509,7 +509,7 @@ "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs_5" + "nixpkgs": "nixpkgs_4" }, "locked": { "lastModified": 1633098935, @@ -550,7 +550,7 @@ "nix_2": { "inputs": { "lowdown-src": "lowdown-src_2", - "nixpkgs": "nixpkgs_6" + "nixpkgs": "nixpkgs_5" }, "locked": { "lastModified": 1633098935, @@ -583,11 +583,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1662940775, - "narHash": "sha256-SIgHTMjM+PqXWaXDzXsy/XmrDuTu7zpPvizgS7C9n+M=", + "lastModified": 1663047086, + "narHash": "sha256-gAKeS/8PgVjeBiYiPN0HzKx8GAC4eohHwnrzvDGpNEg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "faa93c4e19e79e7a6de31d6d3492b8f00760ca82", + "rev": "bcc5b8857ff078188c738c19b2600c5fcc040632", "type": "github" }, "original": { @@ -598,22 +598,6 @@ } }, "nixpkgs_3": { - "locked": { - "lastModified": 1662099760, - "narHash": "sha256-MdZLCTJPeHi/9fg6R9fiunyDwP3XHJqDd51zWWz9px0=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "67e45078141102f45eff1589a831aeaa3182b41e", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-22.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { "locked": { "lastModified": 1648219316, "narHash": "sha256-Ctij+dOi0ZZIfX5eMhgwugfvB+WZSrvVNAyAuANOsnQ=", @@ -629,7 +613,7 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_4": { "locked": { "lastModified": 1632864508, "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", @@ -644,7 +628,7 @@ "type": "indirect" } }, - "nixpkgs_6": { + "nixpkgs_5": { "locked": { "lastModified": 1632864508, "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", @@ -707,14 +691,16 @@ "inputs": { "fenix": "fenix", "naersk": "naersk", - "nixpkgs": "nixpkgs_3" + "nixpkgs": [ + "nixpkgs" + ] }, "locked": { - "lastModified": 1662744797, - "narHash": "sha256-raV+TEPsy8JK4ELgGoQZ96JkbnfDbfywVSZuTrtZ9eI=", + "lastModified": 1663003161, + "narHash": "sha256-Og3MM2+Cwz82sRV3AgU5vPRf+QdeFDhG1zv+DMLqagk=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "73d62f3a0d8410a35b9b2d6d391468e2cce1d55b", + "rev": "fca05c4d80dcd12cbb0d65681279729489a92e68", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 018078ed..0a58f47a 100644 --- a/flake.nix +++ b/flake.nix @@ -8,7 +8,6 @@ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small"; - colmena.url = "github:zhaofengli/colmena"; colmena.inputs.nixpkgs.follows = "nixpkgs"; @@ -29,18 +28,29 @@ hyprpaper.inputs.nixpkgs.follows = "nixpkgs"; riff.url = "github:DeterminateSystems/riff"; + riff.inputs.nixpkgs.follows = "nixpkgs"; webcord.url = "github:fufexan/webcord-flake"; webcord.inputs.nixpkgs.follows = "nixpkgs"; }; outputs = - { self, nixpkgs, vault-secrets, serokell-nix, minecraft-servers, colmena, home-manager, hyprpaper, hyprland, riff, ... }@inputs: + { self + , nixpkgs + , vault-secrets + , serokell-nix + , minecraft-servers + , colmena + , home-manager + , hyprpaper + , hyprland + , ... + } @ inputs: let inherit (nixpkgs) lib; inherit (builtins) filter mapAttrs attrValues concatLists; - util = import ./util.nix inputs; + util = import ./util.nix inputs; system = "x86_64-linux"; # import and add realm to list of tags @@ -63,7 +73,7 @@ # Script to apply local colmena deployments apply-local = pkgs.writeScriptBin "apply-local" '' #!${pkgs.stdenv.shell} - "${colmena.packages.x86_64-linux.colmena}"/bin/colmena apply-local --sudo $@ + "${colmena.packages.${system}.colmena}"/bin/colmena apply-local --sudo $@ ''; in { @@ -80,15 +90,15 @@ } nixHosts; - packages.x86_64-linux.default = colmena.packages.x86_64-linux.colmena; - packages.x86_64-linux.apply-local = apply-local; + packages.${system}.default = colmena.packages.${system}.colmena; + packages.${system}.apply-local = apply-local; # Use by running `nix develop` devShells.${system}.default = pkgs.mkShell { VAULT_ADDR = "http://vault.olympus:8200/"; buildInputs = with pkgs; [ apply-local - colmena.packages.x86_64-linux.colmena + colmena.packages.${system}.colmena fluxcd k9s kubectl diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 4267cc97..24d88ca5 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -235,6 +235,8 @@ in authFile = "/etc/u2f-mappings"; # use `pamu2fcfg` from `pkgs.pam_u2f` to generate this config }; + services.udev.packages = [ pkgs.qmk-udev-rules ]; + # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave -- 2.47.1 From b89da7fdd768ace51086a956efa013ff4830f398 Mon Sep 17 00:00:00 2001 From: victor Date: Tue, 13 Sep 2022 14:57:48 +0200 Subject: [PATCH 0421/1882] fix flake --- flake.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index 0a58f47a..9c801ee8 100644 --- a/flake.nix +++ b/flake.nix @@ -90,8 +90,10 @@ } nixHosts; - packages.${system}.default = colmena.packages.${system}.colmena; - packages.${system}.apply-local = apply-local; + packages.${system} = { + default = colmena.packages.${system}.colmena; + apply-local = apply-local; + }; # Use by running `nix develop` devShells.${system}.default = pkgs.mkShell { -- 2.47.1 From aca30aa52795218795c2cd0c0b6b6c0bd37b72c1 Mon Sep 17 00:00:00 2001 From: victor Date: Tue, 13 Sep 2022 14:57:48 +0200 Subject: [PATCH 0422/1882] fix flake --- flake.lock | 30 +++++++++++++++--------------- flake.nix | 11 ++++++++--- util.nix | 19 ------------------- 3 files changed, 23 insertions(+), 37 deletions(-) diff --git a/flake.lock b/flake.lock index 06c54fa5..401fc6cb 100644 --- a/flake.lock +++ b/flake.lock @@ -365,11 +365,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1662759269, - "narHash": "sha256-lt8bAfEZudCQb+MxoNKmenhMTXhu3RCCyLYxU9t5FFk=", + "lastModified": 1663099612, + "narHash": "sha256-ucokjFDRwCFWbcGiqxz0mfHv82UqwyW7RXY6ZgKSl80=", "owner": "nix-community", "repo": "home-manager", - "rev": "9f7fe353b613d0e45d7a5cdbd1f13c96c15803dd", + "rev": "60c6bfe322944d04bb38e76b64effcbd01258824", "type": "github" }, "original": { @@ -384,11 +384,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1663064996, - "narHash": "sha256-gw5AnClp+pm7Qd35QpjYHulz4b0P1j+AW6o6974PIbs=", + "lastModified": 1663104400, + "narHash": "sha256-tWz8UAPrxxR5fiRWIU8vHPHAGpY13dRiD2UgNWrFK1I=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "7d4f0a319943f56b1a277ceae198fc3f77615afe", + "rev": "ae2173f703e8d61de953d48cc40565ba0bc9d5f7", "type": "github" }, "original": { @@ -472,11 +472,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1663034396, - "narHash": "sha256-ySk0Jnsndl/XEHV7daBwUpstZzaiWAlFDmFyPa847do=", + "lastModified": 1663120334, + "narHash": "sha256-6OzKHiEWvvXCmoDZtiUhox8QwhftiU4yfIxhg3psPqQ=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "c796808005d9fa678ca4f2efd4fa835b1679caf1", + "rev": "e4e9f126df09d00e3284dbe79a92768aa898efa1", "type": "github" }, "original": { @@ -583,11 +583,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1663047086, - "narHash": "sha256-gAKeS/8PgVjeBiYiPN0HzKx8GAC4eohHwnrzvDGpNEg=", + "lastModified": 1663122717, + "narHash": "sha256-J+3/eIqCQEJkoJdlSws/5sTl3NmGwV8I8nG8p7BnveY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "bcc5b8857ff078188c738c19b2600c5fcc040632", + "rev": "3ff5deafc470403d5cb7ec8edbc7b21b719d2894", "type": "github" }, "original": { @@ -696,11 +696,11 @@ ] }, "locked": { - "lastModified": 1663003161, - "narHash": "sha256-Og3MM2+Cwz82sRV3AgU5vPRf+QdeFDhG1zv+DMLqagk=", + "lastModified": 1663078836, + "narHash": "sha256-M19944iIibZqxvj04UO9anad4yzbdsUmv0rvUknBV4k=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "fca05c4d80dcd12cbb0d65681279729489a92e68", + "rev": "f56af6f5ee0d0ee5f0d268f677ebc7c814d5c7b2", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 9c801ee8..8ea3198f 100644 --- a/flake.nix +++ b/flake.nix @@ -1,5 +1,5 @@ { - description = "Delft Deployment"; + description = "0x76's infrastructure"; # Based on: # * https://github.com/serokell/pegasus-infra/blob/master/flake.nix @@ -77,8 +77,13 @@ ''; in { - # Make the nixosConfigurations, mostly for vault-secrets - nixosConfigurations = util.mkNixosConfigurations specialArgs nixHosts; + # Make the nixosConfigurations for compat reasons + nixosConfigurations = (import (inputs.colmena + "/src/nix/hive/eval.nix") { + rawFlake = self; + colmenaOptions = import (inputs.colmena + "/src/nix/hive/options.nix"); + colmenaModules = import (inputs.colmena + "/src/nix/hive/modules.nix"); + }).nodes; + # Make the coleman configuration colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el) diff --git a/util.nix b/util.nix index a33e6667..3ac4ea7a 100644 --- a/util.nix +++ b/util.nix @@ -25,23 +25,6 @@ rec { flatten_hosts = hosts: concatLists (attrValues hosts); filter_nix_hosts = hosts: filter ({ nix ? true, ... }: nix) hosts; - mkNixosSystem = specialArgs: { hostname, realm, system ? "x86_64-linux", ... }@host: { - "${hostname}.${realm}" = lib.nixosSystem { - inherit system specialArgs; - modules = - [ - ({ config, pkgs, ... }: { - nixpkgs.overlays = [ (import ./nixos/pkgs) ]; - networking = { - hostName = hostname; - domain = realm; - }; - }) - ] ++ - (resolve_imports host); - }; - }; - mkColmenaHost = { ip ? null, hostname, tags, realm, type ? "lxc", ... }@host: let name = if realm == "thalassa" then hostname else "${hostname}.${realm}"; @@ -61,6 +44,4 @@ rec { }; }; }; - - mkNixosConfigurations = specialArgs: hosts: lib.foldr (el: acc: acc // mkNixosSystem specialArgs el) { } hosts; } -- 2.47.1 From 90e65ad37271582d98cf6d79b236a5b3aa628a9a Mon Sep 17 00:00:00 2001 From: victor Date: Thu, 15 Sep 2022 13:56:32 +0200 Subject: [PATCH 0423/1882] changed to not small release cycle --- flake.lock | 8 ++++---- flake.nix | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index 401fc6cb..02f73c8d 100644 --- a/flake.lock +++ b/flake.lock @@ -583,16 +583,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1663122717, - "narHash": "sha256-J+3/eIqCQEJkoJdlSws/5sTl3NmGwV8I8nG8p7BnveY=", + "lastModified": 1663087123, + "narHash": "sha256-cNIRkF/J4mRxDtNYw+9/fBNq/NOA2nCuPOa3EdIyeDs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3ff5deafc470403d5cb7ec8edbc7b21b719d2894", + "rev": "9608ace7009ce5bc3aeb940095e01553e635cbc7", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable-small", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 8ea3198f..2cfc3caa 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; colmena.url = "github:zhaofengli/colmena"; colmena.inputs.nixpkgs.follows = "nixpkgs"; -- 2.47.1 From 4038a49191ee4c43c5ee087932b1ba3a55f56594 Mon Sep 17 00:00:00 2001 From: victor Date: Fri, 16 Sep 2022 10:17:53 +0200 Subject: [PATCH 0424/1882] updates --- flake.lock | 32 ++++++++++----------- flake.nix | 2 +- nixos/hosts/thalassa/null/configuration.nix | 6 +++- nixos/hosts/thalassa/null/home/default.nix | 12 +++++--- 4 files changed, 30 insertions(+), 22 deletions(-) diff --git a/flake.lock b/flake.lock index 02f73c8d..5c916991 100644 --- a/flake.lock +++ b/flake.lock @@ -365,11 +365,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1663099612, - "narHash": "sha256-ucokjFDRwCFWbcGiqxz0mfHv82UqwyW7RXY6ZgKSl80=", + "lastModified": 1663227421, + "narHash": "sha256-8M2ZQPLQw0CUylKbF8pgDMQ5vxOH4i0rxwUhtPIsf7Q=", "owner": "nix-community", "repo": "home-manager", - "rev": "60c6bfe322944d04bb38e76b64effcbd01258824", + "rev": "5408e27961599b1350b651f88715daf6e67244a7", "type": "github" }, "original": { @@ -384,11 +384,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1663104400, - "narHash": "sha256-tWz8UAPrxxR5fiRWIU8vHPHAGpY13dRiD2UgNWrFK1I=", + "lastModified": 1663169416, + "narHash": "sha256-BGN7XiiLx1D03L5j6OL7WPknxlt5cSejqfR+xQXpv5E=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "ae2173f703e8d61de953d48cc40565ba0bc9d5f7", + "rev": "037d4ed422bb3bb34617f444a360a8abab6863cb", "type": "github" }, "original": { @@ -583,16 +583,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1663087123, - "narHash": "sha256-cNIRkF/J4mRxDtNYw+9/fBNq/NOA2nCuPOa3EdIyeDs=", + "lastModified": 1663311223, + "narHash": "sha256-xWWkGBlgzG+Vpw1Fv62bj2lT+lSa5M6q8eEmNWn8j/0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9608ace7009ce5bc3aeb940095e01553e635cbc7", + "rev": "f5357321bace1f2b8f47868414f9ff420cbef8c3", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable", + "ref": "master", "repo": "nixpkgs", "type": "github" } @@ -769,11 +769,11 @@ ] }, "locked": { - "lastModified": 1662982457, - "narHash": "sha256-FkllT92wW49B9N2Q2p9Yq0luMvrhVcJ5aGfaZnm4mdI=", + "lastModified": 1663155670, + "narHash": "sha256-+bjqtiZEZPjwoBlxlD9C/2Y3WL16u2bMDcu/PNceVMc=", "owner": "serokell", "repo": "serokell.nix", - "rev": "14bd44d7d365cdbb4262eec4d92a8f70b38eaece", + "rev": "e49106cb1aa23d5f2bd8c76625c90c51dd4017bb", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "utils_2": { "locked": { - "lastModified": 1653893745, - "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=", + "lastModified": 1659877975, + "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", "owner": "numtide", "repo": "flake-utils", - "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1", + "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 2cfc3caa..8f539a0a 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:NixOS/nixpkgs/master"; colmena.url = "github:zhaofengli/colmena"; colmena.inputs.nixpkgs.follows = "nixpkgs"; diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 24d88ca5..f04ed3fb 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -80,7 +80,11 @@ in boot.kernelPackages = pkgs.linuxPackages_latest; # Enable networking - networking.networkmanager.enable = true; + networking.networkmanager = { + enable = true; + wifi.backend = "iwd"; + firewallBackend = "nftables"; + }; networking.interfaces.wlp0s20f3.useDHCP = true; fileSystems."/".options = [ "compress=zstd" ]; diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 4dfb35f8..c108ec00 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -77,6 +77,9 @@ programs.firefox = { enable = true; package = pkgs.firefox-devedition-bin; + # profiles.dev-edition-default = { + # isDefault = true; + # }; }; programs.vscode = { @@ -101,11 +104,12 @@ }; }; - programs.zsh.sessionVariables = { - DIRENV_LOG_FORMAT = ""; + programs.zsh = { + enable = true; + sessionVariables = { + DIRENV_LOG_FORMAT = ""; + }; }; - programs.zsh.enable = true; - services.syncthing.enable = true; } -- 2.47.1 From 5876b7b2f99ef66dde2def7899cf05bd2c0323d3 Mon Sep 17 00:00:00 2001 From: victor Date: Fri, 16 Sep 2022 11:32:19 +0200 Subject: [PATCH 0425/1882] split up ci --- .github/workflows/nixos.yml | 69 +++++++++++++++++++++++++++++++++++-- 1 file changed, 66 insertions(+), 3 deletions(-) diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index 3736b324..f059bd03 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -5,7 +5,7 @@ on: branches: [main] jobs: - build: + build-null: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2.3.2 @@ -36,7 +36,71 @@ jobs: - name: "Build NixOS config ❄️" run: | - nix run '.#' build + nix run '.#' build -- --on "null" + build-olympus: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2.3.2 + + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@main + with: + # this might remove tools that are actually needed, + # if set to "true" but frees about 6 GB + tool-cache: true + + # all of these default to true, but feel free to set to + # "false" if necessary for your workflow + android: true + dotnet: true + haskell: true + large-packages: true + swap-storage: true + + - name: "Install Nix ❄️" + uses: cachix/install-nix-action@v15 + + - name: "Install Cachix ❄️" + uses: cachix/cachix-action@v10 + with: + name: 0x76-infra + authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" + + - name: "Build NixOS config ❄️" + run: | + nix run '.#' build -- --on "@olympus" + build-hades: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2.3.2 + + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@main + with: + # this might remove tools that are actually needed, + # if set to "true" but frees about 6 GB + tool-cache: true + + # all of these default to true, but feel free to set to + # "false" if necessary for your workflow + android: true + dotnet: true + haskell: true + large-packages: true + swap-storage: true + + - name: "Install Nix ❄️" + uses: cachix/install-nix-action@v15 + + - name: "Install Cachix ❄️" + uses: cachix/cachix-action@v10 + with: + name: 0x76-infra + authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" + + - name: "Build NixOS config ❄️" + run: | + nix run '.#' build -- --on "@hades" check: runs-on: ubuntu-latest steps: @@ -54,4 +118,3 @@ jobs: - name: "Check NixOS Flake ❄️" run: | nix flake check - -- 2.47.1 From 0e439febdb1a68ffed873c208556d32221997a9a Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 16 Sep 2022 11:10:00 +0200 Subject: [PATCH 0426/1882] disable synapse admin (until fixed) --- nixos/hosts/olympus/nginx/configuration.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index a94d2fea..a7d652bf 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -90,11 +90,11 @@ in }; }; }; - virtualHosts."admin.chat.meowy.tech" = { - enableACME = true; - forceSSL = true; - root = pkgs.synapse-admin; - }; + #virtualHosts."admin.chat.meowy.tech" = { + # enableACME = true; + # forceSSL = true; + # root = pkgs.synapse-admin; + #}; virtualHosts."books.meowy.tech" = proxy "http://bookwyrm:8001"; # Kubernetes endpoints -- 2.47.1 From fe667a27e34857677214503034cc89a2f5dda8e3 Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 18 Sep 2022 10:59:15 +0200 Subject: [PATCH 0427/1882] minor updates --- flake.lock | 19 ++++++++++++++++--- flake.nix | 1 - nixos/common/default.nix | 2 ++ nixos/hosts/thalassa/null/home/default.nix | 4 ++++ 4 files changed, 22 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index 5c916991..7b10a51c 100644 --- a/flake.lock +++ b/flake.lock @@ -643,6 +643,21 @@ "type": "indirect" } }, + "nixpkgs_6": { + "locked": { + "lastModified": 1663491030, + "narHash": "sha256-MVsfBhE9US5DvLtBAaTRjwYdv1tLO8xjahM8qLXTgTo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "767542707d394ff15ac1981e903e005ba69528b5", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "type": "github" + } + }, "poetry2nix": { "flake": false, "locked": { @@ -887,9 +902,7 @@ "webcord": { "inputs": { "dream2nix": "dream2nix", - "nixpkgs": [ - "nixpkgs" - ], + "nixpkgs": "nixpkgs_6", "webcord": "webcord_2" }, "locked": { diff --git a/flake.nix b/flake.nix index 8f539a0a..f6f9a31a 100644 --- a/flake.nix +++ b/flake.nix @@ -31,7 +31,6 @@ riff.inputs.nixpkgs.follows = "nixpkgs"; webcord.url = "github:fufexan/webcord-flake"; - webcord.inputs.nixpkgs.follows = "nixpkgs"; }; outputs = diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 4b4bbf7c..65343dcf 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -28,6 +28,7 @@ "https://colmena.cachix.org" "https://hyprland.cachix.org" "https://0x76-infra.cachix.org" + "https://webcord.cachix.org" ]; trusted-public-keys = [ "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=" @@ -36,6 +37,7 @@ "colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg=" "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" "0x76-infra.cachix.org-1:dC1qp+VEN3jj5pdK4URlXR9hf3atT+MnpKGu6PZjMc8=" + "webcord.cachix.org-1:l555jqOZGHd2C9+vS8ccdh8FhqnGe8L78QrHNn+EFEs=" ]; # Also use zsh for root; }; diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index c108ec00..ed488f7c 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -87,13 +87,17 @@ package = pkgs.vscode; extensions = with pkgs.vscode-extensions; [ catppuccin.catppuccin-vsc + codezombiech.gitignore + editorconfig.editorconfig james-yu.latex-workshop jnoortheen.nix-ide matklad.rust-analyzer mkhl.direnv + ms-vscode.cpptools tamasfe.even-better-toml valentjn.vscode-ltex vscodevim.vim + xaver.clang-format ]; }; -- 2.47.1 From 6a75ee08fb7b2ae1c1dbbd4a74bcb9b49cc97a06 Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 18 Sep 2022 16:24:11 +0200 Subject: [PATCH 0428/1882] switch to unstable and update --- flake.lock | 32 ++++++++++++++++---------------- flake.nix | 2 +- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/flake.lock b/flake.lock index 7b10a51c..5ba8b64f 100644 --- a/flake.lock +++ b/flake.lock @@ -365,11 +365,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1663227421, - "narHash": "sha256-8M2ZQPLQw0CUylKbF8pgDMQ5vxOH4i0rxwUhtPIsf7Q=", + "lastModified": 1663328500, + "narHash": "sha256-7n+J/exp8ky4dmk02y5a9R7CGmJvHpzrHMzfEkMtSWA=", "owner": "nix-community", "repo": "home-manager", - "rev": "5408e27961599b1350b651f88715daf6e67244a7", + "rev": "5427f3d1f0ea4357cd4af0bffee7248d640c6ffc", "type": "github" }, "original": { @@ -384,11 +384,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1663169416, - "narHash": "sha256-BGN7XiiLx1D03L5j6OL7WPknxlt5cSejqfR+xQXpv5E=", + "lastModified": 1663501249, + "narHash": "sha256-OyLmS7oSM1VQvXXMD0PwuKoWpp+eWRYqBPQijaWrnZA=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "037d4ed422bb3bb34617f444a360a8abab6863cb", + "rev": "dd61f88ed15ab81d634652eed66bdd7e18834863", "type": "github" }, "original": { @@ -472,11 +472,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1663120334, - "narHash": "sha256-6OzKHiEWvvXCmoDZtiUhox8QwhftiU4yfIxhg3psPqQ=", + "lastModified": 1663466786, + "narHash": "sha256-qO9osT6CrHP9/BJzMWa3uYrx6o7rX0Y96mjNsnXzGlg=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "e4e9f126df09d00e3284dbe79a92768aa898efa1", + "rev": "b75d8aea17cb8a6ea3b4bf60de9b6abb929b783a", "type": "github" }, "original": { @@ -583,16 +583,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1663311223, - "narHash": "sha256-xWWkGBlgzG+Vpw1Fv62bj2lT+lSa5M6q8eEmNWn8j/0=", + "lastModified": 1663357389, + "narHash": "sha256-oYA2nVRSi6yhCBqS5Vz465Hw+3BQOVFEhfbfy//3vTs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f5357321bace1f2b8f47868414f9ff420cbef8c3", + "rev": "da6a05816e7fa5226c3f61e285ef8d9dfc868f3c", "type": "github" }, "original": { "owner": "NixOS", - "ref": "master", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -645,11 +645,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1663491030, - "narHash": "sha256-MVsfBhE9US5DvLtBAaTRjwYdv1tLO8xjahM8qLXTgTo=", + "lastModified": 1661764827, + "narHash": "sha256-Egl04VI8AZM6v8+itBcZQa+6v1hWZCT5ELaxdiMbrOw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "767542707d394ff15ac1981e903e005ba69528b5", + "rev": "9634ca8deaa3b79032debbcade7ef8910edf811e", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index f6f9a31a..b8a0eea5 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/master"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; colmena.url = "github:zhaofengli/colmena"; colmena.inputs.nixpkgs.follows = "nixpkgs"; -- 2.47.1 From 4796586bf85f73e07ab62a8a29268532718ef4ec Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 19 Sep 2022 15:58:42 +0200 Subject: [PATCH 0429/1882] nix flake update --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 5ba8b64f..c2e6a5ac 100644 --- a/flake.lock +++ b/flake.lock @@ -35,11 +35,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1662079751, - "narHash": "sha256-XdhfCDhH+AYZg6uHw8Sd9+V7BmqZWZZ//99VFTrDyhM=", + "lastModified": 1663544837, + "narHash": "sha256-ky22sKvzaaeJNsAgRECccGwKp9/Dd7Ggayv+4Aqa7CI=", "owner": "zhaofengli", "repo": "colmena", - "rev": "52b594a167266d25b13690361231acd3e731a690", + "rev": "8b06bb108eec7d63f527a8d6681fcc497f476895", "type": "github" }, "original": { @@ -384,11 +384,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1663501249, - "narHash": "sha256-OyLmS7oSM1VQvXXMD0PwuKoWpp+eWRYqBPQijaWrnZA=", + "lastModified": 1663584251, + "narHash": "sha256-ep1/IgA6kVkA6DQ4qNOCVFgz/Jh3J8RCVzp5XvmSZ3A=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "dd61f88ed15ab81d634652eed66bdd7e18834863", + "rev": "abb6db9c379737bf36009f0de35cfd8f1198852f", "type": "github" }, "original": { @@ -472,11 +472,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1663466786, - "narHash": "sha256-qO9osT6CrHP9/BJzMWa3uYrx6o7rX0Y96mjNsnXzGlg=", + "lastModified": 1663552861, + "narHash": "sha256-Xum3e8K1o1VRua52TwKxXPSUGHWeSqFpg9edsiO9VpU=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "b75d8aea17cb8a6ea3b4bf60de9b6abb929b783a", + "rev": "3a36fab5c690e0750fb6a9a3c53ecc5284bf70ba", "type": "github" }, "original": { @@ -583,11 +583,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1663357389, - "narHash": "sha256-oYA2nVRSi6yhCBqS5Vz465Hw+3BQOVFEhfbfy//3vTs=", + "lastModified": 1663494472, + "narHash": "sha256-fSowlaoXXWcAM8m9wA6u+eTJJtvruYHMA+Lb/tFi/qM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "da6a05816e7fa5226c3f61e285ef8d9dfc868f3c", + "rev": "f677051b8dc0b5e2a9348941c99eea8c4b0ff28f", "type": "github" }, "original": { @@ -784,11 +784,11 @@ ] }, "locked": { - "lastModified": 1663155670, - "narHash": "sha256-+bjqtiZEZPjwoBlxlD9C/2Y3WL16u2bMDcu/PNceVMc=", + "lastModified": 1663574694, + "narHash": "sha256-X+lVHZ4K9lzWfFtkkbIvYUSjMaFN8BGsP1lLiS3A0Ts=", "owner": "serokell", "repo": "serokell.nix", - "rev": "e49106cb1aa23d5f2bd8c76625c90c51dd4017bb", + "rev": "cc64abca932254f2e1c362e926d01472a2790ed1", "type": "github" }, "original": { -- 2.47.1 From 3c5554c2c56bd78304e2202c7673f66a72080376 Mon Sep 17 00:00:00 2001 From: victor Date: Tue, 20 Sep 2022 00:44:26 +0200 Subject: [PATCH 0430/1882] laptop updates --- flake.lock | 12 ++++++------ nixos/hosts/thalassa/null/configuration.nix | 2 +- nixos/hosts/thalassa/null/home/default.nix | 3 +++ 3 files changed, 10 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index c2e6a5ac..25b8e287 100644 --- a/flake.lock +++ b/flake.lock @@ -365,11 +365,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1663328500, - "narHash": "sha256-7n+J/exp8ky4dmk02y5a9R7CGmJvHpzrHMzfEkMtSWA=", + "lastModified": 1663619079, + "narHash": "sha256-xdv2knlxIHIlOMqaSXhvJlMoruE13ZV5WpNfRmKUk1E=", "owner": "nix-community", "repo": "home-manager", - "rev": "5427f3d1f0ea4357cd4af0bffee7248d640c6ffc", + "rev": "df79df8be10bc54d79118ac6167a92b779344228", "type": "github" }, "original": { @@ -384,11 +384,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1663584251, - "narHash": "sha256-ep1/IgA6kVkA6DQ4qNOCVFgz/Jh3J8RCVzp5XvmSZ3A=", + "lastModified": 1663618128, + "narHash": "sha256-E/TgcXiKhVynyc68bBKm1NuQYQ6sqwI9W7UBA3ohBwY=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "abb6db9c379737bf36009f0de35cfd8f1198852f", + "rev": "a8943246a79faff415f2da7e210e80ae51b00d95", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index f04ed3fb..306c6812 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -85,7 +85,7 @@ in wifi.backend = "iwd"; firewallBackend = "nftables"; }; - networking.interfaces.wlp0s20f3.useDHCP = true; + # networking.interfaces.wlp0s20f3.useDHCP = true; fileSystems."/".options = [ "compress=zstd" ]; # Filesystem dedup diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index ed488f7c..8ed84731 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -14,6 +14,7 @@ home.packages = with pkgs; [ brightnessctl + btop calibre element-desktop-wayland fluxcd @@ -32,6 +33,7 @@ libnotify neofetch nixpkgs-review + pulseview python3 retroarchFull ripgrep @@ -39,6 +41,7 @@ rsync rust-analyzer rustup + saleae-logic-2 solo2-cli steam-run texlive.combined.scheme-full -- 2.47.1 From 7871b2f1b4178f60829d65f2eab6a81690d15167 Mon Sep 17 00:00:00 2001 From: victor Date: Tue, 20 Sep 2022 11:24:06 +0200 Subject: [PATCH 0431/1882] minor changes --- .../hosts/olympus/hedgedoc/configuration.nix | 27 ++++++++-------- nixos/hosts/thalassa/null/configuration.nix | 4 --- nixos/hosts/thalassa/null/home/hyprland.nix | 31 +++++++++++++------ 3 files changed, 35 insertions(+), 27 deletions(-) diff --git a/nixos/hosts/olympus/hedgedoc/configuration.nix b/nixos/hosts/olympus/hedgedoc/configuration.nix index 1f06d8df..3856ad0e 100644 --- a/nixos/hosts/olympus/hedgedoc/configuration.nix +++ b/nixos/hosts/olympus/hedgedoc/configuration.nix @@ -76,19 +76,20 @@ in secretKey = "$MINIO_SECRET_KEY"; }; email = true; - oauth2 = let url = "https://id.0x76.dev"; in - { - providerName = "authentik"; - clientID = "$AUTHENTIK_CLIENTID"; - clientSecret = "$AUTHENTIK_CLIENTSECRET"; - scope = "openid email profile"; - userProfileURL = "${url}/application/o/userinfo/"; - tokenURL = "${url}/application/o/token/"; - authorizationURL = "${url}/application/o/authorize/"; - userProfileUsernameAttr = "preferred_username"; - userProfileDisplayNameAttr = "name"; - userProfileEmailAttr = "email"; - }; + # Disable until fixed + # oauth2 = let url = "https://id.0x76.dev"; in + # { + # providerName = "authentik"; + # clientID = "$AUTHENTIK_CLIENTID"; + # clientSecret = "$AUTHENTIK_CLIENTSECRET"; + # scope = "openid email profile"; + # userProfileURL = "${url}/application/o/userinfo/"; + # tokenURL = "${url}/application/o/token/"; + # authorizationURL = "${url}/application/o/authorize/"; + # userProfileUsernameAttr = "preferred_username"; + # userProfileDisplayNameAttr = "name"; + # userProfileEmailAttr = "email"; + # }; }; }; } diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 306c6812..eb08f21e 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -85,7 +85,6 @@ in wifi.backend = "iwd"; firewallBackend = "nftables"; }; - # networking.interfaces.wlp0s20f3.useDHCP = true; fileSystems."/".options = [ "compress=zstd" ]; # Filesystem dedup @@ -123,9 +122,6 @@ in portal = { enable = true; wlr.enable = true; - extraPortals = with pkgs; [ - # xdg-desktop-portal-gtk - ]; }; }; services.dbus.enable = true; diff --git a/nixos/hosts/thalassa/null/home/hyprland.nix b/nixos/hosts/thalassa/null/home/hyprland.nix index d2137205..45b24675 100644 --- a/nixos/hosts/thalassa/null/home/hyprland.nix +++ b/nixos/hosts/thalassa/null/home/hyprland.nix @@ -71,16 +71,27 @@ bind=SUPER,9,workspace,9 bind=SUPER,0,workspace,10 - bind=SUPERSHIFT,1,movetoworkspace,1 - bind=SUPERSHIFT,2,movetoworkspace,2 - bind=SUPERSHIFT,3,movetoworkspace,3 - bind=SUPERSHIFT,4,movetoworkspace,4 - bind=SUPERSHIFT,5,movetoworkspace,5 - bind=SUPERSHIFT,6,movetoworkspace,6 - bind=SUPERSHIFT,7,movetoworkspace,7 - bind=SUPERSHIFT,8,movetoworkspace,8 - bind=SUPERSHIFT,9,movetoworkspace,9 - bind=SUPERSHIFT,0,movetoworkspace,10 + bind=ALT,1,movetoworkspace,1 + bind=ALT,2,movetoworkspace,2 + bind=ALT,3,movetoworkspace,3 + bind=ALT,4,movetoworkspace,4 + bind=ALT,5,movetoworkspace,5 + bind=ALT,6,movetoworkspace,6 + bind=ALT,7,movetoworkspace,7 + bind=ALT,8,movetoworkspace,8 + bind=ALT,9,movetoworkspace,9 + bind=ALT,0,movetoworkspace,10 + + bind=SUPERSHIFT,1,movetoworkspacesilent,1 + bind=SUPERSHIFT,2,movetoworkspacesilent,2 + bind=SUPERSHIFT,3,movetoworkspacesilent,3 + bind=SUPERSHIFT,4,movetoworkspacesilent,4 + bind=SUPERSHIFT,5,movetoworkspacesilent,5 + bind=SUPERSHIFT,6,movetoworkspacesilent,6 + bind=SUPERSHIFT,7,movetoworkspacesilent,7 + bind=SUPERSHIFT,8,movetoworkspacesilent,8 + bind=SUPERSHIFT,9,movetoworkspacesilent,9 + bind=SUPERSHIFT,0,movetoworkspacesilent,10 bind=SUPER,mouse_down,workspace,e+1 bind=SUPER,mouse_up,workspace,e-1 -- 2.47.1 From f23437064d32665d8e2d19e5f243cd8c0d10613a Mon Sep 17 00:00:00 2001 From: victor Date: Tue, 20 Sep 2022 14:33:24 +0200 Subject: [PATCH 0432/1882] add outline --- flake.lock | 12 +- nixos/hosts/olympus/default.nix | 13 +- nixos/hosts/olympus/outline/configuration.nix | 22 ++ nixos/hosts/thalassa/null/home/default.nix | 1 + nixos/hosts/thalassa/null/home/hyprland.nix | 189 ++++++++++-------- 5 files changed, 140 insertions(+), 97 deletions(-) create mode 100644 nixos/hosts/olympus/outline/configuration.nix diff --git a/flake.lock b/flake.lock index 25b8e287..67da7501 100644 --- a/flake.lock +++ b/flake.lock @@ -365,11 +365,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1663619079, - "narHash": "sha256-xdv2knlxIHIlOMqaSXhvJlMoruE13ZV5WpNfRmKUk1E=", + "lastModified": 1663629861, + "narHash": "sha256-CjfQUyPfG/hkE4jnMcTvVJ0ubc84u8ySruZL+emXMjw=", "owner": "nix-community", "repo": "home-manager", - "rev": "df79df8be10bc54d79118ac6167a92b779344228", + "rev": "41790ba656bafc023f48ccdbbe7816d30fd52d76", "type": "github" }, "original": { @@ -384,11 +384,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1663618128, - "narHash": "sha256-E/TgcXiKhVynyc68bBKm1NuQYQ6sqwI9W7UBA3ohBwY=", + "lastModified": 1663665418, + "narHash": "sha256-FfHLjo7Cz1U0GRKaGwmBOrbv25LhFfKXkLaJ/PCelHY=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "a8943246a79faff415f2da7e210e80ae51b00d95", + "rev": "cde624ec6a98b751e67967cbaffd68b1215e8531", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 4a50db6a..56dc527f 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -16,6 +16,7 @@ hostname = "dhcp"; ip = "10.42.42.3"; mac = "3E:2D:E8:AA:E2:81"; + tags = [ "networking" ]; } { hostname = "bastion"; @@ -61,22 +62,24 @@ mac = "74:40:be:48:85:a4"; nix = false; } - # { - # ip = "10.42.42.14"; - # } + { + hostname = "outline"; + mac = "52:13:EB:FD:87:F0"; + ip = "10.42.42.14"; + } { hostname = "dns-1"; profile = "dns"; ip = "10.42.42.15"; mac = "5E:F6:36:23:16:E3"; - tags = [ "dns" ]; + tags = [ "dns" "networking" ]; } { hostname = "dns-2"; profile = "dns"; ip = "10.42.42.16"; mac = "B6:04:0B:CD:0F:9F"; - tags = [ "dns" ]; + tags = [ "dns" "networking" ]; } { hostname = "minio"; diff --git a/nixos/hosts/olympus/outline/configuration.nix b/nixos/hosts/olympus/outline/configuration.nix new file mode 100644 index 00000000..e660f641 --- /dev/null +++ b/nixos/hosts/olympus/outline/configuration.nix @@ -0,0 +1,22 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ ]; +} diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 8ed84731..37ab426d 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -32,6 +32,7 @@ kubectl libnotify neofetch + networkmanagerapplet nixpkgs-review pulseview python3 diff --git a/nixos/hosts/thalassa/null/home/hyprland.nix b/nixos/hosts/thalassa/null/home/hyprland.nix index 45b24675..59506520 100644 --- a/nixos/hosts/thalassa/null/home/hyprland.nix +++ b/nixos/hosts/thalassa/null/home/hyprland.nix @@ -5,105 +5,122 @@ wallpaper = eDP-1,~/cloud/Pictures/Wallpapers-Laptop/wallpaper-nix-pink.png ''; - wayland.windowManager.hyprland = { - enable = true; - extraConfig = '' - exec-once=${pkgs.hyprpaper}/bin/hyprpaper - exec-once=hyprctl setcursor Catppuccin-Frappe-Pink-Cursors 32 - exec-once=${pkgs.xsettingsd}/bin/xsettingsd & - exec-once=foot --server & - exec-once=eww daemon - exec-once=eww open bar - - monitor=eDP-1,1920x1080@60,0x0,1 - monitor=eDP-1,addreserved,0,0,48,0 - monitor=,preferred,auto,1 + wayland.windowManager.hyprland = + let + startup-script = pkgs.writeScriptBin "startup" '' + #!${pkgs.stdenv.shell} + hyprctl setcursor Catppuccin-Frappe-Pink-Cursors 32 + ${pkgs.hyprpaper}/bin/hyprpaper & + ${pkgs.xsettingsd}/bin/xsettingsd & + foot --server & + eww daemon & + eww open bar & + firefox-devedition & + webcord & + element-desktop & + ''; + in + { + enable = true; + extraConfig = '' + monitor=eDP-1,1920x1080@60,0x0,1 + monitor=eDP-1,addreserved,0,0,48,0 + monitor=,preferred,auto,1 - general { - layout = dwindle - col.active_border = 0xfff4b8e4 - } + windowrulev2 = workspace 1,class:^(Electron)$,title:^(.*)(WebCord)(.*)$ + windowrulev2 = workspace 1,title:^(Element)(.*)$ + windowrulev2 = workspace 2,class:^(firefox-aurora)$ - input { - kb_options=caps:escape - touchpad { - natural_scroll= true + general { + layout = dwindle + col.active_border = 0xfff4b8e4 } - } - gestures { - workspace_swipe = true - } + input { + kb_options=caps:escape + touchpad { + natural_scroll= true + } + } - misc { - no_vfr = false - disable_hyprland_logo = true - disable_splash_rendering = true - } + gestures { + workspace_swipe = true + } - dwindle { - pseudotile=true - } + misc { + no_vfr = false + disable_hyprland_logo = true + disable_splash_rendering = true + } - bind=SUPER,RETURN,exec,footclient - bind=SUPER,f,exec,firefox-devedition - bind=SUPER,d,exec,wofi --show run,drun + dwindle { + pseudotile=true + } - bind=,Print,exec,grim -g "$(slurp)" - | wl-copy -t image/png - bind=SUPER,W,killactive, - bind=SUPERSHIFT,Q,exit, - bind=SUPER,S,togglefloating, - bind=SUPER,P,pseudo, + bind=SUPER,RETURN,exec,footclient + bind=SUPER,f,exec,firefox-devedition + bind=SUPER,d,exec,wofi --show run,drun - bind=SUPER,left,movefocus,l - bind=SUPER,right,movefocus,r - bind=SUPER,up,movefocus,u - bind=SUPER,down,movefocus,d + bind=,Print,exec,grim -g "$(slurp)" - | wl-copy -t image/png + bind=SUPER,W,killactive, + bind=SUPERSHIFT,Q,exit, + bind=SUPER,S,togglefloating, + bind=SUPER,P,pseudo, - bind=SUPER,1,workspace,1 - bind=SUPER,2,workspace,2 - bind=SUPER,3,workspace,3 - bind=SUPER,4,workspace,4 - bind=SUPER,5,workspace,5 - bind=SUPER,6,workspace,6 - bind=SUPER,7,workspace,7 - bind=SUPER,8,workspace,8 - bind=SUPER,9,workspace,9 - bind=SUPER,0,workspace,10 + bind=SUPER,left,movefocus,l + bind=SUPER,right,movefocus,r + bind=SUPER,up,movefocus,u + bind=SUPER,down,movefocus,d - bind=ALT,1,movetoworkspace,1 - bind=ALT,2,movetoworkspace,2 - bind=ALT,3,movetoworkspace,3 - bind=ALT,4,movetoworkspace,4 - bind=ALT,5,movetoworkspace,5 - bind=ALT,6,movetoworkspace,6 - bind=ALT,7,movetoworkspace,7 - bind=ALT,8,movetoworkspace,8 - bind=ALT,9,movetoworkspace,9 - bind=ALT,0,movetoworkspace,10 + bind=SUPER,1,workspace,1 + bind=SUPER,2,workspace,2 + bind=SUPER,3,workspace,3 + bind=SUPER,4,workspace,4 + bind=SUPER,5,workspace,5 + bind=SUPER,6,workspace,6 + bind=SUPER,7,workspace,7 + bind=SUPER,8,workspace,8 + bind=SUPER,9,workspace,9 + bind=SUPER,0,workspace,10 + bind=SUPER,grave,togglespecialworkspace - bind=SUPERSHIFT,1,movetoworkspacesilent,1 - bind=SUPERSHIFT,2,movetoworkspacesilent,2 - bind=SUPERSHIFT,3,movetoworkspacesilent,3 - bind=SUPERSHIFT,4,movetoworkspacesilent,4 - bind=SUPERSHIFT,5,movetoworkspacesilent,5 - bind=SUPERSHIFT,6,movetoworkspacesilent,6 - bind=SUPERSHIFT,7,movetoworkspacesilent,7 - bind=SUPERSHIFT,8,movetoworkspacesilent,8 - bind=SUPERSHIFT,9,movetoworkspacesilent,9 - bind=SUPERSHIFT,0,movetoworkspacesilent,10 + bind=ALT,1,movetoworkspace,1 + bind=ALT,2,movetoworkspace,2 + bind=ALT,3,movetoworkspace,3 + bind=ALT,4,movetoworkspace,4 + bind=ALT,5,movetoworkspace,5 + bind=ALT,6,movetoworkspace,6 + bind=ALT,7,movetoworkspace,7 + bind=ALT,8,movetoworkspace,8 + bind=ALT,9,movetoworkspace,9 + bind=ALT,0,movetoworkspace,10 + bind=ALT,grave,movetoworkspace,special - bind=SUPER,mouse_down,workspace,e+1 - bind=SUPER,mouse_up,workspace,e-1 + bind=SUPERSHIFT,1,movetoworkspacesilent,1 + bind=SUPERSHIFT,2,movetoworkspacesilent,2 + bind=SUPERSHIFT,3,movetoworkspacesilent,3 + bind=SUPERSHIFT,4,movetoworkspacesilent,4 + bind=SUPERSHIFT,5,movetoworkspacesilent,5 + bind=SUPERSHIFT,6,movetoworkspacesilent,6 + bind=SUPERSHIFT,7,movetoworkspacesilent,7 + bind=SUPERSHIFT,8,movetoworkspacesilent,8 + bind=SUPERSHIFT,9,movetoworkspacesilent,9 + bind=SUPERSHIFT,0,movetoworkspacesilent,10 + bind=SUPERSHIFT,grave,movetoworkspacesilent,special - bind=SUPER,g,togglegroup - bind=SUPER,tab,changegroupactive + bind=SUPER,mouse_down,workspace,e+1 + bind=SUPER,mouse_up,workspace,e-1 - bind=,XF86MonBrightnessUp,exec,brightnessctl -q s +5% - bind=,XF86MonBrightnessDown,exec,brightnessctl -q s 5%- - bind=,XF86MonRaiseVolume,exec,pamixer -i 5 - bind=,XF86MonLowerVolume,exec,pamixer -d 5 - bind=,XF86AudioMute,exec,pamixer -t - ''; - }; + bind=SUPER,g,togglegroup + bind=SUPER,tab,changegroupactive + + bind=,XF86MonBrightnessUp,exec,brightnessctl -q s +5% + bind=,XF86MonBrightnessDown,exec,brightnessctl -q s 5%- + bind=,XF86MonRaiseVolume,exec,pamixer -i 5 + bind=,XF86MonLowerVolume,exec,pamixer -d 5 + bind=,XF86AudioMute,exec,pamixer -t + + exec-once=${startup-script}/bin/startup + ''; + }; } -- 2.47.1 From 87dcf548293293ee820fb7d5cd20cfe39c34da3d Mon Sep 17 00:00:00 2001 From: victor Date: Tue, 20 Sep 2022 16:38:57 +0200 Subject: [PATCH 0433/1882] prep outline --- flake.lock | 18 ++++++------- flake.nix | 6 ++--- nixos/hosts/olympus/nginx/configuration.nix | 1 + nixos/hosts/olympus/outline/configuration.nix | 26 +++++++++++++++++-- 4 files changed, 37 insertions(+), 14 deletions(-) diff --git a/flake.lock b/flake.lock index 67da7501..e675dc32 100644 --- a/flake.lock +++ b/flake.lock @@ -384,11 +384,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1663665418, - "narHash": "sha256-FfHLjo7Cz1U0GRKaGwmBOrbv25LhFfKXkLaJ/PCelHY=", + "lastModified": 1663672654, + "narHash": "sha256-AGaTUx0YCCzDfizsZnE7R6GqLwSKo7GF1/jkOrqIk1c=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "cde624ec6a98b751e67967cbaffd68b1215e8531", + "rev": "2dd1661aec80f216a53b897be11ab72611447247", "type": "github" }, "original": { @@ -583,16 +583,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1663494472, - "narHash": "sha256-fSowlaoXXWcAM8m9wA6u+eTJJtvruYHMA+Lb/tFi/qM=", - "owner": "NixOS", + "lastModified": 1663683373, + "narHash": "sha256-TnMwg3MLwUecBjT2SM9CKLqEODG9vfjvDK7qNTGDJJs=", + "owner": "NULLx76", "repo": "nixpkgs", - "rev": "f677051b8dc0b5e2a9348941c99eea8c4b0ff28f", + "rev": "167edcba5042e9e6099844cbef2cae3c1c2b3170", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixos-unstable", + "owner": "NULLx76", + "ref": "0x76", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index b8a0eea5..c8a5f610 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:NULLx76/nixpkgs/0x76"; colmena.url = "github:zhaofengli/colmena"; colmena.inputs.nixpkgs.follows = "nixpkgs"; @@ -113,8 +113,8 @@ nixfmt nixUnstable vault - # (vault-push-approle-envs self) - # (vault-push-approle-approles self) + (vault-push-approle-envs self {}) + (vault-push-approles self {}) ]; }; }; diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index a7d652bf..457ab4a5 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -56,6 +56,7 @@ in virtualHosts."git.0x76.dev" = proxy "http://gitea.olympus:3000"; virtualHosts."o.0x76.dev" = proxy "http://minio.olympus:9000"; virtualHosts."grafana.0x76.dev" = proxy "http://victoriametrics.olympus:2342"; + virtualHosts."outline.0x76.dev" = proxy "http://outline.olympus:3000"; virtualHosts."andreea.redshifts.xyz" = proxy "http://zmeura.olympus:8008"; # Meow diff --git a/nixos/hosts/olympus/outline/configuration.nix b/nixos/hosts/olympus/outline/configuration.nix index e660f641..c411d072 100644 --- a/nixos/hosts/olympus/outline/configuration.nix +++ b/nixos/hosts/olympus/outline/configuration.nix @@ -3,7 +3,7 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: - +let vs = config.vault-secrets.secrets; in { imports = [ ]; @@ -18,5 +18,27 @@ # Additional packages environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ ]; + networking.firewall.allowedTCPPorts = [ + config.services.outline.port + ]; + + vault-secrets.secrets.outline = { }; + + services.outline = { + enable = false; + concurrency = 1; + port = 3000; + redisUrl = "local"; + databaseUrl = "local"; + publicUrl = "https://outline.0x76.dev"; + utilsSecretFile = "${vs.outline}/utilsSecret"; + secretKeyFile = "${vs.outline}/secretKey"; + storage = { + accessKey = "outline"; + secretKeyFile = "${vs.outline}/s3key"; + uploadBucketUrl = "https://o.0x76.dev"; + uploadBucketName = "outline"; + region = "us-east-1"; # fake + }; + }; } -- 2.47.1 From a2b4bc6fc3ab31c510579b4415243b8f78ec242f Mon Sep 17 00:00:00 2001 From: victor Date: Tue, 20 Sep 2022 17:20:13 +0200 Subject: [PATCH 0434/1882] minor updates --- flake.lock | 6 +++--- nixos/hosts/thalassa/null/home/theme.nix | 2 ++ 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index e675dc32..34c3e047 100644 --- a/flake.lock +++ b/flake.lock @@ -384,11 +384,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1663672654, - "narHash": "sha256-AGaTUx0YCCzDfizsZnE7R6GqLwSKo7GF1/jkOrqIk1c=", + "lastModified": 1663684433, + "narHash": "sha256-4uez/XpzLZ+qpQtwt3Ioa2+fOfhZExftlmGB798huJ4=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "2dd1661aec80f216a53b897be11ab72611447247", + "rev": "6f98b3cbd8c1b3eda02321e49b65cbec34ae0aa9", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/null/home/theme.nix b/nixos/hosts/thalassa/null/home/theme.nix index 41e9b218..ae23612c 100644 --- a/nixos/hosts/thalassa/null/home/theme.nix +++ b/nixos/hosts/thalassa/null/home/theme.nix @@ -60,6 +60,8 @@ in # Note, pink and blue are switched programs.foot.settings.colors = { + alpha = 0.8; + foreground = colour.text; # Text background = colour.base; # Base regular0 = colour.surface1; # Surface 1 -- 2.47.1 From de2f4572e058480809c1e2ad643c6fd5c63d7e38 Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 21 Sep 2022 09:51:08 +0200 Subject: [PATCH 0435/1882] try outline --- flake.lock | 54 +++++++++---------- nixos/hosts/olympus/outline/configuration.nix | 2 +- nixos/hosts/thalassa/null/configuration.nix | 8 +++ nixos/hosts/thalassa/null/home/default.nix | 2 + 4 files changed, 38 insertions(+), 28 deletions(-) diff --git a/flake.lock b/flake.lock index 34c3e047..c90563d2 100644 --- a/flake.lock +++ b/flake.lock @@ -35,11 +35,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1663544837, - "narHash": "sha256-ky22sKvzaaeJNsAgRECccGwKp9/Dd7Ggayv+4Aqa7CI=", + "lastModified": 1663742427, + "narHash": "sha256-1gcXLVbZRVbRfNo6bHemNxdnEBgs6W0QPw675/uso3w=", "owner": "zhaofengli", "repo": "colmena", - "rev": "8b06bb108eec7d63f527a8d6681fcc497f476895", + "rev": "a8e6b999cfec9fadc2ca81994da44182e73be7eb", "type": "github" }, "original": { @@ -51,11 +51,11 @@ "crane": { "flake": false, "locked": { - "lastModified": 1654444508, - "narHash": "sha256-4OBvQ4V7jyt7afs6iKUvRzJ1u/9eYnKzVQbeQdiamuY=", + "lastModified": 1661875961, + "narHash": "sha256-f1h/2c6Teeu1ofAHWzrS8TwBPcnN+EEu+z1sRVmMQTk=", "owner": "ipetkov", "repo": "crane", - "rev": "db5482bf225acc3160899124a1df5a617cfa27b5", + "rev": "d9f394e4e20e97c2a60c3ad82c2b6ef99be19e24", "type": "github" }, "original": { @@ -115,11 +115,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1661948914, - "narHash": "sha256-596RJgybMFUOWKkoMehqT5a7XuR6JkJg5zyqX/t1LuY=", + "lastModified": 1663678795, + "narHash": "sha256-SkROcpe7lb46fpBnwMYooExP6WqttsRPeao1d9ykHho=", "owner": "nix-community", "repo": "dream2nix", - "rev": "dc3530785e7388398c40c2b4f5893a674b8bd557", + "rev": "0f3b6c5dd1630d601ae6f456421b4dfed178f260", "type": "github" }, "original": { @@ -384,11 +384,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1663684433, - "narHash": "sha256-4uez/XpzLZ+qpQtwt3Ioa2+fOfhZExftlmGB798huJ4=", + "lastModified": 1663708982, + "narHash": "sha256-FfWGRoZ9IRNz9Z2IhN3Onh7EqUbaE1cT7IMiQ/fGcbs=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "6f98b3cbd8c1b3eda02321e49b65cbec34ae0aa9", + "rev": "8b11a2e1b15a8e05a308a64b075ee7c9d612e6cc", "type": "github" }, "original": { @@ -583,11 +583,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1663683373, - "narHash": "sha256-TnMwg3MLwUecBjT2SM9CKLqEODG9vfjvDK7qNTGDJJs=", + "lastModified": 1663746095, + "narHash": "sha256-9PkHJey7IV2UyYWmOFsIgfZuRKGvCFKHrctT+oxx3AA=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "167edcba5042e9e6099844cbef2cae3c1c2b3170", + "rev": "bfa175724299a496e1d2206a719b112bf0cc719a", "type": "github" }, "original": { @@ -645,11 +645,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1661764827, - "narHash": "sha256-Egl04VI8AZM6v8+itBcZQa+6v1hWZCT5ELaxdiMbrOw=", + "lastModified": 1663684946, + "narHash": "sha256-2+miCrlBWC3ELfz862mJ4U8qQyfiD+XLzD9p6k/WzCs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9634ca8deaa3b79032debbcade7ef8910edf811e", + "rev": "0d7222c92f0503d15176281c7182d2782dc1b6da", "type": "github" }, "original": { @@ -711,11 +711,11 @@ ] }, "locked": { - "lastModified": 1663078836, - "narHash": "sha256-M19944iIibZqxvj04UO9anad4yzbdsUmv0rvUknBV4k=", + "lastModified": 1663690158, + "narHash": "sha256-VGZZ5IalluqoqieO0bJ4UzqzWwvTvjnoOy6/ytyDVjE=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "f56af6f5ee0d0ee5f0d268f677ebc7c814d5c7b2", + "rev": "427806e44bee9930df6b32d91ac6b559c40d4b57", "type": "github" }, "original": { @@ -906,11 +906,11 @@ "webcord": "webcord_2" }, "locked": { - "lastModified": 1662959566, - "narHash": "sha256-rajDG3utME/F6TdwIUPs44soARIx59+NOZPNCJzeUqA=", + "lastModified": 1663692072, + "narHash": "sha256-W9y2ow4tkjFhIsPHvUuaOvawxRgxvr9hb6IMwpMoFlM=", "owner": "fufexan", "repo": "webcord-flake", - "rev": "f1f6a0a7278459bcbfe792ad8caf7e029eeb1c32", + "rev": "9578b63fe42746fdbf80a0364781946c8c35aca9", "type": "github" }, "original": { @@ -922,11 +922,11 @@ "webcord_2": { "flake": false, "locked": { - "lastModified": 1661854465, - "narHash": "sha256-/2f+Jb/1MstWtzbnG/gNLG/ds8K7qultXWfb5nlth08=", + "lastModified": 1663533822, + "narHash": "sha256-TvlaaWu40La+CRD2+zXXRmyAF6LEU63eH/BuEQgUiQ4=", "owner": "SpacingBat3", "repo": "WebCord", - "rev": "83ad1578b2cbcb1c4e5470ca85a0a6e6f5f8c42e", + "rev": "2df618b4669eaca06b2f635145d1293a612fa24c", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/outline/configuration.nix b/nixos/hosts/olympus/outline/configuration.nix index c411d072..c17d004e 100644 --- a/nixos/hosts/olympus/outline/configuration.nix +++ b/nixos/hosts/olympus/outline/configuration.nix @@ -25,7 +25,7 @@ let vs = config.vault-secrets.secrets; in vault-secrets.secrets.outline = { }; services.outline = { - enable = false; + enable = true; concurrency = 1; port = 3000; redisUrl = "local"; diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index eb08f21e..38e8582a 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -79,6 +79,9 @@ in boot.loader.efi.efiSysMountPoint = "/boot/efi"; boot.kernelPackages = pkgs.linuxPackages_latest; + # networking.wireless.iwd.enable = false; + services.gnome.gnome-keyring.enable = true; + # Enable networking networking.networkmanager = { enable = true; @@ -164,8 +167,13 @@ in ]; }; + hardware.bluetooth.enable = true; + services.blueman.enable = true; + virtualisation.podman.enable = true; + hardware.saleae-logic.enable = true; + # Enable CUPS to print documents. services.printing.enable = true; diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 37ab426d..8c937e1c 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -34,6 +34,8 @@ neofetch networkmanagerapplet nixpkgs-review + plexamp + plex-media-player pulseview python3 retroarchFull -- 2.47.1 From 26c0bdeda6eae325f18c511ef59d8864a9ca0d21 Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 21 Sep 2022 12:45:34 +0200 Subject: [PATCH 0436/1882] set up outline --- nixos/hosts/olympus/nginx/configuration.nix | 2 +- nixos/hosts/olympus/outline/configuration.nix | 13 ++++++++++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 457ab4a5..a78bdf8b 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -96,7 +96,7 @@ in # forceSSL = true; # root = pkgs.synapse-admin; #}; - virtualHosts."books.meowy.tech" = proxy "http://bookwyrm:8001"; + virtualHosts."books.meowy.tech" = proxy "http://bookwyrm.olympus:8001"; # Kubernetes endpoints virtualHosts."0x76.dev" = k8s_proxy; diff --git a/nixos/hosts/olympus/outline/configuration.nix b/nixos/hosts/olympus/outline/configuration.nix index c17d004e..93e7e967 100644 --- a/nixos/hosts/olympus/outline/configuration.nix +++ b/nixos/hosts/olympus/outline/configuration.nix @@ -22,7 +22,10 @@ let vs = config.vault-secrets.secrets; in config.services.outline.port ]; - vault-secrets.secrets.outline = { }; + vault-secrets.secrets.outline = { + user = config.services.outline.user; + group = config.services.outline.group; + }; services.outline = { enable = true; @@ -40,5 +43,13 @@ let vs = config.vault-secrets.secrets; in uploadBucketName = "outline"; region = "us-east-1"; # fake }; + oidcAuthentication = { + userinfoUrl= "https://git.0x76.dev/login/oauth/userinfo"; + tokenUrl = "https://git.0x76.dev/login/oauth/access_token"; + displayName = "Gitea"; + clientId = "db58b9f0-aed1-4a60-a9bb-56077a790f5b"; + authUrl = "https://git.0x76.dev/login/oauth/authorize"; + clientSecretFile = "${vs.outline}/giteaClientSecret"; + }; }; } -- 2.47.1 From 557f735a79497d07fc921fae0e92303b1a48ab94 Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 21 Sep 2022 15:35:13 +0200 Subject: [PATCH 0437/1882] remove authentik --- .../apps/authentik/external-secret.yaml | 17 ------- flux/cluster/apps/authentik/helm-release.yaml | 47 ------------------- .../cluster/apps/authentik/kustomization.yaml | 5 -- flux/cluster/apps/kustomization.yaml | 1 - .../charts/helm/authentik-charts.yaml | 10 ---- .../charts/helm/kustomization.yaml | 1 - flux/cluster/core/namespaces/authentik.yaml | 7 --- .../core/namespaces/kustomization.yaml | 1 - .../hosts/olympus/database/configuration.nix | 2 +- .../hosts/olympus/hedgedoc/configuration.nix | 14 ------ nixos/hosts/thalassa/null/home/default.nix | 14 ++++++ 11 files changed, 15 insertions(+), 104 deletions(-) delete mode 100644 flux/cluster/apps/authentik/external-secret.yaml delete mode 100644 flux/cluster/apps/authentik/helm-release.yaml delete mode 100644 flux/cluster/apps/authentik/kustomization.yaml delete mode 100644 flux/cluster/base/flux-system/charts/helm/authentik-charts.yaml delete mode 100644 flux/cluster/core/namespaces/authentik.yaml diff --git a/flux/cluster/apps/authentik/external-secret.yaml b/flux/cluster/apps/authentik/external-secret.yaml deleted file mode 100644 index a7789afc..00000000 --- a/flux/cluster/apps/authentik/external-secret.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: authentik - namespace: authentik -spec: - refreshInterval: "5m" - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: authentik - data: - - secretKey: secret_key - remoteRef: - key: authentik/authentik - property: secret_key diff --git a/flux/cluster/apps/authentik/helm-release.yaml b/flux/cluster/apps/authentik/helm-release.yaml deleted file mode 100644 index c21a4815..00000000 --- a/flux/cluster/apps/authentik/helm-release.yaml +++ /dev/null @@ -1,47 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: authentik - namespace: authentik -spec: - interval: 1m0s - chart: - spec: - # renovate: registryUrl=https://charts.goauthentik.io - chart: authentik - version: 2022.7.3 - sourceRef: - kind: HelmRepository - name: authentik-charts - namespace: flux-system - interval: 5m - valuesFrom: - - kind: Secret - name: authentik - valuesKey: secret_key - targetPath: authentik.secret_key - optional: false - values: - image: - repository: ghcr.io/goauthentik/server - tag: 2022.7.3 - authentik: - error_reporting: - enabled: true - postgresql: - host: "database.olympus" - name: "authentik" - user: "authentik" - redis: - enabled: true - architecture: standalone - auth: - enabled: false - ingress: - enabled: true - ingressClassName: "traefik" - hosts: - - host: id.0x76.dev - paths: - - path: "/" - pathType: Prefix diff --git a/flux/cluster/apps/authentik/kustomization.yaml b/flux/cluster/apps/authentik/kustomization.yaml deleted file mode 100644 index 9a89122f..00000000 --- a/flux/cluster/apps/authentik/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - external-secret.yaml - - helm-release.yaml diff --git a/flux/cluster/apps/kustomization.yaml b/flux/cluster/apps/kustomization.yaml index 05bf7ef7..8802a6a9 100644 --- a/flux/cluster/apps/kustomization.yaml +++ b/flux/cluster/apps/kustomization.yaml @@ -3,7 +3,6 @@ kind: Kustomization resources: - networking - presidential-paradise - - authentik - gitops - monitoring - olympus diff --git a/flux/cluster/base/flux-system/charts/helm/authentik-charts.yaml b/flux/cluster/base/flux-system/charts/helm/authentik-charts.yaml deleted file mode 100644 index 6366bd70..00000000 --- a/flux/cluster/base/flux-system/charts/helm/authentik-charts.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -apiVersion: source.toolkit.fluxcd.io/v1beta1 -kind: HelmRepository -metadata: - name: authentik-charts - namespace: flux-system -spec: - interval: 15m - url: https://charts.goauthentik.io/ - timeout: 3m diff --git a/flux/cluster/base/flux-system/charts/helm/kustomization.yaml b/flux/cluster/base/flux-system/charts/helm/kustomization.yaml index 462fbd74..c8afccdb 100644 --- a/flux/cluster/base/flux-system/charts/helm/kustomization.yaml +++ b/flux/cluster/base/flux-system/charts/helm/kustomization.yaml @@ -4,6 +4,5 @@ resources: - metallb-charts.yaml - traefik-charts.yaml - external-secrets-charts.yaml - - authentik-charts.yaml - fairwinds-charts.yaml - drone-charts.yaml diff --git a/flux/cluster/core/namespaces/authentik.yaml b/flux/cluster/core/namespaces/authentik.yaml deleted file mode 100644 index 511463c3..00000000 --- a/flux/cluster/core/namespaces/authentik.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: authentik - labels: - goldilocks.fairwinds.com/enabled: "true" diff --git a/flux/cluster/core/namespaces/kustomization.yaml b/flux/cluster/core/namespaces/kustomization.yaml index 0dfe9d5e..baf95855 100644 --- a/flux/cluster/core/namespaces/kustomization.yaml +++ b/flux/cluster/core/namespaces/kustomization.yaml @@ -4,7 +4,6 @@ resources: - presidential-paradise.yaml - networking.yaml - external-secrets.yaml - - authentik.yaml - gitops.yaml - monitoring.yaml - olympus.yaml diff --git a/nixos/hosts/olympus/database/configuration.nix b/nixos/hosts/olympus/database/configuration.nix index 7fb8861a..967a111a 100644 --- a/nixos/hosts/olympus/database/configuration.nix +++ b/nixos/hosts/olympus/database/configuration.nix @@ -4,7 +4,7 @@ { config, pkgs, ... }: let - databases = [ "authentik" "umami" "drone" ]; + databases = [ "umami" "drone" ]; in { imports = [ ]; diff --git a/nixos/hosts/olympus/hedgedoc/configuration.nix b/nixos/hosts/olympus/hedgedoc/configuration.nix index 3856ad0e..21c8a5cf 100644 --- a/nixos/hosts/olympus/hedgedoc/configuration.nix +++ b/nixos/hosts/olympus/hedgedoc/configuration.nix @@ -76,20 +76,6 @@ in secretKey = "$MINIO_SECRET_KEY"; }; email = true; - # Disable until fixed - # oauth2 = let url = "https://id.0x76.dev"; in - # { - # providerName = "authentik"; - # clientID = "$AUTHENTIK_CLIENTID"; - # clientSecret = "$AUTHENTIK_CLIENTSECRET"; - # scope = "openid email profile"; - # userProfileURL = "${url}/application/o/userinfo/"; - # tokenURL = "${url}/application/o/token/"; - # authorizationURL = "${url}/application/o/authorize/"; - # userProfileUsernameAttr = "preferred_username"; - # userProfileDisplayNameAttr = "name"; - # userProfileEmailAttr = "email"; - # }; }; }; } diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 8c937e1c..0115bf53 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -121,5 +121,19 @@ }; }; + xdg.userDirs = let home = config.home.homeDirectory; in + { + enable = true; + createDirectories = true; + desktop = "${home}/.desktop"; + documents = "${home}/cloud/Documents"; + download = "${home}/dl"; + music = "${home}/cloud/Music"; + pictures = "${home}/cloud/Pictures"; + publicShare = "${home}/.publicShare"; + templates = "${home}/.templates"; + videos = "${home}/cloud/Videos"; + }; + services.syncthing.enable = true; } -- 2.47.1 From b04c5d673db0691f58bf7b0e92e5a052d2d61c3c Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 21 Sep 2022 16:07:47 +0200 Subject: [PATCH 0438/1882] also pull hyprland in gha --- .github/workflows/nixos.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index f059bd03..615e8a2e 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -59,12 +59,12 @@ jobs: - name: "Install Nix ❄️" uses: cachix/install-nix-action@v15 - - name: "Install Cachix ❄️" uses: cachix/cachix-action@v10 with: name: 0x76-infra authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" + extraPullNames: hyprland - name: "Build NixOS config ❄️" run: | -- 2.47.1 From cc3ea3e73c577b8238945e48e704c9dfb986a02f Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 21 Sep 2022 18:00:51 +0200 Subject: [PATCH 0439/1882] add mailserver --- flake.lock | 76 ++++++++++++++++++- flake.nix | 3 + nixos/hosts/olympus/default.nix | 8 +- .../olympus/mailserver/configuration.nix | 30 ++++++++ nixos/hosts/olympus/nginx/configuration.nix | 5 +- util.nix | 3 +- 6 files changed, 117 insertions(+), 8 deletions(-) create mode 100644 nixos/hosts/olympus/mailserver/configuration.nix diff --git a/flake.lock b/flake.lock index c90563d2..868326cf 100644 --- a/flake.lock +++ b/flake.lock @@ -24,6 +24,22 @@ "type": "github" } }, + "blobs": { + "flake": false, + "locked": { + "lastModified": 1604995301, + "narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=", + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265", + "type": "gitlab" + }, + "original": { + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "type": "gitlab" + } + }, "colmena": { "inputs": { "flake-compat": "flake-compat", @@ -68,7 +84,7 @@ "inputs": { "flake-compat": "flake-compat_2", "nixpkgs": "nixpkgs_3", - "utils": "utils_4" + "utils": "utils_5" }, "locked": { "lastModified": 1648475189, @@ -464,12 +480,35 @@ "type": "indirect" } }, + "mailserver": { + "inputs": { + "blobs": "blobs", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-22_05": "nixpkgs-22_05", + "utils": "utils_3" + }, + "locked": { + "lastModified": 1658267644, + "narHash": "sha256-NJRe1rnlF112eZwxNASlRL8/ghwD8g+lpHIYRkWQxC8=", + "owner": "simple-nixos-mailserver", + "repo": "nixos-mailserver", + "rev": "004c229ca44c069d93c92abf67ff1619fb508c6a", + "type": "gitlab" + }, + "original": { + "owner": "simple-nixos-mailserver", + "repo": "nixos-mailserver", + "type": "gitlab" + } + }, "minecraft-servers": { "inputs": { "nixpkgs": [ "nixpkgs" ], - "utils": "utils_3" + "utils": "utils_4" }, "locked": { "lastModified": 1663552861, @@ -581,6 +620,21 @@ "type": "github" } }, + "nixpkgs-22_05": { + "locked": { + "lastModified": 1654936503, + "narHash": "sha256-soKzdhI4jTHv/rSbh89RdlcJmrPgH8oMb/PLqiqIYVQ=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "dab6df51387c3878cdea09f43589a15729cae9f4", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-22.05", + "type": "indirect" + } + }, "nixpkgs_2": { "locked": { "lastModified": 1663746095, @@ -730,6 +784,7 @@ "home-manager": "home-manager", "hyprland": "hyprland", "hyprpaper": "hyprpaper", + "mailserver": "mailserver", "minecraft-servers": "minecraft-servers", "nixpkgs": "nixpkgs_2", "riff": "riff", @@ -844,6 +899,21 @@ } }, "utils_3": { + "locked": { + "lastModified": 1605370193, + "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5021eac20303a61fafe17224c087f5519baed54d", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "utils_4": { "inputs": { "flake-utils": "flake-utils_2" }, @@ -861,7 +931,7 @@ "type": "github" } }, - "utils_4": { + "utils_5": { "locked": { "lastModified": 1648297722, "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=", diff --git a/flake.nix b/flake.nix index c8a5f610..ce1b0e39 100644 --- a/flake.nix +++ b/flake.nix @@ -31,6 +31,9 @@ riff.inputs.nixpkgs.follows = "nixpkgs"; webcord.url = "github:fufexan/webcord-flake"; + + mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver"; + mailserver.inputs.nixpkgs.follows = "nixpkgs"; }; outputs = diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 56dc527f..25d537f6 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -86,9 +86,11 @@ ip = "10.42.42.17"; mac = "0A:06:5E:E7:9A:0C"; } - # { - # ip = "10.42.42.18"; - # } + { + hostname = "mailserver"; + ip = "10.42.42.18"; + mac = "AA:F2:3D:5E:B3:40"; + } { hostname = "victoriametrics"; ip = "10.42.42.19"; diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix new file mode 100644 index 00000000..3a3cbe4f --- /dev/null +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -0,0 +1,30 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ ]; + + mailserver = { + enable = false; + fqdn = "mail.0x76.dev"; + domains = [ "0x76.dev" ]; + + certificateScheme = 3; + }; +} diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index a78bdf8b..02f6a524 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -49,7 +49,7 @@ in modules = with pkgs.nginxModules; [ brotli ]; }; - # Reverse Proxies + # 0x76.dev virtualHosts."ha.0x76.dev" = proxy "http://home-assistant.olympus:8123/"; virtualHosts."zookeeper-dev.0x76.dev" = proxy "http://eevee.olympus:8085/"; virtualHosts."md.0x76.dev" = proxy "http://hedgedoc.olympus:3000/"; @@ -57,6 +57,9 @@ in virtualHosts."o.0x76.dev" = proxy "http://minio.olympus:9000"; virtualHosts."grafana.0x76.dev" = proxy "http://victoriametrics.olympus:2342"; virtualHosts."outline.0x76.dev" = proxy "http://outline.olympus:3000"; + # virtualHosts."mail.0x76.dev" = proxy "http://mailserver.olympus:80"; + + # Redshifts virtualHosts."andreea.redshifts.xyz" = proxy "http://zmeura.olympus:8008"; # Meow diff --git a/util.nix b/util.nix index 3ac4ea7a..78c9d659 100644 --- a/util.nix +++ b/util.nix @@ -1,4 +1,4 @@ -{ nixpkgs, home-manager, hyprland, ... }: +{ nixpkgs, home-manager, hyprland, mailserver, ... }: let inherit (nixpkgs) lib; inherit (builtins) filter mapAttrs attrValues concatLists; @@ -16,6 +16,7 @@ let ]; }; resolve_imports = { hostname, realm, profile ? hostname, type ? "lxc", ... }: [ + mailserver.nixosModules.mailserver ./nixos/common "${./.}/nixos/hosts/${realm}/${profile}/configuration.nix" ] ++ import_cases.${type}; -- 2.47.1 From 0eba0ac5f779220f66d8f80e533b97ff594b7521 Mon Sep 17 00:00:00 2001 From: victor Date: Thu, 22 Sep 2022 09:27:21 +0200 Subject: [PATCH 0440/1882] mailserver --- flake.lock | 30 +++++++------- .../olympus/mailserver/configuration.nix | 39 +++++++++++++++++-- 2 files changed, 51 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index 868326cf..a8b513b7 100644 --- a/flake.lock +++ b/flake.lock @@ -381,11 +381,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1663629861, - "narHash": "sha256-CjfQUyPfG/hkE4jnMcTvVJ0ubc84u8ySruZL+emXMjw=", + "lastModified": 1663800189, + "narHash": "sha256-OzomhNhiKvHKr0qxASKNyuXpx6ilhflb/4P5Wsz2FGo=", "owner": "nix-community", "repo": "home-manager", - "rev": "41790ba656bafc023f48ccdbbe7816d30fd52d76", + "rev": "f17819f4f198a3973be76797aa8a9370e35c7ca6", "type": "github" }, "original": { @@ -400,11 +400,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1663708982, - "narHash": "sha256-FfWGRoZ9IRNz9Z2IhN3Onh7EqUbaE1cT7IMiQ/fGcbs=", + "lastModified": 1663778486, + "narHash": "sha256-Gtx7HmpEl7k1PFzZULU5WBRSCCrN5MgZnrpJdaA4kSY=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "8b11a2e1b15a8e05a308a64b075ee7c9d612e6cc", + "rev": "d3ffccd45ff6d6f7bf8cd08b4c1d9e0c00635ab4", "type": "github" }, "original": { @@ -511,11 +511,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1663552861, - "narHash": "sha256-Xum3e8K1o1VRua52TwKxXPSUGHWeSqFpg9edsiO9VpU=", + "lastModified": 1663823263, + "narHash": "sha256-u2glihcKP6tr8tW5Glz0pXhxOwfuRdJQGslJsg4dIFQ=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "3a36fab5c690e0750fb6a9a3c53ecc5284bf70ba", + "rev": "51b10b3388b367dfdf8dcd7f695bdfdfc5105256", "type": "github" }, "original": { @@ -606,11 +606,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1661931183, - "narHash": "sha256-0+2KzcexiJCB3Il5t7cZAM2RXNRfm5/gMCwhcZJxLuQ=", + "lastModified": 1663494472, + "narHash": "sha256-fSowlaoXXWcAM8m9wA6u+eTJJtvruYHMA+Lb/tFi/qM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "97747d3209efde533f7b1b28f1be11619f556a06", + "rev": "f677051b8dc0b5e2a9348941c99eea8c4b0ff28f", "type": "github" }, "original": { @@ -1009,11 +1009,11 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1661882030, - "narHash": "sha256-Kw0MG4rXdTnbndVLLCNwkXDmNszwdQZmm7pwI1R3Kds=", + "lastModified": 1663507239, + "narHash": "sha256-LISZtkPVe8lQ2N8YwVe+KxCkXWLP9mdw6Q2kG93wE8A=", "owner": "wlroots", "repo": "wlroots", - "rev": "fd0b0276c9ecc159549acff48b932b83ec3b4f12", + "rev": "2ad25b1460400e66ea26bd6489b04072be7d9dbb", "type": "gitlab" }, "original": { diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index 3a3cbe4f..d7efebc1 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -3,7 +3,7 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: - +let vs = config.vault-secrets.secrets; in { imports = [ ]; @@ -18,13 +18,46 @@ # Additional packages environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ ]; + networking.firewall.allowedTCPPorts = [ 80 443 ]; + + networking.extraHosts = '' + 10.42.42.6 vault.olympus + ''; + + vault-secrets.secrets.mailserver = { + services = [ "dovecot2" "postfix"]; + }; mailserver = { - enable = false; + enable = true; fqdn = "mail.0x76.dev"; domains = [ "0x76.dev" ]; + loginAccounts = { + "v@0x76.dev" = { + hashedPasswordFile = "${vs.mailserver}/v@0x76.dev"; + }; + }; + certificateScheme = 3; }; + + services.roundcube = { + enable = true; + # this is the url of the vhost, not necessarily the same as the fqdn of + # the mailserver + hostName = "webmail.0x76.dev"; + extraConfig = '' + # starttls needed for authentication, so the fqdn required to match + # the certificate + $config['smtp_host'] = "tls://${config.mailserver.fqdn}"; + $config['smtp_user'] = "%u"; + $config['smtp_pass'] = "%p"; + ''; + }; + + services.nginx.enable = true; + + security.acme.acceptTerms = true; + security.acme.defaults.email = "victor@xirion.net"; } -- 2.47.1 From c4f832065da1e076923ea66ab8f7d25d7069ad72 Mon Sep 17 00:00:00 2001 From: victor Date: Thu, 22 Sep 2022 10:01:42 +0200 Subject: [PATCH 0441/1882] more mailserver config --- .../olympus/mailserver/configuration.nix | 48 ++++++++++++++----- 1 file changed, 35 insertions(+), 13 deletions(-) diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index d7efebc1..22c6b00f 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -25,7 +25,7 @@ let vs = config.vault-secrets.secrets; in ''; vault-secrets.secrets.mailserver = { - services = [ "dovecot2" "postfix"]; + services = [ "dovecot2" "postfix" ]; }; mailserver = { @@ -40,23 +40,45 @@ let vs = config.vault-secrets.secrets; in }; certificateScheme = 3; + + + indexDir = "/var/lib/dovecot/indices"; + fullTextSearch = { + enable = true; + # index new email as they arrive + autoIndex = true; + # this only applies to plain text attachments, binary attachments are never indexed + indexAttachments = true; + enforced = "body"; + memoryLimit = 2000; + autoIndexExclude = [ "\\Junk" ]; + }; }; services.roundcube = { - enable = true; - # this is the url of the vhost, not necessarily the same as the fqdn of - # the mailserver - hostName = "webmail.0x76.dev"; - extraConfig = '' - # starttls needed for authentication, so the fqdn required to match - # the certificate - $config['smtp_host'] = "tls://${config.mailserver.fqdn}"; - $config['smtp_user'] = "%u"; - $config['smtp_pass'] = "%p"; - ''; + enable = true; + package = pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]); + plugins = [ + "archive" + "enigma" + "markasjunk" + "persistent_login" + ]; + # this is the url of the vhost, not necessarily the same as the fqdn of + # the mailserver + hostName = "webmail.0x76.dev"; + extraConfig = '' + # starttls needed for authentication, so the fqdn required to match + # the certificate + $config['smtp_host'] = "tls://${config.mailserver.fqdn}"; + $config['smtp_user'] = "%u"; + $config['smtp_pass'] = "%p"; + ''; }; - services.nginx.enable = true; + services.nginx = { + enable = true; + }; security.acme.acceptTerms = true; security.acme.defaults.email = "victor@xirion.net"; -- 2.47.1 From 651891bac4faff65f472e36ff9e70a06a4c917cc Mon Sep 17 00:00:00 2001 From: victor Date: Thu, 22 Sep 2022 10:26:25 +0200 Subject: [PATCH 0442/1882] install thunderbird --- nixos/hosts/thalassa/null/home/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 0115bf53..418fb798 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -34,8 +34,8 @@ neofetch networkmanagerapplet nixpkgs-review - plexamp plex-media-player + plexamp pulseview python3 retroarchFull @@ -48,6 +48,7 @@ solo2-cli steam-run texlive.combined.scheme-full + thunderbird-wayland wf-recorder # Screenrecorder wl-clipboard # Clipboard manager wofi # Wayland rofi -- 2.47.1 From 2ce841dc0b04c9862da18e5fa79e76150fcc9d23 Mon Sep 17 00:00:00 2001 From: victor Date: Thu, 22 Sep 2022 11:03:10 +0200 Subject: [PATCH 0443/1882] re-enabled synapse admin after fix --- flake.lock | 12 ++++++------ nixos/hosts/olympus/mailserver/configuration.nix | 1 + nixos/hosts/olympus/nginx/configuration.nix | 10 +++++----- 3 files changed, 12 insertions(+), 11 deletions(-) diff --git a/flake.lock b/flake.lock index a8b513b7..124b0b35 100644 --- a/flake.lock +++ b/flake.lock @@ -381,11 +381,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1663800189, - "narHash": "sha256-OzomhNhiKvHKr0qxASKNyuXpx6ilhflb/4P5Wsz2FGo=", + "lastModified": 1663835995, + "narHash": "sha256-XNHQ+mdHbjNR1Oit00SFAEcrAZoCS08E7uAFcVMtwhM=", "owner": "nix-community", "repo": "home-manager", - "rev": "f17819f4f198a3973be76797aa8a9370e35c7ca6", + "rev": "bd83eab6220226085c82e637931a7ae3863d9893", "type": "github" }, "original": { @@ -637,11 +637,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1663746095, - "narHash": "sha256-9PkHJey7IV2UyYWmOFsIgfZuRKGvCFKHrctT+oxx3AA=", + "lastModified": 1663836791, + "narHash": "sha256-iUqAR+NEnBoCtbEzuEfI9lyaw046J6yHf+jVIU8FPkY=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "bfa175724299a496e1d2206a719b112bf0cc719a", + "rev": "2fa15a032e56fb4a54b43adf237411e992e78d90", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index 22c6b00f..b0e70675 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -20,6 +20,7 @@ let vs = config.vault-secrets.secrets; in networking.firewall.allowedTCPPorts = [ 80 443 ]; + # needed as the mailserver configures its down DNS resolver networking.extraHosts = '' 10.42.42.6 vault.olympus ''; diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 02f6a524..38246ce7 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -94,11 +94,11 @@ in }; }; }; - #virtualHosts."admin.chat.meowy.tech" = { - # enableACME = true; - # forceSSL = true; - # root = pkgs.synapse-admin; - #}; + virtualHosts."admin.chat.meowy.tech" = { + enableACME = true; + forceSSL = true; + root = pkgs.synapse-admin; + }; virtualHosts."books.meowy.tech" = proxy "http://bookwyrm.olympus:8001"; # Kubernetes endpoints -- 2.47.1 From acba5df26b1c4b02bfab43d66f06f8b22382a801 Mon Sep 17 00:00:00 2001 From: victor Date: Thu, 22 Sep 2022 20:47:03 +0200 Subject: [PATCH 0444/1882] flake update --- flake.lock | 12 ++++++------ nixos/hosts/thalassa/null/configuration.nix | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index 124b0b35..b56d7a60 100644 --- a/flake.lock +++ b/flake.lock @@ -400,11 +400,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1663778486, - "narHash": "sha256-Gtx7HmpEl7k1PFzZULU5WBRSCCrN5MgZnrpJdaA4kSY=", + "lastModified": 1663866803, + "narHash": "sha256-wfhZ//vxhipvF9n9f+s4W0Ql35B5IsLiO5cYAqbxIDQ=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "d3ffccd45ff6d6f7bf8cd08b4c1d9e0c00635ab4", + "rev": "ef3eb37c7f2cdbbab23e611aedc438c317463ef8", "type": "github" }, "original": { @@ -637,11 +637,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1663836791, - "narHash": "sha256-iUqAR+NEnBoCtbEzuEfI9lyaw046J6yHf+jVIU8FPkY=", + "lastModified": 1663872072, + "narHash": "sha256-/wpcmzZtVKRpM/AOmJ2VT0c6/ORFfS3UgU17o1mvvqs=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "2fa15a032e56fb4a54b43adf237411e992e78d90", + "rev": "f7bbdeae8faf1ab69619a35638edcb7afc0d8923", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 38e8582a..f385ccff 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -85,7 +85,7 @@ in # Enable networking networking.networkmanager = { enable = true; - wifi.backend = "iwd"; + # wifi.backend = "iwd"; firewallBackend = "nftables"; }; -- 2.47.1 From e69cae2cc2434d488a7167db6018f823fae6f56f Mon Sep 17 00:00:00 2001 From: victor Date: Fri, 23 Sep 2022 09:52:25 +0200 Subject: [PATCH 0445/1882] keycloak init --- flake.lock | 6 ++--- nixos/hosts/olympus/default.nix | 5 +++++ .../hosts/olympus/keycloak/configuration.nix | 22 +++++++++++++++++++ nixos/hosts/thalassa/null/home/default.nix | 7 +++++- 4 files changed, 36 insertions(+), 4 deletions(-) create mode 100644 nixos/hosts/olympus/keycloak/configuration.nix diff --git a/flake.lock b/flake.lock index b56d7a60..e84fd19f 100644 --- a/flake.lock +++ b/flake.lock @@ -400,11 +400,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1663866803, - "narHash": "sha256-wfhZ//vxhipvF9n9f+s4W0Ql35B5IsLiO5cYAqbxIDQ=", + "lastModified": 1663877642, + "narHash": "sha256-Hqmme1q2z0cl9RCzfCD9M2ZeZgmxrPGO0RDeIia+yvE=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "ef3eb37c7f2cdbbab23e611aedc438c317463ef8", + "rev": "e5d143b2386c3773f6fb5176752a1b381d3ee7a5", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 25d537f6..863d8985 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -144,6 +144,11 @@ ip = "10.42.42.28"; mac = "9E:86:D3:46:EE:AE"; } + { + hostname = "keycloak"; + ip = "10.42.42.29"; + mac = ""; + } { hostname = "nuc"; ip = "10.42.42.42"; diff --git a/nixos/hosts/olympus/keycloak/configuration.nix b/nixos/hosts/olympus/keycloak/configuration.nix new file mode 100644 index 00000000..e660f641 --- /dev/null +++ b/nixos/hosts/olympus/keycloak/configuration.nix @@ -0,0 +1,22 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ ]; +} diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 418fb798..a6a6c636 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -69,9 +69,14 @@ userName = "Victor"; userEmail = "victor@xirion.net"; }; - + programs.mako = { enable = true; + # makoctl mode -a do-not-disturb will hide all notifications, makoctl mode -r do-not-disturb will show them again. + extraConfig = '' + [mode=do-not-disturb] + invisible=1 + ''; }; programs.tmux = { -- 2.47.1 From c7968c0080e54c39505ab352c886456c6b5cdf1e Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 23 Sep 2022 11:17:57 +0200 Subject: [PATCH 0446/1882] setup keycloak --- nixos/hosts/olympus/default.nix | 2 +- .../hosts/olympus/keycloak/configuration.nix | 29 +++++++++++++++++-- nixos/hosts/olympus/nginx/configuration.nix | 5 ++-- 3 files changed, 29 insertions(+), 7 deletions(-) diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 863d8985..636647af 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -147,7 +147,7 @@ { hostname = "keycloak"; ip = "10.42.42.29"; - mac = ""; + mac = "A6:09:1D:A8:81:28"; } { hostname = "nuc"; diff --git a/nixos/hosts/olympus/keycloak/configuration.nix b/nixos/hosts/olympus/keycloak/configuration.nix index e660f641..d1ad6267 100644 --- a/nixos/hosts/olympus/keycloak/configuration.nix +++ b/nixos/hosts/olympus/keycloak/configuration.nix @@ -2,8 +2,8 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: - +{ config, pkgs, lib, ... }: +let vs = config.vault-secrets.secrets; in { imports = [ ]; @@ -18,5 +18,28 @@ # Additional packages environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ ]; + networking.firewall.allowedTCPPorts = [ + config.services.keycloak.settings.http-port + ]; + + environment.noXlibs = lib.mkForce false; + + vault-secrets.secrets.keycloak = { }; + + # If loadCredential doesn't work: + # https://github.com/NixOS/nixpkgs/issues/157449#issuecomment-1208501368 + services.keycloak = { + enable = true; + database = { + type = "postgresql"; + host = "localhost"; + createLocally = true; + passwordFile = "${vs.keycloak}/databasePassword"; + }; + settings = { + hostname = "id.0x76.dev"; + proxy = "edge"; + hostname-strict-backchannel = true; + }; + }; } diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 38246ce7..25a45d9d 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -51,13 +51,13 @@ in # 0x76.dev virtualHosts."ha.0x76.dev" = proxy "http://home-assistant.olympus:8123/"; - virtualHosts."zookeeper-dev.0x76.dev" = proxy "http://eevee.olympus:8085/"; + # virtualHosts."zookeeper-dev.0x76.dev" = proxy "http://eevee.olympus:8085/"; virtualHosts."md.0x76.dev" = proxy "http://hedgedoc.olympus:3000/"; virtualHosts."git.0x76.dev" = proxy "http://gitea.olympus:3000"; virtualHosts."o.0x76.dev" = proxy "http://minio.olympus:9000"; virtualHosts."grafana.0x76.dev" = proxy "http://victoriametrics.olympus:2342"; virtualHosts."outline.0x76.dev" = proxy "http://outline.olympus:3000"; - # virtualHosts."mail.0x76.dev" = proxy "http://mailserver.olympus:80"; + virtualHosts."id.0x76.dev" = proxy "http://keycloak.olympus:80"; # Redshifts virtualHosts."andreea.redshifts.xyz" = proxy "http://zmeura.olympus:8008"; @@ -104,7 +104,6 @@ in # Kubernetes endpoints virtualHosts."0x76.dev" = k8s_proxy; virtualHosts."drone.0x76.dev" = k8s_proxy; - virtualHosts."id.0x76.dev" = k8s_proxy; virtualHosts."msg.0x76.dev" = k8s_proxy; virtualHosts."zookeeper.0x76.dev" = k8s_proxy; virtualHosts."wooloofan.club" = k8s_proxy; -- 2.47.1 From 64d0c787684c57ebb28caa1454491c89474906ff Mon Sep 17 00:00:00 2001 From: victor Date: Fri, 23 Sep 2022 17:06:57 +0200 Subject: [PATCH 0447/1882] updated flake --- flake.lock | 12 ++++++------ nixos/hosts/thalassa/null/configuration.nix | 9 ++++++++- nixos/hosts/thalassa/null/home/default.nix | 1 + 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index e84fd19f..60b584e2 100644 --- a/flake.lock +++ b/flake.lock @@ -381,11 +381,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1663835995, - "narHash": "sha256-XNHQ+mdHbjNR1Oit00SFAEcrAZoCS08E7uAFcVMtwhM=", + "lastModified": 1663932797, + "narHash": "sha256-IH8ZBW99W2k7wKLS+Sat9HiKX1TPZjFTnsPizK5crok=", "owner": "nix-community", "repo": "home-manager", - "rev": "bd83eab6220226085c82e637931a7ae3863d9893", + "rev": "de3758e31a3a1bc79d569f5deb5dac39791bf9b6", "type": "github" }, "original": { @@ -637,11 +637,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1663872072, - "narHash": "sha256-/wpcmzZtVKRpM/AOmJ2VT0c6/ORFfS3UgU17o1mvvqs=", + "lastModified": 1663945282, + "narHash": "sha256-vfYvUrzeaJUxndH76VsRJiqcQz6C090rqduGC3y6X4g=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "f7bbdeae8faf1ab69619a35638edcb7afc0d8923", + "rev": "28444d170b02c92ae8cc9c103631c53e594f75e6", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index f385ccff..cf33328c 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -173,7 +173,7 @@ in virtualisation.podman.enable = true; hardware.saleae-logic.enable = true; - + # Enable CUPS to print documents. services.printing.enable = true; @@ -243,6 +243,13 @@ in authFile = "/etc/u2f-mappings"; # use `pamu2fcfg` from `pkgs.pam_u2f` to generate this config }; + programs.ssh.startAgent = true; + + services.logind.extraConfig = '' + # don’t shutdown when power button is short-pressed + HandlePowerKey=suspend + ''; + services.udev.packages = [ pkgs.qmk-udev-rules ]; # This value determines the NixOS release from which the default diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index a6a6c636..c7c9953f 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -105,6 +105,7 @@ jnoortheen.nix-ide matklad.rust-analyzer mkhl.direnv + ms-vscode-remote.remote-ssh ms-vscode.cpptools tamasfe.even-better-toml valentjn.vscode-ltex -- 2.47.1 From 771a693fe99d3bbab94080bf3435dfb0cff205df Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 23 Sep 2022 20:28:37 +0200 Subject: [PATCH 0448/1882] keycloak --- nixos/hosts/olympus/keycloak/configuration.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/hosts/olympus/keycloak/configuration.nix b/nixos/hosts/olympus/keycloak/configuration.nix index d1ad6267..e776d82e 100644 --- a/nixos/hosts/olympus/keycloak/configuration.nix +++ b/nixos/hosts/olympus/keycloak/configuration.nix @@ -42,4 +42,5 @@ let vs = config.vault-secrets.secrets; in hostname-strict-backchannel = true; }; }; + } -- 2.47.1 From 70e557af91646f57685d0547b9fa7c3d9f91b0b7 Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 24 Sep 2022 13:57:01 +0200 Subject: [PATCH 0449/1882] add do-not-disturb --- flake.lock | 12 +-- nixos/hosts/olympus/outline/configuration.nix | 14 ++-- .../hosts/thalassa/null/home/eww/default.nix | 8 +- nixos/hosts/thalassa/null/home/eww/eww.scss | 26 ++---- nixos/hosts/thalassa/null/home/eww/eww.yuck | 81 ++++++++++++++----- .../null/home/eww/scripts/do-not-disturb.sh | 10 +++ .../thalassa/null/home/eww/scripts/wifi.sh | 6 +- nixos/hosts/thalassa/null/home/hyprland.nix | 5 +- nixos/hosts/thalassa/null/home/theme.nix | 14 +++- nixos/pkgs/default.nix | 16 ++-- 10 files changed, 119 insertions(+), 73 deletions(-) create mode 100755 nixos/hosts/thalassa/null/home/eww/scripts/do-not-disturb.sh diff --git a/flake.lock b/flake.lock index 60b584e2..b7d77cca 100644 --- a/flake.lock +++ b/flake.lock @@ -400,11 +400,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1663877642, - "narHash": "sha256-Hqmme1q2z0cl9RCzfCD9M2ZeZgmxrPGO0RDeIia+yvE=", + "lastModified": 1664023338, + "narHash": "sha256-S2f84PqAS75UXK0Mdf9uBn89a4UVNthA3RnSKB+sP7k=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "e5d143b2386c3773f6fb5176752a1b381d3ee7a5", + "rev": "73dbacd16d16d8a58d9c12e2a3ebcf4538faf55b", "type": "github" }, "original": { @@ -511,11 +511,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1663823263, - "narHash": "sha256-u2glihcKP6tr8tW5Glz0pXhxOwfuRdJQGslJsg4dIFQ=", + "lastModified": 1663984587, + "narHash": "sha256-BNq/NWT74mCg5eYo1NC9K+oJ1KqwQOL+fDesyO20a3E=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "51b10b3388b367dfdf8dcd7f695bdfdfc5105256", + "rev": "03e15c3aa8220c59d8b8c7454a288fc163fdf646", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/outline/configuration.nix b/nixos/hosts/olympus/outline/configuration.nix index 93e7e967..c705c2bc 100644 --- a/nixos/hosts/olympus/outline/configuration.nix +++ b/nixos/hosts/olympus/outline/configuration.nix @@ -22,7 +22,7 @@ let vs = config.vault-secrets.secrets; in config.services.outline.port ]; - vault-secrets.secrets.outline = { + vault-secrets.secrets.outline = { user = config.services.outline.user; group = config.services.outline.group; }; @@ -44,12 +44,12 @@ let vs = config.vault-secrets.secrets; in region = "us-east-1"; # fake }; oidcAuthentication = { - userinfoUrl= "https://git.0x76.dev/login/oauth/userinfo"; - tokenUrl = "https://git.0x76.dev/login/oauth/access_token"; - displayName = "Gitea"; - clientId = "db58b9f0-aed1-4a60-a9bb-56077a790f5b"; - authUrl = "https://git.0x76.dev/login/oauth/authorize"; - clientSecretFile = "${vs.outline}/giteaClientSecret"; + displayName = "Keycloak"; + userinfoUrl = "https://id.0x76.dev/realms/master/protocol/openid-connect/userinfo"; + tokenUrl = "https://id.0x76.dev/realms/master/protocol/openid-connect/token"; + clientId = "outline"; + authUrl = "https://id.0x76.dev/realms/master/protocol/openid-connect/auth"; + clientSecretFile = "${vs.outline}/keycloakClientSecret"; }; }; } diff --git a/nixos/hosts/thalassa/null/home/eww/default.nix b/nixos/hosts/thalassa/null/home/eww/default.nix index 29accf27..7937e5ef 100644 --- a/nixos/hosts/thalassa/null/home/eww/default.nix +++ b/nixos/hosts/thalassa/null/home/eww/default.nix @@ -9,7 +9,8 @@ home.file.".config/eww/eww.yuck".source = ./eww.yuck; home.file.".config/eww/eww.scss".text = builtins.readFile ./eww.scss; - # scripts + # scripts + # TODO: just link all scripts in ./scripts to .config/eww/scripts home.file.".config/eww/scripts/volume.sh" = { source = ./scripts/volume.sh; executable = true; @@ -29,4 +30,9 @@ source = ./scripts/workspaces.lua; executable = true; }; + + home.file.".config/eww/scripts/do-not-disturb.sh" = { + source = ./scripts/do-not-disturb.sh; + executable = true; + }; } diff --git a/nixos/hosts/thalassa/null/home/eww/eww.scss b/nixos/hosts/thalassa/null/home/eww/eww.scss index d51ad001..73435ed6 100644 --- a/nixos/hosts/thalassa/null/home/eww/eww.scss +++ b/nixos/hosts/thalassa/null/home/eww/eww.scss @@ -10,11 +10,6 @@ tooltip { border-radius: 5px } -.icon { - font-family: monospace; - font-size: 1.4rem; -} - button { transition: background-color 200ms, color 200ms; } @@ -35,12 +30,6 @@ button { .bar { background-color: $mantle; - border-left: 4px dotted $red; -} - -.wifi { - font-size: 2rem; - color: $mauve; } .clock { @@ -52,29 +41,28 @@ button { margin: 0.5rem; } - .date { font-size: 1.5rem; color: $text; } -.reg-btn { - font-size: 2rem; - margin: 2px 8px; - border-radius: 10px; -} - .battery { + font-family: monospace; font-size: 1.5rem; color: $teal; } -.volume { +.volume, +.dnd, +.wifi { + font-family: monospace; font-size: 1.5rem; color: $mauve; + padding: 0 5px; } + // battery menu .batterywindow { background-color: $mantle; diff --git a/nixos/hosts/thalassa/null/home/eww/eww.yuck b/nixos/hosts/thalassa/null/home/eww/eww.yuck index 187cabfa..04673aff 100644 --- a/nixos/hosts/thalassa/null/home/eww/eww.yuck +++ b/nixos/hosts/thalassa/null/home/eww/eww.yuck @@ -1,12 +1,24 @@ (defwidget bar [] - (centerbox :orientation "v" :hexpand false - (box :valign "start" :hexpand false :vexpand true :orientation "v" :space-evenly false + (centerbox + :orientation "v" + (box + :valign "start" + :hexpand false + :vexpand false + :orientation "v" + :space-evenly false ) - (workspaces :halign "center" :vexpand true :hexpand false :orientation "v") + (workspaces + :halign "center" + :vexpand true + :hexpand false + :orientation "v" + ) (box :valign "end" :hexpand false :vexpand true :orientation "v" :space-evenly false (wifi) + (do-not-disturb) (volume) (battery) (time) @@ -14,23 +26,11 @@ ) ) -;; ━━━ WIFI ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ -(defpoll wifi :interval "30s" "./scripts/wifi.sh") - -(defwidget wifi [] - (box :vexpand false :hexpand false :orientation "v" - (label :text {wifi.icon} - :limit-width 10 - :tooltip {wifi.status} - :class "wifi" - ) - ) -) - ;; ━━━ BATTERY ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ (defwidget battery [] (eventbox :onclick "eww open batterywindow --toggle" - (label :text `${ + (label + :text `${ EWW_BATTERY.BAT0.status == "Charging" ? "" : EWW_BATTERY.BAT0.capacity < 10 ? "" : EWW_BATTERY.BAT0.capacity < 20 ? "" : @@ -42,7 +42,6 @@ EWW_BATTERY.BAT0.capacity < 80 ? "" : EWW_BATTERY.BAT0.capacity < 90 ? "" : "" }` - :limit-width 10 :class "battery" )) ) @@ -65,12 +64,47 @@ (batterymenu) ) +; ━━━ do-not-disturb ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ +(defvar dnd "") +(defwidget do-not-disturb [] + (eventbox + :orientation "h" + :halign "center" + :space-evenly false + :onclick "nohup ./scripts/do-not-disturb.sh &" + (label + :text {dnd} + :class "dnd" + ) + ) +) + +;; ━━━ WIFI ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ +(defpoll wifi :interval "30s" "./scripts/wifi.sh") + +(defwidget wifi [] + (box + :orientation "h" + :halign "center" + :space-evenly false + (label + :text {wifi.icon} + :tooltip {wifi.status} + :class "wifi" + ) + ) +) + ;; ━━━ VOLUME ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ (defpoll volume :interval "1s" "./scripts/volume.sh") (defwidget volume [] - (eventbox :onclick "pamixer -t" - (label :text {volume.icon} - :limit-width 10 + (eventbox + :orientation "h" + :halign "center" + :space-evenly false + :onclick "pamixer -t" + (label + :text {volume.icon} :tooltip "${volume.percent}%" :class "volume" ) @@ -83,7 +117,10 @@ (defpoll dateVar :interval "600s" "date '+%A %d.%m.%y'") (defwidget time [] - (eventbox :cursor "hand" :hexpand false :vexpand false + (eventbox + :cursor "hand" + :hexpand false + :vexpand false :tooltip "${dateVar}" :onclick "eww open calendar --toggle &" (box :orientation "v" :hexpand false :vexpand false :space-evenly false :class "clock" diff --git a/nixos/hosts/thalassa/null/home/eww/scripts/do-not-disturb.sh b/nixos/hosts/thalassa/null/home/eww/scripts/do-not-disturb.sh new file mode 100755 index 00000000..4926c07d --- /dev/null +++ b/nixos/hosts/thalassa/null/home/eww/scripts/do-not-disturb.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env nix-shell +#! nix-shell -p jq -i bash + +if makoctl mode | grep -Fxq "do-not-disturb"; then + eww update dnd="" + makoctl mode -r do-not-disturb > /dev/null +else + eww update dnd="" + makoctl mode -a do-not-disturb > /dev/null +fi diff --git a/nixos/hosts/thalassa/null/home/eww/scripts/wifi.sh b/nixos/hosts/thalassa/null/home/eww/scripts/wifi.sh index ced14488..fa2e5370 100755 --- a/nixos/hosts/thalassa/null/home/eww/scripts/wifi.sh +++ b/nixos/hosts/thalassa/null/home/eww/scripts/wifi.sh @@ -1,15 +1,15 @@ #!/bin/sh if nmcli g | rg -q "\bconnected\b"; then - icon="󰤨" - ssid=$(nmcli -t -f name connection show --active) + icon="直" + ssid=$(nmcli -t -f name connection show --active | sed -z 's/\n/,/g;s/,$/\n/') if echo $ssid | rg -q "Wired"; then status="Connected via cable" else status="Connected to ${ssid}" fi else - icon="󰤭" + icon="睊" status="offline" fi diff --git a/nixos/hosts/thalassa/null/home/hyprland.nix b/nixos/hosts/thalassa/null/home/hyprland.nix index 59506520..da7d4683 100644 --- a/nixos/hosts/thalassa/null/home/hyprland.nix +++ b/nixos/hosts/thalassa/null/home/hyprland.nix @@ -1,4 +1,4 @@ -{ pkgs, inputs, ... }: { +{ pkgs, inputs, config, ... }: { home.file.".config/hypr/hyprpaper.conf".text = '' ipc = off preload = ~/cloud/Pictures/Wallpapers-Laptop/wallpaper-nix-pink.png @@ -9,7 +9,7 @@ let startup-script = pkgs.writeScriptBin "startup" '' #!${pkgs.stdenv.shell} - hyprctl setcursor Catppuccin-Frappe-Pink-Cursors 32 + hyprctl setcursor Catppuccin-Frappe-Pink-Cursors ${builtins.toString config.home.pointerCursor.size} ${pkgs.hyprpaper}/bin/hyprpaper & ${pkgs.xsettingsd}/bin/xsettingsd & foot --server & @@ -22,6 +22,7 @@ in { enable = true; + recommendedEnvironment = true; extraConfig = '' monitor=eDP-1,1920x1080@60,0x0,1 monitor=eDP-1,addreserved,0,0,48,0 diff --git a/nixos/hosts/thalassa/null/home/theme.nix b/nixos/hosts/thalassa/null/home/theme.nix index ae23612c..b19f1814 100644 --- a/nixos/hosts/thalassa/null/home/theme.nix +++ b/nixos/hosts/thalassa/null/home/theme.nix @@ -1,9 +1,9 @@ -{ lib, pkgs, ... }: +{ lib, pkgs, config, ... }: let inherit (builtins) mapAttrs; theme = "Catppuccin-Pink-Dark"; - cursorTheme = "Catppuccin-Frappe-Pink-Cursors"; + cursorTheme = config.home.pointerCursor.name; colour = rec { rosewater = "f2d5cf"; flamingo = "eebebe"; @@ -41,6 +41,12 @@ in Gtk/CursorThemeName "${cursorTheme}" ''; + home.pointerCursor = { + name = "Catppuccin-Frappe-Pink-Cursors"; + size = 32; + package = pkgs.catppuccin.cursors; + }; + gtk = { enable = true; theme = { @@ -53,8 +59,8 @@ in }; cursorTheme = { name = cursorTheme; - package = pkgs.catppuccin.cursors; - size = 32; + package = config.home.pointerCursor.package; + size = config.home.pointerCursor.size; }; }; diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index 5f51e6b9..a8066a4f 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -1,13 +1,10 @@ final: prev: { - hedgedoc = prev.hedgedoc.overrideAttrs (old: { - # see https://github.com/NixOS/nixpkgs/issues/176127#issuecomment-1146782555 - preBuild = '' - export HOME=$TMPDIR - ''; - }); - - discord-canary = prev.discord-canary.override { withOpenASAR = true; }; - + # hedgedoc = prev.hedgedoc.overrideAttrs (old: { + # # see https://github.com/NixOS/nixpkgs/issues/176127#issuecomment-1146782555 + # preBuild = '' + # export HOME=$TMPDIR + # ''; + # }); catppuccin.cursors = prev.callPackage ./catppuccin/cursors { }; vmagent = prev.callPackage ./vmagent { }; @@ -21,6 +18,7 @@ final: prev: { withDNSCrypt = true; withTFO = true; }; + gitea-agatheme = prev.callPackage ./gitea-agatheme { }; }; } -- 2.47.1 From 6165689b69600500c87f5b7bd5f62708daed8317 Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 25 Sep 2022 12:44:52 +0200 Subject: [PATCH 0450/1882] flake update --- flake.lock | 18 +++++++++--------- .../hosts/olympus/mailserver/configuration.nix | 12 ++++++++---- .../hosts/olympus/wireguard/configuration.nix | 10 ++++++++-- 3 files changed, 25 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index b7d77cca..b0c845fa 100644 --- a/flake.lock +++ b/flake.lock @@ -400,11 +400,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1664023338, - "narHash": "sha256-S2f84PqAS75UXK0Mdf9uBn89a4UVNthA3RnSKB+sP7k=", + "lastModified": 1664050038, + "narHash": "sha256-Q+dLA0bPW0RqYs9ONiu5/KalJYVjoFX2kG6p9G/hzDc=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "73dbacd16d16d8a58d9c12e2a3ebcf4538faf55b", + "rev": "fad5fc587d4281a5d399e61dc1243bc333d94d4d", "type": "github" }, "original": { @@ -511,11 +511,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1663984587, - "narHash": "sha256-BNq/NWT74mCg5eYo1NC9K+oJ1KqwQOL+fDesyO20a3E=", + "lastModified": 1664070839, + "narHash": "sha256-7nBBrjhSLVtAo/skhqCR+5kfQyaRm7T2Ac2EVg17iLc=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "03e15c3aa8220c59d8b8c7454a288fc163fdf646", + "rev": "c58fd256602b7bda6fecdced6b881a4731a1af1a", "type": "github" }, "original": { @@ -637,11 +637,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1663945282, - "narHash": "sha256-vfYvUrzeaJUxndH76VsRJiqcQz6C090rqduGC3y6X4g=", + "lastModified": 1664101652, + "narHash": "sha256-cgr3fHJxF59yz3zVMsQYf4PuGEnDOAOIPUltsMFNRWE=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "28444d170b02c92ae8cc9c103631c53e594f75e6", + "rev": "e64f013182bc9003121a03de0a0af30cf3ffe762", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index b0e70675..bcdfe2fc 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -33,16 +33,17 @@ let vs = config.vault-secrets.secrets; in enable = true; fqdn = "mail.0x76.dev"; domains = [ "0x76.dev" ]; + certificateScheme = 3; loginAccounts = { "v@0x76.dev" = { hashedPasswordFile = "${vs.mailserver}/v@0x76.dev"; }; + "keycloak@0x76.dev" = { + hashedPasswordFile = "${vs.mailserver}/keycloak@0x76.dev"; + }; }; - certificateScheme = 3; - - indexDir = "/var/lib/dovecot/indices"; fullTextSearch = { enable = true; @@ -56,6 +57,9 @@ let vs = config.vault-secrets.secrets; in }; }; + services.postfix.relayHost = "smtp.ziggozakelijk.nl"; + services.postfix.relayPort = 587; + services.roundcube = { enable = true; package = pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]); @@ -82,5 +86,5 @@ let vs = config.vault-secrets.secrets; in }; security.acme.acceptTerms = true; - security.acme.defaults.email = "victor@xirion.net"; + security.acme.defaults.email = "v@0x76.dev"; } diff --git a/nixos/hosts/olympus/wireguard/configuration.nix b/nixos/hosts/olympus/wireguard/configuration.nix index f2c83649..355ad5e4 100644 --- a/nixos/hosts/olympus/wireguard/configuration.nix +++ b/nixos/hosts/olympus/wireguard/configuration.nix @@ -23,6 +23,7 @@ let vs = config.vault-secrets.secrets; in networking.firewall.allowedUDPPorts = [ config.networking.wireguard.interfaces.wg0.listenPort ]; + networking.firewall.checkReversePath = false; vault-secrets.secrets.wireguard = { services = [ "wireguard-wg0" ]; @@ -30,10 +31,15 @@ let vs = config.vault-secrets.secrets; in networking.nat = { enable = true; - internalInterfaces = [ "wg0" ]; + internalInterfaces = [ "wg0" "eth0" ]; externalInterface = "eth0"; }; + boot.kernel.sysctl = { + "net.ipv4.ip_forward" = 1; + "net.ipv6.conf.all.forwarding" = 1; + }; + services.prometheus.exporters.wireguard = { enable = true; openFirewall = true; @@ -65,7 +71,7 @@ let vs = config.vault-secrets.secrets; in # Useful setup video for opnsense: https://www.youtube.com/watch?v=RoXHe5dqCM0 # https://docs.opnsense.org/manual/how-tos/wireguard-s2s.html publicKey = "KgqLhmUMX6kyTjRoa/GOCrZOvXNE5HWYuOr/T3v8/VI="; - allowedIPs = [ "10.100.0.5/32" "192.168.0.0/23" "10.10.10.0/24"]; + allowedIPs = [ "10.100.0.5/32" "192.168.0.0/23" "10.10.10.0/24" ]; endpoint = "80.60.83.220:51820"; } ]; -- 2.47.1 From 6e729ee58bc78b00a25e0fda9df952cd88c74400 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 25 Sep 2022 15:17:55 +0200 Subject: [PATCH 0451/1882] prep vault geo HA --- nixos/common/default.nix | 2 +- nixos/hosts/olympus/vault/configuration.nix | 18 +++++++++++++----- nixos/hosts/olympus/vault/migrate.hcl | 10 ++++++++++ 3 files changed, 24 insertions(+), 6 deletions(-) create mode 100644 nixos/hosts/olympus/vault/migrate.hcl diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 65343dcf..a0fa94fc 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -67,7 +67,7 @@ }; vault-secrets = lib.mkIf (config.networking.domain == "olympus") { - vaultPrefix = "secrets/nixos"; + vaultPrefix = "olympus_secrets/nixos"; vaultAddress = "http://vault.olympus:8200/"; approlePrefix = "olympus-${config.networking.hostName}"; }; diff --git a/nixos/hosts/olympus/vault/configuration.nix b/nixos/hosts/olympus/vault/configuration.nix index 23e416ac..61218642 100644 --- a/nixos/hosts/olympus/vault/configuration.nix +++ b/nixos/hosts/olympus/vault/configuration.nix @@ -2,8 +2,10 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: -let port = 8200; +{ config, pkgs, hosts, ... }: +let + port = 8200; + clusterPort = 8201; in { # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions @@ -17,17 +19,23 @@ in { environment.systemPackages = with pkgs; [ ]; # Vault - networking.firewall.allowedTCPPorts = [ port ]; + networking.firewall.allowedTCPPorts = [ port clusterPort ]; services.vault = { enable = true; # bin version includes the UI package = pkgs.vault-bin; address = "0.0.0.0:${toString port}"; - storageBackend = "file"; - storagePath = "/var/lib/vault"; + storageBackend = "raft"; + storagePath = "/var/lib/vault-raft"; + storageConfig = '' + node_id = "olympus-1" + ''; extraConfig = '' ui = true + disable_mlock = true + api_addr = "http://10.42.42.6:${toString port}" + cluster_addr = "http://10.42.42.6:${toString clusterPort}" ''; }; } diff --git a/nixos/hosts/olympus/vault/migrate.hcl b/nixos/hosts/olympus/vault/migrate.hcl new file mode 100644 index 00000000..4717ae02 --- /dev/null +++ b/nixos/hosts/olympus/vault/migrate.hcl @@ -0,0 +1,10 @@ +storage_source "file" { + path = "/var/lib/vault" +} + +storage_destination "raft" { + path = "/var/lib/vault-raft" + node_id = "olympus-1" +} + +cluster_addr = "http://vault.olympus:8201" -- 2.47.1 From f61d27d7747bc048d5da0f04134075b69dfe71fe Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 25 Sep 2022 16:42:18 +0200 Subject: [PATCH 0452/1882] add smtp settings to gitea --- nixos/hosts/olympus/gitea/configuration.nix | 22 +++++++++++++++++++ .../olympus/mailserver/configuration.nix | 3 +++ 2 files changed, 25 insertions(+) diff --git a/nixos/hosts/olympus/gitea/configuration.nix b/nixos/hosts/olympus/gitea/configuration.nix index dd867c52..b0b68a18 100644 --- a/nixos/hosts/olympus/gitea/configuration.nix +++ b/nixos/hosts/olympus/gitea/configuration.nix @@ -3,6 +3,9 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { lib, config, pkgs, ... }: +let + vs = config.vault-secrets.secrets; +in { imports = [ ]; @@ -28,6 +31,11 @@ maxretry = 3; }; + vault-secrets.secrets.gitea = { + user = "gitea"; + group = "gitea"; + }; + system.activationScripts.gitea-theme = let target_dir = "${config.services.gitea.stateDir}/custom/public/css/"; @@ -44,6 +52,7 @@ lfs.enable = true; dump.type = "tar.gz"; database.type = "postgres"; + mailerPasswordFile = "${vs.gitea}/mailPassword"; settings = { repository = { @@ -74,6 +83,19 @@ "PROVIDER" = "db"; "COOKIE_SECURE" = true; }; + mailer = { + "ENABLED" = true; + "IS_TLS_ENABLED" = true; + "HOST" = "mail.0x76.dev:465"; + "FROM" = "gitea@0x76.dev"; + "MAILER_TYPE" = "smtp"; + "USER" = "gitea@0x76.dev"; + + # Below is prep for 1.18 + "PROTOCOL" = "smtps"; + "SMTP_ADDR" = "mail.0x76.dev"; + "SMTP_PORT" = 465; + }; }; }; } diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index bcdfe2fc..e84c1259 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -42,6 +42,9 @@ let vs = config.vault-secrets.secrets; in "keycloak@0x76.dev" = { hashedPasswordFile = "${vs.mailserver}/keycloak@0x76.dev"; }; + "gitea@0x76.dev" = { + hashedPasswordFile = "${vs.mailserver}/gitea@0x76.dev"; + }; }; indexDir = "/var/lib/dovecot/indices"; -- 2.47.1 From 8a1538dde9caf342ffae1166d98d9e95522b6b0c Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 25 Sep 2022 23:49:26 +0200 Subject: [PATCH 0453/1882] added docs --- README.md | 4 +- flake.lock | 12 +- nixos/hosts/README.md | 2 + .../olympus/mailserver/configuration.nix | 17 +- nixos/hosts/olympus/outline/configuration.nix | 9 + nixos/hosts/olympus/synapse/configuration.nix | 100 ++++--- nixos/hosts/thalassa/null/README.md | 10 +- terraform/.gitignore | 33 --- terraform/.terraform.lock.hcl | 41 --- terraform/hosts.auto.tfvars.json | 73 ----- terraform/main.tf | 34 --- terraform/proxmox_lxc.tf | 277 ------------------ terraform/proxmox_vm_qemu.tf | 77 ----- terraform/versions.tf | 12 - util.nix | 49 ++-- 15 files changed, 120 insertions(+), 630 deletions(-) create mode 100644 nixos/hosts/README.md delete mode 100644 terraform/.gitignore delete mode 100644 terraform/.terraform.lock.hcl delete mode 100644 terraform/hosts.auto.tfvars.json delete mode 100644 terraform/main.tf delete mode 100644 terraform/proxmox_lxc.tf delete mode 100644 terraform/proxmox_vm_qemu.tf delete mode 100644 terraform/versions.tf diff --git a/README.md b/README.md index 6d1f8d2e..7c7b5b70 100644 --- a/README.md +++ b/README.md @@ -1,14 +1,12 @@ # 0x76's Infrastructure [![NixOS](https://github.com/NULLx76/infrastructure/actions/workflows/nixos.yml/badge.svg)](https://github.com/NULLx76/infrastructure/actions/workflows/nixos.yml) -This repository contains my IaC and GitOps code. +This repository contains my fleet of VMs, Containers and Bare Metal machines. ## Directory Structure `flake.nix` is a NixOS flake which is the entrypoint for my NixOS config, it also contains a 'DevShell' containing all the tools needed to deploy the infrastructure, this can be accessed running `nix develop`. * **flux**: Kubernetes manifests as managed by [Flux] * **nixos**: Nix configurations for my NixOS LXCs and VMs, deployed using [colmena]. -* **terraform**: Terraform config for deploying said VMs and Containers onto Proxmox, using [terraform-provider-proxmox] [Flux]: https://github.com/fluxcd/flux2 [deploy-rs]: https://colmena.cli.rs/unstable/ -[terraform-provider-proxmox]: https://github.com/Telmate/terraform-provider-proxmox diff --git a/flake.lock b/flake.lock index b0c845fa..a9a72069 100644 --- a/flake.lock +++ b/flake.lock @@ -400,11 +400,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1664050038, - "narHash": "sha256-Q+dLA0bPW0RqYs9ONiu5/KalJYVjoFX2kG6p9G/hzDc=", + "lastModified": 1664130744, + "narHash": "sha256-zM+4pgzsYKS0EuQ3i0Epaq6Gb9xLo4wzxK/WZAw+lpM=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "fad5fc587d4281a5d399e61dc1243bc333d94d4d", + "rev": "f70b57f360f8117ecca67d6d7f75c1f87b098794", "type": "github" }, "original": { @@ -637,11 +637,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1664101652, - "narHash": "sha256-cgr3fHJxF59yz3zVMsQYf4PuGEnDOAOIPUltsMFNRWE=", + "lastModified": 1664138822, + "narHash": "sha256-5iwjo+UlQrT984yS+fz4f/JmpSZzJQnj99e7FhRCunk=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "e64f013182bc9003121a03de0a0af30cf3ffe762", + "rev": "6c63bf7a0a683985316bf415676ceb4a3a4edac4", "type": "github" }, "original": { diff --git a/nixos/hosts/README.md b/nixos/hosts/README.md new file mode 100644 index 00000000..52fd7fce --- /dev/null +++ b/nixos/hosts/README.md @@ -0,0 +1,2 @@ +# NixOS Hosts +Each folder here is a seperate geographical location, with `thalassa` being for roaming devices like laptops diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index e84c1259..780413f5 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -32,18 +32,29 @@ let vs = config.vault-secrets.secrets; in mailserver = { enable = true; fqdn = "mail.0x76.dev"; - domains = [ "0x76.dev" ]; + domains = [ "0x76.dev" "meowy.tech" ]; certificateScheme = 3; loginAccounts = { "v@0x76.dev" = { hashedPasswordFile = "${vs.mailserver}/v@0x76.dev"; + aliases = [ "v@meowy.tech" "postmaster@0x76.dev" "postmaster@meowy.tech" ]; }; "keycloak@0x76.dev" = { hashedPasswordFile = "${vs.mailserver}/keycloak@0x76.dev"; + sendOnly = true; }; "gitea@0x76.dev" = { hashedPasswordFile = "${vs.mailserver}/gitea@0x76.dev"; + sendOnly = true; + }; + "matrix@meowy.tech" = { + hashedPasswordFile = "${vs.mailserver}/matrix@meowy.tech"; + sendOnly = true; + }; + "outline@0x76.dev" = { + hashedPasswordFile = "${vs.mailserver}/outline@0x76.dev"; + sendOnly = true; }; }; @@ -68,8 +79,8 @@ let vs = config.vault-secrets.secrets; in package = pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]); plugins = [ "archive" - "enigma" - "markasjunk" + # "enigma" + # "markasjunk" "persistent_login" ]; # this is the url of the vhost, not necessarily the same as the fqdn of diff --git a/nixos/hosts/olympus/outline/configuration.nix b/nixos/hosts/olympus/outline/configuration.nix index c705c2bc..45362404 100644 --- a/nixos/hosts/olympus/outline/configuration.nix +++ b/nixos/hosts/olympus/outline/configuration.nix @@ -51,5 +51,14 @@ let vs = config.vault-secrets.secrets; in authUrl = "https://id.0x76.dev/realms/master/protocol/openid-connect/auth"; clientSecretFile = "${vs.outline}/keycloakClientSecret"; }; + smtp = rec { + username = "outline@0x76.dev"; + fromEmail = username; + replyEmail = username; + secure = true; + port = 465; + host = "mail.0x76.dev"; + passwordFile = "${vs.outline}/mailPassword"; + }; }; } diff --git a/nixos/hosts/olympus/synapse/configuration.nix b/nixos/hosts/olympus/synapse/configuration.nix index bb7dbffc..0e812da2 100644 --- a/nixos/hosts/olympus/synapse/configuration.nix +++ b/nixos/hosts/olympus/synapse/configuration.nix @@ -41,58 +41,56 @@ in ''; }; - services.matrix-synapse = - let - extraConfig = builtins.toFile "extraConfig.yaml" '' - registration_requires_token: true - ''; - in - { - enable = true; - withJemalloc = true; + services.matrix-synapse = { + enable = true; + withJemalloc = true; - extraConfigFiles = [ - "${vs.synapse}/macaroon_secret_key" - "${vs.synapse}/registration_shared_secret" - "${vs.synapse}/form_secret" - "${vs.synapse}/turn_shared_secret" - extraConfig - ]; + extraConfigFiles = [ + "${vs.synapse}/macaroon_secret_key" + "${vs.synapse}/registration_shared_secret" + "${vs.synapse}/form_secret" + "${vs.synapse}/turn_shared_secret" + "${vs.synapse}/email_password" # Also contains the rest of the email config + ]; - settings = - { - server_name = "meowy.tech"; - enable_registration = true; - public_baseurl = "https://chat.meowy.tech"; - enable_metrics = true; - # max_upload_size = "100m"; - listeners = [ - { - inherit port; - bind_addresses = [ "0.0.0.0" ]; - type = "http"; - tls = false; - x_forwarded = true; - resources = [ - { - names = [ "client" "federation" ]; - compress = true; - } - ]; - } - { - port = metricsPort; - bind_addresses = [ "0.0.0.0" ]; - type = "metrics"; - tls = false; - resources = [ - { - names = [ "metrics" ]; - compress = false; - } - ]; - } - ]; + settings = + { + server_name = "meowy.tech"; + enable_registration = true; + public_baseurl = "https://chat.meowy.tech"; + enable_metrics = true; + max_upload_size = "100M"; + registration_requires_token = true; + media_retention = { + remote_media_lifetime = "90d"; }; - }; + listeners = [ + { + inherit port; + bind_addresses = [ "0.0.0.0" ]; + type = "http"; + tls = false; + x_forwarded = true; + resources = [ + { + names = [ "client" "federation" ]; + compress = true; + } + ]; + } + { + port = metricsPort; + bind_addresses = [ "0.0.0.0" ]; + type = "metrics"; + tls = false; + resources = [ + { + names = [ "metrics" ]; + compress = false; + } + ]; + } + ]; + }; + }; } diff --git a/nixos/hosts/thalassa/null/README.md b/nixos/hosts/thalassa/null/README.md index 446bf7b7..bd765da1 100644 --- a/nixos/hosts/thalassa/null/README.md +++ b/nixos/hosts/thalassa/null/README.md @@ -1,2 +1,10 @@ # null -This folder contains the NixOS configuration for my laptop, with hostname `null`. \ No newline at end of file +This folder contains the NixOS configuration for my laptop, with hostname `null`. + +## Information +* OS: NixOS +* WM: hyprland +* Terminal: foot +* Shell: zsh +* Theme: Captuccin Pink Dark +* Launcher: wofi diff --git a/terraform/.gitignore b/terraform/.gitignore deleted file mode 100644 index d9548c95..00000000 --- a/terraform/.gitignore +++ /dev/null @@ -1,33 +0,0 @@ -# Local .terraform directories -**/.terraform/* - -# .tfstate files -*.tfstate -*.tfstate.* - -# Crash log files -crash.log - -# Exclude all .tfvars files, which are likely to contain sentitive data, such as -# password, private keys, and other secrets. These should not be part of version -# control as they are data points which are potentially sensitive and subject -# to change depending on the environment. -# -*.tfvars - -# Ignore override files as they are usually used to override resources locally and so -# are not checked in -override.tf -override.tf.json -*_override.tf -*_override.tf.json - -# Include override files you do wish to add to version control using negated pattern -# -# !example_override.tf - -# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan -# example: *tfplan* - -# Ignore CLI configuration files -.terraformrc diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl deleted file mode 100644 index 5172ff14..00000000 --- a/terraform/.terraform.lock.hcl +++ /dev/null @@ -1,41 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/vault" { - version = "3.8.0" - constraints = "3.8.0" - hashes = [ - "h1:7fwbqW8EpFSgGmp23JCn01OSzjp/bJA5jCXqaAMpfIs=", - "h1:8lg4gIGn8DCwvJHAJEFfQNVzYOZO7f6y7o4hEvvGZXM=", - "h1:AdhWQXOClR+vhEw086YTTfqGh2KrBwqZQQETTugQ2hA=", - "h1:F+1vJ14D9nNx3sNrCbKxvpJZ+QnVmD1p/ITbYPlkRg4=", - "h1:PpBRbK394epLJrYBANF5AsmqN3OPsDxk15NGS1Q2LIs=", - "h1:T4UoPuJbAio9ZML6vpNV4bIe5Tp6f5UFGTRBtkEv/vM=", - "h1:WL4JpK+LTxmTaNNXKprpHrMMzENYyQTBLal0fHVweE4=", - "h1:eHd28140YcjNCU9HtdZ8M1Mdb17XroVUoI2UIyqo7hE=", - "h1:luFm8DTlv6WPReGc3LDMCwt6LfBuHXJL4AV2ET4gNJQ=", - "h1:vsEgjE+Rad+XqL1Xav3WJyw1+A4dxl30pWwX2+y4I9k=", - "h1:yUcSQPjRUtow4vSEjM3a7ZhxAXXuehBXMQE4X2BKk3w=", - ] -} - -provider "registry.terraform.io/telmate/proxmox" { - version = "2.9.10" - constraints = "2.9.10" - hashes = [ - "h1:/5Yci1cg4jZL2aya/cG8evNOgHwonYuuC6p1O07FhTc=", - "h1:/A5aHl/Ip3RkJ7abHIP33Hcf4kF2to3cA9PAp1f92Pk=", - "h1:/yUt/okb+f5dPxfaOUdvGikZhphX85kqGxzhPWHKQu0=", - "h1:87Zg9ZYrIh4Ed5KdsUPhGrXfeLQSZgU3OolWShQ2GXE=", - "h1:Al8lODr0F0ERJcwDNLTGzy0k8EidSZ5F/SYU9AfwtFU=", - "h1:VGqwHu3t75A4yup/Axvuh0X1mPTgh+TJn0ZGaObdne8=", - "h1:e1ncMGe7uwGibNXnt0h/M1SbIZGRiSHVFLzmrzQulYQ=", - "h1:mKgUaboSiulLR8RAHHr7w/VapyEKyQFzj8G+LjOjaLs=", - "h1:nd095azyjqcSPMfzFereNWKMBrBlnN12IYfOVt3eMR4=", - "h1:qkLV8lRnu69eYjBfaXeBRVCNqZnMdoLnsdxK3zEnacY=", - "h1:skq+tLPQ7FF2olylHwmYYxsj/lIoGrbiNjpOjYBlfQI=", - "h1:uOEAJ+AFin0XMlo0IcdKH5RVvTs1E8FCUPPnTWp+sbs=", - "h1:xZ731FmD4jCWlS2ralf1BX1pu/NKnM8u8zpBeFOhvnk=", - "h1:yPqHOIhTyxt8c1WVWB6Qv2TZfG2R5NCQdnLGKAQZox0=", - ] -} diff --git a/terraform/hosts.auto.tfvars.json b/terraform/hosts.auto.tfvars.json deleted file mode 100644 index 2ac54e16..00000000 --- a/terraform/hosts.auto.tfvars.json +++ /dev/null @@ -1,73 +0,0 @@ -{ - "hosts": { - "WoolooTV": { - "mac": "74:40:be:48:85:a4" - }, - "bastion": { - "mac": "82:F0:7C:CB:BD:6D" - }, - "consul": { - "mac": "D6:DE:07:41:73:81" - }, - "dhcp": { - "mac": "3E:2D:E8:AA:E2:81" - }, - "dns-1": { - "mac": "5E:F6:36:23:16:E3" - }, - "dns-2": { - "mac": "B6:04:0B:CD:0F:9F" - }, - "edgerouter": { - "mac": "B4:FB:E4:53:9C:0A" - }, - "eevee": { - "mac": "34:97:f6:93:9A:AA" - }, - "gitea": { - "mac": "DE:5F:B0:83:6F:34" - }, - "home-assistant": { - "mac": "9E:60:78:ED:81:B4" - }, - "k3s-node1": { - "mac": "2E:F8:55:23:D9:9B" - }, - "minecraft": { - "mac": "EA:30:73:E4:B6:69" - }, - "minio": { - "mac": "0A:06:5E:E7:9A:0C" - }, - "mosquitto": { - "mac": "C6:F9:8B:3D:9E:37" - }, - "nginx": { - "mac": "6A:C2:89:85:CF:A6" - }, - "nuc": { - "mac": "1C:69:7A:62:30:88" - }, - "plausible": { - "mac": "82:34:70:FA:44:6F" - }, - "unifi": { - "mac": "1A:88:A0:B0:65:B4" - }, - "unifi-ap": { - "mac": "b4:fb:e4:f3:ff:1b" - }, - "vault": { - "mac": "16:2B:87:55:0C:0C" - }, - "victoriametrics": { - "mac": "9E:91:61:35:84:1F" - }, - "wireguard": { - "mac": "1E:ED:97:2C:C3:9D" - }, - "zmeura": { - "mac": "b8:27:eb:d5:e0:f5" - } - } -} diff --git a/terraform/main.tf b/terraform/main.tf deleted file mode 100644 index 49f13aad..00000000 --- a/terraform/main.tf +++ /dev/null @@ -1,34 +0,0 @@ -terraform { - backend "s3" { - bucket = "terraform" - key = "terraform.tfstate" - region = "us-east-1" - endpoint = "http://minio:9000" - force_path_style = true - skip_requesting_account_id = true - skip_credentials_validation = true - skip_get_ec2_platforms = true - skip_metadata_api_check = true - skip_region_validation = true - } -} - -provider "proxmox" { - pm_api_url = "https://10.42.42.42:8006/api2/json" - pm_user = data.vault_generic_secret.proxmox_auth.data["user"] - pm_password = data.vault_generic_secret.proxmox_auth.data["pass"] - pm_tls_insecure = true -} - -provider "vault" { - address = "http://vault:8200" - skip_tls_verify = true -} - -# Proxmox authentication for terraform -data "vault_generic_secret" "proxmox_auth" { - path = "secrets/terraform/proxmox_credentials" -} - -# Imported from hosts.auto.tfvars.json -variable "hosts" { } diff --git a/terraform/proxmox_lxc.tf b/terraform/proxmox_lxc.tf deleted file mode 100644 index 6b165019..00000000 --- a/terraform/proxmox_lxc.tf +++ /dev/null @@ -1,277 +0,0 @@ -# For full info see: https://blog.xirion.net/posts/nixos-proxmox-lxc/ -resource "proxmox_lxc" "nixos-template" { - target_node = "nuc" - description = "NixOS LXC Template" - hostname = "nixos-template" - ostemplate = "local:vztmpl/nixos-unstable-default_156198829_amd64.tar.xz" - ostype = "unmanaged" - unprivileged = true - vmid = 101 - template = true - - memory = 1024 - - features { - nesting = true - } - - rootfs { - storage = "local-zfs" - size = "8G" - } - - network { - name = "eth0" - bridge = "vmbr0" - ip = "dhcp" - ip6 = "auto" - hwaddr = "22:D7:C1:FF:9D:5F" - } -} - -resource "proxmox_lxc" "nixos-template-2" { - target_node = "nuc" - description = "NixOS LXC Template" - hostname = "nixos-template" - ostype = "unmanaged" - unprivileged = true - vmid = 108 - template = true - cores = 1 - - memory = 512 - - rootfs { - storage = "local-zfs" - size = "8G" - } - - features { - nesting = true - } - - network { - name = "eth0" - bridge = "vmbr0" - ip = "dhcp" - ip6 = "auto" - hwaddr = "FA:71:3F:31:34:41" - } -} - -resource "proxmox_lxc" "vault" { - target_node = "nuc" - description = "Vault Secrets Management" - hostname = "vault" - unprivileged = false # needed for mlock - vmid = 102 - clone = "101" - onboot = true - - memory = 1024 - - rootfs { - storage = "local-zfs" - size = "8G" - } - - network { - name = "eth0" - bridge = "vmbr0" - ip = "dhcp" - ip6 = "auto" - hwaddr = var.hosts.vault.mac - } -} - -resource "proxmox_lxc" "mosquitto" { - target_node = "nuc" - description = "mosquitto mqtt broker" - hostname = "mosquitto" - vmid = 104 - clone = 101 - unprivileged = true - onboot = true - - memory = 1024 - - rootfs { - storage = "local-zfs" - size = "8G" - } - - network { - name = "eth0" - bridge = "vmbr0" - ip = "dhcp" - ip6 = "auto" - hwaddr = var.hosts.mosquitto.mac - } -} - -resource "proxmox_lxc" "nginx" { - target_node = "nuc" - hostname = "nginx" - vmid = 106 - clone = 101 - unprivileged = true - onboot = true - - memory = 512 - - rootfs { - storage = "local-zfs" - size = "8G" - } - - network { - name = "eth0" - bridge = "vmbr0" - ip = "dhcp" - ip6 = "auto" - hwaddr = var.hosts.nginx.mac - } -} - -resource "proxmox_lxc" "consul" { - target_node = "nuc" - description = "consul service mesh" - hostname = "consul" - vmid = 107 - unprivileged = true - onboot = true - - memory = 512 - - rootfs { - storage = "local-zfs" - size = "8G" - } - - network { - name = "eth0" - bridge = "vmbr0" - ip = "dhcp" - ip6 = "auto" - hwaddr = var.hosts.consul.mac - } -} - -resource "proxmox_lxc" "dns-1" { - target_node = "nuc" - hostname = "dns" - vmid = 109 - unprivileged = true - onboot = true - startup = "order=1" - cores = 1 - - memory = 512 - - rootfs { - storage = "local-zfs" - size = "8G" - } - - network { - name = "eth0" - bridge = "vmbr0" - ip = "dhcp" - ip6 = "auto" - hwaddr = var.hosts.dns-1.mac - } -} - -resource "proxmox_lxc" "dns-2" { - target_node = "nuc" - hostname = "dns" - vmid = 110 - unprivileged = true - onboot = true - startup = "order=1" - cores = 1 - - memory = 512 - - rootfs { - storage = "local-zfs" - size = "8G" - } - - network { - name = "eth0" - bridge = "vmbr0" - ip = "dhcp" - ip6 = "auto" - hwaddr = var.hosts.dns-2.mac - } -} - -resource "proxmox_lxc" "minio" { - target_node = "nuc" - hostname = "minio" - vmid = 111 - unprivileged = true - onboot = true - cores = 1 - - memory = 512 - - rootfs { - storage = "local-zfs" - size = "8G" - } - - network { - name = "eth0" - bridge = "vmbr0" - ip = "dhcp" - ip6 = "auto" - hwaddr = var.hosts.minio.mac - } -} - -resource "proxmox_lxc" "dhcp" { - target_node = "nuc" - hostname = "dhcp" - vmid = 112 - unprivileged = true - onboot = true - cores = 1 - - memory = 512 - - rootfs { - storage = "local-zfs" - size = "8G" - } - - network { - name = "eth0" - bridge = "vmbr0" - hwaddr = var.hosts.dhcp.mac - } -} - -# resource "proxmox_lxc" "victoriametrics" { -# target_node = "nuc" -# hostname = "victoriametrics" -# vmid = 113 -# clone = 108 -# unprivileged = true -# onboot = true -# cores = 1 - -# memory = 512 - -# rootfs { -# storage = "local-zfs" -# size = "25G" -# } - -# network { -# name = "eth0" -# bridge = "vmbr0" -# hwaddr = var.hosts.victoriametrics.mac -# } -# } diff --git a/terraform/proxmox_vm_qemu.tf b/terraform/proxmox_vm_qemu.tf deleted file mode 100644 index 3d505633..00000000 --- a/terraform/proxmox_vm_qemu.tf +++ /dev/null @@ -1,77 +0,0 @@ -resource "proxmox_vm_qemu" "bastion" { - name = "bastion" - vmid = 100 - target_node = "nuc" - onboot = true - tablet = false - full_clone = false - - memory = 4096 - cores = 4 - - agent = 1 - boot = "order=scsi0;ide2;net0" - - disk { - size = "64G" - storage = "local-zfs" - type = "scsi" - ssd = 1 - } - - network { - model = "virtio" - macaddr = var.hosts.bastion.mac - bridge = "vmbr0" - } -} - -resource "proxmox_vm_qemu" "k3s-node1" { - name = "k3s-node1" - target_node = "nuc" - vmid = 103 - clone = "bastion" - tablet = false - onboot = true - - memory = 8192 - cores = 4 - - agent = 1 - boot = "order=scsi0;ide2;net0" - - network { - model = "virtio" - macaddr = var.hosts.k3s-node1.mac - bridge = "vmbr0" - } - - disk { - type = "scsi" - storage = "local-zfs" - size = "64G" - ssd = 1 - } -} - -resource "proxmox_vm_qemu" "home-assistant" { - name = "home-assistant" - vmid = 105 - target_node = "nuc" - onboot = true - tablet = false - full_clone = false - bios = "ovmf" - - memory = 2048 - cores = 4 - - agent = 1 - boot = "order=sata0" - - network { - model = "virtio" - macaddr = var.hosts.home-assistant.mac - bridge = "vmbr0" - } -} diff --git a/terraform/versions.tf b/terraform/versions.tf deleted file mode 100644 index 0dc7eddc..00000000 --- a/terraform/versions.tf +++ /dev/null @@ -1,12 +0,0 @@ -terraform { - required_providers { - proxmox = { - source = "telmate/proxmox" - version = "2.9.10" - } - vault = { - source = "hashicorp/vault" - version = "3.8.0" - } - } -} diff --git a/util.nix b/util.nix index 78c9d659..ed5cbfcf 100644 --- a/util.nix +++ b/util.nix @@ -2,32 +2,43 @@ let inherit (nixpkgs) lib; inherit (builtins) filter mapAttrs attrValues concatLists; - import_cases = { - "lxc" = [ - "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" - ./nixos/common/generic-lxc.nix - ]; - "vm" = [ - ./nixos/common/generic-vm.nix - ]; - "local" = [ - home-manager.nixosModules.home-manager - hyprland.nixosModules.default - ]; - }; - resolve_imports = { hostname, realm, profile ? hostname, type ? "lxc", ... }: [ - mailserver.nixosModules.mailserver - ./nixos/common - "${./.}/nixos/hosts/${realm}/${profile}/configuration.nix" - ] ++ import_cases.${type}; + + # Helper function to resolve what should be imported depending on the type of config (lxc, vm, bare metal) + resolve_imports = + let + # lookup table + import_cases = { + "lxc" = [ + "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" + ./nixos/common/generic-lxc.nix + ]; + "vm" = [ + ./nixos/common/generic-vm.nix + ]; + "local" = [ + home-manager.nixosModules.home-manager + hyprland.nixosModules.default + ]; + }; + in + { hostname, realm, profile ? hostname, type ? "lxc", ... }: [ + mailserver.nixosModules.mailserver + ./nixos/common + "${./.}/nixos/hosts/${realm}/${profile}/configuration.nix" + ] ++ import_cases.${type}; in -rec { +{ + # Add to whatever realm a host belong to its list of tags add_realm_to_tags = realm: hosts: map ({ tags ? [ ], ... }@host: host // { tags = [ realm ] ++ tags; inherit realm; }) hosts; + # Flatten all hosts to a single list flatten_hosts = hosts: concatLists (attrValues hosts); + # Filter out all hosts which aren't nixos filter_nix_hosts = hosts: filter ({ nix ? true, ... }: nix) hosts; + # Helper function to build a colmena host definition mkColmenaHost = { ip ? null, hostname, tags, realm, type ? "lxc", ... }@host: let + # this makes local apply work a bit nicer name = if realm == "thalassa" then hostname else "${hostname}.${realm}"; in { -- 2.47.1 From eeb6a0cba02995720d4ac6eeb369fc8b9c02213c Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 26 Sep 2022 11:02:55 +0200 Subject: [PATCH 0454/1882] nixpkgs update --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index a9a72069..1359fff9 100644 --- a/flake.lock +++ b/flake.lock @@ -381,11 +381,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1663932797, - "narHash": "sha256-IH8ZBW99W2k7wKLS+Sat9HiKX1TPZjFTnsPizK5crok=", + "lastModified": 1664146938, + "narHash": "sha256-fIvsJ3qWiD6o3qH9iU66OsL8uG5C1FGXcuaNEctJv8M=", "owner": "nix-community", "repo": "home-manager", - "rev": "de3758e31a3a1bc79d569f5deb5dac39791bf9b6", + "rev": "9e7394523eb4f298528d457e316fc752bdf07151", "type": "github" }, "original": { @@ -511,11 +511,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1664070839, - "narHash": "sha256-7nBBrjhSLVtAo/skhqCR+5kfQyaRm7T2Ac2EVg17iLc=", + "lastModified": 1664157405, + "narHash": "sha256-URDNnWK8LFBOk+TMlPiAqDsmZDhHoOvRqRtpr/2U7HQ=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "c58fd256602b7bda6fecdced6b881a4731a1af1a", + "rev": "87610ecb5ae19fe7ade7439ac7fe635183609439", "type": "github" }, "original": { @@ -637,11 +637,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1664138822, - "narHash": "sha256-5iwjo+UlQrT984yS+fz4f/JmpSZzJQnj99e7FhRCunk=", + "lastModified": 1664182806, + "narHash": "sha256-zMvIqRTc46T3jUNIpxmog7iFu/6ZGUHFLOwX8jUDbzU=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "6c63bf7a0a683985316bf415676ceb4a3a4edac4", + "rev": "b1f73089dfb35abcc692355144142d01abfa4378", "type": "github" }, "original": { -- 2.47.1 From 5784dff94fb18883350d82e0b33b8e5fd414d68f Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 26 Sep 2022 13:52:32 +0200 Subject: [PATCH 0455/1882] switch network configuration --- flake.lock | 101 +++++++++++++++++--- flake.nix | 3 + nixos/common/default.nix | 1 + nixos/common/users/default.nix | 7 +- nixos/hosts/thalassa/null/configuration.nix | 23 ++++- nixos/hosts/thalassa/null/home/default.nix | 3 + 6 files changed, 117 insertions(+), 21 deletions(-) diff --git a/flake.lock b/flake.lock index 1359fff9..bf5f9c8b 100644 --- a/flake.lock +++ b/flake.lock @@ -64,6 +64,29 @@ "type": "github" } }, + "comma": { + "inputs": { + "flake-compat": "flake-compat_2", + "naersk": "naersk", + "nixpkgs": [ + "nixpkgs" + ], + "utils": "utils_2" + }, + "locked": { + "lastModified": 1663284638, + "narHash": "sha256-rXAX14yB8v9BOG4ZsdGEedpZAnNqhQ4DtjQwzFX/TLY=", + "owner": "nix-community", + "repo": "comma", + "rev": "c83ff3839983b3cb8deb407ff618ca12179de588", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "comma", + "type": "github" + } + }, "crane": { "flake": false, "locked": { @@ -82,9 +105,9 @@ }, "deploy-rs": { "inputs": { - "flake-compat": "flake-compat_2", + "flake-compat": "flake-compat_3", "nixpkgs": "nixpkgs_3", - "utils": "utils_5" + "utils": "utils_6" }, "locked": { "lastModified": 1648475189, @@ -207,6 +230,22 @@ } }, "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_3": { "flake": false, "locked": { "lastModified": 1648199409, @@ -222,7 +261,7 @@ "type": "github" } }, - "flake-compat_3": { + "flake-compat_4": { "flake": false, "locked": { "lastModified": 1627913399, @@ -237,7 +276,7 @@ "type": "indirect" } }, - "flake-compat_4": { + "flake-compat_5": { "flake": false, "locked": { "lastModified": 1627913399, @@ -378,7 +417,7 @@ "nixpkgs": [ "nixpkgs" ], - "utils": "utils_2" + "utils": "utils_3" }, "locked": { "lastModified": 1664146938, @@ -487,7 +526,7 @@ "nixpkgs" ], "nixpkgs-22_05": "nixpkgs-22_05", - "utils": "utils_3" + "utils": "utils_4" }, "locked": { "lastModified": 1658267644, @@ -508,7 +547,7 @@ "nixpkgs": [ "nixpkgs" ], - "utils": "utils_4" + "utils": "utils_5" }, "locked": { "lastModified": 1664157405, @@ -525,6 +564,28 @@ } }, "naersk": { + "inputs": { + "nixpkgs": [ + "comma", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1662220400, + "narHash": "sha256-9o2OGQqu4xyLZP9K6kNe1pTHnyPz0Wr3raGYnr9AIgY=", + "owner": "nix-community", + "repo": "naersk", + "rev": "6944160c19cb591eb85bbf9b2f2768a935623ed3", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "master", + "repo": "naersk", + "type": "github" + } + }, + "naersk_2": { "inputs": { "nixpkgs": [ "riff", @@ -759,7 +820,7 @@ "riff": { "inputs": { "fenix": "fenix", - "naersk": "naersk", + "naersk": "naersk_2", "nixpkgs": [ "nixpkgs" ] @@ -781,6 +842,7 @@ "root": { "inputs": { "colmena": "colmena", + "comma": "comma", "home-manager": "home-manager", "hyprland": "hyprland", "hyprpaper": "hyprpaper", @@ -830,7 +892,7 @@ "serokell-nix": { "inputs": { "deploy-rs": "deploy-rs", - "flake-compat": "flake-compat_3", + "flake-compat": "flake-compat_4", "flake-utils": "flake-utils_3", "gitignore-nix": "gitignore-nix", "nix": "nix", @@ -899,6 +961,21 @@ } }, "utils_3": { + "locked": { + "lastModified": 1659877975, + "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "utils_4": { "locked": { "lastModified": 1605370193, "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=", @@ -913,7 +990,7 @@ "type": "github" } }, - "utils_4": { + "utils_5": { "inputs": { "flake-utils": "flake-utils_2" }, @@ -931,7 +1008,7 @@ "type": "github" } }, - "utils_5": { + "utils_6": { "locked": { "lastModified": 1648297722, "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=", @@ -948,7 +1025,7 @@ }, "vault-secrets": { "inputs": { - "flake-compat": "flake-compat_4", + "flake-compat": "flake-compat_5", "flake-utils": "flake-utils_4", "nix": "nix_2", "nixpkgs": [ diff --git a/flake.nix b/flake.nix index ce1b0e39..9b2e5016 100644 --- a/flake.nix +++ b/flake.nix @@ -32,6 +32,9 @@ webcord.url = "github:fufexan/webcord-flake"; + comma.url = "github:nix-community/comma"; + comma.inputs.nixpkgs.follows = "nixpkgs"; + mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver"; mailserver.inputs.nixpkgs.follows = "nixpkgs"; }; diff --git a/nixos/common/default.nix b/nixos/common/default.nix index a0fa94fc..4f2d53ae 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -16,6 +16,7 @@ # Nix Settings nix = { + nixPath = [ "nixpkgs=${nixpkgs}" ]; package = pkgs.nixUnstable; registry.nixpkgs.flake = inputs.nixpkgs; settings = { diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index a79906b9..8bb57e7b 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -1,9 +1,4 @@ -# common/users/default.nix - -# Inputs to this NixOS module, in this case we are -# using `pkgs` so we can have some user specific packages and config -# to configure the root ssh key. -{ config, pkgs, lib, ... }: +{ config, pkgs, lib, inputs, ... }: { # Setup ZSH to use grml config diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index cf33328c..62127ec5 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -83,10 +83,27 @@ in services.gnome.gnome-keyring.enable = true; # Enable networking - networking.networkmanager = { + networking.networkmanager.enable = false; + networking.wireless = { enable = true; - # wifi.backend = "iwd"; - firewallBackend = "nftables"; + environmentFile = "/var/lib/secrets/wireless.env"; + userControlled.enable = true; + networks = { + eduroam = { + auth = '' + proto=RSN + key_mgmt=WPA-EAP + eap=PEAP + identity="vroest@tudelft.nl" + password=hash:@EDUROAM_PASSWORD_HASH@ + domain_suffix_match="radius.tudelft.nl" + anonymous_identity="anonymous@tudelft.nl" + phase1="peaplabel=0" + phase2="auth=MSCHAPV2" + ca_cert="/etc/ssl/certs/ca-bundle.crt" + ''; + }; + }; }; fileSystems."/".options = [ "compress=zstd" ]; diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index c7c9953f..4e370db6 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -26,6 +26,7 @@ gnome.gnome-font-viewer gnome.nautilus grim # Screenshot tool + inputs.comma.packages.${pkgs.system}.default inputs.riff.packages.${pkgs.system}.riff inputs.webcord.packages.${pkgs.system}.default k9s @@ -57,6 +58,8 @@ programs.foot = { enable = true; }; + + programs.nix-index.enable = true; programs.exa = { enable = true; -- 2.47.1 From eeaaefa9126d2ca034dbe125f9339b1fcbdc5ae7 Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 26 Sep 2022 14:04:46 +0200 Subject: [PATCH 0456/1882] forked hyprpaper to fix bug --- flake.lock | 10 +++++----- flake.nix | 2 +- nixos/common/default.nix | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index bf5f9c8b..f00beb70 100644 --- a/flake.lock +++ b/flake.lock @@ -459,15 +459,15 @@ ] }, "locked": { - "lastModified": 1661277513, - "narHash": "sha256-MnSImhrvAwpGXC85u8juDgTImcrztJ2DEo8nRBhTMfY=", - "owner": "hyprwm", + "lastModified": 1664193634, + "narHash": "sha256-/hbJQyopmqe+iMDwKtEzDTRkFwfxAtgWpDdpTXp8/EI=", + "owner": "NULLx76", "repo": "hyprpaper", - "rev": "0faf74054136bb4ffe7c13fefb18ab41dbf62959", + "rev": "ea6379b0a7405093f5b5159d4b47e7c077ec5e8e", "type": "github" }, "original": { - "owner": "hyprwm", + "owner": "NULLx76", "repo": "hyprpaper", "type": "github" } diff --git a/flake.nix b/flake.nix index 9b2e5016..85ae6728 100644 --- a/flake.nix +++ b/flake.nix @@ -24,7 +24,7 @@ home-manager.inputs.nixpkgs.follows = "nixpkgs"; hyprland.url = "github:hyprwm/Hyprland"; - hyprpaper.url = "github:hyprwm/hyprpaper"; + hyprpaper.url = "github:NULLx76/hyprpaper"; hyprpaper.inputs.nixpkgs.follows = "nixpkgs"; riff.url = "github:DeterminateSystems/riff"; diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 4f2d53ae..1b9c7637 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, inputs, ... }: +{ config, lib, pkgs, inputs, nixpkgs, ... }: { imports = [ -- 2.47.1 From 57ad1d09f7fe8e8c8174c689dabb379df3cdcfb3 Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 26 Sep 2022 14:08:44 +0200 Subject: [PATCH 0457/1882] minor change --- nixos/common/default.nix | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 1b9c7637..c0d6cc06 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, inputs, nixpkgs, ... }: +{ config, lib, pkgs, inputs, ... }: { imports = [ @@ -16,7 +16,7 @@ # Nix Settings nix = { - nixPath = [ "nixpkgs=${nixpkgs}" ]; + nixPath = [ "nixpkgs=${inputs.nixpkgs}" ]; package = pkgs.nixUnstable; registry.nixpkgs.flake = inputs.nixpkgs; settings = { @@ -40,7 +40,6 @@ "0x76-infra.cachix.org-1:dC1qp+VEN3jj5pdK4URlXR9hf3atT+MnpKGu6PZjMc8=" "webcord.cachix.org-1:l555jqOZGHd2C9+vS8ccdh8FhqnGe8L78QrHNn+EFEs=" ]; - # Also use zsh for root; }; optimise = { automatic = true; -- 2.47.1 From b0461e98a7b004984608c25a8805c5e477cf6686 Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 26 Sep 2022 17:17:27 +0200 Subject: [PATCH 0458/1882] laptop stuff --- nixos/common/services/flood.nix | 2 +- nixos/common/services/vmagent.nix | 8 ---- nixos/hosts/thalassa/null/configuration.nix | 43 +----------------- nixos/hosts/thalassa/null/home/default.nix | 5 +-- .../null/home/eww/scripts/do-not-disturb.sh | 2 +- .../thalassa/null/home/eww/scripts/volume.sh | 2 +- .../thalassa/null/home/eww/scripts/wifi.sh | 9 +--- .../null/home/eww/scripts/workspaces.sh | 6 ++- nixos/hosts/thalassa/null/home/hyprland.nix | 5 +++ nixos/hosts/thalassa/null/networking.nix | 45 +++++++++++++++++++ 10 files changed, 62 insertions(+), 65 deletions(-) create mode 100644 nixos/hosts/thalassa/null/networking.nix diff --git a/nixos/common/services/flood.nix b/nixos/common/services/flood.nix index cd698d83..9db05532 100644 --- a/nixos/common/services/flood.nix +++ b/nixos/common/services/flood.nix @@ -142,7 +142,7 @@ in { toString cfg.port } ${ if cfg.ssl then "--ssl" else "" - } --auth ${cfg.authMode} --rtsocket ${cfg.rpcSocket} --allowedpath ${cfg.downloadDir}"; + } --auth ${cfg.authMode} --rtsocket ${cfg.rpcSocket} --allowedpath ${cfg.downloadDir}"; }; }; diff --git a/nixos/common/services/vmagent.nix b/nixos/common/services/vmagent.nix index 31c2723e..559b7a13 100644 --- a/nixos/common/services/vmagent.nix +++ b/nixos/common/services/vmagent.nix @@ -53,14 +53,6 @@ in type = lib.types.submodule { freeformType = settingsFormat.type; }; - # example = '' - # global: - # scrape_interval: 5s - # scrape_configs: - # - job_name: 'apache' - # static_configs: - # - targets: ['apache-exporter:9117'] - # ''; description = '' Config for prometheus style metrics ''; diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 62127ec5..c53902ea 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -36,6 +36,7 @@ in [ # Include the results of the hardware scan. ./hardware-configuration.nix + ./networking.nix ]; # home-manager @@ -79,33 +80,8 @@ in boot.loader.efi.efiSysMountPoint = "/boot/efi"; boot.kernelPackages = pkgs.linuxPackages_latest; - # networking.wireless.iwd.enable = false; services.gnome.gnome-keyring.enable = true; - - # Enable networking - networking.networkmanager.enable = false; - networking.wireless = { - enable = true; - environmentFile = "/var/lib/secrets/wireless.env"; - userControlled.enable = true; - networks = { - eduroam = { - auth = '' - proto=RSN - key_mgmt=WPA-EAP - eap=PEAP - identity="vroest@tudelft.nl" - password=hash:@EDUROAM_PASSWORD_HASH@ - domain_suffix_match="radius.tudelft.nl" - anonymous_identity="anonymous@tudelft.nl" - phase1="peaplabel=0" - phase2="auth=MSCHAPV2" - ca_cert="/etc/ssl/certs/ca-bundle.crt" - ''; - }; - }; - }; - + fileSystems."/".options = [ "compress=zstd" ]; # Filesystem dedup services.beesd.filesystems = { @@ -231,21 +207,6 @@ in services.fstrim.enable = true; - # Allow reverse path for wireguard - networking.firewall = { - # if packets are still dropped, they will show up in dmesg - logReversePathDrops = true; - # wireguard trips rpfilter up - extraCommands = '' - ip46tables -t raw -I nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN - ip46tables -t raw -I nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN - ''; - extraStopCommands = '' - ip46tables -t raw -D nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN || true - ip46tables -t raw -D nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN || true - ''; - }; - nix.extraOptions = '' keep-outputs = true keep-derivations = true diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 4e370db6..3895c62e 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -75,7 +75,6 @@ programs.mako = { enable = true; - # makoctl mode -a do-not-disturb will hide all notifications, makoctl mode -r do-not-disturb will show them again. extraConfig = '' [mode=do-not-disturb] invisible=1 @@ -92,9 +91,6 @@ programs.firefox = { enable = true; package = pkgs.firefox-devedition-bin; - # profiles.dev-edition-default = { - # isDefault = true; - # }; }; programs.vscode = { @@ -104,6 +100,7 @@ catppuccin.catppuccin-vsc codezombiech.gitignore editorconfig.editorconfig + foxundermoon.shell-format james-yu.latex-workshop jnoortheen.nix-ide matklad.rust-analyzer diff --git a/nixos/hosts/thalassa/null/home/eww/scripts/do-not-disturb.sh b/nixos/hosts/thalassa/null/home/eww/scripts/do-not-disturb.sh index 4926c07d..fe35e03c 100755 --- a/nixos/hosts/thalassa/null/home/eww/scripts/do-not-disturb.sh +++ b/nixos/hosts/thalassa/null/home/eww/scripts/do-not-disturb.sh @@ -1,7 +1,7 @@ #!/usr/bin/env nix-shell #! nix-shell -p jq -i bash -if makoctl mode | grep -Fxq "do-not-disturb"; then +if makoctl mode | rg -q "do-not-disturb"; then eww update dnd="" makoctl mode -r do-not-disturb > /dev/null else diff --git a/nixos/hosts/thalassa/null/home/eww/scripts/volume.sh b/nixos/hosts/thalassa/null/home/eww/scripts/volume.sh index 1f94e319..f2746614 100755 --- a/nixos/hosts/thalassa/null/home/eww/scripts/volume.sh +++ b/nixos/hosts/thalassa/null/home/eww/scripts/volume.sh @@ -2,7 +2,7 @@ per="$(pamixer --get-volume)" -if pamixer --get-mute | grep -q true; then +if pamixer --get-mute | rg -q true; then icon="婢" elif [ "$per" -gt 66 ]; then icon="墳" # high diff --git a/nixos/hosts/thalassa/null/home/eww/scripts/wifi.sh b/nixos/hosts/thalassa/null/home/eww/scripts/wifi.sh index fa2e5370..e3601ad0 100755 --- a/nixos/hosts/thalassa/null/home/eww/scripts/wifi.sh +++ b/nixos/hosts/thalassa/null/home/eww/scripts/wifi.sh @@ -1,13 +1,8 @@ #!/bin/sh -if nmcli g | rg -q "\bconnected\b"; then +if wpa_cli status | rg -q "wpa_state=COMPLETED"; then icon="直" - ssid=$(nmcli -t -f name connection show --active | sed -z 's/\n/,/g;s/,$/\n/') - if echo $ssid | rg -q "Wired"; then - status="Connected via cable" - else - status="Connected to ${ssid}" - fi + status="Connected" else icon="睊" status="offline" diff --git a/nixos/hosts/thalassa/null/home/eww/scripts/workspaces.sh b/nixos/hosts/thalassa/null/home/eww/scripts/workspaces.sh index c8eedd49..23cc9225 100755 --- a/nixos/hosts/thalassa/null/home/eww/scripts/workspaces.sh +++ b/nixos/hosts/thalassa/null/home/eww/scripts/workspaces.sh @@ -1,8 +1,10 @@ #!/bin/sh workspaces() { -./scripts/workspaces.lua + ./scripts/workspaces.lua } + workspaces + tail -f /tmp/hypr/$HYPRLAND_INSTANCE_SIGNATURE/hyprland.log | grep --line-buffered "Changed to workspace" | while read -r; do -workspaces + workspaces done diff --git a/nixos/hosts/thalassa/null/home/hyprland.nix b/nixos/hosts/thalassa/null/home/hyprland.nix index da7d4683..9e4aecab 100644 --- a/nixos/hosts/thalassa/null/home/hyprland.nix +++ b/nixos/hosts/thalassa/null/home/hyprland.nix @@ -68,6 +68,9 @@ bind=SUPER,S,togglefloating, bind=SUPER,P,pseudo, + bindm=SUPER,mouse:272,movewindow + bindm=SUPER,mouse:273,resizewindow + bind=SUPER,left,movefocus,l bind=SUPER,right,movefocus,r bind=SUPER,up,movefocus,u @@ -114,6 +117,8 @@ bind=SUPER,g,togglegroup bind=SUPER,tab,changegroupactive + bind=SUPER,m,fullscreen,1 + bind=SUPERSHIFT,m,fullscreen,0 bind=,XF86MonBrightnessUp,exec,brightnessctl -q s +5% bind=,XF86MonBrightnessDown,exec,brightnessctl -q s 5%- diff --git a/nixos/hosts/thalassa/null/networking.nix b/nixos/hosts/thalassa/null/networking.nix new file mode 100644 index 00000000..1bab92ad --- /dev/null +++ b/nixos/hosts/thalassa/null/networking.nix @@ -0,0 +1,45 @@ +{ ... }@a: +{ + networking = { + networkmanager.enable = false; + wireless = { + enable = true; + environmentFile = "/var/lib/secrets/wireless.env"; + userControlled.enable = true; + networks = { + eduroam = { + auth = '' + proto=RSN + key_mgmt=WPA-EAP + eap=PEAP + identity="vroest@tudelft.nl" + password=hash:@EDUROAM_PASSWORD_HASH@ + domain_suffix_match="radius.tudelft.nl" + anonymous_identity="anonymous@tudelft.nl" + phase1="peaplabel=0" + phase2="auth=MSCHAPV2" + ca_cert="/etc/ssl/certs/ca-bundle.crt" + ''; + }; + "Pikachu 5G" = { + psk = "@PIKACHU_PASSWORD@"; + }; + }; + }; + + # Allow reverse path for wireguard + # firewall = { + # # if packets are still dropped, they will show up in dmesg + # logReversePathDrops = true; + # # wireguard trips rpfilter up + # extraCommands = '' + # ip46tables -t raw -I nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN + # ip46tables -t raw -I nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN + # ''; + # extraStopCommands = '' + # ip46tables -t raw -D nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN || true + # ip46tables -t raw -D nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN || true + # ''; + # }; + }; +} -- 2.47.1 From e3771d84c4811d79ac37b3158eaf887be462b790 Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 26 Sep 2022 23:51:00 +0200 Subject: [PATCH 0459/1882] fixed wireguard on laptop, some todos left --- nixos/hosts/thalassa/null/networking.nix | 52 +++++++++++++++++------- 1 file changed, 38 insertions(+), 14 deletions(-) diff --git a/nixos/hosts/thalassa/null/networking.nix b/nixos/hosts/thalassa/null/networking.nix index 1bab92ad..7a584a76 100644 --- a/nixos/hosts/thalassa/null/networking.nix +++ b/nixos/hosts/thalassa/null/networking.nix @@ -27,19 +27,43 @@ }; }; - # Allow reverse path for wireguard - # firewall = { - # # if packets are still dropped, they will show up in dmesg - # logReversePathDrops = true; - # # wireguard trips rpfilter up - # extraCommands = '' - # ip46tables -t raw -I nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN - # ip46tables -t raw -I nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN - # ''; - # extraStopCommands = '' - # ip46tables -t raw -D nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN || true - # ip46tables -t raw -D nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN || true - # ''; - # }; + # TODO: Set up DNS on my laptop to prevent slow networking when servers are down + nameservers = [ + "10.42.42.15" + "10.42.42.16" + "192.168.0.1" + "1.1.1.1" + ]; + + firewall.allowedUDPPorts = [ 51820 ]; + + # Maybe switch to wg-quick + wireguard.interfaces.wg0 = { + ips = [ "10.100.0.4/24" ]; + listenPort = 51820; + privateKeyFile = "/var/lib/secrets/wg_key"; + + peers = [ + { + # Delft + publicKey = "kDIO3BJSYlDwRXc2zt9tR1LqKJzIPrulaRmdiYkg+m0="; + allowedIPs = [ "10.100.0.1" "10.42.42.0/23" ]; + endpoint = "0x76.dev:51820"; + persistentKeepalive = 25; + } + { + # Aerdenhout + publicKey = "KgqLhmUMX6kyTjRoa/GOCrZOvXNE5HWYuOr/T3v8/VI="; + allowedIPs = [ + "10.100.0.5" + "192.168.0.0/24" # to avoid being less specific than a LAN + "192.168.1.0/24" + "10.10.10.0/24" + ]; + endpoint = "xirion.net:51820"; + persistentKeepalive = 25; + } + ]; + }; }; } -- 2.47.1 From 8e0a0ffe714489708a6d2bb801b85bd5e1e1ff2e Mon Sep 17 00:00:00 2001 From: victor Date: Tue, 27 Sep 2022 14:05:24 +0200 Subject: [PATCH 0460/1882] dns module --- nixos/common/default.nix | 2 +- nixos/common/modules/default.nix | 8 ++ nixos/common/modules/dns.nix | 95 +++++++++++++++++++ nixos/common/{services => modules}/flood.nix | 0 .../{services => modules}/unpackerr.nix | 0 .../common/{services => modules}/vmagent.nix | 0 nixos/common/services/default.nix | 1 - .../hosts/olympus/wireguard/configuration.nix | 1 + nixos/hosts/thalassa/null/networking.nix | 18 ++-- 9 files changed, 115 insertions(+), 10 deletions(-) create mode 100644 nixos/common/modules/default.nix create mode 100644 nixos/common/modules/dns.nix rename nixos/common/{services => modules}/flood.nix (100%) rename nixos/common/{services => modules}/unpackerr.nix (100%) rename nixos/common/{services => modules}/vmagent.nix (100%) delete mode 100644 nixos/common/services/default.nix diff --git a/nixos/common/default.nix b/nixos/common/default.nix index c0d6cc06..ac227dd8 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -5,7 +5,7 @@ inputs.vault-secrets.nixosModules.vault-secrets # User account definitions ./users - ./services + ./modules ]; # Clean /tmp on boot. diff --git a/nixos/common/modules/default.nix b/nixos/common/modules/default.nix new file mode 100644 index 00000000..386191be --- /dev/null +++ b/nixos/common/modules/default.nix @@ -0,0 +1,8 @@ +{ ... }: { + imports = [ + ./dns.nix + ./flood.nix + ./unpackerr.nix + ./vmagent.nix + ]; +} diff --git a/nixos/common/modules/dns.nix b/nixos/common/modules/dns.nix new file mode 100644 index 00000000..f5bd52c6 --- /dev/null +++ b/nixos/common/modules/dns.nix @@ -0,0 +1,95 @@ +{ config, pkgs, lib, hosts, flat_hosts, ... }: +# DNS Module to set up Unbound DNS with all my hosts in the config +# Used for DNS Servers and my laptop +with lib; +let + inherit (builtins) filter hasAttr attrNames; + domains = attrNames hosts; + ipv4Host = filter (hasAttr "ip") flat_hosts; + ipv6Hosts = filter (hasAttr "ip6") flat_hosts; + + localData = { hostname, realm, ip, ... }: ''"${hostname}.${realm}. A ${ip}"''; + local6Data = { hostname, realm, ip6, ... }: ''"${hostname}.${realm}. AAAA ${ip6}"''; + ptrData = { hostname, realm, ip, ... }: ''"${ip} ${hostname}.${realm}"''; + ptr6Data = { hostname, realm, ip6, ... }: ''"${ip6} ${hostname}.${realm}"''; + + cfg = config.services.v.dns; +in +{ + options.services.v.dns = { + enable = mkEnableOption "v.dns"; + + openFirewall = mkOption { + type = types.bool; + default = false; + description = '' + Whether to open port 53 in the firwall for unbound dns + ''; + }; + + mode = mkOption { + type = types.strMatching "^(server|laptop)$"; + default = "laptop"; + description = '' + Whether to configure the DNS in server mode (listen on all interfaces) or laptop mode (just on localhost) + ''; + }; + }; + + config = mkIf cfg.enable { + networking.firewall = mkIf (cfg.openFirewall) { + allowedTCPPorts = [ 53 ]; + allowedUDPPorts = [ 53 ]; + }; + services.unbound = { + enable = true; + package = pkgs.v.unbound; + settings = { + server = mkMerge [ + { + use-syslog = "yes"; + module-config = ''"validator iterator"''; + + local-zone = map (localdomain: ''"${localdomain}}." transparent'') domains; + local-data = (map localData ipv4Host) ++ (map local6Data ipv6Hosts); + local-data-ptr = (map ptrData ipv4Host) ++ (map ptr6Data ipv6Hosts); + + private-address = [ + "127.0.0.0/8" + "10.0.0.0/8" + "::ffff:a00:0/104" + "172.16.0.0/12" + "::ffff:ac10:0/108" + "169.254.0.0/16" + "::ffff:a9fe:0/112" + "192.168.0.0/16" + "::ffff:c0a8:0/112" + "fd00::/8" + "fe80::/10" + ]; + } + (mkIf (cfg.mode == "server") { + interface-automatic = "yes"; + interface = [ "0.0.0.0" "::0" ]; + access-control = [ + "127.0.0.1/32 allow_snoop" + "::1 allow_snoop" + "10.42.0.0/16 allow" + "127.0.0.0/8 allow" + "192.168.0.0/23 allow" + "192.168.2.0/24 allow" + "::1/128 allow" + ]; + }) + (mkIf (cfg.mode == "laptop") { + interface = [ "127.0.0.1" "::1" ]; + access-control = [ + "127.0.0.1/32 allow_snoop" + "::1 allow_snoop" + ]; + }) + ]; + }; + }; + }; +} diff --git a/nixos/common/services/flood.nix b/nixos/common/modules/flood.nix similarity index 100% rename from nixos/common/services/flood.nix rename to nixos/common/modules/flood.nix diff --git a/nixos/common/services/unpackerr.nix b/nixos/common/modules/unpackerr.nix similarity index 100% rename from nixos/common/services/unpackerr.nix rename to nixos/common/modules/unpackerr.nix diff --git a/nixos/common/services/vmagent.nix b/nixos/common/modules/vmagent.nix similarity index 100% rename from nixos/common/services/vmagent.nix rename to nixos/common/modules/vmagent.nix diff --git a/nixos/common/services/default.nix b/nixos/common/services/default.nix deleted file mode 100644 index 192c8355..00000000 --- a/nixos/common/services/default.nix +++ /dev/null @@ -1 +0,0 @@ -{ config, lib, pkgs, ... }: { imports = [ ./flood.nix ./unpackerr.nix ./vmagent.nix ]; } diff --git a/nixos/hosts/olympus/wireguard/configuration.nix b/nixos/hosts/olympus/wireguard/configuration.nix index 355ad5e4..9666067e 100644 --- a/nixos/hosts/olympus/wireguard/configuration.nix +++ b/nixos/hosts/olympus/wireguard/configuration.nix @@ -73,6 +73,7 @@ let vs = config.vault-secrets.secrets; in publicKey = "KgqLhmUMX6kyTjRoa/GOCrZOvXNE5HWYuOr/T3v8/VI="; allowedIPs = [ "10.100.0.5/32" "192.168.0.0/23" "10.10.10.0/24" ]; endpoint = "80.60.83.220:51820"; + persistentKeepalive = 25; } ]; }; diff --git a/nixos/hosts/thalassa/null/networking.nix b/nixos/hosts/thalassa/null/networking.nix index 7a584a76..a5d15243 100644 --- a/nixos/hosts/thalassa/null/networking.nix +++ b/nixos/hosts/thalassa/null/networking.nix @@ -1,7 +1,12 @@ -{ ... }@a: +{ ... }: { + services.v.dns = { + enable = true; + openFirewall = false; + mode = "laptop"; + }; networking = { - networkmanager.enable = false; + useDHCP = true; wireless = { enable = true; environmentFile = "/var/lib/secrets/wireless.env"; @@ -29,10 +34,7 @@ # TODO: Set up DNS on my laptop to prevent slow networking when servers are down nameservers = [ - "10.42.42.15" - "10.42.42.16" - "192.168.0.1" - "1.1.1.1" + "127.0.0.1" ]; firewall.allowedUDPPorts = [ 51820 ]; @@ -48,7 +50,7 @@ # Delft publicKey = "kDIO3BJSYlDwRXc2zt9tR1LqKJzIPrulaRmdiYkg+m0="; allowedIPs = [ "10.100.0.1" "10.42.42.0/23" ]; - endpoint = "0x76.dev:51820"; + endpoint = "195.85.167.34:51820"; persistentKeepalive = 25; } { @@ -60,7 +62,7 @@ "192.168.1.0/24" "10.10.10.0/24" ]; - endpoint = "xirion.net:51820"; + endpoint = "80.60.83.220:51820"; persistentKeepalive = 25; } ]; -- 2.47.1 From 0227d2c10c301bd47bbc6785ab8993d1e058e36c Mon Sep 17 00:00:00 2001 From: victor Date: Tue, 27 Sep 2022 14:25:09 +0200 Subject: [PATCH 0461/1882] simplify dns --- nixos/hosts/olympus/dns/configuration.nix | 54 +++-------------------- nixos/hosts/thalassa/null/networking.nix | 1 - 2 files changed, 5 insertions(+), 50 deletions(-) diff --git a/nixos/hosts/olympus/dns/configuration.nix b/nixos/hosts/olympus/dns/configuration.nix index c794d89b..675fc0f7 100644 --- a/nixos/hosts/olympus/dns/configuration.nix +++ b/nixos/hosts/olympus/dns/configuration.nix @@ -1,15 +1,5 @@ -{ config, pkgs, hosts, flat_hosts, ... }: -let - inherit (builtins) filter hasAttr attrNames; - domains = attrNames hosts; - ipv4Host = filter (hasAttr "ip") flat_hosts; - ipv6Hosts = filter (hasAttr "ip6") flat_hosts; - - localData = { hostname, realm, ip, ... }: ''"${hostname}.${realm}. A ${ip}"''; - local6Data = { hostname, realm, ip6, ... }: ''"${hostname}.${realm}. AAAA ${ip6}"''; - ptrData = { hostname, realm, ip, ... }: ''"${ip} ${hostname}.${realm}"''; - ptr6Data = { hostname, realm, ip6, ... }: ''"${ip6} ${hostname}.${realm}"''; -in { +{ config, pkgs, ... }: +{ imports = [ ]; # This value determines the NixOS release from which the default @@ -26,43 +16,9 @@ in { networking.firewall.allowedTCPPorts = [ 53 ]; networking.firewall.allowedUDPPorts = [ 53 ]; - services.unbound = { + services.v.dns = { enable = true; - package = pkgs.v.unbound; - settings = { - server = { - use-syslog = "yes"; - module-config = ''"validator iterator"''; - interface-automatic = "yes"; - interface = [ "0.0.0.0" "::0" ]; - - local-zone = map (localdomain: ''"${localdomain}}." transparent'') domains; - local-data = (map localData ipv4Host) ++ (map local6Data ipv6Hosts); - local-data-ptr = (map ptrData ipv4Host) ++ (map ptr6Data ipv6Hosts); - - access-control = [ - "127.0.0.1/32 allow_snoop" - "::1 allow_snoop" - "10.42.0.0/16 allow" - "127.0.0.0/8 allow" - "192.168.0.0/23 allow" - "192.168.2.0/24 allow" - "::1/128 allow" - ]; - private-address = [ - "127.0.0.0/8" - "10.0.0.0/8" - "::ffff:a00:0/104" - "172.16.0.0/12" - "::ffff:ac10:0/108" - "169.254.0.0/16" - "::ffff:a9fe:0/112" - "192.168.0.0/16" - "::ffff:c0a8:0/112" - "fd00::/8" - "fe80::/10" - ]; - }; - }; + openFirewall = true; + mode = "server"; }; } diff --git a/nixos/hosts/thalassa/null/networking.nix b/nixos/hosts/thalassa/null/networking.nix index a5d15243..a0c452b0 100644 --- a/nixos/hosts/thalassa/null/networking.nix +++ b/nixos/hosts/thalassa/null/networking.nix @@ -32,7 +32,6 @@ }; }; - # TODO: Set up DNS on my laptop to prevent slow networking when servers are down nameservers = [ "127.0.0.1" ]; -- 2.47.1 From e8a3ceb5bc3d0d2b49fc70efb91db93766ce133d Mon Sep 17 00:00:00 2001 From: victor Date: Tue, 27 Sep 2022 17:36:46 +0200 Subject: [PATCH 0462/1882] cleanup --- nixos/hosts/thalassa/null/home/default.nix | 34 +++++++++++++++++++-- nixos/hosts/thalassa/null/home/hyprland.nix | 6 ++-- nixos/hosts/thalassa/null/networking.nix | 3 +- 3 files changed, 36 insertions(+), 7 deletions(-) diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 3895c62e..449556a3 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -33,7 +33,6 @@ kubectl libnotify neofetch - networkmanagerapplet nixpkgs-review plex-media-player plexamp @@ -55,10 +54,39 @@ wofi # Wayland rofi ]; + xdg.mimeApps = { + enable = true; + defaultApplications = + let + browser = [ "firefox.desktop" ]; + in + { + "image/*" = "org.gnome.eog.desktop"; + "text/html" = browser; + "x-scheme-handler/http" = browser; + "x-scheme-handler/https" = browser; + "x-scheme-handler/ftp" = browser; + "x-scheme-handler/about" = browser; + "x-scheme-handler/unknown" = browser; + "application/x-extension-htm" = browser; + "application/x-extension-html" = browser; + "application/x-extension-shtml" = browser; + "application/xhtml+xml" = browser; + "application/x-extension-xhtml" = browser; + "application/x-extension-xht" = browser; + + "application/json" = browser; + "application/pdf" = browser; + + "x-scheme-handler/vscode" = "code-url-handler.desktop"; + "x-scheme-handler/discord" = "webcord.desktop"; + }; + }; + programs.foot = { enable = true; }; - + programs.nix-index.enable = true; programs.exa = { @@ -72,7 +100,7 @@ userName = "Victor"; userEmail = "victor@xirion.net"; }; - + programs.mako = { enable = true; extraConfig = '' diff --git a/nixos/hosts/thalassa/null/home/hyprland.nix b/nixos/hosts/thalassa/null/home/hyprland.nix index 9e4aecab..65d657c5 100644 --- a/nixos/hosts/thalassa/null/home/hyprland.nix +++ b/nixos/hosts/thalassa/null/home/hyprland.nix @@ -28,9 +28,9 @@ monitor=eDP-1,addreserved,0,0,48,0 monitor=,preferred,auto,1 - windowrulev2 = workspace 1,class:^(Electron)$,title:^(.*)(WebCord)(.*)$ - windowrulev2 = workspace 1,title:^(Element)(.*)$ - windowrulev2 = workspace 2,class:^(firefox-aurora)$ + windowrulev2 = workspace 1 silent,class:^(Electron)$,title:^(.*)(WebCord)(.*)$ + windowrulev2 = workspace 1 silent,title:^(Element)(.*)$ + windowrulev2 = workspace 2 silent,class:^(firefox-aurora)$ general { layout = dwindle diff --git a/nixos/hosts/thalassa/null/networking.nix b/nixos/hosts/thalassa/null/networking.nix index a0c452b0..c82e873e 100644 --- a/nixos/hosts/thalassa/null/networking.nix +++ b/nixos/hosts/thalassa/null/networking.nix @@ -33,7 +33,8 @@ }; nameservers = [ - "127.0.0.1" + "127.0.0.1" # Use locally deployed unbound + "::1" ]; firewall.allowedUDPPorts = [ 51820 ]; -- 2.47.1 From 9dbaf2c3c4de6a4bda1fbe3510e02b886dc7f3a4 Mon Sep 17 00:00:00 2001 From: victor Date: Tue, 27 Sep 2022 19:45:27 +0200 Subject: [PATCH 0463/1882] update flake lock --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index f00beb70..9599a1ba 100644 --- a/flake.lock +++ b/flake.lock @@ -420,11 +420,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1664146938, - "narHash": "sha256-fIvsJ3qWiD6o3qH9iU66OsL8uG5C1FGXcuaNEctJv8M=", + "lastModified": 1664273942, + "narHash": "sha256-PFQR1UJQs7a7eaH5YoCZky5dmxR5cjaKRK+MpPbR7YE=", "owner": "nix-community", "repo": "home-manager", - "rev": "9e7394523eb4f298528d457e316fc752bdf07151", + "rev": "1f5ef2bb419a327fae28a83b50fab50959132c24", "type": "github" }, "original": { @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1664130744, - "narHash": "sha256-zM+4pgzsYKS0EuQ3i0Epaq6Gb9xLo4wzxK/WZAw+lpM=", + "lastModified": 1664221796, + "narHash": "sha256-a9urkQl4xDAFw9khIpBw2DgqE0dZdHS3ft/X5qnTju4=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "f70b57f360f8117ecca67d6d7f75c1f87b098794", + "rev": "7a775c0584db95af25bae1c07952c99c6c1bfe6e", "type": "github" }, "original": { @@ -550,11 +550,11 @@ "utils": "utils_5" }, "locked": { - "lastModified": 1664157405, - "narHash": "sha256-URDNnWK8LFBOk+TMlPiAqDsmZDhHoOvRqRtpr/2U7HQ=", + "lastModified": 1664243684, + "narHash": "sha256-n1rNou0jFpAyuObl2w+kRK11xDXWFwZgNztOvGLOh2Q=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "87610ecb5ae19fe7ade7439ac7fe635183609439", + "rev": "489b7f7e7b4281a41f5f4407960e93d2d80fffc5", "type": "github" }, "original": { @@ -698,11 +698,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1664182806, - "narHash": "sha256-zMvIqRTc46T3jUNIpxmog7iFu/6ZGUHFLOwX8jUDbzU=", + "lastModified": 1664292984, + "narHash": "sha256-1XO4acnMXSXyq2R8tzWTH74bZPWtKjAu+hAHOPxaU8k=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "b1f73089dfb35abcc692355144142d01abfa4378", + "rev": "e50c95c983718b250df260fe8e855b6e05d0fba2", "type": "github" }, "original": { -- 2.47.1 From 2f100687a74bf647067ea3e4ba26d1a71f3a72ae Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 28 Sep 2022 12:20:54 +0200 Subject: [PATCH 0464/1882] flake update --- flake.lock | 18 +++++++++--------- nixos/hosts/thalassa/null/configuration.nix | 1 + nixos/hosts/thalassa/null/home/default.nix | 16 ++++++++++++++-- nixos/hosts/thalassa/null/networking.nix | 1 + 4 files changed, 25 insertions(+), 11 deletions(-) diff --git a/flake.lock b/flake.lock index 9599a1ba..4627a4e2 100644 --- a/flake.lock +++ b/flake.lock @@ -420,11 +420,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1664273942, - "narHash": "sha256-PFQR1UJQs7a7eaH5YoCZky5dmxR5cjaKRK+MpPbR7YE=", + "lastModified": 1664286632, + "narHash": "sha256-fKENvLanhmBENlIbmDAVB8SKSbwdLLBYKu6B7oJ0rLc=", "owner": "nix-community", "repo": "home-manager", - "rev": "1f5ef2bb419a327fae28a83b50fab50959132c24", + "rev": "6dc8a43f397c92afbc3f771385ac803d96d5eeb5", "type": "github" }, "original": { @@ -550,11 +550,11 @@ "utils": "utils_5" }, "locked": { - "lastModified": 1664243684, - "narHash": "sha256-n1rNou0jFpAyuObl2w+kRK11xDXWFwZgNztOvGLOh2Q=", + "lastModified": 1664330076, + "narHash": "sha256-pBEkfVmPVwBAluYEn5BbCb40PkKlqAb/DBF4fdPLitw=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "489b7f7e7b4281a41f5f4407960e93d2d80fffc5", + "rev": "89e7d9e1f5aadad0634b62d55d826d8278dd2bb8", "type": "github" }, "original": { @@ -698,11 +698,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1664292984, - "narHash": "sha256-1XO4acnMXSXyq2R8tzWTH74bZPWtKjAu+hAHOPxaU8k=", + "lastModified": 1664359465, + "narHash": "sha256-Bx1bjo3d77UqoheOeLbbBOyPvuNLedEkgTx3nDO2QJE=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "e50c95c983718b250df260fe8e855b6e05d0fba2", + "rev": "43377d2818041a0e40ac769b3d8897c2c74ba816", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index c53902ea..2f0d4466 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -74,6 +74,7 @@ in }; # Bootloader. + # boot.initrd.systemd.enable = true; # Experimental boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.configurationLimit = 6; boot.loader.efi.canTouchEfiVariables = true; diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 449556a3..57985707 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -42,7 +42,6 @@ ripgrep rnix-lsp rsync - rust-analyzer rustup saleae-logic-2 solo2-cli @@ -120,10 +119,23 @@ enable = true; package = pkgs.firefox-devedition-bin; }; - + programs.vscode = { enable = true; package = pkgs.vscode; + userSettings = { + "ltex.language" = "en-GB"; + "workbench.colorTheme" = "Catppuccin Frappé"; + "editor.fontFamily" = "'DejaVuSansMono Nerd Font', 'monospace', monospace"; + "keyboard.dispatch" = "keyCode"; + "rust-analyzer.server.path" = "${pkgs.rust-analyzer}/bin/rust-analyzer"; + "terminal.integrated.defaultProfile.linux" = "zsh"; + "nix.enableLanguageServer" = true; # Enable LSP. + "nix.serverPath" = "${pkgs.nil}/bin/nil"; # The path to the LSP server executable. + "[nix]" = { + "editor.defaultFormatter" = "jnoortheen.nix-ide"; + }; + }; extensions = with pkgs.vscode-extensions; [ catppuccin.catppuccin-vsc codezombiech.gitignore diff --git a/nixos/hosts/thalassa/null/networking.nix b/nixos/hosts/thalassa/null/networking.nix index c82e873e..944d801a 100644 --- a/nixos/hosts/thalassa/null/networking.nix +++ b/nixos/hosts/thalassa/null/networking.nix @@ -7,6 +7,7 @@ }; networking = { useDHCP = true; + dhcpcd.wait = "background"; wireless = { enable = true; environmentFile = "/var/lib/secrets/wireless.env"; -- 2.47.1 From 0898f15d512369da4dfa33ddc041f678f499f465 Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 28 Sep 2022 14:43:39 +0200 Subject: [PATCH 0465/1882] add dnd-5e-latex-template --- nixos/hosts/thalassa/null/configuration.nix | 36 ++++--- nixos/hosts/thalassa/null/home/default.nix | 107 +++++++++---------- nixos/pkgs/catppuccin/cursors/default.nix | 4 +- nixos/pkgs/default.nix | 8 +- nixos/pkgs/dnd-5e-latex-template/default.nix | 28 +++++ nixos/pkgs/gitea-agatheme/default.nix | 2 +- 6 files changed, 105 insertions(+), 80 deletions(-) create mode 100644 nixos/pkgs/dnd-5e-latex-template/default.nix diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 2f0d4466..9faf63fa 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -75,11 +75,14 @@ in # Bootloader. # boot.initrd.systemd.enable = true; # Experimental - boot.loader.systemd-boot.enable = true; - boot.loader.systemd-boot.configurationLimit = 6; - boot.loader.efi.canTouchEfiVariables = true; - boot.loader.efi.efiSysMountPoint = "/boot/efi"; - boot.kernelPackages = pkgs.linuxPackages_latest; + boot = { + kernelPackages = pkgs.linuxPackages_latest; + loader.systemd-boot.editor = false; + loader.systemd-boot.enable = true; + loader.systemd-boot.configurationLimit = 6; + loader.efi.canTouchEfiVariables = true; + loader.efi.efiSysMountPoint = "/boot/efi"; + }; services.gnome.gnome-keyring.enable = true; @@ -115,11 +118,9 @@ in "en_DK.UTF-8/UTF-8" ]; - xdg = { - portal = { + xdg.portal = { enable = true; wlr.enable = true; - }; }; services.dbus.enable = true; @@ -143,12 +144,10 @@ in videoDrivers = [ "nvidia" ]; }; - hardware.nvidia = { - prime = { - offload.enable = true; - intelBusId = "PCI:0:2:0"; - nvidiaBusId = "PCI:1:0:0"; - }; + hardware.nvidia.prime = { + offload.enable = true; + intelBusId = "PCI:0:2:0"; + nvidiaBusId = "PCI:1:0:0"; }; hardware.opengl = { @@ -224,12 +223,17 @@ in programs.ssh.startAgent = true; + # don't shutdown when power button is short-pressed services.logind.extraConfig = '' - # don’t shutdown when power button is short-pressed HandlePowerKey=suspend ''; - services.udev.packages = [ pkgs.qmk-udev-rules ]; + services.udev.packages = with pkgs; [ + android-udev-rules + logitech-udev-rules + qmk-udev-rules + wooting-udev-rules + ]; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 57985707..a0397c04 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -1,5 +1,10 @@ -{ config, pkgs, lib, inputs, ... }: -{ +{ config, pkgs, lib, inputs, texlive, ... }: +let + tex = (pkgs.texlive.combine { + inherit (pkgs.texlive) scheme-full; + dnd-5e-latex-template = { pkgs = [ pkgs.v.dnd-5e-latex-template ]; }; + }); +in { programs.home-manager.enable = true; home.username = "victor"; home.homeDirectory = "/home/victor"; @@ -40,13 +45,13 @@ python3 retroarchFull ripgrep - rnix-lsp rsync rustup saleae-logic-2 solo2-cli steam-run - texlive.combined.scheme-full + tex + # texlive.combined.scheme-full thunderbird-wayland wf-recorder # Screenrecorder wl-clipboard # Clipboard manager @@ -55,36 +60,31 @@ xdg.mimeApps = { enable = true; - defaultApplications = - let - browser = [ "firefox.desktop" ]; - in - { - "image/*" = "org.gnome.eog.desktop"; - "text/html" = browser; - "x-scheme-handler/http" = browser; - "x-scheme-handler/https" = browser; - "x-scheme-handler/ftp" = browser; - "x-scheme-handler/about" = browser; - "x-scheme-handler/unknown" = browser; - "application/x-extension-htm" = browser; - "application/x-extension-html" = browser; - "application/x-extension-shtml" = browser; - "application/xhtml+xml" = browser; - "application/x-extension-xhtml" = browser; - "application/x-extension-xht" = browser; + defaultApplications = let browser = [ "firefox.desktop" ]; + in { + "image/*" = "org.gnome.eog.desktop"; + "text/html" = browser; + "x-scheme-handler/http" = browser; + "x-scheme-handler/https" = browser; + "x-scheme-handler/ftp" = browser; + "x-scheme-handler/about" = browser; + "x-scheme-handler/unknown" = browser; + "application/x-extension-htm" = browser; + "application/x-extension-html" = browser; + "application/x-extension-shtml" = browser; + "application/xhtml+xml" = browser; + "application/x-extension-xhtml" = browser; + "application/x-extension-xht" = browser; - "application/json" = browser; - "application/pdf" = browser; + "application/json" = browser; + "application/pdf" = browser; - "x-scheme-handler/vscode" = "code-url-handler.desktop"; - "x-scheme-handler/discord" = "webcord.desktop"; - }; + "x-scheme-handler/vscode" = "code-url-handler.desktop"; + "x-scheme-handler/discord" = "webcord.desktop"; + }; }; - programs.foot = { - enable = true; - }; + programs.foot = { enable = true; }; programs.nix-index.enable = true; @@ -119,25 +119,26 @@ enable = true; package = pkgs.firefox-devedition-bin; }; - + programs.vscode = { enable = true; package = pkgs.vscode; userSettings = { "ltex.language" = "en-GB"; "workbench.colorTheme" = "Catppuccin Frappé"; - "editor.fontFamily" = "'DejaVuSansMono Nerd Font', 'monospace', monospace"; + "editor.fontFamily" = + "'DejaVuSansMono Nerd Font', 'monospace', monospace"; "keyboard.dispatch" = "keyCode"; "rust-analyzer.server.path" = "${pkgs.rust-analyzer}/bin/rust-analyzer"; "terminal.integrated.defaultProfile.linux" = "zsh"; "nix.enableLanguageServer" = true; # Enable LSP. - "nix.serverPath" = "${pkgs.nil}/bin/nil"; # The path to the LSP server executable. - "[nix]" = { - "editor.defaultFormatter" = "jnoortheen.nix-ide"; - }; + "nix.serverPath" = + "${pkgs.nil}/bin/nil"; # The path to the LSP server executable. + "[nix]" = { "editor.defaultFormatter" = "brettm12345.nixfmt-vscode"; }; }; extensions = with pkgs.vscode-extensions; [ catppuccin.catppuccin-vsc + brettm12345.nixfmt-vscode codezombiech.gitignore editorconfig.editorconfig foxundermoon.shell-format @@ -156,31 +157,27 @@ programs.direnv = { enable = true; - nix-direnv = { - enable = true; - }; + nix-direnv = { enable = true; }; }; programs.zsh = { enable = true; - sessionVariables = { - DIRENV_LOG_FORMAT = ""; - }; + sessionVariables = { DIRENV_LOG_FORMAT = ""; }; }; - xdg.userDirs = let home = config.home.homeDirectory; in - { - enable = true; - createDirectories = true; - desktop = "${home}/.desktop"; - documents = "${home}/cloud/Documents"; - download = "${home}/dl"; - music = "${home}/cloud/Music"; - pictures = "${home}/cloud/Pictures"; - publicShare = "${home}/.publicShare"; - templates = "${home}/.templates"; - videos = "${home}/cloud/Videos"; - }; + xdg.userDirs = let home = config.home.homeDirectory; + in { + enable = true; + createDirectories = true; + desktop = "${home}/.desktop"; + documents = "${home}/cloud/Documents"; + download = "${home}/dl"; + music = "${home}/cloud/Music"; + pictures = "${home}/cloud/Pictures"; + publicShare = "${home}/.publicShare"; + templates = "${home}/.templates"; + videos = "${home}/cloud/Videos"; + }; services.syncthing.enable = true; } diff --git a/nixos/pkgs/catppuccin/cursors/default.nix b/nixos/pkgs/catppuccin/cursors/default.nix index fb301e32..9115558e 100644 --- a/nixos/pkgs/catppuccin/cursors/default.nix +++ b/nixos/pkgs/catppuccin/cursors/default.nix @@ -1,6 +1,6 @@ -{ stdenv, lib, fetchFromGitHub, xorg, inkscape }: +{ stdenvNoCC, lib, fetchFromGitHub, xorg, inkscape }: -stdenv.mkDerivation rec { +stdenvNoCC.mkDerivation { pname = "catppuccin-cursors"; version = "0.2.0"; diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index a8066a4f..acc9d28f 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -1,10 +1,4 @@ final: prev: { - # hedgedoc = prev.hedgedoc.overrideAttrs (old: { - # # see https://github.com/NixOS/nixpkgs/issues/176127#issuecomment-1146782555 - # preBuild = '' - # export HOME=$TMPDIR - # ''; - # }); catppuccin.cursors = prev.callPackage ./catppuccin/cursors { }; vmagent = prev.callPackage ./vmagent { }; @@ -19,6 +13,8 @@ final: prev: { withTFO = true; }; + dnd-5e-latex-template = prev.callPackage ./dnd-5e-latex-template { }; + gitea-agatheme = prev.callPackage ./gitea-agatheme { }; }; } diff --git a/nixos/pkgs/dnd-5e-latex-template/default.nix b/nixos/pkgs/dnd-5e-latex-template/default.nix new file mode 100644 index 00000000..de795c6e --- /dev/null +++ b/nixos/pkgs/dnd-5e-latex-template/default.nix @@ -0,0 +1,28 @@ +{ lib, stdenvNoCC, fetchFromGitHub }: stdenvNoCC.mkDerivation rec { + pname = "dnd-5e-latex-template"; + version = "0.8.0"; + tlType = "run"; + + src = fetchFromGitHub { + owner = "rpgtex"; + repo = "DND-5e-LaTeX-Template"; + rev = "d611f61d2d0f54e621641cffe87b49ca216ccf1a"; + sha256 = "sha256-jSYC0iduKGoUaYI1jrH0cakC45AMug9UodERqsvwVxw="; + }; + + phases = [ "installPhase" ]; + + installPhase = '' + runHook preInstall + + path="$out/tex/latex/${pname}" + mkdir -p "$path" + cp -r $src/* $path + + runHook postInstall + ''; + + meta = { + description = "DnD 5e latex template"; + }; +} diff --git a/nixos/pkgs/gitea-agatheme/default.nix b/nixos/pkgs/gitea-agatheme/default.nix index e3ee02bd..23bdcdc3 100644 --- a/nixos/pkgs/gitea-agatheme/default.nix +++ b/nixos/pkgs/gitea-agatheme/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl }: stdenv.mkDerivation rec { +{ lib, stdenvNoCC, fetchurl }: stdenvNoCC.mkDerivation { pname = "gitea-agatheme"; version = "1.1"; -- 2.47.1 From 5c1e159d933637f76101b153517d36b56569dd02 Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 28 Sep 2022 16:58:29 +0200 Subject: [PATCH 0466/1882] added extra vault instance --- nixos/hosts/olympus/default.nix | 7 +++ .../{vault => vault-0}/configuration.nix | 0 .../olympus/{vault => vault-0}/migrate.hcl | 0 nixos/hosts/olympus/vault-1/configuration.nix | 45 +++++++++++++++++++ nixos/hosts/thalassa/null/home/default.nix | 7 ++- nixos/pkgs/default.nix | 1 + .../default.nix | 28 ++++++++++++ 7 files changed, 87 insertions(+), 1 deletion(-) rename nixos/hosts/olympus/{vault => vault-0}/configuration.nix (100%) rename nixos/hosts/olympus/{vault => vault-0}/migrate.hcl (100%) create mode 100644 nixos/hosts/olympus/vault-1/configuration.nix create mode 100644 nixos/pkgs/dnd-5e-latex-character-sheet-template/default.nix diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 636647af..a2d0f550 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -29,6 +29,7 @@ hostname = "vault"; ip = "10.42.42.6"; mac = "16:2B:87:55:0C:0C"; + profile = "vault-0"; } { hostname = "mosquitto"; @@ -149,6 +150,12 @@ ip = "10.42.42.29"; mac = "A6:09:1D:A8:81:28"; } + { + hostname = "vault-1"; + ip = "10.42.42.30"; + mac = "26:69:0E:7C:B3:79"; + profile = "vault-1"; + } { hostname = "nuc"; ip = "10.42.42.42"; diff --git a/nixos/hosts/olympus/vault/configuration.nix b/nixos/hosts/olympus/vault-0/configuration.nix similarity index 100% rename from nixos/hosts/olympus/vault/configuration.nix rename to nixos/hosts/olympus/vault-0/configuration.nix diff --git a/nixos/hosts/olympus/vault/migrate.hcl b/nixos/hosts/olympus/vault-0/migrate.hcl similarity index 100% rename from nixos/hosts/olympus/vault/migrate.hcl rename to nixos/hosts/olympus/vault-0/migrate.hcl diff --git a/nixos/hosts/olympus/vault-1/configuration.nix b/nixos/hosts/olympus/vault-1/configuration.nix new file mode 100644 index 00000000..94629a7d --- /dev/null +++ b/nixos/hosts/olympus/vault-1/configuration.nix @@ -0,0 +1,45 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, hosts, ... }: +let + port = 8200; + clusterPort = 8201; +in { + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.05"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + # Vault + networking.firewall.allowedTCPPorts = [ port clusterPort ]; + + services.vault = { + enable = false; + # bin version includes the UI + package = pkgs.vault-bin; + address = "0.0.0.0:${toString port}"; + storageBackend = "raft"; + storagePath = "/var/lib/vault-raft"; + storageConfig = '' + node_id = "olympus-2" + + retry_join { + leader_api_addr = "http://10.42.42.6:${toString port}" + } + ''; + extraConfig = '' + ui = true + disable_mlock = true + api_addr = "http://10.42.42.30:${toString port}" + cluster_addr = "http://10.42.42.30:${toString clusterPort}" + ''; + }; +} diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index a0397c04..9c97d496 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -2,7 +2,12 @@ let tex = (pkgs.texlive.combine { inherit (pkgs.texlive) scheme-full; - dnd-5e-latex-template = { pkgs = [ pkgs.v.dnd-5e-latex-template ]; }; + dnd-5e-latex-template = { + pkgs = [ + pkgs.v.dnd-5e-latex-template + pkgs.v.dnd-5e-latex-character-sheet-template + ]; + }; }); in { programs.home-manager.enable = true; diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index acc9d28f..fc3a1727 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -14,6 +14,7 @@ final: prev: { }; dnd-5e-latex-template = prev.callPackage ./dnd-5e-latex-template { }; + dnd-5e-latex-character-sheet-template = prev.callPackage ./dnd-5e-latex-character-sheet-template { }; gitea-agatheme = prev.callPackage ./gitea-agatheme { }; }; diff --git a/nixos/pkgs/dnd-5e-latex-character-sheet-template/default.nix b/nixos/pkgs/dnd-5e-latex-character-sheet-template/default.nix new file mode 100644 index 00000000..6b824877 --- /dev/null +++ b/nixos/pkgs/dnd-5e-latex-character-sheet-template/default.nix @@ -0,0 +1,28 @@ +{ lib, stdenvNoCC, fetchFromGitHub }: stdenvNoCC.mkDerivation rec { + pname = "dnd-5e-latex-character-sheet-template"; + version = "0.1.0"; + tlType = "run"; + + src = fetchFromGitHub { + owner = "matsavage"; + repo = "DND-5e-LaTeX-Character-Sheet-Template"; + rev = "d9ab382c7c9da4680a99355cb99510a318f159e3"; + sha256 = lib.fakeSha256; + }; + + phases = [ "installPhase" ]; + + installPhase = '' + runHook preInstall + + path="$out/tex/latex/${pname}" + mkdir -p "$path" + cp -r $src/* $path + + runHook postInstall + ''; + + meta = { + description = "DnD 5e latex character template"; + }; +} -- 2.47.1 From 7d1e47de12fc0c2543451cbbf8568f8e956193dd Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 28 Sep 2022 18:13:15 +0200 Subject: [PATCH 0467/1882] enabled second vault node --- nixos/hosts/olympus/vault-1/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/olympus/vault-1/configuration.nix b/nixos/hosts/olympus/vault-1/configuration.nix index 94629a7d..5bcf47f2 100644 --- a/nixos/hosts/olympus/vault-1/configuration.nix +++ b/nixos/hosts/olympus/vault-1/configuration.nix @@ -22,7 +22,7 @@ in { networking.firewall.allowedTCPPorts = [ port clusterPort ]; services.vault = { - enable = false; + enable = true; # bin version includes the UI package = pkgs.vault-bin; address = "0.0.0.0:${toString port}"; -- 2.47.1 From 9ea4ce0ce3b8d5c582e8fce581f5b077a79fdd43 Mon Sep 17 00:00:00 2001 From: victor Date: Thu, 29 Sep 2022 10:31:51 +0200 Subject: [PATCH 0468/1882] prep vault-0.hades --- nixos/hosts/hades/default.nix | 5 ++ nixos/hosts/hades/vault-0/configuration.nix | 49 +++++++++++++++++++ nixos/hosts/olympus/vault-0/configuration.nix | 4 ++ nixos/hosts/thalassa/null/home/default.nix | 7 +-- nixos/pkgs/default.nix | 1 - .../default.nix | 28 ----------- 6 files changed, 59 insertions(+), 35 deletions(-) create mode 100644 nixos/hosts/hades/vault-0/configuration.nix delete mode 100644 nixos/pkgs/dnd-5e-latex-character-sheet-template/default.nix diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 0c65eff4..a7502357 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -29,6 +29,11 @@ mac = "00:0c:29:a1:4e:28"; nix = false; } + { + hostname = "vault-0"; + ip = "192.168.0.103"; + mac = "7A:14:15:ED:D1:E6"; + } { hostname = "MariaDB"; ip = "192.168.0.109"; diff --git a/nixos/hosts/hades/vault-0/configuration.nix b/nixos/hosts/hades/vault-0/configuration.nix new file mode 100644 index 00000000..f338fa5d --- /dev/null +++ b/nixos/hosts/hades/vault-0/configuration.nix @@ -0,0 +1,49 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, hosts, ... }: +let + port = 8200; + clusterPort = 8201; +in { + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.05"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + # Vault + networking.firewall.allowedTCPPorts = [ port clusterPort ]; + + services.vault = { + enable = true; + # bin version includes the UI + package = pkgs.vault-bin; + address = "0.0.0.0:${toString port}"; + storageBackend = "raft"; + storagePath = "/var/lib/vault-raft"; + storageConfig = '' + node_id = "hades-1" + + retry_join { + leader_api_addr = "http://10.42.42.30:${toString port}" + } + + retry_join { + leader_api_addr = "http://10.42.42.6:${toString port}" + } + ''; + extraConfig = '' + ui = true + disable_mlock = true + api_addr = "http://192.168.0.103:${toString port}" + cluster_addr = "http://192.168.0.103:${toString clusterPort}" + ''; + }; +} diff --git a/nixos/hosts/olympus/vault-0/configuration.nix b/nixos/hosts/olympus/vault-0/configuration.nix index 61218642..612f519c 100644 --- a/nixos/hosts/olympus/vault-0/configuration.nix +++ b/nixos/hosts/olympus/vault-0/configuration.nix @@ -30,6 +30,10 @@ in { storagePath = "/var/lib/vault-raft"; storageConfig = '' node_id = "olympus-1" + + retry_join { + leader_api_addr = "http://10.42.42.30:${toString port}" + } ''; extraConfig = '' ui = true diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 9c97d496..a0397c04 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -2,12 +2,7 @@ let tex = (pkgs.texlive.combine { inherit (pkgs.texlive) scheme-full; - dnd-5e-latex-template = { - pkgs = [ - pkgs.v.dnd-5e-latex-template - pkgs.v.dnd-5e-latex-character-sheet-template - ]; - }; + dnd-5e-latex-template = { pkgs = [ pkgs.v.dnd-5e-latex-template ]; }; }); in { programs.home-manager.enable = true; diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index fc3a1727..acc9d28f 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -14,7 +14,6 @@ final: prev: { }; dnd-5e-latex-template = prev.callPackage ./dnd-5e-latex-template { }; - dnd-5e-latex-character-sheet-template = prev.callPackage ./dnd-5e-latex-character-sheet-template { }; gitea-agatheme = prev.callPackage ./gitea-agatheme { }; }; diff --git a/nixos/pkgs/dnd-5e-latex-character-sheet-template/default.nix b/nixos/pkgs/dnd-5e-latex-character-sheet-template/default.nix deleted file mode 100644 index 6b824877..00000000 --- a/nixos/pkgs/dnd-5e-latex-character-sheet-template/default.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ lib, stdenvNoCC, fetchFromGitHub }: stdenvNoCC.mkDerivation rec { - pname = "dnd-5e-latex-character-sheet-template"; - version = "0.1.0"; - tlType = "run"; - - src = fetchFromGitHub { - owner = "matsavage"; - repo = "DND-5e-LaTeX-Character-Sheet-Template"; - rev = "d9ab382c7c9da4680a99355cb99510a318f159e3"; - sha256 = lib.fakeSha256; - }; - - phases = [ "installPhase" ]; - - installPhase = '' - runHook preInstall - - path="$out/tex/latex/${pname}" - mkdir -p "$path" - cp -r $src/* $path - - runHook postInstall - ''; - - meta = { - description = "DnD 5e latex character template"; - }; -} -- 2.47.1 From 583dfd549a7a29e7f7e368d7c6bc0f90e413771b Mon Sep 17 00:00:00 2001 From: victor Date: Thu, 29 Sep 2022 11:15:53 +0200 Subject: [PATCH 0469/1882] flake update --- flake.lock | 24 ++++++++++----------- nixos/hosts/hades/vault-0/configuration.nix | 3 --- 2 files changed, 12 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 4627a4e2..7bf2304a 100644 --- a/flake.lock +++ b/flake.lock @@ -51,11 +51,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1663742427, - "narHash": "sha256-1gcXLVbZRVbRfNo6bHemNxdnEBgs6W0QPw675/uso3w=", + "lastModified": 1664434988, + "narHash": "sha256-C+xK3ZEfw502nwm1KLWcXKiiKy7UKsf0oD78tOwQvbk=", "owner": "zhaofengli", "repo": "colmena", - "rev": "a8e6b999cfec9fadc2ca81994da44182e73be7eb", + "rev": "241b61dcc0dda46f16515abe905322bab42520d7", "type": "github" }, "original": { @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1664221796, - "narHash": "sha256-a9urkQl4xDAFw9khIpBw2DgqE0dZdHS3ft/X5qnTju4=", + "lastModified": 1664389693, + "narHash": "sha256-M8eCiod9GvH4WkgC/EEPwu7XVMt2upFwn4y2ycoBEYg=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "7a775c0584db95af25bae1c07952c99c6c1bfe6e", + "rev": "31cb4c49d9f977d4cb0876cf1124bf9e86a60669", "type": "github" }, "original": { @@ -550,11 +550,11 @@ "utils": "utils_5" }, "locked": { - "lastModified": 1664330076, - "narHash": "sha256-pBEkfVmPVwBAluYEn5BbCb40PkKlqAb/DBF4fdPLitw=", + "lastModified": 1664416713, + "narHash": "sha256-EBlFsuwJKak5l9UpSXKgTiUL30kjuKeWMNsJZOGbhA8=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "89e7d9e1f5aadad0634b62d55d826d8278dd2bb8", + "rev": "520d55ed44be7806138216e9ebe84bfcf641e999", "type": "github" }, "original": { @@ -826,11 +826,11 @@ ] }, "locked": { - "lastModified": 1663690158, - "narHash": "sha256-VGZZ5IalluqoqieO0bJ4UzqzWwvTvjnoOy6/ytyDVjE=", + "lastModified": 1664388710, + "narHash": "sha256-SbaZu/HVBVelLGYFPdZ2IteHS6rBaa8as/iEIvEmNz4=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "427806e44bee9930df6b32d91ac6b559c40d4b57", + "rev": "c47ff5c960f11c372a5b6d96182a88ee22dc30dd", "type": "github" }, "original": { diff --git a/nixos/hosts/hades/vault-0/configuration.nix b/nixos/hosts/hades/vault-0/configuration.nix index f338fa5d..e197981b 100644 --- a/nixos/hosts/hades/vault-0/configuration.nix +++ b/nixos/hosts/hades/vault-0/configuration.nix @@ -15,9 +15,6 @@ in { # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "21.05"; # Did you read the comment? - # Additional packages - environment.systemPackages = with pkgs; [ ]; - # Vault networking.firewall.allowedTCPPorts = [ port clusterPort ]; -- 2.47.1 From c805f4fb69437d7499d0747edd9e3d788fd9cffe Mon Sep 17 00:00:00 2001 From: victor Date: Thu, 29 Sep 2022 18:56:03 +0200 Subject: [PATCH 0470/1882] modularized vault config --- flake.nix | 2 +- nixos/common/modules/default.nix | 1 + nixos/common/modules/vault.nix | 75 +++++++++++++++++++ nixos/hosts/hades/default.nix | 1 + nixos/hosts/hades/vault-0/configuration.nix | 34 +-------- nixos/hosts/olympus/default.nix | 2 + nixos/hosts/olympus/vault-0/configuration.nix | 30 ++------ nixos/hosts/olympus/vault-1/configuration.nix | 26 +------ nixos/hosts/thalassa/null/configuration.nix | 53 ++++++------- 9 files changed, 120 insertions(+), 104 deletions(-) create mode 100644 nixos/common/modules/vault.nix diff --git a/flake.nix b/flake.nix index 85ae6728..703560f9 100644 --- a/flake.nix +++ b/flake.nix @@ -53,7 +53,7 @@ } @ inputs: let inherit (nixpkgs) lib; - inherit (builtins) filter mapAttrs attrValues concatLists; + inherit (builtins) mapAttrs; util = import ./util.nix inputs; diff --git a/nixos/common/modules/default.nix b/nixos/common/modules/default.nix index 386191be..9b31e013 100644 --- a/nixos/common/modules/default.nix +++ b/nixos/common/modules/default.nix @@ -4,5 +4,6 @@ ./flood.nix ./unpackerr.nix ./vmagent.nix + ./vault.nix ]; } diff --git a/nixos/common/modules/vault.nix b/nixos/common/modules/vault.nix new file mode 100644 index 00000000..65a87e63 --- /dev/null +++ b/nixos/common/modules/vault.nix @@ -0,0 +1,75 @@ +{ config, pkgs, lib, flat_hosts, ... }: +with lib; +let + cfg = config.services.v.vault; + hostIP = config.deployment.targetHost; + + vault_hosts = + filter ({ tags ? [ ], ip ? "", ... }: (elem "vault" tags) && (ip != hostIP)) + flat_hosts; + cluster_config = concatStrings (map ({ ip, ... }: '' + retry_join { + leader_api_addr = "http://${ip}:${toString cfg.port}" + } + '') vault_hosts); +in { + options.services.v.vault = { + enable = mkEnableOption "v.vault"; + + node_id = mkOption { + type = types.str; + description = '' + The cluster node id of this node + ''; + }; + + openFirewall = mkOption { + type = types.bool; + default = false; + description = '' + Whether to open port port and clusterPort in the firewall for vault + ''; + }; + + port = mkOption { + type = types.int; + default = 8200; + description = '' + The port vault listens on + **note:** this has to be the same for all nodes in a cluster + ''; + }; + + clusterPort = mkOption { + type = types.int; + default = 8201; + description = '' + The cluster port vault listens on + **note:** this has to be the same for all nodes in a cluster + ''; + }; + }; + + config = mkIf cfg.enable { + networking.firewall.allowedTCPPorts = + mkIf cfg.openFirewall [ cfg.port cfg.clusterPort ]; + + services.vault = { + enable = true; + # bin version includes the UI + package = pkgs.vault-bin; + address = "0.0.0.0:${toString cfg.port}"; + storageBackend = "raft"; + storagePath = "/var/lib/vault-raft"; + storageConfig = '' + node_id = "${cfg.node_id}" + '' + cluster_config; + extraConfig = '' + ui = true + disable_mlock = true + api_addr = "http://${hostIP}:${toString cfg.port}" + cluster_addr = "http://${hostIP}:${toString cfg.clusterPort}" + ''; + }; + }; +} diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index a7502357..73dd9ae6 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -33,6 +33,7 @@ hostname = "vault-0"; ip = "192.168.0.103"; mac = "7A:14:15:ED:D1:E6"; + tags = [ "vault" ]; } { hostname = "MariaDB"; diff --git a/nixos/hosts/hades/vault-0/configuration.nix b/nixos/hosts/hades/vault-0/configuration.nix index e197981b..58bdcc95 100644 --- a/nixos/hosts/hades/vault-0/configuration.nix +++ b/nixos/hosts/hades/vault-0/configuration.nix @@ -2,11 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, hosts, ... }: -let - port = 8200; - clusterPort = 8201; -in { +{ config, pkgs, hosts, ... }: { # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave @@ -16,31 +12,9 @@ in { system.stateVersion = "21.05"; # Did you read the comment? # Vault - networking.firewall.allowedTCPPorts = [ port clusterPort ]; - - services.vault = { + services.v.vault = { enable = true; - # bin version includes the UI - package = pkgs.vault-bin; - address = "0.0.0.0:${toString port}"; - storageBackend = "raft"; - storagePath = "/var/lib/vault-raft"; - storageConfig = '' - node_id = "hades-1" - - retry_join { - leader_api_addr = "http://10.42.42.30:${toString port}" - } - - retry_join { - leader_api_addr = "http://10.42.42.6:${toString port}" - } - ''; - extraConfig = '' - ui = true - disable_mlock = true - api_addr = "http://192.168.0.103:${toString port}" - cluster_addr = "http://192.168.0.103:${toString clusterPort}" - ''; + openFirewall = true; + node_id = "hades-1"; }; } diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index a2d0f550..a40399a0 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -30,6 +30,7 @@ ip = "10.42.42.6"; mac = "16:2B:87:55:0C:0C"; profile = "vault-0"; + tags = [ "vault" ]; } { hostname = "mosquitto"; @@ -155,6 +156,7 @@ ip = "10.42.42.30"; mac = "26:69:0E:7C:B3:79"; profile = "vault-1"; + tags = [ "vault" ]; } { hostname = "nuc"; diff --git a/nixos/hosts/olympus/vault-0/configuration.nix b/nixos/hosts/olympus/vault-0/configuration.nix index 612f519c..0e508de2 100644 --- a/nixos/hosts/olympus/vault-0/configuration.nix +++ b/nixos/hosts/olympus/vault-0/configuration.nix @@ -3,9 +3,10 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, hosts, ... }: -let +let port = 8200; clusterPort = 8201; + ip = config.deployment.targetHost; in { # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions @@ -15,31 +16,10 @@ in { # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "21.05"; # Did you read the comment? - # Additional packages - environment.systemPackages = with pkgs; [ ]; - # Vault - networking.firewall.allowedTCPPorts = [ port clusterPort ]; - - services.vault = { + services.v.vault = { enable = true; - # bin version includes the UI - package = pkgs.vault-bin; - address = "0.0.0.0:${toString port}"; - storageBackend = "raft"; - storagePath = "/var/lib/vault-raft"; - storageConfig = '' - node_id = "olympus-1" - - retry_join { - leader_api_addr = "http://10.42.42.30:${toString port}" - } - ''; - extraConfig = '' - ui = true - disable_mlock = true - api_addr = "http://10.42.42.6:${toString port}" - cluster_addr = "http://10.42.42.6:${toString clusterPort}" - ''; + openFirewall = true; + node_id = "olympus-1"; }; } diff --git a/nixos/hosts/olympus/vault-1/configuration.nix b/nixos/hosts/olympus/vault-1/configuration.nix index 5bcf47f2..ed2ce839 100644 --- a/nixos/hosts/olympus/vault-1/configuration.nix +++ b/nixos/hosts/olympus/vault-1/configuration.nix @@ -15,31 +15,13 @@ in { # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "21.05"; # Did you read the comment? - # Additional packages - environment.systemPackages = with pkgs; [ ]; - # Vault networking.firewall.allowedTCPPorts = [ port clusterPort ]; - services.vault = { + # Vault + services.v.vault = { enable = true; - # bin version includes the UI - package = pkgs.vault-bin; - address = "0.0.0.0:${toString port}"; - storageBackend = "raft"; - storagePath = "/var/lib/vault-raft"; - storageConfig = '' - node_id = "olympus-2" - - retry_join { - leader_api_addr = "http://10.42.42.6:${toString port}" - } - ''; - extraConfig = '' - ui = true - disable_mlock = true - api_addr = "http://10.42.42.30:${toString port}" - cluster_addr = "http://10.42.42.30:${toString clusterPort}" - ''; + openFirewall = true; + node_id = "olympus-2"; }; } diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 9faf63fa..3426b442 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -30,22 +30,18 @@ let exec Hyprland ''; -in -{ - imports = - [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - ./networking.nix - ]; +in { + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + ./networking.nix + ]; # home-manager home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.users.victor = import ./home; - home-manager.extraSpecialArgs = { - inherit inputs; - }; + home-manager.extraSpecialArgs = { inherit inputs; }; security.pam.services.swaylock = { }; @@ -58,7 +54,10 @@ in noto-fonts-cjk noto-fonts-emoji dejavu_fonts - (nerdfonts.override { fonts = [ "DejaVuSansMono" "Ubuntu" "DroidSansMono" "NerdFontsSymbolsOnly" ]; }) + (nerdfonts.override { + fonts = + [ "DejaVuSansMono" "Ubuntu" "DroidSansMono" "NerdFontsSymbolsOnly" ]; + }) ]; enableDefaultFonts = false; @@ -66,8 +65,10 @@ in fontconfig = { defaultFonts = { monospace = [ "DejaVuSansMono Nerd Font" "Noto Color Emoji" ]; - sansSerif = [ "DejaVu Sans" "DejaVuSansMono Nerd Font" "Noto Color Emoji" ]; - serif = [ "DejaVu Serif" "DejaVuSansMono Nerd Font" "Noto Color Emoji" ]; + sansSerif = + [ "DejaVu Sans" "DejaVuSansMono Nerd Font" "Noto Color Emoji" ]; + serif = + [ "DejaVu Serif" "DejaVuSansMono Nerd Font" "Noto Color Emoji" ]; emoji = [ "Noto Color Emoji" ]; }; }; @@ -76,7 +77,7 @@ in # Bootloader. # boot.initrd.systemd.enable = true; # Experimental boot = { - kernelPackages = pkgs.linuxPackages_latest; + kernelPackages = pkgs.linuxPackages_latest; loader.systemd-boot.editor = false; loader.systemd-boot.enable = true; loader.systemd-boot.configurationLimit = 6; @@ -85,7 +86,7 @@ in }; services.gnome.gnome-keyring.enable = true; - + fileSystems."/".options = [ "compress=zstd" ]; # Filesystem dedup services.beesd.filesystems = { @@ -112,16 +113,15 @@ in LC_TIME = "en_DK.UTF-8"; }; - i18n.supportedLocales = [ - "en_GB.UTF-8/UTF-8" - "nl_NL.UTF-8/UTF-8" - "en_DK.UTF-8/UTF-8" - ]; + i18n.supportedLocales = + [ "en_GB.UTF-8/UTF-8" "nl_NL.UTF-8/UTF-8" "en_DK.UTF-8/UTF-8" ]; xdg.portal = { - enable = true; - wlr.enable = true; + enable = true; + wlr.enable = true; }; + + services.udisks2.enable = true; services.dbus.enable = true; # Hyprland @@ -218,7 +218,8 @@ in debug = false; cue = true; control = "sufficient"; - authFile = "/etc/u2f-mappings"; # use `pamu2fcfg` from `pkgs.pam_u2f` to generate this config + authFile = + "/etc/u2f-mappings"; # use `pamu2fcfg` from `pkgs.pam_u2f` to generate this config }; programs.ssh.startAgent = true; @@ -228,10 +229,10 @@ in HandlePowerKey=suspend ''; - services.udev.packages = with pkgs; [ + services.udev.packages = with pkgs; [ android-udev-rules logitech-udev-rules - qmk-udev-rules + qmk-udev-rules wooting-udev-rules ]; -- 2.47.1 From 7eb07ac622517c3ed0ccad667c9facb9c46e160b Mon Sep 17 00:00:00 2001 From: victor Date: Thu, 29 Sep 2022 20:52:21 +0200 Subject: [PATCH 0471/1882] fixed up vault config --- nixos/hosts/olympus/vault-0/configuration.nix | 7 +------ nixos/hosts/olympus/vault-1/configuration.nix | 9 +-------- 2 files changed, 2 insertions(+), 14 deletions(-) diff --git a/nixos/hosts/olympus/vault-0/configuration.nix b/nixos/hosts/olympus/vault-0/configuration.nix index 0e508de2..0eae86e5 100644 --- a/nixos/hosts/olympus/vault-0/configuration.nix +++ b/nixos/hosts/olympus/vault-0/configuration.nix @@ -2,12 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, hosts, ... }: -let - port = 8200; - clusterPort = 8201; - ip = config.deployment.targetHost; -in { +{ config, pkgs, hosts, ... }: { # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/olympus/vault-1/configuration.nix b/nixos/hosts/olympus/vault-1/configuration.nix index ed2ce839..3ef0c94a 100644 --- a/nixos/hosts/olympus/vault-1/configuration.nix +++ b/nixos/hosts/olympus/vault-1/configuration.nix @@ -2,11 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, hosts, ... }: -let - port = 8200; - clusterPort = 8201; -in { +{ config, pkgs, hosts, ... }: { # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave @@ -15,9 +11,6 @@ in { # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "21.05"; # Did you read the comment? - # Vault - networking.firewall.allowedTCPPorts = [ port clusterPort ]; - # Vault services.v.vault = { enable = true; -- 2.47.1 From b4212470b14bbb9fbc02424ec70fbc5f54d2e822 Mon Sep 17 00:00:00 2001 From: victor Date: Thu, 29 Sep 2022 21:14:34 +0200 Subject: [PATCH 0472/1882] update --- flake.lock | 18 +++++++++--------- nixos/common/default.nix | 8 ++++++++ 2 files changed, 17 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 7bf2304a..f2e720c4 100644 --- a/flake.lock +++ b/flake.lock @@ -420,11 +420,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1664286632, - "narHash": "sha256-fKENvLanhmBENlIbmDAVB8SKSbwdLLBYKu6B7oJ0rLc=", + "lastModified": 1664449551, + "narHash": "sha256-iTStJtZB1+MppkT+95Ckqy2NDaISb+QcUkOAa0DS0io=", "owner": "nix-community", "repo": "home-manager", - "rev": "6dc8a43f397c92afbc3f771385ac803d96d5eeb5", + "rev": "864ff685fe6443101a0a8f3950d21bcb4330e56a", "type": "github" }, "original": { @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1664389693, - "narHash": "sha256-M8eCiod9GvH4WkgC/EEPwu7XVMt2upFwn4y2ycoBEYg=", + "lastModified": 1664477193, + "narHash": "sha256-W8pe+3wrAUjtexyd6ve4qZGLOWzfqqXKyieY3Q3ntsY=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "31cb4c49d9f977d4cb0876cf1124bf9e86a60669", + "rev": "da40bf823f2f307e439f4bd85c405d9e612c2df5", "type": "github" }, "original": { @@ -698,11 +698,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1664359465, - "narHash": "sha256-Bx1bjo3d77UqoheOeLbbBOyPvuNLedEkgTx3nDO2QJE=", + "lastModified": 1664477516, + "narHash": "sha256-kdOex16l/HV0zDFXLcR1ksjQlZDaCZt8a7EXMybuirM=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "43377d2818041a0e40ac769b3d8897c2c74ba816", + "rev": "dddab957d2cdae5a11b3104e5eaec28995ef2ebf", "type": "github" }, "original": { diff --git a/nixos/common/default.nix b/nixos/common/default.nix index ac227dd8..6b834dd9 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -14,6 +14,14 @@ # Set your time zone. time.timeZone = lib.mkDefault "Europe/Amsterdam"; + # Systemd OOMd + # Fedora enables these options by default. See the 10-oomd-* files here: + # https://src.fedoraproject.org/rpms/systemd/tree/acb90c49c42276b06375a66c73673ac3510255 + systemd.oomd = { + enableRootSlice = true; + enableUserServices = true; + }; + # Nix Settings nix = { nixPath = [ "nixpkgs=${inputs.nixpkgs}" ]; -- 2.47.1 From 41381e247fa7f0e25409c6ebd2798b9193dd4d0e Mon Sep 17 00:00:00 2001 From: victor Date: Fri, 30 Sep 2022 11:40:05 +0200 Subject: [PATCH 0473/1882] add unifi.hades --- nixos/hosts/hades/default.nix | 1 - nixos/hosts/hades/unifi/configuration.nix | 20 ++++++++++++++++++++ 2 files changed, 20 insertions(+), 1 deletion(-) create mode 100644 nixos/hosts/hades/unifi/configuration.nix diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 73dd9ae6..e2a7fb1a 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -21,7 +21,6 @@ hostname = "unifi"; ip = "192.168.0.101"; mac = "5a:00:b7:6c:d1:e2"; - nix = false; } { hostname = "plex"; diff --git a/nixos/hosts/hades/unifi/configuration.nix b/nixos/hosts/hades/unifi/configuration.nix new file mode 100644 index 00000000..d3110ac8 --- /dev/null +++ b/nixos/hosts/hades/unifi/configuration.nix @@ -0,0 +1,20 @@ +{ config, pkgs, lib, ... }: +{ + system.stateVersion = "21.05"; + networking.interfaces.eth0.useDHCP = true; + + services.unifi = { + enable = true; + jrePackage = pkgs.jre8_headless; + unifiPackage = pkgs.unifi; + mongodbPackage = pkgs.mongodb; + openPorts = true; + }; + + # Required for Java + # gets forced to true due the lxc profile + environment.noXlibs = lib.mkForce false; + + # Unifi Web Port + networking.firewall.allowedTCPPorts = [ 8443 ]; +} -- 2.47.1 From b30161c739f5da29d4f06053f1e49d8dca12fff6 Mon Sep 17 00:00:00 2001 From: victor Date: Fri, 30 Sep 2022 11:57:34 +0200 Subject: [PATCH 0474/1882] update unifi config --- nixos/hosts/hades/unifi/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/unifi/configuration.nix b/nixos/hosts/hades/unifi/configuration.nix index d3110ac8..ab540339 100644 --- a/nixos/hosts/hades/unifi/configuration.nix +++ b/nixos/hosts/hades/unifi/configuration.nix @@ -8,7 +8,7 @@ jrePackage = pkgs.jre8_headless; unifiPackage = pkgs.unifi; mongodbPackage = pkgs.mongodb; - openPorts = true; + openFirewall = true; }; # Required for Java -- 2.47.1 From 01e86c277ba614a5b67be1905fbeb6fc852e6257 Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 1 Oct 2022 14:43:26 +0200 Subject: [PATCH 0475/1882] add database host --- flake.lock | 24 +++++++------- nixos/common/default.nix | 19 ++++++----- nixos/hosts/hades/database/configuration.nix | 35 ++++++++++++++++++++ nixos/hosts/hades/default.nix | 1 - nixos/hosts/thalassa/null/home/default.nix | 1 + 5 files changed, 58 insertions(+), 22 deletions(-) create mode 100644 nixos/hosts/hades/database/configuration.nix diff --git a/flake.lock b/flake.lock index f2e720c4..243434e3 100644 --- a/flake.lock +++ b/flake.lock @@ -420,11 +420,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1664449551, - "narHash": "sha256-iTStJtZB1+MppkT+95Ckqy2NDaISb+QcUkOAa0DS0io=", + "lastModified": 1664573442, + "narHash": "sha256-AovlSIuJfMf8n9QLNUVtsCul+NVHIoen7APH2fLls3k=", "owner": "nix-community", "repo": "home-manager", - "rev": "864ff685fe6443101a0a8f3950d21bcb4330e56a", + "rev": "a7f0cc2d7b271b4a5df9b9e351d556c172f7e903", "type": "github" }, "original": { @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1664477193, - "narHash": "sha256-W8pe+3wrAUjtexyd6ve4qZGLOWzfqqXKyieY3Q3ntsY=", + "lastModified": 1664617133, + "narHash": "sha256-ogDblDyvM8KgJEmidcmrQbBEFVYleAPLeoyuioCXYa4=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "da40bf823f2f307e439f4bd85c405d9e612c2df5", + "rev": "590fbf808b60baceef3b021050dae4c409121bf5", "type": "github" }, "original": { @@ -550,11 +550,11 @@ "utils": "utils_5" }, "locked": { - "lastModified": 1664416713, - "narHash": "sha256-EBlFsuwJKak5l9UpSXKgTiUL30kjuKeWMNsJZOGbhA8=", + "lastModified": 1664504390, + "narHash": "sha256-H7p9P2oxLiPYCYpbFFkECJ95+dwR0g83rYJJhYIbo/E=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "520d55ed44be7806138216e9ebe84bfcf641e999", + "rev": "d3eed15d776fe50786913047f0764efd917ea351", "type": "github" }, "original": { @@ -826,11 +826,11 @@ ] }, "locked": { - "lastModified": 1664388710, - "narHash": "sha256-SbaZu/HVBVelLGYFPdZ2IteHS6rBaa8as/iEIvEmNz4=", + "lastModified": 1664557358, + "narHash": "sha256-ok/e+vBUyt3OhdG0ND7d0INxAA5w9+SRxGlUtao0nv4=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "c47ff5c960f11c372a5b6d96182a88ee22dc30dd", + "rev": "8a11573a00386a5849af5534b5d0336092299eef", "type": "github" }, "original": { diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 6b834dd9..584ca319 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -1,9 +1,6 @@ -{ config, lib, pkgs, inputs, ... }: - -{ +{ config, lib, pkgs, inputs, ... }: { imports = [ inputs.vault-secrets.nixosModules.vault-secrets - # User account definitions ./users ./modules ]; @@ -67,16 +64,20 @@ MaxFileSec=7day ''; - # Enable SSH daemon support. + # Enable SSH services.openssh = { enable = true; passwordAuthentication = false; permitRootLogin = "no"; }; - vault-secrets = lib.mkIf (config.networking.domain == "olympus") { - vaultPrefix = "olympus_secrets/nixos"; - vaultAddress = "http://vault.olympus:8200/"; - approlePrefix = "olympus-${config.networking.hostName}"; + # Configure vault-secrets based on domain + vault-secrets = let + inherit (config.networking) domain hostName; + server = if domain == "olympus" then "vault" else "vault-0"; + in lib.mkIf (domain == "olympus" || domain == "hades") { + vaultPrefix = "${domain}_secrets/nixos"; + vaultAddress = "http://${server}.${domain}:8200/"; + approlePrefix = "${domain}-${hostName}"; }; } diff --git a/nixos/hosts/hades/database/configuration.nix b/nixos/hosts/hades/database/configuration.nix new file mode 100644 index 00000000..d4459c23 --- /dev/null +++ b/nixos/hosts/hades/database/configuration.nix @@ -0,0 +1,35 @@ +{ config, pkgs, ... }: +let vs = config.vault-secrets.secrets; +in { + networking.interfaces.eth0.useDHCP = true; + + networking.firewall.allowedTCPPorts = [ config.services.postgresql.port ]; + + vault-secrets.secrets.database = { + user = "postgres"; + group = "postgres"; + }; + + services.postgresql = { + enable = true; + package = pkgs.postgresql_13; + enableTCPIP = true; + extraPlugins = [ ]; + initdbArgs = [ + "--encoding 'UTF-8'" + "--lc-collate='en_US.UTF-8'" + "--lc-ctype='en_US.UTF-8'" + ]; + authentication = '' + host all all 192.168.0.1/23 md5 + host all all 10.10.10.0/24 md5 + ''; + initialScript = "${vs.database}/initialScript"; + settings = { + shared_preload_libraries = "pg_stat_statements"; + "pg_stat_statements.track" = "all"; + "pg_stat_statements.max" = 10000; + track_activity_query_size = 2048; + }; + }; +} diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index e2a7fb1a..731d29ad 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -121,7 +121,6 @@ hostname = "database"; ip = "192.168.0.126"; mac = "82:e8:71:7f:37:b4"; - nix = false; } { hostname = "dn42"; diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index a0397c04..04de3b2b 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -98,6 +98,7 @@ in { package = pkgs.gitAndTools.gitFull; userName = "Victor"; userEmail = "victor@xirion.net"; + lfs.enable = true; }; programs.mako = { -- 2.47.1 From 297479eb9a0d2aba225ecad80147370120191c00 Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 1 Oct 2022 14:56:26 +0200 Subject: [PATCH 0476/1882] finish database.hades --- nixos/hosts/hades/database/configuration.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/nixos/hosts/hades/database/configuration.nix b/nixos/hosts/hades/database/configuration.nix index d4459c23..a81fa520 100644 --- a/nixos/hosts/hades/database/configuration.nix +++ b/nixos/hosts/hades/database/configuration.nix @@ -1,6 +1,8 @@ { config, pkgs, ... }: let vs = config.vault-secrets.secrets; in { + + system.stateVersion = "21.05"; networking.interfaces.eth0.useDHCP = true; networking.firewall.allowedTCPPorts = [ config.services.postgresql.port ]; @@ -8,6 +10,7 @@ in { vault-secrets.secrets.database = { user = "postgres"; group = "postgres"; + services = [ "postgresql" ]; }; services.postgresql = { -- 2.47.1 From 052a649ed709c579bb605191a0245a6791a60bd8 Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 2 Oct 2022 13:18:32 +0200 Subject: [PATCH 0477/1882] flake update --- flake.lock | 12 +-- nixos/hosts/hades/mastodon/configuration.nix | 84 ++++++++++++++++++++ 2 files changed, 90 insertions(+), 6 deletions(-) create mode 100644 nixos/hosts/hades/mastodon/configuration.nix diff --git a/flake.lock b/flake.lock index 243434e3..6b20e149 100644 --- a/flake.lock +++ b/flake.lock @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1664617133, - "narHash": "sha256-ogDblDyvM8KgJEmidcmrQbBEFVYleAPLeoyuioCXYa4=", + "lastModified": 1664648355, + "narHash": "sha256-Qi7fh9jD0PeQw80YBjAv191Ye+MecudUOTYFwByH3CU=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "590fbf808b60baceef3b021050dae4c409121bf5", + "rev": "a97621b1cb203b0e3a7dd07d88c5422b798cbfd8", "type": "github" }, "original": { @@ -698,11 +698,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1664477516, - "narHash": "sha256-kdOex16l/HV0zDFXLcR1ksjQlZDaCZt8a7EXMybuirM=", + "lastModified": 1664708903, + "narHash": "sha256-JxJNpWBIvtO1RX4ENW2aKgmyCIr0CwxcxQNxc+NGqv4=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "dddab957d2cdae5a11b3104e5eaec28995ef2ebf", + "rev": "325d5202f74b9feea0ab59a3fce1076dd0f36298", "type": "github" }, "original": { diff --git a/nixos/hosts/hades/mastodon/configuration.nix b/nixos/hosts/hades/mastodon/configuration.nix new file mode 100644 index 00000000..b6958023 --- /dev/null +++ b/nixos/hosts/hades/mastodon/configuration.nix @@ -0,0 +1,84 @@ +{ config, pkgs, lib, ... }: +let vs = config.vault-secrets.secrets; +in { + system.stateVersion = "21.05"; + # Use DHCP with static leases + networking.interfaces.eth0.useDHCP = true; + + # Better cache hits + environment.noXlibs = lib.mkForce false; + + services.elasticsearch = { + enable = true; + cluster_name = "mastodon-es"; + package = pkgs.elasticsearch7; + }; + + vault-secrets.secrets.mastodon = { }; + + services.mastodon = { + enable = true; + package = pkgs.v.glitch-soc; + streamingPort = 55000; + webPort = 55001; + enableUnixSocket = false; + localDomain = "xirion.net"; + trustedProxy = "192.168.0.123"; + + configureNginx = false; + + redis = { createLocally = true; }; + + elasticsearch = { + host = "127.0.0.1"; + port = config.services.elasticsearch.port; + }; + + database = { + createLocally = false; + user = "mastodon"; + passwordFile = "${vs.mastodon}/db-password"; + port = 5432; + name = "mastodon"; + host = "192.168.0.126"; + }; + + smtp = { + createLocally = false; + fromAddress = "mastodon@xirion.net"; + host = "mail.xirion.net"; + user = "mastodon@xirion.net"; + authenticate = true; + port = 587; + passwordFile = "${vs.mastodon}/smtp-password"; + }; + + extraConfig = { + BIND = "0.0.0.0"; + SINGLE_USER_MODE = "false"; + EMAIL_DOMAIN_ALLOWLIST = "xirion.net"; + DEFAULT_LOCALE = "en"; + + WEB_DOMAIN = "fedi.xirion.net"; + + SMTP_AUTH_METHOD = "plain"; + SMTP_OPENSSL_VERIFY_MODE = "none"; + + # TODO: Don't? + RAILS_SERVE_STATIC_FILES = "true"; + + # https://github.com/cybrespace/cybrespace-meta/blob/master/s3.md; + # https://shivering-isles.com/Mastodon-and-Amazon-S3 + S3_ENABLED = "true"; + S3_BUCKET = "mastodon"; + S3_PROTOCOL = "https"; + AWS_ACCESS_KEY_ID = secrets.awsAccessKey; + AWS_SECRET_ACCESS_KEY = secrets.awsSecretKey; + S3_HOSTNAME = "o.xirion.net"; + S3_ENDPOINT = "https://o.xirion.net/"; + }; + }; + + networking.firewall = let cfg = config.services.mastodon; + in { allowedTCPPorts = [ cfg.streamingPort cfg.webPort ]; }; +} -- 2.47.1 From f55f187d087976f710150464efe25c63952841ec Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 2 Oct 2022 16:04:25 +0200 Subject: [PATCH 0478/1882] add mastodon --- nixos/hosts/hades/default.nix | 1 - nixos/hosts/hades/mastodon/configuration.nix | 14 +++++++++++--- nixos/pkgs/glitch-soc/default.nix | 1 + 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 731d29ad..737ea04f 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -180,7 +180,6 @@ hostname = "mastodon"; ip = "192.168.0.138"; mac = "52:60:8a:06:86:9c"; - nix = false; } { hostname = "lidarr"; diff --git a/nixos/hosts/hades/mastodon/configuration.nix b/nixos/hosts/hades/mastodon/configuration.nix index b6958023..20d39dba 100644 --- a/nixos/hosts/hades/mastodon/configuration.nix +++ b/nixos/hosts/hades/mastodon/configuration.nix @@ -14,7 +14,17 @@ in { package = pkgs.elasticsearch7; }; - vault-secrets.secrets.mastodon = { }; + vault-secrets.secrets.mastodon = { + services = [ "mastodon-init-dirs" "mastodon" ]; + }; + + # Append the init-dirs script to add AWS/Minio secrets + systemd.services.mastodon-init-dirs.script = '' + cat >> /var/lib/mastodon/.secrets_env < Date: Sun, 2 Oct 2022 17:44:35 +0200 Subject: [PATCH 0479/1882] finished masto --- nixos/hosts/hades/mastodon/configuration.nix | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/nixos/hosts/hades/mastodon/configuration.nix b/nixos/hosts/hades/mastodon/configuration.nix index 20d39dba..f352b05f 100644 --- a/nixos/hosts/hades/mastodon/configuration.nix +++ b/nixos/hosts/hades/mastodon/configuration.nix @@ -1,6 +1,9 @@ { config, pkgs, lib, ... }: -let vs = config.vault-secrets.secrets; -in { +let + vs = config.vault-secrets.secrets; + cfg = config.services.mastodon; +in +{ system.stateVersion = "21.05"; # Use DHCP with static leases networking.interfaces.eth0.useDHCP = true; @@ -16,6 +19,8 @@ in { vault-secrets.secrets.mastodon = { services = [ "mastodon-init-dirs" "mastodon" ]; + user = cfg.user; + group = cfg.group; }; # Append the init-dirs script to add AWS/Minio secrets @@ -87,6 +92,7 @@ in { }; }; - networking.firewall = let cfg = config.services.mastodon; - in { allowedTCPPorts = [ cfg.streamingPort cfg.webPort ]; }; + networking.firewall = + let cfg = config.services.mastodon; + in { allowedTCPPorts = [ cfg.streamingPort cfg.webPort ]; }; } -- 2.47.1 From 30450f47504fd534ad159347ad03111edf118acb Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 2 Oct 2022 17:44:43 +0200 Subject: [PATCH 0480/1882] minio.hades --- nixos/hosts/hades/default.nix | 1 - nixos/hosts/hades/minio/configuration.nix | 18 ++++++++++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 nixos/hosts/hades/minio/configuration.nix diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 737ea04f..934c63a4 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -56,7 +56,6 @@ hostname = "minio"; ip = "192.168.0.112"; mac = "ae:c6:94:bb:c5:d9"; - nix = false; } { hostname = "cshub2"; diff --git a/nixos/hosts/hades/minio/configuration.nix b/nixos/hosts/hades/minio/configuration.nix new file mode 100644 index 00000000..503d35b6 --- /dev/null +++ b/nixos/hosts/hades/minio/configuration.nix @@ -0,0 +1,18 @@ +{ config, pkgs, ... }: +let + vs = config.vault-secrets.secrets; +in +{ + system.stateVersion = "22.11"; + + networking.firewall.allowedTCPPorts = [ 9000 9001 ]; + + networking.interfaces.eth0.useDHCP = true; + + vault-secrets.secrets.minio = { }; + + services.minio = { + enable = true; + rootCredentialsFile = "${vs.minio}/environment"; + }; +} -- 2.47.1 From 3c1556b185a5fd80d96ecc3427263624df19acda Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 2 Oct 2022 20:51:08 +0200 Subject: [PATCH 0481/1882] docker-registry{,-proxy}.hades --- flake.nix | 1 + nixos/hosts/hades/default.nix | 2 - .../docker-registry-proxy/configuration.nix | 40 +++++++++++++++ .../hades/docker-registry/configuration.nix | 49 +++++++++++++++++++ 4 files changed, 90 insertions(+), 2 deletions(-) create mode 100644 nixos/hosts/hades/docker-registry-proxy/configuration.nix create mode 100644 nixos/hosts/hades/docker-registry/configuration.nix diff --git a/flake.nix b/flake.nix index 703560f9..f619bc8b 100644 --- a/flake.nix +++ b/flake.nix @@ -111,6 +111,7 @@ buildInputs = with pkgs; [ apply-local colmena.packages.${system}.colmena + cachix fluxcd k9s kubectl diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 934c63a4..0c7410c3 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -131,7 +131,6 @@ hostname = "docker-registry-proxy"; ip = "192.168.0.128"; mac = "0e:11:65:62:66:9f"; - nix = false; } { hostname = "hassio"; @@ -143,7 +142,6 @@ hostname = "docker-registry"; ip = "192.168.0.130"; mac = "5e:0e:a6:cf:64:70"; - nix = false; } { hostname = "minecraft"; diff --git a/nixos/hosts/hades/docker-registry-proxy/configuration.nix b/nixos/hosts/hades/docker-registry-proxy/configuration.nix new file mode 100644 index 00000000..75c381d1 --- /dev/null +++ b/nixos/hosts/hades/docker-registry-proxy/configuration.nix @@ -0,0 +1,40 @@ +{ config, pkgs, lib, ... }: +let vs = config.vault-secrets.secrets; in +{ + system.stateVersion = "22.05"; + + networking.interfaces.eth0.useDHCP = true; + + # the registry port and metrics port + networking.firewall.allowedTCPPorts = [ config.services.dockerRegistry.port 5001 ]; + + vault-secrets.secrets.docker-registry = { }; + + # Sets the minio user and password + systemd.services.docker-registry.serviceConfig.EnvironmentFile = "${vs.docker-registry}/environment"; + + services.dockerRegistry = { + enable = true; + enableDelete = true; + enableGarbageCollect = true; + listenAddress = "0.0.0.0"; + storagePath = null; # We want to store in s3 + garbageCollectDates = "weekly"; + extraConfig = { + # S3 Storages + storage.s3 = { + regionendpoint = "https://o.xirion.net"; + bucket = "docker-registry-proxy"; + region = "us-east-1"; # Fake but needed + }; + + # The actual proxy + proxy.remoteurl = "https://registry-1.docker.io"; + + # Enable prom under :5001/metrics + http.debug.addr = "0.0.0.0:5001"; + http.debug.prometheus.enabled = true; + }; + }; +} + diff --git a/nixos/hosts/hades/docker-registry/configuration.nix b/nixos/hosts/hades/docker-registry/configuration.nix new file mode 100644 index 00000000..d7f91171 --- /dev/null +++ b/nixos/hosts/hades/docker-registry/configuration.nix @@ -0,0 +1,49 @@ +{ config, pkgs, lib, ... }: +let vs = config.vault-secrets.secrets; in +{ + system.stateVersion = "22.05"; + + networking.interfaces.eth0.useDHCP = true; + + # the registry port and metrics port + networking.firewall.allowedTCPPorts = [ config.services.dockerRegistry.port 5001 ]; + + vault-secrets.secrets.docker-registry = { }; + + # Sets the minio user and password + systemd.services.docker-registry.serviceConfig.EnvironmentFile = "${vs.docker-registry}/environment"; + + services.dockerRegistry = { + enable = true; + enableDelete = true; + enableGarbageCollect = true; + listenAddress = "0.0.0.0"; + storagePath = null; # We want to store in s3 + garbageCollectDates = "weekly"; + + extraConfig = { + # S3 Storages + storage.s3 = { + regionendpoint = "https://o.xirion.net"; + bucket = "docker-registry"; + region = "us-east-1"; # Fake but needed + }; + + # Enable prom under :5001/metrics + http.debug.addr = "0.0.0.0:5001"; + http.debug.prometheus.enabled = true; + + # Webhooks + notifications.endpoints = [ + { + name = "keel"; + url = "http://10.10.10.17:9300/v1/webhooks/registry"; + timeout = "500ms"; + treshold = 5; + backoff = "1s"; + } + ]; + }; + }; +} + -- 2.47.1 From 2f0ddf0e6de20ad5c4b3731c1011f62d06ca70d5 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 2 Oct 2022 23:33:47 +0200 Subject: [PATCH 0482/1882] deploy rtorrent --- nixos/common/users/default.nix | 1 + nixos/hosts/hades/default.nix | 1 - nixos/hosts/hades/rtorrent/configuration.nix | 52 +++++++++ nixos/hosts/hades/rtorrent/rtorrent.nix | 116 +++++++++++++++++++ 4 files changed, 169 insertions(+), 1 deletion(-) create mode 100644 nixos/hosts/hades/rtorrent/configuration.nix create mode 100644 nixos/hosts/hades/rtorrent/rtorrent.nix diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index 8bb57e7b..99083b9e 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -41,6 +41,7 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKME+A5zu36tMIsY+PBoboizgAzt6xReUNrKRBkxvl3i victor@null" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8llUcEBHsLqotFZc++LNP2fjItuuzeUsu5ObXecYNj victor@eevee" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBhJAp7NWlHgwDYd2z6VNROy5RkeZHRINFLsFvwT4b3 victor@bastion" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMMbdjysLnmwJD5Fs/SjBPstdIQNUxy8zFHP0GlhHMJB victor@bastion" "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIM3TqXaApX2JZsgfZd7PKVFMecDgqTHKibpSzgdXNpYAAAAABHNzaDo= solov2-le" ]; diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 0c7410c3..608fd9e4 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -50,7 +50,6 @@ hostname = "rtorrent"; ip = "192.168.0.111"; mac = "7a:5f:9b:62:49:91"; - nix = false; } { hostname = "minio"; diff --git a/nixos/hosts/hades/rtorrent/configuration.nix b/nixos/hosts/hades/rtorrent/configuration.nix new file mode 100644 index 00000000..8d974ac0 --- /dev/null +++ b/nixos/hosts/hades/rtorrent/configuration.nix @@ -0,0 +1,52 @@ +{ config, pkgs, ... }: +let vs = config.vault-secrets.secrets; in +{ + imports = [ + ./rtorrent.nix + ]; + + networking.interfaces.eth0.useDHCP = true; + system.stateVersion = "22.05"; + + fileSystems."/mnt/storage" = { + device = "storage:/mnt/storage"; + fsType = "nfs"; + }; + + services.flood = { + enable = true; + host = "0.0.0.0"; + openFirewall = true; + downloadDir = config.services.rtorrent.downloadDir; + }; + + vault-secrets.secrets.rtorrent = { + services = [ "wg-quick-wg0" ]; + }; + + # # basically to override wireguard and route olympus IPs via the router + # networking.interfaces.eth0.ipv4.routes = [{ + # address = "10.42.42.0"; + # prefixLength = 23; + # via = "192.168.0.1"; + # }]; + + # Mullvad VPN + networking.wg-quick.interfaces = { + wg0 = { + address = [ "10.66.153.191/32" "fc00:bbbb:bbbb:bb01::3:99be/128" ]; + dns = [ "193.138.218.74" ]; + privateKeyFile = "${vs.rtorrent}/wireguardKey"; + postUp = "${pkgs.iproute2}/bin/ip route add 10.42.42.0/23 via 192.168.0.1"; + + peers = [ + { + publicKey = "hnRorSW0YHlHAzGb4Uc/sjOqQIrqDnpJnTQi/n7Rp1c="; + allowedIPs = [ "0.0.0.0/0" "::/0" ]; + endpoint = "185.65.134.223:51820"; + persistentKeepalive = 25; + } + ]; + }; + }; +} diff --git a/nixos/hosts/hades/rtorrent/rtorrent.nix b/nixos/hosts/hades/rtorrent/rtorrent.nix new file mode 100644 index 00000000..9e4973af --- /dev/null +++ b/nixos/hosts/hades/rtorrent/rtorrent.nix @@ -0,0 +1,116 @@ +{ config, lib, pkgs, ... }: +{ + services.rtorrent = { + enable = true; + port = 54945; # Port Forwarded in mullvad + downloadDir = "/mnt/storage/torrents/r"; + package = pkgs.jesec-rtorrent; + configText = let cfg = config.services.rtorrent; in + pkgs.lib.mkForce '' + # rTorrent runtime directory (cfg.basedir) [default: "$HOME/.local/share/rtorrent"] + method.insert = cfg.basedir, private|const|string, (cat,"${cfg.dataDir}/") + + # Default download directory (cfg.download) [default: "$(cfg.basedir)/download"] + method.insert = cfg.download, private|const|string, (cat,"${cfg.downloadDir}") + + # RPC Socket + method.insert = cfg.rpcsock, private|const|string, (cat,"${cfg.rpcSocket}") + + # Log directory (cfg.logs) [default: "$(cfg.basedir)/log"] + method.insert = cfg.logs, private|const|string, (cat,(cfg.basedir),"log/") + method.insert = cfg.logfile, private|const|string, (cat,(cfg.logs),"rtorrent-",(system.time),".log") + + # Torrent session directory (cfg.session) [default: "$(cfg.basedir)/.session"] + method.insert = cfg.session, private|const|string, (cat,(cfg.basedir),".session/") + + # Watch (drop to add) directories (cfg.watch) [default: "$(cfg.basedir)/watch"] + method.insert = cfg.watch, private|const|string, (cat,(cfg.basedir),"watch/") + + # Create directories + fs.mkdir.recursive = (cat,(cfg.basedir)) + + fs.mkdir = (cat,(cfg.download)) + fs.mkdir = (cat,(cfg.logs)) + fs.mkdir = (cat,(cfg.session)) + + fs.mkdir = (cat,(cfg.watch)) + fs.mkdir = (cat,(cfg.watch),"/load") + fs.mkdir = (cat,(cfg.watch),"/start") + + # Drop to "$(cfg.watch)/load" to add torrent + schedule2 = watch_load, 11, 10, ((load.verbose, (cat, (cfg.watch), "load/*.torrent"))) + + # Drop to "$(cfg.watch)/start" to add torrent and start downloading + schedule2 = watch_start, 10, 10, ((load.start_verbose, (cat, (cfg.watch), "start/*.torrent"))) + + # Listening port for incoming peer traffic + network.port_range.set = ${toString cfg.port}-${toString cfg.port} + network.port_random.set = no + + # Distributed Hash Table and Peer EXchange + dht.mode.set = disable + dht.port.set = 6881 + protocol.pex.set = yes + + # UDP tracker support + trackers.use_udp.set = yes + + # Peer settings + throttle.max_uploads.set = 100 + throttle.max_uploads.global.set = 250 + throttle.min_peers.normal.set = 20 + throttle.max_peers.normal.set = 60 + throttle.min_peers.seed.set = 30 + throttle.max_peers.seed.set = 80 + trackers.numwant.set = 80 + + protocol.encryption.set = allow_incoming,try_outgoing,enable_retry + + # Limits for file handle resources, this is optimized for + # an `ulimit` of 1024 (a common default). You MUST leave + # a ceiling of handles reserved for rTorrent's internal needs! + network.max_open_files.set = 600 + network.max_open_sockets.set = 300 + + # Memory resource usage (increase if you have a large number of items loaded, + # and/or the available resources to spend) + pieces.memory.max.set = 1800M + network.xmlrpc.size_limit.set = 32M + + # Basic operational settings + session.path.set = (cat, (cfg.session)) + directory.default.set = (cat, (cfg.download)) + log.execute = (cat, (cfg.logs), "execute.log") + + # Other operational settings + encoding.add = utf8 + system.umask.set = 0027 + system.cwd.set = (directory.default) + #schedule2 = low_diskspace, 5, 60, ((close_low_diskspace, 500M)) + #pieces.hash.on_completion.set = no + + # HTTP and SSL + network.http.max_open.set = 50 + network.http.dns_cache_timeout.set = 25 + + #network.http.ssl_verify_peer.set = 1 + #network.http.ssl_verify_host.set = 1 + + # Run the rTorrent process as a daemon in the background + system.daemon.set = true + + # XML-RPC interface + network.scgi.open_local = (cat,(cfg.rpcsock)) + schedule = scgi_group,0,0,"execute.nothrow=chown,\":rtorrent\",(cfg.rpcsock)" + schedule = scgi_permission,0,0,"execute.nothrow=chmod,\"g+w,o=\",(cfg.rpcsock)" + + # Logging: + # Levels = critical error warn notice info debug + # Groups = connection_* dht_* peer_* rpc_* storage_* thread_* tracker_* torrent_* + print = (cat, "Logging to ", (cfg.logfile)) + log.open_file = "log", (cfg.logfile) + log.add_output = "debug", "log" + ''; + }; +} + -- 2.47.1 From a39e8fc5d6a48d9244a9f442be7019703c5d2a69 Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 3 Oct 2022 10:44:16 +0200 Subject: [PATCH 0483/1882] updates nixpkgs --- flake.lock | 18 +++++++++--------- nixos/hosts/thalassa/null/networking.nix | 3 +++ 2 files changed, 12 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 6b20e149..36394ad2 100644 --- a/flake.lock +++ b/flake.lock @@ -420,11 +420,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1664573442, - "narHash": "sha256-AovlSIuJfMf8n9QLNUVtsCul+NVHIoen7APH2fLls3k=", + "lastModified": 1664783440, + "narHash": "sha256-KlMwR7mUf5h8MPnzV7nGFUAt6ih/euW5xgvZ5x+hwvI=", "owner": "nix-community", "repo": "home-manager", - "rev": "a7f0cc2d7b271b4a5df9b9e351d556c172f7e903", + "rev": "e4e639dd4dc3e431aa5b5f95325f9a66ac7e0dd9", "type": "github" }, "original": { @@ -550,11 +550,11 @@ "utils": "utils_5" }, "locked": { - "lastModified": 1664504390, - "narHash": "sha256-H7p9P2oxLiPYCYpbFFkECJ95+dwR0g83rYJJhYIbo/E=", + "lastModified": 1664765798, + "narHash": "sha256-HZEGfxLtLCV41Psqv0FWC5UUfer7sdf3GdPYFm8a6KM=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "d3eed15d776fe50786913047f0764efd917ea351", + "rev": "0dc1831548a56855d3643523d27f0ac7a3bf8b73", "type": "github" }, "original": { @@ -698,11 +698,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1664708903, - "narHash": "sha256-JxJNpWBIvtO1RX4ENW2aKgmyCIr0CwxcxQNxc+NGqv4=", + "lastModified": 1664786530, + "narHash": "sha256-lRMdQ0jjbTIyYLB393GFJYhksYeWU6PFmND4MTVhbtE=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "325d5202f74b9feea0ab59a3fce1076dd0f36298", + "rev": "a5a98d7024334992a91c68d818248fba5dc24574", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/null/networking.nix b/nixos/hosts/thalassa/null/networking.nix index 944d801a..eceb6c61 100644 --- a/nixos/hosts/thalassa/null/networking.nix +++ b/nixos/hosts/thalassa/null/networking.nix @@ -30,6 +30,9 @@ "Pikachu 5G" = { psk = "@PIKACHU_PASSWORD@"; }; + "sha256('yeet')" = { + psk = "@SHA256_PASSWORD@"; + }; }; }; -- 2.47.1 From 6a97495d8c50a4e64ba089feadbf1a222e7f063d Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 3 Oct 2022 15:17:09 +0200 Subject: [PATCH 0484/1882] deployed cinny --- nixos/hosts/olympus/nginx/configuration.nix | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 25a45d9d..7bfc32c3 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -58,7 +58,7 @@ in virtualHosts."grafana.0x76.dev" = proxy "http://victoriametrics.olympus:2342"; virtualHosts."outline.0x76.dev" = proxy "http://outline.olympus:3000"; virtualHosts."id.0x76.dev" = proxy "http://keycloak.olympus:80"; - + # Redshifts virtualHosts."andreea.redshifts.xyz" = proxy "http://zmeura.olympus:8008"; @@ -94,10 +94,22 @@ in }; }; }; + virtualHosts."cinny.chat.meowy.tech" = { + enableACME = true; + forceSSL = true; + + root = pkgs.cinny.override { + conf = { + defaultHomeserver = 0; + allowCustomHomeservers = false; + homeserverList = [ "chat.meowy.tech" ]; + }; + }; + }; virtualHosts."admin.chat.meowy.tech" = { - enableACME = true; - forceSSL = true; - root = pkgs.synapse-admin; + enableACME = true; + forceSSL = true; + root = pkgs.synapse-admin; }; virtualHosts."books.meowy.tech" = proxy "http://bookwyrm.olympus:8001"; -- 2.47.1 From 454a5651e612c8f34993ef44ec206ec33e359315 Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 3 Oct 2022 21:25:57 +0200 Subject: [PATCH 0485/1882] added laura --- nixos/common/users/default.nix | 28 ++++------------------ nixos/common/users/laura.nix | 12 ++++++++++ nixos/common/users/victor.nix | 22 +++++++++++++++++ nixos/hosts/thalassa/null/home/default.nix | 1 + 4 files changed, 40 insertions(+), 23 deletions(-) create mode 100644 nixos/common/users/laura.nix create mode 100644 nixos/common/users/victor.nix diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index 99083b9e..e782347c 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -1,6 +1,10 @@ { config, pkgs, lib, inputs, ... }: - { + imports = [ + ./laura.nix + ./victor.nix + ]; + # Setup ZSH to use grml config programs.zsh = { enable = true; @@ -28,27 +32,6 @@ # Disable sudo prompt for `wheel` users. security.sudo.wheelNeedsPassword = lib.mkDefault false; - # The block that specifies my user account. - users.extraUsers.victor = { - # This account is intended for a non-system user. - isNormalUser = true; - - # My default shell - shell = pkgs.zsh; - - # My SSH keys. - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKME+A5zu36tMIsY+PBoboizgAzt6xReUNrKRBkxvl3i victor@null" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8llUcEBHsLqotFZc++LNP2fjItuuzeUsu5ObXecYNj victor@eevee" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBhJAp7NWlHgwDYd2z6VNROy5RkeZHRINFLsFvwT4b3 victor@bastion" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMMbdjysLnmwJD5Fs/SjBPstdIQNUxy8zFHP0GlhHMJB victor@bastion" - "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIM3TqXaApX2JZsgfZd7PKVFMecDgqTHKibpSzgdXNpYAAAAABHNzaDo= solov2-le" - ]; - - # Make me admin - extraGroups = [ "systemd-journal" "wheel" "networkmanager" ]; - }; - # Configure the root account users.extraUsers.root = { # Allow my SSH keys for logging in as root. @@ -68,5 +51,4 @@ rsync zoxide ]; - } diff --git a/nixos/common/users/laura.nix b/nixos/common/users/laura.nix new file mode 100644 index 00000000..a0d0ea72 --- /dev/null +++ b/nixos/common/users/laura.nix @@ -0,0 +1,12 @@ +{ pkgs, ... }: { + users.extraUsers.laura = { + isNormalUser = true; + shell = pkgs.zsh; + + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBIlFUUXbwOkhNUjoA6zueTdRuaylgpgFqSe/xWGK9zb laura@zmeura" + ]; + + extraGroups = [ ]; + }; +} \ No newline at end of file diff --git a/nixos/common/users/victor.nix b/nixos/common/users/victor.nix new file mode 100644 index 00000000..d88f106b --- /dev/null +++ b/nixos/common/users/victor.nix @@ -0,0 +1,22 @@ +{ pkgs, ... }: { + # The block that specifies my user account. + users.extraUsers.victor = { + # This account is intended for a non-system user. + isNormalUser = true; + + # My default shell + shell = pkgs.zsh; + + # My SSH keys. + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKME+A5zu36tMIsY+PBoboizgAzt6xReUNrKRBkxvl3i victor@null" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8llUcEBHsLqotFZc++LNP2fjItuuzeUsu5ObXecYNj victor@eevee" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBhJAp7NWlHgwDYd2z6VNROy5RkeZHRINFLsFvwT4b3 victor@bastion" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMMbdjysLnmwJD5Fs/SjBPstdIQNUxy8zFHP0GlhHMJB victor@bastion" + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIM3TqXaApX2JZsgfZd7PKVFMecDgqTHKibpSzgdXNpYAAAAABHNzaDo= solov2-le" + ]; + + # Make me admin + extraGroups = [ "systemd-journal" "wheel" "networkmanager" ]; + }; +} \ No newline at end of file diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 04de3b2b..82f09352 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -21,6 +21,7 @@ in { brightnessctl btop calibre + cinny-desktop element-desktop-wayland fluxcd fusee-launcher -- 2.47.1 From 0341ec275af01cc3dc3844e2d9938dd4bbf0092d Mon Sep 17 00:00:00 2001 From: victor Date: Tue, 4 Oct 2022 00:28:22 +0200 Subject: [PATCH 0486/1882] flake update --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 36394ad2..674dd89c 100644 --- a/flake.lock +++ b/flake.lock @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1664648355, - "narHash": "sha256-Qi7fh9jD0PeQw80YBjAv191Ye+MecudUOTYFwByH3CU=", + "lastModified": 1664831853, + "narHash": "sha256-8zHoZ8uuhBtgdNkfxw0f/k9y4FhWRbO+ryXqS4arNq0=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "a97621b1cb203b0e3a7dd07d88c5422b798cbfd8", + "rev": "3bb5971c2e19a07852e27b876bc53b5d597e09c4", "type": "github" }, "original": { @@ -667,11 +667,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1663494472, - "narHash": "sha256-fSowlaoXXWcAM8m9wA6u+eTJJtvruYHMA+Lb/tFi/qM=", + "lastModified": 1664687381, + "narHash": "sha256-9czSuDzS+OGGwq2kC4KXBLXWfYaup+oLB+AA1Md25U4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f677051b8dc0b5e2a9348941c99eea8c4b0ff28f", + "rev": "59d2991d4256cdca1c0cda45d876c80a0fe45c31", "type": "github" }, "original": { @@ -1053,11 +1053,11 @@ "webcord": "webcord_2" }, "locked": { - "lastModified": 1663692072, - "narHash": "sha256-W9y2ow4tkjFhIsPHvUuaOvawxRgxvr9hb6IMwpMoFlM=", + "lastModified": 1664817607, + "narHash": "sha256-1c9doRBUy61lrkA5MTRF4xIE9VcnBxfWUGzXMnMm0CM=", "owner": "fufexan", "repo": "webcord-flake", - "rev": "9578b63fe42746fdbf80a0364781946c8c35aca9", + "rev": "6fdcb79b9aa692acf95c2c9e05b7cd7fa426a385", "type": "github" }, "original": { @@ -1086,11 +1086,11 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1663507239, - "narHash": "sha256-LISZtkPVe8lQ2N8YwVe+KxCkXWLP9mdw6Q2kG93wE8A=", + "lastModified": 1664816798, + "narHash": "sha256-oLJyFT1Fc4UNNaDSN+EYUAWL4CufCBpuS5AV4Z4XANo=", "owner": "wlroots", "repo": "wlroots", - "rev": "2ad25b1460400e66ea26bd6489b04072be7d9dbb", + "rev": "50cc1ef4d3791d86854dd83c15fff17e5ea1a5b6", "type": "gitlab" }, "original": { -- 2.47.1 From 124cf496ea4f72ef30b3fd4f7b990486ae28cf16 Mon Sep 17 00:00:00 2001 From: victor Date: Tue, 4 Oct 2022 10:49:46 +0200 Subject: [PATCH 0487/1882] flake update --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 674dd89c..29021272 100644 --- a/flake.lock +++ b/flake.lock @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1664831853, - "narHash": "sha256-8zHoZ8uuhBtgdNkfxw0f/k9y4FhWRbO+ryXqS4arNq0=", + "lastModified": 1664835015, + "narHash": "sha256-7XpQRUhO1rgklw976lXpEcz5piCbWF1UUTqiUn0CZxc=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "3bb5971c2e19a07852e27b876bc53b5d597e09c4", + "rev": "63dfe305dd5ff00d4de74f0cb9fea9b9901e6b40", "type": "github" }, "original": { @@ -550,11 +550,11 @@ "utils": "utils_5" }, "locked": { - "lastModified": 1664765798, - "narHash": "sha256-HZEGfxLtLCV41Psqv0FWC5UUfer7sdf3GdPYFm8a6KM=", + "lastModified": 1664848276, + "narHash": "sha256-sS3CiLiBM9XUy+QuW54XqjhvNroEwLnFGaEwDVYd9HE=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "0dc1831548a56855d3643523d27f0ac7a3bf8b73", + "rev": "7717252ee5246ad22cfc24891a67377561af54ac", "type": "github" }, "original": { @@ -698,11 +698,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1664786530, - "narHash": "sha256-lRMdQ0jjbTIyYLB393GFJYhksYeWU6PFmND4MTVhbtE=", + "lastModified": 1664872841, + "narHash": "sha256-IYTe6nvULk7TnltI1qSxh2zdT3lbn2ZqqhUXyAADD2w=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "a5a98d7024334992a91c68d818248fba5dc24574", + "rev": "7802eb63130185de1022a1bfbc8e9ba2e0b5d9e6", "type": "github" }, "original": { -- 2.47.1 From f4eeb27b2047567cbc1a8f9f9d276e97f07db946 Mon Sep 17 00:00:00 2001 From: victor Date: Thu, 6 Oct 2022 11:54:43 +0200 Subject: [PATCH 0488/1882] updates --- flake.lock | 60 +- nixos/hosts/thalassa/null/home/default.nix | 41 +- nixos/hosts/thalassa/null/networking.nix | 3 + nixos/pkgs/deemix-gui/default.nix | 46 + nixos/pkgs/deemix-gui/package.json | 84 + nixos/pkgs/deemix-gui/yarn.lock | 2727 +++++++++++++++++++ nixos/pkgs/default.nix | 7 + nixos/pkgs/vscode-extensions/platformio.nix | 12 + 8 files changed, 2931 insertions(+), 49 deletions(-) create mode 100644 nixos/pkgs/deemix-gui/default.nix create mode 100644 nixos/pkgs/deemix-gui/package.json create mode 100644 nixos/pkgs/deemix-gui/yarn.lock create mode 100644 nixos/pkgs/vscode-extensions/platformio.nix diff --git a/flake.lock b/flake.lock index 29021272..5527c1e9 100644 --- a/flake.lock +++ b/flake.lock @@ -154,11 +154,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1663678795, - "narHash": "sha256-SkROcpe7lb46fpBnwMYooExP6WqttsRPeao1d9ykHho=", + "lastModified": 1664882193, + "narHash": "sha256-uiAYOxN/M4dpaB6ieY3xOvOH6XgHP9NVXDTzSRa3pMc=", "owner": "nix-community", "repo": "dream2nix", - "rev": "0f3b6c5dd1630d601ae6f456421b4dfed178f260", + "rev": "785b76894263fd76a0e69955e4cd990b7b735bdf", "type": "github" }, "original": { @@ -420,11 +420,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1664783440, - "narHash": "sha256-KlMwR7mUf5h8MPnzV7nGFUAt6ih/euW5xgvZ5x+hwvI=", + "lastModified": 1664983332, + "narHash": "sha256-KyQvgFRwk3qW3Qr+lO5UDqfpST/HaCJY1yB7wPgPUqo=", "owner": "nix-community", "repo": "home-manager", - "rev": "e4e639dd4dc3e431aa5b5f95325f9a66ac7e0dd9", + "rev": "1a8e35d2e53ed2ccd9818fad9c9478d56c655661", "type": "github" }, "original": { @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1664835015, - "narHash": "sha256-7XpQRUhO1rgklw976lXpEcz5piCbWF1UUTqiUn0CZxc=", + "lastModified": 1665044765, + "narHash": "sha256-/ubu4NLIxQmKoD4al6L8qFE74FbFWmIrtjwwnyOYv0A=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "63dfe305dd5ff00d4de74f0cb9fea9b9901e6b40", + "rev": "d7ef19e2e745c2184fcf5c2ce6ac4208d6a81594", "type": "github" }, "original": { @@ -550,11 +550,11 @@ "utils": "utils_5" }, "locked": { - "lastModified": 1664848276, - "narHash": "sha256-sS3CiLiBM9XUy+QuW54XqjhvNroEwLnFGaEwDVYd9HE=", + "lastModified": 1665020519, + "narHash": "sha256-1DdFTskxpBw/McAuNNvUkWpNtSN1tUywpsBjNfsSBLY=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "7717252ee5246ad22cfc24891a67377561af54ac", + "rev": "d34bbd2bbb2afb2f43365238c218f97365686742", "type": "github" }, "original": { @@ -667,11 +667,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1664687381, - "narHash": "sha256-9czSuDzS+OGGwq2kC4KXBLXWfYaup+oLB+AA1Md25U4=", + "lastModified": 1664780719, + "narHash": "sha256-Oxe6la5dSqRfJogjtY4sRzJjDDqvroJIVkcGEOT87MA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "59d2991d4256cdca1c0cda45d876c80a0fe45c31", + "rev": "fd54651f5ffb4a36e8463e0c327a78442b26cbe7", "type": "github" }, "original": { @@ -698,11 +698,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1664872841, - "narHash": "sha256-IYTe6nvULk7TnltI1qSxh2zdT3lbn2ZqqhUXyAADD2w=", + "lastModified": 1665049962, + "narHash": "sha256-d3KxQQyrq0YXwoDFHXaIsCSB9ZNMwnAJjChO85j4kZE=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "7802eb63130185de1022a1bfbc8e9ba2e0b5d9e6", + "rev": "581a16b4db39d6ead5dba08ebe9405a9e4b19d94", "type": "github" }, "original": { @@ -760,11 +760,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1663684946, - "narHash": "sha256-2+miCrlBWC3ELfz862mJ4U8qQyfiD+XLzD9p6k/WzCs=", + "lastModified": 1664876616, + "narHash": "sha256-OxZntLnFgKbGUrPJJNLMxxj4yUaN/30+LG9N81ADqZE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0d7222c92f0503d15176281c7182d2782dc1b6da", + "rev": "0490b307e5556a8804e710d0c744d29c80fbce48", "type": "github" }, "original": { @@ -826,11 +826,11 @@ ] }, "locked": { - "lastModified": 1664557358, - "narHash": "sha256-ok/e+vBUyt3OhdG0ND7d0INxAA5w9+SRxGlUtao0nv4=", + "lastModified": 1664896222, + "narHash": "sha256-jaK5TW4W5hEif/4lpoMRSr/8oWapGVc/ac7X5DPYYv4=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "8a11573a00386a5849af5534b5d0336092299eef", + "rev": "25b8d0dfdeaa9f325737b704285b2738223b8c3d", "type": "github" }, "original": { @@ -1053,11 +1053,11 @@ "webcord": "webcord_2" }, "locked": { - "lastModified": 1664817607, - "narHash": "sha256-1c9doRBUy61lrkA5MTRF4xIE9VcnBxfWUGzXMnMm0CM=", + "lastModified": 1664913401, + "narHash": "sha256-OQEQl0THKfnvBfboOFyWPzLhQejf539q1j4TD6dC64k=", "owner": "fufexan", "repo": "webcord-flake", - "rev": "6fdcb79b9aa692acf95c2c9e05b7cd7fa426a385", + "rev": "8d52a20956de918df1b63df2ebc18d598b06df48", "type": "github" }, "original": { @@ -1069,11 +1069,11 @@ "webcord_2": { "flake": false, "locked": { - "lastModified": 1663533822, - "narHash": "sha256-TvlaaWu40La+CRD2+zXXRmyAF6LEU63eH/BuEQgUiQ4=", + "lastModified": 1664742535, + "narHash": "sha256-QoXBlhCM97haNlkbU4O2oXITnzrkiM9hYAiNpduVjIQ=", "owner": "SpacingBat3", "repo": "WebCord", - "rev": "2df618b4669eaca06b2f635145d1293a612fa24c", + "rev": "cb6938bde4f57b252b167b23fc0c2d6120326fff", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 82f09352..52f0dff1 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -18,6 +18,7 @@ in { ]; home.packages = with pkgs; [ + appimage-run brightnessctl btop calibre @@ -42,7 +43,6 @@ in { nixpkgs-review plex-media-player plexamp - pulseview python3 retroarchFull ripgrep @@ -52,7 +52,6 @@ in { solo2-cli steam-run tex - # texlive.combined.scheme-full thunderbird-wayland wf-recorder # Screenrecorder wl-clipboard # Clipboard manager @@ -137,24 +136,28 @@ in { "nix.serverPath" = "${pkgs.nil}/bin/nil"; # The path to the LSP server executable. "[nix]" = { "editor.defaultFormatter" = "brettm12345.nixfmt-vscode"; }; + # "platformio-ide.useBuiltinPIOCore" = false; + # "platformio-ide.useBuiltinPython" = false; }; - extensions = with pkgs.vscode-extensions; [ - catppuccin.catppuccin-vsc - brettm12345.nixfmt-vscode - codezombiech.gitignore - editorconfig.editorconfig - foxundermoon.shell-format - james-yu.latex-workshop - jnoortheen.nix-ide - matklad.rust-analyzer - mkhl.direnv - ms-vscode-remote.remote-ssh - ms-vscode.cpptools - tamasfe.even-better-toml - valentjn.vscode-ltex - vscodevim.vim - xaver.clang-format - ]; + extensions = with pkgs.vscode-extensions; + with pkgs.v.vscode-extensions; [ + brettm12345.nixfmt-vscode + catppuccin.catppuccin-vsc + codezombiech.gitignore + editorconfig.editorconfig + foxundermoon.shell-format + james-yu.latex-workshop + jnoortheen.nix-ide + matklad.rust-analyzer + mkhl.direnv + ms-vscode-remote.remote-ssh + ms-vscode.cpptools + platformio.platformio-ide + tamasfe.even-better-toml + valentjn.vscode-ltex + vscodevim.vim + xaver.clang-format + ]; }; programs.direnv = { diff --git a/nixos/hosts/thalassa/null/networking.nix b/nixos/hosts/thalassa/null/networking.nix index eceb6c61..0ca92169 100644 --- a/nixos/hosts/thalassa/null/networking.nix +++ b/nixos/hosts/thalassa/null/networking.nix @@ -33,6 +33,9 @@ "sha256('yeet')" = { psk = "@SHA256_PASSWORD@"; }; + "wired" = { + psk = "@WIRED_PASSWORD@"; + }; }; }; diff --git a/nixos/pkgs/deemix-gui/default.nix b/nixos/pkgs/deemix-gui/default.nix new file mode 100644 index 00000000..87ce178d --- /dev/null +++ b/nixos/pkgs/deemix-gui/default.nix @@ -0,0 +1,46 @@ +{ pkgs, stdenv, electron_14, mkYarnPackage, fetchFromGitLab, lib }: +let electron = electron_14; +in mkYarnPackage rec { + pname = "deemix-gui"; + version = "0.1.0"; + + src = fetchFromGitLab { + owner = "RemixDev"; + repo = "deemix-gui"; + rev = "06305de9cf65639620eeaee408f1c64cb8610387"; + sha256 = "sha256-498ivYIFUWDamtI38PUEag9ydWpXfhtzgI3rTOcmTJQ="; + }; + + packageJSON = ./package.json; + yarnLock = ./yarn.lock; + + buildInputs = [ electron ]; + + installPhase = '' + ls -al + runHook preInstall + mkdir -p $out/{bin,libexec/${pname}} + mv node_modules $out/libexec/${pname}/node_modules + mv deps $out/libexec/${pname}/deps + runHook postInstall + ''; + + distPhase = '' + true + ''; + + # distPhase = '' + # cd $out + # unlink "$out/libexec/${pname}/deps/${pname}/node_modules" + # ln -s "$out/libexec/${pname}/node_modules" "$out/libexec/${pname}/deps/${pname}/desktop/node_modules" + # ls -al + # ls -al libexec + # mkdir -p bin + # cd bin + # echo '#!/bin/sh' > ${pname} + # echo "cd $out/libexec/${pname}/deps/${pname}" >> ${pname} + # echo "${electron}/bin/electron $out/libexec/${pname}/deps/${pname}/desktop" >> ${pname} + # chmod 0755 $out/bin/${pname} + # true + # ''; +} diff --git a/nixos/pkgs/deemix-gui/package.json b/nixos/pkgs/deemix-gui/package.json new file mode 100644 index 00000000..7f7198fe --- /dev/null +++ b/nixos/pkgs/deemix-gui/package.json @@ -0,0 +1,84 @@ +{ + "name": "deemix-gui", + "version": "0.0.0", + "main": "index.js", + "repository": "https://gitlab.com/RemixDev/deemix-gui.git", + "author": "RemixDev ", + "license": "GPL-3.0-only", + "scripts": { + "install-all": "yarn install && yarn --cwd server install --production && yarn --cwd webui install --production", + "install-all-dev": "yarn install && yarn --cwd server install && yarn --cwd webui install", + "dev": "yarn --cwd webui dev", + "start": "electron . --dev", + "predist": "yarn build-server && yarn build-webui", + "dist": "yarn set-version && electron-builder && yarn reset-version", + "dist:dir": "yarn set-version && yarn predist && electron-builder --dir && yarn reset-version", + "dist-server": "yarn set-version && yarn predist && ./node_modules/.bin/pkg --out-dir dist ./server/package.json && yarn reset-version", + "start-server": "yarn --cwd server start", + "build-server": "yarn --cwd server build", + "build-webui": "yarn --cwd webui build", + "set-version": "node scripts/set-version.js", + "reset-version": "node scripts/reset-version.js" + }, + "devDependencies": { + "electron": "^14.2.0", + "electron-builder": "^22.14.0", + "pkg": "^5.5.0" + }, + "dependencies": { + "electron-context-menu": "^3.1.0", + "electron-window-state-manager": "^0.3.2", + "yargs": "^17.3.0" + }, + "build": { + "appId": "app.deemix.gui", + "productName": "deemix-gui", + "files": [ + "index.js", + "preload.js", + "server/dist/**/*", + "webui/public/**/*", + "build/**/*", + "package.json" + ], + "mac": { + "target": "dmg", + "artifactName": "deemix-gui.${ext}", + "category": "public.app-category.music" + }, + "win": { + "target": [ + { + "target": "nsis", + "arch": "x64" + }, + { + "target": "portable", + "arch": "x64" + } + ] + }, + "linux": { + "target": [ + "appimage", + "deb" + ], + "artifactName": "deemix-gui.${ext}", + "category": "AudioVideo,Audio", + "icon": "build/icon.icns" + }, + "nsis": { + "artifactName": "${productName}_setup.${ext}", + "oneClick": false, + "license": "LICENSE.txt", + "allowToChangeInstallationDirectory": true, + "uninstallDisplayName": "${productName}", + "deleteAppDataOnUninstall": true + }, + "portable": { + "artifactName": "${productName}.${ext}", + "requestExecutionLevel": "user" + } + } + } + \ No newline at end of file diff --git a/nixos/pkgs/deemix-gui/yarn.lock b/nixos/pkgs/deemix-gui/yarn.lock new file mode 100644 index 00000000..d31fa2d4 --- /dev/null +++ b/nixos/pkgs/deemix-gui/yarn.lock @@ -0,0 +1,2727 @@ +# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. +# yarn lockfile v1 + + +"7zip-bin@~5.1.1": + version "5.1.1" + resolved "https://registry.yarnpkg.com/7zip-bin/-/7zip-bin-5.1.1.tgz#9274ec7460652f9c632c59addf24efb1684ef876" + integrity sha512-sAP4LldeWNz0lNzmTird3uWfFDWWTeg6V/MsmyyLR9X1idwKBWIgt/ZvinqQldJm3LecKEs1emkbquO6PCiLVQ== + +"@babel/helper-validator-identifier@^7.15.7": + version "7.16.7" + resolved "https://registry.yarnpkg.com/@babel/helper-validator-identifier/-/helper-validator-identifier-7.16.7.tgz#e8c602438c4a8195751243da9031d1607d247cad" + integrity sha512-hsEnFemeiW4D08A5gUAZxLBTXpZ39P+a+DGDsHw1yxqyQ/jzFEnxf5uTEGp+3bzAbNOxU1paTgYS4ECU/IgfDw== + +"@babel/parser@7.16.2": + version "7.16.2" + resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.16.2.tgz#3723cd5c8d8773eef96ce57ea1d9b7faaccd12ac" + integrity sha512-RUVpT0G2h6rOZwqLDTrKk7ksNv7YpAilTnYe1/Q+eDjxEceRMKVWbCsX7t8h6C1qCFi/1Y8WZjcEPBAFG27GPw== + +"@babel/types@7.16.0": + version "7.16.0" + resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.16.0.tgz#db3b313804f96aadd0b776c4823e127ad67289ba" + integrity sha512-PJgg/k3SdLsGb3hhisFvtLOw5ts113klrpLuIPtCJIU+BB24fqq6lf8RWqKJEjzqXR9AEH1rIb5XTqwBHB+kQg== + dependencies: + "@babel/helper-validator-identifier" "^7.15.7" + to-fast-properties "^2.0.0" + +"@develar/schema-utils@~2.6.5": + version "2.6.5" + resolved "https://registry.yarnpkg.com/@develar/schema-utils/-/schema-utils-2.6.5.tgz#3ece22c5838402419a6e0425f85742b961d9b6c6" + integrity sha512-0cp4PsWQ/9avqTVMCtZ+GirikIA36ikvjtHweU4/j8yLtgObI0+JUPhYFScgwlteveGB1rt3Cm8UhN04XayDig== + dependencies: + ajv "^6.12.0" + ajv-keywords "^3.4.1" + +"@electron/get@^1.0.1": + version "1.14.1" + resolved "https://registry.yarnpkg.com/@electron/get/-/get-1.14.1.tgz#16ba75f02dffb74c23965e72d617adc721d27f40" + integrity sha512-BrZYyL/6m0ZXz/lDxy/nlVhQz+WF+iPS6qXolEU8atw7h6v1aYkjwJZ63m+bJMBTxDE66X+r2tPS4a/8C82sZw== + dependencies: + debug "^4.1.1" + env-paths "^2.2.0" + fs-extra "^8.1.0" + got "^9.6.0" + progress "^2.0.3" + semver "^6.2.0" + sumchecker "^3.0.1" + optionalDependencies: + global-agent "^3.0.0" + global-tunnel-ng "^2.7.1" + +"@electron/universal@1.0.5": + version "1.0.5" + resolved "https://registry.yarnpkg.com/@electron/universal/-/universal-1.0.5.tgz#b812340e4ef21da2b3ee77b2b4d35c9b86defe37" + integrity sha512-zX9O6+jr2NMyAdSkwEUlyltiI4/EBLu2Ls/VD3pUQdi3cAYeYfdQnT2AJJ38HE4QxLccbU13LSpccw1IWlkyag== + dependencies: + "@malept/cross-spawn-promise" "^1.1.0" + asar "^3.0.3" + debug "^4.3.1" + dir-compare "^2.4.0" + fs-extra "^9.0.1" + +"@malept/cross-spawn-promise@^1.1.0": + version "1.1.1" + resolved "https://registry.yarnpkg.com/@malept/cross-spawn-promise/-/cross-spawn-promise-1.1.1.tgz#504af200af6b98e198bce768bc1730c6936ae01d" + integrity sha512-RTBGWL5FWQcg9orDOCcp4LvItNzUPcyEU9bwaeJX0rJ1IQxzucC48Y0/sQLp/g6t99IQgAlGIaesJS+gTn7tVQ== + dependencies: + cross-spawn "^7.0.1" + +"@malept/flatpak-bundler@^0.4.0": + version "0.4.0" + resolved "https://registry.yarnpkg.com/@malept/flatpak-bundler/-/flatpak-bundler-0.4.0.tgz#e8a32c30a95d20c2b1bb635cc580981a06389858" + integrity sha512-9QOtNffcOF/c1seMCDnjckb3R9WHcG34tky+FHpNKKCW0wc/scYLwMtO+ptyGUfMW0/b/n4qRiALlaFHc9Oj7Q== + dependencies: + debug "^4.1.1" + fs-extra "^9.0.0" + lodash "^4.17.15" + tmp-promise "^3.0.2" + +"@nodelib/fs.scandir@2.1.5": + version "2.1.5" + resolved "https://registry.yarnpkg.com/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz#7619c2eb21b25483f6d167548b4cfd5a7488c3d5" + integrity sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g== + dependencies: + "@nodelib/fs.stat" "2.0.5" + run-parallel "^1.1.9" + +"@nodelib/fs.stat@2.0.5", "@nodelib/fs.stat@^2.0.2": + version "2.0.5" + resolved "https://registry.yarnpkg.com/@nodelib/fs.stat/-/fs.stat-2.0.5.tgz#5bd262af94e9d25bd1e71b05deed44876a222e8b" + integrity sha512-RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A== + +"@nodelib/fs.walk@^1.2.3": + version "1.2.8" + resolved "https://registry.yarnpkg.com/@nodelib/fs.walk/-/fs.walk-1.2.8.tgz#e95737e8bb6746ddedf69c556953494f196fe69a" + integrity sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg== + dependencies: + "@nodelib/fs.scandir" "2.1.5" + fastq "^1.6.0" + +"@sindresorhus/is@^0.14.0": + version "0.14.0" + resolved "https://registry.yarnpkg.com/@sindresorhus/is/-/is-0.14.0.tgz#9fb3a3cf3132328151f353de4632e01e52102bea" + integrity sha512-9NET910DNaIPngYnLLPeg+Ogzqsi9uM4mSboU5y6p8S5DzMTVEsJZrawi+BoDNUVBa2DhJqQYUFvMDfgU062LQ== + +"@szmarczak/http-timer@^1.1.2": + version "1.1.2" + resolved "https://registry.yarnpkg.com/@szmarczak/http-timer/-/http-timer-1.1.2.tgz#b1665e2c461a2cd92f4c1bbf50d5454de0d4b421" + integrity sha512-XIB2XbzHTN6ieIjfIMV9hlVcfPU26s2vafYWQcZHWXHOxiaRZYEDKEwdl129Zyg50+foYV2jCgtrqSA6qNuNSA== + dependencies: + defer-to-connect "^1.0.1" + +"@tootallnate/once@2": + version "2.0.0" + resolved "https://registry.yarnpkg.com/@tootallnate/once/-/once-2.0.0.tgz#f544a148d3ab35801c1f633a7441fd87c2e484bf" + integrity sha512-XCuKFP5PS55gnMVu3dty8KPatLqUoy/ZYzDzAGCQ8JNFCkLXzmI7vNHCR+XpbZaMWQK/vQubr7PkYq8g470J/A== + +"@types/debug@^4.1.6": + version "4.1.7" + resolved "https://registry.yarnpkg.com/@types/debug/-/debug-4.1.7.tgz#7cc0ea761509124709b8b2d1090d8f6c17aadb82" + integrity sha512-9AonUzyTjXXhEOa0DnqpzZi6VHlqKMswga9EXjpXnnqxwLtdvPPtlO8evrI5D9S6asFRCQ6v+wpiUKbw+vKqyg== + dependencies: + "@types/ms" "*" + +"@types/fs-extra@^9.0.11": + version "9.0.13" + resolved "https://registry.yarnpkg.com/@types/fs-extra/-/fs-extra-9.0.13.tgz#7594fbae04fe7f1918ce8b3d213f74ff44ac1f45" + integrity sha512-nEnwB++1u5lVDM2UI4c1+5R+FYaKfaAzS4OococimjVm3nQw3TuzH5UNsocrcTBbhnerblyHj4A49qXbIiZdpA== + dependencies: + "@types/node" "*" + +"@types/glob@^7.1.1": + version "7.2.0" + resolved "https://registry.yarnpkg.com/@types/glob/-/glob-7.2.0.tgz#bc1b5bf3aa92f25bd5dd39f35c57361bdce5b2eb" + integrity sha512-ZUxbzKl0IfJILTS6t7ip5fQQM/J3TJYubDm3nMbgubNNYS62eXeUpoLUC8/7fJNiFYHTrGPQn7hspDUzIHX3UA== + dependencies: + "@types/minimatch" "*" + "@types/node" "*" + +"@types/minimatch@*": + version "3.0.5" + resolved "https://registry.yarnpkg.com/@types/minimatch/-/minimatch-3.0.5.tgz#1001cc5e6a3704b83c236027e77f2f58ea010f40" + integrity sha512-Klz949h02Gz2uZCMGwDUSDS1YBlTdDDgbWHi+81l29tQALUtvz4rAYi5uoVhE5Lagoq6DeqAUlbrHvW/mXDgdQ== + +"@types/ms@*": + version "0.7.31" + resolved "https://registry.yarnpkg.com/@types/ms/-/ms-0.7.31.tgz#31b7ca6407128a3d2bbc27fe2d21b345397f6197" + integrity sha512-iiUgKzV9AuaEkZqkOLDIvlQiL6ltuZd9tGcW3gwpnX8JbuiuhFlEGmmFXEXkN50Cvq7Os88IY2v0dkDqXYWVgA== + +"@types/node@*": + version "17.0.21" + resolved "https://registry.yarnpkg.com/@types/node/-/node-17.0.21.tgz#864b987c0c68d07b4345845c3e63b75edd143644" + integrity sha512-DBZCJbhII3r90XbQxI8Y9IjjiiOGlZ0Hr32omXIZvwwZ7p4DMMXGrKXVyPfuoBOri9XNtL0UK69jYIBIsRX3QQ== + +"@types/node@^14.6.2": + version "14.18.22" + resolved "https://registry.yarnpkg.com/@types/node/-/node-14.18.22.tgz#fd2a15dca290fc9ad565b672fde746191cd0c6e6" + integrity sha512-qzaYbXVzin6EPjghf/hTdIbnVW1ErMx8rPzwRNJhlbyJhu2SyqlvjGOY/tbUt6VFyzg56lROcOeSQRInpt63Yw== + +"@types/plist@^3.0.1": + version "3.0.2" + resolved "https://registry.yarnpkg.com/@types/plist/-/plist-3.0.2.tgz#61b3727bba0f5c462fe333542534a0c3e19ccb01" + integrity sha512-ULqvZNGMv0zRFvqn8/4LSPtnmN4MfhlPNtJCTpKuIIxGVGZ2rYWzFXrvEBoh9CVyqSE7D6YFRJ1hydLHI6kbWw== + dependencies: + "@types/node" "*" + xmlbuilder ">=11.0.1" + +"@types/verror@^1.10.3": + version "1.10.5" + resolved "https://registry.yarnpkg.com/@types/verror/-/verror-1.10.5.tgz#2a1413aded46e67a1fe2386800e291123ed75eb1" + integrity sha512-9UjMCHK5GPgQRoNbqdLIAvAy0EInuiqbW0PBMtVP6B5B2HQJlvoJHM+KodPZMEjOa5VkSc+5LH7xy+cUzQdmHw== + +"@types/yargs-parser@*": + version "20.2.1" + resolved "https://registry.yarnpkg.com/@types/yargs-parser/-/yargs-parser-20.2.1.tgz#3b9ce2489919d9e4fea439b76916abc34b2df129" + integrity sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw== + +"@types/yargs@^17.0.1": + version "17.0.8" + resolved "https://registry.yarnpkg.com/@types/yargs/-/yargs-17.0.8.tgz#d23a3476fd3da8a0ea44b5494ca7fa677b9dad4c" + integrity sha512-wDeUwiUmem9FzsyysEwRukaEdDNcwbROvQ9QGRKaLI6t+IltNzbn4/i4asmB10auvZGQCzSQ6t0GSczEThlUXw== + dependencies: + "@types/yargs-parser" "*" + +agent-base@6: + version "6.0.2" + resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-6.0.2.tgz#49fff58577cfee3f37176feab4c22e00f86d7f77" + integrity sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ== + dependencies: + debug "4" + +ajv-keywords@^3.4.1: + version "3.5.2" + resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-3.5.2.tgz#31f29da5ab6e00d1c2d329acf7b5929614d5014d" + integrity sha512-5p6WTN0DdTGVQk6VjcEju19IgaHudalcfabD7yhDGeA6bcQnmL+CpveLJq/3hvfwd1aof6L386Ougkx6RfyMIQ== + +ajv@^6.10.0, ajv@^6.12.0: + version "6.12.6" + resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.6.tgz#baf5a62e802b07d977034586f8c3baf5adf26df4" + integrity sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g== + dependencies: + fast-deep-equal "^3.1.1" + fast-json-stable-stringify "^2.0.0" + json-schema-traverse "^0.4.1" + uri-js "^4.2.2" + +ansi-align@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/ansi-align/-/ansi-align-3.0.1.tgz#0cdf12e111ace773a86e9a1fad1225c43cb19a59" + integrity sha512-IOfwwBF5iczOjp/WeY4YxyjqAFMQoZufdQWDd19SEExbVLNXqvpzSJ/M7Za4/sCPmQ0+GRquoA7bGcINcxew6w== + dependencies: + string-width "^4.1.0" + +ansi-regex@^2.0.0: + version "2.1.1" + resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-2.1.1.tgz#c3b33ab5ee360d86e0e628f0468ae7ef27d654df" + integrity sha1-w7M6te42DYbg5ijwRorn7yfWVN8= + +ansi-regex@^5.0.1: + version "5.0.1" + resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-5.0.1.tgz#082cb2c89c9fe8659a311a53bd6a4dc5301db304" + integrity sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ== + +ansi-styles@^3.2.1: + version "3.2.1" + resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-3.2.1.tgz#41fbb20243e50b12be0f04b8dedbf07520ce841d" + integrity sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA== + dependencies: + color-convert "^1.9.0" + +ansi-styles@^4.0.0, ansi-styles@^4.1.0: + version "4.3.0" + resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-4.3.0.tgz#edd803628ae71c04c85ae7a0906edad34b648937" + integrity sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg== + dependencies: + color-convert "^2.0.1" + +app-builder-bin@3.7.1: + version "3.7.1" + resolved "https://registry.yarnpkg.com/app-builder-bin/-/app-builder-bin-3.7.1.tgz#cb0825c5e12efc85b196ac3ed9c89f076c61040e" + integrity sha512-ql93vEUq6WsstGXD+SBLSIQw6SNnhbDEM0swzgugytMxLp3rT24Ag/jcC80ZHxiPRTdew1niuR7P3/FCrDqIjw== + +app-builder-lib@22.14.13: + version "22.14.13" + resolved "https://registry.yarnpkg.com/app-builder-lib/-/app-builder-lib-22.14.13.tgz#c1f5b6afc86596357598bb90b69eef06c7c2eeb3" + integrity sha512-SufmrtxU+D0Tn948fjEwAOlCN9757UXLkzzTWXMwZKR/5hisvgqeeBepWfphMIE6OkDGz0fbzEhL1P2Pty4XMg== + dependencies: + "7zip-bin" "~5.1.1" + "@develar/schema-utils" "~2.6.5" + "@electron/universal" "1.0.5" + "@malept/flatpak-bundler" "^0.4.0" + async-exit-hook "^2.0.1" + bluebird-lst "^1.0.9" + builder-util "22.14.13" + builder-util-runtime "8.9.2" + chromium-pickle-js "^0.2.0" + debug "^4.3.2" + ejs "^3.1.6" + electron-osx-sign "^0.5.0" + electron-publish "22.14.13" + form-data "^4.0.0" + fs-extra "^10.0.0" + hosted-git-info "^4.0.2" + is-ci "^3.0.0" + isbinaryfile "^4.0.8" + js-yaml "^4.1.0" + lazy-val "^1.0.5" + minimatch "^3.0.4" + read-config-file "6.2.0" + sanitize-filename "^1.6.3" + semver "^7.3.5" + temp-file "^3.4.0" + +app-root-path@^1.3.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/app-root-path/-/app-root-path-1.4.0.tgz#6335d865c9640d0fad99004e5a79232238e92dfa" + integrity sha1-YzXYZclkDQ+tmQBOWnkjIjjpLfo= + +aproba@^1.0.3: + version "1.2.0" + resolved "https://registry.yarnpkg.com/aproba/-/aproba-1.2.0.tgz#6802e6264efd18c790a1b0d517f0f2627bf2c94a" + integrity sha512-Y9J6ZjXtoYh8RnXVCMOU/ttDmk1aBjunq9vO0ta5x85WDQiQfUF9sIPBITdbiiIVcBo03Hi3jMxigBtsddlXRw== + +are-we-there-yet@~1.1.2: + version "1.1.7" + resolved "https://registry.yarnpkg.com/are-we-there-yet/-/are-we-there-yet-1.1.7.tgz#b15474a932adab4ff8a50d9adfa7e4e926f21146" + integrity sha512-nxwy40TuMiUGqMyRHgCSWZ9FM4VAoRP4xUYSTv5ImRog+h9yISPbVH7H8fASCIzYn9wlEv4zvFL7uKDMCFQm3g== + dependencies: + delegates "^1.0.0" + readable-stream "^2.0.6" + +argparse@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/argparse/-/argparse-2.0.1.tgz#246f50f3ca78a3240f6c997e8a9bd1eac49e4b38" + integrity sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q== + +array-union@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/array-union/-/array-union-2.1.0.tgz#b798420adbeb1de828d84acd8a2e23d3efe85e8d" + integrity sha512-HGyxoOTYUyCM6stUe6EJgnd4EoewAI7zMdfqO+kGjnlZmBDz/cR5pf8r/cR4Wq60sL/p0IkcjUEEPwS3GFrIyw== + +asar@^3.0.3: + version "3.1.0" + resolved "https://registry.yarnpkg.com/asar/-/asar-3.1.0.tgz#70b0509449fe3daccc63beb4d3c7d2e24d3c6473" + integrity sha512-vyxPxP5arcAqN4F/ebHd/HhwnAiZtwhglvdmc7BR2f0ywbVNTOpSeyhLDbGXtE/y58hv1oC75TaNIXutnsOZsQ== + dependencies: + chromium-pickle-js "^0.2.0" + commander "^5.0.0" + glob "^7.1.6" + minimatch "^3.0.4" + optionalDependencies: + "@types/glob" "^7.1.1" + +assert-plus@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-1.0.0.tgz#f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525" + integrity sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU= + +astral-regex@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/astral-regex/-/astral-regex-2.0.0.tgz#483143c567aeed4785759c0865786dc77d7d2e31" + integrity sha512-Z7tMw1ytTXt5jqMcOP+OQteU1VuNK9Y02uuJtKQ1Sv69jXQKKg5cibLwGJow8yzZP+eAc18EmLGPal0bp36rvQ== + +async-exit-hook@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/async-exit-hook/-/async-exit-hook-2.0.1.tgz#8bd8b024b0ec9b1c01cccb9af9db29bd717dfaf3" + integrity sha512-NW2cX8m1Q7KPA7a5M2ULQeZ2wR5qI5PAbw5L0UOMxdioVk9PMZ0h1TmyZEkPYrCvYjDlFICusOu1dlEKAAeXBw== + +async@0.9.x: + version "0.9.2" + resolved "https://registry.yarnpkg.com/async/-/async-0.9.2.tgz#aea74d5e61c1f899613bf64bda66d4c78f2fd17d" + integrity sha1-rqdNXmHB+JlhO/ZL2mbUx48v0X0= + +asynckit@^0.4.0: + version "0.4.0" + resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" + integrity sha1-x57Zf380y48robyXkLzDZkdLS3k= + +at-least-node@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/at-least-node/-/at-least-node-1.0.0.tgz#602cd4b46e844ad4effc92a8011a3c46e0238dc2" + integrity sha512-+q/t7Ekv1EDY2l6Gda6LLiX14rU9TV20Wa3ofeQmwPFZbOMo9DXrLbOjFaaclkXKWidIaopwAObQDqwWtGUjqg== + +balanced-match@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.2.tgz#e83e3a7e3f300b34cb9d87f615fa0cbf357690ee" + integrity sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw== + +base64-js@^1.3.1, base64-js@^1.5.1: + version "1.5.1" + resolved "https://registry.yarnpkg.com/base64-js/-/base64-js-1.5.1.tgz#1b1b440160a5bf7ad40b650f095963481903930a" + integrity sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA== + +bl@^4.0.3: + version "4.1.0" + resolved "https://registry.yarnpkg.com/bl/-/bl-4.1.0.tgz#451535264182bec2fbbc83a62ab98cf11d9f7b3a" + integrity sha512-1W07cM9gS6DcLperZfFSj+bWLtaPGSOHWhPiGzXmvVJbRLdG82sH/Kn8EtW1VqWVA54AKf2h5k5BbnIbwF3h6w== + dependencies: + buffer "^5.5.0" + inherits "^2.0.4" + readable-stream "^3.4.0" + +bluebird-lst@^1.0.9: + version "1.0.9" + resolved "https://registry.yarnpkg.com/bluebird-lst/-/bluebird-lst-1.0.9.tgz#a64a0e4365658b9ab5fe875eb9dfb694189bb41c" + integrity sha512-7B1Rtx82hjnSD4PGLAjVWeYH3tHAcVUmChh85a3lltKQm6FresXh9ErQo6oAv6CqxttczC3/kEg8SY5NluPuUw== + dependencies: + bluebird "^3.5.5" + +bluebird@^3.5.0, bluebird@^3.5.5: + version "3.7.2" + resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.7.2.tgz#9f229c15be272454ffa973ace0dbee79a1b0c36f" + integrity sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg== + +boolean@^3.0.1: + version "3.2.0" + resolved "https://registry.yarnpkg.com/boolean/-/boolean-3.2.0.tgz#9e5294af4e98314494cbb17979fa54ca159f116b" + integrity sha512-d0II/GO9uf9lfUHH2BQsjxzRJZBdsjgsBiW4BvhWk/3qoKwQFjIDVN19PfX8F2D/r9PCMTtLWjYVCFrpeYUzsw== + +boxen@^5.0.0: + version "5.1.2" + resolved "https://registry.yarnpkg.com/boxen/-/boxen-5.1.2.tgz#788cb686fc83c1f486dfa8a40c68fc2b831d2b50" + integrity sha512-9gYgQKXx+1nP8mP7CzFyaUARhg7D3n1dF/FnErWmu9l6JvGpNUN278h0aSb+QjoiKSWG+iZ3uHrcqk0qrY9RQQ== + dependencies: + ansi-align "^3.0.0" + camelcase "^6.2.0" + chalk "^4.1.0" + cli-boxes "^2.2.1" + string-width "^4.2.2" + type-fest "^0.20.2" + widest-line "^3.1.0" + wrap-ansi "^7.0.0" + +brace-expansion@^1.1.7: + version "1.1.11" + resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.11.tgz#3c7fcbf529d87226f3d2f52b966ff5271eb441dd" + integrity sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA== + dependencies: + balanced-match "^1.0.0" + concat-map "0.0.1" + +braces@^3.0.1: + version "3.0.2" + resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.2.tgz#3454e1a462ee8d599e236df336cd9ea4f8afe107" + integrity sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A== + dependencies: + fill-range "^7.0.1" + +buffer-alloc-unsafe@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/buffer-alloc-unsafe/-/buffer-alloc-unsafe-1.1.0.tgz#bd7dc26ae2972d0eda253be061dba992349c19f0" + integrity sha512-TEM2iMIEQdJ2yjPJoSIsldnleVaAk1oW3DBVUykyOLsEsFmEc9kn+SFFPz+gl54KQNxlDnAwCXosOS9Okx2xAg== + +buffer-alloc@^1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/buffer-alloc/-/buffer-alloc-1.2.0.tgz#890dd90d923a873e08e10e5fd51a57e5b7cce0ec" + integrity sha512-CFsHQgjtW1UChdXgbyJGtnm+O/uLQeZdtbDo8mfUgYXCHSM1wgrVxXm6bSyrUuErEb+4sYVGCzASBRot7zyrow== + dependencies: + buffer-alloc-unsafe "^1.1.0" + buffer-fill "^1.0.0" + +buffer-crc32@~0.2.3: + version "0.2.13" + resolved "https://registry.yarnpkg.com/buffer-crc32/-/buffer-crc32-0.2.13.tgz#0d333e3f00eac50aa1454abd30ef8c2a5d9a7242" + integrity sha512-VO9Ht/+p3SN7SKWqcrgEzjGbRSJYTx+Q1pTQC0wrWqHx0vpJraQ6GtHx8tvcg1rlK1byhU5gccxgOgj7B0TDkQ== + +buffer-equal@1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/buffer-equal/-/buffer-equal-1.0.0.tgz#59616b498304d556abd466966b22eeda3eca5fbe" + integrity sha1-WWFrSYME1Var1GaWayLu2j7KX74= + +buffer-fill@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/buffer-fill/-/buffer-fill-1.0.0.tgz#f8f78b76789888ef39f205cd637f68e702122b2c" + integrity sha1-+PeLdniYiO858gXNY39o5wISKyw= + +buffer-from@^1.0.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/buffer-from/-/buffer-from-1.1.2.tgz#2b146a6fd72e80b4f55d255f35ed59a3a9a41bd5" + integrity sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ== + +buffer@^5.1.0, buffer@^5.5.0: + version "5.7.1" + resolved "https://registry.yarnpkg.com/buffer/-/buffer-5.7.1.tgz#ba62e7c13133053582197160851a8f648e99eed0" + integrity sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ== + dependencies: + base64-js "^1.3.1" + ieee754 "^1.1.13" + +builder-util-runtime@8.9.2: + version "8.9.2" + resolved "https://registry.yarnpkg.com/builder-util-runtime/-/builder-util-runtime-8.9.2.tgz#a9669ae5b5dcabfe411ded26678e7ae997246c28" + integrity sha512-rhuKm5vh7E0aAmT6i8aoSfEjxzdYEFX7zDApK+eNgOhjofnWb74d9SRJv0H/8nsgOkos0TZ4zxW0P8J4N7xQ2A== + dependencies: + debug "^4.3.2" + sax "^1.2.4" + +builder-util@22.14.13: + version "22.14.13" + resolved "https://registry.yarnpkg.com/builder-util/-/builder-util-22.14.13.tgz#41b5b7b4ee53aff4e09cc007fb144522598f3ce6" + integrity sha512-oePC/qrrUuerhmH5iaCJzPRAKlSBylrhzuAJmRQClTyWnZUv6jbaHh+VoHMbEiE661wrj2S2aV7/bQh12cj1OA== + dependencies: + "7zip-bin" "~5.1.1" + "@types/debug" "^4.1.6" + "@types/fs-extra" "^9.0.11" + app-builder-bin "3.7.1" + bluebird-lst "^1.0.9" + builder-util-runtime "8.9.2" + chalk "^4.1.1" + cross-spawn "^7.0.3" + debug "^4.3.2" + fs-extra "^10.0.0" + http-proxy-agent "^5.0.0" + https-proxy-agent "^5.0.0" + is-ci "^3.0.0" + js-yaml "^4.1.0" + source-map-support "^0.5.19" + stat-mode "^1.0.0" + temp-file "^3.4.0" + +cacheable-request@^6.0.0: + version "6.1.0" + resolved "https://registry.yarnpkg.com/cacheable-request/-/cacheable-request-6.1.0.tgz#20ffb8bd162ba4be11e9567d823db651052ca912" + integrity sha512-Oj3cAGPCqOZX7Rz64Uny2GYAZNliQSqfbePrgAQ1wKAihYmCUnraBtJtKcGR4xz7wF+LoJC+ssFZvv5BgF9Igg== + dependencies: + clone-response "^1.0.2" + get-stream "^5.1.0" + http-cache-semantics "^4.0.0" + keyv "^3.0.0" + lowercase-keys "^2.0.0" + normalize-url "^4.1.0" + responselike "^1.0.2" + +camelcase@^6.2.0: + version "6.3.0" + resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-6.3.0.tgz#5685b95eb209ac9c0c177467778c9c84df58ba9a" + integrity sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA== + +chalk@^2.4.2: + version "2.4.2" + resolved "https://registry.yarnpkg.com/chalk/-/chalk-2.4.2.tgz#cd42541677a54333cf541a49108c1432b44c9424" + integrity sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ== + dependencies: + ansi-styles "^3.2.1" + escape-string-regexp "^1.0.5" + supports-color "^5.3.0" + +chalk@^4.1.0, chalk@^4.1.1, chalk@^4.1.2: + version "4.1.2" + resolved "https://registry.yarnpkg.com/chalk/-/chalk-4.1.2.tgz#aac4e2b7734a740867aeb16bf02aad556a1e7a01" + integrity sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA== + dependencies: + ansi-styles "^4.1.0" + supports-color "^7.1.0" + +chownr@^1.1.1: + version "1.1.4" + resolved "https://registry.yarnpkg.com/chownr/-/chownr-1.1.4.tgz#6fc9d7b42d32a583596337666e7d08084da2cc6b" + integrity sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg== + +chromium-pickle-js@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/chromium-pickle-js/-/chromium-pickle-js-0.2.0.tgz#04a106672c18b085ab774d983dfa3ea138f22205" + integrity sha1-BKEGZywYsIWrd02YPfo+oTjyIgU= + +ci-info@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/ci-info/-/ci-info-2.0.0.tgz#67a9e964be31a51e15e5010d58e6f12834002f46" + integrity sha512-5tK7EtrZ0N+OLFMthtqOj4fI2Jeb88C4CAZPu25LDVUgXJ0A3Js4PMGqrn0JU1W0Mh1/Z8wZzYPxqUrXeBboCQ== + +ci-info@^3.2.0: + version "3.3.0" + resolved "https://registry.yarnpkg.com/ci-info/-/ci-info-3.3.0.tgz#b4ed1fb6818dea4803a55c623041f9165d2066b2" + integrity sha512-riT/3vI5YpVH6/qomlDnJow6TBee2PBKSEpx3O32EGPYbWGIRsIlGRms3Sm74wYE1JMo8RnO04Hb12+v1J5ICw== + +cli-boxes@^2.2.1: + version "2.2.1" + resolved "https://registry.yarnpkg.com/cli-boxes/-/cli-boxes-2.2.1.tgz#ddd5035d25094fce220e9cab40a45840a440318f" + integrity sha512-y4coMcylgSCdVinjiDBuR8PCC2bLjyGTwEmPb9NHR/QaNU6EUOXcTY/s6VjGMD6ENSEaeQYHCY0GNGS5jfMwPw== + +cli-truncate@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/cli-truncate/-/cli-truncate-2.1.0.tgz#c39e28bf05edcde5be3b98992a22deed5a2b93c7" + integrity sha512-n8fOixwDD6b/ObinzTrp1ZKFzbgvKZvuz/TvejnLn1aQfC6r52XEx85FmuC+3HI+JM7coBRXUvNqEU2PHVrHpg== + dependencies: + slice-ansi "^3.0.0" + string-width "^4.2.0" + +cliui@^7.0.2: + version "7.0.4" + resolved "https://registry.yarnpkg.com/cliui/-/cliui-7.0.4.tgz#a0265ee655476fc807aea9df3df8df7783808b4f" + integrity sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ== + dependencies: + string-width "^4.2.0" + strip-ansi "^6.0.0" + wrap-ansi "^7.0.0" + +clone-response@^1.0.2: + version "1.0.3" + resolved "https://registry.yarnpkg.com/clone-response/-/clone-response-1.0.3.tgz#af2032aa47816399cf5f0a1d0db902f517abb8c3" + integrity sha512-ROoL94jJH2dUVML2Y/5PEDNaSHgeOdSDicUyS7izcF63G6sTc/FTjLub4b8Il9S8S0beOfYt0TaA5qvFK+w0wA== + dependencies: + mimic-response "^1.0.0" + +code-point-at@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" + integrity sha1-DQcLTQQ6W+ozovGkDi7bPZpMz3c= + +color-convert@^1.9.0: + version "1.9.3" + resolved "https://registry.yarnpkg.com/color-convert/-/color-convert-1.9.3.tgz#bb71850690e1f136567de629d2d5471deda4c1e8" + integrity sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg== + dependencies: + color-name "1.1.3" + +color-convert@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/color-convert/-/color-convert-2.0.1.tgz#72d3a68d598c9bdb3af2ad1e84f21d896abd4de3" + integrity sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ== + dependencies: + color-name "~1.1.4" + +color-name@1.1.3: + version "1.1.3" + resolved "https://registry.yarnpkg.com/color-name/-/color-name-1.1.3.tgz#a7d0558bd89c42f795dd42328f740831ca53bc25" + integrity sha1-p9BVi9icQveV3UIyj3QIMcpTvCU= + +color-name@~1.1.4: + version "1.1.4" + resolved "https://registry.yarnpkg.com/color-name/-/color-name-1.1.4.tgz#c2a09a87acbde69543de6f63fa3995c826c536a2" + integrity sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA== + +colors@1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/colors/-/colors-1.0.3.tgz#0433f44d809680fdeb60ed260f1b0c262e82a40b" + integrity sha1-BDP0TYCWgP3rYO0mDxsMJi6CpAs= + +combined-stream@^1.0.8: + version "1.0.8" + resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.8.tgz#c3d45a8b34fd730631a110a8a2520682b31d5a7f" + integrity sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg== + dependencies: + delayed-stream "~1.0.0" + +commander@2.9.0: + version "2.9.0" + resolved "https://registry.yarnpkg.com/commander/-/commander-2.9.0.tgz#9c99094176e12240cb22d6c5146098400fe0f7d4" + integrity sha1-nJkJQXbhIkDLItbFFGCYQA/g99Q= + dependencies: + graceful-readlink ">= 1.0.0" + +commander@^5.0.0: + version "5.1.0" + resolved "https://registry.yarnpkg.com/commander/-/commander-5.1.0.tgz#46abbd1652f8e059bddaef99bbdcb2ad9cf179ae" + integrity sha512-P0CysNDQ7rtVw4QIQtm+MRxV66vKFSvlsQvGYXZWR3qFU0jlMKHZZZgw8e+8DSah4UDKMqnknRDQz+xuQXQ/Zg== + +compare-version@^0.1.2: + version "0.1.2" + resolved "https://registry.yarnpkg.com/compare-version/-/compare-version-0.1.2.tgz#0162ec2d9351f5ddd59a9202cba935366a725080" + integrity sha1-AWLsLZNR9d3VmpICy6k1NmpyUIA= + +concat-map@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b" + integrity sha1-2Klr13/Wjfd5OnMDajug1UBdR3s= + +concat-stream@^1.6.2: + version "1.6.2" + resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.6.2.tgz#904bdf194cd3122fc675c77fc4ac3d4ff0fd1a34" + integrity sha512-27HBghJxjiZtIk3Ycvn/4kbJk/1uZuJFfuPEns6LaEvpvG1f0hTea8lilrouyo9mVc2GWdcEZ8OLoGmSADlrCw== + dependencies: + buffer-from "^1.0.0" + inherits "^2.0.3" + readable-stream "^2.2.2" + typedarray "^0.0.6" + +config-chain@^1.1.11: + version "1.1.13" + resolved "https://registry.yarnpkg.com/config-chain/-/config-chain-1.1.13.tgz#fad0795aa6a6cdaff9ed1b68e9dff94372c232f4" + integrity sha512-qj+f8APARXHrM0hraqXYb2/bOVSV4PvJQlNZ/DVj0QrmNM2q2euizkeuVckQ57J+W0mRH6Hvi+k50M4Jul2VRQ== + dependencies: + ini "^1.3.4" + proto-list "~1.2.1" + +configstore@^5.0.1: + version "5.0.1" + resolved "https://registry.yarnpkg.com/configstore/-/configstore-5.0.1.tgz#d365021b5df4b98cdd187d6a3b0e3f6a7cc5ed96" + integrity sha512-aMKprgk5YhBNyH25hj8wGt2+D52Sw1DRRIzqBwLp2Ya9mFmY8KPvvtvmna8SxVR9JMZ4kzMD68N22vlaRpkeFA== + dependencies: + dot-prop "^5.2.0" + graceful-fs "^4.1.2" + make-dir "^3.0.0" + unique-string "^2.0.0" + write-file-atomic "^3.0.0" + xdg-basedir "^4.0.0" + +console-control-strings@^1.0.0, console-control-strings@~1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/console-control-strings/-/console-control-strings-1.1.0.tgz#3d7cf4464db6446ea644bf4b39507f9851008e8e" + integrity sha1-PXz0Rk22RG6mRL9LOVB/mFEAjo4= + +core-util-is@1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7" + integrity sha1-tf1UIgqivFq1eqtxQMlAdUUDwac= + +core-util-is@~1.0.0: + version "1.0.3" + resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.3.tgz#a6042d3634c2b27e9328f837b965fac83808db85" + integrity sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ== + +crc@^3.8.0: + version "3.8.0" + resolved "https://registry.yarnpkg.com/crc/-/crc-3.8.0.tgz#ad60269c2c856f8c299e2c4cc0de4556914056c6" + integrity sha512-iX3mfgcTMIq3ZKLIsVFAbv7+Mc10kxabAGQb8HvjA1o3T1PIYprbakQ65d3I+2HGHt6nSKkM9PYjgoJO2KcFBQ== + dependencies: + buffer "^5.1.0" + +cross-spawn@^7.0.1, cross-spawn@^7.0.3: + version "7.0.3" + resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.3.tgz#f73a85b9d5d41d045551c177e2882d4ac85728a6" + integrity sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w== + dependencies: + path-key "^3.1.0" + shebang-command "^2.0.0" + which "^2.0.1" + +crypto-random-string@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/crypto-random-string/-/crypto-random-string-2.0.0.tgz#ef2a7a966ec11083388369baa02ebead229b30d5" + integrity sha512-v1plID3y9r/lPhviJ1wrXpLeyUIGAZ2SHNYTEapm7/8A9nLPoyvVp3RK/EPFqn5kEznyWgYZNsRtYYIWbuG8KA== + +debug@4, debug@^4.3.1, debug@^4.3.2: + version "4.3.3" + resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.3.tgz#04266e0b70a98d4462e6e288e38259213332b664" + integrity sha512-/zxw5+vh1Tfv+4Qn7a5nsbcJKPaSvCDhojn6FEl9vupwK2VCSDtEiEtqr8DFtzYFOdz63LBkxec7DYuc2jon6Q== + dependencies: + ms "2.1.2" + +debug@^2.6.8, debug@^2.6.9: + version "2.6.9" + resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.9.tgz#5d128515df134ff327e90a4c93f4e077a536341f" + integrity sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA== + dependencies: + ms "2.0.0" + +debug@^4.1.0, debug@^4.1.1: + version "4.3.4" + resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.4.tgz#1319f6579357f2338d3337d2cdd4914bb5dcc865" + integrity sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ== + dependencies: + ms "2.1.2" + +decompress-response@^3.3.0: + version "3.3.0" + resolved "https://registry.yarnpkg.com/decompress-response/-/decompress-response-3.3.0.tgz#80a4dd323748384bfa248083622aedec982adff3" + integrity sha512-BzRPQuY1ip+qDonAOz42gRm/pg9F768C+npV/4JOsxRC2sq+Rlk+Q4ZCAsOhnIaMrgarILY+RMUIvMmmX1qAEA== + dependencies: + mimic-response "^1.0.0" + +decompress-response@^4.2.0: + version "4.2.1" + resolved "https://registry.yarnpkg.com/decompress-response/-/decompress-response-4.2.1.tgz#414023cc7a302da25ce2ec82d0d5238ccafd8986" + integrity sha512-jOSne2qbyE+/r8G1VU+G/82LBs2Fs4LAsTiLSHOCOMZQl2OKZ6i8i4IyHemTe+/yIXOtTcRQMzPcgyhoFlqPkw== + dependencies: + mimic-response "^2.0.0" + +deep-extend@^0.6.0: + version "0.6.0" + resolved "https://registry.yarnpkg.com/deep-extend/-/deep-extend-0.6.0.tgz#c4fa7c95404a17a9c3e8ca7e1537312b736330ac" + integrity sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA== + +deep-is@~0.1.3: + version "0.1.4" + resolved "https://registry.yarnpkg.com/deep-is/-/deep-is-0.1.4.tgz#a6f2dce612fadd2ef1f519b73551f17e85199831" + integrity sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ== + +defer-to-connect@^1.0.1: + version "1.1.3" + resolved "https://registry.yarnpkg.com/defer-to-connect/-/defer-to-connect-1.1.3.tgz#331ae050c08dcf789f8c83a7b81f0ed94f4ac591" + integrity sha512-0ISdNousHvZT2EiFlZeZAHBUvSxmKswVCEf8hW7KWgG4a8MVEu/3Vb6uWYozkjylyCxe0JBIiRB1jV45S70WVQ== + +define-properties@^1.1.3: + version "1.1.4" + resolved "https://registry.yarnpkg.com/define-properties/-/define-properties-1.1.4.tgz#0b14d7bd7fbeb2f3572c3a7eda80ea5d57fb05b1" + integrity sha512-uckOqKcfaVvtBdsVkdPv3XjveQJsNQqmhXgRi8uhvWWuPYZCNlzT8qAyblUgNoXdHdjMTzAqeGjAoli8f+bzPA== + dependencies: + has-property-descriptors "^1.0.0" + object-keys "^1.1.1" + +delayed-stream@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/delayed-stream/-/delayed-stream-1.0.0.tgz#df3ae199acadfb7d440aaae0b29e2272b24ec619" + integrity sha1-3zrhmayt+31ECqrgsp4icrJOxhk= + +delegates@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a" + integrity sha1-hMbhWbgZBP3KWaDvRM2HDTElD5o= + +detect-libc@^1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/detect-libc/-/detect-libc-1.0.3.tgz#fa137c4bd698edf55cd5cd02ac559f91a4c4ba9b" + integrity sha1-+hN8S9aY7fVc1c0CrFWfkaTEups= + +detect-node@^2.0.4: + version "2.1.0" + resolved "https://registry.yarnpkg.com/detect-node/-/detect-node-2.1.0.tgz#c9c70775a49c3d03bc2c06d9a73be550f978f8b1" + integrity sha512-T0NIuQpnTvFDATNuHN5roPwSBG83rFsuO+MXXH9/3N1eFbn4wcPjttvjMLEPWJ0RGUYgQE7cGgS3tNxbqCGM7g== + +dir-compare@^2.4.0: + version "2.4.0" + resolved "https://registry.yarnpkg.com/dir-compare/-/dir-compare-2.4.0.tgz#785c41dc5f645b34343a4eafc50b79bac7f11631" + integrity sha512-l9hmu8x/rjVC9Z2zmGzkhOEowZvW7pmYws5CWHutg8u1JgvsKWMx7Q/UODeu4djLZ4FgW5besw5yvMQnBHzuCA== + dependencies: + buffer-equal "1.0.0" + colors "1.0.3" + commander "2.9.0" + minimatch "3.0.4" + +dir-glob@^3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/dir-glob/-/dir-glob-3.0.1.tgz#56dbf73d992a4a93ba1584f4534063fd2e41717f" + integrity sha512-WkrWp9GR4KXfKGYzOLmTuGVi1UWFfws377n9cc55/tb6DuqyF6pcQ5AbiHEshaDpY9v6oaSr2XCDidGmMwdzIA== + dependencies: + path-type "^4.0.0" + +dmg-builder@22.14.13: + version "22.14.13" + resolved "https://registry.yarnpkg.com/dmg-builder/-/dmg-builder-22.14.13.tgz#cc613f3c18e889b8777d525991fd52f50a564f8c" + integrity sha512-xNOugB6AbIRETeU2uID15sUfjdZZcKdxK8xkFnwIggsM00PJ12JxpLNPTjcRoUnfwj3WrPjilrO64vRMwNItQg== + dependencies: + app-builder-lib "22.14.13" + builder-util "22.14.13" + builder-util-runtime "8.9.2" + fs-extra "^10.0.0" + iconv-lite "^0.6.2" + js-yaml "^4.1.0" + optionalDependencies: + dmg-license "^1.0.9" + +dmg-license@^1.0.9: + version "1.0.11" + resolved "https://registry.yarnpkg.com/dmg-license/-/dmg-license-1.0.11.tgz#7b3bc3745d1b52be7506b4ee80cb61df6e4cd79a" + integrity sha512-ZdzmqwKmECOWJpqefloC5OJy1+WZBBse5+MR88z9g9Zn4VY+WYUkAyojmhzJckH5YbbZGcYIuGAkY5/Ys5OM2Q== + dependencies: + "@types/plist" "^3.0.1" + "@types/verror" "^1.10.3" + ajv "^6.10.0" + crc "^3.8.0" + iconv-corefoundation "^1.1.7" + plist "^3.0.4" + smart-buffer "^4.0.2" + verror "^1.10.0" + +dot-prop@^5.2.0: + version "5.3.0" + resolved "https://registry.yarnpkg.com/dot-prop/-/dot-prop-5.3.0.tgz#90ccce708cd9cd82cc4dc8c3ddd9abdd55b20e88" + integrity sha512-QM8q3zDe58hqUqjraQOmzZ1LIH9SWQJTlEKCH4kJ2oQvLZk7RbQXvtDM2XEq3fwkV9CCvvH4LA0AV+ogFsBM2Q== + dependencies: + is-obj "^2.0.0" + +dotenv-expand@^5.1.0: + version "5.1.0" + resolved "https://registry.yarnpkg.com/dotenv-expand/-/dotenv-expand-5.1.0.tgz#3fbaf020bfd794884072ea26b1e9791d45a629f0" + integrity sha512-YXQl1DSa4/PQyRfgrv6aoNjhasp/p4qs9FjJ4q4cQk+8m4r6k4ZSiEyytKG8f8W9gi8WsQtIObNmKd+tMzNTmA== + +dotenv@^9.0.2: + version "9.0.2" + resolved "https://registry.yarnpkg.com/dotenv/-/dotenv-9.0.2.tgz#dacc20160935a37dea6364aa1bef819fb9b6ab05" + integrity sha512-I9OvvrHp4pIARv4+x9iuewrWycX6CcZtoAu1XrzPxc5UygMJXJZYmBsynku8IkrJwgypE5DGNjDPmPRhDCptUg== + +duplexer3@^0.1.4: + version "0.1.5" + resolved "https://registry.yarnpkg.com/duplexer3/-/duplexer3-0.1.5.tgz#0b5e4d7bad5de8901ea4440624c8e1d20099217e" + integrity sha512-1A8za6ws41LQgv9HrE/66jyC5yuSjQ3L/KOpFtoBilsAK2iA2wuS5rTt1OCzIvtS2V7nVmedsUU+DGRcjBmOYA== + +ejs@^3.1.6: + version "3.1.6" + resolved "https://registry.yarnpkg.com/ejs/-/ejs-3.1.6.tgz#5bfd0a0689743bb5268b3550cceeebbc1702822a" + integrity sha512-9lt9Zse4hPucPkoP7FHDF0LQAlGyF9JVpnClFLFH3aSSbxmyoqINRpp/9wePWJTUl4KOQwRL72Iw3InHPDkoGw== + dependencies: + jake "^10.6.1" + +electron-builder@^22.14.0: + version "22.14.13" + resolved "https://registry.yarnpkg.com/electron-builder/-/electron-builder-22.14.13.tgz#fd40564685cf5422a8f8d667940af3d3776f4fb8" + integrity sha512-3fgLxqF2TXVKiUPeg74O4V3l0l3j7ERLazo8sUbRkApw0+4iVAf2BJkHsHMaXiigsgCoEzK/F4/rB5rne/VAnw== + dependencies: + "@types/yargs" "^17.0.1" + app-builder-lib "22.14.13" + builder-util "22.14.13" + builder-util-runtime "8.9.2" + chalk "^4.1.1" + dmg-builder "22.14.13" + fs-extra "^10.0.0" + is-ci "^3.0.0" + lazy-val "^1.0.5" + read-config-file "6.2.0" + update-notifier "^5.1.0" + yargs "^17.0.1" + +electron-context-menu@^3.1.0: + version "3.1.2" + resolved "https://registry.yarnpkg.com/electron-context-menu/-/electron-context-menu-3.1.2.tgz#0f550e47df39cb25c03e0f4bf840ce5c9fefcdd5" + integrity sha512-nNzu4w14n7mOR+4cLjRC9cEFqGUsAY76seOm0sw3f4OxEfX/d75m7HYekyp5b+0m7Ixy2KN/Mrljw1zLmpyV2w== + dependencies: + cli-truncate "^2.1.0" + electron-dl "^3.2.1" + electron-is-dev "^2.0.0" + +electron-dl@^3.2.1: + version "3.3.0" + resolved "https://registry.yarnpkg.com/electron-dl/-/electron-dl-3.3.0.tgz#4e422e276c627373ba61fcf3f92ffa088988db1a" + integrity sha512-Zwaz/OMGPIfBLV2SQH4sTsdDOs/U4y5AOHfremMBXEpjIxX+SiTx845DZAvJJwgb5hfowyWOBLiJhd/emBNLLQ== + dependencies: + ext-name "^5.0.0" + pupa "^2.0.1" + unused-filename "^2.1.0" + +electron-is-dev@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/electron-is-dev/-/electron-is-dev-2.0.0.tgz#833487a069b8dad21425c67a19847d9064ab19bd" + integrity sha512-3X99K852Yoqu9AcW50qz3ibYBWY79/pBhlMCab8ToEWS48R0T9tyxRiQhwylE7zQdXrMnx2JKqUJyMPmt5FBqA== + +electron-osx-sign@^0.5.0: + version "0.5.0" + resolved "https://registry.yarnpkg.com/electron-osx-sign/-/electron-osx-sign-0.5.0.tgz#fc258c5e896859904bbe3d01da06902c04b51c3a" + integrity sha512-icoRLHzFz/qxzDh/N4Pi2z4yVHurlsCAYQvsCSG7fCedJ4UJXBS6PoQyGH71IfcqKupcKeK7HX/NkyfG+v6vlQ== + dependencies: + bluebird "^3.5.0" + compare-version "^0.1.2" + debug "^2.6.8" + isbinaryfile "^3.0.2" + minimist "^1.2.0" + plist "^3.0.1" + +electron-publish@22.14.13: + version "22.14.13" + resolved "https://registry.yarnpkg.com/electron-publish/-/electron-publish-22.14.13.tgz#8b71e6975af8cc6ac5b21f293ade23f8704047c7" + integrity sha512-0oP3QiNj3e8ewOaEpEJV/o6Zrmy2VarVvZ/bH7kyO/S/aJf9x8vQsKVWpsdmSiZ5DJEHgarFIXrnO0ZQf0P9iQ== + dependencies: + "@types/fs-extra" "^9.0.11" + builder-util "22.14.13" + builder-util-runtime "8.9.2" + chalk "^4.1.1" + fs-extra "^10.0.0" + lazy-val "^1.0.5" + mime "^2.5.2" + +electron-window-state-manager@^0.3.2: + version "0.3.2" + resolved "https://registry.yarnpkg.com/electron-window-state-manager/-/electron-window-state-manager-0.3.2.tgz#a552ea35470297c999c744d81abb2a8c8a51770e" + integrity sha1-pVLqNUcCl8mZx0TYGrsqjIpRdw4= + dependencies: + app-root-path "^1.3.0" + fs-jetpack "^0.9.2" + +electron@^14.2.0: + version "14.2.9" + resolved "https://registry.yarnpkg.com/electron/-/electron-14.2.9.tgz#9e1e95643ec3847592a186e8115d1ddb2e4921ee" + integrity sha512-7LdJFmqVzO9NLKO0hwOwPA6Kv4GSybGMcej8f2q7fVT4O8mIfL9oo/v4axVjVWm0+58ROQtHv8hYnnAs3ygG0Q== + dependencies: + "@electron/get" "^1.0.1" + "@types/node" "^14.6.2" + extract-zip "^1.0.3" + +emoji-regex@^8.0.0: + version "8.0.0" + resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-8.0.0.tgz#e818fd69ce5ccfcb404594f842963bf53164cc37" + integrity sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A== + +encodeurl@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.2.tgz#ad3ff4c86ec2d029322f5a02c3a9a606c95b3f59" + integrity sha512-TPJXq8JqFaVYm2CWmPvnP2Iyo4ZSM7/QKcSmuMLDObfpH5fi7RUGmd/rTDf+rut/saiDiQEeVTNgAmJEdAOx0w== + +end-of-stream@^1.1.0, end-of-stream@^1.4.1: + version "1.4.4" + resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.4.4.tgz#5ae64a5f45057baf3626ec14da0ca5e4b2431eb0" + integrity sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q== + dependencies: + once "^1.4.0" + +env-paths@^2.2.0: + version "2.2.1" + resolved "https://registry.yarnpkg.com/env-paths/-/env-paths-2.2.1.tgz#420399d416ce1fbe9bc0a07c62fa68d67fd0f8f2" + integrity sha512-+h1lkLKhZMTYjog1VEpJNG7NZJWcuc2DDk/qsqSTRRCOXiLjeQ1d1/udrUGhqMxUgAlwKNZ0cf2uqan5GLuS2A== + +es6-error@^4.1.1: + version "4.1.1" + resolved "https://registry.yarnpkg.com/es6-error/-/es6-error-4.1.1.tgz#9e3af407459deed47e9a91f9b885a84eb05c561d" + integrity sha512-Um/+FxMr9CISWh0bi5Zv0iOD+4cFh5qLeks1qhAopKVAJw3drgKbKySikp7wGhDL0HPeaja0P5ULZrxLkniUVg== + +escalade@^3.1.1: + version "3.1.1" + resolved "https://registry.yarnpkg.com/escalade/-/escalade-3.1.1.tgz#d8cfdc7000965c5a0174b4a82eaa5c0552742e40" + integrity sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw== + +escape-goat@^2.0.0: + version "2.1.1" + resolved "https://registry.yarnpkg.com/escape-goat/-/escape-goat-2.1.1.tgz#1b2dc77003676c457ec760b2dc68edb648188675" + integrity sha512-8/uIhbG12Csjy2JEW7D9pHbreaVaS/OpN3ycnyvElTdwM5n6GY6W6e2IPemfvGZeUMqZ9A/3GqIZMgKnBhAw/Q== + +escape-string-regexp@^1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz#1b61c0562190a8dff6ae3bb2cf0200ca130b86d4" + integrity sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ= + +escape-string-regexp@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz#14ba83a5d373e3d311e5afca29cf5bfad965bf34" + integrity sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA== + +escodegen@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/escodegen/-/escodegen-2.0.0.tgz#5e32b12833e8aa8fa35e1bf0befa89380484c7dd" + integrity sha512-mmHKys/C8BFUGI+MAWNcSYoORYLMdPzjrknd2Vc+bUsjN5bXcr8EhrNB+UTqfL1y3I9c4fw2ihgtMPQLBRiQxw== + dependencies: + esprima "^4.0.1" + estraverse "^5.2.0" + esutils "^2.0.2" + optionator "^0.8.1" + optionalDependencies: + source-map "~0.6.1" + +esprima@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/esprima/-/esprima-4.0.1.tgz#13b04cdb3e6c5d19df91ab6987a8695619b0aa71" + integrity sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A== + +estraverse@^5.2.0: + version "5.3.0" + resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-5.3.0.tgz#2eea5290702f26ab8fe5370370ff86c965d21123" + integrity sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA== + +esutils@^2.0.2: + version "2.0.3" + resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.3.tgz#74d2eb4de0b8da1293711910d50775b9b710ef64" + integrity sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g== + +expand-template@^2.0.3: + version "2.0.3" + resolved "https://registry.yarnpkg.com/expand-template/-/expand-template-2.0.3.tgz#6e14b3fcee0f3a6340ecb57d2e8918692052a47c" + integrity sha512-XYfuKMvj4O35f/pOXLObndIRvyQ+/+6AhODh+OKWj9S9498pHHn/IMszH+gt0fBCRWMNfk1ZSp5x3AifmnI2vg== + +ext-list@^2.0.0: + version "2.2.2" + resolved "https://registry.yarnpkg.com/ext-list/-/ext-list-2.2.2.tgz#0b98e64ed82f5acf0f2931babf69212ef52ddd37" + integrity sha512-u+SQgsubraE6zItfVA0tBuCBhfU9ogSRnsvygI7wht9TS510oLkBRXBsqopeUG/GBOIQyKZO9wjTqIu/sf5zFA== + dependencies: + mime-db "^1.28.0" + +ext-name@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/ext-name/-/ext-name-5.0.0.tgz#70781981d183ee15d13993c8822045c506c8f0a6" + integrity sha512-yblEwXAbGv1VQDmow7s38W77hzAgJAO50ztBLMcUyUBfxv1HC+LGwtiEN+Co6LtlqT/5uwVOxsD4TNIilWhwdQ== + dependencies: + ext-list "^2.0.0" + sort-keys-length "^1.0.0" + +extract-zip@^1.0.3: + version "1.7.0" + resolved "https://registry.yarnpkg.com/extract-zip/-/extract-zip-1.7.0.tgz#556cc3ae9df7f452c493a0cfb51cc30277940927" + integrity sha512-xoh5G1W/PB0/27lXgMQyIhP5DSY/LhoCsOyZgb+6iMmRtCwVBo55uKaMoEYrDCKQhWvqEip5ZPKAc6eFNyf/MA== + dependencies: + concat-stream "^1.6.2" + debug "^2.6.9" + mkdirp "^0.5.4" + yauzl "^2.10.0" + +extsprintf@^1.2.0: + version "1.4.1" + resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.4.1.tgz#8d172c064867f235c0c84a596806d279bf4bcc07" + integrity sha512-Wrk35e8ydCKDj/ArClo1VrPVmN8zph5V4AtHwIuHhvMXsKf73UT3BOD+azBIW+3wOJ4FhEH7zyaJCFvChjYvMA== + +fast-deep-equal@^3.1.1: + version "3.1.3" + resolved "https://registry.yarnpkg.com/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz#3a7d56b559d6cbc3eb512325244e619a65c6c525" + integrity sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q== + +fast-glob@^3.2.9: + version "3.2.11" + resolved "https://registry.yarnpkg.com/fast-glob/-/fast-glob-3.2.11.tgz#a1172ad95ceb8a16e20caa5c5e56480e5129c1d9" + integrity sha512-xrO3+1bxSo3ZVHAnqzyuewYT6aMFHRAd4Kcs92MAonjwQZLsK9d0SF1IyQ3k5PoirxTW0Oe/RqFgMQ6TcNE5Ew== + dependencies: + "@nodelib/fs.stat" "^2.0.2" + "@nodelib/fs.walk" "^1.2.3" + glob-parent "^5.1.2" + merge2 "^1.3.0" + micromatch "^4.0.4" + +fast-json-stable-stringify@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz#874bf69c6f404c2b5d99c481341399fd55892633" + integrity sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw== + +fast-levenshtein@~2.0.6: + version "2.0.6" + resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz#3d8a5c66883a16a30ca8643e851f19baa7797917" + integrity sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc= + +fastq@^1.6.0: + version "1.13.0" + resolved "https://registry.yarnpkg.com/fastq/-/fastq-1.13.0.tgz#616760f88a7526bdfc596b7cab8c18938c36b98c" + integrity sha512-YpkpUnK8od0o1hmeSc7UUs/eB/vIPWJYjKck2QKIzAf71Vm1AAQ3EbuZB3g2JIy+pg+ERD0vqI79KyZiB2e2Nw== + dependencies: + reusify "^1.0.4" + +fd-slicer@~1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/fd-slicer/-/fd-slicer-1.1.0.tgz#25c7c89cb1f9077f8891bbe61d8f390eae256f1e" + integrity sha512-cE1qsB/VwyQozZ+q1dGxR8LBYNZeofhEdUNGSMbQD3Gw2lAzX9Zb3uIU6Ebc/Fmyjo9AWWfnn0AUCHqtevs/8g== + dependencies: + pend "~1.2.0" + +filelist@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/filelist/-/filelist-1.0.2.tgz#80202f21462d4d1c2e214119b1807c1bc0380e5b" + integrity sha512-z7O0IS8Plc39rTCq6i6iHxk43duYOn8uFJiWSewIq0Bww1RNybVHSCjahmcC87ZqAm4OTvFzlzeGu3XAzG1ctQ== + dependencies: + minimatch "^3.0.4" + +fill-range@^7.0.1: + version "7.0.1" + resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-7.0.1.tgz#1919a6a7c75fe38b2c7c77e5198535da9acdda40" + integrity sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ== + dependencies: + to-regex-range "^5.0.1" + +form-data@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/form-data/-/form-data-4.0.0.tgz#93919daeaf361ee529584b9b31664dc12c9fa452" + integrity sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww== + dependencies: + asynckit "^0.4.0" + combined-stream "^1.0.8" + mime-types "^2.1.12" + +from2@^2.3.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/from2/-/from2-2.3.0.tgz#8bfb5502bde4a4d36cfdeea007fcca21d7e382af" + integrity sha1-i/tVAr3kpNNs/e6gB/zKIdfjgq8= + dependencies: + inherits "^2.0.1" + readable-stream "^2.0.0" + +fs-constants@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/fs-constants/-/fs-constants-1.0.0.tgz#6be0de9be998ce16af8afc24497b9ee9b7ccd9ad" + integrity sha512-y6OAwoSIf7FyjMIv94u+b5rdheZEjzR63GTyZJm5qh4Bi+2YgwLCcI/fPFZkL5PSixOt6ZNKm+w+Hfp/Bciwow== + +fs-extra@^10.0.0: + version "10.0.1" + resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-10.0.1.tgz#27de43b4320e833f6867cc044bfce29fdf0ef3b8" + integrity sha512-NbdoVMZso2Lsrn/QwLXOy6rm0ufY2zEOKCDzJR/0kBsb0E6qed0P3iYK+Ath3BfvXEeu4JhEtXLgILx5psUfag== + dependencies: + graceful-fs "^4.2.0" + jsonfile "^6.0.1" + universalify "^2.0.0" + +fs-extra@^8.1.0: + version "8.1.0" + resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-8.1.0.tgz#49d43c45a88cd9677668cb7be1b46efdb8d2e1c0" + integrity sha512-yhlQgA6mnOJUKOsRUFsgJdQCvkKhcz8tlZG5HBQfReYZy46OwLcY+Zia0mtdHsOo9y/hP+CxMN0TU9QxoOtG4g== + dependencies: + graceful-fs "^4.2.0" + jsonfile "^4.0.0" + universalify "^0.1.0" + +fs-extra@^9.0.0, fs-extra@^9.0.1, fs-extra@^9.1.0: + version "9.1.0" + resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-9.1.0.tgz#5954460c764a8da2094ba3554bf839e6b9a7c86d" + integrity sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ== + dependencies: + at-least-node "^1.0.0" + graceful-fs "^4.2.0" + jsonfile "^6.0.1" + universalify "^2.0.0" + +fs-jetpack@^0.9.2: + version "0.9.2" + resolved "https://registry.yarnpkg.com/fs-jetpack/-/fs-jetpack-0.9.2.tgz#93b414dbd07801863d64c81a76adc03d850c9b56" + integrity sha1-k7QU29B4AYY9ZMgadq3APYUMm1Y= + dependencies: + minimatch "^3.0.2" + mkdirp "^0.5.1" + q "^1.0.1" + rimraf "^2.2.8" + +fs.realpath@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f" + integrity sha1-FQStJSMVjKpA20onh8sBQRmU6k8= + +function-bind@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.1.tgz#a56899d3ea3c9bab874bb9773b7c5ede92f4895d" + integrity sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A== + +gauge@~2.7.3: + version "2.7.4" + resolved "https://registry.yarnpkg.com/gauge/-/gauge-2.7.4.tgz#2c03405c7538c39d7eb37b317022e325fb018bf7" + integrity sha1-LANAXHU4w51+s3sxcCLjJfsBi/c= + dependencies: + aproba "^1.0.3" + console-control-strings "^1.0.0" + has-unicode "^2.0.0" + object-assign "^4.1.0" + signal-exit "^3.0.0" + string-width "^1.0.1" + strip-ansi "^3.0.1" + wide-align "^1.1.0" + +get-caller-file@^2.0.5: + version "2.0.5" + resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-2.0.5.tgz#4f94412a82db32f36e3b0b9741f8a97feb031f7e" + integrity sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg== + +get-intrinsic@^1.1.1: + version "1.1.2" + resolved "https://registry.yarnpkg.com/get-intrinsic/-/get-intrinsic-1.1.2.tgz#336975123e05ad0b7ba41f152ee4aadbea6cf598" + integrity sha512-Jfm3OyCxHh9DJyc28qGk+JmfkpO41A4XkneDSujN9MDXrm4oDKdHvndhZ2dN94+ERNfkYJWDclW6k2L/ZGHjXA== + dependencies: + function-bind "^1.1.1" + has "^1.0.3" + has-symbols "^1.0.3" + +get-stream@^4.1.0: + version "4.1.0" + resolved "https://registry.yarnpkg.com/get-stream/-/get-stream-4.1.0.tgz#c1b255575f3dc21d59bfc79cd3d2b46b1c3a54b5" + integrity sha512-GMat4EJ5161kIy2HevLlr4luNjBgvmj413KaQA7jt4V8B4RDsfpHk7WQ9GVqfYyyx8OS/L66Kox+rJRNklLK7w== + dependencies: + pump "^3.0.0" + +get-stream@^5.1.0: + version "5.2.0" + resolved "https://registry.yarnpkg.com/get-stream/-/get-stream-5.2.0.tgz#4966a1795ee5ace65e706c4b7beb71257d6e22d3" + integrity sha512-nBF+F1rAZVCu/p7rjzgA+Yb4lfYXrpl7a6VmJrU8wF9I1CKvP/QwPNZHnOlwbTkY6dvtFIzFMSyQXbLoTQPRpA== + dependencies: + pump "^3.0.0" + +github-from-package@0.0.0: + version "0.0.0" + resolved "https://registry.yarnpkg.com/github-from-package/-/github-from-package-0.0.0.tgz#97fb5d96bfde8973313f20e8288ef9a167fa64ce" + integrity sha1-l/tdlr/eiXMxPyDoKI75oWf6ZM4= + +glob-parent@^5.1.2: + version "5.1.2" + resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-5.1.2.tgz#869832c58034fe68a4093c17dc15e8340d8401c4" + integrity sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow== + dependencies: + is-glob "^4.0.1" + +glob@^7.1.3, glob@^7.1.6: + version "7.2.0" + resolved "https://registry.yarnpkg.com/glob/-/glob-7.2.0.tgz#d15535af7732e02e948f4c41628bd910293f6023" + integrity sha512-lmLf6gtyrPq8tTjSmrO94wBeQbFR3HbLHbuyD69wuyQkImp2hWqMGB47OX65FBkPffO641IP9jWa1z4ivqG26Q== + dependencies: + fs.realpath "^1.0.0" + inflight "^1.0.4" + inherits "2" + minimatch "^3.0.4" + once "^1.3.0" + path-is-absolute "^1.0.0" + +global-agent@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/global-agent/-/global-agent-3.0.0.tgz#ae7cd31bd3583b93c5a16437a1afe27cc33a1ab6" + integrity sha512-PT6XReJ+D07JvGoxQMkT6qji/jVNfX/h364XHZOWeRzy64sSFr+xJ5OX7LI3b4MPQzdL4H8Y8M0xzPpsVMwA8Q== + dependencies: + boolean "^3.0.1" + es6-error "^4.1.1" + matcher "^3.0.0" + roarr "^2.15.3" + semver "^7.3.2" + serialize-error "^7.0.1" + +global-dirs@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/global-dirs/-/global-dirs-3.0.0.tgz#70a76fe84ea315ab37b1f5576cbde7d48ef72686" + integrity sha512-v8ho2DS5RiCjftj1nD9NmnfaOzTdud7RRnVd9kFNOjqZbISlx5DQ+OrTkywgd0dIt7oFCvKetZSHoHcP3sDdiA== + dependencies: + ini "2.0.0" + +global-tunnel-ng@^2.7.1: + version "2.7.1" + resolved "https://registry.yarnpkg.com/global-tunnel-ng/-/global-tunnel-ng-2.7.1.tgz#d03b5102dfde3a69914f5ee7d86761ca35d57d8f" + integrity sha512-4s+DyciWBV0eK148wqXxcmVAbFVPqtc3sEtUE/GTQfuU80rySLcMhUmHKSHI7/LDj8q0gDYI1lIhRRB7ieRAqg== + dependencies: + encodeurl "^1.0.2" + lodash "^4.17.10" + npm-conf "^1.1.3" + tunnel "^0.0.6" + +globalthis@^1.0.1: + version "1.0.3" + resolved "https://registry.yarnpkg.com/globalthis/-/globalthis-1.0.3.tgz#5852882a52b80dc301b0660273e1ed082f0b6ccf" + integrity sha512-sFdI5LyBiNTHjRd7cGPWapiHWMOXKyuBNX/cWJ3NfzrZQVa8GI/8cofCl74AOVqq9W5kNmguTIzJ/1s2gyI9wA== + dependencies: + define-properties "^1.1.3" + +globby@^11.0.4: + version "11.1.0" + resolved "https://registry.yarnpkg.com/globby/-/globby-11.1.0.tgz#bd4be98bb042f83d796f7e3811991fbe82a0d34b" + integrity sha512-jhIXaOzy1sb8IyocaruWSn1TjmnBVs8Ayhcy83rmxNJ8q2uWKCAj3CnJY+KpGSXCueAPc0i05kVvVKtP1t9S3g== + dependencies: + array-union "^2.1.0" + dir-glob "^3.0.1" + fast-glob "^3.2.9" + ignore "^5.2.0" + merge2 "^1.4.1" + slash "^3.0.0" + +got@^9.6.0: + version "9.6.0" + resolved "https://registry.yarnpkg.com/got/-/got-9.6.0.tgz#edf45e7d67f99545705de1f7bbeeeb121765ed85" + integrity sha512-R7eWptXuGYxwijs0eV+v3o6+XH1IqVK8dJOEecQfTmkncw9AV4dcw/Dhxi8MdlqPthxxpZyizMzyg8RTmEsG+Q== + dependencies: + "@sindresorhus/is" "^0.14.0" + "@szmarczak/http-timer" "^1.1.2" + cacheable-request "^6.0.0" + decompress-response "^3.3.0" + duplexer3 "^0.1.4" + get-stream "^4.1.0" + lowercase-keys "^1.0.1" + mimic-response "^1.0.1" + p-cancelable "^1.0.0" + to-readable-stream "^1.0.0" + url-parse-lax "^3.0.0" + +graceful-fs@^4.1.2: + version "4.2.9" + resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.9.tgz#041b05df45755e587a24942279b9d113146e1c96" + integrity sha512-NtNxqUcXgpW2iMrfqSfR73Glt39K+BLwWsPs94yR63v45T0Wbej7eRmL5cWfwEgqXnmjQp3zaJTshdRW/qC2ZQ== + +graceful-fs@^4.1.6, graceful-fs@^4.2.0: + version "4.2.10" + resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.10.tgz#147d3a006da4ca3ce14728c7aefc287c367d7a6c" + integrity sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA== + +"graceful-readlink@>= 1.0.0": + version "1.0.1" + resolved "https://registry.yarnpkg.com/graceful-readlink/-/graceful-readlink-1.0.1.tgz#4cafad76bc62f02fa039b2f94e9a3dd3a391a725" + integrity sha1-TK+tdrxi8C+gObL5Tpo906ORpyU= + +has-flag@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-3.0.0.tgz#b5d454dc2199ae225699f3467e5a07f3b955bafd" + integrity sha1-tdRU3CGZriJWmfNGfloH87lVuv0= + +has-flag@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-4.0.0.tgz#944771fd9c81c81265c4d6941860da06bb59479b" + integrity sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ== + +has-property-descriptors@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/has-property-descriptors/-/has-property-descriptors-1.0.0.tgz#610708600606d36961ed04c196193b6a607fa861" + integrity sha512-62DVLZGoiEBDHQyqG4w9xCuZ7eJEwNmJRWw2VY84Oedb7WFcA27fiEVe8oUQx9hAUJ4ekurquucTGwsyO1XGdQ== + dependencies: + get-intrinsic "^1.1.1" + +has-symbols@^1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.0.3.tgz#bb7b2c4349251dce87b125f7bdf874aa7c8b39f8" + integrity sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A== + +has-unicode@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/has-unicode/-/has-unicode-2.0.1.tgz#e0e6fe6a28cf51138855e086d1691e771de2a8b9" + integrity sha1-4Ob+aijPUROIVeCG0Wkedx3iqLk= + +has-yarn@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/has-yarn/-/has-yarn-2.1.0.tgz#137e11354a7b5bf11aa5cb649cf0c6f3ff2b2e77" + integrity sha512-UqBRqi4ju7T+TqGNdqAO0PaSVGsDGJUBQvk9eUWNGRY1CFGDzYhLWoM7JQEemnlvVcv/YEmc2wNW8BC24EnUsw== + +has@^1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/has/-/has-1.0.3.tgz#722d7cbfc1f6aa8241f16dd814e011e1f41e8796" + integrity sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw== + dependencies: + function-bind "^1.1.1" + +hosted-git-info@^4.0.2: + version "4.1.0" + resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-4.1.0.tgz#827b82867e9ff1c8d0c4d9d53880397d2c86d224" + integrity sha512-kyCuEOWjJqZuDbRHzL8V93NzQhwIB71oFWSyzVo+KPZI+pnQPPxucdkrOZvkLRnrf5URsQM+IJ09Dw29cRALIA== + dependencies: + lru-cache "^6.0.0" + +http-cache-semantics@^4.0.0: + version "4.1.0" + resolved "https://registry.yarnpkg.com/http-cache-semantics/-/http-cache-semantics-4.1.0.tgz#49e91c5cbf36c9b94bcfcd71c23d5249ec74e390" + integrity sha512-carPklcUh7ROWRK7Cv27RPtdhYhUsela/ue5/jKzjegVvXDqM2ILE9Q2BGn9JZJh1g87cp56su/FgQSzcWS8cQ== + +http-proxy-agent@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/http-proxy-agent/-/http-proxy-agent-5.0.0.tgz#5129800203520d434f142bc78ff3c170800f2b43" + integrity sha512-n2hY8YdoRE1i7r6M0w9DIw5GgZN0G25P8zLCRQ8rjXtTU3vsNFBI/vWK/UIeE6g5MUUz6avwAPXmL6Fy9D/90w== + dependencies: + "@tootallnate/once" "2" + agent-base "6" + debug "4" + +https-proxy-agent@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-5.0.0.tgz#e2a90542abb68a762e0a0850f6c9edadfd8506b2" + integrity sha512-EkYm5BcKUGiduxzSt3Eppko+PiNWNEpa4ySk9vTC6wDsQJW9rHSa+UhGNJoRYp7bz6Ht1eaRIa6QaJqO5rCFbA== + dependencies: + agent-base "6" + debug "4" + +iconv-corefoundation@^1.1.7: + version "1.1.7" + resolved "https://registry.yarnpkg.com/iconv-corefoundation/-/iconv-corefoundation-1.1.7.tgz#31065e6ab2c9272154c8b0821151e2c88f1b002a" + integrity sha512-T10qvkw0zz4wnm560lOEg0PovVqUXuOFhhHAkixw8/sycy7TJt7v/RrkEKEQnAw2viPSJu6iAkErxnzR0g8PpQ== + dependencies: + cli-truncate "^2.1.0" + node-addon-api "^1.6.3" + +iconv-lite@^0.6.2: + version "0.6.3" + resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.6.3.tgz#a52f80bf38da1952eb5c681790719871a1a72501" + integrity sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw== + dependencies: + safer-buffer ">= 2.1.2 < 3.0.0" + +ieee754@^1.1.13: + version "1.2.1" + resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.2.1.tgz#8eb7a10a63fff25d15a57b001586d177d1b0d352" + integrity sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA== + +ignore@^5.2.0: + version "5.2.0" + resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.2.0.tgz#6d3bac8fa7fe0d45d9f9be7bac2fc279577e345a" + integrity sha512-CmxgYGiEPCLhfLnpPp1MoRmifwEIOgjcHXxOBjv7mY96c+eWScsOP9c112ZyLdWHi0FxHjI+4uVhKYp/gcdRmQ== + +import-lazy@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/import-lazy/-/import-lazy-2.1.0.tgz#05698e3d45c88e8d7e9d92cb0584e77f096f3e43" + integrity sha1-BWmOPUXIjo1+nZLLBYTnfwlvPkM= + +imurmurhash@^0.1.4: + version "0.1.4" + resolved "https://registry.yarnpkg.com/imurmurhash/-/imurmurhash-0.1.4.tgz#9218b9b2b928a238b13dc4fb6b6d576f231453ea" + integrity sha1-khi5srkoojixPcT7a21XbyMUU+o= + +inflight@^1.0.4: + version "1.0.6" + resolved "https://registry.yarnpkg.com/inflight/-/inflight-1.0.6.tgz#49bd6331d7d02d0c09bc910a1075ba8165b56df9" + integrity sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk= + dependencies: + once "^1.3.0" + wrappy "1" + +inherits@2, inherits@^2.0.1, inherits@^2.0.3, inherits@^2.0.4, inherits@~2.0.3: + version "2.0.4" + resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c" + integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ== + +ini@2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/ini/-/ini-2.0.0.tgz#e5fd556ecdd5726be978fa1001862eacb0a94bc5" + integrity sha512-7PnF4oN3CvZF23ADhA5wRaYEQpJ8qygSkbtTXWBeXWXmEVRXK+1ITciHWwHhsjv1TmW0MgacIv6hEi5pX5NQdA== + +ini@^1.3.4, ini@~1.3.0: + version "1.3.8" + resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.8.tgz#a29da425b48806f34767a4efce397269af28432c" + integrity sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew== + +into-stream@^6.0.0: + version "6.0.0" + resolved "https://registry.yarnpkg.com/into-stream/-/into-stream-6.0.0.tgz#4bfc1244c0128224e18b8870e85b2de8e66c6702" + integrity sha512-XHbaOAvP+uFKUFsOgoNPRjLkwB+I22JFPFe5OjTkQ0nwgj6+pSjb4NmB6VMxaPshLiOf+zcpOCBQuLwC1KHhZA== + dependencies: + from2 "^2.3.0" + p-is-promise "^3.0.0" + +is-ci@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/is-ci/-/is-ci-2.0.0.tgz#6bc6334181810e04b5c22b3d589fdca55026404c" + integrity sha512-YfJT7rkpQB0updsdHLGWrvhBJfcfzNNawYDNIyQXJz0IViGf75O8EBPKSdvw2rF+LGCsX4FZ8tcr3b19LcZq4w== + dependencies: + ci-info "^2.0.0" + +is-ci@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/is-ci/-/is-ci-3.0.1.tgz#db6ecbed1bd659c43dac0f45661e7674103d1867" + integrity sha512-ZYvCgrefwqoQ6yTyYUbQu64HsITZ3NfKX1lzaEYdkTDcfKzzCI/wthRRYKkdjHKFVgNiXKAKm65Zo1pk2as/QQ== + dependencies: + ci-info "^3.2.0" + +is-core-module@^2.8.1: + version "2.8.1" + resolved "https://registry.yarnpkg.com/is-core-module/-/is-core-module-2.8.1.tgz#f59fdfca701d5879d0a6b100a40aa1560ce27211" + integrity sha512-SdNCUs284hr40hFTFP6l0IfZ/RSrMXF3qgoRHd3/79unUTvrFO/JoXwkGm+5J/Oe3E/b5GsnG330uUNgRpu1PA== + dependencies: + has "^1.0.3" + +is-extglob@^2.1.1: + version "2.1.1" + resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-2.1.1.tgz#a88c02535791f02ed37c76a1b9ea9773c833f8c2" + integrity sha1-qIwCU1eR8C7TfHahueqXc8gz+MI= + +is-fullwidth-code-point@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz#ef9e31386f031a7f0d643af82fde50c457ef00cb" + integrity sha1-754xOG8DGn8NZDr4L95QxFfvAMs= + dependencies: + number-is-nan "^1.0.0" + +is-fullwidth-code-point@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz#f116f8064fe90b3f7844a38997c0b75051269f1d" + integrity sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg== + +is-glob@^4.0.1: + version "4.0.3" + resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-4.0.3.tgz#64f61e42cbbb2eec2071a9dac0b28ba1e65d5084" + integrity sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg== + dependencies: + is-extglob "^2.1.1" + +is-installed-globally@^0.4.0: + version "0.4.0" + resolved "https://registry.yarnpkg.com/is-installed-globally/-/is-installed-globally-0.4.0.tgz#9a0fd407949c30f86eb6959ef1b7994ed0b7b520" + integrity sha512-iwGqO3J21aaSkC7jWnHP/difazwS7SFeIqxv6wEtLU8Y5KlzFTjyqcSIT0d8s4+dDhKytsk9PJZ2BkS5eZwQRQ== + dependencies: + global-dirs "^3.0.0" + is-path-inside "^3.0.2" + +is-npm@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/is-npm/-/is-npm-5.0.0.tgz#43e8d65cc56e1b67f8d47262cf667099193f45a8" + integrity sha512-WW/rQLOazUq+ST/bCAVBp/2oMERWLsR7OrKyt052dNDk4DHcDE0/7QSXITlmi+VBcV13DfIbysG3tZJm5RfdBA== + +is-number@^7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/is-number/-/is-number-7.0.0.tgz#7535345b896734d5f80c4d06c50955527a14f12b" + integrity sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng== + +is-obj@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/is-obj/-/is-obj-2.0.0.tgz#473fb05d973705e3fd9620545018ca8e22ef4982" + integrity sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w== + +is-path-inside@^3.0.2: + version "3.0.3" + resolved "https://registry.yarnpkg.com/is-path-inside/-/is-path-inside-3.0.3.tgz#d231362e53a07ff2b0e0ea7fed049161ffd16283" + integrity sha512-Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ== + +is-plain-obj@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/is-plain-obj/-/is-plain-obj-1.1.0.tgz#71a50c8429dfca773c92a390a4a03b39fcd51d3e" + integrity sha1-caUMhCnfync8kqOQpKA7OfzVHT4= + +is-typedarray@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/is-typedarray/-/is-typedarray-1.0.0.tgz#e479c80858df0c1b11ddda6940f96011fcda4a9a" + integrity sha1-5HnICFjfDBsR3dppQPlgEfzaSpo= + +is-yarn-global@^0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/is-yarn-global/-/is-yarn-global-0.3.0.tgz#d502d3382590ea3004893746754c89139973e232" + integrity sha512-VjSeb/lHmkoyd8ryPVIKvOCn4D1koMqY+vqyjjUfc3xyKtP4dYOxM44sZrnqQSzSds3xyOrUTLTC9LVCVgLngw== + +isarray@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11" + integrity sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ== + +isbinaryfile@^3.0.2: + version "3.0.3" + resolved "https://registry.yarnpkg.com/isbinaryfile/-/isbinaryfile-3.0.3.tgz#5d6def3edebf6e8ca8cae9c30183a804b5f8be80" + integrity sha512-8cJBL5tTd2OS0dM4jz07wQd5g0dCCqIhUxPIGtZfa5L6hWlvV5MHTITy/DBAsF+Oe2LS1X3krBUhNwaGUWpWxw== + dependencies: + buffer-alloc "^1.2.0" + +isbinaryfile@^4.0.8: + version "4.0.8" + resolved "https://registry.yarnpkg.com/isbinaryfile/-/isbinaryfile-4.0.8.tgz#5d34b94865bd4946633ecc78a026fc76c5b11fcf" + integrity sha512-53h6XFniq77YdW+spoRrebh0mnmTxRPTlcuIArO57lmMdq4uBKFKaeTjnb92oYWrSn/LVL+LT+Hap2tFQj8V+w== + +isexe@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/isexe/-/isexe-2.0.0.tgz#e8fbf374dc556ff8947a10dcb0572d633f2cfa10" + integrity sha1-6PvzdNxVb/iUehDcsFctYz8s+hA= + +jake@^10.6.1: + version "10.8.2" + resolved "https://registry.yarnpkg.com/jake/-/jake-10.8.2.tgz#ebc9de8558160a66d82d0eadc6a2e58fbc500a7b" + integrity sha512-eLpKyrfG3mzvGE2Du8VoPbeSkRry093+tyNjdYaBbJS9v17knImYGNXQCUV0gLxQtF82m3E8iRb/wdSQZLoq7A== + dependencies: + async "0.9.x" + chalk "^2.4.2" + filelist "^1.0.1" + minimatch "^3.0.4" + +js-yaml@^4.1.0: + version "4.1.0" + resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.0.tgz#c1fb65f8f5017901cdd2c951864ba18458a10602" + integrity sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA== + dependencies: + argparse "^2.0.1" + +json-buffer@3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/json-buffer/-/json-buffer-3.0.0.tgz#5b1f397afc75d677bde8bcfc0e47e1f9a3d9a898" + integrity sha512-CuUqjv0FUZIdXkHPI8MezCnFCdaTAacej1TZYulLoAg1h/PhwkdXFN4V/gzY4g+fMBCOV2xF+rp7t2XD2ns/NQ== + +json-schema-traverse@^0.4.1: + version "0.4.1" + resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz#69f6a87d9513ab8bb8fe63bdb0979c448e684660" + integrity sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg== + +json-stringify-safe@^5.0.1: + version "5.0.1" + resolved "https://registry.yarnpkg.com/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz#1296a2d58fd45f19a0f6ce01d65701e2c735b6eb" + integrity sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA== + +json5@^2.2.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/json5/-/json5-2.2.0.tgz#2dfefe720c6ba525d9ebd909950f0515316c89a3" + integrity sha512-f+8cldu7X/y7RAJurMEJmdoKXGB/X550w2Nr3tTbezL6RwEE/iMcm+tZnXeoZtKuOq6ft8+CqzEkrIgx1fPoQA== + dependencies: + minimist "^1.2.5" + +jsonfile@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/jsonfile/-/jsonfile-4.0.0.tgz#8771aae0799b64076b76640fca058f9c10e33ecb" + integrity sha512-m6F1R3z8jjlf2imQHS2Qez5sjKWQzbuuhuJ/FKYFRZvPE3PuHcSMVZzfsLhGVOkfd20obL5SWEBew5ShlquNxg== + optionalDependencies: + graceful-fs "^4.1.6" + +jsonfile@^6.0.1: + version "6.1.0" + resolved "https://registry.yarnpkg.com/jsonfile/-/jsonfile-6.1.0.tgz#bc55b2634793c679ec6403094eb13698a6ec0aae" + integrity sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ== + dependencies: + universalify "^2.0.0" + optionalDependencies: + graceful-fs "^4.1.6" + +keyv@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/keyv/-/keyv-3.1.0.tgz#ecc228486f69991e49e9476485a5be1e8fc5c4d9" + integrity sha512-9ykJ/46SN/9KPM/sichzQ7OvXyGDYKGTaDlKMGCAlg2UK8KRy4jb0d8sFc+0Tt0YYnThq8X2RZgCg74RPxgcVA== + dependencies: + json-buffer "3.0.0" + +latest-version@^5.1.0: + version "5.1.0" + resolved "https://registry.yarnpkg.com/latest-version/-/latest-version-5.1.0.tgz#119dfe908fe38d15dfa43ecd13fa12ec8832face" + integrity sha512-weT+r0kTkRQdCdYCNtkMwWXQTMEswKrFBkm4ckQOMVhhqhIMI1UT2hMj+1iigIhgSZm5gTmrRXBNoGUgaTY1xA== + dependencies: + package-json "^6.3.0" + +lazy-val@^1.0.4, lazy-val@^1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/lazy-val/-/lazy-val-1.0.5.tgz#6cf3b9f5bc31cee7ee3e369c0832b7583dcd923d" + integrity sha512-0/BnGCCfyUMkBpeDgWihanIAF9JmZhHBgUhEqzvf+adhNGLoP6TaiI5oF8oyb3I45P+PcnrqihSf01M0l0G5+Q== + +levn@~0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/levn/-/levn-0.3.0.tgz#3b09924edf9f083c0490fdd4c0bc4421e04764ee" + integrity sha1-OwmSTt+fCDwEkP3UwLxEIeBHZO4= + dependencies: + prelude-ls "~1.1.2" + type-check "~0.3.2" + +lodash@^4.17.10, lodash@^4.17.15: + version "4.17.21" + resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c" + integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg== + +lowercase-keys@^1.0.0, lowercase-keys@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/lowercase-keys/-/lowercase-keys-1.0.1.tgz#6f9e30b47084d971a7c820ff15a6c5167b74c26f" + integrity sha512-G2Lj61tXDnVFFOi8VZds+SoQjtQC3dgokKdDG2mTm1tx4m50NUHBOZSBwQQHyy0V12A0JTG4icfZQH+xPyh8VA== + +lowercase-keys@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/lowercase-keys/-/lowercase-keys-2.0.0.tgz#2603e78b7b4b0006cbca2fbcc8a3202558ac9479" + integrity sha512-tqNXrS78oMOE73NMxK4EMLQsQowWf8jKooH9g7xPavRT706R6bkQJ6DY2Te7QukaZsulxa30wQ7bk0pm4XiHmA== + +lru-cache@^6.0.0: + version "6.0.0" + resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-6.0.0.tgz#6d6fe6570ebd96aaf90fcad1dafa3b2566db3a94" + integrity sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA== + dependencies: + yallist "^4.0.0" + +make-dir@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/make-dir/-/make-dir-3.1.0.tgz#415e967046b3a7f1d185277d84aa58203726a13f" + integrity sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw== + dependencies: + semver "^6.0.0" + +matcher@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/matcher/-/matcher-3.0.0.tgz#bd9060f4c5b70aa8041ccc6f80368760994f30ca" + integrity sha512-OkeDaAZ/bQCxeFAozM55PKcKU0yJMPGifLwV4Qgjitu+5MoAfSQN4lsLJeXZ1b8w0x+/Emda6MZgXS1jvsapng== + dependencies: + escape-string-regexp "^4.0.0" + +merge2@^1.3.0, merge2@^1.4.1: + version "1.4.1" + resolved "https://registry.yarnpkg.com/merge2/-/merge2-1.4.1.tgz#4368892f885e907455a6fd7dc55c0c9d404990ae" + integrity sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg== + +micromatch@^4.0.4: + version "4.0.4" + resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-4.0.4.tgz#896d519dfe9db25fce94ceb7a500919bf881ebf9" + integrity sha512-pRmzw/XUcwXGpD9aI9q/0XOwLNygjETJ8y0ao0wdqprrzDa4YnxLcz7fQRZr8voh8V10kGhABbNcHVk5wHgWwg== + dependencies: + braces "^3.0.1" + picomatch "^2.2.3" + +mime-db@1.51.0: + version "1.51.0" + resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.51.0.tgz#d9ff62451859b18342d960850dc3cfb77e63fb0c" + integrity sha512-5y8A56jg7XVQx2mbv1lu49NR4dokRnhZYTtL+KGfaa27uq4pSTXkwQkFJl4pkRMyNFz/EtYDSkiiEHx3F7UN6g== + +mime-db@^1.28.0: + version "1.52.0" + resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.52.0.tgz#bbabcdc02859f4987301c856e3387ce5ec43bf70" + integrity sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg== + +mime-types@^2.1.12: + version "2.1.34" + resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.34.tgz#5a712f9ec1503511a945803640fafe09d3793c24" + integrity sha512-6cP692WwGIs9XXdOO4++N+7qjqv0rqxxVvJ3VHPh/Sc9mVZcQP+ZGhkKiTvWMQRr2tbHkJP/Yn7Y0npb3ZBs4A== + dependencies: + mime-db "1.51.0" + +mime@^2.5.2: + version "2.6.0" + resolved "https://registry.yarnpkg.com/mime/-/mime-2.6.0.tgz#a2a682a95cd4d0cb1d6257e28f83da7e35800367" + integrity sha512-USPkMeET31rOMiarsBNIHZKLGgvKc/LrjofAnBlOttf5ajRvqiRA8QsenbcooctK6d6Ts6aqZXBA+XbkKthiQg== + +mimic-response@^1.0.0, mimic-response@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/mimic-response/-/mimic-response-1.0.1.tgz#4923538878eef42063cb8a3e3b0798781487ab1b" + integrity sha512-j5EctnkH7amfV/q5Hgmoal1g2QHFJRraOtmx0JpIqkxhBhI/lJSl1nMpQ45hVarwNETOoWEimndZ4QK0RHxuxQ== + +mimic-response@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/mimic-response/-/mimic-response-2.1.0.tgz#d13763d35f613d09ec37ebb30bac0469c0ee8f43" + integrity sha512-wXqjST+SLt7R009ySCglWBCFpjUygmCIfD790/kVbiGmUgfYGuB14PiTd5DwVxSV4NcYHjzMkoj5LjQZwTQLEA== + +minimatch@3.0.4: + version "3.0.4" + resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083" + integrity sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA== + dependencies: + brace-expansion "^1.1.7" + +minimatch@^3.0.2, minimatch@^3.0.4: + version "3.1.2" + resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.1.2.tgz#19cd194bfd3e428f049a70817c038d89ab4be35b" + integrity sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw== + dependencies: + brace-expansion "^1.1.7" + +minimist@^1.2.0, minimist@^1.2.3: + version "1.2.5" + resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.5.tgz#67d66014b66a6a8aaa0c083c5fd58df4e4e97602" + integrity sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw== + +minimist@^1.2.5, minimist@^1.2.6: + version "1.2.6" + resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.6.tgz#8637a5b759ea0d6e98702cfb3a9283323c93af44" + integrity sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q== + +mkdirp-classic@^0.5.2, mkdirp-classic@^0.5.3: + version "0.5.3" + resolved "https://registry.yarnpkg.com/mkdirp-classic/-/mkdirp-classic-0.5.3.tgz#fa10c9115cc6d8865be221ba47ee9bed78601113" + integrity sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A== + +mkdirp@^0.5.1: + version "0.5.5" + resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.5.tgz#d91cefd62d1436ca0f41620e251288d420099def" + integrity sha512-NKmAlESf6jMGym1++R0Ra7wvhV+wFW63FaSOFPwRahvea0gMUcGUhVeAg/0BC0wiv9ih5NYPB1Wn1UEI1/L+xQ== + dependencies: + minimist "^1.2.5" + +mkdirp@^0.5.4: + version "0.5.6" + resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.6.tgz#7def03d2432dcae4ba1d611445c48396062255f6" + integrity sha512-FP+p8RB8OWpF3YZBCrP5gtADmtXApB5AMLn+vdyA+PyxCjrCs00mjyUozssO33cwDeT3wNGdLxJ5M//YqtHAJw== + dependencies: + minimist "^1.2.6" + +modify-filename@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/modify-filename/-/modify-filename-1.1.0.tgz#9a2dec83806fbb2d975f22beec859ca26b393aa1" + integrity sha1-mi3sg4Bvuy2XXyK+7IWcoms5OqE= + +ms@2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" + integrity sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A== + +ms@2.1.2: + version "2.1.2" + resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.2.tgz#d09d1f357b443f493382a8eb3ccd183872ae6009" + integrity sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w== + +multistream@^4.1.0: + version "4.1.0" + resolved "https://registry.yarnpkg.com/multistream/-/multistream-4.1.0.tgz#7bf00dfd119556fbc153cff3de4c6d477909f5a8" + integrity sha512-J1XDiAmmNpRCBfIWJv+n0ymC4ABcf/Pl+5YvC5B/D2f/2+8PtHvCNxMPKiQcZyi922Hq69J2YOpb1pTywfifyw== + dependencies: + once "^1.4.0" + readable-stream "^3.6.0" + +napi-build-utils@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/napi-build-utils/-/napi-build-utils-1.0.2.tgz#b1fddc0b2c46e380a0b7a76f984dd47c41a13806" + integrity sha512-ONmRUqK7zj7DWX0D9ADe03wbwOBZxNAfF20PlGfCWQcD3+/MakShIHrMqx9YwPTfxDdF1zLeL+RGZiR9kGMLdg== + +node-abi@^2.21.0: + version "2.30.1" + resolved "https://registry.yarnpkg.com/node-abi/-/node-abi-2.30.1.tgz#c437d4b1fe0e285aaf290d45b45d4d7afedac4cf" + integrity sha512-/2D0wOQPgaUWzVSVgRMx+trKJRC2UG4SUc4oCJoXx9Uxjtp0Vy3/kt7zcbxHF8+Z/pK3UloLWzBISg72brfy1w== + dependencies: + semver "^5.4.1" + +node-addon-api@^1.6.3: + version "1.7.2" + resolved "https://registry.yarnpkg.com/node-addon-api/-/node-addon-api-1.7.2.tgz#3df30b95720b53c24e59948b49532b662444f54d" + integrity sha512-ibPK3iA+vaY1eEjESkQkM0BbCqFOaZMiXRTtdB0u7b4djtY6JnsjvPdUHVMg6xQt3B8fpTTWHI9A+ADjM9frzg== + +node-fetch@^2.6.6: + version "2.6.7" + resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.7.tgz#24de9fba827e3b4ae44dc8b20256a379160052ad" + integrity sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ== + dependencies: + whatwg-url "^5.0.0" + +normalize-url@^4.1.0: + version "4.5.1" + resolved "https://registry.yarnpkg.com/normalize-url/-/normalize-url-4.5.1.tgz#0dd90cf1288ee1d1313b87081c9a5932ee48518a" + integrity sha512-9UZCFRHQdNrfTpGg8+1INIg93B6zE0aXMVFkw1WFwvO4SlZywU6aLg5Of0Ap/PgcbSw4LNxvMWXMeugwMCX0AA== + +npm-conf@^1.1.3: + version "1.1.3" + resolved "https://registry.yarnpkg.com/npm-conf/-/npm-conf-1.1.3.tgz#256cc47bd0e218c259c4e9550bf413bc2192aff9" + integrity sha512-Yic4bZHJOt9RCFbRP3GgpqhScOY4HH3V2P8yBj6CeYq118Qr+BLXqT2JvpJ00mryLESpgOxf5XlFv4ZjXxLScw== + dependencies: + config-chain "^1.1.11" + pify "^3.0.0" + +npmlog@^4.0.1: + version "4.1.2" + resolved "https://registry.yarnpkg.com/npmlog/-/npmlog-4.1.2.tgz#08a7f2a8bf734604779a9efa4ad5cc717abb954b" + integrity sha512-2uUqazuKlTaSI/dC8AzicUck7+IrEaOnN/e0jd3Xtt1KcGpwx30v50mL7oPyr/h9bL3E4aZccVwpwP+5W9Vjkg== + dependencies: + are-we-there-yet "~1.1.2" + console-control-strings "~1.1.0" + gauge "~2.7.3" + set-blocking "~2.0.0" + +number-is-nan@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d" + integrity sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0= + +object-assign@^4.1.0: + version "4.1.1" + resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.1.tgz#2109adc7965887cfc05cbbd442cac8bfbb360863" + integrity sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM= + +object-keys@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/object-keys/-/object-keys-1.1.1.tgz#1c47f272df277f3b1daf061677d9c82e2322c60e" + integrity sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA== + +once@^1.3.0, once@^1.3.1, once@^1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1" + integrity sha1-WDsap3WWHUsROsF9nFC6753Xa9E= + dependencies: + wrappy "1" + +optionator@^0.8.1: + version "0.8.3" + resolved "https://registry.yarnpkg.com/optionator/-/optionator-0.8.3.tgz#84fa1d036fe9d3c7e21d99884b601167ec8fb495" + integrity sha512-+IW9pACdk3XWmmTXG8m3upGUJst5XRGzxMRjXzAuJ1XnIFNvfhjjIuYkDvysnPQ7qzqVzLt78BCruntqRhWQbA== + dependencies: + deep-is "~0.1.3" + fast-levenshtein "~2.0.6" + levn "~0.3.0" + prelude-ls "~1.1.2" + type-check "~0.3.2" + word-wrap "~1.2.3" + +p-cancelable@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/p-cancelable/-/p-cancelable-1.1.0.tgz#d078d15a3af409220c886f1d9a0ca2e441ab26cc" + integrity sha512-s73XxOZ4zpt1edZYZzvhqFa6uvQc1vwUa0K0BdtIZgQMAJj9IbebH+JkgKZc9h+B05PKHLOTl4ajG1BmNrVZlw== + +p-is-promise@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/p-is-promise/-/p-is-promise-3.0.0.tgz#58e78c7dfe2e163cf2a04ff869e7c1dba64a5971" + integrity sha512-Wo8VsW4IRQSKVXsJCn7TomUaVtyfjVDn3nUP7kE967BQk0CwFpdbZs0X0uk5sW9mkBa9eNM7hCMaG93WUAwxYQ== + +package-json@^6.3.0: + version "6.5.0" + resolved "https://registry.yarnpkg.com/package-json/-/package-json-6.5.0.tgz#6feedaca35e75725876d0b0e64974697fed145b0" + integrity sha512-k3bdm2n25tkyxcjSKzB5x8kfVxlMdgsbPr0GkZcwHsLpba6cBjqCt1KlcChKEvxHIcTB1FVMuwoijZ26xex5MQ== + dependencies: + got "^9.6.0" + registry-auth-token "^4.0.0" + registry-url "^5.0.0" + semver "^6.2.0" + +path-exists@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-4.0.0.tgz#513bdbe2d3b95d7762e8c1137efa195c6c61b5b3" + integrity sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w== + +path-is-absolute@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f" + integrity sha1-F0uSaHNVNP+8es5r9TpanhtcX18= + +path-key@^3.1.0: + version "3.1.1" + resolved "https://registry.yarnpkg.com/path-key/-/path-key-3.1.1.tgz#581f6ade658cbba65a0d3380de7753295054f375" + integrity sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q== + +path-parse@^1.0.7: + version "1.0.7" + resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735" + integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw== + +path-type@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/path-type/-/path-type-4.0.0.tgz#84ed01c0a7ba380afe09d90a8c180dcd9d03043b" + integrity sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw== + +pend@~1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/pend/-/pend-1.2.0.tgz#7a57eb550a6783f9115331fcf4663d5c8e007a50" + integrity sha512-F3asv42UuXchdzt+xXqfW1OGlVBe+mxa2mqI0pg5yAHZPvFmY3Y6drSf/GQ1A86WgWEN9Kzh/WrgKa6iGcHXLg== + +picomatch@^2.2.3: + version "2.3.1" + resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.3.1.tgz#3ba3833733646d9d3e4995946c1365a67fb07a42" + integrity sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA== + +pify@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/pify/-/pify-3.0.0.tgz#e5a4acd2c101fdf3d9a4d07f0dbc4db49dd28176" + integrity sha512-C3FsVNH1udSEX48gGX1xfvwTWfsYWj5U+8/uK15BGzIGrKoUpghX8hWZwa/OFnakBiiVNmBvemTJR5mcy7iPcg== + +pkg-fetch@3.2.6: + version "3.2.6" + resolved "https://registry.yarnpkg.com/pkg-fetch/-/pkg-fetch-3.2.6.tgz#8473e1da5763522c4c3c051917db7274b75836fa" + integrity sha512-Q8fx6SIT022g0cdSE4Axv/xpfHeltspo2gg1KsWRinLQZOTRRAtOOaEFghA1F3jJ8FVsh8hGrL/Pb6Ea5XHIFw== + dependencies: + chalk "^4.1.2" + fs-extra "^9.1.0" + https-proxy-agent "^5.0.0" + node-fetch "^2.6.6" + progress "^2.0.3" + semver "^7.3.5" + tar-fs "^2.1.1" + yargs "^16.2.0" + +pkg@^5.5.0: + version "5.5.2" + resolved "https://registry.yarnpkg.com/pkg/-/pkg-5.5.2.tgz#c21ca9b5cb48feceb3b158c17df855ada350086d" + integrity sha512-pD0UB2ud01C6pVv2wpGsTYJrXI/bnvGRYvMLd44wFzA1p+A2jrlTGFPAYa7YEYzmitXhx23PqalaG1eUEnSwcA== + dependencies: + "@babel/parser" "7.16.2" + "@babel/types" "7.16.0" + chalk "^4.1.2" + escodegen "^2.0.0" + fs-extra "^9.1.0" + globby "^11.0.4" + into-stream "^6.0.0" + minimist "^1.2.5" + multistream "^4.1.0" + pkg-fetch "3.2.6" + prebuild-install "6.1.4" + progress "^2.0.3" + resolve "^1.20.0" + stream-meter "^1.0.4" + tslib "2.3.1" + +plist@^3.0.1, plist@^3.0.4: + version "3.0.4" + resolved "https://registry.yarnpkg.com/plist/-/plist-3.0.4.tgz#a62df837e3aed2bb3b735899d510c4f186019cbe" + integrity sha512-ksrr8y9+nXOxQB2osVNqrgvX/XQPOXaU4BQMKjYq8PvaY1U18mo+fKgBSwzK+luSyinOuPae956lSVcBwxlAMg== + dependencies: + base64-js "^1.5.1" + xmlbuilder "^9.0.7" + +prebuild-install@6.1.4: + version "6.1.4" + resolved "https://registry.yarnpkg.com/prebuild-install/-/prebuild-install-6.1.4.tgz#ae3c0142ad611d58570b89af4986088a4937e00f" + integrity sha512-Z4vpywnK1lBg+zdPCVCsKq0xO66eEV9rWo2zrROGGiRS4JtueBOdlB1FnY8lcy7JsUud/Q3ijUxyWN26Ika0vQ== + dependencies: + detect-libc "^1.0.3" + expand-template "^2.0.3" + github-from-package "0.0.0" + minimist "^1.2.3" + mkdirp-classic "^0.5.3" + napi-build-utils "^1.0.1" + node-abi "^2.21.0" + npmlog "^4.0.1" + pump "^3.0.0" + rc "^1.2.7" + simple-get "^3.0.3" + tar-fs "^2.0.0" + tunnel-agent "^0.6.0" + +prelude-ls@~1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.1.2.tgz#21932a549f5e52ffd9a827f570e04be62a97da54" + integrity sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ= + +prepend-http@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/prepend-http/-/prepend-http-2.0.0.tgz#e92434bfa5ea8c19f41cdfd401d741a3c819d897" + integrity sha512-ravE6m9Atw9Z/jjttRUZ+clIXogdghyZAuWJ3qEzjT+jI/dL1ifAqhZeC5VHzQp1MSt1+jxKkFNemj/iO7tVUA== + +process-nextick-args@~2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.1.tgz#7820d9b16120cc55ca9ae7792680ae7dba6d7fe2" + integrity sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag== + +progress@^2.0.3: + version "2.0.3" + resolved "https://registry.yarnpkg.com/progress/-/progress-2.0.3.tgz#7e8cf8d8f5b8f239c1bc68beb4eb78567d572ef8" + integrity sha512-7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA== + +proto-list@~1.2.1: + version "1.2.4" + resolved "https://registry.yarnpkg.com/proto-list/-/proto-list-1.2.4.tgz#212d5bfe1318306a420f6402b8e26ff39647a849" + integrity sha512-vtK/94akxsTMhe0/cbfpR+syPuszcuwhqVjJq26CuNDgFGj682oRBXOP5MJpv2r7JtE8MsiepGIqvvOTBwn2vA== + +pump@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/pump/-/pump-3.0.0.tgz#b4a2116815bde2f4e1ea602354e8c75565107a64" + integrity sha512-LwZy+p3SFs1Pytd/jYct4wpv49HiYCqd9Rlc5ZVdk0V+8Yzv6jR5Blk3TRmPL1ft69TxP0IMZGJ+WPFU2BFhww== + dependencies: + end-of-stream "^1.1.0" + once "^1.3.1" + +punycode@^2.1.0: + version "2.1.1" + resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.1.1.tgz#b58b010ac40c22c5657616c8d2c2c02c7bf479ec" + integrity sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A== + +pupa@^2.0.1, pupa@^2.1.1: + version "2.1.1" + resolved "https://registry.yarnpkg.com/pupa/-/pupa-2.1.1.tgz#f5e8fd4afc2c5d97828faa523549ed8744a20d62" + integrity sha512-l1jNAspIBSFqbT+y+5FosojNpVpF94nlI+wDUpqP9enwOTfHx9f0gh5nB96vl+6yTpsJsypeNrwfzPrKuHB41A== + dependencies: + escape-goat "^2.0.0" + +q@^1.0.1: + version "1.5.1" + resolved "https://registry.yarnpkg.com/q/-/q-1.5.1.tgz#7e32f75b41381291d04611f1bf14109ac00651d7" + integrity sha1-fjL3W0E4EpHQRhHxvxQQmsAGUdc= + +queue-microtask@^1.2.2: + version "1.2.3" + resolved "https://registry.yarnpkg.com/queue-microtask/-/queue-microtask-1.2.3.tgz#4929228bbc724dfac43e0efb058caf7b6cfb6243" + integrity sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A== + +rc@^1.2.7, rc@^1.2.8: + version "1.2.8" + resolved "https://registry.yarnpkg.com/rc/-/rc-1.2.8.tgz#cd924bf5200a075b83c188cd6b9e211b7fc0d3ed" + integrity sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw== + dependencies: + deep-extend "^0.6.0" + ini "~1.3.0" + minimist "^1.2.0" + strip-json-comments "~2.0.1" + +read-config-file@6.2.0: + version "6.2.0" + resolved "https://registry.yarnpkg.com/read-config-file/-/read-config-file-6.2.0.tgz#71536072330bcd62ba814f91458b12add9fc7ade" + integrity sha512-gx7Pgr5I56JtYz+WuqEbQHj/xWo+5Vwua2jhb1VwM4Wid5PqYmZ4i00ZB0YEGIfkVBsCv9UrjgyqCiQfS/Oosg== + dependencies: + dotenv "^9.0.2" + dotenv-expand "^5.1.0" + js-yaml "^4.1.0" + json5 "^2.2.0" + lazy-val "^1.0.4" + +readable-stream@^2.0.0, readable-stream@^2.0.6, readable-stream@^2.1.4, readable-stream@^2.2.2: + version "2.3.7" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.7.tgz#1eca1cf711aef814c04f62252a36a62f6cb23b57" + integrity sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw== + dependencies: + core-util-is "~1.0.0" + inherits "~2.0.3" + isarray "~1.0.0" + process-nextick-args "~2.0.0" + safe-buffer "~5.1.1" + string_decoder "~1.1.1" + util-deprecate "~1.0.1" + +readable-stream@^3.1.1, readable-stream@^3.4.0, readable-stream@^3.6.0: + version "3.6.0" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-3.6.0.tgz#337bbda3adc0706bd3e024426a286d4b4b2c9198" + integrity sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA== + dependencies: + inherits "^2.0.3" + string_decoder "^1.1.1" + util-deprecate "^1.0.1" + +registry-auth-token@^4.0.0: + version "4.2.1" + resolved "https://registry.yarnpkg.com/registry-auth-token/-/registry-auth-token-4.2.1.tgz#6d7b4006441918972ccd5fedcd41dc322c79b250" + integrity sha512-6gkSb4U6aWJB4SF2ZvLb76yCBjcvufXBqvvEx1HbmKPkutswjW1xNVRY0+daljIYRbogN7O0etYSlbiaEQyMyw== + dependencies: + rc "^1.2.8" + +registry-url@^5.0.0: + version "5.1.0" + resolved "https://registry.yarnpkg.com/registry-url/-/registry-url-5.1.0.tgz#e98334b50d5434b81136b44ec638d9c2009c5009" + integrity sha512-8acYXXTI0AkQv6RAOjE3vOaIXZkT9wo4LOFbBKYQEEnnMNBpKqdUrI6S4NT0KPIo/WVvJ5tE/X5LF/TQUf0ekw== + dependencies: + rc "^1.2.8" + +require-directory@^2.1.1: + version "2.1.1" + resolved "https://registry.yarnpkg.com/require-directory/-/require-directory-2.1.1.tgz#8c64ad5fd30dab1c976e2344ffe7f792a6a6df42" + integrity sha1-jGStX9MNqxyXbiNE/+f3kqam30I= + +resolve@^1.20.0: + version "1.22.0" + resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.22.0.tgz#5e0b8c67c15df57a89bdbabe603a002f21731198" + integrity sha512-Hhtrw0nLeSrFQ7phPp4OOcVjLPIeMnRlr5mcnVuMe7M/7eBn98A3hmFRLoFo3DLZkivSYwhRUJTyPyWAk56WLw== + dependencies: + is-core-module "^2.8.1" + path-parse "^1.0.7" + supports-preserve-symlinks-flag "^1.0.0" + +responselike@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/responselike/-/responselike-1.0.2.tgz#918720ef3b631c5642be068f15ade5a46f4ba1e7" + integrity sha512-/Fpe5guzJk1gPqdJLJR5u7eG/gNY4nImjbRDaVWVMRhne55TCmj2i9Q+54PBRfatRC8v/rIiv9BN0pMd9OV5EQ== + dependencies: + lowercase-keys "^1.0.0" + +reusify@^1.0.4: + version "1.0.4" + resolved "https://registry.yarnpkg.com/reusify/-/reusify-1.0.4.tgz#90da382b1e126efc02146e90845a88db12925d76" + integrity sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw== + +rimraf@^2.2.8: + version "2.7.1" + resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.7.1.tgz#35797f13a7fdadc566142c29d4f07ccad483e3ec" + integrity sha512-uWjbaKIK3T1OSVptzX7Nl6PvQ3qAGtKEtVRjRuazjfL3Bx5eI409VZSqgND+4UNnmzLVdPj9FqFJNPqBZFve4w== + dependencies: + glob "^7.1.3" + +rimraf@^3.0.0: + version "3.0.2" + resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-3.0.2.tgz#f1a5402ba6220ad52cc1282bac1ae3aa49fd061a" + integrity sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA== + dependencies: + glob "^7.1.3" + +roarr@^2.15.3: + version "2.15.4" + resolved "https://registry.yarnpkg.com/roarr/-/roarr-2.15.4.tgz#f5fe795b7b838ccfe35dc608e0282b9eba2e7afd" + integrity sha512-CHhPh+UNHD2GTXNYhPWLnU8ONHdI+5DI+4EYIAOaiD63rHeYlZvyh8P+in5999TTSFgUYuKUAjzRI4mdh/p+2A== + dependencies: + boolean "^3.0.1" + detect-node "^2.0.4" + globalthis "^1.0.1" + json-stringify-safe "^5.0.1" + semver-compare "^1.0.0" + sprintf-js "^1.1.2" + +run-parallel@^1.1.9: + version "1.2.0" + resolved "https://registry.yarnpkg.com/run-parallel/-/run-parallel-1.2.0.tgz#66d1368da7bdf921eb9d95bd1a9229e7f21a43ee" + integrity sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA== + dependencies: + queue-microtask "^1.2.2" + +safe-buffer@^5.0.1, safe-buffer@~5.2.0: + version "5.2.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.2.1.tgz#1eaf9fa9bdb1fdd4ec75f58f9cdb4e6b7827eec6" + integrity sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ== + +safe-buffer@~5.1.0, safe-buffer@~5.1.1: + version "5.1.2" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d" + integrity sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g== + +"safer-buffer@>= 2.1.2 < 3.0.0": + version "2.1.2" + resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a" + integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg== + +sanitize-filename@^1.6.3: + version "1.6.3" + resolved "https://registry.yarnpkg.com/sanitize-filename/-/sanitize-filename-1.6.3.tgz#755ebd752045931977e30b2025d340d7c9090378" + integrity sha512-y/52Mcy7aw3gRm7IrcGDFx/bCk4AhRh2eI9luHOQM86nZsqwiRkkq2GekHXBBD+SmPidc8i2PqtYZl+pWJ8Oeg== + dependencies: + truncate-utf8-bytes "^1.0.0" + +sax@^1.2.4: + version "1.2.4" + resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.4.tgz#2816234e2378bddc4e5354fab5caa895df7100d9" + integrity sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw== + +semver-compare@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/semver-compare/-/semver-compare-1.0.0.tgz#0dee216a1c941ab37e9efb1788f6afc5ff5537fc" + integrity sha512-YM3/ITh2MJ5MtzaM429anh+x2jiLVjqILF4m4oyQB18W7Ggea7BfqdH/wGMK7dDiMghv/6WG7znWMwUDzJiXow== + +semver-diff@^3.1.1: + version "3.1.1" + resolved "https://registry.yarnpkg.com/semver-diff/-/semver-diff-3.1.1.tgz#05f77ce59f325e00e2706afd67bb506ddb1ca32b" + integrity sha512-GX0Ix/CJcHyB8c4ykpHGIAvLyOwOobtM/8d+TQkAd81/bEjgPHrfba41Vpesr7jX/t8Uh+R3EX9eAS5be+jQYg== + dependencies: + semver "^6.3.0" + +semver@^5.4.1: + version "5.7.1" + resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.1.tgz#a954f931aeba508d307bbf069eff0c01c96116f7" + integrity sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ== + +semver@^6.0.0, semver@^6.2.0, semver@^6.3.0: + version "6.3.0" + resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.0.tgz#ee0a64c8af5e8ceea67687b133761e1becbd1d3d" + integrity sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw== + +semver@^7.3.2: + version "7.3.7" + resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.7.tgz#12c5b649afdbf9049707796e22a4028814ce523f" + integrity sha512-QlYTucUYOews+WeEujDoEGziz4K6c47V/Bd+LjSSYcA94p+DmINdf7ncaUinThfvZyu13lN9OY1XDxt8C0Tw0g== + dependencies: + lru-cache "^6.0.0" + +semver@^7.3.4, semver@^7.3.5: + version "7.3.5" + resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.5.tgz#0b621c879348d8998e4b0e4be94b3f12e6018ef7" + integrity sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ== + dependencies: + lru-cache "^6.0.0" + +serialize-error@^7.0.1: + version "7.0.1" + resolved "https://registry.yarnpkg.com/serialize-error/-/serialize-error-7.0.1.tgz#f1360b0447f61ffb483ec4157c737fab7d778e18" + integrity sha512-8I8TjW5KMOKsZQTvoxjuSIa7foAwPWGOts+6o7sgjz41/qMD9VQHEDxi6PBvK2l0MXUmqZyNpUK+T2tQaaElvw== + dependencies: + type-fest "^0.13.1" + +set-blocking@~2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7" + integrity sha1-BF+XgtARrppoA93TgrJDkrPYkPc= + +shebang-command@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/shebang-command/-/shebang-command-2.0.0.tgz#ccd0af4f8835fbdc265b82461aaf0c36663f34ea" + integrity sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA== + dependencies: + shebang-regex "^3.0.0" + +shebang-regex@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-3.0.0.tgz#ae16f1644d873ecad843b0307b143362d4c42172" + integrity sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A== + +signal-exit@^3.0.0, signal-exit@^3.0.2: + version "3.0.7" + resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.7.tgz#a9a1767f8af84155114eaabd73f99273c8f59ad9" + integrity sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ== + +simple-concat@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/simple-concat/-/simple-concat-1.0.1.tgz#f46976082ba35c2263f1c8ab5edfe26c41c9552f" + integrity sha512-cSFtAPtRhljv69IK0hTVZQ+OfE9nePi/rtJmw5UjHeVyVroEqJXP1sFztKUy1qU+xvz3u/sfYJLa947b7nAN2Q== + +simple-get@^3.0.3: + version "3.1.1" + resolved "https://registry.yarnpkg.com/simple-get/-/simple-get-3.1.1.tgz#cc7ba77cfbe761036fbfce3d021af25fc5584d55" + integrity sha512-CQ5LTKGfCpvE1K0n2us+kuMPbk/q0EKl82s4aheV9oXjFEz6W/Y7oQFVJuU6QG77hRT4Ghb5RURteF5vnWjupA== + dependencies: + decompress-response "^4.2.0" + once "^1.3.1" + simple-concat "^1.0.0" + +slash@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/slash/-/slash-3.0.0.tgz#6539be870c165adbd5240220dbe361f1bc4d4634" + integrity sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q== + +slice-ansi@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/slice-ansi/-/slice-ansi-3.0.0.tgz#31ddc10930a1b7e0b67b08c96c2f49b77a789787" + integrity sha512-pSyv7bSTC7ig9Dcgbw9AuRNUb5k5V6oDudjZoMBSr13qpLBG7tB+zgCkARjq7xIUgdz5P1Qe8u+rSGdouOOIyQ== + dependencies: + ansi-styles "^4.0.0" + astral-regex "^2.0.0" + is-fullwidth-code-point "^3.0.0" + +smart-buffer@^4.0.2: + version "4.2.0" + resolved "https://registry.yarnpkg.com/smart-buffer/-/smart-buffer-4.2.0.tgz#6e1d71fa4f18c05f7d0ff216dd16a481d0e8d9ae" + integrity sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg== + +sort-keys-length@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/sort-keys-length/-/sort-keys-length-1.0.1.tgz#9cb6f4f4e9e48155a6aa0671edd336ff1479a188" + integrity sha1-nLb09OnkgVWmqgZx7dM2/xR5oYg= + dependencies: + sort-keys "^1.0.0" + +sort-keys@^1.0.0: + version "1.1.2" + resolved "https://registry.yarnpkg.com/sort-keys/-/sort-keys-1.1.2.tgz#441b6d4d346798f1b4e49e8920adfba0e543f9ad" + integrity sha1-RBttTTRnmPG05J6JIK37oOVD+a0= + dependencies: + is-plain-obj "^1.0.0" + +source-map-support@^0.5.19: + version "0.5.21" + resolved "https://registry.yarnpkg.com/source-map-support/-/source-map-support-0.5.21.tgz#04fe7c7f9e1ed2d662233c28cb2b35b9f63f6e4f" + integrity sha512-uBHU3L3czsIyYXKX88fdrGovxdSCoTGDRZ6SYXtSRxLZUzHg5P/66Ht6uoUlHu9EZod+inXhKo3qQgwXUT/y1w== + dependencies: + buffer-from "^1.0.0" + source-map "^0.6.0" + +source-map@^0.6.0, source-map@~0.6.1: + version "0.6.1" + resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.6.1.tgz#74722af32e9614e9c287a8d0bbde48b5e2f1a263" + integrity sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g== + +sprintf-js@^1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.1.2.tgz#da1765262bf8c0f571749f2ad6c26300207ae673" + integrity sha512-VE0SOVEHCk7Qc8ulkWw3ntAzXuqf7S2lvwQaDLRnUeIEaKNQJzV6BwmLKhOqT61aGhfUMrXeaBk+oDGCzvhcug== + +stat-mode@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/stat-mode/-/stat-mode-1.0.0.tgz#68b55cb61ea639ff57136f36b216a291800d1465" + integrity sha512-jH9EhtKIjuXZ2cWxmXS8ZP80XyC3iasQxMDV8jzhNJpfDb7VbQLVW4Wvsxz9QZvzV+G4YoSfBUVKDOyxLzi/sg== + +stream-meter@^1.0.4: + version "1.0.4" + resolved "https://registry.yarnpkg.com/stream-meter/-/stream-meter-1.0.4.tgz#52af95aa5ea760a2491716704dbff90f73afdd1d" + integrity sha1-Uq+Vql6nYKJJFxZwTb/5D3Ov3R0= + dependencies: + readable-stream "^2.1.4" + +string-width@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3" + integrity sha1-EYvfW4zcUaKn5w0hHgfisLmxB9M= + dependencies: + code-point-at "^1.0.0" + is-fullwidth-code-point "^1.0.0" + strip-ansi "^3.0.0" + +"string-width@^1.0.2 || 2 || 3 || 4", string-width@^4.0.0, string-width@^4.1.0, string-width@^4.2.0, string-width@^4.2.2, string-width@^4.2.3: + version "4.2.3" + resolved "https://registry.yarnpkg.com/string-width/-/string-width-4.2.3.tgz#269c7117d27b05ad2e536830a8ec895ef9c6d010" + integrity sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g== + dependencies: + emoji-regex "^8.0.0" + is-fullwidth-code-point "^3.0.0" + strip-ansi "^6.0.1" + +string_decoder@^1.1.1: + version "1.3.0" + resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.3.0.tgz#42f114594a46cf1a8e30b0a84f56c78c3edac21e" + integrity sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA== + dependencies: + safe-buffer "~5.2.0" + +string_decoder@~1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.1.1.tgz#9cf1611ba62685d7030ae9e4ba34149c3af03fc8" + integrity sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg== + dependencies: + safe-buffer "~5.1.0" + +strip-ansi@^3.0.0, strip-ansi@^3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-3.0.1.tgz#6a385fb8853d952d5ff05d0e8aaf94278dc63dcf" + integrity sha1-ajhfuIU9lS1f8F0Oiq+UJ43GPc8= + dependencies: + ansi-regex "^2.0.0" + +strip-ansi@^6.0.0, strip-ansi@^6.0.1: + version "6.0.1" + resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-6.0.1.tgz#9e26c63d30f53443e9489495b2105d37b67a85d9" + integrity sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A== + dependencies: + ansi-regex "^5.0.1" + +strip-json-comments@~2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-2.0.1.tgz#3c531942e908c2697c0ec344858c286c7ca0a60a" + integrity sha1-PFMZQukIwml8DsNEhYwobHygpgo= + +sumchecker@^3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/sumchecker/-/sumchecker-3.0.1.tgz#6377e996795abb0b6d348e9b3e1dfb24345a8e42" + integrity sha512-MvjXzkz/BOfyVDkG0oFOtBxHX2u3gKbMHIF/dXblZsgD3BWOFLmHovIpZY7BykJdAjcqRCBi1WYBNdEC9yI7vg== + dependencies: + debug "^4.1.0" + +supports-color@^5.3.0: + version "5.5.0" + resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-5.5.0.tgz#e2e69a44ac8772f78a1ec0b35b689df6530efc8f" + integrity sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow== + dependencies: + has-flag "^3.0.0" + +supports-color@^7.1.0: + version "7.2.0" + resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-7.2.0.tgz#1b7dcdcb32b8138801b3e478ba6a51caa89648da" + integrity sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw== + dependencies: + has-flag "^4.0.0" + +supports-preserve-symlinks-flag@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz#6eda4bd344a3c94aea376d4cc31bc77311039e09" + integrity sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w== + +tar-fs@^2.0.0, tar-fs@^2.1.1: + version "2.1.1" + resolved "https://registry.yarnpkg.com/tar-fs/-/tar-fs-2.1.1.tgz#489a15ab85f1f0befabb370b7de4f9eb5cbe8784" + integrity sha512-V0r2Y9scmbDRLCNex/+hYzvp/zyYjvFbHPNgVTKfQvVrb6guiE/fxP+XblDNR011utopbkex2nM4dHNV6GDsng== + dependencies: + chownr "^1.1.1" + mkdirp-classic "^0.5.2" + pump "^3.0.0" + tar-stream "^2.1.4" + +tar-stream@^2.1.4: + version "2.2.0" + resolved "https://registry.yarnpkg.com/tar-stream/-/tar-stream-2.2.0.tgz#acad84c284136b060dc3faa64474aa9aebd77287" + integrity sha512-ujeqbceABgwMZxEJnk2HDY2DlnUZ+9oEcb1KzTVfYHio0UE6dG71n60d8D2I4qNvleWrrXpmjpt7vZeF1LnMZQ== + dependencies: + bl "^4.0.3" + end-of-stream "^1.4.1" + fs-constants "^1.0.0" + inherits "^2.0.3" + readable-stream "^3.1.1" + +temp-file@^3.4.0: + version "3.4.0" + resolved "https://registry.yarnpkg.com/temp-file/-/temp-file-3.4.0.tgz#766ea28911c683996c248ef1a20eea04d51652c7" + integrity sha512-C5tjlC/HCtVUOi3KWVokd4vHVViOmGjtLwIh4MuzPo/nMYTV/p1urt3RnMz2IWXDdKEGJH3k5+KPxtqRsUYGtg== + dependencies: + async-exit-hook "^2.0.1" + fs-extra "^10.0.0" + +tmp-promise@^3.0.2: + version "3.0.3" + resolved "https://registry.yarnpkg.com/tmp-promise/-/tmp-promise-3.0.3.tgz#60a1a1cc98c988674fcbfd23b6e3367bdeac4ce7" + integrity sha512-RwM7MoPojPxsOBYnyd2hy0bxtIlVrihNs9pj5SUvY8Zz1sQcQG2tG1hSr8PDxfgEB8RNKDhqbIlroIarSNDNsQ== + dependencies: + tmp "^0.2.0" + +tmp@^0.2.0: + version "0.2.1" + resolved "https://registry.yarnpkg.com/tmp/-/tmp-0.2.1.tgz#8457fc3037dcf4719c251367a1af6500ee1ccf14" + integrity sha512-76SUhtfqR2Ijn+xllcI5P1oyannHNHByD80W1q447gU3mp9G9PSpGdWmjUOHRDPiHYacIk66W7ubDTuPF3BEtQ== + dependencies: + rimraf "^3.0.0" + +to-fast-properties@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/to-fast-properties/-/to-fast-properties-2.0.0.tgz#dc5e698cbd079265bc73e0377681a4e4e83f616e" + integrity sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4= + +to-readable-stream@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/to-readable-stream/-/to-readable-stream-1.0.0.tgz#ce0aa0c2f3df6adf852efb404a783e77c0475771" + integrity sha512-Iq25XBt6zD5npPhlLVXGFN3/gyR2/qODcKNNyTMd4vbm39HUaOiAM4PMq0eMVC/Tkxz+Zjdsc55g9yyz+Yq00Q== + +to-regex-range@^5.0.1: + version "5.0.1" + resolved "https://registry.yarnpkg.com/to-regex-range/-/to-regex-range-5.0.1.tgz#1648c44aae7c8d988a326018ed72f5b4dd0392e4" + integrity sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ== + dependencies: + is-number "^7.0.0" + +tr46@~0.0.3: + version "0.0.3" + resolved "https://registry.yarnpkg.com/tr46/-/tr46-0.0.3.tgz#8184fd347dac9cdc185992f3a6622e14b9d9ab6a" + integrity sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o= + +truncate-utf8-bytes@^1.0.0: + version "1.0.2" + resolved "https://registry.yarnpkg.com/truncate-utf8-bytes/-/truncate-utf8-bytes-1.0.2.tgz#405923909592d56f78a5818434b0b78489ca5f2b" + integrity sha1-QFkjkJWS1W94pYGENLC3hInKXys= + dependencies: + utf8-byte-length "^1.0.1" + +tslib@2.3.1: + version "2.3.1" + resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.3.1.tgz#e8a335add5ceae51aa261d32a490158ef042ef01" + integrity sha512-77EbyPPpMz+FRFRuAFlWMtmgUWGe9UOG2Z25NqCwiIjRhOf5iKGuzSe5P2w1laq+FkRy4p+PCuVkJSGkzTEKVw== + +tunnel-agent@^0.6.0: + version "0.6.0" + resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.6.0.tgz#27a5dea06b36b04a0a9966774b290868f0fc40fd" + integrity sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0= + dependencies: + safe-buffer "^5.0.1" + +tunnel@^0.0.6: + version "0.0.6" + resolved "https://registry.yarnpkg.com/tunnel/-/tunnel-0.0.6.tgz#72f1314b34a5b192db012324df2cc587ca47f92c" + integrity sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg== + +type-check@~0.3.2: + version "0.3.2" + resolved "https://registry.yarnpkg.com/type-check/-/type-check-0.3.2.tgz#5884cab512cf1d355e3fb784f30804b2b520db72" + integrity sha1-WITKtRLPHTVeP7eE8wgEsrUg23I= + dependencies: + prelude-ls "~1.1.2" + +type-fest@^0.13.1: + version "0.13.1" + resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.13.1.tgz#0172cb5bce80b0bd542ea348db50c7e21834d934" + integrity sha512-34R7HTnG0XIJcBSn5XhDd7nNFPRcXYRZrBB2O2jdKqYODldSzBAqzsWoZYYvduky73toYS/ESqxPvkDf/F0XMg== + +type-fest@^0.20.2: + version "0.20.2" + resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.20.2.tgz#1bf207f4b28f91583666cb5fbd327887301cd5f4" + integrity sha512-Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ== + +typedarray-to-buffer@^3.1.5: + version "3.1.5" + resolved "https://registry.yarnpkg.com/typedarray-to-buffer/-/typedarray-to-buffer-3.1.5.tgz#a97ee7a9ff42691b9f783ff1bc5112fe3fca9080" + integrity sha512-zdu8XMNEDepKKR+XYOXAVPtWui0ly0NtohUscw+UmaHiAWT8hrV1rr//H6V+0DvJ3OQ19S979M0laLfX8rm82Q== + dependencies: + is-typedarray "^1.0.0" + +typedarray@^0.0.6: + version "0.0.6" + resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" + integrity sha512-/aCDEGatGvZ2BIk+HmLf4ifCJFwvKFNb9/JeZPMulfgFracn9QFcAf5GO8B/mweUjSoblS5In0cWhqpfs/5PQA== + +unique-string@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/unique-string/-/unique-string-2.0.0.tgz#39c6451f81afb2749de2b233e3f7c5e8843bd89d" + integrity sha512-uNaeirEPvpZWSgzwsPGtU2zVSTrn/8L5q/IexZmH0eH6SA73CmAA5U4GwORTxQAZs95TAXLNqeLoPPNO5gZfWg== + dependencies: + crypto-random-string "^2.0.0" + +universalify@^0.1.0: + version "0.1.2" + resolved "https://registry.yarnpkg.com/universalify/-/universalify-0.1.2.tgz#b646f69be3942dabcecc9d6639c80dc105efaa66" + integrity sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg== + +universalify@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/universalify/-/universalify-2.0.0.tgz#75a4984efedc4b08975c5aeb73f530d02df25717" + integrity sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ== + +unused-filename@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/unused-filename/-/unused-filename-2.1.0.tgz#33719c4e8d9644f32d2dec1bc8525c6aaeb4ba51" + integrity sha512-BMiNwJbuWmqCpAM1FqxCTD7lXF97AvfQC8Kr/DIeA6VtvhJaMDupZ82+inbjl5yVP44PcxOuCSxye1QMS0wZyg== + dependencies: + modify-filename "^1.1.0" + path-exists "^4.0.0" + +update-notifier@^5.1.0: + version "5.1.0" + resolved "https://registry.yarnpkg.com/update-notifier/-/update-notifier-5.1.0.tgz#4ab0d7c7f36a231dd7316cf7729313f0214d9ad9" + integrity sha512-ItnICHbeMh9GqUy31hFPrD1kcuZ3rpxDZbf4KUDavXwS0bW5m7SLbDQpGX3UYr072cbrF5hFUs3r5tUsPwjfHw== + dependencies: + boxen "^5.0.0" + chalk "^4.1.0" + configstore "^5.0.1" + has-yarn "^2.1.0" + import-lazy "^2.1.0" + is-ci "^2.0.0" + is-installed-globally "^0.4.0" + is-npm "^5.0.0" + is-yarn-global "^0.3.0" + latest-version "^5.1.0" + pupa "^2.1.1" + semver "^7.3.4" + semver-diff "^3.1.1" + xdg-basedir "^4.0.0" + +uri-js@^4.2.2: + version "4.4.1" + resolved "https://registry.yarnpkg.com/uri-js/-/uri-js-4.4.1.tgz#9b1a52595225859e55f669d928f88c6c57f2a77e" + integrity sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg== + dependencies: + punycode "^2.1.0" + +url-parse-lax@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/url-parse-lax/-/url-parse-lax-3.0.0.tgz#16b5cafc07dbe3676c1b1999177823d6503acb0c" + integrity sha512-NjFKA0DidqPa5ciFcSrXnAltTtzz84ogy+NebPvfEgAck0+TNg4UJ4IN+fB7zRZfbgUf0syOo9MDxFkDSMuFaQ== + dependencies: + prepend-http "^2.0.0" + +utf8-byte-length@^1.0.1: + version "1.0.4" + resolved "https://registry.yarnpkg.com/utf8-byte-length/-/utf8-byte-length-1.0.4.tgz#f45f150c4c66eee968186505ab93fcbb8ad6bf61" + integrity sha1-9F8VDExm7uloGGUFq5P8u4rWv2E= + +util-deprecate@^1.0.1, util-deprecate@~1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" + integrity sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8= + +verror@^1.10.0: + version "1.10.1" + resolved "https://registry.yarnpkg.com/verror/-/verror-1.10.1.tgz#4bf09eeccf4563b109ed4b3d458380c972b0cdeb" + integrity sha512-veufcmxri4e3XSrT0xwfUR7kguIkaxBeosDg00yDWhk49wdwkSUrvvsm7nc75e1PUyvIeZj6nS8VQRYz2/S4Xg== + dependencies: + assert-plus "^1.0.0" + core-util-is "1.0.2" + extsprintf "^1.2.0" + +webidl-conversions@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-3.0.1.tgz#24534275e2a7bc6be7bc86611cc16ae0a5654871" + integrity sha1-JFNCdeKnvGvnvIZhHMFq4KVlSHE= + +whatwg-url@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-5.0.0.tgz#966454e8765462e37644d3626f6742ce8b70965d" + integrity sha1-lmRU6HZUYuN2RNNib2dCzotwll0= + dependencies: + tr46 "~0.0.3" + webidl-conversions "^3.0.0" + +which@^2.0.1: + version "2.0.2" + resolved "https://registry.yarnpkg.com/which/-/which-2.0.2.tgz#7c6a8dd0a636a0327e10b59c9286eee93f3f51b1" + integrity sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA== + dependencies: + isexe "^2.0.0" + +wide-align@^1.1.0: + version "1.1.5" + resolved "https://registry.yarnpkg.com/wide-align/-/wide-align-1.1.5.tgz#df1d4c206854369ecf3c9a4898f1b23fbd9d15d3" + integrity sha512-eDMORYaPNZ4sQIuuYPDHdQvf4gyCF9rEEV/yPxGfwPkRodwEgiMUUXTx/dex+Me0wxx53S+NgUHaP7y3MGlDmg== + dependencies: + string-width "^1.0.2 || 2 || 3 || 4" + +widest-line@^3.1.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/widest-line/-/widest-line-3.1.0.tgz#8292333bbf66cb45ff0de1603b136b7ae1496eca" + integrity sha512-NsmoXalsWVDMGupxZ5R08ka9flZjjiLvHVAWYOKtiKM8ujtZWr9cRffak+uSE48+Ob8ObalXpwyeUiyDD6QFgg== + dependencies: + string-width "^4.0.0" + +word-wrap@~1.2.3: + version "1.2.3" + resolved "https://registry.yarnpkg.com/word-wrap/-/word-wrap-1.2.3.tgz#610636f6b1f703891bd34771ccb17fb93b47079c" + integrity sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ== + +wrap-ansi@^7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-7.0.0.tgz#67e145cff510a6a6984bdf1152911d69d2eb9e43" + integrity sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q== + dependencies: + ansi-styles "^4.0.0" + string-width "^4.1.0" + strip-ansi "^6.0.0" + +wrappy@1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f" + integrity sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ== + +write-file-atomic@^3.0.0: + version "3.0.3" + resolved "https://registry.yarnpkg.com/write-file-atomic/-/write-file-atomic-3.0.3.tgz#56bd5c5a5c70481cd19c571bd39ab965a5de56e8" + integrity sha512-AvHcyZ5JnSfq3ioSyjrBkH9yW4m7Ayk8/9My/DD9onKeu/94fwrMocemO2QAJFAlnnDN+ZDS+ZjAR5ua1/PV/Q== + dependencies: + imurmurhash "^0.1.4" + is-typedarray "^1.0.0" + signal-exit "^3.0.2" + typedarray-to-buffer "^3.1.5" + +xdg-basedir@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/xdg-basedir/-/xdg-basedir-4.0.0.tgz#4bc8d9984403696225ef83a1573cbbcb4e79db13" + integrity sha512-PSNhEJDejZYV7h50BohL09Er9VaIefr2LMAf3OEmpCkjOi34eYyQYAXUTjEQtZJTKcF0E2UKTh+osDLsgNim9Q== + +xmlbuilder@>=11.0.1: + version "15.1.1" + resolved "https://registry.yarnpkg.com/xmlbuilder/-/xmlbuilder-15.1.1.tgz#9dcdce49eea66d8d10b42cae94a79c3c8d0c2ec5" + integrity sha512-yMqGBqtXyeN1e3TGYvgNgDVZ3j84W4cwkOXQswghol6APgZWaff9lnbvN7MHYJOiXsvGPXtjTYJEiC9J2wv9Eg== + +xmlbuilder@^9.0.7: + version "9.0.7" + resolved "https://registry.yarnpkg.com/xmlbuilder/-/xmlbuilder-9.0.7.tgz#132ee63d2ec5565c557e20f4c22df9aca686b10d" + integrity sha1-Ey7mPS7FVlxVfiD0wi35rKaGsQ0= + +y18n@^5.0.5: + version "5.0.8" + resolved "https://registry.yarnpkg.com/y18n/-/y18n-5.0.8.tgz#7f4934d0f7ca8c56f95314939ddcd2dd91ce1d55" + integrity sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA== + +yallist@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/yallist/-/yallist-4.0.0.tgz#9bb92790d9c0effec63be73519e11a35019a3a72" + integrity sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A== + +yargs-parser@^20.2.2: + version "20.2.9" + resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-20.2.9.tgz#2eb7dc3b0289718fc295f362753845c41a0c94ee" + integrity sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w== + +yargs-parser@^21.0.0: + version "21.0.1" + resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-21.0.1.tgz#0267f286c877a4f0f728fceb6f8a3e4cb95c6e35" + integrity sha512-9BK1jFpLzJROCI5TzwZL/TU4gqjK5xiHV/RfWLOahrjAko/e4DJkRDZQXfvqAsiZzzYhgAzbgz6lg48jcm4GLg== + +yargs@^16.2.0: + version "16.2.0" + resolved "https://registry.yarnpkg.com/yargs/-/yargs-16.2.0.tgz#1c82bf0f6b6a66eafce7ef30e376f49a12477f66" + integrity sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw== + dependencies: + cliui "^7.0.2" + escalade "^3.1.1" + get-caller-file "^2.0.5" + require-directory "^2.1.1" + string-width "^4.2.0" + y18n "^5.0.5" + yargs-parser "^20.2.2" + +yargs@^17.0.1, yargs@^17.3.0: + version "17.3.1" + resolved "https://registry.yarnpkg.com/yargs/-/yargs-17.3.1.tgz#da56b28f32e2fd45aefb402ed9c26f42be4c07b9" + integrity sha512-WUANQeVgjLbNsEmGk20f+nlHgOqzRFpiGWVaBrYGYIGANIIu3lWjoyi0fNlFmJkvfhCZ6BXINe7/W2O2bV4iaA== + dependencies: + cliui "^7.0.2" + escalade "^3.1.1" + get-caller-file "^2.0.5" + require-directory "^2.1.1" + string-width "^4.2.3" + y18n "^5.0.5" + yargs-parser "^21.0.0" + +yauzl@^2.10.0: + version "2.10.0" + resolved "https://registry.yarnpkg.com/yauzl/-/yauzl-2.10.0.tgz#c7eb17c93e112cb1086fa6d8e51fb0667b79a5f9" + integrity sha512-p4a9I6X6nu6IhoGmBqAcbJy1mlC4j27vEPZX9F4L4/vZT3Lyq1VkFHw/V/PUcB9Buo+DG3iHkT0x3Qya58zc3g== + dependencies: + buffer-crc32 "~0.2.3" + fd-slicer "~1.1.0" diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index acc9d28f..5d2b12ab 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -1,3 +1,4 @@ +# nix-build -E 'with import {}; callPackage ./platformio.nix {}' final: prev: { catppuccin.cursors = prev.callPackage ./catppuccin/cursors { }; @@ -6,6 +7,8 @@ final: prev: { v = { glitch-soc = prev.callPackage ./glitch-soc { }; + deemix-gui = prev.callPackage ./deemix-gui { }; + unbound = prev.unbound.override { withSystemd = true; withDoH = true; @@ -16,5 +19,9 @@ final: prev: { dnd-5e-latex-template = prev.callPackage ./dnd-5e-latex-template { }; gitea-agatheme = prev.callPackage ./gitea-agatheme { }; + + vscode-extensions = { + platformio.platformio-ide = prev.callPackage ./vscode-extensions/platformio.nix { }; + }; }; } diff --git a/nixos/pkgs/vscode-extensions/platformio.nix b/nixos/pkgs/vscode-extensions/platformio.nix new file mode 100644 index 00000000..d696d57b --- /dev/null +++ b/nixos/pkgs/vscode-extensions/platformio.nix @@ -0,0 +1,12 @@ +{ vscode-utils, lib }: +let inherit (vscode-utils) buildVscodeMarketplaceExtension; +in buildVscodeMarketplaceExtension { + # TODO: Auto install settings: `"platformio-ide.useBuiltinPIOCore": false` + mktplcRef = { + name = "platformio-ide"; + publisher = "platformio"; + version = "2.5.4"; + sha256 = "sha256-/vBdZ6Mu1KlF+glqp5CNt9WeK1ECqfaivCnK8TisChg="; + }; + # meta = { license = lib.licenses.apache; }; +} -- 2.47.1 From 71ea216d71b1b4604b1204a7fa189830e6215766 Mon Sep 17 00:00:00 2001 From: victor Date: Thu, 6 Oct 2022 16:23:06 +0200 Subject: [PATCH 0489/1882] add deemix-gui --- nixos/hosts/thalassa/null/home/default.nix | 1 + nixos/pkgs/deemix-gui/default.nix | 65 +- nixos/pkgs/deemix-gui/package.json | 84 - nixos/pkgs/deemix-gui/yarn.lock | 2727 -------------------- 4 files changed, 33 insertions(+), 2844 deletions(-) delete mode 100644 nixos/pkgs/deemix-gui/package.json delete mode 100644 nixos/pkgs/deemix-gui/yarn.lock diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 52f0dff1..f1cbd10d 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -53,6 +53,7 @@ in { steam-run tex thunderbird-wayland + v.deemix-gui wf-recorder # Screenrecorder wl-clipboard # Clipboard manager wofi # Wayland rofi diff --git a/nixos/pkgs/deemix-gui/default.nix b/nixos/pkgs/deemix-gui/default.nix index 87ce178d..71661d45 100644 --- a/nixos/pkgs/deemix-gui/default.nix +++ b/nixos/pkgs/deemix-gui/default.nix @@ -1,46 +1,45 @@ -{ pkgs, stdenv, electron_14, mkYarnPackage, fetchFromGitLab, lib }: -let electron = electron_14; -in mkYarnPackage rec { - pname = "deemix-gui"; - version = "0.1.0"; +{ lib, stdenv, fetchurl, appimageTools, makeWrapper, electron, xorg, pipewire }: - src = fetchFromGitLab { - owner = "RemixDev"; - repo = "deemix-gui"; - rev = "06305de9cf65639620eeaee408f1c64cb8610387"; - sha256 = "sha256-498ivYIFUWDamtI38PUEag9ydWpXfhtzgI3rTOcmTJQ="; +stdenv.mkDerivation rec { + pname = "deemix-gui"; + version = "2022-08-20"; + + src = fetchurl { + url = "https://download.deemix.app/gui/linux-x64-latest.AppImage"; + sha256 = "sha256-poEvEIYd5FXRweAGIK5AzPjBWY3p8ertiBPbEV0sv+c="; + name = "${pname}-${version}.AppImage"; }; - packageJSON = ./package.json; - yarnLock = ./yarn.lock; + appimageContents = appimageTools.extractType2 { + name = "${pname}-${version}"; + inherit src; + }; - buildInputs = [ electron ]; + dontUnpack = true; + dontConfigure = true; + dontBuild = true; + + nativeBuildInputs = [ makeWrapper ]; installPhase = '' - ls -al runHook preInstall - mkdir -p $out/{bin,libexec/${pname}} - mv node_modules $out/libexec/${pname}/node_modules - mv deps $out/libexec/${pname}/deps + + mkdir -p $out/bin $out/share/${pname} $out/share/applications + + cp -a ${appimageContents}/{locales,resources} $out/share/${pname} + cp -a ${appimageContents}/usr/share/icons $out/share + runHook postInstall ''; - distPhase = '' - true + postFixup = '' + makeWrapper ${electron}/bin/electron $out/bin/${pname} \ + --add-flags $out/share/${pname}/resources/app.asar \ + --prefix LD_LIBRARY_PATH : "${ + lib.makeLibraryPath [ stdenv.cc.cc xorg.libXtst pipewire ] + }" \ + --add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--ozone-platform-hint=auto --enable-features=WaylandWindowDecorations}}" ''; - # distPhase = '' - # cd $out - # unlink "$out/libexec/${pname}/deps/${pname}/node_modules" - # ln -s "$out/libexec/${pname}/node_modules" "$out/libexec/${pname}/deps/${pname}/desktop/node_modules" - # ls -al - # ls -al libexec - # mkdir -p bin - # cd bin - # echo '#!/bin/sh' > ${pname} - # echo "cd $out/libexec/${pname}/deps/${pname}" >> ${pname} - # echo "${electron}/bin/electron $out/libexec/${pname}/deps/${pname}/desktop" >> ${pname} - # chmod 0755 $out/bin/${pname} - # true - # ''; + meta = with lib; { platforms = [ "x86_64-linux" ]; }; } diff --git a/nixos/pkgs/deemix-gui/package.json b/nixos/pkgs/deemix-gui/package.json deleted file mode 100644 index 7f7198fe..00000000 --- a/nixos/pkgs/deemix-gui/package.json +++ /dev/null @@ -1,84 +0,0 @@ -{ - "name": "deemix-gui", - "version": "0.0.0", - "main": "index.js", - "repository": "https://gitlab.com/RemixDev/deemix-gui.git", - "author": "RemixDev ", - "license": "GPL-3.0-only", - "scripts": { - "install-all": "yarn install && yarn --cwd server install --production && yarn --cwd webui install --production", - "install-all-dev": "yarn install && yarn --cwd server install && yarn --cwd webui install", - "dev": "yarn --cwd webui dev", - "start": "electron . --dev", - "predist": "yarn build-server && yarn build-webui", - "dist": "yarn set-version && electron-builder && yarn reset-version", - "dist:dir": "yarn set-version && yarn predist && electron-builder --dir && yarn reset-version", - "dist-server": "yarn set-version && yarn predist && ./node_modules/.bin/pkg --out-dir dist ./server/package.json && yarn reset-version", - "start-server": "yarn --cwd server start", - "build-server": "yarn --cwd server build", - "build-webui": "yarn --cwd webui build", - "set-version": "node scripts/set-version.js", - "reset-version": "node scripts/reset-version.js" - }, - "devDependencies": { - "electron": "^14.2.0", - "electron-builder": "^22.14.0", - "pkg": "^5.5.0" - }, - "dependencies": { - "electron-context-menu": "^3.1.0", - "electron-window-state-manager": "^0.3.2", - "yargs": "^17.3.0" - }, - "build": { - "appId": "app.deemix.gui", - "productName": "deemix-gui", - "files": [ - "index.js", - "preload.js", - "server/dist/**/*", - "webui/public/**/*", - "build/**/*", - "package.json" - ], - "mac": { - "target": "dmg", - "artifactName": "deemix-gui.${ext}", - "category": "public.app-category.music" - }, - "win": { - "target": [ - { - "target": "nsis", - "arch": "x64" - }, - { - "target": "portable", - "arch": "x64" - } - ] - }, - "linux": { - "target": [ - "appimage", - "deb" - ], - "artifactName": "deemix-gui.${ext}", - "category": "AudioVideo,Audio", - "icon": "build/icon.icns" - }, - "nsis": { - "artifactName": "${productName}_setup.${ext}", - "oneClick": false, - "license": "LICENSE.txt", - "allowToChangeInstallationDirectory": true, - "uninstallDisplayName": "${productName}", - "deleteAppDataOnUninstall": true - }, - "portable": { - "artifactName": "${productName}.${ext}", - "requestExecutionLevel": "user" - } - } - } - \ No newline at end of file diff --git a/nixos/pkgs/deemix-gui/yarn.lock b/nixos/pkgs/deemix-gui/yarn.lock deleted file mode 100644 index d31fa2d4..00000000 --- a/nixos/pkgs/deemix-gui/yarn.lock +++ /dev/null @@ -1,2727 +0,0 @@ -# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. -# yarn lockfile v1 - - -"7zip-bin@~5.1.1": - version "5.1.1" - resolved "https://registry.yarnpkg.com/7zip-bin/-/7zip-bin-5.1.1.tgz#9274ec7460652f9c632c59addf24efb1684ef876" - integrity sha512-sAP4LldeWNz0lNzmTird3uWfFDWWTeg6V/MsmyyLR9X1idwKBWIgt/ZvinqQldJm3LecKEs1emkbquO6PCiLVQ== - -"@babel/helper-validator-identifier@^7.15.7": - version "7.16.7" - resolved "https://registry.yarnpkg.com/@babel/helper-validator-identifier/-/helper-validator-identifier-7.16.7.tgz#e8c602438c4a8195751243da9031d1607d247cad" - integrity sha512-hsEnFemeiW4D08A5gUAZxLBTXpZ39P+a+DGDsHw1yxqyQ/jzFEnxf5uTEGp+3bzAbNOxU1paTgYS4ECU/IgfDw== - -"@babel/parser@7.16.2": - version "7.16.2" - resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.16.2.tgz#3723cd5c8d8773eef96ce57ea1d9b7faaccd12ac" - integrity sha512-RUVpT0G2h6rOZwqLDTrKk7ksNv7YpAilTnYe1/Q+eDjxEceRMKVWbCsX7t8h6C1qCFi/1Y8WZjcEPBAFG27GPw== - -"@babel/types@7.16.0": - version "7.16.0" - resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.16.0.tgz#db3b313804f96aadd0b776c4823e127ad67289ba" - integrity sha512-PJgg/k3SdLsGb3hhisFvtLOw5ts113klrpLuIPtCJIU+BB24fqq6lf8RWqKJEjzqXR9AEH1rIb5XTqwBHB+kQg== - dependencies: - "@babel/helper-validator-identifier" "^7.15.7" - to-fast-properties "^2.0.0" - -"@develar/schema-utils@~2.6.5": - version "2.6.5" - resolved "https://registry.yarnpkg.com/@develar/schema-utils/-/schema-utils-2.6.5.tgz#3ece22c5838402419a6e0425f85742b961d9b6c6" - integrity sha512-0cp4PsWQ/9avqTVMCtZ+GirikIA36ikvjtHweU4/j8yLtgObI0+JUPhYFScgwlteveGB1rt3Cm8UhN04XayDig== - dependencies: - ajv "^6.12.0" - ajv-keywords "^3.4.1" - -"@electron/get@^1.0.1": - version "1.14.1" - resolved "https://registry.yarnpkg.com/@electron/get/-/get-1.14.1.tgz#16ba75f02dffb74c23965e72d617adc721d27f40" - integrity sha512-BrZYyL/6m0ZXz/lDxy/nlVhQz+WF+iPS6qXolEU8atw7h6v1aYkjwJZ63m+bJMBTxDE66X+r2tPS4a/8C82sZw== - dependencies: - debug "^4.1.1" - env-paths "^2.2.0" - fs-extra "^8.1.0" - got "^9.6.0" - progress "^2.0.3" - semver "^6.2.0" - sumchecker "^3.0.1" - optionalDependencies: - global-agent "^3.0.0" - global-tunnel-ng "^2.7.1" - -"@electron/universal@1.0.5": - version "1.0.5" - resolved "https://registry.yarnpkg.com/@electron/universal/-/universal-1.0.5.tgz#b812340e4ef21da2b3ee77b2b4d35c9b86defe37" - integrity sha512-zX9O6+jr2NMyAdSkwEUlyltiI4/EBLu2Ls/VD3pUQdi3cAYeYfdQnT2AJJ38HE4QxLccbU13LSpccw1IWlkyag== - dependencies: - "@malept/cross-spawn-promise" "^1.1.0" - asar "^3.0.3" - debug "^4.3.1" - dir-compare "^2.4.0" - fs-extra "^9.0.1" - -"@malept/cross-spawn-promise@^1.1.0": - version "1.1.1" - resolved "https://registry.yarnpkg.com/@malept/cross-spawn-promise/-/cross-spawn-promise-1.1.1.tgz#504af200af6b98e198bce768bc1730c6936ae01d" - integrity sha512-RTBGWL5FWQcg9orDOCcp4LvItNzUPcyEU9bwaeJX0rJ1IQxzucC48Y0/sQLp/g6t99IQgAlGIaesJS+gTn7tVQ== - dependencies: - cross-spawn "^7.0.1" - -"@malept/flatpak-bundler@^0.4.0": - version "0.4.0" - resolved "https://registry.yarnpkg.com/@malept/flatpak-bundler/-/flatpak-bundler-0.4.0.tgz#e8a32c30a95d20c2b1bb635cc580981a06389858" - integrity sha512-9QOtNffcOF/c1seMCDnjckb3R9WHcG34tky+FHpNKKCW0wc/scYLwMtO+ptyGUfMW0/b/n4qRiALlaFHc9Oj7Q== - dependencies: - debug "^4.1.1" - fs-extra "^9.0.0" - lodash "^4.17.15" - tmp-promise "^3.0.2" - -"@nodelib/fs.scandir@2.1.5": - version "2.1.5" - resolved "https://registry.yarnpkg.com/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz#7619c2eb21b25483f6d167548b4cfd5a7488c3d5" - integrity sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g== - dependencies: - "@nodelib/fs.stat" "2.0.5" - run-parallel "^1.1.9" - -"@nodelib/fs.stat@2.0.5", "@nodelib/fs.stat@^2.0.2": - version "2.0.5" - resolved "https://registry.yarnpkg.com/@nodelib/fs.stat/-/fs.stat-2.0.5.tgz#5bd262af94e9d25bd1e71b05deed44876a222e8b" - integrity sha512-RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A== - -"@nodelib/fs.walk@^1.2.3": - version "1.2.8" - resolved "https://registry.yarnpkg.com/@nodelib/fs.walk/-/fs.walk-1.2.8.tgz#e95737e8bb6746ddedf69c556953494f196fe69a" - integrity sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg== - dependencies: - "@nodelib/fs.scandir" "2.1.5" - fastq "^1.6.0" - -"@sindresorhus/is@^0.14.0": - version "0.14.0" - resolved "https://registry.yarnpkg.com/@sindresorhus/is/-/is-0.14.0.tgz#9fb3a3cf3132328151f353de4632e01e52102bea" - integrity sha512-9NET910DNaIPngYnLLPeg+Ogzqsi9uM4mSboU5y6p8S5DzMTVEsJZrawi+BoDNUVBa2DhJqQYUFvMDfgU062LQ== - -"@szmarczak/http-timer@^1.1.2": - version "1.1.2" - resolved "https://registry.yarnpkg.com/@szmarczak/http-timer/-/http-timer-1.1.2.tgz#b1665e2c461a2cd92f4c1bbf50d5454de0d4b421" - integrity sha512-XIB2XbzHTN6ieIjfIMV9hlVcfPU26s2vafYWQcZHWXHOxiaRZYEDKEwdl129Zyg50+foYV2jCgtrqSA6qNuNSA== - dependencies: - defer-to-connect "^1.0.1" - -"@tootallnate/once@2": - version "2.0.0" - resolved "https://registry.yarnpkg.com/@tootallnate/once/-/once-2.0.0.tgz#f544a148d3ab35801c1f633a7441fd87c2e484bf" - integrity sha512-XCuKFP5PS55gnMVu3dty8KPatLqUoy/ZYzDzAGCQ8JNFCkLXzmI7vNHCR+XpbZaMWQK/vQubr7PkYq8g470J/A== - -"@types/debug@^4.1.6": - version "4.1.7" - resolved "https://registry.yarnpkg.com/@types/debug/-/debug-4.1.7.tgz#7cc0ea761509124709b8b2d1090d8f6c17aadb82" - integrity sha512-9AonUzyTjXXhEOa0DnqpzZi6VHlqKMswga9EXjpXnnqxwLtdvPPtlO8evrI5D9S6asFRCQ6v+wpiUKbw+vKqyg== - dependencies: - "@types/ms" "*" - -"@types/fs-extra@^9.0.11": - version "9.0.13" - resolved "https://registry.yarnpkg.com/@types/fs-extra/-/fs-extra-9.0.13.tgz#7594fbae04fe7f1918ce8b3d213f74ff44ac1f45" - integrity sha512-nEnwB++1u5lVDM2UI4c1+5R+FYaKfaAzS4OococimjVm3nQw3TuzH5UNsocrcTBbhnerblyHj4A49qXbIiZdpA== - dependencies: - "@types/node" "*" - -"@types/glob@^7.1.1": - version "7.2.0" - resolved "https://registry.yarnpkg.com/@types/glob/-/glob-7.2.0.tgz#bc1b5bf3aa92f25bd5dd39f35c57361bdce5b2eb" - integrity sha512-ZUxbzKl0IfJILTS6t7ip5fQQM/J3TJYubDm3nMbgubNNYS62eXeUpoLUC8/7fJNiFYHTrGPQn7hspDUzIHX3UA== - dependencies: - "@types/minimatch" "*" - "@types/node" "*" - -"@types/minimatch@*": - version "3.0.5" - resolved "https://registry.yarnpkg.com/@types/minimatch/-/minimatch-3.0.5.tgz#1001cc5e6a3704b83c236027e77f2f58ea010f40" - integrity sha512-Klz949h02Gz2uZCMGwDUSDS1YBlTdDDgbWHi+81l29tQALUtvz4rAYi5uoVhE5Lagoq6DeqAUlbrHvW/mXDgdQ== - -"@types/ms@*": - version "0.7.31" - resolved "https://registry.yarnpkg.com/@types/ms/-/ms-0.7.31.tgz#31b7ca6407128a3d2bbc27fe2d21b345397f6197" - integrity sha512-iiUgKzV9AuaEkZqkOLDIvlQiL6ltuZd9tGcW3gwpnX8JbuiuhFlEGmmFXEXkN50Cvq7Os88IY2v0dkDqXYWVgA== - -"@types/node@*": - version "17.0.21" - resolved "https://registry.yarnpkg.com/@types/node/-/node-17.0.21.tgz#864b987c0c68d07b4345845c3e63b75edd143644" - integrity sha512-DBZCJbhII3r90XbQxI8Y9IjjiiOGlZ0Hr32omXIZvwwZ7p4DMMXGrKXVyPfuoBOri9XNtL0UK69jYIBIsRX3QQ== - -"@types/node@^14.6.2": - version "14.18.22" - resolved "https://registry.yarnpkg.com/@types/node/-/node-14.18.22.tgz#fd2a15dca290fc9ad565b672fde746191cd0c6e6" - integrity sha512-qzaYbXVzin6EPjghf/hTdIbnVW1ErMx8rPzwRNJhlbyJhu2SyqlvjGOY/tbUt6VFyzg56lROcOeSQRInpt63Yw== - -"@types/plist@^3.0.1": - version "3.0.2" - resolved "https://registry.yarnpkg.com/@types/plist/-/plist-3.0.2.tgz#61b3727bba0f5c462fe333542534a0c3e19ccb01" - integrity sha512-ULqvZNGMv0zRFvqn8/4LSPtnmN4MfhlPNtJCTpKuIIxGVGZ2rYWzFXrvEBoh9CVyqSE7D6YFRJ1hydLHI6kbWw== - dependencies: - "@types/node" "*" - xmlbuilder ">=11.0.1" - -"@types/verror@^1.10.3": - version "1.10.5" - resolved "https://registry.yarnpkg.com/@types/verror/-/verror-1.10.5.tgz#2a1413aded46e67a1fe2386800e291123ed75eb1" - integrity sha512-9UjMCHK5GPgQRoNbqdLIAvAy0EInuiqbW0PBMtVP6B5B2HQJlvoJHM+KodPZMEjOa5VkSc+5LH7xy+cUzQdmHw== - -"@types/yargs-parser@*": - version "20.2.1" - resolved "https://registry.yarnpkg.com/@types/yargs-parser/-/yargs-parser-20.2.1.tgz#3b9ce2489919d9e4fea439b76916abc34b2df129" - integrity sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw== - -"@types/yargs@^17.0.1": - version "17.0.8" - resolved "https://registry.yarnpkg.com/@types/yargs/-/yargs-17.0.8.tgz#d23a3476fd3da8a0ea44b5494ca7fa677b9dad4c" - integrity sha512-wDeUwiUmem9FzsyysEwRukaEdDNcwbROvQ9QGRKaLI6t+IltNzbn4/i4asmB10auvZGQCzSQ6t0GSczEThlUXw== - dependencies: - "@types/yargs-parser" "*" - -agent-base@6: - version "6.0.2" - resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-6.0.2.tgz#49fff58577cfee3f37176feab4c22e00f86d7f77" - integrity sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ== - dependencies: - debug "4" - -ajv-keywords@^3.4.1: - version "3.5.2" - resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-3.5.2.tgz#31f29da5ab6e00d1c2d329acf7b5929614d5014d" - integrity sha512-5p6WTN0DdTGVQk6VjcEju19IgaHudalcfabD7yhDGeA6bcQnmL+CpveLJq/3hvfwd1aof6L386Ougkx6RfyMIQ== - -ajv@^6.10.0, ajv@^6.12.0: - version "6.12.6" - resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.6.tgz#baf5a62e802b07d977034586f8c3baf5adf26df4" - integrity sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g== - dependencies: - fast-deep-equal "^3.1.1" - fast-json-stable-stringify "^2.0.0" - json-schema-traverse "^0.4.1" - uri-js "^4.2.2" - -ansi-align@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/ansi-align/-/ansi-align-3.0.1.tgz#0cdf12e111ace773a86e9a1fad1225c43cb19a59" - integrity sha512-IOfwwBF5iczOjp/WeY4YxyjqAFMQoZufdQWDd19SEExbVLNXqvpzSJ/M7Za4/sCPmQ0+GRquoA7bGcINcxew6w== - dependencies: - string-width "^4.1.0" - -ansi-regex@^2.0.0: - version "2.1.1" - resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-2.1.1.tgz#c3b33ab5ee360d86e0e628f0468ae7ef27d654df" - integrity sha1-w7M6te42DYbg5ijwRorn7yfWVN8= - -ansi-regex@^5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-5.0.1.tgz#082cb2c89c9fe8659a311a53bd6a4dc5301db304" - integrity sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ== - -ansi-styles@^3.2.1: - version "3.2.1" - resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-3.2.1.tgz#41fbb20243e50b12be0f04b8dedbf07520ce841d" - integrity sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA== - dependencies: - color-convert "^1.9.0" - -ansi-styles@^4.0.0, ansi-styles@^4.1.0: - version "4.3.0" - resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-4.3.0.tgz#edd803628ae71c04c85ae7a0906edad34b648937" - integrity sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg== - dependencies: - color-convert "^2.0.1" - -app-builder-bin@3.7.1: - version "3.7.1" - resolved "https://registry.yarnpkg.com/app-builder-bin/-/app-builder-bin-3.7.1.tgz#cb0825c5e12efc85b196ac3ed9c89f076c61040e" - integrity sha512-ql93vEUq6WsstGXD+SBLSIQw6SNnhbDEM0swzgugytMxLp3rT24Ag/jcC80ZHxiPRTdew1niuR7P3/FCrDqIjw== - -app-builder-lib@22.14.13: - version "22.14.13" - resolved "https://registry.yarnpkg.com/app-builder-lib/-/app-builder-lib-22.14.13.tgz#c1f5b6afc86596357598bb90b69eef06c7c2eeb3" - integrity sha512-SufmrtxU+D0Tn948fjEwAOlCN9757UXLkzzTWXMwZKR/5hisvgqeeBepWfphMIE6OkDGz0fbzEhL1P2Pty4XMg== - dependencies: - "7zip-bin" "~5.1.1" - "@develar/schema-utils" "~2.6.5" - "@electron/universal" "1.0.5" - "@malept/flatpak-bundler" "^0.4.0" - async-exit-hook "^2.0.1" - bluebird-lst "^1.0.9" - builder-util "22.14.13" - builder-util-runtime "8.9.2" - chromium-pickle-js "^0.2.0" - debug "^4.3.2" - ejs "^3.1.6" - electron-osx-sign "^0.5.0" - electron-publish "22.14.13" - form-data "^4.0.0" - fs-extra "^10.0.0" - hosted-git-info "^4.0.2" - is-ci "^3.0.0" - isbinaryfile "^4.0.8" - js-yaml "^4.1.0" - lazy-val "^1.0.5" - minimatch "^3.0.4" - read-config-file "6.2.0" - sanitize-filename "^1.6.3" - semver "^7.3.5" - temp-file "^3.4.0" - -app-root-path@^1.3.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/app-root-path/-/app-root-path-1.4.0.tgz#6335d865c9640d0fad99004e5a79232238e92dfa" - integrity sha1-YzXYZclkDQ+tmQBOWnkjIjjpLfo= - -aproba@^1.0.3: - version "1.2.0" - resolved "https://registry.yarnpkg.com/aproba/-/aproba-1.2.0.tgz#6802e6264efd18c790a1b0d517f0f2627bf2c94a" - integrity sha512-Y9J6ZjXtoYh8RnXVCMOU/ttDmk1aBjunq9vO0ta5x85WDQiQfUF9sIPBITdbiiIVcBo03Hi3jMxigBtsddlXRw== - -are-we-there-yet@~1.1.2: - version "1.1.7" - resolved "https://registry.yarnpkg.com/are-we-there-yet/-/are-we-there-yet-1.1.7.tgz#b15474a932adab4ff8a50d9adfa7e4e926f21146" - integrity sha512-nxwy40TuMiUGqMyRHgCSWZ9FM4VAoRP4xUYSTv5ImRog+h9yISPbVH7H8fASCIzYn9wlEv4zvFL7uKDMCFQm3g== - dependencies: - delegates "^1.0.0" - readable-stream "^2.0.6" - -argparse@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/argparse/-/argparse-2.0.1.tgz#246f50f3ca78a3240f6c997e8a9bd1eac49e4b38" - integrity sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q== - -array-union@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/array-union/-/array-union-2.1.0.tgz#b798420adbeb1de828d84acd8a2e23d3efe85e8d" - integrity sha512-HGyxoOTYUyCM6stUe6EJgnd4EoewAI7zMdfqO+kGjnlZmBDz/cR5pf8r/cR4Wq60sL/p0IkcjUEEPwS3GFrIyw== - -asar@^3.0.3: - version "3.1.0" - resolved "https://registry.yarnpkg.com/asar/-/asar-3.1.0.tgz#70b0509449fe3daccc63beb4d3c7d2e24d3c6473" - integrity sha512-vyxPxP5arcAqN4F/ebHd/HhwnAiZtwhglvdmc7BR2f0ywbVNTOpSeyhLDbGXtE/y58hv1oC75TaNIXutnsOZsQ== - dependencies: - chromium-pickle-js "^0.2.0" - commander "^5.0.0" - glob "^7.1.6" - minimatch "^3.0.4" - optionalDependencies: - "@types/glob" "^7.1.1" - -assert-plus@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-1.0.0.tgz#f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525" - integrity sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU= - -astral-regex@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/astral-regex/-/astral-regex-2.0.0.tgz#483143c567aeed4785759c0865786dc77d7d2e31" - integrity sha512-Z7tMw1ytTXt5jqMcOP+OQteU1VuNK9Y02uuJtKQ1Sv69jXQKKg5cibLwGJow8yzZP+eAc18EmLGPal0bp36rvQ== - -async-exit-hook@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/async-exit-hook/-/async-exit-hook-2.0.1.tgz#8bd8b024b0ec9b1c01cccb9af9db29bd717dfaf3" - integrity sha512-NW2cX8m1Q7KPA7a5M2ULQeZ2wR5qI5PAbw5L0UOMxdioVk9PMZ0h1TmyZEkPYrCvYjDlFICusOu1dlEKAAeXBw== - -async@0.9.x: - version "0.9.2" - resolved "https://registry.yarnpkg.com/async/-/async-0.9.2.tgz#aea74d5e61c1f899613bf64bda66d4c78f2fd17d" - integrity sha1-rqdNXmHB+JlhO/ZL2mbUx48v0X0= - -asynckit@^0.4.0: - version "0.4.0" - resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" - integrity sha1-x57Zf380y48robyXkLzDZkdLS3k= - -at-least-node@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/at-least-node/-/at-least-node-1.0.0.tgz#602cd4b46e844ad4effc92a8011a3c46e0238dc2" - integrity sha512-+q/t7Ekv1EDY2l6Gda6LLiX14rU9TV20Wa3ofeQmwPFZbOMo9DXrLbOjFaaclkXKWidIaopwAObQDqwWtGUjqg== - -balanced-match@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.2.tgz#e83e3a7e3f300b34cb9d87f615fa0cbf357690ee" - integrity sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw== - -base64-js@^1.3.1, base64-js@^1.5.1: - version "1.5.1" - resolved "https://registry.yarnpkg.com/base64-js/-/base64-js-1.5.1.tgz#1b1b440160a5bf7ad40b650f095963481903930a" - integrity sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA== - -bl@^4.0.3: - version "4.1.0" - resolved "https://registry.yarnpkg.com/bl/-/bl-4.1.0.tgz#451535264182bec2fbbc83a62ab98cf11d9f7b3a" - integrity sha512-1W07cM9gS6DcLperZfFSj+bWLtaPGSOHWhPiGzXmvVJbRLdG82sH/Kn8EtW1VqWVA54AKf2h5k5BbnIbwF3h6w== - dependencies: - buffer "^5.5.0" - inherits "^2.0.4" - readable-stream "^3.4.0" - -bluebird-lst@^1.0.9: - version "1.0.9" - resolved "https://registry.yarnpkg.com/bluebird-lst/-/bluebird-lst-1.0.9.tgz#a64a0e4365658b9ab5fe875eb9dfb694189bb41c" - integrity sha512-7B1Rtx82hjnSD4PGLAjVWeYH3tHAcVUmChh85a3lltKQm6FresXh9ErQo6oAv6CqxttczC3/kEg8SY5NluPuUw== - dependencies: - bluebird "^3.5.5" - -bluebird@^3.5.0, bluebird@^3.5.5: - version "3.7.2" - resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.7.2.tgz#9f229c15be272454ffa973ace0dbee79a1b0c36f" - integrity sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg== - -boolean@^3.0.1: - version "3.2.0" - resolved "https://registry.yarnpkg.com/boolean/-/boolean-3.2.0.tgz#9e5294af4e98314494cbb17979fa54ca159f116b" - integrity sha512-d0II/GO9uf9lfUHH2BQsjxzRJZBdsjgsBiW4BvhWk/3qoKwQFjIDVN19PfX8F2D/r9PCMTtLWjYVCFrpeYUzsw== - -boxen@^5.0.0: - version "5.1.2" - resolved "https://registry.yarnpkg.com/boxen/-/boxen-5.1.2.tgz#788cb686fc83c1f486dfa8a40c68fc2b831d2b50" - integrity sha512-9gYgQKXx+1nP8mP7CzFyaUARhg7D3n1dF/FnErWmu9l6JvGpNUN278h0aSb+QjoiKSWG+iZ3uHrcqk0qrY9RQQ== - dependencies: - ansi-align "^3.0.0" - camelcase "^6.2.0" - chalk "^4.1.0" - cli-boxes "^2.2.1" - string-width "^4.2.2" - type-fest "^0.20.2" - widest-line "^3.1.0" - wrap-ansi "^7.0.0" - -brace-expansion@^1.1.7: - version "1.1.11" - resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.11.tgz#3c7fcbf529d87226f3d2f52b966ff5271eb441dd" - integrity sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA== - dependencies: - balanced-match "^1.0.0" - concat-map "0.0.1" - -braces@^3.0.1: - version "3.0.2" - resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.2.tgz#3454e1a462ee8d599e236df336cd9ea4f8afe107" - integrity sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A== - dependencies: - fill-range "^7.0.1" - -buffer-alloc-unsafe@^1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/buffer-alloc-unsafe/-/buffer-alloc-unsafe-1.1.0.tgz#bd7dc26ae2972d0eda253be061dba992349c19f0" - integrity sha512-TEM2iMIEQdJ2yjPJoSIsldnleVaAk1oW3DBVUykyOLsEsFmEc9kn+SFFPz+gl54KQNxlDnAwCXosOS9Okx2xAg== - -buffer-alloc@^1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/buffer-alloc/-/buffer-alloc-1.2.0.tgz#890dd90d923a873e08e10e5fd51a57e5b7cce0ec" - integrity sha512-CFsHQgjtW1UChdXgbyJGtnm+O/uLQeZdtbDo8mfUgYXCHSM1wgrVxXm6bSyrUuErEb+4sYVGCzASBRot7zyrow== - dependencies: - buffer-alloc-unsafe "^1.1.0" - buffer-fill "^1.0.0" - -buffer-crc32@~0.2.3: - version "0.2.13" - resolved "https://registry.yarnpkg.com/buffer-crc32/-/buffer-crc32-0.2.13.tgz#0d333e3f00eac50aa1454abd30ef8c2a5d9a7242" - integrity sha512-VO9Ht/+p3SN7SKWqcrgEzjGbRSJYTx+Q1pTQC0wrWqHx0vpJraQ6GtHx8tvcg1rlK1byhU5gccxgOgj7B0TDkQ== - -buffer-equal@1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/buffer-equal/-/buffer-equal-1.0.0.tgz#59616b498304d556abd466966b22eeda3eca5fbe" - integrity sha1-WWFrSYME1Var1GaWayLu2j7KX74= - -buffer-fill@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/buffer-fill/-/buffer-fill-1.0.0.tgz#f8f78b76789888ef39f205cd637f68e702122b2c" - integrity sha1-+PeLdniYiO858gXNY39o5wISKyw= - -buffer-from@^1.0.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/buffer-from/-/buffer-from-1.1.2.tgz#2b146a6fd72e80b4f55d255f35ed59a3a9a41bd5" - integrity sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ== - -buffer@^5.1.0, buffer@^5.5.0: - version "5.7.1" - resolved "https://registry.yarnpkg.com/buffer/-/buffer-5.7.1.tgz#ba62e7c13133053582197160851a8f648e99eed0" - integrity sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ== - dependencies: - base64-js "^1.3.1" - ieee754 "^1.1.13" - -builder-util-runtime@8.9.2: - version "8.9.2" - resolved "https://registry.yarnpkg.com/builder-util-runtime/-/builder-util-runtime-8.9.2.tgz#a9669ae5b5dcabfe411ded26678e7ae997246c28" - integrity sha512-rhuKm5vh7E0aAmT6i8aoSfEjxzdYEFX7zDApK+eNgOhjofnWb74d9SRJv0H/8nsgOkos0TZ4zxW0P8J4N7xQ2A== - dependencies: - debug "^4.3.2" - sax "^1.2.4" - -builder-util@22.14.13: - version "22.14.13" - resolved "https://registry.yarnpkg.com/builder-util/-/builder-util-22.14.13.tgz#41b5b7b4ee53aff4e09cc007fb144522598f3ce6" - integrity sha512-oePC/qrrUuerhmH5iaCJzPRAKlSBylrhzuAJmRQClTyWnZUv6jbaHh+VoHMbEiE661wrj2S2aV7/bQh12cj1OA== - dependencies: - "7zip-bin" "~5.1.1" - "@types/debug" "^4.1.6" - "@types/fs-extra" "^9.0.11" - app-builder-bin "3.7.1" - bluebird-lst "^1.0.9" - builder-util-runtime "8.9.2" - chalk "^4.1.1" - cross-spawn "^7.0.3" - debug "^4.3.2" - fs-extra "^10.0.0" - http-proxy-agent "^5.0.0" - https-proxy-agent "^5.0.0" - is-ci "^3.0.0" - js-yaml "^4.1.0" - source-map-support "^0.5.19" - stat-mode "^1.0.0" - temp-file "^3.4.0" - -cacheable-request@^6.0.0: - version "6.1.0" - resolved "https://registry.yarnpkg.com/cacheable-request/-/cacheable-request-6.1.0.tgz#20ffb8bd162ba4be11e9567d823db651052ca912" - integrity sha512-Oj3cAGPCqOZX7Rz64Uny2GYAZNliQSqfbePrgAQ1wKAihYmCUnraBtJtKcGR4xz7wF+LoJC+ssFZvv5BgF9Igg== - dependencies: - clone-response "^1.0.2" - get-stream "^5.1.0" - http-cache-semantics "^4.0.0" - keyv "^3.0.0" - lowercase-keys "^2.0.0" - normalize-url "^4.1.0" - responselike "^1.0.2" - -camelcase@^6.2.0: - version "6.3.0" - resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-6.3.0.tgz#5685b95eb209ac9c0c177467778c9c84df58ba9a" - integrity sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA== - -chalk@^2.4.2: - version "2.4.2" - resolved "https://registry.yarnpkg.com/chalk/-/chalk-2.4.2.tgz#cd42541677a54333cf541a49108c1432b44c9424" - integrity sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ== - dependencies: - ansi-styles "^3.2.1" - escape-string-regexp "^1.0.5" - supports-color "^5.3.0" - -chalk@^4.1.0, chalk@^4.1.1, chalk@^4.1.2: - version "4.1.2" - resolved "https://registry.yarnpkg.com/chalk/-/chalk-4.1.2.tgz#aac4e2b7734a740867aeb16bf02aad556a1e7a01" - integrity sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA== - dependencies: - ansi-styles "^4.1.0" - supports-color "^7.1.0" - -chownr@^1.1.1: - version "1.1.4" - resolved "https://registry.yarnpkg.com/chownr/-/chownr-1.1.4.tgz#6fc9d7b42d32a583596337666e7d08084da2cc6b" - integrity sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg== - -chromium-pickle-js@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/chromium-pickle-js/-/chromium-pickle-js-0.2.0.tgz#04a106672c18b085ab774d983dfa3ea138f22205" - integrity sha1-BKEGZywYsIWrd02YPfo+oTjyIgU= - -ci-info@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/ci-info/-/ci-info-2.0.0.tgz#67a9e964be31a51e15e5010d58e6f12834002f46" - integrity sha512-5tK7EtrZ0N+OLFMthtqOj4fI2Jeb88C4CAZPu25LDVUgXJ0A3Js4PMGqrn0JU1W0Mh1/Z8wZzYPxqUrXeBboCQ== - -ci-info@^3.2.0: - version "3.3.0" - resolved "https://registry.yarnpkg.com/ci-info/-/ci-info-3.3.0.tgz#b4ed1fb6818dea4803a55c623041f9165d2066b2" - integrity sha512-riT/3vI5YpVH6/qomlDnJow6TBee2PBKSEpx3O32EGPYbWGIRsIlGRms3Sm74wYE1JMo8RnO04Hb12+v1J5ICw== - -cli-boxes@^2.2.1: - version "2.2.1" - resolved "https://registry.yarnpkg.com/cli-boxes/-/cli-boxes-2.2.1.tgz#ddd5035d25094fce220e9cab40a45840a440318f" - integrity sha512-y4coMcylgSCdVinjiDBuR8PCC2bLjyGTwEmPb9NHR/QaNU6EUOXcTY/s6VjGMD6ENSEaeQYHCY0GNGS5jfMwPw== - -cli-truncate@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/cli-truncate/-/cli-truncate-2.1.0.tgz#c39e28bf05edcde5be3b98992a22deed5a2b93c7" - integrity sha512-n8fOixwDD6b/ObinzTrp1ZKFzbgvKZvuz/TvejnLn1aQfC6r52XEx85FmuC+3HI+JM7coBRXUvNqEU2PHVrHpg== - dependencies: - slice-ansi "^3.0.0" - string-width "^4.2.0" - -cliui@^7.0.2: - version "7.0.4" - resolved "https://registry.yarnpkg.com/cliui/-/cliui-7.0.4.tgz#a0265ee655476fc807aea9df3df8df7783808b4f" - integrity sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ== - dependencies: - string-width "^4.2.0" - strip-ansi "^6.0.0" - wrap-ansi "^7.0.0" - -clone-response@^1.0.2: - version "1.0.3" - resolved "https://registry.yarnpkg.com/clone-response/-/clone-response-1.0.3.tgz#af2032aa47816399cf5f0a1d0db902f517abb8c3" - integrity sha512-ROoL94jJH2dUVML2Y/5PEDNaSHgeOdSDicUyS7izcF63G6sTc/FTjLub4b8Il9S8S0beOfYt0TaA5qvFK+w0wA== - dependencies: - mimic-response "^1.0.0" - -code-point-at@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" - integrity sha1-DQcLTQQ6W+ozovGkDi7bPZpMz3c= - -color-convert@^1.9.0: - version "1.9.3" - resolved "https://registry.yarnpkg.com/color-convert/-/color-convert-1.9.3.tgz#bb71850690e1f136567de629d2d5471deda4c1e8" - integrity sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg== - dependencies: - color-name "1.1.3" - -color-convert@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/color-convert/-/color-convert-2.0.1.tgz#72d3a68d598c9bdb3af2ad1e84f21d896abd4de3" - integrity sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ== - dependencies: - color-name "~1.1.4" - -color-name@1.1.3: - version "1.1.3" - resolved "https://registry.yarnpkg.com/color-name/-/color-name-1.1.3.tgz#a7d0558bd89c42f795dd42328f740831ca53bc25" - integrity sha1-p9BVi9icQveV3UIyj3QIMcpTvCU= - -color-name@~1.1.4: - version "1.1.4" - resolved "https://registry.yarnpkg.com/color-name/-/color-name-1.1.4.tgz#c2a09a87acbde69543de6f63fa3995c826c536a2" - integrity sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA== - -colors@1.0.3: - version "1.0.3" - resolved "https://registry.yarnpkg.com/colors/-/colors-1.0.3.tgz#0433f44d809680fdeb60ed260f1b0c262e82a40b" - integrity sha1-BDP0TYCWgP3rYO0mDxsMJi6CpAs= - -combined-stream@^1.0.8: - version "1.0.8" - resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.8.tgz#c3d45a8b34fd730631a110a8a2520682b31d5a7f" - integrity sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg== - dependencies: - delayed-stream "~1.0.0" - -commander@2.9.0: - version "2.9.0" - resolved "https://registry.yarnpkg.com/commander/-/commander-2.9.0.tgz#9c99094176e12240cb22d6c5146098400fe0f7d4" - integrity sha1-nJkJQXbhIkDLItbFFGCYQA/g99Q= - dependencies: - graceful-readlink ">= 1.0.0" - -commander@^5.0.0: - version "5.1.0" - resolved "https://registry.yarnpkg.com/commander/-/commander-5.1.0.tgz#46abbd1652f8e059bddaef99bbdcb2ad9cf179ae" - integrity sha512-P0CysNDQ7rtVw4QIQtm+MRxV66vKFSvlsQvGYXZWR3qFU0jlMKHZZZgw8e+8DSah4UDKMqnknRDQz+xuQXQ/Zg== - -compare-version@^0.1.2: - version "0.1.2" - resolved "https://registry.yarnpkg.com/compare-version/-/compare-version-0.1.2.tgz#0162ec2d9351f5ddd59a9202cba935366a725080" - integrity sha1-AWLsLZNR9d3VmpICy6k1NmpyUIA= - -concat-map@0.0.1: - version "0.0.1" - resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b" - integrity sha1-2Klr13/Wjfd5OnMDajug1UBdR3s= - -concat-stream@^1.6.2: - version "1.6.2" - resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.6.2.tgz#904bdf194cd3122fc675c77fc4ac3d4ff0fd1a34" - integrity sha512-27HBghJxjiZtIk3Ycvn/4kbJk/1uZuJFfuPEns6LaEvpvG1f0hTea8lilrouyo9mVc2GWdcEZ8OLoGmSADlrCw== - dependencies: - buffer-from "^1.0.0" - inherits "^2.0.3" - readable-stream "^2.2.2" - typedarray "^0.0.6" - -config-chain@^1.1.11: - version "1.1.13" - resolved "https://registry.yarnpkg.com/config-chain/-/config-chain-1.1.13.tgz#fad0795aa6a6cdaff9ed1b68e9dff94372c232f4" - integrity sha512-qj+f8APARXHrM0hraqXYb2/bOVSV4PvJQlNZ/DVj0QrmNM2q2euizkeuVckQ57J+W0mRH6Hvi+k50M4Jul2VRQ== - dependencies: - ini "^1.3.4" - proto-list "~1.2.1" - -configstore@^5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/configstore/-/configstore-5.0.1.tgz#d365021b5df4b98cdd187d6a3b0e3f6a7cc5ed96" - integrity sha512-aMKprgk5YhBNyH25hj8wGt2+D52Sw1DRRIzqBwLp2Ya9mFmY8KPvvtvmna8SxVR9JMZ4kzMD68N22vlaRpkeFA== - dependencies: - dot-prop "^5.2.0" - graceful-fs "^4.1.2" - make-dir "^3.0.0" - unique-string "^2.0.0" - write-file-atomic "^3.0.0" - xdg-basedir "^4.0.0" - -console-control-strings@^1.0.0, console-control-strings@~1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/console-control-strings/-/console-control-strings-1.1.0.tgz#3d7cf4464db6446ea644bf4b39507f9851008e8e" - integrity sha1-PXz0Rk22RG6mRL9LOVB/mFEAjo4= - -core-util-is@1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7" - integrity sha1-tf1UIgqivFq1eqtxQMlAdUUDwac= - -core-util-is@~1.0.0: - version "1.0.3" - resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.3.tgz#a6042d3634c2b27e9328f837b965fac83808db85" - integrity sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ== - -crc@^3.8.0: - version "3.8.0" - resolved "https://registry.yarnpkg.com/crc/-/crc-3.8.0.tgz#ad60269c2c856f8c299e2c4cc0de4556914056c6" - integrity sha512-iX3mfgcTMIq3ZKLIsVFAbv7+Mc10kxabAGQb8HvjA1o3T1PIYprbakQ65d3I+2HGHt6nSKkM9PYjgoJO2KcFBQ== - dependencies: - buffer "^5.1.0" - -cross-spawn@^7.0.1, cross-spawn@^7.0.3: - version "7.0.3" - resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.3.tgz#f73a85b9d5d41d045551c177e2882d4ac85728a6" - integrity sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w== - dependencies: - path-key "^3.1.0" - shebang-command "^2.0.0" - which "^2.0.1" - -crypto-random-string@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/crypto-random-string/-/crypto-random-string-2.0.0.tgz#ef2a7a966ec11083388369baa02ebead229b30d5" - integrity sha512-v1plID3y9r/lPhviJ1wrXpLeyUIGAZ2SHNYTEapm7/8A9nLPoyvVp3RK/EPFqn5kEznyWgYZNsRtYYIWbuG8KA== - -debug@4, debug@^4.3.1, debug@^4.3.2: - version "4.3.3" - resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.3.tgz#04266e0b70a98d4462e6e288e38259213332b664" - integrity sha512-/zxw5+vh1Tfv+4Qn7a5nsbcJKPaSvCDhojn6FEl9vupwK2VCSDtEiEtqr8DFtzYFOdz63LBkxec7DYuc2jon6Q== - dependencies: - ms "2.1.2" - -debug@^2.6.8, debug@^2.6.9: - version "2.6.9" - resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.9.tgz#5d128515df134ff327e90a4c93f4e077a536341f" - integrity sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA== - dependencies: - ms "2.0.0" - -debug@^4.1.0, debug@^4.1.1: - version "4.3.4" - resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.4.tgz#1319f6579357f2338d3337d2cdd4914bb5dcc865" - integrity sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ== - dependencies: - ms "2.1.2" - -decompress-response@^3.3.0: - version "3.3.0" - resolved "https://registry.yarnpkg.com/decompress-response/-/decompress-response-3.3.0.tgz#80a4dd323748384bfa248083622aedec982adff3" - integrity sha512-BzRPQuY1ip+qDonAOz42gRm/pg9F768C+npV/4JOsxRC2sq+Rlk+Q4ZCAsOhnIaMrgarILY+RMUIvMmmX1qAEA== - dependencies: - mimic-response "^1.0.0" - -decompress-response@^4.2.0: - version "4.2.1" - resolved "https://registry.yarnpkg.com/decompress-response/-/decompress-response-4.2.1.tgz#414023cc7a302da25ce2ec82d0d5238ccafd8986" - integrity sha512-jOSne2qbyE+/r8G1VU+G/82LBs2Fs4LAsTiLSHOCOMZQl2OKZ6i8i4IyHemTe+/yIXOtTcRQMzPcgyhoFlqPkw== - dependencies: - mimic-response "^2.0.0" - -deep-extend@^0.6.0: - version "0.6.0" - resolved "https://registry.yarnpkg.com/deep-extend/-/deep-extend-0.6.0.tgz#c4fa7c95404a17a9c3e8ca7e1537312b736330ac" - integrity sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA== - -deep-is@~0.1.3: - version "0.1.4" - resolved "https://registry.yarnpkg.com/deep-is/-/deep-is-0.1.4.tgz#a6f2dce612fadd2ef1f519b73551f17e85199831" - integrity sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ== - -defer-to-connect@^1.0.1: - version "1.1.3" - resolved "https://registry.yarnpkg.com/defer-to-connect/-/defer-to-connect-1.1.3.tgz#331ae050c08dcf789f8c83a7b81f0ed94f4ac591" - integrity sha512-0ISdNousHvZT2EiFlZeZAHBUvSxmKswVCEf8hW7KWgG4a8MVEu/3Vb6uWYozkjylyCxe0JBIiRB1jV45S70WVQ== - -define-properties@^1.1.3: - version "1.1.4" - resolved "https://registry.yarnpkg.com/define-properties/-/define-properties-1.1.4.tgz#0b14d7bd7fbeb2f3572c3a7eda80ea5d57fb05b1" - integrity sha512-uckOqKcfaVvtBdsVkdPv3XjveQJsNQqmhXgRi8uhvWWuPYZCNlzT8qAyblUgNoXdHdjMTzAqeGjAoli8f+bzPA== - dependencies: - has-property-descriptors "^1.0.0" - object-keys "^1.1.1" - -delayed-stream@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/delayed-stream/-/delayed-stream-1.0.0.tgz#df3ae199acadfb7d440aaae0b29e2272b24ec619" - integrity sha1-3zrhmayt+31ECqrgsp4icrJOxhk= - -delegates@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a" - integrity sha1-hMbhWbgZBP3KWaDvRM2HDTElD5o= - -detect-libc@^1.0.3: - version "1.0.3" - resolved "https://registry.yarnpkg.com/detect-libc/-/detect-libc-1.0.3.tgz#fa137c4bd698edf55cd5cd02ac559f91a4c4ba9b" - integrity sha1-+hN8S9aY7fVc1c0CrFWfkaTEups= - -detect-node@^2.0.4: - version "2.1.0" - resolved "https://registry.yarnpkg.com/detect-node/-/detect-node-2.1.0.tgz#c9c70775a49c3d03bc2c06d9a73be550f978f8b1" - integrity sha512-T0NIuQpnTvFDATNuHN5roPwSBG83rFsuO+MXXH9/3N1eFbn4wcPjttvjMLEPWJ0RGUYgQE7cGgS3tNxbqCGM7g== - -dir-compare@^2.4.0: - version "2.4.0" - resolved "https://registry.yarnpkg.com/dir-compare/-/dir-compare-2.4.0.tgz#785c41dc5f645b34343a4eafc50b79bac7f11631" - integrity sha512-l9hmu8x/rjVC9Z2zmGzkhOEowZvW7pmYws5CWHutg8u1JgvsKWMx7Q/UODeu4djLZ4FgW5besw5yvMQnBHzuCA== - dependencies: - buffer-equal "1.0.0" - colors "1.0.3" - commander "2.9.0" - minimatch "3.0.4" - -dir-glob@^3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/dir-glob/-/dir-glob-3.0.1.tgz#56dbf73d992a4a93ba1584f4534063fd2e41717f" - integrity sha512-WkrWp9GR4KXfKGYzOLmTuGVi1UWFfws377n9cc55/tb6DuqyF6pcQ5AbiHEshaDpY9v6oaSr2XCDidGmMwdzIA== - dependencies: - path-type "^4.0.0" - -dmg-builder@22.14.13: - version "22.14.13" - resolved "https://registry.yarnpkg.com/dmg-builder/-/dmg-builder-22.14.13.tgz#cc613f3c18e889b8777d525991fd52f50a564f8c" - integrity sha512-xNOugB6AbIRETeU2uID15sUfjdZZcKdxK8xkFnwIggsM00PJ12JxpLNPTjcRoUnfwj3WrPjilrO64vRMwNItQg== - dependencies: - app-builder-lib "22.14.13" - builder-util "22.14.13" - builder-util-runtime "8.9.2" - fs-extra "^10.0.0" - iconv-lite "^0.6.2" - js-yaml "^4.1.0" - optionalDependencies: - dmg-license "^1.0.9" - -dmg-license@^1.0.9: - version "1.0.11" - resolved "https://registry.yarnpkg.com/dmg-license/-/dmg-license-1.0.11.tgz#7b3bc3745d1b52be7506b4ee80cb61df6e4cd79a" - integrity sha512-ZdzmqwKmECOWJpqefloC5OJy1+WZBBse5+MR88z9g9Zn4VY+WYUkAyojmhzJckH5YbbZGcYIuGAkY5/Ys5OM2Q== - dependencies: - "@types/plist" "^3.0.1" - "@types/verror" "^1.10.3" - ajv "^6.10.0" - crc "^3.8.0" - iconv-corefoundation "^1.1.7" - plist "^3.0.4" - smart-buffer "^4.0.2" - verror "^1.10.0" - -dot-prop@^5.2.0: - version "5.3.0" - resolved "https://registry.yarnpkg.com/dot-prop/-/dot-prop-5.3.0.tgz#90ccce708cd9cd82cc4dc8c3ddd9abdd55b20e88" - integrity sha512-QM8q3zDe58hqUqjraQOmzZ1LIH9SWQJTlEKCH4kJ2oQvLZk7RbQXvtDM2XEq3fwkV9CCvvH4LA0AV+ogFsBM2Q== - dependencies: - is-obj "^2.0.0" - -dotenv-expand@^5.1.0: - version "5.1.0" - resolved "https://registry.yarnpkg.com/dotenv-expand/-/dotenv-expand-5.1.0.tgz#3fbaf020bfd794884072ea26b1e9791d45a629f0" - integrity sha512-YXQl1DSa4/PQyRfgrv6aoNjhasp/p4qs9FjJ4q4cQk+8m4r6k4ZSiEyytKG8f8W9gi8WsQtIObNmKd+tMzNTmA== - -dotenv@^9.0.2: - version "9.0.2" - resolved "https://registry.yarnpkg.com/dotenv/-/dotenv-9.0.2.tgz#dacc20160935a37dea6364aa1bef819fb9b6ab05" - integrity sha512-I9OvvrHp4pIARv4+x9iuewrWycX6CcZtoAu1XrzPxc5UygMJXJZYmBsynku8IkrJwgypE5DGNjDPmPRhDCptUg== - -duplexer3@^0.1.4: - version "0.1.5" - resolved "https://registry.yarnpkg.com/duplexer3/-/duplexer3-0.1.5.tgz#0b5e4d7bad5de8901ea4440624c8e1d20099217e" - integrity sha512-1A8za6ws41LQgv9HrE/66jyC5yuSjQ3L/KOpFtoBilsAK2iA2wuS5rTt1OCzIvtS2V7nVmedsUU+DGRcjBmOYA== - -ejs@^3.1.6: - version "3.1.6" - resolved "https://registry.yarnpkg.com/ejs/-/ejs-3.1.6.tgz#5bfd0a0689743bb5268b3550cceeebbc1702822a" - integrity sha512-9lt9Zse4hPucPkoP7FHDF0LQAlGyF9JVpnClFLFH3aSSbxmyoqINRpp/9wePWJTUl4KOQwRL72Iw3InHPDkoGw== - dependencies: - jake "^10.6.1" - -electron-builder@^22.14.0: - version "22.14.13" - resolved "https://registry.yarnpkg.com/electron-builder/-/electron-builder-22.14.13.tgz#fd40564685cf5422a8f8d667940af3d3776f4fb8" - integrity sha512-3fgLxqF2TXVKiUPeg74O4V3l0l3j7ERLazo8sUbRkApw0+4iVAf2BJkHsHMaXiigsgCoEzK/F4/rB5rne/VAnw== - dependencies: - "@types/yargs" "^17.0.1" - app-builder-lib "22.14.13" - builder-util "22.14.13" - builder-util-runtime "8.9.2" - chalk "^4.1.1" - dmg-builder "22.14.13" - fs-extra "^10.0.0" - is-ci "^3.0.0" - lazy-val "^1.0.5" - read-config-file "6.2.0" - update-notifier "^5.1.0" - yargs "^17.0.1" - -electron-context-menu@^3.1.0: - version "3.1.2" - resolved "https://registry.yarnpkg.com/electron-context-menu/-/electron-context-menu-3.1.2.tgz#0f550e47df39cb25c03e0f4bf840ce5c9fefcdd5" - integrity sha512-nNzu4w14n7mOR+4cLjRC9cEFqGUsAY76seOm0sw3f4OxEfX/d75m7HYekyp5b+0m7Ixy2KN/Mrljw1zLmpyV2w== - dependencies: - cli-truncate "^2.1.0" - electron-dl "^3.2.1" - electron-is-dev "^2.0.0" - -electron-dl@^3.2.1: - version "3.3.0" - resolved "https://registry.yarnpkg.com/electron-dl/-/electron-dl-3.3.0.tgz#4e422e276c627373ba61fcf3f92ffa088988db1a" - integrity sha512-Zwaz/OMGPIfBLV2SQH4sTsdDOs/U4y5AOHfremMBXEpjIxX+SiTx845DZAvJJwgb5hfowyWOBLiJhd/emBNLLQ== - dependencies: - ext-name "^5.0.0" - pupa "^2.0.1" - unused-filename "^2.1.0" - -electron-is-dev@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/electron-is-dev/-/electron-is-dev-2.0.0.tgz#833487a069b8dad21425c67a19847d9064ab19bd" - integrity sha512-3X99K852Yoqu9AcW50qz3ibYBWY79/pBhlMCab8ToEWS48R0T9tyxRiQhwylE7zQdXrMnx2JKqUJyMPmt5FBqA== - -electron-osx-sign@^0.5.0: - version "0.5.0" - resolved "https://registry.yarnpkg.com/electron-osx-sign/-/electron-osx-sign-0.5.0.tgz#fc258c5e896859904bbe3d01da06902c04b51c3a" - integrity sha512-icoRLHzFz/qxzDh/N4Pi2z4yVHurlsCAYQvsCSG7fCedJ4UJXBS6PoQyGH71IfcqKupcKeK7HX/NkyfG+v6vlQ== - dependencies: - bluebird "^3.5.0" - compare-version "^0.1.2" - debug "^2.6.8" - isbinaryfile "^3.0.2" - minimist "^1.2.0" - plist "^3.0.1" - -electron-publish@22.14.13: - version "22.14.13" - resolved "https://registry.yarnpkg.com/electron-publish/-/electron-publish-22.14.13.tgz#8b71e6975af8cc6ac5b21f293ade23f8704047c7" - integrity sha512-0oP3QiNj3e8ewOaEpEJV/o6Zrmy2VarVvZ/bH7kyO/S/aJf9x8vQsKVWpsdmSiZ5DJEHgarFIXrnO0ZQf0P9iQ== - dependencies: - "@types/fs-extra" "^9.0.11" - builder-util "22.14.13" - builder-util-runtime "8.9.2" - chalk "^4.1.1" - fs-extra "^10.0.0" - lazy-val "^1.0.5" - mime "^2.5.2" - -electron-window-state-manager@^0.3.2: - version "0.3.2" - resolved "https://registry.yarnpkg.com/electron-window-state-manager/-/electron-window-state-manager-0.3.2.tgz#a552ea35470297c999c744d81abb2a8c8a51770e" - integrity sha1-pVLqNUcCl8mZx0TYGrsqjIpRdw4= - dependencies: - app-root-path "^1.3.0" - fs-jetpack "^0.9.2" - -electron@^14.2.0: - version "14.2.9" - resolved "https://registry.yarnpkg.com/electron/-/electron-14.2.9.tgz#9e1e95643ec3847592a186e8115d1ddb2e4921ee" - integrity sha512-7LdJFmqVzO9NLKO0hwOwPA6Kv4GSybGMcej8f2q7fVT4O8mIfL9oo/v4axVjVWm0+58ROQtHv8hYnnAs3ygG0Q== - dependencies: - "@electron/get" "^1.0.1" - "@types/node" "^14.6.2" - extract-zip "^1.0.3" - -emoji-regex@^8.0.0: - version "8.0.0" - resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-8.0.0.tgz#e818fd69ce5ccfcb404594f842963bf53164cc37" - integrity sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A== - -encodeurl@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.2.tgz#ad3ff4c86ec2d029322f5a02c3a9a606c95b3f59" - integrity sha512-TPJXq8JqFaVYm2CWmPvnP2Iyo4ZSM7/QKcSmuMLDObfpH5fi7RUGmd/rTDf+rut/saiDiQEeVTNgAmJEdAOx0w== - -end-of-stream@^1.1.0, end-of-stream@^1.4.1: - version "1.4.4" - resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.4.4.tgz#5ae64a5f45057baf3626ec14da0ca5e4b2431eb0" - integrity sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q== - dependencies: - once "^1.4.0" - -env-paths@^2.2.0: - version "2.2.1" - resolved "https://registry.yarnpkg.com/env-paths/-/env-paths-2.2.1.tgz#420399d416ce1fbe9bc0a07c62fa68d67fd0f8f2" - integrity sha512-+h1lkLKhZMTYjog1VEpJNG7NZJWcuc2DDk/qsqSTRRCOXiLjeQ1d1/udrUGhqMxUgAlwKNZ0cf2uqan5GLuS2A== - -es6-error@^4.1.1: - version "4.1.1" - resolved "https://registry.yarnpkg.com/es6-error/-/es6-error-4.1.1.tgz#9e3af407459deed47e9a91f9b885a84eb05c561d" - integrity sha512-Um/+FxMr9CISWh0bi5Zv0iOD+4cFh5qLeks1qhAopKVAJw3drgKbKySikp7wGhDL0HPeaja0P5ULZrxLkniUVg== - -escalade@^3.1.1: - version "3.1.1" - resolved "https://registry.yarnpkg.com/escalade/-/escalade-3.1.1.tgz#d8cfdc7000965c5a0174b4a82eaa5c0552742e40" - integrity sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw== - -escape-goat@^2.0.0: - version "2.1.1" - resolved "https://registry.yarnpkg.com/escape-goat/-/escape-goat-2.1.1.tgz#1b2dc77003676c457ec760b2dc68edb648188675" - integrity sha512-8/uIhbG12Csjy2JEW7D9pHbreaVaS/OpN3ycnyvElTdwM5n6GY6W6e2IPemfvGZeUMqZ9A/3GqIZMgKnBhAw/Q== - -escape-string-regexp@^1.0.5: - version "1.0.5" - resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz#1b61c0562190a8dff6ae3bb2cf0200ca130b86d4" - integrity sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ= - -escape-string-regexp@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz#14ba83a5d373e3d311e5afca29cf5bfad965bf34" - integrity sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA== - -escodegen@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/escodegen/-/escodegen-2.0.0.tgz#5e32b12833e8aa8fa35e1bf0befa89380484c7dd" - integrity sha512-mmHKys/C8BFUGI+MAWNcSYoORYLMdPzjrknd2Vc+bUsjN5bXcr8EhrNB+UTqfL1y3I9c4fw2ihgtMPQLBRiQxw== - dependencies: - esprima "^4.0.1" - estraverse "^5.2.0" - esutils "^2.0.2" - optionator "^0.8.1" - optionalDependencies: - source-map "~0.6.1" - -esprima@^4.0.1: - version "4.0.1" - resolved "https://registry.yarnpkg.com/esprima/-/esprima-4.0.1.tgz#13b04cdb3e6c5d19df91ab6987a8695619b0aa71" - integrity sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A== - -estraverse@^5.2.0: - version "5.3.0" - resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-5.3.0.tgz#2eea5290702f26ab8fe5370370ff86c965d21123" - integrity sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA== - -esutils@^2.0.2: - version "2.0.3" - resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.3.tgz#74d2eb4de0b8da1293711910d50775b9b710ef64" - integrity sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g== - -expand-template@^2.0.3: - version "2.0.3" - resolved "https://registry.yarnpkg.com/expand-template/-/expand-template-2.0.3.tgz#6e14b3fcee0f3a6340ecb57d2e8918692052a47c" - integrity sha512-XYfuKMvj4O35f/pOXLObndIRvyQ+/+6AhODh+OKWj9S9498pHHn/IMszH+gt0fBCRWMNfk1ZSp5x3AifmnI2vg== - -ext-list@^2.0.0: - version "2.2.2" - resolved "https://registry.yarnpkg.com/ext-list/-/ext-list-2.2.2.tgz#0b98e64ed82f5acf0f2931babf69212ef52ddd37" - integrity sha512-u+SQgsubraE6zItfVA0tBuCBhfU9ogSRnsvygI7wht9TS510oLkBRXBsqopeUG/GBOIQyKZO9wjTqIu/sf5zFA== - dependencies: - mime-db "^1.28.0" - -ext-name@^5.0.0: - version "5.0.0" - resolved "https://registry.yarnpkg.com/ext-name/-/ext-name-5.0.0.tgz#70781981d183ee15d13993c8822045c506c8f0a6" - integrity sha512-yblEwXAbGv1VQDmow7s38W77hzAgJAO50ztBLMcUyUBfxv1HC+LGwtiEN+Co6LtlqT/5uwVOxsD4TNIilWhwdQ== - dependencies: - ext-list "^2.0.0" - sort-keys-length "^1.0.0" - -extract-zip@^1.0.3: - version "1.7.0" - resolved "https://registry.yarnpkg.com/extract-zip/-/extract-zip-1.7.0.tgz#556cc3ae9df7f452c493a0cfb51cc30277940927" - integrity sha512-xoh5G1W/PB0/27lXgMQyIhP5DSY/LhoCsOyZgb+6iMmRtCwVBo55uKaMoEYrDCKQhWvqEip5ZPKAc6eFNyf/MA== - dependencies: - concat-stream "^1.6.2" - debug "^2.6.9" - mkdirp "^0.5.4" - yauzl "^2.10.0" - -extsprintf@^1.2.0: - version "1.4.1" - resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.4.1.tgz#8d172c064867f235c0c84a596806d279bf4bcc07" - integrity sha512-Wrk35e8ydCKDj/ArClo1VrPVmN8zph5V4AtHwIuHhvMXsKf73UT3BOD+azBIW+3wOJ4FhEH7zyaJCFvChjYvMA== - -fast-deep-equal@^3.1.1: - version "3.1.3" - resolved "https://registry.yarnpkg.com/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz#3a7d56b559d6cbc3eb512325244e619a65c6c525" - integrity sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q== - -fast-glob@^3.2.9: - version "3.2.11" - resolved "https://registry.yarnpkg.com/fast-glob/-/fast-glob-3.2.11.tgz#a1172ad95ceb8a16e20caa5c5e56480e5129c1d9" - integrity sha512-xrO3+1bxSo3ZVHAnqzyuewYT6aMFHRAd4Kcs92MAonjwQZLsK9d0SF1IyQ3k5PoirxTW0Oe/RqFgMQ6TcNE5Ew== - dependencies: - "@nodelib/fs.stat" "^2.0.2" - "@nodelib/fs.walk" "^1.2.3" - glob-parent "^5.1.2" - merge2 "^1.3.0" - micromatch "^4.0.4" - -fast-json-stable-stringify@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz#874bf69c6f404c2b5d99c481341399fd55892633" - integrity sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw== - -fast-levenshtein@~2.0.6: - version "2.0.6" - resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz#3d8a5c66883a16a30ca8643e851f19baa7797917" - integrity sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc= - -fastq@^1.6.0: - version "1.13.0" - resolved "https://registry.yarnpkg.com/fastq/-/fastq-1.13.0.tgz#616760f88a7526bdfc596b7cab8c18938c36b98c" - integrity sha512-YpkpUnK8od0o1hmeSc7UUs/eB/vIPWJYjKck2QKIzAf71Vm1AAQ3EbuZB3g2JIy+pg+ERD0vqI79KyZiB2e2Nw== - dependencies: - reusify "^1.0.4" - -fd-slicer@~1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/fd-slicer/-/fd-slicer-1.1.0.tgz#25c7c89cb1f9077f8891bbe61d8f390eae256f1e" - integrity sha512-cE1qsB/VwyQozZ+q1dGxR8LBYNZeofhEdUNGSMbQD3Gw2lAzX9Zb3uIU6Ebc/Fmyjo9AWWfnn0AUCHqtevs/8g== - dependencies: - pend "~1.2.0" - -filelist@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/filelist/-/filelist-1.0.2.tgz#80202f21462d4d1c2e214119b1807c1bc0380e5b" - integrity sha512-z7O0IS8Plc39rTCq6i6iHxk43duYOn8uFJiWSewIq0Bww1RNybVHSCjahmcC87ZqAm4OTvFzlzeGu3XAzG1ctQ== - dependencies: - minimatch "^3.0.4" - -fill-range@^7.0.1: - version "7.0.1" - resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-7.0.1.tgz#1919a6a7c75fe38b2c7c77e5198535da9acdda40" - integrity sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ== - dependencies: - to-regex-range "^5.0.1" - -form-data@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/form-data/-/form-data-4.0.0.tgz#93919daeaf361ee529584b9b31664dc12c9fa452" - integrity sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww== - dependencies: - asynckit "^0.4.0" - combined-stream "^1.0.8" - mime-types "^2.1.12" - -from2@^2.3.0: - version "2.3.0" - resolved "https://registry.yarnpkg.com/from2/-/from2-2.3.0.tgz#8bfb5502bde4a4d36cfdeea007fcca21d7e382af" - integrity sha1-i/tVAr3kpNNs/e6gB/zKIdfjgq8= - dependencies: - inherits "^2.0.1" - readable-stream "^2.0.0" - -fs-constants@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/fs-constants/-/fs-constants-1.0.0.tgz#6be0de9be998ce16af8afc24497b9ee9b7ccd9ad" - integrity sha512-y6OAwoSIf7FyjMIv94u+b5rdheZEjzR63GTyZJm5qh4Bi+2YgwLCcI/fPFZkL5PSixOt6ZNKm+w+Hfp/Bciwow== - -fs-extra@^10.0.0: - version "10.0.1" - resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-10.0.1.tgz#27de43b4320e833f6867cc044bfce29fdf0ef3b8" - integrity sha512-NbdoVMZso2Lsrn/QwLXOy6rm0ufY2zEOKCDzJR/0kBsb0E6qed0P3iYK+Ath3BfvXEeu4JhEtXLgILx5psUfag== - dependencies: - graceful-fs "^4.2.0" - jsonfile "^6.0.1" - universalify "^2.0.0" - -fs-extra@^8.1.0: - version "8.1.0" - resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-8.1.0.tgz#49d43c45a88cd9677668cb7be1b46efdb8d2e1c0" - integrity sha512-yhlQgA6mnOJUKOsRUFsgJdQCvkKhcz8tlZG5HBQfReYZy46OwLcY+Zia0mtdHsOo9y/hP+CxMN0TU9QxoOtG4g== - dependencies: - graceful-fs "^4.2.0" - jsonfile "^4.0.0" - universalify "^0.1.0" - -fs-extra@^9.0.0, fs-extra@^9.0.1, fs-extra@^9.1.0: - version "9.1.0" - resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-9.1.0.tgz#5954460c764a8da2094ba3554bf839e6b9a7c86d" - integrity sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ== - dependencies: - at-least-node "^1.0.0" - graceful-fs "^4.2.0" - jsonfile "^6.0.1" - universalify "^2.0.0" - -fs-jetpack@^0.9.2: - version "0.9.2" - resolved "https://registry.yarnpkg.com/fs-jetpack/-/fs-jetpack-0.9.2.tgz#93b414dbd07801863d64c81a76adc03d850c9b56" - integrity sha1-k7QU29B4AYY9ZMgadq3APYUMm1Y= - dependencies: - minimatch "^3.0.2" - mkdirp "^0.5.1" - q "^1.0.1" - rimraf "^2.2.8" - -fs.realpath@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f" - integrity sha1-FQStJSMVjKpA20onh8sBQRmU6k8= - -function-bind@^1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.1.tgz#a56899d3ea3c9bab874bb9773b7c5ede92f4895d" - integrity sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A== - -gauge@~2.7.3: - version "2.7.4" - resolved "https://registry.yarnpkg.com/gauge/-/gauge-2.7.4.tgz#2c03405c7538c39d7eb37b317022e325fb018bf7" - integrity sha1-LANAXHU4w51+s3sxcCLjJfsBi/c= - dependencies: - aproba "^1.0.3" - console-control-strings "^1.0.0" - has-unicode "^2.0.0" - object-assign "^4.1.0" - signal-exit "^3.0.0" - string-width "^1.0.1" - strip-ansi "^3.0.1" - wide-align "^1.1.0" - -get-caller-file@^2.0.5: - version "2.0.5" - resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-2.0.5.tgz#4f94412a82db32f36e3b0b9741f8a97feb031f7e" - integrity sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg== - -get-intrinsic@^1.1.1: - version "1.1.2" - resolved "https://registry.yarnpkg.com/get-intrinsic/-/get-intrinsic-1.1.2.tgz#336975123e05ad0b7ba41f152ee4aadbea6cf598" - integrity sha512-Jfm3OyCxHh9DJyc28qGk+JmfkpO41A4XkneDSujN9MDXrm4oDKdHvndhZ2dN94+ERNfkYJWDclW6k2L/ZGHjXA== - dependencies: - function-bind "^1.1.1" - has "^1.0.3" - has-symbols "^1.0.3" - -get-stream@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/get-stream/-/get-stream-4.1.0.tgz#c1b255575f3dc21d59bfc79cd3d2b46b1c3a54b5" - integrity sha512-GMat4EJ5161kIy2HevLlr4luNjBgvmj413KaQA7jt4V8B4RDsfpHk7WQ9GVqfYyyx8OS/L66Kox+rJRNklLK7w== - dependencies: - pump "^3.0.0" - -get-stream@^5.1.0: - version "5.2.0" - resolved "https://registry.yarnpkg.com/get-stream/-/get-stream-5.2.0.tgz#4966a1795ee5ace65e706c4b7beb71257d6e22d3" - integrity sha512-nBF+F1rAZVCu/p7rjzgA+Yb4lfYXrpl7a6VmJrU8wF9I1CKvP/QwPNZHnOlwbTkY6dvtFIzFMSyQXbLoTQPRpA== - dependencies: - pump "^3.0.0" - -github-from-package@0.0.0: - version "0.0.0" - resolved "https://registry.yarnpkg.com/github-from-package/-/github-from-package-0.0.0.tgz#97fb5d96bfde8973313f20e8288ef9a167fa64ce" - integrity sha1-l/tdlr/eiXMxPyDoKI75oWf6ZM4= - -glob-parent@^5.1.2: - version "5.1.2" - resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-5.1.2.tgz#869832c58034fe68a4093c17dc15e8340d8401c4" - integrity sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow== - dependencies: - is-glob "^4.0.1" - -glob@^7.1.3, glob@^7.1.6: - version "7.2.0" - resolved "https://registry.yarnpkg.com/glob/-/glob-7.2.0.tgz#d15535af7732e02e948f4c41628bd910293f6023" - integrity sha512-lmLf6gtyrPq8tTjSmrO94wBeQbFR3HbLHbuyD69wuyQkImp2hWqMGB47OX65FBkPffO641IP9jWa1z4ivqG26Q== - dependencies: - fs.realpath "^1.0.0" - inflight "^1.0.4" - inherits "2" - minimatch "^3.0.4" - once "^1.3.0" - path-is-absolute "^1.0.0" - -global-agent@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/global-agent/-/global-agent-3.0.0.tgz#ae7cd31bd3583b93c5a16437a1afe27cc33a1ab6" - integrity sha512-PT6XReJ+D07JvGoxQMkT6qji/jVNfX/h364XHZOWeRzy64sSFr+xJ5OX7LI3b4MPQzdL4H8Y8M0xzPpsVMwA8Q== - dependencies: - boolean "^3.0.1" - es6-error "^4.1.1" - matcher "^3.0.0" - roarr "^2.15.3" - semver "^7.3.2" - serialize-error "^7.0.1" - -global-dirs@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/global-dirs/-/global-dirs-3.0.0.tgz#70a76fe84ea315ab37b1f5576cbde7d48ef72686" - integrity sha512-v8ho2DS5RiCjftj1nD9NmnfaOzTdud7RRnVd9kFNOjqZbISlx5DQ+OrTkywgd0dIt7oFCvKetZSHoHcP3sDdiA== - dependencies: - ini "2.0.0" - -global-tunnel-ng@^2.7.1: - version "2.7.1" - resolved "https://registry.yarnpkg.com/global-tunnel-ng/-/global-tunnel-ng-2.7.1.tgz#d03b5102dfde3a69914f5ee7d86761ca35d57d8f" - integrity sha512-4s+DyciWBV0eK148wqXxcmVAbFVPqtc3sEtUE/GTQfuU80rySLcMhUmHKSHI7/LDj8q0gDYI1lIhRRB7ieRAqg== - dependencies: - encodeurl "^1.0.2" - lodash "^4.17.10" - npm-conf "^1.1.3" - tunnel "^0.0.6" - -globalthis@^1.0.1: - version "1.0.3" - resolved "https://registry.yarnpkg.com/globalthis/-/globalthis-1.0.3.tgz#5852882a52b80dc301b0660273e1ed082f0b6ccf" - integrity sha512-sFdI5LyBiNTHjRd7cGPWapiHWMOXKyuBNX/cWJ3NfzrZQVa8GI/8cofCl74AOVqq9W5kNmguTIzJ/1s2gyI9wA== - dependencies: - define-properties "^1.1.3" - -globby@^11.0.4: - version "11.1.0" - resolved "https://registry.yarnpkg.com/globby/-/globby-11.1.0.tgz#bd4be98bb042f83d796f7e3811991fbe82a0d34b" - integrity sha512-jhIXaOzy1sb8IyocaruWSn1TjmnBVs8Ayhcy83rmxNJ8q2uWKCAj3CnJY+KpGSXCueAPc0i05kVvVKtP1t9S3g== - dependencies: - array-union "^2.1.0" - dir-glob "^3.0.1" - fast-glob "^3.2.9" - ignore "^5.2.0" - merge2 "^1.4.1" - slash "^3.0.0" - -got@^9.6.0: - version "9.6.0" - resolved "https://registry.yarnpkg.com/got/-/got-9.6.0.tgz#edf45e7d67f99545705de1f7bbeeeb121765ed85" - integrity sha512-R7eWptXuGYxwijs0eV+v3o6+XH1IqVK8dJOEecQfTmkncw9AV4dcw/Dhxi8MdlqPthxxpZyizMzyg8RTmEsG+Q== - dependencies: - "@sindresorhus/is" "^0.14.0" - "@szmarczak/http-timer" "^1.1.2" - cacheable-request "^6.0.0" - decompress-response "^3.3.0" - duplexer3 "^0.1.4" - get-stream "^4.1.0" - lowercase-keys "^1.0.1" - mimic-response "^1.0.1" - p-cancelable "^1.0.0" - to-readable-stream "^1.0.0" - url-parse-lax "^3.0.0" - -graceful-fs@^4.1.2: - version "4.2.9" - resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.9.tgz#041b05df45755e587a24942279b9d113146e1c96" - integrity sha512-NtNxqUcXgpW2iMrfqSfR73Glt39K+BLwWsPs94yR63v45T0Wbej7eRmL5cWfwEgqXnmjQp3zaJTshdRW/qC2ZQ== - -graceful-fs@^4.1.6, graceful-fs@^4.2.0: - version "4.2.10" - resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.10.tgz#147d3a006da4ca3ce14728c7aefc287c367d7a6c" - integrity sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA== - -"graceful-readlink@>= 1.0.0": - version "1.0.1" - resolved "https://registry.yarnpkg.com/graceful-readlink/-/graceful-readlink-1.0.1.tgz#4cafad76bc62f02fa039b2f94e9a3dd3a391a725" - integrity sha1-TK+tdrxi8C+gObL5Tpo906ORpyU= - -has-flag@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-3.0.0.tgz#b5d454dc2199ae225699f3467e5a07f3b955bafd" - integrity sha1-tdRU3CGZriJWmfNGfloH87lVuv0= - -has-flag@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-4.0.0.tgz#944771fd9c81c81265c4d6941860da06bb59479b" - integrity sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ== - -has-property-descriptors@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/has-property-descriptors/-/has-property-descriptors-1.0.0.tgz#610708600606d36961ed04c196193b6a607fa861" - integrity sha512-62DVLZGoiEBDHQyqG4w9xCuZ7eJEwNmJRWw2VY84Oedb7WFcA27fiEVe8oUQx9hAUJ4ekurquucTGwsyO1XGdQ== - dependencies: - get-intrinsic "^1.1.1" - -has-symbols@^1.0.3: - version "1.0.3" - resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.0.3.tgz#bb7b2c4349251dce87b125f7bdf874aa7c8b39f8" - integrity sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A== - -has-unicode@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/has-unicode/-/has-unicode-2.0.1.tgz#e0e6fe6a28cf51138855e086d1691e771de2a8b9" - integrity sha1-4Ob+aijPUROIVeCG0Wkedx3iqLk= - -has-yarn@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/has-yarn/-/has-yarn-2.1.0.tgz#137e11354a7b5bf11aa5cb649cf0c6f3ff2b2e77" - integrity sha512-UqBRqi4ju7T+TqGNdqAO0PaSVGsDGJUBQvk9eUWNGRY1CFGDzYhLWoM7JQEemnlvVcv/YEmc2wNW8BC24EnUsw== - -has@^1.0.3: - version "1.0.3" - resolved "https://registry.yarnpkg.com/has/-/has-1.0.3.tgz#722d7cbfc1f6aa8241f16dd814e011e1f41e8796" - integrity sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw== - dependencies: - function-bind "^1.1.1" - -hosted-git-info@^4.0.2: - version "4.1.0" - resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-4.1.0.tgz#827b82867e9ff1c8d0c4d9d53880397d2c86d224" - integrity sha512-kyCuEOWjJqZuDbRHzL8V93NzQhwIB71oFWSyzVo+KPZI+pnQPPxucdkrOZvkLRnrf5URsQM+IJ09Dw29cRALIA== - dependencies: - lru-cache "^6.0.0" - -http-cache-semantics@^4.0.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/http-cache-semantics/-/http-cache-semantics-4.1.0.tgz#49e91c5cbf36c9b94bcfcd71c23d5249ec74e390" - integrity sha512-carPklcUh7ROWRK7Cv27RPtdhYhUsela/ue5/jKzjegVvXDqM2ILE9Q2BGn9JZJh1g87cp56su/FgQSzcWS8cQ== - -http-proxy-agent@^5.0.0: - version "5.0.0" - resolved "https://registry.yarnpkg.com/http-proxy-agent/-/http-proxy-agent-5.0.0.tgz#5129800203520d434f142bc78ff3c170800f2b43" - integrity sha512-n2hY8YdoRE1i7r6M0w9DIw5GgZN0G25P8zLCRQ8rjXtTU3vsNFBI/vWK/UIeE6g5MUUz6avwAPXmL6Fy9D/90w== - dependencies: - "@tootallnate/once" "2" - agent-base "6" - debug "4" - -https-proxy-agent@^5.0.0: - version "5.0.0" - resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-5.0.0.tgz#e2a90542abb68a762e0a0850f6c9edadfd8506b2" - integrity sha512-EkYm5BcKUGiduxzSt3Eppko+PiNWNEpa4ySk9vTC6wDsQJW9rHSa+UhGNJoRYp7bz6Ht1eaRIa6QaJqO5rCFbA== - dependencies: - agent-base "6" - debug "4" - -iconv-corefoundation@^1.1.7: - version "1.1.7" - resolved "https://registry.yarnpkg.com/iconv-corefoundation/-/iconv-corefoundation-1.1.7.tgz#31065e6ab2c9272154c8b0821151e2c88f1b002a" - integrity sha512-T10qvkw0zz4wnm560lOEg0PovVqUXuOFhhHAkixw8/sycy7TJt7v/RrkEKEQnAw2viPSJu6iAkErxnzR0g8PpQ== - dependencies: - cli-truncate "^2.1.0" - node-addon-api "^1.6.3" - -iconv-lite@^0.6.2: - version "0.6.3" - resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.6.3.tgz#a52f80bf38da1952eb5c681790719871a1a72501" - integrity sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw== - dependencies: - safer-buffer ">= 2.1.2 < 3.0.0" - -ieee754@^1.1.13: - version "1.2.1" - resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.2.1.tgz#8eb7a10a63fff25d15a57b001586d177d1b0d352" - integrity sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA== - -ignore@^5.2.0: - version "5.2.0" - resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.2.0.tgz#6d3bac8fa7fe0d45d9f9be7bac2fc279577e345a" - integrity sha512-CmxgYGiEPCLhfLnpPp1MoRmifwEIOgjcHXxOBjv7mY96c+eWScsOP9c112ZyLdWHi0FxHjI+4uVhKYp/gcdRmQ== - -import-lazy@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/import-lazy/-/import-lazy-2.1.0.tgz#05698e3d45c88e8d7e9d92cb0584e77f096f3e43" - integrity sha1-BWmOPUXIjo1+nZLLBYTnfwlvPkM= - -imurmurhash@^0.1.4: - version "0.1.4" - resolved "https://registry.yarnpkg.com/imurmurhash/-/imurmurhash-0.1.4.tgz#9218b9b2b928a238b13dc4fb6b6d576f231453ea" - integrity sha1-khi5srkoojixPcT7a21XbyMUU+o= - -inflight@^1.0.4: - version "1.0.6" - resolved "https://registry.yarnpkg.com/inflight/-/inflight-1.0.6.tgz#49bd6331d7d02d0c09bc910a1075ba8165b56df9" - integrity sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk= - dependencies: - once "^1.3.0" - wrappy "1" - -inherits@2, inherits@^2.0.1, inherits@^2.0.3, inherits@^2.0.4, inherits@~2.0.3: - version "2.0.4" - resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c" - integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ== - -ini@2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/ini/-/ini-2.0.0.tgz#e5fd556ecdd5726be978fa1001862eacb0a94bc5" - integrity sha512-7PnF4oN3CvZF23ADhA5wRaYEQpJ8qygSkbtTXWBeXWXmEVRXK+1ITciHWwHhsjv1TmW0MgacIv6hEi5pX5NQdA== - -ini@^1.3.4, ini@~1.3.0: - version "1.3.8" - resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.8.tgz#a29da425b48806f34767a4efce397269af28432c" - integrity sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew== - -into-stream@^6.0.0: - version "6.0.0" - resolved "https://registry.yarnpkg.com/into-stream/-/into-stream-6.0.0.tgz#4bfc1244c0128224e18b8870e85b2de8e66c6702" - integrity sha512-XHbaOAvP+uFKUFsOgoNPRjLkwB+I22JFPFe5OjTkQ0nwgj6+pSjb4NmB6VMxaPshLiOf+zcpOCBQuLwC1KHhZA== - dependencies: - from2 "^2.3.0" - p-is-promise "^3.0.0" - -is-ci@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/is-ci/-/is-ci-2.0.0.tgz#6bc6334181810e04b5c22b3d589fdca55026404c" - integrity sha512-YfJT7rkpQB0updsdHLGWrvhBJfcfzNNawYDNIyQXJz0IViGf75O8EBPKSdvw2rF+LGCsX4FZ8tcr3b19LcZq4w== - dependencies: - ci-info "^2.0.0" - -is-ci@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/is-ci/-/is-ci-3.0.1.tgz#db6ecbed1bd659c43dac0f45661e7674103d1867" - integrity sha512-ZYvCgrefwqoQ6yTyYUbQu64HsITZ3NfKX1lzaEYdkTDcfKzzCI/wthRRYKkdjHKFVgNiXKAKm65Zo1pk2as/QQ== - dependencies: - ci-info "^3.2.0" - -is-core-module@^2.8.1: - version "2.8.1" - resolved "https://registry.yarnpkg.com/is-core-module/-/is-core-module-2.8.1.tgz#f59fdfca701d5879d0a6b100a40aa1560ce27211" - integrity sha512-SdNCUs284hr40hFTFP6l0IfZ/RSrMXF3qgoRHd3/79unUTvrFO/JoXwkGm+5J/Oe3E/b5GsnG330uUNgRpu1PA== - dependencies: - has "^1.0.3" - -is-extglob@^2.1.1: - version "2.1.1" - resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-2.1.1.tgz#a88c02535791f02ed37c76a1b9ea9773c833f8c2" - integrity sha1-qIwCU1eR8C7TfHahueqXc8gz+MI= - -is-fullwidth-code-point@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz#ef9e31386f031a7f0d643af82fde50c457ef00cb" - integrity sha1-754xOG8DGn8NZDr4L95QxFfvAMs= - dependencies: - number-is-nan "^1.0.0" - -is-fullwidth-code-point@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz#f116f8064fe90b3f7844a38997c0b75051269f1d" - integrity sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg== - -is-glob@^4.0.1: - version "4.0.3" - resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-4.0.3.tgz#64f61e42cbbb2eec2071a9dac0b28ba1e65d5084" - integrity sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg== - dependencies: - is-extglob "^2.1.1" - -is-installed-globally@^0.4.0: - version "0.4.0" - resolved "https://registry.yarnpkg.com/is-installed-globally/-/is-installed-globally-0.4.0.tgz#9a0fd407949c30f86eb6959ef1b7994ed0b7b520" - integrity sha512-iwGqO3J21aaSkC7jWnHP/difazwS7SFeIqxv6wEtLU8Y5KlzFTjyqcSIT0d8s4+dDhKytsk9PJZ2BkS5eZwQRQ== - dependencies: - global-dirs "^3.0.0" - is-path-inside "^3.0.2" - -is-npm@^5.0.0: - version "5.0.0" - resolved "https://registry.yarnpkg.com/is-npm/-/is-npm-5.0.0.tgz#43e8d65cc56e1b67f8d47262cf667099193f45a8" - integrity sha512-WW/rQLOazUq+ST/bCAVBp/2oMERWLsR7OrKyt052dNDk4DHcDE0/7QSXITlmi+VBcV13DfIbysG3tZJm5RfdBA== - -is-number@^7.0.0: - version "7.0.0" - resolved "https://registry.yarnpkg.com/is-number/-/is-number-7.0.0.tgz#7535345b896734d5f80c4d06c50955527a14f12b" - integrity sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng== - -is-obj@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/is-obj/-/is-obj-2.0.0.tgz#473fb05d973705e3fd9620545018ca8e22ef4982" - integrity sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w== - -is-path-inside@^3.0.2: - version "3.0.3" - resolved "https://registry.yarnpkg.com/is-path-inside/-/is-path-inside-3.0.3.tgz#d231362e53a07ff2b0e0ea7fed049161ffd16283" - integrity sha512-Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ== - -is-plain-obj@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/is-plain-obj/-/is-plain-obj-1.1.0.tgz#71a50c8429dfca773c92a390a4a03b39fcd51d3e" - integrity sha1-caUMhCnfync8kqOQpKA7OfzVHT4= - -is-typedarray@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-typedarray/-/is-typedarray-1.0.0.tgz#e479c80858df0c1b11ddda6940f96011fcda4a9a" - integrity sha1-5HnICFjfDBsR3dppQPlgEfzaSpo= - -is-yarn-global@^0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/is-yarn-global/-/is-yarn-global-0.3.0.tgz#d502d3382590ea3004893746754c89139973e232" - integrity sha512-VjSeb/lHmkoyd8ryPVIKvOCn4D1koMqY+vqyjjUfc3xyKtP4dYOxM44sZrnqQSzSds3xyOrUTLTC9LVCVgLngw== - -isarray@~1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11" - integrity sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ== - -isbinaryfile@^3.0.2: - version "3.0.3" - resolved "https://registry.yarnpkg.com/isbinaryfile/-/isbinaryfile-3.0.3.tgz#5d6def3edebf6e8ca8cae9c30183a804b5f8be80" - integrity sha512-8cJBL5tTd2OS0dM4jz07wQd5g0dCCqIhUxPIGtZfa5L6hWlvV5MHTITy/DBAsF+Oe2LS1X3krBUhNwaGUWpWxw== - dependencies: - buffer-alloc "^1.2.0" - -isbinaryfile@^4.0.8: - version "4.0.8" - resolved "https://registry.yarnpkg.com/isbinaryfile/-/isbinaryfile-4.0.8.tgz#5d34b94865bd4946633ecc78a026fc76c5b11fcf" - integrity sha512-53h6XFniq77YdW+spoRrebh0mnmTxRPTlcuIArO57lmMdq4uBKFKaeTjnb92oYWrSn/LVL+LT+Hap2tFQj8V+w== - -isexe@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/isexe/-/isexe-2.0.0.tgz#e8fbf374dc556ff8947a10dcb0572d633f2cfa10" - integrity sha1-6PvzdNxVb/iUehDcsFctYz8s+hA= - -jake@^10.6.1: - version "10.8.2" - resolved "https://registry.yarnpkg.com/jake/-/jake-10.8.2.tgz#ebc9de8558160a66d82d0eadc6a2e58fbc500a7b" - integrity sha512-eLpKyrfG3mzvGE2Du8VoPbeSkRry093+tyNjdYaBbJS9v17knImYGNXQCUV0gLxQtF82m3E8iRb/wdSQZLoq7A== - dependencies: - async "0.9.x" - chalk "^2.4.2" - filelist "^1.0.1" - minimatch "^3.0.4" - -js-yaml@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.0.tgz#c1fb65f8f5017901cdd2c951864ba18458a10602" - integrity sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA== - dependencies: - argparse "^2.0.1" - -json-buffer@3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/json-buffer/-/json-buffer-3.0.0.tgz#5b1f397afc75d677bde8bcfc0e47e1f9a3d9a898" - integrity sha512-CuUqjv0FUZIdXkHPI8MezCnFCdaTAacej1TZYulLoAg1h/PhwkdXFN4V/gzY4g+fMBCOV2xF+rp7t2XD2ns/NQ== - -json-schema-traverse@^0.4.1: - version "0.4.1" - resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz#69f6a87d9513ab8bb8fe63bdb0979c448e684660" - integrity sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg== - -json-stringify-safe@^5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz#1296a2d58fd45f19a0f6ce01d65701e2c735b6eb" - integrity sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA== - -json5@^2.2.0: - version "2.2.0" - resolved "https://registry.yarnpkg.com/json5/-/json5-2.2.0.tgz#2dfefe720c6ba525d9ebd909950f0515316c89a3" - integrity sha512-f+8cldu7X/y7RAJurMEJmdoKXGB/X550w2Nr3tTbezL6RwEE/iMcm+tZnXeoZtKuOq6ft8+CqzEkrIgx1fPoQA== - dependencies: - minimist "^1.2.5" - -jsonfile@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/jsonfile/-/jsonfile-4.0.0.tgz#8771aae0799b64076b76640fca058f9c10e33ecb" - integrity sha512-m6F1R3z8jjlf2imQHS2Qez5sjKWQzbuuhuJ/FKYFRZvPE3PuHcSMVZzfsLhGVOkfd20obL5SWEBew5ShlquNxg== - optionalDependencies: - graceful-fs "^4.1.6" - -jsonfile@^6.0.1: - version "6.1.0" - resolved "https://registry.yarnpkg.com/jsonfile/-/jsonfile-6.1.0.tgz#bc55b2634793c679ec6403094eb13698a6ec0aae" - integrity sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ== - dependencies: - universalify "^2.0.0" - optionalDependencies: - graceful-fs "^4.1.6" - -keyv@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/keyv/-/keyv-3.1.0.tgz#ecc228486f69991e49e9476485a5be1e8fc5c4d9" - integrity sha512-9ykJ/46SN/9KPM/sichzQ7OvXyGDYKGTaDlKMGCAlg2UK8KRy4jb0d8sFc+0Tt0YYnThq8X2RZgCg74RPxgcVA== - dependencies: - json-buffer "3.0.0" - -latest-version@^5.1.0: - version "5.1.0" - resolved "https://registry.yarnpkg.com/latest-version/-/latest-version-5.1.0.tgz#119dfe908fe38d15dfa43ecd13fa12ec8832face" - integrity sha512-weT+r0kTkRQdCdYCNtkMwWXQTMEswKrFBkm4ckQOMVhhqhIMI1UT2hMj+1iigIhgSZm5gTmrRXBNoGUgaTY1xA== - dependencies: - package-json "^6.3.0" - -lazy-val@^1.0.4, lazy-val@^1.0.5: - version "1.0.5" - resolved "https://registry.yarnpkg.com/lazy-val/-/lazy-val-1.0.5.tgz#6cf3b9f5bc31cee7ee3e369c0832b7583dcd923d" - integrity sha512-0/BnGCCfyUMkBpeDgWihanIAF9JmZhHBgUhEqzvf+adhNGLoP6TaiI5oF8oyb3I45P+PcnrqihSf01M0l0G5+Q== - -levn@~0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/levn/-/levn-0.3.0.tgz#3b09924edf9f083c0490fdd4c0bc4421e04764ee" - integrity sha1-OwmSTt+fCDwEkP3UwLxEIeBHZO4= - dependencies: - prelude-ls "~1.1.2" - type-check "~0.3.2" - -lodash@^4.17.10, lodash@^4.17.15: - version "4.17.21" - resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c" - integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg== - -lowercase-keys@^1.0.0, lowercase-keys@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/lowercase-keys/-/lowercase-keys-1.0.1.tgz#6f9e30b47084d971a7c820ff15a6c5167b74c26f" - integrity sha512-G2Lj61tXDnVFFOi8VZds+SoQjtQC3dgokKdDG2mTm1tx4m50NUHBOZSBwQQHyy0V12A0JTG4icfZQH+xPyh8VA== - -lowercase-keys@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/lowercase-keys/-/lowercase-keys-2.0.0.tgz#2603e78b7b4b0006cbca2fbcc8a3202558ac9479" - integrity sha512-tqNXrS78oMOE73NMxK4EMLQsQowWf8jKooH9g7xPavRT706R6bkQJ6DY2Te7QukaZsulxa30wQ7bk0pm4XiHmA== - -lru-cache@^6.0.0: - version "6.0.0" - resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-6.0.0.tgz#6d6fe6570ebd96aaf90fcad1dafa3b2566db3a94" - integrity sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA== - dependencies: - yallist "^4.0.0" - -make-dir@^3.0.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/make-dir/-/make-dir-3.1.0.tgz#415e967046b3a7f1d185277d84aa58203726a13f" - integrity sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw== - dependencies: - semver "^6.0.0" - -matcher@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/matcher/-/matcher-3.0.0.tgz#bd9060f4c5b70aa8041ccc6f80368760994f30ca" - integrity sha512-OkeDaAZ/bQCxeFAozM55PKcKU0yJMPGifLwV4Qgjitu+5MoAfSQN4lsLJeXZ1b8w0x+/Emda6MZgXS1jvsapng== - dependencies: - escape-string-regexp "^4.0.0" - -merge2@^1.3.0, merge2@^1.4.1: - version "1.4.1" - resolved "https://registry.yarnpkg.com/merge2/-/merge2-1.4.1.tgz#4368892f885e907455a6fd7dc55c0c9d404990ae" - integrity sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg== - -micromatch@^4.0.4: - version "4.0.4" - resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-4.0.4.tgz#896d519dfe9db25fce94ceb7a500919bf881ebf9" - integrity sha512-pRmzw/XUcwXGpD9aI9q/0XOwLNygjETJ8y0ao0wdqprrzDa4YnxLcz7fQRZr8voh8V10kGhABbNcHVk5wHgWwg== - dependencies: - braces "^3.0.1" - picomatch "^2.2.3" - -mime-db@1.51.0: - version "1.51.0" - resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.51.0.tgz#d9ff62451859b18342d960850dc3cfb77e63fb0c" - integrity sha512-5y8A56jg7XVQx2mbv1lu49NR4dokRnhZYTtL+KGfaa27uq4pSTXkwQkFJl4pkRMyNFz/EtYDSkiiEHx3F7UN6g== - -mime-db@^1.28.0: - version "1.52.0" - resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.52.0.tgz#bbabcdc02859f4987301c856e3387ce5ec43bf70" - integrity sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg== - -mime-types@^2.1.12: - version "2.1.34" - resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.34.tgz#5a712f9ec1503511a945803640fafe09d3793c24" - integrity sha512-6cP692WwGIs9XXdOO4++N+7qjqv0rqxxVvJ3VHPh/Sc9mVZcQP+ZGhkKiTvWMQRr2tbHkJP/Yn7Y0npb3ZBs4A== - dependencies: - mime-db "1.51.0" - -mime@^2.5.2: - version "2.6.0" - resolved "https://registry.yarnpkg.com/mime/-/mime-2.6.0.tgz#a2a682a95cd4d0cb1d6257e28f83da7e35800367" - integrity sha512-USPkMeET31rOMiarsBNIHZKLGgvKc/LrjofAnBlOttf5ajRvqiRA8QsenbcooctK6d6Ts6aqZXBA+XbkKthiQg== - -mimic-response@^1.0.0, mimic-response@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/mimic-response/-/mimic-response-1.0.1.tgz#4923538878eef42063cb8a3e3b0798781487ab1b" - integrity sha512-j5EctnkH7amfV/q5Hgmoal1g2QHFJRraOtmx0JpIqkxhBhI/lJSl1nMpQ45hVarwNETOoWEimndZ4QK0RHxuxQ== - -mimic-response@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/mimic-response/-/mimic-response-2.1.0.tgz#d13763d35f613d09ec37ebb30bac0469c0ee8f43" - integrity sha512-wXqjST+SLt7R009ySCglWBCFpjUygmCIfD790/kVbiGmUgfYGuB14PiTd5DwVxSV4NcYHjzMkoj5LjQZwTQLEA== - -minimatch@3.0.4: - version "3.0.4" - resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083" - integrity sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA== - dependencies: - brace-expansion "^1.1.7" - -minimatch@^3.0.2, minimatch@^3.0.4: - version "3.1.2" - resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.1.2.tgz#19cd194bfd3e428f049a70817c038d89ab4be35b" - integrity sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw== - dependencies: - brace-expansion "^1.1.7" - -minimist@^1.2.0, minimist@^1.2.3: - version "1.2.5" - resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.5.tgz#67d66014b66a6a8aaa0c083c5fd58df4e4e97602" - integrity sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw== - -minimist@^1.2.5, minimist@^1.2.6: - version "1.2.6" - resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.6.tgz#8637a5b759ea0d6e98702cfb3a9283323c93af44" - integrity sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q== - -mkdirp-classic@^0.5.2, mkdirp-classic@^0.5.3: - version "0.5.3" - resolved "https://registry.yarnpkg.com/mkdirp-classic/-/mkdirp-classic-0.5.3.tgz#fa10c9115cc6d8865be221ba47ee9bed78601113" - integrity sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A== - -mkdirp@^0.5.1: - version "0.5.5" - resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.5.tgz#d91cefd62d1436ca0f41620e251288d420099def" - integrity sha512-NKmAlESf6jMGym1++R0Ra7wvhV+wFW63FaSOFPwRahvea0gMUcGUhVeAg/0BC0wiv9ih5NYPB1Wn1UEI1/L+xQ== - dependencies: - minimist "^1.2.5" - -mkdirp@^0.5.4: - version "0.5.6" - resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.6.tgz#7def03d2432dcae4ba1d611445c48396062255f6" - integrity sha512-FP+p8RB8OWpF3YZBCrP5gtADmtXApB5AMLn+vdyA+PyxCjrCs00mjyUozssO33cwDeT3wNGdLxJ5M//YqtHAJw== - dependencies: - minimist "^1.2.6" - -modify-filename@^1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/modify-filename/-/modify-filename-1.1.0.tgz#9a2dec83806fbb2d975f22beec859ca26b393aa1" - integrity sha1-mi3sg4Bvuy2XXyK+7IWcoms5OqE= - -ms@2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" - integrity sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A== - -ms@2.1.2: - version "2.1.2" - resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.2.tgz#d09d1f357b443f493382a8eb3ccd183872ae6009" - integrity sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w== - -multistream@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/multistream/-/multistream-4.1.0.tgz#7bf00dfd119556fbc153cff3de4c6d477909f5a8" - integrity sha512-J1XDiAmmNpRCBfIWJv+n0ymC4ABcf/Pl+5YvC5B/D2f/2+8PtHvCNxMPKiQcZyi922Hq69J2YOpb1pTywfifyw== - dependencies: - once "^1.4.0" - readable-stream "^3.6.0" - -napi-build-utils@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/napi-build-utils/-/napi-build-utils-1.0.2.tgz#b1fddc0b2c46e380a0b7a76f984dd47c41a13806" - integrity sha512-ONmRUqK7zj7DWX0D9ADe03wbwOBZxNAfF20PlGfCWQcD3+/MakShIHrMqx9YwPTfxDdF1zLeL+RGZiR9kGMLdg== - -node-abi@^2.21.0: - version "2.30.1" - resolved "https://registry.yarnpkg.com/node-abi/-/node-abi-2.30.1.tgz#c437d4b1fe0e285aaf290d45b45d4d7afedac4cf" - integrity sha512-/2D0wOQPgaUWzVSVgRMx+trKJRC2UG4SUc4oCJoXx9Uxjtp0Vy3/kt7zcbxHF8+Z/pK3UloLWzBISg72brfy1w== - dependencies: - semver "^5.4.1" - -node-addon-api@^1.6.3: - version "1.7.2" - resolved "https://registry.yarnpkg.com/node-addon-api/-/node-addon-api-1.7.2.tgz#3df30b95720b53c24e59948b49532b662444f54d" - integrity sha512-ibPK3iA+vaY1eEjESkQkM0BbCqFOaZMiXRTtdB0u7b4djtY6JnsjvPdUHVMg6xQt3B8fpTTWHI9A+ADjM9frzg== - -node-fetch@^2.6.6: - version "2.6.7" - resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.7.tgz#24de9fba827e3b4ae44dc8b20256a379160052ad" - integrity sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ== - dependencies: - whatwg-url "^5.0.0" - -normalize-url@^4.1.0: - version "4.5.1" - resolved "https://registry.yarnpkg.com/normalize-url/-/normalize-url-4.5.1.tgz#0dd90cf1288ee1d1313b87081c9a5932ee48518a" - integrity sha512-9UZCFRHQdNrfTpGg8+1INIg93B6zE0aXMVFkw1WFwvO4SlZywU6aLg5Of0Ap/PgcbSw4LNxvMWXMeugwMCX0AA== - -npm-conf@^1.1.3: - version "1.1.3" - resolved "https://registry.yarnpkg.com/npm-conf/-/npm-conf-1.1.3.tgz#256cc47bd0e218c259c4e9550bf413bc2192aff9" - integrity sha512-Yic4bZHJOt9RCFbRP3GgpqhScOY4HH3V2P8yBj6CeYq118Qr+BLXqT2JvpJ00mryLESpgOxf5XlFv4ZjXxLScw== - dependencies: - config-chain "^1.1.11" - pify "^3.0.0" - -npmlog@^4.0.1: - version "4.1.2" - resolved "https://registry.yarnpkg.com/npmlog/-/npmlog-4.1.2.tgz#08a7f2a8bf734604779a9efa4ad5cc717abb954b" - integrity sha512-2uUqazuKlTaSI/dC8AzicUck7+IrEaOnN/e0jd3Xtt1KcGpwx30v50mL7oPyr/h9bL3E4aZccVwpwP+5W9Vjkg== - dependencies: - are-we-there-yet "~1.1.2" - console-control-strings "~1.1.0" - gauge "~2.7.3" - set-blocking "~2.0.0" - -number-is-nan@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d" - integrity sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0= - -object-assign@^4.1.0: - version "4.1.1" - resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.1.tgz#2109adc7965887cfc05cbbd442cac8bfbb360863" - integrity sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM= - -object-keys@^1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/object-keys/-/object-keys-1.1.1.tgz#1c47f272df277f3b1daf061677d9c82e2322c60e" - integrity sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA== - -once@^1.3.0, once@^1.3.1, once@^1.4.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1" - integrity sha1-WDsap3WWHUsROsF9nFC6753Xa9E= - dependencies: - wrappy "1" - -optionator@^0.8.1: - version "0.8.3" - resolved "https://registry.yarnpkg.com/optionator/-/optionator-0.8.3.tgz#84fa1d036fe9d3c7e21d99884b601167ec8fb495" - integrity sha512-+IW9pACdk3XWmmTXG8m3upGUJst5XRGzxMRjXzAuJ1XnIFNvfhjjIuYkDvysnPQ7qzqVzLt78BCruntqRhWQbA== - dependencies: - deep-is "~0.1.3" - fast-levenshtein "~2.0.6" - levn "~0.3.0" - prelude-ls "~1.1.2" - type-check "~0.3.2" - word-wrap "~1.2.3" - -p-cancelable@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/p-cancelable/-/p-cancelable-1.1.0.tgz#d078d15a3af409220c886f1d9a0ca2e441ab26cc" - integrity sha512-s73XxOZ4zpt1edZYZzvhqFa6uvQc1vwUa0K0BdtIZgQMAJj9IbebH+JkgKZc9h+B05PKHLOTl4ajG1BmNrVZlw== - -p-is-promise@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/p-is-promise/-/p-is-promise-3.0.0.tgz#58e78c7dfe2e163cf2a04ff869e7c1dba64a5971" - integrity sha512-Wo8VsW4IRQSKVXsJCn7TomUaVtyfjVDn3nUP7kE967BQk0CwFpdbZs0X0uk5sW9mkBa9eNM7hCMaG93WUAwxYQ== - -package-json@^6.3.0: - version "6.5.0" - resolved "https://registry.yarnpkg.com/package-json/-/package-json-6.5.0.tgz#6feedaca35e75725876d0b0e64974697fed145b0" - integrity sha512-k3bdm2n25tkyxcjSKzB5x8kfVxlMdgsbPr0GkZcwHsLpba6cBjqCt1KlcChKEvxHIcTB1FVMuwoijZ26xex5MQ== - dependencies: - got "^9.6.0" - registry-auth-token "^4.0.0" - registry-url "^5.0.0" - semver "^6.2.0" - -path-exists@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-4.0.0.tgz#513bdbe2d3b95d7762e8c1137efa195c6c61b5b3" - integrity sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w== - -path-is-absolute@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f" - integrity sha1-F0uSaHNVNP+8es5r9TpanhtcX18= - -path-key@^3.1.0: - version "3.1.1" - resolved "https://registry.yarnpkg.com/path-key/-/path-key-3.1.1.tgz#581f6ade658cbba65a0d3380de7753295054f375" - integrity sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q== - -path-parse@^1.0.7: - version "1.0.7" - resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735" - integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw== - -path-type@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/path-type/-/path-type-4.0.0.tgz#84ed01c0a7ba380afe09d90a8c180dcd9d03043b" - integrity sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw== - -pend@~1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/pend/-/pend-1.2.0.tgz#7a57eb550a6783f9115331fcf4663d5c8e007a50" - integrity sha512-F3asv42UuXchdzt+xXqfW1OGlVBe+mxa2mqI0pg5yAHZPvFmY3Y6drSf/GQ1A86WgWEN9Kzh/WrgKa6iGcHXLg== - -picomatch@^2.2.3: - version "2.3.1" - resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.3.1.tgz#3ba3833733646d9d3e4995946c1365a67fb07a42" - integrity sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA== - -pify@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/pify/-/pify-3.0.0.tgz#e5a4acd2c101fdf3d9a4d07f0dbc4db49dd28176" - integrity sha512-C3FsVNH1udSEX48gGX1xfvwTWfsYWj5U+8/uK15BGzIGrKoUpghX8hWZwa/OFnakBiiVNmBvemTJR5mcy7iPcg== - -pkg-fetch@3.2.6: - version "3.2.6" - resolved "https://registry.yarnpkg.com/pkg-fetch/-/pkg-fetch-3.2.6.tgz#8473e1da5763522c4c3c051917db7274b75836fa" - integrity sha512-Q8fx6SIT022g0cdSE4Axv/xpfHeltspo2gg1KsWRinLQZOTRRAtOOaEFghA1F3jJ8FVsh8hGrL/Pb6Ea5XHIFw== - dependencies: - chalk "^4.1.2" - fs-extra "^9.1.0" - https-proxy-agent "^5.0.0" - node-fetch "^2.6.6" - progress "^2.0.3" - semver "^7.3.5" - tar-fs "^2.1.1" - yargs "^16.2.0" - -pkg@^5.5.0: - version "5.5.2" - resolved "https://registry.yarnpkg.com/pkg/-/pkg-5.5.2.tgz#c21ca9b5cb48feceb3b158c17df855ada350086d" - integrity sha512-pD0UB2ud01C6pVv2wpGsTYJrXI/bnvGRYvMLd44wFzA1p+A2jrlTGFPAYa7YEYzmitXhx23PqalaG1eUEnSwcA== - dependencies: - "@babel/parser" "7.16.2" - "@babel/types" "7.16.0" - chalk "^4.1.2" - escodegen "^2.0.0" - fs-extra "^9.1.0" - globby "^11.0.4" - into-stream "^6.0.0" - minimist "^1.2.5" - multistream "^4.1.0" - pkg-fetch "3.2.6" - prebuild-install "6.1.4" - progress "^2.0.3" - resolve "^1.20.0" - stream-meter "^1.0.4" - tslib "2.3.1" - -plist@^3.0.1, plist@^3.0.4: - version "3.0.4" - resolved "https://registry.yarnpkg.com/plist/-/plist-3.0.4.tgz#a62df837e3aed2bb3b735899d510c4f186019cbe" - integrity sha512-ksrr8y9+nXOxQB2osVNqrgvX/XQPOXaU4BQMKjYq8PvaY1U18mo+fKgBSwzK+luSyinOuPae956lSVcBwxlAMg== - dependencies: - base64-js "^1.5.1" - xmlbuilder "^9.0.7" - -prebuild-install@6.1.4: - version "6.1.4" - resolved "https://registry.yarnpkg.com/prebuild-install/-/prebuild-install-6.1.4.tgz#ae3c0142ad611d58570b89af4986088a4937e00f" - integrity sha512-Z4vpywnK1lBg+zdPCVCsKq0xO66eEV9rWo2zrROGGiRS4JtueBOdlB1FnY8lcy7JsUud/Q3ijUxyWN26Ika0vQ== - dependencies: - detect-libc "^1.0.3" - expand-template "^2.0.3" - github-from-package "0.0.0" - minimist "^1.2.3" - mkdirp-classic "^0.5.3" - napi-build-utils "^1.0.1" - node-abi "^2.21.0" - npmlog "^4.0.1" - pump "^3.0.0" - rc "^1.2.7" - simple-get "^3.0.3" - tar-fs "^2.0.0" - tunnel-agent "^0.6.0" - -prelude-ls@~1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.1.2.tgz#21932a549f5e52ffd9a827f570e04be62a97da54" - integrity sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ= - -prepend-http@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/prepend-http/-/prepend-http-2.0.0.tgz#e92434bfa5ea8c19f41cdfd401d741a3c819d897" - integrity sha512-ravE6m9Atw9Z/jjttRUZ+clIXogdghyZAuWJ3qEzjT+jI/dL1ifAqhZeC5VHzQp1MSt1+jxKkFNemj/iO7tVUA== - -process-nextick-args@~2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.1.tgz#7820d9b16120cc55ca9ae7792680ae7dba6d7fe2" - integrity sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag== - -progress@^2.0.3: - version "2.0.3" - resolved "https://registry.yarnpkg.com/progress/-/progress-2.0.3.tgz#7e8cf8d8f5b8f239c1bc68beb4eb78567d572ef8" - integrity sha512-7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA== - -proto-list@~1.2.1: - version "1.2.4" - resolved "https://registry.yarnpkg.com/proto-list/-/proto-list-1.2.4.tgz#212d5bfe1318306a420f6402b8e26ff39647a849" - integrity sha512-vtK/94akxsTMhe0/cbfpR+syPuszcuwhqVjJq26CuNDgFGj682oRBXOP5MJpv2r7JtE8MsiepGIqvvOTBwn2vA== - -pump@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/pump/-/pump-3.0.0.tgz#b4a2116815bde2f4e1ea602354e8c75565107a64" - integrity sha512-LwZy+p3SFs1Pytd/jYct4wpv49HiYCqd9Rlc5ZVdk0V+8Yzv6jR5Blk3TRmPL1ft69TxP0IMZGJ+WPFU2BFhww== - dependencies: - end-of-stream "^1.1.0" - once "^1.3.1" - -punycode@^2.1.0: - version "2.1.1" - resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.1.1.tgz#b58b010ac40c22c5657616c8d2c2c02c7bf479ec" - integrity sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A== - -pupa@^2.0.1, pupa@^2.1.1: - version "2.1.1" - resolved "https://registry.yarnpkg.com/pupa/-/pupa-2.1.1.tgz#f5e8fd4afc2c5d97828faa523549ed8744a20d62" - integrity sha512-l1jNAspIBSFqbT+y+5FosojNpVpF94nlI+wDUpqP9enwOTfHx9f0gh5nB96vl+6yTpsJsypeNrwfzPrKuHB41A== - dependencies: - escape-goat "^2.0.0" - -q@^1.0.1: - version "1.5.1" - resolved "https://registry.yarnpkg.com/q/-/q-1.5.1.tgz#7e32f75b41381291d04611f1bf14109ac00651d7" - integrity sha1-fjL3W0E4EpHQRhHxvxQQmsAGUdc= - -queue-microtask@^1.2.2: - version "1.2.3" - resolved "https://registry.yarnpkg.com/queue-microtask/-/queue-microtask-1.2.3.tgz#4929228bbc724dfac43e0efb058caf7b6cfb6243" - integrity sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A== - -rc@^1.2.7, rc@^1.2.8: - version "1.2.8" - resolved "https://registry.yarnpkg.com/rc/-/rc-1.2.8.tgz#cd924bf5200a075b83c188cd6b9e211b7fc0d3ed" - integrity sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw== - dependencies: - deep-extend "^0.6.0" - ini "~1.3.0" - minimist "^1.2.0" - strip-json-comments "~2.0.1" - -read-config-file@6.2.0: - version "6.2.0" - resolved "https://registry.yarnpkg.com/read-config-file/-/read-config-file-6.2.0.tgz#71536072330bcd62ba814f91458b12add9fc7ade" - integrity sha512-gx7Pgr5I56JtYz+WuqEbQHj/xWo+5Vwua2jhb1VwM4Wid5PqYmZ4i00ZB0YEGIfkVBsCv9UrjgyqCiQfS/Oosg== - dependencies: - dotenv "^9.0.2" - dotenv-expand "^5.1.0" - js-yaml "^4.1.0" - json5 "^2.2.0" - lazy-val "^1.0.4" - -readable-stream@^2.0.0, readable-stream@^2.0.6, readable-stream@^2.1.4, readable-stream@^2.2.2: - version "2.3.7" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.7.tgz#1eca1cf711aef814c04f62252a36a62f6cb23b57" - integrity sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw== - dependencies: - core-util-is "~1.0.0" - inherits "~2.0.3" - isarray "~1.0.0" - process-nextick-args "~2.0.0" - safe-buffer "~5.1.1" - string_decoder "~1.1.1" - util-deprecate "~1.0.1" - -readable-stream@^3.1.1, readable-stream@^3.4.0, readable-stream@^3.6.0: - version "3.6.0" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-3.6.0.tgz#337bbda3adc0706bd3e024426a286d4b4b2c9198" - integrity sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA== - dependencies: - inherits "^2.0.3" - string_decoder "^1.1.1" - util-deprecate "^1.0.1" - -registry-auth-token@^4.0.0: - version "4.2.1" - resolved "https://registry.yarnpkg.com/registry-auth-token/-/registry-auth-token-4.2.1.tgz#6d7b4006441918972ccd5fedcd41dc322c79b250" - integrity sha512-6gkSb4U6aWJB4SF2ZvLb76yCBjcvufXBqvvEx1HbmKPkutswjW1xNVRY0+daljIYRbogN7O0etYSlbiaEQyMyw== - dependencies: - rc "^1.2.8" - -registry-url@^5.0.0: - version "5.1.0" - resolved "https://registry.yarnpkg.com/registry-url/-/registry-url-5.1.0.tgz#e98334b50d5434b81136b44ec638d9c2009c5009" - integrity sha512-8acYXXTI0AkQv6RAOjE3vOaIXZkT9wo4LOFbBKYQEEnnMNBpKqdUrI6S4NT0KPIo/WVvJ5tE/X5LF/TQUf0ekw== - dependencies: - rc "^1.2.8" - -require-directory@^2.1.1: - version "2.1.1" - resolved "https://registry.yarnpkg.com/require-directory/-/require-directory-2.1.1.tgz#8c64ad5fd30dab1c976e2344ffe7f792a6a6df42" - integrity sha1-jGStX9MNqxyXbiNE/+f3kqam30I= - -resolve@^1.20.0: - version "1.22.0" - resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.22.0.tgz#5e0b8c67c15df57a89bdbabe603a002f21731198" - integrity sha512-Hhtrw0nLeSrFQ7phPp4OOcVjLPIeMnRlr5mcnVuMe7M/7eBn98A3hmFRLoFo3DLZkivSYwhRUJTyPyWAk56WLw== - dependencies: - is-core-module "^2.8.1" - path-parse "^1.0.7" - supports-preserve-symlinks-flag "^1.0.0" - -responselike@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/responselike/-/responselike-1.0.2.tgz#918720ef3b631c5642be068f15ade5a46f4ba1e7" - integrity sha512-/Fpe5guzJk1gPqdJLJR5u7eG/gNY4nImjbRDaVWVMRhne55TCmj2i9Q+54PBRfatRC8v/rIiv9BN0pMd9OV5EQ== - dependencies: - lowercase-keys "^1.0.0" - -reusify@^1.0.4: - version "1.0.4" - resolved "https://registry.yarnpkg.com/reusify/-/reusify-1.0.4.tgz#90da382b1e126efc02146e90845a88db12925d76" - integrity sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw== - -rimraf@^2.2.8: - version "2.7.1" - resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.7.1.tgz#35797f13a7fdadc566142c29d4f07ccad483e3ec" - integrity sha512-uWjbaKIK3T1OSVptzX7Nl6PvQ3qAGtKEtVRjRuazjfL3Bx5eI409VZSqgND+4UNnmzLVdPj9FqFJNPqBZFve4w== - dependencies: - glob "^7.1.3" - -rimraf@^3.0.0: - version "3.0.2" - resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-3.0.2.tgz#f1a5402ba6220ad52cc1282bac1ae3aa49fd061a" - integrity sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA== - dependencies: - glob "^7.1.3" - -roarr@^2.15.3: - version "2.15.4" - resolved "https://registry.yarnpkg.com/roarr/-/roarr-2.15.4.tgz#f5fe795b7b838ccfe35dc608e0282b9eba2e7afd" - integrity sha512-CHhPh+UNHD2GTXNYhPWLnU8ONHdI+5DI+4EYIAOaiD63rHeYlZvyh8P+in5999TTSFgUYuKUAjzRI4mdh/p+2A== - dependencies: - boolean "^3.0.1" - detect-node "^2.0.4" - globalthis "^1.0.1" - json-stringify-safe "^5.0.1" - semver-compare "^1.0.0" - sprintf-js "^1.1.2" - -run-parallel@^1.1.9: - version "1.2.0" - resolved "https://registry.yarnpkg.com/run-parallel/-/run-parallel-1.2.0.tgz#66d1368da7bdf921eb9d95bd1a9229e7f21a43ee" - integrity sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA== - dependencies: - queue-microtask "^1.2.2" - -safe-buffer@^5.0.1, safe-buffer@~5.2.0: - version "5.2.1" - resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.2.1.tgz#1eaf9fa9bdb1fdd4ec75f58f9cdb4e6b7827eec6" - integrity sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ== - -safe-buffer@~5.1.0, safe-buffer@~5.1.1: - version "5.1.2" - resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d" - integrity sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g== - -"safer-buffer@>= 2.1.2 < 3.0.0": - version "2.1.2" - resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a" - integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg== - -sanitize-filename@^1.6.3: - version "1.6.3" - resolved "https://registry.yarnpkg.com/sanitize-filename/-/sanitize-filename-1.6.3.tgz#755ebd752045931977e30b2025d340d7c9090378" - integrity sha512-y/52Mcy7aw3gRm7IrcGDFx/bCk4AhRh2eI9luHOQM86nZsqwiRkkq2GekHXBBD+SmPidc8i2PqtYZl+pWJ8Oeg== - dependencies: - truncate-utf8-bytes "^1.0.0" - -sax@^1.2.4: - version "1.2.4" - resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.4.tgz#2816234e2378bddc4e5354fab5caa895df7100d9" - integrity sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw== - -semver-compare@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/semver-compare/-/semver-compare-1.0.0.tgz#0dee216a1c941ab37e9efb1788f6afc5ff5537fc" - integrity sha512-YM3/ITh2MJ5MtzaM429anh+x2jiLVjqILF4m4oyQB18W7Ggea7BfqdH/wGMK7dDiMghv/6WG7znWMwUDzJiXow== - -semver-diff@^3.1.1: - version "3.1.1" - resolved "https://registry.yarnpkg.com/semver-diff/-/semver-diff-3.1.1.tgz#05f77ce59f325e00e2706afd67bb506ddb1ca32b" - integrity sha512-GX0Ix/CJcHyB8c4ykpHGIAvLyOwOobtM/8d+TQkAd81/bEjgPHrfba41Vpesr7jX/t8Uh+R3EX9eAS5be+jQYg== - dependencies: - semver "^6.3.0" - -semver@^5.4.1: - version "5.7.1" - resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.1.tgz#a954f931aeba508d307bbf069eff0c01c96116f7" - integrity sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ== - -semver@^6.0.0, semver@^6.2.0, semver@^6.3.0: - version "6.3.0" - resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.0.tgz#ee0a64c8af5e8ceea67687b133761e1becbd1d3d" - integrity sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw== - -semver@^7.3.2: - version "7.3.7" - resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.7.tgz#12c5b649afdbf9049707796e22a4028814ce523f" - integrity sha512-QlYTucUYOews+WeEujDoEGziz4K6c47V/Bd+LjSSYcA94p+DmINdf7ncaUinThfvZyu13lN9OY1XDxt8C0Tw0g== - dependencies: - lru-cache "^6.0.0" - -semver@^7.3.4, semver@^7.3.5: - version "7.3.5" - resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.5.tgz#0b621c879348d8998e4b0e4be94b3f12e6018ef7" - integrity sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ== - dependencies: - lru-cache "^6.0.0" - -serialize-error@^7.0.1: - version "7.0.1" - resolved "https://registry.yarnpkg.com/serialize-error/-/serialize-error-7.0.1.tgz#f1360b0447f61ffb483ec4157c737fab7d778e18" - integrity sha512-8I8TjW5KMOKsZQTvoxjuSIa7foAwPWGOts+6o7sgjz41/qMD9VQHEDxi6PBvK2l0MXUmqZyNpUK+T2tQaaElvw== - dependencies: - type-fest "^0.13.1" - -set-blocking@~2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7" - integrity sha1-BF+XgtARrppoA93TgrJDkrPYkPc= - -shebang-command@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/shebang-command/-/shebang-command-2.0.0.tgz#ccd0af4f8835fbdc265b82461aaf0c36663f34ea" - integrity sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA== - dependencies: - shebang-regex "^3.0.0" - -shebang-regex@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-3.0.0.tgz#ae16f1644d873ecad843b0307b143362d4c42172" - integrity sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A== - -signal-exit@^3.0.0, signal-exit@^3.0.2: - version "3.0.7" - resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.7.tgz#a9a1767f8af84155114eaabd73f99273c8f59ad9" - integrity sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ== - -simple-concat@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/simple-concat/-/simple-concat-1.0.1.tgz#f46976082ba35c2263f1c8ab5edfe26c41c9552f" - integrity sha512-cSFtAPtRhljv69IK0hTVZQ+OfE9nePi/rtJmw5UjHeVyVroEqJXP1sFztKUy1qU+xvz3u/sfYJLa947b7nAN2Q== - -simple-get@^3.0.3: - version "3.1.1" - resolved "https://registry.yarnpkg.com/simple-get/-/simple-get-3.1.1.tgz#cc7ba77cfbe761036fbfce3d021af25fc5584d55" - integrity sha512-CQ5LTKGfCpvE1K0n2us+kuMPbk/q0EKl82s4aheV9oXjFEz6W/Y7oQFVJuU6QG77hRT4Ghb5RURteF5vnWjupA== - dependencies: - decompress-response "^4.2.0" - once "^1.3.1" - simple-concat "^1.0.0" - -slash@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/slash/-/slash-3.0.0.tgz#6539be870c165adbd5240220dbe361f1bc4d4634" - integrity sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q== - -slice-ansi@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/slice-ansi/-/slice-ansi-3.0.0.tgz#31ddc10930a1b7e0b67b08c96c2f49b77a789787" - integrity sha512-pSyv7bSTC7ig9Dcgbw9AuRNUb5k5V6oDudjZoMBSr13qpLBG7tB+zgCkARjq7xIUgdz5P1Qe8u+rSGdouOOIyQ== - dependencies: - ansi-styles "^4.0.0" - astral-regex "^2.0.0" - is-fullwidth-code-point "^3.0.0" - -smart-buffer@^4.0.2: - version "4.2.0" - resolved "https://registry.yarnpkg.com/smart-buffer/-/smart-buffer-4.2.0.tgz#6e1d71fa4f18c05f7d0ff216dd16a481d0e8d9ae" - integrity sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg== - -sort-keys-length@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/sort-keys-length/-/sort-keys-length-1.0.1.tgz#9cb6f4f4e9e48155a6aa0671edd336ff1479a188" - integrity sha1-nLb09OnkgVWmqgZx7dM2/xR5oYg= - dependencies: - sort-keys "^1.0.0" - -sort-keys@^1.0.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/sort-keys/-/sort-keys-1.1.2.tgz#441b6d4d346798f1b4e49e8920adfba0e543f9ad" - integrity sha1-RBttTTRnmPG05J6JIK37oOVD+a0= - dependencies: - is-plain-obj "^1.0.0" - -source-map-support@^0.5.19: - version "0.5.21" - resolved "https://registry.yarnpkg.com/source-map-support/-/source-map-support-0.5.21.tgz#04fe7c7f9e1ed2d662233c28cb2b35b9f63f6e4f" - integrity sha512-uBHU3L3czsIyYXKX88fdrGovxdSCoTGDRZ6SYXtSRxLZUzHg5P/66Ht6uoUlHu9EZod+inXhKo3qQgwXUT/y1w== - dependencies: - buffer-from "^1.0.0" - source-map "^0.6.0" - -source-map@^0.6.0, source-map@~0.6.1: - version "0.6.1" - resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.6.1.tgz#74722af32e9614e9c287a8d0bbde48b5e2f1a263" - integrity sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g== - -sprintf-js@^1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.1.2.tgz#da1765262bf8c0f571749f2ad6c26300207ae673" - integrity sha512-VE0SOVEHCk7Qc8ulkWw3ntAzXuqf7S2lvwQaDLRnUeIEaKNQJzV6BwmLKhOqT61aGhfUMrXeaBk+oDGCzvhcug== - -stat-mode@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/stat-mode/-/stat-mode-1.0.0.tgz#68b55cb61ea639ff57136f36b216a291800d1465" - integrity sha512-jH9EhtKIjuXZ2cWxmXS8ZP80XyC3iasQxMDV8jzhNJpfDb7VbQLVW4Wvsxz9QZvzV+G4YoSfBUVKDOyxLzi/sg== - -stream-meter@^1.0.4: - version "1.0.4" - resolved "https://registry.yarnpkg.com/stream-meter/-/stream-meter-1.0.4.tgz#52af95aa5ea760a2491716704dbff90f73afdd1d" - integrity sha1-Uq+Vql6nYKJJFxZwTb/5D3Ov3R0= - dependencies: - readable-stream "^2.1.4" - -string-width@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3" - integrity sha1-EYvfW4zcUaKn5w0hHgfisLmxB9M= - dependencies: - code-point-at "^1.0.0" - is-fullwidth-code-point "^1.0.0" - strip-ansi "^3.0.0" - -"string-width@^1.0.2 || 2 || 3 || 4", string-width@^4.0.0, string-width@^4.1.0, string-width@^4.2.0, string-width@^4.2.2, string-width@^4.2.3: - version "4.2.3" - resolved "https://registry.yarnpkg.com/string-width/-/string-width-4.2.3.tgz#269c7117d27b05ad2e536830a8ec895ef9c6d010" - integrity sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g== - dependencies: - emoji-regex "^8.0.0" - is-fullwidth-code-point "^3.0.0" - strip-ansi "^6.0.1" - -string_decoder@^1.1.1: - version "1.3.0" - resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.3.0.tgz#42f114594a46cf1a8e30b0a84f56c78c3edac21e" - integrity sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA== - dependencies: - safe-buffer "~5.2.0" - -string_decoder@~1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.1.1.tgz#9cf1611ba62685d7030ae9e4ba34149c3af03fc8" - integrity sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg== - dependencies: - safe-buffer "~5.1.0" - -strip-ansi@^3.0.0, strip-ansi@^3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-3.0.1.tgz#6a385fb8853d952d5ff05d0e8aaf94278dc63dcf" - integrity sha1-ajhfuIU9lS1f8F0Oiq+UJ43GPc8= - dependencies: - ansi-regex "^2.0.0" - -strip-ansi@^6.0.0, strip-ansi@^6.0.1: - version "6.0.1" - resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-6.0.1.tgz#9e26c63d30f53443e9489495b2105d37b67a85d9" - integrity sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A== - dependencies: - ansi-regex "^5.0.1" - -strip-json-comments@~2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-2.0.1.tgz#3c531942e908c2697c0ec344858c286c7ca0a60a" - integrity sha1-PFMZQukIwml8DsNEhYwobHygpgo= - -sumchecker@^3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/sumchecker/-/sumchecker-3.0.1.tgz#6377e996795abb0b6d348e9b3e1dfb24345a8e42" - integrity sha512-MvjXzkz/BOfyVDkG0oFOtBxHX2u3gKbMHIF/dXblZsgD3BWOFLmHovIpZY7BykJdAjcqRCBi1WYBNdEC9yI7vg== - dependencies: - debug "^4.1.0" - -supports-color@^5.3.0: - version "5.5.0" - resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-5.5.0.tgz#e2e69a44ac8772f78a1ec0b35b689df6530efc8f" - integrity sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow== - dependencies: - has-flag "^3.0.0" - -supports-color@^7.1.0: - version "7.2.0" - resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-7.2.0.tgz#1b7dcdcb32b8138801b3e478ba6a51caa89648da" - integrity sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw== - dependencies: - has-flag "^4.0.0" - -supports-preserve-symlinks-flag@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz#6eda4bd344a3c94aea376d4cc31bc77311039e09" - integrity sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w== - -tar-fs@^2.0.0, tar-fs@^2.1.1: - version "2.1.1" - resolved "https://registry.yarnpkg.com/tar-fs/-/tar-fs-2.1.1.tgz#489a15ab85f1f0befabb370b7de4f9eb5cbe8784" - integrity sha512-V0r2Y9scmbDRLCNex/+hYzvp/zyYjvFbHPNgVTKfQvVrb6guiE/fxP+XblDNR011utopbkex2nM4dHNV6GDsng== - dependencies: - chownr "^1.1.1" - mkdirp-classic "^0.5.2" - pump "^3.0.0" - tar-stream "^2.1.4" - -tar-stream@^2.1.4: - version "2.2.0" - resolved "https://registry.yarnpkg.com/tar-stream/-/tar-stream-2.2.0.tgz#acad84c284136b060dc3faa64474aa9aebd77287" - integrity sha512-ujeqbceABgwMZxEJnk2HDY2DlnUZ+9oEcb1KzTVfYHio0UE6dG71n60d8D2I4qNvleWrrXpmjpt7vZeF1LnMZQ== - dependencies: - bl "^4.0.3" - end-of-stream "^1.4.1" - fs-constants "^1.0.0" - inherits "^2.0.3" - readable-stream "^3.1.1" - -temp-file@^3.4.0: - version "3.4.0" - resolved "https://registry.yarnpkg.com/temp-file/-/temp-file-3.4.0.tgz#766ea28911c683996c248ef1a20eea04d51652c7" - integrity sha512-C5tjlC/HCtVUOi3KWVokd4vHVViOmGjtLwIh4MuzPo/nMYTV/p1urt3RnMz2IWXDdKEGJH3k5+KPxtqRsUYGtg== - dependencies: - async-exit-hook "^2.0.1" - fs-extra "^10.0.0" - -tmp-promise@^3.0.2: - version "3.0.3" - resolved "https://registry.yarnpkg.com/tmp-promise/-/tmp-promise-3.0.3.tgz#60a1a1cc98c988674fcbfd23b6e3367bdeac4ce7" - integrity sha512-RwM7MoPojPxsOBYnyd2hy0bxtIlVrihNs9pj5SUvY8Zz1sQcQG2tG1hSr8PDxfgEB8RNKDhqbIlroIarSNDNsQ== - dependencies: - tmp "^0.2.0" - -tmp@^0.2.0: - version "0.2.1" - resolved "https://registry.yarnpkg.com/tmp/-/tmp-0.2.1.tgz#8457fc3037dcf4719c251367a1af6500ee1ccf14" - integrity sha512-76SUhtfqR2Ijn+xllcI5P1oyannHNHByD80W1q447gU3mp9G9PSpGdWmjUOHRDPiHYacIk66W7ubDTuPF3BEtQ== - dependencies: - rimraf "^3.0.0" - -to-fast-properties@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/to-fast-properties/-/to-fast-properties-2.0.0.tgz#dc5e698cbd079265bc73e0377681a4e4e83f616e" - integrity sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4= - -to-readable-stream@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/to-readable-stream/-/to-readable-stream-1.0.0.tgz#ce0aa0c2f3df6adf852efb404a783e77c0475771" - integrity sha512-Iq25XBt6zD5npPhlLVXGFN3/gyR2/qODcKNNyTMd4vbm39HUaOiAM4PMq0eMVC/Tkxz+Zjdsc55g9yyz+Yq00Q== - -to-regex-range@^5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/to-regex-range/-/to-regex-range-5.0.1.tgz#1648c44aae7c8d988a326018ed72f5b4dd0392e4" - integrity sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ== - dependencies: - is-number "^7.0.0" - -tr46@~0.0.3: - version "0.0.3" - resolved "https://registry.yarnpkg.com/tr46/-/tr46-0.0.3.tgz#8184fd347dac9cdc185992f3a6622e14b9d9ab6a" - integrity sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o= - -truncate-utf8-bytes@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/truncate-utf8-bytes/-/truncate-utf8-bytes-1.0.2.tgz#405923909592d56f78a5818434b0b78489ca5f2b" - integrity sha1-QFkjkJWS1W94pYGENLC3hInKXys= - dependencies: - utf8-byte-length "^1.0.1" - -tslib@2.3.1: - version "2.3.1" - resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.3.1.tgz#e8a335add5ceae51aa261d32a490158ef042ef01" - integrity sha512-77EbyPPpMz+FRFRuAFlWMtmgUWGe9UOG2Z25NqCwiIjRhOf5iKGuzSe5P2w1laq+FkRy4p+PCuVkJSGkzTEKVw== - -tunnel-agent@^0.6.0: - version "0.6.0" - resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.6.0.tgz#27a5dea06b36b04a0a9966774b290868f0fc40fd" - integrity sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0= - dependencies: - safe-buffer "^5.0.1" - -tunnel@^0.0.6: - version "0.0.6" - resolved "https://registry.yarnpkg.com/tunnel/-/tunnel-0.0.6.tgz#72f1314b34a5b192db012324df2cc587ca47f92c" - integrity sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg== - -type-check@~0.3.2: - version "0.3.2" - resolved "https://registry.yarnpkg.com/type-check/-/type-check-0.3.2.tgz#5884cab512cf1d355e3fb784f30804b2b520db72" - integrity sha1-WITKtRLPHTVeP7eE8wgEsrUg23I= - dependencies: - prelude-ls "~1.1.2" - -type-fest@^0.13.1: - version "0.13.1" - resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.13.1.tgz#0172cb5bce80b0bd542ea348db50c7e21834d934" - integrity sha512-34R7HTnG0XIJcBSn5XhDd7nNFPRcXYRZrBB2O2jdKqYODldSzBAqzsWoZYYvduky73toYS/ESqxPvkDf/F0XMg== - -type-fest@^0.20.2: - version "0.20.2" - resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.20.2.tgz#1bf207f4b28f91583666cb5fbd327887301cd5f4" - integrity sha512-Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ== - -typedarray-to-buffer@^3.1.5: - version "3.1.5" - resolved "https://registry.yarnpkg.com/typedarray-to-buffer/-/typedarray-to-buffer-3.1.5.tgz#a97ee7a9ff42691b9f783ff1bc5112fe3fca9080" - integrity sha512-zdu8XMNEDepKKR+XYOXAVPtWui0ly0NtohUscw+UmaHiAWT8hrV1rr//H6V+0DvJ3OQ19S979M0laLfX8rm82Q== - dependencies: - is-typedarray "^1.0.0" - -typedarray@^0.0.6: - version "0.0.6" - resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" - integrity sha512-/aCDEGatGvZ2BIk+HmLf4ifCJFwvKFNb9/JeZPMulfgFracn9QFcAf5GO8B/mweUjSoblS5In0cWhqpfs/5PQA== - -unique-string@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/unique-string/-/unique-string-2.0.0.tgz#39c6451f81afb2749de2b233e3f7c5e8843bd89d" - integrity sha512-uNaeirEPvpZWSgzwsPGtU2zVSTrn/8L5q/IexZmH0eH6SA73CmAA5U4GwORTxQAZs95TAXLNqeLoPPNO5gZfWg== - dependencies: - crypto-random-string "^2.0.0" - -universalify@^0.1.0: - version "0.1.2" - resolved "https://registry.yarnpkg.com/universalify/-/universalify-0.1.2.tgz#b646f69be3942dabcecc9d6639c80dc105efaa66" - integrity sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg== - -universalify@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/universalify/-/universalify-2.0.0.tgz#75a4984efedc4b08975c5aeb73f530d02df25717" - integrity sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ== - -unused-filename@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/unused-filename/-/unused-filename-2.1.0.tgz#33719c4e8d9644f32d2dec1bc8525c6aaeb4ba51" - integrity sha512-BMiNwJbuWmqCpAM1FqxCTD7lXF97AvfQC8Kr/DIeA6VtvhJaMDupZ82+inbjl5yVP44PcxOuCSxye1QMS0wZyg== - dependencies: - modify-filename "^1.1.0" - path-exists "^4.0.0" - -update-notifier@^5.1.0: - version "5.1.0" - resolved "https://registry.yarnpkg.com/update-notifier/-/update-notifier-5.1.0.tgz#4ab0d7c7f36a231dd7316cf7729313f0214d9ad9" - integrity sha512-ItnICHbeMh9GqUy31hFPrD1kcuZ3rpxDZbf4KUDavXwS0bW5m7SLbDQpGX3UYr072cbrF5hFUs3r5tUsPwjfHw== - dependencies: - boxen "^5.0.0" - chalk "^4.1.0" - configstore "^5.0.1" - has-yarn "^2.1.0" - import-lazy "^2.1.0" - is-ci "^2.0.0" - is-installed-globally "^0.4.0" - is-npm "^5.0.0" - is-yarn-global "^0.3.0" - latest-version "^5.1.0" - pupa "^2.1.1" - semver "^7.3.4" - semver-diff "^3.1.1" - xdg-basedir "^4.0.0" - -uri-js@^4.2.2: - version "4.4.1" - resolved "https://registry.yarnpkg.com/uri-js/-/uri-js-4.4.1.tgz#9b1a52595225859e55f669d928f88c6c57f2a77e" - integrity sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg== - dependencies: - punycode "^2.1.0" - -url-parse-lax@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/url-parse-lax/-/url-parse-lax-3.0.0.tgz#16b5cafc07dbe3676c1b1999177823d6503acb0c" - integrity sha512-NjFKA0DidqPa5ciFcSrXnAltTtzz84ogy+NebPvfEgAck0+TNg4UJ4IN+fB7zRZfbgUf0syOo9MDxFkDSMuFaQ== - dependencies: - prepend-http "^2.0.0" - -utf8-byte-length@^1.0.1: - version "1.0.4" - resolved "https://registry.yarnpkg.com/utf8-byte-length/-/utf8-byte-length-1.0.4.tgz#f45f150c4c66eee968186505ab93fcbb8ad6bf61" - integrity sha1-9F8VDExm7uloGGUFq5P8u4rWv2E= - -util-deprecate@^1.0.1, util-deprecate@~1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" - integrity sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8= - -verror@^1.10.0: - version "1.10.1" - resolved "https://registry.yarnpkg.com/verror/-/verror-1.10.1.tgz#4bf09eeccf4563b109ed4b3d458380c972b0cdeb" - integrity sha512-veufcmxri4e3XSrT0xwfUR7kguIkaxBeosDg00yDWhk49wdwkSUrvvsm7nc75e1PUyvIeZj6nS8VQRYz2/S4Xg== - dependencies: - assert-plus "^1.0.0" - core-util-is "1.0.2" - extsprintf "^1.2.0" - -webidl-conversions@^3.0.0: - version "3.0.1" - resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-3.0.1.tgz#24534275e2a7bc6be7bc86611cc16ae0a5654871" - integrity sha1-JFNCdeKnvGvnvIZhHMFq4KVlSHE= - -whatwg-url@^5.0.0: - version "5.0.0" - resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-5.0.0.tgz#966454e8765462e37644d3626f6742ce8b70965d" - integrity sha1-lmRU6HZUYuN2RNNib2dCzotwll0= - dependencies: - tr46 "~0.0.3" - webidl-conversions "^3.0.0" - -which@^2.0.1: - version "2.0.2" - resolved "https://registry.yarnpkg.com/which/-/which-2.0.2.tgz#7c6a8dd0a636a0327e10b59c9286eee93f3f51b1" - integrity sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA== - dependencies: - isexe "^2.0.0" - -wide-align@^1.1.0: - version "1.1.5" - resolved "https://registry.yarnpkg.com/wide-align/-/wide-align-1.1.5.tgz#df1d4c206854369ecf3c9a4898f1b23fbd9d15d3" - integrity sha512-eDMORYaPNZ4sQIuuYPDHdQvf4gyCF9rEEV/yPxGfwPkRodwEgiMUUXTx/dex+Me0wxx53S+NgUHaP7y3MGlDmg== - dependencies: - string-width "^1.0.2 || 2 || 3 || 4" - -widest-line@^3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/widest-line/-/widest-line-3.1.0.tgz#8292333bbf66cb45ff0de1603b136b7ae1496eca" - integrity sha512-NsmoXalsWVDMGupxZ5R08ka9flZjjiLvHVAWYOKtiKM8ujtZWr9cRffak+uSE48+Ob8ObalXpwyeUiyDD6QFgg== - dependencies: - string-width "^4.0.0" - -word-wrap@~1.2.3: - version "1.2.3" - resolved "https://registry.yarnpkg.com/word-wrap/-/word-wrap-1.2.3.tgz#610636f6b1f703891bd34771ccb17fb93b47079c" - integrity sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ== - -wrap-ansi@^7.0.0: - version "7.0.0" - resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-7.0.0.tgz#67e145cff510a6a6984bdf1152911d69d2eb9e43" - integrity sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q== - dependencies: - ansi-styles "^4.0.0" - string-width "^4.1.0" - strip-ansi "^6.0.0" - -wrappy@1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f" - integrity sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ== - -write-file-atomic@^3.0.0: - version "3.0.3" - resolved "https://registry.yarnpkg.com/write-file-atomic/-/write-file-atomic-3.0.3.tgz#56bd5c5a5c70481cd19c571bd39ab965a5de56e8" - integrity sha512-AvHcyZ5JnSfq3ioSyjrBkH9yW4m7Ayk8/9My/DD9onKeu/94fwrMocemO2QAJFAlnnDN+ZDS+ZjAR5ua1/PV/Q== - dependencies: - imurmurhash "^0.1.4" - is-typedarray "^1.0.0" - signal-exit "^3.0.2" - typedarray-to-buffer "^3.1.5" - -xdg-basedir@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/xdg-basedir/-/xdg-basedir-4.0.0.tgz#4bc8d9984403696225ef83a1573cbbcb4e79db13" - integrity sha512-PSNhEJDejZYV7h50BohL09Er9VaIefr2LMAf3OEmpCkjOi34eYyQYAXUTjEQtZJTKcF0E2UKTh+osDLsgNim9Q== - -xmlbuilder@>=11.0.1: - version "15.1.1" - resolved "https://registry.yarnpkg.com/xmlbuilder/-/xmlbuilder-15.1.1.tgz#9dcdce49eea66d8d10b42cae94a79c3c8d0c2ec5" - integrity sha512-yMqGBqtXyeN1e3TGYvgNgDVZ3j84W4cwkOXQswghol6APgZWaff9lnbvN7MHYJOiXsvGPXtjTYJEiC9J2wv9Eg== - -xmlbuilder@^9.0.7: - version "9.0.7" - resolved "https://registry.yarnpkg.com/xmlbuilder/-/xmlbuilder-9.0.7.tgz#132ee63d2ec5565c557e20f4c22df9aca686b10d" - integrity sha1-Ey7mPS7FVlxVfiD0wi35rKaGsQ0= - -y18n@^5.0.5: - version "5.0.8" - resolved "https://registry.yarnpkg.com/y18n/-/y18n-5.0.8.tgz#7f4934d0f7ca8c56f95314939ddcd2dd91ce1d55" - integrity sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA== - -yallist@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/yallist/-/yallist-4.0.0.tgz#9bb92790d9c0effec63be73519e11a35019a3a72" - integrity sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A== - -yargs-parser@^20.2.2: - version "20.2.9" - resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-20.2.9.tgz#2eb7dc3b0289718fc295f362753845c41a0c94ee" - integrity sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w== - -yargs-parser@^21.0.0: - version "21.0.1" - resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-21.0.1.tgz#0267f286c877a4f0f728fceb6f8a3e4cb95c6e35" - integrity sha512-9BK1jFpLzJROCI5TzwZL/TU4gqjK5xiHV/RfWLOahrjAko/e4DJkRDZQXfvqAsiZzzYhgAzbgz6lg48jcm4GLg== - -yargs@^16.2.0: - version "16.2.0" - resolved "https://registry.yarnpkg.com/yargs/-/yargs-16.2.0.tgz#1c82bf0f6b6a66eafce7ef30e376f49a12477f66" - integrity sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw== - dependencies: - cliui "^7.0.2" - escalade "^3.1.1" - get-caller-file "^2.0.5" - require-directory "^2.1.1" - string-width "^4.2.0" - y18n "^5.0.5" - yargs-parser "^20.2.2" - -yargs@^17.0.1, yargs@^17.3.0: - version "17.3.1" - resolved "https://registry.yarnpkg.com/yargs/-/yargs-17.3.1.tgz#da56b28f32e2fd45aefb402ed9c26f42be4c07b9" - integrity sha512-WUANQeVgjLbNsEmGk20f+nlHgOqzRFpiGWVaBrYGYIGANIIu3lWjoyi0fNlFmJkvfhCZ6BXINe7/W2O2bV4iaA== - dependencies: - cliui "^7.0.2" - escalade "^3.1.1" - get-caller-file "^2.0.5" - require-directory "^2.1.1" - string-width "^4.2.3" - y18n "^5.0.5" - yargs-parser "^21.0.0" - -yauzl@^2.10.0: - version "2.10.0" - resolved "https://registry.yarnpkg.com/yauzl/-/yauzl-2.10.0.tgz#c7eb17c93e112cb1086fa6d8e51fb0667b79a5f9" - integrity sha512-p4a9I6X6nu6IhoGmBqAcbJy1mlC4j27vEPZX9F4L4/vZT3Lyq1VkFHw/V/PUcB9Buo+DG3iHkT0x3Qya58zc3g== - dependencies: - buffer-crc32 "~0.2.3" - fd-slicer "~1.1.0" -- 2.47.1 From a0e9336337f8a5b586b295e29d7d13576ba884f7 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 7 Oct 2022 10:55:53 +0200 Subject: [PATCH 0490/1882] add mastodon cleanup systemd timer --- nixos/hosts/hades/mastodon/configuration.nix | 31 +++++++++++++++++++- 1 file changed, 30 insertions(+), 1 deletion(-) diff --git a/nixos/hosts/hades/mastodon/configuration.nix b/nixos/hosts/hades/mastodon/configuration.nix index f352b05f..77840daa 100644 --- a/nixos/hosts/hades/mastodon/configuration.nix +++ b/nixos/hosts/hades/mastodon/configuration.nix @@ -18,7 +18,7 @@ in }; vault-secrets.secrets.mastodon = { - services = [ "mastodon-init-dirs" "mastodon" ]; + services = [ "mastodon-init-dirs" "mastodon" "mastodon-media-prune" ]; user = cfg.user; group = cfg.group; }; @@ -92,6 +92,35 @@ in }; }; + # https://github.com/NixOS/nixpkgs/issues/116418#issuecomment-799517120 + systemd.services.mastodon-media-prune = + let + cfg = config.services.mastodon; + in + { + description = "Mastodon media prune"; + environment = lib.filterAttrs (n: _: n != "PATH") config.systemd.services.mastodon-web.environment; + serviceConfig = { + Type = "oneshot"; + # Remove remote media attachments older than one month. + ExecStart = "${cfg.package}/bin/tootctl media remove --days=30"; + User = cfg.user; + Group = cfg.group; + EnvironmentFile = "/var/lib/mastodon/.secrets_env"; + PrivateTmp = true; + }; + }; + + systemd.timers.mastodon-media-prune = { + description = "Mastodon media prune"; + wantedBy = [ "timers.target" ]; + timerConfig = { + OnCalendar = "*-*-* 00:00:00"; # every day + Unit = "mastodon-media-prune.service"; + AccuracySec = "60s"; + }; + }; + networking.firewall = let cfg = config.services.mastodon; in { allowedTCPPorts = [ cfg.streamingPort cfg.webPort ]; }; -- 2.47.1 From d0e447ab3354cf6863bde9290bda3f2d383eece0 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 7 Oct 2022 11:13:12 +0200 Subject: [PATCH 0491/1882] flake update --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 5527c1e9..743098b3 100644 --- a/flake.lock +++ b/flake.lock @@ -420,11 +420,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1664983332, - "narHash": "sha256-KyQvgFRwk3qW3Qr+lO5UDqfpST/HaCJY1yB7wPgPUqo=", + "lastModified": 1665119273, + "narHash": "sha256-neL/ZRrwk47Ke1nfjk8ltlIm+NRZyA3MBcNbqEGSBeE=", "owner": "nix-community", "repo": "home-manager", - "rev": "1a8e35d2e53ed2ccd9818fad9c9478d56c655661", + "rev": "9fcae11ff29ca5f959b05c206f3724486c28ff07", "type": "github" }, "original": { @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1665044765, - "narHash": "sha256-/ubu4NLIxQmKoD4al6L8qFE74FbFWmIrtjwwnyOYv0A=", + "lastModified": 1665132361, + "narHash": "sha256-zoz9SOBSB85f5QKBigdMIBgpnychSvN69YvK1LuNIsQ=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "d7ef19e2e745c2184fcf5c2ce6ac4208d6a81594", + "rev": "fd379db8466985edb9ed43823f05372f8b81f058", "type": "github" }, "original": { @@ -667,11 +667,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1664780719, - "narHash": "sha256-Oxe6la5dSqRfJogjtY4sRzJjDDqvroJIVkcGEOT87MA=", + "lastModified": 1664989420, + "narHash": "sha256-Q8IxomUjjmewsoJgO3htkXLfCckQ7HkDJ/ZhdYVf/fA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "fd54651f5ffb4a36e8463e0c327a78442b26cbe7", + "rev": "37bd39839acf99c5b738319f42478296f827f274", "type": "github" }, "original": { @@ -826,11 +826,11 @@ ] }, "locked": { - "lastModified": 1664896222, - "narHash": "sha256-jaK5TW4W5hEif/4lpoMRSr/8oWapGVc/ac7X5DPYYv4=", + "lastModified": 1665068743, + "narHash": "sha256-G1F6wrX2EwSfmqip19WUYdfPRDFv4WdMxNNYzW5u1JU=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "25b8d0dfdeaa9f325737b704285b2738223b8c3d", + "rev": "a54624ac12aa2c125d8891d124519fba17aa2016", "type": "github" }, "original": { @@ -1086,11 +1086,11 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1664816798, - "narHash": "sha256-oLJyFT1Fc4UNNaDSN+EYUAWL4CufCBpuS5AV4Z4XANo=", + "lastModified": 1663507239, + "narHash": "sha256-LISZtkPVe8lQ2N8YwVe+KxCkXWLP9mdw6Q2kG93wE8A=", "owner": "wlroots", "repo": "wlroots", - "rev": "50cc1ef4d3791d86854dd83c15fff17e5ea1a5b6", + "rev": "2ad25b1460400e66ea26bd6489b04072be7d9dbb", "type": "gitlab" }, "original": { -- 2.47.1 From 378c11e358af9c276661a86224f2c7401119ed84 Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 8 Oct 2022 12:05:42 +0200 Subject: [PATCH 0492/1882] flake update --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 743098b3..df3ef1cc 100644 --- a/flake.lock +++ b/flake.lock @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1665132361, - "narHash": "sha256-zoz9SOBSB85f5QKBigdMIBgpnychSvN69YvK1LuNIsQ=", + "lastModified": 1665177900, + "narHash": "sha256-KP+RgRkxnhZVRbSLitM8POjwU5/j05/kmqxhm73jBZM=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "fd379db8466985edb9ed43823f05372f8b81f058", + "rev": "1964bcb13f770b8344510549aa9924fe908bac60", "type": "github" }, "original": { @@ -550,11 +550,11 @@ "utils": "utils_5" }, "locked": { - "lastModified": 1665020519, - "narHash": "sha256-1DdFTskxpBw/McAuNNvUkWpNtSN1tUywpsBjNfsSBLY=", + "lastModified": 1665192597, + "narHash": "sha256-DwkIhS0UpQFmRa0t7tM9crqxlEziId0KauD7SE53iH0=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "d34bbd2bbb2afb2f43365238c218f97365686742", + "rev": "a65b27bacdc4aa491d7c6bca23f47d38d2aaa7f9", "type": "github" }, "original": { @@ -698,11 +698,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1665049962, - "narHash": "sha256-d3KxQQyrq0YXwoDFHXaIsCSB9ZNMwnAJjChO85j4kZE=", + "lastModified": 1665178447, + "narHash": "sha256-hsyzO+NW0K3+D99bPDGnxrm5ZJ81/mpi9RExrh+0qto=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "581a16b4db39d6ead5dba08ebe9405a9e4b19d94", + "rev": "003c42c4832d41b4fafa8f496305994aaeabeecc", "type": "github" }, "original": { @@ -826,11 +826,11 @@ ] }, "locked": { - "lastModified": 1665068743, - "narHash": "sha256-G1F6wrX2EwSfmqip19WUYdfPRDFv4WdMxNNYzW5u1JU=", + "lastModified": 1665162504, + "narHash": "sha256-YDeDDSiwwuN4tuI+0GAcMKzimKSt7sJOtBZITzJGfuY=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "a54624ac12aa2c125d8891d124519fba17aa2016", + "rev": "c2ceedca74e2f388aec6edaa6259a1b94fe07fc3", "type": "github" }, "original": { -- 2.47.1 From 887e408d9a02a3d85fd713c2bc03e09f717b713e Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 8 Oct 2022 12:27:56 +0200 Subject: [PATCH 0493/1882] fixed vscode hash --- nixos/pkgs/vscode-extensions/platformio.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/nixos/pkgs/vscode-extensions/platformio.nix b/nixos/pkgs/vscode-extensions/platformio.nix index d696d57b..dc9ddada 100644 --- a/nixos/pkgs/vscode-extensions/platformio.nix +++ b/nixos/pkgs/vscode-extensions/platformio.nix @@ -1,12 +1,10 @@ { vscode-utils, lib }: let inherit (vscode-utils) buildVscodeMarketplaceExtension; in buildVscodeMarketplaceExtension { - # TODO: Auto install settings: `"platformio-ide.useBuiltinPIOCore": false` mktplcRef = { name = "platformio-ide"; publisher = "platformio"; version = "2.5.4"; - sha256 = "sha256-/vBdZ6Mu1KlF+glqp5CNt9WeK1ECqfaivCnK8TisChg="; + sha256 = "sha256-KbXlegQSLjMCVotR1mU/CDiaQMKLLSX+nnbRJgdFTz8="; }; - # meta = { license = lib.licenses.apache; }; } -- 2.47.1 From 2ac0583544dce14f186cf7f04edcc522c239f4ce Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 8 Oct 2022 12:35:20 +0200 Subject: [PATCH 0494/1882] simplify deemix-gui --- nixos/pkgs/deemix-gui/default.nix | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/nixos/pkgs/deemix-gui/default.nix b/nixos/pkgs/deemix-gui/default.nix index 71661d45..c4a7a65a 100644 --- a/nixos/pkgs/deemix-gui/default.nix +++ b/nixos/pkgs/deemix-gui/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, appimageTools, makeWrapper, electron, xorg, pipewire }: +{ lib, stdenv, fetchurl, appimageTools, makeWrapper, electron }: stdenv.mkDerivation rec { pname = "deemix-gui"; @@ -33,13 +33,8 @@ stdenv.mkDerivation rec { ''; postFixup = '' - makeWrapper ${electron}/bin/electron $out/bin/${pname} \ - --add-flags $out/share/${pname}/resources/app.asar \ - --prefix LD_LIBRARY_PATH : "${ - lib.makeLibraryPath [ stdenv.cc.cc xorg.libXtst pipewire ] - }" \ - --add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--ozone-platform-hint=auto --enable-features=WaylandWindowDecorations}}" + makeWrapper ${electron}/bin/electron $out/bin/${pname} --add-flags $out/share/${pname}/resources/app.asar ''; - meta = with lib; { platforms = [ "x86_64-linux" ]; }; + meta = { platforms = [ "x86_64-linux" ]; }; } -- 2.47.1 From 7f7121aad6df3fb47361f9b2a4cbc5be0eed6b23 Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 8 Oct 2022 16:34:25 +0200 Subject: [PATCH 0495/1882] add iso --- .github/workflows/nixos.yml | 22 +++++++++++ flake.lock | 37 +++++++++++++++++++ flake.nix | 16 +++++++- nixos/.gitignore | 1 - nixos/hosts/thalassa/null/configuration.nix | 2 + .../thalassa/null/hardware-configuration.nix | 4 +- nixos/iso.nix | 11 ++++++ util.nix => nixos/util.nix | 0 8 files changed, 90 insertions(+), 3 deletions(-) delete mode 100644 nixos/.gitignore create mode 100644 nixos/iso.nix rename util.nix => nixos/util.nix (100%) diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index 615e8a2e..a8f8948c 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -5,6 +5,28 @@ on: branches: [main] jobs: + build-iso: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2.3.2 + + - name: "Install Nix ❄️" + uses: cachix/install-nix-action@v15 + + - name: "Install Cachix ❄️" + uses: cachix/cachix-action@v10 + with: + name: 0x76-infra + authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" + + - name: "Check NixOS Flake ❄️" + run: | + nix build '.#iso' + - uses: actions/upload-artifact@v3 + with: + name: nixos-iso + retention-days: 3 + path: result/iso/*.iso build-null: runs-on: ubuntu-latest steps: diff --git a/flake.lock b/flake.lock index df3ef1cc..ca48fde5 100644 --- a/flake.lock +++ b/flake.lock @@ -665,6 +665,42 @@ "type": "indirect" } }, + "nixlib": { + "locked": { + "lastModified": 1636849918, + "narHash": "sha256-nzUK6dPcTmNVrgTAC1EOybSMsrcx+QrVPyqRdyKLkjA=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "28a5b0557f14124608db68d3ee1f77e9329e9dd5", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, + "nixos-generators": { + "inputs": { + "nixlib": "nixlib", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1660727616, + "narHash": "sha256-zYTIvdPMYMx/EYqXODAwIIU30RiEHqNHdgarIHuEYZc=", + "owner": "nix-community", + "repo": "nixos-generators", + "rev": "adccd191a0e83039d537e021f19495b7bad546a1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixos-generators", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1664989420, @@ -848,6 +884,7 @@ "hyprpaper": "hyprpaper", "mailserver": "mailserver", "minecraft-servers": "minecraft-servers", + "nixos-generators": "nixos-generators", "nixpkgs": "nixpkgs_2", "riff": "riff", "serokell-nix": "serokell-nix", diff --git a/flake.nix b/flake.nix index f619bc8b..ec0fef59 100644 --- a/flake.nix +++ b/flake.nix @@ -37,6 +37,11 @@ mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver"; mailserver.inputs.nixpkgs.follows = "nixpkgs"; + + nixos-generators = { + url = "github:nix-community/nixos-generators"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; outputs = @@ -49,13 +54,14 @@ , home-manager , hyprpaper , hyprland + , nixos-generators , ... } @ inputs: let inherit (nixpkgs) lib; inherit (builtins) mapAttrs; - util = import ./util.nix inputs; + util = import ./nixos/util.nix inputs; system = "x86_64-linux"; # import and add realm to list of tags @@ -103,6 +109,14 @@ packages.${system} = { default = colmena.packages.${system}.colmena; apply-local = apply-local; + + iso = nixos-generators.nixosGenerate { + inherit system pkgs; + format = "iso"; + modules = [ + (import ./nixos/iso.nix) + ]; + }; }; # Use by running `nix develop` diff --git a/nixos/.gitignore b/nixos/.gitignore deleted file mode 100644 index 1cd791b5..00000000 --- a/nixos/.gitignore +++ /dev/null @@ -1 +0,0 @@ -result/ diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 3426b442..f0ab3580 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -88,6 +88,8 @@ in { services.gnome.gnome-keyring.enable = true; fileSystems."/".options = [ "compress=zstd" ]; + fileSystems."/home".options = [ "compress=zstd" ]; + # Filesystem dedup services.beesd.filesystems = { root = { diff --git a/nixos/hosts/thalassa/null/hardware-configuration.nix b/nixos/hosts/thalassa/null/hardware-configuration.nix index 2b682312..527975b8 100644 --- a/nixos/hosts/thalassa/null/hardware-configuration.nix +++ b/nixos/hosts/thalassa/null/hardware-configuration.nix @@ -8,7 +8,7 @@ [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "rtsx_pci_sdmmc" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; @@ -31,8 +31,10 @@ # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; + # networking.interfaces.wg0.useDHCP = lib.mkDefault true; # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/nixos/iso.nix b/nixos/iso.nix new file mode 100644 index 00000000..40e82839 --- /dev/null +++ b/nixos/iso.nix @@ -0,0 +1,11 @@ +{ pkgs, modulesPath, lib, ... }: { + imports = [ + "${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix" + ]; + + # use the latest Linux kernel + boot.kernelPackages = pkgs.linuxPackages_latest; + + # Needed for https://github.com/NixOS/nixpkgs/issues/58959 + boot.supportedFilesystems = lib.mkForce [ "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "ntfs" "cifs" ]; +} diff --git a/util.nix b/nixos/util.nix similarity index 100% rename from util.nix rename to nixos/util.nix -- 2.47.1 From 743d86da5b6cb500146ff5e141c6f7b27af7ed87 Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 8 Oct 2022 17:05:22 +0200 Subject: [PATCH 0496/1882] fix nix errors --- .github/workflows/nixos.yml | 2 +- nixos/common/users/default.nix | 1 + nixos/hosts/olympus/bastion/configuration.nix | 2 +- nixos/util.nix | 8 ++++---- 4 files changed, 7 insertions(+), 6 deletions(-) diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index a8f8948c..a69769e3 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -19,7 +19,7 @@ jobs: name: 0x76-infra authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" - - name: "Check NixOS Flake ❄️" + - name: "Build NixOS ISO ❄️" run: | nix build '.#iso' - uses: actions/upload-artifact@v3 diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index e782347c..d004e5f8 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -47,6 +47,7 @@ helix htop ncdu + psmisc ripgrep rsync zoxide diff --git a/nixos/hosts/olympus/bastion/configuration.nix b/nixos/hosts/olympus/bastion/configuration.nix index c79003f1..af23838e 100644 --- a/nixos/hosts/olympus/bastion/configuration.nix +++ b/nixos/hosts/olympus/bastion/configuration.nix @@ -34,7 +34,7 @@ in { # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "21.05"; # Did you read the comment? + system.stateVersion = "22.11"; # Did you read the comment? virtualisation.podman = { enable = true; diff --git a/nixos/util.nix b/nixos/util.nix index ed5cbfcf..ce8649b4 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -10,10 +10,10 @@ let import_cases = { "lxc" = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" - ./nixos/common/generic-lxc.nix + ./common/generic-lxc.nix ]; "vm" = [ - ./nixos/common/generic-vm.nix + ./common/generic-vm.nix ]; "local" = [ home-manager.nixosModules.home-manager @@ -23,8 +23,8 @@ let in { hostname, realm, profile ? hostname, type ? "lxc", ... }: [ mailserver.nixosModules.mailserver - ./nixos/common - "${./.}/nixos/hosts/${realm}/${profile}/configuration.nix" + ./common + "${./.}/hosts/${realm}/${profile}/configuration.nix" ] ++ import_cases.${type}; in { -- 2.47.1 From ebdbdacba49798ef6df91f3c4b3a44cc646a6c11 Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 8 Oct 2022 21:38:55 +0200 Subject: [PATCH 0497/1882] rescue boot --- nixos/hosts/olympus/bastion/configuration.nix | 5 +-- .../olympus/mailserver/configuration.nix | 3 -- nixos/hosts/thalassa/null/configuration.nix | 4 ++- .../thalassa/null/hardware-configuration.nix | 14 +++++++- nixos/hosts/thalassa/null/rescue-boot.nix | 33 +++++++++++++++++++ nixos/iso.nix | 4 +++ 6 files changed, 54 insertions(+), 9 deletions(-) create mode 100644 nixos/hosts/thalassa/null/rescue-boot.nix diff --git a/nixos/hosts/olympus/bastion/configuration.nix b/nixos/hosts/olympus/bastion/configuration.nix index af23838e..e1fa0cdc 100644 --- a/nixos/hosts/olympus/bastion/configuration.nix +++ b/nixos/hosts/olympus/bastion/configuration.nix @@ -36,9 +36,7 @@ in { # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.11"; # Did you read the comment? - virtualisation.podman = { - enable = true; - }; + virtualisation.podman.enable = true; # Additional packages environment.systemPackages = with pkgs; [ @@ -52,7 +50,6 @@ in { nixpkgs-fmt nixpkgs-review ripgrep - rnix-lsp rsync tmux vault diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index 780413f5..6cc3f261 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -15,9 +15,6 @@ let vs = config.vault-secrets.secrets; in # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.11"; # Did you read the comment? - # Additional packages - environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ 80 443 ]; # needed as the mailserver configures its down DNS resolver diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index f0ab3580..342b3efb 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -34,6 +34,7 @@ in { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix + ./rescue-boot.nix ./networking.nix ]; @@ -80,7 +81,7 @@ in { kernelPackages = pkgs.linuxPackages_latest; loader.systemd-boot.editor = false; loader.systemd-boot.enable = true; - loader.systemd-boot.configurationLimit = 6; + # loader.systemd-boot.configurationLimit = 6; loader.efi.canTouchEfiVariables = true; loader.efi.efiSysMountPoint = "/boot/efi"; }; @@ -89,6 +90,7 @@ in { fileSystems."/".options = [ "compress=zstd" ]; fileSystems."/home".options = [ "compress=zstd" ]; + fileSystems."/nix".options = [ "compress=zstd" "noatime" ]; # Filesystem dedup services.beesd.filesystems = { diff --git a/nixos/hosts/thalassa/null/hardware-configuration.nix b/nixos/hosts/thalassa/null/hardware-configuration.nix index 527975b8..79e4113e 100644 --- a/nixos/hosts/thalassa/null/hardware-configuration.nix +++ b/nixos/hosts/thalassa/null/hardware-configuration.nix @@ -19,8 +19,20 @@ options = [ "subvol=@" ]; }; + fileSystems."/nix" = + { device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c"; + fsType = "btrfs"; + options = [ "subvol=@/nix" ]; + }; + + fileSystems."/home" = + { device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c"; + fsType = "btrfs"; + options = [ "subvol=@home" ]; + }; + fileSystems."/boot/efi" = - { device = "/dev/disk/by-uuid/445C-AF67"; + { device = "/dev/disk/by-uuid/D478-6F66"; fsType = "vfat"; }; diff --git a/nixos/hosts/thalassa/null/rescue-boot.nix b/nixos/hosts/thalassa/null/rescue-boot.nix new file mode 100644 index 00000000..1234042c --- /dev/null +++ b/nixos/hosts/thalassa/null/rescue-boot.nix @@ -0,0 +1,33 @@ +{ pkgs, ... }: +let + netboot = import (pkgs.path + "/nixos/lib/eval-config.nix") { + inherit (pkgs) system; + modules = [ + (pkgs.path + "/nixos/modules/installer/netboot/netboot-minimal.nix") + module + ]; + }; + module = { + system.stateVersion = "22.11"; + boot.supportedFilesystems = [ "btrfs" "ext4" ]; + environment.systemPackages = with pkgs; [ + git + ]; + }; +in { + boot.loader.systemd-boot = { + extraEntries = { + "rescue.conf" = '' + title Rescue Boot + linux /rescue-kernel + initrd /rescue-initrd + options init=${netboot.config.system.build.toplevel}/init ${toString netboot.config.boot.kernelParams} + ''; + }; + + extraFiles = { + "rescue-kernel" = "${netboot.config.system.build.kernel}/bzImage"; + "rescue-initrd" = "${netboot.config.system.build.netbootRamdisk}/initrd"; + }; + }; +} diff --git a/nixos/iso.nix b/nixos/iso.nix index 40e82839..bbd3dbe3 100644 --- a/nixos/iso.nix +++ b/nixos/iso.nix @@ -6,6 +6,10 @@ # use the latest Linux kernel boot.kernelPackages = pkgs.linuxPackages_latest; + environment.systemPackages = with pkgs; [ + git + ]; + # Needed for https://github.com/NixOS/nixpkgs/issues/58959 boot.supportedFilesystems = lib.mkForce [ "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "ntfs" "cifs" ]; } -- 2.47.1 From 8232a0eaccb82ffa2f6f33e3bcfbd0a759704748 Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 8 Oct 2022 21:54:52 +0200 Subject: [PATCH 0498/1882] flake update --- flake.lock | 30 +++++++++++------------ nixos/hosts/thalassa/null/rescue-boot.nix | 1 + 2 files changed, 16 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index ca48fde5..f164b7f7 100644 --- a/flake.lock +++ b/flake.lock @@ -420,11 +420,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1665119273, - "narHash": "sha256-neL/ZRrwk47Ke1nfjk8ltlIm+NRZyA3MBcNbqEGSBeE=", + "lastModified": 1665226338, + "narHash": "sha256-P+A9MEClkeZSaS4zZvrpfVfUUqU5mmdZgEz/FGDSgno=", "owner": "nix-community", "repo": "home-manager", - "rev": "9fcae11ff29ca5f959b05c206f3724486c28ff07", + "rev": "3b5a8d3dc79e05213d3c428a0b8777e21cb0c6b8", "type": "github" }, "original": { @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1665177900, - "narHash": "sha256-KP+RgRkxnhZVRbSLitM8POjwU5/j05/kmqxhm73jBZM=", + "lastModified": 1665248491, + "narHash": "sha256-RymWw9Q8XDpt3BLTeftb8mh5ioxEUZ77BSx1FSnd6OE=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "1964bcb13f770b8344510549aa9924fe908bac60", + "rev": "90f2259f5e4b8d4c1c51db8d463a7a7e47624bce", "type": "github" }, "original": { @@ -703,11 +703,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1664989420, - "narHash": "sha256-Q8IxomUjjmewsoJgO3htkXLfCckQ7HkDJ/ZhdYVf/fA=", + "lastModified": 1665081174, + "narHash": "sha256-6hsmzdhdy8Kbvl5e0xZNE83pW3fKQvNiobJkM6KQrgA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "37bd39839acf99c5b738319f42478296f827f274", + "rev": "598f83ebeb2235435189cf84d844b8b73e858e0f", "type": "github" }, "original": { @@ -734,11 +734,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1665178447, - "narHash": "sha256-hsyzO+NW0K3+D99bPDGnxrm5ZJ81/mpi9RExrh+0qto=", + "lastModified": 1665239794, + "narHash": "sha256-zyufYM+0jna/0AKW/1+etWPJ8Cnz80Z54fN0rIBs2z0=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "003c42c4832d41b4fafa8f496305994aaeabeecc", + "rev": "07630e6fa01b756bb85782e02ef91a9a682ffb1f", "type": "github" }, "original": { @@ -1123,11 +1123,11 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1663507239, - "narHash": "sha256-LISZtkPVe8lQ2N8YwVe+KxCkXWLP9mdw6Q2kG93wE8A=", + "lastModified": 1665155573, + "narHash": "sha256-oAzkBNVm0N6JC4Jz9tfaF+l4K++zqDMOmxieemiyRnw=", "owner": "wlroots", "repo": "wlroots", - "rev": "2ad25b1460400e66ea26bd6489b04072be7d9dbb", + "rev": "ff9c52801f26eb85d2a51f12ad6d2819f97a66e6", "type": "gitlab" }, "original": { diff --git a/nixos/hosts/thalassa/null/rescue-boot.nix b/nixos/hosts/thalassa/null/rescue-boot.nix index 1234042c..3f576b05 100644 --- a/nixos/hosts/thalassa/null/rescue-boot.nix +++ b/nixos/hosts/thalassa/null/rescue-boot.nix @@ -1,5 +1,6 @@ { pkgs, ... }: let + # TODO: slim down size netboot = import (pkgs.path + "/nixos/lib/eval-config.nix") { inherit (pkgs) system; modules = [ -- 2.47.1 From 56b6195620bb2a1714266ba37e0d8b7535abddfa Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 9 Oct 2022 10:01:04 +0200 Subject: [PATCH 0499/1882] update flake --- flake.lock | 56 +++++++++++++++++++++--------------------------------- 1 file changed, 22 insertions(+), 34 deletions(-) diff --git a/flake.lock b/flake.lock index f164b7f7..645766a2 100644 --- a/flake.lock +++ b/flake.lock @@ -43,19 +43,19 @@ "colmena": { "inputs": { "flake-compat": "flake-compat", + "flake-utils": "flake-utils", "nix-eval-jobs": "nix-eval-jobs", "nixpkgs": [ "nixpkgs" ], - "stable": "stable", - "utils": "utils" + "stable": "stable" }, "locked": { - "lastModified": 1664434988, - "narHash": "sha256-C+xK3ZEfw502nwm1KLWcXKiiKy7UKsf0oD78tOwQvbk=", + "lastModified": 1665296779, + "narHash": "sha256-fzk7ZcsZiBBHxUfBA8IoIz/Uqazp02effUogVoxUxbE=", "owner": "zhaofengli", "repo": "colmena", - "rev": "241b61dcc0dda46f16515abe905322bab42520d7", + "rev": "4e4f9ad4d23191cc747bb91be496b59e62cc20f2", "type": "github" }, "original": { @@ -71,7 +71,7 @@ "nixpkgs": [ "nixpkgs" ], - "utils": "utils_2" + "utils": "utils" }, "locked": { "lastModified": 1663284638, @@ -107,7 +107,7 @@ "inputs": { "flake-compat": "flake-compat_3", "nixpkgs": "nixpkgs_3", - "utils": "utils_6" + "utils": "utils_5" }, "locked": { "lastModified": 1648475189, @@ -417,14 +417,14 @@ "nixpkgs": [ "nixpkgs" ], - "utils": "utils_3" + "utils": "utils_2" }, "locked": { - "lastModified": 1665226338, - "narHash": "sha256-P+A9MEClkeZSaS4zZvrpfVfUUqU5mmdZgEz/FGDSgno=", + "lastModified": 1665271265, + "narHash": "sha256-4Nn0T5YoR3bBLFnPy6Tkc8zzmzMTBjSGZq05c5hKhEI=", "owner": "nix-community", "repo": "home-manager", - "rev": "3b5a8d3dc79e05213d3c428a0b8777e21cb0c6b8", + "rev": "e1f1160284198a68ea8c7fffbbb1436f99e46ef9", "type": "github" }, "original": { @@ -526,7 +526,7 @@ "nixpkgs" ], "nixpkgs-22_05": "nixpkgs-22_05", - "utils": "utils_4" + "utils": "utils_3" }, "locked": { "lastModified": 1658267644, @@ -547,14 +547,14 @@ "nixpkgs": [ "nixpkgs" ], - "utils": "utils_5" + "utils": "utils_4" }, "locked": { - "lastModified": 1665192597, - "narHash": "sha256-DwkIhS0UpQFmRa0t7tM9crqxlEziId0KauD7SE53iH0=", + "lastModified": 1665280314, + "narHash": "sha256-tLi4kz6HWLpIP46p0ZBGUn+1XyE25y6bxFviCMoiy4Q=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "a65b27bacdc4aa491d7c6bca23f47d38d2aaa7f9", + "rev": "df842e3a1d3e617f59d525c7d2652d65f2cb0381", "type": "github" }, "original": { @@ -626,7 +626,10 @@ }, "nix-eval-jobs": { "inputs": { - "flake-utils": "flake-utils", + "flake-utils": [ + "colmena", + "flake-utils" + ], "nixpkgs": [ "colmena", "nixpkgs" @@ -998,21 +1001,6 @@ } }, "utils_3": { - "locked": { - "lastModified": 1659877975, - "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "utils_4": { "locked": { "lastModified": 1605370193, "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=", @@ -1027,7 +1015,7 @@ "type": "github" } }, - "utils_5": { + "utils_4": { "inputs": { "flake-utils": "flake-utils_2" }, @@ -1045,7 +1033,7 @@ "type": "github" } }, - "utils_6": { + "utils_5": { "locked": { "lastModified": 1648297722, "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=", -- 2.47.1 From d1cdaf176db08ddb7bf4a051f45166a47eb806c6 Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 9 Oct 2022 11:58:31 +0200 Subject: [PATCH 0500/1882] various updates --- .github/workflows/nixos.yml | 32 ----------------- nixos/common/default.nix | 2 ++ nixos/common/modules/vmagent.nix | 43 +++++++++++------------ nixos/pkgs/catppuccin/cursors/default.nix | 16 +++++---- nixos/pkgs/vmagent/default.nix | 9 +++-- 5 files changed, 39 insertions(+), 63 deletions(-) diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index a69769e3..9ce96402 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -27,38 +27,6 @@ jobs: name: nixos-iso retention-days: 3 path: result/iso/*.iso - build-null: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2.3.2 - - - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@main - with: - # this might remove tools that are actually needed, - # if set to "true" but frees about 6 GB - tool-cache: true - - # all of these default to true, but feel free to set to - # "false" if necessary for your workflow - android: true - dotnet: true - haskell: true - large-packages: true - swap-storage: true - - - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v15 - - - name: "Install Cachix ❄️" - uses: cachix/cachix-action@v10 - with: - name: 0x76-infra - authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" - - - name: "Build NixOS config ❄️" - run: | - nix run '.#' build -- --on "null" build-olympus: runs-on: ubuntu-latest steps: diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 584ca319..4fae9cf6 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -35,6 +35,7 @@ "https://hyprland.cachix.org" "https://0x76-infra.cachix.org" "https://webcord.cachix.org" + "https://cache.garnix.io" ]; trusted-public-keys = [ "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=" @@ -44,6 +45,7 @@ "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" "0x76-infra.cachix.org-1:dC1qp+VEN3jj5pdK4URlXR9hf3atT+MnpKGu6PZjMc8=" "webcord.cachix.org-1:l555jqOZGHd2C9+vS8ccdh8FhqnGe8L78QrHNn+EFEs=" + "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" ]; }; optimise = { diff --git a/nixos/common/modules/vmagent.nix b/nixos/common/modules/vmagent.nix index 559b7a13..fd756179 100644 --- a/nixos/common/modules/vmagent.nix +++ b/nixos/common/modules/vmagent.nix @@ -3,8 +3,7 @@ with lib; let cfg = config.services.vmagent; settingsFormat = pkgs.formats.json { }; -in -{ +in { options.services.vmagent = { enable = mkEnableOption "vmagent"; @@ -50,9 +49,7 @@ in }; prometheusConfig = mkOption { - type = lib.types.submodule { - freeformType = settingsFormat.type; - }; + type = lib.types.submodule { freeformType = settingsFormat.type; }; description = '' Config for prometheus style metrics ''; @@ -76,7 +73,7 @@ in vmagent = { group = cfg.group; shell = pkgs.bashInteractive; - description = "vmagent Daemon user"; + description = "vmagent daemon user"; home = cfg.dataDir; isSystemUser = true; }; @@ -86,23 +83,25 @@ in networking.firewall.allowedTCPPorts = mkIf (cfg.openFirewall) [ 8429 ]; # The actual service - systemd.services.vmagent = - let prometheusConfig = settingsFormat.generate "prometheusConfig.yaml" cfg.prometheusConfig; - in { - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; - description = "vmagent system service"; - serviceConfig = { - User = cfg.user; - Group = cfg.group; - Type = "simple"; - Restart = "on-failure"; - WorkingDirectory = cfg.dataDir; - ExecStart = - "${cfg.package}/bin/vmagent -remoteWrite.url=${cfg.remoteWriteUrl} -promscrape.config=${prometheusConfig}"; - }; + systemd.services.vmagent = let + prometheusConfig = + settingsFormat.generate "prometheusConfig.yaml" cfg.prometheusConfig; + in { + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + description = "vmagent system service"; + serviceConfig = { + User = cfg.user; + Group = cfg.group; + Type = "simple"; + Restart = "on-failure"; + WorkingDirectory = cfg.dataDir; + ExecStart = + "${cfg.package}/bin/vmagent -remoteWrite.url=${cfg.remoteWriteUrl} -promscrape.config=${prometheusConfig}"; }; + }; - systemd.tmpfiles.rules = [ "d '${cfg.dataDir}' 0755 ${cfg.user} ${cfg.group} -" ]; + systemd.tmpfiles.rules = + [ "d '${cfg.dataDir}' 0755 ${cfg.user} ${cfg.group} -" ]; }; } diff --git a/nixos/pkgs/catppuccin/cursors/default.nix b/nixos/pkgs/catppuccin/cursors/default.nix index 9115558e..f7feb235 100644 --- a/nixos/pkgs/catppuccin/cursors/default.nix +++ b/nixos/pkgs/catppuccin/cursors/default.nix @@ -1,4 +1,4 @@ -{ stdenvNoCC, lib, fetchFromGitHub, xorg, inkscape }: +{ stdenvNoCC, lib, fetchFromGitHub, xcursorgen, inkscape, makeFontsConf }: stdenvNoCC.mkDerivation { pname = "catppuccin-cursors"; @@ -11,13 +11,16 @@ stdenvNoCC.mkDerivation { sha256 = "sha256-0wb84q1VtD1myIRxrfQMn9n6w1gFzMA1rHkPqXuXLP0="; }; - nativeBuildInputs = [ - xorg.xcursorgen - inkscape - ]; + nativeBuildInputs = [ xcursorgen inkscape ]; + + FONTCONFIG_FILE = makeFontsConf { fontDirectories = [ ]; }; + + buildPhase = '' + HOME="$NIX_BUILD_ROOT" PREFIX="/" DESTDIR=$out make build + ''; installPhase = '' - PREFIX="/" DESTDIR=$out make install + HOME="$NIX_BUILD_ROOT" PREFIX="/" DESTDIR=$out make install ''; meta = with lib; { @@ -25,5 +28,6 @@ stdenvNoCC.mkDerivation { homepage = "https://github.com/catppuccin/cursors"; license = licenses.gpl2; platforms = platforms.linux; + maintainers = with maintainers; [ nullx76 ]; }; } diff --git a/nixos/pkgs/vmagent/default.nix b/nixos/pkgs/vmagent/default.nix index e939e3e9..48384bbf 100644 --- a/nixos/pkgs/vmagent/default.nix +++ b/nixos/pkgs/vmagent/default.nix @@ -1,23 +1,26 @@ { lib, fetchFromGitHub, buildGoModule }: buildGoModule rec { pname = "vmagent"; - version = "1.59.0"; + version = "1.82.0"; src = fetchFromGitHub { owner = "VictoriaMetrics"; repo = "VictoriaMetrics"; rev = "v${version}"; - sha256 = "1mfdhv20m2xqsg37pdv4vbxdg8iri79grc4g4p9ph0js9yd6nbys"; + sha256 = "JIl2WeveDoAHzqJ2cqMxpWeNf4yQC9fIdfECOJywJ2A="; }; + ldflags = [ "-s" "-w" "-X github.com/VictoriaMetrics/VictoriaMetrics/lib/buildinfo.Version=${version}" ]; + vendorSha256 = null; subPackages = [ "app/vmagent" ]; meta = with lib; { - description = "VictoriaMetrics metrics scraper"; homepage = "https://github.com/VictoriaMetrics/VictoriaMetrics/tree/master/app/vmagent"; + description = "VictoriaMetrics metrics scraper"; license = licenses.asl20; platforms = platforms.linux; + maintainers = with maintainers; [ nullx76 ]; }; } -- 2.47.1 From e614e9ed3b0fb51616b7ce247e8765cfda4af9be Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 9 Oct 2022 17:38:09 +0200 Subject: [PATCH 0501/1882] flake update --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 645766a2..2df8c492 100644 --- a/flake.lock +++ b/flake.lock @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1665248491, - "narHash": "sha256-RymWw9Q8XDpt3BLTeftb8mh5ioxEUZ77BSx1FSnd6OE=", + "lastModified": 1665305182, + "narHash": "sha256-f5k08odmCgzM38eJRDDCDEpLhVmF5Aeaco8QktcWak0=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "90f2259f5e4b8d4c1c51db8d463a7a7e47624bce", + "rev": "1263bd5dcb44ab879b1a6efd1669a656f53ce693", "type": "github" }, "original": { @@ -737,11 +737,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1665239794, - "narHash": "sha256-zyufYM+0jna/0AKW/1+etWPJ8Cnz80Z54fN0rIBs2z0=", + "lastModified": 1665329665, + "narHash": "sha256-9xbehDP1SUZGet5aHPtwcAZsSHwnP7fJ/hnuzC2QnZ4=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "07630e6fa01b756bb85782e02ef91a9a682ffb1f", + "rev": "e3c61a2685ef6ad6f6b2eff685b44a2bbe31f68c", "type": "github" }, "original": { -- 2.47.1 From 65c63b99ef6b12fd87c086f1f91462248666cf1d Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 9 Oct 2022 19:02:53 +0200 Subject: [PATCH 0502/1882] update ci --- .github/workflows/nixos.yml | 44 +++++++++++++++++++++++++------------ 1 file changed, 30 insertions(+), 14 deletions(-) diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index 9ce96402..672b9ec9 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -5,6 +5,21 @@ on: branches: [main] jobs: + build-null: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2.3.2 + - name: "Install Nix ❄️" + uses: cachix/install-nix-action@v15 + - name: "Install Cachix ❄️" + uses: cachix/cachix-action@v10 + with: + name: 0x76-infra + authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" + extraPullNames: hyprland + - name: "Build NixOS config ❄️" + run: | + nix run '.#' build -- --on "null" build-iso: runs-on: ubuntu-latest steps: @@ -91,20 +106,21 @@ jobs: - name: "Build NixOS config ❄️" run: | nix run '.#' build -- --on "@hades" - check: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2.3.2 + # disabled because of OOM errors + # check: + # runs-on: ubuntu-latest + # steps: + # - uses: actions/checkout@v2.3.2 - - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v15 + # - name: "Install Nix ❄️" + # uses: cachix/install-nix-action@v15 - - name: "Install Cachix ❄️" - uses: cachix/cachix-action@v10 - with: - name: 0x76-infra - authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" + # - name: "Install Cachix ❄️" + # uses: cachix/cachix-action@v10 + # with: + # name: 0x76-infra + # authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" - - name: "Check NixOS Flake ❄️" - run: | - nix flake check + # - name: "Check NixOS Flake ❄️" + # run: | + # nix flake check -- 2.47.1 From 1f2ba3a2cea565107296ecf266d17836f24798f1 Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 10 Oct 2022 15:24:54 +0200 Subject: [PATCH 0503/1882] add vaultwarden --- flake.lock | 36 +++++++------- nixos/common/default.nix | 4 +- nixos/hosts/olympus/default.nix | 5 ++ .../olympus/mailserver/configuration.nix | 4 ++ nixos/hosts/olympus/nginx/configuration.nix | 1 + .../olympus/vaultwarden/configuration.nix | 48 +++++++++++++++++++ nixos/hosts/thalassa/null/home/hyprland.nix | 2 +- 7 files changed, 79 insertions(+), 21 deletions(-) create mode 100644 nixos/hosts/olympus/vaultwarden/configuration.nix diff --git a/flake.lock b/flake.lock index 2df8c492..381213de 100644 --- a/flake.lock +++ b/flake.lock @@ -51,11 +51,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1665296779, - "narHash": "sha256-fzk7ZcsZiBBHxUfBA8IoIz/Uqazp02effUogVoxUxbE=", + "lastModified": 1665350797, + "narHash": "sha256-7XAcfqRlsJf+y7174WcKJzHoZlq5ChrrymShL0xj8QY=", "owner": "zhaofengli", "repo": "colmena", - "rev": "4e4f9ad4d23191cc747bb91be496b59e62cc20f2", + "rev": "872949504befb9b5540e69f846c6965def7150f9", "type": "github" }, "original": { @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1665305182, - "narHash": "sha256-f5k08odmCgzM38eJRDDCDEpLhVmF5Aeaco8QktcWak0=", + "lastModified": 1665347456, + "narHash": "sha256-FdjdpWgsvM75/wtmgRjY/91VBGFX1YRQ9AtT4sffzP8=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "1263bd5dcb44ab879b1a6efd1669a656f53ce693", + "rev": "cb687c208c116ea870f827d8b2ee963655599f1f", "type": "github" }, "original": { @@ -550,11 +550,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1665280314, - "narHash": "sha256-tLi4kz6HWLpIP46p0ZBGUn+1XyE25y6bxFviCMoiy4Q=", + "lastModified": 1665367069, + "narHash": "sha256-tlVT20lHZR0mXNoxY+hDgc/3h/J3PCx8kUDO6CD+oJs=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "df842e3a1d3e617f59d525c7d2652d65f2cb0381", + "rev": "2615d292a38bc8a791b26494dfc7b655ca2c4838", "type": "github" }, "original": { @@ -706,11 +706,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1665081174, - "narHash": "sha256-6hsmzdhdy8Kbvl5e0xZNE83pW3fKQvNiobJkM6KQrgA=", + "lastModified": 1665259268, + "narHash": "sha256-ONFhHBLv5nZKhwV/F2GOH16197PbvpyWhoO0AOyktkU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "598f83ebeb2235435189cf84d844b8b73e858e0f", + "rev": "c5924154f000e6306030300592f4282949b2db6c", "type": "github" }, "original": { @@ -737,11 +737,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1665329665, - "narHash": "sha256-9xbehDP1SUZGet5aHPtwcAZsSHwnP7fJ/hnuzC2QnZ4=", + "lastModified": 1665405393, + "narHash": "sha256-aSmFxF0XxIUcmx7WZZU/oyBcCm3qNroRLYQL26DFyGU=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "e3c61a2685ef6ad6f6b2eff685b44a2bbe31f68c", + "rev": "b1da428acecbe0e91c4d211f06037a34e0ad2e1d", "type": "github" }, "original": { @@ -1111,11 +1111,11 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1665155573, - "narHash": "sha256-oAzkBNVm0N6JC4Jz9tfaF+l4K++zqDMOmxieemiyRnw=", + "lastModified": 1665331677, + "narHash": "sha256-3Dh1i11mHK80jx5figC1oh1V0rCjieh0Mj+MajXdbPw=", "owner": "wlroots", "repo": "wlroots", - "rev": "ff9c52801f26eb85d2a51f12ad6d2819f97a66e6", + "rev": "ab8341975e62b1f668d8c9779ec8e72d04718a99", "type": "gitlab" }, "original": { diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 4fae9cf6..5482ec0e 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -33,9 +33,9 @@ "https://nixpkgs-review-bot.cachix.org" "https://colmena.cachix.org" "https://hyprland.cachix.org" + "https://cache.garnix.io" "https://0x76-infra.cachix.org" "https://webcord.cachix.org" - "https://cache.garnix.io" ]; trusted-public-keys = [ "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=" @@ -43,9 +43,9 @@ "nixpkgs-review-bot.cachix.org-1:eppgiDjPk7Hkzzz7XlUesk3rcEHqNDozGOrcLc8IqwE=" "colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg=" "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" + "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" "0x76-infra.cachix.org-1:dC1qp+VEN3jj5pdK4URlXR9hf3atT+MnpKGu6PZjMc8=" "webcord.cachix.org-1:l555jqOZGHd2C9+vS8ccdh8FhqnGe8L78QrHNn+EFEs=" - "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" ]; }; optimise = { diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index a40399a0..36be93d3 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -158,6 +158,11 @@ profile = "vault-1"; tags = [ "vault" ]; } + { + hostname = "vaultwarden"; + ip = "10.42.42.31"; + mac = "FA:71:3F:31:34:41"; + } { hostname = "nuc"; ip = "10.42.42.42"; diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index 6cc3f261..bd011a8f 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -53,6 +53,10 @@ let vs = config.vault-secrets.secrets; in hashedPasswordFile = "${vs.mailserver}/outline@0x76.dev"; sendOnly = true; }; + "vaultwarden@0x76.dev" = { + hashedPasswordFile = "${vs.mailserver}/vaultwarden@0x76.dev"; + sendOnly = true; + }; }; indexDir = "/var/lib/dovecot/indices"; diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 7bfc32c3..6ee1cfe4 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -58,6 +58,7 @@ in virtualHosts."grafana.0x76.dev" = proxy "http://victoriametrics.olympus:2342"; virtualHosts."outline.0x76.dev" = proxy "http://outline.olympus:3000"; virtualHosts."id.0x76.dev" = proxy "http://keycloak.olympus:80"; + # virtualHosts."pass.0x76.dev" = proxy "http://vaultwarden.olympus:8222"; # Redshifts virtualHosts."andreea.redshifts.xyz" = proxy "http://zmeura.olympus:8008"; diff --git a/nixos/hosts/olympus/vaultwarden/configuration.nix b/nixos/hosts/olympus/vaultwarden/configuration.nix new file mode 100644 index 00000000..0c874615 --- /dev/null +++ b/nixos/hosts/olympus/vaultwarden/configuration.nix @@ -0,0 +1,48 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: +let vs = config.vault-secrets.secrets; +in { + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ ]; + + vault-secrets.secrets.vaultwarden = { + user = "vaultwarden"; + group = "vaultwarden"; + }; + + services.vaultwarden = { + enable = true; + dbBackend = "sqlite"; + environmentFile = "${vs.vaultwarden}/environment"; + config = { + DOMAIN = "https://pass.0x76.dev"; + SIGNUPS_ALLOWED = false; + ROCKET_ADDRESS = "127.0.0.1"; + ROCKET_PORT = 8222; + + SMTP_HOST = "mail.0x76.dev"; + SMTP_FROM = "vaultwarden@0x76.dev"; + SMTP_PORT = 465; + SMTP_SECURITY = "force_tls"; + SMTP_DEBUG = false; + + SIGNUPS_VERIFY = true; + SIGNUPS_DOMAINS_WHITELIST = "xirion.net,0x76.dev,meowy.tech"; + }; + }; +} diff --git a/nixos/hosts/thalassa/null/home/hyprland.nix b/nixos/hosts/thalassa/null/home/hyprland.nix index 65d657c5..4eca844e 100644 --- a/nixos/hosts/thalassa/null/home/hyprland.nix +++ b/nixos/hosts/thalassa/null/home/hyprland.nix @@ -62,7 +62,7 @@ bind=SUPER,f,exec,firefox-devedition bind=SUPER,d,exec,wofi --show run,drun - bind=,Print,exec,grim -g "$(slurp)" - | wl-copy -t image/png + bind=,Print,exec,grim -g "$(slurp)" -t png - | wl-copy -t image/png bind=SUPER,W,killactive, bind=SUPERSHIFT,Q,exit, bind=SUPER,S,togglefloating, -- 2.47.1 From 3d3f1930cc6c39922ae2c8cf99370c56a58daf46 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 8 Oct 2022 12:53:14 +0200 Subject: [PATCH 0504/1882] updates --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index ec0fef59..67ef74bd 100644 --- a/flake.nix +++ b/flake.nix @@ -96,7 +96,7 @@ }).nodes; - # Make the coleman configuration + # Make the colmena configuration colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el) { meta = { -- 2.47.1 From ff4cf4b2a615cf136cb5cc88a9d7baf99ef22c6d Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 10 Oct 2022 16:22:25 +0200 Subject: [PATCH 0505/1882] more vaultwarden setup --- nixos/hosts/olympus/default.nix | 2 +- nixos/hosts/olympus/nginx/configuration.nix | 2 +- nixos/hosts/olympus/vaultwarden/configuration.nix | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 36be93d3..edc663c1 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -161,7 +161,7 @@ { hostname = "vaultwarden"; ip = "10.42.42.31"; - mac = "FA:71:3F:31:34:41"; + mac = "96:61:03:16:63:98"; } { hostname = "nuc"; diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 6ee1cfe4..58e7f1dc 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -58,7 +58,7 @@ in virtualHosts."grafana.0x76.dev" = proxy "http://victoriametrics.olympus:2342"; virtualHosts."outline.0x76.dev" = proxy "http://outline.olympus:3000"; virtualHosts."id.0x76.dev" = proxy "http://keycloak.olympus:80"; - # virtualHosts."pass.0x76.dev" = proxy "http://vaultwarden.olympus:8222"; + virtualHosts."pass.0x76.dev" = proxy "http://vaultwarden.olympus:8222"; # Redshifts virtualHosts."andreea.redshifts.xyz" = proxy "http://zmeura.olympus:8008"; diff --git a/nixos/hosts/olympus/vaultwarden/configuration.nix b/nixos/hosts/olympus/vaultwarden/configuration.nix index 0c874615..37dc0f3f 100644 --- a/nixos/hosts/olympus/vaultwarden/configuration.nix +++ b/nixos/hosts/olympus/vaultwarden/configuration.nix @@ -18,7 +18,7 @@ in { # Additional packages environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ ]; + networking.firewall.allowedTCPPorts = [ config.services.vaultwarden.config.ROCKET_PORT ]; vault-secrets.secrets.vaultwarden = { user = "vaultwarden"; @@ -32,7 +32,7 @@ in { config = { DOMAIN = "https://pass.0x76.dev"; SIGNUPS_ALLOWED = false; - ROCKET_ADDRESS = "127.0.0.1"; + ROCKET_ADDRESS = "0.0.0.0"; ROCKET_PORT = 8222; SMTP_HOST = "mail.0x76.dev"; -- 2.47.1 From ec0e2d8f8e8f57f22055b72f6dbe48314dfda0f2 Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 10 Oct 2022 16:28:36 +0200 Subject: [PATCH 0506/1882] add laura@meowy.tech --- nixos/hosts/olympus/mailserver/configuration.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index bd011a8f..220402cc 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -33,10 +33,16 @@ let vs = config.vault-secrets.secrets; in certificateScheme = 3; loginAccounts = { + # People "v@0x76.dev" = { hashedPasswordFile = "${vs.mailserver}/v@0x76.dev"; aliases = [ "v@meowy.tech" "postmaster@0x76.dev" "postmaster@meowy.tech" ]; }; + "laura@meowy.tech" = { + hashedPasswordFile = "${vs.mailserver}/laura@meowy.tech"; + aliases = [ "lau@meowy.tech" ]; + }; + # Services "keycloak@0x76.dev" = { hashedPasswordFile = "${vs.mailserver}/keycloak@0x76.dev"; sendOnly = true; -- 2.47.1 From 6b400971aab66a31bbe4db89c9b6a674b5c4ae67 Mon Sep 17 00:00:00 2001 From: victor Date: Tue, 11 Oct 2022 11:02:05 +0200 Subject: [PATCH 0507/1882] flake update --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 381213de..4f6057ea 100644 --- a/flake.lock +++ b/flake.lock @@ -420,11 +420,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1665271265, - "narHash": "sha256-4Nn0T5YoR3bBLFnPy6Tkc8zzmzMTBjSGZq05c5hKhEI=", + "lastModified": 1665476539, + "narHash": "sha256-NDs0qfTSfG+vEvB3HN2GOOZgMBPAYBpFeIC4hrN5wjk=", "owner": "nix-community", "repo": "home-manager", - "rev": "e1f1160284198a68ea8c7fffbbb1436f99e46ef9", + "rev": "b37a909508edb8d7fdcd04ac90761b2cfa2a5f28", "type": "github" }, "original": { @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1665347456, - "narHash": "sha256-FdjdpWgsvM75/wtmgRjY/91VBGFX1YRQ9AtT4sffzP8=", + "lastModified": 1665437770, + "narHash": "sha256-0up6k+ATaxv1X60nQuslcIirUQqkbl1m5pCFnH3TJtE=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "cb687c208c116ea870f827d8b2ee963655599f1f", + "rev": "ae91f6610ff00495c777fa3d996056061ea5c6b9", "type": "github" }, "original": { @@ -550,11 +550,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1665367069, - "narHash": "sha256-tlVT20lHZR0mXNoxY+hDgc/3h/J3PCx8kUDO6CD+oJs=", + "lastModified": 1665453036, + "narHash": "sha256-4KcfIZvUefiPJbA4Ixx8pSe0Y4Ay6vI+SKCMVDxAoEs=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "2615d292a38bc8a791b26494dfc7b655ca2c4838", + "rev": "f2116ba4c3225ce6435f818f83115a3a8bc05619", "type": "github" }, "original": { @@ -737,11 +737,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1665405393, - "narHash": "sha256-aSmFxF0XxIUcmx7WZZU/oyBcCm3qNroRLYQL26DFyGU=", + "lastModified": 1665477785, + "narHash": "sha256-WVWRk8I+0ZpFaKvXKFcwQFYuwlsRhyfy4e6qETYDYvA=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "b1da428acecbe0e91c4d211f06037a34e0ad2e1d", + "rev": "e158cfcc737983fbe85fbf6a7ef54e88e820a1d6", "type": "github" }, "original": { @@ -865,11 +865,11 @@ ] }, "locked": { - "lastModified": 1665162504, - "narHash": "sha256-YDeDDSiwwuN4tuI+0GAcMKzimKSt7sJOtBZITzJGfuY=", + "lastModified": 1665425469, + "narHash": "sha256-P42lqx/FvAbP17ljoa+6PdB6KzQtuFjn7fGOGoxzkU0=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "c2ceedca74e2f388aec6edaa6259a1b94fe07fc3", + "rev": "30f6a9e440f06d7c1a38d1f515a154e3325dc725", "type": "github" }, "original": { -- 2.47.1 From 5051cd0cf62e7a1da8f6a436ebf66dc684e864e2 Mon Sep 17 00:00:00 2001 From: victor Date: Tue, 11 Oct 2022 14:11:17 +0200 Subject: [PATCH 0508/1882] enable websockets vault --- .github/workflows/nixos.yml | 14 +++++++++ nixos/hosts/olympus/nginx/configuration.nix | 30 +++++++++++++------ .../olympus/vaultwarden/configuration.nix | 10 +++++-- 3 files changed, 43 insertions(+), 11 deletions(-) diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index 672b9ec9..672d3b7e 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -9,6 +9,20 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2.3.2 + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@main + with: + # this might remove tools that are actually needed, + # if set to "true" but frees about 6 GB + tool-cache: true + + # all of these default to true, but feel free to set to + # "false" if necessary for your workflow + android: true + dotnet: true + haskell: true + large-packages: true + swap-storage: true - name: "Install Nix ❄️" uses: cachix/install-nix-action@v15 - name: "Install Cachix ❄️" diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 58e7f1dc..cc6fa7fb 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -22,8 +22,7 @@ let add_header Access-Control-Allow-Origin *; return 200 '${builtins.toJSON data}'; ''; -in -{ +in { # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave @@ -32,9 +31,6 @@ in # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "21.05"; # Did you read the comment? - # Additional packages - environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ 80 443 ]; services.nginx = { @@ -51,14 +47,28 @@ in # 0x76.dev virtualHosts."ha.0x76.dev" = proxy "http://home-assistant.olympus:8123/"; - # virtualHosts."zookeeper-dev.0x76.dev" = proxy "http://eevee.olympus:8085/"; virtualHosts."md.0x76.dev" = proxy "http://hedgedoc.olympus:3000/"; virtualHosts."git.0x76.dev" = proxy "http://gitea.olympus:3000"; virtualHosts."o.0x76.dev" = proxy "http://minio.olympus:9000"; virtualHosts."grafana.0x76.dev" = proxy "http://victoriametrics.olympus:2342"; virtualHosts."outline.0x76.dev" = proxy "http://outline.olympus:3000"; virtualHosts."id.0x76.dev" = proxy "http://keycloak.olympus:80"; - virtualHosts."pass.0x76.dev" = proxy "http://vaultwarden.olympus:8222"; + virtualHosts."pass.0x76.dev" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://vaultwarden.olympus:8222"; + proxyWebsockets = true; + }; + locations."/notifications/hub/negotiate" = { + proxyPass = "http://vaultwarden.olympus:8222"; + proxyWebsockets = true; + }; + locations."/notifications/hub" = { + proxyPass = "http://vaultwarden.olympus:3012"; + proxyWebsockets = true; + }; + }; # Redshifts virtualHosts."andreea.redshifts.xyz" = proxy "http://zmeura.olympus:8008"; @@ -71,8 +81,10 @@ in add_header Content-Type 'text/html; charset=UTF-8'; return 200 '

meow

'; ''; - locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig; - locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig; + locations."= /.well-known/matrix/client".extraConfig = + mkWellKnown clientConfig; + locations."= /.well-known/matrix/server".extraConfig = + mkWellKnown serverConfig; }; virtualHosts."chat.meowy.tech" = { enableACME = true; diff --git a/nixos/hosts/olympus/vaultwarden/configuration.nix b/nixos/hosts/olympus/vaultwarden/configuration.nix index 37dc0f3f..f4ae4fd7 100644 --- a/nixos/hosts/olympus/vaultwarden/configuration.nix +++ b/nixos/hosts/olympus/vaultwarden/configuration.nix @@ -3,7 +3,9 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: -let vs = config.vault-secrets.secrets; +let + vs = config.vault-secrets.secrets; + cfg = config.services.vaultwarden.config; in { imports = [ ]; @@ -18,7 +20,7 @@ in { # Additional packages environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ config.services.vaultwarden.config.ROCKET_PORT ]; + networking.firewall.allowedTCPPorts = [ cfg.ROCKET_PORT cfg.WEBSOCKET_PORT ]; vault-secrets.secrets.vaultwarden = { user = "vaultwarden"; @@ -35,6 +37,10 @@ in { ROCKET_ADDRESS = "0.0.0.0"; ROCKET_PORT = 8222; + WEBSOCKET_ENABLED = true; + WEBSOCKET_ADDRESS = "0.0.0.0"; + WEBSOCKET_PORT = 3012; + SMTP_HOST = "mail.0x76.dev"; SMTP_FROM = "vaultwarden@0x76.dev"; SMTP_PORT = 465; -- 2.47.1 From e4973e63ed46a91ff43ff99f087bf09f41923b72 Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 12 Oct 2022 20:43:12 +0200 Subject: [PATCH 0509/1882] flake update --- flake.lock | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/flake.lock b/flake.lock index 4f6057ea..4ead0c95 100644 --- a/flake.lock +++ b/flake.lock @@ -420,11 +420,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1665476539, - "narHash": "sha256-NDs0qfTSfG+vEvB3HN2GOOZgMBPAYBpFeIC4hrN5wjk=", + "lastModified": 1665520899, + "narHash": "sha256-N8BYMgvrAYhiXeyrcEeLgngZZaU6MVVocSa+tIfyMyg=", "owner": "nix-community", "repo": "home-manager", - "rev": "b37a909508edb8d7fdcd04ac90761b2cfa2a5f28", + "rev": "5597b3a7425a9e3f41128308cb1105d3e780f633", "type": "github" }, "original": { @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1665437770, - "narHash": "sha256-0up6k+ATaxv1X60nQuslcIirUQqkbl1m5pCFnH3TJtE=", + "lastModified": 1665596231, + "narHash": "sha256-lYoJoLnJ6hCyLoXLNz1nLWIFNyvvKf0D4P+pf6l3Zdw=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "ae91f6610ff00495c777fa3d996056061ea5c6b9", + "rev": "170def35d79210f9124cdfd7da563d5d384dcae9", "type": "github" }, "original": { @@ -550,11 +550,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1665453036, - "narHash": "sha256-4KcfIZvUefiPJbA4Ixx8pSe0Y4Ay6vI+SKCMVDxAoEs=", + "lastModified": 1665540316, + "narHash": "sha256-nCuKFsEthXBfFoMl0Dkf1wcomWqc3DTiHtB1eLzQnmA=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "f2116ba4c3225ce6435f818f83115a3a8bc05619", + "rev": "57ce7967c19bebdbe6d67eae93d0e72105868d32", "type": "github" }, "original": { @@ -737,11 +737,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1665477785, - "narHash": "sha256-WVWRk8I+0ZpFaKvXKFcwQFYuwlsRhyfy4e6qETYDYvA=", + "lastModified": 1665599945, + "narHash": "sha256-6PwHK7Kyn+kf3pHyfraTc5Le0MCzscbQvg2bzH3iUL8=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "e158cfcc737983fbe85fbf6a7ef54e88e820a1d6", + "rev": "7cbcb98f75c70c32a7d60cf71a87a3288b26f2b1", "type": "github" }, "original": { @@ -865,11 +865,11 @@ ] }, "locked": { - "lastModified": 1665425469, - "narHash": "sha256-P42lqx/FvAbP17ljoa+6PdB6KzQtuFjn7fGOGoxzkU0=", + "lastModified": 1665590088, + "narHash": "sha256-7mnx7J0AacL2P2mNuNNB+kKE7VR8nniVG+PSrwpZixE=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "30f6a9e440f06d7c1a38d1f515a154e3325dc725", + "rev": "159e7c5b7ee3770828cc0c936d939de5d1b58f83", "type": "github" }, "original": { @@ -941,11 +941,11 @@ ] }, "locked": { - "lastModified": 1663574694, - "narHash": "sha256-X+lVHZ4K9lzWfFtkkbIvYUSjMaFN8BGsP1lLiS3A0Ts=", + "lastModified": 1665542977, + "narHash": "sha256-z5DLRdG0J6ZLx/FdnX6PCwCVyXUfu3gUzJSfu3Bh3ak=", "owner": "serokell", "repo": "serokell.nix", - "rev": "cc64abca932254f2e1c362e926d01472a2790ed1", + "rev": "c61261e6ed552bb1679226c0f8ff8504268492b0", "type": "github" }, "original": { @@ -1111,11 +1111,11 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1665331677, - "narHash": "sha256-3Dh1i11mHK80jx5figC1oh1V0rCjieh0Mj+MajXdbPw=", + "lastModified": 1665405587, + "narHash": "sha256-lVL48azhjGA/oEIcUSZQNwomNs0EzPxCcjgzyDST0PM=", "owner": "wlroots", "repo": "wlroots", - "rev": "ab8341975e62b1f668d8c9779ec8e72d04718a99", + "rev": "221ee83d440fb7dcbfd141ef3a459a5a973331b6", "type": "gitlab" }, "original": { -- 2.47.1 From 42925a917c7105a67df3f0fa5440bcf509402348 Mon Sep 17 00:00:00 2001 From: victor Date: Fri, 14 Oct 2022 19:53:03 +0200 Subject: [PATCH 0510/1882] flake update --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 4ead0c95..dc296ebf 100644 --- a/flake.lock +++ b/flake.lock @@ -420,11 +420,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1665520899, - "narHash": "sha256-N8BYMgvrAYhiXeyrcEeLgngZZaU6MVVocSa+tIfyMyg=", + "lastModified": 1665655007, + "narHash": "sha256-34ZMJlgqJb73RY/gJz8B4cjdM5ukas2crMYQpmyRGeQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "5597b3a7425a9e3f41128308cb1105d3e780f633", + "rev": "8cbc6500dfca22d907054f68c564019b3b6cf295", "type": "github" }, "original": { @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1665596231, - "narHash": "sha256-lYoJoLnJ6hCyLoXLNz1nLWIFNyvvKf0D4P+pf6l3Zdw=", + "lastModified": 1665753928, + "narHash": "sha256-A7eD0Svt+hONyq90cF2EANJTYexpOkfbLLJ3sJlg0QE=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "170def35d79210f9124cdfd7da563d5d384dcae9", + "rev": "b0544dbfffb79e1aa043c7626fbcbc86b8ee9379", "type": "github" }, "original": { @@ -550,11 +550,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1665540316, - "narHash": "sha256-nCuKFsEthXBfFoMl0Dkf1wcomWqc3DTiHtB1eLzQnmA=", + "lastModified": 1665718979, + "narHash": "sha256-0B3JtEGUR354bQVhlPqPyHMauJqGQ2R91Q8ZeNLTp/0=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "57ce7967c19bebdbe6d67eae93d0e72105868d32", + "rev": "acd94ec24d2afa86fc5587b8f5777178875bad8e", "type": "github" }, "original": { @@ -737,11 +737,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1665599945, - "narHash": "sha256-6PwHK7Kyn+kf3pHyfraTc5Le0MCzscbQvg2bzH3iUL8=", + "lastModified": 1665769685, + "narHash": "sha256-R/y+sWuViP4JbVTYqwBc9Miejf0VDXTEyFFS0PKi6sQ=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "7cbcb98f75c70c32a7d60cf71a87a3288b26f2b1", + "rev": "004d2f87c0be22f91916d84eaebd145d666acbcd", "type": "github" }, "original": { @@ -1078,11 +1078,11 @@ "webcord": "webcord_2" }, "locked": { - "lastModified": 1664913401, - "narHash": "sha256-OQEQl0THKfnvBfboOFyWPzLhQejf539q1j4TD6dC64k=", + "lastModified": 1665619753, + "narHash": "sha256-FmwkmuXTE3gaQaDwD6abKgIED6qKOSVNo1SAeFE/rvY=", "owner": "fufexan", "repo": "webcord-flake", - "rev": "8d52a20956de918df1b63df2ebc18d598b06df48", + "rev": "f94b5553fb8dcda6cfdd1ab569212c3324aa3885", "type": "github" }, "original": { -- 2.47.1 From b0a3cb40a44f7f2a802a4df8c68594bc99eca94f Mon Sep 17 00:00:00 2001 From: victor Date: Fri, 14 Oct 2022 21:09:46 +0200 Subject: [PATCH 0511/1882] update mastodon --- flake.nix | 2 +- nixos/pkgs/glitch-soc/default.nix | 2 +- nixos/pkgs/glitch-soc/gemset.nix | 125 ++++++++++++++---------------- nixos/pkgs/glitch-soc/source.nix | 6 +- 4 files changed, 63 insertions(+), 72 deletions(-) diff --git a/flake.nix b/flake.nix index 67ef74bd..f422d270 100644 --- a/flake.nix +++ b/flake.nix @@ -24,7 +24,7 @@ home-manager.inputs.nixpkgs.follows = "nixpkgs"; hyprland.url = "github:hyprwm/Hyprland"; - hyprpaper.url = "github:NULLx76/hyprpaper"; + hyprpaper.url = "github:hyprwm/hyprpaper"; hyprpaper.inputs.nixpkgs.follows = "nixpkgs"; riff.url = "github:DeterminateSystems/riff"; diff --git a/nixos/pkgs/glitch-soc/default.nix b/nixos/pkgs/glitch-soc/default.nix index 1f48ccc9..9ec3cfb4 100644 --- a/nixos/pkgs/glitch-soc/default.nix +++ b/nixos/pkgs/glitch-soc/default.nix @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { yarnOfflineCache = fetchYarnDeps { yarnLock = "${src}/yarn.lock"; - sha256 = "sha256-b0XNhcCcTtYEdy1ZzRGwOrLpgpsMlt9qLf5CBa+1BL8="; + sha256 = "sha256-Yt7TIH24B+S8JarcCEIyMAKWlFiXlb/5i7p2cBrZlDM="; }; mastodon-gems = bundlerEnv { diff --git a/nixos/pkgs/glitch-soc/gemset.nix b/nixos/pkgs/glitch-soc/gemset.nix index c0c5f1ad..fb54623e 100644 --- a/nixos/pkgs/glitch-soc/gemset.nix +++ b/nixos/pkgs/glitch-soc/gemset.nix @@ -5,10 +5,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0p8zkh5ww16y8n1jp12y1gjrmll7m7305c91p419f10qrw4x8cgc"; + sha256 = "0r7ybdykxnn2544vcjmi51mxfpfqx3b4c7fjz15c57hamkhlalzf"; type = "gem"; }; - version = "6.1.6"; + version = "6.1.7"; }; actionmailbox = { dependencies = ["actionpack" "activejob" "activerecord" "activestorage" "activesupport" "mail"]; @@ -16,10 +16,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0z52r7k3ig09zjvfcb8xnrl9vl0ssii22c2h7gx26nq8wb7yjkwq"; + sha256 = "024a1c2ak1znkvys7pjkkan23wc0vhzyprl16gp9xcr4wy0l6dn4"; type = "gem"; }; - version = "6.1.6"; + version = "6.1.7"; }; actionmailer = { dependencies = ["actionpack" "actionview" "activejob" "activesupport" "mail" "rails-dom-testing"]; @@ -27,10 +27,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "186bkhrp8j81nrw5xznbi0nyhk49gdv6ynd80pcyk5lxhfkiw1wc"; + sha256 = "193gj013bx5axd4nwvlf6mq19rcvymkf72q9f7ml6v9yl6cc4qam"; type = "gem"; }; - version = "6.1.6"; + version = "6.1.7"; }; actionpack = { dependencies = ["actionview" "activesupport" "rack" "rack-test" "rails-dom-testing" "rails-html-sanitizer"]; @@ -38,10 +38,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1walbq04v4qvgnz39cbfhz9bzhsf14q1h7gd0kgjy3frld6ysrhb"; + sha256 = "0dygq5fxbrgynd2g7r51asyrap1d6cxravwh509kfmqpfbiq119s"; type = "gem"; }; - version = "6.1.6"; + version = "6.1.7"; }; actiontext = { dependencies = ["actionpack" "activerecord" "activestorage" "activesupport" "nokogiri"]; @@ -49,10 +49,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0s6v0vnnm8zrxc3pr058r8bvgs6fxgjhadbc5r1sv1mrbyvvm1h0"; + sha256 = "13kr77v91wa7sfsq7h04g8zy1qxcbwhhf4k6zz8276b1d10szly5"; type = "gem"; }; - version = "6.1.6"; + version = "6.1.7"; }; actionview = { dependencies = ["activesupport" "builder" "erubi" "rails-dom-testing" "rails-html-sanitizer"]; @@ -60,10 +60,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "05r0h7pvc0szqmgnra0j3j8ap7dmiyw9s6qksx41v5cxknmfi0h3"; + sha256 = "1m68my4dnj7q7986jwlb7gir0f7hahdsqbiaxfvgngwksa8fhrn1"; type = "gem"; }; - version = "6.1.6"; + version = "6.1.7"; }; active_model_serializers = { dependencies = ["actionpack" "activemodel" "case_transform" "jsonapi-renderer"]; @@ -92,10 +92,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0gjvxrzdbg0dsyqx7wsmxqfvlpl37zvzq3d1cylhb5qslsw6ml05"; + sha256 = "05f497khf51wrsah927pnmpl0yrcx82gajjk8brcrrbbbd9arlp5"; type = "gem"; }; - version = "6.1.6"; + version = "6.1.7"; }; activemodel = { dependencies = ["activesupport"]; @@ -103,10 +103,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1f0ai51icvvx5q0jd1l89k0dlwzpsrkqlj6x43f8qc4bd1ya9glx"; + sha256 = "183d7laxvwrw1d02qgm8rg9ljjihfiyh4vzi58xm42z3fr3bbhky"; type = "gem"; }; - version = "6.1.6"; + version = "6.1.7"; }; activerecord = { dependencies = ["activemodel" "activesupport"]; @@ -114,10 +114,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0khjnkvmiyap1g3rvw9hp16mzai4smqcg5hxhq28pll25ljzxdbp"; + sha256 = "1dsxi813wyhx2d0bbyc0nla4ck6nmmi3z3765gdqf6xl3dha5r2j"; type = "gem"; }; - version = "6.1.6"; + version = "6.1.7"; }; activestorage = { dependencies = ["actionpack" "activejob" "activerecord" "activesupport" "marcel" "mini_mime"]; @@ -125,10 +125,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "03w600j4jzgfycy2xm6cxry3q5rpvx1jvr7msy1jx65sa2shgjha"; + sha256 = "1yvmvfka2s7am8m3zdllblxiyyy4yr3ca6q6q5r23fd2qs7rmbz0"; type = "gem"; }; - version = "6.1.6"; + version = "6.1.7"; }; activesupport = { dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo" "zeitwerk"]; @@ -136,10 +136,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08wzpwgdm03vzb8gqr8bvfdarb89g5ah0skvwqk6qv87p55xqkyw"; + sha256 = "0k5pq2swzgddmwwr6x1phbspk1vw8cl88ci8jbi18mrirjjfippr"; type = "gem"; }; - version = "6.1.6"; + version = "6.1.7"; }; addressable = { dependencies = ["public_suffix"]; @@ -321,15 +321,15 @@ version = "2.9.1"; }; better_html = { - dependencies = ["actionview" "activesupport" "ast" "erubi" "html_tokenizer" "parser" "smart_properties"]; + dependencies = ["actionview" "activesupport" "ast" "erubi" "parser" "smart_properties"]; groups = ["default" "development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1sssv94gg7bnxiqn5pbbpf8rdnmw3iyj2qwn2pbgxxs8xmmq158b"; + sha256 = "1y090dmgjxr3yzxi3pg5jgirkmyfdrmjhabmzmhg5i8ssiqr2gdz"; type = "gem"; }; - version = "1.0.16"; + version = "2.0.1"; }; bindata = { groups = ["default"]; @@ -620,10 +620,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ffdxhgirgc86qb42yvmfj6v1v0x4lvi0pxn9zhghkff44wzra0k"; + sha256 = "1nj4r58m5cpfdsijj6gjfs3yzcnxq2halagjk07wjcrgj6z8ayb7"; type = "gem"; }; - version = "2.2.5"; + version = "2.3.0"; }; cose = { dependencies = ["cbor" "openssl-signature_algorithm"]; @@ -759,10 +759,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "188ybg2cgghcp5r1jpfnbx3anf0z8fzlla72jra0vgwkdylk7qkz"; + sha256 = "1znfhqxvfdvxh0z8qnh1n7iahk9hs8d243j5dvig2v933j4z3ykw"; type = "gem"; }; - version = "5.5.4"; + version = "5.6.0"; }; dotenv = { groups = ["default"]; @@ -853,10 +853,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "09l8lz3j00m898li0yfsnb6ihc63rdvhw3k5xczna5zrjk104f2l"; + sha256 = "11bz1v1cxabm8672gabrw542zyg51dizlcvdck6vvwzagxbjv9zx"; type = "gem"; }; - version = "1.10.0"; + version = "1.11.0"; }; et-orbi = { dependencies = ["tzinfo"]; @@ -895,10 +895,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1na8p9r9zdvz75aihjczhamlygrjs9dj7pcbxgg8vfavrx8d89b5"; + sha256 = "1wslw5gh335zcahxmdd497xaa7h0d8l60c0jfv942mn47fxy8m47"; type = "gem"; }; - version = "2.22.0"; + version = "2.23.0"; }; faraday = { dependencies = ["faraday-em_http" "faraday-em_synchrony" "faraday-excon" "faraday-httpclient" "faraday-multipart" "faraday-net_http" "faraday-net_http_persistent" "faraday-patron" "faraday-rack" "faraday-retry" "ruby2_keywords"]; @@ -1223,16 +1223,6 @@ }; version = "0.3.0"; }; - html_tokenizer = { - groups = ["default" "development" "test"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0dq6685sdzdn53mkzags6mvx3l0afcx6xma664zij6y3dxj2a7p8"; - type = "gem"; - }; - version = "0.0.7"; - }; htmlentities = { groups = ["default"]; platforms = []; @@ -1301,10 +1291,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1dr7cj8km01kjsiwrx7n3qxr264ga13ll15s4h9dbbyj5m8kxqd2"; + sha256 = "0mi38zgpwvasjq0cqz674crwal5rsaw8f89bww9zsw2vk77bhaq9"; type = "gem"; }; - version = "1.5.0"; + version = "1.6.0"; }; i18n = { dependencies = ["concurrent-ruby"]; @@ -1323,10 +1313,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ahckdzg7k464pv1lxdcmxf51wlf480d5y2fvmz2dkcn39p7477b"; + sha256 = "19zkcsqwzc3i6vizj26mxxww6m5grv9zmp6yxyswbqq9kyzb081z"; type = "gem"; }; - version = "1.0.11"; + version = "1.0.12"; }; idn-ruby = { groups = ["default"]; @@ -1556,10 +1546,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "18ymp6l3bv7abz07k6qbbi9c9vsiahq30d2smh4qzsvag8j5m5v1"; + sha256 = "1fpyk1965py77al7iadkn5dibwgvybknkr7r8bii2dj73wvr29rh"; type = "gem"; }; - version = "2.18.0"; + version = "2.19.0"; }; mail = { dependencies = ["mini_mime"]; @@ -1691,10 +1681,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "14a9ign0hj3z3j4cpfplj2djaskx3skzyx4fl3x53d7saxmhrgn1"; + sha256 = "0516ypqlx0mlcfn5xh7qppxqc3xndn1fnadxawa8wld5dkcimy30"; type = "gem"; }; - version = "5.16.2"; + version = "5.16.3"; }; msgpack = { groups = ["default"]; @@ -1911,10 +1901,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xhfghgidj8cbdnqp01f7kvnrv1f60izpkd9dhxsvpdzkfsdg97d"; + sha256 = "1q31n7yj59wka8xl8s5wkf66hm4pgvblx95czyxffprdnlhrir2p"; type = "gem"; }; - version = "3.1.2.0"; + version = "3.1.2.1"; }; parslet = { groups = ["default"]; @@ -2166,10 +2156,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "06wzq30c2f9jhsbkxwg9n18xwyh66fnpbndkrvq1c4mrl2rx478z"; + sha256 = "01l06196jkidj07g8jdc43nr060r46hsjz8bk4bdk0lzzck94fvf"; type = "gem"; }; - version = "6.1.6"; + version = "6.1.7"; }; rails-controller-testing = { dependencies = ["actionpack" "actionview" "activesupport"]; @@ -2232,10 +2222,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "16dyjmy42v51acmx1ba2xxncvx368ss5rww6bsf1lwgyk4vqn41h"; + sha256 = "1iwziqrzk7f7r3w5pkfnbh1mqsfsywy7lvz2blqds3nval79dw2x"; type = "gem"; }; - version = "6.1.6"; + version = "6.1.7"; }; rainbow = { groups = ["default" "development" "test"]; @@ -2453,10 +2443,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xfk4pla77251n39zf4n792m1rhg5sn1kp63yvpvvysany34la03"; + sha256 = "1c01iicvrjk6vv744jgh0y4kk9d0kg2rd2ihdyzvg5p06xm2fpzq"; type = "gem"; }; - version = "3.11.0"; + version = "3.11.1"; }; rspec_junit_formatter = { dependencies = ["rspec-core"]; @@ -2464,10 +2454,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1jqh5v1kjisncfzf9z0hghkaiqab086rcgy21cy3djg828sm1bxk"; + sha256 = "059bnq1gcwl9g93cqf13zpz38zk7jxaa43anzz06qkmfwrsfdpa0"; type = "gem"; }; - version = "0.5.1"; + version = "0.6.0"; }; rubocop = { dependencies = ["parallel" "parser" "rainbow" "regexp_parser" "rexml" "rubocop-ast" "ruby-progressbar" "unicode-display_width"]; @@ -2593,10 +2583,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1c6sskq3ivpll14jqbmp09bkrz64i08j9dg8m2a7p5akkzklwiil"; + sha256 = "0p2mj2jj5b9wqmpvkngx87lfr2qgwhqvwx38bmhl5aa29pc6z5kx"; type = "gem"; }; - version = "6.5.5"; + version = "6.5.7"; }; sidekiq-bulk = { dependencies = ["sidekiq"]; @@ -2922,10 +2912,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0k62nrh30sinsfbs17w8cahydf3vm3j14l0l0ba78vfh429cv4i3"; + sha256 = "1lslg5vvhx6w0mkbf6gpqvr9h8pj84wc639vk7ix7bqk61wgfch9"; type = "gem"; }; - version = "1.2022.3"; + version = "1.2022.4"; }; unf = { dependencies = ["unf_ext"]; @@ -2953,10 +2943,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0csjm9shhfik0ci9mgimb7hf3xgh7nx45rkd9rzgdz6vkwr8rzxn"; + sha256 = "0ra70s8prfacpqwj5v2mqn1rbfz6xds3n9nsr9cwzs3z2c0wm5j7"; type = "gem"; }; - version = "2.1.0"; + version = "2.3.0"; }; uniform_notifier = { groups = ["default" "development"]; @@ -3121,3 +3111,4 @@ version = "2.6.0"; }; } + diff --git a/nixos/pkgs/glitch-soc/source.nix b/nixos/pkgs/glitch-soc/source.nix index fcd2ac81..00e284c0 100644 --- a/nixos/pkgs/glitch-soc/source.nix +++ b/nixos/pkgs/glitch-soc/source.nix @@ -1,9 +1,9 @@ # This file was generated by pkgs.mastodon.updateScript. { fetchgit, applyPatches }: let src = fetchgit { - url = "https://github.com/NULLx76/glitch-soc.git"; - rev = "475fbad464ec97dcb639d37cb53168cc59327b86"; - sha256 = "0f226mr7y3qn1pw2na1qvs4g067474626fxm3wh96yw15gqjw2gj"; + url = "https://github.com/glitch-soc/mastodon.git"; + rev = "7e62688a0e656d71b0358fa55d5f6e8f8103c297"; + sha256 = "0hz2p1vjalvrz3va6f0vdmmpi0iaw628giiwdpyyf7x0f95yzqyp"; }; in applyPatches { inherit src; -- 2.47.1 From 78370fb23b3ca1fa7a4aa4086dc525949872c8dc Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 15 Oct 2022 11:33:38 +0200 Subject: [PATCH 0512/1882] flake update --- flake.lock | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/flake.lock b/flake.lock index dc296ebf..4d945834 100644 --- a/flake.lock +++ b/flake.lock @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1665753928, - "narHash": "sha256-A7eD0Svt+hONyq90cF2EANJTYexpOkfbLLJ3sJlg0QE=", + "lastModified": 1665789673, + "narHash": "sha256-Ivnm8S9BDkXALM2RWrfHtmd7lF8Tw3AIQTRhQTJERZA=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "b0544dbfffb79e1aa043c7626fbcbc86b8ee9379", + "rev": "610d4d9473162800bfd86a4d6842201011ef2f80", "type": "github" }, "original": { @@ -459,15 +459,15 @@ ] }, "locked": { - "lastModified": 1664193634, - "narHash": "sha256-/hbJQyopmqe+iMDwKtEzDTRkFwfxAtgWpDdpTXp8/EI=", - "owner": "NULLx76", + "lastModified": 1664568383, + "narHash": "sha256-KojBifIOkJ2WmO/lRjQIgPgUnX5Eu10U4VDg+1MB2co=", + "owner": "hyprwm", "repo": "hyprpaper", - "rev": "ea6379b0a7405093f5b5159d4b47e7c077ec5e8e", + "rev": "8f4c712950ad6a9bc7c7281c15a63f5fa06ba92b", "type": "github" }, "original": { - "owner": "NULLx76", + "owner": "hyprwm", "repo": "hyprpaper", "type": "github" } @@ -550,11 +550,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1665718979, - "narHash": "sha256-0B3JtEGUR354bQVhlPqPyHMauJqGQ2R91Q8ZeNLTp/0=", + "lastModified": 1665799157, + "narHash": "sha256-PlJ3uVIRgn4xXcKv+NgRt9DhrzPR8NhONOzx0Hl7vU8=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "acd94ec24d2afa86fc5587b8f5777178875bad8e", + "rev": "f0adef60591301c99bf65ea50d1578b980b2d1bc", "type": "github" }, "original": { @@ -706,11 +706,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1665259268, - "narHash": "sha256-ONFhHBLv5nZKhwV/F2GOH16197PbvpyWhoO0AOyktkU=", + "lastModified": 1665643254, + "narHash": "sha256-IBVWNJxGCsshwh62eRfR6+ry3bSXmulB3VQRzLQo3hk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c5924154f000e6306030300592f4282949b2db6c", + "rev": "ba187fbdc5e35322c7dff556ef2c47bddfd6e8d7", "type": "github" }, "original": { -- 2.47.1 From 919ab390deb2d60b0ff2e242ccdc48f9f1a291d5 Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 15 Oct 2022 13:44:27 +0200 Subject: [PATCH 0513/1882] add lxc template generator --- .github/workflows/nixos.yml | 20 ++++++++--- flake.nix | 67 ++++++++++++++++++------------------- nixos/common/generic-vm.nix | 1 + nixos/lxc-template.nix | 17 ++++++++++ nixos/util.nix | 3 +- 5 files changed, 68 insertions(+), 40 deletions(-) create mode 100644 nixos/lxc-template.nix diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index 672d3b7e..43f0d1f6 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -51,11 +51,23 @@ jobs: - name: "Build NixOS ISO ❄️" run: | nix build '.#iso' - - uses: actions/upload-artifact@v3 + build-lxc: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2.3.2 + + - name: "Install Nix ❄️" + uses: cachix/install-nix-action@v15 + + - name: "Install Cachix ❄️" + uses: cachix/cachix-action@v10 with: - name: nixos-iso - retention-days: 3 - path: result/iso/*.iso + name: 0x76-infra + authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" + + - name: "Build NixOS Proxmox LXC ❄️" + run: | + nix build '.#proxmox-lxc' build-olympus: runs-on: ubuntu-latest steps: diff --git a/flake.nix b/flake.nix index f422d270..8dbbbdc4 100644 --- a/flake.nix +++ b/flake.nix @@ -44,19 +44,9 @@ }; }; - outputs = - { self - , nixpkgs - , vault-secrets - , serokell-nix - , minecraft-servers - , colmena - , home-manager - , hyprpaper - , hyprland - , nixos-generators - , ... - } @ inputs: + outputs = { self, nixpkgs, vault-secrets, serokell-nix, minecraft-servers + , colmena, home-manager, hyprpaper, hyprland, nixos-generators, ... + }@inputs: let inherit (nixpkgs) lib; inherit (builtins) mapAttrs; @@ -84,37 +74,46 @@ # Script to apply local colmena deployments apply-local = pkgs.writeScriptBin "apply-local" '' #!${pkgs.stdenv.shell} - "${colmena.packages.${system}.colmena}"/bin/colmena apply-local --sudo $@ + "${ + colmena.packages.${system}.colmena + }"/bin/colmena apply-local --sudo $@ ''; - in - { + in { # Make the nixosConfigurations for compat reasons - nixosConfigurations = (import (inputs.colmena + "/src/nix/hive/eval.nix") { - rawFlake = self; - colmenaOptions = import (inputs.colmena + "/src/nix/hive/options.nix"); - colmenaModules = import (inputs.colmena + "/src/nix/hive/modules.nix"); - }).nodes; - + nixosConfigurations = + (import (inputs.colmena + "/src/nix/hive/eval.nix") { + rawFlake = self; + colmenaOptions = + import (inputs.colmena + "/src/nix/hive/options.nix"); + colmenaModules = + import (inputs.colmena + "/src/nix/hive/modules.nix"); + }).nodes; # Make the colmena configuration - colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el) - { - meta = { - inherit specialArgs; - nixpkgs = pkgs; - }; - } - nixHosts; + colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el) { + meta = { + inherit specialArgs; + nixpkgs = pkgs; + }; + } nixHosts; packages.${system} = { + inherit apply-local; + default = colmena.packages.${system}.colmena; - apply-local = apply-local; iso = nixos-generators.nixosGenerate { inherit system pkgs; format = "iso"; + modules = [ (import ./nixos/iso.nix) ]; + }; + + proxmox-lxc = nixos-generators.nixosGenerate { + inherit system pkgs; + format = "proxmox-lxc"; modules = [ - (import ./nixos/iso.nix) + "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" + (import ./nixos/lxc-template.nix) ]; }; }; @@ -134,8 +133,8 @@ nixfmt nixUnstable vault - (vault-push-approle-envs self {}) - (vault-push-approles self {}) + (vault-push-approle-envs self { }) + (vault-push-approles self { }) ]; }; }; diff --git a/nixos/common/generic-vm.nix b/nixos/common/generic-vm.nix index 66aba486..dc8aeb81 100644 --- a/nixos/common/generic-vm.nix +++ b/nixos/common/generic-vm.nix @@ -1,4 +1,5 @@ { lib, ... }: { + # The global useDHCP flag is deprecated, therefore explicitly set to false here. # Per-interface useDHCP will be mandatory in the future, so this generated config # replicates the default behaviour. diff --git a/nixos/lxc-template.nix b/nixos/lxc-template.nix new file mode 100644 index 00000000..d4337bdf --- /dev/null +++ b/nixos/lxc-template.nix @@ -0,0 +1,17 @@ +{ config, pkgs, lib, ... }: { + # Can't import common completely due to infinite recursion + imports = [ ./common/users ./common/generic-lxc.nix ]; + + # Enable SSH + services.openssh = { + enable = true; + passwordAuthentication = false; + permitRootLogin = "yes"; + }; + + time.timeZone = lib.mkDefault "Europe/Amsterdam"; + + networking.interfaces.eth0.useDHCP = true; + + system.stateVersion = "22.11"; +} diff --git a/nixos/util.nix b/nixos/util.nix index ce8649b4..665a9276 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -1,7 +1,6 @@ { nixpkgs, home-manager, hyprland, mailserver, ... }: let - inherit (nixpkgs) lib; - inherit (builtins) filter mapAttrs attrValues concatLists; + inherit (builtins) filter attrValues concatLists; # Helper function to resolve what should be imported depending on the type of config (lxc, vm, bare metal) resolve_imports = -- 2.47.1 From 4dbd3c6f898b152a39b960963d758fdd030409ff Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 15 Oct 2022 15:38:47 +0200 Subject: [PATCH 0514/1882] add unpackerr --- nixos/common/modules/unpackerr.nix | 116 ++++++++++-------- nixos/hosts/hades/default.nix | 1 - nixos/hosts/hades/unpackerr/configuration.nix | 34 +++++ 3 files changed, 99 insertions(+), 52 deletions(-) create mode 100644 nixos/hosts/hades/unpackerr/configuration.nix diff --git a/nixos/common/modules/unpackerr.nix b/nixos/common/modules/unpackerr.nix index e1d88c37..3bba6470 100644 --- a/nixos/common/modules/unpackerr.nix +++ b/nixos/common/modules/unpackerr.nix @@ -57,7 +57,8 @@ let ''; }; }; -in { +in +{ options.services.unpackerr = { enable = mkEnableOption "unpackerr"; @@ -224,6 +225,16 @@ in { ''; example = { UN_WEBHOOK_0_URL = "http://example.com"; }; }; + + environmentFile = mkOption { + type = types.nullOr types.path; + default = null; + description = lib.mdDoc '' + Environment file (see `systemd.exec(5)` + "EnvironmentFile=" section for the syntax) to define variables for unpackerr. + This option can be used to safely include secret keys into the unpackerr configuration. + ''; + }; }; config = mkIf cfg.enable { @@ -247,67 +258,70 @@ in { after = [ "network.target" ]; description = "unpackerr system service"; # Filter out all unset variables else unpackerr complains - environment = filterAttrs (n: v: stringLength v > 0) { - # General options - UN_DEBUG = "${toString cfg.debug}"; - UN_INTERVAL = "${cfg.interval}"; - UN_START_DELAY = "${cfg.startDelay}"; - UN_RETRY_DELAY = "${cfg.retryDelay}"; - UN_MAX_RETRIES = "${toString cfg.maxRetries}"; - UN_PARALLEL = "${toString cfg.parallel}"; - UN_FILE_MODE = "${cfg.fileMode}"; - UN_DIR_MODE = "${cfg.dirMode}"; + environment = filterAttrs (n: v: stringLength v > 0) + { + # General options + UN_DEBUG = "${toString cfg.debug}"; + UN_INTERVAL = "${cfg.interval}"; + UN_START_DELAY = "${cfg.startDelay}"; + UN_RETRY_DELAY = "${cfg.retryDelay}"; + UN_MAX_RETRIES = "${toString cfg.maxRetries}"; + UN_PARALLEL = "${toString cfg.parallel}"; + UN_FILE_MODE = "${cfg.fileMode}"; + UN_DIR_MODE = "${cfg.dirMode}"; - # Sonarr - UN_SONARR_0_URL = "${cfg.sonarr.url}"; - UN_SONARR_0_API_KEY = "${cfg.sonarr.apiKey}"; - UN_SONARR_0_PATHS_0 = "${cfg.sonarr.paths}"; - UN_SONARR_0_PROTOCOLS = "${cfg.sonarr.protocols}"; - UN_SONARR_0_TIMEOUT = "${cfg.sonarr.timeout}"; - UN_SONARR_0_DELETE_ORIG = "${toString cfg.sonarr.deleteOrginal}"; - UN_SONARR_0_DELETE_DELAY = "${cfg.sonarr.deleteDelay}"; + # Sonarr + UN_SONARR_0_URL = "${cfg.sonarr.url}"; + UN_SONARR_0_API_KEY = "${cfg.sonarr.apiKey}"; + UN_SONARR_0_PATHS_0 = "${cfg.sonarr.paths}"; + UN_SONARR_0_PROTOCOLS = "${cfg.sonarr.protocols}"; + UN_SONARR_0_TIMEOUT = "${cfg.sonarr.timeout}"; + UN_SONARR_0_DELETE_ORIG = "${toString cfg.sonarr.deleteOrginal}"; + UN_SONARR_0_DELETE_DELAY = "${cfg.sonarr.deleteDelay}"; - # Radarr - UN_RADARR_0_URL = "${cfg.radarr.url}"; - UN_RADARR_0_API_KEY = "${cfg.radarr.apiKey}"; - UN_RADARR_0_PATHS_0 = "${cfg.radarr.paths}"; - UN_RADARR_0_PROTOCOLS = "${cfg.radarr.protocols}"; - UN_RADARR_0_TIMEOUT = "${cfg.radarr.timeout}"; - UN_RADARR_0_DELETE_ORIG = "${toString cfg.radarr.deleteOrginal}"; - UN_RADARR_0_DELETE_DELAY = "${cfg.radarr.deleteDelay}"; + # Radarr + UN_RADARR_0_URL = "${cfg.radarr.url}"; + UN_RADARR_0_API_KEY = "${cfg.radarr.apiKey}"; + UN_RADARR_0_PATHS_0 = "${cfg.radarr.paths}"; + UN_RADARR_0_PROTOCOLS = "${cfg.radarr.protocols}"; + UN_RADARR_0_TIMEOUT = "${cfg.radarr.timeout}"; + UN_RADARR_0_DELETE_ORIG = "${toString cfg.radarr.deleteOrginal}"; + UN_RADARR_0_DELETE_DELAY = "${cfg.radarr.deleteDelay}"; - # Lidarr - UN_LIDARR_0_URL = "${cfg.lidarr.url}"; - UN_LIDARR_0_API_KEY = "${cfg.lidarr.apiKey}"; - UN_LIDARR_0_PATHS_0 = "${cfg.lidarr.paths}"; - UN_LIDARR_0_PROTOCOLS = "${cfg.lidarr.protocols}"; - UN_LIDARR_0_TIMEOUT = "${cfg.lidarr.timeout}"; - UN_LIDARR_0_DELETE_ORIG = "${toString cfg.lidarr.deleteOrginal}"; - UN_LIDARR_0_DELETE_DELAY = "${cfg.lidarr.deleteDelay}"; + # Lidarr + UN_LIDARR_0_URL = "${cfg.lidarr.url}"; + UN_LIDARR_0_API_KEY = "${cfg.lidarr.apiKey}"; + UN_LIDARR_0_PATHS_0 = "${cfg.lidarr.paths}"; + UN_LIDARR_0_PROTOCOLS = "${cfg.lidarr.protocols}"; + UN_LIDARR_0_TIMEOUT = "${cfg.lidarr.timeout}"; + UN_LIDARR_0_DELETE_ORIG = "${toString cfg.lidarr.deleteOrginal}"; + UN_LIDARR_0_DELETE_DELAY = "${cfg.lidarr.deleteDelay}"; - # Readarr - UN_READARR_0_URL = "${cfg.readarr.url}"; - UN_READARR_0_API_KEY = "${cfg.readarr.apiKey}"; - UN_READARR_0_PATHS_0 = "${cfg.readarr.paths}"; - UN_READARR_0_PROTOCOLS = "${cfg.readarr.protocols}"; - UN_READARR_0_TIMEOUT = "${cfg.readarr.timeout}"; - UN_READARR_0_DELETE_ORIG = "${toString cfg.readarr.deleteOrginal}"; - UN_READARR_0_DELETE_DELAY = "${cfg.readarr.deleteDelay}"; + # Readarr + UN_READARR_0_URL = "${cfg.readarr.url}"; + UN_READARR_0_API_KEY = "${cfg.readarr.apiKey}"; + UN_READARR_0_PATHS_0 = "${cfg.readarr.paths}"; + UN_READARR_0_PROTOCOLS = "${cfg.readarr.protocols}"; + UN_READARR_0_TIMEOUT = "${cfg.readarr.timeout}"; + UN_READARR_0_DELETE_ORIG = "${toString cfg.readarr.deleteOrginal}"; + UN_READARR_0_DELETE_DELAY = "${cfg.readarr.deleteDelay}"; - # Folder - UN_FOLDER_0_PATH = "${cfg.folder.path}"; - UN_FOLDER_0_EXTRACT_PATH = "${cfg.folder.extractPath}"; - UN_FOLDER_0_DELETE_AFTER = "${cfg.folder.deleteAfter}"; - UN_FOLDER_0_DELETE_ORIGINAL = "${toString cfg.folder.deleteOrginal}"; - UN_FOLDER_0_DELETE_FILES = "${toString cfg.folder.deleteFiles}"; - UN_FOLDER_0_MOVE_BACK = "${toString cfg.folder.moveBack}"; - } // cfg.extraConfig; + # Folder + UN_FOLDER_0_PATH = "${cfg.folder.path}"; + UN_FOLDER_0_EXTRACT_PATH = "${cfg.folder.extractPath}"; + UN_FOLDER_0_DELETE_AFTER = "${cfg.folder.deleteAfter}"; + UN_FOLDER_0_DELETE_ORIGINAL = "${toString cfg.folder.deleteOrginal}"; + UN_FOLDER_0_DELETE_FILES = "${toString cfg.folder.deleteFiles}"; + UN_FOLDER_0_MOVE_BACK = "${toString cfg.folder.moveBack}"; + } // cfg.extraConfig; serviceConfig = { User = cfg.user; Group = cfg.group; Type = "simple"; Restart = "on-failure"; ExecStart = "${cfg.package}/bin/unpackerr"; + } // optionalAttrs (cfg.environmentFile != null) { + EnvironmentFile = cfg.environmentFile; }; }; }; diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 608fd9e4..887d579c 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -77,7 +77,6 @@ hostname = "unpackerr"; ip = "192.168.0.116"; mac = "06:8a:8e:3e:43:45"; - nix = false; } { hostname = "thelounge"; diff --git a/nixos/hosts/hades/unpackerr/configuration.nix b/nixos/hosts/hades/unpackerr/configuration.nix new file mode 100644 index 00000000..bdf05527 --- /dev/null +++ b/nixos/hosts/hades/unpackerr/configuration.nix @@ -0,0 +1,34 @@ +{ config, pkgs, ... }: +let vs = config.vault-secrets.secrets; +in +{ + networking.interfaces.eth0.useDHCP = true; + + fileSystems."/mnt/storage" = { + device = "storage:/mnt/storage"; + fsType = "nfs"; + }; + + system.stateVersion = "21.11"; + + vault-secrets.secrets.unpackerr = { }; + + services.unpackerr = { + enable = true; + debug = true; + environmentFile = "${vs.unpackerr}/environment"; + sonarr = { + url = "http://sonarr2:8989/"; + paths = "/mnt/storage/torrents/r/TV"; + }; + radarr = { + url = "http://radarr2:7878/"; + paths = "/mnt/storage/torrents/r/Movie"; + }; + lidarr = { + url = "http://lidarr:8686/"; + paths = "/mnt/storage/torrents/r/Music"; + }; + }; +} + -- 2.47.1 From 7b01c571ae9affcd20ca732d125bc5b68de9f8a8 Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 17 Oct 2022 11:55:27 +0200 Subject: [PATCH 0515/1882] flake update --- flake.lock | 24 ++++++++++++------------ nixos/common/default.nix | 6 ++++++ nixos/lxc-template.nix | 2 ++ 3 files changed, 20 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 4d945834..91c5aabc 100644 --- a/flake.lock +++ b/flake.lock @@ -420,11 +420,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1665655007, - "narHash": "sha256-34ZMJlgqJb73RY/gJz8B4cjdM5ukas2crMYQpmyRGeQ=", + "lastModified": 1665991686, + "narHash": "sha256-VbhugQ+NhybgCfU1gpbEQ6QFYrVQ3jRioYIYFVZ+KPs=", "owner": "nix-community", "repo": "home-manager", - "rev": "8cbc6500dfca22d907054f68c564019b3b6cf295", + "rev": "e901c8d86082be74a8be70773bbb6d401ff21e49", "type": "github" }, "original": { @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1665789673, - "narHash": "sha256-Ivnm8S9BDkXALM2RWrfHtmd7lF8Tw3AIQTRhQTJERZA=", + "lastModified": 1665955562, + "narHash": "sha256-h28jGbOaZCUCPWEtzyWuPpR6XXEmOYB3rjjj0DXhwgo=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "610d4d9473162800bfd86a4d6842201011ef2f80", + "rev": "58375bc87a189c915d12ad93d202462427e239ac", "type": "github" }, "original": { @@ -550,11 +550,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1665799157, - "narHash": "sha256-PlJ3uVIRgn4xXcKv+NgRt9DhrzPR8NhONOzx0Hl7vU8=", + "lastModified": 1665972530, + "narHash": "sha256-0pDAiY9m+PMBhAVE2JIK2uFClCpiYOz760peby/Okd4=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "f0adef60591301c99bf65ea50d1578b980b2d1bc", + "rev": "ebeb9cd865e5844ee03304de331a5da3c278bf9a", "type": "github" }, "original": { @@ -737,11 +737,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1665769685, - "narHash": "sha256-R/y+sWuViP4JbVTYqwBc9Miejf0VDXTEyFFS0PKi6sQ=", + "lastModified": 1666000441, + "narHash": "sha256-yetw+pK0soEDDn/KejAOs9xp8U/XFmnq/hPZRA55PDY=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "004d2f87c0be22f91916d84eaebd145d666acbcd", + "rev": "136d760d8dce4641bb4e9c4ceffa2c25de725ac9", "type": "github" }, "original": { diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 5482ec0e..a1a09f02 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -52,6 +52,12 @@ automatic = true; dates = [ "weekly" ]; }; + gc = { + automatic = true; + dates = [ "weekly" ]; + randomizedDelaySec = "3h"; + options = "--delete-older-than 7d"; + }; extraOptions = '' experimental-features = nix-command flakes ''; diff --git a/nixos/lxc-template.nix b/nixos/lxc-template.nix index d4337bdf..974f7fba 100644 --- a/nixos/lxc-template.nix +++ b/nixos/lxc-template.nix @@ -9,6 +9,8 @@ permitRootLogin = "yes"; }; + networking.hostName = "template"; + time.timeZone = lib.mkDefault "Europe/Amsterdam"; networking.interfaces.eth0.useDHCP = true; -- 2.47.1 From d35f657217e864ded8d6f62b480fe261eef20c59 Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 17 Oct 2022 12:04:16 +0200 Subject: [PATCH 0516/1882] fixes --- flake.nix | 1 - nixos/common/default.nix | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index 8dbbbdc4..fe140439 100644 --- a/flake.nix +++ b/flake.nix @@ -112,7 +112,6 @@ inherit system pkgs; format = "proxmox-lxc"; modules = [ - "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" (import ./nixos/lxc-template.nix) ]; }; diff --git a/nixos/common/default.nix b/nixos/common/default.nix index a1a09f02..b73da1f2 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -54,7 +54,7 @@ }; gc = { automatic = true; - dates = [ "weekly" ]; + dates = "weekly"; randomizedDelaySec = "3h"; options = "--delete-older-than 7d"; }; -- 2.47.1 From 5be230f1ab664ba06122c805767d2f9a3a2521ff Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Mon, 17 Oct 2022 16:29:32 +0200 Subject: [PATCH 0517/1882] update GH actions --- .github/workflows/nixos.yml | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index 43f0d1f6..4b74a304 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -8,7 +8,7 @@ jobs: build-null: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2.3.2 + - uses: actions/checkout@v3 - name: Free Disk Space (Ubuntu) uses: jlumbroso/free-disk-space@main with: @@ -24,9 +24,9 @@ jobs: large-packages: true swap-storage: true - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v15 + uses: cachix/install-nix-action@v18 - name: "Install Cachix ❄️" - uses: cachix/cachix-action@v10 + uses: cachix/cachix-action@v11 with: name: 0x76-infra authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" @@ -37,13 +37,13 @@ jobs: build-iso: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2.3.2 + - uses: actions/checkout@v3 - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v15 + uses: cachix/install-nix-action@v18 - name: "Install Cachix ❄️" - uses: cachix/cachix-action@v10 + uses: cachix/cachix-action@v11 with: name: 0x76-infra authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" @@ -54,13 +54,13 @@ jobs: build-lxc: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2.3.2 + - uses: actions/checkout@v3 - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v15 + uses: cachix/install-nix-action@v18 - name: "Install Cachix ❄️" - uses: cachix/cachix-action@v10 + uses: cachix/cachix-action@v11 with: name: 0x76-infra authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" @@ -71,7 +71,7 @@ jobs: build-olympus: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2.3.2 + - uses: actions/checkout@v3 - name: Free Disk Space (Ubuntu) uses: jlumbroso/free-disk-space@main @@ -89,9 +89,9 @@ jobs: swap-storage: true - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v15 + uses: cachix/install-nix-action@v18 - name: "Install Cachix ❄️" - uses: cachix/cachix-action@v10 + uses: cachix/cachix-action@v11 with: name: 0x76-infra authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" @@ -103,7 +103,7 @@ jobs: build-hades: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2.3.2 + - uses: actions/checkout@v3 - name: Free Disk Space (Ubuntu) uses: jlumbroso/free-disk-space@main @@ -121,10 +121,10 @@ jobs: swap-storage: true - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v15 + uses: cachix/install-nix-action@v18 - name: "Install Cachix ❄️" - uses: cachix/cachix-action@v10 + uses: cachix/cachix-action@v11 with: name: 0x76-infra authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" @@ -136,13 +136,13 @@ jobs: # check: # runs-on: ubuntu-latest # steps: - # - uses: actions/checkout@v2.3.2 + # - uses: actions/checkout@v3 # - name: "Install Nix ❄️" - # uses: cachix/install-nix-action@v15 + # uses: cachix/install-nix-action@v18 # - name: "Install Cachix ❄️" - # uses: cachix/cachix-action@v10 + # uses: cachix/cachix-action@v11 # with: # name: 0x76-infra # authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" -- 2.47.1 From 1ca4f4bacef440991de4400ce084e00f55d52caa Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 17 Oct 2022 18:28:54 +0200 Subject: [PATCH 0518/1882] add more routes to rtorrent post up --- nixos/hosts/hades/rtorrent/configuration.nix | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/nixos/hosts/hades/rtorrent/configuration.nix b/nixos/hosts/hades/rtorrent/configuration.nix index 8d974ac0..6e026616 100644 --- a/nixos/hosts/hades/rtorrent/configuration.nix +++ b/nixos/hosts/hades/rtorrent/configuration.nix @@ -24,20 +24,19 @@ let vs = config.vault-secrets.secrets; in services = [ "wg-quick-wg0" ]; }; - # # basically to override wireguard and route olympus IPs via the router - # networking.interfaces.eth0.ipv4.routes = [{ - # address = "10.42.42.0"; - # prefixLength = 23; - # via = "192.168.0.1"; - # }]; - # Mullvad VPN - networking.wg-quick.interfaces = { + networking.wg-quick.interfaces = let + postUpScript = pkgs.writeScriptBin "post_up" '' + #!${pkgs.stdenv.shell} + ${pkgs.iproute2}/bin/ip route add 10.42.42.0/23 via 192.168.0.1 + ${pkgs.iproute2}/bin/ip route add 10.100.0.0/24 via 192.168.0.1 + ''; + in{ wg0 = { address = [ "10.66.153.191/32" "fc00:bbbb:bbbb:bb01::3:99be/128" ]; dns = [ "193.138.218.74" ]; privateKeyFile = "${vs.rtorrent}/wireguardKey"; - postUp = "${pkgs.iproute2}/bin/ip route add 10.42.42.0/23 via 192.168.0.1"; + postUp = "${postUpScript}/bin/post_up"; peers = [ { -- 2.47.1 From c4a704c7638d50ee56cd28ceea74dca9714e3cb2 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 17 Oct 2022 22:00:49 +0200 Subject: [PATCH 0519/1882] rtorrent: fix link exists error --- nixos/hosts/hades/rtorrent/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/rtorrent/configuration.nix b/nixos/hosts/hades/rtorrent/configuration.nix index 6e026616..d0337516 100644 --- a/nixos/hosts/hades/rtorrent/configuration.nix +++ b/nixos/hosts/hades/rtorrent/configuration.nix @@ -36,7 +36,7 @@ let vs = config.vault-secrets.secrets; in address = [ "10.66.153.191/32" "fc00:bbbb:bbbb:bb01::3:99be/128" ]; dns = [ "193.138.218.74" ]; privateKeyFile = "${vs.rtorrent}/wireguardKey"; - postUp = "${postUpScript}/bin/post_up"; + postUp = "${postUpScript}/bin/post_up || true"; peers = [ { -- 2.47.1 From f11f5ecadadf6d3592a349310cb3add767bd41ed Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 18 Oct 2022 16:26:36 +0200 Subject: [PATCH 0520/1882] add flaresolverr to prowlarr --- nixos/hosts/hades/prowlarr/configuration.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/nixos/hosts/hades/prowlarr/configuration.nix b/nixos/hosts/hades/prowlarr/configuration.nix index e1b2035b..da0eff8d 100644 --- a/nixos/hosts/hades/prowlarr/configuration.nix +++ b/nixos/hosts/hades/prowlarr/configuration.nix @@ -7,4 +7,18 @@ enable = true; openFirewall = true; }; + + virtualisation.podman.enable = true; + + virtualisation.oci-containers = { + backend = "podman"; + containers = { + flaresolverr = { + image = "0x76/flaresolverr:3.0.0.beta2-fixup"; + ports = [ + "8191:8191" + ]; + }; + }; + }; } -- 2.47.1 From 2f348356bcc5180bc82495b586d3389b70e61f9e Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 18 Oct 2022 17:20:14 +0200 Subject: [PATCH 0521/1882] added home-manager to bastion --- nixos/hosts/olympus/bastion/configuration.nix | 4 ++++ nixos/hosts/olympus/bastion/home.nix | 16 ++++++++++++++++ nixos/util.nix | 2 +- 3 files changed, 21 insertions(+), 1 deletion(-) create mode 100644 nixos/hosts/olympus/bastion/home.nix diff --git a/nixos/hosts/olympus/bastion/configuration.nix b/nixos/hosts/olympus/bastion/configuration.nix index e1fa0cdc..a66794ff 100644 --- a/nixos/hosts/olympus/bastion/configuration.nix +++ b/nixos/hosts/olympus/bastion/configuration.nix @@ -60,4 +60,8 @@ in { enable = true; pinentryFlavor = "curses"; }; + + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.victor = import ./home.nix; } diff --git a/nixos/hosts/olympus/bastion/home.nix b/nixos/hosts/olympus/bastion/home.nix new file mode 100644 index 00000000..dcfdd22e --- /dev/null +++ b/nixos/hosts/olympus/bastion/home.nix @@ -0,0 +1,16 @@ +{ config, pkgs, lib, ... }: { + programs.home-manager.enable = true; + home.username = "victor"; + home.homeDirectory = "/home/victor"; + home.stateVersion = "22.05"; + + programs.direnv = { + enable = true; + nix-direnv = { enable = true; }; + }; + + programs.zsh = { + enable = true; + sessionVariables = { DIRENV_LOG_FORMAT = ""; }; + }; +} diff --git a/nixos/util.nix b/nixos/util.nix index 665a9276..373f32e5 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -15,12 +15,12 @@ let ./common/generic-vm.nix ]; "local" = [ - home-manager.nixosModules.home-manager hyprland.nixosModules.default ]; }; in { hostname, realm, profile ? hostname, type ? "lxc", ... }: [ + home-manager.nixosModules.home-manager mailserver.nixosModules.mailserver ./common "${./.}/hosts/${realm}/${profile}/configuration.nix" -- 2.47.1 From 272285ceeae62723acce447875a2c0e5b306305a Mon Sep 17 00:00:00 2001 From: victor Date: Thu, 20 Oct 2022 10:54:24 +0200 Subject: [PATCH 0522/1882] remove vmagent (has now been upstreamed) --- flake.lock | 54 +++++----- nixos/common/modules/default.nix | 1 - nixos/common/modules/vmagent.nix | 107 -------------------- nixos/hosts/thalassa/null/home/hyprland.nix | 3 +- nixos/pkgs/default.nix | 5 +- nixos/pkgs/vmagent/default.nix | 26 ----- 6 files changed, 31 insertions(+), 165 deletions(-) delete mode 100644 nixos/common/modules/vmagent.nix delete mode 100644 nixos/pkgs/vmagent/default.nix diff --git a/flake.lock b/flake.lock index 91c5aabc..95b79d3d 100644 --- a/flake.lock +++ b/flake.lock @@ -51,11 +51,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1665350797, - "narHash": "sha256-7XAcfqRlsJf+y7174WcKJzHoZlq5ChrrymShL0xj8QY=", + "lastModified": 1666221385, + "narHash": "sha256-HZW4iiNqlPhp1tCAzG07svfsVg8rH3wvVKr2fRTKOTA=", "owner": "zhaofengli", "repo": "colmena", - "rev": "872949504befb9b5540e69f846c6965def7150f9", + "rev": "956c3363b875695fba30a5a8033dc543c2cd4326", "type": "github" }, "original": { @@ -74,11 +74,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1663284638, - "narHash": "sha256-rXAX14yB8v9BOG4ZsdGEedpZAnNqhQ4DtjQwzFX/TLY=", + "lastModified": 1666010793, + "narHash": "sha256-6zhTpR0cfaHrupOXRZAdCzLAGINgsB6h3HQnj7+qHWs=", "owner": "nix-community", "repo": "comma", - "rev": "c83ff3839983b3cb8deb407ff618ca12179de588", + "rev": "691120d169189f3a9cb29b1c72bcd521ac372b2b", "type": "github" }, "original": { @@ -420,11 +420,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1665991686, - "narHash": "sha256-VbhugQ+NhybgCfU1gpbEQ6QFYrVQ3jRioYIYFVZ+KPs=", + "lastModified": 1666253070, + "narHash": "sha256-MtaNgghmfp+ywh5mv9FcspFT4ACaYINSN+D98PCkrP0=", "owner": "nix-community", "repo": "home-manager", - "rev": "e901c8d86082be74a8be70773bbb6d401ff21e49", + "rev": "c485669ca529e01c1505429fa9017c9a93f15559", "type": "github" }, "original": { @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1665955562, - "narHash": "sha256-h28jGbOaZCUCPWEtzyWuPpR6XXEmOYB3rjjj0DXhwgo=", + "lastModified": 1666213922, + "narHash": "sha256-GFy1zY7Cd5361v5/eJAsXIxnUyCrRUDgTg6zxbq/7Ws=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "58375bc87a189c915d12ad93d202462427e239ac", + "rev": "1b349f79acd29bf7589472147ec3853b6cad71b7", "type": "github" }, "original": { @@ -550,11 +550,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1665972530, - "narHash": "sha256-0pDAiY9m+PMBhAVE2JIK2uFClCpiYOz760peby/Okd4=", + "lastModified": 1666230919, + "narHash": "sha256-gVbo0uLZIGW2RPtVY02ZRPlXRAYHtWl4WWZmmDzdurs=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "ebeb9cd865e5844ee03304de331a5da3c278bf9a", + "rev": "36451bfa96b82304a34f44c190aa26aaa7cec7fc", "type": "github" }, "original": { @@ -691,11 +691,11 @@ ] }, "locked": { - "lastModified": 1660727616, - "narHash": "sha256-zYTIvdPMYMx/EYqXODAwIIU30RiEHqNHdgarIHuEYZc=", + "lastModified": 1666016402, + "narHash": "sha256-Cm/nrdUMXwXiFQforG1Mv8OA4o8yhuVx6E1eDFH4rew=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "adccd191a0e83039d537e021f19495b7bad546a1", + "rev": "688db42a1eb34853f050267ff65c975f664312f0", "type": "github" }, "original": { @@ -737,11 +737,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1666000441, - "narHash": "sha256-yetw+pK0soEDDn/KejAOs9xp8U/XFmnq/hPZRA55PDY=", + "lastModified": 1666255399, + "narHash": "sha256-0fEBKhkjf/9/Pi/lBVP/z4G1auYnGt9xC2lNo2FZiwM=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "136d760d8dce4641bb4e9c4ceffa2c25de725ac9", + "rev": "ed2d6191f0362fc68e3465355d524b3ba96626c8", "type": "github" }, "original": { @@ -941,11 +941,11 @@ ] }, "locked": { - "lastModified": 1665542977, - "narHash": "sha256-z5DLRdG0J6ZLx/FdnX6PCwCVyXUfu3gUzJSfu3Bh3ak=", + "lastModified": 1666151986, + "narHash": "sha256-mW9UpFa6TmYgt0VuOwxRZkesrXkl7Z+RW5M/T7PyCBc=", "owner": "serokell", "repo": "serokell.nix", - "rev": "c61261e6ed552bb1679226c0f8ff8504268492b0", + "rev": "7441de5b6518d20a47d962837e119f74bbe7a93f", "type": "github" }, "original": { @@ -1078,11 +1078,11 @@ "webcord": "webcord_2" }, "locked": { - "lastModified": 1665619753, - "narHash": "sha256-FmwkmuXTE3gaQaDwD6abKgIED6qKOSVNo1SAeFE/rvY=", + "lastModified": 1666097086, + "narHash": "sha256-6WKh4NwItcz9IGY5rGkkeWCtGOmpU3nf85dX29suDjE=", "owner": "fufexan", "repo": "webcord-flake", - "rev": "f94b5553fb8dcda6cfdd1ab569212c3324aa3885", + "rev": "9098504f2a08ac848ea43de40496925c450e7111", "type": "github" }, "original": { diff --git a/nixos/common/modules/default.nix b/nixos/common/modules/default.nix index 9b31e013..3680ca0f 100644 --- a/nixos/common/modules/default.nix +++ b/nixos/common/modules/default.nix @@ -3,7 +3,6 @@ ./dns.nix ./flood.nix ./unpackerr.nix - ./vmagent.nix ./vault.nix ]; } diff --git a/nixos/common/modules/vmagent.nix b/nixos/common/modules/vmagent.nix deleted file mode 100644 index fd756179..00000000 --- a/nixos/common/modules/vmagent.nix +++ /dev/null @@ -1,107 +0,0 @@ -{ config, pkgs, lib, ... }: -with lib; -let - cfg = config.services.vmagent; - settingsFormat = pkgs.formats.json { }; -in { - options.services.vmagent = { - enable = mkEnableOption "vmagent"; - - user = mkOption { - default = "vmagent"; - type = types.str; - description = '' - User account under which vmagent runs. - ''; - }; - - group = mkOption { - type = types.str; - default = "vmagent"; - description = '' - Group under which vmagent runs. - ''; - }; - - package = mkOption { - default = pkgs.vmagent; - defaultText = "pkgs.vmagent"; - type = types.package; - description = '' - vmagent package to use. - ''; - }; - - dataDir = mkOption { - type = types.str; - default = "/var/lib/vmagent"; - description = '' - The directory where vmagent stores its data files. - ''; - }; - - remoteWriteUrl = mkOption { - default = "http://localhost:8428/api/v1/write"; - type = types.str; - description = '' - The remote storage endpoint such as VictoriaMetrics - ''; - }; - - prometheusConfig = mkOption { - type = lib.types.submodule { freeformType = settingsFormat.type; }; - description = '' - Config for prometheus style metrics - ''; - }; - - openFirewall = mkOption { - type = types.bool; - default = false; - description = '' - Whether to open the firewall for the default ports. - ''; - }; - }; - - config = mkIf cfg.enable { - # Create group if set to default - users.groups = mkIf (cfg.group == "vmagent") { vmagent = { }; }; - - # Create user if set to default - users.users = mkIf (cfg.user == "vmagent") { - vmagent = { - group = cfg.group; - shell = pkgs.bashInteractive; - description = "vmagent daemon user"; - home = cfg.dataDir; - isSystemUser = true; - }; - }; - - # Open firewall if option is set to do so. - networking.firewall.allowedTCPPorts = mkIf (cfg.openFirewall) [ 8429 ]; - - # The actual service - systemd.services.vmagent = let - prometheusConfig = - settingsFormat.generate "prometheusConfig.yaml" cfg.prometheusConfig; - in { - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; - description = "vmagent system service"; - serviceConfig = { - User = cfg.user; - Group = cfg.group; - Type = "simple"; - Restart = "on-failure"; - WorkingDirectory = cfg.dataDir; - ExecStart = - "${cfg.package}/bin/vmagent -remoteWrite.url=${cfg.remoteWriteUrl} -promscrape.config=${prometheusConfig}"; - }; - }; - - systemd.tmpfiles.rules = - [ "d '${cfg.dataDir}' 0755 ${cfg.user} ${cfg.group} -" ]; - }; -} diff --git a/nixos/hosts/thalassa/null/home/hyprland.nix b/nixos/hosts/thalassa/null/home/hyprland.nix index 4eca844e..4d187f93 100644 --- a/nixos/hosts/thalassa/null/home/hyprland.nix +++ b/nixos/hosts/thalassa/null/home/hyprland.nix @@ -31,6 +31,7 @@ windowrulev2 = workspace 1 silent,class:^(Electron)$,title:^(.*)(WebCord)(.*)$ windowrulev2 = workspace 1 silent,title:^(Element)(.*)$ windowrulev2 = workspace 2 silent,class:^(firefox-aurora)$ + windowrulev2 = float,class:^(firefox-aurora)$,title:^(Picture-in-Picture)$ general { layout = dwindle @@ -66,7 +67,7 @@ bind=SUPER,W,killactive, bind=SUPERSHIFT,Q,exit, bind=SUPER,S,togglefloating, - bind=SUPER,P,pseudo, + bind=SUPER,P,pin, bindm=SUPER,mouse:272,movewindow bindm=SUPER,mouse:273,resizewindow diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index 5d2b12ab..b13c7d89 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -2,8 +2,6 @@ final: prev: { catppuccin.cursors = prev.callPackage ./catppuccin/cursors { }; - vmagent = prev.callPackage ./vmagent { }; - v = { glitch-soc = prev.callPackage ./glitch-soc { }; @@ -21,7 +19,8 @@ final: prev: { gitea-agatheme = prev.callPackage ./gitea-agatheme { }; vscode-extensions = { - platformio.platformio-ide = prev.callPackage ./vscode-extensions/platformio.nix { }; + platformio.platformio-ide = + prev.callPackage ./vscode-extensions/platformio.nix { }; }; }; } diff --git a/nixos/pkgs/vmagent/default.nix b/nixos/pkgs/vmagent/default.nix deleted file mode 100644 index 48384bbf..00000000 --- a/nixos/pkgs/vmagent/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ lib, fetchFromGitHub, buildGoModule }: -buildGoModule rec { - pname = "vmagent"; - version = "1.82.0"; - - src = fetchFromGitHub { - owner = "VictoriaMetrics"; - repo = "VictoriaMetrics"; - rev = "v${version}"; - sha256 = "JIl2WeveDoAHzqJ2cqMxpWeNf4yQC9fIdfECOJywJ2A="; - }; - - ldflags = [ "-s" "-w" "-X github.com/VictoriaMetrics/VictoriaMetrics/lib/buildinfo.Version=${version}" ]; - - vendorSha256 = null; - - subPackages = [ "app/vmagent" ]; - - meta = with lib; { - homepage = "https://github.com/VictoriaMetrics/VictoriaMetrics/tree/master/app/vmagent"; - description = "VictoriaMetrics metrics scraper"; - license = licenses.asl20; - platforms = platforms.linux; - maintainers = with maintainers; [ nullx76 ]; - }; -} -- 2.47.1 From ea5ec8c6efe82543c0d3a8efb4d2d57069a161b2 Mon Sep 17 00:00:00 2001 From: victor Date: Thu, 20 Oct 2022 15:22:55 +0200 Subject: [PATCH 0523/1882] update --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 95b79d3d..7f58fa7a 100644 --- a/flake.lock +++ b/flake.lock @@ -737,11 +737,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1666255399, - "narHash": "sha256-0fEBKhkjf/9/Pi/lBVP/z4G1auYnGt9xC2lNo2FZiwM=", + "lastModified": 1666261987, + "narHash": "sha256-U7BxBA/al1NFB8qV2zGLz8DXMs/OJDF5otPR6A41t2U=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "ed2d6191f0362fc68e3465355d524b3ba96626c8", + "rev": "777f88cbac43b02fb5c500b366c4c9455f185c53", "type": "github" }, "original": { -- 2.47.1 From 9b1cc552d5f7d25891bac9c556bfd7724c515aba Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 22 Oct 2022 13:15:03 +0200 Subject: [PATCH 0524/1882] minore changes --- nixos/hosts/thalassa/null/home/default.nix | 2 ++ nixos/hosts/thalassa/null/networking.nix | 3 +++ nixos/pkgs/catppuccin/cursors/default.nix | 6 ++++++ nixos/pkgs/default.nix | 3 +++ nixos/pkgs/vscode-extensions/live-server.nix | 10 ++++++++++ 5 files changed, 24 insertions(+) create mode 100644 nixos/pkgs/vscode-extensions/live-server.nix diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index f1cbd10d..8aa16eda 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -57,6 +57,7 @@ in { wf-recorder # Screenrecorder wl-clipboard # Clipboard manager wofi # Wayland rofi + wpa_gui ]; xdg.mimeApps = { @@ -154,6 +155,7 @@ in { ms-vscode-remote.remote-ssh ms-vscode.cpptools platformio.platformio-ide + redhat.vscode-yaml tamasfe.even-better-toml valentjn.vscode-ltex vscodevim.vim diff --git a/nixos/hosts/thalassa/null/networking.nix b/nixos/hosts/thalassa/null/networking.nix index 0ca92169..a89c3566 100644 --- a/nixos/hosts/thalassa/null/networking.nix +++ b/nixos/hosts/thalassa/null/networking.nix @@ -36,6 +36,9 @@ "wired" = { psk = "@WIRED_PASSWORD@"; }; + "meowy hotspot" = { + psk = "@HOTSPOT_PASSWORD@"; + }; }; }; diff --git a/nixos/pkgs/catppuccin/cursors/default.nix b/nixos/pkgs/catppuccin/cursors/default.nix index f7feb235..6e11c4e4 100644 --- a/nixos/pkgs/catppuccin/cursors/default.nix +++ b/nixos/pkgs/catppuccin/cursors/default.nix @@ -16,6 +16,12 @@ stdenvNoCC.mkDerivation { FONTCONFIG_FILE = makeFontsConf { fontDirectories = [ ]; }; buildPhase = '' + mv src src_orig + mkdir src + mv src_orig/Catppuccin-Frappe-Pink-Cursors ./src/ + mv src_orig/cursorList ./src/ + mv src_orig/config ./src/ + mv src_orig/_svgo.yml ./src/ HOME="$NIX_BUILD_ROOT" PREFIX="/" DESTDIR=$out make build ''; diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index b13c7d89..981a3a7a 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -21,6 +21,9 @@ final: prev: { vscode-extensions = { platformio.platformio-ide = prev.callPackage ./vscode-extensions/platformio.nix { }; + + # ms-vscode.live-server = + # prev.callPackage ./vscode-extensions/live-server.nix; }; }; } diff --git a/nixos/pkgs/vscode-extensions/live-server.nix b/nixos/pkgs/vscode-extensions/live-server.nix new file mode 100644 index 00000000..73fdd1d5 --- /dev/null +++ b/nixos/pkgs/vscode-extensions/live-server.nix @@ -0,0 +1,10 @@ +{ vscode-utils, lib }: +let inherit (vscode-utils) buildVscodeMarketplaceExtension; +in buildVscodeMarketplaceExtension { + mktplcRef = { + name = "live-server"; + publisher = "ms-vscode"; + version = "0.5.2022102001"; + sha256 = lib.fakeSha256; + }; +} -- 2.47.1 From 53d0ab4cff91ecaca69573da12c4793d561b1c4e Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 20 Oct 2022 12:37:09 +0200 Subject: [PATCH 0525/1882] add bazarr --- nixos/hosts/hades/bazarr/configuration.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 nixos/hosts/hades/bazarr/configuration.nix diff --git a/nixos/hosts/hades/bazarr/configuration.nix b/nixos/hosts/hades/bazarr/configuration.nix new file mode 100644 index 00000000..c3fe8e44 --- /dev/null +++ b/nixos/hosts/hades/bazarr/configuration.nix @@ -0,0 +1,10 @@ +{ config, pkgs, ... }: +{ + system.stateVersion = "21.05"; + networking.interfaces.eth0.useDHCP = true; + + fileSystems."/mnt/storage" = { + device = "storage:/mnt/storage"; + fsType = "nfs"; + }; +} -- 2.47.1 From cc3c5957b4e04131de2949a4be85948e3110f3ce Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 22 Oct 2022 14:58:42 +0200 Subject: [PATCH 0526/1882] flake update --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 7f58fa7a..0b925497 100644 --- a/flake.lock +++ b/flake.lock @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1666213922, - "narHash": "sha256-GFy1zY7Cd5361v5/eJAsXIxnUyCrRUDgTg6zxbq/7Ws=", + "lastModified": 1666436256, + "narHash": "sha256-ULd4wRwyCSuUZyzBhSMIMLHGswc5tQib0zL60UFDjr0=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "1b349f79acd29bf7589472147ec3853b6cad71b7", + "rev": "3a27ef5e12f0336b0a4bfce0ba98be45f0f5ef51", "type": "github" }, "original": { @@ -737,11 +737,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1666261987, - "narHash": "sha256-U7BxBA/al1NFB8qV2zGLz8DXMs/OJDF5otPR6A41t2U=", + "lastModified": 1666437276, + "narHash": "sha256-VX+/acMDz8CFONswygzNXfvBwa4/nQs2AzdDAFnAffk=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "777f88cbac43b02fb5c500b366c4c9455f185c53", + "rev": "903bb07c98e793b163bb5ee4be4c301fd20b08f4", "type": "github" }, "original": { -- 2.47.1 From 597e6ddbbacbe564e1c046180a54b0b2720066c6 Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 23 Oct 2022 23:41:12 +0200 Subject: [PATCH 0527/1882] mmmm updates --- flake.lock | 42 +++++++++++----------- nixos/hosts/thalassa/null/home/default.nix | 4 ++- nixos/hosts/thalassa/null/networking.nix | 3 ++ nixos/pkgs/default.nix | 3 -- nixos/pkgs/vscode-extensions/astro.nix | 10 ++++++ 5 files changed, 37 insertions(+), 25 deletions(-) create mode 100644 nixos/pkgs/vscode-extensions/astro.nix diff --git a/flake.lock b/flake.lock index 0b925497..13400e12 100644 --- a/flake.lock +++ b/flake.lock @@ -51,11 +51,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1666221385, - "narHash": "sha256-HZW4iiNqlPhp1tCAzG07svfsVg8rH3wvVKr2fRTKOTA=", + "lastModified": 1666555794, + "narHash": "sha256-MfGeJoRypj7RzvfsTohCJHEHGw+//EVCP08BU3HfvCM=", "owner": "zhaofengli", "repo": "colmena", - "rev": "956c3363b875695fba30a5a8033dc543c2cd4326", + "rev": "2bd563e847817a3e96b2aa9932109c83bc64e566", "type": "github" }, "original": { @@ -420,11 +420,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1666253070, - "narHash": "sha256-MtaNgghmfp+ywh5mv9FcspFT4ACaYINSN+D98PCkrP0=", + "lastModified": 1666558342, + "narHash": "sha256-qiH0Zgig28yaSyebehrrYiX1y53Y/xFcQW+EFMRSVI0=", "owner": "nix-community", "repo": "home-manager", - "rev": "c485669ca529e01c1505429fa9017c9a93f15559", + "rev": "186d9399f9eb64fb06ea4385732c1cf1624ae2b6", "type": "github" }, "original": { @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1666436256, - "narHash": "sha256-ULd4wRwyCSuUZyzBhSMIMLHGswc5tQib0zL60UFDjr0=", + "lastModified": 1666473034, + "narHash": "sha256-UfnSWkp4gWf2AA6hyru9Gv1Rb5Ixvsx1RkZ2iVhgC3w=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "3a27ef5e12f0336b0a4bfce0ba98be45f0f5ef51", + "rev": "10303259f7c6f3e64e74e9ca8a31d4223071d5f0", "type": "github" }, "original": { @@ -550,11 +550,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1666230919, - "narHash": "sha256-gVbo0uLZIGW2RPtVY02ZRPlXRAYHtWl4WWZmmDzdurs=", + "lastModified": 1666489879, + "narHash": "sha256-8F7YIR/zoYGRj+7CskPJE9DgoqMfBKixLAZ4TnJPqRU=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "36451bfa96b82304a34f44c190aa26aaa7cec7fc", + "rev": "c5a5fc2b24c27add833eed1708ab106a6026fa27", "type": "github" }, "original": { @@ -706,11 +706,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1665643254, - "narHash": "sha256-IBVWNJxGCsshwh62eRfR6+ry3bSXmulB3VQRzLQo3hk=", + "lastModified": 1666377499, + "narHash": "sha256-dZZCGvWcxc7oGnUgFVf0UeNHsJ4VhkTM0v5JRe8EwR8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ba187fbdc5e35322c7dff556ef2c47bddfd6e8d7", + "rev": "301aada7a64812853f2e2634a530ef5d34505048", "type": "github" }, "original": { @@ -737,11 +737,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1666437276, - "narHash": "sha256-VX+/acMDz8CFONswygzNXfvBwa4/nQs2AzdDAFnAffk=", + "lastModified": 1666558397, + "narHash": "sha256-YEBilpg0HAK8DxxY44a2BKfdxdjTB3qvAFzbi/6zAlE=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "903bb07c98e793b163bb5ee4be4c301fd20b08f4", + "rev": "95da315931c323adb23401f5903f59979c744a38", "type": "github" }, "original": { @@ -1111,11 +1111,11 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1665405587, - "narHash": "sha256-lVL48azhjGA/oEIcUSZQNwomNs0EzPxCcjgzyDST0PM=", + "lastModified": 1666466001, + "narHash": "sha256-ZjxAnqtcGmHQHKL1Z9sIraDnzIqrJleWcJXfPtzAm74=", "owner": "wlroots", "repo": "wlroots", - "rev": "221ee83d440fb7dcbfd141ef3a459a5a973331b6", + "rev": "c2d2773df57750081b16d56da13b5015d752cbd7", "type": "gitlab" }, "original": { diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 8aa16eda..48968527 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -41,6 +41,7 @@ in { libnotify neofetch nixpkgs-review + mullvad-vpn plex-media-player plexamp python3 @@ -57,7 +58,7 @@ in { wf-recorder # Screenrecorder wl-clipboard # Clipboard manager wofi # Wayland rofi - wpa_gui + wpa_supplicant_gui ]; xdg.mimeApps = { @@ -143,6 +144,7 @@ in { }; extensions = with pkgs.vscode-extensions; with pkgs.v.vscode-extensions; [ + astro-build.astro-vscode brettm12345.nixfmt-vscode catppuccin.catppuccin-vsc codezombiech.gitignore diff --git a/nixos/hosts/thalassa/null/networking.nix b/nixos/hosts/thalassa/null/networking.nix index a89c3566..0de1672a 100644 --- a/nixos/hosts/thalassa/null/networking.nix +++ b/nixos/hosts/thalassa/null/networking.nix @@ -5,6 +5,9 @@ openFirewall = false; mode = "laptop"; }; + + services.mullvad-vpn.enable = true; + networking = { useDHCP = true; dhcpcd.wait = "background"; diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index 981a3a7a..b13c7d89 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -21,9 +21,6 @@ final: prev: { vscode-extensions = { platformio.platformio-ide = prev.callPackage ./vscode-extensions/platformio.nix { }; - - # ms-vscode.live-server = - # prev.callPackage ./vscode-extensions/live-server.nix; }; }; } diff --git a/nixos/pkgs/vscode-extensions/astro.nix b/nixos/pkgs/vscode-extensions/astro.nix new file mode 100644 index 00000000..5f874c6f --- /dev/null +++ b/nixos/pkgs/vscode-extensions/astro.nix @@ -0,0 +1,10 @@ +{ vscode-utils, lib }: +let inherit (vscode-utils) buildVscodeMarketplaceExtension; +in buildVscodeMarketplaceExtension { + mktplcRef = { + name = "astro-vscode"; + publisher = "astro-build"; + version = "0.5.2022102001"; + sha256 = lib.fakeSha256; + }; +} -- 2.47.1 From bc31d80640ac06fc1a8bdd42ec495626bf2119f9 Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 24 Oct 2022 13:42:59 +0200 Subject: [PATCH 0528/1882] fix build --- nixos/hosts/thalassa/null/home/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 48968527..e364cfa2 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -144,7 +144,7 @@ in { }; extensions = with pkgs.vscode-extensions; with pkgs.v.vscode-extensions; [ - astro-build.astro-vscode + # astro-build.astro-vscode brettm12345.nixfmt-vscode catppuccin.catppuccin-vsc codezombiech.gitignore -- 2.47.1 From b126dc91f6de5e2a9fa8c01f90f74b5db102514c Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 26 Oct 2022 12:44:35 +0200 Subject: [PATCH 0529/1882] flake update --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 13400e12..f0dd4d1b 100644 --- a/flake.lock +++ b/flake.lock @@ -420,11 +420,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1666558342, - "narHash": "sha256-qiH0Zgig28yaSyebehrrYiX1y53Y/xFcQW+EFMRSVI0=", + "lastModified": 1666649150, + "narHash": "sha256-kINnLxC0KFalUk4tVO/H5hUU7FVAOYYcUSWrsBpnl+I=", "owner": "nix-community", "repo": "home-manager", - "rev": "186d9399f9eb64fb06ea4385732c1cf1624ae2b6", + "rev": "7dc4e4ebd71280842b4d30975439980baaac9db8", "type": "github" }, "original": { @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1666473034, - "narHash": "sha256-UfnSWkp4gWf2AA6hyru9Gv1Rb5Ixvsx1RkZ2iVhgC3w=", + "lastModified": 1666720398, + "narHash": "sha256-/r/BvG3ZOM1KUL6MdVIw5gh9b1vZbKgFDLg0Otv8Bo0=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "10303259f7c6f3e64e74e9ca8a31d4223071d5f0", + "rev": "f9a7b6bf26eec22448c90f1967d6d85835dcae70", "type": "github" }, "original": { @@ -550,11 +550,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1666489879, - "narHash": "sha256-8F7YIR/zoYGRj+7CskPJE9DgoqMfBKixLAZ4TnJPqRU=", + "lastModified": 1666748742, + "narHash": "sha256-iXbopYzGsVJBufHT5SSoxpoY4AjvpqQKVrLvR72kmwc=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "c5a5fc2b24c27add833eed1708ab106a6026fa27", + "rev": "3a42ffbe4d9a8a82e754a15c14c8fd52f59258bf", "type": "github" }, "original": { @@ -737,11 +737,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1666558397, - "narHash": "sha256-YEBilpg0HAK8DxxY44a2BKfdxdjTB3qvAFzbi/6zAlE=", + "lastModified": 1666779351, + "narHash": "sha256-hzS56ZwhiJ7duVJ+lGZX0LL051AGH7089bRt9/ilYeI=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "95da315931c323adb23401f5903f59979c744a38", + "rev": "ab0d8de28ef2fe38ce27ff1f71574c839facc657", "type": "github" }, "original": { @@ -941,11 +941,11 @@ ] }, "locked": { - "lastModified": 1666151986, - "narHash": "sha256-mW9UpFa6TmYgt0VuOwxRZkesrXkl7Z+RW5M/T7PyCBc=", + "lastModified": 1666673869, + "narHash": "sha256-qa0G9Wlwx++VnXvpPw1n8Im1M69Q/7gTvgoNTn7D1FU=", "owner": "serokell", "repo": "serokell.nix", - "rev": "7441de5b6518d20a47d962837e119f74bbe7a93f", + "rev": "0f74efb4e2a52b1def4b037df9ea0fbbb8d72a07", "type": "github" }, "original": { -- 2.47.1 From 8e117b8f74cf686fdc19fcade9abecbcca680118 Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 26 Oct 2022 16:05:03 +0200 Subject: [PATCH 0530/1882] disable beesd until fixed --- nixos/hosts/thalassa/null/configuration.nix | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 342b3efb..56c08043 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -93,14 +93,14 @@ in { fileSystems."/nix".options = [ "compress=zstd" "noatime" ]; # Filesystem dedup - services.beesd.filesystems = { - root = { - spec = "LABEL=nixos"; - hashTableSizeMB = 256; - verbosity = "crit"; - extraOptions = [ "--loadavg-target" "2.0" ]; - }; - }; + #services.beesd.filesystems = { + # root = { + # spec = "LABEL=nixos"; + # hashTableSizeMB = 256; + # verbosity = "crit"; + # extraOptions = [ "--loadavg-target" "2.0" ]; + # }; + #}; # Select internationalisation properties. i18n.defaultLocale = "en_GB.utf8"; -- 2.47.1 From 0a24b9fbaff7d008be6e3895d1b10533ba077dfc Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 26 Oct 2022 16:10:40 +0200 Subject: [PATCH 0531/1882] fix grafana --- nixos/hosts/olympus/victoriametrics/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/olympus/victoriametrics/configuration.nix b/nixos/hosts/olympus/victoriametrics/configuration.nix index 57331a9d..67be6cab 100644 --- a/nixos/hosts/olympus/victoriametrics/configuration.nix +++ b/nixos/hosts/olympus/victoriametrics/configuration.nix @@ -79,6 +79,6 @@ in port = 2342; domain = "grafana.0x76.dev"; rootUrl = "https://grafana.0x76.dev"; - security.adminPasswordFile = "${vs.grafana}/password"; + settings.security.admin_password = "$__file{${vs.grafana}/password}"; }; } -- 2.47.1 From ce880850a4e06580e685464c9887c2337e1c6f0f Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 26 Oct 2022 18:02:11 +0200 Subject: [PATCH 0532/1882] update platformio --- nixos/pkgs/vscode-extensions/platformio.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/pkgs/vscode-extensions/platformio.nix b/nixos/pkgs/vscode-extensions/platformio.nix index dc9ddada..17fb083b 100644 --- a/nixos/pkgs/vscode-extensions/platformio.nix +++ b/nixos/pkgs/vscode-extensions/platformio.nix @@ -5,6 +5,6 @@ in buildVscodeMarketplaceExtension { name = "platformio-ide"; publisher = "platformio"; version = "2.5.4"; - sha256 = "sha256-KbXlegQSLjMCVotR1mU/CDiaQMKLLSX+nnbRJgdFTz8="; + sha256 = "sha256-/vBdZ6Mu1KlF+glqp5CNt9WeK1ECqfaivCnK8TisChg"; }; } -- 2.47.1 From 3bc8742e721089ad73003500e608f7fdbf70a6e9 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 28 Oct 2022 11:18:51 +0200 Subject: [PATCH 0533/1882] update lockfile --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index f0dd4d1b..5eed4e45 100644 --- a/flake.lock +++ b/flake.lock @@ -420,11 +420,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1666649150, - "narHash": "sha256-kINnLxC0KFalUk4tVO/H5hUU7FVAOYYcUSWrsBpnl+I=", + "lastModified": 1666903647, + "narHash": "sha256-sFI1Gh9DTGzHnBINondupUGYbe+T0wZcpcZjkW0qffM=", "owner": "nix-community", "repo": "home-manager", - "rev": "7dc4e4ebd71280842b4d30975439980baaac9db8", + "rev": "213a06295dff96668a1d673b9fd1c03ce1de6745", "type": "github" }, "original": { @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1666720398, - "narHash": "sha256-/r/BvG3ZOM1KUL6MdVIw5gh9b1vZbKgFDLg0Otv8Bo0=", + "lastModified": 1666910663, + "narHash": "sha256-L4o+CXVvGbCGx0d8k1SiA4PNbFVEtRa37mM8YpnER9E=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "f9a7b6bf26eec22448c90f1967d6d85835dcae70", + "rev": "c2cd718e894f5ba9bba2a8ef7783204e9f3b62ea", "type": "github" }, "original": { @@ -459,11 +459,11 @@ ] }, "locked": { - "lastModified": 1664568383, - "narHash": "sha256-KojBifIOkJ2WmO/lRjQIgPgUnX5Eu10U4VDg+1MB2co=", + "lastModified": 1666860539, + "narHash": "sha256-JXP8hoDNusWhPldEQx8dmDy9VATYA1c9E5OgFHdFz+c=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "8f4c712950ad6a9bc7c7281c15a63f5fa06ba92b", + "rev": "6fa4ea8a68bf8e3efeac3d204f314ab9b5c83777", "type": "github" }, "original": { @@ -691,11 +691,11 @@ ] }, "locked": { - "lastModified": 1666016402, - "narHash": "sha256-Cm/nrdUMXwXiFQforG1Mv8OA4o8yhuVx6E1eDFH4rew=", + "lastModified": 1666812839, + "narHash": "sha256-0nBDgjPU+iDsvz89W+cDEyhnFGSwCJmwDl/gMGqYiU0=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "688db42a1eb34853f050267ff65c975f664312f0", + "rev": "41f3518bc194389df22a3d198215eae75e6b5ab9", "type": "github" }, "original": { @@ -737,11 +737,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1666779351, - "narHash": "sha256-hzS56ZwhiJ7duVJ+lGZX0LL051AGH7089bRt9/ilYeI=", + "lastModified": 1666948518, + "narHash": "sha256-EGWmplVOI8oskgWJhJ3iSUbP/vvQhRzlSFOvhcrcK+A=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "ab0d8de28ef2fe38ce27ff1f71574c839facc657", + "rev": "75f49e9a12dc64f18b83e76f793ff35efc261066", "type": "github" }, "original": { @@ -941,11 +941,11 @@ ] }, "locked": { - "lastModified": 1666673869, - "narHash": "sha256-qa0G9Wlwx++VnXvpPw1n8Im1M69Q/7gTvgoNTn7D1FU=", + "lastModified": 1666843349, + "narHash": "sha256-jc0aiRGqK5dnVjrEBVAsx0t7lnblC/FJSwDzac5Lf8g=", "owner": "serokell", "repo": "serokell.nix", - "rev": "0f74efb4e2a52b1def4b037df9ea0fbbb8d72a07", + "rev": "71e0c7d1b32737394e1a0767dd8566774b5764cf", "type": "github" }, "original": { -- 2.47.1 From 23b13816bd1c5d84ffc1ead7acb5a5f9bfadf201 Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 30 Oct 2022 09:05:39 +0100 Subject: [PATCH 0534/1882] flake update --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 5eed4e45..97a27c62 100644 --- a/flake.lock +++ b/flake.lock @@ -51,11 +51,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1666555794, - "narHash": "sha256-MfGeJoRypj7RzvfsTohCJHEHGw+//EVCP08BU3HfvCM=", + "lastModified": 1667072567, + "narHash": "sha256-z8ciml6BOzVDX3MbRY22C5GonJrDxi2xrVuS6Gyxorc=", "owner": "zhaofengli", "repo": "colmena", - "rev": "2bd563e847817a3e96b2aa9932109c83bc64e566", + "rev": "5432fe488ebec7ee30aaea5fb18a759e30e59612", "type": "github" }, "original": { @@ -420,11 +420,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1666903647, - "narHash": "sha256-sFI1Gh9DTGzHnBINondupUGYbe+T0wZcpcZjkW0qffM=", + "lastModified": 1666990295, + "narHash": "sha256-JPMTX8W36IPV1jmKV1qEhNBI4MbIPYsnccWyTUlSiG0=", "owner": "nix-community", "repo": "home-manager", - "rev": "213a06295dff96668a1d673b9fd1c03ce1de6745", + "rev": "423211401c245934db5052e3867cac704f658544", "type": "github" }, "original": { @@ -439,11 +439,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1666910663, - "narHash": "sha256-L4o+CXVvGbCGx0d8k1SiA4PNbFVEtRa37mM8YpnER9E=", + "lastModified": 1667079901, + "narHash": "sha256-879I6CQqd7zdRSCD6/pyBsl3dAd3XWHYxlepQOeYLbA=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "c2cd718e894f5ba9bba2a8ef7783204e9f3b62ea", + "rev": "2e32e202e98e491c9b6a2e09f0713a586fc2c93e", "type": "github" }, "original": { @@ -737,11 +737,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1666948518, - "narHash": "sha256-EGWmplVOI8oskgWJhJ3iSUbP/vvQhRzlSFOvhcrcK+A=", + "lastModified": 1667116151, + "narHash": "sha256-cAJefmt2Sq1E8s24JTwqAJbApBSWmx0+s26dZDOoOYA=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "75f49e9a12dc64f18b83e76f793ff35efc261066", + "rev": "56ea8dde9d8828c7ee77406fb9a503bd06ac70ee", "type": "github" }, "original": { @@ -941,11 +941,11 @@ ] }, "locked": { - "lastModified": 1666843349, - "narHash": "sha256-jc0aiRGqK5dnVjrEBVAsx0t7lnblC/FJSwDzac5Lf8g=", + "lastModified": 1666982138, + "narHash": "sha256-dPSScyo7Y1OBsAOBksIHJ2WV1jwvjhhABPrsmjkA7LA=", "owner": "serokell", "repo": "serokell.nix", - "rev": "71e0c7d1b32737394e1a0767dd8566774b5764cf", + "rev": "1b2134f93dc143589adf7efa828dacfe4a17635c", "type": "github" }, "original": { -- 2.47.1 From b3d5241d55caa05ae44d5f45b9273541fa314e77 Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 30 Oct 2022 11:08:04 +0100 Subject: [PATCH 0535/1882] fix pio --- nixos/pkgs/vscode-extensions/astro.nix | 10 ---------- nixos/pkgs/vscode-extensions/live-server.nix | 10 ---------- nixos/pkgs/vscode-extensions/platformio.nix | 2 +- 3 files changed, 1 insertion(+), 21 deletions(-) delete mode 100644 nixos/pkgs/vscode-extensions/astro.nix delete mode 100644 nixos/pkgs/vscode-extensions/live-server.nix diff --git a/nixos/pkgs/vscode-extensions/astro.nix b/nixos/pkgs/vscode-extensions/astro.nix deleted file mode 100644 index 5f874c6f..00000000 --- a/nixos/pkgs/vscode-extensions/astro.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ vscode-utils, lib }: -let inherit (vscode-utils) buildVscodeMarketplaceExtension; -in buildVscodeMarketplaceExtension { - mktplcRef = { - name = "astro-vscode"; - publisher = "astro-build"; - version = "0.5.2022102001"; - sha256 = lib.fakeSha256; - }; -} diff --git a/nixos/pkgs/vscode-extensions/live-server.nix b/nixos/pkgs/vscode-extensions/live-server.nix deleted file mode 100644 index 73fdd1d5..00000000 --- a/nixos/pkgs/vscode-extensions/live-server.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ vscode-utils, lib }: -let inherit (vscode-utils) buildVscodeMarketplaceExtension; -in buildVscodeMarketplaceExtension { - mktplcRef = { - name = "live-server"; - publisher = "ms-vscode"; - version = "0.5.2022102001"; - sha256 = lib.fakeSha256; - }; -} diff --git a/nixos/pkgs/vscode-extensions/platformio.nix b/nixos/pkgs/vscode-extensions/platformio.nix index 17fb083b..dc9ddada 100644 --- a/nixos/pkgs/vscode-extensions/platformio.nix +++ b/nixos/pkgs/vscode-extensions/platformio.nix @@ -5,6 +5,6 @@ in buildVscodeMarketplaceExtension { name = "platformio-ide"; publisher = "platformio"; version = "2.5.4"; - sha256 = "sha256-/vBdZ6Mu1KlF+glqp5CNt9WeK1ECqfaivCnK8TisChg"; + sha256 = "sha256-KbXlegQSLjMCVotR1mU/CDiaQMKLLSX+nnbRJgdFTz8="; }; } -- 2.47.1 From bf2b4cbd41d422b39acc598e3d26411ffbb6759e Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 30 Oct 2022 11:08:23 +0100 Subject: [PATCH 0536/1882] update masto --- nixos/pkgs/glitch-soc/source.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nixos/pkgs/glitch-soc/source.nix b/nixos/pkgs/glitch-soc/source.nix index 00e284c0..1b896545 100644 --- a/nixos/pkgs/glitch-soc/source.nix +++ b/nixos/pkgs/glitch-soc/source.nix @@ -2,8 +2,8 @@ { fetchgit, applyPatches }: let src = fetchgit { url = "https://github.com/glitch-soc/mastodon.git"; - rev = "7e62688a0e656d71b0358fa55d5f6e8f8103c297"; - sha256 = "0hz2p1vjalvrz3va6f0vdmmpi0iaw628giiwdpyyf7x0f95yzqyp"; + rev = "371563b0e249b6369e04709fb974a8e57413529f"; + sha256 = "19zbndh2scnjpcdfg142p8wc3a31qg8rzakfmk1x9vmf19sf8yf7"; }; in applyPatches { inherit src; -- 2.47.1 From 98857b43a3e01f228ebb8c6aa210ba1c37ca52b1 Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 30 Oct 2022 11:43:52 +0100 Subject: [PATCH 0537/1882] simplified overlays --- flake.lock | 208 +++-------------------------------------------------- flake.nix | 31 ++++---- 2 files changed, 25 insertions(+), 214 deletions(-) diff --git a/flake.lock b/flake.lock index 97a27c62..6c01d738 100644 --- a/flake.lock +++ b/flake.lock @@ -103,25 +103,6 @@ "type": "github" } }, - "deploy-rs": { - "inputs": { - "flake-compat": "flake-compat_3", - "nixpkgs": "nixpkgs_3", - "utils": "utils_5" - }, - "locked": { - "lastModified": 1648475189, - "narHash": "sha256-gAGAS6IagwoUr1B0ohE3iR6sZ8hP4LSqzYLC8Mq3WGU=", - "owner": "serokell", - "repo": "deploy-rs", - "rev": "83e0c78291cd08cb827ba0d553ad9158ae5a95c3", - "type": "github" - }, - "original": { - "id": "deploy-rs", - "type": "indirect" - } - }, "devshell": { "flake": false, "locked": { @@ -246,37 +227,6 @@ } }, "flake-compat_3": { - "flake": false, - "locked": { - "lastModified": 1648199409, - "narHash": "sha256-JwPKdC2PoVBkG6E+eWw3j6BMR6sL3COpYWfif7RVb8Y=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "64a525ee38886ab9028e6f61790de0832aa3ef03", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_4": { - "flake": false, - "locked": { - "lastModified": 1627913399, - "narHash": "sha256-hY8g6H2KFL8ownSiFeMOjwPC8P0ueXpCVEbxgda3pko=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "12c64ca55c1014cdc1b16ed5a804aa8576601ff2", - "type": "github" - }, - "original": { - "id": "flake-compat", - "type": "indirect" - } - }, - "flake-compat_5": { "flake": false, "locked": { "lastModified": 1627913399, @@ -350,20 +300,6 @@ "type": "indirect" } }, - "flake-utils_4": { - "locked": { - "lastModified": 1631561581, - "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "7e5bf3925f6fbdfaf50a2a7ca0be2879c4261d19", - "type": "github" - }, - "original": { - "id": "flake-utils", - "type": "indirect" - } - }, "flakeCompat": { "flake": false, "locked": { @@ -380,22 +316,6 @@ "type": "github" } }, - "gitignore-nix": { - "flake": false, - "locked": { - "lastModified": 1611672876, - "narHash": "sha256-qHu3uZ/o9jBHiA3MEKHJ06k7w4heOhA+4HCSIvflRxo=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "211907489e9f198594c0eb0ca9256a1949c9d412", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", - "type": "github" - } - }, "gomod2nix": { "flake": false, "locked": { @@ -488,22 +408,6 @@ "type": "github" } }, - "lowdown-src_2": { - "flake": false, - "locked": { - "lastModified": 1632468475, - "narHash": "sha256-NNOm9CbdA8cuwbvaBHslGbPTiU6bh1Ao+MpEPx4rSGo=", - "owner": "kristapsdz", - "repo": "lowdown", - "rev": "6bd668af3fd098bdd07a1bedd399564141e275da", - "type": "github" - }, - "original": { - "owner": "kristapsdz", - "repo": "lowdown", - "type": "github" - } - }, "mach-nix": { "flake": false, "locked": { @@ -609,7 +513,7 @@ "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_3" }, "locked": { "lastModified": 1633098935, @@ -650,24 +554,6 @@ "type": "github" } }, - "nix_2": { - "inputs": { - "lowdown-src": "lowdown-src_2", - "nixpkgs": "nixpkgs_5" - }, - "locked": { - "lastModified": 1633098935, - "narHash": "sha256-UtuBczommNLwUNEnfRI7822z4vPA7OoRKsgAZ8zsHQI=", - "owner": "nixos", - "repo": "nix", - "rev": "4f496150eb4e0012914c11f0a3ff4df2412b1d09", - "type": "github" - }, - "original": { - "id": "nix", - "type": "indirect" - } - }, "nixlib": { "locked": { "lastModified": 1636849918, @@ -753,51 +639,20 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1648219316, - "narHash": "sha256-Ctij+dOi0ZZIfX5eMhgwugfvB+WZSrvVNAyAuANOsnQ=", + "lastModified": 1632864508, + "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "30d3d79b7d3607d56546dd2a6b49e156ba0ec634", + "rev": "82891b5e2c2359d7e58d08849e4c89511ab94234", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" + "id": "nixpkgs", + "ref": "nixos-21.05-small", + "type": "indirect" } }, "nixpkgs_4": { - "locked": { - "lastModified": 1632864508, - "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "82891b5e2c2359d7e58d08849e4c89511ab94234", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "ref": "nixos-21.05-small", - "type": "indirect" - } - }, - "nixpkgs_5": { - "locked": { - "lastModified": 1632864508, - "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "82891b5e2c2359d7e58d08849e4c89511ab94234", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "ref": "nixos-21.05-small", - "type": "indirect" - } - }, - "nixpkgs_6": { "locked": { "lastModified": 1664876616, "narHash": "sha256-OxZntLnFgKbGUrPJJNLMxxj4yUaN/30+LG9N81ADqZE=", @@ -890,7 +745,6 @@ "nixos-generators": "nixos-generators", "nixpkgs": "nixpkgs_2", "riff": "riff", - "serokell-nix": "serokell-nix", "vault-secrets": "vault-secrets", "webcord": "webcord" } @@ -929,31 +783,6 @@ "type": "github" } }, - "serokell-nix": { - "inputs": { - "deploy-rs": "deploy-rs", - "flake-compat": "flake-compat_4", - "flake-utils": "flake-utils_3", - "gitignore-nix": "gitignore-nix", - "nix": "nix", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1666982138, - "narHash": "sha256-dPSScyo7Y1OBsAOBksIHJ2WV1jwvjhhABPrsmjkA7LA=", - "owner": "serokell", - "repo": "serokell.nix", - "rev": "1b2134f93dc143589adf7efa828dacfe4a17635c", - "type": "github" - }, - "original": { - "owner": "serokell", - "repo": "serokell.nix", - "type": "github" - } - }, "stable": { "locked": { "lastModified": 1660496378, @@ -1033,26 +862,11 @@ "type": "github" } }, - "utils_5": { - "locked": { - "lastModified": 1648297722, - "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, "vault-secrets": { "inputs": { - "flake-compat": "flake-compat_5", - "flake-utils": "flake-utils_4", - "nix": "nix_2", + "flake-compat": "flake-compat_3", + "flake-utils": "flake-utils_3", + "nix": "nix", "nixpkgs": [ "nixpkgs" ] @@ -1074,7 +888,7 @@ "webcord": { "inputs": { "dream2nix": "dream2nix", - "nixpkgs": "nixpkgs_6", + "nixpkgs": "nixpkgs_4", "webcord": "webcord_2" }, "locked": { diff --git a/flake.nix b/flake.nix index fe140439..10f73954 100644 --- a/flake.nix +++ b/flake.nix @@ -11,9 +11,6 @@ colmena.url = "github:zhaofengli/colmena"; colmena.inputs.nixpkgs.follows = "nixpkgs"; - serokell-nix.url = "github:serokell/serokell.nix"; - serokell-nix.inputs.nixpkgs.follows = "nixpkgs"; - vault-secrets.url = "github:serokell/vault-secrets"; vault-secrets.inputs.nixpkgs.follows = "nixpkgs"; @@ -44,9 +41,8 @@ }; }; - outputs = { self, nixpkgs, vault-secrets, serokell-nix, minecraft-servers - , colmena, home-manager, hyprpaper, hyprland, nixos-generators, ... - }@inputs: + outputs = { self, nixpkgs, vault-secrets, minecraft-servers, colmena + , home-manager, hyprpaper, hyprland, nixos-generators, ... }@inputs: let inherit (nixpkgs) lib; inherit (builtins) mapAttrs; @@ -63,13 +59,16 @@ # Define args each module gets access to (access to hosts is useful for DNS/DHCP) specialArgs = { inherit hosts flat_hosts inputs; }; - pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ - (import ./nixos/pkgs) - vault-secrets.overlay - minecraft-servers.overlays.default - hyprpaper.overlays.default - hyprland.overlays.default - ]; + pkgs = import nixpkgs { + inherit system; + overlays = [ + (import ./nixos/pkgs) + vault-secrets.overlay + minecraft-servers.overlays.default + hyprpaper.overlays.default + hyprland.overlays.default + ]; + }; # Script to apply local colmena deployments apply-local = pkgs.writeScriptBin "apply-local" '' @@ -99,7 +98,7 @@ packages.${system} = { inherit apply-local; - + default = colmena.packages.${system}.colmena; iso = nixos-generators.nixosGenerate { @@ -111,9 +110,7 @@ proxmox-lxc = nixos-generators.nixosGenerate { inherit system pkgs; format = "proxmox-lxc"; - modules = [ - (import ./nixos/lxc-template.nix) - ]; + modules = [ (import ./nixos/lxc-template.nix) ]; }; }; -- 2.47.1 From bac8f8c3a199bd31383745e5f8a2921cdca34b51 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 28 Oct 2022 11:22:19 +0200 Subject: [PATCH 0538/1882] switch to upstream cursors --- flake.nix | 1 + nixos/hosts/thalassa/null/home/theme.nix | 2 +- nixos/pkgs/catppuccin/cursors/default.nix | 39 ----------------------- nixos/pkgs/default.nix | 2 -- 4 files changed, 2 insertions(+), 42 deletions(-) delete mode 100644 nixos/pkgs/catppuccin/cursors/default.nix diff --git a/flake.nix b/flake.nix index 10f73954..e155dd80 100644 --- a/flake.nix +++ b/flake.nix @@ -131,6 +131,7 @@ vault (vault-push-approle-envs self { }) (vault-push-approles self { }) + rnix-lsp ]; }; }; diff --git a/nixos/hosts/thalassa/null/home/theme.nix b/nixos/hosts/thalassa/null/home/theme.nix index b19f1814..87e8b6de 100644 --- a/nixos/hosts/thalassa/null/home/theme.nix +++ b/nixos/hosts/thalassa/null/home/theme.nix @@ -44,7 +44,7 @@ in home.pointerCursor = { name = "Catppuccin-Frappe-Pink-Cursors"; size = 32; - package = pkgs.catppuccin.cursors; + package = pkgs.catppuccin-cursors.frappePink; }; gtk = { diff --git a/nixos/pkgs/catppuccin/cursors/default.nix b/nixos/pkgs/catppuccin/cursors/default.nix deleted file mode 100644 index 6e11c4e4..00000000 --- a/nixos/pkgs/catppuccin/cursors/default.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ stdenvNoCC, lib, fetchFromGitHub, xcursorgen, inkscape, makeFontsConf }: - -stdenvNoCC.mkDerivation { - pname = "catppuccin-cursors"; - version = "0.2.0"; - - src = fetchFromGitHub { - owner = "catppuccin"; - repo = "cursors"; - rev = "3d3023606939471c45cff7b643bffc5d5d4ff29c"; - sha256 = "sha256-0wb84q1VtD1myIRxrfQMn9n6w1gFzMA1rHkPqXuXLP0="; - }; - - nativeBuildInputs = [ xcursorgen inkscape ]; - - FONTCONFIG_FILE = makeFontsConf { fontDirectories = [ ]; }; - - buildPhase = '' - mv src src_orig - mkdir src - mv src_orig/Catppuccin-Frappe-Pink-Cursors ./src/ - mv src_orig/cursorList ./src/ - mv src_orig/config ./src/ - mv src_orig/_svgo.yml ./src/ - HOME="$NIX_BUILD_ROOT" PREFIX="/" DESTDIR=$out make build - ''; - - installPhase = '' - HOME="$NIX_BUILD_ROOT" PREFIX="/" DESTDIR=$out make install - ''; - - meta = with lib; { - description = "Soothing pastel mouse cursors"; - homepage = "https://github.com/catppuccin/cursors"; - license = licenses.gpl2; - platforms = platforms.linux; - maintainers = with maintainers; [ nullx76 ]; - }; -} diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index b13c7d89..fb2d0e80 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -1,7 +1,5 @@ # nix-build -E 'with import {}; callPackage ./platformio.nix {}' final: prev: { - catppuccin.cursors = prev.callPackage ./catppuccin/cursors { }; - v = { glitch-soc = prev.callPackage ./glitch-soc { }; -- 2.47.1 From 3cc5520185c5a3f8c09286143682159a81a67b1f Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 29 Oct 2022 11:59:08 +0200 Subject: [PATCH 0539/1882] remove vscode stuff --- .vscode/extensions.json | 9 --------- 1 file changed, 9 deletions(-) delete mode 100644 .vscode/extensions.json diff --git a/.vscode/extensions.json b/.vscode/extensions.json deleted file mode 100644 index abc2c093..00000000 --- a/.vscode/extensions.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "recommendations": [ - "hashicorp.terraform", - "ms-kubernetes-tools.vscode-kubernetes-tools", - "jnoortheen.nix-ide", - "brettm12345.nixfmt-vscode", - "redhat.vscode-yaml" - ] -} -- 2.47.1 From 5cccd15247e78d7f2993b024091e2ade29ae4c12 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 29 Oct 2022 13:06:37 +0200 Subject: [PATCH 0540/1882] fixes --- nixos/hosts/hades/bastion/configuration.nix | 2 +- nixos/hosts/hades/prowlarr/configuration.nix | 2 +- .../olympus/victoriametrics/configuration.nix | 16 ++++++++++------ 3 files changed, 12 insertions(+), 8 deletions(-) diff --git a/nixos/hosts/hades/bastion/configuration.nix b/nixos/hosts/hades/bastion/configuration.nix index eaac5fea..a2a6cd00 100644 --- a/nixos/hosts/hades/bastion/configuration.nix +++ b/nixos/hosts/hades/bastion/configuration.nix @@ -20,7 +20,7 @@ environment.noXlibs = lib.mkForce false; - system.stateVersion = "21.05"; + system.stateVersion = "22.11"; programs.gnupg.agent = { enable = true; diff --git a/nixos/hosts/hades/prowlarr/configuration.nix b/nixos/hosts/hades/prowlarr/configuration.nix index da0eff8d..3dfad833 100644 --- a/nixos/hosts/hades/prowlarr/configuration.nix +++ b/nixos/hosts/hades/prowlarr/configuration.nix @@ -1,7 +1,7 @@ { config, pkgs, ... }: { networking.interfaces.eth0.useDHCP = true; - system.stateVersion = "21.05"; + system.stateVersion = "22.11"; services.prowlarr = { enable = true; diff --git a/nixos/hosts/olympus/victoriametrics/configuration.nix b/nixos/hosts/olympus/victoriametrics/configuration.nix index 67be6cab..40a67159 100644 --- a/nixos/hosts/olympus/victoriametrics/configuration.nix +++ b/nixos/hosts/olympus/victoriametrics/configuration.nix @@ -21,7 +21,7 @@ in # Additional packages environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ vmPort config.services.grafana.port ]; + networking.firewall.allowedTCPPorts = [ vmPort config.services.grafana.settings.server.http_port ]; networking.firewall.allowedUDPPorts = [ vmPort ]; services.victoriametrics = { @@ -75,10 +75,14 @@ in services.grafana = { enable = true; - addr = "0.0.0.0"; - port = 2342; - domain = "grafana.0x76.dev"; - rootUrl = "https://grafana.0x76.dev"; - settings.security.admin_password = "$__file{${vs.grafana}/password}"; + settings = { + server = { + domain = "grafana.0x76.dev"; + root_url = "https://grafana.0x76.dev"; + http_addr = "0.0.0.0"; + http_port = 2342; + }; + security.admin_password = "$__file{${vs.grafana}/password}"; + }; }; } -- 2.47.1 From a953365bc7679252e72f34b633b296d0a3c13eb6 Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 30 Oct 2022 19:52:03 +0100 Subject: [PATCH 0541/1882] minor changes --- nixos/hosts/thalassa/null/home/theme.nix | 5 ++--- nixos/pkgs/default.nix | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/nixos/hosts/thalassa/null/home/theme.nix b/nixos/hosts/thalassa/null/home/theme.nix index 87e8b6de..7cffc568 100644 --- a/nixos/hosts/thalassa/null/home/theme.nix +++ b/nixos/hosts/thalassa/null/home/theme.nix @@ -4,7 +4,7 @@ let theme = "Catppuccin-Pink-Dark"; cursorTheme = config.home.pointerCursor.name; - colour = rec { + colour = { rosewater = "f2d5cf"; flamingo = "eebebe"; pink = "f4b8e4"; @@ -34,8 +34,7 @@ let hex = mapAttrs (name: value: "#${value}") colour; }; -in -{ +in { home.file.".xsettingsd".text = '' Net/ThemeName "${theme}" Gtk/CursorThemeName "${cursorTheme}" diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index fb2d0e80..4bb03675 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -1,4 +1,4 @@ -# nix-build -E 'with import {}; callPackage ./platformio.nix {}' +# nix-build -E 'with import {}; callPackage ./default.nix {}' final: prev: { v = { glitch-soc = prev.callPackage ./glitch-soc { }; -- 2.47.1 From c304ab680f89d8612fc21a70fca1c3316bcc62f5 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 31 Oct 2022 10:41:17 +0100 Subject: [PATCH 0542/1882] fix template + minor refactor --- nixos/common/common.nix | 78 ++++++++++++++++++ nixos/common/default.nix | 87 ++------------------- nixos/hosts/hades/bazarr/configuration.nix | 2 +- nixos/hosts/hades/default.nix | 6 ++ nixos/hosts/thalassa/null/configuration.nix | 7 +- nixos/lxc-template.nix | 14 +++- 6 files changed, 108 insertions(+), 86 deletions(-) create mode 100644 nixos/common/common.nix diff --git a/nixos/common/common.nix b/nixos/common/common.nix new file mode 100644 index 00000000..14b57553 --- /dev/null +++ b/nixos/common/common.nix @@ -0,0 +1,78 @@ +{ config, lib, pkgs, ... }: { + imports = [ + ./users + ./modules + ]; + + # Clean /tmp on boot. + boot.cleanTmpDir = true; + + # Set your time zone. + time.timeZone = lib.mkDefault "Europe/Amsterdam"; + + # Systemd OOMd + # Fedora enables these options by default. See the 10-oomd-* files here: + # https://src.fedoraproject.org/rpms/systemd/tree/acb90c49c42276b06375a66c73673ac3510255 + systemd.oomd = { + enableRootSlice = true; + enableUserServices = true; + }; + + # Nix Settings + nix = { + package = pkgs.nixUnstable; + settings = { + auto-optimise-store = true; + trusted-users = [ "root" "victor" ]; + substituters = [ + "https://cachix.cachix.org" + "https://nix-community.cachix.org" + "https://nixpkgs-review-bot.cachix.org" + "https://colmena.cachix.org" + "https://hyprland.cachix.org" + "https://cache.garnix.io" + "https://0x76-infra.cachix.org" + "https://webcord.cachix.org" + ]; + trusted-public-keys = [ + "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + "nixpkgs-review-bot.cachix.org-1:eppgiDjPk7Hkzzz7XlUesk3rcEHqNDozGOrcLc8IqwE=" + "colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg=" + "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" + "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" + "0x76-infra.cachix.org-1:dC1qp+VEN3jj5pdK4URlXR9hf3atT+MnpKGu6PZjMc8=" + "webcord.cachix.org-1:l555jqOZGHd2C9+vS8ccdh8FhqnGe8L78QrHNn+EFEs=" + ]; + }; + optimise = { + automatic = true; + dates = [ "weekly" ]; + }; + gc = { + automatic = true; + dates = "weekly"; + randomizedDelaySec = "3h"; + options = "--delete-older-than 7d"; + }; + extraOptions = '' + experimental-features = nix-command flakes + ''; + }; + + nixpkgs.config.allowUnfree = true; + + # Limit the systemd journal to 100 MB of disk or the + # last 7 days of logs, whichever happens first. + services.journald.extraConfig = '' + SystemMaxUse=100M + MaxFileSec=7day + ''; + + # Enable SSH + services.openssh = { + enable = true; + passwordAuthentication = false; + permitRootLogin = lib.mkDefault "no"; + }; +} diff --git a/nixos/common/default.nix b/nixos/common/default.nix index b73da1f2..5ba21f42 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -1,85 +1,14 @@ -{ config, lib, pkgs, inputs, ... }: { - imports = [ +{ inputs, lib, config, ... }: { + # This file deals with everything requiring `inputs`, the rest being delagated to `common.nix` + # this is because we can't import inputs from all contexts as that can lead to infinite recursion. + import = [ + ./common.nix inputs.vault-secrets.nixosModules.vault-secrets - ./users - ./modules ]; - # Clean /tmp on boot. - boot.cleanTmpDir = true; + nix.nixPath = [ "nixpkgs=${inputs.nixpkgs}" ]; + nix.registry.nixpkgs.flake = inputs.nixpkgs; - # Set your time zone. - time.timeZone = lib.mkDefault "Europe/Amsterdam"; - - # Systemd OOMd - # Fedora enables these options by default. See the 10-oomd-* files here: - # https://src.fedoraproject.org/rpms/systemd/tree/acb90c49c42276b06375a66c73673ac3510255 - systemd.oomd = { - enableRootSlice = true; - enableUserServices = true; - }; - - # Nix Settings - nix = { - nixPath = [ "nixpkgs=${inputs.nixpkgs}" ]; - package = pkgs.nixUnstable; - registry.nixpkgs.flake = inputs.nixpkgs; - settings = { - auto-optimise-store = true; - trusted-users = [ "root" "victor" ]; - substituters = [ - "https://cachix.cachix.org" - "https://nix-community.cachix.org" - "https://nixpkgs-review-bot.cachix.org" - "https://colmena.cachix.org" - "https://hyprland.cachix.org" - "https://cache.garnix.io" - "https://0x76-infra.cachix.org" - "https://webcord.cachix.org" - ]; - trusted-public-keys = [ - "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=" - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - "nixpkgs-review-bot.cachix.org-1:eppgiDjPk7Hkzzz7XlUesk3rcEHqNDozGOrcLc8IqwE=" - "colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg=" - "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" - "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" - "0x76-infra.cachix.org-1:dC1qp+VEN3jj5pdK4URlXR9hf3atT+MnpKGu6PZjMc8=" - "webcord.cachix.org-1:l555jqOZGHd2C9+vS8ccdh8FhqnGe8L78QrHNn+EFEs=" - ]; - }; - optimise = { - automatic = true; - dates = [ "weekly" ]; - }; - gc = { - automatic = true; - dates = "weekly"; - randomizedDelaySec = "3h"; - options = "--delete-older-than 7d"; - }; - extraOptions = '' - experimental-features = nix-command flakes - ''; - }; - - nixpkgs.config.allowUnfree = true; - - # Limit the systemd journal to 100 MB of disk or the - # last 7 days of logs, whichever happens first. - services.journald.extraConfig = '' - SystemMaxUse=100M - MaxFileSec=7day - ''; - - # Enable SSH - services.openssh = { - enable = true; - passwordAuthentication = false; - permitRootLogin = "no"; - }; - - # Configure vault-secrets based on domain vault-secrets = let inherit (config.networking) domain hostName; server = if domain == "olympus" then "vault" else "vault-0"; @@ -88,4 +17,4 @@ vaultAddress = "http://${server}.${domain}:8200/"; approlePrefix = "${domain}-${hostName}"; }; -} +} \ No newline at end of file diff --git a/nixos/hosts/hades/bazarr/configuration.nix b/nixos/hosts/hades/bazarr/configuration.nix index c3fe8e44..7d68734d 100644 --- a/nixos/hosts/hades/bazarr/configuration.nix +++ b/nixos/hosts/hades/bazarr/configuration.nix @@ -1,6 +1,6 @@ { config, pkgs, ... }: { - system.stateVersion = "21.05"; + system.stateVersion = "22.11"; networking.interfaces.eth0.useDHCP = true; fileSystems."/mnt/storage" = { diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 887d579c..94aca704 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -90,6 +90,11 @@ mac = "00:50:56:91:3b:03"; nix = false; } + { + hostname = "bazarr"; + ip = "192.168.0.119"; + mac = "DE:7C:32:7E:DD:A1"; + } { hostname = "radarr2"; ip = "192.168.0.120"; @@ -101,6 +106,7 @@ ip = "192.168.0.121"; mac = "4e:e7:64:b7:88:b8"; profile = "jackett"; + nix = false; # superseded by prowlarr } { hostname = "nginx"; diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 56c08043..f56e0601 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -30,7 +30,8 @@ let exec Hyprland ''; -in { +in +{ imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix @@ -93,14 +94,14 @@ in { fileSystems."/nix".options = [ "compress=zstd" "noatime" ]; # Filesystem dedup - #services.beesd.filesystems = { + # services.beesd.filesystems = { # root = { # spec = "LABEL=nixos"; # hashTableSizeMB = 256; # verbosity = "crit"; # extraOptions = [ "--loadavg-target" "2.0" ]; # }; - #}; + # }; # Select internationalisation properties. i18n.defaultLocale = "en_GB.utf8"; diff --git a/nixos/lxc-template.nix b/nixos/lxc-template.nix index 974f7fba..290def2b 100644 --- a/nixos/lxc-template.nix +++ b/nixos/lxc-template.nix @@ -1,19 +1,27 @@ { config, pkgs, lib, ... }: { - # Can't import common completely due to infinite recursion - imports = [ ./common/users ./common/generic-lxc.nix ]; + imports = [ ./common/common.nix ./common/generic-lxc.nix ]; + proxmoxLXC = { + manageNetwork = true; + manageHostName = true; + privileged = false; + }; + # Enable SSH services.openssh = { enable = true; passwordAuthentication = false; permitRootLogin = "yes"; + openFirewall = true; }; networking.hostName = "template"; time.timeZone = lib.mkDefault "Europe/Amsterdam"; - networking.interfaces.eth0.useDHCP = true; + networking.useDHCP = true; system.stateVersion = "22.11"; + + users.users.root.initialPassword = "toor"; } -- 2.47.1 From e18ecce21609d7a27a97d9576cb0492262c7a41e Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 31 Oct 2022 13:05:45 +0100 Subject: [PATCH 0543/1882] fix typo --- nixos/common/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 5ba21f42..ae72dddc 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -1,7 +1,7 @@ { inputs, lib, config, ... }: { # This file deals with everything requiring `inputs`, the rest being delagated to `common.nix` # this is because we can't import inputs from all contexts as that can lead to infinite recursion. - import = [ + imports = [ ./common.nix inputs.vault-secrets.nixosModules.vault-secrets ]; @@ -17,4 +17,4 @@ vaultAddress = "http://${server}.${domain}:8200/"; approlePrefix = "${domain}-${hostName}"; }; -} \ No newline at end of file +} -- 2.47.1 From de4cb654afced6b0c6911c7e724db5cbcf0e49d3 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 31 Oct 2022 23:14:35 +0100 Subject: [PATCH 0544/1882] add bazarr --- flake.lock | 24 +++++++++++----------- nixos/hosts/hades/bazarr/configuration.nix | 5 +++++ nixos/pkgs/default.nix | 1 + 3 files changed, 18 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 6c01d738..4dcd4532 100644 --- a/flake.lock +++ b/flake.lock @@ -340,11 +340,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1666990295, - "narHash": "sha256-JPMTX8W36IPV1jmKV1qEhNBI4MbIPYsnccWyTUlSiG0=", + "lastModified": 1667234164, + "narHash": "sha256-oPMAvHZBDgamjmIQly5+sw2LtfKwY7qcWZZwKiwKQy8=", "owner": "nix-community", "repo": "home-manager", - "rev": "423211401c245934db5052e3867cac704f658544", + "rev": "722e8d65d3aba6f527100cc2d1539e4ca04d066f", "type": "github" }, "original": { @@ -359,11 +359,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1667079901, - "narHash": "sha256-879I6CQqd7zdRSCD6/pyBsl3dAd3XWHYxlepQOeYLbA=", + "lastModified": 1667219167, + "narHash": "sha256-8vZFiueGvZWAgrhwNuGmi/GigH/6p75yFPB96AIAcVk=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "2e32e202e98e491c9b6a2e09f0713a586fc2c93e", + "rev": "a69fd21a1ac90c24cee659595d62329f8638d632", "type": "github" }, "original": { @@ -623,11 +623,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1667116151, - "narHash": "sha256-cAJefmt2Sq1E8s24JTwqAJbApBSWmx0+s26dZDOoOYA=", + "lastModified": 1667235697, + "narHash": "sha256-1sEHtwyGAHLi/Tt1OTDHxR76TmUd8bRLO+rF5k52Xlo=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "56ea8dde9d8828c7ee77406fb9a503bd06ac70ee", + "rev": "346eb80aa5f4d9c33c09d9acbb7895de338c81a8", "type": "github" }, "original": { @@ -816,11 +816,11 @@ }, "utils_2": { "locked": { - "lastModified": 1659877975, - "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "lastModified": 1667077288, + "narHash": "sha256-bdC8sFNDpT0HK74u9fUkpbf1MEzVYJ+ka7NXCdgBoaA=", "owner": "numtide", "repo": "flake-utils", - "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "rev": "6ee9ebb6b1ee695d2cacc4faa053a7b9baa76817", "type": "github" }, "original": { diff --git a/nixos/hosts/hades/bazarr/configuration.nix b/nixos/hosts/hades/bazarr/configuration.nix index 7d68734d..628d5f02 100644 --- a/nixos/hosts/hades/bazarr/configuration.nix +++ b/nixos/hosts/hades/bazarr/configuration.nix @@ -7,4 +7,9 @@ device = "storage:/mnt/storage"; fsType = "nfs"; }; + + services.bazarr = { + enable = true; + openFirewall = true; + }; } diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index 4bb03675..3a5edee5 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -16,6 +16,7 @@ final: prev: { gitea-agatheme = prev.callPackage ./gitea-agatheme { }; + # nix-shell -p "(vscode-with-extensions.override {vscodeExtensions = with vscode-extensions; [ jnoortheen.nix-ide ]; })" -I nixpkgs=. vscode-extensions = { platformio.platformio-ide = prev.callPackage ./vscode-extensions/platformio.nix { }; -- 2.47.1 From 331c483802056a64505e892f21443cd683b1b2b4 Mon Sep 17 00:00:00 2001 From: victor Date: Fri, 4 Nov 2022 14:25:13 +0100 Subject: [PATCH 0545/1882] initial pmm --- flake.lock | 30 ++++++------ flake.nix | 2 +- nixos/hosts/hades/default.nix | 5 ++ nixos/hosts/hades/pmm/config/Anime.yml | 0 nixos/hosts/hades/pmm/config/Movies.yml | 32 ++++++++++++ nixos/hosts/hades/pmm/config/TVShows.yml | 36 ++++++++++++++ nixos/hosts/hades/pmm/configuration.nix | 49 +++++++++++++++++++ nixos/hosts/thalassa/null/configuration.nix | 4 ++ nixos/hosts/thalassa/null/home/default.nix | 7 ++- .../hosts/thalassa/null/home/eww/default.nix | 2 +- nixos/{lxc-template.nix => proxmox-lxc.nix} | 0 11 files changed, 149 insertions(+), 18 deletions(-) create mode 100644 nixos/hosts/hades/pmm/config/Anime.yml create mode 100644 nixos/hosts/hades/pmm/config/Movies.yml create mode 100644 nixos/hosts/hades/pmm/config/TVShows.yml create mode 100644 nixos/hosts/hades/pmm/configuration.nix rename nixos/{lxc-template.nix => proxmox-lxc.nix} (100%) diff --git a/flake.lock b/flake.lock index 4dcd4532..c3127f8a 100644 --- a/flake.lock +++ b/flake.lock @@ -340,11 +340,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1667234164, - "narHash": "sha256-oPMAvHZBDgamjmIQly5+sw2LtfKwY7qcWZZwKiwKQy8=", + "lastModified": 1667468181, + "narHash": "sha256-806/nrDW6e7bl4/oJEdAykYz/NaBuTUi7EUYArw2oic=", "owner": "nix-community", "repo": "home-manager", - "rev": "722e8d65d3aba6f527100cc2d1539e4ca04d066f", + "rev": "93335810751f0404fe424e61ad58bc8e94bf8e9d", "type": "github" }, "original": { @@ -359,11 +359,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1667219167, - "narHash": "sha256-8vZFiueGvZWAgrhwNuGmi/GigH/6p75yFPB96AIAcVk=", + "lastModified": 1667516144, + "narHash": "sha256-vqHM8wATrBEk0L/57SSFU379sFbRwqwjMQBx+ef21bw=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "a69fd21a1ac90c24cee659595d62329f8638d632", + "rev": "349afa0e7a5a8f60404772ae76ab0dc6fe4117ff", "type": "github" }, "original": { @@ -379,11 +379,11 @@ ] }, "locked": { - "lastModified": 1666860539, - "narHash": "sha256-JXP8hoDNusWhPldEQx8dmDy9VATYA1c9E5OgFHdFz+c=", + "lastModified": 1667425292, + "narHash": "sha256-Cu4VWp0DLj7AS+CQYtBugxPA4r7NoX0u+BEo3GW6Sl4=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "6fa4ea8a68bf8e3efeac3d204f314ab9b5c83777", + "rev": "1f55dda5e2af30648d7d58dbb49dd5dfbef7bcf3", "type": "github" }, "original": { @@ -454,11 +454,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1666748742, - "narHash": "sha256-iXbopYzGsVJBufHT5SSoxpoY4AjvpqQKVrLvR72kmwc=", + "lastModified": 1667467369, + "narHash": "sha256-XIiVnu/tkHiVebwTTboq033oTUZnh1tuaf/vE56YFck=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "3a42ffbe4d9a8a82e754a15c14c8fd52f59258bf", + "rev": "66b523b571ced590d33cac81af2731db1ab114c7", "type": "github" }, "original": { @@ -623,11 +623,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1667235697, - "narHash": "sha256-1sEHtwyGAHLi/Tt1OTDHxR76TmUd8bRLO+rF5k52Xlo=", + "lastModified": 1667550944, + "narHash": "sha256-ggII6sCaxlD06V9PBE+9fit6zLFsYzQtEsU7wugNYP0=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "346eb80aa5f4d9c33c09d9acbb7895de338c81a8", + "rev": "a5cafcd286c4fddd81aebbb9edb6befaf0e1afbe", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index e155dd80..0ec26554 100644 --- a/flake.nix +++ b/flake.nix @@ -110,7 +110,7 @@ proxmox-lxc = nixos-generators.nixosGenerate { inherit system pkgs; format = "proxmox-lxc"; - modules = [ (import ./nixos/lxc-template.nix) ]; + modules = [ (import ./nixos/proxmox-lxc.nix) ]; }; }; diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 94aca704..a235c00a 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -34,6 +34,11 @@ mac = "7A:14:15:ED:D1:E6"; tags = [ "vault" ]; } + { + hostname = "pmm"; + ip = "192.168.0.104"; + mac = "7A:A3:59:1D:69:07"; + } { hostname = "MariaDB"; ip = "192.168.0.109"; diff --git a/nixos/hosts/hades/pmm/config/Anime.yml b/nixos/hosts/hades/pmm/config/Anime.yml new file mode 100644 index 00000000..e69de29b diff --git a/nixos/hosts/hades/pmm/config/Movies.yml b/nixos/hosts/hades/pmm/config/Movies.yml new file mode 100644 index 00000000..4133de0d --- /dev/null +++ b/nixos/hosts/hades/pmm/config/Movies.yml @@ -0,0 +1,32 @@ +templates: + Actor: + actor: tmdb + tmdb_person: <> + tmdb_actor_details: <> + sort_title: +_<> + sync_mode: sync + collection_order: release + collection_mode: hide + Set: + optional: + - collection + - movie + - list + tmdb_collection_details: <> + tmdb_movie: <> + tmdb_list: <> + sync_mode: sync + collection_order: release + url_poster: <> + sort_title: <> +collections: + Marvel Cinematic Universe: + template: + name: Set + list: 8194961 + poster: https://theposterdb.com/api/assets/162417 + Star Wars: + template: + name: Set + collection: 10 + poster: https://theposterdb.com/api/assets/164120 diff --git a/nixos/hosts/hades/pmm/config/TVShows.yml b/nixos/hosts/hades/pmm/config/TVShows.yml new file mode 100644 index 00000000..8ee5706a --- /dev/null +++ b/nixos/hosts/hades/pmm/config/TVShows.yml @@ -0,0 +1,36 @@ +templates: + set: + optional: + - network + - list + tmdb_network: <> + tmdb_list: <> + sort_title: <> + sync_mode: sync + url_poster: <> + url_background: <> + +collections: + Marvel Television: + template: + name: set, + list: "8205726" + poster: https://theposterdb.com/api/assets/239453 + background: https://i.imgur.com/ckx6reE.jpg + summary: Marvel Television + + Star Wars: + template: + name: set + list: "8205730" + poster: https://theposterdb.com/api/assets/164120 + background: https://i.imgur.com/OvxROTE.jpg + summary: Star Wars + + Star Trek: + template: + name: set + list: "8215091" + poster: https://theposterdb.com/api/assets/222279 + background: https://i.imgur.com/Yp0NCZa.jpg + summary: Star Trek diff --git a/nixos/hosts/hades/pmm/configuration.nix b/nixos/hosts/hades/pmm/configuration.nix new file mode 100644 index 00000000..44b112cd --- /dev/null +++ b/nixos/hosts/hades/pmm/configuration.nix @@ -0,0 +1,49 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: +let + datadir = "/var/lib/pmm/config"; + container = "meisnate12/plex-meta-manager:latest"; + run_pmm = pkgs.writeScriptBin "pmm-run" '' + sudo ${pkgs.podman}/bin/podman run --rm -it \ + -v "/var/lib/pmm/config:/config:rw" \ + -v "/etc/pmm/Anime.yml:/config/Anime.yml:ro" \ + -v "/etc/pmm/Movies.yml:/config/Movies.yml:ro" \ + -v "/etc/pmm/TVShows.yml:/config/TVShows.yml:ro" \ + ${container} --run + ''; +in { + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? + + networking.firewall.allowedTCPPorts = [ ]; + + environment.etc.pmm.source = ./config; + + environment.systemPackages = [ run_pmm ]; + + virtualisation.podman.enable = true; + virtualisation.oci-containers = { + backend = "podman"; + containers = { + plex-meta-manager = { + image = container; + volumes = [ + "${datadir}:/config:rw" + "/etc/pmm/Anime.yml:/config/Anime.yml:ro" + "/etc/pmm/Movies.yml:/config/Movies.yml:ro" + "/etc/pmm/TVShows.yml:/config/TVShows.yml:ro" + ]; + }; + }; + }; +} diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index f56e0601..5aa6820e 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -85,6 +85,10 @@ in # loader.systemd-boot.configurationLimit = 6; loader.efi.canTouchEfiVariables = true; loader.efi.efiSysMountPoint = "/boot/efi"; + + kernel.sysctl = { + "fs.inotify.max_user_watches" = 524288; + }; }; services.gnome.gnome-keyring.enable = true; diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index e364cfa2..57bb74db 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -39,9 +39,10 @@ in { k9s kubectl libnotify + mullvad-vpn neofetch nixpkgs-review - mullvad-vpn + ouch plex-media-player plexamp python3 @@ -102,6 +103,10 @@ in { userName = "Victor"; userEmail = "victor@xirion.net"; lfs.enable = true; + delta.enable = true; + extraConfig = { + push.autoSetupRemote = true; + }; }; programs.mako = { diff --git a/nixos/hosts/thalassa/null/home/eww/default.nix b/nixos/hosts/thalassa/null/home/eww/default.nix index 7937e5ef..dadcc758 100644 --- a/nixos/hosts/thalassa/null/home/eww/default.nix +++ b/nixos/hosts/thalassa/null/home/eww/default.nix @@ -9,7 +9,7 @@ home.file.".config/eww/eww.yuck".source = ./eww.yuck; home.file.".config/eww/eww.scss".text = builtins.readFile ./eww.scss; - # scripts + # scripts # TODO: just link all scripts in ./scripts to .config/eww/scripts home.file.".config/eww/scripts/volume.sh" = { source = ./scripts/volume.sh; diff --git a/nixos/lxc-template.nix b/nixos/proxmox-lxc.nix similarity index 100% rename from nixos/lxc-template.nix rename to nixos/proxmox-lxc.nix -- 2.47.1 From 093c5bede6ec63e34df13e8869a61b625461549d Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 5 Nov 2022 09:00:01 +0100 Subject: [PATCH 0546/1882] more pmm --- nixos/hosts/hades/pmm/config/Anime.yml | 84 ++++++++++++++++++++++++ nixos/hosts/hades/pmm/config/Movies.yml | 27 +++++--- nixos/hosts/hades/pmm/config/TVShows.yml | 10 +-- 3 files changed, 108 insertions(+), 13 deletions(-) diff --git a/nixos/hosts/hades/pmm/config/Anime.yml b/nixos/hosts/hades/pmm/config/Anime.yml index e69de29b..e4b49d76 100644 --- a/nixos/hosts/hades/pmm/config/Anime.yml +++ b/nixos/hosts/hades/pmm/config/Anime.yml @@ -0,0 +1,84 @@ +templates: + MAL Genre: + mal_genre: + genre_id: <> + collection_order: alpha + collection_mode: hide + sync_mode: sync + +collections: + Cars: + template: { name: MAL Genre, genre_id: 3 } + Demons: + template: { name: MAL Genre, genre_id: 6 } + Ecchi: + template: { name: MAL Genre, genre_id: 9 } + Game: + template: { name: MAL Genre, genre_id: 11 } + Harem: + template: { name: MAL Genre, genre_id: 35 } + Mecha: + template: { name: MAL Genre, genre_id: 18 } + Military: + template: { name: MAL Genre, genre_id: 38 } + Psychological: + template: { name: MAL Genre, genre_id: 40 } + Samurai: + template: { name: MAL Genre, genre_id: 21 } + School: + template: { name: MAL Genre, genre_id: 23 } + Shoujo: + template: { name: MAL Genre, genre_id: 25 } + Shounen: + template: { name: MAL Genre, genre_id: 27 } + Slice of Life: + template: { name: MAL Genre, genre_id: 36 } + Space: + template: { name: MAL Genre, genre_id: 29 } + Supernatural: + template: { name: MAL Genre, genre_id: 37 } + Super Power: + template: { name: MAL Genre, genre_id: 31 } + Vampire: + template: { name: MAL Genre, genre_id: 32 } + Action: + template: { name: MAL Genre, genre_id: 1 } + Adventure: + template: { name: MAL Genre, genre_id: 2 } + Comedy: + template: { name: MAL Genre, genre_id: 4 } + Drama: + template: { name: MAL Genre, genre_id: 8 } + Fantasy: + template: { name: MAL Genre, genre_id: 10 } + Historical: + template: { name: MAL Genre, genre_id: 13 } + Horror: + template: { name: MAL Genre, genre_id: 14 } + Martial Arts: + template: { name: MAL Genre, genre_id: 17 } + Music: + template: { name: MAL Genre, genre_id: 19 } + Mystery: + template: { name: MAL Genre, genre_id: 7 } + Romance: + template: { name: MAL Genre, genre_id: 22 } + Sci-Fi: + template: { name: MAL Genre, genre_id: 24 } + Sports: + template: { name: MAL Genre, genre_id: 30 } + Boys Love: + template: { name: MAL Genre, genre_id: 28 } + Girls Love: + template: { name: MAL Genre, genre_id: 26 } + Gourmet: + template: { name: MAL Genre, genre_id: 47 } + Parody: + template: { name: MAL Genre, genre_id: 20 } + Police: + template: { name: MAL Genre, genre_id: 39 } + Thriller: + template: { name: MAL Genre, genre_id: 41 } + Most Popular Anime: + mal_popular: 50 + sync_mode: sync diff --git a/nixos/hosts/hades/pmm/config/Movies.yml b/nixos/hosts/hades/pmm/config/Movies.yml index 4133de0d..2f0d898c 100644 --- a/nixos/hosts/hades/pmm/config/Movies.yml +++ b/nixos/hosts/hades/pmm/config/Movies.yml @@ -1,12 +1,11 @@ templates: - Actor: - actor: tmdb - tmdb_person: <> - tmdb_actor_details: <> - sort_title: +_<> + Studio: + optional: + - company + tmdb_company: <> + sort_title: +1_<> sync_mode: sync - collection_order: release - collection_mode: hide + smart_label: release.desc Set: optional: - collection @@ -21,12 +20,24 @@ templates: sort_title: <> collections: Marvel Cinematic Universe: + tvdb_list: https://thetvdb.com/lists/marvel-cinematic-universe template: name: Set - list: 8194961 poster: https://theposterdb.com/api/assets/162417 Star Wars: template: name: Set collection: 10 poster: https://theposterdb.com/api/assets/164120 + Studio Ghibli: + template: { name: Studio, company: 10342 } + summary: Studio Ghibli Inc. is a Japanese animation film studio headquartered in Koganei, Tokyo. The studio is best known for its animated feature films, and has also produced several short films, television commercials, and one television film. The studio’s mascot and most recognizable symbol is the character, Totoro, a giant cat-like spirit from the 1988 classic, My Neighbor Totoro. + Pixar: + template: { name: Studio, company: 3 } + summary: Pixar Animation Studios, commonly known as Pixar, is an American computer animation studio based in Emeryville, California, a subsidiary of Disney Studios Content owned by The Walt Disney Company. Pixar began in 1979 as part of the Lucasfilm computer division, known as the Graphics Group, before its spin-off as a corporation on February 3, 1986, with funding from Apple co-founder Steve Jobs, who became its majority shareholder. Disney purchased Pixar in 2006 at a valuation of $7.4 billion by converting each share of Pixar stock to 2.3 shares of Disney stock, a transaction that resulted in Jobs becoming Disney's largest single shareholder at the time. Pixar is best known for its feature films technologically powered by RenderMan, the company's own implementation of the industry-standard RenderMan Interface Specification image-rendering application programming interface. Luxo Jr., a desk lamp from the studio's 1986 short film of the same name, is the studio's mascot. + DC Extended Universe: + template: { name: Studio } + imdb_list: https://www.imdb.com/list/ls077827588/ + url_poster: https://images.theposterdb.com/prod/public/images/posters/optimized/collections/460717/dj5QiI3bseKx31j5JLM0PclTXC1KSuRPflLC4DP0.webp + summary: The DC Extended Universe (DCEU) is a media franchise and shared universe centered on superheros from DC Comics. + collection_order: release diff --git a/nixos/hosts/hades/pmm/config/TVShows.yml b/nixos/hosts/hades/pmm/config/TVShows.yml index 8ee5706a..2f22a960 100644 --- a/nixos/hosts/hades/pmm/config/TVShows.yml +++ b/nixos/hosts/hades/pmm/config/TVShows.yml @@ -11,26 +11,26 @@ templates: url_background: <> collections: - Marvel Television: + Marvel Cinematic Universe: + tvdb_list: https://thetvdb.com/lists/marvel-cinematic-universe template: - name: set, - list: "8205726" + name: set poster: https://theposterdb.com/api/assets/239453 background: https://i.imgur.com/ckx6reE.jpg summary: Marvel Television Star Wars: + tvdb_list: https://thetvdb.com/lists/star-wars template: name: set - list: "8205730" poster: https://theposterdb.com/api/assets/164120 background: https://i.imgur.com/OvxROTE.jpg summary: Star Wars Star Trek: + tvdb_list: https://thetvdb.com/lists/star-trek template: name: set - list: "8215091" poster: https://theposterdb.com/api/assets/222279 background: https://i.imgur.com/Yp0NCZa.jpg summary: Star Trek -- 2.47.1 From 2416d39e7790b1b6ed4d2aba738d14c8593b02f0 Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 5 Nov 2022 09:00:37 +0100 Subject: [PATCH 0547/1882] flake update --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index c3127f8a..d7783615 100644 --- a/flake.lock +++ b/flake.lock @@ -340,11 +340,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1667468181, - "narHash": "sha256-806/nrDW6e7bl4/oJEdAykYz/NaBuTUi7EUYArw2oic=", + "lastModified": 1667574732, + "narHash": "sha256-73TVk3uSQOja6Q/5OuNcpcqwo6+SMzJPRtYAjU0rBx4=", "owner": "nix-community", "repo": "home-manager", - "rev": "93335810751f0404fe424e61ad58bc8e94bf8e9d", + "rev": "b764068a506c6f70dba998efa0e7fcb99cb4deb2", "type": "github" }, "original": { @@ -359,11 +359,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1667516144, - "narHash": "sha256-vqHM8wATrBEk0L/57SSFU379sFbRwqwjMQBx+ef21bw=", + "lastModified": 1667585380, + "narHash": "sha256-NipRUi+DGyeNJO98u+ULf7Sd1UdsJ8JitZkKMPaMAF0=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "349afa0e7a5a8f60404772ae76ab0dc6fe4117ff", + "rev": "70aece85224dcca42e6fc596a4b68d688ad6c295", "type": "github" }, "original": { -- 2.47.1 From 77e9df69eccfe3d8d9a4187a1584e9ba584e527f Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 5 Nov 2022 13:26:05 +0100 Subject: [PATCH 0548/1882] deploy overseerr --- nixos/hosts/hades/default.nix | 5 +++ nixos/hosts/hades/overseerr/configuration.nix | 40 +++++++++++++++++++ nixos/hosts/hades/pmm/config/Anime.yml | 1 + nixos/hosts/hades/pmm/config/Movies.yml | 10 ++--- nixos/hosts/thalassa/null/home/default.nix | 2 + 5 files changed, 51 insertions(+), 7 deletions(-) create mode 100644 nixos/hosts/hades/overseerr/configuration.nix diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index a235c00a..c0990aae 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -39,6 +39,11 @@ ip = "192.168.0.104"; mac = "7A:A3:59:1D:69:07"; } + { + hostname = "overseerr"; + ip = "192.168.0.105"; + mac = "8E:21:7F:88:3A:83"; + } { hostname = "MariaDB"; ip = "192.168.0.109"; diff --git a/nixos/hosts/hades/overseerr/configuration.nix b/nixos/hosts/hades/overseerr/configuration.nix new file mode 100644 index 00000000..490e1654 --- /dev/null +++ b/nixos/hosts/hades/overseerr/configuration.nix @@ -0,0 +1,40 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ 5055 ]; + + virtualisation.podman.enable = true; + virtualisation.oci-containers = { + backend = "podman"; + containers = { + overseerr = { + image = "ghcr.io/sct/overseerr:1.30.1"; + environment = { + LOG_LEVEL = "debug"; + TZ = "Europe/Amsterdam"; + }; + ports = [ + "5055:5055" + ]; + volumes = [ "/var/lib/overseerr/config:/app/config" ]; + }; + }; + }; +} diff --git a/nixos/hosts/hades/pmm/config/Anime.yml b/nixos/hosts/hades/pmm/config/Anime.yml index e4b49d76..3eb25d07 100644 --- a/nixos/hosts/hades/pmm/config/Anime.yml +++ b/nixos/hosts/hades/pmm/config/Anime.yml @@ -5,6 +5,7 @@ templates: collection_order: alpha collection_mode: hide sync_mode: sync + sort_title: zz_<> collections: Cars: diff --git a/nixos/hosts/hades/pmm/config/Movies.yml b/nixos/hosts/hades/pmm/config/Movies.yml index 2f0d898c..e1eab280 100644 --- a/nixos/hosts/hades/pmm/config/Movies.yml +++ b/nixos/hosts/hades/pmm/config/Movies.yml @@ -3,7 +3,7 @@ templates: optional: - company tmdb_company: <> - sort_title: +1_<> + sort_title: <> sync_mode: sync smart_label: release.desc Set: @@ -31,13 +31,9 @@ collections: poster: https://theposterdb.com/api/assets/164120 Studio Ghibli: template: { name: Studio, company: 10342 } + url_poster: https://theposterdb.com/api/assets/393 summary: Studio Ghibli Inc. is a Japanese animation film studio headquartered in Koganei, Tokyo. The studio is best known for its animated feature films, and has also produced several short films, television commercials, and one television film. The studio’s mascot and most recognizable symbol is the character, Totoro, a giant cat-like spirit from the 1988 classic, My Neighbor Totoro. Pixar: template: { name: Studio, company: 3 } + url_poster: https://theposterdb.com/api/assets/18894 summary: Pixar Animation Studios, commonly known as Pixar, is an American computer animation studio based in Emeryville, California, a subsidiary of Disney Studios Content owned by The Walt Disney Company. Pixar began in 1979 as part of the Lucasfilm computer division, known as the Graphics Group, before its spin-off as a corporation on February 3, 1986, with funding from Apple co-founder Steve Jobs, who became its majority shareholder. Disney purchased Pixar in 2006 at a valuation of $7.4 billion by converting each share of Pixar stock to 2.3 shares of Disney stock, a transaction that resulted in Jobs becoming Disney's largest single shareholder at the time. Pixar is best known for its feature films technologically powered by RenderMan, the company's own implementation of the industry-standard RenderMan Interface Specification image-rendering application programming interface. Luxo Jr., a desk lamp from the studio's 1986 short film of the same name, is the studio's mascot. - DC Extended Universe: - template: { name: Studio } - imdb_list: https://www.imdb.com/list/ls077827588/ - url_poster: https://images.theposterdb.com/prod/public/images/posters/optimized/collections/460717/dj5QiI3bseKx31j5JLM0PclTXC1KSuRPflLC4DP0.webp - summary: The DC Extended Universe (DCEU) is a media franchise and shared universe centered on superheros from DC Comics. - collection_order: release diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 57bb74db..9f6026bc 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -97,6 +97,8 @@ in { enableAliases = true; }; + programs.bat.enable = true; + programs.git = { enable = true; package = pkgs.gitAndTools.gitFull; -- 2.47.1 From b8921c9906cecbb637408e44f55fcc9c3c50e8b6 Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 5 Nov 2022 14:27:22 +0100 Subject: [PATCH 0549/1882] add tautulli --- nixos/hosts/hades/default.nix | 5 ++++ nixos/hosts/hades/tautulli/configuration.nix | 26 ++++++++++++++++++++ 2 files changed, 31 insertions(+) create mode 100644 nixos/hosts/hades/tautulli/configuration.nix diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index c0990aae..19a45003 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -44,6 +44,11 @@ ip = "192.168.0.105"; mac = "8E:21:7F:88:3A:83"; } + { + hostname = "tautulli"; + ip = "192.168.0.106"; + mac = "BE:30:DB:F8:C6:55"; + } { hostname = "MariaDB"; ip = "192.168.0.109"; diff --git a/nixos/hosts/hades/tautulli/configuration.nix b/nixos/hosts/hades/tautulli/configuration.nix new file mode 100644 index 00000000..1d10ed9a --- /dev/null +++ b/nixos/hosts/hades/tautulli/configuration.nix @@ -0,0 +1,26 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + services.tautulli = rec { + enable = true; + port = 8080; + openFirewall = true; + }; +} -- 2.47.1 From 4f9825c17988e0c8130e7640789846e763624dc6 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 1 Nov 2022 11:11:14 +0100 Subject: [PATCH 0550/1882] enable authorized fetch --- nixos/hosts/hades/mastodon/configuration.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/nixos/hosts/hades/mastodon/configuration.nix b/nixos/hosts/hades/mastodon/configuration.nix index 77840daa..da2efba4 100644 --- a/nixos/hosts/hades/mastodon/configuration.nix +++ b/nixos/hosts/hades/mastodon/configuration.nix @@ -82,6 +82,8 @@ in # TODO: Don't? RAILS_SERVE_STATIC_FILES = "true"; + AUTHORIZED_FETCH = "true"; + # https://github.com/cybrespace/cybrespace-meta/blob/master/s3.md; # https://shivering-isles.com/Mastodon-and-Amazon-S3 S3_ENABLED = "true"; -- 2.47.1 From 4c13bbc4e63c62ad5725e79a59a31ff01015e847 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 5 Nov 2022 15:55:18 +0100 Subject: [PATCH 0551/1882] deploy ntfy --- nixos/hosts/olympus/default.nix | 5 +++ nixos/hosts/olympus/nginx/configuration.nix | 1 + nixos/hosts/olympus/ntfy/configuration.nix | 35 +++++++++++++++++++++ 3 files changed, 41 insertions(+) create mode 100644 nixos/hosts/olympus/ntfy/configuration.nix diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index edc663c1..693b5682 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -163,6 +163,11 @@ ip = "10.42.42.31"; mac = "96:61:03:16:63:98"; } + { + hostname = "ntfy"; + ip = "10.42.42.32"; + mac = "7A:17:9E:80:72:01"; + } { hostname = "nuc"; ip = "10.42.42.42"; diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index cc6fa7fb..517b3cb4 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -53,6 +53,7 @@ in { virtualHosts."grafana.0x76.dev" = proxy "http://victoriametrics.olympus:2342"; virtualHosts."outline.0x76.dev" = proxy "http://outline.olympus:3000"; virtualHosts."id.0x76.dev" = proxy "http://keycloak.olympus:80"; + virtualHosts."ntfy.0x76.dev" = proxy "http://ntfy.olympus:80"; virtualHosts."pass.0x76.dev" = { enableACME = true; forceSSL = true; diff --git a/nixos/hosts/olympus/ntfy/configuration.nix b/nixos/hosts/olympus/ntfy/configuration.nix new file mode 100644 index 00000000..7dcb516b --- /dev/null +++ b/nixos/hosts/olympus/ntfy/configuration.nix @@ -0,0 +1,35 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ntfy-sh ]; + + networking.firewall.allowedTCPPorts = [ 80 ]; + + services.ntfy-sh = let datadir = "/var/lib/ntfy"; in { + enable = true; + settings = { + base-url = "https://ntfy.0x76.dev"; + listen-http = ":80"; + cache-file = "${datadir}/cache.db"; + auth-file = "${datadir}/user.db"; + auth-default-access = "deny-all"; + behind-proxy = true; + attachment-cache-dir = "${datadir}/attachments"; + }; + }; +} -- 2.47.1 From 042b2e9664eaa5452dd909906d36b1349c14a1f6 Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 5 Nov 2022 22:28:04 +0100 Subject: [PATCH 0552/1882] update mastodon --- flake.lock | 10 +- flake.nix | 1 - nixos/hosts/hades/mastodon/configuration.nix | 3 + nixos/hosts/hades/tautulli/configuration.nix | 5 +- nixos/hosts/thalassa/null/home/hyprland.nix | 215 +++++++++---------- nixos/pkgs/glitch-soc/default.nix | 2 +- nixos/pkgs/glitch-soc/gemset.nix | 20 +- nixos/pkgs/glitch-soc/source.nix | 4 +- nixos/pkgs/glitch-soc/version.nix | 2 +- 9 files changed, 130 insertions(+), 132 deletions(-) diff --git a/flake.lock b/flake.lock index d7783615..523c8daf 100644 --- a/flake.lock +++ b/flake.lock @@ -359,11 +359,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1667585380, - "narHash": "sha256-NipRUi+DGyeNJO98u+ULf7Sd1UdsJ8JitZkKMPaMAF0=", + "lastModified": 1667671515, + "narHash": "sha256-jdhA2R+Ezam6R++BYId1jwdvgZn6VZDnG4oEK+R8KIQ=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "70aece85224dcca42e6fc596a4b68d688ad6c295", + "rev": "bee06f35073da245b71221897becc74260a5b51f", "type": "github" }, "original": { @@ -624,10 +624,10 @@ "nixpkgs_2": { "locked": { "lastModified": 1667550944, - "narHash": "sha256-ggII6sCaxlD06V9PBE+9fit6zLFsYzQtEsU7wugNYP0=", + "narHash": "sha256-8qNYarOJtasZ/+G5mlNC2mh8VG5NagM6tSpK2Rq5hDk=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "a5cafcd286c4fddd81aebbb9edb6befaf0e1afbe", + "rev": "afc2d0fe2359d4f4eff4d003f41130ad52ab427e", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 0ec26554..e3a91f55 100644 --- a/flake.nix +++ b/flake.nix @@ -131,7 +131,6 @@ vault (vault-push-approle-envs self { }) (vault-push-approles self { }) - rnix-lsp ]; }; }; diff --git a/nixos/hosts/hades/mastodon/configuration.nix b/nixos/hosts/hades/mastodon/configuration.nix index da2efba4..65862860 100644 --- a/nixos/hosts/hades/mastodon/configuration.nix +++ b/nixos/hosts/hades/mastodon/configuration.nix @@ -28,6 +28,7 @@ in cat >> /var/lib/mastodon/.secrets_env < Date: Sun, 6 Nov 2022 13:04:41 +0100 Subject: [PATCH 0553/1882] repl.nix --- flake.lock | 18 +++++------ flake.nix | 9 ++++-- nixos/hosts/thalassa/null/configuration.nix | 7 ++--- nixos/hosts/thalassa/null/home/default.nix | 1 + nixos/hosts/thalassa/null/home/hyprland.nix | 3 ++ notes/ideas.md | 33 +++++++++++++++++++++ repl.nix | 10 +++++++ 7 files changed, 65 insertions(+), 16 deletions(-) create mode 100644 notes/ideas.md create mode 100644 repl.nix diff --git a/flake.lock b/flake.lock index 523c8daf..958e8038 100644 --- a/flake.lock +++ b/flake.lock @@ -340,11 +340,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1667574732, - "narHash": "sha256-73TVk3uSQOja6Q/5OuNcpcqwo6+SMzJPRtYAjU0rBx4=", + "lastModified": 1667691670, + "narHash": "sha256-9MgKg5LbTRuZ6oonP49go4jcUzkTOhVD3ZnQsi9aWM0=", "owner": "nix-community", "repo": "home-manager", - "rev": "b764068a506c6f70dba998efa0e7fcb99cb4deb2", + "rev": "c5adf29545b553089ccf9c28b68973ce6f812c1c", "type": "github" }, "original": { @@ -359,11 +359,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1667671515, - "narHash": "sha256-jdhA2R+Ezam6R++BYId1jwdvgZn6VZDnG4oEK+R8KIQ=", + "lastModified": 1667673266, + "narHash": "sha256-grIxeuXZjil9dj97/RW1Jhf+8dsCKfzop4PR2CqOrgo=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "bee06f35073da245b71221897becc74260a5b51f", + "rev": "976b44443ae1603699a5fc4ef1eb3c6e0f5886c8", "type": "github" }, "original": { @@ -623,11 +623,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1667550944, - "narHash": "sha256-8qNYarOJtasZ/+G5mlNC2mh8VG5NagM6tSpK2Rq5hDk=", + "lastModified": 1667683652, + "narHash": "sha256-We3GMb6c+TRBj2Dvh5Hv/TFEZKejlvLAFg9Z3Ge3/dA=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "afc2d0fe2359d4f4eff4d003f41130ad52ab427e", + "rev": "d5c95ef578f32febb1f7da817df1496336e82faa", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index e3a91f55..71f1eea9 100644 --- a/flake.nix +++ b/flake.nix @@ -71,12 +71,16 @@ }; # Script to apply local colmena deployments - apply-local = pkgs.writeScriptBin "apply-local" '' - #!${pkgs.stdenv.shell} + apply-local = pkgs.writeShellScriptBin "apply-local" '' "${ colmena.packages.${system}.colmena }"/bin/colmena apply-local --sudo $@ ''; + + fast-repl = pkgs.writeShellScriptBin "fast-repl" '' + source /etc/set-environment + nix repl --file "${./.}/repl.nix" $@ + ''; in { # Make the nixosConfigurations for compat reasons nixosConfigurations = @@ -131,6 +135,7 @@ vault (vault-push-approle-envs self { }) (vault-push-approles self { }) + fast-repl ]; }; }; diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 5aa6820e..47247cbc 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -30,8 +30,7 @@ let exec Hyprland ''; -in -{ +in { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix @@ -86,9 +85,7 @@ in loader.efi.canTouchEfiVariables = true; loader.efi.efiSysMountPoint = "/boot/efi"; - kernel.sysctl = { - "fs.inotify.max_user_watches" = 524288; - }; + kernel.sysctl = { "fs.inotify.max_user_watches" = 524288; }; }; services.gnome.gnome-keyring.enable = true; diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 9f6026bc..e60ec89e 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -23,6 +23,7 @@ in { btop calibre cinny-desktop + discord-canary element-desktop-wayland fluxcd fusee-launcher diff --git a/nixos/hosts/thalassa/null/home/hyprland.nix b/nixos/hosts/thalassa/null/home/hyprland.nix index c0428787..7329a2f5 100644 --- a/nixos/hosts/thalassa/null/home/hyprland.nix +++ b/nixos/hosts/thalassa/null/home/hyprland.nix @@ -23,6 +23,9 @@ enable = true; recommendedEnvironment = true; extraConfig = '' + exec-once=dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP + exec-once=systemctl --user import-environment WAYLAND_DISPLAY XDG_CURRENT_DESKTOP + monitor=eDP-1,1920x1080@60,0x0,1 monitor=eDP-1,addreserved,0,0,48,0 monitor=,preferred,auto,1 diff --git a/notes/ideas.md b/notes/ideas.md new file mode 100644 index 00000000..455de91b --- /dev/null +++ b/notes/ideas.md @@ -0,0 +1,33 @@ +# 1. Add port info to hosts +Re-use `hosts` setup and add domain and port information to each host +```nix +{ + hostname = "overseerr"; + ip = "192.168.0.105"; + mac = "8E:21:7F:88:3A:83"; + # new stuff + exposes = { + requests = { + port = 3000; + domain = "requests.xirion.net"; + port = 3000; + }; + ... + }; +} +``` +which then can get translated to nginx config: +```nix +virtualHosts."requests.xirion.net" = proxy "http://192.168.0.105:80"; +``` + +Ideally hosts should also be able to access their own host information more easily so +that in service config one could use `thisHost.exposes.requests.port` or similar + +# 2. Authoritative nameserver +Using the definitions from (1), we can then also build authoritative DNS records +by folding over `hosts[i].exposes.requests.domain` and collating that with its realm (and therefore external IP) + +This also means I should probably put the external IP in some kind of meta block per realm. + +[dns.nix](https://github.com/kirelagin/dns.nix) seems to be a nice DSL for DNS stuff diff --git a/repl.nix b/repl.nix new file mode 100644 index 00000000..77ee9d67 --- /dev/null +++ b/repl.nix @@ -0,0 +1,10 @@ +let + flake = builtins.getFlake (toString ./.); + nixpkgs = import { }; +in +{ inherit flake; } +// flake +// builtins +// nixpkgs +// nixpkgs.lib +// flake.nixosConfigurations -- 2.47.1 From b04d93811e2cda11c0ed24ca6d511fca1ffb14ec Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 6 Nov 2022 22:13:48 +0100 Subject: [PATCH 0554/1882] update mastodon --- flake.lock | 56 ++++++++++++++++++++- flake.nix | 3 ++ nixos/hosts/hades/pmm/config/Movies.yml | 11 ++++ nixos/hosts/thalassa/null/configuration.nix | 1 - nixos/hosts/thalassa/null/home/default.nix | 2 +- nixos/hosts/thalassa/null/home/hyprland.nix | 4 ++ nixos/hosts/thalassa/null/home/neovim.nix | 37 ++++++++++++++ nixos/pkgs/glitch-soc/default.nix | 16 +++--- nixos/pkgs/glitch-soc/source.nix | 6 +-- nixos/pkgs/glitch-soc/version.nix | 2 +- 10 files changed, 124 insertions(+), 14 deletions(-) create mode 100644 nixos/hosts/thalassa/null/home/neovim.nix diff --git a/flake.lock b/flake.lock index 958e8038..84b5ffd8 100644 --- a/flake.lock +++ b/flake.lock @@ -287,6 +287,21 @@ } }, "flake-utils_3": { + "locked": { + "lastModified": 1659877975, + "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { "locked": { "lastModified": 1631561581, "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=", @@ -667,6 +682,44 @@ "type": "github" } }, + "nixvim": { + "inputs": { + "flake-utils": "flake-utils_3", + "nixpkgs": [ + "nixpkgs" + ], + "nmdSrc": "nmdSrc" + }, + "locked": { + "lastModified": 1667212379, + "narHash": "sha256-6U4821gGS73xkE/t490+NRMrrJO+Glb/DArnsJlw/qI=", + "owner": "pta2002", + "repo": "nixvim", + "rev": "f7be7364620a357aded1f46d66a9b86035d8f771", + "type": "github" + }, + "original": { + "owner": "pta2002", + "repo": "nixvim", + "type": "github" + } + }, + "nmdSrc": { + "flake": false, + "locked": { + "lastModified": 1654807200, + "narHash": "sha256-RNLq09vfj21TyYuUCeD6BNTNC6Ew8bLhQULZytN4Xx8=", + "owner": "rycee", + "repo": "nmd", + "rev": "91dee681dd1c478d6040a00835d73c0f4a4c5c29", + "type": "gitlab" + }, + "original": { + "owner": "rycee", + "repo": "nmd", + "type": "gitlab" + } + }, "poetry2nix": { "flake": false, "locked": { @@ -744,6 +797,7 @@ "minecraft-servers": "minecraft-servers", "nixos-generators": "nixos-generators", "nixpkgs": "nixpkgs_2", + "nixvim": "nixvim", "riff": "riff", "vault-secrets": "vault-secrets", "webcord": "webcord" @@ -865,7 +919,7 @@ "vault-secrets": { "inputs": { "flake-compat": "flake-compat_3", - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils_4", "nix": "nix", "nixpkgs": [ "nixpkgs" diff --git a/flake.nix b/flake.nix index 71f1eea9..3bf7aa79 100644 --- a/flake.nix +++ b/flake.nix @@ -35,6 +35,9 @@ mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver"; mailserver.inputs.nixpkgs.follows = "nixpkgs"; + nixvim.url = "github:pta2002/nixvim"; + nixvim.inputs.nixpkgs.follows = "nixpkgs"; + nixos-generators = { url = "github:nix-community/nixos-generators"; inputs.nixpkgs.follows = "nixpkgs"; diff --git a/nixos/hosts/hades/pmm/config/Movies.yml b/nixos/hosts/hades/pmm/config/Movies.yml index e1eab280..85dfb078 100644 --- a/nixos/hosts/hades/pmm/config/Movies.yml +++ b/nixos/hosts/hades/pmm/config/Movies.yml @@ -18,6 +18,7 @@ templates: collection_order: release url_poster: <> sort_title: <> + url_background: <> collections: Marvel Cinematic Universe: tvdb_list: https://thetvdb.com/lists/marvel-cinematic-universe @@ -37,3 +38,13 @@ collections: template: { name: Studio, company: 3 } url_poster: https://theposterdb.com/api/assets/18894 summary: Pixar Animation Studios, commonly known as Pixar, is an American computer animation studio based in Emeryville, California, a subsidiary of Disney Studios Content owned by The Walt Disney Company. Pixar began in 1979 as part of the Lucasfilm computer division, known as the Graphics Group, before its spin-off as a corporation on February 3, 1986, with funding from Apple co-founder Steve Jobs, who became its majority shareholder. Disney purchased Pixar in 2006 at a valuation of $7.4 billion by converting each share of Pixar stock to 2.3 shares of Disney stock, a transaction that resulted in Jobs becoming Disney's largest single shareholder at the time. Pixar is best known for its feature films technologically powered by RenderMan, the company's own implementation of the industry-standard RenderMan Interface Specification image-rendering application programming interface. Luxo Jr., a desk lamp from the studio's 1986 short film of the same name, is the studio's mascot. + Star Trek: + tmdb_collection: + - 151 + - 115570 + template: + name: Set + poster: https://theposterdb.com/api/assets/222279 + background: https://i.imgur.com/Yp0NCZa.jpg + Bad Trek: + tmdb_collection_details: 115575 \ No newline at end of file diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 47247cbc..826b71d6 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -197,7 +197,6 @@ in { pciutils nvidia-offload run-hyprland - vim wireguard-tools slurp gdb diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index e60ec89e..402584e3 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -11,8 +11,8 @@ in { home.stateVersion = "22.05"; imports = [ - inputs.hyprland.homeManagerModules.default ./hyprland.nix + ./neovim.nix ./eww ./theme.nix ]; diff --git a/nixos/hosts/thalassa/null/home/hyprland.nix b/nixos/hosts/thalassa/null/home/hyprland.nix index 7329a2f5..75e7bf89 100644 --- a/nixos/hosts/thalassa/null/home/hyprland.nix +++ b/nixos/hosts/thalassa/null/home/hyprland.nix @@ -5,6 +5,10 @@ wallpaper = eDP-1,~/cloud/Pictures/Wallpapers-Laptop/wallpaper-nix-pink.png ''; + imports = [ + inputs.hyprland.homeManagerModules.default + ]; + wayland.windowManager.hyprland = let startup-script = pkgs.writeScriptBin "startup" '' #!${pkgs.stdenv.shell} diff --git a/nixos/hosts/thalassa/null/home/neovim.nix b/nixos/hosts/thalassa/null/home/neovim.nix new file mode 100644 index 00000000..eecb152d --- /dev/null +++ b/nixos/hosts/thalassa/null/home/neovim.nix @@ -0,0 +1,37 @@ +{ inputs, pkgs, lib, ... }: { + imports = [ inputs.nixvim.homeManagerModules.nixvim ]; + programs.nixvim = { + enable = true; + package = pkgs.neovim-unwrapped; + + extraPlugins = with pkgs.vimPlugins; [ catppuccin-nvim ]; + + colorscheme = "catppuccin-frappe"; + + plugins = { + nix.enable = true; + treesitter = { + enable = true; + nixGrammars = false; + ensureInstalled = []; + }; + surround.enable = true; + fugitive.enable = true; + lualine = { + enable = true; + theme = "catppuccin"; + }; + telescope = { + enable = true; + extensions.fzf-native.enable = true; + }; + lsp = { + enable = true; + servers.rust-analyzer.enable = true; + servers.rnix-lsp.enable = true; + servers.pyright.enable = true; + }; + nvim-cmp = { enable = true; }; + }; + }; +} diff --git a/nixos/pkgs/glitch-soc/default.nix b/nixos/pkgs/glitch-soc/default.nix index f265bc7d..963a8ea1 100644 --- a/nixos/pkgs/glitch-soc/default.nix +++ b/nixos/pkgs/glitch-soc/default.nix @@ -16,11 +16,6 @@ stdenv.mkDerivation rec { # Putting the callPackage up in the arguments list also does not work. src = if srcOverride != null then srcOverride else callPackage ./source.nix {}; - yarnOfflineCache = fetchYarnDeps { - yarnLock = "${src}/yarn.lock"; - sha256 = "sha256-8LxM+YFOZTWEsljc9Vvq0mBnonhtMNnfqrKCDSk2iZE="; - }; - mastodon-gems = bundlerEnv { name = "${pname}-gems-${version}"; inherit version; @@ -45,6 +40,11 @@ stdenv.mkDerivation rec { pname = "${pname}-modules"; inherit src version; + yarnOfflineCache = fetchYarnDeps { + yarnLock = "${src}/yarn.lock"; + sha256 = "sha256-ON4hJrj3YIxSE5PJ3ZVLdMC37f8wpf2Olej8M/Bjcks="; + }; + nativeBuildInputs = [ fixup_yarn_lock nodejs-slim yarn mastodon-gems mastodon-gems.wrappedRuby ]; RAILS_ENV = "production"; @@ -52,9 +52,11 @@ stdenv.mkDerivation rec { buildPhase = '' export HOME=$PWD + # This option is needed for openssl-3 compatibility + # Otherwise we encounter this upstream issue: https://github.com/mastodon/mastodon/issues/17924 export NODE_OPTIONS=--openssl-legacy-provider fixup_yarn_lock ~/yarn.lock - yarn config --offline set yarn-offline-mirror ${yarnOfflineCache} + yarn config --offline set yarn-offline-mirror $yarnOfflineCache yarn install --offline --frozen-lockfile --ignore-engines --ignore-scripts --no-progress patchShebangs ~/bin @@ -119,6 +121,6 @@ stdenv.mkDerivation rec { homepage = "https://joinmastodon.org"; license = licenses.agpl3Plus; platforms = [ "x86_64-linux" "i686-linux" "aarch64-linux" ]; - maintainers = with maintainers; [ petabyteboy happy-river erictapen izorkin ]; + maintainers = with maintainers; [ happy-river erictapen izorkin ]; }; } diff --git a/nixos/pkgs/glitch-soc/source.nix b/nixos/pkgs/glitch-soc/source.nix index 7c989a76..3cc306f4 100644 --- a/nixos/pkgs/glitch-soc/source.nix +++ b/nixos/pkgs/glitch-soc/source.nix @@ -1,9 +1,9 @@ # This file was generated by pkgs.mastodon.updateScript. { fetchgit, applyPatches }: let src = fetchgit { - url = "https://github.com/glitch-soc/mastodon.git"; - rev = "2f8fb49d1314db931385089bc9004a48700161ad"; - sha256 = "0jj3p70lb16gn5cmcxnqkjy0aih3a5i38ppfjadyaxjdxhzbr3kd"; + url = "https://git.0x76.dev/v/mastodon.git"; + rev = "54101563bbadbfafd9291a867d7fbea6df3a8b7b"; + sha256 = "1yi0jczfrsrj2rgzyawcpnm4sndyinpqrdaqbv6rz3maa5a0y6qb"; }; in applyPatches { inherit src; diff --git a/nixos/pkgs/glitch-soc/version.nix b/nixos/pkgs/glitch-soc/version.nix index 618fe109..f7e6591c 100644 --- a/nixos/pkgs/glitch-soc/version.nix +++ b/nixos/pkgs/glitch-soc/version.nix @@ -1 +1 @@ -"4.0.0rc1" +"4.0.0rc2" -- 2.47.1 From ab44c1f1d1c746140b544a7a5cb88873a7838408 Mon Sep 17 00:00:00 2001 From: victor Date: Mon, 7 Nov 2022 13:21:09 +0100 Subject: [PATCH 0555/1882] deploy woodpecker --- flake.lock | 24 ++++---- nixos/hosts/olympus/default.nix | 5 ++ nixos/hosts/olympus/nginx/configuration.nix | 1 + .../olympus/woodpecker/configuration.nix | 59 +++++++++++++++++++ 4 files changed, 77 insertions(+), 12 deletions(-) create mode 100644 nixos/hosts/olympus/woodpecker/configuration.nix diff --git a/flake.lock b/flake.lock index 84b5ffd8..d390e89e 100644 --- a/flake.lock +++ b/flake.lock @@ -355,11 +355,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1667691670, - "narHash": "sha256-9MgKg5LbTRuZ6oonP49go4jcUzkTOhVD3ZnQsi9aWM0=", + "lastModified": 1667708081, + "narHash": "sha256-FChEy05x4ed/pttjfTeKxjPCnHknMYrUtDyBiYbreT4=", "owner": "nix-community", "repo": "home-manager", - "rev": "c5adf29545b553089ccf9c28b68973ce6f812c1c", + "rev": "1ef0da321217c6c19b7a30509631c080a19321e5", "type": "github" }, "original": { @@ -374,11 +374,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1667673266, - "narHash": "sha256-grIxeuXZjil9dj97/RW1Jhf+8dsCKfzop4PR2CqOrgo=", + "lastModified": 1667758253, + "narHash": "sha256-MO9Qgsps6wtrn4K2Dv15mLgbYlmpzyFda4xnmzNP5OA=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "976b44443ae1603699a5fc4ef1eb3c6e0f5886c8", + "rev": "efbc3f819459da9f50ed4e22d648c222ea5c7ec1", "type": "github" }, "original": { @@ -394,11 +394,11 @@ ] }, "locked": { - "lastModified": 1667425292, - "narHash": "sha256-Cu4VWp0DLj7AS+CQYtBugxPA4r7NoX0u+BEo3GW6Sl4=", + "lastModified": 1667775402, + "narHash": "sha256-+k/21qDW+RKBKFKkjRmntWemJR8/5bZyyoDTKr/emCU=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "1f55dda5e2af30648d7d58dbb49dd5dfbef7bcf3", + "rev": "6d3a15f33cedaa8f01b0f96c8d2a1f8de24bbb33", "type": "github" }, "original": { @@ -870,11 +870,11 @@ }, "utils_2": { "locked": { - "lastModified": 1667077288, - "narHash": "sha256-bdC8sFNDpT0HK74u9fUkpbf1MEzVYJ+ka7NXCdgBoaA=", + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", "owner": "numtide", "repo": "flake-utils", - "rev": "6ee9ebb6b1ee695d2cacc4faa053a7b9baa76817", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 693b5682..20ee1352 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -168,6 +168,11 @@ ip = "10.42.42.32"; mac = "7A:17:9E:80:72:01"; } + { + hostname = "woodpecker"; + ip = "10.42.42.33"; + mac = "1E:24:DA:DB:4A:1A"; + } { hostname = "nuc"; ip = "10.42.42.42"; diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 517b3cb4..d32b3613 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -54,6 +54,7 @@ in { virtualHosts."outline.0x76.dev" = proxy "http://outline.olympus:3000"; virtualHosts."id.0x76.dev" = proxy "http://keycloak.olympus:80"; virtualHosts."ntfy.0x76.dev" = proxy "http://ntfy.olympus:80"; + virtualHosts."ci.0x76.dev" = proxy "http://woodpecker.olympus:8000"; virtualHosts."pass.0x76.dev" = { enableACME = true; forceSSL = true; diff --git a/nixos/hosts/olympus/woodpecker/configuration.nix b/nixos/hosts/olympus/woodpecker/configuration.nix new file mode 100644 index 00000000..8df11165 --- /dev/null +++ b/nixos/hosts/olympus/woodpecker/configuration.nix @@ -0,0 +1,59 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: +let vs = config.vault-secrets.secrets; +in { + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ ]; + + vault-secrets.secrets.woodpecker = { + services = [ "podman-woodpecker-server" "podman-woodpecker-agent" ]; + quoteEnvironmentValues = false; # Needed for docker + }; + + virtualisation.podman = { + enable = true; + dockerSocket.enable = true; + }; + + virtualisation.oci-containers = { + backend = "podman"; + containers = { + woodpecker-server = { + image = "woodpeckerci/woodpecker-server:latest"; + ports = [ "8000:8000" ]; + volumes = [ "woodpecker-server-data:/var/lib/woodpecker/" ]; + environmentFiles = [ "${vs.woodpecker}/environment" ]; + environment = { + WOODPECKER_OPEN = "true"; + WOODPECKER_HOST = "https://ci.0x76.dev"; + WOODPECKER_GITEA = "true"; + WOODPECKER_GITEA_URL = "https://git.0x76.dev"; + WOODPECKER_ADMIN = "v"; + }; + }; + woodpecker-agent = { + image = "woodpeckerci/woodpecker-agent:latest"; + dependsOn = [ "woodpecker-server" ]; + cmd = [ "agent" ]; + volumes = [ "/var/run/docker.sock:/var/run/docker.sock" ]; + environmentFiles = [ "${vs.woodpecker}/environment" ]; + environment = { WOODPECKER_SERVER = "woodpecker-server:9000"; }; + }; + }; + }; +} -- 2.47.1 From 0c8149342d2472b96fdb1418a3018b15b57ea4e5 Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 9 Nov 2022 10:16:30 +0100 Subject: [PATCH 0556/1882] add wifi network --- nixos/hosts/thalassa/null/networking.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/nixos/hosts/thalassa/null/networking.nix b/nixos/hosts/thalassa/null/networking.nix index 0de1672a..4ede7108 100644 --- a/nixos/hosts/thalassa/null/networking.nix +++ b/nixos/hosts/thalassa/null/networking.nix @@ -42,6 +42,9 @@ "meowy hotspot" = { psk = "@HOTSPOT_PASSWORD@"; }; + "WiFi Roest" = { + psk = "@WIFI_ROEST_PASSWORD@"; + }; }; }; -- 2.47.1 From 76aacb9760b70ec158a880e8df749023906a16a1 Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 9 Nov 2022 11:03:28 +0100 Subject: [PATCH 0557/1882] nix flake update --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index d390e89e..c629287f 100644 --- a/flake.lock +++ b/flake.lock @@ -355,11 +355,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1667708081, - "narHash": "sha256-FChEy05x4ed/pttjfTeKxjPCnHknMYrUtDyBiYbreT4=", + "lastModified": 1667981810, + "narHash": "sha256-p27zd5M+OkfND46gzbGkaHlNBZsYe95M48OJuFeuuSY=", "owner": "nix-community", "repo": "home-manager", - "rev": "1ef0da321217c6c19b7a30509631c080a19321e5", + "rev": "6ce3493a3c5c6a8f4cfa6f5f88723272e0cfd335", "type": "github" }, "original": { @@ -374,11 +374,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1667758253, - "narHash": "sha256-MO9Qgsps6wtrn4K2Dv15mLgbYlmpzyFda4xnmzNP5OA=", + "lastModified": 1667939321, + "narHash": "sha256-gxNIDG1Edosd4MVQAmE/et/45UiLfzcbditwOGCGXQY=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "efbc3f819459da9f50ed4e22d648c222ea5c7ec1", + "rev": "1cf829c889ea50476ac0b45d9031e6c1a7da0f55", "type": "github" }, "original": { @@ -638,11 +638,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1667683652, - "narHash": "sha256-We3GMb6c+TRBj2Dvh5Hv/TFEZKejlvLAFg9Z3Ge3/dA=", + "lastModified": 1667985360, + "narHash": "sha256-tgkQBZNwRxK2H4yQQFdtwcK8r2YIfEnZ+Ssnh3oU5Uk=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "d5c95ef578f32febb1f7da817df1496336e82faa", + "rev": "1f26cfbb7237978a00c7a2959c92f7e31bbef2c1", "type": "github" }, "original": { @@ -691,11 +691,11 @@ "nmdSrc": "nmdSrc" }, "locked": { - "lastModified": 1667212379, - "narHash": "sha256-6U4821gGS73xkE/t490+NRMrrJO+Glb/DArnsJlw/qI=", + "lastModified": 1667937737, + "narHash": "sha256-DsxIAtvYA9d/pzmPXeT9aHi7/QOqL8usoemROYSVEjc=", "owner": "pta2002", "repo": "nixvim", - "rev": "f7be7364620a357aded1f46d66a9b86035d8f771", + "rev": "c320be04c82914933fe94f64282e646d97d342d4", "type": "github" }, "original": { -- 2.47.1 From 6623c22b8b3843eefc89384e3d5c8a0f33ab5081 Mon Sep 17 00:00:00 2001 From: victor Date: Thu, 10 Nov 2022 10:43:32 +0100 Subject: [PATCH 0558/1882] fix pio hash --- nixos/pkgs/vscode-extensions/platformio.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/pkgs/vscode-extensions/platformio.nix b/nixos/pkgs/vscode-extensions/platformio.nix index dc9ddada..542a9cf9 100644 --- a/nixos/pkgs/vscode-extensions/platformio.nix +++ b/nixos/pkgs/vscode-extensions/platformio.nix @@ -5,6 +5,6 @@ in buildVscodeMarketplaceExtension { name = "platformio-ide"; publisher = "platformio"; version = "2.5.4"; - sha256 = "sha256-KbXlegQSLjMCVotR1mU/CDiaQMKLLSX+nnbRJgdFTz8="; + sha256 = "sha256-/vBdZ6Mu1KlF+glqp5CNt9WeK1ECqfaivCnK8TisChg="; }; } -- 2.47.1 From 7d34d62256418e319796b6e4c5a0d3e488434bff Mon Sep 17 00:00:00 2001 From: victor Date: Fri, 11 Nov 2022 13:19:26 +0100 Subject: [PATCH 0559/1882] flake update --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index c629287f..10a2e7a5 100644 --- a/flake.lock +++ b/flake.lock @@ -288,11 +288,11 @@ }, "flake-utils_3": { "locked": { - "lastModified": 1659877975, - "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", "owner": "numtide", "repo": "flake-utils", - "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", "type": "github" }, "original": { @@ -374,11 +374,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1667939321, - "narHash": "sha256-gxNIDG1Edosd4MVQAmE/et/45UiLfzcbditwOGCGXQY=", + "lastModified": 1668117106, + "narHash": "sha256-tVr06QbWpAQnSrlW/rpgjXJMiI0A0yjBNumadyz3WQ0=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "1cf829c889ea50476ac0b45d9031e6c1a7da0f55", + "rev": "a5ffd44cafd84f6f324e27c1925573e6cabcc858", "type": "github" }, "original": { @@ -638,11 +638,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1667985360, - "narHash": "sha256-tgkQBZNwRxK2H4yQQFdtwcK8r2YIfEnZ+Ssnh3oU5Uk=", + "lastModified": 1668168219, + "narHash": "sha256-5oS2F/YAR68ZiIc4rV0yZy1DjcO3Wftc5qSZe+EyYQo=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "1f26cfbb7237978a00c7a2959c92f7e31bbef2c1", + "rev": "d18333c8716886407c236f814cfb0e677084a7f7", "type": "github" }, "original": { @@ -691,11 +691,11 @@ "nmdSrc": "nmdSrc" }, "locked": { - "lastModified": 1667937737, - "narHash": "sha256-DsxIAtvYA9d/pzmPXeT9aHi7/QOqL8usoemROYSVEjc=", + "lastModified": 1668132923, + "narHash": "sha256-bg1AwLsd20RguCLngi+l9OkiCX0/1jar07MA9sXte+g=", "owner": "pta2002", "repo": "nixvim", - "rev": "c320be04c82914933fe94f64282e646d97d342d4", + "rev": "bd5c46202eeb31a6084e2aca58062da9bb33e555", "type": "github" }, "original": { @@ -707,11 +707,11 @@ "nmdSrc": { "flake": false, "locked": { - "lastModified": 1654807200, - "narHash": "sha256-RNLq09vfj21TyYuUCeD6BNTNC6Ew8bLhQULZytN4Xx8=", + "lastModified": 1666190571, + "narHash": "sha256-Z1hc7M9X6L+H83o9vOprijpzhTfOBjd0KmUTnpHAVjA=", "owner": "rycee", "repo": "nmd", - "rev": "91dee681dd1c478d6040a00835d73c0f4a4c5c29", + "rev": "b75d312b4f33bd3294cd8ae5c2ca8c6da2afc169", "type": "gitlab" }, "original": { -- 2.47.1 From 791f0fbe332a268ea20f666338f0cb3a8ed1b82b Mon Sep 17 00:00:00 2001 From: victor Date: Fri, 11 Nov 2022 19:22:15 +0100 Subject: [PATCH 0560/1882] update mastodon --- nixos/pkgs/glitch-soc/source.nix | 4 ++-- nixos/pkgs/glitch-soc/version.nix | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/nixos/pkgs/glitch-soc/source.nix b/nixos/pkgs/glitch-soc/source.nix index 3cc306f4..33c40302 100644 --- a/nixos/pkgs/glitch-soc/source.nix +++ b/nixos/pkgs/glitch-soc/source.nix @@ -2,8 +2,8 @@ { fetchgit, applyPatches }: let src = fetchgit { url = "https://git.0x76.dev/v/mastodon.git"; - rev = "54101563bbadbfafd9291a867d7fbea6df3a8b7b"; - sha256 = "1yi0jczfrsrj2rgzyawcpnm4sndyinpqrdaqbv6rz3maa5a0y6qb"; + rev = "6df9d388e7cb3d90a6d1fb0a920c1ce16db60822"; + sha256 = "1ah34pc6v4qkld16393wzid8l0pyc81w2lzh1hk9r3anncpp86dr"; }; in applyPatches { inherit src; diff --git a/nixos/pkgs/glitch-soc/version.nix b/nixos/pkgs/glitch-soc/version.nix index f7e6591c..49c389d9 100644 --- a/nixos/pkgs/glitch-soc/version.nix +++ b/nixos/pkgs/glitch-soc/version.nix @@ -1 +1 @@ -"4.0.0rc2" +"4.0.0rc3" -- 2.47.1 From 87b02f2d50c65694102554e3418929e554f5c5c4 Mon Sep 17 00:00:00 2001 From: victor Date: Fri, 11 Nov 2022 21:15:37 +0100 Subject: [PATCH 0561/1882] delete drone yaml; --- .drone.yml | 8 -------- 1 file changed, 8 deletions(-) delete mode 100644 .drone.yml diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index 27c73b87..00000000 --- a/.drone.yml +++ /dev/null @@ -1,8 +0,0 @@ -kind: pipeline -type: kubernetes -name: default -steps: - - name: yamllint - image: registry.gitlab.com/pipeline-components/yamllint - commands: - - yamllint -c .yamllint.yaml . -- 2.47.1 From 4b909357c949db38594491c92cead2054164011b Mon Sep 17 00:00:00 2001 From: victor Date: Thu, 17 Nov 2022 23:19:38 +0100 Subject: [PATCH 0562/1882] flake update --- flake.lock | 116 +++++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 91 insertions(+), 25 deletions(-) diff --git a/flake.lock b/flake.lock index 10a2e7a5..5cae9cef 100644 --- a/flake.lock +++ b/flake.lock @@ -24,6 +24,29 @@ "type": "github" } }, + "beautysh": { + "inputs": { + "nixpkgs": [ + "nixvim", + "nixpkgs" + ], + "poetry2nix": "poetry2nix", + "utils": "utils_5" + }, + "locked": { + "lastModified": 1667262410, + "narHash": "sha256-yqqvPvazG/Ci3WpIfPb+o+i2cNuyAYYY19lwJGCmUao=", + "owner": "lovesegfault", + "repo": "beautysh", + "rev": "a1fdaff999db2dfc5032914630f5052360f4b432", + "type": "github" + }, + "original": { + "owner": "lovesegfault", + "repo": "beautysh", + "type": "github" + } + }, "blobs": { "flake": false, "locked": { @@ -51,11 +74,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1667072567, - "narHash": "sha256-z8ciml6BOzVDX3MbRY22C5GonJrDxi2xrVuS6Gyxorc=", + "lastModified": 1668384235, + "narHash": "sha256-bt2drRd1v+efic9MLnO3KI2x96g+J4TxhKiQQKqvyik=", "owner": "zhaofengli", "repo": "colmena", - "rev": "5432fe488ebec7ee30aaea5fb18a759e30e59612", + "rev": "fff97f729086b4fc463e30d33d3350bcfa2838bb", "type": "github" }, "original": { @@ -131,7 +154,7 @@ "webcord", "nixpkgs" ], - "poetry2nix": "poetry2nix", + "poetry2nix": "poetry2nix_2", "pre-commit-hooks": "pre-commit-hooks" }, "locked": { @@ -355,11 +378,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1667981810, - "narHash": "sha256-p27zd5M+OkfND46gzbGkaHlNBZsYe95M48OJuFeuuSY=", + "lastModified": 1668332334, + "narHash": "sha256-YT1qcE/MCqBO1Bi/Yr6GcFpNKsvmzrBKh8juyXDbxQc=", "owner": "nix-community", "repo": "home-manager", - "rev": "6ce3493a3c5c6a8f4cfa6f5f88723272e0cfd335", + "rev": "bc90de24d898655542589237cc0a6ada7564cb6c", "type": "github" }, "original": { @@ -374,11 +397,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1668117106, - "narHash": "sha256-tVr06QbWpAQnSrlW/rpgjXJMiI0A0yjBNumadyz3WQ0=", + "lastModified": 1668612936, + "narHash": "sha256-C5p+LpueYK9tI3F+7hKBVjYxn7gk2kW4kxe/jasIbuk=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "a5ffd44cafd84f6f324e27c1925573e6cabcc858", + "rev": "c02bfc3897137439596df4670cef2441d24c8367", "type": "github" }, "original": { @@ -469,11 +492,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1667467369, - "narHash": "sha256-XIiVnu/tkHiVebwTTboq033oTUZnh1tuaf/vE56YFck=", + "lastModified": 1668596614, + "narHash": "sha256-1qAy4Z04n2r2MMcudJpd0o1ev6hzycPToaQ/hxgEvjg=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "66b523b571ced590d33cac81af2731db1ab114c7", + "rev": "0361ed70b7e94a694687e065e8b404d95117dd8a", "type": "github" }, "original": { @@ -607,11 +630,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1666377499, - "narHash": "sha256-dZZCGvWcxc7oGnUgFVf0UeNHsJ4VhkTM0v5JRe8EwR8=", + "lastModified": 1668087632, + "narHash": "sha256-T/cUx44aYDuLMFfaiVpMdTjL4kpG7bh0VkN6JEM78/E=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "301aada7a64812853f2e2634a530ef5d34505048", + "rev": "5f588eb4a958f1a526ed8da02d6ea1bea0047b9f", "type": "github" }, "original": { @@ -638,11 +661,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1668168219, - "narHash": "sha256-5oS2F/YAR68ZiIc4rV0yZy1DjcO3Wftc5qSZe+EyYQo=", + "lastModified": 1668627032, + "narHash": "sha256-FrXXv4K/XHsEhjg2f1+1HdGmxpEWxpgm2Udak2BEbX4=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "d18333c8716886407c236f814cfb0e677084a7f7", + "rev": "d29674acb8a744f3553b336f55413808dc6082ab", "type": "github" }, "original": { @@ -684,6 +707,7 @@ }, "nixvim": { "inputs": { + "beautysh": "beautysh", "flake-utils": "flake-utils_3", "nixpkgs": [ "nixpkgs" @@ -691,11 +715,11 @@ "nmdSrc": "nmdSrc" }, "locked": { - "lastModified": 1668132923, - "narHash": "sha256-bg1AwLsd20RguCLngi+l9OkiCX0/1jar07MA9sXte+g=", + "lastModified": 1668602255, + "narHash": "sha256-65Zv8tSMKXVdOhoXOxYBlO3jGvGpUlU4BwqAfcrJLYs=", "owner": "pta2002", "repo": "nixvim", - "rev": "bd5c46202eeb31a6084e2aca58062da9bb33e555", + "rev": "a601a75d0cae8229f1416506bd172e4e4aef3ce7", "type": "github" }, "original": { @@ -721,6 +745,33 @@ } }, "poetry2nix": { + "inputs": { + "flake-utils": [ + "nixvim", + "beautysh", + "utils" + ], + "nixpkgs": [ + "nixvim", + "beautysh", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1658665240, + "narHash": "sha256-/wkx7D7enyBPRjIkK0w7QxLQhzEkb3UxNQnjyc3FTUI=", + "owner": "nix-community", + "repo": "poetry2nix", + "rev": "8b8edc85d24661d5a6d0d71d6a7011f3e699780f", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "poetry2nix", + "type": "github" + } + }, + "poetry2nix_2": { "flake": false, "locked": { "lastModified": 1632969109, @@ -916,6 +967,21 @@ "type": "github" } }, + "utils_5": { + "locked": { + "lastModified": 1667077288, + "narHash": "sha256-bdC8sFNDpT0HK74u9fUkpbf1MEzVYJ+ka7NXCdgBoaA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "6ee9ebb6b1ee695d2cacc4faa053a7b9baa76817", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "vault-secrets": { "inputs": { "flake-compat": "flake-compat_3", @@ -979,11 +1045,11 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1666466001, - "narHash": "sha256-ZjxAnqtcGmHQHKL1Z9sIraDnzIqrJleWcJXfPtzAm74=", + "lastModified": 1668292512, + "narHash": "sha256-lCMnIguyZgAGq7W2IwIVPoQS8fAfZ/XFwz/1TQ53eI8=", "owner": "wlroots", "repo": "wlroots", - "rev": "c2d2773df57750081b16d56da13b5015d752cbd7", + "rev": "627a5c511278e67c3c308cdc6a639cbb490f48c3", "type": "gitlab" }, "original": { -- 2.47.1 From ef8700092ada2987dfb7345e26160810650b0ae5 Mon Sep 17 00:00:00 2001 From: victor Date: Sat, 19 Nov 2022 15:24:55 +0100 Subject: [PATCH 0563/1882] flake update --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index 5cae9cef..0d028fa2 100644 --- a/flake.lock +++ b/flake.lock @@ -378,11 +378,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1668332334, - "narHash": "sha256-YT1qcE/MCqBO1Bi/Yr6GcFpNKsvmzrBKh8juyXDbxQc=", + "lastModified": 1668788863, + "narHash": "sha256-FsdUG+YkRX7JZKZm6T44J2h+0pXB1sWA9AobyiozFK0=", "owner": "nix-community", "repo": "home-manager", - "rev": "bc90de24d898655542589237cc0a6ada7564cb6c", + "rev": "948d1f8a5cef55a281d4f5d17f3b79df6c82fce1", "type": "github" }, "original": { @@ -397,11 +397,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1668612936, - "narHash": "sha256-C5p+LpueYK9tI3F+7hKBVjYxn7gk2kW4kxe/jasIbuk=", + "lastModified": 1668803715, + "narHash": "sha256-mZSsFXG8dXjbAMtNsU22l2zNrb2y2lbUd5uwFFu/xBg=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "c02bfc3897137439596df4670cef2441d24c8367", + "rev": "250d61e0b3e23ed7088dd7a309b3a5b3a2d6577c", "type": "github" }, "original": { @@ -417,11 +417,11 @@ ] }, "locked": { - "lastModified": 1667775402, - "narHash": "sha256-+k/21qDW+RKBKFKkjRmntWemJR8/5bZyyoDTKr/emCU=", + "lastModified": 1668803733, + "narHash": "sha256-/zD2vsOlCE/7Qf4iDhRrJbK65SqCpF8qeBJUC7Go/wg=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "6d3a15f33cedaa8f01b0f96c8d2a1f8de24bbb33", + "rev": "e5d64c0be9662ab4b46b95d2e9af0a9f1fba4131", "type": "github" }, "original": { @@ -492,11 +492,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1668596614, - "narHash": "sha256-1qAy4Z04n2r2MMcudJpd0o1ev6hzycPToaQ/hxgEvjg=", + "lastModified": 1668648302, + "narHash": "sha256-F7BCS3j6dGj5d2vtD/x45jHzZwx+wVjg19mpurXsPDE=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "0361ed70b7e94a694687e065e8b404d95117dd8a", + "rev": "c11023daeb8726b6d75b51d2bffc7062a22f7369", "type": "github" }, "original": { @@ -615,11 +615,11 @@ ] }, "locked": { - "lastModified": 1666812839, - "narHash": "sha256-0nBDgjPU+iDsvz89W+cDEyhnFGSwCJmwDl/gMGqYiU0=", + "lastModified": 1668790324, + "narHash": "sha256-WPPvwnzY+RLqBC7TESfRbvfnKN4v5Sjz3MY7BD7nm3E=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "41f3518bc194389df22a3d198215eae75e6b5ab9", + "rev": "02e332e8d01c5901dafaef15555384add24630cd", "type": "github" }, "original": { @@ -661,11 +661,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1668627032, - "narHash": "sha256-FrXXv4K/XHsEhjg2f1+1HdGmxpEWxpgm2Udak2BEbX4=", + "lastModified": 1668859099, + "narHash": "sha256-n0iIsEsSI60gPKBpOYUAeH4nw1TAw5nr3xSCjO3RF+4=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "d29674acb8a744f3553b336f55413808dc6082ab", + "rev": "a4661c2cf94734394992977cbd87b0599adf3b2c", "type": "github" }, "original": { -- 2.47.1 From 75f25cf1c1bf33f3d0147a4d0c6029da51d6f25f Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 23 Nov 2022 13:28:03 +0100 Subject: [PATCH 0564/1882] flake update --- flake.lock | 48 +++++++++++----------- nixos/hosts/thalassa/null/home/default.nix | 9 ++-- 2 files changed, 27 insertions(+), 30 deletions(-) diff --git a/flake.lock b/flake.lock index 0d028fa2..723f013d 100644 --- a/flake.lock +++ b/flake.lock @@ -97,11 +97,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1666010793, - "narHash": "sha256-6zhTpR0cfaHrupOXRZAdCzLAGINgsB6h3HQnj7+qHWs=", + "lastModified": 1669048207, + "narHash": "sha256-sCgM5+Dwz7qU8iBscP24JPvahyf01wQL0MPPz5n8amk=", "owner": "nix-community", "repo": "comma", - "rev": "691120d169189f3a9cb29b1c72bcd521ac372b2b", + "rev": "959a31aaec134d75802a47271a8df09563098fa2", "type": "github" }, "original": { @@ -378,11 +378,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1668788863, - "narHash": "sha256-FsdUG+YkRX7JZKZm6T44J2h+0pXB1sWA9AobyiozFK0=", + "lastModified": 1669071065, + "narHash": "sha256-KBpgj3JkvlPsJ3duOZqFJe6tgr+wc75t8sFmgRbBSbw=", "owner": "nix-community", "repo": "home-manager", - "rev": "948d1f8a5cef55a281d4f5d17f3b79df6c82fce1", + "rev": "f7641a3ff398ccce952e19a199d775934e518c1d", "type": "github" }, "original": { @@ -397,11 +397,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1668803715, - "narHash": "sha256-mZSsFXG8dXjbAMtNsU22l2zNrb2y2lbUd5uwFFu/xBg=", + "lastModified": 1669160820, + "narHash": "sha256-aj/VsGt3gZJAjxyn/3Rtpeavl4V5RK+8EK0/mdntAXA=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "250d61e0b3e23ed7088dd7a309b3a5b3a2d6577c", + "rev": "e15a9f3d7dbd133d6891cdcffa00c4f039760245", "type": "github" }, "original": { @@ -492,11 +492,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1668648302, - "narHash": "sha256-F7BCS3j6dGj5d2vtD/x45jHzZwx+wVjg19mpurXsPDE=", + "lastModified": 1669166290, + "narHash": "sha256-nDQI1D3D+AlxXi46T6zzdi6u6ahlQs/MqyZcQtZhgWU=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "c11023daeb8726b6d75b51d2bffc7062a22f7369", + "rev": "4e4269c671c5c1621cdb77b9e20e5bf425e13408", "type": "github" }, "original": { @@ -615,11 +615,11 @@ ] }, "locked": { - "lastModified": 1668790324, - "narHash": "sha256-WPPvwnzY+RLqBC7TESfRbvfnKN4v5Sjz3MY7BD7nm3E=", + "lastModified": 1669065280, + "narHash": "sha256-3+pq1oJWjGDLfd8G/vR3IIFZ+EQ/aglukA0bTiMlf3o=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "02e332e8d01c5901dafaef15555384add24630cd", + "rev": "50aeec40f2072d2ab267c8ec8a345573704ec110", "type": "github" }, "original": { @@ -630,11 +630,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1668087632, - "narHash": "sha256-T/cUx44aYDuLMFfaiVpMdTjL4kpG7bh0VkN6JEM78/E=", + "lastModified": 1668765800, + "narHash": "sha256-rC40+/W6Hio7b/RsY8SvQPKNx4WqNcTgfYv8cUMAvJk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5f588eb4a958f1a526ed8da02d6ea1bea0047b9f", + "rev": "52b2ac8ae18bbad4374ff0dd5aeee0fdf1aea739", "type": "github" }, "original": { @@ -661,11 +661,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1668859099, - "narHash": "sha256-n0iIsEsSI60gPKBpOYUAeH4nw1TAw5nr3xSCjO3RF+4=", + "lastModified": 1669193020, + "narHash": "sha256-1Yf4Rzqn7ejwcuxofmhfImvSYR164NgosHYj6wa8r1Q=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "a4661c2cf94734394992977cbd87b0599adf3b2c", + "rev": "6efcb22b785cf81d38630be293d636f7423b0cbf", "type": "github" }, "original": { @@ -1045,11 +1045,11 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1668292512, - "narHash": "sha256-lCMnIguyZgAGq7W2IwIVPoQS8fAfZ/XFwz/1TQ53eI8=", + "lastModified": 1668785720, + "narHash": "sha256-CX+PYJP2PxZWL380WzyMNsrfRgIb/78brdwvDg/zj28=", "owner": "wlroots", "repo": "wlroots", - "rev": "627a5c511278e67c3c308cdc6a639cbb490f48c3", + "rev": "4ff46e6cf9463e594605928feeb7c55cf323b5e7", "type": "gitlab" }, "original": { diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 402584e3..d2fb3236 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -10,12 +10,7 @@ in { home.homeDirectory = "/home/victor"; home.stateVersion = "22.05"; - imports = [ - ./hyprland.nix - ./neovim.nix - ./eww - ./theme.nix - ]; + imports = [ ./hyprland.nix ./neovim.nix ./eww ./theme.nix ]; home.packages = with pkgs; [ appimage-run @@ -43,6 +38,7 @@ in { mullvad-vpn neofetch nixpkgs-review + nixfmt ouch plex-media-player plexamp @@ -109,6 +105,7 @@ in { delta.enable = true; extraConfig = { push.autoSetupRemote = true; + init.defaultBranch = "main"; }; }; -- 2.47.1 From ee0a53d00e3ba0b9cc7ee6644be2356d84693fe3 Mon Sep 17 00:00:00 2001 From: victor Date: Wed, 23 Nov 2022 16:51:56 +0100 Subject: [PATCH 0565/1882] flake update --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 723f013d..de74341c 100644 --- a/flake.lock +++ b/flake.lock @@ -397,11 +397,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1669160820, - "narHash": "sha256-aj/VsGt3gZJAjxyn/3Rtpeavl4V5RK+8EK0/mdntAXA=", + "lastModified": 1669212626, + "narHash": "sha256-YwGgXM7dVZA8ivjRCaLs6FvhrxOWqaz0943m1KNdUZo=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "e15a9f3d7dbd133d6891cdcffa00c4f039760245", + "rev": "79a9bc9076a98cc11a7f2c361765adacda224b0c", "type": "github" }, "original": { @@ -661,11 +661,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1669193020, - "narHash": "sha256-1Yf4Rzqn7ejwcuxofmhfImvSYR164NgosHYj6wa8r1Q=", + "lastModified": 1669052418, + "narHash": "sha256-M1I4BKXBQm2gey1tScemEh5TpHHE3gKptL7BpWUvL8s=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "6efcb22b785cf81d38630be293d636f7423b0cbf", + "rev": "20fc948445a6c22d4e8d5178e9a6bc6e1f5417c8", "type": "github" }, "original": { -- 2.47.1 From bf5d5d9573e338309d4741cbf9aa9114a3a4b658 Mon Sep 17 00:00:00 2001 From: victor Date: Fri, 25 Nov 2022 19:08:25 +0100 Subject: [PATCH 0566/1882] flake update --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index de74341c..14596479 100644 --- a/flake.lock +++ b/flake.lock @@ -378,11 +378,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1669071065, - "narHash": "sha256-KBpgj3JkvlPsJ3duOZqFJe6tgr+wc75t8sFmgRbBSbw=", + "lastModified": 1669328018, + "narHash": "sha256-aJRMobnNDEXKwoSZFS4hGjGU1WDNxkQ82BVKAEohOfY=", "owner": "nix-community", "repo": "home-manager", - "rev": "f7641a3ff398ccce952e19a199d775934e518c1d", + "rev": "62cb5bcf93896e4dd6b4507dac7ba2e2e3abc9d7", "type": "github" }, "original": { @@ -397,11 +397,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1669212626, - "narHash": "sha256-YwGgXM7dVZA8ivjRCaLs6FvhrxOWqaz0943m1KNdUZo=", + "lastModified": 1669376092, + "narHash": "sha256-COBsAjliwMbzzTulrUKAOLQwdhN3D2kc0VSsfBVPZ1E=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "79a9bc9076a98cc11a7f2c361765adacda224b0c", + "rev": "0e6e8461eb0139c2ecd4c66d7995cefe2a7f5195", "type": "github" }, "original": { @@ -492,11 +492,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1669166290, - "narHash": "sha256-nDQI1D3D+AlxXi46T6zzdi6u6ahlQs/MqyZcQtZhgWU=", + "lastModified": 1669339063, + "narHash": "sha256-/NTh/VV7ypL9pDSKrog8PD17Q5PkCzEINwiZwCWwYso=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "4e4269c671c5c1621cdb77b9e20e5bf425e13408", + "rev": "2ad0daaf4dee0649e4cc570689094cbdb298a009", "type": "github" }, "original": { -- 2.47.1 From 4a44d39b06809e928c03b0d6f0a1877734acb090 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 11 Nov 2022 15:46:05 +0100 Subject: [PATCH 0567/1882] fix woodpecker --- nixos/hosts/olympus/woodpecker/configuration.nix | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/nixos/hosts/olympus/woodpecker/configuration.nix b/nixos/hosts/olympus/woodpecker/configuration.nix index 8df11165..d7ca1fa2 100644 --- a/nixos/hosts/olympus/woodpecker/configuration.nix +++ b/nixos/hosts/olympus/woodpecker/configuration.nix @@ -30,29 +30,40 @@ in { dockerSocket.enable = true; }; + systemd.services.create-woodpecker-pod = with config.virtualisation.oci-containers; { + serviceConfig.Type = "oneshot"; + wantedBy = [ "${backend}-woodpecker-server.service" "${backend}-woodpecker-agent.service"]; + script = '' + ${pkgs.podman}/bin/podman pod exists woodpecker || \ + ${pkgs.podman}/bin/podman pod create -n woodpecker -p 8000:8000 + ''; + }; + virtualisation.oci-containers = { backend = "podman"; containers = { woodpecker-server = { image = "woodpeckerci/woodpecker-server:latest"; - ports = [ "8000:8000" ]; volumes = [ "woodpecker-server-data:/var/lib/woodpecker/" ]; environmentFiles = [ "${vs.woodpecker}/environment" ]; + extraOptions = [ "--pod=woodpecker" ]; environment = { WOODPECKER_OPEN = "true"; WOODPECKER_HOST = "https://ci.0x76.dev"; WOODPECKER_GITEA = "true"; WOODPECKER_GITEA_URL = "https://git.0x76.dev"; WOODPECKER_ADMIN = "v"; + WOODPECKER_AUTHENTICATE_PUBLIC_REPOS = "true"; }; }; woodpecker-agent = { image = "woodpeckerci/woodpecker-agent:latest"; dependsOn = [ "woodpecker-server" ]; + extraOptions = [ "--pod=woodpecker" ]; cmd = [ "agent" ]; volumes = [ "/var/run/docker.sock:/var/run/docker.sock" ]; environmentFiles = [ "${vs.woodpecker}/environment" ]; - environment = { WOODPECKER_SERVER = "woodpecker-server:9000"; }; + environment = { WOODPECKER_SERVER = "localhost:9000"; }; }; }; }; -- 2.47.1 From 414d960be80da7f01834ba009c1d30446af3f0e9 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 27 Nov 2022 09:43:28 +0100 Subject: [PATCH 0568/1882] add nwerc host --- nixos/hosts/olympus/default.nix | 5 ++++ nixos/hosts/olympus/nwerc/configuration.nix | 28 +++++++++++++++++++++ 2 files changed, 33 insertions(+) create mode 100644 nixos/hosts/olympus/nwerc/configuration.nix diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 20ee1352..ecf95e4e 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -173,6 +173,11 @@ ip = "10.42.42.33"; mac = "1E:24:DA:DB:4A:1A"; } + { + hostname = "nwerc"; + ip = "10.42.42.40"; + mac = "72:ED:31:E1:08:52"; + } { hostname = "nuc"; ip = "10.42.42.42"; diff --git a/nixos/hosts/olympus/nwerc/configuration.nix b/nixos/hosts/olympus/nwerc/configuration.nix new file mode 100644 index 00000000..e8bf0398 --- /dev/null +++ b/nixos/hosts/olympus/nwerc/configuration.nix @@ -0,0 +1,28 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, lib, ... }: + +{ + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ ]; + + users.users.nwerc = { + isNormalUser = true; + }; + + services.openssh.passwordAuthentication = lib.mkForce true; +} -- 2.47.1 From cbc1571f36d79f45f73753be4bba081b7ea8c66b Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 27 Nov 2022 19:01:15 +0100 Subject: [PATCH 0569/1882] add readarr --- nixos/hosts/hades/_template/configuration.nix | 22 ++++++ nixos/hosts/hades/default.nix | 5 ++ nixos/hosts/hades/readarr/configuration.nix | 44 +++++++++++ nixos/hosts/olympus/nwerc/configuration.nix | 4 +- nixos/hosts/thalassa/null/home/default.nix | 78 ++++++++++--------- 5 files changed, 116 insertions(+), 37 deletions(-) create mode 100644 nixos/hosts/hades/_template/configuration.nix create mode 100644 nixos/hosts/hades/readarr/configuration.nix diff --git a/nixos/hosts/hades/_template/configuration.nix b/nixos/hosts/hades/_template/configuration.nix new file mode 100644 index 00000000..e660f641 --- /dev/null +++ b/nixos/hosts/hades/_template/configuration.nix @@ -0,0 +1,22 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ ]; +} diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 19a45003..0ae96552 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -208,6 +208,11 @@ ip = "192.168.0.140"; mac = "3a:67:8e:98:0c:a2"; } + { + hostname = "readarr"; + ip = "192.168.0.141"; + mac = "E6:A2:37:4A:7C:87"; + } { hostname = "archlinux"; ip = "192.168.0.200"; diff --git a/nixos/hosts/hades/readarr/configuration.nix b/nixos/hosts/hades/readarr/configuration.nix new file mode 100644 index 00000000..20d65592 --- /dev/null +++ b/nixos/hosts/hades/readarr/configuration.nix @@ -0,0 +1,44 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ ]; + + fileSystems."/mnt/storage" = { + device = "storage:/mnt/storage"; + fsType = "nfs"; + }; + + virtualisation.oci-containers = { + backend = "podman"; + containers = { + readarr = { + image = "cr.hotio.dev/hotio/readarr:testing"; + ports = [ + "8787:8787" + ]; + volumes = [ + "/var/lib/readarr:/config" + "/mnt/storage:/mnt/storage" + ]; + }; + }; + }; +} + \ No newline at end of file diff --git a/nixos/hosts/olympus/nwerc/configuration.nix b/nixos/hosts/olympus/nwerc/configuration.nix index e8bf0398..b203251b 100644 --- a/nixos/hosts/olympus/nwerc/configuration.nix +++ b/nixos/hosts/olympus/nwerc/configuration.nix @@ -1,4 +1,4 @@ -# Edit this configuration file to define what should be installed on +# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). @@ -22,7 +22,9 @@ users.users.nwerc = { isNormalUser = true; + openssh.authorizedKeys.keys = []; }; + # Allow password authentication services.openssh.passwordAuthentication = lib.mkForce true; } diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index d2fb3236..0e81f045 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -4,7 +4,8 @@ let inherit (pkgs.texlive) scheme-full; dnd-5e-latex-template = { pkgs = [ pkgs.v.dnd-5e-latex-template ]; }; }); -in { +in +{ programs.home-manager.enable = true; home.username = "victor"; home.homeDirectory = "/home/victor"; @@ -61,28 +62,29 @@ in { xdg.mimeApps = { enable = true; - defaultApplications = let browser = [ "firefox.desktop" ]; - in { - "image/*" = "org.gnome.eog.desktop"; - "text/html" = browser; - "x-scheme-handler/http" = browser; - "x-scheme-handler/https" = browser; - "x-scheme-handler/ftp" = browser; - "x-scheme-handler/about" = browser; - "x-scheme-handler/unknown" = browser; - "application/x-extension-htm" = browser; - "application/x-extension-html" = browser; - "application/x-extension-shtml" = browser; - "application/xhtml+xml" = browser; - "application/x-extension-xhtml" = browser; - "application/x-extension-xht" = browser; + defaultApplications = + let browser = [ "firefox.desktop" ]; + in { + "image/*" = "org.gnome.eog.desktop"; + "text/html" = browser; + "x-scheme-handler/http" = browser; + "x-scheme-handler/https" = browser; + "x-scheme-handler/ftp" = browser; + "x-scheme-handler/about" = browser; + "x-scheme-handler/unknown" = browser; + "application/x-extension-htm" = browser; + "application/x-extension-html" = browser; + "application/x-extension-shtml" = browser; + "application/xhtml+xml" = browser; + "application/x-extension-xhtml" = browser; + "application/x-extension-xht" = browser; - "application/json" = browser; - "application/pdf" = browser; + "application/json" = browser; + "application/pdf" = browser; - "x-scheme-handler/vscode" = "code-url-handler.desktop"; - "x-scheme-handler/discord" = "webcord.desktop"; - }; + "x-scheme-handler/vscode" = "code-url-handler.desktop"; + "x-scheme-handler/discord" = "webcord.desktop"; + }; }; programs.foot = { enable = true; }; @@ -134,6 +136,11 @@ in { package = pkgs.vscode; userSettings = { "ltex.language" = "en-GB"; + "latex-workshop" = { + "linting.chktex.enabled" = true; + "latex.clean.subfolder.enabled" = true; + "latex.outDir" = "%TMPDIR%/%RELATIVE_DOC%"; + }; "workbench.colorTheme" = "Catppuccin Frappé"; "editor.fontFamily" = "'DejaVuSansMono Nerd Font', 'monospace', monospace"; @@ -144,8 +151,6 @@ in { "nix.serverPath" = "${pkgs.nil}/bin/nil"; # The path to the LSP server executable. "[nix]" = { "editor.defaultFormatter" = "brettm12345.nixfmt-vscode"; }; - # "platformio-ide.useBuiltinPIOCore" = false; - # "platformio-ide.useBuiltinPython" = false; }; extensions = with pkgs.vscode-extensions; with pkgs.v.vscode-extensions; [ @@ -180,19 +185,20 @@ in { sessionVariables = { DIRENV_LOG_FORMAT = ""; }; }; - xdg.userDirs = let home = config.home.homeDirectory; - in { - enable = true; - createDirectories = true; - desktop = "${home}/.desktop"; - documents = "${home}/cloud/Documents"; - download = "${home}/dl"; - music = "${home}/cloud/Music"; - pictures = "${home}/cloud/Pictures"; - publicShare = "${home}/.publicShare"; - templates = "${home}/.templates"; - videos = "${home}/cloud/Videos"; - }; + xdg.userDirs = + let home = config.home.homeDirectory; + in { + enable = true; + createDirectories = true; + desktop = "${home}/.desktop"; + documents = "${home}/cloud/Documents"; + download = "${home}/dl"; + music = "${home}/cloud/Music"; + pictures = "${home}/cloud/Pictures"; + publicShare = "${home}/.publicShare"; + templates = "${home}/.templates"; + videos = "${home}/cloud/Videos"; + }; services.syncthing.enable = true; } -- 2.47.1 From af0d2f4d72068b7bafe41b0fc897a5930a9a9cdb Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 28 Nov 2022 23:36:13 +0100 Subject: [PATCH 0570/1882] laptop iso --- flake.nix | 6 ++++++ nixos/hosts/thalassa/default.nix | 4 ++++ nixos/iso-graphical.nix | 15 +++++++++++++++ nixos/pkgs/gitea-agatheme/default.nix | 6 +++--- 4 files changed, 28 insertions(+), 3 deletions(-) create mode 100644 nixos/iso-graphical.nix diff --git a/flake.nix b/flake.nix index 3bf7aa79..0e0688ce 100644 --- a/flake.nix +++ b/flake.nix @@ -114,6 +114,12 @@ modules = [ (import ./nixos/iso.nix) ]; }; + iso-graphical = nixos-generators.nixosGenerate { + inherit system pkgs; + format = "iso"; + modules = [ (import ./nixos/iso-graphical.nix) ]; + }; + proxmox-lxc = nixos-generators.nixosGenerate { inherit system pkgs; format = "proxmox-lxc"; diff --git a/nixos/hosts/thalassa/default.nix b/nixos/hosts/thalassa/default.nix index 54f43a97..51073333 100644 --- a/nixos/hosts/thalassa/default.nix +++ b/nixos/hosts/thalassa/default.nix @@ -3,4 +3,8 @@ hostname = "null"; type = "local"; } + # { + # hostname = "aoife"; + # type = "local"; + # } ] diff --git a/nixos/iso-graphical.nix b/nixos/iso-graphical.nix new file mode 100644 index 00000000..c73a7748 --- /dev/null +++ b/nixos/iso-graphical.nix @@ -0,0 +1,15 @@ +{ pkgs, modulesPath, lib, config, ... }: { + imports = [ + "${modulesPath}/installer/cd-dvd/installation-cd-graphical-calamares-gnome.nix" + ]; + + # use the latest Linux kernel + boot.kernelPackages = pkgs.linuxPackages_latest; + + environment.systemPackages = with pkgs; [ + git + ]; + + # Needed for https://github.com/NixOS/nixpkgs/issues/58959 + boot.supportedFilesystems = lib.mkForce [ "btrfs" "ext4" ]; +} diff --git a/nixos/pkgs/gitea-agatheme/default.nix b/nixos/pkgs/gitea-agatheme/default.nix index 23bdcdc3..2a87ad71 100644 --- a/nixos/pkgs/gitea-agatheme/default.nix +++ b/nixos/pkgs/gitea-agatheme/default.nix @@ -1,10 +1,10 @@ { lib, stdenvNoCC, fetchurl }: stdenvNoCC.mkDerivation { pname = "gitea-agatheme"; - version = "1.1"; + version = "1.2"; src = fetchurl { - url = "https://git.lain.faith/attachments/4c2c2237-1e67-458e-8acd-92a20d382777"; - sha256 = "sha256-uwtg6BAR5J28Ls3naQkJg7xBEfZPXVS5INH+bsVn4Uk="; + url = "https://git.lain.faith/attachments/290e2304-92a3-4991-8703-fbbf52f31340"; + sha256 = "424f4e232c7d759485cdf1bcde9edde50f2992cf6bde61c21f71eae03a905543"; }; phases = [ "installPhase" ]; -- 2.47.1 From b268b571b7128d3d2eb4b7c4a9b380cd942a2f72 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 29 Nov 2022 09:38:28 +0100 Subject: [PATCH 0571/1882] add initial aoife config --- nixos/hosts/thalassa/aoife/configuration.nix | 132 ++++++++++++++++++ .../thalassa/aoife/hardware-configuration.nix | 42 ++++++ nixos/hosts/thalassa/default.nix | 8 +- 3 files changed, 178 insertions(+), 4 deletions(-) create mode 100644 nixos/hosts/thalassa/aoife/configuration.nix create mode 100644 nixos/hosts/thalassa/aoife/hardware-configuration.nix diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix new file mode 100644 index 00000000..8e74847d --- /dev/null +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -0,0 +1,132 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + + # Bootloader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.loader.efi.efiSysMountPoint = "/boot/efi"; + + boot.kernelPackages = pkgs.linuxPackages_latest; + + networking.hostName = "nixos"; # Define your hostname. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Enable networking + networking.networkmanager.enable = true; + + # Set your time zone. + time.timeZone = "Europe/Amsterdam"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_GB.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "nl_NL.UTF-8"; + LC_IDENTIFICATION = "nl_NL.UTF-8"; + LC_MEASUREMENT = "nl_NL.UTF-8"; + LC_MONETARY = "nl_NL.UTF-8"; + LC_NAME = "nl_NL.UTF-8"; + LC_NUMERIC = "nl_NL.UTF-8"; + LC_PAPER = "nl_NL.UTF-8"; + LC_TELEPHONE = "nl_NL.UTF-8"; + LC_TIME = "nl_NL.UTF-8"; + }; + + # Enable the X11 windowing system. + services.xserver.enable = true; + + # Enable the GNOME Desktop Environment. + services.xserver.displayManager.gdm.enable = true; + services.xserver.desktopManager.gnome.enable = true; + + # Configure keymap in X11 + services.xserver = { + layout = "us"; + xkbVariant = "altgr-intl"; + }; + + # Enable CUPS to print documents. + services.printing.enable = true; + + # Enable sound with pipewire. + sound.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.victor = { + isNormalUser = true; + description = "victor"; + extraGroups = [ "networkmanager" "wheel" ]; + packages = with pkgs; [ + firefox + # thunderbird + ]; + }; + + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + # services.openssh.enable = true; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? + +} diff --git a/nixos/hosts/thalassa/aoife/hardware-configuration.nix b/nixos/hosts/thalassa/aoife/hardware-configuration.nix new file mode 100644 index 00000000..a44fdb2e --- /dev/null +++ b/nixos/hosts/thalassa/aoife/hardware-configuration.nix @@ -0,0 +1,42 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" "sdhci_pci" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/c184866a-9a53-4a9f-9a1f-493792af7ea9"; + fsType = "btrfs"; + options = [ "subvol=@" ]; + }; + + fileSystems."/boot/efi" = + { device = "/dev/disk/by-uuid/5BB8-7503"; + fsType = "vfat"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/bedb5b75-578e-441f-a9eb-2ecff1f4cfca"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + # high-resolution display + hardware.video.hidpi.enable = lib.mkDefault true; +} diff --git a/nixos/hosts/thalassa/default.nix b/nixos/hosts/thalassa/default.nix index 51073333..d477aa2b 100644 --- a/nixos/hosts/thalassa/default.nix +++ b/nixos/hosts/thalassa/default.nix @@ -3,8 +3,8 @@ hostname = "null"; type = "local"; } - # { - # hostname = "aoife"; - # type = "local"; - # } + { + hostname = "aoife"; + type = "local"; + } ] -- 2.47.1 From a2146b2f3f0fc9d35aa24e607568c5fa0c300ab1 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 29 Nov 2022 09:38:43 +0100 Subject: [PATCH 0572/1882] add aoife key --- nixos/common/users/victor.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/nixos/common/users/victor.nix b/nixos/common/users/victor.nix index d88f106b..2fd9a80e 100644 --- a/nixos/common/users/victor.nix +++ b/nixos/common/users/victor.nix @@ -13,10 +13,11 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8llUcEBHsLqotFZc++LNP2fjItuuzeUsu5ObXecYNj victor@eevee" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBhJAp7NWlHgwDYd2z6VNROy5RkeZHRINFLsFvwT4b3 victor@bastion" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMMbdjysLnmwJD5Fs/SjBPstdIQNUxy8zFHP0GlhHMJB victor@bastion" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIfooZjMWXvXZu1ReOEACDZ0TMb2WJRBSOLlWE8y6fUh victor@aoife" "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIM3TqXaApX2JZsgfZd7PKVFMecDgqTHKibpSzgdXNpYAAAAABHNzaDo= solov2-le" ]; # Make me admin extraGroups = [ "systemd-journal" "wheel" "networkmanager" ]; }; -} \ No newline at end of file +} -- 2.47.1 From f97de218bfcf8c6cfa1303e88c36f9828aa639c5 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 29 Nov 2022 09:48:23 +0100 Subject: [PATCH 0573/1882] add nixos-hardware --- flake.lock | 17 +++++++++++++++++ flake.nix | 5 ++++- nixos/hosts/thalassa/aoife/configuration.nix | 10 ++-------- 3 files changed, 23 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 14596479..4bed1583 100644 --- a/flake.lock +++ b/flake.lock @@ -628,6 +628,22 @@ "type": "github" } }, + "nixos-hardware": { + "locked": { + "lastModified": 1669650994, + "narHash": "sha256-uwASLUfedIQ5q01TtMwZDEV2HCZr5nVPZjzVgCG+D5I=", + "owner": "NixOS", + "repo": "nixos-hardware", + "rev": "7883883d135ce5b7eae5dce4bfa12262b85c1c46", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "master", + "repo": "nixos-hardware", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1668765800, @@ -847,6 +863,7 @@ "mailserver": "mailserver", "minecraft-servers": "minecraft-servers", "nixos-generators": "nixos-generators", + "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_2", "nixvim": "nixvim", "riff": "riff", diff --git a/flake.nix b/flake.nix index 0e0688ce..5510b6ec 100644 --- a/flake.nix +++ b/flake.nix @@ -42,10 +42,13 @@ url = "github:nix-community/nixos-generators"; inputs.nixpkgs.follows = "nixpkgs"; }; + + nixos-hardware.url = "github:NixOS/nixos-hardware/master"; + nixos-hardware.inputs.nixpkgs.follows = "nixpkgs"; }; outputs = { self, nixpkgs, vault-secrets, minecraft-servers, colmena - , home-manager, hyprpaper, hyprland, nixos-generators, ... }@inputs: + , home-manager, hyprpaper, hyprland, nixos-generators, nixos-hardware, ... }@inputs: let inherit (nixpkgs) lib; inherit (builtins) mapAttrs; diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index 8e74847d..fc5a513e 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -2,12 +2,13 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: +{ config, pkgs, inputs, ... }: { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix + inputs.nixos-hardware.nixosModules.lenovo-thinkpad-z ]; # Bootloader. @@ -17,13 +18,6 @@ boot.kernelPackages = pkgs.linuxPackages_latest; - networking.hostName = "nixos"; # Define your hostname. - # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. - - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - # Enable networking networking.networkmanager.enable = true; -- 2.47.1 From 9a6998875d48e1f002813b99f2e2bf2c84da0c1a Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 29 Nov 2022 10:17:10 +0100 Subject: [PATCH 0574/1882] aoife home manager --- flake.nix | 1 - nixos/hosts/thalassa/aoife/configuration.nix | 42 ++---- nixos/hosts/thalassa/aoife/home/default.nix | 135 +++++++++++++++++++ 3 files changed, 144 insertions(+), 34 deletions(-) create mode 100644 nixos/hosts/thalassa/aoife/home/default.nix diff --git a/flake.nix b/flake.nix index 5510b6ec..37254b7b 100644 --- a/flake.nix +++ b/flake.nix @@ -44,7 +44,6 @@ }; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; - nixos-hardware.inputs.nixpkgs.follows = "nixpkgs"; }; outputs = { self, nixpkgs, vault-secrets, minecraft-servers, colmena diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index fc5a513e..0537796a 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -45,6 +45,7 @@ # Enable the GNOME Desktop Environment. services.xserver.displayManager.gdm.enable = true; services.xserver.desktopManager.gnome.enable = true; + programs.dconf.enable = true; # Configure keymap in X11 services.xserver = { @@ -72,47 +73,22 @@ #media-session.enable = true; }; - # Enable touchpad support (enabled default in most desktopManager). - # services.xserver.libinput.enable = true; - # Define a user account. Don't forget to set a password with ‘passwd’. users.users.victor = { isNormalUser = true; - description = "victor"; extraGroups = [ "networkmanager" "wheel" ]; - packages = with pkgs; [ - firefox - # thunderbird - ]; + }; + + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + users.victor = import ./home; + extraSpecialArgs = { inherit inputs; }; }; # Allow unfree packages nixpkgs.config.allowUnfree = true; - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget - ]; - - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; - - # List services that you want to enable: - - # Enable the OpenSSH daemon. - # services.openssh.enable = true; - - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. # networking.firewall.enable = false; # This value determines the NixOS release from which the default @@ -121,6 +97,6 @@ # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "22.11"; # Did you read the comment? + system.stateVersion = "23.05"; # Did you read the comment? } diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix new file mode 100644 index 00000000..c16b0f0f --- /dev/null +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -0,0 +1,135 @@ +{ lib, config, pkgs, inputs, ... }: +let + tex = (pkgs.texlive.combine { + inherit (pkgs.texlive) scheme-full; + dnd-5e-latex-template = { pkgs = [ pkgs.v.dnd-5e-latex-template ]; }; + }); +in +{ + programs.home-manager.enable = true; + + home.username = "victor"; + home.homeDirectory = "/home/victor"; + home.stateVersion = "23.05"; + + home.packages = with pkgs; [ + btop + calibre + element-desktop-wayland + fusee-launcher + gcc + gimp + inputs.comma.packages.${pkgs.system}.default + inputs.riff.packages.${pkgs.system}.riff + inputs.webcord.packages.${pkgs.system}.default + mullvad-vpn + neofetch + nixfmt + nixpkgs-review + python3 + rustup + solo2-cli + tex + ]; + + programs.exa = { + enable = true; + enableAliases = true; + }; + + programs.bat.enable = true; + + programs.git = { + enable = true; + package = pkgs.gitAndTools.gitFull; + userName = "Victor"; + userEmail = "victor@xirion.net"; + lfs.enable = true; + delta.enable = true; + extraConfig = { + push.autoSetupRemote = true; + init.defaultBranch = "main"; + }; + }; + + programs.tmux = { + enable = true; + shortcut = "b"; + terminal = "screen-256color"; + clock24 = true; + }; + + programs.firefox = { + enable = true; + }; + + programs.vscode = { + enable = true; + package = pkgs.vscode; + userSettings = { + "ltex.language" = "en-GB"; + "latex-workshop" = { + "linting.chktex.enabled" = true; + "latex.clean.subfolder.enabled" = true; + "latex.outDir" = "%TMPDIR%/%RELATIVE_DOC%"; + }; + # "workbench.colorTheme" = "Catppuccin Frappé"; + "editor.fontFamily" = + "'DejaVuSansMono Nerd Font', 'monospace', monospace"; + "keyboard.dispatch" = "keyCode"; + "rust-analyzer.server.path" = "${pkgs.rust-analyzer}/bin/rust-analyzer"; + "terminal.integrated.defaultProfile.linux" = "zsh"; + "nix.enableLanguageServer" = true; # Enable LSP. + "nix.serverPath" = + "${pkgs.nil}/bin/nil"; # The path to the LSP server executable. + "[nix]" = { "editor.defaultFormatter" = "brettm12345.nixfmt-vscode"; }; + }; + extensions = with pkgs.vscode-extensions; + with pkgs.v.vscode-extensions; [ + brettm12345.nixfmt-vscode + # catppuccin.catppuccin-vsc + codezombiech.gitignore + editorconfig.editorconfig + foxundermoon.shell-format + james-yu.latex-workshop + jnoortheen.nix-ide + matklad.rust-analyzer + mkhl.direnv + ms-vscode-remote.remote-ssh + ms-vscode.cpptools + platformio.platformio-ide + redhat.vscode-yaml + tamasfe.even-better-toml + valentjn.vscode-ltex + vscodevim.vim + xaver.clang-format + ]; + }; + + programs.direnv = { + enable = true; + nix-direnv.enable = true; + }; + + programs.zsh = { + enable = true; + sessionVariables = { DIRENV_LOG_FORMAT = ""; }; + }; + + # xdg.userDirs = + # let home = config.home.homeDirectory; + # in { + # enable = true; + # createDirectories = true; + # desktop = "${home}/.desktop"; + # documents = "${home}/cloud/Documents"; + # download = "${home}/dl"; + # music = "${home}/cloud/Music"; + # pictures = "${home}/cloud/Pictures"; + # publicShare = "${home}/.publicShare"; + # templates = "${home}/.templates"; + # videos = "${home}/cloud/Videos"; + # }; + + services.syncthing.enable = true; +} -- 2.47.1 From a258c77730e016b78aeb3ae21e3b1326d138b1f6 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 29 Nov 2022 11:39:41 +0100 Subject: [PATCH 0575/1882] more aoife config --- nixos/hosts/thalassa/aoife/configuration.nix | 60 +++++++++++++++----- 1 file changed, 45 insertions(+), 15 deletions(-) diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index 0537796a..2375e15d 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -6,15 +6,25 @@ { imports = - [ # Include the results of the hardware scan. + [ + # Include the results of the hardware scan. ./hardware-configuration.nix inputs.nixos-hardware.nixosModules.lenovo-thinkpad-z ]; # Bootloader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - boot.loader.efi.efiSysMountPoint = "/boot/efi"; + boot = { + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + efi.efiSysMountPoint = "/boot/efi"; + }; + kernel = { + sysctl = { "fs.inotify.max_user_watches" = 524288; }; + }; + }; + + fileSystems."/".options = [ "compress=zstd" ]; boot.kernelPackages = pkgs.linuxPackages_latest; @@ -45,12 +55,17 @@ # Enable the GNOME Desktop Environment. services.xserver.displayManager.gdm.enable = true; services.xserver.desktopManager.gnome.enable = true; + programs.dconf.enable = true; + services.udisks2.enable = true; + services.dbus.enable = true; + services.fstrim.enable = true; # Configure keymap in X11 services.xserver = { layout = "us"; xkbVariant = "altgr-intl"; + xkbOptions = "caps:swapescape"; }; # Enable CUPS to print documents. @@ -86,17 +101,32 @@ extraSpecialArgs = { inherit inputs; }; }; - # Allow unfree packages - nixpkgs.config.allowUnfree = true; + virtualisation.podman.enable = true; - # networking.firewall.enable = false; + fonts = { + fonts = with pkgs; [ + material-design-icons + noto-fonts + noto-fonts-cjk + noto-fonts-emoji + dejavu_fonts + (nerdfonts.override { + fonts = + [ "DejaVuSansMono" "Ubuntu" "DroidSansMono" "NerdFontsSymbolsOnly" ]; + }) + ]; - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "23.05"; # Did you read the comment? + # Allow unfree packages + nixpkgs.config.allowUnfree = true; -} + # networking.firewall.enable = false; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.05"; # Did you read the comment? + + } -- 2.47.1 From eb4a55ac766f7e3ff3b60c847ef253130f709cba Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 29 Nov 2022 11:49:37 +0100 Subject: [PATCH 0576/1882] minor aoife config --- nixos/hosts/thalassa/aoife/configuration.nix | 24 +++++++++----------- nixos/hosts/thalassa/aoife/home/default.nix | 20 ++++++++++++---- 2 files changed, 26 insertions(+), 18 deletions(-) diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index 2375e15d..cb4e538b 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -2,15 +2,12 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, inputs, ... }: - -{ - imports = - [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - inputs.nixos-hardware.nixosModules.lenovo-thinkpad-z - ]; +{ config, pkgs, inputs, ... }: { + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + inputs.nixos-hardware.nixosModules.lenovo-thinkpad-z + ]; # Bootloader. boot = { @@ -19,9 +16,7 @@ efi.canTouchEfiVariables = true; efi.efiSysMountPoint = "/boot/efi"; }; - kernel = { - sysctl = { "fs.inotify.max_user_watches" = 524288; }; - }; + kernel = { sysctl = { "fs.inotify.max_user_watches" = 524288; }; }; }; fileSystems."/".options = [ "compress=zstd" ]; @@ -88,6 +83,8 @@ #media-session.enable = true; }; + environment.systemPackages = with pkgs; [ gnome3.gnome-tweaks ]; + # Define a user account. Don't forget to set a password with ‘passwd’. users.users.victor = { isNormalUser = true; @@ -129,4 +126,5 @@ # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.05"; # Did you read the comment? - } + }; +} diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index c16b0f0f..4682ea1f 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -4,14 +4,26 @@ let inherit (pkgs.texlive) scheme-full; dnd-5e-latex-template = { pkgs = [ pkgs.v.dnd-5e-latex-template ]; }; }); -in -{ +in { programs.home-manager.enable = true; home.username = "victor"; home.homeDirectory = "/home/victor"; home.stateVersion = "23.05"; + # # make sure applications show up in Gnome + # home.activation = { + # linkDesktopApplications = { + # after = [ "writeBoundary" "createXdgUserDirectories" ]; + # before = [ ]; + # data = '' + # rm -rf ${config.xdg.dataHome}/"applications/home-manager" + # mkdir -p ${config.xdg.dataHome}/"applications/home-manager" + # cp -Lr /etc/profiles/per-user/${config.home.username}/share/applications/* ${config.xdg.dataHome}/"applications/home-manager/" + # ''; + # }; + # }; + home.packages = with pkgs; [ btop calibre @@ -59,9 +71,7 @@ in clock24 = true; }; - programs.firefox = { - enable = true; - }; + programs.firefox = { enable = true; }; programs.vscode = { enable = true; -- 2.47.1 From 669b18acd2573683faf59802ace03b22e46a0044 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 29 Nov 2022 12:58:52 +0100 Subject: [PATCH 0577/1882] aoife add dconf --- nixos/hosts/thalassa/aoife/home/dconf.nix | 62 +++++++++++++++++++++ nixos/hosts/thalassa/aoife/home/default.nix | 15 +---- 2 files changed, 65 insertions(+), 12 deletions(-) create mode 100644 nixos/hosts/thalassa/aoife/home/dconf.nix diff --git a/nixos/hosts/thalassa/aoife/home/dconf.nix b/nixos/hosts/thalassa/aoife/home/dconf.nix new file mode 100644 index 00000000..13d2c1ba --- /dev/null +++ b/nixos/hosts/thalassa/aoife/home/dconf.nix @@ -0,0 +1,62 @@ +# Generated via dconf2nix: https://github.com/gvolpe/dconf2nix +{ lib, ... }: + +with lib.hm.gvariant; + +{ + dconf.settings = { + "org/gnome/desktop/input-sources" = { + sources = [ (mkTuple [ "xkb" "us+altgr-intl" ]) ]; + xkb-options = [ "terminate:ctrl_alt_bksp" "caps:swapescape" ]; + }; + + "org/gnome/desktop/peripherals/touchpad" = { + tap-to-click = true; + two-finger-scrolling-enabled = true; + }; + + "org/gnome/mutter" = { + attach-modal-dialogs = true; + dynamic-workspaces = true; + edge-tiling = true; + focus-change-on-pointer-rest = true; + workspaces-only-on-primary = true; + }; + + "org/gnome/mutter/keybindings" = { + "toggle-tiled-left" = [ "bracketleft" ]; + "toggle-tiled-right" = [ "bracketright" ]; + }; + + "org/gnome/desktop/wm/keybindings" = { + raise-or-lower = [ "s" ]; + switch-applications = [ "Tab" ]; + switch-applications-backward = [ "Tab" ]; + move-to-workspace-1 = [ "exclam" ]; + move-to-workspace-2 = [ "at" ]; + move-to-workspace-3 = [ "numbersign" ]; + move-to-workspace-4 = [ "dollar" ]; + switch-to-workspace-1 = [ "1" ]; + switch-to-workspace-2 = [ "2" ]; + switch-to-workspace-3 = [ "3" ]; + switch-to-workspace-4 = [ "4" ]; + toggle-fullscreen = [ "f" ]; + toggle-maximized = [ "m" ]; + }; + + "org/gnome/settings-daemon/plugins/media-keys" = { + custom-keybindings = [ + "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/" + ]; + }; + + "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = + { + binding = "Return"; + command = "kgx"; + name = "Open Terminal"; + }; + + "org/gnome/tweaks" = { show-extensions-notice = false; }; + }; +} diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index 4682ea1f..20d60ecd 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -11,18 +11,9 @@ in { home.homeDirectory = "/home/victor"; home.stateVersion = "23.05"; - # # make sure applications show up in Gnome - # home.activation = { - # linkDesktopApplications = { - # after = [ "writeBoundary" "createXdgUserDirectories" ]; - # before = [ ]; - # data = '' - # rm -rf ${config.xdg.dataHome}/"applications/home-manager" - # mkdir -p ${config.xdg.dataHome}/"applications/home-manager" - # cp -Lr /etc/profiles/per-user/${config.home.username}/share/applications/* ${config.xdg.dataHome}/"applications/home-manager/" - # ''; - # }; - # }; + imports = [ + ./dconf.nix + ]; home.packages = with pkgs; [ btop -- 2.47.1 From 2dd3d2f5ab00be66592e881c576d913b5c9ec041 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 29 Nov 2022 13:10:17 +0100 Subject: [PATCH 0578/1882] minor fix --- nixos/hosts/thalassa/aoife/configuration.nix | 44 ++++++++++---------- 1 file changed, 21 insertions(+), 23 deletions(-) diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index cb4e538b..dd36afb0 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -100,31 +100,29 @@ virtualisation.podman.enable = true; - fonts = { - fonts = with pkgs; [ - material-design-icons - noto-fonts - noto-fonts-cjk - noto-fonts-emoji - dejavu_fonts - (nerdfonts.override { - fonts = - [ "DejaVuSansMono" "Ubuntu" "DroidSansMono" "NerdFontsSymbolsOnly" ]; - }) - ]; + fonts.fonts = with pkgs; [ + material-design-icons + noto-fonts + noto-fonts-cjk + noto-fonts-emoji + dejavu_fonts + (nerdfonts.override { + fonts = + [ "DejaVuSansMono" "Ubuntu" "DroidSansMono" "NerdFontsSymbolsOnly" ]; + }) + ]; - # Allow unfree packages - nixpkgs.config.allowUnfree = true; + # Allow unfree packages + nixpkgs.config.allowUnfree = true; - # networking.firewall.enable = false; + # networking.firewall.enable = false; - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "23.05"; # Did you read the comment? + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.05"; # Did you read the comment? - }; } -- 2.47.1 From 34674dac68d23c194be94f44f343cf8d79f66627 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 1 Dec 2022 09:09:08 +0100 Subject: [PATCH 0579/1882] updates --- flake.lock | 60 ++++++++++---------- nixos/hosts/thalassa/aoife/configuration.nix | 6 +- nixos/hosts/thalassa/aoife/home/dconf.nix | 4 +- nixos/hosts/thalassa/aoife/home/default.nix | 5 +- nixos/hosts/thalassa/aoife/home/theme.nix | 33 +++++++++++ 5 files changed, 72 insertions(+), 36 deletions(-) create mode 100644 nixos/hosts/thalassa/aoife/home/theme.nix diff --git a/flake.lock b/flake.lock index 4bed1583..68e365de 100644 --- a/flake.lock +++ b/flake.lock @@ -34,11 +34,11 @@ "utils": "utils_5" }, "locked": { - "lastModified": 1667262410, - "narHash": "sha256-yqqvPvazG/Ci3WpIfPb+o+i2cNuyAYYY19lwJGCmUao=", + "lastModified": 1669854260, + "narHash": "sha256-Z8NAL3g4i5LAhxveNGJhrVDHxIBbUf1lVIy/Thr2RMU=", "owner": "lovesegfault", "repo": "beautysh", - "rev": "a1fdaff999db2dfc5032914630f5052360f4b432", + "rev": "d616eb8d9d05ee4fb33de9c5521d99c3f0695d52", "type": "github" }, "original": { @@ -97,11 +97,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1669048207, - "narHash": "sha256-sCgM5+Dwz7qU8iBscP24JPvahyf01wQL0MPPz5n8amk=", + "lastModified": 1669471061, + "narHash": "sha256-7FdhCbyPB0ajZP/piWjyhd4bwHc9TZifY8htOjsmxt8=", "owner": "nix-community", "repo": "comma", - "rev": "959a31aaec134d75802a47271a8df09563098fa2", + "rev": "48b723b201e94958a29a35e4f64bb4391fe73464", "type": "github" }, "original": { @@ -378,11 +378,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1669328018, - "narHash": "sha256-aJRMobnNDEXKwoSZFS4hGjGU1WDNxkQ82BVKAEohOfY=", + "lastModified": 1669825171, + "narHash": "sha256-HxlZHSiRGXnWAFbIJMeujqBe2KgACYx5XDRY0EA9P+4=", "owner": "nix-community", "repo": "home-manager", - "rev": "62cb5bcf93896e4dd6b4507dac7ba2e2e3abc9d7", + "rev": "478610aa37c8339eacabfa03f07dacf5574edd47", "type": "github" }, "original": { @@ -397,11 +397,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1669376092, - "narHash": "sha256-COBsAjliwMbzzTulrUKAOLQwdhN3D2kc0VSsfBVPZ1E=", + "lastModified": 1669848587, + "narHash": "sha256-N1tQXZmmzVXxCAgWBIWmWOgcViMvN5dPMkS58eoSF9c=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "0e6e8461eb0139c2ecd4c66d7995cefe2a7f5195", + "rev": "b8ccf3dc3a03352bccae4cd01dcdd5bc3438c49f", "type": "github" }, "original": { @@ -417,11 +417,11 @@ ] }, "locked": { - "lastModified": 1668803733, - "narHash": "sha256-/zD2vsOlCE/7Qf4iDhRrJbK65SqCpF8qeBJUC7Go/wg=", + "lastModified": 1669635788, + "narHash": "sha256-xlJ4hbUm3KULq4daqopi+eAv1u57uLlTare04HL3X/c=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "e5d64c0be9662ab4b46b95d2e9af0a9f1fba4131", + "rev": "ab85578dce442b80aa3378fe0304e6cb6f16f593", "type": "github" }, "original": { @@ -471,11 +471,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1658267644, - "narHash": "sha256-NJRe1rnlF112eZwxNASlRL8/ghwD8g+lpHIYRkWQxC8=", + "lastModified": 1669807829, + "narHash": "sha256-rgQ8MYV1UD4Ynw0wzfl9hatgsV5GV7X6eM6ioSPKzls=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "004c229ca44c069d93c92abf67ff1619fb508c6a", + "rev": "694e7d34f60028f4877517e1c7c73c9527fad400", "type": "gitlab" }, "original": { @@ -492,11 +492,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1669339063, - "narHash": "sha256-/NTh/VV7ypL9pDSKrog8PD17Q5PkCzEINwiZwCWwYso=", + "lastModified": 1669857900, + "narHash": "sha256-iR2lzvMURAKq1+h7OORDedL4EKzdWdMTg/VGqZR+sh0=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "2ad0daaf4dee0649e4cc570689094cbdb298a009", + "rev": "3d0c09b4c244674a18fe44063713589599278d18", "type": "github" }, "original": { @@ -677,11 +677,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1669052418, - "narHash": "sha256-M1I4BKXBQm2gey1tScemEh5TpHHE3gKptL7BpWUvL8s=", + "lastModified": 1669542132, + "narHash": "sha256-DRlg++NJAwPh8io3ExBJdNW7Djs3plVI5jgYQ+iXAZQ=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "20fc948445a6c22d4e8d5178e9a6bc6e1f5417c8", + "rev": "a115bb9bd56831941be3776c8a94005867f316a7", "type": "github" }, "original": { @@ -731,11 +731,11 @@ "nmdSrc": "nmdSrc" }, "locked": { - "lastModified": 1668602255, - "narHash": "sha256-65Zv8tSMKXVdOhoXOxYBlO3jGvGpUlU4BwqAfcrJLYs=", + "lastModified": 1669827864, + "narHash": "sha256-mEHr0zkeeYv3phz09BjiM6G5iWBg9DtIrZV6BQZrPic=", "owner": "pta2002", "repo": "nixvim", - "rev": "a601a75d0cae8229f1416506bd172e4e4aef3ce7", + "rev": "bc045bd50a0bbb6d5b08965e9c7e375652975c8d", "type": "github" }, "original": { @@ -986,11 +986,11 @@ }, "utils_5": { "locked": { - "lastModified": 1667077288, - "narHash": "sha256-bdC8sFNDpT0HK74u9fUkpbf1MEzVYJ+ka7NXCdgBoaA=", + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", "owner": "numtide", "repo": "flake-utils", - "rev": "6ee9ebb6b1ee695d2cacc4faa053a7b9baa76817", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index dd36afb0..65d2faf7 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -50,6 +50,7 @@ # Enable the GNOME Desktop Environment. services.xserver.displayManager.gdm.enable = true; services.xserver.desktopManager.gnome.enable = true; + services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; programs.dconf.enable = true; services.udisks2.enable = true; @@ -83,7 +84,10 @@ #media-session.enable = true; }; - environment.systemPackages = with pkgs; [ gnome3.gnome-tweaks ]; + environment.systemPackages = with pkgs; [ + gnome3.gnome-tweaks + wireguard-tools + ]; # Define a user account. Don't forget to set a password with ‘passwd’. users.users.victor = { diff --git a/nixos/hosts/thalassa/aoife/home/dconf.nix b/nixos/hosts/thalassa/aoife/home/dconf.nix index 13d2c1ba..49222e77 100644 --- a/nixos/hosts/thalassa/aoife/home/dconf.nix +++ b/nixos/hosts/thalassa/aoife/home/dconf.nix @@ -24,8 +24,8 @@ with lib.hm.gvariant; }; "org/gnome/mutter/keybindings" = { - "toggle-tiled-left" = [ "bracketleft" ]; - "toggle-tiled-right" = [ "bracketright" ]; + toggle-tiled-left = [ "bracketleft" ]; + toggle-tiled-right = [ "bracketright" ]; }; "org/gnome/desktop/wm/keybindings" = { diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index 20d60ecd..602f3272 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -13,12 +13,13 @@ in { imports = [ ./dconf.nix + ./theme.nix ]; home.packages = with pkgs; [ btop calibre - element-desktop-wayland + element-desktop fusee-launcher gcc gimp @@ -74,7 +75,6 @@ in { "latex.clean.subfolder.enabled" = true; "latex.outDir" = "%TMPDIR%/%RELATIVE_DOC%"; }; - # "workbench.colorTheme" = "Catppuccin Frappé"; "editor.fontFamily" = "'DejaVuSansMono Nerd Font', 'monospace', monospace"; "keyboard.dispatch" = "keyCode"; @@ -88,7 +88,6 @@ in { extensions = with pkgs.vscode-extensions; with pkgs.v.vscode-extensions; [ brettm12345.nixfmt-vscode - # catppuccin.catppuccin-vsc codezombiech.gitignore editorconfig.editorconfig foxundermoon.shell-format diff --git a/nixos/hosts/thalassa/aoife/home/theme.nix b/nixos/hosts/thalassa/aoife/home/theme.nix new file mode 100644 index 00000000..ca504e5a --- /dev/null +++ b/nixos/hosts/thalassa/aoife/home/theme.nix @@ -0,0 +1,33 @@ +{ lib, pkgs, config, ... }: +let + theme = "Catppuccin-Pink-Dark"; + cursorTheme = config.home.pointerCursor.name; +in { + home.pointerCursor = { + name = "Catppuccin-Frappe-Pink-Cursors"; + size = 32; + package = pkgs.catppuccin-cursors.frappePink; + }; + + gtk = { + enable = true; + theme = { + name = theme; + package = pkgs.catppuccin-gtk; + }; + iconTheme = { + name = "Papirus-Dark"; + package = pkgs.papirus-icon-theme.override { color = "violet"; }; + }; + cursorTheme = { + name = cursorTheme; + package = config.home.pointerCursor.package; + size = config.home.pointerCursor.size; + }; + }; + + programs.vscode = { + userSettings."workbench.colorTheme" = "Catppuccin Frappé"; + extensions = [ pkgs.vscode-extensions.catppuccin.catppuccin-vsc ]; + }; +} -- 2.47.1 From de0a83b4f5845a0faeb19fcc3909f66b083effe3 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 1 Dec 2022 13:50:37 +0100 Subject: [PATCH 0580/1882] minor aoife updates --- nixos/hosts/thalassa/aoife/home/default.nix | 34 ++++++++++----------- 1 file changed, 16 insertions(+), 18 deletions(-) diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index 602f3272..7016713d 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -11,10 +11,7 @@ in { home.homeDirectory = "/home/victor"; home.stateVersion = "23.05"; - imports = [ - ./dconf.nix - ./theme.nix - ]; + imports = [ ./dconf.nix ./theme.nix ]; home.packages = with pkgs; [ btop @@ -26,6 +23,8 @@ in { inputs.comma.packages.${pkgs.system}.default inputs.riff.packages.${pkgs.system}.riff inputs.webcord.packages.${pkgs.system}.default + jetbrains.clion + jetbrains.idea-ultimate mullvad-vpn neofetch nixfmt @@ -116,20 +115,19 @@ in { sessionVariables = { DIRENV_LOG_FORMAT = ""; }; }; - # xdg.userDirs = - # let home = config.home.homeDirectory; - # in { - # enable = true; - # createDirectories = true; - # desktop = "${home}/.desktop"; - # documents = "${home}/cloud/Documents"; - # download = "${home}/dl"; - # music = "${home}/cloud/Music"; - # pictures = "${home}/cloud/Pictures"; - # publicShare = "${home}/.publicShare"; - # templates = "${home}/.templates"; - # videos = "${home}/cloud/Videos"; - # }; + xdg.userDirs = let home = config.home.homeDirectory; + in { + enable = true; + createDirectories = true; + desktop = "${home}/.desktop"; + documents = "${home}/cloud/Documents"; + download = "${home}/dl"; + music = "${home}/cloud/Music"; + pictures = "${home}/cloud/Pictures"; + publicShare = "${home}/.publicShare"; + templates = "${home}/.templates"; + videos = "${home}/cloud/Videos"; + }; services.syncthing.enable = true; } -- 2.47.1 From dae1a5da92e094472358d87f3ef00a1880651bc2 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 1 Dec 2022 17:51:25 +0100 Subject: [PATCH 0581/1882] flake update --- flake.lock | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/flake.lock b/flake.lock index 68e365de..5c857829 100644 --- a/flake.lock +++ b/flake.lock @@ -74,11 +74,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1668384235, - "narHash": "sha256-bt2drRd1v+efic9MLnO3KI2x96g+J4TxhKiQQKqvyik=", + "lastModified": 1669885076, + "narHash": "sha256-ipOEkJbly4VA5ZFLRI7wczc6ebZqLacJ2iXnl5IQR34=", "owner": "zhaofengli", "repo": "colmena", - "rev": "fff97f729086b4fc463e30d33d3350bcfa2838bb", + "rev": "d597bdf4b3edcf4b4743fbe00bad47c860af64a5", "type": "github" }, "original": { @@ -397,11 +397,11 @@ "wlroots": "wlroots" }, "locked": { - "lastModified": 1669848587, - "narHash": "sha256-N1tQXZmmzVXxCAgWBIWmWOgcViMvN5dPMkS58eoSF9c=", + "lastModified": 1669902005, + "narHash": "sha256-fSndLtXyHvzP0xG1t+wVNLMnuQaZKmEogXx0CHdf81E=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "b8ccf3dc3a03352bccae4cd01dcdd5bc3438c49f", + "rev": "39a4f82460effec877d14a8efac7952f543323be", "type": "github" }, "original": { @@ -677,11 +677,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1669542132, - "narHash": "sha256-DRlg++NJAwPh8io3ExBJdNW7Djs3plVI5jgYQ+iXAZQ=", + "lastModified": 1669791787, + "narHash": "sha256-KBfoA2fOI5+wCrm7PR+j7jHqXeTkVRPQ0m5fcKchyuU=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "a115bb9bd56831941be3776c8a94005867f316a7", + "rev": "e76c78d20685a043d23f5f9e0ccd2203997f1fb1", "type": "github" }, "original": { @@ -731,11 +731,11 @@ "nmdSrc": "nmdSrc" }, "locked": { - "lastModified": 1669827864, - "narHash": "sha256-mEHr0zkeeYv3phz09BjiM6G5iWBg9DtIrZV6BQZrPic=", + "lastModified": 1669907754, + "narHash": "sha256-mKpEOsBfYSxM8N4Q1V+/HBf7s6PfiDrHrT7cTqhyFdA=", "owner": "pta2002", "repo": "nixvim", - "rev": "bc045bd50a0bbb6d5b08965e9c7e375652975c8d", + "rev": "27bf782ed8794daa99a4f63334d8cb678808694d", "type": "github" }, "original": { @@ -907,16 +907,16 @@ }, "stable": { "locked": { - "lastModified": 1660496378, - "narHash": "sha256-sgAhmrC1iSnl5T2VPPiMpciH1aRw5c7PYEdXX6jd6Gk=", + "lastModified": 1669735802, + "narHash": "sha256-qtG/o/i5ZWZLmXw108N2aPiVsxOcidpHJYNkT45ry9Q=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "879121648fe522b38cc1cf75aef160a14a1f2e7b", + "rev": "731cc710aeebecbf45a258e977e8b68350549522", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-22.05", + "ref": "nixos-22.11", "repo": "nixpkgs", "type": "github" } -- 2.47.1 From a446437874e7911d92a50ed89ce02a751ecbd2cd Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 1 Dec 2022 22:13:05 +0100 Subject: [PATCH 0582/1882] fix statix --- nixos/common/generic-lxc.nix | 2 +- nixos/common/modules/dns.nix | 2 +- nixos/common/modules/flood.nix | 4 +- nixos/common/modules/unpackerr.nix | 2 +- nixos/hosts/hades/mastodon/configuration.nix | 43 +++++------ nixos/hosts/hades/rtorrent/configuration.nix | 32 ++++---- nixos/hosts/olympus/outline/configuration.nix | 3 +- nixos/hosts/thalassa/aoife/configuration.nix | 26 ++++++- nixos/hosts/thalassa/aoife/home/default.nix | 4 +- nixos/hosts/thalassa/aoife/home/theme.nix | 3 +- nixos/hosts/thalassa/null/home/default.nix | 75 +++++++++---------- nixos/hosts/thalassa/null/home/theme.nix | 3 +- nixos/hosts/thalassa/null/networking.nix | 2 +- nixos/util.nix | 6 +- 14 files changed, 106 insertions(+), 101 deletions(-) diff --git a/nixos/common/generic-lxc.nix b/nixos/common/generic-lxc.nix index a28b7089..d4db44c4 100644 --- a/nixos/common/generic-lxc.nix +++ b/nixos/common/generic-lxc.nix @@ -1,4 +1,4 @@ -{ ... }: { +{ _ }: { # See also: https://blog.xirion.net/posts/nixos-proxmox-lxc/ # Supress systemd services that don't work (correctly) on LXC diff --git a/nixos/common/modules/dns.nix b/nixos/common/modules/dns.nix index f5bd52c6..6a348806 100644 --- a/nixos/common/modules/dns.nix +++ b/nixos/common/modules/dns.nix @@ -37,7 +37,7 @@ in }; config = mkIf cfg.enable { - networking.firewall = mkIf (cfg.openFirewall) { + networking.firewall = mkIf cfg.openFirewall { allowedTCPPorts = [ 53 ]; allowedUDPPorts = [ 53 ]; }; diff --git a/nixos/common/modules/flood.nix b/nixos/common/modules/flood.nix index 9db05532..fbdef0ac 100644 --- a/nixos/common/modules/flood.nix +++ b/nixos/common/modules/flood.nix @@ -115,7 +115,7 @@ in { # Create user if set to default users.users = mkIf (cfg.user == "flood") { flood = { - group = cfg.group; + inherit (cfg) group; shell = pkgs.bashInteractive; home = cfg.dataDir; description = "flood Daemon user"; @@ -124,7 +124,7 @@ in { }; # Open firewall if option is set to do so. - networking.firewall.allowedTCPPorts = mkIf (cfg.openFirewall) [ cfg.port ]; + networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ]; # The actual service systemd.services.flood = { diff --git a/nixos/common/modules/unpackerr.nix b/nixos/common/modules/unpackerr.nix index 3bba6470..2d59cbf7 100644 --- a/nixos/common/modules/unpackerr.nix +++ b/nixos/common/modules/unpackerr.nix @@ -244,7 +244,7 @@ in # Create user if set to default users.users = mkIf (cfg.user == "unpackerr") { unpackerr = { - group = cfg.group; + inherit (cfg) group; shell = pkgs.bashInteractive; createHome = false; description = "unpackerr Daemon user"; diff --git a/nixos/hosts/hades/mastodon/configuration.nix b/nixos/hosts/hades/mastodon/configuration.nix index 65862860..38a81d0a 100644 --- a/nixos/hosts/hades/mastodon/configuration.nix +++ b/nixos/hosts/hades/mastodon/configuration.nix @@ -2,8 +2,7 @@ let vs = config.vault-secrets.secrets; cfg = config.services.mastodon; -in -{ +in { system.stateVersion = "21.05"; # Use DHCP with static leases networking.interfaces.eth0.useDHCP = true; @@ -19,8 +18,7 @@ in vault-secrets.secrets.mastodon = { services = [ "mastodon-init-dirs" "mastodon" "mastodon-media-prune" ]; - user = cfg.user; - group = cfg.group; + inherit (cfg) user group; }; # Append the init-dirs script to add AWS/Minio secrets @@ -47,7 +45,7 @@ in elasticsearch = { host = "127.0.0.1"; - port = config.services.elasticsearch.port; + inherit (config.services.elasticsearch) port; }; database = { @@ -98,23 +96,21 @@ in }; # https://github.com/NixOS/nixpkgs/issues/116418#issuecomment-799517120 - systemd.services.mastodon-media-prune = - let - cfg = config.services.mastodon; - in - { - description = "Mastodon media prune"; - environment = lib.filterAttrs (n: _: n != "PATH") config.systemd.services.mastodon-web.environment; - serviceConfig = { - Type = "oneshot"; - # Remove remote media attachments older than one month. - ExecStart = "${cfg.package}/bin/tootctl media remove --days=30"; - User = cfg.user; - Group = cfg.group; - EnvironmentFile = "/var/lib/mastodon/.secrets_env"; - PrivateTmp = true; - }; + systemd.services.mastodon-media-prune = let cfg = config.services.mastodon; + in { + description = "Mastodon media prune"; + environment = lib.filterAttrs (n: _: n != "PATH") + config.systemd.services.mastodon-web.environment; + serviceConfig = { + Type = "oneshot"; + # Remove remote media attachments older than one month. + ExecStart = "${cfg.package}/bin/tootctl media remove --days=30"; + User = cfg.user; + Group = cfg.group; + EnvironmentFile = "/var/lib/mastodon/.secrets_env"; + PrivateTmp = true; }; + }; systemd.timers.mastodon-media-prune = { description = "Mastodon media prune"; @@ -126,7 +122,6 @@ in }; }; - networking.firewall = - let cfg = config.services.mastodon; - in { allowedTCPPorts = [ cfg.streamingPort cfg.webPort ]; }; + networking.firewall = let cfg = config.services.mastodon; + in { allowedTCPPorts = [ cfg.streamingPort cfg.webPort ]; }; } diff --git a/nixos/hosts/hades/rtorrent/configuration.nix b/nixos/hosts/hades/rtorrent/configuration.nix index d0337516..e6c60d32 100644 --- a/nixos/hosts/hades/rtorrent/configuration.nix +++ b/nixos/hosts/hades/rtorrent/configuration.nix @@ -1,9 +1,7 @@ { config, pkgs, ... }: -let vs = config.vault-secrets.secrets; in -{ - imports = [ - ./rtorrent.nix - ]; +let vs = config.vault-secrets.secrets; +in { + imports = [ ./rtorrent.nix ]; networking.interfaces.eth0.useDHCP = true; system.stateVersion = "22.05"; @@ -17,35 +15,31 @@ let vs = config.vault-secrets.secrets; in enable = true; host = "0.0.0.0"; openFirewall = true; - downloadDir = config.services.rtorrent.downloadDir; + inherit (config.services.rtorrent) downloadDir; }; - vault-secrets.secrets.rtorrent = { - services = [ "wg-quick-wg0" ]; - }; + vault-secrets.secrets.rtorrent = { services = [ "wg-quick-wg0" ]; }; # Mullvad VPN - networking.wg-quick.interfaces = let + networking.wg-quick.interfaces = let postUpScript = pkgs.writeScriptBin "post_up" '' #!${pkgs.stdenv.shell} ${pkgs.iproute2}/bin/ip route add 10.42.42.0/23 via 192.168.0.1 ${pkgs.iproute2}/bin/ip route add 10.100.0.0/24 via 192.168.0.1 ''; - in{ + in { wg0 = { address = [ "10.66.153.191/32" "fc00:bbbb:bbbb:bb01::3:99be/128" ]; dns = [ "193.138.218.74" ]; privateKeyFile = "${vs.rtorrent}/wireguardKey"; postUp = "${postUpScript}/bin/post_up || true"; - peers = [ - { - publicKey = "hnRorSW0YHlHAzGb4Uc/sjOqQIrqDnpJnTQi/n7Rp1c="; - allowedIPs = [ "0.0.0.0/0" "::/0" ]; - endpoint = "185.65.134.223:51820"; - persistentKeepalive = 25; - } - ]; + peers = [{ + publicKey = "hnRorSW0YHlHAzGb4Uc/sjOqQIrqDnpJnTQi/n7Rp1c="; + allowedIPs = [ "0.0.0.0/0" "::/0" ]; + endpoint = "185.65.134.223:51820"; + persistentKeepalive = 25; + }]; }; }; } diff --git a/nixos/hosts/olympus/outline/configuration.nix b/nixos/hosts/olympus/outline/configuration.nix index 45362404..3b792c9f 100644 --- a/nixos/hosts/olympus/outline/configuration.nix +++ b/nixos/hosts/olympus/outline/configuration.nix @@ -23,8 +23,7 @@ let vs = config.vault-secrets.secrets; in ]; vault-secrets.secrets.outline = { - user = config.services.outline.user; - group = config.services.outline.group; + inherit (config.services.outline) user group; }; services.outline = { diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index 65d2faf7..7462dfd4 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -46,11 +46,33 @@ # Enable the X11 windowing system. services.xserver.enable = true; + services.xserver.excludePackages = [ pkgs.xterm ]; # Enable the GNOME Desktop Environment. services.xserver.displayManager.gdm.enable = true; services.xserver.desktopManager.gnome.enable = true; services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; + environment.gnome.excludePackages = + (with pkgs; [ gnome-photos gnome-tour gnome-connections ]) + ++ (with pkgs.gnome; [ + atomix # puzzle game + epiphany # web browser + geary # email reader + gedit # text editor + gnome-calendar + gnome-clocks + gnome-contacts + gnome-maps + gnome-music + gnome-notes + gnome-terminal + gnome-weather + hitori # sudoku game + iagno # go game + simple-scan # document scanner + tali # poker game + totem # video player + ]); programs.dconf.enable = true; services.udisks2.enable = true; @@ -84,8 +106,8 @@ #media-session.enable = true; }; - environment.systemPackages = with pkgs; [ - gnome3.gnome-tweaks + environment.systemPackages = with pkgs; [ + gnome3.gnome-tweaks wireguard-tools ]; diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index 7016713d..f7639867 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -1,9 +1,9 @@ { lib, config, pkgs, inputs, ... }: let - tex = (pkgs.texlive.combine { + tex = pkgs.texlive.combine { inherit (pkgs.texlive) scheme-full; dnd-5e-latex-template = { pkgs = [ pkgs.v.dnd-5e-latex-template ]; }; - }); + }; in { programs.home-manager.enable = true; diff --git a/nixos/hosts/thalassa/aoife/home/theme.nix b/nixos/hosts/thalassa/aoife/home/theme.nix index ca504e5a..e1c56d68 100644 --- a/nixos/hosts/thalassa/aoife/home/theme.nix +++ b/nixos/hosts/thalassa/aoife/home/theme.nix @@ -21,8 +21,7 @@ in { }; cursorTheme = { name = cursorTheme; - package = config.home.pointerCursor.package; - size = config.home.pointerCursor.size; + inherit (config.home.pointerCursor) package size; }; }; diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 0e81f045..1b03ec67 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -1,11 +1,10 @@ { config, pkgs, lib, inputs, texlive, ... }: let - tex = (pkgs.texlive.combine { + tex = pkgs.texlive.combine { inherit (pkgs.texlive) scheme-full; dnd-5e-latex-template = { pkgs = [ pkgs.v.dnd-5e-latex-template ]; }; - }); -in -{ + }; +in { programs.home-manager.enable = true; home.username = "victor"; home.homeDirectory = "/home/victor"; @@ -62,29 +61,28 @@ in xdg.mimeApps = { enable = true; - defaultApplications = - let browser = [ "firefox.desktop" ]; - in { - "image/*" = "org.gnome.eog.desktop"; - "text/html" = browser; - "x-scheme-handler/http" = browser; - "x-scheme-handler/https" = browser; - "x-scheme-handler/ftp" = browser; - "x-scheme-handler/about" = browser; - "x-scheme-handler/unknown" = browser; - "application/x-extension-htm" = browser; - "application/x-extension-html" = browser; - "application/x-extension-shtml" = browser; - "application/xhtml+xml" = browser; - "application/x-extension-xhtml" = browser; - "application/x-extension-xht" = browser; + defaultApplications = let browser = [ "firefox.desktop" ]; + in { + "image/*" = "org.gnome.eog.desktop"; + "text/html" = browser; + "x-scheme-handler/http" = browser; + "x-scheme-handler/https" = browser; + "x-scheme-handler/ftp" = browser; + "x-scheme-handler/about" = browser; + "x-scheme-handler/unknown" = browser; + "application/x-extension-htm" = browser; + "application/x-extension-html" = browser; + "application/x-extension-shtml" = browser; + "application/xhtml+xml" = browser; + "application/x-extension-xhtml" = browser; + "application/x-extension-xht" = browser; - "application/json" = browser; - "application/pdf" = browser; + "application/json" = browser; + "application/pdf" = browser; - "x-scheme-handler/vscode" = "code-url-handler.desktop"; - "x-scheme-handler/discord" = "webcord.desktop"; - }; + "x-scheme-handler/vscode" = "code-url-handler.desktop"; + "x-scheme-handler/discord" = "webcord.desktop"; + }; }; programs.foot = { enable = true; }; @@ -185,20 +183,19 @@ in sessionVariables = { DIRENV_LOG_FORMAT = ""; }; }; - xdg.userDirs = - let home = config.home.homeDirectory; - in { - enable = true; - createDirectories = true; - desktop = "${home}/.desktop"; - documents = "${home}/cloud/Documents"; - download = "${home}/dl"; - music = "${home}/cloud/Music"; - pictures = "${home}/cloud/Pictures"; - publicShare = "${home}/.publicShare"; - templates = "${home}/.templates"; - videos = "${home}/cloud/Videos"; - }; + xdg.userDirs = let home = config.home.homeDirectory; + in { + enable = true; + createDirectories = true; + desktop = "${home}/.desktop"; + documents = "${home}/cloud/Documents"; + download = "${home}/dl"; + music = "${home}/cloud/Music"; + pictures = "${home}/cloud/Pictures"; + publicShare = "${home}/.publicShare"; + templates = "${home}/.templates"; + videos = "${home}/cloud/Videos"; + }; services.syncthing.enable = true; } diff --git a/nixos/hosts/thalassa/null/home/theme.nix b/nixos/hosts/thalassa/null/home/theme.nix index 7cffc568..b75113c5 100644 --- a/nixos/hosts/thalassa/null/home/theme.nix +++ b/nixos/hosts/thalassa/null/home/theme.nix @@ -58,8 +58,7 @@ in { }; cursorTheme = { name = cursorTheme; - package = config.home.pointerCursor.package; - size = config.home.pointerCursor.size; + inherit (config.home.pointerCursor) size package; }; }; diff --git a/nixos/hosts/thalassa/null/networking.nix b/nixos/hosts/thalassa/null/networking.nix index 4ede7108..51cd7990 100644 --- a/nixos/hosts/thalassa/null/networking.nix +++ b/nixos/hosts/thalassa/null/networking.nix @@ -1,4 +1,4 @@ -{ ... }: +{ _ }: { services.v.dns = { enable = true; diff --git a/nixos/util.nix b/nixos/util.nix index 373f32e5..75294cdb 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -28,11 +28,11 @@ let in { # Add to whatever realm a host belong to its list of tags - add_realm_to_tags = realm: hosts: map ({ tags ? [ ], ... }@host: host // { tags = [ realm ] ++ tags; inherit realm; }) hosts; + add_realm_to_tags = realm: map ({ tags ? [ ], ... }@host: host // { tags = [ realm ] ++ tags; inherit realm; }); # Flatten all hosts to a single list flatten_hosts = hosts: concatLists (attrValues hosts); # Filter out all hosts which aren't nixos - filter_nix_hosts = hosts: filter ({ nix ? true, ... }: nix) hosts; + filter_nix_hosts = filter ({ nix ? true, ... }: nix); # Helper function to build a colmena host definition mkColmenaHost = { ip ? null, hostname, tags, realm, type ? "lxc", ... }@host: @@ -50,7 +50,7 @@ in deployment = { inherit tags; targetHost = ip; - allowLocalDeployment = (type == "local"); + allowLocalDeployment = type == "local"; targetUser = null; # Defaults to $USER }; }; -- 2.47.1 From 4755f40dfb280bd3ba6fa7a26323a6cbb5300690 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 2 Dec 2022 12:18:21 +0100 Subject: [PATCH 0583/1882] minor updates --- flake.nix | 1 + nixos/common/generic-lxc.nix | 2 +- nixos/hosts/thalassa/aoife/home/.gitignore | 1 + nixos/hosts/thalassa/aoife/home/dconf.nix | 15 ++++++++++++++- nixos/hosts/thalassa/aoife/home/default.nix | 20 ++++++++++++++++++-- nixos/hosts/thalassa/null/networking.nix | 2 +- 6 files changed, 36 insertions(+), 5 deletions(-) create mode 100644 nixos/hosts/thalassa/aoife/home/.gitignore diff --git a/flake.nix b/flake.nix index 37254b7b..ad800cbe 100644 --- a/flake.nix +++ b/flake.nix @@ -140,6 +140,7 @@ k9s kubectl kubectx + statix terraform nixfmt nixUnstable diff --git a/nixos/common/generic-lxc.nix b/nixos/common/generic-lxc.nix index d4db44c4..0c1c286c 100644 --- a/nixos/common/generic-lxc.nix +++ b/nixos/common/generic-lxc.nix @@ -1,4 +1,4 @@ -{ _ }: { +_: { # See also: https://blog.xirion.net/posts/nixos-proxmox-lxc/ # Supress systemd services that don't work (correctly) on LXC diff --git a/nixos/hosts/thalassa/aoife/home/.gitignore b/nixos/hosts/thalassa/aoife/home/.gitignore new file mode 100644 index 00000000..16bf7065 --- /dev/null +++ b/nixos/hosts/thalassa/aoife/home/.gitignore @@ -0,0 +1 @@ +jonathan_dconf diff --git a/nixos/hosts/thalassa/aoife/home/dconf.nix b/nixos/hosts/thalassa/aoife/home/dconf.nix index 49222e77..ed8db574 100644 --- a/nixos/hosts/thalassa/aoife/home/dconf.nix +++ b/nixos/hosts/thalassa/aoife/home/dconf.nix @@ -17,7 +17,7 @@ with lib.hm.gvariant; "org/gnome/mutter" = { attach-modal-dialogs = true; - dynamic-workspaces = true; + dynamic-workspaces = false; edge-tiling = true; focus-change-on-pointer-rest = true; workspaces-only-on-primary = true; @@ -28,6 +28,15 @@ with lib.hm.gvariant; toggle-tiled-right = [ "bracketright" ]; }; + "org/gnome/shell/keybindings" = { toggle-overview = [ "d" ]; }; + + "org/gnome/desktop/interface" = { color-scheme = "prefer-dark"; }; + + "org/gnome/desktop/wm/preferences" = { + auto-raise = true; + num-workspaces = 6; + }; + "org/gnome/desktop/wm/keybindings" = { raise-or-lower = [ "s" ]; switch-applications = [ "Tab" ]; @@ -36,10 +45,14 @@ with lib.hm.gvariant; move-to-workspace-2 = [ "at" ]; move-to-workspace-3 = [ "numbersign" ]; move-to-workspace-4 = [ "dollar" ]; + move-to-workspace-5 = [ "percent" ]; + move-to-workspace-6 = [ "asciicircum" ]; switch-to-workspace-1 = [ "1" ]; switch-to-workspace-2 = [ "2" ]; switch-to-workspace-3 = [ "3" ]; switch-to-workspace-4 = [ "4" ]; + switch-to-workspace-5 = [ "5" ]; + switch-to-workspace-6 = [ "6" ]; toggle-fullscreen = [ "f" ]; toggle-maximized = [ "m" ]; }; diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index f7639867..2c2c7cdd 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -80,9 +80,25 @@ in { "rust-analyzer.server.path" = "${pkgs.rust-analyzer}/bin/rust-analyzer"; "terminal.integrated.defaultProfile.linux" = "zsh"; "nix.enableLanguageServer" = true; # Enable LSP. - "nix.serverPath" = - "${pkgs.nil}/bin/nil"; # The path to the LSP server executable. + "nix.serverPath" = "${pkgs.nil}/bin/nil"; "[nix]" = { "editor.defaultFormatter" = "brettm12345.nixfmt-vscode"; }; + # Don't index unecessary things + "files.exclude" = { + "**/.vscode" = true; + "**/.git" = true; + "**/.svn" = true; + "**/.hg" = true; + "**/.deps" = true; + "**/CVS" = true; + "**/.DS_Store" = true; + "/bin" = true; + "/boot" = true; + "/cdrom" = true; + "/dev" = true; + "/proc" = true; + "/etc" = true; + "/nix" = true; + }; }; extensions = with pkgs.vscode-extensions; with pkgs.v.vscode-extensions; [ diff --git a/nixos/hosts/thalassa/null/networking.nix b/nixos/hosts/thalassa/null/networking.nix index 51cd7990..66bab882 100644 --- a/nixos/hosts/thalassa/null/networking.nix +++ b/nixos/hosts/thalassa/null/networking.nix @@ -1,4 +1,4 @@ -{ _ }: +_: { services.v.dns = { enable = true; -- 2.47.1 From 9197c566d2d9acb62b3e13a1567fae717fbeaa39 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 2 Dec 2022 17:23:10 +0100 Subject: [PATCH 0584/1882] important --- nixos/common/users/default.nix | 2 ++ nixos/hosts/thalassa/aoife/configuration.nix | 5 +++++ 2 files changed, 7 insertions(+) diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index d004e5f8..f8082806 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -42,10 +42,12 @@ # Setup packages available everywhere environment.systemPackages = with pkgs; [ + cmatrix fzf git helix htop + lolcat ncdu psmisc ripgrep diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index 7462dfd4..b0549cfa 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -143,6 +143,11 @@ # networking.firewall.enable = false; + powerManagement = { + enable = true; + powertop.enable = true; + }; + # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave -- 2.47.1 From 9165a7ba395be391687d6d03e47d8cff1d9b21ac Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 6 Dec 2022 14:28:03 +0100 Subject: [PATCH 0585/1882] updates --- flake.lock | 112 +++++++++++++++----- nixos/hosts/olympus/nginx/configuration.nix | 2 +- nixos/hosts/thalassa/aoife/home/.gitignore | 2 +- nixos/hosts/thalassa/aoife/home/dconf.nix | 3 +- nixos/hosts/thalassa/aoife/home/default.nix | 2 +- nixos/hosts/thalassa/aoife/home/neovim.nix | 89 ++++++++++++++++ 6 files changed, 178 insertions(+), 32 deletions(-) create mode 100644 nixos/hosts/thalassa/aoife/home/neovim.nix diff --git a/flake.lock b/flake.lock index 5c857829..59deec33 100644 --- a/flake.lock +++ b/flake.lock @@ -74,11 +74,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1669885076, - "narHash": "sha256-ipOEkJbly4VA5ZFLRI7wczc6ebZqLacJ2iXnl5IQR34=", + "lastModified": 1669917327, + "narHash": "sha256-YYjaNOUJZaM5t35GbWtfX825TlI9LAksbfdhaCYWmfY=", "owner": "zhaofengli", "repo": "colmena", - "rev": "d597bdf4b3edcf4b4743fbe00bad47c860af64a5", + "rev": "64c46fa0169233d4faed70c52583cd3183c7f5aa", "type": "github" }, "original": { @@ -378,11 +378,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1669825171, - "narHash": "sha256-HxlZHSiRGXnWAFbIJMeujqBe2KgACYx5XDRY0EA9P+4=", + "lastModified": 1670280307, + "narHash": "sha256-3x+0whP1nCz5adQMIsBA3L9fI/ABOpRUJdbw0AmxBnU=", "owner": "nix-community", "repo": "home-manager", - "rev": "478610aa37c8339eacabfa03f07dacf5574edd47", + "rev": "2af0d07678fc15612345e0dd55337550dcf6465f", "type": "github" }, "original": { @@ -393,15 +393,17 @@ }, "hyprland": { "inputs": { + "hyprland-protocols": "hyprland-protocols", "nixpkgs": "nixpkgs", - "wlroots": "wlroots" + "wlroots": "wlroots", + "xdph": "xdph" }, "locked": { - "lastModified": 1669902005, - "narHash": "sha256-fSndLtXyHvzP0xG1t+wVNLMnuQaZKmEogXx0CHdf81E=", + "lastModified": 1670331430, + "narHash": "sha256-UdXvsPJEu2ktOZwfGrVoR8gl9jHnE60CEZRvsEvNJBw=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "39a4f82460effec877d14a8efac7952f543323be", + "rev": "7ed401e5e0779e851667c2e5d220c24e9a5b8737", "type": "github" }, "original": { @@ -410,6 +412,38 @@ "type": "github" } }, + "hyprland-protocols": { + "flake": false, + "locked": { + "lastModified": 1670258048, + "narHash": "sha256-Lm2sXnDVZNE+taHqsqVibvPmSdu65VHvXI507KVX4lg=", + "owner": "hyprwm", + "repo": "hyprland-protocols", + "rev": "0dcff94fc10df2bbb66d3e1b5a1d6cfd3ada5515", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-protocols", + "type": "github" + } + }, + "hyprland-protocols_2": { + "flake": false, + "locked": { + "lastModified": 1670185345, + "narHash": "sha256-hxWGqlPecqEsE6nOHDV29KFBKePbY2Ipeac6lrChMKY=", + "owner": "hyprwm", + "repo": "hyprland-protocols", + "rev": "4623a404c091e64743ba310199bb380ec52f1936", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-protocols", + "type": "github" + } + }, "hyprpaper": { "inputs": { "nixpkgs": [ @@ -492,11 +526,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1669857900, - "narHash": "sha256-iR2lzvMURAKq1+h7OORDedL4EKzdWdMTg/VGqZR+sh0=", + "lastModified": 1670289122, + "narHash": "sha256-xdKDX9EWGqTgApkypMk8CmGq4e2niY4ZT+swXNDpbW8=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "3d0c09b4c244674a18fe44063713589599278d18", + "rev": "f9528054a98195df5c93674edadc1a9632c5f659", "type": "github" }, "original": { @@ -630,11 +664,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1669650994, - "narHash": "sha256-uwASLUfedIQ5q01TtMwZDEV2HCZr5nVPZjzVgCG+D5I=", + "lastModified": 1670174919, + "narHash": "sha256-XdQr3BUnrvVLRFunLWrZORhwYHDG0+9jUUe0Jv1pths=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "7883883d135ce5b7eae5dce4bfa12262b85c1c46", + "rev": "9d87bc030a0bf3f00e953dbf095a7d8e852dab6b", "type": "github" }, "original": { @@ -646,11 +680,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1668765800, - "narHash": "sha256-rC40+/W6Hio7b/RsY8SvQPKNx4WqNcTgfYv8cUMAvJk=", + "lastModified": 1670064435, + "narHash": "sha256-+ELoY30UN+Pl3Yn7RWRPabykwebsVK/kYE9JsIsUMxQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "52b2ac8ae18bbad4374ff0dd5aeee0fdf1aea739", + "rev": "61a8a98e6d557e6dd7ed0cdb54c3a3e3bbc5e25c", "type": "github" }, "original": { @@ -677,11 +711,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1669791787, - "narHash": "sha256-KBfoA2fOI5+wCrm7PR+j7jHqXeTkVRPQ0m5fcKchyuU=", + "lastModified": 1670152712, + "narHash": "sha256-LJttwIvJqsZIj8u1LxVRv82vwUtkzVqQVi7Wb8gxPS4=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "e76c78d20685a043d23f5f9e0ccd2203997f1fb1", + "rev": "14ddeaebcbe9a25748221d1d7ecdf98e20e2325e", "type": "github" }, "original": { @@ -731,11 +765,11 @@ "nmdSrc": "nmdSrc" }, "locked": { - "lastModified": 1669907754, - "narHash": "sha256-mKpEOsBfYSxM8N4Q1V+/HBf7s6PfiDrHrT7cTqhyFdA=", + "lastModified": 1670208577, + "narHash": "sha256-hDa+hqAWlTaEvT5iCyy2hLPHS9uybbSkeSlqyvXJjKM=", "owner": "pta2002", "repo": "nixvim", - "rev": "27bf782ed8794daa99a4f63334d8cb678808694d", + "rev": "472e10f069c57da281ef178b28423f7f6b2529c2", "type": "github" }, "original": { @@ -1062,11 +1096,11 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1668785720, - "narHash": "sha256-CX+PYJP2PxZWL380WzyMNsrfRgIb/78brdwvDg/zj28=", + "lastModified": 1669925104, + "narHash": "sha256-xMHfW+/G9MieN/5tXHUA5/ztE8dkE093cNFTEUgcwxI=", "owner": "wlroots", "repo": "wlroots", - "rev": "4ff46e6cf9463e594605928feeb7c55cf323b5e7", + "rev": "c8eb24d30e18c165728b8788a10716611c3b633d", "type": "gitlab" }, "original": { @@ -1075,6 +1109,28 @@ "repo": "wlroots", "type": "gitlab" } + }, + "xdph": { + "inputs": { + "hyprland-protocols": "hyprland-protocols_2", + "nixpkgs": [ + "hyprland", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1670202338, + "narHash": "sha256-StTfshdAoSxO+t0wRbq1I3YESLFIQWFjGJse5ICV8rk=", + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "rev": "af840a9e0947a79a37a95a9f62062653721e43fa", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "type": "github" + } } }, "root": "root", diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index d32b3613..3637d82d 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -39,7 +39,7 @@ in { recommendedProxySettings = true; recommendedTlsSettings = true; recommendedOptimisation = true; - clientMaxBodySize = "100m"; + clientMaxBodySize = "500m"; package = pkgs.nginxMainline.override { modules = with pkgs.nginxModules; [ brotli ]; diff --git a/nixos/hosts/thalassa/aoife/home/.gitignore b/nixos/hosts/thalassa/aoife/home/.gitignore index 16bf7065..16cb60c6 100644 --- a/nixos/hosts/thalassa/aoife/home/.gitignore +++ b/nixos/hosts/thalassa/aoife/home/.gitignore @@ -1 +1 @@ -jonathan_dconf +*_dconf_dump \ No newline at end of file diff --git a/nixos/hosts/thalassa/aoife/home/dconf.nix b/nixos/hosts/thalassa/aoife/home/dconf.nix index ed8db574..31339ee9 100644 --- a/nixos/hosts/thalassa/aoife/home/dconf.nix +++ b/nixos/hosts/thalassa/aoife/home/dconf.nix @@ -33,8 +33,9 @@ with lib.hm.gvariant; "org/gnome/desktop/interface" = { color-scheme = "prefer-dark"; }; "org/gnome/desktop/wm/preferences" = { - auto-raise = true; + auto-raise = false; num-workspaces = 6; + focus-mode = "sloppy"; }; "org/gnome/desktop/wm/keybindings" = { diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index 2c2c7cdd..cf2b2fbc 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -11,7 +11,7 @@ in { home.homeDirectory = "/home/victor"; home.stateVersion = "23.05"; - imports = [ ./dconf.nix ./theme.nix ]; + imports = [ ./dconf.nix ./theme.nix ./neovim.nix ]; home.packages = with pkgs; [ btop diff --git a/nixos/hosts/thalassa/aoife/home/neovim.nix b/nixos/hosts/thalassa/aoife/home/neovim.nix new file mode 100644 index 00000000..2e45a998 --- /dev/null +++ b/nixos/hosts/thalassa/aoife/home/neovim.nix @@ -0,0 +1,89 @@ +{ inputs, pkgs, lib, ... }: { + imports = [ inputs.nixvim.homeManagerModules.nixvim ]; + programs.nixvim = { + enable = true; + package = pkgs.neovim-unwrapped; + + globals = { mapleader = " "; }; + + maps.normal = { + "ff" = "lua require('telescope.builtin').find_files()"; + "fg" = "lua require('telescope.builtin').live_grep()"; + }; + + extraPlugins = with pkgs.vimPlugins; [ catppuccin-nvim luasnip ]; + + colorscheme = "catppuccin-frappe"; + + plugins = { + nix.enable = true; + treesitter = { + enable = true; + nixGrammars = false; + ensureInstalled = [ ]; + }; + surround.enable = true; + fugitive.enable = true; + lualine = { + enable = true; + theme = "catppuccin"; + }; + telescope = { + enable = true; + extensions.fzf-native.enable = true; + extensions.fzf-native.fuzzy = true; + }; + lsp = { + enable = true; + servers.rust-analyzer.enable = true; + servers.rnix-lsp.enable = true; + servers.pyright.enable = true; + servers.elixirls.enable = true; + }; + nvim-cmp = { + enable = true; + auto_enable_sources = true; + sources = [ + { name = "nvim_lsp"; } + { name = "cmp-latex-symbols"; } + { + name = "luasnip"; + option = { show_autosnippets = true; }; + } + { name = "cmp-spell"; } + { name = "cmp-rg"; } + { name = "path"; } + { name = "buffer"; } + ]; + snippet.expand = '' + function(args) + require('luasnip').lsp_expand(args.body) -- For `luasnip` users. + end + ''; + mappingPresets = [ "insert" "cmdline" ]; + mapping = { + "" = "cmp.mapping.confirm({ select = true })"; + "" = { + modes = [ "i" "s" ]; + action = '' + function(fallback) + local luasnip = require('luasnip') + if cmp.visible() then + cmp.select_next_item() + elseif luasnip.expandable() then + luasnip.expand() + elseif luasnip.expand_or_jumpable() then + luasnip.expand_or_jump() + elseif check_backspace() then + fallback() + else + fallback() + end + end + ''; + }; + }; + }; + }; + }; +} -- 2.47.1 From fc4a0d0d5482066485434f31dad7cdb58412f457 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 6 Dec 2022 21:56:38 +0100 Subject: [PATCH 0586/1882] flake update --- flake.lock | 28 ++++++++++++++++----- flake.nix | 7 +++++- nixos/hosts/thalassa/aoife/home/default.nix | 11 +++----- 3 files changed, 32 insertions(+), 14 deletions(-) diff --git a/flake.lock b/flake.lock index 59deec33..8297a18a 100644 --- a/flake.lock +++ b/flake.lock @@ -399,11 +399,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1670331430, - "narHash": "sha256-UdXvsPJEu2ktOZwfGrVoR8gl9jHnE60CEZRvsEvNJBw=", + "lastModified": 1670358704, + "narHash": "sha256-zBClR9FjbV3So2xDoQci6aKjsnkFVtrD1Ipnd1dY1oo=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "7ed401e5e0779e851667c2e5d220c24e9a5b8737", + "rev": "993c382e74faddefeb62b3ab7a7281bd9a69990b", "type": "github" }, "original": { @@ -711,11 +711,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1670152712, - "narHash": "sha256-LJttwIvJqsZIj8u1LxVRv82vwUtkzVqQVi7Wb8gxPS4=", + "lastModified": 1670242877, + "narHash": "sha256-jBLh7dRHnbfvPPA9znOC6oQfKrCPJ0El8Zoe0BqnCjQ=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "14ddeaebcbe9a25748221d1d7ecdf98e20e2325e", + "rev": "6e51c97f1c849efdfd4f3b78a4870e6aa2da4198", "type": "github" }, "original": { @@ -794,6 +794,21 @@ "type": "gitlab" } }, + "nur": { + "locked": { + "lastModified": 1670315682, + "narHash": "sha256-/v0RgZZIjvsFuJbJLUlzRbzSlYFXq3olgJTuJBNtcoY=", + "owner": "nix-community", + "repo": "NUR", + "rev": "af814db16c89385c65e758608296440555f61ccc", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "NUR", + "type": "github" + } + }, "poetry2nix": { "inputs": { "flake-utils": [ @@ -900,6 +915,7 @@ "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_2", "nixvim": "nixvim", + "nur": "nur", "riff": "riff", "vault-secrets": "vault-secrets", "webcord": "webcord" diff --git a/flake.nix b/flake.nix index ad800cbe..ebf699e7 100644 --- a/flake.nix +++ b/flake.nix @@ -8,6 +8,9 @@ inputs = { nixpkgs.url = "github:NULLx76/nixpkgs/0x76"; + nur.url = "github:nix-community/NUR"; + nur.inputs.nixpkgs.follows = "nixpkgs"; + colmena.url = "github:zhaofengli/colmena"; colmena.inputs.nixpkgs.follows = "nixpkgs"; @@ -47,7 +50,8 @@ }; outputs = { self, nixpkgs, vault-secrets, minecraft-servers, colmena - , home-manager, hyprpaper, hyprland, nixos-generators, nixos-hardware, ... }@inputs: + , home-manager, hyprpaper, hyprland, nixos-generators, nixos-hardware, nur + , ... }@inputs: let inherit (nixpkgs) lib; inherit (builtins) mapAttrs; @@ -72,6 +76,7 @@ minecraft-servers.overlays.default hyprpaper.overlays.default hyprland.overlays.default + nur.overlay ]; }; diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index cf2b2fbc..ec77f2bd 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -69,13 +69,10 @@ in { package = pkgs.vscode; userSettings = { "ltex.language" = "en-GB"; - "latex-workshop" = { - "linting.chktex.enabled" = true; - "latex.clean.subfolder.enabled" = true; - "latex.outDir" = "%TMPDIR%/%RELATIVE_DOC%"; - }; - "editor.fontFamily" = - "'DejaVuSansMono Nerd Font', 'monospace', monospace"; + "latex-workshop.linting.chktex.enabled" = true; + "latex-workshop.latex.clean.subfolder.enabled" = true; + "latex-workshop.latex.outDir" = "%TMPDIR%/%RELATIVE_DOC%"; + "editor.fontFamily" = "'DejaVuSansMono Nerd Font', 'monospace', monospace"; "keyboard.dispatch" = "keyCode"; "rust-analyzer.server.path" = "${pkgs.rust-analyzer}/bin/rust-analyzer"; "terminal.integrated.defaultProfile.linux" = "zsh"; -- 2.47.1 From 4c30e8a688e969261b3c294d454be34aa5143375 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 7 Dec 2022 17:06:38 +0100 Subject: [PATCH 0587/1882] add new laptop wg key --- nixos/hosts/olympus/wireguard/configuration.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/nixos/hosts/olympus/wireguard/configuration.nix b/nixos/hosts/olympus/wireguard/configuration.nix index 9666067e..4f36feab 100644 --- a/nixos/hosts/olympus/wireguard/configuration.nix +++ b/nixos/hosts/olympus/wireguard/configuration.nix @@ -62,10 +62,15 @@ let vs = config.vault-secrets.secrets; in allowedIPs = [ "10.100.0.3/32" ]; } { - # Laptop + # Old Laptop publicKey = "L8myt2bcdja7M+i+9eatdQRW8relPUoZZ9lEKSLe+m8="; allowedIPs = [ "10.100.0.4/32" ]; } + { + # New Laptop + publicKey = "+Ms3xV6LxNZWTQk11zoz+AUIV2uds6A64Wz15JlR/Ak="; + allowedIPs = [ "10.100.0.5/32" ]; + } { # Aerdenhout # Useful setup video for opnsense: https://www.youtube.com/watch?v=RoXHe5dqCM0 -- 2.47.1 From 9e620c6fb0c034c5a861b9a43ca80fab3011ced4 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 8 Dec 2022 21:17:05 +0100 Subject: [PATCH 0588/1882] flake update --- flake.lock | 36 +++++++++---------- .../hosts/olympus/wireguard/configuration.nix | 13 +++---- nixos/hosts/thalassa/aoife/configuration.nix | 18 ++++++++-- 3 files changed, 39 insertions(+), 28 deletions(-) diff --git a/flake.lock b/flake.lock index 8297a18a..2c103c6f 100644 --- a/flake.lock +++ b/flake.lock @@ -378,11 +378,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1670280307, - "narHash": "sha256-3x+0whP1nCz5adQMIsBA3L9fI/ABOpRUJdbw0AmxBnU=", + "lastModified": 1670513770, + "narHash": "sha256-muL74fsbGA8K8WlZSPNWddOiuBnC54kAajncX6nXrh4=", "owner": "nix-community", "repo": "home-manager", - "rev": "2af0d07678fc15612345e0dd55337550dcf6465f", + "rev": "054d9e3187ca00479e8036dc0e92900a384f30fd", "type": "github" }, "original": { @@ -399,11 +399,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1670358704, - "narHash": "sha256-zBClR9FjbV3So2xDoQci6aKjsnkFVtrD1Ipnd1dY1oo=", + "lastModified": 1670525568, + "narHash": "sha256-YS6d6b8XBbKoY9uoSFSzP5Vm0nEOmvcxFwU4UJUEfAQ=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "993c382e74faddefeb62b3ab7a7281bd9a69990b", + "rev": "be6e1a33b1d37ce3639ceb5c40fce581c77fd54a", "type": "github" }, "original": { @@ -526,11 +526,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1670289122, - "narHash": "sha256-xdKDX9EWGqTgApkypMk8CmGq4e2niY4ZT+swXNDpbW8=", + "lastModified": 1670461926, + "narHash": "sha256-80badJ32j8eWPTgWO7m5SZT+uEUZDmhrr5cNstPWsDw=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "f9528054a98195df5c93674edadc1a9632c5f659", + "rev": "b2444f924ab432f8590b12de042ad394bbe8ed83", "type": "github" }, "original": { @@ -711,11 +711,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1670242877, - "narHash": "sha256-jBLh7dRHnbfvPPA9znOC6oQfKrCPJ0El8Zoe0BqnCjQ=", + "lastModified": 1670332253, + "narHash": "sha256-O5SmhlIUt1s+vK4NXeGYqwcBIMwbBPAEZ3GHE3XT28c=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "6e51c97f1c849efdfd4f3b78a4870e6aa2da4198", + "rev": "1c9ffcf70786f0966982ce0fc76ec05df2e1dec2", "type": "github" }, "original": { @@ -765,11 +765,11 @@ "nmdSrc": "nmdSrc" }, "locked": { - "lastModified": 1670208577, - "narHash": "sha256-hDa+hqAWlTaEvT5iCyy2hLPHS9uybbSkeSlqyvXJjKM=", + "lastModified": 1670519577, + "narHash": "sha256-unss17EdnkL3Y3a9Rg3qAyY13TP7FDDTgAP/8pr+SbA=", "owner": "pta2002", "repo": "nixvim", - "rev": "472e10f069c57da281ef178b28423f7f6b2529c2", + "rev": "a7fbb812242d1223fcca8c0a270eb87a82f98f17", "type": "github" }, "original": { @@ -796,11 +796,11 @@ }, "nur": { "locked": { - "lastModified": 1670315682, - "narHash": "sha256-/v0RgZZIjvsFuJbJLUlzRbzSlYFXq3olgJTuJBNtcoY=", + "lastModified": 1670519174, + "narHash": "sha256-cllJKMqAYsUhKdTlRn1NB83dWeRk2BSauHZQFZl0LgU=", "owner": "nix-community", "repo": "NUR", - "rev": "af814db16c89385c65e758608296440555f61ccc", + "rev": "ecfbb03d9d32c8af6756f7ca9634c53767fcee77", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/wireguard/configuration.nix b/nixos/hosts/olympus/wireguard/configuration.nix index 4f36feab..4983169b 100644 --- a/nixos/hosts/olympus/wireguard/configuration.nix +++ b/nixos/hosts/olympus/wireguard/configuration.nix @@ -3,8 +3,8 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { lib, config, pkgs, inputs, ... }: -let vs = config.vault-secrets.secrets; in -{ +let vs = config.vault-secrets.secrets; +in { imports = [ ]; # This value determines the NixOS release from which the default @@ -20,14 +20,11 @@ let vs = config.vault-secrets.secrets; in environment.noXlibs = lib.mkForce false; - networking.firewall.allowedUDPPorts = [ - config.networking.wireguard.interfaces.wg0.listenPort - ]; + networking.firewall.allowedUDPPorts = + [ config.networking.wireguard.interfaces.wg0.listenPort ]; networking.firewall.checkReversePath = false; - vault-secrets.secrets.wireguard = { - services = [ "wireguard-wg0" ]; - }; + vault-secrets.secrets.wireguard = { services = [ "wireguard-wg0" ]; }; networking.nat = { enable = true; diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index b0549cfa..fc3fcc39 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -16,7 +16,8 @@ efi.canTouchEfiVariables = true; efi.efiSysMountPoint = "/boot/efi"; }; - kernel = { sysctl = { "fs.inotify.max_user_watches" = 524288; }; }; + kernel.sysctl = { "fs.inotify.max_user_watches" = 524288; }; + initrd.kernelModules = [ "amdgpu" ]; }; fileSystems."/".options = [ "compress=zstd" ]; @@ -44,8 +45,18 @@ LC_TIME = "nl_NL.UTF-8"; }; + hardware.opengl.driSupport = true; + hardware.opengl.extraPackages = with pkgs; [ + amdvlk + rocm-opencl-icd + rocm-opencl-runtime + ]; + systemd.tmpfiles.rules = + [ "L+ /opt/rocm/hip - - - - ${pkgs.hip}" ]; + # Enable the X11 windowing system. services.xserver.enable = true; + services.xserver.videoDrivers = [ "amdgpu" ]; services.xserver.excludePackages = [ pkgs.xterm ]; # Enable the GNOME Desktop Environment. @@ -107,10 +118,13 @@ }; environment.systemPackages = with pkgs; [ - gnome3.gnome-tweaks + gnome.gnome-tweaks + gnome.gnome-boxes wireguard-tools ]; + networking.firewall.checkReversePath = false; + # Define a user account. Don't forget to set a password with ‘passwd’. users.users.victor = { isNormalUser = true; -- 2.47.1 From a3d77e28457a258b2831cad0eeff529c6bdda4a0 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 9 Dec 2022 11:23:07 +0100 Subject: [PATCH 0589/1882] improve nvim config --- flake.lock | 18 +++++++++--------- nixos/hosts/thalassa/aoife/home/neovim.nix | 4 ++++ 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 2c103c6f..fde817fb 100644 --- a/flake.lock +++ b/flake.lock @@ -97,11 +97,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1669471061, - "narHash": "sha256-7FdhCbyPB0ajZP/piWjyhd4bwHc9TZifY8htOjsmxt8=", + "lastModified": 1670543350, + "narHash": "sha256-JMYwGa2nJPInuVuYbR3XSGUJewTDyeoTDQaALydduko=", "owner": "nix-community", "repo": "comma", - "rev": "48b723b201e94958a29a35e4f64bb4391fe73464", + "rev": "1b07c19774129ebce3af846fb571e1c0b97f24a3", "type": "github" }, "original": { @@ -399,11 +399,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1670525568, - "narHash": "sha256-YS6d6b8XBbKoY9uoSFSzP5Vm0nEOmvcxFwU4UJUEfAQ=", + "lastModified": 1670534695, + "narHash": "sha256-YNPiXsaZSQvetwsnrHuRxQnm8t9p5y9Nd3lRW6bPVxM=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "be6e1a33b1d37ce3639ceb5c40fce581c77fd54a", + "rev": "726732244a5d51a0da54219174c13f4428017b79", "type": "github" }, "original": { @@ -796,11 +796,11 @@ }, "nur": { "locked": { - "lastModified": 1670519174, - "narHash": "sha256-cllJKMqAYsUhKdTlRn1NB83dWeRk2BSauHZQFZl0LgU=", + "lastModified": 1670560288, + "narHash": "sha256-3TylYeaVeNkuIcyvdwCy/D1k723CDRqUgViRZCAdsGw=", "owner": "nix-community", "repo": "NUR", - "rev": "ecfbb03d9d32c8af6756f7ca9634c53767fcee77", + "rev": "557e831973c5c9ce04e548e0672cad6ead61bbdd", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/aoife/home/neovim.nix b/nixos/hosts/thalassa/aoife/home/neovim.nix index 2e45a998..496479c0 100644 --- a/nixos/hosts/thalassa/aoife/home/neovim.nix +++ b/nixos/hosts/thalassa/aoife/home/neovim.nix @@ -3,6 +3,7 @@ programs.nixvim = { enable = true; package = pkgs.neovim-unwrapped; + vimAlias = true; globals = { mapleader = " "; }; @@ -39,7 +40,10 @@ servers.rnix-lsp.enable = true; servers.pyright.enable = true; servers.elixirls.enable = true; + servers.clangd.enable = true; }; + trouble.enable = true; + lspkind.enable = true; nvim-cmp = { enable = true; auto_enable_sources = true; -- 2.47.1 From a4294731bcc693b27466663f2e1acd583b278a9f Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 9 Dec 2022 11:54:59 +0100 Subject: [PATCH 0590/1882] more nvim configs --- nixos/hosts/thalassa/aoife/home/.gitignore | 2 +- nixos/hosts/thalassa/aoife/home/dconf.nix | 1 + nixos/hosts/thalassa/aoife/home/default.nix | 2 +- nixos/hosts/thalassa/aoife/home/neovim.nix | 3 +++ 4 files changed, 6 insertions(+), 2 deletions(-) diff --git a/nixos/hosts/thalassa/aoife/home/.gitignore b/nixos/hosts/thalassa/aoife/home/.gitignore index 16cb60c6..3e0fc8e7 100644 --- a/nixos/hosts/thalassa/aoife/home/.gitignore +++ b/nixos/hosts/thalassa/aoife/home/.gitignore @@ -1 +1 @@ -*_dconf_dump \ No newline at end of file +*dconf_dump* \ No newline at end of file diff --git a/nixos/hosts/thalassa/aoife/home/dconf.nix b/nixos/hosts/thalassa/aoife/home/dconf.nix index 31339ee9..e0c35719 100644 --- a/nixos/hosts/thalassa/aoife/home/dconf.nix +++ b/nixos/hosts/thalassa/aoife/home/dconf.nix @@ -72,5 +72,6 @@ with lib.hm.gvariant; }; "org/gnome/tweaks" = { show-extensions-notice = false; }; + "org/gnome/boxes" = { first-run = false; }; }; } diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index ec77f2bd..88f4c749 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -62,7 +62,7 @@ in { clock24 = true; }; - programs.firefox = { enable = true; }; + programs.firefox.enable = true; programs.vscode = { enable = true; diff --git a/nixos/hosts/thalassa/aoife/home/neovim.nix b/nixos/hosts/thalassa/aoife/home/neovim.nix index 496479c0..ede1d8c0 100644 --- a/nixos/hosts/thalassa/aoife/home/neovim.nix +++ b/nixos/hosts/thalassa/aoife/home/neovim.nix @@ -10,6 +10,7 @@ maps.normal = { "ff" = "lua require('telescope.builtin').find_files()"; "fg" = "lua require('telescope.builtin').live_grep()"; + "" = "lua require('Comment.api').toggle.linewise.current()"; # map ctrl+/ to commenting code }; extraPlugins = with pkgs.vimPlugins; [ catppuccin-nvim luasnip ]; @@ -25,6 +26,7 @@ }; surround.enable = true; fugitive.enable = true; + gitgutter.enable = true; lualine = { enable = true; theme = "catppuccin"; @@ -34,6 +36,7 @@ extensions.fzf-native.enable = true; extensions.fzf-native.fuzzy = true; }; + comment-nvim = { enable = true; }; lsp = { enable = true; servers.rust-analyzer.enable = true; -- 2.47.1 From c0b4c724bdaaa727fab5ba953bc7f860ddb3dcaa Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 9 Dec 2022 16:42:15 +0100 Subject: [PATCH 0591/1882] flake update --- flake.lock | 18 +++++----- nixos/hosts/thalassa/aoife/configuration.nix | 6 ++++ nixos/hosts/thalassa/aoife/home/dconf.nix | 38 +++++++++++--------- nixos/hosts/thalassa/aoife/home/neovim.nix | 1 + 4 files changed, 38 insertions(+), 25 deletions(-) diff --git a/flake.lock b/flake.lock index fde817fb..a62e1f50 100644 --- a/flake.lock +++ b/flake.lock @@ -399,11 +399,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1670534695, - "narHash": "sha256-YNPiXsaZSQvetwsnrHuRxQnm8t9p5y9Nd3lRW6bPVxM=", + "lastModified": 1670598058, + "narHash": "sha256-zMK3VZWTYKJHCA0bl8Xg0AFX5rnhDR18VCtS28Ur3tY=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "726732244a5d51a0da54219174c13f4428017b79", + "rev": "b9812f8bc0f372875af8c332e4537fdbf2b99c23", "type": "github" }, "original": { @@ -711,11 +711,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1670332253, - "narHash": "sha256-O5SmhlIUt1s+vK4NXeGYqwcBIMwbBPAEZ3GHE3XT28c=", + "lastModified": 1670507980, + "narHash": "sha256-riNZa0xzM1it3pzxciwALeMs+0CsBMWIW2FqulzK8vM=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "1c9ffcf70786f0966982ce0fc76ec05df2e1dec2", + "rev": "2787fc7d1e51404678614bf0fe92fc296746eec0", "type": "github" }, "original": { @@ -1135,11 +1135,11 @@ ] }, "locked": { - "lastModified": 1670202338, - "narHash": "sha256-StTfshdAoSxO+t0wRbq1I3YESLFIQWFjGJse5ICV8rk=", + "lastModified": 1670593043, + "narHash": "sha256-tsDs6FB+7PlBOt46dMQFBMH5yPY/fduf4cYbQYhauhA=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "af840a9e0947a79a37a95a9f62062653721e43fa", + "rev": "5f7eecff553d82f21e049d79d8fb3f1f46568da0", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index fc3fcc39..200b2c6a 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -162,6 +162,12 @@ powertop.enable = true; }; + programs.steam = { + enable = true; + # Open ports in the firewall for Steam Remote Play + remotePlay.openFirewall = true; + }; + # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/thalassa/aoife/home/dconf.nix b/nixos/hosts/thalassa/aoife/home/dconf.nix index e0c35719..b721ab74 100644 --- a/nixos/hosts/thalassa/aoife/home/dconf.nix +++ b/nixos/hosts/thalassa/aoife/home/dconf.nix @@ -1,9 +1,21 @@ -# Generated via dconf2nix: https://github.com/gvolpe/dconf2nix { lib, ... }: with lib.hm.gvariant; - -{ +let + inherit (builtins) attrNames map; + inherit (lib.attrsets) mapAttrs' nameValuePair; + generate_custom_keybindings = binds: + { + "org/gnome/settings-daemon/plugins/media-keys" = { + custom-keybindings = map (name: + "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/${name}/") + (attrNames binds); + }; + } // mapAttrs' (name: + nameValuePair + "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/${name}") + binds; +in { dconf.settings = { "org/gnome/desktop/input-sources" = { sources = [ (mkTuple [ "xkb" "us+altgr-intl" ]) ]; @@ -58,20 +70,14 @@ with lib.hm.gvariant; toggle-maximized = [ "m" ]; }; - "org/gnome/settings-daemon/plugins/media-keys" = { - custom-keybindings = [ - "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/" - ]; - }; - - "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = - { - binding = "Return"; - command = "kgx"; - name = "Open Terminal"; - }; - "org/gnome/tweaks" = { show-extensions-notice = false; }; + "org/gnome/boxes" = { first-run = false; }; + } // generate_custom_keybindings { + "terminal" = { + binding = "Return"; + command = "kgx"; + name = "Open Terminal"; + }; }; } diff --git a/nixos/hosts/thalassa/aoife/home/neovim.nix b/nixos/hosts/thalassa/aoife/home/neovim.nix index ede1d8c0..d766096b 100644 --- a/nixos/hosts/thalassa/aoife/home/neovim.nix +++ b/nixos/hosts/thalassa/aoife/home/neovim.nix @@ -18,6 +18,7 @@ colorscheme = "catppuccin-frappe"; plugins = { + barbar.enable = true; nix.enable = true; treesitter = { enable = true; -- 2.47.1 From e8cf6ad1653465f25a9a67cd21a69d4812862f82 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 9 Dec 2022 17:35:52 +0100 Subject: [PATCH 0592/1882] aoife mimetypes --- nixos/hosts/thalassa/aoife/home/default.nix | 35 ++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index 88f4c749..8a6f1e34 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -35,6 +35,38 @@ in { tex ]; + xdg.mimeApps.enable = true; + xdg.mimeApps.defaultApplications = { + "text/html" = "firefox.desktop"; + "text/plain" = "org.gnome.TextEditor.desktop"; + "application/pdf" = "org.gnome.Evince.desktop"; + + # Images + "image/bmp" = "org.gnome.eog.desktop"; + "image/gif" = "org.gnome.eog.desktop"; + "image/jpg" = "org.gnome.eog.desktop"; + "image/pjpeg" = "org.gnome.eog.desktop"; + "image/png" = "org.gnome.eog.desktop"; + "image/tiff" = "org.gnome.eog.desktop"; + "image/webp" = "org.gnome.eog.desktop"; + "image/x-bmp" = "org.gnome.eog.desktop"; + "image/x-gray" = "org.gnome.eog.desktop"; + "image/x-icb" = "org.gnome.eog.desktop"; + "image/x-ico" = "org.gnome.eog.desktop"; + "image/x-png" = "org.gnome.eog.desktop"; + "image/x-portable-anymap" = "org.gnome.eog.desktop"; + "image/x-portable-bitmap" = "org.gnome.eog.desktop"; + "image/x-portable-graymap" = "org.gnome.eog.desktop"; + "image/x-portable-pixmap" = "org.gnome.eog.desktop"; + "image/x-xbitmap" = "org.gnome.eog.desktop"; + "image/x-xpixmap" = "org.gnome.eog.desktop"; + "image/x-pcx" = "org.gnome.eog.desktop"; + "image/svg+xml" = "org.gnome.eog.desktop"; + "image/svg+xml-compressed" = "org.gnome.eog.desktop"; + "image/vnd.wap.wbmp" = "org.gnome.eog.desktop"; + "image/x-icns" = "org.gnome.eog.desktop"; + }; + programs.exa = { enable = true; enableAliases = true; @@ -72,7 +104,8 @@ in { "latex-workshop.linting.chktex.enabled" = true; "latex-workshop.latex.clean.subfolder.enabled" = true; "latex-workshop.latex.outDir" = "%TMPDIR%/%RELATIVE_DOC%"; - "editor.fontFamily" = "'DejaVuSansMono Nerd Font', 'monospace', monospace"; + "editor.fontFamily" = + "'DejaVuSansMono Nerd Font', 'monospace', monospace"; "keyboard.dispatch" = "keyCode"; "rust-analyzer.server.path" = "${pkgs.rust-analyzer}/bin/rust-analyzer"; "terminal.integrated.defaultProfile.linux" = "zsh"; -- 2.47.1 From 05f6c9cba2d1ee89b5011b6a3c36d782c24d1c5a Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 11 Dec 2022 11:55:49 +0100 Subject: [PATCH 0593/1882] update mastodon --- flake.lock | 18 +- flake.nix | 1 - nixos/hosts/thalassa/aoife/home/default.nix | 3 + nixos/pkgs/glitch-soc/default.nix | 2 +- nixos/pkgs/glitch-soc/gemset.nix | 174 ++++++++++++-------- nixos/pkgs/glitch-soc/source.nix | 6 +- nixos/pkgs/glitch-soc/version.nix | 2 +- 7 files changed, 126 insertions(+), 80 deletions(-) diff --git a/flake.lock b/flake.lock index a62e1f50..cbb60c34 100644 --- a/flake.lock +++ b/flake.lock @@ -399,11 +399,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1670598058, - "narHash": "sha256-zMK3VZWTYKJHCA0bl8Xg0AFX5rnhDR18VCtS28Ur3tY=", + "lastModified": 1670709556, + "narHash": "sha256-ws/Nfl0v0z4mqbaZcKeWY0jNq3O14vthVmAK2f12TfY=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "b9812f8bc0f372875af8c332e4537fdbf2b99c23", + "rev": "6381b6474fb6973bfe83526e21bcee08e5e45ecc", "type": "github" }, "original": { @@ -711,11 +711,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1670507980, - "narHash": "sha256-riNZa0xzM1it3pzxciwALeMs+0CsBMWIW2FqulzK8vM=", + "lastModified": 1670597555, + "narHash": "sha256-/k939P2S2246G6K5fyvC0U2IWvULhb4ZJg9K7ZxsX+k=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "2787fc7d1e51404678614bf0fe92fc296746eec0", + "rev": "2dea0f4c2d6e4603f54b2c56c22367e77869490c", "type": "github" }, "original": { @@ -796,11 +796,11 @@ }, "nur": { "locked": { - "lastModified": 1670560288, - "narHash": "sha256-3TylYeaVeNkuIcyvdwCy/D1k723CDRqUgViRZCAdsGw=", + "lastModified": 1670733021, + "narHash": "sha256-HQwU8r6hVM2fvI2i7yNP5/lISs+V5XrxtUiMLkCeuAM=", "owner": "nix-community", "repo": "NUR", - "rev": "557e831973c5c9ce04e548e0672cad6ead61bbdd", + "rev": "a7194d7569f7cb5a63d34d205cdd8fa2f3225537", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index ebf699e7..1684f368 100644 --- a/flake.nix +++ b/flake.nix @@ -9,7 +9,6 @@ nixpkgs.url = "github:NULLx76/nixpkgs/0x76"; nur.url = "github:nix-community/NUR"; - nur.inputs.nixpkgs.follows = "nixpkgs"; colmena.url = "github:zhaofengli/colmena"; colmena.inputs.nixpkgs.follows = "nixpkgs"; diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index 8a6f1e34..eba9b4c9 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -112,6 +112,8 @@ in { "nix.enableLanguageServer" = true; # Enable LSP. "nix.serverPath" = "${pkgs.nil}/bin/nil"; "[nix]" = { "editor.defaultFormatter" = "brettm12345.nixfmt-vscode"; }; + "rust-analyzer.checkOnSave.command" = "clippy"; + "debug.allowBreakpointsEverywhere" = true; # Don't index unecessary things "files.exclude" = { "**/.vscode" = true; @@ -147,6 +149,7 @@ in { tamasfe.even-better-toml valentjn.vscode-ltex vscodevim.vim + vadimcn.vscode-lldb xaver.clang-format ]; }; diff --git a/nixos/pkgs/glitch-soc/default.nix b/nixos/pkgs/glitch-soc/default.nix index 963a8ea1..97ef648d 100644 --- a/nixos/pkgs/glitch-soc/default.nix +++ b/nixos/pkgs/glitch-soc/default.nix @@ -42,7 +42,7 @@ stdenv.mkDerivation rec { yarnOfflineCache = fetchYarnDeps { yarnLock = "${src}/yarn.lock"; - sha256 = "sha256-ON4hJrj3YIxSE5PJ3ZVLdMC37f8wpf2Olej8M/Bjcks="; + sha256 = "sha256-XEREXrpHo4lwjx/wmDYWgNuHISr1KK1pzG0gTWmD4FI="; }; nativeBuildInputs = [ fixup_yarn_lock nodejs-slim yarn mastodon-gems mastodon-gems.wrappedRuby ]; diff --git a/nixos/pkgs/glitch-soc/gemset.nix b/nixos/pkgs/glitch-soc/gemset.nix index f71e0420..84248866 100644 --- a/nixos/pkgs/glitch-soc/gemset.nix +++ b/nixos/pkgs/glitch-soc/gemset.nix @@ -250,10 +250,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0vqb2bfq5db7x66f4n4z30c953y5q8pwwl2067nxhz6j0c486pzm"; + sha256 = "0wk2yb843p59hsccbyxdq820sd9i5gnqlcmk5fsjkfa7gsi1pkx9"; type = "gem"; }; - version = "1.587.0"; + version = "1.670.0"; }; aws-sdk-core = { dependencies = ["aws-eventstream" "aws-partitions" "aws-sigv4" "jmespath"]; @@ -261,10 +261,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0hajbavfngn99hcz6n20162jygvwdflldvnlrza7z32hizawaaan"; + sha256 = "0i5qw30vy950f5cm18a9cswa2810whpablp8x80sb9anx8k7h411"; type = "gem"; }; - version = "3.130.2"; + version = "3.168.2"; }; aws-sdk-kms = { dependencies = ["aws-sdk-core" "aws-sigv4"]; @@ -272,10 +272,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "14dcfqqdx1dy7qwrdyqdvqjs53kswm4njvg34f61jpl9xi3h2yf3"; + sha256 = "00f3rgidlayqsa5ml1vrzn346a3mprg61hfhln67lsbnkgn7nq54"; type = "gem"; }; - version = "1.56.0"; + version = "1.60.0"; }; aws-sdk-s3 = { dependencies = ["aws-sdk-core" "aws-sdk-kms" "aws-sigv4"]; @@ -283,10 +283,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1r6dxz3llgxbbm66jq5mkzk0i6qsxwv0d9s0ipwb23vv3bgp23yf"; + sha256 = "1xpb8c8zw1c0grbw1rcc0ynlys1301vm9kkqy4ls3i2zqk5v6n91"; type = "gem"; }; - version = "1.114.0"; + version = "1.117.2"; }; aws-sigv4 = { dependencies = ["aws-eventstream"]; @@ -294,10 +294,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xp7diwq7nv4vvxrl9x3lis2l4x6bissrfzbfyy6rv5bmj5w109z"; + sha256 = "11hkna2av47bl0yprgp8k4ya70rc3m2ib5w10fn0piplgkkmhz7m"; type = "gem"; }; - version = "1.5.0"; + version = "1.5.2"; }; bcrypt = { groups = ["default" "pam_authentication"]; @@ -369,20 +369,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0y1ycmvyd7swp6gy85m7znwilvb61zzcx6najgq0d1glq0p2hwy6"; + sha256 = "1ln89f9ypzincd5hqgmzd5vvfgf7fgir56v1spsri40ma88vnipj"; type = "gem"; }; - version = "1.13.0"; + version = "1.15.0"; }; brakeman = { groups = ["development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0zr2p0w4ckv65cv3vdwnk9f3yydmjdmw75x7dskx1gqr9j9q3306"; + sha256 = "0lcxxlrzgpi9z2mr2v19xda6fdysmn5psa9bsp2rksa915v91fds"; type = "gem"; }; - version = "5.3.1"; + version = "5.4.0"; }; browser = { groups = ["default"]; @@ -421,10 +421,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "06rmq3s8q6xndxxl7qid9nf3hiaahs71jyiyyk3bx31hns1vkcci"; + sha256 = "1f2phbpsiw8zwmmb1h6s82c4s2banzd04ch7vn6pdz91map233l1"; type = "gem"; }; - version = "7.0.3"; + version = "7.0.4"; }; bundler-audit = { dependencies = ["thor"]; @@ -508,10 +508,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "05df76mfhfab6d7ir0qy5xf1ad6kqdh2p6vfqv7nhlx45k1y4ysg"; + sha256 = "123198zk2ak8mziwa5jc3ckgpmsg08zn064n3aywnqm9s1bwjv3v"; type = "gem"; }; - version = "3.37.1"; + version = "3.38.0"; }; case_transform = { dependencies = ["activesupport"]; @@ -663,10 +663,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "04c4dl8cm5rjr50k9qa6yl9r05fk9zcb1zxh0y0cdahxlsgcydfw"; + sha256 = "1107j3frhmcd95wcsz0rypchynnzhnjiyyxxcl6dlmr2lfy08z4b"; type = "gem"; }; - version = "1.7.1"; + version = "1.12.0"; }; debug_inspector = { groups = ["default" "development"]; @@ -759,10 +759,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1znfhqxvfdvxh0z8qnh1n7iahk9hs8d243j5dvig2v933j4z3ykw"; + sha256 = "1lyn5fqh5d75p3wcwl1wgg2777wl3wyqfgq0d8bdf0169sha3ghc"; type = "gem"; }; - version = "5.6.0"; + version = "5.6.2"; }; dotenv = { groups = ["default"]; @@ -895,10 +895,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1wslw5gh335zcahxmdd497xaa7h0d8l60c0jfv942mn47fxy8m47"; + sha256 = "0fcrgzjvqc9fxhnn7mzvzxd41m63cil7n19mjxnisx836p0k93hl"; type = "gem"; }; - version = "2.23.0"; + version = "3.0.0"; }; faraday = { dependencies = ["faraday-em_http" "faraday-em_synchrony" "faraday-excon" "faraday-httpclient" "faraday-multipart" "faraday-net_http" "faraday-net_http_persistent" "faraday-patron" "faraday-rack" "faraday-retry" "ruby2_keywords"]; @@ -1291,10 +1291,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0mi38zgpwvasjq0cqz674crwal5rsaw8f89bww9zsw2vk77bhaq9"; + sha256 = "0zjsgrlvwpqsnrza4ijlxjld4550c661sgbqp2j2wp638nlnls1a"; type = "gem"; }; - version = "1.6.0"; + version = "1.6.2"; }; i18n = { dependencies = ["concurrent-ruby"]; @@ -1323,10 +1323,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1xjr8nxpq6vsa4kd7pvd14xxiba9y4dais1yyz4dj567hsqdrhcm"; + sha256 = "0dy04jx3n1ddz744b80mg7hp87miysnjp0h21lqr43hpmhdglxih"; type = "gem"; }; - version = "0.1.4"; + version = "0.1.5"; }; ipaddress = { groups = ["default"]; @@ -1343,10 +1343,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1mnvb80cdg7fzdcs3xscv21p28w4igk5sj5m7m81xp8v2ks87jj0"; + sha256 = "1cdw9vw2qly7q7r41s7phnac264rbsdqgj4l0h4nqgbjb157g393"; type = "gem"; }; - version = "1.6.1"; + version = "1.6.2"; }; json = { groups = ["default" "test"]; @@ -1396,10 +1396,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0h0pfxyrsbifzhwfxj1ppaxbk7v2z8mw53a0mi49i986wyspxlgv"; + sha256 = "004s52m37b2kbw8dv4rdfm2d90h1023z1mw9zfcs0x87v8aq7zyn"; type = "gem"; }; - version = "3.2.0"; + version = "3.2.2"; }; jsonapi-renderer = { groups = ["default"]; @@ -1609,10 +1609,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0s8qaf19yr4lhvdxk3cy3ifc47cgxdz2jybg6hzxsy9gh88c1f7v"; + sha256 = "1c81d68r4wx0ckbmqxlfqc2qpd94jwcmqdm0xgr0s46r48pv9k9q"; type = "gem"; }; - version = "1.0.0"; + version = "1.0.1"; }; method_source = { groups = ["default" "development" "pam_authentication" "production" "test"]; @@ -1691,10 +1691,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "02af38s49111wglqzcjcpa7bwg6psjgysrjvgk05h3x4zchb6gd5"; + sha256 = "1q03pb0vq8388s431nbxabsfxnch6p304c8vnjlk0zzpcv713yr3"; type = "gem"; }; - version = "1.5.4"; + version = "1.6.0"; }; multi_json = { groups = ["default"]; @@ -1726,6 +1726,17 @@ }; version = "0.17.1"; }; + net-protocol = { + dependencies = ["timeout"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "051cc82dl41a66c9sxv4lx4slqk7sz1v4iy0hdk6gpjyjszf4hxd"; + type = "gem"; + }; + version = "0.1.3"; + }; net-scp = { dependencies = ["net-ssh"]; groups = ["default" "development"]; @@ -1737,6 +1748,17 @@ }; version = "4.0.0.rc1"; }; + net-smtp = { + dependencies = ["net-protocol"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1c6md06hm5bf6rv53sk54dl2vg038pg8kglwv3rayx0vk2mdql9x"; + type = "gem"; + }; + version = "0.3.3"; + }; net-ssh = { groups = ["default" "development"]; platforms = []; @@ -1763,10 +1785,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0g7axlq2y6gzmixzzzhw3fn6nhrhg469jj8gfr7gs8igiclpkhkr"; + sha256 = "0n79k78c5vdcyl0m3y3l5x9kxl6xf5lgriwi2vd665qmdkr01vnk"; type = "gem"; }; - version = "1.13.8"; + version = "1.13.10"; }; nsa = { dependencies = ["activesupport" "concurrent-ruby" "sidekiq" "statsd-ruby"]; @@ -1784,10 +1806,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ihfnl0maszdq821h6mivr8xickjab6ccyncnm5rn2vgrj6imwxf"; + sha256 = "0lggrhlihxyfgiqqr9b2fqdxc4d2zff2czq30m3rgn8a0b2gsv90"; type = "gem"; }; - version = "3.13.21"; + version = "3.13.23"; }; omniauth = { dependencies = ["hashie" "rack"]; @@ -1932,10 +1954,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ypj64nhq3grs9zh40vmyfyhmxlhljjsbg5q0jxhlxg5v76ij0mb"; + sha256 = "1wd6nl81nbdwck04hccsm7wf23ghpi8yddd9j4rbwyvyj0sbsff1"; type = "gem"; }; - version = "1.4.3"; + version = "1.4.5"; }; pghero = { dependencies = ["activerecord"]; @@ -1953,10 +1975,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0v9vmkmpha34lwdhig08kb7z4wk3xmw49dvkl99nz9llxhzqr5hl"; + sha256 = "02fw2pzrmvwp67nbndpy8a2ln74fd8kmsiffw77z7g1mp58ww651"; type = "gem"; }; - version = "1.4.9"; + version = "1.5.1"; }; posix-spawn = { groups = ["default"]; @@ -1974,21 +1996,21 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1f0zz3vwv1kyr43chvrpvhb8wm9qgcaz8ckc1lj2jxfp6xsss971"; + sha256 = "0dfknfwwlzmb594acgi6v080ngxbnhshn3gzvdh5x2vx1aqvwc5r"; type = "gem"; }; - version = "1.14.2"; + version = "1.18.0"; }; premailer-rails = { - dependencies = ["actionmailer" "premailer"]; + dependencies = ["actionmailer" "net-smtp" "premailer"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0q23clzqgzxcg1jld7hn5jy2yqxvana3iw66vmjgzz7y4ylf97b6"; + sha256 = "0004f73kgrglida336fqkgx906m6n05nnfc17mypzg5rc78iaf61"; type = "gem"; }; - version = "1.11.1"; + version = "1.12.0"; }; private_address_check = { groups = ["production" "test"]; @@ -2080,10 +2102,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0la56m0z26j3mfn1a9lf2l03qx1xifanndf9p3vx1azf6sqy7v9d"; + sha256 = "0p685i23lr8pl7l09g9l2mcj615fr7g33w3mkcr472lcg34nq8n8"; type = "gem"; }; - version = "1.6.0"; + version = "1.6.1"; }; rack = { groups = ["default" "development" "pam_authentication" "production" "test"]; @@ -2264,10 +2286,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ysa8v2xw0ln4kdwhkg6mh71v5wbancsz5cf945kbk47m1ybn271"; + sha256 = "1dngmsk9wg1vws56pl87dys0ns4bcn9arf8ip6zxa0gypr3ifq3m"; type = "gem"; }; - version = "0.5.0"; + version = "0.5.1"; }; redcarpet = { groups = ["default"]; @@ -2300,15 +2322,26 @@ }; version = "1.9.0"; }; + redlock = { + dependencies = ["redis"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0xvjwfzq7rqj4k311kidwmv5app3i7glz4miys6ixqy6c8yylz3c"; + type = "gem"; + }; + version = "1.3.2"; + }; regexp_parser = { groups = ["default" "development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1rfd3q17p7q7pa67844q8b16ipy6ksh8mkzynpm1zldqbb9x4xm0"; + sha256 = "0mm5sykyblc61a82zz3dag6yy3mvflj2z47060kjzjj5793blqzi"; type = "gem"; }; - version = "2.5.0"; + version = "2.6.0"; }; request_store = { dependencies = ["rack"]; @@ -2583,10 +2616,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0p2mj2jj5b9wqmpvkngx87lfr2qgwhqvwx38bmhl5aa29pc6z5kx"; + sha256 = "1z2fx4fzgnw4rzj3h1h4sk6qbkp7p2rdr58b2spxgkcsdzg0i5hh"; type = "gem"; }; - version = "6.5.7"; + version = "6.5.8"; }; sidekiq-bulk = { dependencies = ["sidekiq"]; @@ -2722,10 +2755,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0v7nk5i3fa63h6clfr5vbr0y91v3kxkaxh6gbdx583pn982avdlc"; + sha256 = "02r3a3ny27ljj19bzmxscw2vlmk7sw1p4ppbl2i69g17khi0p4sw"; type = "gem"; }; - version = "0.2.22"; + version = "0.2.23"; }; statsd-ruby = { groups = ["default"]; @@ -2738,14 +2771,15 @@ version = "1.5.0"; }; stoplight = { + dependencies = ["redlock"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1628qf2ynldqz20h5lkaivk166qknk15gxg130n9pvz568k1sdp8"; + sha256 = "0rmhhqvvrn7874r9cjf4wpv36vnxvxsrgb1kfgdk3dalg4rig7q6"; type = "gem"; }; - version = "3.0.0"; + version = "3.0.1"; }; strong_migrations = { dependencies = ["activerecord"]; @@ -2821,6 +2855,16 @@ }; version = "2.0.11"; }; + timeout = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "00cy93b6803j3aw5nail4l0zdrj54i5n2dlk6j9z998swcjbv3b2"; + type = "gem"; + }; + version = "0.3.0"; + }; tpm-key_attestation = { dependencies = ["bindata" "openssl" "openssl-signature_algorithm"]; groups = ["default"]; @@ -2912,10 +2956,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1lslg5vvhx6w0mkbf6gpqvr9h8pj84wc639vk7ix7bqk61wgfch9"; + sha256 = "0drm9pygji01pyimxq65ngdvgpn228g7fhffmrqw0xn7l2rdhclp"; type = "gem"; }; - version = "1.2022.4"; + version = "1.2022.7"; }; unf = { dependencies = ["unf_ext"]; @@ -3105,10 +3149,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xjdr2szxvn3zb1sb5l8nfd6k9jr3b4qqbbg1mj9grf68m3fxckc"; + sha256 = "09pqhdi6q4sqv0p1gnjpbcy4az0yv8hrpykjngdgh9qiqd87nfdv"; type = "gem"; }; - version = "2.6.0"; + version = "2.6.6"; }; } diff --git a/nixos/pkgs/glitch-soc/source.nix b/nixos/pkgs/glitch-soc/source.nix index 33c40302..9a3a6168 100644 --- a/nixos/pkgs/glitch-soc/source.nix +++ b/nixos/pkgs/glitch-soc/source.nix @@ -1,9 +1,9 @@ # This file was generated by pkgs.mastodon.updateScript. { fetchgit, applyPatches }: let src = fetchgit { - url = "https://git.0x76.dev/v/mastodon.git"; - rev = "6df9d388e7cb3d90a6d1fb0a920c1ce16db60822"; - sha256 = "1ah34pc6v4qkld16393wzid8l0pyc81w2lzh1hk9r3anncpp86dr"; + url = "https://github.com/glitch-soc/mastodon.git"; + rev = "5d95e6debb496bb4ebba91afc043219c116d3ca2"; + sha256 = "0z62xnr14gmrmbaaqsx7gmw322vj5rjbrmr8q7vl0z4lgmdva6qn"; }; in applyPatches { inherit src; diff --git a/nixos/pkgs/glitch-soc/version.nix b/nixos/pkgs/glitch-soc/version.nix index 49c389d9..b79176c2 100644 --- a/nixos/pkgs/glitch-soc/version.nix +++ b/nixos/pkgs/glitch-soc/version.nix @@ -1 +1 @@ -"4.0.0rc3" +"4.0.2" -- 2.47.1 From 5b2ee8ad66209dfb252fef2ff845cd2d8f8229d5 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 12 Dec 2022 16:28:54 +0100 Subject: [PATCH 0594/1882] refactor --- flake.lock | 176 ++++++++++++++----- nixos/common/users/victor.nix | 2 +- nixos/hosts/thalassa/aoife/configuration.nix | 116 +++--------- nixos/hosts/thalassa/aoife/desktop-env.nix | 51 ++++++ nixos/hosts/thalassa/aoife/hardware.nix | 29 +++ nixos/hosts/thalassa/aoife/networking.nix | 5 + 6 files changed, 244 insertions(+), 135 deletions(-) create mode 100644 nixos/hosts/thalassa/aoife/desktop-env.nix create mode 100644 nixos/hosts/thalassa/aoife/hardware.nix create mode 100644 nixos/hosts/thalassa/aoife/networking.nix diff --git a/flake.lock b/flake.lock index cbb60c34..88a485ec 100644 --- a/flake.lock +++ b/flake.lock @@ -24,6 +24,23 @@ "type": "github" } }, + "all-cabal-json": { + "flake": false, + "locked": { + "lastModified": 1665552503, + "narHash": "sha256-r14RmRSwzv5c+bWKUDaze6pXM7nOsiz1H8nvFHJvufc=", + "owner": "nix-community", + "repo": "all-cabal-json", + "rev": "d7c0434eebffb305071404edcf9d5cd99703878e", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "hackage", + "repo": "all-cabal-json", + "type": "github" + } + }, "beautysh": { "inputs": { "nixpkgs": [ @@ -113,11 +130,11 @@ "crane": { "flake": false, "locked": { - "lastModified": 1661875961, - "narHash": "sha256-f1h/2c6Teeu1ofAHWzrS8TwBPcnN+EEu+z1sRVmMQTk=", + "lastModified": 1670284777, + "narHash": "sha256-JF0pc0s4z/X+Iy+lNHOwUQ8I5bz+q7uX4HrKTNIEj24=", "owner": "ipetkov", "repo": "crane", - "rev": "d9f394e4e20e97c2a60c3ad82c2b6ef99be19e24", + "rev": "2243fb9c872de25cb564a02d324ea6a5b9853052", "type": "github" }, "original": { @@ -129,11 +146,11 @@ "devshell": { "flake": false, "locked": { - "lastModified": 1653917170, - "narHash": "sha256-FyxOnEE/V4PNEcMU62ikY4FfYPo349MOhMM97HS0XEo=", + "lastModified": 1663445644, + "narHash": "sha256-+xVlcK60x7VY1vRJbNUEAHi17ZuoQxAIH4S4iUFUGBA=", "owner": "numtide", "repo": "devshell", - "rev": "fc7a3e3adde9bbcab68af6d1e3c6eb738e296a92", + "rev": "e3dc3e21594fe07bdb24bdf1c8657acaa4cb8f66", "type": "github" }, "original": { @@ -145,11 +162,15 @@ "dream2nix": { "inputs": { "alejandra": "alejandra", + "all-cabal-json": "all-cabal-json", "crane": "crane", "devshell": "devshell", + "flake-parts": "flake-parts", "flake-utils-pre-commit": "flake-utils-pre-commit", + "ghc-utils": "ghc-utils", "gomod2nix": "gomod2nix", "mach-nix": "mach-nix", + "nix-pypi-fetcher": "nix-pypi-fetcher", "nixpkgs": [ "webcord", "nixpkgs" @@ -158,11 +179,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1664882193, - "narHash": "sha256-uiAYOxN/M4dpaB6ieY3xOvOH6XgHP9NVXDTzSRa3pMc=", + "lastModified": 1670715183, + "narHash": "sha256-l3OhVCCimrN1HFPfqfKAyzuMuPxNXZYLsI9w7AaQXv8=", "owner": "nix-community", "repo": "dream2nix", - "rev": "785b76894263fd76a0e69955e4cd990b7b735bdf", + "rev": "3d6f13ef9d4cb8c41bc83383bbec3e74865ef90d", "type": "github" }, "original": { @@ -264,6 +285,24 @@ "type": "indirect" } }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1668450977, + "narHash": "sha256-cfLhMhnvXn6x1vPm+Jow3RiFAUSCw/l1utktCw5rVA4=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "d591857e9d7dd9ddbfba0ea02b43b927c3c0f1fa", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, "flake-utils": { "locked": { "lastModified": 1659877975, @@ -354,6 +393,22 @@ "type": "github" } }, + "ghc-utils": { + "flake": false, + "locked": { + "lastModified": 1662774800, + "narHash": "sha256-1Rd2eohGUw/s1tfvkepeYpg8kCEXiIot0RijapUjAkE=", + "ref": "refs/heads/master", + "rev": "bb3a2d3dc52ff0253fb9c2812bd7aa2da03e0fea", + "revCount": 1072, + "type": "git", + "url": "https://gitlab.haskell.org/bgamari/ghc-utils" + }, + "original": { + "type": "git", + "url": "https://gitlab.haskell.org/bgamari/ghc-utils" + } + }, "gomod2nix": { "flake": false, "locked": { @@ -399,11 +454,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1670709556, - "narHash": "sha256-ws/Nfl0v0z4mqbaZcKeWY0jNq3O14vthVmAK2f12TfY=", + "lastModified": 1670857002, + "narHash": "sha256-Tck24Ys4PGZL2ClFp7gvB648eBYPTiycPrTX9QeEXyk=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "6381b6474fb6973bfe83526e21bcee08e5e45ecc", + "rev": "111d209bff5448c3a55e07f344cf89715536bba4", "type": "github" }, "original": { @@ -415,11 +470,11 @@ "hyprland-protocols": { "flake": false, "locked": { - "lastModified": 1670258048, - "narHash": "sha256-Lm2sXnDVZNE+taHqsqVibvPmSdu65VHvXI507KVX4lg=", + "lastModified": 1670703428, + "narHash": "sha256-4KUW5SKR0Y9uaYGcYwy53YJ3B/sgiprCL4fRGO+mpOA=", "owner": "hyprwm", "repo": "hyprland-protocols", - "rev": "0dcff94fc10df2bbb66d3e1b5a1d6cfd3ada5515", + "rev": "d0d6db8cb5bef6d93ca3ad8fb2124964173396da", "type": "github" }, "original": { @@ -626,6 +681,22 @@ "type": "github" } }, + "nix-pypi-fetcher": { + "flake": false, + "locked": { + "lastModified": 1669065297, + "narHash": "sha256-UStjXjNIuIm7SzMOWvuYWIHBkPUKQ8Id63BMJjnIDoA=", + "owner": "DavHau", + "repo": "nix-pypi-fetcher", + "rev": "a9885ac6a091576b5195d547ac743d45a2a615ac", + "type": "github" + }, + "original": { + "owner": "DavHau", + "repo": "nix-pypi-fetcher", + "type": "github" + } + }, "nixlib": { "locked": { "lastModified": 1636849918, @@ -709,13 +780,31 @@ "type": "indirect" } }, + "nixpkgs-lib": { + "locked": { + "dir": "lib", + "lastModified": 1665349835, + "narHash": "sha256-UK4urM3iN80UXQ7EaOappDzcisYIuEURFRoGQ/yPkug=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "34c5293a71ffdb2fe054eb5288adc1882c1eb0b1", + "type": "github" + }, + "original": { + "dir": "lib", + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs_2": { "locked": { - "lastModified": 1670597555, - "narHash": "sha256-/k939P2S2246G6K5fyvC0U2IWvULhb4ZJg9K7ZxsX+k=", + "lastModified": 1670856062, + "narHash": "sha256-p6+eBkjUWiXSFP80EOgrJX97fK1OQ+3np750nEHaELw=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "2dea0f4c2d6e4603f54b2c56c22367e77869490c", + "rev": "0f482d4d0d5e2c8d244ade8bfadf99e9c8ad9e29", "type": "github" }, "original": { @@ -742,15 +831,16 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1664876616, - "narHash": "sha256-OxZntLnFgKbGUrPJJNLMxxj4yUaN/30+LG9N81ADqZE=", + "lastModified": 1670507980, + "narHash": "sha256-riNZa0xzM1it3pzxciwALeMs+0CsBMWIW2FqulzK8vM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0490b307e5556a8804e710d0c744d29c80fbce48", + "rev": "2787fc7d1e51404678614bf0fe92fc296746eec0", "type": "github" }, "original": { "owner": "NixOS", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -765,11 +855,11 @@ "nmdSrc": "nmdSrc" }, "locked": { - "lastModified": 1670519577, - "narHash": "sha256-unss17EdnkL3Y3a9Rg3qAyY13TP7FDDTgAP/8pr+SbA=", + "lastModified": 1670787591, + "narHash": "sha256-qPpCNKfWB+Dd3kgKUj4RjIjJg6O3Y2DhYDl4UhThl90=", "owner": "pta2002", "repo": "nixvim", - "rev": "a7fbb812242d1223fcca8c0a270eb87a82f98f17", + "rev": "db8a2c0b97cbbfbdb43b0e6909f38f83d1600e4e", "type": "github" }, "original": { @@ -796,11 +886,11 @@ }, "nur": { "locked": { - "lastModified": 1670733021, - "narHash": "sha256-HQwU8r6hVM2fvI2i7yNP5/lISs+V5XrxtUiMLkCeuAM=", + "lastModified": 1670819416, + "narHash": "sha256-ja1livEv48Y3piLmdKo0T+1cUHdSfmaHXOxOxJNbneA=", "owner": "nix-community", "repo": "NUR", - "rev": "a7194d7569f7cb5a63d34d205cdd8fa2f3225537", + "rev": "068395203bcc46e2ed19843f508383982b153271", "type": "github" }, "original": { @@ -839,16 +929,16 @@ "poetry2nix_2": { "flake": false, "locked": { - "lastModified": 1632969109, - "narHash": "sha256-jPDclkkiAy5m2gGLBlKgH+lQtbF7tL4XxBrbSzw+Ioc=", + "lastModified": 1666918719, + "narHash": "sha256-BkK42fjAku+2WgCOv2/1NrPa754eQPV7gPBmoKQBWlc=", "owner": "nix-community", "repo": "poetry2nix", - "rev": "aee8f04296c39d88155e05d25cfc59dfdd41cc77", + "rev": "289efb187123656a116b915206e66852f038720e", "type": "github" }, "original": { "owner": "nix-community", - "ref": "1.21.0", + "ref": "1.36.0", "repo": "poetry2nix", "type": "github" } @@ -1059,11 +1149,11 @@ ] }, "locked": { - "lastModified": 1655914948, - "narHash": "sha256-9/NrBoUoVXUSVl6wnbEqrtgs1Yr1Bl/j0WYz7ANZ9tk=", + "lastModified": 1670854711, + "narHash": "sha256-bZzuX0r5xVzthPueKuCMHbIFni30eVxS6JOwYuJMkoI=", "owner": "serokell", "repo": "vault-secrets", - "rev": "4b8608e48c6748382fa32131d69c2f01a48874ed", + "rev": "f901160d11a41bc9930f8e1ad9ce7bcafd8a4eed", "type": "github" }, "original": { @@ -1079,11 +1169,11 @@ "webcord": "webcord_2" }, "locked": { - "lastModified": 1666097086, - "narHash": "sha256-6WKh4NwItcz9IGY5rGkkeWCtGOmpU3nf85dX29suDjE=", + "lastModified": 1670858114, + "narHash": "sha256-3FTK6wmNlxkXPjG06XVyelccV5j4sSbUoMRFTZDUfU0=", "owner": "fufexan", "repo": "webcord-flake", - "rev": "9098504f2a08ac848ea43de40496925c450e7111", + "rev": "e846ea3cebd7e2363294d3e9265a27f1aff24d29", "type": "github" }, "original": { @@ -1095,11 +1185,11 @@ "webcord_2": { "flake": false, "locked": { - "lastModified": 1664742535, - "narHash": "sha256-QoXBlhCM97haNlkbU4O2oXITnzrkiM9hYAiNpduVjIQ=", + "lastModified": 1670537029, + "narHash": "sha256-3mNPsMfj1MFNgb7PP8SCuFvSshRxZECMDCUjduRHdXY=", "owner": "SpacingBat3", "repo": "WebCord", - "rev": "cb6938bde4f57b252b167b23fc0c2d6120326fff", + "rev": "12fc5e38d0b03f7b63378ee9111abc40c7aee55d", "type": "github" }, "original": { @@ -1135,11 +1225,11 @@ ] }, "locked": { - "lastModified": 1670593043, - "narHash": "sha256-tsDs6FB+7PlBOt46dMQFBMH5yPY/fduf4cYbQYhauhA=", + "lastModified": 1670797151, + "narHash": "sha256-ZFzJHqSXhGCjSeMgqTyJG1KJ2Nlwa+NEN9K4oGhWcjg=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "5f7eecff553d82f21e049d79d8fb3f1f46568da0", + "rev": "36ffb6892e14b9c5be6e321b3c47fe286ac256e6", "type": "github" }, "original": { diff --git a/nixos/common/users/victor.nix b/nixos/common/users/victor.nix index 2fd9a80e..52d125fa 100644 --- a/nixos/common/users/victor.nix +++ b/nixos/common/users/victor.nix @@ -18,6 +18,6 @@ ]; # Make me admin - extraGroups = [ "systemd-journal" "wheel" "networkmanager" ]; + extraGroups = [ "systemd-journal" "wheel" "networkmanager" "libvirtd" ]; }; } diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index 200b2c6a..633a0a29 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -4,35 +4,37 @@ { config, pkgs, inputs, ... }: { imports = [ - # Include the results of the hardware scan. ./hardware-configuration.nix inputs.nixos-hardware.nixosModules.lenovo-thinkpad-z + ./hardware.nix + ./networking.nix + ./desktop-env.nix ]; # Bootloader. boot = { + kernelPackages = pkgs.linuxPackages_latest; loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; efi.efiSysMountPoint = "/boot/efi"; }; kernel.sysctl = { "fs.inotify.max_user_watches" = 524288; }; - initrd.kernelModules = [ "amdgpu" ]; + initrd = { + kernelModules = [ "amdgpu" ]; + systemd.enable = true; + verbose = false; + }; + resumeDevice = "/dev/nvme0n1p2"; }; fileSystems."/".options = [ "compress=zstd" ]; - boot.kernelPackages = pkgs.linuxPackages_latest; - - # Enable networking - networking.networkmanager.enable = true; - # Set your time zone. time.timeZone = "Europe/Amsterdam"; # Select internationalisation properties. i18n.defaultLocale = "en_GB.UTF-8"; - i18n.extraLocaleSettings = { LC_ADDRESS = "nl_NL.UTF-8"; LC_IDENTIFICATION = "nl_NL.UTF-8"; @@ -45,61 +47,18 @@ LC_TIME = "nl_NL.UTF-8"; }; - hardware.opengl.driSupport = true; - hardware.opengl.extraPackages = with pkgs; [ - amdvlk - rocm-opencl-icd - rocm-opencl-runtime - ]; - systemd.tmpfiles.rules = - [ "L+ /opt/rocm/hip - - - - ${pkgs.hip}" ]; - - # Enable the X11 windowing system. - services.xserver.enable = true; - services.xserver.videoDrivers = [ "amdgpu" ]; - services.xserver.excludePackages = [ pkgs.xterm ]; - - # Enable the GNOME Desktop Environment. - services.xserver.displayManager.gdm.enable = true; - services.xserver.desktopManager.gnome.enable = true; - services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; - environment.gnome.excludePackages = - (with pkgs; [ gnome-photos gnome-tour gnome-connections ]) - ++ (with pkgs.gnome; [ - atomix # puzzle game - epiphany # web browser - geary # email reader - gedit # text editor - gnome-calendar - gnome-clocks - gnome-contacts - gnome-maps - gnome-music - gnome-notes - gnome-terminal - gnome-weather - hitori # sudoku game - iagno # go game - simple-scan # document scanner - tali # poker game - totem # video player - ]); - - programs.dconf.enable = true; - services.udisks2.enable = true; - services.dbus.enable = true; - services.fstrim.enable = true; - - # Configure keymap in X11 - services.xserver = { - layout = "us"; - xkbVariant = "altgr-intl"; - xkbOptions = "caps:swapescape"; - }; - # Enable CUPS to print documents. services.printing.enable = true; + environment.systemPackages = with pkgs; [ wireguard-tools ]; + + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + users.victor = import ./home; + extraSpecialArgs = { inherit inputs; }; + }; + # Enable sound with pipewire. sound.enable = true; hardware.pulseaudio.enable = false; @@ -117,29 +76,14 @@ #media-session.enable = true; }; - environment.systemPackages = with pkgs; [ - gnome.gnome-tweaks - gnome.gnome-boxes - wireguard-tools - ]; - - networking.firewall.checkReversePath = false; - - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.victor = { - isNormalUser = true; - extraGroups = [ "networkmanager" "wheel" ]; + virtualisation = { + podman.enable = true; + libvirtd = { + enable = true; + qemu.package = pkgs.qemu_kvm; + }; }; - home-manager = { - useGlobalPkgs = true; - useUserPackages = true; - users.victor = import ./home; - extraSpecialArgs = { inherit inputs; }; - }; - - virtualisation.podman.enable = true; - fonts.fonts = with pkgs; [ material-design-icons noto-fonts @@ -152,16 +96,6 @@ }) ]; - # Allow unfree packages - nixpkgs.config.allowUnfree = true; - - # networking.firewall.enable = false; - - powerManagement = { - enable = true; - powertop.enable = true; - }; - programs.steam = { enable = true; # Open ports in the firewall for Steam Remote Play diff --git a/nixos/hosts/thalassa/aoife/desktop-env.nix b/nixos/hosts/thalassa/aoife/desktop-env.nix new file mode 100644 index 00000000..c7561472 --- /dev/null +++ b/nixos/hosts/thalassa/aoife/desktop-env.nix @@ -0,0 +1,51 @@ +{ pkgs, ... }: { + # Enable the X11 windowing system. + services.xserver.enable = true; + services.xserver.videoDrivers = [ "amdgpu" ]; + services.xserver.excludePackages = [ pkgs.xterm ]; + + # Configure keymap in X11 + services.xserver = { + layout = "us"; + xkbVariant = "altgr-intl"; + xkbOptions = "caps:swapescape"; + }; + + # Enable the GNOME Desktop Environment. + services.xserver.displayManager.gdm.enable = true; + services.xserver.desktopManager.gnome.enable = true; + services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; + environment.gnome.excludePackages = + (with pkgs; [ gnome-photos gnome-tour gnome-connections ]) + ++ (with pkgs.gnome; [ + atomix # puzzle game + epiphany # web browser + geary # email reader + gedit # text editor + gnome-calendar + gnome-clocks + gnome-contacts + gnome-maps + gnome-music + gnome-notes + gnome-terminal + gnome-weather + hitori # sudoku game + iagno # go game + simple-scan # document scanner + tali # poker game + totem # video player + ]); + + # Services required for gnome + programs.dconf.enable = true; + services.dbus.enable = true; + services.udisks2.enable = true; + + # Extra gnome packages + environment.systemPackages = with pkgs; [ + gnome.gnome-tweaks + gnome.gnome-boxes + ]; + +} diff --git a/nixos/hosts/thalassa/aoife/hardware.nix b/nixos/hosts/thalassa/aoife/hardware.nix new file mode 100644 index 00000000..c6b1208e --- /dev/null +++ b/nixos/hosts/thalassa/aoife/hardware.nix @@ -0,0 +1,29 @@ +{ pkgs, ... }: { + hardware.enableAllFirmware = true; + + hardware.bluetooth.enable = true; + + services.hardware.bolt.enable = true; + + # Vulkan + hardware.opengl.driSupport = true; + hardware.opengl.extraPackages = with pkgs; [ + amdvlk + rocm-opencl-icd + rocm-opencl-runtime + ]; + systemd.tmpfiles.rules = + [ "L+ /opt/rocm/hip - - - - ${pkgs.hip}" ]; + + # SSD Trim + services.fstrim.enable = true; + + # Power Management + services.upower.enable = true; + services.thermald.enable = true; + + powerManagement = { + enable = true; + powertop.enable = true; + }; +} diff --git a/nixos/hosts/thalassa/aoife/networking.nix b/nixos/hosts/thalassa/aoife/networking.nix new file mode 100644 index 00000000..07699775 --- /dev/null +++ b/nixos/hosts/thalassa/aoife/networking.nix @@ -0,0 +1,5 @@ +{ ... }: { + networking.networkmanager.enable = true; + networking.firewall.checkReversePath = false; + # networking.firewall.enable = false; +} \ No newline at end of file -- 2.47.1 From b5900051bd29c2f43e4d149e9c5bfeae88668bbc Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Mon, 12 Dec 2022 21:33:31 +0100 Subject: [PATCH 0595/1882] remove nwerc --- nixos/hosts/olympus/default.nix | 5 ---- nixos/hosts/olympus/nwerc/configuration.nix | 30 --------------------- 2 files changed, 35 deletions(-) delete mode 100644 nixos/hosts/olympus/nwerc/configuration.nix diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index ecf95e4e..20ee1352 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -173,11 +173,6 @@ ip = "10.42.42.33"; mac = "1E:24:DA:DB:4A:1A"; } - { - hostname = "nwerc"; - ip = "10.42.42.40"; - mac = "72:ED:31:E1:08:52"; - } { hostname = "nuc"; ip = "10.42.42.42"; diff --git a/nixos/hosts/olympus/nwerc/configuration.nix b/nixos/hosts/olympus/nwerc/configuration.nix deleted file mode 100644 index b203251b..00000000 --- a/nixos/hosts/olympus/nwerc/configuration.nix +++ /dev/null @@ -1,30 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, lib, ... }: - -{ - imports = [ ]; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "22.11"; # Did you read the comment? - - # Additional packages - environment.systemPackages = with pkgs; [ ]; - - networking.firewall.allowedTCPPorts = [ ]; - - users.users.nwerc = { - isNormalUser = true; - openssh.authorizedKeys.keys = []; - }; - - # Allow password authentication - services.openssh.passwordAuthentication = lib.mkForce true; -} -- 2.47.1 From d465ecbcb0bbc76635ac6662ae71a10ec8e94086 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 17 Dec 2022 13:21:22 +0100 Subject: [PATCH 0596/1882] minor updates --- flake.lock | 79 ++++++++++--------- flake.nix | 2 +- nixos/common/users/victor.nix | 2 +- .../hosts/olympus/keycloak/configuration.nix | 1 + nixos/hosts/thalassa/aoife/home/neovim.nix | 2 - nixos/hosts/thalassa/aoife/home/theme.nix | 6 +- 6 files changed, 46 insertions(+), 46 deletions(-) diff --git a/flake.lock b/flake.lock index 88a485ec..48e0948f 100644 --- a/flake.lock +++ b/flake.lock @@ -433,11 +433,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1670513770, - "narHash": "sha256-muL74fsbGA8K8WlZSPNWddOiuBnC54kAajncX6nXrh4=", + "lastModified": 1671209729, + "narHash": "sha256-zxn1eA/rMi2DOx43V7q87bGaDzvL7CMVY/Ti7lJ92DQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "054d9e3187ca00479e8036dc0e92900a384f30fd", + "rev": "7d55a72d4c1df694e87a41a7e6c9a7b6e9a40ca3", "type": "github" }, "original": { @@ -454,11 +454,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1670857002, - "narHash": "sha256-Tck24Ys4PGZL2ClFp7gvB648eBYPTiycPrTX9QeEXyk=", + "lastModified": 1671221264, + "narHash": "sha256-c2F1OLBjYKCRRQjSmNymsZqAkqiR3yb8UqayLL+/V6I=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "111d209bff5448c3a55e07f344cf89715536bba4", + "rev": "deb8d3d82ebe4154b04bd97af847cf83c3ae1ce2", "type": "github" }, "original": { @@ -486,11 +486,11 @@ "hyprland-protocols_2": { "flake": false, "locked": { - "lastModified": 1670185345, - "narHash": "sha256-hxWGqlPecqEsE6nOHDV29KFBKePbY2Ipeac6lrChMKY=", + "lastModified": 1670703428, + "narHash": "sha256-4KUW5SKR0Y9uaYGcYwy53YJ3B/sgiprCL4fRGO+mpOA=", "owner": "hyprwm", "repo": "hyprland-protocols", - "rev": "4623a404c091e64743ba310199bb380ec52f1936", + "rev": "d0d6db8cb5bef6d93ca3ad8fb2124964173396da", "type": "github" }, "original": { @@ -506,11 +506,11 @@ ] }, "locked": { - "lastModified": 1669635788, - "narHash": "sha256-xlJ4hbUm3KULq4daqopi+eAv1u57uLlTare04HL3X/c=", + "lastModified": 1670941639, + "narHash": "sha256-ssWr9KskwbfTA3s93AeV24khVYLyWUFL2XRDyn6XB14=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "ab85578dce442b80aa3378fe0304e6cb6f16f593", + "rev": "88d99f99546d3ba42ed40f9b371471b320423f63", "type": "github" }, "original": { @@ -581,11 +581,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1670461926, - "narHash": "sha256-80badJ32j8eWPTgWO7m5SZT+uEUZDmhrr5cNstPWsDw=", + "lastModified": 1671239241, + "narHash": "sha256-wWkAyxfC/JOGsQ7Mnn2SZypn4HWxOY/d0zCil4fI0Co=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "b2444f924ab432f8590b12de042ad394bbe8ed83", + "rev": "9b336c56876978f757c424a59e31b5941b21bebe", "type": "github" }, "original": { @@ -735,11 +735,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1670174919, - "narHash": "sha256-XdQr3BUnrvVLRFunLWrZORhwYHDG0+9jUUe0Jv1pths=", + "lastModified": 1671228065, + "narHash": "sha256-Az/ig9LVL5xdqtyl4/CVKJIH1G7sP/9Ott2XnNyie0E=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "9d87bc030a0bf3f00e953dbf095a7d8e852dab6b", + "rev": "e462a4baf75eeac639b4942481759de08a3bc94e", "type": "github" }, "original": { @@ -800,11 +800,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1670856062, - "narHash": "sha256-p6+eBkjUWiXSFP80EOgrJX97fK1OQ+3np750nEHaELw=", + "lastModified": 1671200928, + "narHash": "sha256-mZfzDyzojwj6I0wyooIjGIn81WtGVnx6+avU5Wv+VKU=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "0f482d4d0d5e2c8d244ade8bfadf99e9c8ad9e29", + "rev": "757b82211463dd5ba1475b6851d3731dfe14d377", "type": "github" }, "original": { @@ -855,11 +855,11 @@ "nmdSrc": "nmdSrc" }, "locked": { - "lastModified": 1670787591, - "narHash": "sha256-qPpCNKfWB+Dd3kgKUj4RjIjJg6O3Y2DhYDl4UhThl90=", + "lastModified": 1671123864, + "narHash": "sha256-gWFh2k88PDDEvrSEdedW2/dL+BWDlwrEle44ih2CdFs=", "owner": "pta2002", "repo": "nixvim", - "rev": "db8a2c0b97cbbfbdb43b0e6909f38f83d1600e4e", + "rev": "470fd9c07eccd5df3dbd03b3a18b019f57e138a1", "type": "github" }, "original": { @@ -886,11 +886,11 @@ }, "nur": { "locked": { - "lastModified": 1670819416, - "narHash": "sha256-ja1livEv48Y3piLmdKo0T+1cUHdSfmaHXOxOxJNbneA=", + "lastModified": 1671251299, + "narHash": "sha256-QFslNMb6xQdgEoHmbZ+YjyXysCPsiU2dOPpjWp68dYg=", "owner": "nix-community", "repo": "NUR", - "rev": "068395203bcc46e2ed19843f508383982b153271", + "rev": "ca8e5a3c87bd533b1c0b0b4195b1191ad23c1c66", "type": "github" }, "original": { @@ -979,15 +979,16 @@ ] }, "locked": { - "lastModified": 1665590088, - "narHash": "sha256-7mnx7J0AacL2P2mNuNNB+kKE7VR8nniVG+PSrwpZixE=", + "lastModified": 1665591116, + "narHash": "sha256-AehqoWu7dmQqsd7TwP1B6deis41v1bJH98suLVNB2qs=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "159e7c5b7ee3770828cc0c936d939de5d1b58f83", + "rev": "81d12433859a012b68e15aeb8f2224c7790b8002", "type": "github" }, "original": { "owner": "DeterminateSystems", + "ref": "cole/ds-285-use-rustup-based-rustc-and-cargo", "repo": "riff", "type": "github" } @@ -1169,11 +1170,11 @@ "webcord": "webcord_2" }, "locked": { - "lastModified": 1670858114, - "narHash": "sha256-3FTK6wmNlxkXPjG06XVyelccV5j4sSbUoMRFTZDUfU0=", + "lastModified": 1670874335, + "narHash": "sha256-nJ1LUVj3dIHP5B+XkZXUvY39OqaZn/MMHSFwsOSPnwI=", "owner": "fufexan", "repo": "webcord-flake", - "rev": "e846ea3cebd7e2363294d3e9265a27f1aff24d29", + "rev": "b462d57c36d664b48f047c96b2f9de091bff6e8b", "type": "github" }, "original": { @@ -1185,11 +1186,11 @@ "webcord_2": { "flake": false, "locked": { - "lastModified": 1670537029, - "narHash": "sha256-3mNPsMfj1MFNgb7PP8SCuFvSshRxZECMDCUjduRHdXY=", + "lastModified": 1670713990, + "narHash": "sha256-e+y/M+/gjezHoNrdXeFhqtvxbPdhRSDOQlwK1nUhNfo=", "owner": "SpacingBat3", "repo": "WebCord", - "rev": "12fc5e38d0b03f7b63378ee9111abc40c7aee55d", + "rev": "80ba858c025e0bb59510f7136211948d8ae10ece", "type": "github" }, "original": { @@ -1225,11 +1226,11 @@ ] }, "locked": { - "lastModified": 1670797151, - "narHash": "sha256-ZFzJHqSXhGCjSeMgqTyJG1KJ2Nlwa+NEN9K4oGhWcjg=", + "lastModified": 1670892912, + "narHash": "sha256-HC1qHrGXivdzNlWuuWcxX/P7OkNrlLbhzaqLx0mslPA=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "36ffb6892e14b9c5be6e321b3c47fe286ac256e6", + "rev": "9fb4fae94b9bd80395c193dcaf6fdf740550cff1", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 1684f368..53d76321 100644 --- a/flake.nix +++ b/flake.nix @@ -26,7 +26,7 @@ hyprpaper.url = "github:hyprwm/hyprpaper"; hyprpaper.inputs.nixpkgs.follows = "nixpkgs"; - riff.url = "github:DeterminateSystems/riff"; + riff.url = "github:DeterminateSystems/riff/cole/ds-285-use-rustup-based-rustc-and-cargo"; riff.inputs.nixpkgs.follows = "nixpkgs"; webcord.url = "github:fufexan/webcord-flake"; diff --git a/nixos/common/users/victor.nix b/nixos/common/users/victor.nix index 52d125fa..76e69c92 100644 --- a/nixos/common/users/victor.nix +++ b/nixos/common/users/victor.nix @@ -18,6 +18,6 @@ ]; # Make me admin - extraGroups = [ "systemd-journal" "wheel" "networkmanager" "libvirtd" ]; + extraGroups = [ "systemd-journal" "wheel" "networkmanager" "libvirtd" "dialout" ]; }; } diff --git a/nixos/hosts/olympus/keycloak/configuration.nix b/nixos/hosts/olympus/keycloak/configuration.nix index e776d82e..9e82947d 100644 --- a/nixos/hosts/olympus/keycloak/configuration.nix +++ b/nixos/hosts/olympus/keycloak/configuration.nix @@ -28,6 +28,7 @@ let vs = config.vault-secrets.secrets; in # If loadCredential doesn't work: # https://github.com/NixOS/nixpkgs/issues/157449#issuecomment-1208501368 + # also check: systemd 252 got more strict about how exactly the filesystems need to be set up for credentials to work properly services.keycloak = { enable = true; database = { diff --git a/nixos/hosts/thalassa/aoife/home/neovim.nix b/nixos/hosts/thalassa/aoife/home/neovim.nix index d766096b..4119afe0 100644 --- a/nixos/hosts/thalassa/aoife/home/neovim.nix +++ b/nixos/hosts/thalassa/aoife/home/neovim.nix @@ -82,8 +82,6 @@ luasnip.expand() elseif luasnip.expand_or_jumpable() then luasnip.expand_or_jump() - elseif check_backspace() then - fallback() else fallback() end diff --git a/nixos/hosts/thalassa/aoife/home/theme.nix b/nixos/hosts/thalassa/aoife/home/theme.nix index e1c56d68..f48e44c8 100644 --- a/nixos/hosts/thalassa/aoife/home/theme.nix +++ b/nixos/hosts/thalassa/aoife/home/theme.nix @@ -4,9 +4,9 @@ let cursorTheme = config.home.pointerCursor.name; in { home.pointerCursor = { - name = "Catppuccin-Frappe-Pink-Cursors"; - size = 32; - package = pkgs.catppuccin-cursors.frappePink; + name = "Bibata_Ghost"; + size = 24; + package = pkgs.bibata-cursors-translucent; }; gtk = { -- 2.47.1 From a783df8c712a1df4a4267b9d04a879c2a6814fd7 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 17 Dec 2022 22:46:38 +0100 Subject: [PATCH 0597/1882] flake update --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 48e0948f..b952d4f0 100644 --- a/flake.lock +++ b/flake.lock @@ -454,11 +454,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1671221264, - "narHash": "sha256-c2F1OLBjYKCRRQjSmNymsZqAkqiR3yb8UqayLL+/V6I=", + "lastModified": 1671306082, + "narHash": "sha256-WqhV2wTcVQmK/RgjSaxogTfPzMaie067z3a7sODgj1I=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "deb8d3d82ebe4154b04bd97af847cf83c3ae1ce2", + "rev": "e7940569dde86d92e25ceb07824f6853515ca0b5", "type": "github" }, "original": { @@ -800,11 +800,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1671200928, - "narHash": "sha256-mZfzDyzojwj6I0wyooIjGIn81WtGVnx6+avU5Wv+VKU=", + "lastModified": 1671309134, + "narHash": "sha256-4FlhUYJhGktXg5j1VYZQjnXNwnPDwUQFxYECeFfUsdo=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "757b82211463dd5ba1475b6851d3731dfe14d377", + "rev": "e64c3ec9a236079e51b33fd6fbc1d340bc34c89e", "type": "github" }, "original": { -- 2.47.1 From 88da9b1278c431caf4567cd4af8daaf36895b7b6 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 18 Dec 2022 09:52:12 +0100 Subject: [PATCH 0598/1882] update workflows --- .github/workflows/nixos.yml | 4 ++-- nixos/pkgs/deemix-gui/default.nix | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index 4b74a304..65b0912f 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -5,7 +5,7 @@ on: branches: [main] jobs: - build-null: + build-aoife: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 @@ -33,7 +33,7 @@ jobs: extraPullNames: hyprland - name: "Build NixOS config ❄️" run: | - nix run '.#' build -- --on "null" + nix run '.#' build -- --on "aoife" build-iso: runs-on: ubuntu-latest steps: diff --git a/nixos/pkgs/deemix-gui/default.nix b/nixos/pkgs/deemix-gui/default.nix index c4a7a65a..cb76d313 100644 --- a/nixos/pkgs/deemix-gui/default.nix +++ b/nixos/pkgs/deemix-gui/default.nix @@ -6,7 +6,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "https://download.deemix.app/gui/linux-x64-latest.AppImage"; - sha256 = "sha256-poEvEIYd5FXRweAGIK5AzPjBWY3p8ertiBPbEV0sv+c="; + sha256 = "sha256-e2neemsAzGniBpXIPYbKk5LQHoYLvFj5/8QszCcoTYM="; name = "${pname}-${version}.AppImage"; }; -- 2.47.1 From b12215101c905d5fb2e97ce4c0b9fc60c8e63f39 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 18 Dec 2022 15:45:06 +0100 Subject: [PATCH 0599/1882] update flake --- flake.lock | 42 +++++++++++++++++++++--------------------- flake.nix | 2 +- 2 files changed, 22 insertions(+), 22 deletions(-) diff --git a/flake.lock b/flake.lock index b952d4f0..f31fbe52 100644 --- a/flake.lock +++ b/flake.lock @@ -433,11 +433,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1671209729, - "narHash": "sha256-zxn1eA/rMi2DOx43V7q87bGaDzvL7CMVY/Ti7lJ92DQ=", + "lastModified": 1671335968, + "narHash": "sha256-V7mjlh7brp70elokmml6XzHinpTilkQJjiYIGjEmSGs=", "owner": "nix-community", "repo": "home-manager", - "rev": "7d55a72d4c1df694e87a41a7e6c9a7b6e9a40ca3", + "rev": "37713c6b04b963d41664e03576f73a18c9b0d224", "type": "github" }, "original": { @@ -454,11 +454,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1671306082, - "narHash": "sha256-WqhV2wTcVQmK/RgjSaxogTfPzMaie067z3a7sODgj1I=", + "lastModified": 1671367279, + "narHash": "sha256-NhYZqarJAKWLCeGxWZ9zvX4WYpA+3bq8tN1gBv0dZyA=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "e7940569dde86d92e25ceb07824f6853515ca0b5", + "rev": "a163ca92377a56c196222a48c0a5676a7bb4ac3b", "type": "github" }, "original": { @@ -581,11 +581,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1671239241, - "narHash": "sha256-wWkAyxfC/JOGsQ7Mnn2SZypn4HWxOY/d0zCil4fI0Co=", + "lastModified": 1671325776, + "narHash": "sha256-ujjSRphN+nlPAJqdSv+aCc/dQoSVEdJR/1sWvBrSmS8=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "9b336c56876978f757c424a59e31b5941b21bebe", + "rev": "d54d21417f4d43e8d0d6fa646b931c68a547ebb0", "type": "github" }, "original": { @@ -720,11 +720,11 @@ ] }, "locked": { - "lastModified": 1669065280, - "narHash": "sha256-3+pq1oJWjGDLfd8G/vR3IIFZ+EQ/aglukA0bTiMlf3o=", + "lastModified": 1671355134, + "narHash": "sha256-ZtnUWTDDyFog+NQBjZpnhgPdj3gHp5ImxFVWy+ObNno=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "50aeec40f2072d2ab267c8ec8a345573704ec110", + "rev": "64a96ca8621d03cb3889daf0d3ff58d8209e3e0c", "type": "github" }, "original": { @@ -800,16 +800,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1671309134, - "narHash": "sha256-4FlhUYJhGktXg5j1VYZQjnXNwnPDwUQFxYECeFfUsdo=", - "owner": "NULLx76", + "lastModified": 1671200928, + "narHash": "sha256-mZfzDyzojwj6I0wyooIjGIn81WtGVnx6+avU5Wv+VKU=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "e64c3ec9a236079e51b33fd6fbc1d340bc34c89e", + "rev": "757b82211463dd5ba1475b6851d3731dfe14d377", "type": "github" }, "original": { - "owner": "NULLx76", - "ref": "0x76", + "owner": "nixos", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -886,11 +886,11 @@ }, "nur": { "locked": { - "lastModified": 1671251299, - "narHash": "sha256-QFslNMb6xQdgEoHmbZ+YjyXysCPsiU2dOPpjWp68dYg=", + "lastModified": 1671337747, + "narHash": "sha256-wIiTS4GebkbhyL+WYl8U3TcmLGwpQuv0/z1PEdno7W0=", "owner": "nix-community", "repo": "NUR", - "rev": "ca8e5a3c87bd533b1c0b0b4195b1191ad23c1c66", + "rev": "ccf9b872a81ec4ba8f79fd8e6c0b6f87a2548c20", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 53d76321..f38904d5 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix inputs = { - nixpkgs.url = "github:NULLx76/nixpkgs/0x76"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nur.url = "github:nix-community/NUR"; -- 2.47.1 From afbb424e3e0a0b2789ec5bdd36964fb411a75236 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 19 Dec 2022 09:36:53 +0100 Subject: [PATCH 0600/1882] wireguard --- flake.lock | 20 +++++++++---------- flake.nix | 2 +- .../hosts/olympus/wireguard/configuration.nix | 2 +- nixos/hosts/thalassa/aoife/configuration.nix | 3 ++- 4 files changed, 14 insertions(+), 13 deletions(-) diff --git a/flake.lock b/flake.lock index f31fbe52..70e161c1 100644 --- a/flake.lock +++ b/flake.lock @@ -454,11 +454,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1671367279, - "narHash": "sha256-NhYZqarJAKWLCeGxWZ9zvX4WYpA+3bq8tN1gBv0dZyA=", + "lastModified": 1671375934, + "narHash": "sha256-ijHwLyDzSVdNbpgJWaP3I+t9f44TFUggdeMUr/uURwQ=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "a163ca92377a56c196222a48c0a5676a7bb4ac3b", + "rev": "6424a1e398ee6a5ad442cd27fb2acb82c0f04337", "type": "github" }, "original": { @@ -800,16 +800,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1671200928, - "narHash": "sha256-mZfzDyzojwj6I0wyooIjGIn81WtGVnx6+avU5Wv+VKU=", + "lastModified": 1671356613, + "narHash": "sha256-Pim9px0qRp6IejhLDs53dfmGy/lAszWanCCwLRK1Hag=", "owner": "nixos", "repo": "nixpkgs", - "rev": "757b82211463dd5ba1475b6851d3731dfe14d377", + "rev": "ecca235a5bdf580ec15cde533f5a95266bbc7fb7", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable", + "ref": "nixos-unstable-small", "repo": "nixpkgs", "type": "github" } @@ -886,11 +886,11 @@ }, "nur": { "locked": { - "lastModified": 1671337747, - "narHash": "sha256-wIiTS4GebkbhyL+WYl8U3TcmLGwpQuv0/z1PEdno7W0=", + "lastModified": 1671392835, + "narHash": "sha256-iTlSRWA4Rqetjrs3no9zXlrlO4VtZut9T/KHrQw/Dw4=", "owner": "nix-community", "repo": "NUR", - "rev": "ccf9b872a81ec4ba8f79fd8e6c0b6f87a2548c20", + "rev": "21bda9a72e4f59aaa1dccb81400ac64304a22f0a", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index f38904d5..d47edf8c 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; nur.url = "github:nix-community/NUR"; diff --git a/nixos/hosts/olympus/wireguard/configuration.nix b/nixos/hosts/olympus/wireguard/configuration.nix index 4983169b..556fb58f 100644 --- a/nixos/hosts/olympus/wireguard/configuration.nix +++ b/nixos/hosts/olympus/wireguard/configuration.nix @@ -66,7 +66,7 @@ in { { # New Laptop publicKey = "+Ms3xV6LxNZWTQk11zoz+AUIV2uds6A64Wz15JlR/Ak="; - allowedIPs = [ "10.100.0.5/32" ]; + allowedIPs = [ "10.100.0.6/32" ]; } { # Aerdenhout diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index 633a0a29..6769d5ed 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -13,7 +13,8 @@ # Bootloader. boot = { - kernelPackages = pkgs.linuxPackages_latest; + # kernelPackages = pkgs.linuxPackages_latest; + kernelPackages = pkgs.linuxKernel.packages.linux_zen; loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; -- 2.47.1 From e996cd56ed4897852568aac1cc3c2314b419a7a8 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 21 Dec 2022 14:52:03 +0100 Subject: [PATCH 0601/1882] update --- flake.lock | 54 +++++++++++++++++++++++++++--------------------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/flake.lock b/flake.lock index 70e161c1..ea591017 100644 --- a/flake.lock +++ b/flake.lock @@ -433,11 +433,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1671335968, - "narHash": "sha256-V7mjlh7brp70elokmml6XzHinpTilkQJjiYIGjEmSGs=", + "lastModified": 1671578428, + "narHash": "sha256-YmbpBcPaGz9KE2bC4xPvSdgCSMk0BmS/L3ePvy9TR/M=", "owner": "nix-community", "repo": "home-manager", - "rev": "37713c6b04b963d41664e03576f73a18c9b0d224", + "rev": "0f8bf4f92efa3c6168705b49a6788abb3612033a", "type": "github" }, "original": { @@ -454,11 +454,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1671375934, - "narHash": "sha256-ijHwLyDzSVdNbpgJWaP3I+t9f44TFUggdeMUr/uURwQ=", + "lastModified": 1671577645, + "narHash": "sha256-JCD8GhZJtTmB+k07W/zj7lAzDs6hbsG2eriZZP/Tol8=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "6424a1e398ee6a5ad442cd27fb2acb82c0f04337", + "rev": "fc37ce4a724101def1befa01b353162830f4393f", "type": "github" }, "original": { @@ -506,11 +506,11 @@ ] }, "locked": { - "lastModified": 1670941639, - "narHash": "sha256-ssWr9KskwbfTA3s93AeV24khVYLyWUFL2XRDyn6XB14=", + "lastModified": 1671404096, + "narHash": "sha256-ls8i+lXweg0udqbd9XuF/ag+rqDSy/i05B6RrMW2BAI=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "88d99f99546d3ba42ed40f9b371471b320423f63", + "rev": "60013ee65566ec7601c367829da2560d7b8638fa", "type": "github" }, "original": { @@ -581,11 +581,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1671325776, - "narHash": "sha256-ujjSRphN+nlPAJqdSv+aCc/dQoSVEdJR/1sWvBrSmS8=", + "lastModified": 1671584783, + "narHash": "sha256-W0nLAgcAHT1+MfN1svTvdv1iFQCp3NT1YCSlxImAfiQ=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "d54d21417f4d43e8d0d6fa646b931c68a547ebb0", + "rev": "155b649583bc5e7ce46cb9c8314928ad5e335639", "type": "github" }, "original": { @@ -735,11 +735,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1671228065, - "narHash": "sha256-Az/ig9LVL5xdqtyl4/CVKJIH1G7sP/9Ott2XnNyie0E=", + "lastModified": 1671467847, + "narHash": "sha256-eIeZIQbbW0QYDW0nhDaieokw6VakPO3TyJ3RmxqGHOs=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "e462a4baf75eeac639b4942481759de08a3bc94e", + "rev": "25010a042c23695ae457a97aad60e9b1d49f2ecc", "type": "github" }, "original": { @@ -751,11 +751,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1670064435, - "narHash": "sha256-+ELoY30UN+Pl3Yn7RWRPabykwebsVK/kYE9JsIsUMxQ=", + "lastModified": 1671359686, + "narHash": "sha256-3MpC6yZo+Xn9cPordGz2/ii6IJpP2n8LE8e/ebUXLrs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "61a8a98e6d557e6dd7ed0cdb54c3a3e3bbc5e25c", + "rev": "04f574a1c0fde90b51bf68198e2297ca4e7cccf4", "type": "github" }, "original": { @@ -800,11 +800,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1671356613, - "narHash": "sha256-Pim9px0qRp6IejhLDs53dfmGy/lAszWanCCwLRK1Hag=", + "lastModified": 1671565324, + "narHash": "sha256-FKnxM+07rV3HFNIOw3p1XaopZ3MkaxuHXNcZyYUJt2w=", "owner": "nixos", "repo": "nixpkgs", - "rev": "ecca235a5bdf580ec15cde533f5a95266bbc7fb7", + "rev": "3c6d63d22ca8b57adc4120f7c1ea5262925c8c2d", "type": "github" }, "original": { @@ -855,11 +855,11 @@ "nmdSrc": "nmdSrc" }, "locked": { - "lastModified": 1671123864, - "narHash": "sha256-gWFh2k88PDDEvrSEdedW2/dL+BWDlwrEle44ih2CdFs=", + "lastModified": 1671416295, + "narHash": "sha256-gNW2ikwhnJgPcT66ubjmxHccP8wwSGDEIFB/ouih/9I=", "owner": "pta2002", "repo": "nixvim", - "rev": "470fd9c07eccd5df3dbd03b3a18b019f57e138a1", + "rev": "fdbba2238e5e7b400ff10eef5b8fc474d8059deb", "type": "github" }, "original": { @@ -886,11 +886,11 @@ }, "nur": { "locked": { - "lastModified": 1671392835, - "narHash": "sha256-iTlSRWA4Rqetjrs3no9zXlrlO4VtZut9T/KHrQw/Dw4=", + "lastModified": 1671627685, + "narHash": "sha256-54qlFZuZHu02hRkQxdSnlMmk37veiitfm7gcPCU9Nuw=", "owner": "nix-community", "repo": "NUR", - "rev": "21bda9a72e4f59aaa1dccb81400ac64304a22f0a", + "rev": "a1ad2e16a2b12943cae4afefda52a6a23184ea97", "type": "github" }, "original": { -- 2.47.1 From 345576623fafc41a4de4d82db47d065e57693601 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 25 Dec 2022 16:34:48 +0100 Subject: [PATCH 0602/1882] update --- flake.lock | 78 ++++++++++----------- nixos/hosts/thalassa/aoife/home/dconf.nix | 7 +- nixos/hosts/thalassa/aoife/home/default.nix | 1 + 3 files changed, 46 insertions(+), 40 deletions(-) diff --git a/flake.lock b/flake.lock index ea591017..3f25682c 100644 --- a/flake.lock +++ b/flake.lock @@ -433,11 +433,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1671578428, - "narHash": "sha256-YmbpBcPaGz9KE2bC4xPvSdgCSMk0BmS/L3ePvy9TR/M=", + "lastModified": 1671966569, + "narHash": "sha256-jbLgfSnmLchARBNFRvCic63CFQ9LAyvlXnBpc2kwjQc=", "owner": "nix-community", "repo": "home-manager", - "rev": "0f8bf4f92efa3c6168705b49a6788abb3612033a", + "rev": "c55fa26ce05fee8e063db22918d05a73d430b2ea", "type": "github" }, "original": { @@ -454,11 +454,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1671577645, - "narHash": "sha256-JCD8GhZJtTmB+k07W/zj7lAzDs6hbsG2eriZZP/Tol8=", + "lastModified": 1671841202, + "narHash": "sha256-w6vfVa6gj48YWjK+GUezq5U3UkvvGo/DEzdhAmr9Mhw=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "fc37ce4a724101def1befa01b353162830f4393f", + "rev": "d87d2dac0b1385a4ab944df293bc48877564106c", "type": "github" }, "original": { @@ -556,15 +556,15 @@ "nixpkgs": [ "nixpkgs" ], - "nixpkgs-22_05": "nixpkgs-22_05", + "nixpkgs-22_11": "nixpkgs-22_11", "utils": "utils_3" }, "locked": { - "lastModified": 1669807829, - "narHash": "sha256-rgQ8MYV1UD4Ynw0wzfl9hatgsV5GV7X6eM6ioSPKzls=", + "lastModified": 1671659164, + "narHash": "sha256-DbpT+v1POwFOInbrDL+vMbYV3mVbTkMxmJ5j50QnOcA=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "694e7d34f60028f4877517e1c7c73c9527fad400", + "rev": "bc667fb6afc45f6cc2d118ab77658faf2227cffd", "type": "gitlab" }, "original": { @@ -581,11 +581,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1671584783, - "narHash": "sha256-W0nLAgcAHT1+MfN1svTvdv1iFQCp3NT1YCSlxImAfiQ=", + "lastModified": 1671843840, + "narHash": "sha256-oYVOnPL+rpnDFKiNeEtSDiH1H2sMqpoJmCmtfcs8lT4=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "155b649583bc5e7ce46cb9c8314928ad5e335639", + "rev": "5a5f7a399e40c0e258aa0fd00529613b5ae2b7e7", "type": "github" }, "original": { @@ -735,11 +735,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1671467847, - "narHash": "sha256-eIeZIQbbW0QYDW0nhDaieokw6VakPO3TyJ3RmxqGHOs=", + "lastModified": 1671631481, + "narHash": "sha256-LP6NvQQNKdqDpXngECo6oCiWfYRb0KPGM5+D5lu7mPw=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "25010a042c23695ae457a97aad60e9b1d49f2ecc", + "rev": "9577ab1eaf01a738b015a7a7ab2a4616e158b6cd", "type": "github" }, "original": { @@ -751,11 +751,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1671359686, - "narHash": "sha256-3MpC6yZo+Xn9cPordGz2/ii6IJpP2n8LE8e/ebUXLrs=", + "lastModified": 1671722432, + "narHash": "sha256-ojcZUekIQeOZkHHzR81st7qxX99dB1Eaaq6PU5MNeKc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "04f574a1c0fde90b51bf68198e2297ca4e7cccf4", + "rev": "652e92b8064949a11bc193b90b74cb727f2a1405", "type": "github" }, "original": { @@ -765,18 +765,18 @@ "type": "github" } }, - "nixpkgs-22_05": { + "nixpkgs-22_11": { "locked": { - "lastModified": 1654936503, - "narHash": "sha256-soKzdhI4jTHv/rSbh89RdlcJmrPgH8oMb/PLqiqIYVQ=", + "lastModified": 1669558522, + "narHash": "sha256-yqxn+wOiPqe6cxzOo4leeJOp1bXE/fjPEi/3F/bBHv8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "dab6df51387c3878cdea09f43589a15729cae9f4", + "rev": "ce5fe99df1f15a09a91a86be9738d68fadfbad82", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-22.05", + "ref": "nixos-22.11", "type": "indirect" } }, @@ -800,11 +800,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1671565324, - "narHash": "sha256-FKnxM+07rV3HFNIOw3p1XaopZ3MkaxuHXNcZyYUJt2w=", + "lastModified": 1671936867, + "narHash": "sha256-tOok3/MJWoRUEoPU5Ma/cTCeuw8ACx3Ozu1MlFcdvc8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "3c6d63d22ca8b57adc4120f7c1ea5262925c8c2d", + "rev": "18ee49839ea8817218c3bfe3a62e06f47a10fdd5", "type": "github" }, "original": { @@ -855,11 +855,11 @@ "nmdSrc": "nmdSrc" }, "locked": { - "lastModified": 1671416295, - "narHash": "sha256-gNW2ikwhnJgPcT66ubjmxHccP8wwSGDEIFB/ouih/9I=", + "lastModified": 1671840534, + "narHash": "sha256-ZKBg7cM1qJ4ic4O6PGS9ESPSazGQI1TXFsGiFXIL3tw=", "owner": "pta2002", "repo": "nixvim", - "rev": "fdbba2238e5e7b400ff10eef5b8fc474d8059deb", + "rev": "5f67918bae3115e5d5ae17eeb9d414517762fc66", "type": "github" }, "original": { @@ -886,11 +886,11 @@ }, "nur": { "locked": { - "lastModified": 1671627685, - "narHash": "sha256-54qlFZuZHu02hRkQxdSnlMmk37veiitfm7gcPCU9Nuw=", + "lastModified": 1671975941, + "narHash": "sha256-n5fEPkVVarOnmO70xxuMFlMwYiNQGEaFm/k1ebx/vMo=", "owner": "nix-community", "repo": "NUR", - "rev": "a1ad2e16a2b12943cae4afefda52a6a23184ea97", + "rev": "ce94b3d5d00080485f7a6dba0243a21d10c69273", "type": "github" }, "original": { @@ -1203,11 +1203,11 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1669925104, - "narHash": "sha256-xMHfW+/G9MieN/5tXHUA5/ztE8dkE093cNFTEUgcwxI=", + "lastModified": 1671723353, + "narHash": "sha256-G1jiI0SA7eiZusO+iJytErMRNbKbwqJJJGL+sNoBNoQ=", "owner": "wlroots", "repo": "wlroots", - "rev": "c8eb24d30e18c165728b8788a10716611c3b633d", + "rev": "b28a9afd4b0b86e9a66a40f6b44b69f59947b7d6", "type": "gitlab" }, "original": { @@ -1226,11 +1226,11 @@ ] }, "locked": { - "lastModified": 1670892912, - "narHash": "sha256-HC1qHrGXivdzNlWuuWcxX/P7OkNrlLbhzaqLx0mslPA=", + "lastModified": 1671837878, + "narHash": "sha256-OmFDyktTc/l+3wHboHeFpAQgPt3r7jjqZf8MrwuUGMo=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "9fb4fae94b9bd80395c193dcaf6fdf740550cff1", + "rev": "e47f4cec698080768821b271510985ab94a37e91", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/aoife/home/dconf.nix b/nixos/hosts/thalassa/aoife/home/dconf.nix index b721ab74..9b1e5750 100644 --- a/nixos/hosts/thalassa/aoife/home/dconf.nix +++ b/nixos/hosts/thalassa/aoife/home/dconf.nix @@ -66,7 +66,7 @@ in { switch-to-workspace-4 = [ "4" ]; switch-to-workspace-5 = [ "5" ]; switch-to-workspace-6 = [ "6" ]; - toggle-fullscreen = [ "f" ]; + toggle-fullscreen = [ "M" ]; toggle-maximized = [ "m" ]; }; @@ -79,5 +79,10 @@ in { command = "kgx"; name = "Open Terminal"; }; + "firefox" = { + binding = "f"; + command = "firefox"; + name = "Open Firefox"; + }; }; } diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index eba9b4c9..5a2dcab7 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -33,6 +33,7 @@ in { rustup solo2-cli tex + yt-dlp ]; xdg.mimeApps.enable = true; -- 2.47.1 From 3c0f89c66a28e1712b4d3aa075b167cb4aea2783 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 25 Dec 2022 17:35:14 +0100 Subject: [PATCH 0603/1882] downgrade minio, need to migrate --- nixos/hosts/hades/minio/configuration.nix | 6 +-- nixos/hosts/olympus/minio/configuration.nix | 4 +- nixos/pkgs/default.nix | 3 ++ nixos/pkgs/minio-old/default.nix | 51 +++++++++++++++++++++ 4 files changed, 59 insertions(+), 5 deletions(-) create mode 100644 nixos/pkgs/minio-old/default.nix diff --git a/nixos/hosts/hades/minio/configuration.nix b/nixos/hosts/hades/minio/configuration.nix index 503d35b6..00039c3d 100644 --- a/nixos/hosts/hades/minio/configuration.nix +++ b/nixos/hosts/hades/minio/configuration.nix @@ -1,8 +1,7 @@ -{ config, pkgs, ... }: +{ config, pkgs, lib, ... }: let vs = config.vault-secrets.secrets; -in -{ +in { system.stateVersion = "22.11"; networking.firewall.allowedTCPPorts = [ 9000 9001 ]; @@ -14,5 +13,6 @@ in services.minio = { enable = true; rootCredentialsFile = "${vs.minio}/environment"; + package = pkgs.v.minio-old; }; } diff --git a/nixos/hosts/olympus/minio/configuration.nix b/nixos/hosts/olympus/minio/configuration.nix index a73bf0bb..5e45019b 100644 --- a/nixos/hosts/olympus/minio/configuration.nix +++ b/nixos/hosts/olympus/minio/configuration.nix @@ -2,8 +2,8 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: -let +{ config, pkgs, lib, ... }: +let vs = config.vault-secrets.secrets; listenPort = 9000; consolePort = 9001; diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index 3a5edee5..3e7f6424 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -1,6 +1,9 @@ # nix-build -E 'with import {}; callPackage ./default.nix {}' final: prev: { v = { + # nixos 22.11 version of minio, need to upgrade backend from fs to xl + minio-old = prev.callPackage ./minio-old { }; + glitch-soc = prev.callPackage ./glitch-soc { }; deemix-gui = prev.callPackage ./deemix-gui { }; diff --git a/nixos/pkgs/minio-old/default.nix b/nixos/pkgs/minio-old/default.nix new file mode 100644 index 00000000..13c29ac6 --- /dev/null +++ b/nixos/pkgs/minio-old/default.nix @@ -0,0 +1,51 @@ +{ lib, buildGoModule, fetchFromGitHub, nixosTests }: + +let + # The web client verifies, that the server version is a valid datetime string: + # https://github.com/minio/minio/blob/3a0e7347cad25c60b2e51ff3194588b34d9e424c/browser/app/js/web.js#L51-L53 + # + # Example: + # versionToTimestamp "2021-04-22T15-44-28Z" + # => "2021-04-22T15:44:28Z" + versionToTimestamp = version: + let + splitTS = builtins.elemAt (builtins.split "(.*)(T.*)" version) 1; + in + builtins.concatStringsSep "" [ (builtins.elemAt splitTS 0) (builtins.replaceStrings [ "-" ] [ ":" ] (builtins.elemAt splitTS 1)) ]; +in +buildGoModule rec { + pname = "minio"; + version = "2022-10-24T18-35-07Z"; + + src = fetchFromGitHub { + owner = "minio"; + repo = "minio"; + rev = "RELEASE.${version}"; + sha256 = "sha256-sABNzhyfBNU5pWyE/VWHUzuSyKsx0glj01ectJPakV8="; + }; + + vendorSha256 = "sha256-wB3UiuptT6D0CIUlHC1d5k0rjIxNeh5yAWOmYpyLGmA="; + + doCheck = false; + + subPackages = [ "." ]; + + CGO_ENABLED = 0; + + tags = [ "kqueue" ]; + + ldflags = let t = "github.com/minio/minio/cmd"; in [ + "-s" "-w" "-X ${t}.Version=${versionToTimestamp version}" "-X ${t}.ReleaseTag=RELEASE.${version}" "-X ${t}.CommitID=${src.rev}" + ]; + + passthru.tests.minio = nixosTests.minio; + + meta = with lib; { + homepage = "https://www.minio.io/"; + description = "An S3-compatible object storage server"; + changelog = "https://github.com/minio/minio/releases/tag/RELEASE.${version}"; + maintainers = with maintainers; [ eelco bachp ]; + platforms = platforms.unix; + license = licenses.agpl3Plus; + }; +} -- 2.47.1 From 4b90002e45ab7704f75f5b0a0500dadc8a4019e4 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 26 Dec 2022 13:02:48 +0100 Subject: [PATCH 0604/1882] add hm modules: riff --- flake.lock | 24 +++++----- nixos/common/default.nix | 9 ++-- nixos/common/hm-modules/default.nix | 5 ++ nixos/common/hm-modules/riff.nix | 28 +++++++++++ nixos/hosts/thalassa/aoife/home/default.nix | 6 ++- nixos/util.nix | 52 ++++++++++----------- 6 files changed, 79 insertions(+), 45 deletions(-) create mode 100644 nixos/common/hm-modules/default.nix create mode 100644 nixos/common/hm-modules/riff.nix diff --git a/flake.lock b/flake.lock index 3f25682c..09f0efd8 100644 --- a/flake.lock +++ b/flake.lock @@ -454,11 +454,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1671841202, - "narHash": "sha256-w6vfVa6gj48YWjK+GUezq5U3UkvvGo/DEzdhAmr9Mhw=", + "lastModified": 1671982931, + "narHash": "sha256-cRInW7YYjw9xbjDTYOQD9PGo04aPAJWWu78PQ1HPkiQ=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "d87d2dac0b1385a4ab944df293bc48877564106c", + "rev": "cd08fa22fd1ddbb8604e42d01043617a8eb10520", "type": "github" }, "original": { @@ -581,11 +581,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1671843840, - "narHash": "sha256-oYVOnPL+rpnDFKiNeEtSDiH1H2sMqpoJmCmtfcs8lT4=", + "lastModified": 1672017029, + "narHash": "sha256-VGztJsDy094qcoaP5gxY0kqpcKGa7olw5v5W1yWqHoc=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "5a5f7a399e40c0e258aa0fd00529613b5ae2b7e7", + "rev": "8ded123b238808a95e8f3e8588d1dcfb96bdfa65", "type": "github" }, "original": { @@ -800,11 +800,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1671936867, - "narHash": "sha256-tOok3/MJWoRUEoPU5Ma/cTCeuw8ACx3Ozu1MlFcdvc8=", + "lastModified": 1671997655, + "narHash": "sha256-8zUwvnJrBwiFIdw9VgARj1PIQsto5Spn9J5v34b0O7A=", "owner": "nixos", "repo": "nixpkgs", - "rev": "18ee49839ea8817218c3bfe3a62e06f47a10fdd5", + "rev": "aac1f0b25e6b04afad8e05dec5828f5c02398bd1", "type": "github" }, "original": { @@ -886,11 +886,11 @@ }, "nur": { "locked": { - "lastModified": 1671975941, - "narHash": "sha256-n5fEPkVVarOnmO70xxuMFlMwYiNQGEaFm/k1ebx/vMo=", + "lastModified": 1672047887, + "narHash": "sha256-+Ckjrzz+mXVRB2fm12QEpa8Cz/9hm/48emkzyPxh97E=", "owner": "nix-community", "repo": "NUR", - "rev": "ce94b3d5d00080485f7a6dba0243a21d10c69273", + "rev": "0457d302f72e13b29dcf914f19b9616cbec5e44e", "type": "github" }, "original": { diff --git a/nixos/common/default.nix b/nixos/common/default.nix index ae72dddc..09ef92a3 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -1,13 +1,12 @@ { inputs, lib, config, ... }: { # This file deals with everything requiring `inputs`, the rest being delagated to `common.nix` # this is because we can't import inputs from all contexts as that can lead to infinite recursion. - imports = [ - ./common.nix - inputs.vault-secrets.nixosModules.vault-secrets - ]; + imports = [ ./common.nix inputs.vault-secrets.nixosModules.vault-secrets ]; nix.nixPath = [ "nixpkgs=${inputs.nixpkgs}" ]; - nix.registry.nixpkgs.flake = inputs.nixpkgs; + nix.registry.nixpkgs.flake = inputs.nixpkgs; + + home-manager.sharedModules = [ ./hm-modules ]; vault-secrets = let inherit (config.networking) domain hostName; diff --git a/nixos/common/hm-modules/default.nix b/nixos/common/hm-modules/default.nix new file mode 100644 index 00000000..9676a72e --- /dev/null +++ b/nixos/common/hm-modules/default.nix @@ -0,0 +1,5 @@ +{ ... }: { + imports = [ + ./riff.nix + ]; +} \ No newline at end of file diff --git a/nixos/common/hm-modules/riff.nix b/nixos/common/hm-modules/riff.nix new file mode 100644 index 00000000..509a782d --- /dev/null +++ b/nixos/common/hm-modules/riff.nix @@ -0,0 +1,28 @@ +{ config, pkgs, lib, inputs, ... }: +with lib; +let cfg = config.programs.riff; +in { + options.programs.riff = { + enable = mkEnableOption "riff"; + direnv = mkOption { + type = types.bool; + default = false; + description = '' + Whether to enable direnv support + ''; + }; + }; + config = mkIf cfg.enable { + home.packages = [ inputs.riff.packages.${pkgs.system}.riff ]; + + xdg.configFile."direnv/lib/riff.sh" = mkIf cfg.direnv { + executable = true; + text = '' + use_riff() { + watch_file Cargo.toml watch_file Cargo.lock + eval "$(riff --offline print-dev-env)" + } + ''; + }; + }; +} diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index 5a2dcab7..6acb4176 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -21,7 +21,6 @@ in { gcc gimp inputs.comma.packages.${pkgs.system}.default - inputs.riff.packages.${pkgs.system}.riff inputs.webcord.packages.${pkgs.system}.default jetbrains.clion jetbrains.idea-ultimate @@ -36,6 +35,11 @@ in { yt-dlp ]; + programs.riff = { + enable = true; + direnv = true; + }; + xdg.mimeApps.enable = true; xdg.mimeApps.defaultApplications = { "text/html" = "firefox.desktop"; diff --git a/nixos/util.nix b/nixos/util.nix index 75294cdb..7345fca3 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -3,32 +3,31 @@ let inherit (builtins) filter attrValues concatLists; # Helper function to resolve what should be imported depending on the type of config (lxc, vm, bare metal) - resolve_imports = - let - # lookup table - import_cases = { - "lxc" = [ - "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" - ./common/generic-lxc.nix - ]; - "vm" = [ - ./common/generic-vm.nix - ]; - "local" = [ - hyprland.nixosModules.default - ]; - }; - in - { hostname, realm, profile ? hostname, type ? "lxc", ... }: [ - home-manager.nixosModules.home-manager - mailserver.nixosModules.mailserver - ./common - "${./.}/hosts/${realm}/${profile}/configuration.nix" - ] ++ import_cases.${type}; -in -{ + resolve_imports = let + # lookup table + import_cases = { + "lxc" = [ + "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" + ./common/generic-lxc.nix + ]; + "vm" = [ ./common/generic-vm.nix ]; + "local" = [ hyprland.nixosModules.default ]; + }; + in { hostname, realm, profile ? hostname, type ? "lxc", ... }: + [ + home-manager.nixosModules.home-manager + mailserver.nixosModules.mailserver + ./common + "${./.}/hosts/${realm}/${profile}/configuration.nix" + ] ++ import_cases.${type}; +in { # Add to whatever realm a host belong to its list of tags - add_realm_to_tags = realm: map ({ tags ? [ ], ... }@host: host // { tags = [ realm ] ++ tags; inherit realm; }); + add_realm_to_tags = realm: + map ({ tags ? [ ], ... }@host: + host // { + tags = [ realm ] ++ tags; + inherit realm; + }); # Flatten all hosts to a single list flatten_hosts = hosts: concatLists (attrValues hosts); # Filter out all hosts which aren't nixos @@ -39,8 +38,7 @@ in let # this makes local apply work a bit nicer name = if realm == "thalassa" then hostname else "${hostname}.${realm}"; - in - { + in { "${name}" = { imports = resolve_imports host; networking = { -- 2.47.1 From 424d48bdb1ffde31d75407fae682434cd76e73b6 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 26 Dec 2022 15:13:04 +0100 Subject: [PATCH 0605/1882] refactor nix config a bit --- flake.nix | 3 +- nixos/hosts/hades/default.nix | 204 +++++++++------------ nixos/hosts/olympus/default.nix | 159 +++++++--------- nixos/hosts/olympus/dhcp/configuration.nix | 5 +- nixos/hosts/thalassa/aoife/README.md | 15 ++ nixos/hosts/thalassa/aoife/networking.nix | 2 +- nixos/hosts/thalassa/default.nix | 14 +- nixos/util.nix | 17 +- notes/ideas.md | 1 - 9 files changed, 182 insertions(+), 238 deletions(-) create mode 100644 nixos/hosts/thalassa/aoife/README.md diff --git a/flake.nix b/flake.nix index d47edf8c..9b924796 100644 --- a/flake.nix +++ b/flake.nix @@ -53,13 +53,12 @@ , ... }@inputs: let inherit (nixpkgs) lib; - inherit (builtins) mapAttrs; util = import ./nixos/util.nix inputs; system = "x86_64-linux"; # import and add realm to list of tags - hosts = mapAttrs util.add_realm_to_tags (import ./nixos/hosts); + hosts = util.add_realm_to_tags (import ./nixos/hosts); # flatten hosts to single list flat_hosts = util.flatten_hosts hosts; # Filter out all non-nixos hosts diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 0ae96552..519f6c78 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -1,228 +1,188 @@ -[ - { - hostname = "opnsense"; +{ + "opnsense" = { ip = "192.168.0.1"; mac = "00:0d:b9:56:b1:d8"; nix = false; - } - { - hostname = "nyx-bmc"; + }; + "nyx-bmc" = { ip = "192.168.0.99"; mac = "d0:50:99:f3:fa:42"; nix = false; - } - { - hostname = "nyx"; + }; + "nyx" = { ip = "192.168.0.100"; mac = "d0:50:99:de:99:4c"; nix = false; - } - { - hostname = "unifi"; + }; + "unifi" = { ip = "192.168.0.101"; mac = "5a:00:b7:6c:d1:e2"; - } - { - hostname = "plex"; + }; + "plex" = { ip = "192.168.0.102"; mac = "00:0c:29:a1:4e:28"; nix = false; - } - { - hostname = "vault-0"; + }; + "vault-0" = { ip = "192.168.0.103"; mac = "7A:14:15:ED:D1:E6"; tags = [ "vault" ]; - } - { - hostname = "pmm"; + }; + "pmm" = { ip = "192.168.0.104"; mac = "7A:A3:59:1D:69:07"; - } - { - hostname = "overseerr"; + }; + "overseerr" = { ip = "192.168.0.105"; mac = "8E:21:7F:88:3A:83"; - } - { - hostname = "tautulli"; + }; + "tautulli" = { ip = "192.168.0.106"; mac = "BE:30:DB:F8:C6:55"; - } - { - hostname = "MariaDB"; + }; + "MariaDB" = { ip = "192.168.0.109"; mac = "00:0c:29:23:4f:12"; nix = false; - } - { - hostname = "bitwarden_rs"; + }; + "bitwarden_rs" = { ip = "192.168.0.110"; mac = "00:0c:29:f5:98:00"; nix = false; - } - { - hostname = "rtorrent"; + }; + "rtorrent" = { ip = "192.168.0.111"; mac = "7a:5f:9b:62:49:91"; - } - { - hostname = "minio"; + }; + "minio" = { ip = "192.168.0.112"; mac = "ae:c6:94:bb:c5:d9"; - } - { - hostname = "cshub2"; + }; + "cshub2" = { ip = "192.168.0.113"; mac = "26:8c:f6:f4:21:76"; nix = false; - } - { - hostname = "bastion"; + }; + "bastion" = { ip = "192.168.0.114"; mac = "66:14:8e:b2:50:c4"; - } - { - hostname = "storage"; + }; + "storage" = { ip = "192.168.0.115"; mac = "00:50:56:91:0d:69"; nix = false; - } - { - hostname = "unpackerr"; + }; + "unpackerr" = { ip = "192.168.0.116"; mac = "06:8a:8e:3e:43:45"; - } - { - hostname = "thelounge"; + }; + "thelounge" = { ip = "192.168.0.117"; mac = "00:0c:29:2a:69:8f"; nix = false; - } - { - hostname = "mail"; + }; + "mail" = { ip = "192.168.0.118"; mac = "00:50:56:91:3b:03"; nix = false; - } - { - hostname = "bazarr"; + }; + "bazarr" = { ip = "192.168.0.119"; mac = "DE:7C:32:7E:DD:A1"; - } - { - hostname = "radarr2"; + }; + "radarr2" = { ip = "192.168.0.120"; mac = "5e:d3:75:93:56:ee"; profile = "radarr"; - } - { - hostname = "jackett2"; + }; + "jackett2" = { ip = "192.168.0.121"; mac = "4e:e7:64:b7:88:b8"; profile = "jackett"; nix = false; # superseded by prowlarr - } - { - hostname = "nginx"; + }; + "nginx" = { ip = "192.168.0.123"; mac = "00:0c:29:9b:10:82"; nix = false; - } - { - hostname = "pve-storage"; + }; + "pve-storage" = { ip = "192.168.0.124"; mac = "d4:3d:7e:35:0a:bf"; nix = false; - } - { - hostname = "database"; + }; + "database" = { ip = "192.168.0.126"; mac = "82:e8:71:7f:37:b4"; - } - { - hostname = "dn42"; + }; + "dn42" = { ip = "192.168.0.127"; mac = "12:fa:24:02:65:e6"; nix = false; - } - { - hostname = "docker-registry-proxy"; + }; + "docker-registry-proxy" = { ip = "192.168.0.128"; mac = "0e:11:65:62:66:9f"; - } - { - hostname = "hassio"; + }; + "hassio" = { ip = "192.168.0.129"; mac = "e6:80:32:fb:00:75"; nix = false; - } - { - hostname = "docker-registry"; + }; + "docker-registry" = { ip = "192.168.0.130"; mac = "5e:0e:a6:cf:64:70"; - } - { - hostname = "minecraft"; + }; + "minecraft" = { ip = "192.168.0.131"; mac = "00:0c:29:9b:e1:c4"; nix = false; - } - { - hostname = "sonarr2"; + }; + "sonarr2" = { ip = "192.168.0.132"; mac = "ea:ac:be:53:18:27"; profile = "sonarr"; - } - { - hostname = "postgres"; + }; + "postgres" = { ip = "192.168.0.133"; mac = "6e:92:a9:5e:4c:e2"; nix = false; - } - { - hostname = "vault"; + }; + "vault" = { ip = "192.168.0.134"; mac = "56:20:62:16:8a:11"; nix = false; - } - { - hostname = "vmetrics"; + }; + "vmetrics" = { ip = "192.168.0.135"; mac = "96:10:41:fd:2a:0a"; nix = false; - } - { - hostname = "mastodon"; + }; + "mastodon" = { ip = "192.168.0.138"; mac = "52:60:8a:06:86:9c"; - } - { - hostname = "lidarr"; + }; + "lidarr" = { ip = "192.168.0.139"; mac = "7a:0f:25:e5:7f:e5"; nix = false; - } - { - hostname = "prowlarr"; + }; + "prowlarr" = { ip = "192.168.0.140"; mac = "3a:67:8e:98:0c:a2"; - } - { - hostname = "readarr"; + }; + "readarr" = { ip = "192.168.0.141"; mac = "E6:A2:37:4A:7C:87"; - } - { - hostname = "archlinux"; + }; + "archlinux" = { ip = "192.168.0.200"; mac = "00:0c:29:e4:0d:17"; nix = false; - } - { - hostname = "HP781AFC"; + }; + "HP781AFC" = { ip = "192.168.0.201"; mac = "f4:ce:46:78:1a:fc"; nix = false; - } -] + }; +} \ No newline at end of file diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 20ee1352..db19c101 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -1,56 +1,48 @@ -[ - { - hostname = "edgerouter"; +{ + "edgerouter" = { ip = "10.42.42.1"; ip6 = "2001:41f0:9639:1:b6fb:e4ff:fe53:9c0"; mac = "B4:FB:E4:53:9C:0A"; nix = false; - } - { - hostname = "unifi-ap"; + }; + "unifi-ap" = { ip = "10.42.42.2"; mac = "b4:fb:e4:f3:ff:1b"; nix = false; - } - { - hostname = "dhcp"; + }; + "dhcp" = { ip = "10.42.42.3"; mac = "3E:2D:E8:AA:E2:81"; tags = [ "networking" ]; - } - { - hostname = "bastion"; + }; + "bastion" = { ip = "10.42.42.4"; ip6 = "2001:41f0:9639:1:80f0:7cff:fecb:bd6d"; mac = "82:F0:7C:CB:BD:6D"; type = "vm"; - } - { - hostname = "vault"; + }; + "vault" = { ip = "10.42.42.6"; mac = "16:2B:87:55:0C:0C"; profile = "vault-0"; tags = [ "vault" ]; - } - { - hostname = "mosquitto"; + }; + "mosquitto" = { ip = "10.42.42.7"; mac = "C6:F9:8B:3D:9E:37"; - } - { - hostname = "home-assistant"; + }; + "home-assistant" = { ip = "10.42.42.8"; ip6 = "2001:41f0:9639:1:bfe7:3fd9:75de:cbee"; mac = "9E:60:78:ED:81:B4"; nix = false; - } - { - hostname = "nginx"; + }; + "nginx" = { ip = "10.42.42.9"; ip6 = "2001:41f0:9639:1:68c2:89ff:fe85:cfa6"; mac = "6A:C2:89:85:CF:A6"; tags = [ "web" ]; - } + }; # { # hostname = "k3s-node1"; # profile = "k3s"; @@ -58,133 +50,110 @@ # mac = "2E:F8:55:23:D9:9B"; # type = "vm"; # } - { - hostname = "WoolooTV"; + "WoolooTV" = { ip = "10.42.42.13"; mac = "74:40:be:48:85:a4"; nix = false; - } - { - hostname = "outline"; + }; + "outline" = { mac = "52:13:EB:FD:87:F0"; ip = "10.42.42.14"; - } - { - hostname = "dns-1"; + }; + "dns-1" = { profile = "dns"; ip = "10.42.42.15"; mac = "5E:F6:36:23:16:E3"; tags = [ "dns" "networking" ]; - } - { - hostname = "dns-2"; + }; + "dns-2" = { profile = "dns"; ip = "10.42.42.16"; mac = "B6:04:0B:CD:0F:9F"; tags = [ "dns" "networking" ]; - } - { - hostname = "minio"; + }; + "minio" = { ip = "10.42.42.17"; mac = "0A:06:5E:E7:9A:0C"; - } - { - hostname = "mailserver"; + }; + "mailserver" = { ip = "10.42.42.18"; mac = "AA:F2:3D:5E:B3:40"; - } - { - hostname = "victoriametrics"; + }; + "victoriametrics" = { ip = "10.42.42.19"; mac = "9E:91:61:35:84:1F"; - } - { - hostname = "unifi"; + }; + "unifi" = { ip = "10.42.42.20"; mac = "1A:88:A0:B0:65:B4"; - } - { - hostname = "minecraft"; + }; + "minecraft" = { ip = "10.42.42.21"; mac = "EA:30:73:E4:B6:69"; nix = false; - } - { - hostname = "gitea"; + }; + "gitea" = { ip = "10.42.42.22"; mac = "DE:5F:B0:83:6F:34"; - } - { - hostname = "hedgedoc"; + }; + "hedgedoc" = { ip = "10.42.42.23"; mac = "86:BC:0C:18:BC:9B"; - } - { - hostname = "zmeura"; + }; + "zmeura" = { ip = "10.42.42.24"; mac = "b8:27:eb:d5:e0:f5"; nix = false; - } - { - hostname = "wireguard"; + }; + "wireguard" = { ip = "10.42.42.25"; mac = "1E:ED:97:2C:C3:9D"; - } - { - hostname = "database"; + }; + "database" = { ip = "10.42.42.26"; mac = "CE:6E:96:87:18:1B"; - } - { - hostname = "bookwyrm"; + }; + "bookwyrm" = { ip = "10.42.42.27"; mac = "9E:8A:6C:39:27:DE"; nix = false; - } - { - hostname = "synapse"; + }; + "synapse" = { ip = "10.42.42.28"; mac = "9E:86:D3:46:EE:AE"; - } - { - hostname = "keycloak"; + }; + "keycloak" = { ip = "10.42.42.29"; mac = "A6:09:1D:A8:81:28"; - } - { - hostname = "vault-1"; + }; + "vault-1" = { ip = "10.42.42.30"; mac = "26:69:0E:7C:B3:79"; profile = "vault-1"; tags = [ "vault" ]; - } - { - hostname = "vaultwarden"; + }; + "vaultwarden" = { ip = "10.42.42.31"; mac = "96:61:03:16:63:98"; - } - { - hostname = "ntfy"; + }; + "ntfy" = { ip = "10.42.42.32"; mac = "7A:17:9E:80:72:01"; - } - { - hostname = "woodpecker"; + }; + "woodpecker" = { ip = "10.42.42.33"; mac = "1E:24:DA:DB:4A:1A"; - } - { - hostname = "nuc"; + }; + "nuc" = { ip = "10.42.42.42"; ip6 = "2001:41f0:9639:1::42"; mac = "1C:69:7A:62:30:88"; nix = false; - } - { - hostname = "eevee"; + }; + "eevee" = { ip = "10.42.42.69"; ip6 = "2001:41f0:9639:1:a83:e416:dc99:5ed3"; mac = "34:97:f6:93:9A:AA"; nix = false; - } -] + }; +} diff --git a/nixos/hosts/olympus/dhcp/configuration.nix b/nixos/hosts/olympus/dhcp/configuration.nix index 86390824..cc360224 100644 --- a/nixos/hosts/olympus/dhcp/configuration.nix +++ b/nixos/hosts/olympus/dhcp/configuration.nix @@ -1,13 +1,16 @@ { config, pkgs, hosts, ... }: let inherit (builtins) filter hasAttr; + inherit (pkgs.lib.attrsets) mapAttrsToList; hostToDhcp = { hostname, mac, ip, ... }: { ethernetAddress = mac; hostName = hostname; ipAddress = ip; }; localDomain = config.networking.domain; - hosts' = filter (h: hasAttr "ip" h && hasAttr "mac" h) hosts.${localDomain}; + # TODO: Alternatively filter on flat_hosts where realm == localDomain + local_hosts = mapAttrsToList (name: value: value // { hostname = name; }) hosts.${localDomain}; + hosts' = filter (h: hasAttr "ip" h && hasAttr "mac" h) local_hosts; in { imports = [ ]; diff --git a/nixos/hosts/thalassa/aoife/README.md b/nixos/hosts/thalassa/aoife/README.md new file mode 100644 index 00000000..9ecd689d --- /dev/null +++ b/nixos/hosts/thalassa/aoife/README.md @@ -0,0 +1,15 @@ +# Aoife +This is the NixOS config for my laptop `aoife`. + +## Hardware +This is a Thinkpad Z16 Gen 1. + +**CPU**: AMD Ryzen 9 PRO 6950H (16 cores) @ 4.935GHz +**RAM**: 32GB LPDDR5 6400MHz +**SCREEN**: 16" 3840 x 2400 OLED +**GPU**: AMD Radeon™ RX 6500M, 4 GB, GDDR6 + +## Software +**OS**: NixOS +**DE**: Gnome +**Shell**: ZSH (grml) diff --git a/nixos/hosts/thalassa/aoife/networking.nix b/nixos/hosts/thalassa/aoife/networking.nix index 07699775..16d4e073 100644 --- a/nixos/hosts/thalassa/aoife/networking.nix +++ b/nixos/hosts/thalassa/aoife/networking.nix @@ -1,4 +1,4 @@ -{ ... }: { +_: { networking.networkmanager.enable = true; networking.firewall.checkReversePath = false; # networking.firewall.enable = false; diff --git a/nixos/hosts/thalassa/default.nix b/nixos/hosts/thalassa/default.nix index d477aa2b..61fc396d 100644 --- a/nixos/hosts/thalassa/default.nix +++ b/nixos/hosts/thalassa/default.nix @@ -1,10 +1,4 @@ -[ - { - hostname = "null"; - type = "local"; - } - { - hostname = "aoife"; - type = "local"; - } -] +{ + "null" = { type = "local"; }; + "aoife" = { type = "local"; }; +} diff --git a/nixos/util.nix b/nixos/util.nix index 7345fca3..19c9dfe3 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -1,7 +1,7 @@ { nixpkgs, home-manager, hyprland, mailserver, ... }: let - inherit (builtins) filter attrValues concatLists; - + inherit (builtins) filter attrValues concatMap mapAttrs; + inherit (nixpkgs.lib.attrsets) mapAttrsToList; # Helper function to resolve what should be imported depending on the type of config (lxc, vm, bare metal) resolve_imports = let # lookup table @@ -22,14 +22,19 @@ let ] ++ import_cases.${type}; in { # Add to whatever realm a host belong to its list of tags - add_realm_to_tags = realm: - map ({ tags ? [ ], ... }@host: + add_realm_to_tags = mapAttrs (realm: + mapAttrs (hostname: + { tags ? [ ], ... }@host: host // { tags = [ realm ] ++ tags; inherit realm; - }); + })); + # Flatten all hosts to a single list - flatten_hosts = hosts: concatLists (attrValues hosts); + flatten_hosts = realms: + concatMap (mapAttrsToList (name: value: value // { hostname = name; })) + (attrValues realms); + # Filter out all hosts which aren't nixos filter_nix_hosts = filter ({ nix ? true, ... }: nix); diff --git a/notes/ideas.md b/notes/ideas.md index 455de91b..505fc820 100644 --- a/notes/ideas.md +++ b/notes/ideas.md @@ -8,7 +8,6 @@ Re-use `hosts` setup and add domain and port information to each host # new stuff exposes = { requests = { - port = 3000; domain = "requests.xirion.net"; port = 3000; }; -- 2.47.1 From ba141a633dcb9016fa334849abd81a9913d395d9 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 26 Dec 2022 15:27:09 +0100 Subject: [PATCH 0606/1882] simplify dhcp config --- nixos/hosts/olympus/dhcp/configuration.nix | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/nixos/hosts/olympus/dhcp/configuration.nix b/nixos/hosts/olympus/dhcp/configuration.nix index cc360224..90fdb3cb 100644 --- a/nixos/hosts/olympus/dhcp/configuration.nix +++ b/nixos/hosts/olympus/dhcp/configuration.nix @@ -1,19 +1,16 @@ -{ config, pkgs, hosts, ... }: +{ config, pkgs, flat_hosts, ... }: let inherit (builtins) filter hasAttr; - inherit (pkgs.lib.attrsets) mapAttrsToList; hostToDhcp = { hostname, mac, ip, ... }: { ethernetAddress = mac; hostName = hostname; ipAddress = ip; }; localDomain = config.networking.domain; - # TODO: Alternatively filter on flat_hosts where realm == localDomain - local_hosts = mapAttrsToList (name: value: value // { hostname = name; }) hosts.${localDomain}; - hosts' = filter (h: hasAttr "ip" h && hasAttr "mac" h) local_hosts; + hosts = + filter (h: hasAttr "ip" h && hasAttr "mac" h && h.realm == localDomain) + flat_hosts; in { - imports = [ ]; - networking = { defaultGateway = "10.42.42.1"; nameservers = [ "10.42.42.15" "10.42.42.16" ]; @@ -52,6 +49,6 @@ in { range 10.42.43.1 10.42.43.254; } ''; - machines = map hostToDhcp hosts'; + machines = map hostToDhcp hosts; }; } -- 2.47.1 From 409d4e01a5a636628415e34a8398f1426b229a3e Mon Sep 17 00:00:00 2001 From: Terrance Kennedy Date: Mon, 26 Dec 2022 16:14:38 -0700 Subject: [PATCH 0607/1882] Fix colmena link --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 7c7b5b70..470f5ffb 100644 --- a/README.md +++ b/README.md @@ -9,4 +9,4 @@ to deploy the infrastructure, this can be accessed running `nix develop`. [Flux]: https://github.com/fluxcd/flux2 -[deploy-rs]: https://colmena.cli.rs/unstable/ +[colmena]: https://colmena.cli.rs/unstable/ -- 2.47.1 From 13af8093e498bb77fcb64c95cb6279e7e5564474 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 28 Dec 2022 15:55:38 +0100 Subject: [PATCH 0608/1882] flake update --- flake.lock | 24 ++++++++++++------------ flake.nix | 5 +++-- nixos/proxmox-lxc.nix | 2 +- notes/ideas.md | 6 +++--- repl.nix | 10 +++------- 5 files changed, 22 insertions(+), 25 deletions(-) diff --git a/flake.lock b/flake.lock index 09f0efd8..5d2a43e2 100644 --- a/flake.lock +++ b/flake.lock @@ -454,11 +454,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1671982931, - "narHash": "sha256-cRInW7YYjw9xbjDTYOQD9PGo04aPAJWWu78PQ1HPkiQ=", + "lastModified": 1672238357, + "narHash": "sha256-xqAoDgopfv8y9q6xWu82LK4Pf9S3WOBar9+6VTlc6VM=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "cd08fa22fd1ddbb8604e42d01043617a8eb10520", + "rev": "a6699ef30c0a7f66c4b1ff6e38ea836b8e898015", "type": "github" }, "original": { @@ -581,11 +581,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1672017029, - "narHash": "sha256-VGztJsDy094qcoaP5gxY0kqpcKGa7olw5v5W1yWqHoc=", + "lastModified": 1672189776, + "narHash": "sha256-UrcVHWeY7ad+CUkkddb6qAjlCKDAiAwsmcbxnPZU8eQ=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "8ded123b238808a95e8f3e8588d1dcfb96bdfa65", + "rev": "b34d73e47078bd7b1e214831a7ab947e6a2140a7", "type": "github" }, "original": { @@ -800,11 +800,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1671997655, - "narHash": "sha256-8zUwvnJrBwiFIdw9VgARj1PIQsto5Spn9J5v34b0O7A=", + "lastModified": 1672202919, + "narHash": "sha256-uNv6D+C3y/5b72DPx04E70OAa2oN4fAuCLulNAdWneg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "aac1f0b25e6b04afad8e05dec5828f5c02398bd1", + "rev": "57dbff4228a9d8fba7aedf439ffdd841a2326427", "type": "github" }, "original": { @@ -886,11 +886,11 @@ }, "nur": { "locked": { - "lastModified": 1672047887, - "narHash": "sha256-+Ckjrzz+mXVRB2fm12QEpa8Cz/9hm/48emkzyPxh97E=", + "lastModified": 1672238814, + "narHash": "sha256-Smw3SBu9y9LaiBkZPvditOQP/s11qUrBDMAAYzj8VPg=", "owner": "nix-community", "repo": "NUR", - "rev": "0457d302f72e13b29dcf914f19b9616cbec5e44e", + "rev": "e578f1caa6ff51a68cabac472f6f68e1d576c213", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 9b924796..2c89f557 100644 --- a/flake.nix +++ b/flake.nix @@ -26,7 +26,8 @@ hyprpaper.url = "github:hyprwm/hyprpaper"; hyprpaper.inputs.nixpkgs.follows = "nixpkgs"; - riff.url = "github:DeterminateSystems/riff/cole/ds-285-use-rustup-based-rustc-and-cargo"; + riff.url = + "github:DeterminateSystems/riff/cole/ds-285-use-rustup-based-rustc-and-cargo"; riff.inputs.nixpkgs.follows = "nixpkgs"; webcord.url = "github:fufexan/webcord-flake"; @@ -65,7 +66,7 @@ nixHosts = util.filter_nix_hosts flat_hosts; # Define args each module gets access to (access to hosts is useful for DNS/DHCP) - specialArgs = { inherit hosts flat_hosts inputs; }; + specialArgs = { inherit flat_hosts inputs; }; pkgs = import nixpkgs { inherit system; overlays = [ diff --git a/nixos/proxmox-lxc.nix b/nixos/proxmox-lxc.nix index 290def2b..8eac5c5b 100644 --- a/nixos/proxmox-lxc.nix +++ b/nixos/proxmox-lxc.nix @@ -15,7 +15,7 @@ openFirewall = true; }; - networking.hostName = "template"; + networking.hostName = lib.mkDefault "template"; time.timeZone = lib.mkDefault "Europe/Amsterdam"; diff --git a/notes/ideas.md b/notes/ideas.md index 505fc820..0318c1c7 100644 --- a/notes/ideas.md +++ b/notes/ideas.md @@ -1,8 +1,7 @@ # 1. Add port info to hosts Re-use `hosts` setup and add domain and port information to each host ```nix -{ - hostname = "overseerr"; +"overseerr" = { ip = "192.168.0.105"; mac = "8E:21:7F:88:3A:83"; # new stuff @@ -21,7 +20,8 @@ virtualHosts."requests.xirion.net" = proxy "http://192.168.0.105:80"; ``` Ideally hosts should also be able to access their own host information more easily so -that in service config one could use `thisHost.exposes.requests.port` or similar +that in service config one could use `thisHost.exposes.requests.port` or similar, +and the firewall can automatically be opened # 2. Authoritative nameserver Using the definitions from (1), we can then also build authoritative DNS records diff --git a/repl.nix b/repl.nix index 77ee9d67..592bf148 100644 --- a/repl.nix +++ b/repl.nix @@ -1,10 +1,6 @@ let flake = builtins.getFlake (toString ./.); nixpkgs = import { }; -in -{ inherit flake; } -// flake -// builtins -// nixpkgs -// nixpkgs.lib -// flake.nixosConfigurations +in { + inherit flake; +} // flake // builtins // nixpkgs // nixpkgs.lib // flake.nixosConfigurations -- 2.47.1 From 43edb223d34e6acce94e4f6e65fedb5cb4029c58 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 28 Dec 2022 15:59:15 +0100 Subject: [PATCH 0609/1882] cleanup flux --- .../apps/gitops/drone/external-secret.yaml | 27 ----- .../apps/gitops/drone/kustomization.yaml | 6 -- flux/cluster/apps/gitops/drone/runner.yaml | 30 ------ flux/cluster/apps/gitops/drone/server.yaml | 37 ------- flux/cluster/apps/gitops/kustomization.yaml | 1 - flux/cluster/apps/kustomization.yaml | 1 - .../monitoring/goldilocks/helm-release.yaml | 22 ----- .../monitoring/goldilocks/kustomization.yaml | 4 - .../apps/monitoring/kustomization.yaml | 6 -- .../apps/monitoring/polaris/helm-release.yaml | 21 ---- .../monitoring/polaris/kustomization.yaml | 4 - .../apps/monitoring/vpa/helm-release.yaml | 24 ----- .../apps/monitoring/vpa/kustomization.yaml | 4 - .../presidential-paradise/kustomization.yaml | 2 - .../wooloofanclub/kustomization.yaml | 4 - .../wooloofanclub/wooloo.yaml | 98 ------------------- .../zookeeper/deployment.yaml | 53 ---------- .../zookeeper/external-secret.yaml | 33 ------- .../zookeeper/ingress.yaml | 17 ---- .../zookeeper/kustomization.yaml | 7 -- .../presidential-paradise/zookeeper/svc.yaml | 27 ----- 21 files changed, 428 deletions(-) delete mode 100644 flux/cluster/apps/gitops/drone/external-secret.yaml delete mode 100644 flux/cluster/apps/gitops/drone/kustomization.yaml delete mode 100644 flux/cluster/apps/gitops/drone/runner.yaml delete mode 100644 flux/cluster/apps/gitops/drone/server.yaml delete mode 100644 flux/cluster/apps/monitoring/goldilocks/helm-release.yaml delete mode 100644 flux/cluster/apps/monitoring/goldilocks/kustomization.yaml delete mode 100644 flux/cluster/apps/monitoring/kustomization.yaml delete mode 100644 flux/cluster/apps/monitoring/polaris/helm-release.yaml delete mode 100644 flux/cluster/apps/monitoring/polaris/kustomization.yaml delete mode 100644 flux/cluster/apps/monitoring/vpa/helm-release.yaml delete mode 100644 flux/cluster/apps/monitoring/vpa/kustomization.yaml delete mode 100644 flux/cluster/apps/presidential-paradise/wooloofanclub/kustomization.yaml delete mode 100644 flux/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml delete mode 100644 flux/cluster/apps/presidential-paradise/zookeeper/deployment.yaml delete mode 100644 flux/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml delete mode 100644 flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml delete mode 100644 flux/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml delete mode 100644 flux/cluster/apps/presidential-paradise/zookeeper/svc.yaml diff --git a/flux/cluster/apps/gitops/drone/external-secret.yaml b/flux/cluster/apps/gitops/drone/external-secret.yaml deleted file mode 100644 index 11894ddc..00000000 --- a/flux/cluster/apps/gitops/drone/external-secret.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: drone - namespace: gitops -spec: - refreshInterval: "5m" - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: drone - data: - - secretKey: DRONE_RPC_SECRET - remoteRef: - key: gitops/drone - property: drone_rpc_secret - - - secretKey: DRONE_GITEA_CLIENT_ID - remoteRef: - key: gitops/drone - property: drone_gitea_client_id - - - secretKey: DRONE_GITEA_CLIENT_SECRET - remoteRef: - key: gitops/drone - property: drone_gitea_client_secret diff --git a/flux/cluster/apps/gitops/drone/kustomization.yaml b/flux/cluster/apps/gitops/drone/kustomization.yaml deleted file mode 100644 index 8839b330..00000000 --- a/flux/cluster/apps/gitops/drone/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - server.yaml - - runner.yaml - - external-secret.yaml diff --git a/flux/cluster/apps/gitops/drone/runner.yaml b/flux/cluster/apps/gitops/drone/runner.yaml deleted file mode 100644 index 1cc17c02..00000000 --- a/flux/cluster/apps/gitops/drone/runner.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: drone-runner-kube - namespace: gitops -spec: - interval: 1h - chart: - spec: - chart: drone-runner-kube - version: 0.1.10 - sourceRef: - kind: HelmRepository - name: drone-charts - namespace: flux-system - valuesFrom: - - kind: Secret - name: drone - valuesKey: DRONE_RPC_SECRET - targetPath: env.DRONE_RPC_SECRET - values: - image: - repository: drone/drone-runner-kube - tag: 1.0.0-rc.3 - rbac: - buildNamespaces: - - drone-build - env: - DRONE_NAMESPACE_DEFAULT: drone-build - DRONE_RPC_HOST: "drone:8080" diff --git a/flux/cluster/apps/gitops/drone/server.yaml b/flux/cluster/apps/gitops/drone/server.yaml deleted file mode 100644 index e435144b..00000000 --- a/flux/cluster/apps/gitops/drone/server.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: drone - namespace: gitops -spec: - interval: 1h - chart: - spec: - chart: drone - version: 0.5.0 - sourceRef: - kind: HelmRepository - name: drone-charts - namespace: flux-system - values: - image: - repository: drone/drone - tag: 2.12.1 - ingress: - enabled: true - hosts: - - host: drone.0x76.dev - paths: - - path: / - pathType: Prefix - persistentVolume: - enabled: false - extraSecretNamesForEnvFrom: - - drone - env: - DRONE_DATABASE_DRIVER: postgres - DRONE_DATABASE_DATASOURCE: postgres://drone@10.42.42.26/drone?sslmode=disable - DRONE_GIT_ALWAYS_AUTH: true - DRONE_GITEA_SERVER: https://git.0x76.dev - DRONE_SERVER_HOST: drone.0x76.dev - DRONE_SERVER_PROTO: https diff --git a/flux/cluster/apps/gitops/kustomization.yaml b/flux/cluster/apps/gitops/kustomization.yaml index 91f0de33..4ddab702 100644 --- a/flux/cluster/apps/gitops/kustomization.yaml +++ b/flux/cluster/apps/gitops/kustomization.yaml @@ -2,4 +2,3 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - renovate - - drone diff --git a/flux/cluster/apps/kustomization.yaml b/flux/cluster/apps/kustomization.yaml index 8802a6a9..5dc0ccd6 100644 --- a/flux/cluster/apps/kustomization.yaml +++ b/flux/cluster/apps/kustomization.yaml @@ -4,5 +4,4 @@ resources: - networking - presidential-paradise - gitops - - monitoring - olympus diff --git a/flux/cluster/apps/monitoring/goldilocks/helm-release.yaml b/flux/cluster/apps/monitoring/goldilocks/helm-release.yaml deleted file mode 100644 index 9c3d2a22..00000000 --- a/flux/cluster/apps/monitoring/goldilocks/helm-release.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: goldilocks - namespace: monitoring -spec: - interval: 5m - chart: - spec: - chart: goldilocks - version: 6.1.4 - sourceRef: - kind: HelmRepository - name: fairwinds-charts - namespace: flux-system - interval: 5m - timeout: 20m - values: - dashboard: - replicaCount: 1 - ingress: - enabled: false diff --git a/flux/cluster/apps/monitoring/goldilocks/kustomization.yaml b/flux/cluster/apps/monitoring/goldilocks/kustomization.yaml deleted file mode 100644 index 34a8531c..00000000 --- a/flux/cluster/apps/monitoring/goldilocks/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - helm-release.yaml diff --git a/flux/cluster/apps/monitoring/kustomization.yaml b/flux/cluster/apps/monitoring/kustomization.yaml deleted file mode 100644 index 98bb16bb..00000000 --- a/flux/cluster/apps/monitoring/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - vpa - - goldilocks - - polaris diff --git a/flux/cluster/apps/monitoring/polaris/helm-release.yaml b/flux/cluster/apps/monitoring/polaris/helm-release.yaml deleted file mode 100644 index bd25c58c..00000000 --- a/flux/cluster/apps/monitoring/polaris/helm-release.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: polaris - namespace: monitoring -spec: - interval: 5m - chart: - spec: - chart: polaris - version: 5.4.1 - sourceRef: - kind: HelmRepository - name: fairwinds-charts - namespace: flux-system - interval: 5m - timeout: 20m - values: - dashboard: - replicas: 1 - enable: true diff --git a/flux/cluster/apps/monitoring/polaris/kustomization.yaml b/flux/cluster/apps/monitoring/polaris/kustomization.yaml deleted file mode 100644 index 34a8531c..00000000 --- a/flux/cluster/apps/monitoring/polaris/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - helm-release.yaml diff --git a/flux/cluster/apps/monitoring/vpa/helm-release.yaml b/flux/cluster/apps/monitoring/vpa/helm-release.yaml deleted file mode 100644 index 22504ab7..00000000 --- a/flux/cluster/apps/monitoring/vpa/helm-release.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: vpa - namespace: monitoring -spec: - interval: 5m - chart: - spec: - chart: vpa - version: 1.4.0 - sourceRef: - kind: HelmRepository - name: fairwinds-charts - namespace: flux-system - interval: 5m - timeout: 20m - values: - recommender: - enabled: true - updater: - enabled: false - admissionController: - enabled: false diff --git a/flux/cluster/apps/monitoring/vpa/kustomization.yaml b/flux/cluster/apps/monitoring/vpa/kustomization.yaml deleted file mode 100644 index 34a8531c..00000000 --- a/flux/cluster/apps/monitoring/vpa/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - helm-release.yaml diff --git a/flux/cluster/apps/presidential-paradise/kustomization.yaml b/flux/cluster/apps/presidential-paradise/kustomization.yaml index fb65b5ab..43c62827 100644 --- a/flux/cluster/apps/presidential-paradise/kustomization.yaml +++ b/flux/cluster/apps/presidential-paradise/kustomization.yaml @@ -3,5 +3,3 @@ kind: Kustomization resources: - xirion-registry-creds.yaml - 0x76dev - - wooloofanclub - - zookeeper diff --git a/flux/cluster/apps/presidential-paradise/wooloofanclub/kustomization.yaml b/flux/cluster/apps/presidential-paradise/wooloofanclub/kustomization.yaml deleted file mode 100644 index 1f8410fb..00000000 --- a/flux/cluster/apps/presidential-paradise/wooloofanclub/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - wooloo.yaml diff --git a/flux/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml b/flux/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml deleted file mode 100644 index c839834c..00000000 --- a/flux/cluster/apps/presidential-paradise/wooloofanclub/wooloo.yaml +++ /dev/null @@ -1,98 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wooloofan-club - namespace: presidential-paradise - labels: - app: wooloofan-club -spec: - replicas: 1 - selector: - matchLabels: - app: wooloofan-club - template: - metadata: - labels: - app: wooloofan-club - spec: - containers: - - name: wooloofan-club - image: 0x76/wooloofan.club - ports: - - containerPort: 80 ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wooloofan-club-whoami - namespace: presidential-paradise - labels: - app: wooloofan-club-whoami -spec: - replicas: 1 - selector: - matchLabels: - app: wooloofan-club-whoami - template: - metadata: - labels: - app: wooloofan-club-whoami - spec: - containers: - - name: wooloofan-club-whoami - image: containous/whoami - ports: - - containerPort: 80 ---- -apiVersion: v1 -kind: Service -metadata: - name: wooloofan-club-service - namespace: presidential-paradise -spec: - selector: - app: wooloofan-club - ports: - - protocol: TCP - port: 80 ---- -apiVersion: v1 -kind: Service -metadata: - name: wooloofan-club-whoami-service - namespace: presidential-paradise -spec: - selector: - app: wooloofan-club-whoami - ports: - - protocol: TCP - port: 80 ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: wooloofan-club-ingress - namespace: presidential-paradise -spec: - ingressClassName: "traefik" - rules: - - host: "wooloofan.club" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: wooloofan-club-service - port: - number: 80 - - host: "whoami.wooloofan.club" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: wooloofan-club-whoami-service - port: - number: 80 diff --git a/flux/cluster/apps/presidential-paradise/zookeeper/deployment.yaml b/flux/cluster/apps/presidential-paradise/zookeeper/deployment.yaml deleted file mode 100644 index 1404435d..00000000 --- a/flux/cluster/apps/presidential-paradise/zookeeper/deployment.yaml +++ /dev/null @@ -1,53 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: zookeeper - namespace: presidential-paradise - labels: - app: zookeeper -spec: - replicas: 1 - selector: - matchLabels: - app: zookeeper - strategy: - type: RollingUpdate - rollingUpdate: - maxSurge: 34% - maxUnavailable: 34% - template: - metadata: - name: zookeeper - labels: - app: zookeeper - spec: - imagePullSecrets: - - name: xirion-registry-creds - containers: - - name: zookeeper - image: registry.xirion.net/library/zookeeper:0.3.1 # {"$imagepolicy": "flux-system:zookeeper"} - ports: - - name: web - containerPort: 8085 - - name: epmd - containerPort: 4369 - envFrom: - - secretRef: - name: zookeeper - env: - - name: LANG - value: C.UTF-8 - - name: HOSTNAME - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: SERVICE_NAME - value: zookeeper-private.presidential-paradise.svc.cluster.local - resources: {} - securityContext: - privileged: false - procMount: Default - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - dnsPolicy: ClusterFirst - terminationGracePeriodSeconds: 30 diff --git a/flux/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml b/flux/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml deleted file mode 100644 index fac7c6f0..00000000 --- a/flux/cluster/apps/presidential-paradise/zookeeper/external-secret.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: zookeeper - namespace: presidential-paradise -spec: - refreshInterval: "5m" - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: zookeeper - data: - - secretKey: DISCORD_APP_ID - remoteRef: - key: presidential-paradise/zookeeper - property: discord_app_id - - secretKey: DISCORD_PUBLIC_KEY - remoteRef: - key: presidential-paradise/zookeeper - property: discord_public_key - - secretKey: DISCORD_TOKEN - remoteRef: - key: presidential-paradise/zookeeper - property: discord_token - - secretKey: TWITTER_TOKEN - remoteRef: - key: presidential-paradise/zookeeper - property: twitter_token - - secretKey: RELEASE_COOKIE - remoteRef: - key: presidential-paradise/zookeeper - property: erlang_cookie diff --git a/flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml b/flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml deleted file mode 100644 index 44a42803..00000000 --- a/flux/cluster/apps/presidential-paradise/zookeeper/ingress.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: zookeeper - namespace: presidential-paradise -spec: - rules: - - host: "zookeeper.0x76.dev" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: zookeeper - port: - number: 8085 diff --git a/flux/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml b/flux/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml deleted file mode 100644 index 3716bd7e..00000000 --- a/flux/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - external-secret.yaml - - deployment.yaml - - svc.yaml - - ingress.yaml diff --git a/flux/cluster/apps/presidential-paradise/zookeeper/svc.yaml b/flux/cluster/apps/presidential-paradise/zookeeper/svc.yaml deleted file mode 100644 index e6ec808d..00000000 --- a/flux/cluster/apps/presidential-paradise/zookeeper/svc.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: zookeeper-private - namespace: presidential-paradise -spec: - clusterIP: None - ports: - - name: epmd - port: 4369 - targetPort: epmd - protocol: TCP - selector: - app: zookeeper ---- -apiVersion: v1 -kind: Service -metadata: - name: zookeeper - namespace: presidential-paradise -spec: - ports: - - name: http - targetPort: web - port: 8085 - selector: - app: zookeeper -- 2.47.1 From e3ce6e1fa7a1e90a1a876fc418e32cb2708d4c75 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 28 Dec 2022 20:26:45 +0100 Subject: [PATCH 0610/1882] rename old cluster --- flux/{cluster => old_cluster}/apps/gitops/kustomization.yaml | 0 .../apps/gitops/renovate/external-secret.yaml | 0 .../apps/gitops/renovate/kustomization.yaml | 0 .../apps/gitops/renovate/renovate-infrastructure.yaml | 0 flux/{cluster => old_cluster}/apps/kustomization.yaml | 0 flux/{cluster => old_cluster}/apps/networking/kustomization.yaml | 0 .../apps/networking/traefik/helm-release.yaml | 0 .../apps/networking/traefik/kustomization.yaml | 0 flux/{cluster => old_cluster}/apps/olympus/kustomization.yaml | 0 flux/{cluster => old_cluster}/apps/olympus/umami/deployment.yaml | 0 .../apps/olympus/umami/external-secret.yaml | 0 flux/{cluster => old_cluster}/apps/olympus/umami/ingress.yaml | 0 .../apps/olympus/umami/kustomization.yaml | 0 flux/{cluster => old_cluster}/apps/olympus/umami/middleware.yaml | 0 flux/{cluster => old_cluster}/apps/olympus/umami/svc.yaml | 0 .../apps/olympus/xirion-registry-creds.yaml | 0 .../apps/presidential-paradise/0x76dev/0x76.yaml | 0 .../apps/presidential-paradise/0x76dev/kustomization.yaml | 0 .../apps/presidential-paradise/kustomization.yaml | 0 .../apps/presidential-paradise/xirion-registry-creds.yaml | 0 flux/{cluster => old_cluster}/base/apps.yaml | 0 flux/{cluster => old_cluster}/base/core.yaml | 0 flux/{cluster => old_cluster}/base/crds.yaml | 0 .../base/flux-system/charts/helm/drone-charts.yaml | 0 .../base/flux-system/charts/helm/external-secrets-charts.yaml | 0 .../base/flux-system/charts/helm/fairwinds-charts.yaml | 0 .../base/flux-system/charts/helm/kustomization.yaml | 0 .../base/flux-system/charts/helm/metallb-charts.yaml | 0 .../base/flux-system/charts/helm/traefik-charts.yaml | 0 .../base/flux-system/charts/kustomization.yaml | 0 .../base/flux-system/gotk-components.yaml | 0 flux/{cluster => old_cluster}/base/flux-system/gotk-sync.yaml | 0 flux/{cluster => old_cluster}/base/flux-system/kustomization.yaml | 0 .../base/flux-system/xirion-registry-creds.yaml | 0 .../core/external-secrets/external-secrets/helm-release.yaml | 0 .../core/external-secrets/external-secrets/kustomization.yaml | 0 .../external-secrets/external-secrets/vault-secret-store.yaml | 0 .../core/external-secrets/kustomization.yaml | 0 flux/{cluster => old_cluster}/core/kustomization.yaml | 0 flux/{cluster => old_cluster}/core/namespaces/drone-build.yaml | 0 .../core/namespaces/external-secrets.yaml | 0 flux/{cluster => old_cluster}/core/namespaces/gitops.yaml | 0 flux/{cluster => old_cluster}/core/namespaces/kustomization.yaml | 0 flux/{cluster => old_cluster}/core/namespaces/monitoring.yaml | 0 flux/{cluster => old_cluster}/core/namespaces/networking.yaml | 0 flux/{cluster => old_cluster}/core/namespaces/olympus.yaml | 0 .../core/namespaces/presidential-paradise.yaml | 0 flux/{cluster => old_cluster}/core/networking/kustomization.yaml | 0 .../core/networking/metallb/address-pool.yaml | 0 .../core/networking/metallb/helm-release.yaml | 0 .../core/networking/metallb/kustomization.yaml | 0 .../core/networking/metallb/l2advertisement.yaml | 0 flux/{cluster => old_cluster}/crds/external-secrets/crds.yaml | 0 .../crds/external-secrets/kustomization.yaml | 0 flux/{cluster => old_cluster}/crds/kustomization.yaml | 0 flux/{cluster => old_cluster}/crds/traefik/crds.yaml | 0 flux/{cluster => old_cluster}/crds/traefik/kustomization.yaml | 0 flux/olympus/base/.gitkeep | 0 58 files changed, 0 insertions(+), 0 deletions(-) rename flux/{cluster => old_cluster}/apps/gitops/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/apps/gitops/renovate/external-secret.yaml (100%) rename flux/{cluster => old_cluster}/apps/gitops/renovate/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/apps/gitops/renovate/renovate-infrastructure.yaml (100%) rename flux/{cluster => old_cluster}/apps/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/apps/networking/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/apps/networking/traefik/helm-release.yaml (100%) rename flux/{cluster => old_cluster}/apps/networking/traefik/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/apps/olympus/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/apps/olympus/umami/deployment.yaml (100%) rename flux/{cluster => old_cluster}/apps/olympus/umami/external-secret.yaml (100%) rename flux/{cluster => old_cluster}/apps/olympus/umami/ingress.yaml (100%) rename flux/{cluster => old_cluster}/apps/olympus/umami/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/apps/olympus/umami/middleware.yaml (100%) rename flux/{cluster => old_cluster}/apps/olympus/umami/svc.yaml (100%) rename flux/{cluster => old_cluster}/apps/olympus/xirion-registry-creds.yaml (100%) rename flux/{cluster => old_cluster}/apps/presidential-paradise/0x76dev/0x76.yaml (100%) rename flux/{cluster => old_cluster}/apps/presidential-paradise/0x76dev/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/apps/presidential-paradise/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/apps/presidential-paradise/xirion-registry-creds.yaml (100%) rename flux/{cluster => old_cluster}/base/apps.yaml (100%) rename flux/{cluster => old_cluster}/base/core.yaml (100%) rename flux/{cluster => old_cluster}/base/crds.yaml (100%) rename flux/{cluster => old_cluster}/base/flux-system/charts/helm/drone-charts.yaml (100%) rename flux/{cluster => old_cluster}/base/flux-system/charts/helm/external-secrets-charts.yaml (100%) rename flux/{cluster => old_cluster}/base/flux-system/charts/helm/fairwinds-charts.yaml (100%) rename flux/{cluster => old_cluster}/base/flux-system/charts/helm/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/base/flux-system/charts/helm/metallb-charts.yaml (100%) rename flux/{cluster => old_cluster}/base/flux-system/charts/helm/traefik-charts.yaml (100%) rename flux/{cluster => old_cluster}/base/flux-system/charts/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/base/flux-system/gotk-components.yaml (100%) rename flux/{cluster => old_cluster}/base/flux-system/gotk-sync.yaml (100%) rename flux/{cluster => old_cluster}/base/flux-system/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/base/flux-system/xirion-registry-creds.yaml (100%) rename flux/{cluster => old_cluster}/core/external-secrets/external-secrets/helm-release.yaml (100%) rename flux/{cluster => old_cluster}/core/external-secrets/external-secrets/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/core/external-secrets/external-secrets/vault-secret-store.yaml (100%) rename flux/{cluster => old_cluster}/core/external-secrets/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/core/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/core/namespaces/drone-build.yaml (100%) rename flux/{cluster => old_cluster}/core/namespaces/external-secrets.yaml (100%) rename flux/{cluster => old_cluster}/core/namespaces/gitops.yaml (100%) rename flux/{cluster => old_cluster}/core/namespaces/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/core/namespaces/monitoring.yaml (100%) rename flux/{cluster => old_cluster}/core/namespaces/networking.yaml (100%) rename flux/{cluster => old_cluster}/core/namespaces/olympus.yaml (100%) rename flux/{cluster => old_cluster}/core/namespaces/presidential-paradise.yaml (100%) rename flux/{cluster => old_cluster}/core/networking/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/core/networking/metallb/address-pool.yaml (100%) rename flux/{cluster => old_cluster}/core/networking/metallb/helm-release.yaml (100%) rename flux/{cluster => old_cluster}/core/networking/metallb/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/core/networking/metallb/l2advertisement.yaml (100%) rename flux/{cluster => old_cluster}/crds/external-secrets/crds.yaml (100%) rename flux/{cluster => old_cluster}/crds/external-secrets/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/crds/kustomization.yaml (100%) rename flux/{cluster => old_cluster}/crds/traefik/crds.yaml (100%) rename flux/{cluster => old_cluster}/crds/traefik/kustomization.yaml (100%) create mode 100644 flux/olympus/base/.gitkeep diff --git a/flux/cluster/apps/gitops/kustomization.yaml b/flux/old_cluster/apps/gitops/kustomization.yaml similarity index 100% rename from flux/cluster/apps/gitops/kustomization.yaml rename to flux/old_cluster/apps/gitops/kustomization.yaml diff --git a/flux/cluster/apps/gitops/renovate/external-secret.yaml b/flux/old_cluster/apps/gitops/renovate/external-secret.yaml similarity index 100% rename from flux/cluster/apps/gitops/renovate/external-secret.yaml rename to flux/old_cluster/apps/gitops/renovate/external-secret.yaml diff --git a/flux/cluster/apps/gitops/renovate/kustomization.yaml b/flux/old_cluster/apps/gitops/renovate/kustomization.yaml similarity index 100% rename from flux/cluster/apps/gitops/renovate/kustomization.yaml rename to flux/old_cluster/apps/gitops/renovate/kustomization.yaml diff --git a/flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/old_cluster/apps/gitops/renovate/renovate-infrastructure.yaml similarity index 100% rename from flux/cluster/apps/gitops/renovate/renovate-infrastructure.yaml rename to flux/old_cluster/apps/gitops/renovate/renovate-infrastructure.yaml diff --git a/flux/cluster/apps/kustomization.yaml b/flux/old_cluster/apps/kustomization.yaml similarity index 100% rename from flux/cluster/apps/kustomization.yaml rename to flux/old_cluster/apps/kustomization.yaml diff --git a/flux/cluster/apps/networking/kustomization.yaml b/flux/old_cluster/apps/networking/kustomization.yaml similarity index 100% rename from flux/cluster/apps/networking/kustomization.yaml rename to flux/old_cluster/apps/networking/kustomization.yaml diff --git a/flux/cluster/apps/networking/traefik/helm-release.yaml b/flux/old_cluster/apps/networking/traefik/helm-release.yaml similarity index 100% rename from flux/cluster/apps/networking/traefik/helm-release.yaml rename to flux/old_cluster/apps/networking/traefik/helm-release.yaml diff --git a/flux/cluster/apps/networking/traefik/kustomization.yaml b/flux/old_cluster/apps/networking/traefik/kustomization.yaml similarity index 100% rename from flux/cluster/apps/networking/traefik/kustomization.yaml rename to flux/old_cluster/apps/networking/traefik/kustomization.yaml diff --git a/flux/cluster/apps/olympus/kustomization.yaml b/flux/old_cluster/apps/olympus/kustomization.yaml similarity index 100% rename from flux/cluster/apps/olympus/kustomization.yaml rename to flux/old_cluster/apps/olympus/kustomization.yaml diff --git a/flux/cluster/apps/olympus/umami/deployment.yaml b/flux/old_cluster/apps/olympus/umami/deployment.yaml similarity index 100% rename from flux/cluster/apps/olympus/umami/deployment.yaml rename to flux/old_cluster/apps/olympus/umami/deployment.yaml diff --git a/flux/cluster/apps/olympus/umami/external-secret.yaml b/flux/old_cluster/apps/olympus/umami/external-secret.yaml similarity index 100% rename from flux/cluster/apps/olympus/umami/external-secret.yaml rename to flux/old_cluster/apps/olympus/umami/external-secret.yaml diff --git a/flux/cluster/apps/olympus/umami/ingress.yaml b/flux/old_cluster/apps/olympus/umami/ingress.yaml similarity index 100% rename from flux/cluster/apps/olympus/umami/ingress.yaml rename to flux/old_cluster/apps/olympus/umami/ingress.yaml diff --git a/flux/cluster/apps/olympus/umami/kustomization.yaml b/flux/old_cluster/apps/olympus/umami/kustomization.yaml similarity index 100% rename from flux/cluster/apps/olympus/umami/kustomization.yaml rename to flux/old_cluster/apps/olympus/umami/kustomization.yaml diff --git a/flux/cluster/apps/olympus/umami/middleware.yaml b/flux/old_cluster/apps/olympus/umami/middleware.yaml similarity index 100% rename from flux/cluster/apps/olympus/umami/middleware.yaml rename to flux/old_cluster/apps/olympus/umami/middleware.yaml diff --git a/flux/cluster/apps/olympus/umami/svc.yaml b/flux/old_cluster/apps/olympus/umami/svc.yaml similarity index 100% rename from flux/cluster/apps/olympus/umami/svc.yaml rename to flux/old_cluster/apps/olympus/umami/svc.yaml diff --git a/flux/cluster/apps/olympus/xirion-registry-creds.yaml b/flux/old_cluster/apps/olympus/xirion-registry-creds.yaml similarity index 100% rename from flux/cluster/apps/olympus/xirion-registry-creds.yaml rename to flux/old_cluster/apps/olympus/xirion-registry-creds.yaml diff --git a/flux/cluster/apps/presidential-paradise/0x76dev/0x76.yaml b/flux/old_cluster/apps/presidential-paradise/0x76dev/0x76.yaml similarity index 100% rename from flux/cluster/apps/presidential-paradise/0x76dev/0x76.yaml rename to flux/old_cluster/apps/presidential-paradise/0x76dev/0x76.yaml diff --git a/flux/cluster/apps/presidential-paradise/0x76dev/kustomization.yaml b/flux/old_cluster/apps/presidential-paradise/0x76dev/kustomization.yaml similarity index 100% rename from flux/cluster/apps/presidential-paradise/0x76dev/kustomization.yaml rename to flux/old_cluster/apps/presidential-paradise/0x76dev/kustomization.yaml diff --git a/flux/cluster/apps/presidential-paradise/kustomization.yaml b/flux/old_cluster/apps/presidential-paradise/kustomization.yaml similarity index 100% rename from flux/cluster/apps/presidential-paradise/kustomization.yaml rename to flux/old_cluster/apps/presidential-paradise/kustomization.yaml diff --git a/flux/cluster/apps/presidential-paradise/xirion-registry-creds.yaml b/flux/old_cluster/apps/presidential-paradise/xirion-registry-creds.yaml similarity index 100% rename from flux/cluster/apps/presidential-paradise/xirion-registry-creds.yaml rename to flux/old_cluster/apps/presidential-paradise/xirion-registry-creds.yaml diff --git a/flux/cluster/base/apps.yaml b/flux/old_cluster/base/apps.yaml similarity index 100% rename from flux/cluster/base/apps.yaml rename to flux/old_cluster/base/apps.yaml diff --git a/flux/cluster/base/core.yaml b/flux/old_cluster/base/core.yaml similarity index 100% rename from flux/cluster/base/core.yaml rename to flux/old_cluster/base/core.yaml diff --git a/flux/cluster/base/crds.yaml b/flux/old_cluster/base/crds.yaml similarity index 100% rename from flux/cluster/base/crds.yaml rename to flux/old_cluster/base/crds.yaml diff --git a/flux/cluster/base/flux-system/charts/helm/drone-charts.yaml b/flux/old_cluster/base/flux-system/charts/helm/drone-charts.yaml similarity index 100% rename from flux/cluster/base/flux-system/charts/helm/drone-charts.yaml rename to flux/old_cluster/base/flux-system/charts/helm/drone-charts.yaml diff --git a/flux/cluster/base/flux-system/charts/helm/external-secrets-charts.yaml b/flux/old_cluster/base/flux-system/charts/helm/external-secrets-charts.yaml similarity index 100% rename from flux/cluster/base/flux-system/charts/helm/external-secrets-charts.yaml rename to flux/old_cluster/base/flux-system/charts/helm/external-secrets-charts.yaml diff --git a/flux/cluster/base/flux-system/charts/helm/fairwinds-charts.yaml b/flux/old_cluster/base/flux-system/charts/helm/fairwinds-charts.yaml similarity index 100% rename from flux/cluster/base/flux-system/charts/helm/fairwinds-charts.yaml rename to flux/old_cluster/base/flux-system/charts/helm/fairwinds-charts.yaml diff --git a/flux/cluster/base/flux-system/charts/helm/kustomization.yaml b/flux/old_cluster/base/flux-system/charts/helm/kustomization.yaml similarity index 100% rename from flux/cluster/base/flux-system/charts/helm/kustomization.yaml rename to flux/old_cluster/base/flux-system/charts/helm/kustomization.yaml diff --git a/flux/cluster/base/flux-system/charts/helm/metallb-charts.yaml b/flux/old_cluster/base/flux-system/charts/helm/metallb-charts.yaml similarity index 100% rename from flux/cluster/base/flux-system/charts/helm/metallb-charts.yaml rename to flux/old_cluster/base/flux-system/charts/helm/metallb-charts.yaml diff --git a/flux/cluster/base/flux-system/charts/helm/traefik-charts.yaml b/flux/old_cluster/base/flux-system/charts/helm/traefik-charts.yaml similarity index 100% rename from flux/cluster/base/flux-system/charts/helm/traefik-charts.yaml rename to flux/old_cluster/base/flux-system/charts/helm/traefik-charts.yaml diff --git a/flux/cluster/base/flux-system/charts/kustomization.yaml b/flux/old_cluster/base/flux-system/charts/kustomization.yaml similarity index 100% rename from flux/cluster/base/flux-system/charts/kustomization.yaml rename to flux/old_cluster/base/flux-system/charts/kustomization.yaml diff --git a/flux/cluster/base/flux-system/gotk-components.yaml b/flux/old_cluster/base/flux-system/gotk-components.yaml similarity index 100% rename from flux/cluster/base/flux-system/gotk-components.yaml rename to flux/old_cluster/base/flux-system/gotk-components.yaml diff --git a/flux/cluster/base/flux-system/gotk-sync.yaml b/flux/old_cluster/base/flux-system/gotk-sync.yaml similarity index 100% rename from flux/cluster/base/flux-system/gotk-sync.yaml rename to flux/old_cluster/base/flux-system/gotk-sync.yaml diff --git a/flux/cluster/base/flux-system/kustomization.yaml b/flux/old_cluster/base/flux-system/kustomization.yaml similarity index 100% rename from flux/cluster/base/flux-system/kustomization.yaml rename to flux/old_cluster/base/flux-system/kustomization.yaml diff --git a/flux/cluster/base/flux-system/xirion-registry-creds.yaml b/flux/old_cluster/base/flux-system/xirion-registry-creds.yaml similarity index 100% rename from flux/cluster/base/flux-system/xirion-registry-creds.yaml rename to flux/old_cluster/base/flux-system/xirion-registry-creds.yaml diff --git a/flux/cluster/core/external-secrets/external-secrets/helm-release.yaml b/flux/old_cluster/core/external-secrets/external-secrets/helm-release.yaml similarity index 100% rename from flux/cluster/core/external-secrets/external-secrets/helm-release.yaml rename to flux/old_cluster/core/external-secrets/external-secrets/helm-release.yaml diff --git a/flux/cluster/core/external-secrets/external-secrets/kustomization.yaml b/flux/old_cluster/core/external-secrets/external-secrets/kustomization.yaml similarity index 100% rename from flux/cluster/core/external-secrets/external-secrets/kustomization.yaml rename to flux/old_cluster/core/external-secrets/external-secrets/kustomization.yaml diff --git a/flux/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml b/flux/old_cluster/core/external-secrets/external-secrets/vault-secret-store.yaml similarity index 100% rename from flux/cluster/core/external-secrets/external-secrets/vault-secret-store.yaml rename to flux/old_cluster/core/external-secrets/external-secrets/vault-secret-store.yaml diff --git a/flux/cluster/core/external-secrets/kustomization.yaml b/flux/old_cluster/core/external-secrets/kustomization.yaml similarity index 100% rename from flux/cluster/core/external-secrets/kustomization.yaml rename to flux/old_cluster/core/external-secrets/kustomization.yaml diff --git a/flux/cluster/core/kustomization.yaml b/flux/old_cluster/core/kustomization.yaml similarity index 100% rename from flux/cluster/core/kustomization.yaml rename to flux/old_cluster/core/kustomization.yaml diff --git a/flux/cluster/core/namespaces/drone-build.yaml b/flux/old_cluster/core/namespaces/drone-build.yaml similarity index 100% rename from flux/cluster/core/namespaces/drone-build.yaml rename to flux/old_cluster/core/namespaces/drone-build.yaml diff --git a/flux/cluster/core/namespaces/external-secrets.yaml b/flux/old_cluster/core/namespaces/external-secrets.yaml similarity index 100% rename from flux/cluster/core/namespaces/external-secrets.yaml rename to flux/old_cluster/core/namespaces/external-secrets.yaml diff --git a/flux/cluster/core/namespaces/gitops.yaml b/flux/old_cluster/core/namespaces/gitops.yaml similarity index 100% rename from flux/cluster/core/namespaces/gitops.yaml rename to flux/old_cluster/core/namespaces/gitops.yaml diff --git a/flux/cluster/core/namespaces/kustomization.yaml b/flux/old_cluster/core/namespaces/kustomization.yaml similarity index 100% rename from flux/cluster/core/namespaces/kustomization.yaml rename to flux/old_cluster/core/namespaces/kustomization.yaml diff --git a/flux/cluster/core/namespaces/monitoring.yaml b/flux/old_cluster/core/namespaces/monitoring.yaml similarity index 100% rename from flux/cluster/core/namespaces/monitoring.yaml rename to flux/old_cluster/core/namespaces/monitoring.yaml diff --git a/flux/cluster/core/namespaces/networking.yaml b/flux/old_cluster/core/namespaces/networking.yaml similarity index 100% rename from flux/cluster/core/namespaces/networking.yaml rename to flux/old_cluster/core/namespaces/networking.yaml diff --git a/flux/cluster/core/namespaces/olympus.yaml b/flux/old_cluster/core/namespaces/olympus.yaml similarity index 100% rename from flux/cluster/core/namespaces/olympus.yaml rename to flux/old_cluster/core/namespaces/olympus.yaml diff --git a/flux/cluster/core/namespaces/presidential-paradise.yaml b/flux/old_cluster/core/namespaces/presidential-paradise.yaml similarity index 100% rename from flux/cluster/core/namespaces/presidential-paradise.yaml rename to flux/old_cluster/core/namespaces/presidential-paradise.yaml diff --git a/flux/cluster/core/networking/kustomization.yaml b/flux/old_cluster/core/networking/kustomization.yaml similarity index 100% rename from flux/cluster/core/networking/kustomization.yaml rename to flux/old_cluster/core/networking/kustomization.yaml diff --git a/flux/cluster/core/networking/metallb/address-pool.yaml b/flux/old_cluster/core/networking/metallb/address-pool.yaml similarity index 100% rename from flux/cluster/core/networking/metallb/address-pool.yaml rename to flux/old_cluster/core/networking/metallb/address-pool.yaml diff --git a/flux/cluster/core/networking/metallb/helm-release.yaml b/flux/old_cluster/core/networking/metallb/helm-release.yaml similarity index 100% rename from flux/cluster/core/networking/metallb/helm-release.yaml rename to flux/old_cluster/core/networking/metallb/helm-release.yaml diff --git a/flux/cluster/core/networking/metallb/kustomization.yaml b/flux/old_cluster/core/networking/metallb/kustomization.yaml similarity index 100% rename from flux/cluster/core/networking/metallb/kustomization.yaml rename to flux/old_cluster/core/networking/metallb/kustomization.yaml diff --git a/flux/cluster/core/networking/metallb/l2advertisement.yaml b/flux/old_cluster/core/networking/metallb/l2advertisement.yaml similarity index 100% rename from flux/cluster/core/networking/metallb/l2advertisement.yaml rename to flux/old_cluster/core/networking/metallb/l2advertisement.yaml diff --git a/flux/cluster/crds/external-secrets/crds.yaml b/flux/old_cluster/crds/external-secrets/crds.yaml similarity index 100% rename from flux/cluster/crds/external-secrets/crds.yaml rename to flux/old_cluster/crds/external-secrets/crds.yaml diff --git a/flux/cluster/crds/external-secrets/kustomization.yaml b/flux/old_cluster/crds/external-secrets/kustomization.yaml similarity index 100% rename from flux/cluster/crds/external-secrets/kustomization.yaml rename to flux/old_cluster/crds/external-secrets/kustomization.yaml diff --git a/flux/cluster/crds/kustomization.yaml b/flux/old_cluster/crds/kustomization.yaml similarity index 100% rename from flux/cluster/crds/kustomization.yaml rename to flux/old_cluster/crds/kustomization.yaml diff --git a/flux/cluster/crds/traefik/crds.yaml b/flux/old_cluster/crds/traefik/crds.yaml similarity index 100% rename from flux/cluster/crds/traefik/crds.yaml rename to flux/old_cluster/crds/traefik/crds.yaml diff --git a/flux/cluster/crds/traefik/kustomization.yaml b/flux/old_cluster/crds/traefik/kustomization.yaml similarity index 100% rename from flux/cluster/crds/traefik/kustomization.yaml rename to flux/old_cluster/crds/traefik/kustomization.yaml diff --git a/flux/olympus/base/.gitkeep b/flux/olympus/base/.gitkeep new file mode 100644 index 00000000..e69de29b -- 2.47.1 From 7abcba75300d1b0b07d914a1369b5164f237ce54 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 28 Dec 2022 21:09:20 +0100 Subject: [PATCH 0611/1882] add kubernetes node --- flake.nix | 2 +- .../hosts/olympus/_template/configuration.nix | 2 +- nixos/hosts/olympus/default.nix | 12 ++--- nixos/hosts/olympus/k3s/configuration.nix | 51 ------------------- .../olympus/k3s/hardware-configuration.nix | 21 -------- .../olympus/kubernetes/configuration.nix | 22 ++++++++ 6 files changed, 29 insertions(+), 81 deletions(-) delete mode 100644 nixos/hosts/olympus/k3s/configuration.nix delete mode 100644 nixos/hosts/olympus/k3s/hardware-configuration.nix create mode 100644 nixos/hosts/olympus/kubernetes/configuration.nix diff --git a/flake.nix b/flake.nix index 2c89f557..7d187514 100644 --- a/flake.nix +++ b/flake.nix @@ -66,7 +66,7 @@ nixHosts = util.filter_nix_hosts flat_hosts; # Define args each module gets access to (access to hosts is useful for DNS/DHCP) - specialArgs = { inherit flat_hosts inputs; }; + specialArgs = { inherit hosts flat_hosts inputs; }; pkgs = import nixpkgs { inherit system; overlays = [ diff --git a/nixos/hosts/olympus/_template/configuration.nix b/nixos/hosts/olympus/_template/configuration.nix index e660f641..7b6c670d 100644 --- a/nixos/hosts/olympus/_template/configuration.nix +++ b/nixos/hosts/olympus/_template/configuration.nix @@ -13,7 +13,7 @@ # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "22.11"; # Did you read the comment? + system.stateVersion = "23.05"; # Did you read the comment? # Additional packages environment.systemPackages = with pkgs; [ ]; diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index db19c101..129503c3 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -43,13 +43,11 @@ mac = "6A:C2:89:85:CF:A6"; tags = [ "web" ]; }; - # { - # hostname = "k3s-node1"; - # profile = "k3s"; - # ip = "10.42.42.10"; - # mac = "2E:F8:55:23:D9:9B"; - # type = "vm"; - # } + "kubernetes" = { + ip = "10.42.42.10"; + mac = "6E:A5:25:99:FE:68"; + type = "vm"; + }; "WoolooTV" = { ip = "10.42.42.13"; mac = "74:40:be:48:85:a4"; diff --git a/nixos/hosts/olympus/k3s/configuration.nix b/nixos/hosts/olympus/k3s/configuration.nix deleted file mode 100644 index 4524c4b7..00000000 --- a/nixos/hosts/olympus/k3s/configuration.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ config, pkgs, lib, ... }: { - imports = [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - ]; - - # Use the GRUB 2 boot loader. - boot.loader.grub = { - enable = true; - version = 2; - device = "/dev/sda"; - }; - - boot.kernel.sysctl."fs.inotify.max_user_instances" = 2147483647; # INT_MAX, dynamically limited based on available memory - boot.kernel.sysctl."fs.inotify.max_user_watches" = 1048576; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "21.05"; # Did you read the comment? - - # Additional packages - environment.systemPackages = with pkgs; [ iptables vim ]; - - # Disable the firewall as we need all the ports - networking.firewall.enable = false; - - # Force-enable Cgroupv2 - systemd.enableUnifiedCgroupHierarchy = lib.mkForce true; - - # Ensure `mount` and `grep` are available - systemd.services.k3s.path = [ pkgs.gnugrep pkgs.utillinux ]; - systemd.services.k3s.serviceConfig.TimeoutStartSec = 3000; - - # Enable k3s as a master node - services.k3s = { - enable = true; - role = "server"; - - extraFlags = builtins.toString [ - "--data-dir=/var/lib/k3s" # Set data dir to var lib - "--cluster-init" # Enable embedded etcd - "--disable=servicelb" # disable servicelb - "--no-deploy=traefik" # we want to configure traefik ourselves (or use nginx instead) - "--cluster-cidr=10.69.0.0/16" # the default of 10.42.0.0/16 clashes with my own network - ]; - }; -} diff --git a/nixos/hosts/olympus/k3s/hardware-configuration.nix b/nixos/hosts/olympus/k3s/hardware-configuration.nix deleted file mode 100644 index 9c6082ba..00000000 --- a/nixos/hosts/olympus/k3s/hardware-configuration.nix +++ /dev/null @@ -1,21 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; - - boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/e8427097-8545-4924-b033-2659fcf9adca"; - fsType = "ext4"; - }; - - swapDevices = [{ device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; }]; - -} diff --git a/nixos/hosts/olympus/kubernetes/configuration.nix b/nixos/hosts/olympus/kubernetes/configuration.nix new file mode 100644 index 00000000..7b6c670d --- /dev/null +++ b/nixos/hosts/olympus/kubernetes/configuration.nix @@ -0,0 +1,22 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.05"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ ]; +} -- 2.47.1 From 42d660e0cfbf8a1fd5056a3d3534b4f54e3d49d5 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 28 Dec 2022 21:20:03 +0100 Subject: [PATCH 0612/1882] fix k8s --- nixos/hosts/olympus/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 129503c3..aaeb6b57 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -46,7 +46,6 @@ "kubernetes" = { ip = "10.42.42.10"; mac = "6E:A5:25:99:FE:68"; - type = "vm"; }; "WoolooTV" = { ip = "10.42.42.13"; -- 2.47.1 From efdb8aa7f5ee507cdcd2202dac94157f69e7ae49 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 30 Dec 2022 02:26:55 +0100 Subject: [PATCH 0613/1882] update overseerr --- flake.lock | 42 +++++++++---------- nixos/hosts/hades/overseerr/configuration.nix | 5 ++- nixos/hosts/olympus/minio/configuration.nix | 1 + nixos/hosts/olympus/nginx/configuration.nix | 2 - 4 files changed, 25 insertions(+), 25 deletions(-) diff --git a/flake.lock b/flake.lock index 5d2a43e2..c3430862 100644 --- a/flake.lock +++ b/flake.lock @@ -433,11 +433,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1671966569, - "narHash": "sha256-jbLgfSnmLchARBNFRvCic63CFQ9LAyvlXnBpc2kwjQc=", + "lastModified": 1672318366, + "narHash": "sha256-DBUVFooXtE4boZk1LvJ8sTg3nxMmJvNAJQ4lpjxDH5U=", "owner": "nix-community", "repo": "home-manager", - "rev": "c55fa26ce05fee8e063db22918d05a73d430b2ea", + "rev": "cbacdaba3c7b361defb36e1cdfa03ae4e74eb4a8", "type": "github" }, "original": { @@ -454,11 +454,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1672238357, - "narHash": "sha256-xqAoDgopfv8y9q6xWu82LK4Pf9S3WOBar9+6VTlc6VM=", + "lastModified": 1672329990, + "narHash": "sha256-03Zob3Xg7SAnJ7yeGXYkSWNPGXj8UXrKYIdXGMvsisY=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "a6699ef30c0a7f66c4b1ff6e38ea836b8e898015", + "rev": "0baef17a02529dd5fc58eee497737ac28df160c1", "type": "github" }, "original": { @@ -506,11 +506,11 @@ ] }, "locked": { - "lastModified": 1671404096, - "narHash": "sha256-ls8i+lXweg0udqbd9XuF/ag+rqDSy/i05B6RrMW2BAI=", + "lastModified": 1672266418, + "narHash": "sha256-Xxooxjoymgl65dIMtcBB4/bZx0OcqPZ52G/fw4rozYE=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "60013ee65566ec7601c367829da2560d7b8638fa", + "rev": "aefd63876d0353e4b25e473708903e6c30054931", "type": "github" }, "original": { @@ -581,11 +581,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1672189776, - "narHash": "sha256-UrcVHWeY7ad+CUkkddb6qAjlCKDAiAwsmcbxnPZU8eQ=", + "lastModified": 1672276261, + "narHash": "sha256-CMsLkSw/lu122s2n3CT7ef6KMk2xZb09Ie0oIArTV3k=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "b34d73e47078bd7b1e214831a7ab947e6a2140a7", + "rev": "954dde2f3decf10d39bcadf6607e40049c456be1", "type": "github" }, "original": { @@ -735,11 +735,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1671631481, - "narHash": "sha256-LP6NvQQNKdqDpXngECo6oCiWfYRb0KPGM5+D5lu7mPw=", + "lastModified": 1672322014, + "narHash": "sha256-HEYUb2pxm9SUgqvg8eDpFUl6UPXmd7USNWAew115zL4=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "9577ab1eaf01a738b015a7a7ab2a4616e158b6cd", + "rev": "e2f9c6f7360f3e0f7b0bc2a3e7193a290c5d4c81", "type": "github" }, "original": { @@ -800,11 +800,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1672202919, - "narHash": "sha256-uNv6D+C3y/5b72DPx04E70OAa2oN4fAuCLulNAdWneg=", + "lastModified": 1672290029, + "narHash": "sha256-qYzmqh1g34SmT+wJwHI+m4MoSUcZuMqA69YkMwugJ4E=", "owner": "nixos", "repo": "nixpkgs", - "rev": "57dbff4228a9d8fba7aedf439ffdd841a2326427", + "rev": "3d7270abd5b28bc8ef6c64a7eb15f41bdc9717f0", "type": "github" }, "original": { @@ -886,11 +886,11 @@ }, "nur": { "locked": { - "lastModified": 1672238814, - "narHash": "sha256-Smw3SBu9y9LaiBkZPvditOQP/s11qUrBDMAAYzj8VPg=", + "lastModified": 1672325070, + "narHash": "sha256-KOMgKYCUTTCKsTQ2+N0IkcgiXKuugIVGzfTN6UEZSoU=", "owner": "nix-community", "repo": "NUR", - "rev": "e578f1caa6ff51a68cabac472f6f68e1d576c213", + "rev": "e914bcdc68da7d0b96ea4645a3996e0efd735dcc", "type": "github" }, "original": { diff --git a/nixos/hosts/hades/overseerr/configuration.nix b/nixos/hosts/hades/overseerr/configuration.nix index 490e1654..81a28b18 100644 --- a/nixos/hosts/hades/overseerr/configuration.nix +++ b/nixos/hosts/hades/overseerr/configuration.nix @@ -21,13 +21,14 @@ networking.firewall.allowedTCPPorts = [ 5055 ]; virtualisation.podman.enable = true; + # TODO: Write NixOS package https://github.com/NixOS/nixpkgs/issues/135885 virtualisation.oci-containers = { backend = "podman"; containers = { overseerr = { - image = "ghcr.io/sct/overseerr:1.30.1"; + image = "ghcr.io/sct/overseerr:1.31.0"; environment = { - LOG_LEVEL = "debug"; + # LOG_LEVEL = "debug"; TZ = "Europe/Amsterdam"; }; ports = [ diff --git a/nixos/hosts/olympus/minio/configuration.nix b/nixos/hosts/olympus/minio/configuration.nix index 5e45019b..1ce65f37 100644 --- a/nixos/hosts/olympus/minio/configuration.nix +++ b/nixos/hosts/olympus/minio/configuration.nix @@ -27,6 +27,7 @@ in { services.minio = { enable = true; + package = pkgs.v.minio-old; rootCredentialsFile = "${vs.minio}/environment"; listenAddress = ":${toString listenPort}"; consoleAddress = ":${toString consolePort}"; diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 3637d82d..6d4928f6 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -133,8 +133,6 @@ in { virtualHosts."drone.0x76.dev" = k8s_proxy; virtualHosts."msg.0x76.dev" = k8s_proxy; virtualHosts."zookeeper.0x76.dev" = k8s_proxy; - virtualHosts."wooloofan.club" = k8s_proxy; - virtualHosts."whoami.wooloofan.club" = k8s_proxy; }; services.nginx.commonHttpConfig = '' -- 2.47.1 From 526bafa6e054b36b666d53cd2926707883dc9765 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 5 Jan 2023 13:50:37 +0100 Subject: [PATCH 0614/1882] changes --- .vscode/settings.json | 5 ++ flake.lock | 73 ++++++++------------- nixos/hosts/thalassa/aoife/home/default.nix | 2 + nixos/hosts/thalassa/aoife/home/neovim.nix | 5 +- nixos/hosts/thalassa/aoife/home/nvim.lua | 0 5 files changed, 39 insertions(+), 46 deletions(-) create mode 100644 .vscode/settings.json create mode 100644 nixos/hosts/thalassa/aoife/home/nvim.lua diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 00000000..50f57ec0 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,5 @@ +{ + "Lua.diagnostics.globals": [ + "vim" + ] +} \ No newline at end of file diff --git a/flake.lock b/flake.lock index 5d2a43e2..42c869e1 100644 --- a/flake.lock +++ b/flake.lock @@ -433,11 +433,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1671966569, - "narHash": "sha256-jbLgfSnmLchARBNFRvCic63CFQ9LAyvlXnBpc2kwjQc=", + "lastModified": 1672780900, + "narHash": "sha256-DxuSn6BdkZapIbg76xzYx1KhVPEZeBexMkt1q/sMVPA=", "owner": "nix-community", "repo": "home-manager", - "rev": "c55fa26ce05fee8e063db22918d05a73d430b2ea", + "rev": "54245e1820caabd8a0b53ce4d47e4d0fefe04cd4", "type": "github" }, "original": { @@ -454,11 +454,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1672238357, - "narHash": "sha256-xqAoDgopfv8y9q6xWu82LK4Pf9S3WOBar9+6VTlc6VM=", + "lastModified": 1672757503, + "narHash": "sha256-2MKfXQ9f2GUYEt+Yht/Qp5JpkamRu5pqRGX0HVwe13Q=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "a6699ef30c0a7f66c4b1ff6e38ea836b8e898015", + "rev": "0e3547e0f6b4016aa308292a86c43cd47dd206fd", "type": "github" }, "original": { @@ -506,11 +506,11 @@ ] }, "locked": { - "lastModified": 1671404096, - "narHash": "sha256-ls8i+lXweg0udqbd9XuF/ag+rqDSy/i05B6RrMW2BAI=", + "lastModified": 1672869224, + "narHash": "sha256-LqyBdWSQDDuNUdgJGlLOVcXFKaHeWOBfWtTEfqqQxQc=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "60013ee65566ec7601c367829da2560d7b8638fa", + "rev": "1c19aa2b4f2b9e70dd9a3d2105f396cf094b0e82", "type": "github" }, "original": { @@ -581,11 +581,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1672189776, - "narHash": "sha256-UrcVHWeY7ad+CUkkddb6qAjlCKDAiAwsmcbxnPZU8eQ=", + "lastModified": 1672621843, + "narHash": "sha256-Bl2yNHv+5s3eSf5i6icb6seKAwk3AV+iXqx1KWFtX0s=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "b34d73e47078bd7b1e214831a7ab947e6a2140a7", + "rev": "516bb060d630dc1aff23a6cb9493399a937887af", "type": "github" }, "original": { @@ -720,11 +720,11 @@ ] }, "locked": { - "lastModified": 1671355134, - "narHash": "sha256-ZtnUWTDDyFog+NQBjZpnhgPdj3gHp5ImxFVWy+ObNno=", + "lastModified": 1672682641, + "narHash": "sha256-940TLvtdT8YKuP5nXcPhUfNeK0A/leSjjG8hfqvWM84=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "64a96ca8621d03cb3889daf0d3ff58d8209e3e0c", + "rev": "30516cb2b01896e14ce66893e414b6e3eec71cac", "type": "github" }, "original": { @@ -735,11 +735,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1671631481, - "narHash": "sha256-LP6NvQQNKdqDpXngECo6oCiWfYRb0KPGM5+D5lu7mPw=", + "lastModified": 1672644464, + "narHash": "sha256-RYlvRMcQNT7FDoDkViijQBHg9g+blsB+U6AvL/gAsPI=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "9577ab1eaf01a738b015a7a7ab2a4616e158b6cd", + "rev": "ca29e25c39b8e117d4d76a81f1e229824a9b3a26", "type": "github" }, "original": { @@ -800,11 +800,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1672202919, - "narHash": "sha256-uNv6D+C3y/5b72DPx04E70OAa2oN4fAuCLulNAdWneg=", + "lastModified": 1672897942, + "narHash": "sha256-5RijBVaikhHgBMaoZ3kG6W1QjPKcnHmJGJgY0TfzUIE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "57dbff4228a9d8fba7aedf439ffdd841a2326427", + "rev": "6c575c59f986548cc3ecaf870f4d4d4791a175f4", "type": "github" }, "original": { @@ -851,15 +851,14 @@ "flake-utils": "flake-utils_3", "nixpkgs": [ "nixpkgs" - ], - "nmdSrc": "nmdSrc" + ] }, "locked": { - "lastModified": 1671840534, - "narHash": "sha256-ZKBg7cM1qJ4ic4O6PGS9ESPSazGQI1TXFsGiFXIL3tw=", + "lastModified": 1672434283, + "narHash": "sha256-AltegOzuCjlernfEGWQYmle1yGiDBaky+u35DhJvxqI=", "owner": "pta2002", "repo": "nixvim", - "rev": "5f67918bae3115e5d5ae17eeb9d414517762fc66", + "rev": "125ed74a423429e5af6796334b68400c78ac26b7", "type": "github" }, "original": { @@ -868,29 +867,13 @@ "type": "github" } }, - "nmdSrc": { - "flake": false, - "locked": { - "lastModified": 1666190571, - "narHash": "sha256-Z1hc7M9X6L+H83o9vOprijpzhTfOBjd0KmUTnpHAVjA=", - "owner": "rycee", - "repo": "nmd", - "rev": "b75d312b4f33bd3294cd8ae5c2ca8c6da2afc169", - "type": "gitlab" - }, - "original": { - "owner": "rycee", - "repo": "nmd", - "type": "gitlab" - } - }, "nur": { "locked": { - "lastModified": 1672238814, - "narHash": "sha256-Smw3SBu9y9LaiBkZPvditOQP/s11qUrBDMAAYzj8VPg=", + "lastModified": 1672908458, + "narHash": "sha256-M/sq9vN+O1fFlAEwCS+plJuLmbDy8K3ULh1SSysbDf4=", "owner": "nix-community", "repo": "NUR", - "rev": "e578f1caa6ff51a68cabac472f6f68e1d576c213", + "rev": "b25df321856354c521b793ad3b7c30e77e15c93a", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index 6acb4176..394f1156 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -29,6 +29,7 @@ in { nixfmt nixpkgs-review python3 + plex-media-player rustup solo2-cli tex @@ -156,6 +157,7 @@ in { vscodevim.vim vadimcn.vscode-lldb xaver.clang-format + sumneko.lua ]; }; diff --git a/nixos/hosts/thalassa/aoife/home/neovim.nix b/nixos/hosts/thalassa/aoife/home/neovim.nix index 4119afe0..d12dda77 100644 --- a/nixos/hosts/thalassa/aoife/home/neovim.nix +++ b/nixos/hosts/thalassa/aoife/home/neovim.nix @@ -10,13 +10,16 @@ maps.normal = { "ff" = "lua require('telescope.builtin').find_files()"; "fg" = "lua require('telescope.builtin').live_grep()"; - "" = "lua require('Comment.api').toggle.linewise.current()"; # map ctrl+/ to commenting code + "" = + "lua require('Comment.api').toggle.linewise.current()"; # map ctrl+/ to commenting code }; extraPlugins = with pkgs.vimPlugins; [ catppuccin-nvim luasnip ]; colorscheme = "catppuccin-frappe"; + extraConfigLua = builtins.readFile ./nvim.lua; + plugins = { barbar.enable = true; nix.enable = true; diff --git a/nixos/hosts/thalassa/aoife/home/nvim.lua b/nixos/hosts/thalassa/aoife/home/nvim.lua new file mode 100644 index 00000000..e69de29b -- 2.47.1 From 3d875fd981291da9860656a1bd5a41e0b247bd51 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 7 Jan 2023 12:52:42 +0100 Subject: [PATCH 0615/1882] refactor templates --- flake.nix | 47 ++++++++++++++++++------- nixos/common/generic-vm.nix | 7 +--- nixos/{ => templates}/iso-graphical.nix | 0 nixos/{ => templates}/iso.nix | 0 nixos/{ => templates}/proxmox-lxc.nix | 4 +-- nixos/templates/proxmox-vm.nix | 28 +++++++++++++++ 6 files changed, 65 insertions(+), 21 deletions(-) rename nixos/{ => templates}/iso-graphical.nix (100%) rename nixos/{ => templates}/iso.nix (100%) rename nixos/{ => templates}/proxmox-lxc.nix (82%) create mode 100644 nixos/templates/proxmox-vm.nix diff --git a/flake.nix b/flake.nix index 7d187514..44d8b52f 100644 --- a/flake.nix +++ b/flake.nix @@ -49,9 +49,20 @@ nixos-hardware.url = "github:NixOS/nixos-hardware/master"; }; - outputs = { self, nixpkgs, vault-secrets, minecraft-servers, colmena - , home-manager, hyprpaper, hyprland, nixos-generators, nixos-hardware, nur - , ... }@inputs: + outputs = + { self + , nixpkgs + , vault-secrets + , minecraft-servers + , colmena + , home-manager + , hyprpaper + , hyprland + , nixos-generators + , nixos-hardware + , nur + , ... + }@inputs: let inherit (nixpkgs) lib; @@ -90,7 +101,8 @@ source /etc/set-environment nix repl --file "${./.}/repl.nix" $@ ''; - in { + in + { # Make the nixosConfigurations for compat reasons nixosConfigurations = (import (inputs.colmena + "/src/nix/hive/eval.nix") { @@ -102,12 +114,14 @@ }).nodes; # Make the colmena configuration - colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el) { - meta = { - inherit specialArgs; - nixpkgs = pkgs; - }; - } nixHosts; + colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el) + { + meta = { + inherit specialArgs; + nixpkgs = pkgs; + }; + } + nixHosts; packages.${system} = { inherit apply-local; @@ -117,19 +131,26 @@ iso = nixos-generators.nixosGenerate { inherit system pkgs; format = "iso"; - modules = [ (import ./nixos/iso.nix) ]; + modules = [ (import ./nixos/templates/iso.nix) ]; }; iso-graphical = nixos-generators.nixosGenerate { inherit system pkgs; format = "iso"; - modules = [ (import ./nixos/iso-graphical.nix) ]; + modules = [ (import ./nixos/templates/iso-graphical.nix) ]; }; proxmox-lxc = nixos-generators.nixosGenerate { inherit system pkgs; format = "proxmox-lxc"; - modules = [ (import ./nixos/proxmox-lxc.nix) ]; + modules = [ (import ./nixos/templates/proxmox-lxc.nix) ]; + }; + + # Currently broken as it assumes `local-lvm` exists + proxmox-vm = nixos-generators.nixosGenerate { + inherit system pkgs; + format = "proxmox"; + modules = [ (import ./nixos/templates/proxmox-vm.nix) ]; }; }; diff --git a/nixos/common/generic-vm.nix b/nixos/common/generic-vm.nix index dc8aeb81..856a8b37 100644 --- a/nixos/common/generic-vm.nix +++ b/nixos/common/generic-vm.nix @@ -1,10 +1,5 @@ { lib, ... }: { - - # The global useDHCP flag is deprecated, therefore explicitly set to false here. - # Per-interface useDHCP will be mandatory in the future, so this generated config - # replicates the default behaviour. - networking.useDHCP = false; - networking.interfaces.ens18.useDHCP = lib.mkDefault true; + networking.useDHCP = true; # Enable qemu guest agent services.qemuGuest.enable = true; diff --git a/nixos/iso-graphical.nix b/nixos/templates/iso-graphical.nix similarity index 100% rename from nixos/iso-graphical.nix rename to nixos/templates/iso-graphical.nix diff --git a/nixos/iso.nix b/nixos/templates/iso.nix similarity index 100% rename from nixos/iso.nix rename to nixos/templates/iso.nix diff --git a/nixos/proxmox-lxc.nix b/nixos/templates/proxmox-lxc.nix similarity index 82% rename from nixos/proxmox-lxc.nix rename to nixos/templates/proxmox-lxc.nix index 8eac5c5b..e748529b 100644 --- a/nixos/proxmox-lxc.nix +++ b/nixos/templates/proxmox-lxc.nix @@ -1,5 +1,5 @@ { config, pkgs, lib, ... }: { - imports = [ ./common/common.nix ./common/generic-lxc.nix ]; + imports = [ ../common/common.nix ../common/generic-lxc.nix ]; proxmoxLXC = { manageNetwork = true; @@ -21,7 +21,7 @@ networking.useDHCP = true; - system.stateVersion = "22.11"; + system.stateVersion = "23.05"; users.users.root.initialPassword = "toor"; } diff --git a/nixos/templates/proxmox-vm.nix b/nixos/templates/proxmox-vm.nix new file mode 100644 index 00000000..945cce32 --- /dev/null +++ b/nixos/templates/proxmox-vm.nix @@ -0,0 +1,28 @@ +{ config, pkgs, lib, ... }: { + imports = [ ../common/common.nix ../common/generic-vm.nix ]; + + proxmox.qemuConf = { + virtio0 = "local-zsfs:vm-9999-disk-0"; + cores = 1; + memory = 1024; + bios = "ovmf"; + }; + + # Enable SSH + services.openssh = { + enable = true; + passwordAuthentication = false; + permitRootLogin = "yes"; + openFirewall = true; + }; + + networking.hostName = lib.mkDefault "template"; + + time.timeZone = lib.mkDefault "Europe/Amsterdam"; + + networking.useDHCP = true; + + system.stateVersion = "23.05"; + + users.users.root.initialPassword = "toor"; +} -- 2.47.1 From b83125f85133b5c58ef00ab034ce568905adc1fa Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 10 Jan 2023 16:13:29 +0100 Subject: [PATCH 0616/1882] various updates --- flake.lock | 117 ++++++++++-------- flake.nix | 4 +- nixos/common/users/victor.nix | 1 + nixos/hosts/hades/overseerr/configuration.nix | 2 +- nixos/hosts/olympus/kubernetes/README.md | 9 ++ .../olympus/kubernetes/configuration.nix | 36 +++++- nixos/hosts/thalassa/default.nix | 2 +- 7 files changed, 108 insertions(+), 63 deletions(-) create mode 100644 nixos/hosts/olympus/kubernetes/README.md diff --git a/flake.lock b/flake.lock index 42c869e1..56dff22e 100644 --- a/flake.lock +++ b/flake.lock @@ -271,6 +271,22 @@ } }, "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_4": { "flake": false, "locked": { "lastModified": 1627913399, @@ -433,11 +449,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1672780900, - "narHash": "sha256-DxuSn6BdkZapIbg76xzYx1KhVPEZeBexMkt1q/sMVPA=", + "lastModified": 1673343300, + "narHash": "sha256-5Xdj6kpXYMie0MlnGwqK5FaMdsedxvyuakWtyKB3zaQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "54245e1820caabd8a0b53ce4d47e4d0fefe04cd4", + "rev": "176e455371a8371586e8a3ff0d56ee9f3ca2324e", "type": "github" }, "original": { @@ -454,11 +470,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1672757503, - "narHash": "sha256-2MKfXQ9f2GUYEt+Yht/Qp5JpkamRu5pqRGX0HVwe13Q=", + "lastModified": 1673295979, + "narHash": "sha256-8x+awd811HWf3ipRq680WZhaU6UUjCjyJj8PgCEMgoo=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "0e3547e0f6b4016aa308292a86c43cd47dd206fd", + "rev": "20a1a47e665da336a87caa3036682bd142aa02b8", "type": "github" }, "original": { @@ -468,29 +484,18 @@ } }, "hyprland-protocols": { - "flake": false, - "locked": { - "lastModified": 1670703428, - "narHash": "sha256-4KUW5SKR0Y9uaYGcYwy53YJ3B/sgiprCL4fRGO+mpOA=", - "owner": "hyprwm", - "repo": "hyprland-protocols", - "rev": "d0d6db8cb5bef6d93ca3ad8fb2124964173396da", - "type": "github" + "inputs": { + "nixpkgs": [ + "hyprland", + "nixpkgs" + ] }, - "original": { - "owner": "hyprwm", - "repo": "hyprland-protocols", - "type": "github" - } - }, - "hyprland-protocols_2": { - "flake": false, "locked": { - "lastModified": 1670703428, - "narHash": "sha256-4KUW5SKR0Y9uaYGcYwy53YJ3B/sgiprCL4fRGO+mpOA=", + "lastModified": 1671839510, + "narHash": "sha256-+PY1qqJfmZzzROgcIY4I7AkCwpnC+qBIYk2eFoA9RWc=", "owner": "hyprwm", "repo": "hyprland-protocols", - "rev": "d0d6db8cb5bef6d93ca3ad8fb2124964173396da", + "rev": "b8f55e02a328c47ed373133c52483bbfa20a1b75", "type": "github" }, "original": { @@ -506,11 +511,11 @@ ] }, "locked": { - "lastModified": 1672869224, - "narHash": "sha256-LqyBdWSQDDuNUdgJGlLOVcXFKaHeWOBfWtTEfqqQxQc=", + "lastModified": 1672925969, + "narHash": "sha256-d94BZH6gJ6s3GmudyKc4XleARpLnYkxhxa6YMb7yKAw=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "1c19aa2b4f2b9e70dd9a3d2105f396cf094b0e82", + "rev": "50852e531987d20c432122fbec7f1f089bc2dc09", "type": "github" }, "original": { @@ -553,6 +558,7 @@ "mailserver": { "inputs": { "blobs": "blobs", + "flake-compat": "flake-compat_3", "nixpkgs": [ "nixpkgs" ], @@ -560,11 +566,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1671659164, - "narHash": "sha256-DbpT+v1POwFOInbrDL+vMbYV3mVbTkMxmJ5j50QnOcA=", + "lastModified": 1671738303, + "narHash": "sha256-PRgqtaWf2kMSYqVmcnmhTh+UsC0RmvXRTr+EOw5VZUA=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "bc667fb6afc45f6cc2d118ab77658faf2227cffd", + "rev": "6d0d9fb966cc565a3df74d3b686f924c7615118c", "type": "gitlab" }, "original": { @@ -735,11 +741,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1672644464, - "narHash": "sha256-RYlvRMcQNT7FDoDkViijQBHg9g+blsB+U6AvL/gAsPI=", + "lastModified": 1673336835, + "narHash": "sha256-HMJ/Nt3+0MtgKfPfJSrC3/6yVAPQvZgv/7V9b49dG/c=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "ca29e25c39b8e117d4d76a81f1e229824a9b3a26", + "rev": "df029cfefc7494b399966cbb6b4fd692fa294fa3", "type": "github" }, "original": { @@ -751,11 +757,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1671722432, - "narHash": "sha256-ojcZUekIQeOZkHHzR81st7qxX99dB1Eaaq6PU5MNeKc=", + "lastModified": 1672791794, + "narHash": "sha256-mqGPpGmwap0Wfsf3o2b6qHJW1w2kk/I6cGCGIU+3t6o=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "652e92b8064949a11bc193b90b74cb727f2a1405", + "rev": "9813adc7f7c0edd738c6bdd8431439688bb0cb3d", "type": "github" }, "original": { @@ -800,11 +806,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1672897942, - "narHash": "sha256-5RijBVaikhHgBMaoZ3kG6W1QjPKcnHmJGJgY0TfzUIE=", + "lastModified": 1673296385, + "narHash": "sha256-zlDgiHh0k1GtB8g6wrBzWBDZIBoCNYXfI5+qWE5Rrjk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6c575c59f986548cc3ecaf870f4d4d4791a175f4", + "rev": "92c151047e978f2e6abc809c20fb701b5b2d78b0", "type": "github" }, "original": { @@ -854,11 +860,11 @@ ] }, "locked": { - "lastModified": 1672434283, - "narHash": "sha256-AltegOzuCjlernfEGWQYmle1yGiDBaky+u35DhJvxqI=", + "lastModified": 1673354542, + "narHash": "sha256-T6U/1QQ1Pp1Y94SI5DuZCDTSWigQDSV7KV4fRw1/0Fc=", "owner": "pta2002", "repo": "nixvim", - "rev": "125ed74a423429e5af6796334b68400c78ac26b7", + "rev": "02f28c7b48b7ae6a7304b3d3bc649c25fb26817a", "type": "github" }, "original": { @@ -869,11 +875,11 @@ }, "nur": { "locked": { - "lastModified": 1672908458, - "narHash": "sha256-M/sq9vN+O1fFlAEwCS+plJuLmbDy8K3ULh1SSysbDf4=", + "lastModified": 1673362655, + "narHash": "sha256-pPp/Xzae8sVkzNrZK7nWKQyunelF6aw2AfmzR2lRDzI=", "owner": "nix-community", "repo": "NUR", - "rev": "b25df321856354c521b793ad3b7c30e77e15c93a", + "rev": "bf8b8390f15f9bcfbb46b540e17ed5e6eb4ed4ec", "type": "github" }, "original": { @@ -1125,7 +1131,7 @@ }, "vault-secrets": { "inputs": { - "flake-compat": "flake-compat_3", + "flake-compat": "flake-compat_4", "flake-utils": "flake-utils_4", "nix": "nix", "nixpkgs": [ @@ -1186,11 +1192,11 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1671723353, - "narHash": "sha256-G1jiI0SA7eiZusO+iJytErMRNbKbwqJJJGL+sNoBNoQ=", + "lastModified": 1671183014, + "narHash": "sha256-oMWT5Zbe/3HFINAk38jNVxiZ4PCYvPJj2Jo4iiyBtm0=", "owner": "wlroots", "repo": "wlroots", - "rev": "b28a9afd4b0b86e9a66a40f6b44b69f59947b7d6", + "rev": "dc7cc98cf21a8dc19ab8895505500e3700646af0", "type": "gitlab" }, "original": { @@ -1202,18 +1208,21 @@ }, "xdph": { "inputs": { - "hyprland-protocols": "hyprland-protocols_2", + "hyprland-protocols": [ + "hyprland", + "hyprland-protocols" + ], "nixpkgs": [ "hyprland", "nixpkgs" ] }, "locked": { - "lastModified": 1671837878, - "narHash": "sha256-OmFDyktTc/l+3wHboHeFpAQgPt3r7jjqZf8MrwuUGMo=", + "lastModified": 1673116118, + "narHash": "sha256-eR0yDSkR2XYMesfdRWJs25kAdXET2mbNNHu5t+KUcKA=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "e47f4cec698080768821b271510985ab94a37e91", + "rev": "d479c846531fd0e1d2357c9588b8310a2b859ef2", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 44d8b52f..1499a9c6 100644 --- a/flake.nix +++ b/flake.nix @@ -77,7 +77,9 @@ nixHosts = util.filter_nix_hosts flat_hosts; # Define args each module gets access to (access to hosts is useful for DNS/DHCP) - specialArgs = { inherit hosts flat_hosts inputs; }; + specialArgs = { + inherit hosts flat_hosts inputs; + }; pkgs = import nixpkgs { inherit system; overlays = [ diff --git a/nixos/common/users/victor.nix b/nixos/common/users/victor.nix index 76e69c92..6b6149a9 100644 --- a/nixos/common/users/victor.nix +++ b/nixos/common/users/victor.nix @@ -14,6 +14,7 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBhJAp7NWlHgwDYd2z6VNROy5RkeZHRINFLsFvwT4b3 victor@bastion" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMMbdjysLnmwJD5Fs/SjBPstdIQNUxy8zFHP0GlhHMJB victor@bastion" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIfooZjMWXvXZu1ReOEACDZ0TMb2WJRBSOLlWE8y6fUh victor@aoife" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBMTCUjDbDjAiEKbKmLPavuYM0wJIBdjgytLsg1uWuGc victor@nord" "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIM3TqXaApX2JZsgfZd7PKVFMecDgqTHKibpSzgdXNpYAAAAABHNzaDo= solov2-le" ]; diff --git a/nixos/hosts/hades/overseerr/configuration.nix b/nixos/hosts/hades/overseerr/configuration.nix index 81a28b18..76ff5795 100644 --- a/nixos/hosts/hades/overseerr/configuration.nix +++ b/nixos/hosts/hades/overseerr/configuration.nix @@ -16,7 +16,7 @@ system.stateVersion = "22.11"; # Did you read the comment? # Additional packages - environment.systemPackages = with pkgs; [ ]; + # environment.systemPackages = with pkgs; [ ]; networking.firewall.allowedTCPPorts = [ 5055 ]; diff --git a/nixos/hosts/olympus/kubernetes/README.md b/nixos/hosts/olympus/kubernetes/README.md new file mode 100644 index 00000000..216bd4bc --- /dev/null +++ b/nixos/hosts/olympus/kubernetes/README.md @@ -0,0 +1,9 @@ +# Kubernetes NixOS LXC Container + +## Required proxmox config +```ini +lxc.apparmor.profile: unconfined +lxc.cgroup.devices.allow: a +lxc.cap.drop: +lxc.mount.auto: proc:rw sys:rw +``` diff --git a/nixos/hosts/olympus/kubernetes/configuration.nix b/nixos/hosts/olympus/kubernetes/configuration.nix index 7b6c670d..1d0bc6c9 100644 --- a/nixos/hosts/olympus/kubernetes/configuration.nix +++ b/nixos/hosts/olympus/kubernetes/configuration.nix @@ -2,10 +2,37 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: +{ config, pkgs, hosts, ... }: +let + kubeMasterIP = config.deployment.targetHost; # TODO: set more reliably + kubeMasterHostname = + "${config.networking.hostName}.${config.networking.domain}"; + kubeMasterAPIServerPort = 6443; +in { + # resolve master hostname always + networking.extraHosts = "${kubeMasterIP} ${kubeMasterHostname}"; -{ - imports = [ ]; + # packages for administration tasks + environment.systemPackages = with pkgs; [ kompose kubectl kubernetes k9s ]; + + # Kubernetes itself + services.kubernetes = { + roles = [ "master" "node" ]; + masterAddress = kubeMasterHostname; + apiserverAddress = + "https://${kubeMasterHostname}:${toString kubeMasterAPIServerPort}"; + easyCerts = true; + apiserver = { + securePort = kubeMasterAPIServerPort; + advertiseAddress = kubeMasterIP; + }; + + # use coredns + addons.dns.enable = true; + + # needed if you use swap + kubelet.extraOpts = "--fail-swap-on=false"; + }; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions @@ -15,8 +42,5 @@ # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.05"; # Did you read the comment? - # Additional packages - environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ ]; } diff --git a/nixos/hosts/thalassa/default.nix b/nixos/hosts/thalassa/default.nix index 61fc396d..44e6cfb5 100644 --- a/nixos/hosts/thalassa/default.nix +++ b/nixos/hosts/thalassa/default.nix @@ -1,4 +1,4 @@ { - "null" = { type = "local"; }; + # "null" = { type = "local"; }; "aoife" = { type = "local"; }; } -- 2.47.1 From 6872ba2552ae79b54954336b3286b20891dbe975 Mon Sep 17 00:00:00 2001 From: Flux <> Date: Thu, 12 Jan 2023 12:09:56 +0100 Subject: [PATCH 0617/1882] Add Flux v0.38.2 component manifests --- .../base/flux-system/gotk-components.yaml | 6761 +++++++++++++++++ 1 file changed, 6761 insertions(+) create mode 100644 flux/olympus/base/flux-system/gotk-components.yaml diff --git a/flux/olympus/base/flux-system/gotk-components.yaml b/flux/olympus/base/flux-system/gotk-components.yaml new file mode 100644 index 00000000..b317aa52 --- /dev/null +++ b/flux/olympus/base/flux-system/gotk-components.yaml @@ -0,0 +1,6761 @@ +--- +# This manifest was generated by flux. DO NOT EDIT. +# Flux Version: v0.38.2 +# Components: source-controller,kustomize-controller,helm-controller,notification-controller +apiVersion: v1 +kind: Namespace +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + pod-security.kubernetes.io/warn: restricted + pod-security.kubernetes.io/warn-version: latest + name: flux-system +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + labels: + app.kubernetes.io/component: notification-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: alerts.notification.toolkit.fluxcd.io +spec: + group: notification.toolkit.fluxcd.io + names: + kind: Alert + listKind: AlertList + plural: alerts + singular: alert + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Alert is the Schema for the alerts API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AlertSpec defines an alerting rule for events involving a + list of objects + properties: + eventSeverity: + default: info + description: Filter events based on severity, defaults to ('info'). + If set to 'info' no events will be filtered. + enum: + - info + - error + type: string + eventSources: + description: Filter events based on the involved objects. + items: + description: CrossNamespaceObjectReference contains enough information + to let you locate the typed referenced object at cluster level + properties: + apiVersion: + description: API version of the referent + type: string + kind: + description: Kind of the referent + enum: + - Bucket + - GitRepository + - Kustomization + - HelmRelease + - HelmChart + - HelmRepository + - ImageRepository + - ImagePolicy + - ImageUpdateAutomation + - OCIRepository + type: string + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + name: + description: Name of the referent + maxLength: 53 + minLength: 1 + type: string + namespace: + description: Namespace of the referent + maxLength: 53 + minLength: 1 + type: string + required: + - name + type: object + type: array + exclusionList: + description: A list of Golang regular expressions to be used for excluding + messages. + items: + type: string + type: array + providerRef: + description: Send events using this provider. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + summary: + description: Short description of the impact and affected cluster. + type: string + suspend: + description: This flag tells the controller to suspend subsequent + events dispatching. Defaults to false. + type: boolean + required: + - eventSources + - providerRef + type: object + status: + default: + observedGeneration: -1 + description: AlertStatus defines the observed state of Alert + properties: + conditions: + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: Alert is the Schema for the alerts API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AlertSpec defines an alerting rule for events involving a + list of objects. + properties: + eventSeverity: + default: info + description: EventSeverity specifies how to filter events based on + severity. If set to 'info' no events will be filtered. + enum: + - info + - error + type: string + eventSources: + description: EventSources specifies how to filter events based on + the involved object kind, name and namespace. + items: + description: CrossNamespaceObjectReference contains enough information + to let you locate the typed referenced object at cluster level + properties: + apiVersion: + description: API version of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - Bucket + - GitRepository + - Kustomization + - HelmRelease + - HelmChart + - HelmRepository + - ImageRepository + - ImagePolicy + - ImageUpdateAutomation + - OCIRepository + type: string + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + name: + description: Name of the referent. + maxLength: 53 + minLength: 1 + type: string + namespace: + description: Namespace of the referent. + maxLength: 53 + minLength: 1 + type: string + required: + - name + type: object + type: array + exclusionList: + description: ExclusionList specifies a list of Golang regular expressions + to be used for excluding messages. + items: + type: string + type: array + providerRef: + description: ProviderRef specifies which Provider this Alert should + use. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + summary: + description: Summary holds a short description of the impact and affected + cluster. + maxLength: 255 + type: string + suspend: + description: Suspend tells the controller to suspend subsequent events + handling for this Alert. + type: boolean + required: + - eventSources + - providerRef + type: object + status: + default: + observedGeneration: -1 + description: AlertStatus defines the observed state of the Alert. + properties: + conditions: + description: Conditions holds the conditions for the Alert. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + labels: + app.kubernetes.io/component: source-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: buckets.source.toolkit.fluxcd.io +spec: + group: source.toolkit.fluxcd.io + names: + kind: Bucket + listKind: BucketList + plural: buckets + singular: bucket + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.endpoint + name: Endpoint + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: Bucket is the Schema for the buckets API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BucketSpec defines the desired state of an S3 compatible + bucket + properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + bucketName: + description: The bucket name. + type: string + endpoint: + description: The bucket endpoint address. + type: string + ignore: + description: Ignore overrides the set of excluded patterns in the + .sourceignore format (which is the same as .gitignore). If not provided, + a default will be used, consult the documentation for your version + to find out what those are. + type: string + insecure: + description: Insecure allows connecting to a non-TLS S3 HTTP endpoint. + type: boolean + interval: + description: The interval at which to check for bucket updates. + type: string + provider: + default: generic + description: The S3 compatible storage provider name, default ('generic'). + enum: + - generic + - aws + - gcp + type: string + region: + description: The bucket region. + type: string + secretRef: + description: The name of the secret containing authentication credentials + for the Bucket. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: This flag tells the controller to suspend the reconciliation + of this source. + type: boolean + timeout: + default: 60s + description: The timeout for download operations, defaults to 60s. + type: string + required: + - bucketName + - endpoint + - interval + type: object + status: + default: + observedGeneration: -1 + description: BucketStatus defines the observed state of a bucket + properties: + artifact: + description: Artifact represents the output of the last successful + Bucket sync. + properties: + checksum: + description: Checksum is the SHA256 checksum of the artifact. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of this artifact. + format: date-time + type: string + path: + description: Path is the relative file path of this artifact. + type: string + revision: + description: Revision is a human readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm index timestamp, a Helm chart version, etc. + type: string + url: + description: URL is the HTTP address of this artifact. + type: string + required: + - path + - url + type: object + conditions: + description: Conditions holds the conditions for the Bucket. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + url: + description: URL is the download link for the artifact output of the + last Bucket sync. + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.endpoint + name: Endpoint + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: Bucket is the Schema for the buckets API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BucketSpec specifies the required configuration to produce + an Artifact for an object storage bucket. + properties: + accessFrom: + description: 'AccessFrom specifies an Access Control List for allowing + cross-namespace references to this object. NOTE: Not implemented, + provisional as of https://github.com/fluxcd/flux2/pull/2092' + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + bucketName: + description: BucketName is the name of the object storage bucket. + type: string + endpoint: + description: Endpoint is the object storage address the BucketName + is located at. + type: string + ignore: + description: Ignore overrides the set of excluded patterns in the + .sourceignore format (which is the same as .gitignore). If not provided, + a default will be used, consult the documentation for your version + to find out what those are. + type: string + insecure: + description: Insecure allows connecting to a non-TLS HTTP Endpoint. + type: boolean + interval: + description: Interval at which to check the Endpoint for updates. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + provider: + default: generic + description: Provider of the object storage bucket. Defaults to 'generic', + which expects an S3 (API) compatible object storage. + enum: + - generic + - aws + - gcp + - azure + type: string + region: + description: Region of the Endpoint where the BucketName is located + in. + type: string + secretRef: + description: SecretRef specifies the Secret containing authentication + credentials for the Bucket. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: Suspend tells the controller to suspend the reconciliation + of this Bucket. + type: boolean + timeout: + default: 60s + description: Timeout for fetch operations, defaults to 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + required: + - bucketName + - endpoint + - interval + type: object + status: + default: + observedGeneration: -1 + description: BucketStatus records the observed state of a Bucket. + properties: + artifact: + description: Artifact represents the last successful Bucket reconciliation. + properties: + checksum: + description: Checksum is the SHA256 checksum of the Artifact file. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of the Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: Path is the relative file path of the Artifact. It + can be used to locate the file in the root of the Artifact storage + on the local file system of the controller managing the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: URL is the HTTP address of the Artifact as exposed + by the controller managing the Source. It can be used to retrieve + the Artifact for consumption, e.g. by another controller applying + the Artifact contents. + type: string + required: + - path + - url + type: object + conditions: + description: Conditions holds the conditions for the Bucket. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation of + the Bucket object. + format: int64 + type: integer + observedIgnore: + description: ObservedIgnore is the observed exclusion patterns used + for constructing the source artifact. + type: string + url: + description: URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact + data is recommended. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + labels: + app.kubernetes.io/component: source-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: gitrepositories.source.toolkit.fluxcd.io +spec: + group: source.toolkit.fluxcd.io + names: + kind: GitRepository + listKind: GitRepositoryList + plural: gitrepositories + shortNames: + - gitrepo + singular: gitrepository + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: GitRepository is the Schema for the gitrepositories API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: GitRepositorySpec defines the desired state of a Git repository. + properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + gitImplementation: + default: go-git + description: Determines which git client library to use. Defaults + to go-git, valid values are ('go-git', 'libgit2'). + enum: + - go-git + - libgit2 + type: string + ignore: + description: Ignore overrides the set of excluded patterns in the + .sourceignore format (which is the same as .gitignore). If not provided, + a default will be used, consult the documentation for your version + to find out what those are. + type: string + include: + description: Extra git repositories to map into the repository + items: + description: GitRepositoryInclude defines a source with a from and + to path. + properties: + fromPath: + description: The path to copy contents from, defaults to the + root directory. + type: string + repository: + description: Reference to a GitRepository to include. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + toPath: + description: The path to copy contents to, defaults to the name + of the source ref. + type: string + required: + - repository + type: object + type: array + interval: + description: The interval at which to check for repository updates. + type: string + recurseSubmodules: + description: When enabled, after the clone is created, initializes + all submodules within, using their default settings. This option + is available only when using the 'go-git' GitImplementation. + type: boolean + ref: + description: The Git reference to checkout and monitor for changes, + defaults to master branch. + properties: + branch: + description: The Git branch to checkout, defaults to master. + type: string + commit: + description: The Git commit SHA to checkout, if specified Tag + filters will be ignored. + type: string + semver: + description: The Git tag semver expression, takes precedence over + Tag. + type: string + tag: + description: The Git tag to checkout, takes precedence over Branch. + type: string + type: object + secretRef: + description: The secret name containing the Git credentials. For HTTPS + repositories the secret must contain username and password fields. + For SSH repositories the secret must contain identity and known_hosts + fields. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: This flag tells the controller to suspend the reconciliation + of this source. + type: boolean + timeout: + default: 60s + description: The timeout for remote Git operations like cloning, defaults + to 60s. + type: string + url: + description: The repository URL, can be a HTTP/S or SSH address. + pattern: ^(http|https|ssh)://.*$ + type: string + verify: + description: Verify OpenPGP signature for the Git commit HEAD points + to. + properties: + mode: + description: Mode describes what git object should be verified, + currently ('head'). + enum: + - head + type: string + secretRef: + description: The secret name containing the public keys of all + trusted Git authors. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - mode + type: object + required: + - interval + - url + type: object + status: + default: + observedGeneration: -1 + description: GitRepositoryStatus defines the observed state of a Git repository. + properties: + artifact: + description: Artifact represents the output of the last successful + repository sync. + properties: + checksum: + description: Checksum is the SHA256 checksum of the artifact. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of this artifact. + format: date-time + type: string + path: + description: Path is the relative file path of this artifact. + type: string + revision: + description: Revision is a human readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm index timestamp, a Helm chart version, etc. + type: string + url: + description: URL is the HTTP address of this artifact. + type: string + required: + - path + - url + type: object + conditions: + description: Conditions holds the conditions for the GitRepository. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + includedArtifacts: + description: IncludedArtifacts represents the included artifacts from + the last successful repository sync. + items: + description: Artifact represents the output of a source synchronisation. + properties: + checksum: + description: Checksum is the SHA256 checksum of the artifact. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of this artifact. + format: date-time + type: string + path: + description: Path is the relative file path of this artifact. + type: string + revision: + description: Revision is a human readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm index timestamp, a Helm chart version, etc. + type: string + url: + description: URL is the HTTP address of this artifact. + type: string + required: + - path + - url + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + url: + description: URL is the download link for the artifact output of the + last repository sync. + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: GitRepository is the Schema for the gitrepositories API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: GitRepositorySpec specifies the required configuration to + produce an Artifact for a Git repository. + properties: + accessFrom: + description: 'AccessFrom specifies an Access Control List for allowing + cross-namespace references to this object. NOTE: Not implemented, + provisional as of https://github.com/fluxcd/flux2/pull/2092' + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + gitImplementation: + default: go-git + description: 'GitImplementation specifies which Git client library + implementation to use. Defaults to ''go-git'', valid values are + (''go-git'', ''libgit2''). Deprecated: gitImplementation is deprecated + now that ''go-git'' is the only supported implementation.' + enum: + - go-git + - libgit2 + type: string + ignore: + description: Ignore overrides the set of excluded patterns in the + .sourceignore format (which is the same as .gitignore). If not provided, + a default will be used, consult the documentation for your version + to find out what those are. + type: string + include: + description: Include specifies a list of GitRepository resources which + Artifacts should be included in the Artifact produced for this GitRepository. + items: + description: GitRepositoryInclude specifies a local reference to + a GitRepository which Artifact (sub-)contents must be included, + and where they should be placed. + properties: + fromPath: + description: FromPath specifies the path to copy contents from, + defaults to the root of the Artifact. + type: string + repository: + description: GitRepositoryRef specifies the GitRepository which + Artifact contents must be included. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + toPath: + description: ToPath specifies the path to copy contents to, + defaults to the name of the GitRepositoryRef. + type: string + required: + - repository + type: object + type: array + interval: + description: Interval at which to check the GitRepository for updates. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + recurseSubmodules: + description: RecurseSubmodules enables the initialization of all submodules + within the GitRepository as cloned from the URL, using their default + settings. This option is available only when using the 'go-git' + GitImplementation. + type: boolean + ref: + description: Reference specifies the Git reference to resolve and + monitor for changes, defaults to the 'master' branch. + properties: + branch: + description: "Branch to check out, defaults to 'master' if no + other field is defined. \n When GitRepositorySpec.GitImplementation + is set to 'go-git', a shallow clone of the specified branch + is performed." + type: string + commit: + description: "Commit SHA to check out, takes precedence over all + reference fields. \n When GitRepositorySpec.GitImplementation + is set to 'go-git', this can be combined with Branch to shallow + clone the branch, in which the commit is expected to exist." + type: string + semver: + description: SemVer tag expression to check out, takes precedence + over Tag. + type: string + tag: + description: Tag to check out, takes precedence over Branch. + type: string + type: object + secretRef: + description: SecretRef specifies the Secret containing authentication + credentials for the GitRepository. For HTTPS repositories the Secret + must contain 'username' and 'password' fields. For SSH repositories + the Secret must contain 'identity' and 'known_hosts' fields. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: Suspend tells the controller to suspend the reconciliation + of this GitRepository. + type: boolean + timeout: + default: 60s + description: Timeout for Git operations like cloning, defaults to + 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + url: + description: URL specifies the Git repository URL, it can be an HTTP/S + or SSH address. + pattern: ^(http|https|ssh)://.*$ + type: string + verify: + description: Verification specifies the configuration to verify the + Git commit signature(s). + properties: + mode: + description: Mode specifies what Git object should be verified, + currently ('head'). + enum: + - head + type: string + secretRef: + description: SecretRef specifies the Secret containing the public + keys of trusted Git authors. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - mode + type: object + required: + - interval + - url + type: object + status: + default: + observedGeneration: -1 + description: GitRepositoryStatus records the observed state of a Git repository. + properties: + artifact: + description: Artifact represents the last successful GitRepository + reconciliation. + properties: + checksum: + description: Checksum is the SHA256 checksum of the Artifact file. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of the Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: Path is the relative file path of the Artifact. It + can be used to locate the file in the root of the Artifact storage + on the local file system of the controller managing the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: URL is the HTTP address of the Artifact as exposed + by the controller managing the Source. It can be used to retrieve + the Artifact for consumption, e.g. by another controller applying + the Artifact contents. + type: string + required: + - path + - url + type: object + conditions: + description: Conditions holds the conditions for the GitRepository. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + contentConfigChecksum: + description: "ContentConfigChecksum is a checksum of all the configurations + related to the content of the source artifact: - .spec.ignore - + .spec.recurseSubmodules - .spec.included and the checksum of the + included artifacts observed in .status.observedGeneration version + of the object. This can be used to determine if the content of the + included repository has changed. It has the format of `:`, + for example: `sha256:`. \n Deprecated: Replaced with explicit + fields for observed artifact content config in the status." + type: string + includedArtifacts: + description: IncludedArtifacts contains a list of the last successfully + included Artifacts as instructed by GitRepositorySpec.Include. + items: + description: Artifact represents the output of a Source reconciliation. + properties: + checksum: + description: Checksum is the SHA256 checksum of the Artifact + file. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of the Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI + annotations. + type: object + path: + description: Path is the relative file path of the Artifact. + It can be used to locate the file in the root of the Artifact + storage on the local file system of the controller managing + the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: URL is the HTTP address of the Artifact as exposed + by the controller managing the Source. It can be used to retrieve + the Artifact for consumption, e.g. by another controller applying + the Artifact contents. + type: string + required: + - path + - url + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation of + the GitRepository object. + format: int64 + type: integer + observedIgnore: + description: ObservedIgnore is the observed exclusion patterns used + for constructing the source artifact. + type: string + observedInclude: + description: ObservedInclude is the observed list of GitRepository + resources used to to produce the current Artifact. + items: + description: GitRepositoryInclude specifies a local reference to + a GitRepository which Artifact (sub-)contents must be included, + and where they should be placed. + properties: + fromPath: + description: FromPath specifies the path to copy contents from, + defaults to the root of the Artifact. + type: string + repository: + description: GitRepositoryRef specifies the GitRepository which + Artifact contents must be included. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + toPath: + description: ToPath specifies the path to copy contents to, + defaults to the name of the GitRepositoryRef. + type: string + required: + - repository + type: object + type: array + observedRecurseSubmodules: + description: ObservedRecurseSubmodules is the observed resource submodules + configuration used to produce the current Artifact. + type: boolean + url: + description: URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise GitRepositoryStatus.Artifact + data is recommended. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + labels: + app.kubernetes.io/component: source-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: helmcharts.source.toolkit.fluxcd.io +spec: + group: source.toolkit.fluxcd.io + names: + kind: HelmChart + listKind: HelmChartList + plural: helmcharts + shortNames: + - hc + singular: helmchart + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.chart + name: Chart + type: string + - jsonPath: .spec.version + name: Version + type: string + - jsonPath: .spec.sourceRef.kind + name: Source Kind + type: string + - jsonPath: .spec.sourceRef.name + name: Source Name + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: HelmChart is the Schema for the helmcharts API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HelmChartSpec defines the desired state of a Helm chart. + properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + chart: + description: The name or path the Helm chart is available at in the + SourceRef. + type: string + interval: + description: The interval at which to check the Source for updates. + type: string + reconcileStrategy: + default: ChartVersion + description: Determines what enables the creation of a new artifact. + Valid values are ('ChartVersion', 'Revision'). See the documentation + of the values for an explanation on their behavior. Defaults to + ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: The reference to the Source the chart is available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent, valid values are ('HelmRepository', + 'GitRepository', 'Bucket'). + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + type: string + required: + - kind + - name + type: object + suspend: + description: This flag tells the controller to suspend the reconciliation + of this source. + type: boolean + valuesFile: + description: Alternative values file to use as the default chart values, + expected to be a relative path in the SourceRef. Deprecated in favor + of ValuesFiles, for backwards compatibility the file defined here + is merged before the ValuesFiles items. Ignored when omitted. + type: string + valuesFiles: + description: Alternative list of values files to use as the chart + values (values.yaml is not included by default), expected to be + a relative path in the SourceRef. Values files are merged in the + order of this list with the last file overriding the first. Ignored + when omitted. + items: + type: string + type: array + version: + default: '*' + description: The chart version semver expression, ignored for charts + from GitRepository and Bucket sources. Defaults to latest when omitted. + type: string + required: + - chart + - interval + - sourceRef + type: object + status: + default: + observedGeneration: -1 + description: HelmChartStatus defines the observed state of the HelmChart. + properties: + artifact: + description: Artifact represents the output of the last successful + chart sync. + properties: + checksum: + description: Checksum is the SHA256 checksum of the artifact. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of this artifact. + format: date-time + type: string + path: + description: Path is the relative file path of this artifact. + type: string + revision: + description: Revision is a human readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm index timestamp, a Helm chart version, etc. + type: string + url: + description: URL is the HTTP address of this artifact. + type: string + required: + - path + - url + type: object + conditions: + description: Conditions holds the conditions for the HelmChart. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + url: + description: URL is the download link for the last chart pulled. + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.chart + name: Chart + type: string + - jsonPath: .spec.version + name: Version + type: string + - jsonPath: .spec.sourceRef.kind + name: Source Kind + type: string + - jsonPath: .spec.sourceRef.name + name: Source Name + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: HelmChart is the Schema for the helmcharts API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HelmChartSpec specifies the desired state of a Helm chart. + properties: + accessFrom: + description: 'AccessFrom specifies an Access Control List for allowing + cross-namespace references to this object. NOTE: Not implemented, + provisional as of https://github.com/fluxcd/flux2/pull/2092' + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + chart: + description: Chart is the name or path the Helm chart is available + at in the SourceRef. + type: string + interval: + description: Interval is the interval at which to check the Source + for updates. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: ReconcileStrategy determines what enables the creation + of a new artifact. Valid values are ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on their + behavior. Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: SourceRef is the reference to the Source the chart is + available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent, valid values are ('HelmRepository', + 'GitRepository', 'Bucket'). + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + type: string + required: + - kind + - name + type: object + suspend: + description: Suspend tells the controller to suspend the reconciliation + of this source. + type: boolean + valuesFile: + description: ValuesFile is an alternative values file to use as the + default chart values, expected to be a relative path in the SourceRef. + Deprecated in favor of ValuesFiles, for backwards compatibility + the file specified here is merged before the ValuesFiles items. + Ignored when omitted. + type: string + valuesFiles: + description: ValuesFiles is an alternative list of values files to + use as the chart values (values.yaml is not included by default), + expected to be a relative path in the SourceRef. Values files are + merged in the order of this list with the last file overriding the + first. Ignored when omitted. + items: + type: string + type: array + verify: + description: Verify contains the secret name containing the trusted + public keys used to verify the signature and specifies which provider + to use to check whether OCI image is authentic. This field is only + supported when using HelmRepository source with spec.type 'oci'. + Chart dependencies, which are not bundled in the umbrella chart + artifact, are not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to sign the + OCI Artifact. + enum: + - cosign + type: string + secretRef: + description: SecretRef specifies the Kubernetes Secret containing + the trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: Version is the chart version semver expression, ignored + for charts from GitRepository and Bucket sources. Defaults to latest + when omitted. + type: string + required: + - chart + - interval + - sourceRef + type: object + status: + default: + observedGeneration: -1 + description: HelmChartStatus records the observed state of the HelmChart. + properties: + artifact: + description: Artifact represents the output of the last successful + reconciliation. + properties: + checksum: + description: Checksum is the SHA256 checksum of the Artifact file. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of the Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: Path is the relative file path of the Artifact. It + can be used to locate the file in the root of the Artifact storage + on the local file system of the controller managing the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: URL is the HTTP address of the Artifact as exposed + by the controller managing the Source. It can be used to retrieve + the Artifact for consumption, e.g. by another controller applying + the Artifact contents. + type: string + required: + - path + - url + type: object + conditions: + description: Conditions holds the conditions for the HelmChart. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedChartName: + description: ObservedChartName is the last observed chart name as + specified by the resolved chart reference. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation of + the HelmChart object. + format: int64 + type: integer + observedSourceArtifactRevision: + description: ObservedSourceArtifactRevision is the last observed Artifact.Revision + of the HelmChartSpec.SourceRef. + type: string + url: + description: URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact + data is recommended. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + labels: + app.kubernetes.io/component: helm-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: helmreleases.helm.toolkit.fluxcd.io +spec: + group: helm.toolkit.fluxcd.io + names: + kind: HelmRelease + listKind: HelmReleaseList + plural: helmreleases + shortNames: + - hr + singular: helmrelease + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v2beta1 + schema: + openAPIV3Schema: + description: HelmRelease is the Schema for the helmreleases API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HelmReleaseSpec defines the desired state of a Helm release. + properties: + chart: + description: Chart defines the template of the v1beta2.HelmChart that + should be created for this HelmRelease. + properties: + spec: + description: Spec holds the template for the v1beta2.HelmChartSpec + for this HelmRelease. + properties: + chart: + description: The name or path the Helm chart is available + at in the SourceRef. + type: string + interval: + description: Interval at which to check the v1beta2.Source + for updates. Defaults to 'HelmReleaseSpec.Interval'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: Determines what enables the creation of a new + artifact. Valid values are ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on + their behavior. Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: The name and namespace of the v1beta2.Source + the chart is available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: Namespace of the referent. + maxLength: 63 + minLength: 1 + type: string + required: + - name + type: object + valuesFile: + description: Alternative values file to use as the default + chart values, expected to be a relative path in the SourceRef. + Deprecated in favor of ValuesFiles, for backwards compatibility + the file defined here is merged before the ValuesFiles items. + Ignored when omitted. + type: string + valuesFiles: + description: Alternative list of values files to use as the + chart values (values.yaml is not included by default), expected + to be a relative path in the SourceRef. Values files are + merged in the order of this list with the last file overriding + the first. Ignored when omitted. + items: + type: string + type: array + verify: + description: Verify contains the secret name containing the + trusted public keys used to verify the signature and specifies + which provider to use to check whether OCI image is authentic. + This field is only supported for OCI sources. Chart dependencies, + which are not bundled in the umbrella chart artifact, are + not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to + sign the OCI Helm chart. + enum: + - cosign + type: string + secretRef: + description: SecretRef specifies the Kubernetes Secret + containing the trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: Version semver expression, ignored for charts + from v1beta2.GitRepository and v1beta2.Bucket sources. Defaults + to latest when omitted. + type: string + required: + - chart + - sourceRef + type: object + required: + - spec + type: object + dependsOn: + description: DependsOn may contain a meta.NamespacedObjectReference + slice with references to HelmRelease resources that must be ready + before this HelmRelease can be reconciled. + items: + description: NamespacedObjectReference contains enough information + to locate the referenced Kubernetes resource object in any namespace. + properties: + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. + type: string + required: + - name + type: object + type: array + install: + description: Install holds the configuration for Helm install actions + for this HelmRelease. + properties: + crds: + description: "CRDs upgrade CRDs from the Helm Chart's crds directory + according to the CRD upgrade policy provided here. Valid values + are `Skip`, `Create` or `CreateReplace`. Default is `Create` + and if omitted CRDs are installed but not updated. \n Skip: + do neither install nor replace (update) any CRDs. \n Create: + new CRDs are created, existing CRDs are neither updated nor + deleted. \n CreateReplace: new CRDs are created, existing CRDs + are updated (replaced) but not deleted. \n By default, CRDs + are applied (installed) during Helm install action. With this + option users can opt-in to CRD replace existing CRDs on Helm + install actions, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions." + enum: + - Skip + - Create + - CreateReplace + type: string + createNamespace: + description: CreateNamespace tells the Helm install action to + create the HelmReleaseSpec.TargetNamespace if it does not exist + yet. On uninstall, the namespace will not be garbage collected. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm install action. + type: boolean + disableOpenAPIValidation: + description: DisableOpenAPIValidation prevents the Helm install + action from validating rendered templates against the Kubernetes + OpenAPI Schema. + type: boolean + disableWait: + description: DisableWait disables the waiting for resources to + be ready after a Helm install has been performed. + type: boolean + disableWaitForJobs: + description: DisableWaitForJobs disables waiting for jobs to complete + after a Helm install has been performed. + type: boolean + remediation: + description: Remediation holds the remediation configuration for + when the Helm install action for the HelmRelease fails. The + default is to not perform any action. + properties: + ignoreTestFailures: + description: IgnoreTestFailures tells the controller to skip + remediation when the Helm tests are run after an install + action but fail. Defaults to 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: RemediateLastFailure tells the controller to + remediate the last failure, when no retries remain. Defaults + to 'false'. + type: boolean + retries: + description: Retries is the number of retries that should + be attempted on failures before bailing. Remediation, using + an uninstall, is performed between each attempt. Defaults + to '0', a negative integer equals to unlimited retries. + type: integer + type: object + replace: + description: Replace tells the Helm install action to re-use the + 'ReleaseName', but only if that name is a deleted release which + remains in the history. + type: boolean + skipCRDs: + description: "SkipCRDs tells the Helm install action to not install + any CRDs. By default, CRDs are installed if not already present. + \n Deprecated use CRD policy (`crds`) attribute with value `Skip` + instead." + type: boolean + timeout: + description: Timeout is the time to wait for any individual Kubernetes + operation (like Jobs for hooks) during the performance of a + Helm install action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + interval: + description: Interval at which to reconcile the Helm release. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + kubeConfig: + description: KubeConfig for reconciling the HelmRelease on a remote + cluster. When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at + the target cluster. If the --default-service-account flag is set, + its value will be used as a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. + properties: + secretRef: + description: SecretRef holds the name to a secret that contains + a key with the kubeconfig file as the value. If no key is specified + the key will default to 'value'. The secret must be in the same + namespace as the HelmRelease. It is recommended that the kubeconfig + is self-contained, and the secret is regularly updated if credentials + such as a cloud-access-token expire. Cloud specific `cmd-path` + auth helpers will not function without adding binaries and credentials + to the Pod that is responsible for reconciling the HelmRelease. + properties: + key: + description: Key in the Secret, when not specified an implementation-specific + default key is used. + type: string + name: + description: Name of the Secret. + type: string + required: + - name + type: object + type: object + maxHistory: + description: MaxHistory is the number of revisions saved by Helm for + this HelmRelease. Use '0' for an unlimited number of revisions; + defaults to '10'. + type: integer + postRenderers: + description: PostRenderers holds an array of Helm PostRenderers, which + will be applied in order of their definition. + items: + description: PostRenderer contains a Helm PostRenderer specification. + properties: + kustomize: + description: Kustomization to apply as PostRenderer. + properties: + images: + description: Images is a list of (image name, new name, + new tag or digest) for changing image names, tags or digests. + This can also be achieved with a patch, but this operator + is simpler to specify. + items: + description: Image contains an image name, a new name, + a new tag or digest, which will replace the original + name and tag. + properties: + digest: + description: Digest is the value used to replace the + original image tag. If digest is present NewTag + value is ignored. + type: string + name: + description: Name is a tag-less image name. + type: string + newName: + description: NewName is the value used to replace + the original name. + type: string + newTag: + description: NewTag is the value used to replace the + original tag. + type: string + required: + - name + type: object + type: array + patches: + description: Strategic merge and JSON patches, defined as + inline YAML objects, capable of targeting objects based + on kind, label and annotation selectors. + items: + description: Patch contains an inline StrategicMerge or + JSON6902 patch, and the target the patch should be applied + to. + properties: + patch: + description: Patch contains an inline StrategicMerge + patch or an inline JSON6902 patch with an array + of operation objects. + type: string + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: AnnotationSelector is a string that + follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: Group is the API group to select + resources from. Together with Version and Kind + it is capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: Kind of the API Group to select resources + from. Together with Group and Version it is + capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: LabelSelector is a string that follows + the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: Version of the API Group to select + resources from. Together with Group and Kind + it is capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + type: object + type: array + patchesJson6902: + description: JSON 6902 patches, defined as inline YAML objects. + items: + description: JSON6902Patch contains a JSON6902 patch and + the target the patch should be applied to. + properties: + patch: + description: Patch contains the JSON6902 patch document + with an array of operation objects. + items: + description: JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 + properties: + from: + description: From contains a JSON-pointer value + that references a location within the target + document where the operation is performed. + The meaning of the value depends on the value + of Op, and is NOT taken into account by all + operations. + type: string + op: + description: Op indicates the operation to perform. + Its value MUST be one of "add", "remove", + "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + enum: + - test + - remove + - add + - replace + - move + - copy + type: string + path: + description: Path contains the JSON-pointer + value that references a location within the + target document where the operation is performed. + The meaning of the value depends on the value + of Op. + type: string + value: + description: Value contains a valid JSON structure. + The meaning of the value depends on the value + of Op, and is NOT taken into account by all + operations. + x-kubernetes-preserve-unknown-fields: true + required: + - op + - path + type: object + type: array + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: AnnotationSelector is a string that + follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: Group is the API group to select + resources from. Together with Version and Kind + it is capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: Kind of the API Group to select resources + from. Together with Group and Version it is + capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: LabelSelector is a string that follows + the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: Version of the API Group to select + resources from. Together with Group and Kind + it is capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + - target + type: object + type: array + patchesStrategicMerge: + description: Strategic merge patches, defined as inline + YAML objects. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + type: object + type: array + releaseName: + description: ReleaseName used for the Helm release. Defaults to a + composition of '[TargetNamespace-]Name'. + maxLength: 53 + minLength: 1 + type: string + rollback: + description: Rollback holds the configuration for Helm rollback actions + for this HelmRelease. + properties: + cleanupOnFail: + description: CleanupOnFail allows deletion of new resources created + during the Helm rollback action when it fails. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: DisableWait disables the waiting for resources to + be ready after a Helm rollback has been performed. + type: boolean + disableWaitForJobs: + description: DisableWaitForJobs disables waiting for jobs to complete + after a Helm rollback has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + recreate: + description: Recreate performs pod restarts for the resource if + applicable. + type: boolean + timeout: + description: Timeout is the time to wait for any individual Kubernetes + operation (like Jobs for hooks) during the performance of a + Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + serviceAccountName: + description: The name of the Kubernetes service account to impersonate + when reconciling this HelmRelease. + type: string + storageNamespace: + description: StorageNamespace used for the Helm storage. Defaults + to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + suspend: + description: Suspend tells the controller to suspend reconciliation + for this HelmRelease, it does not apply to already started reconciliations. + Defaults to false. + type: boolean + targetNamespace: + description: TargetNamespace to target when performing operations + for the HelmRelease. Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + test: + description: Test holds the configuration for Helm test actions for + this HelmRelease. + properties: + enable: + description: Enable enables Helm test actions for this HelmRelease + after an Helm install or upgrade action has been performed. + type: boolean + ignoreFailures: + description: IgnoreFailures tells the controller to skip remediation + when the Helm tests are run but fail. Can be overwritten for + tests run after install or upgrade actions in 'Install.IgnoreTestFailures' + and 'Upgrade.IgnoreTestFailures'. + type: boolean + timeout: + description: Timeout is the time to wait for any individual Kubernetes + operation during the performance of a Helm test action. Defaults + to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + timeout: + description: Timeout is the time to wait for any individual Kubernetes + operation (like Jobs for hooks) during the performance of a Helm + action. Defaults to '5m0s'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + uninstall: + description: Uninstall holds the configuration for Helm uninstall + actions for this HelmRelease. + properties: + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: DisableWait disables waiting for all the resources + to be deleted after a Helm uninstall is performed. + type: boolean + keepHistory: + description: KeepHistory tells Helm to remove all associated resources + and mark the release as deleted, but retain the release history. + type: boolean + timeout: + description: Timeout is the time to wait for any individual Kubernetes + operation (like Jobs for hooks) during the performance of a + Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + upgrade: + description: Upgrade holds the configuration for Helm upgrade actions + for this HelmRelease. + properties: + cleanupOnFail: + description: CleanupOnFail allows deletion of new resources created + during the Helm upgrade action when it fails. + type: boolean + crds: + description: "CRDs upgrade CRDs from the Helm Chart's crds directory + according to the CRD upgrade policy provided here. Valid values + are `Skip`, `Create` or `CreateReplace`. Default is `Skip` and + if omitted CRDs are neither installed nor upgraded. \n Skip: + do neither install nor replace (update) any CRDs. \n Create: + new CRDs are created, existing CRDs are neither updated nor + deleted. \n CreateReplace: new CRDs are created, existing CRDs + are updated (replaced) but not deleted. \n By default, CRDs + are not applied during Helm upgrade action. With this option + users can opt-in to CRD upgrade, which is not (yet) natively + supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." + enum: + - Skip + - Create + - CreateReplace + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm upgrade action. + type: boolean + disableOpenAPIValidation: + description: DisableOpenAPIValidation prevents the Helm upgrade + action from validating rendered templates against the Kubernetes + OpenAPI Schema. + type: boolean + disableWait: + description: DisableWait disables the waiting for resources to + be ready after a Helm upgrade has been performed. + type: boolean + disableWaitForJobs: + description: DisableWaitForJobs disables waiting for jobs to complete + after a Helm upgrade has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + preserveValues: + description: PreserveValues will make Helm reuse the last release's + values and merge in overrides from 'Values'. Setting this flag + makes the HelmRelease non-declarative. + type: boolean + remediation: + description: Remediation holds the remediation configuration for + when the Helm upgrade action for the HelmRelease fails. The + default is to not perform any action. + properties: + ignoreTestFailures: + description: IgnoreTestFailures tells the controller to skip + remediation when the Helm tests are run after an upgrade + action but fail. Defaults to 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: RemediateLastFailure tells the controller to + remediate the last failure, when no retries remain. Defaults + to 'false' unless 'Retries' is greater than 0. + type: boolean + retries: + description: Retries is the number of retries that should + be attempted on failures before bailing. Remediation, using + 'Strategy', is performed between each attempt. Defaults + to '0', a negative integer equals to unlimited retries. + type: integer + strategy: + description: Strategy to use for failure remediation. Defaults + to 'rollback'. + enum: + - rollback + - uninstall + type: string + type: object + timeout: + description: Timeout is the time to wait for any individual Kubernetes + operation (like Jobs for hooks) during the performance of a + Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + values: + description: Values holds the values for this Helm release. + x-kubernetes-preserve-unknown-fields: true + valuesFrom: + description: ValuesFrom holds references to resources containing Helm + values for this HelmRelease, and information about how they should + be merged. + items: + description: ValuesReference contains a reference to a resource + containing Helm values, and optionally the key they can be found + at. + properties: + kind: + description: Kind of the values referent, valid values are ('Secret', + 'ConfigMap'). + enum: + - Secret + - ConfigMap + type: string + name: + description: Name of the values referent. Should reside in the + same namespace as the referring resource. + maxLength: 253 + minLength: 1 + type: string + optional: + description: Optional marks this ValuesReference as optional. + When set, a not found error for the values reference is ignored, + but any ValuesKey, TargetPath or transient error will still + result in a reconciliation failure. + type: boolean + targetPath: + description: TargetPath is the YAML dot notation path the value + should be merged at. When set, the ValuesKey is expected to + be a single flat value. Defaults to 'None', which results + in the values getting merged at the root. + maxLength: 250 + pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ + type: string + valuesKey: + description: ValuesKey is the data key where the values.yaml + or a specific value can be found at. Defaults to 'values.yaml'. + When set, must be a valid Data Key, consisting of alphanumeric + characters, '-', '_' or '.'. + maxLength: 253 + pattern: ^[\-._a-zA-Z0-9]+$ + type: string + required: + - kind + - name + type: object + type: array + required: + - chart + - interval + type: object + status: + default: + observedGeneration: -1 + description: HelmReleaseStatus defines the observed state of a HelmRelease. + properties: + conditions: + description: Conditions holds the conditions for the HelmRelease. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + failures: + description: Failures is the reconciliation failure count against + the latest desired state. It is reset after a successful reconciliation. + format: int64 + type: integer + helmChart: + description: HelmChart is the namespaced name of the HelmChart resource + created by the controller for the HelmRelease. + type: string + installFailures: + description: InstallFailures is the install failure count against + the latest desired state. It is reset after a successful reconciliation. + format: int64 + type: integer + lastAppliedRevision: + description: LastAppliedRevision is the revision of the last successfully + applied source. + type: string + lastAttemptedRevision: + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. + type: string + lastAttemptedValuesChecksum: + description: LastAttemptedValuesChecksum is the SHA1 checksum of the + values of the last reconciliation attempt. + type: string + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + lastReleaseRevision: + description: LastReleaseRevision is the revision of the last successful + Helm release. + type: integer + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + upgradeFailures: + description: UpgradeFailures is the upgrade failure count against + the latest desired state. It is reset after a successful reconciliation. + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + labels: + app.kubernetes.io/component: source-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: helmrepositories.source.toolkit.fluxcd.io +spec: + group: source.toolkit.fluxcd.io + names: + kind: HelmRepository + listKind: HelmRepositoryList + plural: helmrepositories + shortNames: + - helmrepo + singular: helmrepository + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: HelmRepository is the Schema for the helmrepositories API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HelmRepositorySpec defines the reference to a Helm repository. + properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + interval: + description: The interval at which to check the upstream for updates. + type: string + passCredentials: + description: PassCredentials allows the credentials from the SecretRef + to be passed on to a host that does not match the host as defined + in URL. This may be required if the host of the advertised chart + URLs in the index differ from the defined URL. Enabling this should + be done with caution, as it can potentially result in credentials + getting stolen in a MITM-attack. + type: boolean + secretRef: + description: The name of the secret containing authentication credentials + for the Helm repository. For HTTP/S basic auth the secret must contain + username and password fields. For TLS the secret must contain a + certFile and keyFile, and/or caCert fields. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: This flag tells the controller to suspend the reconciliation + of this source. + type: boolean + timeout: + default: 60s + description: The timeout of index downloading, defaults to 60s. + type: string + url: + description: The Helm repository URL, a valid URL contains at least + a protocol and host. + type: string + required: + - interval + - url + type: object + status: + default: + observedGeneration: -1 + description: HelmRepositoryStatus defines the observed state of the HelmRepository. + properties: + artifact: + description: Artifact represents the output of the last successful + repository sync. + properties: + checksum: + description: Checksum is the SHA256 checksum of the artifact. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of this artifact. + format: date-time + type: string + path: + description: Path is the relative file path of this artifact. + type: string + revision: + description: Revision is a human readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm index timestamp, a Helm chart version, etc. + type: string + url: + description: URL is the HTTP address of this artifact. + type: string + required: + - path + - url + type: object + conditions: + description: Conditions holds the conditions for the HelmRepository. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + url: + description: URL is the download link for the last index fetched. + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: HelmRepository is the Schema for the helmrepositories API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HelmRepositorySpec specifies the required configuration to + produce an Artifact for a Helm repository index YAML. + properties: + accessFrom: + description: 'AccessFrom specifies an Access Control List for allowing + cross-namespace references to this object. NOTE: Not implemented, + provisional as of https://github.com/fluxcd/flux2/pull/2092' + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + interval: + description: Interval at which to check the URL for updates. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + passCredentials: + description: PassCredentials allows the credentials from the SecretRef + to be passed on to a host that does not match the host as defined + in URL. This may be required if the host of the advertised chart + URLs in the index differ from the defined URL. Enabling this should + be done with caution, as it can potentially result in credentials + getting stolen in a MITM-attack. + type: boolean + provider: + default: generic + description: Provider used for authentication, can be 'aws', 'azure', + 'gcp' or 'generic'. This field is optional, and only taken into + account if the .spec.type field is set to 'oci'. When not specified, + defaults to 'generic'. + enum: + - generic + - aws + - azure + - gcp + type: string + secretRef: + description: SecretRef specifies the Secret containing authentication + credentials for the HelmRepository. For HTTP/S basic auth the secret + must contain 'username' and 'password' fields. For TLS the secret + must contain a 'certFile' and 'keyFile', and/or 'caCert' fields. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: Suspend tells the controller to suspend the reconciliation + of this HelmRepository. + type: boolean + timeout: + default: 60s + description: Timeout is used for the index fetch operation for an + HTTPS helm repository, and for remote OCI Repository operations + like pulling for an OCI helm repository. Its default value is 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + type: + description: Type of the HelmRepository. When this field is set to "oci", + the URL field value must be prefixed with "oci://". + enum: + - default + - oci + type: string + url: + description: URL of the Helm repository, a valid URL contains at least + a protocol and host. + type: string + required: + - interval + - url + type: object + status: + default: + observedGeneration: -1 + description: HelmRepositoryStatus records the observed state of the HelmRepository. + properties: + artifact: + description: Artifact represents the last successful HelmRepository + reconciliation. + properties: + checksum: + description: Checksum is the SHA256 checksum of the Artifact file. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of the Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: Path is the relative file path of the Artifact. It + can be used to locate the file in the root of the Artifact storage + on the local file system of the controller managing the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: URL is the HTTP address of the Artifact as exposed + by the controller managing the Source. It can be used to retrieve + the Artifact for consumption, e.g. by another controller applying + the Artifact contents. + type: string + required: + - path + - url + type: object + conditions: + description: Conditions holds the conditions for the HelmRepository. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation of + the HelmRepository object. + format: int64 + type: integer + url: + description: URL is the dynamic fetch link for the latest Artifact. + It is provided on a "best effort" basis, and using the precise HelmRepositoryStatus.Artifact + data is recommended. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + labels: + app.kubernetes.io/component: kustomize-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: kustomizations.kustomize.toolkit.fluxcd.io +spec: + group: kustomize.toolkit.fluxcd.io + names: + kind: Kustomization + listKind: KustomizationList + plural: kustomizations + shortNames: + - ks + singular: kustomization + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: Kustomization is the Schema for the kustomizations API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KustomizationSpec defines the desired state of a kustomization. + properties: + decryption: + description: Decrypt Kubernetes secrets before applying them on the + cluster. + properties: + provider: + description: Provider is the name of the decryption engine. + enum: + - sops + type: string + secretRef: + description: The secret name containing the private OpenPGP keys + used for decryption. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + dependsOn: + description: DependsOn may contain a meta.NamespacedObjectReference + slice with references to Kustomization resources that must be ready + before this Kustomization can be reconciled. + items: + description: NamespacedObjectReference contains enough information + to locate the referenced Kubernetes resource object in any namespace. + properties: + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. + type: string + required: + - name + type: object + type: array + force: + default: false + description: Force instructs the controller to recreate resources + when patching fails due to an immutable field change. + type: boolean + healthChecks: + description: A list of resources to be included in the health assessment. + items: + description: NamespacedObjectKindReference contains enough information + to locate the typed referenced Kubernetes resource object in any + namespace. + properties: + apiVersion: + description: API version of the referent, if not specified the + Kubernetes preferred version will be used. + type: string + kind: + description: Kind of the referent. + type: string + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. + type: string + required: + - kind + - name + type: object + type: array + images: + description: Images is a list of (image name, new name, new tag or + digest) for changing image names, tags or digests. This can also + be achieved with a patch, but this operator is simpler to specify. + items: + description: Image contains an image name, a new name, a new tag + or digest, which will replace the original name and tag. + properties: + digest: + description: Digest is the value used to replace the original + image tag. If digest is present NewTag value is ignored. + type: string + name: + description: Name is a tag-less image name. + type: string + newName: + description: NewName is the value used to replace the original + name. + type: string + newTag: + description: NewTag is the value used to replace the original + tag. + type: string + required: + - name + type: object + type: array + interval: + description: The interval at which to reconcile the Kustomization. + type: string + kubeConfig: + description: The KubeConfig for reconciling the Kustomization on a + remote cluster. When specified, KubeConfig takes precedence over + ServiceAccountName. + properties: + secretRef: + description: SecretRef holds the name to a secret that contains + a 'value' key with the kubeconfig file as the value. It must + be in the same namespace as the Kustomization. It is recommended + that the kubeconfig is self-contained, and the secret is regularly + updated if credentials such as a cloud-access-token expire. + Cloud specific `cmd-path` auth helpers will not function without + adding binaries and credentials to the Pod that is responsible + for reconciling the Kustomization. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + type: object + patches: + description: Strategic merge and JSON patches, defined as inline YAML + objects, capable of targeting objects based on kind, label and annotation + selectors. + items: + description: Patch contains an inline StrategicMerge or JSON6902 + patch, and the target the patch should be applied to. + properties: + patch: + description: Patch contains an inline StrategicMerge patch or + an inline JSON6902 patch with an array of operation objects. + type: string + target: + description: Target points to the resources that the patch document + should be applied to. + properties: + annotationSelector: + description: AnnotationSelector is a string that follows + the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: Group is the API group to select resources + from. Together with Version and Kind it is capable of + unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: LabelSelector is a string that follows the + label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: Version of the API Group to select resources + from. Together with Group and Kind it is capable of unambiguously + identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + type: object + type: array + patchesJson6902: + description: JSON 6902 patches, defined as inline YAML objects. + items: + description: JSON6902Patch contains a JSON6902 patch and the target + the patch should be applied to. + properties: + patch: + description: Patch contains the JSON6902 patch document with + an array of operation objects. + items: + description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 + properties: + from: + description: From contains a JSON-pointer value that references + a location within the target document where the operation + is performed. The meaning of the value depends on the + value of Op, and is NOT taken into account by all operations. + type: string + op: + description: Op indicates the operation to perform. Its + value MUST be one of "add", "remove", "replace", "move", + "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + enum: + - test + - remove + - add + - replace + - move + - copy + type: string + path: + description: Path contains the JSON-pointer value that + references a location within the target document where + the operation is performed. The meaning of the value + depends on the value of Op. + type: string + value: + description: Value contains a valid JSON structure. The + meaning of the value depends on the value of Op, and + is NOT taken into account by all operations. + x-kubernetes-preserve-unknown-fields: true + required: + - op + - path + type: object + type: array + target: + description: Target points to the resources that the patch document + should be applied to. + properties: + annotationSelector: + description: AnnotationSelector is a string that follows + the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: Group is the API group to select resources + from. Together with Version and Kind it is capable of + unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: LabelSelector is a string that follows the + label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: Version of the API Group to select resources + from. Together with Group and Kind it is capable of unambiguously + identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + - target + type: object + type: array + patchesStrategicMerge: + description: Strategic merge patches, defined as inline YAML objects. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + path: + description: Path to the directory containing the kustomization.yaml + file, or the set of plain YAMLs a kustomization.yaml should be generated + for. Defaults to 'None', which translates to the root path of the + SourceRef. + type: string + postBuild: + description: PostBuild describes which actions to perform on the YAML + manifest generated by building the kustomize overlay. + properties: + substitute: + additionalProperties: + type: string + description: Substitute holds a map of key/value pairs. The variables + defined in your YAML manifests that match any of the keys defined + in the map will be substituted with the set value. Includes + support for bash string replacement functions e.g. ${var:=default}, + ${var:position} and ${var/substring/replacement}. + type: object + substituteFrom: + description: SubstituteFrom holds references to ConfigMaps and + Secrets containing the variables and their values to be substituted + in the YAML manifests. The ConfigMap and the Secret data keys + represent the var names and they must match the vars declared + in the manifests for the substitution to happen. + items: + description: SubstituteReference contains a reference to a resource + containing the variables name and value. + properties: + kind: + description: Kind of the values referent, valid values are + ('Secret', 'ConfigMap'). + enum: + - Secret + - ConfigMap + type: string + name: + description: Name of the values referent. Should reside + in the same namespace as the referring resource. + maxLength: 253 + minLength: 1 + type: string + required: + - kind + - name + type: object + type: array + type: object + prune: + description: Prune enables garbage collection. + type: boolean + retryInterval: + description: The interval at which to retry a previously failed reconciliation. + When not specified, the controller uses the KustomizationSpec.Interval + value to retry failures. + type: string + serviceAccountName: + description: The name of the Kubernetes service account to impersonate + when reconciling this Kustomization. + type: string + sourceRef: + description: Reference of the source where the kustomization file + is. + properties: + apiVersion: + description: API version of the referent + type: string + kind: + description: Kind of the referent + enum: + - GitRepository + - Bucket + type: string + name: + description: Name of the referent + type: string + namespace: + description: Namespace of the referent, defaults to the Kustomization + namespace + type: string + required: + - kind + - name + type: object + suspend: + description: This flag tells the controller to suspend subsequent + kustomize executions, it does not apply to already started executions. + Defaults to false. + type: boolean + targetNamespace: + description: TargetNamespace sets or overrides the namespace in the + kustomization.yaml file. + maxLength: 63 + minLength: 1 + type: string + timeout: + description: Timeout for validation, apply and health checking operations. + Defaults to 'Interval' duration. + type: string + validation: + description: Validate the Kubernetes objects before applying them + on the cluster. The validation strategy can be 'client' (local dry-run), + 'server' (APIServer dry-run) or 'none'. When 'Force' is 'true', + validation will fallback to 'client' if set to 'server' because + server-side validation is not supported in this scenario. + enum: + - none + - client + - server + type: string + required: + - interval + - prune + - sourceRef + type: object + status: + default: + observedGeneration: -1 + description: KustomizationStatus defines the observed state of a kustomization. + properties: + conditions: + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastAppliedRevision: + description: The last successfully applied revision. The revision + format for Git sources is /. + type: string + lastAttemptedRevision: + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. + type: string + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last reconciled generation. + format: int64 + type: integer + snapshot: + description: The last successfully applied revision metadata. + properties: + checksum: + description: The manifests sha1 checksum. + type: string + entries: + description: A list of Kubernetes kinds grouped by namespace. + items: + description: Snapshot holds the metadata of namespaced Kubernetes + objects + properties: + kinds: + additionalProperties: + type: string + description: The list of Kubernetes kinds. + type: object + namespace: + description: The namespace of this entry. + type: string + required: + - kinds + type: object + type: array + required: + - checksum + - entries + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: Kustomization is the Schema for the kustomizations API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KustomizationSpec defines the configuration to calculate + the desired state from a Source using Kustomize. + properties: + components: + description: Components specifies relative paths to specifications + of other Components + items: + type: string + type: array + decryption: + description: Decrypt Kubernetes secrets before applying them on the + cluster. + properties: + provider: + description: Provider is the name of the decryption engine. + enum: + - sops + type: string + secretRef: + description: The secret name containing the private OpenPGP keys + used for decryption. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + dependsOn: + description: DependsOn may contain a meta.NamespacedObjectReference + slice with references to Kustomization resources that must be ready + before this Kustomization can be reconciled. + items: + description: NamespacedObjectReference contains enough information + to locate the referenced Kubernetes resource object in any namespace. + properties: + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. + type: string + required: + - name + type: object + type: array + force: + default: false + description: Force instructs the controller to recreate resources + when patching fails due to an immutable field change. + type: boolean + healthChecks: + description: A list of resources to be included in the health assessment. + items: + description: NamespacedObjectKindReference contains enough information + to locate the typed referenced Kubernetes resource object in any + namespace. + properties: + apiVersion: + description: API version of the referent, if not specified the + Kubernetes preferred version will be used. + type: string + kind: + description: Kind of the referent. + type: string + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. + type: string + required: + - kind + - name + type: object + type: array + images: + description: Images is a list of (image name, new name, new tag or + digest) for changing image names, tags or digests. This can also + be achieved with a patch, but this operator is simpler to specify. + items: + description: Image contains an image name, a new name, a new tag + or digest, which will replace the original name and tag. + properties: + digest: + description: Digest is the value used to replace the original + image tag. If digest is present NewTag value is ignored. + type: string + name: + description: Name is a tag-less image name. + type: string + newName: + description: NewName is the value used to replace the original + name. + type: string + newTag: + description: NewTag is the value used to replace the original + tag. + type: string + required: + - name + type: object + type: array + interval: + description: The interval at which to reconcile the Kustomization. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + kubeConfig: + description: The KubeConfig for reconciling the Kustomization on a + remote cluster. When used in combination with KustomizationSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at + the target cluster. If the --default-service-account flag is set, + its value will be used as a controller level fallback for when KustomizationSpec.ServiceAccountName + is empty. + properties: + secretRef: + description: SecretRef holds the name of a secret that contains + a key with the kubeconfig file as the value. If no key is set, + the key will default to 'value'. It is recommended that the + kubeconfig is self-contained, and the secret is regularly updated + if credentials such as a cloud-access-token expire. Cloud specific + `cmd-path` auth helpers will not function without adding binaries + and credentials to the Pod that is responsible for reconciling + Kubernetes resources. + properties: + key: + description: Key in the Secret, when not specified an implementation-specific + default key is used. + type: string + name: + description: Name of the Secret. + type: string + required: + - name + type: object + required: + - secretRef + type: object + patches: + description: Strategic merge and JSON patches, defined as inline YAML + objects, capable of targeting objects based on kind, label and annotation + selectors. + items: + description: Patch contains an inline StrategicMerge or JSON6902 + patch, and the target the patch should be applied to. + properties: + patch: + description: Patch contains an inline StrategicMerge patch or + an inline JSON6902 patch with an array of operation objects. + type: string + target: + description: Target points to the resources that the patch document + should be applied to. + properties: + annotationSelector: + description: AnnotationSelector is a string that follows + the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: Group is the API group to select resources + from. Together with Version and Kind it is capable of + unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: LabelSelector is a string that follows the + label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: Version of the API Group to select resources + from. Together with Group and Kind it is capable of unambiguously + identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + type: object + type: array + patchesJson6902: + description: 'JSON 6902 patches, defined as inline YAML objects. Deprecated: + Use Patches instead.' + items: + description: JSON6902Patch contains a JSON6902 patch and the target + the patch should be applied to. + properties: + patch: + description: Patch contains the JSON6902 patch document with + an array of operation objects. + items: + description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 + properties: + from: + description: From contains a JSON-pointer value that references + a location within the target document where the operation + is performed. The meaning of the value depends on the + value of Op, and is NOT taken into account by all operations. + type: string + op: + description: Op indicates the operation to perform. Its + value MUST be one of "add", "remove", "replace", "move", + "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + enum: + - test + - remove + - add + - replace + - move + - copy + type: string + path: + description: Path contains the JSON-pointer value that + references a location within the target document where + the operation is performed. The meaning of the value + depends on the value of Op. + type: string + value: + description: Value contains a valid JSON structure. The + meaning of the value depends on the value of Op, and + is NOT taken into account by all operations. + x-kubernetes-preserve-unknown-fields: true + required: + - op + - path + type: object + type: array + target: + description: Target points to the resources that the patch document + should be applied to. + properties: + annotationSelector: + description: AnnotationSelector is a string that follows + the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: Group is the API group to select resources + from. Together with Version and Kind it is capable of + unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: LabelSelector is a string that follows the + label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: Version of the API Group to select resources + from. Together with Group and Kind it is capable of unambiguously + identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + - target + type: object + type: array + patchesStrategicMerge: + description: 'Strategic merge patches, defined as inline YAML objects. + Deprecated: Use Patches instead.' + items: + x-kubernetes-preserve-unknown-fields: true + type: array + path: + description: Path to the directory containing the kustomization.yaml + file, or the set of plain YAMLs a kustomization.yaml should be generated + for. Defaults to 'None', which translates to the root path of the + SourceRef. + type: string + postBuild: + description: PostBuild describes which actions to perform on the YAML + manifest generated by building the kustomize overlay. + properties: + substitute: + additionalProperties: + type: string + description: Substitute holds a map of key/value pairs. The variables + defined in your YAML manifests that match any of the keys defined + in the map will be substituted with the set value. Includes + support for bash string replacement functions e.g. ${var:=default}, + ${var:position} and ${var/substring/replacement}. + type: object + substituteFrom: + description: SubstituteFrom holds references to ConfigMaps and + Secrets containing the variables and their values to be substituted + in the YAML manifests. The ConfigMap and the Secret data keys + represent the var names and they must match the vars declared + in the manifests for the substitution to happen. + items: + description: SubstituteReference contains a reference to a resource + containing the variables name and value. + properties: + kind: + description: Kind of the values referent, valid values are + ('Secret', 'ConfigMap'). + enum: + - Secret + - ConfigMap + type: string + name: + description: Name of the values referent. Should reside + in the same namespace as the referring resource. + maxLength: 253 + minLength: 1 + type: string + optional: + default: false + description: Optional indicates whether the referenced resource + must exist, or whether to tolerate its absence. If true + and the referenced resource is absent, proceed as if the + resource was present but empty, without any variables + defined. + type: boolean + required: + - kind + - name + type: object + type: array + type: object + prune: + description: Prune enables garbage collection. + type: boolean + retryInterval: + description: The interval at which to retry a previously failed reconciliation. + When not specified, the controller uses the KustomizationSpec.Interval + value to retry failures. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + serviceAccountName: + description: The name of the Kubernetes service account to impersonate + when reconciling this Kustomization. + type: string + sourceRef: + description: Reference of the source where the kustomization file + is. + properties: + apiVersion: + description: API version of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - OCIRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, defaults to the namespace + of the Kubernetes resource object that contains the reference. + type: string + required: + - kind + - name + type: object + suspend: + description: This flag tells the controller to suspend subsequent + kustomize executions, it does not apply to already started executions. + Defaults to false. + type: boolean + targetNamespace: + description: TargetNamespace sets or overrides the namespace in the + kustomization.yaml file. + maxLength: 63 + minLength: 1 + type: string + timeout: + description: Timeout for validation, apply and health checking operations. + Defaults to 'Interval' duration. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + validation: + description: 'Deprecated: Not used in v1beta2.' + enum: + - none + - client + - server + type: string + wait: + description: Wait instructs the controller to check the health of + all the reconciled resources. When enabled, the HealthChecks are + ignored. Defaults to false. + type: boolean + required: + - interval + - prune + - sourceRef + type: object + status: + default: + observedGeneration: -1 + description: KustomizationStatus defines the observed state of a kustomization. + properties: + conditions: + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + inventory: + description: Inventory contains the list of Kubernetes resource object + references that have been successfully applied. + properties: + entries: + description: Entries of Kubernetes resource object references. + items: + description: ResourceRef contains the information necessary + to locate a resource within a cluster. + properties: + id: + description: ID is the string representation of the Kubernetes + resource object's metadata, in the format '___'. + type: string + v: + description: Version is the API version of the Kubernetes + resource object's kind. + type: string + required: + - id + - v + type: object + type: array + required: + - entries + type: object + lastAppliedRevision: + description: The last successfully applied revision. The revision + format for Git sources is /. + type: string + lastAttemptedRevision: + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. + type: string + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last reconciled generation. + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + labels: + app.kubernetes.io/component: source-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: ocirepositories.source.toolkit.fluxcd.io +spec: + group: source.toolkit.fluxcd.io + names: + kind: OCIRepository + listKind: OCIRepositoryList + plural: ocirepositories + shortNames: + - ocirepo + singular: ocirepository + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + description: OCIRepository is the Schema for the ocirepositories API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OCIRepositorySpec defines the desired state of OCIRepository + properties: + certSecretRef: + description: "CertSecretRef can be given the name of a secret containing + either or both of \n - a PEM-encoded client certificate (`certFile`) + and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) + \n and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are authenticating + with a certificate; the CA cert is useful if you are using a self-signed + server certificate." + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + ignore: + description: Ignore overrides the set of excluded patterns in the + .sourceignore format (which is the same as .gitignore). If not provided, + a default will be used, consult the documentation for your version + to find out what those are. + type: string + insecure: + description: Insecure allows connecting to a non-TLS HTTP container + registry. + type: boolean + interval: + description: The interval at which to check for image updates. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + layerSelector: + description: LayerSelector specifies which layer should be extracted + from the OCI artifact. When not specified, the first layer found + in the artifact is selected. + properties: + mediaType: + description: MediaType specifies the OCI media type of the layer + which should be extracted from the OCI Artifact. The first layer + matching this type is selected. + type: string + operation: + description: Operation specifies how the selected layer should + be processed. By default, the layer compressed content is extracted + to storage. When the operation is set to 'copy', the layer compressed + content is persisted to storage as it is. + enum: + - extract + - copy + type: string + type: object + provider: + default: generic + description: The provider used for authentication, can be 'aws', 'azure', + 'gcp' or 'generic'. When not specified, defaults to 'generic'. + enum: + - generic + - aws + - azure + - gcp + type: string + ref: + description: The OCI reference to pull and monitor for changes, defaults + to the latest tag. + properties: + digest: + description: Digest is the image digest to pull, takes precedence + over SemVer. The value should be in the format 'sha256:'. + type: string + semver: + description: SemVer is the range of tags to pull selecting the + latest within the range, takes precedence over Tag. + type: string + tag: + description: Tag is the image tag to pull, defaults to latest. + type: string + type: object + secretRef: + description: SecretRef contains the secret name containing the registry + login credentials to resolve image metadata. The secret must be + of type kubernetes.io/dockerconfigjson. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + serviceAccountName: + description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount + used to authenticate the image pull if the service account has attached + pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' + type: string + suspend: + description: This flag tells the controller to suspend the reconciliation + of this source. + type: boolean + timeout: + default: 60s + description: The timeout for remote OCI Repository operations like + pulling, defaults to 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + url: + description: URL is a reference to an OCI artifact repository hosted + on a remote container registry. + pattern: ^oci://.*$ + type: string + verify: + description: Verify contains the secret name containing the trusted + public keys used to verify the signature and specifies which provider + to use to check whether OCI image is authentic. + properties: + provider: + default: cosign + description: Provider specifies the technology used to sign the + OCI Artifact. + enum: + - cosign + type: string + secretRef: + description: SecretRef specifies the Kubernetes Secret containing + the trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + required: + - interval + - url + type: object + status: + default: + observedGeneration: -1 + description: OCIRepositoryStatus defines the observed state of OCIRepository + properties: + artifact: + description: Artifact represents the output of the last successful + OCI Repository sync. + properties: + checksum: + description: Checksum is the SHA256 checksum of the Artifact file. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of the Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: Path is the relative file path of the Artifact. It + can be used to locate the file in the root of the Artifact storage + on the local file system of the controller managing the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: URL is the HTTP address of the Artifact as exposed + by the controller managing the Source. It can be used to retrieve + the Artifact for consumption, e.g. by another controller applying + the Artifact contents. + type: string + required: + - path + - url + type: object + conditions: + description: Conditions holds the conditions for the OCIRepository. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + contentConfigChecksum: + description: "ContentConfigChecksum is a checksum of all the configurations + related to the content of the source artifact: - .spec.ignore - + .spec.layerSelector observed in .status.observedGeneration version + of the object. This can be used to determine if the content configuration + has changed and the artifact needs to be rebuilt. It has the format + of `:`, for example: `sha256:`. \n Deprecated: + Replaced with explicit fields for observed artifact content config + in the status." + type: string + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + observedIgnore: + description: ObservedIgnore is the observed exclusion patterns used + for constructing the source artifact. + type: string + observedLayerSelector: + description: ObservedLayerSelector is the observed layer selector + used for constructing the source artifact. + properties: + mediaType: + description: MediaType specifies the OCI media type of the layer + which should be extracted from the OCI Artifact. The first layer + matching this type is selected. + type: string + operation: + description: Operation specifies how the selected layer should + be processed. By default, the layer compressed content is extracted + to storage. When the operation is set to 'copy', the layer compressed + content is persisted to storage as it is. + enum: + - extract + - copy + type: string + type: object + url: + description: URL is the download link for the artifact output of the + last OCI Repository sync. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + labels: + app.kubernetes.io/component: notification-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: providers.notification.toolkit.fluxcd.io +spec: + group: notification.toolkit.fluxcd.io + names: + kind: Provider + listKind: ProviderList + plural: providers + singular: provider + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Provider is the Schema for the providers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ProviderSpec defines the desired state of Provider + properties: + address: + description: HTTP/S webhook address of this provider + pattern: ^(http|https):// + type: string + certSecretRef: + description: CertSecretRef can be given the name of a secret containing + a PEM-encoded CA certificate (`caFile`) + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + channel: + description: Alert channel for this provider + type: string + proxy: + description: HTTP/S address of the proxy + pattern: ^(http|https):// + type: string + secretRef: + description: Secret reference containing the provider webhook URL + using "address" as data key + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: This flag tells the controller to suspend subsequent + events handling. Defaults to false. + type: boolean + timeout: + description: Timeout for sending alerts to the provider. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + type: + description: Type of provider + enum: + - slack + - discord + - msteams + - rocket + - generic + - generic-hmac + - github + - gitlab + - bitbucket + - azuredevops + - googlechat + - webex + - sentry + - azureeventhub + - telegram + - lark + - matrix + - opsgenie + - alertmanager + - grafana + - githubdispatch + type: string + username: + description: Bot username for this provider + type: string + required: + - type + type: object + status: + default: + observedGeneration: -1 + description: ProviderStatus defines the observed state of Provider + properties: + conditions: + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration is the last reconciled generation. + format: int64 + type: integer + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: Provider is the Schema for the providers API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ProviderSpec defines the desired state of the Provider. + properties: + address: + description: Address specifies the HTTP/S incoming webhook address + of this Provider. + maxLength: 2048 + pattern: ^(http|https)://.*$ + type: string + certSecretRef: + description: CertSecretRef specifies the Secret containing a PEM-encoded + CA certificate (`caFile`). + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + channel: + description: Channel specifies the destination channel where events + should be posted. + maxLength: 2048 + type: string + interval: + description: Interval at which to reconcile the Provider with its + Secret references. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + proxy: + description: Proxy the HTTP/S address of the proxy server. + maxLength: 2048 + pattern: ^(http|https)://.*$ + type: string + secretRef: + description: SecretRef specifies the Secret containing the authentication + credentials for this Provider. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: Suspend tells the controller to suspend subsequent events + handling for this Provider. + type: boolean + timeout: + description: Timeout for sending alerts to the Provider. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + type: + description: Type specifies which Provider implementation to use. + enum: + - slack + - discord + - msteams + - rocket + - generic + - generic-hmac + - github + - gitlab + - gitea + - bitbucket + - azuredevops + - googlechat + - webex + - sentry + - azureeventhub + - telegram + - lark + - matrix + - opsgenie + - alertmanager + - grafana + - githubdispatch + type: string + username: + description: Username specifies the name under which events are posted. + maxLength: 2048 + type: string + required: + - type + type: object + status: + default: + observedGeneration: -1 + description: ProviderStatus defines the observed state of the Provider. + properties: + conditions: + description: Conditions holds the conditions for the Provider. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last reconciled generation. + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + labels: + app.kubernetes.io/component: notification-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: receivers.notification.toolkit.fluxcd.io +spec: + group: notification.toolkit.fluxcd.io + names: + kind: Receiver + listKind: ReceiverList + plural: receivers + singular: receiver + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Receiver is the Schema for the receivers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ReceiverSpec defines the desired state of Receiver + properties: + events: + description: A list of events to handle, e.g. 'push' for GitHub or + 'Push Hook' for GitLab. + items: + type: string + type: array + resources: + description: A list of resources to be notified about changes. + items: + description: CrossNamespaceObjectReference contains enough information + to let you locate the typed referenced object at cluster level + properties: + apiVersion: + description: API version of the referent + type: string + kind: + description: Kind of the referent + enum: + - Bucket + - GitRepository + - Kustomization + - HelmRelease + - HelmChart + - HelmRepository + - ImageRepository + - ImagePolicy + - ImageUpdateAutomation + - OCIRepository + type: string + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + name: + description: Name of the referent + maxLength: 53 + minLength: 1 + type: string + namespace: + description: Namespace of the referent + maxLength: 53 + minLength: 1 + type: string + required: + - name + type: object + type: array + secretRef: + description: Secret reference containing the token used to validate + the payload authenticity + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: This flag tells the controller to suspend subsequent + events handling. Defaults to false. + type: boolean + type: + description: Type of webhook sender, used to determine the validation + procedure and payload deserialization. + enum: + - generic + - generic-hmac + - github + - gitlab + - bitbucket + - harbor + - dockerhub + - quay + - gcr + - nexus + - acr + type: string + required: + - resources + - type + type: object + status: + default: + observedGeneration: -1 + description: ReceiverStatus defines the observed state of Receiver + properties: + conditions: + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + url: + description: Generated webhook URL in the format of '/hook/sha256sum(token+name+namespace)'. + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: Receiver is the Schema for the receivers API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ReceiverSpec defines the desired state of the Receiver. + properties: + events: + description: Events specifies the list of event types to handle, e.g. + 'push' for GitHub or 'Push Hook' for GitLab. + items: + type: string + type: array + interval: + description: Interval at which to reconcile the Receiver with its + Secret references. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + resources: + description: A list of resources to be notified about changes. + items: + description: CrossNamespaceObjectReference contains enough information + to let you locate the typed referenced object at cluster level + properties: + apiVersion: + description: API version of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - Bucket + - GitRepository + - Kustomization + - HelmRelease + - HelmChart + - HelmRepository + - ImageRepository + - ImagePolicy + - ImageUpdateAutomation + - OCIRepository + type: string + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + name: + description: Name of the referent. + maxLength: 53 + minLength: 1 + type: string + namespace: + description: Namespace of the referent. + maxLength: 53 + minLength: 1 + type: string + required: + - name + type: object + type: array + secretRef: + description: SecretRef specifies the Secret containing the token used + to validate the payload authenticity. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: Suspend tells the controller to suspend subsequent events + handling for this receiver. + type: boolean + type: + description: Type of webhook sender, used to determine the validation + procedure and payload deserialization. + enum: + - generic + - generic-hmac + - github + - gitlab + - bitbucket + - harbor + - dockerhub + - quay + - gcr + - nexus + - acr + type: string + required: + - resources + - type + type: object + status: + default: + observedGeneration: -1 + description: ReceiverStatus defines the observed state of the Receiver. + properties: + conditions: + description: Conditions holds the conditions for the Receiver. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation of + the Receiver object. + format: int64 + type: integer + url: + description: 'URL is the generated incoming webhook address in the + format of ''/hook/sha256sum(token+name+namespace)''. Deprecated: + Replaced by WebhookPath.' + type: string + webhookPath: + description: WebhookPath is the generated incoming webhook address + in the format of '/hook/sha256sum(token+name+namespace)'. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: helm-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: helm-controller + namespace: flux-system +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: kustomize-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: kustomize-controller + namespace: flux-system +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: notification-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: notification-controller + namespace: flux-system +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: source-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: source-controller + namespace: flux-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: crd-controller-flux-system +rules: +- apiGroups: + - source.toolkit.fluxcd.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - kustomize.toolkit.fluxcd.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - helm.toolkit.fluxcd.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - notification.toolkit.fluxcd.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - image.toolkit.fluxcd.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - "" + resources: + - namespaces + - secrets + - configmaps + - serviceaccounts + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - configmaps/status + verbs: + - get + - update + - patch +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: cluster-reconciler-flux-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- kind: ServiceAccount + name: kustomize-controller + namespace: flux-system +- kind: ServiceAccount + name: helm-controller + namespace: flux-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: crd-controller-flux-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: crd-controller-flux-system +subjects: +- kind: ServiceAccount + name: kustomize-controller + namespace: flux-system +- kind: ServiceAccount + name: helm-controller + namespace: flux-system +- kind: ServiceAccount + name: source-controller + namespace: flux-system +- kind: ServiceAccount + name: notification-controller + namespace: flux-system +- kind: ServiceAccount + name: image-reflector-controller + namespace: flux-system +- kind: ServiceAccount + name: image-automation-controller + namespace: flux-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/component: notification-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + control-plane: controller + name: notification-controller + namespace: flux-system +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: http + selector: + app: notification-controller + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/component: source-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + control-plane: controller + name: source-controller + namespace: flux-system +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: http + selector: + app: source-controller + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/component: notification-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + control-plane: controller + name: webhook-receiver + namespace: flux-system +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: http-webhook + selector: + app: notification-controller + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/component: helm-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + control-plane: controller + name: helm-controller + namespace: flux-system +spec: + replicas: 1 + selector: + matchLabels: + app: helm-controller + template: + metadata: + annotations: + prometheus.io/port: "8080" + prometheus.io/scrape: "true" + labels: + app: helm-controller + spec: + containers: + - args: + - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ + - --watch-all-namespaces=true + - --log-level=info + - --log-encoding=json + - --enable-leader-election + env: + - name: RUNTIME_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: ghcr.io/fluxcd/helm-controller:v0.28.1 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: healthz + name: manager + ports: + - containerPort: 8080 + name: http-prom + protocol: TCP + - containerPort: 9440 + name: healthz + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz + resources: + limits: + cpu: 1000m + memory: 1Gi + requests: + cpu: 100m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /tmp + name: temp + nodeSelector: + kubernetes.io/os: linux + securityContext: + fsGroup: 1337 + serviceAccountName: helm-controller + terminationGracePeriodSeconds: 600 + volumes: + - emptyDir: {} + name: temp +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/component: kustomize-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + control-plane: controller + name: kustomize-controller + namespace: flux-system +spec: + replicas: 1 + selector: + matchLabels: + app: kustomize-controller + template: + metadata: + annotations: + prometheus.io/port: "8080" + prometheus.io/scrape: "true" + labels: + app: kustomize-controller + spec: + containers: + - args: + - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ + - --watch-all-namespaces=true + - --log-level=info + - --log-encoding=json + - --enable-leader-election + env: + - name: RUNTIME_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: ghcr.io/fluxcd/kustomize-controller:v0.32.0 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: healthz + name: manager + ports: + - containerPort: 8080 + name: http-prom + protocol: TCP + - containerPort: 9440 + name: healthz + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz + resources: + limits: + cpu: 1000m + memory: 1Gi + requests: + cpu: 100m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /tmp + name: temp + nodeSelector: + kubernetes.io/os: linux + securityContext: + fsGroup: 1337 + serviceAccountName: kustomize-controller + terminationGracePeriodSeconds: 60 + volumes: + - emptyDir: {} + name: temp +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/component: notification-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + control-plane: controller + name: notification-controller + namespace: flux-system +spec: + replicas: 1 + selector: + matchLabels: + app: notification-controller + template: + metadata: + annotations: + prometheus.io/port: "8080" + prometheus.io/scrape: "true" + labels: + app: notification-controller + spec: + containers: + - args: + - --watch-all-namespaces=true + - --log-level=info + - --log-encoding=json + - --enable-leader-election + env: + - name: RUNTIME_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: ghcr.io/fluxcd/notification-controller:v0.30.2 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: healthz + name: manager + ports: + - containerPort: 9090 + name: http + protocol: TCP + - containerPort: 9292 + name: http-webhook + protocol: TCP + - containerPort: 8080 + name: http-prom + protocol: TCP + - containerPort: 9440 + name: healthz + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz + resources: + limits: + cpu: 1000m + memory: 1Gi + requests: + cpu: 100m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /tmp + name: temp + nodeSelector: + kubernetes.io/os: linux + securityContext: + fsGroup: 1337 + serviceAccountName: notification-controller + terminationGracePeriodSeconds: 10 + volumes: + - emptyDir: {} + name: temp +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/component: source-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + control-plane: controller + name: source-controller + namespace: flux-system +spec: + replicas: 1 + selector: + matchLabels: + app: source-controller + strategy: + type: Recreate + template: + metadata: + annotations: + prometheus.io/port: "8080" + prometheus.io/scrape: "true" + labels: + app: source-controller + spec: + containers: + - args: + - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ + - --watch-all-namespaces=true + - --log-level=info + - --log-encoding=json + - --enable-leader-election + - --storage-path=/data + - --storage-adv-addr=source-controller.$(RUNTIME_NAMESPACE).svc.cluster.local. + env: + - name: RUNTIME_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: TUF_ROOT + value: /tmp/.sigstore + image: ghcr.io/fluxcd/source-controller:v0.33.0 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: healthz + name: manager + ports: + - containerPort: 9090 + name: http + protocol: TCP + - containerPort: 8080 + name: http-prom + protocol: TCP + - containerPort: 9440 + name: healthz + protocol: TCP + readinessProbe: + httpGet: + path: / + port: http + resources: + limits: + cpu: 1000m + memory: 1Gi + requests: + cpu: 50m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /data + name: data + - mountPath: /tmp + name: tmp + nodeSelector: + kubernetes.io/os: linux + securityContext: + fsGroup: 1337 + serviceAccountName: source-controller + terminationGracePeriodSeconds: 10 + volumes: + - emptyDir: {} + name: data + - emptyDir: {} + name: tmp +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: allow-egress + namespace: flux-system +spec: + egress: + - {} + ingress: + - from: + - podSelector: {} + podSelector: {} + policyTypes: + - Ingress + - Egress +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: allow-scraping + namespace: flux-system +spec: + ingress: + - from: + - namespaceSelector: {} + ports: + - port: 8080 + protocol: TCP + podSelector: {} + policyTypes: + - Ingress +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.2 + name: allow-webhooks + namespace: flux-system +spec: + ingress: + - from: + - namespaceSelector: {} + podSelector: + matchLabels: + app: notification-controller + policyTypes: + - Ingress -- 2.47.1 From 2a9811705237eb3d299903397155f0f416b2beb6 Mon Sep 17 00:00:00 2001 From: Flux <> Date: Thu, 12 Jan 2023 12:10:26 +0100 Subject: [PATCH 0618/1882] Add Flux sync manifests --- flux/olympus/base/flux-system/gotk-sync.yaml | 27 +++++++++++++++++++ .../base/flux-system/kustomization.yaml | 5 ++++ 2 files changed, 32 insertions(+) create mode 100644 flux/olympus/base/flux-system/gotk-sync.yaml create mode 100644 flux/olympus/base/flux-system/kustomization.yaml diff --git a/flux/olympus/base/flux-system/gotk-sync.yaml b/flux/olympus/base/flux-system/gotk-sync.yaml new file mode 100644 index 00000000..33247204 --- /dev/null +++ b/flux/olympus/base/flux-system/gotk-sync.yaml @@ -0,0 +1,27 @@ +# This manifest was generated by flux. DO NOT EDIT. +--- +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: GitRepository +metadata: + name: flux-system + namespace: flux-system +spec: + interval: 1m0s + ref: + branch: main + secretRef: + name: flux-system + url: ssh://gitea@git.0x76.dev:42/v/infrastructure.git +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +kind: Kustomization +metadata: + name: flux-system + namespace: flux-system +spec: + interval: 10m0s + path: ./flux/olympus/base + prune: true + sourceRef: + kind: GitRepository + name: flux-system diff --git a/flux/olympus/base/flux-system/kustomization.yaml b/flux/olympus/base/flux-system/kustomization.yaml new file mode 100644 index 00000000..3842229e --- /dev/null +++ b/flux/olympus/base/flux-system/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- gotk-components.yaml +- gotk-sync.yaml -- 2.47.1 From 62e3003cef9f3c77f34acaa4a2fa5b44aaa4561c Mon Sep 17 00:00:00 2001 From: Flux <> Date: Thu, 12 Jan 2023 14:14:14 +0100 Subject: [PATCH 0619/1882] Add Flux v0.38.2 component manifests -- 2.47.1 From 651bcd0e484ce85f95b1e8f8119f403899fef1e4 Mon Sep 17 00:00:00 2001 From: Flux <> Date: Thu, 12 Jan 2023 14:14:50 +0100 Subject: [PATCH 0620/1882] Add Flux sync manifests -- 2.47.1 From e3596a9aa235469e59d5b66922cc824a3428f0f3 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 12 Jan 2023 14:16:56 +0100 Subject: [PATCH 0621/1882] deploy k3s --- flake.lock | 36 +++++++-------- flux/README.md | 10 ++--- flux/bootstrap.sh | 2 - flux/olympus/base/.gitkeep | 0 .../olympus/kubernetes/configuration.nix | 44 +++++-------------- 5 files changed, 32 insertions(+), 60 deletions(-) delete mode 100755 flux/bootstrap.sh delete mode 100644 flux/olympus/base/.gitkeep diff --git a/flake.lock b/flake.lock index 56dff22e..1394b3f0 100644 --- a/flake.lock +++ b/flake.lock @@ -470,11 +470,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1673295979, - "narHash": "sha256-8x+awd811HWf3ipRq680WZhaU6UUjCjyJj8PgCEMgoo=", + "lastModified": 1673460918, + "narHash": "sha256-vL9AhYPCMP1/8va2pdmLn0vmCdsxbgYSSQHm4kaQjHs=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "20a1a47e665da336a87caa3036682bd142aa02b8", + "rev": "11afb660102198abb1e74fffdffd00f8c1a11cd9", "type": "github" }, "original": { @@ -741,11 +741,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1673336835, - "narHash": "sha256-HMJ/Nt3+0MtgKfPfJSrC3/6yVAPQvZgv/7V9b49dG/c=", + "lastModified": 1673440569, + "narHash": "sha256-FQ5o0yI+MH9MgfseeGDsVIIpIqv3BCgq+0NzncuZ9Zo=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "df029cfefc7494b399966cbb6b4fd692fa294fa3", + "rev": "88016c96c3c338aa801695cdd9f186820bcfe4d6", "type": "github" }, "original": { @@ -806,11 +806,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1673296385, - "narHash": "sha256-zlDgiHh0k1GtB8g6wrBzWBDZIBoCNYXfI5+qWE5Rrjk=", + "lastModified": 1673435251, + "narHash": "sha256-slcWQtwJBLprSvNODsH/CkpjV7Hx/ByMGkuGmBr65Bw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "92c151047e978f2e6abc809c20fb701b5b2d78b0", + "rev": "0abc5480edcab69f26e1bdd5f7ee82890cfe273f", "type": "github" }, "original": { @@ -860,11 +860,11 @@ ] }, "locked": { - "lastModified": 1673354542, - "narHash": "sha256-T6U/1QQ1Pp1Y94SI5DuZCDTSWigQDSV7KV4fRw1/0Fc=", + "lastModified": 1673442259, + "narHash": "sha256-Ajoab7w4Hu+j9vUUPDmuXJF+7E4hOJqzzTr74tyUm9c=", "owner": "pta2002", "repo": "nixvim", - "rev": "02f28c7b48b7ae6a7304b3d3bc649c25fb26817a", + "rev": "9aec0f9275f1a9d2076d5b97d69358da0bb1c5c9", "type": "github" }, "original": { @@ -875,11 +875,11 @@ }, "nur": { "locked": { - "lastModified": 1673362655, - "narHash": "sha256-pPp/Xzae8sVkzNrZK7nWKQyunelF6aw2AfmzR2lRDzI=", + "lastModified": 1673500866, + "narHash": "sha256-MrzvPUnCqtt6G43DcBDU0O+cnB0lhH9btZIIZnjYAJ8=", "owner": "nix-community", "repo": "NUR", - "rev": "bf8b8390f15f9bcfbb46b540e17ed5e6eb4ed4ec", + "rev": "619e73b02a9a539a2449e5384c6d4c5863f3c5aa", "type": "github" }, "original": { @@ -1139,11 +1139,11 @@ ] }, "locked": { - "lastModified": 1670854711, - "narHash": "sha256-bZzuX0r5xVzthPueKuCMHbIFni30eVxS6JOwYuJMkoI=", + "lastModified": 1673428169, + "narHash": "sha256-b6y1bjIchI9FNDXTgyFT1FVHIhgrnbFhBEvyPCSt/kI=", "owner": "serokell", "repo": "vault-secrets", - "rev": "f901160d11a41bc9930f8e1ad9ce7bcafd8a4eed", + "rev": "e20e124551d1ab2f9445033e0596e9daf7d23b5e", "type": "github" }, "original": { diff --git a/flux/README.md b/flux/README.md index 948ec850..252502d8 100644 --- a/flux/README.md +++ b/flux/README.md @@ -1,12 +1,10 @@ # Kubernetes Cluster This is my personal Kubernetes Cluster. [Flux] watches this git repo and reconciles and changes made to the cluster. -## Directory structure -The main directory is `cluster`, it contains the following subdirectories in the order that flux will apply them: -* **base**: the entrypoint for Flux -* **crds**: contains the CRDs that are needed for anything running in the cluster, these get applied earlier to make sure they exist -* **core**: important core infrastructure applications, grouped by namespace, that should never be pruned -* **apps**: common applications that are allowed to be pruned by flux +## Bootstrap +```sh +flux bootstrap git --url ssh://gitea@git.0x76.dev:42/v/infrastructure.git --branch=main --path=flux/olympus/base --ssh-key-algorithm=ed25519 +``` ## References Heavily inspired by: [onedr0p's cluster](https://github.com/onedr0p/home-cluster) diff --git a/flux/bootstrap.sh b/flux/bootstrap.sh deleted file mode 100755 index 165e7a9e..00000000 --- a/flux/bootstrap.sh +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -flux bootstrap git --url=ssh://gitea@git.0x76.dev:42/v/infrastructure.git --branch=main --path=flux/cluster/base/ --ssh-key-algorithm=ed25519 diff --git a/flux/olympus/base/.gitkeep b/flux/olympus/base/.gitkeep deleted file mode 100644 index e69de29b..00000000 diff --git a/nixos/hosts/olympus/kubernetes/configuration.nix b/nixos/hosts/olympus/kubernetes/configuration.nix index 1d0bc6c9..a241cb2d 100644 --- a/nixos/hosts/olympus/kubernetes/configuration.nix +++ b/nixos/hosts/olympus/kubernetes/configuration.nix @@ -1,39 +1,15 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, hosts, ... }: -let - kubeMasterIP = config.deployment.targetHost; # TODO: set more reliably - kubeMasterHostname = - "${config.networking.hostName}.${config.networking.domain}"; - kubeMasterAPIServerPort = 6443; -in { - # resolve master hostname always - networking.extraHosts = "${kubeMasterIP} ${kubeMasterHostname}"; - +{ config, pkgs, hosts, ... }: { # packages for administration tasks - environment.systemPackages = with pkgs; [ kompose kubectl kubernetes k9s ]; + environment.systemPackages = with pkgs; [ kompose kubectl k9s k3s ]; - # Kubernetes itself - services.kubernetes = { - roles = [ "master" "node" ]; - masterAddress = kubeMasterHostname; - apiserverAddress = - "https://${kubeMasterHostname}:${toString kubeMasterAPIServerPort}"; - easyCerts = true; - apiserver = { - securePort = kubeMasterAPIServerPort; - advertiseAddress = kubeMasterIP; - }; - - # use coredns - addons.dns.enable = true; - - # needed if you use swap - kubelet.extraOpts = "--fail-swap-on=false"; + services.k3s = { + enable = true; + role = "server"; + extraFlags = toString [ + # "--kubelet-arg=v=4" # Optionally add additional args to k3s + "--cluster-cidr 10.24.0.0/16" + ]; }; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave @@ -42,5 +18,5 @@ in { # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.05"; # Did you read the comment? - networking.firewall.allowedTCPPorts = [ ]; + networking.firewall.enable = false; } -- 2.47.1 From b5309a7f33d97c0d8c588aea371f3d095d2393ed Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 15 Jan 2023 13:34:09 +0100 Subject: [PATCH 0622/1882] mongo bs --- flake.lock | 17 +++++++++++++++++ flake.nix | 10 ++++++++++ nixos/hosts/olympus/unifi/configuration.nix | 5 ++++- 3 files changed, 31 insertions(+), 1 deletion(-) diff --git a/flake.lock b/flake.lock index 1394b3f0..979cf2c6 100644 --- a/flake.lock +++ b/flake.lock @@ -820,6 +820,22 @@ "type": "github" } }, + "nixpkgs_22-11": { + "locked": { + "lastModified": 1610695443, + "narHash": "sha256-WYODk5uqLcdyhXHXApJgP5u9oWCqDzB85UNJxwIONcM=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "872973d7d1a71570dee1e9c1114e13a072bf3ffc", + "type": "github" + }, + "original": { + "owner": "nixos", + "repo": "nixpkgs", + "rev": "872973d7d1a71570dee1e9c1114e13a072bf3ffc", + "type": "github" + } + }, "nixpkgs_3": { "locked": { "lastModified": 1632864508, @@ -994,6 +1010,7 @@ "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_2", + "nixpkgs_22-11": "nixpkgs_22-11", "nixvim": "nixvim", "nur": "nur", "riff": "riff", diff --git a/flake.nix b/flake.nix index 1499a9c6..3e8e326a 100644 --- a/flake.nix +++ b/flake.nix @@ -7,6 +7,7 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; + nixpkgs_22-11.url = "github:nixos/nixpkgs/872973d7d1a71570dee1e9c1114e13a072bf3ffc"; nur.url = "github:nix-community/NUR"; @@ -52,6 +53,7 @@ outputs = { self , nixpkgs + , nixpkgs_22-11 , vault-secrets , minecraft-servers , colmena @@ -92,6 +94,14 @@ ]; }; + pkgs_22-11 = import nixpkgs_22-11 { + inherit system; + config.allowUnfree = true; + }; + + # Define args each module gets access to (access to hosts is useful for DNS/DHCP) + specialArgs = { inherit hosts flat_hosts inputs pkgs_22-11; }; + # Script to apply local colmena deployments apply-local = pkgs.writeShellScriptBin "apply-local" '' "${ diff --git a/nixos/hosts/olympus/unifi/configuration.nix b/nixos/hosts/olympus/unifi/configuration.nix index b7cb490b..f9d63b54 100644 --- a/nixos/hosts/olympus/unifi/configuration.nix +++ b/nixos/hosts/olympus/unifi/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, lib, ... }: +{ config, pkgs, lib, pkgs_22-11, ... }: { imports = [ ]; @@ -25,6 +25,9 @@ services.unifi = { enable = true; unifiPackage = pkgs.unifi; + # /nix/store/wlk5idiz9kqkans7j3vxp7bgg03xc2c6-mongodb-3.6.13/bin/mongod --noauth --dbpath /var/lib/unifi/data/db --journal + # https://www.reddit.com/r/UNIFI/comments/lpwpyk/unifi_controller_any_version_mongodb_36_nearing/ + mongodbPackage = pkgs_22-11.mongodb-3_6; # TODO: Upgrade 3.6 to 4.2 openFirewall = true; }; } -- 2.47.1 From ea29654efcb94f1702427a8d95b10abf7f4118c2 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 15 Jan 2023 13:35:37 +0100 Subject: [PATCH 0623/1882] fix merge error --- flake.nix | 4 ---- 1 file changed, 4 deletions(-) diff --git a/flake.nix b/flake.nix index 3e8e326a..e58608e8 100644 --- a/flake.nix +++ b/flake.nix @@ -78,10 +78,6 @@ # Filter out all non-nixos hosts nixHosts = util.filter_nix_hosts flat_hosts; - # Define args each module gets access to (access to hosts is useful for DNS/DHCP) - specialArgs = { - inherit hosts flat_hosts inputs; - }; pkgs = import nixpkgs { inherit system; overlays = [ -- 2.47.1 From 08f37f5d0f395b84bef635782a8226ab421ff806 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 15 Jan 2023 19:31:14 +0100 Subject: [PATCH 0624/1882] fix unifi --- flake.lock | 133 ++++++-------------- flake.nix | 12 +- flux/olympus/apps/kustomization.yaml | 3 + flux/olympus/base/apps.yaml | 15 +++ nixos/hosts/olympus/unifi/configuration.nix | 6 +- nixos/hosts/thalassa/aoife/home/default.nix | 2 +- nixos/hosts/thalassa/null/home/default.nix | 2 +- 7 files changed, 66 insertions(+), 107 deletions(-) create mode 100644 flux/olympus/apps/kustomization.yaml create mode 100644 flux/olympus/base/apps.yaml diff --git a/flake.lock b/flake.lock index 979cf2c6..b81dcc16 100644 --- a/flake.lock +++ b/flake.lock @@ -48,7 +48,7 @@ "nixpkgs" ], "poetry2nix": "poetry2nix", - "utils": "utils_5" + "utils": "utils_4" }, "locked": { "lastModified": 1669854260, @@ -114,11 +114,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1670543350, - "narHash": "sha256-JMYwGa2nJPInuVuYbR3XSGUJewTDyeoTDQaALydduko=", + "lastModified": 1673735094, + "narHash": "sha256-eshv1LSazs/RAeEn6AaTr8bMVkNDQa0/q8PWrO/CmOk=", "owner": "nix-community", "repo": "comma", - "rev": "1b07c19774129ebce3af846fb571e1c0b97f24a3", + "rev": "b99c7130d20cdf53a663ffcdd76359c9bec5aecb", "type": "github" }, "original": { @@ -350,21 +350,6 @@ } }, "flake-utils_2": { - "locked": { - "lastModified": 1644229661, - "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_3": { "locked": { "lastModified": 1667395993, "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", @@ -379,7 +364,7 @@ "type": "github" } }, - "flake-utils_4": { + "flake-utils_3": { "locked": { "lastModified": 1631561581, "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=", @@ -449,11 +434,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1673343300, - "narHash": "sha256-5Xdj6kpXYMie0MlnGwqK5FaMdsedxvyuakWtyKB3zaQ=", + "lastModified": 1673737886, + "narHash": "sha256-hNTqD0uIgpbtTI2Nuj/Q1lEFOOdZqqXpxoc8rMno2F0=", "owner": "nix-community", "repo": "home-manager", - "rev": "176e455371a8371586e8a3ff0d56ee9f3ca2324e", + "rev": "2827b5306462d91edec16a3d069b2d6e54c3079f", "type": "github" }, "original": { @@ -470,11 +455,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1673460918, - "narHash": "sha256-vL9AhYPCMP1/8va2pdmLn0vmCdsxbgYSSQHm4kaQjHs=", + "lastModified": 1673725528, + "narHash": "sha256-mgJd3fKzUcO96IcaNpM9WJY60N+2oATp5AqgWFwm3c8=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "11afb660102198abb1e74fffdffd00f8c1a11cd9", + "rev": "b5b436e01ddb5d5200f55be3deed8f4fade0574c", "type": "github" }, "original": { @@ -511,11 +496,11 @@ ] }, "locked": { - "lastModified": 1672925969, - "narHash": "sha256-d94BZH6gJ6s3GmudyKc4XleARpLnYkxhxa6YMb7yKAw=", + "lastModified": 1673799209, + "narHash": "sha256-GMRM1IyIuDEzjEw5E4zWI/TCg3zWs65v86NuR+BAtW0=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "50852e531987d20c432122fbec7f1f089bc2dc09", + "rev": "f77a664e9d168fb7b332ede9db4a3e35a46dd6c5", "type": "github" }, "original": { @@ -579,27 +564,6 @@ "type": "gitlab" } }, - "minecraft-servers": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ], - "utils": "utils_4" - }, - "locked": { - "lastModified": 1672621843, - "narHash": "sha256-Bl2yNHv+5s3eSf5i6icb6seKAwk3AV+iXqx1KWFtX0s=", - "owner": "jyooru", - "repo": "nix-minecraft-servers", - "rev": "516bb060d630dc1aff23a6cb9493399a937887af", - "type": "github" - }, - "original": { - "owner": "jyooru", - "repo": "nix-minecraft-servers", - "type": "github" - } - }, "naersk": { "inputs": { "nixpkgs": [ @@ -741,11 +705,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1673440569, - "narHash": "sha256-FQ5o0yI+MH9MgfseeGDsVIIpIqv3BCgq+0NzncuZ9Zo=", + "lastModified": 1673803274, + "narHash": "sha256-zaJDlHFXewT4KUsidMpRcPE+REymGH1Y3Eoc3Pjv4Xs=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "88016c96c3c338aa801695cdd9f186820bcfe4d6", + "rev": "7bd6b87b3712e68007823e8dd5c37ee9b114fee3", "type": "github" }, "original": { @@ -757,11 +721,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1672791794, - "narHash": "sha256-mqGPpGmwap0Wfsf3o2b6qHJW1w2kk/I6cGCGIU+3t6o=", + "lastModified": 1673540789, + "narHash": "sha256-xqnxBOK3qctIeUVxecydrEDbEXjsvHCPGPbvsl63M/U=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9813adc7f7c0edd738c6bdd8431439688bb0cb3d", + "rev": "0f213d0fee84280d8c3a97f7469b988d6fe5fcdf", "type": "github" }, "original": { @@ -806,33 +770,33 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1673435251, - "narHash": "sha256-slcWQtwJBLprSvNODsH/CkpjV7Hx/ByMGkuGmBr65Bw=", + "lastModified": 1673631141, + "narHash": "sha256-AprpYQ5JvLS4wQG/ghm2UriZ9QZXvAwh1HlgA/6ZEVQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0abc5480edcab69f26e1bdd5f7ee82890cfe273f", + "rev": "befc83905c965adfd33e5cae49acb0351f6e0404", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable-small", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_22-11": { "locked": { - "lastModified": 1610695443, - "narHash": "sha256-WYODk5uqLcdyhXHXApJgP5u9oWCqDzB85UNJxwIONcM=", + "lastModified": 1673704454, + "narHash": "sha256-5Wdj1MgdOgn3+dMFIBtg+IAYZApjF8JzwLWDPieg0C4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "872973d7d1a71570dee1e9c1114e13a072bf3ffc", + "rev": "a83ed85c14fcf242653df6f4b0974b7e1c73c6c6", "type": "github" }, "original": { "owner": "nixos", + "ref": "nixos-22.11", "repo": "nixpkgs", - "rev": "872973d7d1a71570dee1e9c1114e13a072bf3ffc", "type": "github" } }, @@ -870,17 +834,17 @@ "nixvim": { "inputs": { "beautysh": "beautysh", - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils_2", "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1673442259, - "narHash": "sha256-Ajoab7w4Hu+j9vUUPDmuXJF+7E4hOJqzzTr74tyUm9c=", + "lastModified": 1673606904, + "narHash": "sha256-vK4dCZEwsetub7FLu+IpD2Ro6pMzifPBPPQutfZcxsY=", "owner": "pta2002", "repo": "nixvim", - "rev": "9aec0f9275f1a9d2076d5b97d69358da0bb1c5c9", + "rev": "b9a4f0ca19201cbc2e6c583f3f3a269fe1a6314f", "type": "github" }, "original": { @@ -891,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1673500866, - "narHash": "sha256-MrzvPUnCqtt6G43DcBDU0O+cnB0lhH9btZIIZnjYAJ8=", + "lastModified": 1673804748, + "narHash": "sha256-nOoQBoPgqUHLKcrDzAjErPTefelsxW7VRNCdAJ/Lr7s=", "owner": "nix-community", "repo": "NUR", - "rev": "619e73b02a9a539a2449e5384c6d4c5863f3c5aa", + "rev": "4d2c70498900a21eace533a5427191c53963b9d7", "type": "github" }, "original": { @@ -1006,7 +970,6 @@ "hyprland": "hyprland", "hyprpaper": "hyprpaper", "mailserver": "mailserver", - "minecraft-servers": "minecraft-servers", "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_2", @@ -1114,24 +1077,6 @@ } }, "utils_4": { - "inputs": { - "flake-utils": "flake-utils_2" - }, - "locked": { - "lastModified": 1657226504, - "narHash": "sha256-GIYNjuq4mJlFgqKsZ+YrgzWm0IpA4axA3MCrdKYj7gs=", - "owner": "gytis-ivaskevicius", - "repo": "flake-utils-plus", - "rev": "2bf0f91643c2e5ae38c1b26893ac2927ac9bd82a", - "type": "github" - }, - "original": { - "owner": "gytis-ivaskevicius", - "repo": "flake-utils-plus", - "type": "github" - } - }, - "utils_5": { "locked": { "lastModified": 1667395993, "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", @@ -1149,7 +1094,7 @@ "vault-secrets": { "inputs": { "flake-compat": "flake-compat_4", - "flake-utils": "flake-utils_4", + "flake-utils": "flake-utils_3", "nix": "nix", "nixpkgs": [ "nixpkgs" @@ -1209,11 +1154,11 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1671183014, - "narHash": "sha256-oMWT5Zbe/3HFINAk38jNVxiZ4PCYvPJj2Jo4iiyBtm0=", + "lastModified": 1672824257, + "narHash": "sha256-SbYoZj57VlopTzI+OSW9jlgYxN1gI1KLg/s/HV+87eE=", "owner": "wlroots", "repo": "wlroots", - "rev": "dc7cc98cf21a8dc19ab8895505500e3700646af0", + "rev": "5f264a7d6c8af27d41ff440c05262b022c055593", "type": "gitlab" }, "original": { diff --git a/flake.nix b/flake.nix index e58608e8..fd406c78 100644 --- a/flake.nix +++ b/flake.nix @@ -5,9 +5,12 @@ # * https://github.com/serokell/pegasus-infra/blob/master/flake.nix # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix + # For minecraft use: + # * https://github.com/Infinidoge/nix-minecraft + inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; - nixpkgs_22-11.url = "github:nixos/nixpkgs/872973d7d1a71570dee1e9c1114e13a072bf3ffc"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs_22-11.url = "github:nixos/nixpkgs/nixos-22.11"; nur.url = "github:nix-community/NUR"; @@ -17,9 +20,6 @@ vault-secrets.url = "github:serokell/vault-secrets"; vault-secrets.inputs.nixpkgs.follows = "nixpkgs"; - minecraft-servers.url = "github:jyooru/nix-minecraft-servers"; - minecraft-servers.inputs.nixpkgs.follows = "nixpkgs"; - home-manager.url = "github:nix-community/home-manager"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; @@ -55,7 +55,6 @@ , nixpkgs , nixpkgs_22-11 , vault-secrets - , minecraft-servers , colmena , home-manager , hyprpaper @@ -83,7 +82,6 @@ overlays = [ (import ./nixos/pkgs) vault-secrets.overlay - minecraft-servers.overlays.default hyprpaper.overlays.default hyprland.overlays.default nur.overlay diff --git a/flux/olympus/apps/kustomization.yaml b/flux/olympus/apps/kustomization.yaml new file mode 100644 index 00000000..b83b23e5 --- /dev/null +++ b/flux/olympus/apps/kustomization.yaml @@ -0,0 +1,3 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: [] diff --git a/flux/olympus/base/apps.yaml b/flux/olympus/base/apps.yaml new file mode 100644 index 00000000..ea630d9c --- /dev/null +++ b/flux/olympus/base/apps.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +kind: Kustomization +metadata: + name: apps + namespace: flux-system +spec: + interval: 10m0s + dependsOn: + - name: core + path: ./flux/olympus/apps + prune: true + sourceRef: + kind: GitRepository + name: flux-system diff --git a/nixos/hosts/olympus/unifi/configuration.nix b/nixos/hosts/olympus/unifi/configuration.nix index f9d63b54..d68f0f66 100644 --- a/nixos/hosts/olympus/unifi/configuration.nix +++ b/nixos/hosts/olympus/unifi/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, lib, pkgs_22-11, ... }: +{ config, pkgs, lib, ... }: { imports = [ ]; @@ -25,9 +25,7 @@ services.unifi = { enable = true; unifiPackage = pkgs.unifi; - # /nix/store/wlk5idiz9kqkans7j3vxp7bgg03xc2c6-mongodb-3.6.13/bin/mongod --noauth --dbpath /var/lib/unifi/data/db --journal - # https://www.reddit.com/r/UNIFI/comments/lpwpyk/unifi_controller_any_version_mongodb_36_nearing/ - mongodbPackage = pkgs_22-11.mongodb-3_6; # TODO: Upgrade 3.6 to 4.2 + mongodbPackage = pkgs.mongodb-4_2; openFirewall = true; }; } diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index 394f1156..5ddf8b2c 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -86,7 +86,7 @@ in { userName = "Victor"; userEmail = "victor@xirion.net"; lfs.enable = true; - delta.enable = true; + # delta.enable = true; extraConfig = { push.autoSetupRemote = true; init.defaultBranch = "main"; diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 1b03ec67..9e9dc39a 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -102,7 +102,7 @@ in { userName = "Victor"; userEmail = "victor@xirion.net"; lfs.enable = true; - delta.enable = true; + # delta.enable = true; extraConfig = { push.autoSetupRemote = true; init.defaultBranch = "main"; -- 2.47.1 From a150103a0b696fc262e28156f6df55b06af5ecda Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 16 Jan 2023 15:22:02 +0100 Subject: [PATCH 0625/1882] deploy dex --- flake.lock | 24 +++---- nixos/hosts/olympus/default.nix | 6 +- nixos/hosts/olympus/dex/configuration.nix | 69 +++++++++++++++++++++ nixos/hosts/olympus/nginx/configuration.nix | 1 + nixos/hosts/olympus/unifi/configuration.nix | 3 - 5 files changed, 87 insertions(+), 16 deletions(-) create mode 100644 nixos/hosts/olympus/dex/configuration.nix diff --git a/flake.lock b/flake.lock index b81dcc16..410cffff 100644 --- a/flake.lock +++ b/flake.lock @@ -434,11 +434,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1673737886, - "narHash": "sha256-hNTqD0uIgpbtTI2Nuj/Q1lEFOOdZqqXpxoc8rMno2F0=", + "lastModified": 1673815682, + "narHash": "sha256-zG7Rroki+89poCTr1D8BM/wTCl+DZJvU4IUE+5hxG7U=", "owner": "nix-community", "repo": "home-manager", - "rev": "2827b5306462d91edec16a3d069b2d6e54c3079f", + "rev": "3e42035fc013ed4d8af6ee8dc0079c0c551c45a5", "type": "github" }, "original": { @@ -455,11 +455,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1673725528, - "narHash": "sha256-mgJd3fKzUcO96IcaNpM9WJY60N+2oATp5AqgWFwm3c8=", + "lastModified": 1673811538, + "narHash": "sha256-dzaXvah1Qm8OeopF2lbS8ohhIGbGBx6kVY/W657qJdk=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "b5b436e01ddb5d5200f55be3deed8f4fade0574c", + "rev": "040e99fd174e46614e9dc37a77bad67b930ac5e9", "type": "github" }, "original": { @@ -786,11 +786,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1673704454, - "narHash": "sha256-5Wdj1MgdOgn3+dMFIBtg+IAYZApjF8JzwLWDPieg0C4=", + "lastModified": 1673800717, + "narHash": "sha256-SFHraUqLSu5cC6IxTprex/nTsI81ZQAtDvlBvGDWfnA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a83ed85c14fcf242653df6f4b0974b7e1c73c6c6", + "rev": "2f9fd351ec37f5d479556cd48be4ca340da59b8f", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1673804748, - "narHash": "sha256-nOoQBoPgqUHLKcrDzAjErPTefelsxW7VRNCdAJ/Lr7s=", + "lastModified": 1673874395, + "narHash": "sha256-bIMqmL3iUt4EyoqsYAipDB6Xa5Pqvu9cwGIF5XgpVq4=", "owner": "nix-community", "repo": "NUR", - "rev": "4d2c70498900a21eace533a5427191c53963b9d7", + "rev": "8cd0467d8f5399d83e0bfd381dafd1cd124c9545", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index aaeb6b57..d08fa6a9 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -47,14 +47,18 @@ ip = "10.42.42.10"; mac = "6E:A5:25:99:FE:68"; }; + "dex" = { + ip = "10.42.42.11"; + mac = "AE:66:7B:FA:15:72"; + }; "WoolooTV" = { ip = "10.42.42.13"; mac = "74:40:be:48:85:a4"; nix = false; }; "outline" = { - mac = "52:13:EB:FD:87:F0"; ip = "10.42.42.14"; + mac = "52:13:EB:FD:87:F0"; }; "dns-1" = { profile = "dns"; diff --git a/nixos/hosts/olympus/dex/configuration.nix b/nixos/hosts/olympus/dex/configuration.nix new file mode 100644 index 00000000..37ff572e --- /dev/null +++ b/nixos/hosts/olympus/dex/configuration.nix @@ -0,0 +1,69 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: +let + vs = config.vault-secrets.secrets; + db_user = "dex"; + db_name = "dex"; +in { + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.05"; # Did you read the comment? + + networking.firewall.allowedTCPPorts = [ 5556 ]; + + services.postgresql = { + enable = true; + package = pkgs.postgresql_15; + ensureDatabases = [ db_name ]; + ensureUsers = [{ + name = db_user; + ensurePermissions = { + "DATABASE ${db_name}" = "ALL PRIVILEGES"; + "schema public" = "ALL"; + }; + }]; + }; + + vault-secrets.secrets.dex = { }; + + services.dex = { + enable = true; + settings = { + issuer = "https://dex.0x76.dev"; + storage = { + type = "postgres"; + config = { + host = "/var/run/postgresql"; + user = db_user; + database = db_name; + }; + }; + web.http = "0.0.0.0:5556"; + + connectors = [ + { + type = "gitea"; + id = "gitea"; + name = "Gitea"; + config = { + clientID = "$GITEA_CLIENT_ID"; + clientSecret = "$GITEA_CLIENT_SECRET"; + redirectURI = "https://dex.0x76.dev/callback"; + baseURL = "https://git.0x76.dev"; + }; + } + ]; + }; + + environmentFile = "${vs.dex}/environment"; + }; +} diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 6d4928f6..70fc2037 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -55,6 +55,7 @@ in { virtualHosts."id.0x76.dev" = proxy "http://keycloak.olympus:80"; virtualHosts."ntfy.0x76.dev" = proxy "http://ntfy.olympus:80"; virtualHosts."ci.0x76.dev" = proxy "http://woodpecker.olympus:8000"; + virtualHosts."dex.0x76.dev" = proxy "http://dex.olympus:5556"; virtualHosts."pass.0x76.dev" = { enableACME = true; forceSSL = true; diff --git a/nixos/hosts/olympus/unifi/configuration.nix b/nixos/hosts/olympus/unifi/configuration.nix index d68f0f66..5a0adb17 100644 --- a/nixos/hosts/olympus/unifi/configuration.nix +++ b/nixos/hosts/olympus/unifi/configuration.nix @@ -15,9 +15,6 @@ # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "21.11"; # Did you read the comment? - # Additional packages - environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ 8443 ]; environment.noXlibs = lib.mkForce false; -- 2.47.1 From d1a61a0f28f551e15aa8331bbd672cc9648f47e3 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 16 Jan 2023 16:01:34 +0100 Subject: [PATCH 0626/1882] replace keycloak with dex --- nixos/hosts/olympus/default.nix | 5 +- nixos/hosts/olympus/dex/configuration.nix | 31 +++++++----- .../hosts/olympus/keycloak/configuration.nix | 47 ------------------- .../olympus/mailserver/configuration.nix | 4 -- nixos/hosts/olympus/nginx/configuration.nix | 1 - nixos/hosts/olympus/outline/configuration.nix | 14 +++--- 6 files changed, 25 insertions(+), 77 deletions(-) delete mode 100644 nixos/hosts/olympus/keycloak/configuration.nix diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index d08fa6a9..3c8c7ce2 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -123,10 +123,7 @@ ip = "10.42.42.28"; mac = "9E:86:D3:46:EE:AE"; }; - "keycloak" = { - ip = "10.42.42.29"; - mac = "A6:09:1D:A8:81:28"; - }; + # 10.42.42.29 "vault-1" = { ip = "10.42.42.30"; mac = "26:69:0E:7C:B3:79"; diff --git a/nixos/hosts/olympus/dex/configuration.nix b/nixos/hosts/olympus/dex/configuration.nix index 37ff572e..8d030c84 100644 --- a/nixos/hosts/olympus/dex/configuration.nix +++ b/nixos/hosts/olympus/dex/configuration.nix @@ -49,19 +49,24 @@ in { }; web.http = "0.0.0.0:5556"; - connectors = [ - { - type = "gitea"; - id = "gitea"; - name = "Gitea"; - config = { - clientID = "$GITEA_CLIENT_ID"; - clientSecret = "$GITEA_CLIENT_SECRET"; - redirectURI = "https://dex.0x76.dev/callback"; - baseURL = "https://git.0x76.dev"; - }; - } - ]; + connectors = [{ + type = "gitea"; + id = "gitea"; + name = "Gitea"; + config = { + clientID = "$GITEA_CLIENT_ID"; + clientSecret = "$GITEA_CLIENT_SECRET"; + redirectURI = "https://dex.0x76.dev/callback"; + baseURL = "https://git.0x76.dev"; + }; + }]; + + staticClients = [{ + id = "outline"; + name = "Outline"; + redirectURIs = [ "https://outline.0x76.dev/auth/oidc.callback" ]; + secretEnv = "OUTLINE_CLIENT_SECRET"; + }]; }; environmentFile = "${vs.dex}/environment"; diff --git a/nixos/hosts/olympus/keycloak/configuration.nix b/nixos/hosts/olympus/keycloak/configuration.nix deleted file mode 100644 index 9e82947d..00000000 --- a/nixos/hosts/olympus/keycloak/configuration.nix +++ /dev/null @@ -1,47 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, lib, ... }: -let vs = config.vault-secrets.secrets; in -{ - imports = [ ]; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "22.11"; # Did you read the comment? - - # Additional packages - environment.systemPackages = with pkgs; [ ]; - - networking.firewall.allowedTCPPorts = [ - config.services.keycloak.settings.http-port - ]; - - environment.noXlibs = lib.mkForce false; - - vault-secrets.secrets.keycloak = { }; - - # If loadCredential doesn't work: - # https://github.com/NixOS/nixpkgs/issues/157449#issuecomment-1208501368 - # also check: systemd 252 got more strict about how exactly the filesystems need to be set up for credentials to work properly - services.keycloak = { - enable = true; - database = { - type = "postgresql"; - host = "localhost"; - createLocally = true; - passwordFile = "${vs.keycloak}/databasePassword"; - }; - settings = { - hostname = "id.0x76.dev"; - proxy = "edge"; - hostname-strict-backchannel = true; - }; - }; - -} diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index 220402cc..754a88ed 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -43,10 +43,6 @@ let vs = config.vault-secrets.secrets; in aliases = [ "lau@meowy.tech" ]; }; # Services - "keycloak@0x76.dev" = { - hashedPasswordFile = "${vs.mailserver}/keycloak@0x76.dev"; - sendOnly = true; - }; "gitea@0x76.dev" = { hashedPasswordFile = "${vs.mailserver}/gitea@0x76.dev"; sendOnly = true; diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 70fc2037..8f18d64b 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -52,7 +52,6 @@ in { virtualHosts."o.0x76.dev" = proxy "http://minio.olympus:9000"; virtualHosts."grafana.0x76.dev" = proxy "http://victoriametrics.olympus:2342"; virtualHosts."outline.0x76.dev" = proxy "http://outline.olympus:3000"; - virtualHosts."id.0x76.dev" = proxy "http://keycloak.olympus:80"; virtualHosts."ntfy.0x76.dev" = proxy "http://ntfy.olympus:80"; virtualHosts."ci.0x76.dev" = proxy "http://woodpecker.olympus:8000"; virtualHosts."dex.0x76.dev" = proxy "http://dex.olympus:5556"; diff --git a/nixos/hosts/olympus/outline/configuration.nix b/nixos/hosts/olympus/outline/configuration.nix index 3b792c9f..452fabdb 100644 --- a/nixos/hosts/olympus/outline/configuration.nix +++ b/nixos/hosts/olympus/outline/configuration.nix @@ -16,8 +16,6 @@ let vs = config.vault-secrets.secrets; in system.stateVersion = "22.11"; # Did you read the comment? # Additional packages - environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ config.services.outline.port ]; @@ -42,13 +40,13 @@ let vs = config.vault-secrets.secrets; in uploadBucketName = "outline"; region = "us-east-1"; # fake }; - oidcAuthentication = { - displayName = "Keycloak"; - userinfoUrl = "https://id.0x76.dev/realms/master/protocol/openid-connect/userinfo"; - tokenUrl = "https://id.0x76.dev/realms/master/protocol/openid-connect/token"; + oidcAuthentication = { + displayName = "Dex"; + userinfoUrl = "https://dex.0x76.dev/userinfo"; + tokenUrl = "https://dex.0x76.dev/token"; clientId = "outline"; - authUrl = "https://id.0x76.dev/realms/master/protocol/openid-connect/auth"; - clientSecretFile = "${vs.outline}/keycloakClientSecret"; + authUrl = "https://dex.0x76.dev/auth"; + clientSecretFile = "${vs.outline}/dexClientSecret"; }; smtp = rec { username = "outline@0x76.dev"; -- 2.47.1 From 9d3648cc18fe45cc6ee683571f7627072d6fcb60 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 16 Jan 2023 16:27:51 +0100 Subject: [PATCH 0627/1882] add core/ns --- flake.lock | 14 +++++++------- flake.nix | 2 +- flux/olympus/base/core.yaml | 13 +++++++++++++ flux/olympus/core/kustomization.yaml | 4 ++++ flux/olympus/core/namespaces/kustomization.yaml | 4 ++++ flux/olympus/core/namespaces/websites.yaml | 5 +++++ 6 files changed, 34 insertions(+), 8 deletions(-) create mode 100644 flux/olympus/base/core.yaml create mode 100644 flux/olympus/core/kustomization.yaml create mode 100644 flux/olympus/core/namespaces/kustomization.yaml create mode 100644 flux/olympus/core/namespaces/websites.yaml diff --git a/flake.lock b/flake.lock index 410cffff..58c0ee13 100644 --- a/flake.lock +++ b/flake.lock @@ -455,11 +455,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1673811538, - "narHash": "sha256-dzaXvah1Qm8OeopF2lbS8ohhIGbGBx6kVY/W657qJdk=", + "lastModified": 1673881944, + "narHash": "sha256-DvS8CLz4nPx23tBYJfJtxTiP5fRV3Urhw74pwVdSYCU=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "040e99fd174e46614e9dc37a77bad67b930ac5e9", + "rev": "589046ecf74965a8e22a9891290f4b289c60a334", "type": "github" }, "original": { @@ -770,16 +770,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1673631141, - "narHash": "sha256-AprpYQ5JvLS4wQG/ghm2UriZ9QZXvAwh1HlgA/6ZEVQ=", + "lastModified": 1673855649, + "narHash": "sha256-Pc1VumquuFMDR1Ers1QOVDDabL/trVwfqWXeKJPXLQg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "befc83905c965adfd33e5cae49acb0351f6e0404", + "rev": "c85d08692966cf022b0a741a794cb1650602d8af", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable", + "ref": "nixos-unstable-small", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index fd406c78..a3db2187 100644 --- a/flake.nix +++ b/flake.nix @@ -9,7 +9,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; nixpkgs_22-11.url = "github:nixos/nixpkgs/nixos-22.11"; nur.url = "github:nix-community/NUR"; diff --git a/flux/olympus/base/core.yaml b/flux/olympus/base/core.yaml new file mode 100644 index 00000000..d8e98213 --- /dev/null +++ b/flux/olympus/base/core.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +kind: Kustomization +metadata: + name: core + namespace: flux-system +spec: + interval: 10m0s + path: ./flux/olympus/core + prune: true + sourceRef: + kind: GitRepository + name: flux-system diff --git a/flux/olympus/core/kustomization.yaml b/flux/olympus/core/kustomization.yaml new file mode 100644 index 00000000..4b61208f --- /dev/null +++ b/flux/olympus/core/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - namespaces diff --git a/flux/olympus/core/namespaces/kustomization.yaml b/flux/olympus/core/namespaces/kustomization.yaml new file mode 100644 index 00000000..62346c57 --- /dev/null +++ b/flux/olympus/core/namespaces/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - websites.yaml diff --git a/flux/olympus/core/namespaces/websites.yaml b/flux/olympus/core/namespaces/websites.yaml new file mode 100644 index 00000000..7427992f --- /dev/null +++ b/flux/olympus/core/namespaces/websites.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: websites -- 2.47.1 From 63232630f9618af3e48b1e252fab193d90f2a24d Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 16 Jan 2023 16:31:57 +0100 Subject: [PATCH 0628/1882] add 0x76.yaml --- flux/olympus/apps/kustomization.yaml | 3 +- flux/olympus/apps/websites/0x76.yaml | 52 +++++++++++++++++++ flux/olympus/apps/websites/kustomization.yaml | 4 ++ 3 files changed, 58 insertions(+), 1 deletion(-) create mode 100644 flux/olympus/apps/websites/0x76.yaml create mode 100644 flux/olympus/apps/websites/kustomization.yaml diff --git a/flux/olympus/apps/kustomization.yaml b/flux/olympus/apps/kustomization.yaml index b83b23e5..ce8efa24 100644 --- a/flux/olympus/apps/kustomization.yaml +++ b/flux/olympus/apps/kustomization.yaml @@ -1,3 +1,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -resources: [] +resources: + - websites diff --git a/flux/olympus/apps/websites/0x76.yaml b/flux/olympus/apps/websites/0x76.yaml new file mode 100644 index 00000000..d81ec0f4 --- /dev/null +++ b/flux/olympus/apps/websites/0x76.yaml @@ -0,0 +1,52 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: x76dev + namespace: websites + labels: + app: x76dev +spec: + replicas: 1 + selector: + matchLabels: + app: x76dev + template: + metadata: + labels: + app: x76dev + spec: + containers: + - name: x76dev + image: git.0x76.dev/v/0x76.dev:latest + ports: + - containerPort: 80 +--- +apiVersion: v1 +kind: Service +metadata: + name: x76dev-service + namespace: websites +spec: + selector: + app: x76dev + ports: + - protocol: TCP + port: 80 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: x76dev-ingress + namespace: websites +spec: + rules: + - host: "0x76.dev" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: x76dev-service + port: + number: 80 diff --git a/flux/olympus/apps/websites/kustomization.yaml b/flux/olympus/apps/websites/kustomization.yaml new file mode 100644 index 00000000..1a4998ed --- /dev/null +++ b/flux/olympus/apps/websites/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - 0x76.yaml -- 2.47.1 From 686c25a3fb78d2387f89ce61265329db19521802 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 16 Jan 2023 16:35:23 +0100 Subject: [PATCH 0629/1882] deploy 0x76.dev --- nixos/hosts/olympus/nginx/configuration.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 8f18d64b..92a1c8bd 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -8,7 +8,7 @@ let proxyWebsockets = true; }; }; - k8s_proxy = proxy "http://10.42.42.150:8000/"; + k8s_proxy = proxy "http://kubernetes.olympus:80/"; clientConfig = { "m.homeserver" = { base_url = "https://chat.meowy.tech"; @@ -130,9 +130,9 @@ in { # Kubernetes endpoints virtualHosts."0x76.dev" = k8s_proxy; - virtualHosts."drone.0x76.dev" = k8s_proxy; - virtualHosts."msg.0x76.dev" = k8s_proxy; - virtualHosts."zookeeper.0x76.dev" = k8s_proxy; + # virtualHosts."drone.0x76.dev" = k8s_proxy; + # virtualHosts."msg.0x76.dev" = k8s_proxy; + # virtualHosts."zookeeper.0x76.dev" = k8s_proxy; }; services.nginx.commonHttpConfig = '' -- 2.47.1 From 531b9519bcfc9e5d5d67a668b4314775e38271d1 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 16 Jan 2023 21:18:47 +0100 Subject: [PATCH 0630/1882] specify namespace one level up --- flux/olympus/apps/websites/0x76.yaml | 3 --- flux/olympus/apps/websites/kustomization.yaml | 2 ++ nixos/common/common.nix | 6 ++++-- nixos/templates/proxmox-lxc.nix | 6 ++++-- nixos/templates/proxmox-vm.nix | 8 +++++--- 5 files changed, 15 insertions(+), 10 deletions(-) diff --git a/flux/olympus/apps/websites/0x76.yaml b/flux/olympus/apps/websites/0x76.yaml index d81ec0f4..1df0ce74 100644 --- a/flux/olympus/apps/websites/0x76.yaml +++ b/flux/olympus/apps/websites/0x76.yaml @@ -2,7 +2,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: x76dev - namespace: websites labels: app: x76dev spec: @@ -25,7 +24,6 @@ apiVersion: v1 kind: Service metadata: name: x76dev-service - namespace: websites spec: selector: app: x76dev @@ -37,7 +35,6 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: x76dev-ingress - namespace: websites spec: rules: - host: "0x76.dev" diff --git a/flux/olympus/apps/websites/kustomization.yaml b/flux/olympus/apps/websites/kustomization.yaml index 1a4998ed..c1c80c79 100644 --- a/flux/olympus/apps/websites/kustomization.yaml +++ b/flux/olympus/apps/websites/kustomization.yaml @@ -1,4 +1,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +metadata: + namespace: websites resources: - 0x76.yaml diff --git a/nixos/common/common.nix b/nixos/common/common.nix index 14b57553..b9d1f14e 100644 --- a/nixos/common/common.nix +++ b/nixos/common/common.nix @@ -72,7 +72,9 @@ # Enable SSH services.openssh = { enable = true; - passwordAuthentication = false; - permitRootLogin = lib.mkDefault "no"; + settings = { + PasswordAuthentication = lib.mkDefault false; + PermitRootLogin = lib.mkDefault "no"; + }; }; } diff --git a/nixos/templates/proxmox-lxc.nix b/nixos/templates/proxmox-lxc.nix index e748529b..d917eecb 100644 --- a/nixos/templates/proxmox-lxc.nix +++ b/nixos/templates/proxmox-lxc.nix @@ -10,8 +10,10 @@ # Enable SSH services.openssh = { enable = true; - passwordAuthentication = false; - permitRootLogin = "yes"; + settings = { + PasswordAuthentication = true; + PermitRootLogin = "yes"; + }; openFirewall = true; }; diff --git a/nixos/templates/proxmox-vm.nix b/nixos/templates/proxmox-vm.nix index 945cce32..b1cdda83 100644 --- a/nixos/templates/proxmox-vm.nix +++ b/nixos/templates/proxmox-vm.nix @@ -7,12 +7,14 @@ memory = 1024; bios = "ovmf"; }; - + # Enable SSH services.openssh = { enable = true; - passwordAuthentication = false; - permitRootLogin = "yes"; + settings = { + PasswordAuthentication = true; + PermitRootLogin = "yes"; + }; openFirewall = true; }; -- 2.47.1 From 3603e779b8a797b88d3ee99b5df87c3e7d5452cc Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 16 Jan 2023 21:20:49 +0100 Subject: [PATCH 0631/1882] readd namespaces --- flux/olympus/apps/websites/0x76.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/flux/olympus/apps/websites/0x76.yaml b/flux/olympus/apps/websites/0x76.yaml index 1df0ce74..d81ec0f4 100644 --- a/flux/olympus/apps/websites/0x76.yaml +++ b/flux/olympus/apps/websites/0x76.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: x76dev + namespace: websites labels: app: x76dev spec: @@ -24,6 +25,7 @@ apiVersion: v1 kind: Service metadata: name: x76dev-service + namespace: websites spec: selector: app: x76dev @@ -35,6 +37,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: x76dev-ingress + namespace: websites spec: rules: - host: "0x76.dev" -- 2.47.1 From e777599504d2429a309e21e54d3d9a7b7315fec4 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 17 Jan 2023 13:49:31 +0100 Subject: [PATCH 0632/1882] add laura ssh key --- flake.lock | 24 ++++++++++++------------ flake.nix | 8 +++----- nixos/common/users/laura.nix | 1 + 3 files changed, 16 insertions(+), 17 deletions(-) diff --git a/flake.lock b/flake.lock index 58c0ee13..c9a2cbf4 100644 --- a/flake.lock +++ b/flake.lock @@ -434,11 +434,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1673815682, - "narHash": "sha256-zG7Rroki+89poCTr1D8BM/wTCl+DZJvU4IUE+5hxG7U=", + "lastModified": 1673948101, + "narHash": "sha256-cD0OzFfnLFeeaz4jVszH9QiMTn+PBxmcYzrp+xujpwM=", "owner": "nix-community", "repo": "home-manager", - "rev": "3e42035fc013ed4d8af6ee8dc0079c0c551c45a5", + "rev": "bd3efacb82c721edad1ce9eda583df5fb62ab00a", "type": "github" }, "original": { @@ -455,11 +455,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1673881944, - "narHash": "sha256-DvS8CLz4nPx23tBYJfJtxTiP5fRV3Urhw74pwVdSYCU=", + "lastModified": 1673953056, + "narHash": "sha256-C0AnzNLRVJ7ljgtWUtn9foD/3XyvoCSNjbPMVCFojp0=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "589046ecf74965a8e22a9891290f4b289c60a334", + "rev": "f14e8088478bf1e80e02a213a23c528fe32d3b91", "type": "github" }, "original": { @@ -840,11 +840,11 @@ ] }, "locked": { - "lastModified": 1673606904, - "narHash": "sha256-vK4dCZEwsetub7FLu+IpD2Ro6pMzifPBPPQutfZcxsY=", + "lastModified": 1673912429, + "narHash": "sha256-1HnrX/nFD1GqfU3S7He+J5v+DbZ6rLa//DNYOwIZeCU=", "owner": "pta2002", "repo": "nixvim", - "rev": "b9a4f0ca19201cbc2e6c583f3f3a269fe1a6314f", + "rev": "d0910a6ddba8f3ad2079243a5cb4480739cb00e1", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1673874395, - "narHash": "sha256-bIMqmL3iUt4EyoqsYAipDB6Xa5Pqvu9cwGIF5XgpVq4=", + "lastModified": 1673935396, + "narHash": "sha256-AkimCjK8quWnfMTmSKORp2tCs1dAifJD1BEn3bYnS/w=", "owner": "nix-community", "repo": "NUR", - "rev": "8cd0467d8f5399d83e0bfd381dafd1cd124c9545", + "rev": "7e9a5b42d68ca84a91e082ad325318e01456d2b5", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index a3db2187..0dc05740 100644 --- a/flake.nix +++ b/flake.nix @@ -42,10 +42,8 @@ nixvim.url = "github:pta2002/nixvim"; nixvim.inputs.nixpkgs.follows = "nixpkgs"; - nixos-generators = { - url = "github:nix-community/nixos-generators"; - inputs.nixpkgs.follows = "nixpkgs"; - }; + nixos-generators.url = "github:nix-community/nixos-generators"; + nixos-generators.inputs.nixpkgs.follows = "nixpkgs"; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; }; @@ -147,7 +145,7 @@ }; proxmox-lxc = nixos-generators.nixosGenerate { - inherit system pkgs; + inherit pkgs; format = "proxmox-lxc"; modules = [ (import ./nixos/templates/proxmox-lxc.nix) ]; }; diff --git a/nixos/common/users/laura.nix b/nixos/common/users/laura.nix index a0d0ea72..91e19fa0 100644 --- a/nixos/common/users/laura.nix +++ b/nixos/common/users/laura.nix @@ -5,6 +5,7 @@ openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBIlFUUXbwOkhNUjoA6zueTdRuaylgpgFqSe/xWGK9zb laura@zmeura" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBVkk9/80askWhInQk03JMntF6SThAYkFZNm+lIGt4E7 laura@mura" ]; extraGroups = [ ]; -- 2.47.1 From c828b15d88c6b00ffe83d1449fb92bc0e1df8ede Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 18 Jan 2023 09:42:09 +0100 Subject: [PATCH 0633/1882] add ccache --- flake.lock | 18 +++++++++--------- .../olympus/core/namespaces/kustomization.yaml | 1 + flux/olympus/core/namespaces/security.yaml | 5 +++++ nixos/hosts/thalassa/aoife/configuration.nix | 13 +++++++++++-- 4 files changed, 26 insertions(+), 11 deletions(-) create mode 100644 flux/olympus/core/namespaces/security.yaml diff --git a/flake.lock b/flake.lock index c9a2cbf4..f965491a 100644 --- a/flake.lock +++ b/flake.lock @@ -455,11 +455,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1673953056, - "narHash": "sha256-C0AnzNLRVJ7ljgtWUtn9foD/3XyvoCSNjbPMVCFojp0=", + "lastModified": 1673958010, + "narHash": "sha256-5SY1hQjLrl4vXaolP6Xf3+uMFitc06oe9ibB+x97Cds=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "f14e8088478bf1e80e02a213a23c528fe32d3b91", + "rev": "c31c627cf85ea4fd40c1647c84d89b5e6f186785", "type": "github" }, "original": { @@ -770,11 +770,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1673855649, - "narHash": "sha256-Pc1VumquuFMDR1Ers1QOVDDabL/trVwfqWXeKJPXLQg=", + "lastModified": 1673954326, + "narHash": "sha256-oAKwsXTptcY6gRCBxJlZ+W1BrZHNr9a28+4fQMLuRu0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c85d08692966cf022b0a741a794cb1650602d8af", + "rev": "8fc3a1dcc98d3603221d4afd239e666eeedb6141", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1673935396, - "narHash": "sha256-AkimCjK8quWnfMTmSKORp2tCs1dAifJD1BEn3bYnS/w=", + "lastModified": 1674021312, + "narHash": "sha256-kW00Hpb2jqX7zDHnw/us7DH4lChTa6DoVcZZrd9CKwE=", "owner": "nix-community", "repo": "NUR", - "rev": "7e9a5b42d68ca84a91e082ad325318e01456d2b5", + "rev": "993b34d7fc525534c59229312c1ff21a976def54", "type": "github" }, "original": { diff --git a/flux/olympus/core/namespaces/kustomization.yaml b/flux/olympus/core/namespaces/kustomization.yaml index 62346c57..89c93b95 100644 --- a/flux/olympus/core/namespaces/kustomization.yaml +++ b/flux/olympus/core/namespaces/kustomization.yaml @@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - websites.yaml + - security.yaml diff --git a/flux/olympus/core/namespaces/security.yaml b/flux/olympus/core/namespaces/security.yaml new file mode 100644 index 00000000..133fe73b --- /dev/null +++ b/flux/olympus/core/namespaces/security.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: security diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index 6769d5ed..976876ab 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -13,8 +13,8 @@ # Bootloader. boot = { - # kernelPackages = pkgs.linuxPackages_latest; - kernelPackages = pkgs.linuxKernel.packages.linux_zen; + kernelPackages = pkgs.linuxPackages_latest; + # kernelPackages = pkgs.linuxKernel.packages.linux_zen; loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; @@ -111,4 +111,13 @@ # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.05"; # Did you read the comment? + # Enable ccache + programs.ccache.enable = true; + programs.ccache.packageNames = [ + # "linux" + # "webkitgtk" + # "qtwebengine" + ]; + nix.settings.extra-sandbox-paths = + [ (toString config.programs.ccache.cacheDir) ]; } -- 2.47.1 From 47e01d4f79d930ea1eb5efde56fabf68a910cd08 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 18 Jan 2023 11:42:54 +0100 Subject: [PATCH 0634/1882] add external secrets --- .../base/flux-system/kustomization.yaml | 1 + .../repositories/helm/external-secrets.yaml | 9 ++++++ .../repositories/helm/kustomization.yaml | 5 ++++ .../repositories/kustomization.yaml | 5 ++++ .../core/external-secrets/helm-release.yaml | 29 +++++++++++++++++++ .../core/external-secrets/kustomization.yaml | 4 +++ 6 files changed, 53 insertions(+) create mode 100644 flux/olympus/base/flux-system/repositories/helm/external-secrets.yaml create mode 100644 flux/olympus/base/flux-system/repositories/helm/kustomization.yaml create mode 100644 flux/olympus/base/flux-system/repositories/kustomization.yaml create mode 100644 flux/olympus/core/external-secrets/helm-release.yaml create mode 100644 flux/olympus/core/external-secrets/kustomization.yaml diff --git a/flux/olympus/base/flux-system/kustomization.yaml b/flux/olympus/base/flux-system/kustomization.yaml index 3842229e..9acdad90 100644 --- a/flux/olympus/base/flux-system/kustomization.yaml +++ b/flux/olympus/base/flux-system/kustomization.yaml @@ -3,3 +3,4 @@ kind: Kustomization resources: - gotk-components.yaml - gotk-sync.yaml +- repositories \ No newline at end of file diff --git a/flux/olympus/base/flux-system/repositories/helm/external-secrets.yaml b/flux/olympus/base/flux-system/repositories/helm/external-secrets.yaml new file mode 100644 index 00000000..65405ea3 --- /dev/null +++ b/flux/olympus/base/flux-system/repositories/helm/external-secrets.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: HelmRepository +metadata: + name: external-secrets + namespace: flux-system +spec: + interval: 1h + url: https://charts.external-secrets.io diff --git a/flux/olympus/base/flux-system/repositories/helm/kustomization.yaml b/flux/olympus/base/flux-system/repositories/helm/kustomization.yaml new file mode 100644 index 00000000..9e58514b --- /dev/null +++ b/flux/olympus/base/flux-system/repositories/helm/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - external-secrets.yaml + diff --git a/flux/olympus/base/flux-system/repositories/kustomization.yaml b/flux/olympus/base/flux-system/repositories/kustomization.yaml new file mode 100644 index 00000000..dadf6d60 --- /dev/null +++ b/flux/olympus/base/flux-system/repositories/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - helm + diff --git a/flux/olympus/core/external-secrets/helm-release.yaml b/flux/olympus/core/external-secrets/helm-release.yaml new file mode 100644 index 00000000..32c0355a --- /dev/null +++ b/flux/olympus/core/external-secrets/helm-release.yaml @@ -0,0 +1,29 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: external-secrets + namespace: security +spec: + interval: 30m + chart: + spec: + chart: external-secrets + version: 0.7.2 + interval: 30m + sourceRef: + kind: HelmRepository + name: external-secrets + namespace: flux-system + values: + installCRDs: true + replicaCount: 1 + leaderElect: true + serviceMonitor: + enabled: true + webhook: + serviceMonitor: + enabled: true + certController: + serviceMonitor: + enabled: true diff --git a/flux/olympus/core/external-secrets/kustomization.yaml b/flux/olympus/core/external-secrets/kustomization.yaml new file mode 100644 index 00000000..34a8531c --- /dev/null +++ b/flux/olympus/core/external-secrets/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - helm-release.yaml -- 2.47.1 From 0cdae6f93bbad85671e9c14a3ed9cf5e2a83a16d Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 18 Jan 2023 12:24:41 +0100 Subject: [PATCH 0635/1882] actually deploy es --- flux/olympus/core/kustomization.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/flux/olympus/core/kustomization.yaml b/flux/olympus/core/kustomization.yaml index 4b61208f..2e5c9c9a 100644 --- a/flux/olympus/core/kustomization.yaml +++ b/flux/olympus/core/kustomization.yaml @@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - namespaces + - external-secrets \ No newline at end of file -- 2.47.1 From 7c6e3f0a5360ca7b7ece88fa310bd9540b557ac7 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 18 Jan 2023 12:35:20 +0100 Subject: [PATCH 0636/1882] remove certcontroller thingy --- flux/olympus/core/external-secrets/helm-release.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flux/olympus/core/external-secrets/helm-release.yaml b/flux/olympus/core/external-secrets/helm-release.yaml index 32c0355a..76a3fbb8 100644 --- a/flux/olympus/core/external-secrets/helm-release.yaml +++ b/flux/olympus/core/external-secrets/helm-release.yaml @@ -24,6 +24,6 @@ spec: webhook: serviceMonitor: enabled: true - certController: - serviceMonitor: - enabled: true + # certController: + # serviceMonitor: + # enabled: true -- 2.47.1 From 902557b9e7c22051b83fee58e255f7d20fd0d969 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 18 Jan 2023 13:04:31 +0100 Subject: [PATCH 0637/1882] disable servicemonitor (for now) --- flux/olympus/core/external-secrets/helm-release.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/flux/olympus/core/external-secrets/helm-release.yaml b/flux/olympus/core/external-secrets/helm-release.yaml index 76a3fbb8..da055200 100644 --- a/flux/olympus/core/external-secrets/helm-release.yaml +++ b/flux/olympus/core/external-secrets/helm-release.yaml @@ -19,11 +19,11 @@ spec: installCRDs: true replicaCount: 1 leaderElect: true - serviceMonitor: - enabled: true - webhook: - serviceMonitor: - enabled: true + # serviceMonitor: + # enabled: true + # webhook: + # serviceMonitor: + # enabled: true # certController: # serviceMonitor: # enabled: true -- 2.47.1 From aaaad3f7a01a2cedceb4b0401ace1f8ce75ebaeb Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 18 Jan 2023 14:29:52 +0100 Subject: [PATCH 0638/1882] add vault secret store --- flake.lock | 18 ++++++------- flux/olympus/core/external-secrets/.gitignore | 1 + .../core/external-secrets/kustomization.yaml | 1 + .../vault-secret-id.example.yaml | 7 +++++ .../external-secrets/vault-secret-store.yaml | 27 +++++++++++++++++++ nixos/hosts/thalassa/aoife/hardware.nix | 10 +++++++ 6 files changed, 55 insertions(+), 9 deletions(-) create mode 100644 flux/olympus/core/external-secrets/.gitignore create mode 100644 flux/olympus/core/external-secrets/vault-secret-id.example.yaml create mode 100644 flux/olympus/core/external-secrets/vault-secret-store.yaml diff --git a/flake.lock b/flake.lock index f965491a..f09419ff 100644 --- a/flake.lock +++ b/flake.lock @@ -434,11 +434,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1673948101, - "narHash": "sha256-cD0OzFfnLFeeaz4jVszH9QiMTn+PBxmcYzrp+xujpwM=", + "lastModified": 1674041176, + "narHash": "sha256-cMf1BQzI39nHQ0H/mOatthbbI3392qLmJ9gU0u520P4=", "owner": "nix-community", "repo": "home-manager", - "rev": "bd3efacb82c721edad1ce9eda583df5fb62ab00a", + "rev": "2c29ae48f9a149151bdd82f429ac61d4412c312a", "type": "github" }, "original": { @@ -455,11 +455,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1673958010, - "narHash": "sha256-5SY1hQjLrl4vXaolP6Xf3+uMFitc06oe9ibB+x97Cds=", + "lastModified": 1674039296, + "narHash": "sha256-VkhsLIKY/evIu/FRB9ughThrjva0YfJ8N8C0IYCJRPg=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "c31c627cf85ea4fd40c1647c84d89b5e6f186785", + "rev": "32c11bb212dd88e4fe8e573f35649448f7d8911c", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1674021312, - "narHash": "sha256-kW00Hpb2jqX7zDHnw/us7DH4lChTa6DoVcZZrd9CKwE=", + "lastModified": 1674046168, + "narHash": "sha256-5ffayoK//QsJYYhq0roW47e+ogz2AdV0+dKgvhG4FRM=", "owner": "nix-community", "repo": "NUR", - "rev": "993b34d7fc525534c59229312c1ff21a976def54", + "rev": "87d0c5acda6b08d96134dc2c7c96f0e6e38e8375", "type": "github" }, "original": { diff --git a/flux/olympus/core/external-secrets/.gitignore b/flux/olympus/core/external-secrets/.gitignore new file mode 100644 index 00000000..5eec00f7 --- /dev/null +++ b/flux/olympus/core/external-secrets/.gitignore @@ -0,0 +1 @@ +vault-secret-id.yaml \ No newline at end of file diff --git a/flux/olympus/core/external-secrets/kustomization.yaml b/flux/olympus/core/external-secrets/kustomization.yaml index 34a8531c..04c4cf13 100644 --- a/flux/olympus/core/external-secrets/kustomization.yaml +++ b/flux/olympus/core/external-secrets/kustomization.yaml @@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - helm-release.yaml + - vault-secret-store.yaml diff --git a/flux/olympus/core/external-secrets/vault-secret-id.example.yaml b/flux/olympus/core/external-secrets/vault-secret-id.example.yaml new file mode 100644 index 00000000..e9c57519 --- /dev/null +++ b/flux/olympus/core/external-secrets/vault-secret-id.example.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: vault-secret-id + namespace: security +data: + secret-id: XXXXXX # Obtain by `vault write -f auth/approle/role/external-secrets/secret-id` diff --git a/flux/olympus/core/external-secrets/vault-secret-store.yaml b/flux/olympus/core/external-secrets/vault-secret-store.yaml new file mode 100644 index 00000000..f09f88f0 --- /dev/null +++ b/flux/olympus/core/external-secrets/vault-secret-store.yaml @@ -0,0 +1,27 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ClusterSecretStore +metadata: + name: vault + namespace: security +spec: + provider: + vault: + server: "http://vault.olympus:8200" + path: "k8s" + version: "v2" + auth: + # VaultAppRole authenticates with Vault using the + # App Role auth mechanism + # https://www.vaultproject.io/docs/auth/approle + appRole: + # Path where the App Role authentication backend is mounted + path: "approle" + # RoleID configured in the App Role authentication backend + # `vault read auth/approle/role/external-secrets/role-id` + roleId: "bb841a0e-45c1-9dab-36f0-f72647d6aff0" + # Reference to a key in a K8 Secret that contains the App Role SecretId + # (not commited in git) + secretRef: + name: "vault-secret-id" + namespace: "security" + key: "secret-id" diff --git a/nixos/hosts/thalassa/aoife/hardware.nix b/nixos/hosts/thalassa/aoife/hardware.nix index c6b1208e..c9f208d6 100644 --- a/nixos/hosts/thalassa/aoife/hardware.nix +++ b/nixos/hosts/thalassa/aoife/hardware.nix @@ -21,6 +21,16 @@ # Power Management services.upower.enable = true; services.thermald.enable = true; + services.power-profiles-daemon.enable = false; + services.tlp = { + enable = true; + settings = { + CPU_BOOST_ON_AC = 1; + CPU_BOOST_ON_BAT = 0; + CPU_SCALING_GOVERNOR_ON_AC = "performance"; + CPU_SCALING_GOVERNOR_ON_BAT = "powersave"; + }; + }; powerManagement = { enable = true; -- 2.47.1 From e0a13aa3f3058a8dd0e1c10bdbde7c454575d34e Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 19 Jan 2023 12:48:27 +0100 Subject: [PATCH 0639/1882] add renovate --- flake.lock | 42 +++---- flux/olympus/apps/kustomization.yaml | 1 + flux/olympus/apps/services/kustomization.yaml | 4 + .../services/renovate/external-secret.yaml | 21 ++++ .../apps/services/renovate/kustomization.yaml | 5 + .../renovate/renovate-infrastructure.yaml | 113 ++++++++++++++++++ .../core/namespaces/kustomization.yaml | 1 + flux/olympus/core/namespaces/services.yaml | 5 + nixos/hosts/thalassa/aoife/home/default.nix | 6 +- nixos/hosts/thalassa/aoife/home/neovim.nix | 1 + 10 files changed, 177 insertions(+), 22 deletions(-) create mode 100644 flux/olympus/apps/services/kustomization.yaml create mode 100644 flux/olympus/apps/services/renovate/external-secret.yaml create mode 100644 flux/olympus/apps/services/renovate/kustomization.yaml create mode 100644 flux/olympus/apps/services/renovate/renovate-infrastructure.yaml create mode 100644 flux/olympus/core/namespaces/services.yaml diff --git a/flake.lock b/flake.lock index f09419ff..5463aa76 100644 --- a/flake.lock +++ b/flake.lock @@ -434,11 +434,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1674041176, - "narHash": "sha256-cMf1BQzI39nHQ0H/mOatthbbI3392qLmJ9gU0u520P4=", + "lastModified": 1674082145, + "narHash": "sha256-4IpEt5Jc6VrNcpIcrKMCZAyeJMLXaaHk+yOV9HusO/A=", "owner": "nix-community", "repo": "home-manager", - "rev": "2c29ae48f9a149151bdd82f429ac61d4412c312a", + "rev": "7026e1a934abfa02623c9870378dbcdac3cd7f80", "type": "github" }, "original": { @@ -455,11 +455,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674039296, - "narHash": "sha256-VkhsLIKY/evIu/FRB9ughThrjva0YfJ8N8C0IYCJRPg=", + "lastModified": 1674054764, + "narHash": "sha256-00cRYxCYmZvncLyCsVYrhQsCzFnjkZi+23TC2FpQU/U=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "32c11bb212dd88e4fe8e573f35649448f7d8911c", + "rev": "428063ff2304962387803fd59e5da8b9b82710cc", "type": "github" }, "original": { @@ -770,11 +770,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1673954326, - "narHash": "sha256-oAKwsXTptcY6gRCBxJlZ+W1BrZHNr9a28+4fQMLuRu0=", + "lastModified": 1674101896, + "narHash": "sha256-xWLaexT6IHhOJru54wrOMeBbkKeJzOZ4Pqrxctf82q0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8fc3a1dcc98d3603221d4afd239e666eeedb6141", + "rev": "a841e262264e48722dccc8469f066068146e406b", "type": "github" }, "original": { @@ -786,11 +786,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1673800717, - "narHash": "sha256-SFHraUqLSu5cC6IxTprex/nTsI81ZQAtDvlBvGDWfnA=", + "lastModified": 1673957332, + "narHash": "sha256-njH7Szk1BLVWGMw7IRibgGejSlxXHj9saZHfH20gHdk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "2f9fd351ec37f5d479556cd48be4ca340da59b8f", + "rev": "b83e7f5a04a3acc8e92228b0c4bae68933d504eb", "type": "github" }, "original": { @@ -840,11 +840,11 @@ ] }, "locked": { - "lastModified": 1673912429, - "narHash": "sha256-1HnrX/nFD1GqfU3S7He+J5v+DbZ6rLa//DNYOwIZeCU=", + "lastModified": 1674125115, + "narHash": "sha256-k22iBAgchS0pvFJu1gVhw/6fVbmOngtgYAGpRbL55qw=", "owner": "pta2002", "repo": "nixvim", - "rev": "d0910a6ddba8f3ad2079243a5cb4480739cb00e1", + "rev": "3f9effc575cabe61b7a9539ce550484049fe5c68", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1674046168, - "narHash": "sha256-5ffayoK//QsJYYhq0roW47e+ogz2AdV0+dKgvhG4FRM=", + "lastModified": 1674117493, + "narHash": "sha256-3X7K7CfTshJUMlUxGI2I2SJqKg9S1OFw4HhtYCe/vnw=", "owner": "nix-community", "repo": "NUR", - "rev": "87d0c5acda6b08d96134dc2c7c96f0e6e38e8375", + "rev": "00120bd037350362ad270e536d3cfd5efd404228", "type": "github" }, "original": { @@ -1101,11 +1101,11 @@ ] }, "locked": { - "lastModified": 1673428169, - "narHash": "sha256-b6y1bjIchI9FNDXTgyFT1FVHIhgrnbFhBEvyPCSt/kI=", + "lastModified": 1674127129, + "narHash": "sha256-LKAyyZB2/G7XFs3ZiFGQMuI5VhyT3sJQaWTP9q/TdWo=", "owner": "serokell", "repo": "vault-secrets", - "rev": "e20e124551d1ab2f9445033e0596e9daf7d23b5e", + "rev": "5495c3fde2294e8f02751988e5a7fcb06a92e9cc", "type": "github" }, "original": { diff --git a/flux/olympus/apps/kustomization.yaml b/flux/olympus/apps/kustomization.yaml index ce8efa24..0dd5fc5a 100644 --- a/flux/olympus/apps/kustomization.yaml +++ b/flux/olympus/apps/kustomization.yaml @@ -1,4 +1,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: + - services - websites diff --git a/flux/olympus/apps/services/kustomization.yaml b/flux/olympus/apps/services/kustomization.yaml new file mode 100644 index 00000000..4ddab702 --- /dev/null +++ b/flux/olympus/apps/services/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - renovate diff --git a/flux/olympus/apps/services/renovate/external-secret.yaml b/flux/olympus/apps/services/renovate/external-secret.yaml new file mode 100644 index 00000000..40637451 --- /dev/null +++ b/flux/olympus/apps/services/renovate/external-secret.yaml @@ -0,0 +1,21 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: renovate + namespace: services +spec: + refreshInterval: "5m" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: renovate + data: + - secretKey: RENOVATE_TOKEN + remoteRef: + key: gitops/renovate + property: gitea_token + - secretKey: GITHUB_COM_TOKEN + remoteRef: + key: gitops/renovate + property: github_token diff --git a/flux/olympus/apps/services/renovate/kustomization.yaml b/flux/olympus/apps/services/renovate/kustomization.yaml new file mode 100644 index 00000000..215e80bc --- /dev/null +++ b/flux/olympus/apps/services/renovate/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - external-secret.yaml + - renovate-infrastructure.yaml diff --git a/flux/olympus/apps/services/renovate/renovate-infrastructure.yaml b/flux/olympus/apps/services/renovate/renovate-infrastructure.yaml new file mode 100644 index 00000000..da65c1f8 --- /dev/null +++ b/flux/olympus/apps/services/renovate/renovate-infrastructure.yaml @@ -0,0 +1,113 @@ +--- +apiVersion: batch/v1 +kind: CronJob +metadata: + name: renovate-infrastructure + namespace: services +spec: + schedule: "@hourly" + concurrencyPolicy: Forbid + jobTemplate: + spec: + template: + spec: + volumes: + - name: config-volume + configMap: + name: renovate-config + - name: work-volume + emptyDir: {} + containers: + - name: renovate + image: renovate/renovate:32.135 + volumeMounts: + - name: config-volume + mountPath: /opt/renovate/ + - name: work-volume + mountPath: /tmp/renovate/ + env: + - name: LOG_LEVEL + value: debug + - name: RENOVATE_ENDPOINT + value: "https://git.0x76.dev/api/v1/" + - name: RENOVATE_PLATFORM + value: gitea + - name: RENOVATE_AUTODISCOVER + value: "false" + - name: RENOVATE_GIT_AUTHOR + value: "Renovate Bot " + - name: RENOVATE_CONFIG_FILE + value: "/opt/renovate/config.js" + - name: RENOVATE_BASE_DIR + value: "/tmp/renovate" + envFrom: + - secretRef: + name: renovate + restartPolicy: Never +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: renovate-config + namespace: gitops +data: + config.js: |- + module.exports = { + "binarySource": "install", + "repositories": ["v/infrastructure"], + "flux": { + "fileMatch": ["flux/.+\\.ya?ml$"] + }, + "helm-values": { + "fileMatch": ["flux/.+\\.ya?ml$"] + }, + "kubernetes": { + "fileMatch": ["flux/.+\\.ya?ml$"] + }, + "hostRules": [ + { + "hostType": "docker", + "matchHost": "ghcr.io", + "username": "NULLx76", + "password": process.env.GITHUB_COM_TOKEN + } + ], + "packageRules": [ + { + "automerge": true, + "automergeType": "branch", + "matchPackageNames": [ + "renovate/renovate" + ] + } + ], + // ignore individual fluxcd images + "ignoreDeps": [ + "ghcr.io/fluxcd/helm-controller", + "ghcr.io/fluxcd/image-automation-controller", + "ghcr.io/fluxcd/image-reflector-controller", + "ghcr.io/fluxcd/kustomize-controller", + "ghcr.io/fluxcd/notification-controller", + "ghcr.io/fluxcd/source-controller" + ], + "regexManagers": [ + { + "fileMatch": [ + "flux/cluster/crds/traefik/.+\\.ya?ml$" + ], + "matchStrings": [ + "registryUrl=(?.*?) chart=(?.*?)\n *tag: v(?.*)\n" + ], + "datasourceTemplate": "helm" + }, + { + "fileMatch": [ + "flux/cluster/crds/external-secrets/.+\\.ya?ml$" + ], + "matchStrings": [ + "registryUrl=(?.*?) chart=(?.*?)\n *tag: helm-chart-(?.*)\n" + ], + "datasourceTemplate": "helm" + }, + ] + }; diff --git a/flux/olympus/core/namespaces/kustomization.yaml b/flux/olympus/core/namespaces/kustomization.yaml index 89c93b95..be604cf1 100644 --- a/flux/olympus/core/namespaces/kustomization.yaml +++ b/flux/olympus/core/namespaces/kustomization.yaml @@ -3,3 +3,4 @@ kind: Kustomization resources: - websites.yaml - security.yaml + - services.yaml diff --git a/flux/olympus/core/namespaces/services.yaml b/flux/olympus/core/namespaces/services.yaml new file mode 100644 index 00000000..62bcfaf7 --- /dev/null +++ b/flux/olympus/core/namespaces/services.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: services diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index 5ddf8b2c..7b52b15f 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -11,7 +11,11 @@ in { home.homeDirectory = "/home/victor"; home.stateVersion = "23.05"; - imports = [ ./dconf.nix ./theme.nix ./neovim.nix ]; + imports = [ + ./dconf.nix + ./theme.nix + # ./neovim.nix + ]; home.packages = with pkgs; [ btop diff --git a/nixos/hosts/thalassa/aoife/home/neovim.nix b/nixos/hosts/thalassa/aoife/home/neovim.nix index d12dda77..67f71954 100644 --- a/nixos/hosts/thalassa/aoife/home/neovim.nix +++ b/nixos/hosts/thalassa/aoife/home/neovim.nix @@ -44,6 +44,7 @@ lsp = { enable = true; servers.rust-analyzer.enable = true; + servers.sumneko_lua.enable = false; servers.rnix-lsp.enable = true; servers.pyright.enable = true; servers.elixirls.enable = true; -- 2.47.1 From 9f38a0944fce9e9bb708b538009ace44813d121f Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 19 Jan 2023 12:50:12 +0100 Subject: [PATCH 0640/1882] flux: renovate: fix config namespace --- .../olympus/apps/services/renovate/renovate-infrastructure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/renovate-infrastructure.yaml b/flux/olympus/apps/services/renovate/renovate-infrastructure.yaml index da65c1f8..79b9d57a 100644 --- a/flux/olympus/apps/services/renovate/renovate-infrastructure.yaml +++ b/flux/olympus/apps/services/renovate/renovate-infrastructure.yaml @@ -49,7 +49,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: renovate-config - namespace: gitops + namespace: services data: config.js: |- module.exports = { -- 2.47.1 From d41450eda0f92efc74de6a9698f5b9c3ee1083b1 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 19 Jan 2023 12:51:25 +0100 Subject: [PATCH 0641/1882] split up renovate config --- .../apps/services/renovate/config.yaml | 66 +++++++++++++++++ .../renovate/renovate-infrastructure.yaml | 71 +------------------ 2 files changed, 68 insertions(+), 69 deletions(-) create mode 100644 flux/olympus/apps/services/renovate/config.yaml diff --git a/flux/olympus/apps/services/renovate/config.yaml b/flux/olympus/apps/services/renovate/config.yaml new file mode 100644 index 00000000..af8bde82 --- /dev/null +++ b/flux/olympus/apps/services/renovate/config.yaml @@ -0,0 +1,66 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: renovate + namespace: services +data: + config.js: |- + module.exports = { + "binarySource": "install", + "repositories": ["v/infrastructure"], + "flux": { + "fileMatch": ["flux/.+\\.ya?ml$"] + }, + "helm-values": { + "fileMatch": ["flux/.+\\.ya?ml$"] + }, + "kubernetes": { + "fileMatch": ["flux/.+\\.ya?ml$"] + }, + "hostRules": [ + { + "hostType": "docker", + "matchHost": "ghcr.io", + "username": "NULLx76", + "password": process.env.GITHUB_COM_TOKEN + } + ], + "packageRules": [ + { + "automerge": true, + "automergeType": "branch", + "matchPackageNames": [ + "renovate/renovate" + ] + } + ], + // ignore individual fluxcd images + "ignoreDeps": [ + "ghcr.io/fluxcd/helm-controller", + "ghcr.io/fluxcd/image-automation-controller", + "ghcr.io/fluxcd/image-reflector-controller", + "ghcr.io/fluxcd/kustomize-controller", + "ghcr.io/fluxcd/notification-controller", + "ghcr.io/fluxcd/source-controller" + ], + "regexManagers": [ + { + "fileMatch": [ + "flux/cluster/crds/traefik/.+\\.ya?ml$" + ], + "matchStrings": [ + "registryUrl=(?.*?) chart=(?.*?)\n *tag: v(?.*)\n" + ], + "datasourceTemplate": "helm" + }, + { + "fileMatch": [ + "flux/cluster/crds/external-secrets/.+\\.ya?ml$" + ], + "matchStrings": [ + "registryUrl=(?.*?) chart=(?.*?)\n *tag: helm-chart-(?.*)\n" + ], + "datasourceTemplate": "helm" + }, + ] + }; diff --git a/flux/olympus/apps/services/renovate/renovate-infrastructure.yaml b/flux/olympus/apps/services/renovate/renovate-infrastructure.yaml index 79b9d57a..f29f4a1e 100644 --- a/flux/olympus/apps/services/renovate/renovate-infrastructure.yaml +++ b/flux/olympus/apps/services/renovate/renovate-infrastructure.yaml @@ -2,7 +2,7 @@ apiVersion: batch/v1 kind: CronJob metadata: - name: renovate-infrastructure + name: renovate namespace: services spec: schedule: "@hourly" @@ -14,7 +14,7 @@ spec: volumes: - name: config-volume configMap: - name: renovate-config + name: renovate - name: work-volume emptyDir: {} containers: @@ -44,70 +44,3 @@ spec: - secretRef: name: renovate restartPolicy: Never ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: renovate-config - namespace: services -data: - config.js: |- - module.exports = { - "binarySource": "install", - "repositories": ["v/infrastructure"], - "flux": { - "fileMatch": ["flux/.+\\.ya?ml$"] - }, - "helm-values": { - "fileMatch": ["flux/.+\\.ya?ml$"] - }, - "kubernetes": { - "fileMatch": ["flux/.+\\.ya?ml$"] - }, - "hostRules": [ - { - "hostType": "docker", - "matchHost": "ghcr.io", - "username": "NULLx76", - "password": process.env.GITHUB_COM_TOKEN - } - ], - "packageRules": [ - { - "automerge": true, - "automergeType": "branch", - "matchPackageNames": [ - "renovate/renovate" - ] - } - ], - // ignore individual fluxcd images - "ignoreDeps": [ - "ghcr.io/fluxcd/helm-controller", - "ghcr.io/fluxcd/image-automation-controller", - "ghcr.io/fluxcd/image-reflector-controller", - "ghcr.io/fluxcd/kustomize-controller", - "ghcr.io/fluxcd/notification-controller", - "ghcr.io/fluxcd/source-controller" - ], - "regexManagers": [ - { - "fileMatch": [ - "flux/cluster/crds/traefik/.+\\.ya?ml$" - ], - "matchStrings": [ - "registryUrl=(?.*?) chart=(?.*?)\n *tag: v(?.*)\n" - ], - "datasourceTemplate": "helm" - }, - { - "fileMatch": [ - "flux/cluster/crds/external-secrets/.+\\.ya?ml$" - ], - "matchStrings": [ - "registryUrl=(?.*?) chart=(?.*?)\n *tag: helm-chart-(?.*)\n" - ], - "datasourceTemplate": "helm" - }, - ] - }; -- 2.47.1 From 15c895ef568e80414eba5f6292d575f57cec5176 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 19 Jan 2023 12:54:39 +0100 Subject: [PATCH 0642/1882] fix naming --- .../renovate/{renovate-infrastructure.yaml => cronjob.yaml} | 0 flux/olympus/apps/services/renovate/kustomization.yaml | 3 ++- 2 files changed, 2 insertions(+), 1 deletion(-) rename flux/olympus/apps/services/renovate/{renovate-infrastructure.yaml => cronjob.yaml} (100%) diff --git a/flux/olympus/apps/services/renovate/renovate-infrastructure.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml similarity index 100% rename from flux/olympus/apps/services/renovate/renovate-infrastructure.yaml rename to flux/olympus/apps/services/renovate/cronjob.yaml diff --git a/flux/olympus/apps/services/renovate/kustomization.yaml b/flux/olympus/apps/services/renovate/kustomization.yaml index 215e80bc..74e8575d 100644 --- a/flux/olympus/apps/services/renovate/kustomization.yaml +++ b/flux/olympus/apps/services/renovate/kustomization.yaml @@ -2,4 +2,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - external-secret.yaml - - renovate-infrastructure.yaml + - config.yaml + - cronjob.yaml -- 2.47.1 From 075418a7d67bbd3f84deb7536a95fa844ea8dcf8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 19 Jan 2023 12:05:37 +0000 Subject: [PATCH 0643/1882] chore(deps): update dependency fluxcd/flux2 to v0.38.3 --- .../base/flux-system/gotk-components.yaml | 2794 ++++++++--------- .../base/flux-system/gotk-components.yaml | 58 +- 2 files changed, 1408 insertions(+), 1444 deletions(-) diff --git a/flux/old_cluster/base/flux-system/gotk-components.yaml b/flux/old_cluster/base/flux-system/gotk-components.yaml index cfab466b..fc34702a 100644 --- a/flux/old_cluster/base/flux-system/gotk-components.yaml +++ b/flux/old_cluster/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.31.5 +# Flux Version: v0.38.3 # Components: source-controller,kustomize-controller,helm-controller,notification-controller,image-reflector-controller,image-automation-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -17,12 +17,13 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.8.0 creationTimestamp: null labels: + app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -93,6 +94,7 @@ spec: - ImageRepository - ImagePolicy - ImageUpdateAutomation + - OCIRepository type: string matchLabels: additionalProperties: @@ -153,13 +155,12 @@ spec: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition @@ -224,6 +225,210 @@ spec: type: object type: object served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: Alert is the Schema for the alerts API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AlertSpec defines an alerting rule for events involving a + list of objects. + properties: + eventSeverity: + default: info + description: EventSeverity specifies how to filter events based on + severity. If set to 'info' no events will be filtered. + enum: + - info + - error + type: string + eventSources: + description: EventSources specifies how to filter events based on + the involved object kind, name and namespace. + items: + description: CrossNamespaceObjectReference contains enough information + to let you locate the typed referenced object at cluster level + properties: + apiVersion: + description: API version of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - Bucket + - GitRepository + - Kustomization + - HelmRelease + - HelmChart + - HelmRepository + - ImageRepository + - ImagePolicy + - ImageUpdateAutomation + - OCIRepository + type: string + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + name: + description: Name of the referent. + maxLength: 53 + minLength: 1 + type: string + namespace: + description: Namespace of the referent. + maxLength: 53 + minLength: 1 + type: string + required: + - name + type: object + type: array + exclusionList: + description: ExclusionList specifies a list of Golang regular expressions + to be used for excluding messages. + items: + type: string + type: array + providerRef: + description: ProviderRef specifies which Provider this Alert should + use. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + summary: + description: Summary holds a short description of the impact and affected + cluster. + maxLength: 255 + type: string + suspend: + description: Suspend tells the controller to suspend subsequent events + handling for this Alert. + type: boolean + required: + - eventSources + - providerRef + type: object + status: + default: + observedGeneration: -1 + description: AlertStatus defines the observed state of the Alert. + properties: + conditions: + description: Conditions holds the conditions for the Alert. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + type: object + type: object + served: true storage: true subresources: status: {} @@ -238,12 +443,13 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.8.0 creationTimestamp: null labels: + app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -405,13 +611,12 @@ spec: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition @@ -568,6 +773,7 @@ spec: type: boolean interval: description: Interval at which to check the Endpoint for updates. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string provider: default: generic @@ -600,6 +806,7 @@ spec: timeout: default: 60s description: Timeout for fetch operations, defaults to 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string required: - bucketName @@ -622,6 +829,11 @@ spec: the last update of the Artifact. format: date-time type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object path: description: Path is the relative file path of the Artifact. It can be used to locate the file in the root of the Artifact storage @@ -652,13 +864,12 @@ spec: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition @@ -726,6 +937,10 @@ spec: the Bucket object. format: int64 type: integer + observedIgnore: + description: ObservedIgnore is the observed exclusion patterns used + for constructing the source artifact. + type: string url: description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact @@ -748,12 +963,13 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.8.0 creationTimestamp: null labels: + app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -917,7 +1133,7 @@ spec: type: string url: description: The repository URL, can be a HTTP/S or SSH address. - pattern: ^(http|https|ssh):// + pattern: ^(http|https|ssh)://.*$ type: string verify: description: Verify OpenPGP signature for the Git commit HEAD points @@ -984,13 +1200,12 @@ spec: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition @@ -1161,9 +1376,10 @@ spec: type: object gitImplementation: default: go-git - description: GitImplementation specifies which Git client library - implementation to use. Defaults to 'go-git', valid values are ('go-git', - 'libgit2'). + description: 'GitImplementation specifies which Git client library + implementation to use. Defaults to ''go-git'', valid values are + (''go-git'', ''libgit2''). Deprecated: gitImplementation is deprecated + now that ''go-git'' is the only supported implementation.' enum: - go-git - libgit2 @@ -1206,6 +1422,7 @@ spec: type: array interval: description: Interval at which to check the GitRepository for updates. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string recurseSubmodules: description: RecurseSubmodules enables the initialization of all submodules @@ -1257,11 +1474,12 @@ spec: default: 60s description: Timeout for Git operations like cloning, defaults to 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string url: description: URL specifies the Git repository URL, it can be an HTTP/S or SSH address. - pattern: ^(http|https|ssh):// + pattern: ^(http|https|ssh)://.*$ type: string verify: description: Verification specifies the configuration to verify the @@ -1307,6 +1525,11 @@ spec: the last update of the Artifact. format: date-time type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object path: description: Path is the relative file path of the Artifact. It can be used to locate the file in the root of the Artifact storage @@ -1337,13 +1560,12 @@ spec: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition @@ -1402,13 +1624,14 @@ spec: type: object type: array contentConfigChecksum: - description: 'ContentConfigChecksum is a checksum of all the configurations - related to the content of the source artifact: - .spec.ignore - - .spec.recurseSubmodules - .spec.included and the checksum of the + description: "ContentConfigChecksum is a checksum of all the configurations + related to the content of the source artifact: - .spec.ignore - + .spec.recurseSubmodules - .spec.included and the checksum of the included artifacts observed in .status.observedGeneration version of the object. This can be used to determine if the content of the included repository has changed. It has the format of `:`, - for example: `sha256:`.' + for example: `sha256:`. \n Deprecated: Replaced with explicit + fields for observed artifact content config in the status." type: string includedArtifacts: description: IncludedArtifacts contains a list of the last successfully @@ -1425,6 +1648,12 @@ spec: the last update of the Artifact. format: date-time type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI + annotations. + type: object path: description: Path is the relative file path of the Artifact. It can be used to locate the file in the root of the Artifact @@ -1461,6 +1690,44 @@ spec: the GitRepository object. format: int64 type: integer + observedIgnore: + description: ObservedIgnore is the observed exclusion patterns used + for constructing the source artifact. + type: string + observedInclude: + description: ObservedInclude is the observed list of GitRepository + resources used to to produce the current Artifact. + items: + description: GitRepositoryInclude specifies a local reference to + a GitRepository which Artifact (sub-)contents must be included, + and where they should be placed. + properties: + fromPath: + description: FromPath specifies the path to copy contents from, + defaults to the root of the Artifact. + type: string + repository: + description: GitRepositoryRef specifies the GitRepository which + Artifact contents must be included. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + toPath: + description: ToPath specifies the path to copy contents to, + defaults to the name of the GitRepositoryRef. + type: string + required: + - repository + type: object + type: array + observedRecurseSubmodules: + description: ObservedRecurseSubmodules is the observed resource submodules + configuration used to produce the current Artifact. + type: boolean url: description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, and using the precise GitRepositoryStatus.Artifact @@ -1483,12 +1750,13 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.8.0 creationTimestamp: null labels: + app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1675,13 +1943,12 @@ spec: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition @@ -1834,6 +2101,7 @@ spec: interval: description: Interval is the interval at which to check the Source for updates. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string reconcileStrategy: default: ChartVersion @@ -1887,6 +2155,34 @@ spec: items: type: string type: array + verify: + description: Verify contains the secret name containing the trusted + public keys used to verify the signature and specifies which provider + to use to check whether OCI image is authentic. This field is only + supported when using HelmRepository source with spec.type 'oci'. + Chart dependencies, which are not bundled in the umbrella chart + artifact, are not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to sign the + OCI Artifact. + enum: + - cosign + type: string + secretRef: + description: SecretRef specifies the Kubernetes Secret containing + the trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object version: default: '*' description: Version is the chart version semver expression, ignored @@ -1915,6 +2211,11 @@ spec: the last update of the Artifact. format: date-time type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object path: description: Path is the relative file path of the Artifact. It can be used to locate the file in the root of the Artifact storage @@ -1945,13 +2246,12 @@ spec: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition @@ -2049,12 +2349,13 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.8.0 creationTimestamp: null labels: + app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -2112,6 +2413,7 @@ spec: interval: description: Interval at which to check the v1beta2.Source for updates. Defaults to 'HelmReleaseSpec.Interval'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string reconcileStrategy: default: ChartVersion @@ -2166,6 +2468,34 @@ spec: items: type: string type: array + verify: + description: Verify contains the secret name containing the + trusted public keys used to verify the signature and specifies + which provider to use to check whether OCI image is authentic. + This field is only supported for OCI sources. Chart dependencies, + which are not bundled in the umbrella chart artifact, are + not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to + sign the OCI Helm chart. + enum: + - cosign + type: string + secretRef: + description: SecretRef specifies the Kubernetes Secret + containing the trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object version: default: '*' description: Version semver expression, ignored for charts @@ -2279,10 +2609,12 @@ spec: description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) during the performance of a Helm install action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object interval: description: Interval at which to reconcile the Helm release. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string kubeConfig: description: KubeConfig for reconciling the HelmRelease on a remote @@ -2554,6 +2886,7 @@ spec: description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) during the performance of a Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object serviceAccountName: @@ -2595,12 +2928,14 @@ spec: description: Timeout is the time to wait for any individual Kubernetes operation during the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object timeout: description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) during the performance of a Helm action. Defaults to '5m0s'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string uninstall: description: Uninstall holds the configuration for Helm uninstall @@ -2622,6 +2957,7 @@ spec: description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) during the performance of a Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object upgrade: @@ -2708,6 +3044,7 @@ spec: description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) during the performance of a Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object values: @@ -2746,10 +3083,16 @@ spec: should be merged at. When set, the ValuesKey is expected to be a single flat value. Defaults to 'None', which results in the values getting merged at the root. + maxLength: 250 + pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ type: string valuesKey: description: ValuesKey is the data key where the values.yaml or a specific value can be found at. Defaults to 'values.yaml'. + When set, must be a valid Data Key, consisting of alphanumeric + characters, '-', '_' or '.'. + maxLength: 253 + pattern: ^[\-._a-zA-Z0-9]+$ type: string required: - kind @@ -2771,13 +3114,12 @@ spec: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition @@ -2896,12 +3238,13 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.8.0 creationTimestamp: null labels: + app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3051,13 +3394,12 @@ spec: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition @@ -3197,6 +3539,7 @@ spec: type: object interval: description: Interval at which to check the URL for updates. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string passCredentials: description: PassCredentials allows the credentials from the SecretRef @@ -3206,6 +3549,18 @@ spec: be done with caution, as it can potentially result in credentials getting stolen in a MITM-attack. type: boolean + provider: + default: generic + description: Provider used for authentication, can be 'aws', 'azure', + 'gcp' or 'generic'. This field is optional, and only taken into + account if the .spec.type field is set to 'oci'. When not specified, + defaults to 'generic'. + enum: + - generic + - aws + - azure + - gcp + type: string secretRef: description: SecretRef specifies the Secret containing authentication credentials for the HelmRepository. For HTTP/S basic auth the secret @@ -3224,7 +3579,10 @@ spec: type: boolean timeout: default: 60s - description: Timeout of the index fetch operation, defaults to 60s. + description: Timeout is used for the index fetch operation for an + HTTPS helm repository, and for remote OCI Repository operations + like pulling for an OCI helm repository. Its default value is 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string type: description: Type of the HelmRepository. When this field is set to "oci", @@ -3258,6 +3616,11 @@ spec: the last update of the Artifact. format: date-time type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object path: description: Path is the relative file path of the Artifact. It can be used to locate the file in the root of the Artifact storage @@ -3288,13 +3651,12 @@ spec: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition @@ -3384,12 +3746,13 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.8.0 creationTimestamp: null labels: + app.kubernetes.io/component: image-reflector-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: imagepolicies.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3400,378 +3763,6 @@ spec: singular: imagepolicy scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.latestImage - name: LatestImage - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ImagePolicy is the Schema for the imagepolicies API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ImagePolicySpec defines the parameters for calculating the - ImagePolicy - properties: - filterTags: - description: FilterTags enables filtering for only a subset of tags - based on a set of rules. If no rules are provided, all the tags - from the repository will be ordered and compared. - properties: - extract: - description: Extract allows a capture group to be extracted from - the specified regular expression pattern, useful before tag - evaluation. - type: string - pattern: - description: Pattern specifies a regular expression pattern used - to filter for image tags. - type: string - type: object - imageRepositoryRef: - description: ImageRepositoryRef points at the object specifying the - image being scanned - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - policy: - description: Policy gives the particulars of the policy to be followed - in selecting the most recent image - properties: - alphabetical: - description: Alphabetical set of rules to use for alphabetical - ordering of the tags. - properties: - order: - default: asc - description: Order specifies the sorting order of the tags. - Given the letters of the alphabet as tags, ascending order - would select Z, and descending order would select A. - enum: - - asc - - desc - type: string - type: object - numerical: - description: Numerical set of rules to use for numerical ordering - of the tags. - properties: - order: - default: asc - description: Order specifies the sorting order of the tags. - Given the integer values from 0 to 9 as tags, ascending - order would select 9, and descending order would select - 0. - enum: - - asc - - desc - type: string - type: object - semver: - description: SemVer gives a semantic version range to check against - the tags available. - properties: - range: - description: Range gives a semver range for the image tag; - the highest version within the range that's a tag yields - the latest image. - type: string - required: - - range - type: object - type: object - required: - - imageRepositoryRef - - policy - type: object - status: - description: ImagePolicyStatus defines the observed state of ImagePolicy - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - latestImage: - description: LatestImage gives the first in the list of images scanned - by the image repository, when filtered and ordered according to - the policy. - type: string - observedGeneration: - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.latestImage - name: LatestImage - type: string - name: v1alpha2 - schema: - openAPIV3Schema: - description: ImagePolicy is the Schema for the imagepolicies API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ImagePolicySpec defines the parameters for calculating the - ImagePolicy - properties: - filterTags: - description: FilterTags enables filtering for only a subset of tags - based on a set of rules. If no rules are provided, all the tags - from the repository will be ordered and compared. - properties: - extract: - description: Extract allows a capture group to be extracted from - the specified regular expression pattern, useful before tag - evaluation. - type: string - pattern: - description: Pattern specifies a regular expression pattern used - to filter for image tags. - type: string - type: object - imageRepositoryRef: - description: ImageRepositoryRef points at the object specifying the - image being scanned - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - policy: - description: Policy gives the particulars of the policy to be followed - in selecting the most recent image - properties: - alphabetical: - description: Alphabetical set of rules to use for alphabetical - ordering of the tags. - properties: - order: - default: asc - description: Order specifies the sorting order of the tags. - Given the letters of the alphabet as tags, ascending order - would select Z, and descending order would select A. - enum: - - asc - - desc - type: string - type: object - numerical: - description: Numerical set of rules to use for numerical ordering - of the tags. - properties: - order: - default: asc - description: Order specifies the sorting order of the tags. - Given the integer values from 0 to 9 as tags, ascending - order would select 9, and descending order would select - 0. - enum: - - asc - - desc - type: string - type: object - semver: - description: SemVer gives a semantic version range to check against - the tags available. - properties: - range: - description: Range gives a semver range for the image tag; - the highest version within the range that's a tag yields - the latest image. - type: string - required: - - range - type: object - type: object - required: - - imageRepositoryRef - - policy - type: object - status: - description: ImagePolicyStatus defines the observed state of ImagePolicy - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - latestImage: - description: LatestImage gives the first in the list of images scanned - by the image repository, when filtered and ordered according to - the policy. - type: string - observedGeneration: - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - additionalPrinterColumns: - jsonPath: .status.latestImage name: LatestImage @@ -3886,13 +3877,12 @@ spec: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition @@ -3975,12 +3965,13 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.8.0 creationTimestamp: null labels: + app.kubernetes.io/component: image-reflector-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: imagerepositories.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3991,352 +3982,6 @@ spec: singular: imagerepository scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.lastScanResult.scanTime - name: Last scan - type: string - - jsonPath: .status.lastScanResult.tagCount - name: Tags - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ImageRepository is the Schema for the imagerepositories API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ImageRepositorySpec defines the parameters for scanning an - image repository, e.g., `fluxcd/flux`. - properties: - certSecretRef: - description: "CertSecretRef can be given the name of a secret containing - either or both of \n - a PEM-encoded client certificate (`certFile`) - and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) - \n and whichever are supplied, will be used for connecting to the - \ registry. The client cert and key are useful if you are authenticating - with a certificate; the CA cert is useful if you are using a self-signed - server certificate." - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - image: - description: Image is the name of the image repository - type: string - interval: - description: Interval is the length of time to wait between scans - of the image repository. - type: string - secretRef: - description: SecretRef can be given the name of a secret containing - credentials to use for the image registry. The secret should be - created with `kubectl create secret docker-registry`, or the equivalent. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: This flag tells the controller to suspend subsequent - image scans. It does not apply to already started scans. Defaults - to false. - type: boolean - timeout: - description: Timeout for image scanning. Defaults to 'Interval' duration. - type: string - type: object - status: - description: ImageRepositoryStatus defines the observed state of ImageRepository - properties: - canonicalImageName: - description: CanonicalName is the name of the image repository with - all the implied bits made explicit; e.g., `docker.io/library/alpine` - rather than `alpine`. - type: string - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - lastScanResult: - description: LastScanResult contains the number of fetched tags. - properties: - scanTime: - format: date-time - type: string - tagCount: - type: integer - required: - - tagCount - type: object - observedGeneration: - description: ObservedGeneration is the last reconciled generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.lastScanResult.scanTime - name: Last scan - type: string - - jsonPath: .status.lastScanResult.tagCount - name: Tags - type: string - name: v1alpha2 - schema: - openAPIV3Schema: - description: ImageRepository is the Schema for the imagerepositories API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ImageRepositorySpec defines the parameters for scanning an - image repository, e.g., `fluxcd/flux`. - properties: - certSecretRef: - description: "CertSecretRef can be given the name of a secret containing - either or both of \n - a PEM-encoded client certificate (`certFile`) - and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) - \n and whichever are supplied, will be used for connecting to the - \ registry. The client cert and key are useful if you are authenticating - with a certificate; the CA cert is useful if you are using a self-signed - server certificate." - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - image: - description: Image is the name of the image repository - type: string - interval: - description: Interval is the length of time to wait between scans - of the image repository. - type: string - secretRef: - description: SecretRef can be given the name of a secret containing - credentials to use for the image registry. The secret should be - created with `kubectl create secret docker-registry`, or the equivalent. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: This flag tells the controller to suspend subsequent - image scans. It does not apply to already started scans. Defaults - to false. - type: boolean - timeout: - description: Timeout for image scanning. Defaults to 'Interval' duration. - type: string - type: object - status: - description: ImageRepositoryStatus defines the observed state of ImageRepository - properties: - canonicalImageName: - description: CanonicalName is the name of the image repository with - all the implied bits made explicit; e.g., `docker.io/library/alpine` - rather than `alpine`. - type: string - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - lastScanResult: - description: LastScanResult contains the number of fetched tags. - properties: - scanTime: - format: date-time - type: string - tagCount: - type: integer - required: - - tagCount - type: object - observedGeneration: - description: ObservedGeneration is the last reconciled generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - additionalPrinterColumns: - jsonPath: .status.lastScanResult.scanTime name: Last scan @@ -4395,11 +4040,11 @@ spec: type: object certSecretRef: description: "CertSecretRef can be given the name of a secret containing - either or both of \n - a PEM-encoded client certificate (`certFile`) - and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) - \n and whichever are supplied, will be used for connecting to the - \ registry. The client cert and key are useful if you are authenticating - with a certificate; the CA cert is useful if you are using a self-signed + either or both of \n - a PEM-encoded client certificate (`certFile`) + and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) + \n and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are authenticating + with a certificate; the CA cert is useful if you are using a self-signed server certificate." properties: name: @@ -4420,6 +4065,7 @@ spec: interval: description: Interval is the length of time to wait between scans of the image repository. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string secretRef: description: SecretRef can be given the name of a secret containing @@ -4436,6 +4082,7 @@ spec: description: ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate the image pull if the service account has attached pull secrets. + maxLength: 253 type: string suspend: description: This flag tells the controller to suspend subsequent @@ -4444,6 +4091,7 @@ spec: type: boolean timeout: description: Timeout for image scanning. Defaults to 'Interval' duration. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string type: object status: @@ -4461,13 +4109,12 @@ spec: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition @@ -4562,12 +4209,13 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.8.0 creationTimestamp: null labels: + app.kubernetes.io/component: image-automation-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: imageupdateautomations.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -4578,510 +4226,6 @@ spec: singular: imageupdateautomation scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.lastAutomationRunTime - name: Last run - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ImageUpdateAutomation is the Schema for the imageupdateautomations - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ImageUpdateAutomationSpec defines the desired state of ImageUpdateAutomation - properties: - checkout: - description: Checkout gives the parameters for cloning the git repository, - ready to make changes. - properties: - branch: - description: Branch gives the branch to clone from the git repository. - If `.spec.push` is not supplied, commits will also be pushed - to this branch. - type: string - gitRepositoryRef: - description: GitRepositoryRef refers to the resource giving access - details to a git repository to update files in. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - branch - - gitRepositoryRef - type: object - commit: - description: Commit specifies how to commit to the git repository. - properties: - authorEmail: - description: AuthorEmail gives the email to provide when making - a commit - type: string - authorName: - description: AuthorName gives the name to provide when making - a commit - type: string - messageTemplate: - description: MessageTemplate provides a template for the commit - message, into which will be interpolated the details of the - change made. - type: string - signingKey: - description: SigningKey provides the option to sign commits with - a GPG key - properties: - secretRef: - description: SecretRef holds the name to a secret that contains - a 'git.asc' key corresponding to the ASCII Armored file - containing the GPG signing keypair as the value. It must - be in the same namespace as the ImageUpdateAutomation. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - type: object - required: - - authorEmail - - authorName - type: object - interval: - description: Interval gives an lower bound for how often the automation - run should be attempted. - type: string - push: - description: Push specifies how and where to push commits made by - the automation. If missing, commits are pushed (back) to `.spec.checkout.branch`. - properties: - branch: - description: Branch specifies that commits should be pushed to - the branch named. The branch is created using `.spec.checkout.branch` - as the starting point, if it doesn't already exist. - type: string - required: - - branch - type: object - suspend: - description: Suspend tells the controller to not run this automation, - until it is unset (or set to false). Defaults to false. - type: boolean - update: - default: - strategy: Setters - description: Update gives the specification for how to update the - files in the repository. This can be left empty, to use the default - value. - properties: - path: - description: Path to the directory containing the manifests to - be updated. Defaults to 'None', which translates to the root - path of the GitRepositoryRef. - type: string - strategy: - default: Setters - description: Strategy names the strategy to be used. - enum: - - Setters - type: string - required: - - strategy - type: object - required: - - checkout - - commit - - interval - type: object - status: - description: ImageUpdateAutomationStatus defines the observed state of - ImageUpdateAutomation - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastAutomationRunTime: - description: LastAutomationRunTime records the last time the controller - ran this automation through to completion (even if no updates were - made). - format: date-time - type: string - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - lastPushCommit: - description: LastPushCommit records the SHA1 of the last commit made - by the controller, for this automation object - type: string - lastPushTime: - description: LastPushTime records the time of the last pushed change. - format: date-time - type: string - observedGeneration: - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.lastAutomationRunTime - name: Last run - type: string - name: v1alpha2 - schema: - openAPIV3Schema: - description: ImageUpdateAutomation is the Schema for the imageupdateautomations - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ImageUpdateAutomationSpec defines the desired state of ImageUpdateAutomation - properties: - git: - description: GitSpec contains all the git-specific definitions. This - is technically optional, but in practice mandatory until there are - other kinds of source allowed. - properties: - checkout: - description: Checkout gives the parameters for cloning the git - repository, ready to make changes. If not present, the `spec.ref` - field from the referenced `GitRepository` or its default will - be used. - properties: - ref: - description: Reference gives a branch, tag or commit to clone - from the Git repository. - properties: - branch: - description: The Git branch to checkout, defaults to master. - type: string - commit: - description: The Git commit SHA to checkout, if specified - Tag filters will be ignored. - type: string - semver: - description: The Git tag semver expression, takes precedence - over Tag. - type: string - tag: - description: The Git tag to checkout, takes precedence - over Branch. - type: string - type: object - required: - - ref - type: object - commit: - description: Commit specifies how to commit to the git repository. - properties: - author: - description: Author gives the email and optionally the name - to use as the author of commits. - properties: - email: - description: Email gives the email to provide when making - a commit. - type: string - name: - description: Name gives the name to provide when making - a commit. - type: string - required: - - email - type: object - messageTemplate: - description: MessageTemplate provides a template for the commit - message, into which will be interpolated the details of - the change made. - type: string - signingKey: - description: SigningKey provides the option to sign commits - with a GPG key - properties: - secretRef: - description: SecretRef holds the name to a secret that - contains a 'git.asc' key corresponding to the ASCII - Armored file containing the GPG signing keypair as the - value. It must be in the same namespace as the ImageUpdateAutomation. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - type: object - required: - - author - type: object - push: - description: Push specifies how and where to push commits made - by the automation. If missing, commits are pushed (back) to - `.spec.checkout.branch` or its default. - properties: - branch: - description: Branch specifies that commits should be pushed - to the branch named. The branch is created using `.spec.checkout.branch` - as the starting point, if it doesn't already exist. - type: string - required: - - branch - type: object - required: - - commit - type: object - interval: - description: Interval gives an lower bound for how often the automation - run should be attempted. - type: string - sourceRef: - description: SourceRef refers to the resource giving access details - to a git repository. - properties: - apiVersion: - description: API version of the referent - type: string - kind: - default: GitRepository - description: Kind of the referent - enum: - - GitRepository - type: string - name: - description: Name of the referent - type: string - required: - - kind - - name - type: object - suspend: - description: Suspend tells the controller to not run this automation, - until it is unset (or set to false). Defaults to false. - type: boolean - update: - default: - strategy: Setters - description: Update gives the specification for how to update the - files in the repository. This can be left empty, to use the default - value. - properties: - path: - description: Path to the directory containing the manifests to - be updated. Defaults to 'None', which translates to the root - path of the GitRepositoryRef. - type: string - strategy: - default: Setters - description: Strategy names the strategy to be used. - enum: - - Setters - type: string - required: - - strategy - type: object - required: - - interval - - sourceRef - type: object - status: - description: ImageUpdateAutomationStatus defines the observed state of - ImageUpdateAutomation - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastAutomationRunTime: - description: LastAutomationRunTime records the last time the controller - ran this automation through to completion (even if no updates were - made). - format: date-time - type: string - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - lastPushCommit: - description: LastPushCommit records the SHA1 of the last commit made - by the controller, for this automation object - type: string - lastPushTime: - description: LastPushTime records the time of the last pushed change. - format: date-time - type: string - observedGeneration: - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - additionalPrinterColumns: - jsonPath: .status.lastAutomationRunTime name: Last run @@ -5208,6 +4352,7 @@ spec: interval: description: Interval gives an lower bound for how often the automation run should be attempted. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string sourceRef: description: SourceRef refers to the resource giving access details @@ -5273,13 +4418,12 @@ spec: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition @@ -5376,12 +4520,13 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.8.0 creationTimestamp: null labels: + app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -5817,13 +4962,12 @@ spec: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition @@ -5963,6 +5107,12 @@ spec: description: KustomizationSpec defines the configuration to calculate the desired state from a Source using Kustomize. properties: + components: + description: Components specifies relative paths to specifications + of other Components + items: + type: string + type: array decryption: description: Decrypt Kubernetes secrets before applying them on the cluster. @@ -6064,6 +5214,7 @@ spec: type: array interval: description: The interval at which to reconcile the Kustomization. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string kubeConfig: description: The KubeConfig for reconciling the Kustomization on a @@ -6076,12 +5227,12 @@ spec: secretRef: description: SecretRef holds the name of a secret that contains a key with the kubeconfig file as the value. If no key is set, - the key will default to 'value'. The secret must be in the same - namespace as the Kustomization. It is recommended that the kubeconfig - is self-contained, and the secret is regularly updated if credentials - such as a cloud-access-token expire. Cloud specific `cmd-path` - auth helpers will not function without adding binaries and credentials - to the Pod that is responsible for reconciling the Kustomization. + the key will default to 'value'. It is recommended that the + kubeconfig is self-contained, and the secret is regularly updated + if credentials such as a cloud-access-token expire. Cloud specific + `cmd-path` auth helpers will not function without adding binaries + and credentials to the Pod that is responsible for reconciling + Kubernetes resources. properties: key: description: Key in the Secret, when not specified an implementation-specific @@ -6093,6 +5244,8 @@ spec: required: - name type: object + required: + - secretRef type: object patches: description: Strategic merge and JSON patches, defined as inline YAML @@ -6303,6 +5456,7 @@ spec: description: The interval at which to retry a previously failed reconciliation. When not specified, the controller uses the KustomizationSpec.Interval value to retry failures. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string serviceAccountName: description: The name of the Kubernetes service account to impersonate @@ -6318,6 +5472,7 @@ spec: kind: description: Kind of the referent. enum: + - OCIRepository - GitRepository - Bucket type: string @@ -6346,6 +5501,7 @@ spec: timeout: description: Timeout for validation, apply and health checking operations. Defaults to 'Interval' duration. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string validation: description: 'Deprecated: Not used in v1beta2.' @@ -6374,13 +5530,12 @@ spec: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition @@ -6498,12 +5653,378 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.8.0 creationTimestamp: null labels: + app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 + name: ocirepositories.source.toolkit.fluxcd.io +spec: + group: source.toolkit.fluxcd.io + names: + kind: OCIRepository + listKind: OCIRepositoryList + plural: ocirepositories + shortNames: + - ocirepo + singular: ocirepository + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + description: OCIRepository is the Schema for the ocirepositories API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OCIRepositorySpec defines the desired state of OCIRepository + properties: + certSecretRef: + description: "CertSecretRef can be given the name of a secret containing + either or both of \n - a PEM-encoded client certificate (`certFile`) + and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) + \n and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are authenticating + with a certificate; the CA cert is useful if you are using a self-signed + server certificate." + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + ignore: + description: Ignore overrides the set of excluded patterns in the + .sourceignore format (which is the same as .gitignore). If not provided, + a default will be used, consult the documentation for your version + to find out what those are. + type: string + insecure: + description: Insecure allows connecting to a non-TLS HTTP container + registry. + type: boolean + interval: + description: The interval at which to check for image updates. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + layerSelector: + description: LayerSelector specifies which layer should be extracted + from the OCI artifact. When not specified, the first layer found + in the artifact is selected. + properties: + mediaType: + description: MediaType specifies the OCI media type of the layer + which should be extracted from the OCI Artifact. The first layer + matching this type is selected. + type: string + operation: + description: Operation specifies how the selected layer should + be processed. By default, the layer compressed content is extracted + to storage. When the operation is set to 'copy', the layer compressed + content is persisted to storage as it is. + enum: + - extract + - copy + type: string + type: object + provider: + default: generic + description: The provider used for authentication, can be 'aws', 'azure', + 'gcp' or 'generic'. When not specified, defaults to 'generic'. + enum: + - generic + - aws + - azure + - gcp + type: string + ref: + description: The OCI reference to pull and monitor for changes, defaults + to the latest tag. + properties: + digest: + description: Digest is the image digest to pull, takes precedence + over SemVer. The value should be in the format 'sha256:'. + type: string + semver: + description: SemVer is the range of tags to pull selecting the + latest within the range, takes precedence over Tag. + type: string + tag: + description: Tag is the image tag to pull, defaults to latest. + type: string + type: object + secretRef: + description: SecretRef contains the secret name containing the registry + login credentials to resolve image metadata. The secret must be + of type kubernetes.io/dockerconfigjson. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + serviceAccountName: + description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount + used to authenticate the image pull if the service account has attached + pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' + type: string + suspend: + description: This flag tells the controller to suspend the reconciliation + of this source. + type: boolean + timeout: + default: 60s + description: The timeout for remote OCI Repository operations like + pulling, defaults to 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + url: + description: URL is a reference to an OCI artifact repository hosted + on a remote container registry. + pattern: ^oci://.*$ + type: string + verify: + description: Verify contains the secret name containing the trusted + public keys used to verify the signature and specifies which provider + to use to check whether OCI image is authentic. + properties: + provider: + default: cosign + description: Provider specifies the technology used to sign the + OCI Artifact. + enum: + - cosign + type: string + secretRef: + description: SecretRef specifies the Kubernetes Secret containing + the trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + required: + - interval + - url + type: object + status: + default: + observedGeneration: -1 + description: OCIRepositoryStatus defines the observed state of OCIRepository + properties: + artifact: + description: Artifact represents the output of the last successful + OCI Repository sync. + properties: + checksum: + description: Checksum is the SHA256 checksum of the Artifact file. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of the Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: Path is the relative file path of the Artifact. It + can be used to locate the file in the root of the Artifact storage + on the local file system of the controller managing the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: URL is the HTTP address of the Artifact as exposed + by the controller managing the Source. It can be used to retrieve + the Artifact for consumption, e.g. by another controller applying + the Artifact contents. + type: string + required: + - path + - url + type: object + conditions: + description: Conditions holds the conditions for the OCIRepository. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + contentConfigChecksum: + description: "ContentConfigChecksum is a checksum of all the configurations + related to the content of the source artifact: - .spec.ignore - + .spec.layerSelector observed in .status.observedGeneration version + of the object. This can be used to determine if the content configuration + has changed and the artifact needs to be rebuilt. It has the format + of `:`, for example: `sha256:`. \n Deprecated: + Replaced with explicit fields for observed artifact content config + in the status." + type: string + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + observedIgnore: + description: ObservedIgnore is the observed exclusion patterns used + for constructing the source artifact. + type: string + observedLayerSelector: + description: ObservedLayerSelector is the observed layer selector + used for constructing the source artifact. + properties: + mediaType: + description: MediaType specifies the OCI media type of the layer + which should be extracted from the OCI Artifact. The first layer + matching this type is selected. + type: string + operation: + description: Operation specifies how the selected layer should + be processed. By default, the layer compressed content is extracted + to storage. When the operation is set to 'copy', the layer compressed + content is persisted to storage as it is. + enum: + - extract + - copy + type: string + type: object + url: + description: URL is the download link for the artifact output of the + last OCI Repository sync. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + labels: + app.kubernetes.io/component: notification-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.38.3 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6579,6 +6100,10 @@ spec: description: This flag tells the controller to suspend subsequent events handling. Defaults to false. type: boolean + timeout: + description: Timeout for sending alerts to the provider. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string type: description: Type of provider enum: @@ -6587,6 +6112,7 @@ spec: - msteams - rocket - generic + - generic-hmac - github - gitlab - bitbucket @@ -6619,13 +6145,12 @@ spec: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition @@ -6690,6 +6215,207 @@ spec: type: object type: object served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: Provider is the Schema for the providers API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ProviderSpec defines the desired state of the Provider. + properties: + address: + description: Address specifies the HTTP/S incoming webhook address + of this Provider. + maxLength: 2048 + pattern: ^(http|https)://.*$ + type: string + certSecretRef: + description: CertSecretRef specifies the Secret containing a PEM-encoded + CA certificate (`caFile`). + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + channel: + description: Channel specifies the destination channel where events + should be posted. + maxLength: 2048 + type: string + interval: + description: Interval at which to reconcile the Provider with its + Secret references. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + proxy: + description: Proxy the HTTP/S address of the proxy server. + maxLength: 2048 + pattern: ^(http|https)://.*$ + type: string + secretRef: + description: SecretRef specifies the Secret containing the authentication + credentials for this Provider. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: Suspend tells the controller to suspend subsequent events + handling for this Provider. + type: boolean + timeout: + description: Timeout for sending alerts to the Provider. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + type: + description: Type specifies which Provider implementation to use. + enum: + - slack + - discord + - msteams + - rocket + - generic + - generic-hmac + - github + - gitlab + - gitea + - bitbucket + - azuredevops + - googlechat + - webex + - sentry + - azureeventhub + - telegram + - lark + - matrix + - opsgenie + - alertmanager + - grafana + - githubdispatch + type: string + username: + description: Username specifies the name under which events are posted. + maxLength: 2048 + type: string + required: + - type + type: object + status: + default: + observedGeneration: -1 + description: ProviderStatus defines the observed state of the Provider. + properties: + conditions: + description: Conditions holds the conditions for the Provider. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last reconciled generation. + format: int64 + type: integer + type: object + type: object + served: true storage: true subresources: status: {} @@ -6704,12 +6430,13 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.8.0 creationTimestamp: null labels: + app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6777,6 +6504,7 @@ spec: - ImageRepository - ImagePolicy - ImageUpdateAutomation + - OCIRepository type: string matchLabels: additionalProperties: @@ -6845,13 +6573,12 @@ spec: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition @@ -6919,6 +6646,226 @@ spec: type: object type: object served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: Receiver is the Schema for the receivers API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ReceiverSpec defines the desired state of the Receiver. + properties: + events: + description: Events specifies the list of event types to handle, e.g. + 'push' for GitHub or 'Push Hook' for GitLab. + items: + type: string + type: array + interval: + description: Interval at which to reconcile the Receiver with its + Secret references. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + resources: + description: A list of resources to be notified about changes. + items: + description: CrossNamespaceObjectReference contains enough information + to let you locate the typed referenced object at cluster level + properties: + apiVersion: + description: API version of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - Bucket + - GitRepository + - Kustomization + - HelmRelease + - HelmChart + - HelmRepository + - ImageRepository + - ImagePolicy + - ImageUpdateAutomation + - OCIRepository + type: string + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + name: + description: Name of the referent. + maxLength: 53 + minLength: 1 + type: string + namespace: + description: Namespace of the referent. + maxLength: 53 + minLength: 1 + type: string + required: + - name + type: object + type: array + secretRef: + description: SecretRef specifies the Secret containing the token used + to validate the payload authenticity. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: Suspend tells the controller to suspend subsequent events + handling for this receiver. + type: boolean + type: + description: Type of webhook sender, used to determine the validation + procedure and payload deserialization. + enum: + - generic + - generic-hmac + - github + - gitlab + - bitbucket + - harbor + - dockerhub + - quay + - gcr + - nexus + - acr + type: string + required: + - resources + - type + type: object + status: + default: + observedGeneration: -1 + description: ReceiverStatus defines the observed state of the Receiver. + properties: + conditions: + description: Conditions holds the conditions for the Receiver. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation of + the Receiver object. + format: int64 + type: integer + url: + description: 'URL is the generated incoming webhook address in the + format of ''/hook/sha256sum(token+name+namespace)''. Deprecated: + Replaced by WebhookPath.' + type: string + webhookPath: + description: WebhookPath is the generated incoming webhook address + in the format of '/hook/sha256sum(token+name+namespace)'. + type: string + type: object + type: object + served: true storage: true subresources: status: {} @@ -6933,9 +6880,10 @@ apiVersion: v1 kind: ServiceAccount metadata: labels: + app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: helm-controller namespace: flux-system --- @@ -6943,9 +6891,10 @@ apiVersion: v1 kind: ServiceAccount metadata: labels: + app.kubernetes.io/component: image-automation-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: image-automation-controller namespace: flux-system --- @@ -6953,9 +6902,10 @@ apiVersion: v1 kind: ServiceAccount metadata: labels: + app.kubernetes.io/component: image-reflector-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: image-reflector-controller namespace: flux-system --- @@ -6963,9 +6913,10 @@ apiVersion: v1 kind: ServiceAccount metadata: labels: + app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: kustomize-controller namespace: flux-system --- @@ -6973,9 +6924,10 @@ apiVersion: v1 kind: ServiceAccount metadata: labels: + app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: notification-controller namespace: flux-system --- @@ -6983,9 +6935,10 @@ apiVersion: v1 kind: ServiceAccount metadata: labels: + app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: source-controller namespace: flux-system --- @@ -6995,7 +6948,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: crd-controller-flux-system rules: - apiGroups: @@ -7085,7 +7038,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -7105,7 +7058,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -7135,9 +7088,10 @@ apiVersion: v1 kind: Service metadata: labels: + app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 control-plane: controller name: notification-controller namespace: flux-system @@ -7155,9 +7109,10 @@ apiVersion: v1 kind: Service metadata: labels: + app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 control-plane: controller name: source-controller namespace: flux-system @@ -7175,9 +7130,10 @@ apiVersion: v1 kind: Service metadata: labels: + app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 control-plane: controller name: webhook-receiver namespace: flux-system @@ -7195,9 +7151,10 @@ apiVersion: apps/v1 kind: Deployment metadata: labels: + app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 control-plane: controller name: helm-controller namespace: flux-system @@ -7226,7 +7183,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.22.2 + image: ghcr.io/fluxcd/helm-controller:v0.28.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7277,9 +7234,10 @@ apiVersion: apps/v1 kind: Deployment metadata: labels: + app.kubernetes.io/component: image-automation-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 control-plane: controller name: image-automation-controller namespace: flux-system @@ -7308,7 +7266,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-automation-controller:v0.23.5 + image: ghcr.io/fluxcd/image-automation-controller:v0.28.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7359,9 +7317,10 @@ apiVersion: apps/v1 kind: Deployment metadata: labels: + app.kubernetes.io/component: image-reflector-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 control-plane: controller name: image-reflector-controller namespace: flux-system @@ -7390,7 +7349,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-reflector-controller:v0.19.4 + image: ghcr.io/fluxcd/image-reflector-controller:v0.23.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7445,9 +7404,10 @@ apiVersion: apps/v1 kind: Deployment metadata: labels: + app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 control-plane: controller name: kustomize-controller namespace: flux-system @@ -7476,7 +7436,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.26.3 + image: ghcr.io/fluxcd/kustomize-controller:v0.32.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7527,9 +7487,10 @@ apiVersion: apps/v1 kind: Deployment metadata: labels: + app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 control-plane: controller name: notification-controller namespace: flux-system @@ -7557,7 +7518,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v0.24.1 + image: ghcr.io/fluxcd/notification-controller:v0.30.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7614,9 +7575,10 @@ apiVersion: apps/v1 kind: Deployment metadata: labels: + app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 control-plane: controller name: source-controller namespace: flux-system @@ -7649,7 +7611,9 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/source-controller:v0.25.11 + - name: TUF_ROOT + value: /tmp/.sigstore + image: ghcr.io/fluxcd/source-controller:v0.33.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7709,7 +7673,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: allow-egress namespace: flux-system spec: @@ -7729,7 +7693,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: allow-scraping namespace: flux-system spec: @@ -7749,7 +7713,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.31.5 + app.kubernetes.io/version: v0.38.3 name: allow-webhooks namespace: flux-system spec: diff --git a/flux/olympus/base/flux-system/gotk-components.yaml b/flux/olympus/base/flux-system/gotk-components.yaml index b317aa52..79576f0f 100644 --- a/flux/olympus/base/flux-system/gotk-components.yaml +++ b/flux/olympus/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.38.2 +# Flux Version: v0.38.3 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -23,7 +23,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -449,7 +449,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -969,7 +969,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1756,7 +1756,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2355,7 +2355,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -3244,7 +3244,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3752,7 +3752,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -4885,7 +4885,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: ocirepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -5250,7 +5250,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5662,7 +5662,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6109,7 +6109,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: helm-controller namespace: flux-system --- @@ -6120,7 +6120,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: kustomize-controller namespace: flux-system --- @@ -6131,7 +6131,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: notification-controller namespace: flux-system --- @@ -6142,7 +6142,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: source-controller namespace: flux-system --- @@ -6152,7 +6152,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: crd-controller-flux-system rules: - apiGroups: @@ -6242,7 +6242,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -6262,7 +6262,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -6295,7 +6295,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 control-plane: controller name: notification-controller namespace: flux-system @@ -6316,7 +6316,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 control-plane: controller name: source-controller namespace: flux-system @@ -6337,7 +6337,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 control-plane: controller name: webhook-receiver namespace: flux-system @@ -6358,7 +6358,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 control-plane: controller name: helm-controller namespace: flux-system @@ -6441,7 +6441,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 control-plane: controller name: kustomize-controller namespace: flux-system @@ -6524,7 +6524,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 control-plane: controller name: notification-controller namespace: flux-system @@ -6612,7 +6612,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 control-plane: controller name: source-controller namespace: flux-system @@ -6707,7 +6707,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: allow-egress namespace: flux-system spec: @@ -6727,7 +6727,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: allow-scraping namespace: flux-system spec: @@ -6747,7 +6747,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.2 + app.kubernetes.io/version: v0.38.3 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From 51c405a2aa81dae722c43d77e1aea976c4017650 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 19 Jan 2023 12:05:42 +0000 Subject: [PATCH 0644/1882] chore(deps): update cachix/cachix-action action to v12 --- .github/workflows/nixos.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index 65b0912f..1cd4a2ca 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -26,7 +26,7 @@ jobs: - name: "Install Nix ❄️" uses: cachix/install-nix-action@v18 - name: "Install Cachix ❄️" - uses: cachix/cachix-action@v11 + uses: cachix/cachix-action@v12 with: name: 0x76-infra authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" @@ -43,7 +43,7 @@ jobs: uses: cachix/install-nix-action@v18 - name: "Install Cachix ❄️" - uses: cachix/cachix-action@v11 + uses: cachix/cachix-action@v12 with: name: 0x76-infra authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" @@ -60,7 +60,7 @@ jobs: uses: cachix/install-nix-action@v18 - name: "Install Cachix ❄️" - uses: cachix/cachix-action@v11 + uses: cachix/cachix-action@v12 with: name: 0x76-infra authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" @@ -91,7 +91,7 @@ jobs: - name: "Install Nix ❄️" uses: cachix/install-nix-action@v18 - name: "Install Cachix ❄️" - uses: cachix/cachix-action@v11 + uses: cachix/cachix-action@v12 with: name: 0x76-infra authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" @@ -124,7 +124,7 @@ jobs: uses: cachix/install-nix-action@v18 - name: "Install Cachix ❄️" - uses: cachix/cachix-action@v11 + uses: cachix/cachix-action@v12 with: name: 0x76-infra authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" -- 2.47.1 From 07f5dd36b1637e8ad3f21ae942092d28faed7312 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 19 Jan 2023 14:14:24 +0100 Subject: [PATCH 0645/1882] remove old cluster --- flux/.gitignore | 1 + .../apps/gitops/kustomization.yaml | 4 - .../apps/gitops/renovate/external-secret.yaml | 21 - .../apps/gitops/renovate/kustomization.yaml | 5 - .../renovate/renovate-infrastructure.yaml | 113 - flux/old_cluster/apps/kustomization.yaml | 7 - .../apps/networking/kustomization.yaml | 4 - .../apps/networking/traefik/helm-release.yaml | 74 - .../networking/traefik/kustomization.yaml | 4 - .../apps/olympus/kustomization.yaml | 5 - .../apps/olympus/umami/deployment.yaml | 32 - .../apps/olympus/umami/external-secret.yaml | 17 - .../apps/olympus/umami/ingress.yaml | 19 - .../apps/olympus/umami/kustomization.yaml | 8 - .../apps/olympus/umami/middleware.yaml | 9 - flux/old_cluster/apps/olympus/umami/svc.yaml | 12 - .../apps/olympus/xirion-registry-creds.yaml | 19 - .../presidential-paradise/0x76dev/0x76.yaml | 55 - .../0x76dev/kustomization.yaml | 4 - .../presidential-paradise/kustomization.yaml | 5 - .../xirion-registry-creds.yaml | 19 - flux/old_cluster/base/apps.yaml | 15 - flux/old_cluster/base/core.yaml | 15 - flux/old_cluster/base/crds.yaml | 13 - .../flux-system/charts/helm/drone-charts.yaml | 10 - .../charts/helm/external-secrets-charts.yaml | 10 - .../charts/helm/fairwinds-charts.yaml | 9 - .../charts/helm/kustomization.yaml | 8 - .../charts/helm/metallb-charts.yaml | 10 - .../charts/helm/traefik-charts.yaml | 10 - .../flux-system/charts/kustomization.yaml | 5 - .../base/flux-system/gotk-components.yaml | 7727 ----------------- .../base/flux-system/gotk-sync.yaml | 27 - .../base/flux-system/kustomization.yaml | 7 - .../flux-system/xirion-registry-creds.yaml | 19 - .../external-secrets/helm-release.yaml | 24 - .../external-secrets/kustomization.yaml | 6 - .../external-secrets/vault-secret-store.yaml | 26 - .../core/external-secrets/kustomization.yaml | 5 - flux/old_cluster/core/kustomization.yaml | 7 - .../core/namespaces/drone-build.yaml | 5 - .../core/namespaces/external-secrets.yaml | 5 - flux/old_cluster/core/namespaces/gitops.yaml | 5 - .../core/namespaces/kustomization.yaml | 10 - .../core/namespaces/monitoring.yaml | 5 - .../core/namespaces/networking.yaml | 5 - flux/old_cluster/core/namespaces/olympus.yaml | 7 - .../namespaces/presidential-paradise.yaml | 7 - .../core/networking/kustomization.yaml | 5 - .../core/networking/metallb/address-pool.yaml | 8 - .../core/networking/metallb/helm-release.yaml | 27 - .../networking/metallb/kustomization.yaml | 7 - .../networking/metallb/l2advertisement.yaml | 8 - .../crds/external-secrets/crds.yaml | 30 - .../crds/external-secrets/kustomization.yaml | 4 - flux/old_cluster/crds/kustomization.yaml | 5 - flux/old_cluster/crds/traefik/crds.yaml | 30 - .../crds/traefik/kustomization.yaml | 4 - 58 files changed, 1 insertion(+), 8566 deletions(-) create mode 100644 flux/.gitignore delete mode 100644 flux/old_cluster/apps/gitops/kustomization.yaml delete mode 100644 flux/old_cluster/apps/gitops/renovate/external-secret.yaml delete mode 100644 flux/old_cluster/apps/gitops/renovate/kustomization.yaml delete mode 100644 flux/old_cluster/apps/gitops/renovate/renovate-infrastructure.yaml delete mode 100644 flux/old_cluster/apps/kustomization.yaml delete mode 100644 flux/old_cluster/apps/networking/kustomization.yaml delete mode 100644 flux/old_cluster/apps/networking/traefik/helm-release.yaml delete mode 100644 flux/old_cluster/apps/networking/traefik/kustomization.yaml delete mode 100644 flux/old_cluster/apps/olympus/kustomization.yaml delete mode 100644 flux/old_cluster/apps/olympus/umami/deployment.yaml delete mode 100644 flux/old_cluster/apps/olympus/umami/external-secret.yaml delete mode 100644 flux/old_cluster/apps/olympus/umami/ingress.yaml delete mode 100644 flux/old_cluster/apps/olympus/umami/kustomization.yaml delete mode 100644 flux/old_cluster/apps/olympus/umami/middleware.yaml delete mode 100644 flux/old_cluster/apps/olympus/umami/svc.yaml delete mode 100644 flux/old_cluster/apps/olympus/xirion-registry-creds.yaml delete mode 100644 flux/old_cluster/apps/presidential-paradise/0x76dev/0x76.yaml delete mode 100644 flux/old_cluster/apps/presidential-paradise/0x76dev/kustomization.yaml delete mode 100644 flux/old_cluster/apps/presidential-paradise/kustomization.yaml delete mode 100644 flux/old_cluster/apps/presidential-paradise/xirion-registry-creds.yaml delete mode 100644 flux/old_cluster/base/apps.yaml delete mode 100644 flux/old_cluster/base/core.yaml delete mode 100644 flux/old_cluster/base/crds.yaml delete mode 100644 flux/old_cluster/base/flux-system/charts/helm/drone-charts.yaml delete mode 100644 flux/old_cluster/base/flux-system/charts/helm/external-secrets-charts.yaml delete mode 100644 flux/old_cluster/base/flux-system/charts/helm/fairwinds-charts.yaml delete mode 100644 flux/old_cluster/base/flux-system/charts/helm/kustomization.yaml delete mode 100644 flux/old_cluster/base/flux-system/charts/helm/metallb-charts.yaml delete mode 100644 flux/old_cluster/base/flux-system/charts/helm/traefik-charts.yaml delete mode 100644 flux/old_cluster/base/flux-system/charts/kustomization.yaml delete mode 100644 flux/old_cluster/base/flux-system/gotk-components.yaml delete mode 100644 flux/old_cluster/base/flux-system/gotk-sync.yaml delete mode 100644 flux/old_cluster/base/flux-system/kustomization.yaml delete mode 100644 flux/old_cluster/base/flux-system/xirion-registry-creds.yaml delete mode 100644 flux/old_cluster/core/external-secrets/external-secrets/helm-release.yaml delete mode 100644 flux/old_cluster/core/external-secrets/external-secrets/kustomization.yaml delete mode 100644 flux/old_cluster/core/external-secrets/external-secrets/vault-secret-store.yaml delete mode 100644 flux/old_cluster/core/external-secrets/kustomization.yaml delete mode 100644 flux/old_cluster/core/kustomization.yaml delete mode 100644 flux/old_cluster/core/namespaces/drone-build.yaml delete mode 100644 flux/old_cluster/core/namespaces/external-secrets.yaml delete mode 100644 flux/old_cluster/core/namespaces/gitops.yaml delete mode 100644 flux/old_cluster/core/namespaces/kustomization.yaml delete mode 100644 flux/old_cluster/core/namespaces/monitoring.yaml delete mode 100644 flux/old_cluster/core/namespaces/networking.yaml delete mode 100644 flux/old_cluster/core/namespaces/olympus.yaml delete mode 100644 flux/old_cluster/core/namespaces/presidential-paradise.yaml delete mode 100644 flux/old_cluster/core/networking/kustomization.yaml delete mode 100644 flux/old_cluster/core/networking/metallb/address-pool.yaml delete mode 100644 flux/old_cluster/core/networking/metallb/helm-release.yaml delete mode 100644 flux/old_cluster/core/networking/metallb/kustomization.yaml delete mode 100644 flux/old_cluster/core/networking/metallb/l2advertisement.yaml delete mode 100644 flux/old_cluster/crds/external-secrets/crds.yaml delete mode 100644 flux/old_cluster/crds/external-secrets/kustomization.yaml delete mode 100644 flux/old_cluster/crds/kustomization.yaml delete mode 100644 flux/old_cluster/crds/traefik/crds.yaml delete mode 100644 flux/old_cluster/crds/traefik/kustomization.yaml diff --git a/flux/.gitignore b/flux/.gitignore new file mode 100644 index 00000000..ec8d5548 --- /dev/null +++ b/flux/.gitignore @@ -0,0 +1 @@ +old_cluster diff --git a/flux/old_cluster/apps/gitops/kustomization.yaml b/flux/old_cluster/apps/gitops/kustomization.yaml deleted file mode 100644 index 4ddab702..00000000 --- a/flux/old_cluster/apps/gitops/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - renovate diff --git a/flux/old_cluster/apps/gitops/renovate/external-secret.yaml b/flux/old_cluster/apps/gitops/renovate/external-secret.yaml deleted file mode 100644 index 23606bce..00000000 --- a/flux/old_cluster/apps/gitops/renovate/external-secret.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: renovate - namespace: gitops -spec: - refreshInterval: "5m" - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: renovate - data: - - secretKey: RENOVATE_TOKEN - remoteRef: - key: gitops/renovate - property: gitea_token - - secretKey: GITHUB_COM_TOKEN - remoteRef: - key: gitops/renovate - property: github_token diff --git a/flux/old_cluster/apps/gitops/renovate/kustomization.yaml b/flux/old_cluster/apps/gitops/renovate/kustomization.yaml deleted file mode 100644 index 215e80bc..00000000 --- a/flux/old_cluster/apps/gitops/renovate/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - external-secret.yaml - - renovate-infrastructure.yaml diff --git a/flux/old_cluster/apps/gitops/renovate/renovate-infrastructure.yaml b/flux/old_cluster/apps/gitops/renovate/renovate-infrastructure.yaml deleted file mode 100644 index 9ee49dd9..00000000 --- a/flux/old_cluster/apps/gitops/renovate/renovate-infrastructure.yaml +++ /dev/null @@ -1,113 +0,0 @@ ---- -apiVersion: batch/v1 -kind: CronJob -metadata: - name: renovate-infrastructure - namespace: gitops -spec: - schedule: "@hourly" - concurrencyPolicy: Forbid - jobTemplate: - spec: - template: - spec: - volumes: - - name: config-volume - configMap: - name: renovate-config - - name: work-volume - emptyDir: {} - containers: - - name: renovate - image: renovate/renovate:32.135 - volumeMounts: - - name: config-volume - mountPath: /opt/renovate/ - - name: work-volume - mountPath: /tmp/renovate/ - env: - - name: LOG_LEVEL - value: debug - - name: RENOVATE_ENDPOINT - value: "https://git.0x76.dev/api/v1/" - - name: RENOVATE_PLATFORM - value: gitea - - name: RENOVATE_AUTODISCOVER - value: "false" - - name: RENOVATE_GIT_AUTHOR - value: "Renovate Bot " - - name: RENOVATE_CONFIG_FILE - value: "/opt/renovate/config.js" - - name: RENOVATE_BASE_DIR - value: "/tmp/renovate" - envFrom: - - secretRef: - name: renovate - restartPolicy: Never ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: renovate-config - namespace: gitops -data: - config.js: |- - module.exports = { - "binarySource": "install", - "repositories": ["v/infrastructure"], - "flux": { - "fileMatch": ["flux/.+\\.ya?ml$"] - }, - "helm-values": { - "fileMatch": ["flux/.+\\.ya?ml$"] - }, - "kubernetes": { - "fileMatch": ["flux/.+\\.ya?ml$"] - }, - "hostRules": [ - { - "hostType": "docker", - "matchHost": "ghcr.io", - "username": "NULLx76", - "password": process.env.GITHUB_COM_TOKEN - } - ], - "packageRules": [ - { - "automerge": true, - "automergeType": "branch", - "matchPackageNames": [ - "renovate/renovate" - ] - } - ], - // ignore individual fluxcd images - "ignoreDeps": [ - "ghcr.io/fluxcd/helm-controller", - "ghcr.io/fluxcd/image-automation-controller", - "ghcr.io/fluxcd/image-reflector-controller", - "ghcr.io/fluxcd/kustomize-controller", - "ghcr.io/fluxcd/notification-controller", - "ghcr.io/fluxcd/source-controller" - ], - "regexManagers": [ - { - "fileMatch": [ - "flux/cluster/crds/traefik/.+\\.ya?ml$" - ], - "matchStrings": [ - "registryUrl=(?.*?) chart=(?.*?)\n *tag: v(?.*)\n" - ], - "datasourceTemplate": "helm" - }, - { - "fileMatch": [ - "flux/cluster/crds/external-secrets/.+\\.ya?ml$" - ], - "matchStrings": [ - "registryUrl=(?.*?) chart=(?.*?)\n *tag: helm-chart-(?.*)\n" - ], - "datasourceTemplate": "helm" - }, - ] - }; diff --git a/flux/old_cluster/apps/kustomization.yaml b/flux/old_cluster/apps/kustomization.yaml deleted file mode 100644 index 5dc0ccd6..00000000 --- a/flux/old_cluster/apps/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - networking - - presidential-paradise - - gitops - - olympus diff --git a/flux/old_cluster/apps/networking/kustomization.yaml b/flux/old_cluster/apps/networking/kustomization.yaml deleted file mode 100644 index 8f492af6..00000000 --- a/flux/old_cluster/apps/networking/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - traefik diff --git a/flux/old_cluster/apps/networking/traefik/helm-release.yaml b/flux/old_cluster/apps/networking/traefik/helm-release.yaml deleted file mode 100644 index 4f31cbd7..00000000 --- a/flux/old_cluster/apps/networking/traefik/helm-release.yaml +++ /dev/null @@ -1,74 +0,0 @@ ---- -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: traefik - namespace: networking -spec: - interval: 5m - chart: - spec: - # renovate: registryUrl=https://helm.traefik.io/traefik - chart: traefik - version: 10.24.0 - sourceRef: - kind: HelmRepository - name: traefik-charts - namespace: flux-system - interval: 5m - values: - image: - name: traefik - deployment: - kind: Deployment - replicas: 2 - service: - enabled: true - type: LoadBalancer - spec: - externalIPs: - - 10.42.42.150 - externalTrafficPolicy: Local - logs: - general: - level: WARN - ingressClass: - enabled: true - isDefaultClass: true - fallbackApiVersion: v1 - globalArguments: [] - additionalArguments: - - "--providers.kubernetesingress.ingressclass=traefik" - - "--providers.kubernetesingress.ingressendpoint.ip=10.42.42.150" - - "--entryPoints.web.forwardedHeaders.insecure=true" - - "--entryPoints.websecure.forwardedHeaders.insecure=true" - ports: - traefik: - port: 9000 - expose: true - web: - port: 8000 - exposedPort: 8000 - expose: true - websecure: - port: 8443 - exposedPort: 8443 - expose: true - pilot: - enabled: false - experimental: - plugins: - enabled: false - affinity: {} - providers: - kubernetesCRD: - enabled: true - namespaces: - - networking - - olympus - resources: - requests: - memory: 100Mi - cpu: 500m - limits: - memory: 500Mi diff --git a/flux/old_cluster/apps/networking/traefik/kustomization.yaml b/flux/old_cluster/apps/networking/traefik/kustomization.yaml deleted file mode 100644 index 34a8531c..00000000 --- a/flux/old_cluster/apps/networking/traefik/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - helm-release.yaml diff --git a/flux/old_cluster/apps/olympus/kustomization.yaml b/flux/old_cluster/apps/olympus/kustomization.yaml deleted file mode 100644 index 7d674414..00000000 --- a/flux/old_cluster/apps/olympus/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - xirion-registry-creds.yaml - - umami diff --git a/flux/old_cluster/apps/olympus/umami/deployment.yaml b/flux/old_cluster/apps/olympus/umami/deployment.yaml deleted file mode 100644 index 32b5e0b2..00000000 --- a/flux/old_cluster/apps/olympus/umami/deployment.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: umami - namespace: olympus - labels: - app: umami -spec: - replicas: 1 - selector: - matchLabels: - app: umami - template: - metadata: - labels: - app: umami - spec: - containers: - - name: umami - imagePullPolicy: IfNotPresent - image: ghcr.io/mikecao/umami:postgresql-v1.31.0 - ports: - - containerPort: 3000 - name: web - env: - - name: DATABASE_TYPE - value: postgres - - name: DATABASE_URL - value: "postgresql://umami@10.42.42.26/umami" - envFrom: - - secretRef: - name: umami diff --git a/flux/old_cluster/apps/olympus/umami/external-secret.yaml b/flux/old_cluster/apps/olympus/umami/external-secret.yaml deleted file mode 100644 index 213a9450..00000000 --- a/flux/old_cluster/apps/olympus/umami/external-secret.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: umami - namespace: olympus -spec: - refreshInterval: "5m" - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: umami - data: - - secretKey: HASH_SALT - remoteRef: - key: olympus/umami - property: hash_salt diff --git a/flux/old_cluster/apps/olympus/umami/ingress.yaml b/flux/old_cluster/apps/olympus/umami/ingress.yaml deleted file mode 100644 index 375dad1e..00000000 --- a/flux/old_cluster/apps/olympus/umami/ingress.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: umami - namespace: olympus - annotations: - traefik.ingress.kubernetes.io/router.middlewares: olympus-umamijs@kubernetescrd -spec: - rules: - - host: "msg.0x76.dev" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: umami - port: - number: 80 diff --git a/flux/old_cluster/apps/olympus/umami/kustomization.yaml b/flux/old_cluster/apps/olympus/umami/kustomization.yaml deleted file mode 100644 index aaae3abf..00000000 --- a/flux/old_cluster/apps/olympus/umami/kustomization.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - deployment.yaml - - external-secret.yaml - - ingress.yaml - - svc.yaml - - middleware.yaml diff --git a/flux/old_cluster/apps/olympus/umami/middleware.yaml b/flux/old_cluster/apps/olympus/umami/middleware.yaml deleted file mode 100644 index dbc1cab3..00000000 --- a/flux/old_cluster/apps/olympus/umami/middleware.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: traefik.containo.us/v1alpha1 -kind: Middleware -metadata: - name: umamijs - namespace: olympus -spec: - replacePathRegex: - regex: ^/script\.js - replacement: /umami.js diff --git a/flux/old_cluster/apps/olympus/umami/svc.yaml b/flux/old_cluster/apps/olympus/umami/svc.yaml deleted file mode 100644 index 042d1e1d..00000000 --- a/flux/old_cluster/apps/olympus/umami/svc.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: umami - namespace: olympus -spec: - selector: - app: umami - ports: - - protocol: TCP - port: 80 - targetPort: web diff --git a/flux/old_cluster/apps/olympus/xirion-registry-creds.yaml b/flux/old_cluster/apps/olympus/xirion-registry-creds.yaml deleted file mode 100644 index 54996c33..00000000 --- a/flux/old_cluster/apps/olympus/xirion-registry-creds.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: xirion-registry-creds - namespace: olympus -spec: - refreshInterval: "5m" - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: xirion-registry-creds - template: - type: kubernetes.io/dockerconfigjson - data: - - secretKey: .dockerconfigjson - remoteRef: - key: xirion-registry-creds - property: dockerconfigjson diff --git a/flux/old_cluster/apps/presidential-paradise/0x76dev/0x76.yaml b/flux/old_cluster/apps/presidential-paradise/0x76dev/0x76.yaml deleted file mode 100644 index 74dd9a4d..00000000 --- a/flux/old_cluster/apps/presidential-paradise/0x76dev/0x76.yaml +++ /dev/null @@ -1,55 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: x76dev - namespace: presidential-paradise - labels: - app: x76dev -spec: - replicas: 1 - selector: - matchLabels: - app: x76dev - template: - metadata: - labels: - app: x76dev - spec: - containers: - - name: x76dev - image: registry.xirion.net/library/0x76.dev - ports: - - containerPort: 8080 - imagePullSecrets: - - name: xirion-registry-creds ---- -apiVersion: v1 -kind: Service -metadata: - name: x76dev-service - namespace: presidential-paradise -spec: - selector: - app: x76dev - ports: - - protocol: TCP - port: 8080 ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: x76dev-ingress - namespace: presidential-paradise -spec: - ingressClassName: "traefik" - rules: - - host: "0x76.dev" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: x76dev-service - port: - number: 8080 diff --git a/flux/old_cluster/apps/presidential-paradise/0x76dev/kustomization.yaml b/flux/old_cluster/apps/presidential-paradise/0x76dev/kustomization.yaml deleted file mode 100644 index 1a4998ed..00000000 --- a/flux/old_cluster/apps/presidential-paradise/0x76dev/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - 0x76.yaml diff --git a/flux/old_cluster/apps/presidential-paradise/kustomization.yaml b/flux/old_cluster/apps/presidential-paradise/kustomization.yaml deleted file mode 100644 index 43c62827..00000000 --- a/flux/old_cluster/apps/presidential-paradise/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - xirion-registry-creds.yaml - - 0x76dev diff --git a/flux/old_cluster/apps/presidential-paradise/xirion-registry-creds.yaml b/flux/old_cluster/apps/presidential-paradise/xirion-registry-creds.yaml deleted file mode 100644 index c43b5896..00000000 --- a/flux/old_cluster/apps/presidential-paradise/xirion-registry-creds.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: xirion-registry-creds - namespace: presidential-paradise -spec: - refreshInterval: "5m" - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: xirion-registry-creds - template: - type: kubernetes.io/dockerconfigjson - data: - - secretKey: .dockerconfigjson - remoteRef: - key: xirion-registry-creds - property: dockerconfigjson diff --git a/flux/old_cluster/base/apps.yaml b/flux/old_cluster/base/apps.yaml deleted file mode 100644 index cd4f7685..00000000 --- a/flux/old_cluster/base/apps.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 -kind: Kustomization -metadata: - name: apps - namespace: flux-system -spec: - interval: 10m0s - dependsOn: - - name: core - path: ./flux/cluster/apps - prune: true - sourceRef: - kind: GitRepository - name: flux-system diff --git a/flux/old_cluster/base/core.yaml b/flux/old_cluster/base/core.yaml deleted file mode 100644 index 51375b4c..00000000 --- a/flux/old_cluster/base/core.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 -kind: Kustomization -metadata: - name: core - namespace: flux-system -spec: - interval: 10m0s - dependsOn: - - name: crds - path: ./flux/cluster/core - prune: false - sourceRef: - kind: GitRepository - name: flux-system diff --git a/flux/old_cluster/base/crds.yaml b/flux/old_cluster/base/crds.yaml deleted file mode 100644 index cf080f85..00000000 --- a/flux/old_cluster/base/crds.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 -kind: Kustomization -metadata: - name: crds - namespace: flux-system -spec: - interval: 10m0s - path: ./flux/cluster/crds - prune: false - sourceRef: - kind: GitRepository - name: flux-system diff --git a/flux/old_cluster/base/flux-system/charts/helm/drone-charts.yaml b/flux/old_cluster/base/flux-system/charts/helm/drone-charts.yaml deleted file mode 100644 index e88ec5a5..00000000 --- a/flux/old_cluster/base/flux-system/charts/helm/drone-charts.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -apiVersion: source.toolkit.fluxcd.io/v1beta1 -kind: HelmRepository -metadata: - name: drone-charts - namespace: flux-system -spec: - interval: 15m - url: https://charts.drone.io - timeout: 3m diff --git a/flux/old_cluster/base/flux-system/charts/helm/external-secrets-charts.yaml b/flux/old_cluster/base/flux-system/charts/helm/external-secrets-charts.yaml deleted file mode 100644 index 2d49244d..00000000 --- a/flux/old_cluster/base/flux-system/charts/helm/external-secrets-charts.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -apiVersion: source.toolkit.fluxcd.io/v1beta1 -kind: HelmRepository -metadata: - name: external-secrets-charts - namespace: flux-system -spec: - interval: 15m0s - url: https://charts.external-secrets.io - diff --git a/flux/old_cluster/base/flux-system/charts/helm/fairwinds-charts.yaml b/flux/old_cluster/base/flux-system/charts/helm/fairwinds-charts.yaml deleted file mode 100644 index a74526cd..00000000 --- a/flux/old_cluster/base/flux-system/charts/helm/fairwinds-charts.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: source.toolkit.fluxcd.io/v1beta1 -kind: HelmRepository -metadata: - name: fairwinds-charts - namespace: flux-system -spec: - interval: 15m - url: https://charts.fairwinds.com/stable - timeout: 3m diff --git a/flux/old_cluster/base/flux-system/charts/helm/kustomization.yaml b/flux/old_cluster/base/flux-system/charts/helm/kustomization.yaml deleted file mode 100644 index c8afccdb..00000000 --- a/flux/old_cluster/base/flux-system/charts/helm/kustomization.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - metallb-charts.yaml - - traefik-charts.yaml - - external-secrets-charts.yaml - - fairwinds-charts.yaml - - drone-charts.yaml diff --git a/flux/old_cluster/base/flux-system/charts/helm/metallb-charts.yaml b/flux/old_cluster/base/flux-system/charts/helm/metallb-charts.yaml deleted file mode 100644 index 9f91c086..00000000 --- a/flux/old_cluster/base/flux-system/charts/helm/metallb-charts.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -apiVersion: source.toolkit.fluxcd.io/v1beta1 -kind: HelmRepository -metadata: - name: metallb-charts - namespace: flux-system -spec: - interval: 15m0s - url: https://metallb.github.io/metallb - diff --git a/flux/old_cluster/base/flux-system/charts/helm/traefik-charts.yaml b/flux/old_cluster/base/flux-system/charts/helm/traefik-charts.yaml deleted file mode 100644 index dda0b320..00000000 --- a/flux/old_cluster/base/flux-system/charts/helm/traefik-charts.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -apiVersion: source.toolkit.fluxcd.io/v1beta1 -kind: HelmRepository -metadata: - name: traefik-charts - namespace: flux-system -spec: - interval: 15m - url: https://helm.traefik.io/traefik - timeout: 3m diff --git a/flux/old_cluster/base/flux-system/charts/kustomization.yaml b/flux/old_cluster/base/flux-system/charts/kustomization.yaml deleted file mode 100644 index dadf6d60..00000000 --- a/flux/old_cluster/base/flux-system/charts/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - helm - diff --git a/flux/old_cluster/base/flux-system/gotk-components.yaml b/flux/old_cluster/base/flux-system/gotk-components.yaml deleted file mode 100644 index fc34702a..00000000 --- a/flux/old_cluster/base/flux-system/gotk-components.yaml +++ /dev/null @@ -1,7727 +0,0 @@ ---- -# This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.38.3 -# Components: source-controller,kustomize-controller,helm-controller,notification-controller,image-reflector-controller,image-automation-controller -apiVersion: v1 -kind: Namespace -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - pod-security.kubernetes.io/warn: restricted - pod-security.kubernetes.io/warn-version: latest - name: flux-system ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: alerts.notification.toolkit.fluxcd.io -spec: - group: notification.toolkit.fluxcd.io - names: - kind: Alert - listKind: AlertList - plural: alerts - singular: alert - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: Alert is the Schema for the alerts API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AlertSpec defines an alerting rule for events involving a - list of objects - properties: - eventSeverity: - default: info - description: Filter events based on severity, defaults to ('info'). - If set to 'info' no events will be filtered. - enum: - - info - - error - type: string - eventSources: - description: Filter events based on the involved objects. - items: - description: CrossNamespaceObjectReference contains enough information - to let you locate the typed referenced object at cluster level - properties: - apiVersion: - description: API version of the referent - type: string - kind: - description: Kind of the referent - enum: - - Bucket - - GitRepository - - Kustomization - - HelmRelease - - HelmChart - - HelmRepository - - ImageRepository - - ImagePolicy - - ImageUpdateAutomation - - OCIRepository - type: string - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - name: - description: Name of the referent - maxLength: 53 - minLength: 1 - type: string - namespace: - description: Namespace of the referent - maxLength: 53 - minLength: 1 - type: string - required: - - name - type: object - type: array - exclusionList: - description: A list of Golang regular expressions to be used for excluding - messages. - items: - type: string - type: array - providerRef: - description: Send events using this provider. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - summary: - description: Short description of the impact and affected cluster. - type: string - suspend: - description: This flag tells the controller to suspend subsequent - events dispatching. Defaults to false. - type: boolean - required: - - eventSources - - providerRef - type: object - status: - default: - observedGeneration: -1 - description: AlertStatus defines the observed state of Alert - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta2 - schema: - openAPIV3Schema: - description: Alert is the Schema for the alerts API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AlertSpec defines an alerting rule for events involving a - list of objects. - properties: - eventSeverity: - default: info - description: EventSeverity specifies how to filter events based on - severity. If set to 'info' no events will be filtered. - enum: - - info - - error - type: string - eventSources: - description: EventSources specifies how to filter events based on - the involved object kind, name and namespace. - items: - description: CrossNamespaceObjectReference contains enough information - to let you locate the typed referenced object at cluster level - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - Bucket - - GitRepository - - Kustomization - - HelmRelease - - HelmChart - - HelmRepository - - ImageRepository - - ImagePolicy - - ImageUpdateAutomation - - OCIRepository - type: string - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - name: - description: Name of the referent. - maxLength: 53 - minLength: 1 - type: string - namespace: - description: Namespace of the referent. - maxLength: 53 - minLength: 1 - type: string - required: - - name - type: object - type: array - exclusionList: - description: ExclusionList specifies a list of Golang regular expressions - to be used for excluding messages. - items: - type: string - type: array - providerRef: - description: ProviderRef specifies which Provider this Alert should - use. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - summary: - description: Summary holds a short description of the impact and affected - cluster. - maxLength: 255 - type: string - suspend: - description: Suspend tells the controller to suspend subsequent events - handling for this Alert. - type: boolean - required: - - eventSources - - providerRef - type: object - status: - default: - observedGeneration: -1 - description: AlertStatus defines the observed state of the Alert. - properties: - conditions: - description: Conditions holds the conditions for the Alert. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: buckets.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: Bucket - listKind: BucketList - plural: buckets - singular: bucket - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.endpoint - name: Endpoint - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: Bucket is the Schema for the buckets API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: BucketSpec defines the desired state of an S3 compatible - bucket - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - bucketName: - description: The bucket name. - type: string - endpoint: - description: The bucket endpoint address. - type: string - ignore: - description: Ignore overrides the set of excluded patterns in the - .sourceignore format (which is the same as .gitignore). If not provided, - a default will be used, consult the documentation for your version - to find out what those are. - type: string - insecure: - description: Insecure allows connecting to a non-TLS S3 HTTP endpoint. - type: boolean - interval: - description: The interval at which to check for bucket updates. - type: string - provider: - default: generic - description: The S3 compatible storage provider name, default ('generic'). - enum: - - generic - - aws - - gcp - type: string - region: - description: The bucket region. - type: string - secretRef: - description: The name of the secret containing authentication credentials - for the Bucket. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout for download operations, defaults to 60s. - type: string - required: - - bucketName - - endpoint - - interval - type: object - status: - default: - observedGeneration: -1 - description: BucketStatus defines the observed state of a bucket - properties: - artifact: - description: Artifact represents the output of the last successful - Bucket sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the artifact. - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of this artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: Revision is a human readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm index timestamp, a Helm chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the Bucket. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: URL is the download link for the artifact output of the - last Bucket sync. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.endpoint - name: Endpoint - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta2 - schema: - openAPIV3Schema: - description: Bucket is the Schema for the buckets API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: BucketSpec specifies the required configuration to produce - an Artifact for an object storage bucket. - properties: - accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing - cross-namespace references to this object. NOTE: Not implemented, - provisional as of https://github.com/fluxcd/flux2/pull/2092' - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - bucketName: - description: BucketName is the name of the object storage bucket. - type: string - endpoint: - description: Endpoint is the object storage address the BucketName - is located at. - type: string - ignore: - description: Ignore overrides the set of excluded patterns in the - .sourceignore format (which is the same as .gitignore). If not provided, - a default will be used, consult the documentation for your version - to find out what those are. - type: string - insecure: - description: Insecure allows connecting to a non-TLS HTTP Endpoint. - type: boolean - interval: - description: Interval at which to check the Endpoint for updates. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - provider: - default: generic - description: Provider of the object storage bucket. Defaults to 'generic', - which expects an S3 (API) compatible object storage. - enum: - - generic - - aws - - gcp - - azure - type: string - region: - description: Region of the Endpoint where the BucketName is located - in. - type: string - secretRef: - description: SecretRef specifies the Secret containing authentication - credentials for the Bucket. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: Suspend tells the controller to suspend the reconciliation - of this Bucket. - type: boolean - timeout: - default: 60s - description: Timeout for fetch operations, defaults to 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - required: - - bucketName - - endpoint - - interval - type: object - status: - default: - observedGeneration: -1 - description: BucketStatus records the observed state of a Bucket. - properties: - artifact: - description: Artifact represents the last successful Bucket reconciliation. - properties: - checksum: - description: Checksum is the SHA256 checksum of the Artifact file. - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: Path is the relative file path of the Artifact. It - can be used to locate the file in the root of the Artifact storage - on the local file system of the controller managing the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the Bucket. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the Bucket object. - format: int64 - type: integer - observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used - for constructing the source artifact. - type: string - url: - description: URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact - data is recommended. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: gitrepositories.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: GitRepository - listKind: GitRepositoryList - plural: gitrepositories - shortNames: - - gitrepo - singular: gitrepository - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: GitRepository is the Schema for the gitrepositories API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: GitRepositorySpec defines the desired state of a Git repository. - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - gitImplementation: - default: go-git - description: Determines which git client library to use. Defaults - to go-git, valid values are ('go-git', 'libgit2'). - enum: - - go-git - - libgit2 - type: string - ignore: - description: Ignore overrides the set of excluded patterns in the - .sourceignore format (which is the same as .gitignore). If not provided, - a default will be used, consult the documentation for your version - to find out what those are. - type: string - include: - description: Extra git repositories to map into the repository - items: - description: GitRepositoryInclude defines a source with a from and - to path. - properties: - fromPath: - description: The path to copy contents from, defaults to the - root directory. - type: string - repository: - description: Reference to a GitRepository to include. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: The path to copy contents to, defaults to the name - of the source ref. - type: string - required: - - repository - type: object - type: array - interval: - description: The interval at which to check for repository updates. - type: string - recurseSubmodules: - description: When enabled, after the clone is created, initializes - all submodules within, using their default settings. This option - is available only when using the 'go-git' GitImplementation. - type: boolean - ref: - description: The Git reference to checkout and monitor for changes, - defaults to master branch. - properties: - branch: - description: The Git branch to checkout, defaults to master. - type: string - commit: - description: The Git commit SHA to checkout, if specified Tag - filters will be ignored. - type: string - semver: - description: The Git tag semver expression, takes precedence over - Tag. - type: string - tag: - description: The Git tag to checkout, takes precedence over Branch. - type: string - type: object - secretRef: - description: The secret name containing the Git credentials. For HTTPS - repositories the secret must contain username and password fields. - For SSH repositories the secret must contain identity and known_hosts - fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout for remote Git operations like cloning, defaults - to 60s. - type: string - url: - description: The repository URL, can be a HTTP/S or SSH address. - pattern: ^(http|https|ssh)://.*$ - type: string - verify: - description: Verify OpenPGP signature for the Git commit HEAD points - to. - properties: - mode: - description: Mode describes what git object should be verified, - currently ('head'). - enum: - - head - type: string - secretRef: - description: The secret name containing the public keys of all - trusted Git authors. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - mode - type: object - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: GitRepositoryStatus defines the observed state of a Git repository. - properties: - artifact: - description: Artifact represents the output of the last successful - repository sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the artifact. - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of this artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: Revision is a human readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm index timestamp, a Helm chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the GitRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - includedArtifacts: - description: IncludedArtifacts represents the included artifacts from - the last successful repository sync. - items: - description: Artifact represents the output of a source synchronisation. - properties: - checksum: - description: Checksum is the SHA256 checksum of the artifact. - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of this artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: Revision is a human readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm index timestamp, a Helm chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: URL is the download link for the artifact output of the - last repository sync. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta2 - schema: - openAPIV3Schema: - description: GitRepository is the Schema for the gitrepositories API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: GitRepositorySpec specifies the required configuration to - produce an Artifact for a Git repository. - properties: - accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing - cross-namespace references to this object. NOTE: Not implemented, - provisional as of https://github.com/fluxcd/flux2/pull/2092' - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - gitImplementation: - default: go-git - description: 'GitImplementation specifies which Git client library - implementation to use. Defaults to ''go-git'', valid values are - (''go-git'', ''libgit2''). Deprecated: gitImplementation is deprecated - now that ''go-git'' is the only supported implementation.' - enum: - - go-git - - libgit2 - type: string - ignore: - description: Ignore overrides the set of excluded patterns in the - .sourceignore format (which is the same as .gitignore). If not provided, - a default will be used, consult the documentation for your version - to find out what those are. - type: string - include: - description: Include specifies a list of GitRepository resources which - Artifacts should be included in the Artifact produced for this GitRepository. - items: - description: GitRepositoryInclude specifies a local reference to - a GitRepository which Artifact (sub-)contents must be included, - and where they should be placed. - properties: - fromPath: - description: FromPath specifies the path to copy contents from, - defaults to the root of the Artifact. - type: string - repository: - description: GitRepositoryRef specifies the GitRepository which - Artifact contents must be included. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: ToPath specifies the path to copy contents to, - defaults to the name of the GitRepositoryRef. - type: string - required: - - repository - type: object - type: array - interval: - description: Interval at which to check the GitRepository for updates. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - recurseSubmodules: - description: RecurseSubmodules enables the initialization of all submodules - within the GitRepository as cloned from the URL, using their default - settings. This option is available only when using the 'go-git' - GitImplementation. - type: boolean - ref: - description: Reference specifies the Git reference to resolve and - monitor for changes, defaults to the 'master' branch. - properties: - branch: - description: "Branch to check out, defaults to 'master' if no - other field is defined. \n When GitRepositorySpec.GitImplementation - is set to 'go-git', a shallow clone of the specified branch - is performed." - type: string - commit: - description: "Commit SHA to check out, takes precedence over all - reference fields. \n When GitRepositorySpec.GitImplementation - is set to 'go-git', this can be combined with Branch to shallow - clone the branch, in which the commit is expected to exist." - type: string - semver: - description: SemVer tag expression to check out, takes precedence - over Tag. - type: string - tag: - description: Tag to check out, takes precedence over Branch. - type: string - type: object - secretRef: - description: SecretRef specifies the Secret containing authentication - credentials for the GitRepository. For HTTPS repositories the Secret - must contain 'username' and 'password' fields. For SSH repositories - the Secret must contain 'identity' and 'known_hosts' fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: Suspend tells the controller to suspend the reconciliation - of this GitRepository. - type: boolean - timeout: - default: 60s - description: Timeout for Git operations like cloning, defaults to - 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - url: - description: URL specifies the Git repository URL, it can be an HTTP/S - or SSH address. - pattern: ^(http|https|ssh)://.*$ - type: string - verify: - description: Verification specifies the configuration to verify the - Git commit signature(s). - properties: - mode: - description: Mode specifies what Git object should be verified, - currently ('head'). - enum: - - head - type: string - secretRef: - description: SecretRef specifies the Secret containing the public - keys of trusted Git authors. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - mode - type: object - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: GitRepositoryStatus records the observed state of a Git repository. - properties: - artifact: - description: Artifact represents the last successful GitRepository - reconciliation. - properties: - checksum: - description: Checksum is the SHA256 checksum of the Artifact file. - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: Path is the relative file path of the Artifact. It - can be used to locate the file in the root of the Artifact storage - on the local file system of the controller managing the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the GitRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - contentConfigChecksum: - description: "ContentConfigChecksum is a checksum of all the configurations - related to the content of the source artifact: - .spec.ignore - - .spec.recurseSubmodules - .spec.included and the checksum of the - included artifacts observed in .status.observedGeneration version - of the object. This can be used to determine if the content of the - included repository has changed. It has the format of `:`, - for example: `sha256:`. \n Deprecated: Replaced with explicit - fields for observed artifact content config in the status." - type: string - includedArtifacts: - description: IncludedArtifacts contains a list of the last successfully - included Artifacts as instructed by GitRepositorySpec.Include. - items: - description: Artifact represents the output of a Source reconciliation. - properties: - checksum: - description: Checksum is the SHA256 checksum of the Artifact - file. - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI - annotations. - type: object - path: - description: Path is the relative file path of the Artifact. - It can be used to locate the file in the root of the Artifact - storage on the local file system of the controller managing - the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - path - - url - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the GitRepository object. - format: int64 - type: integer - observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used - for constructing the source artifact. - type: string - observedInclude: - description: ObservedInclude is the observed list of GitRepository - resources used to to produce the current Artifact. - items: - description: GitRepositoryInclude specifies a local reference to - a GitRepository which Artifact (sub-)contents must be included, - and where they should be placed. - properties: - fromPath: - description: FromPath specifies the path to copy contents from, - defaults to the root of the Artifact. - type: string - repository: - description: GitRepositoryRef specifies the GitRepository which - Artifact contents must be included. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: ToPath specifies the path to copy contents to, - defaults to the name of the GitRepositoryRef. - type: string - required: - - repository - type: object - type: array - observedRecurseSubmodules: - description: ObservedRecurseSubmodules is the observed resource submodules - configuration used to produce the current Artifact. - type: boolean - url: - description: URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise GitRepositoryStatus.Artifact - data is recommended. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: helmcharts.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: HelmChart - listKind: HelmChartList - plural: helmcharts - shortNames: - - hc - singular: helmchart - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.chart - name: Chart - type: string - - jsonPath: .spec.version - name: Version - type: string - - jsonPath: .spec.sourceRef.kind - name: Source Kind - type: string - - jsonPath: .spec.sourceRef.name - name: Source Name - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: HelmChart is the Schema for the helmcharts API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HelmChartSpec defines the desired state of a Helm chart. - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - chart: - description: The name or path the Helm chart is available at in the - SourceRef. - type: string - interval: - description: The interval at which to check the Source for updates. - type: string - reconcileStrategy: - default: ChartVersion - description: Determines what enables the creation of a new artifact. - Valid values are ('ChartVersion', 'Revision'). See the documentation - of the values for an explanation on their behavior. Defaults to - ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: The reference to the Source the chart is available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent, valid values are ('HelmRepository', - 'GitRepository', 'Bucket'). - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - type: string - required: - - kind - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - valuesFile: - description: Alternative values file to use as the default chart values, - expected to be a relative path in the SourceRef. Deprecated in favor - of ValuesFiles, for backwards compatibility the file defined here - is merged before the ValuesFiles items. Ignored when omitted. - type: string - valuesFiles: - description: Alternative list of values files to use as the chart - values (values.yaml is not included by default), expected to be - a relative path in the SourceRef. Values files are merged in the - order of this list with the last file overriding the first. Ignored - when omitted. - items: - type: string - type: array - version: - default: '*' - description: The chart version semver expression, ignored for charts - from GitRepository and Bucket sources. Defaults to latest when omitted. - type: string - required: - - chart - - interval - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: HelmChartStatus defines the observed state of the HelmChart. - properties: - artifact: - description: Artifact represents the output of the last successful - chart sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the artifact. - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of this artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: Revision is a human readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm index timestamp, a Helm chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmChart. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: URL is the download link for the last chart pulled. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.chart - name: Chart - type: string - - jsonPath: .spec.version - name: Version - type: string - - jsonPath: .spec.sourceRef.kind - name: Source Kind - type: string - - jsonPath: .spec.sourceRef.name - name: Source Name - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta2 - schema: - openAPIV3Schema: - description: HelmChart is the Schema for the helmcharts API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HelmChartSpec specifies the desired state of a Helm chart. - properties: - accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing - cross-namespace references to this object. NOTE: Not implemented, - provisional as of https://github.com/fluxcd/flux2/pull/2092' - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - chart: - description: Chart is the name or path the Helm chart is available - at in the SourceRef. - type: string - interval: - description: Interval is the interval at which to check the Source - for updates. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - reconcileStrategy: - default: ChartVersion - description: ReconcileStrategy determines what enables the creation - of a new artifact. Valid values are ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their - behavior. Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: SourceRef is the reference to the Source the chart is - available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent, valid values are ('HelmRepository', - 'GitRepository', 'Bucket'). - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - type: string - required: - - kind - - name - type: object - suspend: - description: Suspend tells the controller to suspend the reconciliation - of this source. - type: boolean - valuesFile: - description: ValuesFile is an alternative values file to use as the - default chart values, expected to be a relative path in the SourceRef. - Deprecated in favor of ValuesFiles, for backwards compatibility - the file specified here is merged before the ValuesFiles items. - Ignored when omitted. - type: string - valuesFiles: - description: ValuesFiles is an alternative list of values files to - use as the chart values (values.yaml is not included by default), - expected to be a relative path in the SourceRef. Values files are - merged in the order of this list with the last file overriding the - first. Ignored when omitted. - items: - type: string - type: array - verify: - description: Verify contains the secret name containing the trusted - public keys used to verify the signature and specifies which provider - to use to check whether OCI image is authentic. This field is only - supported when using HelmRepository source with spec.type 'oci'. - Chart dependencies, which are not bundled in the umbrella chart - artifact, are not verified. - properties: - provider: - default: cosign - description: Provider specifies the technology used to sign the - OCI Artifact. - enum: - - cosign - type: string - secretRef: - description: SecretRef specifies the Kubernetes Secret containing - the trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - version: - default: '*' - description: Version is the chart version semver expression, ignored - for charts from GitRepository and Bucket sources. Defaults to latest - when omitted. - type: string - required: - - chart - - interval - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: HelmChartStatus records the observed state of the HelmChart. - properties: - artifact: - description: Artifact represents the output of the last successful - reconciliation. - properties: - checksum: - description: Checksum is the SHA256 checksum of the Artifact file. - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: Path is the relative file path of the Artifact. It - can be used to locate the file in the root of the Artifact storage - on the local file system of the controller managing the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmChart. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedChartName: - description: ObservedChartName is the last observed chart name as - specified by the resolved chart reference. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the HelmChart object. - format: int64 - type: integer - observedSourceArtifactRevision: - description: ObservedSourceArtifactRevision is the last observed Artifact.Revision - of the HelmChartSpec.SourceRef. - type: string - url: - description: URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact - data is recommended. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - labels: - app.kubernetes.io/component: helm-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: helmreleases.helm.toolkit.fluxcd.io -spec: - group: helm.toolkit.fluxcd.io - names: - kind: HelmRelease - listKind: HelmReleaseList - plural: helmreleases - shortNames: - - hr - singular: helmrelease - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v2beta1 - schema: - openAPIV3Schema: - description: HelmRelease is the Schema for the helmreleases API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HelmReleaseSpec defines the desired state of a Helm release. - properties: - chart: - description: Chart defines the template of the v1beta2.HelmChart that - should be created for this HelmRelease. - properties: - spec: - description: Spec holds the template for the v1beta2.HelmChartSpec - for this HelmRelease. - properties: - chart: - description: The name or path the Helm chart is available - at in the SourceRef. - type: string - interval: - description: Interval at which to check the v1beta2.Source - for updates. Defaults to 'HelmReleaseSpec.Interval'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - reconcileStrategy: - default: ChartVersion - description: Determines what enables the creation of a new - artifact. Valid values are ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on - their behavior. Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: The name and namespace of the v1beta2.Source - the chart is available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace of the referent. - maxLength: 63 - minLength: 1 - type: string - required: - - name - type: object - valuesFile: - description: Alternative values file to use as the default - chart values, expected to be a relative path in the SourceRef. - Deprecated in favor of ValuesFiles, for backwards compatibility - the file defined here is merged before the ValuesFiles items. - Ignored when omitted. - type: string - valuesFiles: - description: Alternative list of values files to use as the - chart values (values.yaml is not included by default), expected - to be a relative path in the SourceRef. Values files are - merged in the order of this list with the last file overriding - the first. Ignored when omitted. - items: - type: string - type: array - verify: - description: Verify contains the secret name containing the - trusted public keys used to verify the signature and specifies - which provider to use to check whether OCI image is authentic. - This field is only supported for OCI sources. Chart dependencies, - which are not bundled in the umbrella chart artifact, are - not verified. - properties: - provider: - default: cosign - description: Provider specifies the technology used to - sign the OCI Helm chart. - enum: - - cosign - type: string - secretRef: - description: SecretRef specifies the Kubernetes Secret - containing the trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - version: - default: '*' - description: Version semver expression, ignored for charts - from v1beta2.GitRepository and v1beta2.Bucket sources. Defaults - to latest when omitted. - type: string - required: - - chart - - sourceRef - type: object - required: - - spec - type: object - dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference - slice with references to HelmRelease resources that must be ready - before this HelmRelease can be reconciled. - items: - description: NamespacedObjectReference contains enough information - to locate the referenced Kubernetes resource object in any namespace. - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - name - type: object - type: array - install: - description: Install holds the configuration for Helm install actions - for this HelmRelease. - properties: - crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory - according to the CRD upgrade policy provided here. Valid values - are `Skip`, `Create` or `CreateReplace`. Default is `Create` - and if omitted CRDs are installed but not updated. \n Skip: - do neither install nor replace (update) any CRDs. \n Create: - new CRDs are created, existing CRDs are neither updated nor - deleted. \n CreateReplace: new CRDs are created, existing CRDs - are updated (replaced) but not deleted. \n By default, CRDs - are applied (installed) during Helm install action. With this - option users can opt-in to CRD replace existing CRDs on Helm - install actions, which is not (yet) natively supported by Helm. - https://helm.sh/docs/chart_best_practices/custom_resource_definitions." - enum: - - Skip - - Create - - CreateReplace - type: string - createNamespace: - description: CreateNamespace tells the Helm install action to - create the HelmReleaseSpec.TargetNamespace if it does not exist - yet. On uninstall, the namespace will not be garbage collected. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm install action. - type: boolean - disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm install - action from validating rendered templates against the Kubernetes - OpenAPI Schema. - type: boolean - disableWait: - description: DisableWait disables the waiting for resources to - be ready after a Helm install has been performed. - type: boolean - disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete - after a Helm install has been performed. - type: boolean - remediation: - description: Remediation holds the remediation configuration for - when the Helm install action for the HelmRelease fails. The - default is to not perform any action. - properties: - ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip - remediation when the Helm tests are run after an install - action but fail. Defaults to 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: RemediateLastFailure tells the controller to - remediate the last failure, when no retries remain. Defaults - to 'false'. - type: boolean - retries: - description: Retries is the number of retries that should - be attempted on failures before bailing. Remediation, using - an uninstall, is performed between each attempt. Defaults - to '0', a negative integer equals to unlimited retries. - type: integer - type: object - replace: - description: Replace tells the Helm install action to re-use the - 'ReleaseName', but only if that name is a deleted release which - remains in the history. - type: boolean - skipCRDs: - description: "SkipCRDs tells the Helm install action to not install - any CRDs. By default, CRDs are installed if not already present. - \n Deprecated use CRD policy (`crds`) attribute with value `Skip` - instead." - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm install action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - interval: - description: Interval at which to reconcile the Helm release. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - kubeConfig: - description: KubeConfig for reconciling the HelmRelease on a remote - cluster. When used in combination with HelmReleaseSpec.ServiceAccountName, - forces the controller to act on behalf of that Service Account at - the target cluster. If the --default-service-account flag is set, - its value will be used as a controller level fallback for when HelmReleaseSpec.ServiceAccountName - is empty. - properties: - secretRef: - description: SecretRef holds the name to a secret that contains - a key with the kubeconfig file as the value. If no key is specified - the key will default to 'value'. The secret must be in the same - namespace as the HelmRelease. It is recommended that the kubeconfig - is self-contained, and the secret is regularly updated if credentials - such as a cloud-access-token expire. Cloud specific `cmd-path` - auth helpers will not function without adding binaries and credentials - to the Pod that is responsible for reconciling the HelmRelease. - properties: - key: - description: Key in the Secret, when not specified an implementation-specific - default key is used. - type: string - name: - description: Name of the Secret. - type: string - required: - - name - type: object - type: object - maxHistory: - description: MaxHistory is the number of revisions saved by Helm for - this HelmRelease. Use '0' for an unlimited number of revisions; - defaults to '10'. - type: integer - postRenderers: - description: PostRenderers holds an array of Helm PostRenderers, which - will be applied in order of their definition. - items: - description: PostRenderer contains a Helm PostRenderer specification. - properties: - kustomize: - description: Kustomization to apply as PostRenderer. - properties: - images: - description: Images is a list of (image name, new name, - new tag or digest) for changing image names, tags or digests. - This can also be achieved with a patch, but this operator - is simpler to specify. - items: - description: Image contains an image name, a new name, - a new tag or digest, which will replace the original - name and tag. - properties: - digest: - description: Digest is the value used to replace the - original image tag. If digest is present NewTag - value is ignored. - type: string - name: - description: Name is a tag-less image name. - type: string - newName: - description: NewName is the value used to replace - the original name. - type: string - newTag: - description: NewTag is the value used to replace the - original tag. - type: string - required: - - name - type: object - type: array - patches: - description: Strategic merge and JSON patches, defined as - inline YAML objects, capable of targeting objects based - on kind, label and annotation selectors. - items: - description: Patch contains an inline StrategicMerge or - JSON6902 patch, and the target the patch should be applied - to. - properties: - patch: - description: Patch contains an inline StrategicMerge - patch or an inline JSON6902 patch with an array - of operation objects. - type: string - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: AnnotationSelector is a string that - follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: Group is the API group to select - resources from. Together with Version and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: Kind of the API Group to select resources - from. Together with Group and Version it is - capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: LabelSelector is a string that follows - the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: Version of the API Group to select - resources from. Together with Group and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - type: object - type: array - patchesJson6902: - description: JSON 6902 patches, defined as inline YAML objects. - items: - description: JSON6902Patch contains a JSON6902 patch and - the target the patch should be applied to. - properties: - patch: - description: Patch contains the JSON6902 patch document - with an array of operation objects. - items: - description: JSON6902 is a JSON6902 operation object. - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - properties: - from: - description: From contains a JSON-pointer value - that references a location within the target - document where the operation is performed. - The meaning of the value depends on the value - of Op, and is NOT taken into account by all - operations. - type: string - op: - description: Op indicates the operation to perform. - Its value MUST be one of "add", "remove", - "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 - enum: - - test - - remove - - add - - replace - - move - - copy - type: string - path: - description: Path contains the JSON-pointer - value that references a location within the - target document where the operation is performed. - The meaning of the value depends on the value - of Op. - type: string - value: - description: Value contains a valid JSON structure. - The meaning of the value depends on the value - of Op, and is NOT taken into account by all - operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path - type: object - type: array - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: AnnotationSelector is a string that - follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: Group is the API group to select - resources from. Together with Version and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: Kind of the API Group to select resources - from. Together with Group and Version it is - capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: LabelSelector is a string that follows - the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: Version of the API Group to select - resources from. Together with Group and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - - target - type: object - type: array - patchesStrategicMerge: - description: Strategic merge patches, defined as inline - YAML objects. - items: - x-kubernetes-preserve-unknown-fields: true - type: array - type: object - type: object - type: array - releaseName: - description: ReleaseName used for the Helm release. Defaults to a - composition of '[TargetNamespace-]Name'. - maxLength: 53 - minLength: 1 - type: string - rollback: - description: Rollback holds the configuration for Helm rollback actions - for this HelmRelease. - properties: - cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created - during the Helm rollback action when it fails. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: DisableWait disables the waiting for resources to - be ready after a Helm rollback has been performed. - type: boolean - disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete - after a Helm rollback has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - recreate: - description: Recreate performs pod restarts for the resource if - applicable. - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - serviceAccountName: - description: The name of the Kubernetes service account to impersonate - when reconciling this HelmRelease. - type: string - storageNamespace: - description: StorageNamespace used for the Helm storage. Defaults - to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - suspend: - description: Suspend tells the controller to suspend reconciliation - for this HelmRelease, it does not apply to already started reconciliations. - Defaults to false. - type: boolean - targetNamespace: - description: TargetNamespace to target when performing operations - for the HelmRelease. Defaults to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - test: - description: Test holds the configuration for Helm test actions for - this HelmRelease. - properties: - enable: - description: Enable enables Helm test actions for this HelmRelease - after an Helm install or upgrade action has been performed. - type: boolean - ignoreFailures: - description: IgnoreFailures tells the controller to skip remediation - when the Helm tests are run but fail. Can be overwritten for - tests run after install or upgrade actions in 'Install.IgnoreTestFailures' - and 'Upgrade.IgnoreTestFailures'. - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation during the performance of a Helm test action. Defaults - to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a Helm - action. Defaults to '5m0s'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - uninstall: - description: Uninstall holds the configuration for Helm uninstall - actions for this HelmRelease. - properties: - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: DisableWait disables waiting for all the resources - to be deleted after a Helm uninstall is performed. - type: boolean - keepHistory: - description: KeepHistory tells Helm to remove all associated resources - and mark the release as deleted, but retain the release history. - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - upgrade: - description: Upgrade holds the configuration for Helm upgrade actions - for this HelmRelease. - properties: - cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created - during the Helm upgrade action when it fails. - type: boolean - crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory - according to the CRD upgrade policy provided here. Valid values - are `Skip`, `Create` or `CreateReplace`. Default is `Skip` and - if omitted CRDs are neither installed nor upgraded. \n Skip: - do neither install nor replace (update) any CRDs. \n Create: - new CRDs are created, existing CRDs are neither updated nor - deleted. \n CreateReplace: new CRDs are created, existing CRDs - are updated (replaced) but not deleted. \n By default, CRDs - are not applied during Helm upgrade action. With this option - users can opt-in to CRD upgrade, which is not (yet) natively - supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." - enum: - - Skip - - Create - - CreateReplace - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm upgrade action. - type: boolean - disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm upgrade - action from validating rendered templates against the Kubernetes - OpenAPI Schema. - type: boolean - disableWait: - description: DisableWait disables the waiting for resources to - be ready after a Helm upgrade has been performed. - type: boolean - disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete - after a Helm upgrade has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - preserveValues: - description: PreserveValues will make Helm reuse the last release's - values and merge in overrides from 'Values'. Setting this flag - makes the HelmRelease non-declarative. - type: boolean - remediation: - description: Remediation holds the remediation configuration for - when the Helm upgrade action for the HelmRelease fails. The - default is to not perform any action. - properties: - ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip - remediation when the Helm tests are run after an upgrade - action but fail. Defaults to 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: RemediateLastFailure tells the controller to - remediate the last failure, when no retries remain. Defaults - to 'false' unless 'Retries' is greater than 0. - type: boolean - retries: - description: Retries is the number of retries that should - be attempted on failures before bailing. Remediation, using - 'Strategy', is performed between each attempt. Defaults - to '0', a negative integer equals to unlimited retries. - type: integer - strategy: - description: Strategy to use for failure remediation. Defaults - to 'rollback'. - enum: - - rollback - - uninstall - type: string - type: object - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - values: - description: Values holds the values for this Helm release. - x-kubernetes-preserve-unknown-fields: true - valuesFrom: - description: ValuesFrom holds references to resources containing Helm - values for this HelmRelease, and information about how they should - be merged. - items: - description: ValuesReference contains a reference to a resource - containing Helm values, and optionally the key they can be found - at. - properties: - kind: - description: Kind of the values referent, valid values are ('Secret', - 'ConfigMap'). - enum: - - Secret - - ConfigMap - type: string - name: - description: Name of the values referent. Should reside in the - same namespace as the referring resource. - maxLength: 253 - minLength: 1 - type: string - optional: - description: Optional marks this ValuesReference as optional. - When set, a not found error for the values reference is ignored, - but any ValuesKey, TargetPath or transient error will still - result in a reconciliation failure. - type: boolean - targetPath: - description: TargetPath is the YAML dot notation path the value - should be merged at. When set, the ValuesKey is expected to - be a single flat value. Defaults to 'None', which results - in the values getting merged at the root. - maxLength: 250 - pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ - type: string - valuesKey: - description: ValuesKey is the data key where the values.yaml - or a specific value can be found at. Defaults to 'values.yaml'. - When set, must be a valid Data Key, consisting of alphanumeric - characters, '-', '_' or '.'. - maxLength: 253 - pattern: ^[\-._a-zA-Z0-9]+$ - type: string - required: - - kind - - name - type: object - type: array - required: - - chart - - interval - type: object - status: - default: - observedGeneration: -1 - description: HelmReleaseStatus defines the observed state of a HelmRelease. - properties: - conditions: - description: Conditions holds the conditions for the HelmRelease. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - failures: - description: Failures is the reconciliation failure count against - the latest desired state. It is reset after a successful reconciliation. - format: int64 - type: integer - helmChart: - description: HelmChart is the namespaced name of the HelmChart resource - created by the controller for the HelmRelease. - type: string - installFailures: - description: InstallFailures is the install failure count against - the latest desired state. It is reset after a successful reconciliation. - format: int64 - type: integer - lastAppliedRevision: - description: LastAppliedRevision is the revision of the last successfully - applied source. - type: string - lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation - attempt. - type: string - lastAttemptedValuesChecksum: - description: LastAttemptedValuesChecksum is the SHA1 checksum of the - values of the last reconciliation attempt. - type: string - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - lastReleaseRevision: - description: LastReleaseRevision is the revision of the last successful - Helm release. - type: integer - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - upgradeFailures: - description: UpgradeFailures is the upgrade failure count against - the latest desired state. It is reset after a successful reconciliation. - format: int64 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: helmrepositories.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: HelmRepository - listKind: HelmRepositoryList - plural: helmrepositories - shortNames: - - helmrepo - singular: helmrepository - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: HelmRepository is the Schema for the helmrepositories API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HelmRepositorySpec defines the reference to a Helm repository. - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - interval: - description: The interval at which to check the upstream for updates. - type: string - passCredentials: - description: PassCredentials allows the credentials from the SecretRef - to be passed on to a host that does not match the host as defined - in URL. This may be required if the host of the advertised chart - URLs in the index differ from the defined URL. Enabling this should - be done with caution, as it can potentially result in credentials - getting stolen in a MITM-attack. - type: boolean - secretRef: - description: The name of the secret containing authentication credentials - for the Helm repository. For HTTP/S basic auth the secret must contain - username and password fields. For TLS the secret must contain a - certFile and keyFile, and/or caCert fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout of index downloading, defaults to 60s. - type: string - url: - description: The Helm repository URL, a valid URL contains at least - a protocol and host. - type: string - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: HelmRepositoryStatus defines the observed state of the HelmRepository. - properties: - artifact: - description: Artifact represents the output of the last successful - repository sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the artifact. - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of this artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: Revision is a human readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm index timestamp, a Helm chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: URL is the download link for the last index fetched. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta2 - schema: - openAPIV3Schema: - description: HelmRepository is the Schema for the helmrepositories API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HelmRepositorySpec specifies the required configuration to - produce an Artifact for a Helm repository index YAML. - properties: - accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing - cross-namespace references to this object. NOTE: Not implemented, - provisional as of https://github.com/fluxcd/flux2/pull/2092' - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - interval: - description: Interval at which to check the URL for updates. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - passCredentials: - description: PassCredentials allows the credentials from the SecretRef - to be passed on to a host that does not match the host as defined - in URL. This may be required if the host of the advertised chart - URLs in the index differ from the defined URL. Enabling this should - be done with caution, as it can potentially result in credentials - getting stolen in a MITM-attack. - type: boolean - provider: - default: generic - description: Provider used for authentication, can be 'aws', 'azure', - 'gcp' or 'generic'. This field is optional, and only taken into - account if the .spec.type field is set to 'oci'. When not specified, - defaults to 'generic'. - enum: - - generic - - aws - - azure - - gcp - type: string - secretRef: - description: SecretRef specifies the Secret containing authentication - credentials for the HelmRepository. For HTTP/S basic auth the secret - must contain 'username' and 'password' fields. For TLS the secret - must contain a 'certFile' and 'keyFile', and/or 'caCert' fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: Suspend tells the controller to suspend the reconciliation - of this HelmRepository. - type: boolean - timeout: - default: 60s - description: Timeout is used for the index fetch operation for an - HTTPS helm repository, and for remote OCI Repository operations - like pulling for an OCI helm repository. Its default value is 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - type: - description: Type of the HelmRepository. When this field is set to "oci", - the URL field value must be prefixed with "oci://". - enum: - - default - - oci - type: string - url: - description: URL of the Helm repository, a valid URL contains at least - a protocol and host. - type: string - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: HelmRepositoryStatus records the observed state of the HelmRepository. - properties: - artifact: - description: Artifact represents the last successful HelmRepository - reconciliation. - properties: - checksum: - description: Checksum is the SHA256 checksum of the Artifact file. - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: Path is the relative file path of the Artifact. It - can be used to locate the file in the root of the Artifact storage - on the local file system of the controller managing the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the HelmRepository object. - format: int64 - type: integer - url: - description: URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise HelmRepositoryStatus.Artifact - data is recommended. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - labels: - app.kubernetes.io/component: image-reflector-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: imagepolicies.image.toolkit.fluxcd.io -spec: - group: image.toolkit.fluxcd.io - names: - kind: ImagePolicy - listKind: ImagePolicyList - plural: imagepolicies - singular: imagepolicy - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.latestImage - name: LatestImage - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: ImagePolicy is the Schema for the imagepolicies API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ImagePolicySpec defines the parameters for calculating the - ImagePolicy - properties: - filterTags: - description: FilterTags enables filtering for only a subset of tags - based on a set of rules. If no rules are provided, all the tags - from the repository will be ordered and compared. - properties: - extract: - description: Extract allows a capture group to be extracted from - the specified regular expression pattern, useful before tag - evaluation. - type: string - pattern: - description: Pattern specifies a regular expression pattern used - to filter for image tags. - type: string - type: object - imageRepositoryRef: - description: ImageRepositoryRef points at the object specifying the - image being scanned - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - name - type: object - policy: - description: Policy gives the particulars of the policy to be followed - in selecting the most recent image - properties: - alphabetical: - description: Alphabetical set of rules to use for alphabetical - ordering of the tags. - properties: - order: - default: asc - description: Order specifies the sorting order of the tags. - Given the letters of the alphabet as tags, ascending order - would select Z, and descending order would select A. - enum: - - asc - - desc - type: string - type: object - numerical: - description: Numerical set of rules to use for numerical ordering - of the tags. - properties: - order: - default: asc - description: Order specifies the sorting order of the tags. - Given the integer values from 0 to 9 as tags, ascending - order would select 9, and descending order would select - 0. - enum: - - asc - - desc - type: string - type: object - semver: - description: SemVer gives a semantic version range to check against - the tags available. - properties: - range: - description: Range gives a semver range for the image tag; - the highest version within the range that's a tag yields - the latest image. - type: string - required: - - range - type: object - type: object - required: - - imageRepositoryRef - - policy - type: object - status: - default: - observedGeneration: -1 - description: ImagePolicyStatus defines the observed state of ImagePolicy - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - latestImage: - description: LatestImage gives the first in the list of images scanned - by the image repository, when filtered and ordered according to - the policy. - type: string - observedGeneration: - format: int64 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - labels: - app.kubernetes.io/component: image-reflector-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: imagerepositories.image.toolkit.fluxcd.io -spec: - group: image.toolkit.fluxcd.io - names: - kind: ImageRepository - listKind: ImageRepositoryList - plural: imagerepositories - singular: imagerepository - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.lastScanResult.scanTime - name: Last scan - type: string - - jsonPath: .status.lastScanResult.tagCount - name: Tags - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: ImageRepository is the Schema for the imagerepositories API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ImageRepositorySpec defines the parameters for scanning an - image repository, e.g., `fluxcd/flux`. - properties: - accessFrom: - description: AccessFrom defines an ACL for allowing cross-namespace - references to the ImageRepository object based on the caller's namespace - labels. - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - certSecretRef: - description: "CertSecretRef can be given the name of a secret containing - either or both of \n - a PEM-encoded client certificate (`certFile`) - and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) - \n and whichever are supplied, will be used for connecting to the - registry. The client cert and key are useful if you are authenticating - with a certificate; the CA cert is useful if you are using a self-signed - server certificate." - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - exclusionList: - description: ExclusionList is a list of regex strings used to exclude - certain tags from being stored in the database. - items: - type: string - type: array - image: - description: Image is the name of the image repository - type: string - interval: - description: Interval is the length of time to wait between scans - of the image repository. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - secretRef: - description: SecretRef can be given the name of a secret containing - credentials to use for the image registry. The secret should be - created with `kubectl create secret docker-registry`, or the equivalent. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - serviceAccountName: - description: ServiceAccountName is the name of the Kubernetes ServiceAccount - used to authenticate the image pull if the service account has attached - pull secrets. - maxLength: 253 - type: string - suspend: - description: This flag tells the controller to suspend subsequent - image scans. It does not apply to already started scans. Defaults - to false. - type: boolean - timeout: - description: Timeout for image scanning. Defaults to 'Interval' duration. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - type: object - status: - default: - observedGeneration: -1 - description: ImageRepositoryStatus defines the observed state of ImageRepository - properties: - canonicalImageName: - description: CanonicalName is the name of the image repository with - all the implied bits made explicit; e.g., `docker.io/library/alpine` - rather than `alpine`. - type: string - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - lastScanResult: - description: LastScanResult contains the number of fetched tags. - properties: - scanTime: - format: date-time - type: string - tagCount: - type: integer - required: - - tagCount - type: object - observedGeneration: - description: ObservedGeneration is the last reconciled generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - labels: - app.kubernetes.io/component: image-automation-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: imageupdateautomations.image.toolkit.fluxcd.io -spec: - group: image.toolkit.fluxcd.io - names: - kind: ImageUpdateAutomation - listKind: ImageUpdateAutomationList - plural: imageupdateautomations - singular: imageupdateautomation - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.lastAutomationRunTime - name: Last run - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: ImageUpdateAutomation is the Schema for the imageupdateautomations - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ImageUpdateAutomationSpec defines the desired state of ImageUpdateAutomation - properties: - git: - description: GitSpec contains all the git-specific definitions. This - is technically optional, but in practice mandatory until there are - other kinds of source allowed. - properties: - checkout: - description: Checkout gives the parameters for cloning the git - repository, ready to make changes. If not present, the `spec.ref` - field from the referenced `GitRepository` or its default will - be used. - properties: - ref: - description: Reference gives a branch, tag or commit to clone - from the Git repository. - properties: - branch: - description: "Branch to check out, defaults to 'master' - if no other field is defined. \n When GitRepositorySpec.GitImplementation - is set to 'go-git', a shallow clone of the specified - branch is performed." - type: string - commit: - description: "Commit SHA to check out, takes precedence - over all reference fields. \n When GitRepositorySpec.GitImplementation - is set to 'go-git', this can be combined with Branch - to shallow clone the branch, in which the commit is - expected to exist." - type: string - semver: - description: SemVer tag expression to check out, takes - precedence over Tag. - type: string - tag: - description: Tag to check out, takes precedence over Branch. - type: string - type: object - required: - - ref - type: object - commit: - description: Commit specifies how to commit to the git repository. - properties: - author: - description: Author gives the email and optionally the name - to use as the author of commits. - properties: - email: - description: Email gives the email to provide when making - a commit. - type: string - name: - description: Name gives the name to provide when making - a commit. - type: string - required: - - email - type: object - messageTemplate: - description: MessageTemplate provides a template for the commit - message, into which will be interpolated the details of - the change made. - type: string - signingKey: - description: SigningKey provides the option to sign commits - with a GPG key - properties: - secretRef: - description: SecretRef holds the name to a secret that - contains a 'git.asc' key corresponding to the ASCII - Armored file containing the GPG signing keypair as the - value. It must be in the same namespace as the ImageUpdateAutomation. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - type: object - required: - - author - type: object - push: - description: Push specifies how and where to push commits made - by the automation. If missing, commits are pushed (back) to - `.spec.checkout.branch` or its default. - properties: - branch: - description: Branch specifies that commits should be pushed - to the branch named. The branch is created using `.spec.checkout.branch` - as the starting point, if it doesn't already exist. - type: string - required: - - branch - type: object - required: - - commit - type: object - interval: - description: Interval gives an lower bound for how often the automation - run should be attempted. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - sourceRef: - description: SourceRef refers to the resource giving access details - to a git repository. - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - default: GitRepository - description: Kind of the referent. - enum: - - GitRepository - type: string - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, defaults to the namespace - of the Kubernetes resource object that contains the reference. - type: string - required: - - kind - - name - type: object - suspend: - description: Suspend tells the controller to not run this automation, - until it is unset (or set to false). Defaults to false. - type: boolean - update: - default: - strategy: Setters - description: Update gives the specification for how to update the - files in the repository. This can be left empty, to use the default - value. - properties: - path: - description: Path to the directory containing the manifests to - be updated. Defaults to 'None', which translates to the root - path of the GitRepositoryRef. - type: string - strategy: - default: Setters - description: Strategy names the strategy to be used. - enum: - - Setters - type: string - required: - - strategy - type: object - required: - - interval - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: ImageUpdateAutomationStatus defines the observed state of - ImageUpdateAutomation - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastAutomationRunTime: - description: LastAutomationRunTime records the last time the controller - ran this automation through to completion (even if no updates were - made). - format: date-time - type: string - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - lastPushCommit: - description: LastPushCommit records the SHA1 of the last commit made - by the controller, for this automation object - type: string - lastPushTime: - description: LastPushTime records the time of the last pushed change. - format: date-time - type: string - observedGeneration: - format: int64 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - labels: - app.kubernetes.io/component: kustomize-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: kustomizations.kustomize.toolkit.fluxcd.io -spec: - group: kustomize.toolkit.fluxcd.io - names: - kind: Kustomization - listKind: KustomizationList - plural: kustomizations - shortNames: - - ks - singular: kustomization - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: Kustomization is the Schema for the kustomizations API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KustomizationSpec defines the desired state of a kustomization. - properties: - decryption: - description: Decrypt Kubernetes secrets before applying them on the - cluster. - properties: - provider: - description: Provider is the name of the decryption engine. - enum: - - sops - type: string - secretRef: - description: The secret name containing the private OpenPGP keys - used for decryption. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference - slice with references to Kustomization resources that must be ready - before this Kustomization can be reconciled. - items: - description: NamespacedObjectReference contains enough information - to locate the referenced Kubernetes resource object in any namespace. - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - name - type: object - type: array - force: - default: false - description: Force instructs the controller to recreate resources - when patching fails due to an immutable field change. - type: boolean - healthChecks: - description: A list of resources to be included in the health assessment. - items: - description: NamespacedObjectKindReference contains enough information - to locate the typed referenced Kubernetes resource object in any - namespace. - properties: - apiVersion: - description: API version of the referent, if not specified the - Kubernetes preferred version will be used. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - kind - - name - type: object - type: array - images: - description: Images is a list of (image name, new name, new tag or - digest) for changing image names, tags or digests. This can also - be achieved with a patch, but this operator is simpler to specify. - items: - description: Image contains an image name, a new name, a new tag - or digest, which will replace the original name and tag. - properties: - digest: - description: Digest is the value used to replace the original - image tag. If digest is present NewTag value is ignored. - type: string - name: - description: Name is a tag-less image name. - type: string - newName: - description: NewName is the value used to replace the original - name. - type: string - newTag: - description: NewTag is the value used to replace the original - tag. - type: string - required: - - name - type: object - type: array - interval: - description: The interval at which to reconcile the Kustomization. - type: string - kubeConfig: - description: The KubeConfig for reconciling the Kustomization on a - remote cluster. When specified, KubeConfig takes precedence over - ServiceAccountName. - properties: - secretRef: - description: SecretRef holds the name to a secret that contains - a 'value' key with the kubeconfig file as the value. It must - be in the same namespace as the Kustomization. It is recommended - that the kubeconfig is self-contained, and the secret is regularly - updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without - adding binaries and credentials to the Pod that is responsible - for reconciling the Kustomization. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - type: object - patches: - description: Strategic merge and JSON patches, defined as inline YAML - objects, capable of targeting objects based on kind, label and annotation - selectors. - items: - description: Patch contains an inline StrategicMerge or JSON6902 - patch, and the target the patch should be applied to. - properties: - patch: - description: Patch contains an inline StrategicMerge patch or - an inline JSON6902 patch with an array of operation objects. - type: string - target: - description: Target points to the resources that the patch document - should be applied to. - properties: - annotationSelector: - description: AnnotationSelector is a string that follows - the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: Group is the API group to select resources - from. Together with Version and Kind it is capable of - unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: LabelSelector is a string that follows the - label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: Version of the API Group to select resources - from. Together with Group and Kind it is capable of unambiguously - identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - type: object - type: array - patchesJson6902: - description: JSON 6902 patches, defined as inline YAML objects. - items: - description: JSON6902Patch contains a JSON6902 patch and the target - the patch should be applied to. - properties: - patch: - description: Patch contains the JSON6902 patch document with - an array of operation objects. - items: - description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 - properties: - from: - description: From contains a JSON-pointer value that references - a location within the target document where the operation - is performed. The meaning of the value depends on the - value of Op, and is NOT taken into account by all operations. - type: string - op: - description: Op indicates the operation to perform. Its - value MUST be one of "add", "remove", "replace", "move", - "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 - enum: - - test - - remove - - add - - replace - - move - - copy - type: string - path: - description: Path contains the JSON-pointer value that - references a location within the target document where - the operation is performed. The meaning of the value - depends on the value of Op. - type: string - value: - description: Value contains a valid JSON structure. The - meaning of the value depends on the value of Op, and - is NOT taken into account by all operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path - type: object - type: array - target: - description: Target points to the resources that the patch document - should be applied to. - properties: - annotationSelector: - description: AnnotationSelector is a string that follows - the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: Group is the API group to select resources - from. Together with Version and Kind it is capable of - unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: LabelSelector is a string that follows the - label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: Version of the API Group to select resources - from. Together with Group and Kind it is capable of unambiguously - identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - - target - type: object - type: array - patchesStrategicMerge: - description: Strategic merge patches, defined as inline YAML objects. - items: - x-kubernetes-preserve-unknown-fields: true - type: array - path: - description: Path to the directory containing the kustomization.yaml - file, or the set of plain YAMLs a kustomization.yaml should be generated - for. Defaults to 'None', which translates to the root path of the - SourceRef. - type: string - postBuild: - description: PostBuild describes which actions to perform on the YAML - manifest generated by building the kustomize overlay. - properties: - substitute: - additionalProperties: - type: string - description: Substitute holds a map of key/value pairs. The variables - defined in your YAML manifests that match any of the keys defined - in the map will be substituted with the set value. Includes - support for bash string replacement functions e.g. ${var:=default}, - ${var:position} and ${var/substring/replacement}. - type: object - substituteFrom: - description: SubstituteFrom holds references to ConfigMaps and - Secrets containing the variables and their values to be substituted - in the YAML manifests. The ConfigMap and the Secret data keys - represent the var names and they must match the vars declared - in the manifests for the substitution to happen. - items: - description: SubstituteReference contains a reference to a resource - containing the variables name and value. - properties: - kind: - description: Kind of the values referent, valid values are - ('Secret', 'ConfigMap'). - enum: - - Secret - - ConfigMap - type: string - name: - description: Name of the values referent. Should reside - in the same namespace as the referring resource. - maxLength: 253 - minLength: 1 - type: string - required: - - kind - - name - type: object - type: array - type: object - prune: - description: Prune enables garbage collection. - type: boolean - retryInterval: - description: The interval at which to retry a previously failed reconciliation. - When not specified, the controller uses the KustomizationSpec.Interval - value to retry failures. - type: string - serviceAccountName: - description: The name of the Kubernetes service account to impersonate - when reconciling this Kustomization. - type: string - sourceRef: - description: Reference of the source where the kustomization file - is. - properties: - apiVersion: - description: API version of the referent - type: string - kind: - description: Kind of the referent - enum: - - GitRepository - - Bucket - type: string - name: - description: Name of the referent - type: string - namespace: - description: Namespace of the referent, defaults to the Kustomization - namespace - type: string - required: - - kind - - name - type: object - suspend: - description: This flag tells the controller to suspend subsequent - kustomize executions, it does not apply to already started executions. - Defaults to false. - type: boolean - targetNamespace: - description: TargetNamespace sets or overrides the namespace in the - kustomization.yaml file. - maxLength: 63 - minLength: 1 - type: string - timeout: - description: Timeout for validation, apply and health checking operations. - Defaults to 'Interval' duration. - type: string - validation: - description: Validate the Kubernetes objects before applying them - on the cluster. The validation strategy can be 'client' (local dry-run), - 'server' (APIServer dry-run) or 'none'. When 'Force' is 'true', - validation will fallback to 'client' if set to 'server' because - server-side validation is not supported in this scenario. - enum: - - none - - client - - server - type: string - required: - - interval - - prune - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: KustomizationStatus defines the observed state of a kustomization. - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastAppliedRevision: - description: The last successfully applied revision. The revision - format for Git sources is /. - type: string - lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation - attempt. - type: string - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last reconciled generation. - format: int64 - type: integer - snapshot: - description: The last successfully applied revision metadata. - properties: - checksum: - description: The manifests sha1 checksum. - type: string - entries: - description: A list of Kubernetes kinds grouped by namespace. - items: - description: Snapshot holds the metadata of namespaced Kubernetes - objects - properties: - kinds: - additionalProperties: - type: string - description: The list of Kubernetes kinds. - type: object - namespace: - description: The namespace of this entry. - type: string - required: - - kinds - type: object - type: array - required: - - checksum - - entries - type: object - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta2 - schema: - openAPIV3Schema: - description: Kustomization is the Schema for the kustomizations API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KustomizationSpec defines the configuration to calculate - the desired state from a Source using Kustomize. - properties: - components: - description: Components specifies relative paths to specifications - of other Components - items: - type: string - type: array - decryption: - description: Decrypt Kubernetes secrets before applying them on the - cluster. - properties: - provider: - description: Provider is the name of the decryption engine. - enum: - - sops - type: string - secretRef: - description: The secret name containing the private OpenPGP keys - used for decryption. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference - slice with references to Kustomization resources that must be ready - before this Kustomization can be reconciled. - items: - description: NamespacedObjectReference contains enough information - to locate the referenced Kubernetes resource object in any namespace. - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - name - type: object - type: array - force: - default: false - description: Force instructs the controller to recreate resources - when patching fails due to an immutable field change. - type: boolean - healthChecks: - description: A list of resources to be included in the health assessment. - items: - description: NamespacedObjectKindReference contains enough information - to locate the typed referenced Kubernetes resource object in any - namespace. - properties: - apiVersion: - description: API version of the referent, if not specified the - Kubernetes preferred version will be used. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - kind - - name - type: object - type: array - images: - description: Images is a list of (image name, new name, new tag or - digest) for changing image names, tags or digests. This can also - be achieved with a patch, but this operator is simpler to specify. - items: - description: Image contains an image name, a new name, a new tag - or digest, which will replace the original name and tag. - properties: - digest: - description: Digest is the value used to replace the original - image tag. If digest is present NewTag value is ignored. - type: string - name: - description: Name is a tag-less image name. - type: string - newName: - description: NewName is the value used to replace the original - name. - type: string - newTag: - description: NewTag is the value used to replace the original - tag. - type: string - required: - - name - type: object - type: array - interval: - description: The interval at which to reconcile the Kustomization. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - kubeConfig: - description: The KubeConfig for reconciling the Kustomization on a - remote cluster. When used in combination with KustomizationSpec.ServiceAccountName, - forces the controller to act on behalf of that Service Account at - the target cluster. If the --default-service-account flag is set, - its value will be used as a controller level fallback for when KustomizationSpec.ServiceAccountName - is empty. - properties: - secretRef: - description: SecretRef holds the name of a secret that contains - a key with the kubeconfig file as the value. If no key is set, - the key will default to 'value'. It is recommended that the - kubeconfig is self-contained, and the secret is regularly updated - if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries - and credentials to the Pod that is responsible for reconciling - Kubernetes resources. - properties: - key: - description: Key in the Secret, when not specified an implementation-specific - default key is used. - type: string - name: - description: Name of the Secret. - type: string - required: - - name - type: object - required: - - secretRef - type: object - patches: - description: Strategic merge and JSON patches, defined as inline YAML - objects, capable of targeting objects based on kind, label and annotation - selectors. - items: - description: Patch contains an inline StrategicMerge or JSON6902 - patch, and the target the patch should be applied to. - properties: - patch: - description: Patch contains an inline StrategicMerge patch or - an inline JSON6902 patch with an array of operation objects. - type: string - target: - description: Target points to the resources that the patch document - should be applied to. - properties: - annotationSelector: - description: AnnotationSelector is a string that follows - the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: Group is the API group to select resources - from. Together with Version and Kind it is capable of - unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: LabelSelector is a string that follows the - label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: Version of the API Group to select resources - from. Together with Group and Kind it is capable of unambiguously - identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - type: object - type: array - patchesJson6902: - description: 'JSON 6902 patches, defined as inline YAML objects. Deprecated: - Use Patches instead.' - items: - description: JSON6902Patch contains a JSON6902 patch and the target - the patch should be applied to. - properties: - patch: - description: Patch contains the JSON6902 patch document with - an array of operation objects. - items: - description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 - properties: - from: - description: From contains a JSON-pointer value that references - a location within the target document where the operation - is performed. The meaning of the value depends on the - value of Op, and is NOT taken into account by all operations. - type: string - op: - description: Op indicates the operation to perform. Its - value MUST be one of "add", "remove", "replace", "move", - "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 - enum: - - test - - remove - - add - - replace - - move - - copy - type: string - path: - description: Path contains the JSON-pointer value that - references a location within the target document where - the operation is performed. The meaning of the value - depends on the value of Op. - type: string - value: - description: Value contains a valid JSON structure. The - meaning of the value depends on the value of Op, and - is NOT taken into account by all operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path - type: object - type: array - target: - description: Target points to the resources that the patch document - should be applied to. - properties: - annotationSelector: - description: AnnotationSelector is a string that follows - the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: Group is the API group to select resources - from. Together with Version and Kind it is capable of - unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: LabelSelector is a string that follows the - label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: Version of the API Group to select resources - from. Together with Group and Kind it is capable of unambiguously - identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - - target - type: object - type: array - patchesStrategicMerge: - description: 'Strategic merge patches, defined as inline YAML objects. - Deprecated: Use Patches instead.' - items: - x-kubernetes-preserve-unknown-fields: true - type: array - path: - description: Path to the directory containing the kustomization.yaml - file, or the set of plain YAMLs a kustomization.yaml should be generated - for. Defaults to 'None', which translates to the root path of the - SourceRef. - type: string - postBuild: - description: PostBuild describes which actions to perform on the YAML - manifest generated by building the kustomize overlay. - properties: - substitute: - additionalProperties: - type: string - description: Substitute holds a map of key/value pairs. The variables - defined in your YAML manifests that match any of the keys defined - in the map will be substituted with the set value. Includes - support for bash string replacement functions e.g. ${var:=default}, - ${var:position} and ${var/substring/replacement}. - type: object - substituteFrom: - description: SubstituteFrom holds references to ConfigMaps and - Secrets containing the variables and their values to be substituted - in the YAML manifests. The ConfigMap and the Secret data keys - represent the var names and they must match the vars declared - in the manifests for the substitution to happen. - items: - description: SubstituteReference contains a reference to a resource - containing the variables name and value. - properties: - kind: - description: Kind of the values referent, valid values are - ('Secret', 'ConfigMap'). - enum: - - Secret - - ConfigMap - type: string - name: - description: Name of the values referent. Should reside - in the same namespace as the referring resource. - maxLength: 253 - minLength: 1 - type: string - optional: - default: false - description: Optional indicates whether the referenced resource - must exist, or whether to tolerate its absence. If true - and the referenced resource is absent, proceed as if the - resource was present but empty, without any variables - defined. - type: boolean - required: - - kind - - name - type: object - type: array - type: object - prune: - description: Prune enables garbage collection. - type: boolean - retryInterval: - description: The interval at which to retry a previously failed reconciliation. - When not specified, the controller uses the KustomizationSpec.Interval - value to retry failures. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - serviceAccountName: - description: The name of the Kubernetes service account to impersonate - when reconciling this Kustomization. - type: string - sourceRef: - description: Reference of the source where the kustomization file - is. - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - OCIRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, defaults to the namespace - of the Kubernetes resource object that contains the reference. - type: string - required: - - kind - - name - type: object - suspend: - description: This flag tells the controller to suspend subsequent - kustomize executions, it does not apply to already started executions. - Defaults to false. - type: boolean - targetNamespace: - description: TargetNamespace sets or overrides the namespace in the - kustomization.yaml file. - maxLength: 63 - minLength: 1 - type: string - timeout: - description: Timeout for validation, apply and health checking operations. - Defaults to 'Interval' duration. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - validation: - description: 'Deprecated: Not used in v1beta2.' - enum: - - none - - client - - server - type: string - wait: - description: Wait instructs the controller to check the health of - all the reconciled resources. When enabled, the HealthChecks are - ignored. Defaults to false. - type: boolean - required: - - interval - - prune - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: KustomizationStatus defines the observed state of a kustomization. - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - inventory: - description: Inventory contains the list of Kubernetes resource object - references that have been successfully applied. - properties: - entries: - description: Entries of Kubernetes resource object references. - items: - description: ResourceRef contains the information necessary - to locate a resource within a cluster. - properties: - id: - description: ID is the string representation of the Kubernetes - resource object's metadata, in the format '___'. - type: string - v: - description: Version is the API version of the Kubernetes - resource object's kind. - type: string - required: - - id - - v - type: object - type: array - required: - - entries - type: object - lastAppliedRevision: - description: The last successfully applied revision. The revision - format for Git sources is /. - type: string - lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation - attempt. - type: string - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last reconciled generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: ocirepositories.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: OCIRepository - listKind: OCIRepositoryList - plural: ocirepositories - shortNames: - - ocirepo - singular: ocirepository - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta2 - schema: - openAPIV3Schema: - description: OCIRepository is the Schema for the ocirepositories API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: OCIRepositorySpec defines the desired state of OCIRepository - properties: - certSecretRef: - description: "CertSecretRef can be given the name of a secret containing - either or both of \n - a PEM-encoded client certificate (`certFile`) - and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) - \n and whichever are supplied, will be used for connecting to the - registry. The client cert and key are useful if you are authenticating - with a certificate; the CA cert is useful if you are using a self-signed - server certificate." - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - ignore: - description: Ignore overrides the set of excluded patterns in the - .sourceignore format (which is the same as .gitignore). If not provided, - a default will be used, consult the documentation for your version - to find out what those are. - type: string - insecure: - description: Insecure allows connecting to a non-TLS HTTP container - registry. - type: boolean - interval: - description: The interval at which to check for image updates. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - layerSelector: - description: LayerSelector specifies which layer should be extracted - from the OCI artifact. When not specified, the first layer found - in the artifact is selected. - properties: - mediaType: - description: MediaType specifies the OCI media type of the layer - which should be extracted from the OCI Artifact. The first layer - matching this type is selected. - type: string - operation: - description: Operation specifies how the selected layer should - be processed. By default, the layer compressed content is extracted - to storage. When the operation is set to 'copy', the layer compressed - content is persisted to storage as it is. - enum: - - extract - - copy - type: string - type: object - provider: - default: generic - description: The provider used for authentication, can be 'aws', 'azure', - 'gcp' or 'generic'. When not specified, defaults to 'generic'. - enum: - - generic - - aws - - azure - - gcp - type: string - ref: - description: The OCI reference to pull and monitor for changes, defaults - to the latest tag. - properties: - digest: - description: Digest is the image digest to pull, takes precedence - over SemVer. The value should be in the format 'sha256:'. - type: string - semver: - description: SemVer is the range of tags to pull selecting the - latest within the range, takes precedence over Tag. - type: string - tag: - description: Tag is the image tag to pull, defaults to latest. - type: string - type: object - secretRef: - description: SecretRef contains the secret name containing the registry - login credentials to resolve image metadata. The secret must be - of type kubernetes.io/dockerconfigjson. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount - used to authenticate the image pull if the service account has attached - pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' - type: string - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout for remote OCI Repository operations like - pulling, defaults to 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - url: - description: URL is a reference to an OCI artifact repository hosted - on a remote container registry. - pattern: ^oci://.*$ - type: string - verify: - description: Verify contains the secret name containing the trusted - public keys used to verify the signature and specifies which provider - to use to check whether OCI image is authentic. - properties: - provider: - default: cosign - description: Provider specifies the technology used to sign the - OCI Artifact. - enum: - - cosign - type: string - secretRef: - description: SecretRef specifies the Kubernetes Secret containing - the trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: OCIRepositoryStatus defines the observed state of OCIRepository - properties: - artifact: - description: Artifact represents the output of the last successful - OCI Repository sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the Artifact file. - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: Path is the relative file path of the Artifact. It - can be used to locate the file in the root of the Artifact storage - on the local file system of the controller managing the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the OCIRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - contentConfigChecksum: - description: "ContentConfigChecksum is a checksum of all the configurations - related to the content of the source artifact: - .spec.ignore - - .spec.layerSelector observed in .status.observedGeneration version - of the object. This can be used to determine if the content configuration - has changed and the artifact needs to be rebuilt. It has the format - of `:`, for example: `sha256:`. \n Deprecated: - Replaced with explicit fields for observed artifact content config - in the status." - type: string - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used - for constructing the source artifact. - type: string - observedLayerSelector: - description: ObservedLayerSelector is the observed layer selector - used for constructing the source artifact. - properties: - mediaType: - description: MediaType specifies the OCI media type of the layer - which should be extracted from the OCI Artifact. The first layer - matching this type is selected. - type: string - operation: - description: Operation specifies how the selected layer should - be processed. By default, the layer compressed content is extracted - to storage. When the operation is set to 'copy', the layer compressed - content is persisted to storage as it is. - enum: - - extract - - copy - type: string - type: object - url: - description: URL is the download link for the artifact output of the - last OCI Repository sync. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: providers.notification.toolkit.fluxcd.io -spec: - group: notification.toolkit.fluxcd.io - names: - kind: Provider - listKind: ProviderList - plural: providers - singular: provider - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: Provider is the Schema for the providers API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ProviderSpec defines the desired state of Provider - properties: - address: - description: HTTP/S webhook address of this provider - pattern: ^(http|https):// - type: string - certSecretRef: - description: CertSecretRef can be given the name of a secret containing - a PEM-encoded CA certificate (`caFile`) - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - channel: - description: Alert channel for this provider - type: string - proxy: - description: HTTP/S address of the proxy - pattern: ^(http|https):// - type: string - secretRef: - description: Secret reference containing the provider webhook URL - using "address" as data key - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: This flag tells the controller to suspend subsequent - events handling. Defaults to false. - type: boolean - timeout: - description: Timeout for sending alerts to the provider. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - type: - description: Type of provider - enum: - - slack - - discord - - msteams - - rocket - - generic - - generic-hmac - - github - - gitlab - - bitbucket - - azuredevops - - googlechat - - webex - - sentry - - azureeventhub - - telegram - - lark - - matrix - - opsgenie - - alertmanager - - grafana - - githubdispatch - type: string - username: - description: Bot username for this provider - type: string - required: - - type - type: object - status: - default: - observedGeneration: -1 - description: ProviderStatus defines the observed state of Provider - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: ObservedGeneration is the last reconciled generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta2 - schema: - openAPIV3Schema: - description: Provider is the Schema for the providers API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ProviderSpec defines the desired state of the Provider. - properties: - address: - description: Address specifies the HTTP/S incoming webhook address - of this Provider. - maxLength: 2048 - pattern: ^(http|https)://.*$ - type: string - certSecretRef: - description: CertSecretRef specifies the Secret containing a PEM-encoded - CA certificate (`caFile`). - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - channel: - description: Channel specifies the destination channel where events - should be posted. - maxLength: 2048 - type: string - interval: - description: Interval at which to reconcile the Provider with its - Secret references. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - proxy: - description: Proxy the HTTP/S address of the proxy server. - maxLength: 2048 - pattern: ^(http|https)://.*$ - type: string - secretRef: - description: SecretRef specifies the Secret containing the authentication - credentials for this Provider. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: Suspend tells the controller to suspend subsequent events - handling for this Provider. - type: boolean - timeout: - description: Timeout for sending alerts to the Provider. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - type: - description: Type specifies which Provider implementation to use. - enum: - - slack - - discord - - msteams - - rocket - - generic - - generic-hmac - - github - - gitlab - - gitea - - bitbucket - - azuredevops - - googlechat - - webex - - sentry - - azureeventhub - - telegram - - lark - - matrix - - opsgenie - - alertmanager - - grafana - - githubdispatch - type: string - username: - description: Username specifies the name under which events are posted. - maxLength: 2048 - type: string - required: - - type - type: object - status: - default: - observedGeneration: -1 - description: ProviderStatus defines the observed state of the Provider. - properties: - conditions: - description: Conditions holds the conditions for the Provider. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last reconciled generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: receivers.notification.toolkit.fluxcd.io -spec: - group: notification.toolkit.fluxcd.io - names: - kind: Receiver - listKind: ReceiverList - plural: receivers - singular: receiver - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: Receiver is the Schema for the receivers API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ReceiverSpec defines the desired state of Receiver - properties: - events: - description: A list of events to handle, e.g. 'push' for GitHub or - 'Push Hook' for GitLab. - items: - type: string - type: array - resources: - description: A list of resources to be notified about changes. - items: - description: CrossNamespaceObjectReference contains enough information - to let you locate the typed referenced object at cluster level - properties: - apiVersion: - description: API version of the referent - type: string - kind: - description: Kind of the referent - enum: - - Bucket - - GitRepository - - Kustomization - - HelmRelease - - HelmChart - - HelmRepository - - ImageRepository - - ImagePolicy - - ImageUpdateAutomation - - OCIRepository - type: string - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - name: - description: Name of the referent - maxLength: 53 - minLength: 1 - type: string - namespace: - description: Namespace of the referent - maxLength: 53 - minLength: 1 - type: string - required: - - name - type: object - type: array - secretRef: - description: Secret reference containing the token used to validate - the payload authenticity - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: This flag tells the controller to suspend subsequent - events handling. Defaults to false. - type: boolean - type: - description: Type of webhook sender, used to determine the validation - procedure and payload deserialization. - enum: - - generic - - generic-hmac - - github - - gitlab - - bitbucket - - harbor - - dockerhub - - quay - - gcr - - nexus - - acr - type: string - required: - - resources - - type - type: object - status: - default: - observedGeneration: -1 - description: ReceiverStatus defines the observed state of Receiver - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: Generated webhook URL in the format of '/hook/sha256sum(token+name+namespace)'. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta2 - schema: - openAPIV3Schema: - description: Receiver is the Schema for the receivers API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ReceiverSpec defines the desired state of the Receiver. - properties: - events: - description: Events specifies the list of event types to handle, e.g. - 'push' for GitHub or 'Push Hook' for GitLab. - items: - type: string - type: array - interval: - description: Interval at which to reconcile the Receiver with its - Secret references. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - resources: - description: A list of resources to be notified about changes. - items: - description: CrossNamespaceObjectReference contains enough information - to let you locate the typed referenced object at cluster level - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - Bucket - - GitRepository - - Kustomization - - HelmRelease - - HelmChart - - HelmRepository - - ImageRepository - - ImagePolicy - - ImageUpdateAutomation - - OCIRepository - type: string - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - name: - description: Name of the referent. - maxLength: 53 - minLength: 1 - type: string - namespace: - description: Namespace of the referent. - maxLength: 53 - minLength: 1 - type: string - required: - - name - type: object - type: array - secretRef: - description: SecretRef specifies the Secret containing the token used - to validate the payload authenticity. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: Suspend tells the controller to suspend subsequent events - handling for this receiver. - type: boolean - type: - description: Type of webhook sender, used to determine the validation - procedure and payload deserialization. - enum: - - generic - - generic-hmac - - github - - gitlab - - bitbucket - - harbor - - dockerhub - - quay - - gcr - - nexus - - acr - type: string - required: - - resources - - type - type: object - status: - default: - observedGeneration: -1 - description: ReceiverStatus defines the observed state of the Receiver. - properties: - conditions: - description: Conditions holds the conditions for the Receiver. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the Receiver object. - format: int64 - type: integer - url: - description: 'URL is the generated incoming webhook address in the - format of ''/hook/sha256sum(token+name+namespace)''. Deprecated: - Replaced by WebhookPath.' - type: string - webhookPath: - description: WebhookPath is the generated incoming webhook address - in the format of '/hook/sha256sum(token+name+namespace)'. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: helm-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: helm-controller - namespace: flux-system ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: image-automation-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: image-automation-controller - namespace: flux-system ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: image-reflector-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: image-reflector-controller - namespace: flux-system ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: kustomize-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: kustomize-controller - namespace: flux-system ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: notification-controller - namespace: flux-system ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: source-controller - namespace: flux-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: crd-controller-flux-system -rules: -- apiGroups: - - source.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - kustomize.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - helm.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - notification.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - image.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - "" - resources: - - namespaces - - secrets - - configmaps - - serviceaccounts - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - configmaps/status - verbs: - - get - - update - - patch -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: cluster-reconciler-flux-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: cluster-admin -subjects: -- kind: ServiceAccount - name: kustomize-controller - namespace: flux-system -- kind: ServiceAccount - name: helm-controller - namespace: flux-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: crd-controller-flux-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: crd-controller-flux-system -subjects: -- kind: ServiceAccount - name: kustomize-controller - namespace: flux-system -- kind: ServiceAccount - name: helm-controller - namespace: flux-system -- kind: ServiceAccount - name: source-controller - namespace: flux-system -- kind: ServiceAccount - name: notification-controller - namespace: flux-system -- kind: ServiceAccount - name: image-reflector-controller - namespace: flux-system -- kind: ServiceAccount - name: image-automation-controller - namespace: flux-system ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - control-plane: controller - name: notification-controller - namespace: flux-system -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: http - selector: - app: notification-controller - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - control-plane: controller - name: source-controller - namespace: flux-system -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: http - selector: - app: source-controller - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - control-plane: controller - name: webhook-receiver - namespace: flux-system -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: http-webhook - selector: - app: notification-controller - type: ClusterIP ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: helm-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - control-plane: controller - name: helm-controller - namespace: flux-system -spec: - replicas: 1 - selector: - matchLabels: - app: helm-controller - template: - metadata: - annotations: - prometheus.io/port: "8080" - prometheus.io/scrape: "true" - labels: - app: helm-controller - spec: - containers: - - args: - - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ - - --watch-all-namespaces=true - - --log-level=info - - --log-encoding=json - - --enable-leader-election - env: - - name: RUNTIME_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.28.1 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 8080 - name: http-prom - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: healthz - resources: - limits: - cpu: 1000m - memory: 1Gi - requests: - cpu: 100m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /tmp - name: temp - nodeSelector: - kubernetes.io/os: linux - securityContext: - fsGroup: 1337 - serviceAccountName: helm-controller - terminationGracePeriodSeconds: 600 - volumes: - - emptyDir: {} - name: temp ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: image-automation-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - control-plane: controller - name: image-automation-controller - namespace: flux-system -spec: - replicas: 1 - selector: - matchLabels: - app: image-automation-controller - template: - metadata: - annotations: - prometheus.io/port: "8080" - prometheus.io/scrape: "true" - labels: - app: image-automation-controller - spec: - containers: - - args: - - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ - - --watch-all-namespaces=true - - --log-level=info - - --log-encoding=json - - --enable-leader-election - env: - - name: RUNTIME_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-automation-controller:v0.28.0 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 8080 - name: http-prom - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: healthz - resources: - limits: - cpu: 1000m - memory: 1Gi - requests: - cpu: 100m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /tmp - name: temp - nodeSelector: - kubernetes.io/os: linux - securityContext: - fsGroup: 1337 - serviceAccountName: image-automation-controller - terminationGracePeriodSeconds: 10 - volumes: - - emptyDir: {} - name: temp ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: image-reflector-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - control-plane: controller - name: image-reflector-controller - namespace: flux-system -spec: - replicas: 1 - selector: - matchLabels: - app: image-reflector-controller - template: - metadata: - annotations: - prometheus.io/port: "8080" - prometheus.io/scrape: "true" - labels: - app: image-reflector-controller - spec: - containers: - - args: - - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ - - --watch-all-namespaces=true - - --log-level=info - - --log-encoding=json - - --enable-leader-election - env: - - name: RUNTIME_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-reflector-controller:v0.23.1 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 8080 - name: http-prom - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: healthz - resources: - limits: - cpu: 1000m - memory: 1Gi - requests: - cpu: 100m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - nodeSelector: - kubernetes.io/os: linux - securityContext: - fsGroup: 1337 - serviceAccountName: image-reflector-controller - terminationGracePeriodSeconds: 10 - volumes: - - emptyDir: {} - name: temp - - emptyDir: {} - name: data ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: kustomize-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - control-plane: controller - name: kustomize-controller - namespace: flux-system -spec: - replicas: 1 - selector: - matchLabels: - app: kustomize-controller - template: - metadata: - annotations: - prometheus.io/port: "8080" - prometheus.io/scrape: "true" - labels: - app: kustomize-controller - spec: - containers: - - args: - - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ - - --watch-all-namespaces=true - - --log-level=info - - --log-encoding=json - - --enable-leader-election - env: - - name: RUNTIME_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.32.0 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 8080 - name: http-prom - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: healthz - resources: - limits: - cpu: 1000m - memory: 1Gi - requests: - cpu: 100m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /tmp - name: temp - nodeSelector: - kubernetes.io/os: linux - securityContext: - fsGroup: 1337 - serviceAccountName: kustomize-controller - terminationGracePeriodSeconds: 60 - volumes: - - emptyDir: {} - name: temp ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - control-plane: controller - name: notification-controller - namespace: flux-system -spec: - replicas: 1 - selector: - matchLabels: - app: notification-controller - template: - metadata: - annotations: - prometheus.io/port: "8080" - prometheus.io/scrape: "true" - labels: - app: notification-controller - spec: - containers: - - args: - - --watch-all-namespaces=true - - --log-level=info - - --log-encoding=json - - --enable-leader-election - env: - - name: RUNTIME_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v0.30.2 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 9090 - name: http - protocol: TCP - - containerPort: 9292 - name: http-webhook - protocol: TCP - - containerPort: 8080 - name: http-prom - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: healthz - resources: - limits: - cpu: 1000m - memory: 1Gi - requests: - cpu: 100m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /tmp - name: temp - nodeSelector: - kubernetes.io/os: linux - securityContext: - fsGroup: 1337 - serviceAccountName: notification-controller - terminationGracePeriodSeconds: 10 - volumes: - - emptyDir: {} - name: temp ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - control-plane: controller - name: source-controller - namespace: flux-system -spec: - replicas: 1 - selector: - matchLabels: - app: source-controller - strategy: - type: Recreate - template: - metadata: - annotations: - prometheus.io/port: "8080" - prometheus.io/scrape: "true" - labels: - app: source-controller - spec: - containers: - - args: - - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ - - --watch-all-namespaces=true - - --log-level=info - - --log-encoding=json - - --enable-leader-election - - --storage-path=/data - - --storage-adv-addr=source-controller.$(RUNTIME_NAMESPACE).svc.cluster.local. - env: - - name: RUNTIME_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: TUF_ROOT - value: /tmp/.sigstore - image: ghcr.io/fluxcd/source-controller:v0.33.0 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 9090 - name: http - protocol: TCP - - containerPort: 8080 - name: http-prom - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - readinessProbe: - httpGet: - path: / - port: http - resources: - limits: - cpu: 1000m - memory: 1Gi - requests: - cpu: 50m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /data - name: data - - mountPath: /tmp - name: tmp - nodeSelector: - kubernetes.io/os: linux - securityContext: - fsGroup: 1337 - serviceAccountName: source-controller - terminationGracePeriodSeconds: 10 - volumes: - - emptyDir: {} - name: data - - emptyDir: {} - name: tmp ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: allow-egress - namespace: flux-system -spec: - egress: - - {} - ingress: - - from: - - podSelector: {} - podSelector: {} - policyTypes: - - Ingress - - Egress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: allow-scraping - namespace: flux-system -spec: - ingress: - - from: - - namespaceSelector: {} - ports: - - port: 8080 - protocol: TCP - podSelector: {} - policyTypes: - - Ingress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 - name: allow-webhooks - namespace: flux-system -spec: - ingress: - - from: - - namespaceSelector: {} - podSelector: - matchLabels: - app: notification-controller - policyTypes: - - Ingress diff --git a/flux/old_cluster/base/flux-system/gotk-sync.yaml b/flux/old_cluster/base/flux-system/gotk-sync.yaml deleted file mode 100644 index dae2663b..00000000 --- a/flux/old_cluster/base/flux-system/gotk-sync.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# This manifest was generated by flux. DO NOT EDIT. ---- -apiVersion: source.toolkit.fluxcd.io/v1beta2 -kind: GitRepository -metadata: - name: flux-system - namespace: flux-system -spec: - interval: 1m0s - ref: - branch: main - secretRef: - name: flux-system - url: ssh://gitea@git.0x76.dev:42/v/infrastructure.git ---- -apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 -kind: Kustomization -metadata: - name: flux-system - namespace: flux-system -spec: - interval: 10m0s - path: ./flux/cluster/base - prune: true - sourceRef: - kind: GitRepository - name: flux-system diff --git a/flux/old_cluster/base/flux-system/kustomization.yaml b/flux/old_cluster/base/flux-system/kustomization.yaml deleted file mode 100644 index 9b07814f..00000000 --- a/flux/old_cluster/base/flux-system/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - gotk-components.yaml - - gotk-sync.yaml - - xirion-registry-creds.yaml - - charts diff --git a/flux/old_cluster/base/flux-system/xirion-registry-creds.yaml b/flux/old_cluster/base/flux-system/xirion-registry-creds.yaml deleted file mode 100644 index abba4e09..00000000 --- a/flux/old_cluster/base/flux-system/xirion-registry-creds.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: xirion-registry-creds - namespace: flux-system -spec: - refreshInterval: "5m" - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: xirion-registry-creds - template: - type: kubernetes.io/dockerconfigjson - data: - - secretKey: .dockerconfigjson - remoteRef: - key: xirion-registry-creds - property: dockerconfigjson diff --git a/flux/old_cluster/core/external-secrets/external-secrets/helm-release.yaml b/flux/old_cluster/core/external-secrets/external-secrets/helm-release.yaml deleted file mode 100644 index 33b8e065..00000000 --- a/flux/old_cluster/core/external-secrets/external-secrets/helm-release.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: external-secrets - namespace: external-secrets -spec: - interval: 5m - chart: - spec: - # renovate: registryUrl=https://charts.external-secrets.io - chart: external-secrets - version: 0.5.8 - sourceRef: - kind: HelmRepository - name: external-secrets-charts - namespace: flux-system - interval: 5m - values: - installCRDs: false - install: - crds: Skip - upgrade: - crds: Skip diff --git a/flux/old_cluster/core/external-secrets/external-secrets/kustomization.yaml b/flux/old_cluster/core/external-secrets/external-secrets/kustomization.yaml deleted file mode 100644 index 686d8782..00000000 --- a/flux/old_cluster/core/external-secrets/external-secrets/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - helm-release.yaml - - vault-secret-store.yaml diff --git a/flux/old_cluster/core/external-secrets/external-secrets/vault-secret-store.yaml b/flux/old_cluster/core/external-secrets/external-secrets/vault-secret-store.yaml deleted file mode 100644 index c621731f..00000000 --- a/flux/old_cluster/core/external-secrets/external-secrets/vault-secret-store.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ClusterSecretStore -metadata: - name: vault - namespace: external-secrets -spec: - provider: - vault: - server: "http://10.42.42.6:8200" - path: "k8s" - version: "v2" - auth: - # VaultAppRole authenticates with Vault using the - # App Role auth mechanism - # https://www.vaultproject.io/docs/auth/approle - appRole: - # Path where the App Role authentication backend is mounted - path: "approle" - # RoleID configured in the App Role authentication backend - roleId: "bb841a0e-45c1-9dab-36f0-f72647d6aff0" - # Reference to a key in a K8 Secret that contains the App Role SecretId - # (not commited in git) - secretRef: - name: "vault-secret-id" - namespace: "external-secrets" - key: "secret-id" diff --git a/flux/old_cluster/core/external-secrets/kustomization.yaml b/flux/old_cluster/core/external-secrets/kustomization.yaml deleted file mode 100644 index cf78af62..00000000 --- a/flux/old_cluster/core/external-secrets/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - external-secrets diff --git a/flux/old_cluster/core/kustomization.yaml b/flux/old_cluster/core/kustomization.yaml deleted file mode 100644 index 88687c77..00000000 --- a/flux/old_cluster/core/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - namespaces - - networking - - external-secrets - diff --git a/flux/old_cluster/core/namespaces/drone-build.yaml b/flux/old_cluster/core/namespaces/drone-build.yaml deleted file mode 100644 index de9788d4..00000000 --- a/flux/old_cluster/core/namespaces/drone-build.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: drone-build diff --git a/flux/old_cluster/core/namespaces/external-secrets.yaml b/flux/old_cluster/core/namespaces/external-secrets.yaml deleted file mode 100644 index 591aac5d..00000000 --- a/flux/old_cluster/core/namespaces/external-secrets.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: external-secrets diff --git a/flux/old_cluster/core/namespaces/gitops.yaml b/flux/old_cluster/core/namespaces/gitops.yaml deleted file mode 100644 index 4ac5db77..00000000 --- a/flux/old_cluster/core/namespaces/gitops.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: gitops diff --git a/flux/old_cluster/core/namespaces/kustomization.yaml b/flux/old_cluster/core/namespaces/kustomization.yaml deleted file mode 100644 index baf95855..00000000 --- a/flux/old_cluster/core/namespaces/kustomization.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - presidential-paradise.yaml - - networking.yaml - - external-secrets.yaml - - gitops.yaml - - monitoring.yaml - - olympus.yaml - - drone-build.yaml diff --git a/flux/old_cluster/core/namespaces/monitoring.yaml b/flux/old_cluster/core/namespaces/monitoring.yaml deleted file mode 100644 index ff7ae1b9..00000000 --- a/flux/old_cluster/core/namespaces/monitoring.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: monitoring diff --git a/flux/old_cluster/core/namespaces/networking.yaml b/flux/old_cluster/core/namespaces/networking.yaml deleted file mode 100644 index fa9575ea..00000000 --- a/flux/old_cluster/core/namespaces/networking.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: networking diff --git a/flux/old_cluster/core/namespaces/olympus.yaml b/flux/old_cluster/core/namespaces/olympus.yaml deleted file mode 100644 index cbea7e35..00000000 --- a/flux/old_cluster/core/namespaces/olympus.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: olympus - labels: - goldilocks.fairwinds.com/enabled: "true" diff --git a/flux/old_cluster/core/namespaces/presidential-paradise.yaml b/flux/old_cluster/core/namespaces/presidential-paradise.yaml deleted file mode 100644 index caafab0d..00000000 --- a/flux/old_cluster/core/namespaces/presidential-paradise.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: presidential-paradise - labels: - goldilocks.fairwinds.com/enabled: "true" diff --git a/flux/old_cluster/core/networking/kustomization.yaml b/flux/old_cluster/core/networking/kustomization.yaml deleted file mode 100644 index 716c6aff..00000000 --- a/flux/old_cluster/core/networking/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - metallb diff --git a/flux/old_cluster/core/networking/metallb/address-pool.yaml b/flux/old_cluster/core/networking/metallb/address-pool.yaml deleted file mode 100644 index 22ca7a65..00000000 --- a/flux/old_cluster/core/networking/metallb/address-pool.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: metallb.io/v1beta1 -kind: IPAddressPool -metadata: - name: main-pool - namespace: networking -spec: - addresses: - - 10.42.42.150-192.168.42.200 diff --git a/flux/old_cluster/core/networking/metallb/helm-release.yaml b/flux/old_cluster/core/networking/metallb/helm-release.yaml deleted file mode 100644 index f1a00d8f..00000000 --- a/flux/old_cluster/core/networking/metallb/helm-release.yaml +++ /dev/null @@ -1,27 +0,0 @@ ---- -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: metallb - namespace: networking -spec: - interval: 5m - chart: - spec: - # renovate: registryUrl=https://metallb.github.io/metallb - chart: metallb - version: 0.13.4 - sourceRef: - kind: HelmRepository - name: metallb-charts - namespace: flux-system - interval: 5m - values: - crds: - enabled: true - speaker: - tolerations: - - effect: "NoExecute" - operator: "Exists" - - effect: "NoSchedule" - operator: "Exists" diff --git a/flux/old_cluster/core/networking/metallb/kustomization.yaml b/flux/old_cluster/core/networking/metallb/kustomization.yaml deleted file mode 100644 index 806406f7..00000000 --- a/flux/old_cluster/core/networking/metallb/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - helm-release.yaml - - address-pool.yaml - - l2advertisement.yaml diff --git a/flux/old_cluster/core/networking/metallb/l2advertisement.yaml b/flux/old_cluster/core/networking/metallb/l2advertisement.yaml deleted file mode 100644 index c14b1aa4..00000000 --- a/flux/old_cluster/core/networking/metallb/l2advertisement.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: metallb.io/v1beta1 -kind: L2Advertisement -metadata: - name: main-pool - namespace: networking -spec: - ipAddressPools: - - main-pool diff --git a/flux/old_cluster/crds/external-secrets/crds.yaml b/flux/old_cluster/crds/external-secrets/crds.yaml deleted file mode 100644 index bdd41646..00000000 --- a/flux/old_cluster/crds/external-secrets/crds.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -apiVersion: source.toolkit.fluxcd.io/v1beta1 -kind: GitRepository -metadata: - name: external-secrets-crd-source - namespace: flux-system -spec: - interval: 30m - url: https://github.com/external-secrets/external-secrets.git - ref: - # renovate: registryUrl=https://charts.external-secrets.io chart=external-secrets - tag: helm-chart-0.5.8 - ignore: | - # exclude all - /* - # path to crds - !/deploy/crds/ ---- -apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 -kind: Kustomization -metadata: - name: external-secrets-crds - namespace: flux-system -spec: - interval: 15m - prune: false - wait: true - sourceRef: - kind: GitRepository - name: external-secrets-crd-source diff --git a/flux/old_cluster/crds/external-secrets/kustomization.yaml b/flux/old_cluster/crds/external-secrets/kustomization.yaml deleted file mode 100644 index 2ed3b351..00000000 --- a/flux/old_cluster/crds/external-secrets/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - crds.yaml diff --git a/flux/old_cluster/crds/kustomization.yaml b/flux/old_cluster/crds/kustomization.yaml deleted file mode 100644 index f2ee43c6..00000000 --- a/flux/old_cluster/crds/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - traefik - - external-secrets diff --git a/flux/old_cluster/crds/traefik/crds.yaml b/flux/old_cluster/crds/traefik/crds.yaml deleted file mode 100644 index a46320b0..00000000 --- a/flux/old_cluster/crds/traefik/crds.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -apiVersion: source.toolkit.fluxcd.io/v1beta1 -kind: GitRepository -metadata: - name: traefik-crd-source - namespace: flux-system -spec: - interval: 30m - url: https://github.com/traefik/traefik-helm-chart.git - ref: - # renovate: registryUrl=https://helm.traefik.io/traefik chart=traefik - tag: v10.24.0 - ignore: | - # exclude all - /* - # path to crds - !/traefik/crds/ ---- -apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 -kind: Kustomization -metadata: - name: traefik-crds - namespace: flux-system -spec: - interval: 15m - prune: false - wait: true - sourceRef: - kind: GitRepository - name: traefik-crd-source diff --git a/flux/old_cluster/crds/traefik/kustomization.yaml b/flux/old_cluster/crds/traefik/kustomization.yaml deleted file mode 100644 index 2ed3b351..00000000 --- a/flux/old_cluster/crds/traefik/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - crds.yaml -- 2.47.1 From 5a6e5f19d712a30bd3982cd75caef12c4af31185 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 19 Jan 2023 16:52:24 +0100 Subject: [PATCH 0646/1882] fix renovate --- flux/olympus/apps/services/renovate/cronjob.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index f29f4a1e..51efcd8a 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -1,4 +1,3 @@ ---- apiVersion: batch/v1 kind: CronJob metadata: @@ -19,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:32.135 + image: renovate/renovate:34.105.6 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From ad6d9f9cbb4acf070508dc8f625c973711b1d286 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 20 Jan 2023 10:37:38 +0100 Subject: [PATCH 0647/1882] renovate enable nix --- flake.lock | 18 +++++++-------- .../apps/services/renovate/config.yaml | 23 +++---------------- 2 files changed, 12 insertions(+), 29 deletions(-) diff --git a/flake.lock b/flake.lock index 5463aa76..b67879a4 100644 --- a/flake.lock +++ b/flake.lock @@ -455,11 +455,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674054764, - "narHash": "sha256-00cRYxCYmZvncLyCsVYrhQsCzFnjkZi+23TC2FpQU/U=", + "lastModified": 1674143063, + "narHash": "sha256-CfP6ZYjxLeC1Q6W4f+RCd2sokIX8RnyTA8wYzYmx9XE=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "428063ff2304962387803fd59e5da8b9b82710cc", + "rev": "5112056fdbda989191310364444f328240bbf6f1", "type": "github" }, "original": { @@ -840,11 +840,11 @@ ] }, "locked": { - "lastModified": 1674125115, - "narHash": "sha256-k22iBAgchS0pvFJu1gVhw/6fVbmOngtgYAGpRbL55qw=", + "lastModified": 1674160777, + "narHash": "sha256-ozE4FVz+UB+5pTiNjhYanS/y52lwXhv8mWzAugbIHak=", "owner": "pta2002", "repo": "nixvim", - "rev": "3f9effc575cabe61b7a9539ce550484049fe5c68", + "rev": "d2f714c40ec9bcb20f91a8124f33c81f0576bb68", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1674117493, - "narHash": "sha256-3X7K7CfTshJUMlUxGI2I2SJqKg9S1OFw4HhtYCe/vnw=", + "lastModified": 1674199941, + "narHash": "sha256-l16+t5cft/7SmwwKd3VHTD6Lk2ZIDo8MGu/zkok9Ack=", "owner": "nix-community", "repo": "NUR", - "rev": "00120bd037350362ad270e536d3cfd5efd404228", + "rev": "2fabc504984f757b694a1c2ef5101659f46638e5", "type": "github" }, "original": { diff --git a/flux/olympus/apps/services/renovate/config.yaml b/flux/olympus/apps/services/renovate/config.yaml index af8bde82..f1afc981 100644 --- a/flux/olympus/apps/services/renovate/config.yaml +++ b/flux/olympus/apps/services/renovate/config.yaml @@ -17,6 +17,9 @@ data: "kubernetes": { "fileMatch": ["flux/.+\\.ya?ml$"] }, + "nix": { + "enabled": true + }, "hostRules": [ { "hostType": "docker", @@ -42,25 +45,5 @@ data: "ghcr.io/fluxcd/kustomize-controller", "ghcr.io/fluxcd/notification-controller", "ghcr.io/fluxcd/source-controller" - ], - "regexManagers": [ - { - "fileMatch": [ - "flux/cluster/crds/traefik/.+\\.ya?ml$" - ], - "matchStrings": [ - "registryUrl=(?.*?) chart=(?.*?)\n *tag: v(?.*)\n" - ], - "datasourceTemplate": "helm" - }, - { - "fileMatch": [ - "flux/cluster/crds/external-secrets/.+\\.ya?ml$" - ], - "matchStrings": [ - "registryUrl=(?.*?) chart=(?.*?)\n *tag: helm-chart-(?.*)\n" - ], - "datasourceTemplate": "helm" - }, ] }; -- 2.47.1 From 63fb4d3e7164aa847ca89b80b9a795fb42b27c7c Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 20 Jan 2023 15:43:20 +0100 Subject: [PATCH 0648/1882] renovate: lock file maintenance --- flake.lock | 6 +++--- flux/olympus/apps/services/renovate/config.yaml | 4 ++++ 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b67879a4..24487a21 100644 --- a/flake.lock +++ b/flake.lock @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1674199941, - "narHash": "sha256-l16+t5cft/7SmwwKd3VHTD6Lk2ZIDo8MGu/zkok9Ack=", + "lastModified": 1674210405, + "narHash": "sha256-edYWlWOR3IVoSzF4/Bb1UGbK6thpIsHWwiukFrAtSnE=", "owner": "nix-community", "repo": "NUR", - "rev": "2fabc504984f757b694a1c2ef5101659f46638e5", + "rev": "04eaf102cbcb942fde8eff4505101d84b1964e17", "type": "github" }, "original": { diff --git a/flux/olympus/apps/services/renovate/config.yaml b/flux/olympus/apps/services/renovate/config.yaml index f1afc981..86df57ca 100644 --- a/flux/olympus/apps/services/renovate/config.yaml +++ b/flux/olympus/apps/services/renovate/config.yaml @@ -20,6 +20,10 @@ data: "nix": { "enabled": true }, + "lockFileMaintenance": { + "enabled": true, + "schedule": ["hourly"], + }, "hostRules": [ { "hostType": "docker", -- 2.47.1 From bab17dff6ab9d980ff0d57f473491dce9224c6fd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 20 Jan 2023 16:01:53 +0000 Subject: [PATCH 0649/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 24487a21..88a6c1e0 100644 --- a/flake.lock +++ b/flake.lock @@ -455,11 +455,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674143063, - "narHash": "sha256-CfP6ZYjxLeC1Q6W4f+RCd2sokIX8RnyTA8wYzYmx9XE=", + "lastModified": 1674228630, + "narHash": "sha256-cKEi71FVCPKcjU48YD9Hpw+sBR6UMltCQiDo6lJp554=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "5112056fdbda989191310364444f328240bbf6f1", + "rev": "d5913a23acd36eeaa46a99380afe8b2a78492f2e", "type": "github" }, "original": { -- 2.47.1 From fa60cf2203346350656338326a6b9f00f9354feb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 21 Jan 2023 09:01:42 +0000 Subject: [PATCH 0650/1882] chore(deps): lock file maintenance --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 88a6c1e0..af25bbfb 100644 --- a/flake.lock +++ b/flake.lock @@ -434,11 +434,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1674082145, - "narHash": "sha256-4IpEt5Jc6VrNcpIcrKMCZAyeJMLXaaHk+yOV9HusO/A=", + "lastModified": 1674250603, + "narHash": "sha256-SBolFspxBHpW3hCCDNAFXUiO2mucmkVmf17UmSIK3Cs=", "owner": "nix-community", "repo": "home-manager", - "rev": "7026e1a934abfa02623c9870378dbcdac3cd7f80", + "rev": "275ab728912006eecb549338a50f24f294a7cfb7", "type": "github" }, "original": { @@ -455,11 +455,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674228630, - "narHash": "sha256-cKEi71FVCPKcjU48YD9Hpw+sBR6UMltCQiDo6lJp554=", + "lastModified": 1674260789, + "narHash": "sha256-qNbiugXVGrhCXnkToNs7jiCSb3m3pW3SBLMiYmiPOKk=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "d5913a23acd36eeaa46a99380afe8b2a78492f2e", + "rev": "e8113946038f59be9b6762ac428c9f648cdd38c5", "type": "github" }, "original": { @@ -770,11 +770,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1674101896, - "narHash": "sha256-xWLaexT6IHhOJru54wrOMeBbkKeJzOZ4Pqrxctf82q0=", + "lastModified": 1674247172, + "narHash": "sha256-6gbmukIy81hh95YS7xIFfHjhOCcwIuw37mEopJSsIzs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a841e262264e48722dccc8469f066068146e406b", + "rev": "f043916573c888930442d101ff4adc2e4cae3665", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1674210405, - "narHash": "sha256-edYWlWOR3IVoSzF4/Bb1UGbK6thpIsHWwiukFrAtSnE=", + "lastModified": 1674290152, + "narHash": "sha256-2FPfuRPknBrg2ZBBa3latWxbbComAXLizS1ShsJHuLc=", "owner": "nix-community", "repo": "NUR", - "rev": "04eaf102cbcb942fde8eff4505101d84b1964e17", + "rev": "0eb18ae5ae3a5ff8cdef5a0c956d11cc414d757f", "type": "github" }, "original": { -- 2.47.1 From 8cf7571079af7f516f90d29583eb3a92b6ae846b Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 21 Jan 2023 12:32:47 +0100 Subject: [PATCH 0651/1882] automerge lock updates --- flake.lock | 12 ++++++------ flake.nix | 1 + flux/olympus/apps/services/renovate/config.yaml | 3 +++ 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index af25bbfb..667141c2 100644 --- a/flake.lock +++ b/flake.lock @@ -455,11 +455,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674260789, - "narHash": "sha256-qNbiugXVGrhCXnkToNs7jiCSb3m3pW3SBLMiYmiPOKk=", + "lastModified": 1674296335, + "narHash": "sha256-jUvjOqKGuEk1XfZNPXU3hcPtIJKkSNzwUm5yN1EFYZA=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "e8113946038f59be9b6762ac428c9f648cdd38c5", + "rev": "fcbfd193930dd146b141531a9cf5301d55f26907", "type": "github" }, "original": { @@ -786,11 +786,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1673957332, - "narHash": "sha256-njH7Szk1BLVWGMw7IRibgGejSlxXHj9saZHfH20gHdk=", + "lastModified": 1674242456, + "narHash": "sha256-yBy7rCH7EiBe9+CHZm9YB5ii5GRa+MOxeW0oDEBO8SE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b83e7f5a04a3acc8e92228b0c4bae68933d504eb", + "rev": "cdead16a444a3e5de7bc9b0af8e198b11bb01804", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 0dc05740..8ae64e6c 100644 --- a/flake.nix +++ b/flake.nix @@ -173,6 +173,7 @@ terraform nixfmt nixUnstable + nil vault (vault-push-approle-envs self { }) (vault-push-approles self { }) diff --git a/flux/olympus/apps/services/renovate/config.yaml b/flux/olympus/apps/services/renovate/config.yaml index 86df57ca..f8e28763 100644 --- a/flux/olympus/apps/services/renovate/config.yaml +++ b/flux/olympus/apps/services/renovate/config.yaml @@ -22,6 +22,9 @@ data: }, "lockFileMaintenance": { "enabled": true, + "automerge": true, + "automergeType": "pr", + "platformAutomerge": true, "schedule": ["hourly"], }, "hostRules": [ -- 2.47.1 From 6f7d82458b88077160b96d942e3f82447222d264 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 21 Jan 2023 15:46:24 +0100 Subject: [PATCH 0652/1882] custom git --- flake.lock | 18 +++++++++--------- flake.nix | 2 +- nixos/hosts/thalassa/aoife/home/default.nix | 2 +- nixos/hosts/thalassa/aoife/home/neovim.nix | 1 - nixos/templates/proxmox-lxc.nix | 2 -- 5 files changed, 11 insertions(+), 14 deletions(-) diff --git a/flake.lock b/flake.lock index 667141c2..a330f036 100644 --- a/flake.lock +++ b/flake.lock @@ -770,16 +770,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1674247172, - "narHash": "sha256-6gbmukIy81hh95YS7xIFfHjhOCcwIuw37mEopJSsIzs=", - "owner": "nixos", + "lastModified": 1674312249, + "narHash": "sha256-Igic/R+QO0WUEIhsZItLIvEpASPNT67Pphrdahu7vXI=", + "owner": "NULLx76", "repo": "nixpkgs", - "rev": "f043916573c888930442d101ff4adc2e4cae3665", + "rev": "3135de503ffd877d8b4a92330693e4abc4910f00", "type": "github" }, "original": { - "owner": "nixos", - "ref": "nixos-unstable-small", + "owner": "NULLx76", + "ref": "0x76", "repo": "nixpkgs", "type": "github" } @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1674290152, - "narHash": "sha256-2FPfuRPknBrg2ZBBa3latWxbbComAXLizS1ShsJHuLc=", + "lastModified": 1674308735, + "narHash": "sha256-9biyeQ439FR4FYCHlKych5by7UrwU/Qr/63R13L9M/4=", "owner": "nix-community", "repo": "NUR", - "rev": "0eb18ae5ae3a5ff8cdef5a0c956d11cc414d757f", + "rev": "ca66f7c9b8c233305f7635dd9c9f73f0e3c4e9fe", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 8ae64e6c..7a57b004 100644 --- a/flake.nix +++ b/flake.nix @@ -9,7 +9,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; + nixpkgs.url = "github:NULLx76/nixpkgs/0x76"; nixpkgs_22-11.url = "github:nixos/nixpkgs/nixos-22.11"; nur.url = "github:nix-community/NUR"; diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index 7b52b15f..855fe919 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -14,7 +14,7 @@ in { imports = [ ./dconf.nix ./theme.nix - # ./neovim.nix + ./neovim.nix ]; home.packages = with pkgs; [ diff --git a/nixos/hosts/thalassa/aoife/home/neovim.nix b/nixos/hosts/thalassa/aoife/home/neovim.nix index 67f71954..d12dda77 100644 --- a/nixos/hosts/thalassa/aoife/home/neovim.nix +++ b/nixos/hosts/thalassa/aoife/home/neovim.nix @@ -44,7 +44,6 @@ lsp = { enable = true; servers.rust-analyzer.enable = true; - servers.sumneko_lua.enable = false; servers.rnix-lsp.enable = true; servers.pyright.enable = true; servers.elixirls.enable = true; diff --git a/nixos/templates/proxmox-lxc.nix b/nixos/templates/proxmox-lxc.nix index d917eecb..b8c11ac3 100644 --- a/nixos/templates/proxmox-lxc.nix +++ b/nixos/templates/proxmox-lxc.nix @@ -21,8 +21,6 @@ time.timeZone = lib.mkDefault "Europe/Amsterdam"; - networking.useDHCP = true; - system.stateVersion = "23.05"; users.users.root.initialPassword = "toor"; -- 2.47.1 From dbd5bff7a609208281c34a5f2e76599dbcd15724 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 21 Jan 2023 16:01:30 +0000 Subject: [PATCH 0653/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index a330f036..b046f358 100644 --- a/flake.lock +++ b/flake.lock @@ -840,11 +840,11 @@ ] }, "locked": { - "lastModified": 1674160777, - "narHash": "sha256-ozE4FVz+UB+5pTiNjhYanS/y52lwXhv8mWzAugbIHak=", + "lastModified": 1674314391, + "narHash": "sha256-9hAjUxbNdR64JyhbHVoISKhFJU7Hzx7lzARSXdAfAXY=", "owner": "pta2002", "repo": "nixvim", - "rev": "d2f714c40ec9bcb20f91a8124f33c81f0576bb68", + "rev": "7bf2de67358ad181c055d74ed8efe6544f7d6a57", "type": "github" }, "original": { -- 2.47.1 From 261f5c48a82a000c7ffa19e88f30ba1bcb153543 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 22 Jan 2023 12:07:02 +0100 Subject: [PATCH 0654/1882] update lock --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index b046f358..238db627 100644 --- a/flake.lock +++ b/flake.lock @@ -770,11 +770,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1674312249, - "narHash": "sha256-Igic/R+QO0WUEIhsZItLIvEpASPNT67Pphrdahu7vXI=", + "lastModified": 1674385199, + "narHash": "sha256-+i0lCQk8Mt55RvWL6aR6gyUnMOORHYqsMuXyLRsWXio=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "3135de503ffd877d8b4a92330693e4abc4910f00", + "rev": "32f51b283cb5263bbcf0b66c16cb94d09e701628", "type": "github" }, "original": { @@ -840,11 +840,11 @@ ] }, "locked": { - "lastModified": 1674314391, - "narHash": "sha256-9hAjUxbNdR64JyhbHVoISKhFJU7Hzx7lzARSXdAfAXY=", + "lastModified": 1674358613, + "narHash": "sha256-ADCo3RrimNIqXa5z6yWzIyJCZ8G0qRHCMyXux5Zev8s=", "owner": "pta2002", "repo": "nixvim", - "rev": "7bf2de67358ad181c055d74ed8efe6544f7d6a57", + "rev": "c09eb13a5a0259d074e6fec569fe82b671639b34", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1674308735, - "narHash": "sha256-9biyeQ439FR4FYCHlKych5by7UrwU/Qr/63R13L9M/4=", + "lastModified": 1674366687, + "narHash": "sha256-vh50FYxNg14YX3O6nbCupAVhUkeHbkoINdWNAAF3Anw=", "owner": "nix-community", "repo": "NUR", - "rev": "ca66f7c9b8c233305f7635dd9c9f73f0e3c4e9fe", + "rev": "adf781cfacd700372a391544a63bada6ddf79ced", "type": "github" }, "original": { -- 2.47.1 From 830817143763e3ec84e4f72cb89178a44cb7ed71 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 23 Jan 2023 08:46:19 +0100 Subject: [PATCH 0655/1882] update flake --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index a330f036..4951aa7f 100644 --- a/flake.lock +++ b/flake.lock @@ -455,11 +455,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674296335, - "narHash": "sha256-jUvjOqKGuEk1XfZNPXU3hcPtIJKkSNzwUm5yN1EFYZA=", + "lastModified": 1674403405, + "narHash": "sha256-FPOER3tINOEI+oWQGeiWLkpCudVJC3V8wk5cvP9857s=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "fcbfd193930dd146b141531a9cf5301d55f26907", + "rev": "cb98242ea7faff04dad3ae166aff7126184f17c5", "type": "github" }, "original": { @@ -770,11 +770,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1674312249, - "narHash": "sha256-Igic/R+QO0WUEIhsZItLIvEpASPNT67Pphrdahu7vXI=", + "lastModified": 1674365217, + "narHash": "sha256-lL3qUbAr/tnt/xGk1MTc8xuOTKqErqubYha4vhjA4+g=", "owner": "NULLx76", "repo": "nixpkgs", - "rev": "3135de503ffd877d8b4a92330693e4abc4910f00", + "rev": "6c582bdf390948a6be049e81ecbab81bb160a5d3", "type": "github" }, "original": { @@ -840,11 +840,11 @@ ] }, "locked": { - "lastModified": 1674160777, - "narHash": "sha256-ozE4FVz+UB+5pTiNjhYanS/y52lwXhv8mWzAugbIHak=", + "lastModified": 1674391284, + "narHash": "sha256-WTKuWkkWBUmfYzRWFnzMcwnygZOdO9bg3J6JvepQsjs=", "owner": "pta2002", "repo": "nixvim", - "rev": "d2f714c40ec9bcb20f91a8124f33c81f0576bb68", + "rev": "ae7c5f8869efc1a6d668e80b2f03d344c472d3f1", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1674308735, - "narHash": "sha256-9biyeQ439FR4FYCHlKych5by7UrwU/Qr/63R13L9M/4=", + "lastModified": 1674452759, + "narHash": "sha256-ylJQP65t/c+QxRy+bVLsxyzWYd6fhx+0K5aeHuOyfNU=", "owner": "nix-community", "repo": "NUR", - "rev": "ca66f7c9b8c233305f7635dd9c9f73f0e3c4e9fe", + "rev": "6e57257984bc8c95ef168b706b1e7d0a814277fc", "type": "github" }, "original": { -- 2.47.1 From 1c2c3a5420ab7368b09bdf52db55bb567aff40a0 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 23 Jan 2023 12:06:57 +0100 Subject: [PATCH 0656/1882] update mastodon --- nixos/pkgs/glitch-soc/default.nix | 2 +- nixos/pkgs/glitch-soc/gemset.nix | 297 ++++++++++++++++++------------ nixos/pkgs/glitch-soc/source.nix | 4 +- nixos/pkgs/glitch-soc/version.nix | 2 +- 4 files changed, 185 insertions(+), 120 deletions(-) diff --git a/nixos/pkgs/glitch-soc/default.nix b/nixos/pkgs/glitch-soc/default.nix index 97ef648d..b25e2498 100644 --- a/nixos/pkgs/glitch-soc/default.nix +++ b/nixos/pkgs/glitch-soc/default.nix @@ -42,7 +42,7 @@ stdenv.mkDerivation rec { yarnOfflineCache = fetchYarnDeps { yarnLock = "${src}/yarn.lock"; - sha256 = "sha256-XEREXrpHo4lwjx/wmDYWgNuHISr1KK1pzG0gTWmD4FI="; + sha256 = "sha256-v8ewaIz958jfGwfaiKvSKa/TG3y+qgef8U2PmXSvH6Q="; }; nativeBuildInputs = [ fixup_yarn_lock nodejs-slim yarn mastodon-gems mastodon-gems.wrappedRuby ]; diff --git a/nixos/pkgs/glitch-soc/gemset.nix b/nixos/pkgs/glitch-soc/gemset.nix index 84248866..d066d0a8 100644 --- a/nixos/pkgs/glitch-soc/gemset.nix +++ b/nixos/pkgs/glitch-soc/gemset.nix @@ -5,10 +5,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0r7ybdykxnn2544vcjmi51mxfpfqx3b4c7fjz15c57hamkhlalzf"; + sha256 = "1frwsbc076h86spj0nldcnc141bkbwg9wn5fm5b0d6vkasbz0a6h"; type = "gem"; }; - version = "6.1.7"; + version = "6.1.7.1"; }; actionmailbox = { dependencies = ["actionpack" "activejob" "activerecord" "activestorage" "activesupport" "mail"]; @@ -16,10 +16,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "024a1c2ak1znkvys7pjkkan23wc0vhzyprl16gp9xcr4wy0l6dn4"; + sha256 = "1j4a2qndmsvnnxd1sa4vv6s2gq2g73ib9vjayfpnbf5sman6yh99"; type = "gem"; }; - version = "6.1.7"; + version = "6.1.7.1"; }; actionmailer = { dependencies = ["actionpack" "actionview" "activejob" "activesupport" "mail" "rails-dom-testing"]; @@ -27,10 +27,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "193gj013bx5axd4nwvlf6mq19rcvymkf72q9f7ml6v9yl6cc4qam"; + sha256 = "0ip4mmbdgki87x6hhlmmmwavz2nhd321xbxzqhvdnja6kyf759lk"; type = "gem"; }; - version = "6.1.7"; + version = "6.1.7.1"; }; actionpack = { dependencies = ["actionview" "activesupport" "rack" "rack-test" "rails-dom-testing" "rails-html-sanitizer"]; @@ -38,10 +38,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0dygq5fxbrgynd2g7r51asyrap1d6cxravwh509kfmqpfbiq119s"; + sha256 = "0v8010jj0b9wpnm13h178ck3awl92r73j1v875qfld34k42k83zc"; type = "gem"; }; - version = "6.1.7"; + version = "6.1.7.1"; }; actiontext = { dependencies = ["actionpack" "activerecord" "activestorage" "activesupport" "nokogiri"]; @@ -49,10 +49,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "13kr77v91wa7sfsq7h04g8zy1qxcbwhhf4k6zz8276b1d10szly5"; + sha256 = "1fgbh9wdgczpkkxrfvkrwqrq0jdjk7zdyv7mp3jxccxx334ggrcq"; type = "gem"; }; - version = "6.1.7"; + version = "6.1.7.1"; }; actionview = { dependencies = ["activesupport" "builder" "erubi" "rails-dom-testing" "rails-html-sanitizer"]; @@ -60,10 +60,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1m68my4dnj7q7986jwlb7gir0f7hahdsqbiaxfvgngwksa8fhrn1"; + sha256 = "10h8c4wxqppajknwy5bdmvdh1p82sriaw13p5475041zyzig0k1j"; type = "gem"; }; - version = "6.1.7"; + version = "6.1.7.1"; }; active_model_serializers = { dependencies = ["actionpack" "activemodel" "case_transform" "jsonapi-renderer"]; @@ -92,10 +92,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "05f497khf51wrsah927pnmpl0yrcx82gajjk8brcrrbbbd9arlp5"; + sha256 = "01j5zznnl8q3r5wxk6iflf36ig831hkcwxrwgaycb16gmmmsgn1v"; type = "gem"; }; - version = "6.1.7"; + version = "6.1.7.1"; }; activemodel = { dependencies = ["activesupport"]; @@ -103,10 +103,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "183d7laxvwrw1d02qgm8rg9ljjihfiyh4vzi58xm42z3fr3bbhky"; + sha256 = "1xgfwf7xqhnb43nv86hh4rlnsq9rqlmj8mvnzh55y6lwdahif293"; type = "gem"; }; - version = "6.1.7"; + version = "6.1.7.1"; }; activerecord = { dependencies = ["activemodel" "activesupport"]; @@ -114,10 +114,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1dsxi813wyhx2d0bbyc0nla4ck6nmmi3z3765gdqf6xl3dha5r2j"; + sha256 = "0rr63djvf46fbq25arj3fa8ls2d8q3s0c65943gdxh1wdgy175sc"; type = "gem"; }; - version = "6.1.7"; + version = "6.1.7.1"; }; activestorage = { dependencies = ["actionpack" "activejob" "activerecord" "activesupport" "marcel" "mini_mime"]; @@ -125,10 +125,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1yvmvfka2s7am8m3zdllblxiyyy4yr3ca6q6q5r23fd2qs7rmbz0"; + sha256 = "1gdqcd1hyx5rl3szz6kyxf9va7g9dbd4wz7cq1183r0ycgkbfzbm"; type = "gem"; }; - version = "6.1.7"; + version = "6.1.7.1"; }; activesupport = { dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo" "zeitwerk"]; @@ -136,10 +136,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0k5pq2swzgddmwwr6x1phbspk1vw8cl88ci8jbi18mrirjjfippr"; + sha256 = "0dw6hdq5f2m1dsbv8gvys7sgk4ppdbkj5rwwpcr0c86309gxbriq"; type = "gem"; }; - version = "6.1.7"; + version = "6.1.7.1"; }; addressable = { dependencies = ["public_suffix"]; @@ -400,10 +400,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0rjm184dhlw35ymi8ifpl5155vwl6wfzdc5qjvzv634gc365yz9j"; + sha256 = "1nd5zj5yqmhv9lrsqz8s2dqq28v4ywy95qrw7nzhhf89dl4dq49l"; type = "gem"; }; - version = "0.1.2"; + version = "0.1.3"; }; builder = { groups = ["default" "development" "pam_authentication" "production" "test"]; @@ -421,10 +421,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1f2phbpsiw8zwmmb1h6s82c4s2banzd04ch7vn6pdz91map233l1"; + sha256 = "0hyz68j0z0j24vcrs43swmlykhzypayv34kzrsbxda5lbi83gynm"; type = "gem"; }; - version = "7.0.4"; + version = "7.0.7"; }; bundler-audit = { dependencies = ["thor"]; @@ -668,6 +668,16 @@ }; version = "1.12.0"; }; + date = { + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "03skfikihpx37rc27vr3hwrb057gxnmdzxhmzd4bf4jpkl0r55w1"; + type = "gem"; + }; + version = "3.3.3"; + }; debug_inspector = { groups = ["default" "development"]; platforms = []; @@ -737,10 +747,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0wi81lynfdvbwhrc4ws746g3j8761vian4m9gxamdj9rjwj9jhls"; + sha256 = "1lxqxgq71rqwj1lpl9q1mbhhhhhhdkkj7my341f2889pwayk85sz"; type = "gem"; }; - version = "1.3.4"; + version = "1.4.0"; }; domain_name = { dependencies = ["unf"]; @@ -853,10 +863,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "11bz1v1cxabm8672gabrw542zyg51dizlcvdck6vvwzagxbjv9zx"; + sha256 = "08s75vs9cxlc4r1q2bjg4br8g9wc5lc5x5vl0vv4zq5ivxsdpgi7"; type = "gem"; }; - version = "1.11.0"; + version = "1.12.0"; }; et-orbi = { dependencies = ["tzinfo"]; @@ -874,10 +884,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "05is0kb650j8wrdi4rgkdls662chnhdg2p64pgq3zkd3d7l2a9zw"; + sha256 = "08idrrnpwzr87wc5yhyv6id1f6zigr3nfn45mff01605b0zghdby"; type = "gem"; }; - version = "0.76.0"; + version = "0.95.0"; }; fabrication = { groups = ["development" "test"]; @@ -895,10 +905,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0fcrgzjvqc9fxhnn7mzvzxd41m63cil7n19mjxnisx836p0k93hl"; + sha256 = "1ppi7v8prf5856fslygvh64nwa4k2bsb9mablygb5gj0x5c7k29w"; type = "gem"; }; - version = "3.0.0"; + version = "3.1.0"; }; faraday = { dependencies = ["faraday-em_http" "faraday-em_synchrony" "faraday-excon" "faraday-httpclient" "faraday-multipart" "faraday-net_http" "faraday-net_http_persistent" "faraday-patron" "faraday-rack" "faraday-retry" "ruby2_keywords"]; @@ -1091,10 +1101,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1gc26phrwlmlqrmz4bagq1wd5b7g64avpx0ghxr9xdxcvmlii0l0"; + sha256 = "0mprf1dwznz5ld0q1jpbyl59fwnwk6azspnd0am7zz7kfg3pxhv5"; type = "gem"; }; - version = "0.2.5"; + version = "0.3.0"; }; fugit = { dependencies = ["et-orbi" "raabro"]; @@ -1135,10 +1145,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1n5yc058i8xhi1fwcp1w7mfi6xaxfmrifdb4r4hjfff33ldn8lqj"; + sha256 = "040bxzfd7mz1p6z4bc9vk5yrf762hdllvf98hmk848fq28xc5dsk"; type = "gem"; }; - version = "1.0.0"; + version = "1.0.1"; }; hamlit = { dependencies = ["temple" "thor" "tilt"]; @@ -1239,10 +1249,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0jn1y6sfxpfaq0hcblv8hhyxzam8n39kvypi07q2vxaimh6ly7mj"; + sha256 = "1bzb8p31kzv6q5p4z5xq88mnqk414rrw0y5rkhpnvpl29x5c3bpw"; type = "gem"; }; - version = "5.1.0"; + version = "5.1.1"; }; http-cookie = { dependencies = ["domain_name"]; @@ -1349,14 +1359,14 @@ version = "1.6.2"; }; json = { - groups = ["default" "test"]; + groups = ["default" "development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0yk5d10yvspkc5jyvx9gc1a9pn1z8v4k2hvjk1l88zixwf3wf3cl"; + sha256 = "0nalhin1gda4v8ybk6lq8f407cgfrj6qzn234yra4ipkmlbfmal6"; type = "gem"; }; - version = "2.6.2"; + version = "2.6.3"; }; json-canonicalization = { groups = ["default"]; @@ -1374,10 +1384,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0nzbk1mrbf9mnvjpn3bxy8a85rjf94qmfdnvk78mjzk8pa0fvgdr"; + sha256 = "0ijdzgl172412xl4lxva10ypbx10937yvgmff6045k8djhzmvy81"; type = "gem"; }; - version = "1.13.0"; + version = "1.14.0"; }; json-ld = { dependencies = ["htmlentities" "json-canonicalization" "link_header" "multi_json" "rack" "rdf"]; @@ -1401,6 +1411,17 @@ }; version = "3.2.2"; }; + json-schema = { + dependencies = ["addressable"]; + groups = ["test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0gdvm83yaa5n8hwapwzxwfcmbypiq2i0zfx4mzz67wg55p2cnli4"; + type = "gem"; + }; + version = "3.0.0"; + }; jsonapi-renderer = { groups = ["default"]; platforms = []; @@ -1416,10 +1437,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1lsk71qh5d7bm1qqrjvcwhp4h71ckkdbzxnw4xkd9cin8gjfvvr6"; + sha256 = "0kcmnx6rgjyd7sznai9ccns2nh7p7wnw3mi8a7vf2wkm51azwddq"; type = "gem"; }; - version = "2.4.1"; + version = "2.5.0"; }; kaminari = { dependencies = ["activesupport" "kaminari-actionview" "kaminari-activerecord" "kaminari-core"]; @@ -1546,21 +1567,21 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1fpyk1965py77al7iadkn5dibwgvybknkr7r8bii2dj73wvr29rh"; + sha256 = "08qhzck271anrx9y6qa6mh8hwwdzsgwld8q0000rcd7yvvpnjr3c"; type = "gem"; }; - version = "2.19.0"; + version = "2.19.1"; }; mail = { - dependencies = ["mini_mime"]; + dependencies = ["mini_mime" "net-imap" "net-pop" "net-smtp"]; groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "00wwz6ys0502dpk8xprwcqfwyf3hmnx6lgxaiq6vj43mkx43sapc"; + sha256 = "0n0pijrc465zzrv5flxc41375zwaz9yfc2n0r80zjwarc1ixkdx1"; type = "gem"; }; - version = "2.7.1"; + version = "2.8.0.1"; }; makara = { dependencies = ["activerecord"]; @@ -1624,17 +1645,6 @@ }; version = "1.0.0"; }; - microformats = { - dependencies = ["json" "nokogiri"]; - groups = ["test"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "094m75yw2cvadpvj4rawy6s4ykx9nvv8dhikxrp8zng2ywlaqmic"; - type = "gem"; - }; - version = "4.4.1"; - }; mime-types = { dependencies = ["mime-types-data"]; groups = ["default"]; @@ -1671,20 +1681,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0rapl1sfmfi3bfr68da4ca16yhc0pp93vjwkj7y3rdqrzy3b41hy"; + sha256 = "1af4yarhbbx62f7qsmgg5fynrik0s36wjy3difkawy536xg343mp"; type = "gem"; }; - version = "2.8.0"; + version = "2.8.1"; }; minitest = { groups = ["default" "development" "pam_authentication" "production" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0516ypqlx0mlcfn5xh7qppxqc3xndn1fnadxawa8wld5dkcimy30"; + sha256 = "1kjy67qajw4rnkbjs5jyk7kc3lyhz5613fwj1i8f6ppdk4zampy0"; type = "gem"; }; - version = "5.16.3"; + version = "5.17.0"; }; msgpack = { groups = ["default"]; @@ -1716,6 +1726,17 @@ }; version = "2.1.1"; }; + net-imap = { + dependencies = ["date" "net-protocol"]; + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1d996zf3g8xz244791b0qsl9vr7zg4lqnnmf9k2kshr9lki5jam8"; + type = "gem"; + }; + version = "0.3.4"; + }; net-ldap = { groups = ["default"]; platforms = []; @@ -1726,9 +1747,20 @@ }; version = "0.17.1"; }; + net-pop = { + dependencies = ["net-protocol"]; + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1wyz41jd4zpjn0v1xsf9j778qx1vfrl24yc20cpmph8k42c4x2w4"; + type = "gem"; + }; + version = "0.1.2"; + }; net-protocol = { dependencies = ["timeout"]; - groups = ["default"]; + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -1750,7 +1782,7 @@ }; net-smtp = { dependencies = ["net-protocol"]; - groups = ["default"]; + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -1785,10 +1817,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0n79k78c5vdcyl0m3y3l5x9kxl6xf5lgriwi2vd665qmdkr01vnk"; + sha256 = "1fqld4wnamj7awdr1lwdifpylqdrrg5adm8xj2jl9sc5ms3nxjjm"; type = "gem"; }; - version = "1.13.10"; + version = "1.14.0"; }; nsa = { dependencies = ["activesupport" "concurrent-ruby" "sidekiq" "statsd-ruby"]; @@ -1902,13 +1934,13 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "054xq22rwj26jag43s5fb4vb4x2252dz6rvgjn42id8ycs51my2w"; + sha256 = "03l29vysxvr85ry8y0817lhxhpv5g6v60f018sy8kxiy9imgfzdx"; type = "gem"; }; - version = "2.14.11"; + version = "2.14.13"; }; parallel = { - groups = ["default" "development"]; + groups = ["default" "development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -1923,10 +1955,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1q31n7yj59wka8xl8s5wkf66hm4pgvblx95czyxffprdnlhrir2p"; + sha256 = "0zk8mdyr0322r11d63rcp5jhz4lakxilhvyvdv0ql5dw4lb83623"; type = "gem"; }; - version = "3.1.2.1"; + version = "3.2.0.0"; }; parslet = { groups = ["default"]; @@ -2060,10 +2092,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0sqw1zls6227bgq38sxb2hs8nkdz4hn1zivs27mjbniswfy4zvi6"; + sha256 = "0hz0bx2qs2pwb0bwazzsah03ilpf3aai8b7lk7s35jsfzwbkjq35"; type = "gem"; }; - version = "5.0.0"; + version = "5.0.1"; }; puma = { dependencies = ["nio4r"]; @@ -2082,10 +2114,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "17z2f7w3syh3c04c8m1v9pvb9pfpymk8b5plszr5l24hx374xvsd"; + sha256 = "1wb03yzy1j41822rbfh9nn77im3zh1f5v8di05cd8rsrdpws542b"; type = "gem"; }; - version = "2.2.0"; + version = "2.3.0"; }; raabro = { groups = ["default"]; @@ -2102,20 +2134,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0p685i23lr8pl7l09g9l2mcj615fr7g33w3mkcr472lcg34nq8n8"; + sha256 = "09jgz6r0f7v84a7jz9an85q8vvmp743dqcsdm3z9c8rqcqv6pljq"; type = "gem"; }; - version = "1.6.1"; + version = "1.6.2"; }; rack = { groups = ["default" "development" "pam_authentication" "production" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0axc6w0rs4yj0pksfll1hjgw1k6a5q0xi2lckh91knfb72v348pa"; + sha256 = "0qvp6h2abmlsl4sqjsvac03cr2mxq6143gbx4kq52rpazp021qsb"; type = "gem"; }; - version = "2.2.4"; + version = "2.2.6.2"; }; rack-attack = { dependencies = ["rack"]; @@ -2178,10 +2210,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "01l06196jkidj07g8jdc43nr060r46hsjz8bk4bdk0lzzck94fvf"; + sha256 = "1xv305sjx14ay1jkwbkxravy82gj3cw6ialzzzqf155l4ac9q85d"; type = "gem"; }; - version = "6.1.7"; + version = "6.1.7.1"; }; rails-controller-testing = { dependencies = ["actionpack" "actionview" "activesupport"]; @@ -2211,10 +2243,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1mj0b7ay10a2fgwj70kjw7mlyrp7a5la8lx8zmwhy40bkansdfrf"; + sha256 = "1mcb75qvldfz6zsr4inrfx7dmb0ngxy507awx28khqmnla3hqpc9"; type = "gem"; }; - version = "1.4.3"; + version = "1.4.4"; }; rails-i18n = { dependencies = ["i18n" "railties"]; @@ -2244,10 +2276,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1iwziqrzk7f7r3w5pkfnbh1mqsfsywy7lvz2blqds3nval79dw2x"; + sha256 = "10wfxf4vdndchpipg90wg9zphq1y5vlffff49p2bl4iyfxvigdqi"; type = "gem"; }; - version = "6.1.7"; + version = "6.1.7.1"; }; rainbow = { groups = ["default" "development" "test"]; @@ -2317,10 +2349,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "04l61lpb3s2xkwj36l7b543lhciv19z514kxnmnbh5fg70grc8q9"; + sha256 = "154dfnrjpbv7fhwhfrcnp6jn9qv5qaj3mvlvbgkl7qy5qsknw71c"; type = "gem"; }; - version = "1.9.0"; + version = "1.10.0"; }; redlock = { dependencies = ["redis"]; @@ -2338,10 +2370,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0mm5sykyblc61a82zz3dag6yy3mvflj2z47060kjzjj5793blqzi"; + sha256 = "0rj7xcg7bkfw6y0h4wg8y3s4nmks9qrzdxag4zaw41xjqfanlysf"; type = "gem"; }; - version = "2.6.0"; + version = "2.6.1"; }; request_store = { dependencies = ["rack"]; @@ -2493,37 +2525,70 @@ version = "0.6.0"; }; rubocop = { - dependencies = ["parallel" "parser" "rainbow" "regexp_parser" "rexml" "rubocop-ast" "ruby-progressbar" "unicode-display_width"]; - groups = ["development"]; + dependencies = ["json" "parallel" "parser" "rainbow" "regexp_parser" "rexml" "rubocop-ast" "ruby-progressbar" "unicode-display_width"]; + groups = ["development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "088xzzq6vjsgi2cj9rnz2jlj5mghmgq1j250pn5zy8yqd39vxz71"; + sha256 = "1imdfx3mx2p1k7bhc5qm35zvqw12hyz52yy2k9xj3dwrdpzjg0fh"; type = "gem"; }; - version = "1.30.1"; + version = "1.43.0"; }; rubocop-ast = { dependencies = ["parser"]; - groups = ["default" "development"]; + groups = ["default" "development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1b3p4wy68jkyq8vhm5y568wlhsihy3ilnp2c6ig18xcw1slnkypl"; + sha256 = "1pdzabz95hv3z5sfbkfqa8bdybsfl13gv7rjb32v3ss8klq99lbd"; type = "gem"; }; - version = "1.18.0"; + version = "1.24.1"; + }; + rubocop-capybara = { + dependencies = ["rubocop"]; + groups = ["default" "development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1h4qcjkz0365qlhi7y1ni94qj14k397cad566zygm20p15ypbp5v"; + type = "gem"; + }; + version = "2.17.0"; + }; + rubocop-performance = { + dependencies = ["rubocop" "rubocop-ast"]; + groups = ["development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1iwv2zhcpaan038d6m7ybzb2dgpi2zhf9dgfs3bjvmrqirqi2720"; + type = "gem"; + }; + version = "1.15.2"; }; rubocop-rails = { dependencies = ["activesupport" "rack" "rubocop"]; - groups = ["development"]; + groups = ["development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "19x0d6jmryky5sx50qgsan1g0gxb7lcgrmfrwjsa5w6shcyvbp8c"; + sha256 = "1nxyifly45y7dfiaf0ql8aq7xykrg0sh1l7dxmn3sb9p2jd18140"; type = "gem"; }; - version = "2.15.0"; + version = "2.17.4"; + }; + rubocop-rspec = { + dependencies = ["rubocop" "rubocop-capybara"]; + groups = ["development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ajsjnpgm7ys1an9gnjkaw733p8azgyxiiqgdliins853bni6mqy"; + type = "gem"; + }; + version = "2.18.0"; }; ruby-progressbar = { groups = ["default" "development" "test"]; @@ -2595,10 +2660,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0cl14f5lfidbvcx52q49xnxc4dccyrzyv38qjkda8dh07zsksw85"; + sha256 = "04sd4jmgnwpilr3k061x87yyryya2mj15a8602fip49lfxza5548"; type = "gem"; }; - version = "1.6.0"; + version = "1.7.0"; }; semantic_range = { groups = ["default"]; @@ -2644,15 +2709,15 @@ version = "4.0.3"; }; sidekiq-unique-jobs = { - dependencies = ["brpoplpush-redis_script" "concurrent-ruby" "sidekiq" "thor"]; + dependencies = ["brpoplpush-redis_script" "concurrent-ruby" "redis" "sidekiq" "thor"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "13s723wy8sh8x7ff1b1r0vxk6y6ygcjvpirjp0inl5824ds15s12"; + sha256 = "02f91b24hrrn688wqvxb13lwvcgqb7g9k3sxylnydd6v89wr8mcg"; type = "gem"; }; - version = "7.1.27"; + version = "7.1.29"; }; simple-navigation = { dependencies = ["activesupport"]; @@ -2682,10 +2747,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1hrv046jll6ad1s964gsmcq4hvkr3zzr6jc7z1mns22mvfpbc3cr"; + sha256 = "198kcbrjxhhzca19yrdcd6jjj9sb51aaic3b0sc3pwjghg3j49py"; type = "gem"; }; - version = "0.21.2"; + version = "0.22.0"; }; simplecov-html = { groups = ["default" "test"]; @@ -2702,10 +2767,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0cl3j7p3b5q7sxsx1va63c8imc5x6g99xablz08qrmqhpi0d6g6j"; + sha256 = "0a5l0733hj7sk51j81ykfmlk2vd5vaijlq9d5fn165yyx3xii52j"; type = "gem"; }; - version = "0.1.2"; + version = "0.1.4"; }; smart_properties = { groups = ["default" "development" "test"]; @@ -2856,7 +2921,7 @@ version = "2.0.11"; }; timeout = { - groups = ["default"]; + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -2987,10 +3052,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ra70s8prfacpqwj5v2mqn1rbfz6xds3n9nsr9cwzs3z2c0wm5j7"; + sha256 = "1gi82k102q7bkmfi7ggn9ciypn897ylln1jk9q67kjhr39fj043a"; type = "gem"; }; - version = "2.3.0"; + version = "2.4.2"; }; uniform_notifier = { groups = ["default" "development"]; diff --git a/nixos/pkgs/glitch-soc/source.nix b/nixos/pkgs/glitch-soc/source.nix index 9a3a6168..0d831fe3 100644 --- a/nixos/pkgs/glitch-soc/source.nix +++ b/nixos/pkgs/glitch-soc/source.nix @@ -2,8 +2,8 @@ { fetchgit, applyPatches }: let src = fetchgit { url = "https://github.com/glitch-soc/mastodon.git"; - rev = "5d95e6debb496bb4ebba91afc043219c116d3ca2"; - sha256 = "0z62xnr14gmrmbaaqsx7gmw322vj5rjbrmr8q7vl0z4lgmdva6qn"; + rev = "368d6fe54f94ad2ecd2a1c1e7e5a2359dc37ad30"; + sha256 = "05hcnw7rar4cbxidf5ln0r5asp9kavp5mqkja0gq39rrnhb99lcs"; }; in applyPatches { inherit src; diff --git a/nixos/pkgs/glitch-soc/version.nix b/nixos/pkgs/glitch-soc/version.nix index b79176c2..f4de9cc0 100644 --- a/nixos/pkgs/glitch-soc/version.nix +++ b/nixos/pkgs/glitch-soc/version.nix @@ -1 +1 @@ -"4.0.2" +"4.1.0rc1" -- 2.47.1 From 1afe53d15d07ea4487f58dbc3a07f529aeec7b87 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 24 Jan 2023 15:51:32 +0100 Subject: [PATCH 0657/1882] change 0x76.dev tag to build-num --- flake.nix | 33 ++++++++-------------------- flux/olympus/apps/websites/0x76.yaml | 2 +- 2 files changed, 10 insertions(+), 25 deletions(-) diff --git a/flake.nix b/flake.nix index 7a57b004..38776a0c 100644 --- a/flake.nix +++ b/flake.nix @@ -48,20 +48,8 @@ nixos-hardware.url = "github:NixOS/nixos-hardware/master"; }; - outputs = - { self - , nixpkgs - , nixpkgs_22-11 - , vault-secrets - , colmena - , home-manager - , hyprpaper - , hyprland - , nixos-generators - , nixos-hardware - , nur - , ... - }@inputs: + outputs = { self, nixpkgs, nixpkgs_22-11, vault-secrets, colmena, home-manager + , hyprpaper, hyprland, nixos-generators, nixos-hardware, nur, ... }@inputs: let inherit (nixpkgs) lib; @@ -105,8 +93,7 @@ source /etc/set-environment nix repl --file "${./.}/repl.nix" $@ ''; - in - { + in { # Make the nixosConfigurations for compat reasons nixosConfigurations = (import (inputs.colmena + "/src/nix/hive/eval.nix") { @@ -118,14 +105,12 @@ }).nodes; # Make the colmena configuration - colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el) - { - meta = { - inherit specialArgs; - nixpkgs = pkgs; - }; - } - nixHosts; + colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el) { + meta = { + inherit specialArgs; + nixpkgs = pkgs; + }; + } nixHosts; packages.${system} = { inherit apply-local; diff --git a/flux/olympus/apps/websites/0x76.yaml b/flux/olympus/apps/websites/0x76.yaml index d81ec0f4..9fa91a60 100644 --- a/flux/olympus/apps/websites/0x76.yaml +++ b/flux/olympus/apps/websites/0x76.yaml @@ -17,7 +17,7 @@ spec: spec: containers: - name: x76dev - image: git.0x76.dev/v/0x76.dev:latest + image: git.0x76.dev/v/0x76.dev:4 ports: - containerPort: 80 --- -- 2.47.1 From ca831f60271b3bdcbe6767a2e6961d04990c33b7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 24 Jan 2023 15:02:23 +0000 Subject: [PATCH 0658/1882] chore(deps): update git.0x76.dev/v/0x76.dev docker tag to v5 --- flux/olympus/apps/websites/0x76.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/websites/0x76.yaml b/flux/olympus/apps/websites/0x76.yaml index 9fa91a60..b6a0b5f8 100644 --- a/flux/olympus/apps/websites/0x76.yaml +++ b/flux/olympus/apps/websites/0x76.yaml @@ -17,7 +17,7 @@ spec: spec: containers: - name: x76dev - image: git.0x76.dev/v/0x76.dev:4 + image: git.0x76.dev/v/0x76.dev:5 ports: - containerPort: 80 --- -- 2.47.1 From 483e80dc018ebdc5508d0b4558d7b2068dbd943f Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 24 Jan 2023 16:16:35 +0100 Subject: [PATCH 0659/1882] very basic ci --- .github/workflows/nixos.yml | 3 --- .woodpecker.yml | 8 ++++++++ .yamllint.yaml | 5 ++++- flux/olympus/apps/services/renovate/config.yaml | 2 +- flux/olympus/base/flux-system/kustomization.yaml | 6 +++--- .../flux-system/repositories/helm/external-secrets.yaml | 1 - flux/olympus/core/kustomization.yaml | 2 +- flux/olympus/core/namespaces/security.yaml | 1 - flux/olympus/core/namespaces/services.yaml | 1 - flux/olympus/core/namespaces/websites.yaml | 1 - nixos/hosts/hades/pmm/config/Movies.yml | 2 +- 11 files changed, 18 insertions(+), 14 deletions(-) create mode 100644 .woodpecker.yml diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index 1cd4a2ca..7530bbd4 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -15,7 +15,6 @@ jobs: # this might remove tools that are actually needed, # if set to "true" but frees about 6 GB tool-cache: true - # all of these default to true, but feel free to set to # "false" if necessary for your workflow android: true @@ -79,7 +78,6 @@ jobs: # this might remove tools that are actually needed, # if set to "true" but frees about 6 GB tool-cache: true - # all of these default to true, but feel free to set to # "false" if necessary for your workflow android: true @@ -111,7 +109,6 @@ jobs: # this might remove tools that are actually needed, # if set to "true" but frees about 6 GB tool-cache: true - # all of these default to true, but feel free to set to # "false" if necessary for your workflow android: true diff --git a/.woodpecker.yml b/.woodpecker.yml new file mode 100644 index 00000000..18996887 --- /dev/null +++ b/.woodpecker.yml @@ -0,0 +1,8 @@ +pipeline: + check: + image: nixos/nix:2.13.1 + environment: + - NIX_CONFIG=experimental-features = nix-command flakes + commands: + - nix run 'nixpkgs#statix' check + - nix run 'nixpkgs#yamllint' . diff --git a/.yamllint.yaml b/.yamllint.yaml index efbcd467..95191b4a 100644 --- a/.yamllint.yaml +++ b/.yamllint.yaml @@ -1,4 +1,3 @@ ---- ignore: | charts/ docs/ @@ -6,8 +5,12 @@ ignore: | .terraform/ .vscode/ gotk-components.yaml + gotk-sync.yaml extends: default rules: + document-start: + level: warning + present: false empty-lines: max-end: 1 truthy: diff --git a/flux/olympus/apps/services/renovate/config.yaml b/flux/olympus/apps/services/renovate/config.yaml index f8e28763..dd9d08c9 100644 --- a/flux/olympus/apps/services/renovate/config.yaml +++ b/flux/olympus/apps/services/renovate/config.yaml @@ -20,7 +20,7 @@ data: "nix": { "enabled": true }, - "lockFileMaintenance": { + "lockFileMaintenance": { "enabled": true, "automerge": true, "automergeType": "pr", diff --git a/flux/olympus/base/flux-system/kustomization.yaml b/flux/olympus/base/flux-system/kustomization.yaml index 9acdad90..42cac648 100644 --- a/flux/olympus/base/flux-system/kustomization.yaml +++ b/flux/olympus/base/flux-system/kustomization.yaml @@ -1,6 +1,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: -- gotk-components.yaml -- gotk-sync.yaml -- repositories \ No newline at end of file + - gotk-components.yaml + - gotk-sync.yaml + - repositories diff --git a/flux/olympus/base/flux-system/repositories/helm/external-secrets.yaml b/flux/olympus/base/flux-system/repositories/helm/external-secrets.yaml index 65405ea3..a68409ba 100644 --- a/flux/olympus/base/flux-system/repositories/helm/external-secrets.yaml +++ b/flux/olympus/base/flux-system/repositories/helm/external-secrets.yaml @@ -1,4 +1,3 @@ ---- apiVersion: source.toolkit.fluxcd.io/v1beta2 kind: HelmRepository metadata: diff --git a/flux/olympus/core/kustomization.yaml b/flux/olympus/core/kustomization.yaml index 2e5c9c9a..1611c859 100644 --- a/flux/olympus/core/kustomization.yaml +++ b/flux/olympus/core/kustomization.yaml @@ -2,4 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - namespaces - - external-secrets \ No newline at end of file + - external-secrets diff --git a/flux/olympus/core/namespaces/security.yaml b/flux/olympus/core/namespaces/security.yaml index 133fe73b..65f1a838 100644 --- a/flux/olympus/core/namespaces/security.yaml +++ b/flux/olympus/core/namespaces/security.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: Namespace metadata: diff --git a/flux/olympus/core/namespaces/services.yaml b/flux/olympus/core/namespaces/services.yaml index 62bcfaf7..da390d0d 100644 --- a/flux/olympus/core/namespaces/services.yaml +++ b/flux/olympus/core/namespaces/services.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: Namespace metadata: diff --git a/flux/olympus/core/namespaces/websites.yaml b/flux/olympus/core/namespaces/websites.yaml index 7427992f..9b4e8bc3 100644 --- a/flux/olympus/core/namespaces/websites.yaml +++ b/flux/olympus/core/namespaces/websites.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: Namespace metadata: diff --git a/nixos/hosts/hades/pmm/config/Movies.yml b/nixos/hosts/hades/pmm/config/Movies.yml index 85dfb078..7810dd25 100644 --- a/nixos/hosts/hades/pmm/config/Movies.yml +++ b/nixos/hosts/hades/pmm/config/Movies.yml @@ -47,4 +47,4 @@ collections: poster: https://theposterdb.com/api/assets/222279 background: https://i.imgur.com/Yp0NCZa.jpg Bad Trek: - tmdb_collection_details: 115575 \ No newline at end of file + tmdb_collection_details: 115575 -- 2.47.1 From 21d689251266849e4892947ea2565445ddc17991 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 24 Jan 2023 16:01:26 +0000 Subject: [PATCH 0660/1882] chore(deps): lock file maintenance --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index 4951aa7f..ca52c98f 100644 --- a/flake.lock +++ b/flake.lock @@ -434,11 +434,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1674250603, - "narHash": "sha256-SBolFspxBHpW3hCCDNAFXUiO2mucmkVmf17UmSIK3Cs=", + "lastModified": 1674556204, + "narHash": "sha256-HCRmkZsq01h2Evch08zpgE9jeHdMtGdT1okWotyvuhY=", "owner": "nix-community", "repo": "home-manager", - "rev": "275ab728912006eecb549338a50f24f294a7cfb7", + "rev": "c59f0eac51da91c6989fd13a68e156f63c0e60b6", "type": "github" }, "original": { @@ -455,11 +455,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674403405, - "narHash": "sha256-FPOER3tINOEI+oWQGeiWLkpCudVJC3V8wk5cvP9857s=", + "lastModified": 1674569159, + "narHash": "sha256-WEgDCE7JTtXyx1/Kpk9SK6YTkoc92Q7GuTAc+pn7DBU=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "cb98242ea7faff04dad3ae166aff7126184f17c5", + "rev": "63babcba36f5506b4da6ee7f92f2491c6e1ff726", "type": "github" }, "original": { @@ -705,11 +705,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1673803274, - "narHash": "sha256-zaJDlHFXewT4KUsidMpRcPE+REymGH1Y3Eoc3Pjv4Xs=", + "lastModified": 1674550793, + "narHash": "sha256-ljJlIFQZwtBbzWqWTmmw2O5BFmQf1A/DspwMOQtGXHk=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "7bd6b87b3712e68007823e8dd5c37ee9b114fee3", + "rev": "b7ac0a56029e4f9e6743b9993037a5aaafd57103", "type": "github" }, "original": { @@ -786,11 +786,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1674242456, - "narHash": "sha256-yBy7rCH7EiBe9+CHZm9YB5ii5GRa+MOxeW0oDEBO8SE=", + "lastModified": 1674407282, + "narHash": "sha256-2qwc8mrPINSFdWffPK+ji6nQ9aGnnZyHSItVcYDZDlk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "cdead16a444a3e5de7bc9b0af8e198b11bb01804", + "rev": "ab1254087f4cdf4af74b552d7fc95175d9bdbb49", "type": "github" }, "original": { @@ -840,11 +840,11 @@ ] }, "locked": { - "lastModified": 1674391284, - "narHash": "sha256-WTKuWkkWBUmfYzRWFnzMcwnygZOdO9bg3J6JvepQsjs=", + "lastModified": 1674523892, + "narHash": "sha256-//6AUz8N8Uk1VBqIb5xijt4fNT3N9R9NTFNx0K60xhU=", "owner": "pta2002", "repo": "nixvim", - "rev": "ae7c5f8869efc1a6d668e80b2f03d344c472d3f1", + "rev": "66b1b099cf6c65a7bd0aaa6a451072261ea7b51f", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1674452759, - "narHash": "sha256-ylJQP65t/c+QxRy+bVLsxyzWYd6fhx+0K5aeHuOyfNU=", + "lastModified": 1674574136, + "narHash": "sha256-1VZkgpWft6Ifs35aIAry1vHUGLzxUe5M2eBvHhYVByA=", "owner": "nix-community", "repo": "NUR", - "rev": "6e57257984bc8c95ef168b706b1e7d0a814277fc", + "rev": "b87197cac6c38db9e32d76c6f286fee98e2ba752", "type": "github" }, "original": { -- 2.47.1 From c758fa5903a8b5a216e85318f64a17472ffd58bf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 24 Jan 2023 17:00:22 +0000 Subject: [PATCH 0661/1882] chore(deps): update renovate/renovate docker tag to v34.112.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 51efcd8a..b21bdef4 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.105.6 + image: renovate/renovate:34.112.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From b65cd2fc9b04ee919d782a6da30bcdf0ec2426b5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 24 Jan 2023 18:01:42 +0000 Subject: [PATCH 0662/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index ca52c98f..bb5dccb4 100644 --- a/flake.lock +++ b/flake.lock @@ -455,11 +455,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674569159, - "narHash": "sha256-WEgDCE7JTtXyx1/Kpk9SK6YTkoc92Q7GuTAc+pn7DBU=", + "lastModified": 1674580850, + "narHash": "sha256-haogn8bniYUP6pV9FZDVl4gqM3UuXhbFZW9FsLB2/S0=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "63babcba36f5506b4da6ee7f92f2491c6e1ff726", + "rev": "eb9fa8460fb613bc701816e7087cc3667e43bb51", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1674574136, - "narHash": "sha256-1VZkgpWft6Ifs35aIAry1vHUGLzxUe5M2eBvHhYVByA=", + "lastModified": 1674582384, + "narHash": "sha256-5KDJBOV4XL5vI8PfldYUc3bXit0FQYMqK8Hq0KNu9Ss=", "owner": "nix-community", "repo": "NUR", - "rev": "b87197cac6c38db9e32d76c6f286fee98e2ba752", + "rev": "80761b98153ae3e77c16f9399c69250cff06b90a", "type": "github" }, "original": { -- 2.47.1 From da54c8702ee3ddd4f23737298a2def99b5adabfa Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 24 Jan 2023 20:02:05 +0000 Subject: [PATCH 0663/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index bb5dccb4..712c46a2 100644 --- a/flake.lock +++ b/flake.lock @@ -455,11 +455,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674580850, - "narHash": "sha256-haogn8bniYUP6pV9FZDVl4gqM3UuXhbFZW9FsLB2/S0=", + "lastModified": 1674588676, + "narHash": "sha256-Xw9T4S7xXbmKwYLESb8feJTgnjo5qRAl8ea0bAd5LeE=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "eb9fa8460fb613bc701816e7087cc3667e43bb51", + "rev": "e273717a27008e7bd6378bc8abe59b0dca3d9fef", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1674582384, - "narHash": "sha256-5KDJBOV4XL5vI8PfldYUc3bXit0FQYMqK8Hq0KNu9Ss=", + "lastModified": 1674589600, + "narHash": "sha256-MYscPro58Jc+zaNekjwEYpWqgGmMYEhUTejvI1X2RHE=", "owner": "nix-community", "repo": "NUR", - "rev": "80761b98153ae3e77c16f9399c69250cff06b90a", + "rev": "67b24d408dca0b07e5281d39cabe734a0b34b5e6", "type": "github" }, "original": { -- 2.47.1 From 66a03548a8ded7dc0e4d555e883abcb1a5508f23 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 24 Jan 2023 21:00:33 +0000 Subject: [PATCH 0664/1882] chore(deps): update renovate/renovate docker tag to v34.112.3 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index b21bdef4..4b633511 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.112.2 + image: renovate/renovate:34.112.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 3b8d956bfa6de054d42945135cb1b6adaa3dff76 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 24 Jan 2023 22:01:41 +0000 Subject: [PATCH 0665/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 712c46a2..95525f01 100644 --- a/flake.lock +++ b/flake.lock @@ -455,11 +455,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674588676, - "narHash": "sha256-Xw9T4S7xXbmKwYLESb8feJTgnjo5qRAl8ea0bAd5LeE=", + "lastModified": 1674596694, + "narHash": "sha256-HwR2rAjZ7Xiwsbf3LvQS/kHB8ryitBaeqUl9kW/cVco=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "e273717a27008e7bd6378bc8abe59b0dca3d9fef", + "rev": "84954f376f14cc24fe55c373e21c794f7f1ef579", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1674589600, - "narHash": "sha256-MYscPro58Jc+zaNekjwEYpWqgGmMYEhUTejvI1X2RHE=", + "lastModified": 1674596784, + "narHash": "sha256-/qtYSPEwgtQshi9JykeRYFoj7qDbJCQV6WeEQe/0qmQ=", "owner": "nix-community", "repo": "NUR", - "rev": "67b24d408dca0b07e5281d39cabe734a0b34b5e6", + "rev": "36c3694e5241aa1af8973691abb2f9e8abb644c1", "type": "github" }, "original": { -- 2.47.1 From ca96c1418aa0a7a3b2e9b09c7498c794a0d3a6a5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 25 Jan 2023 02:00:21 +0000 Subject: [PATCH 0666/1882] chore(deps): update renovate/renovate docker tag to v34.113.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 4b633511..ff20c2f8 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.112.3 + image: renovate/renovate:34.113.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From b1b9e4a4948f4dbba74206798dde70c30dc5c8a2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 25 Jan 2023 03:02:01 +0000 Subject: [PATCH 0667/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 95525f01..1309f26a 100644 --- a/flake.lock +++ b/flake.lock @@ -455,11 +455,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674596694, - "narHash": "sha256-HwR2rAjZ7Xiwsbf3LvQS/kHB8ryitBaeqUl9kW/cVco=", + "lastModified": 1674604320, + "narHash": "sha256-yhSiPmT3fmOaV2dLBNCsGGpN4t2Ucs6Q3dGygBH34sc=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "84954f376f14cc24fe55c373e21c794f7f1ef579", + "rev": "12e293e3092b03dbb9d82e7a749f482ef2b7ea6e", "type": "github" }, "original": { @@ -840,11 +840,11 @@ ] }, "locked": { - "lastModified": 1674523892, - "narHash": "sha256-//6AUz8N8Uk1VBqIb5xijt4fNT3N9R9NTFNx0K60xhU=", + "lastModified": 1674605006, + "narHash": "sha256-aet2e8wIkj2EkVJao+1pM9Qo5eZzHjhhgCRMGcOa43w=", "owner": "pta2002", "repo": "nixvim", - "rev": "66b1b099cf6c65a7bd0aaa6a451072261ea7b51f", + "rev": "2d542721778743c7baaaa928e7a3af588eabfeb4", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1674596784, - "narHash": "sha256-/qtYSPEwgtQshi9JykeRYFoj7qDbJCQV6WeEQe/0qmQ=", + "lastModified": 1674615491, + "narHash": "sha256-ozf5V9q+HD3iQurOShb6iKwZa0CQdOb+AczjCLsdhpk=", "owner": "nix-community", "repo": "NUR", - "rev": "36c3694e5241aa1af8973691abb2f9e8abb644c1", + "rev": "5c20eb574d31b9fcf47cc406f1eda0cfc8cb0b5a", "type": "github" }, "original": { -- 2.47.1 From 386d9e4514112f30eff0fda5f4e3e863e8b67367 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 25 Jan 2023 04:05:39 +0000 Subject: [PATCH 0668/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1309f26a..54b0d158 100644 --- a/flake.lock +++ b/flake.lock @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1674615491, - "narHash": "sha256-ozf5V9q+HD3iQurOShb6iKwZa0CQdOb+AczjCLsdhpk=", + "lastModified": 1674618317, + "narHash": "sha256-Yjs3JZ5HNmsBzneVyWeObcby7ndWL0MZzINOq5b2ALI=", "owner": "nix-community", "repo": "NUR", - "rev": "5c20eb574d31b9fcf47cc406f1eda0cfc8cb0b5a", + "rev": "708decc2a9704bae481a6bc17b4901dea63543ef", "type": "github" }, "original": { -- 2.47.1 From 6c8f6c6e8d492a8596d968aafb322028c9d36791 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 25 Jan 2023 12:00:22 +0000 Subject: [PATCH 0669/1882] chore(deps): update renovate/renovate docker tag to v34.114.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index ff20c2f8..28072a11 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.113.0 + image: renovate/renovate:34.114.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 32dd630acf3a108fbf2d8f84bf0f7b4b38343b75 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 25 Jan 2023 13:01:44 +0000 Subject: [PATCH 0670/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 54b0d158..619491f7 100644 --- a/flake.lock +++ b/flake.lock @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1674618317, - "narHash": "sha256-Yjs3JZ5HNmsBzneVyWeObcby7ndWL0MZzINOq5b2ALI=", + "lastModified": 1674643487, + "narHash": "sha256-uYMivqp6uJKfli5m98XzfkzGjNQj4sI/jTkgyTHzamc=", "owner": "nix-community", "repo": "NUR", - "rev": "708decc2a9704bae481a6bc17b4901dea63543ef", + "rev": "f0ed41ff1712482b8e849ad0693918a8a482af8d", "type": "github" }, "original": { -- 2.47.1 From fa0df2c51847e74bd756ac848e185706e7d259de Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 25 Jan 2023 14:03:25 +0000 Subject: [PATCH 0671/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 619491f7..fbf987ad 100644 --- a/flake.lock +++ b/flake.lock @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1674643487, - "narHash": "sha256-uYMivqp6uJKfli5m98XzfkzGjNQj4sI/jTkgyTHzamc=", + "lastModified": 1674651781, + "narHash": "sha256-EXq3gfw6uJLlyaSkv1GiFuJx5fVkBFKeAe2UBqTZ7wA=", "owner": "nix-community", "repo": "NUR", - "rev": "f0ed41ff1712482b8e849ad0693918a8a482af8d", + "rev": "30a00b5df32dfa34f069e83bc92283bd614cd021", "type": "github" }, "original": { -- 2.47.1 From 966022eded5cb6abf2e342452963d8b4e876d19c Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 Jan 2023 15:34:58 +0100 Subject: [PATCH 0672/1882] update renovate --- flake.lock | 48 +++++++++---------- flake.nix | 2 +- .../apps/services/renovate/config.yaml | 5 +- nixos/hosts/olympus/default.nix | 6 ++- 4 files changed, 34 insertions(+), 27 deletions(-) diff --git a/flake.lock b/flake.lock index 4951aa7f..c3080f58 100644 --- a/flake.lock +++ b/flake.lock @@ -434,11 +434,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1674250603, - "narHash": "sha256-SBolFspxBHpW3hCCDNAFXUiO2mucmkVmf17UmSIK3Cs=", + "lastModified": 1674556204, + "narHash": "sha256-HCRmkZsq01h2Evch08zpgE9jeHdMtGdT1okWotyvuhY=", "owner": "nix-community", "repo": "home-manager", - "rev": "275ab728912006eecb549338a50f24f294a7cfb7", + "rev": "c59f0eac51da91c6989fd13a68e156f63c0e60b6", "type": "github" }, "original": { @@ -455,11 +455,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674403405, - "narHash": "sha256-FPOER3tINOEI+oWQGeiWLkpCudVJC3V8wk5cvP9857s=", + "lastModified": 1674604320, + "narHash": "sha256-yhSiPmT3fmOaV2dLBNCsGGpN4t2Ucs6Q3dGygBH34sc=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "cb98242ea7faff04dad3ae166aff7126184f17c5", + "rev": "12e293e3092b03dbb9d82e7a749f482ef2b7ea6e", "type": "github" }, "original": { @@ -705,11 +705,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1673803274, - "narHash": "sha256-zaJDlHFXewT4KUsidMpRcPE+REymGH1Y3Eoc3Pjv4Xs=", + "lastModified": 1674550793, + "narHash": "sha256-ljJlIFQZwtBbzWqWTmmw2O5BFmQf1A/DspwMOQtGXHk=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "7bd6b87b3712e68007823e8dd5c37ee9b114fee3", + "rev": "b7ac0a56029e4f9e6743b9993037a5aaafd57103", "type": "github" }, "original": { @@ -770,27 +770,27 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1674365217, - "narHash": "sha256-lL3qUbAr/tnt/xGk1MTc8xuOTKqErqubYha4vhjA4+g=", - "owner": "NULLx76", + "lastModified": 1674556162, + "narHash": "sha256-X5b93+HMdyDqo+loT6Z7bIhaHUhSqVTw/T0lNrlZbvw=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "6c582bdf390948a6be049e81ecbab81bb160a5d3", + "rev": "353e2d957c7421cae4e3ab42739a0997ea7e310f", "type": "github" }, "original": { - "owner": "NULLx76", - "ref": "0x76", + "owner": "nixos", + "ref": "nixos-unstable-small", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_22-11": { "locked": { - "lastModified": 1674242456, - "narHash": "sha256-yBy7rCH7EiBe9+CHZm9YB5ii5GRa+MOxeW0oDEBO8SE=", + "lastModified": 1674407282, + "narHash": "sha256-2qwc8mrPINSFdWffPK+ji6nQ9aGnnZyHSItVcYDZDlk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "cdead16a444a3e5de7bc9b0af8e198b11bb01804", + "rev": "ab1254087f4cdf4af74b552d7fc95175d9bdbb49", "type": "github" }, "original": { @@ -840,11 +840,11 @@ ] }, "locked": { - "lastModified": 1674391284, - "narHash": "sha256-WTKuWkkWBUmfYzRWFnzMcwnygZOdO9bg3J6JvepQsjs=", + "lastModified": 1674605006, + "narHash": "sha256-aet2e8wIkj2EkVJao+1pM9Qo5eZzHjhhgCRMGcOa43w=", "owner": "pta2002", "repo": "nixvim", - "rev": "ae7c5f8869efc1a6d668e80b2f03d344c472d3f1", + "rev": "2d542721778743c7baaaa928e7a3af588eabfeb4", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nur": { "locked": { - "lastModified": 1674452759, - "narHash": "sha256-ylJQP65t/c+QxRy+bVLsxyzWYd6fhx+0K5aeHuOyfNU=", + "lastModified": 1674643487, + "narHash": "sha256-uYMivqp6uJKfli5m98XzfkzGjNQj4sI/jTkgyTHzamc=", "owner": "nix-community", "repo": "NUR", - "rev": "6e57257984bc8c95ef168b706b1e7d0a814277fc", + "rev": "f0ed41ff1712482b8e849ad0693918a8a482af8d", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 38776a0c..e3cb1088 100644 --- a/flake.nix +++ b/flake.nix @@ -9,7 +9,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "github:NULLx76/nixpkgs/0x76"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; nixpkgs_22-11.url = "github:nixos/nixpkgs/nixos-22.11"; nur.url = "github:nix-community/NUR"; diff --git a/flux/olympus/apps/services/renovate/config.yaml b/flux/olympus/apps/services/renovate/config.yaml index dd9d08c9..1b284d19 100644 --- a/flux/olympus/apps/services/renovate/config.yaml +++ b/flux/olympus/apps/services/renovate/config.yaml @@ -25,7 +25,7 @@ data: "automerge": true, "automergeType": "pr", "platformAutomerge": true, - "schedule": ["hourly"], + "schedule": ["weekly"], }, "hostRules": [ { @@ -41,6 +41,9 @@ data: "automergeType": "branch", "matchPackageNames": [ "renovate/renovate" + ], + "matchPackagePrefixes": [ + "git.0x76.dev" ] } ], diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 3c8c7ce2..0073da3c 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -123,7 +123,11 @@ ip = "10.42.42.28"; mac = "9E:86:D3:46:EE:AE"; }; - # 10.42.42.29 + "slimmelezer" = { + ip = "10.42.42.29"; + mac = "b4:8a:0a:ee:b0:5e"; + nix = false; + }; "vault-1" = { ip = "10.42.42.30"; mac = "26:69:0E:7C:B3:79"; -- 2.47.1 From 1740c6dc58e2857ebb8f7a71a94c3b8f3ca6eaa9 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 Jan 2023 15:46:15 +0100 Subject: [PATCH 0673/1882] add internal.xirion.net --- .../apps/services/renovate/config.yaml | 2 +- flux/olympus/apps/websites/internal.yaml | 52 +++++++++++++++++++ flux/olympus/apps/websites/kustomization.yaml | 1 + 3 files changed, 54 insertions(+), 1 deletion(-) create mode 100644 flux/olympus/apps/websites/internal.yaml diff --git a/flux/olympus/apps/services/renovate/config.yaml b/flux/olympus/apps/services/renovate/config.yaml index 1b284d19..d32fd69f 100644 --- a/flux/olympus/apps/services/renovate/config.yaml +++ b/flux/olympus/apps/services/renovate/config.yaml @@ -43,7 +43,7 @@ data: "renovate/renovate" ], "matchPackagePrefixes": [ - "git.0x76.dev" + "git.0x76.dev" ] } ], diff --git a/flux/olympus/apps/websites/internal.yaml b/flux/olympus/apps/websites/internal.yaml new file mode 100644 index 00000000..6a599429 --- /dev/null +++ b/flux/olympus/apps/websites/internal.yaml @@ -0,0 +1,52 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: internal + namespace: websites + labels: + app: internal.xirion.net +spec: + replicas: 1 + selector: + matchLabels: + app: internal.xirion.net + template: + metadata: + labels: + app: internal.xirion.net + spec: + containers: + - name: internal.xirion.net + image: git.0x76.dev/v/internal.xirion.net:1 + ports: + - containerPort: 8080 +--- +apiVersion: v1 +kind: Service +metadata: + name: internal.xirion.net + namespace: websites +spec: + selector: + app: internal.xirion.net + ports: + - protocol: TCP + port: 8080 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: internal.xirion.net + namespace: websites +spec: + rules: + - host: "internal.xirion.net" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: internal.xirion.net + port: + number: 8080 diff --git a/flux/olympus/apps/websites/kustomization.yaml b/flux/olympus/apps/websites/kustomization.yaml index c1c80c79..03918177 100644 --- a/flux/olympus/apps/websites/kustomization.yaml +++ b/flux/olympus/apps/websites/kustomization.yaml @@ -4,3 +4,4 @@ metadata: namespace: websites resources: - 0x76.yaml + - internal.yaml -- 2.47.1 From 1ab24c958bc5179cafac2950616180aee3f9a42e Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 Jan 2023 15:56:22 +0100 Subject: [PATCH 0674/1882] remove nixpkgs follow colmena --- flake.lock | 48 +++++++++++++++++++++++++++++++----------------- flake.nix | 1 - 2 files changed, 31 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index e2f0f933..940e45a7 100644 --- a/flake.lock +++ b/flake.lock @@ -85,9 +85,7 @@ "flake-compat": "flake-compat", "flake-utils": "flake-utils", "nix-eval-jobs": "nix-eval-jobs", - "nixpkgs": [ - "nixpkgs" - ], + "nixpkgs": "nixpkgs", "stable": "stable" }, "locked": { @@ -450,7 +448,7 @@ "hyprland": { "inputs": { "hyprland-protocols": "hyprland-protocols", - "nixpkgs": "nixpkgs", + "nixpkgs": "nixpkgs_2", "wlroots": "wlroots", "xdph": "xdph" }, @@ -610,7 +608,7 @@ "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs_3" + "nixpkgs": "nixpkgs_4" }, "locked": { "lastModified": 1633098935, @@ -721,11 +719,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1673540789, - "narHash": "sha256-xqnxBOK3qctIeUVxecydrEDbEXjsvHCPGPbvsl63M/U=", + "lastModified": 1674459583, + "narHash": "sha256-L0UZl/u2H3HGsrhN+by42c5kNYeKtdmJiPzIRvEVeiM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0f213d0fee84280d8c3a97f7469b988d6fe5fcdf", + "rev": "1b1f50645af2a70dc93eae18bfd88d330bfbcf7f", "type": "github" }, "original": { @@ -770,16 +768,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1674556162, - "narHash": "sha256-X5b93+HMdyDqo+loT6Z7bIhaHUhSqVTw/T0lNrlZbvw=", - "owner": "nixos", + "lastModified": 1673540789, + "narHash": "sha256-xqnxBOK3qctIeUVxecydrEDbEXjsvHCPGPbvsl63M/U=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "353e2d957c7421cae4e3ab42739a0997ea7e310f", + "rev": "0f213d0fee84280d8c3a97f7469b988d6fe5fcdf", "type": "github" }, "original": { - "owner": "nixos", - "ref": "nixos-unstable-small", + "owner": "NixOS", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -801,6 +799,22 @@ } }, "nixpkgs_3": { + "locked": { + "lastModified": 1674556162, + "narHash": "sha256-X5b93+HMdyDqo+loT6Z7bIhaHUhSqVTw/T0lNrlZbvw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "353e2d957c7421cae4e3ab42739a0997ea7e310f", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable-small", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { "locked": { "lastModified": 1632864508, "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", @@ -815,7 +829,7 @@ "type": "indirect" } }, - "nixpkgs_4": { + "nixpkgs_5": { "locked": { "lastModified": 1670507980, "narHash": "sha256-riNZa0xzM1it3pzxciwALeMs+0CsBMWIW2FqulzK8vM=", @@ -972,7 +986,7 @@ "mailserver": "mailserver", "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "nixpkgs_22-11": "nixpkgs_22-11", "nixvim": "nixvim", "nur": "nur", @@ -1117,7 +1131,7 @@ "webcord": { "inputs": { "dream2nix": "dream2nix", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_5", "webcord": "webcord_2" }, "locked": { diff --git a/flake.nix b/flake.nix index e3cb1088..3298804e 100644 --- a/flake.nix +++ b/flake.nix @@ -15,7 +15,6 @@ nur.url = "github:nix-community/NUR"; colmena.url = "github:zhaofengli/colmena"; - colmena.inputs.nixpkgs.follows = "nixpkgs"; vault-secrets.url = "github:serokell/vault-secrets"; vault-secrets.inputs.nixpkgs.follows = "nixpkgs"; -- 2.47.1 From efdd03a1d7ac65d1995e5e0a6e769f3acae87656 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 25 Jan 2023 15:02:05 +0000 Subject: [PATCH 0675/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 940e45a7..93b617fd 100644 --- a/flake.lock +++ b/flake.lock @@ -719,11 +719,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1674459583, - "narHash": "sha256-L0UZl/u2H3HGsrhN+by42c5kNYeKtdmJiPzIRvEVeiM=", + "lastModified": 1669542132, + "narHash": "sha256-DRlg++NJAwPh8io3ExBJdNW7Djs3plVI5jgYQ+iXAZQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1b1f50645af2a70dc93eae18bfd88d330bfbcf7f", + "rev": "a115bb9bd56831941be3776c8a94005867f316a7", "type": "github" }, "original": { -- 2.47.1 From f165ae5ffc815f1f5f43af61265c8d6a1a429bcb Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 Jan 2023 16:07:37 +0100 Subject: [PATCH 0676/1882] fix lock file --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 940e45a7..93b617fd 100644 --- a/flake.lock +++ b/flake.lock @@ -719,11 +719,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1674459583, - "narHash": "sha256-L0UZl/u2H3HGsrhN+by42c5kNYeKtdmJiPzIRvEVeiM=", + "lastModified": 1669542132, + "narHash": "sha256-DRlg++NJAwPh8io3ExBJdNW7Djs3plVI5jgYQ+iXAZQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1b1f50645af2a70dc93eae18bfd88d330bfbcf7f", + "rev": "a115bb9bd56831941be3776c8a94005867f316a7", "type": "github" }, "original": { -- 2.47.1 From 3a1515f00015dfea29ffb7cb84c727d40284b957 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 25 Jan 2023 16:02:42 +0000 Subject: [PATCH 0677/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 93b617fd..9eb74141 100644 --- a/flake.lock +++ b/flake.lock @@ -453,11 +453,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674604320, - "narHash": "sha256-yhSiPmT3fmOaV2dLBNCsGGpN4t2Ucs6Q3dGygBH34sc=", + "lastModified": 1674661101, + "narHash": "sha256-iFFUngau5KHjsKScLhovpb7kCMjJvw/mXXOj6I62sVM=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "12e293e3092b03dbb9d82e7a749f482ef2b7ea6e", + "rev": "fc89e70a1fb74429ad0f772d399325f69e65b357", "type": "github" }, "original": { -- 2.47.1 From 7924c5ab2028a2c42124f226510973bb13a5529a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 26 Jan 2023 12:00:23 +0000 Subject: [PATCH 0678/1882] chore(deps): update nixos/nix docker tag to v2.13.2 --- .woodpecker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 18996887..3be60587 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -1,6 +1,6 @@ pipeline: check: - image: nixos/nix:2.13.1 + image: nixos/nix:2.13.2 environment: - NIX_CONFIG=experimental-features = nix-command flakes commands: -- 2.47.1 From e9787c181b716c277ba5f10e2db2d1d6fe014a1d Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 26 Jan 2023 14:27:19 +0100 Subject: [PATCH 0679/1882] fix internal.xirion.net kubernetes resource naming --- flake.lock | 20 ++++++++--------- flake.nix | 2 +- flux/olympus/apps/websites/internal.yaml | 18 +++++++-------- nixos/hosts/olympus/synapse/configuration.nix | 22 +++++++++++++++++++ 4 files changed, 42 insertions(+), 20 deletions(-) diff --git a/flake.lock b/flake.lock index 93b617fd..02ceb080 100644 --- a/flake.lock +++ b/flake.lock @@ -453,11 +453,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674604320, - "narHash": "sha256-yhSiPmT3fmOaV2dLBNCsGGpN4t2Ucs6Q3dGygBH34sc=", + "lastModified": 1674661101, + "narHash": "sha256-iFFUngau5KHjsKScLhovpb7kCMjJvw/mXXOj6I62sVM=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "12e293e3092b03dbb9d82e7a749f482ef2b7ea6e", + "rev": "fc89e70a1fb74429ad0f772d399325f69e65b357", "type": "github" }, "original": { @@ -688,11 +688,11 @@ ] }, "locked": { - "lastModified": 1672682641, - "narHash": "sha256-940TLvtdT8YKuP5nXcPhUfNeK0A/leSjjG8hfqvWM84=", + "lastModified": 1674666581, + "narHash": "sha256-KNI2s/xrL7WOYaPJAWKBtb7cCH3335rLfsL+B+ssuGY=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "30516cb2b01896e14ce66893e414b6e3eec71cac", + "rev": "6a5dc1d3d557ea7b5c19b15ff91955124d0400fa", "type": "github" }, "original": { @@ -800,16 +800,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1674556162, - "narHash": "sha256-X5b93+HMdyDqo+loT6Z7bIhaHUhSqVTw/T0lNrlZbvw=", + "lastModified": 1674459583, + "narHash": "sha256-L0UZl/u2H3HGsrhN+by42c5kNYeKtdmJiPzIRvEVeiM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "353e2d957c7421cae4e3ab42739a0997ea7e310f", + "rev": "1b1f50645af2a70dc93eae18bfd88d330bfbcf7f", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable-small", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 3298804e..165dd665 100644 --- a/flake.nix +++ b/flake.nix @@ -9,7 +9,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs_22-11.url = "github:nixos/nixpkgs/nixos-22.11"; nur.url = "github:nix-community/NUR"; diff --git a/flux/olympus/apps/websites/internal.yaml b/flux/olympus/apps/websites/internal.yaml index 6a599429..f908e7af 100644 --- a/flux/olympus/apps/websites/internal.yaml +++ b/flux/olympus/apps/websites/internal.yaml @@ -4,31 +4,31 @@ metadata: name: internal namespace: websites labels: - app: internal.xirion.net + app: internal spec: replicas: 1 selector: matchLabels: - app: internal.xirion.net + app: internal template: metadata: labels: - app: internal.xirion.net + app: internal spec: containers: - - name: internal.xirion.net - image: git.0x76.dev/v/internal.xirion.net:1 + - name: internal + image: git.0x76.dev/v/internal:1 ports: - containerPort: 8080 --- apiVersion: v1 kind: Service metadata: - name: internal.xirion.net + name: internal namespace: websites spec: selector: - app: internal.xirion.net + app: internal ports: - protocol: TCP port: 8080 @@ -36,7 +36,7 @@ spec: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: internal.xirion.net + name: internal namespace: websites spec: rules: @@ -47,6 +47,6 @@ spec: pathType: Prefix backend: service: - name: internal.xirion.net + name: internal port: number: 8080 diff --git a/nixos/hosts/olympus/synapse/configuration.nix b/nixos/hosts/olympus/synapse/configuration.nix index 0e812da2..cd528713 100644 --- a/nixos/hosts/olympus/synapse/configuration.nix +++ b/nixos/hosts/olympus/synapse/configuration.nix @@ -54,6 +54,27 @@ in ]; settings = + let log_file = pkgs.writeText "log.yml" '' +version: 1 + +formatters: + structured: + class: synapse.logging.TerseJsonFormatter + +handlers: + file: + class: logging.handlers.TimedRotatingFileHandler + formatter: structured + filename: /var/lib/matrix-synapse/synapse.log + when: midnight + backupCount: 3 # Does not include the current log file. + encoding: utf8 + +loggers: + synapse: + level: INFO + handlers: [file] + ''; in { server_name = "meowy.tech"; enable_registration = true; @@ -64,6 +85,7 @@ in media_retention = { remote_media_lifetime = "90d"; }; + log_config = "${log_file}"; listeners = [ { inherit port; -- 2.47.1 From 36e2947a264264a730272fc27fdf27a06d8bcc7b Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 26 Jan 2023 14:49:34 +0100 Subject: [PATCH 0680/1882] fix container image --- flux/olympus/apps/websites/internal.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/websites/internal.yaml b/flux/olympus/apps/websites/internal.yaml index f908e7af..50d2f244 100644 --- a/flux/olympus/apps/websites/internal.yaml +++ b/flux/olympus/apps/websites/internal.yaml @@ -17,7 +17,7 @@ spec: spec: containers: - name: internal - image: git.0x76.dev/v/internal:1 + image: git.0x76.dev/v/internal.xirion.net:1 ports: - containerPort: 8080 --- -- 2.47.1 From 58a4362d1e658791f4ae2d9344b73fc4e1426837 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 26 Jan 2023 15:26:53 +0100 Subject: [PATCH 0681/1882] add blog --- flux/olympus/apps/websites/blog.yaml | 52 +++++++++++++++++++ flux/olympus/apps/websites/kustomization.yaml | 1 + nixos/hosts/olympus/nginx/configuration.nix | 4 +- 3 files changed, 54 insertions(+), 3 deletions(-) create mode 100644 flux/olympus/apps/websites/blog.yaml diff --git a/flux/olympus/apps/websites/blog.yaml b/flux/olympus/apps/websites/blog.yaml new file mode 100644 index 00000000..52e763e5 --- /dev/null +++ b/flux/olympus/apps/websites/blog.yaml @@ -0,0 +1,52 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: blog + namespace: websites + labels: + app: blog +spec: + replicas: 1 + selector: + matchLabels: + app: blog + template: + metadata: + labels: + app: blog + spec: + containers: + - name: blog + image: git.0x76.dev/v/blog.xirion.net:5 + ports: + - containerPort: 8080 +--- +apiVersion: v1 +kind: Service +metadata: + name: blog + namespace: websites +spec: + selector: + app: blog + ports: + - protocol: TCP + port: 8080 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: blog + namespace: websites +spec: + rules: + - host: "blog.xirion.net" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: blog + port: + number: 8080 diff --git a/flux/olympus/apps/websites/kustomization.yaml b/flux/olympus/apps/websites/kustomization.yaml index 03918177..80f27753 100644 --- a/flux/olympus/apps/websites/kustomization.yaml +++ b/flux/olympus/apps/websites/kustomization.yaml @@ -5,3 +5,4 @@ metadata: resources: - 0x76.yaml - internal.yaml + - blog.yaml \ No newline at end of file diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 92a1c8bd..4770d1a5 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -130,9 +130,7 @@ in { # Kubernetes endpoints virtualHosts."0x76.dev" = k8s_proxy; - # virtualHosts."drone.0x76.dev" = k8s_proxy; - # virtualHosts."msg.0x76.dev" = k8s_proxy; - # virtualHosts."zookeeper.0x76.dev" = k8s_proxy; + virtualHosts."internal.xirion.net" = k8s_proxy; }; services.nginx.commonHttpConfig = '' -- 2.47.1 From e4afa9014b850ad2087b2e7a7bf6d00b339a6054 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 26 Jan 2023 18:04:19 +0100 Subject: [PATCH 0682/1882] small updates --- flake.lock | 26 ++++++++++---------- flake.nix | 2 +- nixos/hosts/olympus/nginx/configuration.nix | 1 + nixos/hosts/thalassa/aoife/configuration.nix | 4 +-- 4 files changed, 16 insertions(+), 17 deletions(-) diff --git a/flake.lock b/flake.lock index 02ceb080..b7b57d52 100644 --- a/flake.lock +++ b/flake.lock @@ -453,11 +453,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674661101, - "narHash": "sha256-iFFUngau5KHjsKScLhovpb7kCMjJvw/mXXOj6I62sVM=", + "lastModified": 1674743782, + "narHash": "sha256-BPUlICIlToJYKJSALLzFBsvuYrJ/7JnsW/dQioRkoZ8=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "fc89e70a1fb74429ad0f772d399325f69e65b357", + "rev": "94b7b6b58475a0e802e390591f95e04c70aa676d", "type": "github" }, "original": { @@ -800,16 +800,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1674459583, - "narHash": "sha256-L0UZl/u2H3HGsrhN+by42c5kNYeKtdmJiPzIRvEVeiM=", + "lastModified": 1674717189, + "narHash": "sha256-8N2xC6w8JT50D34jYwwvVM5gSqesrEPDXSnxUo2aQUU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "1b1f50645af2a70dc93eae18bfd88d330bfbcf7f", + "rev": "622d35bf4aeb3cdf2e4e67a2b299c91a19b4f4b1", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable", + "ref": "nixos-unstable-small", "repo": "nixpkgs", "type": "github" } @@ -854,11 +854,11 @@ ] }, "locked": { - "lastModified": 1674605006, - "narHash": "sha256-aet2e8wIkj2EkVJao+1pM9Qo5eZzHjhhgCRMGcOa43w=", + "lastModified": 1674672409, + "narHash": "sha256-cpvzA+t+ZkmL8repn1fVhft8FQnyD7Egp9AJC9wDBls=", "owner": "pta2002", "repo": "nixvim", - "rev": "2d542721778743c7baaaa928e7a3af588eabfeb4", + "rev": "c73bef16ab2f8fe87210a840a2178a593f107eae", "type": "github" }, "original": { @@ -869,11 +869,11 @@ }, "nur": { "locked": { - "lastModified": 1674651781, - "narHash": "sha256-EXq3gfw6uJLlyaSkv1GiFuJx5fVkBFKeAe2UBqTZ7wA=", + "lastModified": 1674751968, + "narHash": "sha256-QtOpWWlrdPXQNnS1xYQPgmiVO5vbN7mCGhHO+rSBHWY=", "owner": "nix-community", "repo": "NUR", - "rev": "30a00b5df32dfa34f069e83bc92283bd614cd021", + "rev": "35fea51e033d24efd3250295ba50fafafc9f117e", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 165dd665..3298804e 100644 --- a/flake.nix +++ b/flake.nix @@ -9,7 +9,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; nixpkgs_22-11.url = "github:nixos/nixpkgs/nixos-22.11"; nur.url = "github:nix-community/NUR"; diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 4770d1a5..5486f127 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -131,6 +131,7 @@ in { # Kubernetes endpoints virtualHosts."0x76.dev" = k8s_proxy; virtualHosts."internal.xirion.net" = k8s_proxy; + virtualHosts."blog.xirion.net" = k8s_proxy; }; services.nginx.commonHttpConfig = '' diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index 976876ab..ea22c85a 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -114,9 +114,7 @@ # Enable ccache programs.ccache.enable = true; programs.ccache.packageNames = [ - # "linux" - # "webkitgtk" - # "qtwebengine" + "evolution-data-server" ]; nix.settings.extra-sandbox-paths = [ (toString config.programs.ccache.cacheDir) ]; -- 2.47.1 From 9178fec4197359ff2e85cc035ed0c917b3a2b622 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 26 Jan 2023 18:11:06 +0100 Subject: [PATCH 0683/1882] fix lint --- .editorconfig | 12 ++++++++++++ flux/olympus/apps/websites/kustomization.yaml | 2 +- 2 files changed, 13 insertions(+), 1 deletion(-) create mode 100644 .editorconfig diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 00000000..c1e2c643 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,12 @@ +# EditorConfig is awesome: https://EditorConfig.org + +# top-most EditorConfig file +root = true + +[*] +indent_style = space +indent_size = 4 +end_of_line = lf +charset = utf-8 +trim_trailing_whitespace = true +insert_final_newline = true diff --git a/flux/olympus/apps/websites/kustomization.yaml b/flux/olympus/apps/websites/kustomization.yaml index 80f27753..a9d1c538 100644 --- a/flux/olympus/apps/websites/kustomization.yaml +++ b/flux/olympus/apps/websites/kustomization.yaml @@ -5,4 +5,4 @@ metadata: resources: - 0x76.yaml - internal.yaml - - blog.yaml \ No newline at end of file + - blog.yaml -- 2.47.1 From ac4a4bd61016898ed5ab99d53c5aa38f17476366 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 26 Jan 2023 18:01:32 +0000 Subject: [PATCH 0684/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b7b57d52..ad812cb2 100644 --- a/flake.lock +++ b/flake.lock @@ -869,11 +869,11 @@ }, "nur": { "locked": { - "lastModified": 1674751968, - "narHash": "sha256-QtOpWWlrdPXQNnS1xYQPgmiVO5vbN7mCGhHO+rSBHWY=", + "lastModified": 1674755094, + "narHash": "sha256-V0mpdqiP6u1r0eg4tnVATxl57RqS+QirkfGp0S7a9Xg=", "owner": "nix-community", "repo": "NUR", - "rev": "35fea51e033d24efd3250295ba50fafafc9f117e", + "rev": "d9b569732923681cb4eb692d1021c0640fee7fb9", "type": "github" }, "original": { -- 2.47.1 From 64ead490ae7c03bcdf8e502d3da45cdc370910be Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 26 Jan 2023 21:00:23 +0000 Subject: [PATCH 0685/1882] chore(deps): update renovate/renovate docker tag to v34.114.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 28072a11..cc12c575 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.114.0 + image: renovate/renovate:34.114.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 36bc16e0cfd86ca88bc1bd6d985c6c923785bc4f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 26 Jan 2023 22:01:46 +0000 Subject: [PATCH 0686/1882] chore(deps): lock file maintenance --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index ad812cb2..28f38052 100644 --- a/flake.lock +++ b/flake.lock @@ -432,11 +432,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1674556204, - "narHash": "sha256-HCRmkZsq01h2Evch08zpgE9jeHdMtGdT1okWotyvuhY=", + "lastModified": 1674768676, + "narHash": "sha256-6ZrYRz0mqs7arGL8Vl34FIGSO0XwJudP6tMrOs1xYcg=", "owner": "nix-community", "repo": "home-manager", - "rev": "c59f0eac51da91c6989fd13a68e156f63c0e60b6", + "rev": "7efca2ca18062791cbaa838f4d3e23d629bb1473", "type": "github" }, "original": { @@ -784,11 +784,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1674407282, - "narHash": "sha256-2qwc8mrPINSFdWffPK+ji6nQ9aGnnZyHSItVcYDZDlk=", + "lastModified": 1674692158, + "narHash": "sha256-oqGpwVg4D+eMSgF7Th5Ve1ysCiH3H3g85vGJ3nvJsZQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "ab1254087f4cdf4af74b552d7fc95175d9bdbb49", + "rev": "def9e420d27c951026d57dc96ce0218c3131f412", "type": "github" }, "original": { @@ -800,11 +800,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1674717189, - "narHash": "sha256-8N2xC6w8JT50D34jYwwvVM5gSqesrEPDXSnxUo2aQUU=", + "lastModified": 1674744792, + "narHash": "sha256-DIu89WPNrHmLTonFrFMOydfcQgbJNYldW147VfrpRHU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "622d35bf4aeb3cdf2e4e67a2b299c91a19b4f4b1", + "rev": "4f3f2f548defc38a835145c981650c254e07b93f", "type": "github" }, "original": { @@ -854,11 +854,11 @@ ] }, "locked": { - "lastModified": 1674672409, - "narHash": "sha256-cpvzA+t+ZkmL8repn1fVhft8FQnyD7Egp9AJC9wDBls=", + "lastModified": 1674764325, + "narHash": "sha256-3YEOnDIfcHkoQn4ozY9EI4MVt/94SmwElLy8cDlvWbg=", "owner": "pta2002", "repo": "nixvim", - "rev": "c73bef16ab2f8fe87210a840a2178a593f107eae", + "rev": "8a0056617afbdef0a5dee89505e1e20c2798295f", "type": "github" }, "original": { @@ -869,11 +869,11 @@ }, "nur": { "locked": { - "lastModified": 1674755094, - "narHash": "sha256-V0mpdqiP6u1r0eg4tnVATxl57RqS+QirkfGp0S7a9Xg=", + "lastModified": 1674768934, + "narHash": "sha256-Mq7rbxlw3G5QhKDBOGi7JpZAEW7ZKjHBDfTDi6yMmHI=", "owner": "nix-community", "repo": "NUR", - "rev": "d9b569732923681cb4eb692d1021c0640fee7fb9", + "rev": "5a29d4f1e6446e704403415364749f20dc350470", "type": "github" }, "original": { -- 2.47.1 From 70b359dde71b137573deef67750a35354f27dba1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 26 Jan 2023 23:04:28 +0000 Subject: [PATCH 0687/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 28f38052..57e5b234 100644 --- a/flake.lock +++ b/flake.lock @@ -432,11 +432,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1674768676, - "narHash": "sha256-6ZrYRz0mqs7arGL8Vl34FIGSO0XwJudP6tMrOs1xYcg=", + "lastModified": 1674771519, + "narHash": "sha256-U0W3S1nX6yEvLh3Vq70EORbmXecAKXfmEfCfaA4A+I8=", "owner": "nix-community", "repo": "home-manager", - "rev": "7efca2ca18062791cbaa838f4d3e23d629bb1473", + "rev": "bb4b25b302dbf0f527f190461b080b5262871756", "type": "github" }, "original": { @@ -869,11 +869,11 @@ }, "nur": { "locked": { - "lastModified": 1674768934, - "narHash": "sha256-Mq7rbxlw3G5QhKDBOGi7JpZAEW7ZKjHBDfTDi6yMmHI=", + "lastModified": 1674771478, + "narHash": "sha256-WI5CNBN3ys5vUcfUvpVIfU4lYm3b5Oon8sbJnNG1nK8=", "owner": "nix-community", "repo": "NUR", - "rev": "5a29d4f1e6446e704403415364749f20dc350470", + "rev": "2d809d91d70e26e983d61a50546947f3189d05bb", "type": "github" }, "original": { -- 2.47.1 From c4b58e46f0c4b7c8227aadd1e83ee110b5a1892c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 27 Jan 2023 10:00:22 +0000 Subject: [PATCH 0688/1882] chore(deps): update renovate/renovate docker tag to v34.115.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index cc12c575..1e7e46c2 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.114.1 + image: renovate/renovate:34.115.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 449cf1d53fcc2e137465e7f43c91ebbee113d832 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 27 Jan 2023 11:01:49 +0000 Subject: [PATCH 0689/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 57e5b234..a4e90bba 100644 --- a/flake.lock +++ b/flake.lock @@ -800,11 +800,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1674744792, - "narHash": "sha256-DIu89WPNrHmLTonFrFMOydfcQgbJNYldW147VfrpRHU=", + "lastModified": 1674798626, + "narHash": "sha256-6qHfldrneolG+fMqUg5jpXfRYv//izZg/XzXvKiA9iU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4f3f2f548defc38a835145c981650c254e07b93f", + "rev": "3875a3e3e1ca2fa7e17fc45a1dbf92551f1b9db7", "type": "github" }, "original": { @@ -869,11 +869,11 @@ }, "nur": { "locked": { - "lastModified": 1674771478, - "narHash": "sha256-WI5CNBN3ys5vUcfUvpVIfU4lYm3b5Oon8sbJnNG1nK8=", + "lastModified": 1674800989, + "narHash": "sha256-vRUJhQTR2cIPXBJwAWlqL67GjqYvx8WpT8lzWIif5Oo=", "owner": "nix-community", "repo": "NUR", - "rev": "2d809d91d70e26e983d61a50546947f3189d05bb", + "rev": "5afe5e755851b4d4a339eec4d6d701571c2140c5", "type": "github" }, "original": { -- 2.47.1 From 6856bc7b75242ad99b6045573d02a2abd39133d6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 27 Jan 2023 12:05:00 +0000 Subject: [PATCH 0690/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index a4e90bba..4948eeb6 100644 --- a/flake.lock +++ b/flake.lock @@ -453,11 +453,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674743782, - "narHash": "sha256-BPUlICIlToJYKJSALLzFBsvuYrJ/7JnsW/dQioRkoZ8=", + "lastModified": 1674819116, + "narHash": "sha256-/lOvQnwIxDjz8E0VKKlkHqZ/DjBYXy7miEDegiGMY8M=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "94b7b6b58475a0e802e390591f95e04c70aa676d", + "rev": "af37a3895f810ebe3cc58600b0d9b2fcf449b2d1", "type": "github" }, "original": { @@ -784,11 +784,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1674692158, - "narHash": "sha256-oqGpwVg4D+eMSgF7Th5Ve1ysCiH3H3g85vGJ3nvJsZQ=", + "lastModified": 1674781052, + "narHash": "sha256-nseKFXRvmZ+BDAeWQtsiad+5MnvI/M2Ak9iAWzooWBw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "def9e420d27c951026d57dc96ce0218c3131f412", + "rev": "cc4bb87f5457ba06af9ae57ee4328a49ce674b1b", "type": "github" }, "original": { @@ -869,11 +869,11 @@ }, "nur": { "locked": { - "lastModified": 1674800989, - "narHash": "sha256-vRUJhQTR2cIPXBJwAWlqL67GjqYvx8WpT8lzWIif5Oo=", + "lastModified": 1674819037, + "narHash": "sha256-FLb9zv8Jh9QNwIK/moAa591HhQDzTal6yHhoEO3MfxA=", "owner": "nix-community", "repo": "NUR", - "rev": "5afe5e755851b4d4a339eec4d6d701571c2140c5", + "rev": "4627120867504e7d2d1a7d04f1c2291495cbb158", "type": "github" }, "original": { -- 2.47.1 From b1bb0039bd7e5b6dce9efed58919293ae741059e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 27 Jan 2023 13:00:25 +0000 Subject: [PATCH 0691/1882] chore(deps): update renovate/renovate docker tag to v34.115.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 1e7e46c2..aa00ea31 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.115.0 + image: renovate/renovate:34.115.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 16c95fd57d805356563ee635ca19771565f4427b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 27 Jan 2023 14:01:41 +0000 Subject: [PATCH 0692/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 4948eeb6..82e23905 100644 --- a/flake.lock +++ b/flake.lock @@ -869,11 +869,11 @@ }, "nur": { "locked": { - "lastModified": 1674819037, - "narHash": "sha256-FLb9zv8Jh9QNwIK/moAa591HhQDzTal6yHhoEO3MfxA=", + "lastModified": 1674823342, + "narHash": "sha256-5UFRwDX91nMcazWP7K8ZSpmXWUAhliKpVzFOJ1IHKHw=", "owner": "nix-community", "repo": "NUR", - "rev": "4627120867504e7d2d1a7d04f1c2291495cbb158", + "rev": "b2246cfe6601d580126f6d2fafb5df759357d85d", "type": "github" }, "original": { -- 2.47.1 From 874e1b949b9031bef942fcdaaa333724a2e3466c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 27 Jan 2023 17:01:23 +0000 Subject: [PATCH 0693/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 82e23905..d90f4600 100644 --- a/flake.lock +++ b/flake.lock @@ -800,11 +800,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1674798626, - "narHash": "sha256-6qHfldrneolG+fMqUg5jpXfRYv//izZg/XzXvKiA9iU=", + "lastModified": 1674830669, + "narHash": "sha256-8qIz7F1UymYHdXmhwktvqSbyf0PuS2S51WmnhUj2Vow=", "owner": "nixos", "repo": "nixpkgs", - "rev": "3875a3e3e1ca2fa7e17fc45a1dbf92551f1b9db7", + "rev": "6173948c03942a3eaff2e18c7375f4f79c3b1739", "type": "github" }, "original": { @@ -869,11 +869,11 @@ }, "nur": { "locked": { - "lastModified": 1674823342, - "narHash": "sha256-5UFRwDX91nMcazWP7K8ZSpmXWUAhliKpVzFOJ1IHKHw=", + "lastModified": 1674838254, + "narHash": "sha256-hgQtznuSaTSc3LsMhcLSABo13pZmzyCTbgHdIz1+muA=", "owner": "nix-community", "repo": "NUR", - "rev": "b2246cfe6601d580126f6d2fafb5df759357d85d", + "rev": "dc65dc160e680b3bc11b22527fc4925d9663f105", "type": "github" }, "original": { -- 2.47.1 From 2cde4cefe83df8a36ec51f2cc5bb2b571771249a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 27 Jan 2023 20:01:38 +0000 Subject: [PATCH 0694/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d90f4600..e1e871fd 100644 --- a/flake.lock +++ b/flake.lock @@ -869,11 +869,11 @@ }, "nur": { "locked": { - "lastModified": 1674838254, - "narHash": "sha256-hgQtznuSaTSc3LsMhcLSABo13pZmzyCTbgHdIz1+muA=", + "lastModified": 1674848689, + "narHash": "sha256-EDVqy+4Vr0a3xrv+y7WFadmokO53EEAAIWr249k3LUM=", "owner": "nix-community", "repo": "NUR", - "rev": "dc65dc160e680b3bc11b22527fc4925d9663f105", + "rev": "669305238f287604316f306bf4af33943bd479ec", "type": "github" }, "original": { -- 2.47.1 From 6f813531808346e8f28ceb9fb82b5d4db7f1a337 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 27 Jan 2023 22:01:34 +0000 Subject: [PATCH 0695/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index e1e871fd..eadfc153 100644 --- a/flake.lock +++ b/flake.lock @@ -869,11 +869,11 @@ }, "nur": { "locked": { - "lastModified": 1674848689, - "narHash": "sha256-EDVqy+4Vr0a3xrv+y7WFadmokO53EEAAIWr249k3LUM=", + "lastModified": 1674855963, + "narHash": "sha256-DYEoEf4+VimZvrBiJg2AkWg26vAKgKeavrmayqlBooc=", "owner": "nix-community", "repo": "NUR", - "rev": "669305238f287604316f306bf4af33943bd479ec", + "rev": "ee61d5175c3666bee014b90a803fd4e730466a1a", "type": "github" }, "original": { -- 2.47.1 From a1abe9e14c1af21e40451cfa9f7fb47a2d22311b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 27 Jan 2023 23:01:53 +0000 Subject: [PATCH 0696/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index eadfc153..2600f519 100644 --- a/flake.lock +++ b/flake.lock @@ -89,11 +89,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1669917327, - "narHash": "sha256-YYjaNOUJZaM5t35GbWtfX825TlI9LAksbfdhaCYWmfY=", + "lastModified": 1674858222, + "narHash": "sha256-E/TRWyRxo/IRs9fXGVY7v98sAbtQuBYDp/p2Juwjf5I=", "owner": "zhaofengli", "repo": "colmena", - "rev": "64c46fa0169233d4faed70c52583cd3183c7f5aa", + "rev": "3d1cdbacd004b80b081b0d4416669f4dcf31540d", "type": "github" }, "original": { -- 2.47.1 From 8cb341c94874c746d75ce4722ca61f4decf84c11 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 28 Jan 2023 10:00:22 +0000 Subject: [PATCH 0697/1882] chore(deps): update renovate/renovate docker tag to v34.116.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index aa00ea31..b58d1c7f 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.115.1 + image: renovate/renovate:34.116.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 5ef8a715eb1444f60b4c80de7bd350cf496e1be2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 28 Jan 2023 11:01:36 +0000 Subject: [PATCH 0698/1882] chore(deps): lock file maintenance --- flake.lock | 51 ++++++++++++--------------------------------------- 1 file changed, 12 insertions(+), 39 deletions(-) diff --git a/flake.lock b/flake.lock index 2600f519..ca6c8251 100644 --- a/flake.lock +++ b/flake.lock @@ -84,16 +84,15 @@ "inputs": { "flake-compat": "flake-compat", "flake-utils": "flake-utils", - "nix-eval-jobs": "nix-eval-jobs", "nixpkgs": "nixpkgs", "stable": "stable" }, "locked": { - "lastModified": 1674858222, - "narHash": "sha256-E/TRWyRxo/IRs9fXGVY7v98sAbtQuBYDp/p2Juwjf5I=", + "lastModified": 1674888748, + "narHash": "sha256-NJ/wtclMjmj8EW+u4fHcvC1QVZgu6aGMPHW5+yirrjU=", "owner": "zhaofengli", "repo": "colmena", - "rev": "3d1cdbacd004b80b081b0d4416669f4dcf31540d", + "rev": "9cb84136021796647885afa9b04646ce6bf72a55", "type": "github" }, "original": { @@ -623,32 +622,6 @@ "type": "indirect" } }, - "nix-eval-jobs": { - "inputs": { - "flake-utils": [ - "colmena", - "flake-utils" - ], - "nixpkgs": [ - "colmena", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1660713017, - "narHash": "sha256-w6KLNkT/2fI7UvPg3NoKj7gve4CgUHpyWOFq0BUwW7o=", - "owner": "zhaofengli", - "repo": "nix-eval-jobs", - "rev": "b4c078a4870c5b1a5b74420ca1dca41f4d75b7cc", - "type": "github" - }, - "original": { - "owner": "zhaofengli", - "ref": "colmena", - "repo": "nix-eval-jobs", - "type": "github" - } - }, "nix-pypi-fetcher": { "flake": false, "locked": { @@ -719,11 +692,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1669542132, - "narHash": "sha256-DRlg++NJAwPh8io3ExBJdNW7Djs3plVI5jgYQ+iXAZQ=", + "lastModified": 1674641431, + "narHash": "sha256-qfo19qVZBP4qn5M5gXc/h1MDgAtPA5VxJm9s8RUAkVk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a115bb9bd56831941be3776c8a94005867f316a7", + "rev": "9b97ad7b4330aacda9b2343396eb3df8a853b4fc", "type": "github" }, "original": { @@ -800,11 +773,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1674830669, - "narHash": "sha256-8qIz7F1UymYHdXmhwktvqSbyf0PuS2S51WmnhUj2Vow=", + "lastModified": 1674890375, + "narHash": "sha256-KTFQ7AkKVLJPoGg1cRAekFDyvDPT8A6jGPAu1liFD74=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6173948c03942a3eaff2e18c7375f4f79c3b1739", + "rev": "4fe4a0e8abadd05d9e81923c13531ab1476d6fd3", "type": "github" }, "original": { @@ -869,11 +842,11 @@ }, "nur": { "locked": { - "lastModified": 1674855963, - "narHash": "sha256-DYEoEf4+VimZvrBiJg2AkWg26vAKgKeavrmayqlBooc=", + "lastModified": 1674888299, + "narHash": "sha256-5g0shs1K4vxmv3W8SqgI7cmSnlotT4AWmxdBO9tvmTM=", "owner": "nix-community", "repo": "NUR", - "rev": "ee61d5175c3666bee014b90a803fd4e730466a1a", + "rev": "22eafe11a555362dadd49b3f76b1ceae7e17e4d1", "type": "github" }, "original": { -- 2.47.1 From f8899055598262eee17207e27e62971e9b8dcc44 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 28 Jan 2023 13:01:17 +0000 Subject: [PATCH 0699/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index ca6c8251..9a2b0d0e 100644 --- a/flake.lock +++ b/flake.lock @@ -452,11 +452,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674819116, - "narHash": "sha256-/lOvQnwIxDjz8E0VKKlkHqZ/DjBYXy7miEDegiGMY8M=", + "lastModified": 1674908798, + "narHash": "sha256-rDkkRmy6Wd/KNC5OE1ih9BxkohwFUqXR1Tzw3yUZuYM=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "af37a3895f810ebe3cc58600b0d9b2fcf449b2d1", + "rev": "61c9e50bcd6c51e026203f194bc186eda3c44a38", "type": "github" }, "original": { @@ -842,11 +842,11 @@ }, "nur": { "locked": { - "lastModified": 1674888299, - "narHash": "sha256-5g0shs1K4vxmv3W8SqgI7cmSnlotT4AWmxdBO9tvmTM=", + "lastModified": 1674910817, + "narHash": "sha256-Divh494EQtiKGz3B+5TTA0VR2xPaxVOy5LO6f34kLI4=", "owner": "nix-community", "repo": "NUR", - "rev": "22eafe11a555362dadd49b3f76b1ceae7e17e4d1", + "rev": "0230b631c025c767653cacae223980ac05ecce20", "type": "github" }, "original": { -- 2.47.1 From 7b97ab72c56ca4c72a897a8946b1277575c4c2c4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 28 Jan 2023 14:00:21 +0000 Subject: [PATCH 0700/1882] chore(deps): update renovate/renovate docker tag to v34.116.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index b58d1c7f..ff4f8d68 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.116.0 + image: renovate/renovate:34.116.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From b96fa1e4d2aadc98105ceb1ae6d7638bb1b129ae Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 28 Jan 2023 16:01:57 +0100 Subject: [PATCH 0701/1882] change automergetype renovate --- flux/olympus/apps/services/renovate/config.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/flux/olympus/apps/services/renovate/config.yaml b/flux/olympus/apps/services/renovate/config.yaml index d32fd69f..a7d49df7 100644 --- a/flux/olympus/apps/services/renovate/config.yaml +++ b/flux/olympus/apps/services/renovate/config.yaml @@ -23,8 +23,7 @@ data: "lockFileMaintenance": { "enabled": true, "automerge": true, - "automergeType": "pr", - "platformAutomerge": true, + "automergeType": "branch", "schedule": ["weekly"], }, "hostRules": [ -- 2.47.1 From c86d65613f0dfb6fabff1798f7cee9b42bb32e28 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 28 Jan 2023 16:04:25 +0000 Subject: [PATCH 0702/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 9a2b0d0e..7a2b260b 100644 --- a/flake.lock +++ b/flake.lock @@ -757,11 +757,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1674781052, - "narHash": "sha256-nseKFXRvmZ+BDAeWQtsiad+5MnvI/M2Ak9iAWzooWBw=", + "lastModified": 1674868155, + "narHash": "sha256-eFNm2h6fNbgD7ZpO4MHikCB5pSnCJ7DTmwPisjetmwc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "cc4bb87f5457ba06af9ae57ee4328a49ce674b1b", + "rev": "ce20e9ebe1903ea2ba1ab006ec63093020c761cb", "type": "github" }, "original": { @@ -827,11 +827,11 @@ ] }, "locked": { - "lastModified": 1674764325, - "narHash": "sha256-3YEOnDIfcHkoQn4ozY9EI4MVt/94SmwElLy8cDlvWbg=", + "lastModified": 1674917700, + "narHash": "sha256-4NSCMIeOZbXJ47h2gv5gKsk8iPx90jwU7UDxSy6gi+0=", "owner": "pta2002", "repo": "nixvim", - "rev": "8a0056617afbdef0a5dee89505e1e20c2798295f", + "rev": "8ef6945e7550f81352564a70796554e7997be5c1", "type": "github" }, "original": { @@ -842,11 +842,11 @@ }, "nur": { "locked": { - "lastModified": 1674910817, - "narHash": "sha256-Divh494EQtiKGz3B+5TTA0VR2xPaxVOy5LO6f34kLI4=", + "lastModified": 1674920662, + "narHash": "sha256-7Ld420jo1cCwNURdyq3nlCzG2vYa5PCURBYkFLkQbg8=", "owner": "nix-community", "repo": "NUR", - "rev": "0230b631c025c767653cacae223980ac05ecce20", + "rev": "3f056601e64b94cbeb68138323b75d92615ac8d8", "type": "github" }, "original": { -- 2.47.1 From 029b8b9c2cd17d68b4be859f207b987315eb484d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 28 Jan 2023 17:01:35 +0000 Subject: [PATCH 0703/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 7a2b260b..5a921939 100644 --- a/flake.lock +++ b/flake.lock @@ -773,11 +773,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1674890375, - "narHash": "sha256-KTFQ7AkKVLJPoGg1cRAekFDyvDPT8A6jGPAu1liFD74=", + "lastModified": 1674916711, + "narHash": "sha256-8v0pdh5G7K2TvXWw1HylgThpDWEYvnntuCtnJCdqtHA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4fe4a0e8abadd05d9e81923c13531ab1476d6fd3", + "rev": "99563190d585896d7ddb43ea448a95574dfa2373", "type": "github" }, "original": { -- 2.47.1 From 471d1c7a4a4bf7034ca70679f0ad02b17b9c03cc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 28 Jan 2023 18:01:39 +0000 Subject: [PATCH 0704/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 5a921939..2d8430f4 100644 --- a/flake.lock +++ b/flake.lock @@ -431,11 +431,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1674771519, - "narHash": "sha256-U0W3S1nX6yEvLh3Vq70EORbmXecAKXfmEfCfaA4A+I8=", + "lastModified": 1674928308, + "narHash": "sha256-elVU4NUZEl11BdT4gC+lrpLYM8Ccxqxs19Ix84HTI9o=", "owner": "nix-community", "repo": "home-manager", - "rev": "bb4b25b302dbf0f527f190461b080b5262871756", + "rev": "08a778d80308353f4f65c9dcd3790b5da02d6306", "type": "github" }, "original": { @@ -452,11 +452,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674908798, - "narHash": "sha256-rDkkRmy6Wd/KNC5OE1ih9BxkohwFUqXR1Tzw3yUZuYM=", + "lastModified": 1674928454, + "narHash": "sha256-jtuq90kM5zt5HPPjCjQjS/iKiYdhojjSyzufoJM+gUQ=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "61c9e50bcd6c51e026203f194bc186eda3c44a38", + "rev": "1c1e688564500ac0a4938d8dcc77382b370dacd6", "type": "github" }, "original": { @@ -842,11 +842,11 @@ }, "nur": { "locked": { - "lastModified": 1674920662, - "narHash": "sha256-7Ld420jo1cCwNURdyq3nlCzG2vYa5PCURBYkFLkQbg8=", + "lastModified": 1674928887, + "narHash": "sha256-CK7Ohk8hmxJGkQgt68MDsBz/Mromk362yjphP4L8dBA=", "owner": "nix-community", "repo": "NUR", - "rev": "3f056601e64b94cbeb68138323b75d92615ac8d8", + "rev": "8ebf4468167f7be80d16bc2327c09a9f93208d22", "type": "github" }, "original": { -- 2.47.1 From b85f0e013ad7de96b6e52be0399a4de1032838d4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 28 Jan 2023 19:01:51 +0000 Subject: [PATCH 0705/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 2d8430f4..af3400dc 100644 --- a/flake.lock +++ b/flake.lock @@ -452,11 +452,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674928454, - "narHash": "sha256-jtuq90kM5zt5HPPjCjQjS/iKiYdhojjSyzufoJM+gUQ=", + "lastModified": 1674930518, + "narHash": "sha256-EVusv/SJYQHOY/6VmxXC2IFSFtQhrIk6/b0ugd6lxDk=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "1c1e688564500ac0a4938d8dcc77382b370dacd6", + "rev": "ce632b7a05a27d121c9544607ccd873adee8bd42", "type": "github" }, "original": { -- 2.47.1 From 540e6ab692560a9806442a6b72b3aa5b50c1c9e0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 28 Jan 2023 20:01:43 +0000 Subject: [PATCH 0706/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index af3400dc..772f2da9 100644 --- a/flake.lock +++ b/flake.lock @@ -842,11 +842,11 @@ }, "nur": { "locked": { - "lastModified": 1674928887, - "narHash": "sha256-CK7Ohk8hmxJGkQgt68MDsBz/Mromk362yjphP4L8dBA=", + "lastModified": 1674935082, + "narHash": "sha256-dmC6iKS2biE9Pl+kCvvR7jdrZCC/rX5U5vfk3NdMS1o=", "owner": "nix-community", "repo": "NUR", - "rev": "8ebf4468167f7be80d16bc2327c09a9f93208d22", + "rev": "be36aaf543b636d7e62f65e55dabe932730f3f7a", "type": "github" }, "original": { -- 2.47.1 From ecc27801c6ee22403dc7d4ca4693b953fbee132c Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 28 Jan 2023 21:06:34 +0100 Subject: [PATCH 0707/1882] updates --- flake.lock | 265 ++++++++++++------- flake.nix | 11 +- nixos/hosts/thalassa/aoife/configuration.nix | 3 +- 3 files changed, 176 insertions(+), 103 deletions(-) diff --git a/flake.lock b/flake.lock index 9a2b0d0e..4a20dba0 100644 --- a/flake.lock +++ b/flake.lock @@ -105,9 +105,7 @@ "inputs": { "flake-compat": "flake-compat_2", "naersk": "naersk", - "nixpkgs": [ - "nixpkgs" - ], + "nixpkgs": "nixpkgs_2", "utils": "utils" }, "locked": { @@ -198,11 +196,11 @@ "rust-analyzer-src": "rust-analyzer-src" }, "locked": { - "lastModified": 1662186434, - "narHash": "sha256-N867s0Z20q9LNirVftWoKAmkEARmmHXZHyRTEmekf94=", + "lastModified": 1674282107, + "narHash": "sha256-0wBK+1IMJdAkckR715ssMPFUhCAqRpRcppGwraiWREU=", "owner": "nix-community", "repo": "fenix", - "rev": "e228867146581fa5e4be25dafc0dd68fdd22f0ad", + "rev": "18fc1446c44e05165437c5900b95670166a09270", "type": "github" }, "original": { @@ -447,7 +445,7 @@ "hyprland": { "inputs": { "hyprland-protocols": "hyprland-protocols", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "wlroots": "wlroots", "xdph": "xdph" }, @@ -488,9 +486,7 @@ }, "hyprpaper": { "inputs": { - "nixpkgs": [ - "nixpkgs" - ] + "nixpkgs": "nixpkgs_4" }, "locked": { "lastModified": 1673799209, @@ -591,11 +587,11 @@ ] }, "locked": { - "lastModified": 1662220400, - "narHash": "sha256-9o2OGQqu4xyLZP9K6kNe1pTHnyPz0Wr3raGYnr9AIgY=", + "lastModified": 1671096816, + "narHash": "sha256-ezQCsNgmpUHdZANDCILm3RvtO1xH8uujk/+EqNvzIOg=", "owner": "nix-community", "repo": "naersk", - "rev": "6944160c19cb591eb85bbf9b2f2768a935623ed3", + "rev": "d998160d6a076cfe8f9741e56aeec7e267e3e114", "type": "github" }, "original": { @@ -607,7 +603,7 @@ "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_9" }, "locked": { "lastModified": 1633098935, @@ -656,9 +652,7 @@ "nixos-generators": { "inputs": { "nixlib": "nixlib", - "nixpkgs": [ - "nixpkgs" - ] + "nixpkgs": "nixpkgs_5" }, "locked": { "lastModified": 1674666581, @@ -739,70 +733,21 @@ "type": "github" } }, - "nixpkgs_2": { + "nixpkgs_10": { "locked": { - "lastModified": 1673540789, - "narHash": "sha256-xqnxBOK3qctIeUVxecydrEDbEXjsvHCPGPbvsl63M/U=", - "owner": "NixOS", + "lastModified": 1667318090, + "narHash": "sha256-AvxgT+t1BWZs8IfdseHl8+7wvWWm9pvysupMT9wXdH0=", + "owner": "serokell", "repo": "nixpkgs", - "rev": "0f213d0fee84280d8c3a97f7469b988d6fe5fcdf", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_22-11": { - "locked": { - "lastModified": 1674781052, - "narHash": "sha256-nseKFXRvmZ+BDAeWQtsiad+5MnvI/M2Ak9iAWzooWBw=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "cc4bb87f5457ba06af9ae57ee4328a49ce674b1b", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-22.11", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { - "locked": { - "lastModified": 1674890375, - "narHash": "sha256-KTFQ7AkKVLJPoGg1cRAekFDyvDPT8A6jGPAu1liFD74=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "4fe4a0e8abadd05d9e81923c13531ab1476d6fd3", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable-small", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { - "locked": { - "lastModified": 1632864508, - "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "82891b5e2c2359d7e58d08849e4c89511ab94234", + "rev": "4bce79cf151aad3c0bed46a32bdb4b165f00cb7e", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-21.05-small", "type": "indirect" } }, - "nixpkgs_5": { + "nixpkgs_11": { "locked": { "lastModified": 1670507980, "narHash": "sha256-riNZa0xzM1it3pzxciwALeMs+0CsBMWIW2FqulzK8vM=", @@ -818,20 +763,159 @@ "type": "github" } }, + "nixpkgs_2": { + "locked": { + "lastModified": 1663235518, + "narHash": "sha256-q8zLK6rK/CLXEguaPgm9yQJcY0VQtOBhAT9EV2UFK/A=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "2277e4c9010b0f27585eb0bed0a86d7cbc079354", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_22-11": { + "locked": { + "lastModified": 1674868155, + "narHash": "sha256-eFNm2h6fNbgD7ZpO4MHikCB5pSnCJ7DTmwPisjetmwc=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "ce20e9ebe1903ea2ba1ab006ec63093020c761cb", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1673540789, + "narHash": "sha256-xqnxBOK3qctIeUVxecydrEDbEXjsvHCPGPbvsl63M/U=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "0f213d0fee84280d8c3a97f7469b988d6fe5fcdf", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1658826464, + "narHash": "sha256-94ZTF0uIX/iZdiD4RJ5f933ak/OM4XLl7hF+gCa4Iuk=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "ce49cb7792a7ffd65ef352dda1110a4e4a204eac", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1637186689, + "narHash": "sha256-NU7BhgnwA/3ibmCeSzFK6xGi+Bari9mPfn+4cBmyEjw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "7fad01d9d5a3f82081c00fb57918d64145dc904c", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_6": { + "locked": { + "lastModified": 1674890375, + "narHash": "sha256-KTFQ7AkKVLJPoGg1cRAekFDyvDPT8A6jGPAu1liFD74=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "4fe4a0e8abadd05d9e81923c13531ab1476d6fd3", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable-small", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_7": { + "locked": { + "lastModified": 1673606088, + "narHash": "sha256-wdYD41UwNwPhTdMaG0AIe7fE1bAdyHe6bB4HLUqUvck=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "37b97ae3dd714de9a17923d004a2c5b5543dfa6d", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs_8": { + "locked": { + "lastModified": 1672580127, + "narHash": "sha256-3lW3xZslREhJogoOkjeZtlBtvFMyxHku7I/9IVehhT8=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "0874168639713f547c05947c76124f78441ea46c", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-22.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_9": { + "locked": { + "lastModified": 1632864508, + "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "82891b5e2c2359d7e58d08849e4c89511ab94234", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-21.05-small", + "type": "indirect" + } + }, "nixvim": { "inputs": { "beautysh": "beautysh", "flake-utils": "flake-utils_2", - "nixpkgs": [ - "nixpkgs" - ] + "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1674764325, - "narHash": "sha256-3YEOnDIfcHkoQn4ozY9EI4MVt/94SmwElLy8cDlvWbg=", + "lastModified": 1674917700, + "narHash": "sha256-4NSCMIeOZbXJ47h2gv5gKsk8iPx90jwU7UDxSy6gi+0=", "owner": "pta2002", "repo": "nixvim", - "rev": "8a0056617afbdef0a5dee89505e1e20c2798295f", + "rev": "8ef6945e7550f81352564a70796554e7997be5c1", "type": "github" }, "original": { @@ -930,21 +1014,18 @@ "inputs": { "fenix": "fenix", "naersk": "naersk_2", - "nixpkgs": [ - "nixpkgs" - ] + "nixpkgs": "nixpkgs_8" }, "locked": { - "lastModified": 1665591116, - "narHash": "sha256-AehqoWu7dmQqsd7TwP1B6deis41v1bJH98suLVNB2qs=", + "lastModified": 1674753546, + "narHash": "sha256-rqkvIQ71xZ2Am2Vhhxl0TCbl/k8nxfmSC5cDieHLfbI=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "81d12433859a012b68e15aeb8f2224c7790b8002", + "rev": "a35e66326f2ffb3ce8a6d0b8180b87ce7260a9be", "type": "github" }, "original": { "owner": "DeterminateSystems", - "ref": "cole/ds-285-use-rustup-based-rustc-and-cargo", "repo": "riff", "type": "github" } @@ -959,7 +1040,7 @@ "mailserver": "mailserver", "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_6", "nixpkgs_22-11": "nixpkgs_22-11", "nixvim": "nixvim", "nur": "nur", @@ -971,11 +1052,11 @@ "rust-analyzer-src": { "flake": false, "locked": { - "lastModified": 1662066014, - "narHash": "sha256-DE4FsE2sxd9nFtG+8+lnv/IBbtf+6rAlKjIdfpWN488=", + "lastModified": 1674253028, + "narHash": "sha256-OzdEJpxIZw50DuZ1aBJlZnJ/GxHfKhexhn4Eu53YnEo=", "owner": "rust-lang", "repo": "rust-analyzer", - "rev": "93c52e41ec0d297c7512adf5936d8c464c820618", + "rev": "9a6294d7038e7eab00beafdf64ec4aa50a4c66a2", "type": "github" }, "original": { @@ -1083,9 +1164,7 @@ "flake-compat": "flake-compat_4", "flake-utils": "flake-utils_3", "nix": "nix", - "nixpkgs": [ - "nixpkgs" - ] + "nixpkgs": "nixpkgs_10" }, "locked": { "lastModified": 1674127129, @@ -1104,7 +1183,7 @@ "webcord": { "inputs": { "dream2nix": "dream2nix", - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_11", "webcord": "webcord_2" }, "locked": { diff --git a/flake.nix b/flake.nix index 3298804e..50a8b20a 100644 --- a/flake.nix +++ b/flake.nix @@ -1,7 +1,7 @@ { description = "0x76's infrastructure"; - # Based on: + # Based on: # * https://github.com/serokell/pegasus-infra/blob/master/flake.nix # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix @@ -17,32 +17,25 @@ colmena.url = "github:zhaofengli/colmena"; vault-secrets.url = "github:serokell/vault-secrets"; - vault-secrets.inputs.nixpkgs.follows = "nixpkgs"; home-manager.url = "github:nix-community/home-manager"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; hyprland.url = "github:hyprwm/Hyprland"; hyprpaper.url = "github:hyprwm/hyprpaper"; - hyprpaper.inputs.nixpkgs.follows = "nixpkgs"; - riff.url = - "github:DeterminateSystems/riff/cole/ds-285-use-rustup-based-rustc-and-cargo"; - riff.inputs.nixpkgs.follows = "nixpkgs"; + riff.url = "github:DeterminateSystems/riff"; webcord.url = "github:fufexan/webcord-flake"; comma.url = "github:nix-community/comma"; - comma.inputs.nixpkgs.follows = "nixpkgs"; mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver"; mailserver.inputs.nixpkgs.follows = "nixpkgs"; nixvim.url = "github:pta2002/nixvim"; - nixvim.inputs.nixpkgs.follows = "nixpkgs"; nixos-generators.url = "github:nix-community/nixos-generators"; - nixos-generators.inputs.nixpkgs.follows = "nixpkgs"; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; }; diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index ea22c85a..07425f6d 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -14,7 +14,7 @@ # Bootloader. boot = { kernelPackages = pkgs.linuxPackages_latest; - # kernelPackages = pkgs.linuxKernel.packages.linux_zen; + # kernelPackages = pkgs.linuxKernel.packages.linux_zen; loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; @@ -115,6 +115,7 @@ programs.ccache.enable = true; programs.ccache.packageNames = [ "evolution-data-server" + "mongodb" ]; nix.settings.extra-sandbox-paths = [ (toString config.programs.ccache.cacheDir) ]; -- 2.47.1 From b7d43541a1c5a7178dfee9009e8aac9014b6ffce Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 28 Jan 2023 22:01:43 +0000 Subject: [PATCH 0708/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 772f2da9..2955bab8 100644 --- a/flake.lock +++ b/flake.lock @@ -842,11 +842,11 @@ }, "nur": { "locked": { - "lastModified": 1674935082, - "narHash": "sha256-dmC6iKS2biE9Pl+kCvvR7jdrZCC/rX5U5vfk3NdMS1o=", + "lastModified": 1674942275, + "narHash": "sha256-H4E1M7erhF3JKm8S3OnjAUrPHJCEVrmwrDW/tbNCL60=", "owner": "nix-community", "repo": "NUR", - "rev": "be36aaf543b636d7e62f65e55dabe932730f3f7a", + "rev": "d0585ac23ddf3385a5a51768b9ab8ca8ade0a137", "type": "github" }, "original": { -- 2.47.1 From 7f4519df38c3b16f67214d022e15da67bc563671 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 28 Jan 2023 23:02:02 +0000 Subject: [PATCH 0709/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 2955bab8..af464a19 100644 --- a/flake.lock +++ b/flake.lock @@ -842,11 +842,11 @@ }, "nur": { "locked": { - "lastModified": 1674942275, - "narHash": "sha256-H4E1M7erhF3JKm8S3OnjAUrPHJCEVrmwrDW/tbNCL60=", + "lastModified": 1674945972, + "narHash": "sha256-BfNnYn3iKm6tL4HLDtk/X0f6uPWTToVPxiNe9asWDmk=", "owner": "nix-community", "repo": "NUR", - "rev": "d0585ac23ddf3385a5a51768b9ab8ca8ade0a137", + "rev": "3ccb2c06d5be111aa3bbc36c7f30dd10a69b9a7a", "type": "github" }, "original": { -- 2.47.1 From 96dbfefe3a2ead72aadd64b5524055a8eaea268b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 29 Jan 2023 03:01:30 +0000 Subject: [PATCH 0710/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index af464a19..0a0a9eca 100644 --- a/flake.lock +++ b/flake.lock @@ -842,11 +842,11 @@ }, "nur": { "locked": { - "lastModified": 1674945972, - "narHash": "sha256-BfNnYn3iKm6tL4HLDtk/X0f6uPWTToVPxiNe9asWDmk=", + "lastModified": 1674958303, + "narHash": "sha256-o/o7fRQbUPMFOklqpEeMfs6SbJPDtZdFsaky3oT9OYE=", "owner": "nix-community", "repo": "NUR", - "rev": "3ccb2c06d5be111aa3bbc36c7f30dd10a69b9a7a", + "rev": "a998fbc8615d6481ee82b147ce1c7a6bb5e44c01", "type": "github" }, "original": { -- 2.47.1 From a089a782e64243f2dd84d3fc4b6f709c3983f15b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 29 Jan 2023 04:02:13 +0000 Subject: [PATCH 0711/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 0a0a9eca..a1d03d90 100644 --- a/flake.lock +++ b/flake.lock @@ -842,11 +842,11 @@ }, "nur": { "locked": { - "lastModified": 1674958303, - "narHash": "sha256-o/o7fRQbUPMFOklqpEeMfs6SbJPDtZdFsaky3oT9OYE=", + "lastModified": 1674963970, + "narHash": "sha256-r1sprKFlDLEpqkfKljrEx91mXaJQ+peLCOyiRDFg3j0=", "owner": "nix-community", "repo": "NUR", - "rev": "a998fbc8615d6481ee82b147ce1c7a6bb5e44c01", + "rev": "546520ea8522e989db65410d6783bedeab2771af", "type": "github" }, "original": { -- 2.47.1 From 26881fcf656cffbdc2d06233efb3593ce88c8d01 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 29 Jan 2023 07:01:33 +0000 Subject: [PATCH 0712/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index a1d03d90..97baebc1 100644 --- a/flake.lock +++ b/flake.lock @@ -842,11 +842,11 @@ }, "nur": { "locked": { - "lastModified": 1674963970, - "narHash": "sha256-r1sprKFlDLEpqkfKljrEx91mXaJQ+peLCOyiRDFg3j0=", + "lastModified": 1674974682, + "narHash": "sha256-5+6uPK6xPIXARWwudCdcfLIp8wURIzveiTwi5rn0FHA=", "owner": "nix-community", "repo": "NUR", - "rev": "546520ea8522e989db65410d6783bedeab2771af", + "rev": "790763ba5471ecc3089366a19da6f9752a68d9f3", "type": "github" }, "original": { -- 2.47.1 From a66f4a2dca080abba1c89fea002341c54309bfb8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 29 Jan 2023 11:01:19 +0000 Subject: [PATCH 0713/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 6e01ce08..ae6dc13a 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1674916711, - "narHash": "sha256-8v0pdh5G7K2TvXWw1HylgThpDWEYvnntuCtnJCdqtHA=", + "lastModified": 1674947309, + "narHash": "sha256-2h+r97XW2riPwejhe8MRNUGakyhEdSldw0BfWpCQafw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "99563190d585896d7ddb43ea448a95574dfa2373", + "rev": "4c4b377a23282b516bc991f0bc928d91dc28994a", "type": "github" }, "original": { -- 2.47.1 From 95fe5b51f4c2633365d610c3bd40c2affb66cc91 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 29 Jan 2023 13:02:51 +0000 Subject: [PATCH 0714/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index ae6dc13a..a8582689 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674930518, - "narHash": "sha256-EVusv/SJYQHOY/6VmxXC2IFSFtQhrIk6/b0ugd6lxDk=", + "lastModified": 1674996278, + "narHash": "sha256-Qo+suK+e/5xG9SUlUHOcALQHInZkB/mDs+VPkezT7tQ=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "ce632b7a05a27d121c9544607ccd873adee8bd42", + "rev": "c3adc9ec56020446fdf8953254757392b4634bbd", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1674981967, - "narHash": "sha256-aSEQv63tfQ4+LAJBotBHaErtkLA6c01q4mY7xsKHg4U=", + "lastModified": 1674994733, + "narHash": "sha256-+73mJ5DwCZCh5sZlD5Pssbtfe88uIcZoO9Ob6KsVg40=", "owner": "nix-community", "repo": "NUR", - "rev": "fc2a9823dd0b99f740013ad480dae07a956b18e7", + "rev": "d51f7d8586ee0179e84617649f42f9a5646dd708", "type": "github" }, "original": { -- 2.47.1 From a1bcad9381d9b2f2a7395424762a07c3e5ca9df1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 29 Jan 2023 14:03:08 +0000 Subject: [PATCH 0715/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index a8582689..f15762d3 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674996278, - "narHash": "sha256-Qo+suK+e/5xG9SUlUHOcALQHInZkB/mDs+VPkezT7tQ=", + "lastModified": 1675000727, + "narHash": "sha256-hCEzyH+62+HHjMtatZkjQyQH8DRI34p70LVBSUkiP7w=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "c3adc9ec56020446fdf8953254757392b4634bbd", + "rev": "3d83a0bc5f537b8909da1df1f0ec67809067959b", "type": "github" }, "original": { @@ -489,11 +489,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1673799209, - "narHash": "sha256-GMRM1IyIuDEzjEw5E4zWI/TCg3zWs65v86NuR+BAtW0=", + "lastModified": 1675000808, + "narHash": "sha256-4VscY0xusRTm1jJ14ae6XJiP0wZZtZdM5w5/5xMZ8k8=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "f77a664e9d168fb7b332ede9db4a3e35a46dd6c5", + "rev": "b8d2b97e13fe3e45fa2e88594540717915ff0ca1", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1674994733, - "narHash": "sha256-+73mJ5DwCZCh5sZlD5Pssbtfe88uIcZoO9Ob6KsVg40=", + "lastModified": 1674999880, + "narHash": "sha256-mmALt2MFFLsJj0wddOxLqTg453wtPskS00U1TD120FA=", "owner": "nix-community", "repo": "NUR", - "rev": "d51f7d8586ee0179e84617649f42f9a5646dd708", + "rev": "1955f5e2c384d156efcc0b4ce7a0f635c3ea0997", "type": "github" }, "original": { -- 2.47.1 From 46859a5bcf0a3db44da06dda3a6820c6bb9d2888 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 29 Jan 2023 15:02:06 +0000 Subject: [PATCH 0716/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index f15762d3..52260cb5 100644 --- a/flake.lock +++ b/flake.lock @@ -489,11 +489,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1675000808, - "narHash": "sha256-4VscY0xusRTm1jJ14ae6XJiP0wZZtZdM5w5/5xMZ8k8=", + "lastModified": 1675002309, + "narHash": "sha256-iAlKu/rQwDa/zAXeKHzVR8Zp+BJLEDln82ITLe/Q7FI=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "b8d2b97e13fe3e45fa2e88594540717915ff0ca1", + "rev": "0a7fab1ca96d90cb5769b70fe7cb5ace498e341c", "type": "github" }, "original": { @@ -813,11 +813,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1658826464, - "narHash": "sha256-94ZTF0uIX/iZdiD4RJ5f933ak/OM4XLl7hF+gCa4Iuk=", + "lastModified": 1674641431, + "narHash": "sha256-qfo19qVZBP4qn5M5gXc/h1MDgAtPA5VxJm9s8RUAkVk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ce49cb7792a7ffd65ef352dda1110a4e4a204eac", + "rev": "9b97ad7b4330aacda9b2343396eb3df8a853b4fc", "type": "github" }, "original": { -- 2.47.1 From c1e1519d1a5147b14568f5d19f687a2a22accf59 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 29 Jan 2023 17:14:52 +0100 Subject: [PATCH 0717/1882] update overseerr --- nixos/hosts/hades/overseerr/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/overseerr/configuration.nix b/nixos/hosts/hades/overseerr/configuration.nix index 76ff5795..d192b2ea 100644 --- a/nixos/hosts/hades/overseerr/configuration.nix +++ b/nixos/hosts/hades/overseerr/configuration.nix @@ -26,7 +26,7 @@ backend = "podman"; containers = { overseerr = { - image = "ghcr.io/sct/overseerr:1.31.0"; + image = "ghcr.io/sct/overseerr:1.32.4"; environment = { # LOG_LEVEL = "debug"; TZ = "Europe/Amsterdam"; -- 2.47.1 From 443ecfdfe300857a09a946acbbaed060ff66f921 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 29 Jan 2023 17:01:29 +0000 Subject: [PATCH 0718/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 52260cb5..9cd8b13e 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675000727, - "narHash": "sha256-hCEzyH+62+HHjMtatZkjQyQH8DRI34p70LVBSUkiP7w=", + "lastModified": 1675009574, + "narHash": "sha256-i0OGTOWtjfSPYk/pP3u0zmk1uRvKN4L/Kf0nwHSghjw=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "3d83a0bc5f537b8909da1df1f0ec67809067959b", + "rev": "5d35c0432b70e2d5e82296caf7f496dc4612f3e5", "type": "github" }, "original": { @@ -489,11 +489,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1675002309, - "narHash": "sha256-iAlKu/rQwDa/zAXeKHzVR8Zp+BJLEDln82ITLe/Q7FI=", + "lastModified": 1675010546, + "narHash": "sha256-mx2WkCa2yUaZakioiLY7dHrU0fZS2szlqghbDbc34RE=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "0a7fab1ca96d90cb5769b70fe7cb5ace498e341c", + "rev": "0c2386861afbb10c8c5eb6de868fa2a519df2907", "type": "github" }, "original": { -- 2.47.1 From 5d1b50659dfe24167f25e81299d3497136fc234b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 29 Jan 2023 18:01:45 +0000 Subject: [PATCH 0719/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 9cd8b13e..6f8e4663 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675009574, - "narHash": "sha256-i0OGTOWtjfSPYk/pP3u0zmk1uRvKN4L/Kf0nwHSghjw=", + "lastModified": 1675011775, + "narHash": "sha256-kMQxMitimccnW5DW8xVjxmtCGKPcx8z15UQ4qS8d6u0=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "5d35c0432b70e2d5e82296caf7f496dc4612f3e5", + "rev": "32381fe6c4e33232401d7a74f587ee7296a61fcf", "type": "github" }, "original": { -- 2.47.1 From cb751b54598de1e892e146f3670efeb4945858d4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 29 Jan 2023 20:01:40 +0000 Subject: [PATCH 0720/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 6f8e4663..1bcd4bbf 100644 --- a/flake.lock +++ b/flake.lock @@ -88,11 +88,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1674888748, - "narHash": "sha256-NJ/wtclMjmj8EW+u4fHcvC1QVZgu6aGMPHW5+yirrjU=", + "lastModified": 1675019967, + "narHash": "sha256-AD9udouBmfWxmsM1j6eNCu+HEB9E41+fA3XRIb765LU=", "owner": "zhaofengli", "repo": "colmena", - "rev": "9cb84136021796647885afa9b04646ce6bf72a55", + "rev": "7602e548a78932bd28a7e2f621b3d62b4124e993", "type": "github" }, "original": { -- 2.47.1 From 9cd0c212811b4eb13aae485a728ba1536a08a04c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 29 Jan 2023 21:01:54 +0000 Subject: [PATCH 0721/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1bcd4bbf..25199e1a 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1674947309, - "narHash": "sha256-2h+r97XW2riPwejhe8MRNUGakyhEdSldw0BfWpCQafw=", + "lastModified": 1674980695, + "narHash": "sha256-q2VCzF3+QM78FojBkohVnOREsRXdUGRqg4B8IStW2sk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4c4b377a23282b516bc991f0bc928d91dc28994a", + "rev": "6224e5c235b22661b36ee9884405b9f441da9b66", "type": "github" }, "original": { -- 2.47.1 From d19970746499d15ed532d04fdce3f0580662b12f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 29 Jan 2023 23:02:06 +0000 Subject: [PATCH 0722/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 25199e1a..7ce8cd85 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1674999880, - "narHash": "sha256-mmALt2MFFLsJj0wddOxLqTg453wtPskS00U1TD120FA=", + "lastModified": 1675032287, + "narHash": "sha256-zAykcNSuqQKGbIDhCyft598am9KSlM3uVTorJw0IiNo=", "owner": "nix-community", "repo": "NUR", - "rev": "1955f5e2c384d156efcc0b4ce7a0f635c3ea0997", + "rev": "0fac6f8a6838ebc1824f7a749b8b7a3d61439633", "type": "github" }, "original": { -- 2.47.1 From d78971b0e820e5ca7e0305e94c9bcd9f8ecb9749 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 30 Jan 2023 00:01:49 +0000 Subject: [PATCH 0723/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 7ce8cd85..6bd5c5e2 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675032287, - "narHash": "sha256-zAykcNSuqQKGbIDhCyft598am9KSlM3uVTorJw0IiNo=", + "lastModified": 1675035869, + "narHash": "sha256-h1pQsoyuhySwumBMWhgICesgn1V72Z7TKA6fQ9YyuM8=", "owner": "nix-community", "repo": "NUR", - "rev": "0fac6f8a6838ebc1824f7a749b8b7a3d61439633", + "rev": "b975571c7da38771c23b4bf4e40372413d7bced1", "type": "github" }, "original": { -- 2.47.1 From bbb36d57fdfd281037580f052e5fcaa59e2fce5e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 30 Jan 2023 03:01:40 +0000 Subject: [PATCH 0724/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 6bd5c5e2..64d9b6bb 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1674980695, - "narHash": "sha256-q2VCzF3+QM78FojBkohVnOREsRXdUGRqg4B8IStW2sk=", + "lastModified": 1675030625, + "narHash": "sha256-jjzFGjMfL2SwFa6lP6mD7KRWpUiQkzfH+lAhA4xUcRw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6224e5c235b22661b36ee9884405b9f441da9b66", + "rev": "bea4062a62e18615421e8f4ce7bc339529f1c106", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675035869, - "narHash": "sha256-h1pQsoyuhySwumBMWhgICesgn1V72Z7TKA6fQ9YyuM8=", + "lastModified": 1675044164, + "narHash": "sha256-irMq1XlAPmjELS013PB/NAWx2pAztE06f/vGF8TH5Ew=", "owner": "nix-community", "repo": "NUR", - "rev": "b975571c7da38771c23b4bf4e40372413d7bced1", + "rev": "750b33c850729372896773544b2b67fd64500ba9", "type": "github" }, "original": { -- 2.47.1 From a732f91644664590b4081f1133f7e11c417aa655 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 30 Jan 2023 05:01:46 +0000 Subject: [PATCH 0725/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 64d9b6bb..bc42d0fc 100644 --- a/flake.lock +++ b/flake.lock @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1674868155, - "narHash": "sha256-eFNm2h6fNbgD7ZpO4MHikCB5pSnCJ7DTmwPisjetmwc=", + "lastModified": 1674971084, + "narHash": "sha256-YxBWj2t75Jun+NJUwr2vvtcfLwvGcazSo+pnNxpt+tU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "ce20e9ebe1903ea2ba1ab006ec63093020c761cb", + "rev": "22c4a7a4796a91c297a7e59078a84ec29515f86e", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675044164, - "narHash": "sha256-irMq1XlAPmjELS013PB/NAWx2pAztE06f/vGF8TH5Ew=", + "lastModified": 1675051869, + "narHash": "sha256-Ajz+dFKeZFdCzYjfUZt1zJvMHbZGi8GkzX4gDR3j7ok=", "owner": "nix-community", "repo": "NUR", - "rev": "750b33c850729372896773544b2b67fd64500ba9", + "rev": "7bfc5c30aa9578174d6db70f68f23a2f33bc3c11", "type": "github" }, "original": { -- 2.47.1 From 2ae6981f3e93b8875019e91ecdd43ce09a887ab6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 30 Jan 2023 11:00:20 +0000 Subject: [PATCH 0726/1882] chore(deps): update renovate/renovate docker tag to v34.117.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index ff4f8d68..a54961c1 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.116.1 + image: renovate/renovate:34.117.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From b3caec95e6166c64609c41cc5859c54d5e78cc2f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 30 Jan 2023 12:02:06 +0000 Subject: [PATCH 0727/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index bc42d0fc..62dc71f5 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675030625, - "narHash": "sha256-jjzFGjMfL2SwFa6lP6mD7KRWpUiQkzfH+lAhA4xUcRw=", + "lastModified": 1675060719, + "narHash": "sha256-stYpEUOrdl/iS9wci1rXveBRJolshs/G8KoFrpWviHI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "bea4062a62e18615421e8f4ce7bc339529f1c106", + "rev": "b21240601d07108a391e5767c6d1d3b47bd7ff6f", "type": "github" }, "original": { -- 2.47.1 From b3804118fa668e352ad035f1e4604ac35b5c94cd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 30 Jan 2023 14:01:20 +0000 Subject: [PATCH 0728/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 62dc71f5..3f50f0e1 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675011775, - "narHash": "sha256-kMQxMitimccnW5DW8xVjxmtCGKPcx8z15UQ4qS8d6u0=", + "lastModified": 1675087202, + "narHash": "sha256-JiVm+duHppxumf5n/2b2uoQTQlQTHvSxxEE0cg+0ZYs=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "32381fe6c4e33232401d7a74f587ee7296a61fcf", + "rev": "d4e2a0fd1635d90043e38d47931e7132ebcde559", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675051869, - "narHash": "sha256-Ajz+dFKeZFdCzYjfUZt1zJvMHbZGi8GkzX4gDR3j7ok=", + "lastModified": 1675084075, + "narHash": "sha256-8hjyi3IKke9VCDrsYKHjNnmqCSZVIQT+foZC0zIds3M=", "owner": "nix-community", "repo": "NUR", - "rev": "7bfc5c30aa9578174d6db70f68f23a2f33bc3c11", + "rev": "01b0a099b9c3ba33f24816f790fa5bca29a06d14", "type": "github" }, "original": { -- 2.47.1 From 0f60cb12fe65c6e65bb9abacc8eca63acef71ee6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 30 Jan 2023 15:01:50 +0000 Subject: [PATCH 0729/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 3f50f0e1..20d931be 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675084075, - "narHash": "sha256-8hjyi3IKke9VCDrsYKHjNnmqCSZVIQT+foZC0zIds3M=", + "lastModified": 1675089990, + "narHash": "sha256-VN70n9I7A4b9kmKoND1ACxWoNyK436Xw9QJJrzer9x0=", "owner": "nix-community", "repo": "NUR", - "rev": "01b0a099b9c3ba33f24816f790fa5bca29a06d14", + "rev": "167df43c426fb5a39086691f59bda8b6ee3f7b73", "type": "github" }, "original": { -- 2.47.1 From 157757974d2c43a1f1bf933d5685f2877edabcdf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 30 Jan 2023 16:02:10 +0000 Subject: [PATCH 0730/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 20d931be..83bc552d 100644 --- a/flake.lock +++ b/flake.lock @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1674971084, - "narHash": "sha256-YxBWj2t75Jun+NJUwr2vvtcfLwvGcazSo+pnNxpt+tU=", + "lastModified": 1675061157, + "narHash": "sha256-F7/F65ZFWbq7cKSiV3K2acxCv64jKaZZ/K0A3VNT2kA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "22c4a7a4796a91c297a7e59078a84ec29515f86e", + "rev": "f413457e0dd7a42adefdbcea4391dd9751509025", "type": "github" }, "original": { -- 2.47.1 From ad06999e0592a5ab94a13a83e4ae93c3b39cb92c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 30 Jan 2023 17:02:07 +0000 Subject: [PATCH 0731/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 83bc552d..906ea29c 100644 --- a/flake.lock +++ b/flake.lock @@ -1017,11 +1017,11 @@ "nixpkgs": "nixpkgs_8" }, "locked": { - "lastModified": 1674753546, - "narHash": "sha256-rqkvIQ71xZ2Am2Vhhxl0TCbl/k8nxfmSC5cDieHLfbI=", + "lastModified": 1675097940, + "narHash": "sha256-A9jcSNaC4Mp1EAq4Km9YckU0abnAfQUiOtBhQXaPrQI=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "a35e66326f2ffb3ce8a6d0b8180b87ce7260a9be", + "rev": "a56f088aa328562f2631b73e103dc5304774b651", "type": "github" }, "original": { -- 2.47.1 From 6c85fdedde00f717818621c6df00197782501d79 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 30 Jan 2023 19:00:22 +0000 Subject: [PATCH 0732/1882] chore(deps): update renovate/renovate docker tag to v34.117.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index a54961c1..ad3cff1d 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.117.0 + image: renovate/renovate:34.117.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 7f5f683137488a6cce1db439a73d39d7c1a817e4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 30 Jan 2023 20:02:02 +0000 Subject: [PATCH 0733/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 906ea29c..42a5c918 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675089990, - "narHash": "sha256-VN70n9I7A4b9kmKoND1ACxWoNyK436Xw9QJJrzer9x0=", + "lastModified": 1675107978, + "narHash": "sha256-amNM84snUqaAGcL5n2bCWu02/LpHNENiYnoFUejgJrE=", "owner": "nix-community", "repo": "NUR", - "rev": "167df43c426fb5a39086691f59bda8b6ee3f7b73", + "rev": "f19dcea1d7b1412aacafdd861d578d77a14cda8e", "type": "github" }, "original": { @@ -1017,11 +1017,11 @@ "nixpkgs": "nixpkgs_8" }, "locked": { - "lastModified": 1675097940, - "narHash": "sha256-A9jcSNaC4Mp1EAq4Km9YckU0abnAfQUiOtBhQXaPrQI=", + "lastModified": 1675101795, + "narHash": "sha256-MU/ou/TXaDcxVaX/I9QlRMAfDA5uGNpHiZPj4+GfoR4=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "a56f088aa328562f2631b73e103dc5304774b651", + "rev": "6b7770385461c62086c7bee1eefa3dea0b32e61b", "type": "github" }, "original": { -- 2.47.1 From 5fcf6921b9b68f94940423a7f3563869e7ea8772 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 30 Jan 2023 21:05:55 +0000 Subject: [PATCH 0734/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 42a5c918..baffc147 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675107978, - "narHash": "sha256-amNM84snUqaAGcL5n2bCWu02/LpHNENiYnoFUejgJrE=", + "lastModified": 1675111587, + "narHash": "sha256-wkVDFmwDeitir9+vPUnzaegUiJbOcT0zu5dmBYTqf7I=", "owner": "nix-community", "repo": "NUR", - "rev": "f19dcea1d7b1412aacafdd861d578d77a14cda8e", + "rev": "8d684470d26821c203c273086b6b00771cbc168e", "type": "github" }, "original": { -- 2.47.1 From cfc7f5f5efb96fa17b3428bad92b1ef240cf9a3a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Jan 2023 01:01:32 +0000 Subject: [PATCH 0735/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index baffc147..a888b08f 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675087202, - "narHash": "sha256-JiVm+duHppxumf5n/2b2uoQTQlQTHvSxxEE0cg+0ZYs=", + "lastModified": 1675124775, + "narHash": "sha256-dez2Fr+rKxFfj2OLtKEJdfQQz7oy90FnV3y/hic8Gv0=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "d4e2a0fd1635d90043e38d47931e7132ebcde559", + "rev": "11234529dbc5f85fc46df479f563c2c563afe9c2", "type": "github" }, "original": { @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675060719, - "narHash": "sha256-stYpEUOrdl/iS9wci1rXveBRJolshs/G8KoFrpWviHI=", + "lastModified": 1675101789, + "narHash": "sha256-H3y8LwXe1k6PoXQe1rlESPc1YbFJst5RGp+qbbIi00U=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b21240601d07108a391e5767c6d1d3b47bd7ff6f", + "rev": "a13272db2ff318aa3338244f7380946dcc623e4a", "type": "github" }, "original": { -- 2.47.1 From 365a33063a6c0e618ec7cba08787053a6e886c27 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Jan 2023 03:01:18 +0000 Subject: [PATCH 0736/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index a888b08f..00ec0b23 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675111587, - "narHash": "sha256-wkVDFmwDeitir9+vPUnzaegUiJbOcT0zu5dmBYTqf7I=", + "lastModified": 1675133004, + "narHash": "sha256-ZGuJ+M5t4Q6OjFrAkEncMsZwaIHUp2V0axNw7S/Qxyk=", "owner": "nix-community", "repo": "NUR", - "rev": "8d684470d26821c203c273086b6b00771cbc168e", + "rev": "dde9c0b9de05fbc66aed375f247a0c72bd24a1c3", "type": "github" }, "original": { -- 2.47.1 From ca2dbeaac20efb35a66f6ded9a6244234e85a2a6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Jan 2023 04:01:47 +0000 Subject: [PATCH 0737/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 00ec0b23..642db81c 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675133004, - "narHash": "sha256-ZGuJ+M5t4Q6OjFrAkEncMsZwaIHUp2V0axNw7S/Qxyk=", + "lastModified": 1675136345, + "narHash": "sha256-x2nY7E3J5um+OMVBT8ahEUXPHTyzdws4FIxoJ79CvYQ=", "owner": "nix-community", "repo": "NUR", - "rev": "dde9c0b9de05fbc66aed375f247a0c72bd24a1c3", + "rev": "af9df147753f07e15a8d2e13bb77d4c653798618", "type": "github" }, "original": { -- 2.47.1 From f6375dc86e1be782c71e5b021e54c44b20f8090f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Jan 2023 05:01:59 +0000 Subject: [PATCH 0738/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 642db81c..5564c771 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675136345, - "narHash": "sha256-x2nY7E3J5um+OMVBT8ahEUXPHTyzdws4FIxoJ79CvYQ=", + "lastModified": 1675140103, + "narHash": "sha256-bhciJA71FAvBGmg0mu6M8nVk25usM0wfkZ0ywGKC6bg=", "owner": "nix-community", "repo": "NUR", - "rev": "af9df147753f07e15a8d2e13bb77d4c653798618", + "rev": "09d7afdeac34cd07a4cf85ec9f3d490504121721", "type": "github" }, "original": { -- 2.47.1 From 7acb3d8ee94560ef71cd7c651107531a8706e93b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Jan 2023 08:00:22 +0000 Subject: [PATCH 0739/1882] chore(deps): update renovate/renovate docker tag to v34.117.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index ad3cff1d..1e29f4af 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.117.1 + image: renovate/renovate:34.117.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From da63d7d44455dadd93d77fb1f6c78d95315a85c2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Jan 2023 09:02:03 +0000 Subject: [PATCH 0740/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 5564c771..8714e934 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675140103, - "narHash": "sha256-bhciJA71FAvBGmg0mu6M8nVk25usM0wfkZ0ywGKC6bg=", + "lastModified": 1675154758, + "narHash": "sha256-Y9FjdvIJLoG7QZG8uCJsg3kYZwIIQ274AVMmHd9qAQ0=", "owner": "nix-community", "repo": "NUR", - "rev": "09d7afdeac34cd07a4cf85ec9f3d490504121721", + "rev": "68d7d45056ab17a650822323bbb1ed560880cc2a", "type": "github" }, "original": { -- 2.47.1 From fa57a83aa3cc71991ac4e4c96a1cdba6607ac70d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Jan 2023 11:00:22 +0000 Subject: [PATCH 0741/1882] chore(deps): update renovate/renovate docker tag to v34.118.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 1e29f4af..63282f0a 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.117.2 + image: renovate/renovate:34.118.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From a348228520e54a36182b3822e353ed71b46eeabf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Jan 2023 12:01:56 +0000 Subject: [PATCH 0742/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 8714e934..005d2434 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675101789, - "narHash": "sha256-H3y8LwXe1k6PoXQe1rlESPc1YbFJst5RGp+qbbIi00U=", + "lastModified": 1675154944, + "narHash": "sha256-MeS1J+f1/7Sk1hhjolkjnsBjUyn1W4wIf48EC6X/m3s=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a13272db2ff318aa3338244f7380946dcc623e4a", + "rev": "7095515e486805602532f2341b2d547fdf142d5a", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675154758, - "narHash": "sha256-Y9FjdvIJLoG7QZG8uCJsg3kYZwIIQ274AVMmHd9qAQ0=", + "lastModified": 1675165489, + "narHash": "sha256-3jYlBngdJfT3aEuNzNfvUAx3tHoVFfN7Nw+4jSvMYqQ=", "owner": "nix-community", "repo": "NUR", - "rev": "68d7d45056ab17a650822323bbb1ed560880cc2a", + "rev": "9b2edf2ed1ebd33068cb20d9fc0b7412cebc7d91", "type": "github" }, "original": { -- 2.47.1 From cdd4d4912fb78e1cdc79892675d9ab98d529c59d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Jan 2023 13:04:56 +0000 Subject: [PATCH 0743/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 005d2434..97d71945 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675124775, - "narHash": "sha256-dez2Fr+rKxFfj2OLtKEJdfQQz7oy90FnV3y/hic8Gv0=", + "lastModified": 1675168163, + "narHash": "sha256-dNHfiGF+cIyKI+F5T/6s8aWFiXonfcbEx5zg8lntkK8=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "11234529dbc5f85fc46df479f563c2c563afe9c2", + "rev": "85c07c2fe0427ab5603addcef0e6b7cc211e1af7", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675165489, - "narHash": "sha256-3jYlBngdJfT3aEuNzNfvUAx3tHoVFfN7Nw+4jSvMYqQ=", + "lastModified": 1675168758, + "narHash": "sha256-QJGSDRSQA13xvDS9k6+Gw+uEC/xCPMG8Zswfc/2GSyA=", "owner": "nix-community", "repo": "NUR", - "rev": "9b2edf2ed1ebd33068cb20d9fc0b7412cebc7d91", + "rev": "55246f50464663fbb5ccd54491f4630eddef7067", "type": "github" }, "original": { -- 2.47.1 From b126c255e758ad3491f889951ccb06bc4a4d4a3a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Jan 2023 14:01:50 +0000 Subject: [PATCH 0744/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 97d71945..1b3ca62d 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675168758, - "narHash": "sha256-QJGSDRSQA13xvDS9k6+Gw+uEC/xCPMG8Zswfc/2GSyA=", + "lastModified": 1675170518, + "narHash": "sha256-1XR9F/GasV6bK8XfiOXC6vCEcNhSKnH4GmuS7xxx2HA=", "owner": "nix-community", "repo": "NUR", - "rev": "55246f50464663fbb5ccd54491f4630eddef7067", + "rev": "46dab69a94d4489c5b428ea710ceeebac6aeccd2", "type": "github" }, "original": { -- 2.47.1 From 4c6354b4624aa0e2d88f7d6d8daede3a46c2220d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Jan 2023 16:01:30 +0000 Subject: [PATCH 0745/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 1b3ca62d..aa88dd61 100644 --- a/flake.lock +++ b/flake.lock @@ -109,11 +109,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1673735094, - "narHash": "sha256-eshv1LSazs/RAeEn6AaTr8bMVkNDQa0/q8PWrO/CmOk=", + "lastModified": 1675178298, + "narHash": "sha256-5M2VVrYH+IAa1P7Qz9gUPS3YNdqeVOoa1riV8eTtoYE=", "owner": "nix-community", "repo": "comma", - "rev": "b99c7130d20cdf53a663ffcdd76359c9bec5aecb", + "rev": "0c208e098bfe57556bcdea1e2faaf5c08cce4482", "type": "github" }, "original": { @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1675061157, - "narHash": "sha256-F7/F65ZFWbq7cKSiV3K2acxCv64jKaZZ/K0A3VNT2kA=", + "lastModified": 1675154384, + "narHash": "sha256-gUXzyTS3WsO3g2Rz0qOYR2a26whkyL2UfTr1oPH9mm8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f413457e0dd7a42adefdbcea4391dd9751509025", + "rev": "0218941ea68b4c625533bead7bbb94ccce52dceb", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675170518, - "narHash": "sha256-1XR9F/GasV6bK8XfiOXC6vCEcNhSKnH4GmuS7xxx2HA=", + "lastModified": 1675179969, + "narHash": "sha256-fwhCOf9OEqkxQS9EzTH/qBn5K4KQZHsh2q61dHOKEts=", "owner": "nix-community", "repo": "NUR", - "rev": "46dab69a94d4489c5b428ea710ceeebac6aeccd2", + "rev": "d25fff8fad49f807d7ad9ee1284e476dd5c4b61c", "type": "github" }, "original": { -- 2.47.1 From 4ab548742495e9dce24b05b9b6aa91bf2bb94ccb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Jan 2023 17:00:32 +0000 Subject: [PATCH 0746/1882] chore(deps): update renovate/renovate docker tag to v34.118.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 63282f0a..439d1c2c 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.118.1 + image: renovate/renovate:34.118.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 1f816106858d217cd8edc863f907feafd4bc5798 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Jan 2023 18:02:09 +0000 Subject: [PATCH 0747/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index aa88dd61..190f112c 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1674928308, - "narHash": "sha256-elVU4NUZEl11BdT4gC+lrpLYM8Ccxqxs19Ix84HTI9o=", + "lastModified": 1675181178, + "narHash": "sha256-jymSUUjKoArptU7LJ1i4boysXptnpuETiUTenKgs2fM=", "owner": "nix-community", "repo": "home-manager", - "rev": "08a778d80308353f4f65c9dcd3790b5da02d6306", + "rev": "69696fe53940562a047bf2ec675cc1dcd1bc09b3", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675179969, - "narHash": "sha256-fwhCOf9OEqkxQS9EzTH/qBn5K4KQZHsh2q61dHOKEts=", + "lastModified": 1675182159, + "narHash": "sha256-NZsP5JMsH2Ruu6rephciknudEHRALbeJwIo55FX2bm8=", "owner": "nix-community", "repo": "NUR", - "rev": "d25fff8fad49f807d7ad9ee1284e476dd5c4b61c", + "rev": "9f2a8c440a75d46b008fd4b4582702768a1168a4", "type": "github" }, "original": { -- 2.47.1 From cfc3c6ae3af391b558434d230fc9d956e821d76a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Jan 2023 20:01:32 +0000 Subject: [PATCH 0748/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 190f112c..21bbe85a 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675182159, - "narHash": "sha256-NZsP5JMsH2Ruu6rephciknudEHRALbeJwIo55FX2bm8=", + "lastModified": 1675194334, + "narHash": "sha256-sqeMJo8cgzFooOY1SDSQOZkzopYlXH94gkfBe3wypqE=", "owner": "nix-community", "repo": "NUR", - "rev": "9f2a8c440a75d46b008fd4b4582702768a1168a4", + "rev": "15716a5e94e01e01fd06ed6e5091f399c457285a", "type": "github" }, "original": { -- 2.47.1 From 11af3843b6c7e03a35f9382a7806c0f76c874878 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Jan 2023 22:01:40 +0000 Subject: [PATCH 0749/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 21bbe85a..881692e6 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675194334, - "narHash": "sha256-sqeMJo8cgzFooOY1SDSQOZkzopYlXH94gkfBe3wypqE=", + "lastModified": 1675201600, + "narHash": "sha256-cNyiHeaFa0FUSfJZZlMcGFhfQRg6KNYgSj94V8wAJLg=", "owner": "nix-community", "repo": "NUR", - "rev": "15716a5e94e01e01fd06ed6e5091f399c457285a", + "rev": "2f71be786ab255a06e25d52cb5773ed34afe594a", "type": "github" }, "original": { -- 2.47.1 From c0210256ee32889e65e9de4f7db5655040cf700e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Jan 2023 23:02:19 +0000 Subject: [PATCH 0750/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 881692e6..3b86fde2 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1675181178, - "narHash": "sha256-jymSUUjKoArptU7LJ1i4boysXptnpuETiUTenKgs2fM=", + "lastModified": 1675203549, + "narHash": "sha256-SehK6lTqcB5gv4QpoIHcWcqvwpLzHW42+681ZBg52cE=", "owner": "nix-community", "repo": "home-manager", - "rev": "69696fe53940562a047bf2ec675cc1dcd1bc09b3", + "rev": "1d94de5604935591494eeb6ea80bc34ac84a9f23", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675201600, - "narHash": "sha256-cNyiHeaFa0FUSfJZZlMcGFhfQRg6KNYgSj94V8wAJLg=", + "lastModified": 1675205171, + "narHash": "sha256-ItHbdoLnYZxOO6OWn2pkLj8PQRgwq89LIaf8Cogx28w=", "owner": "nix-community", "repo": "NUR", - "rev": "2f71be786ab255a06e25d52cb5773ed34afe594a", + "rev": "d1eb71647c0fe8806aaa1c10a6389fb01978e964", "type": "github" }, "original": { -- 2.47.1 From f4157c23939a08ffaef06e338e4c47f760baf505 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Feb 2023 00:01:50 +0000 Subject: [PATCH 0751/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 3b86fde2..c4911c66 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675205171, - "narHash": "sha256-ItHbdoLnYZxOO6OWn2pkLj8PQRgwq89LIaf8Cogx28w=", + "lastModified": 1675208749, + "narHash": "sha256-WkZLPwwVwx6BCEomnQ8+4dLol5qIofLQmA0TqgUvTbY=", "owner": "nix-community", "repo": "NUR", - "rev": "d1eb71647c0fe8806aaa1c10a6389fb01978e964", + "rev": "e927e12ebaa8aed183c170b57739281408874198", "type": "github" }, "original": { -- 2.47.1 From b5aa547531c8e962ea09dfa1993f56abc96cd869 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Feb 2023 03:01:33 +0000 Subject: [PATCH 0752/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c4911c66..80cac41b 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675208749, - "narHash": "sha256-WkZLPwwVwx6BCEomnQ8+4dLol5qIofLQmA0TqgUvTbY=", + "lastModified": 1675218022, + "narHash": "sha256-Y4Zzff+rdELxXqJSjj6LHBtz5dSYtSmMH6FF8fqtjXw=", "owner": "nix-community", "repo": "NUR", - "rev": "e927e12ebaa8aed183c170b57739281408874198", + "rev": "e920206803e4321e897af4e6b7dbf77e2591f317", "type": "github" }, "original": { -- 2.47.1 From 3c63f180526a4f212c90d86ea851536e6d640f92 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Feb 2023 04:01:58 +0000 Subject: [PATCH 0753/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 80cac41b..e6431778 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675218022, - "narHash": "sha256-Y4Zzff+rdELxXqJSjj6LHBtz5dSYtSmMH6FF8fqtjXw=", + "lastModified": 1675223742, + "narHash": "sha256-H0SsX7GxG39GjsMiR0Z9qFSfR6Ejq2CaPqZPPnqnVig=", "owner": "nix-community", "repo": "NUR", - "rev": "e920206803e4321e897af4e6b7dbf77e2591f317", + "rev": "ee52c734eccd674bac82bf98e2902e69b903f636", "type": "github" }, "original": { -- 2.47.1 From 9144f324442123372262b9440c81339795930d7d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Feb 2023 05:01:55 +0000 Subject: [PATCH 0754/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index e6431778..e1287f62 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675223742, - "narHash": "sha256-H0SsX7GxG39GjsMiR0Z9qFSfR6Ejq2CaPqZPPnqnVig=", + "lastModified": 1675226489, + "narHash": "sha256-hVOcAOcoP0jXEgenJ20U+VT0hCEAbtZuDH6ed8U4jjI=", "owner": "nix-community", "repo": "NUR", - "rev": "ee52c734eccd674bac82bf98e2902e69b903f636", + "rev": "2c0e8d17676de8f17b94688ffa2abc87e200830a", "type": "github" }, "original": { -- 2.47.1 From a01fb17784611901253aad45e7864aab850a0a52 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Feb 2023 08:01:31 +0000 Subject: [PATCH 0755/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index e1287f62..75fe2edf 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675154944, - "narHash": "sha256-MeS1J+f1/7Sk1hhjolkjnsBjUyn1W4wIf48EC6X/m3s=", + "lastModified": 1675216071, + "narHash": "sha256-nLLvvhtQgNmOSGUjf7CTBP/tgpWQsic7YVtFD07LQFE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7095515e486805602532f2341b2d547fdf142d5a", + "rev": "e7c66e1d78fdc7da61dc04ca0f94a8d59b034d5a", "type": "github" }, "original": { -- 2.47.1 From 3e332bca488a53f25e95a33761370df4bfe8f41d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Feb 2023 10:00:22 +0000 Subject: [PATCH 0756/1882] chore(deps): update renovate/renovate docker tag to v34.119.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 439d1c2c..fa8c0a41 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.118.2 + image: renovate/renovate:34.119.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 86205ebf6d811f29b60bcc162cc9728514f15d69 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Feb 2023 11:01:46 +0000 Subject: [PATCH 0757/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 75fe2edf..7447796e 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1675203549, - "narHash": "sha256-SehK6lTqcB5gv4QpoIHcWcqvwpLzHW42+681ZBg52cE=", + "lastModified": 1675247113, + "narHash": "sha256-+YcXjfCP4hNu8A68b/UoXFCTDwKLuLV+x/7dQnM5U/o=", "owner": "nix-community", "repo": "home-manager", - "rev": "1d94de5604935591494eeb6ea80bc34ac84a9f23", + "rev": "782cb855b2f23c485011a196c593e2d7e4fce746", "type": "github" }, "original": { @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675168163, - "narHash": "sha256-dNHfiGF+cIyKI+F5T/6s8aWFiXonfcbEx5zg8lntkK8=", + "lastModified": 1675245716, + "narHash": "sha256-e+0hL+Yl02YzxFoEr8eDhiHMh8701mRND6Mn9zBy/gU=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "85c07c2fe0427ab5603addcef0e6b7cc211e1af7", + "rev": "445f8c71c50ed9cdd72299b2ddf696b7baeb1b03", "type": "github" }, "original": { -- 2.47.1 From 427a0606194cdbe4ab704dbd9cae82db2ef2a6d5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Feb 2023 14:01:40 +0000 Subject: [PATCH 0758/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 7447796e..48e04c70 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675226489, - "narHash": "sha256-hVOcAOcoP0jXEgenJ20U+VT0hCEAbtZuDH6ed8U4jjI=", + "lastModified": 1675256703, + "narHash": "sha256-YI9prZQEhOZELFiaNv/ftUKF536aZO06vF2uKuRgiWQ=", "owner": "nix-community", "repo": "NUR", - "rev": "2c0e8d17676de8f17b94688ffa2abc87e200830a", + "rev": "49fcf38006a485c408479940c26ca9d2f7c95a4e", "type": "github" }, "original": { -- 2.47.1 From 3dd2d99ea8746fbace38fb25f4ab8ad678357a13 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Feb 2023 16:01:33 +0000 Subject: [PATCH 0759/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 48e04c70..806f33d9 100644 --- a/flake.lock +++ b/flake.lock @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1675154384, - "narHash": "sha256-gUXzyTS3WsO3g2Rz0qOYR2a26whkyL2UfTr1oPH9mm8=", + "lastModified": 1675237434, + "narHash": "sha256-YoFR0vyEa1HXufLNIFgOGhIFMRnY6aZ0IepZF5cYemo=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0218941ea68b4c625533bead7bbb94ccce52dceb", + "rev": "285b3ff0660640575186a4086e1f8dc0df2874b5", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675256703, - "narHash": "sha256-YI9prZQEhOZELFiaNv/ftUKF536aZO06vF2uKuRgiWQ=", + "lastModified": 1675266298, + "narHash": "sha256-YnOp5Bwz6P5ZUUP+6b0gfOHR5+6YXjBwejC+d+r+y/0=", "owner": "nix-community", "repo": "NUR", - "rev": "49fcf38006a485c408479940c26ca9d2f7c95a4e", + "rev": "791848955787354a0d76abb004318bfad0462f07", "type": "github" }, "original": { -- 2.47.1 From 18915c0bec946c9b5fa54ae9489e00297575aed1 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 1 Feb 2023 17:21:01 +0100 Subject: [PATCH 0760/1882] updates --- nixos/hosts/hades/overseerr/configuration.nix | 3 ++- nixos/hosts/thalassa/aoife/configuration.nix | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/nixos/hosts/hades/overseerr/configuration.nix b/nixos/hosts/hades/overseerr/configuration.nix index d192b2ea..80048107 100644 --- a/nixos/hosts/hades/overseerr/configuration.nix +++ b/nixos/hosts/hades/overseerr/configuration.nix @@ -26,7 +26,8 @@ backend = "podman"; containers = { overseerr = { - image = "ghcr.io/sct/overseerr:1.32.4"; + # TODO: Add regex so that renovate catches this + image = "ghcr.io/sct/overseerr:1.32.5"; environment = { # LOG_LEVEL = "debug"; TZ = "Europe/Amsterdam"; diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index 07425f6d..655438f2 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -112,9 +112,10 @@ system.stateVersion = "23.05"; # Did you read the comment? # Enable ccache + # WARNING: Adding packages here makes them always be built from source, so only do so for once that are usually build like that + # This should be fixed when nix switches to content-addresabble paths programs.ccache.enable = true; programs.ccache.packageNames = [ - "evolution-data-server" "mongodb" ]; nix.settings.extra-sandbox-paths = -- 2.47.1 From 2ec5d23a13b22265039fcaa935a47d8142f6151f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Feb 2023 17:01:44 +0000 Subject: [PATCH 0761/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 806f33d9..236f6858 100644 --- a/flake.lock +++ b/flake.lock @@ -911,11 +911,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1674917700, - "narHash": "sha256-4NSCMIeOZbXJ47h2gv5gKsk8iPx90jwU7UDxSy6gi+0=", + "lastModified": 1675270498, + "narHash": "sha256-5Kv3wB8lvczZiHkkNEMWnmPjg21R/78T6L3k3H5NeYY=", "owner": "pta2002", "repo": "nixvim", - "rev": "8ef6945e7550f81352564a70796554e7997be5c1", + "rev": "337e4c735bbe3eef91fede98c01a84d130386d51", "type": "github" }, "original": { -- 2.47.1 From 43fccc19a2013690ac0f7c2a8eb97c0f789d6f0e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Feb 2023 18:01:49 +0000 Subject: [PATCH 0762/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 236f6858..77f849ec 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675216071, - "narHash": "sha256-nLLvvhtQgNmOSGUjf7CTBP/tgpWQsic7YVtFD07LQFE=", + "lastModified": 1675246915, + "narHash": "sha256-q3E67PIRNQyWKtg43grNYYAZT/ik9oyOsRvHYah0iJQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e7c66e1d78fdc7da61dc04ca0f94a8d59b034d5a", + "rev": "55fbb1d20ce4350aae11bba71844796549175ab1", "type": "github" }, "original": { -- 2.47.1 From d60964b48b076e81800c0679add735264dcd8044 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Feb 2023 19:00:34 +0000 Subject: [PATCH 0763/1882] chore(deps): update renovate/renovate docker tag to v34.119.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index fa8c0a41..99ef3759 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.119.0 + image: renovate/renovate:34.119.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 4b6d419ce48efb8e7ea5cf65107548b6a9707f9a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Feb 2023 01:00:22 +0000 Subject: [PATCH 0764/1882] chore(deps): update renovate/renovate docker tag to v34.119.5 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 99ef3759..2b24b4d1 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.119.2 + image: renovate/renovate:34.119.5 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From b827f5f4d7e3cbc6ff3927d0ab2ba36af298c2ec Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Feb 2023 02:01:44 +0000 Subject: [PATCH 0765/1882] chore(deps): lock file maintenance --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 77f849ec..9fdc8bcc 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1675247113, - "narHash": "sha256-+YcXjfCP4hNu8A68b/UoXFCTDwKLuLV+x/7dQnM5U/o=", + "lastModified": 1675303228, + "narHash": "sha256-dHJbFg7gTuTyEUdJoNDp6l2bac6HXAT/bz9cVEqL+Uw=", "owner": "nix-community", "repo": "home-manager", - "rev": "782cb855b2f23c485011a196c593e2d7e4fce746", + "rev": "4a958524903e6019f5f69a23e0c0f16e5af01eb0", "type": "github" }, "original": { @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675245716, - "narHash": "sha256-e+0hL+Yl02YzxFoEr8eDhiHMh8701mRND6Mn9zBy/gU=", + "lastModified": 1675285561, + "narHash": "sha256-0l239rdKHmtCf8xckssOk3bXf+gTXZa6gOEVVVeIfb0=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "445f8c71c50ed9cdd72299b2ddf696b7baeb1b03", + "rev": "32d56fec977b109aeecb06288a1b45cfe6b83117", "type": "github" }, "original": { @@ -911,11 +911,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1675270498, - "narHash": "sha256-5Kv3wB8lvczZiHkkNEMWnmPjg21R/78T6L3k3H5NeYY=", + "lastModified": 1675301688, + "narHash": "sha256-bd8R6JG3MyZQx6qAD4yUFKIy6Fh0cag5gEAfMGGRGUw=", "owner": "pta2002", "repo": "nixvim", - "rev": "337e4c735bbe3eef91fede98c01a84d130386d51", + "rev": "0d678ebd9da4c7ee7831cebde09f5917bab24e6b", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675266298, - "narHash": "sha256-YnOp5Bwz6P5ZUUP+6b0gfOHR5+6YXjBwejC+d+r+y/0=", + "lastModified": 1675291594, + "narHash": "sha256-VghorRetN77L3B1bqxX/WsrkbX2RLBeMGeG6FvlMD1w=", "owner": "nix-community", "repo": "NUR", - "rev": "791848955787354a0d76abb004318bfad0462f07", + "rev": "25eaa45d5311ca238f893565e715baa2cfcca37f", "type": "github" }, "original": { -- 2.47.1 From 7822a3e93b138ea20eac8d426935a4266da68ac8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Feb 2023 03:05:21 +0000 Subject: [PATCH 0766/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 9fdc8bcc..d792e246 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675291594, - "narHash": "sha256-VghorRetN77L3B1bqxX/WsrkbX2RLBeMGeG6FvlMD1w=", + "lastModified": 1675306909, + "narHash": "sha256-oOuNT7dy4JOEmOWl/WptD+0vNKp1xjLAegLcH0vOlag=", "owner": "nix-community", "repo": "NUR", - "rev": "25eaa45d5311ca238f893565e715baa2cfcca37f", + "rev": "7ad0f7672c0ee4a6c33a98bf8b790ef596086b49", "type": "github" }, "original": { -- 2.47.1 From 57aaaccd13bdddaf9b56d30a563217e934711587 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Feb 2023 04:02:20 +0000 Subject: [PATCH 0767/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d792e246..2490f7ed 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675306909, - "narHash": "sha256-oOuNT7dy4JOEmOWl/WptD+0vNKp1xjLAegLcH0vOlag=", + "lastModified": 1675309508, + "narHash": "sha256-A+dRnIkg/uaVobcfYTplM0BMtSNCyqxuD5vkzrH0Ibk=", "owner": "nix-community", "repo": "NUR", - "rev": "7ad0f7672c0ee4a6c33a98bf8b790ef596086b49", + "rev": "abe323838bfd57e5e2760f6d8bcfec6b515678d4", "type": "github" }, "original": { -- 2.47.1 From 00e696a4d03fdab9529a1d5b70ebb8a46662620e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Feb 2023 05:02:00 +0000 Subject: [PATCH 0768/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 2490f7ed..4401ce65 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675309508, - "narHash": "sha256-A+dRnIkg/uaVobcfYTplM0BMtSNCyqxuD5vkzrH0Ibk=", + "lastModified": 1675311143, + "narHash": "sha256-iK7GDRWoseLg962e1EIQWLpdWVD4RmTsjlB1yIl95FI=", "owner": "nix-community", "repo": "NUR", - "rev": "abe323838bfd57e5e2760f6d8bcfec6b515678d4", + "rev": "a9f701436c9c771859b80e1c088e3684346e98bd", "type": "github" }, "original": { -- 2.47.1 From 8fe7ed393ccc09914203373005343bbaae0805c8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Feb 2023 09:01:30 +0000 Subject: [PATCH 0769/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 4401ce65..bf61f11a 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675311143, - "narHash": "sha256-iK7GDRWoseLg962e1EIQWLpdWVD4RmTsjlB1yIl95FI=", + "lastModified": 1675325243, + "narHash": "sha256-KdvpDpvM1SnXQAmjtA/PWjIEaOl5MU9nRuO66W9JP44=", "owner": "nix-community", "repo": "NUR", - "rev": "a9f701436c9c771859b80e1c088e3684346e98bd", + "rev": "d2540a896eba1945c76d90b9b95648036efb6134", "type": "github" }, "original": { -- 2.47.1 From 538320bae0acf7730d41527bccb05654ef67f28c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Feb 2023 12:00:22 +0000 Subject: [PATCH 0770/1882] chore(deps): update renovate/renovate docker tag to v34.120.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 2b24b4d1..4cba8cd4 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.119.5 + image: renovate/renovate:34.120.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 50d2a664b4a0e0a39a302ef0b2b79c76a7b72437 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Feb 2023 17:03:00 +0000 Subject: [PATCH 0771/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index bf61f11a..47642c87 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675325243, - "narHash": "sha256-KdvpDpvM1SnXQAmjtA/PWjIEaOl5MU9nRuO66W9JP44=", + "lastModified": 1675356724, + "narHash": "sha256-rhL4yTJXhVX6QJQT0H+aeKvphmLgFj35lU2BA6C/RiQ=", "owner": "nix-community", "repo": "NUR", - "rev": "d2540a896eba1945c76d90b9b95648036efb6134", + "rev": "eaf205f41c98ba1afdefe057d65c3ae5b3d4f4ab", "type": "github" }, "original": { -- 2.47.1 From 144faa5e389ab19590a4c2975be7cc75ff097b8c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Feb 2023 19:01:28 +0000 Subject: [PATCH 0772/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 47642c87..6361d698 100644 --- a/flake.lock +++ b/flake.lock @@ -911,11 +911,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1675301688, - "narHash": "sha256-bd8R6JG3MyZQx6qAD4yUFKIy6Fh0cag5gEAfMGGRGUw=", + "lastModified": 1675361076, + "narHash": "sha256-yyKunCVk4wLr9vGqd9n2BeWq9pJOXG4WBjFE0M++5aU=", "owner": "pta2002", "repo": "nixvim", - "rev": "0d678ebd9da4c7ee7831cebde09f5917bab24e6b", + "rev": "548c76ee320a00866ecad0c0775039e8d640586c", "type": "github" }, "original": { -- 2.47.1 From 144712421e658148caba4e8a7216730126526a6e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Feb 2023 20:02:07 +0000 Subject: [PATCH 0773/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 6361d698..c468d784 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675246915, - "narHash": "sha256-q3E67PIRNQyWKtg43grNYYAZT/ik9oyOsRvHYah0iJQ=", + "lastModified": 1675361467, + "narHash": "sha256-qswvGoSG56eJDcvMUvoqQ3jxS7C6rrxrBWC9Hole0Kw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "55fbb1d20ce4350aae11bba71844796549175ab1", + "rev": "a0acf943cc65d56e6708c6a63731473a5752dedb", "type": "github" }, "original": { -- 2.47.1 From 7b0446e95879a489c5150af806f936089d696ea6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Feb 2023 22:01:40 +0000 Subject: [PATCH 0774/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index c468d784..c3925ee1 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1675303228, - "narHash": "sha256-dHJbFg7gTuTyEUdJoNDp6l2bac6HXAT/bz9cVEqL+Uw=", + "lastModified": 1675371293, + "narHash": "sha256-LrCjtrAXj/WJphhGEMnHgZs7oTsfOlvPfOjFTIvg39k=", "owner": "nix-community", "repo": "home-manager", - "rev": "4a958524903e6019f5f69a23e0c0f16e5af01eb0", + "rev": "d1c7730bb707bf8124d997952f7babd2a281ae68", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675356724, - "narHash": "sha256-rhL4yTJXhVX6QJQT0H+aeKvphmLgFj35lU2BA6C/RiQ=", + "lastModified": 1675373279, + "narHash": "sha256-gMrVLGFtCQKWj9zyBYa6WNHdACpvFDr70b1cFZN7ieo=", "owner": "nix-community", "repo": "NUR", - "rev": "eaf205f41c98ba1afdefe057d65c3ae5b3d4f4ab", + "rev": "14feda3d14770b2bcea5dca20dee32110f910003", "type": "github" }, "original": { -- 2.47.1 From d1fc9784169b0a7f8b0089757016bc293be3ce9b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Feb 2023 03:01:33 +0000 Subject: [PATCH 0775/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c3925ee1..d86dbeac 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675373279, - "narHash": "sha256-gMrVLGFtCQKWj9zyBYa6WNHdACpvFDr70b1cFZN7ieo=", + "lastModified": 1675390386, + "narHash": "sha256-VK1EGF9+U2A72Gy5lgHHa6DaGOnx3Ml51E0TewYh5L8=", "owner": "nix-community", "repo": "NUR", - "rev": "14feda3d14770b2bcea5dca20dee32110f910003", + "rev": "f9a67871a7c1dcd424a20b6e3723eacc0704bc97", "type": "github" }, "original": { -- 2.47.1 From 2b2f3f1b5441d41c7635c3c4b82c57100f9128f3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Feb 2023 05:01:39 +0000 Subject: [PATCH 0776/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index d86dbeac..1f6f9f57 100644 --- a/flake.lock +++ b/flake.lock @@ -88,11 +88,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1675019967, - "narHash": "sha256-AD9udouBmfWxmsM1j6eNCu+HEB9E41+fA3XRIb765LU=", + "lastModified": 1675400331, + "narHash": "sha256-ja0DhWBARzcimqMBhQ+DP7NQoJSlNasqvlj5GiHRYY0=", "owner": "zhaofengli", "repo": "colmena", - "rev": "7602e548a78932bd28a7e2f621b3d62b4124e993", + "rev": "31d8240504e91c3ea5c758d92f02f94af3fae6c3", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675390386, - "narHash": "sha256-VK1EGF9+U2A72Gy5lgHHa6DaGOnx3Ml51E0TewYh5L8=", + "lastModified": 1675397338, + "narHash": "sha256-MQGfK2kXpaVk1Zzl9wTOstKufkUdSYOtVYeBgKQWNxI=", "owner": "nix-community", "repo": "NUR", - "rev": "f9a67871a7c1dcd424a20b6e3723eacc0704bc97", + "rev": "728c10fbdb5e3cf4d3f0d1bec92c7b2dc417d6c1", "type": "github" }, "original": { -- 2.47.1 From 905c5d723f5c1fee4e8ea1c1372fd37f3a4140ac Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Feb 2023 06:01:53 +0000 Subject: [PATCH 0777/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1f6f9f57..22e85091 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675397338, - "narHash": "sha256-MQGfK2kXpaVk1Zzl9wTOstKufkUdSYOtVYeBgKQWNxI=", + "lastModified": 1675401726, + "narHash": "sha256-SOG0unCuN8OwqALj0yHOfyuQcy1XaMlSLljgo3xqABw=", "owner": "nix-community", "repo": "NUR", - "rev": "728c10fbdb5e3cf4d3f0d1bec92c7b2dc417d6c1", + "rev": "48a5b6e224fc2ecc023d1655c1da9bf3105ba1ff", "type": "github" }, "original": { -- 2.47.1 From 9a92dc9e2f7771b16922d58c4fdcef82759cd7ee Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Feb 2023 17:00:50 +0000 Subject: [PATCH 0778/1882] chore(deps): update dependency fluxcd/flux2 to v0.39.0 --- .../base/flux-system/gotk-components.yaml | 75 ++++++++++--------- 1 file changed, 38 insertions(+), 37 deletions(-) diff --git a/flux/olympus/base/flux-system/gotk-components.yaml b/flux/olympus/base/flux-system/gotk-components.yaml index 79576f0f..9c26b708 100644 --- a/flux/olympus/base/flux-system/gotk-components.yaml +++ b/flux/olympus/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.38.3 +# Flux Version: v0.39.0 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -23,7 +23,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -449,7 +449,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -969,7 +969,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1457,8 +1457,9 @@ spec: secretRef: description: SecretRef specifies the Secret containing authentication credentials for the GitRepository. For HTTPS repositories the Secret - must contain 'username' and 'password' fields. For SSH repositories - the Secret must contain 'identity' and 'known_hosts' fields. + must contain 'username' and 'password' fields for basic auth or + 'bearerToken' field for token auth. For SSH repositories the Secret + must contain 'identity' and 'known_hosts' fields. properties: name: description: Name of the referent. @@ -1756,7 +1757,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2355,7 +2356,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -3244,7 +3245,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3332,7 +3333,7 @@ spec: description: The name of the secret containing authentication credentials for the Helm repository. For HTTP/S basic auth the secret must contain username and password fields. For TLS the secret must contain a - certFile and keyFile, and/or caCert fields. + certFile and keyFile, and/or caFile fields. properties: name: description: Name of the referent. @@ -3565,7 +3566,7 @@ spec: description: SecretRef specifies the Secret containing authentication credentials for the HelmRepository. For HTTP/S basic auth the secret must contain 'username' and 'password' fields. For TLS the secret - must contain a 'certFile' and 'keyFile', and/or 'caCert' fields. + must contain a 'certFile' and 'keyFile', and/or 'caFile' fields. properties: name: description: Name of the referent. @@ -3752,7 +3753,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -4885,7 +4886,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: ocirepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -5250,7 +5251,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5662,7 +5663,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6109,7 +6110,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: helm-controller namespace: flux-system --- @@ -6120,7 +6121,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: kustomize-controller namespace: flux-system --- @@ -6131,7 +6132,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: notification-controller namespace: flux-system --- @@ -6142,7 +6143,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: source-controller namespace: flux-system --- @@ -6152,7 +6153,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: crd-controller-flux-system rules: - apiGroups: @@ -6242,7 +6243,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -6262,7 +6263,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -6295,7 +6296,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 control-plane: controller name: notification-controller namespace: flux-system @@ -6316,7 +6317,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 control-plane: controller name: source-controller namespace: flux-system @@ -6337,7 +6338,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 control-plane: controller name: webhook-receiver namespace: flux-system @@ -6358,7 +6359,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 control-plane: controller name: helm-controller namespace: flux-system @@ -6387,7 +6388,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.28.1 + image: ghcr.io/fluxcd/helm-controller:v0.29.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6441,7 +6442,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 control-plane: controller name: kustomize-controller namespace: flux-system @@ -6470,7 +6471,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.32.0 + image: ghcr.io/fluxcd/kustomize-controller:v0.33.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6524,7 +6525,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 control-plane: controller name: notification-controller namespace: flux-system @@ -6552,7 +6553,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v0.30.2 + image: ghcr.io/fluxcd/notification-controller:v0.31.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6612,7 +6613,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 control-plane: controller name: source-controller namespace: flux-system @@ -6647,7 +6648,7 @@ spec: fieldPath: metadata.namespace - name: TUF_ROOT value: /tmp/.sigstore - image: ghcr.io/fluxcd/source-controller:v0.33.0 + image: ghcr.io/fluxcd/source-controller:v0.34.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6707,7 +6708,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: allow-egress namespace: flux-system spec: @@ -6727,7 +6728,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: allow-scraping namespace: flux-system spec: @@ -6747,7 +6748,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.38.3 + app.kubernetes.io/version: v0.39.0 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From 3b0e7496591382843a571535996e9c3486380bf6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Feb 2023 12:01:38 +0000 Subject: [PATCH 0779/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 22e85091..ff495fa8 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675285561, - "narHash": "sha256-0l239rdKHmtCf8xckssOk3bXf+gTXZa6gOEVVVeIfb0=", + "lastModified": 1675425535, + "narHash": "sha256-Zpmx/aZu1/RJBARAPoys84TWPi/dulkQzoJQ0utWa7I=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "32d56fec977b109aeecb06288a1b45cfe6b83117", + "rev": "129e99a6f60eac7ece31a1ccd1e781075fd53050", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675401726, - "narHash": "sha256-SOG0unCuN8OwqALj0yHOfyuQcy1XaMlSLljgo3xqABw=", + "lastModified": 1675424680, + "narHash": "sha256-zqK3wbyGja26hdKrfobEXeuiPtYiUCrOHjwRVzcnV10=", "owner": "nix-community", "repo": "NUR", - "rev": "48a5b6e224fc2ecc023d1655c1da9bf3105ba1ff", + "rev": "59726247c45788a7072e0106461db90e19864dcb", "type": "github" }, "original": { -- 2.47.1 From ff0f6f7309905e47cc03ea346590916416d1f7d3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Feb 2023 13:00:35 +0000 Subject: [PATCH 0780/1882] chore(deps): update renovate/renovate docker tag to v34.121.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 4cba8cd4..f84f8deb 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.120.0 + image: renovate/renovate:34.121.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 89661b04a7840c8735add936932344a69e63d4ae Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Feb 2023 14:02:04 +0000 Subject: [PATCH 0781/1882] chore(deps): lock file maintenance --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index ff495fa8..a2602095 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675425535, - "narHash": "sha256-Zpmx/aZu1/RJBARAPoys84TWPi/dulkQzoJQ0utWa7I=", + "lastModified": 1675432823, + "narHash": "sha256-6kgUJiJRmIys0XFxMc27Wk0ejmYLhjvx4P59e21jr0I=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "129e99a6f60eac7ece31a1ccd1e781075fd53050", + "rev": "8e6950e2006aa3fae021bbbf20e450f28df1de72", "type": "github" }, "original": { @@ -797,11 +797,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1673540789, - "narHash": "sha256-xqnxBOK3qctIeUVxecydrEDbEXjsvHCPGPbvsl63M/U=", + "lastModified": 1675273418, + "narHash": "sha256-tpYc4TEGvDzh9uRf44QemyQ4TpVuUbxb07b2P99XDbM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0f213d0fee84280d8c3a97f7469b988d6fe5fcdf", + "rev": "4d7c2644dbac9cf8282c0afe68fca8f0f3e7b2db", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675424680, - "narHash": "sha256-zqK3wbyGja26hdKrfobEXeuiPtYiUCrOHjwRVzcnV10=", + "lastModified": 1675429365, + "narHash": "sha256-KXPNBZkCq4EJlQy9IzcpMsGSyusd/DJ90J97PpnnCB0=", "owner": "nix-community", "repo": "NUR", - "rev": "59726247c45788a7072e0106461db90e19864dcb", + "rev": "50bf97d8b0943d8c58b3881ed7e2467c6556a22f", "type": "github" }, "original": { @@ -1220,11 +1220,11 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1672824257, - "narHash": "sha256-SbYoZj57VlopTzI+OSW9jlgYxN1gI1KLg/s/HV+87eE=", + "lastModified": 1675374853, + "narHash": "sha256-BSrjNcddYWhFUMtjGwxiEXw67MYRaIHGvLn19Mvm1NE=", "owner": "wlroots", "repo": "wlroots", - "rev": "5f264a7d6c8af27d41ff440c05262b022c055593", + "rev": "677a3f2f8847ed2de49dd60868f9d9487a546f58", "type": "gitlab" }, "original": { -- 2.47.1 From 8b63f5d100edab1051a6c286f1f9768bbb400ad0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Feb 2023 15:05:13 +0000 Subject: [PATCH 0782/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index a2602095..3d16e267 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675432823, - "narHash": "sha256-6kgUJiJRmIys0XFxMc27Wk0ejmYLhjvx4P59e21jr0I=", + "lastModified": 1675433548, + "narHash": "sha256-LT1lGW+tFlo1rQyMJs6BBIRelrrZNySFnfHeaehGDQs=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "8e6950e2006aa3fae021bbbf20e450f28df1de72", + "rev": "494103b521ceda64d40d7847979e5a2c2f6ca201", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675429365, - "narHash": "sha256-KXPNBZkCq4EJlQy9IzcpMsGSyusd/DJ90J97PpnnCB0=", + "lastModified": 1675435592, + "narHash": "sha256-vsb4QabOi7ytlpGpjEJE3ma76jOtEeNATn4cEy79skI=", "owner": "nix-community", "repo": "NUR", - "rev": "50bf97d8b0943d8c58b3881ed7e2467c6556a22f", + "rev": "aed626f153209eb38a6cf0fd72923036f8349e0a", "type": "github" }, "original": { -- 2.47.1 From b3b6868ad6d34ea03f21fa8115ef44cdcc7dd990 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Feb 2023 16:00:35 +0000 Subject: [PATCH 0783/1882] chore(deps): update renovate/renovate docker tag to v34.121.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index f84f8deb..9effc138 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.121.0 + image: renovate/renovate:34.121.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 0272f140499a46fab45ffb2ee4675e86dadf16bb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Feb 2023 17:01:48 +0000 Subject: [PATCH 0784/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 3d16e267..bcef9f29 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675433548, - "narHash": "sha256-LT1lGW+tFlo1rQyMJs6BBIRelrrZNySFnfHeaehGDQs=", + "lastModified": 1675441057, + "narHash": "sha256-WpR1RqbJlNmcuRWXjbZ5MBgr1xx5f/SbWomexmishkc=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "494103b521ceda64d40d7847979e5a2c2f6ca201", + "rev": "fd3a1cd086d077c39c5634ff6c9be9893857dc55", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675435592, - "narHash": "sha256-vsb4QabOi7ytlpGpjEJE3ma76jOtEeNATn4cEy79skI=", + "lastModified": 1675439111, + "narHash": "sha256-Zq3niWjpqxcmzIgktbMVmnxDE0tlulRyXgutZGmYJQQ=", "owner": "nix-community", "repo": "NUR", - "rev": "aed626f153209eb38a6cf0fd72923036f8349e0a", + "rev": "a99be868d2c8b2f6107c31cdced9e78be2cca3ac", "type": "github" }, "original": { -- 2.47.1 From 33fb617882d456903aa0830225a07e93a6738ea3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Feb 2023 18:04:52 +0000 Subject: [PATCH 0785/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index bcef9f29..ee7dd3a2 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675441057, - "narHash": "sha256-WpR1RqbJlNmcuRWXjbZ5MBgr1xx5f/SbWomexmishkc=", + "lastModified": 1675444702, + "narHash": "sha256-j+U1KwSOfUgJawy4/9xEX2zKWOegNkvuSaQGZo06fnw=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "fd3a1cd086d077c39c5634ff6c9be9893857dc55", + "rev": "a0bc0e4998f464656e74cbc683986204189ebefb", "type": "github" }, "original": { @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675361467, - "narHash": "sha256-qswvGoSG56eJDcvMUvoqQ3jxS7C6rrxrBWC9Hole0Kw=", + "lastModified": 1675418539, + "narHash": "sha256-E8FZ4ZURhnEdi43m4QbZPhAVqnAbIytnAifoITUFDYI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a0acf943cc65d56e6708c6a63731473a5752dedb", + "rev": "3460f50028af7ff248e5ed633f01fa0345c0727e", "type": "github" }, "original": { -- 2.47.1 From beee302433f0f5ebdedabbfe21b1ad4ed387b42e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Feb 2023 19:01:45 +0000 Subject: [PATCH 0786/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index ee7dd3a2..6dbf5793 100644 --- a/flake.lock +++ b/flake.lock @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1675237434, - "narHash": "sha256-YoFR0vyEa1HXufLNIFgOGhIFMRnY6aZ0IepZF5cYemo=", + "lastModified": 1675327819, + "narHash": "sha256-Fd2BUNUsTO7wmoU1fbOC4HNkl370dYdkfKgWPretuj0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "285b3ff0660640575186a4086e1f8dc0df2874b5", + "rev": "21efc622b939884db3c92f49d638ca89f12f22f8", "type": "github" }, "original": { -- 2.47.1 From 68627782262ec3c80b2de039820c063f35a49b79 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Feb 2023 20:00:35 +0000 Subject: [PATCH 0787/1882] chore(deps): update renovate/renovate docker tag to v34.121.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 9effc138..0a72b027 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.121.1 + image: renovate/renovate:34.121.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From f6b8c032b54e7cbfd4224d18c8c1fb1e7471069d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Feb 2023 21:01:41 +0000 Subject: [PATCH 0788/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 6dbf5793..a78f2f1a 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675444702, - "narHash": "sha256-j+U1KwSOfUgJawy4/9xEX2zKWOegNkvuSaQGZo06fnw=", + "lastModified": 1675453688, + "narHash": "sha256-l1AkaNN2fQfObzHpN0Zr0efjMTrOKf3td4QB3NqBIQo=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "a0bc0e4998f464656e74cbc683986204189ebefb", + "rev": "3e6601fa2989d750135d218c1fea3a13ddeae5c3", "type": "github" }, "original": { @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675418539, - "narHash": "sha256-E8FZ4ZURhnEdi43m4QbZPhAVqnAbIytnAifoITUFDYI=", + "lastModified": 1675446098, + "narHash": "sha256-xB4doWLd849LKDKqYnTdmteX5TVEfZIH6WiGvj8wMi4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "3460f50028af7ff248e5ed633f01fa0345c0727e", + "rev": "a59fe7abba1be9e515e7333005ff8a36f86876b2", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675439111, - "narHash": "sha256-Zq3niWjpqxcmzIgktbMVmnxDE0tlulRyXgutZGmYJQQ=", + "lastModified": 1675453602, + "narHash": "sha256-6QwmEB4/yBYwmRfC22SvEKON6d4SNUpRdR1Szx5oMx0=", "owner": "nix-community", "repo": "NUR", - "rev": "a99be868d2c8b2f6107c31cdced9e78be2cca3ac", + "rev": "503657d637c7d27ee4ae15ade97b4d7b440fc1d9", "type": "github" }, "original": { -- 2.47.1 From d54a05c13f876ac263a76561a9696127df22e55c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Feb 2023 22:05:14 +0000 Subject: [PATCH 0789/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index a78f2f1a..28bd83e4 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675453688, - "narHash": "sha256-l1AkaNN2fQfObzHpN0Zr0efjMTrOKf3td4QB3NqBIQo=", + "lastModified": 1675459549, + "narHash": "sha256-3K40VOvdwsRwKRcC8oFRU6HUyC6Jlf7RwxTkQAWhVMk=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "3e6601fa2989d750135d218c1fea3a13ddeae5c3", + "rev": "be6325dd4b0a99561281ba557f1d37e945fa183f", "type": "github" }, "original": { -- 2.47.1 From 0fb2e972d1921868fd3e68fe34472d35678c8651 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Feb 2023 23:01:54 +0000 Subject: [PATCH 0790/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 28bd83e4..fed7f8f2 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1675371293, - "narHash": "sha256-LrCjtrAXj/WJphhGEMnHgZs7oTsfOlvPfOjFTIvg39k=", + "lastModified": 1675462931, + "narHash": "sha256-JiOUSERBtA1lN/s9YTKGZoZ3XUicHDwr+C8swaPSh3M=", "owner": "nix-community", "repo": "home-manager", - "rev": "d1c7730bb707bf8124d997952f7babd2a281ae68", + "rev": "e2c1756e3ae001ca8696912016dd31cb1503ccf3", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675453602, - "narHash": "sha256-6QwmEB4/yBYwmRfC22SvEKON6d4SNUpRdR1Szx5oMx0=", + "lastModified": 1675463770, + "narHash": "sha256-iox2M74GvyCzoJkWkVJS+qBpHBaaKM5fKz8HrHiQgOY=", "owner": "nix-community", "repo": "NUR", - "rev": "503657d637c7d27ee4ae15ade97b4d7b440fc1d9", + "rev": "b8ff9a9dca98c9181063b30d6f87346ff5a97294", "type": "github" }, "original": { -- 2.47.1 From 57cc2bc75c0adbee572c53b00d4f436951b482ff Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 4 Feb 2023 00:00:34 +0000 Subject: [PATCH 0791/1882] chore(deps): update renovate/renovate docker tag to v34.122.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 0a72b027..805036c4 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.121.2 + image: renovate/renovate:34.122.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 5f1b107f56cd224138c1901753f1bbd46a32f21c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 4 Feb 2023 01:01:53 +0000 Subject: [PATCH 0792/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index fed7f8f2..cc846a3d 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675459549, - "narHash": "sha256-3K40VOvdwsRwKRcC8oFRU6HUyC6Jlf7RwxTkQAWhVMk=", + "lastModified": 1675465995, + "narHash": "sha256-7IkfY+Oe46WWWVAli+IzR2uvgByPffGZGyoM5gty+Ps=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "be6325dd4b0a99561281ba557f1d37e945fa183f", + "rev": "bd2245d642f700ac736cd8349352917ef5340dbc", "type": "github" }, "original": { @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1675327819, - "narHash": "sha256-Fd2BUNUsTO7wmoU1fbOC4HNkl370dYdkfKgWPretuj0=", + "lastModified": 1675410244, + "narHash": "sha256-ODj6egMoH/HgAF/0wIy0EfRBeUx5FMuLl6uAdUW3kCI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "21efc622b939884db3c92f49d638ca89f12f22f8", + "rev": "f7543a7539a007e9562e4d8d24e17a4bcf369b68", "type": "github" }, "original": { -- 2.47.1 From 2b05737431064d1f403f720c575af6ab260bde51 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 4 Feb 2023 02:05:40 +0000 Subject: [PATCH 0793/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index cc846a3d..8ecf37a8 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675463770, - "narHash": "sha256-iox2M74GvyCzoJkWkVJS+qBpHBaaKM5fKz8HrHiQgOY=", + "lastModified": 1675476263, + "narHash": "sha256-uAthSMn3kDYk5nUUV2j0WD78yV8canKTO/U9NYEaoEk=", "owner": "nix-community", "repo": "NUR", - "rev": "b8ff9a9dca98c9181063b30d6f87346ff5a97294", + "rev": "f0c98fda72fb603a90e1c3dd5065ec8280494a39", "type": "github" }, "original": { -- 2.47.1 From d0c4dbff1e31d696b6abc2da85360c319c18dbe8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 4 Feb 2023 12:00:21 +0000 Subject: [PATCH 0794/1882] chore(deps): update renovate/renovate docker tag to v34.122.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 805036c4..083222e1 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.122.0 + image: renovate/renovate:34.122.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 400d322454007c38156ac082b34e1829b909964e Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 4 Feb 2023 16:15:25 +0100 Subject: [PATCH 0795/1882] deploy xirion.net --- flux/olympus/apps/websites/0x76.yaml | 6 +-- flux/olympus/apps/websites/kustomization.yaml | 1 + flux/olympus/apps/websites/xirion.yaml | 52 +++++++++++++++++++ 3 files changed, 56 insertions(+), 3 deletions(-) create mode 100644 flux/olympus/apps/websites/xirion.yaml diff --git a/flux/olympus/apps/websites/0x76.yaml b/flux/olympus/apps/websites/0x76.yaml index b6a0b5f8..7b768e6c 100644 --- a/flux/olympus/apps/websites/0x76.yaml +++ b/flux/olympus/apps/websites/0x76.yaml @@ -24,7 +24,7 @@ spec: apiVersion: v1 kind: Service metadata: - name: x76dev-service + name: x76dev namespace: websites spec: selector: @@ -36,7 +36,7 @@ spec: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: x76dev-ingress + name: x76dev namespace: websites spec: rules: @@ -47,6 +47,6 @@ spec: pathType: Prefix backend: service: - name: x76dev-service + name: x76dev port: number: 80 diff --git a/flux/olympus/apps/websites/kustomization.yaml b/flux/olympus/apps/websites/kustomization.yaml index a9d1c538..d3df4526 100644 --- a/flux/olympus/apps/websites/kustomization.yaml +++ b/flux/olympus/apps/websites/kustomization.yaml @@ -6,3 +6,4 @@ resources: - 0x76.yaml - internal.yaml - blog.yaml + - xirion.yaml diff --git a/flux/olympus/apps/websites/xirion.yaml b/flux/olympus/apps/websites/xirion.yaml new file mode 100644 index 00000000..e7e311f1 --- /dev/null +++ b/flux/olympus/apps/websites/xirion.yaml @@ -0,0 +1,52 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: xirion + namespace: websites + labels: + app: xirion +spec: + replicas: 1 + selector: + matchLabels: + app: xirion + template: + metadata: + labels: + app: xirion + spec: + containers: + - name: xirion + image: git.0x76.dev/v/xirion.net:2 + ports: + - containerPort: 80 +--- +apiVersion: v1 +kind: Service +metadata: + name: xirion + namespace: websites +spec: + selector: + app: xirion + ports: + - protocol: TCP + port: 80 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: xirion + namespace: websites +spec: + rules: + - host: "xirion.net" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: xirion + port: + number: 80 -- 2.47.1 From 6ca5a4eb40e4a770e492898c0e7de9e401ac02d1 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 4 Feb 2023 16:40:01 +0100 Subject: [PATCH 0796/1882] add regexmanager for docker inside of nix --- flake.nix | 41 ++++--- .../apps/services/renovate/config.yaml | 111 ++++++++++-------- nixos/hosts/hades/overseerr/configuration.nix | 3 +- 3 files changed, 80 insertions(+), 75 deletions(-) diff --git a/flake.nix b/flake.nix index 50a8b20a..185826d1 100644 --- a/flake.nix +++ b/flake.nix @@ -109,30 +109,29 @@ default = colmena.packages.${system}.colmena; - iso = nixos-generators.nixosGenerate { - inherit system pkgs; - format = "iso"; - modules = [ (import ./nixos/templates/iso.nix) ]; - }; + # iso = nixos-generators.nixosGenerate { + # inherit system pkgs; + # format = "iso"; + # modules = [ (import ./nixos/templates/iso.nix) ]; + # }; - iso-graphical = nixos-generators.nixosGenerate { - inherit system pkgs; - format = "iso"; - modules = [ (import ./nixos/templates/iso-graphical.nix) ]; - }; + # iso-graphical = nixos-generators.nixosGenerate { + # inherit system pkgs; + # format = "iso"; + # modules = [ (import ./nixos/templates/iso-graphical.nix) ]; + # }; - proxmox-lxc = nixos-generators.nixosGenerate { - inherit pkgs; - format = "proxmox-lxc"; - modules = [ (import ./nixos/templates/proxmox-lxc.nix) ]; - }; + # proxmox-lxc = nixos-generators.nixosGenerate { + # inherit pkgs; + # format = "proxmox-lxc"; + # modules = [ (import ./nixos/templates/proxmox-lxc.nix) ]; + # }; - # Currently broken as it assumes `local-lvm` exists - proxmox-vm = nixos-generators.nixosGenerate { - inherit system pkgs; - format = "proxmox"; - modules = [ (import ./nixos/templates/proxmox-vm.nix) ]; - }; + # proxmox-vm = nixos-generators.nixosGenerate { + # inherit system pkgs; + # format = "proxmox"; + # modules = [ (import ./nixos/templates/proxmox-vm.nix) ]; + # }; }; # Use by running `nix develop` diff --git a/flux/olympus/apps/services/renovate/config.yaml b/flux/olympus/apps/services/renovate/config.yaml index a7d49df7..80942336 100644 --- a/flux/olympus/apps/services/renovate/config.yaml +++ b/flux/olympus/apps/services/renovate/config.yaml @@ -1,58 +1,65 @@ apiVersion: v1 kind: ConfigMap metadata: - name: renovate - namespace: services + name: renovate + namespace: services data: - config.js: |- - module.exports = { - "binarySource": "install", - "repositories": ["v/infrastructure"], - "flux": { - "fileMatch": ["flux/.+\\.ya?ml$"] - }, - "helm-values": { - "fileMatch": ["flux/.+\\.ya?ml$"] - }, - "kubernetes": { - "fileMatch": ["flux/.+\\.ya?ml$"] - }, - "nix": { - "enabled": true - }, - "lockFileMaintenance": { - "enabled": true, - "automerge": true, - "automergeType": "branch", - "schedule": ["weekly"], - }, - "hostRules": [ - { - "hostType": "docker", - "matchHost": "ghcr.io", - "username": "NULLx76", - "password": process.env.GITHUB_COM_TOKEN - } - ], - "packageRules": [ - { - "automerge": true, - "automergeType": "branch", - "matchPackageNames": [ - "renovate/renovate" + config.js: |- + module.exports = { + "binarySource": "install", + "repositories": ["v/infrastructure"], + "flux": { + "fileMatch": ["flux/.+\\.ya?ml$"] + }, + "helm-values": { + "fileMatch": ["flux/.+\\.ya?ml$"] + }, + "kubernetes": { + "fileMatch": ["flux/.+\\.ya?ml$"] + }, + "nix": { + "enabled": true + }, + "lockFileMaintenance": { + "enabled": true, + "automerge": true, + "automergeType": "branch", + "schedule": ["weekly"], + }, + "hostRules": [ + { + "hostType": "docker", + "matchHost": "ghcr.io", + "username": "NULLx76", + "password": process.env.GITHUB_COM_TOKEN + } ], - "matchPackagePrefixes": [ - "git.0x76.dev" + "packageRules": [ + { + "automerge": true, + "automergeType": "branch", + "matchPackageNames": [ + "renovate/renovate" + ], + "matchPackagePrefixes": [ + "git.0x76.dev" + ] + } + ], + // ignore individual fluxcd images + "ignoreDeps": [ + "ghcr.io/fluxcd/helm-controller", + "ghcr.io/fluxcd/image-automation-controller", + "ghcr.io/fluxcd/image-reflector-controller", + "ghcr.io/fluxcd/kustomize-controller", + "ghcr.io/fluxcd/notification-controller", + "ghcr.io/fluxcd/source-controller" + ], + "regexManagers": [ + { + "fileMatch": [".+\\.nix"], + "matchStrings": ["image\\s*=\\s*"(?.*?):(?.*?)"\\s*;\\s*"], + "datasourceTemplate": "docker" + } ] - } - ], - // ignore individual fluxcd images - "ignoreDeps": [ - "ghcr.io/fluxcd/helm-controller", - "ghcr.io/fluxcd/image-automation-controller", - "ghcr.io/fluxcd/image-reflector-controller", - "ghcr.io/fluxcd/kustomize-controller", - "ghcr.io/fluxcd/notification-controller", - "ghcr.io/fluxcd/source-controller" - ] - }; + }; diff --git a/nixos/hosts/hades/overseerr/configuration.nix b/nixos/hosts/hades/overseerr/configuration.nix index 80048107..d192b2ea 100644 --- a/nixos/hosts/hades/overseerr/configuration.nix +++ b/nixos/hosts/hades/overseerr/configuration.nix @@ -26,8 +26,7 @@ backend = "podman"; containers = { overseerr = { - # TODO: Add regex so that renovate catches this - image = "ghcr.io/sct/overseerr:1.32.5"; + image = "ghcr.io/sct/overseerr:1.32.4"; environment = { # LOG_LEVEL = "debug"; TZ = "Europe/Amsterdam"; -- 2.47.1 From 58cfc050e05b14bbe384c8d9f39b4e03eb85c223 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 4 Feb 2023 16:43:58 +0100 Subject: [PATCH 0797/1882] fix quotes --- flux/olympus/apps/services/renovate/config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/config.yaml b/flux/olympus/apps/services/renovate/config.yaml index 80942336..8adc6f08 100644 --- a/flux/olympus/apps/services/renovate/config.yaml +++ b/flux/olympus/apps/services/renovate/config.yaml @@ -58,7 +58,7 @@ data: "regexManagers": [ { "fileMatch": [".+\\.nix"], - "matchStrings": ["image\\s*=\\s*"(?.*?):(?.*?)"\\s*;\\s*"], + "matchStrings": ["image\\s*=\\s*\"(?.*?):(?.*?)\"\\s*;\\s*"], "datasourceTemplate": "docker" } ] -- 2.47.1 From 62404f473ed81b9bc50299dd45fc82d4cb898743 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 4 Feb 2023 16:58:14 +0100 Subject: [PATCH 0798/1882] auto merge minor and patch --- flux/olympus/apps/services/renovate/config.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/flux/olympus/apps/services/renovate/config.yaml b/flux/olympus/apps/services/renovate/config.yaml index 8adc6f08..49b24cd1 100644 --- a/flux/olympus/apps/services/renovate/config.yaml +++ b/flux/olympus/apps/services/renovate/config.yaml @@ -38,6 +38,7 @@ data: { "automerge": true, "automergeType": "branch", + "matchUpdateTypes": ["minor", "patch", "pin", "digest"], "matchPackageNames": [ "renovate/renovate" ], -- 2.47.1 From 39061e378dbf8733a0ea224eed30fca23c6fd9e5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 4 Feb 2023 16:00:26 +0000 Subject: [PATCH 0799/1882] chore(deps): update renovate/renovate docker tag to v34.123.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 083222e1..5ac48b31 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.122.1 + image: renovate/renovate:34.123.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 16eed7b25ddb4a4b34138842e5f57ff10d8b1389 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 4 Feb 2023 20:00:22 +0000 Subject: [PATCH 0800/1882] chore(deps): update renovate/renovate docker tag to v34.124.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 5ac48b31..6e41959f 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.123.0 + image: renovate/renovate:34.124.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 9cb1c21da85929c0dfbbcbf0d402e19cb0ba4a21 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 5 Feb 2023 06:00:22 +0000 Subject: [PATCH 0801/1882] chore(deps): update renovate/renovate docker tag to v34.124.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 6e41959f..d6390ba7 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.124.1 + image: renovate/renovate:34.124.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 0743f899df1e1c44898df0a500ae0f6eae5d41d5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 5 Feb 2023 10:02:22 +0000 Subject: [PATCH 0802/1882] chore(deps): lock file maintenance --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 8ecf37a8..f1eabda9 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675465995, - "narHash": "sha256-7IkfY+Oe46WWWVAli+IzR2uvgByPffGZGyoM5gty+Ps=", + "lastModified": 1675524123, + "narHash": "sha256-PcC5DqF2+P2kOewPCg9KM1S/+aS2msrs8ofeJWB68GU=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "bd2245d642f700ac736cd8349352917ef5340dbc", + "rev": "760b37f71d200643d3e267472e5cc290d38d1a53", "type": "github" }, "original": { @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1675410244, - "narHash": "sha256-ODj6egMoH/HgAF/0wIy0EfRBeUx5FMuLl6uAdUW3kCI=", + "lastModified": 1675512093, + "narHash": "sha256-u1CY4feK14B57E6T+0Bhkuoj8dpBxCPrWO+SP87UVP8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f7543a7539a007e9562e4d8d24e17a4bcf369b68", + "rev": "8e8240194eda25b61449f29bb5131e02b28a5486", "type": "github" }, "original": { @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675446098, - "narHash": "sha256-xB4doWLd849LKDKqYnTdmteX5TVEfZIH6WiGvj8wMi4=", + "lastModified": 1675578535, + "narHash": "sha256-lSdX9xqbvANqgldU5p9y/DVxZG/yaW3OZSvdu63NL9Y=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a59fe7abba1be9e515e7333005ff8a36f86876b2", + "rev": "7590fa36d81157f431bf2c6f58625339912ea819", "type": "github" }, "original": { @@ -911,11 +911,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1675361076, - "narHash": "sha256-yyKunCVk4wLr9vGqd9n2BeWq9pJOXG4WBjFE0M++5aU=", + "lastModified": 1675522506, + "narHash": "sha256-EtjeHqBVvUVJ43nGiYjPgqL4E6qzgBh+qkmoOJ+IZ5A=", "owner": "pta2002", "repo": "nixvim", - "rev": "548c76ee320a00866ecad0c0775039e8d640586c", + "rev": "8d41514bbef2b5ee213c22c70b39e8c976d6200a", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675476263, - "narHash": "sha256-uAthSMn3kDYk5nUUV2j0WD78yV8canKTO/U9NYEaoEk=", + "lastModified": 1675575944, + "narHash": "sha256-f6pVHr3hHQkIh59/Pi4cFwWCkxKHoDindBnNGW4YHpA=", "owner": "nix-community", "repo": "NUR", - "rev": "f0c98fda72fb603a90e1c3dd5065ec8280494a39", + "rev": "cc2a91cb6cd9688c6895029b328c4183cb72ecf6", "type": "github" }, "original": { -- 2.47.1 From fd958386758ed0f5c8ba248177ca7d1ee0c0284a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 4 Feb 2023 15:45:54 +0000 Subject: [PATCH 0803/1882] chore(deps): update ghcr.io/sct/overseerr docker tag to v1.32.5 --- nixos/hosts/hades/overseerr/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/overseerr/configuration.nix b/nixos/hosts/hades/overseerr/configuration.nix index d192b2ea..6810d75f 100644 --- a/nixos/hosts/hades/overseerr/configuration.nix +++ b/nixos/hosts/hades/overseerr/configuration.nix @@ -26,7 +26,7 @@ backend = "podman"; containers = { overseerr = { - image = "ghcr.io/sct/overseerr:1.32.4"; + image = "ghcr.io/sct/overseerr:1.32.5"; environment = { # LOG_LEVEL = "debug"; TZ = "Europe/Amsterdam"; -- 2.47.1 From 1cad1c7f457ac7a20754b24f235967bef45bc861 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 5 Feb 2023 11:28:52 +0100 Subject: [PATCH 0804/1882] update flaresolverr --- nixos/hosts/hades/prowlarr/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/prowlarr/configuration.nix b/nixos/hosts/hades/prowlarr/configuration.nix index 3dfad833..7e2b8358 100644 --- a/nixos/hosts/hades/prowlarr/configuration.nix +++ b/nixos/hosts/hades/prowlarr/configuration.nix @@ -14,7 +14,7 @@ backend = "podman"; containers = { flaresolverr = { - image = "0x76/flaresolverr:3.0.0.beta2-fixup"; + image = "flaresolverr/flaresolverr:v3.0.0"; ports = [ "8191:8191" ]; -- 2.47.1 From 66e794a76c1b1cc25b016c2eef517bbc2801756c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 5 Feb 2023 10:29:36 +0000 Subject: [PATCH 0805/1882] chore(deps): update flaresolverr/flaresolverr docker tag to v3.0.2 --- nixos/hosts/hades/prowlarr/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/prowlarr/configuration.nix b/nixos/hosts/hades/prowlarr/configuration.nix index 7e2b8358..7608aba7 100644 --- a/nixos/hosts/hades/prowlarr/configuration.nix +++ b/nixos/hosts/hades/prowlarr/configuration.nix @@ -14,7 +14,7 @@ backend = "podman"; containers = { flaresolverr = { - image = "flaresolverr/flaresolverr:v3.0.0"; + image = "flaresolverr/flaresolverr:v3.0.2"; ports = [ "8191:8191" ]; -- 2.47.1 From 2c938770fa3698518f84ce97d666b916cacd184f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 5 Feb 2023 11:00:21 +0000 Subject: [PATCH 0806/1882] chore(deps): update renovate/renovate docker tag to v34.124.3 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index d6390ba7..3a15f86e 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.124.2 + image: renovate/renovate:34.124.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 4cea208019a6ebf19f8c1ac326452d59caf0a172 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 5 Feb 2023 12:02:18 +0000 Subject: [PATCH 0807/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index f1eabda9..b4ab5275 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1675462931, - "narHash": "sha256-JiOUSERBtA1lN/s9YTKGZoZ3XUicHDwr+C8swaPSh3M=", + "lastModified": 1675595366, + "narHash": "sha256-WoQkwaaoZqrhWpIrMxA+2j8CgxgyvjHzCyEZAQu06rQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "e2c1756e3ae001ca8696912016dd31cb1503ccf3", + "rev": "9621e9ab80a038cd11c7cfcae4df46a59d62b16a", "type": "github" }, "original": { @@ -489,11 +489,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1675010546, - "narHash": "sha256-mx2WkCa2yUaZakioiLY7dHrU0fZS2szlqghbDbc34RE=", + "lastModified": 1675595446, + "narHash": "sha256-Xja7IC1EACtvZMkxJ2HKdvqsT7Zt7rTOYXefsMQWEaQ=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "0c2386861afbb10c8c5eb6de868fa2a519df2907", + "rev": "3e7ba8500f966f6985714326d8371377a563a0cf", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675575944, - "narHash": "sha256-f6pVHr3hHQkIh59/Pi4cFwWCkxKHoDindBnNGW4YHpA=", + "lastModified": 1675596041, + "narHash": "sha256-JLkALU22kbLla6Uq6aLDUIiZAqcPwURH2czlAEQHKbc=", "owner": "nix-community", "repo": "NUR", - "rev": "cc2a91cb6cd9688c6895029b328c4183cb72ecf6", + "rev": "2dd9a5ed773cbb884c659a2fa9ffc9ae74c996a9", "type": "github" }, "original": { -- 2.47.1 From c4e4b617c1a7d81b52c568d43439e0407a5feb6b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 5 Feb 2023 13:04:54 +0000 Subject: [PATCH 0808/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b4ab5275..4fcaf9f4 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675596041, - "narHash": "sha256-JLkALU22kbLla6Uq6aLDUIiZAqcPwURH2czlAEQHKbc=", + "lastModified": 1675601947, + "narHash": "sha256-7XGfMkBOCIP9Vc6kCqXfaCYBxTsOnZHLEPveum4k3DE=", "owner": "nix-community", "repo": "NUR", - "rev": "2dd9a5ed773cbb884c659a2fa9ffc9ae74c996a9", + "rev": "e989a316e71c98ebac6a3ef7a110e8fec2622a91", "type": "github" }, "original": { -- 2.47.1 From 64f41cb5c1da2208f63420e4c315258fdbdbf217 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 5 Feb 2023 15:01:38 +0000 Subject: [PATCH 0809/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 4fcaf9f4..1bc142d8 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675524123, - "narHash": "sha256-PcC5DqF2+P2kOewPCg9KM1S/+aS2msrs8ofeJWB68GU=", + "lastModified": 1675606643, + "narHash": "sha256-kzM9G1rkP5rZCuEm4JqXmDOndBvilCA4yQJvZFqSq0w=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "760b37f71d200643d3e267472e5cc290d38d1a53", + "rev": "53945cff3184cfdff3ed978e072b4ed65e3b2ec5", "type": "github" }, "original": { -- 2.47.1 From 8b6b500b656289fb315798257317bceaa9467aa3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 5 Feb 2023 17:01:42 +0000 Subject: [PATCH 0810/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1bc142d8..2e0414f6 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675601947, - "narHash": "sha256-7XGfMkBOCIP9Vc6kCqXfaCYBxTsOnZHLEPveum4k3DE=", + "lastModified": 1675615704, + "narHash": "sha256-2jAEyl0GOiEYGn+8zTff5a0kP62I3Ov1zZ5VLOC3O3Y=", "owner": "nix-community", "repo": "NUR", - "rev": "e989a316e71c98ebac6a3ef7a110e8fec2622a91", + "rev": "5f23049682d27a942b1589d6f4d6badec9a980bc", "type": "github" }, "original": { -- 2.47.1 From f2c3bfb3babfe08f65a60ba56f6cee7a7d7d1f5c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 5 Feb 2023 18:02:25 +0000 Subject: [PATCH 0811/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 2e0414f6..2b20fe93 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675578535, - "narHash": "sha256-lSdX9xqbvANqgldU5p9y/DVxZG/yaW3OZSvdu63NL9Y=", + "lastModified": 1675609504, + "narHash": "sha256-/IEsUiMmKKEirACN6okbcedfesf5vPq0Qq0jiBGImLA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7590fa36d81157f431bf2c6f58625339912ea819", + "rev": "977c06339c40c917e31478e91eece8195cf59b4b", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675615704, - "narHash": "sha256-2jAEyl0GOiEYGn+8zTff5a0kP62I3Ov1zZ5VLOC3O3Y=", + "lastModified": 1675619121, + "narHash": "sha256-bTY45nvkrWFvDti5CROWG9uRSr2RavO3mSB32T8P9y4=", "owner": "nix-community", "repo": "NUR", - "rev": "5f23049682d27a942b1589d6f4d6badec9a980bc", + "rev": "a0aeaa6c72d38e81767dce7d11a84561b7e56126", "type": "github" }, "original": { -- 2.47.1 From ef50c8a00e4ef69822acda6d47eed72a281ef785 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 5 Feb 2023 19:01:46 +0000 Subject: [PATCH 0812/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 2b20fe93..01739bbc 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675619121, - "narHash": "sha256-bTY45nvkrWFvDti5CROWG9uRSr2RavO3mSB32T8P9y4=", + "lastModified": 1675622679, + "narHash": "sha256-yLeWnUZ+g+GmCaw+J1oS2bmlv99BqNik2tX7IJetSVo=", "owner": "nix-community", "repo": "NUR", - "rev": "a0aeaa6c72d38e81767dce7d11a84561b7e56126", + "rev": "73e7c3f9557877c3173cd31126454df7b882b39d", "type": "github" }, "original": { -- 2.47.1 From 244b01ea8da297caafa1be0edecbe26cc2a78055 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 5 Feb 2023 22:01:31 +0000 Subject: [PATCH 0813/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 01739bbc..59d77498 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675622679, - "narHash": "sha256-yLeWnUZ+g+GmCaw+J1oS2bmlv99BqNik2tX7IJetSVo=", + "lastModified": 1675633545, + "narHash": "sha256-mucibmadP2AvmFiYLMNtP7/4Damm5s+pPPTVoghbTxo=", "owner": "nix-community", "repo": "NUR", - "rev": "73e7c3f9557877c3173cd31126454df7b882b39d", + "rev": "2274552055feccfed6f5e93fec105b683261e484", "type": "github" }, "original": { -- 2.47.1 From 04e7e4e74d90fdab4a47b23e951e5938227421de Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 5 Feb 2023 23:04:17 +0000 Subject: [PATCH 0814/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 59d77498..1d23ddaf 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675606643, - "narHash": "sha256-kzM9G1rkP5rZCuEm4JqXmDOndBvilCA4yQJvZFqSq0w=", + "lastModified": 1675637593, + "narHash": "sha256-K40Dr48O+uHEQjreA6gWm3hqNHvfmVhZDjhIrHfavA8=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "53945cff3184cfdff3ed978e072b4ed65e3b2ec5", + "rev": "4a5c3c4861fb503c7ecb6dcfc86aeb547aa3fb7f", "type": "github" }, "original": { @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1675512093, - "narHash": "sha256-u1CY4feK14B57E6T+0Bhkuoj8dpBxCPrWO+SP87UVP8=", + "lastModified": 1675600654, + "narHash": "sha256-ipsDTkzRq1CAl2g5tYd7ugjVMSKF6KLh9F+5Kso0lT0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8e8240194eda25b61449f29bb5131e02b28a5486", + "rev": "cff83d5032a21aad4f69bf284e95b5f564f4a54e", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675633545, - "narHash": "sha256-mucibmadP2AvmFiYLMNtP7/4Damm5s+pPPTVoghbTxo=", + "lastModified": 1675637118, + "narHash": "sha256-n8nFKQ2a3bboj9KfmfOIoGeL5brViJcvpr5s3Jbdi8Q=", "owner": "nix-community", "repo": "NUR", - "rev": "2274552055feccfed6f5e93fec105b683261e484", + "rev": "f5959c49540becedb9c5103195c3145a11751070", "type": "github" }, "original": { -- 2.47.1 From f72ab37da542a106e5ed10e20a67835c16099b7b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Feb 2023 03:01:45 +0000 Subject: [PATCH 0815/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1d23ddaf..9f0b768f 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675637118, - "narHash": "sha256-n8nFKQ2a3bboj9KfmfOIoGeL5brViJcvpr5s3Jbdi8Q=", + "lastModified": 1675649123, + "narHash": "sha256-hRdDMAGmGrE//8Urfuab0ptqAhyWmtB/E4wGrJbaD9Y=", "owner": "nix-community", "repo": "NUR", - "rev": "f5959c49540becedb9c5103195c3145a11751070", + "rev": "e118d4b28b30c04d5f9c97785be4b6e4160319f1", "type": "github" }, "original": { -- 2.47.1 From 4ef7e67a2ef103bf685d4fc7d0ffc15c2f56b030 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Feb 2023 04:02:00 +0000 Subject: [PATCH 0816/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 9f0b768f..65a62e54 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675649123, - "narHash": "sha256-hRdDMAGmGrE//8Urfuab0ptqAhyWmtB/E4wGrJbaD9Y=", + "lastModified": 1675655067, + "narHash": "sha256-WX6z8I0uKCTjbXhoxVyPvT0owJ6xItAwSFyRlM/FMUM=", "owner": "nix-community", "repo": "NUR", - "rev": "e118d4b28b30c04d5f9c97785be4b6e4160319f1", + "rev": "e92d44a0894637f9a392ed03c77792d7f8b5030e", "type": "github" }, "original": { -- 2.47.1 From f63b96a855887160d2b3a2f0a39b58342b3503ff Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Feb 2023 05:01:55 +0000 Subject: [PATCH 0817/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 65a62e54..18efc76f 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675655067, - "narHash": "sha256-WX6z8I0uKCTjbXhoxVyPvT0owJ6xItAwSFyRlM/FMUM=", + "lastModified": 1675656597, + "narHash": "sha256-9ZbdF9+4/k9kgqcapxNoIrtrTB9Yygq39Bs4XmbsG0k=", "owner": "nix-community", "repo": "NUR", - "rev": "e92d44a0894637f9a392ed03c77792d7f8b5030e", + "rev": "20155f5388ca02eef6fd58450bc016aba0243c63", "type": "github" }, "original": { -- 2.47.1 From 2ff7cc31a5accd4a6b73bcd162f05f4ddd6e40d8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Feb 2023 06:00:33 +0000 Subject: [PATCH 0818/1882] chore(deps): update renovate/renovate docker tag to v34.124.4 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 3a15f86e..54e707c2 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.124.3 + image: renovate/renovate:34.124.4 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 0b9b7fd772799ec294517d4d1376434a0cf433fc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Feb 2023 07:01:59 +0000 Subject: [PATCH 0819/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 18efc76f..bed654f9 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675656597, - "narHash": "sha256-9ZbdF9+4/k9kgqcapxNoIrtrTB9Yygq39Bs4XmbsG0k=", + "lastModified": 1675662331, + "narHash": "sha256-lM5VQ+wcSSoom5ErG02Z4powVb9cycbikwR01Ui02qw=", "owner": "nix-community", "repo": "NUR", - "rev": "20155f5388ca02eef6fd58450bc016aba0243c63", + "rev": "25b2e89ce39e5d2da0349bda386c0aeb16b6782b", "type": "github" }, "original": { -- 2.47.1 From 02db4475f44e9d54929e8249f50cbceb31a52cb5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Feb 2023 08:05:33 +0000 Subject: [PATCH 0820/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index bed654f9..ed507451 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1675595366, - "narHash": "sha256-WoQkwaaoZqrhWpIrMxA+2j8CgxgyvjHzCyEZAQu06rQ=", + "lastModified": 1675637696, + "narHash": "sha256-tilJS8zCS3PaDfVOfsBZ4zspuam8tc7IMZxtGa/K/uo=", "owner": "nix-community", "repo": "home-manager", - "rev": "9621e9ab80a038cd11c7cfcae4df46a59d62b16a", + "rev": "c43d4a3d6d9ef8ddbe2438362f5c775b4186000b", "type": "github" }, "original": { -- 2.47.1 From 7975ed0eb7cfa39008ea37c52a5ed6a094eaf6bb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Feb 2023 09:00:34 +0000 Subject: [PATCH 0821/1882] chore(deps): update renovate/renovate docker tag to v34.124.5 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 54e707c2..94762dd9 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.124.4 + image: renovate/renovate:34.124.5 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 79e542f299cc4613d8d99a436e9e56d8ee8ceae0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Feb 2023 12:01:36 +0000 Subject: [PATCH 0822/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index ed507451..661b3c0c 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675609504, - "narHash": "sha256-/IEsUiMmKKEirACN6okbcedfesf5vPq0Qq0jiBGImLA=", + "lastModified": 1675664760, + "narHash": "sha256-HhVZYZDDx6PRAyOfc6PizzOKbS0ASUMkD17A/oQ1Pgw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "977c06339c40c917e31478e91eece8195cf59b4b", + "rev": "8030c64577a7973d07537e2bb446c14ccedaa14c", "type": "github" }, "original": { -- 2.47.1 From 5cd3bcb5b39b8de232a3a7b570f7a79c2818b39a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Feb 2023 14:01:37 +0000 Subject: [PATCH 0823/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 661b3c0c..6b930035 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675637593, - "narHash": "sha256-K40Dr48O+uHEQjreA6gWm3hqNHvfmVhZDjhIrHfavA8=", + "lastModified": 1675689419, + "narHash": "sha256-UyCVZVhkZiisMPjfDTAzQIe0YpIkN1Gic97bie3Kf0A=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "4a5c3c4861fb503c7ecb6dcfc86aeb547aa3fb7f", + "rev": "863812a0979646fbc1a51b6593fa25fbad77a7be", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675662331, - "narHash": "sha256-lM5VQ+wcSSoom5ErG02Z4powVb9cycbikwR01Ui02qw=", + "lastModified": 1675691380, + "narHash": "sha256-NsJFadM7mCcgwrL9i+SDd7/m1ujtPzlLdh7ux1gWv1Q=", "owner": "nix-community", "repo": "NUR", - "rev": "25b2e89ce39e5d2da0349bda386c0aeb16b6782b", + "rev": "a59a061ff4cd533048c540ce123336890a6d37ba", "type": "github" }, "original": { -- 2.47.1 From db79c6deba985636e838b47b920b5c7da19bf1e0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Feb 2023 15:02:00 +0000 Subject: [PATCH 0824/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 6b930035..f1cfdc26 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675691380, - "narHash": "sha256-NsJFadM7mCcgwrL9i+SDd7/m1ujtPzlLdh7ux1gWv1Q=", + "lastModified": 1675694740, + "narHash": "sha256-2Z+xOpoyPiwFAswvbaF2CthOSwfk5xQPo/RPUpqUGIU=", "owner": "nix-community", "repo": "NUR", - "rev": "a59a061ff4cd533048c540ce123336890a6d37ba", + "rev": "60eddbce6e4c210bb7de147f33e35f4c5c89273e", "type": "github" }, "original": { -- 2.47.1 From 371a11d22ba98b7844bdfb188b876d036e33f9a7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Feb 2023 16:02:03 +0000 Subject: [PATCH 0825/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index f1cfdc26..e4d477ce 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675694740, - "narHash": "sha256-2Z+xOpoyPiwFAswvbaF2CthOSwfk5xQPo/RPUpqUGIU=", + "lastModified": 1675698287, + "narHash": "sha256-YvtoiSaB1cQPRI3R6xgmHErS2cWS1E21CMYuEW7EQaQ=", "owner": "nix-community", "repo": "NUR", - "rev": "60eddbce6e4c210bb7de147f33e35f4c5c89273e", + "rev": "333fc42800261343d45a0a16fc72bcbec6672dd1", "type": "github" }, "original": { -- 2.47.1 From c3af8313a0dab190903ca6d95f42a1fd9a96fa56 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Feb 2023 17:00:37 +0000 Subject: [PATCH 0826/1882] chore(deps): update renovate/renovate docker tag to v34.125.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 94762dd9..c63b69da 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.124.5 + image: renovate/renovate:34.125.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 136c8908064b7c9097db02507a280bf9001078db Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Feb 2023 18:02:10 +0000 Subject: [PATCH 0827/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index e4d477ce..71de641e 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675664760, - "narHash": "sha256-HhVZYZDDx6PRAyOfc6PizzOKbS0ASUMkD17A/oQ1Pgw=", + "lastModified": 1675693243, + "narHash": "sha256-N9vwUXNp31/kkCsjFp3uRyWDQb7tbAPouO1yD7x2FyI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8030c64577a7973d07537e2bb446c14ccedaa14c", + "rev": "75169d683d42ed2f3ccd99c321850f0abda70cb0", "type": "github" }, "original": { @@ -1017,11 +1017,11 @@ "nixpkgs": "nixpkgs_8" }, "locked": { - "lastModified": 1675101795, - "narHash": "sha256-MU/ou/TXaDcxVaX/I9QlRMAfDA5uGNpHiZPj4+GfoR4=", + "lastModified": 1675703665, + "narHash": "sha256-xArDeBZz1acdMXc3HErrSryYC0E2L63I4jldhYCe59w=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "6b7770385461c62086c7bee1eefa3dea0b32e61b", + "rev": "ac68ad607a5689f5ca1fc16444aa113f956d42af", "type": "github" }, "original": { -- 2.47.1 From 2b9715634017ebb3c3fc6b3054bfc29a4d5aede4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Feb 2023 19:02:21 +0000 Subject: [PATCH 0828/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 71de641e..7716289b 100644 --- a/flake.lock +++ b/flake.lock @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1675600654, - "narHash": "sha256-ipsDTkzRq1CAl2g5tYd7ugjVMSKF6KLh9F+5Kso0lT0=", + "lastModified": 1675681488, + "narHash": "sha256-0E/oYpixC+joFk7UrY60TwZcdthzP2BXmJwne3Ni8ZI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "cff83d5032a21aad4f69bf284e95b5f564f4a54e", + "rev": "13fdd3945d8a2da5e4afe35d8a629193a9680911", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675698287, - "narHash": "sha256-YvtoiSaB1cQPRI3R6xgmHErS2cWS1E21CMYuEW7EQaQ=", + "lastModified": 1675707913, + "narHash": "sha256-q1V94RwcXH77Lk0tQzsox42HtAsKygOXZhdNy5HnBYg=", "owner": "nix-community", "repo": "NUR", - "rev": "333fc42800261343d45a0a16fc72bcbec6672dd1", + "rev": "824c203f1d757b3f56aba954262db3366f7c069a", "type": "github" }, "original": { -- 2.47.1 From 6aab4d61d61b23834312902e846a872b6d52d79c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Feb 2023 20:02:28 +0000 Subject: [PATCH 0829/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 7716289b..faad5201 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675707913, - "narHash": "sha256-q1V94RwcXH77Lk0tQzsox42HtAsKygOXZhdNy5HnBYg=", + "lastModified": 1675712704, + "narHash": "sha256-SrX7TxtZgitaMEqrkFWjhLIQDP8K35Up00416pNGjXs=", "owner": "nix-community", "repo": "NUR", - "rev": "824c203f1d757b3f56aba954262db3366f7c069a", + "rev": "d6355001dfde853628d686982d93fcac8f3a47af", "type": "github" }, "original": { -- 2.47.1 From b153e118387d75b069f4049982b4e60048ecb84d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Feb 2023 21:02:10 +0000 Subject: [PATCH 0830/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index faad5201..e933c35a 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675712704, - "narHash": "sha256-SrX7TxtZgitaMEqrkFWjhLIQDP8K35Up00416pNGjXs=", + "lastModified": 1675716313, + "narHash": "sha256-m/foJPAm/M5rsciXtSBLFwuHh12BjIb0lj8R2Z8oOS0=", "owner": "nix-community", "repo": "NUR", - "rev": "d6355001dfde853628d686982d93fcac8f3a47af", + "rev": "c379faee753da143abb7ba78a4b0d0361552daf9", "type": "github" }, "original": { -- 2.47.1 From c6ba0b3eab5fa4a848ea06a4252216f224a7e2b6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Feb 2023 23:01:40 +0000 Subject: [PATCH 0831/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index e933c35a..8abfaaf6 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675716313, - "narHash": "sha256-m/foJPAm/M5rsciXtSBLFwuHh12BjIb0lj8R2Z8oOS0=", + "lastModified": 1675723636, + "narHash": "sha256-HQm2NepeajlLjcZLTMmmaDhoRivFnR4E6fOL+AxM3Ig=", "owner": "nix-community", "repo": "NUR", - "rev": "c379faee753da143abb7ba78a4b0d0361552daf9", + "rev": "a2c6c74542d31eac59fbe617c5ca70d1f8197b4c", "type": "github" }, "original": { -- 2.47.1 From 6f0aff337b18d5df44401a80c198674c434ed6c9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Feb 2023 00:02:01 +0000 Subject: [PATCH 0832/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 8abfaaf6..083bdf65 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675693243, - "narHash": "sha256-N9vwUXNp31/kkCsjFp3uRyWDQb7tbAPouO1yD7x2FyI=", + "lastModified": 1675721850, + "narHash": "sha256-jhMqxoJVoWOuwpNxEH0ooZijDaCYAcg0rAgfZhAKUco=", "owner": "nixos", "repo": "nixpkgs", - "rev": "75169d683d42ed2f3ccd99c321850f0abda70cb0", + "rev": "a46d9dd25b30c21a9f177cce4b89c2a30d8150d5", "type": "github" }, "original": { -- 2.47.1 From fa18852211aaf836eb12ffc7f9a9eb7fc4f8b2ac Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Feb 2023 01:01:54 +0000 Subject: [PATCH 0833/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 083bdf65..d45361df 100644 --- a/flake.lock +++ b/flake.lock @@ -88,11 +88,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1675400331, - "narHash": "sha256-ja0DhWBARzcimqMBhQ+DP7NQoJSlNasqvlj5GiHRYY0=", + "lastModified": 1675730932, + "narHash": "sha256-XcmirehPIcZGS7PzkS3WvAYQ9GBlBvCxYToIOIV2PVE=", "owner": "zhaofengli", "repo": "colmena", - "rev": "31d8240504e91c3ea5c758d92f02f94af3fae6c3", + "rev": "e034c15825c439131e4489de5a82cf8e5398fa61", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675723636, - "narHash": "sha256-HQm2NepeajlLjcZLTMmmaDhoRivFnR4E6fOL+AxM3Ig=", + "lastModified": 1675729540, + "narHash": "sha256-Zwc+tlBEAFp8fW+0uSLrBlLZGxKtP/kKf9TRYMaEzT4=", "owner": "nix-community", "repo": "NUR", - "rev": "a2c6c74542d31eac59fbe617c5ca70d1f8197b4c", + "rev": "7ba7c028915fffb94368c317dc8798f880bf4751", "type": "github" }, "original": { -- 2.47.1 From bee65a81ae450ae5147924bf16d9acd60de5a4d2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Feb 2023 03:01:34 +0000 Subject: [PATCH 0834/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d45361df..6af32bf2 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675729540, - "narHash": "sha256-Zwc+tlBEAFp8fW+0uSLrBlLZGxKtP/kKf9TRYMaEzT4=", + "lastModified": 1675735674, + "narHash": "sha256-0okaObtd7ll0X5SdX25oAXfvncYi5guWnXd/8oWn448=", "owner": "nix-community", "repo": "NUR", - "rev": "7ba7c028915fffb94368c317dc8798f880bf4751", + "rev": "8858815c140bc26d50f6243817c9b13ae1347c92", "type": "github" }, "original": { -- 2.47.1 From 7259a6b5714f9ae8c96dcb0621a346a3744de80d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Feb 2023 04:02:00 +0000 Subject: [PATCH 0835/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 6af32bf2..efb1933f 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675735674, - "narHash": "sha256-0okaObtd7ll0X5SdX25oAXfvncYi5guWnXd/8oWn448=", + "lastModified": 1675740935, + "narHash": "sha256-1vL/IuGZyvjgz2ASLIhcEA+BC1zKFLImzUY9c+rxyRQ=", "owner": "nix-community", "repo": "NUR", - "rev": "8858815c140bc26d50f6243817c9b13ae1347c92", + "rev": "f512a1e85dbd95f1fecae97fbc2d95c90148f7d9", "type": "github" }, "original": { -- 2.47.1 From e3a6e6e43397685214fe2cdb86df9a9a9fad599e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Feb 2023 05:02:22 +0000 Subject: [PATCH 0836/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index efb1933f..fa4a3cdf 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675740935, - "narHash": "sha256-1vL/IuGZyvjgz2ASLIhcEA+BC1zKFLImzUY9c+rxyRQ=", + "lastModified": 1675744906, + "narHash": "sha256-1L46DMzmJDV3dGYFvz70/vLpAjCYLGz/PrsmcJUiPuM=", "owner": "nix-community", "repo": "NUR", - "rev": "f512a1e85dbd95f1fecae97fbc2d95c90148f7d9", + "rev": "4883a93609294c6034224e03985565d58baf7b8e", "type": "github" }, "original": { -- 2.47.1 From 6f55ee09c305631c6b70331e91b20de9bd911d9c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Feb 2023 06:02:07 +0000 Subject: [PATCH 0837/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index fa4a3cdf..4d87d6c6 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675744906, - "narHash": "sha256-1L46DMzmJDV3dGYFvz70/vLpAjCYLGz/PrsmcJUiPuM=", + "lastModified": 1675748672, + "narHash": "sha256-zZ40cbNJuZMC00PNU99A2zxuv7xbMNc9EF5n5JRlt+k=", "owner": "nix-community", "repo": "NUR", - "rev": "4883a93609294c6034224e03985565d58baf7b8e", + "rev": "19be7c1b5c06d36b510311f9c574de8897dbc50e", "type": "github" }, "original": { -- 2.47.1 From 5f689bcbacc36fc80b90aa86b5a398e6e733a1fd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Feb 2023 08:01:36 +0000 Subject: [PATCH 0838/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 4d87d6c6..77a2e2e5 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675721850, - "narHash": "sha256-jhMqxoJVoWOuwpNxEH0ooZijDaCYAcg0rAgfZhAKUco=", + "lastModified": 1675751422, + "narHash": "sha256-OdOpQazG5vLxzIePojpd0x/aYHgo9/BMJJNDpfl5mj4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a46d9dd25b30c21a9f177cce4b89c2a30d8150d5", + "rev": "b6eac37960e801d046f62b80bf4137ed6f689794", "type": "github" }, "original": { -- 2.47.1 From 7b1ee2c087330f36e4d4349909428c397548cac0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Feb 2023 09:01:58 +0000 Subject: [PATCH 0839/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 77a2e2e5..5c9b41fd 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675748672, - "narHash": "sha256-zZ40cbNJuZMC00PNU99A2zxuv7xbMNc9EF5n5JRlt+k=", + "lastModified": 1675758928, + "narHash": "sha256-6QlyKPsgXtjMuKjcDVBCirrL3DQiRBxSPGn5MPA4mBg=", "owner": "nix-community", "repo": "NUR", - "rev": "19be7c1b5c06d36b510311f9c574de8897dbc50e", + "rev": "ea138c5e0a573efe5ed5bf2dd5c64c9cffc7d048", "type": "github" }, "original": { -- 2.47.1 From d5d109acc868a3cde77b7e80f5fe4548fdfa7b0b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Feb 2023 10:01:55 +0000 Subject: [PATCH 0840/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 5c9b41fd..1ec200d9 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675758928, - "narHash": "sha256-6QlyKPsgXtjMuKjcDVBCirrL3DQiRBxSPGn5MPA4mBg=", + "lastModified": 1675762417, + "narHash": "sha256-AZxmakT8tPLyuimIw0g+ZXM0GV7rn3FzGNFhZqPjnKc=", "owner": "nix-community", "repo": "NUR", - "rev": "ea138c5e0a573efe5ed5bf2dd5c64c9cffc7d048", + "rev": "77f1a5bfe756a3a864d4cc24d5c5aa154285d291", "type": "github" }, "original": { -- 2.47.1 From fcfb9188d5cbbf782c4c398c50063dc0608c6ccc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Feb 2023 12:01:39 +0000 Subject: [PATCH 0841/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1ec200d9..b8d6f0b6 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675762417, - "narHash": "sha256-AZxmakT8tPLyuimIw0g+ZXM0GV7rn3FzGNFhZqPjnKc=", + "lastModified": 1675770345, + "narHash": "sha256-KqguWq0/oz83TlpjiAI9nWXA5wMLMjGb8Ra8YucAX0o=", "owner": "nix-community", "repo": "NUR", - "rev": "77f1a5bfe756a3a864d4cc24d5c5aa154285d291", + "rev": "0f53cdf6ba292f1b348332cc7c3a63ab6ea24e01", "type": "github" }, "original": { -- 2.47.1 From ab85cdf55b8e3dc3d17608f605c512c79e8e4b91 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 6 Feb 2023 15:00:23 +0000 Subject: [PATCH 0842/1882] chore(deps): update cachix/install-nix-action action to v19 --- .github/workflows/nixos.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index 7530bbd4..e317ec62 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -23,7 +23,7 @@ jobs: large-packages: true swap-storage: true - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v18 + uses: cachix/install-nix-action@v19 - name: "Install Cachix ❄️" uses: cachix/cachix-action@v12 with: @@ -39,7 +39,7 @@ jobs: - uses: actions/checkout@v3 - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v18 + uses: cachix/install-nix-action@v19 - name: "Install Cachix ❄️" uses: cachix/cachix-action@v12 @@ -56,7 +56,7 @@ jobs: - uses: actions/checkout@v3 - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v18 + uses: cachix/install-nix-action@v19 - name: "Install Cachix ❄️" uses: cachix/cachix-action@v12 @@ -87,7 +87,7 @@ jobs: swap-storage: true - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v18 + uses: cachix/install-nix-action@v19 - name: "Install Cachix ❄️" uses: cachix/cachix-action@v12 with: @@ -118,7 +118,7 @@ jobs: swap-storage: true - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v18 + uses: cachix/install-nix-action@v19 - name: "Install Cachix ❄️" uses: cachix/cachix-action@v12 -- 2.47.1 From e8a2675f95f8a89ed16020d53150dffa8327d7fb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Feb 2023 15:01:47 +0000 Subject: [PATCH 0843/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b8d6f0b6..c9af92e4 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675770345, - "narHash": "sha256-KqguWq0/oz83TlpjiAI9nWXA5wMLMjGb8Ra8YucAX0o=", + "lastModified": 1675775031, + "narHash": "sha256-JnlZV2YSyqtsM6vFO2aMLP5NVpL6e7BF7zz5r3KspBU=", "owner": "nix-community", "repo": "NUR", - "rev": "0f53cdf6ba292f1b348332cc7c3a63ab6ea24e01", + "rev": "adf46119f3cb8f76203575713d617a764fe65928", "type": "github" }, "original": { -- 2.47.1 From de5eb053c384477b633668bcbd10ee0f11824983 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Feb 2023 16:01:54 +0000 Subject: [PATCH 0844/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index c9af92e4..3a6b6b63 100644 --- a/flake.lock +++ b/flake.lock @@ -670,11 +670,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1674550793, - "narHash": "sha256-ljJlIFQZwtBbzWqWTmmw2O5BFmQf1A/DspwMOQtGXHk=", + "lastModified": 1675785029, + "narHash": "sha256-EoD3Wgqc0XWkBCwUrAxCIZett64jN/SEPPpXX2mCmrE=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "b7ac0a56029e4f9e6743b9993037a5aaafd57103", + "rev": "16b6928ec622fd2356a80c0a9359eb350a94227d", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675775031, - "narHash": "sha256-JnlZV2YSyqtsM6vFO2aMLP5NVpL6e7BF7zz5r3KspBU=", + "lastModified": 1675784797, + "narHash": "sha256-EAPzqLPLY6pDxLQyZLOuRLnHjat2xrKnB4rZ8Lxi3KM=", "owner": "nix-community", "repo": "NUR", - "rev": "adf46119f3cb8f76203575713d617a764fe65928", + "rev": "83361829358a902395b736465676fa0e80807329", "type": "github" }, "original": { -- 2.47.1 From 5899ba60d108f3d27a3243c1e32f8b6d380fb3fa Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Feb 2023 17:01:58 +0000 Subject: [PATCH 0845/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 3a6b6b63..22079003 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675751422, - "narHash": "sha256-OdOpQazG5vLxzIePojpd0x/aYHgo9/BMJJNDpfl5mj4=", + "lastModified": 1675779317, + "narHash": "sha256-B6Z0hbff/hudMEx3zci/1UIck4JgjD1xO67dgXiVY6c=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b6eac37960e801d046f62b80bf4137ed6f689794", + "rev": "f30a2734341993614edf1419829c03e2f63e3f4b", "type": "github" }, "original": { -- 2.47.1 From 1d89f1cb366911e4d9a92319c6c6728f27a289db Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Feb 2023 18:02:24 +0000 Subject: [PATCH 0846/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 22079003..d282c5c4 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675784797, - "narHash": "sha256-EAPzqLPLY6pDxLQyZLOuRLnHjat2xrKnB4rZ8Lxi3KM=", + "lastModified": 1675791716, + "narHash": "sha256-RPVeXty0U/cfgt9MXtgKqZxhRvEDzdOKgKiEV691u2c=", "owner": "nix-community", "repo": "NUR", - "rev": "83361829358a902395b736465676fa0e80807329", + "rev": "a03842f8e646c5f49688694ed1f5b0577d25d590", "type": "github" }, "original": { -- 2.47.1 From 3e1bdc51e5308eb546afb1e632c29b61b87fb13d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Feb 2023 21:01:40 +0000 Subject: [PATCH 0847/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d282c5c4..c1cd70de 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1675637696, - "narHash": "sha256-tilJS8zCS3PaDfVOfsBZ4zspuam8tc7IMZxtGa/K/uo=", + "lastModified": 1675802839, + "narHash": "sha256-3R85GWs1xJr9HExuLnTy6uADWJMt1d6rZKKmBBJuCkk=", "owner": "nix-community", "repo": "home-manager", - "rev": "c43d4a3d6d9ef8ddbe2438362f5c775b4186000b", + "rev": "d6b1d426826a437b9da00a1197837e690e4bc8e1", "type": "github" }, "original": { -- 2.47.1 From d94250f3b6d5272cc96bcff8882442f6e9ea788d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Feb 2023 22:00:32 +0000 Subject: [PATCH 0848/1882] chore(deps): update renovate/renovate docker tag to v34.128.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index c63b69da..79e7bb64 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.125.1 + image: renovate/renovate:34.128.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From af9a3151dcc93ab8a34d70b97921a9493d353aac Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Feb 2023 23:01:58 +0000 Subject: [PATCH 0849/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index c1cd70de..6b34e987 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1675802839, - "narHash": "sha256-3R85GWs1xJr9HExuLnTy6uADWJMt1d6rZKKmBBJuCkk=", + "lastModified": 1675808901, + "narHash": "sha256-oi9py+VMJgW+tDmL9vhtltwg7PrLqN5awP5Z2Wp+684=", "owner": "nix-community", "repo": "home-manager", - "rev": "d6b1d426826a437b9da00a1197837e690e4bc8e1", + "rev": "02ac66755701f65bfebf7f3feb73030ae66a4f49", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675791716, - "narHash": "sha256-RPVeXty0U/cfgt9MXtgKqZxhRvEDzdOKgKiEV691u2c=", + "lastModified": 1675809932, + "narHash": "sha256-D5O1lxSrhrACfbgr4PiE1khL4JI2u39/wLw1kBg52zY=", "owner": "nix-community", "repo": "NUR", - "rev": "a03842f8e646c5f49688694ed1f5b0577d25d590", + "rev": "00e75a6dcdb34a01dc5a77f1d22b427fd80f9c89", "type": "github" }, "original": { -- 2.47.1 From 54e2ee31700ceb0a9042a95ce4b61ee4d63347a6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Feb 2023 00:05:13 +0000 Subject: [PATCH 0850/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 6b34e987..0b1eb05d 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1675808901, - "narHash": "sha256-oi9py+VMJgW+tDmL9vhtltwg7PrLqN5awP5Z2Wp+684=", + "lastModified": 1675811720, + "narHash": "sha256-WXWChFo1DAUK+/YkeLwzZQDsH43y7c1JWozRuVNQYg8=", "owner": "nix-community", "repo": "home-manager", - "rev": "02ac66755701f65bfebf7f3feb73030ae66a4f49", + "rev": "6d95d98b6b4876c9ab589327331196b2893581c5", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675809932, - "narHash": "sha256-D5O1lxSrhrACfbgr4PiE1khL4JI2u39/wLw1kBg52zY=", + "lastModified": 1675812476, + "narHash": "sha256-TPa1y3ljjMVIgRlHr7hyoXZr3bP6sJLr9LSDxKU3DWQ=", "owner": "nix-community", "repo": "NUR", - "rev": "00e75a6dcdb34a01dc5a77f1d22b427fd80f9c89", + "rev": "8f76860148b8df4f9a024082e21234b44ae7d386", "type": "github" }, "original": { -- 2.47.1 From 9eea5050799dca41c7affa206352eaf96fb40007 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Feb 2023 03:01:24 +0000 Subject: [PATCH 0851/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 0b1eb05d..589f8d63 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675812476, - "narHash": "sha256-TPa1y3ljjMVIgRlHr7hyoXZr3bP6sJLr9LSDxKU3DWQ=", + "lastModified": 1675822344, + "narHash": "sha256-vCX0TKqhKbGsd9NFdJtaTv22WAY8+UhMi0ml7t/wkU0=", "owner": "nix-community", "repo": "NUR", - "rev": "8f76860148b8df4f9a024082e21234b44ae7d386", + "rev": "45104f315b2b0adfc49c9815dbca88df5cc0c33d", "type": "github" }, "original": { -- 2.47.1 From eb8280800bb2c840a5f9777d074072fcbd93efdf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Feb 2023 04:02:12 +0000 Subject: [PATCH 0852/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 589f8d63..828179e0 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675822344, - "narHash": "sha256-vCX0TKqhKbGsd9NFdJtaTv22WAY8+UhMi0ml7t/wkU0=", + "lastModified": 1675827944, + "narHash": "sha256-Vf5eUkQXqBPCdyi9ZOkndenbv8JNoLbuJlHgTZ3M5c4=", "owner": "nix-community", "repo": "NUR", - "rev": "45104f315b2b0adfc49c9815dbca88df5cc0c33d", + "rev": "e58df6b30984b008d6150b783b781a0cc6d6222d", "type": "github" }, "original": { -- 2.47.1 From 0decfd8d5ecacbeb847cfb5975ae62886be17e4d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Feb 2023 05:01:59 +0000 Subject: [PATCH 0853/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 828179e0..27873587 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675827944, - "narHash": "sha256-Vf5eUkQXqBPCdyi9ZOkndenbv8JNoLbuJlHgTZ3M5c4=", + "lastModified": 1675831408, + "narHash": "sha256-kqOAn0XEr4e742BIMQ96qk37ExkD/rt3fxTG2QvFT8c=", "owner": "nix-community", "repo": "NUR", - "rev": "e58df6b30984b008d6150b783b781a0cc6d6222d", + "rev": "6f73327605df3f240c1ecdd87e2d4a5b3bb0957c", "type": "github" }, "original": { -- 2.47.1 From 664621364dd3999398910a44cc36f191c1cbc684 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Feb 2023 06:02:03 +0000 Subject: [PATCH 0854/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 27873587..dd69314f 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675831408, - "narHash": "sha256-kqOAn0XEr4e742BIMQ96qk37ExkD/rt3fxTG2QvFT8c=", + "lastModified": 1675835183, + "narHash": "sha256-R4QDjSL2BzeQd0DjyaauuCDuscD+5HHvVIx6BiCY4PU=", "owner": "nix-community", "repo": "NUR", - "rev": "6f73327605df3f240c1ecdd87e2d4a5b3bb0957c", + "rev": "83d64b659c274dee6fd19bb881fb25110f416d04", "type": "github" }, "original": { -- 2.47.1 From f30a2ac1444854f80f54162fff07b3a49bc670d8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Feb 2023 08:01:44 +0000 Subject: [PATCH 0855/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index dd69314f..38a2e8d6 100644 --- a/flake.lock +++ b/flake.lock @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1675681488, - "narHash": "sha256-0E/oYpixC+joFk7UrY60TwZcdthzP2BXmJwne3Ni8ZI=", + "lastModified": 1675757258, + "narHash": "sha256-pIRer8vdsoherlRKpzfnHbMZ5TsAcvRlXHCIaHkIUbg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "13fdd3945d8a2da5e4afe35d8a629193a9680911", + "rev": "af96094e9b8eb162d70a84fa3b39f4b7a8b264d2", "type": "github" }, "original": { -- 2.47.1 From 97eb548ef4a2d133a7f7a94cf20176e4c57be8ec Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Feb 2023 10:01:37 +0000 Subject: [PATCH 0856/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 38a2e8d6..dc753abd 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1675811720, - "narHash": "sha256-WXWChFo1DAUK+/YkeLwzZQDsH43y7c1JWozRuVNQYg8=", + "lastModified": 1675850427, + "narHash": "sha256-iRo253KS8vooK5NxtNXiIK4WXpTw16qJS74Cjx6j4LI=", "owner": "nix-community", "repo": "home-manager", - "rev": "6d95d98b6b4876c9ab589327331196b2893581c5", + "rev": "d7a5a28fc30d7576061ccfdd3e8382e7ab56ce19", "type": "github" }, "original": { -- 2.47.1 From e3a1fccf43432898ef72170c7d1bc328991e4638 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Feb 2023 11:02:20 +0000 Subject: [PATCH 0857/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index dc753abd..c6253ec9 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675835183, - "narHash": "sha256-R4QDjSL2BzeQd0DjyaauuCDuscD+5HHvVIx6BiCY4PU=", + "lastModified": 1675851025, + "narHash": "sha256-lrSPO89HFMF8SMEp9FfRwvMmnXi2zp2TQMpcfWSkm5Y=", "owner": "nix-community", "repo": "NUR", - "rev": "83d64b659c274dee6fd19bb881fb25110f416d04", + "rev": "4257e67eacdb2300cdcc291cd20908f5a677f357", "type": "github" }, "original": { -- 2.47.1 From 5c47c749dd4b802ccd796c8e167f92b9838f9f94 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Feb 2023 12:02:10 +0000 Subject: [PATCH 0858/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index c6253ec9..16b8399e 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1675850427, - "narHash": "sha256-iRo253KS8vooK5NxtNXiIK4WXpTw16qJS74Cjx6j4LI=", + "lastModified": 1675855108, + "narHash": "sha256-KSiF7aTXTLlocFjMj+61USedaaiscD1ek6f/anFqr3Q=", "owner": "nix-community", "repo": "home-manager", - "rev": "d7a5a28fc30d7576061ccfdd3e8382e7ab56ce19", + "rev": "e631d78ddfbf808fd1cfc4d79039a1b3acda5bed", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675851025, - "narHash": "sha256-lrSPO89HFMF8SMEp9FfRwvMmnXi2zp2TQMpcfWSkm5Y=", + "lastModified": 1675855897, + "narHash": "sha256-6WZf9KdYIXFCW/iPto26S2zEepDh5N8qBk0VLgQiHD0=", "owner": "nix-community", "repo": "NUR", - "rev": "4257e67eacdb2300cdcc291cd20908f5a677f357", + "rev": "0f2b360a37add7907b059e269633296de27533d2", "type": "github" }, "original": { -- 2.47.1 From 0f596025980758b0abcf74dbe38e547bba66032b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Feb 2023 14:01:42 +0000 Subject: [PATCH 0859/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 16b8399e..ed4c6f30 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675855897, - "narHash": "sha256-6WZf9KdYIXFCW/iPto26S2zEepDh5N8qBk0VLgQiHD0=", + "lastModified": 1675861489, + "narHash": "sha256-zxeMQIONeu3PoInBWNvnlZiX049GLj0TlvDGATvvRJQ=", "owner": "nix-community", "repo": "NUR", - "rev": "0f2b360a37add7907b059e269633296de27533d2", + "rev": "ab01cc5b4afe27f11894684ec8aca3ed3c972fce", "type": "github" }, "original": { -- 2.47.1 From 4b34bf280e143647fc74d167ababfe16c10f8e53 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Feb 2023 15:01:59 +0000 Subject: [PATCH 0860/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index ed4c6f30..fa12907f 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675861489, - "narHash": "sha256-zxeMQIONeu3PoInBWNvnlZiX049GLj0TlvDGATvvRJQ=", + "lastModified": 1675867548, + "narHash": "sha256-ohwhoPKK1Srp8J7QqiGJD0tZhft2R7yze/oKlBB/yE0=", "owner": "nix-community", "repo": "NUR", - "rev": "ab01cc5b4afe27f11894684ec8aca3ed3c972fce", + "rev": "21444b14f5d62279719185f21f1fe4807e1f8931", "type": "github" }, "original": { -- 2.47.1 From 9dfef810e64303e9dd2f969dd96b42ab1282785c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Feb 2023 19:00:23 +0000 Subject: [PATCH 0861/1882] chore(deps): update renovate/renovate docker tag to v34.128.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 79e7bb64..ec94a506 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.128.0 + image: renovate/renovate:34.128.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 88fd60af5d2314e4ff8bab4d72ba4ed5e3261c87 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Feb 2023 20:01:50 +0000 Subject: [PATCH 0862/1882] chore(deps): lock file maintenance --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index fa12907f..b23382b4 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675689419, - "narHash": "sha256-UyCVZVhkZiisMPjfDTAzQIe0YpIkN1Gic97bie3Kf0A=", + "lastModified": 1675869534, + "narHash": "sha256-vUpHX970CJt/+MIeNBZ62Nvoy1rJQCwtv6kHH2w6Nk4=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "863812a0979646fbc1a51b6593fa25fbad77a7be", + "rev": "5eb98c0072b486adfde7e39892207770f6a4621a", "type": "github" }, "original": { @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675779317, - "narHash": "sha256-B6Z0hbff/hudMEx3zci/1UIck4JgjD1xO67dgXiVY6c=", + "lastModified": 1675866582, + "narHash": "sha256-0bucFq/bi5uho1MJEhYTI8Y15dVNyukcUD6XnfkJNfg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f30a2734341993614edf1419829c03e2f63e3f4b", + "rev": "d13b0f290c4969d26decd23415a6d38912a035ae", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675867548, - "narHash": "sha256-ohwhoPKK1Srp8J7QqiGJD0tZhft2R7yze/oKlBB/yE0=", + "lastModified": 1675885562, + "narHash": "sha256-/UeSCyJNXkgtZN1iMGDDGtjRJ/U0G+x/TtNFFVhmeaw=", "owner": "nix-community", "repo": "NUR", - "rev": "21444b14f5d62279719185f21f1fe4807e1f8931", + "rev": "78cb64636d9006a5fa14bd1abaf95fb95d372e62", "type": "github" }, "original": { @@ -1017,11 +1017,11 @@ "nixpkgs": "nixpkgs_8" }, "locked": { - "lastModified": 1675703665, - "narHash": "sha256-xArDeBZz1acdMXc3HErrSryYC0E2L63I4jldhYCe59w=", + "lastModified": 1675881254, + "narHash": "sha256-DaXbbO03+75vCky/ZfTL3hT33pt2/ytKWLXt6zC/xhQ=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "ac68ad607a5689f5ca1fc16444aa113f956d42af", + "rev": "3989314baf9e81f050802e71cfc80555b3258f47", "type": "github" }, "original": { -- 2.47.1 From 9a441189b4fc0035dbfe90e7c9aa5c7dd4418724 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Feb 2023 21:05:10 +0000 Subject: [PATCH 0863/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index b23382b4..65423de5 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1675855108, - "narHash": "sha256-KSiF7aTXTLlocFjMj+61USedaaiscD1ek6f/anFqr3Q=", + "lastModified": 1675888750, + "narHash": "sha256-w3T9UiRN6SaKMYI62+Ic3ka1Tyr9zaBcclhh3e4RCUk=", "owner": "nix-community", "repo": "home-manager", - "rev": "e631d78ddfbf808fd1cfc4d79039a1b3acda5bed", + "rev": "1232d0e13305f462a5a7c29584f50eb232cc4ba0", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675885562, - "narHash": "sha256-/UeSCyJNXkgtZN1iMGDDGtjRJ/U0G+x/TtNFFVhmeaw=", + "lastModified": 1675889104, + "narHash": "sha256-y+dbyqT0fG12Quz+3An9tX7YDp8ECvLUfzL1+kKv17s=", "owner": "nix-community", "repo": "NUR", - "rev": "78cb64636d9006a5fa14bd1abaf95fb95d372e62", + "rev": "25532084181df9ea13551576233ab3e680525d2b", "type": "github" }, "original": { -- 2.47.1 From ff141432e8e49e582354475e56b52526f9afcb4d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Feb 2023 23:01:51 +0000 Subject: [PATCH 0864/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 65423de5..174ba798 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675869534, - "narHash": "sha256-vUpHX970CJt/+MIeNBZ62Nvoy1rJQCwtv6kHH2w6Nk4=", + "lastModified": 1675896866, + "narHash": "sha256-jsLMiTuOlTwkXM7RK4zyNo6Z7VnAE0qer13imaGEIxQ=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "5eb98c0072b486adfde7e39892207770f6a4621a", + "rev": "859d6b9b8a961669c814632bbc7a1a9d94556551", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675889104, - "narHash": "sha256-y+dbyqT0fG12Quz+3An9tX7YDp8ECvLUfzL1+kKv17s=", + "lastModified": 1675896409, + "narHash": "sha256-wbjvE3mDFTAC2Ox8/eNe6rULCVDvnkljRtcA+lSRNfs=", "owner": "nix-community", "repo": "NUR", - "rev": "25532084181df9ea13551576233ab3e680525d2b", + "rev": "8d4fb65c75b81d6126237595405319899d07f23b", "type": "github" }, "original": { -- 2.47.1 From fa29f7745974f3f75ce2f767a3a5d5beef75ec45 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Feb 2023 00:02:07 +0000 Subject: [PATCH 0865/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 174ba798..fa35e752 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675896409, - "narHash": "sha256-wbjvE3mDFTAC2Ox8/eNe6rULCVDvnkljRtcA+lSRNfs=", + "lastModified": 1675899898, + "narHash": "sha256-7ScL3XdFNg6W4wbqZ2ADLCmLNl+Sm7UgEDRQhvCjViU=", "owner": "nix-community", "repo": "NUR", - "rev": "8d4fb65c75b81d6126237595405319899d07f23b", + "rev": "067daef07d6c87939ead3c7100e72bd2bdc7b090", "type": "github" }, "original": { -- 2.47.1 From 0f1396c3f061899c2c0439628c9047b057a7988d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Feb 2023 10:00:22 +0000 Subject: [PATCH 0866/1882] chore(deps): update renovate/renovate docker tag to v34.128.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index ec94a506..42c4ec34 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.128.1 + image: renovate/renovate:34.128.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 8392a266605568db7c15e30cac15f9623b4acd97 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Feb 2023 11:01:51 +0000 Subject: [PATCH 0867/1882] chore(deps): lock file maintenance --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index fa35e752..4769bd28 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1675888750, - "narHash": "sha256-w3T9UiRN6SaKMYI62+Ic3ka1Tyr9zaBcclhh3e4RCUk=", + "lastModified": 1675935446, + "narHash": "sha256-WajulTn7QdwC7QuXRBavrANuIXE5z+08EdxdRw1qsNs=", "owner": "nix-community", "repo": "home-manager", - "rev": "1232d0e13305f462a5a7c29584f50eb232cc4ba0", + "rev": "2dce7f1a55e785a22d61668516df62899278c9e4", "type": "github" }, "original": { @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675896866, - "narHash": "sha256-jsLMiTuOlTwkXM7RK4zyNo6Z7VnAE0qer13imaGEIxQ=", + "lastModified": 1675933046, + "narHash": "sha256-QEqA4nIJ23QByp5yy83E1x3/a8EgorqTnrzfjSCjyaI=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "859d6b9b8a961669c814632bbc7a1a9d94556551", + "rev": "48c86ad863017226503e02ceb2113415beb69c81", "type": "github" }, "original": { @@ -670,11 +670,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1675785029, - "narHash": "sha256-EoD3Wgqc0XWkBCwUrAxCIZett64jN/SEPPpXX2mCmrE=", + "lastModified": 1675933606, + "narHash": "sha256-y427VhPQHOKkYvkc9MMsL/2R7M11rQxzsRdRLM3htx8=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "16b6928ec622fd2356a80c0a9359eb350a94227d", + "rev": "44ae00e02e8036a66c08f4decdece7e3bbbefee2", "type": "github" }, "original": { @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675866582, - "narHash": "sha256-0bucFq/bi5uho1MJEhYTI8Y15dVNyukcUD6XnfkJNfg=", + "lastModified": 1675895753, + "narHash": "sha256-/zO4xXTGFr3ECCeRfS5as90NTpV+AjYg7nABF2araEM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d13b0f290c4969d26decd23415a6d38912a035ae", + "rev": "aa5d1ca2f217b4f05a265958ad0de17c70167cab", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675899898, - "narHash": "sha256-7ScL3XdFNg6W4wbqZ2ADLCmLNl+Sm7UgEDRQhvCjViU=", + "lastModified": 1675935906, + "narHash": "sha256-nTH/kVk54rENPqvOFunJTgBqpLy461AcRVb7NTn7ktM=", "owner": "nix-community", "repo": "NUR", - "rev": "067daef07d6c87939ead3c7100e72bd2bdc7b090", + "rev": "33a469274f2143810ce17701dc205978ff706d1d", "type": "github" }, "original": { -- 2.47.1 From c970de42456b1e9eedb8ca7dd5cfc2e63216b47c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Feb 2023 14:01:30 +0000 Subject: [PATCH 0868/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 4769bd28..fa51327f 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675935906, - "narHash": "sha256-nTH/kVk54rENPqvOFunJTgBqpLy461AcRVb7NTn7ktM=", + "lastModified": 1675950569, + "narHash": "sha256-v6p+D8e7GVcAlVoJGrAqjwjfAglKS9+GzbQFxd8d0Rc=", "owner": "nix-community", "repo": "NUR", - "rev": "33a469274f2143810ce17701dc205978ff706d1d", + "rev": "1ed7701bc2f5c91454027067872037272812e7a3", "type": "github" }, "original": { -- 2.47.1 From 45ca5556cdf10013202b755608bf0bb9238ffa3a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Feb 2023 16:00:23 +0000 Subject: [PATCH 0869/1882] chore(deps): update renovate/renovate docker tag to v34.128.3 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 42c4ec34..e4e31827 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.128.2 + image: renovate/renovate:34.128.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 18b4df734bf8552be36168cfe288bc8da20b34ba Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Feb 2023 17:02:11 +0000 Subject: [PATCH 0870/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index fa51327f..ba7492b9 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675933046, - "narHash": "sha256-QEqA4nIJ23QByp5yy83E1x3/a8EgorqTnrzfjSCjyaI=", + "lastModified": 1675956542, + "narHash": "sha256-WzPWzQxBbSWN0vZoYwtIf7pdprGne2X7ANTgLmYJo8I=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "48c86ad863017226503e02ceb2113415beb69c81", + "rev": "68f56130baeff33707fc44d4fc21c5f334ef7e41", "type": "github" }, "original": { -- 2.47.1 From 50cba4d9e90c154e47d839284d0af6f912bb72b3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Feb 2023 20:01:24 +0000 Subject: [PATCH 0871/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index ba7492b9..6167275b 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675950569, - "narHash": "sha256-v6p+D8e7GVcAlVoJGrAqjwjfAglKS9+GzbQFxd8d0Rc=", + "lastModified": 1675971918, + "narHash": "sha256-lkbfLPuEu6VIgiFfxNCdily6R+3veqH6g6bEHd9Tm2Q=", "owner": "nix-community", "repo": "NUR", - "rev": "1ed7701bc2f5c91454027067872037272812e7a3", + "rev": "d293c8291a4085d4b118b539bb5f69e611d32fd2", "type": "github" }, "original": { -- 2.47.1 From 3ee986c1d94febc26d4af29a3a063a4c28277470 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Feb 2023 01:01:38 +0000 Subject: [PATCH 0872/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 6167275b..e5f8c40c 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675956542, - "narHash": "sha256-WzPWzQxBbSWN0vZoYwtIf7pdprGne2X7ANTgLmYJo8I=", + "lastModified": 1675989781, + "narHash": "sha256-65up7rTBoRjrT7bH5paPbDO4tTqRmNhLgFKXEdZNMjk=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "68f56130baeff33707fc44d4fc21c5f334ef7e41", + "rev": "7b05133af0ce4434aa80642ebb4e1bb8054444a6", "type": "github" }, "original": { -- 2.47.1 From 072e4082d1aabec33d3e167d88c29b948c60782b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Feb 2023 02:01:50 +0000 Subject: [PATCH 0873/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index e5f8c40c..6b6ad9ba 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675895753, - "narHash": "sha256-/zO4xXTGFr3ECCeRfS5as90NTpV+AjYg7nABF2araEM=", + "lastModified": 1675924673, + "narHash": "sha256-u2/hy4YwWLNCcLSwHbOIh6JAK2svr8hscX/7XgvxfqM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "aa5d1ca2f217b4f05a265958ad0de17c70167cab", + "rev": "5f8d2c444ec45b1a37356ef65d9a618618b9213d", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675971918, - "narHash": "sha256-lkbfLPuEu6VIgiFfxNCdily6R+3veqH6g6bEHd9Tm2Q=", + "lastModified": 1675992609, + "narHash": "sha256-LgHmi3uDce3dB4gPwFIy8d+D0jwP9rOF92M2MikraqY=", "owner": "nix-community", "repo": "NUR", - "rev": "d293c8291a4085d4b118b539bb5f69e611d32fd2", + "rev": "6b616dbc402a05b9cd385e4f2d4454ad9f0a769e", "type": "github" }, "original": { -- 2.47.1 From 88d6871ec0f484152dbb658d7d5d8b4e97e96a4e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Feb 2023 03:01:54 +0000 Subject: [PATCH 0874/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 6b6ad9ba..0e02173b 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675924673, - "narHash": "sha256-u2/hy4YwWLNCcLSwHbOIh6JAK2svr8hscX/7XgvxfqM=", + "lastModified": 1675952716, + "narHash": "sha256-6BIIFbkslEsupKGHjxxZb0ymeMQ6wDi0HylhvvtEcSs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5f8d2c444ec45b1a37356ef65d9a618618b9213d", + "rev": "1991c407592877730c8414f128bd7ef8960f7dfe", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675992609, - "narHash": "sha256-LgHmi3uDce3dB4gPwFIy8d+D0jwP9rOF92M2MikraqY=", + "lastModified": 1675995632, + "narHash": "sha256-bt5u4lckHqJwPi/zNgCGq6fmarBs5GpGTvt/Zt7Vs9g=", "owner": "nix-community", "repo": "NUR", - "rev": "6b616dbc402a05b9cd385e4f2d4454ad9f0a769e", + "rev": "5f09d9df7c4c57ffb432c2db3fc1d8471fa964d5", "type": "github" }, "original": { -- 2.47.1 From 45e47d855b564fc3d2da9aebdebac6e56d9e8e28 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Feb 2023 04:02:17 +0000 Subject: [PATCH 0875/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 0e02173b..0298cca3 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675952716, - "narHash": "sha256-6BIIFbkslEsupKGHjxxZb0ymeMQ6wDi0HylhvvtEcSs=", + "lastModified": 1675982352, + "narHash": "sha256-jtx492OH5xAa6V8kwLJ/+uIQDltF0sELjR22exubL88=", "owner": "nixos", "repo": "nixpkgs", - "rev": "1991c407592877730c8414f128bd7ef8960f7dfe", + "rev": "275d807773b07e481b711ec98eb13bb8ea925ad7", "type": "github" }, "original": { -- 2.47.1 From 17efcc21d82de64cf663141c9ebb34447284dcb8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Feb 2023 05:02:09 +0000 Subject: [PATCH 0876/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 0298cca3..c1360512 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1675995632, - "narHash": "sha256-bt5u4lckHqJwPi/zNgCGq6fmarBs5GpGTvt/Zt7Vs9g=", + "lastModified": 1676002260, + "narHash": "sha256-bhluQURxkvZ0BjM8qKh9gjkTBeTUE7fhGXud4ITku7U=", "owner": "nix-community", "repo": "NUR", - "rev": "5f09d9df7c4c57ffb432c2db3fc1d8471fa964d5", + "rev": "7de093dcd10677233f21fca6e8c31d7fb830e5bd", "type": "github" }, "original": { -- 2.47.1 From 6c7a3178986f4a4a8023c5c508d98106848bb3f1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Feb 2023 07:01:32 +0000 Subject: [PATCH 0877/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c1360512..22995a37 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676002260, - "narHash": "sha256-bhluQURxkvZ0BjM8qKh9gjkTBeTUE7fhGXud4ITku7U=", + "lastModified": 1676011760, + "narHash": "sha256-lIX7eGzysyUDn6UJAPKihBG2TBVu0L0cFETD1PMXYOo=", "owner": "nix-community", "repo": "NUR", - "rev": "7de093dcd10677233f21fca6e8c31d7fb830e5bd", + "rev": "5b7978566c3e767c0b533290b7d3edfe630eaec8", "type": "github" }, "original": { -- 2.47.1 From e1ed2aa77b0c80d75dc335aa2e01b3b5a66e88b8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Feb 2023 09:01:37 +0000 Subject: [PATCH 0878/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 22995a37..3874a96a 100644 --- a/flake.lock +++ b/flake.lock @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1675757258, - "narHash": "sha256-pIRer8vdsoherlRKpzfnHbMZ5TsAcvRlXHCIaHkIUbg=", + "lastModified": 1675918889, + "narHash": "sha256-hy7re4F9AEQqwZxubct7jBRos6md26bmxnCjxf5utJA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "af96094e9b8eb162d70a84fa3b39f4b7a8b264d2", + "rev": "49efda9011e8cdcd6c1aad30384cb1dc230c82fe", "type": "github" }, "original": { -- 2.47.1 From 71e10b9362545bfe813b94fd000d36c6f5596c2c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Feb 2023 10:02:05 +0000 Subject: [PATCH 0879/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 3874a96a..46e4659d 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1675982352, - "narHash": "sha256-jtx492OH5xAa6V8kwLJ/+uIQDltF0sELjR22exubL88=", + "lastModified": 1676009904, + "narHash": "sha256-Y2+K5C0XNqY1u4rjbfl45NS7BnKEIlukALAnma5xdJ8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "275d807773b07e481b711ec98eb13bb8ea925ad7", + "rev": "3441ad5188ac3fd7a73b70a20de28b4c4eee4899", "type": "github" }, "original": { -- 2.47.1 From f3b2cae7638037f0ddce6ae93040165654fbfe3f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Feb 2023 13:01:48 +0000 Subject: [PATCH 0880/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 46e4659d..81ab3d5b 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1675989781, - "narHash": "sha256-65up7rTBoRjrT7bH5paPbDO4tTqRmNhLgFKXEdZNMjk=", + "lastModified": 1676033697, + "narHash": "sha256-69qM/WTB/8jv6NtKeEPsAo5GIGcG4HF8FuVLhV9PogE=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "7b05133af0ce4434aa80642ebb4e1bb8054444a6", + "rev": "d1a7f1dd368517854fdcc12a9bdd189578eef435", "type": "github" }, "original": { @@ -489,11 +489,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1675595446, - "narHash": "sha256-Xja7IC1EACtvZMkxJ2HKdvqsT7Zt7rTOYXefsMQWEaQ=", + "lastModified": 1676033584, + "narHash": "sha256-MeF1nR09cUdkCd1KNjzxImwhqsP2cbn/0M6z87fNJAk=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "3e7ba8500f966f6985714326d8371377a563a0cf", + "rev": "44a38bfedc009bcc05eed571e80a397a80075a9f", "type": "github" }, "original": { -- 2.47.1 From 74133ce941ce179a969c1d76064a4ee6a9b1d6c8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Feb 2023 14:01:59 +0000 Subject: [PATCH 0881/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 81ab3d5b..dc9b30a2 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676011760, - "narHash": "sha256-lIX7eGzysyUDn6UJAPKihBG2TBVu0L0cFETD1PMXYOo=", + "lastModified": 1676034352, + "narHash": "sha256-+hbhWkCQ9ELzHzpgT3GtQIH7MrOYRTIPDmsyxW8vgA0=", "owner": "nix-community", "repo": "NUR", - "rev": "5b7978566c3e767c0b533290b7d3edfe630eaec8", + "rev": "0556bc1042ee8bd8ec63257259d13887bab2b6d2", "type": "github" }, "original": { -- 2.47.1 From a89900a64043242413edebca08b5cc2ab8853307 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Feb 2023 15:00:34 +0000 Subject: [PATCH 0882/1882] chore(deps): update renovate/renovate docker tag to v34.129.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index e4e31827..77e80cd8 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.128.3 + image: renovate/renovate:34.129.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 61ecea1baeb0a6e93f5de93eb9ec54211fda65a8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Feb 2023 20:00:22 +0000 Subject: [PATCH 0883/1882] chore(deps): update renovate/renovate docker tag to v34.129.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 77e80cd8..d3a66d2c 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.129.0 + image: renovate/renovate:34.129.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 68759215d72efec3d52bc6e5e3a99de3e1228482 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Feb 2023 21:01:38 +0000 Subject: [PATCH 0884/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index dc9b30a2..c04c7680 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676033697, - "narHash": "sha256-69qM/WTB/8jv6NtKeEPsAo5GIGcG4HF8FuVLhV9PogE=", + "lastModified": 1676056418, + "narHash": "sha256-IhBhQd5T+1c+kN1t5LoqxhZ4EhK8Hfhs21Ckhh+qQgw=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "d1a7f1dd368517854fdcc12a9bdd189578eef435", + "rev": "42f4664022352c6432271916b40d24c40a4bfce1", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676034352, - "narHash": "sha256-+hbhWkCQ9ELzHzpgT3GtQIH7MrOYRTIPDmsyxW8vgA0=", + "lastModified": 1676058291, + "narHash": "sha256-vjzFyspXro2ZzG+cCXSDoNfjTjXkXImRdDZayY/yvEY=", "owner": "nix-community", "repo": "NUR", - "rev": "0556bc1042ee8bd8ec63257259d13887bab2b6d2", + "rev": "610b3d566f0d2b40afbe1b95ae98c1fa5fd3a5eb", "type": "github" }, "original": { -- 2.47.1 From c7c51332dcbcd259818a5b142f22c4da6afc704f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Feb 2023 22:04:59 +0000 Subject: [PATCH 0885/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c04c7680..97ecf353 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676058291, - "narHash": "sha256-vjzFyspXro2ZzG+cCXSDoNfjTjXkXImRdDZayY/yvEY=", + "lastModified": 1676065586, + "narHash": "sha256-Dp554rVK9bUxz152GxhXKcsS4l1jFC0Lkpo7v5YGQ7Q=", "owner": "nix-community", "repo": "NUR", - "rev": "610b3d566f0d2b40afbe1b95ae98c1fa5fd3a5eb", + "rev": "6c21c500e293843baa20abb49d25265c1a66e628", "type": "github" }, "original": { -- 2.47.1 From bec3482af4f5c86f0d581424b4c8cff76b75799b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Feb 2023 23:02:10 +0000 Subject: [PATCH 0886/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 97ecf353..cfb28b97 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676056418, - "narHash": "sha256-IhBhQd5T+1c+kN1t5LoqxhZ4EhK8Hfhs21Ckhh+qQgw=", + "lastModified": 1676066608, + "narHash": "sha256-wUfFD5kZ4+MSX92Zruy/W64m7E5CzORfiVdLOuyJ15o=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "42f4664022352c6432271916b40d24c40a4bfce1", + "rev": "bda8208aaa3d7eb9f14d49691b919f8f2e9f5594", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676065586, - "narHash": "sha256-Dp554rVK9bUxz152GxhXKcsS4l1jFC0Lkpo7v5YGQ7Q=", + "lastModified": 1676069077, + "narHash": "sha256-HXLX921XdhFCnnBK4HLMKxZLn/qBsO+2OB3QfogVEmw=", "owner": "nix-community", "repo": "NUR", - "rev": "6c21c500e293843baa20abb49d25265c1a66e628", + "rev": "c5a4f3ce0d13892cb778b936e72633f045470d62", "type": "github" }, "original": { -- 2.47.1 From d2720c6f6df1c8de77a5cb5861fbc10569c1e1ae Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Feb 2023 00:00:36 +0000 Subject: [PATCH 0887/1882] chore(deps): update renovate/renovate docker tag to v34.130.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index d3a66d2c..76f9569f 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.129.1 + image: renovate/renovate:34.130.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From ed927b145955f365da5296d01c096d99d4ccc724 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Feb 2023 04:01:23 +0000 Subject: [PATCH 0888/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index cfb28b97..b78cb3ea 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676069077, - "narHash": "sha256-HXLX921XdhFCnnBK4HLMKxZLn/qBsO+2OB3QfogVEmw=", + "lastModified": 1676087160, + "narHash": "sha256-el2tNbWUhpz0IBoORS144xjMTi9WIqbQWRBmrsF4M64=", "owner": "nix-community", "repo": "NUR", - "rev": "c5a4f3ce0d13892cb778b936e72633f045470d62", + "rev": "1ddd5cf5cc7215ea63f1dee09016b53cc79034e5", "type": "github" }, "original": { -- 2.47.1 From 15fefbadd12e252b1c3eb60044285139929aaac3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Feb 2023 08:01:30 +0000 Subject: [PATCH 0889/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b78cb3ea..f3ddf3d7 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1676009904, - "narHash": "sha256-Y2+K5C0XNqY1u4rjbfl45NS7BnKEIlukALAnma5xdJ8=", + "lastModified": 1676037601, + "narHash": "sha256-I+sNMIVnmarjnPnjp7xupQXzbUroNc3EWQkGPFv4w4M=", "owner": "nixos", "repo": "nixpkgs", - "rev": "3441ad5188ac3fd7a73b70a20de28b4c4eee4899", + "rev": "f8e875671f248c21a49a7f914117c28135d4c588", "type": "github" }, "original": { -- 2.47.1 From 4d3d87ec87a5e06b1f5dfdd39e1ad1fd84018ddb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Feb 2023 10:00:22 +0000 Subject: [PATCH 0890/1882] chore(deps): update renovate/renovate docker tag to v34.131.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 76f9569f..c042c858 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.130.0 + image: renovate/renovate:34.131.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From e774d40fa5bf91781778f2d51e6221562a784b1d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Feb 2023 11:01:59 +0000 Subject: [PATCH 0891/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index f3ddf3d7..ab3d0b82 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676087160, - "narHash": "sha256-el2tNbWUhpz0IBoORS144xjMTi9WIqbQWRBmrsF4M64=", + "lastModified": 1676112304, + "narHash": "sha256-hJxdayJ6ezMO8Yb9ejA3uPzuzRAbIaP6PIV1o3ntzTA=", "owner": "nix-community", "repo": "NUR", - "rev": "1ddd5cf5cc7215ea63f1dee09016b53cc79034e5", + "rev": "8a24db2b200ac828e39af7d8da0d7c1bf8350a94", "type": "github" }, "original": { -- 2.47.1 From 0db54b0cd9de7fef4ec498aa232043bd62e6467d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Feb 2023 12:04:59 +0000 Subject: [PATCH 0892/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index ab3d0b82..c9566b6f 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676112304, - "narHash": "sha256-hJxdayJ6ezMO8Yb9ejA3uPzuzRAbIaP6PIV1o3ntzTA=", + "lastModified": 1676115886, + "narHash": "sha256-wXgo2+9OxHtAAc17NlFSYymqyzx4f2gh4ksG0M+1PLo=", "owner": "nix-community", "repo": "NUR", - "rev": "8a24db2b200ac828e39af7d8da0d7c1bf8350a94", + "rev": "335c03ee8c6ac3730e12c7c5f2176e3297915b57", "type": "github" }, "original": { -- 2.47.1 From 8fcb3835da88a17c0e66b1810fddd6e743e5ddd6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Feb 2023 13:02:06 +0000 Subject: [PATCH 0893/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index c9566b6f..816980d9 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676066608, - "narHash": "sha256-wUfFD5kZ4+MSX92Zruy/W64m7E5CzORfiVdLOuyJ15o=", + "lastModified": 1676120405, + "narHash": "sha256-5DSaAh3ifx3tW7ZMF7GFy/Kw4uHs3ZUtt+cH9+YVOXY=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "bda8208aaa3d7eb9f14d49691b919f8f2e9f5594", + "rev": "97e0f02621829d011e08506c7361236b07f3f2b4", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676115886, - "narHash": "sha256-wXgo2+9OxHtAAc17NlFSYymqyzx4f2gh4ksG0M+1PLo=", + "lastModified": 1676120030, + "narHash": "sha256-kAkbZN5D1v4IP3ZJ4P4UaUXawiOLKCJT8OMyfQCwXCQ=", "owner": "nix-community", "repo": "NUR", - "rev": "335c03ee8c6ac3730e12c7c5f2176e3297915b57", + "rev": "2528868b6a66ba7c1b2e3b2f6985ade20f8c146b", "type": "github" }, "original": { -- 2.47.1 From bd10aedd8d1d4993f6ddd8e4c4a20ed817364597 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Feb 2023 14:00:34 +0000 Subject: [PATCH 0894/1882] chore(deps): update renovate/renovate docker tag to v34.132.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index c042c858..c3bc0a44 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.131.0 + image: renovate/renovate:34.132.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 25580458cc9e7c20759dd1d93384a4740c23fe5e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Feb 2023 16:05:33 +0000 Subject: [PATCH 0895/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 816980d9..e8ac2eec 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676120030, - "narHash": "sha256-kAkbZN5D1v4IP3ZJ4P4UaUXawiOLKCJT8OMyfQCwXCQ=", + "lastModified": 1676129501, + "narHash": "sha256-NaVluBS4mAKAiupGwgggWVzsEI9mLo5THyR3RKiaxik=", "owner": "nix-community", "repo": "NUR", - "rev": "2528868b6a66ba7c1b2e3b2f6985ade20f8c146b", + "rev": "3df08f8f90a3201c60a2002eecb24c126c9f1c6b", "type": "github" }, "original": { -- 2.47.1 From 6f127896d10733e8ab5a707aff504da51754625c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Feb 2023 17:01:47 +0000 Subject: [PATCH 0896/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index e8ac2eec..e60c1cac 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676129501, - "narHash": "sha256-NaVluBS4mAKAiupGwgggWVzsEI9mLo5THyR3RKiaxik=", + "lastModified": 1676134189, + "narHash": "sha256-fyoKi75ULngVwM9AeoeE+SVsF7tvZfsB7uHrQVTXXWw=", "owner": "nix-community", "repo": "NUR", - "rev": "3df08f8f90a3201c60a2002eecb24c126c9f1c6b", + "rev": "ca320e602787fd5ad55e748c392de9693c2f0f93", "type": "github" }, "original": { -- 2.47.1 From 30ffe739dbc7900cd007528c43d09ba4bede3366 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Feb 2023 19:01:40 +0000 Subject: [PATCH 0897/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index e60c1cac..c520f58d 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676134189, - "narHash": "sha256-fyoKi75ULngVwM9AeoeE+SVsF7tvZfsB7uHrQVTXXWw=", + "lastModified": 1676139885, + "narHash": "sha256-l/iEYXtjuNYf+Mtk0nDNsdAwWKg6tKEPxgGxKfIFvFA=", "owner": "nix-community", "repo": "NUR", - "rev": "ca320e602787fd5ad55e748c392de9693c2f0f93", + "rev": "0579171707429321536463be2e40a4aae876974b", "type": "github" }, "original": { -- 2.47.1 From 4675d37a646c73d33c5922a26ab2461731a854b1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Feb 2023 21:01:28 +0000 Subject: [PATCH 0898/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index c520f58d..e3bdfa19 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676120405, - "narHash": "sha256-5DSaAh3ifx3tW7ZMF7GFy/Kw4uHs3ZUtt+cH9+YVOXY=", + "lastModified": 1676148877, + "narHash": "sha256-mzUsiD8vLsemnE+wYWlmvPhNfumQW4CObDh524hEQos=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "97e0f02621829d011e08506c7361236b07f3f2b4", + "rev": "287f31329e7a16b42c3f20b9b7ecf3ec6adbc51d", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676139885, - "narHash": "sha256-l/iEYXtjuNYf+Mtk0nDNsdAwWKg6tKEPxgGxKfIFvFA=", + "lastModified": 1676148436, + "narHash": "sha256-i6RSuv6WbcdZU6qHmJIPv+I/53/UZmHID2UUIJ3QkRA=", "owner": "nix-community", "repo": "NUR", - "rev": "0579171707429321536463be2e40a4aae876974b", + "rev": "38bcd4c2a25b9ef4ab1b294b744e03174a09e3b7", "type": "github" }, "original": { -- 2.47.1 From 1bf077bd0d01ce35cae9e5107a7bc0a91510df46 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Feb 2023 22:01:57 +0000 Subject: [PATCH 0899/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index e3bdfa19..7308edbf 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676148436, - "narHash": "sha256-i6RSuv6WbcdZU6qHmJIPv+I/53/UZmHID2UUIJ3QkRA=", + "lastModified": 1676151163, + "narHash": "sha256-wlk9QSoU1jgK3bBDPbmifmESnmI+QX937av1Av5EuAc=", "owner": "nix-community", "repo": "NUR", - "rev": "38bcd4c2a25b9ef4ab1b294b744e03174a09e3b7", + "rev": "be88f6d886661bbf20b60d90fd28c1dd4857edba", "type": "github" }, "original": { -- 2.47.1 From 3fe0826d576e11fb1aafa842f29b2c297ad0a34a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Feb 2023 23:02:15 +0000 Subject: [PATCH 0900/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 7308edbf..91ce7f0f 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676151163, - "narHash": "sha256-wlk9QSoU1jgK3bBDPbmifmESnmI+QX937av1Av5EuAc=", + "lastModified": 1676155475, + "narHash": "sha256-yLnAQiIVzSy2daV0V9ckr6TB9hBaxdwGd2WKtKlVFrA=", "owner": "nix-community", "repo": "NUR", - "rev": "be88f6d886661bbf20b60d90fd28c1dd4857edba", + "rev": "132b707f6e960bb56c34a08f0d660bdea2084cce", "type": "github" }, "original": { -- 2.47.1 From 43a2b38d36262f531a661c4658689b92b1094ae2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Feb 2023 00:00:34 +0000 Subject: [PATCH 0901/1882] chore(deps): update renovate/renovate docker tag to v34.132.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index c3bc0a44..528b27a8 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.132.0 + image: renovate/renovate:34.132.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 493da160b2a7956f098f011ec05b3c030084e191 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Feb 2023 03:01:17 +0000 Subject: [PATCH 0902/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 91ce7f0f..42f2571a 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676155475, - "narHash": "sha256-yLnAQiIVzSy2daV0V9ckr6TB9hBaxdwGd2WKtKlVFrA=", + "lastModified": 1676167960, + "narHash": "sha256-eOYd+NwP8rXwh5qABxU7ecCp50brMBVqRdg8hF0AEjM=", "owner": "nix-community", "repo": "NUR", - "rev": "132b707f6e960bb56c34a08f0d660bdea2084cce", + "rev": "87f04854b4b46abef3acceab7ab9f3db3bd44630", "type": "github" }, "original": { -- 2.47.1 From f2e05661f5c50fea30912ddcf45d5beec1a6de95 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Feb 2023 04:01:52 +0000 Subject: [PATCH 0903/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 42f2571a..a7467e67 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676167960, - "narHash": "sha256-eOYd+NwP8rXwh5qABxU7ecCp50brMBVqRdg8hF0AEjM=", + "lastModified": 1676171086, + "narHash": "sha256-JKPQilJiPBXFuznvkI4KFm/MakcH1b/PasTiOc5LfrE=", "owner": "nix-community", "repo": "NUR", - "rev": "87f04854b4b46abef3acceab7ab9f3db3bd44630", + "rev": "573ea8fff6b173d4b19da3b0a93ac58fe0e4796d", "type": "github" }, "original": { -- 2.47.1 From 740012a30334d31252dda6cef3075e6748bb391b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Feb 2023 07:01:38 +0000 Subject: [PATCH 0904/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index a7467e67..f50886a3 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676171086, - "narHash": "sha256-JKPQilJiPBXFuznvkI4KFm/MakcH1b/PasTiOc5LfrE=", + "lastModified": 1676185168, + "narHash": "sha256-tTwuFUfT9jaon7rGoYaEgsYq17WCo35zukt15w7FsyQ=", "owner": "nix-community", "repo": "NUR", - "rev": "573ea8fff6b173d4b19da3b0a93ac58fe0e4796d", + "rev": "e669d02efdda27481eaeced3b17e9b2179985a37", "type": "github" }, "original": { -- 2.47.1 From 4deadec581020a06e7eb7b6d5b4c7c8d88c27a5c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Feb 2023 08:00:34 +0000 Subject: [PATCH 0905/1882] chore(deps): update renovate/renovate docker tag to v34.132.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 528b27a8..b6e00670 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.132.1 + image: renovate/renovate:34.132.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From e718b6e30df4e1bce612d98fa2a45411e61c35b3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Feb 2023 10:04:21 +0000 Subject: [PATCH 0906/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index f50886a3..57fe9daa 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676185168, - "narHash": "sha256-tTwuFUfT9jaon7rGoYaEgsYq17WCo35zukt15w7FsyQ=", + "lastModified": 1676195542, + "narHash": "sha256-uZph1Hj2vmkPkvUBUpvwyJUsRVYgg39yyD9fWKUDOag=", "owner": "nix-community", "repo": "NUR", - "rev": "e669d02efdda27481eaeced3b17e9b2179985a37", + "rev": "b86914d9cd30dab76dbb90bbb954cea7f4618b17", "type": "github" }, "original": { -- 2.47.1 From f87c99a34d1454b17437410436ae5958d45c4a19 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Feb 2023 11:01:49 +0000 Subject: [PATCH 0907/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 57fe9daa..59a788cb 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676148877, - "narHash": "sha256-mzUsiD8vLsemnE+wYWlmvPhNfumQW4CObDh524hEQos=", + "lastModified": 1676198317, + "narHash": "sha256-i5Er/KA5E9CNxs4XFdwJEOsiCyXS3X3KKuu04gRSJD4=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "287f31329e7a16b42c3f20b9b7ecf3ec6adbc51d", + "rev": "7d914cd427b36d5ec8acb06e415cdf2b846f1648", "type": "github" }, "original": { @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1675918889, - "narHash": "sha256-hy7re4F9AEQqwZxubct7jBRos6md26bmxnCjxf5utJA=", + "lastModified": 1676094287, + "narHash": "sha256-z2gc84Hs9JmzmSmQ/n3Ano/uhYPS4uF8jZPcgKDTfb8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "49efda9011e8cdcd6c1aad30384cb1dc230c82fe", + "rev": "103fe0800b9d739c279997561c9da9d242d5b6b8", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676195542, - "narHash": "sha256-uZph1Hj2vmkPkvUBUpvwyJUsRVYgg39yyD9fWKUDOag=", + "lastModified": 1676197247, + "narHash": "sha256-sPmIQooEOiWkjYPmjNqde+ml2NcDTockTQF2WdTSHK0=", "owner": "nix-community", "repo": "NUR", - "rev": "b86914d9cd30dab76dbb90bbb954cea7f4618b17", + "rev": "661a9358da62de5d4bdd9b6d510a8c17084e04ac", "type": "github" }, "original": { -- 2.47.1 From b4a5603530c7fb4a48805d1c7b5b50f4711dd202 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Feb 2023 12:02:20 +0000 Subject: [PATCH 0908/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 59a788cb..781253af 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1676037601, - "narHash": "sha256-I+sNMIVnmarjnPnjp7xupQXzbUroNc3EWQkGPFv4w4M=", + "lastModified": 1676183649, + "narHash": "sha256-jbUcDodIvdprUsmlE8LbLNOl79HPMdXGyBnp49vt/bE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f8e875671f248c21a49a7f914117c28135d4c588", + "rev": "9eedb6777f84951f54d295ed27bbaa9cd320106c", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676197247, - "narHash": "sha256-sPmIQooEOiWkjYPmjNqde+ml2NcDTockTQF2WdTSHK0=", + "lastModified": 1676202295, + "narHash": "sha256-pK1zMjK4ZjIIeJxAety+WqTBHQd7GGLpQcIq892W2H8=", "owner": "nix-community", "repo": "NUR", - "rev": "661a9358da62de5d4bdd9b6d510a8c17084e04ac", + "rev": "56b003d44a26603aedcaa3c28b0da17797d0df1c", "type": "github" }, "original": { -- 2.47.1 From b34aa453770f1d8d509829ccb716e9e19f9be932 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Feb 2023 13:01:49 +0000 Subject: [PATCH 0909/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 781253af..b8615cae 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676202295, - "narHash": "sha256-pK1zMjK4ZjIIeJxAety+WqTBHQd7GGLpQcIq892W2H8=", + "lastModified": 1676204408, + "narHash": "sha256-AaDm6PVTfiuNaf+2U9cEmnqeDm2mj/CZRKUePoOyXS0=", "owner": "nix-community", "repo": "NUR", - "rev": "56b003d44a26603aedcaa3c28b0da17797d0df1c", + "rev": "2f199ce2679c6a7937da78f8d85613d035f09986", "type": "github" }, "original": { -- 2.47.1 From 08369155e8355aa98a79e255372e2f2f3ae15d0e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Feb 2023 16:01:31 +0000 Subject: [PATCH 0910/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b8615cae..75d901f0 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676204408, - "narHash": "sha256-AaDm6PVTfiuNaf+2U9cEmnqeDm2mj/CZRKUePoOyXS0=", + "lastModified": 1676216696, + "narHash": "sha256-mIg6ooQ3xtD5ULG4E/RwQqKdxIssYfSZHScXxloK3uI=", "owner": "nix-community", "repo": "NUR", - "rev": "2f199ce2679c6a7937da78f8d85613d035f09986", + "rev": "5ad9d0fcec2e3d26b0caa65e119025ef804d5a11", "type": "github" }, "original": { -- 2.47.1 From 08476aa01d3d26c373a3592614871cecbc10c5e1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Feb 2023 18:01:38 +0000 Subject: [PATCH 0911/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 75d901f0..edc3625a 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676216696, - "narHash": "sha256-mIg6ooQ3xtD5ULG4E/RwQqKdxIssYfSZHScXxloK3uI=", + "lastModified": 1676223771, + "narHash": "sha256-b3HgLF5umYVjInGK9DKutG2WQEJ+ltcIbwfmu0JsVYc=", "owner": "nix-community", "repo": "NUR", - "rev": "5ad9d0fcec2e3d26b0caa65e119025ef804d5a11", + "rev": "c938b6ca205278fd43370fd75267d7b48673f0b2", "type": "github" }, "original": { -- 2.47.1 From 4e4fb136e6ea664b8464d39369a03a9d865d883b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Feb 2023 20:00:23 +0000 Subject: [PATCH 0912/1882] chore(deps): update renovate/renovate docker tag to v34.132.4 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index b6e00670..289e0232 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.132.2 + image: renovate/renovate:34.132.4 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 8dbc5a35969c3e2b6ebab5e98629776e3afb1c40 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Feb 2023 21:01:59 +0000 Subject: [PATCH 0913/1882] chore(deps): lock file maintenance --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index edc3625a..247fcc45 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676198317, - "narHash": "sha256-i5Er/KA5E9CNxs4XFdwJEOsiCyXS3X3KKuu04gRSJD4=", + "lastModified": 1676229613, + "narHash": "sha256-7fwIHHJ3qoqAD7MgwO5o4paDLfPQzW3LyuaDSgiyYUI=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "7d914cd427b36d5ec8acb06e415cdf2b846f1648", + "rev": "79ad93d5366e3213abbf32394cc284855e39ba40", "type": "github" }, "original": { @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1676094287, - "narHash": "sha256-z2gc84Hs9JmzmSmQ/n3Ano/uhYPS4uF8jZPcgKDTfb8=", + "lastModified": 1676177817, + "narHash": "sha256-OQnBnuKkpwkfNY31xQyfU5hNpLs1ilWt+hVY6ztEEOM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "103fe0800b9d739c279997561c9da9d242d5b6b8", + "rev": "1b82144edfcd0c86486d2e07c7298f85510e7fb8", "type": "github" }, "original": { @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1676183649, - "narHash": "sha256-jbUcDodIvdprUsmlE8LbLNOl79HPMdXGyBnp49vt/bE=", + "lastModified": 1676213586, + "narHash": "sha256-fygJZp9tWulezenA94yZynP6pBYPSjRCGXoQlnklbSc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "9eedb6777f84951f54d295ed27bbaa9cd320106c", + "rev": "0394479b9e8d5492f2d29482825661522219499a", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676223771, - "narHash": "sha256-b3HgLF5umYVjInGK9DKutG2WQEJ+ltcIbwfmu0JsVYc=", + "lastModified": 1676231165, + "narHash": "sha256-hlQS8XRucFsOAvBTotYn9a74hGka8ai6B/atARmcVoE=", "owner": "nix-community", "repo": "NUR", - "rev": "c938b6ca205278fd43370fd75267d7b48673f0b2", + "rev": "cf674ae770218559b0ed9a98e36663b0858fb02f", "type": "github" }, "original": { -- 2.47.1 From 32a5165807e8f1f703f46923d942fa1ef46fcc99 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Feb 2023 23:02:26 +0000 Subject: [PATCH 0914/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 247fcc45..9f8511bb 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676229613, - "narHash": "sha256-7fwIHHJ3qoqAD7MgwO5o4paDLfPQzW3LyuaDSgiyYUI=", + "lastModified": 1676240687, + "narHash": "sha256-Qzgd87UF64k4Es8SFY/IOKDGKD1DlFT60+TAke8qV7Q=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "79ad93d5366e3213abbf32394cc284855e39ba40", + "rev": "6b7e409f05536e45baa3dabeab0df77d05c9a96f", "type": "github" }, "original": { -- 2.47.1 From ec4bb30a89cc52315b1399d39e94764c7d9348b2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Feb 2023 02:00:23 +0000 Subject: [PATCH 0915/1882] chore(deps): update renovate/renovate docker tag to v34.133.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 289e0232..e9b1caae 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.132.4 + image: renovate/renovate:34.133.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From c88275e5576bc29125213d50c1192bcbad07bd25 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Feb 2023 04:01:39 +0000 Subject: [PATCH 0916/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 9f8511bb..651ff0b9 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1676213586, - "narHash": "sha256-fygJZp9tWulezenA94yZynP6pBYPSjRCGXoQlnklbSc=", + "lastModified": 1676243402, + "narHash": "sha256-BLVAH4iXKlWr7tLG6f+amAaMHPA55xWpJTS4MdBLRf0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0394479b9e8d5492f2d29482825661522219499a", + "rev": "14b15a92dcd28a5eea0122f03b31f7f17e816420", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676231165, - "narHash": "sha256-hlQS8XRucFsOAvBTotYn9a74hGka8ai6B/atARmcVoE=", + "lastModified": 1676260076, + "narHash": "sha256-EOMm9/EPOHQC0k8nLh6rMqKQIj4z3RECZD3HyeU6/ls=", "owner": "nix-community", "repo": "NUR", - "rev": "cf674ae770218559b0ed9a98e36663b0858fb02f", + "rev": "28bd70ade9ade8289f384eaa0cf490c37d011ace", "type": "github" }, "original": { -- 2.47.1 From f3ac2ca5cfa14b0cf1b72d985e94527a4a79d71d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Feb 2023 05:01:55 +0000 Subject: [PATCH 0917/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 651ff0b9..48a255f5 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676260076, - "narHash": "sha256-EOMm9/EPOHQC0k8nLh6rMqKQIj4z3RECZD3HyeU6/ls=", + "lastModified": 1676261409, + "narHash": "sha256-MHMGy3/jBc7wd/YKddICbgpCJ2qAtjjmlZQFFHCUFr8=", "owner": "nix-community", "repo": "NUR", - "rev": "28bd70ade9ade8289f384eaa0cf490c37d011ace", + "rev": "c7011355e75a4a1818768ce1ac4c1aa5ada7eb6f", "type": "github" }, "original": { -- 2.47.1 From db3fb33b2676d100e8f774389d5cbf82da40b8a2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Feb 2023 07:01:37 +0000 Subject: [PATCH 0918/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 48a255f5..c057736c 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676261409, - "narHash": "sha256-MHMGy3/jBc7wd/YKddICbgpCJ2qAtjjmlZQFFHCUFr8=", + "lastModified": 1676270491, + "narHash": "sha256-GF6OZqQNRF5eIrlbiFCHbWKj/LThsi6kls3kSvGkMlY=", "owner": "nix-community", "repo": "NUR", - "rev": "c7011355e75a4a1818768ce1ac4c1aa5ada7eb6f", + "rev": "900d9a4560fdb9671cacbaaaf09c514573d9bf27", "type": "github" }, "original": { -- 2.47.1 From 36167fef6aa3a2865c2006e2a65fe174d434e151 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Feb 2023 08:02:10 +0000 Subject: [PATCH 0919/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c057736c..365ddbc5 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676270491, - "narHash": "sha256-GF6OZqQNRF5eIrlbiFCHbWKj/LThsi6kls3kSvGkMlY=", + "lastModified": 1676273732, + "narHash": "sha256-aQGdVpnYZTMeDsvo3fXcCE47pubuNv0hBxXhSxdTv5Y=", "owner": "nix-community", "repo": "NUR", - "rev": "900d9a4560fdb9671cacbaaaf09c514573d9bf27", + "rev": "61b6f811a8544670d3045a57d1b8874c0ec24445", "type": "github" }, "original": { -- 2.47.1 From b97deb61366201ff62b9c484b41d8f4127f015a0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Feb 2023 09:01:51 +0000 Subject: [PATCH 0920/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 365ddbc5..b1bd6643 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1676243402, - "narHash": "sha256-BLVAH4iXKlWr7tLG6f+amAaMHPA55xWpJTS4MdBLRf0=", + "lastModified": 1676272577, + "narHash": "sha256-km3Ty03BpaSbr5zek8a68YN2yduygtKm5//OSKJP/l0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "14b15a92dcd28a5eea0122f03b31f7f17e816420", + "rev": "e8b67bd87cbbefebda0cee68728c67da0fe91b6c", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676273732, - "narHash": "sha256-aQGdVpnYZTMeDsvo3fXcCE47pubuNv0hBxXhSxdTv5Y=", + "lastModified": 1676278103, + "narHash": "sha256-zIQJSou9LnRjiBebGj82DbhHxU1/RmLN5h3wzUdFZf4=", "owner": "nix-community", "repo": "NUR", - "rev": "61b6f811a8544670d3045a57d1b8874c0ec24445", + "rev": "45cd749b957aa2a3f5fb3d4f3cfba58afae619cb", "type": "github" }, "original": { -- 2.47.1 From 3e4a403b8acbbf3b88037db85206ae8b2f650f95 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Feb 2023 10:02:11 +0000 Subject: [PATCH 0921/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b1bd6643..2368a5b5 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676278103, - "narHash": "sha256-zIQJSou9LnRjiBebGj82DbhHxU1/RmLN5h3wzUdFZf4=", + "lastModified": 1676281484, + "narHash": "sha256-dWZXiud69G6LwzpFCaKFD4wpKarTRYY3605rLN9fw50=", "owner": "nix-community", "repo": "NUR", - "rev": "45cd749b957aa2a3f5fb3d4f3cfba58afae619cb", + "rev": "d44ab24d70b4e0080630730c42793fdff8ea0ace", "type": "github" }, "original": { -- 2.47.1 From f1e461a7e7428ffb82902c4cb64855bc6234fa5b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Feb 2023 12:01:40 +0000 Subject: [PATCH 0922/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 2368a5b5..d4fc7a8d 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676281484, - "narHash": "sha256-dWZXiud69G6LwzpFCaKFD4wpKarTRYY3605rLN9fw50=", + "lastModified": 1676288832, + "narHash": "sha256-DSmWMSdL4Wuj7y2KYVrYI6Vj1PyKzwi/ZthdjrN5fXQ=", "owner": "nix-community", "repo": "NUR", - "rev": "d44ab24d70b4e0080630730c42793fdff8ea0ace", + "rev": "e9bad900605fa4b0c608d523a06655ac5fef7a7d", "type": "github" }, "original": { -- 2.47.1 From 3cc842d739e008ff06d5fdcbc6297081991fca54 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Feb 2023 14:00:23 +0000 Subject: [PATCH 0923/1882] chore(deps): update renovate/renovate docker tag to v34.134.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index e9b1caae..93802fcf 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.133.0 + image: renovate/renovate:34.134.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 2f29a63a6418d43282dd8134694f35fe8ca6e039 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Feb 2023 15:02:17 +0000 Subject: [PATCH 0924/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index d4fc7a8d..b85937d8 100644 --- a/flake.lock +++ b/flake.lock @@ -655,11 +655,11 @@ "nixpkgs": "nixpkgs_5" }, "locked": { - "lastModified": 1674666581, - "narHash": "sha256-KNI2s/xrL7WOYaPJAWKBtb7cCH3335rLfsL+B+ssuGY=", + "lastModified": 1676297861, + "narHash": "sha256-YECUmK34xzg0IERpnbCnaO6z6YgfecJlstMWX7dqOZ8=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "6a5dc1d3d557ea7b5c19b15ff91955124d0400fa", + "rev": "1e0a05219f2a557d4622bc38f542abb360518795", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676288832, - "narHash": "sha256-DSmWMSdL4Wuj7y2KYVrYI6Vj1PyKzwi/ZthdjrN5fXQ=", + "lastModified": 1676299525, + "narHash": "sha256-Vfq69BTPfb/GFWXP7egnr8whvM3r26i00sSJza+QvWg=", "owner": "nix-community", "repo": "NUR", - "rev": "e9bad900605fa4b0c608d523a06655ac5fef7a7d", + "rev": "11b51d793149faf5cd62a4e82699a71f1b2ffb94", "type": "github" }, "original": { -- 2.47.1 From 71233bf84282bd9335536b8438fd154f70508733 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 13 Feb 2023 17:28:30 +0100 Subject: [PATCH 0925/1882] rm readarr --- nixos/hosts/hades/default.nix | 6 +-- nixos/hosts/hades/readarr/configuration.nix | 44 --------------------- 2 files changed, 1 insertion(+), 49 deletions(-) delete mode 100644 nixos/hosts/hades/readarr/configuration.nix diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 519f6c78..fbfa59d2 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -171,10 +171,6 @@ ip = "192.168.0.140"; mac = "3a:67:8e:98:0c:a2"; }; - "readarr" = { - ip = "192.168.0.141"; - mac = "E6:A2:37:4A:7C:87"; - }; "archlinux" = { ip = "192.168.0.200"; mac = "00:0c:29:e4:0d:17"; @@ -185,4 +181,4 @@ mac = "f4:ce:46:78:1a:fc"; nix = false; }; -} \ No newline at end of file +} diff --git a/nixos/hosts/hades/readarr/configuration.nix b/nixos/hosts/hades/readarr/configuration.nix deleted file mode 100644 index 20d65592..00000000 --- a/nixos/hosts/hades/readarr/configuration.nix +++ /dev/null @@ -1,44 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, ... }: - -{ - imports = [ ]; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "22.11"; # Did you read the comment? - - # Additional packages - environment.systemPackages = with pkgs; [ ]; - - networking.firewall.allowedTCPPorts = [ ]; - - fileSystems."/mnt/storage" = { - device = "storage:/mnt/storage"; - fsType = "nfs"; - }; - - virtualisation.oci-containers = { - backend = "podman"; - containers = { - readarr = { - image = "cr.hotio.dev/hotio/readarr:testing"; - ports = [ - "8787:8787" - ]; - volumes = [ - "/var/lib/readarr:/config" - "/mnt/storage:/mnt/storage" - ]; - }; - }; - }; -} - \ No newline at end of file -- 2.47.1 From 0e9e462bff9a052db5df570a62fa59044427f44b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Feb 2023 17:01:20 +0000 Subject: [PATCH 0926/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b85937d8..2f1e551c 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676299525, - "narHash": "sha256-Vfq69BTPfb/GFWXP7egnr8whvM3r26i00sSJza+QvWg=", + "lastModified": 1676300643, + "narHash": "sha256-SCYSgm7UIzZzxPp6FTiz9nyYQJOo+4X1znPf8fL2D2s=", "owner": "nix-community", "repo": "NUR", - "rev": "11b51d793149faf5cd62a4e82699a71f1b2ffb94", + "rev": "9e53590ae92ae7b39ca989f37950903395997490", "type": "github" }, "original": { -- 2.47.1 From 22bdbe1397ca43a9cc2243cc0982872a30a7cdaf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Feb 2023 18:01:49 +0000 Subject: [PATCH 0927/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 2f1e551c..96ce1cf7 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1676272577, - "narHash": "sha256-km3Ty03BpaSbr5zek8a68YN2yduygtKm5//OSKJP/l0=", + "lastModified": 1676299343, + "narHash": "sha256-S3lBD8BnrXmui65hztNzlIqQDPU0ZtBcGcZ6zvRkJxI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e8b67bd87cbbefebda0cee68728c67da0fe91b6c", + "rev": "f1f9ae6a3b31cdbc3b8fc84d07fdea26a1d2f67f", "type": "github" }, "original": { -- 2.47.1 From 7f20476058171e6ff42e6f09504655a4b2b41b96 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Feb 2023 19:00:36 +0000 Subject: [PATCH 0928/1882] chore(deps): update renovate/renovate docker tag to v34.135.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 93802fcf..2e2cd1f2 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.134.1 + image: renovate/renovate:34.135.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From c130d6b48ae3e7c4aa252f6a568390bc2eca2d47 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Feb 2023 20:02:11 +0000 Subject: [PATCH 0929/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 96ce1cf7..a2d0405c 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676300643, - "narHash": "sha256-SCYSgm7UIzZzxPp6FTiz9nyYQJOo+4X1znPf8fL2D2s=", + "lastModified": 1676317613, + "narHash": "sha256-tDKRyuoNz9b0dulVxPxDQa9TPJEJ7kGOfgF/11wx9IU=", "owner": "nix-community", "repo": "NUR", - "rev": "9e53590ae92ae7b39ca989f37950903395997490", + "rev": "ceb21024ae4eb1d2af1840eb34231d46520a8642", "type": "github" }, "original": { -- 2.47.1 From 7a923fb14150e1d4ac8e553b5753559cb93c1ea0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Feb 2023 21:05:42 +0000 Subject: [PATCH 0930/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index a2d0405c..ff7fa18f 100644 --- a/flake.lock +++ b/flake.lock @@ -109,11 +109,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1675178298, - "narHash": "sha256-5M2VVrYH+IAa1P7Qz9gUPS3YNdqeVOoa1riV8eTtoYE=", + "lastModified": 1676319017, + "narHash": "sha256-gHyshpxoQAc/3sI3eChqmSCvsBimy+Z6EkzwA3aAYgA=", "owner": "nix-community", "repo": "comma", - "rev": "0c208e098bfe57556bcdea1e2faaf5c08cce4482", + "rev": "c4001264668c09d44d765e5ccb1182f291cd91a4", "type": "github" }, "original": { -- 2.47.1 From f9ada088c6c45d11b6ca3921d12591c7128365f8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Feb 2023 22:02:05 +0000 Subject: [PATCH 0931/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index ff7fa18f..fb62ee82 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676317613, - "narHash": "sha256-tDKRyuoNz9b0dulVxPxDQa9TPJEJ7kGOfgF/11wx9IU=", + "lastModified": 1676324777, + "narHash": "sha256-NaCIUq5Kcl/6LwvDnpNkb98qb1rthZMDNEvHYL2PU9w=", "owner": "nix-community", "repo": "NUR", - "rev": "ceb21024ae4eb1d2af1840eb34231d46520a8642", + "rev": "d486bbbd3974a134d414f815f078e72558d7a985", "type": "github" }, "original": { -- 2.47.1 From bfbf50895f6439135144bd7fb75dd336aeab33a2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Feb 2023 23:02:08 +0000 Subject: [PATCH 0932/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index fb62ee82..058b8864 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676324777, - "narHash": "sha256-NaCIUq5Kcl/6LwvDnpNkb98qb1rthZMDNEvHYL2PU9w=", + "lastModified": 1676328308, + "narHash": "sha256-zA27l6aEGtYv+xBzdjYJ9a67o12SEQY5ZdWx5B4XzP4=", "owner": "nix-community", "repo": "NUR", - "rev": "d486bbbd3974a134d414f815f078e72558d7a985", + "rev": "d80440576256226d88b9f1cbc5174f535fdffdd1", "type": "github" }, "original": { -- 2.47.1 From 1748e479e6fcd6fa3f5ea2224287f8cadd7daca8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 00:01:51 +0000 Subject: [PATCH 0933/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 058b8864..53f3866b 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676328308, - "narHash": "sha256-zA27l6aEGtYv+xBzdjYJ9a67o12SEQY5ZdWx5B4XzP4=", + "lastModified": 1676331896, + "narHash": "sha256-ih3ehOL4wWaMko+ahkycoq8DQRodDqEbJVg6t7WY2PQ=", "owner": "nix-community", "repo": "NUR", - "rev": "d80440576256226d88b9f1cbc5174f535fdffdd1", + "rev": "e014e89fdfbd65e1fb572f00ea71dc2a9513fe6f", "type": "github" }, "original": { -- 2.47.1 From 356886880d4ab47320b6013b443fb1e2e2c5ab66 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 01:02:03 +0000 Subject: [PATCH 0934/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 53f3866b..39777e5a 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676240687, - "narHash": "sha256-Qzgd87UF64k4Es8SFY/IOKDGKD1DlFT60+TAke8qV7Q=", + "lastModified": 1676335618, + "narHash": "sha256-OgRs95hczqdqLbj/FUm2JjPOIV2wiUPv5XoBxSA9svA=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "6b7e409f05536e45baa3dabeab0df77d05c9a96f", + "rev": "98c95aa34d31bcbb792227d00dc37bfd627a564a", "type": "github" }, "original": { -- 2.47.1 From 88c267c88717d0cebd7948ac2242ffcaf653e0d7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 02:00:36 +0000 Subject: [PATCH 0935/1882] chore(deps): update renovate/renovate docker tag to v34.136.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 2e2cd1f2..e1c75192 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.135.0 + image: renovate/renovate:34.136.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 19d9d64e468dbca91100ebdbe7d14f704945ced4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 03:02:00 +0000 Subject: [PATCH 0936/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 39777e5a..c3af8979 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676331896, - "narHash": "sha256-ih3ehOL4wWaMko+ahkycoq8DQRodDqEbJVg6t7WY2PQ=", + "lastModified": 1676340803, + "narHash": "sha256-JIFl/LfSg16Qj6t/CbILz1aAwaP4B7W8Srb9dpENrSw=", "owner": "nix-community", "repo": "NUR", - "rev": "e014e89fdfbd65e1fb572f00ea71dc2a9513fe6f", + "rev": "88847707c270b20b31edc3055dacaa5567c8ddc2", "type": "github" }, "original": { -- 2.47.1 From 2df4a15e72d020607af2526f8205495ee5afb1a3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 04:02:00 +0000 Subject: [PATCH 0937/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c3af8979..188181fd 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676340803, - "narHash": "sha256-JIFl/LfSg16Qj6t/CbILz1aAwaP4B7W8Srb9dpENrSw=", + "lastModified": 1676346351, + "narHash": "sha256-enORr2xkx5WPY1g+XgJjGphxUA80j7+/+NZKv+yGjv0=", "owner": "nix-community", "repo": "NUR", - "rev": "88847707c270b20b31edc3055dacaa5567c8ddc2", + "rev": "4ce343cda41f1c49446ed9b4075136fa7ddcd14f", "type": "github" }, "original": { -- 2.47.1 From 29795d94ead8f2935cbfd146c383819e92ffa015 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 05:02:11 +0000 Subject: [PATCH 0938/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 188181fd..fd4abb91 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676346351, - "narHash": "sha256-enORr2xkx5WPY1g+XgJjGphxUA80j7+/+NZKv+yGjv0=", + "lastModified": 1676347905, + "narHash": "sha256-YhOdSFjQVTlyrUSYjYOF3ZeYmbhe7hcLPbRR8FQ+c3o=", "owner": "nix-community", "repo": "NUR", - "rev": "4ce343cda41f1c49446ed9b4075136fa7ddcd14f", + "rev": "a59e9a032896ffa7e5d95c2075b0a28258f29c21", "type": "github" }, "original": { -- 2.47.1 From fe076f7f2a3361c373a2f421dd7037639484b139 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 06:02:21 +0000 Subject: [PATCH 0939/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index fd4abb91..5d107563 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676347905, - "narHash": "sha256-YhOdSFjQVTlyrUSYjYOF3ZeYmbhe7hcLPbRR8FQ+c3o=", + "lastModified": 1676353469, + "narHash": "sha256-6/fPVMarS7AhUs5H743mFJ4z99zoRlsT9uIFmp8miA8=", "owner": "nix-community", "repo": "NUR", - "rev": "a59e9a032896ffa7e5d95c2075b0a28258f29c21", + "rev": "66144f556f52fbf861461fbd0c32a86b3c08b406", "type": "github" }, "original": { -- 2.47.1 From 20f11ed87986248ec0a9296fd19e6afb28958477 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 07:02:08 +0000 Subject: [PATCH 0940/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 5d107563..1507a402 100644 --- a/flake.lock +++ b/flake.lock @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1676177817, - "narHash": "sha256-OQnBnuKkpwkfNY31xQyfU5hNpLs1ilWt+hVY6ztEEOM=", + "lastModified": 1676253841, + "narHash": "sha256-jhuI8Mmky8VCD45OoJEuF6HdPLFBwNrHA0ljjZ/zkfw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "1b82144edfcd0c86486d2e07c7298f85510e7fb8", + "rev": "a45a8916243a7d27acc358f4fc18c4491f3eeca8", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676353469, - "narHash": "sha256-6/fPVMarS7AhUs5H743mFJ4z99zoRlsT9uIFmp8miA8=", + "lastModified": 1676357382, + "narHash": "sha256-G1tQlcoFVBQW/NBZKkq7eOuvzubmwtyaiHS3BLo+s5s=", "owner": "nix-community", "repo": "NUR", - "rev": "66144f556f52fbf861461fbd0c32a86b3c08b406", + "rev": "ec69c81164b54bffe5b24380c6176f2c660996bd", "type": "github" }, "original": { -- 2.47.1 From 328255982ff6fc568d9105db256cd520288c7320 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 08:02:40 +0000 Subject: [PATCH 0941/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1507a402..dff8941a 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676357382, - "narHash": "sha256-G1tQlcoFVBQW/NBZKkq7eOuvzubmwtyaiHS3BLo+s5s=", + "lastModified": 1676360078, + "narHash": "sha256-p08jYnaYZKNcmRz4g8d2g7Xjx/jGDc8e97AAoMQuiK4=", "owner": "nix-community", "repo": "NUR", - "rev": "ec69c81164b54bffe5b24380c6176f2c660996bd", + "rev": "72677d48bca8c0c736f6bfad66cc2cab0b77b249", "type": "github" }, "original": { -- 2.47.1 From 36b3cd90190a7d8ceb295699168e95aefd60c611 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 14 Feb 2023 10:59:38 +0100 Subject: [PATCH 0942/1882] switch to unstable --- flake.lock | 14 +++++++------- flake.nix | 12 ++++++------ nixos/templates/proxmox-lxc.nix | 2 +- 3 files changed, 14 insertions(+), 14 deletions(-) diff --git a/flake.lock b/flake.lock index 1507a402..7bbdea00 100644 --- a/flake.lock +++ b/flake.lock @@ -845,16 +845,16 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1676299343, - "narHash": "sha256-S3lBD8BnrXmui65hztNzlIqQDPU0ZtBcGcZ6zvRkJxI=", + "lastModified": 1676202775, + "narHash": "sha256-gV/RnfVZkGLHn+5rmX2GSh5aquVHpWOJw1cnpEV03tQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f1f9ae6a3b31cdbc3b8fc84d07fdea26a1d2f67f", + "rev": "d917136f550a8c36efb1724390c7245105f79023", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable-small", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676357382, - "narHash": "sha256-G1tQlcoFVBQW/NBZKkq7eOuvzubmwtyaiHS3BLo+s5s=", + "lastModified": 1676360078, + "narHash": "sha256-p08jYnaYZKNcmRz4g8d2g7Xjx/jGDc8e97AAoMQuiK4=", "owner": "nix-community", "repo": "NUR", - "rev": "ec69c81164b54bffe5b24380c6176f2c660996bd", + "rev": "72677d48bca8c0c736f6bfad66cc2cab0b77b249", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 185826d1..7df2ae63 100644 --- a/flake.nix +++ b/flake.nix @@ -9,7 +9,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs_22-11.url = "github:nixos/nixpkgs/nixos-22.11"; nur.url = "github:nix-community/NUR"; @@ -121,11 +121,11 @@ # modules = [ (import ./nixos/templates/iso-graphical.nix) ]; # }; - # proxmox-lxc = nixos-generators.nixosGenerate { - # inherit pkgs; - # format = "proxmox-lxc"; - # modules = [ (import ./nixos/templates/proxmox-lxc.nix) ]; - # }; + proxmox-lxc = nixos-generators.nixosGenerate { + inherit pkgs; + format = "proxmox-lxc"; + modules = [ (import ./nixos/templates/proxmox-lxc.nix) ]; + }; # proxmox-vm = nixos-generators.nixosGenerate { # inherit system pkgs; diff --git a/nixos/templates/proxmox-lxc.nix b/nixos/templates/proxmox-lxc.nix index b8c11ac3..d1313a04 100644 --- a/nixos/templates/proxmox-lxc.nix +++ b/nixos/templates/proxmox-lxc.nix @@ -6,7 +6,7 @@ manageHostName = true; privileged = false; }; - + # Enable SSH services.openssh = { enable = true; -- 2.47.1 From 3ebbb1dba42e69834c32395a472549f1af0ba53f Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 14 Feb 2023 11:43:36 +0100 Subject: [PATCH 0943/1882] update mastodon --- nixos/pkgs/glitch-soc/default.nix | 3 +- nixos/pkgs/glitch-soc/gemset.nix | 176 +++++++++++++++--------------- nixos/pkgs/glitch-soc/source.nix | 4 +- nixos/pkgs/glitch-soc/version.nix | 2 +- 4 files changed, 93 insertions(+), 92 deletions(-) diff --git a/nixos/pkgs/glitch-soc/default.nix b/nixos/pkgs/glitch-soc/default.nix index b25e2498..99737d9a 100644 --- a/nixos/pkgs/glitch-soc/default.nix +++ b/nixos/pkgs/glitch-soc/default.nix @@ -42,7 +42,8 @@ stdenv.mkDerivation rec { yarnOfflineCache = fetchYarnDeps { yarnLock = "${src}/yarn.lock"; - sha256 = "sha256-v8ewaIz958jfGwfaiKvSKa/TG3y+qgef8U2PmXSvH6Q="; + # sha256 = lib.fakeSha256; + sha256 = "sha256-ObCGLw7R6wvq8GQj5MHa/0KV2TYABdNC4sQQ3x1YoQE="; }; nativeBuildInputs = [ fixup_yarn_lock nodejs-slim yarn mastodon-gems mastodon-gems.wrappedRuby ]; diff --git a/nixos/pkgs/glitch-soc/gemset.nix b/nixos/pkgs/glitch-soc/gemset.nix index d066d0a8..bd022ee5 100644 --- a/nixos/pkgs/glitch-soc/gemset.nix +++ b/nixos/pkgs/glitch-soc/gemset.nix @@ -5,10 +5,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1frwsbc076h86spj0nldcnc141bkbwg9wn5fm5b0d6vkasbz0a6h"; + sha256 = "1y9lj7ra9xf4q4mryydmd498grsndqmz1zwasb4ai9gv62igvw3s"; type = "gem"; }; - version = "6.1.7.1"; + version = "6.1.7.2"; }; actionmailbox = { dependencies = ["actionpack" "activejob" "activerecord" "activestorage" "activesupport" "mail"]; @@ -16,10 +16,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1j4a2qndmsvnnxd1sa4vv6s2gq2g73ib9vjayfpnbf5sman6yh99"; + sha256 = "0bzacsr93sxv90nljv3ajw54nmyz1v9k2v2wx1pxsi0jasqg5fvn"; type = "gem"; }; - version = "6.1.7.1"; + version = "6.1.7.2"; }; actionmailer = { dependencies = ["actionpack" "actionview" "activejob" "activesupport" "mail" "rails-dom-testing"]; @@ -27,10 +27,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ip4mmbdgki87x6hhlmmmwavz2nhd321xbxzqhvdnja6kyf759lk"; + sha256 = "1rjddp1a5l4amsbibhnf7g2rb69qvq0nc0a2dvr6r57bpkf82hj4"; type = "gem"; }; - version = "6.1.7.1"; + version = "6.1.7.2"; }; actionpack = { dependencies = ["actionview" "activesupport" "rack" "rack-test" "rails-dom-testing" "rails-html-sanitizer"]; @@ -38,10 +38,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0v8010jj0b9wpnm13h178ck3awl92r73j1v875qfld34k42k83zc"; + sha256 = "0c2y6sqpan68lrx78pvhbxb2917m75s808r6cg1kyygwvg31niza"; type = "gem"; }; - version = "6.1.7.1"; + version = "6.1.7.2"; }; actiontext = { dependencies = ["actionpack" "activerecord" "activestorage" "activesupport" "nokogiri"]; @@ -49,10 +49,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1fgbh9wdgczpkkxrfvkrwqrq0jdjk7zdyv7mp3jxccxx334ggrcq"; + sha256 = "1jx8wi961i34v7x0j3h4wjw3qbyx9bkzb598vg42kidzk2f90dyj"; type = "gem"; }; - version = "6.1.7.1"; + version = "6.1.7.2"; }; actionview = { dependencies = ["activesupport" "builder" "erubi" "rails-dom-testing" "rails-html-sanitizer"]; @@ -60,10 +60,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "10h8c4wxqppajknwy5bdmvdh1p82sriaw13p5475041zyzig0k1j"; + sha256 = "10g5gk8h4mfhvgqylzbf591fqf5p78ca35cb97p9bclpv9jfy0za"; type = "gem"; }; - version = "6.1.7.1"; + version = "6.1.7.2"; }; active_model_serializers = { dependencies = ["actionpack" "activemodel" "case_transform" "jsonapi-renderer"]; @@ -92,10 +92,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "01j5zznnl8q3r5wxk6iflf36ig831hkcwxrwgaycb16gmmmsgn1v"; + sha256 = "0ililjwy4x52a6x5fidh1iyllf6vx49nz93fd2hxypc5bpryx9mz"; type = "gem"; }; - version = "6.1.7.1"; + version = "6.1.7.2"; }; activemodel = { dependencies = ["activesupport"]; @@ -103,10 +103,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1xgfwf7xqhnb43nv86hh4rlnsq9rqlmj8mvnzh55y6lwdahif293"; + sha256 = "0nn17y72fhsynwn11bqg75bazqp6r1g8mpwwyv64harwvh3fh5qj"; type = "gem"; }; - version = "6.1.7.1"; + version = "6.1.7.2"; }; activerecord = { dependencies = ["activemodel" "activesupport"]; @@ -114,10 +114,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0rr63djvf46fbq25arj3fa8ls2d8q3s0c65943gdxh1wdgy175sc"; + sha256 = "1k69m3b0lb4jx20jx8vsvdqm1ki1r6riq9haabyddkcpvmgz1wh7"; type = "gem"; }; - version = "6.1.7.1"; + version = "6.1.7.2"; }; activestorage = { dependencies = ["actionpack" "activejob" "activerecord" "activesupport" "marcel" "mini_mime"]; @@ -125,10 +125,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1gdqcd1hyx5rl3szz6kyxf9va7g9dbd4wz7cq1183r0ycgkbfzbm"; + sha256 = "0c3cvc01azfkccg5hsl96wafsxb5hf1nva3cn8rif2mlwx17p8n3"; type = "gem"; }; - version = "6.1.7.1"; + version = "6.1.7.2"; }; activesupport = { dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo" "zeitwerk"]; @@ -136,10 +136,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0dw6hdq5f2m1dsbv8gvys7sgk4ppdbkj5rwwpcr0c86309gxbriq"; + sha256 = "14pjq2k761qaywaznpqq8ziivjk2ks1ma2cjwdflkxqgndxjmsr2"; type = "gem"; }; - version = "6.1.7.1"; + version = "6.1.7.2"; }; addressable = { dependencies = ["public_suffix"]; @@ -250,10 +250,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0wk2yb843p59hsccbyxdq820sd9i5gnqlcmk5fsjkfa7gsi1pkx9"; + sha256 = "1nz23laxgrxbv5svswi3bksmbhz86j691n4099qp4049i5a5cx91"; type = "gem"; }; - version = "1.670.0"; + version = "1.701.0"; }; aws-sdk-core = { dependencies = ["aws-eventstream" "aws-partitions" "aws-sigv4" "jmespath"]; @@ -261,10 +261,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0i5qw30vy950f5cm18a9cswa2810whpablp8x80sb9anx8k7h411"; + sha256 = "0zc4zhv2wq7s5p8c9iaplama1lpg2kwldg81j83c8w4xydf1wd2r"; type = "gem"; }; - version = "3.168.2"; + version = "3.170.0"; }; aws-sdk-kms = { dependencies = ["aws-sdk-core" "aws-sigv4"]; @@ -272,10 +272,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "00f3rgidlayqsa5ml1vrzn346a3mprg61hfhln67lsbnkgn7nq54"; + sha256 = "070s86pxrbq98iddq6shdq7g0lrzgsdqnsnc5l4kygvqimliq4dr"; type = "gem"; }; - version = "1.60.0"; + version = "1.62.0"; }; aws-sdk-s3 = { dependencies = ["aws-sdk-core" "aws-sdk-kms" "aws-sigv4"]; @@ -283,10 +283,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1xpb8c8zw1c0grbw1rcc0ynlys1301vm9kkqy4ls3i2zqk5v6n91"; + sha256 = "1sg212jsj6ydyrr6r284mgqcl83kln2hfd9nlyisf3pj5lbdjd1c"; type = "gem"; }; - version = "1.117.2"; + version = "1.119.0"; }; aws-sigv4 = { dependencies = ["aws-eventstream"]; @@ -336,10 +336,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "06lqi4svq5qls9f7nnvd2zmjdqmi2sf82sq78ci5d78fq0z5x2vr"; + sha256 = "0mz9hz5clknznw8i5f3l2zb9103mlgh96djdhlvlfpf2chkr0s1z"; type = "gem"; }; - version = "2.4.10"; + version = "2.4.14"; }; binding_of_caller = { dependencies = ["debug_inspector"]; @@ -369,10 +369,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ln89f9ypzincd5hqgmzd5vvfgf7fgir56v1spsri40ma88vnipj"; + sha256 = "1vcg52gwl64xhhal6kwk1pc01y1klzdlnv1awyk89kb91z010x7q"; type = "gem"; }; - version = "1.15.0"; + version = "1.16.0"; }; brakeman = { groups = ["development"]; @@ -610,10 +610,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0s4fpn3mqiizpmpy2a24k4v365pv75y50292r8ajrv4i1p5b2k14"; + sha256 = "1qnsflsbjj38im8xq35g0vihlz96h09wjn2dad5g543l3vvrkrx5"; type = "gem"; }; - version = "1.1.10"; + version = "1.2.0"; }; connection_pool = { groups = ["default" "test"]; @@ -769,10 +769,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1lyn5fqh5d75p3wcwl1wgg2777wl3wyqfgq0d8bdf0169sha3ghc"; + sha256 = "0fxrvqv3l5w9p20s129rg41zc6agf1n4yrmganancnvykbkygki2"; type = "gem"; }; - version = "5.6.2"; + version = "5.6.4"; }; dotenv = { groups = ["default"]; @@ -905,10 +905,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ppi7v8prf5856fslygvh64nwa4k2bsb9mablygb5gj0x5c7k29w"; + sha256 = "1b8772jybi0vxzbcs5zw17k40z661c8adn2rd6vqqr7ay71bzl09"; type = "gem"; }; - version = "3.1.0"; + version = "3.1.1"; }; faraday = { dependencies = ["faraday-em_http" "faraday-em_synchrony" "faraday-excon" "faraday-httpclient" "faraday-multipart" "faraday-net_http" "faraday-net_http_persistent" "faraday-patron" "faraday-rack" "faraday-retry" "ruby2_keywords"]; @@ -1134,10 +1134,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0lqizfap12ica5c6q74ldarzmbpmhgl156bap9xhamrlm4za4i7a"; + sha256 = "1pp9cf6b68pky9bndmals070kibab525wjn9igx9pc5h8z1jv5bd"; type = "gem"; }; - version = "0.10.0"; + version = "0.10.1"; }; globalid = { dependencies = ["activesupport"]; @@ -1145,10 +1145,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "040bxzfd7mz1p6z4bc9vk5yrf762hdllvf98hmk848fq28xc5dsk"; + sha256 = "0kqm5ndzaybpnpxqiqkc41k4ksyxl41ln8qqr6kb130cdxsf2dxk"; type = "gem"; }; - version = "1.0.1"; + version = "1.1.0"; }; hamlit = { dependencies = ["temple" "thor" "tilt"]; @@ -1379,15 +1379,15 @@ version = "0.3.0"; }; json-jwt = { - dependencies = ["activesupport" "aes_key_wrap" "bindata"]; + dependencies = ["activesupport" "aes_key_wrap" "bindata" "httpclient"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ijdzgl172412xl4lxva10ypbx10937yvgmff6045k8djhzmvy81"; + sha256 = "04315mf4p9qa97grdfqv922paghzdfrbb982ap0p99rqwla4znv6"; type = "gem"; }; - version = "1.14.0"; + version = "1.15.3"; }; json-ld = { dependencies = ["htmlentities" "json-canonicalization" "link_header" "multi_json" "rack" "rdf"]; @@ -1764,10 +1764,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "051cc82dl41a66c9sxv4lx4slqk7sz1v4iy0hdk6gpjyjszf4hxd"; + sha256 = "0dxckrlw4q1lcn3qg4mimmjazmg9bma5gllv72f8js3p36fb3b91"; type = "gem"; }; - version = "0.1.3"; + version = "0.2.1"; }; net-scp = { dependencies = ["net-ssh"]; @@ -1817,10 +1817,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1fqld4wnamj7awdr1lwdifpylqdrrg5adm8xj2jl9sc5ms3nxjjm"; + sha256 = "0qr6psd9qgv83pklpw7cpmshkcasnv8d777ksmvwsacwfvvkmnxj"; type = "gem"; }; - version = "1.14.0"; + version = "1.14.1"; }; nsa = { dependencies = ["activesupport" "concurrent-ruby" "sidekiq" "statsd-ruby"]; @@ -1888,15 +1888,15 @@ version = "1.10.3"; }; openid_connect = { - dependencies = ["activemodel" "attr_required" "json-jwt" "rack-oauth2" "swd" "tzinfo" "validate_email" "validate_url" "webfinger"]; + dependencies = ["activemodel" "attr_required" "json-jwt" "net-smtp" "rack-oauth2" "swd" "tzinfo" "validate_email" "validate_url" "webfinger"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0w474bz3s1hqhilvrddr33l2nkyikypaczp3808w0345jr88b5m7"; + sha256 = "1k9kdivp45v6vhzdrnl5fzhd378gjj2hl4w9bazbqnfm15rsnzc8"; type = "gem"; }; - version = "1.3.0"; + version = "1.4.2"; }; openssl = { groups = ["default"]; @@ -1934,10 +1934,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "03l29vysxvr85ry8y0817lhxhpv5g6v60f018sy8kxiy9imgfzdx"; + sha256 = "1g9ivy30jx7hjl8l3il47dmc9xgla8dj762v5cw0mgzpd9rq6vr4"; type = "gem"; }; - version = "2.14.13"; + version = "2.14.14"; }; parallel = { groups = ["default" "development" "test"]; @@ -1997,10 +1997,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1v0cszy9lgjqn3ax8pbj5fg01pg83wyl41wzid3g35h4xdxz1d4a"; + sha256 = "0wi1mls8r6r43dy5m6dsdqk28q564164h97pp7a111pgkbdmxf83"; type = "gem"; }; - version = "2.8.3"; + version = "3.1.0"; }; pkg-config = { groups = ["default"]; @@ -2177,10 +2177,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0gxxr209r8h3nxhc9h731khv6yswiv9hc6q2pg672v530xmknznw"; + sha256 = "1fknwsxz4429w1hndl6y30cmm2n34wmmaaj2hhp6jrm8ssfsfwjf"; type = "gem"; }; - version = "1.19.0"; + version = "1.21.3"; }; rack-proxy = { dependencies = ["rack"]; @@ -2188,10 +2188,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0jdr2r5phr3q7d6k9cnxjwlkaps0my0n43wq9mzw3xdqhg9wa3d6"; + sha256 = "1a62439xwn5v6hsl9s11hdk4wj58czhcbg7lminv23mnkc0ca147"; type = "gem"; }; - version = "0.7.0"; + version = "0.7.6"; }; rack-test = { dependencies = ["rack"]; @@ -2210,10 +2210,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1xv305sjx14ay1jkwbkxravy82gj3cw6ialzzzqf155l4ac9q85d"; + sha256 = "1b7ggchi3d7pwzmj8jn9fhbazr5fr4dy304f0hz7kqbg23s9c1ym"; type = "gem"; }; - version = "6.1.7.1"; + version = "6.1.7.2"; }; rails-controller-testing = { dependencies = ["actionpack" "actionview" "activesupport"]; @@ -2243,10 +2243,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1mcb75qvldfz6zsr4inrfx7dmb0ngxy507awx28khqmnla3hqpc9"; + sha256 = "0ygav4xyq943qqyhjmi3mzirn180j565mc9h5j4css59x1sn0cmz"; type = "gem"; }; - version = "1.4.4"; + version = "1.5.0"; }; rails-i18n = { dependencies = ["i18n" "railties"]; @@ -2276,10 +2276,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "10wfxf4vdndchpipg90wg9zphq1y5vlffff49p2bl4iyfxvigdqi"; + sha256 = "0mm3nf3y715ln6v8k6g4351ggkr1bcwc5637vr979yw8vsmdi42k"; type = "gem"; }; - version = "6.1.7.1"; + version = "6.1.7.2"; }; rainbow = { groups = ["default" "development" "test"]; @@ -2328,10 +2328,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0bvk8yyns5s1ls437z719y5sdv9fr8kfs8dmr6g8s761dv5n8zvi"; + sha256 = "1sg9sbf9pm91l7lac7fs4silabyn0vflxwaa2x3lrzsm0ff8ilca"; type = "gem"; }; - version = "3.5.1"; + version = "3.6.0"; }; redis = { groups = ["default" "test"]; @@ -2370,10 +2370,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0rj7xcg7bkfw6y0h4wg8y3s4nmks9qrzdxag4zaw41xjqfanlysf"; + sha256 = "0zjg29w5zvar7by1kqck3zilbdzm5iz3jp5d1zn3970krskfazh2"; type = "gem"; }; - version = "2.6.1"; + version = "2.6.2"; }; request_store = { dependencies = ["rack"]; @@ -2530,10 +2530,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1imdfx3mx2p1k7bhc5qm35zvqw12hyz52yy2k9xj3dwrdpzjg0fh"; + sha256 = "0f4n844yr2jrbddf79cam8qg41k2gkpyjjgd4zgbd8df1ijbld6p"; type = "gem"; }; - version = "1.43.0"; + version = "1.44.1"; }; rubocop-ast = { dependencies = ["parser"]; @@ -2563,10 +2563,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1iwv2zhcpaan038d6m7ybzb2dgpi2zhf9dgfs3bjvmrqirqi2720"; + sha256 = "1n7g0vg06ldjaq4f8c11c7yqy99zng1qdrkkk4kfziippy24yxnc"; type = "gem"; }; - version = "1.15.2"; + version = "1.16.0"; }; rubocop-rails = { dependencies = ["activesupport" "rack" "rubocop"]; @@ -2585,10 +2585,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ajsjnpgm7ys1an9gnjkaw733p8azgyxiiqgdliins853bni6mqy"; + sha256 = "1vmmin3ymgq7bhv2hl4pd0zpwawy709p816axc4vi67w61b4bij1"; type = "gem"; }; - version = "2.18.0"; + version = "2.18.1"; }; ruby-progressbar = { groups = ["default" "development" "test"]; @@ -2649,10 +2649,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1zq8pxmsd1abw18zz6mazsm2jfpwmbgdxbpawb7bmwvkb2c5yyc1"; + sha256 = "1ga8yzc9zj45m92ycwnzhzahkwvc3dp3lym5m3f3880hs4jhh7l3"; type = "gem"; }; - version = "6.0.0"; + version = "6.0.1"; }; scenic = { dependencies = ["activerecord" "railties"]; @@ -2736,10 +2736,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "09raw1gw0db9hfddgvzjwpk4hj1ng4dfq3igak80jkvhg4jdg7jp"; + sha256 = "0z4df65w9qpri315lpvzazdxa9xb7yj0j3d77q06wf0jnpvw4mzs"; type = "gem"; }; - version = "5.1.0"; + version = "5.2.0"; }; simplecov = { dependencies = ["docile" "simplecov-html" "simplecov_json_formatter"]; @@ -2925,10 +2925,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "00cy93b6803j3aw5nail4l0zdrj54i5n2dlk6j9z998swcjbv3b2"; + sha256 = "0lnh0kr7f43m1cjzc2jvggfsl1rzsaj2rd3pn6vp7mcqliymzaza"; type = "gem"; }; - version = "0.3.0"; + version = "0.3.1"; }; tpm-key_attestation = { dependencies = ["bindata" "openssl" "openssl-signature_algorithm"]; @@ -3010,10 +3010,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0rx114mpqnw2k4h98vc0rs0x0bmf0img84yh8mkkjkal07cjydf5"; + sha256 = "16w2g84dzaf3z13gxyzlzbf748kylk5bdgg3n1ipvkvvqy685bwd"; type = "gem"; }; - version = "2.0.5"; + version = "2.0.6"; }; tzinfo-data = { dependencies = ["tzinfo"]; @@ -3139,10 +3139,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1cq6m5qwm3bmi7hkjfmbg2cs4qjq4wswlrwcfk8l1svfqbi135v3"; + sha256 = "0fh4vijqiq1h7w28llk67y9csc0m4wkdivrsl4fsxg279v6j5z3i"; type = "gem"; }; - version = "5.4.3"; + version = "5.4.4"; }; webpush = { dependencies = ["hkdf" "jwt"]; diff --git a/nixos/pkgs/glitch-soc/source.nix b/nixos/pkgs/glitch-soc/source.nix index 0d831fe3..db581682 100644 --- a/nixos/pkgs/glitch-soc/source.nix +++ b/nixos/pkgs/glitch-soc/source.nix @@ -2,8 +2,8 @@ { fetchgit, applyPatches }: let src = fetchgit { url = "https://github.com/glitch-soc/mastodon.git"; - rev = "368d6fe54f94ad2ecd2a1c1e7e5a2359dc37ad30"; - sha256 = "05hcnw7rar4cbxidf5ln0r5asp9kavp5mqkja0gq39rrnhb99lcs"; + rev = "ee4250545236e4330c46b43f4abfe94ad323d4d4"; + sha256 = "12rwz4dy107p711d1pj33lsd32fwns0b2nif755mwrz0vzp29gr6"; }; in applyPatches { inherit src; diff --git a/nixos/pkgs/glitch-soc/version.nix b/nixos/pkgs/glitch-soc/version.nix index f4de9cc0..c283b300 100644 --- a/nixos/pkgs/glitch-soc/version.nix +++ b/nixos/pkgs/glitch-soc/version.nix @@ -1 +1 @@ -"4.1.0rc1" +"4.1.0" -- 2.47.1 From f0edea6c4b10e3b573b1b327c3cbf92a0256e9c7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 12:00:25 +0000 Subject: [PATCH 0944/1882] chore(deps): update renovate/renovate docker tag to v34.138.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index e1c75192..f5ee6eb4 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.136.0 + image: renovate/renovate:34.138.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 642e73cb7707ae7e4a808f0b47e548c0f18f5e4c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 13:02:23 +0000 Subject: [PATCH 0945/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 7bbdea00..129023fe 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676360078, - "narHash": "sha256-p08jYnaYZKNcmRz4g8d2g7Xjx/jGDc8e97AAoMQuiK4=", + "lastModified": 1676375128, + "narHash": "sha256-rNEF0UWJQhL18V82Y1SGDqH21wSykDy3KxvlzRGB+2w=", "owner": "nix-community", "repo": "NUR", - "rev": "72677d48bca8c0c736f6bfad66cc2cab0b77b249", + "rev": "89f9ed0f4a56f14bd64260e252c6ded255d596bc", "type": "github" }, "original": { -- 2.47.1 From a5dfad0581fa427cca2266bd78a3516cf38092dc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 14:05:53 +0000 Subject: [PATCH 0946/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 129023fe..35dfaefd 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1676202775, - "narHash": "sha256-gV/RnfVZkGLHn+5rmX2GSh5aquVHpWOJw1cnpEV03tQ=", + "lastModified": 1676300157, + "narHash": "sha256-1HjRzfp6LOLfcj/HJHdVKWAkX9QRAouoh6AjzJiIerU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d917136f550a8c36efb1724390c7245105f79023", + "rev": "545c7a31e5dedea4a6d372712a18e00ce097d462", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676375128, - "narHash": "sha256-rNEF0UWJQhL18V82Y1SGDqH21wSykDy3KxvlzRGB+2w=", + "lastModified": 1676382524, + "narHash": "sha256-evSZlVDvd0gMnXyae3nTyQx5RAxuSYaZkPjh61o0Nxs=", "owner": "nix-community", "repo": "NUR", - "rev": "89f9ed0f4a56f14bd64260e252c6ded255d596bc", + "rev": "bd125ebba4a8278656545ab79444979e3a4a41f2", "type": "github" }, "original": { -- 2.47.1 From 825ce35b6e1a892731855506f89fb37183bbdf63 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 15:02:06 +0000 Subject: [PATCH 0947/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 35dfaefd..31063f66 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676382524, - "narHash": "sha256-evSZlVDvd0gMnXyae3nTyQx5RAxuSYaZkPjh61o0Nxs=", + "lastModified": 1676385929, + "narHash": "sha256-qaIM1TBKKQ+FTTuUpr2AfUP8NQ6q8QwL1BEaYHG9Gls=", "owner": "nix-community", "repo": "NUR", - "rev": "bd125ebba4a8278656545ab79444979e3a4a41f2", + "rev": "32f2fc312516b3b2b47708105c8fc87cea1df5d2", "type": "github" }, "original": { -- 2.47.1 From b70899bcef77d54d73f20ba50c7d5a023ef43d00 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 17:00:21 +0000 Subject: [PATCH 0948/1882] chore(deps): update renovate/renovate docker tag to v34.138.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index f5ee6eb4..54153886 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.138.0 + image: renovate/renovate:34.138.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 8963bad7d0a9c02295461ae986f9ba05e79ec4f9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 18:02:19 +0000 Subject: [PATCH 0949/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 31063f66..b3854444 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676335618, - "narHash": "sha256-OgRs95hczqdqLbj/FUm2JjPOIV2wiUPv5XoBxSA9svA=", + "lastModified": 1676396649, + "narHash": "sha256-DLAbpRJ6KGOIT4QBy3esf3uYuQJ47jRFAX8CyNZt5Yw=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "98c95aa34d31bcbb792227d00dc37bfd627a564a", + "rev": "87a4cc76542083fdb4bd49e45e71a8edaace2f85", "type": "github" }, "original": { @@ -911,11 +911,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1675522506, - "narHash": "sha256-EtjeHqBVvUVJ43nGiYjPgqL4E6qzgBh+qkmoOJ+IZ5A=", + "lastModified": 1676393198, + "narHash": "sha256-dh7yOX2rkFHlsG5KJHJHmp3J6VjiB9ipP10dTEEkjl0=", "owner": "pta2002", "repo": "nixvim", - "rev": "8d41514bbef2b5ee213c22c70b39e8c976d6200a", + "rev": "96c77f126f40c08e4309b3b70305641265c34b2d", "type": "github" }, "original": { -- 2.47.1 From f3a655714888550accdbcd7510506b4d368aa2e0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 19:06:06 +0000 Subject: [PATCH 0950/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b3854444..5b90161a 100644 --- a/flake.lock +++ b/flake.lock @@ -911,11 +911,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1676393198, - "narHash": "sha256-dh7yOX2rkFHlsG5KJHJHmp3J6VjiB9ipP10dTEEkjl0=", + "lastModified": 1676398253, + "narHash": "sha256-+nS3pdkhvgM6G0mLsgTsVxVj8LuQ2jE3L6raJQurJh8=", "owner": "pta2002", "repo": "nixvim", - "rev": "96c77f126f40c08e4309b3b70305641265c34b2d", + "rev": "6e54dc1143539fc5f6d4f963a41b39e84ddf99ef", "type": "github" }, "original": { -- 2.47.1 From 424de5196624d1c7cfd74afdfbeb96f02c1f3aa2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 20:01:46 +0000 Subject: [PATCH 0951/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 5b90161a..94ee8cd3 100644 --- a/flake.lock +++ b/flake.lock @@ -911,11 +911,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1676398253, - "narHash": "sha256-+nS3pdkhvgM6G0mLsgTsVxVj8LuQ2jE3L6raJQurJh8=", + "lastModified": 1676404316, + "narHash": "sha256-tow2N5cijtVKdWhTIxbwi2C8+ir2F27MDTGYhDm/P+I=", "owner": "pta2002", "repo": "nixvim", - "rev": "6e54dc1143539fc5f6d4f963a41b39e84ddf99ef", + "rev": "7ccb2b06087663b12628470bbc7aa1207596a76a", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676385929, - "narHash": "sha256-qaIM1TBKKQ+FTTuUpr2AfUP8NQ6q8QwL1BEaYHG9Gls=", + "lastModified": 1676403966, + "narHash": "sha256-S9AQq2kI4EmxTrYJC2hhJQCziy0wjHBS1IMEYMCyspQ=", "owner": "nix-community", "repo": "NUR", - "rev": "32f2fc312516b3b2b47708105c8fc87cea1df5d2", + "rev": "6975fbaffe66d2c0794a5639d1fb70c3ddb9e1a0", "type": "github" }, "original": { -- 2.47.1 From 66bbaa706c2a6a4ac32a3e9bff9d3995f2d17914 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 21:02:05 +0000 Subject: [PATCH 0952/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 94ee8cd3..5a6bb480 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676396649, - "narHash": "sha256-DLAbpRJ6KGOIT4QBy3esf3uYuQJ47jRFAX8CyNZt5Yw=", + "lastModified": 1676406513, + "narHash": "sha256-7/tQafxgc6JLhkg8wjpFZnm4zH2WUYqpckW+PlDgSNY=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "87a4cc76542083fdb4bd49e45e71a8edaace2f85", + "rev": "f37866eb7ecf0ddb9b1924cbbc15af90143a24d3", "type": "github" }, "original": { @@ -489,11 +489,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1676033584, - "narHash": "sha256-MeF1nR09cUdkCd1KNjzxImwhqsP2cbn/0M6z87fNJAk=", + "lastModified": 1676406424, + "narHash": "sha256-G+JhFuaeB15MTU8DbJALm/Yf240FCQmrWZ8Y0UzyqRI=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "44a38bfedc009bcc05eed571e80a397a80075a9f", + "rev": "1d76f4db0d3b487b9a9562195815e181652aef7c", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676403966, - "narHash": "sha256-S9AQq2kI4EmxTrYJC2hhJQCziy0wjHBS1IMEYMCyspQ=", + "lastModified": 1676407503, + "narHash": "sha256-M7sinlSMyXzNh3bleFfBoMTS9OTlFZTDXEs2gpkrbII=", "owner": "nix-community", "repo": "NUR", - "rev": "6975fbaffe66d2c0794a5639d1fb70c3ddb9e1a0", + "rev": "b72567753901a2b872b877b79b082bb2c59373a8", "type": "github" }, "original": { -- 2.47.1 From 9ce3792c5e3341df9377a66c0f0b716984ea56b1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 22:02:06 +0000 Subject: [PATCH 0953/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 5a6bb480..c0f76d33 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676407503, - "narHash": "sha256-M7sinlSMyXzNh3bleFfBoMTS9OTlFZTDXEs2gpkrbII=", + "lastModified": 1676411221, + "narHash": "sha256-XPZNzPYtAlCEQ7tpYbbxHrgSQNFILeeUEvU9ospCS7s=", "owner": "nix-community", "repo": "NUR", - "rev": "b72567753901a2b872b877b79b082bb2c59373a8", + "rev": "82f997805b79b533ff9b8a7fc151b85a3001a714", "type": "github" }, "original": { -- 2.47.1 From b916ca8d6b3ad5601549de89a4a461dded133142 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Feb 2023 23:02:18 +0000 Subject: [PATCH 0954/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c0f76d33..0e5a5348 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676411221, - "narHash": "sha256-XPZNzPYtAlCEQ7tpYbbxHrgSQNFILeeUEvU9ospCS7s=", + "lastModified": 1676414777, + "narHash": "sha256-34vd+g+sxXK5wQLjdhCTK7GQJJD4skOgItXm7Ux9YSw=", "owner": "nix-community", "repo": "NUR", - "rev": "82f997805b79b533ff9b8a7fc151b85a3001a714", + "rev": "07cba4b331bb3532e4d2e87600f68f6c4f630560", "type": "github" }, "original": { -- 2.47.1 From 13dc4ff765292505040ab11cb9546d933690a85b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Feb 2023 02:00:24 +0000 Subject: [PATCH 0955/1882] chore(deps): update renovate/renovate docker tag to v34.138.3 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 54153886..0c32a730 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.138.1 + image: renovate/renovate:34.138.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 9126bbe09e03e9a5b234f0e7b534445d0a5b6b49 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Feb 2023 03:01:54 +0000 Subject: [PATCH 0956/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 0e5a5348..815edf52 100644 --- a/flake.lock +++ b/flake.lock @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1676253841, - "narHash": "sha256-jhuI8Mmky8VCD45OoJEuF6HdPLFBwNrHA0ljjZ/zkfw=", + "lastModified": 1676375384, + "narHash": "sha256-6HI3jZiuJX+KLz05cocYy2mBAWlISEKHU84ftYfxHZ8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a45a8916243a7d27acc358f4fc18c4491f3eeca8", + "rev": "c43f676c938662072772339be6269226c77b51b8", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676414777, - "narHash": "sha256-34vd+g+sxXK5wQLjdhCTK7GQJJD4skOgItXm7Ux9YSw=", + "lastModified": 1676427247, + "narHash": "sha256-TzrdkBf7sTPFBoma3FlEI2ZGUORJRdnaZt8lsJUlBH4=", "owner": "nix-community", "repo": "NUR", - "rev": "07cba4b331bb3532e4d2e87600f68f6c4f630560", + "rev": "c7643c2ecb14ff6f59b8993aa1d07b4f031487b0", "type": "github" }, "original": { -- 2.47.1 From d9e3cd00b6904bd36045f483bcae669b26d0cdc9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Feb 2023 04:05:03 +0000 Subject: [PATCH 0957/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 815edf52..c3b5941f 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676427247, - "narHash": "sha256-TzrdkBf7sTPFBoma3FlEI2ZGUORJRdnaZt8lsJUlBH4=", + "lastModified": 1676432746, + "narHash": "sha256-+RYyek9+ZXa226DEG/AK4FThTd8coUTtzRxxJvkw4kA=", "owner": "nix-community", "repo": "NUR", - "rev": "c7643c2ecb14ff6f59b8993aa1d07b4f031487b0", + "rev": "7531ccd2298354c81cfe55bc43e7f5fed77b248c", "type": "github" }, "original": { -- 2.47.1 From 0836796cb002feb6465023d5f2b643036f475306 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Feb 2023 05:02:00 +0000 Subject: [PATCH 0958/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c3b5941f..c28d2f96 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676432746, - "narHash": "sha256-+RYyek9+ZXa226DEG/AK4FThTd8coUTtzRxxJvkw4kA=", + "lastModified": 1676436316, + "narHash": "sha256-chemcxFTG+I7h0WURWa15XGje8BBmzWQa2MmZwZmG3M=", "owner": "nix-community", "repo": "NUR", - "rev": "7531ccd2298354c81cfe55bc43e7f5fed77b248c", + "rev": "233fbd9675641621a0d2f8e564f7fe677bf74696", "type": "github" }, "original": { -- 2.47.1 From 2dfc11f52d0598502ec4e5448f8a526f1303157d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Feb 2023 07:01:36 +0000 Subject: [PATCH 0959/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c28d2f96..f16c3328 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676436316, - "narHash": "sha256-chemcxFTG+I7h0WURWa15XGje8BBmzWQa2MmZwZmG3M=", + "lastModified": 1676443773, + "narHash": "sha256-C+hag3jz5wMKK9qNI8vfVNNZSX66X9PAtjGfNyRDCm8=", "owner": "nix-community", "repo": "NUR", - "rev": "233fbd9675641621a0d2f8e564f7fe677bf74696", + "rev": "26954520ec2df7d9d4137ec584412a6eb6a20f48", "type": "github" }, "original": { -- 2.47.1 From a41dd417a6561b682a462784649bfaba100bfb8c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Feb 2023 12:00:23 +0000 Subject: [PATCH 0960/1882] chore(deps): update renovate/renovate docker tag to v34.139.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 0c32a730..c150e6ba 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.138.3 + image: renovate/renovate:34.139.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 7bc5612e271d2ea1e5b1314b6d0d4dd69aac38c1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Feb 2023 14:05:04 +0000 Subject: [PATCH 0961/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index f16c3328..582252df 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676443773, - "narHash": "sha256-C+hag3jz5wMKK9qNI8vfVNNZSX66X9PAtjGfNyRDCm8=", + "lastModified": 1676468847, + "narHash": "sha256-ZXbDl2mUwHcM3Q5N+rWiJp4noavY5I85iqjM+KVowc8=", "owner": "nix-community", "repo": "NUR", - "rev": "26954520ec2df7d9d4137ec584412a6eb6a20f48", + "rev": "979c87fa17dd3ba34b38b99ffc8d830a816dbc00", "type": "github" }, "original": { -- 2.47.1 From c47e9e61a6b6fe2ca955a9d2f5c5696638a29501 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Feb 2023 15:01:52 +0000 Subject: [PATCH 0962/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 582252df..964c027c 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676406513, - "narHash": "sha256-7/tQafxgc6JLhkg8wjpFZnm4zH2WUYqpckW+PlDgSNY=", + "lastModified": 1676472651, + "narHash": "sha256-rPyLFo/fyDctnkHjG8VYC2gSiB8MP51OUYC9dA0BQ2o=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "f37866eb7ecf0ddb9b1924cbbc15af90143a24d3", + "rev": "1992f27a269c573517cc13f70ee0f4f7055897cb", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676468847, - "narHash": "sha256-ZXbDl2mUwHcM3Q5N+rWiJp4noavY5I85iqjM+KVowc8=", + "lastModified": 1676472424, + "narHash": "sha256-4URZYhEzoOFcYq2greK4QETCTcSDXHvplzB/QUyV2Gg=", "owner": "nix-community", "repo": "NUR", - "rev": "979c87fa17dd3ba34b38b99ffc8d830a816dbc00", + "rev": "24a0377d409ef30afe37a4b9abd49567c01c0097", "type": "github" }, "original": { -- 2.47.1 From d474978acd6345fc6b2324ca03a285ed7f1be1c5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Feb 2023 17:00:24 +0000 Subject: [PATCH 0963/1882] chore(deps): update renovate/renovate docker tag to v34.140.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index c150e6ba..5e5cd522 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.139.0 + image: renovate/renovate:34.140.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 065352881c75c87a1478032d42afe75fcc65f4e5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Feb 2023 18:01:50 +0000 Subject: [PATCH 0964/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 964c027c..34ee2757 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676472424, - "narHash": "sha256-4URZYhEzoOFcYq2greK4QETCTcSDXHvplzB/QUyV2Gg=", + "lastModified": 1676483082, + "narHash": "sha256-e/mULYGkIlepksMRCpYKni2ULOs6FQ7Zd9HcVRbWkog=", "owner": "nix-community", "repo": "NUR", - "rev": "24a0377d409ef30afe37a4b9abd49567c01c0097", + "rev": "031558584a7508662417d0926ac3ec75def8afb8", "type": "github" }, "original": { -- 2.47.1 From 51355be14cdd656b3f266bb930e4120f3b0e81b5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Feb 2023 19:05:40 +0000 Subject: [PATCH 0965/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 34ee2757..9e7f8665 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676472651, - "narHash": "sha256-rPyLFo/fyDctnkHjG8VYC2gSiB8MP51OUYC9dA0BQ2o=", + "lastModified": 1676486723, + "narHash": "sha256-QLinOK1H0hUA9sDj2Hx97OfUE6IcXf071yx9uchmRPA=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "1992f27a269c573517cc13f70ee0f4f7055897cb", + "rev": "ab6a092dbc99bfdb2cd40f46e2f34f74cce88c15", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676483082, - "narHash": "sha256-e/mULYGkIlepksMRCpYKni2ULOs6FQ7Zd9HcVRbWkog=", + "lastModified": 1676486995, + "narHash": "sha256-8NG3szA0ASJNnJoJbJLBsETqyIjcKbE+hIAvLAZBnPQ=", "owner": "nix-community", "repo": "NUR", - "rev": "031558584a7508662417d0926ac3ec75def8afb8", + "rev": "30d7e3e3670083b88b5755d16c2c17609c18122b", "type": "github" }, "original": { -- 2.47.1 From 30ebc61b11c512baa89ffb6eacb2b15afe3740db Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Feb 2023 21:01:45 +0000 Subject: [PATCH 0966/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 9e7f8665..8ae2d5c5 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1675935446, - "narHash": "sha256-WajulTn7QdwC7QuXRBavrANuIXE5z+08EdxdRw1qsNs=", + "lastModified": 1676367705, + "narHash": "sha256-un5UbRat9TwruyImtwUGcKF823rCEp4fQxnsaLFL7CM=", "owner": "nix-community", "repo": "home-manager", - "rev": "2dce7f1a55e785a22d61668516df62899278c9e4", + "rev": "da72e6fc6b7dc0c3f94edbd310aae7cd95c678b5", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676486995, - "narHash": "sha256-8NG3szA0ASJNnJoJbJLBsETqyIjcKbE+hIAvLAZBnPQ=", + "lastModified": 1676493836, + "narHash": "sha256-s1nuwVmVCj/2hGbLY7pprCPSqFFGv/0MGHrKshbgaI0=", "owner": "nix-community", "repo": "NUR", - "rev": "30d7e3e3670083b88b5755d16c2c17609c18122b", + "rev": "2810aff6e0830029063f19064748235bbd79d8b5", "type": "github" }, "original": { -- 2.47.1 From c5addf0ec1fbdc9d44a29bd9bd3b7f37fec9690c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Feb 2023 23:00:23 +0000 Subject: [PATCH 0967/1882] chore(deps): update renovate/renovate docker tag to v34.141.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 5e5cd522..6a1b8eb1 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.140.0 + image: renovate/renovate:34.141.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 728cc6f0b7aefd313e7ea3e432ecbef8c5ec5a29 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Feb 2023 02:01:25 +0000 Subject: [PATCH 0968/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 8ae2d5c5..426e8028 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676493836, - "narHash": "sha256-s1nuwVmVCj/2hGbLY7pprCPSqFFGv/0MGHrKshbgaI0=", + "lastModified": 1676510790, + "narHash": "sha256-sxESNeXem1bSxAAnmq3xlo9pvNi79Cjj1lD/7RzneA4=", "owner": "nix-community", "repo": "NUR", - "rev": "2810aff6e0830029063f19064748235bbd79d8b5", + "rev": "98c45c0849c52ea1a7ca546487d9af5f4b145d84", "type": "github" }, "original": { -- 2.47.1 From 417698ad1c180ebe7608437030719ed562db0c7b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Feb 2023 04:01:37 +0000 Subject: [PATCH 0969/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 426e8028..cb9aea87 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676510790, - "narHash": "sha256-sxESNeXem1bSxAAnmq3xlo9pvNi79Cjj1lD/7RzneA4=", + "lastModified": 1676517184, + "narHash": "sha256-aeKcKvyDQX1G6iqSnainCJGjKy9d7lGbkMigiM3su1g=", "owner": "nix-community", "repo": "NUR", - "rev": "98c45c0849c52ea1a7ca546487d9af5f4b145d84", + "rev": "4b0b90737218503ed087c04a6be49fce595a12cd", "type": "github" }, "original": { -- 2.47.1 From a6db25d540b33d199aa844a578cfb26081fcb9b5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Feb 2023 05:01:45 +0000 Subject: [PATCH 0970/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index cb9aea87..b3b565a0 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676517184, - "narHash": "sha256-aeKcKvyDQX1G6iqSnainCJGjKy9d7lGbkMigiM3su1g=", + "lastModified": 1676522799, + "narHash": "sha256-iKY+HrS1kYv8djQuFjfJ70hJ/NuI/snrCAAhjnM30n0=", "owner": "nix-community", "repo": "NUR", - "rev": "4b0b90737218503ed087c04a6be49fce595a12cd", + "rev": "c3a04803e5b55f782dec953a432dd3635eab0792", "type": "github" }, "original": { -- 2.47.1 From f7aefc58dc574137507aac775cb81d623355d979 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Feb 2023 07:01:28 +0000 Subject: [PATCH 0971/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b3b565a0..b1b015fd 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676522799, - "narHash": "sha256-iKY+HrS1kYv8djQuFjfJ70hJ/NuI/snrCAAhjnM30n0=", + "lastModified": 1676530882, + "narHash": "sha256-zQe//gb3gz1W7MFN405TAxX04rRQxwLpzVNFPERR+gc=", "owner": "nix-community", "repo": "NUR", - "rev": "c3a04803e5b55f782dec953a432dd3635eab0792", + "rev": "4a2858677136bf1fd0bb8534655b4c140f21641c", "type": "github" }, "original": { -- 2.47.1 From 4c6e4228d5cbf5c5f17c77bd194ff2e7ce35684c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Feb 2023 13:00:23 +0000 Subject: [PATCH 0972/1882] chore(deps): update renovate/renovate docker tag to v34.142.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 6a1b8eb1..f8e227fe 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.141.0 + image: renovate/renovate:34.142.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From fa04829fcba63b406a46ae14cb08fb0a56dda7e8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Feb 2023 14:01:56 +0000 Subject: [PATCH 0973/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index b1b015fd..4ebef5dd 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676486723, - "narHash": "sha256-QLinOK1H0hUA9sDj2Hx97OfUE6IcXf071yx9uchmRPA=", + "lastModified": 1676554666, + "narHash": "sha256-W/Ao4b5MjWGRMdt6GVjfsQ+2aL2zCSGkQbhtSdQ2j78=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "ab6a092dbc99bfdb2cd40f46e2f34f74cce88c15", + "rev": "ff95721ad9dd51f51f84305746bb47593b9f4f76", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676530882, - "narHash": "sha256-zQe//gb3gz1W7MFN405TAxX04rRQxwLpzVNFPERR+gc=", + "lastModified": 1676552767, + "narHash": "sha256-YigkTf4Cp56yr/ocVGkb7pLn/s+eA3GMSKajqd0AHSg=", "owner": "nix-community", "repo": "NUR", - "rev": "4a2858677136bf1fd0bb8534655b4c140f21641c", + "rev": "075f78dadf6180d2b5864a2a47e8b6755eb3dca6", "type": "github" }, "original": { -- 2.47.1 From a4d33e7905e63e4478c9d3157242622e229631c9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Feb 2023 18:00:24 +0000 Subject: [PATCH 0974/1882] chore(deps): update renovate/renovate docker tag to v34.143.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index f8e227fe..49c69a71 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.142.0 + image: renovate/renovate:34.143.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 767a8c4df7c178cca6f6994fdf3a15a96e27d786 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Feb 2023 19:02:25 +0000 Subject: [PATCH 0975/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 4ebef5dd..b75c7fba 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676552767, - "narHash": "sha256-YigkTf4Cp56yr/ocVGkb7pLn/s+eA3GMSKajqd0AHSg=", + "lastModified": 1676573349, + "narHash": "sha256-ThnF23NpRdDs7RjHKOZVouevw9BqrokzpinKSNiiuSc=", "owner": "nix-community", "repo": "NUR", - "rev": "075f78dadf6180d2b5864a2a47e8b6755eb3dca6", + "rev": "c404f48f81a95427b761e248d9d9a020528a12d0", "type": "github" }, "original": { -- 2.47.1 From 0de50e8455cfcb6e8b089e76af457f920cc5a3b4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Feb 2023 20:04:57 +0000 Subject: [PATCH 0976/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b75c7fba..89e0363e 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676573349, - "narHash": "sha256-ThnF23NpRdDs7RjHKOZVouevw9BqrokzpinKSNiiuSc=", + "lastModified": 1676576685, + "narHash": "sha256-EhVXHEn9hPASlESKHdiqhmfrocqnOTif2VkN+e53a2U=", "owner": "nix-community", "repo": "NUR", - "rev": "c404f48f81a95427b761e248d9d9a020528a12d0", + "rev": "5977a86120d048912f9a6a867b433a8d97601931", "type": "github" }, "original": { -- 2.47.1 From a79d8aa5ffcb9c47229b7b8d248f5b892a33b305 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Feb 2023 21:01:53 +0000 Subject: [PATCH 0977/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 89e0363e..8615e5cd 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1676300157, - "narHash": "sha256-1HjRzfp6LOLfcj/HJHdVKWAkX9QRAouoh6AjzJiIerU=", + "lastModified": 1676391076, + "narHash": "sha256-t2Awu5Aucb5kVan9BniyIHn2gqDy1muzQTox9MQl09A=", "owner": "nixos", "repo": "nixpkgs", - "rev": "545c7a31e5dedea4a6d372712a18e00ce097d462", + "rev": "5a3b04e58b86d885bb441ee52ed2d23128fc9156", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676576685, - "narHash": "sha256-EhVXHEn9hPASlESKHdiqhmfrocqnOTif2VkN+e53a2U=", + "lastModified": 1676580339, + "narHash": "sha256-FNqGP1pqQOCll6pVfJQxxsQwetmeQFalK0svjVChSXk=", "owner": "nix-community", "repo": "NUR", - "rev": "5977a86120d048912f9a6a867b433a8d97601931", + "rev": "992e74dd6a893496457ede95972b45b60c075a7c", "type": "github" }, "original": { -- 2.47.1 From 08941891e7c208fa4e8947b1ee3c3216b62d80db Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Feb 2023 22:00:35 +0000 Subject: [PATCH 0978/1882] chore(deps): update renovate/renovate docker tag to v34.143.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 49c69a71..d230781a 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.143.0 + image: renovate/renovate:34.143.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From d9fd2f729654922b11e1a4798d20380c256b7f1a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Feb 2023 23:02:05 +0000 Subject: [PATCH 0979/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 8615e5cd..67217251 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676554666, - "narHash": "sha256-W/Ao4b5MjWGRMdt6GVjfsQ+2aL2zCSGkQbhtSdQ2j78=", + "lastModified": 1676587898, + "narHash": "sha256-CUo70lZ+WyUwYiULwMOjhX+TWarxa2GSCdj2yKJRa/4=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "ff95721ad9dd51f51f84305746bb47593b9f4f76", + "rev": "dbfa6eea7bf7a6f153cadf970719081e4ef729ee", "type": "github" }, "original": { @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1676391076, - "narHash": "sha256-t2Awu5Aucb5kVan9BniyIHn2gqDy1muzQTox9MQl09A=", + "lastModified": 1676481215, + "narHash": "sha256-afma/1RU0EePRyrBPcjBdOt+dV8z1bJH9dtpTN/WXmY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5a3b04e58b86d885bb441ee52ed2d23128fc9156", + "rev": "28319deb5ab05458d9cd5c7d99e1a24ec2e8fc4b", "type": "github" }, "original": { @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676580339, - "narHash": "sha256-FNqGP1pqQOCll6pVfJQxxsQwetmeQFalK0svjVChSXk=", + "lastModified": 1676584760, + "narHash": "sha256-ta7fNtkvtwJXnxKTZNBfp5S/LjkBvwpA9Bfz9oQ1cho=", "owner": "nix-community", "repo": "NUR", - "rev": "992e74dd6a893496457ede95972b45b60c075a7c", + "rev": "82e1807d3ff9adb53f25e21a050e3a762a76d091", "type": "github" }, "original": { -- 2.47.1 From 4f4ee1577837627edcfc0e164081267abed8792f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Feb 2023 02:01:36 +0000 Subject: [PATCH 0980/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 67217251..b0858d9d 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676584760, - "narHash": "sha256-ta7fNtkvtwJXnxKTZNBfp5S/LjkBvwpA9Bfz9oQ1cho=", + "lastModified": 1676597347, + "narHash": "sha256-jSgx0yNPajW4JddkbPxrUUPKM/H+Is4DjnrZEUKBk8o=", "owner": "nix-community", "repo": "NUR", - "rev": "82e1807d3ff9adb53f25e21a050e3a762a76d091", + "rev": "872cfba641b00bdc0b3db0607b81d971f94a5dbd", "type": "github" }, "original": { -- 2.47.1 From 2b1979bb44872bc3bdd76de04d4ab193f67bc350 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Feb 2023 03:01:53 +0000 Subject: [PATCH 0981/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b0858d9d..96dbc45b 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676597347, - "narHash": "sha256-jSgx0yNPajW4JddkbPxrUUPKM/H+Is4DjnrZEUKBk8o=", + "lastModified": 1676600198, + "narHash": "sha256-efEKkM8XTun6hUg05NSnhsxE8qdlj/xmVXFzlZNb9Os=", "owner": "nix-community", "repo": "NUR", - "rev": "872cfba641b00bdc0b3db0607b81d971f94a5dbd", + "rev": "9c316707ceda93ed197745355703384372d7a5f8", "type": "github" }, "original": { -- 2.47.1 From dc901c711b024dd4b60c82a1b7b4789a4359509f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Feb 2023 04:02:12 +0000 Subject: [PATCH 0982/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 96dbc45b..62d8f05c 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676600198, - "narHash": "sha256-efEKkM8XTun6hUg05NSnhsxE8qdlj/xmVXFzlZNb9Os=", + "lastModified": 1676605164, + "narHash": "sha256-eYKDCY+jymXA1KNGNInG7+Qf1z8ME4K2YPnlwR79sxs=", "owner": "nix-community", "repo": "NUR", - "rev": "9c316707ceda93ed197745355703384372d7a5f8", + "rev": "7e869a6a3522ef6a62b26bb44f573f85e82d7b19", "type": "github" }, "original": { -- 2.47.1 From 12f4a3d82676cb40979a965303d3366c44d2ebf2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Feb 2023 05:02:10 +0000 Subject: [PATCH 0983/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 62d8f05c..af29ce06 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676605164, - "narHash": "sha256-eYKDCY+jymXA1KNGNInG7+Qf1z8ME4K2YPnlwR79sxs=", + "lastModified": 1676609231, + "narHash": "sha256-cHjnEGVM4kQWNVccQwFPNDOSeOw3iuHra5CyV/TtkXA=", "owner": "nix-community", "repo": "NUR", - "rev": "7e869a6a3522ef6a62b26bb44f573f85e82d7b19", + "rev": "881c9e5408959b3460ee01edc6e851bbadbf6dce", "type": "github" }, "original": { -- 2.47.1 From 38f5405025e89aecf88e8eca503b83cc2d342ba5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Feb 2023 06:01:54 +0000 Subject: [PATCH 0984/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index af29ce06..397e3fd8 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676609231, - "narHash": "sha256-cHjnEGVM4kQWNVccQwFPNDOSeOw3iuHra5CyV/TtkXA=", + "lastModified": 1676610570, + "narHash": "sha256-Uo/rwZCcXXQiAa06UOwkGcp7KbQeBhTvIFeaXQCOHP4=", "owner": "nix-community", "repo": "NUR", - "rev": "881c9e5408959b3460ee01edc6e851bbadbf6dce", + "rev": "63f31030a1820cd626709a26cbc2ba6138c4ec15", "type": "github" }, "original": { -- 2.47.1 From 4520df8233f9c2cbde2b8254843e534c2b0f6bf0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Feb 2023 07:02:00 +0000 Subject: [PATCH 0985/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 397e3fd8..f92a5669 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676610570, - "narHash": "sha256-Uo/rwZCcXXQiAa06UOwkGcp7KbQeBhTvIFeaXQCOHP4=", + "lastModified": 1676616525, + "narHash": "sha256-KmummxbhXIP9gQdxwfNUR6NNm020SBihRoPd4fBJhyE=", "owner": "nix-community", "repo": "NUR", - "rev": "63f31030a1820cd626709a26cbc2ba6138c4ec15", + "rev": "70b1947e00dec6eb13c005fb7cd68859f5473e39", "type": "github" }, "original": { -- 2.47.1 From a1513eda932b1291cf87eef95791c73e96895dc6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Feb 2023 08:01:51 +0000 Subject: [PATCH 0986/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index f92a5669..a1bdbb1a 100644 --- a/flake.lock +++ b/flake.lock @@ -926,11 +926,11 @@ }, "nur": { "locked": { - "lastModified": 1676616525, - "narHash": "sha256-KmummxbhXIP9gQdxwfNUR6NNm020SBihRoPd4fBJhyE=", + "lastModified": 1676619352, + "narHash": "sha256-a9pQbtOcUYS9boD6+lQqPe0WzME0x8yzZk365w9XGbM=", "owner": "nix-community", "repo": "NUR", - "rev": "70b1947e00dec6eb13c005fb7cd68859f5473e39", + "rev": "d2d70316f27384cf53e0f3c6cf2fd73e4744555a", "type": "github" }, "original": { -- 2.47.1 From 3c3ef4b869e93aebad6c4d61d0f1d1d47efd2ab7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Feb 2023 09:00:35 +0000 Subject: [PATCH 0987/1882] chore(deps): update renovate/renovate docker tag to v34.144.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index d230781a..c2200f28 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.143.1 + image: renovate/renovate:34.144.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 073b195d50219dad8928d294e21ae491f7fe9ba8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Feb 2023 11:05:16 +0000 Subject: [PATCH 0988/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index a1bdbb1a..c6c32b93 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676587898, - "narHash": "sha256-CUo70lZ+WyUwYiULwMOjhX+TWarxa2GSCdj2yKJRa/4=", + "lastModified": 1676630258, + "narHash": "sha256-pc3aIr2LgmJFcTQwICpz3d4/u5/xHDI14qY/zEhGM3k=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "dbfa6eea7bf7a6f153cadf970719081e4ef729ee", + "rev": "be2e4d9dd1e58991a4f54078a331cbcbd8265c7f", "type": "github" }, "original": { @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1676375384, - "narHash": "sha256-6HI3jZiuJX+KLz05cocYy2mBAWlISEKHU84ftYfxHZ8=", + "lastModified": 1676546582, + "narHash": "sha256-MJ+PXNmUyxnMTFoss7G2lEcUY2cfYZM6RudBAL5aX1k=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c43f676c938662072772339be6269226c77b51b8", + "rev": "2fb7d749c084890192b2cd08ba264e5e4a14df1b", "type": "github" }, "original": { -- 2.47.1 From 16cdaa2ec72772078b5caf9f6167fcfe2e6a2901 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 17 Feb 2023 13:18:16 +0100 Subject: [PATCH 0989/1882] fix nixvim --- flake.lock | 17 +++++++++-------- flake.nix | 2 +- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index f92a5669..1272385f 100644 --- a/flake.lock +++ b/flake.lock @@ -911,26 +911,27 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1676404316, - "narHash": "sha256-tow2N5cijtVKdWhTIxbwi2C8+ir2F27MDTGYhDm/P+I=", - "owner": "pta2002", + "lastModified": 1676412918, + "narHash": "sha256-WqBiJRgAbdvLbCDMX1GbZEhAmgMI4PzMqtNjPygkdNs=", + "owner": "GaetanLepage", "repo": "nixvim", - "rev": "7ccb2b06087663b12628470bbc7aa1207596a76a", + "rev": "f404e6f97d102ce40578da9089a1ee4c226e3cf0", "type": "github" }, "original": { - "owner": "pta2002", + "owner": "GaetanLepage", + "ref": "fix-plugins-default", "repo": "nixvim", "type": "github" } }, "nur": { "locked": { - "lastModified": 1676616525, - "narHash": "sha256-KmummxbhXIP9gQdxwfNUR6NNm020SBihRoPd4fBJhyE=", + "lastModified": 1676619352, + "narHash": "sha256-a9pQbtOcUYS9boD6+lQqPe0WzME0x8yzZk365w9XGbM=", "owner": "nix-community", "repo": "NUR", - "rev": "70b1947e00dec6eb13c005fb7cd68859f5473e39", + "rev": "d2d70316f27384cf53e0f3c6cf2fd73e4744555a", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 7df2ae63..59eda4e9 100644 --- a/flake.nix +++ b/flake.nix @@ -33,7 +33,7 @@ mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver"; mailserver.inputs.nixpkgs.follows = "nixpkgs"; - nixvim.url = "github:pta2002/nixvim"; + nixvim.url = "github:GaetanLepage/nixvim/fix-plugins-default"; nixos-generators.url = "github:nix-community/nixos-generators"; -- 2.47.1 From f6d663583d80d66d83bddb3119a99d0aee82a017 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Feb 2023 13:00:22 +0000 Subject: [PATCH 0990/1882] chore(deps): update renovate/renovate docker tag to v34.145.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index c2200f28..61c95fdc 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.144.0 + image: renovate/renovate:34.145.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From fd96b0215c20e0c76fb5619ffe0bb092a2d4c76c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Feb 2023 14:02:08 +0000 Subject: [PATCH 0991/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d2e36e89..222ed4a0 100644 --- a/flake.lock +++ b/flake.lock @@ -927,11 +927,11 @@ }, "nur": { "locked": { - "lastModified": 1676619352, - "narHash": "sha256-a9pQbtOcUYS9boD6+lQqPe0WzME0x8yzZk365w9XGbM=", + "lastModified": 1676636203, + "narHash": "sha256-1fxThinWfMdghwfMiXpYJ+BrTjkSoTnajQTdPmmsmJo=", "owner": "nix-community", "repo": "NUR", - "rev": "d2d70316f27384cf53e0f3c6cf2fd73e4744555a", + "rev": "a6b7602c5dc36102994d76e68be8d3bc930baab7", "type": "github" }, "original": { -- 2.47.1 From 3c655c628beedf30ead8eef4ba0ea61f2ea9e44f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Feb 2023 15:04:53 +0000 Subject: [PATCH 0992/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 222ed4a0..d2844ddd 100644 --- a/flake.lock +++ b/flake.lock @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1676481215, - "narHash": "sha256-afma/1RU0EePRyrBPcjBdOt+dV8z1bJH9dtpTN/WXmY=", + "lastModified": 1676569297, + "narHash": "sha256-2n4C4H3/U+3YbDrQB6xIw7AaLdFISCCFwOkcETAigqU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "28319deb5ab05458d9cd5c7d99e1a24ec2e8fc4b", + "rev": "ac1f5b72a9e95873d1de0233fddcb56f99884b37", "type": "github" }, "original": { -- 2.47.1 From 9b165b3a74af867ce3e27fccd968bd669b6c7c67 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Feb 2023 16:01:39 +0000 Subject: [PATCH 0993/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d2844ddd..3a899e13 100644 --- a/flake.lock +++ b/flake.lock @@ -927,11 +927,11 @@ }, "nur": { "locked": { - "lastModified": 1676636203, - "narHash": "sha256-1fxThinWfMdghwfMiXpYJ+BrTjkSoTnajQTdPmmsmJo=", + "lastModified": 1676647414, + "narHash": "sha256-FzF/3HiREuJ+7M7Gz0BYFpBpzNX3j4PO012aheCr89Q=", "owner": "nix-community", "repo": "NUR", - "rev": "a6b7602c5dc36102994d76e68be8d3bc930baab7", + "rev": "76db5efaff7a17e6a2f7135d74ebbc9f591354ba", "type": "github" }, "original": { -- 2.47.1 From 0dd2b8a5a7177596a755b0657c2bf393de2bb912 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Feb 2023 18:01:45 +0000 Subject: [PATCH 0994/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 3a899e13..fa78fede 100644 --- a/flake.lock +++ b/flake.lock @@ -927,11 +927,11 @@ }, "nur": { "locked": { - "lastModified": 1676647414, - "narHash": "sha256-FzF/3HiREuJ+7M7Gz0BYFpBpzNX3j4PO012aheCr89Q=", + "lastModified": 1676655991, + "narHash": "sha256-2f0ru3gzwfBDYVYmT6UFrC+mitu2jWmp+B3R/hKzXzQ=", "owner": "nix-community", "repo": "NUR", - "rev": "76db5efaff7a17e6a2f7135d74ebbc9f591354ba", + "rev": "39481cead2d318f67feb12214e417d3992d2733c", "type": "github" }, "original": { -- 2.47.1 From 20b3b26138b7138b8ad15143891286cc6054e71d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Feb 2023 19:01:57 +0000 Subject: [PATCH 0995/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index fa78fede..f9a7db64 100644 --- a/flake.lock +++ b/flake.lock @@ -927,11 +927,11 @@ }, "nur": { "locked": { - "lastModified": 1676655991, - "narHash": "sha256-2f0ru3gzwfBDYVYmT6UFrC+mitu2jWmp+B3R/hKzXzQ=", + "lastModified": 1676658325, + "narHash": "sha256-s+SFI821NUXxuQqnVeBmHq1tEH5Mg1pYmrlDnxJ8PAo=", "owner": "nix-community", "repo": "NUR", - "rev": "39481cead2d318f67feb12214e417d3992d2733c", + "rev": "10c6c5d9b3df8177472b5243ed8d9760f5316174", "type": "github" }, "original": { -- 2.47.1 From bc8d63d5888a1f95b80ac00bf2612dbf02c0d98d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Feb 2023 20:01:45 +0000 Subject: [PATCH 0996/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index f9a7db64..d31db2aa 100644 --- a/flake.lock +++ b/flake.lock @@ -927,11 +927,11 @@ }, "nur": { "locked": { - "lastModified": 1676658325, - "narHash": "sha256-s+SFI821NUXxuQqnVeBmHq1tEH5Mg1pYmrlDnxJ8PAo=", + "lastModified": 1676663121, + "narHash": "sha256-eKhW4t/DcHMJsXeCiRMgLGf4PIouyM8xeRV4QTjRYCk=", "owner": "nix-community", "repo": "NUR", - "rev": "10c6c5d9b3df8177472b5243ed8d9760f5316174", + "rev": "8ff6e8764e064b021b9f189538319baaa524feb1", "type": "github" }, "original": { -- 2.47.1 From 35cef7a26d1d633399f71452e912eee0db08ed23 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Feb 2023 23:01:46 +0000 Subject: [PATCH 0997/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d31db2aa..1cad90fc 100644 --- a/flake.lock +++ b/flake.lock @@ -927,11 +927,11 @@ }, "nur": { "locked": { - "lastModified": 1676663121, - "narHash": "sha256-eKhW4t/DcHMJsXeCiRMgLGf4PIouyM8xeRV4QTjRYCk=", + "lastModified": 1676673997, + "narHash": "sha256-sKGidVsfTCVF4qbXGwtRCMDJLom5C4KimcU5AJydHxY=", "owner": "nix-community", "repo": "NUR", - "rev": "8ff6e8764e064b021b9f189538319baaa524feb1", + "rev": "ece154c0e261ab39516199478f5d5c486b239cd8", "type": "github" }, "original": { -- 2.47.1 From 86fda15c68dc78a8a2ec6e9664f15264a74993c2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Feb 2023 00:02:02 +0000 Subject: [PATCH 0998/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1cad90fc..203c8445 100644 --- a/flake.lock +++ b/flake.lock @@ -927,11 +927,11 @@ }, "nur": { "locked": { - "lastModified": 1676673997, - "narHash": "sha256-sKGidVsfTCVF4qbXGwtRCMDJLom5C4KimcU5AJydHxY=", + "lastModified": 1676677570, + "narHash": "sha256-TVb+vo2mJI+zLD/BdjihbBcZnNVK0DljvYynozV8qs4=", "owner": "nix-community", "repo": "NUR", - "rev": "ece154c0e261ab39516199478f5d5c486b239cd8", + "rev": "94e4f3a585fd2f6cefa9208b74b545e9fae4e402", "type": "github" }, "original": { -- 2.47.1 From 1f11761dd399694b51f8b108cd9c204663a0f315 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Feb 2023 01:01:46 +0000 Subject: [PATCH 0999/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 203c8445..3e1e6f05 100644 --- a/flake.lock +++ b/flake.lock @@ -489,11 +489,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1676406424, - "narHash": "sha256-G+JhFuaeB15MTU8DbJALm/Yf240FCQmrWZ8Y0UzyqRI=", + "lastModified": 1676681260, + "narHash": "sha256-R2FvbPzgvDSVs0jCUA9CMDIgw4F6exF8cR+y3Yea5jQ=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "1d76f4db0d3b487b9a9562195815e181652aef7c", + "rev": "2bc88dc8c220db674f458432aec0ac0d9ea6a640", "type": "github" }, "original": { -- 2.47.1 From fcebb52a1b69dfd2bfa78627e390b0486de23565 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Feb 2023 02:00:36 +0000 Subject: [PATCH 1000/1882] chore(deps): update renovate/renovate docker tag to v34.145.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 61c95fdc..44873739 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.145.0 + image: renovate/renovate:34.145.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 2140486c5ea8053dc602ddb1ebeed7da95271b3a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Feb 2023 03:01:57 +0000 Subject: [PATCH 1001/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 3e1e6f05..6274b4ad 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676630258, - "narHash": "sha256-pc3aIr2LgmJFcTQwICpz3d4/u5/xHDI14qY/zEhGM3k=", + "lastModified": 1676682541, + "narHash": "sha256-ltfODM3ZvqygHqbglHoiMO7Qxmdi2Z1tzVtRfXDE//0=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "be2e4d9dd1e58991a4f54078a331cbcbd8265c7f", + "rev": "b944386ca54cf650d660caac31f065c0211168b1", "type": "github" }, "original": { @@ -927,11 +927,11 @@ }, "nur": { "locked": { - "lastModified": 1676677570, - "narHash": "sha256-TVb+vo2mJI+zLD/BdjihbBcZnNVK0DljvYynozV8qs4=", + "lastModified": 1676683592, + "narHash": "sha256-68r4yKzY2MPiFmWSbaL7GO9eVsBZy0D/tOoBSFvZLOQ=", "owner": "nix-community", "repo": "NUR", - "rev": "94e4f3a585fd2f6cefa9208b74b545e9fae4e402", + "rev": "dd652d172279e442b91ab461bd04593f86b437a5", "type": "github" }, "original": { -- 2.47.1 From 89935b60f8533184c14488d5d6bf6b6ee76365e9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Feb 2023 05:01:39 +0000 Subject: [PATCH 1002/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 6274b4ad..73f9fa84 100644 --- a/flake.lock +++ b/flake.lock @@ -927,11 +927,11 @@ }, "nur": { "locked": { - "lastModified": 1676683592, - "narHash": "sha256-68r4yKzY2MPiFmWSbaL7GO9eVsBZy0D/tOoBSFvZLOQ=", + "lastModified": 1676696262, + "narHash": "sha256-t7vAR528t+XDKa3q1G6dWXoGRew2fo1BCykqRqWK3U8=", "owner": "nix-community", "repo": "NUR", - "rev": "dd652d172279e442b91ab461bd04593f86b437a5", + "rev": "288b61ed03fbd2687bccfdb67d3ed7485549994e", "type": "github" }, "original": { -- 2.47.1 From 3bf10b7d56127e898d29de158a8729e26490888c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Feb 2023 06:01:51 +0000 Subject: [PATCH 1003/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 73f9fa84..f6b855b1 100644 --- a/flake.lock +++ b/flake.lock @@ -670,11 +670,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1675933606, - "narHash": "sha256-y427VhPQHOKkYvkc9MMsL/2R7M11rQxzsRdRLM3htx8=", + "lastModified": 1676699427, + "narHash": "sha256-Z4d4Gwk4PlYaM4PGU3SSGzjWvm8hhuW91Kh5nvfxPyc=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "44ae00e02e8036a66c08f4decdece7e3bbbefee2", + "rev": "00d1c8da9a24f8b04f3a6ee3a05169e514628d1c", "type": "github" }, "original": { @@ -927,11 +927,11 @@ }, "nur": { "locked": { - "lastModified": 1676696262, - "narHash": "sha256-t7vAR528t+XDKa3q1G6dWXoGRew2fo1BCykqRqWK3U8=", + "lastModified": 1676699080, + "narHash": "sha256-RYyT6h9Ppv34M31E+/t828HIdmYm0u7kI9evOkwTKbU=", "owner": "nix-community", "repo": "NUR", - "rev": "288b61ed03fbd2687bccfdb67d3ed7485549994e", + "rev": "11e948c6e1ccfbfa64ddbe48dc031d7d5f562151", "type": "github" }, "original": { -- 2.47.1 From 1c287ec7998c9c2ddc179f3d4245918b6b931cb6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Feb 2023 07:01:55 +0000 Subject: [PATCH 1004/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index f6b855b1..8c402b9d 100644 --- a/flake.lock +++ b/flake.lock @@ -670,11 +670,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1676699427, - "narHash": "sha256-Z4d4Gwk4PlYaM4PGU3SSGzjWvm8hhuW91Kh5nvfxPyc=", + "lastModified": 1676699914, + "narHash": "sha256-cM2Hd+odgCYWSUiYPZGW/4B+OI64S0lrdf9YR9ts9I4=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "00d1c8da9a24f8b04f3a6ee3a05169e514628d1c", + "rev": "9bbcc37b011b0d925f3115888ea77f58487619b8", "type": "github" }, "original": { @@ -927,11 +927,11 @@ }, "nur": { "locked": { - "lastModified": 1676699080, - "narHash": "sha256-RYyT6h9Ppv34M31E+/t828HIdmYm0u7kI9evOkwTKbU=", + "lastModified": 1676702898, + "narHash": "sha256-9OmuxTZFNKhNv2K8dc7rv8zbT7pFgDoUdEof9ljLfqY=", "owner": "nix-community", "repo": "NUR", - "rev": "11e948c6e1ccfbfa64ddbe48dc031d7d5f562151", + "rev": "60037844a33bd51e5d81de596766c19e0c910750", "type": "github" }, "original": { -- 2.47.1 From bc35e24f2d11b7db556b11841d13e4d996658dcf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Feb 2023 22:00:23 +0000 Subject: [PATCH 1005/1882] chore(deps): update renovate/renovate docker tag to v34.146.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 44873739..07d81669 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.145.1 + image: renovate/renovate:34.146.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 93af23364ec8dacb6075ead20c44c6d125178484 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Feb 2023 22:00:21 +0000 Subject: [PATCH 1006/1882] chore(deps): update renovate/renovate docker tag to v34.146.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 07d81669..e7ef9768 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.146.0 + image: renovate/renovate:34.146.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 429b0f4950c0e8cb8d23252d3492785c5e2f0aed Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 20 Feb 2023 12:04:12 +0100 Subject: [PATCH 1007/1882] update flake --- flake.lock | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/flake.lock b/flake.lock index 8c402b9d..253471f1 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1676367705, - "narHash": "sha256-un5UbRat9TwruyImtwUGcKF823rCEp4fQxnsaLFL7CM=", + "lastModified": 1676875407, + "narHash": "sha256-OiAKoWMW1x4zaUo5BCOwz21Edr8N4IGzo4zC9i70kc4=", "owner": "nix-community", "repo": "home-manager", - "rev": "da72e6fc6b7dc0c3f94edbd310aae7cd95c678b5", + "rev": "ebb21e1bf6b921a60ee314c4246785b61f5ecbf2", "type": "github" }, "original": { @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676682541, - "narHash": "sha256-ltfODM3ZvqygHqbglHoiMO7Qxmdi2Z1tzVtRfXDE//0=", + "lastModified": 1676890863, + "narHash": "sha256-9Q56K5i8b9bPaBrll+wvfkMchTW2rm49tbWpTPC4UDs=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "b944386ca54cf650d660caac31f065c0211168b1", + "rev": "fc49a055c696faab78047dcb1d5215d6b73be12a", "type": "github" }, "original": { @@ -670,11 +670,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1676699914, - "narHash": "sha256-cM2Hd+odgCYWSUiYPZGW/4B+OI64S0lrdf9YR9ts9I4=", + "lastModified": 1676886000, + "narHash": "sha256-t7nxEvJb4ISR7u54YADZiZi9EaKHJKbXQjyyf00Q8TA=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "9bbcc37b011b0d925f3115888ea77f58487619b8", + "rev": "26c9dbdc92abc370510be78889942f38a272d705", "type": "github" }, "original": { @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1676546582, - "narHash": "sha256-MJ+PXNmUyxnMTFoss7G2lEcUY2cfYZM6RudBAL5aX1k=", + "lastModified": 1676817468, + "narHash": "sha256-ovuJ1jQOC2/EEibufBkXmSN/O9mLx80Wh7aDmHmHAhA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "2fb7d749c084890192b2cd08ba264e5e4a14df1b", + "rev": "0cf4274b5d06325bd16dbf879a30981bc283e58a", "type": "github" }, "original": { @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1676569297, - "narHash": "sha256-2n4C4H3/U+3YbDrQB6xIw7AaLdFISCCFwOkcETAigqU=", + "lastModified": 1676721149, + "narHash": "sha256-mN2EpTGxxVNnFZLoLWRwh6f7UWhXy4qE+wO2CZyrXps=", "owner": "nixos", "repo": "nixpkgs", - "rev": "ac1f5b72a9e95873d1de0233fddcb56f99884b37", + "rev": "5f4e07deb7c44f27d498f8df9c5f34750acf52d2", "type": "github" }, "original": { @@ -927,11 +927,11 @@ }, "nur": { "locked": { - "lastModified": 1676702898, - "narHash": "sha256-9OmuxTZFNKhNv2K8dc7rv8zbT7pFgDoUdEof9ljLfqY=", + "lastModified": 1676886367, + "narHash": "sha256-o8WZ+3SLbyD7vxtCqMez52oV+6vWjUcMm1yAgPhQrcY=", "owner": "nix-community", "repo": "NUR", - "rev": "60037844a33bd51e5d81de596766c19e0c910750", + "rev": "28e77afbd298625bdbf8df61461f947b4d7bd189", "type": "github" }, "original": { @@ -1168,11 +1168,11 @@ "nixpkgs": "nixpkgs_10" }, "locked": { - "lastModified": 1674127129, - "narHash": "sha256-LKAyyZB2/G7XFs3ZiFGQMuI5VhyT3sJQaWTP9q/TdWo=", + "lastModified": 1676863423, + "narHash": "sha256-VI9bvg+uu2No+DGori0hQnDhlWjsih5v1yfof0oG2vU=", "owner": "serokell", "repo": "vault-secrets", - "rev": "5495c3fde2294e8f02751988e5a7fcb06a92e9cc", + "rev": "2b41ba4635ef9b84c302bd355d1532f385b8c2bb", "type": "github" }, "original": { -- 2.47.1 From b77a31c0b82d247fbc078e59c41b34bad26bb5b3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Feb 2023 15:00:43 +0000 Subject: [PATCH 1008/1882] chore(deps): update renovate/renovate docker tag to v34.146.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index e7ef9768..e7249803 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.146.1 + image: renovate/renovate:34.146.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 7b4ea12adf5dc76e846efaee87546f3ca949b4b7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Feb 2023 19:00:25 +0000 Subject: [PATCH 1009/1882] chore(deps): update renovate/renovate docker tag to v34.146.3 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index e7249803..978e799f 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.146.2 + image: renovate/renovate:34.146.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From c08faddb9782bd66c89d2657de75c8cf9f2b9a27 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Feb 2023 02:00:24 +0000 Subject: [PATCH 1010/1882] chore(deps): update renovate/renovate docker tag to v34.147.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 978e799f..39592827 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.146.3 + image: renovate/renovate:34.147.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From ff9cd685372a8b612b0840e4e57a02b488554d8a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Feb 2023 09:00:23 +0000 Subject: [PATCH 1011/1882] chore(deps): update renovate/renovate docker tag to v34.148.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 39592827..edd38708 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.147.0 + image: renovate/renovate:34.148.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From cb637fcba5917977c88855aac57b4ca0e59dc01b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Feb 2023 15:00:51 +0000 Subject: [PATCH 1012/1882] chore(deps): update dependency fluxcd/flux2 to v0.40.0 --- .../base/flux-system/gotk-components.yaml | 260 ++++++++++-------- 1 file changed, 142 insertions(+), 118 deletions(-) diff --git a/flux/olympus/base/flux-system/gotk-components.yaml b/flux/olympus/base/flux-system/gotk-components.yaml index 9c26b708..96c15837 100644 --- a/flux/olympus/base/flux-system/gotk-components.yaml +++ b/flux/olympus/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.39.0 +# Flux Version: v0.40.0 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -17,13 +17,13 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 + controller-gen.kubebuilder.io/version: v0.11.1 creationTimestamp: null labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -432,24 +432,18 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 + controller-gen.kubebuilder.io/version: v0.11.1 creationTimestamp: null labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -822,7 +816,12 @@ spec: description: Artifact represents the last successful Bucket reconciliation. properties: checksum: - description: Checksum is the SHA256 checksum of the Artifact file. + description: 'Checksum is the SHA256 checksum of the Artifact + file. Deprecated: use Artifact.Digest instead.' + type: string + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -952,24 +951,18 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 + controller-gen.kubebuilder.io/version: v0.11.1 creationTimestamp: null labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1427,25 +1420,28 @@ spec: recurseSubmodules: description: RecurseSubmodules enables the initialization of all submodules within the GitRepository as cloned from the URL, using their default - settings. This option is available only when using the 'go-git' - GitImplementation. + settings. type: boolean ref: description: Reference specifies the Git reference to resolve and monitor for changes, defaults to the 'master' branch. properties: branch: - description: "Branch to check out, defaults to 'master' if no - other field is defined. \n When GitRepositorySpec.GitImplementation - is set to 'go-git', a shallow clone of the specified branch - is performed." + description: Branch to check out, defaults to 'master' if no other + field is defined. type: string commit: description: "Commit SHA to check out, takes precedence over all - reference fields. \n When GitRepositorySpec.GitImplementation - is set to 'go-git', this can be combined with Branch to shallow + reference fields. \n This can be combined with Branch to shallow clone the branch, in which the commit is expected to exist." type: string + name: + description: "Name of the reference to check out; takes precedence + over Branch, Tag and SemVer. \n It must be a valid Git reference: + https://git-scm.com/docs/git-check-ref-format#_description Examples: + \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\", + \"refs/merge-requests/1/head\"" + type: string semver: description: SemVer tag expression to check out, takes precedence over Tag. @@ -1519,7 +1515,12 @@ spec: reconciliation. properties: checksum: - description: Checksum is the SHA256 checksum of the Artifact file. + description: 'Checksum is the SHA256 checksum of the Artifact + file. Deprecated: use Artifact.Digest instead.' + type: string + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -1641,8 +1642,13 @@ spec: description: Artifact represents the output of a Source reconciliation. properties: checksum: - description: Checksum is the SHA256 checksum of the Artifact - file. + description: 'Checksum is the SHA256 checksum of the Artifact + file. Deprecated: use Artifact.Digest instead.' + type: string + digest: + description: Digest is the digest of the file in the form of + ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -1740,24 +1746,18 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 + controller-gen.kubebuilder.io/version: v0.11.1 creationTimestamp: null labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2205,7 +2205,12 @@ spec: reconciliation. properties: checksum: - description: Checksum is the SHA256 checksum of the Artifact file. + description: 'Checksum is the SHA256 checksum of the Artifact + file. Deprecated: use Artifact.Digest instead.' + type: string + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -2339,24 +2344,18 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 + controller-gen.kubebuilder.io/version: v0.11.1 creationTimestamp: null labels: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -3228,24 +3227,18 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 + controller-gen.kubebuilder.io/version: v0.11.1 creationTimestamp: null labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3610,7 +3603,12 @@ spec: reconciliation. properties: checksum: - description: Checksum is the SHA256 checksum of the Artifact file. + description: 'Checksum is the SHA256 checksum of the Artifact + file. Deprecated: use Artifact.Digest instead.' + type: string + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -3736,24 +3734,18 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 + controller-gen.kubebuilder.io/version: v0.11.1 creationTimestamp: null labels: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -4869,24 +4861,18 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 + controller-gen.kubebuilder.io/version: v0.11.1 creationTimestamp: null labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: ocirepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -5077,7 +5063,12 @@ spec: OCI Repository sync. properties: checksum: - description: Checksum is the SHA256 checksum of the Artifact file. + description: 'Checksum is the SHA256 checksum of the Artifact + file. Deprecated: use Artifact.Digest instead.' + type: string + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -5234,24 +5225,18 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 + controller-gen.kubebuilder.io/version: v0.11.1 creationTimestamp: null labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5646,24 +5631,18 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 + controller-gen.kubebuilder.io/version: v0.11.1 creationTimestamp: null labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6096,12 +6075,6 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] --- apiVersion: v1 kind: ServiceAccount @@ -6110,7 +6083,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: helm-controller namespace: flux-system --- @@ -6121,7 +6094,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: kustomize-controller namespace: flux-system --- @@ -6132,7 +6105,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: notification-controller namespace: flux-system --- @@ -6143,7 +6116,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: source-controller namespace: flux-system --- @@ -6153,7 +6126,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: crd-controller-flux-system rules: - apiGroups: @@ -6238,12 +6211,63 @@ rules: - delete --- apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.40.0 + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + name: flux-edit-flux-system +rules: +- apiGroups: + - notification.toolkit.fluxcd.io + - source.toolkit.fluxcd.io + - helm.toolkit.fluxcd.io + - image.toolkit.fluxcd.io + - kustomize.toolkit.fluxcd.io + resources: + - '*' + verbs: + - create + - delete + - deletecollection + - patch + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v0.40.0 + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" + name: flux-view-flux-system +rules: +- apiGroups: + - notification.toolkit.fluxcd.io + - source.toolkit.fluxcd.io + - helm.toolkit.fluxcd.io + - image.toolkit.fluxcd.io + - kustomize.toolkit.fluxcd.io + resources: + - '*' + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -6263,7 +6287,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -6296,7 +6320,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 control-plane: controller name: notification-controller namespace: flux-system @@ -6317,7 +6341,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 control-plane: controller name: source-controller namespace: flux-system @@ -6338,7 +6362,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 control-plane: controller name: webhook-receiver namespace: flux-system @@ -6359,7 +6383,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 control-plane: controller name: helm-controller namespace: flux-system @@ -6388,7 +6412,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.29.0 + image: ghcr.io/fluxcd/helm-controller:v0.30.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6442,7 +6466,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 control-plane: controller name: kustomize-controller namespace: flux-system @@ -6471,7 +6495,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.33.0 + image: ghcr.io/fluxcd/kustomize-controller:v0.34.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6525,7 +6549,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 control-plane: controller name: notification-controller namespace: flux-system @@ -6553,7 +6577,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v0.31.0 + image: ghcr.io/fluxcd/notification-controller:v0.32.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6613,7 +6637,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 control-plane: controller name: source-controller namespace: flux-system @@ -6648,7 +6672,7 @@ spec: fieldPath: metadata.namespace - name: TUF_ROOT value: /tmp/.sigstore - image: ghcr.io/fluxcd/source-controller:v0.34.0 + image: ghcr.io/fluxcd/source-controller:v0.35.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6708,7 +6732,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: allow-egress namespace: flux-system spec: @@ -6728,7 +6752,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: allow-scraping namespace: flux-system spec: @@ -6748,7 +6772,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.39.0 + app.kubernetes.io/version: v0.40.0 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From 9d0cb63e3ac580cfa0058c5e15509e0734f99492 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 21 Feb 2023 11:15:03 +0100 Subject: [PATCH 1013/1882] update flake --- flake.lock | 65 +++++++++++++++++++++++++++--------------------------- flake.nix | 2 +- 2 files changed, 34 insertions(+), 33 deletions(-) diff --git a/flake.lock b/flake.lock index 253471f1..990c4b84 100644 --- a/flake.lock +++ b/flake.lock @@ -346,11 +346,11 @@ }, "flake-utils_2": { "locked": { - "lastModified": 1667395993, - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "lastModified": 1676283394, + "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=", "owner": "numtide", "repo": "flake-utils", - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073", "type": "github" }, "original": { @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1676875407, - "narHash": "sha256-OiAKoWMW1x4zaUo5BCOwz21Edr8N4IGzo4zC9i70kc4=", + "lastModified": 1676933022, + "narHash": "sha256-gLghsEHOy2W2ZmSwqNOyj2mSHe9SMpdcbqnoySlZnmY=", "owner": "nix-community", "repo": "home-manager", - "rev": "ebb21e1bf6b921a60ee314c4246785b61f5ecbf2", + "rev": "5e889b385c43a8a72ada5ebc4888bbebb129b438", "type": "github" }, "original": { @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676890863, - "narHash": "sha256-9Q56K5i8b9bPaBrll+wvfkMchTW2rm49tbWpTPC4UDs=", + "lastModified": 1676935051, + "narHash": "sha256-OC+mgw7enQRnAg90IDjQkEwUkMRa/Q5DntDGa9oC4PM=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "fc49a055c696faab78047dcb1d5215d6b73be12a", + "rev": "431c74f111285eab41c17d724f335a324b5c833a", "type": "github" }, "original": { @@ -670,11 +670,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1676886000, - "narHash": "sha256-t7nxEvJb4ISR7u54YADZiZi9EaKHJKbXQjyyf00Q8TA=", + "lastModified": 1676924492, + "narHash": "sha256-78278eyP55JRFe7UCpmFwdkrTY6H2arzTpVeteWo8kM=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "26c9dbdc92abc370510be78889942f38a272d705", + "rev": "d24ea777c57b69c6b143cf11d83184ef71b0dbbf", "type": "github" }, "original": { @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1676817468, - "narHash": "sha256-ovuJ1jQOC2/EEibufBkXmSN/O9mLx80Wh7aDmHmHAhA=", + "lastModified": 1676895851, + "narHash": "sha256-xdhBKw2el790G+88tZYpRWlP9VjQC9OLR5Jx84VPe08=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0cf4274b5d06325bd16dbf879a30981bc283e58a", + "rev": "e19f25b587f15871d26442cfa1abe4418a815d7d", "type": "github" }, "original": { @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1676721149, - "narHash": "sha256-mN2EpTGxxVNnFZLoLWRwh6f7UWhXy4qE+wO2CZyrXps=", + "lastModified": 1676885936, + "narHash": "sha256-ZRKb6zBfTvdCOXI7nGC1L9UWSU5ay2ltxg+f5UIzBOU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5f4e07deb7c44f27d498f8df9c5f34750acf52d2", + "rev": "b69883faca9542d135fa6bab7928ff1b233c167f", "type": "github" }, "original": { @@ -861,16 +861,18 @@ }, "nixpkgs_7": { "locked": { - "lastModified": 1673606088, - "narHash": "sha256-wdYD41UwNwPhTdMaG0AIe7fE1bAdyHe6bB4HLUqUvck=", + "lastModified": 1676721149, + "narHash": "sha256-mN2EpTGxxVNnFZLoLWRwh6f7UWhXy4qE+wO2CZyrXps=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "37b97ae3dd714de9a17923d004a2c5b5543dfa6d", + "rev": "5f4e07deb7c44f27d498f8df9c5f34750acf52d2", "type": "github" }, "original": { - "id": "nixpkgs", - "type": "indirect" + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" } }, "nixpkgs_8": { @@ -911,27 +913,26 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1676412918, - "narHash": "sha256-WqBiJRgAbdvLbCDMX1GbZEhAmgMI4PzMqtNjPygkdNs=", - "owner": "GaetanLepage", + "lastModified": 1676970094, + "narHash": "sha256-nSu7bHV3bdBe9ClvZht/P5PrmYuBE063ja7ux+BCx9E=", + "owner": "pta2002", "repo": "nixvim", - "rev": "f404e6f97d102ce40578da9089a1ee4c226e3cf0", + "rev": "b1bd19b1b5797a085b5b229b125902240fa88dbf", "type": "github" }, "original": { - "owner": "GaetanLepage", - "ref": "fix-plugins-default", + "owner": "pta2002", "repo": "nixvim", "type": "github" } }, "nur": { "locked": { - "lastModified": 1676886367, - "narHash": "sha256-o8WZ+3SLbyD7vxtCqMez52oV+6vWjUcMm1yAgPhQrcY=", + "lastModified": 1676952268, + "narHash": "sha256-6u8uxDibLkiw7Uu60ztZ0KP5eNUzdI2mUpdhxHx8uqE=", "owner": "nix-community", "repo": "NUR", - "rev": "28e77afbd298625bdbf8df61461f947b4d7bd189", + "rev": "e629eb30abfb07ed11c9fa296ac31e997b264e73", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 59eda4e9..7df2ae63 100644 --- a/flake.nix +++ b/flake.nix @@ -33,7 +33,7 @@ mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver"; mailserver.inputs.nixpkgs.follows = "nixpkgs"; - nixvim.url = "github:GaetanLepage/nixvim/fix-plugins-default"; + nixvim.url = "github:pta2002/nixvim"; nixos-generators.url = "github:nix-community/nixos-generators"; -- 2.47.1 From a2afa8a516f66626ee77d0cc2dc44277d87758bd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Feb 2023 13:01:55 +0000 Subject: [PATCH 1014/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 990c4b84..4dac045c 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676935051, - "narHash": "sha256-OC+mgw7enQRnAg90IDjQkEwUkMRa/Q5DntDGa9oC4PM=", + "lastModified": 1676981621, + "narHash": "sha256-kRvteNQ8kkhtyJF4b+CHBDUkleZFxsIxtbCDn7gEK20=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "431c74f111285eab41c17d724f335a324b5c833a", + "rev": "a66ef50469c7a347d27a9afec83db1be70be1c84", "type": "github" }, "original": { -- 2.47.1 From 11a3049a3e18f5757bd99765d3e5069387b29d2a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Feb 2023 16:01:50 +0000 Subject: [PATCH 1015/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 4dac045c..1af69499 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1676952268, - "narHash": "sha256-6u8uxDibLkiw7Uu60ztZ0KP5eNUzdI2mUpdhxHx8uqE=", + "lastModified": 1676994326, + "narHash": "sha256-W5Kz7fm4a4bDpmiH74ndNXTiNR+P/d0+LiQG6H6h1yM=", "owner": "nix-community", "repo": "NUR", - "rev": "e629eb30abfb07ed11c9fa296ac31e997b264e73", + "rev": "eb65539c885d8e0ccfa9d508904772de904e9256", "type": "github" }, "original": { -- 2.47.1 From 857a05c5b009430c994cd48fb950dd503a025b15 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Feb 2023 20:00:25 +0000 Subject: [PATCH 1016/1882] chore(deps): update renovate/renovate docker tag to v34.149.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index edd38708..2231c6d3 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.148.0 + image: renovate/renovate:34.149.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 922c56aaaff699d7070fdf57422044cb8889b53e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Feb 2023 21:02:00 +0000 Subject: [PATCH 1017/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 1af69499..f7322320 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1676981621, - "narHash": "sha256-kRvteNQ8kkhtyJF4b+CHBDUkleZFxsIxtbCDn7gEK20=", + "lastModified": 1677012422, + "narHash": "sha256-8FiSyHE3lscZKts1W+U6DSyxdvxKzeql2RQ9qln7Ra4=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "a66ef50469c7a347d27a9afec83db1be70be1c84", + "rev": "66e3679ba3dd1412f47e08c52872b7583deff291", "type": "github" }, "original": { @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1676885936, - "narHash": "sha256-ZRKb6zBfTvdCOXI7nGC1L9UWSU5ay2ltxg+f5UIzBOU=", + "lastModified": 1676973346, + "narHash": "sha256-rft8oGMocTAhUVqG3LW6I8K/Fo9ICGmNjRqaWTJwav0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b69883faca9542d135fa6bab7928ff1b233c167f", + "rev": "d0d55259081f0b97c828f38559cad899d351cad1", "type": "github" }, "original": { @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1676994326, - "narHash": "sha256-W5Kz7fm4a4bDpmiH74ndNXTiNR+P/d0+LiQG6H6h1yM=", + "lastModified": 1677012355, + "narHash": "sha256-ccE3BQPMA0R5fR3jJRX/CUa4FmcLSoK5RvUreTpT/HY=", "owner": "nix-community", "repo": "NUR", - "rev": "eb65539c885d8e0ccfa9d508904772de904e9256", + "rev": "6f8988a961627ad6a591095d0a360d51dc8098d8", "type": "github" }, "original": { -- 2.47.1 From 1f3887942459c314bdec61f451f35125a2b90f89 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Feb 2023 22:05:07 +0000 Subject: [PATCH 1018/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index f7322320..1f800cdf 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1676933022, - "narHash": "sha256-gLghsEHOy2W2ZmSwqNOyj2mSHe9SMpdcbqnoySlZnmY=", + "lastModified": 1677013990, + "narHash": "sha256-HwAnE5MHsyLiRJp50KfDFPiiOZXI0Ts8hXpIh6yBilE=", "owner": "nix-community", "repo": "home-manager", - "rev": "5e889b385c43a8a72ada5ebc4888bbebb129b438", + "rev": "564b82b3542026e7fb5d0da16c56ae3e40e5c9dd", "type": "github" }, "original": { -- 2.47.1 From 5735c693542dd2ca39d827ad4e2a91c29c96f46e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Feb 2023 00:01:38 +0000 Subject: [PATCH 1019/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1f800cdf..edaa774b 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677012422, - "narHash": "sha256-8FiSyHE3lscZKts1W+U6DSyxdvxKzeql2RQ9qln7Ra4=", + "lastModified": 1677023858, + "narHash": "sha256-gmT7tD/kwjv8BXo4tudrR/QqWSFKzTaYv5NiefdaX2E=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "66e3679ba3dd1412f47e08c52872b7583deff291", + "rev": "513bbb80474e5752c7e84e707374e445a4954878", "type": "github" }, "original": { -- 2.47.1 From f0e3bad49879b710a898ac2f8d41efded6dd54ea Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Feb 2023 03:01:51 +0000 Subject: [PATCH 1020/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index edaa774b..fd059f95 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677012355, - "narHash": "sha256-ccE3BQPMA0R5fR3jJRX/CUa4FmcLSoK5RvUreTpT/HY=", + "lastModified": 1677031979, + "narHash": "sha256-7+BAR30kiYBL/bGxJIj5taUmbfoQtKjuBeAkWMkOhh8=", "owner": "nix-community", "repo": "NUR", - "rev": "6f8988a961627ad6a591095d0a360d51dc8098d8", + "rev": "a28a512b634a590f9771beab2b6dac067b42be09", "type": "github" }, "original": { -- 2.47.1 From c291ee4de90f00bff3b651e1e12969832f5a329e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Feb 2023 04:02:02 +0000 Subject: [PATCH 1021/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index fd059f95..66a2618f 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677031979, - "narHash": "sha256-7+BAR30kiYBL/bGxJIj5taUmbfoQtKjuBeAkWMkOhh8=", + "lastModified": 1677037655, + "narHash": "sha256-Jj4K0CP/YNy7ZbdNCHXZkqMTpVzxWnrSbqz+SlMMAzY=", "owner": "nix-community", "repo": "NUR", - "rev": "a28a512b634a590f9771beab2b6dac067b42be09", + "rev": "2ef0ba561190a6c60706e36a6f00efc71f0d5cea", "type": "github" }, "original": { -- 2.47.1 From a43bad439f4e712bb62a2eaf55a4c23ff4b6bc2b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Feb 2023 05:02:06 +0000 Subject: [PATCH 1022/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 66a2618f..b03b1206 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677037655, - "narHash": "sha256-Jj4K0CP/YNy7ZbdNCHXZkqMTpVzxWnrSbqz+SlMMAzY=", + "lastModified": 1677040854, + "narHash": "sha256-2GU5/lCLPyhbqoEwqMMNOoYe8gaBFKwHbjK8OygMXnA=", "owner": "nix-community", "repo": "NUR", - "rev": "2ef0ba561190a6c60706e36a6f00efc71f0d5cea", + "rev": "5d3891a02e3812510cfa975833a7e7138c63dcf0", "type": "github" }, "original": { -- 2.47.1 From 422deb35a0f112dc3da6155b06a169455fcc5069 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Feb 2023 08:01:49 +0000 Subject: [PATCH 1023/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b03b1206..dbb91d2b 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677040854, - "narHash": "sha256-2GU5/lCLPyhbqoEwqMMNOoYe8gaBFKwHbjK8OygMXnA=", + "lastModified": 1677051354, + "narHash": "sha256-r5adVQTxUVLzg4wm5rr/p1g0wXB2u3c0SYvcNAGxUgQ=", "owner": "nix-community", "repo": "NUR", - "rev": "5d3891a02e3812510cfa975833a7e7138c63dcf0", + "rev": "004688f099616a6e5e077fbb1aebb5c921ac3bfa", "type": "github" }, "original": { -- 2.47.1 From 57b2163de212017d6c5579c71ab8780dc2c55a6f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Feb 2023 10:01:43 +0000 Subject: [PATCH 1024/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index dbb91d2b..6b6c6ad4 100644 --- a/flake.lock +++ b/flake.lock @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1676895851, - "narHash": "sha256-xdhBKw2el790G+88tZYpRWlP9VjQC9OLR5Jx84VPe08=", + "lastModified": 1676998680, + "narHash": "sha256-61gxdL3bqHWnRSiYq+sKWbSX6tuwaRnYfPvhpRK011s=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e19f25b587f15871d26442cfa1abe4418a815d7d", + "rev": "a3d745e701c337e65ef467d5a9400d9336a303a1", "type": "github" }, "original": { -- 2.47.1 From 3469ab24c29b14fec611ffb82bed82688262e899 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Feb 2023 11:00:36 +0000 Subject: [PATCH 1025/1882] chore(deps): update renovate/renovate docker tag to v34.150.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 2231c6d3..66bd1c25 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.149.0 + image: renovate/renovate:34.150.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From eb4890a4c3e5ce4299dcbeb6166e08ba19bc3000 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Feb 2023 12:02:39 +0000 Subject: [PATCH 1026/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 6b6c6ad4..2aa89df7 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677051354, - "narHash": "sha256-r5adVQTxUVLzg4wm5rr/p1g0wXB2u3c0SYvcNAGxUgQ=", + "lastModified": 1677062856, + "narHash": "sha256-WE2OZupfe+ciV0axRdI4ch2Jk+V2pGgFoxuwTbETvDo=", "owner": "nix-community", "repo": "NUR", - "rev": "004688f099616a6e5e077fbb1aebb5c921ac3bfa", + "rev": "0418d68eef55022e6f50a5a0401bfdc21fbec8bd", "type": "github" }, "original": { -- 2.47.1 From 63cace671479203f96814f23413265956ffa9752 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Feb 2023 14:01:36 +0000 Subject: [PATCH 1027/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 2aa89df7..511b3ceb 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677062856, - "narHash": "sha256-WE2OZupfe+ciV0axRdI4ch2Jk+V2pGgFoxuwTbETvDo=", + "lastModified": 1677071157, + "narHash": "sha256-HCJIo+IUTW7wv/AJdoSONwbDcmo6VvCDSf7iqaRvBVU=", "owner": "nix-community", "repo": "NUR", - "rev": "0418d68eef55022e6f50a5a0401bfdc21fbec8bd", + "rev": "d9d0d17ef2eb71fe80a0c3f9894cc3c16cb0c543", "type": "github" }, "original": { -- 2.47.1 From d3274161aabe61de6f5f7868ea180c74e52db362 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Feb 2023 15:02:08 +0000 Subject: [PATCH 1028/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 511b3ceb..e76bd5b6 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677071157, - "narHash": "sha256-HCJIo+IUTW7wv/AJdoSONwbDcmo6VvCDSf7iqaRvBVU=", + "lastModified": 1677076915, + "narHash": "sha256-cVq33KpUCZe3SZo5WcweDemMR2EONPzIBAmDdTLvLQw=", "owner": "nix-community", "repo": "NUR", - "rev": "d9d0d17ef2eb71fe80a0c3f9894cc3c16cb0c543", + "rev": "87ab15f5b7f02c45f097e40879c2636953da575e", "type": "github" }, "original": { -- 2.47.1 From f203fbce1a1f61ff9ff44b05d58fdc6788f03574 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Feb 2023 17:00:22 +0000 Subject: [PATCH 1029/1882] chore(deps): update renovate/renovate docker tag to v34.151.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 66bd1c25..aa00665e 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.150.0 + image: renovate/renovate:34.151.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From cb3d633eeaf82529a1f7e592a2e52acc0c38ff03 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Feb 2023 18:02:33 +0000 Subject: [PATCH 1030/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index e76bd5b6..cf0e7274 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677076915, - "narHash": "sha256-cVq33KpUCZe3SZo5WcweDemMR2EONPzIBAmDdTLvLQw=", + "lastModified": 1677087980, + "narHash": "sha256-ILLukx8FztAg2dfFeOJADRf2B9DYkvsw4tcSr5kh9LI=", "owner": "nix-community", "repo": "NUR", - "rev": "87ab15f5b7f02c45f097e40879c2636953da575e", + "rev": "1eaba2b57f4a1fae970000ab4d74be12f5bdb432", "type": "github" }, "original": { -- 2.47.1 From d2fe35015a48c032a63dec90a104714c80a7a271 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Feb 2023 20:01:40 +0000 Subject: [PATCH 1031/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index cf0e7274..b81e42f2 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677087980, - "narHash": "sha256-ILLukx8FztAg2dfFeOJADRf2B9DYkvsw4tcSr5kh9LI=", + "lastModified": 1677095144, + "narHash": "sha256-NLvr7zDKk3wgq+X3XJ8gJeMXcWSbWVIaDoAB9YJ2vm0=", "owner": "nix-community", "repo": "NUR", - "rev": "1eaba2b57f4a1fae970000ab4d74be12f5bdb432", + "rev": "033df2a0237c1afdd7abff406153fdcc5a201f03", "type": "github" }, "original": { -- 2.47.1 From 793a0d592eea66447b0ffd7f95065d9ae09a1a13 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Feb 2023 22:00:23 +0000 Subject: [PATCH 1032/1882] chore(deps): update renovate/renovate docker tag to v34.152.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index aa00665e..8a331f41 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.151.0 + image: renovate/renovate:34.152.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From e9164d3cf55ac9f5e75e8fd7d651fcf9c740b6fd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Feb 2023 23:02:11 +0000 Subject: [PATCH 1033/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index b81e42f2..73a9dd4b 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1677013990, - "narHash": "sha256-HwAnE5MHsyLiRJp50KfDFPiiOZXI0Ts8hXpIh6yBilE=", + "lastModified": 1677104801, + "narHash": "sha256-2V5nKOYVFMYlseYdDKiEaww2xqcE0GtS1ax3SoUX99I=", "owner": "nix-community", "repo": "home-manager", - "rev": "564b82b3542026e7fb5d0da16c56ae3e40e5c9dd", + "rev": "4295fdfa6b0005c32f2e1f0b732faf5810c1bc7f", "type": "github" }, "original": { @@ -913,11 +913,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1676970094, - "narHash": "sha256-nSu7bHV3bdBe9ClvZht/P5PrmYuBE063ja7ux+BCx9E=", + "lastModified": 1677103287, + "narHash": "sha256-YluKJh7OapsqE8xsICrZ5LAoU2PZbPJfktir0htNJXw=", "owner": "pta2002", "repo": "nixvim", - "rev": "b1bd19b1b5797a085b5b229b125902240fa88dbf", + "rev": "a15c0543a48f4c0f30f698a1322ffeef8954ac68", "type": "github" }, "original": { @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677095144, - "narHash": "sha256-NLvr7zDKk3wgq+X3XJ8gJeMXcWSbWVIaDoAB9YJ2vm0=", + "lastModified": 1677105886, + "narHash": "sha256-kSA1YJzuI3ph9MOTUXIHdTZoID1yCeHI0BrA4GfxnRg=", "owner": "nix-community", "repo": "NUR", - "rev": "033df2a0237c1afdd7abff406153fdcc5a201f03", + "rev": "a35db3784f64a0d51596ab7432df1a236523d439", "type": "github" }, "original": { -- 2.47.1 From d8eb869fa18caa1fb96919753836698140c5a6f4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 00:05:53 +0000 Subject: [PATCH 1034/1882] chore(deps): lock file maintenance --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 73a9dd4b..d0f9ae1b 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677023858, - "narHash": "sha256-gmT7tD/kwjv8BXo4tudrR/QqWSFKzTaYv5NiefdaX2E=", + "lastModified": 1677107771, + "narHash": "sha256-eS/ylmm1y4ELz/Ow0goDA9u9LbuUPujdHpcdXcSYHJc=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "513bbb80474e5752c7e84e707374e445a4954878", + "rev": "2bf7f9e4136ebef6db1159c636b163ecb96f23cc", "type": "github" }, "original": { @@ -845,11 +845,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1676973346, - "narHash": "sha256-rft8oGMocTAhUVqG3LW6I8K/Fo9ICGmNjRqaWTJwav0=", + "lastModified": 1677063315, + "narHash": "sha256-qiB4ajTeAOVnVSAwCNEEkoybrAlA+cpeiBxLobHndE8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d0d55259081f0b97c828f38559cad899d351cad1", + "rev": "988cc958c57ce4350ec248d2d53087777f9e1949", "type": "github" }, "original": { @@ -913,11 +913,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1677103287, - "narHash": "sha256-YluKJh7OapsqE8xsICrZ5LAoU2PZbPJfktir0htNJXw=", + "lastModified": 1677109364, + "narHash": "sha256-1oHCENXsPvP2D9Qkz+eZmjwmzLnZozbCet+XfCp2hrE=", "owner": "pta2002", "repo": "nixvim", - "rev": "a15c0543a48f4c0f30f698a1322ffeef8954ac68", + "rev": "8f266e86ef7de81ae74b709c8c2e28c22b967f61", "type": "github" }, "original": { @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677105886, - "narHash": "sha256-kSA1YJzuI3ph9MOTUXIHdTZoID1yCeHI0BrA4GfxnRg=", + "lastModified": 1677109511, + "narHash": "sha256-Uw9toaIUCeUtLCclY3CVT4vq2thjsZ90Ik16RHVSTro=", "owner": "nix-community", "repo": "NUR", - "rev": "a35db3784f64a0d51596ab7432df1a236523d439", + "rev": "b4d54c9de9815fb53924433e4e8180e36dc41012", "type": "github" }, "original": { -- 2.47.1 From f5d8f71566b094cd15f450bb5eb093d2c32ad59a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 01:01:57 +0000 Subject: [PATCH 1035/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index d0f9ae1b..c89804c9 100644 --- a/flake.lock +++ b/flake.lock @@ -781,11 +781,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1676998680, - "narHash": "sha256-61gxdL3bqHWnRSiYq+sKWbSX6tuwaRnYfPvhpRK011s=", + "lastModified": 1677075010, + "narHash": "sha256-X+UmR1AkdR//lPVcShmLy8p1n857IGf7y+cyCArp8bU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a3d745e701c337e65ef467d5a9400d9336a303a1", + "rev": "c95bf18beba4290af25c60cbaaceea1110d0f727", "type": "github" }, "original": { @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677109511, - "narHash": "sha256-Uw9toaIUCeUtLCclY3CVT4vq2thjsZ90Ik16RHVSTro=", + "lastModified": 1677113494, + "narHash": "sha256-3R/B3HJX0gk4VwjAr2u7KI1+MJPkaRxsBtuNSZ+G87w=", "owner": "nix-community", "repo": "NUR", - "rev": "b4d54c9de9815fb53924433e4e8180e36dc41012", + "rev": "4496ed917f295914809a3db68151fcba05a4a533", "type": "github" }, "original": { -- 2.47.1 From 589f8a034f0f9b37d94333c0662948fd8a86dead Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 02:02:09 +0000 Subject: [PATCH 1036/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c89804c9..5e2101aa 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677113494, - "narHash": "sha256-3R/B3HJX0gk4VwjAr2u7KI1+MJPkaRxsBtuNSZ+G87w=", + "lastModified": 1677116728, + "narHash": "sha256-qCV2oJ0u92v0EL9COb84SUziZKr0eTi6y7Bjzwj6ny8=", "owner": "nix-community", "repo": "NUR", - "rev": "4496ed917f295914809a3db68151fcba05a4a533", + "rev": "941a15253d2b39f0494b9e336bb435bf373aa005", "type": "github" }, "original": { -- 2.47.1 From f9f90be3b14f4d6e0dcf66b08c251758d9a47ed2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 03:02:22 +0000 Subject: [PATCH 1037/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 5e2101aa..579e9572 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677116728, - "narHash": "sha256-qCV2oJ0u92v0EL9COb84SUziZKr0eTi6y7Bjzwj6ny8=", + "lastModified": 1677120569, + "narHash": "sha256-1MMwcKYpiBubuMbGx7Vi3ifukOuLjPMiG4BFOoB2XME=", "owner": "nix-community", "repo": "NUR", - "rev": "941a15253d2b39f0494b9e336bb435bf373aa005", + "rev": "441b5d22fe4cbfacff96bed88cee4cf5860a5635", "type": "github" }, "original": { -- 2.47.1 From f13db15dd0ab714ecf58e23912b52a4107fa89ac Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 04:02:28 +0000 Subject: [PATCH 1038/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 579e9572..464446af 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677120569, - "narHash": "sha256-1MMwcKYpiBubuMbGx7Vi3ifukOuLjPMiG4BFOoB2XME=", + "lastModified": 1677124445, + "narHash": "sha256-yZ5Kbio/xRdXULGY7zkPZh+aJRBbVepZNvfJ8mhoNFY=", "owner": "nix-community", "repo": "NUR", - "rev": "441b5d22fe4cbfacff96bed88cee4cf5860a5635", + "rev": "b6ef1a4a86e6f5acdc3c25072369b1b2786d415b", "type": "github" }, "original": { -- 2.47.1 From 0a4d42fc8ed9bd0bbf3beeb734825c06810d7902 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 05:02:37 +0000 Subject: [PATCH 1039/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 464446af..08580cc3 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677124445, - "narHash": "sha256-yZ5Kbio/xRdXULGY7zkPZh+aJRBbVepZNvfJ8mhoNFY=", + "lastModified": 1677125018, + "narHash": "sha256-WVVi3371qvjS1affELCsc8F9WpjaVDB5c83QajYGCJs=", "owner": "nix-community", "repo": "NUR", - "rev": "b6ef1a4a86e6f5acdc3c25072369b1b2786d415b", + "rev": "96bbe35afbd620b53a5b5e611f3ca90378a7eaa3", "type": "github" }, "original": { -- 2.47.1 From eb9ec516c4af4e0a57a4ac896d49998a656683e9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 08:01:46 +0000 Subject: [PATCH 1040/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 08580cc3..91ca35e2 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677125018, - "narHash": "sha256-WVVi3371qvjS1affELCsc8F9WpjaVDB5c83QajYGCJs=", + "lastModified": 1677136257, + "narHash": "sha256-kmaR2ohfajjXJHVrdz2J5Uvte5Sm1sOkD9Tv+kheVR4=", "owner": "nix-community", "repo": "NUR", - "rev": "96bbe35afbd620b53a5b5e611f3ca90378a7eaa3", + "rev": "1bc392db530b26f33dd5c941047def5973cf5ed2", "type": "github" }, "original": { -- 2.47.1 From 6f60560583cbe4a11e7019ec727cd5b6dbfea228 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 09:00:38 +0000 Subject: [PATCH 1041/1882] chore(deps): update renovate/renovate docker tag to v34.152.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 8a331f41..891fdee4 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.152.0 + image: renovate/renovate:34.152.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 90b3335478c0b69ea082dac26d388bd85a913f67 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 10:02:17 +0000 Subject: [PATCH 1042/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 91ca35e2..a176e5ac 100644 --- a/flake.lock +++ b/flake.lock @@ -913,11 +913,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1677109364, - "narHash": "sha256-1oHCENXsPvP2D9Qkz+eZmjwmzLnZozbCet+XfCp2hrE=", + "lastModified": 1677143916, + "narHash": "sha256-XlwHrSGK9323LGpF2KNuokHXdn8zlL6uj0h0e64tGUs=", "owner": "pta2002", "repo": "nixvim", - "rev": "8f266e86ef7de81ae74b709c8c2e28c22b967f61", + "rev": "67f5db9cfd56ec45dcc5234d99edec7428d12107", "type": "github" }, "original": { @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677136257, - "narHash": "sha256-kmaR2ohfajjXJHVrdz2J5Uvte5Sm1sOkD9Tv+kheVR4=", + "lastModified": 1677145608, + "narHash": "sha256-SN4J+8RNilYlw+UyTULFblk8GaDOVkFhz91QBO3oIIw=", "owner": "nix-community", "repo": "NUR", - "rev": "1bc392db530b26f33dd5c941047def5973cf5ed2", + "rev": "df0ec449159efb08aeac862ac4d15db40e48b806", "type": "github" }, "original": { -- 2.47.1 From 062c21aaf22970ff2c6e0c1d7f8d4368bd5f723f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 12:01:42 +0000 Subject: [PATCH 1043/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index a176e5ac..1b162717 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677145608, - "narHash": "sha256-SN4J+8RNilYlw+UyTULFblk8GaDOVkFhz91QBO3oIIw=", + "lastModified": 1677153098, + "narHash": "sha256-C5NsaJKeNe+Aa1REK6Ae1ywiybkKbtX92FP6OYZA0Lc=", "owner": "nix-community", "repo": "NUR", - "rev": "df0ec449159efb08aeac862ac4d15db40e48b806", + "rev": "12e6af8be38edb8358041e0ff3796919917c0d7b", "type": "github" }, "original": { -- 2.47.1 From 348a1f161a12359dbd3fa0b871d67fae80d94de3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 14:02:02 +0000 Subject: [PATCH 1044/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1b162717..56a8dbfa 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677107771, - "narHash": "sha256-eS/ylmm1y4ELz/Ow0goDA9u9LbuUPujdHpcdXcSYHJc=", + "lastModified": 1677160527, + "narHash": "sha256-bMoUHUuFgoCjE8g5QXkEYvX+p0bnyIDhB4lhRgOZKWs=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "2bf7f9e4136ebef6db1159c636b163ecb96f23cc", + "rev": "14a2de0d0e0565ff889bcb1f5f803421a05cffc1", "type": "github" }, "original": { -- 2.47.1 From 1a7f6fc92761ae0c1d995e075c0b377af0c3375f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 15:00:42 +0000 Subject: [PATCH 1045/1882] chore(deps): update renovate/renovate docker tag to v34.152.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 891fdee4..fa54039c 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.152.1 + image: renovate/renovate:34.152.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From e8b802cb796f1a32cf266282dc89f4aca0c4574a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 16:02:17 +0000 Subject: [PATCH 1046/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 56a8dbfa..ca228690 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677160527, - "narHash": "sha256-bMoUHUuFgoCjE8g5QXkEYvX+p0bnyIDhB4lhRgOZKWs=", + "lastModified": 1677162463, + "narHash": "sha256-wjZbwJvIagJ0i82LYm3eIHNsqwblOjIzAyegA3z9olA=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "14a2de0d0e0565ff889bcb1f5f803421a05cffc1", + "rev": "60e37d727def25c87a3fd6c47751c05f6082260f", "type": "github" }, "original": { -- 2.47.1 From a1e2c305dd377b5f55ccc9809f6f8468263cc585 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 17:06:23 +0000 Subject: [PATCH 1047/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index ca228690..e368aec8 100644 --- a/flake.lock +++ b/flake.lock @@ -913,11 +913,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1677143916, - "narHash": "sha256-XlwHrSGK9323LGpF2KNuokHXdn8zlL6uj0h0e64tGUs=", + "lastModified": 1677171115, + "narHash": "sha256-OlBDyJYYYBgH1+8YTixz1+4q5cGVEV8IsNygZwSiyG8=", "owner": "pta2002", "repo": "nixvim", - "rev": "67f5db9cfd56ec45dcc5234d99edec7428d12107", + "rev": "e50828507f4be2c7182e44a74b63917662c236ad", "type": "github" }, "original": { @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677153098, - "narHash": "sha256-C5NsaJKeNe+Aa1REK6Ae1ywiybkKbtX92FP6OYZA0Lc=", + "lastModified": 1677170278, + "narHash": "sha256-o5qDjkws6MhNclJONZz9KFH/GjNxiybrSLnoWvpFd+g=", "owner": "nix-community", "repo": "NUR", - "rev": "12e6af8be38edb8358041e0ff3796919917c0d7b", + "rev": "53c1c2d19685514256c3dd665ac2e9d794b559e1", "type": "github" }, "original": { -- 2.47.1 From e02c0f5711ffd9d5819b1ed2625dcc3d886402a8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 19:01:26 +0000 Subject: [PATCH 1048/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index e368aec8..e831c9be 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677170278, - "narHash": "sha256-o5qDjkws6MhNclJONZz9KFH/GjNxiybrSLnoWvpFd+g=", + "lastModified": 1677176757, + "narHash": "sha256-SI8HDetH2sv6vdms9HMRg/yEQJLE37uYgkknIgK72yE=", "owner": "nix-community", "repo": "NUR", - "rev": "53c1c2d19685514256c3dd665ac2e9d794b559e1", + "rev": "bd4f702e7c10e2d9c8c5fc839e8f120b54fac07f", "type": "github" }, "original": { -- 2.47.1 From 674cc31d4a092572fcbd31aa4f4877a1dc9bb8e6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 20:03:07 +0000 Subject: [PATCH 1049/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index e831c9be..cfac112a 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677176757, - "narHash": "sha256-SI8HDetH2sv6vdms9HMRg/yEQJLE37uYgkknIgK72yE=", + "lastModified": 1677181577, + "narHash": "sha256-kQvPYxIfE3GRTxTbi6z7r8cu+c2iXGhfSZc9dYNO8fg=", "owner": "nix-community", "repo": "NUR", - "rev": "bd4f702e7c10e2d9c8c5fc839e8f120b54fac07f", + "rev": "5285ace79c1f9f2ec9dec57626fcaf87267cfedf", "type": "github" }, "original": { -- 2.47.1 From ea97f806d21c657e22044b9b30fed2f145cfba3e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 21:02:19 +0000 Subject: [PATCH 1050/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index cfac112a..ab60819b 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677181577, - "narHash": "sha256-kQvPYxIfE3GRTxTbi6z7r8cu+c2iXGhfSZc9dYNO8fg=", + "lastModified": 1677185830, + "narHash": "sha256-2RtCAX+YuLPYhqdFBrhLvo0cHPATFkAHh/MxxgBUeKE=", "owner": "nix-community", "repo": "NUR", - "rev": "5285ace79c1f9f2ec9dec57626fcaf87267cfedf", + "rev": "275ed76352ed7c4cb99c2711a6b33d92bedcdb67", "type": "github" }, "original": { -- 2.47.1 From 749d4019f01401a2a874e3e3b412c770032205b8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 22:02:03 +0000 Subject: [PATCH 1051/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index ab60819b..93667569 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677185830, - "narHash": "sha256-2RtCAX+YuLPYhqdFBrhLvo0cHPATFkAHh/MxxgBUeKE=", + "lastModified": 1677186933, + "narHash": "sha256-wC/O84C7+rwjoekpwif9y650oaMES6JBxCdfJcp0W5U=", "owner": "nix-community", "repo": "NUR", - "rev": "275ed76352ed7c4cb99c2711a6b33d92bedcdb67", + "rev": "755fcb5c2889dd8d4704b5630e6c02ba3df302c1", "type": "github" }, "original": { -- 2.47.1 From 90ecb6642d24b1427fdb575f1d3f50056effae82 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 23:02:04 +0000 Subject: [PATCH 1052/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 93667569..ade41aa4 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677186933, - "narHash": "sha256-wC/O84C7+rwjoekpwif9y650oaMES6JBxCdfJcp0W5U=", + "lastModified": 1677192448, + "narHash": "sha256-bqHXpEDxPnDF4tdBld2fL13ZtWNGsv/EINENxS+T1UM=", "owner": "nix-community", "repo": "NUR", - "rev": "755fcb5c2889dd8d4704b5630e6c02ba3df302c1", + "rev": "81cee6fd1d178fca9ad861247cc9b15cd114f203", "type": "github" }, "original": { -- 2.47.1 From 1e539721bac0bbb58be3b4a085bc37e871b9a87f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Feb 2023 02:00:25 +0000 Subject: [PATCH 1053/1882] chore(deps): update renovate/renovate docker tag to v34.152.3 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index fa54039c..688661f0 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.152.2 + image: renovate/renovate:34.152.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 2613d64ab70464738863e2baaae5643672e4d188 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Feb 2023 03:02:14 +0000 Subject: [PATCH 1054/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index ade41aa4..d329a0e1 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677192448, - "narHash": "sha256-bqHXpEDxPnDF4tdBld2fL13ZtWNGsv/EINENxS+T1UM=", + "lastModified": 1677206638, + "narHash": "sha256-LVu4x3mpE5AVixtGrZZuf4JFWUaW7314TmktfmmyHgI=", "owner": "nix-community", "repo": "NUR", - "rev": "81cee6fd1d178fca9ad861247cc9b15cd114f203", + "rev": "b557e952bed4be48e8db111d684451e5fc51615c", "type": "github" }, "original": { -- 2.47.1 From a8e4040c97308369efa28e7962ef987581e032ad Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Feb 2023 04:05:52 +0000 Subject: [PATCH 1055/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d329a0e1..0af9ad14 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677206638, - "narHash": "sha256-LVu4x3mpE5AVixtGrZZuf4JFWUaW7314TmktfmmyHgI=", + "lastModified": 1677209833, + "narHash": "sha256-LiC4v1cr4JhRH1Za8yue4jKOINJ3NxlGznJP2rO1mpY=", "owner": "nix-community", "repo": "NUR", - "rev": "b557e952bed4be48e8db111d684451e5fc51615c", + "rev": "2390880f68c7f26376fd2cd95afdf2e62d6ca032", "type": "github" }, "original": { -- 2.47.1 From 85f4deb84a88c61788d4e64f89f53fe134f75aef Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Feb 2023 05:01:59 +0000 Subject: [PATCH 1056/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 0af9ad14..ea62fa68 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677209833, - "narHash": "sha256-LiC4v1cr4JhRH1Za8yue4jKOINJ3NxlGznJP2rO1mpY=", + "lastModified": 1677214038, + "narHash": "sha256-feoyTKjz8wFpmhX6ZHC/50U4ydi5AAKap6/pWPGnPuU=", "owner": "nix-community", "repo": "NUR", - "rev": "2390880f68c7f26376fd2cd95afdf2e62d6ca032", + "rev": "e44a5db9e77b0672683a1b21a409166c49ccaa4a", "type": "github" }, "original": { -- 2.47.1 From 0eee9fb7c08ae74e876b6cf42c2fbf17aab0fdcf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Feb 2023 06:02:04 +0000 Subject: [PATCH 1057/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index ea62fa68..77eb1751 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677214038, - "narHash": "sha256-feoyTKjz8wFpmhX6ZHC/50U4ydi5AAKap6/pWPGnPuU=", + "lastModified": 1677217548, + "narHash": "sha256-Vd23DuJH46sJhNi8uSjtjjt4YuSd3EScYGAi70QP6V0=", "owner": "nix-community", "repo": "NUR", - "rev": "e44a5db9e77b0672683a1b21a409166c49ccaa4a", + "rev": "d265d65daf8523bfbfa13f9cfa5d87ef73ac426c", "type": "github" }, "original": { -- 2.47.1 From 77238b103cca5c498709e3cf4c6f74f232721438 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Feb 2023 08:00:25 +0000 Subject: [PATCH 1058/1882] chore(deps): update renovate/renovate docker tag to v34.152.4 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 688661f0..8a5c3611 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.152.3 + image: renovate/renovate:34.152.4 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From e6a2b98a7c6d462351638a52fe22bd0b5d9a5fd7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Feb 2023 09:02:40 +0000 Subject: [PATCH 1059/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 77eb1751..f18c2f43 100644 --- a/flake.lock +++ b/flake.lock @@ -913,11 +913,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1677171115, - "narHash": "sha256-OlBDyJYYYBgH1+8YTixz1+4q5cGVEV8IsNygZwSiyG8=", + "lastModified": 1677228903, + "narHash": "sha256-+rbB0k2JVanuYTwrtaKYblhL9N1Lnw5X4Z2EZ4VmPBQ=", "owner": "pta2002", "repo": "nixvim", - "rev": "e50828507f4be2c7182e44a74b63917662c236ad", + "rev": "1feb9376b7951214bed5600d39bf9fa551e3f40d", "type": "github" }, "original": { @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677217548, - "narHash": "sha256-Vd23DuJH46sJhNi8uSjtjjt4YuSd3EScYGAi70QP6V0=", + "lastModified": 1677228508, + "narHash": "sha256-yDvMd/7KRxtJdDwaPOYt60y7FyqJ6V08mrpcUhNJT5Q=", "owner": "nix-community", "repo": "NUR", - "rev": "d265d65daf8523bfbfa13f9cfa5d87ef73ac426c", + "rev": "d7b060c9c49c18be0362975b94d489bc75810e39", "type": "github" }, "original": { -- 2.47.1 From bb04a6dd6dc0eb71cedd0df0fe0a75008a9768c7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Feb 2023 10:05:58 +0000 Subject: [PATCH 1060/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index f18c2f43..ef876431 100644 --- a/flake.lock +++ b/flake.lock @@ -670,11 +670,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1676924492, - "narHash": "sha256-78278eyP55JRFe7UCpmFwdkrTY6H2arzTpVeteWo8kM=", + "lastModified": 1677232326, + "narHash": "sha256-rAk2/80kLvA3yIMmSV86T1B4kNvwCFMSQ1FxXndaUB0=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "d24ea777c57b69c6b143cf11d83184ef71b0dbbf", + "rev": "2d44015779cced4eec9df5b8dab238b9f6312cb2", "type": "github" }, "original": { @@ -913,11 +913,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1677228903, - "narHash": "sha256-+rbB0k2JVanuYTwrtaKYblhL9N1Lnw5X4Z2EZ4VmPBQ=", + "lastModified": 1677230078, + "narHash": "sha256-4WYJ+J76TiULFFdv1WCseklbwtunvZ9xzR4pi1MCezM=", "owner": "pta2002", "repo": "nixvim", - "rev": "1feb9376b7951214bed5600d39bf9fa551e3f40d", + "rev": "29764b28af2f27d1e4bd576754e3e1622ca24003", "type": "github" }, "original": { @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677228508, - "narHash": "sha256-yDvMd/7KRxtJdDwaPOYt60y7FyqJ6V08mrpcUhNJT5Q=", + "lastModified": 1677231948, + "narHash": "sha256-GGPUhY8Yu9GveaLaa8LD3oBG7+Fe1ksUJ/JimQ8qvXM=", "owner": "nix-community", "repo": "NUR", - "rev": "d7b060c9c49c18be0362975b94d489bc75810e39", + "rev": "33b05dbbb227ff4ade606f8647987fa8498525ca", "type": "github" }, "original": { -- 2.47.1 From 488027e6d9b2430f2eec0e063d7ef47daf86ed9f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Feb 2023 11:02:06 +0000 Subject: [PATCH 1061/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index ef876431..f8850609 100644 --- a/flake.lock +++ b/flake.lock @@ -928,11 +928,11 @@ }, "nur": { "locked": { - "lastModified": 1677231948, - "narHash": "sha256-GGPUhY8Yu9GveaLaa8LD3oBG7+Fe1ksUJ/JimQ8qvXM=", + "lastModified": 1677235650, + "narHash": "sha256-oRB3vBp1qUq87QqpOAh6dIt63t9favRE83W4ucMCq5A=", "owner": "nix-community", "repo": "NUR", - "rev": "33b05dbbb227ff4ade606f8647987fa8498525ca", + "rev": "2b1eb0e3a383f67ac6126937d996e38dca4364d1", "type": "github" }, "original": { -- 2.47.1 From 0e5a3a8ccda5c23e732219aee8d055e18eb17dc8 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 24 Feb 2023 15:00:58 +0100 Subject: [PATCH 1062/1882] nixos generate fixed --- flake.lock | 72 ++++++++++++++++++++++-------------------------------- flake.nix | 31 +++++++++++------------ 2 files changed, 45 insertions(+), 58 deletions(-) diff --git a/flake.lock b/flake.lock index f8850609..6254f859 100644 --- a/flake.lock +++ b/flake.lock @@ -603,7 +603,7 @@ "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs_9" + "nixpkgs": "nixpkgs_8" }, "locked": { "lastModified": 1633098935, @@ -652,7 +652,9 @@ "nixos-generators": { "inputs": { "nixlib": "nixlib", - "nixpkgs": "nixpkgs_5" + "nixpkgs": [ + "nixpkgs" + ] }, "locked": { "lastModified": 1676297861, @@ -734,20 +736,6 @@ } }, "nixpkgs_10": { - "locked": { - "lastModified": 1667318090, - "narHash": "sha256-AvxgT+t1BWZs8IfdseHl8+7wvWWm9pvysupMT9wXdH0=", - "owner": "serokell", - "repo": "nixpkgs", - "rev": "4bce79cf151aad3c0bed46a32bdb4b165f00cb7e", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "type": "indirect" - } - }, - "nixpkgs_11": { "locked": { "lastModified": 1670507980, "narHash": "sha256-riNZa0xzM1it3pzxciwALeMs+0CsBMWIW2FqulzK8vM=", @@ -828,22 +816,6 @@ } }, "nixpkgs_5": { - "locked": { - "lastModified": 1637186689, - "narHash": "sha256-NU7BhgnwA/3ibmCeSzFK6xGi+Bari9mPfn+4cBmyEjw=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "7fad01d9d5a3f82081c00fb57918d64145dc904c", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_6": { "locked": { "lastModified": 1677063315, "narHash": "sha256-qiB4ajTeAOVnVSAwCNEEkoybrAlA+cpeiBxLobHndE8=", @@ -859,7 +831,7 @@ "type": "github" } }, - "nixpkgs_7": { + "nixpkgs_6": { "locked": { "lastModified": 1676721149, "narHash": "sha256-mN2EpTGxxVNnFZLoLWRwh6f7UWhXy4qE+wO2CZyrXps=", @@ -875,7 +847,7 @@ "type": "github" } }, - "nixpkgs_8": { + "nixpkgs_7": { "locked": { "lastModified": 1672580127, "narHash": "sha256-3lW3xZslREhJogoOkjeZtlBtvFMyxHku7I/9IVehhT8=", @@ -891,7 +863,7 @@ "type": "github" } }, - "nixpkgs_9": { + "nixpkgs_8": { "locked": { "lastModified": 1632864508, "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", @@ -906,11 +878,25 @@ "type": "indirect" } }, + "nixpkgs_9": { + "locked": { + "lastModified": 1667318090, + "narHash": "sha256-AvxgT+t1BWZs8IfdseHl8+7wvWWm9pvysupMT9wXdH0=", + "owner": "serokell", + "repo": "nixpkgs", + "rev": "4bce79cf151aad3c0bed46a32bdb4b165f00cb7e", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, "nixvim": { "inputs": { "beautysh": "beautysh", "flake-utils": "flake-utils_2", - "nixpkgs": "nixpkgs_7" + "nixpkgs": "nixpkgs_6" }, "locked": { "lastModified": 1677230078, @@ -928,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677235650, - "narHash": "sha256-oRB3vBp1qUq87QqpOAh6dIt63t9favRE83W4ucMCq5A=", + "lastModified": 1677243766, + "narHash": "sha256-a+2V68cLjb951pYBEGbQGEVBcgti40uWtxTVnzvGFhY=", "owner": "nix-community", "repo": "NUR", - "rev": "2b1eb0e3a383f67ac6126937d996e38dca4364d1", + "rev": "9bde3171aeb5954b7955fcb09b231f53caf76b54", "type": "github" }, "original": { @@ -1016,7 +1002,7 @@ "inputs": { "fenix": "fenix", "naersk": "naersk_2", - "nixpkgs": "nixpkgs_8" + "nixpkgs": "nixpkgs_7" }, "locked": { "lastModified": 1675881254, @@ -1042,7 +1028,7 @@ "mailserver": "mailserver", "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_6", + "nixpkgs": "nixpkgs_5", "nixpkgs_22-11": "nixpkgs_22-11", "nixvim": "nixvim", "nur": "nur", @@ -1166,7 +1152,7 @@ "flake-compat": "flake-compat_4", "flake-utils": "flake-utils_3", "nix": "nix", - "nixpkgs": "nixpkgs_10" + "nixpkgs": "nixpkgs_9" }, "locked": { "lastModified": 1676863423, @@ -1185,7 +1171,7 @@ "webcord": { "inputs": { "dream2nix": "dream2nix", - "nixpkgs": "nixpkgs_11", + "nixpkgs": "nixpkgs_10", "webcord": "webcord_2" }, "locked": { diff --git a/flake.nix b/flake.nix index 7df2ae63..f2743b62 100644 --- a/flake.nix +++ b/flake.nix @@ -36,6 +36,7 @@ nixvim.url = "github:pta2002/nixvim"; nixos-generators.url = "github:nix-community/nixos-generators"; + nixos-generators.inputs.nixpkgs.follows = "nixpkgs"; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; }; @@ -109,17 +110,17 @@ default = colmena.packages.${system}.colmena; - # iso = nixos-generators.nixosGenerate { - # inherit system pkgs; - # format = "iso"; - # modules = [ (import ./nixos/templates/iso.nix) ]; - # }; + iso = nixos-generators.nixosGenerate { + inherit system pkgs; + format = "iso"; + modules = [ (import ./nixos/templates/iso.nix) ]; + }; - # iso-graphical = nixos-generators.nixosGenerate { - # inherit system pkgs; - # format = "iso"; - # modules = [ (import ./nixos/templates/iso-graphical.nix) ]; - # }; + iso-graphical = nixos-generators.nixosGenerate { + inherit system pkgs; + format = "iso"; + modules = [ (import ./nixos/templates/iso-graphical.nix) ]; + }; proxmox-lxc = nixos-generators.nixosGenerate { inherit pkgs; @@ -127,11 +128,11 @@ modules = [ (import ./nixos/templates/proxmox-lxc.nix) ]; }; - # proxmox-vm = nixos-generators.nixosGenerate { - # inherit system pkgs; - # format = "proxmox"; - # modules = [ (import ./nixos/templates/proxmox-vm.nix) ]; - # }; + proxmox-vm = nixos-generators.nixosGenerate { + inherit system pkgs; + format = "proxmox"; + modules = [ (import ./nixos/templates/proxmox-vm.nix) ]; + }; }; # Use by running `nix develop` -- 2.47.1 From 076518c2e6ecc1d80692ac44990784211482501f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Feb 2023 18:01:44 +0000 Subject: [PATCH 1063/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 6254f859..23784ea6 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677162463, - "narHash": "sha256-wjZbwJvIagJ0i82LYm3eIHNsqwblOjIzAyegA3z9olA=", + "lastModified": 1677259491, + "narHash": "sha256-nTIqi2mNJfV5tuQ+52nR3OGymv6tSC8HEQdR5EDHzT8=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "60e37d727def25c87a3fd6c47751c05f6082260f", + "rev": "1089e858b49975a4b9f6e49d377726ee4f164f96", "type": "github" }, "original": { @@ -769,11 +769,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1677075010, - "narHash": "sha256-X+UmR1AkdR//lPVcShmLy8p1n857IGf7y+cyCArp8bU=", + "lastModified": 1677179781, + "narHash": "sha256-+peLp16ruWLuTFHo0ZUbLlS1/meS/+RsWQQ9bUAzOh8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c95bf18beba4290af25c60cbaaceea1110d0f727", + "rev": "50c23cd4ff6c8344e0b4d438b027b3afabfe58dd", "type": "github" }, "original": { -- 2.47.1 From b8395db5930fbf6cb3f4e28ca0750cf386b6c283 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Feb 2023 22:01:43 +0000 Subject: [PATCH 1064/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 23784ea6..c2b4493f 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677243766, - "narHash": "sha256-a+2V68cLjb951pYBEGbQGEVBcgti40uWtxTVnzvGFhY=", + "lastModified": 1677275183, + "narHash": "sha256-vwU/jYMG56/9jmEtqVaDhLAA0KwO0FVWj2XKu5N7ybw=", "owner": "nix-community", "repo": "NUR", - "rev": "9bde3171aeb5954b7955fcb09b231f53caf76b54", + "rev": "fc5270c36c50faca31b8c7d15d9ff414b097c268", "type": "github" }, "original": { -- 2.47.1 From dbf55bad1247765aa6951450387feac0c138ab4d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Feb 2023 23:02:50 +0000 Subject: [PATCH 1065/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index c2b4493f..4450fc52 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1677104801, - "narHash": "sha256-2V5nKOYVFMYlseYdDKiEaww2xqcE0GtS1ax3SoUX99I=", + "lastModified": 1677276957, + "narHash": "sha256-/vhdNhQj2CWgqdfD2KLEZWDleOfen0t2EiaGiyivnJU=", "owner": "nix-community", "repo": "home-manager", - "rev": "4295fdfa6b0005c32f2e1f0b732faf5810c1bc7f", + "rev": "664945b3e09b4551c4e63e16efebd493cf5eac74", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677275183, - "narHash": "sha256-vwU/jYMG56/9jmEtqVaDhLAA0KwO0FVWj2XKu5N7ybw=", + "lastModified": 1677278769, + "narHash": "sha256-qkBRZ8ZZpt9FhdKelGfO6pD83T+KYE0VJsWAYBpOtOg=", "owner": "nix-community", "repo": "NUR", - "rev": "fc5270c36c50faca31b8c7d15d9ff414b097c268", + "rev": "9bcde0a0f5d4dccec3cb85b5fa9f3d18284ffcd7", "type": "github" }, "original": { -- 2.47.1 From ccf22dd1d1c5206065e036762845a2481d20ac11 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Feb 2023 00:02:27 +0000 Subject: [PATCH 1066/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 4450fc52..2e99cc8d 100644 --- a/flake.lock +++ b/flake.lock @@ -489,11 +489,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1676681260, - "narHash": "sha256-R2FvbPzgvDSVs0jCUA9CMDIgw4F6exF8cR+y3Yea5jQ=", + "lastModified": 1677282271, + "narHash": "sha256-wNooEHZpKMJN2jj2qPa1jRhi6f5q1yTYCxQcXEJ32eM=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "2bc88dc8c220db674f458432aec0ac0d9ea6a640", + "rev": "83867464c523c3ac2f7ce53d2c4b8d4f9b7551cd", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677278769, - "narHash": "sha256-qkBRZ8ZZpt9FhdKelGfO6pD83T+KYE0VJsWAYBpOtOg=", + "lastModified": 1677283054, + "narHash": "sha256-UhiXm4UuJWTSAy45beVB9ifYi2LfQAn5Ux6xkdkBXjU=", "owner": "nix-community", "repo": "NUR", - "rev": "9bcde0a0f5d4dccec3cb85b5fa9f3d18284ffcd7", + "rev": "a16abc72ebb69acc6dfd743f5964f8416c442792", "type": "github" }, "original": { -- 2.47.1 From 254efb7616f050fa40c950071c6484367fd18cfd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Feb 2023 01:02:17 +0000 Subject: [PATCH 1067/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 2e99cc8d..540874b3 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677283054, - "narHash": "sha256-UhiXm4UuJWTSAy45beVB9ifYi2LfQAn5Ux6xkdkBXjU=", + "lastModified": 1677286176, + "narHash": "sha256-TlL2W+AIazshP9fzzQQ8IaEH17AKAEPZbZ+iwriSayY=", "owner": "nix-community", "repo": "NUR", - "rev": "a16abc72ebb69acc6dfd743f5964f8416c442792", + "rev": "702a8c4ecbe57a567342e1145f58bdbe9afeb19a", "type": "github" }, "original": { -- 2.47.1 From a1eb41fb55b09e9a7b91e35b4c90d008865a7e53 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Feb 2023 03:01:48 +0000 Subject: [PATCH 1068/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 540874b3..1d622142 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677286176, - "narHash": "sha256-TlL2W+AIazshP9fzzQQ8IaEH17AKAEPZbZ+iwriSayY=", + "lastModified": 1677291901, + "narHash": "sha256-gy2Ab3EjsSJwNeDWHu8dDxZi/F2misXAbUWNdqe4OwI=", "owner": "nix-community", "repo": "NUR", - "rev": "702a8c4ecbe57a567342e1145f58bdbe9afeb19a", + "rev": "7004225966204acdb91dc45e04fba60c1a575883", "type": "github" }, "original": { -- 2.47.1 From 83d6747b1b266690b4d98c5f26aeef8384bbfa28 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Feb 2023 04:02:21 +0000 Subject: [PATCH 1069/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1d622142..26a61b57 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677291901, - "narHash": "sha256-gy2Ab3EjsSJwNeDWHu8dDxZi/F2misXAbUWNdqe4OwI=", + "lastModified": 1677297240, + "narHash": "sha256-hBuzGDXNiHUe7RKl7PM6s2cgHnVjd0DGw1iQUuA/QLE=", "owner": "nix-community", "repo": "NUR", - "rev": "7004225966204acdb91dc45e04fba60c1a575883", + "rev": "656e6ba825da4c6c1d95c148253d8b1c0e142c1c", "type": "github" }, "original": { -- 2.47.1 From 366b65c5930f73f41bf600ab4398bbce937cf1f5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Feb 2023 05:02:49 +0000 Subject: [PATCH 1070/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 26a61b57..c10fe5f3 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677297240, - "narHash": "sha256-hBuzGDXNiHUe7RKl7PM6s2cgHnVjd0DGw1iQUuA/QLE=", + "lastModified": 1677300403, + "narHash": "sha256-vcixX1xzBgSg/mzDzuOVPDnONpU9H8Os/c7PX2LsNa0=", "owner": "nix-community", "repo": "NUR", - "rev": "656e6ba825da4c6c1d95c148253d8b1c0e142c1c", + "rev": "3bf8b19290dd918d6a8430097f91d55ff0c11a8f", "type": "github" }, "original": { -- 2.47.1 From 9b0945b6f7bcdd0e4e79e18a552d4a1c99e68c1f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Feb 2023 07:01:50 +0000 Subject: [PATCH 1071/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c10fe5f3..b79c12af 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677300403, - "narHash": "sha256-vcixX1xzBgSg/mzDzuOVPDnONpU9H8Os/c7PX2LsNa0=", + "lastModified": 1677307379, + "narHash": "sha256-qxjilHh3p9UmXczYiaItgEXopFUs6Eou2i5IrEOM/oY=", "owner": "nix-community", "repo": "NUR", - "rev": "3bf8b19290dd918d6a8430097f91d55ff0c11a8f", + "rev": "43128bc262b0275a4885383f3907bb200b0c60bb", "type": "github" }, "original": { -- 2.47.1 From 42820ca1ddae699e8173c150b7a74d5bde3c96a3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Feb 2023 08:02:14 +0000 Subject: [PATCH 1072/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b79c12af..18d29ce6 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677307379, - "narHash": "sha256-qxjilHh3p9UmXczYiaItgEXopFUs6Eou2i5IrEOM/oY=", + "lastModified": 1677308535, + "narHash": "sha256-66BgZxZ+MnxouwGRd0K9ue1G70r8jyR6l2neuMMiYjs=", "owner": "nix-community", "repo": "NUR", - "rev": "43128bc262b0275a4885383f3907bb200b0c60bb", + "rev": "ab8cd578fc38e3e797eaa98cd392b2f625a0f265", "type": "github" }, "original": { -- 2.47.1 From ce89a4c09be7f218008e245038f2032e39ddc918 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Feb 2023 12:01:59 +0000 Subject: [PATCH 1073/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 18d29ce6..f0edb70b 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677308535, - "narHash": "sha256-66BgZxZ+MnxouwGRd0K9ue1G70r8jyR6l2neuMMiYjs=", + "lastModified": 1677325571, + "narHash": "sha256-tI8/v64+XGUcTLQh+66ry60kHwJrh47/xyN10WueEV0=", "owner": "nix-community", "repo": "NUR", - "rev": "ab8cd578fc38e3e797eaa98cd392b2f625a0f265", + "rev": "6205e6306a45198c1b7a9e479be075903ffb5f34", "type": "github" }, "original": { -- 2.47.1 From 5ba1d0a42a246b883d1820d8943e5bfeb13ba0a7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Feb 2023 14:15:39 +0000 Subject: [PATCH 1074/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index f0edb70b..bcc70d38 100644 --- a/flake.lock +++ b/flake.lock @@ -899,11 +899,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1677230078, - "narHash": "sha256-4WYJ+J76TiULFFdv1WCseklbwtunvZ9xzR4pi1MCezM=", + "lastModified": 1677331434, + "narHash": "sha256-Kjd8HY/6eshXegtWoqeS2diwlfCDBIZi+guMnd4b928=", "owner": "pta2002", "repo": "nixvim", - "rev": "29764b28af2f27d1e4bd576754e3e1622ca24003", + "rev": "401f6fb572111dd13e8c79b6eb3efb360d84b97e", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677325571, - "narHash": "sha256-tI8/v64+XGUcTLQh+66ry60kHwJrh47/xyN10WueEV0=", + "lastModified": 1677332671, + "narHash": "sha256-2AzYk+vZHEyyZpM7UOE2+XOw34SsP2N/5E5gZddvFP0=", "owner": "nix-community", "repo": "NUR", - "rev": "6205e6306a45198c1b7a9e479be075903ffb5f34", + "rev": "ace93f8263bb10d4ec9281718d2d1d1eb024677a", "type": "github" }, "original": { -- 2.47.1 From 5517d5eac31107b17ac0f154858544f6622db05c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Feb 2023 15:02:45 +0000 Subject: [PATCH 1075/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index bcc70d38..1ce14454 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677332671, - "narHash": "sha256-2AzYk+vZHEyyZpM7UOE2+XOw34SsP2N/5E5gZddvFP0=", + "lastModified": 1677336410, + "narHash": "sha256-MUatp+RjIQD9Br0yRVMmZwZgSGnCVpmAxYuzj7NzPek=", "owner": "nix-community", "repo": "NUR", - "rev": "ace93f8263bb10d4ec9281718d2d1d1eb024677a", + "rev": "6f1d9d380e7922cc302e2d21cb3615d918f4a001", "type": "github" }, "original": { -- 2.47.1 From fd9405fc7b400653f345946ad2ce3c874c634aa0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Feb 2023 16:03:06 +0000 Subject: [PATCH 1076/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1ce14454..c757f812 100644 --- a/flake.lock +++ b/flake.lock @@ -899,11 +899,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1677331434, - "narHash": "sha256-Kjd8HY/6eshXegtWoqeS2diwlfCDBIZi+guMnd4b928=", + "lastModified": 1677339175, + "narHash": "sha256-Bsnvr1jwRcRPMhkPWfhZZkvm+bXA5cc15ao14TUllbs=", "owner": "pta2002", "repo": "nixvim", - "rev": "401f6fb572111dd13e8c79b6eb3efb360d84b97e", + "rev": "b7e810638a8dbcb381f73bf51aff3ad64ce35a90", "type": "github" }, "original": { -- 2.47.1 From 8e9feaa870bf576632d9d992995f92a6d8f8a53a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Feb 2023 17:02:34 +0000 Subject: [PATCH 1077/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index c757f812..5417f9b0 100644 --- a/flake.lock +++ b/flake.lock @@ -899,11 +899,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1677339175, - "narHash": "sha256-Bsnvr1jwRcRPMhkPWfhZZkvm+bXA5cc15ao14TUllbs=", + "lastModified": 1677344182, + "narHash": "sha256-wF674B1e4tYaFkp+rN470mYXpmhzfiXtzYROTzdTg1I=", "owner": "pta2002", "repo": "nixvim", - "rev": "b7e810638a8dbcb381f73bf51aff3ad64ce35a90", + "rev": "a87135755c383e5bd1e75fe22fb12f966b738c81", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677336410, - "narHash": "sha256-MUatp+RjIQD9Br0yRVMmZwZgSGnCVpmAxYuzj7NzPek=", + "lastModified": 1677342700, + "narHash": "sha256-ndoNr6OgZYKCBIrIraH1CjVjG9vE5+qwKnBdMD9lM9I=", "owner": "nix-community", "repo": "NUR", - "rev": "6f1d9d380e7922cc302e2d21cb3615d918f4a001", + "rev": "a95fe9be5dcb1ac298e053fd9146d08bd90cb46b", "type": "github" }, "original": { -- 2.47.1 From 9d17ae955bbfbb3aa9a9cad13571a39eac779aac Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Feb 2023 18:02:25 +0000 Subject: [PATCH 1078/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 5417f9b0..8afbf4ee 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677259491, - "narHash": "sha256-nTIqi2mNJfV5tuQ+52nR3OGymv6tSC8HEQdR5EDHzT8=", + "lastModified": 1677346766, + "narHash": "sha256-0+smV3LldkVIRkD4cSfcVsJxxSB9NaRO56ze5Q8+hdo=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "1089e858b49975a4b9f6e49d377726ee4f164f96", + "rev": "cf566b59ce980790bc60dac8adf4df9ec8bcf9f9", "type": "github" }, "original": { @@ -899,11 +899,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1677344182, - "narHash": "sha256-wF674B1e4tYaFkp+rN470mYXpmhzfiXtzYROTzdTg1I=", + "lastModified": 1677346275, + "narHash": "sha256-2zW9VjSgdHtpCzbtD4Oo9B5Mk/3/TQpoDPp0Hl1qRyk=", "owner": "pta2002", "repo": "nixvim", - "rev": "a87135755c383e5bd1e75fe22fb12f966b738c81", + "rev": "1abdc904111dc340d7e4d96f7ea218ce8042cab5", "type": "github" }, "original": { -- 2.47.1 From 1dab151358615222aa23cd87e85d542700fb891c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Feb 2023 19:02:12 +0000 Subject: [PATCH 1079/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 8afbf4ee..03808144 100644 --- a/flake.lock +++ b/flake.lock @@ -899,11 +899,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1677346275, - "narHash": "sha256-2zW9VjSgdHtpCzbtD4Oo9B5Mk/3/TQpoDPp0Hl1qRyk=", + "lastModified": 1677348479, + "narHash": "sha256-9k2qZo+1KPRRfHzIUs9gfrTxx7ZR+KGPLkpWpDRlp5U=", "owner": "pta2002", "repo": "nixvim", - "rev": "1abdc904111dc340d7e4d96f7ea218ce8042cab5", + "rev": "705356d4787ecddfc88629ca7ec5e03a8edb4944", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677342700, - "narHash": "sha256-ndoNr6OgZYKCBIrIraH1CjVjG9vE5+qwKnBdMD9lM9I=", + "lastModified": 1677349584, + "narHash": "sha256-Q1a4DF2t42Q6ekLlIN2hjXTF391ss3AA9bkJiS57wdU=", "owner": "nix-community", "repo": "NUR", - "rev": "a95fe9be5dcb1ac298e053fd9146d08bd90cb46b", + "rev": "c722a3615c072c725baaf667b88a63770dc16ae7", "type": "github" }, "original": { -- 2.47.1 From a3970a265481ad2eeda7c04980cb60d66de13e40 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Feb 2023 20:02:10 +0000 Subject: [PATCH 1080/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 03808144..282e4be8 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677349584, - "narHash": "sha256-Q1a4DF2t42Q6ekLlIN2hjXTF391ss3AA9bkJiS57wdU=", + "lastModified": 1677354372, + "narHash": "sha256-yJQeIxHkJO7GOvEK24hv9K59eorGTrEgfNWjlrpBfPU=", "owner": "nix-community", "repo": "NUR", - "rev": "c722a3615c072c725baaf667b88a63770dc16ae7", + "rev": "4711c9bb1df2bf0fd103c46aa9465ebde8fd93c7", "type": "github" }, "original": { -- 2.47.1 From 0a774bfde932be5c701f17e1c0d9d7a40a6b99ad Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Feb 2023 22:01:43 +0000 Subject: [PATCH 1081/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 282e4be8..e2292a1f 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677354372, - "narHash": "sha256-yJQeIxHkJO7GOvEK24hv9K59eorGTrEgfNWjlrpBfPU=", + "lastModified": 1677361502, + "narHash": "sha256-LKwDLGyFEU7M+nYAzemvuZTVfo8lujFd5JSBWxuiQJk=", "owner": "nix-community", "repo": "NUR", - "rev": "4711c9bb1df2bf0fd103c46aa9465ebde8fd93c7", + "rev": "f86fd886eb8f3dc7948b6f8cd72de1fe1b5d80c6", "type": "github" }, "original": { -- 2.47.1 From 2dab751d4e0f1bdb3d6bad8e189ef3e8524953cd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Feb 2023 23:02:31 +0000 Subject: [PATCH 1082/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index e2292a1f..eeb22c31 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677346766, - "narHash": "sha256-0+smV3LldkVIRkD4cSfcVsJxxSB9NaRO56ze5Q8+hdo=", + "lastModified": 1677363591, + "narHash": "sha256-hSP+adSLxnOMUVxb+Y+Xiv8eoruw+JnjntZyRLATeo8=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "cf566b59ce980790bc60dac8adf4df9ec8bcf9f9", + "rev": "edd0a141de56cb71dc46ffdaf70fe0ccd950b136", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677361502, - "narHash": "sha256-LKwDLGyFEU7M+nYAzemvuZTVfo8lujFd5JSBWxuiQJk=", + "lastModified": 1677365085, + "narHash": "sha256-XdrOSAABhkmMM3tDuFOHnGxQ8A0833oLXK9BsBWFWSE=", "owner": "nix-community", "repo": "NUR", - "rev": "f86fd886eb8f3dc7948b6f8cd72de1fe1b5d80c6", + "rev": "3ef7891781ff7c4961e6b01b45529cffe865a8d0", "type": "github" }, "original": { -- 2.47.1 From a0b46b2ce8a2aeab532c23e7e6a6a45b3a0296f3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 26 Feb 2023 00:02:30 +0000 Subject: [PATCH 1083/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index eeb22c31..a15e90db 100644 --- a/flake.lock +++ b/flake.lock @@ -817,11 +817,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1677063315, - "narHash": "sha256-qiB4ajTeAOVnVSAwCNEEkoybrAlA+cpeiBxLobHndE8=", + "lastModified": 1677342105, + "narHash": "sha256-kv1fpkfCJGb0M+LZaCHFUuIS9kRIwyVgupHu86Y28nc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "988cc958c57ce4350ec248d2d53087777f9e1949", + "rev": "b1f87ca164a9684404c8829b851c3586c4d9f089", "type": "github" }, "original": { -- 2.47.1 From d57103a2c2fe0a49a44b3a2b2a00b41baa5dc90f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 26 Feb 2023 02:02:02 +0000 Subject: [PATCH 1084/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index a15e90db..53a864ff 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677363591, - "narHash": "sha256-hSP+adSLxnOMUVxb+Y+Xiv8eoruw+JnjntZyRLATeo8=", + "lastModified": 1677376583, + "narHash": "sha256-aUUXv7O9/jooNlxXRdtEGV3hX2VEl4EINw+HLtdRGNs=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "edd0a141de56cb71dc46ffdaf70fe0ccd950b136", + "rev": "e3027248470dab4553273368de85d0f4cf357f78", "type": "github" }, "original": { -- 2.47.1 From 08ce265faaff607e300c04aefc8aa032a9adb227 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 26 Feb 2023 03:02:17 +0000 Subject: [PATCH 1085/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 53a864ff..737103a0 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677365085, - "narHash": "sha256-XdrOSAABhkmMM3tDuFOHnGxQ8A0833oLXK9BsBWFWSE=", + "lastModified": 1677378055, + "narHash": "sha256-nHuCColxrrXMdrLgPjt5/5UA+m7lZB50nHCBcIS4mfA=", "owner": "nix-community", "repo": "NUR", - "rev": "3ef7891781ff7c4961e6b01b45529cffe865a8d0", + "rev": "1dc471e62bcacb66711f84b5455f0d6fd4cfc5bf", "type": "github" }, "original": { -- 2.47.1 From 3f48b682dbe6fa115f7b905e8cb47a70c48b0a56 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 26 Feb 2023 04:01:59 +0000 Subject: [PATCH 1086/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 737103a0..acf877e4 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677378055, - "narHash": "sha256-nHuCColxrrXMdrLgPjt5/5UA+m7lZB50nHCBcIS4mfA=", + "lastModified": 1677383307, + "narHash": "sha256-7Xm2jl8Pk0lbNYO3J//L/ToHMCPa+BR57iOFi6yaL14=", "owner": "nix-community", "repo": "NUR", - "rev": "1dc471e62bcacb66711f84b5455f0d6fd4cfc5bf", + "rev": "98ece127a5b790aa56635034613a0ab72f6b9fe3", "type": "github" }, "original": { -- 2.47.1 From fb0d12e4d62d01c18fb764ae01af34c481d6b640 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Feb 2023 15:00:26 +0000 Subject: [PATCH 1087/1882] chore(deps): update dependency fluxcd/flux2 to v0.40.1 --- .../base/flux-system/gotk-components.yaml | 64 +++++++++---------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/flux/olympus/base/flux-system/gotk-components.yaml b/flux/olympus/base/flux-system/gotk-components.yaml index 96c15837..dd531449 100644 --- a/flux/olympus/base/flux-system/gotk-components.yaml +++ b/flux/olympus/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.40.0 +# Flux Version: v0.40.1 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -23,7 +23,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -443,7 +443,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -962,7 +962,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1757,7 +1757,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2355,7 +2355,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -3238,7 +3238,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3745,7 +3745,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -4872,7 +4872,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: ocirepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -5236,7 +5236,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5642,7 +5642,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6083,7 +6083,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: helm-controller namespace: flux-system --- @@ -6094,7 +6094,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: kustomize-controller namespace: flux-system --- @@ -6105,7 +6105,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: notification-controller namespace: flux-system --- @@ -6116,7 +6116,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: source-controller namespace: flux-system --- @@ -6126,7 +6126,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: crd-controller-flux-system rules: - apiGroups: @@ -6216,7 +6216,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" name: flux-edit-flux-system @@ -6242,7 +6242,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-view: "true" @@ -6267,7 +6267,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -6287,7 +6287,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -6320,7 +6320,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 control-plane: controller name: notification-controller namespace: flux-system @@ -6341,7 +6341,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 control-plane: controller name: source-controller namespace: flux-system @@ -6362,7 +6362,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 control-plane: controller name: webhook-receiver namespace: flux-system @@ -6383,7 +6383,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 control-plane: controller name: helm-controller namespace: flux-system @@ -6466,7 +6466,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 control-plane: controller name: kustomize-controller namespace: flux-system @@ -6549,7 +6549,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 control-plane: controller name: notification-controller namespace: flux-system @@ -6637,7 +6637,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 control-plane: controller name: source-controller namespace: flux-system @@ -6672,7 +6672,7 @@ spec: fieldPath: metadata.namespace - name: TUF_ROOT value: /tmp/.sigstore - image: ghcr.io/fluxcd/source-controller:v0.35.1 + image: ghcr.io/fluxcd/source-controller:v0.35.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6732,7 +6732,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: allow-egress namespace: flux-system spec: @@ -6752,7 +6752,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: allow-scraping namespace: flux-system spec: @@ -6772,7 +6772,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.0 + app.kubernetes.io/version: v0.40.1 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From 439e88964cec92cdb9fe960a01b07aa59d7ddeac Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 26 Feb 2023 12:22:00 +0100 Subject: [PATCH 1088/1882] some updates --- flake.lock | 12 ++++++------ nixos/hosts/thalassa/aoife/hardware.nix | 10 ---------- 2 files changed, 6 insertions(+), 16 deletions(-) diff --git a/flake.lock b/flake.lock index acf877e4..9c5c97ad 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1677276957, - "narHash": "sha256-/vhdNhQj2CWgqdfD2KLEZWDleOfen0t2EiaGiyivnJU=", + "lastModified": 1677400245, + "narHash": "sha256-+/oDZltWUhYFYcIRjH0F5lSNWcBj+4o5kzmDSheiLRw=", "owner": "nix-community", "repo": "home-manager", - "rev": "664945b3e09b4551c4e63e16efebd493cf5eac74", + "rev": "693d76eeb84124cc3110793ff127aeab3832f95c", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677383307, - "narHash": "sha256-7Xm2jl8Pk0lbNYO3J//L/ToHMCPa+BR57iOFi6yaL14=", + "lastModified": 1677400920, + "narHash": "sha256-s+Now//Yr9KTpJnD2AcRA6jxE2eFJ5ETy4srg4kxlfU=", "owner": "nix-community", "repo": "NUR", - "rev": "98ece127a5b790aa56635034613a0ab72f6b9fe3", + "rev": "757744d8d4d4c87d32d669572da135fd1b4bcd14", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/aoife/hardware.nix b/nixos/hosts/thalassa/aoife/hardware.nix index c9f208d6..c6b1208e 100644 --- a/nixos/hosts/thalassa/aoife/hardware.nix +++ b/nixos/hosts/thalassa/aoife/hardware.nix @@ -21,16 +21,6 @@ # Power Management services.upower.enable = true; services.thermald.enable = true; - services.power-profiles-daemon.enable = false; - services.tlp = { - enable = true; - settings = { - CPU_BOOST_ON_AC = 1; - CPU_BOOST_ON_BAT = 0; - CPU_SCALING_GOVERNOR_ON_AC = "performance"; - CPU_SCALING_GOVERNOR_ON_BAT = "powersave"; - }; - }; powerManagement = { enable = true; -- 2.47.1 From a5c1f010d539daa8e8a023ff35b329fe4a824ea3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 26 Feb 2023 13:00:23 +0000 Subject: [PATCH 1089/1882] chore(deps): update renovate/renovate docker tag to v34.152.5 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 8a5c3611..5e5acdbf 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.152.4 + image: renovate/renovate:34.152.5 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 6e7f0301ff036fd50355159bc57a37154c817f49 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 26 Feb 2023 14:01:54 +0000 Subject: [PATCH 1090/1882] chore(deps): lock file maintenance --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 9c5c97ad..1e93d733 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677376583, - "narHash": "sha256-aUUXv7O9/jooNlxXRdtEGV3hX2VEl4EINw+HLtdRGNs=", + "lastModified": 1677419735, + "narHash": "sha256-f1kAXaUBWt7OAlPCvx4oiuPQiLInw0qvLM/Qpf2kPXs=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "e3027248470dab4553273368de85d0f4cf357f78", + "rev": "18ed73f091204e44304192bd90c21fe5463ab46d", "type": "github" }, "original": { @@ -769,11 +769,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1677179781, - "narHash": "sha256-+peLp16ruWLuTFHo0ZUbLlS1/meS/+RsWQQ9bUAzOh8=", + "lastModified": 1677341534, + "narHash": "sha256-zqaJuOTnKzg5AubC4rzzJ/IS5kU5n4U7vxosv1Fv8Ug=", "owner": "nixos", "repo": "nixpkgs", - "rev": "50c23cd4ff6c8344e0b4d438b027b3afabfe58dd", + "rev": "7076110064c09f0b3942f609f2134c1358ef2e50", "type": "github" }, "original": { @@ -833,11 +833,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1676721149, - "narHash": "sha256-mN2EpTGxxVNnFZLoLWRwh6f7UWhXy4qE+wO2CZyrXps=", + "lastModified": 1677342105, + "narHash": "sha256-kv1fpkfCJGb0M+LZaCHFUuIS9kRIwyVgupHu86Y28nc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5f4e07deb7c44f27d498f8df9c5f34750acf52d2", + "rev": "b1f87ca164a9684404c8829b851c3586c4d9f089", "type": "github" }, "original": { @@ -899,11 +899,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1677348479, - "narHash": "sha256-9k2qZo+1KPRRfHzIUs9gfrTxx7ZR+KGPLkpWpDRlp5U=", + "lastModified": 1677415364, + "narHash": "sha256-PiZDOrj3FIMhdPiHjSVc4sgHiuouCIJSD7EYZd54RV0=", "owner": "pta2002", "repo": "nixvim", - "rev": "705356d4787ecddfc88629ca7ec5e03a8edb4944", + "rev": "c9cbf5172af9570b497c9469b4dd300213ba668a", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677400920, - "narHash": "sha256-s+Now//Yr9KTpJnD2AcRA6jxE2eFJ5ETy4srg4kxlfU=", + "lastModified": 1677419077, + "narHash": "sha256-zQEGqsBBgdz3f2E2LUeSMDa/Xm/EaCkNWeA450onOfI=", "owner": "nix-community", "repo": "NUR", - "rev": "757744d8d4d4c87d32d669572da135fd1b4bcd14", + "rev": "97151c038ae5b1b55cdeda4428f6d5951bf470c5", "type": "github" }, "original": { -- 2.47.1 From 5ca3c8633dcc75e67945b9f36e0c061d0b0334de Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 26 Feb 2023 15:06:22 +0000 Subject: [PATCH 1091/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1e93d733..67d9f3ba 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677419077, - "narHash": "sha256-zQEGqsBBgdz3f2E2LUeSMDa/Xm/EaCkNWeA450onOfI=", + "lastModified": 1677423904, + "narHash": "sha256-c3Lj4m1aeZMNhPFhEhSR4e5U8LhbRCTGb3JTcFcG4k4=", "owner": "nix-community", "repo": "NUR", - "rev": "97151c038ae5b1b55cdeda4428f6d5951bf470c5", + "rev": "95f3af67ab0cbec73b24e7926441a6363498cd12", "type": "github" }, "original": { -- 2.47.1 From ef91fddc358af5ea3028604666ff832ce0ba8c1a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 26 Feb 2023 16:01:56 +0000 Subject: [PATCH 1092/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 67d9f3ba..4676eec3 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677423904, - "narHash": "sha256-c3Lj4m1aeZMNhPFhEhSR4e5U8LhbRCTGb3JTcFcG4k4=", + "lastModified": 1677424397, + "narHash": "sha256-+MK5ELi7j+9Fj/pgkaHcboWf6gZxPpbA75THy3rh34I=", "owner": "nix-community", "repo": "NUR", - "rev": "95f3af67ab0cbec73b24e7926441a6363498cd12", + "rev": "ca7607240445b215f079d7d8b59b67bf648b50d6", "type": "github" }, "original": { -- 2.47.1 From fab1b3a218d8757568449e131cc7d8d5af9aebda Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 26 Feb 2023 18:01:45 +0000 Subject: [PATCH 1093/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 4676eec3..65e7f8a4 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677424397, - "narHash": "sha256-+MK5ELi7j+9Fj/pgkaHcboWf6gZxPpbA75THy3rh34I=", + "lastModified": 1677433483, + "narHash": "sha256-PLV1VCyIqry9ic2GLX+dcnxXmgcEf0hJBUhkIGtwaYA=", "owner": "nix-community", "repo": "NUR", - "rev": "ca7607240445b215f079d7d8b59b67bf648b50d6", + "rev": "dc7222b5d6059203c01d84cde33023c8e5a7108d", "type": "github" }, "original": { -- 2.47.1 From 7c26a5ffb4e8e06aa8230986629e14cc07176a23 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 26 Feb 2023 19:02:14 +0000 Subject: [PATCH 1094/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 65e7f8a4..e7d0089f 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1677400245, - "narHash": "sha256-+/oDZltWUhYFYcIRjH0F5lSNWcBj+4o5kzmDSheiLRw=", + "lastModified": 1677437727, + "narHash": "sha256-1BoofKqPT08sLCtm2hzABocYrSwkc8GtmeDuvrIXdjc=", "owner": "nix-community", "repo": "home-manager", - "rev": "693d76eeb84124cc3110793ff127aeab3832f95c", + "rev": "bf76afbb06b77237507b5279d0d555e05b5cc7f7", "type": "github" }, "original": { @@ -899,11 +899,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1677415364, - "narHash": "sha256-PiZDOrj3FIMhdPiHjSVc4sgHiuouCIJSD7EYZd54RV0=", + "lastModified": 1677437451, + "narHash": "sha256-Ls6xIUWF9LOGN7Vtt7HjEf0rSg6VHE42nsIY1oJWT2k=", "owner": "pta2002", "repo": "nixvim", - "rev": "c9cbf5172af9570b497c9469b4dd300213ba668a", + "rev": "b9f32b34433be58e19b84f04598e113ab7fb0c6d", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677433483, - "narHash": "sha256-PLV1VCyIqry9ic2GLX+dcnxXmgcEf0hJBUhkIGtwaYA=", + "lastModified": 1677435906, + "narHash": "sha256-gtrVYmj8vRxBQbRqb9hLlC9P+cqSeULXHTscJD1X0R0=", "owner": "nix-community", "repo": "NUR", - "rev": "dc7222b5d6059203c01d84cde33023c8e5a7108d", + "rev": "cf478084dfacb6fed849690f1ee00ebf63de0889", "type": "github" }, "original": { -- 2.47.1 From 974d9df4cb890c4ab0e79d87f38fd8e7f3111978 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 26 Feb 2023 20:02:36 +0000 Subject: [PATCH 1095/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index e7d0089f..b7b13b5e 100644 --- a/flake.lock +++ b/flake.lock @@ -672,11 +672,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1677232326, - "narHash": "sha256-rAk2/80kLvA3yIMmSV86T1B4kNvwCFMSQ1FxXndaUB0=", + "lastModified": 1677440795, + "narHash": "sha256-Kmjr95L42iioTItuA6nKCaObAXQvgRTPmj+62dx5OZg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "2d44015779cced4eec9df5b8dab238b9f6312cb2", + "rev": "2a483ad9cd2d931ab52cd5f897c447beb8328bed", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677435906, - "narHash": "sha256-gtrVYmj8vRxBQbRqb9hLlC9P+cqSeULXHTscJD1X0R0=", + "lastModified": 1677440685, + "narHash": "sha256-dFO3dHHPbm5cTluC9MIYywZDg633Oqoiz7HVpct+mho=", "owner": "nix-community", "repo": "NUR", - "rev": "cf478084dfacb6fed849690f1ee00ebf63de0889", + "rev": "431361ea015ef094b8035d0729e1b493048e3b81", "type": "github" }, "original": { -- 2.47.1 From 1970c5c3ce8fb027143aa9dc2b7dcaef03b7f459 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 26 Feb 2023 21:02:20 +0000 Subject: [PATCH 1096/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b7b13b5e..9956fa5a 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677440685, - "narHash": "sha256-dFO3dHHPbm5cTluC9MIYywZDg633Oqoiz7HVpct+mho=", + "lastModified": 1677444387, + "narHash": "sha256-1BqEJH0RvsrgmIqEXgrj730I1/yo80y0/CJUsH7ZyJo=", "owner": "nix-community", "repo": "NUR", - "rev": "431361ea015ef094b8035d0729e1b493048e3b81", + "rev": "495702b4207b66536365e4296bbac896074354ef", "type": "github" }, "original": { -- 2.47.1 From 8d9ace0671f2aec73f2a8ab81e2130d1a016f37f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Feb 2023 00:01:44 +0000 Subject: [PATCH 1097/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 9956fa5a..0b78a7e4 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677419735, - "narHash": "sha256-f1kAXaUBWt7OAlPCvx4oiuPQiLInw0qvLM/Qpf2kPXs=", + "lastModified": 1677453266, + "narHash": "sha256-8m1PqNxOn+657TIL4k7id1yjtK+FM5xM64zC+CUxUmo=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "18ed73f091204e44304192bd90c21fe5463ab46d", + "rev": "74a10f26a469de54968e584525f6507928f615f0", "type": "github" }, "original": { -- 2.47.1 From 35f42571b0ac9ab048659b7791f70d253c2cea26 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Feb 2023 02:01:34 +0000 Subject: [PATCH 1098/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 0b78a7e4..62fd7257 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677444387, - "narHash": "sha256-1BqEJH0RvsrgmIqEXgrj730I1/yo80y0/CJUsH7ZyJo=", + "lastModified": 1677461185, + "narHash": "sha256-ZaR0UZoqweLjVWoZfqkpDHmTsi2Dvfo5L6J8RQncxbY=", "owner": "nix-community", "repo": "NUR", - "rev": "495702b4207b66536365e4296bbac896074354ef", + "rev": "46b3c1b656f1161b10aa12b79bbba308606d9ec1", "type": "github" }, "original": { -- 2.47.1 From b3b4850db45a81de1753e623ef908bb56778bbf2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Feb 2023 04:01:47 +0000 Subject: [PATCH 1099/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 62fd7257..7ac5d91c 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677461185, - "narHash": "sha256-ZaR0UZoqweLjVWoZfqkpDHmTsi2Dvfo5L6J8RQncxbY=", + "lastModified": 1677469568, + "narHash": "sha256-lLE5ZMRn9iI2pIrY8815jtORwio2O1XIEhrDLtciItQ=", "owner": "nix-community", "repo": "NUR", - "rev": "46b3c1b656f1161b10aa12b79bbba308606d9ec1", + "rev": "46c75c11e58a78d99f0addd703b978f284a463a0", "type": "github" }, "original": { -- 2.47.1 From fd6b32b3e589a0573225c22c1ec02532972ed4a1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Feb 2023 05:02:31 +0000 Subject: [PATCH 1100/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 7ac5d91c..aeb8b7dd 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677469568, - "narHash": "sha256-lLE5ZMRn9iI2pIrY8815jtORwio2O1XIEhrDLtciItQ=", + "lastModified": 1677471031, + "narHash": "sha256-i9p9ZX2WmIV8f1KHB6p3dTm96wBIf7ceRvX3ReZo/o8=", "owner": "nix-community", "repo": "NUR", - "rev": "46c75c11e58a78d99f0addd703b978f284a463a0", + "rev": "ecb1c7f696d20bd15f2b327652381b183ca48994", "type": "github" }, "original": { -- 2.47.1 From a95ce969af30213cfcf0cd0e35d36cc32bdae8dd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Feb 2023 07:01:36 +0000 Subject: [PATCH 1101/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index aeb8b7dd..d7c734e2 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677471031, - "narHash": "sha256-i9p9ZX2WmIV8f1KHB6p3dTm96wBIf7ceRvX3ReZo/o8=", + "lastModified": 1677481183, + "narHash": "sha256-RGyoDav/1t3ExP/iHg4NTv0XstaZfQbhyUcYAG/2RRU=", "owner": "nix-community", "repo": "NUR", - "rev": "ecb1c7f696d20bd15f2b327652381b183ca48994", + "rev": "daa38f090e64367c1584490d2e812a2b3e72b85d", "type": "github" }, "original": { -- 2.47.1 From 201808b6623fcaf95fdeb9ca9fd4b02feda7419d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Feb 2023 08:02:39 +0000 Subject: [PATCH 1102/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d7c734e2..039f1e5f 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677481183, - "narHash": "sha256-RGyoDav/1t3ExP/iHg4NTv0XstaZfQbhyUcYAG/2RRU=", + "lastModified": 1677483713, + "narHash": "sha256-jjcpK/kreRGJwTmrJV8A8FJLsYG9fB65USjRrWRGLbk=", "owner": "nix-community", "repo": "NUR", - "rev": "daa38f090e64367c1584490d2e812a2b3e72b85d", + "rev": "2d725a690f808f90664e47ae048304ad43eb7fe1", "type": "github" }, "original": { -- 2.47.1 From 2a1abeaa32b60e47b83e90b11dbfed561ee15efd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Feb 2023 10:01:53 +0000 Subject: [PATCH 1103/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 039f1e5f..1ca3cd60 100644 --- a/flake.lock +++ b/flake.lock @@ -817,11 +817,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1677342105, - "narHash": "sha256-kv1fpkfCJGb0M+LZaCHFUuIS9kRIwyVgupHu86Y28nc=", + "lastModified": 1677407201, + "narHash": "sha256-3blwdI9o1BAprkvlByHvtEm5HAIRn/XPjtcfiunpY7s=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b1f87ca164a9684404c8829b851c3586c4d9f089", + "rev": "7f5639fa3b68054ca0b062866dc62b22c3f11505", "type": "github" }, "original": { -- 2.47.1 From 4431044b9e849c55c54cb745f5959231b2dd1477 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Feb 2023 11:02:30 +0000 Subject: [PATCH 1104/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 1ca3cd60..7728cd85 100644 --- a/flake.lock +++ b/flake.lock @@ -899,11 +899,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1677437451, - "narHash": "sha256-Ls6xIUWF9LOGN7Vtt7HjEf0rSg6VHE42nsIY1oJWT2k=", + "lastModified": 1677494749, + "narHash": "sha256-9AxzQvmM3qZ+iQPmPYa3ZgGwcPC71aI0Vx+P0tcvNuM=", "owner": "pta2002", "repo": "nixvim", - "rev": "b9f32b34433be58e19b84f04598e113ab7fb0c6d", + "rev": "55b302c268185619a35c0a9963a31dbfed881932", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677483713, - "narHash": "sha256-jjcpK/kreRGJwTmrJV8A8FJLsYG9fB65USjRrWRGLbk=", + "lastModified": 1677494813, + "narHash": "sha256-Urv0rmcI+69mhQ4uw+/VcsVSJTtNTdkYoY8Ney54mCQ=", "owner": "nix-community", "repo": "NUR", - "rev": "2d725a690f808f90664e47ae048304ad43eb7fe1", + "rev": "d7eb615188daa97dac674034d304fc052b9fa044", "type": "github" }, "original": { -- 2.47.1 From 702f27e4b9254218ae0f12ae75d94b46ffd7fa6f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Feb 2023 12:02:26 +0000 Subject: [PATCH 1105/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 7728cd85..a32f45d2 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677494813, - "narHash": "sha256-Urv0rmcI+69mhQ4uw+/VcsVSJTtNTdkYoY8Ney54mCQ=", + "lastModified": 1677498393, + "narHash": "sha256-98lmY0UYnsAKpdzpZtxA0lQi0+tCvvrQGw23aSvh9N8=", "owner": "nix-community", "repo": "NUR", - "rev": "d7eb615188daa97dac674034d304fc052b9fa044", + "rev": "bebe11dc49a62a8b1c0edbd07de8e6b9886228cf", "type": "github" }, "original": { -- 2.47.1 From 3a399774e5eb2aed5c3dc4537636600c7d7abe90 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Feb 2023 13:00:36 +0000 Subject: [PATCH 1106/1882] chore(deps): update renovate/renovate docker tag to v34.153.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 5e5acdbf..28d12112 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.152.5 + image: renovate/renovate:34.153.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 8d1aea5616081fe82fa6546c3f727f9feb384cb4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Feb 2023 14:02:17 +0000 Subject: [PATCH 1107/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index a32f45d2..0fd858b1 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1677437727, - "narHash": "sha256-1BoofKqPT08sLCtm2hzABocYrSwkc8GtmeDuvrIXdjc=", + "lastModified": 1677499486, + "narHash": "sha256-1QbZfuF+3ACjb22ZTZ1nlCTNCvY370g0D6cPEDZk0CI=", "owner": "nix-community", "repo": "home-manager", - "rev": "bf76afbb06b77237507b5279d0d555e05b5cc7f7", + "rev": "635bbcdd6f8e11799f31d004f933fdb9cd3fff5d", "type": "github" }, "original": { @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677453266, - "narHash": "sha256-8m1PqNxOn+657TIL4k7id1yjtK+FM5xM64zC+CUxUmo=", + "lastModified": 1677501158, + "narHash": "sha256-gaYcJqFlCxisWJj/tyJOlrnPw1fTaQ2rs0nvF90qJsM=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "74a10f26a469de54968e584525f6507928f615f0", + "rev": "8b81f41e52b55835aaaa7e4962af23a00188cbdc", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677498393, - "narHash": "sha256-98lmY0UYnsAKpdzpZtxA0lQi0+tCvvrQGw23aSvh9N8=", + "lastModified": 1677503335, + "narHash": "sha256-EPpje0zcp6HX6zd/vsm3BS/yrUgcDHaAdYZ/MtAm6kM=", "owner": "nix-community", "repo": "NUR", - "rev": "bebe11dc49a62a8b1c0edbd07de8e6b9886228cf", + "rev": "d7d95162129f04f913a122785c7246c08831c924", "type": "github" }, "original": { -- 2.47.1 From 1507d9bde9b4f054c4c5d7bbf79c5336d505c905 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Feb 2023 15:06:30 +0000 Subject: [PATCH 1108/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 0fd858b1..e7d95531 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1677499486, - "narHash": "sha256-1QbZfuF+3ACjb22ZTZ1nlCTNCvY370g0D6cPEDZk0CI=", + "lastModified": 1677509389, + "narHash": "sha256-ry4dkSjIO0WuEbIDpTFV0W2iq2S26kWCv7EX2vKOWEI=", "owner": "nix-community", "repo": "home-manager", - "rev": "635bbcdd6f8e11799f31d004f933fdb9cd3fff5d", + "rev": "ab7c8f4a8427bfcaf01a46bab974298cc27bc1f5", "type": "github" }, "original": { @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677501158, - "narHash": "sha256-gaYcJqFlCxisWJj/tyJOlrnPw1fTaQ2rs0nvF90qJsM=", + "lastModified": 1677508619, + "narHash": "sha256-Ko82J6zeaxzwydr1VJS/mgGS048LqUyPhZ45ju0quno=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "8b81f41e52b55835aaaa7e4962af23a00188cbdc", + "rev": "5da96132b977d0d1a0bf016db7409d1546e466a8", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677503335, - "narHash": "sha256-EPpje0zcp6HX6zd/vsm3BS/yrUgcDHaAdYZ/MtAm6kM=", + "lastModified": 1677508537, + "narHash": "sha256-WlVexol9oQRLVk2QPOpMqGkVs+QXJtDCx0go0i6UctA=", "owner": "nix-community", "repo": "NUR", - "rev": "d7d95162129f04f913a122785c7246c08831c924", + "rev": "b27af884ea657746581eca09ef4cf9657f1b10a1", "type": "github" }, "original": { -- 2.47.1 From 8b5d094a1dc0cce609c3075bb93ae1d64f9304a7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Feb 2023 16:02:01 +0000 Subject: [PATCH 1109/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index e7d95531..12abbb52 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677508619, - "narHash": "sha256-Ko82J6zeaxzwydr1VJS/mgGS048LqUyPhZ45ju0quno=", + "lastModified": 1677511604, + "narHash": "sha256-ZG7lOPAnSso8qZF50y/pAWpbgdpYdCO636kKHN7olCo=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "5da96132b977d0d1a0bf016db7409d1546e466a8", + "rev": "3bceabe29b8aa510c80d396fa97496cb7eec8ce5", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677508537, - "narHash": "sha256-WlVexol9oQRLVk2QPOpMqGkVs+QXJtDCx0go0i6UctA=", + "lastModified": 1677512767, + "narHash": "sha256-/raxglvz1g/MiWVsKuFUZIsK3wjLITlPYm6MiB7sX20=", "owner": "nix-community", "repo": "NUR", - "rev": "b27af884ea657746581eca09ef4cf9657f1b10a1", + "rev": "5a7a304487f3d2ed30ea26f67605ff4c0378e04f", "type": "github" }, "original": { -- 2.47.1 From 11cca911f3d15af9b6d94fa44140e1aef35cea95 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Feb 2023 17:02:15 +0000 Subject: [PATCH 1110/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 12abbb52..06463f01 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677512767, - "narHash": "sha256-/raxglvz1g/MiWVsKuFUZIsK3wjLITlPYm6MiB7sX20=", + "lastModified": 1677516954, + "narHash": "sha256-14ZNKbEwLNiWOAcE3PgWPFzpTUztpxEX9GH2QgIC8DA=", "owner": "nix-community", "repo": "NUR", - "rev": "5a7a304487f3d2ed30ea26f67605ff4c0378e04f", + "rev": "95e5b3b4b68a5abe3f19e647f34107ff9fe26c30", "type": "github" }, "original": { -- 2.47.1 From 1558d4d854128f8042db2d83ce1f95dc09d51f01 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Feb 2023 19:01:35 +0000 Subject: [PATCH 1111/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 06463f01..08b7bb6d 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677511604, - "narHash": "sha256-ZG7lOPAnSso8qZF50y/pAWpbgdpYdCO636kKHN7olCo=", + "lastModified": 1677522893, + "narHash": "sha256-hVH4atSaI/yQq+1Iw5MNDN3IRwPFHontvaSBrD0J8ic=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "3bceabe29b8aa510c80d396fa97496cb7eec8ce5", + "rev": "c5d741fb39416f6e2fd35cabe1afbd87f510058b", "type": "github" }, "original": { -- 2.47.1 From 284ad5d4c68bf7d5e02e060e68e44ae9414b5d43 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Feb 2023 20:02:13 +0000 Subject: [PATCH 1112/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 08b7bb6d..c9ad8329 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677522893, - "narHash": "sha256-hVH4atSaI/yQq+1Iw5MNDN3IRwPFHontvaSBrD0J8ic=", + "lastModified": 1677527262, + "narHash": "sha256-CjUQtuLsz3VkSbV1eM1UwcWzruNgvK8ekZrIUevH72o=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "c5d741fb39416f6e2fd35cabe1afbd87f510058b", + "rev": "18229043fa85bdf96a9d829c1e61d0f524a1966a", "type": "github" }, "original": { -- 2.47.1 From 9ecddbad0c2270b7db95bf8c291cc3fdfc1dbc33 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Feb 2023 21:00:38 +0000 Subject: [PATCH 1113/1882] chore(deps): update renovate/renovate docker tag to v34.153.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 28d12112..7e0d25ae 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.153.1 + image: renovate/renovate:34.153.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 06402a765503de08cc84708d4d987d5c49aa406d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Feb 2023 22:02:34 +0000 Subject: [PATCH 1114/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index c9ad8329..0534fe0d 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1677509389, - "narHash": "sha256-ry4dkSjIO0WuEbIDpTFV0W2iq2S26kWCv7EX2vKOWEI=", + "lastModified": 1677533532, + "narHash": "sha256-2Ie47MONhIFOxvbLmwhmCCe/IoVDVd7YnoK61vu5Xy8=", "owner": "nix-community", "repo": "home-manager", - "rev": "ab7c8f4a8427bfcaf01a46bab974298cc27bc1f5", + "rev": "305daba44a9df57738cffc67c08129005a25579a", "type": "github" }, "original": { @@ -769,11 +769,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1677341534, - "narHash": "sha256-zqaJuOTnKzg5AubC4rzzJ/IS5kU5n4U7vxosv1Fv8Ug=", + "lastModified": 1677447818, + "narHash": "sha256-dgXEUbz2hgaJL4xCD/5JLhA36UJOhP4qn7Cp6UZhB0I=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7076110064c09f0b3942f609f2134c1358ef2e50", + "rev": "8bd260eb578e3fea6bce158b24c93ab158d031e7", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677516954, - "narHash": "sha256-14ZNKbEwLNiWOAcE3PgWPFzpTUztpxEX9GH2QgIC8DA=", + "lastModified": 1677534402, + "narHash": "sha256-EdgUCJZXaOKzG/QqcxwSTQkNaiUqdoiPmqLH/oD8g04=", "owner": "nix-community", "repo": "NUR", - "rev": "95e5b3b4b68a5abe3f19e647f34107ff9fe26c30", + "rev": "4b1aca8474b496171843a7588827000775e5dc0e", "type": "github" }, "original": { -- 2.47.1 From 8c0ab3ada47f4a11bfcc89e63e20e5ad67e1c3ed Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Feb 2023 23:05:12 +0000 Subject: [PATCH 1115/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 0534fe0d..8f7d60c9 100644 --- a/flake.lock +++ b/flake.lock @@ -899,11 +899,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1677494749, - "narHash": "sha256-9AxzQvmM3qZ+iQPmPYa3ZgGwcPC71aI0Vx+P0tcvNuM=", + "lastModified": 1677538310, + "narHash": "sha256-CzVSytW1BoO2rZ/Vi47evrZn9MURhq6AQ0U711MlMWo=", "owner": "pta2002", "repo": "nixvim", - "rev": "55b302c268185619a35c0a9963a31dbfed881932", + "rev": "7f23304c3dac2c01e2ded57fc8f4e9fb187b662e", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677534402, - "narHash": "sha256-EdgUCJZXaOKzG/QqcxwSTQkNaiUqdoiPmqLH/oD8g04=", + "lastModified": 1677537724, + "narHash": "sha256-iMTNTV8A8HSM4zKxBc7xrYINfhpbNoVMmw4K0n+U3lE=", "owner": "nix-community", "repo": "NUR", - "rev": "4b1aca8474b496171843a7588827000775e5dc0e", + "rev": "9779dbeb87d1af7147c0f18339818150aea3c157", "type": "github" }, "original": { -- 2.47.1 From e9729abee1931e9819e4d7bea76ca80df6718d14 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Feb 2023 00:02:02 +0000 Subject: [PATCH 1116/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 8f7d60c9..1e8ca9be 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677527262, - "narHash": "sha256-CjUQtuLsz3VkSbV1eM1UwcWzruNgvK8ekZrIUevH72o=", + "lastModified": 1677540881, + "narHash": "sha256-hElM8iCSrVERbhpHTfGwO0iB7Kzvu8dr/mFgGP0gCG4=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "18229043fa85bdf96a9d829c1e61d0f524a1966a", + "rev": "49f423aa8f9b6e063c7806098a9b6b43a7978c02", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677537724, - "narHash": "sha256-iMTNTV8A8HSM4zKxBc7xrYINfhpbNoVMmw4K0n+U3lE=", + "lastModified": 1677541496, + "narHash": "sha256-awtojyequg6dgTANUliNFQosXGND5y4Dnd2D/Utw65Y=", "owner": "nix-community", "repo": "NUR", - "rev": "9779dbeb87d1af7147c0f18339818150aea3c157", + "rev": "60252bbf8bb32a6856c1de4adc772bfe6a1c3d93", "type": "github" }, "original": { -- 2.47.1 From 239fd4d1fa85a6693b1a45a04761927fb9acb086 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Feb 2023 03:01:49 +0000 Subject: [PATCH 1117/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1e8ca9be..bf437d05 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677541496, - "narHash": "sha256-awtojyequg6dgTANUliNFQosXGND5y4Dnd2D/Utw65Y=", + "lastModified": 1677552313, + "narHash": "sha256-Em7bk/BUjU5I65EcdXqKaNg1pooqZ4lxs/cbAANfpIk=", "owner": "nix-community", "repo": "NUR", - "rev": "60252bbf8bb32a6856c1de4adc772bfe6a1c3d93", + "rev": "3a44df6f2874e4e39ee13f03c92769e37e92f689", "type": "github" }, "original": { -- 2.47.1 From d62db5c308def9b21476a7035f532eece24d67ed Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Feb 2023 04:02:13 +0000 Subject: [PATCH 1118/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index bf437d05..08fb1e80 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677552313, - "narHash": "sha256-Em7bk/BUjU5I65EcdXqKaNg1pooqZ4lxs/cbAANfpIk=", + "lastModified": 1677556544, + "narHash": "sha256-ovD0wtZFEoukrJDCbG3MlmtLtU2kfA+QzacOpO5MdUU=", "owner": "nix-community", "repo": "NUR", - "rev": "3a44df6f2874e4e39ee13f03c92769e37e92f689", + "rev": "d868fb8917694d695dcd9d88cf4b40c8eefd1677", "type": "github" }, "original": { -- 2.47.1 From d92353429359f668daccc15d099544122578a305 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Feb 2023 05:02:22 +0000 Subject: [PATCH 1119/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 08fb1e80..d9d1d122 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677556544, - "narHash": "sha256-ovD0wtZFEoukrJDCbG3MlmtLtU2kfA+QzacOpO5MdUU=", + "lastModified": 1677557350, + "narHash": "sha256-iC8YVkEGCDaCeOdPy370ZrhoEwkZMXIidraS28kPi0A=", "owner": "nix-community", "repo": "NUR", - "rev": "d868fb8917694d695dcd9d88cf4b40c8eefd1677", + "rev": "6ce88798bd57a379d9afcb77d45279fb67ae138b", "type": "github" }, "original": { -- 2.47.1 From 82259fcefce0ee12782175d7895d9ebd65a87b8b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Feb 2023 08:01:37 +0000 Subject: [PATCH 1120/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d9d1d122..c9339cd0 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677557350, - "narHash": "sha256-iC8YVkEGCDaCeOdPy370ZrhoEwkZMXIidraS28kPi0A=", + "lastModified": 1677569824, + "narHash": "sha256-/AEGqmFNZUxChy8H921AiNGoLPEBf2IfK+/6fTTMUyA=", "owner": "nix-community", "repo": "NUR", - "rev": "6ce88798bd57a379d9afcb77d45279fb67ae138b", + "rev": "903c4f5fe3566cf25dee33a4b1e87620fdfbe1ea", "type": "github" }, "original": { -- 2.47.1 From 50490a0fd736f866a0664fdaa9c6ce6f400363ba Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Feb 2023 10:01:53 +0000 Subject: [PATCH 1121/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c9339cd0..06ccdec2 100644 --- a/flake.lock +++ b/flake.lock @@ -672,11 +672,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1677440795, - "narHash": "sha256-Kmjr95L42iioTItuA6nKCaObAXQvgRTPmj+62dx5OZg=", + "lastModified": 1677574432, + "narHash": "sha256-1Aun3MQ5T/HCw1ClzAiY+6boLQNY8Cg6jTOILrLkaJs=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "2a483ad9cd2d931ab52cd5f897c447beb8328bed", + "rev": "dcbf93d500c54cfee7a7c854c4669d404236a821", "type": "github" }, "original": { -- 2.47.1 From ceb75bef86875545d0c1ecad66c62631230b7d0d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Feb 2023 11:00:38 +0000 Subject: [PATCH 1122/1882] chore(deps): update renovate/renovate docker tag to v34.153.3 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 7e0d25ae..1d883748 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.153.2 + image: renovate/renovate:34.153.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 316db898c3d58d16d426a2ec10ea373feab7b890 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Feb 2023 12:02:21 +0000 Subject: [PATCH 1123/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 06ccdec2..6042be92 100644 --- a/flake.lock +++ b/flake.lock @@ -769,11 +769,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1677447818, - "narHash": "sha256-dgXEUbz2hgaJL4xCD/5JLhA36UJOhP4qn7Cp6UZhB0I=", + "lastModified": 1677543769, + "narHash": "sha256-LwbqS8vGisXl2WHpK9r5+kodr0zoIT8F2YB0R4y1TsA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8bd260eb578e3fea6bce158b24c93ab158d031e7", + "rev": "b26d52c9feb6476580016e78935cbf96eb3e2115", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677569824, - "narHash": "sha256-/AEGqmFNZUxChy8H921AiNGoLPEBf2IfK+/6fTTMUyA=", + "lastModified": 1677581318, + "narHash": "sha256-QL9qwTIV5nMtcbXgWfImeTedtnkX1mrgFoX5frY2CV8=", "owner": "nix-community", "repo": "NUR", - "rev": "903c4f5fe3566cf25dee33a4b1e87620fdfbe1ea", + "rev": "35ce8711babd18d4f6b1c36cf77dbe7575095956", "type": "github" }, "original": { -- 2.47.1 From 24f4e5d4af7ff3fb11d977aeba31895ed218b8e2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Feb 2023 13:05:43 +0000 Subject: [PATCH 1124/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 6042be92..ee14801c 100644 --- a/flake.lock +++ b/flake.lock @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677540881, - "narHash": "sha256-hElM8iCSrVERbhpHTfGwO0iB7Kzvu8dr/mFgGP0gCG4=", + "lastModified": 1677588106, + "narHash": "sha256-xNEtUcNpMfAKPPYiSaW0wrarPchJRECJ5HpUKdlGk5I=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "49f423aa8f9b6e063c7806098a9b6b43a7978c02", + "rev": "89e7d812c80038083acdca85a5ba08ad97b2d0ea", "type": "github" }, "original": { -- 2.47.1 From 22b05dddb5c5fc90c31cebd3c3a2c32c3347d52d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Feb 2023 14:02:05 +0000 Subject: [PATCH 1125/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index ee14801c..522430a9 100644 --- a/flake.lock +++ b/flake.lock @@ -672,11 +672,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1677574432, - "narHash": "sha256-1Aun3MQ5T/HCw1ClzAiY+6boLQNY8Cg6jTOILrLkaJs=", + "lastModified": 1677591639, + "narHash": "sha256-DMlAyge+u3K+JOFLA5YfdjqagdAYJf29YGBWpy5izg4=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "dcbf93d500c54cfee7a7c854c4669d404236a821", + "rev": "77de4cd09db4dbee9551ed2853cfcf113d7dc5ce", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677581318, - "narHash": "sha256-QL9qwTIV5nMtcbXgWfImeTedtnkX1mrgFoX5frY2CV8=", + "lastModified": 1677589680, + "narHash": "sha256-CjToE/2e+BY8RcOrgYRxhaCWyi778ww1E9Q5mh8mkCA=", "owner": "nix-community", "repo": "NUR", - "rev": "35ce8711babd18d4f6b1c36cf77dbe7575095956", + "rev": "1380ea7c314d500441b8e4ec9e2dedc697f4c3a9", "type": "github" }, "original": { -- 2.47.1 From 42c63a3dc8f0bb8376db5a640737a3da18830aa0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Feb 2023 15:00:38 +0000 Subject: [PATCH 1126/1882] chore(deps): update renovate/renovate docker tag to v34.154.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 1d883748..29a6a353 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.153.3 + image: renovate/renovate:34.154.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 8629fd2c49c3938696b17eceb54dcb53b6f69d3d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Feb 2023 16:02:23 +0000 Subject: [PATCH 1127/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 522430a9..1a650428 100644 --- a/flake.lock +++ b/flake.lock @@ -899,11 +899,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1677538310, - "narHash": "sha256-CzVSytW1BoO2rZ/Vi47evrZn9MURhq6AQ0U711MlMWo=", + "lastModified": 1677594968, + "narHash": "sha256-8n21tPPEM2T1/Dqz/cu8PUb4bmdTZHlo76mCFRL1u/M=", "owner": "pta2002", "repo": "nixvim", - "rev": "7f23304c3dac2c01e2ded57fc8f4e9fb187b662e", + "rev": "0620ffc889a82177a07c5b82bb33ef6038a53001", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677589680, - "narHash": "sha256-CjToE/2e+BY8RcOrgYRxhaCWyi778ww1E9Q5mh8mkCA=", + "lastModified": 1677597677, + "narHash": "sha256-kMzD7yM2CCufYGPeWnr/an34T/R+q0XhDc3ovRPnRAQ=", "owner": "nix-community", "repo": "NUR", - "rev": "1380ea7c314d500441b8e4ec9e2dedc697f4c3a9", + "rev": "2555258bba1dd730da5f3a27240d6f526ee40c4e", "type": "github" }, "original": { -- 2.47.1 From 0631a9f18b6ac0173fb421e477c5b55e1353b20f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Feb 2023 17:05:44 +0000 Subject: [PATCH 1128/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1a650428..bccfa613 100644 --- a/flake.lock +++ b/flake.lock @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677597677, - "narHash": "sha256-kMzD7yM2CCufYGPeWnr/an34T/R+q0XhDc3ovRPnRAQ=", + "lastModified": 1677603389, + "narHash": "sha256-UTWPoqml2DEif09RfO3waLSqdsEsPFNvTkL5RxZ8KS4=", "owner": "nix-community", "repo": "NUR", - "rev": "2555258bba1dd730da5f3a27240d6f526ee40c4e", + "rev": "20798b5dc4491c701020d1897e09dbdfeb0b265b", "type": "github" }, "original": { -- 2.47.1 From 206ee7d0c37cb850ffb80059c402f91abfc14732 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Feb 2023 23:00:26 +0000 Subject: [PATCH 1129/1882] chore(deps): update renovate/renovate docker tag to v34.154.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 29a6a353..2e222856 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.154.0 + image: renovate/renovate:34.154.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 3beb681989102e386dcee1927c5b17c3e603f4bb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Mar 2023 06:00:26 +0000 Subject: [PATCH 1130/1882] chore(deps): update cachix/install-nix-action action to v20 --- .github/workflows/nixos.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index e317ec62..bf3ebd93 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -23,7 +23,7 @@ jobs: large-packages: true swap-storage: true - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v19 + uses: cachix/install-nix-action@v20 - name: "Install Cachix ❄️" uses: cachix/cachix-action@v12 with: @@ -39,7 +39,7 @@ jobs: - uses: actions/checkout@v3 - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v19 + uses: cachix/install-nix-action@v20 - name: "Install Cachix ❄️" uses: cachix/cachix-action@v12 @@ -56,7 +56,7 @@ jobs: - uses: actions/checkout@v3 - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v19 + uses: cachix/install-nix-action@v20 - name: "Install Cachix ❄️" uses: cachix/cachix-action@v12 @@ -87,7 +87,7 @@ jobs: swap-storage: true - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v19 + uses: cachix/install-nix-action@v20 - name: "Install Cachix ❄️" uses: cachix/cachix-action@v12 with: @@ -118,7 +118,7 @@ jobs: swap-storage: true - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v19 + uses: cachix/install-nix-action@v20 - name: "Install Cachix ❄️" uses: cachix/cachix-action@v12 -- 2.47.1 From 43ecb9b7314cccee8006062d7a27fa377e48ea1f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Feb 2023 16:00:25 +0000 Subject: [PATCH 1131/1882] chore(deps): update dependency fluxcd/flux2 to v0.40.2 --- .../base/flux-system/gotk-components.yaml | 64 +++++++++---------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/flux/olympus/base/flux-system/gotk-components.yaml b/flux/olympus/base/flux-system/gotk-components.yaml index dd531449..1e00aff9 100644 --- a/flux/olympus/base/flux-system/gotk-components.yaml +++ b/flux/olympus/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.40.1 +# Flux Version: v0.40.2 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -23,7 +23,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -443,7 +443,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -962,7 +962,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1757,7 +1757,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2355,7 +2355,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -3238,7 +3238,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3745,7 +3745,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -4872,7 +4872,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: ocirepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -5236,7 +5236,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5642,7 +5642,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6083,7 +6083,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: helm-controller namespace: flux-system --- @@ -6094,7 +6094,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: kustomize-controller namespace: flux-system --- @@ -6105,7 +6105,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: notification-controller namespace: flux-system --- @@ -6116,7 +6116,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: source-controller namespace: flux-system --- @@ -6126,7 +6126,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: crd-controller-flux-system rules: - apiGroups: @@ -6216,7 +6216,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" name: flux-edit-flux-system @@ -6242,7 +6242,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-view: "true" @@ -6267,7 +6267,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -6287,7 +6287,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -6320,7 +6320,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 control-plane: controller name: notification-controller namespace: flux-system @@ -6341,7 +6341,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 control-plane: controller name: source-controller namespace: flux-system @@ -6362,7 +6362,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 control-plane: controller name: webhook-receiver namespace: flux-system @@ -6383,7 +6383,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 control-plane: controller name: helm-controller namespace: flux-system @@ -6466,7 +6466,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 control-plane: controller name: kustomize-controller namespace: flux-system @@ -6549,7 +6549,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 control-plane: controller name: notification-controller namespace: flux-system @@ -6577,7 +6577,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v0.32.0 + image: ghcr.io/fluxcd/notification-controller:v0.32.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6637,7 +6637,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 control-plane: controller name: source-controller namespace: flux-system @@ -6732,7 +6732,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: allow-egress namespace: flux-system spec: @@ -6752,7 +6752,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: allow-scraping namespace: flux-system spec: @@ -6772,7 +6772,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.1 + app.kubernetes.io/version: v0.40.2 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From 3e74b9f2a578778601fd2bbd70b85f2eff0c2b39 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Feb 2023 18:00:26 +0000 Subject: [PATCH 1132/1882] chore(deps): update nixos/nix docker tag to v2.14.0 --- .woodpecker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 3be60587..44ea58e8 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -1,6 +1,6 @@ pipeline: check: - image: nixos/nix:2.13.2 + image: nixos/nix:2.14.0 environment: - NIX_CONFIG=experimental-features = nix-command flakes commands: -- 2.47.1 From 056a63f2f81e5eb238f7370a24dd22493395568e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Mar 2023 17:00:25 +0000 Subject: [PATCH 1133/1882] chore(deps): update renovate/renovate docker tag to v34.154.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 2e222856..92a07129 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.154.1 + image: renovate/renovate:34.154.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 3caf7a29f05da8c63af21fe3b5e2247ba8b1dce4 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 2 Mar 2023 09:56:10 +0100 Subject: [PATCH 1134/1882] update lock --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index bccfa613..256d2e3e 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1677533532, - "narHash": "sha256-2Ie47MONhIFOxvbLmwhmCCe/IoVDVd7YnoK61vu5Xy8=", + "lastModified": 1677704978, + "narHash": "sha256-3ijjQ5Vb51NdHvslbCpG8/UZ61ECcogxguRqgknlejc=", "owner": "nix-community", "repo": "home-manager", - "rev": "305daba44a9df57738cffc67c08129005a25579a", + "rev": "f8077880359b72bbd290ee216b105f200a6f7cc7", "type": "github" }, "original": { @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677588106, - "narHash": "sha256-xNEtUcNpMfAKPPYiSaW0wrarPchJRECJ5HpUKdlGk5I=", + "lastModified": 1677708746, + "narHash": "sha256-d9KVSKZS/p4xD7Tz6Q962Y2QzjdMMpdKqik/4JXYaTE=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "89e7d812c80038083acdca85a5ba08ad97b2d0ea", + "rev": "76fc12869d186e59cf22d51e99e2909bf1828011", "type": "github" }, "original": { @@ -769,11 +769,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1677543769, - "narHash": "sha256-LwbqS8vGisXl2WHpK9r5+kodr0zoIT8F2YB0R4y1TsA=", + "lastModified": 1677624842, + "narHash": "sha256-4DF9DbDuK4/+KYx0L6XcPBeDHUFVCtzok2fWtwXtb5w=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b26d52c9feb6476580016e78935cbf96eb3e2115", + "rev": "d70f5cd5c3bef45f7f52698f39e7cc7a89daa7f0", "type": "github" }, "original": { @@ -817,11 +817,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1677407201, - "narHash": "sha256-3blwdI9o1BAprkvlByHvtEm5HAIRn/XPjtcfiunpY7s=", + "lastModified": 1677587185, + "narHash": "sha256-zYT66MAYwctAQqI5VBw3LbBXiSKdB8vuMAqCGG8onbE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7f5639fa3b68054ca0b062866dc62b22c3f11505", + "rev": "68196a61c26748d3e53a6803de3d2f8c69f27831", "type": "github" }, "original": { @@ -899,11 +899,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1677594968, - "narHash": "sha256-8n21tPPEM2T1/Dqz/cu8PUb4bmdTZHlo76mCFRL1u/M=", + "lastModified": 1677707839, + "narHash": "sha256-HZOkUiOQ5JE3WeM8mB0e9FkNI8ohHCg9zlQ0lRT6Qe8=", "owner": "pta2002", "repo": "nixvim", - "rev": "0620ffc889a82177a07c5b82bb33ef6038a53001", + "rev": "e439cb79df4bec6837fb012520aa271806accdfc", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677603389, - "narHash": "sha256-UTWPoqml2DEif09RfO3waLSqdsEsPFNvTkL5RxZ8KS4=", + "lastModified": 1677743561, + "narHash": "sha256-gjHfG70w8D6g0NAggKvrdKcego2zd+qE9OFdP5guuoU=", "owner": "nix-community", "repo": "NUR", - "rev": "20798b5dc4491c701020d1897e09dbdfeb0b265b", + "rev": "3316130f522e182e601bf7f47c73b07b3ae3a1dd", "type": "github" }, "original": { -- 2.47.1 From 7d271f50ab06d134e0665f74ae1b4db75b668121 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Mar 2023 14:00:23 +0000 Subject: [PATCH 1135/1882] chore(deps): update renovate/renovate docker tag to v34.154.3 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 92a07129..b08620aa 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.154.2 + image: renovate/renovate:34.154.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 814234587edf73b887d3aff27f216fbcbb5659bc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Mar 2023 22:00:24 +0000 Subject: [PATCH 1136/1882] chore(deps): update renovate/renovate docker tag to v34.154.4 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index b08620aa..6eacf34d 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.154.3 + image: renovate/renovate:34.154.4 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 1b7d8d34c24275bda225e07a6b15c61a3c1281f7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Mar 2023 09:00:23 +0000 Subject: [PATCH 1137/1882] chore(deps): update renovate/renovate docker tag to v34.154.5 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 6eacf34d..0e1471e1 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.154.4 + image: renovate/renovate:34.154.5 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From d7732d49424767b5cd061d345f3e040f8b027110 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 3 Mar 2023 14:03:47 +0100 Subject: [PATCH 1138/1882] lock flake --- flake.lock | 54 +++++++++++++++++++++++++++--------------------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/flake.lock b/flake.lock index 256d2e3e..64ade186 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1677704978, - "narHash": "sha256-3ijjQ5Vb51NdHvslbCpG8/UZ61ECcogxguRqgknlejc=", + "lastModified": 1677783711, + "narHash": "sha256-eq5mOVk3gv5HITtLhPjKwi8bFnOaQplA3X0WFgHnmxE=", "owner": "nix-community", "repo": "home-manager", - "rev": "f8077880359b72bbd290ee216b105f200a6f7cc7", + "rev": "b9e3a29864798d55ec1d6579ab97876bb1ee9664", "type": "github" }, "original": { @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677708746, - "narHash": "sha256-d9KVSKZS/p4xD7Tz6Q962Y2QzjdMMpdKqik/4JXYaTE=", + "lastModified": 1677845759, + "narHash": "sha256-frHaN4PKNJs0ehM3/bEqZYH1VKROYNguMnmDU2p5D1Q=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "76fc12869d186e59cf22d51e99e2909bf1828011", + "rev": "66b8629964e6a5db214f582047e88ec70cf080a8", "type": "github" }, "original": { @@ -636,11 +636,11 @@ }, "nixlib": { "locked": { - "lastModified": 1636849918, - "narHash": "sha256-nzUK6dPcTmNVrgTAC1EOybSMsrcx+QrVPyqRdyKLkjA=", + "lastModified": 1677373009, + "narHash": "sha256-kxhz4QUP8tXa/yVSpEzDDZSEp9FvhzRqZzb+SeUaekw=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "28a5b0557f14124608db68d3ee1f77e9329e9dd5", + "rev": "c9d4f2476046c6a7a2ce3c2118c48455bf0272ea", "type": "github" }, "original": { @@ -657,11 +657,11 @@ ] }, "locked": { - "lastModified": 1676297861, - "narHash": "sha256-YECUmK34xzg0IERpnbCnaO6z6YgfecJlstMWX7dqOZ8=", + "lastModified": 1677834279, + "narHash": "sha256-JHKdz4+KtDcCuIxt7jl03/wv3gMVCN5cHuED7SYS75c=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "1e0a05219f2a557d4622bc38f542abb360518795", + "rev": "59d63c5bb0574048d3519c268fccf73e57220bf5", "type": "github" }, "original": { @@ -769,11 +769,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1677624842, - "narHash": "sha256-4DF9DbDuK4/+KYx0L6XcPBeDHUFVCtzok2fWtwXtb5w=", + "lastModified": 1677779205, + "narHash": "sha256-6DBjL9wjq86p2GczmwnHtFRnWPBPItc67gapWENBgX8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d70f5cd5c3bef45f7f52698f39e7cc7a89daa7f0", + "rev": "96e18717904dfedcd884541e5a92bf9ff632cf39", "type": "github" }, "original": { @@ -817,11 +817,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1677587185, - "narHash": "sha256-zYT66MAYwctAQqI5VBw3LbBXiSKdB8vuMAqCGG8onbE=", + "lastModified": 1677676435, + "narHash": "sha256-6FxdcmQr5JeZqsQvfinIMr0XcTyTuR7EXX0H3ANShpQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "68196a61c26748d3e53a6803de3d2f8c69f27831", + "rev": "a08d6979dd7c82c4cef0dcc6ac45ab16051c1169", "type": "github" }, "original": { @@ -899,11 +899,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1677707839, - "narHash": "sha256-HZOkUiOQ5JE3WeM8mB0e9FkNI8ohHCg9zlQ0lRT6Qe8=", + "lastModified": 1677835132, + "narHash": "sha256-z38/XGQPmjU2KsppwO7m6uVD2V48qjRuP3JdA77n5dk=", "owner": "pta2002", "repo": "nixvim", - "rev": "e439cb79df4bec6837fb012520aa271806accdfc", + "rev": "2258eb8df8d001e47438800cce54b376eb6c1696", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677743561, - "narHash": "sha256-gjHfG70w8D6g0NAggKvrdKcego2zd+qE9OFdP5guuoU=", + "lastModified": 1677837380, + "narHash": "sha256-2+/DFU+U3ZmeI4+P1u6lFm9OwCbcjrW8ihduxpKkPq0=", "owner": "nix-community", "repo": "NUR", - "rev": "3316130f522e182e601bf7f47c73b07b3ae3a1dd", + "rev": "e85d61dbe4a582a3e048fd01fbdc72ae39102a0b", "type": "github" }, "original": { @@ -1005,11 +1005,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1675881254, - "narHash": "sha256-DaXbbO03+75vCky/ZfTL3hT33pt2/ytKWLXt6zC/xhQ=", + "lastModified": 1677774593, + "narHash": "sha256-Drh8t1PPm7xSU8EzDkL2tJf7u75/jUiUKnVBarQkFro=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "3989314baf9e81f050802e71cfc80555b3258f47", + "rev": "330868ae137cd8baefa6fb53e1cf5847ad7d2320", "type": "github" }, "original": { -- 2.47.1 From bc426e750ce8405d2b37d833b32465246371ca94 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 2 Mar 2023 10:00:27 +0000 Subject: [PATCH 1139/1882] chore(deps): update nixos/nix docker tag to v2.14.1 --- .woodpecker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 44ea58e8..2d869ed9 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -1,6 +1,6 @@ pipeline: check: - image: nixos/nix:2.14.0 + image: nixos/nix:2.14.1 environment: - NIX_CONFIG=experimental-features = nix-command flakes commands: -- 2.47.1 From b2a00bf3d54310bda0e9ab0abfc3bfcdbb95216d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Mar 2023 14:00:27 +0000 Subject: [PATCH 1140/1882] chore(deps): update renovate/renovate docker tag to v34.154.6 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 0e1471e1..a3208ff1 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.154.5 + image: renovate/renovate:34.154.6 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From e8932a4c72232e5ca6b456a8674b9b8111fc1fbb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 4 Mar 2023 06:00:22 +0000 Subject: [PATCH 1141/1882] chore(deps): update renovate/renovate docker tag to v34.154.7 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index a3208ff1..4368fd70 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.154.6 + image: renovate/renovate:34.154.7 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From e4ac2478eeee76f2ced060b2b14bf7a6ce24018f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 4 Mar 2023 11:00:22 +0000 Subject: [PATCH 1142/1882] chore(deps): update renovate/renovate docker tag to v34.155.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 4368fd70..94216e0e 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.154.7 + image: renovate/renovate:34.155.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 17ae8111f7cb14141cc62b2d67ddb7f8694bca0e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 4 Mar 2023 16:00:23 +0000 Subject: [PATCH 1143/1882] chore(deps): update renovate/renovate docker tag to v34.156.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 94216e0e..e42e278e 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.155.0 + image: renovate/renovate:34.156.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 486544a83bc245a2277a0b64bb2a6c4f39966d56 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 4 Mar 2023 18:02:29 +0000 Subject: [PATCH 1144/1882] chore(deps): update renovate/renovate docker tag to v34.157.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index e42e278e..204f688c 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.156.0 + image: renovate/renovate:34.157.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 7fd307d5edb4b5f32f75ddf5e9303ea4bfb19689 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 5 Mar 2023 15:26:19 +0100 Subject: [PATCH 1145/1882] nix flake lock --- flake.lock | 54 +++++++++++++++++++++++++++--------------------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/flake.lock b/flake.lock index 64ade186..174f7281 100644 --- a/flake.lock +++ b/flake.lock @@ -429,11 +429,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1677783711, - "narHash": "sha256-eq5mOVk3gv5HITtLhPjKwi8bFnOaQplA3X0WFgHnmxE=", + "lastModified": 1678006026, + "narHash": "sha256-cGOfrU7JsKHAWXbPVDTOu2yyMb7GeWdUtJQNQSqht+w=", "owner": "nix-community", "repo": "home-manager", - "rev": "b9e3a29864798d55ec1d6579ab97876bb1ee9664", + "rev": "68ba59578352815ac372b17fb3df9db39afb1407", "type": "github" }, "original": { @@ -450,11 +450,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1677845759, - "narHash": "sha256-frHaN4PKNJs0ehM3/bEqZYH1VKROYNguMnmDU2p5D1Q=", + "lastModified": 1678025130, + "narHash": "sha256-UR0ED8m0gXinBGpMXntWew15camefEDK0YiDRBx8rwE=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "66b8629964e6a5db214f582047e88ec70cf080a8", + "rev": "de5f1b2a833a59d3b0375f24675d27cea99e56d1", "type": "github" }, "original": { @@ -657,11 +657,11 @@ ] }, "locked": { - "lastModified": 1677834279, - "narHash": "sha256-JHKdz4+KtDcCuIxt7jl03/wv3gMVCN5cHuED7SYS75c=", + "lastModified": 1677928408, + "narHash": "sha256-Rus3DPKieGuG4UHdMCCFpKdH8Z2TrobciBLHr4FDAzM=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "59d63c5bb0574048d3519c268fccf73e57220bf5", + "rev": "46158ecda28c81b9150f75c8bce8821d375c1230", "type": "github" }, "original": { @@ -672,11 +672,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1677591639, - "narHash": "sha256-DMlAyge+u3K+JOFLA5YfdjqagdAYJf29YGBWpy5izg4=", + "lastModified": 1677949148, + "narHash": "sha256-dEdcn+UYs8TUK3VTNCQk9TsJapJLEq50A4q7eC3/PTU=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "77de4cd09db4dbee9551ed2853cfcf113d7dc5ce", + "rev": "d63e86cbed3d399c4162594943bd8c1d8392e550", "type": "github" }, "original": { @@ -785,11 +785,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1675273418, - "narHash": "sha256-tpYc4TEGvDzh9uRf44QemyQ4TpVuUbxb07b2P99XDbM=", + "lastModified": 1677676435, + "narHash": "sha256-6FxdcmQr5JeZqsQvfinIMr0XcTyTuR7EXX0H3ANShpQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4d7c2644dbac9cf8282c0afe68fca8f0f3e7b2db", + "rev": "a08d6979dd7c82c4cef0dcc6ac45ab16051c1169", "type": "github" }, "original": { @@ -817,11 +817,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1677676435, - "narHash": "sha256-6FxdcmQr5JeZqsQvfinIMr0XcTyTuR7EXX0H3ANShpQ=", + "lastModified": 1677932085, + "narHash": "sha256-+AB4dYllWig8iO6vAiGGYl0NEgmMgGHpy9gzWJ3322g=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a08d6979dd7c82c4cef0dcc6ac45ab16051c1169", + "rev": "3c5319ad3aa51551182ac82ea17ab1c6b0f0df89", "type": "github" }, "original": { @@ -899,11 +899,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1677835132, - "narHash": "sha256-z38/XGQPmjU2KsppwO7m6uVD2V48qjRuP3JdA77n5dk=", + "lastModified": 1677896773, + "narHash": "sha256-YfmVSWbVm2J/AxW5u+QvyLg6TVxV87lL8eJo2cNejB4=", "owner": "pta2002", "repo": "nixvim", - "rev": "2258eb8df8d001e47438800cce54b376eb6c1696", + "rev": "c5f31f5677fdc254919a53976a3968dfbc92de0d", "type": "github" }, "original": { @@ -914,11 +914,11 @@ }, "nur": { "locked": { - "lastModified": 1677837380, - "narHash": "sha256-2+/DFU+U3ZmeI4+P1u6lFm9OwCbcjrW8ihduxpKkPq0=", + "lastModified": 1678021881, + "narHash": "sha256-oDMuTL2+uQPcn7YWFlcGROWRuFerjNhqLIupDJSnxyM=", "owner": "nix-community", "repo": "NUR", - "rev": "e85d61dbe4a582a3e048fd01fbdc72ae39102a0b", + "rev": "14332aa189f845389ec28b729a4beb321e28b4e1", "type": "github" }, "original": { @@ -1208,11 +1208,11 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1675374853, - "narHash": "sha256-BSrjNcddYWhFUMtjGwxiEXw67MYRaIHGvLn19Mvm1NE=", + "lastModified": 1677789111, + "narHash": "sha256-dWrk+Q3bLdtFe5rkyaAKWCQJCeE/KFNllcu1DvBC38c=", "owner": "wlroots", "repo": "wlroots", - "rev": "677a3f2f8847ed2de49dd60868f9d9487a546f58", + "rev": "5ae17de23f5fd9bb252a698f3771c840280e2c05", "type": "gitlab" }, "original": { -- 2.47.1 From a83209403f0bfc387878e5ff46ba6a1cbd2ffba8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 5 Mar 2023 21:00:21 +0000 Subject: [PATCH 1146/1882] chore(deps): update renovate/renovate docker tag to v34.157.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 204f688c..80230d46 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.157.0 + image: renovate/renovate:34.157.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 13db3aae57f845694a7368f5a9ad312ac061e8a9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Mar 2023 05:00:22 +0000 Subject: [PATCH 1147/1882] chore(deps): update flaresolverr/flaresolverr docker tag to v3.0.4 --- nixos/hosts/hades/prowlarr/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/prowlarr/configuration.nix b/nixos/hosts/hades/prowlarr/configuration.nix index 7608aba7..88bbe686 100644 --- a/nixos/hosts/hades/prowlarr/configuration.nix +++ b/nixos/hosts/hades/prowlarr/configuration.nix @@ -14,7 +14,7 @@ backend = "podman"; containers = { flaresolverr = { - image = "flaresolverr/flaresolverr:v3.0.2"; + image = "flaresolverr/flaresolverr:v3.0.4"; ports = [ "8191:8191" ]; -- 2.47.1 From 7062c0fe80398e21eaca33322792bf40bdda0539 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Mar 2023 10:00:23 +0000 Subject: [PATCH 1148/1882] chore(deps): update renovate/renovate docker tag to v34.158.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 80230d46..4bc6f594 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.157.1 + image: renovate/renovate:34.158.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 94267d36cb543d73e9eade4b854e4cb5375a1f6d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Mar 2023 12:03:04 +0000 Subject: [PATCH 1149/1882] chore(deps): update renovate/renovate docker tag to v34.158.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 4bc6f594..c9ebb778 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.158.0 + image: renovate/renovate:34.158.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 9a608bcf074b78511843164301f7dbf14b9b8e3a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Mar 2023 16:00:23 +0000 Subject: [PATCH 1150/1882] chore(deps): update renovate/renovate docker tag to v34.158.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index c9ebb778..f4e922bd 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.158.1 + image: renovate/renovate:34.158.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 8851fb6d249f56601cc5045f4273a2deb06bb7c4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Mar 2023 00:01:28 +0000 Subject: [PATCH 1151/1882] chore(deps): lock file maintenance --- flake.lock | 163 ++++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 129 insertions(+), 34 deletions(-) diff --git a/flake.lock b/flake.lock index 174f7281..ea81ccce 100644 --- a/flake.lock +++ b/flake.lock @@ -109,11 +109,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1676319017, - "narHash": "sha256-gHyshpxoQAc/3sI3eChqmSCvsBimy+Z6EkzwA3aAYgA=", + "lastModified": 1678129879, + "narHash": "sha256-OonKO7D6xuNf9S6SvxWYzZXNOfoUw5ZEymfC5UmZT7Y=", "owner": "nix-community", "repo": "comma", - "rev": "c4001264668c09d44d765e5ccb1182f291cd91a4", + "rev": "87f7d49716271cb48fb46f939e9f272f202a3728", "type": "github" }, "original": { @@ -171,7 +171,7 @@ "nixpkgs" ], "poetry2nix": "poetry2nix_2", - "pre-commit-hooks": "pre-commit-hooks" + "pre-commit-hooks": "pre-commit-hooks_2" }, "locked": { "lastModified": 1670715183, @@ -282,6 +282,22 @@ } }, "flake-compat_4": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_5": { "flake": false, "locked": { "lastModified": 1627913399, @@ -360,6 +376,21 @@ } }, "flake-utils_3": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { "locked": { "lastModified": 1631561581, "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=", @@ -405,6 +436,28 @@ "url": "https://gitlab.haskell.org/bgamari/ghc-utils" } }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "nixvim", + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1660459072, + "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "gomod2nix": { "flake": false, "locked": { @@ -429,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1678006026, - "narHash": "sha256-cGOfrU7JsKHAWXbPVDTOu2yyMb7GeWdUtJQNQSqht+w=", + "lastModified": 1678185531, + "narHash": "sha256-S9UgBQJcbf7rfy4I5FxvAmGjHeYq82dc3SBTPktbrt8=", "owner": "nix-community", "repo": "home-manager", - "rev": "68ba59578352815ac372b17fb3df9db39afb1407", + "rev": "defd16c5d5b271ff6cd7f72a108f711ebf31c936", "type": "github" }, "original": { @@ -450,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678025130, - "narHash": "sha256-UR0ED8m0gXinBGpMXntWew15camefEDK0YiDRBx8rwE=", + "lastModified": 1678199050, + "narHash": "sha256-4U0UDjSKcFgThNDY3JRf0D98sB4dqOiqqlbTGpKJ6hE=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "de5f1b2a833a59d3b0375f24675d27cea99e56d1", + "rev": "a85a6fa6c8ff9e51ba774cec112b408bce601451", "type": "github" }, "original": { @@ -657,11 +710,11 @@ ] }, "locked": { - "lastModified": 1677928408, - "narHash": "sha256-Rus3DPKieGuG4UHdMCCFpKdH8Z2TrobciBLHr4FDAzM=", + "lastModified": 1678111954, + "narHash": "sha256-qoDtI5CD1n+qMZ7sqj52AvspdQAF6FDrDloR/z4PrBM=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "46158ecda28c81b9150f75c8bce8821d375c1230", + "rev": "2687393d340804f0c90b9e65681485f3d9e09a38", "type": "github" }, "original": { @@ -672,11 +725,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1677949148, - "narHash": "sha256-dEdcn+UYs8TUK3VTNCQk9TsJapJLEq50A4q7eC3/PTU=", + "lastModified": 1678095239, + "narHash": "sha256-4F6jovFJcwh6OkMsY94ZrHdrvVqZi1FX5pYv6V9LIQw=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "d63e86cbed3d399c4162594943bd8c1d8392e550", + "rev": "f6610997b0fc5ea5f9e142c348fca27497efe1c7", "type": "github" }, "original": { @@ -735,6 +788,22 @@ "type": "github" } }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1673800717, + "narHash": "sha256-SFHraUqLSu5cC6IxTprex/nTsI81ZQAtDvlBvGDWfnA=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "2f9fd351ec37f5d479556cd48be4ca340da59b8f", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs_10": { "locked": { "lastModified": 1670507980, @@ -769,11 +838,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1677779205, - "narHash": "sha256-6DBjL9wjq86p2GczmwnHtFRnWPBPItc67gapWENBgX8=", + "lastModified": 1678072060, + "narHash": "sha256-6a9Tbjhir5HxDx4uw0u6Z+LHUfYf7tsT9QxF9FN/32w=", "owner": "nixos", "repo": "nixpkgs", - "rev": "96e18717904dfedcd884541e5a92bf9ff632cf39", + "rev": "47c003416297e4d59a5e3e7a8b15cdbdf5110560", "type": "github" }, "original": { @@ -817,11 +886,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1677932085, - "narHash": "sha256-+AB4dYllWig8iO6vAiGGYl0NEgmMgGHpy9gzWJ3322g=", + "lastModified": 1678111249, + "narHash": "sha256-ZTIbK7vthZwti5XeLZE+twkb4l44q01q2XoLMmmJe94=", "owner": "nixos", "repo": "nixpkgs", - "rev": "3c5319ad3aa51551182ac82ea17ab1c6b0f0df89", + "rev": "a028e2873d7fcf44e66b784b4ba061824315537f", "type": "github" }, "original": { @@ -896,14 +965,15 @@ "inputs": { "beautysh": "beautysh", "flake-utils": "flake-utils_2", - "nixpkgs": "nixpkgs_6" + "nixpkgs": "nixpkgs_6", + "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1677896773, - "narHash": "sha256-YfmVSWbVm2J/AxW5u+QvyLg6TVxV87lL8eJo2cNejB4=", + "lastModified": 1678214620, + "narHash": "sha256-kl+glaHyGnezdttcX0HacxKqukhztXwJ23VA5i1HIRI=", "owner": "pta2002", "repo": "nixvim", - "rev": "c5f31f5677fdc254919a53976a3968dfbc92de0d", + "rev": "09890171455cb313b3438c06114d6213e1d2f335", "type": "github" }, "original": { @@ -914,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678021881, - "narHash": "sha256-oDMuTL2+uQPcn7YWFlcGROWRuFerjNhqLIupDJSnxyM=", + "lastModified": 1678232741, + "narHash": "sha256-ViikQdLXfpkUeGmNY+FOrReO1t/uE8rdG1EyiVXiGPg=", "owner": "nix-community", "repo": "NUR", - "rev": "14332aa189f845389ec28b729a4beb321e28b4e1", + "rev": "eab748b9488799bf804a8f75d523fd32603098f8", "type": "github" }, "original": { @@ -972,6 +1042,31 @@ } }, "pre-commit-hooks": { + "inputs": { + "flake-compat": "flake-compat_4", + "flake-utils": "flake-utils_3", + "gitignore": "gitignore", + "nixpkgs": [ + "nixvim", + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1677722096, + "narHash": "sha256-7mjVMvCs9InnrRybBfr5ohqcOz+pyEX8m22C1XsDilg=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "61a3511668891c68ebd19d40122150b98dc2fe3b", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, + "pre-commit-hooks_2": { "inputs": { "flake-utils": [ "webcord", @@ -1104,11 +1199,11 @@ }, "utils_2": { "locked": { - "lastModified": 1667395993, - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "lastModified": 1676283394, + "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=", "owner": "numtide", "repo": "flake-utils", - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073", "type": "github" }, "original": { @@ -1149,8 +1244,8 @@ }, "vault-secrets": { "inputs": { - "flake-compat": "flake-compat_4", - "flake-utils": "flake-utils_3", + "flake-compat": "flake-compat_5", + "flake-utils": "flake-utils_4", "nix": "nix", "nixpkgs": "nixpkgs_9" }, -- 2.47.1 From 9ad50afe895816134fa492a70ab245d09c8161cc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Mar 2023 01:01:47 +0000 Subject: [PATCH 1152/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index ea81ccce..2e775def 100644 --- a/flake.lock +++ b/flake.lock @@ -838,11 +838,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1678072060, - "narHash": "sha256-6a9Tbjhir5HxDx4uw0u6Z+LHUfYf7tsT9QxF9FN/32w=", + "lastModified": 1678137616, + "narHash": "sha256-T+lWTRdcYaOnZQW+Ehdlg+YldC2l9cq2GXJFPq22Nxc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "47c003416297e4d59a5e3e7a8b15cdbdf5110560", + "rev": "7edcdf7b169c33cd3eef9aba50521ce93ee666b8", "type": "github" }, "original": { -- 2.47.1 From bd2344a388bcfb695ab7be15fcd51281f323a5a0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Mar 2023 02:02:18 +0000 Subject: [PATCH 1153/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 2e775def..86ec41f0 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678232741, - "narHash": "sha256-ViikQdLXfpkUeGmNY+FOrReO1t/uE8rdG1EyiVXiGPg=", + "lastModified": 1678239087, + "narHash": "sha256-TXjUW9y3a/fJ+9yT+jv+K6ElHemaVixMSOxqZRSli+c=", "owner": "nix-community", "repo": "NUR", - "rev": "eab748b9488799bf804a8f75d523fd32603098f8", + "rev": "d50e0a76e34c2e5029ba20ed89ff9ceecee5520f", "type": "github" }, "original": { -- 2.47.1 From 607007106fa1af15c28ddcaf67450af0290e78ef Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Mar 2023 03:02:24 +0000 Subject: [PATCH 1154/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 86ec41f0..534e61e9 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678239087, - "narHash": "sha256-TXjUW9y3a/fJ+9yT+jv+K6ElHemaVixMSOxqZRSli+c=", + "lastModified": 1678241914, + "narHash": "sha256-yoKlea72xNLcjspan3BXhObpVMpXtYLfVhBxh5Og02U=", "owner": "nix-community", "repo": "NUR", - "rev": "d50e0a76e34c2e5029ba20ed89ff9ceecee5520f", + "rev": "31b06d2e38f5296d173c546e84f9777f52ef18d5", "type": "github" }, "original": { -- 2.47.1 From 392a80ae79d447d4056ed8854d672091b3cb1c7c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Mar 2023 04:01:55 +0000 Subject: [PATCH 1155/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 534e61e9..6fb1108b 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678241914, - "narHash": "sha256-yoKlea72xNLcjspan3BXhObpVMpXtYLfVhBxh5Og02U=", + "lastModified": 1678247653, + "narHash": "sha256-wVNt5WIGakBO/QhaCHLrHln+UlzdcHLf9T8uz00o6UY=", "owner": "nix-community", "repo": "NUR", - "rev": "31b06d2e38f5296d173c546e84f9777f52ef18d5", + "rev": "5a5840db457285436406aa409ba5cc9696745765", "type": "github" }, "original": { -- 2.47.1 From ff1ec64f46783eba538bb6223ea9f7b9d3df0f2c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Mar 2023 05:02:05 +0000 Subject: [PATCH 1156/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 6fb1108b..7feffad8 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678247653, - "narHash": "sha256-wVNt5WIGakBO/QhaCHLrHln+UlzdcHLf9T8uz00o6UY=", + "lastModified": 1678250746, + "narHash": "sha256-y2zMq3nLmeUADiW+pzKdPcL0ef4yGnCWBL2lCQNncRs=", "owner": "nix-community", "repo": "NUR", - "rev": "5a5840db457285436406aa409ba5cc9696745765", + "rev": "b4d5a23d29441307454da9fecdb3dd7e06f30671", "type": "github" }, "original": { -- 2.47.1 From 52d44249db246a49e65ea58aad18334d28d4906b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Mar 2023 06:02:11 +0000 Subject: [PATCH 1157/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 7feffad8..5c4a416f 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678250746, - "narHash": "sha256-y2zMq3nLmeUADiW+pzKdPcL0ef4yGnCWBL2lCQNncRs=", + "lastModified": 1678255271, + "narHash": "sha256-VEOnYtL5BxrxBvS+R2bVGNKab+fIvCHoLIlv2qSCM1E=", "owner": "nix-community", "repo": "NUR", - "rev": "b4d5a23d29441307454da9fecdb3dd7e06f30671", + "rev": "b2ebc637d698e4ab8895c9633260ba3b07909dfd", "type": "github" }, "original": { -- 2.47.1 From b0d7a857576aec0b95ac7a288f9e836d44ac80b7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Mar 2023 08:01:38 +0000 Subject: [PATCH 1158/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 5c4a416f..3280894e 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1678185531, - "narHash": "sha256-S9UgBQJcbf7rfy4I5FxvAmGjHeYq82dc3SBTPktbrt8=", + "lastModified": 1678229586, + "narHash": "sha256-6Kg9nTzHdfW4JUaGfwT9XA5x4F+nVJWORw9aD4lOXo4=", "owner": "nix-community", "repo": "home-manager", - "rev": "defd16c5d5b271ff6cd7f72a108f711ebf31c936", + "rev": "f69816489d5bcd1329c50fb4a7035a9a9dc19a3b", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678255271, - "narHash": "sha256-VEOnYtL5BxrxBvS+R2bVGNKab+fIvCHoLIlv2qSCM1E=", + "lastModified": 1678260643, + "narHash": "sha256-/WHdvI0iT2TNztVP06zodSxii4Y/2a+VWOIKM8M30Zg=", "owner": "nix-community", "repo": "NUR", - "rev": "b2ebc637d698e4ab8895c9633260ba3b07909dfd", + "rev": "1710738596d3150a09518f5c0636e274e6832294", "type": "github" }, "original": { -- 2.47.1 From bd69787a835ec0a2ebfc36eec73f31c6cbf38af8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Mar 2023 09:02:09 +0000 Subject: [PATCH 1159/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 3280894e..b1e1f389 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1678214620, - "narHash": "sha256-kl+glaHyGnezdttcX0HacxKqukhztXwJ23VA5i1HIRI=", + "lastModified": 1678263709, + "narHash": "sha256-YNijDteDFRERMbrFoWtqh+CIU8wjEMyKzQzqVTW9reY=", "owner": "pta2002", "repo": "nixvim", - "rev": "09890171455cb313b3438c06114d6213e1d2f335", + "rev": "e643bcd5d017609cd84e22c21d01fb488b16bb53", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678260643, - "narHash": "sha256-/WHdvI0iT2TNztVP06zodSxii4Y/2a+VWOIKM8M30Zg=", + "lastModified": 1678265305, + "narHash": "sha256-vDUwfZN/HSwO2Qu3CmzppEa2dWv+ip0O6tI1KhK8rz8=", "owner": "nix-community", "repo": "NUR", - "rev": "1710738596d3150a09518f5c0636e274e6832294", + "rev": "561030932ceebe2904904992a83c5ca22c11a541", "type": "github" }, "original": { -- 2.47.1 From 8b1174d0a8ca237927853eb5af4077c347784f99 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Mar 2023 10:00:36 +0000 Subject: [PATCH 1160/1882] chore(deps): update renovate/renovate docker tag to v34.159.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index f4e922bd..c84dd3ef 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.158.2 + image: renovate/renovate:34.159.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 282a467e794450e2941e564a5ca439958d881aeb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Mar 2023 11:02:37 +0000 Subject: [PATCH 1161/1882] chore(deps): lock file maintenance --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index b1e1f389..f2106a86 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1678229586, - "narHash": "sha256-6Kg9nTzHdfW4JUaGfwT9XA5x4F+nVJWORw9aD4lOXo4=", + "lastModified": 1678271387, + "narHash": "sha256-H2dv/i1LRlunRtrESirELzfPWdlG/6ElDB1ksO529H4=", "owner": "nix-community", "repo": "home-manager", - "rev": "f69816489d5bcd1329c50fb4a7035a9a9dc19a3b", + "rev": "36999b8d19eb6eebb41983ef017d7e0095316af2", "type": "github" }, "original": { @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678199050, - "narHash": "sha256-4U0UDjSKcFgThNDY3JRf0D98sB4dqOiqqlbTGpKJ6hE=", + "lastModified": 1678268777, + "narHash": "sha256-nIRic657abSyBAQ5V3bOOE0aPbjAZx2wvr9mPRoq1cQ=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "a85a6fa6c8ff9e51ba774cec112b408bce601451", + "rev": "92d2331170ce738056ad6bc63fa346174b954f66", "type": "github" }, "original": { @@ -886,11 +886,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1678111249, - "narHash": "sha256-ZTIbK7vthZwti5XeLZE+twkb4l44q01q2XoLMmmJe94=", + "lastModified": 1678201391, + "narHash": "sha256-dX4z2oSJ5UKzY5wb5HX2VaPP08DPWZ6B7EHzOJfP7GM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a028e2873d7fcf44e66b784b4ba061824315537f", + "rev": "c707238dc262923da5a53a5a11914117caac07a2", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678265305, - "narHash": "sha256-vDUwfZN/HSwO2Qu3CmzppEa2dWv+ip0O6tI1KhK8rz8=", + "lastModified": 1678268766, + "narHash": "sha256-DoaLc/sdJo4Lk7oXd3KEP68Qglv05AqgeyqS1tYoK9Q=", "owner": "nix-community", "repo": "NUR", - "rev": "561030932ceebe2904904992a83c5ca22c11a541", + "rev": "55b25f42bdb74a819c77b6439d66e6cab2b56769", "type": "github" }, "original": { -- 2.47.1 From 2462b47113f9fa46d1c317c8df07b05eb8b6a8b0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Mar 2023 14:01:28 +0000 Subject: [PATCH 1162/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index f2106a86..2547766a 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678268766, - "narHash": "sha256-DoaLc/sdJo4Lk7oXd3KEP68Qglv05AqgeyqS1tYoK9Q=", + "lastModified": 1678280837, + "narHash": "sha256-EtWAGNUjqbdb1kq3IHD37Dr9w7WTZ70rqh5sI96ozpI=", "owner": "nix-community", "repo": "NUR", - "rev": "55b25f42bdb74a819c77b6439d66e6cab2b56769", + "rev": "74f84da87fc481dfdb050fa029e952553440f979", "type": "github" }, "original": { -- 2.47.1 From 1f735b3496c4a276f383cdc4b01d338bdbe34744 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Mar 2023 15:00:35 +0000 Subject: [PATCH 1163/1882] chore(deps): update renovate/renovate docker tag to v34.159.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index c84dd3ef..277fc347 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.159.0 + image: renovate/renovate:34.159.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From cf3f099d77b578e8d42c2fd54c8ed8c3765e6f22 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Mar 2023 16:02:07 +0000 Subject: [PATCH 1164/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 2547766a..62de16f4 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678280837, - "narHash": "sha256-EtWAGNUjqbdb1kq3IHD37Dr9w7WTZ70rqh5sI96ozpI=", + "lastModified": 1678290523, + "narHash": "sha256-LMxdMgW0mMfbLgrPzRDWmYCKTB7O+QmGC/FsuIzumSA=", "owner": "nix-community", "repo": "NUR", - "rev": "74f84da87fc481dfdb050fa029e952553440f979", + "rev": "864e370f1ba42303a60c13ee8c8139697b483846", "type": "github" }, "original": { -- 2.47.1 From 946f7348f8439be97c11784610ce0dab217f6fc8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Mar 2023 17:05:01 +0000 Subject: [PATCH 1165/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 62de16f4..0325334a 100644 --- a/flake.lock +++ b/flake.lock @@ -838,11 +838,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1678137616, - "narHash": "sha256-T+lWTRdcYaOnZQW+Ehdlg+YldC2l9cq2GXJFPq22Nxc=", + "lastModified": 1678230755, + "narHash": "sha256-SFAXgNjNTXzcAideXcP0takfUGVft/VR5CACmYHg+Fc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7edcdf7b169c33cd3eef9aba50521ce93ee666b8", + "rev": "a7cc81913bb3cd1ef05ed0ece048b773e1839e51", "type": "github" }, "original": { -- 2.47.1 From 260032772336422ae2efb59dd84a975a846af72a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Mar 2023 20:01:45 +0000 Subject: [PATCH 1166/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 0325334a..dec59441 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678290523, - "narHash": "sha256-LMxdMgW0mMfbLgrPzRDWmYCKTB7O+QmGC/FsuIzumSA=", + "lastModified": 1678304776, + "narHash": "sha256-ZYdZvcM2SsEYo+1VFyhcW9avx4fDCDTi3XEt6/Zfooo=", "owner": "nix-community", "repo": "NUR", - "rev": "864e370f1ba42303a60c13ee8c8139697b483846", + "rev": "ba739041e344d295d9e045620f7a1b5e748b9682", "type": "github" }, "original": { -- 2.47.1 From 5f5111b4cdd2a6ed8e12024fbefb1411a199da74 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Mar 2023 01:01:35 +0000 Subject: [PATCH 1167/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index dec59441..540603de 100644 --- a/flake.lock +++ b/flake.lock @@ -886,11 +886,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1678201391, - "narHash": "sha256-dX4z2oSJ5UKzY5wb5HX2VaPP08DPWZ6B7EHzOJfP7GM=", + "lastModified": 1678293141, + "narHash": "sha256-lLlQHaR0y+q6nd6kfpydPTGHhl1rS9nU9OQmztzKOYs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c707238dc262923da5a53a5a11914117caac07a2", + "rev": "c90c4025bb6e0c4eaf438128a3b2640314b1c58d", "type": "github" }, "original": { -- 2.47.1 From 2a9124eff309745f099105962fe747ea131d7783 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Mar 2023 03:01:53 +0000 Subject: [PATCH 1168/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 540603de..5cdf75d6 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678304776, - "narHash": "sha256-ZYdZvcM2SsEYo+1VFyhcW9avx4fDCDTi3XEt6/Zfooo=", + "lastModified": 1678327434, + "narHash": "sha256-qLNSdrPn4T/VJej9jw+ypvr1CNoXPLFj3kChr4Xc7Ik=", "owner": "nix-community", "repo": "NUR", - "rev": "ba739041e344d295d9e045620f7a1b5e748b9682", + "rev": "c5d4149cdb91794cec9894dd59e4b43941fe4712", "type": "github" }, "original": { -- 2.47.1 From bfd5c7134b9cd2d9f9ac0fc93b6740f577c375f8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Mar 2023 04:02:16 +0000 Subject: [PATCH 1169/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 5cdf75d6..f1ec144b 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678327434, - "narHash": "sha256-qLNSdrPn4T/VJej9jw+ypvr1CNoXPLFj3kChr4Xc7Ik=", + "lastModified": 1678334028, + "narHash": "sha256-UVforO7db2ruotdaVeiR04CIy5mYv7oTEgAjwcKTm5I=", "owner": "nix-community", "repo": "NUR", - "rev": "c5d4149cdb91794cec9894dd59e4b43941fe4712", + "rev": "93d5ff755043618fa53f5112f6b3462eb5a35cdd", "type": "github" }, "original": { -- 2.47.1 From dd821ea9cc453b0011eb7b1bbbad9be0573f7142 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Mar 2023 14:00:25 +0000 Subject: [PATCH 1170/1882] chore(deps): update renovate/renovate docker tag to v34.159.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 277fc347..2bbb552f 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.159.1 + image: renovate/renovate:34.159.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 14ab481f4d229705b3f8eae697d2616a3ee1a9b7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Mar 2023 15:01:54 +0000 Subject: [PATCH 1171/1882] chore(deps): lock file maintenance --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index f1ec144b..f133784e 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678268777, - "narHash": "sha256-nIRic657abSyBAQ5V3bOOE0aPbjAZx2wvr9mPRoq1cQ=", + "lastModified": 1678371846, + "narHash": "sha256-fOFX0PASpIpU4NK9Wen9yJKwg5RYe5jFIu1H0OUzglE=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "92d2331170ce738056ad6bc63fa346174b954f66", + "rev": "c9167d96467f0c1546f337828e874d7dd849f900", "type": "github" }, "original": { @@ -710,11 +710,11 @@ ] }, "locked": { - "lastModified": 1678111954, - "narHash": "sha256-qoDtI5CD1n+qMZ7sqj52AvspdQAF6FDrDloR/z4PrBM=", + "lastModified": 1678351966, + "narHash": "sha256-tRFEU0lu3imZb3dtELBY+UbEhWXbb0xlBrsIlpICb+A=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "2687393d340804f0c90b9e65681485f3d9e09a38", + "rev": "0c043999b16caba6fb571af2d228775729829943", "type": "github" }, "original": { @@ -725,11 +725,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1678095239, - "narHash": "sha256-4F6jovFJcwh6OkMsY94ZrHdrvVqZi1FX5pYv6V9LIQw=", + "lastModified": 1678350133, + "narHash": "sha256-sUxDtERkqq0oGU5eGtlem5zE5ga801yXfpc3XlPfC4k=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "f6610997b0fc5ea5f9e142c348fca27497efe1c7", + "rev": "6e303a505ad31a8e68a7f0d43e2170e81c16919b", "type": "github" }, "original": { @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1678263709, - "narHash": "sha256-YNijDteDFRERMbrFoWtqh+CIU8wjEMyKzQzqVTW9reY=", + "lastModified": 1678367030, + "narHash": "sha256-hiDPs0V7PwsBVYux2VSgExFOkeT9SSGpczRmxxQSOQ4=", "owner": "pta2002", "repo": "nixvim", - "rev": "e643bcd5d017609cd84e22c21d01fb488b16bb53", + "rev": "ecfa870c7a37fdc4c50ff4efc73faa42bc1b8660", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678334028, - "narHash": "sha256-UVforO7db2ruotdaVeiR04CIy5mYv7oTEgAjwcKTm5I=", + "lastModified": 1678369783, + "narHash": "sha256-xKVoXIu+/fdPFXRITn5kHpuUe9/DkdFJEF5WxR/HKR0=", "owner": "nix-community", "repo": "NUR", - "rev": "93d5ff755043618fa53f5112f6b3462eb5a35cdd", + "rev": "bbef74f8ace8a5c0e6d7da6ef9d553efe1cbd56c", "type": "github" }, "original": { -- 2.47.1 From 07a8167b6634f62fb0f00fc8705514e7b6cee91d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Mar 2023 17:01:38 +0000 Subject: [PATCH 1172/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index f133784e..244c7256 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678369783, - "narHash": "sha256-xKVoXIu+/fdPFXRITn5kHpuUe9/DkdFJEF5WxR/HKR0=", + "lastModified": 1678381003, + "narHash": "sha256-Ujd6MAWDGVmmchEZstza74ttcH/hliTztSWb7TFROiQ=", "owner": "nix-community", "repo": "NUR", - "rev": "bbef74f8ace8a5c0e6d7da6ef9d553efe1cbd56c", + "rev": "ca454bfe203ce42dbeac2ecae7035372df82258b", "type": "github" }, "original": { -- 2.47.1 From 1e495aaa2fe41c9f1577137f51e8ff40110e724a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Mar 2023 20:02:03 +0000 Subject: [PATCH 1173/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 244c7256..ffc9b552 100644 --- a/flake.lock +++ b/flake.lock @@ -725,11 +725,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1678350133, - "narHash": "sha256-sUxDtERkqq0oGU5eGtlem5zE5ga801yXfpc3XlPfC4k=", + "lastModified": 1678389441, + "narHash": "sha256-k7DgWCNPfeNK1CmDHmL0t/qV7Bl47OU/eE04ZHhbfzI=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "6e303a505ad31a8e68a7f0d43e2170e81c16919b", + "rev": "22ef358f5fc72445bb920ae1395f5258e9838df7", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678381003, - "narHash": "sha256-Ujd6MAWDGVmmchEZstza74ttcH/hliTztSWb7TFROiQ=", + "lastModified": 1678391183, + "narHash": "sha256-F29jl3ZrDhc3s8yjo+uKndincT3GKWuAeNrnB0709Qk=", "owner": "nix-community", "repo": "NUR", - "rev": "ca454bfe203ce42dbeac2ecae7035372df82258b", + "rev": "3e708271a206f4c3bf0559715f5db1e2ffa395c2", "type": "github" }, "original": { -- 2.47.1 From 2af0ba9799b0c955149d2d970777077d3cd1123f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Mar 2023 21:02:26 +0000 Subject: [PATCH 1174/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index ffc9b552..a147957f 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678391183, - "narHash": "sha256-F29jl3ZrDhc3s8yjo+uKndincT3GKWuAeNrnB0709Qk=", + "lastModified": 1678394797, + "narHash": "sha256-aOCVb7prmPpwJXeXDujIolWTSZ3t4DiC+CXZvfJYQEk=", "owner": "nix-community", "repo": "NUR", - "rev": "3e708271a206f4c3bf0559715f5db1e2ffa395c2", + "rev": "0f2e08262ac9edde0606ebedcd50c5523b2c5e19", "type": "github" }, "original": { -- 2.47.1 From f5fd4ea758d47b8eabf8414c32ebf698b7b3f304 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Mar 2023 22:02:19 +0000 Subject: [PATCH 1175/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index a147957f..40d4048d 100644 --- a/flake.lock +++ b/flake.lock @@ -725,11 +725,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1678389441, - "narHash": "sha256-k7DgWCNPfeNK1CmDHmL0t/qV7Bl47OU/eE04ZHhbfzI=", + "lastModified": 1678397099, + "narHash": "sha256-5xq8YJe+h19TlD+EI4AE/3H3jcCcQ2AWU6CWBVc5tRc=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "22ef358f5fc72445bb920ae1395f5258e9838df7", + "rev": "556101ff85bd6e20900ec73ee525b935154bc8ea", "type": "github" }, "original": { -- 2.47.1 From 71ba62db93c8c07494ee647ad067fb92186e0b78 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Mar 2023 00:01:55 +0000 Subject: [PATCH 1176/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 40d4048d..fa31766d 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678394797, - "narHash": "sha256-aOCVb7prmPpwJXeXDujIolWTSZ3t4DiC+CXZvfJYQEk=", + "lastModified": 1678405591, + "narHash": "sha256-f6iiFgvkRhr4SYrNxg5LAkLqnz/4EI1zMg60J/Gnd4g=", "owner": "nix-community", "repo": "NUR", - "rev": "0f2e08262ac9edde0606ebedcd50c5523b2c5e19", + "rev": "6f1f1fcec2ea6b1cb23a5101cb2b5138c238962a", "type": "github" }, "original": { -- 2.47.1 From f7534c4de3817d6e484e65da3cbae934f573de9a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Mar 2023 02:01:41 +0000 Subject: [PATCH 1177/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index fa31766d..7acc3c09 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678405591, - "narHash": "sha256-f6iiFgvkRhr4SYrNxg5LAkLqnz/4EI1zMg60J/Gnd4g=", + "lastModified": 1678410748, + "narHash": "sha256-5+F8TXd92I581TdOqL0iOm3DJ9t58l1gXimWX2n69Z4=", "owner": "nix-community", "repo": "NUR", - "rev": "6f1f1fcec2ea6b1cb23a5101cb2b5138c238962a", + "rev": "ae3612965891321559e354bfa9deabfbf0729b4f", "type": "github" }, "original": { -- 2.47.1 From 379872158cd63b4bdae321c6771e301e538983eb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Mar 2023 03:02:33 +0000 Subject: [PATCH 1178/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 7acc3c09..e17aee09 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1678367030, - "narHash": "sha256-hiDPs0V7PwsBVYux2VSgExFOkeT9SSGpczRmxxQSOQ4=", + "lastModified": 1678417204, + "narHash": "sha256-ywqekFa7/5ync0EKeDJNCeYQwfzpuAyzJW5dg/S0WZI=", "owner": "pta2002", "repo": "nixvim", - "rev": "ecfa870c7a37fdc4c50ff4efc73faa42bc1b8660", + "rev": "a16d862de4634cecf92d9304b44407cc0d0a97cc", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678410748, - "narHash": "sha256-5+F8TXd92I581TdOqL0iOm3DJ9t58l1gXimWX2n69Z4=", + "lastModified": 1678414741, + "narHash": "sha256-Q6NPrcIp8IM29scARnwMg4mpN3/o9/6lLuLrjxvxTwU=", "owner": "nix-community", "repo": "NUR", - "rev": "ae3612965891321559e354bfa9deabfbf0729b4f", + "rev": "39f460d03b2faf38131cf8ff5ab19fe5848fc23c", "type": "github" }, "original": { -- 2.47.1 From 0cbf10d7836bb130ee55017febbc4010c9ab121d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Mar 2023 06:01:56 +0000 Subject: [PATCH 1179/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index e17aee09..137fc0c7 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678414741, - "narHash": "sha256-Q6NPrcIp8IM29scARnwMg4mpN3/o9/6lLuLrjxvxTwU=", + "lastModified": 1678427090, + "narHash": "sha256-vX3YVugXrHI/mWGkObSbEZKxlWTkMUNTCKhaURKDOMI=", "owner": "nix-community", "repo": "NUR", - "rev": "39f460d03b2faf38131cf8ff5ab19fe5848fc23c", + "rev": "54542ebdc305cb30059bc9886c394e5df9e37d8e", "type": "github" }, "original": { -- 2.47.1 From a4c24c0077994e727ce3f458727aa4ac37cb9a2e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Mar 2023 08:02:08 +0000 Subject: [PATCH 1180/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 137fc0c7..d03117d0 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678427090, - "narHash": "sha256-vX3YVugXrHI/mWGkObSbEZKxlWTkMUNTCKhaURKDOMI=", + "lastModified": 1678434006, + "narHash": "sha256-vYiRVsB2CZ17aBYONDa2ik/3NSmkvjIPmkPuO+hkUlw=", "owner": "nix-community", "repo": "NUR", - "rev": "54542ebdc305cb30059bc9886c394e5df9e37d8e", + "rev": "635206085c5a429d5459b955e84e0f29242313a1", "type": "github" }, "original": { -- 2.47.1 From 3cd3d4de72b1c71c556992440c72ebb1866eb89d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Mar 2023 09:02:22 +0000 Subject: [PATCH 1181/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d03117d0..e569914d 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678434006, - "narHash": "sha256-vYiRVsB2CZ17aBYONDa2ik/3NSmkvjIPmkPuO+hkUlw=", + "lastModified": 1678438134, + "narHash": "sha256-pGf1OLU8YnAGsHxzq08OmZ5m+sgfECZyl+BDzNoX2Yw=", "owner": "nix-community", "repo": "NUR", - "rev": "635206085c5a429d5459b955e84e0f29242313a1", + "rev": "c4fea7bfacbea6b72da3ddafb41b33ef1ddae3bb", "type": "github" }, "original": { -- 2.47.1 From 4684240722e3a3e6600f5967126e18aee13bcc60 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Mar 2023 10:00:37 +0000 Subject: [PATCH 1182/1882] chore(deps): update renovate/renovate docker tag to v34.160.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 2bbb552f..6ac68375 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.159.2 + image: renovate/renovate:34.160.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From fbbc49ab8096dde11506a65f4cf8c7072ebbbe9c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Mar 2023 11:02:32 +0000 Subject: [PATCH 1183/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index e569914d..b138650c 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678371846, - "narHash": "sha256-fOFX0PASpIpU4NK9Wen9yJKwg5RYe5jFIu1H0OUzglE=", + "lastModified": 1678441539, + "narHash": "sha256-OSxX2+8hHBBnRwutpP/eaf3jilIesPyYrtfKi+2Q8T0=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "c9167d96467f0c1546f337828e874d7dd849f900", + "rev": "0ad2d9f0b5b27b9c5dd71989acb3ce519c33e47d", "type": "github" }, "original": { @@ -886,11 +886,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1678293141, - "narHash": "sha256-lLlQHaR0y+q6nd6kfpydPTGHhl1rS9nU9OQmztzKOYs=", + "lastModified": 1678380223, + "narHash": "sha256-HUxnK38iqrX84QdQxbFcosRKV3/koj1Zzp5b5aP4lIo=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c90c4025bb6e0c4eaf438128a3b2640314b1c58d", + "rev": "1e2590679d0ed2cee2736e8b80373178d085d263", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678438134, - "narHash": "sha256-pGf1OLU8YnAGsHxzq08OmZ5m+sgfECZyl+BDzNoX2Yw=", + "lastModified": 1678441520, + "narHash": "sha256-SWc9Hlln71yNnlfvTOSBJtZMOanMljvFj5caqY6aTks=", "owner": "nix-community", "repo": "NUR", - "rev": "c4fea7bfacbea6b72da3ddafb41b33ef1ddae3bb", + "rev": "d8e7ee3d5c5f47adf0139103c9055075a360a650", "type": "github" }, "original": { -- 2.47.1 From 3bdc9e36989f2478dc5c651528fa973e28e1911b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Mar 2023 12:03:14 +0000 Subject: [PATCH 1184/1882] chore(deps): update renovate/renovate docker tag to v35 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 6ac68375..6afb2d79 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:34.160.0 + image: renovate/renovate:35.0.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 1a5711ab690f429c09da87aca2c7f39f8ee1ac74 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 9 Mar 2023 18:00:27 +0000 Subject: [PATCH 1185/1882] chore(deps): update dependency fluxcd/flux2 to v0.41.0 --- .../base/flux-system/gotk-components.yaml | 92 ++++++++++--------- 1 file changed, 47 insertions(+), 45 deletions(-) diff --git a/flux/olympus/base/flux-system/gotk-components.yaml b/flux/olympus/base/flux-system/gotk-components.yaml index 1e00aff9..c5bd1c9f 100644 --- a/flux/olympus/base/flux-system/gotk-components.yaml +++ b/flux/olympus/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.40.2 +# Flux Version: v0.41.0 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -23,7 +23,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -443,7 +443,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -962,7 +962,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1757,7 +1757,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2355,7 +2355,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -2625,14 +2625,14 @@ spec: is empty. properties: secretRef: - description: SecretRef holds the name to a secret that contains - a key with the kubeconfig file as the value. If no key is specified - the key will default to 'value'. The secret must be in the same - namespace as the HelmRelease. It is recommended that the kubeconfig - is self-contained, and the secret is regularly updated if credentials - such as a cloud-access-token expire. Cloud specific `cmd-path` - auth helpers will not function without adding binaries and credentials - to the Pod that is responsible for reconciling the HelmRelease. + description: SecretRef holds the name of a secret that contains + a key with the kubeconfig file as the value. If no key is set, + the key will default to 'value'. It is recommended that the + kubeconfig is self-contained, and the secret is regularly updated + if credentials such as a cloud-access-token expire. Cloud specific + `cmd-path` auth helpers will not function without adding binaries + and credentials to the Pod that is responsible for reconciling + Kubernetes resources. properties: key: description: Key in the Secret, when not specified an implementation-specific @@ -2644,6 +2644,8 @@ spec: required: - name type: object + required: + - secretRef type: object maxHistory: description: MaxHistory is the number of revisions saved by Helm for @@ -3238,7 +3240,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3745,7 +3747,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -4839,8 +4841,8 @@ spec: - entries type: object lastAppliedRevision: - description: The last successfully applied revision. The revision - format for Git sources is /. + description: The last successfully applied revision. Equals the Revision + of the applied Artifact from the referenced Source. type: string lastAttemptedRevision: description: LastAttemptedRevision is the revision of the last reconciliation @@ -4872,7 +4874,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: ocirepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -5236,7 +5238,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5642,7 +5644,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6083,7 +6085,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: helm-controller namespace: flux-system --- @@ -6094,7 +6096,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: kustomize-controller namespace: flux-system --- @@ -6105,7 +6107,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: notification-controller namespace: flux-system --- @@ -6116,7 +6118,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: source-controller namespace: flux-system --- @@ -6126,7 +6128,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: crd-controller-flux-system rules: - apiGroups: @@ -6216,7 +6218,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" name: flux-edit-flux-system @@ -6242,7 +6244,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-view: "true" @@ -6267,7 +6269,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -6287,7 +6289,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -6320,7 +6322,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 control-plane: controller name: notification-controller namespace: flux-system @@ -6341,7 +6343,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 control-plane: controller name: source-controller namespace: flux-system @@ -6362,7 +6364,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 control-plane: controller name: webhook-receiver namespace: flux-system @@ -6383,7 +6385,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 control-plane: controller name: helm-controller namespace: flux-system @@ -6412,7 +6414,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.30.0 + image: ghcr.io/fluxcd/helm-controller:v0.31.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6466,7 +6468,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 control-plane: controller name: kustomize-controller namespace: flux-system @@ -6495,7 +6497,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.34.0 + image: ghcr.io/fluxcd/kustomize-controller:v0.35.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6549,7 +6551,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 control-plane: controller name: notification-controller namespace: flux-system @@ -6577,7 +6579,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v0.32.1 + image: ghcr.io/fluxcd/notification-controller:v0.33.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6637,7 +6639,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 control-plane: controller name: source-controller namespace: flux-system @@ -6672,7 +6674,7 @@ spec: fieldPath: metadata.namespace - name: TUF_ROOT value: /tmp/.sigstore - image: ghcr.io/fluxcd/source-controller:v0.35.2 + image: ghcr.io/fluxcd/source-controller:v0.36.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6732,7 +6734,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: allow-egress namespace: flux-system spec: @@ -6752,7 +6754,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: allow-scraping namespace: flux-system spec: @@ -6772,7 +6774,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.40.2 + app.kubernetes.io/version: v0.41.0 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From fe24111134b1011d2d989f9d9036986796a47ac6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Mar 2023 13:12:05 +0000 Subject: [PATCH 1186/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index b138650c..f60a4d0e 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1678417204, - "narHash": "sha256-ywqekFa7/5ync0EKeDJNCeYQwfzpuAyzJW5dg/S0WZI=", + "lastModified": 1678449652, + "narHash": "sha256-w+FEY8L/uO/koWwahBAoDTmCO0qIOHJ71qpSe+ED8bk=", "owner": "pta2002", "repo": "nixvim", - "rev": "a16d862de4634cecf92d9304b44407cc0d0a97cc", + "rev": "0bd07ee0914361bc4a729b92c0bfc4ecf97ce7e7", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678441520, - "narHash": "sha256-SWc9Hlln71yNnlfvTOSBJtZMOanMljvFj5caqY6aTks=", + "lastModified": 1678453582, + "narHash": "sha256-vWrJPneFZeTjWOXNoz40uXwNysRtBSYi4vkeS1Qa70M=", "owner": "nix-community", "repo": "NUR", - "rev": "d8e7ee3d5c5f47adf0139103c9055075a360a650", + "rev": "4a89c27a86e8abb86e2b8043a62738f3bf6b4e88", "type": "github" }, "original": { -- 2.47.1 From 97a8c37c9f658a4a330864c7799935c61d1e1d92 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 10 Mar 2023 16:02:20 +0000 Subject: [PATCH 1187/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index f60a4d0e..2e0eca4d 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678441539, - "narHash": "sha256-OSxX2+8hHBBnRwutpP/eaf3jilIesPyYrtfKi+2Q8T0=", + "lastModified": 1678461549, + "narHash": "sha256-Jgk/xCc6oDm3Me/MAL7BoYF4Oaer9uJANZnFrDtvy64=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "0ad2d9f0b5b27b9c5dd71989acb3ce519c33e47d", + "rev": "253286669a115c4e63c3924eeec8391af2504c57", "type": "github" }, "original": { -- 2.47.1 From daf1353826fda6b2c738c1b0ac5adc1e41c2e099 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Mar 2023 07:00:26 +0000 Subject: [PATCH 1188/1882] chore(deps): update renovate/renovate docker tag to v35.0.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 6afb2d79..0803d78c 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.0.0 + image: renovate/renovate:35.0.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 803f2e69a33817541cdfbe898a9d4d6f6e8d1edd Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 11 Mar 2023 11:12:25 +0100 Subject: [PATCH 1189/1882] update flake --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 2e0eca4d..aeba7595 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1678271387, - "narHash": "sha256-H2dv/i1LRlunRtrESirELzfPWdlG/6ElDB1ksO529H4=", + "lastModified": 1678464939, + "narHash": "sha256-pRMlwOUkO1OwSi7qF6XR/zcocWy/ZYxXgbYWvnZQO9k=", "owner": "nix-community", "repo": "home-manager", - "rev": "36999b8d19eb6eebb41983ef017d7e0095316af2", + "rev": "7224d7c54c5fc74cdf60b208af6148ed3295aa32", "type": "github" }, "original": { @@ -838,11 +838,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1678230755, - "narHash": "sha256-SFAXgNjNTXzcAideXcP0takfUGVft/VR5CACmYHg+Fc=", + "lastModified": 1678426640, + "narHash": "sha256-3Q4KN0XAXQT7YE3A8n3LzLtRNUCo0U++W3gl+5NhKHs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a7cc81913bb3cd1ef05ed0ece048b773e1839e51", + "rev": "824f886682fc893e6dbf27114e5001ebf2770ea1", "type": "github" }, "original": { @@ -886,11 +886,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1678380223, - "narHash": "sha256-HUxnK38iqrX84QdQxbFcosRKV3/koj1Zzp5b5aP4lIo=", + "lastModified": 1678470307, + "narHash": "sha256-OEeMUr3ueLIXyW/OaFUX5jUdimyQwMg/7e+/Q0gC/QE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "1e2590679d0ed2cee2736e8b80373178d085d263", + "rev": "0c4800d579af4ed98ecc47d464a5e7b0870c4b1f", "type": "github" }, "original": { @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1678449652, - "narHash": "sha256-w+FEY8L/uO/koWwahBAoDTmCO0qIOHJ71qpSe+ED8bk=", + "lastModified": 1678490751, + "narHash": "sha256-emDSiyDv0iE4glxRYtN/0CAUAkO45gd1c5UihdrI76A=", "owner": "pta2002", "repo": "nixvim", - "rev": "0bd07ee0914361bc4a729b92c0bfc4ecf97ce7e7", + "rev": "8b21fd587287ae145758c9d133900fcf8e32ec35", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678453582, - "narHash": "sha256-vWrJPneFZeTjWOXNoz40uXwNysRtBSYi4vkeS1Qa70M=", + "lastModified": 1678524445, + "narHash": "sha256-uAqfGBPTexxdB09jSwzXFHL+gZldpmrq6UirAa3G/n0=", "owner": "nix-community", "repo": "NUR", - "rev": "4a89c27a86e8abb86e2b8043a62738f3bf6b4e88", + "rev": "a2e4e85699daa4bf68c3412d30a8cb855b018de8", "type": "github" }, "original": { -- 2.47.1 From bfbb68d9787ed76aa7f3712e8bf5a81ab449d35d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Mar 2023 13:01:58 +0000 Subject: [PATCH 1190/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index aeba7595..d5adb630 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678524445, - "narHash": "sha256-uAqfGBPTexxdB09jSwzXFHL+gZldpmrq6UirAa3G/n0=", + "lastModified": 1678539242, + "narHash": "sha256-QXAKpK50+ATIPJmZjigD2+2JQWxLhqsuqD68vx96FRo=", "owner": "nix-community", "repo": "NUR", - "rev": "a2e4e85699daa4bf68c3412d30a8cb855b018de8", + "rev": "4b214f249b0aa2d62b6153c1c3f3a2d95705cb57", "type": "github" }, "original": { -- 2.47.1 From fa0c9bb4599c971e4af1be5ce4e3a89623f3e052 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Mar 2023 16:00:25 +0000 Subject: [PATCH 1191/1882] chore(deps): update renovate/renovate docker tag to v35.1.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 0803d78c..08ee5de3 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.0.1 + image: renovate/renovate:35.1.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From ab1fdb84ee59d91a60eed14d53d4caa84215369f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Mar 2023 18:04:13 +0000 Subject: [PATCH 1192/1882] chore(deps): update renovate/renovate docker tag to v35.1.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 08ee5de3..dbd45207 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.1.1 + image: renovate/renovate:35.1.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 297bba3a27d7fe4611b97d768d73cc73423794a9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Mar 2023 19:02:04 +0000 Subject: [PATCH 1193/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index d5adb630..7dea5ca2 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678461549, - "narHash": "sha256-Jgk/xCc6oDm3Me/MAL7BoYF4Oaer9uJANZnFrDtvy64=", + "lastModified": 1678557514, + "narHash": "sha256-yNrik47cr8qPgl6zTMNJSfoC2zKZJaNUQAMWFYTajcE=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "253286669a115c4e63c3924eeec8391af2504c57", + "rev": "71ef1bde7e45f94ceaab925ae065f32f91510890", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678539242, - "narHash": "sha256-QXAKpK50+ATIPJmZjigD2+2JQWxLhqsuqD68vx96FRo=", + "lastModified": 1678560291, + "narHash": "sha256-LOSShfvjsQ2satsIXIYGTJmnTd4DMhxnvYIVhcHfVpA=", "owner": "nix-community", "repo": "NUR", - "rev": "4b214f249b0aa2d62b6153c1c3f3a2d95705cb57", + "rev": "9cf8b6ee00136cf39a3ec9af153e5ab980506664", "type": "github" }, "original": { -- 2.47.1 From e54a45b14a29928198e9f2770317af0976133f0e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Mar 2023 20:06:09 +0000 Subject: [PATCH 1194/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 7dea5ca2..91edf0ef 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678560291, - "narHash": "sha256-LOSShfvjsQ2satsIXIYGTJmnTd4DMhxnvYIVhcHfVpA=", + "lastModified": 1678563959, + "narHash": "sha256-u6i/iH28wsO4BCQoXiZWM65DVpxSCZF2gCYEusyagWk=", "owner": "nix-community", "repo": "NUR", - "rev": "9cf8b6ee00136cf39a3ec9af153e5ab980506664", + "rev": "e4bf8a939cfcbb21249f91cf923bb57cdb8febd4", "type": "github" }, "original": { -- 2.47.1 From 3be1ccea69b25fcfde165ab70dfaa40b5f4a5adf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Mar 2023 21:02:09 +0000 Subject: [PATCH 1195/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 91edf0ef..ec47a0f9 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678563959, - "narHash": "sha256-u6i/iH28wsO4BCQoXiZWM65DVpxSCZF2gCYEusyagWk=", + "lastModified": 1678565873, + "narHash": "sha256-bN2/lJ52A1bkNgu8ZPIQ6T2wjDWGa5ABqko1Flgi3Fs=", "owner": "nix-community", "repo": "NUR", - "rev": "e4bf8a939cfcbb21249f91cf923bb57cdb8febd4", + "rev": "ac1c05d68b2d3733845d3caafb272c15f2874653", "type": "github" }, "original": { -- 2.47.1 From e31c1c2edf754d0c43d5f774050dc97cb54f35a2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Mar 2023 22:02:38 +0000 Subject: [PATCH 1196/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index ec47a0f9..a0522a25 100644 --- a/flake.lock +++ b/flake.lock @@ -838,11 +838,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1678426640, - "narHash": "sha256-3Q4KN0XAXQT7YE3A8n3LzLtRNUCo0U++W3gl+5NhKHs=", + "lastModified": 1678500271, + "narHash": "sha256-tRBLElf6f02HJGG0ZR7znMNFv/Uf7b2fFInpTHiHaSE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "824f886682fc893e6dbf27114e5001ebf2770ea1", + "rev": "5eb98948b66de29f899c7fe27ae112a47964baf8", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678565873, - "narHash": "sha256-bN2/lJ52A1bkNgu8ZPIQ6T2wjDWGa5ABqko1Flgi3Fs=", + "lastModified": 1678571075, + "narHash": "sha256-yn0XtyO8XnwlrhGkyjh/YbiGujziAnS4l95c4mtgGaU=", "owner": "nix-community", "repo": "NUR", - "rev": "ac1c05d68b2d3733845d3caafb272c15f2874653", + "rev": "096501a4c824eecc398014e1190ecc8656913a9a", "type": "github" }, "original": { -- 2.47.1 From b2199108157dfc47d6832564f7220aa4945681c1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 11 Mar 2023 23:02:51 +0000 Subject: [PATCH 1197/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index a0522a25..9288226e 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1678464939, - "narHash": "sha256-pRMlwOUkO1OwSi7qF6XR/zcocWy/ZYxXgbYWvnZQO9k=", + "lastModified": 1678571066, + "narHash": "sha256-MrlMr2A3tK1MY/JUGWMVzMwois8+mHWXm/1yYdwQSIc=", "owner": "nix-community", "repo": "home-manager", - "rev": "7224d7c54c5fc74cdf60b208af6148ed3295aa32", + "rev": "bf5712c5865e543fb3f4796511d4cf51efd841b1", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678571075, - "narHash": "sha256-yn0XtyO8XnwlrhGkyjh/YbiGujziAnS4l95c4mtgGaU=", + "lastModified": 1678574681, + "narHash": "sha256-xShkBGlMbzhBl75DO2i8d86Tlq/XVlZB/9v+sUcRDk4=", "owner": "nix-community", "repo": "NUR", - "rev": "096501a4c824eecc398014e1190ecc8656913a9a", + "rev": "5803ff2897e1aba0a68e904bed58d4e3c44df724", "type": "github" }, "original": { -- 2.47.1 From 363edab540e82231bc8071eb44f21c2279b60eb9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Mar 2023 00:02:51 +0000 Subject: [PATCH 1198/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 9288226e..496fa1bd 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678574681, - "narHash": "sha256-xShkBGlMbzhBl75DO2i8d86Tlq/XVlZB/9v+sUcRDk4=", + "lastModified": 1678578362, + "narHash": "sha256-gZJYUaV8rezZvx4P2ZtDADPVuo2wTTSUR/g2tqEPryc=", "owner": "nix-community", "repo": "NUR", - "rev": "5803ff2897e1aba0a68e904bed58d4e3c44df724", + "rev": "7c751d503210b24007847b4f695960c041da5eb7", "type": "github" }, "original": { -- 2.47.1 From e77f5b6e3c37f8216c1c3b79f14d3a71a28c665a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Mar 2023 02:02:21 +0000 Subject: [PATCH 1199/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 496fa1bd..0170afa6 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678578362, - "narHash": "sha256-gZJYUaV8rezZvx4P2ZtDADPVuo2wTTSUR/g2tqEPryc=", + "lastModified": 1678586531, + "narHash": "sha256-T+4ckpHjFfE6eXSnVfDcJZprFHBfFNp0ipm1HxReLK8=", "owner": "nix-community", "repo": "NUR", - "rev": "7c751d503210b24007847b4f695960c041da5eb7", + "rev": "9ead164c86d839f46edb47e87127392b79ebde46", "type": "github" }, "original": { -- 2.47.1 From 4082065557421f82b7f4476781c24e53c0fbae1f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Mar 2023 04:02:11 +0000 Subject: [PATCH 1200/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 0170afa6..bcd1f38d 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678586531, - "narHash": "sha256-T+4ckpHjFfE6eXSnVfDcJZprFHBfFNp0ipm1HxReLK8=", + "lastModified": 1678592726, + "narHash": "sha256-YWppO4olOGJPWA2KzyQlSjafkqowEspvxEyTlaviKAM=", "owner": "nix-community", "repo": "NUR", - "rev": "9ead164c86d839f46edb47e87127392b79ebde46", + "rev": "138ac1cb0fc01abab8706796f377fc771b2e0a64", "type": "github" }, "original": { -- 2.47.1 From 3be44da18bddea49dd0b717efd6b97cc0cc2146e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Mar 2023 06:02:15 +0000 Subject: [PATCH 1201/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index bcd1f38d..ecc3e145 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678592726, - "narHash": "sha256-YWppO4olOGJPWA2KzyQlSjafkqowEspvxEyTlaviKAM=", + "lastModified": 1678599757, + "narHash": "sha256-Y7s5WSeCMaPe3x3lgtLHX6XnaiBN+6z5wn84C5X8f80=", "owner": "nix-community", "repo": "NUR", - "rev": "138ac1cb0fc01abab8706796f377fc771b2e0a64", + "rev": "0932cdb20c3846e1adf2f45610aeb42ae12293ce", "type": "github" }, "original": { -- 2.47.1 From 41ba54cad2aa7355346f4387bdd8f562c46eb4a5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Mar 2023 10:02:12 +0000 Subject: [PATCH 1202/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index ecc3e145..dbaa8acf 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678599757, - "narHash": "sha256-Y7s5WSeCMaPe3x3lgtLHX6XnaiBN+6z5wn84C5X8f80=", + "lastModified": 1678614282, + "narHash": "sha256-xOdcIyqjSabQu16+kRDaetbRI2U9+HUhf2pbMIT9NZs=", "owner": "nix-community", "repo": "NUR", - "rev": "0932cdb20c3846e1adf2f45610aeb42ae12293ce", + "rev": "e1452cb657eafdcc699c30bd85383f2488de8eb9", "type": "github" }, "original": { -- 2.47.1 From db2fecf0e523b06f604c9376b5f4ee70b5faa146 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Mar 2023 11:02:54 +0000 Subject: [PATCH 1203/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index dbaa8acf..bff6943e 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1678490751, - "narHash": "sha256-emDSiyDv0iE4glxRYtN/0CAUAkO45gd1c5UihdrI76A=", + "lastModified": 1678618181, + "narHash": "sha256-qCQfc4tmaJfS3PhX4VK5ETze7kHl02a+s57mDhdpHnw=", "owner": "pta2002", "repo": "nixvim", - "rev": "8b21fd587287ae145758c9d133900fcf8e32ec35", + "rev": "933c87c282b83f2f850145491665f91e4ebcce42", "type": "github" }, "original": { -- 2.47.1 From ac4bbb7ca391f76a47dbe848e4eb0e30040c6092 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Mar 2023 14:02:09 +0000 Subject: [PATCH 1204/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index bff6943e..a051cf3f 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678557514, - "narHash": "sha256-yNrik47cr8qPgl6zTMNJSfoC2zKZJaNUQAMWFYTajcE=", + "lastModified": 1678628798, + "narHash": "sha256-AQZK2/OmY+Vf+hnDkIJ/oqjCiEhCTHlTo2f1IhSYXFw=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "71ef1bde7e45f94ceaab925ae065f32f91510890", + "rev": "146d231ec5ea9059a64e34caeba06e790991e81a", "type": "github" }, "original": { -- 2.47.1 From ca7e61e02eff526fc0fbdff9633b885d7a9fe3d8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Mar 2023 16:02:08 +0000 Subject: [PATCH 1205/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index a051cf3f..4f98a395 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678614282, - "narHash": "sha256-xOdcIyqjSabQu16+kRDaetbRI2U9+HUhf2pbMIT9NZs=", + "lastModified": 1678635877, + "narHash": "sha256-bTOpuonfyP6Limkulowx5uBvVRuEg5AOhM/bWkpe0cI=", "owner": "nix-community", "repo": "NUR", - "rev": "e1452cb657eafdcc699c30bd85383f2488de8eb9", + "rev": "f50ccb61b35aba2b0ca881c0b3937ccf60647f15", "type": "github" }, "original": { -- 2.47.1 From 1c2deb9bd14da3fe692c486bc3abb1548d77ff58 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Mar 2023 17:00:41 +0000 Subject: [PATCH 1206/1882] chore(deps): update renovate/renovate docker tag to v35.2.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index dbd45207..f7ac6430 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.1.2 + image: renovate/renovate:35.2.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From dfcb6a16769a7c3a6002ff09a7158f0f435be079 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Mar 2023 18:03:13 +0000 Subject: [PATCH 1207/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 4f98a395..7fdd6140 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1678618181, - "narHash": "sha256-qCQfc4tmaJfS3PhX4VK5ETze7kHl02a+s57mDhdpHnw=", + "lastModified": 1678643522, + "narHash": "sha256-EqjTC78DwKNItqrW8ZnMVwq9Vp2VaxQl0Xs6PFAHOBw=", "owner": "pta2002", "repo": "nixvim", - "rev": "933c87c282b83f2f850145491665f91e4ebcce42", + "rev": "bfbe737aa3f191b551890c2a3d54104c71f27b71", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678635877, - "narHash": "sha256-bTOpuonfyP6Limkulowx5uBvVRuEg5AOhM/bWkpe0cI=", + "lastModified": 1678639699, + "narHash": "sha256-vqIvVYl8miXpoXX+TGNwys0uHmafp3rayooEpkAtHh8=", "owner": "nix-community", "repo": "NUR", - "rev": "f50ccb61b35aba2b0ca881c0b3937ccf60647f15", + "rev": "f2de79168531c21e0c457fe5d0cf42e046b3b995", "type": "github" }, "original": { -- 2.47.1 From 82efe1062352063c38b740d352b34a39d0a97462 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Mar 2023 19:05:56 +0000 Subject: [PATCH 1208/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 7fdd6140..b1c6bc23 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678639699, - "narHash": "sha256-vqIvVYl8miXpoXX+TGNwys0uHmafp3rayooEpkAtHh8=", + "lastModified": 1678645498, + "narHash": "sha256-YZt1Gcj1qpC405bs3dT6EZ7n8HHiA9skZ7yEhDunJpQ=", "owner": "nix-community", "repo": "NUR", - "rev": "f2de79168531c21e0c457fe5d0cf42e046b3b995", + "rev": "b53da717aab1283d3ad9e0530a1ae54c75bd2cd1", "type": "github" }, "original": { -- 2.47.1 From c05946d68843ebe4de472c108811294c9fb6a908 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Mar 2023 20:02:28 +0000 Subject: [PATCH 1209/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b1c6bc23..5cc5d7ad 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678645498, - "narHash": "sha256-YZt1Gcj1qpC405bs3dT6EZ7n8HHiA9skZ7yEhDunJpQ=", + "lastModified": 1678650360, + "narHash": "sha256-AllNURmGG6MdkPF9IhFuvEbOU7H8b0JXo/HYNplTH7c=", "owner": "nix-community", "repo": "NUR", - "rev": "b53da717aab1283d3ad9e0530a1ae54c75bd2cd1", + "rev": "84c505c572229efd75f9a13b86198cf733f9a96e", "type": "github" }, "original": { -- 2.47.1 From 419f212ccdfb4933f56dbd294db74b632830673d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Mar 2023 22:02:18 +0000 Subject: [PATCH 1210/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 5cc5d7ad..9295c596 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1678643522, - "narHash": "sha256-EqjTC78DwKNItqrW8ZnMVwq9Vp2VaxQl0Xs6PFAHOBw=", + "lastModified": 1678656692, + "narHash": "sha256-My7W6SdTTDyLSEgltHefSfjNFWkAMLPCYLCxEaM+9/I=", "owner": "pta2002", "repo": "nixvim", - "rev": "bfbe737aa3f191b551890c2a3d54104c71f27b71", + "rev": "c34c941c8fee09baa1a3c1bfb085a3c9637f5e93", "type": "github" }, "original": { -- 2.47.1 From 5db5d9983b4e7959262c08742c9b62cd683e73b8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 00:02:12 +0000 Subject: [PATCH 1211/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 9295c596..e5b69c6d 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1678571066, - "narHash": "sha256-MrlMr2A3tK1MY/JUGWMVzMwois8+mHWXm/1yYdwQSIc=", + "lastModified": 1678662458, + "narHash": "sha256-BW+C3Pln6LVrGMVEN2Py0cY+a+VEEddhW86cNj8GB3E=", "owner": "nix-community", "repo": "home-manager", - "rev": "bf5712c5865e543fb3f4796511d4cf51efd841b1", + "rev": "46f637bd801b4d6d2afa06e13b6776e9fbfb0a79", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678650360, - "narHash": "sha256-AllNURmGG6MdkPF9IhFuvEbOU7H8b0JXo/HYNplTH7c=", + "lastModified": 1678663679, + "narHash": "sha256-Iexny5c2UpK1MgpeNERJaNbyYwT5TieqJudEP8m33jI=", "owner": "nix-community", "repo": "NUR", - "rev": "84c505c572229efd75f9a13b86198cf733f9a96e", + "rev": "52d74af602d7c5ef92ac3a4a8e9658cc6e4beb66", "type": "github" }, "original": { -- 2.47.1 From 501989a3ee6dfddbfb0203b55aaa923e13f20bae Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 01:03:11 +0000 Subject: [PATCH 1212/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index e5b69c6d..f290a24b 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678628798, - "narHash": "sha256-AQZK2/OmY+Vf+hnDkIJ/oqjCiEhCTHlTo2f1IhSYXFw=", + "lastModified": 1678668477, + "narHash": "sha256-zApIOG7WgJ/N0LbuW/eE969hGd5f5kEC6relRN4Brtk=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "146d231ec5ea9059a64e34caeba06e790991e81a", + "rev": "bcd8fe9573c1a15c50bb0bebd839b06bac52da93", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678663679, - "narHash": "sha256-Iexny5c2UpK1MgpeNERJaNbyYwT5TieqJudEP8m33jI=", + "lastModified": 1678668976, + "narHash": "sha256-SMS7Z1ddVTFbHqazruqtK5000rYk53s0RxatZiwi33c=", "owner": "nix-community", "repo": "NUR", - "rev": "52d74af602d7c5ef92ac3a4a8e9658cc6e4beb66", + "rev": "d39f90fc61640efe73cbfba7af658e71e49e337b", "type": "github" }, "original": { -- 2.47.1 From 329daaf0a50d45c860cb7ae9e03c4735d8c7e9bd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 02:02:58 +0000 Subject: [PATCH 1213/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index f290a24b..aafb1bf5 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678668477, - "narHash": "sha256-zApIOG7WgJ/N0LbuW/eE969hGd5f5kEC6relRN4Brtk=", + "lastModified": 1678669625, + "narHash": "sha256-xf8yX72QeotdFpM2Mu8s5/ZtYYM+dzfnH7FrEI6UGNI=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "bcd8fe9573c1a15c50bb0bebd839b06bac52da93", + "rev": "17deeb07ad4ce1b34bfe22524f9b248c5c6e01e6", "type": "github" }, "original": { -- 2.47.1 From c7ce547a683495da5d548fba23b97a424b1463d9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 05:01:47 +0000 Subject: [PATCH 1214/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index aafb1bf5..50021786 100644 --- a/flake.lock +++ b/flake.lock @@ -838,11 +838,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1678500271, - "narHash": "sha256-tRBLElf6f02HJGG0ZR7znMNFv/Uf7b2fFInpTHiHaSE=", + "lastModified": 1678614274, + "narHash": "sha256-kK9l45n9cQ4mEQeT4NvJ+pK2nwsHhfZGUyRgzI+XFOw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5eb98948b66de29f899c7fe27ae112a47964baf8", + "rev": "970402e6147c49603f4d06defe44d27fe51884ce", "type": "github" }, "original": { -- 2.47.1 From 15b2461289a5c0303f0924e96f7a4f6645fa3e61 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 06:02:38 +0000 Subject: [PATCH 1215/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 50021786..6618843c 100644 --- a/flake.lock +++ b/flake.lock @@ -886,11 +886,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1678470307, - "narHash": "sha256-OEeMUr3ueLIXyW/OaFUX5jUdimyQwMg/7e+/Q0gC/QE=", + "lastModified": 1678563391, + "narHash": "sha256-fGSVN8pdE8ACraNsbsx1UVL7Jl7Huhz4N+0udFT35XU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0c4800d579af4ed98ecc47d464a5e7b0870c4b1f", + "rev": "1e3bac17a6c67dcbef9908bc2977e9449ef499a5", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678668976, - "narHash": "sha256-SMS7Z1ddVTFbHqazruqtK5000rYk53s0RxatZiwi33c=", + "lastModified": 1678686147, + "narHash": "sha256-CffWcdfUx5F44CUpFat/MGZ0vZGin7lRAtUlyh70vbs=", "owner": "nix-community", "repo": "NUR", - "rev": "d39f90fc61640efe73cbfba7af658e71e49e337b", + "rev": "34d1971361ad5c8644d40e8530469677d4b0f8b8", "type": "github" }, "original": { -- 2.47.1 From 600a2de90ff440b0f2cd953a33c004d2dbaa565c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 07:03:00 +0000 Subject: [PATCH 1216/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 6618843c..46037a29 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678686147, - "narHash": "sha256-CffWcdfUx5F44CUpFat/MGZ0vZGin7lRAtUlyh70vbs=", + "lastModified": 1678689976, + "narHash": "sha256-vO/pwqWbMn3p3NcSPyyXnLzVbj1AVOl7jOdJYIEuuXE=", "owner": "nix-community", "repo": "NUR", - "rev": "34d1971361ad5c8644d40e8530469677d4b0f8b8", + "rev": "72574fad001b66cbada4dbf7f7a36f95974e1787", "type": "github" }, "original": { -- 2.47.1 From bc4b9dd56b8f3dcd673dc45c08151f449fa759fd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 08:02:54 +0000 Subject: [PATCH 1217/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 46037a29..571cf21e 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678689976, - "narHash": "sha256-vO/pwqWbMn3p3NcSPyyXnLzVbj1AVOl7jOdJYIEuuXE=", + "lastModified": 1678694428, + "narHash": "sha256-P6EimAgsZCLhCio57pJBqHMLyzi+cf9Ss4vDhSgGD4A=", "owner": "nix-community", "repo": "NUR", - "rev": "72574fad001b66cbada4dbf7f7a36f95974e1787", + "rev": "dd0cc2ebaff719aa357e827e29d5d092539ae399", "type": "github" }, "original": { -- 2.47.1 From e9b80dcc1406431980751b3a5d639e8a34623e26 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 09:02:39 +0000 Subject: [PATCH 1218/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 571cf21e..2c638012 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678694428, - "narHash": "sha256-P6EimAgsZCLhCio57pJBqHMLyzi+cf9Ss4vDhSgGD4A=", + "lastModified": 1678697323, + "narHash": "sha256-L3klWJ6uEBhqs5lFEdl96uHkaZ4MR9xqwYbL+bbzaOw=", "owner": "nix-community", "repo": "NUR", - "rev": "dd0cc2ebaff719aa357e827e29d5d092539ae399", + "rev": "beae5baaedf67071e40550296d127a34c27cc79b", "type": "github" }, "original": { -- 2.47.1 From 67ea942649e13f3cf16f9371fec3daf5f4633d21 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 10:02:56 +0000 Subject: [PATCH 1219/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 2c638012..e1fdad8d 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1678656692, - "narHash": "sha256-My7W6SdTTDyLSEgltHefSfjNFWkAMLPCYLCxEaM+9/I=", + "lastModified": 1678701483, + "narHash": "sha256-RLIsp/nChcsUHsmGxolaHQupQI174AsVLwhDSlqVNDw=", "owner": "pta2002", "repo": "nixvim", - "rev": "c34c941c8fee09baa1a3c1bfb085a3c9637f5e93", + "rev": "1ac27edf2ea2fd8a04a070e7305f892ec713d2ec", "type": "github" }, "original": { -- 2.47.1 From 2a66953edec96c45b205a7e179163fbc06f00bcf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 11:00:39 +0000 Subject: [PATCH 1220/1882] chore(deps): update dependency fluxcd/flux2 to v0.41.1 --- .../base/flux-system/gotk-components.yaml | 64 +++++++++---------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/flux/olympus/base/flux-system/gotk-components.yaml b/flux/olympus/base/flux-system/gotk-components.yaml index c5bd1c9f..f7b119d0 100644 --- a/flux/olympus/base/flux-system/gotk-components.yaml +++ b/flux/olympus/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.41.0 +# Flux Version: v0.41.1 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -23,7 +23,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -443,7 +443,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -962,7 +962,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1757,7 +1757,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2355,7 +2355,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -3240,7 +3240,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3747,7 +3747,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -4874,7 +4874,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: ocirepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -5238,7 +5238,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5644,7 +5644,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6085,7 +6085,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: helm-controller namespace: flux-system --- @@ -6096,7 +6096,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: kustomize-controller namespace: flux-system --- @@ -6107,7 +6107,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: notification-controller namespace: flux-system --- @@ -6118,7 +6118,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: source-controller namespace: flux-system --- @@ -6128,7 +6128,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: crd-controller-flux-system rules: - apiGroups: @@ -6218,7 +6218,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" name: flux-edit-flux-system @@ -6244,7 +6244,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-view: "true" @@ -6269,7 +6269,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -6289,7 +6289,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -6322,7 +6322,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 control-plane: controller name: notification-controller namespace: flux-system @@ -6343,7 +6343,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 control-plane: controller name: source-controller namespace: flux-system @@ -6364,7 +6364,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 control-plane: controller name: webhook-receiver namespace: flux-system @@ -6385,7 +6385,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 control-plane: controller name: helm-controller namespace: flux-system @@ -6414,7 +6414,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.31.0 + image: ghcr.io/fluxcd/helm-controller:v0.31.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6468,7 +6468,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 control-plane: controller name: kustomize-controller namespace: flux-system @@ -6551,7 +6551,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 control-plane: controller name: notification-controller namespace: flux-system @@ -6639,7 +6639,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 control-plane: controller name: source-controller namespace: flux-system @@ -6734,7 +6734,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: allow-egress namespace: flux-system spec: @@ -6754,7 +6754,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: allow-scraping namespace: flux-system spec: @@ -6774,7 +6774,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.0 + app.kubernetes.io/version: v0.41.1 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From d77863488c1dd80ba589540283838e1b9eb31312 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 12:02:16 +0000 Subject: [PATCH 1221/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index e1fdad8d..da52eae9 100644 --- a/flake.lock +++ b/flake.lock @@ -886,11 +886,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1678563391, - "narHash": "sha256-fGSVN8pdE8ACraNsbsx1UVL7Jl7Huhz4N+0udFT35XU=", + "lastModified": 1678654296, + "narHash": "sha256-aVfw3ThpY7vkUeF1rFy10NAkpKDS2imj3IakrzT0Occ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "1e3bac17a6c67dcbef9908bc2977e9449ef499a5", + "rev": "5a1dc8acd977ff3dccd1328b7c4a6995429a656b", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678697323, - "narHash": "sha256-L3klWJ6uEBhqs5lFEdl96uHkaZ4MR9xqwYbL+bbzaOw=", + "lastModified": 1678707893, + "narHash": "sha256-wKTPF4T+IQ2gvrixMHrmNuMRvTCp7gtkheNtW5L99/s=", "owner": "nix-community", "repo": "NUR", - "rev": "beae5baaedf67071e40550296d127a34c27cc79b", + "rev": "fc56d9e66fe42905d1993f5740051598923c9cfe", "type": "github" }, "original": { -- 2.47.1 From 771232273c3af5d1104f8f3e93e7d27c9d1852bf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 13:02:29 +0000 Subject: [PATCH 1222/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index da52eae9..a749f69e 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678707893, - "narHash": "sha256-wKTPF4T+IQ2gvrixMHrmNuMRvTCp7gtkheNtW5L99/s=", + "lastModified": 1678711503, + "narHash": "sha256-h/n95fkgagDHNZ8LgWnU5S/pZDKRFQ43DtZBD4sPlXI=", "owner": "nix-community", "repo": "NUR", - "rev": "fc56d9e66fe42905d1993f5740051598923c9cfe", + "rev": "d5ea267b46ed47fc442a4f895d5c6ab97127a044", "type": "github" }, "original": { -- 2.47.1 From 711cfebcd29888b2823f6c3bca1de89b27f3b1bc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 14:00:37 +0000 Subject: [PATCH 1223/1882] chore(deps): update renovate/renovate docker tag to v35.2.3 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index f7ac6430..5cd72c8e 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.2.0 + image: renovate/renovate:35.2.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From bfcd6ce336872402b448227be393424adf238011 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 15:02:32 +0000 Subject: [PATCH 1224/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index a749f69e..1b50f631 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1678662458, - "narHash": "sha256-BW+C3Pln6LVrGMVEN2Py0cY+a+VEEddhW86cNj8GB3E=", + "lastModified": 1678714646, + "narHash": "sha256-L7u4ua/p3cTptqlTVwT1OaQMGkexULjQhKmUxRUYmMQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "46f637bd801b4d6d2afa06e13b6776e9fbfb0a79", + "rev": "7fe539dfbba8a158a455b54697d1bd7e97b37c60", "type": "github" }, "original": { @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1678701483, - "narHash": "sha256-RLIsp/nChcsUHsmGxolaHQupQI174AsVLwhDSlqVNDw=", + "lastModified": 1678719270, + "narHash": "sha256-NJ5Dpa7wXoUwVQtV87l2+4B/Borr1vuXEaQzA5VE0ac=", "owner": "pta2002", "repo": "nixvim", - "rev": "1ac27edf2ea2fd8a04a070e7305f892ec713d2ec", + "rev": "32d79dee7a927b72631d7669c0f66339dd2c3389", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678711503, - "narHash": "sha256-h/n95fkgagDHNZ8LgWnU5S/pZDKRFQ43DtZBD4sPlXI=", + "lastModified": 1678718021, + "narHash": "sha256-raLAKD3iFPvlwZdVc+Yvcyg/nj4ThFS7WyR4rsOL1yc=", "owner": "nix-community", "repo": "NUR", - "rev": "d5ea267b46ed47fc442a4f895d5c6ab97127a044", + "rev": "9a348993359741c561bcaadce759a92d293b7999", "type": "github" }, "original": { -- 2.47.1 From 27c581545bfb216c6d9c58d3030c1e5cc44b3924 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 16:06:56 +0000 Subject: [PATCH 1225/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 1b50f631..e0558871 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678669625, - "narHash": "sha256-xf8yX72QeotdFpM2Mu8s5/ZtYYM+dzfnH7FrEI6UGNI=", + "lastModified": 1678720765, + "narHash": "sha256-Zd+k8e3qm0RcSRSCOFqjw3G3el87zjpMJavwkZHrQ8Y=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "17deeb07ad4ce1b34bfe22524f9b248c5c6e01e6", + "rev": "e749af7b60386f4ff414ef3e2e804523046e46a9", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678718021, - "narHash": "sha256-raLAKD3iFPvlwZdVc+Yvcyg/nj4ThFS7WyR4rsOL1yc=", + "lastModified": 1678722342, + "narHash": "sha256-ina7rwgUjqAQpU77k7uVogv8P65g6OfQz26AR3KiHS0=", "owner": "nix-community", "repo": "NUR", - "rev": "9a348993359741c561bcaadce759a92d293b7999", + "rev": "886cfdf62dfdd8eb4a7eccf26bc1ae6c392695af", "type": "github" }, "original": { -- 2.47.1 From 7fef3af6a0e450eaf3b54a2c93b44e3f3798bedd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 17:02:30 +0000 Subject: [PATCH 1226/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index e0558871..ed631dfd 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678722342, - "narHash": "sha256-ina7rwgUjqAQpU77k7uVogv8P65g6OfQz26AR3KiHS0=", + "lastModified": 1678725615, + "narHash": "sha256-2k0hh1KlOZj+3QQEsq/Yg37hZJHURerk4kUpgYROWWY=", "owner": "nix-community", "repo": "NUR", - "rev": "886cfdf62dfdd8eb4a7eccf26bc1ae6c392695af", + "rev": "09b0bacba18c9ad3d7b2a8337aa84a8ef1f6327e", "type": "github" }, "original": { -- 2.47.1 From 0a86d0afc701f248484b64a0a8204f242f427598 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 18:02:23 +0000 Subject: [PATCH 1227/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index ed631dfd..9df19429 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1678714646, - "narHash": "sha256-L7u4ua/p3cTptqlTVwT1OaQMGkexULjQhKmUxRUYmMQ=", + "lastModified": 1678729503, + "narHash": "sha256-j+h4Bdqbe+qjzhxdhkRmVgSx2lxJ8HnKeYcAhhnd1zM=", "owner": "nix-community", "repo": "home-manager", - "rev": "7fe539dfbba8a158a455b54697d1bd7e97b37c60", + "rev": "24c1a6335e3da6a3ecf82f33ac50c2ad66aee346", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678725615, - "narHash": "sha256-2k0hh1KlOZj+3QQEsq/Yg37hZJHURerk4kUpgYROWWY=", + "lastModified": 1678730199, + "narHash": "sha256-yMiW6y2JZYrE180JFUWP77WebcsRS8DZbvfvN0n/mP4=", "owner": "nix-community", "repo": "NUR", - "rev": "09b0bacba18c9ad3d7b2a8337aa84a8ef1f6327e", + "rev": "20de8d02be738e389a1daf6c324d60d947e053ad", "type": "github" }, "original": { -- 2.47.1 From 1d12468f96b567738050e2506a5b3d3c08a9e8f5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 20:01:42 +0000 Subject: [PATCH 1228/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 9df19429..059eed1f 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678730199, - "narHash": "sha256-yMiW6y2JZYrE180JFUWP77WebcsRS8DZbvfvN0n/mP4=", + "lastModified": 1678736733, + "narHash": "sha256-XMqRLhFTgtn/QLRXWE1J/ESGJJbnxSlqEL3ThvSHDX8=", "owner": "nix-community", "repo": "NUR", - "rev": "20de8d02be738e389a1daf6c324d60d947e053ad", + "rev": "cfef6b0e312480d27fd2624a34e71dd6d3cff116", "type": "github" }, "original": { -- 2.47.1 From de27c367514320e89d71f4620716503b28bbde84 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 22:01:47 +0000 Subject: [PATCH 1229/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 059eed1f..0282cce8 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678736733, - "narHash": "sha256-XMqRLhFTgtn/QLRXWE1J/ESGJJbnxSlqEL3ThvSHDX8=", + "lastModified": 1678743978, + "narHash": "sha256-QArjB2jEIRS9WBXOwiAY0bxHiyOUjHn3e6sHsafgYpc=", "owner": "nix-community", "repo": "NUR", - "rev": "cfef6b0e312480d27fd2624a34e71dd6d3cff116", + "rev": "9749500551ff4ae2699fd23bba8ff0c1d5044f7f", "type": "github" }, "original": { -- 2.47.1 From b26a5039774a7677ec29cb1847c47580b0b64621 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Mar 2023 23:02:31 +0000 Subject: [PATCH 1230/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 0282cce8..9ed6633b 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678743978, - "narHash": "sha256-QArjB2jEIRS9WBXOwiAY0bxHiyOUjHn3e6sHsafgYpc=", + "lastModified": 1678747509, + "narHash": "sha256-ER2cs/M5aF06p9xu6ffu3k4Rjv6Gcw5GXCBDotgJY1U=", "owner": "nix-community", "repo": "NUR", - "rev": "9749500551ff4ae2699fd23bba8ff0c1d5044f7f", + "rev": "c4ffafad9e5d93da0bdb7c10fa2b6986c7341a00", "type": "github" }, "original": { -- 2.47.1 From 8dbcc8809dd4b6bc0c8a6a5c9b595cdc3505cfb0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 00:02:37 +0000 Subject: [PATCH 1231/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 9ed6633b..fac17f51 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678747509, - "narHash": "sha256-ER2cs/M5aF06p9xu6ffu3k4Rjv6Gcw5GXCBDotgJY1U=", + "lastModified": 1678751087, + "narHash": "sha256-ASZTEN362ZaTOFX+7GhuvLZScG7aI/czI1M5a8EXBEI=", "owner": "nix-community", "repo": "NUR", - "rev": "c4ffafad9e5d93da0bdb7c10fa2b6986c7341a00", + "rev": "39b443e2040ba9a18356c5a89c3f3295b3da230d", "type": "github" }, "original": { -- 2.47.1 From 88e6c149c171d9eea573ac61095c48422a6c03d8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 02:01:50 +0000 Subject: [PATCH 1232/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index fac17f51..aa3e8e30 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678751087, - "narHash": "sha256-ASZTEN362ZaTOFX+7GhuvLZScG7aI/czI1M5a8EXBEI=", + "lastModified": 1678758709, + "narHash": "sha256-sZ5YQ8QXU7RPvpHhMFxLRvYgvxYrz90eODuIEYEQSIg=", "owner": "nix-community", "repo": "NUR", - "rev": "39b443e2040ba9a18356c5a89c3f3295b3da230d", + "rev": "20c8c6b85d60f6ea5b80e13337154ca8ead261ed", "type": "github" }, "original": { -- 2.47.1 From 69e52e1bec87a44dda7a45f3dbc89dd076c86202 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 03:00:34 +0000 Subject: [PATCH 1233/1882] chore(deps): update renovate/renovate docker tag to v35.2.4 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 5cd72c8e..a1c4c546 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.2.3 + image: renovate/renovate:35.2.4 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From f8f23d14c7bbde6a96750a9983077054583cd67c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 04:02:33 +0000 Subject: [PATCH 1234/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index aa3e8e30..489fb2ec 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678758709, - "narHash": "sha256-sZ5YQ8QXU7RPvpHhMFxLRvYgvxYrz90eODuIEYEQSIg=", + "lastModified": 1678766195, + "narHash": "sha256-etWmhOV7YnIplTZUuwzu6OAM4KW+tNU2o8Bt4H28LSo=", "owner": "nix-community", "repo": "NUR", - "rev": "20c8c6b85d60f6ea5b80e13337154ca8ead261ed", + "rev": "afb990bba332b8f16de61d9e3e551b1fd55ea247", "type": "github" }, "original": { -- 2.47.1 From e4459735cd3e9ba6521ff82525892cb04c0e999e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 05:05:59 +0000 Subject: [PATCH 1235/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 489fb2ec..8325b809 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678766195, - "narHash": "sha256-etWmhOV7YnIplTZUuwzu6OAM4KW+tNU2o8Bt4H28LSo=", + "lastModified": 1678767121, + "narHash": "sha256-CgOA6QMo7qU1Ze5OL+wDYtineN2vDJnp4MiVjTeIoek=", "owner": "nix-community", "repo": "NUR", - "rev": "afb990bba332b8f16de61d9e3e551b1fd55ea247", + "rev": "a46f7074d9b138b24c8793a342d7ce9fd9d31f6b", "type": "github" }, "original": { -- 2.47.1 From 64d2822cd764b997c4e47b1668a5dd5bfbca77a0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 06:02:00 +0000 Subject: [PATCH 1236/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 8325b809..82a9b587 100644 --- a/flake.lock +++ b/flake.lock @@ -838,11 +838,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1678614274, - "narHash": "sha256-kK9l45n9cQ4mEQeT4NvJ+pK2nwsHhfZGUyRgzI+XFOw=", + "lastModified": 1678703398, + "narHash": "sha256-Y1mW3dBsoWLHpYm+UIHb5VZ7rx024NNHaF16oZBx++o=", "owner": "nixos", "repo": "nixpkgs", - "rev": "970402e6147c49603f4d06defe44d27fe51884ce", + "rev": "67f26c1cfc5d5783628231e776a81c1ade623e0b", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678767121, - "narHash": "sha256-CgOA6QMo7qU1Ze5OL+wDYtineN2vDJnp4MiVjTeIoek=", + "lastModified": 1678772564, + "narHash": "sha256-ALF3ir6y5hbNS25TWgc3iZinTF+/+4VZ06oHErZ2yZ8=", "owner": "nix-community", "repo": "NUR", - "rev": "a46f7074d9b138b24c8793a342d7ce9fd9d31f6b", + "rev": "f7ac7f6387896b142601deb1eb681e967f6b3d6e", "type": "github" }, "original": { -- 2.47.1 From 1660d6cb2b28e03d20a0e44b29ad7b635b00b0ca Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 07:02:17 +0000 Subject: [PATCH 1237/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 82a9b587..027ef130 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678772564, - "narHash": "sha256-ALF3ir6y5hbNS25TWgc3iZinTF+/+4VZ06oHErZ2yZ8=", + "lastModified": 1678774631, + "narHash": "sha256-3wvE3XuLMMRiAM+dw2Jo8mQalOjEjed/964k6BMnVY0=", "owner": "nix-community", "repo": "NUR", - "rev": "f7ac7f6387896b142601deb1eb681e967f6b3d6e", + "rev": "6f91e11756ee1f2fd70897a03479d72bbb6a3358", "type": "github" }, "original": { -- 2.47.1 From 21a3411c9375579e70152c26bdd65a004958d1fb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 09:00:24 +0000 Subject: [PATCH 1238/1882] chore(deps): update renovate/renovate docker tag to v35.4.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index a1c4c546..272b13f7 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.2.4 + image: renovate/renovate:35.4.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From e06be415bb27398988706c1cb047720df24c956e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 10:02:33 +0000 Subject: [PATCH 1239/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 027ef130..54e6c7fe 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678774631, - "narHash": "sha256-3wvE3XuLMMRiAM+dw2Jo8mQalOjEjed/964k6BMnVY0=", + "lastModified": 1678788009, + "narHash": "sha256-O9nMPCAly/lUJHqtz8IAa8sf4uuB/6arHDEyQoRXTyw=", "owner": "nix-community", "repo": "NUR", - "rev": "6f91e11756ee1f2fd70897a03479d72bbb6a3358", + "rev": "a93973a3dd17284678ad6691dd38246b6ea3bf4f", "type": "github" }, "original": { -- 2.47.1 From a382447111a2099fda400355917af4b2910e90ce Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 11:05:55 +0000 Subject: [PATCH 1240/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 54e6c7fe..01d75b6f 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1678719270, - "narHash": "sha256-NJ5Dpa7wXoUwVQtV87l2+4B/Borr1vuXEaQzA5VE0ac=", + "lastModified": 1678789845, + "narHash": "sha256-Ebf7iWw1+3g98kImEh2/R766Aeh9Jxh9ch7LNSoaWLg=", "owner": "pta2002", "repo": "nixvim", - "rev": "32d79dee7a927b72631d7669c0f66339dd2c3389", + "rev": "5a69dc471202a08e7a1eb539f63928a957549c82", "type": "github" }, "original": { -- 2.47.1 From b6c2cf3d447d6fde939e02c8d21c04b9f7e81dfb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 12:00:37 +0000 Subject: [PATCH 1241/1882] chore(deps): update renovate/renovate docker tag to v35.4.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 272b13f7..485acb2c 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.4.0 + image: renovate/renovate:35.4.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 0645f42d90549ba0d0463296082d0f76bcc1f011 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 13:02:26 +0000 Subject: [PATCH 1242/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 01d75b6f..f953681f 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678720765, - "narHash": "sha256-Zd+k8e3qm0RcSRSCOFqjw3G3el87zjpMJavwkZHrQ8Y=", + "lastModified": 1678798670, + "narHash": "sha256-xWXaWzPVDmM/YHfpFrHgXc0UQFuQToZR0uSCHoTuLzg=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "e749af7b60386f4ff414ef3e2e804523046e46a9", + "rev": "5dc1a5fec631ddd0136af28c901e8c962548d497", "type": "github" }, "original": { -- 2.47.1 From 92a75fb3d271ede76817617c95ceb4f9188f5642 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 14:05:28 +0000 Subject: [PATCH 1243/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index f953681f..c1c8de01 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678798670, - "narHash": "sha256-xWXaWzPVDmM/YHfpFrHgXc0UQFuQToZR0uSCHoTuLzg=", + "lastModified": 1678801868, + "narHash": "sha256-jbXNJUhDy97f3eamLXW9mdJqujr/AXfCY7ReIAOPMds=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "5dc1a5fec631ddd0136af28c901e8c962548d497", + "rev": "0807b8b95f595083a19bb5fe317d7242bcb26654", "type": "github" }, "original": { -- 2.47.1 From 6eb42e23b825a2758067e042f174d2551fee3292 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 15:02:11 +0000 Subject: [PATCH 1244/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index c1c8de01..fe72df2d 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678801868, - "narHash": "sha256-jbXNJUhDy97f3eamLXW9mdJqujr/AXfCY7ReIAOPMds=", + "lastModified": 1678804620, + "narHash": "sha256-aH8ozYYO5itWlKv7iL+eEO9qsALXOkZ1wpex3A+9jiA=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "0807b8b95f595083a19bb5fe317d7242bcb26654", + "rev": "f960f72785141639c2f68f05a27edbebeac2210f", "type": "github" }, "original": { @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1678789845, - "narHash": "sha256-Ebf7iWw1+3g98kImEh2/R766Aeh9Jxh9ch7LNSoaWLg=", + "lastModified": 1678803776, + "narHash": "sha256-26sF+Td9PK8MctWPcTbB/21TgqFEHc5RmVLFL7tVAw4=", "owner": "pta2002", "repo": "nixvim", - "rev": "5a69dc471202a08e7a1eb539f63928a957549c82", + "rev": "9d68949da7acb3321345e900c9f87cde8afd5abe", "type": "github" }, "original": { -- 2.47.1 From 1787cbf8eb4671e405b08dec6039e47a97726069 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 17:02:04 +0000 Subject: [PATCH 1245/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index fe72df2d..1afde3bb 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678804620, - "narHash": "sha256-aH8ozYYO5itWlKv7iL+eEO9qsALXOkZ1wpex3A+9jiA=", + "lastModified": 1678812399, + "narHash": "sha256-LS8Sqyq1F+pMCJDVYgY9eaGEaWfJhfdpmkNj31RoSoI=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "f960f72785141639c2f68f05a27edbebeac2210f", + "rev": "d63e8c8f45202f1189f78e6c5eaa7e23f7239712", "type": "github" }, "original": { -- 2.47.1 From 8c2e038545d7d2620642265a866fbcda52b841a9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 18:02:54 +0000 Subject: [PATCH 1246/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1afde3bb..d2c55b24 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678788009, - "narHash": "sha256-O9nMPCAly/lUJHqtz8IAa8sf4uuB/6arHDEyQoRXTyw=", + "lastModified": 1678816247, + "narHash": "sha256-Zz8+vqaAcuRxjJWG7zr2PrpEKQIxUVDbWlMBosOuxj8=", "owner": "nix-community", "repo": "NUR", - "rev": "a93973a3dd17284678ad6691dd38246b6ea3bf4f", + "rev": "4b8c2bae188553e8c5461e4824d732f86ec85a42", "type": "github" }, "original": { -- 2.47.1 From 9a92cc6dd34d8e13fa5b451f5eef37fad85d384e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 19:00:34 +0000 Subject: [PATCH 1247/1882] chore(deps): update renovate/renovate docker tag to v35.4.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 485acb2c..af7fa3ab 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.4.1 + image: renovate/renovate:35.4.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From e53421183d0faa887010f0afd785066821523c6a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 20:02:46 +0000 Subject: [PATCH 1248/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d2c55b24..21b69fc8 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678816247, - "narHash": "sha256-Zz8+vqaAcuRxjJWG7zr2PrpEKQIxUVDbWlMBosOuxj8=", + "lastModified": 1678823172, + "narHash": "sha256-a6Bqmpva0OoJSWrL93Ikmj8ZabPMhJiPnNiC1VVkdj0=", "owner": "nix-community", "repo": "NUR", - "rev": "4b8c2bae188553e8c5461e4824d732f86ec85a42", + "rev": "ec4098d3c11cc5ef68fe25002ac0c82d57e9ff28", "type": "github" }, "original": { -- 2.47.1 From b702bbf851b420012553474cdaece3f4319d1cb6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 22:01:43 +0000 Subject: [PATCH 1249/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 21b69fc8..c15709f4 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678812399, - "narHash": "sha256-LS8Sqyq1F+pMCJDVYgY9eaGEaWfJhfdpmkNj31RoSoI=", + "lastModified": 1678830991, + "narHash": "sha256-aPSmhgof4nIJquHmtxxirIMVv439wTYYCwf1ekS96gA=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "d63e8c8f45202f1189f78e6c5eaa7e23f7239712", + "rev": "8531d1d7a67f6213de73466f0351a1ae709f8f4f", "type": "github" }, "original": { @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1678803776, - "narHash": "sha256-26sF+Td9PK8MctWPcTbB/21TgqFEHc5RmVLFL7tVAw4=", + "lastModified": 1678830773, + "narHash": "sha256-/3uXLVUaSU92eTI3FgOeWI1N12Qhtf865ClYLXQUUVo=", "owner": "pta2002", "repo": "nixvim", - "rev": "9d68949da7acb3321345e900c9f87cde8afd5abe", + "rev": "45bd82602eea4f20b20368df2dae7785d288b17e", "type": "github" }, "original": { -- 2.47.1 From 25bb2206af80ae8190cd8e23a3a01546a3ff25fc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Mar 2023 23:02:13 +0000 Subject: [PATCH 1250/1882] chore(deps): lock file maintenance --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index c15709f4..bfe3c498 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1678729503, - "narHash": "sha256-j+h4Bdqbe+qjzhxdhkRmVgSx2lxJ8HnKeYcAhhnd1zM=", + "lastModified": 1678831854, + "narHash": "sha256-7HBmLFNVD2KjovSzypIN9NfyzpWelMe8sNbUVZIRsS0=", "owner": "nix-community", "repo": "home-manager", - "rev": "24c1a6335e3da6a3ecf82f33ac50c2ad66aee346", + "rev": "cae54dc45c0d61c99c1dc8b04bc42f36c76f9771", "type": "github" }, "original": { @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678830991, - "narHash": "sha256-aPSmhgof4nIJquHmtxxirIMVv439wTYYCwf1ekS96gA=", + "lastModified": 1678832961, + "narHash": "sha256-LdisURnayHqDQGHGWb3ip4DYgBMERA3iuPTj7mzRU/w=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "8531d1d7a67f6213de73466f0351a1ae709f8f4f", + "rev": "569ae86c90df483b56b7eeefc2453c2ee3325361", "type": "github" }, "original": { @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1678830773, - "narHash": "sha256-/3uXLVUaSU92eTI3FgOeWI1N12Qhtf865ClYLXQUUVo=", + "lastModified": 1678834107, + "narHash": "sha256-+yz90kj2FVNiZ5t7E2+cKfvfsyaZJbNKZd2+hXepnvQ=", "owner": "pta2002", "repo": "nixvim", - "rev": "45bd82602eea4f20b20368df2dae7785d288b17e", + "rev": "416c719f4759e250082668e758b8dfd9eb16ef3a", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678823172, - "narHash": "sha256-a6Bqmpva0OoJSWrL93Ikmj8ZabPMhJiPnNiC1VVkdj0=", + "lastModified": 1678832470, + "narHash": "sha256-j7M3YqRIwXrONWSpfJpIqvijfWMiKGx3XUqfVCeSfBU=", "owner": "nix-community", "repo": "NUR", - "rev": "ec4098d3c11cc5ef68fe25002ac0c82d57e9ff28", + "rev": "3318ac1f94e1675ffdcf640d5c2a4c8987f31093", "type": "github" }, "original": { -- 2.47.1 From 5d3e0b2b875b9fc2a8d4a949603599e5b7cf7e9d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Mar 2023 00:00:35 +0000 Subject: [PATCH 1251/1882] chore(deps): update renovate/renovate docker tag to v35.6.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index af7fa3ab..b3a0d464 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.4.2 + image: renovate/renovate:35.6.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 500e5492f9b0542d68f8f569b486d19aa7856454 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Mar 2023 01:03:21 +0000 Subject: [PATCH 1252/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index bfe3c498..82496a4a 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1678834107, - "narHash": "sha256-+yz90kj2FVNiZ5t7E2+cKfvfsyaZJbNKZd2+hXepnvQ=", + "lastModified": 1678837069, + "narHash": "sha256-ysF6CkxGmFNjrnoL7zR89tciSx85t2oYX9u27jIx9pw=", "owner": "pta2002", "repo": "nixvim", - "rev": "416c719f4759e250082668e758b8dfd9eb16ef3a", + "rev": "c3821e9924e4636155c33a5792b6ac5de673dd34", "type": "github" }, "original": { -- 2.47.1 From 131ee25fe29c06e39fba160a51221bbf5442ef4f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Mar 2023 02:07:39 +0000 Subject: [PATCH 1253/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 82496a4a..a5c1211c 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678832470, - "narHash": "sha256-j7M3YqRIwXrONWSpfJpIqvijfWMiKGx3XUqfVCeSfBU=", + "lastModified": 1678845360, + "narHash": "sha256-unfUkdl/FoTn//tmX15lGLT0qXl74Bw5SGF+kS7mWtA=", "owner": "nix-community", "repo": "NUR", - "rev": "3318ac1f94e1675ffdcf640d5c2a4c8987f31093", + "rev": "7741a0eeffcd0dd4c8c3a7a05ad8a4d4a03bb118", "type": "github" }, "original": { -- 2.47.1 From 1a71c5d1eb0c3f4c37df1b3c875ecb10deaaf128 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Mar 2023 04:02:19 +0000 Subject: [PATCH 1254/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index a5c1211c..e8433b37 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678845360, - "narHash": "sha256-unfUkdl/FoTn//tmX15lGLT0qXl74Bw5SGF+kS7mWtA=", + "lastModified": 1678851726, + "narHash": "sha256-zVYyBvxM8HINzKPCZzqXTkFsO6mfC9o3EnGXryf4k7U=", "owner": "nix-community", "repo": "NUR", - "rev": "7741a0eeffcd0dd4c8c3a7a05ad8a4d4a03bb118", + "rev": "7d89a3989a9a2081bcb3f254e108099cb094aa34", "type": "github" }, "original": { -- 2.47.1 From 54603d6c0ddb566e5a70812ee04a713612bc2ad8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Mar 2023 05:03:24 +0000 Subject: [PATCH 1255/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index e8433b37..61ce51e3 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678851726, - "narHash": "sha256-zVYyBvxM8HINzKPCZzqXTkFsO6mfC9o3EnGXryf4k7U=", + "lastModified": 1678853464, + "narHash": "sha256-VWxIclfiH4nlRyII85OHi57aeRpUtJecaBWRhF+AshE=", "owner": "nix-community", "repo": "NUR", - "rev": "7d89a3989a9a2081bcb3f254e108099cb094aa34", + "rev": "65c4ce1727b34a456a90862815749221e7624502", "type": "github" }, "original": { -- 2.47.1 From 4a3bb0ee62bff486b56dfee43265a6f2d244a6e4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Mar 2023 07:02:11 +0000 Subject: [PATCH 1256/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 61ce51e3..8eca8a02 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678853464, - "narHash": "sha256-VWxIclfiH4nlRyII85OHi57aeRpUtJecaBWRhF+AshE=", + "lastModified": 1678862813, + "narHash": "sha256-Ikb1Jcbw7hIpoeap4p77AuESgk55Rm66L+p501AJ9Cw=", "owner": "nix-community", "repo": "NUR", - "rev": "65c4ce1727b34a456a90862815749221e7624502", + "rev": "a903b064e7dea4b4177aef40ab9ab6e1c4d0f6a4", "type": "github" }, "original": { -- 2.47.1 From 4f105625aa047ece07e48ba041e69c2917f67e6d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Mar 2023 10:02:24 +0000 Subject: [PATCH 1257/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 8eca8a02..91f0c471 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678862813, - "narHash": "sha256-Ikb1Jcbw7hIpoeap4p77AuESgk55Rm66L+p501AJ9Cw=", + "lastModified": 1678873529, + "narHash": "sha256-nLokAX8q6Ot1/qtfmpdmITG/SZLUjMlPu9SF1hOIzwE=", "owner": "nix-community", "repo": "NUR", - "rev": "a903b064e7dea4b4177aef40ab9ab6e1c4d0f6a4", + "rev": "0575c2d0cad766f6be352500e60db9d242cc3143", "type": "github" }, "original": { -- 2.47.1 From 0d5a95646bc1e5be80ad0cbe77edab611bf7fd2d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Mar 2023 11:00:37 +0000 Subject: [PATCH 1258/1882] chore(deps): update renovate/renovate docker tag to v35.7.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index b3a0d464..fd615bd3 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.6.0 + image: renovate/renovate:35.7.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 14722e350412a325c9520ae3f8b9a469f757021d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Mar 2023 12:03:02 +0000 Subject: [PATCH 1259/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 91f0c471..13312716 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1678831854, - "narHash": "sha256-7HBmLFNVD2KjovSzypIN9NfyzpWelMe8sNbUVZIRsS0=", + "lastModified": 1678881170, + "narHash": "sha256-S22WL1ZVBn8CRTLCpJsF7m7+6tRfgRFez2jfqUbWVtI=", "owner": "nix-community", "repo": "home-manager", - "rev": "cae54dc45c0d61c99c1dc8b04bc42f36c76f9771", + "rev": "5eec450c75ee10307b3068467ccfb03e41ea76e2", "type": "github" }, "original": { @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1678837069, - "narHash": "sha256-ysF6CkxGmFNjrnoL7zR89tciSx85t2oYX9u27jIx9pw=", + "lastModified": 1678878371, + "narHash": "sha256-kufkCW38V+WT3YZNZvEdt/nZaGo9RXZD4/IZTYIqxsc=", "owner": "pta2002", "repo": "nixvim", - "rev": "c3821e9924e4636155c33a5792b6ac5de673dd34", + "rev": "e33e62ff6191fa93edd142f51071dea5335d559f", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678873529, - "narHash": "sha256-nLokAX8q6Ot1/qtfmpdmITG/SZLUjMlPu9SF1hOIzwE=", + "lastModified": 1678881767, + "narHash": "sha256-0y9kr91Ds7ghIGB5oYlHmNfagkBUUBUJwxQsDBC0utQ=", "owner": "nix-community", "repo": "NUR", - "rev": "0575c2d0cad766f6be352500e60db9d242cc3143", + "rev": "7733da94928c1ba68c1d9b2a99815f3fbf83e43a", "type": "github" }, "original": { -- 2.47.1 From e2cd7e4f729f3321f2262667d8d954a54a1a494d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Mar 2023 13:07:34 +0000 Subject: [PATCH 1260/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 13312716..40939a6a 100644 --- a/flake.lock +++ b/flake.lock @@ -838,11 +838,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1678703398, - "narHash": "sha256-Y1mW3dBsoWLHpYm+UIHb5VZ7rx024NNHaF16oZBx++o=", + "lastModified": 1678761643, + "narHash": "sha256-tapXZvg6Kg5Fm7Fm6i+7cRC5Exp2lX7cgMrqsfrGhuc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "67f26c1cfc5d5783628231e776a81c1ade623e0b", + "rev": "c4aec3c021620d98861639946123214207e98344", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678881767, - "narHash": "sha256-0y9kr91Ds7ghIGB5oYlHmNfagkBUUBUJwxQsDBC0utQ=", + "lastModified": 1678885512, + "narHash": "sha256-2+4WspXsm8tDrnPpljz6rVZvyuKq4v9xXAvG3sY9+LQ=", "owner": "nix-community", "repo": "NUR", - "rev": "7733da94928c1ba68c1d9b2a99815f3fbf83e43a", + "rev": "272d64d372ed2156cd06b6535d9b7fabdc5ab54f", "type": "github" }, "original": { -- 2.47.1 From 686e6f5ccdf9306c9f6e5fa851407022b09f394c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Mar 2023 14:05:04 +0000 Subject: [PATCH 1261/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 40939a6a..6e369f8b 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1678881170, - "narHash": "sha256-S22WL1ZVBn8CRTLCpJsF7m7+6tRfgRFez2jfqUbWVtI=", + "lastModified": 1678886248, + "narHash": "sha256-ff81NJtc+AgQhUlTCkx8t8hda0o72vSxDeHVGrfxH70=", "owner": "nix-community", "repo": "home-manager", - "rev": "5eec450c75ee10307b3068467ccfb03e41ea76e2", + "rev": "2bd74d92bc7345f323ebcbfeb631d5cf4067ed8e", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678885512, - "narHash": "sha256-2+4WspXsm8tDrnPpljz6rVZvyuKq4v9xXAvG3sY9+LQ=", + "lastModified": 1678887050, + "narHash": "sha256-vECTWGgcui/DcTEH57LcEVpQaS8VC0uPZEaiAkw3Uxk=", "owner": "nix-community", "repo": "NUR", - "rev": "272d64d372ed2156cd06b6535d9b7fabdc5ab54f", + "rev": "dc10ca2a249a3041deb1e074633d6f094818e886", "type": "github" }, "original": { -- 2.47.1 From e972eab977048ea3f24e65efa5d1ad590252891e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Mar 2023 16:02:12 +0000 Subject: [PATCH 1262/1882] chore(deps): lock file maintenance --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 6e369f8b..3213e135 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678832961, - "narHash": "sha256-LdisURnayHqDQGHGWb3ip4DYgBMERA3iuPTj7mzRU/w=", + "lastModified": 1678893101, + "narHash": "sha256-nufxiR356twptytHVLzcTY8Oc3ZyMoVLUhML+pP2xTY=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "569ae86c90df483b56b7eeefc2453c2ee3325361", + "rev": "25d3d73dbfcd2dd4d7b8254cb97f0f7737cd7c03", "type": "github" }, "original": { @@ -542,11 +542,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1677282271, - "narHash": "sha256-wNooEHZpKMJN2jj2qPa1jRhi6f5q1yTYCxQcXEJ32eM=", + "lastModified": 1678893556, + "narHash": "sha256-FHhBetkV/S7M9BMpbCzUWX/P5E7tGE4mZIpj/2m0K2M=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "83867464c523c3ac2f7ce53d2c4b8d4f9b7551cd", + "rev": "61961973cfd10853b32c7f904cdb88f9ab6d84dd", "type": "github" }, "original": { @@ -886,11 +886,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1678654296, - "narHash": "sha256-aVfw3ThpY7vkUeF1rFy10NAkpKDS2imj3IakrzT0Occ=", + "lastModified": 1678819893, + "narHash": "sha256-lfA6WGdxPsPkBK5Y19ltr5Sn7v7MlT+jpZ4nUgco0Xs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5a1dc8acd977ff3dccd1328b7c4a6995429a656b", + "rev": "7067edc68c035e21780259ed2d26e1f164addaa2", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678887050, - "narHash": "sha256-vECTWGgcui/DcTEH57LcEVpQaS8VC0uPZEaiAkw3Uxk=", + "lastModified": 1678895237, + "narHash": "sha256-gPCvxzfdZbKUK2ohAOzgd8HnSw4tvwL65P7sMyq6Vus=", "owner": "nix-community", "repo": "NUR", - "rev": "dc10ca2a249a3041deb1e074633d6f094818e886", + "rev": "a7d012884c6abb2be4fcfaa76bb9465e6e87b4f0", "type": "github" }, "original": { -- 2.47.1 From fcc3d5140fa49cc380fc6c0c4c93bd2ff29334b5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Mar 2023 17:02:09 +0000 Subject: [PATCH 1263/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 3213e135..2461bec9 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678895237, - "narHash": "sha256-gPCvxzfdZbKUK2ohAOzgd8HnSw4tvwL65P7sMyq6Vus=", + "lastModified": 1678897863, + "narHash": "sha256-JEOSfdlZcy0Y5bCdsOAcOSr57nQIO+OS2FVDeclfdsk=", "owner": "nix-community", "repo": "NUR", - "rev": "a7d012884c6abb2be4fcfaa76bb9465e6e87b4f0", + "rev": "bf2c0fd2a06d581234da1cc8d731efecb6934035", "type": "github" }, "original": { -- 2.47.1 From b77ccc978b79d1f94de01e86b3e4bbb0bfaf24b1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Mar 2023 18:00:37 +0000 Subject: [PATCH 1264/1882] chore(deps): update renovate/renovate docker tag to v35.8.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index fd615bd3..b9e86944 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.7.0 + image: renovate/renovate:35.8.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 0110b9f730a0710e65cd5e16bf4dd2996df09dfa Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Mar 2023 19:02:39 +0000 Subject: [PATCH 1265/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 2461bec9..a3340579 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1678886248, - "narHash": "sha256-ff81NJtc+AgQhUlTCkx8t8hda0o72vSxDeHVGrfxH70=", + "lastModified": 1678904532, + "narHash": "sha256-ziszYqNQtYxS1iPAPy6K8G94P/LghqM3niXrnKbp8pI=", "owner": "nix-community", "repo": "home-manager", - "rev": "2bd74d92bc7345f323ebcbfeb631d5cf4067ed8e", + "rev": "95201931f2e733705296d1d779e70793deaeb909", "type": "github" }, "original": { @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678893101, - "narHash": "sha256-nufxiR356twptytHVLzcTY8Oc3ZyMoVLUhML+pP2xTY=", + "lastModified": 1678905944, + "narHash": "sha256-Gb8du0osRWjnambizIbb8J2L7ihBMwF8uEkFuXMvP5E=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "25d3d73dbfcd2dd4d7b8254cb97f0f7737cd7c03", + "rev": "1c67849bf13582e6757e79e32b2f77832cca6ed7", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678897863, - "narHash": "sha256-JEOSfdlZcy0Y5bCdsOAcOSr57nQIO+OS2FVDeclfdsk=", + "lastModified": 1678904776, + "narHash": "sha256-yrdjkD1TWEsKPwj701s10+QJxe5Ip2YJW6H7S/sPDoA=", "owner": "nix-community", "repo": "NUR", - "rev": "bf2c0fd2a06d581234da1cc8d731efecb6934035", + "rev": "60a4dd5ab558359c4d3d2f222b349ea3d02adfae", "type": "github" }, "original": { -- 2.47.1 From 080dadc16dc209c0451e9905d61d8e99393f15c7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Mar 2023 20:06:44 +0000 Subject: [PATCH 1266/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index a3340579..8ff84d69 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678904776, - "narHash": "sha256-yrdjkD1TWEsKPwj701s10+QJxe5Ip2YJW6H7S/sPDoA=", + "lastModified": 1678909598, + "narHash": "sha256-rqnlF+2zxLKbtXxYZohxlc3KaBxCLiJ5b/Fu6DLjPZc=", "owner": "nix-community", "repo": "NUR", - "rev": "60a4dd5ab558359c4d3d2f222b349ea3d02adfae", + "rev": "4b0963c3bcbac6c13a2b4a4a49b91c124dbc5d9f", "type": "github" }, "original": { -- 2.47.1 From a81c84bfbd93d9ed1523da1d2a4b836ddb122595 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Mar 2023 21:02:15 +0000 Subject: [PATCH 1267/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 8ff84d69..84c9e81c 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678909598, - "narHash": "sha256-rqnlF+2zxLKbtXxYZohxlc3KaBxCLiJ5b/Fu6DLjPZc=", + "lastModified": 1678913208, + "narHash": "sha256-QfAb2GDO5P2/LKSfYYV3ICJXJIYOuz1wyVZVmV/gnfU=", "owner": "nix-community", "repo": "NUR", - "rev": "4b0963c3bcbac6c13a2b4a4a49b91c124dbc5d9f", + "rev": "43d96b06b8d2b3f21f8c50d684220e4fe3a41a37", "type": "github" }, "original": { -- 2.47.1 From 4e43b12e1acc1c17b8c1940c5962619b60e8985e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Mar 2023 22:00:34 +0000 Subject: [PATCH 1268/1882] chore(deps): update renovate/renovate docker tag to v35.8.3 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index b9e86944..0346f7fe 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.8.1 + image: renovate/renovate:35.8.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 5cadd79d1111bdcd5ce23d637542c38b9df63758 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Mar 2023 23:03:45 +0000 Subject: [PATCH 1269/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 84c9e81c..83f2af1b 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1678904532, - "narHash": "sha256-ziszYqNQtYxS1iPAPy6K8G94P/LghqM3niXrnKbp8pI=", + "lastModified": 1678916824, + "narHash": "sha256-YPQAQ0x0wLvbQ/vaEj8o+0hRfbBNR0teTJ6QsG0yzw4=", "owner": "nix-community", "repo": "home-manager", - "rev": "95201931f2e733705296d1d779e70793deaeb909", + "rev": "c8cb60b8a15c90b2bbc416c182532620602edb48", "type": "github" }, "original": { @@ -838,11 +838,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1678761643, - "narHash": "sha256-tapXZvg6Kg5Fm7Fm6i+7cRC5Exp2lX7cgMrqsfrGhuc=", + "lastModified": 1678872516, + "narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c4aec3c021620d98861639946123214207e98344", + "rev": "9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678913208, - "narHash": "sha256-QfAb2GDO5P2/LKSfYYV3ICJXJIYOuz1wyVZVmV/gnfU=", + "lastModified": 1678915555, + "narHash": "sha256-U4BDXptYZH2j59syOxuAbkpioKxqW+bC3LbJK+Tofw8=", "owner": "nix-community", "repo": "NUR", - "rev": "43d96b06b8d2b3f21f8c50d684220e4fe3a41a37", + "rev": "40cbb3e28ea69c29375f6e0d01988caf50244f1f", "type": "github" }, "original": { -- 2.47.1 From 001b6fd1a42f2a32978a2c9bb1bbccb15c447087 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Mar 2023 01:01:59 +0000 Subject: [PATCH 1270/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 83f2af1b..3ea66f2d 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678905944, - "narHash": "sha256-Gb8du0osRWjnambizIbb8J2L7ihBMwF8uEkFuXMvP5E=", + "lastModified": 1678926607, + "narHash": "sha256-8KOQLIYC/zqR+cJgQEJqmpKddNINd3F3HiPbxAkeh4w=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "1c67849bf13582e6757e79e32b2f77832cca6ed7", + "rev": "3e261b1fa78d13daeda8bede7df3f2c6af032c46", "type": "github" }, "original": { -- 2.47.1 From f4b7277c7156a2e00aa0c44b1d96445de2be964c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Mar 2023 02:03:00 +0000 Subject: [PATCH 1271/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 3ea66f2d..3a46555e 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678926607, - "narHash": "sha256-8KOQLIYC/zqR+cJgQEJqmpKddNINd3F3HiPbxAkeh4w=", + "lastModified": 1678928694, + "narHash": "sha256-IyMKsbwRP1+9KcPR9exTD3zkPW6ivykpvGAM25mdmoI=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "3e261b1fa78d13daeda8bede7df3f2c6af032c46", + "rev": "d9d57ce39ac25fd8bbfe88ec9d3bccb1e2df8650", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678915555, - "narHash": "sha256-U4BDXptYZH2j59syOxuAbkpioKxqW+bC3LbJK+Tofw8=", + "lastModified": 1678931826, + "narHash": "sha256-tPDf+Q51Ezjo78Qy1+3hZsUJtRyrsupBgma3EiE+okg=", "owner": "nix-community", "repo": "NUR", - "rev": "40cbb3e28ea69c29375f6e0d01988caf50244f1f", + "rev": "cb16fafa7eaa8ade0eaa19dcd32fb5d6c258db4e", "type": "github" }, "original": { -- 2.47.1 From 67d2713eadf67d6fc6945a5022bcb79c1d1d7412 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Mar 2023 04:02:05 +0000 Subject: [PATCH 1272/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 3a46555e..1c2b5f2e 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678931826, - "narHash": "sha256-tPDf+Q51Ezjo78Qy1+3hZsUJtRyrsupBgma3EiE+okg=", + "lastModified": 1678938292, + "narHash": "sha256-D45bJov3GYq74oGzoRrZ1vkjRrUAGjWPPLOPb6iYN7g=", "owner": "nix-community", "repo": "NUR", - "rev": "cb16fafa7eaa8ade0eaa19dcd32fb5d6c258db4e", + "rev": "c428e5936586b0f0113eaae590a6415176ff8175", "type": "github" }, "original": { -- 2.47.1 From 3f229d43d05cd64d963627c9a905c5677b3d5b1c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Mar 2023 05:02:48 +0000 Subject: [PATCH 1273/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1c2b5f2e..6b8686ed 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678938292, - "narHash": "sha256-D45bJov3GYq74oGzoRrZ1vkjRrUAGjWPPLOPb6iYN7g=", + "lastModified": 1678939859, + "narHash": "sha256-vmf0/ApR0XEnLJq1aU3OuzBV1pQUD9Z0IN2nnb4beZc=", "owner": "nix-community", "repo": "NUR", - "rev": "c428e5936586b0f0113eaae590a6415176ff8175", + "rev": "d366314098013524969589cc393dd0622a168eb1", "type": "github" }, "original": { -- 2.47.1 From 3d25ccdb44a2b44d44bb59be0504192a5f237ce6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Mar 2023 06:04:14 +0000 Subject: [PATCH 1274/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 6b8686ed..0b7e06e9 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678939859, - "narHash": "sha256-vmf0/ApR0XEnLJq1aU3OuzBV1pQUD9Z0IN2nnb4beZc=", + "lastModified": 1678945329, + "narHash": "sha256-3JVDzX3npyUR1b/YhSCtaYo9L/Y5uHXZ06Tt97Czzhw=", "owner": "nix-community", "repo": "NUR", - "rev": "d366314098013524969589cc393dd0622a168eb1", + "rev": "7d2892dda3459cdd02efc4c892f9014d88a56de2", "type": "github" }, "original": { -- 2.47.1 From 95022e2fad2c34d836b4fe71a739927b2df8865d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Mar 2023 07:03:05 +0000 Subject: [PATCH 1275/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 0b7e06e9..b899be04 100644 --- a/flake.lock +++ b/flake.lock @@ -886,11 +886,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1678819893, - "narHash": "sha256-lfA6WGdxPsPkBK5Y19ltr5Sn7v7MlT+jpZ4nUgco0Xs=", + "lastModified": 1678898370, + "narHash": "sha256-xTICr1j+uat5hk9FyuPOFGxpWHdJRibwZC+ATi0RbtE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7067edc68c035e21780259ed2d26e1f164addaa2", + "rev": "ac718d02867a84b42522a0ece52d841188208f2c", "type": "github" }, "original": { -- 2.47.1 From d42dbf7f7ccf770b403b0c9313583535be69cf94 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Mar 2023 08:02:52 +0000 Subject: [PATCH 1276/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b899be04..b34c9088 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678945329, - "narHash": "sha256-3JVDzX3npyUR1b/YhSCtaYo9L/Y5uHXZ06Tt97Czzhw=", + "lastModified": 1678952793, + "narHash": "sha256-a7FaJZKnBF3fw0g2vzq88GhqGjgk7k9YEArm24Cj/Q0=", "owner": "nix-community", "repo": "NUR", - "rev": "7d2892dda3459cdd02efc4c892f9014d88a56de2", + "rev": "eab411863f3d12b9662964ee40e589f2c65d42c9", "type": "github" }, "original": { -- 2.47.1 From 54477b552aae85664ca80ad7558412734b938036 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Mar 2023 09:04:05 +0000 Subject: [PATCH 1277/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index b34c9088..c1eca753 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1678878371, - "narHash": "sha256-kufkCW38V+WT3YZNZvEdt/nZaGo9RXZD4/IZTYIqxsc=", + "lastModified": 1678954423, + "narHash": "sha256-kaTyUwuG9k1Fo4fUKCXvDSWpG5w06sYtLnAX2WQ3oWY=", "owner": "pta2002", "repo": "nixvim", - "rev": "e33e62ff6191fa93edd142f51071dea5335d559f", + "rev": "f5f33b539031ec57c1869a63350176d7257f5f18", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678952793, - "narHash": "sha256-a7FaJZKnBF3fw0g2vzq88GhqGjgk7k9YEArm24Cj/Q0=", + "lastModified": 1678955011, + "narHash": "sha256-dlN+8TR5cgrALQBDnEBHRatLfkp7cnml7ggtR02Dd0Y=", "owner": "nix-community", "repo": "NUR", - "rev": "eab411863f3d12b9662964ee40e589f2c65d42c9", + "rev": "2e50ae6dbdda3a310d96da11e47fd56f3ff51e12", "type": "github" }, "original": { -- 2.47.1 From 9fdc5bdcc2344c6e76944e88a05ac363f5c439c9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Mar 2023 10:02:57 +0000 Subject: [PATCH 1278/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index c1eca753..ea881e54 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1678916824, - "narHash": "sha256-YPQAQ0x0wLvbQ/vaEj8o+0hRfbBNR0teTJ6QsG0yzw4=", + "lastModified": 1678957507, + "narHash": "sha256-t1yAoxlfhSjgeDGoQ1WJ0LBwVReL6y3QkAfJ3H+mOSs=", "owner": "nix-community", "repo": "home-manager", - "rev": "c8cb60b8a15c90b2bbc416c182532620602edb48", + "rev": "5e94669f8ea8d697b1a00b916b2a86909f8c4ff5", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678955011, - "narHash": "sha256-dlN+8TR5cgrALQBDnEBHRatLfkp7cnml7ggtR02Dd0Y=", + "lastModified": 1678958227, + "narHash": "sha256-0zJbyQEJAQT8ugDLfvKnEmP8U/ALcvGbLFF+Cwjbw60=", "owner": "nix-community", "repo": "NUR", - "rev": "2e50ae6dbdda3a310d96da11e47fd56f3ff51e12", + "rev": "8d29d9c1e4b012d56d0da67f4bcb6109c141d82b", "type": "github" }, "original": { -- 2.47.1 From 1f4b617efe86c40ac7f3485fd8484214509c1704 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Mar 2023 11:04:04 +0000 Subject: [PATCH 1279/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index ea881e54..46c6fba1 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1678954423, - "narHash": "sha256-kaTyUwuG9k1Fo4fUKCXvDSWpG5w06sYtLnAX2WQ3oWY=", + "lastModified": 1678961974, + "narHash": "sha256-c1TZ+lQlWHjNJYiQZTtD0pZyXQjRlMl3GcTyLi4SF3Q=", "owner": "pta2002", "repo": "nixvim", - "rev": "f5f33b539031ec57c1869a63350176d7257f5f18", + "rev": "6544e323966d81306f74842781a4a8c00a53a077", "type": "github" }, "original": { -- 2.47.1 From 1635a4437436b79249b7e7937ede05a695df93f9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Mar 2023 12:00:36 +0000 Subject: [PATCH 1280/1882] chore(deps): update renovate/renovate docker tag to v35.9.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 0346f7fe..e30fdf5d 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.8.3 + image: renovate/renovate:35.9.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 7bcd4370ce6445d5302bc4cbebd0f6f5cd01d6a9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Mar 2023 13:03:40 +0000 Subject: [PATCH 1281/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 46c6fba1..3ff1f119 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1678957507, - "narHash": "sha256-t1yAoxlfhSjgeDGoQ1WJ0LBwVReL6y3QkAfJ3H+mOSs=", + "lastModified": 1678967335, + "narHash": "sha256-oFppZaAVRA0G/aVPvjtWaQI5EQ2dZ5LgbEKfsBmKQgA=", "owner": "nix-community", "repo": "home-manager", - "rev": "5e94669f8ea8d697b1a00b916b2a86909f8c4ff5", + "rev": "b832390db376fbbf44115904cfab6680fb42e076", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678958227, - "narHash": "sha256-0zJbyQEJAQT8ugDLfvKnEmP8U/ALcvGbLFF+Cwjbw60=", + "lastModified": 1678968065, + "narHash": "sha256-FYYQyf3osP15yQzpOGtuBDy0pgJi/ho9QXVKRlFPcHA=", "owner": "nix-community", "repo": "NUR", - "rev": "8d29d9c1e4b012d56d0da67f4bcb6109c141d82b", + "rev": "c830ffcd1d371a5bb7a5c234ea23030e7425ec79", "type": "github" }, "original": { -- 2.47.1 From de52af437c5025148a0408b16e5178ebc02a62cf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Mar 2023 14:08:35 +0000 Subject: [PATCH 1282/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 3ff1f119..b965f9db 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678928694, - "narHash": "sha256-IyMKsbwRP1+9KcPR9exTD3zkPW6ivykpvGAM25mdmoI=", + "lastModified": 1678975420, + "narHash": "sha256-c2irdY51WjrYDSn0IPeCcZxNa03lVN5afPaca9orsQY=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "d9d57ce39ac25fd8bbfe88ec9d3bccb1e2df8650", + "rev": "5d44ea802a604edfcc822c9f2376bb3881f3e805", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678968065, - "narHash": "sha256-FYYQyf3osP15yQzpOGtuBDy0pgJi/ho9QXVKRlFPcHA=", + "lastModified": 1678974469, + "narHash": "sha256-3LxxHvt42mf0EqDlAGVe0IzN2CK6nY+jOLJFiFkBNiY=", "owner": "nix-community", "repo": "NUR", - "rev": "c830ffcd1d371a5bb7a5c234ea23030e7425ec79", + "rev": "aac111b07bec72e3d7a1e83fcfd146930da70b57", "type": "github" }, "original": { -- 2.47.1 From 2928366d43fb349105bd9d29ae787c87bf8b1914 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Mar 2023 15:02:40 +0000 Subject: [PATCH 1283/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b965f9db..e7617af5 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678974469, - "narHash": "sha256-3LxxHvt42mf0EqDlAGVe0IzN2CK6nY+jOLJFiFkBNiY=", + "lastModified": 1678978081, + "narHash": "sha256-JCJQ1qAjl5L4R/7IhYEE0tr09tSftq1Ylt45AU7iPGg=", "owner": "nix-community", "repo": "NUR", - "rev": "aac111b07bec72e3d7a1e83fcfd146930da70b57", + "rev": "8888f20e3047320731ad905be02418738b0319c9", "type": "github" }, "original": { -- 2.47.1 From 5d13b081a25cffc1e69fec16494c85be04e59890 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Mar 2023 16:00:36 +0000 Subject: [PATCH 1284/1882] chore(deps): update renovate/renovate docker tag to v35.10.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index e30fdf5d..4c3f2689 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.9.1 + image: renovate/renovate:35.10.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 536fd302fa34b0f7e18929a67b74168fd55cf1d0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Mar 2023 17:03:45 +0000 Subject: [PATCH 1285/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index e7617af5..f7932c34 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678975420, - "narHash": "sha256-c2irdY51WjrYDSn0IPeCcZxNa03lVN5afPaca9orsQY=", + "lastModified": 1678984828, + "narHash": "sha256-fULVI69XchAnznXMtVet23li8Oi0RK8ZWBb50jA0rw4=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "5d44ea802a604edfcc822c9f2376bb3881f3e805", + "rev": "606cb2832aff2c7305da1f880ce732f7eb464d04", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678978081, - "narHash": "sha256-JCJQ1qAjl5L4R/7IhYEE0tr09tSftq1Ylt45AU7iPGg=", + "lastModified": 1678985808, + "narHash": "sha256-dPTbw633knkRgFdocyKR+MSnbABOWTSb12otM96hVTc=", "owner": "nix-community", "repo": "NUR", - "rev": "8888f20e3047320731ad905be02418738b0319c9", + "rev": "baf932ed7a4605a750868cc302286d2a7dcf9ac1", "type": "github" }, "original": { -- 2.47.1 From 978636fd34b1600278b981a0c1d763c2b377052c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Mar 2023 18:07:26 +0000 Subject: [PATCH 1286/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index f7932c34..1dc8105a 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678985808, - "narHash": "sha256-dPTbw633knkRgFdocyKR+MSnbABOWTSb12otM96hVTc=", + "lastModified": 1678988709, + "narHash": "sha256-H7dEPSCqraOK0Bf2cBayT1eKkQjHx0Xal8psGhmhB50=", "owner": "nix-community", "repo": "NUR", - "rev": "baf932ed7a4605a750868cc302286d2a7dcf9ac1", + "rev": "9c64c4ac3bfb5c8aad7694f892cf9418b40eaf47", "type": "github" }, "original": { -- 2.47.1 From 53711308233bc1e0ff51bbfff9813a643eb7884d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Mar 2023 21:02:02 +0000 Subject: [PATCH 1287/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1dc8105a..647ac2f7 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678988709, - "narHash": "sha256-H7dEPSCqraOK0Bf2cBayT1eKkQjHx0Xal8psGhmhB50=", + "lastModified": 1678999535, + "narHash": "sha256-J2xdscuBbn5CoTWH2c2/7lU59mqgZNxdtdt6YjUm6Cw=", "owner": "nix-community", "repo": "NUR", - "rev": "9c64c4ac3bfb5c8aad7694f892cf9418b40eaf47", + "rev": "b57d1058dc77e2e32c7c81c5ce1ea43119e616cc", "type": "github" }, "original": { -- 2.47.1 From 52a9d0dff7357c7bb472b4a3d316be39d273f972 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 16 Mar 2023 22:02:48 +0000 Subject: [PATCH 1288/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 647ac2f7..1907f7c6 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1678999535, - "narHash": "sha256-J2xdscuBbn5CoTWH2c2/7lU59mqgZNxdtdt6YjUm6Cw=", + "lastModified": 1679003164, + "narHash": "sha256-l2yHrwsBrvMqmVEJBgU4nzBVpmj1os9Vxedv0tboc90=", "owner": "nix-community", "repo": "NUR", - "rev": "b57d1058dc77e2e32c7c81c5ce1ea43119e616cc", + "rev": "5a1b6ac5774abca67908c44245d653cde64d65d2", "type": "github" }, "original": { -- 2.47.1 From a6d9c5be4d9eaebda768b6fc4ec432592b23dfe8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Mar 2023 15:00:24 +0000 Subject: [PATCH 1289/1882] chore(deps): update renovate/renovate docker tag to v35.10.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 4c3f2689..6e566f55 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.10.0 + image: renovate/renovate:35.10.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 08fbd082c29743ca18bc79e0207d3e91f58b96b5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Mar 2023 16:02:22 +0000 Subject: [PATCH 1290/1882] chore(deps): lock file maintenance --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 1907f7c6..10519a67 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1678967335, - "narHash": "sha256-oFppZaAVRA0G/aVPvjtWaQI5EQ2dZ5LgbEKfsBmKQgA=", + "lastModified": 1679067095, + "narHash": "sha256-G2dJQURL/CCi+8RP6jNJG8VqgtzEMCA+6mNodd3VR6E=", "owner": "nix-community", "repo": "home-manager", - "rev": "b832390db376fbbf44115904cfab6680fb42e076", + "rev": "3239e0b40f242f47bf6c0c37b2fd35ab3e76e370", "type": "github" }, "original": { @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1678984828, - "narHash": "sha256-fULVI69XchAnznXMtVet23li8Oi0RK8ZWBb50jA0rw4=", + "lastModified": 1679053876, + "narHash": "sha256-pUsPJLKDIQk2XQ4rIaGHL952/uZFuGxsZO0NhQsxH/Y=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "606cb2832aff2c7305da1f880ce732f7eb464d04", + "rev": "5b924aaf608d91e411bd4c05751dc0b7323c36a7", "type": "github" }, "original": { @@ -838,11 +838,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1678872516, - "narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=", + "lastModified": 1678972866, + "narHash": "sha256-YV8BcNWfNVgS449B6hFYFUg4kwVIQMNehZP+FNDs1LY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8", + "rev": "cd34d6ed7ba7d5c4e44b04a53dc97edb52f2766c", "type": "github" }, "original": { @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1678961974, - "narHash": "sha256-c1TZ+lQlWHjNJYiQZTtD0pZyXQjRlMl3GcTyLi4SF3Q=", + "lastModified": 1679056997, + "narHash": "sha256-0toDTW9djidl0Nm8fiXmAuJwampVfQBgSVwIJI7m2bI=", "owner": "pta2002", "repo": "nixvim", - "rev": "6544e323966d81306f74842781a4a8c00a53a077", + "rev": "bf042c580998db65a7e28670efc72819b74ac490", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679003164, - "narHash": "sha256-l2yHrwsBrvMqmVEJBgU4nzBVpmj1os9Vxedv0tboc90=", + "lastModified": 1679067657, + "narHash": "sha256-CqEHDMfVDCEpJvPgMEXP3LNmqfWwZcjjrdkiOxSjjEk=", "owner": "nix-community", "repo": "NUR", - "rev": "5a1b6ac5774abca67908c44245d653cde64d65d2", + "rev": "16bc1d324502a100eff8a92a37093858677c17ad", "type": "github" }, "original": { -- 2.47.1 From c1ec68e73b5939bd26c4b26e8a486d8675d7a234 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Mar 2023 17:04:18 +0000 Subject: [PATCH 1291/1882] chore(deps): update renovate/renovate docker tag to v35.10.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 6e566f55..d89f3107 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.10.1 + image: renovate/renovate:35.10.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From f766e33e20363b9cc611efdec15f2ed6fd35262c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Mar 2023 18:02:48 +0000 Subject: [PATCH 1292/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 10519a67..c66740ac 100644 --- a/flake.lock +++ b/flake.lock @@ -725,11 +725,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1678397099, - "narHash": "sha256-5xq8YJe+h19TlD+EI4AE/3H3jcCcQ2AWU6CWBVc5tRc=", + "lastModified": 1679075297, + "narHash": "sha256-8TwS7NPQWW9iPejBwWzmjLnK8bQhdOMPpsj3KPAL6x8=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "556101ff85bd6e20900ec73ee525b935154bc8ea", + "rev": "994584bb26ffa1deeaf56099601ef4bcc487273e", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679067657, - "narHash": "sha256-CqEHDMfVDCEpJvPgMEXP3LNmqfWwZcjjrdkiOxSjjEk=", + "lastModified": 1679074862, + "narHash": "sha256-EQBoidJV1WXhdNoPZI+jwlArH/s8tyhR3higm042ABo=", "owner": "nix-community", "repo": "NUR", - "rev": "16bc1d324502a100eff8a92a37093858677c17ad", + "rev": "731bf780bf68d86940c5e9bbd4af891f2bc0e773", "type": "github" }, "original": { -- 2.47.1 From 43f9e65761b8fd79e262fdd1c32417d4321e7f9f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Mar 2023 20:01:43 +0000 Subject: [PATCH 1293/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c66740ac..79741920 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679074862, - "narHash": "sha256-EQBoidJV1WXhdNoPZI+jwlArH/s8tyhR3higm042ABo=", + "lastModified": 1679082288, + "narHash": "sha256-HxgEELxJsBxjlKtx29r19VnrRzaj2Pj5WTdm/RWohhA=", "owner": "nix-community", "repo": "NUR", - "rev": "731bf780bf68d86940c5e9bbd4af891f2bc0e773", + "rev": "fcbefcf2ffdeeffda1a8aa1b2a3763031f1996c8", "type": "github" }, "original": { -- 2.47.1 From 4a7fb7c3f46bc7b8781f47ca723ebe382cee3344 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Mar 2023 21:02:58 +0000 Subject: [PATCH 1294/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 79741920..7521be6e 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679053876, - "narHash": "sha256-pUsPJLKDIQk2XQ4rIaGHL952/uZFuGxsZO0NhQsxH/Y=", + "lastModified": 1679085273, + "narHash": "sha256-N1xWBodSspmEpguZL9AMrwrLNESySiMA4IA7syCVviI=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "5b924aaf608d91e411bd4c05751dc0b7323c36a7", + "rev": "91a565c7b0957968d686fccf8f3a5166b9c3fec9", "type": "github" }, "original": { -- 2.47.1 From 0daa5ef44893b1a2b6ae040f7aa801c7a0c3896e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Mar 2023 22:03:25 +0000 Subject: [PATCH 1295/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 7521be6e..e9b8761f 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679056997, - "narHash": "sha256-0toDTW9djidl0Nm8fiXmAuJwampVfQBgSVwIJI7m2bI=", + "lastModified": 1679088890, + "narHash": "sha256-LmPS2+Wsf1Kb0pzWT7eWL69FETUehjlIVtYaj+MRU3s=", "owner": "pta2002", "repo": "nixvim", - "rev": "bf042c580998db65a7e28670efc72819b74ac490", + "rev": "1346e503ead4559469f19bd19f430b899aeeabf3", "type": "github" }, "original": { -- 2.47.1 From 9b41a36251de697e108bc838f661150352663e56 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 17 Mar 2023 23:03:46 +0000 Subject: [PATCH 1296/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index e9b8761f..7df17946 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679082288, - "narHash": "sha256-HxgEELxJsBxjlKtx29r19VnrRzaj2Pj5WTdm/RWohhA=", + "lastModified": 1679093157, + "narHash": "sha256-5A49xA3e7RAYquqoOvJ2tBHCe9K1kj3G28E6n8Mc65I=", "owner": "nix-community", "repo": "NUR", - "rev": "fcbefcf2ffdeeffda1a8aa1b2a3763031f1996c8", + "rev": "02eb9e6bce0814a58f670e42d4b793a94f0b3ae3", "type": "github" }, "original": { -- 2.47.1 From 2bcc8ac8241882b165d59a4cf122a99f5dfaf1ef Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 00:03:21 +0000 Subject: [PATCH 1297/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 7df17946..a1b669de 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679085273, - "narHash": "sha256-N1xWBodSspmEpguZL9AMrwrLNESySiMA4IA7syCVviI=", + "lastModified": 1679096196, + "narHash": "sha256-odIUwEXyuNkVrttz49eJOiIWexJ5TPT4CwVKCCNnKfA=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "91a565c7b0957968d686fccf8f3a5166b9c3fec9", + "rev": "e98ee49aee4a73b757e53a6d190292c17e50f784", "type": "github" }, "original": { -- 2.47.1 From f47857f4f1585a28344f3a3eee98a6c0def01187 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 02:01:54 +0000 Subject: [PATCH 1298/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index a1b669de..2b4aa297 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679096196, - "narHash": "sha256-odIUwEXyuNkVrttz49eJOiIWexJ5TPT4CwVKCCNnKfA=", + "lastModified": 1679103246, + "narHash": "sha256-WoOMsVfm0Cofjvewm6lBjNWVaYhR2jV1cVxwYuJcR3U=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "e98ee49aee4a73b757e53a6d190292c17e50f784", + "rev": "6e6971606d9613f6b5aa1df9ecf68327d079c2cc", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679093157, - "narHash": "sha256-5A49xA3e7RAYquqoOvJ2tBHCe9K1kj3G28E6n8Mc65I=", + "lastModified": 1679104578, + "narHash": "sha256-QEAsb8JznyCz3ykI0RpmfgeNqbRF664SRot/vyo2K5g=", "owner": "nix-community", "repo": "NUR", - "rev": "02eb9e6bce0814a58f670e42d4b793a94f0b3ae3", + "rev": "65b87fa109018274bc8b45cfe95cc7894614d0cf", "type": "github" }, "original": { -- 2.47.1 From a6aa75d4768ce0c7d200cdffa82269b1c53c6635 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 03:04:01 +0000 Subject: [PATCH 1299/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 2b4aa297..5646f8cd 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679104578, - "narHash": "sha256-QEAsb8JznyCz3ykI0RpmfgeNqbRF664SRot/vyo2K5g=", + "lastModified": 1679106836, + "narHash": "sha256-ZmExdzHcqLuYW64lgMo+vsr+y0ohoxtgdO6+RqoCHRw=", "owner": "nix-community", "repo": "NUR", - "rev": "65b87fa109018274bc8b45cfe95cc7894614d0cf", + "rev": "c87b1f0f03cad7d74a503cf6b8220f13cde4e1c0", "type": "github" }, "original": { -- 2.47.1 From a3d10fa647fdb1e33df407bcf0f4a6d56147768c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 04:03:25 +0000 Subject: [PATCH 1300/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 5646f8cd..3ea4884b 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679106836, - "narHash": "sha256-ZmExdzHcqLuYW64lgMo+vsr+y0ohoxtgdO6+RqoCHRw=", + "lastModified": 1679110814, + "narHash": "sha256-thz766w8qrZwWMXgbdxEd4diiQRu7RsMNdRet9SNoFU=", "owner": "nix-community", "repo": "NUR", - "rev": "c87b1f0f03cad7d74a503cf6b8220f13cde4e1c0", + "rev": "587ee418d3eb47b35ff1711fe511211582078b7c", "type": "github" }, "original": { -- 2.47.1 From 80e49df2291213b8ad4da25074d155edcf355edc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 05:02:44 +0000 Subject: [PATCH 1301/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 3ea4884b..fdcd94e8 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679110814, - "narHash": "sha256-thz766w8qrZwWMXgbdxEd4diiQRu7RsMNdRet9SNoFU=", + "lastModified": 1679112509, + "narHash": "sha256-ScnK+C5RdCGayNTvXkoIm2JIyEyZKl40U44yM6Qx4LY=", "owner": "nix-community", "repo": "NUR", - "rev": "587ee418d3eb47b35ff1711fe511211582078b7c", + "rev": "3b88b5b1b4be62982f5df80aff837aafc755d11b", "type": "github" }, "original": { -- 2.47.1 From e84790828869373999a9e89f034af1948411b04c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 06:03:48 +0000 Subject: [PATCH 1302/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index fdcd94e8..3fccaf74 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679112509, - "narHash": "sha256-ScnK+C5RdCGayNTvXkoIm2JIyEyZKl40U44yM6Qx4LY=", + "lastModified": 1679118139, + "narHash": "sha256-n84P8u1tgxSuAPBJWKJf+MIHB5qlE9Z8ZBsMbCVdwn0=", "owner": "nix-community", "repo": "NUR", - "rev": "3b88b5b1b4be62982f5df80aff837aafc755d11b", + "rev": "74e7f3b26a3fcb8a6e43b3989f5b31f599150310", "type": "github" }, "original": { -- 2.47.1 From 5bad69356dfcd4b5954f5db4cd1402efad23e09e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 07:03:29 +0000 Subject: [PATCH 1303/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 3fccaf74..88befefe 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679118139, - "narHash": "sha256-n84P8u1tgxSuAPBJWKJf+MIHB5qlE9Z8ZBsMbCVdwn0=", + "lastModified": 1679121953, + "narHash": "sha256-UzGX36C5iHGHPaSuJxWL2ezmfc4NNwcnO6/bMoNEk9w=", "owner": "nix-community", "repo": "NUR", - "rev": "74e7f3b26a3fcb8a6e43b3989f5b31f599150310", + "rev": "a98f30134c75cd570c2f14f1333e1b7e090bd1dc", "type": "github" }, "original": { -- 2.47.1 From f0d4d9437259184d3a7e89411cbde57c0d797364 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 09:02:30 +0000 Subject: [PATCH 1304/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 88befefe..250e2ab3 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679121953, - "narHash": "sha256-UzGX36C5iHGHPaSuJxWL2ezmfc4NNwcnO6/bMoNEk9w=", + "lastModified": 1679129127, + "narHash": "sha256-xxIgpCf0vLp9IHIijc9mwA2pEbc+jEywvt4D4Emdfr4=", "owner": "nix-community", "repo": "NUR", - "rev": "a98f30134c75cd570c2f14f1333e1b7e090bd1dc", + "rev": "592d6e8871ffdc28a50604649a58fdbdf7ccedd7", "type": "github" }, "original": { -- 2.47.1 From 0710a8ad70852df87edf4a825b6289ac6093acd7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 11:02:17 +0000 Subject: [PATCH 1305/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 250e2ab3..96c22fa7 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679129127, - "narHash": "sha256-xxIgpCf0vLp9IHIijc9mwA2pEbc+jEywvt4D4Emdfr4=", + "lastModified": 1679133788, + "narHash": "sha256-qAAoW0hfYzr3boWPben0dcS9TjLO6PJJa6JPxnEgycs=", "owner": "nix-community", "repo": "NUR", - "rev": "592d6e8871ffdc28a50604649a58fdbdf7ccedd7", + "rev": "768717e2740ea04b7fba6218b2675eea59fdcc5f", "type": "github" }, "original": { -- 2.47.1 From 863cb16333c9a5dbb6acb0a91e18a61736371a59 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 13:02:03 +0000 Subject: [PATCH 1306/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 96c22fa7..203d70bf 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679088890, - "narHash": "sha256-LmPS2+Wsf1Kb0pzWT7eWL69FETUehjlIVtYaj+MRU3s=", + "lastModified": 1679144286, + "narHash": "sha256-SaqWJ4DuOOn5uj/uZGL6DCR1dsEaWk2c4Ky3jj2L/yA=", "owner": "pta2002", "repo": "nixvim", - "rev": "1346e503ead4559469f19bd19f430b899aeeabf3", + "rev": "0ae6e18d55478c86f00e829bba3051077c881d0f", "type": "github" }, "original": { -- 2.47.1 From 057c84ad5072286b92169c3cac3451dc0a05bca6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 14:03:53 +0000 Subject: [PATCH 1307/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 203d70bf..7e6d1f21 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679133788, - "narHash": "sha256-qAAoW0hfYzr3boWPben0dcS9TjLO6PJJa6JPxnEgycs=", + "lastModified": 1679147795, + "narHash": "sha256-7orY6tIH0eZjmLNVGW4ulNwWHD/WHuveMtAxslmkkkU=", "owner": "nix-community", "repo": "NUR", - "rev": "768717e2740ea04b7fba6218b2675eea59fdcc5f", + "rev": "d79a045f0a1659a04249a13381896ee755c7c7af", "type": "github" }, "original": { -- 2.47.1 From e49227d6304e0e317ace8d31935a9f733a27c5bb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 15:03:11 +0000 Subject: [PATCH 1308/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 7e6d1f21..9d1961c2 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679103246, - "narHash": "sha256-WoOMsVfm0Cofjvewm6lBjNWVaYhR2jV1cVxwYuJcR3U=", + "lastModified": 1679151479, + "narHash": "sha256-16r2mCLwNUZyC1kkmBByGf2JRYAHvbL10/YMpuXeRDc=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "6e6971606d9613f6b5aa1df9ecf68327d079c2cc", + "rev": "ef80a69399d1a5139dd29b77434a750d3da0650c", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679147795, - "narHash": "sha256-7orY6tIH0eZjmLNVGW4ulNwWHD/WHuveMtAxslmkkkU=", + "lastModified": 1679149832, + "narHash": "sha256-Vgnq89MfMp5WUD22k8LvAq2FHiUO4wmjyeBfRIYZDAE=", "owner": "nix-community", "repo": "NUR", - "rev": "d79a045f0a1659a04249a13381896ee755c7c7af", + "rev": "f9f56579409e663b1a3b72f628fe14ab3415581c", "type": "github" }, "original": { -- 2.47.1 From ee2d0c403de8ea3b2e3a3ae1825dd3cfb0130ad0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 16:02:56 +0000 Subject: [PATCH 1309/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 9d1961c2..7f9c0d34 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679151479, - "narHash": "sha256-16r2mCLwNUZyC1kkmBByGf2JRYAHvbL10/YMpuXeRDc=", + "lastModified": 1679151720, + "narHash": "sha256-Z/gFX/UKRBjTQljIEFm1r+WhcIG8gaOKvagQ6ruPnq4=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "ef80a69399d1a5139dd29b77434a750d3da0650c", + "rev": "d544c30551a7e4c4b0a311535cd9c379f121e753", "type": "github" }, "original": { @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679144286, - "narHash": "sha256-SaqWJ4DuOOn5uj/uZGL6DCR1dsEaWk2c4Ky3jj2L/yA=", + "lastModified": 1679153160, + "narHash": "sha256-R6OKcNigeUSLtXIiscI0TNneFeWuDJuIuEg7SvnQhYE=", "owner": "pta2002", "repo": "nixvim", - "rev": "0ae6e18d55478c86f00e829bba3051077c881d0f", + "rev": "4eed4e1de4e9dd6d7a84854a0181046a10f43b95", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679149832, - "narHash": "sha256-Vgnq89MfMp5WUD22k8LvAq2FHiUO4wmjyeBfRIYZDAE=", + "lastModified": 1679152739, + "narHash": "sha256-95gKWTXDCvI3vJiENdYXGWUcGUwlqifmJ9khtGaS74c=", "owner": "nix-community", "repo": "NUR", - "rev": "f9f56579409e663b1a3b72f628fe14ab3415581c", + "rev": "23289b0eef35567ccd3d951d40440524a05dd0a7", "type": "github" }, "original": { -- 2.47.1 From ab816cecdf5836f4f768930ef4442458cf24c125 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 17:03:29 +0000 Subject: [PATCH 1310/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 7f9c0d34..da1a0e0c 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679151720, - "narHash": "sha256-Z/gFX/UKRBjTQljIEFm1r+WhcIG8gaOKvagQ6ruPnq4=", + "lastModified": 1679157029, + "narHash": "sha256-5JvQRGIuTRFpfNgwhHpnPKHeg8uLE0DGDHoESonLaeo=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "d544c30551a7e4c4b0a311535cd9c379f121e753", + "rev": "2ba5238b8e985bb5944b16ac657bf3653a812c00", "type": "github" }, "original": { @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679153160, - "narHash": "sha256-R6OKcNigeUSLtXIiscI0TNneFeWuDJuIuEg7SvnQhYE=", + "lastModified": 1679156639, + "narHash": "sha256-9HQDfd9Ym8Mir+15xtACNAYRlaiKOH8DG8f7SDDYHDA=", "owner": "pta2002", "repo": "nixvim", - "rev": "4eed4e1de4e9dd6d7a84854a0181046a10f43b95", + "rev": "f9af5a150d8dc078fe121bd8bcf19fe4bd044cc9", "type": "github" }, "original": { -- 2.47.1 From 42dd2627b927043e92c55812b224ebbae4aaa171 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 18:00:37 +0000 Subject: [PATCH 1311/1882] chore(deps): update renovate/renovate docker tag to v35.11.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index d89f3107..21ef057a 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.10.2 + image: renovate/renovate:35.11.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 7e2b9837daa84c4e8fc789712ee51bb665f48d85 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 20:07:00 +0000 Subject: [PATCH 1312/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index da1a0e0c..0c2d8099 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679157029, - "narHash": "sha256-5JvQRGIuTRFpfNgwhHpnPKHeg8uLE0DGDHoESonLaeo=", + "lastModified": 1679166084, + "narHash": "sha256-yr+alTr1eGjEKpMiD06FTTMP6vaoNwYEZT6mW6dQ5rM=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "2ba5238b8e985bb5944b16ac657bf3653a812c00", + "rev": "06244555915339967864292dd0b83cd9732516d8", "type": "github" }, "original": { @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679156639, - "narHash": "sha256-9HQDfd9Ym8Mir+15xtACNAYRlaiKOH8DG8f7SDDYHDA=", + "lastModified": 1679167651, + "narHash": "sha256-tCLMq1G2YRIYbEzbw/Nu9B5jXeDQZ7c8o9pbva3smCw=", "owner": "pta2002", "repo": "nixvim", - "rev": "f9af5a150d8dc078fe121bd8bcf19fe4bd044cc9", + "rev": "ff063b27bd7403b7f14413ca1061cbddb3dd36b0", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679152739, - "narHash": "sha256-95gKWTXDCvI3vJiENdYXGWUcGUwlqifmJ9khtGaS74c=", + "lastModified": 1679168785, + "narHash": "sha256-DQ79Ih7qhXdoePmLtf1pXVc+JZwpm+SVBkpsPkY8Y9k=", "owner": "nix-community", "repo": "NUR", - "rev": "23289b0eef35567ccd3d951d40440524a05dd0a7", + "rev": "04277085ab26a094f5eee2c0303e473bd1bc2ee0", "type": "github" }, "original": { -- 2.47.1 From ae103a67ca8d9b55cb1844f6a9ce1b767f319a09 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 21:00:37 +0000 Subject: [PATCH 1313/1882] chore(deps): update renovate/renovate docker tag to v35.12.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 21ef057a..b2b106e8 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.11.0 + image: renovate/renovate:35.12.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 40d5425782bbe799fef2058e2a2278fbc0595eae Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 22:02:12 +0000 Subject: [PATCH 1314/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 0c2d8099..2460f557 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679167651, - "narHash": "sha256-tCLMq1G2YRIYbEzbw/Nu9B5jXeDQZ7c8o9pbva3smCw=", + "lastModified": 1679175874, + "narHash": "sha256-0U8ohwVhlxqjb/IVuRyxgyBuYrhwK0l31VC6sup3i5E=", "owner": "pta2002", "repo": "nixvim", - "rev": "ff063b27bd7403b7f14413ca1061cbddb3dd36b0", + "rev": "bd4384a2e582ab7ea4dad709db3078e650506e09", "type": "github" }, "original": { -- 2.47.1 From aa6953391bdd4d8da17f4271d59772b4b88cf534 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 23:06:57 +0000 Subject: [PATCH 1315/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 2460f557..c8895632 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679175874, - "narHash": "sha256-0U8ohwVhlxqjb/IVuRyxgyBuYrhwK0l31VC6sup3i5E=", + "lastModified": 1679177879, + "narHash": "sha256-/Zy+nVNoh3GHPF6vX7kIIa7SinkuWxbyOyG+nHKp5kA=", "owner": "pta2002", "repo": "nixvim", - "rev": "bd4384a2e582ab7ea4dad709db3078e650506e09", + "rev": "09a2e9afb6a6ebe64a4026b095a90242a7a11669", "type": "github" }, "original": { -- 2.47.1 From 7b4a72fad3a82263e436e32167f8b04eb2180025 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Mar 2023 00:02:38 +0000 Subject: [PATCH 1316/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index c8895632..71a2816e 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679177879, - "narHash": "sha256-/Zy+nVNoh3GHPF6vX7kIIa7SinkuWxbyOyG+nHKp5kA=", + "lastModified": 1679182581, + "narHash": "sha256-4bSyoCSPtmDQnier9almlJFLSBX5V5s7rORY3tdtJmU=", "owner": "pta2002", "repo": "nixvim", - "rev": "09a2e9afb6a6ebe64a4026b095a90242a7a11669", + "rev": "c300601dced69e9c00ad424550628f76c2ee880d", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679168785, - "narHash": "sha256-DQ79Ih7qhXdoePmLtf1pXVc+JZwpm+SVBkpsPkY8Y9k=", + "lastModified": 1679183149, + "narHash": "sha256-4RSJ9rYeA447ub8OCd19NaqFOx63I32Ba638MJyyzlw=", "owner": "nix-community", "repo": "NUR", - "rev": "04277085ab26a094f5eee2c0303e473bd1bc2ee0", + "rev": "ba39867dd6fa1d492e2bb1295a02e0fdbb2778de", "type": "github" }, "original": { -- 2.47.1 From 520831cf25e6d0e11e740b4ed69b688809f6e97b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Mar 2023 02:02:22 +0000 Subject: [PATCH 1317/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 71a2816e..dcdf1732 100644 --- a/flake.lock +++ b/flake.lock @@ -886,11 +886,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1678898370, - "narHash": "sha256-xTICr1j+uat5hk9FyuPOFGxpWHdJRibwZC+ATi0RbtE=", + "lastModified": 1679081381, + "narHash": "sha256-n4+SbrVohxbgbmOTkodfxc3d8W38OfKowD6YNA8j27o=", "owner": "nixos", "repo": "nixpkgs", - "rev": "ac718d02867a84b42522a0ece52d841188208f2c", + "rev": "b573a7f69484a7d213680abb70b4f95bdc28eee5", "type": "github" }, "original": { -- 2.47.1 From 938f81896a8bb9c552d0284862e101e7e34d1af7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Mar 2023 03:03:08 +0000 Subject: [PATCH 1318/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index dcdf1732..d0551394 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679166084, - "narHash": "sha256-yr+alTr1eGjEKpMiD06FTTMP6vaoNwYEZT6mW6dQ5rM=", + "lastModified": 1679192392, + "narHash": "sha256-LMUG9/xgFaUlocHz4r5xJLAe1XT4rvA5ZL/vrQnfHBQ=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "06244555915339967864292dd0b83cd9732516d8", + "rev": "928de3344767b1c8aeade24d57b188aeef57a273", "type": "github" }, "original": { @@ -838,11 +838,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1678972866, - "narHash": "sha256-YV8BcNWfNVgS449B6hFYFUg4kwVIQMNehZP+FNDs1LY=", + "lastModified": 1679058649, + "narHash": "sha256-tXbTGzCFFk5G0IOlhhuQtf3KQ0+9RNDk4O2YmEgvppk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "cd34d6ed7ba7d5c4e44b04a53dc97edb52f2766c", + "rev": "328c9c6f597b1edb75a114df61113d87c61ad60d", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679183149, - "narHash": "sha256-4RSJ9rYeA447ub8OCd19NaqFOx63I32Ba638MJyyzlw=", + "lastModified": 1679194982, + "narHash": "sha256-1/C5lYpRPR1Fbdi6bukLJMFTYcAcDP4gpMiHZebX8Ro=", "owner": "nix-community", "repo": "NUR", - "rev": "ba39867dd6fa1d492e2bb1295a02e0fdbb2778de", + "rev": "629c1a23a2f6c9452598e2e9f2ffc1c0c9343d79", "type": "github" }, "original": { -- 2.47.1 From 2d86fb3a3f756a4f260f0294de361af0b54a5754 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Mar 2023 04:03:17 +0000 Subject: [PATCH 1319/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d0551394..58a17680 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679194982, - "narHash": "sha256-1/C5lYpRPR1Fbdi6bukLJMFTYcAcDP4gpMiHZebX8Ro=", + "lastModified": 1679197506, + "narHash": "sha256-95x0w8Nhhalz2SJkaAxPc7pntYL9NZIwQFnIlQQNYlk=", "owner": "nix-community", "repo": "NUR", - "rev": "629c1a23a2f6c9452598e2e9f2ffc1c0c9343d79", + "rev": "e3c958a17ca6a7b337512aab8d63b055bff722eb", "type": "github" }, "original": { -- 2.47.1 From 7340e56dd738b87caf975565540e0e13d64cac7a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Mar 2023 05:03:31 +0000 Subject: [PATCH 1320/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 58a17680..f8ac77b8 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679197506, - "narHash": "sha256-95x0w8Nhhalz2SJkaAxPc7pntYL9NZIwQFnIlQQNYlk=", + "lastModified": 1679199302, + "narHash": "sha256-8t3pYy57aO/JssIO/wQ+GKtyhkUgrKUe95hr5BBg53s=", "owner": "nix-community", "repo": "NUR", - "rev": "e3c958a17ca6a7b337512aab8d63b055bff722eb", + "rev": "609e8d045f7de1a02ea0e366e810c5eeeae8fe70", "type": "github" }, "original": { -- 2.47.1 From a260e38e3200503ad7bb48ac45c072740db19087 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Mar 2023 08:02:29 +0000 Subject: [PATCH 1321/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index f8ac77b8..6894cb30 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679199302, - "narHash": "sha256-8t3pYy57aO/JssIO/wQ+GKtyhkUgrKUe95hr5BBg53s=", + "lastModified": 1679210063, + "narHash": "sha256-jxyPuYtyFVefkCCAmwlKysaQzX0YX2Vm2wsDZUfVKl0=", "owner": "nix-community", "repo": "NUR", - "rev": "609e8d045f7de1a02ea0e366e810c5eeeae8fe70", + "rev": "80bd787b4ca4b7f06370f1861f2cdac77e1a74c5", "type": "github" }, "original": { -- 2.47.1 From 5e95b5953d2fb9b43514247bf654c33d06e46024 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Mar 2023 09:03:34 +0000 Subject: [PATCH 1322/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 6894cb30..1ca08d1b 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679210063, - "narHash": "sha256-jxyPuYtyFVefkCCAmwlKysaQzX0YX2Vm2wsDZUfVKl0=", + "lastModified": 1679215591, + "narHash": "sha256-o/vmqJThxX60GDyjUkqy+SPfQWD9creMtOiDcqcX/H0=", "owner": "nix-community", "repo": "NUR", - "rev": "80bd787b4ca4b7f06370f1861f2cdac77e1a74c5", + "rev": "18edaf9bc8073526487fa320e7b4e3f313c81a15", "type": "github" }, "original": { -- 2.47.1 From 24ce958085cd33bfc552b436f85e6a2b90610f43 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Mar 2023 10:03:00 +0000 Subject: [PATCH 1323/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1ca08d1b..12ab4c61 100644 --- a/flake.lock +++ b/flake.lock @@ -838,11 +838,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1679058649, - "narHash": "sha256-tXbTGzCFFk5G0IOlhhuQtf3KQ0+9RNDk4O2YmEgvppk=", + "lastModified": 1679139072, + "narHash": "sha256-Gtw2Yj8DfETie3u7iHv1y5Wt+plGRmp6nTQ0EEfaPho=", "owner": "nixos", "repo": "nixpkgs", - "rev": "328c9c6f597b1edb75a114df61113d87c61ad60d", + "rev": "08ef7dc8334521605a5c8b7086cc248e74ee338b", "type": "github" }, "original": { -- 2.47.1 From 4fbb47abf21d1c4a51a921b52a985c78c742f669 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Mar 2023 12:02:09 +0000 Subject: [PATCH 1324/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 12ab4c61..2505e6b0 100644 --- a/flake.lock +++ b/flake.lock @@ -725,11 +725,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1679075297, - "narHash": "sha256-8TwS7NPQWW9iPejBwWzmjLnK8bQhdOMPpsj3KPAL6x8=", + "lastModified": 1679224149, + "narHash": "sha256-TSY37Zv0icF/aijR3/KWGLVBlnKKHlG9QTj7vHbF/UU=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "994584bb26ffa1deeaf56099601ef4bcc487273e", + "rev": "a4bc66709604ab78abc575b60baa6d23ae027a59", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679215591, - "narHash": "sha256-o/vmqJThxX60GDyjUkqy+SPfQWD9creMtOiDcqcX/H0=", + "lastModified": 1679225271, + "narHash": "sha256-wOVv5IZ3IFTVR1SMUnk4VniWyJjNyEftTx3ZjS+XIts=", "owner": "nix-community", "repo": "NUR", - "rev": "18edaf9bc8073526487fa320e7b4e3f313c81a15", + "rev": "2be50c8cd8d6df77460ea9709654959eeaa5e0b6", "type": "github" }, "original": { -- 2.47.1 From fa8cac78bec07f40f423dba488ebf9ee84c7f418 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Mar 2023 15:00:25 +0000 Subject: [PATCH 1325/1882] chore(deps): update renovate/renovate docker tag to v35.13.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index b2b106e8..d5b1ba5b 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.12.0 + image: renovate/renovate:35.13.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 7d676dbeec660bbf48749dedc17d9e4832384b7b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Mar 2023 17:07:28 +0000 Subject: [PATCH 1326/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 2505e6b0..93d959af 100644 --- a/flake.lock +++ b/flake.lock @@ -886,11 +886,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1679081381, - "narHash": "sha256-n4+SbrVohxbgbmOTkodfxc3d8W38OfKowD6YNA8j27o=", + "lastModified": 1679172431, + "narHash": "sha256-XEh5gIt5otaUbEAPUY5DILUTyWe1goAyeqQtmwaFPyI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b573a7f69484a7d213680abb70b4f95bdc28eee5", + "rev": "1603d11595a232205f03d46e635d919d1e1ec5b9", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679225271, - "narHash": "sha256-wOVv5IZ3IFTVR1SMUnk4VniWyJjNyEftTx3ZjS+XIts=", + "lastModified": 1679244635, + "narHash": "sha256-/UZR31DEc8k9banJeJQgcCZ8HZQBVaxJQJ0hjtdNLNM=", "owner": "nix-community", "repo": "NUR", - "rev": "2be50c8cd8d6df77460ea9709654959eeaa5e0b6", + "rev": "349623e98a63453ee55fe88c3715b1f6d920a64f", "type": "github" }, "original": { -- 2.47.1 From 8e7616b537f1de39ca29d1570754e5e05f0653a1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Mar 2023 18:00:39 +0000 Subject: [PATCH 1327/1882] chore(deps): update renovate/renovate docker tag to v35.14.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index d5b1ba5b..26e219e2 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.13.0 + image: renovate/renovate:35.14.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 8e18e1b6c3d502112da00d3ed9f869d1e1690ae1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Mar 2023 19:03:12 +0000 Subject: [PATCH 1328/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 93d959af..f46f8c3a 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1679067095, - "narHash": "sha256-G2dJQURL/CCi+8RP6jNJG8VqgtzEMCA+6mNodd3VR6E=", + "lastModified": 1679246045, + "narHash": "sha256-6yK601M0RpG9o0CqCl++9OCWEH+q+va6lEncLNg8iQ4=", "owner": "nix-community", "repo": "home-manager", - "rev": "3239e0b40f242f47bf6c0c37b2fd35ab3e76e370", + "rev": "bcc417b80f3bef3e0cf21160850525d8a03387e6", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679244635, - "narHash": "sha256-/UZR31DEc8k9banJeJQgcCZ8HZQBVaxJQJ0hjtdNLNM=", + "lastModified": 1679247967, + "narHash": "sha256-xRG+RFHTi6sRXO3vVzbyXmwBgS5NdIJ8OxEOb/u9BsA=", "owner": "nix-community", "repo": "NUR", - "rev": "349623e98a63453ee55fe88c3715b1f6d920a64f", + "rev": "21aeb2c533a08aa107e8c708bff7c765b5a1ea36", "type": "github" }, "original": { -- 2.47.1 From 9c210ee520d9e8da59711ff41eed5f406f5bfd48 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Mar 2023 20:08:24 +0000 Subject: [PATCH 1329/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index f46f8c3a..f8d49649 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679247967, - "narHash": "sha256-xRG+RFHTi6sRXO3vVzbyXmwBgS5NdIJ8OxEOb/u9BsA=", + "lastModified": 1679255149, + "narHash": "sha256-tsE6S7k1RVMXUHY8bckmgJYS+SccrGaOAUsclioPCaI=", "owner": "nix-community", "repo": "NUR", - "rev": "21aeb2c533a08aa107e8c708bff7c765b5a1ea36", + "rev": "a0d134f0094b06ed29fe18254c54e9398e24bb91", "type": "github" }, "original": { -- 2.47.1 From cee622a3a59770cd9d55f7d9dd8ae9b6f612d41b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Mar 2023 21:00:40 +0000 Subject: [PATCH 1330/1882] chore(deps): update renovate/renovate docker tag to v35.14.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 26e219e2..4dd39554 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.14.0 + image: renovate/renovate:35.14.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 749b1c4a48c33e494e6a3c20e1b349b998fa01b7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Mar 2023 22:02:22 +0000 Subject: [PATCH 1331/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index f8d49649..8219c2fe 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679255149, - "narHash": "sha256-tsE6S7k1RVMXUHY8bckmgJYS+SccrGaOAUsclioPCaI=", + "lastModified": 1679262299, + "narHash": "sha256-jP3kRwI5dGENOe/ZeedKtONiidkoCVkCvOVtr18ayRM=", "owner": "nix-community", "repo": "NUR", - "rev": "a0d134f0094b06ed29fe18254c54e9398e24bb91", + "rev": "a012722db85e4c910e6c13b592e07fc129215de4", "type": "github" }, "original": { -- 2.47.1 From fba0d2d64b136246ac4179dd17b893caf9e97cc1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 19 Mar 2023 23:10:52 +0000 Subject: [PATCH 1332/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 8219c2fe..3db98395 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679262299, - "narHash": "sha256-jP3kRwI5dGENOe/ZeedKtONiidkoCVkCvOVtr18ayRM=", + "lastModified": 1679265892, + "narHash": "sha256-m9UEFKIvU95hQmCtURZWNZRFrIgvptIXnDBZBfEF2iA=", "owner": "nix-community", "repo": "NUR", - "rev": "a012722db85e4c910e6c13b592e07fc129215de4", + "rev": "75ff74195c8ff39a7d2ac5a8f5784d9ebec27848", "type": "github" }, "original": { -- 2.47.1 From 462e1e12a44820237d7adc78d58d809319efa1c8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Mar 2023 00:02:20 +0000 Subject: [PATCH 1333/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 3db98395..99a02c7b 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1679246045, - "narHash": "sha256-6yK601M0RpG9o0CqCl++9OCWEH+q+va6lEncLNg8iQ4=", + "lastModified": 1679265143, + "narHash": "sha256-5RDMW+O4owjdPz7t4K4YxH2fOHCNOcyVmSiKRUikiv0=", "owner": "nix-community", "repo": "home-manager", - "rev": "bcc417b80f3bef3e0cf21160850525d8a03387e6", + "rev": "1b8bf5c3270386a1b6850bd77d79dbdbaf0d7a7c", "type": "github" }, "original": { -- 2.47.1 From 1acbc32396d89a5d2c8805e18e4bd1e07c5be73d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Mar 2023 02:02:40 +0000 Subject: [PATCH 1334/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 99a02c7b..72ff737f 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679192392, - "narHash": "sha256-LMUG9/xgFaUlocHz4r5xJLAe1XT4rvA5ZL/vrQnfHBQ=", + "lastModified": 1679277046, + "narHash": "sha256-5E/Cd1PdYwN0bfR3dyyTQ2Wu5ADK3pg/Z+viAtfaP70=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "928de3344767b1c8aeade24d57b188aeef57a273", + "rev": "d23bbd1687a5413fb7f2c08b67692d4e64f8efef", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679265892, - "narHash": "sha256-m9UEFKIvU95hQmCtURZWNZRFrIgvptIXnDBZBfEF2iA=", + "lastModified": 1679277464, + "narHash": "sha256-P3hWMYSWBbuNkTS9ejq8VPPZrjPY1sgyTG+pJxXdc98=", "owner": "nix-community", "repo": "NUR", - "rev": "75ff74195c8ff39a7d2ac5a8f5784d9ebec27848", + "rev": "5e19da721cccf3ef6135f790ddb747a5958d6030", "type": "github" }, "original": { -- 2.47.1 From 7cde7d08fd441f047e5aadcc10d15663d58e000d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Mar 2023 03:03:07 +0000 Subject: [PATCH 1335/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 72ff737f..8fe1b4ea 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679277464, - "narHash": "sha256-P3hWMYSWBbuNkTS9ejq8VPPZrjPY1sgyTG+pJxXdc98=", + "lastModified": 1679280501, + "narHash": "sha256-KNTYnWnRZgjEIfHtcOUCDeNoZwr8HWaHRJoRiv9K7Ho=", "owner": "nix-community", "repo": "NUR", - "rev": "5e19da721cccf3ef6135f790ddb747a5958d6030", + "rev": "40fb6685594739db32c3fac6559335ad23b11dc4", "type": "github" }, "original": { -- 2.47.1 From f33100a8c942aac34ea66b781f60361cdf9aa3ae Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Mar 2023 04:03:47 +0000 Subject: [PATCH 1336/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 8fe1b4ea..d41bf945 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679280501, - "narHash": "sha256-KNTYnWnRZgjEIfHtcOUCDeNoZwr8HWaHRJoRiv9K7Ho=", + "lastModified": 1679283873, + "narHash": "sha256-aFJU7U+0zf56PMDaGEOAGNznd7RU4BzchRSRwseBjY4=", "owner": "nix-community", "repo": "NUR", - "rev": "40fb6685594739db32c3fac6559335ad23b11dc4", + "rev": "0f49603a8327b573aec3a288b8f8eb1e61bd18fc", "type": "github" }, "original": { -- 2.47.1 From 98668161e18afc7f0608cec268b8430b0685e704 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Mar 2023 05:04:44 +0000 Subject: [PATCH 1337/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d41bf945..741b044d 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679283873, - "narHash": "sha256-aFJU7U+0zf56PMDaGEOAGNznd7RU4BzchRSRwseBjY4=", + "lastModified": 1679285393, + "narHash": "sha256-j+m6VJZsbN28vhVzbnQNECglrBWDOd7NXVFbIi1ikcw=", "owner": "nix-community", "repo": "NUR", - "rev": "0f49603a8327b573aec3a288b8f8eb1e61bd18fc", + "rev": "dfacc9ff2861697c36660c5ad943656b5cc840f1", "type": "github" }, "original": { -- 2.47.1 From 146a9248f5cee72c94f70e8349133a2b1c6891da Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Mar 2023 06:03:12 +0000 Subject: [PATCH 1338/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 741b044d..44c8529d 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679285393, - "narHash": "sha256-j+m6VJZsbN28vhVzbnQNECglrBWDOd7NXVFbIi1ikcw=", + "lastModified": 1679290994, + "narHash": "sha256-9lr4j5q/qs9XHOY4MkOWwmbVsnggZNoFW3mEdSV9TyM=", "owner": "nix-community", "repo": "NUR", - "rev": "dfacc9ff2861697c36660c5ad943656b5cc840f1", + "rev": "071616cc2caefaf5976a584f89f43d021e439b95", "type": "github" }, "original": { -- 2.47.1 From 9d70a61fc08ef509bf37b7c380a5d659752f5bd3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Mar 2023 08:00:28 +0000 Subject: [PATCH 1339/1882] chore(deps): update renovate/renovate docker tag to v35.14.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 4dd39554..249f6c4f 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.14.1 + image: renovate/renovate:35.14.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 4e7dde59240546fb3eb252d38f4354ba910a017b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Mar 2023 09:03:30 +0000 Subject: [PATCH 1340/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 44c8529d..b84b8f5b 100644 --- a/flake.lock +++ b/flake.lock @@ -838,11 +838,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1679139072, - "narHash": "sha256-Gtw2Yj8DfETie3u7iHv1y5Wt+plGRmp6nTQ0EEfaPho=", + "lastModified": 1679224734, + "narHash": "sha256-1Ab3xY7Wgo1h1TNwRt6fp2XjV+KUo+hP1Bolh0KiDJs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "08ef7dc8334521605a5c8b7086cc248e74ee338b", + "rev": "eac7da7b519a5aefe92c33c90b4450a24ebe0ab3", "type": "github" }, "original": { -- 2.47.1 From 3ec7c3f33f2ca48779a67691c287590ce5606b7a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Mar 2023 11:02:03 +0000 Subject: [PATCH 1341/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b84b8f5b..98b7d8c2 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679290994, - "narHash": "sha256-9lr4j5q/qs9XHOY4MkOWwmbVsnggZNoFW3mEdSV9TyM=", + "lastModified": 1679309270, + "narHash": "sha256-pEiq5/Ok2LzN+SWb0/OeUToeV4u5VVzVhGlmFCq5ud8=", "owner": "nix-community", "repo": "NUR", - "rev": "071616cc2caefaf5976a584f89f43d021e439b95", + "rev": "dbd64b667e36864478a39e2e78f467f2f66d3590", "type": "github" }, "original": { -- 2.47.1 From 058f224074aa592eb523bc628ce925d0cec235f0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Mar 2023 14:04:24 +0000 Subject: [PATCH 1342/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 98b7d8c2..5d376a16 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679309270, - "narHash": "sha256-pEiq5/Ok2LzN+SWb0/OeUToeV4u5VVzVhGlmFCq5ud8=", + "lastModified": 1679319981, + "narHash": "sha256-lXAO8o4vRMcbo4xFJ0YT9Ov0raelwONpDYNhZDOvKRk=", "owner": "nix-community", "repo": "NUR", - "rev": "dbd64b667e36864478a39e2e78f467f2f66d3590", + "rev": "b8bb5f35adf23deedad9de7eb9d71c56195f3bed", "type": "github" }, "original": { -- 2.47.1 From 00e0e15160349ef31bb11ccced9b7d60de0741a6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Mar 2023 15:02:47 +0000 Subject: [PATCH 1343/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 5d376a16..20a07fc0 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679182581, - "narHash": "sha256-4bSyoCSPtmDQnier9almlJFLSBX5V5s7rORY3tdtJmU=", + "lastModified": 1679323249, + "narHash": "sha256-HUxgtXkkYSsNQ5GeaxXJcE02An4BRK5DqCrSyzMFKUs=", "owner": "pta2002", "repo": "nixvim", - "rev": "c300601dced69e9c00ad424550628f76c2ee880d", + "rev": "961da92d2cb4951050b4bf5dd50a610944cfe17c", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679319981, - "narHash": "sha256-lXAO8o4vRMcbo4xFJ0YT9Ov0raelwONpDYNhZDOvKRk=", + "lastModified": 1679323679, + "narHash": "sha256-pf14ON4RD/4OGPDGJ/FwM7j918Iscoc2GQruHT0MHTc=", "owner": "nix-community", "repo": "NUR", - "rev": "b8bb5f35adf23deedad9de7eb9d71c56195f3bed", + "rev": "d92690e27e2101cedae583760c06fdd4212e658c", "type": "github" }, "original": { -- 2.47.1 From 9dab22c7d15c457f3c86eb6d7103f5a541f1f6e1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Mar 2023 16:02:44 +0000 Subject: [PATCH 1344/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 20a07fc0..8d1e7ebd 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679277046, - "narHash": "sha256-5E/Cd1PdYwN0bfR3dyyTQ2Wu5ADK3pg/Z+viAtfaP70=", + "lastModified": 1679327386, + "narHash": "sha256-7t9NEqNZIyQ1ikr+ROPPVWvXbgZ4u1CUA9GAzqhWw04=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "d23bbd1687a5413fb7f2c08b67692d4e64f8efef", + "rev": "dd4270eadf8a62f4e8f417ff8a78f445745c6096", "type": "github" }, "original": { -- 2.47.1 From d1744ff4d8128a73665df8757d44c69667976025 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Mar 2023 17:03:10 +0000 Subject: [PATCH 1345/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 8d1e7ebd..5f9faa4c 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679327386, - "narHash": "sha256-7t9NEqNZIyQ1ikr+ROPPVWvXbgZ4u1CUA9GAzqhWw04=", + "lastModified": 1679329354, + "narHash": "sha256-pVVl5sserTtBHgEGpCTle3m05p+Gz/F9ApClxEH/EA8=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "dd4270eadf8a62f4e8f417ff8a78f445745c6096", + "rev": "5ffe5dd5942945993f165dd7ca6de2cd0b5ac47b", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679323679, - "narHash": "sha256-pf14ON4RD/4OGPDGJ/FwM7j918Iscoc2GQruHT0MHTc=", + "lastModified": 1679331329, + "narHash": "sha256-2NBrGchpZdRmhnXwnqXmFc688iesBX/H8/vY598HiVY=", "owner": "nix-community", "repo": "NUR", - "rev": "d92690e27e2101cedae583760c06fdd4212e658c", + "rev": "9fd65afa2b1e95c540c6be8f24fdfb18d63d4efd", "type": "github" }, "original": { -- 2.47.1 From 9dc49f926f6573070812f525a507d13daede71e5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Mar 2023 18:02:49 +0000 Subject: [PATCH 1346/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 5f9faa4c..e89635f7 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679331329, - "narHash": "sha256-2NBrGchpZdRmhnXwnqXmFc688iesBX/H8/vY598HiVY=", + "lastModified": 1679334364, + "narHash": "sha256-9XirXJEO7/MPKrsahFoGuTkOLkRLykL5mDAJbhlzeBQ=", "owner": "nix-community", "repo": "NUR", - "rev": "9fd65afa2b1e95c540c6be8f24fdfb18d63d4efd", + "rev": "3879b4a718c91af0e0bbcf93f8f897bbfaceca8d", "type": "github" }, "original": { -- 2.47.1 From 13a1b7f6a099747faf211e5296278f6d088bdffa Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Mar 2023 19:00:39 +0000 Subject: [PATCH 1347/1882] chore(deps): update renovate/renovate docker tag to v35.14.3 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 249f6c4f..785bbd1c 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.14.2 + image: renovate/renovate:35.14.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 15c6e434f33abfaf98ad1512d5e339f9145de127 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Mar 2023 20:03:21 +0000 Subject: [PATCH 1348/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index e89635f7..09816ee5 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679334364, - "narHash": "sha256-9XirXJEO7/MPKrsahFoGuTkOLkRLykL5mDAJbhlzeBQ=", + "lastModified": 1679341557, + "narHash": "sha256-cMj6zzH0cUdd2nMLvplQDO5cfViZB33WApPHtKVDHXI=", "owner": "nix-community", "repo": "NUR", - "rev": "3879b4a718c91af0e0bbcf93f8f897bbfaceca8d", + "rev": "d7a59b9f787b1ded42c76969ae3c720024687a24", "type": "github" }, "original": { -- 2.47.1 From d85fbcac2bdcf7488edaf3a3d8d3bebcb188d3fb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Mar 2023 22:02:20 +0000 Subject: [PATCH 1349/1882] chore(deps): lock file maintenance --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 09816ee5..c8ba4139 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679329354, - "narHash": "sha256-pVVl5sserTtBHgEGpCTle3m05p+Gz/F9ApClxEH/EA8=", + "lastModified": 1679349433, + "narHash": "sha256-O/BOlbCgMBtERan4f2/qnwRpz975ia9Y4ZSOxm51OIM=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "5ffe5dd5942945993f165dd7ca6de2cd0b5ac47b", + "rev": "e80e93fcda660c4d367a34aaad402ff0a325648f", "type": "github" }, "original": { @@ -854,11 +854,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1677676435, - "narHash": "sha256-6FxdcmQr5JeZqsQvfinIMr0XcTyTuR7EXX0H3ANShpQ=", + "lastModified": 1679172431, + "narHash": "sha256-XEh5gIt5otaUbEAPUY5DILUTyWe1goAyeqQtmwaFPyI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a08d6979dd7c82c4cef0dcc6ac45ab16051c1169", + "rev": "1603d11595a232205f03d46e635d919d1e1ec5b9", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679341557, - "narHash": "sha256-cMj6zzH0cUdd2nMLvplQDO5cfViZB33WApPHtKVDHXI=", + "lastModified": 1679348834, + "narHash": "sha256-3j0KXPL3KaQ/tWujcKs0LlZr1/DFSL1huhr4L8uCE9w=", "owner": "nix-community", "repo": "NUR", - "rev": "d7a59b9f787b1ded42c76969ae3c720024687a24", + "rev": "f07c19512d134a81bae944b8b98231ce4d6f718f", "type": "github" }, "original": { @@ -1303,11 +1303,11 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1677789111, - "narHash": "sha256-dWrk+Q3bLdtFe5rkyaAKWCQJCeE/KFNllcu1DvBC38c=", + "lastModified": 1679340088, + "narHash": "sha256-/1KiYoBivDj8HC/eVK2Tr2WYkVdKJxq2Lb0tQs0qqJo=", "owner": "wlroots", "repo": "wlroots", - "rev": "5ae17de23f5fd9bb252a698f3771c840280e2c05", + "rev": "1d64e12391a638201c679e71d4e22bb45e5faa8e", "type": "gitlab" }, "original": { -- 2.47.1 From 0f33259cf8a74a4b998884d016e4c89e71431cf9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Mar 2023 23:02:49 +0000 Subject: [PATCH 1350/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index c8ba4139..0359dd45 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679349433, - "narHash": "sha256-O/BOlbCgMBtERan4f2/qnwRpz975ia9Y4ZSOxm51OIM=", + "lastModified": 1679351214, + "narHash": "sha256-XiiwIRMk0XQRqu30tWJQUbdQVHYo1uJ16uH9jh9oT5c=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "e80e93fcda660c4d367a34aaad402ff0a325648f", + "rev": "cb229f64360502c6774e7242fa353254dcacc931", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679348834, - "narHash": "sha256-3j0KXPL3KaQ/tWujcKs0LlZr1/DFSL1huhr4L8uCE9w=", + "lastModified": 1679352354, + "narHash": "sha256-uvdCsfooo/fVsaoK+4vLJ1VlKaInTpRu9l1VqOhi86o=", "owner": "nix-community", "repo": "NUR", - "rev": "f07c19512d134a81bae944b8b98231ce4d6f718f", + "rev": "8d5fbaeae27de678b9a10a00443be9c00a1dd9dd", "type": "github" }, "original": { -- 2.47.1 From 866b951e40cd4747d25281c2f5a346e5720f1f9e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Mar 2023 00:02:48 +0000 Subject: [PATCH 1351/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 0359dd45..3b5abd54 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679352354, - "narHash": "sha256-uvdCsfooo/fVsaoK+4vLJ1VlKaInTpRu9l1VqOhi86o=", + "lastModified": 1679355957, + "narHash": "sha256-PYmndBexU7F/RMRXHUPrXojGjFpN1erT75Cylm/NVLw=", "owner": "nix-community", "repo": "NUR", - "rev": "8d5fbaeae27de678b9a10a00443be9c00a1dd9dd", + "rev": "922394c0034879cc6525e1a17c76316be815454a", "type": "github" }, "original": { -- 2.47.1 From 4afd2bb97065b8c7083a99d892c20031607a6145 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Mar 2023 01:03:50 +0000 Subject: [PATCH 1352/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 3b5abd54..c65d3abb 100644 --- a/flake.lock +++ b/flake.lock @@ -886,11 +886,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1679172431, - "narHash": "sha256-XEh5gIt5otaUbEAPUY5DILUTyWe1goAyeqQtmwaFPyI=", + "lastModified": 1679262748, + "narHash": "sha256-DQCrrAFrkxijC6haUzOC5ZoFqpcv/tg2WxnyW3np1Cc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "1603d11595a232205f03d46e635d919d1e1ec5b9", + "rev": "60c1d71f2ba4c80178ec84523c2ca0801522e0a6", "type": "github" }, "original": { -- 2.47.1 From 53bd094886f5a5002c865ec081529f07c3cdd555 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Mar 2023 02:03:36 +0000 Subject: [PATCH 1353/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c65d3abb..0f75acb6 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679355957, - "narHash": "sha256-PYmndBexU7F/RMRXHUPrXojGjFpN1erT75Cylm/NVLw=", + "lastModified": 1679363587, + "narHash": "sha256-Yd1YdB966dnzn848Gwi6WMXLH3IVEgMwbhvsGp9X22Q=", "owner": "nix-community", "repo": "NUR", - "rev": "922394c0034879cc6525e1a17c76316be815454a", + "rev": "4adb8d24394fc0108e4fed80079386ba7f7b70a5", "type": "github" }, "original": { -- 2.47.1 From 100ee829ec7cab2ee9cb9953cd1589c9d39857a6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Mar 2023 03:02:40 +0000 Subject: [PATCH 1354/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 0f75acb6..e1c08cb3 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679363587, - "narHash": "sha256-Yd1YdB966dnzn848Gwi6WMXLH3IVEgMwbhvsGp9X22Q=", + "lastModified": 1679367708, + "narHash": "sha256-Q6LX6gwAwE/I9vel2CRAZIlUCEIDCpcGxVjnSppAvIo=", "owner": "nix-community", "repo": "NUR", - "rev": "4adb8d24394fc0108e4fed80079386ba7f7b70a5", + "rev": "21e8c94e2bd071333b068c3ebd890a3c0a3581ad", "type": "github" }, "original": { -- 2.47.1 From 0f20506a2633258f3621735a105f032a2d89432e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Mar 2023 04:03:10 +0000 Subject: [PATCH 1355/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index e1c08cb3..2323d390 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679367708, - "narHash": "sha256-Q6LX6gwAwE/I9vel2CRAZIlUCEIDCpcGxVjnSppAvIo=", + "lastModified": 1679370157, + "narHash": "sha256-mJq56WfZLRAPRpsJPGaZTg58QvXBTYG5EQPweNQzRqE=", "owner": "nix-community", "repo": "NUR", - "rev": "21e8c94e2bd071333b068c3ebd890a3c0a3581ad", + "rev": "c21a1e0582d782fecd1cece18b78e218bda9c3e2", "type": "github" }, "original": { -- 2.47.1 From b112701bdc18f55f7e3665654cd310b6e57ebbaa Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 20 Mar 2023 23:00:25 +0000 Subject: [PATCH 1356/1882] chore(deps): update flaresolverr/flaresolverr docker tag to v3.1.0 --- nixos/hosts/hades/prowlarr/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/prowlarr/configuration.nix b/nixos/hosts/hades/prowlarr/configuration.nix index 88bbe686..2a8adf1f 100644 --- a/nixos/hosts/hades/prowlarr/configuration.nix +++ b/nixos/hosts/hades/prowlarr/configuration.nix @@ -14,7 +14,7 @@ backend = "podman"; containers = { flaresolverr = { - image = "flaresolverr/flaresolverr:v3.0.4"; + image = "flaresolverr/flaresolverr:v3.1.0"; ports = [ "8191:8191" ]; -- 2.47.1 From fe44f9078708c8fc388051a0f9294a28eea39410 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 18 Mar 2023 00:00:25 +0000 Subject: [PATCH 1357/1882] chore(deps): update helm release external-secrets to v0.8.1 --- flux/olympus/core/external-secrets/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/core/external-secrets/helm-release.yaml b/flux/olympus/core/external-secrets/helm-release.yaml index da055200..453f028b 100644 --- a/flux/olympus/core/external-secrets/helm-release.yaml +++ b/flux/olympus/core/external-secrets/helm-release.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: external-secrets - version: 0.7.2 + version: 0.8.1 interval: 30m sourceRef: kind: HelmRepository -- 2.47.1 From 0f37d26a8e864434058e06defa8db1040423738b Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 21 Mar 2023 11:27:01 +0100 Subject: [PATCH 1358/1882] minor fixes --- nixos/common/generic-lxc.nix | 3 +++ nixos/hosts/thalassa/aoife/home/neovim.nix | 8 ++------ nixos/hosts/thalassa/aoife/networking.nix | 4 ++-- 3 files changed, 7 insertions(+), 8 deletions(-) diff --git a/nixos/common/generic-lxc.nix b/nixos/common/generic-lxc.nix index 0c1c286c..ba7afbaf 100644 --- a/nixos/common/generic-lxc.nix +++ b/nixos/common/generic-lxc.nix @@ -3,4 +3,7 @@ _: { # Supress systemd services that don't work (correctly) on LXC systemd.suppressedSystemUnits = [ "dev-mqueue.mount" "sys-kernel-debug.mount" "sys-fs-fuse-connections.mount" ]; + + # https://github.com/NixOS/nixpkgs/issues/157449#issuecomment-1459299764 + boot.specialFileSystems."/run".options = [ "rshared" ]; } diff --git a/nixos/hosts/thalassa/aoife/home/neovim.nix b/nixos/hosts/thalassa/aoife/home/neovim.nix index d12dda77..2ab5b9c1 100644 --- a/nixos/hosts/thalassa/aoife/home/neovim.nix +++ b/nixos/hosts/thalassa/aoife/home/neovim.nix @@ -53,7 +53,7 @@ lspkind.enable = true; nvim-cmp = { enable = true; - auto_enable_sources = true; + autoEnableSources = true; sources = [ { name = "nvim_lsp"; } { name = "cmp-latex-symbols"; } @@ -66,11 +66,7 @@ { name = "path"; } { name = "buffer"; } ]; - snippet.expand = '' - function(args) - require('luasnip').lsp_expand(args.body) -- For `luasnip` users. - end - ''; + snippet.expand = "luasnip"; mappingPresets = [ "insert" "cmdline" ]; mapping = { "" = "cmp.mapping.confirm({ select = true })"; diff --git a/nixos/hosts/thalassa/aoife/networking.nix b/nixos/hosts/thalassa/aoife/networking.nix index 16d4e073..826668a9 100644 --- a/nixos/hosts/thalassa/aoife/networking.nix +++ b/nixos/hosts/thalassa/aoife/networking.nix @@ -1,5 +1,5 @@ _: { networking.networkmanager.enable = true; networking.firewall.checkReversePath = false; - # networking.firewall.enable = false; -} \ No newline at end of file + networking.firewall.enable = false; +} -- 2.47.1 From 344e40dd1b0311baf9c0f70e9c93ffde7f4eb75d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Mar 2023 11:00:30 +0000 Subject: [PATCH 1359/1882] chore(deps): update renovate/renovate docker tag to v35.14.4 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 785bbd1c..ba91a0f3 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.14.3 + image: renovate/renovate:35.14.4 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 8057d6aea89f2f9b31b34141f0105ab02075ffaa Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Mar 2023 12:02:33 +0000 Subject: [PATCH 1360/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 2323d390..5ec66ff3 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1679265143, - "narHash": "sha256-5RDMW+O4owjdPz7t4K4YxH2fOHCNOcyVmSiKRUikiv0=", + "lastModified": 1679394816, + "narHash": "sha256-1V1esJt2YAxsKmRuGuB62RF5vhDAVFDvJXVNhtEO22A=", "owner": "nix-community", "repo": "home-manager", - "rev": "1b8bf5c3270386a1b6850bd77d79dbdbaf0d7a7c", + "rev": "e386ec640e16dc91120977285cb8c72c77078164", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679370157, - "narHash": "sha256-mJq56WfZLRAPRpsJPGaZTg58QvXBTYG5EQPweNQzRqE=", + "lastModified": 1679397472, + "narHash": "sha256-HJdIJO2gHL6dRAH5YBZMP3qzvmSuLRtQ+3HL5mS9jKg=", "owner": "nix-community", "repo": "NUR", - "rev": "c21a1e0582d782fecd1cece18b78e218bda9c3e2", + "rev": "89adadf2c092d641d9791cc58baeb6432be5bc8d", "type": "github" }, "original": { -- 2.47.1 From ede44a8ec10bab4318b17dbbaf64e1d43612d4f0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Mar 2023 14:00:25 +0000 Subject: [PATCH 1361/1882] chore(deps): update renovate/renovate docker tag to v35.15.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index ba91a0f3..8de2769b 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.14.4 + image: renovate/renovate:35.15.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From c0b51da48c7a9033e0422585e4a6c027b44953f4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Mar 2023 17:01:35 +0000 Subject: [PATCH 1362/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 5ec66ff3..fda1ed27 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679397472, - "narHash": "sha256-HJdIJO2gHL6dRAH5YBZMP3qzvmSuLRtQ+3HL5mS9jKg=", + "lastModified": 1679417220, + "narHash": "sha256-vnxmwSXdgvw8LrRXEznMxbjLlvV1un1UUIrd/oaROl4=", "owner": "nix-community", "repo": "NUR", - "rev": "89adadf2c092d641d9791cc58baeb6432be5bc8d", + "rev": "ccdddaedf535efd166318bcbcfc0edecc469d467", "type": "github" }, "original": { -- 2.47.1 From c8d2209a55c26624e2d8d751b102660b80013d3c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Mar 2023 18:02:37 +0000 Subject: [PATCH 1363/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index fda1ed27..c229aa3a 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679351214, - "narHash": "sha256-XiiwIRMk0XQRqu30tWJQUbdQVHYo1uJ16uH9jh9oT5c=", + "lastModified": 1679420786, + "narHash": "sha256-aBXNCRPZt+dGibh45sN8O4oRahE8rN3qCSAxkQ3XYLI=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "cb229f64360502c6774e7242fa353254dcacc931", + "rev": "adf5d8a114362a5d32013e95f254b85be048dbdb", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679417220, - "narHash": "sha256-vnxmwSXdgvw8LrRXEznMxbjLlvV1un1UUIrd/oaROl4=", + "lastModified": 1679420098, + "narHash": "sha256-0i8bQwAi+Knog4jFnBCTIf3Zt3QGZBE6KzG1ckwJ8UE=", "owner": "nix-community", "repo": "NUR", - "rev": "ccdddaedf535efd166318bcbcfc0edecc469d467", + "rev": "b871a5a75d1ac2c2bebc8fcde1ff77c4450915d0", "type": "github" }, "original": { -- 2.47.1 From 94d0dfb8b5a447c1c96e3c2724fbd5cfb984480b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Mar 2023 19:03:14 +0000 Subject: [PATCH 1364/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c229aa3a..7ab56bfe 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679420098, - "narHash": "sha256-0i8bQwAi+Knog4jFnBCTIf3Zt3QGZBE6KzG1ckwJ8UE=", + "lastModified": 1679423094, + "narHash": "sha256-kKk1B+o5OG4EMqbAn5u7dvBVFfiZxx+7JcJ6MvxnGOk=", "owner": "nix-community", "repo": "NUR", - "rev": "b871a5a75d1ac2c2bebc8fcde1ff77c4450915d0", + "rev": "7cb4acd7d3b6c7897afca76a32925d762042b55f", "type": "github" }, "original": { -- 2.47.1 From 6d60248cab6edf8e4a96b305c584f7e606b2cb8b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Mar 2023 20:03:43 +0000 Subject: [PATCH 1365/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 7ab56bfe..a766c8d2 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679420786, - "narHash": "sha256-aBXNCRPZt+dGibh45sN8O4oRahE8rN3qCSAxkQ3XYLI=", + "lastModified": 1679425284, + "narHash": "sha256-TNUfF4kW4meW9Ntf6lAgGLaxgICAJFQkOSqcxHSrgYU=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "adf5d8a114362a5d32013e95f254b85be048dbdb", + "rev": "5ce91bb0fd4fe8eb09f1a728e3b84cc1ff4244eb", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679423094, - "narHash": "sha256-kKk1B+o5OG4EMqbAn5u7dvBVFfiZxx+7JcJ6MvxnGOk=", + "lastModified": 1679427980, + "narHash": "sha256-3vn1eNYLpQjNFlMx9UFtkhTHRIWuSQ5hxJrDdL2qjqU=", "owner": "nix-community", "repo": "NUR", - "rev": "7cb4acd7d3b6c7897afca76a32925d762042b55f", + "rev": "5c8b673966e7d8a367b4c9f7c481d4fb79724ea3", "type": "github" }, "original": { -- 2.47.1 From 95e62d62906e41aed98d37aa7292f9a49fbb25b6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Mar 2023 21:00:40 +0000 Subject: [PATCH 1366/1882] chore(deps): update renovate/renovate docker tag to v35.17.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 8de2769b..01f93946 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.15.0 + image: renovate/renovate:35.17.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 8da6ba7e499b6f066f04a48890f16eb66a57d8a5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Mar 2023 22:03:07 +0000 Subject: [PATCH 1367/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index a766c8d2..c48438f8 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679323249, - "narHash": "sha256-HUxgtXkkYSsNQ5GeaxXJcE02An4BRK5DqCrSyzMFKUs=", + "lastModified": 1679433547, + "narHash": "sha256-O01izGcbVc9d580On7igYXwpp/y0tY1dYzIvnr0iZdk=", "owner": "pta2002", "repo": "nixvim", - "rev": "961da92d2cb4951050b4bf5dd50a610944cfe17c", + "rev": "89f54be73a201b874bbbf3427b2181e6d589ce79", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679427980, - "narHash": "sha256-3vn1eNYLpQjNFlMx9UFtkhTHRIWuSQ5hxJrDdL2qjqU=", + "lastModified": 1679431248, + "narHash": "sha256-c3/TUm9B0ZU/oPPXf20bK/nm/eqImBDN+hVCLw/Vn+0=", "owner": "nix-community", "repo": "NUR", - "rev": "5c8b673966e7d8a367b4c9f7c481d4fb79724ea3", + "rev": "e0e4d6ab0ee8f719598e8ab7a69ac350c6d1000f", "type": "github" }, "original": { -- 2.47.1 From 3a481527caab0e3b1bc7d092b1fd12ee71b916b1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Mar 2023 00:01:51 +0000 Subject: [PATCH 1368/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c48438f8..85732310 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679431248, - "narHash": "sha256-c3/TUm9B0ZU/oPPXf20bK/nm/eqImBDN+hVCLw/Vn+0=", + "lastModified": 1679441716, + "narHash": "sha256-mEStwdMDTLMhUaOfNPc0Ewbv2c4L80+ntzn/K4D2js0=", "owner": "nix-community", "repo": "NUR", - "rev": "e0e4d6ab0ee8f719598e8ab7a69ac350c6d1000f", + "rev": "ec838188022f96f77a62a32d267f138683755a4f", "type": "github" }, "original": { -- 2.47.1 From b5c908c4a0d2b395a12fd21e828d0e9f4ae80f03 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Mar 2023 01:03:00 +0000 Subject: [PATCH 1369/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 85732310..0d64e61a 100644 --- a/flake.lock +++ b/flake.lock @@ -838,11 +838,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1679224734, - "narHash": "sha256-1Ab3xY7Wgo1h1TNwRt6fp2XjV+KUo+hP1Bolh0KiDJs=", + "lastModified": 1679318992, + "narHash": "sha256-uoj5Oy6hruIHuxzfQZtcalObe5kPrX9v+ClUMFEOzmE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "eac7da7b519a5aefe92c33c90b4450a24ebe0ab3", + "rev": "e2c97799da5f5cd87adfa5017fba971771e123ef", "type": "github" }, "original": { -- 2.47.1 From 561fd10ea9c5bcfd78b6aebdfc651a38e32ba7b0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Mar 2023 04:02:31 +0000 Subject: [PATCH 1370/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 0d64e61a..8b537d5e 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679441716, - "narHash": "sha256-mEStwdMDTLMhUaOfNPc0Ewbv2c4L80+ntzn/K4D2js0=", + "lastModified": 1679456680, + "narHash": "sha256-Zh7u1ygRWy83h2PdsjOqhqfUpQl2zIyBccbKesApjk4=", "owner": "nix-community", "repo": "NUR", - "rev": "ec838188022f96f77a62a32d267f138683755a4f", + "rev": "0933742c8990c356acaf92fbc0ca7b7b942f5b77", "type": "github" }, "original": { -- 2.47.1 From 89f19aba40e7592d59301e8efd189a205741bb1b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Mar 2023 05:02:56 +0000 Subject: [PATCH 1371/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 8b537d5e..e958df8f 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679456680, - "narHash": "sha256-Zh7u1ygRWy83h2PdsjOqhqfUpQl2zIyBccbKesApjk4=", + "lastModified": 1679458153, + "narHash": "sha256-SLh4q5TOe3D0M3VadutIaoTdrX4qzPqEgDlKp79SpXk=", "owner": "nix-community", "repo": "NUR", - "rev": "0933742c8990c356acaf92fbc0ca7b7b942f5b77", + "rev": "8f6a8a960217ea6822ee2bfb00f844bf14363653", "type": "github" }, "original": { -- 2.47.1 From 3dd7d9e87ca986cf31a078811f80265abb08bca6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Mar 2023 06:03:34 +0000 Subject: [PATCH 1372/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index e958df8f..bf49aed2 100644 --- a/flake.lock +++ b/flake.lock @@ -689,11 +689,11 @@ }, "nixlib": { "locked": { - "lastModified": 1677373009, - "narHash": "sha256-kxhz4QUP8tXa/yVSpEzDDZSEp9FvhzRqZzb+SeUaekw=", + "lastModified": 1679187309, + "narHash": "sha256-H8udmkg5wppL11d/05MMzOMryiYvc403axjDNZy1/TQ=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "c9d4f2476046c6a7a2ce3c2118c48455bf0272ea", + "rev": "44214417fe4595438b31bdb9469be92536a61455", "type": "github" }, "original": { @@ -710,11 +710,11 @@ ] }, "locked": { - "lastModified": 1678351966, - "narHash": "sha256-tRFEU0lu3imZb3dtELBY+UbEhWXbb0xlBrsIlpICb+A=", + "lastModified": 1679464055, + "narHash": "sha256-RiZpwkbm1GeKRqrTtGGsEDieJyplMSRG1bQzOZgY378=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "0c043999b16caba6fb571af2d228775729829943", + "rev": "d5cd198c80ee62a801a078ad991c99c0175971cf", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679458153, - "narHash": "sha256-SLh4q5TOe3D0M3VadutIaoTdrX4qzPqEgDlKp79SpXk=", + "lastModified": 1679463968, + "narHash": "sha256-SBNgZb/Gc/9RbEvxz+jQ2o6nWNt1gzTwAw16lShT/ho=", "owner": "nix-community", "repo": "NUR", - "rev": "8f6a8a960217ea6822ee2bfb00f844bf14363653", + "rev": "52e6a7748992cde538e52f3fa4737f64b5bec03d", "type": "github" }, "original": { -- 2.47.1 From d65205188b8e417712df518926f67b13c1481ef4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Mar 2023 07:02:47 +0000 Subject: [PATCH 1373/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index bf49aed2..a223a0a6 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679433547, - "narHash": "sha256-O01izGcbVc9d580On7igYXwpp/y0tY1dYzIvnr0iZdk=", + "lastModified": 1679467322, + "narHash": "sha256-zE60xGuuZkaZZ17UY1wwFzmZhf93IsDhSlHc+NZWybA=", "owner": "pta2002", "repo": "nixvim", - "rev": "89f54be73a201b874bbbf3427b2181e6d589ce79", + "rev": "db5061b4db1c97eb6a3bba7da5a8977ad133282f", "type": "github" }, "original": { -- 2.47.1 From f5994efa66877472e46408a6c19e7bb25c9db867 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Mar 2023 08:02:47 +0000 Subject: [PATCH 1374/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index a223a0a6..b939261b 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1679394816, - "narHash": "sha256-1V1esJt2YAxsKmRuGuB62RF5vhDAVFDvJXVNhtEO22A=", + "lastModified": 1679470414, + "narHash": "sha256-SVJ7xHCv35Vv50IBd3GnPxunoySOqnQXnntjXOgls7Q=", "owner": "nix-community", "repo": "home-manager", - "rev": "e386ec640e16dc91120977285cb8c72c77078164", + "rev": "486ba3de4ecca3ef8371c20b0c53866d61e97dbd", "type": "github" }, "original": { -- 2.47.1 From 5ad3128db2043656631040859da7394414c6ea66 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Mar 2023 09:03:00 +0000 Subject: [PATCH 1375/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b939261b..611f6612 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679463968, - "narHash": "sha256-SBNgZb/Gc/9RbEvxz+jQ2o6nWNt1gzTwAw16lShT/ho=", + "lastModified": 1679474776, + "narHash": "sha256-pW1PHyQGd+cfTmxnVhTqHgH29bY9VD/xaLcxMrpUgHk=", "owner": "nix-community", "repo": "NUR", - "rev": "52e6a7748992cde538e52f3fa4737f64b5bec03d", + "rev": "faff5cb41f55eed61baf3ff7bd13bf14b813f4bc", "type": "github" }, "original": { -- 2.47.1 From 7da8ee68d5e024a16057a257c33376ba4a53f674 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 21 Mar 2023 11:00:27 +0000 Subject: [PATCH 1376/1882] chore(deps): update dependency fluxcd/flux2 to v0.41.2 --- .../base/flux-system/gotk-components.yaml | 68 +++++++++---------- 1 file changed, 34 insertions(+), 34 deletions(-) diff --git a/flux/olympus/base/flux-system/gotk-components.yaml b/flux/olympus/base/flux-system/gotk-components.yaml index f7b119d0..71fd9895 100644 --- a/flux/olympus/base/flux-system/gotk-components.yaml +++ b/flux/olympus/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.41.1 +# Flux Version: v0.41.2 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -23,7 +23,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -443,7 +443,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -962,7 +962,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1757,7 +1757,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2355,7 +2355,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -3240,7 +3240,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3747,7 +3747,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -4874,7 +4874,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: ocirepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -5238,7 +5238,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5644,7 +5644,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6085,7 +6085,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: helm-controller namespace: flux-system --- @@ -6096,7 +6096,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: kustomize-controller namespace: flux-system --- @@ -6107,7 +6107,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: notification-controller namespace: flux-system --- @@ -6118,7 +6118,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: source-controller namespace: flux-system --- @@ -6128,7 +6128,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: crd-controller-flux-system rules: - apiGroups: @@ -6218,7 +6218,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" name: flux-edit-flux-system @@ -6244,7 +6244,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-view: "true" @@ -6269,7 +6269,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -6289,7 +6289,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -6322,7 +6322,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 control-plane: controller name: notification-controller namespace: flux-system @@ -6343,7 +6343,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 control-plane: controller name: source-controller namespace: flux-system @@ -6364,7 +6364,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 control-plane: controller name: webhook-receiver namespace: flux-system @@ -6385,7 +6385,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 control-plane: controller name: helm-controller namespace: flux-system @@ -6414,7 +6414,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.31.1 + image: ghcr.io/fluxcd/helm-controller:v0.31.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6468,7 +6468,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 control-plane: controller name: kustomize-controller namespace: flux-system @@ -6497,7 +6497,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.35.0 + image: ghcr.io/fluxcd/kustomize-controller:v0.35.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6551,7 +6551,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 control-plane: controller name: notification-controller namespace: flux-system @@ -6639,7 +6639,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 control-plane: controller name: source-controller namespace: flux-system @@ -6674,7 +6674,7 @@ spec: fieldPath: metadata.namespace - name: TUF_ROOT value: /tmp/.sigstore - image: ghcr.io/fluxcd/source-controller:v0.36.0 + image: ghcr.io/fluxcd/source-controller:v0.36.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6734,7 +6734,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: allow-egress namespace: flux-system spec: @@ -6754,7 +6754,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: allow-scraping namespace: flux-system spec: @@ -6774,7 +6774,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.1 + app.kubernetes.io/version: v0.41.2 name: allow-webhooks namespace: flux-system spec: -- 2.47.1 From 389acd91923f22095d94bb1131cde66a532fbd2f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Mar 2023 11:01:56 +0000 Subject: [PATCH 1377/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 611f6612..b7ee8621 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1679470414, - "narHash": "sha256-SVJ7xHCv35Vv50IBd3GnPxunoySOqnQXnntjXOgls7Q=", + "lastModified": 1679480702, + "narHash": "sha256-npuRD61YmxUPitI1TqKwlxLrU6iGl5E+BPT196LgUDo=", "owner": "nix-community", "repo": "home-manager", - "rev": "486ba3de4ecca3ef8371c20b0c53866d61e97dbd", + "rev": "363c46b2480f1b73ec37cf68caac61f5daa82a2e", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679474776, - "narHash": "sha256-pW1PHyQGd+cfTmxnVhTqHgH29bY9VD/xaLcxMrpUgHk=", + "lastModified": 1679482366, + "narHash": "sha256-88K2ABCsdsVwq6Go/uEn/fds1fUeeeoixOALjrrUI0Q=", "owner": "nix-community", "repo": "NUR", - "rev": "faff5cb41f55eed61baf3ff7bd13bf14b813f4bc", + "rev": "e9088dc6f9f289fbff984744ad04dccbd5c1f8ac", "type": "github" }, "original": { -- 2.47.1 From 21b41acbc65282360332ac117dee87fbf0ee6b0f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Mar 2023 12:00:36 +0000 Subject: [PATCH 1378/1882] chore(deps): update renovate/renovate docker tag to v35.17.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 01f93946..1d1a929c 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.17.0 + image: renovate/renovate:35.17.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From d6045e7647944a0c5296516039e863fb9d06e27f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Mar 2023 13:03:06 +0000 Subject: [PATCH 1379/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b7ee8621..d7f02472 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679425284, - "narHash": "sha256-TNUfF4kW4meW9Ntf6lAgGLaxgICAJFQkOSqcxHSrgYU=", + "lastModified": 1679487436, + "narHash": "sha256-gS7XdZMzhGVvm05CpxNA0BHSMAmGd9S9PXceM2Df6Xw=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "5ce91bb0fd4fe8eb09f1a728e3b84cc1ff4244eb", + "rev": "a8b3be2c9c916870b826cba8fdf3aec1046d2f81", "type": "github" }, "original": { -- 2.47.1 From b7da8b001b45187820a244b131b4c1feb0d79e97 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Mar 2023 14:07:30 +0000 Subject: [PATCH 1380/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d7f02472..ca638f80 100644 --- a/flake.lock +++ b/flake.lock @@ -969,11 +969,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679467322, - "narHash": "sha256-zE60xGuuZkaZZ17UY1wwFzmZhf93IsDhSlHc+NZWybA=", + "lastModified": 1679493650, + "narHash": "sha256-9wVDJ8rF/vdCwps6q+tLe7vxe5WSmCsCsG3ylHwdvmw=", "owner": "pta2002", "repo": "nixvim", - "rev": "db5061b4db1c97eb6a3bba7da5a8977ad133282f", + "rev": "2550c919a5acac86ccf79972273a9193c6c77869", "type": "github" }, "original": { -- 2.47.1 From f631613b1aeb39c09a32d52f91d95ad3e4690a3a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Mar 2023 17:02:00 +0000 Subject: [PATCH 1381/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index ca638f80..b3fb2958 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679482366, - "narHash": "sha256-88K2ABCsdsVwq6Go/uEn/fds1fUeeeoixOALjrrUI0Q=", + "lastModified": 1679503867, + "narHash": "sha256-c1QunuKTRqJGAfQZWF9pz1Ui2Q+g67mSbyEj8NpkhGA=", "owner": "nix-community", "repo": "NUR", - "rev": "e9088dc6f9f289fbff984744ad04dccbd5c1f8ac", + "rev": "15111a582f3ac21ef7e3676b1473f9d350da0df0", "type": "github" }, "original": { -- 2.47.1 From c50e16a687a8f470a00adb36b3915cbde16120ef Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Mar 2023 18:02:53 +0000 Subject: [PATCH 1382/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b3fb2958..7ee0d363 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679487436, - "narHash": "sha256-gS7XdZMzhGVvm05CpxNA0BHSMAmGd9S9PXceM2Df6Xw=", + "lastModified": 1679505046, + "narHash": "sha256-JFzdbtnEaUHMdWi0eXznpxGZO6SRfdBRaOwn4PmDkE0=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "a8b3be2c9c916870b826cba8fdf3aec1046d2f81", + "rev": "cf51a318078c82040eaeab29664bc34144ee1d62", "type": "github" }, "original": { -- 2.47.1 From 9755850024d1cc441d2821ddddb0378386a1890b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Mar 2023 20:02:17 +0000 Subject: [PATCH 1383/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 7ee0d363..ced45798 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679503867, - "narHash": "sha256-c1QunuKTRqJGAfQZWF9pz1Ui2Q+g67mSbyEj8NpkhGA=", + "lastModified": 1679514299, + "narHash": "sha256-cyHOyrnUHfRoaGLX771e9sOn+dreu13X7ca5Xc5nHFM=", "owner": "nix-community", "repo": "NUR", - "rev": "15111a582f3ac21ef7e3676b1473f9d350da0df0", + "rev": "16441f51e1ded08cc6bb5f168b06a6440f92b67d", "type": "github" }, "original": { -- 2.47.1 From 0e75b7aac47cfd0ed19d104a01791994c92b0505 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Mar 2023 21:02:53 +0000 Subject: [PATCH 1384/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index ced45798..32442c7a 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679514299, - "narHash": "sha256-cyHOyrnUHfRoaGLX771e9sOn+dreu13X7ca5Xc5nHFM=", + "lastModified": 1679517993, + "narHash": "sha256-srUzbHMbnXtOmiLbSLY7yfxWJwPl1q8n7u0FPP+5Q5w=", "owner": "nix-community", "repo": "NUR", - "rev": "16441f51e1ded08cc6bb5f168b06a6440f92b67d", + "rev": "2f4463f4a08a4ba33b084cbc76b89cc8b2bd7f85", "type": "github" }, "original": { -- 2.47.1 From 09ab8c2f49f5090cc64eb7f25921ed5d19f14d0c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Mar 2023 22:00:37 +0000 Subject: [PATCH 1385/1882] chore(deps): update renovate/renovate docker tag to v35.18.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 1d1a929c..1f7df467 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.17.1 + image: renovate/renovate:35.18.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 6cfeafe110834446dd3649d27df979a30eb94a9f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 22 Mar 2023 23:03:24 +0000 Subject: [PATCH 1386/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 32442c7a..bb335534 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679517993, - "narHash": "sha256-srUzbHMbnXtOmiLbSLY7yfxWJwPl1q8n7u0FPP+5Q5w=", + "lastModified": 1679525154, + "narHash": "sha256-Afqsg/fRFQoR/CIRqBnu8JdsIjQcWNmGfzO/NOmS/Zc=", "owner": "nix-community", "repo": "NUR", - "rev": "2f4463f4a08a4ba33b084cbc76b89cc8b2bd7f85", + "rev": "d4906c2ed98762a275cb7edb800c950ba2f46ce5", "type": "github" }, "original": { -- 2.47.1 From 612be80823d93a775c322d1c816f34687b660058 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Mar 2023 00:08:27 +0000 Subject: [PATCH 1387/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index bb335534..33711dd6 100644 --- a/flake.lock +++ b/flake.lock @@ -886,11 +886,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1679262748, - "narHash": "sha256-DQCrrAFrkxijC6haUzOC5ZoFqpcv/tg2WxnyW3np1Cc=", + "lastModified": 1679437018, + "narHash": "sha256-vOuiDPLHSEo/7NkiWtxpHpHgoXoNmrm+wkXZ6a072Fc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "60c1d71f2ba4c80178ec84523c2ca0801522e0a6", + "rev": "19cf008bb18e47b6e3b4e16e32a9a4bdd4b45f7e", "type": "github" }, "original": { -- 2.47.1 From 353af00d313591f1f64f7fdba6b853252cf11958 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Mar 2023 01:02:27 +0000 Subject: [PATCH 1388/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 33711dd6..bd7df37c 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679505046, - "narHash": "sha256-JFzdbtnEaUHMdWi0eXznpxGZO6SRfdBRaOwn4PmDkE0=", + "lastModified": 1679531972, + "narHash": "sha256-GDhL7Pa6+We4Il9U/n7GsIaBuSdRsReJObhf464dUNo=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "cf51a318078c82040eaeab29664bc34144ee1d62", + "rev": "a3fda12ba15286ee412c83a7137fc6cb14afa266", "type": "github" }, "original": { -- 2.47.1 From d4f972ac30f11c198e1375e3fb8db70478ee8473 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Mar 2023 02:02:23 +0000 Subject: [PATCH 1389/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index bd7df37c..4f3e94a3 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679525154, - "narHash": "sha256-Afqsg/fRFQoR/CIRqBnu8JdsIjQcWNmGfzO/NOmS/Zc=", + "lastModified": 1679536405, + "narHash": "sha256-THLtIHQr4Iwm6jfisK9CITFW4TJFFN4rcDDjv16GgtI=", "owner": "nix-community", "repo": "NUR", - "rev": "d4906c2ed98762a275cb7edb800c950ba2f46ce5", + "rev": "54dae83258e1093d5e45193b2a33ce1dde92ea49", "type": "github" }, "original": { -- 2.47.1 From d1f1304f08de27d1de818057502c9b907c4ccbc6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Mar 2023 04:02:10 +0000 Subject: [PATCH 1390/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 4f3e94a3..8fb13c00 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679531972, - "narHash": "sha256-GDhL7Pa6+We4Il9U/n7GsIaBuSdRsReJObhf464dUNo=", + "lastModified": 1679540877, + "narHash": "sha256-IXlqiwRXymvVcnkggboCWaB09GhHh+F78xqssmt6IAM=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "a3fda12ba15286ee412c83a7137fc6cb14afa266", + "rev": "471ac474a1f6d32c07bf36cdf3840dab03f93f39", "type": "github" }, "original": { @@ -838,11 +838,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1679318992, - "narHash": "sha256-uoj5Oy6hruIHuxzfQZtcalObe5kPrX9v+ClUMFEOzmE=", + "lastModified": 1679438883, + "narHash": "sha256-te6FbYhXwwZgwbYXp1MzybT+a36VLCUBKb3D4NBj1GY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e2c97799da5f5cd87adfa5017fba971771e123ef", + "rev": "3268859e68c056725359ebc8315695d26c95fb6b", "type": "github" }, "original": { @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679536405, - "narHash": "sha256-THLtIHQr4Iwm6jfisK9CITFW4TJFFN4rcDDjv16GgtI=", + "lastModified": 1679542568, + "narHash": "sha256-IJSRBSQDb+J+MVKTjzmITCTouiyevIQay3KmVnWykzY=", "owner": "nix-community", "repo": "NUR", - "rev": "54dae83258e1093d5e45193b2a33ce1dde92ea49", + "rev": "c754d318d664308953633b4f0f4b523d8799f1ae", "type": "github" }, "original": { -- 2.47.1 From fa70b5687b5c0002403c8e484632b7bd82fd79a6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Mar 2023 05:03:26 +0000 Subject: [PATCH 1391/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 8fb13c00..29cf72ed 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679542568, - "narHash": "sha256-IJSRBSQDb+J+MVKTjzmITCTouiyevIQay3KmVnWykzY=", + "lastModified": 1679544603, + "narHash": "sha256-Ps/ObwyUzgh3wcVVHsRvrGWHZk+rYcSrnZ5su/jqW6A=", "owner": "nix-community", "repo": "NUR", - "rev": "c754d318d664308953633b4f0f4b523d8799f1ae", + "rev": "d72c7cb413d5a4b68fb26536cb9521d4ca96d9cd", "type": "github" }, "original": { -- 2.47.1 From 4d935ef39a00c0f39c8e0f1a79aa5153bd04288f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Mar 2023 06:03:32 +0000 Subject: [PATCH 1392/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 29cf72ed..72a48b20 100644 --- a/flake.lock +++ b/flake.lock @@ -984,11 +984,11 @@ }, "nur": { "locked": { - "lastModified": 1679544603, - "narHash": "sha256-Ps/ObwyUzgh3wcVVHsRvrGWHZk+rYcSrnZ5su/jqW6A=", + "lastModified": 1679550248, + "narHash": "sha256-oa0EhHoOdAr61ypq9EjEhBF+2n7l6rffUdUyEG03Yds=", "owner": "nix-community", "repo": "NUR", - "rev": "d72c7cb413d5a4b68fb26536cb9521d4ca96d9cd", + "rev": "696f8ada818d3a42e80460b024589a62270b827f", "type": "github" }, "original": { -- 2.47.1 From fcdcea766dc88babedebbc72687fba7e0e3486c6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Mar 2023 07:03:36 +0000 Subject: [PATCH 1393/1882] chore(deps): lock file maintenance --- flake.lock | 72 ++++++++++++++++++++++++++++++++++-------------------- 1 file changed, 45 insertions(+), 27 deletions(-) diff --git a/flake.lock b/flake.lock index 72a48b20..eef8eee4 100644 --- a/flake.lock +++ b/flake.lock @@ -300,11 +300,11 @@ "flake-compat_5": { "flake": false, "locked": { - "lastModified": 1627913399, - "narHash": "sha256-hY8g6H2KFL8ownSiFeMOjwPC8P0ueXpCVEbxgda3pko=", + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", "owner": "edolstra", "repo": "flake-compat", - "rev": "12c64ca55c1014cdc1b16ed5a804aa8576601ff2", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", "type": "github" }, "original": { @@ -392,11 +392,11 @@ }, "flake-utils_4": { "locked": { - "lastModified": 1631561581, - "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=", + "lastModified": 1678901627, + "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", "owner": "numtide", "repo": "flake-utils", - "rev": "7e5bf3925f6fbdfaf50a2a7ca0be2879c4261d19", + "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6", "type": "github" }, "original": { @@ -558,11 +558,11 @@ "lowdown-src": { "flake": false, "locked": { - "lastModified": 1632468475, - "narHash": "sha256-NNOm9CbdA8cuwbvaBHslGbPTiU6bh1Ao+MpEPx4rSGo=", + "lastModified": 1633514407, + "narHash": "sha256-Dw32tiMjdK9t3ETl5fzGrutQTzh2rufgZV4A/BbxuD4=", "owner": "kristapsdz", "repo": "lowdown", - "rev": "6bd668af3fd098bdd07a1bedd399564141e275da", + "rev": "d2c2b44ff6c27b936ec27358a2653caaef8f73b8", "type": "github" }, "original": { @@ -656,14 +656,15 @@ "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs_8" + "nixpkgs": "nixpkgs_8", + "nixpkgs-regression": "nixpkgs-regression" }, "locked": { - "lastModified": 1633098935, - "narHash": "sha256-UtuBczommNLwUNEnfRI7822z4vPA7OoRKsgAZ8zsHQI=", + "lastModified": 1654239108, + "narHash": "sha256-0JzuElxLe5DxM+R4tvBYfvQnMGCERZy4KMRf0JYxxS4=", "owner": "nixos", "repo": "nix", - "rev": "4f496150eb4e0012914c11f0a3ff4df2412b1d09", + "rev": "1dd7253133c4dfd2e7a16ad6fe505442cef38a5b", "type": "github" }, "original": { @@ -788,6 +789,22 @@ "type": "github" } }, + "nixpkgs-regression": { + "locked": { + "lastModified": 1643052045, + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + } + }, "nixpkgs-stable": { "locked": { "lastModified": 1673800717, @@ -934,26 +951,27 @@ }, "nixpkgs_8": { "locked": { - "lastModified": 1632864508, - "narHash": "sha256-d127FIvGR41XbVRDPVvozUPQ/uRHbHwvfyKHwEt5xFM=", + "lastModified": 1645296114, + "narHash": "sha256-y53N7TyIkXsjMpOG7RhvqJFGDacLs9HlyHeSTBioqYU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "82891b5e2c2359d7e58d08849e4c89511ab94234", + "rev": "530a53dcbc9437363471167a5e4762c5fcfa34a1", "type": "github" }, "original": { - "id": "nixpkgs", + "owner": "NixOS", "ref": "nixos-21.05-small", - "type": "indirect" + "repo": "nixpkgs", + "type": "github" } }, "nixpkgs_9": { "locked": { - "lastModified": 1667318090, - "narHash": "sha256-AvxgT+t1BWZs8IfdseHl8+7wvWWm9pvysupMT9wXdH0=", + "lastModified": 1674736538, + "narHash": "sha256-/DszFMkAgYyB9dTWKkoZa9i0zcrA6Z4hYrOr/u/FSxY=", "owner": "serokell", "repo": "nixpkgs", - "rev": "4bce79cf151aad3c0bed46a32bdb4b165f00cb7e", + "rev": "1dfdbb65d77430fc0935e8592d0abc4addcce711", "type": "github" }, "original": { @@ -984,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679550248, - "narHash": "sha256-oa0EhHoOdAr61ypq9EjEhBF+2n7l6rffUdUyEG03Yds=", + "lastModified": 1679553587, + "narHash": "sha256-6j/hVi4Ktl8LAj97g51zqwVO1JnxUt9+p93lS6Mg+No=", "owner": "nix-community", "repo": "NUR", - "rev": "696f8ada818d3a42e80460b024589a62270b827f", + "rev": "f166fbc345e85ec79bdd0ae027f779db1fd4386c", "type": "github" }, "original": { @@ -1250,11 +1268,11 @@ "nixpkgs": "nixpkgs_9" }, "locked": { - "lastModified": 1676863423, - "narHash": "sha256-VI9bvg+uu2No+DGori0hQnDhlWjsih5v1yfof0oG2vU=", + "lastModified": 1679553799, + "narHash": "sha256-zrlq+Rsmww9u/NFMNXpnDxjvpokaVfh7KWHmdXr+2UY=", "owner": "serokell", "repo": "vault-secrets", - "rev": "2b41ba4635ef9b84c302bd355d1532f385b8c2bb", + "rev": "9d8f41be553c84ce6d58a498f2515856971f891e", "type": "github" }, "original": { -- 2.47.1 From f49dd92596c48eada7072e7fb731a438358f325c Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 23 Mar 2023 09:55:48 +0100 Subject: [PATCH 1394/1882] fix some issues --- flake.lock | 12 ++++++------ nixos/hosts/thalassa/aoife/configuration.nix | 1 + nixos/hosts/thalassa/aoife/desktop-env.nix | 2 ++ .../hosts/thalassa/aoife/hardware-configuration.nix | 2 +- nixos/hosts/thalassa/aoife/home/neovim.nix | 2 +- 5 files changed, 11 insertions(+), 8 deletions(-) diff --git a/flake.lock b/flake.lock index eef8eee4..b2b9cdd1 100644 --- a/flake.lock +++ b/flake.lock @@ -855,11 +855,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1679438883, - "narHash": "sha256-te6FbYhXwwZgwbYXp1MzybT+a36VLCUBKb3D4NBj1GY=", + "lastModified": 1679472241, + "narHash": "sha256-VK2YDic2NjPvfsuneJCLIrWS38qUfoW8rLLimx0rWXA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "3268859e68c056725359ebc8315695d26c95fb6b", + "rev": "9ef6e7727f4c31507627815d4f8679c5841efb00", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679553587, - "narHash": "sha256-6j/hVi4Ktl8LAj97g51zqwVO1JnxUt9+p93lS6Mg+No=", + "lastModified": 1679557124, + "narHash": "sha256-W1lSEOJW5dmv4FhMxZWcr5ZFwvImKbE19sIIAAfdMbo=", "owner": "nix-community", "repo": "NUR", - "rev": "f166fbc345e85ec79bdd0ae027f779db1fd4386c", + "rev": "2e6da00695e553ed8b16a50b300b5906483a3bb9", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index 655438f2..e60badde 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -85,6 +85,7 @@ }; }; + fonts.optimizeForVeryHighDPI = true; fonts.fonts = with pkgs; [ material-design-icons noto-fonts diff --git a/nixos/hosts/thalassa/aoife/desktop-env.nix b/nixos/hosts/thalassa/aoife/desktop-env.nix index c7561472..a0164526 100644 --- a/nixos/hosts/thalassa/aoife/desktop-env.nix +++ b/nixos/hosts/thalassa/aoife/desktop-env.nix @@ -6,6 +6,8 @@ # Configure keymap in X11 services.xserver = { + # TODO: Is this smart? + dpi = 280; layout = "us"; xkbVariant = "altgr-intl"; xkbOptions = "caps:swapescape"; diff --git a/nixos/hosts/thalassa/aoife/hardware-configuration.nix b/nixos/hosts/thalassa/aoife/hardware-configuration.nix index a44fdb2e..537fa162 100644 --- a/nixos/hosts/thalassa/aoife/hardware-configuration.nix +++ b/nixos/hosts/thalassa/aoife/hardware-configuration.nix @@ -38,5 +38,5 @@ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; # high-resolution display - hardware.video.hidpi.enable = lib.mkDefault true; + fonts.optimizeForVeryHighDPI = lib.mkDefault true; } diff --git a/nixos/hosts/thalassa/aoife/home/neovim.nix b/nixos/hosts/thalassa/aoife/home/neovim.nix index 2ab5b9c1..aad25406 100644 --- a/nixos/hosts/thalassa/aoife/home/neovim.nix +++ b/nixos/hosts/thalassa/aoife/home/neovim.nix @@ -46,7 +46,7 @@ servers.rust-analyzer.enable = true; servers.rnix-lsp.enable = true; servers.pyright.enable = true; - servers.elixirls.enable = true; + # servers.elixirls.enable = true; servers.clangd.enable = true; }; trouble.enable = true; -- 2.47.1 From 4bcf4dfa4ef4c27e4c5669005950c181715fde56 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Mar 2023 12:00:23 +0000 Subject: [PATCH 1395/1882] chore(deps): update renovate/renovate docker tag to v35.18.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 1f7df467..d8e366d3 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.18.0 + image: renovate/renovate:35.18.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 0766cfd20eceb71654eee2a5a98220fc776e5843 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Mar 2023 13:03:46 +0000 Subject: [PATCH 1396/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b2b9cdd1..45d2ea0b 100644 --- a/flake.lock +++ b/flake.lock @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679557124, - "narHash": "sha256-W1lSEOJW5dmv4FhMxZWcr5ZFwvImKbE19sIIAAfdMbo=", + "lastModified": 1679576589, + "narHash": "sha256-TUliq3eMj/tC6tasqtkez4v+/2L1yzAh0UGnQKSfJLo=", "owner": "nix-community", "repo": "NUR", - "rev": "2e6da00695e553ed8b16a50b300b5906483a3bb9", + "rev": "44aff79a1de96441dd7e3ee36f2fffae4da3ff18", "type": "github" }, "original": { -- 2.47.1 From 80653af29bd92d4a1df586d16e5d2ed8de46e6d9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Mar 2023 14:06:23 +0000 Subject: [PATCH 1397/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 45d2ea0b..8ae3d8dc 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679540877, - "narHash": "sha256-IXlqiwRXymvVcnkggboCWaB09GhHh+F78xqssmt6IAM=", + "lastModified": 1679576723, + "narHash": "sha256-1DS+XC2pggl430sP+7FunrF9CPldjAxbsHJg0ZfxRqo=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "471ac474a1f6d32c07bf36cdf3840dab03f93f39", + "rev": "463690a27ac9c921d34dad7169a3d2c8cea5b46f", "type": "github" }, "original": { -- 2.47.1 From 51059377bbfce83661d3dafdb5272200b59834de Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Mar 2023 16:02:02 +0000 Subject: [PATCH 1398/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 8ae3d8dc..043e01a3 100644 --- a/flake.lock +++ b/flake.lock @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679576589, - "narHash": "sha256-TUliq3eMj/tC6tasqtkez4v+/2L1yzAh0UGnQKSfJLo=", + "lastModified": 1679586306, + "narHash": "sha256-YGNalFAOgxyoQ7I8ejte+TXLlYhgAYuzDeSCk1+t314=", "owner": "nix-community", "repo": "NUR", - "rev": "44aff79a1de96441dd7e3ee36f2fffae4da3ff18", + "rev": "1696dded28ce7bfc2f3179399ffb6b27c9ff2aba", "type": "github" }, "original": { -- 2.47.1 From 96335ce16e2cb174476828b2984e05be72bc7b54 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Mar 2023 20:00:26 +0000 Subject: [PATCH 1399/1882] chore(deps): update renovate/renovate docker tag to v35.19.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index d8e366d3..b24af83b 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.18.1 + image: renovate/renovate:35.19.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From d0c2f17cc88c8dbd1bbfa149579ae996628e4203 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Mar 2023 21:02:51 +0000 Subject: [PATCH 1400/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 043e01a3..b51e53c4 100644 --- a/flake.lock +++ b/flake.lock @@ -726,11 +726,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1679224149, - "narHash": "sha256-TSY37Zv0icF/aijR3/KWGLVBlnKKHlG9QTj7vHbF/UU=", + "lastModified": 1679598117, + "narHash": "sha256-Vs1f/7imI77OkMOQhO3xgx4jalN2Gx3D3C2wmnlpWJM=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "a4bc66709604ab78abc575b60baa6d23ae027a59", + "rev": "648021dcb2b65498eed3ea3a7339cdfc3bea4d82", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679586306, - "narHash": "sha256-YGNalFAOgxyoQ7I8ejte+TXLlYhgAYuzDeSCk1+t314=", + "lastModified": 1679600805, + "narHash": "sha256-/dACLCKi5LaEP6idzXUyoG8LnZnRtFf9HlLGhiJCNz8=", "owner": "nix-community", "repo": "NUR", - "rev": "1696dded28ce7bfc2f3179399ffb6b27c9ff2aba", + "rev": "a6ff7d25d3bff4f6c7f74af5ca36700606fb60bc", "type": "github" }, "original": { -- 2.47.1 From 1eae5479910a75e6c698de589481b1c4da91c325 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 23 Mar 2023 22:04:23 +0000 Subject: [PATCH 1401/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b51e53c4..b595b53f 100644 --- a/flake.lock +++ b/flake.lock @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679600805, - "narHash": "sha256-/dACLCKi5LaEP6idzXUyoG8LnZnRtFf9HlLGhiJCNz8=", + "lastModified": 1679607945, + "narHash": "sha256-L8upAhtdt9lZduU/8LL+O3uzSzNNFpiRAZuRoQmNwJc=", "owner": "nix-community", "repo": "NUR", - "rev": "a6ff7d25d3bff4f6c7f74af5ca36700606fb60bc", + "rev": "b587dc5c03d6421bf3ea867c2a94057ca8c67456", "type": "github" }, "original": { -- 2.47.1 From f03ba9a79f57cde3f5151fbd3189ab47424345e8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Mar 2023 02:02:20 +0000 Subject: [PATCH 1402/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b595b53f..523ddf9b 100644 --- a/flake.lock +++ b/flake.lock @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679607945, - "narHash": "sha256-L8upAhtdt9lZduU/8LL+O3uzSzNNFpiRAZuRoQmNwJc=", + "lastModified": 1679622887, + "narHash": "sha256-lSPrSGaUszS3WLAkh8THcp3KFqX2hrZz/faHPc2htD4=", "owner": "nix-community", "repo": "NUR", - "rev": "b587dc5c03d6421bf3ea867c2a94057ca8c67456", + "rev": "5d9345e67bdf6405a22e137acec4af9a500ef322", "type": "github" }, "original": { -- 2.47.1 From 856fb1df002a1e5efd0e56f08aa533737e26907e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Mar 2023 04:02:20 +0000 Subject: [PATCH 1403/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 523ddf9b..7352b608 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679576723, - "narHash": "sha256-1DS+XC2pggl430sP+7FunrF9CPldjAxbsHJg0ZfxRqo=", + "lastModified": 1679628098, + "narHash": "sha256-HkiWJX2ugUHoUArU9DLJey7W1qk0/uGDMNQ36piuhnQ=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "463690a27ac9c921d34dad7169a3d2c8cea5b46f", + "rev": "a5a0434fffcd1b691506f694e5e9f9091b859a85", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679622887, - "narHash": "sha256-lSPrSGaUszS3WLAkh8THcp3KFqX2hrZz/faHPc2htD4=", + "lastModified": 1679628855, + "narHash": "sha256-i9nXrfoV4b3hO6TydSoNcrz8KXjaPrQnyPAWQwdt7Zs=", "owner": "nix-community", "repo": "NUR", - "rev": "5d9345e67bdf6405a22e137acec4af9a500ef322", + "rev": "a63bc596e457bb67331764e48e4de16dd9819f8b", "type": "github" }, "original": { @@ -1268,11 +1268,11 @@ "nixpkgs": "nixpkgs_9" }, "locked": { - "lastModified": 1679553799, - "narHash": "sha256-zrlq+Rsmww9u/NFMNXpnDxjvpokaVfh7KWHmdXr+2UY=", + "lastModified": 1679628347, + "narHash": "sha256-FacS4utvrARToWss3REX/0KMiP87BXE+2xc3a+vrvQI=", "owner": "serokell", "repo": "vault-secrets", - "rev": "9d8f41be553c84ce6d58a498f2515856971f891e", + "rev": "e4ec077c2650a6d5500b34d0baae2e0d4c61c2ff", "type": "github" }, "original": { -- 2.47.1 From 057f7d52da98c2e18fca7ad0a4bcf9f5cb2d15b7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Mar 2023 06:02:12 +0000 Subject: [PATCH 1404/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 7352b608..bd976758 100644 --- a/flake.lock +++ b/flake.lock @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679628855, - "narHash": "sha256-i9nXrfoV4b3hO6TydSoNcrz8KXjaPrQnyPAWQwdt7Zs=", + "lastModified": 1679636577, + "narHash": "sha256-VITq8l3SCnw/MBuve5VX1SNHcamrYOdGGvHPMwX8HsI=", "owner": "nix-community", "repo": "NUR", - "rev": "a63bc596e457bb67331764e48e4de16dd9819f8b", + "rev": "fc32207b8e7def548d5f5c1acb010f8b59df16d4", "type": "github" }, "original": { -- 2.47.1 From 4e110a48576a9b9a720c5b9524eb13afdcfc4473 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Mar 2023 07:00:36 +0000 Subject: [PATCH 1405/1882] chore(deps): update renovate/renovate docker tag to v35.19.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index b24af83b..2e091105 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.19.0 + image: renovate/renovate:35.19.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 2dbe4b2586c5686016edd735e45bc302fa00a024 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Mar 2023 08:02:58 +0000 Subject: [PATCH 1406/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index bd976758..4d2d70e4 100644 --- a/flake.lock +++ b/flake.lock @@ -987,11 +987,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679493650, - "narHash": "sha256-9wVDJ8rF/vdCwps6q+tLe7vxe5WSmCsCsG3ylHwdvmw=", + "lastModified": 1679642325, + "narHash": "sha256-yJQuFqngV7HHEMATudjaQcshV1l3N+fEHQdUe59vMP8=", "owner": "pta2002", "repo": "nixvim", - "rev": "2550c919a5acac86ccf79972273a9193c6c77869", + "rev": "58b6c74e2fe817cbb0dd38b0c33c4dc10025d11e", "type": "github" }, "original": { -- 2.47.1 From fddf5a393551064257399e3d04e1f92bddd07b28 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Mar 2023 09:05:55 +0000 Subject: [PATCH 1407/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 4d2d70e4..48f643c0 100644 --- a/flake.lock +++ b/flake.lock @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679636577, - "narHash": "sha256-VITq8l3SCnw/MBuve5VX1SNHcamrYOdGGvHPMwX8HsI=", + "lastModified": 1679647503, + "narHash": "sha256-1M+holVtfbDTbOtx/4KyCw5CygOFirlSMnCe1X5z3to=", "owner": "nix-community", "repo": "NUR", - "rev": "fc32207b8e7def548d5f5c1acb010f8b59df16d4", + "rev": "231cc2c2bd730bca2d5c6a393ecd88c352d7ab78", "type": "github" }, "original": { -- 2.47.1 From 6ef61b9a4cc818cd48c5c70fd7b7ec96c6690188 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Mar 2023 10:02:13 +0000 Subject: [PATCH 1408/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 48f643c0..6685a63c 100644 --- a/flake.lock +++ b/flake.lock @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679647503, - "narHash": "sha256-1M+holVtfbDTbOtx/4KyCw5CygOFirlSMnCe1X5z3to=", + "lastModified": 1679651113, + "narHash": "sha256-KBkOBDzFO/3JkH85utzBni+EmDMlfyBi5i8yFFKjU0k=", "owner": "nix-community", "repo": "NUR", - "rev": "231cc2c2bd730bca2d5c6a393ecd88c352d7ab78", + "rev": "c0a7cf8bf282cd590ed24384fe9d94d137c3a166", "type": "github" }, "original": { -- 2.47.1 From 902cc65d8c21e391d8afc7033f7f1340b1342465 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Mar 2023 11:02:19 +0000 Subject: [PATCH 1409/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 6685a63c..927cc977 100644 --- a/flake.lock +++ b/flake.lock @@ -987,11 +987,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679642325, - "narHash": "sha256-yJQuFqngV7HHEMATudjaQcshV1l3N+fEHQdUe59vMP8=", + "lastModified": 1679652852, + "narHash": "sha256-E2vMxQQ9zufxN7YEYLAFZ30jYHIU7H95UMIrXUgvIcU=", "owner": "pta2002", "repo": "nixvim", - "rev": "58b6c74e2fe817cbb0dd38b0c33c4dc10025d11e", + "rev": "cbae935d89efb6f514e9b0bed26c9695ed09b513", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679651113, - "narHash": "sha256-KBkOBDzFO/3JkH85utzBni+EmDMlfyBi5i8yFFKjU0k=", + "lastModified": 1679654736, + "narHash": "sha256-RtkdG7qp+HZjyYJkwV0hHW1HNcrBz+e5ya7hP900sec=", "owner": "nix-community", "repo": "NUR", - "rev": "c0a7cf8bf282cd590ed24384fe9d94d137c3a166", + "rev": "39d7a481b9c2f0796468a30d77c9a05eac78f832", "type": "github" }, "original": { -- 2.47.1 From bebebf55c35a16d9f81270d9ef094a4458c88fba Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Mar 2023 12:03:13 +0000 Subject: [PATCH 1410/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 927cc977..db31be2a 100644 --- a/flake.lock +++ b/flake.lock @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679654736, - "narHash": "sha256-RtkdG7qp+HZjyYJkwV0hHW1HNcrBz+e5ya7hP900sec=", + "lastModified": 1679658425, + "narHash": "sha256-Mi+t4RJBDdNNqwU4a4Lu3VLXHf2S0N48BbLuC9W8ukM=", "owner": "nix-community", "repo": "NUR", - "rev": "39d7a481b9c2f0796468a30d77c9a05eac78f832", + "rev": "08a3dfbfe090ffba5dcddba2f022587213c2626b", "type": "github" }, "original": { -- 2.47.1 From a22a7de20a0354149033d1e705466a98d8d47af8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Mar 2023 13:42:25 +0000 Subject: [PATCH 1411/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index db31be2a..0d4df75f 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679628098, - "narHash": "sha256-HkiWJX2ugUHoUArU9DLJey7W1qk0/uGDMNQ36piuhnQ=", + "lastModified": 1679662854, + "narHash": "sha256-Ht0/GK5Mx+1q3Qc0i+wj9pvD/ewVUc2XALMnEqzwfRA=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "a5a0434fffcd1b691506f694e5e9f9091b859a85", + "rev": "e73c6fd3b03492760aa3787794d16c3fcf5458bf", "type": "github" }, "original": { @@ -987,11 +987,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679652852, - "narHash": "sha256-E2vMxQQ9zufxN7YEYLAFZ30jYHIU7H95UMIrXUgvIcU=", + "lastModified": 1679660410, + "narHash": "sha256-ghrv75XTgyEtXA9B7/6JTJCmyBRzOpyXP7tfAce8cMc=", "owner": "pta2002", "repo": "nixvim", - "rev": "cbae935d89efb6f514e9b0bed26c9695ed09b513", + "rev": "6d4c15385db93e58105af3fa04ed22036a718c5c", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679658425, - "narHash": "sha256-Mi+t4RJBDdNNqwU4a4Lu3VLXHf2S0N48BbLuC9W8ukM=", + "lastModified": 1679661028, + "narHash": "sha256-gD8VTVOAEUZBOh+li12zZfWY3gXqSF+/V4DK+mjDYEI=", "owner": "nix-community", "repo": "NUR", - "rev": "08a3dfbfe090ffba5dcddba2f022587213c2626b", + "rev": "3b66de868912e73ec592362ede343ed9fff660bd", "type": "github" }, "original": { -- 2.47.1 From 1342ce022376ffff9b61264147c26cbdca2a89ef Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Mar 2023 14:00:37 +0000 Subject: [PATCH 1412/1882] chore(deps): update renovate/renovate docker tag to v35.20.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 2e091105..8b789806 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.19.1 + image: renovate/renovate:35.20.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 6022f6e8571bdf28c0bac5e99f06dc2f9d024eff Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Mar 2023 15:04:09 +0000 Subject: [PATCH 1413/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 0d4df75f..23c7d876 100644 --- a/flake.lock +++ b/flake.lock @@ -987,11 +987,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679660410, - "narHash": "sha256-ghrv75XTgyEtXA9B7/6JTJCmyBRzOpyXP7tfAce8cMc=", + "lastModified": 1679669176, + "narHash": "sha256-ABlnzoxLhz7TOZsJCUOWidGK6/eigLDgNIT5mxZoWws=", "owner": "pta2002", "repo": "nixvim", - "rev": "6d4c15385db93e58105af3fa04ed22036a718c5c", + "rev": "3ed69945b062faae2ccd95248f1f9b7b98dddc0d", "type": "github" }, "original": { -- 2.47.1 From 2505210a22de99f566bfeed5c355a6b1ff0ce9b6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Mar 2023 17:01:55 +0000 Subject: [PATCH 1414/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 23c7d876..8b580111 100644 --- a/flake.lock +++ b/flake.lock @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679661028, - "narHash": "sha256-gD8VTVOAEUZBOh+li12zZfWY3gXqSF+/V4DK+mjDYEI=", + "lastModified": 1679676646, + "narHash": "sha256-vtSiGJN/WaF2Nx/vzYx9I89rmJbGa7yqBmpc3UMpi1s=", "owner": "nix-community", "repo": "NUR", - "rev": "3b66de868912e73ec592362ede343ed9fff660bd", + "rev": "f7b2df130900f973ebb6c6d33101ff531e8a3a92", "type": "github" }, "original": { -- 2.47.1 From 176afdbcdf87e918f6c20ca27e62dcd8905c7b1e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Mar 2023 19:10:34 +0000 Subject: [PATCH 1415/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 8b580111..9032ff46 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679662854, - "narHash": "sha256-Ht0/GK5Mx+1q3Qc0i+wj9pvD/ewVUc2XALMnEqzwfRA=", + "lastModified": 1679683482, + "narHash": "sha256-oyM1017LKnPkVuPFNmqKmlEms0Cn/ubTQlovNOeOk+E=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "e73c6fd3b03492760aa3787794d16c3fcf5458bf", + "rev": "b3a70b565e67ebf00bcf4ecbae54fc96e527828e", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679676646, - "narHash": "sha256-vtSiGJN/WaF2Nx/vzYx9I89rmJbGa7yqBmpc3UMpi1s=", + "lastModified": 1679684647, + "narHash": "sha256-EGl/IK8xiNzRy4lyH5N3hXdDnoDlIg8kggRadhmN/O4=", "owner": "nix-community", "repo": "NUR", - "rev": "f7b2df130900f973ebb6c6d33101ff531e8a3a92", + "rev": "02fe4ead56489bd62b2967c51e0f1dda2ff6066f", "type": "github" }, "original": { -- 2.47.1 From f4cb390014a3efc4a6848931b4309c66be49af1d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Mar 2023 20:02:50 +0000 Subject: [PATCH 1416/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 9032ff46..7a5cb0d5 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1679480702, - "narHash": "sha256-npuRD61YmxUPitI1TqKwlxLrU6iGl5E+BPT196LgUDo=", + "lastModified": 1679684476, + "narHash": "sha256-WTYZFt9cJmOSp1n3hxAS+BQnu7smcBsC98RSgdp2qsE=", "owner": "nix-community", "repo": "home-manager", - "rev": "363c46b2480f1b73ec37cf68caac61f5daa82a2e", + "rev": "db37c537603d1d45d022cc0666ad45197455b364", "type": "github" }, "original": { @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679683482, - "narHash": "sha256-oyM1017LKnPkVuPFNmqKmlEms0Cn/ubTQlovNOeOk+E=", + "lastModified": 1679687030, + "narHash": "sha256-L5XdUnSDRwuRLYn5UXE5kxt4oSB0cBTlhH6ZsanhJps=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "b3a70b565e67ebf00bcf4ecbae54fc96e527828e", + "rev": "c418007c686abc978ef4119976c2231a105a5568", "type": "github" }, "original": { -- 2.47.1 From 45e95a1c82ce175c254a4de61f8fc7e4113145b8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Mar 2023 22:10:14 +0000 Subject: [PATCH 1417/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 7a5cb0d5..d3a50d38 100644 --- a/flake.lock +++ b/flake.lock @@ -987,11 +987,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679669176, - "narHash": "sha256-ABlnzoxLhz7TOZsJCUOWidGK6/eigLDgNIT5mxZoWws=", + "lastModified": 1679695447, + "narHash": "sha256-Reqsn/TL0aznSV9vGl4rqYk2V+CYXSIEBrTWyM3F1Ew=", "owner": "pta2002", "repo": "nixvim", - "rev": "3ed69945b062faae2ccd95248f1f9b7b98dddc0d", + "rev": "a0498fc4c4ed263c2728a912e52f0a2d89271163", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679684647, - "narHash": "sha256-EGl/IK8xiNzRy4lyH5N3hXdDnoDlIg8kggRadhmN/O4=", + "lastModified": 1679694339, + "narHash": "sha256-KkoBTJK7XBUVWGYPFh4cHys2NHO6p5Jh5NLP1KYA+AQ=", "owner": "nix-community", "repo": "NUR", - "rev": "02fe4ead56489bd62b2967c51e0f1dda2ff6066f", + "rev": "2cd23c2a269fd3ebbb3a312e19e2e56ad770da7f", "type": "github" }, "original": { -- 2.47.1 From 59d5c2c7fa9b5fc59beaa62cdcd4092294352c71 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Mar 2023 23:03:11 +0000 Subject: [PATCH 1418/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d3a50d38..1432fc58 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679687030, - "narHash": "sha256-L5XdUnSDRwuRLYn5UXE5kxt4oSB0cBTlhH6ZsanhJps=", + "lastModified": 1679696652, + "narHash": "sha256-yx9fcK6rtmoEc7lG6BsJ8q8t0UQzggZDIkKnHkuZrrE=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "c418007c686abc978ef4119976c2231a105a5568", + "rev": "41f7736c8521162cb3ea5f3c003e0643c1bcf616", "type": "github" }, "original": { -- 2.47.1 From 94d6c8c4afa3c1975bd307369f964f03b8f84d57 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Mar 2023 00:03:24 +0000 Subject: [PATCH 1419/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 1432fc58..1edb05f6 100644 --- a/flake.lock +++ b/flake.lock @@ -855,11 +855,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1679472241, - "narHash": "sha256-VK2YDic2NjPvfsuneJCLIrWS38qUfoW8rLLimx0rWXA=", + "lastModified": 1679611345, + "narHash": "sha256-PCFRkV/kLNqNAKSaleXGH6i9Wv+ba7+1NZKh+15CFiM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "9ef6e7727f4c31507627815d4f8679c5841efb00", + "rev": "a38c914c34f93328ad7fbcdea0801bc11cbd1565", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679694339, - "narHash": "sha256-KkoBTJK7XBUVWGYPFh4cHys2NHO6p5Jh5NLP1KYA+AQ=", + "lastModified": 1679701538, + "narHash": "sha256-UshdFx0og7BpPaX7vRp1Ilidz24U3inHluE6PfQmaO8=", "owner": "nix-community", "repo": "NUR", - "rev": "2cd23c2a269fd3ebbb3a312e19e2e56ad770da7f", + "rev": "6b2727a0d2a228bd60d7b266125ecfe735c9ea31", "type": "github" }, "original": { -- 2.47.1 From 86809ea99ea297bf93ba0906e103703fe1eb3ee8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Mar 2023 01:00:41 +0000 Subject: [PATCH 1420/1882] chore(deps): update renovate/renovate docker tag to v35.20.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 8b789806..ed5caa89 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.20.0 + image: renovate/renovate:35.20.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 3ac4c80f3d25e682ade813191f47682432d71096 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Mar 2023 02:05:00 +0000 Subject: [PATCH 1421/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1edb05f6..af203a87 100644 --- a/flake.lock +++ b/flake.lock @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679701538, - "narHash": "sha256-UshdFx0og7BpPaX7vRp1Ilidz24U3inHluE6PfQmaO8=", + "lastModified": 1679707221, + "narHash": "sha256-zA/zT4TEs6fuOiayMik7V3o8QH9d+Bp/w2INRCJMPJo=", "owner": "nix-community", "repo": "NUR", - "rev": "6b2727a0d2a228bd60d7b266125ecfe735c9ea31", + "rev": "a41906b0668676bfa22ae3b45e6ddb13b22ac38a", "type": "github" }, "original": { -- 2.47.1 From 3da0c67c394b5e2a69597126f94e3585d1d58b1d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Mar 2023 03:06:50 +0000 Subject: [PATCH 1422/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index af203a87..3ca43f8e 100644 --- a/flake.lock +++ b/flake.lock @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679707221, - "narHash": "sha256-zA/zT4TEs6fuOiayMik7V3o8QH9d+Bp/w2INRCJMPJo=", + "lastModified": 1679711886, + "narHash": "sha256-ngSQPkpnfNJmJtP/St7YQtlnSMgqRgXJKXDSaqHBEpU=", "owner": "nix-community", "repo": "NUR", - "rev": "a41906b0668676bfa22ae3b45e6ddb13b22ac38a", + "rev": "662369b09ee8972728adfa8a70d5450c2cb60ace", "type": "github" }, "original": { -- 2.47.1 From 52df858dea14fdc2a8fee102794cb7efa463fbc4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Mar 2023 04:03:04 +0000 Subject: [PATCH 1423/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 3ca43f8e..c0385bad 100644 --- a/flake.lock +++ b/flake.lock @@ -903,11 +903,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1679437018, - "narHash": "sha256-vOuiDPLHSEo/7NkiWtxpHpHgoXoNmrm+wkXZ6a072Fc=", + "lastModified": 1679616449, + "narHash": "sha256-E6Fvb13mDFa1ZY4lDbTpKbjvUOA4gbh23GWRf3ZzOOw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "19cf008bb18e47b6e3b4e16e32a9a4bdd4b45f7e", + "rev": "a64e169e396460d6b5763a1de1dd197df8421688", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679711886, - "narHash": "sha256-ngSQPkpnfNJmJtP/St7YQtlnSMgqRgXJKXDSaqHBEpU=", + "lastModified": 1679715309, + "narHash": "sha256-gXgLJxrsCvCXG3Ne7rQzO1cny0T+oIY9VBDiDVg7zEA=", "owner": "nix-community", "repo": "NUR", - "rev": "662369b09ee8972728adfa8a70d5450c2cb60ace", + "rev": "9bac0d14fc7379792bf889c407b161c0ca6d6e76", "type": "github" }, "original": { -- 2.47.1 From dc5c1589c0772711c7b4ea9b16e487cfcd230e68 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Mar 2023 05:04:07 +0000 Subject: [PATCH 1424/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c0385bad..e6c24cda 100644 --- a/flake.lock +++ b/flake.lock @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679715309, - "narHash": "sha256-gXgLJxrsCvCXG3Ne7rQzO1cny0T+oIY9VBDiDVg7zEA=", + "lastModified": 1679719349, + "narHash": "sha256-oIlowUif0qyDHq2o/hhEfvA0vLJBvu+p44Ep+tJBarw=", "owner": "nix-community", "repo": "NUR", - "rev": "9bac0d14fc7379792bf889c407b161c0ca6d6e76", + "rev": "cd65825ce34de40b7d7ad4a75604b90d0dcef242", "type": "github" }, "original": { -- 2.47.1 From d5538066a0ee695452aa3f37606f528072513afc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Mar 2023 06:10:14 +0000 Subject: [PATCH 1425/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index e6c24cda..9d9ed782 100644 --- a/flake.lock +++ b/flake.lock @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679719349, - "narHash": "sha256-oIlowUif0qyDHq2o/hhEfvA0vLJBvu+p44Ep+tJBarw=", + "lastModified": 1679722997, + "narHash": "sha256-PdZ4+KCJImHN45tFRoaTPkmldkpUmabFXG9HMJSsnyY=", "owner": "nix-community", "repo": "NUR", - "rev": "cd65825ce34de40b7d7ad4a75604b90d0dcef242", + "rev": "e8d6653c35f03240c48470102bfd4f513056da3a", "type": "github" }, "original": { -- 2.47.1 From cc8299de7b654ed249174362fbe7f77fc71493ce Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Mar 2023 07:02:47 +0000 Subject: [PATCH 1426/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 9d9ed782..c8c5dc06 100644 --- a/flake.lock +++ b/flake.lock @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679722997, - "narHash": "sha256-PdZ4+KCJImHN45tFRoaTPkmldkpUmabFXG9HMJSsnyY=", + "lastModified": 1679726155, + "narHash": "sha256-r47kGlu2AofzgeCDm9q6xCRSyRK85Q809yg22LlBCrA=", "owner": "nix-community", "repo": "NUR", - "rev": "e8d6653c35f03240c48470102bfd4f513056da3a", + "rev": "277d62795b7ee00a4b9ec37f1973d1f234ef06f5", "type": "github" }, "original": { -- 2.47.1 From 9cf6920d37e84377a113387703f95467a03ddfad Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Mar 2023 08:03:29 +0000 Subject: [PATCH 1427/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index c8c5dc06..c0fc9b44 100644 --- a/flake.lock +++ b/flake.lock @@ -855,11 +855,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1679611345, - "narHash": "sha256-PCFRkV/kLNqNAKSaleXGH6i9Wv+ba7+1NZKh+15CFiM=", + "lastModified": 1679710833, + "narHash": "sha256-9yKVvGX1oAnlc8vTVvN2lRH35q6ETudQbM1w9ragMRU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a38c914c34f93328ad7fbcdea0801bc11cbd1565", + "rev": "83607dae4e05e1de755bbc7d7949b33fc1cfbbb9", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679726155, - "narHash": "sha256-r47kGlu2AofzgeCDm9q6xCRSyRK85Q809yg22LlBCrA=", + "lastModified": 1679730298, + "narHash": "sha256-dMYnJqkn4aNy7xoRGSBN3wuX8+zk+9n9OnhzEgnQj1w=", "owner": "nix-community", "repo": "NUR", - "rev": "277d62795b7ee00a4b9ec37f1973d1f234ef06f5", + "rev": "cada49f2b3fee8b5e050da8f339406cd378b7282", "type": "github" }, "original": { -- 2.47.1 From d0231c272be10eba9fd5906dc76ff0ca9e30083b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Mar 2023 10:01:59 +0000 Subject: [PATCH 1428/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c0fc9b44..727686a6 100644 --- a/flake.lock +++ b/flake.lock @@ -987,11 +987,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679695447, - "narHash": "sha256-Reqsn/TL0aznSV9vGl4rqYk2V+CYXSIEBrTWyM3F1Ew=", + "lastModified": 1679735868, + "narHash": "sha256-T+F0xPMnxFvLX1SjbrLvcUcujg7oAIh9gZOWwFsTaMg=", "owner": "pta2002", "repo": "nixvim", - "rev": "a0498fc4c4ed263c2728a912e52f0a2d89271163", + "rev": "1c6efc538899ee45dcd7492fb3ada4724e6e2b47", "type": "github" }, "original": { -- 2.47.1 From d4f053a26170a3fc62efdf1a403f81d8073db80c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Mar 2023 11:03:00 +0000 Subject: [PATCH 1429/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 727686a6..64a380de 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1679684476, - "narHash": "sha256-WTYZFt9cJmOSp1n3hxAS+BQnu7smcBsC98RSgdp2qsE=", + "lastModified": 1679734653, + "narHash": "sha256-cvSEiGtt0FLCkQqOE4REonQGLdGCVrIQJ859vMSHg4U=", "owner": "nix-community", "repo": "home-manager", - "rev": "db37c537603d1d45d022cc0666ad45197455b364", + "rev": "a34aaad2ae159b66306ced0cbfa1eefac8c4343e", "type": "github" }, "original": { -- 2.47.1 From ee9336ad9aed2352869a71b082737cec2045a9d4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Mar 2023 12:00:35 +0000 Subject: [PATCH 1430/1882] chore(deps): update renovate/renovate docker tag to v35.21.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index ed5caa89..1e3b1b1d 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -18,7 +18,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.20.1 + image: renovate/renovate:35.21.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 1b4a3bbe298e491b9d9b1b50ff0a803c2e8876ae Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 25 Mar 2023 13:07:28 +0100 Subject: [PATCH 1431/1882] fix dpi --- flake.lock | 12 ++++++------ flake.nix | 2 +- nixos/hosts/thalassa/aoife/configuration.nix | 1 - .../hosts/thalassa/aoife/hardware-configuration.nix | 1 - nixos/hosts/thalassa/aoife/home/neovim.nix | 6 +++--- 5 files changed, 10 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index c0fc9b44..ea7f82da 100644 --- a/flake.lock +++ b/flake.lock @@ -726,16 +726,16 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1679598117, - "narHash": "sha256-Vs1f/7imI77OkMOQhO3xgx4jalN2Gx3D3C2wmnlpWJM=", - "owner": "NixOS", + "lastModified": 1679726555, + "narHash": "sha256-h7Dd/uWu7i5Yv1E+DweyJJUzTvGWXqfSo8/hz1YEolY=", + "owner": "toastal", "repo": "nixos-hardware", - "rev": "648021dcb2b65498eed3ea3a7339cdfc3bea4d82", + "rev": "0889479119961000c4a15801a0343cd1f11de556", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "master", + "owner": "toastal", + "ref": "z-series-no-hidpi", "repo": "nixos-hardware", "type": "github" } diff --git a/flake.nix b/flake.nix index f2743b62..3da58914 100644 --- a/flake.nix +++ b/flake.nix @@ -38,7 +38,7 @@ nixos-generators.url = "github:nix-community/nixos-generators"; nixos-generators.inputs.nixpkgs.follows = "nixpkgs"; - nixos-hardware.url = "github:NixOS/nixos-hardware/master"; + nixos-hardware.url = "github:toastal/nixos-hardware/z-series-no-hidpi"; }; outputs = { self, nixpkgs, nixpkgs_22-11, vault-secrets, colmena, home-manager diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index e60badde..655438f2 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -85,7 +85,6 @@ }; }; - fonts.optimizeForVeryHighDPI = true; fonts.fonts = with pkgs; [ material-design-icons noto-fonts diff --git a/nixos/hosts/thalassa/aoife/hardware-configuration.nix b/nixos/hosts/thalassa/aoife/hardware-configuration.nix index 537fa162..99593b99 100644 --- a/nixos/hosts/thalassa/aoife/hardware-configuration.nix +++ b/nixos/hosts/thalassa/aoife/hardware-configuration.nix @@ -38,5 +38,4 @@ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; # high-resolution display - fonts.optimizeForVeryHighDPI = lib.mkDefault true; } diff --git a/nixos/hosts/thalassa/aoife/home/neovim.nix b/nixos/hosts/thalassa/aoife/home/neovim.nix index aad25406..16c4689c 100644 --- a/nixos/hosts/thalassa/aoife/home/neovim.nix +++ b/nixos/hosts/thalassa/aoife/home/neovim.nix @@ -1,4 +1,4 @@ -{ inputs, pkgs, lib, ... }: { +{ inputs, pkgs, ... }: { imports = [ inputs.nixvim.homeManagerModules.nixvim ]; programs.nixvim = { enable = true; @@ -25,8 +25,8 @@ nix.enable = true; treesitter = { enable = true; - nixGrammars = false; - ensureInstalled = [ ]; + nixGrammars = true; + # ensureInstalled = [ ]; }; surround.enable = true; fugitive.enable = true; -- 2.47.1 From b5e5507b248e9268ea59279d11429b06ed985f9e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Mar 2023 13:02:57 +0000 Subject: [PATCH 1432/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 64a380de..68bd7eb2 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1679734653, - "narHash": "sha256-cvSEiGtt0FLCkQqOE4REonQGLdGCVrIQJ859vMSHg4U=", + "lastModified": 1679741227, + "narHash": "sha256-9k9oBF5/yU9MfX1VJ1sRali172V4uTylGdNkzqTEouA=", "owner": "nix-community", "repo": "home-manager", - "rev": "a34aaad2ae159b66306ced0cbfa1eefac8c4343e", + "rev": "2f8d24b7f57fdd404defe84626b08f3318612f8c", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679730298, - "narHash": "sha256-dMYnJqkn4aNy7xoRGSBN3wuX8+zk+9n9OnhzEgnQj1w=", + "lastModified": 1679744081, + "narHash": "sha256-EDAKCvm1n1pJFOaPa1+0Xn0PUsrjzQ6O5Va4hytIknw=", "owner": "nix-community", "repo": "NUR", - "rev": "cada49f2b3fee8b5e050da8f339406cd378b7282", + "rev": "52907d05e9d017092da0cec9ff1100b3aca7edf2", "type": "github" }, "original": { -- 2.47.1 From 4f6863db73d402683648e17ba6a74c3ab59ae278 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Mar 2023 14:08:12 +0000 Subject: [PATCH 1433/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 68bd7eb2..da22872d 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1679741227, - "narHash": "sha256-9k9oBF5/yU9MfX1VJ1sRali172V4uTylGdNkzqTEouA=", + "lastModified": 1679746195, + "narHash": "sha256-L4RT64g2QqsK/gwLkuZwlYPLOR63G8+oX34xCcgHrKM=", "owner": "nix-community", "repo": "home-manager", - "rev": "2f8d24b7f57fdd404defe84626b08f3318612f8c", + "rev": "885a504f80227b98d137a84a888bf7faa36d00dc", "type": "github" }, "original": { @@ -903,11 +903,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1679616449, - "narHash": "sha256-E6Fvb13mDFa1ZY4lDbTpKbjvUOA4gbh23GWRf3ZzOOw=", + "lastModified": 1679705136, + "narHash": "sha256-MDlZUR7wJ3PlPtqwwoGQr3euNOe0vdSSteVVOef7tBY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a64e169e396460d6b5763a1de1dd197df8421688", + "rev": "8f40f2f90b9c9032d1b824442cfbbe0dbabd0dbd", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679744081, - "narHash": "sha256-EDAKCvm1n1pJFOaPa1+0Xn0PUsrjzQ6O5Va4hytIknw=", + "lastModified": 1679753190, + "narHash": "sha256-U2mE/kNA7iA2/wHrLj4Rei/69CrQhLdvlXSiaBtqaq0=", "owner": "nix-community", "repo": "NUR", - "rev": "52907d05e9d017092da0cec9ff1100b3aca7edf2", + "rev": "51ec8e4d4115486974c612c4e63bcb98c6ff06c0", "type": "github" }, "original": { -- 2.47.1 From 1900624c44097e3f4681d7da6f5d67c37cb9d318 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 20 Mar 2023 14:51:39 +0100 Subject: [PATCH 1434/1882] update mastodon --- nixos/pkgs/glitch-soc/gemset.nix | 423 ++++++++++++++---------------- nixos/pkgs/glitch-soc/source.nix | 4 +- nixos/pkgs/glitch-soc/version.nix | 2 +- 3 files changed, 205 insertions(+), 224 deletions(-) diff --git a/nixos/pkgs/glitch-soc/gemset.nix b/nixos/pkgs/glitch-soc/gemset.nix index bd022ee5..ff1bae22 100644 --- a/nixos/pkgs/glitch-soc/gemset.nix +++ b/nixos/pkgs/glitch-soc/gemset.nix @@ -5,10 +5,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1y9lj7ra9xf4q4mryydmd498grsndqmz1zwasb4ai9gv62igvw3s"; + sha256 = "0bndmmby5qxq8rs42fbb2ax3hhbjj2ds8wja08s0iadkbrn7shvf"; type = "gem"; }; - version = "6.1.7.2"; + version = "6.1.7.3"; }; actionmailbox = { dependencies = ["actionpack" "activejob" "activerecord" "activestorage" "activesupport" "mail"]; @@ -16,10 +16,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0bzacsr93sxv90nljv3ajw54nmyz1v9k2v2wx1pxsi0jasqg5fvn"; + sha256 = "0cx00kf0syq5gdhlrmw0q9v92ki55drbsk4gzy86ls2q8xkd792s"; type = "gem"; }; - version = "6.1.7.2"; + version = "6.1.7.3"; }; actionmailer = { dependencies = ["actionpack" "actionview" "activejob" "activesupport" "mail" "rails-dom-testing"]; @@ -27,10 +27,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1rjddp1a5l4amsbibhnf7g2rb69qvq0nc0a2dvr6r57bpkf82hj4"; + sha256 = "0vbif021cyndq3v3m61dkmgdbbirqk9zcsszb9nisq24m3gx1aai"; type = "gem"; }; - version = "6.1.7.2"; + version = "6.1.7.3"; }; actionpack = { dependencies = ["actionview" "activesupport" "rack" "rack-test" "rails-dom-testing" "rails-html-sanitizer"]; @@ -38,10 +38,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0c2y6sqpan68lrx78pvhbxb2917m75s808r6cg1kyygwvg31niza"; + sha256 = "0k6hc7klvn8m88b88vykl83jrpqhn4zz67l2zx9v266xga6fhala"; type = "gem"; }; - version = "6.1.7.2"; + version = "6.1.7.3"; }; actiontext = { dependencies = ["actionpack" "activerecord" "activestorage" "activesupport" "nokogiri"]; @@ -49,10 +49,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1jx8wi961i34v7x0j3h4wjw3qbyx9bkzb598vg42kidzk2f90dyj"; + sha256 = "16ldxyxlxl9scggpmkww2fxzim7sl2b4js610pvddcsr74z9fjs7"; type = "gem"; }; - version = "6.1.7.2"; + version = "6.1.7.3"; }; actionview = { dependencies = ["activesupport" "builder" "erubi" "rails-dom-testing" "rails-html-sanitizer"]; @@ -60,10 +60,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "10g5gk8h4mfhvgqylzbf591fqf5p78ca35cb97p9bclpv9jfy0za"; + sha256 = "0ck02cfc17s6g05qn0k7khwvvazwbf2rxbjcma8px2nw2j1ngvcn"; type = "gem"; }; - version = "6.1.7.2"; + version = "6.1.7.3"; }; active_model_serializers = { dependencies = ["actionpack" "activemodel" "case_transform" "jsonapi-renderer"]; @@ -76,26 +76,16 @@ }; version = "0.10.13"; }; - active_record_query_trace = { - groups = ["development"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "19888wjdpqvr2kaci6v6jyjw9pjf682zb1iyx2lz12mpdmy3500n"; - type = "gem"; - }; - version = "1.8"; - }; activejob = { dependencies = ["activesupport" "globalid"]; groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ililjwy4x52a6x5fidh1iyllf6vx49nz93fd2hxypc5bpryx9mz"; + sha256 = "05bkw9qgjgj2nxzjj2fh6jp1fcvgff0aa4r77k0gcfmnzc1g8wdl"; type = "gem"; }; - version = "6.1.7.2"; + version = "6.1.7.3"; }; activemodel = { dependencies = ["activesupport"]; @@ -103,10 +93,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0nn17y72fhsynwn11bqg75bazqp6r1g8mpwwyv64harwvh3fh5qj"; + sha256 = "03hy5bwghdklcxbdylmsq70y0qzslck5slb2zkvp7g6mmvk86kwd"; type = "gem"; }; - version = "6.1.7.2"; + version = "6.1.7.3"; }; activerecord = { dependencies = ["activemodel" "activesupport"]; @@ -114,10 +104,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1k69m3b0lb4jx20jx8vsvdqm1ki1r6riq9haabyddkcpvmgz1wh7"; + sha256 = "1alshkgbcxp9s4vqb2b0yrrnyg15kxhlp1slsb03a61w7h42pspw"; type = "gem"; }; - version = "6.1.7.2"; + version = "6.1.7.3"; }; activestorage = { dependencies = ["actionpack" "activejob" "activerecord" "activesupport" "marcel" "mini_mime"]; @@ -125,10 +115,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0c3cvc01azfkccg5hsl96wafsxb5hf1nva3cn8rif2mlwx17p8n3"; + sha256 = "06w4wlabqqr9bwdig44r5vdwkcbbivwgwn2fl775w7h05vrccgp8"; type = "gem"; }; - version = "6.1.7.2"; + version = "6.1.7.3"; }; activesupport = { dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo" "zeitwerk"]; @@ -136,10 +126,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "14pjq2k761qaywaznpqq8ziivjk2ks1ma2cjwdflkxqgndxjmsr2"; + sha256 = "06mihpy83a5xmavvn7l8vbix472dsi0vh30xj6g594k0679m0ir6"; type = "gem"; }; - version = "6.1.7.2"; + version = "6.1.7.3"; }; addressable = { dependencies = ["public_suffix"]; @@ -250,10 +240,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1nz23laxgrxbv5svswi3bksmbhz86j691n4099qp4049i5a5cx91"; + sha256 = "096ah69q3nqrjbwzax6ln60c9j38zlxigsin90r7i9f9jkppai8w"; type = "gem"; }; - version = "1.701.0"; + version = "1.711.0"; }; aws-sdk-core = { dependencies = ["aws-eventstream" "aws-partitions" "aws-sigv4" "jmespath"]; @@ -283,10 +273,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1sg212jsj6ydyrr6r284mgqcl83kln2hfd9nlyisf3pj5lbdjd1c"; + sha256 = "1rpnlzsl52znhcki13jkwdshgwf51pn26267481f4fa842gr7xgp"; type = "gem"; }; - version = "1.119.0"; + version = "1.119.1"; }; aws-sigv4 = { dependencies = ["aws-eventstream"]; @@ -304,10 +294,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1rakdhrnlclrpy7sihi9ipwdh7fjkkvzga171464lq6rzp07cf65"; + sha256 = "048z3fvcknqx7ikkhrcrykxlqmf9bzc7l0y5h1cnvrc9n2qf0k8m"; type = "gem"; }; - version = "3.1.17"; + version = "3.1.18"; }; better_errors = { dependencies = ["coderay" "erubi" "rack"]; @@ -336,10 +326,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0mz9hz5clknznw8i5f3l2zb9103mlgh96djdhlvlfpf2chkr0s1z"; + sha256 = "04y4zgh4bbcb8wmkxwfqg4saky1d1f3xw8z6yk543q13h8ky8rz5"; type = "gem"; }; - version = "2.4.14"; + version = "2.4.15"; }; binding_of_caller = { dependencies = ["debug_inspector"]; @@ -353,15 +343,14 @@ version = "1.0.0"; }; blurhash = { - dependencies = ["ffi"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1rs61mwdiyriq8mb8na2sfrqzz8igls04md63ajyhk4yj8d2j0sz"; + sha256 = "057afgqy73n8vm7k3cr4pbwm1hhqnm58lp4x7bgm5wzbs39m7xf8"; type = "gem"; }; - version = "0.1.6"; + version = "0.1.7"; }; bootsnap = { dependencies = ["msgpack"]; @@ -389,10 +378,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0q1yzvbqp0mykswipq3w00ljw9fgkhjfrij3hkwi7cx85r14n6gw"; + sha256 = "0g4bcpax07kqqr9cp7cjc7i0pcij4nqpn1rdsg2wdwhzf00m6x32"; type = "gem"; }; - version = "4.2.0"; + version = "5.3.1"; }; brpoplpush-redis_script = { dependencies = ["concurrent-ruby" "redis"]; @@ -415,17 +404,6 @@ }; version = "3.2.4"; }; - bullet = { - dependencies = ["activesupport" "uniform_notifier"]; - groups = ["development"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0hyz68j0z0j24vcrs43swmlykhzypayv34kzrsbxda5lbi83gynm"; - type = "gem"; - }; - version = "7.0.7"; - }; bundler-audit = { dependencies = ["thor"]; groups = ["development"]; @@ -437,26 +415,16 @@ }; version = "0.9.1"; }; - byebug = { - groups = ["default" "development" "test"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0nx3yjf4xzdgb8jkmk2344081gqr22pgjqnmjg2q64mj5d6r9194"; - type = "gem"; - }; - version = "11.1.3"; - }; capistrano = { dependencies = ["airbrussh" "i18n" "rake" "sshkit"]; groups = ["development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1673k8yzy4gl96f1xjj6zf1r2pgm2h042vdsiw03wqx4ygbq2las"; + sha256 = "0nwn1a20q7xmlsgjqzf8msicyi6wkrjvgw62625717323ymz6qsr"; type = "gem"; }; - version = "3.17.1"; + version = "3.17.2"; }; capistrano-bundler = { dependencies = ["capistrano"]; @@ -550,10 +518,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1jfdz0z27p839m09xmw5anrw5jp3jd5hd5gnx4vlk6kk520cy6sf"; + sha256 = "055047f0qq6scbvxnhqx1h7qx0mkx6llvm2c8dk0443gpjfbn8am"; type = "gem"; }; - version = "7.2.4"; + version = "7.2.7"; }; chunky_png = { groups = ["default"]; @@ -586,7 +554,7 @@ version = "1.2.15"; }; coderay = { - groups = ["default" "development" "test"]; + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -610,10 +578,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1qnsflsbjj38im8xq35g0vihlz96h09wjn2dad5g543l3vvrkrx5"; + sha256 = "0krcwb6mn0iklajwngwsg850nk8k9b35dhmc2qkbdqvmifdi2y9q"; type = "gem"; }; - version = "1.2.0"; + version = "1.2.2"; }; connection_pool = { groups = ["default" "test"]; @@ -631,10 +599,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0cf29s40xf6a9k0idswfbabkswr0k5iqfrg61v40bzfrv0fdg440"; + sha256 = "00c6x4ha7qiaaf88qdbyf240mk146zz78rbm4qwyaxmwlmk7q933"; type = "gem"; }; - version = "1.2.1"; + version = "1.3.0"; }; crack = { dependencies = ["rexml"]; @@ -694,10 +662,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0gl0b4jqf7ysv3rg99sgxa5y9va2k13p0si3a88pr7m8g6z8pm7x"; + sha256 = "1jrr9q2sna266blc85sfsh9nbxdr85y9s76cld7m59c43xjm5mdy"; type = "gem"; }; - version = "4.8.1"; + version = "4.9.0"; }; devise-two-factor = { dependencies = ["activesupport" "attr_encrypted" "devise" "railties" "rotp"]; @@ -769,10 +737,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0fxrvqv3l5w9p20s129rg41zc6agf1n4yrmganancnvykbkygki2"; + sha256 = "0skb0mbbsjcs61pixsb5g6dx45zjg0filfaynzqnyv6pgzz71sll"; type = "gem"; }; - version = "5.6.4"; + version = "5.6.5"; }; dotenv = { groups = ["default"]; @@ -916,10 +884,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0y32gj994ll3zlcqjmwp78r7s03iiwayij6fz2pjpkfywgvp71s6"; + sha256 = "1c760q0ks4vj4wmaa7nh1dgvgqiwaw0mjr7v8cymy7i3ffgjxx90"; type = "gem"; }; - version = "1.9.3"; + version = "1.10.3"; }; faraday-em_http = { groups = ["default"]; @@ -967,10 +935,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "03qfi9020ynf7hkdiaq01sd2mllvw7fg4qiin3pk028b4wv23j3j"; + sha256 = "09871c4hd7s5ws1wl4gs7js1k2wlby6v947m2bbzg43pnld044lh"; type = "gem"; }; - version = "1.0.3"; + version = "1.0.4"; }; faraday-net_http = { groups = ["default"]; @@ -1112,10 +1080,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0g7m38n4f5cjqa4gf4fycw6fqvf6m5hhsx4jawryv3bi4hls07d1"; + sha256 = "1cm2lrvhrpqq19hbdsxf4lq2nkb2qdldbdxh3gvi15l62dlb5zqq"; type = "gem"; }; - version = "1.7.1"; + version = "1.8.1"; }; fuubar = { dependencies = ["rspec-core" "ruby-progressbar"]; @@ -1128,17 +1096,6 @@ }; version = "2.5.1"; }; - gitlab-omniauth-openid-connect = { - dependencies = ["addressable" "omniauth" "openid_connect"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1pp9cf6b68pky9bndmals070kibab525wjn9igx9pc5h8z1jv5bd"; - type = "gem"; - }; - version = "0.10.1"; - }; globalid = { dependencies = ["activesupport"]; groups = ["default" "development"]; @@ -1150,27 +1107,38 @@ }; version = "1.1.0"; }; - hamlit = { + haml = { dependencies = ["temple" "thor" "tilt"]; - groups = ["default"]; + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "06imnwpzvpagwn0b9a8kwv7hncii32flmafz20z95hd77hhr6ab7"; + sha256 = "1vcr5wcvfbsq91302playk3i98wdisspkybcmajl04agv4k8xr68"; type = "gem"; }; - version = "2.13.0"; + version = "6.1.1"; }; - hamlit-rails = { - dependencies = ["actionpack" "activesupport" "hamlit" "railties"]; + haml-rails = { + dependencies = ["actionpack" "activesupport" "haml" "railties"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0v75yd6x0nwky83smd9hw5ym9h0pi32jrzbnvq55pzj0rc95gg2p"; + sha256 = "1sjrdwc4azzfpsp2xk0365z031482gcrs0c54d5wx0igkqca0fr7"; type = "gem"; }; - version = "0.2.3"; + version = "2.1.0"; + }; + haml_lint = { + dependencies = ["haml" "parallel" "rainbow" "rubocop" "sysexits"]; + groups = ["development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1yz5g7ffyv99vd9x3yj64ba4zv2bd71gmgrf60a3kc8m1cvc1z5p"; + type = "gem"; + }; + version = "0.45.0"; }; hashdiff = { groups = ["default" "test"]; @@ -1437,10 +1405,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0kcmnx6rgjyd7sznai9ccns2nh7p7wnw3mi8a7vf2wkm51azwddq"; + sha256 = "09yj3z5snhaawh2z1w45yyihzmh57m6m7dp8ra8gxavhj5kbiq5p"; type = "gem"; }; - version = "2.5.0"; + version = "2.7.0"; }; kaminari = { dependencies = ["activesupport" "kaminari-actionview" "kaminari-activerecord" "kaminari-core"]; @@ -1490,9 +1458,11 @@ groups = ["default"]; platforms = []; source = { - remotes = ["https://rubygems.org"]; - sha256 = "08ngapld22knlkyn0dhhddkfm4vfj0lgmwj4y6x4mhi2hzfwxcxr"; - type = "gem"; + fetchSubmodules = false; + rev = "11abf222dc31bff71160a1d138b445214f434b2b"; + sha256 = "03mw3vaqwwi92l1nfd7lrhdiv9gcvdbar2wl1bi4pb3ja4h8nx2v"; + type = "git"; + url = "https://github.com/kreeti/kt-paperclip.git"; }; version = "7.1.1"; }; @@ -1578,10 +1548,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0n0pijrc465zzrv5flxc41375zwaz9yfc2n0r80zjwarc1ixkdx1"; + sha256 = "1bf9pysw1jfgynv692hhaycfxa8ckay1gjw5hz3madrbrynryfzc"; type = "gem"; }; - version = "2.8.0.1"; + version = "2.8.1"; }; makara = { dependencies = ["activerecord"]; @@ -1691,10 +1661,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1kjy67qajw4rnkbjs5jyk7kc3lyhz5613fwj1i8f6ppdk4zampy0"; + sha256 = "0ic7i5z88zcaqnpzprf7saimq2f6sad57g5mkkqsrqrcd6h3mx06"; type = "gem"; }; - version = "5.17.0"; + version = "5.18.0"; }; msgpack = { groups = ["default"]; @@ -1721,10 +1691,21 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1zgw9zlwh2a6i1yvhhc4a84ry1hv824d6g2iw2chs3k5aylpmpfj"; + sha256 = "0lgyysrpl50wgcb9ahg29i4p01z0irb3p9lirygma0kkfr5dgk9x"; type = "gem"; }; - version = "2.1.1"; + version = "2.3.0"; + }; + net-http = { + dependencies = ["uri"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0y55ib1v2b8prqfi9ij7hca60b1j94s2bzr6vskwi3i5735472wq"; + type = "gem"; + }; + version = "0.3.2"; }; net-imap = { dependencies = ["date" "net-protocol"]; @@ -1775,10 +1756,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1q4kxfvx1v4awv8kgincishi7h16dj9sn74gz8x92i81668j1wgm"; + sha256 = "1si2nq9l6jy5n2zw1q59a5gaji7v9vhy8qx08h4fg368906ysbdk"; type = "gem"; }; - version = "4.0.0.rc1"; + version = "4.0.0"; }; net-smtp = { dependencies = ["net-protocol"]; @@ -1817,10 +1798,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0qr6psd9qgv83pklpw7cpmshkcasnv8d777ksmvwsacwfvvkmnxj"; + sha256 = "1djq4rp4m967mn6sxmiw75vz24gfp0w602xv22kk1x3cmi5afrf7"; type = "gem"; }; - version = "1.14.1"; + version = "1.14.2"; }; nsa = { dependencies = ["activesupport" "concurrent-ruby" "sidekiq" "statsd-ruby"]; @@ -1838,10 +1819,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0lggrhlihxyfgiqqr9b2fqdxc4d2zff2czq30m3rgn8a0b2gsv90"; + sha256 = "1ghii2zb14rri5jdpvgh29c2lpnl777nkcirdy698qlmpzxasz7d"; type = "gem"; }; - version = "3.13.23"; + version = "3.14.2"; }; omniauth = { dependencies = ["hashie" "rack"]; @@ -1887,6 +1868,17 @@ }; version = "1.10.3"; }; + omniauth_openid_connect = { + dependencies = ["omniauth" "openid_connect"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "08yl0x203k6nrshc70zawfqh79ap1c3fyka9zwwy61cvn7sih4sz"; + type = "gem"; + }; + version = "0.6.1"; + }; openid_connect = { dependencies = ["activemodel" "attr_required" "json-jwt" "net-smtp" "rack-oauth2" "swd" "tzinfo" "validate_email" "validate_url" "webfinger"]; groups = ["default"]; @@ -1903,10 +1895,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1azzx975qr078isvg8i0hmsr2l98kgnlfrnbb2jdm9b5kwifx1h4"; + sha256 = "0c649921vg2l939z5cc3jwd8p1v49099pdhxfk7sb9qqx5wi5873"; type = "gem"; }; - version = "3.0.0"; + version = "3.1.0"; }; openssl-signature_algorithm = { dependencies = ["openssl"]; @@ -1914,10 +1906,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0rwjga70kbg0rmwgksb2if34ndh9cy0fgrimkx3hjz9c68ssvpxg"; + sha256 = "103yjl68wqhl5kxaciir5jdnyi7iv9yckishdr52s5knh9g0pd53"; type = "gem"; }; - version = "1.2.1"; + version = "1.3.0"; }; orm_adapter = { groups = ["default" "pam_authentication"]; @@ -1955,10 +1947,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0zk8mdyr0322r11d63rcp5jhz4lakxilhvyvdv0ql5dw4lb83623"; + sha256 = "1a2v5f8fw7nxm41xp422p1pbr41hafy62bp95m7vg42cqp5y4grc"; type = "gem"; }; - version = "3.2.0.0"; + version = "3.2.1.1"; }; parslet = { groups = ["default"]; @@ -1986,10 +1978,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1wd6nl81nbdwck04hccsm7wf23ghpi8yddd9j4rbwyvyj0sbsff1"; + sha256 = "07m6lxljabw9kyww5k5lgsxsznsm1v5l14r1la09gqka9b5kv3yr"; type = "gem"; }; - version = "1.4.5"; + version = "1.4.6"; }; pghero = { dependencies = ["activerecord"]; @@ -1997,10 +1989,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0wi1mls8r6r43dy5m6dsdqk28q564164h97pp7a111pgkbdmxf83"; + sha256 = "1yl95pkan8hi7jm1kbrqn2s32h5b04i94rnnxraf1i7k39360204"; type = "gem"; }; - version = "3.1.0"; + version = "3.3.0"; }; pkg-config = { groups = ["default"]; @@ -2054,39 +2046,6 @@ }; version = "0.5.0"; }; - pry = { - dependencies = ["coderay" "method_source"]; - groups = ["default" "development" "test"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0m445x8fwcjdyv2bc0glzss2nbm1ll51bq45knixapc7cl3dzdlr"; - type = "gem"; - }; - version = "0.14.1"; - }; - pry-byebug = { - dependencies = ["byebug" "pry"]; - groups = ["development" "test"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1y41al94ks07166qbp2200yzyr5y60hm7xaiw4lxpgsm4b1pbyf8"; - type = "gem"; - }; - version = "3.10.1"; - }; - pry-rails = { - dependencies = ["pry"]; - groups = ["development" "test"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1cf4ii53w2hdh7fn8vhqpzkymmchjbwij4l3m7s6fsxvb9bn51j6"; - type = "gem"; - }; - version = "0.3.9"; - }; public_suffix = { groups = ["default" "development" "test"]; platforms = []; @@ -2103,10 +2062,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0qzq0c791kacv68hgk9zqsd1p7zx1y1rr9j10rn9yphibb8jj436"; + sha256 = "1j1hx19hh0hhnfcyn075i8rzxxv4vjrny0q1ywzfdbflbwzg7b21"; type = "gem"; }; - version = "5.6.5"; + version = "6.1.1"; }; pundit = { dependencies = ["activesupport"]; @@ -2144,10 +2103,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0qvp6h2abmlsl4sqjsvac03cr2mxq6143gbx4kq52rpazp021qsb"; + sha256 = "1qgwkcb8kxns8d5187cxjaxf18b7dmg9gh6cr9c1125m0bj2pnfk"; type = "gem"; }; - version = "2.2.6.2"; + version = "2.2.6.4"; }; rack-attack = { dependencies = ["rack"]; @@ -2199,10 +2158,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0rjl709krgf499dhjdapg580l2qaj9d91pwzk8ck8fpnazlx1bdd"; + sha256 = "1ysx29gk9k14a14zsp5a8czys140wacvp91fja8xcja0j1hzqq8c"; type = "gem"; }; - version = "2.0.2"; + version = "2.1.0"; }; rails = { dependencies = ["actioncable" "actionmailbox" "actionmailer" "actionpack" "actiontext" "actionview" "activejob" "activemodel" "activerecord" "activestorage" "activesupport" "railties" "sprockets-rails"]; @@ -2210,10 +2169,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1b7ggchi3d7pwzmj8jn9fhbazr5fr4dy304f0hz7kqbg23s9c1ym"; + sha256 = "07cs7qdkx6vwp66diwdy9g6mx52rsd8rxhbnsqf9bqam58g2aynj"; type = "gem"; }; - version = "6.1.7.2"; + version = "6.1.7.3"; }; rails-controller-testing = { dependencies = ["actionpack" "actionview" "activesupport"]; @@ -2264,9 +2223,11 @@ groups = ["default"]; platforms = []; source = { - remotes = ["https://rubygems.org"]; - sha256 = "0wyhyls0aqb1iw7mnaldg39w3mnbi3anmpbvb52rjwkpj2mchhnc"; - type = "gem"; + fetchSubmodules = false; + rev = "86328ef0bd04ce21cc0504ff5e334591e8c2ccab"; + sha256 = "06r637gimh5miq2i6ywxn9gp7nqk8n8555yw8239mykalbzda69h"; + type = "git"; + url = "https://github.com/mastodon/rails-settings-cached.git"; }; version = "0.6.6"; }; @@ -2276,10 +2237,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0mm3nf3y715ln6v8k6g4351ggkr1bcwc5637vr979yw8vsmdi42k"; + sha256 = "1d2snjnx1j848axppj2napy3zjgbka3fnw2528rcamhm6dp694nd"; type = "gem"; }; - version = "6.1.7.2"; + version = "6.1.7.3"; }; rainbow = { groups = ["default" "development" "test"]; @@ -2338,10 +2299,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "03r9739q3vq38g456snf3rk9hadf955bs5im6qs6m69h19mrz2yw"; + sha256 = "0fikjg6j12ka6hh36dxzhfkpqqmilzjfzcdf59iwkzsgd63f0ziq"; type = "gem"; }; - version = "4.5.1"; + version = "4.8.1"; }; redis-namespace = { dependencies = ["redis"]; @@ -2370,10 +2331,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0zjg29w5zvar7by1kqck3zilbdzm5iz3jp5d1zn3970krskfazh2"; + sha256 = "0d6241adx6drsfzz74nx1ld3394nm6fjpv3ammzr0g659krvgf7q"; type = "gem"; }; - version = "2.6.2"; + version = "2.7.0"; }; request_store = { dependencies = ["rack"]; @@ -2392,10 +2353,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "14kjykc6rpdh24sshg9savqdajya2dislc1jmbzg91w9967f4gv1"; + sha256 = "0m9s0mkkprrz02gxhq0ijlwjy0nx1j5yrjf8ssjnhyagnx03lyrx"; type = "gem"; }; - version = "3.0.1"; + version = "3.1.0"; }; rexml = { groups = ["default" "development" "test"]; @@ -2454,10 +2415,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "118hkfw9b11hvvalr7qlylwal5h8dihagm9xg7k4gskg7587hca6"; + sha256 = "0da45cvllbv39sdbsl65vp5djb2xf5m10mxc9jm7rsqyyxjw4h1f"; type = "gem"; }; - version = "3.11.0"; + version = "3.12.1"; }; rspec-expectations = { dependencies = ["diff-lcs" "rspec-support"]; @@ -2465,10 +2426,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "001ihayil7jpfxdlxlhakvz02kx0nk5m1w0bz6z8izdx0nc8bh53"; + sha256 = "03ba3lfdsj9zl00v1yvwgcx87lbadf87livlfa5kgqssn9qdnll6"; type = "gem"; }; - version = "3.11.0"; + version = "3.12.2"; }; rspec-mocks = { dependencies = ["diff-lcs" "rspec-support"]; @@ -2476,10 +2437,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "07vagjxdm5a6s103y8zkcnja6avpl8r196hrpiffmg7sk83dqdsm"; + sha256 = "0sq2cc9pm5gq411y7iwfvzbmgv3g91lyf7y7cqn1lr3yf1v122nc"; type = "gem"; }; - version = "3.11.1"; + version = "3.12.3"; }; rspec-rails = { dependencies = ["actionpack" "activesupport" "railties" "rspec-core" "rspec-expectations" "rspec-mocks" "rspec-support"]; @@ -2487,10 +2448,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1cqw7bhj4a4rhh1x9i5gjm9r91ckhjyngw0zcr7jw2jnfis10d7l"; + sha256 = "0d3fnabkaw8n0na2dpnlg2xygggj51djzpj9x6y5rkiqbfyqwv01"; type = "gem"; }; - version = "5.1.2"; + version = "6.0.1"; }; rspec-sidekiq = { dependencies = ["rspec-core" "sidekiq"]; @@ -2508,10 +2469,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1c01iicvrjk6vv744jgh0y4kk9d0kg2rd2ihdyzvg5p06xm2fpzq"; + sha256 = "12y52zwwb3xr7h91dy9k3ndmyyhr3mjcayk0nnarnrzz8yr48kfx"; type = "gem"; }; - version = "3.11.1"; + version = "3.12.0"; + }; + rspec_chunked = { + groups = ["development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0h4bsj3m7vb47qnx5bry4v0xscrb3lhg1f1vyxl524znb3i2qqzv"; + type = "gem"; + }; + version = "0.6"; }; rspec_junit_formatter = { dependencies = ["rspec-core"]; @@ -2530,10 +2501,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0f4n844yr2jrbddf79cam8qg41k2gkpyjjgd4zgbd8df1ijbld6p"; + sha256 = "1s5yrn6f63px4051kjr78kgg1zacqlv8z5x5lbwb5swgp8b75kqq"; type = "gem"; }; - version = "1.44.1"; + version = "1.48.1"; }; rubocop-ast = { dependencies = ["parser"]; @@ -2541,10 +2512,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1pdzabz95hv3z5sfbkfqa8bdybsfl13gv7rjb32v3ss8klq99lbd"; + sha256 = "16iabkwqhzqh3cd4pcrp0nqv4ks2whcz84csawi78ynfk12vd20a"; type = "gem"; }; - version = "1.24.1"; + version = "1.27.0"; }; rubocop-capybara = { dependencies = ["rubocop"]; @@ -2698,15 +2669,15 @@ version = "0.2.0"; }; sidekiq-scheduler = { - dependencies = ["redis" "rufus-scheduler" "sidekiq" "tilt"]; + dependencies = ["rufus-scheduler" "sidekiq" "tilt"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ij0m4m4zi3ffn1csdrj4g96l4vpqlsw3rrgjxda9yqsq4ylf624"; + sha256 = "0ygsynfb214g9ijgj4wl88jbkx79js8hd6wn65cxaaa54l82w1fj"; type = "gem"; }; - version = "4.0.3"; + version = "5.0.2"; }; sidekiq-unique-jobs = { dependencies = ["brpoplpush-redis_script" "concurrent-ruby" "redis" "sidekiq" "thor"]; @@ -2810,10 +2781,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1szshiw7bzizi380z1hkdbwhjdaixb5bgbx7c3wf7970mjdashkd"; + sha256 = "1y6w2qkwg0ygn85x0afscnj0dv8iwkvm153zjclvwafkm6g0pknk"; type = "gem"; }; - version = "1.21.2"; + version = "1.21.4"; }; stackprof = { groups = ["development"]; @@ -2868,15 +2839,25 @@ }; version = "1.3.0"; }; - temple = { - groups = ["default"]; + sysexits = { + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "060zzj7c2kicdfk6cpnn40n9yjnhfrr13d0rsbdhdij68chp2861"; + sha256 = "0qjng6pllznmprzx8vb0zg0c86hdrkyjs615q41s9fjpmv2430jr"; type = "gem"; }; - version = "0.8.2"; + version = "1.2.0"; + }; + temple = { + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "07k5wr2ypsmsbyc9d1plhdki4xr7vvggld8r1i49iljkrpx5nbqc"; + type = "gem"; + }; + version = "0.10.0"; }; terminal-table = { dependencies = ["unicode-display_width"]; @@ -2911,24 +2892,24 @@ version = "1.2.1"; }; tilt = { - groups = ["default"]; + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "186nfbcsk0l4l86gvng1fw6jq6p6s7rc0caxr23b3pnbfb20y63v"; + sha256 = "1qmhi6d9przjzhsyk9g5pq2j75c656msh6xzprqd2mxgphf23jxs"; type = "gem"; }; - version = "2.0.11"; + version = "2.1.0"; }; timeout = { groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0lnh0kr7f43m1cjzc2jvggfsl1rzsaj2rd3pn6vp7mcqliymzaza"; + sha256 = "1pfddf51n5fnj4f9ggwj3wbf23ynj0nbxlxqpz12y1gvl9g7d6r6"; type = "gem"; }; - version = "0.3.1"; + version = "0.3.2"; }; tpm-key_attestation = { dependencies = ["bindata" "openssl" "openssl-signature_algorithm"]; @@ -2936,10 +2917,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0kyq8z36953snxksv2xmc71znw7zykzis5r23hx3k06dij71vxsy"; + sha256 = "0v8y5dibsyskv1ncdgszhxwzq0gzmvb0zl7sgmx0xvsgy86dhcz1"; type = "gem"; }; - version = "0.11.0"; + version = "0.12.0"; }; tty-color = { groups = ["default"]; @@ -3057,15 +3038,15 @@ }; version = "2.4.2"; }; - uniform_notifier = { - groups = ["default" "development"]; + uri = { + groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1dfvqixshwvm82b9qwdidvnkavdj7s0fbdbmyd4knkl6l3j9xcwr"; + sha256 = "11c4n5rri8d45c47krpg76n98mqh36l0kp2qrkb4dxnkp4flay6y"; type = "gem"; }; - version = "1.16.0"; + version = "0.12.0"; }; validate_email = { dependencies = ["activemodel" "mail"]; @@ -3106,10 +3087,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1gs21q8krknb3db4s87l7xhzihp46ldsf6ql6689g2j0489l6da1"; + sha256 = "1ri09bf640kkw4v6k2g90q2nw1mx2hsghhngaqgb7958q8id8xrz"; type = "gem"; }; - version = "2.5.2"; + version = "3.0.0"; }; webfinger = { dependencies = ["activesupport" "httpclient"]; @@ -3214,10 +3195,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "09pqhdi6q4sqv0p1gnjpbcy4az0yv8hrpykjngdgh9qiqd87nfdv"; + sha256 = "028ld9qmgdllxrl7d0qkl65s58wb1n3gv8yjs28g43a8b1hplxk1"; type = "gem"; }; - version = "2.6.6"; + version = "2.6.7"; }; } diff --git a/nixos/pkgs/glitch-soc/source.nix b/nixos/pkgs/glitch-soc/source.nix index db581682..91c3c9d7 100644 --- a/nixos/pkgs/glitch-soc/source.nix +++ b/nixos/pkgs/glitch-soc/source.nix @@ -2,8 +2,8 @@ { fetchgit, applyPatches }: let src = fetchgit { url = "https://github.com/glitch-soc/mastodon.git"; - rev = "ee4250545236e4330c46b43f4abfe94ad323d4d4"; - sha256 = "12rwz4dy107p711d1pj33lsd32fwns0b2nif755mwrz0vzp29gr6"; + rev = "00fe0f6cb4a736bbb5e633c567ddf7ac9a09ce69"; + sha256 = "1shpwdxf2cjm0bqlsnarm6x3h7db784r7qda80bqy3ki5w65lwaf"; }; in applyPatches { inherit src; diff --git a/nixos/pkgs/glitch-soc/version.nix b/nixos/pkgs/glitch-soc/version.nix index c283b300..4a8abaf4 100644 --- a/nixos/pkgs/glitch-soc/version.nix +++ b/nixos/pkgs/glitch-soc/version.nix @@ -1 +1 @@ -"4.1.0" +"4.1.1" -- 2.47.1 From 0326f2a606628ae7ec15bb371254695e731c29f6 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 21 Mar 2023 11:07:15 +0100 Subject: [PATCH 1435/1882] fix mastodon --- nixos/pkgs/glitch-soc/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/pkgs/glitch-soc/default.nix b/nixos/pkgs/glitch-soc/default.nix index 99737d9a..2cb60b11 100644 --- a/nixos/pkgs/glitch-soc/default.nix +++ b/nixos/pkgs/glitch-soc/default.nix @@ -43,7 +43,7 @@ stdenv.mkDerivation rec { yarnOfflineCache = fetchYarnDeps { yarnLock = "${src}/yarn.lock"; # sha256 = lib.fakeSha256; - sha256 = "sha256-ObCGLw7R6wvq8GQj5MHa/0KV2TYABdNC4sQQ3x1YoQE="; + sha256 = "sha256-LfpNEZAV4xCiPDQrSOezgRqOLQgDqMplIbu48dOlk3k="; }; nativeBuildInputs = [ fixup_yarn_lock nodejs-slim yarn mastodon-gems mastodon-gems.wrappedRuby ]; -- 2.47.1 From 69e1fd3102dbe998cf885fa03ed91e7d7526daf6 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 25 Mar 2023 16:50:16 +0100 Subject: [PATCH 1436/1882] update mullvad server --- nixos/hosts/hades/rtorrent/configuration.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/nixos/hosts/hades/rtorrent/configuration.nix b/nixos/hosts/hades/rtorrent/configuration.nix index e6c60d32..1bc021e4 100644 --- a/nixos/hosts/hades/rtorrent/configuration.nix +++ b/nixos/hosts/hades/rtorrent/configuration.nix @@ -30,14 +30,14 @@ in { in { wg0 = { address = [ "10.66.153.191/32" "fc00:bbbb:bbbb:bb01::3:99be/128" ]; - dns = [ "193.138.218.74" ]; + dns = [ "10.64.0.1" ]; privateKeyFile = "${vs.rtorrent}/wireguardKey"; postUp = "${postUpScript}/bin/post_up || true"; peers = [{ - publicKey = "hnRorSW0YHlHAzGb4Uc/sjOqQIrqDnpJnTQi/n7Rp1c="; + publicKey = "DVui+5aifNFRIVDjH3v2y+dQ+uwI+HFZOd21ajbEpBo="; allowedIPs = [ "0.0.0.0/0" "::/0" ]; - endpoint = "185.65.134.223:51820"; + endpoint = "185.65.134.82:51820"; persistentKeepalive = 25; }]; }; -- 2.47.1 From 0251d353f6dcae862383f36ca38e07b74e610289 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 25 Mar 2023 16:51:50 +0100 Subject: [PATCH 1437/1882] cleanup readme --- nixos/hosts/thalassa/aoife/README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/nixos/hosts/thalassa/aoife/README.md b/nixos/hosts/thalassa/aoife/README.md index 9ecd689d..6dee9969 100644 --- a/nixos/hosts/thalassa/aoife/README.md +++ b/nixos/hosts/thalassa/aoife/README.md @@ -5,11 +5,18 @@ This is the NixOS config for my laptop `aoife`. This is a Thinkpad Z16 Gen 1. **CPU**: AMD Ryzen 9 PRO 6950H (16 cores) @ 4.935GHz + **RAM**: 32GB LPDDR5 6400MHz + **SCREEN**: 16" 3840 x 2400 OLED + **GPU**: AMD Radeon™ RX 6500M, 4 GB, GDDR6 + ## Software **OS**: NixOS + **DE**: Gnome + **Shell**: ZSH (grml) + -- 2.47.1 From 3e2f2c00e2a8bd89c0a372a34366ca6a2bb3c493 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 25 Mar 2023 17:07:55 +0100 Subject: [PATCH 1438/1882] run renovate less often --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 1e3b1b1d..ee60ad8f 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -4,7 +4,7 @@ metadata: name: renovate namespace: services spec: - schedule: "@hourly" + schedule: "@daily" concurrencyPolicy: Forbid jobTemplate: spec: -- 2.47.1 From e0b2c3852638787a53fd3731ae51520f94ff8f18 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Mar 2023 23:00:25 +0000 Subject: [PATCH 1439/1882] chore(deps): update flaresolverr/flaresolverr docker tag to v3.1.1 --- nixos/hosts/hades/prowlarr/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/prowlarr/configuration.nix b/nixos/hosts/hades/prowlarr/configuration.nix index 2a8adf1f..5d3f254c 100644 --- a/nixos/hosts/hades/prowlarr/configuration.nix +++ b/nixos/hosts/hades/prowlarr/configuration.nix @@ -14,7 +14,7 @@ backend = "podman"; containers = { flaresolverr = { - image = "flaresolverr/flaresolverr:v3.1.0"; + image = "flaresolverr/flaresolverr:v3.1.1"; ports = [ "8191:8191" ]; -- 2.47.1 From 47dfb191730e016f0976a09ce9d21eb40a901cab Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 27 Mar 2023 13:49:09 +0200 Subject: [PATCH 1440/1882] flake lock --- flake.lock | 60 +++++++++++++++++++++++++++--------------------------- 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/flake.lock b/flake.lock index 3025de78..26e38023 100644 --- a/flake.lock +++ b/flake.lock @@ -362,11 +362,11 @@ }, "flake-utils_2": { "locked": { - "lastModified": 1676283394, - "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=", + "lastModified": 1678901627, + "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", "owner": "numtide", "repo": "flake-utils", - "rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073", + "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6", "type": "github" }, "original": { @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1679746195, - "narHash": "sha256-L4RT64g2QqsK/gwLkuZwlYPLOR63G8+oX34xCcgHrKM=", + "lastModified": 1679786039, + "narHash": "sha256-VNjswu0Q4bZOkWNuc0+dHvRdjUCj+MnDlRfw/Q0R3vI=", "owner": "nix-community", "repo": "home-manager", - "rev": "885a504f80227b98d137a84a888bf7faa36d00dc", + "rev": "cf662b6c98a0da81e06066fff0ecf9cbd4627727", "type": "github" }, "original": { @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679696652, - "narHash": "sha256-yx9fcK6rtmoEc7lG6BsJ8q8t0UQzggZDIkKnHkuZrrE=", + "lastModified": 1679904037, + "narHash": "sha256-oTvFimR0P/SkJMzy4cTzEuT/YsTP/CxW+75SJtnYjTo=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "41f7736c8521162cb3ea5f3c003e0643c1bcf616", + "rev": "e994b0c8b881de5145e583720abbd9ff27d727ac", "type": "github" }, "original": { @@ -807,11 +807,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1673800717, - "narHash": "sha256-SFHraUqLSu5cC6IxTprex/nTsI81ZQAtDvlBvGDWfnA=", + "lastModified": 1678872516, + "narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2f9fd351ec37f5d479556cd48be4ca340da59b8f", + "rev": "9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1679710833, - "narHash": "sha256-9yKVvGX1oAnlc8vTVvN2lRH35q6ETudQbM1w9ragMRU=", + "lastModified": 1679748960, + "narHash": "sha256-BP8XcYHyj1NxQi04RpyNW8e7KiXSoI+Fy1tXIK2GfdA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "83607dae4e05e1de755bbc7d7949b33fc1cfbbb9", + "rev": "da26ae9f6ce2c9ab380c0f394488892616fc5a6a", "type": "github" }, "original": { @@ -903,11 +903,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1679705136, - "narHash": "sha256-MDlZUR7wJ3PlPtqwwoGQr3euNOe0vdSSteVVOef7tBY=", + "lastModified": 1679797994, + "narHash": "sha256-Kr/O/UlfqAtoFmkZeAaphsxogeaN8a/IugBApFzPfpk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8f40f2f90b9c9032d1b824442cfbbe0dbabd0dbd", + "rev": "5f9d1bb572e08ec432ae46c78581919d837a90f6", "type": "github" }, "original": { @@ -919,11 +919,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1677342105, - "narHash": "sha256-kv1fpkfCJGb0M+LZaCHFUuIS9kRIwyVgupHu86Y28nc=", + "lastModified": 1679705136, + "narHash": "sha256-MDlZUR7wJ3PlPtqwwoGQr3euNOe0vdSSteVVOef7tBY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b1f87ca164a9684404c8829b851c3586c4d9f089", + "rev": "8f40f2f90b9c9032d1b824442cfbbe0dbabd0dbd", "type": "github" }, "original": { @@ -987,11 +987,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679735868, - "narHash": "sha256-T+F0xPMnxFvLX1SjbrLvcUcujg7oAIh9gZOWwFsTaMg=", + "lastModified": 1679839952, + "narHash": "sha256-c/SGf7wV/ASTnWNsiUsuP4RLRm5mH3yWbDYWjN5k6wQ=", "owner": "pta2002", "repo": "nixvim", - "rev": "1c6efc538899ee45dcd7492fb3ada4724e6e2b47", + "rev": "dbd25dffd035974b37b0406a1d74c68040751344", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679753190, - "narHash": "sha256-U2mE/kNA7iA2/wHrLj4Rei/69CrQhLdvlXSiaBtqaq0=", + "lastModified": 1679902832, + "narHash": "sha256-mBsCytKhTOdCZm7JgdGSTMR9MlN2IZcWNb3OmfLDiJE=", "owner": "nix-community", "repo": "NUR", - "rev": "51ec8e4d4115486974c612c4e63bcb98c6ff06c0", + "rev": "c8d9ac47c6c0713060583280ca22501c5da03e26", "type": "github" }, "original": { @@ -1071,11 +1071,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1677722096, - "narHash": "sha256-7mjVMvCs9InnrRybBfr5ohqcOz+pyEX8m22C1XsDilg=", + "lastModified": 1678976941, + "narHash": "sha256-skNr08frCwN9NO+7I77MjOHHAw+L410/37JknNld+W4=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "61a3511668891c68ebd19d40122150b98dc2fe3b", + "rev": "32b1dbedfd77892a6e375737ef04d8efba634e9e", "type": "github" }, "original": { -- 2.47.1 From f6cfe031638c8a8960978d215847a2dfd26deca7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Mar 2023 22:03:13 +0000 Subject: [PATCH 1441/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 26e38023..50368d6a 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679904037, - "narHash": "sha256-oTvFimR0P/SkJMzy4cTzEuT/YsTP/CxW+75SJtnYjTo=", + "lastModified": 1679926767, + "narHash": "sha256-v5HArdftg8pCUYqli+IWUYUacl1cAQ6FpCV8LwdmquA=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "e994b0c8b881de5145e583720abbd9ff27d727ac", + "rev": "6fec5bfbeb80a5b2231af2ac5710a8b9c8bbc08a", "type": "github" }, "original": { @@ -903,11 +903,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1679797994, - "narHash": "sha256-Kr/O/UlfqAtoFmkZeAaphsxogeaN8a/IugBApFzPfpk=", + "lastModified": 1679865578, + "narHash": "sha256-sYQmxxqIYL3QFsRYjW0AufhGur8qWfwoOGPGHRJZlGc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5f9d1bb572e08ec432ae46c78581919d837a90f6", + "rev": "4361baa782dc3d3b35fd455a1adc370681d9187c", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679902832, - "narHash": "sha256-mBsCytKhTOdCZm7JgdGSTMR9MlN2IZcWNb3OmfLDiJE=", + "lastModified": 1679953503, + "narHash": "sha256-7EisGSvcIkWgQe7xipu53z4j9QHuWBGi3+ZAgMKuGLM=", "owner": "nix-community", "repo": "NUR", - "rev": "c8d9ac47c6c0713060583280ca22501c5da03e26", + "rev": "f4a68a0c246d6227ff146a1df2ea054a889a916e", "type": "github" }, "original": { -- 2.47.1 From 9b1531b458dae94528f4ae3b5f450292767171cf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 28 Mar 2023 22:02:40 +0000 Subject: [PATCH 1442/1882] chore(deps): lock file maintenance --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index 50368d6a..95b866b3 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1679786039, - "narHash": "sha256-VNjswu0Q4bZOkWNuc0+dHvRdjUCj+MnDlRfw/Q0R3vI=", + "lastModified": 1680000368, + "narHash": "sha256-TlgC4IJ7aotynUdkGRtaAVxquaiddO38Ws89nB7VGY8=", "owner": "nix-community", "repo": "home-manager", - "rev": "cf662b6c98a0da81e06066fff0ecf9cbd4627727", + "rev": "765e4007b6f9f111469a25d1df6540e8e0ca73a6", "type": "github" }, "original": { @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1679926767, - "narHash": "sha256-v5HArdftg8pCUYqli+IWUYUacl1cAQ6FpCV8LwdmquA=", + "lastModified": 1680031067, + "narHash": "sha256-kwywAAnHTx3IohvHDbhgsQjrHdN6ewE/vX+E/9oWmFc=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "6fec5bfbeb80a5b2231af2ac5710a8b9c8bbc08a", + "rev": "d6241a3086c4abfd21e91e23c83c97c3f80123d4", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1679748960, - "narHash": "sha256-BP8XcYHyj1NxQi04RpyNW8e7KiXSoI+Fy1tXIK2GfdA=", + "lastModified": 1679966490, + "narHash": "sha256-k0jV+y1jawE6w4ZvKgXDNg4+O9NNtcaWwzw8gufv0b4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "da26ae9f6ce2c9ab380c0f394488892616fc5a6a", + "rev": "5b7cd5c39befee629be284970415b6eb3b0ff000", "type": "github" }, "original": { @@ -903,11 +903,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1679865578, - "narHash": "sha256-sYQmxxqIYL3QFsRYjW0AufhGur8qWfwoOGPGHRJZlGc=", + "lastModified": 1679944645, + "narHash": "sha256-e5Qyoe11UZjVfgRfwNoSU57ZeKuEmjYb77B9IVW7L/M=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4361baa782dc3d3b35fd455a1adc370681d9187c", + "rev": "4bb072f0a8b267613c127684e099a70e1f6ff106", "type": "github" }, "original": { @@ -987,11 +987,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1679839952, - "narHash": "sha256-c/SGf7wV/ASTnWNsiUsuP4RLRm5mH3yWbDYWjN5k6wQ=", + "lastModified": 1680026453, + "narHash": "sha256-EQOh1NWZKCU7+N4vdVMnSycI7BJ6UJqLDUOC1r/Tj6Y=", "owner": "pta2002", "repo": "nixvim", - "rev": "dbd25dffd035974b37b0406a1d74c68040751344", + "rev": "2b85290c1282e527ce0d09825118a7efe6056edf", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1679953503, - "narHash": "sha256-7EisGSvcIkWgQe7xipu53z4j9QHuWBGi3+ZAgMKuGLM=", + "lastModified": 1680039938, + "narHash": "sha256-ghgsx4EXyPZUIwDknttfxPkDpuYjpI7940BhhMy9R6Y=", "owner": "nix-community", "repo": "NUR", - "rev": "f4a68a0c246d6227ff146a1df2ea054a889a916e", + "rev": "4095c197d0817326b526787fe54f37a2760b7f8a", "type": "github" }, "original": { -- 2.47.1 From 983af4a447e3c253ec4d07a89bc8dee4c162a4c2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 29 Mar 2023 22:03:07 +0000 Subject: [PATCH 1443/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 95b866b3..03404a4e 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1680000368, - "narHash": "sha256-TlgC4IJ7aotynUdkGRtaAVxquaiddO38Ws89nB7VGY8=", + "lastModified": 1680114304, + "narHash": "sha256-XymtLu8G2nzenjDUWI7XV2MMHztvPkEZUFpwmZFcxVM=", "owner": "nix-community", "repo": "home-manager", - "rev": "765e4007b6f9f111469a25d1df6540e8e0ca73a6", + "rev": "0e065e1b6f0776ebbacea9dcbc977af7bc9eddc0", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1680039938, - "narHash": "sha256-ghgsx4EXyPZUIwDknttfxPkDpuYjpI7940BhhMy9R6Y=", + "lastModified": 1680126323, + "narHash": "sha256-rl6JvRLUXo5wJZXGH+Xfen99rHg+/Pcf3NwKLKJcxqs=", "owner": "nix-community", "repo": "NUR", - "rev": "4095c197d0817326b526787fe54f37a2760b7f8a", + "rev": "ccc46054db4c7384f01f947821635fe085a704be", "type": "github" }, "original": { -- 2.47.1 From 128c14205152628d5d2a3c435a2a4c96e941bd95 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 30 Mar 2023 22:03:49 +0000 Subject: [PATCH 1444/1882] chore(deps): lock file maintenance --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 03404a4e..edf21335 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1680031067, - "narHash": "sha256-kwywAAnHTx3IohvHDbhgsQjrHdN6ewE/vX+E/9oWmFc=", + "lastModified": 1680206900, + "narHash": "sha256-SyydLJZjD+6fabdzIzAUpuVsOcyjlEoSp1rxmaiSnLc=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "d6241a3086c4abfd21e91e23c83c97c3f80123d4", + "rev": "614ea53ad73ad7fc87e9d3f9bb39235d7eaeca7e", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1679966490, - "narHash": "sha256-k0jV+y1jawE6w4ZvKgXDNg4+O9NNtcaWwzw8gufv0b4=", + "lastModified": 1680122840, + "narHash": "sha256-zCQ/9iFHzCW5JMYkkHMwgK1/1/kTMgCMHq4THPINpAU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5b7cd5c39befee629be284970415b6eb3b0ff000", + "rev": "a575c243c23e2851b78c00e9fa245232926ec32f", "type": "github" }, "original": { @@ -903,11 +903,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1679944645, - "narHash": "sha256-e5Qyoe11UZjVfgRfwNoSU57ZeKuEmjYb77B9IVW7L/M=", + "lastModified": 1680125544, + "narHash": "sha256-mlqo1r+TZUOuypWdrZHluxWL+E5WzXlUXNZ9Y0WLDFU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4bb072f0a8b267613c127684e099a70e1f6ff106", + "rev": "9a6aabc4740790ef3bbb246b86d029ccf6759658", "type": "github" }, "original": { @@ -987,11 +987,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1680026453, - "narHash": "sha256-EQOh1NWZKCU7+N4vdVMnSycI7BJ6UJqLDUOC1r/Tj6Y=", + "lastModified": 1680170094, + "narHash": "sha256-W73zOqOnnwGeN09Zw7Tg5IDNFfKato1tmh9y0C9Mluw=", "owner": "pta2002", "repo": "nixvim", - "rev": "2b85290c1282e527ce0d09825118a7efe6056edf", + "rev": "ac2d771f558982ab68da75c8c59cc302e4a8cdd5", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1680126323, - "narHash": "sha256-rl6JvRLUXo5wJZXGH+Xfen99rHg+/Pcf3NwKLKJcxqs=", + "lastModified": 1680212718, + "narHash": "sha256-mmY2i0PxKskyupNZOvjhh2rI4BOshRyoWbTMR2Hr5fs=", "owner": "nix-community", "repo": "NUR", - "rev": "ccc46054db4c7384f01f947821635fe085a704be", + "rev": "a00cb94802111bbff6c94318a2330e2d53a3031e", "type": "github" }, "original": { -- 2.47.1 From e8b121461d6a41ad4f246863bb087813299b44b0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 1 Apr 2023 22:04:09 +0000 Subject: [PATCH 1445/1882] chore(deps): lock file maintenance --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index edf21335..2a2094b7 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1680114304, - "narHash": "sha256-XymtLu8G2nzenjDUWI7XV2MMHztvPkEZUFpwmZFcxVM=", + "lastModified": 1680249941, + "narHash": "sha256-7Ylr0NAr8msd3YVaYBw6uyJIRbtOq5l6aLrmrYA5qTw=", "owner": "nix-community", "repo": "home-manager", - "rev": "0e065e1b6f0776ebbacea9dcbc977af7bc9eddc0", + "rev": "67b97020b6970d39b4126a7870063d11337ecb80", "type": "github" }, "original": { @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1680206900, - "narHash": "sha256-SyydLJZjD+6fabdzIzAUpuVsOcyjlEoSp1rxmaiSnLc=", + "lastModified": 1680374250, + "narHash": "sha256-j1cZaupLBnrYtMzEZMM18ARH4fv8e7SYnuuHSgNV27s=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "614ea53ad73ad7fc87e9d3f9bb39235d7eaeca7e", + "rev": "88a96110b73d74cbef37a60378941fa4f7318f1f", "type": "github" }, "original": { @@ -903,11 +903,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1680125544, - "narHash": "sha256-mlqo1r+TZUOuypWdrZHluxWL+E5WzXlUXNZ9Y0WLDFU=", + "lastModified": 1680213900, + "narHash": "sha256-cIDr5WZIj3EkKyCgj/6j3HBH4Jj1W296z7HTcWj1aMA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "9a6aabc4740790ef3bbb246b86d029ccf6759658", + "rev": "e3652e0735fbec227f342712f180f4f21f0594f2", "type": "github" }, "original": { @@ -987,11 +987,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1680170094, - "narHash": "sha256-W73zOqOnnwGeN09Zw7Tg5IDNFfKato1tmh9y0C9Mluw=", + "lastModified": 1680338538, + "narHash": "sha256-KEvisgrexkDRKN0wZtWW+74YbnXYrVieB6h3qnNCRcM=", "owner": "pta2002", "repo": "nixvim", - "rev": "ac2d771f558982ab68da75c8c59cc302e4a8cdd5", + "rev": "3d64fab719567efea806d0e2cb09084f62072fa8", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1680212718, - "narHash": "sha256-mmY2i0PxKskyupNZOvjhh2rI4BOshRyoWbTMR2Hr5fs=", + "lastModified": 1680386594, + "narHash": "sha256-KzC36G2rouZxrMLxXETcFwjX6bHrtb6Utraj3H+ZsJw=", "owner": "nix-community", "repo": "NUR", - "rev": "a00cb94802111bbff6c94318a2330e2d53a3031e", + "rev": "ec88243402150bb35534835d5dd9a836674def8a", "type": "github" }, "original": { -- 2.47.1 From eebd1aa278850645490c4578594d57abdeae2af4 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 3 Apr 2023 10:41:09 +0200 Subject: [PATCH 1446/1882] updates --- flake.lock | 36 ++++++++++----------- nixos/hosts/thalassa/aoife/home/default.nix | 2 +- 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/flake.lock b/flake.lock index 03404a4e..91047685 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1680114304, - "narHash": "sha256-XymtLu8G2nzenjDUWI7XV2MMHztvPkEZUFpwmZFcxVM=", + "lastModified": 1680249941, + "narHash": "sha256-7Ylr0NAr8msd3YVaYBw6uyJIRbtOq5l6aLrmrYA5qTw=", "owner": "nix-community", "repo": "home-manager", - "rev": "0e065e1b6f0776ebbacea9dcbc977af7bc9eddc0", + "rev": "67b97020b6970d39b4126a7870063d11337ecb80", "type": "github" }, "original": { @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1680031067, - "narHash": "sha256-kwywAAnHTx3IohvHDbhgsQjrHdN6ewE/vX+E/9oWmFc=", + "lastModified": 1680312172, + "narHash": "sha256-q4FL99ZuV04Azc8acchAVsaLqlRVdkkF8AyZ0dJPgws=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "d6241a3086c4abfd21e91e23c83c97c3f80123d4", + "rev": "2b4d96e0efe4ce4a13b8cdef0d1ff5981f674542", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1679966490, - "narHash": "sha256-k0jV+y1jawE6w4ZvKgXDNg4+O9NNtcaWwzw8gufv0b4=", + "lastModified": 1680122840, + "narHash": "sha256-zCQ/9iFHzCW5JMYkkHMwgK1/1/kTMgCMHq4THPINpAU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5b7cd5c39befee629be284970415b6eb3b0ff000", + "rev": "a575c243c23e2851b78c00e9fa245232926ec32f", "type": "github" }, "original": { @@ -903,11 +903,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1679944645, - "narHash": "sha256-e5Qyoe11UZjVfgRfwNoSU57ZeKuEmjYb77B9IVW7L/M=", + "lastModified": 1680213900, + "narHash": "sha256-cIDr5WZIj3EkKyCgj/6j3HBH4Jj1W296z7HTcWj1aMA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4bb072f0a8b267613c127684e099a70e1f6ff106", + "rev": "e3652e0735fbec227f342712f180f4f21f0594f2", "type": "github" }, "original": { @@ -987,11 +987,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1680026453, - "narHash": "sha256-EQOh1NWZKCU7+N4vdVMnSycI7BJ6UJqLDUOC1r/Tj6Y=", + "lastModified": 1680338538, + "narHash": "sha256-KEvisgrexkDRKN0wZtWW+74YbnXYrVieB6h3qnNCRcM=", "owner": "pta2002", "repo": "nixvim", - "rev": "2b85290c1282e527ce0d09825118a7efe6056edf", + "rev": "3d64fab719567efea806d0e2cb09084f62072fa8", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1680126323, - "narHash": "sha256-rl6JvRLUXo5wJZXGH+Xfen99rHg+/Pcf3NwKLKJcxqs=", + "lastModified": 1680327770, + "narHash": "sha256-rgzPcOe4IO193Xw2YXIQ1td5wNuOPhmOsg+Q4bbNpbQ=", "owner": "nix-community", "repo": "NUR", - "rev": "ccc46054db4c7384f01f947821635fe085a704be", + "rev": "80a865de88e897b4990cc1ad9077100763b7953a", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index 855fe919..cfb9f563 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -26,7 +26,7 @@ in { gimp inputs.comma.packages.${pkgs.system}.default inputs.webcord.packages.${pkgs.system}.default - jetbrains.clion + # jetbrains.clion jetbrains.idea-ultimate mullvad-vpn neofetch -- 2.47.1 From a2c23c596ec558022d035ee9f046f81d042f0f1c Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 5 Apr 2023 12:26:14 +0200 Subject: [PATCH 1447/1882] fix neovim --- flake.lock | 54 ++++++++++----------- nixos/hosts/thalassa/aoife/home/default.nix | 2 +- nixos/hosts/thalassa/aoife/home/neovim.nix | 4 +- 3 files changed, 30 insertions(+), 30 deletions(-) diff --git a/flake.lock b/flake.lock index 6b88bffc..cc3a02f7 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1680389554, - "narHash": "sha256-+8FUmS4GbDMynQErZGXKg+wU76rq6mI5fprxFXFWKSM=", + "lastModified": 1680597706, + "narHash": "sha256-ZqJ3T+BxzjPH9TnmeUwS4Uu9ZQPeBXAFC9sUWlharT4=", "owner": "nix-community", "repo": "home-manager", - "rev": "ddd8866c0306c48f465e7f48432e6f1ecd1da7f8", + "rev": "ec06f419af79207b33d797064dfb3fc9dbe1df4a", "type": "github" }, "original": { @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1680439377, - "narHash": "sha256-hF/cjhEWQR3g70RnI61GQ10Wrp8h6dDtWmkoI0LZ4PE=", + "lastModified": 1680645538, + "narHash": "sha256-H9gAx2U3XKVoI2WjwbOXULL4TYj9y7ctxBB4up0v9tI=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "b1426cad28f250a2269012da904901e0edcef114", + "rev": "a80ba54bbc6a423ab0e79730442e09aea832d9d6", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1680334310, - "narHash": "sha256-ISWz16oGxBhF7wqAxefMPwFag6SlsA9up8muV79V9ck=", + "lastModified": 1680498889, + "narHash": "sha256-4nGFBm+oILOO6DPoKTPxVlfkZSxCOY4W25zSRHESK48=", "owner": "nixos", "repo": "nixpkgs", - "rev": "884e3b68be02ff9d61a042bc9bd9dd2a358f95da", + "rev": "799d153e4f316143a9db0eb869ecf44d8d4c0356", "type": "github" }, "original": { @@ -871,11 +871,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1679172431, - "narHash": "sha256-XEh5gIt5otaUbEAPUY5DILUTyWe1goAyeqQtmwaFPyI=", + "lastModified": 1680487167, + "narHash": "sha256-9FNIqrxDZgSliGGN2XJJSvcDYmQbgOANaZA4UWnTdg4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1603d11595a232205f03d46e635d919d1e1ec5b9", + "rev": "53dad94e874c9586e71decf82d972dfb640ef044", "type": "github" }, "original": { @@ -903,11 +903,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1680213900, - "narHash": "sha256-cIDr5WZIj3EkKyCgj/6j3HBH4Jj1W296z7HTcWj1aMA=", + "lastModified": 1680487167, + "narHash": "sha256-9FNIqrxDZgSliGGN2XJJSvcDYmQbgOANaZA4UWnTdg4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e3652e0735fbec227f342712f180f4f21f0594f2", + "rev": "53dad94e874c9586e71decf82d972dfb640ef044", "type": "github" }, "original": { @@ -987,11 +987,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1680338538, - "narHash": "sha256-KEvisgrexkDRKN0wZtWW+74YbnXYrVieB6h3qnNCRcM=", + "lastModified": 1680644235, + "narHash": "sha256-qiA1UFRL9rQ2rShCKHLahUhkr+1Vot/fOawmmSHAcGw=", "owner": "pta2002", "repo": "nixvim", - "rev": "3d64fab719567efea806d0e2cb09084f62072fa8", + "rev": "250de35e057b8242497ae547f6bde7a259cdf536", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1680505766, - "narHash": "sha256-5E6ZFt13gJnKIZChTSMnKU1nKjuzyaQ7s1jUgVl85hs=", + "lastModified": 1680673460, + "narHash": "sha256-99Ka7NV7f6uAx3cEv3h5vDD1bABSOjagY2NiVLpYn+k=", "owner": "nix-community", "repo": "NUR", - "rev": "f9584e3b5d8ea46f9b25631cbab588b14b7e0be0", + "rev": "9b0abefa99e84055e40c568e68753fb751a622ac", "type": "github" }, "original": { @@ -1217,11 +1217,11 @@ }, "utils_2": { "locked": { - "lastModified": 1676283394, - "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=", + "lastModified": 1678901627, + "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", "owner": "numtide", "repo": "flake-utils", - "rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073", + "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6", "type": "github" }, "original": { @@ -1321,11 +1321,11 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1679340088, - "narHash": "sha256-/1KiYoBivDj8HC/eVK2Tr2WYkVdKJxq2Lb0tQs0qqJo=", + "lastModified": 1680629978, + "narHash": "sha256-2iVx5zqU2CpMgmtVadsHSkhkAsoxAWKQp6RQqt2OgQY=", "owner": "wlroots", "repo": "wlroots", - "rev": "1d64e12391a638201c679e71d4e22bb45e5faa8e", + "rev": "835208db98a29431fa687c9506f4b43fe645ff65", "type": "gitlab" }, "original": { diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index cfb9f563..855fe919 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -26,7 +26,7 @@ in { gimp inputs.comma.packages.${pkgs.system}.default inputs.webcord.packages.${pkgs.system}.default - # jetbrains.clion + jetbrains.clion jetbrains.idea-ultimate mullvad-vpn neofetch diff --git a/nixos/hosts/thalassa/aoife/home/neovim.nix b/nixos/hosts/thalassa/aoife/home/neovim.nix index 16c4689c..494acd2d 100644 --- a/nixos/hosts/thalassa/aoife/home/neovim.nix +++ b/nixos/hosts/thalassa/aoife/home/neovim.nix @@ -21,7 +21,7 @@ extraConfigLua = builtins.readFile ./nvim.lua; plugins = { - barbar.enable = true; + bufferline.enable = true; nix.enable = true; treesitter = { enable = true; @@ -46,7 +46,7 @@ servers.rust-analyzer.enable = true; servers.rnix-lsp.enable = true; servers.pyright.enable = true; - # servers.elixirls.enable = true; + servers.elixirls.enable = true; servers.clangd.enable = true; }; trouble.enable = true; -- 2.47.1 From 3569c9f8c093586d49f890db13b0bb608ae7df1c Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 5 Apr 2023 16:31:20 +0200 Subject: [PATCH 1448/1882] expose synapse admin conditionally --- nixos/hosts/olympus/nginx/configuration.nix | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 5486f127..8474edb4 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -50,7 +50,8 @@ in { virtualHosts."md.0x76.dev" = proxy "http://hedgedoc.olympus:3000/"; virtualHosts."git.0x76.dev" = proxy "http://gitea.olympus:3000"; virtualHosts."o.0x76.dev" = proxy "http://minio.olympus:9000"; - virtualHosts."grafana.0x76.dev" = proxy "http://victoriametrics.olympus:2342"; + virtualHosts."grafana.0x76.dev" = + proxy "http://victoriametrics.olympus:2342"; virtualHosts."outline.0x76.dev" = proxy "http://outline.olympus:3000"; virtualHosts."ntfy.0x76.dev" = proxy "http://ntfy.olympus:80"; virtualHosts."ci.0x76.dev" = proxy "http://woodpecker.olympus:8000"; @@ -80,6 +81,7 @@ in { enableACME = true; forceSSL = true; locations."/".extraConfig = '' + add_header Content-Type 'text/html; charset=UTF-8'; return 200 '

meow

'; ''; @@ -96,6 +98,18 @@ in { ''; locations."/_matrix".proxyPass = "http://synapse.olympus:8008"; locations."/_synapse/client".proxyPass = "http://synapse.olympus:8008"; + locations."/_synapse/admin" = { + # Allow only local and my own IPs + extraConfig = '' + allow 127.0.0.1; + allow 10.42.42.0/23; + allow 192.168.0.0/23; + allow 80.60.83.220; + allow 195.85.167.32/23; + deny all; + ''; + proxyPass = "http://synapse.olympus:8008"; + }; }; virtualHosts."element.chat.meowy.tech" = { enableACME = true; -- 2.47.1 From 83eea011304df01f21ec131d89a577755051f0b9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 6 Apr 2023 22:01:52 +0000 Subject: [PATCH 1449/1882] chore(deps): lock file maintenance --- flake.lock | 114 ++++++++++++++++++++++++++--------------------------- 1 file changed, 57 insertions(+), 57 deletions(-) diff --git a/flake.lock b/flake.lock index cc3a02f7..e2136ca9 100644 --- a/flake.lock +++ b/flake.lock @@ -51,11 +51,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1669854260, - "narHash": "sha256-Z8NAL3g4i5LAhxveNGJhrVDHxIBbUf1lVIy/Thr2RMU=", + "lastModified": 1680308980, + "narHash": "sha256-aUEHV0jk2qIFP3jlsWYWhBbm+w/N9gzH3e4I5DcdB5s=", "owner": "lovesegfault", "repo": "beautysh", - "rev": "d616eb8d9d05ee4fb33de9c5521d99c3f0695d52", + "rev": "9845efc3ea3e86cc0d41465d720a47f521b2799c", "type": "github" }, "original": { @@ -109,11 +109,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1678129879, - "narHash": "sha256-OonKO7D6xuNf9S6SvxWYzZXNOfoUw5ZEymfC5UmZT7Y=", + "lastModified": 1680733215, + "narHash": "sha256-5HNH/Lqj8OU/piH3tvPRkINXHHkt6bRp0QYYR4xOybE=", "owner": "nix-community", "repo": "comma", - "rev": "87f7d49716271cb48fb46f939e9f272f202a3728", + "rev": "ef97634016d17cc8cdea396ebcc002320494391a", "type": "github" }, "original": { @@ -252,11 +252,11 @@ "flake-compat_2": { "flake": false, "locked": { - "lastModified": 1650374568, - "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", "owner": "edolstra", "repo": "flake-compat", - "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", "type": "github" }, "original": { @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1680645538, - "narHash": "sha256-H9gAx2U3XKVoI2WjwbOXULL4TYj9y7ctxBB4up0v9tI=", + "lastModified": 1680811741, + "narHash": "sha256-5xwGfqYaefn2JnPWqFsS9cda4ItFb26UR8pqKuGV+JU=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "a80ba54bbc6a423ab0e79730442e09aea832d9d6", + "rev": "801a17194c426abe406c2ced47874855e64031e1", "type": "github" }, "original": { @@ -542,11 +542,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1680428635, - "narHash": "sha256-/Kz4Qy+jx1+bfSq6e2W3MbyODkhs6GqKiiybNtqzvbc=", + "lastModified": 1680695861, + "narHash": "sha256-LqvhYx1Gu+rlkF4pA1NYZzwRQwz3FeWBqXqmQq86m8o=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "db56f164dd4d6bba8f606fd49885cdbe9803fe9b", + "rev": "9182de9ffc8c76fbf24d16dec0ea7a9430597a06", "type": "github" }, "original": { @@ -618,11 +618,11 @@ ] }, "locked": { - "lastModified": 1662220400, - "narHash": "sha256-9o2OGQqu4xyLZP9K6kNe1pTHnyPz0Wr3raGYnr9AIgY=", + "lastModified": 1679567394, + "narHash": "sha256-ZvLuzPeARDLiQUt6zSZFGOs+HZmE+3g4QURc8mkBsfM=", "owner": "nix-community", "repo": "naersk", - "rev": "6944160c19cb591eb85bbf9b2f2768a935623ed3", + "rev": "88cd22380154a2c36799fe8098888f0f59861a15", "type": "github" }, "original": { @@ -690,11 +690,11 @@ }, "nixlib": { "locked": { - "lastModified": 1679187309, - "narHash": "sha256-H8udmkg5wppL11d/05MMzOMryiYvc403axjDNZy1/TQ=", + "lastModified": 1680397293, + "narHash": "sha256-wBpJ73+tJ8fZSWb4tzNbAVahC4HSo2QG3nICDy4ExBQ=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "44214417fe4595438b31bdb9469be92536a61455", + "rev": "b18d328214ca3c627d3cc3f51fd9d1397fdbcd7a", "type": "github" }, "original": { @@ -711,11 +711,11 @@ ] }, "locked": { - "lastModified": 1679464055, - "narHash": "sha256-RiZpwkbm1GeKRqrTtGGsEDieJyplMSRG1bQzOZgY378=", + "lastModified": 1680764424, + "narHash": "sha256-2tNAE9zWbAK3JvQnhlnB1uzHzhwbA9zF6A17CoTjnbk=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "d5cd198c80ee62a801a078ad991c99c0175971cf", + "rev": "15ae4065acbf414989a8677097804326fe7c0532", "type": "github" }, "original": { @@ -839,11 +839,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1663235518, - "narHash": "sha256-q8zLK6rK/CLXEguaPgm9yQJcY0VQtOBhAT9EV2UFK/A=", + "lastModified": 1680668850, + "narHash": "sha256-mQMg13yRsS0LXVzaeoSPwqgPO6yhkGzGewPgMSqXSv8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2277e4c9010b0f27585eb0bed0a86d7cbc079354", + "rev": "4a65e9f64e53fdca6eed31adba836717a11247d2", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1680498889, - "narHash": "sha256-4nGFBm+oILOO6DPoKTPxVlfkZSxCOY4W25zSRHESK48=", + "lastModified": 1680665430, + "narHash": "sha256-MTVhTukwza1Jlq2gECITZPFnhROmylP2uv3O3cSqQCE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "799d153e4f316143a9db0eb869ecf44d8d4c0356", + "rev": "5233fd2ba76a3accb5aaa999c00509a11fd0793c", "type": "github" }, "original": { @@ -871,11 +871,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1680487167, - "narHash": "sha256-9FNIqrxDZgSliGGN2XJJSvcDYmQbgOANaZA4UWnTdg4=", + "lastModified": 1680669251, + "narHash": "sha256-AVNE+0u4HlI3v96KCXE9risH7NKqj0QDLLfSckYXIbA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "53dad94e874c9586e71decf82d972dfb640ef044", + "rev": "9c8ff8b426a8b07b9e0a131ac3218740dc85ba1e", "type": "github" }, "original": { @@ -903,11 +903,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1680487167, - "narHash": "sha256-9FNIqrxDZgSliGGN2XJJSvcDYmQbgOANaZA4UWnTdg4=", + "lastModified": 1680669251, + "narHash": "sha256-AVNE+0u4HlI3v96KCXE9risH7NKqj0QDLLfSckYXIbA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "53dad94e874c9586e71decf82d972dfb640ef044", + "rev": "9c8ff8b426a8b07b9e0a131ac3218740dc85ba1e", "type": "github" }, "original": { @@ -919,11 +919,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1679705136, - "narHash": "sha256-MDlZUR7wJ3PlPtqwwoGQr3euNOe0vdSSteVVOef7tBY=", + "lastModified": 1680669251, + "narHash": "sha256-AVNE+0u4HlI3v96KCXE9risH7NKqj0QDLLfSckYXIbA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8f40f2f90b9c9032d1b824442cfbbe0dbabd0dbd", + "rev": "9c8ff8b426a8b07b9e0a131ac3218740dc85ba1e", "type": "github" }, "original": { @@ -987,11 +987,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1680644235, - "narHash": "sha256-qiA1UFRL9rQ2rShCKHLahUhkr+1Vot/fOawmmSHAcGw=", + "lastModified": 1680815885, + "narHash": "sha256-si2Oe7V1wpKNLuRxS5dqBxAMUBrzlPIS7MIB2odqDZs=", "owner": "pta2002", "repo": "nixvim", - "rev": "250de35e057b8242497ae547f6bde7a259cdf536", + "rev": "d7967f3ffd2e4dc1bc6af59e1cacad34dd64b0b9", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1680673460, - "narHash": "sha256-99Ka7NV7f6uAx3cEv3h5vDD1bABSOjagY2NiVLpYn+k=", + "lastModified": 1680810288, + "narHash": "sha256-vQZgR+y2FD/EJsKPjVg/2INkEqU42LsSkfjThXyGyLk=", "owner": "nix-community", "repo": "NUR", - "rev": "9b0abefa99e84055e40c568e68753fb751a622ac", + "rev": "9f654a0fcec0276fc74fff992bdc487ac54e3e6d", "type": "github" }, "original": { @@ -1071,11 +1071,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1678976941, - "narHash": "sha256-skNr08frCwN9NO+7I77MjOHHAw+L410/37JknNld+W4=", + "lastModified": 1680769543, + "narHash": "sha256-b+aLX7w2cVsHtTTs1wgKsYeNw3SKyMn9Qkb42RK5Yx8=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "32b1dbedfd77892a6e375737ef04d8efba634e9e", + "rev": "bb9e597b33641a8df00f17334db55fa10981c94f", "type": "github" }, "original": { @@ -1202,11 +1202,11 @@ }, "utils": { "locked": { - "lastModified": 1659877975, - "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "lastModified": 1678901627, + "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", "owner": "numtide", "repo": "flake-utils", - "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6", "type": "github" }, "original": { @@ -1247,11 +1247,11 @@ }, "utils_4": { "locked": { - "lastModified": 1667395993, - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "lastModified": 1678901627, + "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", "owner": "numtide", "repo": "flake-utils", - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6", "type": "github" }, "original": { @@ -1321,11 +1321,11 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1680629978, - "narHash": "sha256-2iVx5zqU2CpMgmtVadsHSkhkAsoxAWKQp6RQqt2OgQY=", + "lastModified": 1680810405, + "narHash": "sha256-LmI/4Yp/pOOoI4RxLRx9I90NBsiqdRLVOfbATKlgpkg=", "owner": "wlroots", "repo": "wlroots", - "rev": "835208db98a29431fa687c9506f4b43fe645ff65", + "rev": "7abda952d0000b72d240fe1d41457b9288f0b6e5", "type": "gitlab" }, "original": { -- 2.47.1 From 1e37d7333f6d898db2fc2dce92ec8703ed4ceb9c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 7 Apr 2023 22:01:41 +0000 Subject: [PATCH 1450/1882] chore(deps): lock file maintenance --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index e2136ca9..13c1655d 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1680597706, - "narHash": "sha256-ZqJ3T+BxzjPH9TnmeUwS4Uu9ZQPeBXAFC9sUWlharT4=", + "lastModified": 1680667162, + "narHash": "sha256-2vgxK4j42y73S3XB2cThz1dSEyK9J9tfu4mhuEfAw68=", "owner": "nix-community", "repo": "home-manager", - "rev": "ec06f419af79207b33d797064dfb3fc9dbe1df4a", + "rev": "440faf5ae472657ef2d8cc7756d77b6ab0ace68d", "type": "github" }, "original": { @@ -503,11 +503,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1680811741, - "narHash": "sha256-5xwGfqYaefn2JnPWqFsS9cda4ItFb26UR8pqKuGV+JU=", + "lastModified": 1680901308, + "narHash": "sha256-XtJm2VMTx3PW5AoxR35ExvUwmt5uvYnxfS9OVgcFE/0=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "801a17194c426abe406c2ced47874855e64031e1", + "rev": "10b9e9bbe5fc71c5d7617776927c22db1167b10b", "type": "github" }, "original": { @@ -855,11 +855,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1680665430, - "narHash": "sha256-MTVhTukwza1Jlq2gECITZPFnhROmylP2uv3O3cSqQCE=", + "lastModified": 1680865339, + "narHash": "sha256-H6rmJ1CyJ3Q5ZyoLMYq/UEYMS9Q1orJjRpWiQ47HudE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5233fd2ba76a3accb5aaa999c00509a11fd0793c", + "rev": "0040164e473509b4aee6aedb3b923e400d6df10b", "type": "github" }, "original": { @@ -903,11 +903,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1680669251, - "narHash": "sha256-AVNE+0u4HlI3v96KCXE9risH7NKqj0QDLLfSckYXIbA=", + "lastModified": 1680758185, + "narHash": "sha256-sCVWwfnk7zEX8Z+OItiH+pcSklrlsLZ4TJTtnxAYREw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "9c8ff8b426a8b07b9e0a131ac3218740dc85ba1e", + "rev": "0e19daa510e47a40e06257e205965f3b96ce0ac9", "type": "github" }, "original": { @@ -987,11 +987,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1680815885, - "narHash": "sha256-si2Oe7V1wpKNLuRxS5dqBxAMUBrzlPIS7MIB2odqDZs=", + "lastModified": 1680899977, + "narHash": "sha256-7LwE/ZnVZZriDG9vi54jUimSL+F0xsA8TNrLqcYOjus=", "owner": "pta2002", "repo": "nixvim", - "rev": "d7967f3ffd2e4dc1bc6af59e1cacad34dd64b0b9", + "rev": "5d2dbc40a6fc4ad524e4f13923188ec2b420864b", "type": "github" }, "original": { @@ -1002,11 +1002,11 @@ }, "nur": { "locked": { - "lastModified": 1680810288, - "narHash": "sha256-vQZgR+y2FD/EJsKPjVg/2INkEqU42LsSkfjThXyGyLk=", + "lastModified": 1680896721, + "narHash": "sha256-qYb1Au/XFn4vMWfVP3N9cHzja/3FHbgXl3Fnpk4KWS0=", "owner": "nix-community", "repo": "NUR", - "rev": "9f654a0fcec0276fc74fff992bdc487ac54e3e6d", + "rev": "55e5553c3a67720961d8be737e65b0b05e6ffab6", "type": "github" }, "original": { -- 2.47.1 From eb8e17c780f8e410fac1e7295321d7528096d106 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 2 Apr 2023 22:00:34 +0000 Subject: [PATCH 1451/1882] chore(deps): update flaresolverr/flaresolverr docker tag to v3.1.2 --- nixos/hosts/hades/prowlarr/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/prowlarr/configuration.nix b/nixos/hosts/hades/prowlarr/configuration.nix index 5d3f254c..9c0d325b 100644 --- a/nixos/hosts/hades/prowlarr/configuration.nix +++ b/nixos/hosts/hades/prowlarr/configuration.nix @@ -14,7 +14,7 @@ backend = "podman"; containers = { flaresolverr = { - image = "flaresolverr/flaresolverr:v3.1.1"; + image = "flaresolverr/flaresolverr:v3.1.2"; ports = [ "8191:8191" ]; -- 2.47.1 From f4950404784072fb09fd8059718087e6cc315671 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 9 Apr 2023 18:08:27 +0200 Subject: [PATCH 1452/1882] removed hyprland input --- flake.lock | 176 ++++---------------- flake.nix | 4 +- nixos/hosts/thalassa/null/home/hyprland.nix | 4 - nixos/util.nix | 4 +- 4 files changed, 40 insertions(+), 148 deletions(-) diff --git a/flake.lock b/flake.lock index 13c1655d..2e76ad80 100644 --- a/flake.lock +++ b/flake.lock @@ -495,51 +495,9 @@ "type": "github" } }, - "hyprland": { - "inputs": { - "hyprland-protocols": "hyprland-protocols", - "nixpkgs": "nixpkgs_3", - "wlroots": "wlroots", - "xdph": "xdph" - }, - "locked": { - "lastModified": 1680901308, - "narHash": "sha256-XtJm2VMTx3PW5AoxR35ExvUwmt5uvYnxfS9OVgcFE/0=", - "owner": "hyprwm", - "repo": "Hyprland", - "rev": "10b9e9bbe5fc71c5d7617776927c22db1167b10b", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "Hyprland", - "type": "github" - } - }, - "hyprland-protocols": { - "inputs": { - "nixpkgs": [ - "hyprland", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1671839510, - "narHash": "sha256-+PY1qqJfmZzzROgcIY4I7AkCwpnC+qBIYk2eFoA9RWc=", - "owner": "hyprwm", - "repo": "hyprland-protocols", - "rev": "b8f55e02a328c47ed373133c52483bbfa20a1b75", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprland-protocols", - "type": "github" - } - }, "hyprpaper": { "inputs": { - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_3" }, "locked": { "lastModified": 1680695861, @@ -656,7 +614,7 @@ "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs_8", + "nixpkgs": "nixpkgs_7", "nixpkgs-regression": "nixpkgs-regression" }, "locked": { @@ -821,22 +779,6 @@ "type": "github" } }, - "nixpkgs_10": { - "locked": { - "lastModified": 1670507980, - "narHash": "sha256-riNZa0xzM1it3pzxciwALeMs+0CsBMWIW2FqulzK8vM=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "2787fc7d1e51404678614bf0fe92fc296746eec0", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs_2": { "locked": { "lastModified": 1680668850, @@ -870,22 +812,6 @@ } }, "nixpkgs_3": { - "locked": { - "lastModified": 1680669251, - "narHash": "sha256-AVNE+0u4HlI3v96KCXE9risH7NKqj0QDLLfSckYXIbA=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "9c8ff8b426a8b07b9e0a131ac3218740dc85ba1e", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { "locked": { "lastModified": 1674641431, "narHash": "sha256-qfo19qVZBP4qn5M5gXc/h1MDgAtPA5VxJm9s8RUAkVk=", @@ -901,13 +827,13 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_4": { "locked": { - "lastModified": 1680758185, - "narHash": "sha256-sCVWwfnk7zEX8Z+OItiH+pcSklrlsLZ4TJTtnxAYREw=", + "lastModified": 1680945546, + "narHash": "sha256-8FuaH5t/aVi/pR1XxnF0qi4WwMYC+YxlfdsA0V+TEuQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0e19daa510e47a40e06257e205965f3b96ce0ac9", + "rev": "d9f759f2ea8d265d974a6e1259bd510ac5844c5d", "type": "github" }, "original": { @@ -917,7 +843,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_5": { "locked": { "lastModified": 1680669251, "narHash": "sha256-AVNE+0u4HlI3v96KCXE9risH7NKqj0QDLLfSckYXIbA=", @@ -933,7 +859,7 @@ "type": "github" } }, - "nixpkgs_7": { + "nixpkgs_6": { "locked": { "lastModified": 1672580127, "narHash": "sha256-3lW3xZslREhJogoOkjeZtlBtvFMyxHku7I/9IVehhT8=", @@ -949,7 +875,7 @@ "type": "github" } }, - "nixpkgs_8": { + "nixpkgs_7": { "locked": { "lastModified": 1645296114, "narHash": "sha256-y53N7TyIkXsjMpOG7RhvqJFGDacLs9HlyHeSTBioqYU=", @@ -965,7 +891,7 @@ "type": "github" } }, - "nixpkgs_9": { + "nixpkgs_8": { "locked": { "lastModified": 1674736538, "narHash": "sha256-/DszFMkAgYyB9dTWKkoZa9i0zcrA6Z4hYrOr/u/FSxY=", @@ -979,19 +905,35 @@ "type": "indirect" } }, + "nixpkgs_9": { + "locked": { + "lastModified": 1670507980, + "narHash": "sha256-riNZa0xzM1it3pzxciwALeMs+0CsBMWIW2FqulzK8vM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "2787fc7d1e51404678614bf0fe92fc296746eec0", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nixvim": { "inputs": { "beautysh": "beautysh", "flake-utils": "flake-utils_2", - "nixpkgs": "nixpkgs_6", + "nixpkgs": "nixpkgs_5", "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1680899977, - "narHash": "sha256-7LwE/ZnVZZriDG9vi54jUimSL+F0xsA8TNrLqcYOjus=", + "lastModified": 1680988170, + "narHash": "sha256-QCl2A80m3p/lkRCO9C/PipdkV9I1mbqhnFftjoY4dQ8=", "owner": "pta2002", "repo": "nixvim", - "rev": "5d2dbc40a6fc4ad524e4f13923188ec2b420864b", + "rev": "b6706fa0ec59f37b35bd4c6f3f3be0011bf14964", "type": "github" }, "original": { @@ -1002,11 +944,11 @@ }, "nur": { "locked": { - "lastModified": 1680896721, - "narHash": "sha256-qYb1Au/XFn4vMWfVP3N9cHzja/3FHbgXl3Fnpk4KWS0=", + "lastModified": 1681055105, + "narHash": "sha256-HETUDbn1DpeeLwV5lND1j72jI9nb0S3ax61iz6IGNO4=", "owner": "nix-community", "repo": "NUR", - "rev": "55e5553c3a67720961d8be737e65b0b05e6ffab6", + "rev": "fb7b8b11eef494b17fdfdb6a298768f1be02ddcf", "type": "github" }, "original": { @@ -1115,7 +1057,7 @@ "inputs": { "fenix": "fenix", "naersk": "naersk_2", - "nixpkgs": "nixpkgs_7" + "nixpkgs": "nixpkgs_6" }, "locked": { "lastModified": 1677774593, @@ -1136,12 +1078,11 @@ "colmena": "colmena", "comma": "comma", "home-manager": "home-manager", - "hyprland": "hyprland", "hyprpaper": "hyprpaper", "mailserver": "mailserver", "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_4", "nixpkgs_22-11": "nixpkgs_22-11", "nixvim": "nixvim", "nur": "nur", @@ -1265,7 +1206,7 @@ "flake-compat": "flake-compat_5", "flake-utils": "flake-utils_4", "nix": "nix", - "nixpkgs": "nixpkgs_9" + "nixpkgs": "nixpkgs_8" }, "locked": { "lastModified": 1679628347, @@ -1284,7 +1225,7 @@ "webcord": { "inputs": { "dream2nix": "dream2nix", - "nixpkgs": "nixpkgs_10", + "nixpkgs": "nixpkgs_9", "webcord": "webcord_2" }, "locked": { @@ -1316,49 +1257,6 @@ "repo": "WebCord", "type": "github" } - }, - "wlroots": { - "flake": false, - "locked": { - "host": "gitlab.freedesktop.org", - "lastModified": 1680810405, - "narHash": "sha256-LmI/4Yp/pOOoI4RxLRx9I90NBsiqdRLVOfbATKlgpkg=", - "owner": "wlroots", - "repo": "wlroots", - "rev": "7abda952d0000b72d240fe1d41457b9288f0b6e5", - "type": "gitlab" - }, - "original": { - "host": "gitlab.freedesktop.org", - "owner": "wlroots", - "repo": "wlroots", - "type": "gitlab" - } - }, - "xdph": { - "inputs": { - "hyprland-protocols": [ - "hyprland", - "hyprland-protocols" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1673116118, - "narHash": "sha256-eR0yDSkR2XYMesfdRWJs25kAdXET2mbNNHu5t+KUcKA=", - "owner": "hyprwm", - "repo": "xdg-desktop-portal-hyprland", - "rev": "d479c846531fd0e1d2357c9588b8310a2b859ef2", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "xdg-desktop-portal-hyprland", - "type": "github" - } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 3da58914..99fd58c9 100644 --- a/flake.nix +++ b/flake.nix @@ -21,7 +21,6 @@ home-manager.url = "github:nix-community/home-manager"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; - hyprland.url = "github:hyprwm/Hyprland"; hyprpaper.url = "github:hyprwm/hyprpaper"; riff.url = "github:DeterminateSystems/riff"; @@ -42,7 +41,7 @@ }; outputs = { self, nixpkgs, nixpkgs_22-11, vault-secrets, colmena, home-manager - , hyprpaper, hyprland, nixos-generators, nixos-hardware, nur, ... }@inputs: + , hyprpaper, nixos-generators, nixos-hardware, nur, ... }@inputs: let inherit (nixpkgs) lib; @@ -62,7 +61,6 @@ (import ./nixos/pkgs) vault-secrets.overlay hyprpaper.overlays.default - hyprland.overlays.default nur.overlay ]; }; diff --git a/nixos/hosts/thalassa/null/home/hyprland.nix b/nixos/hosts/thalassa/null/home/hyprland.nix index 75e7bf89..7329a2f5 100644 --- a/nixos/hosts/thalassa/null/home/hyprland.nix +++ b/nixos/hosts/thalassa/null/home/hyprland.nix @@ -5,10 +5,6 @@ wallpaper = eDP-1,~/cloud/Pictures/Wallpapers-Laptop/wallpaper-nix-pink.png ''; - imports = [ - inputs.hyprland.homeManagerModules.default - ]; - wayland.windowManager.hyprland = let startup-script = pkgs.writeScriptBin "startup" '' #!${pkgs.stdenv.shell} diff --git a/nixos/util.nix b/nixos/util.nix index 19c9dfe3..789976fc 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -1,4 +1,4 @@ -{ nixpkgs, home-manager, hyprland, mailserver, ... }: +{ nixpkgs, home-manager, mailserver, ... }: let inherit (builtins) filter attrValues concatMap mapAttrs; inherit (nixpkgs.lib.attrsets) mapAttrsToList; @@ -11,7 +11,7 @@ let ./common/generic-lxc.nix ]; "vm" = [ ./common/generic-vm.nix ]; - "local" = [ hyprland.nixosModules.default ]; + "local" = [ ]; }; in { hostname, realm, profile ? hostname, type ? "lxc", ... }: [ -- 2.47.1 From c0ea8308b2eda99241abd8cbc6f02bbedb5fc4f4 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 10 Apr 2023 12:18:47 +0200 Subject: [PATCH 1453/1882] update fedi & add shield ip --- nixos/hosts/olympus/default.nix | 6 +++ nixos/pkgs/glitch-soc/default.nix | 4 +- nixos/pkgs/glitch-soc/gemset.nix | 70 +++++++++++++++---------------- nixos/pkgs/glitch-soc/source.nix | 4 +- nixos/pkgs/glitch-soc/version.nix | 2 +- 5 files changed, 46 insertions(+), 40 deletions(-) diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 0073da3c..0d9992e6 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -152,6 +152,12 @@ mac = "1C:69:7A:62:30:88"; nix = false; }; + "shield" = { + ip = "10.42.42.43"; + ip6 = "2001:41f0:9639:1::43"; + mac = "48:b0:2d:4e:29:c0"; + nix = false; + }; "eevee" = { ip = "10.42.42.69"; ip6 = "2001:41f0:9639:1:a83:e416:dc99:5ed3"; diff --git a/nixos/pkgs/glitch-soc/default.nix b/nixos/pkgs/glitch-soc/default.nix index 2cb60b11..6d26308f 100644 --- a/nixos/pkgs/glitch-soc/default.nix +++ b/nixos/pkgs/glitch-soc/default.nix @@ -42,8 +42,8 @@ stdenv.mkDerivation rec { yarnOfflineCache = fetchYarnDeps { yarnLock = "${src}/yarn.lock"; - # sha256 = lib.fakeSha256; - sha256 = "sha256-LfpNEZAV4xCiPDQrSOezgRqOLQgDqMplIbu48dOlk3k="; + #sha256 = lib.fakeSha256; + sha256 = "sha256-uDQ06rWvXxwSv7I41Gu7RMKKiB+cA21Jq/gfWpfZ6Mg="; }; nativeBuildInputs = [ fixup_yarn_lock nodejs-slim yarn mastodon-gems mastodon-gems.wrappedRuby ]; diff --git a/nixos/pkgs/glitch-soc/gemset.nix b/nixos/pkgs/glitch-soc/gemset.nix index ff1bae22..16dfe6f3 100644 --- a/nixos/pkgs/glitch-soc/gemset.nix +++ b/nixos/pkgs/glitch-soc/gemset.nix @@ -240,10 +240,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "096ah69q3nqrjbwzax6ln60c9j38zlxigsin90r7i9f9jkppai8w"; + sha256 = "037avf47v67zfc0g7nzax57in14s37kn1vzmarj09lmhhprxs9al"; type = "gem"; }; - version = "1.711.0"; + version = "1.735.0"; }; aws-sdk-core = { dependencies = ["aws-eventstream" "aws-partitions" "aws-sigv4" "jmespath"]; @@ -251,10 +251,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0zc4zhv2wq7s5p8c9iaplama1lpg2kwldg81j83c8w4xydf1wd2r"; + sha256 = "0732vv8zi67z25fss1sdvqx0vv1ap3w6hz1avxzwznkjp002vj39"; type = "gem"; }; - version = "3.170.0"; + version = "3.171.0"; }; aws-sdk-kms = { dependencies = ["aws-sdk-core" "aws-sigv4"]; @@ -262,10 +262,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "070s86pxrbq98iddq6shdq7g0lrzgsdqnsnc5l4kygvqimliq4dr"; + sha256 = "0v87zi28dfmrv7bv91yfldccnpd63n295siirbz7wqv1rajn8n02"; type = "gem"; }; - version = "1.62.0"; + version = "1.63.0"; }; aws-sdk-s3 = { dependencies = ["aws-sdk-core" "aws-sdk-kms" "aws-sigv4"]; @@ -273,10 +273,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1rpnlzsl52znhcki13jkwdshgwf51pn26267481f4fa842gr7xgp"; + sha256 = "1100ir42jf60rf7kffgq16070g0sqg52pcwwnvy2113c8qk5zlkz"; type = "gem"; }; - version = "1.119.1"; + version = "1.119.2"; }; aws-sigv4 = { dependencies = ["aws-eventstream"]; @@ -662,10 +662,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1jrr9q2sna266blc85sfsh9nbxdr85y9s76cld7m59c43xjm5mdy"; + sha256 = "0vpd7d61d4pfmyb2plnnv82wmczzlhw4k4gjhd2fv4r6vq8ilqqi"; type = "gem"; }; - version = "4.9.0"; + version = "4.9.2"; }; devise-two-factor = { dependencies = ["activesupport" "attr_encrypted" "devise" "railties" "rotp"]; @@ -737,10 +737,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0skb0mbbsjcs61pixsb5g6dx45zjg0filfaynzqnyv6pgzz71sll"; + sha256 = "1q2pywgyn6cbnm0fh3dln5z1qgd1g8hvb4x8rppjc1bpfxnfhi13"; type = "gem"; }; - version = "5.6.5"; + version = "5.6.6"; }; dotenv = { groups = ["default"]; @@ -1537,10 +1537,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08qhzck271anrx9y6qa6mh8hwwdzsgwld8q0000rcd7yvvpnjr3c"; + sha256 = "1mi4ia13fisc97fzd8xcd9wkjdki7zfbmdn1xkdzplicir68gyp8"; type = "gem"; }; - version = "2.19.1"; + version = "2.20.0"; }; mail = { dependencies = ["mini_mime" "net-imap" "net-pop" "net-smtp"]; @@ -1989,10 +1989,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1yl95pkan8hi7jm1kbrqn2s32h5b04i94rnnxraf1i7k39360204"; + sha256 = "0p6g756bx24sj2nvrvrj09n0z51djjawijcixp5lymmphvjk3ymx"; type = "gem"; }; - version = "3.3.0"; + version = "3.3.1"; }; pkg-config = { groups = ["default"]; @@ -2125,10 +2125,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0jvs0mq8jrsz86jva91mgql16daprpa3qaipzzfvngnnqr5680j7"; + sha256 = "02lvkg1nb4z3zc2nry545dap7a64bb9h2k8waxfz0jkabkgnpimw"; type = "gem"; }; - version = "1.1.1"; + version = "2.0.1"; }; rack-oauth2 = { dependencies = ["activesupport" "attr_required" "httpclient" "json-jwt" "rack"]; @@ -2519,14 +2519,14 @@ }; rubocop-capybara = { dependencies = ["rubocop"]; - groups = ["default" "development" "test"]; + groups = ["development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1h4qcjkz0365qlhi7y1ni94qj14k397cad566zygm20p15ypbp5v"; + sha256 = "1pz52ml0qbxgcjlmp8y0wsq8xy398n6ypkbrwfaa8zb0v7pscj6n"; type = "gem"; }; - version = "2.17.0"; + version = "2.17.1"; }; rubocop-performance = { dependencies = ["rubocop" "rubocop-ast"]; @@ -2545,10 +2545,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1nxyifly45y7dfiaf0ql8aq7xykrg0sh1l7dxmn3sb9p2jd18140"; + sha256 = "13gx0dmi5jhs4x2617jclwc57sy4gvw3v8l91dpgc63b8dpmcim6"; type = "gem"; }; - version = "2.17.4"; + version = "2.18.0"; }; rubocop-rspec = { dependencies = ["rubocop" "rubocop-capybara"]; @@ -2556,20 +2556,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1vmmin3ymgq7bhv2hl4pd0zpwawy709p816axc4vi67w61b4bij1"; + sha256 = "1k8yh0nzlz0g8igmj5smnxq71qmi2b005nkl25wkpjkwvzn2wfdx"; type = "gem"; }; - version = "2.18.1"; + version = "2.19.0"; }; ruby-progressbar = { groups = ["default" "development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "02nmaw7yx9kl7rbaan5pl8x5nn0y4j5954mzrkzi9i3dhsrps4nc"; + sha256 = "0cwvyb7j47m7wihpfaq7rc47zwwx9k4v7iqd9s1xch5nm53rrz40"; type = "gem"; }; - version = "1.11.0"; + version = "1.13.0"; }; ruby-saml = { dependencies = ["nokogiri" "rexml"]; @@ -2791,10 +2791,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "02r3a3ny27ljj19bzmxscw2vlmk7sw1p4ppbl2i69g17khi0p4sw"; + sha256 = "1m16qc3zrwx79a8p9q2xnsm2hhdd8q3vp6xihyf8j5b6dn9k5py5"; type = "gem"; }; - version = "0.2.23"; + version = "0.2.24"; }; statsd-ruby = { groups = ["default"]; @@ -2823,10 +2823,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0yk45ri2rnp00x4mdsvwdzdd9yziqxj5v9sjk74nzw0y927y3m1w"; + sha256 = "0wz4zhsp4xia8zcpi98v4sgjlv2prd515l8jz4f7j0wk45dfkjs1"; type = "gem"; }; - version = "0.7.9"; + version = "0.8.0"; }; swd = { dependencies = ["activesupport" "attr_required" "httpclient"]; @@ -3002,10 +3002,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0drm9pygji01pyimxq65ngdvgpn228g7fhffmrqw0xn7l2rdhclp"; + sha256 = "0m2d0gpsgqnv29j5h2d6g57g0rayvd460b8s2vjr8sn46bqf89m5"; type = "gem"; }; - version = "1.2022.7"; + version = "1.2023.3"; }; unf = { dependencies = ["unf_ext"]; @@ -3043,10 +3043,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "11c4n5rri8d45c47krpg76n98mqh36l0kp2qrkb4dxnkp4flay6y"; + sha256 = "1vigw7nfszfqgikr6n574k9bfh0rvs74z8xq46rz2zsm8249l8cc"; type = "gem"; }; - version = "0.12.0"; + version = "0.12.1"; }; validate_email = { dependencies = ["activemodel" "mail"]; diff --git a/nixos/pkgs/glitch-soc/source.nix b/nixos/pkgs/glitch-soc/source.nix index 91c3c9d7..64496a44 100644 --- a/nixos/pkgs/glitch-soc/source.nix +++ b/nixos/pkgs/glitch-soc/source.nix @@ -2,8 +2,8 @@ { fetchgit, applyPatches }: let src = fetchgit { url = "https://github.com/glitch-soc/mastodon.git"; - rev = "00fe0f6cb4a736bbb5e633c567ddf7ac9a09ce69"; - sha256 = "1shpwdxf2cjm0bqlsnarm6x3h7db784r7qda80bqy3ki5w65lwaf"; + rev = "ff168ef2024626f37fa776fde5739dcd58ecb9f2"; + sha256 = "16w1hzx45i2kf5jgy32v96l4zaa1zzmvda19yqckc48l0fxcn39p"; }; in applyPatches { inherit src; diff --git a/nixos/pkgs/glitch-soc/version.nix b/nixos/pkgs/glitch-soc/version.nix index 4a8abaf4..d80cafca 100644 --- a/nixos/pkgs/glitch-soc/version.nix +++ b/nixos/pkgs/glitch-soc/version.nix @@ -1 +1 @@ -"4.1.1" +"4.1.2" -- 2.47.1 From 2789b7835fa9e4551a5731ca5bef32fd6370b915 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 10 Apr 2023 22:01:56 +0000 Subject: [PATCH 1454/1882] chore(deps): lock file maintenance --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index 2e76ad80..837731cf 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1680667162, - "narHash": "sha256-2vgxK4j42y73S3XB2cThz1dSEyK9J9tfu4mhuEfAw68=", + "lastModified": 1681127522, + "narHash": "sha256-Eo4dd0AmKshM+A6msQRMwT42QvWGNxa8RjmZ4tY7g9E=", "owner": "nix-community", "repo": "home-manager", - "rev": "440faf5ae472657ef2d8cc7756d77b6ab0ace68d", + "rev": "93f5cb2482dd20e57eb8ca6c819cdad9738f98a0", "type": "github" }, "original": { @@ -500,11 +500,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1680695861, - "narHash": "sha256-LqvhYx1Gu+rlkF4pA1NYZzwRQwz3FeWBqXqmQq86m8o=", + "lastModified": 1681080114, + "narHash": "sha256-rAKfgQJQRsw4QMOXdxfHIh/d5LPY6HHKBX1KtaPs2No=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "9182de9ffc8c76fbf24d16dec0ea7a9430597a06", + "rev": "4bcedde1dc1a06107ec32c93a937de30f40aa1fc", "type": "github" }, "original": { @@ -669,11 +669,11 @@ ] }, "locked": { - "lastModified": 1680764424, - "narHash": "sha256-2tNAE9zWbAK3JvQnhlnB1uzHzhwbA9zF6A17CoTjnbk=", + "lastModified": 1681136075, + "narHash": "sha256-stDJYgXCUnX/G36LTSaMZTh6ywyeqdyUvZJf00wJDgg=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "15ae4065acbf414989a8677097804326fe7c0532", + "rev": "58ded302d17bcaab4793fa6438ca45f8ddbddaa2", "type": "github" }, "original": { @@ -797,11 +797,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1680865339, - "narHash": "sha256-H6rmJ1CyJ3Q5ZyoLMYq/UEYMS9Q1orJjRpWiQ47HudE=", + "lastModified": 1681091990, + "narHash": "sha256-ifIzhksUBZKp5WgCuoVhDY32qaEplXp7khzrB6zkaFc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0040164e473509b4aee6aedb3b923e400d6df10b", + "rev": "ea96b4af6148114421fda90df33cf236ff5ecf1d", "type": "github" }, "original": { @@ -829,11 +829,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1680945546, - "narHash": "sha256-8FuaH5t/aVi/pR1XxnF0qi4WwMYC+YxlfdsA0V+TEuQ=", + "lastModified": 1681036984, + "narHash": "sha256-AbScJXshYzbeUKHh+Y3OICc3iAtr+NqJ3Xb81GW+ptU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d9f759f2ea8d265d974a6e1259bd510ac5844c5d", + "rev": "fd531dee22c9a3d4336cc2da39e8dd905e8f3de4", "type": "github" }, "original": { @@ -944,11 +944,11 @@ }, "nur": { "locked": { - "lastModified": 1681055105, - "narHash": "sha256-HETUDbn1DpeeLwV5lND1j72jI9nb0S3ax61iz6IGNO4=", + "lastModified": 1681163148, + "narHash": "sha256-KQ+CVrG3gY67t6K5bPcLNBgUTB7sjI47mm+tVVyIIEQ=", "owner": "nix-community", "repo": "NUR", - "rev": "fb7b8b11eef494b17fdfdb6a298768f1be02ddcf", + "rev": "f496eeaf48792d84d4fa6a6ee278ac41faf62940", "type": "github" }, "original": { -- 2.47.1 From fcdeed6e6d3a731aba9144d6b0cfe55132588ce8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 11 Apr 2023 22:02:33 +0000 Subject: [PATCH 1455/1882] chore(deps): lock file maintenance --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 837731cf..fa54c31c 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1681127522, - "narHash": "sha256-Eo4dd0AmKshM+A6msQRMwT42QvWGNxa8RjmZ4tY7g9E=", + "lastModified": 1681245941, + "narHash": "sha256-RgFsg7+GRPzarip2zdhXUvc5T950BgCoqGYTFTHC/30=", "owner": "nix-community", "repo": "home-manager", - "rev": "93f5cb2482dd20e57eb8ca6c819cdad9738f98a0", + "rev": "6e57fc470508ae65caf59b8de391cdaafc88b1de", "type": "github" }, "original": { @@ -829,11 +829,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1681036984, - "narHash": "sha256-AbScJXshYzbeUKHh+Y3OICc3iAtr+NqJ3Xb81GW+ptU=", + "lastModified": 1681126633, + "narHash": "sha256-evQ3Ct/yJDSHej16Hiq+JfxRjgm9FXu/2LBxsyorGdE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "fd531dee22c9a3d4336cc2da39e8dd905e8f3de4", + "rev": "db24d86dd8a4769c50d6b7295e81aa280cd93f35", "type": "github" }, "original": { @@ -929,11 +929,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1680988170, - "narHash": "sha256-QCl2A80m3p/lkRCO9C/PipdkV9I1mbqhnFftjoY4dQ8=", + "lastModified": 1681228317, + "narHash": "sha256-Y07wDRqH9t6/6D/Qxwt0Xa/EpS67QJJETK0NqWDruEs=", "owner": "pta2002", "repo": "nixvim", - "rev": "b6706fa0ec59f37b35bd4c6f3f3be0011bf14964", + "rev": "693277568f4170eecdaf4b22467a608b3ed1b35e", "type": "github" }, "original": { @@ -944,11 +944,11 @@ }, "nur": { "locked": { - "lastModified": 1681163148, - "narHash": "sha256-KQ+CVrG3gY67t6K5bPcLNBgUTB7sjI47mm+tVVyIIEQ=", + "lastModified": 1681249499, + "narHash": "sha256-KhHxH+8udTG1TxoYDafvHDiWJ69edwPIgUWN1CR8+O0=", "owner": "nix-community", "repo": "NUR", - "rev": "f496eeaf48792d84d4fa6a6ee278ac41faf62940", + "rev": "067ec4cc5ca143ff6116fabb3b90d67854d9558d", "type": "github" }, "original": { -- 2.47.1 From c048db41a06a34f22d6aa3ea40298b8c6a55c2f6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 12 Apr 2023 22:02:45 +0000 Subject: [PATCH 1456/1882] chore(deps): lock file maintenance --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index fa54c31c..60ccf304 100644 --- a/flake.lock +++ b/flake.lock @@ -482,11 +482,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1681245941, - "narHash": "sha256-RgFsg7+GRPzarip2zdhXUvc5T950BgCoqGYTFTHC/30=", + "lastModified": 1681250798, + "narHash": "sha256-fQMROyKzPFBPqJy9J4ffywm02ZuqAI0GW1O1QibVpdQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "6e57fc470508ae65caf59b8de391cdaafc88b1de", + "rev": "28698126bd825aff21cae9ffd15cf83e169051b0", "type": "github" }, "original": { @@ -500,11 +500,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1681080114, - "narHash": "sha256-rAKfgQJQRsw4QMOXdxfHIh/d5LPY6HHKBX1KtaPs2No=", + "lastModified": 1681308705, + "narHash": "sha256-Iy1NVydzM04OqBLeD96zDmg1HMilUqa2vFeaOJFOp8o=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "4bcedde1dc1a06107ec32c93a937de30f40aa1fc", + "rev": "10fd31a5444d25ab81c8105f2df1b4cb0cba68e5", "type": "github" }, "original": { @@ -797,11 +797,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1681091990, - "narHash": "sha256-ifIzhksUBZKp5WgCuoVhDY32qaEplXp7khzrB6zkaFc=", + "lastModified": 1681154110, + "narHash": "sha256-OQwWzlzAY1dCqgSsgZzsPIOGmX4pBGaoXOy0rSl4b5Y=", "owner": "nixos", "repo": "nixpkgs", - "rev": "ea96b4af6148114421fda90df33cf236ff5ecf1d", + "rev": "115a96e2ac1e92937cd47c30e073e16dcaaf6247", "type": "github" }, "original": { @@ -829,11 +829,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1681126633, - "narHash": "sha256-evQ3Ct/yJDSHej16Hiq+JfxRjgm9FXu/2LBxsyorGdE=", + "lastModified": 1681217261, + "narHash": "sha256-RbxCHWN3Vhyv/WEsXcJlDwF7bpvZ9NxDjfSouQxXEKo=", "owner": "nixos", "repo": "nixpkgs", - "rev": "db24d86dd8a4769c50d6b7295e81aa280cd93f35", + "rev": "3fb8eedc450286d5092e4953118212fa21091b3b", "type": "github" }, "original": { @@ -944,11 +944,11 @@ }, "nur": { "locked": { - "lastModified": 1681249499, - "narHash": "sha256-KhHxH+8udTG1TxoYDafvHDiWJ69edwPIgUWN1CR8+O0=", + "lastModified": 1681333982, + "narHash": "sha256-vBz1qB2ovTB1TXXM2FjKlbk76r6+yAJ4qaz/j9x7N3c=", "owner": "nix-community", "repo": "NUR", - "rev": "067ec4cc5ca143ff6116fabb3b90d67854d9558d", + "rev": "ac4d217571c7c6fbe7f125814173fde7ceb88c23", "type": "github" }, "original": { -- 2.47.1 From d263ad8966ccd3bd0d7d0fd4ca6f273a3c012934 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 11 Apr 2023 22:00:27 +0000 Subject: [PATCH 1457/1882] chore(deps): update nixos/nix docker tag to v2.15.0 --- .woodpecker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 2d869ed9..cdd77d85 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -1,6 +1,6 @@ pipeline: check: - image: nixos/nix:2.14.1 + image: nixos/nix:2.15.0 environment: - NIX_CONFIG=experimental-features = nix-command flakes commands: -- 2.47.1 From c5c940bb590c88ff4eaec29a2d8b76bfa3ac72a5 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 14 Apr 2023 15:51:24 +0200 Subject: [PATCH 1458/1882] update flake --- flake.lock | 60 ++++++++++++++++++++---------------------------------- 1 file changed, 22 insertions(+), 38 deletions(-) diff --git a/flake.lock b/flake.lock index 60ccf304..96bb9a18 100644 --- a/flake.lock +++ b/flake.lock @@ -48,7 +48,7 @@ "nixpkgs" ], "poetry2nix": "poetry2nix", - "utils": "utils_4" + "utils": "utils_3" }, "locked": { "lastModified": 1680308980, @@ -478,15 +478,14 @@ "inputs": { "nixpkgs": [ "nixpkgs" - ], - "utils": "utils_2" + ] }, "locked": { - "lastModified": 1681250798, - "narHash": "sha256-fQMROyKzPFBPqJy9J4ffywm02ZuqAI0GW1O1QibVpdQ=", + "lastModified": 1681468923, + "narHash": "sha256-+X2oO4juRVhQRs002mn8km6PODccIRiz09c2K1xtSpY=", "owner": "nix-community", "repo": "home-manager", - "rev": "28698126bd825aff21cae9ffd15cf83e169051b0", + "rev": "17198cf5ae27af5b647c7dac58d935a7d0dbd189", "type": "github" }, "original": { @@ -552,7 +551,7 @@ "nixpkgs" ], "nixpkgs-22_11": "nixpkgs-22_11", - "utils": "utils_3" + "utils": "utils_2" }, "locked": { "lastModified": 1671738303, @@ -648,11 +647,11 @@ }, "nixlib": { "locked": { - "lastModified": 1680397293, - "narHash": "sha256-wBpJ73+tJ8fZSWb4tzNbAVahC4HSo2QG3nICDy4ExBQ=", + "lastModified": 1681001314, + "narHash": "sha256-5sDnCLdrKZqxLPK4KA8+f4A3YKO/u6ElpMILvX0g72c=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "b18d328214ca3c627d3cc3f51fd9d1397fdbcd7a", + "rev": "367c0e1086a4eb4502b24d872cea2c7acdd557f4", "type": "github" }, "original": { @@ -669,11 +668,11 @@ ] }, "locked": { - "lastModified": 1681136075, - "narHash": "sha256-stDJYgXCUnX/G36LTSaMZTh6ywyeqdyUvZJf00wJDgg=", + "lastModified": 1681464810, + "narHash": "sha256-G7AD9qMvD7lU+5K7tTZpUMXvQa0kFR5KKY9y/okcX+w=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "58ded302d17bcaab4793fa6438ca45f8ddbddaa2", + "rev": "5ad9f98194cfe7aa990929fb8cae28c500da7620", "type": "github" }, "original": { @@ -797,11 +796,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1681154110, - "narHash": "sha256-OQwWzlzAY1dCqgSsgZzsPIOGmX4pBGaoXOy0rSl4b5Y=", + "lastModified": 1681269223, + "narHash": "sha256-i6OeI2f7qGvmLfD07l1Az5iBL+bFeP0RHixisWtpUGo=", "owner": "nixos", "repo": "nixpkgs", - "rev": "115a96e2ac1e92937cd47c30e073e16dcaaf6247", + "rev": "87edbd74246ccdfa64503f334ed86fa04010bab9", "type": "github" }, "original": { @@ -829,11 +828,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1681217261, - "narHash": "sha256-RbxCHWN3Vhyv/WEsXcJlDwF7bpvZ9NxDjfSouQxXEKo=", + "lastModified": 1681303793, + "narHash": "sha256-JEdQHsYuCfRL2PICHlOiH/2ue3DwoxUX7DJ6zZxZXFk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "3fb8eedc450286d5092e4953118212fa21091b3b", + "rev": "fe2ecaf706a5907b5e54d979fbde4924d84b65fc", "type": "github" }, "original": { @@ -944,11 +943,11 @@ }, "nur": { "locked": { - "lastModified": 1681333982, - "narHash": "sha256-vBz1qB2ovTB1TXXM2FjKlbk76r6+yAJ4qaz/j9x7N3c=", + "lastModified": 1681472795, + "narHash": "sha256-oSfl0iIAzQgyudnVjGiqWC7YrqRKe+9SAB2kZzUVLNw=", "owner": "nix-community", "repo": "NUR", - "rev": "ac4d217571c7c6fbe7f125814173fde7ceb88c23", + "rev": "62195369df376324ed56a1a52a92006bc277b3ac", "type": "github" }, "original": { @@ -1157,21 +1156,6 @@ } }, "utils_2": { - "locked": { - "lastModified": 1678901627, - "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "utils_3": { "locked": { "lastModified": 1605370193, "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=", @@ -1186,7 +1170,7 @@ "type": "github" } }, - "utils_4": { + "utils_3": { "locked": { "lastModified": 1678901627, "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", -- 2.47.1 From 6c64f78d6a254d0596ccfce3bec845eda3b9da17 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 14 Apr 2023 22:28:06 +0200 Subject: [PATCH 1459/1882] switch to forgejo --- nixos/hosts/olympus/gitea/configuration.nix | 1 + .../hosts/olympus/hedgedoc/configuration.nix | 37 +++++++------------ 2 files changed, 15 insertions(+), 23 deletions(-) diff --git a/nixos/hosts/olympus/gitea/configuration.nix b/nixos/hosts/olympus/gitea/configuration.nix index b0b68a18..0fcc87d2 100644 --- a/nixos/hosts/olympus/gitea/configuration.nix +++ b/nixos/hosts/olympus/gitea/configuration.nix @@ -48,6 +48,7 @@ in services.gitea = { enable = true; domain = "git.0x76.dev"; + package = pkgs.forgejo; rootUrl = "https://git.0x76.dev"; lfs.enable = true; dump.type = "tar.gz"; diff --git a/nixos/hosts/olympus/hedgedoc/configuration.nix b/nixos/hosts/olympus/hedgedoc/configuration.nix index 21c8a5cf..c11021c5 100644 --- a/nixos/hosts/olympus/hedgedoc/configuration.nix +++ b/nixos/hosts/olympus/hedgedoc/configuration.nix @@ -2,13 +2,12 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ lib, config, pkgs, inputs, ... }: +{ lib, config, pkgs, ... }: let db_name = "hedgedoc"; db_user = "hedgedoc"; vs = config.vault-secrets.secrets; -in -{ +in { imports = [ ]; # This value determines the NixOS release from which the default @@ -19,27 +18,22 @@ in # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "21.11"; # Did you read the comment? - # Additional packages - environment.systemPackages = with pkgs; [ ]; - environment.noXlibs = lib.mkForce false; - networking.firewall.allowedTCPPorts = [ config.services.hedgedoc.settings.port ]; + networking.firewall.allowedTCPPorts = + [ config.services.hedgedoc.settings.port ]; vault-secrets.secrets.hedgedoc = { }; - services.postgresql = - { - enable = true; - package = pkgs.postgresql_13; - ensureDatabases = [ db_name ]; - ensureUsers = [ - { - name = db_user; - ensurePermissions = { "DATABASE ${db_name}" = "ALL PRIVILEGES"; }; - } - ]; - }; + services.postgresql = { + enable = true; + package = pkgs.postgresql_13; + ensureDatabases = [ db_name ]; + ensureUsers = [{ + name = db_user; + ensurePermissions = { "DATABASE ${db_name}" = "ALL PRIVILEGES"; }; + }]; + }; services.hedgedoc = { enable = true; @@ -51,10 +45,7 @@ in domain = "md.0x76.dev"; protocolUseSSL = true; hsts.enable = true; - allowOrigin = [ - config.services.hedgedoc.settings.domain - "hedgedoc" - ]; + allowOrigin = [ config.services.hedgedoc.settings.domain "hedgedoc" ]; allowAnonymous = false; allowEmailRegister = false; allowAnonymousEdits = true; -- 2.47.1 From 4137a2045fffa7b552a83beb2e6277b7b61c2b5d Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 15 Apr 2023 08:46:07 +0200 Subject: [PATCH 1460/1882] enable actions --- nixos/hosts/olympus/gitea/configuration.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/nixos/hosts/olympus/gitea/configuration.nix b/nixos/hosts/olympus/gitea/configuration.nix index 0fcc87d2..9a42841b 100644 --- a/nixos/hosts/olympus/gitea/configuration.nix +++ b/nixos/hosts/olympus/gitea/configuration.nix @@ -56,6 +56,9 @@ in mailerPasswordFile = "${vs.gitea}/mailPassword"; settings = { + actions = { + "ENABLED" = true; + }; repository = { "ENABLE_PUSH_CREATE_USER" = true; "DEFAULT_PUSH_CREATE_PRIVATE" = false; -- 2.47.1 From d971d71fbecb7985f047a645f156869c5b8ed297 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 16 Apr 2023 11:58:08 +0200 Subject: [PATCH 1461/1882] only run GH workflow on trigger --- .github/workflows/nixos.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index bf3ebd93..b261566f 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -1,8 +1,6 @@ name: NixOS -on: - push: - branches: [main] +on: workflow_dispatch jobs: build-aoife: -- 2.47.1 From 591b1bdf33a4f7cc14313d23680cf3f1b6625c8b Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 16 Apr 2023 12:01:11 +0200 Subject: [PATCH 1462/1882] flake update --- flake.lock | 66 ++++++++++++------- .../apps/services/renovate/cronjob.yaml | 3 +- 2 files changed, 44 insertions(+), 25 deletions(-) diff --git a/flake.lock b/flake.lock index 96bb9a18..8ab2443c 100644 --- a/flake.lock +++ b/flake.lock @@ -361,12 +361,15 @@ } }, "flake-utils_2": { + "inputs": { + "systems": "systems" + }, "locked": { - "lastModified": 1678901627, - "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", + "lastModified": 1681202837, + "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", "owner": "numtide", "repo": "flake-utils", - "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6", + "rev": "cfacdce06f30d2b68473a46042957675eebb3401", "type": "github" }, "original": { @@ -481,11 +484,11 @@ ] }, "locked": { - "lastModified": 1681468923, - "narHash": "sha256-+X2oO4juRVhQRs002mn8km6PODccIRiz09c2K1xtSpY=", + "lastModified": 1681586243, + "narHash": "sha256-vdP79IZuDZVNSl4RN1LgEuab1Tkbv4gCxiE8VLdRf7U=", "owner": "nix-community", "repo": "home-manager", - "rev": "17198cf5ae27af5b647c7dac58d935a7d0dbd189", + "rev": "40ebb62101c83de81e5fd7c3cfe5cea2ed21b1ad", "type": "github" }, "original": { @@ -796,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1681269223, - "narHash": "sha256-i6OeI2f7qGvmLfD07l1Az5iBL+bFeP0RHixisWtpUGo=", + "lastModified": 1681482634, + "narHash": "sha256-cT/nr3L8khEYZSGp8qqwxFH+/q4/547MfyOdSj6MhBk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "87edbd74246ccdfa64503f334ed86fa04010bab9", + "rev": "fda0d99c2cbbb5c89d8855d258cb0821bd9113ad", "type": "github" }, "original": { @@ -828,11 +831,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1681303793, - "narHash": "sha256-JEdQHsYuCfRL2PICHlOiH/2ue3DwoxUX7DJ6zZxZXFk=", + "lastModified": 1681557730, + "narHash": "sha256-j2E3639kS3Qop2jQPyqWCdenZNaqIdxfoTvAHnGuAGI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "fe2ecaf706a5907b5e54d979fbde4924d84b65fc", + "rev": "85b081528b937df4bfcaee80c3541b58f397df8b", "type": "github" }, "original": { @@ -844,11 +847,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1680669251, - "narHash": "sha256-AVNE+0u4HlI3v96KCXE9risH7NKqj0QDLLfSckYXIbA=", + "lastModified": 1681465517, + "narHash": "sha256-EasJh15/jcJNAHtq2SGbiADRXteURAnQbj1NqBoKkzU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9c8ff8b426a8b07b9e0a131ac3218740dc85ba1e", + "rev": "abe7316dd51a313ce528972b104f4f04f56eefc4", "type": "github" }, "original": { @@ -928,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1681228317, - "narHash": "sha256-Y07wDRqH9t6/6D/Qxwt0Xa/EpS67QJJETK0NqWDruEs=", + "lastModified": 1681636199, + "narHash": "sha256-sa4npXO5tYYHzWKG8EBJWqrUq8jqZtMbOy0Au6ogkFE=", "owner": "pta2002", "repo": "nixvim", - "rev": "693277568f4170eecdaf4b22467a608b3ed1b35e", + "rev": "3b1df35a8c14ed38fdc82c665640bb22ca014f4c", "type": "github" }, "original": { @@ -943,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1681472795, - "narHash": "sha256-oSfl0iIAzQgyudnVjGiqWC7YrqRKe+9SAB2kZzUVLNw=", + "lastModified": 1681618215, + "narHash": "sha256-5tEzso6ZGw+bM4r1acy6js8ZbE1bryUpqFz2KEbYRm0=", "owner": "nix-community", "repo": "NUR", - "rev": "62195369df376324ed56a1a52a92006bc277b3ac", + "rev": "acc7c1778eb3e81523da0e4ba334110809eaf0ac", "type": "github" }, "original": { @@ -1012,11 +1015,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1680769543, - "narHash": "sha256-b+aLX7w2cVsHtTTs1wgKsYeNw3SKyMn9Qkb42RK5Yx8=", + "lastModified": 1681413034, + "narHash": "sha256-/t7OjNQcNkeWeSq/CFLYVBfm+IEnkjoSm9iKvArnUUI=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "bb9e597b33641a8df00f17334db55fa10981c94f", + "rev": "d3de8f69ca88fb6f8b09e5b598be5ac98d28ede5", "type": "github" }, "original": { @@ -1140,6 +1143,21 @@ "type": "github" } }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "utils": { "locked": { "lastModified": 1678901627, diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index ee60ad8f..92dc3ee5 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -4,7 +4,8 @@ metadata: name: renovate namespace: services spec: - schedule: "@daily" + # Run every 8 hours + schedule: "0 */8 * * *" concurrencyPolicy: Forbid jobTemplate: spec: -- 2.47.1 From 1cb530b2a8001e7f3fe7906e0345bd90aa56ee96 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 16 Apr 2023 14:01:57 +0000 Subject: [PATCH 1463/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 8ab2443c..b6833a10 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1681308705, - "narHash": "sha256-Iy1NVydzM04OqBLeD96zDmg1HMilUqa2vFeaOJFOp8o=", + "lastModified": 1681650457, + "narHash": "sha256-IGXRZrFGFqUeM5iDgP/ojbrd+gKL40PaFFAITxbkfZ0=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "10fd31a5444d25ab81c8105f2df1b4cb0cba68e5", + "rev": "3bfaac09f58ce31c33e1a56e7eaa606a87fe4c32", "type": "github" }, "original": { @@ -931,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1681636199, - "narHash": "sha256-sa4npXO5tYYHzWKG8EBJWqrUq8jqZtMbOy0Au6ogkFE=", + "lastModified": 1681643287, + "narHash": "sha256-KpnuNlGSidMCF4/Wqc994ZsKpyvdWMtD6A7nS5i8izs=", "owner": "pta2002", "repo": "nixvim", - "rev": "3b1df35a8c14ed38fdc82c665640bb22ca014f4c", + "rev": "75a5e45b2b85a17e2c4b5f1e8d86f0552dff6abe", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1681618215, - "narHash": "sha256-5tEzso6ZGw+bM4r1acy6js8ZbE1bryUpqFz2KEbYRm0=", + "lastModified": 1681649398, + "narHash": "sha256-ZATA7jemia1vf2W+EQ7oUpibAPZTYfMUr4l6q/gD6N4=", "owner": "nix-community", "repo": "NUR", - "rev": "acc7c1778eb3e81523da0e4ba334110809eaf0ac", + "rev": "387cd526d04b589000b76e83f1c502508e9a8f88", "type": "github" }, "original": { -- 2.47.1 From bd47f9d933deef7fcfbf10451cc24c06e717b5bb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 16 Apr 2023 14:00:25 +0000 Subject: [PATCH 1464/1882] chore(deps): update renovate/renovate docker tag to v35.48.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 92dc3ee5..0660044d 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.21.0 + image: renovate/renovate:35.48.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 60c2c5f23dd3f280ccf1ed17b5aab254c97dcf67 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 18 Apr 2023 22:00:28 +0000 Subject: [PATCH 1465/1882] chore(deps): update renovate/renovate docker tag to v35.53.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 0660044d..16ea889f 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.48.2 + image: renovate/renovate:35.53.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 9b45b7d41ccc2a31da8033254919a31c6b84c3f4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 17 Apr 2023 14:05:35 +0000 Subject: [PATCH 1466/1882] chore(deps): lock file maintenance --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index b6833a10..3e0f56fe 100644 --- a/flake.lock +++ b/flake.lock @@ -484,11 +484,11 @@ ] }, "locked": { - "lastModified": 1681586243, - "narHash": "sha256-vdP79IZuDZVNSl4RN1LgEuab1Tkbv4gCxiE8VLdRf7U=", + "lastModified": 1681690464, + "narHash": "sha256-x8pw8KAb9TJsszbCHUBK2bWvgYPlCjwHMV1dF95eZPs=", "owner": "nix-community", "repo": "home-manager", - "rev": "40ebb62101c83de81e5fd7c3cfe5cea2ed21b1ad", + "rev": "53bd74f786934997e7f6a5ed9741b226e511e508", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1681482634, - "narHash": "sha256-cT/nr3L8khEYZSGp8qqwxFH+/q4/547MfyOdSj6MhBk=", + "lastModified": 1681696129, + "narHash": "sha256-Ba2y1lmsWmmAOAoTD5G9UnTS/UqV0ZFyzysgdfu7qag=", "owner": "nixos", "repo": "nixpkgs", - "rev": "fda0d99c2cbbb5c89d8855d258cb0821bd9113ad", + "rev": "de66115c552acc4e0c0f92c5a5efb32e37dfa216", "type": "github" }, "original": { @@ -831,11 +831,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1681557730, - "narHash": "sha256-j2E3639kS3Qop2jQPyqWCdenZNaqIdxfoTvAHnGuAGI=", + "lastModified": 1681648924, + "narHash": "sha256-pzi3HISK8+7mpEtv08Yr80wswyHKsz+RP1CROG1Qf6s=", "owner": "nixos", "repo": "nixpkgs", - "rev": "85b081528b937df4bfcaee80c3541b58f397df8b", + "rev": "f294325aed382b66c7a188482101b0f336d1d7db", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1681649398, - "narHash": "sha256-ZATA7jemia1vf2W+EQ7oUpibAPZTYfMUr4l6q/gD6N4=", + "lastModified": 1681731920, + "narHash": "sha256-neuZnv55Tpu+IJ4PqUSsSnJQ7rlnZO5uLQV6DMe2qNw=", "owner": "nix-community", "repo": "NUR", - "rev": "387cd526d04b589000b76e83f1c502508e9a8f88", + "rev": "8ed9352e77002728b5f46a1556f6f159e91c8660", "type": "github" }, "original": { -- 2.47.1 From 176983d4ca1bb534bd2b1a2c880063808f31b6dd Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 19 Apr 2023 16:51:21 +0200 Subject: [PATCH 1467/1882] remove lidarr --- nixos/hosts/hades/default.nix | 7 +------ nixos/hosts/hades/unpackerr/configuration.nix | 6 +----- 2 files changed, 2 insertions(+), 11 deletions(-) diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index fbfa59d2..12eba5fa 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -99,7 +99,7 @@ ip = "192.168.0.121"; mac = "4e:e7:64:b7:88:b8"; profile = "jackett"; - nix = false; # superseded by prowlarr + nix = false; # superseded by prowlarr }; "nginx" = { ip = "192.168.0.123"; @@ -162,11 +162,6 @@ ip = "192.168.0.138"; mac = "52:60:8a:06:86:9c"; }; - "lidarr" = { - ip = "192.168.0.139"; - mac = "7a:0f:25:e5:7f:e5"; - nix = false; - }; "prowlarr" = { ip = "192.168.0.140"; mac = "3a:67:8e:98:0c:a2"; diff --git a/nixos/hosts/hades/unpackerr/configuration.nix b/nixos/hosts/hades/unpackerr/configuration.nix index bdf05527..42926d2d 100644 --- a/nixos/hosts/hades/unpackerr/configuration.nix +++ b/nixos/hosts/hades/unpackerr/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ config, ... }: let vs = config.vault-secrets.secrets; in { @@ -25,10 +25,6 @@ in url = "http://radarr2:7878/"; paths = "/mnt/storage/torrents/r/Movie"; }; - lidarr = { - url = "http://lidarr:8686/"; - paths = "/mnt/storage/torrents/r/Music"; - }; }; } -- 2.47.1 From 74f2e3a27a363fea8462fd49dd02a93c9c4c0382 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 19 Apr 2023 17:04:10 +0200 Subject: [PATCH 1468/1882] flake update --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 3e0f56fe..deac88e2 100644 --- a/flake.lock +++ b/flake.lock @@ -484,11 +484,11 @@ ] }, "locked": { - "lastModified": 1681690464, - "narHash": "sha256-x8pw8KAb9TJsszbCHUBK2bWvgYPlCjwHMV1dF95eZPs=", + "lastModified": 1681909480, + "narHash": "sha256-PDuHXPv8tWLgV0Sb3rVtr+WD+7aGD2Vjpeyumk5xPA4=", "owner": "nix-community", "repo": "home-manager", - "rev": "53bd74f786934997e7f6a5ed9741b226e511e508", + "rev": "5ae849d3c5604eef6ac959b1cd64ebada7371dad", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1681696129, - "narHash": "sha256-Ba2y1lmsWmmAOAoTD5G9UnTS/UqV0ZFyzysgdfu7qag=", + "lastModified": 1681759395, + "narHash": "sha256-7aaRtLxLAy8qFVIA26ulB+Q5nDVzuQ71qi0s0wMjAws=", "owner": "nixos", "repo": "nixpkgs", - "rev": "de66115c552acc4e0c0f92c5a5efb32e37dfa216", + "rev": "cd749f58ba83f7155b7062dd49d08e5e47e44d50", "type": "github" }, "original": { @@ -831,11 +831,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1681648924, - "narHash": "sha256-pzi3HISK8+7mpEtv08Yr80wswyHKsz+RP1CROG1Qf6s=", + "lastModified": 1681737997, + "narHash": "sha256-pHhjgsIkRMu80LmVe8QoKIZB6VZGRRxFmIvsC5S89k4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f294325aed382b66c7a188482101b0f336d1d7db", + "rev": "f00994e78cd39e6fc966f0c4103f908e63284780", "type": "github" }, "original": { @@ -931,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1681643287, - "narHash": "sha256-KpnuNlGSidMCF4/Wqc994ZsKpyvdWMtD6A7nS5i8izs=", + "lastModified": 1681907402, + "narHash": "sha256-JMNJ8Xk9kjRhEo3jgm5+b5JICXgs3E4uIUi6SC5DhO8=", "owner": "pta2002", "repo": "nixvim", - "rev": "75a5e45b2b85a17e2c4b5f1e8d86f0552dff6abe", + "rev": "bc468178aef56ab4d473a9cc8fa83c588cf91e4e", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1681731920, - "narHash": "sha256-neuZnv55Tpu+IJ4PqUSsSnJQ7rlnZO5uLQV6DMe2qNw=", + "lastModified": 1681911966, + "narHash": "sha256-yaLmRUmK2PL1Hw0hwosKdylsc2+OfR1thD3++X8+75Y=", "owner": "nix-community", "repo": "NUR", - "rev": "8ed9352e77002728b5f46a1556f6f159e91c8660", + "rev": "3ad0df3046d87a9cba29a77564743df12b402979", "type": "github" }, "original": { -- 2.47.1 From ab20dbb4e7b4a458c4f7315fb71cd7e33b4de59f Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 19 Apr 2023 09:56:53 +0200 Subject: [PATCH 1469/1882] update cleanOnBoot param --- nixos/common/common.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/common/common.nix b/nixos/common/common.nix index b9d1f14e..56327dca 100644 --- a/nixos/common/common.nix +++ b/nixos/common/common.nix @@ -5,7 +5,7 @@ ]; # Clean /tmp on boot. - boot.cleanTmpDir = true; + boot.tmp.cleanOnBoot = true; # Set your time zone. time.timeZone = lib.mkDefault "Europe/Amsterdam"; -- 2.47.1 From c953741184ff1f1fcac466d446143acfa69a5e9f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 20 Apr 2023 14:01:54 +0000 Subject: [PATCH 1470/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index deac88e2..77cbecf6 100644 --- a/flake.lock +++ b/flake.lock @@ -484,11 +484,11 @@ ] }, "locked": { - "lastModified": 1681909480, - "narHash": "sha256-PDuHXPv8tWLgV0Sb3rVtr+WD+7aGD2Vjpeyumk5xPA4=", + "lastModified": 1681971090, + "narHash": "sha256-3j0M63GkG6GGny9e+C//GyuDCx1IwrurD27S0YI+GQY=", "owner": "nix-community", "repo": "home-manager", - "rev": "5ae849d3c5604eef6ac959b1cd64ebada7371dad", + "rev": "5160039edca28a7e66bad0cfc72a07c91d6768ad", "type": "github" }, "original": { @@ -831,11 +831,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1681737997, - "narHash": "sha256-pHhjgsIkRMu80LmVe8QoKIZB6VZGRRxFmIvsC5S89k4=", + "lastModified": 1681828457, + "narHash": "sha256-o4Zvs309HOhrNeVloPKqangcKHobsggVt6GFbnEPZlQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f00994e78cd39e6fc966f0c4103f908e63284780", + "rev": "555daa9d339b3df75e58ee558a4fec98ea92521e", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1681911966, - "narHash": "sha256-yaLmRUmK2PL1Hw0hwosKdylsc2+OfR1thD3++X8+75Y=", + "lastModified": 1681994115, + "narHash": "sha256-O/7AVL1iKq4G4Zyf0k71Ki5OOP3U4gH5ms1ZLMPuG1I=", "owner": "nix-community", "repo": "NUR", - "rev": "3ad0df3046d87a9cba29a77564743df12b402979", + "rev": "5ea4cf7eafb21011352a3cf857edc2d7c5ccdf70", "type": "github" }, "original": { -- 2.47.1 From 9b025c495377ff0e20645dfa89c465bcf514445b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 21 Apr 2023 22:00:27 +0000 Subject: [PATCH 1471/1882] chore(deps): update renovate/renovate docker tag to v35.57.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 16ea889f..5ed78300 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.53.0 + image: renovate/renovate:35.57.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From e1b3bcc4474621764f25d57be34de5a3c2810640 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 22 Apr 2023 16:14:45 +0200 Subject: [PATCH 1472/1882] add eevee --- flake.lock | 30 +-- nixos/hosts/olympus/default.nix | 1 - nixos/hosts/olympus/eevee/configuration.nix | 113 ++++++++++++ nixos/hosts/olympus/eevee/desktop-env.nix | 50 +++++ nixos/hosts/olympus/eevee/hardware.nix | 20 ++ nixos/hosts/olympus/eevee/home/.gitignore | 1 + nixos/hosts/olympus/eevee/home/dconf.nix | 87 +++++++++ nixos/hosts/olympus/eevee/home/default.nix | 193 ++++++++++++++++++++ nixos/hosts/olympus/eevee/home/neovim.nix | 94 ++++++++++ nixos/hosts/olympus/eevee/home/nvim.lua | 0 nixos/hosts/olympus/eevee/home/theme.nix | 32 ++++ nixos/hosts/olympus/eevee/networking.nix | 5 + 12 files changed, 610 insertions(+), 16 deletions(-) create mode 100644 nixos/hosts/olympus/eevee/configuration.nix create mode 100644 nixos/hosts/olympus/eevee/desktop-env.nix create mode 100644 nixos/hosts/olympus/eevee/hardware.nix create mode 100644 nixos/hosts/olympus/eevee/home/.gitignore create mode 100644 nixos/hosts/olympus/eevee/home/dconf.nix create mode 100644 nixos/hosts/olympus/eevee/home/default.nix create mode 100644 nixos/hosts/olympus/eevee/home/neovim.nix create mode 100644 nixos/hosts/olympus/eevee/home/nvim.lua create mode 100644 nixos/hosts/olympus/eevee/home/theme.nix create mode 100644 nixos/hosts/olympus/eevee/networking.nix diff --git a/flake.lock b/flake.lock index 77cbecf6..fe330f38 100644 --- a/flake.lock +++ b/flake.lock @@ -484,11 +484,11 @@ ] }, "locked": { - "lastModified": 1681971090, - "narHash": "sha256-3j0M63GkG6GGny9e+C//GyuDCx1IwrurD27S0YI+GQY=", + "lastModified": 1682072616, + "narHash": "sha256-sR5RL3LACGuq5oePcAoJ/e1S3vitKQQSNACMYmqIE1E=", "owner": "nix-community", "repo": "home-manager", - "rev": "5160039edca28a7e66bad0cfc72a07c91d6768ad", + "rev": "47d6c3f65234230d37f1cf7d3d6b5575ec80fe0c", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1681759395, - "narHash": "sha256-7aaRtLxLAy8qFVIA26ulB+Q5nDVzuQ71qi0s0wMjAws=", + "lastModified": 1681932375, + "narHash": "sha256-tSXbYmpnKSSWpzOrs27ie8X3I0yqKA6AuCzCYNtwbCU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "cd749f58ba83f7155b7062dd49d08e5e47e44d50", + "rev": "3d302c67ab8647327dba84fbdb443cdbf0e82744", "type": "github" }, "original": { @@ -831,11 +831,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1681828457, - "narHash": "sha256-o4Zvs309HOhrNeVloPKqangcKHobsggVt6GFbnEPZlQ=", + "lastModified": 1681920287, + "narHash": "sha256-+/d6XQQfhhXVfqfLROJoqj3TuG38CAeoT6jO1g9r1k0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "555daa9d339b3df75e58ee558a4fec98ea92521e", + "rev": "645bc49f34fa8eff95479f0345ff57e55b53437e", "type": "github" }, "original": { @@ -931,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1681907402, - "narHash": "sha256-JMNJ8Xk9kjRhEo3jgm5+b5JICXgs3E4uIUi6SC5DhO8=", + "lastModified": 1682101773, + "narHash": "sha256-/H9R0GfgR0ApycChQSKu5NuaT4w76zo02aKl27pz2aQ=", "owner": "pta2002", "repo": "nixvim", - "rev": "bc468178aef56ab4d473a9cc8fa83c588cf91e4e", + "rev": "9c8bee9da6070ea8b1a95fc5133ed1d88b9b959a", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1681994115, - "narHash": "sha256-O/7AVL1iKq4G4Zyf0k71Ki5OOP3U4gH5ms1ZLMPuG1I=", + "lastModified": 1682170448, + "narHash": "sha256-vYIeXWCl9hOTUKUA6RhS+XqN31VR+GJbcNxBYpjIQU4=", "owner": "nix-community", "repo": "NUR", - "rev": "5ea4cf7eafb21011352a3cf857edc2d7c5ccdf70", + "rev": "fe2bdf88ea839ca934412d8c9a7fad26893e481e", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 0d9992e6..1a6322fc 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -162,6 +162,5 @@ ip = "10.42.42.69"; ip6 = "2001:41f0:9639:1:a83:e416:dc99:5ed3"; mac = "34:97:f6:93:9A:AA"; - nix = false; }; } diff --git a/nixos/hosts/olympus/eevee/configuration.nix b/nixos/hosts/olympus/eevee/configuration.nix new file mode 100644 index 00000000..1029b609 --- /dev/null +++ b/nixos/hosts/olympus/eevee/configuration.nix @@ -0,0 +1,113 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, inputs, ... }: { + imports = [ + ./hardware-configuration.nix + ./hardware.nix + ./desktop-env.nix + ./networking.nix + ]; + + # Bootloader. + boot = { + kernelPackages = pkgs.linuxPackages_latest; + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + efi.efiSysMountPoint = "/boot/efi"; + }; + kernel.sysctl = { "fs.inotify.max_user_watches" = 524288; }; + initrd = { + kernelModules = [ "amdgpu" ]; + systemd.enable = true; + verbose = false; + }; + }; + + # fileSystems."/".options = [ "compress=zstd" ]; + + # Set your time zone. + time.timeZone = "Europe/Amsterdam"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_GB.UTF-8"; + i18n.extraLocaleSettings = { + LC_ADDRESS = "nl_NL.UTF-8"; + LC_IDENTIFICATION = "nl_NL.UTF-8"; + LC_MEASUREMENT = "nl_NL.UTF-8"; + LC_MONETARY = "nl_NL.UTF-8"; + LC_NAME = "nl_NL.UTF-8"; + LC_NUMERIC = "nl_NL.UTF-8"; + LC_PAPER = "nl_NL.UTF-8"; + LC_TELEPHONE = "nl_NL.UTF-8"; + LC_TIME = "nl_NL.UTF-8"; + }; + + # Enable CUPS to print documents. + services.printing.enable = true; + + environment.systemPackages = with pkgs; [ wireguard-tools ]; + + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + users.victor = import ./home; + extraSpecialArgs = { inherit inputs; }; + }; + + # Enable sound with pipewire. + sound.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + + virtualisation = { + podman.enable = true; + libvirtd = { + enable = true; + qemu.package = pkgs.qemu_kvm; + }; + }; + + fonts.fonts = with pkgs; [ + material-design-icons + noto-fonts + noto-fonts-cjk + noto-fonts-emoji + dejavu_fonts + (nerdfonts.override { + fonts = + [ "DejaVuSansMono" "Ubuntu" "DroidSansMono" "NerdFontsSymbolsOnly" ]; + }) + ]; + + programs.steam = { + enable = true; + # Open ports in the firewall for Steam Remote Play + remotePlay.openFirewall = true; + }; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.05"; # Did you read the comment? + + nix.settings.extra-sandbox-paths = + [ (toString config.programs.ccache.cacheDir) ]; +} diff --git a/nixos/hosts/olympus/eevee/desktop-env.nix b/nixos/hosts/olympus/eevee/desktop-env.nix new file mode 100644 index 00000000..0e2dee25 --- /dev/null +++ b/nixos/hosts/olympus/eevee/desktop-env.nix @@ -0,0 +1,50 @@ +{ pkgs, ... }: { + # Enable the X11 windowing system. + services.xserver.enable = true; + # TODO: Nvidia + # services.xserver.videoDrivers = [ "amdgpu" ]; + services.xserver.excludePackages = [ pkgs.xterm ]; + + # Configure keymap in X11 + services.xserver = { + layout = "us"; + xkbVariant = "altgr-intl"; + }; + + # Enable the GNOME Desktop Environment. + services.xserver.displayManager.gdm.enable = true; + services.xserver.desktopManager.gnome.enable = true; + services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; + environment.gnome.excludePackages = + (with pkgs; [ gnome-photos gnome-tour gnome-connections ]) + ++ (with pkgs.gnome; [ + atomix # puzzle game + epiphany # web browser + geary # email reader + gedit # text editor + gnome-calendar + gnome-clocks + gnome-contacts + gnome-maps + gnome-music + gnome-notes + gnome-terminal + gnome-weather + hitori # sudoku game + iagno # go game + simple-scan # document scanner + tali # poker game + totem # video player + ]); + + # Services required for gnome + programs.dconf.enable = true; + services.dbus.enable = true; + services.udisks2.enable = true; + + # Extra gnome packages + environment.systemPackages = with pkgs; [ + gnome.gnome-tweaks + gnome.gnome-boxes + ]; +} diff --git a/nixos/hosts/olympus/eevee/hardware.nix b/nixos/hosts/olympus/eevee/hardware.nix new file mode 100644 index 00000000..b7fe6ce9 --- /dev/null +++ b/nixos/hosts/olympus/eevee/hardware.nix @@ -0,0 +1,20 @@ +{ pkgs, ... }: { + hardware.enableAllFirmware = true; + + hardware.bluetooth.enable = true; + + services.hardware.bolt.enable = true; + + # Vulkan + # hardware.opengl.driSupport = true; + # hardware.opengl.extraPackages = with pkgs; [ + # amdvlk + # rocm-opencl-icd + # rocm-opencl-runtime + # ]; + # systemd.tmpfiles.rules = + # [ "L+ /opt/rocm/hip - - - - ${pkgs.hip}" ]; + + # SSD Trim + services.fstrim.enable = true; +} diff --git a/nixos/hosts/olympus/eevee/home/.gitignore b/nixos/hosts/olympus/eevee/home/.gitignore new file mode 100644 index 00000000..3e0fc8e7 --- /dev/null +++ b/nixos/hosts/olympus/eevee/home/.gitignore @@ -0,0 +1 @@ +*dconf_dump* \ No newline at end of file diff --git a/nixos/hosts/olympus/eevee/home/dconf.nix b/nixos/hosts/olympus/eevee/home/dconf.nix new file mode 100644 index 00000000..fcc27140 --- /dev/null +++ b/nixos/hosts/olympus/eevee/home/dconf.nix @@ -0,0 +1,87 @@ +{ lib, ... }: + +with lib.hm.gvariant; +let + inherit (builtins) attrNames map; + inherit (lib.attrsets) mapAttrs' nameValuePair; + generate_custom_keybindings = binds: + { + "org/gnome/settings-daemon/plugins/media-keys" = { + custom-keybindings = map (name: + "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/${name}/") + (attrNames binds); + }; + } // mapAttrs' (name: + nameValuePair + "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/${name}") + binds; +in { + dconf.settings = { + "org/gnome/desktop/input-sources" = { + sources = [ (mkTuple [ "xkb" "us+altgr-intl" ]) ]; + }; + + "org/gnome/desktop/peripherals/touchpad" = { + tap-to-click = true; + two-finger-scrolling-enabled = true; + }; + + "org/gnome/mutter" = { + attach-modal-dialogs = true; + dynamic-workspaces = false; + edge-tiling = true; + focus-change-on-pointer-rest = true; + workspaces-only-on-primary = true; + }; + + "org/gnome/mutter/keybindings" = { + toggle-tiled-left = [ "bracketleft" ]; + toggle-tiled-right = [ "bracketright" ]; + }; + + "org/gnome/shell/keybindings" = { toggle-overview = [ "d" ]; }; + + "org/gnome/desktop/interface" = { color-scheme = "prefer-dark"; }; + + "org/gnome/desktop/wm/preferences" = { + auto-raise = false; + num-workspaces = 6; + focus-mode = "sloppy"; + }; + + "org/gnome/desktop/wm/keybindings" = { + raise-or-lower = [ "s" ]; + switch-applications = [ "Tab" ]; + switch-applications-backward = [ "Tab" ]; + move-to-workspace-1 = [ "exclam" ]; + move-to-workspace-2 = [ "at" ]; + move-to-workspace-3 = [ "numbersign" ]; + move-to-workspace-4 = [ "dollar" ]; + move-to-workspace-5 = [ "percent" ]; + move-to-workspace-6 = [ "asciicircum" ]; + switch-to-workspace-1 = [ "1" ]; + switch-to-workspace-2 = [ "2" ]; + switch-to-workspace-3 = [ "3" ]; + switch-to-workspace-4 = [ "4" ]; + switch-to-workspace-5 = [ "5" ]; + switch-to-workspace-6 = [ "6" ]; + toggle-fullscreen = [ "M" ]; + toggle-maximized = [ "m" ]; + }; + + "org/gnome/tweaks" = { show-extensions-notice = false; }; + + "org/gnome/boxes" = { first-run = false; }; + } // generate_custom_keybindings { + "terminal" = { + binding = "Return"; + command = "kgx"; + name = "Open Terminal"; + }; + "firefox" = { + binding = "f"; + command = "firefox"; + name = "Open Firefox"; + }; + }; +} diff --git a/nixos/hosts/olympus/eevee/home/default.nix b/nixos/hosts/olympus/eevee/home/default.nix new file mode 100644 index 00000000..855fe919 --- /dev/null +++ b/nixos/hosts/olympus/eevee/home/default.nix @@ -0,0 +1,193 @@ +{ lib, config, pkgs, inputs, ... }: +let + tex = pkgs.texlive.combine { + inherit (pkgs.texlive) scheme-full; + dnd-5e-latex-template = { pkgs = [ pkgs.v.dnd-5e-latex-template ]; }; + }; +in { + programs.home-manager.enable = true; + + home.username = "victor"; + home.homeDirectory = "/home/victor"; + home.stateVersion = "23.05"; + + imports = [ + ./dconf.nix + ./theme.nix + ./neovim.nix + ]; + + home.packages = with pkgs; [ + btop + calibre + element-desktop + fusee-launcher + gcc + gimp + inputs.comma.packages.${pkgs.system}.default + inputs.webcord.packages.${pkgs.system}.default + jetbrains.clion + jetbrains.idea-ultimate + mullvad-vpn + neofetch + nixfmt + nixpkgs-review + python3 + plex-media-player + rustup + solo2-cli + tex + yt-dlp + ]; + + programs.riff = { + enable = true; + direnv = true; + }; + + xdg.mimeApps.enable = true; + xdg.mimeApps.defaultApplications = { + "text/html" = "firefox.desktop"; + "text/plain" = "org.gnome.TextEditor.desktop"; + "application/pdf" = "org.gnome.Evince.desktop"; + + # Images + "image/bmp" = "org.gnome.eog.desktop"; + "image/gif" = "org.gnome.eog.desktop"; + "image/jpg" = "org.gnome.eog.desktop"; + "image/pjpeg" = "org.gnome.eog.desktop"; + "image/png" = "org.gnome.eog.desktop"; + "image/tiff" = "org.gnome.eog.desktop"; + "image/webp" = "org.gnome.eog.desktop"; + "image/x-bmp" = "org.gnome.eog.desktop"; + "image/x-gray" = "org.gnome.eog.desktop"; + "image/x-icb" = "org.gnome.eog.desktop"; + "image/x-ico" = "org.gnome.eog.desktop"; + "image/x-png" = "org.gnome.eog.desktop"; + "image/x-portable-anymap" = "org.gnome.eog.desktop"; + "image/x-portable-bitmap" = "org.gnome.eog.desktop"; + "image/x-portable-graymap" = "org.gnome.eog.desktop"; + "image/x-portable-pixmap" = "org.gnome.eog.desktop"; + "image/x-xbitmap" = "org.gnome.eog.desktop"; + "image/x-xpixmap" = "org.gnome.eog.desktop"; + "image/x-pcx" = "org.gnome.eog.desktop"; + "image/svg+xml" = "org.gnome.eog.desktop"; + "image/svg+xml-compressed" = "org.gnome.eog.desktop"; + "image/vnd.wap.wbmp" = "org.gnome.eog.desktop"; + "image/x-icns" = "org.gnome.eog.desktop"; + }; + + programs.exa = { + enable = true; + enableAliases = true; + }; + + programs.bat.enable = true; + + programs.git = { + enable = true; + package = pkgs.gitAndTools.gitFull; + userName = "Victor"; + userEmail = "victor@xirion.net"; + lfs.enable = true; + # delta.enable = true; + extraConfig = { + push.autoSetupRemote = true; + init.defaultBranch = "main"; + }; + }; + + programs.tmux = { + enable = true; + shortcut = "b"; + terminal = "screen-256color"; + clock24 = true; + }; + + programs.firefox.enable = true; + + programs.vscode = { + enable = true; + package = pkgs.vscode; + userSettings = { + "ltex.language" = "en-GB"; + "latex-workshop.linting.chktex.enabled" = true; + "latex-workshop.latex.clean.subfolder.enabled" = true; + "latex-workshop.latex.outDir" = "%TMPDIR%/%RELATIVE_DOC%"; + "editor.fontFamily" = + "'DejaVuSansMono Nerd Font', 'monospace', monospace"; + "keyboard.dispatch" = "keyCode"; + "rust-analyzer.server.path" = "${pkgs.rust-analyzer}/bin/rust-analyzer"; + "terminal.integrated.defaultProfile.linux" = "zsh"; + "nix.enableLanguageServer" = true; # Enable LSP. + "nix.serverPath" = "${pkgs.nil}/bin/nil"; + "[nix]" = { "editor.defaultFormatter" = "brettm12345.nixfmt-vscode"; }; + "rust-analyzer.checkOnSave.command" = "clippy"; + "debug.allowBreakpointsEverywhere" = true; + # Don't index unecessary things + "files.exclude" = { + "**/.vscode" = true; + "**/.git" = true; + "**/.svn" = true; + "**/.hg" = true; + "**/.deps" = true; + "**/CVS" = true; + "**/.DS_Store" = true; + "/bin" = true; + "/boot" = true; + "/cdrom" = true; + "/dev" = true; + "/proc" = true; + "/etc" = true; + "/nix" = true; + }; + }; + extensions = with pkgs.vscode-extensions; + with pkgs.v.vscode-extensions; [ + brettm12345.nixfmt-vscode + codezombiech.gitignore + editorconfig.editorconfig + foxundermoon.shell-format + james-yu.latex-workshop + jnoortheen.nix-ide + matklad.rust-analyzer + mkhl.direnv + ms-vscode-remote.remote-ssh + ms-vscode.cpptools + platformio.platformio-ide + redhat.vscode-yaml + tamasfe.even-better-toml + valentjn.vscode-ltex + vscodevim.vim + vadimcn.vscode-lldb + xaver.clang-format + sumneko.lua + ]; + }; + + programs.direnv = { + enable = true; + nix-direnv.enable = true; + }; + + programs.zsh = { + enable = true; + sessionVariables = { DIRENV_LOG_FORMAT = ""; }; + }; + + xdg.userDirs = let home = config.home.homeDirectory; + in { + enable = true; + createDirectories = true; + desktop = "${home}/.desktop"; + documents = "${home}/cloud/Documents"; + download = "${home}/dl"; + music = "${home}/cloud/Music"; + pictures = "${home}/cloud/Pictures"; + publicShare = "${home}/.publicShare"; + templates = "${home}/.templates"; + videos = "${home}/cloud/Videos"; + }; + + services.syncthing.enable = true; +} diff --git a/nixos/hosts/olympus/eevee/home/neovim.nix b/nixos/hosts/olympus/eevee/home/neovim.nix new file mode 100644 index 00000000..494acd2d --- /dev/null +++ b/nixos/hosts/olympus/eevee/home/neovim.nix @@ -0,0 +1,94 @@ +{ inputs, pkgs, ... }: { + imports = [ inputs.nixvim.homeManagerModules.nixvim ]; + programs.nixvim = { + enable = true; + package = pkgs.neovim-unwrapped; + vimAlias = true; + + globals = { mapleader = " "; }; + + maps.normal = { + "ff" = "lua require('telescope.builtin').find_files()"; + "fg" = "lua require('telescope.builtin').live_grep()"; + "" = + "lua require('Comment.api').toggle.linewise.current()"; # map ctrl+/ to commenting code + }; + + extraPlugins = with pkgs.vimPlugins; [ catppuccin-nvim luasnip ]; + + colorscheme = "catppuccin-frappe"; + + extraConfigLua = builtins.readFile ./nvim.lua; + + plugins = { + bufferline.enable = true; + nix.enable = true; + treesitter = { + enable = true; + nixGrammars = true; + # ensureInstalled = [ ]; + }; + surround.enable = true; + fugitive.enable = true; + gitgutter.enable = true; + lualine = { + enable = true; + theme = "catppuccin"; + }; + telescope = { + enable = true; + extensions.fzf-native.enable = true; + extensions.fzf-native.fuzzy = true; + }; + comment-nvim = { enable = true; }; + lsp = { + enable = true; + servers.rust-analyzer.enable = true; + servers.rnix-lsp.enable = true; + servers.pyright.enable = true; + servers.elixirls.enable = true; + servers.clangd.enable = true; + }; + trouble.enable = true; + lspkind.enable = true; + nvim-cmp = { + enable = true; + autoEnableSources = true; + sources = [ + { name = "nvim_lsp"; } + { name = "cmp-latex-symbols"; } + { + name = "luasnip"; + option = { show_autosnippets = true; }; + } + { name = "cmp-spell"; } + { name = "cmp-rg"; } + { name = "path"; } + { name = "buffer"; } + ]; + snippet.expand = "luasnip"; + mappingPresets = [ "insert" "cmdline" ]; + mapping = { + "" = "cmp.mapping.confirm({ select = true })"; + "" = { + modes = [ "i" "s" ]; + action = '' + function(fallback) + local luasnip = require('luasnip') + if cmp.visible() then + cmp.select_next_item() + elseif luasnip.expandable() then + luasnip.expand() + elseif luasnip.expand_or_jumpable() then + luasnip.expand_or_jump() + else + fallback() + end + end + ''; + }; + }; + }; + }; + }; +} diff --git a/nixos/hosts/olympus/eevee/home/nvim.lua b/nixos/hosts/olympus/eevee/home/nvim.lua new file mode 100644 index 00000000..e69de29b diff --git a/nixos/hosts/olympus/eevee/home/theme.nix b/nixos/hosts/olympus/eevee/home/theme.nix new file mode 100644 index 00000000..f48e44c8 --- /dev/null +++ b/nixos/hosts/olympus/eevee/home/theme.nix @@ -0,0 +1,32 @@ +{ lib, pkgs, config, ... }: +let + theme = "Catppuccin-Pink-Dark"; + cursorTheme = config.home.pointerCursor.name; +in { + home.pointerCursor = { + name = "Bibata_Ghost"; + size = 24; + package = pkgs.bibata-cursors-translucent; + }; + + gtk = { + enable = true; + theme = { + name = theme; + package = pkgs.catppuccin-gtk; + }; + iconTheme = { + name = "Papirus-Dark"; + package = pkgs.papirus-icon-theme.override { color = "violet"; }; + }; + cursorTheme = { + name = cursorTheme; + inherit (config.home.pointerCursor) package size; + }; + }; + + programs.vscode = { + userSettings."workbench.colorTheme" = "Catppuccin Frappé"; + extensions = [ pkgs.vscode-extensions.catppuccin.catppuccin-vsc ]; + }; +} diff --git a/nixos/hosts/olympus/eevee/networking.nix b/nixos/hosts/olympus/eevee/networking.nix new file mode 100644 index 00000000..826668a9 --- /dev/null +++ b/nixos/hosts/olympus/eevee/networking.nix @@ -0,0 +1,5 @@ +_: { + networking.networkmanager.enable = true; + networking.firewall.checkReversePath = false; + networking.firewall.enable = false; +} -- 2.47.1 From a3d7fdaea4ab6084a1fb24c2b509d8b103b5f4b7 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 22 Apr 2023 17:38:18 +0200 Subject: [PATCH 1473/1882] set up eevee --- nixos/hosts/olympus/default.nix | 1 + nixos/hosts/olympus/eevee/hardware.nix | 20 --------- nixos/hosts/thalassa/default.nix | 1 + .../eevee/configuration.nix | 3 -- .../eevee/desktop-env.nix | 3 +- .../thalassa/eevee/hardware-configuration.nix | 41 +++++++++++++++++++ nixos/hosts/thalassa/eevee/hardware.nix | 14 +++++++ .../eevee/home/.gitignore | 0 .../eevee/home/dconf.nix | 4 ++ .../eevee/home/default.nix | 3 +- .../eevee/home/neovim.nix | 0 .../{olympus => thalassa}/eevee/home/nvim.lua | 0 .../eevee/home/theme.nix | 0 .../eevee/networking.nix | 0 14 files changed, 64 insertions(+), 26 deletions(-) delete mode 100644 nixos/hosts/olympus/eevee/hardware.nix rename nixos/hosts/{olympus => thalassa}/eevee/configuration.nix (97%) rename nixos/hosts/{olympus => thalassa}/eevee/desktop-env.nix (94%) create mode 100644 nixos/hosts/thalassa/eevee/hardware-configuration.nix create mode 100644 nixos/hosts/thalassa/eevee/hardware.nix rename nixos/hosts/{olympus => thalassa}/eevee/home/.gitignore (100%) rename nixos/hosts/{olympus => thalassa}/eevee/home/dconf.nix (96%) rename nixos/hosts/{olympus => thalassa}/eevee/home/default.nix (99%) rename nixos/hosts/{olympus => thalassa}/eevee/home/neovim.nix (100%) rename nixos/hosts/{olympus => thalassa}/eevee/home/nvim.lua (100%) rename nixos/hosts/{olympus => thalassa}/eevee/home/theme.nix (100%) rename nixos/hosts/{olympus => thalassa}/eevee/networking.nix (100%) diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 1a6322fc..0d9992e6 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -162,5 +162,6 @@ ip = "10.42.42.69"; ip6 = "2001:41f0:9639:1:a83:e416:dc99:5ed3"; mac = "34:97:f6:93:9A:AA"; + nix = false; }; } diff --git a/nixos/hosts/olympus/eevee/hardware.nix b/nixos/hosts/olympus/eevee/hardware.nix deleted file mode 100644 index b7fe6ce9..00000000 --- a/nixos/hosts/olympus/eevee/hardware.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ pkgs, ... }: { - hardware.enableAllFirmware = true; - - hardware.bluetooth.enable = true; - - services.hardware.bolt.enable = true; - - # Vulkan - # hardware.opengl.driSupport = true; - # hardware.opengl.extraPackages = with pkgs; [ - # amdvlk - # rocm-opencl-icd - # rocm-opencl-runtime - # ]; - # systemd.tmpfiles.rules = - # [ "L+ /opt/rocm/hip - - - - ${pkgs.hip}" ]; - - # SSD Trim - services.fstrim.enable = true; -} diff --git a/nixos/hosts/thalassa/default.nix b/nixos/hosts/thalassa/default.nix index 44e6cfb5..68de75d0 100644 --- a/nixos/hosts/thalassa/default.nix +++ b/nixos/hosts/thalassa/default.nix @@ -1,4 +1,5 @@ { # "null" = { type = "local"; }; "aoife" = { type = "local"; }; + "eevee" = { type = "local"; }; } diff --git a/nixos/hosts/olympus/eevee/configuration.nix b/nixos/hosts/thalassa/eevee/configuration.nix similarity index 97% rename from nixos/hosts/olympus/eevee/configuration.nix rename to nixos/hosts/thalassa/eevee/configuration.nix index 1029b609..18acb8a2 100644 --- a/nixos/hosts/olympus/eevee/configuration.nix +++ b/nixos/hosts/thalassa/eevee/configuration.nix @@ -107,7 +107,4 @@ # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.05"; # Did you read the comment? - - nix.settings.extra-sandbox-paths = - [ (toString config.programs.ccache.cacheDir) ]; } diff --git a/nixos/hosts/olympus/eevee/desktop-env.nix b/nixos/hosts/thalassa/eevee/desktop-env.nix similarity index 94% rename from nixos/hosts/olympus/eevee/desktop-env.nix rename to nixos/hosts/thalassa/eevee/desktop-env.nix index 0e2dee25..515325a6 100644 --- a/nixos/hosts/olympus/eevee/desktop-env.nix +++ b/nixos/hosts/thalassa/eevee/desktop-env.nix @@ -1,8 +1,7 @@ { pkgs, ... }: { # Enable the X11 windowing system. services.xserver.enable = true; - # TODO: Nvidia - # services.xserver.videoDrivers = [ "amdgpu" ]; + services.xserver.videoDrivers = [ "nvidia" ]; services.xserver.excludePackages = [ pkgs.xterm ]; # Configure keymap in X11 diff --git a/nixos/hosts/thalassa/eevee/hardware-configuration.nix b/nixos/hosts/thalassa/eevee/hardware-configuration.nix new file mode 100644 index 00000000..1e1afb23 --- /dev/null +++ b/nixos/hosts/thalassa/eevee/hardware-configuration.nix @@ -0,0 +1,41 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/947a98af-9a4e-4811-a2ca-9aa00b319e9c"; + fsType = "btrfs"; + options = [ "subvol=@" ]; + }; + + fileSystems."/boot/efi" = + { device = "/dev/disk/by-uuid/D883-F146"; + fsType = "vfat"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/a99402e1-6f2a-4c4b-b69f-aae2fd13ffc0"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nixos/hosts/thalassa/eevee/hardware.nix b/nixos/hosts/thalassa/eevee/hardware.nix new file mode 100644 index 00000000..65d17ad5 --- /dev/null +++ b/nixos/hosts/thalassa/eevee/hardware.nix @@ -0,0 +1,14 @@ +{ pkgs, ... }: { + hardware.enableAllFirmware = true; + + hardware.bluetooth.enable = true; + + services.hardware.bolt.enable = true; + + hardware.opengl.enable = true; + + services.udev.packages = with pkgs; [ wooting-udev-rules ]; + + # SSD Trim + services.fstrim.enable = true; +} diff --git a/nixos/hosts/olympus/eevee/home/.gitignore b/nixos/hosts/thalassa/eevee/home/.gitignore similarity index 100% rename from nixos/hosts/olympus/eevee/home/.gitignore rename to nixos/hosts/thalassa/eevee/home/.gitignore diff --git a/nixos/hosts/olympus/eevee/home/dconf.nix b/nixos/hosts/thalassa/eevee/home/dconf.nix similarity index 96% rename from nixos/hosts/olympus/eevee/home/dconf.nix rename to nixos/hosts/thalassa/eevee/home/dconf.nix index fcc27140..32c102d9 100644 --- a/nixos/hosts/olympus/eevee/home/dconf.nix +++ b/nixos/hosts/thalassa/eevee/home/dconf.nix @@ -21,6 +21,10 @@ in { sources = [ (mkTuple [ "xkb" "us+altgr-intl" ]) ]; }; + "org/gnome/desktop/peripherals/mouse" = { + accel-profile = "flat"; + }; + "org/gnome/desktop/peripherals/touchpad" = { tap-to-click = true; two-finger-scrolling-enabled = true; diff --git a/nixos/hosts/olympus/eevee/home/default.nix b/nixos/hosts/thalassa/eevee/home/default.nix similarity index 99% rename from nixos/hosts/olympus/eevee/home/default.nix rename to nixos/hosts/thalassa/eevee/home/default.nix index 855fe919..4aaf26f4 100644 --- a/nixos/hosts/olympus/eevee/home/default.nix +++ b/nixos/hosts/thalassa/eevee/home/default.nix @@ -14,7 +14,7 @@ in { imports = [ ./dconf.nix ./theme.nix - ./neovim.nix + ./neovim.nix ]; home.packages = with pkgs; [ @@ -38,6 +38,7 @@ in { solo2-cli tex yt-dlp + wootility ]; programs.riff = { diff --git a/nixos/hosts/olympus/eevee/home/neovim.nix b/nixos/hosts/thalassa/eevee/home/neovim.nix similarity index 100% rename from nixos/hosts/olympus/eevee/home/neovim.nix rename to nixos/hosts/thalassa/eevee/home/neovim.nix diff --git a/nixos/hosts/olympus/eevee/home/nvim.lua b/nixos/hosts/thalassa/eevee/home/nvim.lua similarity index 100% rename from nixos/hosts/olympus/eevee/home/nvim.lua rename to nixos/hosts/thalassa/eevee/home/nvim.lua diff --git a/nixos/hosts/olympus/eevee/home/theme.nix b/nixos/hosts/thalassa/eevee/home/theme.nix similarity index 100% rename from nixos/hosts/olympus/eevee/home/theme.nix rename to nixos/hosts/thalassa/eevee/home/theme.nix diff --git a/nixos/hosts/olympus/eevee/networking.nix b/nixos/hosts/thalassa/eevee/networking.nix similarity index 100% rename from nixos/hosts/olympus/eevee/networking.nix rename to nixos/hosts/thalassa/eevee/networking.nix -- 2.47.1 From 329cee1404d3e84d13f21c43b38412f022f4aed6 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 22 Apr 2023 17:39:21 +0200 Subject: [PATCH 1474/1882] add ssh key --- nixos/common/users/victor.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/nixos/common/users/victor.nix b/nixos/common/users/victor.nix index 6b6149a9..cc8a537c 100644 --- a/nixos/common/users/victor.nix +++ b/nixos/common/users/victor.nix @@ -9,13 +9,12 @@ # My SSH keys. openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKME+A5zu36tMIsY+PBoboizgAzt6xReUNrKRBkxvl3i victor@null" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8llUcEBHsLqotFZc++LNP2fjItuuzeUsu5ObXecYNj victor@eevee" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBhJAp7NWlHgwDYd2z6VNROy5RkeZHRINFLsFvwT4b3 victor@bastion" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMMbdjysLnmwJD5Fs/SjBPstdIQNUxy8zFHP0GlhHMJB victor@bastion" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIfooZjMWXvXZu1ReOEACDZ0TMb2WJRBSOLlWE8y6fUh victor@aoife" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBMTCUjDbDjAiEKbKmLPavuYM0wJIBdjgytLsg1uWuGc victor@nord" "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIM3TqXaApX2JZsgfZd7PKVFMecDgqTHKibpSzgdXNpYAAAAABHNzaDo= solov2-le" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID+HbsgJTQS6pvnMEI5NPKjIf78z+9A7CTIt3abi+PS6 victor@eevee" ]; # Make me admin -- 2.47.1 From 0cb9e1ac0624710f76b5f583cff2743465eea5e7 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 22 Apr 2023 17:58:40 +0200 Subject: [PATCH 1475/1882] fix wayland + nvidia for eevee --- nixos/hosts/thalassa/eevee/configuration.nix | 2 +- nixos/hosts/thalassa/eevee/hardware.nix | 4 +++- nixos/hosts/thalassa/eevee/home/theme.nix | 4 ++-- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/nixos/hosts/thalassa/eevee/configuration.nix b/nixos/hosts/thalassa/eevee/configuration.nix index 18acb8a2..355b1712 100644 --- a/nixos/hosts/thalassa/eevee/configuration.nix +++ b/nixos/hosts/thalassa/eevee/configuration.nix @@ -26,7 +26,7 @@ }; }; - # fileSystems."/".options = [ "compress=zstd" ]; + fileSystems."/".options = [ "compress=zstd" ]; # Set your time zone. time.timeZone = "Europe/Amsterdam"; diff --git a/nixos/hosts/thalassa/eevee/hardware.nix b/nixos/hosts/thalassa/eevee/hardware.nix index 65d17ad5..d68fcc0a 100644 --- a/nixos/hosts/thalassa/eevee/hardware.nix +++ b/nixos/hosts/thalassa/eevee/hardware.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: { +{ pkgs, config, ... }: { hardware.enableAllFirmware = true; hardware.bluetooth.enable = true; @@ -6,6 +6,8 @@ services.hardware.bolt.enable = true; hardware.opengl.enable = true; + hardware.nvidia.modesetting.enable = true; + hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable; services.udev.packages = with pkgs; [ wooting-udev-rules ]; diff --git a/nixos/hosts/thalassa/eevee/home/theme.nix b/nixos/hosts/thalassa/eevee/home/theme.nix index f48e44c8..8aca1e7c 100644 --- a/nixos/hosts/thalassa/eevee/home/theme.nix +++ b/nixos/hosts/thalassa/eevee/home/theme.nix @@ -4,9 +4,9 @@ let cursorTheme = config.home.pointerCursor.name; in { home.pointerCursor = { - name = "Bibata_Ghost"; + name = "Bibata-Modern-Classic"; size = 24; - package = pkgs.bibata-cursors-translucent; + package = pkgs.bibata-cursors; }; gtk = { -- 2.47.1 From 991b93c0ae3fe9d05e6c5045386e778256008c32 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 22 Apr 2023 21:00:55 +0200 Subject: [PATCH 1476/1882] migrate woodpecker --- .editorconfig | 2 +- nixos/hosts/olympus/default.nix | 1 + .../olympus/woodpecker/configuration.nix | 58 ++++++++----------- 3 files changed, 26 insertions(+), 35 deletions(-) diff --git a/.editorconfig b/.editorconfig index c1e2c643..5d47c21c 100644 --- a/.editorconfig +++ b/.editorconfig @@ -5,7 +5,7 @@ root = true [*] indent_style = space -indent_size = 4 +indent_size = 2 end_of_line = lf charset = utf-8 trim_trailing_whitespace = true diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 0d9992e6..2a78cbe0 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -144,6 +144,7 @@ }; "woodpecker" = { ip = "10.42.42.33"; + ip6 = "2001:41f0:9639:1:1c24:daff:fedb:4a1a"; mac = "1E:24:DA:DB:4A:1A"; }; "nuc" = { diff --git a/nixos/hosts/olympus/woodpecker/configuration.nix b/nixos/hosts/olympus/woodpecker/configuration.nix index d7ca1fa2..4dc9599c 100644 --- a/nixos/hosts/olympus/woodpecker/configuration.nix +++ b/nixos/hosts/olympus/woodpecker/configuration.nix @@ -18,53 +18,43 @@ in { # Additional packages environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ ]; + networking.firewall.allowedTCPPorts = [ 8000 9000 ]; vault-secrets.secrets.woodpecker = { - services = [ "podman-woodpecker-server" "podman-woodpecker-agent" ]; + services = [ "woodpecker-server" "woodpecker-agent-docker" ]; quoteEnvironmentValues = false; # Needed for docker }; virtualisation.podman = { enable = true; dockerSocket.enable = true; + dockerCompat = true; }; - systemd.services.create-woodpecker-pod = with config.virtualisation.oci-containers; { - serviceConfig.Type = "oneshot"; - wantedBy = [ "${backend}-woodpecker-server.service" "${backend}-woodpecker-agent.service"]; - script = '' - ${pkgs.podman}/bin/podman pod exists woodpecker || \ - ${pkgs.podman}/bin/podman pod create -n woodpecker -p 8000:8000 - ''; + services.woodpecker-server = { + enable = true; + environment = { + WOODPECKER_OPEN = "true"; + WOODPECKER_HOST = "https://ci.0x76.dev"; + WOODPECKER_GITEA = "true"; + WOODPECKER_GITEA_URL = "https://git.0x76.dev"; + WOODPECKER_ADMIN = "v"; + WOODPECKER_AUTHENTICATE_PUBLIC_REPOS = "true"; + WOODPECKER_SERVER_ADDR = "0.0.0.0:8000"; + }; + environmentFile = "${vs.woodpecker}/environment"; }; - virtualisation.oci-containers = { - backend = "podman"; - containers = { - woodpecker-server = { - image = "woodpeckerci/woodpecker-server:latest"; - volumes = [ "woodpecker-server-data:/var/lib/woodpecker/" ]; - environmentFiles = [ "${vs.woodpecker}/environment" ]; - extraOptions = [ "--pod=woodpecker" ]; - environment = { - WOODPECKER_OPEN = "true"; - WOODPECKER_HOST = "https://ci.0x76.dev"; - WOODPECKER_GITEA = "true"; - WOODPECKER_GITEA_URL = "https://git.0x76.dev"; - WOODPECKER_ADMIN = "v"; - WOODPECKER_AUTHENTICATE_PUBLIC_REPOS = "true"; - }; - }; - woodpecker-agent = { - image = "woodpeckerci/woodpecker-agent:latest"; - dependsOn = [ "woodpecker-server" ]; - extraOptions = [ "--pod=woodpecker" ]; - cmd = [ "agent" ]; - volumes = [ "/var/run/docker.sock:/var/run/docker.sock" ]; - environmentFiles = [ "${vs.woodpecker}/environment" ]; - environment = { WOODPECKER_SERVER = "localhost:9000"; }; + services.woodpecker-agents.agents = { + docker = { + enable = true; + environment = { + DOCKER_HOST = "unix:///run/podman/podman.sock"; + WOODPECKER_BACKEND = "docker"; + WOODPECKER_SERVER = "localhost:9000"; }; + environmentFile = [ "${vs.woodpecker}/environment" ]; + extraGroups = [ "podman" ]; }; }; } -- 2.47.1 From 45afddf9f3839f0ed6bf01e4b55e0aba1f40c75b Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 22 Apr 2023 21:08:38 +0200 Subject: [PATCH 1477/1882] ip6 still too buggy --- nixos/hosts/olympus/default.nix | 1 - nixos/hosts/olympus/woodpecker/configuration.nix | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 2a78cbe0..0d9992e6 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -144,7 +144,6 @@ }; "woodpecker" = { ip = "10.42.42.33"; - ip6 = "2001:41f0:9639:1:1c24:daff:fedb:4a1a"; mac = "1E:24:DA:DB:4A:1A"; }; "nuc" = { diff --git a/nixos/hosts/olympus/woodpecker/configuration.nix b/nixos/hosts/olympus/woodpecker/configuration.nix index 4dc9599c..a0590fb0 100644 --- a/nixos/hosts/olympus/woodpecker/configuration.nix +++ b/nixos/hosts/olympus/woodpecker/configuration.nix @@ -40,7 +40,7 @@ in { WOODPECKER_GITEA_URL = "https://git.0x76.dev"; WOODPECKER_ADMIN = "v"; WOODPECKER_AUTHENTICATE_PUBLIC_REPOS = "true"; - WOODPECKER_SERVER_ADDR = "0.0.0.0:8000"; + WOODPECKER_SERVER_ADDR = "10.42.42.33:8000"; }; environmentFile = "${vs.woodpecker}/environment"; }; -- 2.47.1 From 47541b271559caf4b9fe0a47b2cbd51a437fb653 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 22 Apr 2023 21:21:52 +0200 Subject: [PATCH 1478/1882] try new plugin-git --- .woodpecker.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.woodpecker.yml b/.woodpecker.yml index cdd77d85..95294f7e 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -1,3 +1,10 @@ +clone: + git: + image: woodpeckerci/plugin-git:next + settings: + depth: 50 + lfs: false + pipeline: check: image: nixos/nix:2.15.0 -- 2.47.1 From f33e6f755ce8fb5c44243fc497aa78df7ce54ed7 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 22 Apr 2023 22:09:11 +0200 Subject: [PATCH 1479/1882] debug ci --- .woodpecker.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 95294f7e..ee9c50d8 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -1,9 +1,6 @@ clone: git: - image: woodpeckerci/plugin-git:next - settings: - depth: 50 - lfs: false + image: rancher/pause pipeline: check: -- 2.47.1 From 5c88741527d4d8145598c146dff810a5e4ec6092 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 24 Apr 2023 06:00:26 +0000 Subject: [PATCH 1480/1882] chore(deps): update renovate/renovate docker tag to v35.58.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 5ed78300..f78fd2d5 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.57.0 + image: renovate/renovate:35.58.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 1de0699aa36ef9245693985e3f6f6b8572f0038f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 22 Apr 2023 22:01:36 +0000 Subject: [PATCH 1481/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index fe330f38..374e13a5 100644 --- a/flake.lock +++ b/flake.lock @@ -484,11 +484,11 @@ ] }, "locked": { - "lastModified": 1682072616, - "narHash": "sha256-sR5RL3LACGuq5oePcAoJ/e1S3vitKQQSNACMYmqIE1E=", + "lastModified": 1682176386, + "narHash": "sha256-xwYjQ8PjfdHlggi8Dq0PXWby/1oXegSUuNuBvoTcnpA=", "owner": "nix-community", "repo": "home-manager", - "rev": "47d6c3f65234230d37f1cf7d3d6b5575ec80fe0c", + "rev": "6169690ae38175295605d521bd778d999fbd85cd", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1681932375, - "narHash": "sha256-tSXbYmpnKSSWpzOrs27ie8X3I0yqKA6AuCzCYNtwbCU=", + "lastModified": 1682134069, + "narHash": "sha256-TnI/ZXSmRxQDt2sjRYK/8j8iha4B4zP2cnQCZZ3vp7k=", "owner": "nixos", "repo": "nixpkgs", - "rev": "3d302c67ab8647327dba84fbdb443cdbf0e82744", + "rev": "fd901ef4bf93499374c5af385b2943f5801c0833", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1682170448, - "narHash": "sha256-vYIeXWCl9hOTUKUA6RhS+XqN31VR+GJbcNxBYpjIQU4=", + "lastModified": 1682197907, + "narHash": "sha256-lmN70ThAOkTTHu2uul1GE6oU6En+b1yFpLY8obzJopU=", "owner": "nix-community", "repo": "NUR", - "rev": "fe2bdf88ea839ca934412d8c9a7fad26893e481e", + "rev": "56f2104ae98978ae8d351a43f6f6226364d844aa", "type": "github" }, "original": { -- 2.47.1 From 15631ffcfe5c505e0e2bac6ad4012aedeca9b07e Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 24 Apr 2023 09:35:28 +0200 Subject: [PATCH 1482/1882] updates --- .woodpecker.yml | 4 -- flake.lock | 30 ++++++------ nixos/hosts/hades/minio/configuration.nix | 2 +- nixos/hosts/olympus/minio/configuration.nix | 2 +- nixos/hosts/thalassa/aoife/configuration.nix | 3 ++ nixos/hosts/thalassa/aoife/home/default.nix | 9 +++- nixos/pkgs/default.nix | 3 -- nixos/pkgs/minio-old/default.nix | 51 -------------------- 8 files changed, 28 insertions(+), 76 deletions(-) delete mode 100644 nixos/pkgs/minio-old/default.nix diff --git a/.woodpecker.yml b/.woodpecker.yml index ee9c50d8..cdd77d85 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -1,7 +1,3 @@ -clone: - git: - image: rancher/pause - pipeline: check: image: nixos/nix:2.15.0 diff --git a/flake.lock b/flake.lock index 374e13a5..0d7c1234 100644 --- a/flake.lock +++ b/flake.lock @@ -88,11 +88,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1675730932, - "narHash": "sha256-XcmirehPIcZGS7PzkS3WvAYQ9GBlBvCxYToIOIV2PVE=", + "lastModified": 1682202576, + "narHash": "sha256-vcTEEEHKx4PTfY80bUmZMwXRy0cTDJCkULHhqe1HJS8=", "owner": "zhaofengli", "repo": "colmena", - "rev": "e034c15825c439131e4489de5a82cf8e5398fa61", + "rev": "089431737e283ed3e402a7dff578cb442444c431", "type": "github" }, "original": { @@ -484,11 +484,11 @@ ] }, "locked": { - "lastModified": 1682176386, - "narHash": "sha256-xwYjQ8PjfdHlggi8Dq0PXWby/1oXegSUuNuBvoTcnpA=", + "lastModified": 1682273416, + "narHash": "sha256-YvRc5TOyf92Fcvt6cYfsqxfjqalAUME3Klv4IbdhkBE=", "owner": "nix-community", "repo": "home-manager", - "rev": "6169690ae38175295605d521bd778d999fbd85cd", + "rev": "a5a294a622a7d3a837aaa145334e4d813c1bc5b1", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1682134069, - "narHash": "sha256-TnI/ZXSmRxQDt2sjRYK/8j8iha4B4zP2cnQCZZ3vp7k=", + "lastModified": 1682173319, + "narHash": "sha256-tPhOpJJ+wrWIusvGgIB2+x6ILfDkEgQMX0BTtM5vd/4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "fd901ef4bf93499374c5af385b2943f5801c0833", + "rev": "ee7ec1c71adc47d2e3c2d5eb0d6b8fbbd42a8d1c", "type": "github" }, "original": { @@ -831,11 +831,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1681920287, - "narHash": "sha256-+/d6XQQfhhXVfqfLROJoqj3TuG38CAeoT6jO1g9r1k0=", + "lastModified": 1682181988, + "narHash": "sha256-CYWhlNi16cjGzMby9h57gpYE59quBcsHPXiFgX4Sw5k=", "owner": "nixos", "repo": "nixpkgs", - "rev": "645bc49f34fa8eff95479f0345ff57e55b53437e", + "rev": "6c43a3495a11e261e5f41e5d7eda2d71dae1b2fe", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1682197907, - "narHash": "sha256-lmN70ThAOkTTHu2uul1GE6oU6En+b1yFpLY8obzJopU=", + "lastModified": 1682319022, + "narHash": "sha256-v5pkzaE8ygTEyK4Sqtwn+hgMxXfo+kySRBQenPD+P2o=", "owner": "nix-community", "repo": "NUR", - "rev": "56f2104ae98978ae8d351a43f6f6226364d844aa", + "rev": "08e8360bdeda32317aa4060c8c5b2c55136ae82b", "type": "github" }, "original": { diff --git a/nixos/hosts/hades/minio/configuration.nix b/nixos/hosts/hades/minio/configuration.nix index 00039c3d..5d2f7555 100644 --- a/nixos/hosts/hades/minio/configuration.nix +++ b/nixos/hosts/hades/minio/configuration.nix @@ -13,6 +13,6 @@ in { services.minio = { enable = true; rootCredentialsFile = "${vs.minio}/environment"; - package = pkgs.v.minio-old; + package = pkgs.minio_legacy_fs; }; } diff --git a/nixos/hosts/olympus/minio/configuration.nix b/nixos/hosts/olympus/minio/configuration.nix index 1ce65f37..95187b2b 100644 --- a/nixos/hosts/olympus/minio/configuration.nix +++ b/nixos/hosts/olympus/minio/configuration.nix @@ -27,7 +27,7 @@ in { services.minio = { enable = true; - package = pkgs.v.minio-old; + package = pkgs.minio_legacy_fs; rootCredentialsFile = "${vs.minio}/environment"; listenAddress = ":${toString listenPort}"; consoleAddress = ":${toString consolePort}"; diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index 655438f2..662202bf 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -120,4 +120,7 @@ ]; nix.settings.extra-sandbox-paths = [ (toString config.programs.ccache.cacheDir) ]; + + # Enable Ozone rendering for Chromium and Electron apps. + environment.sessionVariables.NIXOS_OZONE_WL = "1"; } diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index 855fe919..109aaac5 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -14,7 +14,7 @@ in { imports = [ ./dconf.nix ./theme.nix - ./neovim.nix + ./neovim.nix ]; home.packages = with pkgs; [ @@ -189,5 +189,12 @@ in { videos = "${home}/cloud/Videos"; }; + # xdg.configFile."electron-flags.conf".text = '' + # --enable-features=UseOzonePlatform + # --ozone-platform=wayland + # --enable-features=WaylandWindowDecorations + # --ozone-platform-hint=auto + # ''; + services.syncthing.enable = true; } diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index 3e7f6424..3a5edee5 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -1,9 +1,6 @@ # nix-build -E 'with import {}; callPackage ./default.nix {}' final: prev: { v = { - # nixos 22.11 version of minio, need to upgrade backend from fs to xl - minio-old = prev.callPackage ./minio-old { }; - glitch-soc = prev.callPackage ./glitch-soc { }; deemix-gui = prev.callPackage ./deemix-gui { }; diff --git a/nixos/pkgs/minio-old/default.nix b/nixos/pkgs/minio-old/default.nix deleted file mode 100644 index 13c29ac6..00000000 --- a/nixos/pkgs/minio-old/default.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ lib, buildGoModule, fetchFromGitHub, nixosTests }: - -let - # The web client verifies, that the server version is a valid datetime string: - # https://github.com/minio/minio/blob/3a0e7347cad25c60b2e51ff3194588b34d9e424c/browser/app/js/web.js#L51-L53 - # - # Example: - # versionToTimestamp "2021-04-22T15-44-28Z" - # => "2021-04-22T15:44:28Z" - versionToTimestamp = version: - let - splitTS = builtins.elemAt (builtins.split "(.*)(T.*)" version) 1; - in - builtins.concatStringsSep "" [ (builtins.elemAt splitTS 0) (builtins.replaceStrings [ "-" ] [ ":" ] (builtins.elemAt splitTS 1)) ]; -in -buildGoModule rec { - pname = "minio"; - version = "2022-10-24T18-35-07Z"; - - src = fetchFromGitHub { - owner = "minio"; - repo = "minio"; - rev = "RELEASE.${version}"; - sha256 = "sha256-sABNzhyfBNU5pWyE/VWHUzuSyKsx0glj01ectJPakV8="; - }; - - vendorSha256 = "sha256-wB3UiuptT6D0CIUlHC1d5k0rjIxNeh5yAWOmYpyLGmA="; - - doCheck = false; - - subPackages = [ "." ]; - - CGO_ENABLED = 0; - - tags = [ "kqueue" ]; - - ldflags = let t = "github.com/minio/minio/cmd"; in [ - "-s" "-w" "-X ${t}.Version=${versionToTimestamp version}" "-X ${t}.ReleaseTag=RELEASE.${version}" "-X ${t}.CommitID=${src.rev}" - ]; - - passthru.tests.minio = nixosTests.minio; - - meta = with lib; { - homepage = "https://www.minio.io/"; - description = "An S3-compatible object storage server"; - changelog = "https://github.com/minio/minio/releases/tag/RELEASE.${version}"; - maintainers = with maintainers; [ eelco bachp ]; - platforms = platforms.unix; - license = licenses.agpl3Plus; - }; -} -- 2.47.1 From 8d092693af5f5002ec1cdacea14c98597a805433 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 24 Apr 2023 09:42:17 +0200 Subject: [PATCH 1483/1882] nginx: streamline brotli --- nixos/hosts/olympus/nginx/configuration.nix | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 8474edb4..564061bf 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -39,11 +39,10 @@ in { recommendedProxySettings = true; recommendedTlsSettings = true; recommendedOptimisation = true; + recommendedBrotliSettings = true; clientMaxBodySize = "500m"; - package = pkgs.nginxMainline.override { - modules = with pkgs.nginxModules; [ brotli ]; - }; + package = pkgs.nginxMainline; # 0x76.dev virtualHosts."ha.0x76.dev" = proxy "http://home-assistant.olympus:8123/"; @@ -148,17 +147,6 @@ in { virtualHosts."blog.xirion.net" = k8s_proxy; }; - services.nginx.commonHttpConfig = '' - brotli on; - brotli_comp_level 6; - brotli_static on; - brotli_types application/atom+xml application/javascript application/json application/rss+xml - application/vnd.ms-fontobject application/x-font-opentype application/x-font-truetype - application/x-font-ttf application/x-javascript application/xhtml+xml application/xml - font/eot font/opentype font/otf font/truetype image/svg+xml image/vnd.microsoft.icon - image/x-icon image/x-win-bitmap text/css text/javascript text/plain text/xml; - ''; - security.acme.defaults.email = "victorheld12@gmail.com"; security.acme.acceptTerms = true; security.acme.preliminarySelfsigned = true; -- 2.47.1 From 3dd06c0bfb0bdc242379983ccf6635c80d681f22 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 24 Apr 2023 10:00:56 +0200 Subject: [PATCH 1484/1882] things --- flake.lock | 7 +++---- flake.nix | 2 +- nixos/hosts/olympus/bastion/configuration.nix | 13 +++++++++++-- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index 0d7c1234..2bd8a5a7 100644 --- a/flake.lock +++ b/flake.lock @@ -831,16 +831,15 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1682181988, - "narHash": "sha256-CYWhlNi16cjGzMby9h57gpYE59quBcsHPXiFgX4Sw5k=", + "lastModified": 1682318825, + "narHash": "sha256-rTFe23xSneBU2AqiwTGnXyQBfIDyJzxRKdLYti4BgB8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6c43a3495a11e261e5f41e5d7eda2d71dae1b2fe", + "rev": "6577af679354e6df48fac646b46178455412abc1", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 99fd58c9..62264986 100644 --- a/flake.nix +++ b/flake.nix @@ -9,7 +9,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:nixos/nixpkgs"; nixpkgs_22-11.url = "github:nixos/nixpkgs/nixos-22.11"; nur.url = "github:nix-community/NUR"; diff --git a/nixos/hosts/olympus/bastion/configuration.nix b/nixos/hosts/olympus/bastion/configuration.nix index a66794ff..0c340d75 100644 --- a/nixos/hosts/olympus/bastion/configuration.nix +++ b/nixos/hosts/olympus/bastion/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ pkgs, ... }: +{ pkgs, lib, ... }: let fix-vscode = pkgs.writeScriptBin "fix-vscode" '' #!${pkgs.stdenv.shell} @@ -23,6 +23,15 @@ in { ./hardware-configuration.nix ]; + # This _should_ fix vscode errors as well + programs.nix-ld.enable = true; + # environment.variables = { + # NIX_LD_LIBRARY_PATH = lib.makeLibraryPath [ + # pkgs.stdenv.cc.cc + # ]; + # # NIX_LD = lib.fileContents "${pkgs.stdenv.cc}/nix-support/dynamic-linker"; + # }; + # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; boot.loader.grub.version = 2; @@ -36,7 +45,7 @@ in { # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.11"; # Did you read the comment? - virtualisation.podman.enable = true; + virtualisation.podman.enable = true; # Additional packages environment.systemPackages = with pkgs; [ -- 2.47.1 From 1d42925a4344d473c0835d3730c68677cb1f907a Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 25 Apr 2023 09:01:06 +0200 Subject: [PATCH 1485/1882] started refactoring desktop setup --- nixos/common/desktop/README.md | 1 + nixos/common/desktop/default.nix | 85 ++++++++++++++++ .../eevee => common/desktop}/desktop-env.nix | 5 +- nixos/hosts/thalassa/aoife/configuration.nix | 99 +------------------ nixos/hosts/thalassa/aoife/desktop-env.nix | 53 ---------- nixos/hosts/thalassa/aoife/hardware.nix | 10 ++ nixos/hosts/thalassa/aoife/home/default.nix | 9 +- nixos/hosts/thalassa/eevee/configuration.nix | 86 +--------------- nixos/hosts/thalassa/eevee/hardware.nix | 7 +- 9 files changed, 112 insertions(+), 243 deletions(-) create mode 100644 nixos/common/desktop/README.md create mode 100644 nixos/common/desktop/default.nix rename nixos/{hosts/thalassa/eevee => common/desktop}/desktop-env.nix (92%) delete mode 100644 nixos/hosts/thalassa/aoife/desktop-env.nix diff --git a/nixos/common/desktop/README.md b/nixos/common/desktop/README.md new file mode 100644 index 00000000..48683a66 --- /dev/null +++ b/nixos/common/desktop/README.md @@ -0,0 +1 @@ +# Common NixOS Config shared between desktop and laptop diff --git a/nixos/common/desktop/default.nix b/nixos/common/desktop/default.nix new file mode 100644 index 00000000..41e7b25d --- /dev/null +++ b/nixos/common/desktop/default.nix @@ -0,0 +1,85 @@ +{ pkgs, config, lib, ... }: { + imports = [ + ./desktop-env.nix + ]; + # Bootloader. + boot = { + kernelPackages = pkgs.linuxPackages_latest; + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + efi.efiSysMountPoint = "/boot/efi"; + }; + kernel.sysctl = { "fs.inotify.max_user_watches" = 524288; }; + initrd = { + systemd.enable = true; + verbose = false; + }; + }; + + # Set your time zone. + time.timeZone = "Europe/Amsterdam"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_GB.UTF-8"; + i18n.extraLocaleSettings = { + LC_ADDRESS = "nl_NL.UTF-8"; + LC_IDENTIFICATION = "nl_NL.UTF-8"; + LC_MEASUREMENT = "nl_NL.UTF-8"; + LC_MONETARY = "nl_NL.UTF-8"; + LC_NAME = "nl_NL.UTF-8"; + LC_NUMERIC = "nl_NL.UTF-8"; + LC_PAPER = "nl_NL.UTF-8"; + LC_TELEPHONE = "nl_NL.UTF-8"; + LC_TIME = "nl_NL.UTF-8"; + }; + + # Enable CUPS to print documents. + services.printing.enable = true; + + # Global Packages + environment.systemPackages = with pkgs; [ wireguard-tools ]; + + # Enable sound with pipewire. + sound.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + + virtualisation = { + podman.enable = true; + libvirtd = { + enable = true; + qemu.package = pkgs.qemu_kvm; + }; + }; + + fonts.fonts = with pkgs; [ + material-design-icons + noto-fonts + noto-fonts-cjk + noto-fonts-emoji + dejavu_fonts + (nerdfonts.override { + fonts = + [ "DejaVuSansMono" "Ubuntu" "DroidSansMono" "NerdFontsSymbolsOnly" ]; + }) + ]; + + programs.steam = { + enable = true; + # Open ports in the firewall for Steam Remote Play + remotePlay.openFirewall = true; + }; +} diff --git a/nixos/hosts/thalassa/eevee/desktop-env.nix b/nixos/common/desktop/desktop-env.nix similarity index 92% rename from nixos/hosts/thalassa/eevee/desktop-env.nix rename to nixos/common/desktop/desktop-env.nix index 515325a6..40625356 100644 --- a/nixos/hosts/thalassa/eevee/desktop-env.nix +++ b/nixos/common/desktop/desktop-env.nix @@ -1,7 +1,6 @@ -{ pkgs, ... }: { - # Enable the X11 windowing system. +{ pkgs, ...}: { + # TODO: Create Module services.xserver.enable = true; - services.xserver.videoDrivers = [ "nvidia" ]; services.xserver.excludePackages = [ pkgs.xterm ]; # Configure keymap in X11 diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index 662202bf..1dd5b4d7 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -2,57 +2,21 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, inputs, ... }: { +{ pkgs, inputs, ... }: { imports = [ + ../../../common/desktop ./hardware-configuration.nix inputs.nixos-hardware.nixosModules.lenovo-thinkpad-z ./hardware.nix ./networking.nix - ./desktop-env.nix ]; # Bootloader. boot = { - kernelPackages = pkgs.linuxPackages_latest; - # kernelPackages = pkgs.linuxKernel.packages.linux_zen; - loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; - efi.efiSysMountPoint = "/boot/efi"; - }; - kernel.sysctl = { "fs.inotify.max_user_watches" = 524288; }; - initrd = { - kernelModules = [ "amdgpu" ]; - systemd.enable = true; - verbose = false; - }; + initrd.kernelModules = [ "amdgpu" ]; resumeDevice = "/dev/nvme0n1p2"; }; - fileSystems."/".options = [ "compress=zstd" ]; - - # Set your time zone. - time.timeZone = "Europe/Amsterdam"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_GB.UTF-8"; - i18n.extraLocaleSettings = { - LC_ADDRESS = "nl_NL.UTF-8"; - LC_IDENTIFICATION = "nl_NL.UTF-8"; - LC_MEASUREMENT = "nl_NL.UTF-8"; - LC_MONETARY = "nl_NL.UTF-8"; - LC_NAME = "nl_NL.UTF-8"; - LC_NUMERIC = "nl_NL.UTF-8"; - LC_PAPER = "nl_NL.UTF-8"; - LC_TELEPHONE = "nl_NL.UTF-8"; - LC_TIME = "nl_NL.UTF-8"; - }; - - # Enable CUPS to print documents. - services.printing.enable = true; - - environment.systemPackages = with pkgs; [ wireguard-tools ]; - home-manager = { useGlobalPkgs = true; useUserPackages = true; @@ -60,48 +24,8 @@ extraSpecialArgs = { inherit inputs; }; }; - # Enable sound with pipewire. - sound.enable = true; - hardware.pulseaudio.enable = false; - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - # If you want to use JACK applications, uncomment this - #jack.enable = true; - - # use the example session manager (no others are packaged yet so this is enabled by default, - # no need to redefine it in your config for now) - #media-session.enable = true; - }; - - virtualisation = { - podman.enable = true; - libvirtd = { - enable = true; - qemu.package = pkgs.qemu_kvm; - }; - }; - - fonts.fonts = with pkgs; [ - material-design-icons - noto-fonts - noto-fonts-cjk - noto-fonts-emoji - dejavu_fonts - (nerdfonts.override { - fonts = - [ "DejaVuSansMono" "Ubuntu" "DroidSansMono" "NerdFontsSymbolsOnly" ]; - }) - ]; - - programs.steam = { - enable = true; - # Open ports in the firewall for Steam Remote Play - remotePlay.openFirewall = true; - }; + # Enable Ozone rendering for Chromium and Electron apps. + environment.sessionVariables.NIXOS_OZONE_WL = "1"; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions @@ -110,17 +34,4 @@ # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.05"; # Did you read the comment? - - # Enable ccache - # WARNING: Adding packages here makes them always be built from source, so only do so for once that are usually build like that - # This should be fixed when nix switches to content-addresabble paths - programs.ccache.enable = true; - programs.ccache.packageNames = [ - "mongodb" - ]; - nix.settings.extra-sandbox-paths = - [ (toString config.programs.ccache.cacheDir) ]; - - # Enable Ozone rendering for Chromium and Electron apps. - environment.sessionVariables.NIXOS_OZONE_WL = "1"; } diff --git a/nixos/hosts/thalassa/aoife/desktop-env.nix b/nixos/hosts/thalassa/aoife/desktop-env.nix deleted file mode 100644 index a0164526..00000000 --- a/nixos/hosts/thalassa/aoife/desktop-env.nix +++ /dev/null @@ -1,53 +0,0 @@ -{ pkgs, ... }: { - # Enable the X11 windowing system. - services.xserver.enable = true; - services.xserver.videoDrivers = [ "amdgpu" ]; - services.xserver.excludePackages = [ pkgs.xterm ]; - - # Configure keymap in X11 - services.xserver = { - # TODO: Is this smart? - dpi = 280; - layout = "us"; - xkbVariant = "altgr-intl"; - xkbOptions = "caps:swapescape"; - }; - - # Enable the GNOME Desktop Environment. - services.xserver.displayManager.gdm.enable = true; - services.xserver.desktopManager.gnome.enable = true; - services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; - environment.gnome.excludePackages = - (with pkgs; [ gnome-photos gnome-tour gnome-connections ]) - ++ (with pkgs.gnome; [ - atomix # puzzle game - epiphany # web browser - geary # email reader - gedit # text editor - gnome-calendar - gnome-clocks - gnome-contacts - gnome-maps - gnome-music - gnome-notes - gnome-terminal - gnome-weather - hitori # sudoku game - iagno # go game - simple-scan # document scanner - tali # poker game - totem # video player - ]); - - # Services required for gnome - programs.dconf.enable = true; - services.dbus.enable = true; - services.udisks2.enable = true; - - # Extra gnome packages - environment.systemPackages = with pkgs; [ - gnome.gnome-tweaks - gnome.gnome-boxes - ]; - -} diff --git a/nixos/hosts/thalassa/aoife/hardware.nix b/nixos/hosts/thalassa/aoife/hardware.nix index c6b1208e..5c891686 100644 --- a/nixos/hosts/thalassa/aoife/hardware.nix +++ b/nixos/hosts/thalassa/aoife/hardware.nix @@ -5,6 +5,16 @@ services.hardware.bolt.enable = true; + # FS + fileSystems."/".options = [ "compress=zstd" ]; + + # Video Driver + services.xserver.videoDrivers = [ "amdgpu" ]; + services.xserver = { + dpi = 280; + xkbOptions = "caps:swapescape"; + }; + # Vulkan hardware.opengl.driSupport = true; hardware.opengl.extraPackages = with pkgs; [ diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index 109aaac5..c2421bad 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -4,6 +4,7 @@ let inherit (pkgs.texlive) scheme-full; dnd-5e-latex-template = { pkgs = [ pkgs.v.dnd-5e-latex-template ]; }; }; + my-python-packages = ps: with ps; [ pandas requests numpy ]; in { programs.home-manager.enable = true; @@ -11,11 +12,7 @@ in { home.homeDirectory = "/home/victor"; home.stateVersion = "23.05"; - imports = [ - ./dconf.nix - ./theme.nix - ./neovim.nix - ]; + imports = [ ./dconf.nix ./theme.nix ./neovim.nix ]; home.packages = with pkgs; [ btop @@ -32,7 +29,7 @@ in { neofetch nixfmt nixpkgs-review - python3 + (python3.withPackages my-python-packages) plex-media-player rustup solo2-cli diff --git a/nixos/hosts/thalassa/eevee/configuration.nix b/nixos/hosts/thalassa/eevee/configuration.nix index 355b1712..cd7294e0 100644 --- a/nixos/hosts/thalassa/eevee/configuration.nix +++ b/nixos/hosts/thalassa/eevee/configuration.nix @@ -4,102 +4,18 @@ { config, pkgs, inputs, ... }: { imports = [ + ../../../common/desktop ./hardware-configuration.nix ./hardware.nix - ./desktop-env.nix ./networking.nix ]; - # Bootloader. - boot = { - kernelPackages = pkgs.linuxPackages_latest; - loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; - efi.efiSysMountPoint = "/boot/efi"; - }; - kernel.sysctl = { "fs.inotify.max_user_watches" = 524288; }; - initrd = { - kernelModules = [ "amdgpu" ]; - systemd.enable = true; - verbose = false; - }; - }; - - fileSystems."/".options = [ "compress=zstd" ]; - - # Set your time zone. - time.timeZone = "Europe/Amsterdam"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_GB.UTF-8"; - i18n.extraLocaleSettings = { - LC_ADDRESS = "nl_NL.UTF-8"; - LC_IDENTIFICATION = "nl_NL.UTF-8"; - LC_MEASUREMENT = "nl_NL.UTF-8"; - LC_MONETARY = "nl_NL.UTF-8"; - LC_NAME = "nl_NL.UTF-8"; - LC_NUMERIC = "nl_NL.UTF-8"; - LC_PAPER = "nl_NL.UTF-8"; - LC_TELEPHONE = "nl_NL.UTF-8"; - LC_TIME = "nl_NL.UTF-8"; - }; - - # Enable CUPS to print documents. - services.printing.enable = true; - - environment.systemPackages = with pkgs; [ wireguard-tools ]; - home-manager = { useGlobalPkgs = true; useUserPackages = true; users.victor = import ./home; extraSpecialArgs = { inherit inputs; }; }; - - # Enable sound with pipewire. - sound.enable = true; - hardware.pulseaudio.enable = false; - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - # If you want to use JACK applications, uncomment this - #jack.enable = true; - - # use the example session manager (no others are packaged yet so this is enabled by default, - # no need to redefine it in your config for now) - #media-session.enable = true; - }; - - virtualisation = { - podman.enable = true; - libvirtd = { - enable = true; - qemu.package = pkgs.qemu_kvm; - }; - }; - - fonts.fonts = with pkgs; [ - material-design-icons - noto-fonts - noto-fonts-cjk - noto-fonts-emoji - dejavu_fonts - (nerdfonts.override { - fonts = - [ "DejaVuSansMono" "Ubuntu" "DroidSansMono" "NerdFontsSymbolsOnly" ]; - }) - ]; - - programs.steam = { - enable = true; - # Open ports in the firewall for Steam Remote Play - remotePlay.openFirewall = true; - }; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/thalassa/eevee/hardware.nix b/nixos/hosts/thalassa/eevee/hardware.nix index d68fcc0a..6993a443 100644 --- a/nixos/hosts/thalassa/eevee/hardware.nix +++ b/nixos/hosts/thalassa/eevee/hardware.nix @@ -1,16 +1,19 @@ { pkgs, config, ... }: { hardware.enableAllFirmware = true; - hardware.bluetooth.enable = true; - services.hardware.bolt.enable = true; + services.xserver.videoDrivers = [ "nvidia" ]; hardware.opengl.enable = true; hardware.nvidia.modesetting.enable = true; hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable; services.udev.packages = with pkgs; [ wooting-udev-rules ]; + + # FS + fileSystems."/".options = [ "compress=zstd" ]; + # SSD Trim services.fstrim.enable = true; } -- 2.47.1 From 423a2ee604467fe94527e9f22e52853765f20e50 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 25 Apr 2023 09:30:41 +0200 Subject: [PATCH 1486/1882] extract gnome into module --- nixos/common/desktop/default.nix | 13 ++- nixos/common/desktop/desktop-env.nix | 48 ---------- nixos/common/modules/default.nix | 1 + .../home => common/modules/gnome}/dconf.nix | 2 +- nixos/common/modules/gnome/default.nix | 59 ++++++++++++ nixos/hosts/thalassa/aoife/configuration.nix | 1 - nixos/hosts/thalassa/aoife/home/default.nix | 5 +- nixos/hosts/thalassa/aoife/networking.nix | 5 - nixos/hosts/thalassa/eevee/configuration.nix | 1 - nixos/hosts/thalassa/eevee/home/dconf.nix | 91 ------------------- nixos/hosts/thalassa/eevee/home/default.nix | 10 +- nixos/hosts/thalassa/eevee/networking.nix | 5 - 12 files changed, 79 insertions(+), 162 deletions(-) delete mode 100644 nixos/common/desktop/desktop-env.nix rename nixos/{hosts/thalassa/aoife/home => common/modules/gnome}/dconf.nix (97%) create mode 100644 nixos/common/modules/gnome/default.nix delete mode 100644 nixos/hosts/thalassa/aoife/networking.nix delete mode 100644 nixos/hosts/thalassa/eevee/home/dconf.nix delete mode 100644 nixos/hosts/thalassa/eevee/networking.nix diff --git a/nixos/common/desktop/default.nix b/nixos/common/desktop/default.nix index 41e7b25d..aac49709 100644 --- a/nixos/common/desktop/default.nix +++ b/nixos/common/desktop/default.nix @@ -1,7 +1,4 @@ -{ pkgs, config, lib, ... }: { - imports = [ - ./desktop-env.nix - ]; +{ pkgs, ... }: { # Bootloader. boot = { kernelPackages = pkgs.linuxPackages_latest; @@ -17,6 +14,9 @@ }; }; + # Enable my config for the gnome desktop environment + services.v.gnome.enable = true; + # Set your time zone. time.timeZone = "Europe/Amsterdam"; @@ -82,4 +82,9 @@ # Open ports in the firewall for Steam Remote Play remotePlay.openFirewall = true; }; + + # Networking + networking.networkmanager.enable = true; + networking.firewall.checkReversePath = false; + networking.firewall.enable = false; } diff --git a/nixos/common/desktop/desktop-env.nix b/nixos/common/desktop/desktop-env.nix deleted file mode 100644 index 40625356..00000000 --- a/nixos/common/desktop/desktop-env.nix +++ /dev/null @@ -1,48 +0,0 @@ -{ pkgs, ...}: { - # TODO: Create Module - services.xserver.enable = true; - services.xserver.excludePackages = [ pkgs.xterm ]; - - # Configure keymap in X11 - services.xserver = { - layout = "us"; - xkbVariant = "altgr-intl"; - }; - - # Enable the GNOME Desktop Environment. - services.xserver.displayManager.gdm.enable = true; - services.xserver.desktopManager.gnome.enable = true; - services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; - environment.gnome.excludePackages = - (with pkgs; [ gnome-photos gnome-tour gnome-connections ]) - ++ (with pkgs.gnome; [ - atomix # puzzle game - epiphany # web browser - geary # email reader - gedit # text editor - gnome-calendar - gnome-clocks - gnome-contacts - gnome-maps - gnome-music - gnome-notes - gnome-terminal - gnome-weather - hitori # sudoku game - iagno # go game - simple-scan # document scanner - tali # poker game - totem # video player - ]); - - # Services required for gnome - programs.dconf.enable = true; - services.dbus.enable = true; - services.udisks2.enable = true; - - # Extra gnome packages - environment.systemPackages = with pkgs; [ - gnome.gnome-tweaks - gnome.gnome-boxes - ]; -} diff --git a/nixos/common/modules/default.nix b/nixos/common/modules/default.nix index 3680ca0f..3e78f278 100644 --- a/nixos/common/modules/default.nix +++ b/nixos/common/modules/default.nix @@ -2,6 +2,7 @@ imports = [ ./dns.nix ./flood.nix + ./gnome ./unpackerr.nix ./vault.nix ]; diff --git a/nixos/hosts/thalassa/aoife/home/dconf.nix b/nixos/common/modules/gnome/dconf.nix similarity index 97% rename from nixos/hosts/thalassa/aoife/home/dconf.nix rename to nixos/common/modules/gnome/dconf.nix index 9b1e5750..14fa0b9f 100644 --- a/nixos/hosts/thalassa/aoife/home/dconf.nix +++ b/nixos/common/modules/gnome/dconf.nix @@ -19,7 +19,7 @@ in { dconf.settings = { "org/gnome/desktop/input-sources" = { sources = [ (mkTuple [ "xkb" "us+altgr-intl" ]) ]; - xkb-options = [ "terminate:ctrl_alt_bksp" "caps:swapescape" ]; + xkb-options = [ "terminate:ctrl_alt_bksp" ]; }; "org/gnome/desktop/peripherals/touchpad" = { diff --git a/nixos/common/modules/gnome/default.nix b/nixos/common/modules/gnome/default.nix new file mode 100644 index 00000000..4b72f6ba --- /dev/null +++ b/nixos/common/modules/gnome/default.nix @@ -0,0 +1,59 @@ +{ config, pkgs, lib, flat_hosts, ... }: +with lib; +let cfg = config.services.v.gnome; + +in { + options.services.v.gnome = { enable = mkEnableOption "v.gnome"; }; + + config = mkIf cfg.enable { + services.xserver.enable = true; + services.xserver.excludePackages = [ pkgs.xterm ]; + + home-manager.sharedModules = [ + ./dconf.nix + ]; + + # Configure keymap in X11 + services.xserver = { + layout = "us"; + xkbVariant = "altgr-intl"; + }; + + # Enable the GNOME Desktop Environment. + services.xserver.displayManager.gdm.enable = true; + services.xserver.desktopManager.gnome.enable = true; + services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; + environment.gnome.excludePackages = + (with pkgs; [ gnome-photos gnome-tour gnome-connections ]) + ++ (with pkgs.gnome; [ + atomix # puzzle game + epiphany # web browser + geary # email reader + gedit # text editor + gnome-calendar + gnome-clocks + gnome-contacts + gnome-maps + gnome-music + gnome-notes + gnome-terminal + gnome-weather + hitori # sudoku game + iagno # go game + simple-scan # document scanner + tali # poker game + totem # video player + ]); + + # Services required for gnome + programs.dconf.enable = true; + services.dbus.enable = true; + services.udisks2.enable = true; + + # Extra gnome packages + environment.systemPackages = with pkgs; [ + gnome.gnome-tweaks + gnome.gnome-boxes + ]; + }; +} diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index 1dd5b4d7..29ed1f3c 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -8,7 +8,6 @@ ./hardware-configuration.nix inputs.nixos-hardware.nixosModules.lenovo-thinkpad-z ./hardware.nix - ./networking.nix ]; # Bootloader. diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index c2421bad..84adb338 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -12,7 +12,10 @@ in { home.homeDirectory = "/home/victor"; home.stateVersion = "23.05"; - imports = [ ./dconf.nix ./theme.nix ./neovim.nix ]; + imports = [ ./theme.nix ./neovim.nix ]; + + # Custom dconf settings + dconf.settings."org/gnome/desktop/input-sources".xkb-options = [ "caps:swapescape"]; home.packages = with pkgs; [ btop diff --git a/nixos/hosts/thalassa/aoife/networking.nix b/nixos/hosts/thalassa/aoife/networking.nix deleted file mode 100644 index 826668a9..00000000 --- a/nixos/hosts/thalassa/aoife/networking.nix +++ /dev/null @@ -1,5 +0,0 @@ -_: { - networking.networkmanager.enable = true; - networking.firewall.checkReversePath = false; - networking.firewall.enable = false; -} diff --git a/nixos/hosts/thalassa/eevee/configuration.nix b/nixos/hosts/thalassa/eevee/configuration.nix index cd7294e0..69d17a92 100644 --- a/nixos/hosts/thalassa/eevee/configuration.nix +++ b/nixos/hosts/thalassa/eevee/configuration.nix @@ -7,7 +7,6 @@ ../../../common/desktop ./hardware-configuration.nix ./hardware.nix - ./networking.nix ]; home-manager = { diff --git a/nixos/hosts/thalassa/eevee/home/dconf.nix b/nixos/hosts/thalassa/eevee/home/dconf.nix deleted file mode 100644 index 32c102d9..00000000 --- a/nixos/hosts/thalassa/eevee/home/dconf.nix +++ /dev/null @@ -1,91 +0,0 @@ -{ lib, ... }: - -with lib.hm.gvariant; -let - inherit (builtins) attrNames map; - inherit (lib.attrsets) mapAttrs' nameValuePair; - generate_custom_keybindings = binds: - { - "org/gnome/settings-daemon/plugins/media-keys" = { - custom-keybindings = map (name: - "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/${name}/") - (attrNames binds); - }; - } // mapAttrs' (name: - nameValuePair - "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/${name}") - binds; -in { - dconf.settings = { - "org/gnome/desktop/input-sources" = { - sources = [ (mkTuple [ "xkb" "us+altgr-intl" ]) ]; - }; - - "org/gnome/desktop/peripherals/mouse" = { - accel-profile = "flat"; - }; - - "org/gnome/desktop/peripherals/touchpad" = { - tap-to-click = true; - two-finger-scrolling-enabled = true; - }; - - "org/gnome/mutter" = { - attach-modal-dialogs = true; - dynamic-workspaces = false; - edge-tiling = true; - focus-change-on-pointer-rest = true; - workspaces-only-on-primary = true; - }; - - "org/gnome/mutter/keybindings" = { - toggle-tiled-left = [ "bracketleft" ]; - toggle-tiled-right = [ "bracketright" ]; - }; - - "org/gnome/shell/keybindings" = { toggle-overview = [ "d" ]; }; - - "org/gnome/desktop/interface" = { color-scheme = "prefer-dark"; }; - - "org/gnome/desktop/wm/preferences" = { - auto-raise = false; - num-workspaces = 6; - focus-mode = "sloppy"; - }; - - "org/gnome/desktop/wm/keybindings" = { - raise-or-lower = [ "s" ]; - switch-applications = [ "Tab" ]; - switch-applications-backward = [ "Tab" ]; - move-to-workspace-1 = [ "exclam" ]; - move-to-workspace-2 = [ "at" ]; - move-to-workspace-3 = [ "numbersign" ]; - move-to-workspace-4 = [ "dollar" ]; - move-to-workspace-5 = [ "percent" ]; - move-to-workspace-6 = [ "asciicircum" ]; - switch-to-workspace-1 = [ "1" ]; - switch-to-workspace-2 = [ "2" ]; - switch-to-workspace-3 = [ "3" ]; - switch-to-workspace-4 = [ "4" ]; - switch-to-workspace-5 = [ "5" ]; - switch-to-workspace-6 = [ "6" ]; - toggle-fullscreen = [ "M" ]; - toggle-maximized = [ "m" ]; - }; - - "org/gnome/tweaks" = { show-extensions-notice = false; }; - - "org/gnome/boxes" = { first-run = false; }; - } // generate_custom_keybindings { - "terminal" = { - binding = "Return"; - command = "kgx"; - name = "Open Terminal"; - }; - "firefox" = { - binding = "f"; - command = "firefox"; - name = "Open Firefox"; - }; - }; -} diff --git a/nixos/hosts/thalassa/eevee/home/default.nix b/nixos/hosts/thalassa/eevee/home/default.nix index 4aaf26f4..6bf9335d 100644 --- a/nixos/hosts/thalassa/eevee/home/default.nix +++ b/nixos/hosts/thalassa/eevee/home/default.nix @@ -11,11 +11,11 @@ in { home.homeDirectory = "/home/victor"; home.stateVersion = "23.05"; - imports = [ - ./dconf.nix - ./theme.nix - ./neovim.nix - ]; + imports = [ ./theme.nix ./neovim.nix ]; + + dconf.settings."org/gnome/desktop/peripherals/mouse" = { + accel-profile = "flat"; + }; home.packages = with pkgs; [ btop diff --git a/nixos/hosts/thalassa/eevee/networking.nix b/nixos/hosts/thalassa/eevee/networking.nix deleted file mode 100644 index 826668a9..00000000 --- a/nixos/hosts/thalassa/eevee/networking.nix +++ /dev/null @@ -1,5 +0,0 @@ -_: { - networking.networkmanager.enable = true; - networking.firewall.checkReversePath = false; - networking.firewall.enable = false; -} -- 2.47.1 From 2dfc594aadff776a00eec74f72e108eefdd4a053 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 25 Apr 2023 09:50:25 +0200 Subject: [PATCH 1487/1882] more dedup --- nixos/common/default.nix | 3 +- nixos/common/hm-modules/catppuccin.nix | 40 ++++++++ nixos/common/hm-modules/default.nix | 4 +- nixos/common/hm-modules/nvim.nix | 101 ++++++++++++++++++++ nixos/common/modules/gnome/default.nix | 1 + nixos/hosts/thalassa/aoife/home/default.nix | 15 ++- nixos/hosts/thalassa/aoife/home/neovim.nix | 94 ------------------ nixos/hosts/thalassa/aoife/home/nvim.lua | 0 nixos/hosts/thalassa/aoife/home/theme.nix | 32 ------- nixos/hosts/thalassa/eevee/home/default.nix | 8 +- nixos/hosts/thalassa/eevee/home/neovim.nix | 94 ------------------ nixos/hosts/thalassa/eevee/home/nvim.lua | 0 12 files changed, 159 insertions(+), 233 deletions(-) create mode 100644 nixos/common/hm-modules/catppuccin.nix create mode 100644 nixos/common/hm-modules/nvim.nix delete mode 100644 nixos/hosts/thalassa/aoife/home/neovim.nix delete mode 100644 nixos/hosts/thalassa/aoife/home/nvim.lua delete mode 100644 nixos/hosts/thalassa/aoife/home/theme.nix delete mode 100644 nixos/hosts/thalassa/eevee/home/neovim.nix delete mode 100644 nixos/hosts/thalassa/eevee/home/nvim.lua diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 09ef92a3..7d08263b 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -6,7 +6,8 @@ nix.nixPath = [ "nixpkgs=${inputs.nixpkgs}" ]; nix.registry.nixpkgs.flake = inputs.nixpkgs; - home-manager.sharedModules = [ ./hm-modules ]; + home-manager.sharedModules = + [ ./hm-modules inputs.nixvim.homeManagerModules.nixvim ]; vault-secrets = let inherit (config.networking) domain hostName; diff --git a/nixos/common/hm-modules/catppuccin.nix b/nixos/common/hm-modules/catppuccin.nix new file mode 100644 index 00000000..a60b67b8 --- /dev/null +++ b/nixos/common/hm-modules/catppuccin.nix @@ -0,0 +1,40 @@ +{ config, pkgs, lib, ... }: +with lib; +let cfg = config.themes.v.catppuccin; +in { + options.themes.v.catppuccin = { + enable = mkEnableOption "catppuccin"; + }; + config = let + theme = "Catppuccin-Pink-Dark"; + cursorTheme = config.home.pointerCursor.name; + in mkIf cfg.enable { + home.pointerCursor = { + name = "Bibata_Ghost"; + size = 24; + package = pkgs.bibata-cursors-translucent; + }; + + gtk = { + enable = true; + theme = { + name = theme; + package = pkgs.catppuccin-gtk; + }; + iconTheme = { + name = "Papirus-Dark"; + package = pkgs.papirus-icon-theme.override { color = "violet"; }; + }; + cursorTheme = { + name = cursorTheme; + inherit (config.home.pointerCursor) package size; + }; + }; + + programs.vscode = { + userSettings."workbench.colorTheme" = "Catppuccin Frappé"; + extensions = [ pkgs.vscode-extensions.catppuccin.catppuccin-vsc ]; + }; + }; +} + diff --git a/nixos/common/hm-modules/default.nix b/nixos/common/hm-modules/default.nix index 9676a72e..844e7b60 100644 --- a/nixos/common/hm-modules/default.nix +++ b/nixos/common/hm-modules/default.nix @@ -1,5 +1,7 @@ { ... }: { imports = [ + ./catppuccin.nix + ./nvim.nix ./riff.nix ]; -} \ No newline at end of file +} diff --git a/nixos/common/hm-modules/nvim.nix b/nixos/common/hm-modules/nvim.nix new file mode 100644 index 00000000..2541697f --- /dev/null +++ b/nixos/common/hm-modules/nvim.nix @@ -0,0 +1,101 @@ +{ config, pkgs, lib, ... }: +with lib; +let cfg = config.programs.v.nvim; +in { + options.programs.v.nvim = { + enable = mkEnableOption "nvim"; + }; + config = mkIf cfg.enable { + programs.nixvim = { + enable = true; + package = pkgs.neovim-unwrapped; + vimAlias = true; + + globals = { mapleader = " "; }; + + maps.normal = { + "ff" = "lua require('telescope.builtin').find_files()"; + "fg" = "lua require('telescope.builtin').live_grep()"; + "" = + "lua require('Comment.api').toggle.linewise.current()"; # map ctrl+/ to commenting code + }; + + extraPlugins = with pkgs.vimPlugins; [ catppuccin-nvim luasnip ]; + + colorscheme = "catppuccin-frappe"; + + extraConfigLua = ""; + + plugins = { + bufferline.enable = true; + nix.enable = true; + treesitter = { + enable = true; + nixGrammars = true; + # ensureInstalled = [ ]; + }; + surround.enable = true; + fugitive.enable = true; + gitgutter.enable = true; + lualine = { + enable = true; + theme = "catppuccin"; + }; + telescope = { + enable = true; + extensions.fzf-native.enable = true; + extensions.fzf-native.fuzzy = true; + }; + comment-nvim = { enable = true; }; + lsp = { + enable = true; + servers.rust-analyzer.enable = true; + servers.rnix-lsp.enable = true; + servers.pyright.enable = true; + servers.elixirls.enable = true; + servers.clangd.enable = true; + }; + trouble.enable = true; + lspkind.enable = true; + nvim-cmp = { + enable = true; + autoEnableSources = true; + sources = [ + { name = "nvim_lsp"; } + { name = "cmp-latex-symbols"; } + { + name = "luasnip"; + option = { show_autosnippets = true; }; + } + { name = "cmp-spell"; } + { name = "cmp-rg"; } + { name = "path"; } + { name = "buffer"; } + ]; + snippet.expand = "luasnip"; + mappingPresets = [ "insert" "cmdline" ]; + mapping = { + "" = "cmp.mapping.confirm({ select = true })"; + "" = { + modes = [ "i" "s" ]; + action = '' + function(fallback) + local luasnip = require('luasnip') + if cmp.visible() then + cmp.select_next_item() + elseif luasnip.expandable() then + luasnip.expand() + elseif luasnip.expand_or_jumpable() then + luasnip.expand_or_jump() + else + fallback() + end + end + ''; + }; + }; + }; + }; + }; + }; +} diff --git a/nixos/common/modules/gnome/default.nix b/nixos/common/modules/gnome/default.nix index 4b72f6ba..b4040dce 100644 --- a/nixos/common/modules/gnome/default.nix +++ b/nixos/common/modules/gnome/default.nix @@ -9,6 +9,7 @@ in { services.xserver.enable = true; services.xserver.excludePackages = [ pkgs.xterm ]; + # Add Home-manager dconf stuff home-manager.sharedModules = [ ./dconf.nix ]; diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index 84adb338..14b34116 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -8,15 +8,20 @@ let in { programs.home-manager.enable = true; + imports = []; + home.username = "victor"; home.homeDirectory = "/home/victor"; home.stateVersion = "23.05"; - imports = [ ./theme.nix ./neovim.nix ]; + # Enable catppuccin theme + themes.v.catppuccin.enable = true; # Custom dconf settings dconf.settings."org/gnome/desktop/input-sources".xkb-options = [ "caps:swapescape"]; + programs.v.nvim.enable = true; + home.packages = with pkgs; [ btop calibre @@ -188,13 +193,5 @@ in { templates = "${home}/.templates"; videos = "${home}/cloud/Videos"; }; - - # xdg.configFile."electron-flags.conf".text = '' - # --enable-features=UseOzonePlatform - # --ozone-platform=wayland - # --enable-features=WaylandWindowDecorations - # --ozone-platform-hint=auto - # ''; - services.syncthing.enable = true; } diff --git a/nixos/hosts/thalassa/aoife/home/neovim.nix b/nixos/hosts/thalassa/aoife/home/neovim.nix deleted file mode 100644 index 494acd2d..00000000 --- a/nixos/hosts/thalassa/aoife/home/neovim.nix +++ /dev/null @@ -1,94 +0,0 @@ -{ inputs, pkgs, ... }: { - imports = [ inputs.nixvim.homeManagerModules.nixvim ]; - programs.nixvim = { - enable = true; - package = pkgs.neovim-unwrapped; - vimAlias = true; - - globals = { mapleader = " "; }; - - maps.normal = { - "ff" = "lua require('telescope.builtin').find_files()"; - "fg" = "lua require('telescope.builtin').live_grep()"; - "" = - "lua require('Comment.api').toggle.linewise.current()"; # map ctrl+/ to commenting code - }; - - extraPlugins = with pkgs.vimPlugins; [ catppuccin-nvim luasnip ]; - - colorscheme = "catppuccin-frappe"; - - extraConfigLua = builtins.readFile ./nvim.lua; - - plugins = { - bufferline.enable = true; - nix.enable = true; - treesitter = { - enable = true; - nixGrammars = true; - # ensureInstalled = [ ]; - }; - surround.enable = true; - fugitive.enable = true; - gitgutter.enable = true; - lualine = { - enable = true; - theme = "catppuccin"; - }; - telescope = { - enable = true; - extensions.fzf-native.enable = true; - extensions.fzf-native.fuzzy = true; - }; - comment-nvim = { enable = true; }; - lsp = { - enable = true; - servers.rust-analyzer.enable = true; - servers.rnix-lsp.enable = true; - servers.pyright.enable = true; - servers.elixirls.enable = true; - servers.clangd.enable = true; - }; - trouble.enable = true; - lspkind.enable = true; - nvim-cmp = { - enable = true; - autoEnableSources = true; - sources = [ - { name = "nvim_lsp"; } - { name = "cmp-latex-symbols"; } - { - name = "luasnip"; - option = { show_autosnippets = true; }; - } - { name = "cmp-spell"; } - { name = "cmp-rg"; } - { name = "path"; } - { name = "buffer"; } - ]; - snippet.expand = "luasnip"; - mappingPresets = [ "insert" "cmdline" ]; - mapping = { - "" = "cmp.mapping.confirm({ select = true })"; - "" = { - modes = [ "i" "s" ]; - action = '' - function(fallback) - local luasnip = require('luasnip') - if cmp.visible() then - cmp.select_next_item() - elseif luasnip.expandable() then - luasnip.expand() - elseif luasnip.expand_or_jumpable() then - luasnip.expand_or_jump() - else - fallback() - end - end - ''; - }; - }; - }; - }; - }; -} diff --git a/nixos/hosts/thalassa/aoife/home/nvim.lua b/nixos/hosts/thalassa/aoife/home/nvim.lua deleted file mode 100644 index e69de29b..00000000 diff --git a/nixos/hosts/thalassa/aoife/home/theme.nix b/nixos/hosts/thalassa/aoife/home/theme.nix deleted file mode 100644 index f48e44c8..00000000 --- a/nixos/hosts/thalassa/aoife/home/theme.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ lib, pkgs, config, ... }: -let - theme = "Catppuccin-Pink-Dark"; - cursorTheme = config.home.pointerCursor.name; -in { - home.pointerCursor = { - name = "Bibata_Ghost"; - size = 24; - package = pkgs.bibata-cursors-translucent; - }; - - gtk = { - enable = true; - theme = { - name = theme; - package = pkgs.catppuccin-gtk; - }; - iconTheme = { - name = "Papirus-Dark"; - package = pkgs.papirus-icon-theme.override { color = "violet"; }; - }; - cursorTheme = { - name = cursorTheme; - inherit (config.home.pointerCursor) package size; - }; - }; - - programs.vscode = { - userSettings."workbench.colorTheme" = "Catppuccin Frappé"; - extensions = [ pkgs.vscode-extensions.catppuccin.catppuccin-vsc ]; - }; -} diff --git a/nixos/hosts/thalassa/eevee/home/default.nix b/nixos/hosts/thalassa/eevee/home/default.nix index 6bf9335d..22b8f6d4 100644 --- a/nixos/hosts/thalassa/eevee/home/default.nix +++ b/nixos/hosts/thalassa/eevee/home/default.nix @@ -11,12 +11,16 @@ in { home.homeDirectory = "/home/victor"; home.stateVersion = "23.05"; - imports = [ ./theme.nix ./neovim.nix ]; - dconf.settings."org/gnome/desktop/peripherals/mouse" = { accel-profile = "flat"; }; + # Enable my neovim config + programs.v.nvim.enable = true; + + # Enable catppuccin theme + themes.v.catppuccin.enable = true; + home.packages = with pkgs; [ btop calibre diff --git a/nixos/hosts/thalassa/eevee/home/neovim.nix b/nixos/hosts/thalassa/eevee/home/neovim.nix deleted file mode 100644 index 494acd2d..00000000 --- a/nixos/hosts/thalassa/eevee/home/neovim.nix +++ /dev/null @@ -1,94 +0,0 @@ -{ inputs, pkgs, ... }: { - imports = [ inputs.nixvim.homeManagerModules.nixvim ]; - programs.nixvim = { - enable = true; - package = pkgs.neovim-unwrapped; - vimAlias = true; - - globals = { mapleader = " "; }; - - maps.normal = { - "ff" = "lua require('telescope.builtin').find_files()"; - "fg" = "lua require('telescope.builtin').live_grep()"; - "" = - "lua require('Comment.api').toggle.linewise.current()"; # map ctrl+/ to commenting code - }; - - extraPlugins = with pkgs.vimPlugins; [ catppuccin-nvim luasnip ]; - - colorscheme = "catppuccin-frappe"; - - extraConfigLua = builtins.readFile ./nvim.lua; - - plugins = { - bufferline.enable = true; - nix.enable = true; - treesitter = { - enable = true; - nixGrammars = true; - # ensureInstalled = [ ]; - }; - surround.enable = true; - fugitive.enable = true; - gitgutter.enable = true; - lualine = { - enable = true; - theme = "catppuccin"; - }; - telescope = { - enable = true; - extensions.fzf-native.enable = true; - extensions.fzf-native.fuzzy = true; - }; - comment-nvim = { enable = true; }; - lsp = { - enable = true; - servers.rust-analyzer.enable = true; - servers.rnix-lsp.enable = true; - servers.pyright.enable = true; - servers.elixirls.enable = true; - servers.clangd.enable = true; - }; - trouble.enable = true; - lspkind.enable = true; - nvim-cmp = { - enable = true; - autoEnableSources = true; - sources = [ - { name = "nvim_lsp"; } - { name = "cmp-latex-symbols"; } - { - name = "luasnip"; - option = { show_autosnippets = true; }; - } - { name = "cmp-spell"; } - { name = "cmp-rg"; } - { name = "path"; } - { name = "buffer"; } - ]; - snippet.expand = "luasnip"; - mappingPresets = [ "insert" "cmdline" ]; - mapping = { - "" = "cmp.mapping.confirm({ select = true })"; - "" = { - modes = [ "i" "s" ]; - action = '' - function(fallback) - local luasnip = require('luasnip') - if cmp.visible() then - cmp.select_next_item() - elseif luasnip.expandable() then - luasnip.expand() - elseif luasnip.expand_or_jumpable() then - luasnip.expand_or_jump() - else - fallback() - end - end - ''; - }; - }; - }; - }; - }; -} diff --git a/nixos/hosts/thalassa/eevee/home/nvim.lua b/nixos/hosts/thalassa/eevee/home/nvim.lua deleted file mode 100644 index e69de29b..00000000 -- 2.47.1 From e13781ffb2260f893af46d40a79b6d93bf5f78ef Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 25 Apr 2023 10:04:50 +0200 Subject: [PATCH 1488/1882] even more dedupe --- nixos/common/desktop/README.md | 10 +- nixos/common/desktop/home.nix | 94 +++++++++ nixos/common/hm-modules/default.nix | 1 + nixos/common/hm-modules/vscode.nix | 68 +++++++ nixos/common/modules/gnome/default.nix | 2 +- .../modules/gnome/{dconf.nix => hm.nix} | 34 ++++ nixos/hosts/thalassa/aoife/home/default.nix | 191 +----------------- nixos/hosts/thalassa/eevee/home/default.nix | 183 +---------------- 8 files changed, 213 insertions(+), 370 deletions(-) create mode 100644 nixos/common/desktop/home.nix create mode 100644 nixos/common/hm-modules/vscode.nix rename nixos/common/modules/gnome/{dconf.nix => hm.nix} (67%) diff --git a/nixos/common/desktop/README.md b/nixos/common/desktop/README.md index 48683a66..0db6d202 100644 --- a/nixos/common/desktop/README.md +++ b/nixos/common/desktop/README.md @@ -1 +1,9 @@ -# Common NixOS Config shared between desktop and laptop +# Common Desktop Config +This is where I store the NixOS config that is common between +my laptop and desktop + +## Files +* `./default.nix`: Contains common systemwide configuration + * See also <../modules> +* `./home.nix`: Contains common user-level configuration + * See also <../hm-modules> diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix new file mode 100644 index 00000000..17e74f32 --- /dev/null +++ b/nixos/common/desktop/home.nix @@ -0,0 +1,94 @@ +{ pkgs, inputs, config, ... }: +let + tex = pkgs.texlive.combine { + inherit (pkgs.texlive) scheme-full; + dnd-5e-latex-template = { pkgs = [ pkgs.v.dnd-5e-latex-template ]; }; + }; + my-python-packages = ps: with ps; [ pandas requests numpy ]; +in { + home.packages = with pkgs; [ + btop + calibre + element-desktop + fusee-launcher + gcc + gimp + inputs.comma.packages.${pkgs.system}.default + inputs.webcord.packages.${pkgs.system}.default + jetbrains.clion + jetbrains.idea-ultimate + mullvad-vpn + neofetch + nixfmt + nixpkgs-review + (python3.withPackages my-python-packages) + plex-media-player + rustup + solo2-cli + tex + yt-dlp + ]; + + themes.v.catppuccin.enable = true; + programs.v.nvim.enable = true; + programs.v.vscode.enable = true; + + programs.riff = { + enable = true; + direnv = true; + }; + programs.exa = { + enable = true; + enableAliases = true; + }; + + programs.bat.enable = true; + + programs.git = { + enable = true; + package = pkgs.gitAndTools.gitFull; + userName = "Victor"; + userEmail = "victor@xirion.net"; + lfs.enable = true; + # delta.enable = true; + extraConfig = { + push.autoSetupRemote = true; + init.defaultBranch = "main"; + }; + }; + + programs.tmux = { + enable = true; + shortcut = "b"; + terminal = "screen-256color"; + clock24 = true; + }; + + programs.firefox.enable = true; + + programs.direnv = { + enable = true; + nix-direnv.enable = true; + }; + + programs.zsh = { + enable = true; + sessionVariables = { DIRENV_LOG_FORMAT = ""; }; + }; + + # Syncthing + services.syncthing.enable = true; + xdg.userDirs = let home = config.home.homeDirectory; + in { + enable = true; + createDirectories = true; + desktop = "${home}/.desktop"; + documents = "${home}/cloud/Documents"; + download = "${home}/dl"; + music = "${home}/cloud/Music"; + pictures = "${home}/cloud/Pictures"; + publicShare = "${home}/.publicShare"; + templates = "${home}/.templates"; + videos = "${home}/cloud/Videos"; + }; +} diff --git a/nixos/common/hm-modules/default.nix b/nixos/common/hm-modules/default.nix index 844e7b60..8dabd6c3 100644 --- a/nixos/common/hm-modules/default.nix +++ b/nixos/common/hm-modules/default.nix @@ -3,5 +3,6 @@ ./catppuccin.nix ./nvim.nix ./riff.nix + ./vscode.nix ]; } diff --git a/nixos/common/hm-modules/vscode.nix b/nixos/common/hm-modules/vscode.nix new file mode 100644 index 00000000..5a2b95a4 --- /dev/null +++ b/nixos/common/hm-modules/vscode.nix @@ -0,0 +1,68 @@ +{ config, pkgs, lib, ... }: +with lib; +let cfg = config.programs.v.vscode; +in { + options.programs.v.vscode = { enable = mkEnableOption "vscode"; }; + config = mkIf cfg.enable { + programs.vscode = { + enable = true; + package = pkgs.vscode; + userSettings = { + "ltex.language" = "en-GB"; + "latex-workshop.linting.chktex.enabled" = true; + "latex-workshop.latex.clean.subfolder.enabled" = true; + "latex-workshop.latex.outDir" = "%TMPDIR%/%RELATIVE_DOC%"; + "editor.fontFamily" = + "'DejaVuSansMono Nerd Font', 'monospace', monospace"; + "keyboard.dispatch" = "keyCode"; + "rust-analyzer.server.path" = "${pkgs.rust-analyzer}/bin/rust-analyzer"; + "terminal.integrated.defaultProfile.linux" = "zsh"; + "nix.enableLanguageServer" = true; # Enable LSP. + "nix.serverPath" = "${pkgs.nil}/bin/nil"; + "[nix]" = { "editor.defaultFormatter" = "brettm12345.nixfmt-vscode"; }; + "rust-analyzer.checkOnSave.command" = "clippy"; + "debug.allowBreakpointsEverywhere" = true; + # Don't index unecessary things + "files.exclude" = { + "**/.vscode" = true; + "**/.git" = true; + "**/.svn" = true; + "**/.hg" = true; + "**/.deps" = true; + "**/CVS" = true; + "**/.DS_Store" = true; + "/bin" = true; + "/boot" = true; + "/cdrom" = true; + "/dev" = true; + "/proc" = true; + "/etc" = true; + "/nix" = true; + }; + }; + extensions = with pkgs.vscode-extensions; + with pkgs.v.vscode-extensions; [ + brettm12345.nixfmt-vscode + codezombiech.gitignore + editorconfig.editorconfig + foxundermoon.shell-format + james-yu.latex-workshop + jnoortheen.nix-ide + matklad.rust-analyzer + mkhl.direnv + ms-vscode-remote.remote-ssh + ms-vscode.cpptools + platformio.platformio-ide + redhat.vscode-yaml + tamasfe.even-better-toml + valentjn.vscode-ltex + vscodevim.vim + vadimcn.vscode-lldb + xaver.clang-format + sumneko.lua + ]; + }; + + }; +} + diff --git a/nixos/common/modules/gnome/default.nix b/nixos/common/modules/gnome/default.nix index b4040dce..04d59499 100644 --- a/nixos/common/modules/gnome/default.nix +++ b/nixos/common/modules/gnome/default.nix @@ -11,7 +11,7 @@ in { # Add Home-manager dconf stuff home-manager.sharedModules = [ - ./dconf.nix + ./hm.nix ]; # Configure keymap in X11 diff --git a/nixos/common/modules/gnome/dconf.nix b/nixos/common/modules/gnome/hm.nix similarity index 67% rename from nixos/common/modules/gnome/dconf.nix rename to nixos/common/modules/gnome/hm.nix index 14fa0b9f..cba3ba8f 100644 --- a/nixos/common/modules/gnome/dconf.nix +++ b/nixos/common/modules/gnome/hm.nix @@ -16,6 +16,40 @@ let "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/${name}") binds; in { + xdg.mimeApps.enable = true; + xdg.mimeApps.defaultApplications = { + "text/html" = "firefox.desktop"; + "text/plain" = "org.gnome.TextEditor.desktop"; + "application/pdf" = "org.gnome.Evince.desktop"; + + # Images + "image/bmp" = "org.gnome.eog.desktop"; + "image/gif" = "org.gnome.eog.desktop"; + "image/jpg" = "org.gnome.eog.desktop"; + "image/pjpeg" = "org.gnome.eog.desktop"; + "image/png" = "org.gnome.eog.desktop"; + "image/tiff" = "org.gnome.eog.desktop"; + "image/webp" = "org.gnome.eog.desktop"; + "image/x-bmp" = "org.gnome.eog.desktop"; + "image/x-gray" = "org.gnome.eog.desktop"; + "image/x-icb" = "org.gnome.eog.desktop"; + "image/x-ico" = "org.gnome.eog.desktop"; + "image/x-png" = "org.gnome.eog.desktop"; + "image/x-portable-anymap" = "org.gnome.eog.desktop"; + "image/x-portable-bitmap" = "org.gnome.eog.desktop"; + "image/x-portable-graymap" = "org.gnome.eog.desktop"; + "image/x-portable-pixmap" = "org.gnome.eog.desktop"; + "image/x-xbitmap" = "org.gnome.eog.desktop"; + "image/x-xpixmap" = "org.gnome.eog.desktop"; + "image/x-pcx" = "org.gnome.eog.desktop"; + "image/svg+xml" = "org.gnome.eog.desktop"; + "image/svg+xml-compressed" = "org.gnome.eog.desktop"; + "image/vnd.wap.wbmp" = "org.gnome.eog.desktop"; + "image/x-icns" = "org.gnome.eog.desktop"; + }; + + + dconf.settings = { "org/gnome/desktop/input-sources" = { sources = [ (mkTuple [ "xkb" "us+altgr-intl" ]) ]; diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index 14b34116..c84a0733 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -1,197 +1,14 @@ -{ lib, config, pkgs, inputs, ... }: -let - tex = pkgs.texlive.combine { - inherit (pkgs.texlive) scheme-full; - dnd-5e-latex-template = { pkgs = [ pkgs.v.dnd-5e-latex-template ]; }; - }; - my-python-packages = ps: with ps; [ pandas requests numpy ]; -in { +{ ... }: { programs.home-manager.enable = true; - imports = []; - home.username = "victor"; home.homeDirectory = "/home/victor"; home.stateVersion = "23.05"; - # Enable catppuccin theme - themes.v.catppuccin.enable = true; + imports = [ ../../../../common/desktop/home.nix ]; # Custom dconf settings - dconf.settings."org/gnome/desktop/input-sources".xkb-options = [ "caps:swapescape"]; - - programs.v.nvim.enable = true; - - home.packages = with pkgs; [ - btop - calibre - element-desktop - fusee-launcher - gcc - gimp - inputs.comma.packages.${pkgs.system}.default - inputs.webcord.packages.${pkgs.system}.default - jetbrains.clion - jetbrains.idea-ultimate - mullvad-vpn - neofetch - nixfmt - nixpkgs-review - (python3.withPackages my-python-packages) - plex-media-player - rustup - solo2-cli - tex - yt-dlp - ]; - - programs.riff = { - enable = true; - direnv = true; + dconf.settings."org/gnome/desktop/input-sources" = { + xkb-options = [ "caps:swapescape" ]; }; - - xdg.mimeApps.enable = true; - xdg.mimeApps.defaultApplications = { - "text/html" = "firefox.desktop"; - "text/plain" = "org.gnome.TextEditor.desktop"; - "application/pdf" = "org.gnome.Evince.desktop"; - - # Images - "image/bmp" = "org.gnome.eog.desktop"; - "image/gif" = "org.gnome.eog.desktop"; - "image/jpg" = "org.gnome.eog.desktop"; - "image/pjpeg" = "org.gnome.eog.desktop"; - "image/png" = "org.gnome.eog.desktop"; - "image/tiff" = "org.gnome.eog.desktop"; - "image/webp" = "org.gnome.eog.desktop"; - "image/x-bmp" = "org.gnome.eog.desktop"; - "image/x-gray" = "org.gnome.eog.desktop"; - "image/x-icb" = "org.gnome.eog.desktop"; - "image/x-ico" = "org.gnome.eog.desktop"; - "image/x-png" = "org.gnome.eog.desktop"; - "image/x-portable-anymap" = "org.gnome.eog.desktop"; - "image/x-portable-bitmap" = "org.gnome.eog.desktop"; - "image/x-portable-graymap" = "org.gnome.eog.desktop"; - "image/x-portable-pixmap" = "org.gnome.eog.desktop"; - "image/x-xbitmap" = "org.gnome.eog.desktop"; - "image/x-xpixmap" = "org.gnome.eog.desktop"; - "image/x-pcx" = "org.gnome.eog.desktop"; - "image/svg+xml" = "org.gnome.eog.desktop"; - "image/svg+xml-compressed" = "org.gnome.eog.desktop"; - "image/vnd.wap.wbmp" = "org.gnome.eog.desktop"; - "image/x-icns" = "org.gnome.eog.desktop"; - }; - - programs.exa = { - enable = true; - enableAliases = true; - }; - - programs.bat.enable = true; - - programs.git = { - enable = true; - package = pkgs.gitAndTools.gitFull; - userName = "Victor"; - userEmail = "victor@xirion.net"; - lfs.enable = true; - # delta.enable = true; - extraConfig = { - push.autoSetupRemote = true; - init.defaultBranch = "main"; - }; - }; - - programs.tmux = { - enable = true; - shortcut = "b"; - terminal = "screen-256color"; - clock24 = true; - }; - - programs.firefox.enable = true; - - programs.vscode = { - enable = true; - package = pkgs.vscode; - userSettings = { - "ltex.language" = "en-GB"; - "latex-workshop.linting.chktex.enabled" = true; - "latex-workshop.latex.clean.subfolder.enabled" = true; - "latex-workshop.latex.outDir" = "%TMPDIR%/%RELATIVE_DOC%"; - "editor.fontFamily" = - "'DejaVuSansMono Nerd Font', 'monospace', monospace"; - "keyboard.dispatch" = "keyCode"; - "rust-analyzer.server.path" = "${pkgs.rust-analyzer}/bin/rust-analyzer"; - "terminal.integrated.defaultProfile.linux" = "zsh"; - "nix.enableLanguageServer" = true; # Enable LSP. - "nix.serverPath" = "${pkgs.nil}/bin/nil"; - "[nix]" = { "editor.defaultFormatter" = "brettm12345.nixfmt-vscode"; }; - "rust-analyzer.checkOnSave.command" = "clippy"; - "debug.allowBreakpointsEverywhere" = true; - # Don't index unecessary things - "files.exclude" = { - "**/.vscode" = true; - "**/.git" = true; - "**/.svn" = true; - "**/.hg" = true; - "**/.deps" = true; - "**/CVS" = true; - "**/.DS_Store" = true; - "/bin" = true; - "/boot" = true; - "/cdrom" = true; - "/dev" = true; - "/proc" = true; - "/etc" = true; - "/nix" = true; - }; - }; - extensions = with pkgs.vscode-extensions; - with pkgs.v.vscode-extensions; [ - brettm12345.nixfmt-vscode - codezombiech.gitignore - editorconfig.editorconfig - foxundermoon.shell-format - james-yu.latex-workshop - jnoortheen.nix-ide - matklad.rust-analyzer - mkhl.direnv - ms-vscode-remote.remote-ssh - ms-vscode.cpptools - platformio.platformio-ide - redhat.vscode-yaml - tamasfe.even-better-toml - valentjn.vscode-ltex - vscodevim.vim - vadimcn.vscode-lldb - xaver.clang-format - sumneko.lua - ]; - }; - - programs.direnv = { - enable = true; - nix-direnv.enable = true; - }; - - programs.zsh = { - enable = true; - sessionVariables = { DIRENV_LOG_FORMAT = ""; }; - }; - - xdg.userDirs = let home = config.home.homeDirectory; - in { - enable = true; - createDirectories = true; - desktop = "${home}/.desktop"; - documents = "${home}/cloud/Documents"; - download = "${home}/dl"; - music = "${home}/cloud/Music"; - pictures = "${home}/cloud/Pictures"; - publicShare = "${home}/.publicShare"; - templates = "${home}/.templates"; - videos = "${home}/cloud/Videos"; - }; - services.syncthing.enable = true; } diff --git a/nixos/hosts/thalassa/eevee/home/default.nix b/nixos/hosts/thalassa/eevee/home/default.nix index 22b8f6d4..cbc0a038 100644 --- a/nixos/hosts/thalassa/eevee/home/default.nix +++ b/nixos/hosts/thalassa/eevee/home/default.nix @@ -11,188 +11,9 @@ in { home.homeDirectory = "/home/victor"; home.stateVersion = "23.05"; + imports = [ ../../../../common/desktop/home.nix ]; + dconf.settings."org/gnome/desktop/peripherals/mouse" = { accel-profile = "flat"; }; - - # Enable my neovim config - programs.v.nvim.enable = true; - - # Enable catppuccin theme - themes.v.catppuccin.enable = true; - - home.packages = with pkgs; [ - btop - calibre - element-desktop - fusee-launcher - gcc - gimp - inputs.comma.packages.${pkgs.system}.default - inputs.webcord.packages.${pkgs.system}.default - jetbrains.clion - jetbrains.idea-ultimate - mullvad-vpn - neofetch - nixfmt - nixpkgs-review - python3 - plex-media-player - rustup - solo2-cli - tex - yt-dlp - wootility - ]; - - programs.riff = { - enable = true; - direnv = true; - }; - - xdg.mimeApps.enable = true; - xdg.mimeApps.defaultApplications = { - "text/html" = "firefox.desktop"; - "text/plain" = "org.gnome.TextEditor.desktop"; - "application/pdf" = "org.gnome.Evince.desktop"; - - # Images - "image/bmp" = "org.gnome.eog.desktop"; - "image/gif" = "org.gnome.eog.desktop"; - "image/jpg" = "org.gnome.eog.desktop"; - "image/pjpeg" = "org.gnome.eog.desktop"; - "image/png" = "org.gnome.eog.desktop"; - "image/tiff" = "org.gnome.eog.desktop"; - "image/webp" = "org.gnome.eog.desktop"; - "image/x-bmp" = "org.gnome.eog.desktop"; - "image/x-gray" = "org.gnome.eog.desktop"; - "image/x-icb" = "org.gnome.eog.desktop"; - "image/x-ico" = "org.gnome.eog.desktop"; - "image/x-png" = "org.gnome.eog.desktop"; - "image/x-portable-anymap" = "org.gnome.eog.desktop"; - "image/x-portable-bitmap" = "org.gnome.eog.desktop"; - "image/x-portable-graymap" = "org.gnome.eog.desktop"; - "image/x-portable-pixmap" = "org.gnome.eog.desktop"; - "image/x-xbitmap" = "org.gnome.eog.desktop"; - "image/x-xpixmap" = "org.gnome.eog.desktop"; - "image/x-pcx" = "org.gnome.eog.desktop"; - "image/svg+xml" = "org.gnome.eog.desktop"; - "image/svg+xml-compressed" = "org.gnome.eog.desktop"; - "image/vnd.wap.wbmp" = "org.gnome.eog.desktop"; - "image/x-icns" = "org.gnome.eog.desktop"; - }; - - programs.exa = { - enable = true; - enableAliases = true; - }; - - programs.bat.enable = true; - - programs.git = { - enable = true; - package = pkgs.gitAndTools.gitFull; - userName = "Victor"; - userEmail = "victor@xirion.net"; - lfs.enable = true; - # delta.enable = true; - extraConfig = { - push.autoSetupRemote = true; - init.defaultBranch = "main"; - }; - }; - - programs.tmux = { - enable = true; - shortcut = "b"; - terminal = "screen-256color"; - clock24 = true; - }; - - programs.firefox.enable = true; - - programs.vscode = { - enable = true; - package = pkgs.vscode; - userSettings = { - "ltex.language" = "en-GB"; - "latex-workshop.linting.chktex.enabled" = true; - "latex-workshop.latex.clean.subfolder.enabled" = true; - "latex-workshop.latex.outDir" = "%TMPDIR%/%RELATIVE_DOC%"; - "editor.fontFamily" = - "'DejaVuSansMono Nerd Font', 'monospace', monospace"; - "keyboard.dispatch" = "keyCode"; - "rust-analyzer.server.path" = "${pkgs.rust-analyzer}/bin/rust-analyzer"; - "terminal.integrated.defaultProfile.linux" = "zsh"; - "nix.enableLanguageServer" = true; # Enable LSP. - "nix.serverPath" = "${pkgs.nil}/bin/nil"; - "[nix]" = { "editor.defaultFormatter" = "brettm12345.nixfmt-vscode"; }; - "rust-analyzer.checkOnSave.command" = "clippy"; - "debug.allowBreakpointsEverywhere" = true; - # Don't index unecessary things - "files.exclude" = { - "**/.vscode" = true; - "**/.git" = true; - "**/.svn" = true; - "**/.hg" = true; - "**/.deps" = true; - "**/CVS" = true; - "**/.DS_Store" = true; - "/bin" = true; - "/boot" = true; - "/cdrom" = true; - "/dev" = true; - "/proc" = true; - "/etc" = true; - "/nix" = true; - }; - }; - extensions = with pkgs.vscode-extensions; - with pkgs.v.vscode-extensions; [ - brettm12345.nixfmt-vscode - codezombiech.gitignore - editorconfig.editorconfig - foxundermoon.shell-format - james-yu.latex-workshop - jnoortheen.nix-ide - matklad.rust-analyzer - mkhl.direnv - ms-vscode-remote.remote-ssh - ms-vscode.cpptools - platformio.platformio-ide - redhat.vscode-yaml - tamasfe.even-better-toml - valentjn.vscode-ltex - vscodevim.vim - vadimcn.vscode-lldb - xaver.clang-format - sumneko.lua - ]; - }; - - programs.direnv = { - enable = true; - nix-direnv.enable = true; - }; - - programs.zsh = { - enable = true; - sessionVariables = { DIRENV_LOG_FORMAT = ""; }; - }; - - xdg.userDirs = let home = config.home.homeDirectory; - in { - enable = true; - createDirectories = true; - desktop = "${home}/.desktop"; - documents = "${home}/cloud/Documents"; - download = "${home}/dl"; - music = "${home}/cloud/Music"; - pictures = "${home}/cloud/Pictures"; - publicShare = "${home}/.publicShare"; - templates = "${home}/.templates"; - videos = "${home}/cloud/Videos"; - }; - - services.syncthing.enable = true; } -- 2.47.1 From 3c63dd113c1ec3d9f6453407e4578bed6068170d Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 25 Apr 2023 10:29:08 +0200 Subject: [PATCH 1489/1882] deemix-gui, ded --- nixos/common/desktop/README.md | 4 +-- nixos/common/desktop/home.nix | 2 ++ nixos/common/modules/gnome/default.nix | 18 ++++++++---- nixos/pkgs/deemix-gui/default.nix | 40 -------------------------- nixos/pkgs/default.nix | 2 -- 5 files changed, 16 insertions(+), 50 deletions(-) delete mode 100644 nixos/pkgs/deemix-gui/default.nix diff --git a/nixos/common/desktop/README.md b/nixos/common/desktop/README.md index 0db6d202..32380744 100644 --- a/nixos/common/desktop/README.md +++ b/nixos/common/desktop/README.md @@ -4,6 +4,6 @@ my laptop and desktop ## Files * `./default.nix`: Contains common systemwide configuration - * See also <../modules> + * See also my NixOS [modules](../modules), specifically gnome * `./home.nix`: Contains common user-level configuration - * See also <../hm-modules> + * See also my Home-Manager [modules](../hm-modules) diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index 17e74f32..6458b8d9 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -29,6 +29,7 @@ in { yt-dlp ]; + # Enable my own hm modules themes.v.catppuccin.enable = true; programs.v.nvim.enable = true; programs.v.vscode.enable = true; @@ -37,6 +38,7 @@ in { enable = true; direnv = true; }; + programs.exa = { enable = true; enableAliases = true; diff --git a/nixos/common/modules/gnome/default.nix b/nixos/common/modules/gnome/default.nix index 04d59499..90b95a52 100644 --- a/nixos/common/modules/gnome/default.nix +++ b/nixos/common/modules/gnome/default.nix @@ -1,18 +1,24 @@ -{ config, pkgs, lib, flat_hosts, ... }: +{ config, pkgs, lib, ... }: with lib; let cfg = config.services.v.gnome; - in { - options.services.v.gnome = { enable = mkEnableOption "v.gnome"; }; + options.services.v.gnome = { + enable = mkEnableOption "v.gnome"; + hm = mkOption { + type = types.bool; + default = true; + description = '' + Whether to enable home manager integration to set default dconf values + ''; + }; + }; config = mkIf cfg.enable { services.xserver.enable = true; services.xserver.excludePackages = [ pkgs.xterm ]; # Add Home-manager dconf stuff - home-manager.sharedModules = [ - ./hm.nix - ]; + home-manager.sharedModules = mkIf cfg.hm [ ./hm.nix ]; # Configure keymap in X11 services.xserver = { diff --git a/nixos/pkgs/deemix-gui/default.nix b/nixos/pkgs/deemix-gui/default.nix deleted file mode 100644 index cb76d313..00000000 --- a/nixos/pkgs/deemix-gui/default.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ lib, stdenv, fetchurl, appimageTools, makeWrapper, electron }: - -stdenv.mkDerivation rec { - pname = "deemix-gui"; - version = "2022-08-20"; - - src = fetchurl { - url = "https://download.deemix.app/gui/linux-x64-latest.AppImage"; - sha256 = "sha256-e2neemsAzGniBpXIPYbKk5LQHoYLvFj5/8QszCcoTYM="; - name = "${pname}-${version}.AppImage"; - }; - - appimageContents = appimageTools.extractType2 { - name = "${pname}-${version}"; - inherit src; - }; - - dontUnpack = true; - dontConfigure = true; - dontBuild = true; - - nativeBuildInputs = [ makeWrapper ]; - - installPhase = '' - runHook preInstall - - mkdir -p $out/bin $out/share/${pname} $out/share/applications - - cp -a ${appimageContents}/{locales,resources} $out/share/${pname} - cp -a ${appimageContents}/usr/share/icons $out/share - - runHook postInstall - ''; - - postFixup = '' - makeWrapper ${electron}/bin/electron $out/bin/${pname} --add-flags $out/share/${pname}/resources/app.asar - ''; - - meta = { platforms = [ "x86_64-linux" ]; }; -} diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index 3a5edee5..d87e5646 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -3,8 +3,6 @@ final: prev: { v = { glitch-soc = prev.callPackage ./glitch-soc { }; - deemix-gui = prev.callPackage ./deemix-gui { }; - unbound = prev.unbound.override { withSystemd = true; withDoH = true; -- 2.47.1 From edffc5306c466b1da9914e599e3ec95756f4a346 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 26 Apr 2023 11:03:26 +0200 Subject: [PATCH 1490/1882] updates --- flake.lock | 7 ++++--- flake.nix | 2 +- nixos/hosts/thalassa/aoife/hardware.nix | 1 + 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index 2bd8a5a7..e7054eab 100644 --- a/flake.lock +++ b/flake.lock @@ -831,15 +831,16 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1682318825, - "narHash": "sha256-rTFe23xSneBU2AqiwTGnXyQBfIDyJzxRKdLYti4BgB8=", + "lastModified": 1682453498, + "narHash": "sha256-WoWiAd7KZt5Eh6n+qojcivaVpnXKqBsVgpixpV2L9CE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6577af679354e6df48fac646b46178455412abc1", + "rev": "c8018361fa1d1650ee8d4b96294783cf564e8a7f", "type": "github" }, "original": { "owner": "nixos", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 62264986..99fd58c9 100644 --- a/flake.nix +++ b/flake.nix @@ -9,7 +9,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "github:nixos/nixpkgs"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs_22-11.url = "github:nixos/nixpkgs/nixos-22.11"; nur.url = "github:nix-community/NUR"; diff --git a/nixos/hosts/thalassa/aoife/hardware.nix b/nixos/hosts/thalassa/aoife/hardware.nix index 5c891686..2875b28e 100644 --- a/nixos/hosts/thalassa/aoife/hardware.nix +++ b/nixos/hosts/thalassa/aoife/hardware.nix @@ -22,6 +22,7 @@ rocm-opencl-icd rocm-opencl-runtime ]; + systemd.tmpfiles.rules = [ "L+ /opt/rocm/hip - - - - ${pkgs.hip}" ]; -- 2.47.1 From ec53a3ad7af25fd08d6087467e02ee8e70d4b203 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 27 Apr 2023 14:36:43 +0200 Subject: [PATCH 1491/1882] eevee nvidia fuckery --- flake.lock | 32 ++++++++++---------- flake.nix | 2 +- nixos/hosts/thalassa/eevee/configuration.nix | 2 +- nixos/hosts/thalassa/eevee/hardware.nix | 21 +++++++++++-- 4 files changed, 36 insertions(+), 21 deletions(-) diff --git a/flake.lock b/flake.lock index fe330f38..92af707f 100644 --- a/flake.lock +++ b/flake.lock @@ -88,11 +88,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1675730932, - "narHash": "sha256-XcmirehPIcZGS7PzkS3WvAYQ9GBlBvCxYToIOIV2PVE=", + "lastModified": 1682202576, + "narHash": "sha256-vcTEEEHKx4PTfY80bUmZMwXRy0cTDJCkULHhqe1HJS8=", "owner": "zhaofengli", "repo": "colmena", - "rev": "e034c15825c439131e4489de5a82cf8e5398fa61", + "rev": "089431737e283ed3e402a7dff578cb442444c431", "type": "github" }, "original": { @@ -484,11 +484,11 @@ ] }, "locked": { - "lastModified": 1682072616, - "narHash": "sha256-sR5RL3LACGuq5oePcAoJ/e1S3vitKQQSNACMYmqIE1E=", + "lastModified": 1682203081, + "narHash": "sha256-kRL4ejWDhi0zph/FpebFYhzqlOBrk0Pl3dzGEKSAlEw=", "owner": "nix-community", "repo": "home-manager", - "rev": "47d6c3f65234230d37f1cf7d3d6b5575ec80fe0c", + "rev": "32d3e39c491e2f91152c84f8ad8b003420eab0a1", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1681932375, - "narHash": "sha256-tSXbYmpnKSSWpzOrs27ie8X3I0yqKA6AuCzCYNtwbCU=", + "lastModified": 1682134069, + "narHash": "sha256-TnI/ZXSmRxQDt2sjRYK/8j8iha4B4zP2cnQCZZ3vp7k=", "owner": "nixos", "repo": "nixpkgs", - "rev": "3d302c67ab8647327dba84fbdb443cdbf0e82744", + "rev": "fd901ef4bf93499374c5af385b2943f5801c0833", "type": "github" }, "original": { @@ -831,16 +831,16 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1681920287, - "narHash": "sha256-+/d6XQQfhhXVfqfLROJoqj3TuG38CAeoT6jO1g9r1k0=", + "lastModified": 1682243997, + "narHash": "sha256-yLsPkvrkRYYtDLndtBbgduG1ErNlbTkNlHzwyIMGaig=", "owner": "nixos", "repo": "nixpkgs", - "rev": "645bc49f34fa8eff95479f0345ff57e55b53437e", + "rev": "f423f57ba63782c3b13af0c3100f7863dc8c1e61", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable", + "ref": "master", "repo": "nixpkgs", "type": "github" } @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1682170448, - "narHash": "sha256-vYIeXWCl9hOTUKUA6RhS+XqN31VR+GJbcNxBYpjIQU4=", + "lastModified": 1682222997, + "narHash": "sha256-7PEtbnVsdj+wFiEA14NdwAcxHNlx6z4mJ6MCCWhLPJw=", "owner": "nix-community", "repo": "NUR", - "rev": "fe2bdf88ea839ca934412d8c9a7fad26893e481e", + "rev": "12ce41b211b7a85975703b6c66868fdd8dc1e42a", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 99fd58c9..10ef2bd9 100644 --- a/flake.nix +++ b/flake.nix @@ -9,7 +9,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:nixos/nixpkgs/master"; nixpkgs_22-11.url = "github:nixos/nixpkgs/nixos-22.11"; nur.url = "github:nix-community/NUR"; diff --git a/nixos/hosts/thalassa/eevee/configuration.nix b/nixos/hosts/thalassa/eevee/configuration.nix index 355b1712..403cc7f4 100644 --- a/nixos/hosts/thalassa/eevee/configuration.nix +++ b/nixos/hosts/thalassa/eevee/configuration.nix @@ -20,7 +20,7 @@ }; kernel.sysctl = { "fs.inotify.max_user_watches" = 524288; }; initrd = { - kernelModules = [ "amdgpu" ]; + kernelModules = [ "nvidia" "nvidia_modeset" "nvidia_uvm" "nvidia_drm" ]; systemd.enable = true; verbose = false; }; diff --git a/nixos/hosts/thalassa/eevee/hardware.nix b/nixos/hosts/thalassa/eevee/hardware.nix index d68fcc0a..6c441a41 100644 --- a/nixos/hosts/thalassa/eevee/hardware.nix +++ b/nixos/hosts/thalassa/eevee/hardware.nix @@ -5,9 +5,24 @@ services.hardware.bolt.enable = true; - hardware.opengl.enable = true; - hardware.nvidia.modesetting.enable = true; - hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable; + services.xserver.videoDrivers = [ "nvidia" ]; + hardware.nvidia = { + package = config.boot.kernelPackages.nvidiaPackages.beta; + + # Open drivers cause gdm to crash + # open = true; + + # nvidia-drm.modeset=1 + modesetting.enable = true; + }; + + # Hardware acceleration + hardware.opengl = { + enable = true; + + # Vulkan + driSupport = true; + }; services.udev.packages = with pkgs; [ wooting-udev-rules ]; -- 2.47.1 From f379f5bccb2c5a976c6f4966f1964551c39fa60a Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 28 Apr 2023 10:28:06 +0200 Subject: [PATCH 1492/1882] updates and migrations --- flake.lock | 1266 ++++++++++++++++++ flake.nix | 6 +- nixos/common/desktop/default.nix | 4 +- nixos/hosts/olympus/dhcp/configuration.nix | 74 + nixos/hosts/olympus/gitea/configuration.nix | 10 +- nixos/hosts/thalassa/eevee/configuration.nix | 8 - nixos/util.nix | 22 +- 7 files changed, 1363 insertions(+), 27 deletions(-) create mode 100644 flake.lock diff --git a/flake.lock b/flake.lock new file mode 100644 index 00000000..e7f7cb37 --- /dev/null +++ b/flake.lock @@ -0,0 +1,1266 @@ +{ + "nodes": { + "alejandra": { + "inputs": { + "fenix": "fenix_2", + "flakeCompat": "flakeCompat", + "nixpkgs": [ + "webcord", + "dream2nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1658427149, + "narHash": "sha256-ToD/1z/q5VHsLMrS2h96vjJoLho59eNRtknOUd19ey8=", + "owner": "kamadorueda", + "repo": "alejandra", + "rev": "f5a22afd2adfb249b4e68e0b33aa1f0fb73fb1be", + "type": "github" + }, + "original": { + "owner": "kamadorueda", + "repo": "alejandra", + "type": "github" + } + }, + "all-cabal-json": { + "flake": false, + "locked": { + "lastModified": 1665552503, + "narHash": "sha256-r14RmRSwzv5c+bWKUDaze6pXM7nOsiz1H8nvFHJvufc=", + "owner": "nix-community", + "repo": "all-cabal-json", + "rev": "d7c0434eebffb305071404edcf9d5cd99703878e", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "hackage", + "repo": "all-cabal-json", + "type": "github" + } + }, + "beautysh": { + "inputs": { + "nixpkgs": [ + "nixvim", + "nixpkgs" + ], + "poetry2nix": "poetry2nix", + "utils": "utils_3" + }, + "locked": { + "lastModified": 1680308980, + "narHash": "sha256-aUEHV0jk2qIFP3jlsWYWhBbm+w/N9gzH3e4I5DcdB5s=", + "owner": "lovesegfault", + "repo": "beautysh", + "rev": "9845efc3ea3e86cc0d41465d720a47f521b2799c", + "type": "github" + }, + "original": { + "owner": "lovesegfault", + "repo": "beautysh", + "type": "github" + } + }, + "blobs": { + "flake": false, + "locked": { + "lastModified": 1604995301, + "narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=", + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265", + "type": "gitlab" + }, + "original": { + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "type": "gitlab" + } + }, + "colmena": { + "inputs": { + "flake-compat": "flake-compat", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs", + "stable": "stable" + }, + "locked": { + "lastModified": 1682202576, + "narHash": "sha256-vcTEEEHKx4PTfY80bUmZMwXRy0cTDJCkULHhqe1HJS8=", + "owner": "zhaofengli", + "repo": "colmena", + "rev": "089431737e283ed3e402a7dff578cb442444c431", + "type": "github" + }, + "original": { + "owner": "zhaofengli", + "repo": "colmena", + "type": "github" + } + }, + "comma": { + "inputs": { + "flake-compat": "flake-compat_2", + "naersk": "naersk", + "nixpkgs": "nixpkgs_2", + "utils": "utils" + }, + "locked": { + "lastModified": 1680733215, + "narHash": "sha256-5HNH/Lqj8OU/piH3tvPRkINXHHkt6bRp0QYYR4xOybE=", + "owner": "nix-community", + "repo": "comma", + "rev": "ef97634016d17cc8cdea396ebcc002320494391a", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "comma", + "type": "github" + } + }, + "crane": { + "flake": false, + "locked": { + "lastModified": 1670284777, + "narHash": "sha256-JF0pc0s4z/X+Iy+lNHOwUQ8I5bz+q7uX4HrKTNIEj24=", + "owner": "ipetkov", + "repo": "crane", + "rev": "2243fb9c872de25cb564a02d324ea6a5b9853052", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "devshell": { + "flake": false, + "locked": { + "lastModified": 1663445644, + "narHash": "sha256-+xVlcK60x7VY1vRJbNUEAHi17ZuoQxAIH4S4iUFUGBA=", + "owner": "numtide", + "repo": "devshell", + "rev": "e3dc3e21594fe07bdb24bdf1c8657acaa4cb8f66", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "devshell", + "type": "github" + } + }, + "dream2nix": { + "inputs": { + "alejandra": "alejandra", + "all-cabal-json": "all-cabal-json", + "crane": "crane", + "devshell": "devshell", + "flake-parts": "flake-parts", + "flake-utils-pre-commit": "flake-utils-pre-commit", + "ghc-utils": "ghc-utils", + "gomod2nix": "gomod2nix", + "mach-nix": "mach-nix", + "nix-pypi-fetcher": "nix-pypi-fetcher", + "nixpkgs": [ + "webcord", + "nixpkgs" + ], + "poetry2nix": "poetry2nix_2", + "pre-commit-hooks": "pre-commit-hooks_2" + }, + "locked": { + "lastModified": 1670715183, + "narHash": "sha256-l3OhVCCimrN1HFPfqfKAyzuMuPxNXZYLsI9w7AaQXv8=", + "owner": "nix-community", + "repo": "dream2nix", + "rev": "3d6f13ef9d4cb8c41bc83383bbec3e74865ef90d", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "dream2nix", + "type": "github" + } + }, + "fenix": { + "inputs": { + "nixpkgs": [ + "riff", + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src" + }, + "locked": { + "lastModified": 1674282107, + "narHash": "sha256-0wBK+1IMJdAkckR715ssMPFUhCAqRpRcppGwraiWREU=", + "owner": "nix-community", + "repo": "fenix", + "rev": "18fc1446c44e05165437c5900b95670166a09270", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, + "fenix_2": { + "inputs": { + "nixpkgs": [ + "webcord", + "dream2nix", + "alejandra", + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src_2" + }, + "locked": { + "lastModified": 1657607339, + "narHash": "sha256-HaqoAwlbVVZH2n4P3jN2FFPMpVuhxDy1poNOR7kzODc=", + "owner": "nix-community", + "repo": "fenix", + "rev": "b814c83d9e6aa5a28d0cf356ecfdafb2505ad37d", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_4": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_5": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "id": "flake-compat", + "type": "indirect" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1668450977, + "narHash": "sha256-cfLhMhnvXn6x1vPm+Jow3RiFAUSCw/l1utktCw5rVA4=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "d591857e9d7dd9ddbfba0ea02b43b927c3c0f1fa", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-utils": { + "locked": { + "lastModified": 1659877975, + "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils-pre-commit": { + "locked": { + "lastModified": 1644229661, + "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1681202837, + "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { + "locked": { + "lastModified": 1678901627, + "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6", + "type": "github" + }, + "original": { + "id": "flake-utils", + "type": "indirect" + } + }, + "flakeCompat": { + "flake": false, + "locked": { + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "ghc-utils": { + "flake": false, + "locked": { + "lastModified": 1662774800, + "narHash": "sha256-1Rd2eohGUw/s1tfvkepeYpg8kCEXiIot0RijapUjAkE=", + "ref": "refs/heads/master", + "rev": "bb3a2d3dc52ff0253fb9c2812bd7aa2da03e0fea", + "revCount": 1072, + "type": "git", + "url": "https://gitlab.haskell.org/bgamari/ghc-utils" + }, + "original": { + "type": "git", + "url": "https://gitlab.haskell.org/bgamari/ghc-utils" + } + }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "nixvim", + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1660459072, + "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "gomod2nix": { + "flake": false, + "locked": { + "lastModified": 1627572165, + "narHash": "sha256-MFpwnkvQpauj799b4QTBJQFEddbD02+Ln5k92QyHOSk=", + "owner": "tweag", + "repo": "gomod2nix", + "rev": "67f22dd738d092c6ba88e420350ada0ed4992ae8", + "type": "github" + }, + "original": { + "owner": "tweag", + "repo": "gomod2nix", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1682663009, + "narHash": "sha256-i5ZDuY5kUBDwbWFUludL2cm6PBb6oj245qTFXSpOkdo=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "43ba4489bd3f9f69519f5f7ebdb76d0455eccbbe", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "hyprpaper": { + "inputs": { + "nixpkgs": "nixpkgs_3" + }, + "locked": { + "lastModified": 1682542538, + "narHash": "sha256-752hHXEGsvKdw1Hm2LoFfi6sj2zVxu2AuKi4sRA7HN0=", + "owner": "hyprwm", + "repo": "hyprpaper", + "rev": "b4fdc0be52d7c3e48e932698bafc3f69dbd45b3b", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprpaper", + "type": "github" + } + }, + "lowdown-src": { + "flake": false, + "locked": { + "lastModified": 1633514407, + "narHash": "sha256-Dw32tiMjdK9t3ETl5fzGrutQTzh2rufgZV4A/BbxuD4=", + "owner": "kristapsdz", + "repo": "lowdown", + "rev": "d2c2b44ff6c27b936ec27358a2653caaef8f73b8", + "type": "github" + }, + "original": { + "owner": "kristapsdz", + "repo": "lowdown", + "type": "github" + } + }, + "mach-nix": { + "flake": false, + "locked": { + "lastModified": 1634711045, + "narHash": "sha256-m5A2Ty88NChLyFhXucECj6+AuiMZPHXNbw+9Kcs7F6Y=", + "owner": "DavHau", + "repo": "mach-nix", + "rev": "4433f74a97b94b596fa6cd9b9c0402104aceef5d", + "type": "github" + }, + "original": { + "id": "mach-nix", + "type": "indirect" + } + }, + "mailserver": { + "inputs": { + "blobs": "blobs", + "flake-compat": "flake-compat_3", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-22_11": "nixpkgs-22_11", + "utils": "utils_2" + }, + "locked": { + "lastModified": 1671738303, + "narHash": "sha256-PRgqtaWf2kMSYqVmcnmhTh+UsC0RmvXRTr+EOw5VZUA=", + "owner": "simple-nixos-mailserver", + "repo": "nixos-mailserver", + "rev": "6d0d9fb966cc565a3df74d3b686f924c7615118c", + "type": "gitlab" + }, + "original": { + "owner": "simple-nixos-mailserver", + "repo": "nixos-mailserver", + "type": "gitlab" + } + }, + "naersk": { + "inputs": { + "nixpkgs": [ + "comma", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1679567394, + "narHash": "sha256-ZvLuzPeARDLiQUt6zSZFGOs+HZmE+3g4QURc8mkBsfM=", + "owner": "nix-community", + "repo": "naersk", + "rev": "88cd22380154a2c36799fe8098888f0f59861a15", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "master", + "repo": "naersk", + "type": "github" + } + }, + "naersk_2": { + "inputs": { + "nixpkgs": [ + "riff", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1671096816, + "narHash": "sha256-ezQCsNgmpUHdZANDCILm3RvtO1xH8uujk/+EqNvzIOg=", + "owner": "nix-community", + "repo": "naersk", + "rev": "d998160d6a076cfe8f9741e56aeec7e267e3e114", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "naersk", + "type": "github" + } + }, + "nix": { + "inputs": { + "lowdown-src": "lowdown-src", + "nixpkgs": "nixpkgs_7", + "nixpkgs-regression": "nixpkgs-regression" + }, + "locked": { + "lastModified": 1654239108, + "narHash": "sha256-0JzuElxLe5DxM+R4tvBYfvQnMGCERZy4KMRf0JYxxS4=", + "owner": "nixos", + "repo": "nix", + "rev": "1dd7253133c4dfd2e7a16ad6fe505442cef38a5b", + "type": "github" + }, + "original": { + "id": "nix", + "type": "indirect" + } + }, + "nix-pypi-fetcher": { + "flake": false, + "locked": { + "lastModified": 1669065297, + "narHash": "sha256-UStjXjNIuIm7SzMOWvuYWIHBkPUKQ8Id63BMJjnIDoA=", + "owner": "DavHau", + "repo": "nix-pypi-fetcher", + "rev": "a9885ac6a091576b5195d547ac743d45a2a615ac", + "type": "github" + }, + "original": { + "owner": "DavHau", + "repo": "nix-pypi-fetcher", + "type": "github" + } + }, + "nixlib": { + "locked": { + "lastModified": 1681001314, + "narHash": "sha256-5sDnCLdrKZqxLPK4KA8+f4A3YKO/u6ElpMILvX0g72c=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "367c0e1086a4eb4502b24d872cea2c7acdd557f4", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, + "nixos-generators": { + "inputs": { + "nixlib": "nixlib", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1682332772, + "narHash": "sha256-GMoWhChQdeNM2FFqVbEZgBABSdi/+JgSP6v+jUz5b24=", + "owner": "nix-community", + "repo": "nixos-generators", + "rev": "d774aeedc0685e5871be1e1ee0511900deeb21c2", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixos-generators", + "type": "github" + } + }, + "nixos-hardware": { + "locked": { + "lastModified": 1679726555, + "narHash": "sha256-h7Dd/uWu7i5Yv1E+DweyJJUzTvGWXqfSo8/hz1YEolY=", + "owner": "toastal", + "repo": "nixos-hardware", + "rev": "0889479119961000c4a15801a0343cd1f11de556", + "type": "github" + }, + "original": { + "owner": "toastal", + "ref": "z-series-no-hidpi", + "repo": "nixos-hardware", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1674641431, + "narHash": "sha256-qfo19qVZBP4qn5M5gXc/h1MDgAtPA5VxJm9s8RUAkVk=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "9b97ad7b4330aacda9b2343396eb3df8a853b4fc", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-22_11": { + "locked": { + "lastModified": 1669558522, + "narHash": "sha256-yqxn+wOiPqe6cxzOo4leeJOp1bXE/fjPEi/3F/bBHv8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "ce5fe99df1f15a09a91a86be9738d68fadfbad82", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-22.11", + "type": "indirect" + } + }, + "nixpkgs-lib": { + "locked": { + "dir": "lib", + "lastModified": 1665349835, + "narHash": "sha256-UK4urM3iN80UXQ7EaOappDzcisYIuEURFRoGQ/yPkug=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "34c5293a71ffdb2fe054eb5288adc1882c1eb0b1", + "type": "github" + }, + "original": { + "dir": "lib", + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-regression": { + "locked": { + "lastModified": 1643052045, + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + } + }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1678872516, + "narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1680668850, + "narHash": "sha256-mQMg13yRsS0LXVzaeoSPwqgPO6yhkGzGewPgMSqXSv8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "4a65e9f64e53fdca6eed31adba836717a11247d2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_22-11": { + "locked": { + "lastModified": 1682538316, + "narHash": "sha256-YuHgVsR7S9zxJWHo7lo2ugd+uDC4ESWg1hA4bEZQv3Y=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "15b75800dce80225b44f067c9012b09de37dfad2", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1674641431, + "narHash": "sha256-qfo19qVZBP4qn5M5gXc/h1MDgAtPA5VxJm9s8RUAkVk=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "9b97ad7b4330aacda9b2343396eb3df8a853b4fc", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1682664408, + "narHash": "sha256-mcRZGPQlBUbEtN4NktKWYiIK7i1Xvh9J7FhkJW3m0uU=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "e78597da26edb3c9eee26ab2cb2dd892a82239b9", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "master", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1682526928, + "narHash": "sha256-2cKh4O6t1rQ8Ok+v16URynmb0rV7oZPEbXkU0owNLQs=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "d6b863fd9b7bb962e6f9fdf292419a775e772891", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_6": { + "locked": { + "lastModified": 1672580127, + "narHash": "sha256-3lW3xZslREhJogoOkjeZtlBtvFMyxHku7I/9IVehhT8=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "0874168639713f547c05947c76124f78441ea46c", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-22.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_7": { + "locked": { + "lastModified": 1645296114, + "narHash": "sha256-y53N7TyIkXsjMpOG7RhvqJFGDacLs9HlyHeSTBioqYU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "530a53dcbc9437363471167a5e4762c5fcfa34a1", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-21.05-small", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_8": { + "locked": { + "lastModified": 1674736538, + "narHash": "sha256-/DszFMkAgYyB9dTWKkoZa9i0zcrA6Z4hYrOr/u/FSxY=", + "owner": "serokell", + "repo": "nixpkgs", + "rev": "1dfdbb65d77430fc0935e8592d0abc4addcce711", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs_9": { + "locked": { + "lastModified": 1670507980, + "narHash": "sha256-riNZa0xzM1it3pzxciwALeMs+0CsBMWIW2FqulzK8vM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "2787fc7d1e51404678614bf0fe92fc296746eec0", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixvim": { + "inputs": { + "beautysh": "beautysh", + "flake-utils": "flake-utils_2", + "nixpkgs": "nixpkgs_5", + "pre-commit-hooks": "pre-commit-hooks" + }, + "locked": { + "lastModified": 1682592279, + "narHash": "sha256-lY3VXaPAid0rkeF2ZeK6a1O5kjFgMsafXu39S004Oc8=", + "owner": "pta2002", + "repo": "nixvim", + "rev": "7f36532bdb159df502e20ee53b733a4ca8d06e8c", + "type": "github" + }, + "original": { + "owner": "pta2002", + "repo": "nixvim", + "type": "github" + } + }, + "nur": { + "locked": { + "lastModified": 1682653517, + "narHash": "sha256-tDTiEPUr5dVTGP1zxHaA8V3T9GDrIMjj7CgXyB2mg50=", + "owner": "nix-community", + "repo": "NUR", + "rev": "7a3b12307da146d298c1c6b7d89e241df6504431", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "NUR", + "type": "github" + } + }, + "poetry2nix": { + "inputs": { + "flake-utils": [ + "nixvim", + "beautysh", + "utils" + ], + "nixpkgs": [ + "nixvim", + "beautysh", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1658665240, + "narHash": "sha256-/wkx7D7enyBPRjIkK0w7QxLQhzEkb3UxNQnjyc3FTUI=", + "owner": "nix-community", + "repo": "poetry2nix", + "rev": "8b8edc85d24661d5a6d0d71d6a7011f3e699780f", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "poetry2nix", + "type": "github" + } + }, + "poetry2nix_2": { + "flake": false, + "locked": { + "lastModified": 1666918719, + "narHash": "sha256-BkK42fjAku+2WgCOv2/1NrPa754eQPV7gPBmoKQBWlc=", + "owner": "nix-community", + "repo": "poetry2nix", + "rev": "289efb187123656a116b915206e66852f038720e", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "1.36.0", + "repo": "poetry2nix", + "type": "github" + } + }, + "pre-commit-hooks": { + "inputs": { + "flake-compat": "flake-compat_4", + "flake-utils": "flake-utils_3", + "gitignore": "gitignore", + "nixpkgs": [ + "nixvim", + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1682326782, + "narHash": "sha256-wj7p7iEwQXAfTZ6QokAe0dMbpQk5u7ympDnaiPvbv1w=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "56cd2d47a9c937be98ab225cf014b450f1533cdb", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, + "pre-commit-hooks_2": { + "inputs": { + "flake-utils": [ + "webcord", + "dream2nix", + "flake-utils-pre-commit" + ], + "nixpkgs": [ + "webcord", + "dream2nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1646153636, + "narHash": "sha256-AlWHMzK+xJ1mG267FdT8dCq/HvLCA6jwmx2ZUy5O8tY=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "b6bc0b21e1617e2b07d8205e7fae7224036dfa4b", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, + "riff": { + "inputs": { + "fenix": "fenix", + "naersk": "naersk_2", + "nixpkgs": "nixpkgs_6" + }, + "locked": { + "lastModified": 1677774593, + "narHash": "sha256-Drh8t1PPm7xSU8EzDkL2tJf7u75/jUiUKnVBarQkFro=", + "owner": "DeterminateSystems", + "repo": "riff", + "rev": "330868ae137cd8baefa6fb53e1cf5847ad7d2320", + "type": "github" + }, + "original": { + "owner": "DeterminateSystems", + "repo": "riff", + "type": "github" + } + }, + "root": { + "inputs": { + "colmena": "colmena", + "comma": "comma", + "home-manager": "home-manager", + "hyprpaper": "hyprpaper", + "mailserver": "mailserver", + "nixos-generators": "nixos-generators", + "nixos-hardware": "nixos-hardware", + "nixpkgs": "nixpkgs_4", + "nixpkgs_22-11": "nixpkgs_22-11", + "nixvim": "nixvim", + "nur": "nur", + "riff": "riff", + "vault-secrets": "vault-secrets", + "webcord": "webcord" + } + }, + "rust-analyzer-src": { + "flake": false, + "locked": { + "lastModified": 1674253028, + "narHash": "sha256-OzdEJpxIZw50DuZ1aBJlZnJ/GxHfKhexhn4Eu53YnEo=", + "owner": "rust-lang", + "repo": "rust-analyzer", + "rev": "9a6294d7038e7eab00beafdf64ec4aa50a4c66a2", + "type": "github" + }, + "original": { + "owner": "rust-lang", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, + "rust-analyzer-src_2": { + "flake": false, + "locked": { + "lastModified": 1657557289, + "narHash": "sha256-PRW+nUwuqNTRAEa83SfX+7g+g8nQ+2MMbasQ9nt6+UM=", + "owner": "rust-lang", + "repo": "rust-analyzer", + "rev": "caf23f29144b371035b864a1017dbc32573ad56d", + "type": "github" + }, + "original": { + "owner": "rust-lang", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, + "stable": { + "locked": { + "lastModified": 1669735802, + "narHash": "sha256-qtG/o/i5ZWZLmXw108N2aPiVsxOcidpHJYNkT45ry9Q=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "731cc710aeebecbf45a258e977e8b68350549522", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "utils": { + "locked": { + "lastModified": 1678901627, + "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "utils_2": { + "locked": { + "lastModified": 1605370193, + "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5021eac20303a61fafe17224c087f5519baed54d", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "utils_3": { + "locked": { + "lastModified": 1678901627, + "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "vault-secrets": { + "inputs": { + "flake-compat": "flake-compat_5", + "flake-utils": "flake-utils_4", + "nix": "nix", + "nixpkgs": "nixpkgs_8" + }, + "locked": { + "lastModified": 1679628347, + "narHash": "sha256-FacS4utvrARToWss3REX/0KMiP87BXE+2xc3a+vrvQI=", + "owner": "serokell", + "repo": "vault-secrets", + "rev": "e4ec077c2650a6d5500b34d0baae2e0d4c61c2ff", + "type": "github" + }, + "original": { + "owner": "serokell", + "repo": "vault-secrets", + "type": "github" + } + }, + "webcord": { + "inputs": { + "dream2nix": "dream2nix", + "nixpkgs": "nixpkgs_9", + "webcord": "webcord_2" + }, + "locked": { + "lastModified": 1670874335, + "narHash": "sha256-nJ1LUVj3dIHP5B+XkZXUvY39OqaZn/MMHSFwsOSPnwI=", + "owner": "fufexan", + "repo": "webcord-flake", + "rev": "b462d57c36d664b48f047c96b2f9de091bff6e8b", + "type": "github" + }, + "original": { + "owner": "fufexan", + "repo": "webcord-flake", + "type": "github" + } + }, + "webcord_2": { + "flake": false, + "locked": { + "lastModified": 1670713990, + "narHash": "sha256-e+y/M+/gjezHoNrdXeFhqtvxbPdhRSDOQlwK1nUhNfo=", + "owner": "SpacingBat3", + "repo": "WebCord", + "rev": "80ba858c025e0bb59510f7136211948d8ae10ece", + "type": "github" + }, + "original": { + "owner": "SpacingBat3", + "repo": "WebCord", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix index 10ef2bd9..6e8a785f 100644 --- a/flake.nix +++ b/flake.nix @@ -123,13 +123,15 @@ proxmox-lxc = nixos-generators.nixosGenerate { inherit pkgs; format = "proxmox-lxc"; - modules = [ (import ./nixos/templates/proxmox-lxc.nix) ]; + modules = (util.base_imports) + ++ [ (import ./nixos/templates/proxmox-lxc.nix) ]; }; proxmox-vm = nixos-generators.nixosGenerate { inherit system pkgs; format = "proxmox"; - modules = [ (import ./nixos/templates/proxmox-vm.nix) ]; + modules = (util.base_imports) + ++ [ (import ./nixos/templates/proxmox-vm.nix) ]; }; }; diff --git a/nixos/common/desktop/default.nix b/nixos/common/desktop/default.nix index aac49709..9a93dbe1 100644 --- a/nixos/common/desktop/default.nix +++ b/nixos/common/desktop/default.nix @@ -1,7 +1,7 @@ -{ pkgs, ... }: { +{ pkgs, lib, ... }: { # Bootloader. boot = { - kernelPackages = pkgs.linuxPackages_latest; + kernelPackages = lib.mkDefault pkgs.linuxPackages_latest; loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; diff --git a/nixos/hosts/olympus/dhcp/configuration.nix b/nixos/hosts/olympus/dhcp/configuration.nix index 90fdb3cb..7feb05e2 100644 --- a/nixos/hosts/olympus/dhcp/configuration.nix +++ b/nixos/hosts/olympus/dhcp/configuration.nix @@ -6,6 +6,11 @@ let hostName = hostname; ipAddress = ip; }; + hostToKea = {hostname, mac, ip, ...}: { + inherit hostname; + hw-address = mac; + ip-address = ip; + }; localDomain = config.networking.domain; hosts = filter (h: hasAttr "ip" h && hasAttr "mac" h && h.realm == localDomain) @@ -51,4 +56,73 @@ in { ''; machines = map hostToDhcp hosts; }; + + services.kea = { + dhcp4 = { + enable = false; + settings = { + authoritative = true; + valid-lifetime = 4000; + rebind-timer = 2000; + renew-timer = 1000; + + interfaces-config.interfaces = [ "eth0" ]; + + lease-database = { + name = "/var/lib/kea/dhcp4.leases"; + persist = true; + type = "memfile"; + }; + + option-data = [ + { + space = "dhcp4"; + name = "subnet-mask"; + code = 1; + data = "255.255.254.0"; + } + { + space = "dhcp4"; + name = "broadcast-address"; + code = 28; + data = "10.42.43.255"; + } + { + space = "dhcp4"; + name = "routers"; + code = 3; + data = "10.42.42.1"; + } + { + space = "dhcp4"; + name = "domain-name-servers"; + code = 6; + data = "10.42.42.15; 10.42.42.16"; + } + { + space = "dhcp4"; + name = "domain-name"; + code = 15; + data = "${localDomain}"; + } + { + space = "dhcp4"; + name = "domain-search"; + code = 119; + data = "${localDomain}"; + } + ]; + + subnet4 = [{ + id = 1; + pools = [{ pool = "10.42.43.1 - 10.42.43.254"; }]; + subnet = "10.42.42.0/23"; + }]; + + host-reservation-identifiers = [ "hw-address" ]; + reservation-mode = "global"; + reservations = map hostToKea hosts; + }; + }; + }; } diff --git a/nixos/hosts/olympus/gitea/configuration.nix b/nixos/hosts/olympus/gitea/configuration.nix index 9a42841b..ca3a80c5 100644 --- a/nixos/hosts/olympus/gitea/configuration.nix +++ b/nixos/hosts/olympus/gitea/configuration.nix @@ -22,7 +22,7 @@ in environment.noXlibs = lib.mkForce false; - networking.firewall.allowedTCPPorts = [ config.services.gitea.httpPort ]; + networking.firewall.allowedTCPPorts = [ config.services.gitea.settings.server.HTTP_PORT ]; services.openssh.startWhenNeeded = false; @@ -47,9 +47,7 @@ in services.gitea = { enable = true; - domain = "git.0x76.dev"; package = pkgs.forgejo; - rootUrl = "https://git.0x76.dev"; lfs.enable = true; dump.type = "tar.gz"; database.type = "postgres"; @@ -80,8 +78,10 @@ in "USE_SERVICE_WORKER" = true; }; server = { - "LANDING_PAGE" = "explore"; - "SSH_PORT" = 42; + LANDING_PAGE = "explore"; + SSH_PORT = 42; + DOMAIN = "git.0x76.dev"; + ROOT_URL = "https://git.0x76.dev"; }; session = { "PROVIDER" = "db"; diff --git a/nixos/hosts/thalassa/eevee/configuration.nix b/nixos/hosts/thalassa/eevee/configuration.nix index f4aef52d..8e435acf 100644 --- a/nixos/hosts/thalassa/eevee/configuration.nix +++ b/nixos/hosts/thalassa/eevee/configuration.nix @@ -12,16 +12,8 @@ # Bootloader. boot = { kernelPackages = pkgs.linuxPackages_latest; - loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; - efi.efiSysMountPoint = "/boot/efi"; - }; - kernel.sysctl = { "fs.inotify.max_user_watches" = 524288; }; initrd = { kernelModules = [ "nvidia" "nvidia_modeset" "nvidia_uvm" "nvidia_drm" ]; - systemd.enable = true; - verbose = false; }; }; diff --git a/nixos/util.nix b/nixos/util.nix index 789976fc..42665e88 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -2,9 +2,11 @@ let inherit (builtins) filter attrValues concatMap mapAttrs; inherit (nixpkgs.lib.attrsets) mapAttrsToList; - # Helper function to resolve what should be imported depending on the type of config (lxc, vm, bare metal) - resolve_imports = let - # lookup table + base_imports = [ + home-manager.nixosModules.home-manager + mailserver.nixosModules.mailserver + ]; + type_import = let import_cases = { "lxc" = [ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" @@ -13,14 +15,14 @@ let "vm" = [ ./common/generic-vm.nix ]; "local" = [ ]; }; - in { hostname, realm, profile ? hostname, type ? "lxc", ... }: - [ - home-manager.nixosModules.home-manager - mailserver.nixosModules.mailserver - ./common - "${./.}/hosts/${realm}/${profile}/configuration.nix" - ] ++ import_cases.${type}; + in type: import_cases.${type} ++ base_imports; + # Helper function to resolve what should be imported depending on the type of config (lxc, vm, bare metal) + resolve_imports = { hostname, realm, profile ? hostname, type ? "lxc", ... }: + type_import type + ++ [ ./common "${./.}/hosts/${realm}/${profile}/configuration.nix" ]; + in { + inherit base_imports type_import resolve_imports; # Add to whatever realm a host belong to its list of tags add_realm_to_tags = mapAttrs (realm: mapAttrs (hostname: -- 2.47.1 From 28009de2c55fd97727bed08232aebb6505f34086 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 28 Apr 2023 10:37:37 +0200 Subject: [PATCH 1493/1882] simplify kea --- nixos/hosts/olympus/dhcp/configuration.nix | 21 ++++----------------- 1 file changed, 4 insertions(+), 17 deletions(-) diff --git a/nixos/hosts/olympus/dhcp/configuration.nix b/nixos/hosts/olympus/dhcp/configuration.nix index 7feb05e2..3ea6ed18 100644 --- a/nixos/hosts/olympus/dhcp/configuration.nix +++ b/nixos/hosts/olympus/dhcp/configuration.nix @@ -76,52 +76,39 @@ in { option-data = [ { - space = "dhcp4"; name = "subnet-mask"; - code = 1; data = "255.255.254.0"; } { - space = "dhcp4"; name = "broadcast-address"; - code = 28; data = "10.42.43.255"; } { - space = "dhcp4"; name = "routers"; - code = 3; data = "10.42.42.1"; } { - space = "dhcp4"; name = "domain-name-servers"; - code = 6; - data = "10.42.42.15; 10.42.42.16"; + data = "10.42.42.15, 10.42.42.16"; } { - space = "dhcp4"; name = "domain-name"; - code = 15; data = "${localDomain}"; } { - space = "dhcp4"; name = "domain-search"; - code = 119; data = "${localDomain}"; } ]; + host-reservation-identifiers = [ "hw-address" ]; + subnet4 = [{ id = 1; pools = [{ pool = "10.42.43.1 - 10.42.43.254"; }]; subnet = "10.42.42.0/23"; + reservations = map hostToKea hosts; }]; - - host-reservation-identifiers = [ "hw-address" ]; - reservation-mode = "global"; - reservations = map hostToKea hosts; }; }; }; -- 2.47.1 From 33fdd0b176c396d52d7b2404a4760308241c1788 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 28 Apr 2023 15:55:06 +0200 Subject: [PATCH 1494/1882] add auto unseal for vault-1 --- flake.lock | 99 ++++++++++++++++--- flake.nix | 6 +- nixos/common/modules/unpackerr.nix | 2 +- nixos/common/modules/vault.nix | 43 +++++++- nixos/hosts/olympus/vault-1/configuration.nix | 5 +- 5 files changed, 135 insertions(+), 20 deletions(-) diff --git a/flake.lock b/flake.lock index e7f7cb37..bdc6d68d 100644 --- a/flake.lock +++ b/flake.lock @@ -407,6 +407,24 @@ "type": "indirect" } }, + "flake-utils_5": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1681202837, + "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "flakeCompat": { "flake": false, "locked": { @@ -781,6 +799,22 @@ "type": "github" } }, + "nixpkgs_10": { + "locked": { + "lastModified": 1670507980, + "narHash": "sha256-riNZa0xzM1it3pzxciwALeMs+0CsBMWIW2FqulzK8vM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "2787fc7d1e51404678614bf0fe92fc296746eec0", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs_2": { "locked": { "lastModified": 1680668850, @@ -831,11 +865,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1682664408, - "narHash": "sha256-mcRZGPQlBUbEtN4NktKWYiIK7i1Xvh9J7FhkJW3m0uU=", + "lastModified": 1682688250, + "narHash": "sha256-eE/h7+V5M96HmobnZEPbPyinPv+Y+vcs/3gL55I7rRI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e78597da26edb3c9eee26ab2cb2dd892a82239b9", + "rev": "4452d55f8e5c2480b91bbe1eaf4b34c8ee07ebb9", "type": "github" }, "original": { @@ -909,15 +943,15 @@ }, "nixpkgs_9": { "locked": { - "lastModified": 1670507980, - "narHash": "sha256-riNZa0xzM1it3pzxciwALeMs+0CsBMWIW2FqulzK8vM=", - "owner": "NixOS", + "lastModified": 1682526928, + "narHash": "sha256-2cKh4O6t1rQ8Ok+v16URynmb0rV7oZPEbXkU0owNLQs=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "2787fc7d1e51404678614bf0fe92fc296746eec0", + "rev": "d6b863fd9b7bb962e6f9fdf292419a775e772891", "type": "github" }, "original": { - "owner": "NixOS", + "owner": "nixos", "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" @@ -931,11 +965,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1682592279, - "narHash": "sha256-lY3VXaPAid0rkeF2ZeK6a1O5kjFgMsafXu39S004Oc8=", + "lastModified": 1682677025, + "narHash": "sha256-HQ3E4JKHcj6MWwmo/JoGIrFhBymVszGyFoAv3R6JOxk=", "owner": "pta2002", "repo": "nixvim", - "rev": "7f36532bdb159df502e20ee53b733a4ca8d06e8c", + "rev": "3014192cdc6e5ac59e72c74baa6075c9c9148bfd", "type": "github" }, "original": { @@ -946,11 +980,11 @@ }, "nur": { "locked": { - "lastModified": 1682653517, - "narHash": "sha256-tDTiEPUr5dVTGP1zxHaA8V3T9GDrIMjj7CgXyB2mg50=", + "lastModified": 1682686658, + "narHash": "sha256-h2gpcWIEcO5CYfdLFBvxI59cOS65YJejpxVqdh1sZGU=", "owner": "nix-community", "repo": "NUR", - "rev": "7a3b12307da146d298c1c6b7d89e241df6504431", + "rev": "8814b947eb4f10b1f26ed7cb7b067c58b28b065a", "type": "github" }, "original": { @@ -1090,6 +1124,7 @@ "nur": "nur", "riff": "riff", "vault-secrets": "vault-secrets", + "vault-unseal": "vault-unseal", "webcord": "webcord" } }, @@ -1158,6 +1193,21 @@ "type": "github" } }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "utils": { "locked": { "lastModified": 1678901627, @@ -1224,10 +1274,29 @@ "type": "github" } }, + "vault-unseal": { + "inputs": { + "flake-utils": "flake-utils_5", + "nixpkgs": "nixpkgs_9" + }, + "locked": { + "lastModified": 1682689494, + "narHash": "sha256-ZGOJ5Mg92Vuf3mMlLL4hu6ENU4Ykk+uAjnoU+rdSFcM=", + "ref": "refs/heads/main", + "rev": "3393123d5814d572eeccb6c6163bab9f374550ca", + "revCount": 2, + "type": "git", + "url": "https://git.0x76.dev/v/vault-unseal.git" + }, + "original": { + "type": "git", + "url": "https://git.0x76.dev/v/vault-unseal.git" + } + }, "webcord": { "inputs": { "dream2nix": "dream2nix", - "nixpkgs": "nixpkgs_9", + "nixpkgs": "nixpkgs_10", "webcord": "webcord_2" }, "locked": { diff --git a/flake.nix b/flake.nix index 6e8a785f..cdabe0da 100644 --- a/flake.nix +++ b/flake.nix @@ -38,10 +38,12 @@ nixos-generators.inputs.nixpkgs.follows = "nixpkgs"; nixos-hardware.url = "github:toastal/nixos-hardware/z-series-no-hidpi"; + + vault-unseal.url = "git+https://git.0x76.dev/v/vault-unseal.git"; }; - outputs = { self, nixpkgs, nixpkgs_22-11, vault-secrets, colmena, home-manager - , hyprpaper, nixos-generators, nixos-hardware, nur, ... }@inputs: + outputs = { self, nixpkgs, nixpkgs_22-11, vault-secrets, colmena, hyprpaper + , nixos-generators, nur, ... }@inputs: let inherit (nixpkgs) lib; diff --git a/nixos/common/modules/unpackerr.nix b/nixos/common/modules/unpackerr.nix index 2d59cbf7..36f522b5 100644 --- a/nixos/common/modules/unpackerr.nix +++ b/nixos/common/modules/unpackerr.nix @@ -45,7 +45,7 @@ let type = types.bool; default = false; description = '' - Delete archives after import? + Delete archives after import? Recommend not setting this to true ''; }; diff --git a/nixos/common/modules/vault.nix b/nixos/common/modules/vault.nix index 65a87e63..62f4e053 100644 --- a/nixos/common/modules/vault.nix +++ b/nixos/common/modules/vault.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, flat_hosts, ... }: +{ config, pkgs, lib, flat_hosts, inputs, ... }: with lib; let cfg = config.services.v.vault; @@ -48,9 +48,31 @@ in { **note:** this has to be the same for all nodes in a cluster ''; }; + + autoUnseal = mkOption { + type = types.bool; + default = false; + description = '' + whether to auto-unseal this vault + ''; + }; + + autoUnsealTokenPath = mkOption { + type = types.str; + default = null; + example = "/var/lib/vault-unseal/keys.json"; + description = '' + auto unseal tokens to use + ''; + }; }; config = mkIf cfg.enable { + assertions = [{ + assertion = cfg.autoUnseal -> (cfg.autoUnsealTokenPath != null); + message = "If autoUnseal is enabled, a token path is required!"; + }]; + networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port cfg.clusterPort ]; @@ -71,5 +93,24 @@ in { cluster_addr = "http://${hostIP}:${toString cfg.clusterPort}" ''; }; + + systemd.services.vault-unseal = mkIf cfg.autoUnseal { + description = "Vault unseal service"; + wantedBy = [ "multi-user.target" ]; + after = [ "vault.service" ]; + environment = { + VAULT_ADDR = "http://localhost:${toString cfg.port}"; + VAULT_KEY_FILE = cfg.autoUnsealTokenPath; + }; + serviceConfig = { + User = "vault"; + Group = "vault"; + Type = "simple"; + Restart = "on-failure"; + ExecStart = "${ + inputs.vault-unseal.packages.${pkgs.system}.default + }/bin/vault-unseal"; + }; + }; }; } diff --git a/nixos/hosts/olympus/vault-1/configuration.nix b/nixos/hosts/olympus/vault-1/configuration.nix index 3ef0c94a..e5af75a5 100644 --- a/nixos/hosts/olympus/vault-1/configuration.nix +++ b/nixos/hosts/olympus/vault-1/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, hosts, ... }: { +_: { # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave @@ -16,5 +16,8 @@ enable = true; openFirewall = true; node_id = "olympus-2"; + + autoUnseal = true; + autoUnsealTokenPath = "/var/lib/vault-unseal/keys.json"; }; } -- 2.47.1 From bbe5bdca2d4c71008c84e4536c9dd4070fde6af7 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 28 Apr 2023 16:05:49 +0200 Subject: [PATCH 1495/1882] auto unseal more --- nixos/common/modules/vault.nix | 31 +++++++++++-------- nixos/hosts/olympus/vault-0/configuration.nix | 3 ++ nixos/hosts/olympus/vault-1/configuration.nix | 2 +- 3 files changed, 22 insertions(+), 14 deletions(-) diff --git a/nixos/common/modules/vault.nix b/nixos/common/modules/vault.nix index 62f4e053..f9b0390e 100644 --- a/nixos/common/modules/vault.nix +++ b/nixos/common/modules/vault.nix @@ -14,11 +14,11 @@ let '') vault_hosts); in { options.services.v.vault = { - enable = mkEnableOption "v.vault"; + enable = mkEnableOption "v's vault"; node_id = mkOption { type = types.str; - description = '' + description = lib.mdDoc '' The cluster node id of this node ''; }; @@ -26,15 +26,15 @@ in { openFirewall = mkOption { type = types.bool; default = false; - description = '' - Whether to open port port and clusterPort in the firewall for vault + description = lib.mdDoc '' + Whether to open port `port` and `clusterPort` in the firewall for vault ''; }; port = mkOption { type = types.int; default = 8200; - description = '' + description = lib.mdDoc '' The port vault listens on **note:** this has to be the same for all nodes in a cluster ''; @@ -43,7 +43,7 @@ in { clusterPort = mkOption { type = types.int; default = 8201; - description = '' + description = lib.mdDoc '' The cluster port vault listens on **note:** this has to be the same for all nodes in a cluster ''; @@ -52,24 +52,29 @@ in { autoUnseal = mkOption { type = types.bool; default = false; - description = '' - whether to auto-unseal this vault + description = lib.mdDoc '' + Whether to auto-unseal this vault ''; }; - autoUnsealTokenPath = mkOption { + autoUnsealKeysFile = mkOption { type = types.str; default = null; example = "/var/lib/vault-unseal/keys.json"; - description = '' - auto unseal tokens to use + description = lib.mdDoc '' + auto unseal keys to use, has to be a json file with the following structure + ```json + { + keys = [ key_1, ..., key_n ] + } + ``` ''; }; }; config = mkIf cfg.enable { assertions = [{ - assertion = cfg.autoUnseal -> (cfg.autoUnsealTokenPath != null); + assertion = cfg.autoUnseal -> (cfg.autoUnsealKeysFile != null); message = "If autoUnseal is enabled, a token path is required!"; }]; @@ -100,7 +105,7 @@ in { after = [ "vault.service" ]; environment = { VAULT_ADDR = "http://localhost:${toString cfg.port}"; - VAULT_KEY_FILE = cfg.autoUnsealTokenPath; + VAULT_KEY_FILE = cfg.autoUnsealKeysFile; }; serviceConfig = { User = "vault"; diff --git a/nixos/hosts/olympus/vault-0/configuration.nix b/nixos/hosts/olympus/vault-0/configuration.nix index 0eae86e5..774544ed 100644 --- a/nixos/hosts/olympus/vault-0/configuration.nix +++ b/nixos/hosts/olympus/vault-0/configuration.nix @@ -16,5 +16,8 @@ enable = true; openFirewall = true; node_id = "olympus-1"; + + autoUnseal = true; + autoUnsealKeysFile = "/var/lib/vault-unseal/keys.json"; }; } diff --git a/nixos/hosts/olympus/vault-1/configuration.nix b/nixos/hosts/olympus/vault-1/configuration.nix index e5af75a5..51607df5 100644 --- a/nixos/hosts/olympus/vault-1/configuration.nix +++ b/nixos/hosts/olympus/vault-1/configuration.nix @@ -18,6 +18,6 @@ _: { node_id = "olympus-2"; autoUnseal = true; - autoUnsealTokenPath = "/var/lib/vault-unseal/keys.json"; + autoUnsealKeysFile = "/var/lib/vault-unseal/keys.json"; }; } -- 2.47.1 From 9f671ce273c8144485ad39c0d088e6d5da2c1292 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 28 Apr 2023 16:24:00 +0200 Subject: [PATCH 1496/1882] auto unseal hades --- flake.nix | 4 ++-- nixos/hosts/hades/vault-0/configuration.nix | 5 ++++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/flake.nix b/flake.nix index cdabe0da..6db30e49 100644 --- a/flake.nix +++ b/flake.nix @@ -125,14 +125,14 @@ proxmox-lxc = nixos-generators.nixosGenerate { inherit pkgs; format = "proxmox-lxc"; - modules = (util.base_imports) + modules = util.base_imports ++ [ (import ./nixos/templates/proxmox-lxc.nix) ]; }; proxmox-vm = nixos-generators.nixosGenerate { inherit system pkgs; format = "proxmox"; - modules = (util.base_imports) + modules = util.base_imports ++ [ (import ./nixos/templates/proxmox-vm.nix) ]; }; }; diff --git a/nixos/hosts/hades/vault-0/configuration.nix b/nixos/hosts/hades/vault-0/configuration.nix index 58bdcc95..6eb1237f 100644 --- a/nixos/hosts/hades/vault-0/configuration.nix +++ b/nixos/hosts/hades/vault-0/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, hosts, ... }: { +_: { # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave @@ -16,5 +16,8 @@ enable = true; openFirewall = true; node_id = "hades-1"; + + autoUnseal = true; + autoUnsealKeysFile = "/var/lib/vault-unseal/keys.json"; }; } -- 2.47.1 From e7c87670bc6d6aa6f41b5f071adc45f5b044e8a0 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 28 Apr 2023 23:17:53 +0200 Subject: [PATCH 1497/1882] migrated dhcp to kea --- nixos/hosts/olympus/dhcp/configuration.nix | 23 +--------------------- 1 file changed, 1 insertion(+), 22 deletions(-) diff --git a/nixos/hosts/olympus/dhcp/configuration.nix b/nixos/hosts/olympus/dhcp/configuration.nix index 3ea6ed18..f6b1163b 100644 --- a/nixos/hosts/olympus/dhcp/configuration.nix +++ b/nixos/hosts/olympus/dhcp/configuration.nix @@ -1,11 +1,6 @@ { config, pkgs, flat_hosts, ... }: let inherit (builtins) filter hasAttr; - hostToDhcp = { hostname, mac, ip, ... }: { - ethernetAddress = mac; - hostName = hostname; - ipAddress = ip; - }; hostToKea = {hostname, mac, ip, ...}: { inherit hostname; hw-address = mac; @@ -41,25 +36,9 @@ in { networking.firewall.allowedUDPPorts = [ 67 ]; - services.dhcpd4 = { - enable = true; - extraConfig = '' - option subnet-mask 255.255.254.0; - option broadcast-address 10.42.43.255; - option routers 10.42.42.1; - option domain-name-servers 10.42.42.15, 10.42.42.16; - option domain-name "${localDomain}"; - option domain-search "${localDomain}"; - subnet 10.42.42.0 netmask 255.255.254.0 { - range 10.42.43.1 10.42.43.254; - } - ''; - machines = map hostToDhcp hosts; - }; - services.kea = { dhcp4 = { - enable = false; + enable = true; settings = { authoritative = true; valid-lifetime = 4000; -- 2.47.1 From 2938bfdf64eb725fa9fc29d0e34d08bf07679d1a Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 29 Apr 2023 12:18:27 +0200 Subject: [PATCH 1498/1882] updates --- flake.lock | 44 ++++++++++---------- nixos/hosts/thalassa/eevee/configuration.nix | 2 + nixos/hosts/thalassa/eevee/hardware.nix | 7 +++- 3 files changed, 30 insertions(+), 23 deletions(-) diff --git a/flake.lock b/flake.lock index bdc6d68d..c1fd8256 100644 --- a/flake.lock +++ b/flake.lock @@ -88,11 +88,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1682202576, - "narHash": "sha256-vcTEEEHKx4PTfY80bUmZMwXRy0cTDJCkULHhqe1HJS8=", + "lastModified": 1682737380, + "narHash": "sha256-n3rZkHZls9BNr35o3veK00UsM1KSh/oNTJjLkFbEOY8=", "owner": "zhaofengli", "repo": "colmena", - "rev": "089431737e283ed3e402a7dff578cb442444c431", + "rev": "be837ee341b6508c355035973d5f7c7e88d7c64f", "type": "github" }, "original": { @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1682663009, - "narHash": "sha256-i5ZDuY5kUBDwbWFUludL2cm6PBb6oj245qTFXSpOkdo=", + "lastModified": 1682759296, + "narHash": "sha256-FgBfP1e+TnED0lT3L9G6KJ6j07xQElFMRdLIsmKQ0Ss=", "owner": "nix-community", "repo": "home-manager", - "rev": "43ba4489bd3f9f69519f5f7ebdb76d0455eccbbe", + "rev": "27d89b49e3cd3c83b9609a6ff9173a9b8d2d9ad4", "type": "github" }, "original": { @@ -833,11 +833,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1682538316, - "narHash": "sha256-YuHgVsR7S9zxJWHo7lo2ugd+uDC4ESWg1hA4bEZQv3Y=", + "lastModified": 1682669017, + "narHash": "sha256-Vi+p4y3wnl0/4gcwTdmCO398kKlDaUrNROtf3GOD2NY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "15b75800dce80225b44f067c9012b09de37dfad2", + "rev": "7449971a3ecf857b4a554cf79b1d9dcc1a4647d8", "type": "github" }, "original": { @@ -865,11 +865,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1682688250, - "narHash": "sha256-eE/h7+V5M96HmobnZEPbPyinPv+Y+vcs/3gL55I7rRI=", + "lastModified": 1682761707, + "narHash": "sha256-LYi8jYRWn10jThmwQTx4ecrIikfGqGGoC2KGmgIgQX8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4452d55f8e5c2480b91bbe1eaf4b34c8ee07ebb9", + "rev": "8f9e20ecb020e0a665e2e2301b73034be5db5bca", "type": "github" }, "original": { @@ -965,11 +965,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1682677025, - "narHash": "sha256-HQ3E4JKHcj6MWwmo/JoGIrFhBymVszGyFoAv3R6JOxk=", + "lastModified": 1682714854, + "narHash": "sha256-7vFHIUeaZ47REJopzzY6bX5wb0qmn6fNsQCKOQ8G3Mg=", "owner": "pta2002", "repo": "nixvim", - "rev": "3014192cdc6e5ac59e72c74baa6075c9c9148bfd", + "rev": "d0383da7f8579610f49b99b982b662ad197d97d1", "type": "github" }, "original": { @@ -980,11 +980,11 @@ }, "nur": { "locked": { - "lastModified": 1682686658, - "narHash": "sha256-h2gpcWIEcO5CYfdLFBvxI59cOS65YJejpxVqdh1sZGU=", + "lastModified": 1682751794, + "narHash": "sha256-+lo+jlBp5Np2UId6CfAQZdG/yLJLZhtoluMj1NkBlDU=", "owner": "nix-community", "repo": "NUR", - "rev": "8814b947eb4f10b1f26ed7cb7b067c58b28b065a", + "rev": "b3b850a6da43a794e7fab9566b529ca43e22458a", "type": "github" }, "original": { @@ -1280,11 +1280,11 @@ "nixpkgs": "nixpkgs_9" }, "locked": { - "lastModified": 1682689494, - "narHash": "sha256-ZGOJ5Mg92Vuf3mMlLL4hu6ENU4Ykk+uAjnoU+rdSFcM=", + "lastModified": 1682690091, + "narHash": "sha256-j8Uu1Lu+3t5CrLlnHIco6LXIuH7F5KM4pUJZ+QIBiVQ=", "ref": "refs/heads/main", - "rev": "3393123d5814d572eeccb6c6163bab9f374550ca", - "revCount": 2, + "rev": "5af2f123dcd9dcf7ddb3856434f8ea1c76b699b3", + "revCount": 3, "type": "git", "url": "https://git.0x76.dev/v/vault-unseal.git" }, diff --git a/nixos/hosts/thalassa/eevee/configuration.nix b/nixos/hosts/thalassa/eevee/configuration.nix index 8e435acf..9adf13c8 100644 --- a/nixos/hosts/thalassa/eevee/configuration.nix +++ b/nixos/hosts/thalassa/eevee/configuration.nix @@ -41,6 +41,8 @@ environment.systemPackages = with pkgs; [ wireguard-tools ]; + environment.sessionVariables.NIXOS_OZONE_WL = "1"; + home-manager = { useGlobalPkgs = true; useUserPackages = true; diff --git a/nixos/hosts/thalassa/eevee/hardware.nix b/nixos/hosts/thalassa/eevee/hardware.nix index 2e9e5793..561c5709 100644 --- a/nixos/hosts/thalassa/eevee/hardware.nix +++ b/nixos/hosts/thalassa/eevee/hardware.nix @@ -23,7 +23,12 @@ }; # udev - services.udev.packages = with pkgs; [ wooting-udev-rules ]; + services.udev.packages = with pkgs; [ + android-udev-rules + logitech-udev-rules + qmk-udev-rules + wooting-udev-rules + ]; # FS fileSystems."/".options = [ "compress=zstd" ]; -- 2.47.1 From 7ea4f748acf06764fae4a4c322b9cfde8f229a90 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 28 Apr 2023 22:00:25 +0000 Subject: [PATCH 1499/1882] chore(deps): update renovate/renovate docker tag to v35.64.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index f78fd2d5..9471e237 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.58.0 + image: renovate/renovate:35.64.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 74a5d6c4c636513cc7d8b97f91891f7cbc8f7142 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 29 Apr 2023 13:44:23 +0200 Subject: [PATCH 1500/1882] fix woodpecker --- nixos/common/desktop/home.nix | 2 ++ nixos/hosts/olympus/woodpecker/configuration.nix | 12 +++++++++--- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index 6458b8d9..b169f549 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -9,6 +9,7 @@ in { home.packages = with pkgs; [ btop calibre + celluloid element-desktop fusee-launcher gcc @@ -17,6 +18,7 @@ in { inputs.webcord.packages.${pkgs.system}.default jetbrains.clion jetbrains.idea-ultimate + kdenlive mullvad-vpn neofetch nixfmt diff --git a/nixos/hosts/olympus/woodpecker/configuration.nix b/nixos/hosts/olympus/woodpecker/configuration.nix index a0590fb0..682338bd 100644 --- a/nixos/hosts/olympus/woodpecker/configuration.nix +++ b/nixos/hosts/olympus/woodpecker/configuration.nix @@ -25,12 +25,18 @@ in { quoteEnvironmentValues = false; # Needed for docker }; + # For some reason networking is broken in podman virtualisation.podman = { - enable = true; + enable = false; dockerSocket.enable = true; dockerCompat = true; }; + virtualisation.docker = { + enable = true; + autoPrune.enable = true; + }; + services.woodpecker-server = { enable = true; environment = { @@ -49,12 +55,12 @@ in { docker = { enable = true; environment = { - DOCKER_HOST = "unix:///run/podman/podman.sock"; + # DOCKER_HOST = "unix:///run/podman/podman.sock"; WOODPECKER_BACKEND = "docker"; WOODPECKER_SERVER = "localhost:9000"; }; environmentFile = [ "${vs.woodpecker}/environment" ]; - extraGroups = [ "podman" ]; + extraGroups = [ "docker" ]; }; }; } -- 2.47.1 From e31e4cd82e0a19008d103e57a007c0842b1b9cb2 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 29 Apr 2023 15:25:11 +0200 Subject: [PATCH 1501/1882] cleanup --- flake.nix | 2 +- .../hosts/olympus/database/configuration.nix | 40 ------------------- nixos/hosts/olympus/default.nix | 11 +---- nixos/util.nix | 3 +- 4 files changed, 5 insertions(+), 51 deletions(-) delete mode 100644 nixos/hosts/olympus/database/configuration.nix diff --git a/flake.nix b/flake.nix index 6db30e49..b317cb46 100644 --- a/flake.nix +++ b/flake.nix @@ -87,7 +87,7 @@ nix repl --file "${./.}/repl.nix" $@ ''; in { - # Make the nixosConfigurations for compat reasons + # Make the nixosConfigurations for compat reasons (e.g. vault) nixosConfigurations = (import (inputs.colmena + "/src/nix/hive/eval.nix") { rawFlake = self; diff --git a/nixos/hosts/olympus/database/configuration.nix b/nixos/hosts/olympus/database/configuration.nix deleted file mode 100644 index 967a111a..00000000 --- a/nixos/hosts/olympus/database/configuration.nix +++ /dev/null @@ -1,40 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, ... }: -let - databases = [ "umami" "drone" ]; -in -{ - imports = [ ]; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "21.11"; # Did you read the comment? - - # Additional packages - environment.systemPackages = with pkgs; [ ]; - - networking.firewall.allowedTCPPorts = [ config.services.postgresql.port ]; - - services.postgresql = - { - enable = true; - package = pkgs.postgresql_14; - ensureDatabases = databases; - enableTCPIP = true; - # Allow all hosts on the server subnet, should probably lock this down more in the future - authentication = "host all all 10.42.42.0/24 trust"; - ensureUsers = map - (name: { - inherit name; - ensurePermissions = { "DATABASE ${name}" = "ALL PRIVILEGES"; }; - }) - databases; - }; -} diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 0d9992e6..62f5c092 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -110,10 +110,7 @@ ip = "10.42.42.25"; mac = "1E:ED:97:2C:C3:9D"; }; - "database" = { - ip = "10.42.42.26"; - mac = "CE:6E:96:87:18:1B"; - }; + # 10.42.42.26 "bookwyrm" = { ip = "10.42.42.27"; mac = "9E:8A:6C:39:27:DE"; @@ -123,11 +120,7 @@ ip = "10.42.42.28"; mac = "9E:86:D3:46:EE:AE"; }; - "slimmelezer" = { - ip = "10.42.42.29"; - mac = "b4:8a:0a:ee:b0:5e"; - nix = false; - }; + # 10.42.42.29 "vault-1" = { ip = "10.42.42.30"; mac = "26:69:0E:7C:B3:79"; diff --git a/nixos/util.nix b/nixos/util.nix index 42665e88..798913ef 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -2,6 +2,7 @@ let inherit (builtins) filter attrValues concatMap mapAttrs; inherit (nixpkgs.lib.attrsets) mapAttrsToList; + inherit (nixpkgs.lib) nixosSystem; base_imports = [ home-manager.nixosModules.home-manager mailserver.nixosModules.mailserver @@ -44,7 +45,7 @@ in { mkColmenaHost = { ip ? null, hostname, tags, realm, type ? "lxc", ... }@host: let # this makes local apply work a bit nicer - name = if realm == "thalassa" then hostname else "${hostname}.${realm}"; + name = if type == "local" then hostname else "${hostname}.${realm}"; in { "${name}" = { imports = resolve_imports host; -- 2.47.1 From 8c6037a0fdf5992356d4cfe82542f6b1f7f1b4b6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 29 Apr 2023 14:07:52 +0000 Subject: [PATCH 1502/1882] chore(deps): lock file maintenance --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c1fd8256..d19bae32 100644 --- a/flake.lock +++ b/flake.lock @@ -865,11 +865,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1682761707, - "narHash": "sha256-LYi8jYRWn10jThmwQTx4ecrIikfGqGGoC2KGmgIgQX8=", + "lastModified": 1682777022, + "narHash": "sha256-tzMqNaMS8wDpEnNG8vuPrbOUw1y+AI7BRFznjmCBVjE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8f9e20ecb020e0a665e2e2301b73034be5db5bca", + "rev": "6f3b947593983bf1bf0b243717fac8b42a1e014d", "type": "github" }, "original": { -- 2.47.1 From 24a16976a72accd2e6acfaf56693e5e6bc97f6ab Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 29 Apr 2023 19:48:00 +0200 Subject: [PATCH 1503/1882] prep nginx migration --- nixos/hosts/hades/_template/configuration.nix | 2 +- nixos/hosts/hades/default.nix | 15 --- nixos/hosts/hades/nginx/configuration.nix | 99 +++++++++++++++++ nixos/hosts/olympus/dhcp/configuration.nix | 103 +++++++++--------- nixos/hosts/olympus/nginx/configuration.nix | 2 +- 5 files changed, 150 insertions(+), 71 deletions(-) create mode 100644 nixos/hosts/hades/nginx/configuration.nix diff --git a/nixos/hosts/hades/_template/configuration.nix b/nixos/hosts/hades/_template/configuration.nix index e660f641..7b6c670d 100644 --- a/nixos/hosts/hades/_template/configuration.nix +++ b/nixos/hosts/hades/_template/configuration.nix @@ -13,7 +13,7 @@ # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "22.11"; # Did you read the comment? + system.stateVersion = "23.05"; # Did you read the comment? # Additional packages environment.systemPackages = with pkgs; [ ]; diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 12eba5fa..e9a93e63 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -143,21 +143,6 @@ mac = "ea:ac:be:53:18:27"; profile = "sonarr"; }; - "postgres" = { - ip = "192.168.0.133"; - mac = "6e:92:a9:5e:4c:e2"; - nix = false; - }; - "vault" = { - ip = "192.168.0.134"; - mac = "56:20:62:16:8a:11"; - nix = false; - }; - "vmetrics" = { - ip = "192.168.0.135"; - mac = "96:10:41:fd:2a:0a"; - nix = false; - }; "mastodon" = { ip = "192.168.0.138"; mac = "52:60:8a:06:86:9c"; diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix new file mode 100644 index 00000000..6b8427fe --- /dev/null +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -0,0 +1,99 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ pkgs, ... }: +let + proxy = url: { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = url; + proxyWebsockets = true; + }; + }; +in { + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.05"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ ]; + + services.nginx = { + enable = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedOptimisation = true; + recommendedBrotliSettings = true; + clientMaxBodySize = "500m"; + + package = pkgs.nginxMainline; + + virtualHosts."cshub.nl" = proxy "http://192.168.0.113"; + virtualHosts."ha.xirion.net" = proxy "http://192.168.0.129:8123"; + virtualHosts."xirion.net" = (proxy "http://10.10.10.12") // { + locations."= /.well-known/host-meta".extraConfig = '' + return 301 https://fedi.xirion.net$request_uri; + ''; + }; + virtualHosts."blog.xirion.net" = proxy "http://10.10.10.12"; + virtualHosts."git.xirion.net" = proxy "http://10.10.10.12"; + virtualHosts."mail.xirion.net" = proxy "https://192.168.0.118"; + virtualHosts."o.xirion.net" = proxy "http://192.168.0.112"; + virtualHosts."requests.xirion.net" = proxy "http://overseerr.hades:5055"; + virtualHosts."pass.xirion.net" = proxy "http://bitwarden_rs"; + virtualHosts."repo.xirion.net" = proxy "http://archlinux"; + virtualHosts."thelounge.xirion.net" = proxy "http://thelounge:9000"; + + virtualHosts."registry.xirion.net" = proxy "http://docker-registry:5000" + // { + locations."/".extraConfig = '' + allow 127.0.0.1; + allow 10.42.42.0/23; + allow 192.168.0.0/23; + allow 80.60.83.220; + allow 195.85.167.32/29; + deny all; + ''; + }; + + virtualHosts."fedi.xirion.net" = { + enableACME = true; + forceSSL = true; + + root = "${pkgs.v.glitch-soc}/public/"; + location."/".tryFiles = "$uri @proxy"; + + # location ~ ^/(emoji|packs|system/accounts/avatars|system/media_attachments/files) { + # add_header Cache-Control "public, max-age=31536000, immutable"; + # add_header Strict-Transport-Security "max-age=31536000"; + # try_files $uri @proxy; + # } + + # location /sw.js { + # add_header Cache-Control "public, max-age=0"; + # add_header Strict-Transport-Security "max-age=31536000"; + # try_files $uri @proxy; + # } + + location."@proxy" = { + proxyPass = "http://192.168.0.138:55001"; + proxyWebsockets = true; + }; + + location."api/v1/streaming" = { + proxyPass = "http://192.168.0.138:55000"; + proxyWebsockets = true; + }; + }; + }; +} diff --git a/nixos/hosts/olympus/dhcp/configuration.nix b/nixos/hosts/olympus/dhcp/configuration.nix index f6b1163b..dcafb0ac 100644 --- a/nixos/hosts/olympus/dhcp/configuration.nix +++ b/nixos/hosts/olympus/dhcp/configuration.nix @@ -1,7 +1,7 @@ { config, pkgs, flat_hosts, ... }: let inherit (builtins) filter hasAttr; - hostToKea = {hostname, mac, ip, ...}: { + hostToKea = { hostname, mac, ip, ... }: { inherit hostname; hw-address = mac; ip-address = ip; @@ -31,64 +31,59 @@ in { # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "21.11"; # Did you read the comment? - # Additional packages - environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedUDPPorts = [ 67 ]; - services.kea = { - dhcp4 = { - enable = true; - settings = { - authoritative = true; - valid-lifetime = 4000; - rebind-timer = 2000; - renew-timer = 1000; + services.kea.dhcp4 = { + enable = true; + settings = { + authoritative = true; + valid-lifetime = 4000; + rebind-timer = 2000; + renew-timer = 1000; - interfaces-config.interfaces = [ "eth0" ]; + interfaces-config.interfaces = [ "eth0" ]; - lease-database = { - name = "/var/lib/kea/dhcp4.leases"; - persist = true; - type = "memfile"; - }; - - option-data = [ - { - name = "subnet-mask"; - data = "255.255.254.0"; - } - { - name = "broadcast-address"; - data = "10.42.43.255"; - } - { - name = "routers"; - data = "10.42.42.1"; - } - { - name = "domain-name-servers"; - data = "10.42.42.15, 10.42.42.16"; - } - { - name = "domain-name"; - data = "${localDomain}"; - } - { - name = "domain-search"; - data = "${localDomain}"; - } - ]; - - host-reservation-identifiers = [ "hw-address" ]; - - subnet4 = [{ - id = 1; - pools = [{ pool = "10.42.43.1 - 10.42.43.254"; }]; - subnet = "10.42.42.0/23"; - reservations = map hostToKea hosts; - }]; + lease-database = { + name = "/var/lib/kea/dhcp4.leases"; + persist = true; + type = "memfile"; }; + + option-data = [ + { + name = "subnet-mask"; + data = "255.255.254.0"; + } + { + name = "broadcast-address"; + data = "10.42.43.255"; + } + { + name = "routers"; + data = "10.42.42.1"; + } + { + name = "domain-name-servers"; + data = "10.42.42.15, 10.42.42.16"; + } + { + name = "domain-name"; + data = localDomain; + } + { + name = "domain-search"; + data = localDomain; + } + ]; + + host-reservation-identifiers = [ "hw-address" ]; + + subnet4 = [{ + id = 1; + pools = [{ pool = "10.42.43.1 - 10.42.43.254"; }]; + subnet = "10.42.42.0/23"; + reservations = map hostToKea hosts; + }]; }; }; } diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 564061bf..3901ff23 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -104,7 +104,7 @@ in { allow 10.42.42.0/23; allow 192.168.0.0/23; allow 80.60.83.220; - allow 195.85.167.32/23; + allow 195.85.167.32/29; deny all; ''; proxyPass = "http://synapse.olympus:8008"; -- 2.47.1 From 51196941a7a2573b7f43f9bb3e3196550ec6f802 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 29 Apr 2023 20:39:16 +0200 Subject: [PATCH 1504/1882] dns --- nixos/hosts/hades/default.nix | 6 ++++++ nixos/hosts/hades/dns/configuration.nix | 21 +++++++++++++++++++++ nixos/hosts/hades/nginx/configuration.nix | 4 ---- 3 files changed, 27 insertions(+), 4 deletions(-) create mode 100644 nixos/hosts/hades/dns/configuration.nix diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index e9a93e63..c27c6586 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -40,6 +40,12 @@ ip = "192.168.0.106"; mac = "BE:30:DB:F8:C6:55"; }; + "dns-1" = { + ip = "192.168.0.107"; + mac = "12:84:3B:E0:8A:A0"; + profile = "dns"; + tags = [ "networking" ]; + }; "MariaDB" = { ip = "192.168.0.109"; mac = "00:0c:29:23:4f:12"; diff --git a/nixos/hosts/hades/dns/configuration.nix b/nixos/hosts/hades/dns/configuration.nix new file mode 100644 index 00000000..67a6274c --- /dev/null +++ b/nixos/hosts/hades/dns/configuration.nix @@ -0,0 +1,21 @@ +{ pkgs, ... }: +{ + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.05"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ dig dog drill ]; + + services.v.dns = { + enable = true; + openFirewall = true; + mode = "server"; + }; +} diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix index 6b8427fe..0bf560b3 100644 --- a/nixos/hosts/hades/nginx/configuration.nix +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -22,10 +22,6 @@ in { # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.05"; # Did you read the comment? - - # Additional packages - environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ ]; services.nginx = { -- 2.47.1 From 44f497632b642a1f571575e39b0472d6a12f713e Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 29 Apr 2023 20:56:33 +0200 Subject: [PATCH 1505/1882] deploy dns-2.hades --- nixos/hosts/hades/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index c27c6586..a4106470 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -46,6 +46,12 @@ profile = "dns"; tags = [ "networking" ]; }; + "dns-2" = { + ip = "192.168.0.108"; + mac = "56:C3:9C:A5:41:81"; + profile = "dns"; + tags = [ "networking" ]; + }; "MariaDB" = { ip = "192.168.0.109"; mac = "00:0c:29:23:4f:12"; -- 2.47.1 From 204b321268f382f7801d6b542e6309b51ef562fd Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 29 Apr 2023 23:20:31 +0200 Subject: [PATCH 1506/1882] switched to nginx.hades --- nixos/hosts/hades/default.nix | 4 ++++ nixos/hosts/hades/nginx/configuration.nix | 24 ++++++++++++++++------- 2 files changed, 21 insertions(+), 7 deletions(-) diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index a4106470..19a64773 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -114,6 +114,10 @@ nix = false; # superseded by prowlarr }; "nginx" = { + ip = "192.168.0.122"; + mac = "52:8E:72:31:AE:AC"; + }; + "reverseproxy" = { ip = "192.168.0.123"; mac = "00:0c:29:9b:10:82"; nix = false; diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix index 0bf560b3..ff04ae7a 100644 --- a/nixos/hosts/hades/nginx/configuration.nix +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -22,7 +22,11 @@ in { # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.05"; # Did you read the comment? - networking.firewall.allowedTCPPorts = [ ]; + networking.firewall.allowedTCPPorts = [ 80 443 ]; + + security.acme.defaults.email = "victorheld12@gmail.com"; + security.acme.acceptTerms = true; + security.acme.preliminarySelfsigned = true; services.nginx = { enable = true; @@ -36,15 +40,21 @@ in { virtualHosts."cshub.nl" = proxy "http://192.168.0.113"; virtualHosts."ha.xirion.net" = proxy "http://192.168.0.129:8123"; - virtualHosts."xirion.net" = (proxy "http://10.10.10.12") // { + virtualHosts."xirion.net" = { + enableACME = true; + forceSSL = true; + locations."/".extraConfig = '' + add_header Content-Type 'text/html; charset=UTF-8'; + return 200 'Hello, World!'; + ''; locations."= /.well-known/host-meta".extraConfig = '' return 301 https://fedi.xirion.net$request_uri; ''; }; - virtualHosts."blog.xirion.net" = proxy "http://10.10.10.12"; + # virtualHosts."blog.xirion.net" = proxy "http://10.10.10.12"; virtualHosts."git.xirion.net" = proxy "http://10.10.10.12"; virtualHosts."mail.xirion.net" = proxy "https://192.168.0.118"; - virtualHosts."o.xirion.net" = proxy "http://192.168.0.112"; + virtualHosts."o.xirion.net" = proxy "http://192.168.0.112:9000"; virtualHosts."requests.xirion.net" = proxy "http://overseerr.hades:5055"; virtualHosts."pass.xirion.net" = proxy "http://bitwarden_rs"; virtualHosts."repo.xirion.net" = proxy "http://archlinux"; @@ -67,7 +77,7 @@ in { forceSSL = true; root = "${pkgs.v.glitch-soc}/public/"; - location."/".tryFiles = "$uri @proxy"; + locations."/".tryFiles = "$uri @proxy"; # location ~ ^/(emoji|packs|system/accounts/avatars|system/media_attachments/files) { # add_header Cache-Control "public, max-age=31536000, immutable"; @@ -81,12 +91,12 @@ in { # try_files $uri @proxy; # } - location."@proxy" = { + locations."@proxy" = { proxyPass = "http://192.168.0.138:55001"; proxyWebsockets = true; }; - location."api/v1/streaming" = { + locations."api/v1/streaming" = { proxyPass = "http://192.168.0.138:55000"; proxyWebsockets = true; }; -- 2.47.1 From 4167d15a6d64bd1f858e7df798447e2588d6adce Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 29 Apr 2023 23:51:59 +0200 Subject: [PATCH 1507/1882] media auto remove --- nixos/hosts/hades/mastodon/configuration.nix | 37 ++++---------------- nixos/hosts/olympus/nginx/configuration.nix | 1 - 2 files changed, 7 insertions(+), 31 deletions(-) diff --git a/nixos/hosts/hades/mastodon/configuration.nix b/nixos/hosts/hades/mastodon/configuration.nix index 38a81d0a..e5a01316 100644 --- a/nixos/hosts/hades/mastodon/configuration.nix +++ b/nixos/hosts/hades/mastodon/configuration.nix @@ -37,7 +37,12 @@ in { webPort = 55001; enableUnixSocket = false; localDomain = "xirion.net"; - trustedProxy = "192.168.0.123"; + trustedProxy = "192.168.0.122"; + mediaAutoRemove = { + enable = true; + olderThanDays = 30; + startAt = "weekly"; + }; configureNginx = false; @@ -78,8 +83,7 @@ in { SMTP_AUTH_METHOD = "plain"; SMTP_OPENSSL_VERIFY_MODE = "none"; - # TODO: Don't? - RAILS_SERVE_STATIC_FILES = "true"; + RAILS_SERVE_STATIC_FILES = "false"; AUTHORIZED_FETCH = "true"; @@ -95,33 +99,6 @@ in { }; }; - # https://github.com/NixOS/nixpkgs/issues/116418#issuecomment-799517120 - systemd.services.mastodon-media-prune = let cfg = config.services.mastodon; - in { - description = "Mastodon media prune"; - environment = lib.filterAttrs (n: _: n != "PATH") - config.systemd.services.mastodon-web.environment; - serviceConfig = { - Type = "oneshot"; - # Remove remote media attachments older than one month. - ExecStart = "${cfg.package}/bin/tootctl media remove --days=30"; - User = cfg.user; - Group = cfg.group; - EnvironmentFile = "/var/lib/mastodon/.secrets_env"; - PrivateTmp = true; - }; - }; - - systemd.timers.mastodon-media-prune = { - description = "Mastodon media prune"; - wantedBy = [ "timers.target" ]; - timerConfig = { - OnCalendar = "*-*-* 00:00:00"; # every day - Unit = "mastodon-media-prune.service"; - AccuracySec = "60s"; - }; - }; - networking.firewall = let cfg = config.services.mastodon; in { allowedTCPPorts = [ cfg.streamingPort cfg.webPort ]; }; } diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 3901ff23..1a05a8c6 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -80,7 +80,6 @@ in { enableACME = true; forceSSL = true; locations."/".extraConfig = '' - add_header Content-Type 'text/html; charset=UTF-8'; return 200 '

meow

'; ''; -- 2.47.1 From fa6c415feaf911a4c223fe25d2eb81220367ce5c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 29 Apr 2023 22:00:28 +0000 Subject: [PATCH 1508/1882] chore(deps): update renovate/renovate docker tag to v35.66.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 9471e237..d14e20c7 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.64.0 + image: renovate/renovate:35.66.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 9eb2f34fec2c8d6474f2baca9b5850efc17ca8e3 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 30 Apr 2023 11:14:51 +0200 Subject: [PATCH 1509/1882] update platform io vscode --- nixos/pkgs/vscode-extensions/platformio.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/nixos/pkgs/vscode-extensions/platformio.nix b/nixos/pkgs/vscode-extensions/platformio.nix index 542a9cf9..cbee23ec 100644 --- a/nixos/pkgs/vscode-extensions/platformio.nix +++ b/nixos/pkgs/vscode-extensions/platformio.nix @@ -4,7 +4,8 @@ in buildVscodeMarketplaceExtension { mktplcRef = { name = "platformio-ide"; publisher = "platformio"; - version = "2.5.4"; - sha256 = "sha256-/vBdZ6Mu1KlF+glqp5CNt9WeK1ECqfaivCnK8TisChg="; + version = "3.1.1"; + sha256 = "sha256-fwEct7Tj8bfTOLRozSZJGWoLzWRSvYz/KxcnfpO8Usg="; + # sha256 = lib.fakeSha256; }; } -- 2.47.1 From 584ea98b75819b5ae4caf8e9b0d07c2fb955666c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 30 Apr 2023 14:08:05 +0000 Subject: [PATCH 1510/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index d19bae32..ae5dbeff 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1682759296, - "narHash": "sha256-FgBfP1e+TnED0lT3L9G6KJ6j07xQElFMRdLIsmKQ0Ss=", + "lastModified": 1682779989, + "narHash": "sha256-H8AjcIBYFYrlRobYJ+n1B+ZJ6TsaaeZpuLn4iRqVvr4=", "owner": "nix-community", "repo": "home-manager", - "rev": "27d89b49e3cd3c83b9609a6ff9173a9b8d2d9ad4", + "rev": "3144311f31194b537808ae6848f86f3dbf977d59", "type": "github" }, "original": { @@ -865,11 +865,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1682777022, - "narHash": "sha256-tzMqNaMS8wDpEnNG8vuPrbOUw1y+AI7BRFznjmCBVjE=", + "lastModified": 1682863327, + "narHash": "sha256-SuG0IS3S4omVhVAgfVkJf5ksXjeQZdyTDUhKLb2Eu7g=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6f3b947593983bf1bf0b243717fac8b42a1e014d", + "rev": "6ab7c02a6efb0b0c58cb5607e9020a59edb8ea77", "type": "github" }, "original": { @@ -980,11 +980,11 @@ }, "nur": { "locked": { - "lastModified": 1682751794, - "narHash": "sha256-+lo+jlBp5Np2UId6CfAQZdG/yLJLZhtoluMj1NkBlDU=", + "lastModified": 1682820334, + "narHash": "sha256-dE9vVSJZei3fqZDTbDYU35/N7XCpHoEPdS8LBid1tb4=", "owner": "nix-community", "repo": "NUR", - "rev": "b3b850a6da43a794e7fab9566b529ca43e22458a", + "rev": "119de5f27fc96b9dc56406050b764b9a1016a061", "type": "github" }, "original": { -- 2.47.1 From e7857f7e0ced42da1566036b2c656e0b1861889b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 30 Apr 2023 22:01:08 +0000 Subject: [PATCH 1511/1882] chore(deps): update renovate/renovate docker tag to v35.66.3 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index d14e20c7..bc5d7db3 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.66.1 + image: renovate/renovate:35.66.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From c874312890cba1591432152a930b08a29eb37422 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 1 May 2023 08:47:21 +0200 Subject: [PATCH 1512/1882] minor fixes --- nixos/hosts/hades/dns/configuration.nix | 2 +- nixos/hosts/hades/unifi/configuration.nix | 5 ++--- nixos/hosts/olympus/dns/configuration.nix | 7 ++----- nixos/hosts/olympus/wireguard/configuration.nix | 5 ++++- 4 files changed, 9 insertions(+), 10 deletions(-) diff --git a/nixos/hosts/hades/dns/configuration.nix b/nixos/hosts/hades/dns/configuration.nix index 67a6274c..7e21fdd5 100644 --- a/nixos/hosts/hades/dns/configuration.nix +++ b/nixos/hosts/hades/dns/configuration.nix @@ -11,7 +11,7 @@ system.stateVersion = "23.05"; # Did you read the comment? # Additional packages - environment.systemPackages = with pkgs; [ dig dog drill ]; + environment.systemPackages = with pkgs; [ dig dogdns ]; services.v.dns = { enable = true; diff --git a/nixos/hosts/hades/unifi/configuration.nix b/nixos/hosts/hades/unifi/configuration.nix index ab540339..c8ff18c7 100644 --- a/nixos/hosts/hades/unifi/configuration.nix +++ b/nixos/hosts/hades/unifi/configuration.nix @@ -1,13 +1,12 @@ -{ config, pkgs, lib, ... }: +{ pkgs, lib, ... }: { system.stateVersion = "21.05"; networking.interfaces.eth0.useDHCP = true; services.unifi = { enable = true; - jrePackage = pkgs.jre8_headless; unifiPackage = pkgs.unifi; - mongodbPackage = pkgs.mongodb; + mongodbPackage = pkgs.mongodb-4_2; openFirewall = true; }; diff --git a/nixos/hosts/olympus/dns/configuration.nix b/nixos/hosts/olympus/dns/configuration.nix index 675fc0f7..955a1e2a 100644 --- a/nixos/hosts/olympus/dns/configuration.nix +++ b/nixos/hosts/olympus/dns/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ pkgs, ... }: { imports = [ ]; @@ -11,10 +11,7 @@ system.stateVersion = "21.11"; # Did you read the comment? # Additional packages - environment.systemPackages = with pkgs; [ dig dog drill ]; - - networking.firewall.allowedTCPPorts = [ 53 ]; - networking.firewall.allowedUDPPorts = [ 53 ]; + environment.systemPackages = with pkgs; [ dig dogdns ]; services.v.dns = { enable = true; diff --git a/nixos/hosts/olympus/wireguard/configuration.nix b/nixos/hosts/olympus/wireguard/configuration.nix index 556fb58f..efeb580e 100644 --- a/nixos/hosts/olympus/wireguard/configuration.nix +++ b/nixos/hosts/olympus/wireguard/configuration.nix @@ -24,7 +24,10 @@ in { [ config.networking.wireguard.interfaces.wg0.listenPort ]; networking.firewall.checkReversePath = false; - vault-secrets.secrets.wireguard = { services = [ "wireguard-wg0" ]; }; + vault-secrets.secrets.wireguard = { + services = [ "wireguard-wg0" ]; + loginRetries = 25; + }; networking.nat = { enable = true; -- 2.47.1 From 376053db9388cd3e206e54ec79fae3ab75ee8bc3 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 1 May 2023 09:53:13 +0200 Subject: [PATCH 1513/1882] updates --- flake.lock | 18 +++++++++--------- nixos/hosts/thalassa/aoife/home/default.nix | 4 ++++ 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index ae5dbeff..09bbd349 100644 --- a/flake.lock +++ b/flake.lock @@ -833,11 +833,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1682669017, - "narHash": "sha256-Vi+p4y3wnl0/4gcwTdmCO398kKlDaUrNROtf3GOD2NY=", + "lastModified": 1682817260, + "narHash": "sha256-kFMXzKNj4d/0Iqbm5l57rHSLyUeyCLMuvlROZIuuhvk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7449971a3ecf857b4a554cf79b1d9dcc1a4647d8", + "rev": "db1e4eeb0f9a9028bcb920e00abbc1409dd3ef36", "type": "github" }, "original": { @@ -865,11 +865,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1682863327, - "narHash": "sha256-SuG0IS3S4omVhVAgfVkJf5ksXjeQZdyTDUhKLb2Eu7g=", + "lastModified": 1682923590, + "narHash": "sha256-qnnlzfqIoUQTzAgnp+TiWr1hmEiadqGIUt55Y/7+FI0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6ab7c02a6efb0b0c58cb5607e9020a59edb8ea77", + "rev": "2e8bb230d93b78efeb81fab734c9bf1dd4306362", "type": "github" }, "original": { @@ -980,11 +980,11 @@ }, "nur": { "locked": { - "lastModified": 1682820334, - "narHash": "sha256-dE9vVSJZei3fqZDTbDYU35/N7XCpHoEPdS8LBid1tb4=", + "lastModified": 1682923190, + "narHash": "sha256-c/VngL/4eku/EhXX9cfw+MC5GoikKR17ZSbFJRbxGl8=", "owner": "nix-community", "repo": "NUR", - "rev": "119de5f27fc96b9dc56406050b764b9a1016a061", + "rev": "65020354709d1b5d88327a0bd170e0a95872c6b2", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index c84a0733..009553ef 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -11,4 +11,8 @@ dconf.settings."org/gnome/desktop/input-sources" = { xkb-options = [ "caps:swapescape" ]; }; + + programs.zsh.envExtra = '' + source ~/.zshrc.secrets + ''; } -- 2.47.1 From f4b9bfa5a1816d50c260b44ff1fb9c04b6efceae Mon Sep 17 00:00:00 2001 From: v Date: Mon, 1 May 2023 15:20:21 +0200 Subject: [PATCH 1514/1882] Update 'README.md' --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 470f5ffb..caceedb7 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# 0x76's Infrastructure [![NixOS](https://github.com/NULLx76/infrastructure/actions/workflows/nixos.yml/badge.svg)](https://github.com/NULLx76/infrastructure/actions/workflows/nixos.yml) +# 0x76's Infrastructure This repository contains my fleet of VMs, Containers and Bare Metal machines. ## Directory Structure -- 2.47.1 From 84f411aea8ee7177f3a3ba4b814c3b05afb8aff3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 1 May 2023 14:07:40 +0000 Subject: [PATCH 1515/1882] chore(deps): lock file maintenance --- flake.lock | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/flake.lock b/flake.lock index 09bbd349..a0f3ef24 100644 --- a/flake.lock +++ b/flake.lock @@ -689,11 +689,11 @@ ] }, "locked": { - "lastModified": 1682332772, - "narHash": "sha256-GMoWhChQdeNM2FFqVbEZgBABSdi/+JgSP6v+jUz5b24=", + "lastModified": 1682946851, + "narHash": "sha256-YoEtcS8oRurXdrYW1ceF3LaqBeJDp33+NqyqsQAh96c=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "d774aeedc0685e5871be1e1ee0511900deeb21c2", + "rev": "8e981bbc0f146e87ac5e8cc98a84dd6702648adb", "type": "github" }, "original": { @@ -865,11 +865,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1682923590, - "narHash": "sha256-qnnlzfqIoUQTzAgnp+TiWr1hmEiadqGIUt55Y/7+FI0=", + "lastModified": 1682947811, + "narHash": "sha256-KBKVziNli6YIosZ0dxk0eneUOT13bEPBpyTHNqhAqyU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "2e8bb230d93b78efeb81fab734c9bf1dd4306362", + "rev": "ccde02e9ff2c5789246c40987443954225d46bc1", "type": "github" }, "original": { @@ -980,11 +980,11 @@ }, "nur": { "locked": { - "lastModified": 1682923190, - "narHash": "sha256-c/VngL/4eku/EhXX9cfw+MC5GoikKR17ZSbFJRbxGl8=", + "lastModified": 1682945906, + "narHash": "sha256-45tSf14pbq3AZSUpdos7dod4zGGxONE2MMPr8K7Ni/4=", "owner": "nix-community", "repo": "NUR", - "rev": "65020354709d1b5d88327a0bd170e0a95872c6b2", + "rev": "6e170eea820a3b7c28df56c99bb0d4be95b46dab", "type": "github" }, "original": { @@ -1280,11 +1280,11 @@ "nixpkgs": "nixpkgs_9" }, "locked": { - "lastModified": 1682690091, - "narHash": "sha256-j8Uu1Lu+3t5CrLlnHIco6LXIuH7F5KM4pUJZ+QIBiVQ=", + "lastModified": 1682941117, + "narHash": "sha256-O05pGzPrgx5ztX1YEa5EmumZ0/29fzEI2hhB9qCnB8E=", "ref": "refs/heads/main", - "rev": "5af2f123dcd9dcf7ddb3856434f8ea1c76b699b3", - "revCount": 3, + "rev": "a3dca9e818eea43d32e2a3cc7498bf883f49ab01", + "revCount": 4, "type": "git", "url": "https://git.0x76.dev/v/vault-unseal.git" }, -- 2.47.1 From 8c1f68aa17016254633eb8864fe14eec84e8e445 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 1 May 2023 22:03:25 +0000 Subject: [PATCH 1516/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index a0f3ef24..85548df1 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1682779989, - "narHash": "sha256-H8AjcIBYFYrlRobYJ+n1B+ZJ6TsaaeZpuLn4iRqVvr4=", + "lastModified": 1682977601, + "narHash": "sha256-F1Va/Uiw2tVNn27FLqWyBkiqDyIm/eCamw9wA/GK8Fw=", "owner": "nix-community", "repo": "home-manager", - "rev": "3144311f31194b537808ae6848f86f3dbf977d59", + "rev": "0e4c33d76006c9080d2f228ba1c2308e3e4d7be6", "type": "github" }, "original": { @@ -865,11 +865,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1682947811, - "narHash": "sha256-KBKVziNli6YIosZ0dxk0eneUOT13bEPBpyTHNqhAqyU=", + "lastModified": 1682978422, + "narHash": "sha256-HRlZBmPHPVoF3D68mPfrTRdPmzPUSGRZokSdTSbm5tU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "ccde02e9ff2c5789246c40987443954225d46bc1", + "rev": "052341df029a36590dcb3d208d8b2073bf9f9ba5", "type": "github" }, "original": { @@ -980,11 +980,11 @@ }, "nur": { "locked": { - "lastModified": 1682945906, - "narHash": "sha256-45tSf14pbq3AZSUpdos7dod4zGGxONE2MMPr8K7Ni/4=", + "lastModified": 1682970362, + "narHash": "sha256-SrivGIhZr8rl136UpPlMY6oYAMDvI1RMcrto1YqilwI=", "owner": "nix-community", "repo": "NUR", - "rev": "6e170eea820a3b7c28df56c99bb0d4be95b46dab", + "rev": "694865435f5f375eb5d86e33096d9e527f297bc3", "type": "github" }, "original": { -- 2.47.1 From c45c402512cc10b8cc922c74e2da1653520467b1 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 2 May 2023 10:05:49 +0200 Subject: [PATCH 1517/1882] updates --- flake.lock | 20 ++++++++++---------- nixos/common/hm-modules/vscode.nix | 1 + nixos/common/modules/vault.nix | 1 + nixos/hosts/thalassa/aoife/home/default.nix | 2 +- 4 files changed, 13 insertions(+), 11 deletions(-) diff --git a/flake.lock b/flake.lock index 85548df1..26546639 100644 --- a/flake.lock +++ b/flake.lock @@ -865,11 +865,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1682978422, - "narHash": "sha256-HRlZBmPHPVoF3D68mPfrTRdPmzPUSGRZokSdTSbm5tU=", + "lastModified": 1683011302, + "narHash": "sha256-obh4V+P6hla1ek7vr16qmenF/6iI7bVrT0uMjI3SFsM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "052341df029a36590dcb3d208d8b2073bf9f9ba5", + "rev": "9b3e4ea4fd5e0202b2f81b23bdd28081c6607e81", "type": "github" }, "original": { @@ -980,11 +980,11 @@ }, "nur": { "locked": { - "lastModified": 1682970362, - "narHash": "sha256-SrivGIhZr8rl136UpPlMY6oYAMDvI1RMcrto1YqilwI=", + "lastModified": 1683007714, + "narHash": "sha256-UnW0R/JiTya9DjBjmtDfhW3SlEfVhkBDz5g2FTIK8CQ=", "owner": "nix-community", "repo": "NUR", - "rev": "694865435f5f375eb5d86e33096d9e527f297bc3", + "rev": "fb2febdfc649f68e7059537605761ffcc7d95cc0", "type": "github" }, "original": { @@ -1280,11 +1280,11 @@ "nixpkgs": "nixpkgs_9" }, "locked": { - "lastModified": 1682941117, - "narHash": "sha256-O05pGzPrgx5ztX1YEa5EmumZ0/29fzEI2hhB9qCnB8E=", + "lastModified": 1683011386, + "narHash": "sha256-uFYsk+7753LRf9h2m7QPeIDp3Y3VcMtDSEbFLnWo0+Q=", "ref": "refs/heads/main", - "rev": "a3dca9e818eea43d32e2a3cc7498bf883f49ab01", - "revCount": 4, + "rev": "cafb08b4cd6c1f2a3ddf4acfeccf63dac7a12e4f", + "revCount": 7, "type": "git", "url": "https://git.0x76.dev/v/vault-unseal.git" }, diff --git a/nixos/common/hm-modules/vscode.nix b/nixos/common/hm-modules/vscode.nix index 5a2b95a4..acc4d99b 100644 --- a/nixos/common/hm-modules/vscode.nix +++ b/nixos/common/hm-modules/vscode.nix @@ -20,6 +20,7 @@ in { "nix.enableLanguageServer" = true; # Enable LSP. "nix.serverPath" = "${pkgs.nil}/bin/nil"; "[nix]" = { "editor.defaultFormatter" = "brettm12345.nixfmt-vscode"; }; + "[python]" = { "editor.formatOnType" = true; }; "rust-analyzer.checkOnSave.command" = "clippy"; "debug.allowBreakpointsEverywhere" = true; # Don't index unecessary things diff --git a/nixos/common/modules/vault.nix b/nixos/common/modules/vault.nix index f9b0390e..1df023bd 100644 --- a/nixos/common/modules/vault.nix +++ b/nixos/common/modules/vault.nix @@ -4,6 +4,7 @@ let cfg = config.services.v.vault; hostIP = config.deployment.targetHost; + # Find all vault hosts that do not have the same IP as the current host vault_hosts = filter ({ tags ? [ ], ip ? "", ... }: (elem "vault" tags) && (ip != hostIP)) flat_hosts; diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index 009553ef..cce6c37d 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -1,4 +1,4 @@ -{ ... }: { +_: { programs.home-manager.enable = true; home.username = "victor"; -- 2.47.1 From 9c554463421abfb30bce14b8827b6cd4b502ea60 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 2 May 2023 14:02:21 +0000 Subject: [PATCH 1518/1882] chore(deps): lock file maintenance --- flake.lock | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/flake.lock b/flake.lock index 26546639..d583da5b 100644 --- a/flake.lock +++ b/flake.lock @@ -833,11 +833,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1682817260, - "narHash": "sha256-kFMXzKNj4d/0Iqbm5l57rHSLyUeyCLMuvlROZIuuhvk=", + "lastModified": 1682931856, + "narHash": "sha256-phFRasoX9a7pPwfHwUO4A3HjccedEgVQLHR1UoPCY90=", "owner": "nixos", "repo": "nixpkgs", - "rev": "db1e4eeb0f9a9028bcb920e00abbc1409dd3ef36", + "rev": "d529862de0cdabaebac67a48d825af99c2c3b50d", "type": "github" }, "original": { @@ -865,11 +865,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1683011302, - "narHash": "sha256-obh4V+P6hla1ek7vr16qmenF/6iI7bVrT0uMjI3SFsM=", + "lastModified": 1683035192, + "narHash": "sha256-ypkdYzOEWBNTp959hDEY0YBo0KJwXq0aV+jnKsHRC6g=", "owner": "nixos", "repo": "nixpkgs", - "rev": "9b3e4ea4fd5e0202b2f81b23bdd28081c6607e81", + "rev": "549a132b51de555fed118d56c78580df889f3a12", "type": "github" }, "original": { @@ -980,11 +980,11 @@ }, "nur": { "locked": { - "lastModified": 1683007714, - "narHash": "sha256-UnW0R/JiTya9DjBjmtDfhW3SlEfVhkBDz5g2FTIK8CQ=", + "lastModified": 1683027801, + "narHash": "sha256-JD8MHCGCEe/o85sB32O1v6/pElTL67M2P64pW6pLjZk=", "owner": "nix-community", "repo": "NUR", - "rev": "fb2febdfc649f68e7059537605761ffcc7d95cc0", + "rev": "6c9338fab80683e440e674c235c2fee2b381e6c4", "type": "github" }, "original": { @@ -1280,11 +1280,11 @@ "nixpkgs": "nixpkgs_9" }, "locked": { - "lastModified": 1683011386, - "narHash": "sha256-uFYsk+7753LRf9h2m7QPeIDp3Y3VcMtDSEbFLnWo0+Q=", + "lastModified": 1683013874, + "narHash": "sha256-B8bQb9IMkrDvtqFUoF/PuBma8Qa2jU7Xv7cFSchg9V8=", "ref": "refs/heads/main", - "rev": "cafb08b4cd6c1f2a3ddf4acfeccf63dac7a12e4f", - "revCount": 7, + "rev": "91e7262e87878609c2d6619210988b241e8f8f62", + "revCount": 11, "type": "git", "url": "https://git.0x76.dev/v/vault-unseal.git" }, -- 2.47.1 From 8fdbaa795c7c4f78923aa29b54eb859e0a12f6a8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 2 May 2023 22:06:00 +0000 Subject: [PATCH 1519/1882] chore(deps): lock file maintenance --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index d583da5b..59ab2a88 100644 --- a/flake.lock +++ b/flake.lock @@ -833,11 +833,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1682931856, - "narHash": "sha256-phFRasoX9a7pPwfHwUO4A3HjccedEgVQLHR1UoPCY90=", + "lastModified": 1683028696, + "narHash": "sha256-saPKTDj+HB9aPvB59wGcJ64CifRuiIt2CHvSbh7UHz8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d529862de0cdabaebac67a48d825af99c2c3b50d", + "rev": "5dab6490fe6d72b3f120ae8660181e20f396fbdf", "type": "github" }, "original": { @@ -865,11 +865,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1683035192, - "narHash": "sha256-ypkdYzOEWBNTp959hDEY0YBo0KJwXq0aV+jnKsHRC6g=", + "lastModified": 1683064191, + "narHash": "sha256-g0DVqML1/9x+qirw48Dq9R0srGlMyErC/m0IBLYab+8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "549a132b51de555fed118d56c78580df889f3a12", + "rev": "72e8332e0c0f6a5f44545199261a6352efe55f0b", "type": "github" }, "original": { @@ -980,11 +980,11 @@ }, "nur": { "locked": { - "lastModified": 1683027801, - "narHash": "sha256-JD8MHCGCEe/o85sB32O1v6/pElTL67M2P64pW6pLjZk=", + "lastModified": 1683060374, + "narHash": "sha256-6yfeqytI9vCouLTAvFyqlNyRKnmD669Hfk7o00ilnGY=", "owner": "nix-community", "repo": "NUR", - "rev": "6c9338fab80683e440e674c235c2fee2b381e6c4", + "rev": "eb2118cd4558440844aa1dfff888005c174c4522", "type": "github" }, "original": { -- 2.47.1 From a160d5314bc3645d0441230c0380ea5c4515db0f Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 3 May 2023 09:43:05 +0200 Subject: [PATCH 1520/1882] update mastodon --- nixos/pkgs/glitch-soc/default.nix | 4 +- nixos/pkgs/glitch-soc/gemset.nix | 184 +++++++++++++++--------------- nixos/pkgs/glitch-soc/source.nix | 4 +- 3 files changed, 97 insertions(+), 95 deletions(-) diff --git a/nixos/pkgs/glitch-soc/default.nix b/nixos/pkgs/glitch-soc/default.nix index 6d26308f..1ffb5b7e 100644 --- a/nixos/pkgs/glitch-soc/default.nix +++ b/nixos/pkgs/glitch-soc/default.nix @@ -42,8 +42,8 @@ stdenv.mkDerivation rec { yarnOfflineCache = fetchYarnDeps { yarnLock = "${src}/yarn.lock"; - #sha256 = lib.fakeSha256; - sha256 = "sha256-uDQ06rWvXxwSv7I41Gu7RMKKiB+cA21Jq/gfWpfZ6Mg="; + # sha256 = lib.fakeSha256; + sha256 = "sha256-5KmPgKE1QRPoTjeSYidKt/z9vzWzTOoJVr5dNtofKJY="; }; nativeBuildInputs = [ fixup_yarn_lock nodejs-slim yarn mastodon-gems mastodon-gems.wrappedRuby ]; diff --git a/nixos/pkgs/glitch-soc/gemset.nix b/nixos/pkgs/glitch-soc/gemset.nix index 16dfe6f3..442de5ad 100644 --- a/nixos/pkgs/glitch-soc/gemset.nix +++ b/nixos/pkgs/glitch-soc/gemset.nix @@ -137,10 +137,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ypdmpdn20hxp5vwxz3zc04r5xcwqc25qszdlg41h8ghdqbllwmw"; + sha256 = "15s8van7r2ad3dq6i03l3z4hqnvxcq75a3h72kxvf9an53sqma20"; type = "gem"; }; - version = "2.8.1"; + version = "2.8.4"; }; aes_key_wrap = { groups = ["default"]; @@ -200,10 +200,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ncv2az1zlj33bsllr6q1qdvbw42gv91lxq0ryclbv8l8xh841jg"; + sha256 = "034x6mbrv9apd83v99v9pm8vl3d17w5bbwws26gr4wv95fylmgnc"; type = "gem"; }; - version = "3.1.0"; + version = "4.0.0"; }; attr_required = { groups = ["default"]; @@ -240,10 +240,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "037avf47v67zfc0g7nzax57in14s37kn1vzmarj09lmhhprxs9al"; + sha256 = "18ndv604p1p3gkyy0d958jx2wp74d100q6vbc6ak70a7bv93wqsg"; type = "gem"; }; - version = "1.735.0"; + version = "1.752.0"; }; aws-sdk-core = { dependencies = ["aws-eventstream" "aws-partitions" "aws-sigv4" "jmespath"]; @@ -273,10 +273,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1100ir42jf60rf7kffgq16070g0sqg52pcwwnvy2113c8qk5zlkz"; + sha256 = "1s5v3799pi7ik53gv7dl02am5pngv6x4azzwx9my09nll4q3lfk8"; type = "gem"; }; - version = "1.119.2"; + version = "1.121.0"; }; aws-sigv4 = { dependencies = ["aws-eventstream"]; @@ -368,10 +368,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0lcxxlrzgpi9z2mr2v19xda6fdysmn5psa9bsp2rksa915v91fds"; + sha256 = "0wzvxpabnjwwjgr9s13965dbdgl3qfvwjbmhimh83p81bm5lsrnw"; type = "gem"; }; - version = "5.4.0"; + version = "5.4.1"; }; browser = { groups = ["default"]; @@ -432,10 +432,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "168kyi0gv2s84jm533m8rg0dii50flr06n6s2ci6kzsib3n9n8dr"; + sha256 = "09rndb1fa9r7mhb2sc6p3k0pcarhg8mv0kfmvd1zdb0ciwwp7514"; type = "gem"; }; - version = "2.0.1"; + version = "2.1.0"; }; capistrano-rails = { dependencies = ["capistrano" "capistrano-bundler"]; @@ -476,10 +476,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "123198zk2ak8mziwa5jc3ckgpmsg08zn064n3aywnqm9s1bwjv3v"; + sha256 = "06b4nlhirsq8ny17s8zgz7qyvl9v41rixj1xkviiiwxlnjz982d3"; type = "gem"; }; - version = "3.38.0"; + version = "3.39.0"; }; case_transform = { dependencies = ["activesupport"]; @@ -518,10 +518,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "055047f0qq6scbvxnhqx1h7qx0mkx6llvm2c8dk0443gpjfbn8am"; + sha256 = "1wxq6396814ngwnvwcjkkqm8ji8d7q385gw53kr1dbfihiivlizq"; type = "gem"; }; - version = "7.2.7"; + version = "7.3.2"; }; chunky_png = { groups = ["default"]; @@ -588,10 +588,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1nj4r58m5cpfdsijj6gjfs3yzcnxq2halagjk07wjcrgj6z8ayb7"; + sha256 = "0dndngqvkm2ih3wqn5ilf9980c1cc57lqn5lywx3myalzpilq05z"; type = "gem"; }; - version = "2.3.0"; + version = "2.4.0"; }; cose = { dependencies = ["cbor" "openssl-signature_algorithm"]; @@ -631,10 +631,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1107j3frhmcd95wcsz0rypchynnzhnjiyyxxcl6dlmr2lfy08z4b"; + sha256 = "04q1vin8slr3k8mp76qz0wqgap6f9kdsbryvgfq9fljhrm463kpj"; type = "gem"; }; - version = "1.12.0"; + version = "1.14.0"; }; date = { groups = ["default" "development"]; @@ -651,10 +651,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1lswmjwxf1clzaimikhiwd9s1n07qkyz7a9xwng64j4fxsajykqp"; + sha256 = "01l678ng12rby6660pmwagmyg8nccvjfgs3487xna7ay378a59ga"; type = "gem"; }; - version = "1.0.0"; + version = "1.1.0"; }; devise = { dependencies = ["bcrypt" "orm_adapter" "railties" "responders" "warden"]; @@ -672,9 +672,11 @@ groups = ["default"]; platforms = []; source = { - remotes = ["https://rubygems.org"]; - sha256 = "04f5rb8fg4cvzm32v413z3h53wc0fgxg927q8rqd546hdrlx4j35"; - type = "gem"; + fetchSubmodules = false; + rev = "e685f91ce62d036259885fbe31fcb4fa930bcfcb"; + sha256 = "1zdlhzm2m87xgzacmm68j51wpz7dcmg8wl1r9wxkhs51c90yvqla"; + type = "git"; + url = "https://github.com/tinfoil/devise-two-factor.git"; }; version = "4.0.2"; }; @@ -852,10 +854,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08idrrnpwzr87wc5yhyv6id1f6zigr3nfn45mff01605b0zghdby"; + sha256 = "0j826kfvzn7nc5pv950n270r0sx1702k988ad11cdlav3dcxxw09"; type = "gem"; }; - version = "0.95.0"; + version = "0.99.0"; }; fabrication = { groups = ["development" "test"]; @@ -873,10 +875,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1b8772jybi0vxzbcs5zw17k40z661c8adn2rd6vqqr7ay71bzl09"; + sha256 = "1i3l58jrcapkp70v3swr0x4s6bj1101920al50wsaaj9dv0vhvm7"; type = "gem"; }; - version = "3.1.1"; + version = "3.2.0"; }; faraday = { dependencies = ["faraday-em_http" "faraday-em_synchrony" "faraday-excon" "faraday-httpclient" "faraday-multipart" "faraday-net_http" "faraday-net_http_persistent" "faraday-patron" "faraday-rack" "faraday-retry" "ruby2_keywords"]; @@ -1176,10 +1178,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0yclf57n2j3cw8144ania99h1zinf8q3f5zrhqa754j6gl95rp9d"; + sha256 = "1f8cr014j7mdqpdb9q17fp5vb5b8n1pswqaif91s3ylg5x3pygfn"; type = "gem"; }; - version = "2.0.3"; + version = "2.1.0"; }; hiredis = { groups = ["default"]; @@ -1341,10 +1343,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "179h6jfdsp9dmzyma7s7ykv1ia43r6z8x96j335q99p6mc5sk5qv"; + sha256 = "0zc3ndnp4rjqg98cy2dd9x266vk23rz4mpl8afwn26vj49si56av"; type = "gem"; }; - version = "0.3.0"; + version = "0.3.1"; }; json-jwt = { dependencies = ["activesupport" "aes_key_wrap" "bindata" "httpclient"]; @@ -1363,10 +1365,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1aq71is278w69brhg4yp0f4ldxmy2nyj45c1rfbf73qi945mrbln"; + sha256 = "02lz2fgqmp3dr5q05hagk01knds69n33k0ljjgdj9a7ajapwgvhf"; type = "gem"; }; - version = "3.2.3"; + version = "3.2.4"; }; json-ld-preloaded = { dependencies = ["json-ld" "rdf"]; @@ -1385,10 +1387,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0gdvm83yaa5n8hwapwzxwfcmbypiq2i0zfx4mzz67wg55p2cnli4"; + sha256 = "155rygs093i8i04i38a97hs5icmqk2jkkhx76w31yxyr3bxfbgx3"; type = "gem"; }; - version = "3.0.0"; + version = "4.0.0"; }; jsonapi-renderer = { groups = ["default"]; @@ -1472,10 +1474,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1xdyvr5j0gjj7b10kgvh8ylxnwk3wx19my42wqn9h82r4p246hlm"; + sha256 = "06r43899384das2bkbrpsdxsafyyqa94il7111053idfalb4984a"; type = "gem"; }; - version = "2.5.0"; + version = "2.5.2"; }; letter_opener = { dependencies = ["launchy"]; @@ -1631,10 +1633,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "003gd7mcay800k2q4pb2zn8lwwgci4bhi42v2jvlidm8ksx03i6q"; + sha256 = "1pky3vzaxlgm9gw5wlqwwi7wsw3jrglrfflrppvvnsrlaiz043z9"; type = "gem"; }; - version = "3.2022.0105"; + version = "3.2023.0218.1"; }; mini_mime = { groups = ["default" "development" "test"]; @@ -1671,10 +1673,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1q03pb0vq8388s431nbxabsfxnch6p304c8vnjlk0zzpcv713yr3"; + sha256 = "172ky0r1jfcm3xyg067pia7k1lhc15vw9svv93max120gcdbrvji"; type = "gem"; }; - version = "1.6.0"; + version = "1.7.0"; }; multi_json = { groups = ["default"]; @@ -1723,10 +1725,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ycw0qsw3hap8svakl0i30jkj0ffd4lpyrn17a1j0w8mz5ainmsj"; + sha256 = "0xqcffn3c1564c4fizp10dzw2v5g2pabdzrcn25hq05bqhsckbar"; type = "gem"; }; - version = "0.17.1"; + version = "0.18.0"; }; net-pop = { dependencies = ["net-protocol"]; @@ -1777,20 +1779,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1qp3i8bi7ji1np0530bp2p9zrrn6galvmbsivxwpkjdpjdyn19sr"; + sha256 = "0yx0pb5fmziz92bw8qzbh8vf20lr56nd3s6q8h0gsgr307lki687"; type = "gem"; }; - version = "7.0.1"; + version = "7.1.0"; }; nio4r = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xk64wghkscs6bv2n22853k2nh39d131c6rfpnlw12mbjnnv9v1v"; + sha256 = "0w9978zwjf1qhy3amkivab0f9syz6a7k0xgydjidaf7xc831d78f"; type = "gem"; }; - version = "2.5.8"; + version = "2.5.9"; }; nokogiri = { dependencies = ["mini_portile2" "racc"]; @@ -1798,10 +1800,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1djq4rp4m967mn6sxmiw75vz24gfp0w602xv22kk1x3cmi5afrf7"; + sha256 = "0fnw0z8zl8b5k35g9m5hhc1g4s6ajzjinhyxnqjrx7l7p07fw71v"; type = "gem"; }; - version = "1.14.2"; + version = "1.14.3"; }; nsa = { dependencies = ["activesupport" "concurrent-ruby" "sidekiq" "statsd-ruby"]; @@ -1819,10 +1821,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ghii2zb14rri5jdpvgh29c2lpnl777nkcirdy698qlmpzxasz7d"; + sha256 = "0l8l90iibzrxs33vn3adrhbg8cbmbn1qfh962p7gzwwybsdw73qy"; type = "gem"; }; - version = "3.14.2"; + version = "3.14.3"; }; omniauth = { dependencies = ["hashie" "rack"]; @@ -1926,20 +1928,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1g9ivy30jx7hjl8l3il47dmc9xgla8dj762v5cw0mgzpd9rq6vr4"; + sha256 = "0i1qq88cwh9pccg59whg50rpkgdfrijn4q6k5p3clwrjqgm56lrd"; type = "gem"; }; - version = "2.14.14"; + version = "2.14.16"; }; parallel = { groups = ["default" "development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "07vnk6bb54k4yc06xnwck7php50l09vvlw1ga8wdz0pia461zpzb"; + sha256 = "0jcc512l38c0c163ni3jgskvq1vc3mr8ly5pvjijzwvfml9lf597"; type = "gem"; }; - version = "1.22.1"; + version = "1.23.0"; }; parser = { dependencies = ["ast"]; @@ -1947,10 +1949,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1a2v5f8fw7nxm41xp422p1pbr41hafy62bp95m7vg42cqp5y4grc"; + sha256 = "08f89nssj7ws7sjfvc2fcjpfm83sjgmniyh0npnmpqf5sfv44r8x"; type = "gem"; }; - version = "3.2.1.1"; + version = "3.2.2.1"; }; parslet = { groups = ["default"]; @@ -1978,10 +1980,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "07m6lxljabw9kyww5k5lgsxsznsm1v5l14r1la09gqka9b5kv3yr"; + sha256 = "1qja5f6k9v3jjip7mv3qjgx7rwmk1663cxz8jnb589znvj4wxd9l"; type = "gem"; }; - version = "1.4.6"; + version = "1.5.2"; }; pghero = { dependencies = ["activerecord"]; @@ -1989,10 +1991,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0p6g756bx24sj2nvrvrj09n0z51djjawijcixp5lymmphvjk3ymx"; + sha256 = "002v32dzyyr29xd9cdsqp55g5gx19skvq9b4a4hr9lrs4i1xsavm"; type = "gem"; }; - version = "3.3.1"; + version = "3.3.3"; }; pkg-config = { groups = ["default"]; @@ -2020,10 +2022,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0dfknfwwlzmb594acgi6v080ngxbnhshn3gzvdh5x2vx1aqvwc5r"; + sha256 = "10rzwdz43yy20lwzsr2as6aivhvwjvqh4nd48sa0ga57sizf1fb4"; type = "gem"; }; - version = "1.18.0"; + version = "1.21.0"; }; premailer-rails = { dependencies = ["actionmailer" "net-smtp" "premailer"]; @@ -2062,10 +2064,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1j1hx19hh0hhnfcyn075i8rzxxv4vjrny0q1ywzfdbflbwzg7b21"; + sha256 = "0yf4jmkyy8das7pj1xzwllfvzkhq2p6p534j61d9h4wz3nfyf0s5"; type = "gem"; }; - version = "6.1.1"; + version = "6.2.2"; }; pundit = { dependencies = ["activesupport"]; @@ -2103,10 +2105,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1qgwkcb8kxns8d5187cxjaxf18b7dmg9gh6cr9c1125m0bj2pnfk"; + sha256 = "16w217k9z02c4hqizym8dkj6bqmmzx4qdvqpnskgzf174a5pwdxk"; type = "gem"; }; - version = "2.2.6.4"; + version = "2.2.7"; }; rack-attack = { dependencies = ["rack"]; @@ -2268,10 +2270,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0799a5hqh7rjkqnbfb5cq62m2dx4zlnnag3xy1l4jyjywsk7v5kv"; + sha256 = "097r6fc1gkb62lq0ny9xblvxrg84vdq9w1p6v0hjw20cdgracsdj"; type = "gem"; }; - version = "3.2.9"; + version = "3.2.10"; }; rdf-normalize = { dependencies = ["rdf"]; @@ -2331,10 +2333,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0d6241adx6drsfzz74nx1ld3394nm6fjpv3ammzr0g659krvgf7q"; + sha256 = "17xizkw5ryw8hhq64iqxmzdrrdxpc5lhkqc1fgm1aj0zsk1r2950"; type = "gem"; }; - version = "2.7.0"; + version = "2.8.0"; }; request_store = { dependencies = ["rack"]; @@ -2373,10 +2375,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "11q7rkjx40yi6lpylgl2jkpy162mjw7mswrcgcax86vgpbpjx6i3"; + sha256 = "10mmzc85y7andsich586ndykw678qn1ns2wpjxrg0sc0gr4w3pig"; type = "gem"; }; - version = "6.2.0"; + version = "6.2.2"; }; rpam2 = { groups = ["default" "pam_authentication"]; @@ -2415,10 +2417,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0da45cvllbv39sdbsl65vp5djb2xf5m10mxc9jm7rsqyyxjw4h1f"; + sha256 = "0l95bnjxdabrn79hwdhn2q1n7mn26pj7y1w5660v5qi81x458nqm"; type = "gem"; }; - version = "3.12.1"; + version = "3.12.2"; }; rspec-expectations = { dependencies = ["diff-lcs" "rspec-support"]; @@ -2426,10 +2428,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "03ba3lfdsj9zl00v1yvwgcx87lbadf87livlfa5kgqssn9qdnll6"; + sha256 = "05j44jfqlv7j2rpxb5vqzf9hfv7w8ba46wwgxwcwd8p0wzi1hg89"; type = "gem"; }; - version = "3.12.2"; + version = "3.12.3"; }; rspec-mocks = { dependencies = ["diff-lcs" "rspec-support"]; @@ -2437,10 +2439,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0sq2cc9pm5gq411y7iwfvzbmgv3g91lyf7y7cqn1lr3yf1v122nc"; + sha256 = "1hfm17xakfvwya236graj6c2arr4sb9zasp35q5fykhyz8mhs0w2"; type = "gem"; }; - version = "3.12.3"; + version = "3.12.5"; }; rspec-rails = { dependencies = ["actionpack" "activesupport" "railties" "rspec-core" "rspec-expectations" "rspec-mocks" "rspec-support"]; @@ -2501,10 +2503,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1s5yrn6f63px4051kjr78kgg1zacqlv8z5x5lbwb5swgp8b75kqq"; + sha256 = "0l46lw5gfj3mcm982wpmx7br4rs466gyislv0hfwcsk8dxhv1zkw"; type = "gem"; }; - version = "1.48.1"; + version = "1.50.2"; }; rubocop-ast = { dependencies = ["parser"]; @@ -2512,10 +2514,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "16iabkwqhzqh3cd4pcrp0nqv4ks2whcz84csawi78ynfk12vd20a"; + sha256 = "0n2gsafg6p7nr1z8i1hkvp2qqkkbg842ba183dnl0h08xd9ms6q5"; type = "gem"; }; - version = "1.27.0"; + version = "1.28.0"; }; rubocop-capybara = { dependencies = ["rubocop"]; @@ -2523,10 +2525,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1pz52ml0qbxgcjlmp8y0wsq8xy398n6ypkbrwfaa8zb0v7pscj6n"; + sha256 = "01fn05a87g009ch1sh00abdmgjab87i995msap26vxq1a5smdck6"; type = "gem"; }; - version = "2.17.1"; + version = "2.18.0"; }; rubocop-performance = { dependencies = ["rubocop" "rubocop-ast"]; @@ -2534,10 +2536,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1n7g0vg06ldjaq4f8c11c7yqy99zng1qdrkkk4kfziippy24yxnc"; + sha256 = "1z6i24r0485fxa5n4g3rhp88w589fifszhd1khbzya2iiknkjxkr"; type = "gem"; }; - version = "1.16.0"; + version = "1.17.1"; }; rubocop-rails = { dependencies = ["activesupport" "rack" "rubocop"]; @@ -2791,10 +2793,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1m16qc3zrwx79a8p9q2xnsm2hhdd8q3vp6xihyf8j5b6dn9k5py5"; + sha256 = "0bhdgfb0pmw9mav1kw9fn0ka012sa0i3h5ppvqssw5xq48nhxnr8"; type = "gem"; }; - version = "0.2.24"; + version = "0.2.25"; }; statsd-ruby = { groups = ["default"]; diff --git a/nixos/pkgs/glitch-soc/source.nix b/nixos/pkgs/glitch-soc/source.nix index 64496a44..7d1d91a2 100644 --- a/nixos/pkgs/glitch-soc/source.nix +++ b/nixos/pkgs/glitch-soc/source.nix @@ -2,8 +2,8 @@ { fetchgit, applyPatches }: let src = fetchgit { url = "https://github.com/glitch-soc/mastodon.git"; - rev = "ff168ef2024626f37fa776fde5739dcd58ecb9f2"; - sha256 = "16w1hzx45i2kf5jgy32v96l4zaa1zzmvda19yqckc48l0fxcn39p"; + rev = "c18884de32b60152600ec95ed42cdf9c00fdab7a"; + sha256 = "08b520wfs7hpi4jy9srynydkkh5b2wwnb2b3xxa843yialf0qmlh"; }; in applyPatches { inherit src; -- 2.47.1 From cf3bd1fe6cc39970554bfe1ab895e83265c4d2b1 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 3 May 2023 12:58:47 +0200 Subject: [PATCH 1521/1882] add lucy --- flake.lock | 12 ++++++------ nixos/hosts/hades/default.nix | 5 +++++ nixos/hosts/thalassa/aoife/hardware.nix | 2 ++ 3 files changed, 13 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 59ab2a88..30b60a90 100644 --- a/flake.lock +++ b/flake.lock @@ -865,11 +865,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1683064191, - "narHash": "sha256-g0DVqML1/9x+qirw48Dq9R0srGlMyErC/m0IBLYab+8=", + "lastModified": 1683109436, + "narHash": "sha256-m66inegZHyF28OHFosKL/7F9YPflspVa9oZpKueMqj8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "72e8332e0c0f6a5f44545199261a6352efe55f0b", + "rev": "ba63ea9268f8e1f14a57fbc5516dbd257f5349fa", "type": "github" }, "original": { @@ -980,11 +980,11 @@ }, "nur": { "locked": { - "lastModified": 1683060374, - "narHash": "sha256-6yfeqytI9vCouLTAvFyqlNyRKnmD669Hfk7o00ilnGY=", + "lastModified": 1683106140, + "narHash": "sha256-kteCzvc9+6t46PTbTruP5r+FXqnJl/xoCfteV4CQmGE=", "owner": "nix-community", "repo": "NUR", - "rev": "eb2118cd4558440844aa1dfff888005c174c4522", + "rev": "9b5b623552610c800cfeb24a5b818de77f12e575", "type": "github" }, "original": { diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 19a64773..e7e63774 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -127,6 +127,11 @@ mac = "d4:3d:7e:35:0a:bf"; nix = false; }; + "lucy" = { + ip = "192.168.0.125"; + mac = "5E:36:04:2D:38:DF"; + type = "vm"; + }; "database" = { ip = "192.168.0.126"; mac = "82:e8:71:7f:37:b4"; diff --git a/nixos/hosts/thalassa/aoife/hardware.nix b/nixos/hosts/thalassa/aoife/hardware.nix index 2875b28e..d9b8e1ec 100644 --- a/nixos/hosts/thalassa/aoife/hardware.nix +++ b/nixos/hosts/thalassa/aoife/hardware.nix @@ -5,6 +5,8 @@ services.hardware.bolt.enable = true; + hardware.trackpoint.enable = true; + # FS fileSystems."/".options = [ "compress=zstd" ]; -- 2.47.1 From a4101001779bd7406b9540c2296ff75d01007874 Mon Sep 17 00:00:00 2001 From: v Date: Wed, 3 May 2023 11:00:34 +0000 Subject: [PATCH 1522/1882] add lucy hw config --- nixos/hosts/hades/lucy/configuration.nix | 23 ++++++++++++ .../hades/lucy/hardware-configuration.nix | 36 +++++++++++++++++++ 2 files changed, 59 insertions(+) create mode 100644 nixos/hosts/hades/lucy/configuration.nix create mode 100644 nixos/hosts/hades/lucy/hardware-configuration.nix diff --git a/nixos/hosts/hades/lucy/configuration.nix b/nixos/hosts/hades/lucy/configuration.nix new file mode 100644 index 00000000..0e7dca7e --- /dev/null +++ b/nixos/hosts/hades/lucy/configuration.nix @@ -0,0 +1,23 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = [ ./hardware-configuration.nix + ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.05"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ ]; +} diff --git a/nixos/hosts/hades/lucy/hardware-configuration.nix b/nixos/hosts/hades/lucy/hardware-configuration.nix new file mode 100644 index 00000000..5b4f92f7 --- /dev/null +++ b/nixos/hosts/hades/lucy/hardware-configuration.nix @@ -0,0 +1,36 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/96c00816-b297-41f2-bfc1-b8990fc06a7a"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/CDF3-36C9"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.ens18.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} -- 2.47.1 From c11bdc6d805c26f0bc9dda6c2d73310b6c23343d Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 3 May 2023 13:09:19 +0200 Subject: [PATCH 1523/1882] add grub2 to lucy --- nixos/hosts/hades/lucy/configuration.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/nixos/hosts/hades/lucy/configuration.nix b/nixos/hosts/hades/lucy/configuration.nix index 0e7dca7e..65410c33 100644 --- a/nixos/hosts/hades/lucy/configuration.nix +++ b/nixos/hosts/hades/lucy/configuration.nix @@ -5,8 +5,7 @@ { config, pkgs, ... }: { - imports = [ ./hardware-configuration.nix - ]; + imports = [ ./hardware-configuration.nix ]; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions @@ -20,4 +19,7 @@ environment.systemPackages = with pkgs; [ ]; networking.firewall.allowedTCPPorts = [ ]; + + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; } -- 2.47.1 From d718ef7932498d0f49d8e2d26d6a7e3cd2baf883 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 3 May 2023 13:11:33 +0200 Subject: [PATCH 1524/1882] lucy: a --- nixos/hosts/hades/lucy/configuration.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/hosts/hades/lucy/configuration.nix b/nixos/hosts/hades/lucy/configuration.nix index 65410c33..5a52481c 100644 --- a/nixos/hosts/hades/lucy/configuration.nix +++ b/nixos/hosts/hades/lucy/configuration.nix @@ -22,4 +22,5 @@ boot.loader.grub.enable = true; boot.loader.grub.version = 2; + boot.loader.grub.device = "/dev/sda"; } -- 2.47.1 From 7beb3f3347e3934277bfcf6248896316f322288a Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 3 May 2023 14:08:38 +0200 Subject: [PATCH 1525/1882] ucy b --- nixos/hosts/hades/lucy/configuration.nix | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/nixos/hosts/hades/lucy/configuration.nix b/nixos/hosts/hades/lucy/configuration.nix index 5a52481c..2cb53880 100644 --- a/nixos/hosts/hades/lucy/configuration.nix +++ b/nixos/hosts/hades/lucy/configuration.nix @@ -20,7 +20,9 @@ networking.firewall.allowedTCPPorts = [ ]; - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - boot.loader.grub.device = "/dev/sda"; + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.loader.efi.efiSysMountPoint = "/boot/efi"; + + } -- 2.47.1 From 4a461cfc8bb2a5605f52f5dd5a6b51560428c3d0 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 3 May 2023 14:31:38 +0200 Subject: [PATCH 1526/1882] more lucy config --- nixos/hosts/hades/lucy/configuration.nix | 14 +++++++++++--- nixos/hosts/hades/lucy/hardware-configuration.nix | 8 ++++---- 2 files changed, 15 insertions(+), 7 deletions(-) diff --git a/nixos/hosts/hades/lucy/configuration.nix b/nixos/hosts/hades/lucy/configuration.nix index 2cb53880..ae3cc659 100644 --- a/nixos/hosts/hades/lucy/configuration.nix +++ b/nixos/hosts/hades/lucy/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: +{ pkgs, ... }: { imports = [ ./hardware-configuration.nix ]; @@ -16,13 +16,21 @@ system.stateVersion = "23.05"; # Did you read the comment? # Additional packages - environment.systemPackages = with pkgs; [ ]; + environment.systemPackages = with pkgs; [ + gcc + jq + nuclei + rustup + ]; networking.firewall.allowedTCPPorts = [ ]; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; - boot.loader.efi.efiSysMountPoint = "/boot/efi"; + boot.loader.efi.efiSysMountPoint = "/boot"; + virtualisation.docker.enable = true; + users.extraUsers.laura.extraGroups = [ "wheel" "docker" ]; + users.extraUsers.victor.extraGroups = [ "docker" ]; } diff --git a/nixos/hosts/hades/lucy/hardware-configuration.nix b/nixos/hosts/hades/lucy/hardware-configuration.nix index 5b4f92f7..650e74b6 100644 --- a/nixos/hosts/hades/lucy/hardware-configuration.nix +++ b/nixos/hosts/hades/lucy/hardware-configuration.nix @@ -8,18 +8,18 @@ [ (modulesPath + "/profiles/qemu-guest.nix") ]; - boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; + boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ ]; boot.extraModulePackages = [ ]; fileSystems."/" = - { device = "/dev/disk/by-uuid/96c00816-b297-41f2-bfc1-b8990fc06a7a"; + { device = "/dev/disk/by-uuid/749c02fd-209d-4974-917e-38b749d10ec2"; fsType = "ext4"; }; fileSystems."/boot" = - { device = "/dev/disk/by-uuid/CDF3-36C9"; + { device = "/dev/disk/by-uuid/D021-72EB"; fsType = "vfat"; }; @@ -30,7 +30,7 @@ # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; - # networking.interfaces.ens18.useDHCP = lib.mkDefault true; + # networking.interfaces.enp6s18.useDHCP = lib.mkDefault true nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; } -- 2.47.1 From eab862e27185fff78e2034d1a71485f8c778b774 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 3 May 2023 16:52:43 +0200 Subject: [PATCH 1527/1882] fix cshub --- flake.lock | 91 +++++++---------------- flake.nix | 11 +-- nixos/common/users/default.nix | 3 - nixos/common/users/laura.nix | 2 +- nixos/hosts/hades/nginx/configuration.nix | 3 + 5 files changed, 34 insertions(+), 76 deletions(-) diff --git a/flake.lock b/flake.lock index 30b60a90..72634535 100644 --- a/flake.lock +++ b/flake.lock @@ -515,24 +515,6 @@ "type": "github" } }, - "hyprpaper": { - "inputs": { - "nixpkgs": "nixpkgs_3" - }, - "locked": { - "lastModified": 1682542538, - "narHash": "sha256-752hHXEGsvKdw1Hm2LoFfi6sj2zVxu2AuKi4sRA7HN0=", - "owner": "hyprwm", - "repo": "hyprpaper", - "rev": "b4fdc0be52d7c3e48e932698bafc3f69dbd45b3b", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprpaper", - "type": "github" - } - }, "lowdown-src": { "flake": false, "locked": { @@ -634,7 +616,7 @@ "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs_7", + "nixpkgs": "nixpkgs_6", "nixpkgs-regression": "nixpkgs-regression" }, "locked": { @@ -799,22 +781,6 @@ "type": "github" } }, - "nixpkgs_10": { - "locked": { - "lastModified": 1670507980, - "narHash": "sha256-riNZa0xzM1it3pzxciwALeMs+0CsBMWIW2FqulzK8vM=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "2787fc7d1e51404678614bf0fe92fc296746eec0", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs_2": { "locked": { "lastModified": 1680668850, @@ -848,22 +814,6 @@ } }, "nixpkgs_3": { - "locked": { - "lastModified": 1674641431, - "narHash": "sha256-qfo19qVZBP4qn5M5gXc/h1MDgAtPA5VxJm9s8RUAkVk=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "9b97ad7b4330aacda9b2343396eb3df8a853b4fc", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { "locked": { "lastModified": 1683109436, "narHash": "sha256-m66inegZHyF28OHFosKL/7F9YPflspVa9oZpKueMqj8=", @@ -879,7 +829,7 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_4": { "locked": { "lastModified": 1682526928, "narHash": "sha256-2cKh4O6t1rQ8Ok+v16URynmb0rV7oZPEbXkU0owNLQs=", @@ -895,7 +845,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_5": { "locked": { "lastModified": 1672580127, "narHash": "sha256-3lW3xZslREhJogoOkjeZtlBtvFMyxHku7I/9IVehhT8=", @@ -911,7 +861,7 @@ "type": "github" } }, - "nixpkgs_7": { + "nixpkgs_6": { "locked": { "lastModified": 1645296114, "narHash": "sha256-y53N7TyIkXsjMpOG7RhvqJFGDacLs9HlyHeSTBioqYU=", @@ -927,7 +877,7 @@ "type": "github" } }, - "nixpkgs_8": { + "nixpkgs_7": { "locked": { "lastModified": 1674736538, "narHash": "sha256-/DszFMkAgYyB9dTWKkoZa9i0zcrA6Z4hYrOr/u/FSxY=", @@ -941,7 +891,7 @@ "type": "indirect" } }, - "nixpkgs_9": { + "nixpkgs_8": { "locked": { "lastModified": 1682526928, "narHash": "sha256-2cKh4O6t1rQ8Ok+v16URynmb0rV7oZPEbXkU0owNLQs=", @@ -957,11 +907,27 @@ "type": "github" } }, + "nixpkgs_9": { + "locked": { + "lastModified": 1670507980, + "narHash": "sha256-riNZa0xzM1it3pzxciwALeMs+0CsBMWIW2FqulzK8vM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "2787fc7d1e51404678614bf0fe92fc296746eec0", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nixvim": { "inputs": { "beautysh": "beautysh", "flake-utils": "flake-utils_2", - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_4", "pre-commit-hooks": "pre-commit-hooks" }, "locked": { @@ -1093,7 +1059,7 @@ "inputs": { "fenix": "fenix", "naersk": "naersk_2", - "nixpkgs": "nixpkgs_6" + "nixpkgs": "nixpkgs_5" }, "locked": { "lastModified": 1677774593, @@ -1114,11 +1080,10 @@ "colmena": "colmena", "comma": "comma", "home-manager": "home-manager", - "hyprpaper": "hyprpaper", "mailserver": "mailserver", "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_3", "nixpkgs_22-11": "nixpkgs_22-11", "nixvim": "nixvim", "nur": "nur", @@ -1258,7 +1223,7 @@ "flake-compat": "flake-compat_5", "flake-utils": "flake-utils_4", "nix": "nix", - "nixpkgs": "nixpkgs_8" + "nixpkgs": "nixpkgs_7" }, "locked": { "lastModified": 1679628347, @@ -1277,7 +1242,7 @@ "vault-unseal": { "inputs": { "flake-utils": "flake-utils_5", - "nixpkgs": "nixpkgs_9" + "nixpkgs": "nixpkgs_8" }, "locked": { "lastModified": 1683013874, @@ -1296,7 +1261,7 @@ "webcord": { "inputs": { "dream2nix": "dream2nix", - "nixpkgs": "nixpkgs_10", + "nixpkgs": "nixpkgs_9", "webcord": "webcord_2" }, "locked": { diff --git a/flake.nix b/flake.nix index b317cb46..4a668cfc 100644 --- a/flake.nix +++ b/flake.nix @@ -21,8 +21,6 @@ home-manager.url = "github:nix-community/home-manager"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; - hyprpaper.url = "github:hyprwm/hyprpaper"; - riff.url = "github:DeterminateSystems/riff"; webcord.url = "github:fufexan/webcord-flake"; @@ -42,7 +40,7 @@ vault-unseal.url = "git+https://git.0x76.dev/v/vault-unseal.git"; }; - outputs = { self, nixpkgs, nixpkgs_22-11, vault-secrets, colmena, hyprpaper + outputs = { self, nixpkgs, nixpkgs_22-11, vault-secrets, colmena , nixos-generators, nur, ... }@inputs: let inherit (nixpkgs) lib; @@ -59,12 +57,7 @@ pkgs = import nixpkgs { inherit system; - overlays = [ - (import ./nixos/pkgs) - vault-secrets.overlay - hyprpaper.overlays.default - nur.overlay - ]; + overlays = [ (import ./nixos/pkgs) vault-secrets.overlay nur.overlay ]; }; pkgs_22-11 = import nixpkgs_22-11 { diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index f8082806..c4c4343e 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -42,12 +42,9 @@ # Setup packages available everywhere environment.systemPackages = with pkgs; [ - cmatrix fzf git - helix htop - lolcat ncdu psmisc ripgrep diff --git a/nixos/common/users/laura.nix b/nixos/common/users/laura.nix index 91e19fa0..92759370 100644 --- a/nixos/common/users/laura.nix +++ b/nixos/common/users/laura.nix @@ -10,4 +10,4 @@ extraGroups = [ ]; }; -} \ No newline at end of file +} diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix index ff04ae7a..e4a6f4fa 100644 --- a/nixos/hosts/hades/nginx/configuration.nix +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -28,6 +28,7 @@ in { security.acme.acceptTerms = true; security.acme.preliminarySelfsigned = true; + services.nginx = { enable = true; recommendedProxySettings = true; @@ -39,6 +40,8 @@ in { package = pkgs.nginxMainline; virtualHosts."cshub.nl" = proxy "http://192.168.0.113"; + virtualHosts."api.cshub.nl" = proxy "http://192.168.0.113"; + virtualHosts."ha.xirion.net" = proxy "http://192.168.0.129:8123"; virtualHosts."xirion.net" = { enableACME = true; -- 2.47.1 From ff00a181c9a2a6d204f2750a8776ed66d8481fda Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 3 May 2023 22:42:47 +0200 Subject: [PATCH 1528/1882] aaaa --- flake.nix | 4 ++-- nixos/common/users/default.nix | 1 + nixos/hosts/hades/lucy/configuration.nix | 3 +++ 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index b317cb46..10d51f53 100644 --- a/flake.nix +++ b/flake.nix @@ -112,13 +112,13 @@ iso = nixos-generators.nixosGenerate { inherit system pkgs; - format = "iso"; + format = "install-iso"; modules = [ (import ./nixos/templates/iso.nix) ]; }; iso-graphical = nixos-generators.nixosGenerate { inherit system pkgs; - format = "iso"; + format = "install-iso"; modules = [ (import ./nixos/templates/iso-graphical.nix) ]; }; diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index f8082806..028669c9 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -53,5 +53,6 @@ ripgrep rsync zoxide + tmux ]; } diff --git a/nixos/hosts/hades/lucy/configuration.nix b/nixos/hosts/hades/lucy/configuration.nix index 5a52481c..f1f9e22c 100644 --- a/nixos/hosts/hades/lucy/configuration.nix +++ b/nixos/hosts/hades/lucy/configuration.nix @@ -23,4 +23,7 @@ boot.loader.grub.enable = true; boot.loader.grub.version = 2; boot.loader.grub.device = "/dev/sda"; + + # Make laura admin + users.extraUsers.laura.extraGroups = [ "wheel" ]; } -- 2.47.1 From 0c53bfe4d95b45a32304d18bdb4f2d72f52b0b5d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 3 May 2023 22:04:00 +0000 Subject: [PATCH 1529/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 72634535..206b6ede 100644 --- a/flake.lock +++ b/flake.lock @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1683109436, - "narHash": "sha256-m66inegZHyF28OHFosKL/7F9YPflspVa9oZpKueMqj8=", + "lastModified": 1683151118, + "narHash": "sha256-BY35o9AEqG1ckxJ0RECdIMYR93t0Ox3oTxPpu3WZbw8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "ba63ea9268f8e1f14a57fbc5516dbd257f5349fa", + "rev": "7d9242bd035c3f9f1c357101d49ffac11116fb06", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1683106140, - "narHash": "sha256-kteCzvc9+6t46PTbTruP5r+FXqnJl/xoCfteV4CQmGE=", + "lastModified": 1683148483, + "narHash": "sha256-gdjZHh/SeUVA6YUI1ERRpvKnLmeIk4PbQ4hBf0bcKZs=", "owner": "nix-community", "repo": "NUR", - "rev": "9b5b623552610c800cfeb24a5b818de77f12e575", + "rev": "c49d673b261c63732c651aacb99a309ffe95674b", "type": "github" }, "original": { -- 2.47.1 From dd3076d5c5db631af0cfd28be77e3ccf15aea3c4 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 4 May 2023 08:32:01 +0200 Subject: [PATCH 1530/1882] things --- nixos/hosts/hades/lucy/configuration.nix | 1 + nixos/hosts/thalassa/aoife/hardware.nix | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/nixos/hosts/hades/lucy/configuration.nix b/nixos/hosts/hades/lucy/configuration.nix index ae3cc659..ad4cfdcb 100644 --- a/nixos/hosts/hades/lucy/configuration.nix +++ b/nixos/hosts/hades/lucy/configuration.nix @@ -18,6 +18,7 @@ # Additional packages environment.systemPackages = with pkgs; [ gcc + go jq nuclei rustup diff --git a/nixos/hosts/thalassa/aoife/hardware.nix b/nixos/hosts/thalassa/aoife/hardware.nix index d9b8e1ec..f00abf81 100644 --- a/nixos/hosts/thalassa/aoife/hardware.nix +++ b/nixos/hosts/thalassa/aoife/hardware.nix @@ -5,7 +5,7 @@ services.hardware.bolt.enable = true; - hardware.trackpoint.enable = true; + # hardware.trackpoint.enable = true; # FS fileSystems."/".options = [ "compress=zstd" ]; -- 2.47.1 From 349623dda8cec5392d3eaa659f0f9260811cf4ae Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 4 May 2023 09:26:36 +0200 Subject: [PATCH 1531/1882] specify latest version of nuclei --- nixos/common/users/laura.nix | 1 + nixos/hosts/hades/lucy/configuration.nix | 30 +++++++++++++++++------- 2 files changed, 23 insertions(+), 8 deletions(-) diff --git a/nixos/common/users/laura.nix b/nixos/common/users/laura.nix index 92759370..6c19947c 100644 --- a/nixos/common/users/laura.nix +++ b/nixos/common/users/laura.nix @@ -11,3 +11,4 @@ extraGroups = [ ]; }; } + diff --git a/nixos/hosts/hades/lucy/configuration.nix b/nixos/hosts/hades/lucy/configuration.nix index ad4cfdcb..f80b3db6 100644 --- a/nixos/hosts/hades/lucy/configuration.nix +++ b/nixos/hosts/hades/lucy/configuration.nix @@ -3,8 +3,28 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { pkgs, ... }: +let + # Redefining the package instead of overriding as overriding GoModules seems broken + # see: https://github.com/NixOS/nixpkgs/issues/86349 + nuclei-latest = pkgs.buildGoModule rec { + pname = "nuclei"; + version = "2.9.2"; -{ + src = pkgs.fetchFromGitHub { + owner = "projectdiscovery"; + repo = pname; + rev = "1f9a065713924b28b203e2108fc76d7a1ec49068"; + hash = "sha256-QiegMoBy0gZMyQl2MRAwR14zXeh8wvVonyETdAzHbj0="; + }; + + vendorHash = "sha256-0JNwoBqLKH1F/0Tr8o35gCSNT/2plIjIQvZRuzAZ5P8="; + + modRoot = "./v2"; + subPackages = [ "cmd/nuclei/" ]; + + doCheck = false; + }; +in { imports = [ ./hardware-configuration.nix ]; # This value determines the NixOS release from which the default @@ -16,13 +36,7 @@ system.stateVersion = "23.05"; # Did you read the comment? # Additional packages - environment.systemPackages = with pkgs; [ - gcc - go - jq - nuclei - rustup - ]; + environment.systemPackages = with pkgs; [ gcc go jq rustup nuclei-latest ]; networking.firewall.allowedTCPPorts = [ ]; -- 2.47.1 From 3dfe40e4e218e00462a4d323099414c3ec27800d Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 4 May 2023 13:06:08 +0200 Subject: [PATCH 1532/1882] apply deadnix --- .woodpecker.yml | 1 + flake.lock | 24 +++++++++---------- nixos/common/generic-vm.nix | 2 +- nixos/common/modules/unpackerr.nix | 2 +- nixos/common/users/default.nix | 2 +- nixos/hosts/hades/_template/configuration.nix | 2 +- nixos/hosts/hades/bastion/configuration.nix | 2 +- nixos/hosts/hades/bazarr/configuration.nix | 2 +- .../docker-registry-proxy/configuration.nix | 2 +- .../hades/docker-registry/configuration.nix | 2 +- nixos/hosts/hades/jackett/configuration.nix | 2 +- .../hades/lucy/hardware-configuration.nix | 2 +- nixos/hosts/hades/minio/configuration.nix | 2 +- nixos/hosts/hades/overseerr/configuration.nix | 2 +- nixos/hosts/hades/pmm/configuration.nix | 2 +- nixos/hosts/hades/prowlarr/configuration.nix | 4 ++-- nixos/hosts/hades/radarr/configuration.nix | 3 +-- nixos/hosts/hades/sonarr/configuration.nix | 2 +- nixos/hosts/hades/tautulli/configuration.nix | 2 +- .../hosts/olympus/_template/configuration.nix | 2 +- nixos/hosts/olympus/bastion/configuration.nix | 2 +- .../bastion/hardware-configuration.nix | 2 +- nixos/hosts/olympus/bastion/home.nix | 2 +- nixos/hosts/olympus/dhcp/configuration.nix | 2 +- .../olympus/kubernetes/configuration.nix | 2 +- .../hosts/olympus/minecraft/configuration.nix | 2 +- nixos/hosts/olympus/minio/configuration.nix | 2 +- nixos/hosts/olympus/nginx/configuration.nix | 2 +- nixos/hosts/olympus/ntfy/configuration.nix | 2 +- nixos/hosts/olympus/outline/configuration.nix | 2 +- nixos/hosts/olympus/unifi/configuration.nix | 2 +- nixos/hosts/olympus/vault-0/configuration.nix | 2 +- .../hosts/olympus/wireguard/configuration.nix | 2 +- nixos/hosts/thalassa/aoife/configuration.nix | 2 +- .../thalassa/aoife/hardware-configuration.nix | 2 +- nixos/hosts/thalassa/eevee/configuration.nix | 2 +- .../thalassa/eevee/hardware-configuration.nix | 2 +- nixos/hosts/thalassa/eevee/home/default.nix | 8 +------ nixos/hosts/thalassa/eevee/home/theme.nix | 2 +- nixos/hosts/thalassa/null/configuration.nix | 2 +- .../thalassa/null/hardware-configuration.nix | 2 +- nixos/hosts/thalassa/null/home/default.nix | 2 +- nixos/hosts/thalassa/null/home/hyprland.nix | 2 +- nixos/hosts/thalassa/null/home/neovim.nix | 2 +- nixos/hosts/thalassa/null/home/theme.nix | 2 +- nixos/pkgs/default.nix | 2 +- nixos/pkgs/dnd-5e-latex-template/default.nix | 2 +- nixos/pkgs/gitea-agatheme/default.nix | 2 +- nixos/pkgs/glitch-soc/default.nix | 2 +- nixos/pkgs/glitch-soc/update.nix | 3 +-- nixos/pkgs/vscode-extensions/platformio.nix | 2 +- nixos/templates/iso-graphical.nix | 2 +- nixos/templates/proxmox-lxc.nix | 2 +- nixos/templates/proxmox-vm.nix | 2 +- nixos/util.nix | 3 +-- 55 files changed, 67 insertions(+), 75 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index cdd77d85..0a8e125e 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -5,4 +5,5 @@ pipeline: - NIX_CONFIG=experimental-features = nix-command flakes commands: - nix run 'nixpkgs#statix' check + - nix run 'github:astro/deadnix' -- -f - nix run 'nixpkgs#yamllint' . diff --git a/flake.lock b/flake.lock index 206b6ede..113ab593 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1682977601, - "narHash": "sha256-F1Va/Uiw2tVNn27FLqWyBkiqDyIm/eCamw9wA/GK8Fw=", + "lastModified": 1683153724, + "narHash": "sha256-wiQ8pBYbbPklLngAz5w3VvwmpLqTNroKc7um56iCLHo=", "owner": "nix-community", "repo": "home-manager", - "rev": "0e4c33d76006c9080d2f228ba1c2308e3e4d7be6", + "rev": "514c0a71f47cb80282742d7e4b6913c2c0582c2d", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1683028696, - "narHash": "sha256-saPKTDj+HB9aPvB59wGcJ64CifRuiIt2CHvSbh7UHz8=", + "lastModified": 1683103914, + "narHash": "sha256-Mbrst3sLaiL55eOlZOEL8kB+XTWffaQVfcI03YWiryg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5dab6490fe6d72b3f120ae8660181e20f396fbdf", + "rev": "54495a4eafe99c537695a87fe04cb50bf17e651d", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1683151118, - "narHash": "sha256-BY35o9AEqG1ckxJ0RECdIMYR93t0Ox3oTxPpu3WZbw8=", + "lastModified": 1683186265, + "narHash": "sha256-XuGXnnF/mpM0CR4M4dbuMYsARgHLqtpolh5nPA9+040=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7d9242bd035c3f9f1c357101d49ffac11116fb06", + "rev": "3428bdf3c93a7608615dddd44dec50c3df89b4be", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1683148483, - "narHash": "sha256-gdjZHh/SeUVA6YUI1ERRpvKnLmeIk4PbQ4hBf0bcKZs=", + "lastModified": 1683183829, + "narHash": "sha256-Ta7qCL+mWSBt3851GYtbJpuAcCfNvNxD+MqfK+Yj4RU=", "owner": "nix-community", "repo": "NUR", - "rev": "c49d673b261c63732c651aacb99a309ffe95674b", + "rev": "82a30341dc98d46808ea11ba932e95856e53452c", "type": "github" }, "original": { diff --git a/nixos/common/generic-vm.nix b/nixos/common/generic-vm.nix index 856a8b37..086bf638 100644 --- a/nixos/common/generic-vm.nix +++ b/nixos/common/generic-vm.nix @@ -1,4 +1,4 @@ -{ lib, ... }: { +_: { networking.useDHCP = true; # Enable qemu guest agent diff --git a/nixos/common/modules/unpackerr.nix b/nixos/common/modules/unpackerr.nix index 36f522b5..4a8043ba 100644 --- a/nixos/common/modules/unpackerr.nix +++ b/nixos/common/modules/unpackerr.nix @@ -258,7 +258,7 @@ in after = [ "network.target" ]; description = "unpackerr system service"; # Filter out all unset variables else unpackerr complains - environment = filterAttrs (n: v: stringLength v > 0) + environment = filterAttrs (_n: v: stringLength v > 0) { # General options UN_DEBUG = "${toString cfg.debug}"; diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index 0155aa07..f5152cbc 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, inputs, ... }: +{ config, pkgs, lib, ... }: { imports = [ ./laura.nix diff --git a/nixos/hosts/hades/_template/configuration.nix b/nixos/hosts/hades/_template/configuration.nix index 7b6c670d..0947f389 100644 --- a/nixos/hosts/hades/_template/configuration.nix +++ b/nixos/hosts/hades/_template/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: +{ pkgs, ... }: { imports = [ ]; diff --git a/nixos/hosts/hades/bastion/configuration.nix b/nixos/hosts/hades/bastion/configuration.nix index a2a6cd00..0d80fa25 100644 --- a/nixos/hosts/hades/bastion/configuration.nix +++ b/nixos/hosts/hades/bastion/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, ... }: +{ pkgs, lib, ... }: { networking.interfaces.eth0.useDHCP = true; diff --git a/nixos/hosts/hades/bazarr/configuration.nix b/nixos/hosts/hades/bazarr/configuration.nix index 628d5f02..9a679ddb 100644 --- a/nixos/hosts/hades/bazarr/configuration.nix +++ b/nixos/hosts/hades/bazarr/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +_: { system.stateVersion = "22.11"; networking.interfaces.eth0.useDHCP = true; diff --git a/nixos/hosts/hades/docker-registry-proxy/configuration.nix b/nixos/hosts/hades/docker-registry-proxy/configuration.nix index 75c381d1..7574924c 100644 --- a/nixos/hosts/hades/docker-registry-proxy/configuration.nix +++ b/nixos/hosts/hades/docker-registry-proxy/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, ... }: +{ config, ... }: let vs = config.vault-secrets.secrets; in { system.stateVersion = "22.05"; diff --git a/nixos/hosts/hades/docker-registry/configuration.nix b/nixos/hosts/hades/docker-registry/configuration.nix index d7f91171..1f7cd156 100644 --- a/nixos/hosts/hades/docker-registry/configuration.nix +++ b/nixos/hosts/hades/docker-registry/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, ... }: +{ config, ... }: let vs = config.vault-secrets.secrets; in { system.stateVersion = "22.05"; diff --git a/nixos/hosts/hades/jackett/configuration.nix b/nixos/hosts/hades/jackett/configuration.nix index e749d648..2ccfd137 100644 --- a/nixos/hosts/hades/jackett/configuration.nix +++ b/nixos/hosts/hades/jackett/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +_: { system.stateVersion = "21.05"; networking.interfaces.eth0.useDHCP = true; diff --git a/nixos/hosts/hades/lucy/hardware-configuration.nix b/nixos/hosts/hades/lucy/hardware-configuration.nix index 650e74b6..b658cbc2 100644 --- a/nixos/hosts/hades/lucy/hardware-configuration.nix +++ b/nixos/hosts/hades/lucy/hardware-configuration.nix @@ -1,7 +1,7 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ lib, modulesPath, ... }: { imports = diff --git a/nixos/hosts/hades/minio/configuration.nix b/nixos/hosts/hades/minio/configuration.nix index 5d2f7555..8e2e335e 100644 --- a/nixos/hosts/hades/minio/configuration.nix +++ b/nixos/hosts/hades/minio/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, ... }: +{ config, pkgs, ... }: let vs = config.vault-secrets.secrets; in { diff --git a/nixos/hosts/hades/overseerr/configuration.nix b/nixos/hosts/hades/overseerr/configuration.nix index 6810d75f..669ce1c0 100644 --- a/nixos/hosts/hades/overseerr/configuration.nix +++ b/nixos/hosts/hades/overseerr/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: +{ ... }: { imports = [ ]; diff --git a/nixos/hosts/hades/pmm/configuration.nix b/nixos/hosts/hades/pmm/configuration.nix index 44b112cd..844c60d5 100644 --- a/nixos/hosts/hades/pmm/configuration.nix +++ b/nixos/hosts/hades/pmm/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: +{ pkgs, ... }: let datadir = "/var/lib/pmm/config"; container = "meisnate12/plex-meta-manager:latest"; diff --git a/nixos/hosts/hades/prowlarr/configuration.nix b/nixos/hosts/hades/prowlarr/configuration.nix index 9c0d325b..f22d49e0 100644 --- a/nixos/hosts/hades/prowlarr/configuration.nix +++ b/nixos/hosts/hades/prowlarr/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +_: { networking.interfaces.eth0.useDHCP = true; system.stateVersion = "22.11"; @@ -7,7 +7,7 @@ enable = true; openFirewall = true; }; - + virtualisation.podman.enable = true; virtualisation.oci-containers = { diff --git a/nixos/hosts/hades/radarr/configuration.nix b/nixos/hosts/hades/radarr/configuration.nix index 1ba806c7..5a3b874b 100644 --- a/nixos/hosts/hades/radarr/configuration.nix +++ b/nixos/hosts/hades/radarr/configuration.nix @@ -1,5 +1,4 @@ -{ config, pkgs, ... }: -{ +_: { system.stateVersion = "21.05"; networking.interfaces.eth0.useDHCP = true; diff --git a/nixos/hosts/hades/sonarr/configuration.nix b/nixos/hosts/hades/sonarr/configuration.nix index d9d9ce4a..c74c9205 100644 --- a/nixos/hosts/hades/sonarr/configuration.nix +++ b/nixos/hosts/hades/sonarr/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +_: { system.stateVersion = "21.05"; networking.interfaces.eth0.useDHCP = true; diff --git a/nixos/hosts/hades/tautulli/configuration.nix b/nixos/hosts/hades/tautulli/configuration.nix index 84ef8337..9976ee2a 100644 --- a/nixos/hosts/hades/tautulli/configuration.nix +++ b/nixos/hosts/hades/tautulli/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: +{ ... }: { imports = [ ]; diff --git a/nixos/hosts/olympus/_template/configuration.nix b/nixos/hosts/olympus/_template/configuration.nix index 7b6c670d..0947f389 100644 --- a/nixos/hosts/olympus/_template/configuration.nix +++ b/nixos/hosts/olympus/_template/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: +{ pkgs, ... }: { imports = [ ]; diff --git a/nixos/hosts/olympus/bastion/configuration.nix b/nixos/hosts/olympus/bastion/configuration.nix index 0c340d75..d1575759 100644 --- a/nixos/hosts/olympus/bastion/configuration.nix +++ b/nixos/hosts/olympus/bastion/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ pkgs, lib, ... }: +{ pkgs, ... }: let fix-vscode = pkgs.writeScriptBin "fix-vscode" '' #!${pkgs.stdenv.shell} diff --git a/nixos/hosts/olympus/bastion/hardware-configuration.nix b/nixos/hosts/olympus/bastion/hardware-configuration.nix index 9c6082ba..85ea04d7 100644 --- a/nixos/hosts/olympus/bastion/hardware-configuration.nix +++ b/nixos/hosts/olympus/bastion/hardware-configuration.nix @@ -1,7 +1,7 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ modulesPath, ... }: { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; diff --git a/nixos/hosts/olympus/bastion/home.nix b/nixos/hosts/olympus/bastion/home.nix index dcfdd22e..fad23ec8 100644 --- a/nixos/hosts/olympus/bastion/home.nix +++ b/nixos/hosts/olympus/bastion/home.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, ... }: { +_: { programs.home-manager.enable = true; home.username = "victor"; home.homeDirectory = "/home/victor"; diff --git a/nixos/hosts/olympus/dhcp/configuration.nix b/nixos/hosts/olympus/dhcp/configuration.nix index dcafb0ac..13b002ba 100644 --- a/nixos/hosts/olympus/dhcp/configuration.nix +++ b/nixos/hosts/olympus/dhcp/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, flat_hosts, ... }: +{ config, flat_hosts, ... }: let inherit (builtins) filter hasAttr; hostToKea = { hostname, mac, ip, ... }: { diff --git a/nixos/hosts/olympus/kubernetes/configuration.nix b/nixos/hosts/olympus/kubernetes/configuration.nix index a241cb2d..fe5dd43a 100644 --- a/nixos/hosts/olympus/kubernetes/configuration.nix +++ b/nixos/hosts/olympus/kubernetes/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, hosts, ... }: { +{ pkgs, ... }: { # packages for administration tasks environment.systemPackages = with pkgs; [ kompose kubectl k9s k3s ]; diff --git a/nixos/hosts/olympus/minecraft/configuration.nix b/nixos/hosts/olympus/minecraft/configuration.nix index 35a58446..83bcd573 100644 --- a/nixos/hosts/olympus/minecraft/configuration.nix +++ b/nixos/hosts/olympus/minecraft/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ lib, config, pkgs, inputs, ... }: +{ lib, pkgs, ... }: { imports = [ ]; diff --git a/nixos/hosts/olympus/minio/configuration.nix b/nixos/hosts/olympus/minio/configuration.nix index 95187b2b..eae48e54 100644 --- a/nixos/hosts/olympus/minio/configuration.nix +++ b/nixos/hosts/olympus/minio/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, lib, ... }: +{ config, pkgs, ... }: let vs = config.vault-secrets.secrets; listenPort = 9000; diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 1a05a8c6..5d21f764 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, nodes, ... }: +{ pkgs, ... }: let proxy = url: { enableACME = true; diff --git a/nixos/hosts/olympus/ntfy/configuration.nix b/nixos/hosts/olympus/ntfy/configuration.nix index 7dcb516b..97827045 100644 --- a/nixos/hosts/olympus/ntfy/configuration.nix +++ b/nixos/hosts/olympus/ntfy/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: +{ pkgs, ... }: { imports = [ ]; diff --git a/nixos/hosts/olympus/outline/configuration.nix b/nixos/hosts/olympus/outline/configuration.nix index 452fabdb..d9f9382b 100644 --- a/nixos/hosts/olympus/outline/configuration.nix +++ b/nixos/hosts/olympus/outline/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: +{ config, ... }: let vs = config.vault-secrets.secrets; in { imports = [ ]; diff --git a/nixos/hosts/olympus/unifi/configuration.nix b/nixos/hosts/olympus/unifi/configuration.nix index 5a0adb17..e2c08ed4 100644 --- a/nixos/hosts/olympus/unifi/configuration.nix +++ b/nixos/hosts/olympus/unifi/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, lib, ... }: +{ pkgs, lib, ... }: { imports = [ ]; diff --git a/nixos/hosts/olympus/vault-0/configuration.nix b/nixos/hosts/olympus/vault-0/configuration.nix index 774544ed..359751a9 100644 --- a/nixos/hosts/olympus/vault-0/configuration.nix +++ b/nixos/hosts/olympus/vault-0/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, hosts, ... }: { +_: { # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/olympus/wireguard/configuration.nix b/nixos/hosts/olympus/wireguard/configuration.nix index efeb580e..9b5ed7e1 100644 --- a/nixos/hosts/olympus/wireguard/configuration.nix +++ b/nixos/hosts/olympus/wireguard/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ lib, config, pkgs, inputs, ... }: +{ lib, config, pkgs, ... }: let vs = config.vault-secrets.secrets; in { imports = [ ]; diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index 29ed1f3c..7699dccb 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ pkgs, inputs, ... }: { +{ inputs, ... }: { imports = [ ../../../common/desktop ./hardware-configuration.nix diff --git a/nixos/hosts/thalassa/aoife/hardware-configuration.nix b/nixos/hosts/thalassa/aoife/hardware-configuration.nix index 99593b99..13bc8c9a 100644 --- a/nixos/hosts/thalassa/aoife/hardware-configuration.nix +++ b/nixos/hosts/thalassa/aoife/hardware-configuration.nix @@ -1,7 +1,7 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ config, lib, modulesPath, ... }: { imports = diff --git a/nixos/hosts/thalassa/eevee/configuration.nix b/nixos/hosts/thalassa/eevee/configuration.nix index 9adf13c8..1c713a82 100644 --- a/nixos/hosts/thalassa/eevee/configuration.nix +++ b/nixos/hosts/thalassa/eevee/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, inputs, ... }: { +{ pkgs, inputs, ... }: { imports = [ ../../../common/desktop ./hardware-configuration.nix diff --git a/nixos/hosts/thalassa/eevee/hardware-configuration.nix b/nixos/hosts/thalassa/eevee/hardware-configuration.nix index 1e1afb23..536e2b04 100644 --- a/nixos/hosts/thalassa/eevee/hardware-configuration.nix +++ b/nixos/hosts/thalassa/eevee/hardware-configuration.nix @@ -1,7 +1,7 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ config, lib, modulesPath, ... }: { imports = diff --git a/nixos/hosts/thalassa/eevee/home/default.nix b/nixos/hosts/thalassa/eevee/home/default.nix index cbc0a038..ce2eaae2 100644 --- a/nixos/hosts/thalassa/eevee/home/default.nix +++ b/nixos/hosts/thalassa/eevee/home/default.nix @@ -1,10 +1,4 @@ -{ lib, config, pkgs, inputs, ... }: -let - tex = pkgs.texlive.combine { - inherit (pkgs.texlive) scheme-full; - dnd-5e-latex-template = { pkgs = [ pkgs.v.dnd-5e-latex-template ]; }; - }; -in { +_: { programs.home-manager.enable = true; home.username = "victor"; diff --git a/nixos/hosts/thalassa/eevee/home/theme.nix b/nixos/hosts/thalassa/eevee/home/theme.nix index 8aca1e7c..aa462fc9 100644 --- a/nixos/hosts/thalassa/eevee/home/theme.nix +++ b/nixos/hosts/thalassa/eevee/home/theme.nix @@ -1,4 +1,4 @@ -{ lib, pkgs, config, ... }: +{ pkgs, config, ... }: let theme = "Catppuccin-Pink-Dark"; cursorTheme = config.home.pointerCursor.name; diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 826b71d6..4b40a89a 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, lib, inputs, ... }: +{ pkgs, inputs, ... }: let nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" '' export __NV_PRIME_RENDER_OFFLOAD=1 diff --git a/nixos/hosts/thalassa/null/hardware-configuration.nix b/nixos/hosts/thalassa/null/hardware-configuration.nix index 79e4113e..d9de3caf 100644 --- a/nixos/hosts/thalassa/null/hardware-configuration.nix +++ b/nixos/hosts/thalassa/null/hardware-configuration.nix @@ -1,7 +1,7 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ config, lib, modulesPath, ... }: { imports = diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 9e9dc39a..f1285906 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, inputs, texlive, ... }: +{ config, pkgs, inputs, texlive, ... }: let tex = pkgs.texlive.combine { inherit (pkgs.texlive) scheme-full; diff --git a/nixos/hosts/thalassa/null/home/hyprland.nix b/nixos/hosts/thalassa/null/home/hyprland.nix index 7329a2f5..6dac363f 100644 --- a/nixos/hosts/thalassa/null/home/hyprland.nix +++ b/nixos/hosts/thalassa/null/home/hyprland.nix @@ -1,4 +1,4 @@ -{ pkgs, inputs, config, ... }: { +{ pkgs, config, ... }: { home.file.".config/hypr/hyprpaper.conf".text = '' ipc = off preload = ~/cloud/Pictures/Wallpapers-Laptop/wallpaper-nix-pink.png diff --git a/nixos/hosts/thalassa/null/home/neovim.nix b/nixos/hosts/thalassa/null/home/neovim.nix index eecb152d..ac51ba65 100644 --- a/nixos/hosts/thalassa/null/home/neovim.nix +++ b/nixos/hosts/thalassa/null/home/neovim.nix @@ -1,4 +1,4 @@ -{ inputs, pkgs, lib, ... }: { +{ inputs, pkgs, ... }: { imports = [ inputs.nixvim.homeManagerModules.nixvim ]; programs.nixvim = { enable = true; diff --git a/nixos/hosts/thalassa/null/home/theme.nix b/nixos/hosts/thalassa/null/home/theme.nix index b75113c5..128cd75e 100644 --- a/nixos/hosts/thalassa/null/home/theme.nix +++ b/nixos/hosts/thalassa/null/home/theme.nix @@ -32,7 +32,7 @@ let mantle = "292c3c"; crust = "232634"; - hex = mapAttrs (name: value: "#${value}") colour; + hex = mapAttrs (_name: value: "#${value}") colour; }; in { home.file.".xsettingsd".text = '' diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index d87e5646..df261330 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -1,5 +1,5 @@ # nix-build -E 'with import {}; callPackage ./default.nix {}' -final: prev: { +_final: prev: { v = { glitch-soc = prev.callPackage ./glitch-soc { }; diff --git a/nixos/pkgs/dnd-5e-latex-template/default.nix b/nixos/pkgs/dnd-5e-latex-template/default.nix index de795c6e..3114dc73 100644 --- a/nixos/pkgs/dnd-5e-latex-template/default.nix +++ b/nixos/pkgs/dnd-5e-latex-template/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenvNoCC, fetchFromGitHub }: stdenvNoCC.mkDerivation rec { +{ stdenvNoCC, fetchFromGitHub }: stdenvNoCC.mkDerivation rec { pname = "dnd-5e-latex-template"; version = "0.8.0"; tlType = "run"; diff --git a/nixos/pkgs/gitea-agatheme/default.nix b/nixos/pkgs/gitea-agatheme/default.nix index 2a87ad71..ad6460c3 100644 --- a/nixos/pkgs/gitea-agatheme/default.nix +++ b/nixos/pkgs/gitea-agatheme/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenvNoCC, fetchurl }: stdenvNoCC.mkDerivation { +{ stdenvNoCC, fetchurl }: stdenvNoCC.mkDerivation { pname = "gitea-agatheme"; version = "1.2"; diff --git a/nixos/pkgs/glitch-soc/default.nix b/nixos/pkgs/glitch-soc/default.nix index 1ffb5b7e..5db9bd6c 100644 --- a/nixos/pkgs/glitch-soc/default.nix +++ b/nixos/pkgs/glitch-soc/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, nodejs-slim, mkYarnPackage, fetchFromGitHub, bundlerEnv, nixosTests +{ lib, stdenv, nodejs-slim, bundlerEnv, nixosTests , yarn, callPackage, imagemagick, ffmpeg, file, ruby_3_0, writeShellScript , fetchYarnDeps, fixup_yarn_lock diff --git a/nixos/pkgs/glitch-soc/update.nix b/nixos/pkgs/glitch-soc/update.nix index 1bd557a7..2db78f14 100644 --- a/nixos/pkgs/glitch-soc/update.nix +++ b/nixos/pkgs/glitch-soc/update.nix @@ -1,5 +1,4 @@ -{ pkgs -, runCommand +{ runCommand , lib , makeWrapper , yarn2nix diff --git a/nixos/pkgs/vscode-extensions/platformio.nix b/nixos/pkgs/vscode-extensions/platformio.nix index cbee23ec..98d5d7cd 100644 --- a/nixos/pkgs/vscode-extensions/platformio.nix +++ b/nixos/pkgs/vscode-extensions/platformio.nix @@ -1,4 +1,4 @@ -{ vscode-utils, lib }: +{ vscode-utils }: let inherit (vscode-utils) buildVscodeMarketplaceExtension; in buildVscodeMarketplaceExtension { mktplcRef = { diff --git a/nixos/templates/iso-graphical.nix b/nixos/templates/iso-graphical.nix index c73a7748..23630f39 100644 --- a/nixos/templates/iso-graphical.nix +++ b/nixos/templates/iso-graphical.nix @@ -1,4 +1,4 @@ -{ pkgs, modulesPath, lib, config, ... }: { +{ pkgs, modulesPath, lib, ... }: { imports = [ "${modulesPath}/installer/cd-dvd/installation-cd-graphical-calamares-gnome.nix" ]; diff --git a/nixos/templates/proxmox-lxc.nix b/nixos/templates/proxmox-lxc.nix index d1313a04..2d1502bd 100644 --- a/nixos/templates/proxmox-lxc.nix +++ b/nixos/templates/proxmox-lxc.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, ... }: { +{ lib, ... }: { imports = [ ../common/common.nix ../common/generic-lxc.nix ]; proxmoxLXC = { diff --git a/nixos/templates/proxmox-vm.nix b/nixos/templates/proxmox-vm.nix index b1cdda83..268bcc78 100644 --- a/nixos/templates/proxmox-vm.nix +++ b/nixos/templates/proxmox-vm.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, ... }: { +{ lib, ... }: { imports = [ ../common/common.nix ../common/generic-vm.nix ]; proxmox.qemuConf = { diff --git a/nixos/util.nix b/nixos/util.nix index 798913ef..e36ec67c 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -2,7 +2,6 @@ let inherit (builtins) filter attrValues concatMap mapAttrs; inherit (nixpkgs.lib.attrsets) mapAttrsToList; - inherit (nixpkgs.lib) nixosSystem; base_imports = [ home-manager.nixosModules.home-manager mailserver.nixosModules.mailserver @@ -26,7 +25,7 @@ in { inherit base_imports type_import resolve_imports; # Add to whatever realm a host belong to its list of tags add_realm_to_tags = mapAttrs (realm: - mapAttrs (hostname: + mapAttrs (_hostname: { tags ? [ ], ... }@host: host // { tags = [ realm ] ++ tags; -- 2.47.1 From 2c16870d667c1b79cd89b27d86982a4132c7e3f2 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 4 May 2023 13:08:10 +0200 Subject: [PATCH 1533/1882] nixfmt --- nixos/common/common.nix | 5 +- nixos/common/generic-lxc.nix | 6 +- nixos/common/hm-modules/catppuccin.nix | 4 +- nixos/common/hm-modules/default.nix | 9 +- nixos/common/hm-modules/nvim.nix | 4 +- nixos/common/modules/default.nix | 8 +- nixos/common/modules/dns.nix | 14 +- nixos/common/modules/flood.nix | 3 +- nixos/common/modules/gnome/hm.nix | 2 - nixos/common/modules/unpackerr.nix | 104 +- nixos/common/users/default.nix | 11 +- nixos/common/users/victor.nix | 5 +- nixos/hosts/hades/bastion/configuration.nix | 3 +- nixos/hosts/hades/bazarr/configuration.nix | 3 +- nixos/hosts/hades/dns/configuration.nix | 3 +- .../docker-registry-proxy/configuration.nix | 10 +- .../hades/docker-registry/configuration.nix | 26 +- nixos/hosts/hades/jackett/configuration.nix | 3 +- .../hades/lucy/hardware-configuration.nix | 30 +- nixos/hosts/hades/minio/configuration.nix | 3 +- nixos/hosts/hades/nginx/configuration.nix | 1 - nixos/hosts/hades/overseerr/configuration.nix | 4 +- nixos/hosts/hades/prowlarr/configuration.nix | 7 +- nixos/hosts/hades/rtorrent/rtorrent.nix | 167 +- nixos/hosts/hades/sonarr/configuration.nix | 3 +- nixos/hosts/hades/unifi/configuration.nix | 3 +- nixos/hosts/hades/unpackerr/configuration.nix | 3 +- .../bastion/hardware-configuration.nix | 6 +- nixos/hosts/olympus/dns/configuration.nix | 3 +- nixos/hosts/olympus/gitea/configuration.nix | 19 +- .../olympus/mailserver/configuration.nix | 18 +- .../hosts/olympus/minecraft/configuration.nix | 3 +- .../hosts/olympus/mosquitto/configuration.nix | 3 +- nixos/hosts/olympus/ntfy/configuration.nix | 3 +- nixos/hosts/olympus/outline/configuration.nix | 10 +- nixos/hosts/olympus/synapse/configuration.nix | 113 +- nixos/hosts/olympus/unifi/configuration.nix | 2 +- .../olympus/victoriametrics/configuration.nix | 16 +- .../thalassa/aoife/hardware-configuration.nix | 31 +- nixos/hosts/thalassa/eevee/configuration.nix | 9 +- .../thalassa/eevee/hardware-configuration.nix | 31 +- .../thalassa/null/hardware-configuration.nix | 48 +- nixos/hosts/thalassa/null/home/neovim.nix | 4 +- nixos/hosts/thalassa/null/networking.nix | 23 +- nixos/hosts/thalassa/null/rescue-boot.nix | 8 +- nixos/pkgs/dnd-5e-latex-template/default.nix | 17 +- nixos/pkgs/gitea-agatheme/default.nix | 6 +- nixos/pkgs/glitch-soc/default.nix | 34 +- nixos/pkgs/glitch-soc/gemset.nix | 2329 +++++++++-------- nixos/pkgs/glitch-soc/source.nix | 5 +- nixos/pkgs/glitch-soc/update.nix | 30 +- nixos/templates/iso-graphical.nix | 4 +- nixos/templates/iso.nix | 11 +- 53 files changed, 1671 insertions(+), 1559 deletions(-) diff --git a/nixos/common/common.nix b/nixos/common/common.nix index 56327dca..2cf74618 100644 --- a/nixos/common/common.nix +++ b/nixos/common/common.nix @@ -1,8 +1,5 @@ { config, lib, pkgs, ... }: { - imports = [ - ./users - ./modules - ]; + imports = [ ./users ./modules ]; # Clean /tmp on boot. boot.tmp.cleanOnBoot = true; diff --git a/nixos/common/generic-lxc.nix b/nixos/common/generic-lxc.nix index ba7afbaf..98749442 100644 --- a/nixos/common/generic-lxc.nix +++ b/nixos/common/generic-lxc.nix @@ -2,7 +2,11 @@ _: { # See also: https://blog.xirion.net/posts/nixos-proxmox-lxc/ # Supress systemd services that don't work (correctly) on LXC - systemd.suppressedSystemUnits = [ "dev-mqueue.mount" "sys-kernel-debug.mount" "sys-fs-fuse-connections.mount" ]; + systemd.suppressedSystemUnits = [ + "dev-mqueue.mount" + "sys-kernel-debug.mount" + "sys-fs-fuse-connections.mount" + ]; # https://github.com/NixOS/nixpkgs/issues/157449#issuecomment-1459299764 boot.specialFileSystems."/run".options = [ "rshared" ]; diff --git a/nixos/common/hm-modules/catppuccin.nix b/nixos/common/hm-modules/catppuccin.nix index a60b67b8..2aceac0e 100644 --- a/nixos/common/hm-modules/catppuccin.nix +++ b/nixos/common/hm-modules/catppuccin.nix @@ -2,9 +2,7 @@ with lib; let cfg = config.themes.v.catppuccin; in { - options.themes.v.catppuccin = { - enable = mkEnableOption "catppuccin"; - }; + options.themes.v.catppuccin = { enable = mkEnableOption "catppuccin"; }; config = let theme = "Catppuccin-Pink-Dark"; cursorTheme = config.home.pointerCursor.name; diff --git a/nixos/common/hm-modules/default.nix b/nixos/common/hm-modules/default.nix index 8dabd6c3..914008ee 100644 --- a/nixos/common/hm-modules/default.nix +++ b/nixos/common/hm-modules/default.nix @@ -1,8 +1 @@ -{ ... }: { - imports = [ - ./catppuccin.nix - ./nvim.nix - ./riff.nix - ./vscode.nix - ]; -} +{ ... }: { imports = [ ./catppuccin.nix ./nvim.nix ./riff.nix ./vscode.nix ]; } diff --git a/nixos/common/hm-modules/nvim.nix b/nixos/common/hm-modules/nvim.nix index 2541697f..b2a96e37 100644 --- a/nixos/common/hm-modules/nvim.nix +++ b/nixos/common/hm-modules/nvim.nix @@ -2,9 +2,7 @@ with lib; let cfg = config.programs.v.nvim; in { - options.programs.v.nvim = { - enable = mkEnableOption "nvim"; - }; + options.programs.v.nvim = { enable = mkEnableOption "nvim"; }; config = mkIf cfg.enable { programs.nixvim = { enable = true; diff --git a/nixos/common/modules/default.nix b/nixos/common/modules/default.nix index 3e78f278..4b66a5b5 100644 --- a/nixos/common/modules/default.nix +++ b/nixos/common/modules/default.nix @@ -1,9 +1,3 @@ { ... }: { - imports = [ - ./dns.nix - ./flood.nix - ./gnome - ./unpackerr.nix - ./vault.nix - ]; + imports = [ ./dns.nix ./flood.nix ./gnome ./unpackerr.nix ./vault.nix ]; } diff --git a/nixos/common/modules/dns.nix b/nixos/common/modules/dns.nix index 6a348806..b173ff2b 100644 --- a/nixos/common/modules/dns.nix +++ b/nixos/common/modules/dns.nix @@ -9,13 +9,13 @@ let ipv6Hosts = filter (hasAttr "ip6") flat_hosts; localData = { hostname, realm, ip, ... }: ''"${hostname}.${realm}. A ${ip}"''; - local6Data = { hostname, realm, ip6, ... }: ''"${hostname}.${realm}. AAAA ${ip6}"''; + local6Data = { hostname, realm, ip6, ... }: + ''"${hostname}.${realm}. AAAA ${ip6}"''; ptrData = { hostname, realm, ip, ... }: ''"${ip} ${hostname}.${realm}"''; ptr6Data = { hostname, realm, ip6, ... }: ''"${ip6} ${hostname}.${realm}"''; cfg = config.services.v.dns; -in -{ +in { options.services.v.dns = { enable = mkEnableOption "v.dns"; @@ -50,7 +50,8 @@ in use-syslog = "yes"; module-config = ''"validator iterator"''; - local-zone = map (localdomain: ''"${localdomain}}." transparent'') domains; + local-zone = + map (localdomain: ''"${localdomain}}." transparent'') domains; local-data = (map localData ipv4Host) ++ (map local6Data ipv6Hosts); local-data-ptr = (map ptrData ipv4Host) ++ (map ptr6Data ipv6Hosts); @@ -83,10 +84,7 @@ in }) (mkIf (cfg.mode == "laptop") { interface = [ "127.0.0.1" "::1" ]; - access-control = [ - "127.0.0.1/32 allow_snoop" - "::1 allow_snoop" - ]; + access-control = [ "127.0.0.1/32 allow_snoop" "::1 allow_snoop" ]; }) ]; }; diff --git a/nixos/common/modules/flood.nix b/nixos/common/modules/flood.nix index fbdef0ac..64c20b33 100644 --- a/nixos/common/modules/flood.nix +++ b/nixos/common/modules/flood.nix @@ -147,6 +147,7 @@ in { }; # This is needed to create the dataDir with the correct permissions. - systemd.tmpfiles.rules = [ "d '${cfg.dataDir}' 0755 ${cfg.user} ${cfg.group} -" ]; + systemd.tmpfiles.rules = + [ "d '${cfg.dataDir}' 0755 ${cfg.user} ${cfg.group} -" ]; }; } diff --git a/nixos/common/modules/gnome/hm.nix b/nixos/common/modules/gnome/hm.nix index cba3ba8f..87b852cb 100644 --- a/nixos/common/modules/gnome/hm.nix +++ b/nixos/common/modules/gnome/hm.nix @@ -48,8 +48,6 @@ in { "image/x-icns" = "org.gnome.eog.desktop"; }; - - dconf.settings = { "org/gnome/desktop/input-sources" = { sources = [ (mkTuple [ "xkb" "us+altgr-intl" ]) ]; diff --git a/nixos/common/modules/unpackerr.nix b/nixos/common/modules/unpackerr.nix index 4a8043ba..5490ec6f 100644 --- a/nixos/common/modules/unpackerr.nix +++ b/nixos/common/modules/unpackerr.nix @@ -57,8 +57,7 @@ let ''; }; }; -in -{ +in { options.services.unpackerr = { enable = mkEnableOption "unpackerr"; @@ -258,62 +257,61 @@ in after = [ "network.target" ]; description = "unpackerr system service"; # Filter out all unset variables else unpackerr complains - environment = filterAttrs (_n: v: stringLength v > 0) - { - # General options - UN_DEBUG = "${toString cfg.debug}"; - UN_INTERVAL = "${cfg.interval}"; - UN_START_DELAY = "${cfg.startDelay}"; - UN_RETRY_DELAY = "${cfg.retryDelay}"; - UN_MAX_RETRIES = "${toString cfg.maxRetries}"; - UN_PARALLEL = "${toString cfg.parallel}"; - UN_FILE_MODE = "${cfg.fileMode}"; - UN_DIR_MODE = "${cfg.dirMode}"; + environment = filterAttrs (_n: v: stringLength v > 0) { + # General options + UN_DEBUG = "${toString cfg.debug}"; + UN_INTERVAL = "${cfg.interval}"; + UN_START_DELAY = "${cfg.startDelay}"; + UN_RETRY_DELAY = "${cfg.retryDelay}"; + UN_MAX_RETRIES = "${toString cfg.maxRetries}"; + UN_PARALLEL = "${toString cfg.parallel}"; + UN_FILE_MODE = "${cfg.fileMode}"; + UN_DIR_MODE = "${cfg.dirMode}"; - # Sonarr - UN_SONARR_0_URL = "${cfg.sonarr.url}"; - UN_SONARR_0_API_KEY = "${cfg.sonarr.apiKey}"; - UN_SONARR_0_PATHS_0 = "${cfg.sonarr.paths}"; - UN_SONARR_0_PROTOCOLS = "${cfg.sonarr.protocols}"; - UN_SONARR_0_TIMEOUT = "${cfg.sonarr.timeout}"; - UN_SONARR_0_DELETE_ORIG = "${toString cfg.sonarr.deleteOrginal}"; - UN_SONARR_0_DELETE_DELAY = "${cfg.sonarr.deleteDelay}"; + # Sonarr + UN_SONARR_0_URL = "${cfg.sonarr.url}"; + UN_SONARR_0_API_KEY = "${cfg.sonarr.apiKey}"; + UN_SONARR_0_PATHS_0 = "${cfg.sonarr.paths}"; + UN_SONARR_0_PROTOCOLS = "${cfg.sonarr.protocols}"; + UN_SONARR_0_TIMEOUT = "${cfg.sonarr.timeout}"; + UN_SONARR_0_DELETE_ORIG = "${toString cfg.sonarr.deleteOrginal}"; + UN_SONARR_0_DELETE_DELAY = "${cfg.sonarr.deleteDelay}"; - # Radarr - UN_RADARR_0_URL = "${cfg.radarr.url}"; - UN_RADARR_0_API_KEY = "${cfg.radarr.apiKey}"; - UN_RADARR_0_PATHS_0 = "${cfg.radarr.paths}"; - UN_RADARR_0_PROTOCOLS = "${cfg.radarr.protocols}"; - UN_RADARR_0_TIMEOUT = "${cfg.radarr.timeout}"; - UN_RADARR_0_DELETE_ORIG = "${toString cfg.radarr.deleteOrginal}"; - UN_RADARR_0_DELETE_DELAY = "${cfg.radarr.deleteDelay}"; + # Radarr + UN_RADARR_0_URL = "${cfg.radarr.url}"; + UN_RADARR_0_API_KEY = "${cfg.radarr.apiKey}"; + UN_RADARR_0_PATHS_0 = "${cfg.radarr.paths}"; + UN_RADARR_0_PROTOCOLS = "${cfg.radarr.protocols}"; + UN_RADARR_0_TIMEOUT = "${cfg.radarr.timeout}"; + UN_RADARR_0_DELETE_ORIG = "${toString cfg.radarr.deleteOrginal}"; + UN_RADARR_0_DELETE_DELAY = "${cfg.radarr.deleteDelay}"; - # Lidarr - UN_LIDARR_0_URL = "${cfg.lidarr.url}"; - UN_LIDARR_0_API_KEY = "${cfg.lidarr.apiKey}"; - UN_LIDARR_0_PATHS_0 = "${cfg.lidarr.paths}"; - UN_LIDARR_0_PROTOCOLS = "${cfg.lidarr.protocols}"; - UN_LIDARR_0_TIMEOUT = "${cfg.lidarr.timeout}"; - UN_LIDARR_0_DELETE_ORIG = "${toString cfg.lidarr.deleteOrginal}"; - UN_LIDARR_0_DELETE_DELAY = "${cfg.lidarr.deleteDelay}"; + # Lidarr + UN_LIDARR_0_URL = "${cfg.lidarr.url}"; + UN_LIDARR_0_API_KEY = "${cfg.lidarr.apiKey}"; + UN_LIDARR_0_PATHS_0 = "${cfg.lidarr.paths}"; + UN_LIDARR_0_PROTOCOLS = "${cfg.lidarr.protocols}"; + UN_LIDARR_0_TIMEOUT = "${cfg.lidarr.timeout}"; + UN_LIDARR_0_DELETE_ORIG = "${toString cfg.lidarr.deleteOrginal}"; + UN_LIDARR_0_DELETE_DELAY = "${cfg.lidarr.deleteDelay}"; - # Readarr - UN_READARR_0_URL = "${cfg.readarr.url}"; - UN_READARR_0_API_KEY = "${cfg.readarr.apiKey}"; - UN_READARR_0_PATHS_0 = "${cfg.readarr.paths}"; - UN_READARR_0_PROTOCOLS = "${cfg.readarr.protocols}"; - UN_READARR_0_TIMEOUT = "${cfg.readarr.timeout}"; - UN_READARR_0_DELETE_ORIG = "${toString cfg.readarr.deleteOrginal}"; - UN_READARR_0_DELETE_DELAY = "${cfg.readarr.deleteDelay}"; + # Readarr + UN_READARR_0_URL = "${cfg.readarr.url}"; + UN_READARR_0_API_KEY = "${cfg.readarr.apiKey}"; + UN_READARR_0_PATHS_0 = "${cfg.readarr.paths}"; + UN_READARR_0_PROTOCOLS = "${cfg.readarr.protocols}"; + UN_READARR_0_TIMEOUT = "${cfg.readarr.timeout}"; + UN_READARR_0_DELETE_ORIG = "${toString cfg.readarr.deleteOrginal}"; + UN_READARR_0_DELETE_DELAY = "${cfg.readarr.deleteDelay}"; - # Folder - UN_FOLDER_0_PATH = "${cfg.folder.path}"; - UN_FOLDER_0_EXTRACT_PATH = "${cfg.folder.extractPath}"; - UN_FOLDER_0_DELETE_AFTER = "${cfg.folder.deleteAfter}"; - UN_FOLDER_0_DELETE_ORIGINAL = "${toString cfg.folder.deleteOrginal}"; - UN_FOLDER_0_DELETE_FILES = "${toString cfg.folder.deleteFiles}"; - UN_FOLDER_0_MOVE_BACK = "${toString cfg.folder.moveBack}"; - } // cfg.extraConfig; + # Folder + UN_FOLDER_0_PATH = "${cfg.folder.path}"; + UN_FOLDER_0_EXTRACT_PATH = "${cfg.folder.extractPath}"; + UN_FOLDER_0_DELETE_AFTER = "${cfg.folder.deleteAfter}"; + UN_FOLDER_0_DELETE_ORIGINAL = "${toString cfg.folder.deleteOrginal}"; + UN_FOLDER_0_DELETE_FILES = "${toString cfg.folder.deleteFiles}"; + UN_FOLDER_0_MOVE_BACK = "${toString cfg.folder.moveBack}"; + } // cfg.extraConfig; serviceConfig = { User = cfg.user; Group = cfg.group; diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index f5152cbc..99906a42 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -1,9 +1,5 @@ -{ config, pkgs, lib, ... }: -{ - imports = [ - ./laura.nix - ./victor.nix - ]; +{ config, pkgs, lib, ... }: { + imports = [ ./laura.nix ./victor.nix ]; # Setup ZSH to use grml config programs.zsh = { @@ -35,7 +31,8 @@ # Configure the root account users.extraUsers.root = { # Allow my SSH keys for logging in as root. - openssh.authorizedKeys.keys = config.users.extraUsers.victor.openssh.authorizedKeys.keys; + openssh.authorizedKeys.keys = + config.users.extraUsers.victor.openssh.authorizedKeys.keys; # Also use zsh for root shell = pkgs.zsh; }; diff --git a/nixos/common/users/victor.nix b/nixos/common/users/victor.nix index cc8a537c..3718bdcd 100644 --- a/nixos/common/users/victor.nix +++ b/nixos/common/users/victor.nix @@ -1,5 +1,5 @@ { pkgs, ... }: { - # The block that specifies my user account. + # The block that specifies my user account. users.extraUsers.victor = { # This account is intended for a non-system user. isNormalUser = true; @@ -18,6 +18,7 @@ ]; # Make me admin - extraGroups = [ "systemd-journal" "wheel" "networkmanager" "libvirtd" "dialout" ]; + extraGroups = + [ "systemd-journal" "wheel" "networkmanager" "libvirtd" "dialout" ]; }; } diff --git a/nixos/hosts/hades/bastion/configuration.nix b/nixos/hosts/hades/bastion/configuration.nix index 0d80fa25..5b529a5b 100644 --- a/nixos/hosts/hades/bastion/configuration.nix +++ b/nixos/hosts/hades/bastion/configuration.nix @@ -1,5 +1,4 @@ -{ pkgs, lib, ... }: -{ +{ pkgs, lib, ... }: { networking.interfaces.eth0.useDHCP = true; # mosh ssh diff --git a/nixos/hosts/hades/bazarr/configuration.nix b/nixos/hosts/hades/bazarr/configuration.nix index 9a679ddb..9b101adf 100644 --- a/nixos/hosts/hades/bazarr/configuration.nix +++ b/nixos/hosts/hades/bazarr/configuration.nix @@ -1,5 +1,4 @@ -_: -{ +_: { system.stateVersion = "22.11"; networking.interfaces.eth0.useDHCP = true; diff --git a/nixos/hosts/hades/dns/configuration.nix b/nixos/hosts/hades/dns/configuration.nix index 7e21fdd5..22948108 100644 --- a/nixos/hosts/hades/dns/configuration.nix +++ b/nixos/hosts/hades/dns/configuration.nix @@ -1,5 +1,4 @@ -{ pkgs, ... }: -{ +{ pkgs, ... }: { imports = [ ]; # This value determines the NixOS release from which the default diff --git a/nixos/hosts/hades/docker-registry-proxy/configuration.nix b/nixos/hosts/hades/docker-registry-proxy/configuration.nix index 7574924c..5bf46699 100644 --- a/nixos/hosts/hades/docker-registry-proxy/configuration.nix +++ b/nixos/hosts/hades/docker-registry-proxy/configuration.nix @@ -1,17 +1,19 @@ { config, ... }: -let vs = config.vault-secrets.secrets; in -{ +let vs = config.vault-secrets.secrets; +in { system.stateVersion = "22.05"; networking.interfaces.eth0.useDHCP = true; # the registry port and metrics port - networking.firewall.allowedTCPPorts = [ config.services.dockerRegistry.port 5001 ]; + networking.firewall.allowedTCPPorts = + [ config.services.dockerRegistry.port 5001 ]; vault-secrets.secrets.docker-registry = { }; # Sets the minio user and password - systemd.services.docker-registry.serviceConfig.EnvironmentFile = "${vs.docker-registry}/environment"; + systemd.services.docker-registry.serviceConfig.EnvironmentFile = + "${vs.docker-registry}/environment"; services.dockerRegistry = { enable = true; diff --git a/nixos/hosts/hades/docker-registry/configuration.nix b/nixos/hosts/hades/docker-registry/configuration.nix index 1f7cd156..0dcb94f8 100644 --- a/nixos/hosts/hades/docker-registry/configuration.nix +++ b/nixos/hosts/hades/docker-registry/configuration.nix @@ -1,17 +1,19 @@ { config, ... }: -let vs = config.vault-secrets.secrets; in -{ +let vs = config.vault-secrets.secrets; +in { system.stateVersion = "22.05"; networking.interfaces.eth0.useDHCP = true; # the registry port and metrics port - networking.firewall.allowedTCPPorts = [ config.services.dockerRegistry.port 5001 ]; + networking.firewall.allowedTCPPorts = + [ config.services.dockerRegistry.port 5001 ]; vault-secrets.secrets.docker-registry = { }; # Sets the minio user and password - systemd.services.docker-registry.serviceConfig.EnvironmentFile = "${vs.docker-registry}/environment"; + systemd.services.docker-registry.serviceConfig.EnvironmentFile = + "${vs.docker-registry}/environment"; services.dockerRegistry = { enable = true; @@ -34,15 +36,13 @@ let vs = config.vault-secrets.secrets; in http.debug.prometheus.enabled = true; # Webhooks - notifications.endpoints = [ - { - name = "keel"; - url = "http://10.10.10.17:9300/v1/webhooks/registry"; - timeout = "500ms"; - treshold = 5; - backoff = "1s"; - } - ]; + notifications.endpoints = [{ + name = "keel"; + url = "http://10.10.10.17:9300/v1/webhooks/registry"; + timeout = "500ms"; + treshold = 5; + backoff = "1s"; + }]; }; }; } diff --git a/nixos/hosts/hades/jackett/configuration.nix b/nixos/hosts/hades/jackett/configuration.nix index 2ccfd137..982919bf 100644 --- a/nixos/hosts/hades/jackett/configuration.nix +++ b/nixos/hosts/hades/jackett/configuration.nix @@ -1,5 +1,4 @@ -_: -{ +_: { system.stateVersion = "21.05"; networking.interfaces.eth0.useDHCP = true; diff --git a/nixos/hosts/hades/lucy/hardware-configuration.nix b/nixos/hosts/hades/lucy/hardware-configuration.nix index b658cbc2..f89cdb51 100644 --- a/nixos/hosts/hades/lucy/hardware-configuration.nix +++ b/nixos/hosts/hades/lucy/hardware-configuration.nix @@ -4,24 +4,30 @@ { lib, modulesPath, ... }: { - imports = - [ (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; - boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; + boot.initrd.availableKernelModules = [ + "uhci_hcd" + "ehci_pci" + "ahci" + "virtio_pci" + "virtio_scsi" + "sd_mod" + "sr_mod" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/749c02fd-209d-4974-917e-38b749d10ec2"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/749c02fd-209d-4974-917e-38b749d10ec2"; + fsType = "ext4"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/D021-72EB"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/D021-72EB"; + fsType = "vfat"; + }; swapDevices = [ ]; diff --git a/nixos/hosts/hades/minio/configuration.nix b/nixos/hosts/hades/minio/configuration.nix index 8e2e335e..7b30a44d 100644 --- a/nixos/hosts/hades/minio/configuration.nix +++ b/nixos/hosts/hades/minio/configuration.nix @@ -1,6 +1,5 @@ { config, pkgs, ... }: -let - vs = config.vault-secrets.secrets; +let vs = config.vault-secrets.secrets; in { system.stateVersion = "22.11"; diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix index e4a6f4fa..fc5f6e60 100644 --- a/nixos/hosts/hades/nginx/configuration.nix +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -28,7 +28,6 @@ in { security.acme.acceptTerms = true; security.acme.preliminarySelfsigned = true; - services.nginx = { enable = true; recommendedProxySettings = true; diff --git a/nixos/hosts/hades/overseerr/configuration.nix b/nixos/hosts/hades/overseerr/configuration.nix index 669ce1c0..4b354fe6 100644 --- a/nixos/hosts/hades/overseerr/configuration.nix +++ b/nixos/hosts/hades/overseerr/configuration.nix @@ -31,9 +31,7 @@ # LOG_LEVEL = "debug"; TZ = "Europe/Amsterdam"; }; - ports = [ - "5055:5055" - ]; + ports = [ "5055:5055" ]; volumes = [ "/var/lib/overseerr/config:/app/config" ]; }; }; diff --git a/nixos/hosts/hades/prowlarr/configuration.nix b/nixos/hosts/hades/prowlarr/configuration.nix index f22d49e0..d0ecc2f6 100644 --- a/nixos/hosts/hades/prowlarr/configuration.nix +++ b/nixos/hosts/hades/prowlarr/configuration.nix @@ -1,5 +1,4 @@ -_: -{ +_: { networking.interfaces.eth0.useDHCP = true; system.stateVersion = "22.11"; @@ -15,9 +14,7 @@ _: containers = { flaresolverr = { image = "flaresolverr/flaresolverr:v3.1.2"; - ports = [ - "8191:8191" - ]; + ports = [ "8191:8191" ]; }; }; }; diff --git a/nixos/hosts/hades/rtorrent/rtorrent.nix b/nixos/hosts/hades/rtorrent/rtorrent.nix index 9e4973af..2aa37509 100644 --- a/nixos/hosts/hades/rtorrent/rtorrent.nix +++ b/nixos/hosts/hades/rtorrent/rtorrent.nix @@ -1,116 +1,115 @@ -{ config, lib, pkgs, ... }: -{ +{ config, lib, pkgs, ... }: { services.rtorrent = { enable = true; port = 54945; # Port Forwarded in mullvad downloadDir = "/mnt/storage/torrents/r"; package = pkgs.jesec-rtorrent; - configText = let cfg = config.services.rtorrent; in - pkgs.lib.mkForce '' - # rTorrent runtime directory (cfg.basedir) [default: "$HOME/.local/share/rtorrent"] - method.insert = cfg.basedir, private|const|string, (cat,"${cfg.dataDir}/") + configText = let cfg = config.services.rtorrent; + in pkgs.lib.mkForce '' + # rTorrent runtime directory (cfg.basedir) [default: "$HOME/.local/share/rtorrent"] + method.insert = cfg.basedir, private|const|string, (cat,"${cfg.dataDir}/") - # Default download directory (cfg.download) [default: "$(cfg.basedir)/download"] - method.insert = cfg.download, private|const|string, (cat,"${cfg.downloadDir}") + # Default download directory (cfg.download) [default: "$(cfg.basedir)/download"] + method.insert = cfg.download, private|const|string, (cat,"${cfg.downloadDir}") - # RPC Socket - method.insert = cfg.rpcsock, private|const|string, (cat,"${cfg.rpcSocket}") + # RPC Socket + method.insert = cfg.rpcsock, private|const|string, (cat,"${cfg.rpcSocket}") - # Log directory (cfg.logs) [default: "$(cfg.basedir)/log"] - method.insert = cfg.logs, private|const|string, (cat,(cfg.basedir),"log/") - method.insert = cfg.logfile, private|const|string, (cat,(cfg.logs),"rtorrent-",(system.time),".log") + # Log directory (cfg.logs) [default: "$(cfg.basedir)/log"] + method.insert = cfg.logs, private|const|string, (cat,(cfg.basedir),"log/") + method.insert = cfg.logfile, private|const|string, (cat,(cfg.logs),"rtorrent-",(system.time),".log") - # Torrent session directory (cfg.session) [default: "$(cfg.basedir)/.session"] - method.insert = cfg.session, private|const|string, (cat,(cfg.basedir),".session/") + # Torrent session directory (cfg.session) [default: "$(cfg.basedir)/.session"] + method.insert = cfg.session, private|const|string, (cat,(cfg.basedir),".session/") - # Watch (drop to add) directories (cfg.watch) [default: "$(cfg.basedir)/watch"] - method.insert = cfg.watch, private|const|string, (cat,(cfg.basedir),"watch/") + # Watch (drop to add) directories (cfg.watch) [default: "$(cfg.basedir)/watch"] + method.insert = cfg.watch, private|const|string, (cat,(cfg.basedir),"watch/") - # Create directories - fs.mkdir.recursive = (cat,(cfg.basedir)) + # Create directories + fs.mkdir.recursive = (cat,(cfg.basedir)) - fs.mkdir = (cat,(cfg.download)) - fs.mkdir = (cat,(cfg.logs)) - fs.mkdir = (cat,(cfg.session)) + fs.mkdir = (cat,(cfg.download)) + fs.mkdir = (cat,(cfg.logs)) + fs.mkdir = (cat,(cfg.session)) - fs.mkdir = (cat,(cfg.watch)) - fs.mkdir = (cat,(cfg.watch),"/load") - fs.mkdir = (cat,(cfg.watch),"/start") + fs.mkdir = (cat,(cfg.watch)) + fs.mkdir = (cat,(cfg.watch),"/load") + fs.mkdir = (cat,(cfg.watch),"/start") - # Drop to "$(cfg.watch)/load" to add torrent - schedule2 = watch_load, 11, 10, ((load.verbose, (cat, (cfg.watch), "load/*.torrent"))) + # Drop to "$(cfg.watch)/load" to add torrent + schedule2 = watch_load, 11, 10, ((load.verbose, (cat, (cfg.watch), "load/*.torrent"))) - # Drop to "$(cfg.watch)/start" to add torrent and start downloading - schedule2 = watch_start, 10, 10, ((load.start_verbose, (cat, (cfg.watch), "start/*.torrent"))) + # Drop to "$(cfg.watch)/start" to add torrent and start downloading + schedule2 = watch_start, 10, 10, ((load.start_verbose, (cat, (cfg.watch), "start/*.torrent"))) - # Listening port for incoming peer traffic - network.port_range.set = ${toString cfg.port}-${toString cfg.port} - network.port_random.set = no + # Listening port for incoming peer traffic + network.port_range.set = ${toString cfg.port}-${toString cfg.port} + network.port_random.set = no - # Distributed Hash Table and Peer EXchange - dht.mode.set = disable - dht.port.set = 6881 - protocol.pex.set = yes + # Distributed Hash Table and Peer EXchange + dht.mode.set = disable + dht.port.set = 6881 + protocol.pex.set = yes - # UDP tracker support - trackers.use_udp.set = yes + # UDP tracker support + trackers.use_udp.set = yes - # Peer settings - throttle.max_uploads.set = 100 - throttle.max_uploads.global.set = 250 - throttle.min_peers.normal.set = 20 - throttle.max_peers.normal.set = 60 - throttle.min_peers.seed.set = 30 - throttle.max_peers.seed.set = 80 - trackers.numwant.set = 80 + # Peer settings + throttle.max_uploads.set = 100 + throttle.max_uploads.global.set = 250 + throttle.min_peers.normal.set = 20 + throttle.max_peers.normal.set = 60 + throttle.min_peers.seed.set = 30 + throttle.max_peers.seed.set = 80 + trackers.numwant.set = 80 - protocol.encryption.set = allow_incoming,try_outgoing,enable_retry + protocol.encryption.set = allow_incoming,try_outgoing,enable_retry - # Limits for file handle resources, this is optimized for - # an `ulimit` of 1024 (a common default). You MUST leave - # a ceiling of handles reserved for rTorrent's internal needs! - network.max_open_files.set = 600 - network.max_open_sockets.set = 300 + # Limits for file handle resources, this is optimized for + # an `ulimit` of 1024 (a common default). You MUST leave + # a ceiling of handles reserved for rTorrent's internal needs! + network.max_open_files.set = 600 + network.max_open_sockets.set = 300 - # Memory resource usage (increase if you have a large number of items loaded, - # and/or the available resources to spend) - pieces.memory.max.set = 1800M - network.xmlrpc.size_limit.set = 32M + # Memory resource usage (increase if you have a large number of items loaded, + # and/or the available resources to spend) + pieces.memory.max.set = 1800M + network.xmlrpc.size_limit.set = 32M - # Basic operational settings - session.path.set = (cat, (cfg.session)) - directory.default.set = (cat, (cfg.download)) - log.execute = (cat, (cfg.logs), "execute.log") + # Basic operational settings + session.path.set = (cat, (cfg.session)) + directory.default.set = (cat, (cfg.download)) + log.execute = (cat, (cfg.logs), "execute.log") - # Other operational settings - encoding.add = utf8 - system.umask.set = 0027 - system.cwd.set = (directory.default) - #schedule2 = low_diskspace, 5, 60, ((close_low_diskspace, 500M)) - #pieces.hash.on_completion.set = no + # Other operational settings + encoding.add = utf8 + system.umask.set = 0027 + system.cwd.set = (directory.default) + #schedule2 = low_diskspace, 5, 60, ((close_low_diskspace, 500M)) + #pieces.hash.on_completion.set = no - # HTTP and SSL - network.http.max_open.set = 50 - network.http.dns_cache_timeout.set = 25 + # HTTP and SSL + network.http.max_open.set = 50 + network.http.dns_cache_timeout.set = 25 - #network.http.ssl_verify_peer.set = 1 - #network.http.ssl_verify_host.set = 1 + #network.http.ssl_verify_peer.set = 1 + #network.http.ssl_verify_host.set = 1 - # Run the rTorrent process as a daemon in the background - system.daemon.set = true + # Run the rTorrent process as a daemon in the background + system.daemon.set = true - # XML-RPC interface - network.scgi.open_local = (cat,(cfg.rpcsock)) - schedule = scgi_group,0,0,"execute.nothrow=chown,\":rtorrent\",(cfg.rpcsock)" - schedule = scgi_permission,0,0,"execute.nothrow=chmod,\"g+w,o=\",(cfg.rpcsock)" + # XML-RPC interface + network.scgi.open_local = (cat,(cfg.rpcsock)) + schedule = scgi_group,0,0,"execute.nothrow=chown,\":rtorrent\",(cfg.rpcsock)" + schedule = scgi_permission,0,0,"execute.nothrow=chmod,\"g+w,o=\",(cfg.rpcsock)" - # Logging: - # Levels = critical error warn notice info debug - # Groups = connection_* dht_* peer_* rpc_* storage_* thread_* tracker_* torrent_* - print = (cat, "Logging to ", (cfg.logfile)) - log.open_file = "log", (cfg.logfile) - log.add_output = "debug", "log" - ''; + # Logging: + # Levels = critical error warn notice info debug + # Groups = connection_* dht_* peer_* rpc_* storage_* thread_* tracker_* torrent_* + print = (cat, "Logging to ", (cfg.logfile)) + log.open_file = "log", (cfg.logfile) + log.add_output = "debug", "log" + ''; }; } diff --git a/nixos/hosts/hades/sonarr/configuration.nix b/nixos/hosts/hades/sonarr/configuration.nix index c74c9205..5137cc17 100644 --- a/nixos/hosts/hades/sonarr/configuration.nix +++ b/nixos/hosts/hades/sonarr/configuration.nix @@ -1,5 +1,4 @@ -_: -{ +_: { system.stateVersion = "21.05"; networking.interfaces.eth0.useDHCP = true; diff --git a/nixos/hosts/hades/unifi/configuration.nix b/nixos/hosts/hades/unifi/configuration.nix index c8ff18c7..66d9ee02 100644 --- a/nixos/hosts/hades/unifi/configuration.nix +++ b/nixos/hosts/hades/unifi/configuration.nix @@ -1,5 +1,4 @@ -{ pkgs, lib, ... }: -{ +{ pkgs, lib, ... }: { system.stateVersion = "21.05"; networking.interfaces.eth0.useDHCP = true; diff --git a/nixos/hosts/hades/unpackerr/configuration.nix b/nixos/hosts/hades/unpackerr/configuration.nix index 42926d2d..a57ca6a8 100644 --- a/nixos/hosts/hades/unpackerr/configuration.nix +++ b/nixos/hosts/hades/unpackerr/configuration.nix @@ -1,7 +1,6 @@ { config, ... }: let vs = config.vault-secrets.secrets; -in -{ +in { networking.interfaces.eth0.useDHCP = true; fileSystems."/mnt/storage" = { diff --git a/nixos/hosts/olympus/bastion/hardware-configuration.nix b/nixos/hosts/olympus/bastion/hardware-configuration.nix index 85ea04d7..dec70cc5 100644 --- a/nixos/hosts/olympus/bastion/hardware-configuration.nix +++ b/nixos/hosts/olympus/bastion/hardware-configuration.nix @@ -6,7 +6,8 @@ { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; - boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; + boot.initrd.availableKernelModules = + [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ ]; boot.extraModulePackages = [ ]; @@ -16,6 +17,7 @@ fsType = "ext4"; }; - swapDevices = [{ device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; }]; + swapDevices = + [{ device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; }]; } diff --git a/nixos/hosts/olympus/dns/configuration.nix b/nixos/hosts/olympus/dns/configuration.nix index 955a1e2a..905aaf12 100644 --- a/nixos/hosts/olympus/dns/configuration.nix +++ b/nixos/hosts/olympus/dns/configuration.nix @@ -1,5 +1,4 @@ -{ pkgs, ... }: -{ +{ pkgs, ... }: { imports = [ ]; # This value determines the NixOS release from which the default diff --git a/nixos/hosts/olympus/gitea/configuration.nix b/nixos/hosts/olympus/gitea/configuration.nix index ca3a80c5..2be1db91 100644 --- a/nixos/hosts/olympus/gitea/configuration.nix +++ b/nixos/hosts/olympus/gitea/configuration.nix @@ -3,10 +3,8 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { lib, config, pkgs, ... }: -let - vs = config.vault-secrets.secrets; -in -{ +let vs = config.vault-secrets.secrets; +in { imports = [ ]; # This value determines the NixOS release from which the default @@ -22,7 +20,8 @@ in environment.noXlibs = lib.mkForce false; - networking.firewall.allowedTCPPorts = [ config.services.gitea.settings.server.HTTP_PORT ]; + networking.firewall.allowedTCPPorts = + [ config.services.gitea.settings.server.HTTP_PORT ]; services.openssh.startWhenNeeded = false; @@ -37,10 +36,8 @@ in }; system.activationScripts.gitea-theme = - let - target_dir = "${config.services.gitea.stateDir}/custom/public/css/"; - in - lib.stringAfter [ "var" ] '' + let target_dir = "${config.services.gitea.stateDir}/custom/public/css/"; + in lib.stringAfter [ "var" ] '' mkdir -p ${target_dir} ln -sf ${pkgs.v.gitea-agatheme} "${target_dir}/theme-agatheme.css" ''; @@ -54,9 +51,7 @@ in mailerPasswordFile = "${vs.gitea}/mailPassword"; settings = { - actions = { - "ENABLED" = true; - }; + actions = { "ENABLED" = true; }; repository = { "ENABLE_PUSH_CREATE_USER" = true; "DEFAULT_PUSH_CREATE_PRIVATE" = false; diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index 754a88ed..0872c146 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -3,8 +3,8 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: -let vs = config.vault-secrets.secrets; in -{ +let vs = config.vault-secrets.secrets; +in { imports = [ ]; # This value determines the NixOS release from which the default @@ -22,9 +22,7 @@ let vs = config.vault-secrets.secrets; in 10.42.42.6 vault.olympus ''; - vault-secrets.secrets.mailserver = { - services = [ "dovecot2" "postfix" ]; - }; + vault-secrets.secrets.mailserver = { services = [ "dovecot2" "postfix" ]; }; mailserver = { enable = true; @@ -36,7 +34,8 @@ let vs = config.vault-secrets.secrets; in # People "v@0x76.dev" = { hashedPasswordFile = "${vs.mailserver}/v@0x76.dev"; - aliases = [ "v@meowy.tech" "postmaster@0x76.dev" "postmaster@meowy.tech" ]; + aliases = + [ "v@meowy.tech" "postmaster@0x76.dev" "postmaster@meowy.tech" ]; }; "laura@meowy.tech" = { hashedPasswordFile = "${vs.mailserver}/laura@meowy.tech"; @@ -79,7 +78,8 @@ let vs = config.vault-secrets.secrets; in services.roundcube = { enable = true; - package = pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]); + package = + pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]); plugins = [ "archive" # "enigma" @@ -98,9 +98,7 @@ let vs = config.vault-secrets.secrets; in ''; }; - services.nginx = { - enable = true; - }; + services.nginx = { enable = true; }; security.acme.acceptTerms = true; security.acme.defaults.email = "v@0x76.dev"; diff --git a/nixos/hosts/olympus/minecraft/configuration.nix b/nixos/hosts/olympus/minecraft/configuration.nix index 83bcd573..d052e3c7 100644 --- a/nixos/hosts/olympus/minecraft/configuration.nix +++ b/nixos/hosts/olympus/minecraft/configuration.nix @@ -2,8 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ lib, pkgs, ... }: -{ +{ lib, pkgs, ... }: { imports = [ ]; # This value determines the NixOS release from which the default diff --git a/nixos/hosts/olympus/mosquitto/configuration.nix b/nixos/hosts/olympus/mosquitto/configuration.nix index a30040e8..d193e63a 100644 --- a/nixos/hosts/olympus/mosquitto/configuration.nix +++ b/nixos/hosts/olympus/mosquitto/configuration.nix @@ -4,8 +4,7 @@ { config, pkgs, ... }: let mosquittoPort = 1883; -in -{ +in { imports = [ ]; # This value determines the NixOS release from which the default diff --git a/nixos/hosts/olympus/ntfy/configuration.nix b/nixos/hosts/olympus/ntfy/configuration.nix index 97827045..e968178c 100644 --- a/nixos/hosts/olympus/ntfy/configuration.nix +++ b/nixos/hosts/olympus/ntfy/configuration.nix @@ -20,7 +20,8 @@ networking.firewall.allowedTCPPorts = [ 80 ]; - services.ntfy-sh = let datadir = "/var/lib/ntfy"; in { + services.ntfy-sh = let datadir = "/var/lib/ntfy"; + in { enable = true; settings = { base-url = "https://ntfy.0x76.dev"; diff --git a/nixos/hosts/olympus/outline/configuration.nix b/nixos/hosts/olympus/outline/configuration.nix index d9f9382b..1ac2cd3c 100644 --- a/nixos/hosts/olympus/outline/configuration.nix +++ b/nixos/hosts/olympus/outline/configuration.nix @@ -3,8 +3,8 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, ... }: -let vs = config.vault-secrets.secrets; in -{ +let vs = config.vault-secrets.secrets; +in { imports = [ ]; # This value determines the NixOS release from which the default @@ -16,9 +16,7 @@ let vs = config.vault-secrets.secrets; in system.stateVersion = "22.11"; # Did you read the comment? # Additional packages - networking.firewall.allowedTCPPorts = [ - config.services.outline.port - ]; + networking.firewall.allowedTCPPorts = [ config.services.outline.port ]; vault-secrets.secrets.outline = { inherit (config.services.outline) user group; @@ -40,7 +38,7 @@ let vs = config.vault-secrets.secrets; in uploadBucketName = "outline"; region = "us-east-1"; # fake }; - oidcAuthentication = { + oidcAuthentication = { displayName = "Dex"; userinfoUrl = "https://dex.0x76.dev/userinfo"; tokenUrl = "https://dex.0x76.dev/token"; diff --git a/nixos/hosts/olympus/synapse/configuration.nix b/nixos/hosts/olympus/synapse/configuration.nix index cd528713..fbb389c1 100644 --- a/nixos/hosts/olympus/synapse/configuration.nix +++ b/nixos/hosts/olympus/synapse/configuration.nix @@ -7,8 +7,7 @@ let vs = config.vault-secrets.secrets; port = 8008; metricsPort = 9000; -in -{ +in { imports = [ ]; # This value determines the NixOS release from which the default @@ -53,66 +52,60 @@ in "${vs.synapse}/email_password" # Also contains the rest of the email config ]; - settings = - let log_file = pkgs.writeText "log.yml" '' -version: 1 + settings = let + log_file = pkgs.writeText "log.yml" '' + version: 1 -formatters: - structured: - class: synapse.logging.TerseJsonFormatter + formatters: + structured: + class: synapse.logging.TerseJsonFormatter -handlers: - file: - class: logging.handlers.TimedRotatingFileHandler - formatter: structured - filename: /var/lib/matrix-synapse/synapse.log - when: midnight - backupCount: 3 # Does not include the current log file. - encoding: utf8 + handlers: + file: + class: logging.handlers.TimedRotatingFileHandler + formatter: structured + filename: /var/lib/matrix-synapse/synapse.log + when: midnight + backupCount: 3 # Does not include the current log file. + encoding: utf8 -loggers: - synapse: - level: INFO - handlers: [file] - ''; in - { - server_name = "meowy.tech"; - enable_registration = true; - public_baseurl = "https://chat.meowy.tech"; - enable_metrics = true; - max_upload_size = "100M"; - registration_requires_token = true; - media_retention = { - remote_media_lifetime = "90d"; - }; - log_config = "${log_file}"; - listeners = [ - { - inherit port; - bind_addresses = [ "0.0.0.0" ]; - type = "http"; - tls = false; - x_forwarded = true; - resources = [ - { - names = [ "client" "federation" ]; - compress = true; - } - ]; - } - { - port = metricsPort; - bind_addresses = [ "0.0.0.0" ]; - type = "metrics"; - tls = false; - resources = [ - { - names = [ "metrics" ]; - compress = false; - } - ]; - } - ]; - }; + loggers: + synapse: + level: INFO + handlers: [file] + ''; + in { + server_name = "meowy.tech"; + enable_registration = true; + public_baseurl = "https://chat.meowy.tech"; + enable_metrics = true; + max_upload_size = "100M"; + registration_requires_token = true; + media_retention = { remote_media_lifetime = "90d"; }; + log_config = "${log_file}"; + listeners = [ + { + inherit port; + bind_addresses = [ "0.0.0.0" ]; + type = "http"; + tls = false; + x_forwarded = true; + resources = [{ + names = [ "client" "federation" ]; + compress = true; + }]; + } + { + port = metricsPort; + bind_addresses = [ "0.0.0.0" ]; + type = "metrics"; + tls = false; + resources = [{ + names = [ "metrics" ]; + compress = false; + }]; + } + ]; + }; }; } diff --git a/nixos/hosts/olympus/unifi/configuration.nix b/nixos/hosts/olympus/unifi/configuration.nix index e2c08ed4..4b1c60af 100644 --- a/nixos/hosts/olympus/unifi/configuration.nix +++ b/nixos/hosts/olympus/unifi/configuration.nix @@ -22,7 +22,7 @@ services.unifi = { enable = true; unifiPackage = pkgs.unifi; - mongodbPackage = pkgs.mongodb-4_2; + mongodbPackage = pkgs.mongodb-4_2; openFirewall = true; }; } diff --git a/nixos/hosts/olympus/victoriametrics/configuration.nix b/nixos/hosts/olympus/victoriametrics/configuration.nix index 40a67159..9678ebf7 100644 --- a/nixos/hosts/olympus/victoriametrics/configuration.nix +++ b/nixos/hosts/olympus/victoriametrics/configuration.nix @@ -6,8 +6,7 @@ let vmPort = 8428; vs = config.vault-secrets.secrets; -in -{ +in { imports = [ ]; # This value determines the NixOS release from which the default @@ -21,7 +20,8 @@ in # Additional packages environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ vmPort config.services.grafana.settings.server.http_port ]; + networking.firewall.allowedTCPPorts = + [ vmPort config.services.grafana.settings.server.http_port ]; networking.firewall.allowedUDPPorts = [ vmPort ]; services.victoriametrics = { @@ -42,12 +42,10 @@ in scrape_configs = [ { job_name = "nginx"; - static_configs = [ - { - targets = [ "nginx.olympus:9113" ]; - labels.app = "nginx"; - } - ]; + static_configs = [{ + targets = [ "nginx.olympus:9113" ]; + labels.app = "nginx"; + }]; } { job_name = "synapse"; diff --git a/nixos/hosts/thalassa/aoife/hardware-configuration.nix b/nixos/hosts/thalassa/aoife/hardware-configuration.nix index 13bc8c9a..06d94880 100644 --- a/nixos/hosts/thalassa/aoife/hardware-configuration.nix +++ b/nixos/hosts/thalassa/aoife/hardware-configuration.nix @@ -4,29 +4,27 @@ { config, lib, modulesPath, ... }: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" "sdhci_pci" ]; + boot.initrd.availableKernelModules = + [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" "sdhci_pci" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/c184866a-9a53-4a9f-9a1f-493792af7ea9"; - fsType = "btrfs"; - options = [ "subvol=@" ]; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/c184866a-9a53-4a9f-9a1f-493792af7ea9"; + fsType = "btrfs"; + options = [ "subvol=@" ]; + }; - fileSystems."/boot/efi" = - { device = "/dev/disk/by-uuid/5BB8-7503"; - fsType = "vfat"; - }; + fileSystems."/boot/efi" = { + device = "/dev/disk/by-uuid/5BB8-7503"; + fsType = "vfat"; + }; swapDevices = - [ { device = "/dev/disk/by-uuid/bedb5b75-578e-441f-a9eb-2ecff1f4cfca"; } - ]; + [{ device = "/dev/disk/by-uuid/bedb5b75-578e-441f-a9eb-2ecff1f4cfca"; }]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's @@ -36,6 +34,7 @@ # networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.amd.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; # high-resolution display } diff --git a/nixos/hosts/thalassa/eevee/configuration.nix b/nixos/hosts/thalassa/eevee/configuration.nix index 1c713a82..eccf3cfb 100644 --- a/nixos/hosts/thalassa/eevee/configuration.nix +++ b/nixos/hosts/thalassa/eevee/configuration.nix @@ -3,17 +3,14 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { pkgs, inputs, ... }: { - imports = [ - ../../../common/desktop - ./hardware-configuration.nix - ./hardware.nix - ]; + imports = + [ ../../../common/desktop ./hardware-configuration.nix ./hardware.nix ]; # Bootloader. boot = { kernelPackages = pkgs.linuxPackages_latest; initrd = { - kernelModules = [ "nvidia" "nvidia_modeset" "nvidia_uvm" "nvidia_drm" ]; + kernelModules = [ "nvidia" "nvidia_modeset" "nvidia_uvm" "nvidia_drm" ]; }; }; diff --git a/nixos/hosts/thalassa/eevee/hardware-configuration.nix b/nixos/hosts/thalassa/eevee/hardware-configuration.nix index 536e2b04..4082fde0 100644 --- a/nixos/hosts/thalassa/eevee/hardware-configuration.nix +++ b/nixos/hosts/thalassa/eevee/hardware-configuration.nix @@ -4,29 +4,27 @@ { config, lib, modulesPath, ... }: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = + [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/947a98af-9a4e-4811-a2ca-9aa00b319e9c"; - fsType = "btrfs"; - options = [ "subvol=@" ]; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/947a98af-9a4e-4811-a2ca-9aa00b319e9c"; + fsType = "btrfs"; + options = [ "subvol=@" ]; + }; - fileSystems."/boot/efi" = - { device = "/dev/disk/by-uuid/D883-F146"; - fsType = "vfat"; - }; + fileSystems."/boot/efi" = { + device = "/dev/disk/by-uuid/D883-F146"; + fsType = "vfat"; + }; swapDevices = - [ { device = "/dev/disk/by-uuid/a99402e1-6f2a-4c4b-b69f-aae2fd13ffc0"; } - ]; + [{ device = "/dev/disk/by-uuid/a99402e1-6f2a-4c4b-b69f-aae2fd13ffc0"; }]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's @@ -37,5 +35,6 @@ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.intel.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/nixos/hosts/thalassa/null/hardware-configuration.nix b/nixos/hosts/thalassa/null/hardware-configuration.nix index d9de3caf..a7a6cd2b 100644 --- a/nixos/hosts/thalassa/null/hardware-configuration.nix +++ b/nixos/hosts/thalassa/null/hardware-configuration.nix @@ -4,37 +4,36 @@ { config, lib, modulesPath, ... }: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "rtsx_pci_sdmmc" ]; + boot.initrd.availableKernelModules = + [ "xhci_pci" "ahci" "nvme" "rtsx_pci_sdmmc" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c"; - fsType = "btrfs"; - options = [ "subvol=@" ]; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c"; + fsType = "btrfs"; + options = [ "subvol=@" ]; + }; - fileSystems."/nix" = - { device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c"; - fsType = "btrfs"; - options = [ "subvol=@/nix" ]; - }; + fileSystems."/nix" = { + device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c"; + fsType = "btrfs"; + options = [ "subvol=@/nix" ]; + }; - fileSystems."/home" = - { device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c"; - fsType = "btrfs"; - options = [ "subvol=@home" ]; - }; + fileSystems."/home" = { + device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c"; + fsType = "btrfs"; + options = [ "subvol=@home" ]; + }; - fileSystems."/boot/efi" = - { device = "/dev/disk/by-uuid/D478-6F66"; - fsType = "vfat"; - }; + fileSystems."/boot/efi" = { + device = "/dev/disk/by-uuid/D478-6F66"; + fsType = "vfat"; + }; swapDevices = [ ]; @@ -48,5 +47,6 @@ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.intel.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/nixos/hosts/thalassa/null/home/neovim.nix b/nixos/hosts/thalassa/null/home/neovim.nix index ac51ba65..983f6a45 100644 --- a/nixos/hosts/thalassa/null/home/neovim.nix +++ b/nixos/hosts/thalassa/null/home/neovim.nix @@ -10,10 +10,10 @@ plugins = { nix.enable = true; - treesitter = { + treesitter = { enable = true; nixGrammars = false; - ensureInstalled = []; + ensureInstalled = [ ]; }; surround.enable = true; fugitive.enable = true; diff --git a/nixos/hosts/thalassa/null/networking.nix b/nixos/hosts/thalassa/null/networking.nix index 66bab882..ccf7a8a9 100644 --- a/nixos/hosts/thalassa/null/networking.nix +++ b/nixos/hosts/thalassa/null/networking.nix @@ -1,5 +1,4 @@ -_: -{ +_: { services.v.dns = { enable = true; openFirewall = false; @@ -30,21 +29,11 @@ _: ca_cert="/etc/ssl/certs/ca-bundle.crt" ''; }; - "Pikachu 5G" = { - psk = "@PIKACHU_PASSWORD@"; - }; - "sha256('yeet')" = { - psk = "@SHA256_PASSWORD@"; - }; - "wired" = { - psk = "@WIRED_PASSWORD@"; - }; - "meowy hotspot" = { - psk = "@HOTSPOT_PASSWORD@"; - }; - "WiFi Roest" = { - psk = "@WIFI_ROEST_PASSWORD@"; - }; + "Pikachu 5G" = { psk = "@PIKACHU_PASSWORD@"; }; + "sha256('yeet')" = { psk = "@SHA256_PASSWORD@"; }; + "wired" = { psk = "@WIRED_PASSWORD@"; }; + "meowy hotspot" = { psk = "@HOTSPOT_PASSWORD@"; }; + "WiFi Roest" = { psk = "@WIFI_ROEST_PASSWORD@"; }; }; }; diff --git a/nixos/hosts/thalassa/null/rescue-boot.nix b/nixos/hosts/thalassa/null/rescue-boot.nix index 3f576b05..507b4272 100644 --- a/nixos/hosts/thalassa/null/rescue-boot.nix +++ b/nixos/hosts/thalassa/null/rescue-boot.nix @@ -11,9 +11,7 @@ let module = { system.stateVersion = "22.11"; boot.supportedFilesystems = [ "btrfs" "ext4" ]; - environment.systemPackages = with pkgs; [ - git - ]; + environment.systemPackages = with pkgs; [ git ]; }; in { boot.loader.systemd-boot = { @@ -22,7 +20,9 @@ in { title Rescue Boot linux /rescue-kernel initrd /rescue-initrd - options init=${netboot.config.system.build.toplevel}/init ${toString netboot.config.boot.kernelParams} + options init=${netboot.config.system.build.toplevel}/init ${ + toString netboot.config.boot.kernelParams + } ''; }; diff --git a/nixos/pkgs/dnd-5e-latex-template/default.nix b/nixos/pkgs/dnd-5e-latex-template/default.nix index 3114dc73..ef5ffcaa 100644 --- a/nixos/pkgs/dnd-5e-latex-template/default.nix +++ b/nixos/pkgs/dnd-5e-latex-template/default.nix @@ -1,4 +1,5 @@ -{ stdenvNoCC, fetchFromGitHub }: stdenvNoCC.mkDerivation rec { +{ stdenvNoCC, fetchFromGitHub }: +stdenvNoCC.mkDerivation rec { pname = "dnd-5e-latex-template"; version = "0.8.0"; tlType = "run"; @@ -13,16 +14,14 @@ phases = [ "installPhase" ]; installPhase = '' - runHook preInstall + runHook preInstall - path="$out/tex/latex/${pname}" - mkdir -p "$path" - cp -r $src/* $path + path="$out/tex/latex/${pname}" + mkdir -p "$path" + cp -r $src/* $path - runHook postInstall + runHook postInstall ''; - meta = { - description = "DnD 5e latex template"; - }; + meta = { description = "DnD 5e latex template"; }; } diff --git a/nixos/pkgs/gitea-agatheme/default.nix b/nixos/pkgs/gitea-agatheme/default.nix index ad6460c3..ec5fdf77 100644 --- a/nixos/pkgs/gitea-agatheme/default.nix +++ b/nixos/pkgs/gitea-agatheme/default.nix @@ -1,9 +1,11 @@ -{ stdenvNoCC, fetchurl }: stdenvNoCC.mkDerivation { +{ stdenvNoCC, fetchurl }: +stdenvNoCC.mkDerivation { pname = "gitea-agatheme"; version = "1.2"; src = fetchurl { - url = "https://git.lain.faith/attachments/290e2304-92a3-4991-8703-fbbf52f31340"; + url = + "https://git.lain.faith/attachments/290e2304-92a3-4991-8703-fbbf52f31340"; sha256 = "424f4e232c7d759485cdf1bcde9edde50f2992cf6bde61c21f71eae03a905543"; }; diff --git a/nixos/pkgs/glitch-soc/default.nix b/nixos/pkgs/glitch-soc/default.nix index 5db9bd6c..fe52d326 100644 --- a/nixos/pkgs/glitch-soc/default.nix +++ b/nixos/pkgs/glitch-soc/default.nix @@ -1,12 +1,10 @@ -{ lib, stdenv, nodejs-slim, bundlerEnv, nixosTests -, yarn, callPackage, imagemagick, ffmpeg, file, ruby_3_0, writeShellScript -, fetchYarnDeps, fixup_yarn_lock +{ lib, stdenv, nodejs-slim, bundlerEnv, nixosTests, yarn, callPackage +, imagemagick, ffmpeg, file, ruby_3_0, writeShellScript, fetchYarnDeps +, fixup_yarn_lock - # Allow building a fork or custom version of Mastodon: -, pname ? "mastodon" -, version ? import ./version.nix -, srcOverride ? null -, dependenciesDir ? ./. # Should contain gemset.nix, yarn.nix and package.json. +# Allow building a fork or custom version of Mastodon: +, pname ? "mastodon", version ? import ./version.nix, srcOverride ? null +, dependenciesDir ? ./. # Should contain gemset.nix, yarn.nix and package.json. }: stdenv.mkDerivation rec { @@ -14,7 +12,8 @@ stdenv.mkDerivation rec { # Using overrideAttrs on src does not build the gems and modules with the overridden src. # Putting the callPackage up in the arguments list also does not work. - src = if srcOverride != null then srcOverride else callPackage ./source.nix {}; + src = + if srcOverride != null then srcOverride else callPackage ./source.nix { }; mastodon-gems = bundlerEnv { name = "${pname}-gems-${version}"; @@ -42,11 +41,17 @@ stdenv.mkDerivation rec { yarnOfflineCache = fetchYarnDeps { yarnLock = "${src}/yarn.lock"; - # sha256 = lib.fakeSha256; - sha256 = "sha256-5KmPgKE1QRPoTjeSYidKt/z9vzWzTOoJVr5dNtofKJY="; + # sha256 = lib.fakeSha256; + sha256 = "sha256-5KmPgKE1QRPoTjeSYidKt/z9vzWzTOoJVr5dNtofKJY="; }; - nativeBuildInputs = [ fixup_yarn_lock nodejs-slim yarn mastodon-gems mastodon-gems.wrappedRuby ]; + nativeBuildInputs = [ + fixup_yarn_lock + nodejs-slim + yarn + mastodon-gems + mastodon-gems.wrappedRuby + ]; RAILS_ENV = "production"; NODE_ENV = "production"; @@ -114,11 +119,12 @@ stdenv.mkDerivation rec { passthru = { tests.mastodon = nixosTests.mastodon; - updateScript = callPackage ./update.nix {}; + updateScript = callPackage ./update.nix { }; }; meta = with lib; { - description = "Self-hosted, globally interconnected microblogging software based on ActivityPub"; + description = + "Self-hosted, globally interconnected microblogging software based on ActivityPub"; homepage = "https://joinmastodon.org"; license = licenses.agpl3Plus; platforms = [ "x86_64-linux" "i686-linux" "aarch64-linux" ]; diff --git a/nixos/pkgs/glitch-soc/gemset.nix b/nixos/pkgs/glitch-soc/gemset.nix index 442de5ad..ec553917 100644 --- a/nixos/pkgs/glitch-soc/gemset.nix +++ b/nixos/pkgs/glitch-soc/gemset.nix @@ -1,676 +1,741 @@ { actioncable = { - dependencies = ["actionpack" "activesupport" "nio4r" "websocket-driver"]; - groups = ["default"]; - platforms = []; + dependencies = [ "actionpack" "activesupport" "nio4r" "websocket-driver" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0bndmmby5qxq8rs42fbb2ax3hhbjj2ds8wja08s0iadkbrn7shvf"; type = "gem"; }; version = "6.1.7.3"; }; actionmailbox = { - dependencies = ["actionpack" "activejob" "activerecord" "activestorage" "activesupport" "mail"]; - groups = ["default"]; - platforms = []; + dependencies = [ + "actionpack" + "activejob" + "activerecord" + "activestorage" + "activesupport" + "mail" + ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0cx00kf0syq5gdhlrmw0q9v92ki55drbsk4gzy86ls2q8xkd792s"; type = "gem"; }; version = "6.1.7.3"; }; actionmailer = { - dependencies = ["actionpack" "actionview" "activejob" "activesupport" "mail" "rails-dom-testing"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ + "actionpack" + "actionview" + "activejob" + "activesupport" + "mail" + "rails-dom-testing" + ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0vbif021cyndq3v3m61dkmgdbbirqk9zcsszb9nisq24m3gx1aai"; type = "gem"; }; version = "6.1.7.3"; }; actionpack = { - dependencies = ["actionview" "activesupport" "rack" "rack-test" "rails-dom-testing" "rails-html-sanitizer"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ + "actionview" + "activesupport" + "rack" + "rack-test" + "rails-dom-testing" + "rails-html-sanitizer" + ]; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0k6hc7klvn8m88b88vykl83jrpqhn4zz67l2zx9v266xga6fhala"; type = "gem"; }; version = "6.1.7.3"; }; actiontext = { - dependencies = ["actionpack" "activerecord" "activestorage" "activesupport" "nokogiri"]; - groups = ["default"]; - platforms = []; + dependencies = [ + "actionpack" + "activerecord" + "activestorage" + "activesupport" + "nokogiri" + ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "16ldxyxlxl9scggpmkww2fxzim7sl2b4js610pvddcsr74z9fjs7"; type = "gem"; }; version = "6.1.7.3"; }; actionview = { - dependencies = ["activesupport" "builder" "erubi" "rails-dom-testing" "rails-html-sanitizer"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ + "activesupport" + "builder" + "erubi" + "rails-dom-testing" + "rails-html-sanitizer" + ]; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0ck02cfc17s6g05qn0k7khwvvazwbf2rxbjcma8px2nw2j1ngvcn"; type = "gem"; }; version = "6.1.7.3"; }; active_model_serializers = { - dependencies = ["actionpack" "activemodel" "case_transform" "jsonapi-renderer"]; - groups = ["default"]; - platforms = []; + dependencies = + [ "actionpack" "activemodel" "case_transform" "jsonapi-renderer" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0xdp7cpj3yj3wl4vj0nqq44kzjavlxi1wq3cf9zp0whkir0ym0gy"; type = "gem"; }; version = "0.10.13"; }; activejob = { - dependencies = ["activesupport" "globalid"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "activesupport" "globalid" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "05bkw9qgjgj2nxzjj2fh6jp1fcvgff0aa4r77k0gcfmnzc1g8wdl"; type = "gem"; }; version = "6.1.7.3"; }; activemodel = { - dependencies = ["activesupport"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "activesupport" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "03hy5bwghdklcxbdylmsq70y0qzslck5slb2zkvp7g6mmvk86kwd"; type = "gem"; }; version = "6.1.7.3"; }; activerecord = { - dependencies = ["activemodel" "activesupport"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "activemodel" "activesupport" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1alshkgbcxp9s4vqb2b0yrrnyg15kxhlp1slsb03a61w7h42pspw"; type = "gem"; }; version = "6.1.7.3"; }; activestorage = { - dependencies = ["actionpack" "activejob" "activerecord" "activesupport" "marcel" "mini_mime"]; - groups = ["default"]; - platforms = []; + dependencies = [ + "actionpack" + "activejob" + "activerecord" + "activesupport" + "marcel" + "mini_mime" + ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "06w4wlabqqr9bwdig44r5vdwkcbbivwgwn2fl775w7h05vrccgp8"; type = "gem"; }; version = "6.1.7.3"; }; activesupport = { - dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo" "zeitwerk"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ "concurrent-ruby" "i18n" "minitest" "tzinfo" "zeitwerk" ]; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "06mihpy83a5xmavvn7l8vbix472dsi0vh30xj6g594k0679m0ir6"; type = "gem"; }; version = "6.1.7.3"; }; addressable = { - dependencies = ["public_suffix"]; - groups = ["default" "development" "test"]; - platforms = []; + dependencies = [ "public_suffix" ]; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "15s8van7r2ad3dq6i03l3z4hqnvxcq75a3h72kxvf9an53sqma20"; type = "gem"; }; version = "2.8.4"; }; aes_key_wrap = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "19bn0y70qm6mfj4y1m0j3s8ggh6dvxwrwrj5vfamhdrpddsz8ddr"; type = "gem"; }; version = "1.1.0"; }; airbrussh = { - dependencies = ["sshkit"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "sshkit" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0x55y3ynkda76pwnsvrrjlvxfcc7yn1irad8radll9c9cif41jqv"; type = "gem"; }; version = "1.4.1"; }; android_key_attestation = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "02spc1sh7zsljl02v9d5rdb717b628vw2k7jkkplifyjk4db0zj6"; type = "gem"; }; version = "0.3.0"; }; annotate = { - dependencies = ["activerecord" "rake"]; - groups = ["development"]; - platforms = []; + dependencies = [ "activerecord" "rake" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1lw0fxb5mirsdp3bp20gjyvs7clvi19jbxnrm2ihm20kzfhvlqcs"; type = "gem"; }; version = "3.2.0"; }; ast = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "04nc8x27hlzlrr5c2gn7mar4vdr0apw5xg22wp6m8dx3wqr04a0y"; type = "gem"; }; version = "2.4.2"; }; attr_encrypted = { - dependencies = ["encryptor"]; - groups = ["default"]; - platforms = []; + dependencies = [ "encryptor" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "034x6mbrv9apd83v99v9pm8vl3d17w5bbwws26gr4wv95fylmgnc"; type = "gem"; }; version = "4.0.0"; }; attr_required = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1g22axmi2rhhy7w8c3x6gppsawxqavbrnxpnmphh22fk7cwi0kh2"; type = "gem"; }; version = "1.0.1"; }; awrence = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0gj8f8c54r9cabkm41s59sa1ca5wpbipw7gq3sfl87x9296227fx"; type = "gem"; }; version = "1.2.1"; }; aws-eventstream = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1pyis1nvnbjxk12a43xvgj2gv0mvp4cnkc1gzw0v1018r61399gz"; type = "gem"; }; version = "1.2.0"; }; aws-partitions = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "18ndv604p1p3gkyy0d958jx2wp74d100q6vbc6ak70a7bv93wqsg"; type = "gem"; }; version = "1.752.0"; }; aws-sdk-core = { - dependencies = ["aws-eventstream" "aws-partitions" "aws-sigv4" "jmespath"]; - groups = ["default"]; - platforms = []; + dependencies = + [ "aws-eventstream" "aws-partitions" "aws-sigv4" "jmespath" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0732vv8zi67z25fss1sdvqx0vv1ap3w6hz1avxzwznkjp002vj39"; type = "gem"; }; version = "3.171.0"; }; aws-sdk-kms = { - dependencies = ["aws-sdk-core" "aws-sigv4"]; - groups = ["default"]; - platforms = []; + dependencies = [ "aws-sdk-core" "aws-sigv4" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0v87zi28dfmrv7bv91yfldccnpd63n295siirbz7wqv1rajn8n02"; type = "gem"; }; version = "1.63.0"; }; aws-sdk-s3 = { - dependencies = ["aws-sdk-core" "aws-sdk-kms" "aws-sigv4"]; - groups = ["default"]; - platforms = []; + dependencies = [ "aws-sdk-core" "aws-sdk-kms" "aws-sigv4" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1s5v3799pi7ik53gv7dl02am5pngv6x4azzwx9my09nll4q3lfk8"; type = "gem"; }; version = "1.121.0"; }; aws-sigv4 = { - dependencies = ["aws-eventstream"]; - groups = ["default"]; - platforms = []; + dependencies = [ "aws-eventstream" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "11hkna2av47bl0yprgp8k4ya70rc3m2ib5w10fn0piplgkkmhz7m"; type = "gem"; }; version = "1.5.2"; }; bcrypt = { - groups = ["default" "pam_authentication"]; - platforms = []; + groups = [ "default" "pam_authentication" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "048z3fvcknqx7ikkhrcrykxlqmf9bzc7l0y5h1cnvrc9n2qf0k8m"; type = "gem"; }; version = "3.1.18"; }; better_errors = { - dependencies = ["coderay" "erubi" "rack"]; - groups = ["development"]; - platforms = []; + dependencies = [ "coderay" "erubi" "rack" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "11220lfzhsyf5fcril3qd689kgg46qlpiiaj00hc9mh4mcbc3vrr"; type = "gem"; }; version = "2.9.1"; }; better_html = { - dependencies = ["actionview" "activesupport" "ast" "erubi" "parser" "smart_properties"]; - groups = ["default" "development" "test"]; - platforms = []; + dependencies = [ + "actionview" + "activesupport" + "ast" + "erubi" + "parser" + "smart_properties" + ]; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1y090dmgjxr3yzxi3pg5jgirkmyfdrmjhabmzmhg5i8ssiqr2gdz"; type = "gem"; }; version = "2.0.1"; }; bindata = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "04y4zgh4bbcb8wmkxwfqg4saky1d1f3xw8z6yk543q13h8ky8rz5"; type = "gem"; }; version = "2.4.15"; }; binding_of_caller = { - dependencies = ["debug_inspector"]; - groups = ["development"]; - platforms = []; + dependencies = [ "debug_inspector" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "078n2dkpgsivcf0pr50981w95nfc2bsrp3wpf9wnxz1qsp8jbb9s"; type = "gem"; }; version = "1.0.0"; }; blurhash = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "057afgqy73n8vm7k3cr4pbwm1hhqnm58lp4x7bgm5wzbs39m7xf8"; type = "gem"; }; version = "0.1.7"; }; bootsnap = { - dependencies = ["msgpack"]; - groups = ["default"]; - platforms = []; + dependencies = [ "msgpack" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1vcg52gwl64xhhal6kwk1pc01y1klzdlnv1awyk89kb91z010x7q"; type = "gem"; }; version = "1.16.0"; }; brakeman = { - groups = ["development"]; - platforms = []; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0wzvxpabnjwwjgr9s13965dbdgl3qfvwjbmhimh83p81bm5lsrnw"; type = "gem"; }; version = "5.4.1"; }; browser = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0g4bcpax07kqqr9cp7cjc7i0pcij4nqpn1rdsg2wdwhzf00m6x32"; type = "gem"; }; version = "5.3.1"; }; brpoplpush-redis_script = { - dependencies = ["concurrent-ruby" "redis"]; - groups = ["default"]; - platforms = []; + dependencies = [ "concurrent-ruby" "redis" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1nd5zj5yqmhv9lrsqz8s2dqq28v4ywy95qrw7nzhhf89dl4dq49l"; type = "gem"; }; version = "0.1.3"; }; builder = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "045wzckxpwcqzrjr353cxnyaxgf0qg22jh00dcx7z38cys5g1jlr"; type = "gem"; }; version = "3.2.4"; }; bundler-audit = { - dependencies = ["thor"]; - groups = ["development"]; - platforms = []; + dependencies = [ "thor" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0gdx0019vj04n1512shhdx7hwphzqmdpw4vva2k551nd47y1dixx"; type = "gem"; }; version = "0.9.1"; }; capistrano = { - dependencies = ["airbrussh" "i18n" "rake" "sshkit"]; - groups = ["development"]; - platforms = []; + dependencies = [ "airbrussh" "i18n" "rake" "sshkit" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0nwn1a20q7xmlsgjqzf8msicyi6wkrjvgw62625717323ymz6qsr"; type = "gem"; }; version = "3.17.2"; }; capistrano-bundler = { - dependencies = ["capistrano"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "capistrano" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "09rndb1fa9r7mhb2sc6p3k0pcarhg8mv0kfmvd1zdb0ciwwp7514"; type = "gem"; }; version = "2.1.0"; }; capistrano-rails = { - dependencies = ["capistrano" "capistrano-bundler"]; - groups = ["development"]; - platforms = []; + dependencies = [ "capistrano" "capistrano-bundler" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1iyhs77bff09g18dlz0li5f44khjwpqc09gk5hzcnf5v9yvijpg9"; type = "gem"; }; version = "1.6.2"; }; capistrano-rbenv = { - dependencies = ["capistrano" "sshkit"]; - groups = ["development"]; - platforms = []; + dependencies = [ "capistrano" "sshkit" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1x9m1i5zd0wx122zw3m40zprlmxk9d47bd6w61k81wr4qsvkk3rw"; type = "gem"; }; version = "2.2.0"; }; capistrano-yarn = { - dependencies = ["capistrano"]; - groups = ["development"]; - platforms = []; + dependencies = [ "capistrano" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1zdg2s061vl5b8114n909mrjb2hc1qx0i4wqx9nacsrcjgyp07l9"; type = "gem"; }; version = "2.0.2"; }; capybara = { - dependencies = ["addressable" "matrix" "mini_mime" "nokogiri" "rack" "rack-test" "regexp_parser" "xpath"]; - groups = ["test"]; - platforms = []; + dependencies = [ + "addressable" + "matrix" + "mini_mime" + "nokogiri" + "rack" + "rack-test" + "regexp_parser" + "xpath" + ]; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "06b4nlhirsq8ny17s8zgz7qyvl9v41rixj1xkviiiwxlnjz982d3"; type = "gem"; }; version = "3.39.0"; }; case_transform = { - dependencies = ["activesupport"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0fzyws6spn5arqf6q604dh9mrj84a36k5hsc8z7jgcpfvhc49bg2"; type = "gem"; }; version = "0.2"; }; cbor = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0511idr8xps9625nh3kxr68sdy6l3xy2kcz7r57g47fxb1v18jj3"; type = "gem"; }; version = "0.5.9.6"; }; charlock_holmes = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0hybw8jw9ryvz5zrki3gc9r88jqy373m6v46ynxsdzv1ysiyr40p"; type = "gem"; }; version = "0.7.7"; }; chewy = { - dependencies = ["activesupport" "elasticsearch" "elasticsearch-dsl"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" "elasticsearch" "elasticsearch-dsl" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1wxq6396814ngwnvwcjkkqm8ji8d7q385gw53kr1dbfihiivlizq"; type = "gem"; }; version = "7.3.2"; }; chunky_png = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1znw5x86hmm9vfhidwdsijz8m38pqgmv98l9ryilvky0aldv7mc9"; type = "gem"; }; version = "1.4.0"; }; climate_control = { - groups = ["test"]; - platforms = []; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0q11v0iabvr6rif0d025xh078ili5frrihlj0m04zfg7lgvagxji"; type = "gem"; }; version = "0.2.0"; }; cocoon = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "038z97pkhvsqbh6cmyyzj58ya968p24k7r0f0rx7sa2kjvk193yh"; type = "gem"; }; version = "1.2.15"; }; coderay = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0jvxqxzply1lwp7ysn94zjhh57vc14mcshw1ygw14ib8lhc00lyw"; type = "gem"; }; version = "1.1.3"; }; color_diff = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "01dpvqlzybpb3pkcwd9ik5sbjw283618ywvdphxslhiy8ps3kp4r"; type = "gem"; }; version = "0.1"; }; concurrent-ruby = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0krcwb6mn0iklajwngwsg850nk8k9b35dhmc2qkbdqvmifdi2y9q"; type = "gem"; }; version = "1.2.2"; }; connection_pool = { - groups = ["default" "test"]; - platforms = []; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0dndngqvkm2ih3wqn5ilf9980c1cc57lqn5lywx3myalzpilq05z"; type = "gem"; }; version = "2.4.0"; }; cose = { - dependencies = ["cbor" "openssl-signature_algorithm"]; - groups = ["default"]; - platforms = []; + dependencies = [ "cbor" "openssl-signature_algorithm" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "00c6x4ha7qiaaf88qdbyf240mk146zz78rbm4qwyaxmwlmk7q933"; type = "gem"; }; version = "1.3.0"; }; crack = { - dependencies = ["rexml"]; - groups = ["default" "test"]; - platforms = []; + dependencies = [ "rexml" ]; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1cr1kfpw3vkhysvkk3wg7c54m75kd68mbm9rs5azdjdq57xid13r"; type = "gem"; }; version = "0.4.5"; }; crass = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0pfl5c0pyqaparxaqxi6s4gfl21bdldwiawrc0aknyvflli60lfw"; type = "gem"; }; version = "1.0.6"; }; css_parser = { - dependencies = ["addressable"]; - groups = ["default"]; - platforms = []; + dependencies = [ "addressable" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "04q1vin8slr3k8mp76qz0wqgap6f9kdsbryvgfq9fljhrm463kpj"; type = "gem"; }; version = "1.14.0"; }; date = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "03skfikihpx37rc27vr3hwrb057gxnmdzxhmzd4bf4jpkl0r55w1"; type = "gem"; }; version = "3.3.3"; }; debug_inspector = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "01l678ng12rby6660pmwagmyg8nccvjfgs3487xna7ay378a59ga"; type = "gem"; }; version = "1.1.0"; }; devise = { - dependencies = ["bcrypt" "orm_adapter" "railties" "responders" "warden"]; - groups = ["default" "pam_authentication"]; - platforms = []; + dependencies = [ "bcrypt" "orm_adapter" "railties" "responders" "warden" ]; + groups = [ "default" "pam_authentication" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0vpd7d61d4pfmyb2plnnv82wmczzlhw4k4gjhd2fv4r6vq8ilqqi"; type = "gem"; }; version = "4.9.2"; }; devise-two-factor = { - dependencies = ["activesupport" "attr_encrypted" "devise" "railties" "rotp"]; - groups = ["default"]; - platforms = []; + dependencies = + [ "activesupport" "attr_encrypted" "devise" "railties" "rotp" ]; + groups = [ "default" ]; + platforms = [ ]; source = { fetchSubmodules = false; rev = "e685f91ce62d036259885fbe31fcb4fa930bcfcb"; @@ -681,784 +746,823 @@ version = "4.0.2"; }; devise_pam_authenticatable2 = { - dependencies = ["devise" "rpam2"]; - groups = ["pam_authentication"]; - platforms = []; + dependencies = [ "devise" "rpam2" ]; + groups = [ "pam_authentication" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "13ipl52pkhc6vxp8ca31viwv01237bi2bfk3b1fixq1x46nf87p2"; type = "gem"; }; version = "9.2.0"; }; diff-lcs = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0rwvjahnp7cpmracd8x732rjgnilqv2sx7d1gfrysslc3h039fa9"; type = "gem"; }; version = "1.5.0"; }; discard = { - dependencies = ["activerecord"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activerecord" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1xavjhccyyzn9z6fz3034vgvzprc983mbrq6n9sc0drfw7m3vrip"; type = "gem"; }; version = "1.2.1"; }; docile = { - groups = ["default" "test"]; - platforms = []; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1lxqxgq71rqwj1lpl9q1mbhhhhhhdkkj7my341f2889pwayk85sz"; type = "gem"; }; version = "1.4.0"; }; domain_name = { - dependencies = ["unf"]; - groups = ["default"]; - platforms = []; + dependencies = [ "unf" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0lcqjsmixjp52bnlgzh4lg9ppsk52x9hpwdjd53k8jnbah2602h0"; type = "gem"; }; version = "0.5.20190701"; }; doorkeeper = { - dependencies = ["railties"]; - groups = ["default"]; - platforms = []; + dependencies = [ "railties" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1q2pywgyn6cbnm0fh3dln5z1qgd1g8hvb4x8rppjc1bpfxnfhi13"; type = "gem"; }; version = "5.6.6"; }; dotenv = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1n0pi8x8ql5h1mijvm8lgn6bhq4xjb5a500p5r1krq4s6j9lg565"; type = "gem"; }; version = "2.8.1"; }; dotenv-rails = { - dependencies = ["dotenv" "railties"]; - groups = ["default"]; - platforms = []; + dependencies = [ "dotenv" "railties" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0v0gcbxzypcvy6fqq4gp80jb310xvdwj5n8qw9ci67g5yjvq2nxh"; type = "gem"; }; version = "2.8.1"; }; ed25519 = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0zb2dr2ihb1qiknn5iaj1ha1w9p7lj9yq5waasndlfadz225ajji"; type = "gem"; }; version = "1.3.0"; }; elasticsearch = { - dependencies = ["elasticsearch-api" "elasticsearch-transport"]; - groups = ["default"]; - platforms = []; + dependencies = [ "elasticsearch-api" "elasticsearch-transport" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0havyxmvl157a653prspnbhgdchlx44xqxl170v1im5ggxwavcaq"; type = "gem"; }; version = "7.13.3"; }; elasticsearch-api = { - dependencies = ["multi_json"]; - groups = ["default"]; - platforms = []; + dependencies = [ "multi_json" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0bmssarkk7lqkjdn8c9j7jvxcnn4hg1zcmhsky8bfvc99k33b3w8"; type = "gem"; }; version = "7.13.3"; }; elasticsearch-dsl = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "174m3fwm3mawbkjg2xbmqvljq7ava4s95m8vpg5khcvfj506wxfk"; type = "gem"; }; version = "0.1.10"; }; elasticsearch-transport = { - dependencies = ["faraday" "multi_json"]; - groups = ["default"]; - platforms = []; + dependencies = [ "faraday" "multi_json" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0blfii8qvj0m6bg9sbfynxc40in7zfmw2wpi4clv7d9gclk053db"; type = "gem"; }; version = "7.13.3"; }; encryptor = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0s8rvfl0vn8w7k1sgkc234060jh468s3zd45xa64p1jdmfa3zwmb"; type = "gem"; }; version = "3.0.0"; }; erubi = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "08s75vs9cxlc4r1q2bjg4br8g9wc5lc5x5vl0vv4zq5ivxsdpgi7"; type = "gem"; }; version = "1.12.0"; }; et-orbi = { - dependencies = ["tzinfo"]; - groups = ["default"]; - platforms = []; + dependencies = [ "tzinfo" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1d2z4ky2v15dpcz672i2p7lb2nc793dasq3yq3660h2az53kss9v"; type = "gem"; }; version = "1.2.7"; }; excon = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0j826kfvzn7nc5pv950n270r0sx1702k988ad11cdlav3dcxxw09"; type = "gem"; }; version = "0.99.0"; }; fabrication = { - groups = ["development" "test"]; - platforms = []; + groups = [ "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0bxssmjp49whzq2zv7w751gr4nkdaiwcxd1vda0byigwyrnj6f5q"; type = "gem"; }; version = "2.30.0"; }; faker = { - dependencies = ["i18n"]; - groups = ["test"]; - platforms = []; + dependencies = [ "i18n" ]; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1i3l58jrcapkp70v3swr0x4s6bj1101920al50wsaaj9dv0vhvm7"; type = "gem"; }; version = "3.2.0"; }; faraday = { - dependencies = ["faraday-em_http" "faraday-em_synchrony" "faraday-excon" "faraday-httpclient" "faraday-multipart" "faraday-net_http" "faraday-net_http_persistent" "faraday-patron" "faraday-rack" "faraday-retry" "ruby2_keywords"]; - groups = ["default"]; - platforms = []; + dependencies = [ + "faraday-em_http" + "faraday-em_synchrony" + "faraday-excon" + "faraday-httpclient" + "faraday-multipart" + "faraday-net_http" + "faraday-net_http_persistent" + "faraday-patron" + "faraday-rack" + "faraday-retry" + "ruby2_keywords" + ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1c760q0ks4vj4wmaa7nh1dgvgqiwaw0mjr7v8cymy7i3ffgjxx90"; type = "gem"; }; version = "1.10.3"; }; faraday-em_http = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "12cnqpbak4vhikrh2cdn94assh3yxza8rq2p9w2j34bqg5q4qgbs"; type = "gem"; }; version = "1.0.0"; }; faraday-em_synchrony = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1vgrbhkp83sngv6k4mii9f2s9v5lmp693hylfxp2ssfc60fas3a6"; type = "gem"; }; version = "1.0.0"; }; faraday-excon = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0h09wkb0k0bhm6dqsd47ac601qiaah8qdzjh8gvxfd376x1chmdh"; type = "gem"; }; version = "1.1.0"; }; faraday-httpclient = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0fyk0jd3ks7fdn8nv3spnwjpzx2lmxmg2gh4inz3by1zjzqg33sc"; type = "gem"; }; version = "1.0.1"; }; faraday-multipart = { - dependencies = ["multipart-post"]; - groups = ["default"]; - platforms = []; + dependencies = [ "multipart-post" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "09871c4hd7s5ws1wl4gs7js1k2wlby6v947m2bbzg43pnld044lh"; type = "gem"; }; version = "1.0.4"; }; faraday-net_http = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1fi8sda5hc54v1w3mqfl5yz09nhx35kglyx72w7b8xxvdr0cwi9j"; type = "gem"; }; version = "1.0.1"; }; faraday-net_http_persistent = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0dc36ih95qw3rlccffcb0vgxjhmipsvxhn6cw71l7ffs0f7vq30b"; type = "gem"; }; version = "1.2.0"; }; faraday-patron = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "19wgsgfq0xkski1g7m96snv39la3zxz6x7nbdgiwhg5v82rxfb6w"; type = "gem"; }; version = "1.0.0"; }; faraday-rack = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1h184g4vqql5jv9s9im6igy00jp6mrah2h14py6mpf9bkabfqq7g"; type = "gem"; }; version = "1.0.0"; }; faraday-retry = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "153i967yrwnswqgvnnajgwp981k9p50ys1h80yz3q94rygs59ldd"; type = "gem"; }; version = "1.0.3"; }; fast_blank = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1shpmamyzyhyxmv95r96ja5rylzaw60r19647d0fdm7y2h2c77r6"; type = "gem"; }; version = "1.0.1"; }; fastimage = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0nnggg20za5vamdpkgrxxa32z33d8hf0g2bciswkhqnc6amb3yjr"; type = "gem"; }; version = "2.2.6"; }; ffi = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1862ydmclzy1a0cjbvm8dz7847d9rch495ib0zb64y84d3xd4bkg"; type = "gem"; }; version = "1.15.5"; }; ffi-compiler = { - dependencies = ["ffi" "rake"]; - groups = ["default"]; - platforms = []; + dependencies = [ "ffi" "rake" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0c2caqm9wqnbidcb8dj4wd3s902z15qmgxplwyfyqbwa0ydki7q1"; type = "gem"; }; version = "1.0.1"; }; fog-core = { - dependencies = ["builder" "excon" "formatador" "mime-types"]; - groups = ["default"]; - platforms = []; + dependencies = [ "builder" "excon" "formatador" "mime-types" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1agd6xgzk0rxrsjdpn94v4hy89s0nm2cs4zg2p880w2dan9xgrak"; type = "gem"; }; version = "2.1.0"; }; fog-json = { - dependencies = ["fog-core" "multi_json"]; - groups = ["default"]; - platforms = []; + dependencies = [ "fog-core" "multi_json" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1zj8llzc119zafbmfa4ai3z5s7c4vp9akfs0f9l2piyvcarmlkyx"; type = "gem"; }; version = "1.2.0"; }; fog-openstack = { - dependencies = ["fog-core" "fog-json" "ipaddress"]; - groups = ["default"]; - platforms = []; + dependencies = [ "fog-core" "fog-json" "ipaddress" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "11j18h61d3p0pcp9k5346lbj1lahab1dqybkrx9338932lmjn7ap"; type = "gem"; }; version = "0.3.10"; }; formatador = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0mprf1dwznz5ld0q1jpbyl59fwnwk6azspnd0am7zz7kfg3pxhv5"; type = "gem"; }; version = "0.3.0"; }; fugit = { - dependencies = ["et-orbi" "raabro"]; - groups = ["default"]; - platforms = []; + dependencies = [ "et-orbi" "raabro" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1cm2lrvhrpqq19hbdsxf4lq2nkb2qdldbdxh3gvi15l62dlb5zqq"; type = "gem"; }; version = "1.8.1"; }; fuubar = { - dependencies = ["rspec-core" "ruby-progressbar"]; - groups = ["development" "test"]; - platforms = []; + dependencies = [ "rspec-core" "ruby-progressbar" ]; + groups = [ "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1028vn7j3kc5qqwswrf3has3qm4j9xva70xmzb3n29i89f0afwmj"; type = "gem"; }; version = "2.5.1"; }; globalid = { - dependencies = ["activesupport"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "activesupport" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0kqm5ndzaybpnpxqiqkc41k4ksyxl41ln8qqr6kb130cdxsf2dxk"; type = "gem"; }; version = "1.1.0"; }; haml = { - dependencies = ["temple" "thor" "tilt"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "temple" "thor" "tilt" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1vcr5wcvfbsq91302playk3i98wdisspkybcmajl04agv4k8xr68"; type = "gem"; }; version = "6.1.1"; }; haml-rails = { - dependencies = ["actionpack" "activesupport" "haml" "railties"]; - groups = ["default"]; - platforms = []; + dependencies = [ "actionpack" "activesupport" "haml" "railties" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1sjrdwc4azzfpsp2xk0365z031482gcrs0c54d5wx0igkqca0fr7"; type = "gem"; }; version = "2.1.0"; }; haml_lint = { - dependencies = ["haml" "parallel" "rainbow" "rubocop" "sysexits"]; - groups = ["development"]; - platforms = []; + dependencies = [ "haml" "parallel" "rainbow" "rubocop" "sysexits" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1yz5g7ffyv99vd9x3yj64ba4zv2bd71gmgrf60a3kc8m1cvc1z5p"; type = "gem"; }; version = "0.45.0"; }; hashdiff = { - groups = ["default" "test"]; - platforms = []; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1nynpl0xbj0nphqx1qlmyggq58ms1phf5i03hk64wcc0a17x1m1c"; type = "gem"; }; version = "1.0.1"; }; hashie = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1nh3arcrbz1rc1cr59qm53sdhqm137b258y8rcb4cvd3y98lwv4x"; type = "gem"; }; version = "5.0.0"; }; hcaptcha = { - dependencies = ["json"]; - groups = ["default"]; - platforms = []; + dependencies = [ "json" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0fh6391zlv2ikvzqj2gymb70k1avk1j9da8bzgw0scsz2wqq98m2"; type = "gem"; }; version = "7.1.0"; }; highline = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1f8cr014j7mdqpdb9q17fp5vb5b8n1pswqaif91s3ylg5x3pygfn"; type = "gem"; }; version = "2.1.0"; }; hiredis = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "04jj8k7lxqxw24sp0jiravigdkgsyrpprxpxm71ba93x1wr2w1bz"; type = "gem"; }; version = "0.6.3"; }; hkdf = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "04fixg0a51n4vy0j6c1hvisa2yl33m3jrrpxpb5sq6j511vjriil"; type = "gem"; }; version = "0.3.0"; }; htmlentities = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1nkklqsn8ir8wizzlakncfv42i32wc0w9hxp00hvdlgjr7376nhj"; type = "gem"; }; version = "4.3.4"; }; http = { - dependencies = ["addressable" "http-cookie" "http-form_data" "llhttp-ffi"]; - groups = ["default"]; - platforms = []; + dependencies = + [ "addressable" "http-cookie" "http-form_data" "llhttp-ffi" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1bzb8p31kzv6q5p4z5xq88mnqk414rrw0y5rkhpnvpl29x5c3bpw"; type = "gem"; }; version = "5.1.1"; }; http-cookie = { - dependencies = ["domain_name"]; - groups = ["default"]; - platforms = []; + dependencies = [ "domain_name" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "13rilvlv8kwbzqfb644qp6hrbsj82cbqmnzcvqip1p6vqx36sxbk"; type = "gem"; }; version = "1.0.5"; }; http-form_data = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1wx591jdhy84901pklh1n9sgh74gnvq1qyqxwchni1yrc49ynknc"; type = "gem"; }; version = "2.3.0"; }; http_accept_language = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0d0nlfz9vm4jr1l6q0chx4rp2hrnrfbx3gadc1dz930lbbaz0hq0"; type = "gem"; }; version = "2.1.1"; }; httpclient = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "19mxmvghp7ki3klsxwrlwr431li7hm1lczhhj8z4qihl2acy8l99"; type = "gem"; }; version = "2.8.3"; }; httplog = { - dependencies = ["rack" "rainbow"]; - groups = ["default"]; - platforms = []; + dependencies = [ "rack" "rainbow" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0zjsgrlvwpqsnrza4ijlxjld4550c661sgbqp2j2wp638nlnls1a"; type = "gem"; }; version = "1.6.2"; }; i18n = { - dependencies = ["concurrent-ruby"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ "concurrent-ruby" ]; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1vdcchz7jli1p0gnc669a7bj3q1fv09y9ppf0y3k0vb1jwdwrqwi"; type = "gem"; }; version = "1.12.0"; }; i18n-tasks = { - dependencies = ["activesupport" "ast" "better_html" "erubi" "highline" "i18n" "parser" "rails-i18n" "rainbow" "terminal-table"]; - groups = ["development" "test"]; - platforms = []; + dependencies = [ + "activesupport" + "ast" + "better_html" + "erubi" + "highline" + "i18n" + "parser" + "rails-i18n" + "rainbow" + "terminal-table" + ]; + groups = [ "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "19zkcsqwzc3i6vizj26mxxww6m5grv9zmp6yxyswbqq9kyzb081z"; type = "gem"; }; version = "1.0.12"; }; idn-ruby = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0dy04jx3n1ddz744b80mg7hp87miysnjp0h21lqr43hpmhdglxih"; type = "gem"; }; version = "0.1.5"; }; ipaddress = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1x86s0s11w202j6ka40jbmywkrx8fhq8xiy8mwvnkhllj57hqr45"; type = "gem"; }; version = "0.8.3"; }; jmespath = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1cdw9vw2qly7q7r41s7phnac264rbsdqgj4l0h4nqgbjb157g393"; type = "gem"; }; version = "1.6.2"; }; json = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0nalhin1gda4v8ybk6lq8f407cgfrj6qzn234yra4ipkmlbfmal6"; type = "gem"; }; version = "2.6.3"; }; json-canonicalization = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0zc3ndnp4rjqg98cy2dd9x266vk23rz4mpl8afwn26vj49si56av"; type = "gem"; }; version = "0.3.1"; }; json-jwt = { - dependencies = ["activesupport" "aes_key_wrap" "bindata" "httpclient"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" "aes_key_wrap" "bindata" "httpclient" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "04315mf4p9qa97grdfqv922paghzdfrbb982ap0p99rqwla4znv6"; type = "gem"; }; version = "1.15.3"; }; json-ld = { - dependencies = ["htmlentities" "json-canonicalization" "link_header" "multi_json" "rack" "rdf"]; - groups = ["default"]; - platforms = []; + dependencies = [ + "htmlentities" + "json-canonicalization" + "link_header" + "multi_json" + "rack" + "rdf" + ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "02lz2fgqmp3dr5q05hagk01knds69n33k0ljjgdj9a7ajapwgvhf"; type = "gem"; }; version = "3.2.4"; }; json-ld-preloaded = { - dependencies = ["json-ld" "rdf"]; - groups = ["default"]; - platforms = []; + dependencies = [ "json-ld" "rdf" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "004s52m37b2kbw8dv4rdfm2d90h1023z1mw9zfcs0x87v8aq7zyn"; type = "gem"; }; version = "3.2.2"; }; json-schema = { - dependencies = ["addressable"]; - groups = ["test"]; - platforms = []; + dependencies = [ "addressable" ]; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "155rygs093i8i04i38a97hs5icmqk2jkkhx76w31yxyr3bxfbgx3"; type = "gem"; }; version = "4.0.0"; }; jsonapi-renderer = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0ys4drd0k9rw5ixf8n8fx8v0pjh792w4myh0cpdspd317l1lpi5m"; type = "gem"; }; version = "0.2.2"; }; jwt = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "09yj3z5snhaawh2z1w45yyihzmh57m6m7dp8ra8gxavhj5kbiq5p"; type = "gem"; }; version = "2.7.0"; }; kaminari = { - dependencies = ["activesupport" "kaminari-actionview" "kaminari-activerecord" "kaminari-core"]; - groups = ["default"]; - platforms = []; + dependencies = [ + "activesupport" + "kaminari-actionview" + "kaminari-activerecord" + "kaminari-core" + ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0gia8irryvfhcr6bsr64kpisbgdbqjsqfgrk12a11incmpwny1y4"; type = "gem"; }; version = "1.2.2"; }; kaminari-actionview = { - dependencies = ["actionview" "kaminari-core"]; - groups = ["default"]; - platforms = []; + dependencies = [ "actionview" "kaminari-core" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "02f9ghl3a9b5q7l079d3yzmqjwkr4jigi7sldbps992rigygcc0k"; type = "gem"; }; version = "1.2.2"; }; kaminari-activerecord = { - dependencies = ["activerecord" "kaminari-core"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activerecord" "kaminari-core" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0c148z97s1cqivzbwrak149z7kl1rdmj7dxk6rpkasimmdxsdlqd"; type = "gem"; }; version = "1.2.2"; }; kaminari-core = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1zw3pg6kj39y7jxakbx7if59pl28lhk98fx71ks5lr3hfgn6zliv"; type = "gem"; }; version = "1.2.2"; }; kt-paperclip = { - dependencies = ["activemodel" "activesupport" "marcel" "mime-types" "terrapin"]; - groups = ["default"]; - platforms = []; + dependencies = + [ "activemodel" "activesupport" "marcel" "mime-types" "terrapin" ]; + groups = [ "default" ]; + platforms = [ ]; source = { fetchSubmodules = false; rev = "11abf222dc31bff71160a1d138b445214f434b2b"; @@ -1469,761 +1573,798 @@ version = "7.1.1"; }; launchy = { - dependencies = ["addressable"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "addressable" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "06r43899384das2bkbrpsdxsafyyqa94il7111053idfalb4984a"; type = "gem"; }; version = "2.5.2"; }; letter_opener = { - dependencies = ["launchy"]; - groups = ["development"]; - platforms = []; + dependencies = [ "launchy" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1y5d4ip4l12v58bgazadl45iv3a5j7jp2gwg96b6jy378zn42a1d"; type = "gem"; }; version = "1.8.1"; }; letter_opener_web = { - dependencies = ["actionmailer" "letter_opener" "railties" "rexml"]; - groups = ["development"]; - platforms = []; + dependencies = [ "actionmailer" "letter_opener" "railties" "rexml" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0vvvaz2ngaxv0s6sj25gdvp73vd8pfl8q3jharadg18p3va0m1ik"; type = "gem"; }; version = "2.0.0"; }; link_header = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1yamrdq4rywmnpdhbygnkkl9fdy249fg5r851nrkkxr97gj5rihm"; type = "gem"; }; version = "0.0.8"; }; llhttp-ffi = { - dependencies = ["ffi-compiler" "rake"]; - groups = ["default"]; - platforms = []; + dependencies = [ "ffi-compiler" "rake" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "00dh6zmqdj59rhcya0l4b9aaxq6n8xizfbil93k0g06gndyk5xz5"; type = "gem"; }; version = "0.4.0"; }; lograge = { - dependencies = ["actionpack" "activesupport" "railties" "request_store"]; - groups = ["production"]; - platforms = []; + dependencies = [ "actionpack" "activesupport" "railties" "request_store" ]; + groups = [ "production" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "15pjm9pa5m3mbv9xvfgfr16q4jyaznsg8y63jz9x4jqr8npw0vx3"; type = "gem"; }; version = "0.12.0"; }; loofah = { - dependencies = ["crass" "nokogiri"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ "crass" "nokogiri" ]; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1mi4ia13fisc97fzd8xcd9wkjdki7zfbmdn1xkdzplicir68gyp8"; type = "gem"; }; version = "2.20.0"; }; mail = { - dependencies = ["mini_mime" "net-imap" "net-pop" "net-smtp"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "mini_mime" "net-imap" "net-pop" "net-smtp" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1bf9pysw1jfgynv692hhaycfxa8ckay1gjw5hz3madrbrynryfzc"; type = "gem"; }; version = "2.8.1"; }; makara = { - dependencies = ["activerecord"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activerecord" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0a6x6w1ij484s1z0wp667d6v0zb8bylhhr3av10yz60a2nz4r1l7"; type = "gem"; }; version = "0.5.1"; }; marcel = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0kky3yiwagsk8gfbzn3mvl2fxlh3b39v6nawzm4wpjs6xxvvc4x0"; type = "gem"; }; version = "1.0.2"; }; mario-redis-lock = { - dependencies = ["redis"]; - groups = ["default"]; - platforms = []; + dependencies = [ "redis" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1v9wdjcjqzpns2migxp4a5b4w82mipi0fwihbqz3q2qj2qm7wc17"; type = "gem"; }; version = "1.2.1"; }; matrix = { - groups = ["default" "test"]; - platforms = []; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1h2cgkpzkh3dd0flnnwfq6f3nl2b1zff9lvqz8xs853ssv5kq23i"; type = "gem"; }; version = "0.4.2"; }; memory_profiler = { - groups = ["development"]; - platforms = []; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1c81d68r4wx0ckbmqxlfqc2qpd94jwcmqdm0xgr0s46r48pv9k9q"; type = "gem"; }; version = "1.0.1"; }; method_source = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1pnyh44qycnf9mzi1j6fywd5fkskv3x7nmsqrrws0rjn5dd4ayfp"; type = "gem"; }; version = "1.0.0"; }; mime-types = { - dependencies = ["mime-types-data"]; - groups = ["default"]; - platforms = []; + dependencies = [ "mime-types-data" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0ipw892jbksbxxcrlx9g5ljq60qx47pm24ywgfbyjskbcl78pkvb"; type = "gem"; }; version = "3.4.1"; }; mime-types-data = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1pky3vzaxlgm9gw5wlqwwi7wsw3jrglrfflrppvvnsrlaiz043z9"; type = "gem"; }; version = "3.2023.0218.1"; }; mini_mime = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0lbim375gw2dk6383qirz13hgdmxlan0vc5da2l072j3qw6fqjm5"; type = "gem"; }; version = "1.1.2"; }; mini_portile2 = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1af4yarhbbx62f7qsmgg5fynrik0s36wjy3difkawy536xg343mp"; type = "gem"; }; version = "2.8.1"; }; minitest = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0ic7i5z88zcaqnpzprf7saimq2f6sad57g5mkkqsrqrcd6h3mx06"; type = "gem"; }; version = "5.18.0"; }; msgpack = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "172ky0r1jfcm3xyg067pia7k1lhc15vw9svv93max120gcdbrvji"; type = "gem"; }; version = "1.7.0"; }; multi_json = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0pb1g1y3dsiahavspyzkdy39j4q377009f6ix0bh1ag4nqw43l0z"; type = "gem"; }; version = "1.15.0"; }; multipart-post = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0lgyysrpl50wgcb9ahg29i4p01z0irb3p9lirygma0kkfr5dgk9x"; type = "gem"; }; version = "2.3.0"; }; net-http = { - dependencies = ["uri"]; - groups = ["default"]; - platforms = []; + dependencies = [ "uri" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0y55ib1v2b8prqfi9ij7hca60b1j94s2bzr6vskwi3i5735472wq"; type = "gem"; }; version = "0.3.2"; }; net-imap = { - dependencies = ["date" "net-protocol"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "date" "net-protocol" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1d996zf3g8xz244791b0qsl9vr7zg4lqnnmf9k2kshr9lki5jam8"; type = "gem"; }; version = "0.3.4"; }; net-ldap = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0xqcffn3c1564c4fizp10dzw2v5g2pabdzrcn25hq05bqhsckbar"; type = "gem"; }; version = "0.18.0"; }; net-pop = { - dependencies = ["net-protocol"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "net-protocol" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1wyz41jd4zpjn0v1xsf9j778qx1vfrl24yc20cpmph8k42c4x2w4"; type = "gem"; }; version = "0.1.2"; }; net-protocol = { - dependencies = ["timeout"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "timeout" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0dxckrlw4q1lcn3qg4mimmjazmg9bma5gllv72f8js3p36fb3b91"; type = "gem"; }; version = "0.2.1"; }; net-scp = { - dependencies = ["net-ssh"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "net-ssh" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1si2nq9l6jy5n2zw1q59a5gaji7v9vhy8qx08h4fg368906ysbdk"; type = "gem"; }; version = "4.0.0"; }; net-smtp = { - dependencies = ["net-protocol"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "net-protocol" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1c6md06hm5bf6rv53sk54dl2vg038pg8kglwv3rayx0vk2mdql9x"; type = "gem"; }; version = "0.3.3"; }; net-ssh = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0yx0pb5fmziz92bw8qzbh8vf20lr56nd3s6q8h0gsgr307lki687"; type = "gem"; }; version = "7.1.0"; }; nio4r = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0w9978zwjf1qhy3amkivab0f9syz6a7k0xgydjidaf7xc831d78f"; type = "gem"; }; version = "2.5.9"; }; nokogiri = { - dependencies = ["mini_portile2" "racc"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ "mini_portile2" "racc" ]; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0fnw0z8zl8b5k35g9m5hhc1g4s6ajzjinhyxnqjrx7l7p07fw71v"; type = "gem"; }; version = "1.14.3"; }; nsa = { - dependencies = ["activesupport" "concurrent-ruby" "sidekiq" "statsd-ruby"]; - groups = ["default"]; - platforms = []; + dependencies = + [ "activesupport" "concurrent-ruby" "sidekiq" "statsd-ruby" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1jzs1n71pi6najhs9h8jx156gzgk3h9bwjr60vazizwdz3mm69ia"; type = "gem"; }; version = "0.2.8"; }; oj = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0l8l90iibzrxs33vn3adrhbg8cbmbn1qfh962p7gzwwybsdw73qy"; type = "gem"; }; version = "3.14.3"; }; omniauth = { - dependencies = ["hashie" "rack"]; - groups = ["default"]; - platforms = []; + dependencies = [ "hashie" "rack" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1jn9j54l5h7xcba2vjq74l1dk0xrwvsjxam4qhylpi52nw0h5502"; type = "gem"; }; version = "1.9.2"; }; omniauth-cas = { - dependencies = ["addressable" "nokogiri" "omniauth"]; - groups = ["default"]; - platforms = []; + dependencies = [ "addressable" "nokogiri" "omniauth" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0kzlh1nac4yz70917cdcsk0r23gy5h7i0x5kbmkvkpbgk6gvrb0z"; type = "gem"; }; version = "2.0.0"; }; omniauth-rails_csrf_protection = { - dependencies = ["actionpack" "omniauth"]; - groups = ["default"]; - platforms = []; + dependencies = [ "actionpack" "omniauth" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0xgkxwg17w39q3yjqcj0fm6hdkw37qm1l82dvm9zxn6q2pbzm2zv"; type = "gem"; }; version = "0.1.2"; }; omniauth-saml = { - dependencies = ["omniauth" "ruby-saml"]; - groups = ["default"]; - platforms = []; + dependencies = [ "omniauth" "ruby-saml" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0gxl14lbksnjkl8dfn23lsjkk63md77icm5racrh6fsp5n4ni9d4"; type = "gem"; }; version = "1.10.3"; }; omniauth_openid_connect = { - dependencies = ["omniauth" "openid_connect"]; - groups = ["default"]; - platforms = []; + dependencies = [ "omniauth" "openid_connect" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "08yl0x203k6nrshc70zawfqh79ap1c3fyka9zwwy61cvn7sih4sz"; type = "gem"; }; version = "0.6.1"; }; openid_connect = { - dependencies = ["activemodel" "attr_required" "json-jwt" "net-smtp" "rack-oauth2" "swd" "tzinfo" "validate_email" "validate_url" "webfinger"]; - groups = ["default"]; - platforms = []; + dependencies = [ + "activemodel" + "attr_required" + "json-jwt" + "net-smtp" + "rack-oauth2" + "swd" + "tzinfo" + "validate_email" + "validate_url" + "webfinger" + ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1k9kdivp45v6vhzdrnl5fzhd378gjj2hl4w9bazbqnfm15rsnzc8"; type = "gem"; }; version = "1.4.2"; }; openssl = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0c649921vg2l939z5cc3jwd8p1v49099pdhxfk7sb9qqx5wi5873"; type = "gem"; }; version = "3.1.0"; }; openssl-signature_algorithm = { - dependencies = ["openssl"]; - groups = ["default"]; - platforms = []; + dependencies = [ "openssl" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "103yjl68wqhl5kxaciir5jdnyi7iv9yckishdr52s5knh9g0pd53"; type = "gem"; }; version = "1.3.0"; }; orm_adapter = { - groups = ["default" "pam_authentication"]; - platforms = []; + groups = [ "default" "pam_authentication" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1fg9jpjlzf5y49qs9mlpdrgs5rpcyihq1s4k79nv9js0spjhnpda"; type = "gem"; }; version = "0.5.0"; }; ox = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0i1qq88cwh9pccg59whg50rpkgdfrijn4q6k5p3clwrjqgm56lrd"; type = "gem"; }; version = "2.14.16"; }; parallel = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0jcc512l38c0c163ni3jgskvq1vc3mr8ly5pvjijzwvfml9lf597"; type = "gem"; }; version = "1.23.0"; }; parser = { - dependencies = ["ast"]; - groups = ["default" "development" "test"]; - platforms = []; + dependencies = [ "ast" ]; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "08f89nssj7ws7sjfvc2fcjpfm83sjgmniyh0npnmpqf5sfv44r8x"; type = "gem"; }; version = "3.2.2.1"; }; parslet = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "01pnw6ymz6nynklqvqxs4bcai25kcvnd5x4id9z3vd1rbmlk0lfl"; type = "gem"; }; version = "2.0.0"; }; pastel = { - dependencies = ["tty-color"]; - groups = ["default"]; - platforms = []; + dependencies = [ "tty-color" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0xash2gj08dfjvq4hy6l1z22s5v30fhizwgs10d6nviggpxsj7a8"; type = "gem"; }; version = "0.8.0"; }; pg = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1qja5f6k9v3jjip7mv3qjgx7rwmk1663cxz8jnb589znvj4wxd9l"; type = "gem"; }; version = "1.5.2"; }; pghero = { - dependencies = ["activerecord"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activerecord" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "002v32dzyyr29xd9cdsqp55g5gx19skvq9b4a4hr9lrs4i1xsavm"; type = "gem"; }; version = "3.3.3"; }; pkg-config = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "02fw2pzrmvwp67nbndpy8a2ln74fd8kmsiffw77z7g1mp58ww651"; type = "gem"; }; version = "1.5.1"; }; posix-spawn = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0cmb0svalqcxfzlzc5fvrci12b79x7bakasr8gkl3q5rz6di1q52"; type = "gem"; }; version = "0.3.15"; }; premailer = { - dependencies = ["addressable" "css_parser" "htmlentities"]; - groups = ["default"]; - platforms = []; + dependencies = [ "addressable" "css_parser" "htmlentities" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "10rzwdz43yy20lwzsr2as6aivhvwjvqh4nd48sa0ga57sizf1fb4"; type = "gem"; }; version = "1.21.0"; }; premailer-rails = { - dependencies = ["actionmailer" "net-smtp" "premailer"]; - groups = ["default"]; - platforms = []; + dependencies = [ "actionmailer" "net-smtp" "premailer" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0004f73kgrglida336fqkgx906m6n05nnfc17mypzg5rc78iaf61"; type = "gem"; }; version = "1.12.0"; }; private_address_check = { - groups = ["production" "test"]; - platforms = []; + groups = [ "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "05phz0vscfh9chv90yc9091pifw3cpwkh76flnhrmvja1q3na4cy"; type = "gem"; }; version = "0.5.0"; }; public_suffix = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0hz0bx2qs2pwb0bwazzsah03ilpf3aai8b7lk7s35jsfzwbkjq35"; type = "gem"; }; version = "5.0.1"; }; puma = { - dependencies = ["nio4r"]; - groups = ["default"]; - platforms = []; + dependencies = [ "nio4r" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0yf4jmkyy8das7pj1xzwllfvzkhq2p6p534j61d9h4wz3nfyf0s5"; type = "gem"; }; version = "6.2.2"; }; pundit = { - dependencies = ["activesupport"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1wb03yzy1j41822rbfh9nn77im3zh1f5v8di05cd8rsrdpws542b"; type = "gem"; }; version = "2.3.0"; }; raabro = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "10m8bln9d00dwzjil1k42i5r7l82x25ysbi45fwyv4932zsrzynl"; type = "gem"; }; version = "1.4.0"; }; racc = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "09jgz6r0f7v84a7jz9an85q8vvmp743dqcsdm3z9c8rqcqv6pljq"; type = "gem"; }; version = "1.6.2"; }; rack = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "16w217k9z02c4hqizym8dkj6bqmmzx4qdvqpnskgzf174a5pwdxk"; type = "gem"; }; version = "2.2.7"; }; rack-attack = { - dependencies = ["rack"]; - groups = ["default"]; - platforms = []; + dependencies = [ "rack" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "049s3y3dpl6dn478g912y6f9nzclnnkl30psrbc2w5kaihj5szhq"; type = "gem"; }; version = "6.6.1"; }; rack-cors = { - dependencies = ["rack"]; - groups = ["default"]; - platforms = []; + dependencies = [ "rack" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "02lvkg1nb4z3zc2nry545dap7a64bb9h2k8waxfz0jkabkgnpimw"; type = "gem"; }; version = "2.0.1"; }; rack-oauth2 = { - dependencies = ["activesupport" "attr_required" "httpclient" "json-jwt" "rack"]; - groups = ["default"]; - platforms = []; + dependencies = + [ "activesupport" "attr_required" "httpclient" "json-jwt" "rack" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1fknwsxz4429w1hndl6y30cmm2n34wmmaaj2hhp6jrm8ssfsfwjf"; type = "gem"; }; version = "1.21.3"; }; rack-proxy = { - dependencies = ["rack"]; - groups = ["default"]; - platforms = []; + dependencies = [ "rack" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1a62439xwn5v6hsl9s11hdk4wj58czhcbg7lminv23mnkc0ca147"; type = "gem"; }; version = "0.7.6"; }; rack-test = { - dependencies = ["rack"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ "rack" ]; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1ysx29gk9k14a14zsp5a8czys140wacvp91fja8xcja0j1hzqq8c"; type = "gem"; }; version = "2.1.0"; }; rails = { - dependencies = ["actioncable" "actionmailbox" "actionmailer" "actionpack" "actiontext" "actionview" "activejob" "activemodel" "activerecord" "activestorage" "activesupport" "railties" "sprockets-rails"]; - groups = ["default"]; - platforms = []; + dependencies = [ + "actioncable" + "actionmailbox" + "actionmailer" + "actionpack" + "actiontext" + "actionview" + "activejob" + "activemodel" + "activerecord" + "activestorage" + "activesupport" + "railties" + "sprockets-rails" + ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "07cs7qdkx6vwp66diwdy9g6mx52rsd8rxhbnsqf9bqam58g2aynj"; type = "gem"; }; version = "6.1.7.3"; }; rails-controller-testing = { - dependencies = ["actionpack" "actionview" "activesupport"]; - groups = ["test"]; - platforms = []; + dependencies = [ "actionpack" "actionview" "activesupport" ]; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "151f303jcvs8s149mhx2g5mn67487x0blrf9dzl76q1nb7dlh53l"; type = "gem"; }; version = "1.0.5"; }; rails-dom-testing = { - dependencies = ["activesupport" "nokogiri"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ "activesupport" "nokogiri" ]; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1lfq2a7kp2x64dzzi5p4cjcbiv62vxh9lyqk2f0rqq3fkzrw8h5i"; type = "gem"; }; version = "2.0.3"; }; rails-html-sanitizer = { - dependencies = ["loofah"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ "loofah" ]; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0ygav4xyq943qqyhjmi3mzirn180j565mc9h5j4css59x1sn0cmz"; type = "gem"; }; version = "1.5.0"; }; rails-i18n = { - dependencies = ["i18n" "railties"]; - groups = ["default" "development" "test"]; - platforms = []; + dependencies = [ "i18n" "railties" ]; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "05mcgv748vppnm3fnml37wjy3dw61wj8vfw14ldaj1yx1bmkhb07"; type = "gem"; }; version = "6.0.0"; }; rails-settings-cached = { - dependencies = ["rails"]; - groups = ["default"]; - platforms = []; + dependencies = [ "rails" ]; + groups = [ "default" ]; + platforms = [ ]; source = { fetchSubmodules = false; rev = "86328ef0bd04ce21cc0504ff5e334591e8c2ccab"; @@ -2234,903 +2375,936 @@ version = "0.6.6"; }; railties = { - dependencies = ["actionpack" "activesupport" "method_source" "rake" "thor"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = + [ "actionpack" "activesupport" "method_source" "rake" "thor" ]; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1d2snjnx1j848axppj2napy3zjgbka3fnw2528rcamhm6dp694nd"; type = "gem"; }; version = "6.1.7.3"; }; rainbow = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0smwg4mii0fm38pyb5fddbmrdpifwv22zv3d3px2xx497am93503"; type = "gem"; }; version = "3.1.1"; }; rake = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "15whn7p9nrkxangbs9hh75q585yfn66lv0v2mhj6q6dl6x8bzr2w"; type = "gem"; }; version = "13.0.6"; }; rdf = { - dependencies = ["link_header"]; - groups = ["default"]; - platforms = []; + dependencies = [ "link_header" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "097r6fc1gkb62lq0ny9xblvxrg84vdq9w1p6v0hjw20cdgracsdj"; type = "gem"; }; version = "3.2.10"; }; rdf-normalize = { - dependencies = ["rdf"]; - groups = ["default"]; - platforms = []; + dependencies = [ "rdf" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1dngmsk9wg1vws56pl87dys0ns4bcn9arf8ip6zxa0gypr3ifq3m"; type = "gem"; }; version = "0.5.1"; }; redcarpet = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1sg9sbf9pm91l7lac7fs4silabyn0vflxwaa2x3lrzsm0ff8ilca"; type = "gem"; }; version = "3.6.0"; }; redis = { - groups = ["default" "test"]; - platforms = []; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0fikjg6j12ka6hh36dxzhfkpqqmilzjfzcdf59iwkzsgd63f0ziq"; type = "gem"; }; version = "4.8.1"; }; redis-namespace = { - dependencies = ["redis"]; - groups = ["default"]; - platforms = []; + dependencies = [ "redis" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "154dfnrjpbv7fhwhfrcnp6jn9qv5qaj3mvlvbgkl7qy5qsknw71c"; type = "gem"; }; version = "1.10.0"; }; redlock = { - dependencies = ["redis"]; - groups = ["default"]; - platforms = []; + dependencies = [ "redis" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0xvjwfzq7rqj4k311kidwmv5app3i7glz4miys6ixqy6c8yylz3c"; type = "gem"; }; version = "1.3.2"; }; regexp_parser = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "17xizkw5ryw8hhq64iqxmzdrrdxpc5lhkqc1fgm1aj0zsk1r2950"; type = "gem"; }; version = "2.8.0"; }; request_store = { - dependencies = ["rack"]; - groups = ["default" "production"]; - platforms = []; + dependencies = [ "rack" ]; + groups = [ "default" "production" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "13ppgmsbrqah08j06bybd3cddv6dml79yzyjn7r8j1src78h98h7"; type = "gem"; }; version = "1.5.1"; }; responders = { - dependencies = ["actionpack" "railties"]; - groups = ["default" "pam_authentication"]; - platforms = []; + dependencies = [ "actionpack" "railties" ]; + groups = [ "default" "pam_authentication" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0m9s0mkkprrz02gxhq0ijlwjy0nx1j5yrjf8ssjnhyagnx03lyrx"; type = "gem"; }; version = "3.1.0"; }; rexml = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "08ximcyfjy94pm1rhcx04ny1vx2sk0x4y185gzn86yfsbzwkng53"; type = "gem"; }; version = "3.2.5"; }; rotp = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "10mmzc85y7andsich586ndykw678qn1ns2wpjxrg0sc0gr4w3pig"; type = "gem"; }; version = "6.2.2"; }; rpam2 = { - groups = ["default" "pam_authentication"]; - platforms = []; + groups = [ "default" "pam_authentication" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1zvli3s4z1hf2l7gyfickm5i3afjrnycc3ihbiax6ji6arpbyf33"; type = "gem"; }; version = "4.0.2"; }; rqrcode = { - dependencies = ["chunky_png" "rqrcode_core"]; - groups = ["default"]; - platforms = []; + dependencies = [ "chunky_png" "rqrcode_core" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0s97q1rqmw7rzsdr500hr4f2k6s24n8qk1klciz5q94zvdrygx3p"; type = "gem"; }; version = "2.1.2"; }; rqrcode_core = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "06ld6386hbdhy5h0k09axmgn424kavpc8f27k1vjhknjhbf8jjfg"; type = "gem"; }; version = "1.2.0"; }; rspec-core = { - dependencies = ["rspec-support"]; - groups = ["default" "development" "test"]; - platforms = []; + dependencies = [ "rspec-support" ]; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0l95bnjxdabrn79hwdhn2q1n7mn26pj7y1w5660v5qi81x458nqm"; type = "gem"; }; version = "3.12.2"; }; rspec-expectations = { - dependencies = ["diff-lcs" "rspec-support"]; - groups = ["default" "development" "test"]; - platforms = []; + dependencies = [ "diff-lcs" "rspec-support" ]; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "05j44jfqlv7j2rpxb5vqzf9hfv7w8ba46wwgxwcwd8p0wzi1hg89"; type = "gem"; }; version = "3.12.3"; }; rspec-mocks = { - dependencies = ["diff-lcs" "rspec-support"]; - groups = ["default" "development" "test"]; - platforms = []; + dependencies = [ "diff-lcs" "rspec-support" ]; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1hfm17xakfvwya236graj6c2arr4sb9zasp35q5fykhyz8mhs0w2"; type = "gem"; }; version = "3.12.5"; }; rspec-rails = { - dependencies = ["actionpack" "activesupport" "railties" "rspec-core" "rspec-expectations" "rspec-mocks" "rspec-support"]; - groups = ["development" "test"]; - platforms = []; + dependencies = [ + "actionpack" + "activesupport" + "railties" + "rspec-core" + "rspec-expectations" + "rspec-mocks" + "rspec-support" + ]; + groups = [ "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0d3fnabkaw8n0na2dpnlg2xygggj51djzpj9x6y5rkiqbfyqwv01"; type = "gem"; }; version = "6.0.1"; }; rspec-sidekiq = { - dependencies = ["rspec-core" "sidekiq"]; - groups = ["test"]; - platforms = []; + dependencies = [ "rspec-core" "sidekiq" ]; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1spzw3sc2p0n9qfb89y1v8igd60y7c5z9w2hjqqbbgbyjvy0agp8"; type = "gem"; }; version = "3.1.0"; }; rspec-support = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "12y52zwwb3xr7h91dy9k3ndmyyhr3mjcayk0nnarnrzz8yr48kfx"; type = "gem"; }; version = "3.12.0"; }; rspec_chunked = { - groups = ["development" "test"]; - platforms = []; + groups = [ "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0h4bsj3m7vb47qnx5bry4v0xscrb3lhg1f1vyxl524znb3i2qqzv"; type = "gem"; }; version = "0.6"; }; rspec_junit_formatter = { - dependencies = ["rspec-core"]; - groups = ["test"]; - platforms = []; + dependencies = [ "rspec-core" ]; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "059bnq1gcwl9g93cqf13zpz38zk7jxaa43anzz06qkmfwrsfdpa0"; type = "gem"; }; version = "0.6.0"; }; rubocop = { - dependencies = ["json" "parallel" "parser" "rainbow" "regexp_parser" "rexml" "rubocop-ast" "ruby-progressbar" "unicode-display_width"]; - groups = ["development" "test"]; - platforms = []; + dependencies = [ + "json" + "parallel" + "parser" + "rainbow" + "regexp_parser" + "rexml" + "rubocop-ast" + "ruby-progressbar" + "unicode-display_width" + ]; + groups = [ "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0l46lw5gfj3mcm982wpmx7br4rs466gyislv0hfwcsk8dxhv1zkw"; type = "gem"; }; version = "1.50.2"; }; rubocop-ast = { - dependencies = ["parser"]; - groups = ["default" "development" "test"]; - platforms = []; + dependencies = [ "parser" ]; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0n2gsafg6p7nr1z8i1hkvp2qqkkbg842ba183dnl0h08xd9ms6q5"; type = "gem"; }; version = "1.28.0"; }; rubocop-capybara = { - dependencies = ["rubocop"]; - groups = ["development" "test"]; - platforms = []; + dependencies = [ "rubocop" ]; + groups = [ "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "01fn05a87g009ch1sh00abdmgjab87i995msap26vxq1a5smdck6"; type = "gem"; }; version = "2.18.0"; }; rubocop-performance = { - dependencies = ["rubocop" "rubocop-ast"]; - groups = ["development" "test"]; - platforms = []; + dependencies = [ "rubocop" "rubocop-ast" ]; + groups = [ "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1z6i24r0485fxa5n4g3rhp88w589fifszhd1khbzya2iiknkjxkr"; type = "gem"; }; version = "1.17.1"; }; rubocop-rails = { - dependencies = ["activesupport" "rack" "rubocop"]; - groups = ["development" "test"]; - platforms = []; + dependencies = [ "activesupport" "rack" "rubocop" ]; + groups = [ "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "13gx0dmi5jhs4x2617jclwc57sy4gvw3v8l91dpgc63b8dpmcim6"; type = "gem"; }; version = "2.18.0"; }; rubocop-rspec = { - dependencies = ["rubocop" "rubocop-capybara"]; - groups = ["development" "test"]; - platforms = []; + dependencies = [ "rubocop" "rubocop-capybara" ]; + groups = [ "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1k8yh0nzlz0g8igmj5smnxq71qmi2b005nkl25wkpjkwvzn2wfdx"; type = "gem"; }; version = "2.19.0"; }; ruby-progressbar = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0cwvyb7j47m7wihpfaq7rc47zwwx9k4v7iqd9s1xch5nm53rrz40"; type = "gem"; }; version = "1.13.0"; }; ruby-saml = { - dependencies = ["nokogiri" "rexml"]; - groups = ["default"]; - platforms = []; + dependencies = [ "nokogiri" "rexml" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1706dyk5jdma75bnl9rhmx8vgzjw12ixnj3y32inmpcgzgsvs76k"; type = "gem"; }; version = "1.13.0"; }; ruby2_keywords = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1vz322p8n39hz3b4a9gkmz9y7a5jaz41zrm2ywf31dvkqm03glgz"; type = "gem"; }; version = "0.0.5"; }; rufus-scheduler = { - dependencies = ["fugit"]; - groups = ["default"]; - platforms = []; + dependencies = [ "fugit" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1as4yrb8y5lq49div8p3vqgwrrhdgwnvx4m73y3712nmnlpx6cws"; type = "gem"; }; version = "3.8.2"; }; safety_net_attestation = { - dependencies = ["jwt"]; - groups = ["default"]; - platforms = []; + dependencies = [ "jwt" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1khq0y5w7lf2b9a220298hphf3pakd216jc9a4x4a9pdwxs2vgln"; type = "gem"; }; version = "0.4.0"; }; sanitize = { - dependencies = ["crass" "nokogiri"]; - groups = ["default"]; - platforms = []; + dependencies = [ "crass" "nokogiri" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1ga8yzc9zj45m92ycwnzhzahkwvc3dp3lym5m3f3880hs4jhh7l3"; type = "gem"; }; version = "6.0.1"; }; scenic = { - dependencies = ["activerecord" "railties"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activerecord" "railties" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "04sd4jmgnwpilr3k061x87yyryya2mj15a8602fip49lfxza5548"; type = "gem"; }; version = "1.7.0"; }; semantic_range = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1dlp97vg95plrsaaqj7x8l7z9vsjbhnqk4rw1l30gy26lmxpfrih"; type = "gem"; }; version = "3.0.0"; }; sidekiq = { - dependencies = ["connection_pool" "rack" "redis"]; - groups = ["default" "test"]; - platforms = []; + dependencies = [ "connection_pool" "rack" "redis" ]; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1z2fx4fzgnw4rzj3h1h4sk6qbkp7p2rdr58b2spxgkcsdzg0i5hh"; type = "gem"; }; version = "6.5.8"; }; sidekiq-bulk = { - dependencies = ["sidekiq"]; - groups = ["default"]; - platforms = []; + dependencies = [ "sidekiq" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "08nyxzmgf742irafy3l4fj09d4s5pyvsh0dzlh8y4hl51rgkh4xv"; type = "gem"; }; version = "0.2.0"; }; sidekiq-scheduler = { - dependencies = ["rufus-scheduler" "sidekiq" "tilt"]; - groups = ["default"]; - platforms = []; + dependencies = [ "rufus-scheduler" "sidekiq" "tilt" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0ygsynfb214g9ijgj4wl88jbkx79js8hd6wn65cxaaa54l82w1fj"; type = "gem"; }; version = "5.0.2"; }; sidekiq-unique-jobs = { - dependencies = ["brpoplpush-redis_script" "concurrent-ruby" "redis" "sidekiq" "thor"]; - groups = ["default"]; - platforms = []; + dependencies = + [ "brpoplpush-redis_script" "concurrent-ruby" "redis" "sidekiq" "thor" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "02f91b24hrrn688wqvxb13lwvcgqb7g9k3sxylnydd6v89wr8mcg"; type = "gem"; }; version = "7.1.29"; }; simple-navigation = { - dependencies = ["activesupport"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1wc1rapwhqymcjfxmlgam4cvbyhnzfxada2damq88ij2p77pjz4q"; type = "gem"; }; version = "4.4.0"; }; simple_form = { - dependencies = ["actionpack" "activemodel"]; - groups = ["default"]; - platforms = []; + dependencies = [ "actionpack" "activemodel" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0z4df65w9qpri315lpvzazdxa9xb7yj0j3d77q06wf0jnpvw4mzs"; type = "gem"; }; version = "5.2.0"; }; simplecov = { - dependencies = ["docile" "simplecov-html" "simplecov_json_formatter"]; - groups = ["test"]; - platforms = []; + dependencies = [ "docile" "simplecov-html" "simplecov_json_formatter" ]; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "198kcbrjxhhzca19yrdcd6jjj9sb51aaic3b0sc3pwjghg3j49py"; type = "gem"; }; version = "0.22.0"; }; simplecov-html = { - groups = ["default" "test"]; - platforms = []; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0yx01bxa8pbf9ip4hagqkp5m0mqfnwnw2xk8kjraiywz4lrss6jb"; type = "gem"; }; version = "0.12.3"; }; simplecov_json_formatter = { - groups = ["default" "test"]; - platforms = []; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0a5l0733hj7sk51j81ykfmlk2vd5vaijlq9d5fn165yyx3xii52j"; type = "gem"; }; version = "0.1.4"; }; smart_properties = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0jrqssk9qhwrpq41arm712226vpcr458xv6xaqbk8cp94a0kycpr"; type = "gem"; }; version = "1.17.0"; }; sprockets = { - dependencies = ["concurrent-ruby" "rack"]; - groups = ["default"]; - platforms = []; + dependencies = [ "concurrent-ruby" "rack" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "182jw5a0fbqah5w9jancvfmjbk88h8bxdbwnl4d3q809rpxdg8ay"; type = "gem"; }; version = "3.7.2"; }; sprockets-rails = { - dependencies = ["actionpack" "activesupport" "sprockets"]; - groups = ["default"]; - platforms = []; + dependencies = [ "actionpack" "activesupport" "sprockets" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1b9i14qb27zs56hlcc2hf139l0ghbqnjpmfi0054dxycaxvk5min"; type = "gem"; }; version = "3.4.2"; }; sshkit = { - dependencies = ["net-scp" "net-ssh"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "net-scp" "net-ssh" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1y6w2qkwg0ygn85x0afscnj0dv8iwkvm153zjclvwafkm6g0pknk"; type = "gem"; }; version = "1.21.4"; }; stackprof = { - groups = ["development"]; - platforms = []; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0bhdgfb0pmw9mav1kw9fn0ka012sa0i3h5ppvqssw5xq48nhxnr8"; type = "gem"; }; version = "0.2.25"; }; statsd-ruby = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "028136c463nbravckxb1qi5c5nnv9r6vh2cyhiry423lac4xz79n"; type = "gem"; }; version = "1.5.0"; }; stoplight = { - dependencies = ["redlock"]; - groups = ["default"]; - platforms = []; + dependencies = [ "redlock" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0rmhhqvvrn7874r9cjf4wpv36vnxvxsrgb1kfgdk3dalg4rig7q6"; type = "gem"; }; version = "3.0.1"; }; strong_migrations = { - dependencies = ["activerecord"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activerecord" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0wz4zhsp4xia8zcpi98v4sgjlv2prd515l8jz4f7j0wk45dfkjs1"; type = "gem"; }; version = "0.8.0"; }; swd = { - dependencies = ["activesupport" "attr_required" "httpclient"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" "attr_required" "httpclient" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "12b3q2sw42nnilfb51nlqdv07f31vdv2j595kd99asnkw4cjlf5w"; type = "gem"; }; version = "1.3.0"; }; sysexits = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0qjng6pllznmprzx8vb0zg0c86hdrkyjs615q41s9fjpmv2430jr"; type = "gem"; }; version = "1.2.0"; }; temple = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "07k5wr2ypsmsbyc9d1plhdki4xr7vvggld8r1i49iljkrpx5nbqc"; type = "gem"; }; version = "0.10.0"; }; terminal-table = { - dependencies = ["unicode-display_width"]; - groups = ["default" "development" "test"]; - platforms = []; + dependencies = [ "unicode-display_width" ]; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "14dfmfjppmng5hwj7c5ka6qdapawm3h6k9lhn8zj001ybypvclgr"; type = "gem"; }; version = "3.0.2"; }; terrapin = { - dependencies = ["climate_control"]; - groups = ["default"]; - platforms = []; + dependencies = [ "climate_control" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0p18f05r0c5s70571gqig3z2ym74wx79s6rd45sprp207bqskzn9"; type = "gem"; }; version = "0.6.0"; }; thor = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0inl77jh4ia03jw3iqm5ipr76ghal3hyjrd6r8zqsswwvi9j2xdi"; type = "gem"; }; version = "1.2.1"; }; tilt = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1qmhi6d9przjzhsyk9g5pq2j75c656msh6xzprqd2mxgphf23jxs"; type = "gem"; }; version = "2.1.0"; }; timeout = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1pfddf51n5fnj4f9ggwj3wbf23ynj0nbxlxqpz12y1gvl9g7d6r6"; type = "gem"; }; version = "0.3.2"; }; tpm-key_attestation = { - dependencies = ["bindata" "openssl" "openssl-signature_algorithm"]; - groups = ["default"]; - platforms = []; + dependencies = [ "bindata" "openssl" "openssl-signature_algorithm" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0v8y5dibsyskv1ncdgszhxwzq0gzmvb0zl7sgmx0xvsgy86dhcz1"; type = "gem"; }; version = "0.12.0"; }; tty-color = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0aik4kmhwwrmkysha7qibi2nyzb4c8kp42bd5vxnf8sf7b53g73g"; type = "gem"; }; version = "0.6.0"; }; tty-cursor = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0j5zw041jgkmn605ya1zc151bxgxl6v192v2i26qhxx7ws2l2lvr"; type = "gem"; }; version = "0.7.1"; }; tty-prompt = { - dependencies = ["pastel" "tty-reader"]; - groups = ["default"]; - platforms = []; + dependencies = [ "pastel" "tty-reader" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1j4y8ik82azjxshgd4i1v4wwhsv3g9cngpygxqkkz69qaa8cxnzw"; type = "gem"; }; version = "0.23.1"; }; tty-reader = { - dependencies = ["tty-cursor" "tty-screen" "wisper"]; - groups = ["default"]; - platforms = []; + dependencies = [ "tty-cursor" "tty-screen" "wisper" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1cf2k7w7d84hshg4kzrjvk9pkyc2g1m3nx2n1rpmdcf0hp4p4af6"; type = "gem"; }; version = "0.9.0"; }; tty-screen = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "18jr6s1cg8yb26wzkqa6874q0z93rq0y5aw092kdqazk71y6a235"; type = "gem"; }; version = "0.8.1"; }; twitter-text = { - dependencies = ["idn-ruby" "unf"]; - groups = ["default"]; - platforms = []; + dependencies = [ "idn-ruby" "unf" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1dnmp0bj3l01nbb52zby2c7hrazcdwfg846knkrjdfl0yfmv793z"; type = "gem"; }; version = "3.1.0"; }; tzinfo = { - dependencies = ["concurrent-ruby"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ "concurrent-ruby" ]; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "16w2g84dzaf3z13gxyzlzbf748kylk5bdgg3n1ipvkvvqy685bwd"; type = "gem"; }; version = "2.0.6"; }; tzinfo-data = { - dependencies = ["tzinfo"]; - groups = ["default"]; - platforms = []; + dependencies = [ "tzinfo" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0m2d0gpsgqnv29j5h2d6g57g0rayvd460b8s2vjr8sn46bqf89m5"; type = "gem"; }; version = "1.2023.3"; }; unf = { - dependencies = ["unf_ext"]; - groups = ["default"]; - platforms = []; + dependencies = [ "unf_ext" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0bh2cf73i2ffh4fcpdn9ir4mhq8zi50ik0zqa1braahzadx536a9"; type = "gem"; }; version = "0.1.4"; }; unf_ext = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1yj2nz2l101vr1x9w2k83a0fag1xgnmjwp8w8rw4ik2rwcz65fch"; type = "gem"; }; version = "0.0.8.2"; }; unicode-display_width = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1gi82k102q7bkmfi7ggn9ciypn897ylln1jk9q67kjhr39fj043a"; type = "gem"; }; version = "2.4.2"; }; uri = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1vigw7nfszfqgikr6n574k9bfh0rvs74z8xq46rz2zsm8249l8cc"; type = "gem"; }; version = "0.12.1"; }; validate_email = { - dependencies = ["activemodel" "mail"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activemodel" "mail" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1r1fz29l699arka177c9xw7409d1a3ff95bf7a6pmc97slb91zlx"; type = "gem"; }; version = "0.1.6"; }; validate_url = { - dependencies = ["activemodel" "public_suffix"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activemodel" "public_suffix" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0lblym140w5n88ijyfgcvkxvpfj8m6z00rxxf2ckmmhk0x61dzkj"; type = "gem"; }; version = "1.0.15"; }; warden = { - dependencies = ["rack"]; - groups = ["default" "pam_authentication"]; - platforms = []; + dependencies = [ "rack" ]; + groups = [ "default" "pam_authentication" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1l7gl7vms023w4clg02pm4ky9j12la2vzsixi2xrv9imbn44ys26"; type = "gem"; }; version = "1.2.9"; }; webauthn = { - dependencies = ["android_key_attestation" "awrence" "bindata" "cbor" "cose" "openssl" "safety_net_attestation" "tpm-key_attestation"]; - groups = ["default"]; - platforms = []; + dependencies = [ + "android_key_attestation" + "awrence" + "bindata" + "cbor" + "cose" + "openssl" + "safety_net_attestation" + "tpm-key_attestation" + ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1ri09bf640kkw4v6k2g90q2nw1mx2hsghhngaqgb7958q8id8xrz"; type = "gem"; }; version = "3.0.0"; }; webfinger = { - dependencies = ["activesupport" "httpclient"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" "httpclient" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "18jj50b44a471ig7hw1ax90wxaaz40acmrf6cm7m2iyshlffy53q"; type = "gem"; }; version = "1.2.0"; }; webmock = { - dependencies = ["addressable" "crack" "hashdiff"]; - groups = ["test"]; - platforms = []; + dependencies = [ "addressable" "crack" "hashdiff" ]; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1myj44wvbbqvv18ragv3ihl0h61acgnfwrnj3lccdgp49bgmbjal"; type = "gem"; }; version = "3.18.1"; }; webpacker = { - dependencies = ["activesupport" "rack-proxy" "railties" "semantic_range"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" "rack-proxy" "railties" "semantic_range" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0fh4vijqiq1h7w28llk67y9csc0m4wkdivrsl4fsxg279v6j5z3i"; type = "gem"; }; version = "5.4.4"; }; webpush = { - dependencies = ["hkdf" "jwt"]; - groups = ["default"]; - platforms = []; + dependencies = [ "hkdf" "jwt" ]; + groups = [ "default" ]; + platforms = [ ]; source = { fetchSubmodules = false; rev = "f14a4d52e201128b1b00245d11b6de80d6cfdcd9"; @@ -3141,62 +3315,63 @@ version = "0.3.8"; }; websocket-driver = { - dependencies = ["websocket-extensions"]; - groups = ["default"]; - platforms = []; + dependencies = [ "websocket-extensions" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0a3bwxd9v3ghrxzjc4vxmf4xa18c6m4xqy5wb0yk5c6b9psc7052"; type = "gem"; }; version = "0.7.5"; }; websocket-extensions = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0hc2g9qps8lmhibl5baa91b4qx8wqw872rgwagml78ydj8qacsqw"; type = "gem"; }; version = "0.1.5"; }; wisper = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1rpsi0ziy78cj82sbyyywby4d0aw0a5q84v65qd28vqn79fbq5yf"; type = "gem"; }; version = "2.0.1"; }; xorcist = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1dbbiy8xlcfvn9ais37xfb5rci4liwakkmxzbkp72wmvlgcrf339"; type = "gem"; }; version = "1.1.3"; }; xpath = { - dependencies = ["nokogiri"]; - groups = ["default" "test"]; - platforms = []; + dependencies = [ "nokogiri" ]; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0bh8lk9hvlpn7vmi6h4hkcwjzvs2y0cmkk3yjjdr8fxvj6fsgzbd"; type = "gem"; }; version = "3.2.0"; }; zeitwerk = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = + [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "028ld9qmgdllxrl7d0qkl65s58wb1n3gv8yjs28g43a8b1hplxk1"; type = "gem"; }; diff --git a/nixos/pkgs/glitch-soc/source.nix b/nixos/pkgs/glitch-soc/source.nix index 7d1d91a2..34ca4075 100644 --- a/nixos/pkgs/glitch-soc/source.nix +++ b/nixos/pkgs/glitch-soc/source.nix @@ -1,5 +1,6 @@ # This file was generated by pkgs.mastodon.updateScript. -{ fetchgit, applyPatches }: let +{ fetchgit, applyPatches }: +let src = fetchgit { url = "https://github.com/glitch-soc/mastodon.git"; rev = "c18884de32b60152600ec95ed42cdf9c00fdab7a"; @@ -7,5 +8,5 @@ }; in applyPatches { inherit src; - patches = []; + patches = [ ]; } diff --git a/nixos/pkgs/glitch-soc/update.nix b/nixos/pkgs/glitch-soc/update.nix index 2db78f14..40a7fe50 100644 --- a/nixos/pkgs/glitch-soc/update.nix +++ b/nixos/pkgs/glitch-soc/update.nix @@ -1,24 +1,22 @@ -{ runCommand -, lib -, makeWrapper -, yarn2nix -, bundix -, coreutils -, diffutils -, nix-prefetch-git -, gnused -, jq -}: +{ runCommand, lib, makeWrapper, yarn2nix, bundix, coreutils, diffutils +, nix-prefetch-git, gnused, jq }: let - binPath = lib.makeBinPath [ yarn2nix bundix coreutils diffutils nix-prefetch-git gnused jq ]; -in -runCommand "mastodon-update-script" -{ + binPath = lib.makeBinPath [ + yarn2nix + bundix + coreutils + diffutils + nix-prefetch-git + gnused + jq + ]; +in runCommand "mastodon-update-script" { nativeBuildInputs = [ makeWrapper ]; meta = { maintainers = with lib.maintainers; [ happy-river ]; - description = "Utility to generate Nix expressions for Mastodon's dependencies"; + description = + "Utility to generate Nix expressions for Mastodon's dependencies"; platforms = lib.platforms.unix; }; } '' diff --git a/nixos/templates/iso-graphical.nix b/nixos/templates/iso-graphical.nix index 23630f39..4d927270 100644 --- a/nixos/templates/iso-graphical.nix +++ b/nixos/templates/iso-graphical.nix @@ -6,9 +6,7 @@ # use the latest Linux kernel boot.kernelPackages = pkgs.linuxPackages_latest; - environment.systemPackages = with pkgs; [ - git - ]; + environment.systemPackages = with pkgs; [ git ]; # Needed for https://github.com/NixOS/nixpkgs/issues/58959 boot.supportedFilesystems = lib.mkForce [ "btrfs" "ext4" ]; diff --git a/nixos/templates/iso.nix b/nixos/templates/iso.nix index bbd3dbe3..48d7dc93 100644 --- a/nixos/templates/iso.nix +++ b/nixos/templates/iso.nix @@ -1,15 +1,12 @@ { pkgs, modulesPath, lib, ... }: { - imports = [ - "${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix" - ]; + imports = [ "${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix" ]; # use the latest Linux kernel boot.kernelPackages = pkgs.linuxPackages_latest; - environment.systemPackages = with pkgs; [ - git - ]; + environment.systemPackages = with pkgs; [ git ]; # Needed for https://github.com/NixOS/nixpkgs/issues/58959 - boot.supportedFilesystems = lib.mkForce [ "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "ntfs" "cifs" ]; + boot.supportedFilesystems = + lib.mkForce [ "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "ntfs" "cifs" ]; } -- 2.47.1 From fa5bda60be86d161e30af677c12e1687876051f9 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 4 May 2023 15:14:36 +0200 Subject: [PATCH 1534/1882] simple impl of exposes thingy --- .woodpecker.yml | 2 +- flake.nix | 8 +--- nixos/common/modules/default.nix | 2 +- nixos/common/modules/meta.nix | 42 +++++++++++++++++++ nixos/hosts/olympus/default.nix | 6 +++ .../hosts/olympus/hedgedoc/configuration.nix | 3 +- nixos/hosts/olympus/nginx/configuration.nix | 6 ++- nixos/hosts/thalassa/aoife/configuration.nix | 3 +- nixos/hosts/thalassa/default.nix | 6 ++- nixos/hosts/thalassa/eevee/configuration.nix | 3 +- nixos/util.nix | 17 ++++++-- 11 files changed, 78 insertions(+), 20 deletions(-) create mode 100644 nixos/common/modules/meta.nix diff --git a/.woodpecker.yml b/.woodpecker.yml index 0a8e125e..0a659936 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -5,5 +5,5 @@ pipeline: - NIX_CONFIG=experimental-features = nix-command flakes commands: - nix run 'nixpkgs#statix' check - - nix run 'github:astro/deadnix' -- -f + - nix run 'nixpkgs#deadnix' -- -f - nix run 'nixpkgs#yamllint' . diff --git a/flake.nix b/flake.nix index 56f99e54..1783aa75 100644 --- a/flake.nix +++ b/flake.nix @@ -46,14 +46,9 @@ inherit (nixpkgs) lib; util = import ./nixos/util.nix inputs; + inherit (util) hosts flat_hosts nixHosts; system = "x86_64-linux"; - # import and add realm to list of tags - hosts = util.add_realm_to_tags (import ./nixos/hosts); - # flatten hosts to single list - flat_hosts = util.flatten_hosts hosts; - # Filter out all non-nixos hosts - nixHosts = util.filter_nix_hosts flat_hosts; pkgs = import nixpkgs { inherit system; @@ -137,6 +132,7 @@ apply-local colmena.packages.${system}.colmena cachix + deadnix fluxcd k9s kubectl diff --git a/nixos/common/modules/default.nix b/nixos/common/modules/default.nix index 4b66a5b5..32e5402f 100644 --- a/nixos/common/modules/default.nix +++ b/nixos/common/modules/default.nix @@ -1,3 +1,3 @@ { ... }: { - imports = [ ./dns.nix ./flood.nix ./gnome ./unpackerr.nix ./vault.nix ]; + imports = [ ./meta.nix ./dns.nix ./flood.nix ./gnome ./unpackerr.nix ./vault.nix ]; } diff --git a/nixos/common/modules/meta.nix b/nixos/common/modules/meta.nix new file mode 100644 index 00000000..63585fa0 --- /dev/null +++ b/nixos/common/modules/meta.nix @@ -0,0 +1,42 @@ +{ lib, ... }: +with lib; +let + exposesOpts = { + options = { + domain = mkOption { + type = types.str; + example = ".example.com"; + description = '' + The domain under which this service should be available + ''; + }; + port = mkOption { + type = types.int; + example = 4242; + description = '' + The port under which the service runs on the host + ''; + }; + }; + }; +in { + options = { + meta.exposes = mkOption { + type = with types; attrsOf (submodule exposesOpts); + description = '' + Exposed services + ''; + }; + + meta.ipv4 = mkOption { + type = types.str; + description = '' + Own IPv4 Address + ''; + }; + }; + + config = { + + }; +} diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 62f5c092..0adce81e 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -100,6 +100,12 @@ "hedgedoc" = { ip = "10.42.42.23"; mac = "86:BC:0C:18:BC:9B"; + exposes = { + md = { + domain = "md.0x76.dev"; + port = 3000; + }; + }; }; "zmeura" = { ip = "10.42.42.24"; diff --git a/nixos/hosts/olympus/hedgedoc/configuration.nix b/nixos/hosts/olympus/hedgedoc/configuration.nix index c11021c5..87e19bd8 100644 --- a/nixos/hosts/olympus/hedgedoc/configuration.nix +++ b/nixos/hosts/olympus/hedgedoc/configuration.nix @@ -6,6 +6,7 @@ let db_name = "hedgedoc"; db_user = "hedgedoc"; + inherit (config.meta.exposes.md) port; vs = config.vault-secrets.secrets; in { imports = [ ]; @@ -40,7 +41,7 @@ in { environmentFile = "${vs.hedgedoc}/environment"; settings = { host = "0.0.0.0"; - port = 3000; + inherit port; sessionSecret = "$SESSION_SECRET"; domain = "md.0x76.dev"; protocolUseSSL = true; diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 5d21f764..2e926c7d 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ pkgs, hosts, ... }: let proxy = url: { enableACME = true; @@ -44,9 +44,11 @@ in { package = pkgs.nginxMainline; + # Templated + virtualHosts.${hosts.olympus.hedgedoc.exposes.md.domain} = proxy "http://hedgedoc.olympus:${toString hosts.olympus.hedgedoc.exposes.md.port}/"; + # 0x76.dev virtualHosts."ha.0x76.dev" = proxy "http://home-assistant.olympus:8123/"; - virtualHosts."md.0x76.dev" = proxy "http://hedgedoc.olympus:3000/"; virtualHosts."git.0x76.dev" = proxy "http://gitea.olympus:3000"; virtualHosts."o.0x76.dev" = proxy "http://minio.olympus:9000"; virtualHosts."grafana.0x76.dev" = diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index 7699dccb..75ceeb5e 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -4,7 +4,6 @@ { inputs, ... }: { imports = [ - ../../../common/desktop ./hardware-configuration.nix inputs.nixos-hardware.nixosModules.lenovo-thinkpad-z ./hardware.nix @@ -26,6 +25,8 @@ # Enable Ozone rendering for Chromium and Electron apps. environment.sessionVariables.NIXOS_OZONE_WL = "1"; + # environment.sessionVariables.INFRA_INFO = self; # hosts.${config.networking.domain}.${config.networking.hostName}; + # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/thalassa/default.nix b/nixos/hosts/thalassa/default.nix index 68de75d0..d0c47254 100644 --- a/nixos/hosts/thalassa/default.nix +++ b/nixos/hosts/thalassa/default.nix @@ -1,5 +1,7 @@ { - # "null" = { type = "local"; }; - "aoife" = { type = "local"; }; + "aoife" = { + type = "local"; + mac = "04:7b:cb:b6:2d:88"; + }; "eevee" = { type = "local"; }; } diff --git a/nixos/hosts/thalassa/eevee/configuration.nix b/nixos/hosts/thalassa/eevee/configuration.nix index eccf3cfb..e74c1a18 100644 --- a/nixos/hosts/thalassa/eevee/configuration.nix +++ b/nixos/hosts/thalassa/eevee/configuration.nix @@ -3,8 +3,7 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { pkgs, inputs, ... }: { - imports = - [ ../../../common/desktop ./hardware-configuration.nix ./hardware.nix ]; + imports = [ ./hardware-configuration.nix ./hardware.nix ]; # Bootloader. boot = { diff --git a/nixos/util.nix b/nixos/util.nix index e36ec67c..85194149 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -13,7 +13,7 @@ let ./common/generic-lxc.nix ]; "vm" = [ ./common/generic-vm.nix ]; - "local" = [ ]; + "local" = [ ./common/desktop ]; }; in type: import_cases.${type} ++ base_imports; # Helper function to resolve what should be imported depending on the type of config (lxc, vm, bare metal) @@ -21,8 +21,6 @@ let type_import type ++ [ ./common "${./.}/hosts/${realm}/${profile}/configuration.nix" ]; -in { - inherit base_imports type_import resolve_imports; # Add to whatever realm a host belong to its list of tags add_realm_to_tags = mapAttrs (realm: mapAttrs (_hostname: @@ -40,8 +38,10 @@ in { # Filter out all hosts which aren't nixos filter_nix_hosts = filter ({ nix ? true, ... }: nix); + # outputs + # Helper function to build a colmena host definition - mkColmenaHost = { ip ? null, hostname, tags, realm, type ? "lxc", ... }@host: + mkColmenaHost = { ip ? null, exposes ? null, hostname, tags, realm, type ? "lxc", ... }@host: let # this makes local apply work a bit nicer name = if type == "local" then hostname else "${hostname}.${realm}"; @@ -52,6 +52,10 @@ in { hostName = hostname; domain = realm; }; + meta = { + inherit exposes; + ipv4 = ip; + }; deployment = { inherit tags; targetHost = ip; @@ -60,4 +64,9 @@ in { }; }; }; + hosts = add_realm_to_tags (import ./hosts); + flat_hosts = flatten_hosts hosts; + nixHosts = filter_nix_hosts flat_hosts; +in { + inherit base_imports mkColmenaHost hosts flat_hosts nixHosts; } -- 2.47.1 From af893b9e438d4975b9623d2b62221aee0f9cb889 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 4 May 2023 16:19:01 +0200 Subject: [PATCH 1535/1882] added nginx autoproxy for exposes config, needs some refactoring --- nixos/common/modules/meta.nix | 6 +- nixos/common/modules/vault.nix | 2 +- nixos/hosts/olympus/nginx/configuration.nix | 193 +++++++++++--------- 3 files changed, 106 insertions(+), 95 deletions(-) diff --git a/nixos/common/modules/meta.nix b/nixos/common/modules/meta.nix index 63585fa0..524e82ba 100644 --- a/nixos/common/modules/meta.nix +++ b/nixos/common/modules/meta.nix @@ -20,15 +20,15 @@ let }; }; in { - options = { - meta.exposes = mkOption { + options.meta = { + exposes = mkOption { type = with types; attrsOf (submodule exposesOpts); description = '' Exposed services ''; }; - meta.ipv4 = mkOption { + ipv4 = mkOption { type = types.str; description = '' Own IPv4 Address diff --git a/nixos/common/modules/vault.nix b/nixos/common/modules/vault.nix index 1df023bd..90b86c81 100644 --- a/nixos/common/modules/vault.nix +++ b/nixos/common/modules/vault.nix @@ -2,7 +2,7 @@ with lib; let cfg = config.services.v.vault; - hostIP = config.deployment.targetHost; + hostIP = config.meta.ipv4; # Find all vault hosts that do not have the same IP as the current host vault_hosts = diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 2e926c7d..ff5e4478 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -1,5 +1,7 @@ -{ pkgs, hosts, ... }: +{ pkgs, config, hosts, lib, ... }: let + inherit (builtins) filter hasAttr attrValues concatMap; + proxy = url: { enableACME = true; forceSSL = true; @@ -22,6 +24,16 @@ let add_header Access-Control-Allow-Origin *; return 200 '${builtins.toJSON data}'; ''; + + hostsWithExposes = + filter (hasAttr "exposes") (attrValues hosts.${config.networking.domain}); + exposes = { ip, exposes, ... }: + map ({ domain, port }: { inherit ip domain port; }) (attrValues exposes); + mkVhost = { ip, domain, port }: { + "${domain}" = proxy "http://${ip}:${toString port}"; + }; + vhosts = lib.foldr (el: acc: acc // mkVhost el) { } + (concatMap exposes hostsWithExposes); in { # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions @@ -45,107 +57,106 @@ in { package = pkgs.nginxMainline; # Templated - virtualHosts.${hosts.olympus.hedgedoc.exposes.md.domain} = proxy "http://hedgedoc.olympus:${toString hosts.olympus.hedgedoc.exposes.md.port}/"; - - # 0x76.dev - virtualHosts."ha.0x76.dev" = proxy "http://home-assistant.olympus:8123/"; - virtualHosts."git.0x76.dev" = proxy "http://gitea.olympus:3000"; - virtualHosts."o.0x76.dev" = proxy "http://minio.olympus:9000"; - virtualHosts."grafana.0x76.dev" = - proxy "http://victoriametrics.olympus:2342"; - virtualHosts."outline.0x76.dev" = proxy "http://outline.olympus:3000"; - virtualHosts."ntfy.0x76.dev" = proxy "http://ntfy.olympus:80"; - virtualHosts."ci.0x76.dev" = proxy "http://woodpecker.olympus:8000"; - virtualHosts."dex.0x76.dev" = proxy "http://dex.olympus:5556"; - virtualHosts."pass.0x76.dev" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://vaultwarden.olympus:8222"; - proxyWebsockets = true; + virtualHosts = vhosts // { + # 0x76.dev + "ha.0x76.dev" = proxy "http://home-assistant.olympus:8123/"; + "git.0x76.dev" = proxy "http://gitea.olympus:3000"; + "o.0x76.dev" = proxy "http://minio.olympus:9000"; + "grafana.0x76.dev" = proxy "http://victoriametrics.olympus:2342"; + "outline.0x76.dev" = proxy "http://outline.olympus:3000"; + "ntfy.0x76.dev" = proxy "http://ntfy.olympus:80"; + "ci.0x76.dev" = proxy "http://woodpecker.olympus:8000"; + "dex.0x76.dev" = proxy "http://dex.olympus:5556"; + "pass.0x76.dev" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://vaultwarden.olympus:8222"; + proxyWebsockets = true; + }; + locations."/notifications/hub/negotiate" = { + proxyPass = "http://vaultwarden.olympus:8222"; + proxyWebsockets = true; + }; + locations."/notifications/hub" = { + proxyPass = "http://vaultwarden.olympus:3012"; + proxyWebsockets = true; + }; }; - locations."/notifications/hub/negotiate" = { - proxyPass = "http://vaultwarden.olympus:8222"; - proxyWebsockets = true; - }; - locations."/notifications/hub" = { - proxyPass = "http://vaultwarden.olympus:3012"; - proxyWebsockets = true; - }; - }; - # Redshifts - virtualHosts."andreea.redshifts.xyz" = proxy "http://zmeura.olympus:8008"; + # Redshifts + "andreea.redshifts.xyz" = proxy "http://zmeura.olympus:8008"; - # Meow - virtualHosts."meowy.tech" = { - enableACME = true; - forceSSL = true; - locations."/".extraConfig = '' - add_header Content-Type 'text/html; charset=UTF-8'; - return 200 '

meow

'; - ''; - locations."= /.well-known/matrix/client".extraConfig = - mkWellKnown clientConfig; - locations."= /.well-known/matrix/server".extraConfig = - mkWellKnown serverConfig; - }; - virtualHosts."chat.meowy.tech" = { - enableACME = true; - forceSSL = true; - locations."/".extraConfig = '' - return 307 https://element.chat.meowy.tech; - ''; - locations."/_matrix".proxyPass = "http://synapse.olympus:8008"; - locations."/_synapse/client".proxyPass = "http://synapse.olympus:8008"; - locations."/_synapse/admin" = { - # Allow only local and my own IPs - extraConfig = '' - allow 127.0.0.1; - allow 10.42.42.0/23; - allow 192.168.0.0/23; - allow 80.60.83.220; - allow 195.85.167.32/29; - deny all; + # Meow + "meowy.tech" = { + enableACME = true; + forceSSL = true; + locations."/".extraConfig = '' + add_header Content-Type 'text/html; charset=UTF-8'; + return 200 '

meow

'; ''; - proxyPass = "http://synapse.olympus:8008"; + locations."= /.well-known/matrix/client".extraConfig = + mkWellKnown clientConfig; + locations."= /.well-known/matrix/server".extraConfig = + mkWellKnown serverConfig; }; - }; - virtualHosts."element.chat.meowy.tech" = { - enableACME = true; - forceSSL = true; - - root = pkgs.element-web.override { - conf = { - default_server_config = clientConfig; - show_labs_settings = true; - brand = "chat.meowy.tech"; + "chat.meowy.tech" = { + enableACME = true; + forceSSL = true; + locations."/".extraConfig = '' + return 307 https://element.chat.meowy.tech; + ''; + locations."/_matrix".proxyPass = "http://synapse.olympus:8008"; + locations."/_synapse/client".proxyPass = "http://synapse.olympus:8008"; + locations."/_synapse/admin" = { + # Allow only local and my own IPs + extraConfig = '' + allow 127.0.0.1; + allow 10.42.42.0/23; + allow 192.168.0.0/23; + allow 80.60.83.220; + allow 195.85.167.32/29; + deny all; + ''; + proxyPass = "http://synapse.olympus:8008"; }; }; - }; - virtualHosts."cinny.chat.meowy.tech" = { - enableACME = true; - forceSSL = true; + "element.chat.meowy.tech" = { + enableACME = true; + forceSSL = true; - root = pkgs.cinny.override { - conf = { - defaultHomeserver = 0; - allowCustomHomeservers = false; - homeserverList = [ "chat.meowy.tech" ]; + root = pkgs.element-web.override { + conf = { + default_server_config = clientConfig; + show_labs_settings = true; + brand = "chat.meowy.tech"; + }; }; }; - }; - virtualHosts."admin.chat.meowy.tech" = { - enableACME = true; - forceSSL = true; - root = pkgs.synapse-admin; - }; - virtualHosts."books.meowy.tech" = proxy "http://bookwyrm.olympus:8001"; + "cinny.chat.meowy.tech" = { + enableACME = true; + forceSSL = true; - # Kubernetes endpoints - virtualHosts."0x76.dev" = k8s_proxy; - virtualHosts."internal.xirion.net" = k8s_proxy; - virtualHosts."blog.xirion.net" = k8s_proxy; + root = pkgs.cinny.override { + conf = { + defaultHomeserver = 0; + allowCustomHomeservers = false; + homeserverList = [ "chat.meowy.tech" ]; + }; + }; + }; + "admin.chat.meowy.tech" = { + enableACME = true; + forceSSL = true; + root = pkgs.synapse-admin; + }; + "books.meowy.tech" = proxy "http://bookwyrm.olympus:8001"; + + # Kubernetes endpoints + "0x76.dev" = k8s_proxy; + "internal.xirion.net" = k8s_proxy; + "blog.xirion.net" = k8s_proxy; + }; }; security.acme.defaults.email = "victorheld12@gmail.com"; -- 2.47.1 From e34c892fc2f466dfe991efd3de78f8951636dc41 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 4 May 2023 22:04:07 +0000 Subject: [PATCH 1536/1882] chore(deps): lock file maintenance --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 113ab593..f21bccd5 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1683153724, - "narHash": "sha256-wiQ8pBYbbPklLngAz5w3VvwmpLqTNroKc7um56iCLHo=", + "lastModified": 1683221986, + "narHash": "sha256-n688GK4wO2pZpI4gHOxj/PF85bzUMPEJ8B3Wd3cHSjk=", "owner": "nix-community", "repo": "home-manager", - "rev": "514c0a71f47cb80282742d7e4b6913c2c0582c2d", + "rev": "f3824311a16cbe70dbaeedc17a97dfcd11901c3f", "type": "github" }, "original": { @@ -671,11 +671,11 @@ ] }, "locked": { - "lastModified": 1682946851, - "narHash": "sha256-YoEtcS8oRurXdrYW1ceF3LaqBeJDp33+NqyqsQAh96c=", + "lastModified": 1683189539, + "narHash": "sha256-dqeE6PM1SSNCB9BSBgh/9dJPLn3sf7P4uay8/CymMlQ=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "8e981bbc0f146e87ac5e8cc98a84dd6702648adb", + "rev": "104ca15b0019bf461639050daeaa18e25642ccee", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1683186265, - "narHash": "sha256-XuGXnnF/mpM0CR4M4dbuMYsARgHLqtpolh5nPA9+040=", + "lastModified": 1683237598, + "narHash": "sha256-RQrAydX9mQIJYBtOe0kEGHjHV6tSx+a0LOI0LZ/Mus4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "3428bdf3c93a7608615dddd44dec50c3df89b4be", + "rev": "0ba02ba5e7a068d334fb04c8349d7654d1a9a230", "type": "github" }, "original": { @@ -931,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1682714854, - "narHash": "sha256-7vFHIUeaZ47REJopzzY6bX5wb0qmn6fNsQCKOQ8G3Mg=", + "lastModified": 1683202852, + "narHash": "sha256-AN4PZAtkiA4ATi9MwCMpU7WvAoQ642Hol8K8/n0477M=", "owner": "pta2002", "repo": "nixvim", - "rev": "d0383da7f8579610f49b99b982b662ad197d97d1", + "rev": "8a637fc91fd670626a3e182a781a2e82615bbcc2", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1683183829, - "narHash": "sha256-Ta7qCL+mWSBt3851GYtbJpuAcCfNvNxD+MqfK+Yj4RU=", + "lastModified": 1683236736, + "narHash": "sha256-ruEH8oO2WLlZI8CSrKPmMbIFNO4/oEGeBwyTyszhw5Y=", "owner": "nix-community", "repo": "NUR", - "rev": "82a30341dc98d46808ea11ba932e95856e53452c", + "rev": "ee7b5b05842c7db8688a3a21f7c10e2eb8762882", "type": "github" }, "original": { -- 2.47.1 From 64bdee8a12616ccdfbef35d9bc36fd75fa67ecce Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 5 May 2023 10:04:38 +0200 Subject: [PATCH 1537/1882] create nginx magic module --- nixos/common/modules/default.nix | 2 +- nixos/common/modules/meta.nix | 3 +- nixos/common/modules/nginx.nix | 32 ++++++++++++ nixos/hosts/olympus/default.nix | 52 +++++++++++++++++-- nixos/hosts/olympus/dex/configuration.nix | 5 +- nixos/hosts/olympus/gitea/configuration.nix | 8 +-- .../hosts/olympus/hedgedoc/configuration.nix | 3 +- nixos/hosts/olympus/minio/configuration.nix | 4 +- nixos/hosts/olympus/nginx/configuration.nix | 46 ++-------------- nixos/hosts/olympus/outline/configuration.nix | 9 ++-- .../olympus/victoriametrics/configuration.nix | 3 +- .../olympus/woodpecker/configuration.nix | 8 +-- 12 files changed, 111 insertions(+), 64 deletions(-) create mode 100644 nixos/common/modules/nginx.nix diff --git a/nixos/common/modules/default.nix b/nixos/common/modules/default.nix index 32e5402f..66727027 100644 --- a/nixos/common/modules/default.nix +++ b/nixos/common/modules/default.nix @@ -1,3 +1,3 @@ { ... }: { - imports = [ ./meta.nix ./dns.nix ./flood.nix ./gnome ./unpackerr.nix ./vault.nix ]; + imports = [ ./meta.nix ./nginx.nix ./dns.nix ./flood.nix ./gnome ./unpackerr.nix ./vault.nix ]; } diff --git a/nixos/common/modules/meta.nix b/nixos/common/modules/meta.nix index 524e82ba..562d21f8 100644 --- a/nixos/common/modules/meta.nix +++ b/nixos/common/modules/meta.nix @@ -12,6 +12,7 @@ let }; port = mkOption { type = types.int; + default = 80; example = 4242; description = '' The port under which the service runs on the host @@ -21,6 +22,7 @@ let }; in { options.meta = { + exposes = mkOption { type = with types; attrsOf (submodule exposesOpts); description = '' @@ -37,6 +39,5 @@ in { }; config = { - }; } diff --git a/nixos/common/modules/nginx.nix b/nixos/common/modules/nginx.nix new file mode 100644 index 00000000..4d1ac1f9 --- /dev/null +++ b/nixos/common/modules/nginx.nix @@ -0,0 +1,32 @@ +{ lib, hosts, config, ... }: +with lib; +let cfg = config.services.v.nginx; +in { + options.services.v.nginx.generateVirtualHosts = + mkEnableOption "generate vhosts"; + + config = let + + proxy = url: { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = url; + proxyWebsockets = true; + }; + }; + + hosts' = + filter (hasAttr "exposes") (attrValues hosts.${config.networking.domain}); + exposes = { ip, exposes, ... }: + map ({ domain, port ? 80}: { inherit ip domain port; }) (attrValues exposes); + mkVhost = { ip, domain, port}: { + "${domain}" = proxy "http://${ip}:${toString port}"; + }; + vhosts = foldr (el: acc: acc // mkVhost el) { } (concatMap exposes hosts'); + in mkIf cfg.generateVirtualHosts { + + services.nginx.virtualHosts = vhosts; + + }; +} diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 0adce81e..f5535287 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -36,6 +36,10 @@ ip6 = "2001:41f0:9639:1:bfe7:3fd9:75de:cbee"; mac = "9E:60:78:ED:81:B4"; nix = false; + exposes.ha = { + domain = "ha.0x76.dev"; + port = 8123; + }; }; "nginx" = { ip = "10.42.42.9"; @@ -46,10 +50,19 @@ "kubernetes" = { ip = "10.42.42.10"; mac = "6E:A5:25:99:FE:68"; + exposes = { + www.domain = "0x76.dev"; + internal.domain = "internal.xirion.net"; + blog.domain = "blog.xirion.net"; + }; }; "dex" = { ip = "10.42.42.11"; mac = "AE:66:7B:FA:15:72"; + exposes.dex = { + domain = "dex.0x76.dev"; + port = 5556; + }; }; "WoolooTV" = { ip = "10.42.42.13"; @@ -59,6 +72,10 @@ "outline" = { ip = "10.42.42.14"; mac = "52:13:EB:FD:87:F0"; + exposes.outline = { + domain = "outline.0x76.dev"; + port = 3000; + }; }; "dns-1" = { profile = "dns"; @@ -75,6 +92,10 @@ "minio" = { ip = "10.42.42.17"; mac = "0A:06:5E:E7:9A:0C"; + exposes.minio = { + domain = "o.0x76.dev"; + port = 9000; + }; }; "mailserver" = { ip = "10.42.42.18"; @@ -83,6 +104,12 @@ "victoriametrics" = { ip = "10.42.42.19"; mac = "9E:91:61:35:84:1F"; + exposes = { + grafana = { + domain = "grafana.0x76.dev"; + port = 2342; + }; + }; }; "unifi" = { ip = "10.42.42.20"; @@ -96,21 +123,27 @@ "gitea" = { ip = "10.42.42.22"; mac = "DE:5F:B0:83:6F:34"; + exposes.git = { + domain = "git.0x76.dev"; + port = 3000; + }; }; "hedgedoc" = { ip = "10.42.42.23"; mac = "86:BC:0C:18:BC:9B"; - exposes = { - md = { - domain = "md.0x76.dev"; - port = 3000; - }; + exposes.md = { + domain = "md.0x76.dev"; + port = 3000; }; }; "zmeura" = { ip = "10.42.42.24"; mac = "b8:27:eb:d5:e0:f5"; nix = false; + exposes.andreea = { + domain = "andreea.redshifts.xyz"; + port = 8008; + }; }; "wireguard" = { ip = "10.42.42.25"; @@ -121,6 +154,10 @@ ip = "10.42.42.27"; mac = "9E:8A:6C:39:27:DE"; nix = false; + exposes.books = { + domain = "books.meowy.tech"; + port = 8001; + }; }; "synapse" = { ip = "10.42.42.28"; @@ -140,10 +177,15 @@ "ntfy" = { ip = "10.42.42.32"; mac = "7A:17:9E:80:72:01"; + exposes.ntfy.domain = "ntfy.0x76.dev"; }; "woodpecker" = { ip = "10.42.42.33"; mac = "1E:24:DA:DB:4A:1A"; + exposes.ci = { + domain = "ci.0x76.dev"; + port = 8000; + }; }; "nuc" = { ip = "10.42.42.42"; diff --git a/nixos/hosts/olympus/dex/configuration.nix b/nixos/hosts/olympus/dex/configuration.nix index 8d030c84..b205de84 100644 --- a/nixos/hosts/olympus/dex/configuration.nix +++ b/nixos/hosts/olympus/dex/configuration.nix @@ -7,6 +7,7 @@ let vs = config.vault-secrets.secrets; db_user = "dex"; db_name = "dex"; + inherit (config.meta.exposes.dex) port; in { imports = [ ]; @@ -18,7 +19,7 @@ in { # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.05"; # Did you read the comment? - networking.firewall.allowedTCPPorts = [ 5556 ]; + networking.firewall.allowedTCPPorts = [ port ]; services.postgresql = { enable = true; @@ -47,7 +48,7 @@ in { database = db_name; }; }; - web.http = "0.0.0.0:5556"; + web.http = "0.0.0.0:${toString port}"; connectors = [{ type = "gitea"; diff --git a/nixos/hosts/olympus/gitea/configuration.nix b/nixos/hosts/olympus/gitea/configuration.nix index 2be1db91..8b8823c7 100644 --- a/nixos/hosts/olympus/gitea/configuration.nix +++ b/nixos/hosts/olympus/gitea/configuration.nix @@ -3,7 +3,9 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { lib, config, pkgs, ... }: -let vs = config.vault-secrets.secrets; +let + vs = config.vault-secrets.secrets; + inherit (config.meta.exposes.git) port; in { imports = [ ]; @@ -20,8 +22,7 @@ in { environment.noXlibs = lib.mkForce false; - networking.firewall.allowedTCPPorts = - [ config.services.gitea.settings.server.HTTP_PORT ]; + networking.firewall.allowedTCPPorts = [ port ]; services.openssh.startWhenNeeded = false; @@ -77,6 +78,7 @@ in { SSH_PORT = 42; DOMAIN = "git.0x76.dev"; ROOT_URL = "https://git.0x76.dev"; + HTTP_PORT = port; }; session = { "PROVIDER" = "db"; diff --git a/nixos/hosts/olympus/hedgedoc/configuration.nix b/nixos/hosts/olympus/hedgedoc/configuration.nix index 87e19bd8..c23b63c1 100644 --- a/nixos/hosts/olympus/hedgedoc/configuration.nix +++ b/nixos/hosts/olympus/hedgedoc/configuration.nix @@ -21,8 +21,7 @@ in { environment.noXlibs = lib.mkForce false; - networking.firewall.allowedTCPPorts = - [ config.services.hedgedoc.settings.port ]; + networking.firewall.allowedTCPPorts = [ port ]; vault-secrets.secrets.hedgedoc = { }; diff --git a/nixos/hosts/olympus/minio/configuration.nix b/nixos/hosts/olympus/minio/configuration.nix index eae48e54..aa0fc928 100644 --- a/nixos/hosts/olympus/minio/configuration.nix +++ b/nixos/hosts/olympus/minio/configuration.nix @@ -5,8 +5,8 @@ { config, pkgs, ... }: let vs = config.vault-secrets.secrets; - listenPort = 9000; - consolePort = 9001; + listenPort = config.meta.exposes.minio.port; + consolePort = listenPort + 1; in { imports = [ ]; diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index ff5e4478..2027eab5 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -1,16 +1,5 @@ -{ pkgs, config, hosts, lib, ... }: +{ pkgs, ... }: let - inherit (builtins) filter hasAttr attrValues concatMap; - - proxy = url: { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = url; - proxyWebsockets = true; - }; - }; - k8s_proxy = proxy "http://kubernetes.olympus:80/"; clientConfig = { "m.homeserver" = { base_url = "https://chat.meowy.tech"; @@ -24,16 +13,6 @@ let add_header Access-Control-Allow-Origin *; return 200 '${builtins.toJSON data}'; ''; - - hostsWithExposes = - filter (hasAttr "exposes") (attrValues hosts.${config.networking.domain}); - exposes = { ip, exposes, ... }: - map ({ domain, port }: { inherit ip domain port; }) (attrValues exposes); - mkVhost = { ip, domain, port }: { - "${domain}" = proxy "http://${ip}:${toString port}"; - }; - vhosts = lib.foldr (el: acc: acc // mkVhost el) { } - (concatMap exposes hostsWithExposes); in { # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions @@ -45,6 +24,9 @@ in { networking.firewall.allowedTCPPorts = [ 80 443 ]; + # Generates vhosts for all hosts that have an `exposes` section + services.v.nginx.generateVirtualHosts = true; + services.nginx = { enable = true; statusPage = true; @@ -57,16 +39,7 @@ in { package = pkgs.nginxMainline; # Templated - virtualHosts = vhosts // { - # 0x76.dev - "ha.0x76.dev" = proxy "http://home-assistant.olympus:8123/"; - "git.0x76.dev" = proxy "http://gitea.olympus:3000"; - "o.0x76.dev" = proxy "http://minio.olympus:9000"; - "grafana.0x76.dev" = proxy "http://victoriametrics.olympus:2342"; - "outline.0x76.dev" = proxy "http://outline.olympus:3000"; - "ntfy.0x76.dev" = proxy "http://ntfy.olympus:80"; - "ci.0x76.dev" = proxy "http://woodpecker.olympus:8000"; - "dex.0x76.dev" = proxy "http://dex.olympus:5556"; + virtualHosts = { "pass.0x76.dev" = { enableACME = true; forceSSL = true; @@ -84,9 +57,6 @@ in { }; }; - # Redshifts - "andreea.redshifts.xyz" = proxy "http://zmeura.olympus:8008"; - # Meow "meowy.tech" = { enableACME = true; @@ -150,12 +120,6 @@ in { forceSSL = true; root = pkgs.synapse-admin; }; - "books.meowy.tech" = proxy "http://bookwyrm.olympus:8001"; - - # Kubernetes endpoints - "0x76.dev" = k8s_proxy; - "internal.xirion.net" = k8s_proxy; - "blog.xirion.net" = k8s_proxy; }; }; diff --git a/nixos/hosts/olympus/outline/configuration.nix b/nixos/hosts/olympus/outline/configuration.nix index 1ac2cd3c..43d9e99e 100644 --- a/nixos/hosts/olympus/outline/configuration.nix +++ b/nixos/hosts/olympus/outline/configuration.nix @@ -3,7 +3,9 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, ... }: -let vs = config.vault-secrets.secrets; +let + vs = config.vault-secrets.secrets; + inherit (config.meta.exposes.outline) port; in { imports = [ ]; @@ -16,16 +18,17 @@ in { system.stateVersion = "22.11"; # Did you read the comment? # Additional packages - networking.firewall.allowedTCPPorts = [ config.services.outline.port ]; + networking.firewall.allowedTCPPorts = [ port ]; vault-secrets.secrets.outline = { inherit (config.services.outline) user group; }; services.outline = { + inherit port; + enable = true; concurrency = 1; - port = 3000; redisUrl = "local"; databaseUrl = "local"; publicUrl = "https://outline.0x76.dev"; diff --git a/nixos/hosts/olympus/victoriametrics/configuration.nix b/nixos/hosts/olympus/victoriametrics/configuration.nix index 9678ebf7..da9d3271 100644 --- a/nixos/hosts/olympus/victoriametrics/configuration.nix +++ b/nixos/hosts/olympus/victoriametrics/configuration.nix @@ -5,6 +5,7 @@ { config, pkgs, ... }: let vmPort = 8428; + grafanaPort = config.meta.exposes.grafana.port; vs = config.vault-secrets.secrets; in { imports = [ ]; @@ -78,7 +79,7 @@ in { domain = "grafana.0x76.dev"; root_url = "https://grafana.0x76.dev"; http_addr = "0.0.0.0"; - http_port = 2342; + http_port = grafanaPort; }; security.admin_password = "$__file{${vs.grafana}/password}"; }; diff --git a/nixos/hosts/olympus/woodpecker/configuration.nix b/nixos/hosts/olympus/woodpecker/configuration.nix index 682338bd..c5da5db7 100644 --- a/nixos/hosts/olympus/woodpecker/configuration.nix +++ b/nixos/hosts/olympus/woodpecker/configuration.nix @@ -3,7 +3,9 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: -let vs = config.vault-secrets.secrets; +let + inherit (config.meta.exposes.ci) port; + vs = config.vault-secrets.secrets; in { imports = [ ]; @@ -18,7 +20,7 @@ in { # Additional packages environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ 8000 9000 ]; + networking.firewall.allowedTCPPorts = [ port 9000 ]; vault-secrets.secrets.woodpecker = { services = [ "woodpecker-server" "woodpecker-agent-docker" ]; @@ -46,7 +48,7 @@ in { WOODPECKER_GITEA_URL = "https://git.0x76.dev"; WOODPECKER_ADMIN = "v"; WOODPECKER_AUTHENTICATE_PUBLIC_REPOS = "true"; - WOODPECKER_SERVER_ADDR = "10.42.42.33:8000"; + WOODPECKER_SERVER_ADDR = "10.42.42.33:${toString port}"; }; environmentFile = "${vs.woodpecker}/environment"; }; -- 2.47.1 From bb38cadb11030f68321981b83e9a14276114fa80 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 5 May 2023 11:19:01 +0200 Subject: [PATCH 1538/1882] add dex auth to grafana --- nixos/hosts/olympus/dex/configuration.nix | 12 ++++++++-- .../olympus/victoriametrics/configuration.nix | 24 +++++++++++++++---- 2 files changed, 30 insertions(+), 6 deletions(-) diff --git a/nixos/hosts/olympus/dex/configuration.nix b/nixos/hosts/olympus/dex/configuration.nix index b205de84..e9bcab81 100644 --- a/nixos/hosts/olympus/dex/configuration.nix +++ b/nixos/hosts/olympus/dex/configuration.nix @@ -62,12 +62,20 @@ in { }; }]; - staticClients = [{ + staticClients = [ + { id = "outline"; name = "Outline"; redirectURIs = [ "https://outline.0x76.dev/auth/oidc.callback" ]; secretEnv = "OUTLINE_CLIENT_SECRET"; - }]; + } + { + id = "grafana"; + name = "Grafana"; + redirectURIs = [ "https://grafana.0x76.dev/login/generic_oauth" ]; + secretEnv = "GRAFANA_CLIENT_SECRET"; + } + ]; }; environmentFile = "${vs.dex}/environment"; diff --git a/nixos/hosts/olympus/victoriametrics/configuration.nix b/nixos/hosts/olympus/victoriametrics/configuration.nix index da9d3271..20374b49 100644 --- a/nixos/hosts/olympus/victoriametrics/configuration.nix +++ b/nixos/hosts/olympus/victoriametrics/configuration.nix @@ -5,6 +5,7 @@ { config, pkgs, ... }: let vmPort = 8428; + grafanaDomain = config.meta.exposes.grafana.domain; grafanaPort = config.meta.exposes.grafana.port; vs = config.vault-secrets.secrets; in { @@ -21,8 +22,7 @@ in { # Additional packages environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = - [ vmPort config.services.grafana.settings.server.http_port ]; + networking.firewall.allowedTCPPorts = [ vmPort grafanaPort ]; networking.firewall.allowedUDPPorts = [ vmPort ]; services.victoriametrics = { @@ -76,12 +76,28 @@ in { enable = true; settings = { server = { - domain = "grafana.0x76.dev"; - root_url = "https://grafana.0x76.dev"; + domain = grafanaDomain; + root_url = "https://${grafanaDomain}"; http_addr = "0.0.0.0"; http_port = grafanaPort; }; security.admin_password = "$__file{${vs.grafana}/password}"; + + "auth.generic_oauth" = { + name = "Dex"; + icon = "signin"; + enabled = true; + allow_sign_up = true; + client_id = "grafana"; + client_secret = "$__file{${vs.grafana}/dex_client_secret}"; + scopes = toString [ "openid" "profile" "email" "groups" ]; + auth_url = "https://dex.0x76.dev/auth"; + token_url = "https://dex.0x76.dev/token"; + api_url = "https://dex.0x76.dev/userinfo"; + skip_org_role_sync = true; + auto_login = true; + }; + }; }; } -- 2.47.1 From 9ac736868b61fe8d18efb5f3ce7f81d237097fc2 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 5 May 2023 12:58:00 +0200 Subject: [PATCH 1539/1882] add dex to hedgedoc --- nixos/hosts/olympus/dex/configuration.nix | 14 ++++++++++---- nixos/hosts/olympus/hedgedoc/configuration.nix | 15 ++++++++++++++- 2 files changed, 24 insertions(+), 5 deletions(-) diff --git a/nixos/hosts/olympus/dex/configuration.nix b/nixos/hosts/olympus/dex/configuration.nix index e9bcab81..966a6875 100644 --- a/nixos/hosts/olympus/dex/configuration.nix +++ b/nixos/hosts/olympus/dex/configuration.nix @@ -64,10 +64,10 @@ in { staticClients = [ { - id = "outline"; - name = "Outline"; - redirectURIs = [ "https://outline.0x76.dev/auth/oidc.callback" ]; - secretEnv = "OUTLINE_CLIENT_SECRET"; + id = "outline"; + name = "Outline"; + redirectURIs = [ "https://outline.0x76.dev/auth/oidc.callback" ]; + secretEnv = "OUTLINE_CLIENT_SECRET"; } { id = "grafana"; @@ -75,6 +75,12 @@ in { redirectURIs = [ "https://grafana.0x76.dev/login/generic_oauth" ]; secretEnv = "GRAFANA_CLIENT_SECRET"; } + { + id = "hedgedoc"; + name = "Hedgedoc"; + redirectURIs = [ "https://md.0x76.dev/auth/oauth2/callback" ]; + secretEnv = "HEDGEDOC_CLIENT_SECRET"; + } ]; }; diff --git a/nixos/hosts/olympus/hedgedoc/configuration.nix b/nixos/hosts/olympus/hedgedoc/configuration.nix index c23b63c1..1b92dc57 100644 --- a/nixos/hosts/olympus/hedgedoc/configuration.nix +++ b/nixos/hosts/olympus/hedgedoc/configuration.nix @@ -66,7 +66,20 @@ in { accessKey = "$MINIO_ACCESS_KEY"; secretKey = "$MINIO_SECRET_KEY"; }; - email = true; + email = false; + oauth2 = let url = "https://dex.0x76.dev"; + in { + providerName = "Dex"; + clientID = "hedgedoc"; + clientSecret = "$DEX_CLIENT_SECRET"; + scope = "openid email profile"; + authorizationURL = "${url}/auth"; + tokenURL = "${url}/token"; + userProfileURL = "${url}/userinfo"; + userProfileUsernameAttr = "preferred_username"; + userProfileDisplayNameAttr = "name"; + userProfileEmailAttr = "email"; + }; }; }; } -- 2.47.1 From 6241223b43295d94dc2ea8193fba546a9658d2fc Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 5 May 2023 13:21:53 +0200 Subject: [PATCH 1540/1882] add dhcp metrics --- nixos/hosts/olympus/dhcp/configuration.nix | 11 +++++++++++ .../hosts/olympus/victoriametrics/configuration.nix | 13 ++++++++----- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/nixos/hosts/olympus/dhcp/configuration.nix b/nixos/hosts/olympus/dhcp/configuration.nix index 13b002ba..daf061af 100644 --- a/nixos/hosts/olympus/dhcp/configuration.nix +++ b/nixos/hosts/olympus/dhcp/configuration.nix @@ -33,6 +33,12 @@ in { networking.firewall.allowedUDPPorts = [ 67 ]; + services.prometheus.exporters.kea = { + enable = true; + openFirewall = true; + controlSocketPaths = [ "/run/kea/kea-dhcp4.socket" ]; + }; + services.kea.dhcp4 = { enable = true; settings = { @@ -43,6 +49,11 @@ in { interfaces-config.interfaces = [ "eth0" ]; + control-socket = { + socket-type = "unix"; + socket-name = "/run/kea/kea-dhcp4.socket"; + }; + lease-database = { name = "/var/lib/kea/dhcp4.leases"; persist = true; diff --git a/nixos/hosts/olympus/victoriametrics/configuration.nix b/nixos/hosts/olympus/victoriametrics/configuration.nix index 20374b49..8879bac2 100644 --- a/nixos/hosts/olympus/victoriametrics/configuration.nix +++ b/nixos/hosts/olympus/victoriametrics/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: +{ config, ... }: let vmPort = 8428; grafanaDomain = config.meta.exposes.grafana.domain; @@ -18,10 +18,6 @@ in { # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "21.11"; # Did you read the comment? - - # Additional packages - environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ vmPort grafanaPort ]; networking.firewall.allowedUDPPorts = [ vmPort ]; @@ -41,6 +37,13 @@ in { scrape_timeout = "30s"; }; scrape_configs = [ + { + job_name = "kea"; + static_configs = [{ + targets = [ "dhcp.olympus:9547" ]; + labels.app = "dhcp"; + }]; + } { job_name = "nginx"; static_configs = [{ -- 2.47.1 From 2c0d78b6a2acd0a15aa847f9d042306b7f82577e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 5 May 2023 14:05:08 +0000 Subject: [PATCH 1541/1882] chore(deps): lock file maintenance --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index f21bccd5..4e56367e 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1683221986, - "narHash": "sha256-n688GK4wO2pZpI4gHOxj/PF85bzUMPEJ8B3Wd3cHSjk=", + "lastModified": 1683276742, + "narHash": "sha256-QURv/m81hd6TN5RMjlSHhE1zLpXHsvDEm66qv3MRBsM=", "owner": "nix-community", "repo": "home-manager", - "rev": "f3824311a16cbe70dbaeedc17a97dfcd11901c3f", + "rev": "38271ead8e7b291beb9d3b8312e66c3268796c0a", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1683103914, - "narHash": "sha256-Mbrst3sLaiL55eOlZOEL8kB+XTWffaQVfcI03YWiryg=", + "lastModified": 1683207485, + "narHash": "sha256-gs+PHt/y/XQB7S8+YyBLAM8LjgYpPZUVFQBwpFSmJro=", "owner": "nixos", "repo": "nixpkgs", - "rev": "54495a4eafe99c537695a87fe04cb50bf17e651d", + "rev": "cc45a3f8c98e1c33ca996e3504adefbf660a72d1", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1683237598, - "narHash": "sha256-RQrAydX9mQIJYBtOe0kEGHjHV6tSx+a0LOI0LZ/Mus4=", + "lastModified": 1683295245, + "narHash": "sha256-vKLe6Hx87uZMZ/LPqrdv9M7CmMz/40xRZU5RSHzE23o=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0ba02ba5e7a068d334fb04c8349d7654d1a9a230", + "rev": "eef55c17ea16ef216ea2ef3288d7ea20e4362d59", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1683236736, - "narHash": "sha256-ruEH8oO2WLlZI8CSrKPmMbIFNO4/oEGeBwyTyszhw5Y=", + "lastModified": 1683279897, + "narHash": "sha256-iVDg5FSmFwriLuuYF9r3Jmjy2SEnbgifelm6D6aPICo=", "owner": "nix-community", "repo": "NUR", - "rev": "ee7b5b05842c7db8688a3a21f7c10e2eb8762882", + "rev": "4dfe38b74d52259176d8649e187488cb8c2614c8", "type": "github" }, "original": { -- 2.47.1 From f5a98385e702ee02df8001b735e006bfdab53342 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 5 May 2023 17:03:39 +0200 Subject: [PATCH 1542/1882] add k8s ips --- nixos/hosts/hades/nginx/configuration.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix index e4a6f4fa..cf50df92 100644 --- a/nixos/hosts/hades/nginx/configuration.nix +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -68,6 +68,7 @@ in { locations."/".extraConfig = '' allow 127.0.0.1; allow 10.42.42.0/23; + allow 10.10.10.1/24; allow 192.168.0.0/23; allow 80.60.83.220; allow 195.85.167.32/29; -- 2.47.1 From 8a9be8979b8469df8a2d7a9c4874e50ea1eb2b15 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 5 May 2023 22:04:57 +0000 Subject: [PATCH 1543/1882] chore(deps): lock file maintenance --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 4e56367e..ddbbfd5f 100644 --- a/flake.lock +++ b/flake.lock @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1683295245, - "narHash": "sha256-vKLe6Hx87uZMZ/LPqrdv9M7CmMz/40xRZU5RSHzE23o=", + "lastModified": 1683323880, + "narHash": "sha256-MvJ5gVYTTIaNynqm86SbSQa+JuOVaSrnO1JTmV0v+rA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "eef55c17ea16ef216ea2ef3288d7ea20e4362d59", + "rev": "6df56832726e108753d1c1669e58a3d7c5d7a40b", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1683279897, - "narHash": "sha256-iVDg5FSmFwriLuuYF9r3Jmjy2SEnbgifelm6D6aPICo=", + "lastModified": 1683319528, + "narHash": "sha256-5sHLy/lzcUZG/0okPWCv74gfjN07PR3PiCu29SdUcGU=", "owner": "nix-community", "repo": "NUR", - "rev": "4dfe38b74d52259176d8649e187488cb8c2614c8", + "rev": "0f4a887323828e19052addec3b8c3163b36b76a5", "type": "github" }, "original": { -- 2.47.1 From a061c477248ef9567edf363ed1a96b37898b77fb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 6 May 2023 06:00:37 +0000 Subject: [PATCH 1544/1882] chore(deps): update renovate/renovate docker tag to v35.71.7 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index bc5d7db3..a795be36 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.66.3 + image: renovate/renovate:35.71.7 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From e9c5170ec16244b07299ca3a36bccdf5daec1b83 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 6 May 2023 14:04:55 +0000 Subject: [PATCH 1545/1882] chore(deps): update renovate/renovate docker tag to v35.72.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index a795be36..d063f3d6 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.71.7 + image: renovate/renovate:35.72.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From ac009b45939e81f76abf785f31eedce4529839c0 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 7 May 2023 18:42:36 +0200 Subject: [PATCH 1546/1882] boop --- flake.lock | 42 +++++++++---------- nixos/common/desktop/home.nix | 1 + nixos/hosts/hades/pmm/config/Movies.yml | 10 +++-- nixos/hosts/olympus/ntfy/configuration.nix | 3 +- .../olympus/victoriametrics/configuration.nix | 10 ++++- 5 files changed, 39 insertions(+), 27 deletions(-) diff --git a/flake.lock b/flake.lock index ddbbfd5f..805b6150 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1683276742, - "narHash": "sha256-QURv/m81hd6TN5RMjlSHhE1zLpXHsvDEm66qv3MRBsM=", + "lastModified": 1683459775, + "narHash": "sha256-Ab1pIKOj7XRZbJAv4g9937ElhaZF7Pob3hqGTDKt5w8=", "owner": "nix-community", "repo": "home-manager", - "rev": "38271ead8e7b291beb9d3b8312e66c3268796c0a", + "rev": "6fc82e56971523acfe1a61dbcb20f4bb969b3990", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1683207485, - "narHash": "sha256-gs+PHt/y/XQB7S8+YyBLAM8LjgYpPZUVFQBwpFSmJro=", + "lastModified": 1683383741, + "narHash": "sha256-rAQSBnFGNKNomUUyVl+7v0tnp45677t4Ovlh9f57k6Q=", "owner": "nixos", "repo": "nixpkgs", - "rev": "cc45a3f8c98e1c33ca996e3504adefbf660a72d1", + "rev": "adc7c6f1bbaa73cda26be2323353b63a05b42f61", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1683323880, - "narHash": "sha256-MvJ5gVYTTIaNynqm86SbSQa+JuOVaSrnO1JTmV0v+rA=", + "lastModified": 1683475240, + "narHash": "sha256-sy6MYoCaIZsOenYplbzVXI4Ce9Bp/vIOpuFa97+a6wc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6df56832726e108753d1c1669e58a3d7c5d7a40b", + "rev": "e040aab15638aaf8d0786894851a2b1ca09a7baf", "type": "github" }, "original": { @@ -831,11 +831,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1682526928, - "narHash": "sha256-2cKh4O6t1rQ8Ok+v16URynmb0rV7oZPEbXkU0owNLQs=", + "lastModified": 1683408522, + "narHash": "sha256-9kcPh6Uxo17a3kK3XCHhcWiV1Yu1kYj22RHiymUhMkU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d6b863fd9b7bb962e6f9fdf292419a775e772891", + "rev": "897876e4c484f1e8f92009fd11b7d988a121a4e7", "type": "github" }, "original": { @@ -931,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1683202852, - "narHash": "sha256-AN4PZAtkiA4ATi9MwCMpU7WvAoQ642Hol8K8/n0477M=", + "lastModified": 1683465903, + "narHash": "sha256-rkuqTLd2JciPnMRXNkVtGV+taMT1rsvQdt9tvWDYksw=", "owner": "pta2002", "repo": "nixvim", - "rev": "8a637fc91fd670626a3e182a781a2e82615bbcc2", + "rev": "079b0c30cde91a735a7a1707ed6bf2571a1c93cc", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1683319528, - "narHash": "sha256-5sHLy/lzcUZG/0okPWCv74gfjN07PR3PiCu29SdUcGU=", + "lastModified": 1683470760, + "narHash": "sha256-Xe5L52haU8nTz6f2pM4j/J0YaWfaeZX9mtNSy7UQGUc=", "owner": "nix-community", "repo": "NUR", - "rev": "0f4a887323828e19052addec3b8c3163b36b76a5", + "rev": "1836bc3c9f7f033a6abfbf6ac3dd36ee875f85ae", "type": "github" }, "original": { @@ -1015,11 +1015,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1682326782, - "narHash": "sha256-wj7p7iEwQXAfTZ6QokAe0dMbpQk5u7ympDnaiPvbv1w=", + "lastModified": 1682596858, + "narHash": "sha256-Hf9XVpqaGqe/4oDGr30W8HlsWvJXtMsEPHDqHZA6dDg=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "56cd2d47a9c937be98ab225cf014b450f1533cdb", + "rev": "fb58866e20af98779017134319b5663b8215d912", "type": "github" }, "original": { diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index b169f549..1121eaba 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -28,6 +28,7 @@ in { rustup solo2-cli tex + unzip yt-dlp ]; diff --git a/nixos/hosts/hades/pmm/config/Movies.yml b/nixos/hosts/hades/pmm/config/Movies.yml index 7810dd25..29e9f962 100644 --- a/nixos/hosts/hades/pmm/config/Movies.yml +++ b/nixos/hosts/hades/pmm/config/Movies.yml @@ -33,11 +33,9 @@ collections: Studio Ghibli: template: { name: Studio, company: 10342 } url_poster: https://theposterdb.com/api/assets/393 - summary: Studio Ghibli Inc. is a Japanese animation film studio headquartered in Koganei, Tokyo. The studio is best known for its animated feature films, and has also produced several short films, television commercials, and one television film. The studio’s mascot and most recognizable symbol is the character, Totoro, a giant cat-like spirit from the 1988 classic, My Neighbor Totoro. Pixar: template: { name: Studio, company: 3 } url_poster: https://theposterdb.com/api/assets/18894 - summary: Pixar Animation Studios, commonly known as Pixar, is an American computer animation studio based in Emeryville, California, a subsidiary of Disney Studios Content owned by The Walt Disney Company. Pixar began in 1979 as part of the Lucasfilm computer division, known as the Graphics Group, before its spin-off as a corporation on February 3, 1986, with funding from Apple co-founder Steve Jobs, who became its majority shareholder. Disney purchased Pixar in 2006 at a valuation of $7.4 billion by converting each share of Pixar stock to 2.3 shares of Disney stock, a transaction that resulted in Jobs becoming Disney's largest single shareholder at the time. Pixar is best known for its feature films technologically powered by RenderMan, the company's own implementation of the industry-standard RenderMan Interface Specification image-rendering application programming interface. Luxo Jr., a desk lamp from the studio's 1986 short film of the same name, is the studio's mascot. Star Trek: tmdb_collection: - 151 @@ -47,4 +45,10 @@ collections: poster: https://theposterdb.com/api/assets/222279 background: https://i.imgur.com/Yp0NCZa.jpg Bad Trek: - tmdb_collection_details: 115575 + template: + name: Set + collection: 115575 + National Theatre: + template: + name: Studio + company: 16355 diff --git a/nixos/hosts/olympus/ntfy/configuration.nix b/nixos/hosts/olympus/ntfy/configuration.nix index e968178c..00777670 100644 --- a/nixos/hosts/olympus/ntfy/configuration.nix +++ b/nixos/hosts/olympus/ntfy/configuration.nix @@ -18,7 +18,7 @@ # Additional packages environment.systemPackages = with pkgs; [ ntfy-sh ]; - networking.firewall.allowedTCPPorts = [ 80 ]; + networking.firewall.allowedTCPPorts = [ 80 9090 ]; services.ntfy-sh = let datadir = "/var/lib/ntfy"; in { @@ -31,6 +31,7 @@ auth-default-access = "deny-all"; behind-proxy = true; attachment-cache-dir = "${datadir}/attachments"; + metrics-listen-http = ":9090"; }; }; } diff --git a/nixos/hosts/olympus/victoriametrics/configuration.nix b/nixos/hosts/olympus/victoriametrics/configuration.nix index 8879bac2..7fed0a27 100644 --- a/nixos/hosts/olympus/victoriametrics/configuration.nix +++ b/nixos/hosts/olympus/victoriametrics/configuration.nix @@ -25,7 +25,7 @@ in { enable = true; listenAddress = ":${toString vmPort}"; # Data Retention period in months - retentionPeriod = 12; + retentionPeriod = 36; }; services.vmagent = { @@ -53,7 +53,6 @@ in { } { job_name = "synapse"; - metrics_path = "/_synapse/metrics"; static_configs = [{ targets = [ "synapse.olympus:9000" ]; labels.app = "synapse"; @@ -66,6 +65,13 @@ in { labels.app = "wireguard"; }]; } + { + job_name = "ntfy"; + static_configs = [{ + targets = [ "ntfy.olympus:9090"]; + labels.app = "ntfy"; + }]; + } ]; }; }; -- 2.47.1 From 1eafc8a58d79c5c2b5c931f5559b76bdf4f4c2ea Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 7 May 2023 18:49:07 +0200 Subject: [PATCH 1547/1882] specify version pmm --- nixos/hosts/hades/pmm/configuration.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/nixos/hosts/hades/pmm/configuration.nix b/nixos/hosts/hades/pmm/configuration.nix index 844c60d5..6a423864 100644 --- a/nixos/hosts/hades/pmm/configuration.nix +++ b/nixos/hosts/hades/pmm/configuration.nix @@ -2,10 +2,10 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ pkgs, ... }: +{ config, pkgs, ... }: let datadir = "/var/lib/pmm/config"; - container = "meisnate12/plex-meta-manager:latest"; + container = config.virtualisation.oci-containers.containers.plex-meta-manager.image; run_pmm = pkgs.writeScriptBin "pmm-run" '' sudo ${pkgs.podman}/bin/podman run --rm -it \ -v "/var/lib/pmm/config:/config:rw" \ @@ -36,7 +36,7 @@ in { backend = "podman"; containers = { plex-meta-manager = { - image = container; + image = "meisnate12/plex-meta-manager:v1.19.0"; volumes = [ "${datadir}:/config:rw" "/etc/pmm/Anime.yml:/config/Anime.yml:ro" -- 2.47.1 From 7c6d5f2412055cb5098384be78e4e0a6f18b7c04 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 7 May 2023 19:17:00 +0200 Subject: [PATCH 1548/1882] fix pmm config --- nixos/hosts/hades/pmm/config/Anime.yml | 4 ++-- nixos/hosts/hades/pmm/config/Movies.yml | 3 +++ nixos/hosts/hades/pmm/config/TVShows.yml | 2 ++ 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/nixos/hosts/hades/pmm/config/Anime.yml b/nixos/hosts/hades/pmm/config/Anime.yml index 3eb25d07..fab2f1b1 100644 --- a/nixos/hosts/hades/pmm/config/Anime.yml +++ b/nixos/hosts/hades/pmm/config/Anime.yml @@ -1,7 +1,7 @@ templates: MAL Genre: - mal_genre: - genre_id: <> + mal_search: + genre: <> collection_order: alpha collection_mode: hide sync_mode: sync diff --git a/nixos/hosts/hades/pmm/config/Movies.yml b/nixos/hosts/hades/pmm/config/Movies.yml index 29e9f962..11dfffe6 100644 --- a/nixos/hosts/hades/pmm/config/Movies.yml +++ b/nixos/hosts/hades/pmm/config/Movies.yml @@ -11,6 +11,8 @@ templates: - collection - movie - list + - background + - poster tmdb_collection_details: <> tmdb_movie: <> tmdb_list: <> @@ -49,6 +51,7 @@ collections: name: Set collection: 115575 National Theatre: + imdb_list: https://www.imdb.com/search/title/?companies=co0388435 template: name: Studio company: 16355 diff --git a/nixos/hosts/hades/pmm/config/TVShows.yml b/nixos/hosts/hades/pmm/config/TVShows.yml index 2f22a960..9b7dcb22 100644 --- a/nixos/hosts/hades/pmm/config/TVShows.yml +++ b/nixos/hosts/hades/pmm/config/TVShows.yml @@ -3,6 +3,8 @@ templates: optional: - network - list + - poster + - background tmdb_network: <> tmdb_list: <> sort_title: <> -- 2.47.1 From f34510cf595a8be1a861ea8ba5018ba886aa4cbe Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 7 May 2023 19:54:14 +0200 Subject: [PATCH 1549/1882] dont run renovate on nix, it broken --- flux/olympus/apps/services/renovate/config.yaml | 9 --------- nixos/hosts/hades/pmm/configuration.nix | 2 +- 2 files changed, 1 insertion(+), 10 deletions(-) diff --git a/flux/olympus/apps/services/renovate/config.yaml b/flux/olympus/apps/services/renovate/config.yaml index 49b24cd1..53683839 100644 --- a/flux/olympus/apps/services/renovate/config.yaml +++ b/flux/olympus/apps/services/renovate/config.yaml @@ -17,15 +17,6 @@ data: "kubernetes": { "fileMatch": ["flux/.+\\.ya?ml$"] }, - "nix": { - "enabled": true - }, - "lockFileMaintenance": { - "enabled": true, - "automerge": true, - "automergeType": "branch", - "schedule": ["weekly"], - }, "hostRules": [ { "hostType": "docker", diff --git a/nixos/hosts/hades/pmm/configuration.nix b/nixos/hosts/hades/pmm/configuration.nix index 6a423864..b7dbd66f 100644 --- a/nixos/hosts/hades/pmm/configuration.nix +++ b/nixos/hosts/hades/pmm/configuration.nix @@ -7,7 +7,7 @@ let datadir = "/var/lib/pmm/config"; container = config.virtualisation.oci-containers.containers.plex-meta-manager.image; run_pmm = pkgs.writeScriptBin "pmm-run" '' - sudo ${pkgs.podman}/bin/podman run --rm -it \ + sudo ${pkgs.podman}/bin/podman run -d --rm -it \ -v "/var/lib/pmm/config:/config:rw" \ -v "/etc/pmm/Anime.yml:/config/Anime.yml:ro" \ -v "/etc/pmm/Movies.yml:/config/Movies.yml:ro" \ -- 2.47.1 From 086b53e3ba3b04427f07e9373839fe66e115a6ab Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 7 May 2023 22:00:34 +0000 Subject: [PATCH 1550/1882] chore(deps): update renovate/renovate docker tag to v35.73.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index d063f3d6..35216bb7 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.72.1 + image: renovate/renovate:35.73.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 71fe80587ad7b899ea6fda1c49f5b3803bbbd987 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 8 May 2023 09:24:13 +0200 Subject: [PATCH 1551/1882] flake update --- flake.lock | 18 +++++++++--------- nixos/hosts/olympus/minio/configuration.nix | 12 ++++++++++++ 2 files changed, 21 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 805b6150..f1ba5727 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1683459775, - "narHash": "sha256-Ab1pIKOj7XRZbJAv4g9937ElhaZF7Pob3hqGTDKt5w8=", + "lastModified": 1683496796, + "narHash": "sha256-MgC6q2tEFM0uPB/kt+MYQSrnuLnTTvIFziZSDJCloQ4=", "owner": "nix-community", "repo": "home-manager", - "rev": "6fc82e56971523acfe1a61dbcb20f4bb969b3990", + "rev": "78ceec68f29ed56d6118617e9f0f588bf164067f", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1683475240, - "narHash": "sha256-sy6MYoCaIZsOenYplbzVXI4Ce9Bp/vIOpuFa97+a6wc=", + "lastModified": 1683526594, + "narHash": "sha256-HYpnC6W6hz9zQvzZohdeS8PMJaNbkBmW7WWq/Km4qPk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e040aab15638aaf8d0786894851a2b1ca09a7baf", + "rev": "8fb30e1471ed7c83f9e1a59c5b6c3c973cb885b1", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1683470760, - "narHash": "sha256-Xe5L52haU8nTz6f2pM4j/J0YaWfaeZX9mtNSy7UQGUc=", + "lastModified": 1683525515, + "narHash": "sha256-/dSuEg0DGn4SBMjFUMmmOHmC5kXg5d3rzgQBXeWJemg=", "owner": "nix-community", "repo": "NUR", - "rev": "1836bc3c9f7f033a6abfbf6ac3dd36ee875f85ae", + "rev": "1d6de516208e1ac37fe948bb3e63ba3278fd9bf9", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/minio/configuration.nix b/nixos/hosts/olympus/minio/configuration.nix index aa0fc928..5a05fb77 100644 --- a/nixos/hosts/olympus/minio/configuration.nix +++ b/nixos/hosts/olympus/minio/configuration.nix @@ -32,4 +32,16 @@ in { listenAddress = ":${toString listenPort}"; consoleAddress = ":${toString consolePort}"; }; + + # services.garage = { + # enable = true; + # replication_mode = "1"; + # package = pkgs.garage_0_8; + # settings = { + # s3_api = { + # api_bind_addr = "0.0.0.0:3900"; + # s3_region = "olympus"; + # }; + # }; + # }; } -- 2.47.1 From ac3640c4fc483624673212f886129f803306e970 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 8 May 2023 09:34:08 +0200 Subject: [PATCH 1552/1882] pmm remove anime --- nixos/hosts/hades/pmm/config/Anime.yml | 82 -------------------------- 1 file changed, 82 deletions(-) diff --git a/nixos/hosts/hades/pmm/config/Anime.yml b/nixos/hosts/hades/pmm/config/Anime.yml index fab2f1b1..c8ddddfc 100644 --- a/nixos/hosts/hades/pmm/config/Anime.yml +++ b/nixos/hosts/hades/pmm/config/Anime.yml @@ -1,85 +1,3 @@ templates: - MAL Genre: - mal_search: - genre: <> - collection_order: alpha - collection_mode: hide - sync_mode: sync - sort_title: zz_<> collections: - Cars: - template: { name: MAL Genre, genre_id: 3 } - Demons: - template: { name: MAL Genre, genre_id: 6 } - Ecchi: - template: { name: MAL Genre, genre_id: 9 } - Game: - template: { name: MAL Genre, genre_id: 11 } - Harem: - template: { name: MAL Genre, genre_id: 35 } - Mecha: - template: { name: MAL Genre, genre_id: 18 } - Military: - template: { name: MAL Genre, genre_id: 38 } - Psychological: - template: { name: MAL Genre, genre_id: 40 } - Samurai: - template: { name: MAL Genre, genre_id: 21 } - School: - template: { name: MAL Genre, genre_id: 23 } - Shoujo: - template: { name: MAL Genre, genre_id: 25 } - Shounen: - template: { name: MAL Genre, genre_id: 27 } - Slice of Life: - template: { name: MAL Genre, genre_id: 36 } - Space: - template: { name: MAL Genre, genre_id: 29 } - Supernatural: - template: { name: MAL Genre, genre_id: 37 } - Super Power: - template: { name: MAL Genre, genre_id: 31 } - Vampire: - template: { name: MAL Genre, genre_id: 32 } - Action: - template: { name: MAL Genre, genre_id: 1 } - Adventure: - template: { name: MAL Genre, genre_id: 2 } - Comedy: - template: { name: MAL Genre, genre_id: 4 } - Drama: - template: { name: MAL Genre, genre_id: 8 } - Fantasy: - template: { name: MAL Genre, genre_id: 10 } - Historical: - template: { name: MAL Genre, genre_id: 13 } - Horror: - template: { name: MAL Genre, genre_id: 14 } - Martial Arts: - template: { name: MAL Genre, genre_id: 17 } - Music: - template: { name: MAL Genre, genre_id: 19 } - Mystery: - template: { name: MAL Genre, genre_id: 7 } - Romance: - template: { name: MAL Genre, genre_id: 22 } - Sci-Fi: - template: { name: MAL Genre, genre_id: 24 } - Sports: - template: { name: MAL Genre, genre_id: 30 } - Boys Love: - template: { name: MAL Genre, genre_id: 28 } - Girls Love: - template: { name: MAL Genre, genre_id: 26 } - Gourmet: - template: { name: MAL Genre, genre_id: 47 } - Parody: - template: { name: MAL Genre, genre_id: 20 } - Police: - template: { name: MAL Genre, genre_id: 39 } - Thriller: - template: { name: MAL Genre, genre_id: 41 } - Most Popular Anime: - mal_popular: 50 - sync_mode: sync -- 2.47.1 From d7c01d7f223600620f87858303b54e8a055dbccf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 8 May 2023 14:04:00 +0000 Subject: [PATCH 1553/1882] chore(deps): update renovate/renovate docker tag to v35.74.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 35216bb7..51866f32 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.73.0 + image: renovate/renovate:35.74.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From d8c7508db2d1f9839708d8eeec8ad0be440397c5 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 9 May 2023 08:58:10 +0200 Subject: [PATCH 1554/1882] lucy: add trivy --- flake.lock | 36 ++++++++++++------------ nixos/hosts/hades/lucy/configuration.nix | 2 +- 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/flake.lock b/flake.lock index f1ba5727..e4b94280 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1683496796, - "narHash": "sha256-MgC6q2tEFM0uPB/kt+MYQSrnuLnTTvIFziZSDJCloQ4=", + "lastModified": 1683543852, + "narHash": "sha256-aS9qNcg9GwSYFLCWa3Lw+2nVPG11mmQ3B7Oka1hh04M=", "owner": "nix-community", "repo": "home-manager", - "rev": "78ceec68f29ed56d6118617e9f0f588bf164067f", + "rev": "3f3fa731ad0f99741d4dc98e8e1287b45e30b452", "type": "github" }, "original": { @@ -671,11 +671,11 @@ ] }, "locked": { - "lastModified": 1683189539, - "narHash": "sha256-dqeE6PM1SSNCB9BSBgh/9dJPLn3sf7P4uay8/CymMlQ=", + "lastModified": 1683530131, + "narHash": "sha256-R0RSqj6JdZfru2x/cM19KJMHsU52OjtyxI5cccd+uFc=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "104ca15b0019bf461639050daeaa18e25642ccee", + "rev": "10079333313ff62446e6f2b0e7c5231c7431d269", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1683383741, - "narHash": "sha256-rAQSBnFGNKNomUUyVl+7v0tnp45677t4Ovlh9f57k6Q=", + "lastModified": 1683546353, + "narHash": "sha256-zEfx6q4fXK5wq+RCsyM0FyWBKNNhHTKMpCWkEpKDe2g=", "owner": "nixos", "repo": "nixpkgs", - "rev": "adc7c6f1bbaa73cda26be2323353b63a05b42f61", + "rev": "7629f9b0680d87c7775f3261bee746da5dac76d1", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1683526594, - "narHash": "sha256-HYpnC6W6hz9zQvzZohdeS8PMJaNbkBmW7WWq/Km4qPk=", + "lastModified": 1683614353, + "narHash": "sha256-J3u1mJgmimGw0QdFADBCgq+uOOYncv8XR9cGHCqRkEg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8fb30e1471ed7c83f9e1a59c5b6c3c973cb885b1", + "rev": "89325a10b0abe2659ef5d5b5d5734f27f0a6e2a8", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1683525515, - "narHash": "sha256-/dSuEg0DGn4SBMjFUMmmOHmC5kXg5d3rzgQBXeWJemg=", + "lastModified": 1683605580, + "narHash": "sha256-cVDmvUvgQbbqIHLC+yF3cGhAGd7Dl+YAsn+QEhGa0BQ=", "owner": "nix-community", "repo": "NUR", - "rev": "1d6de516208e1ac37fe948bb3e63ba3278fd9bf9", + "rev": "d2b4061a60934718566c5003cccc38be2aefdd68", "type": "github" }, "original": { @@ -1226,11 +1226,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1679628347, - "narHash": "sha256-FacS4utvrARToWss3REX/0KMiP87BXE+2xc3a+vrvQI=", + "lastModified": 1683601533, + "narHash": "sha256-DMDeUvjeAEU/rZN7y/U2B1VKMVaOwK12j7tfw6JK1Kg=", "owner": "serokell", "repo": "vault-secrets", - "rev": "e4ec077c2650a6d5500b34d0baae2e0d4c61c2ff", + "rev": "1b4943a99768e502519640f83873bec780d777d1", "type": "github" }, "original": { diff --git a/nixos/hosts/hades/lucy/configuration.nix b/nixos/hosts/hades/lucy/configuration.nix index f80b3db6..f776fe7c 100644 --- a/nixos/hosts/hades/lucy/configuration.nix +++ b/nixos/hosts/hades/lucy/configuration.nix @@ -36,7 +36,7 @@ in { system.stateVersion = "23.05"; # Did you read the comment? # Additional packages - environment.systemPackages = with pkgs; [ gcc go jq rustup nuclei-latest ]; + environment.systemPackages = with pkgs; [ gcc go jq rustup trivy nuclei-latest ]; networking.firewall.allowedTCPPorts = [ ]; -- 2.47.1 From e7e857e61a2717ecf4ec90972e24c16c59680a75 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 9 May 2023 09:33:28 +0200 Subject: [PATCH 1555/1882] upgrade bazarr --- flake.lock | 12 ++++++------ flake.nix | 4 +++- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index e4b94280..71fdd709 100644 --- a/flake.lock +++ b/flake.lock @@ -815,16 +815,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1683614353, - "narHash": "sha256-J3u1mJgmimGw0QdFADBCgq+uOOYncv8XR9cGHCqRkEg=", - "owner": "nixos", + "lastModified": 1683616229, + "narHash": "sha256-DGnFcTlPUZWceN8AOjqAGZKFaQPTKm3JieGkwTG5UUI=", + "owner": "NULLx76", "repo": "nixpkgs", - "rev": "89325a10b0abe2659ef5d5b5d5734f27f0a6e2a8", + "rev": "23e98ed600e902cdec403246339b77243e1076a1", "type": "github" }, "original": { - "owner": "nixos", - "ref": "master", + "owner": "NULLx76", + "ref": "bazarr-1.2.1", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 1783aa75..c53d02da 100644 --- a/flake.nix +++ b/flake.nix @@ -9,7 +9,9 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "github:nixos/nixpkgs/master"; + # nixpkgs.url = "github:nixos/nixpkgs/master"; + nixpkgs.url = "github:NULLx76/nixpkgs/bazarr-1.2.1"; + nixpkgs_22-11.url = "github:nixos/nixpkgs/nixos-22.11"; nur.url = "github:nix-community/NUR"; -- 2.47.1 From e0846af5e31b7c9d8bb65f1592a6e152f086cfc1 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 9 May 2023 16:42:10 +0200 Subject: [PATCH 1556/1882] move eevee --- nixos/hosts/README.md | 2 +- nixos/hosts/olympus/default.nix | 2 +- nixos/hosts/{thalassa => olympus}/eevee/configuration.nix | 0 .../{thalassa => olympus}/eevee/hardware-configuration.nix | 0 nixos/hosts/{thalassa => olympus}/eevee/hardware.nix | 0 nixos/hosts/{thalassa => olympus}/eevee/home/.gitignore | 0 nixos/hosts/{thalassa => olympus}/eevee/home/default.nix | 0 nixos/hosts/{thalassa => olympus}/eevee/home/theme.nix | 0 nixos/hosts/thalassa/default.nix | 1 - 9 files changed, 2 insertions(+), 3 deletions(-) rename nixos/hosts/{thalassa => olympus}/eevee/configuration.nix (100%) rename nixos/hosts/{thalassa => olympus}/eevee/hardware-configuration.nix (100%) rename nixos/hosts/{thalassa => olympus}/eevee/hardware.nix (100%) rename nixos/hosts/{thalassa => olympus}/eevee/home/.gitignore (100%) rename nixos/hosts/{thalassa => olympus}/eevee/home/default.nix (100%) rename nixos/hosts/{thalassa => olympus}/eevee/home/theme.nix (100%) diff --git a/nixos/hosts/README.md b/nixos/hosts/README.md index 52fd7fce..03d88a9b 100644 --- a/nixos/hosts/README.md +++ b/nixos/hosts/README.md @@ -1,2 +1,2 @@ # NixOS Hosts -Each folder here is a seperate geographical location, with `thalassa` being for roaming devices like laptops +Each folder here is a separate geographical location, with `thalassa` being for roaming devices like laptops diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index f5535287..20937bd4 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -203,6 +203,6 @@ ip = "10.42.42.69"; ip6 = "2001:41f0:9639:1:a83:e416:dc99:5ed3"; mac = "34:97:f6:93:9A:AA"; - nix = false; + type = "local"; }; } diff --git a/nixos/hosts/thalassa/eevee/configuration.nix b/nixos/hosts/olympus/eevee/configuration.nix similarity index 100% rename from nixos/hosts/thalassa/eevee/configuration.nix rename to nixos/hosts/olympus/eevee/configuration.nix diff --git a/nixos/hosts/thalassa/eevee/hardware-configuration.nix b/nixos/hosts/olympus/eevee/hardware-configuration.nix similarity index 100% rename from nixos/hosts/thalassa/eevee/hardware-configuration.nix rename to nixos/hosts/olympus/eevee/hardware-configuration.nix diff --git a/nixos/hosts/thalassa/eevee/hardware.nix b/nixos/hosts/olympus/eevee/hardware.nix similarity index 100% rename from nixos/hosts/thalassa/eevee/hardware.nix rename to nixos/hosts/olympus/eevee/hardware.nix diff --git a/nixos/hosts/thalassa/eevee/home/.gitignore b/nixos/hosts/olympus/eevee/home/.gitignore similarity index 100% rename from nixos/hosts/thalassa/eevee/home/.gitignore rename to nixos/hosts/olympus/eevee/home/.gitignore diff --git a/nixos/hosts/thalassa/eevee/home/default.nix b/nixos/hosts/olympus/eevee/home/default.nix similarity index 100% rename from nixos/hosts/thalassa/eevee/home/default.nix rename to nixos/hosts/olympus/eevee/home/default.nix diff --git a/nixos/hosts/thalassa/eevee/home/theme.nix b/nixos/hosts/olympus/eevee/home/theme.nix similarity index 100% rename from nixos/hosts/thalassa/eevee/home/theme.nix rename to nixos/hosts/olympus/eevee/home/theme.nix diff --git a/nixos/hosts/thalassa/default.nix b/nixos/hosts/thalassa/default.nix index d0c47254..5b1e1db9 100644 --- a/nixos/hosts/thalassa/default.nix +++ b/nixos/hosts/thalassa/default.nix @@ -3,5 +3,4 @@ type = "local"; mac = "04:7b:cb:b6:2d:88"; }; - "eevee" = { type = "local"; }; } -- 2.47.1 From 0bf1eb4ed6852d66ea875b381bd281c2d52d46de Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 9 May 2023 17:28:22 +0200 Subject: [PATCH 1557/1882] more metrics more better --- nixos/common/modules/dns.nix | 20 +++++++++++++++++-- nixos/hosts/olympus/dex/configuration.nix | 4 +++- .../olympus/victoriametrics/configuration.nix | 14 +++++++++++++ 3 files changed, 35 insertions(+), 3 deletions(-) diff --git a/nixos/common/modules/dns.nix b/nixos/common/modules/dns.nix index b173ff2b..8d375ecd 100644 --- a/nixos/common/modules/dns.nix +++ b/nixos/common/modules/dns.nix @@ -22,8 +22,17 @@ in { openFirewall = mkOption { type = types.bool; default = false; - description = '' + description = lib.mdDoc '' Whether to open port 53 in the firwall for unbound dns + And `services.prometheus.exporters.unbound.port` for metrics (if enabled). + ''; + }; + + enableMetrics = mkOption { + type = types.bool; + default = cfg.mode == "server"; + description = '' + Enable prometheus metrics ''; }; @@ -38,12 +47,19 @@ in { config = mkIf cfg.enable { networking.firewall = mkIf cfg.openFirewall { - allowedTCPPorts = [ 53 ]; + allowedTCPPorts = [ 53 ] ; allowedUDPPorts = [ 53 ]; }; + services.prometheus.exporters.unbound = mkIf cfg.enableMetrics { + enable = true; + openFirewall = cfg.openFirewall; + controlInterface = config.services.unbound.localControlSocketPath; + group = config.services.unbound.group; + }; services.unbound = { enable = true; package = pkgs.v.unbound; + localControlSocketPath = mkIf cfg.enableMetrics "/run/unbound/unbound.socket"; settings = { server = mkMerge [ { diff --git a/nixos/hosts/olympus/dex/configuration.nix b/nixos/hosts/olympus/dex/configuration.nix index 966a6875..0c77f11c 100644 --- a/nixos/hosts/olympus/dex/configuration.nix +++ b/nixos/hosts/olympus/dex/configuration.nix @@ -8,6 +8,7 @@ let db_user = "dex"; db_name = "dex"; inherit (config.meta.exposes.dex) port; + metricsPort = 5558; in { imports = [ ]; @@ -19,7 +20,7 @@ in { # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.05"; # Did you read the comment? - networking.firewall.allowedTCPPorts = [ port ]; + networking.firewall.allowedTCPPorts = [ port metricsPort ]; services.postgresql = { enable = true; @@ -49,6 +50,7 @@ in { }; }; web.http = "0.0.0.0:${toString port}"; + telemetry.http = "0.0.0.0:${toString metricsPort}"; connectors = [{ type = "gitea"; diff --git a/nixos/hosts/olympus/victoriametrics/configuration.nix b/nixos/hosts/olympus/victoriametrics/configuration.nix index 7fed0a27..1b88cf51 100644 --- a/nixos/hosts/olympus/victoriametrics/configuration.nix +++ b/nixos/hosts/olympus/victoriametrics/configuration.nix @@ -72,6 +72,20 @@ in { labels.app = "ntfy"; }]; } + { + job_name = "dex"; + static_configs = [{ + targets = [ "dex.olympus:5558" ]; + labels.app = "dex"; + }]; + } + { + job_name = "unbound"; + static_configs = [{ + targets = [ "dns-1.olympus:9167" "dns-2.olympus:9167" ]; + labels.app = "dns"; + }]; + } ]; }; }; -- 2.47.1 From 0bb646a332889230d2253c12fffba53c9d0f0a13 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 11 May 2023 09:48:16 +0200 Subject: [PATCH 1558/1882] fix statix --- flake.lock | 18 +++++++++--------- nixos/common/modules/dns.nix | 4 ++-- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/flake.lock b/flake.lock index 71fdd709..d66c865b 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1683543852, - "narHash": "sha256-aS9qNcg9GwSYFLCWa3Lw+2nVPG11mmQ3B7Oka1hh04M=", + "lastModified": 1683762874, + "narHash": "sha256-EC7EDhzz/HjKppcaJFePlCOZqfVg8fooO/aWWUxwAJU=", "owner": "nix-community", "repo": "home-manager", - "rev": "3f3fa731ad0f99741d4dc98e8e1287b45e30b452", + "rev": "010c26987729d6a2e0e19da6df7c3f0465ae03b3", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1683546353, - "narHash": "sha256-zEfx6q4fXK5wq+RCsyM0FyWBKNNhHTKMpCWkEpKDe2g=", + "lastModified": 1683627095, + "narHash": "sha256-8u9SejRpL2TrMuHBdhYh4FKc1OGPDLyWTpIbNTtoHsA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7629f9b0680d87c7775f3261bee746da5dac76d1", + "rev": "a08e061a4ee8329747d54ddf1566d34c55c895eb", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1683605580, - "narHash": "sha256-cVDmvUvgQbbqIHLC+yF3cGhAGd7Dl+YAsn+QEhGa0BQ=", + "lastModified": 1683787468, + "narHash": "sha256-2eJgM7C6KCUhtGWLD73Vd4MEQXARuWaCqkkjJ4CyBIg=", "owner": "nix-community", "repo": "NUR", - "rev": "d2b4061a60934718566c5003cccc38be2aefdd68", + "rev": "3b9fad6aeb323eef6e249ca7b0eda828b7a33c57", "type": "github" }, "original": { diff --git a/nixos/common/modules/dns.nix b/nixos/common/modules/dns.nix index 8d375ecd..e90e1c79 100644 --- a/nixos/common/modules/dns.nix +++ b/nixos/common/modules/dns.nix @@ -52,9 +52,9 @@ in { }; services.prometheus.exporters.unbound = mkIf cfg.enableMetrics { enable = true; - openFirewall = cfg.openFirewall; + inherit (cfg) openFirewall; + inherit (config.services.unbound) group; controlInterface = config.services.unbound.localControlSocketPath; - group = config.services.unbound.group; }; services.unbound = { enable = true; -- 2.47.1 From 3ccb2152b2cd6277850864c60d40ca039f9026eb Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 10 May 2023 14:00:25 +0000 Subject: [PATCH 1559/1882] chore(deps): update renovate/renovate docker tag to v35.77.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 51866f32..81f40877 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.74.0 + image: renovate/renovate:35.77.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 9b81b669022ab85eba1219641873106ec7c3ac52 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 11 May 2023 10:43:13 +0200 Subject: [PATCH 1560/1882] add weave-gitops clis --- flake.nix | 1 + nixos/pkgs/default.nix | 2 ++ nixos/pkgs/weave-gitops/default.nix | 26 ++++++++++++++++++++++++++ 3 files changed, 29 insertions(+) create mode 100644 nixos/pkgs/weave-gitops/default.nix diff --git a/flake.nix b/flake.nix index c53d02da..f3ef057a 100644 --- a/flake.nix +++ b/flake.nix @@ -148,6 +148,7 @@ (vault-push-approle-envs self { }) (vault-push-approles self { }) fast-repl + v.weave-gitops ]; }; }; diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index df261330..8a067151 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -3,6 +3,8 @@ _final: prev: { v = { glitch-soc = prev.callPackage ./glitch-soc { }; + weave-gitops = prev.callPackage ./weave-gitops { }; + unbound = prev.unbound.override { withSystemd = true; withDoH = true; diff --git a/nixos/pkgs/weave-gitops/default.nix b/nixos/pkgs/weave-gitops/default.nix new file mode 100644 index 00000000..9faf7e98 --- /dev/null +++ b/nixos/pkgs/weave-gitops/default.nix @@ -0,0 +1,26 @@ +{ lib, fetchFromGitHub, buildGoModule }: +buildGoModule rec { + pname = "weave-gitops"; + version = "0.23.0"; + + src = fetchFromGitHub { + owner = "weaveworks"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-nXFR+X63yp9IFTeW41ncBt77bCD3QFTs4phJMMLWrxs="; + }; + + ldflags = [ "-s" "-w" "-X github.com/weaveworks/weave-gitops/cmd/gitops/version.Version=${version}" ]; + + vendorSha256 = "sha256-3CgR9F3Bz4k1MVOufaF/E2GD6+bTOnnUqOXkNO9ZFrc="; + + subPackages = [ "cmd/gitops" ]; + + meta = with lib; { + homepage = "https://github.com/weaveworks/weave-gitops"; + description = "Weave Gitops CLI"; + license = licenses.mpl20; + platforms = platforms.linux; + maintainers = with maintainers; [ nullx76 ]; + }; +} -- 2.47.1 From 7ba35610a63c33a718e4dd8556e608822986e71a Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 11 May 2023 13:27:59 +0200 Subject: [PATCH 1561/1882] deploy weave-gitops-dashboard --- .../apps/flux-system/kustomization.yaml | 4 ++ .../flux-system/weave-gitops-dashboard.yaml | 41 +++++++++++++++++++ flux/olympus/apps/kustomization.yaml | 1 + nixos/common/modules/nginx.nix | 6 +-- nixos/hosts/olympus/nginx/configuration.nix | 2 +- 5 files changed, 49 insertions(+), 5 deletions(-) create mode 100644 flux/olympus/apps/flux-system/kustomization.yaml create mode 100644 flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml diff --git a/flux/olympus/apps/flux-system/kustomization.yaml b/flux/olympus/apps/flux-system/kustomization.yaml new file mode 100644 index 00000000..bfccb3d7 --- /dev/null +++ b/flux/olympus/apps/flux-system/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - weave-gitops-dashboard.yaml diff --git a/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml b/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml new file mode 100644 index 00000000..5bf60b6e --- /dev/null +++ b/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml @@ -0,0 +1,41 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: HelmRepository +metadata: + annotations: + metadata.weave.works/description: This is the source location for the Weave GitOps + Dashboard's helm chart. + labels: + app.kubernetes.io/component: ui + app.kubernetes.io/created-by: weave-gitops-cli + app.kubernetes.io/name: weave-gitops-dashboard + app.kubernetes.io/part-of: weave-gitops + name: ww-gitops + namespace: flux-system +spec: + interval: 1h0m0s + type: oci + url: oci://ghcr.io/weaveworks/charts +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + annotations: + metadata.weave.works/description: This is the Weave GitOps Dashboard. It provides + a simple way to get insights into your GitOps workloads. + name: ww-gitops + namespace: flux-system +spec: + chart: + spec: + chart: weave-gitops + sourceRef: + kind: HelmRepository + name: ww-gitops + interval: 1h0m0s + values: + adminUser: + create: true + passwordHash: $2a$10$uIY/YYe.CcRerpVvfk04muX86hLfXRH.K6jATZaVPqp.bnUIu/bsC + username: admin + diff --git a/flux/olympus/apps/kustomization.yaml b/flux/olympus/apps/kustomization.yaml index 0dd5fc5a..396b9e10 100644 --- a/flux/olympus/apps/kustomization.yaml +++ b/flux/olympus/apps/kustomization.yaml @@ -1,5 +1,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: + - flux-system - services - websites diff --git a/nixos/common/modules/nginx.nix b/nixos/common/modules/nginx.nix index 4d1ac1f9..a6ff28ad 100644 --- a/nixos/common/modules/nginx.nix +++ b/nixos/common/modules/nginx.nix @@ -2,7 +2,7 @@ with lib; let cfg = config.services.v.nginx; in { - options.services.v.nginx.generateVirtualHosts = + options.services.v.nginx.autoExpose = mkEnableOption "generate vhosts"; config = let @@ -24,9 +24,7 @@ in { "${domain}" = proxy "http://${ip}:${toString port}"; }; vhosts = foldr (el: acc: acc // mkVhost el) { } (concatMap exposes hosts'); - in mkIf cfg.generateVirtualHosts { - + in mkIf cfg.autoExpose { services.nginx.virtualHosts = vhosts; - }; } diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 2027eab5..8e2a471a 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -25,7 +25,7 @@ in { networking.firewall.allowedTCPPorts = [ 80 443 ]; # Generates vhosts for all hosts that have an `exposes` section - services.v.nginx.generateVirtualHosts = true; + services.v.nginx.autoExpose = true; services.nginx = { enable = true; -- 2.47.1 From 1f4a7f83b52cd7e7fa4f5121d2b903d2c04a2f69 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 11 May 2023 13:52:26 +0200 Subject: [PATCH 1562/1882] add oidc to flux dashboard --- .../olympus/apps/flux-system/external-secret.yaml | 15 +++++++++++++++ flux/olympus/apps/flux-system/kustomization.yaml | 1 + .../apps/flux-system/weave-gitops-dashboard.yaml | 7 +++++++ nixos/hosts/olympus/default.nix | 1 + nixos/hosts/olympus/dex/configuration.nix | 6 ++++++ 5 files changed, 30 insertions(+) create mode 100644 flux/olympus/apps/flux-system/external-secret.yaml diff --git a/flux/olympus/apps/flux-system/external-secret.yaml b/flux/olympus/apps/flux-system/external-secret.yaml new file mode 100644 index 00000000..c12fbe01 --- /dev/null +++ b/flux/olympus/apps/flux-system/external-secret.yaml @@ -0,0 +1,15 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: weave-gitops + namespace: flux-system +spec: + refreshInterval: "5m" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: oidc-auth + dataFrom: + - extract: + key: flux-system/weave-gitops diff --git a/flux/olympus/apps/flux-system/kustomization.yaml b/flux/olympus/apps/flux-system/kustomization.yaml index bfccb3d7..7fb77f63 100644 --- a/flux/olympus/apps/flux-system/kustomization.yaml +++ b/flux/olympus/apps/flux-system/kustomization.yaml @@ -1,4 +1,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: + - external-secret.yaml - weave-gitops-dashboard.yaml diff --git a/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml b/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml index 5bf60b6e..9be6ebf6 100644 --- a/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml +++ b/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml @@ -34,6 +34,13 @@ spec: name: ww-gitops interval: 1h0m0s values: + ingress: + enabled: true + hosts: + - host: flux.0x76.dev + paths: + - path: / + pathType: ImplementationSpecific adminUser: create: true passwordHash: $2a$10$uIY/YYe.CcRerpVvfk04muX86hLfXRH.K6jATZaVPqp.bnUIu/bsC diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 20937bd4..8bce28ed 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -52,6 +52,7 @@ mac = "6E:A5:25:99:FE:68"; exposes = { www.domain = "0x76.dev"; + flux.domain = "flux.0x76.dev"; internal.domain = "internal.xirion.net"; blog.domain = "blog.xirion.net"; }; diff --git a/nixos/hosts/olympus/dex/configuration.nix b/nixos/hosts/olympus/dex/configuration.nix index 0c77f11c..aa934bbb 100644 --- a/nixos/hosts/olympus/dex/configuration.nix +++ b/nixos/hosts/olympus/dex/configuration.nix @@ -83,6 +83,12 @@ in { redirectURIs = [ "https://md.0x76.dev/auth/oauth2/callback" ]; secretEnv = "HEDGEDOC_CLIENT_SECRET"; } + { + id = "flux"; + name = "Weave Gitops Flux Dashboard"; + redirectURIs = [ "https://flux.0x76.dev/oauth2/callback" ]; + secretEnv = "FLUX_CLIENT_SECRET"; + } ]; }; -- 2.47.1 From e1651cdd967575463d842b9503999a1bf496cada Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 11 May 2023 14:09:58 +0200 Subject: [PATCH 1563/1882] add weave rbac (test) --- .../apps/flux-system/kustomization.yaml | 1 + flux/olympus/apps/flux-system/rbac.yaml | 39 +++++++++++++++++++ 2 files changed, 40 insertions(+) create mode 100644 flux/olympus/apps/flux-system/rbac.yaml diff --git a/flux/olympus/apps/flux-system/kustomization.yaml b/flux/olympus/apps/flux-system/kustomization.yaml index 7fb77f63..29912dbe 100644 --- a/flux/olympus/apps/flux-system/kustomization.yaml +++ b/flux/olympus/apps/flux-system/kustomization.yaml @@ -1,5 +1,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: + - rbac.yaml - external-secret.yaml - weave-gitops-dashboard.yaml diff --git a/flux/olympus/apps/flux-system/rbac.yaml b/flux/olympus/apps/flux-system/rbac.yaml new file mode 100644 index 00000000..ac282156 --- /dev/null +++ b/flux/olympus/apps/flux-system/rbac.yaml @@ -0,0 +1,39 @@ +--- +# Admin cluster role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: wego-admin-cluster-role +rules: + - apiGroups: [""] + resources: ["secrets", "pods" ] + verbs: [ "get", "list" ] + - apiGroups: ["apps"] + resources: [ "deployments", "replicasets"] + verbs: [ "get", "list" ] + - apiGroups: ["kustomize.toolkit.fluxcd.io"] + resources: [ "kustomizations" ] + verbs: [ "get", "list", "patch" ] + - apiGroups: ["helm.toolkit.fluxcd.io"] + resources: [ "helmreleases" ] + verbs: [ "get", "list", "patch" ] + - apiGroups: ["source.toolkit.fluxcd.io"] + resources: [ "buckets", "helmcharts", "gitrepositories", "helmrepositories", "ocirepositories" ] + verbs: [ "get", "list", "patch" ] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "watch", "list"] +--- +# Bind the cluster admin role to admins +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: wego-cluster-admin +subjects: +- kind: User + name: "victor@xirion.net" + apiGroup: rbac.authorization.k8s.io +roleRef: + kind: ClusterRole + name: wego-admin-cluster-role + apiGroup: rbac.authorization.k8s.io -- 2.47.1 From 2f4744bf89470a14a6debf614c77f535dfb88121 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 11 May 2023 14:14:32 +0200 Subject: [PATCH 1564/1882] promote v1beta2 to v1 --- flux/olympus/base/apps.yaml | 2 +- flux/olympus/base/core.yaml | 2 +- flux/olympus/base/flux-system/gotk-sync.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/flux/olympus/base/apps.yaml b/flux/olympus/base/apps.yaml index ea630d9c..0059a2e9 100644 --- a/flux/olympus/base/apps.yaml +++ b/flux/olympus/base/apps.yaml @@ -1,5 +1,5 @@ --- -apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: name: apps diff --git a/flux/olympus/base/core.yaml b/flux/olympus/base/core.yaml index d8e98213..f61c58c8 100644 --- a/flux/olympus/base/core.yaml +++ b/flux/olympus/base/core.yaml @@ -1,5 +1,5 @@ --- -apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: name: core diff --git a/flux/olympus/base/flux-system/gotk-sync.yaml b/flux/olympus/base/flux-system/gotk-sync.yaml index 33247204..0f253b87 100644 --- a/flux/olympus/base/flux-system/gotk-sync.yaml +++ b/flux/olympus/base/flux-system/gotk-sync.yaml @@ -13,7 +13,7 @@ spec: name: flux-system url: ssh://gitea@git.0x76.dev:42/v/infrastructure.git --- -apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: name: flux-system -- 2.47.1 From 9b446701969578cacae15939e378073126edf2c5 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 11 May 2023 14:18:58 +0200 Subject: [PATCH 1565/1882] Revert "promote v1beta2 to v1" This reverts commit 2f4744bf89470a14a6debf614c77f535dfb88121. --- flux/olympus/base/apps.yaml | 2 +- flux/olympus/base/core.yaml | 2 +- flux/olympus/base/flux-system/gotk-sync.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/flux/olympus/base/apps.yaml b/flux/olympus/base/apps.yaml index 0059a2e9..ea630d9c 100644 --- a/flux/olympus/base/apps.yaml +++ b/flux/olympus/base/apps.yaml @@ -1,5 +1,5 @@ --- -apiVersion: kustomize.toolkit.fluxcd.io/v1 +apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 kind: Kustomization metadata: name: apps diff --git a/flux/olympus/base/core.yaml b/flux/olympus/base/core.yaml index f61c58c8..d8e98213 100644 --- a/flux/olympus/base/core.yaml +++ b/flux/olympus/base/core.yaml @@ -1,5 +1,5 @@ --- -apiVersion: kustomize.toolkit.fluxcd.io/v1 +apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 kind: Kustomization metadata: name: core diff --git a/flux/olympus/base/flux-system/gotk-sync.yaml b/flux/olympus/base/flux-system/gotk-sync.yaml index 0f253b87..33247204 100644 --- a/flux/olympus/base/flux-system/gotk-sync.yaml +++ b/flux/olympus/base/flux-system/gotk-sync.yaml @@ -13,7 +13,7 @@ spec: name: flux-system url: ssh://gitea@git.0x76.dev:42/v/infrastructure.git --- -apiVersion: kustomize.toolkit.fluxcd.io/v1 +apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 kind: Kustomization metadata: name: flux-system -- 2.47.1 From 825323e99df8f4d2c9e8558c556addcee92fd2ae Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 11 May 2023 14:22:44 +0200 Subject: [PATCH 1566/1882] remove hardcoded admin from weave test test 2 test 3 test-4 re add user stuff disable admin add rbac fix rbac fix rba 1c fix rba 12c --- flux/olympus/apps/flux-system/rbac.yaml | 6 +++--- flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/flux/olympus/apps/flux-system/rbac.yaml b/flux/olympus/apps/flux-system/rbac.yaml index ac282156..bf353106 100644 --- a/flux/olympus/apps/flux-system/rbac.yaml +++ b/flux/olympus/apps/flux-system/rbac.yaml @@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: wego-admin-cluster-role + name: weave-admin rules: - apiGroups: [""] resources: ["secrets", "pods" ] @@ -28,12 +28,12 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: wego-cluster-admin + name: weave-admin subjects: - kind: User name: "victor@xirion.net" apiGroup: rbac.authorization.k8s.io roleRef: kind: ClusterRole - name: wego-admin-cluster-role + name: weave-admin apiGroup: rbac.authorization.k8s.io diff --git a/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml b/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml index 9be6ebf6..ca8150b3 100644 --- a/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml +++ b/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml @@ -42,7 +42,7 @@ spec: - path: / pathType: ImplementationSpecific adminUser: - create: true + create: false passwordHash: $2a$10$uIY/YYe.CcRerpVvfk04muX86hLfXRH.K6jATZaVPqp.bnUIu/bsC username: admin -- 2.47.1 From 9f9058e3c01ba24fd30cb868618318c6929a87e7 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 11 May 2023 15:06:18 +0200 Subject: [PATCH 1567/1882] expand rbac --- flux/olympus/apps/flux-system/rbac.yaml | 57 +++++++++++++++++-------- 1 file changed, 39 insertions(+), 18 deletions(-) diff --git a/flux/olympus/apps/flux-system/rbac.yaml b/flux/olympus/apps/flux-system/rbac.yaml index bf353106..f32f336a 100644 --- a/flux/olympus/apps/flux-system/rbac.yaml +++ b/flux/olympus/apps/flux-system/rbac.yaml @@ -5,24 +5,45 @@ kind: ClusterRole metadata: name: weave-admin rules: - - apiGroups: [""] - resources: ["secrets", "pods" ] - verbs: [ "get", "list" ] - - apiGroups: ["apps"] - resources: [ "deployments", "replicasets"] - verbs: [ "get", "list" ] - - apiGroups: ["kustomize.toolkit.fluxcd.io"] - resources: [ "kustomizations" ] - verbs: [ "get", "list", "patch" ] - - apiGroups: ["helm.toolkit.fluxcd.io"] - resources: [ "helmreleases" ] - verbs: [ "get", "list", "patch" ] - - apiGroups: ["source.toolkit.fluxcd.io"] - resources: [ "buckets", "helmcharts", "gitrepositories", "helmrepositories", "ocirepositories" ] - verbs: [ "get", "list", "patch" ] - - apiGroups: [""] - resources: ["events"] - verbs: ["get", "watch", "list"] +# Flux Resources +- apiGroups: ["kustomize.toolkit.fluxcd.io"] + resources: [ "kustomizations" ] + verbs: [ "get", "list", "patch" ] +- apiGroups: ["helm.toolkit.fluxcd.io"] + resources: [ "helmreleases" ] + verbs: [ "get", "list", "patch" ] +- apiGroups: ["source.toolkit.fluxcd.io"] + resources: [ "buckets", "helmcharts", "gitrepositories", "helmrepositories", "ocirepositories" ] + verbs: [ "get", "list", "patch" ] +- apiGroups: [ "notification.toolkit.fluxcd.io" ] + resources: [ "providers", "alerts" ] + verbs: [ "get", "list" ] +- apiGroups: ["infra.contrib.fluxcd.io"] + resources: ["terraforms"] + verbs: [ "get", "list", "patch" ] +# Resources managed via Flux +- apiGroups: [""] + resources: ["configmaps", "secrets", "pods", "services", "namespaces", "persistentvolumes", "persistentvolumeclaims"] + verbs: [ "get", "list" ] +- apiGroups: ["apps"] + resources: [ "deployments", "replicasets", "statefulsets"] + verbs: [ "get", "list" ] +- apiGroups: ["batch"] + resources: [ "jobs", "cronjobs"] + verbs: [ "get", "list" ] +- apiGroups: ["autoscaling"] + resources: ["horizontalpodautoscalers"] + verbs: [ "get", "list" ] +- apiGroups: ["rbac.authorization.k8s.io"] + resources: ["roles", "clusterroles", "rolebindings", "clusterrolebindings"] + verbs: [ "get", "list" ] +- apiGroups: ["networking.k8s.io"] + resources: ["ingresses"] + verbs: [ "get", "list" ] +# Feedback +- apiGroups: [""] + resources: ["events"] + verbs: ["get", "watch", "list"] --- # Bind the cluster admin role to admins apiVersion: rbac.authorization.k8s.io/v1 -- 2.47.1 From 47803615566f6ee16a855cb2ae1494e60294fdff Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 11 May 2023 22:00:27 +0000 Subject: [PATCH 1568/1882] chore(deps): update renovate/renovate docker tag to v35.80.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 81f40877..b347c412 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.77.0 + image: renovate/renovate:35.80.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 80e52ba650a996840d105c3a8d46c510f0a7a369 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 12 May 2023 09:18:19 +0200 Subject: [PATCH 1569/1882] fix yamllint --- flux/olympus/apps/flux-system/rbac.yaml | 100 ++++++++++-------- .../flux-system/weave-gitops-dashboard.yaml | 8 +- 2 files changed, 62 insertions(+), 46 deletions(-) diff --git a/flux/olympus/apps/flux-system/rbac.yaml b/flux/olympus/apps/flux-system/rbac.yaml index f32f336a..a3a7d0ca 100644 --- a/flux/olympus/apps/flux-system/rbac.yaml +++ b/flux/olympus/apps/flux-system/rbac.yaml @@ -5,45 +5,61 @@ kind: ClusterRole metadata: name: weave-admin rules: -# Flux Resources -- apiGroups: ["kustomize.toolkit.fluxcd.io"] - resources: [ "kustomizations" ] - verbs: [ "get", "list", "patch" ] -- apiGroups: ["helm.toolkit.fluxcd.io"] - resources: [ "helmreleases" ] - verbs: [ "get", "list", "patch" ] -- apiGroups: ["source.toolkit.fluxcd.io"] - resources: [ "buckets", "helmcharts", "gitrepositories", "helmrepositories", "ocirepositories" ] - verbs: [ "get", "list", "patch" ] -- apiGroups: [ "notification.toolkit.fluxcd.io" ] - resources: [ "providers", "alerts" ] - verbs: [ "get", "list" ] -- apiGroups: ["infra.contrib.fluxcd.io"] - resources: ["terraforms"] - verbs: [ "get", "list", "patch" ] -# Resources managed via Flux -- apiGroups: [""] - resources: ["configmaps", "secrets", "pods", "services", "namespaces", "persistentvolumes", "persistentvolumeclaims"] - verbs: [ "get", "list" ] -- apiGroups: ["apps"] - resources: [ "deployments", "replicasets", "statefulsets"] - verbs: [ "get", "list" ] -- apiGroups: ["batch"] - resources: [ "jobs", "cronjobs"] - verbs: [ "get", "list" ] -- apiGroups: ["autoscaling"] - resources: ["horizontalpodautoscalers"] - verbs: [ "get", "list" ] -- apiGroups: ["rbac.authorization.k8s.io"] - resources: ["roles", "clusterroles", "rolebindings", "clusterrolebindings"] - verbs: [ "get", "list" ] -- apiGroups: ["networking.k8s.io"] - resources: ["ingresses"] - verbs: [ "get", "list" ] -# Feedback -- apiGroups: [""] - resources: ["events"] - verbs: ["get", "watch", "list"] + # Flux Resources + - apiGroups: ["kustomize.toolkit.fluxcd.io"] + resources: ["kustomizations"] + verbs: ["get", "list", "patch"] + - apiGroups: ["helm.toolkit.fluxcd.io"] + resources: ["helmreleases"] + verbs: ["get", "list", "patch"] + - apiGroups: ["source.toolkit.fluxcd.io"] + resources: + [ + "buckets", + "helmcharts", + "gitrepositories", + "helmrepositories", + "ocirepositories", + ] + verbs: ["get", "list", "patch"] + - apiGroups: ["notification.toolkit.fluxcd.io"] + resources: ["providers", "alerts"] + verbs: ["get", "list"] + - apiGroups: ["infra.contrib.fluxcd.io"] + resources: ["terraforms"] + verbs: ["get", "list", "patch"] + # Resources managed via Flux + - apiGroups: [""] + resources: + [ + "configmaps", + "secrets", + "pods", + "services", + "namespaces", + "persistentvolumes", + "persistentvolumeclaims", + ] + verbs: ["get", "list"] + - apiGroups: ["apps"] + resources: ["deployments", "replicasets", "statefulsets"] + verbs: ["get", "list"] + - apiGroups: ["batch"] + resources: ["jobs", "cronjobs"] + verbs: ["get", "list"] + - apiGroups: ["autoscaling"] + resources: ["horizontalpodautoscalers"] + verbs: ["get", "list"] + - apiGroups: ["rbac.authorization.k8s.io"] + resources: ["roles", "clusterroles", "rolebindings", "clusterrolebindings"] + verbs: ["get", "list"] + - apiGroups: ["networking.k8s.io"] + resources: ["ingresses"] + verbs: ["get", "list"] + # Feedback + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "watch", "list"] --- # Bind the cluster admin role to admins apiVersion: rbac.authorization.k8s.io/v1 @@ -51,9 +67,9 @@ kind: ClusterRoleBinding metadata: name: weave-admin subjects: -- kind: User - name: "victor@xirion.net" - apiGroup: rbac.authorization.k8s.io + - kind: User + name: "victor@xirion.net" + apiGroup: rbac.authorization.k8s.io roleRef: kind: ClusterRole name: weave-admin diff --git a/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml b/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml index ca8150b3..6ec96a99 100644 --- a/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml +++ b/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml @@ -37,10 +37,10 @@ spec: ingress: enabled: true hosts: - - host: flux.0x76.dev - paths: - - path: / - pathType: ImplementationSpecific + - host: flux.0x76.dev + paths: + - path: / + pathType: ImplementationSpecific adminUser: create: false passwordHash: $2a$10$uIY/YYe.CcRerpVvfk04muX86hLfXRH.K6jATZaVPqp.bnUIu/bsC -- 2.47.1 From 28ea4f1d9215edde13dff68568e838958babdef0 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 12 May 2023 09:53:58 +0200 Subject: [PATCH 1570/1882] flake update --- flake.lock | 30 +++++++++++++++--------------- flake.nix | 4 ++-- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/flake.lock b/flake.lock index d66c865b..288607f5 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1683762874, - "narHash": "sha256-EC7EDhzz/HjKppcaJFePlCOZqfVg8fooO/aWWUxwAJU=", + "lastModified": 1683833146, + "narHash": "sha256-ELF0oXgg0NYGyKtU74HW8CeLstFJwwCGbuahnQla67I=", "owner": "nix-community", "repo": "home-manager", - "rev": "010c26987729d6a2e0e19da6df7c3f0465ae03b3", + "rev": "cc9f65d104e5227d103a529a9fc3687ef4ccb117", "type": "github" }, "original": { @@ -815,16 +815,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1683616229, - "narHash": "sha256-DGnFcTlPUZWceN8AOjqAGZKFaQPTKm3JieGkwTG5UUI=", - "owner": "NULLx76", + "lastModified": 1683875450, + "narHash": "sha256-LH1e688KeJZsxlo41GIioUXbZkFbovJugQBahkms4KA=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "23e98ed600e902cdec403246339b77243e1076a1", + "rev": "1b4d6122edc9a0b8058b2a71592de41b21b65f70", "type": "github" }, "original": { - "owner": "NULLx76", - "ref": "bazarr-1.2.1", + "owner": "nixos", + "ref": "master", "repo": "nixpkgs", "type": "github" } @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1683787468, - "narHash": "sha256-2eJgM7C6KCUhtGWLD73Vd4MEQXARuWaCqkkjJ4CyBIg=", + "lastModified": 1683866302, + "narHash": "sha256-/OE/VFasqc4U41V6mxfgP2y63CFVhOspyDVa6taA2QU=", "owner": "nix-community", "repo": "NUR", - "rev": "3b9fad6aeb323eef6e249ca7b0eda828b7a33c57", + "rev": "6f8d15ef7a6de53c8b01828113262af48ea0fbcd", "type": "github" }, "original": { @@ -1226,11 +1226,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1683601533, - "narHash": "sha256-DMDeUvjeAEU/rZN7y/U2B1VKMVaOwK12j7tfw6JK1Kg=", + "lastModified": 1683797625, + "narHash": "sha256-Fgu9rxFziIJ47NiSdEUGO0PSwN9KTwW9lN0iT3uBpYI=", "owner": "serokell", "repo": "vault-secrets", - "rev": "1b4943a99768e502519640f83873bec780d777d1", + "rev": "9b23805fd05bf3b291d6f80ddfeb9a97318b6547", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index f3ef057a..21a3d4d5 100644 --- a/flake.nix +++ b/flake.nix @@ -9,8 +9,8 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - # nixpkgs.url = "github:nixos/nixpkgs/master"; - nixpkgs.url = "github:NULLx76/nixpkgs/bazarr-1.2.1"; + nixpkgs.url = "github:nixos/nixpkgs/master"; + # nixpkgs.url = "github:NULLx76/nixpkgs/bazarr-1.2.1"; nixpkgs_22-11.url = "github:nixos/nixpkgs/nixos-22.11"; -- 2.47.1 From fa628ab6ce4998cbaf35dc545d2b06bd24cb0069 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 12 May 2023 10:07:39 +0200 Subject: [PATCH 1571/1882] fix mail --- nixos/hosts/hades/nginx/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix index a782efaa..a9ed406c 100644 --- a/nixos/hosts/hades/nginx/configuration.nix +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -55,7 +55,7 @@ in { }; # virtualHosts."blog.xirion.net" = proxy "http://10.10.10.12"; virtualHosts."git.xirion.net" = proxy "http://10.10.10.12"; - virtualHosts."mail.xirion.net" = proxy "https://192.168.0.118"; + virtualHosts."mail.xirion.net" = proxy "http://192.168.0.118"; virtualHosts."o.xirion.net" = proxy "http://192.168.0.112:9000"; virtualHosts."requests.xirion.net" = proxy "http://overseerr.hades:5055"; virtualHosts."pass.xirion.net" = proxy "http://bitwarden_rs"; -- 2.47.1 From da1e34198e0eddf57212a93367d420aa7bff3312 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 12 May 2023 15:00:03 +0200 Subject: [PATCH 1572/1882] try using nix store --- .woodpecker.yml | 3 +++ flake.nix | 13 +++++++------ nixos/common/common.nix | 2 -- .../hosts/olympus/woodpecker/configuration.nix | 17 +++++++++-------- 4 files changed, 19 insertions(+), 16 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 0a659936..cb47814c 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -3,7 +3,10 @@ pipeline: image: nixos/nix:2.15.0 environment: - NIX_CONFIG=experimental-features = nix-command flakes + - NIX_STORE_DIR=unix:///mnt/nix/var/nix/daemon-socket/socket?root=/mnt commands: - nix run 'nixpkgs#statix' check - nix run 'nixpkgs#deadnix' -- -f - nix run 'nixpkgs#yamllint' . + volumes: + - /nix:/mnt/nix:ro diff --git a/flake.nix b/flake.nix index 21a3d4d5..d5ff657b 100644 --- a/flake.nix +++ b/flake.nix @@ -119,12 +119,13 @@ ++ [ (import ./nixos/templates/proxmox-lxc.nix) ]; }; - proxmox-vm = nixos-generators.nixosGenerate { - inherit system pkgs; - format = "proxmox"; - modules = util.base_imports - ++ [ (import ./nixos/templates/proxmox-vm.nix) ]; - }; + # Broken + # proxmox-vm = nixos-generators.nixosGenerate { + # inherit system pkgs; + # format = "proxmox"; + # modules = util.base_imports + # ++ [ (import ./nixos/templates/proxmox-vm.nix) ]; + # }; }; # Use by running `nix develop` diff --git a/nixos/common/common.nix b/nixos/common/common.nix index 2cf74618..cc675737 100644 --- a/nixos/common/common.nix +++ b/nixos/common/common.nix @@ -26,7 +26,6 @@ "https://nix-community.cachix.org" "https://nixpkgs-review-bot.cachix.org" "https://colmena.cachix.org" - "https://hyprland.cachix.org" "https://cache.garnix.io" "https://0x76-infra.cachix.org" "https://webcord.cachix.org" @@ -36,7 +35,6 @@ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "nixpkgs-review-bot.cachix.org-1:eppgiDjPk7Hkzzz7XlUesk3rcEHqNDozGOrcLc8IqwE=" "colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg=" - "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" "0x76-infra.cachix.org-1:dC1qp+VEN3jj5pdK4URlXR9hf3atT+MnpKGu6PZjMc8=" "webcord.cachix.org-1:l555jqOZGHd2C9+vS8ccdh8FhqnGe8L78QrHNn+EFEs=" diff --git a/nixos/hosts/olympus/woodpecker/configuration.nix b/nixos/hosts/olympus/woodpecker/configuration.nix index c5da5db7..68c896b1 100644 --- a/nixos/hosts/olympus/woodpecker/configuration.nix +++ b/nixos/hosts/olympus/woodpecker/configuration.nix @@ -27,18 +27,19 @@ in { quoteEnvironmentValues = false; # Needed for docker }; - # For some reason networking is broken in podman virtualisation.podman = { - enable = false; + enable = true; dockerSocket.enable = true; dockerCompat = true; - }; - - virtualisation.docker = { - enable = true; autoPrune.enable = true; }; + # Fix DNS Lookup in podman + virtualisation.podman.defaultNetwork.settings.dns_enable = true; + networking.firewall.interfaces."podman+" = { + allowedUDPPorts = [ 53 ]; + allowedTCPPorts = [ 53 ]; + }; services.woodpecker-server = { enable = true; environment = { @@ -57,12 +58,12 @@ in { docker = { enable = true; environment = { - # DOCKER_HOST = "unix:///run/podman/podman.sock"; + DOCKER_HOST = "unix:///run/podman/podman.sock"; WOODPECKER_BACKEND = "docker"; WOODPECKER_SERVER = "localhost:9000"; }; environmentFile = [ "${vs.woodpecker}/environment" ]; - extraGroups = [ "docker" ]; + extraGroups = [ "podman" ]; }; }; } -- 2.47.1 From aafefd91205e04075395f99b815238611c80d63d Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 12 May 2023 15:03:50 +0200 Subject: [PATCH 1573/1882] try using nix store 1 --- .woodpecker.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index cb47814c..2dcc2386 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -3,9 +3,8 @@ pipeline: image: nixos/nix:2.15.0 environment: - NIX_CONFIG=experimental-features = nix-command flakes - - NIX_STORE_DIR=unix:///mnt/nix/var/nix/daemon-socket/socket?root=/mnt commands: - - nix run 'nixpkgs#statix' check + - nix run --store unix:///mnt/nix/var/nix/daemon-socket/socket?root=/mnt 'nixpkgs#statix' check - nix run 'nixpkgs#deadnix' -- -f - nix run 'nixpkgs#yamllint' . volumes: -- 2.47.1 From 6ee0a6fd6e0f335b9c6e9a10c5efb5ad1038cc1e Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 12 May 2023 15:11:48 +0200 Subject: [PATCH 1574/1882] try using nix store 2 --- .woodpecker.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 2dcc2386..b77d577b 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -2,9 +2,9 @@ pipeline: check: image: nixos/nix:2.15.0 environment: - - NIX_CONFIG=experimental-features = nix-command flakes + - NIX_CONFIG="experimental-features = nix-command flakes \n store = unix:///mnt/nix/var/nix/daemon-socket/socket?root=/mnt" commands: - - nix run --store unix:///mnt/nix/var/nix/daemon-socket/socket?root=/mnt 'nixpkgs#statix' check + - nix run 'nixpkgs#statix' check - nix run 'nixpkgs#deadnix' -- -f - nix run 'nixpkgs#yamllint' . volumes: -- 2.47.1 From d7801de5d7f36ccd557945d61e6ddc845c42fd7e Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 12 May 2023 15:12:27 +0200 Subject: [PATCH 1575/1882] try using nix store 3 --- .woodpecker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index b77d577b..e55d0692 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -2,7 +2,7 @@ pipeline: check: image: nixos/nix:2.15.0 environment: - - NIX_CONFIG="experimental-features = nix-command flakes \n store = unix:///mnt/nix/var/nix/daemon-socket/socket?root=/mnt" + - NIX_CONFIG=experimental-features = nix-command flakes \n store = unix:///mnt/nix/var/nix/daemon-socket/socket?root=/mnt commands: - nix run 'nixpkgs#statix' check - nix run 'nixpkgs#deadnix' -- -f -- 2.47.1 From 9a3acb28c8fe195c178f98de136d6c0e3606184b Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 12 May 2023 15:16:39 +0200 Subject: [PATCH 1576/1882] try using nix store 4 --- .woodpecker.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index e55d0692..8f66875a 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -1,9 +1,9 @@ pipeline: check: image: nixos/nix:2.15.0 - environment: - - NIX_CONFIG=experimental-features = nix-command flakes \n store = unix:///mnt/nix/var/nix/daemon-socket/socket?root=/mnt commands: + - echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf + - echo "store = unix:///mnt/nix/var/nix/daemon-socket/socket?root=/mnt" >> /etc/nix/nix.conf - nix run 'nixpkgs#statix' check - nix run 'nixpkgs#deadnix' -- -f - nix run 'nixpkgs#yamllint' . -- 2.47.1 From ddfc6803a71a7063cef5741fbd9a442842ccffec Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 12 May 2023 15:29:01 +0200 Subject: [PATCH 1577/1882] add flake check --- .woodpecker.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.woodpecker.yml b/.woodpecker.yml index 8f66875a..57425a86 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -7,5 +7,6 @@ pipeline: - nix run 'nixpkgs#statix' check - nix run 'nixpkgs#deadnix' -- -f - nix run 'nixpkgs#yamllint' . + - nix flake check volumes: - /nix:/mnt/nix:ro -- 2.47.1 From a51cbc92183f85ec7cc9051b695540cd149be80f Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 12 May 2023 15:41:20 +0200 Subject: [PATCH 1578/1882] aaa --- .woodpecker.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 57425a86..8f66875a 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -7,6 +7,5 @@ pipeline: - nix run 'nixpkgs#statix' check - nix run 'nixpkgs#deadnix' -- -f - nix run 'nixpkgs#yamllint' . - - nix flake check volumes: - /nix:/mnt/nix:ro -- 2.47.1 From a4efc95068526f72a8de51b27fdf35e722c5c509 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 12 May 2023 19:41:42 +0200 Subject: [PATCH 1579/1882] woodpecker doc comment --- nixos/hosts/olympus/woodpecker/configuration.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/nixos/hosts/olympus/woodpecker/configuration.nix b/nixos/hosts/olympus/woodpecker/configuration.nix index 68c896b1..542f726a 100644 --- a/nixos/hosts/olympus/woodpecker/configuration.nix +++ b/nixos/hosts/olympus/woodpecker/configuration.nix @@ -34,6 +34,8 @@ in { autoPrune.enable = true; }; + # Thanks to: https://blog.kotatsu.dev/posts/2023-04-21-woodpecker-nix-caching/ + # Fix DNS Lookup in podman virtualisation.podman.defaultNetwork.settings.dns_enable = true; networking.firewall.interfaces."podman+" = { -- 2.47.1 From dfa4209581c3766186366f9ba9541583e8441a77 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 12 May 2023 22:00:28 +0000 Subject: [PATCH 1580/1882] chore(deps): update renovate/renovate docker tag to v35.80.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index b347c412..17110ebd 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.80.0 + image: renovate/renovate:35.80.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From f93bdc5fdebf1bf0a3b73e8c80da6b767ec9162b Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 13 May 2023 13:02:08 +0200 Subject: [PATCH 1581/1882] flake update --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 288607f5..ab39e6f7 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1683833146, - "narHash": "sha256-ELF0oXgg0NYGyKtU74HW8CeLstFJwwCGbuahnQla67I=", + "lastModified": 1683929392, + "narHash": "sha256-qJddrb/bgS58AXAv25iv5xJ+69G5g7FAYCWec1lLnW0=", "owner": "nix-community", "repo": "home-manager", - "rev": "cc9f65d104e5227d103a529a9fc3687ef4ccb117", + "rev": "eec22729990ddf53d1e45e74624ddf667cdbe11b", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1683627095, - "narHash": "sha256-8u9SejRpL2TrMuHBdhYh4FKc1OGPDLyWTpIbNTtoHsA=", + "lastModified": 1683928319, + "narHash": "sha256-maz0DRKixJVcNRMiAMWlJniiF8IuQ+WbfmlJJ8D+jfM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a08e061a4ee8329747d54ddf1566d34c55c895eb", + "rev": "9656e85a15a0fe67847ee8cdb99a20d8df499962", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1683875450, - "narHash": "sha256-LH1e688KeJZsxlo41GIioUXbZkFbovJugQBahkms4KA=", + "lastModified": 1683974953, + "narHash": "sha256-xtoo5wk5cfebbkXVt0ZLqboX7DJnceUhIYRYjpTPi2U=", "owner": "nixos", "repo": "nixpkgs", - "rev": "1b4d6122edc9a0b8058b2a71592de41b21b65f70", + "rev": "f96c763702900f0e38f9c320d3fb4e8677ce9545", "type": "github" }, "original": { @@ -931,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1683465903, - "narHash": "sha256-rkuqTLd2JciPnMRXNkVtGV+taMT1rsvQdt9tvWDYksw=", + "lastModified": 1683895648, + "narHash": "sha256-PBpMmZ9agPe6NN/xFcXluShkZXDtqwuqXplVvebh7CM=", "owner": "pta2002", "repo": "nixvim", - "rev": "079b0c30cde91a735a7a1707ed6bf2571a1c93cc", + "rev": "b77e3e9ccbccc5c4d98f1b6b6d07a591657ccce9", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1683866302, - "narHash": "sha256-/OE/VFasqc4U41V6mxfgP2y63CFVhOspyDVa6taA2QU=", + "lastModified": 1683962403, + "narHash": "sha256-wJaQhKet22vmyxA3bPGNUGSmWElqMzCPKEnf8IzIYDQ=", "owner": "nix-community", "repo": "NUR", - "rev": "6f8d15ef7a6de53c8b01828113262af48ea0fbcd", + "rev": "2d85d8781e4fa1e793c92763733b6b131e5aabbb", "type": "github" }, "original": { -- 2.47.1 From e84140d0a8d0a95bb5acb8514abae3ba695e9028 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 13 May 2023 22:00:24 +0000 Subject: [PATCH 1582/1882] chore(deps): update renovate/renovate docker tag to v35.82.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 17110ebd..a4e5fd1b 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.80.1 + image: renovate/renovate:35.82.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From d1c1669948dc0f28dcd7db2ced4a1d7a96fb7881 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 14 May 2023 12:15:31 +0200 Subject: [PATCH 1583/1882] flake update --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index ab39e6f7..fee79957 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1683929392, - "narHash": "sha256-qJddrb/bgS58AXAv25iv5xJ+69G5g7FAYCWec1lLnW0=", + "lastModified": 1683989410, + "narHash": "sha256-puF/QsIkp4ch0sf6M5mNzbdZtYcq2MJHcKre9wJ3ZYo=", "owner": "nix-community", "repo": "home-manager", - "rev": "eec22729990ddf53d1e45e74624ddf667cdbe11b", + "rev": "6702b22b9805bc1879715d4111e3764cd4237aed", "type": "github" }, "original": { @@ -557,11 +557,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1671738303, - "narHash": "sha256-PRgqtaWf2kMSYqVmcnmhTh+UsC0RmvXRTr+EOw5VZUA=", + "lastModified": 1684048308, + "narHash": "sha256-JcQe0Zmov/32L+GQ+O+H8Qoll+jjvkcrd8/TNtE6TBY=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "6d0d9fb966cc565a3df74d3b686f924c7615118c", + "rev": "c04e4f22da48319d15593a2c942431744c12f27c", "type": "gitlab" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1683974953, - "narHash": "sha256-xtoo5wk5cfebbkXVt0ZLqboX7DJnceUhIYRYjpTPi2U=", + "lastModified": 1684056101, + "narHash": "sha256-6xb8TPVNv+Tm6AeNH16yy9+E+dZ3EaPYQB62LiSOAac=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f96c763702900f0e38f9c320d3fb4e8677ce9545", + "rev": "176aaf016abe98be350f8fb8cebbdd63d4b05be5", "type": "github" }, "original": { @@ -931,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1683895648, - "narHash": "sha256-PBpMmZ9agPe6NN/xFcXluShkZXDtqwuqXplVvebh7CM=", + "lastModified": 1684057446, + "narHash": "sha256-RgfgKKr7rBD4Fz9pjiikKgs8zxZ+PPls8fh4IwdNd6k=", "owner": "pta2002", "repo": "nixvim", - "rev": "b77e3e9ccbccc5c4d98f1b6b6d07a591657ccce9", + "rev": "c1a46a8360c864c4d4ef7d7240ff5403269cf00c", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1683962403, - "narHash": "sha256-wJaQhKet22vmyxA3bPGNUGSmWElqMzCPKEnf8IzIYDQ=", + "lastModified": 1684042604, + "narHash": "sha256-kKaNKeDtMLOcsTf8XnOT0/rYvvcqTQNGiIr5rO9PcgQ=", "owner": "nix-community", "repo": "NUR", - "rev": "2d85d8781e4fa1e793c92763733b6b131e5aabbb", + "rev": "f3b31a6e1a397412d4c3afe5b508674cbfce2cee", "type": "github" }, "original": { -- 2.47.1 From 778388bf990f7a496668c2963fe359c3ec380d82 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 7 May 2023 18:43:10 +0200 Subject: [PATCH 1584/1882] add tmux --- nixos/common/users/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index 99906a42..674a6d74 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -46,6 +46,7 @@ psmisc ripgrep rsync + tmux zoxide tmux ]; -- 2.47.1 From af3a5e2b7ab92976ba060c13a3d59717df8f4d5f Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 16 May 2023 09:56:08 +0200 Subject: [PATCH 1585/1882] update flake --- flake.lock | 48 +++++++++---------- nixos/hosts/hades/overseerr/configuration.nix | 1 - nixos/hosts/olympus/bastion/configuration.nix | 1 - nixos/hosts/olympus/synapse/configuration.nix | 3 -- 4 files changed, 24 insertions(+), 29 deletions(-) diff --git a/flake.lock b/flake.lock index fee79957..041e26f5 100644 --- a/flake.lock +++ b/flake.lock @@ -88,11 +88,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1682737380, - "narHash": "sha256-n3rZkHZls9BNr35o3veK00UsM1KSh/oNTJjLkFbEOY8=", + "lastModified": 1684127527, + "narHash": "sha256-tAzgb2jgmRaX9HETry38h2OvBf9YkHEH1fFvIJQV9A0=", "owner": "zhaofengli", "repo": "colmena", - "rev": "be837ee341b6508c355035973d5f7c7e88d7c64f", + "rev": "caf33af7d854c8d9b88a8f3dae7adb1c24c1407b", "type": "github" }, "original": { @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1683989410, - "narHash": "sha256-puF/QsIkp4ch0sf6M5mNzbdZtYcq2MJHcKre9wJ3ZYo=", + "lastModified": 1684157850, + "narHash": "sha256-xGHTCgvAxO5CgAL6IAgE/VGRX2wob2Y+DPyqpXJ32oQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "6702b22b9805bc1879715d4111e3764cd4237aed", + "rev": "c0deab0effd576e70343cb5df0c64428e0e0d010", "type": "github" }, "original": { @@ -702,11 +702,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1674641431, - "narHash": "sha256-qfo19qVZBP4qn5M5gXc/h1MDgAtPA5VxJm9s8RUAkVk=", + "lastModified": 1683408522, + "narHash": "sha256-9kcPh6Uxo17a3kK3XCHhcWiV1Yu1kYj22RHiymUhMkU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9b97ad7b4330aacda9b2343396eb3df8a853b4fc", + "rev": "897876e4c484f1e8f92009fd11b7d988a121a4e7", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1683928319, - "narHash": "sha256-maz0DRKixJVcNRMiAMWlJniiF8IuQ+WbfmlJJ8D+jfM=", + "lastModified": 1684130981, + "narHash": "sha256-5IPp/rUAOogega5xuRoxcpfkwlGDAyWdizL0Tp2GA4s=", "owner": "nixos", "repo": "nixpkgs", - "rev": "9656e85a15a0fe67847ee8cdb99a20d8df499962", + "rev": "d41eea2839de7de0f2cbe4aa90fde5db8afcd30a", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1684056101, - "narHash": "sha256-6xb8TPVNv+Tm6AeNH16yy9+E+dZ3EaPYQB62LiSOAac=", + "lastModified": 1684218676, + "narHash": "sha256-VOeTvnRk+U0S6Hj0b5cYlM7F2zi/o9G5aji1LZGUwfc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "176aaf016abe98be350f8fb8cebbdd63d4b05be5", + "rev": "9318364586592bb95c8b1091427a501348960971", "type": "github" }, "original": { @@ -831,11 +831,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1683408522, - "narHash": "sha256-9kcPh6Uxo17a3kK3XCHhcWiV1Yu1kYj22RHiymUhMkU=", + "lastModified": 1684049129, + "narHash": "sha256-7WB9LpnPNAS8oI7hMoHeKLNhRX7k3CI9uWBRSfmOCCE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "897876e4c484f1e8f92009fd11b7d988a121a4e7", + "rev": "0470f36b02ef01d4f43c641bbf07020bcab71bf1", "type": "github" }, "original": { @@ -931,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1684057446, - "narHash": "sha256-RgfgKKr7rBD4Fz9pjiikKgs8zxZ+PPls8fh4IwdNd6k=", + "lastModified": 1684141492, + "narHash": "sha256-j2fWY7kbOETSNDtlX7whkq2APe44PijzgaCTWV8oE/I=", "owner": "pta2002", "repo": "nixvim", - "rev": "c1a46a8360c864c4d4ef7d7240ff5403269cf00c", + "rev": "3600698abad00756947eb3a3d837beedf1c2f551", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1684042604, - "narHash": "sha256-kKaNKeDtMLOcsTf8XnOT0/rYvvcqTQNGiIr5rO9PcgQ=", + "lastModified": 1684218745, + "narHash": "sha256-UvP4puWuP+FD7/mxzd9UZZxeeggS5si3EyYMa6oZRR8=", "owner": "nix-community", "repo": "NUR", - "rev": "f3b31a6e1a397412d4c3afe5b508674cbfce2cee", + "rev": "4543a5dcb060e40588ba753f773793e34e7e9489", "type": "github" }, "original": { diff --git a/nixos/hosts/hades/overseerr/configuration.nix b/nixos/hosts/hades/overseerr/configuration.nix index 4b354fe6..263dd9a4 100644 --- a/nixos/hosts/hades/overseerr/configuration.nix +++ b/nixos/hosts/hades/overseerr/configuration.nix @@ -28,7 +28,6 @@ overseerr = { image = "ghcr.io/sct/overseerr:1.32.5"; environment = { - # LOG_LEVEL = "debug"; TZ = "Europe/Amsterdam"; }; ports = [ "5055:5055" ]; diff --git a/nixos/hosts/olympus/bastion/configuration.nix b/nixos/hosts/olympus/bastion/configuration.nix index d1575759..77705739 100644 --- a/nixos/hosts/olympus/bastion/configuration.nix +++ b/nixos/hosts/olympus/bastion/configuration.nix @@ -34,7 +34,6 @@ in { # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; - boot.loader.grub.version = 2; boot.loader.grub.device = "/dev/sda"; # This value determines the NixOS release from which the default diff --git a/nixos/hosts/olympus/synapse/configuration.nix b/nixos/hosts/olympus/synapse/configuration.nix index fbb389c1..29559608 100644 --- a/nixos/hosts/olympus/synapse/configuration.nix +++ b/nixos/hosts/olympus/synapse/configuration.nix @@ -18,9 +18,6 @@ in { # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.11"; # Did you read the comment? - # Additional packages - environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ port metricsPort ]; vault-secrets.secrets.synapse = { -- 2.47.1 From a2511aa7082409fa4fd40e4c9602431d39251c10 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 18 May 2023 15:04:23 +0200 Subject: [PATCH 1586/1882] add lidarr --- flake.lock | 24 +++++++-------- flake.nix | 1 + nixos/hosts/hades/overseerr/configuration.nix | 9 +++++- nixos/hosts/hades/overseerr/lidarr.nix | 30 +++++++++++++++++++ nixos/hosts/olympus/eevee/configuration.nix | 1 + notes/boot_full.md | 11 +++++++ 6 files changed, 63 insertions(+), 13 deletions(-) create mode 100644 nixos/hosts/hades/overseerr/lidarr.nix create mode 100644 notes/boot_full.md diff --git a/flake.lock b/flake.lock index 041e26f5..9a7d3f2e 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1684157850, - "narHash": "sha256-xGHTCgvAxO5CgAL6IAgE/VGRX2wob2Y+DPyqpXJ32oQ=", + "lastModified": 1684321175, + "narHash": "sha256-V4EbM+jK7pvjKBaj0dgAiW9ultzDE27Nz5fRyu/ceMk=", "owner": "nix-community", "repo": "home-manager", - "rev": "c0deab0effd576e70343cb5df0c64428e0e0d010", + "rev": "59659243cd4ababda605e79b4a9c2e6d83e24c86", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1684130981, - "narHash": "sha256-5IPp/rUAOogega5xuRoxcpfkwlGDAyWdizL0Tp2GA4s=", + "lastModified": 1684280442, + "narHash": "sha256-nC1/kfh6tpMQSLQalbNTNnireIlxvLLugrjZdasNh+I=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d41eea2839de7de0f2cbe4aa90fde5db8afcd30a", + "rev": "6c591e7adc514090a77209f56c9d0c551ab8530d", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1684218676, - "narHash": "sha256-VOeTvnRk+U0S6Hj0b5cYlM7F2zi/o9G5aji1LZGUwfc=", + "lastModified": 1684398339, + "narHash": "sha256-Mrx9RW8e7dZRh6F+koFhKNKYhKk/GmCdsEpdYcQJ9rQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "9318364586592bb95c8b1091427a501348960971", + "rev": "4105d3b66358485f1693c5650458bb8819efa8e7", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1684218745, - "narHash": "sha256-UvP4puWuP+FD7/mxzd9UZZxeeggS5si3EyYMa6oZRR8=", + "lastModified": 1684397671, + "narHash": "sha256-buTLC8raxk9o4qkoRYiwbOm+8+2CtZyNtEk7wMRm6Tw=", "owner": "nix-community", "repo": "NUR", - "rev": "4543a5dcb060e40588ba753f773793e34e7e9489", + "rev": "c27cba4712f8eb426f8e2e7e2842cef89e672872", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index d5ff657b..8c40bb08 100644 --- a/flake.nix +++ b/flake.nix @@ -146,6 +146,7 @@ nixUnstable nil vault + yamllint (vault-push-approle-envs self { }) (vault-push-approles self { }) fast-repl diff --git a/nixos/hosts/hades/overseerr/configuration.nix b/nixos/hosts/hades/overseerr/configuration.nix index 263dd9a4..36911a91 100644 --- a/nixos/hosts/hades/overseerr/configuration.nix +++ b/nixos/hosts/hades/overseerr/configuration.nix @@ -5,7 +5,9 @@ { ... }: { - imports = [ ]; + imports = [ + ./lidarr.nix + ]; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions @@ -20,6 +22,11 @@ networking.firewall.allowedTCPPorts = [ 5055 ]; + fileSystems."/mnt/storage" = { + device = "storage:/mnt/storage"; + fsType = "nfs"; + }; + virtualisation.podman.enable = true; # TODO: Write NixOS package https://github.com/NixOS/nixpkgs/issues/135885 virtualisation.oci-containers = { diff --git a/nixos/hosts/hades/overseerr/lidarr.nix b/nixos/hosts/hades/overseerr/lidarr.nix new file mode 100644 index 00000000..cba131e7 --- /dev/null +++ b/nixos/hosts/hades/overseerr/lidarr.nix @@ -0,0 +1,30 @@ +{ config, ... }: +let vs = config.vault-secrets.secrets; +in { + networking.firewall.allowedTCPPorts = [ 8686 ]; + + vault-secrets.secrets.lidarr = { + quoteEnvironmentValues = false; # Needed for docker + }; + + virtualisation.oci-containers.containers.lidarr = { + image = "randomninjaatk/lidarr-extended:latest"; + extraOptions = [ "--pull=newer" ]; + environment = { + TZ = "Europe/Amsterdam"; + dlClientSource = "deezer"; + enableVideoScript = "false"; + }; + environmentFiles = [ + # This file defines arlToken + "${vs.lidarr}/environment" + ]; + ports = [ "8686:8686" ]; + volumes = [ + "/var/lib/lidarr/config:/config" + "/var/lib/lidarr/downloads:/downloads-lidarr-extended" + "/mnt/storage/plex/Music:/music" + "/mnt/storage/plex/MusicVideos:/music-videos" + ]; + }; +} diff --git a/nixos/hosts/olympus/eevee/configuration.nix b/nixos/hosts/olympus/eevee/configuration.nix index e74c1a18..bf240a9f 100644 --- a/nixos/hosts/olympus/eevee/configuration.nix +++ b/nixos/hosts/olympus/eevee/configuration.nix @@ -11,6 +11,7 @@ initrd = { kernelModules = [ "nvidia" "nvidia_modeset" "nvidia_uvm" "nvidia_drm" ]; }; + loader.systemd-boot.configurationLimit = 5; }; fileSystems."/".options = [ "compress=zstd" ]; diff --git a/notes/boot_full.md b/notes/boot_full.md new file mode 100644 index 00000000..05ef3363 --- /dev/null +++ b/notes/boot_full.md @@ -0,0 +1,11 @@ +# NixOS /boot full + +If `/boot` is full run the following commands: + +``` +sudo nix-collect-garbage -d +nix-env -p /mnt/nix/var/nix/profiles/system --delete-generations +2 +sudo nixos-rebuild boot --flake '.#eevee' +``` + +This should delete the older generations and free up some space -- 2.47.1 From bc954cc68da67a578fb9845a611f981f6ccc8fab Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 18 May 2023 16:58:36 +0200 Subject: [PATCH 1587/1882] refactored *arr --- nixos/hosts/hades/default.nix | 22 +++----------- nixos/hosts/hades/overseerr/README.md | 2 ++ nixos/hosts/hades/overseerr/configuration.nix | 29 +++++-------------- nixos/hosts/hades/overseerr/overseerr.nix | 10 +++++++ nixos/hosts/hades/overseerr/prowlarr.nix | 11 +++++++ nixos/hosts/hades/overseerr/radarr.nix | 7 +++++ nixos/hosts/hades/overseerr/sonarr.nix | 7 +++++ .../unpackerr.nix} | 16 ++-------- nixos/hosts/hades/prowlarr/configuration.nix | 21 -------------- nixos/hosts/hades/radarr/configuration.nix | 15 ---------- nixos/hosts/hades/sonarr/configuration.nix | 15 ---------- 11 files changed, 51 insertions(+), 104 deletions(-) create mode 100644 nixos/hosts/hades/overseerr/README.md create mode 100644 nixos/hosts/hades/overseerr/overseerr.nix create mode 100644 nixos/hosts/hades/overseerr/prowlarr.nix create mode 100644 nixos/hosts/hades/overseerr/radarr.nix create mode 100644 nixos/hosts/hades/overseerr/sonarr.nix rename nixos/hosts/hades/{unpackerr/configuration.nix => overseerr/unpackerr.nix} (56%) delete mode 100644 nixos/hosts/hades/prowlarr/configuration.nix delete mode 100644 nixos/hosts/hades/radarr/configuration.nix delete mode 100644 nixos/hosts/hades/sonarr/configuration.nix diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index e7e63774..b6af2daf 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -84,10 +84,7 @@ mac = "00:50:56:91:0d:69"; nix = false; }; - "unpackerr" = { - ip = "192.168.0.116"; - mac = "06:8a:8e:3e:43:45"; - }; + # ip = "192.168.0.116"; "thelounge" = { ip = "192.168.0.117"; mac = "00:0c:29:2a:69:8f"; @@ -102,11 +99,7 @@ ip = "192.168.0.119"; mac = "DE:7C:32:7E:DD:A1"; }; - "radarr2" = { - ip = "192.168.0.120"; - mac = "5e:d3:75:93:56:ee"; - profile = "radarr"; - }; + # ip = "192.168.0.120"; "jackett2" = { ip = "192.168.0.121"; mac = "4e:e7:64:b7:88:b8"; @@ -159,19 +152,12 @@ mac = "00:0c:29:9b:e1:c4"; nix = false; }; - "sonarr2" = { - ip = "192.168.0.132"; - mac = "ea:ac:be:53:18:27"; - profile = "sonarr"; - }; + # ip = "192.168.0.132"; "mastodon" = { ip = "192.168.0.138"; mac = "52:60:8a:06:86:9c"; }; - "prowlarr" = { - ip = "192.168.0.140"; - mac = "3a:67:8e:98:0c:a2"; - }; + # ip = "192.168.0.140"; "archlinux" = { ip = "192.168.0.200"; mac = "00:0c:29:e4:0d:17"; diff --git a/nixos/hosts/hades/overseerr/README.md b/nixos/hosts/hades/overseerr/README.md new file mode 100644 index 00000000..dfaa5617 --- /dev/null +++ b/nixos/hosts/hades/overseerr/README.md @@ -0,0 +1,2 @@ +# Overseerr & co. +This LXC container hosts all my *arr services and overseerr diff --git a/nixos/hosts/hades/overseerr/configuration.nix b/nixos/hosts/hades/overseerr/configuration.nix index 36911a91..86fe2976 100644 --- a/nixos/hosts/hades/overseerr/configuration.nix +++ b/nixos/hosts/hades/overseerr/configuration.nix @@ -2,11 +2,14 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ ... }: - -{ +{ ... }: { imports = [ + ./radarr.nix + ./sonarr.nix ./lidarr.nix + ./prowlarr.nix + ./unpackerr.nix + ./overseerr.nix ]; # This value determines the NixOS release from which the default @@ -17,29 +20,11 @@ # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.11"; # Did you read the comment? - # Additional packages - # environment.systemPackages = with pkgs; [ ]; - - networking.firewall.allowedTCPPorts = [ 5055 ]; - fileSystems."/mnt/storage" = { device = "storage:/mnt/storage"; fsType = "nfs"; }; virtualisation.podman.enable = true; - # TODO: Write NixOS package https://github.com/NixOS/nixpkgs/issues/135885 - virtualisation.oci-containers = { - backend = "podman"; - containers = { - overseerr = { - image = "ghcr.io/sct/overseerr:1.32.5"; - environment = { - TZ = "Europe/Amsterdam"; - }; - ports = [ "5055:5055" ]; - volumes = [ "/var/lib/overseerr/config:/app/config" ]; - }; - }; - }; + virtualisation.oci-containers.backend = "podman"; } diff --git a/nixos/hosts/hades/overseerr/overseerr.nix b/nixos/hosts/hades/overseerr/overseerr.nix new file mode 100644 index 00000000..a254dcff --- /dev/null +++ b/nixos/hosts/hades/overseerr/overseerr.nix @@ -0,0 +1,10 @@ +{ ... }: { + networking.firewall.allowedTCPPorts = [ 5055 ]; + # TODO: Write NixOS package https://github.com/NixOS/nixpkgs/issues/135885 + virtualisation.oci-containers.containers.overseerr = { + image = "ghcr.io/sct/overseerr:1.32.5"; + environment = { TZ = "Europe/Amsterdam"; }; + ports = [ "5055:5055" ]; + volumes = [ "/var/lib/overseerr/config:/app/config" ]; + }; +} diff --git a/nixos/hosts/hades/overseerr/prowlarr.nix b/nixos/hosts/hades/overseerr/prowlarr.nix new file mode 100644 index 00000000..8c2b7f9b --- /dev/null +++ b/nixos/hosts/hades/overseerr/prowlarr.nix @@ -0,0 +1,11 @@ +{ ... }: { + services.prowlarr = { + enable = true; + openFirewall = true; + }; + + virtualisation.oci-containers.containers.flaresolverr = { + image = "flaresolverr/flaresolverr:v3.1.2"; + ports = [ "8191:8191" ]; + }; +} diff --git a/nixos/hosts/hades/overseerr/radarr.nix b/nixos/hosts/hades/overseerr/radarr.nix new file mode 100644 index 00000000..f1a10b5d --- /dev/null +++ b/nixos/hosts/hades/overseerr/radarr.nix @@ -0,0 +1,7 @@ +{ ... }: { + services.radarr = { + enable = true; + openFirewall = true; + dataDir = "/var/lib/radarr"; + }; +} diff --git a/nixos/hosts/hades/overseerr/sonarr.nix b/nixos/hosts/hades/overseerr/sonarr.nix new file mode 100644 index 00000000..1bc05bfe --- /dev/null +++ b/nixos/hosts/hades/overseerr/sonarr.nix @@ -0,0 +1,7 @@ +{ ... }: { + services.sonarr = { + enable = true; + dataDir = "/var/lib/sonarr"; + openFirewall = true; + }; +} diff --git a/nixos/hosts/hades/unpackerr/configuration.nix b/nixos/hosts/hades/overseerr/unpackerr.nix similarity index 56% rename from nixos/hosts/hades/unpackerr/configuration.nix rename to nixos/hosts/hades/overseerr/unpackerr.nix index a57ca6a8..b04f4743 100644 --- a/nixos/hosts/hades/unpackerr/configuration.nix +++ b/nixos/hosts/hades/overseerr/unpackerr.nix @@ -1,29 +1,19 @@ { config, ... }: let vs = config.vault-secrets.secrets; in { - networking.interfaces.eth0.useDHCP = true; - - fileSystems."/mnt/storage" = { - device = "storage:/mnt/storage"; - fsType = "nfs"; - }; - - system.stateVersion = "21.11"; - vault-secrets.secrets.unpackerr = { }; services.unpackerr = { enable = true; - debug = true; + debug = false; environmentFile = "${vs.unpackerr}/environment"; sonarr = { - url = "http://sonarr2:8989/"; + url = "http://localhost:8989/"; paths = "/mnt/storage/torrents/r/TV"; }; radarr = { - url = "http://radarr2:7878/"; + url = "http://localhost:7878/"; paths = "/mnt/storage/torrents/r/Movie"; }; }; } - diff --git a/nixos/hosts/hades/prowlarr/configuration.nix b/nixos/hosts/hades/prowlarr/configuration.nix deleted file mode 100644 index d0ecc2f6..00000000 --- a/nixos/hosts/hades/prowlarr/configuration.nix +++ /dev/null @@ -1,21 +0,0 @@ -_: { - networking.interfaces.eth0.useDHCP = true; - system.stateVersion = "22.11"; - - services.prowlarr = { - enable = true; - openFirewall = true; - }; - - virtualisation.podman.enable = true; - - virtualisation.oci-containers = { - backend = "podman"; - containers = { - flaresolverr = { - image = "flaresolverr/flaresolverr:v3.1.2"; - ports = [ "8191:8191" ]; - }; - }; - }; -} diff --git a/nixos/hosts/hades/radarr/configuration.nix b/nixos/hosts/hades/radarr/configuration.nix deleted file mode 100644 index 5a3b874b..00000000 --- a/nixos/hosts/hades/radarr/configuration.nix +++ /dev/null @@ -1,15 +0,0 @@ -_: { - system.stateVersion = "21.05"; - networking.interfaces.eth0.useDHCP = true; - - fileSystems."/mnt/storage" = { - device = "storage:/mnt/storage"; - fsType = "nfs"; - }; - - services.radarr = { - enable = true; - dataDir = "/data/radarr"; - openFirewall = true; - }; -} diff --git a/nixos/hosts/hades/sonarr/configuration.nix b/nixos/hosts/hades/sonarr/configuration.nix deleted file mode 100644 index 5137cc17..00000000 --- a/nixos/hosts/hades/sonarr/configuration.nix +++ /dev/null @@ -1,15 +0,0 @@ -_: { - system.stateVersion = "21.05"; - networking.interfaces.eth0.useDHCP = true; - - fileSystems."/mnt/storage" = { - device = "storage:/mnt/storage"; - fsType = "nfs"; - }; - - services.sonarr = { - enable = true; - dataDir = "/data/sonarr"; - openFirewall = true; - }; -} -- 2.47.1 From 409c927fff807da53348428c4aafe47c840b0b2e Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 19 May 2023 15:16:07 +0200 Subject: [PATCH 1588/1882] fixes --- README.md | 2 +- nixos/hosts/hades/overseerr/overseerr.nix | 2 +- nixos/hosts/hades/overseerr/prowlarr.nix | 2 +- nixos/hosts/hades/overseerr/radarr.nix | 2 +- nixos/hosts/hades/unifi/configuration.nix | 2 ++ 5 files changed, 6 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index caceedb7..d55c0019 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# 0x76's Infrastructure +# 0x76's Infrastructure This repository contains my fleet of VMs, Containers and Bare Metal machines. ## Directory Structure diff --git a/nixos/hosts/hades/overseerr/overseerr.nix b/nixos/hosts/hades/overseerr/overseerr.nix index a254dcff..c0787990 100644 --- a/nixos/hosts/hades/overseerr/overseerr.nix +++ b/nixos/hosts/hades/overseerr/overseerr.nix @@ -1,4 +1,4 @@ -{ ... }: { +_: { networking.firewall.allowedTCPPorts = [ 5055 ]; # TODO: Write NixOS package https://github.com/NixOS/nixpkgs/issues/135885 virtualisation.oci-containers.containers.overseerr = { diff --git a/nixos/hosts/hades/overseerr/prowlarr.nix b/nixos/hosts/hades/overseerr/prowlarr.nix index 8c2b7f9b..dd39cbca 100644 --- a/nixos/hosts/hades/overseerr/prowlarr.nix +++ b/nixos/hosts/hades/overseerr/prowlarr.nix @@ -1,4 +1,4 @@ -{ ... }: { +_: { services.prowlarr = { enable = true; openFirewall = true; diff --git a/nixos/hosts/hades/overseerr/radarr.nix b/nixos/hosts/hades/overseerr/radarr.nix index f1a10b5d..94f0c435 100644 --- a/nixos/hosts/hades/overseerr/radarr.nix +++ b/nixos/hosts/hades/overseerr/radarr.nix @@ -1,4 +1,4 @@ -{ ... }: { +_: { services.radarr = { enable = true; openFirewall = true; diff --git a/nixos/hosts/hades/unifi/configuration.nix b/nixos/hosts/hades/unifi/configuration.nix index 66d9ee02..f4c3e5ff 100644 --- a/nixos/hosts/hades/unifi/configuration.nix +++ b/nixos/hosts/hades/unifi/configuration.nix @@ -2,6 +2,8 @@ system.stateVersion = "21.05"; networking.interfaces.eth0.useDHCP = true; + environment.systemPackages = [ pkgs.mongodb-4_2 ]; + services.unifi = { enable = true; unifiPackage = pkgs.unifi; -- 2.47.1 From 95a1a28e91fab753a09788771aeb4dbcb0b82289 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 19 May 2023 22:55:51 +0200 Subject: [PATCH 1589/1882] immich: wip --- flake.lock | 42 ++++++------- nixos/hosts/hades/default.nix | 5 +- nixos/hosts/hades/immich/configuration.nix | 68 ++++++++++++++++++++++ nixos/hosts/hades/overseerr/sonarr.nix | 2 +- 4 files changed, 94 insertions(+), 23 deletions(-) create mode 100644 nixos/hosts/hades/immich/configuration.nix diff --git a/flake.lock b/flake.lock index 9a7d3f2e..fc08d98a 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1684321175, - "narHash": "sha256-V4EbM+jK7pvjKBaj0dgAiW9ultzDE27Nz5fRyu/ceMk=", + "lastModified": 1684484967, + "narHash": "sha256-P3ftCqeJmDYS9LSr2gGC4XGGcp5vv8TOasJX6fVHWsw=", "owner": "nix-community", "repo": "home-manager", - "rev": "59659243cd4ababda605e79b4a9c2e6d83e24c86", + "rev": "b9a52ad20e58ebd003444915e35e3dd2c18fc715", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1684280442, - "narHash": "sha256-nC1/kfh6tpMQSLQalbNTNnireIlxvLLugrjZdasNh+I=", + "lastModified": 1684398685, + "narHash": "sha256-TRE62m91iZ5ArVMgA+uj22Yda8JoQuuhc9uwZ+NoX+0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6c591e7adc514090a77209f56c9d0c551ab8530d", + "rev": "628d4bb6e9f4f0c30cfd9b23d3c1cdcec9d3cb5c", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1684398339, - "narHash": "sha256-Mrx9RW8e7dZRh6F+koFhKNKYhKk/GmCdsEpdYcQJ9rQ=", + "lastModified": 1684502756, + "narHash": "sha256-7ssIPaLW2ncTApmExLSoqomPBlubNyUWm/SZYVgKhpI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4105d3b66358485f1693c5650458bb8819efa8e7", + "rev": "a13191189f5d8a7e515155c24eb4e346aa4752f4", "type": "github" }, "original": { @@ -831,11 +831,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1684049129, - "narHash": "sha256-7WB9LpnPNAS8oI7hMoHeKLNhRX7k3CI9uWBRSfmOCCE=", + "lastModified": 1684385584, + "narHash": "sha256-O7y0gK8OLIDqz+LaHJJyeu09IGiXlZIS3+JgEzGmmJA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0470f36b02ef01d4f43c641bbf07020bcab71bf1", + "rev": "48a0fb7aab511df92a17cf239c37f2bd2ec9ae3a", "type": "github" }, "original": { @@ -931,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1684141492, - "narHash": "sha256-j2fWY7kbOETSNDtlX7whkq2APe44PijzgaCTWV8oE/I=", + "lastModified": 1684488481, + "narHash": "sha256-NLHSxDUxw/Epw8CRk2cDPt3Zaaw1Zvbgvr2axNGQHds=", "owner": "pta2002", "repo": "nixvim", - "rev": "3600698abad00756947eb3a3d837beedf1c2f551", + "rev": "1d478841f8bf84f3b69095984aa74c56abb86ffa", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1684397671, - "narHash": "sha256-buTLC8raxk9o4qkoRYiwbOm+8+2CtZyNtEk7wMRm6Tw=", + "lastModified": 1684500955, + "narHash": "sha256-EJUdpm4lkMn+/HUl3NSHutK+jDLdOHvGBWgz8RlT6Ck=", "owner": "nix-community", "repo": "NUR", - "rev": "c27cba4712f8eb426f8e2e7e2842cef89e672872", + "rev": "98294130adb4c09ac5f66e83bf98d80b7853f1d3", "type": "github" }, "original": { @@ -1015,11 +1015,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1682596858, - "narHash": "sha256-Hf9XVpqaGqe/4oDGr30W8HlsWvJXtMsEPHDqHZA6dDg=", + "lastModified": 1684195081, + "narHash": "sha256-IKnQUSBhQTChFERxW2AzuauVpY1HRgeVzAjNMAA4B6I=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "fb58866e20af98779017134319b5663b8215d912", + "rev": "96eabec58248ed8f4b0ad59e7ce9398018684fdc", "type": "github" }, "original": { diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index b6af2daf..bfc14d89 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -84,7 +84,10 @@ mac = "00:50:56:91:0d:69"; nix = false; }; - # ip = "192.168.0.116"; + "immich" = { + ip = "192.168.0.116"; + mac = "06:8a:8e:3e:43:45"; + }; "thelounge" = { ip = "192.168.0.117"; mac = "00:0c:29:2a:69:8f"; diff --git a/nixos/hosts/hades/immich/configuration.nix b/nixos/hosts/hades/immich/configuration.nix new file mode 100644 index 00000000..97c6146f --- /dev/null +++ b/nixos/hosts/hades/immich/configuration.nix @@ -0,0 +1,68 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ pkgs, config, lib, ... }: +let + # https://github.com/immich-app/immich/releases + version = "1.55.1"; + dataDir = "/var/lib/immich"; +in { + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.05"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + # TODO: https://github.com/suderman/nixos/tree/main/modules/nixos/immich + + fileSystems."/mnt/storage" = { + device = "storage:/mnt/storage"; + fsType = "nfs"; + }; + + # Unused uid/gid snagged from this list: + # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/misc/ids.nix + ids.uids.immich = 911; + ids.gids.immich = 911; + + users.users.immich = { + isSystemUser = true; + group = "photos"; + description = "Immich daemon user"; + home = dataDir; + uid = config.ids.uids.immich; + }; + + users.groups.immich = { gid = config.ids.gids.immich; }; + + # Postgres database configuration + services.postgresql = { + enable = true; + + package = pkgs.postgresql_15; + + ensureUsers = [{ + name = "immich"; + ensurePermissions = { "DATABASE immich" = "ALL PRIVILEGES"; }; + }]; + ensureDatabases = [ "immich" ]; + + # Allow connections from any docker IP addresses + authentication = '' + host immich immich 172.16.0.0/12 md5 + host all all 127.0.0.1/32 ident + ''; + + }; + + # Allow docker containers to connect + networking.firewall.allowedTCPPorts = [ config.services.postgresql.port ]; +} diff --git a/nixos/hosts/hades/overseerr/sonarr.nix b/nixos/hosts/hades/overseerr/sonarr.nix index 1bc05bfe..1cf8f153 100644 --- a/nixos/hosts/hades/overseerr/sonarr.nix +++ b/nixos/hosts/hades/overseerr/sonarr.nix @@ -1,4 +1,4 @@ -{ ... }: { +_: { services.sonarr = { enable = true; dataDir = "/var/lib/sonarr"; -- 2.47.1 From a6859caa568789918c66f193c7f13e45bbfac2c9 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 21 May 2023 10:28:06 +0200 Subject: [PATCH 1590/1882] fix some bugs --- flake.lock | 24 +++++++++---------- nixos/hosts/hades/nginx/configuration.nix | 5 +++- nixos/hosts/olympus/nginx/configuration.nix | 1 + .../hosts/olympus/wireguard/configuration.nix | 2 +- 4 files changed, 18 insertions(+), 14 deletions(-) diff --git a/flake.lock b/flake.lock index fc08d98a..d4dce045 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1684484967, - "narHash": "sha256-P3ftCqeJmDYS9LSr2gGC4XGGcp5vv8TOasJX6fVHWsw=", + "lastModified": 1684596126, + "narHash": "sha256-4RZZmygeEXpuBqEXGs38ZAcWjWKGwu13Iqbxub6wuJk=", "owner": "nix-community", "repo": "home-manager", - "rev": "b9a52ad20e58ebd003444915e35e3dd2c18fc715", + "rev": "27ef11f0218d9018ebb2948d40133df2b1de622d", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1684502756, - "narHash": "sha256-7ssIPaLW2ncTApmExLSoqomPBlubNyUWm/SZYVgKhpI=", + "lastModified": 1684612454, + "narHash": "sha256-15vluZKXxC76FqAryST1QrUVE7Xlwkrs7lrPTQGYIz0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a13191189f5d8a7e515155c24eb4e346aa4752f4", + "rev": "8bf3e834daedadc6d0f4172616b2bdede1109c48", "type": "github" }, "original": { @@ -931,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1684488481, - "narHash": "sha256-NLHSxDUxw/Epw8CRk2cDPt3Zaaw1Zvbgvr2axNGQHds=", + "lastModified": 1684615967, + "narHash": "sha256-L5d96HpuKble8AzWnYzQNxrSszoJLn2f4xocxFNnnA0=", "owner": "pta2002", "repo": "nixvim", - "rev": "1d478841f8bf84f3b69095984aa74c56abb86ffa", + "rev": "2da04fa4add8b8bb25156de4f5ef4592f5214ef5", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1684500955, - "narHash": "sha256-EJUdpm4lkMn+/HUl3NSHutK+jDLdOHvGBWgz8RlT6Ck=", + "lastModified": 1684612984, + "narHash": "sha256-XqWVrtHiY7r/NJMDS02i1kj3Q7BOU7BnfQfEd6v3ZIE=", "owner": "nix-community", "repo": "NUR", - "rev": "98294130adb4c09ac5f66e83bf98d80b7853f1d3", + "rev": "3c932dd06b0a537b890e1fd3e31deceb1ac3dea3", "type": "github" }, "original": { diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix index a9ed406c..98b27f3f 100644 --- a/nixos/hosts/hades/nginx/configuration.nix +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -15,6 +15,8 @@ let in { imports = [ ]; + nixpkgs.config.permittedInsecurePackages = [ "openssl-1.1.1t" ]; + # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave @@ -70,6 +72,7 @@ in { allow 10.10.10.1/24; allow 192.168.0.0/23; allow 80.60.83.220; + allow 83.128.154.23; allow 195.85.167.32/29; deny all; ''; @@ -99,7 +102,7 @@ in { proxyWebsockets = true; }; - locations."api/v1/streaming" = { + locations."/api/v1/streaming" = { proxyPass = "http://192.168.0.138:55000"; proxyWebsockets = true; }; diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 8e2a471a..83076ac4 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -85,6 +85,7 @@ in { allow 10.42.42.0/23; allow 192.168.0.0/23; allow 80.60.83.220; + allow 83.128.154.23; allow 195.85.167.32/29; deny all; ''; diff --git a/nixos/hosts/olympus/wireguard/configuration.nix b/nixos/hosts/olympus/wireguard/configuration.nix index 9b5ed7e1..59fefa8f 100644 --- a/nixos/hosts/olympus/wireguard/configuration.nix +++ b/nixos/hosts/olympus/wireguard/configuration.nix @@ -77,7 +77,7 @@ in { # https://docs.opnsense.org/manual/how-tos/wireguard-s2s.html publicKey = "KgqLhmUMX6kyTjRoa/GOCrZOvXNE5HWYuOr/T3v8/VI="; allowedIPs = [ "10.100.0.5/32" "192.168.0.0/23" "10.10.10.0/24" ]; - endpoint = "80.60.83.220:51820"; + endpoint = "83.128.154.23:51820"; persistentKeepalive = 25; } ]; -- 2.47.1 From 502f2b07356f05e056dfc4e0d23763fe9e07cccf Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 22 May 2023 14:04:40 +0200 Subject: [PATCH 1591/1882] force hosts file on mastodon --- flake.lock | 30 ++++++++++---------- nixos/hosts/hades/mastodon/configuration.nix | 4 +++ 2 files changed, 19 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index d4dce045..95d40ab3 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1684596126, - "narHash": "sha256-4RZZmygeEXpuBqEXGs38ZAcWjWKGwu13Iqbxub6wuJk=", + "lastModified": 1684741999, + "narHash": "sha256-KZLKsFZ6cLjCdCNKZoT8bc1y+rYBuFgKatmIB38zqy4=", "owner": "nix-community", "repo": "home-manager", - "rev": "27ef11f0218d9018ebb2948d40133df2b1de622d", + "rev": "ba006d7cca2cb871c6a31bdbc130c05cde5ca8e8", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1684398685, - "narHash": "sha256-TRE62m91iZ5ArVMgA+uj22Yda8JoQuuhc9uwZ+NoX+0=", + "lastModified": 1684580438, + "narHash": "sha256-LUPswmDn6fXP3lEBJFA2Id8PkcYDgzUilevWackYVvQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "628d4bb6e9f4f0c30cfd9b23d3c1cdcec9d3cb5c", + "rev": "7dc71aef32e8faf065cb171700792cf8a65c152d", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1684612454, - "narHash": "sha256-15vluZKXxC76FqAryST1QrUVE7Xlwkrs7lrPTQGYIz0=", + "lastModified": 1684745219, + "narHash": "sha256-vxHnt5UwcyYzbVzu0QE0FZID3QAvEb8FjUO8AXUQHCY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8bf3e834daedadc6d0f4172616b2bdede1109c48", + "rev": "e215adf3b8cf2acbbd2e1c9a869da13d005b4ddf", "type": "github" }, "original": { @@ -931,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1684615967, - "narHash": "sha256-L5d96HpuKble8AzWnYzQNxrSszoJLn2f4xocxFNnnA0=", + "lastModified": 1684736785, + "narHash": "sha256-K+iDJ/IRMxv0fLivCE2Dlfh5kmWsGOhiq1p/TDsLGe8=", "owner": "pta2002", "repo": "nixvim", - "rev": "2da04fa4add8b8bb25156de4f5ef4592f5214ef5", + "rev": "a3f79b313b2e63bf89364ba0527f8ed932a14066", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1684612984, - "narHash": "sha256-XqWVrtHiY7r/NJMDS02i1kj3Q7BOU7BnfQfEd6v3ZIE=", + "lastModified": 1684744323, + "narHash": "sha256-qv0LR5mQuoywkc77laylJ/sGdRxZ72kOxVcDdqDvzyw=", "owner": "nix-community", "repo": "NUR", - "rev": "3c932dd06b0a537b890e1fd3e31deceb1ac3dea3", + "rev": "514585e6daba663fe9e7f511d4d0cb61a63173ce", "type": "github" }, "original": { diff --git a/nixos/hosts/hades/mastodon/configuration.nix b/nixos/hosts/hades/mastodon/configuration.nix index e5a01316..ea184482 100644 --- a/nixos/hosts/hades/mastodon/configuration.nix +++ b/nixos/hosts/hades/mastodon/configuration.nix @@ -10,6 +10,10 @@ in { # Better cache hits environment.noXlibs = lib.mkForce false; + networking.hosts = { + "83.128.154.23" = [ "xirion.net" "o.xirion.net" "hades.xirion.net" ]; + }; + services.elasticsearch = { enable = true; cluster_name = "mastodon-es"; -- 2.47.1 From 7477c48aa2475b9302217a51acfed024cdb387cd Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Mon, 22 May 2023 14:07:10 +0200 Subject: [PATCH 1592/1882] update mastodon --- flake.lock | 38 +- flake.nix | 2 +- nixos/hosts/hades/mastodon/configuration.nix | 4 + nixos/pkgs/glitch-soc/default.nix | 2 +- nixos/pkgs/glitch-soc/gemset.nix | 2367 ++++++++---------- nixos/pkgs/glitch-soc/source.nix | 9 +- 6 files changed, 1129 insertions(+), 1293 deletions(-) diff --git a/flake.lock b/flake.lock index d4dce045..52edfb38 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1684596126, - "narHash": "sha256-4RZZmygeEXpuBqEXGs38ZAcWjWKGwu13Iqbxub6wuJk=", + "lastModified": 1684741999, + "narHash": "sha256-KZLKsFZ6cLjCdCNKZoT8bc1y+rYBuFgKatmIB38zqy4=", "owner": "nix-community", "repo": "home-manager", - "rev": "27ef11f0218d9018ebb2948d40133df2b1de622d", + "rev": "ba006d7cca2cb871c6a31bdbc130c05cde5ca8e8", "type": "github" }, "original": { @@ -671,11 +671,11 @@ ] }, "locked": { - "lastModified": 1683530131, - "narHash": "sha256-R0RSqj6JdZfru2x/cM19KJMHsU52OjtyxI5cccd+uFc=", + "lastModified": 1684751352, + "narHash": "sha256-CI7V/2aSBXsefcqX+IhL9zYayL4dPLucymlMCzVxyP4=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "10079333313ff62446e6f2b0e7c5231c7431d269", + "rev": "a9933ffcbc91688a4bc7dc427f454069a423343f", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1684398685, - "narHash": "sha256-TRE62m91iZ5ArVMgA+uj22Yda8JoQuuhc9uwZ+NoX+0=", + "lastModified": 1684580438, + "narHash": "sha256-LUPswmDn6fXP3lEBJFA2Id8PkcYDgzUilevWackYVvQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "628d4bb6e9f4f0c30cfd9b23d3c1cdcec9d3cb5c", + "rev": "7dc71aef32e8faf065cb171700792cf8a65c152d", "type": "github" }, "original": { @@ -815,16 +815,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1684612454, - "narHash": "sha256-15vluZKXxC76FqAryST1QrUVE7Xlwkrs7lrPTQGYIz0=", + "lastModified": 1684662198, + "narHash": "sha256-lmGDGuFONWSoGBKDDhU/6fOhhmFoZQ8rPf+kS7/e/Gs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8bf3e834daedadc6d0f4172616b2bdede1109c48", + "rev": "50a183182d7ae39133555414d48d5d609a28a57d", "type": "github" }, "original": { "owner": "nixos", - "ref": "master", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -931,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1684615967, - "narHash": "sha256-L5d96HpuKble8AzWnYzQNxrSszoJLn2f4xocxFNnnA0=", + "lastModified": 1684748678, + "narHash": "sha256-0afNO5R2IzYx3jNF+fQm1Aji2sd5ySwJyWD4/cp4gsY=", "owner": "pta2002", "repo": "nixvim", - "rev": "2da04fa4add8b8bb25156de4f5ef4592f5214ef5", + "rev": "eee375e97e001fda6e51b655cf79a82fae58ca4d", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1684612984, - "narHash": "sha256-XqWVrtHiY7r/NJMDS02i1kj3Q7BOU7BnfQfEd6v3ZIE=", + "lastModified": 1684744323, + "narHash": "sha256-qv0LR5mQuoywkc77laylJ/sGdRxZ72kOxVcDdqDvzyw=", "owner": "nix-community", "repo": "NUR", - "rev": "3c932dd06b0a537b890e1fd3e31deceb1ac3dea3", + "rev": "514585e6daba663fe9e7f511d4d0cb61a63173ce", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 8c40bb08..ff305d71 100644 --- a/flake.nix +++ b/flake.nix @@ -9,7 +9,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "github:nixos/nixpkgs/master"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; # nixpkgs.url = "github:NULLx76/nixpkgs/bazarr-1.2.1"; nixpkgs_22-11.url = "github:nixos/nixpkgs/nixos-22.11"; diff --git a/nixos/hosts/hades/mastodon/configuration.nix b/nixos/hosts/hades/mastodon/configuration.nix index e5a01316..3889a0cc 100644 --- a/nixos/hosts/hades/mastodon/configuration.nix +++ b/nixos/hosts/hades/mastodon/configuration.nix @@ -7,6 +7,10 @@ in { # Use DHCP with static leases networking.interfaces.eth0.useDHCP = true; + nixpkgs.config.permittedInsecurePackages = [ + "openssl-1.1.1t" + ]; + # Better cache hits environment.noXlibs = lib.mkForce false; diff --git a/nixos/pkgs/glitch-soc/default.nix b/nixos/pkgs/glitch-soc/default.nix index fe52d326..74839caf 100644 --- a/nixos/pkgs/glitch-soc/default.nix +++ b/nixos/pkgs/glitch-soc/default.nix @@ -42,7 +42,7 @@ stdenv.mkDerivation rec { yarnOfflineCache = fetchYarnDeps { yarnLock = "${src}/yarn.lock"; # sha256 = lib.fakeSha256; - sha256 = "sha256-5KmPgKE1QRPoTjeSYidKt/z9vzWzTOoJVr5dNtofKJY="; + sha256 = "sha256-+i5vejb1XWwNQffg9gzRY8FVOt8MK6ht4cxSSrGAS/Q="; }; nativeBuildInputs = [ diff --git a/nixos/pkgs/glitch-soc/gemset.nix b/nixos/pkgs/glitch-soc/gemset.nix index ec553917..e67520a5 100644 --- a/nixos/pkgs/glitch-soc/gemset.nix +++ b/nixos/pkgs/glitch-soc/gemset.nix @@ -1,1568 +1,1462 @@ { actioncable = { - dependencies = [ "actionpack" "activesupport" "nio4r" "websocket-driver" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["actionpack" "activesupport" "nio4r" "websocket-driver"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0bndmmby5qxq8rs42fbb2ax3hhbjj2ds8wja08s0iadkbrn7shvf"; type = "gem"; }; version = "6.1.7.3"; }; actionmailbox = { - dependencies = [ - "actionpack" - "activejob" - "activerecord" - "activestorage" - "activesupport" - "mail" - ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["actionpack" "activejob" "activerecord" "activestorage" "activesupport" "mail"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0cx00kf0syq5gdhlrmw0q9v92ki55drbsk4gzy86ls2q8xkd792s"; type = "gem"; }; version = "6.1.7.3"; }; actionmailer = { - dependencies = [ - "actionpack" - "actionview" - "activejob" - "activesupport" - "mail" - "rails-dom-testing" - ]; - groups = [ "default" "development" ]; - platforms = [ ]; + dependencies = ["actionpack" "actionview" "activejob" "activesupport" "mail" "rails-dom-testing"]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0vbif021cyndq3v3m61dkmgdbbirqk9zcsszb9nisq24m3gx1aai"; type = "gem"; }; version = "6.1.7.3"; }; actionpack = { - dependencies = [ - "actionview" - "activesupport" - "rack" - "rack-test" - "rails-dom-testing" - "rails-html-sanitizer" - ]; - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + dependencies = ["actionview" "activesupport" "rack" "rack-test" "rails-dom-testing" "rails-html-sanitizer"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0k6hc7klvn8m88b88vykl83jrpqhn4zz67l2zx9v266xga6fhala"; type = "gem"; }; version = "6.1.7.3"; }; actiontext = { - dependencies = [ - "actionpack" - "activerecord" - "activestorage" - "activesupport" - "nokogiri" - ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["actionpack" "activerecord" "activestorage" "activesupport" "nokogiri"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "16ldxyxlxl9scggpmkww2fxzim7sl2b4js610pvddcsr74z9fjs7"; type = "gem"; }; version = "6.1.7.3"; }; actionview = { - dependencies = [ - "activesupport" - "builder" - "erubi" - "rails-dom-testing" - "rails-html-sanitizer" - ]; - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + dependencies = ["activesupport" "builder" "erubi" "rails-dom-testing" "rails-html-sanitizer"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0ck02cfc17s6g05qn0k7khwvvazwbf2rxbjcma8px2nw2j1ngvcn"; type = "gem"; }; version = "6.1.7.3"; }; active_model_serializers = { - dependencies = - [ "actionpack" "activemodel" "case_transform" "jsonapi-renderer" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["actionpack" "activemodel" "case_transform" "jsonapi-renderer"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0xdp7cpj3yj3wl4vj0nqq44kzjavlxi1wq3cf9zp0whkir0ym0gy"; type = "gem"; }; version = "0.10.13"; }; activejob = { - dependencies = [ "activesupport" "globalid" ]; - groups = [ "default" "development" ]; - platforms = [ ]; + dependencies = ["activesupport" "globalid"]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "05bkw9qgjgj2nxzjj2fh6jp1fcvgff0aa4r77k0gcfmnzc1g8wdl"; type = "gem"; }; version = "6.1.7.3"; }; activemodel = { - dependencies = [ "activesupport" ]; - groups = [ "default" "development" ]; - platforms = [ ]; + dependencies = ["activesupport"]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "03hy5bwghdklcxbdylmsq70y0qzslck5slb2zkvp7g6mmvk86kwd"; type = "gem"; }; version = "6.1.7.3"; }; activerecord = { - dependencies = [ "activemodel" "activesupport" ]; - groups = [ "default" "development" ]; - platforms = [ ]; + dependencies = ["activemodel" "activesupport"]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1alshkgbcxp9s4vqb2b0yrrnyg15kxhlp1slsb03a61w7h42pspw"; type = "gem"; }; version = "6.1.7.3"; }; activestorage = { - dependencies = [ - "actionpack" - "activejob" - "activerecord" - "activesupport" - "marcel" - "mini_mime" - ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["actionpack" "activejob" "activerecord" "activesupport" "marcel" "mini_mime"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "06w4wlabqqr9bwdig44r5vdwkcbbivwgwn2fl775w7h05vrccgp8"; type = "gem"; }; version = "6.1.7.3"; }; activesupport = { - dependencies = [ "concurrent-ruby" "i18n" "minitest" "tzinfo" "zeitwerk" ]; - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo" "zeitwerk"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "06mihpy83a5xmavvn7l8vbix472dsi0vh30xj6g594k0679m0ir6"; type = "gem"; }; version = "6.1.7.3"; }; addressable = { - dependencies = [ "public_suffix" ]; - groups = [ "default" "development" "test" ]; - platforms = [ ]; + dependencies = ["public_suffix"]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "15s8van7r2ad3dq6i03l3z4hqnvxcq75a3h72kxvf9an53sqma20"; type = "gem"; }; version = "2.8.4"; }; aes_key_wrap = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "19bn0y70qm6mfj4y1m0j3s8ggh6dvxwrwrj5vfamhdrpddsz8ddr"; type = "gem"; }; version = "1.1.0"; }; airbrussh = { - dependencies = [ "sshkit" ]; - groups = [ "default" "development" ]; - platforms = [ ]; + dependencies = ["sshkit"]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0x55y3ynkda76pwnsvrrjlvxfcc7yn1irad8radll9c9cif41jqv"; type = "gem"; }; version = "1.4.1"; }; android_key_attestation = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "02spc1sh7zsljl02v9d5rdb717b628vw2k7jkkplifyjk4db0zj6"; type = "gem"; }; version = "0.3.0"; }; annotate = { - dependencies = [ "activerecord" "rake" ]; - groups = [ "development" ]; - platforms = [ ]; + dependencies = ["activerecord" "rake"]; + groups = ["development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1lw0fxb5mirsdp3bp20gjyvs7clvi19jbxnrm2ihm20kzfhvlqcs"; type = "gem"; }; version = "3.2.0"; }; ast = { - groups = [ "default" "development" "test" ]; - platforms = [ ]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "04nc8x27hlzlrr5c2gn7mar4vdr0apw5xg22wp6m8dx3wqr04a0y"; type = "gem"; }; version = "2.4.2"; }; attr_encrypted = { - dependencies = [ "encryptor" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["encryptor"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "034x6mbrv9apd83v99v9pm8vl3d17w5bbwws26gr4wv95fylmgnc"; type = "gem"; }; version = "4.0.0"; }; attr_required = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1g22axmi2rhhy7w8c3x6gppsawxqavbrnxpnmphh22fk7cwi0kh2"; type = "gem"; }; version = "1.0.1"; }; awrence = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0gj8f8c54r9cabkm41s59sa1ca5wpbipw7gq3sfl87x9296227fx"; type = "gem"; }; version = "1.2.1"; }; aws-eventstream = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1pyis1nvnbjxk12a43xvgj2gv0mvp4cnkc1gzw0v1018r61399gz"; type = "gem"; }; version = "1.2.0"; }; aws-partitions = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "18ndv604p1p3gkyy0d958jx2wp74d100q6vbc6ak70a7bv93wqsg"; type = "gem"; }; version = "1.752.0"; }; aws-sdk-core = { - dependencies = - [ "aws-eventstream" "aws-partitions" "aws-sigv4" "jmespath" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["aws-eventstream" "aws-partitions" "aws-sigv4" "jmespath"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0732vv8zi67z25fss1sdvqx0vv1ap3w6hz1avxzwznkjp002vj39"; type = "gem"; }; version = "3.171.0"; }; aws-sdk-kms = { - dependencies = [ "aws-sdk-core" "aws-sigv4" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["aws-sdk-core" "aws-sigv4"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0v87zi28dfmrv7bv91yfldccnpd63n295siirbz7wqv1rajn8n02"; type = "gem"; }; version = "1.63.0"; }; aws-sdk-s3 = { - dependencies = [ "aws-sdk-core" "aws-sdk-kms" "aws-sigv4" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["aws-sdk-core" "aws-sdk-kms" "aws-sigv4"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1s5v3799pi7ik53gv7dl02am5pngv6x4azzwx9my09nll4q3lfk8"; type = "gem"; }; version = "1.121.0"; }; aws-sigv4 = { - dependencies = [ "aws-eventstream" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["aws-eventstream"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "11hkna2av47bl0yprgp8k4ya70rc3m2ib5w10fn0piplgkkmhz7m"; type = "gem"; }; version = "1.5.2"; }; bcrypt = { - groups = [ "default" "pam_authentication" ]; - platforms = [ ]; + groups = ["default" "pam_authentication"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "048z3fvcknqx7ikkhrcrykxlqmf9bzc7l0y5h1cnvrc9n2qf0k8m"; type = "gem"; }; version = "3.1.18"; }; better_errors = { - dependencies = [ "coderay" "erubi" "rack" ]; - groups = [ "development" ]; - platforms = [ ]; + dependencies = ["coderay" "erubi" "rack"]; + groups = ["development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "11220lfzhsyf5fcril3qd689kgg46qlpiiaj00hc9mh4mcbc3vrr"; type = "gem"; }; version = "2.9.1"; }; better_html = { - dependencies = [ - "actionview" - "activesupport" - "ast" - "erubi" - "parser" - "smart_properties" - ]; - groups = [ "default" "development" "test" ]; - platforms = [ ]; + dependencies = ["actionview" "activesupport" "ast" "erubi" "parser" "smart_properties"]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1y090dmgjxr3yzxi3pg5jgirkmyfdrmjhabmzmhg5i8ssiqr2gdz"; type = "gem"; }; version = "2.0.1"; }; bindata = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "04y4zgh4bbcb8wmkxwfqg4saky1d1f3xw8z6yk543q13h8ky8rz5"; type = "gem"; }; version = "2.4.15"; }; binding_of_caller = { - dependencies = [ "debug_inspector" ]; - groups = [ "development" ]; - platforms = [ ]; + dependencies = ["debug_inspector"]; + groups = ["development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "078n2dkpgsivcf0pr50981w95nfc2bsrp3wpf9wnxz1qsp8jbb9s"; type = "gem"; }; version = "1.0.0"; }; blurhash = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "057afgqy73n8vm7k3cr4pbwm1hhqnm58lp4x7bgm5wzbs39m7xf8"; type = "gem"; }; version = "0.1.7"; }; bootsnap = { - dependencies = [ "msgpack" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["msgpack"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1vcg52gwl64xhhal6kwk1pc01y1klzdlnv1awyk89kb91z010x7q"; type = "gem"; }; version = "1.16.0"; }; brakeman = { - groups = [ "development" ]; - platforms = [ ]; + groups = ["development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0wzvxpabnjwwjgr9s13965dbdgl3qfvwjbmhimh83p81bm5lsrnw"; type = "gem"; }; version = "5.4.1"; }; browser = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0g4bcpax07kqqr9cp7cjc7i0pcij4nqpn1rdsg2wdwhzf00m6x32"; type = "gem"; }; version = "5.3.1"; }; brpoplpush-redis_script = { - dependencies = [ "concurrent-ruby" "redis" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["concurrent-ruby" "redis"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1nd5zj5yqmhv9lrsqz8s2dqq28v4ywy95qrw7nzhhf89dl4dq49l"; type = "gem"; }; version = "0.1.3"; }; builder = { - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "045wzckxpwcqzrjr353cxnyaxgf0qg22jh00dcx7z38cys5g1jlr"; type = "gem"; }; version = "3.2.4"; }; bundler-audit = { - dependencies = [ "thor" ]; - groups = [ "development" ]; - platforms = [ ]; + dependencies = ["thor"]; + groups = ["development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0gdx0019vj04n1512shhdx7hwphzqmdpw4vva2k551nd47y1dixx"; type = "gem"; }; version = "0.9.1"; }; capistrano = { - dependencies = [ "airbrussh" "i18n" "rake" "sshkit" ]; - groups = [ "development" ]; - platforms = [ ]; + dependencies = ["airbrussh" "i18n" "rake" "sshkit"]; + groups = ["development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0nwn1a20q7xmlsgjqzf8msicyi6wkrjvgw62625717323ymz6qsr"; type = "gem"; }; version = "3.17.2"; }; capistrano-bundler = { - dependencies = [ "capistrano" ]; - groups = [ "default" "development" ]; - platforms = [ ]; + dependencies = ["capistrano"]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "09rndb1fa9r7mhb2sc6p3k0pcarhg8mv0kfmvd1zdb0ciwwp7514"; type = "gem"; }; version = "2.1.0"; }; capistrano-rails = { - dependencies = [ "capistrano" "capistrano-bundler" ]; - groups = [ "development" ]; - platforms = [ ]; + dependencies = ["capistrano" "capistrano-bundler"]; + groups = ["development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1iyhs77bff09g18dlz0li5f44khjwpqc09gk5hzcnf5v9yvijpg9"; type = "gem"; }; version = "1.6.2"; }; capistrano-rbenv = { - dependencies = [ "capistrano" "sshkit" ]; - groups = [ "development" ]; - platforms = [ ]; + dependencies = ["capistrano" "sshkit"]; + groups = ["development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1x9m1i5zd0wx122zw3m40zprlmxk9d47bd6w61k81wr4qsvkk3rw"; type = "gem"; }; version = "2.2.0"; }; capistrano-yarn = { - dependencies = [ "capistrano" ]; - groups = [ "development" ]; - platforms = [ ]; + dependencies = ["capistrano"]; + groups = ["development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1zdg2s061vl5b8114n909mrjb2hc1qx0i4wqx9nacsrcjgyp07l9"; type = "gem"; }; version = "2.0.2"; }; capybara = { - dependencies = [ - "addressable" - "matrix" - "mini_mime" - "nokogiri" - "rack" - "rack-test" - "regexp_parser" - "xpath" - ]; - groups = [ "test" ]; - platforms = [ ]; + dependencies = ["addressable" "matrix" "mini_mime" "nokogiri" "rack" "rack-test" "regexp_parser" "xpath"]; + groups = ["test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "06b4nlhirsq8ny17s8zgz7qyvl9v41rixj1xkviiiwxlnjz982d3"; type = "gem"; }; version = "3.39.0"; }; case_transform = { - dependencies = [ "activesupport" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activesupport"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0fzyws6spn5arqf6q604dh9mrj84a36k5hsc8z7jgcpfvhc49bg2"; type = "gem"; }; version = "0.2"; }; cbor = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0511idr8xps9625nh3kxr68sdy6l3xy2kcz7r57g47fxb1v18jj3"; type = "gem"; }; version = "0.5.9.6"; }; charlock_holmes = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0hybw8jw9ryvz5zrki3gc9r88jqy373m6v46ynxsdzv1ysiyr40p"; type = "gem"; }; version = "0.7.7"; }; chewy = { - dependencies = [ "activesupport" "elasticsearch" "elasticsearch-dsl" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activesupport" "elasticsearch" "elasticsearch-dsl"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1wxq6396814ngwnvwcjkkqm8ji8d7q385gw53kr1dbfihiivlizq"; type = "gem"; }; version = "7.3.2"; }; chunky_png = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1znw5x86hmm9vfhidwdsijz8m38pqgmv98l9ryilvky0aldv7mc9"; type = "gem"; }; version = "1.4.0"; }; climate_control = { - groups = [ "test" ]; - platforms = [ ]; + groups = ["test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0q11v0iabvr6rif0d025xh078ili5frrihlj0m04zfg7lgvagxji"; type = "gem"; }; version = "0.2.0"; }; cocoon = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "038z97pkhvsqbh6cmyyzj58ya968p24k7r0f0rx7sa2kjvk193yh"; type = "gem"; }; version = "1.2.15"; }; coderay = { - groups = [ "default" "development" ]; - platforms = [ ]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0jvxqxzply1lwp7ysn94zjhh57vc14mcshw1ygw14ib8lhc00lyw"; type = "gem"; }; version = "1.1.3"; }; color_diff = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "01dpvqlzybpb3pkcwd9ik5sbjw283618ywvdphxslhiy8ps3kp4r"; type = "gem"; }; version = "0.1"; }; concurrent-ruby = { - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0krcwb6mn0iklajwngwsg850nk8k9b35dhmc2qkbdqvmifdi2y9q"; type = "gem"; }; version = "1.2.2"; }; connection_pool = { - groups = [ "default" "test" ]; - platforms = [ ]; + groups = ["default" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0dndngqvkm2ih3wqn5ilf9980c1cc57lqn5lywx3myalzpilq05z"; type = "gem"; }; version = "2.4.0"; }; cose = { - dependencies = [ "cbor" "openssl-signature_algorithm" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["cbor" "openssl-signature_algorithm"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "00c6x4ha7qiaaf88qdbyf240mk146zz78rbm4qwyaxmwlmk7q933"; type = "gem"; }; version = "1.3.0"; }; crack = { - dependencies = [ "rexml" ]; - groups = [ "default" "test" ]; - platforms = [ ]; + dependencies = ["rexml"]; + groups = ["default" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1cr1kfpw3vkhysvkk3wg7c54m75kd68mbm9rs5azdjdq57xid13r"; type = "gem"; }; version = "0.4.5"; }; crass = { - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0pfl5c0pyqaparxaqxi6s4gfl21bdldwiawrc0aknyvflli60lfw"; type = "gem"; }; version = "1.0.6"; }; css_parser = { - dependencies = [ "addressable" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["addressable"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "04q1vin8slr3k8mp76qz0wqgap6f9kdsbryvgfq9fljhrm463kpj"; type = "gem"; }; version = "1.14.0"; }; date = { - groups = [ "default" "development" ]; - platforms = [ ]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "03skfikihpx37rc27vr3hwrb057gxnmdzxhmzd4bf4jpkl0r55w1"; type = "gem"; }; version = "3.3.3"; }; debug_inspector = { - groups = [ "default" "development" ]; - platforms = [ ]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "01l678ng12rby6660pmwagmyg8nccvjfgs3487xna7ay378a59ga"; type = "gem"; }; version = "1.1.0"; }; devise = { - dependencies = [ "bcrypt" "orm_adapter" "railties" "responders" "warden" ]; - groups = [ "default" "pam_authentication" ]; - platforms = [ ]; + dependencies = ["bcrypt" "orm_adapter" "railties" "responders" "warden"]; + groups = ["default" "pam_authentication"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0vpd7d61d4pfmyb2plnnv82wmczzlhw4k4gjhd2fv4r6vq8ilqqi"; type = "gem"; }; version = "4.9.2"; }; devise-two-factor = { - dependencies = - [ "activesupport" "attr_encrypted" "devise" "railties" "rotp" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activesupport" "attr_encrypted" "devise" "railties" "rotp"]; + groups = ["default"]; + platforms = []; source = { - fetchSubmodules = false; - rev = "e685f91ce62d036259885fbe31fcb4fa930bcfcb"; - sha256 = "1zdlhzm2m87xgzacmm68j51wpz7dcmg8wl1r9wxkhs51c90yvqla"; - type = "git"; - url = "https://github.com/tinfoil/devise-two-factor.git"; + remotes = ["https://rubygems.org"]; + sha256 = "1nk43p339zyp4y5vab3w3s0zbjd4xfs8qn0ymxdnz6d961dbbdm8"; + type = "gem"; }; - version = "4.0.2"; + version = "4.1.0"; }; devise_pam_authenticatable2 = { - dependencies = [ "devise" "rpam2" ]; - groups = [ "pam_authentication" ]; - platforms = [ ]; + dependencies = ["devise" "rpam2"]; + groups = ["pam_authentication"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "13ipl52pkhc6vxp8ca31viwv01237bi2bfk3b1fixq1x46nf87p2"; type = "gem"; }; version = "9.2.0"; }; diff-lcs = { - groups = [ "default" "development" "test" ]; - platforms = [ ]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0rwvjahnp7cpmracd8x732rjgnilqv2sx7d1gfrysslc3h039fa9"; type = "gem"; }; version = "1.5.0"; }; discard = { - dependencies = [ "activerecord" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activerecord"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1xavjhccyyzn9z6fz3034vgvzprc983mbrq6n9sc0drfw7m3vrip"; type = "gem"; }; version = "1.2.1"; }; docile = { - groups = [ "default" "test" ]; - platforms = [ ]; + groups = ["default" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1lxqxgq71rqwj1lpl9q1mbhhhhhhdkkj7my341f2889pwayk85sz"; type = "gem"; }; version = "1.4.0"; }; domain_name = { - dependencies = [ "unf" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["unf"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0lcqjsmixjp52bnlgzh4lg9ppsk52x9hpwdjd53k8jnbah2602h0"; type = "gem"; }; version = "0.5.20190701"; }; doorkeeper = { - dependencies = [ "railties" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["railties"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1q2pywgyn6cbnm0fh3dln5z1qgd1g8hvb4x8rppjc1bpfxnfhi13"; type = "gem"; }; version = "5.6.6"; }; dotenv = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1n0pi8x8ql5h1mijvm8lgn6bhq4xjb5a500p5r1krq4s6j9lg565"; type = "gem"; }; version = "2.8.1"; }; dotenv-rails = { - dependencies = [ "dotenv" "railties" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["dotenv" "railties"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0v0gcbxzypcvy6fqq4gp80jb310xvdwj5n8qw9ci67g5yjvq2nxh"; type = "gem"; }; version = "2.8.1"; }; ed25519 = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0zb2dr2ihb1qiknn5iaj1ha1w9p7lj9yq5waasndlfadz225ajji"; type = "gem"; }; version = "1.3.0"; }; elasticsearch = { - dependencies = [ "elasticsearch-api" "elasticsearch-transport" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["elasticsearch-api" "elasticsearch-transport"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0havyxmvl157a653prspnbhgdchlx44xqxl170v1im5ggxwavcaq"; type = "gem"; }; version = "7.13.3"; }; elasticsearch-api = { - dependencies = [ "multi_json" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["multi_json"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0bmssarkk7lqkjdn8c9j7jvxcnn4hg1zcmhsky8bfvc99k33b3w8"; type = "gem"; }; version = "7.13.3"; }; elasticsearch-dsl = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "174m3fwm3mawbkjg2xbmqvljq7ava4s95m8vpg5khcvfj506wxfk"; type = "gem"; }; version = "0.1.10"; }; elasticsearch-transport = { - dependencies = [ "faraday" "multi_json" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["faraday" "multi_json"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0blfii8qvj0m6bg9sbfynxc40in7zfmw2wpi4clv7d9gclk053db"; type = "gem"; }; version = "7.13.3"; }; encryptor = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0s8rvfl0vn8w7k1sgkc234060jh468s3zd45xa64p1jdmfa3zwmb"; type = "gem"; }; version = "3.0.0"; }; erubi = { - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "08s75vs9cxlc4r1q2bjg4br8g9wc5lc5x5vl0vv4zq5ivxsdpgi7"; type = "gem"; }; version = "1.12.0"; }; et-orbi = { - dependencies = [ "tzinfo" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["tzinfo"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1d2z4ky2v15dpcz672i2p7lb2nc793dasq3yq3660h2az53kss9v"; type = "gem"; }; version = "1.2.7"; }; excon = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0j826kfvzn7nc5pv950n270r0sx1702k988ad11cdlav3dcxxw09"; type = "gem"; }; version = "0.99.0"; }; fabrication = { - groups = [ "development" "test" ]; - platforms = [ ]; + groups = ["development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0bxssmjp49whzq2zv7w751gr4nkdaiwcxd1vda0byigwyrnj6f5q"; type = "gem"; }; version = "2.30.0"; }; faker = { - dependencies = [ "i18n" ]; - groups = [ "test" ]; - platforms = [ ]; + dependencies = ["i18n"]; + groups = ["test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1i3l58jrcapkp70v3swr0x4s6bj1101920al50wsaaj9dv0vhvm7"; type = "gem"; }; version = "3.2.0"; }; faraday = { - dependencies = [ - "faraday-em_http" - "faraday-em_synchrony" - "faraday-excon" - "faraday-httpclient" - "faraday-multipart" - "faraday-net_http" - "faraday-net_http_persistent" - "faraday-patron" - "faraday-rack" - "faraday-retry" - "ruby2_keywords" - ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["faraday-em_http" "faraday-em_synchrony" "faraday-excon" "faraday-httpclient" "faraday-multipart" "faraday-net_http" "faraday-net_http_persistent" "faraday-patron" "faraday-rack" "faraday-retry" "ruby2_keywords"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1c760q0ks4vj4wmaa7nh1dgvgqiwaw0mjr7v8cymy7i3ffgjxx90"; type = "gem"; }; version = "1.10.3"; }; faraday-em_http = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "12cnqpbak4vhikrh2cdn94assh3yxza8rq2p9w2j34bqg5q4qgbs"; type = "gem"; }; version = "1.0.0"; }; faraday-em_synchrony = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1vgrbhkp83sngv6k4mii9f2s9v5lmp693hylfxp2ssfc60fas3a6"; type = "gem"; }; version = "1.0.0"; }; faraday-excon = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0h09wkb0k0bhm6dqsd47ac601qiaah8qdzjh8gvxfd376x1chmdh"; type = "gem"; }; version = "1.1.0"; }; faraday-httpclient = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0fyk0jd3ks7fdn8nv3spnwjpzx2lmxmg2gh4inz3by1zjzqg33sc"; type = "gem"; }; version = "1.0.1"; }; faraday-multipart = { - dependencies = [ "multipart-post" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["multipart-post"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "09871c4hd7s5ws1wl4gs7js1k2wlby6v947m2bbzg43pnld044lh"; type = "gem"; }; version = "1.0.4"; }; faraday-net_http = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1fi8sda5hc54v1w3mqfl5yz09nhx35kglyx72w7b8xxvdr0cwi9j"; type = "gem"; }; version = "1.0.1"; }; faraday-net_http_persistent = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0dc36ih95qw3rlccffcb0vgxjhmipsvxhn6cw71l7ffs0f7vq30b"; type = "gem"; }; version = "1.2.0"; }; faraday-patron = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "19wgsgfq0xkski1g7m96snv39la3zxz6x7nbdgiwhg5v82rxfb6w"; type = "gem"; }; version = "1.0.0"; }; faraday-rack = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1h184g4vqql5jv9s9im6igy00jp6mrah2h14py6mpf9bkabfqq7g"; type = "gem"; }; version = "1.0.0"; }; faraday-retry = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "153i967yrwnswqgvnnajgwp981k9p50ys1h80yz3q94rygs59ldd"; type = "gem"; }; version = "1.0.3"; }; fast_blank = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1shpmamyzyhyxmv95r96ja5rylzaw60r19647d0fdm7y2h2c77r6"; type = "gem"; }; version = "1.0.1"; }; fastimage = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0nnggg20za5vamdpkgrxxa32z33d8hf0g2bciswkhqnc6amb3yjr"; type = "gem"; }; version = "2.2.6"; }; ffi = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1862ydmclzy1a0cjbvm8dz7847d9rch495ib0zb64y84d3xd4bkg"; type = "gem"; }; version = "1.15.5"; }; ffi-compiler = { - dependencies = [ "ffi" "rake" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["ffi" "rake"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0c2caqm9wqnbidcb8dj4wd3s902z15qmgxplwyfyqbwa0ydki7q1"; type = "gem"; }; version = "1.0.1"; }; fog-core = { - dependencies = [ "builder" "excon" "formatador" "mime-types" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["builder" "excon" "formatador" "mime-types"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1agd6xgzk0rxrsjdpn94v4hy89s0nm2cs4zg2p880w2dan9xgrak"; type = "gem"; }; version = "2.1.0"; }; fog-json = { - dependencies = [ "fog-core" "multi_json" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["fog-core" "multi_json"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1zj8llzc119zafbmfa4ai3z5s7c4vp9akfs0f9l2piyvcarmlkyx"; type = "gem"; }; version = "1.2.0"; }; fog-openstack = { - dependencies = [ "fog-core" "fog-json" "ipaddress" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["fog-core" "fog-json" "ipaddress"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "11j18h61d3p0pcp9k5346lbj1lahab1dqybkrx9338932lmjn7ap"; type = "gem"; }; version = "0.3.10"; }; formatador = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0mprf1dwznz5ld0q1jpbyl59fwnwk6azspnd0am7zz7kfg3pxhv5"; type = "gem"; }; version = "0.3.0"; }; fugit = { - dependencies = [ "et-orbi" "raabro" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["et-orbi" "raabro"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1cm2lrvhrpqq19hbdsxf4lq2nkb2qdldbdxh3gvi15l62dlb5zqq"; type = "gem"; }; version = "1.8.1"; }; fuubar = { - dependencies = [ "rspec-core" "ruby-progressbar" ]; - groups = [ "development" "test" ]; - platforms = [ ]; + dependencies = ["rspec-core" "ruby-progressbar"]; + groups = ["development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1028vn7j3kc5qqwswrf3has3qm4j9xva70xmzb3n29i89f0afwmj"; type = "gem"; }; version = "2.5.1"; }; globalid = { - dependencies = [ "activesupport" ]; - groups = [ "default" "development" ]; - platforms = [ ]; + dependencies = ["activesupport"]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0kqm5ndzaybpnpxqiqkc41k4ksyxl41ln8qqr6kb130cdxsf2dxk"; type = "gem"; }; version = "1.1.0"; }; haml = { - dependencies = [ "temple" "thor" "tilt" ]; - groups = [ "default" "development" ]; - platforms = [ ]; + dependencies = ["temple" "thor" "tilt"]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1vcr5wcvfbsq91302playk3i98wdisspkybcmajl04agv4k8xr68"; type = "gem"; }; version = "6.1.1"; }; haml-rails = { - dependencies = [ "actionpack" "activesupport" "haml" "railties" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["actionpack" "activesupport" "haml" "railties"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1sjrdwc4azzfpsp2xk0365z031482gcrs0c54d5wx0igkqca0fr7"; type = "gem"; }; version = "2.1.0"; }; haml_lint = { - dependencies = [ "haml" "parallel" "rainbow" "rubocop" "sysexits" ]; - groups = [ "development" ]; - platforms = [ ]; + dependencies = ["haml" "parallel" "rainbow" "rubocop" "sysexits"]; + groups = ["development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1yz5g7ffyv99vd9x3yj64ba4zv2bd71gmgrf60a3kc8m1cvc1z5p"; type = "gem"; }; version = "0.45.0"; }; hashdiff = { - groups = [ "default" "test" ]; - platforms = [ ]; + groups = ["default" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1nynpl0xbj0nphqx1qlmyggq58ms1phf5i03hk64wcc0a17x1m1c"; type = "gem"; }; version = "1.0.1"; }; hashie = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1nh3arcrbz1rc1cr59qm53sdhqm137b258y8rcb4cvd3y98lwv4x"; type = "gem"; }; version = "5.0.0"; }; hcaptcha = { - dependencies = [ "json" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["json"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0fh6391zlv2ikvzqj2gymb70k1avk1j9da8bzgw0scsz2wqq98m2"; type = "gem"; }; version = "7.1.0"; }; highline = { - groups = [ "default" "development" "test" ]; - platforms = [ ]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1f8cr014j7mdqpdb9q17fp5vb5b8n1pswqaif91s3ylg5x3pygfn"; type = "gem"; }; version = "2.1.0"; }; hiredis = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "04jj8k7lxqxw24sp0jiravigdkgsyrpprxpxm71ba93x1wr2w1bz"; type = "gem"; }; version = "0.6.3"; }; hkdf = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "04fixg0a51n4vy0j6c1hvisa2yl33m3jrrpxpb5sq6j511vjriil"; type = "gem"; }; version = "0.3.0"; }; htmlentities = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1nkklqsn8ir8wizzlakncfv42i32wc0w9hxp00hvdlgjr7376nhj"; type = "gem"; }; version = "4.3.4"; }; http = { - dependencies = - [ "addressable" "http-cookie" "http-form_data" "llhttp-ffi" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["addressable" "http-cookie" "http-form_data" "llhttp-ffi"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1bzb8p31kzv6q5p4z5xq88mnqk414rrw0y5rkhpnvpl29x5c3bpw"; type = "gem"; }; version = "5.1.1"; }; http-cookie = { - dependencies = [ "domain_name" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["domain_name"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "13rilvlv8kwbzqfb644qp6hrbsj82cbqmnzcvqip1p6vqx36sxbk"; type = "gem"; }; version = "1.0.5"; }; http-form_data = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1wx591jdhy84901pklh1n9sgh74gnvq1qyqxwchni1yrc49ynknc"; type = "gem"; }; version = "2.3.0"; }; http_accept_language = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0d0nlfz9vm4jr1l6q0chx4rp2hrnrfbx3gadc1dz930lbbaz0hq0"; type = "gem"; }; version = "2.1.1"; }; httpclient = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "19mxmvghp7ki3klsxwrlwr431li7hm1lczhhj8z4qihl2acy8l99"; type = "gem"; }; version = "2.8.3"; }; httplog = { - dependencies = [ "rack" "rainbow" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["rack" "rainbow"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0zjsgrlvwpqsnrza4ijlxjld4550c661sgbqp2j2wp638nlnls1a"; type = "gem"; }; version = "1.6.2"; }; i18n = { - dependencies = [ "concurrent-ruby" ]; - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + dependencies = ["concurrent-ruby"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1vdcchz7jli1p0gnc669a7bj3q1fv09y9ppf0y3k0vb1jwdwrqwi"; type = "gem"; }; version = "1.12.0"; }; i18n-tasks = { - dependencies = [ - "activesupport" - "ast" - "better_html" - "erubi" - "highline" - "i18n" - "parser" - "rails-i18n" - "rainbow" - "terminal-table" - ]; - groups = [ "development" "test" ]; - platforms = [ ]; + dependencies = ["activesupport" "ast" "better_html" "erubi" "highline" "i18n" "parser" "rails-i18n" "rainbow" "terminal-table"]; + groups = ["development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "19zkcsqwzc3i6vizj26mxxww6m5grv9zmp6yxyswbqq9kyzb081z"; type = "gem"; }; version = "1.0.12"; }; idn-ruby = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0dy04jx3n1ddz744b80mg7hp87miysnjp0h21lqr43hpmhdglxih"; type = "gem"; }; version = "0.1.5"; }; ipaddress = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1x86s0s11w202j6ka40jbmywkrx8fhq8xiy8mwvnkhllj57hqr45"; type = "gem"; }; version = "0.8.3"; }; jmespath = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1cdw9vw2qly7q7r41s7phnac264rbsdqgj4l0h4nqgbjb157g393"; type = "gem"; }; version = "1.6.2"; }; json = { - groups = [ "default" "development" "test" ]; - platforms = [ ]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0nalhin1gda4v8ybk6lq8f407cgfrj6qzn234yra4ipkmlbfmal6"; type = "gem"; }; version = "2.6.3"; }; json-canonicalization = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; - sha256 = "0zc3ndnp4rjqg98cy2dd9x266vk23rz4mpl8afwn26vj49si56av"; + remotes = ["https://rubygems.org"]; + sha256 = "1rvsalsrs8njk2gqxgq0ydg5cd02jqdawskbq2ccz663qxz8wwq5"; type = "gem"; }; - version = "0.3.1"; + version = "0.3.2"; }; json-jwt = { - dependencies = [ "activesupport" "aes_key_wrap" "bindata" "httpclient" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activesupport" "aes_key_wrap" "bindata" "httpclient"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "04315mf4p9qa97grdfqv922paghzdfrbb982ap0p99rqwla4znv6"; type = "gem"; }; version = "1.15.3"; }; json-ld = { - dependencies = [ - "htmlentities" - "json-canonicalization" - "link_header" - "multi_json" - "rack" - "rdf" - ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["htmlentities" "json-canonicalization" "link_header" "multi_json" "rack" "rdf"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; - sha256 = "02lz2fgqmp3dr5q05hagk01knds69n33k0ljjgdj9a7ajapwgvhf"; + remotes = ["https://rubygems.org"]; + sha256 = "1z3kqacjmqs02vwwqm9di7sw7f7nchxx99v84myrrzmh64c6zfcq"; type = "gem"; }; - version = "3.2.4"; + version = "3.2.5"; }; json-ld-preloaded = { - dependencies = [ "json-ld" "rdf" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["json-ld" "rdf"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "004s52m37b2kbw8dv4rdfm2d90h1023z1mw9zfcs0x87v8aq7zyn"; type = "gem"; }; version = "3.2.2"; }; json-schema = { - dependencies = [ "addressable" ]; - groups = [ "test" ]; - platforms = [ ]; + dependencies = ["addressable"]; + groups = ["test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "155rygs093i8i04i38a97hs5icmqk2jkkhx76w31yxyr3bxfbgx3"; type = "gem"; }; version = "4.0.0"; }; jsonapi-renderer = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0ys4drd0k9rw5ixf8n8fx8v0pjh792w4myh0cpdspd317l1lpi5m"; type = "gem"; }; version = "0.2.2"; }; jwt = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "09yj3z5snhaawh2z1w45yyihzmh57m6m7dp8ra8gxavhj5kbiq5p"; type = "gem"; }; version = "2.7.0"; }; kaminari = { - dependencies = [ - "activesupport" - "kaminari-actionview" - "kaminari-activerecord" - "kaminari-core" - ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activesupport" "kaminari-actionview" "kaminari-activerecord" "kaminari-core"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0gia8irryvfhcr6bsr64kpisbgdbqjsqfgrk12a11incmpwny1y4"; type = "gem"; }; version = "1.2.2"; }; kaminari-actionview = { - dependencies = [ "actionview" "kaminari-core" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["actionview" "kaminari-core"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "02f9ghl3a9b5q7l079d3yzmqjwkr4jigi7sldbps992rigygcc0k"; type = "gem"; }; version = "1.2.2"; }; kaminari-activerecord = { - dependencies = [ "activerecord" "kaminari-core" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activerecord" "kaminari-core"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0c148z97s1cqivzbwrak149z7kl1rdmj7dxk6rpkasimmdxsdlqd"; type = "gem"; }; version = "1.2.2"; }; kaminari-core = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1zw3pg6kj39y7jxakbx7if59pl28lhk98fx71ks5lr3hfgn6zliv"; type = "gem"; }; version = "1.2.2"; }; kt-paperclip = { - dependencies = - [ "activemodel" "activesupport" "marcel" "mime-types" "terrapin" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activemodel" "activesupport" "marcel" "mime-types" "terrapin"]; + groups = ["default"]; + platforms = []; source = { fetchSubmodules = false; rev = "11abf222dc31bff71160a1d138b445214f434b2b"; @@ -1573,798 +1467,761 @@ version = "7.1.1"; }; launchy = { - dependencies = [ "addressable" ]; - groups = [ "default" "development" ]; - platforms = [ ]; + dependencies = ["addressable"]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "06r43899384das2bkbrpsdxsafyyqa94il7111053idfalb4984a"; type = "gem"; }; version = "2.5.2"; }; letter_opener = { - dependencies = [ "launchy" ]; - groups = [ "development" ]; - platforms = [ ]; + dependencies = ["launchy"]; + groups = ["development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1y5d4ip4l12v58bgazadl45iv3a5j7jp2gwg96b6jy378zn42a1d"; type = "gem"; }; version = "1.8.1"; }; letter_opener_web = { - dependencies = [ "actionmailer" "letter_opener" "railties" "rexml" ]; - groups = [ "development" ]; - platforms = [ ]; + dependencies = ["actionmailer" "letter_opener" "railties" "rexml"]; + groups = ["development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0vvvaz2ngaxv0s6sj25gdvp73vd8pfl8q3jharadg18p3va0m1ik"; type = "gem"; }; version = "2.0.0"; }; link_header = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1yamrdq4rywmnpdhbygnkkl9fdy249fg5r851nrkkxr97gj5rihm"; type = "gem"; }; version = "0.0.8"; }; llhttp-ffi = { - dependencies = [ "ffi-compiler" "rake" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["ffi-compiler" "rake"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "00dh6zmqdj59rhcya0l4b9aaxq6n8xizfbil93k0g06gndyk5xz5"; type = "gem"; }; version = "0.4.0"; }; lograge = { - dependencies = [ "actionpack" "activesupport" "railties" "request_store" ]; - groups = [ "production" ]; - platforms = [ ]; + dependencies = ["actionpack" "activesupport" "railties" "request_store"]; + groups = ["production"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "15pjm9pa5m3mbv9xvfgfr16q4jyaznsg8y63jz9x4jqr8npw0vx3"; type = "gem"; }; version = "0.12.0"; }; loofah = { - dependencies = [ "crass" "nokogiri" ]; - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + dependencies = ["crass" "nokogiri"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1mi4ia13fisc97fzd8xcd9wkjdki7zfbmdn1xkdzplicir68gyp8"; type = "gem"; }; version = "2.20.0"; }; mail = { - dependencies = [ "mini_mime" "net-imap" "net-pop" "net-smtp" ]; - groups = [ "default" "development" ]; - platforms = [ ]; + dependencies = ["mini_mime" "net-imap" "net-pop" "net-smtp"]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1bf9pysw1jfgynv692hhaycfxa8ckay1gjw5hz3madrbrynryfzc"; type = "gem"; }; version = "2.8.1"; }; makara = { - dependencies = [ "activerecord" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activerecord"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0a6x6w1ij484s1z0wp667d6v0zb8bylhhr3av10yz60a2nz4r1l7"; type = "gem"; }; version = "0.5.1"; }; marcel = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0kky3yiwagsk8gfbzn3mvl2fxlh3b39v6nawzm4wpjs6xxvvc4x0"; type = "gem"; }; version = "1.0.2"; }; mario-redis-lock = { - dependencies = [ "redis" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["redis"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1v9wdjcjqzpns2migxp4a5b4w82mipi0fwihbqz3q2qj2qm7wc17"; type = "gem"; }; version = "1.2.1"; }; matrix = { - groups = [ "default" "test" ]; - platforms = [ ]; + groups = ["default" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1h2cgkpzkh3dd0flnnwfq6f3nl2b1zff9lvqz8xs853ssv5kq23i"; type = "gem"; }; version = "0.4.2"; }; memory_profiler = { - groups = [ "development" ]; - platforms = [ ]; + groups = ["development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1c81d68r4wx0ckbmqxlfqc2qpd94jwcmqdm0xgr0s46r48pv9k9q"; type = "gem"; }; version = "1.0.1"; }; method_source = { - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1pnyh44qycnf9mzi1j6fywd5fkskv3x7nmsqrrws0rjn5dd4ayfp"; type = "gem"; }; version = "1.0.0"; }; mime-types = { - dependencies = [ "mime-types-data" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["mime-types-data"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0ipw892jbksbxxcrlx9g5ljq60qx47pm24ywgfbyjskbcl78pkvb"; type = "gem"; }; version = "3.4.1"; }; mime-types-data = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1pky3vzaxlgm9gw5wlqwwi7wsw3jrglrfflrppvvnsrlaiz043z9"; type = "gem"; }; version = "3.2023.0218.1"; }; mini_mime = { - groups = [ "default" "development" "test" ]; - platforms = [ ]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0lbim375gw2dk6383qirz13hgdmxlan0vc5da2l072j3qw6fqjm5"; type = "gem"; }; version = "1.1.2"; }; mini_portile2 = { - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1af4yarhbbx62f7qsmgg5fynrik0s36wjy3difkawy536xg343mp"; type = "gem"; }; version = "2.8.1"; }; minitest = { - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0ic7i5z88zcaqnpzprf7saimq2f6sad57g5mkkqsrqrcd6h3mx06"; type = "gem"; }; version = "5.18.0"; }; msgpack = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "172ky0r1jfcm3xyg067pia7k1lhc15vw9svv93max120gcdbrvji"; type = "gem"; }; version = "1.7.0"; }; multi_json = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0pb1g1y3dsiahavspyzkdy39j4q377009f6ix0bh1ag4nqw43l0z"; type = "gem"; }; version = "1.15.0"; }; multipart-post = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0lgyysrpl50wgcb9ahg29i4p01z0irb3p9lirygma0kkfr5dgk9x"; type = "gem"; }; version = "2.3.0"; }; net-http = { - dependencies = [ "uri" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["uri"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0y55ib1v2b8prqfi9ij7hca60b1j94s2bzr6vskwi3i5735472wq"; type = "gem"; }; version = "0.3.2"; }; net-imap = { - dependencies = [ "date" "net-protocol" ]; - groups = [ "default" "development" ]; - platforms = [ ]; + dependencies = ["date" "net-protocol"]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1d996zf3g8xz244791b0qsl9vr7zg4lqnnmf9k2kshr9lki5jam8"; type = "gem"; }; version = "0.3.4"; }; net-ldap = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0xqcffn3c1564c4fizp10dzw2v5g2pabdzrcn25hq05bqhsckbar"; type = "gem"; }; version = "0.18.0"; }; net-pop = { - dependencies = [ "net-protocol" ]; - groups = [ "default" "development" ]; - platforms = [ ]; + dependencies = ["net-protocol"]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1wyz41jd4zpjn0v1xsf9j778qx1vfrl24yc20cpmph8k42c4x2w4"; type = "gem"; }; version = "0.1.2"; }; net-protocol = { - dependencies = [ "timeout" ]; - groups = [ "default" "development" ]; - platforms = [ ]; + dependencies = ["timeout"]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0dxckrlw4q1lcn3qg4mimmjazmg9bma5gllv72f8js3p36fb3b91"; type = "gem"; }; version = "0.2.1"; }; net-scp = { - dependencies = [ "net-ssh" ]; - groups = [ "default" "development" ]; - platforms = [ ]; + dependencies = ["net-ssh"]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1si2nq9l6jy5n2zw1q59a5gaji7v9vhy8qx08h4fg368906ysbdk"; type = "gem"; }; version = "4.0.0"; }; net-smtp = { - dependencies = [ "net-protocol" ]; - groups = [ "default" "development" ]; - platforms = [ ]; + dependencies = ["net-protocol"]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1c6md06hm5bf6rv53sk54dl2vg038pg8kglwv3rayx0vk2mdql9x"; type = "gem"; }; version = "0.3.3"; }; net-ssh = { - groups = [ "default" "development" ]; - platforms = [ ]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0yx0pb5fmziz92bw8qzbh8vf20lr56nd3s6q8h0gsgr307lki687"; type = "gem"; }; version = "7.1.0"; }; nio4r = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0w9978zwjf1qhy3amkivab0f9syz6a7k0xgydjidaf7xc831d78f"; type = "gem"; }; version = "2.5.9"; }; nokogiri = { - dependencies = [ "mini_portile2" "racc" ]; - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + dependencies = ["mini_portile2" "racc"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0fnw0z8zl8b5k35g9m5hhc1g4s6ajzjinhyxnqjrx7l7p07fw71v"; type = "gem"; }; version = "1.14.3"; }; nsa = { - dependencies = - [ "activesupport" "concurrent-ruby" "sidekiq" "statsd-ruby" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activesupport" "concurrent-ruby" "sidekiq" "statsd-ruby"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1jzs1n71pi6najhs9h8jx156gzgk3h9bwjr60vazizwdz3mm69ia"; type = "gem"; }; version = "0.2.8"; }; oj = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0l8l90iibzrxs33vn3adrhbg8cbmbn1qfh962p7gzwwybsdw73qy"; type = "gem"; }; version = "3.14.3"; }; omniauth = { - dependencies = [ "hashie" "rack" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["hashie" "rack"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1jn9j54l5h7xcba2vjq74l1dk0xrwvsjxam4qhylpi52nw0h5502"; type = "gem"; }; version = "1.9.2"; }; omniauth-cas = { - dependencies = [ "addressable" "nokogiri" "omniauth" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["addressable" "nokogiri" "omniauth"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0kzlh1nac4yz70917cdcsk0r23gy5h7i0x5kbmkvkpbgk6gvrb0z"; type = "gem"; }; version = "2.0.0"; }; omniauth-rails_csrf_protection = { - dependencies = [ "actionpack" "omniauth" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["actionpack" "omniauth"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0xgkxwg17w39q3yjqcj0fm6hdkw37qm1l82dvm9zxn6q2pbzm2zv"; type = "gem"; }; version = "0.1.2"; }; omniauth-saml = { - dependencies = [ "omniauth" "ruby-saml" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["omniauth" "ruby-saml"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0gxl14lbksnjkl8dfn23lsjkk63md77icm5racrh6fsp5n4ni9d4"; type = "gem"; }; version = "1.10.3"; }; omniauth_openid_connect = { - dependencies = [ "omniauth" "openid_connect" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["omniauth" "openid_connect"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "08yl0x203k6nrshc70zawfqh79ap1c3fyka9zwwy61cvn7sih4sz"; type = "gem"; }; version = "0.6.1"; }; openid_connect = { - dependencies = [ - "activemodel" - "attr_required" - "json-jwt" - "net-smtp" - "rack-oauth2" - "swd" - "tzinfo" - "validate_email" - "validate_url" - "webfinger" - ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activemodel" "attr_required" "json-jwt" "net-smtp" "rack-oauth2" "swd" "tzinfo" "validate_email" "validate_url" "webfinger"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1k9kdivp45v6vhzdrnl5fzhd378gjj2hl4w9bazbqnfm15rsnzc8"; type = "gem"; }; version = "1.4.2"; }; openssl = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0c649921vg2l939z5cc3jwd8p1v49099pdhxfk7sb9qqx5wi5873"; type = "gem"; }; version = "3.1.0"; }; openssl-signature_algorithm = { - dependencies = [ "openssl" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["openssl"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "103yjl68wqhl5kxaciir5jdnyi7iv9yckishdr52s5knh9g0pd53"; type = "gem"; }; version = "1.3.0"; }; orm_adapter = { - groups = [ "default" "pam_authentication" ]; - platforms = [ ]; + groups = ["default" "pam_authentication"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1fg9jpjlzf5y49qs9mlpdrgs5rpcyihq1s4k79nv9js0spjhnpda"; type = "gem"; }; version = "0.5.0"; }; ox = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0i1qq88cwh9pccg59whg50rpkgdfrijn4q6k5p3clwrjqgm56lrd"; type = "gem"; }; version = "2.14.16"; }; parallel = { - groups = [ "default" "development" "test" ]; - platforms = [ ]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0jcc512l38c0c163ni3jgskvq1vc3mr8ly5pvjijzwvfml9lf597"; type = "gem"; }; version = "1.23.0"; }; parser = { - dependencies = [ "ast" ]; - groups = [ "default" "development" "test" ]; - platforms = [ ]; + dependencies = ["ast"]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "08f89nssj7ws7sjfvc2fcjpfm83sjgmniyh0npnmpqf5sfv44r8x"; type = "gem"; }; version = "3.2.2.1"; }; parslet = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "01pnw6ymz6nynklqvqxs4bcai25kcvnd5x4id9z3vd1rbmlk0lfl"; type = "gem"; }; version = "2.0.0"; }; pastel = { - dependencies = [ "tty-color" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["tty-color"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0xash2gj08dfjvq4hy6l1z22s5v30fhizwgs10d6nviggpxsj7a8"; type = "gem"; }; version = "0.8.0"; }; pg = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; - sha256 = "1qja5f6k9v3jjip7mv3qjgx7rwmk1663cxz8jnb589znvj4wxd9l"; + remotes = ["https://rubygems.org"]; + sha256 = "1zcvxmfa8hxkhpp59fhxyxy1arp70f11zi1jh9c7bsdfspifb7kb"; type = "gem"; }; - version = "1.5.2"; + version = "1.5.3"; }; pghero = { - dependencies = [ "activerecord" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activerecord"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "002v32dzyyr29xd9cdsqp55g5gx19skvq9b4a4hr9lrs4i1xsavm"; type = "gem"; }; version = "3.3.3"; }; pkg-config = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "02fw2pzrmvwp67nbndpy8a2ln74fd8kmsiffw77z7g1mp58ww651"; type = "gem"; }; version = "1.5.1"; }; posix-spawn = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0cmb0svalqcxfzlzc5fvrci12b79x7bakasr8gkl3q5rz6di1q52"; type = "gem"; }; version = "0.3.15"; }; premailer = { - dependencies = [ "addressable" "css_parser" "htmlentities" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["addressable" "css_parser" "htmlentities"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "10rzwdz43yy20lwzsr2as6aivhvwjvqh4nd48sa0ga57sizf1fb4"; type = "gem"; }; version = "1.21.0"; }; premailer-rails = { - dependencies = [ "actionmailer" "net-smtp" "premailer" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["actionmailer" "net-smtp" "premailer"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0004f73kgrglida336fqkgx906m6n05nnfc17mypzg5rc78iaf61"; type = "gem"; }; version = "1.12.0"; }; private_address_check = { - groups = [ "production" "test" ]; - platforms = [ ]; + groups = ["production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "05phz0vscfh9chv90yc9091pifw3cpwkh76flnhrmvja1q3na4cy"; type = "gem"; }; version = "0.5.0"; }; public_suffix = { - groups = [ "default" "development" "test" ]; - platforms = [ ]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0hz0bx2qs2pwb0bwazzsah03ilpf3aai8b7lk7s35jsfzwbkjq35"; type = "gem"; }; version = "5.0.1"; }; puma = { - dependencies = [ "nio4r" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["nio4r"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0yf4jmkyy8das7pj1xzwllfvzkhq2p6p534j61d9h4wz3nfyf0s5"; type = "gem"; }; version = "6.2.2"; }; pundit = { - dependencies = [ "activesupport" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activesupport"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1wb03yzy1j41822rbfh9nn77im3zh1f5v8di05cd8rsrdpws542b"; type = "gem"; }; version = "2.3.0"; }; raabro = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "10m8bln9d00dwzjil1k42i5r7l82x25ysbi45fwyv4932zsrzynl"; type = "gem"; }; version = "1.4.0"; }; racc = { - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "09jgz6r0f7v84a7jz9an85q8vvmp743dqcsdm3z9c8rqcqv6pljq"; type = "gem"; }; version = "1.6.2"; }; rack = { - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "16w217k9z02c4hqizym8dkj6bqmmzx4qdvqpnskgzf174a5pwdxk"; type = "gem"; }; version = "2.2.7"; }; rack-attack = { - dependencies = [ "rack" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["rack"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "049s3y3dpl6dn478g912y6f9nzclnnkl30psrbc2w5kaihj5szhq"; type = "gem"; }; version = "6.6.1"; }; rack-cors = { - dependencies = [ "rack" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["rack"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "02lvkg1nb4z3zc2nry545dap7a64bb9h2k8waxfz0jkabkgnpimw"; type = "gem"; }; version = "2.0.1"; }; rack-oauth2 = { - dependencies = - [ "activesupport" "attr_required" "httpclient" "json-jwt" "rack" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activesupport" "attr_required" "httpclient" "json-jwt" "rack"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1fknwsxz4429w1hndl6y30cmm2n34wmmaaj2hhp6jrm8ssfsfwjf"; type = "gem"; }; version = "1.21.3"; }; rack-proxy = { - dependencies = [ "rack" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["rack"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1a62439xwn5v6hsl9s11hdk4wj58czhcbg7lminv23mnkc0ca147"; type = "gem"; }; version = "0.7.6"; }; rack-test = { - dependencies = [ "rack" ]; - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + dependencies = ["rack"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1ysx29gk9k14a14zsp5a8czys140wacvp91fja8xcja0j1hzqq8c"; type = "gem"; }; version = "2.1.0"; }; rails = { - dependencies = [ - "actioncable" - "actionmailbox" - "actionmailer" - "actionpack" - "actiontext" - "actionview" - "activejob" - "activemodel" - "activerecord" - "activestorage" - "activesupport" - "railties" - "sprockets-rails" - ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["actioncable" "actionmailbox" "actionmailer" "actionpack" "actiontext" "actionview" "activejob" "activemodel" "activerecord" "activestorage" "activesupport" "railties" "sprockets-rails"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "07cs7qdkx6vwp66diwdy9g6mx52rsd8rxhbnsqf9bqam58g2aynj"; type = "gem"; }; version = "6.1.7.3"; }; rails-controller-testing = { - dependencies = [ "actionpack" "actionview" "activesupport" ]; - groups = [ "test" ]; - platforms = [ ]; + dependencies = ["actionpack" "actionview" "activesupport"]; + groups = ["test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "151f303jcvs8s149mhx2g5mn67487x0blrf9dzl76q1nb7dlh53l"; type = "gem"; }; version = "1.0.5"; }; rails-dom-testing = { - dependencies = [ "activesupport" "nokogiri" ]; - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + dependencies = ["activesupport" "nokogiri"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1lfq2a7kp2x64dzzi5p4cjcbiv62vxh9lyqk2f0rqq3fkzrw8h5i"; type = "gem"; }; version = "2.0.3"; }; rails-html-sanitizer = { - dependencies = [ "loofah" ]; - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + dependencies = ["loofah"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0ygav4xyq943qqyhjmi3mzirn180j565mc9h5j4css59x1sn0cmz"; type = "gem"; }; version = "1.5.0"; }; rails-i18n = { - dependencies = [ "i18n" "railties" ]; - groups = [ "default" "development" "test" ]; - platforms = [ ]; + dependencies = ["i18n" "railties"]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "05mcgv748vppnm3fnml37wjy3dw61wj8vfw14ldaj1yx1bmkhb07"; type = "gem"; }; version = "6.0.0"; }; rails-settings-cached = { - dependencies = [ "rails" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["rails"]; + groups = ["default"]; + platforms = []; source = { fetchSubmodules = false; rev = "86328ef0bd04ce21cc0504ff5e334591e8c2ccab"; @@ -2375,936 +2232,913 @@ version = "0.6.6"; }; railties = { - dependencies = - [ "actionpack" "activesupport" "method_source" "rake" "thor" ]; - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + dependencies = ["actionpack" "activesupport" "method_source" "rake" "thor"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1d2snjnx1j848axppj2napy3zjgbka3fnw2528rcamhm6dp694nd"; type = "gem"; }; version = "6.1.7.3"; }; rainbow = { - groups = [ "default" "development" "test" ]; - platforms = [ ]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0smwg4mii0fm38pyb5fddbmrdpifwv22zv3d3px2xx497am93503"; type = "gem"; }; version = "3.1.1"; }; rake = { - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "15whn7p9nrkxangbs9hh75q585yfn66lv0v2mhj6q6dl6x8bzr2w"; type = "gem"; }; version = "13.0.6"; }; rdf = { - dependencies = [ "link_header" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["link_header"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "097r6fc1gkb62lq0ny9xblvxrg84vdq9w1p6v0hjw20cdgracsdj"; type = "gem"; }; version = "3.2.10"; }; rdf-normalize = { - dependencies = [ "rdf" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["rdf"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1dngmsk9wg1vws56pl87dys0ns4bcn9arf8ip6zxa0gypr3ifq3m"; type = "gem"; }; version = "0.5.1"; }; redcarpet = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1sg9sbf9pm91l7lac7fs4silabyn0vflxwaa2x3lrzsm0ff8ilca"; type = "gem"; }; version = "3.6.0"; }; redis = { - groups = [ "default" "test" ]; - platforms = [ ]; + groups = ["default" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0fikjg6j12ka6hh36dxzhfkpqqmilzjfzcdf59iwkzsgd63f0ziq"; type = "gem"; }; version = "4.8.1"; }; redis-namespace = { - dependencies = [ "redis" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["redis"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "154dfnrjpbv7fhwhfrcnp6jn9qv5qaj3mvlvbgkl7qy5qsknw71c"; type = "gem"; }; version = "1.10.0"; }; redlock = { - dependencies = [ "redis" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["redis"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0xvjwfzq7rqj4k311kidwmv5app3i7glz4miys6ixqy6c8yylz3c"; type = "gem"; }; version = "1.3.2"; }; regexp_parser = { - groups = [ "default" "development" "test" ]; - platforms = [ ]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "17xizkw5ryw8hhq64iqxmzdrrdxpc5lhkqc1fgm1aj0zsk1r2950"; type = "gem"; }; version = "2.8.0"; }; request_store = { - dependencies = [ "rack" ]; - groups = [ "default" "production" ]; - platforms = [ ]; + dependencies = ["rack"]; + groups = ["default" "production"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "13ppgmsbrqah08j06bybd3cddv6dml79yzyjn7r8j1src78h98h7"; type = "gem"; }; version = "1.5.1"; }; responders = { - dependencies = [ "actionpack" "railties" ]; - groups = [ "default" "pam_authentication" ]; - platforms = [ ]; + dependencies = ["actionpack" "railties"]; + groups = ["default" "pam_authentication"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0m9s0mkkprrz02gxhq0ijlwjy0nx1j5yrjf8ssjnhyagnx03lyrx"; type = "gem"; }; version = "3.1.0"; }; rexml = { - groups = [ "default" "development" "test" ]; - platforms = [ ]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "08ximcyfjy94pm1rhcx04ny1vx2sk0x4y185gzn86yfsbzwkng53"; type = "gem"; }; version = "3.2.5"; }; rotp = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "10mmzc85y7andsich586ndykw678qn1ns2wpjxrg0sc0gr4w3pig"; type = "gem"; }; version = "6.2.2"; }; rpam2 = { - groups = [ "default" "pam_authentication" ]; - platforms = [ ]; + groups = ["default" "pam_authentication"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1zvli3s4z1hf2l7gyfickm5i3afjrnycc3ihbiax6ji6arpbyf33"; type = "gem"; }; version = "4.0.2"; }; rqrcode = { - dependencies = [ "chunky_png" "rqrcode_core" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["chunky_png" "rqrcode_core"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0s97q1rqmw7rzsdr500hr4f2k6s24n8qk1klciz5q94zvdrygx3p"; type = "gem"; }; version = "2.1.2"; }; rqrcode_core = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "06ld6386hbdhy5h0k09axmgn424kavpc8f27k1vjhknjhbf8jjfg"; type = "gem"; }; version = "1.2.0"; }; rspec-core = { - dependencies = [ "rspec-support" ]; - groups = [ "default" "development" "test" ]; - platforms = [ ]; + dependencies = ["rspec-support"]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0l95bnjxdabrn79hwdhn2q1n7mn26pj7y1w5660v5qi81x458nqm"; type = "gem"; }; version = "3.12.2"; }; rspec-expectations = { - dependencies = [ "diff-lcs" "rspec-support" ]; - groups = [ "default" "development" "test" ]; - platforms = [ ]; + dependencies = ["diff-lcs" "rspec-support"]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "05j44jfqlv7j2rpxb5vqzf9hfv7w8ba46wwgxwcwd8p0wzi1hg89"; type = "gem"; }; version = "3.12.3"; }; rspec-mocks = { - dependencies = [ "diff-lcs" "rspec-support" ]; - groups = [ "default" "development" "test" ]; - platforms = [ ]; + dependencies = ["diff-lcs" "rspec-support"]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1hfm17xakfvwya236graj6c2arr4sb9zasp35q5fykhyz8mhs0w2"; type = "gem"; }; version = "3.12.5"; }; rspec-rails = { - dependencies = [ - "actionpack" - "activesupport" - "railties" - "rspec-core" - "rspec-expectations" - "rspec-mocks" - "rspec-support" - ]; - groups = [ "development" "test" ]; - platforms = [ ]; + dependencies = ["actionpack" "activesupport" "railties" "rspec-core" "rspec-expectations" "rspec-mocks" "rspec-support"]; + groups = ["development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0d3fnabkaw8n0na2dpnlg2xygggj51djzpj9x6y5rkiqbfyqwv01"; type = "gem"; }; version = "6.0.1"; }; rspec-sidekiq = { - dependencies = [ "rspec-core" "sidekiq" ]; - groups = [ "test" ]; - platforms = [ ]; + dependencies = ["rspec-core" "sidekiq"]; + groups = ["test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1spzw3sc2p0n9qfb89y1v8igd60y7c5z9w2hjqqbbgbyjvy0agp8"; type = "gem"; }; version = "3.1.0"; }; rspec-support = { - groups = [ "default" "development" "test" ]; - platforms = [ ]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "12y52zwwb3xr7h91dy9k3ndmyyhr3mjcayk0nnarnrzz8yr48kfx"; type = "gem"; }; version = "3.12.0"; }; rspec_chunked = { - groups = [ "development" "test" ]; - platforms = [ ]; + groups = ["development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0h4bsj3m7vb47qnx5bry4v0xscrb3lhg1f1vyxl524znb3i2qqzv"; type = "gem"; }; version = "0.6"; }; rspec_junit_formatter = { - dependencies = [ "rspec-core" ]; - groups = [ "test" ]; - platforms = [ ]; + dependencies = ["rspec-core"]; + groups = ["test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "059bnq1gcwl9g93cqf13zpz38zk7jxaa43anzz06qkmfwrsfdpa0"; type = "gem"; }; version = "0.6.0"; }; rubocop = { - dependencies = [ - "json" - "parallel" - "parser" - "rainbow" - "regexp_parser" - "rexml" - "rubocop-ast" - "ruby-progressbar" - "unicode-display_width" - ]; - groups = [ "development" "test" ]; - platforms = [ ]; + dependencies = ["json" "parallel" "parser" "rainbow" "regexp_parser" "rexml" "rubocop-ast" "ruby-progressbar" "unicode-display_width"]; + groups = ["development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0l46lw5gfj3mcm982wpmx7br4rs466gyislv0hfwcsk8dxhv1zkw"; type = "gem"; }; version = "1.50.2"; }; rubocop-ast = { - dependencies = [ "parser" ]; - groups = [ "default" "development" "test" ]; - platforms = [ ]; + dependencies = ["parser"]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0n2gsafg6p7nr1z8i1hkvp2qqkkbg842ba183dnl0h08xd9ms6q5"; type = "gem"; }; version = "1.28.0"; }; rubocop-capybara = { - dependencies = [ "rubocop" ]; - groups = [ "development" "test" ]; - platforms = [ ]; + dependencies = ["rubocop"]; + groups = ["development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "01fn05a87g009ch1sh00abdmgjab87i995msap26vxq1a5smdck6"; type = "gem"; }; version = "2.18.0"; }; rubocop-performance = { - dependencies = [ "rubocop" "rubocop-ast" ]; - groups = [ "development" "test" ]; - platforms = [ ]; + dependencies = ["rubocop" "rubocop-ast"]; + groups = ["development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1z6i24r0485fxa5n4g3rhp88w589fifszhd1khbzya2iiknkjxkr"; type = "gem"; }; version = "1.17.1"; }; rubocop-rails = { - dependencies = [ "activesupport" "rack" "rubocop" ]; - groups = [ "development" "test" ]; - platforms = [ ]; + dependencies = ["activesupport" "rack" "rubocop"]; + groups = ["development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; - sha256 = "13gx0dmi5jhs4x2617jclwc57sy4gvw3v8l91dpgc63b8dpmcim6"; + remotes = ["https://rubygems.org"]; + sha256 = "0j6dn8pz70bngx6van8yzsimpdd93gm7c8lr93wz1j4ahm6q4hn9"; type = "gem"; }; - version = "2.18.0"; + version = "2.19.1"; }; rubocop-rspec = { - dependencies = [ "rubocop" "rubocop-capybara" ]; - groups = [ "development" "test" ]; - platforms = [ ]; + dependencies = ["rubocop" "rubocop-capybara"]; + groups = ["development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1k8yh0nzlz0g8igmj5smnxq71qmi2b005nkl25wkpjkwvzn2wfdx"; type = "gem"; }; version = "2.19.0"; }; ruby-progressbar = { - groups = [ "default" "development" "test" ]; - platforms = [ ]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0cwvyb7j47m7wihpfaq7rc47zwwx9k4v7iqd9s1xch5nm53rrz40"; type = "gem"; }; version = "1.13.0"; }; ruby-saml = { - dependencies = [ "nokogiri" "rexml" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["nokogiri" "rexml"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1706dyk5jdma75bnl9rhmx8vgzjw12ixnj3y32inmpcgzgsvs76k"; type = "gem"; }; version = "1.13.0"; }; ruby2_keywords = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1vz322p8n39hz3b4a9gkmz9y7a5jaz41zrm2ywf31dvkqm03glgz"; type = "gem"; }; version = "0.0.5"; }; - rufus-scheduler = { - dependencies = [ "fugit" ]; - groups = [ "default" ]; - platforms = [ ]; + rubyzip = { + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; + sha256 = "0grps9197qyxakbpw02pda59v45lfgbgiyw48i0mq9f2bn9y6mrz"; + type = "gem"; + }; + version = "2.3.2"; + }; + rufus-scheduler = { + dependencies = ["fugit"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; sha256 = "1as4yrb8y5lq49div8p3vqgwrrhdgwnvx4m73y3712nmnlpx6cws"; type = "gem"; }; version = "3.8.2"; }; safety_net_attestation = { - dependencies = [ "jwt" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["jwt"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1khq0y5w7lf2b9a220298hphf3pakd216jc9a4x4a9pdwxs2vgln"; type = "gem"; }; version = "0.4.0"; }; sanitize = { - dependencies = [ "crass" "nokogiri" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["crass" "nokogiri"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1ga8yzc9zj45m92ycwnzhzahkwvc3dp3lym5m3f3880hs4jhh7l3"; type = "gem"; }; version = "6.0.1"; }; scenic = { - dependencies = [ "activerecord" "railties" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activerecord" "railties"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "04sd4jmgnwpilr3k061x87yyryya2mj15a8602fip49lfxza5548"; type = "gem"; }; version = "1.7.0"; }; semantic_range = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1dlp97vg95plrsaaqj7x8l7z9vsjbhnqk4rw1l30gy26lmxpfrih"; type = "gem"; }; version = "3.0.0"; }; sidekiq = { - dependencies = [ "connection_pool" "rack" "redis" ]; - groups = [ "default" "test" ]; - platforms = [ ]; + dependencies = ["connection_pool" "rack" "redis"]; + groups = ["default" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1z2fx4fzgnw4rzj3h1h4sk6qbkp7p2rdr58b2spxgkcsdzg0i5hh"; type = "gem"; }; version = "6.5.8"; }; sidekiq-bulk = { - dependencies = [ "sidekiq" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["sidekiq"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "08nyxzmgf742irafy3l4fj09d4s5pyvsh0dzlh8y4hl51rgkh4xv"; type = "gem"; }; version = "0.2.0"; }; sidekiq-scheduler = { - dependencies = [ "rufus-scheduler" "sidekiq" "tilt" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["rufus-scheduler" "sidekiq" "tilt"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0ygsynfb214g9ijgj4wl88jbkx79js8hd6wn65cxaaa54l82w1fj"; type = "gem"; }; version = "5.0.2"; }; sidekiq-unique-jobs = { - dependencies = - [ "brpoplpush-redis_script" "concurrent-ruby" "redis" "sidekiq" "thor" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["brpoplpush-redis_script" "concurrent-ruby" "redis" "sidekiq" "thor"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "02f91b24hrrn688wqvxb13lwvcgqb7g9k3sxylnydd6v89wr8mcg"; type = "gem"; }; version = "7.1.29"; }; simple-navigation = { - dependencies = [ "activesupport" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activesupport"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1wc1rapwhqymcjfxmlgam4cvbyhnzfxada2damq88ij2p77pjz4q"; type = "gem"; }; version = "4.4.0"; }; simple_form = { - dependencies = [ "actionpack" "activemodel" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["actionpack" "activemodel"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0z4df65w9qpri315lpvzazdxa9xb7yj0j3d77q06wf0jnpvw4mzs"; type = "gem"; }; version = "5.2.0"; }; simplecov = { - dependencies = [ "docile" "simplecov-html" "simplecov_json_formatter" ]; - groups = [ "test" ]; - platforms = [ ]; + dependencies = ["docile" "simplecov-html" "simplecov_json_formatter"]; + groups = ["test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "198kcbrjxhhzca19yrdcd6jjj9sb51aaic3b0sc3pwjghg3j49py"; type = "gem"; }; version = "0.22.0"; }; simplecov-html = { - groups = [ "default" "test" ]; - platforms = [ ]; + groups = ["default" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0yx01bxa8pbf9ip4hagqkp5m0mqfnwnw2xk8kjraiywz4lrss6jb"; type = "gem"; }; version = "0.12.3"; }; simplecov_json_formatter = { - groups = [ "default" "test" ]; - platforms = [ ]; + groups = ["default" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0a5l0733hj7sk51j81ykfmlk2vd5vaijlq9d5fn165yyx3xii52j"; type = "gem"; }; version = "0.1.4"; }; smart_properties = { - groups = [ "default" "development" "test" ]; - platforms = [ ]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0jrqssk9qhwrpq41arm712226vpcr458xv6xaqbk8cp94a0kycpr"; type = "gem"; }; version = "1.17.0"; }; sprockets = { - dependencies = [ "concurrent-ruby" "rack" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["concurrent-ruby" "rack"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "182jw5a0fbqah5w9jancvfmjbk88h8bxdbwnl4d3q809rpxdg8ay"; type = "gem"; }; version = "3.7.2"; }; sprockets-rails = { - dependencies = [ "actionpack" "activesupport" "sprockets" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["actionpack" "activesupport" "sprockets"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1b9i14qb27zs56hlcc2hf139l0ghbqnjpmfi0054dxycaxvk5min"; type = "gem"; }; version = "3.4.2"; }; sshkit = { - dependencies = [ "net-scp" "net-ssh" ]; - groups = [ "default" "development" ]; - platforms = [ ]; + dependencies = ["net-scp" "net-ssh"]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1y6w2qkwg0ygn85x0afscnj0dv8iwkvm153zjclvwafkm6g0pknk"; type = "gem"; }; version = "1.21.4"; }; stackprof = { - groups = [ "development" ]; - platforms = [ ]; + groups = ["development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0bhdgfb0pmw9mav1kw9fn0ka012sa0i3h5ppvqssw5xq48nhxnr8"; type = "gem"; }; version = "0.2.25"; }; statsd-ruby = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "028136c463nbravckxb1qi5c5nnv9r6vh2cyhiry423lac4xz79n"; type = "gem"; }; version = "1.5.0"; }; stoplight = { - dependencies = [ "redlock" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["redlock"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0rmhhqvvrn7874r9cjf4wpv36vnxvxsrgb1kfgdk3dalg4rig7q6"; type = "gem"; }; version = "3.0.1"; }; strong_migrations = { - dependencies = [ "activerecord" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activerecord"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0wz4zhsp4xia8zcpi98v4sgjlv2prd515l8jz4f7j0wk45dfkjs1"; type = "gem"; }; version = "0.8.0"; }; swd = { - dependencies = [ "activesupport" "attr_required" "httpclient" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activesupport" "attr_required" "httpclient"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "12b3q2sw42nnilfb51nlqdv07f31vdv2j595kd99asnkw4cjlf5w"; type = "gem"; }; version = "1.3.0"; }; sysexits = { - groups = [ "default" "development" ]; - platforms = [ ]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0qjng6pllznmprzx8vb0zg0c86hdrkyjs615q41s9fjpmv2430jr"; type = "gem"; }; version = "1.2.0"; }; temple = { - groups = [ "default" "development" ]; - platforms = [ ]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "07k5wr2ypsmsbyc9d1plhdki4xr7vvggld8r1i49iljkrpx5nbqc"; type = "gem"; }; version = "0.10.0"; }; terminal-table = { - dependencies = [ "unicode-display_width" ]; - groups = [ "default" "development" "test" ]; - platforms = [ ]; + dependencies = ["unicode-display_width"]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "14dfmfjppmng5hwj7c5ka6qdapawm3h6k9lhn8zj001ybypvclgr"; type = "gem"; }; version = "3.0.2"; }; terrapin = { - dependencies = [ "climate_control" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["climate_control"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0p18f05r0c5s70571gqig3z2ym74wx79s6rd45sprp207bqskzn9"; type = "gem"; }; version = "0.6.0"; }; thor = { - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0inl77jh4ia03jw3iqm5ipr76ghal3hyjrd6r8zqsswwvi9j2xdi"; type = "gem"; }; version = "1.2.1"; }; tilt = { - groups = [ "default" "development" ]; - platforms = [ ]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1qmhi6d9przjzhsyk9g5pq2j75c656msh6xzprqd2mxgphf23jxs"; type = "gem"; }; version = "2.1.0"; }; timeout = { - groups = [ "default" "development" ]; - platforms = [ ]; + groups = ["default" "development"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1pfddf51n5fnj4f9ggwj3wbf23ynj0nbxlxqpz12y1gvl9g7d6r6"; type = "gem"; }; version = "0.3.2"; }; tpm-key_attestation = { - dependencies = [ "bindata" "openssl" "openssl-signature_algorithm" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["bindata" "openssl" "openssl-signature_algorithm"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0v8y5dibsyskv1ncdgszhxwzq0gzmvb0zl7sgmx0xvsgy86dhcz1"; type = "gem"; }; version = "0.12.0"; }; tty-color = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0aik4kmhwwrmkysha7qibi2nyzb4c8kp42bd5vxnf8sf7b53g73g"; type = "gem"; }; version = "0.6.0"; }; tty-cursor = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0j5zw041jgkmn605ya1zc151bxgxl6v192v2i26qhxx7ws2l2lvr"; type = "gem"; }; version = "0.7.1"; }; tty-prompt = { - dependencies = [ "pastel" "tty-reader" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["pastel" "tty-reader"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1j4y8ik82azjxshgd4i1v4wwhsv3g9cngpygxqkkz69qaa8cxnzw"; type = "gem"; }; version = "0.23.1"; }; tty-reader = { - dependencies = [ "tty-cursor" "tty-screen" "wisper" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["tty-cursor" "tty-screen" "wisper"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1cf2k7w7d84hshg4kzrjvk9pkyc2g1m3nx2n1rpmdcf0hp4p4af6"; type = "gem"; }; version = "0.9.0"; }; tty-screen = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "18jr6s1cg8yb26wzkqa6874q0z93rq0y5aw092kdqazk71y6a235"; type = "gem"; }; version = "0.8.1"; }; twitter-text = { - dependencies = [ "idn-ruby" "unf" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["idn-ruby" "unf"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1dnmp0bj3l01nbb52zby2c7hrazcdwfg846knkrjdfl0yfmv793z"; type = "gem"; }; version = "3.1.0"; }; tzinfo = { - dependencies = [ "concurrent-ruby" ]; - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + dependencies = ["concurrent-ruby"]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "16w2g84dzaf3z13gxyzlzbf748kylk5bdgg3n1ipvkvvqy685bwd"; type = "gem"; }; version = "2.0.6"; }; tzinfo-data = { - dependencies = [ "tzinfo" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["tzinfo"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0m2d0gpsgqnv29j5h2d6g57g0rayvd460b8s2vjr8sn46bqf89m5"; type = "gem"; }; version = "1.2023.3"; }; unf = { - dependencies = [ "unf_ext" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["unf_ext"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0bh2cf73i2ffh4fcpdn9ir4mhq8zi50ik0zqa1braahzadx536a9"; type = "gem"; }; version = "0.1.4"; }; unf_ext = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1yj2nz2l101vr1x9w2k83a0fag1xgnmjwp8w8rw4ik2rwcz65fch"; type = "gem"; }; version = "0.0.8.2"; }; unicode-display_width = { - groups = [ "default" "development" "test" ]; - platforms = [ ]; + groups = ["default" "development" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1gi82k102q7bkmfi7ggn9ciypn897ylln1jk9q67kjhr39fj043a"; type = "gem"; }; version = "2.4.2"; }; uri = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1vigw7nfszfqgikr6n574k9bfh0rvs74z8xq46rz2zsm8249l8cc"; type = "gem"; }; version = "0.12.1"; }; validate_email = { - dependencies = [ "activemodel" "mail" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activemodel" "mail"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1r1fz29l699arka177c9xw7409d1a3ff95bf7a6pmc97slb91zlx"; type = "gem"; }; version = "0.1.6"; }; validate_url = { - dependencies = [ "activemodel" "public_suffix" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activemodel" "public_suffix"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0lblym140w5n88ijyfgcvkxvpfj8m6z00rxxf2ckmmhk0x61dzkj"; type = "gem"; }; version = "1.0.15"; }; warden = { - dependencies = [ "rack" ]; - groups = [ "default" "pam_authentication" ]; - platforms = [ ]; + dependencies = ["rack"]; + groups = ["default" "pam_authentication"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1l7gl7vms023w4clg02pm4ky9j12la2vzsixi2xrv9imbn44ys26"; type = "gem"; }; version = "1.2.9"; }; webauthn = { - dependencies = [ - "android_key_attestation" - "awrence" - "bindata" - "cbor" - "cose" - "openssl" - "safety_net_attestation" - "tpm-key_attestation" - ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["android_key_attestation" "awrence" "bindata" "cbor" "cose" "openssl" "safety_net_attestation" "tpm-key_attestation"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1ri09bf640kkw4v6k2g90q2nw1mx2hsghhngaqgb7958q8id8xrz"; type = "gem"; }; version = "3.0.0"; }; webfinger = { - dependencies = [ "activesupport" "httpclient" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activesupport" "httpclient"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "18jj50b44a471ig7hw1ax90wxaaz40acmrf6cm7m2iyshlffy53q"; type = "gem"; }; version = "1.2.0"; }; webmock = { - dependencies = [ "addressable" "crack" "hashdiff" ]; - groups = [ "test" ]; - platforms = [ ]; + dependencies = ["addressable" "crack" "hashdiff"]; + groups = ["test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1myj44wvbbqvv18ragv3ihl0h61acgnfwrnj3lccdgp49bgmbjal"; type = "gem"; }; version = "3.18.1"; }; webpacker = { - dependencies = [ "activesupport" "rack-proxy" "railties" "semantic_range" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["activesupport" "rack-proxy" "railties" "semantic_range"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0fh4vijqiq1h7w28llk67y9csc0m4wkdivrsl4fsxg279v6j5z3i"; type = "gem"; }; version = "5.4.4"; }; webpush = { - dependencies = [ "hkdf" "jwt" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["hkdf" "jwt"]; + groups = ["default"]; + platforms = []; source = { fetchSubmodules = false; rev = "f14a4d52e201128b1b00245d11b6de80d6cfdcd9"; @@ -3315,63 +3149,62 @@ version = "0.3.8"; }; websocket-driver = { - dependencies = [ "websocket-extensions" ]; - groups = [ "default" ]; - platforms = [ ]; + dependencies = ["websocket-extensions"]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0a3bwxd9v3ghrxzjc4vxmf4xa18c6m4xqy5wb0yk5c6b9psc7052"; type = "gem"; }; version = "0.7.5"; }; websocket-extensions = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0hc2g9qps8lmhibl5baa91b4qx8wqw872rgwagml78ydj8qacsqw"; type = "gem"; }; version = "0.1.5"; }; wisper = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1rpsi0ziy78cj82sbyyywby4d0aw0a5q84v65qd28vqn79fbq5yf"; type = "gem"; }; version = "2.0.1"; }; xorcist = { - groups = [ "default" ]; - platforms = [ ]; + groups = ["default"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "1dbbiy8xlcfvn9ais37xfb5rci4liwakkmxzbkp72wmvlgcrf339"; type = "gem"; }; version = "1.1.3"; }; xpath = { - dependencies = [ "nokogiri" ]; - groups = [ "default" "test" ]; - platforms = [ ]; + dependencies = ["nokogiri"]; + groups = ["default" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "0bh8lk9hvlpn7vmi6h4hkcwjzvs2y0cmkk3yjjdr8fxvj6fsgzbd"; type = "gem"; }; version = "3.2.0"; }; zeitwerk = { - groups = - [ "default" "development" "pam_authentication" "production" "test" ]; - platforms = [ ]; + groups = ["default" "development" "pam_authentication" "production" "test"]; + platforms = []; source = { - remotes = [ "https://rubygems.org" ]; + remotes = ["https://rubygems.org"]; sha256 = "028ld9qmgdllxrl7d0qkl65s58wb1n3gv8yjs28g43a8b1hplxk1"; type = "gem"; }; diff --git a/nixos/pkgs/glitch-soc/source.nix b/nixos/pkgs/glitch-soc/source.nix index 34ca4075..1d38a9aa 100644 --- a/nixos/pkgs/glitch-soc/source.nix +++ b/nixos/pkgs/glitch-soc/source.nix @@ -1,12 +1,11 @@ # This file was generated by pkgs.mastodon.updateScript. -{ fetchgit, applyPatches }: -let +{ fetchgit, applyPatches }: let src = fetchgit { url = "https://github.com/glitch-soc/mastodon.git"; - rev = "c18884de32b60152600ec95ed42cdf9c00fdab7a"; - sha256 = "08b520wfs7hpi4jy9srynydkkh5b2wwnb2b3xxa843yialf0qmlh"; + rev = "058898802a377877961ff3bfa7d5209a5e275545"; + sha256 = "0rn7l94031yl1lyyz7yvky6bqshw4nllwissxlpyqcmii52gwp7y"; }; in applyPatches { inherit src; - patches = [ ]; + patches = []; } -- 2.47.1 From 92bcd2d823a916bf1aa9b907e15898268a2c31df Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 22 May 2023 15:20:12 +0200 Subject: [PATCH 1593/1882] try different ip setup --- nixos/hosts/hades/mastodon/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/mastodon/configuration.nix b/nixos/hosts/hades/mastodon/configuration.nix index f399954b..1c845401 100644 --- a/nixos/hosts/hades/mastodon/configuration.nix +++ b/nixos/hosts/hades/mastodon/configuration.nix @@ -15,7 +15,7 @@ in { environment.noXlibs = lib.mkForce false; networking.hosts = { - "83.128.154.23" = [ "xirion.net" "o.xirion.net" "hades.xirion.net" ]; + "192.168.0.122" = [ "xirion.net" "o.xirion.net" ]; }; services.elasticsearch = { -- 2.47.1 From eadc90d14d03ad0bd0bafe49fe7f014f7fd73d71 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 22 May 2023 20:09:00 +0200 Subject: [PATCH 1594/1882] local tag fix --- nixos/util.nix | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/nixos/util.nix b/nixos/util.nix index 85194149..6f6511a8 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -24,9 +24,10 @@ let # Add to whatever realm a host belong to its list of tags add_realm_to_tags = mapAttrs (realm: mapAttrs (_hostname: - { tags ? [ ], ... }@host: + { type ? "lxc", tags ? [ ], ... }@host: host // { - tags = [ realm ] ++ tags; + # Tags are for deployment, so don't add them to local machines + tags = tags ++ (if type == "local" then [ ] else [ realm ]); inherit realm; })); @@ -41,7 +42,8 @@ let # outputs # Helper function to build a colmena host definition - mkColmenaHost = { ip ? null, exposes ? null, hostname, tags, realm, type ? "lxc", ... }@host: + mkColmenaHost = { ip ? null, exposes ? null, hostname, tags, realm + , type ? "lxc", ... }@host: let # this makes local apply work a bit nicer name = if type == "local" then hostname else "${hostname}.${realm}"; @@ -67,6 +69,4 @@ let hosts = add_realm_to_tags (import ./hosts); flat_hosts = flatten_hosts hosts; nixHosts = filter_nix_hosts flat_hosts; -in { - inherit base_imports mkColmenaHost hosts flat_hosts nixHosts; -} +in { inherit base_imports mkColmenaHost hosts flat_hosts nixHosts; } -- 2.47.1 From 8282ee7f79394d37f3154503eeea5d644afec163 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 22 May 2023 21:38:22 +0200 Subject: [PATCH 1595/1882] add admin user (again) --- flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml b/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml index 6ec96a99..7a8f37e3 100644 --- a/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml +++ b/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml @@ -42,7 +42,7 @@ spec: - path: / pathType: ImplementationSpecific adminUser: - create: false + create: true passwordHash: $2a$10$uIY/YYe.CcRerpVvfk04muX86hLfXRH.K6jATZaVPqp.bnUIu/bsC username: admin -- 2.47.1 From 75b5dc033defd00a69ab1ac32465486938c1feea Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Tue, 23 May 2023 15:50:26 +0200 Subject: [PATCH 1596/1882] fix eval --- flake.lock | 44 ++++++++++++++++++++--------------------- flake.nix | 2 +- nixos/common/common.nix | 7 +++++++ 3 files changed, 30 insertions(+), 23 deletions(-) diff --git a/flake.lock b/flake.lock index 1688cc10..40782355 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1684741999, - "narHash": "sha256-KZLKsFZ6cLjCdCNKZoT8bc1y+rYBuFgKatmIB38zqy4=", + "lastModified": 1684824189, + "narHash": "sha256-k3nCkn5Qy67rCguuw6YkGuL6hOUNRKxQoKOjnapk5sU=", "owner": "nix-community", "repo": "home-manager", - "rev": "ba006d7cca2cb871c6a31bdbc130c05cde5ca8e8", + "rev": "58eb968c21d309a6c2b020ea8d64e25c38ceebba", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1684580438, - "narHash": "sha256-LUPswmDn6fXP3lEBJFA2Id8PkcYDgzUilevWackYVvQ=", + "lastModified": 1684661732, + "narHash": "sha256-2/Xo/UmUUoMXc0T5tzoUsYjMLLMjEfzRWDAQB0WwtW0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7dc71aef32e8faf065cb171700792cf8a65c152d", + "rev": "b0671cbf1e5c443f7fbfd4941ee0f8a151435114", "type": "github" }, "original": { @@ -815,27 +815,27 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1684662198, - "narHash": "sha256-lmGDGuFONWSoGBKDDhU/6fOhhmFoZQ8rPf+kS7/e/Gs=", + "lastModified": 1684843622, + "narHash": "sha256-dhFuK4YrMa4+ZeGm0ekrn3EtRG/zZwsMTXTiCjxC4J0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "50a183182d7ae39133555414d48d5d609a28a57d", + "rev": "e89ce0502750f0e85d2756059caca1ce50d60e2c", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable", + "ref": "master", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_4": { "locked": { - "lastModified": 1684385584, - "narHash": "sha256-O7y0gK8OLIDqz+LaHJJyeu09IGiXlZIS3+JgEzGmmJA=", + "lastModified": 1684754342, + "narHash": "sha256-plGnjnbnPLoZCTdQX21oT7xliQhFtgcWlkuDHgtEb1o=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "48a0fb7aab511df92a17cf239c37f2bd2ec9ae3a", + "rev": "7084250df3d7f9735087d3234407f3c1fc2400e3", "type": "github" }, "original": { @@ -931,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1684748678, - "narHash": "sha256-0afNO5R2IzYx3jNF+fQm1Aji2sd5ySwJyWD4/cp4gsY=", + "lastModified": 1684825584, + "narHash": "sha256-e3S38t0gxcJbtutHsRa3653rg6PziRpGsLPJE1ZEM/4=", "owner": "pta2002", "repo": "nixvim", - "rev": "eee375e97e001fda6e51b655cf79a82fae58ca4d", + "rev": "c7cc1167b99d21873c6841cf6253fbdeea6e4af1", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1684755885, - "narHash": "sha256-nm81eT3Bd4lnyoM4ZJenuEPVQWNwQqDsS1v5bgrFnDE=", + "lastModified": 1684839778, + "narHash": "sha256-x4R8ZPNKk69TxpwElCEZU25AouDvRfHts9nkbabsRdk=", "owner": "nix-community", "repo": "NUR", - "rev": "1ef9cd145b519027ac6161be3dbf5823401321b1", + "rev": "463cb21e8cad969a6b44de48e72dd71f0a470b5a", "type": "github" }, "original": { @@ -1015,11 +1015,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1684195081, - "narHash": "sha256-IKnQUSBhQTChFERxW2AzuauVpY1HRgeVzAjNMAA4B6I=", + "lastModified": 1684763926, + "narHash": "sha256-1pSTzogoCmZc7JB3VrFFgFoj5lNXIIWwkVReFVMHDT8=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "96eabec58248ed8f4b0ad59e7ce9398018684fdc", + "rev": "df448ffc5d244f52261d05894c5a96af7f3758a1", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index ff305d71..8c40bb08 100644 --- a/flake.nix +++ b/flake.nix @@ -9,7 +9,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:nixos/nixpkgs/master"; # nixpkgs.url = "github:NULLx76/nixpkgs/bazarr-1.2.1"; nixpkgs_22-11.url = "github:nixos/nixpkgs/nixos-22.11"; diff --git a/nixos/common/common.nix b/nixos/common/common.nix index cc675737..7a34a8a7 100644 --- a/nixos/common/common.nix +++ b/nixos/common/common.nix @@ -57,6 +57,13 @@ nixpkgs.config.allowUnfree = true; + nixpkgs.config.permittedInsecurePackages = [ + "nodejs-14.21.3" + "openssl-1.1.1t" + "nodejs-16.20.0" + ]; + + # Limit the systemd journal to 100 MB of disk or the # last 7 days of logs, whichever happens first. services.journald.extraConfig = '' -- 2.47.1 From 35beedcb43de67236ec55d88af890020e55598b1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 24 May 2023 06:34:01 +0000 Subject: [PATCH 1597/1882] chore(deps): update nixos/nix docker tag to v2.15.1 --- .woodpecker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 8f66875a..2f9327cb 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -1,6 +1,6 @@ pipeline: check: - image: nixos/nix:2.15.0 + image: nixos/nix:2.15.1 commands: - echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf - echo "store = unix:///mnt/nix/var/nix/daemon-socket/socket?root=/mnt" >> /etc/nix/nix.conf -- 2.47.1 From 095a834f8752e4f8b77532dbffdb9093d96c70ee Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 24 May 2023 06:33:58 +0000 Subject: [PATCH 1598/1882] chore(deps): update helm release external-secrets to v0.8.2 --- flux/olympus/core/external-secrets/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/core/external-secrets/helm-release.yaml b/flux/olympus/core/external-secrets/helm-release.yaml index 453f028b..e5abc381 100644 --- a/flux/olympus/core/external-secrets/helm-release.yaml +++ b/flux/olympus/core/external-secrets/helm-release.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: external-secrets - version: 0.8.1 + version: 0.8.2 interval: 30m sourceRef: kind: HelmRepository -- 2.47.1 From f2a1f85df85c58f254d0777c1431903e432ddd90 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Wed, 24 May 2023 12:10:54 +0200 Subject: [PATCH 1599/1882] fix deadnix --- nixos/hosts/hades/immich/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/immich/configuration.nix b/nixos/hosts/hades/immich/configuration.nix index 97c6146f..76d5276c 100644 --- a/nixos/hosts/hades/immich/configuration.nix +++ b/nixos/hosts/hades/immich/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ pkgs, config, lib, ... }: +{ pkgs, config, ... }: let # https://github.com/immich-app/immich/releases version = "1.55.1"; -- 2.47.1 From b9f0d9c902ff8cf6c7904d757eb37cc1a551b754 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Wed, 24 May 2023 13:19:04 +0200 Subject: [PATCH 1600/1882] update flake --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 40782355..ed229ea5 100644 --- a/flake.lock +++ b/flake.lock @@ -557,11 +557,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1684048308, - "narHash": "sha256-JcQe0Zmov/32L+GQ+O+H8Qoll+jjvkcrd8/TNtE6TBY=", + "lastModified": 1684874496, + "narHash": "sha256-UinOcfH+PvkYsnpsty8uIUrag62Yre2jlBjP2h70dI8=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "c04e4f22da48319d15593a2c942431744c12f27c", + "rev": "d8131ffc61553df6137b382eec380689596cae3d", "type": "gitlab" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1684661732, - "narHash": "sha256-2/Xo/UmUUoMXc0T5tzoUsYjMLLMjEfzRWDAQB0WwtW0=", + "lastModified": 1684858140, + "narHash": "sha256-dQStox5GYrVlVNMvxxXs3xX9bXG7J7ttSjqUcVm8EaA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b0671cbf1e5c443f7fbfd4941ee0f8a151435114", + "rev": "a17f99dfcb9643200b3884ca195c69ae41d7f059", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1684843622, - "narHash": "sha256-dhFuK4YrMa4+ZeGm0ekrn3EtRG/zZwsMTXTiCjxC4J0=", + "lastModified": 1684922791, + "narHash": "sha256-8WKe3e+HqcS/eplEK9eNKemta3ZQVxQiwoQujsBI8+M=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e89ce0502750f0e85d2756059caca1ce50d60e2c", + "rev": "19a1d5d1484a01b230fb1677d80c710856383326", "type": "github" }, "original": { @@ -931,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1684825584, - "narHash": "sha256-e3S38t0gxcJbtutHsRa3653rg6PziRpGsLPJE1ZEM/4=", + "lastModified": 1684856421, + "narHash": "sha256-7iieAuQOeTo2FjGJjqpEhSFvZJDb9pSo7taAzNw4ZqI=", "owner": "pta2002", "repo": "nixvim", - "rev": "c7cc1167b99d21873c6841cf6253fbdeea6e4af1", + "rev": "55415979af3fb850e54663a3804848cdc87803ae", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1684839778, - "narHash": "sha256-x4R8ZPNKk69TxpwElCEZU25AouDvRfHts9nkbabsRdk=", + "lastModified": 1684921791, + "narHash": "sha256-H0zNiMCtAUnRHyo06OaCpZEoP95WlEKVp+hpELTJXw0=", "owner": "nix-community", "repo": "NUR", - "rev": "463cb21e8cad969a6b44de48e72dd71f0a470b5a", + "rev": "9cacf444463dc574f0e9f6c0bc748f939b34a958", "type": "github" }, "original": { -- 2.47.1 From 66cc0c8f34bda8b7b1d9cb65700bc597b2b57861 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Wed, 24 May 2023 13:56:16 +0200 Subject: [PATCH 1601/1882] temp disable immich --- nixos/hosts/hades/immich/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/immich/configuration.nix b/nixos/hosts/hades/immich/configuration.nix index 76d5276c..938bb2df 100644 --- a/nixos/hosts/hades/immich/configuration.nix +++ b/nixos/hosts/hades/immich/configuration.nix @@ -5,7 +5,7 @@ { pkgs, config, ... }: let # https://github.com/immich-app/immich/releases - version = "1.55.1"; + # version = "1.55.1"; dataDir = "/var/lib/immich"; in { imports = [ ]; -- 2.47.1 From 4d1147f49e041cb40395048741976b61f044e8ac Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 24 May 2023 16:58:51 +0200 Subject: [PATCH 1602/1882] add plexpass package --- flake.nix | 2 ++ nixos/common/desktop/home.nix | 3 +-- nixos/pkgs/default.nix | 4 ++++ nixos/pkgs/plex-pass/default.nix | 3 +++ nixos/pkgs/plex-pass/raw.nix | 13 +++++++++++++ nixos/pkgs/plex-pass/sources.json | 14 ++++++++++++++ nixos/pkgs/plex-pass/update.sh | 32 +++++++++++++++++++++++++++++++ 7 files changed, 69 insertions(+), 2 deletions(-) create mode 100644 nixos/pkgs/plex-pass/default.nix create mode 100644 nixos/pkgs/plex-pass/raw.nix create mode 100644 nixos/pkgs/plex-pass/sources.json create mode 100755 nixos/pkgs/plex-pass/update.sh diff --git a/flake.nix b/flake.nix index 8c40bb08..f1ba3fd4 100644 --- a/flake.nix +++ b/flake.nix @@ -54,6 +54,7 @@ pkgs = import nixpkgs { inherit system; + config.allowUnfree = true; overlays = [ (import ./nixos/pkgs) vault-secrets.overlay nur.overlay ]; }; @@ -147,6 +148,7 @@ nil vault yamllint + jq (vault-push-approle-envs self { }) (vault-push-approles self { }) fast-repl diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index 1121eaba..c575b57f 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -16,8 +16,7 @@ in { gimp inputs.comma.packages.${pkgs.system}.default inputs.webcord.packages.${pkgs.system}.default - jetbrains.clion - jetbrains.idea-ultimate + # jetbrains.clion kdenlive mullvad-vpn neofetch diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index 8a067151..537224d7 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -21,5 +21,9 @@ _final: prev: { platformio.platformio-ide = prev.callPackage ./vscode-extensions/platformio.nix { }; }; + }; + + plex-plexpass = prev.callPackage ./plex-pass { }; + plexRaw-plexpass = prev.callPackage ./plex-pass/raw.nix { }; } diff --git a/nixos/pkgs/plex-pass/default.nix b/nixos/pkgs/plex-pass/default.nix new file mode 100644 index 00000000..a2c93c7c --- /dev/null +++ b/nixos/pkgs/plex-pass/default.nix @@ -0,0 +1,3 @@ +{ plex, plexRaw-plexpass }: +# Copied from: https://github.com/tadfisher/flake/blob/ed949a619236ba30f0be614fed804abdf1e8005b/pkgs/plex-plexpass/default.nix +plex.override { plexRaw = plexRaw-plexpass; } diff --git a/nixos/pkgs/plex-pass/raw.nix b/nixos/pkgs/plex-pass/raw.nix new file mode 100644 index 00000000..af68731f --- /dev/null +++ b/nixos/pkgs/plex-pass/raw.nix @@ -0,0 +1,13 @@ +{ lib, stdenv, plexRaw, fetchurl }: +let + sources = builtins.fromJSON (builtins.readFile ./sources.json); + source = lib.findFirst (x: x.platform == stdenv.hostPlatform.system) + (throw "unsupported platform: ${stdenv.hostPlatform.system}") sources; +in plexRaw.overrideAttrs (attrs: { + pname = attrs.pname + "-plexpass"; + version = source.version; + src = fetchurl { + inherit (source) url; + sha256 = source.hash; + }; +}) diff --git a/nixos/pkgs/plex-pass/sources.json b/nixos/pkgs/plex-pass/sources.json new file mode 100644 index 00000000..a505c016 --- /dev/null +++ b/nixos/pkgs/plex-pass/sources.json @@ -0,0 +1,14 @@ +[ + { + "version": "1.32.2.7100", + "platform": "aarch64-linux", + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.2.7100-248a2daf0/debian/plexmediaserver_1.32.2.7100-248a2daf0_arm64.deb", + "hash": "1rs967n4vli7gba2137l5z6vrdcdxfy3hni21lay3ayyds3xmavd" + }, + { + "version": "1.32.2.7100", + "platform": "x86_64-linux", + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.2.7100-248a2daf0/debian/plexmediaserver_1.32.2.7100-248a2daf0_amd64.deb", + "hash": "0myr0nws0dhhkp9cc5zwxs4pigs7bmyf582fwskzjqm3d7phlwmi" + } +] diff --git a/nixos/pkgs/plex-pass/update.sh b/nixos/pkgs/plex-pass/update.sh new file mode 100755 index 00000000..2637e25c --- /dev/null +++ b/nixos/pkgs/plex-pass/update.sh @@ -0,0 +1,32 @@ +#!/usr/bin/env bash +set -x +shopt -s extglob +set -eu -o pipefail + +path="$(realpath "$(dirname "$0")")" + +declare -A platforms=( + [linux-x86_64]=x86_64-linux + [linux-aarch64]=aarch64-linux +) + +token=$(vault kv get -field=plex_token hades_secrets/nixos/plex) +manifest=$(curl -s "https://plex.tv/api/downloads/5.json?channel=plexpass" -H "X-Plex-Token: ${token}") +version=$(echo "$manifest" | jq -r '.computer.Linux.version | split("-") | .[0]') + +tmp="$path/sources.tmp.json" +echo '' >$tmp + +for arch in "${!platforms[@]}"; do + url="$(echo "$manifest" | jq --arg arch "$arch" -r '.computer.Linux.releases[] | select(.distro == "debian" and .build == $arch) .url')" + hash="$(nix-prefetch-url "$url")" + nixPlatform=${platforms[$arch]} + jq --arg version $version \ + --arg platform $nixPlatform \ + --arg url "$url" \ + --arg hash $hash \ + -n '$ARGS.named' >>$tmp +done + +jq -s '.' $tmp >"$path/sources.json" +rm $tmp -- 2.47.1 From 982e499f36d65cdf40682e181bba681af1d5dc6d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 24 May 2023 14:33:49 +0000 Subject: [PATCH 1603/1882] chore(deps): update cachix/install-nix-action action to v21 --- .github/workflows/nixos.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml index b261566f..9ff6ee2a 100644 --- a/.github/workflows/nixos.yml +++ b/.github/workflows/nixos.yml @@ -21,7 +21,7 @@ jobs: large-packages: true swap-storage: true - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v20 + uses: cachix/install-nix-action@v21 - name: "Install Cachix ❄️" uses: cachix/cachix-action@v12 with: @@ -37,7 +37,7 @@ jobs: - uses: actions/checkout@v3 - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v20 + uses: cachix/install-nix-action@v21 - name: "Install Cachix ❄️" uses: cachix/cachix-action@v12 @@ -54,7 +54,7 @@ jobs: - uses: actions/checkout@v3 - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v20 + uses: cachix/install-nix-action@v21 - name: "Install Cachix ❄️" uses: cachix/cachix-action@v12 @@ -85,7 +85,7 @@ jobs: swap-storage: true - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v20 + uses: cachix/install-nix-action@v21 - name: "Install Cachix ❄️" uses: cachix/cachix-action@v12 with: @@ -116,7 +116,7 @@ jobs: swap-storage: true - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v20 + uses: cachix/install-nix-action@v21 - name: "Install Cachix ❄️" uses: cachix/cachix-action@v12 -- 2.47.1 From 603eb30abff556f744bbf4b60ec8c25701d08f3f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 24 May 2023 14:33:45 +0000 Subject: [PATCH 1604/1882] chore(deps): update flaresolverr/flaresolverr docker tag to v3.2.0 --- nixos/hosts/hades/overseerr/prowlarr.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/overseerr/prowlarr.nix b/nixos/hosts/hades/overseerr/prowlarr.nix index dd39cbca..ff7e9465 100644 --- a/nixos/hosts/hades/overseerr/prowlarr.nix +++ b/nixos/hosts/hades/overseerr/prowlarr.nix @@ -5,7 +5,7 @@ _: { }; virtualisation.oci-containers.containers.flaresolverr = { - image = "flaresolverr/flaresolverr:v3.1.2"; + image = "flaresolverr/flaresolverr:v3.2.0"; ports = [ "8191:8191" ]; }; } -- 2.47.1 From 4b3ef69ac22cf3567b6b658d617d315a4dc2d44b Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 24 May 2023 18:39:28 +0200 Subject: [PATCH 1605/1882] fix lint --- nixos/pkgs/plex-pass/raw.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/pkgs/plex-pass/raw.nix b/nixos/pkgs/plex-pass/raw.nix index af68731f..b2f13fff 100644 --- a/nixos/pkgs/plex-pass/raw.nix +++ b/nixos/pkgs/plex-pass/raw.nix @@ -5,7 +5,7 @@ let (throw "unsupported platform: ${stdenv.hostPlatform.system}") sources; in plexRaw.overrideAttrs (attrs: { pname = attrs.pname + "-plexpass"; - version = source.version; + inherit (source) version; src = fetchurl { inherit (source) url; sha256 = source.hash; -- 2.47.1 From f7168ff31ba9fbf802e64f2f61be646bb5699d22 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 24 May 2023 18:42:37 +0200 Subject: [PATCH 1606/1882] add colmena build stage to CI --- .woodpecker.yml | 1 + flake.lock | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 2f9327cb..79d9b514 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -7,5 +7,6 @@ pipeline: - nix run 'nixpkgs#statix' check - nix run 'nixpkgs#deadnix' -- -f - nix run 'nixpkgs#yamllint' . + - nix run '.#' -- build --on 'bastion*' volumes: - /nix:/mnt/nix:ro diff --git a/flake.lock b/flake.lock index ed229ea5..13df5d54 100644 --- a/flake.lock +++ b/flake.lock @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1684922791, - "narHash": "sha256-8WKe3e+HqcS/eplEK9eNKemta3ZQVxQiwoQujsBI8+M=", + "lastModified": 1684944540, + "narHash": "sha256-Ws79+cNBR/2tqEf3Md+Ok03avJOXAykpRRvkaerkTCQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "19a1d5d1484a01b230fb1677d80c710856383326", + "rev": "178b88e3aee997935c6a81a72f2726ae86dffa0d", "type": "github" }, "original": { -- 2.47.1 From a7ac7395263a10f6ec93cd113c75c3e8a2a33d60 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 25 May 2023 20:05:23 +0200 Subject: [PATCH 1607/1882] add plex nginx --- nixos/hosts/hades/nginx/configuration.nix | 53 +++++++++++++++++++++++ 1 file changed, 53 insertions(+) diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix index a9ed406c..1745d1eb 100644 --- a/nixos/hosts/hades/nginx/configuration.nix +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -75,6 +75,59 @@ in { ''; }; + virtualHosts."plex.xirion.net" = { + # Since we want a secure connection, we force SSL + forceSSL = true; + enableACME = true; + + proxyWebsockets = true; + + extraConfig = '' + #Some players don't reopen a socket and playback stops totally instead of resuming after an extended pause + send_timeout 100m; + + # Why this is important: https://blog.cloudflare.com/ocsp-stapling-how-cloudflare-just-made-ssl-30/ + ssl_stapling on; + ssl_stapling_verify on; + + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + #Intentionally not hardened for security for player support and encryption video streams has a lot of overhead with something like AES-256-GCM-SHA384. + ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; + + # Forward real ip and host to Plex + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Host $server_addr; + proxy_set_header Referer $server_addr; + proxy_set_header Origin $server_addr; + + # Nginx default client_max_body_size is 1MB, which breaks Camera Upload feature from the phones. + # Increasing the limit fixes the issue. Anyhow, if 4K videos are expected to be uploaded, the size might need to be increased even more + client_max_body_size 100M; + + # Plex headers + proxy_set_header X-Plex-Client-Identifier $http_x_plex_client_identifier; + proxy_set_header X-Plex-Device $http_x_plex_device; + proxy_set_header X-Plex-Device-Name $http_x_plex_device_name; + proxy_set_header X-Plex-Platform $http_x_plex_platform; + proxy_set_header X-Plex-Platform-Version $http_x_plex_platform_version; + proxy_set_header X-Plex-Product $http_x_plex_product; + proxy_set_header X-Plex-Token $http_x_plex_token; + proxy_set_header X-Plex-Version $http_x_plex_version; + proxy_set_header X-Plex-Nocache $http_x_plex_nocache; + proxy_set_header X-Plex-Provides $http_x_plex_provides; + proxy_set_header X-Plex-Device-Vendor $http_x_plex_device_vendor; + proxy_set_header X-Plex-Model $http_x_plex_model; + + # Buffering off send to the client as soon as the data is received from Plex. + proxy_redirect off; + proxy_buffering off; + ''; + locations."/" = { proxyPass = "http://plex2.hades:32400/"; }; + }; + virtualHosts."fedi.xirion.net" = { enableACME = true; forceSSL = true; -- 2.47.1 From c40723cd6e27d5115cfc4d3af0472537af12d904 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 25 May 2023 21:36:24 +0200 Subject: [PATCH 1608/1882] add plex --- nixos/hosts/hades/default.nix | 11 ++++---- nixos/hosts/hades/nginx/configuration.nix | 6 +++-- nixos/hosts/hades/plex/configuration.nix | 31 +++++++++++++++++++++++ nixos/pkgs/plex-pass/sources.json | 12 ++++----- 4 files changed, 46 insertions(+), 14 deletions(-) create mode 100644 nixos/hosts/hades/plex/configuration.nix diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index bfc14d89..7670659a 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -102,13 +102,12 @@ ip = "192.168.0.119"; mac = "DE:7C:32:7E:DD:A1"; }; - # ip = "192.168.0.120"; - "jackett2" = { - ip = "192.168.0.121"; - mac = "4e:e7:64:b7:88:b8"; - profile = "jackett"; - nix = false; # superseded by prowlarr + "plex2" = { + ip = "192.168.0.120"; + mac = "A2:2C:65:32:54:8A"; + profile = "plex"; }; + # ip = "192.168.0.121"; "nginx" = { ip = "192.168.0.122"; mac = "52:8E:72:31:AE:AC"; diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix index 68da0a15..3f53adc7 100644 --- a/nixos/hosts/hades/nginx/configuration.nix +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -83,7 +83,6 @@ in { forceSSL = true; enableACME = true; - proxyWebsockets = true; extraConfig = '' #Some players don't reopen a socket and playback stops totally instead of resuming after an extended pause @@ -128,7 +127,10 @@ in { proxy_redirect off; proxy_buffering off; ''; - locations."/" = { proxyPass = "http://plex2.hades:32400/"; }; + locations."/" = { + + proxyWebsockets = true; + proxyPass = "http://plex2.hades:32400/"; }; }; virtualHosts."fedi.xirion.net" = { diff --git a/nixos/hosts/hades/plex/configuration.nix b/nixos/hosts/hades/plex/configuration.nix new file mode 100644 index 00000000..e2ffbeff --- /dev/null +++ b/nixos/hosts/hades/plex/configuration.nix @@ -0,0 +1,31 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ pkgs, ... }: + +{ + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + services.plex = { + enable = true; + package = pkgs.plex-plexpass; + openFirewall = true; + }; + + fileSystems."/mnt/storage" = { + device = "storage:/mnt/storage"; + fsType = "nfs"; + }; +} diff --git a/nixos/pkgs/plex-pass/sources.json b/nixos/pkgs/plex-pass/sources.json index a505c016..e7fbf527 100644 --- a/nixos/pkgs/plex-pass/sources.json +++ b/nixos/pkgs/plex-pass/sources.json @@ -1,14 +1,14 @@ [ { - "version": "1.32.2.7100", + "version": "1.32.3.7089", "platform": "aarch64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.2.7100-248a2daf0/debian/plexmediaserver_1.32.2.7100-248a2daf0_arm64.deb", - "hash": "1rs967n4vli7gba2137l5z6vrdcdxfy3hni21lay3ayyds3xmavd" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.3.7089-b0a36929b/debian/plexmediaserver_1.32.3.7089-b0a36929b_arm64.deb", + "hash": "1sc6h04l0lxw3jzz01gn7i6wikqqds7nqh35rqvwhffjgdvmcjhq" }, { - "version": "1.32.2.7100", + "version": "1.32.3.7089", "platform": "x86_64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.2.7100-248a2daf0/debian/plexmediaserver_1.32.2.7100-248a2daf0_amd64.deb", - "hash": "0myr0nws0dhhkp9cc5zwxs4pigs7bmyf582fwskzjqm3d7phlwmi" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.3.7089-b0a36929b/debian/plexmediaserver_1.32.3.7089-b0a36929b_amd64.deb", + "hash": "074qvjl49rfn6s3naa5s71i5kd0an64laijz13cpsh55yy6zwgb3" } ] -- 2.47.1 From 9c7f5599155f55ea0c9916ee26a3d376c7e93408 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 25 May 2023 23:04:32 +0200 Subject: [PATCH 1609/1882] flake update --- flake.lock | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/flake.lock b/flake.lock index 13df5d54..b9ab44e8 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1684824189, - "narHash": "sha256-k3nCkn5Qy67rCguuw6YkGuL6hOUNRKxQoKOjnapk5sU=", + "lastModified": 1685019994, + "narHash": "sha256-81o6SKZPALvib21hIOMx2lIhFSs0mRy0PfPvg0zsfTk=", "owner": "nix-community", "repo": "home-manager", - "rev": "58eb968c21d309a6c2b020ea8d64e25c38ceebba", + "rev": "d1f04b0f365a34896a37d9015637796537ec88a3", "type": "github" }, "original": { @@ -557,11 +557,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1684874496, - "narHash": "sha256-UinOcfH+PvkYsnpsty8uIUrag62Yre2jlBjP2h70dI8=", + "lastModified": 1684964237, + "narHash": "sha256-dDS+GhdZN2MAa2FJKFGM2gpgAXhx+xoMkpVsRx9qpDE=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "d8131ffc61553df6137b382eec380689596cae3d", + "rev": "1bcfcf786bc289ca1bd2c9d29d6f02d9141b1da3", "type": "gitlab" }, "original": { @@ -671,11 +671,11 @@ ] }, "locked": { - "lastModified": 1684751352, - "narHash": "sha256-CI7V/2aSBXsefcqX+IhL9zYayL4dPLucymlMCzVxyP4=", + "lastModified": 1685000237, + "narHash": "sha256-pm+2xP9g9sh6wapk1ulg7/1DdENkTNDB7Kx+6lwGs/k=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "a9933ffcbc91688a4bc7dc427f454069a423343f", + "rev": "05bef004794f352ea12475a89f3f55b4102c0728", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1684858140, - "narHash": "sha256-dQStox5GYrVlVNMvxxXs3xX9bXG7J7ttSjqUcVm8EaA=", + "lastModified": 1684936879, + "narHash": "sha256-BOSq/QiX7MDs8tUnAt4+nYTJctgYkzVSNL95qlfMYeM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a17f99dfcb9643200b3884ca195c69ae41d7f059", + "rev": "99fe1b870522d6ee3e692c2b6e663d6868a3fde4", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1684944540, - "narHash": "sha256-Ws79+cNBR/2tqEf3Md+Ok03avJOXAykpRRvkaerkTCQ=", + "lastModified": 1685048218, + "narHash": "sha256-rgffUjn7KB2hwonnEIWxZU8ooaD4QL7TzOITJcKvFuE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "178b88e3aee997935c6a81a72f2726ae86dffa0d", + "rev": "45ed0820a4604e699667ceb16ed188ce279cfa45", "type": "github" }, "original": { @@ -931,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1684856421, - "narHash": "sha256-7iieAuQOeTo2FjGJjqpEhSFvZJDb9pSo7taAzNw4ZqI=", + "lastModified": 1685036478, + "narHash": "sha256-KE5t2UI1K3hZujuAQTWyzDPJUAZbvJlCYRlj2UoHFvY=", "owner": "pta2002", "repo": "nixvim", - "rev": "55415979af3fb850e54663a3804848cdc87803ae", + "rev": "51afeda8e592a29b08b98e86b0e4e29d7eb7d5a5", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1684921791, - "narHash": "sha256-H0zNiMCtAUnRHyo06OaCpZEoP95WlEKVp+hpELTJXw0=", + "lastModified": 1685043971, + "narHash": "sha256-HxsVGILuNDWh2YjW9t6Pdwf7Qqu2Tw67wZy+kEuNjeo=", "owner": "nix-community", "repo": "NUR", - "rev": "9cacf444463dc574f0e9f6c0bc748f939b34a958", + "rev": "98700f7da94c54615cef59d5ddfe346837b2ff6a", "type": "github" }, "original": { -- 2.47.1 From 3e35c1f198368078562925ff138053645d720cf1 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 25 May 2023 23:04:32 +0200 Subject: [PATCH 1610/1882] flake update --- flake.lock | 42 +++++++++++++++++----------------- nixos/pkgs/plex-pass/update.sh | 4 +++- 2 files changed, 24 insertions(+), 22 deletions(-) diff --git a/flake.lock b/flake.lock index 13df5d54..b9ab44e8 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1684824189, - "narHash": "sha256-k3nCkn5Qy67rCguuw6YkGuL6hOUNRKxQoKOjnapk5sU=", + "lastModified": 1685019994, + "narHash": "sha256-81o6SKZPALvib21hIOMx2lIhFSs0mRy0PfPvg0zsfTk=", "owner": "nix-community", "repo": "home-manager", - "rev": "58eb968c21d309a6c2b020ea8d64e25c38ceebba", + "rev": "d1f04b0f365a34896a37d9015637796537ec88a3", "type": "github" }, "original": { @@ -557,11 +557,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1684874496, - "narHash": "sha256-UinOcfH+PvkYsnpsty8uIUrag62Yre2jlBjP2h70dI8=", + "lastModified": 1684964237, + "narHash": "sha256-dDS+GhdZN2MAa2FJKFGM2gpgAXhx+xoMkpVsRx9qpDE=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "d8131ffc61553df6137b382eec380689596cae3d", + "rev": "1bcfcf786bc289ca1bd2c9d29d6f02d9141b1da3", "type": "gitlab" }, "original": { @@ -671,11 +671,11 @@ ] }, "locked": { - "lastModified": 1684751352, - "narHash": "sha256-CI7V/2aSBXsefcqX+IhL9zYayL4dPLucymlMCzVxyP4=", + "lastModified": 1685000237, + "narHash": "sha256-pm+2xP9g9sh6wapk1ulg7/1DdENkTNDB7Kx+6lwGs/k=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "a9933ffcbc91688a4bc7dc427f454069a423343f", + "rev": "05bef004794f352ea12475a89f3f55b4102c0728", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1684858140, - "narHash": "sha256-dQStox5GYrVlVNMvxxXs3xX9bXG7J7ttSjqUcVm8EaA=", + "lastModified": 1684936879, + "narHash": "sha256-BOSq/QiX7MDs8tUnAt4+nYTJctgYkzVSNL95qlfMYeM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a17f99dfcb9643200b3884ca195c69ae41d7f059", + "rev": "99fe1b870522d6ee3e692c2b6e663d6868a3fde4", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1684944540, - "narHash": "sha256-Ws79+cNBR/2tqEf3Md+Ok03avJOXAykpRRvkaerkTCQ=", + "lastModified": 1685048218, + "narHash": "sha256-rgffUjn7KB2hwonnEIWxZU8ooaD4QL7TzOITJcKvFuE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "178b88e3aee997935c6a81a72f2726ae86dffa0d", + "rev": "45ed0820a4604e699667ceb16ed188ce279cfa45", "type": "github" }, "original": { @@ -931,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1684856421, - "narHash": "sha256-7iieAuQOeTo2FjGJjqpEhSFvZJDb9pSo7taAzNw4ZqI=", + "lastModified": 1685036478, + "narHash": "sha256-KE5t2UI1K3hZujuAQTWyzDPJUAZbvJlCYRlj2UoHFvY=", "owner": "pta2002", "repo": "nixvim", - "rev": "55415979af3fb850e54663a3804848cdc87803ae", + "rev": "51afeda8e592a29b08b98e86b0e4e29d7eb7d5a5", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1684921791, - "narHash": "sha256-H0zNiMCtAUnRHyo06OaCpZEoP95WlEKVp+hpELTJXw0=", + "lastModified": 1685043971, + "narHash": "sha256-HxsVGILuNDWh2YjW9t6Pdwf7Qqu2Tw67wZy+kEuNjeo=", "owner": "nix-community", "repo": "NUR", - "rev": "9cacf444463dc574f0e9f6c0bc748f939b34a958", + "rev": "98700f7da94c54615cef59d5ddfe346837b2ff6a", "type": "github" }, "original": { diff --git a/nixos/pkgs/plex-pass/update.sh b/nixos/pkgs/plex-pass/update.sh index 2637e25c..f41eb483 100755 --- a/nixos/pkgs/plex-pass/update.sh +++ b/nixos/pkgs/plex-pass/update.sh @@ -1,4 +1,6 @@ -#!/usr/bin/env bash +#! /usr/bin/env nix-shell +#! nix-shell -i bash -p jq curl vault + set -x shopt -s extglob set -eu -o pipefail -- 2.47.1 From 50974ddb0aa8b84d6639f1766d38f6947d8f7867 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 25 May 2023 23:17:07 +0200 Subject: [PATCH 1611/1882] run update.sh in CI (no commit yet) --- .woodpecker.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 79d9b514..3a129bdf 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -7,6 +7,13 @@ pipeline: - nix run 'nixpkgs#statix' check - nix run 'nixpkgs#deadnix' -- -f - nix run 'nixpkgs#yamllint' . - - nix run '.#' -- build --on 'bastion*' + volumes: + - /nix:/mnt/nix:ro + update_plex: + image: nixos/nix:2.15.1 + commands: + - echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf + - echo "store = unix:///mnt/nix/var/nix/daemon-socket/socket?root=/mnt" >> /etc/nix/nix.conf + - ./nixos/pkgs/plex-pass/update.sh volumes: - /nix:/mnt/nix:ro -- 2.47.1 From cc53d29ba437861f2e3f87c44529079bf73525f3 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 25 May 2023 23:19:10 +0200 Subject: [PATCH 1612/1882] run update.sh in CI (no commit yet) -1 --- nixos/pkgs/plex-pass/update.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/pkgs/plex-pass/update.sh b/nixos/pkgs/plex-pass/update.sh index f41eb483..71ca8ec6 100755 --- a/nixos/pkgs/plex-pass/update.sh +++ b/nixos/pkgs/plex-pass/update.sh @@ -1,5 +1,5 @@ #! /usr/bin/env nix-shell -#! nix-shell -i bash -p jq curl vault +#! nix-shell -i bash -p jq curl vault coreutils set -x shopt -s extglob -- 2.47.1 From 9714ee2bd90ec358d58d02f7b492677b1b6a1c6a Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 25 May 2023 23:26:57 +0200 Subject: [PATCH 1613/1882] aaa --- .woodpecker.yml | 3 ++- nixos/pkgs/plex-pass/update.sh | 3 +-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 3a129bdf..0697ce19 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -4,7 +4,7 @@ pipeline: commands: - echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf - echo "store = unix:///mnt/nix/var/nix/daemon-socket/socket?root=/mnt" >> /etc/nix/nix.conf - - nix run 'nixpkgs#statix' check + - nix run 'nixpkgs#statix' check . - nix run 'nixpkgs#deadnix' -- -f - nix run 'nixpkgs#yamllint' . volumes: @@ -14,6 +14,7 @@ pipeline: commands: - echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf - echo "store = unix:///mnt/nix/var/nix/daemon-socket/socket?root=/mnt" >> /etc/nix/nix.conf + - nix profile install 'nixpkgs#jq' 'nixpkgs#curl' 'nixpkgs#vault' - ./nixos/pkgs/plex-pass/update.sh volumes: - /nix:/mnt/nix:ro diff --git a/nixos/pkgs/plex-pass/update.sh b/nixos/pkgs/plex-pass/update.sh index 71ca8ec6..4dc8e124 100755 --- a/nixos/pkgs/plex-pass/update.sh +++ b/nixos/pkgs/plex-pass/update.sh @@ -1,5 +1,4 @@ -#! /usr/bin/env nix-shell -#! nix-shell -i bash -p jq curl vault coreutils +#! /usr/bin/env bash set -x shopt -s extglob -- 2.47.1 From b69d8e94324a9d227d6ffa3e6f4661a4abcffa3e Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 26 May 2023 12:15:37 +0200 Subject: [PATCH 1614/1882] update flake --- .woodpecker.yml | 3 +-- flake.lock | 42 +++++++++++++++++++++--------------------- 2 files changed, 22 insertions(+), 23 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 79d9b514..c8c8a7a2 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -4,9 +4,8 @@ pipeline: commands: - echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf - echo "store = unix:///mnt/nix/var/nix/daemon-socket/socket?root=/mnt" >> /etc/nix/nix.conf - - nix run 'nixpkgs#statix' check + - nix run 'nixpkgs#statix' check . - nix run 'nixpkgs#deadnix' -- -f - nix run 'nixpkgs#yamllint' . - - nix run '.#' -- build --on 'bastion*' volumes: - /nix:/mnt/nix:ro diff --git a/flake.lock b/flake.lock index 13df5d54..bc281720 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1684824189, - "narHash": "sha256-k3nCkn5Qy67rCguuw6YkGuL6hOUNRKxQoKOjnapk5sU=", + "lastModified": 1685019994, + "narHash": "sha256-81o6SKZPALvib21hIOMx2lIhFSs0mRy0PfPvg0zsfTk=", "owner": "nix-community", "repo": "home-manager", - "rev": "58eb968c21d309a6c2b020ea8d64e25c38ceebba", + "rev": "d1f04b0f365a34896a37d9015637796537ec88a3", "type": "github" }, "original": { @@ -557,11 +557,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1684874496, - "narHash": "sha256-UinOcfH+PvkYsnpsty8uIUrag62Yre2jlBjP2h70dI8=", + "lastModified": 1684964237, + "narHash": "sha256-dDS+GhdZN2MAa2FJKFGM2gpgAXhx+xoMkpVsRx9qpDE=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "d8131ffc61553df6137b382eec380689596cae3d", + "rev": "1bcfcf786bc289ca1bd2c9d29d6f02d9141b1da3", "type": "gitlab" }, "original": { @@ -671,11 +671,11 @@ ] }, "locked": { - "lastModified": 1684751352, - "narHash": "sha256-CI7V/2aSBXsefcqX+IhL9zYayL4dPLucymlMCzVxyP4=", + "lastModified": 1685000237, + "narHash": "sha256-pm+2xP9g9sh6wapk1ulg7/1DdENkTNDB7Kx+6lwGs/k=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "a9933ffcbc91688a4bc7dc427f454069a423343f", + "rev": "05bef004794f352ea12475a89f3f55b4102c0728", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1684858140, - "narHash": "sha256-dQStox5GYrVlVNMvxxXs3xX9bXG7J7ttSjqUcVm8EaA=", + "lastModified": 1684936879, + "narHash": "sha256-BOSq/QiX7MDs8tUnAt4+nYTJctgYkzVSNL95qlfMYeM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a17f99dfcb9643200b3884ca195c69ae41d7f059", + "rev": "99fe1b870522d6ee3e692c2b6e663d6868a3fde4", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1684944540, - "narHash": "sha256-Ws79+cNBR/2tqEf3Md+Ok03avJOXAykpRRvkaerkTCQ=", + "lastModified": 1685096010, + "narHash": "sha256-liaqLhspPGTXqH+kKtQaXsPO6R0KoQAKZ1gJv7BrcxA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "178b88e3aee997935c6a81a72f2726ae86dffa0d", + "rev": "bf5b953efddd1870c9bb631b21d555fc0c07d557", "type": "github" }, "original": { @@ -931,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1684856421, - "narHash": "sha256-7iieAuQOeTo2FjGJjqpEhSFvZJDb9pSo7taAzNw4ZqI=", + "lastModified": 1685036478, + "narHash": "sha256-KE5t2UI1K3hZujuAQTWyzDPJUAZbvJlCYRlj2UoHFvY=", "owner": "pta2002", "repo": "nixvim", - "rev": "55415979af3fb850e54663a3804848cdc87803ae", + "rev": "51afeda8e592a29b08b98e86b0e4e29d7eb7d5a5", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1684921791, - "narHash": "sha256-H0zNiMCtAUnRHyo06OaCpZEoP95WlEKVp+hpELTJXw0=", + "lastModified": 1685082753, + "narHash": "sha256-T/EZZ12KLCV+DmTSOAZElNqIv37EGsXsrYsppSYakKY=", "owner": "nix-community", "repo": "NUR", - "rev": "9cacf444463dc574f0e9f6c0bc748f939b34a958", + "rev": "6caf1df8f14553fa9295412c13776fb83e56bd4f", "type": "github" }, "original": { -- 2.47.1 From 5586de530a0560c57234aacd75aee9952793d80b Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 26 May 2023 20:53:33 +0200 Subject: [PATCH 1615/1882] add gitea action runner --- flake.lock | 18 ++++++++--------- .../olympus/woodpecker/configuration.nix | 20 +++++++++++++++++++ 2 files changed, 29 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 8abe9f60..c7601577 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1685019994, - "narHash": "sha256-81o6SKZPALvib21hIOMx2lIhFSs0mRy0PfPvg0zsfTk=", + "lastModified": 1685108129, + "narHash": "sha256-6Jv6LxrLfaueHj095oBUKBk++eW4Ya0qfHwhQVQqyoo=", "owner": "nix-community", "repo": "home-manager", - "rev": "d1f04b0f365a34896a37d9015637796537ec88a3", + "rev": "bec196cd9b5f34213c7dc90ef2a524336df70e30", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1685096089, - "narHash": "sha256-SviW+Iu6VDBWTI3PCo+geWIE/MGZwuB/XRczOgds/Rs=", + "lastModified": 1685125545, + "narHash": "sha256-eOwoViAA1nR1r3uGRmUmOuCkwg6asYx9+gHT18Hdxsk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "3b99ef458237cc31434adba76ed623d07c488fe2", + "rev": "23c6303e9953d9691f74d05d49399508927f5dd1", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1685082753, - "narHash": "sha256-T/EZZ12KLCV+DmTSOAZElNqIv37EGsXsrYsppSYakKY=", + "lastModified": 1685121851, + "narHash": "sha256-tPvAxqsM4VkPoO4QyqQxTYecv1ormqhZ+JmsUC/PUEA=", "owner": "nix-community", "repo": "NUR", - "rev": "6caf1df8f14553fa9295412c13776fb83e56bd4f", + "rev": "4a2a958322444e3c3156b3442872f34b38db2ac8", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/woodpecker/configuration.nix b/nixos/hosts/olympus/woodpecker/configuration.nix index 542f726a..73bacde8 100644 --- a/nixos/hosts/olympus/woodpecker/configuration.nix +++ b/nixos/hosts/olympus/woodpecker/configuration.nix @@ -42,6 +42,26 @@ in { allowedUDPPorts = [ 53 ]; allowedTCPPorts = [ 53 ]; }; + + services.gitea-actions-runner.instances = { + nix-native = { + enable = true; + name = "nix-native"; + labels = [ "native:host" ]; + url = "https://git.0x76.dev"; + hostPackages = with pkgs; [ + bash + coreutils + curl + gawk + gitMinimal + gnused + nodejs + wget + ]; + }; + }; + services.woodpecker-server = { enable = true; environment = { -- 2.47.1 From 3dc77b9f137e426a89f7a131cc1d57d437f44315 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 26 May 2023 21:14:45 +0200 Subject: [PATCH 1616/1882] tokenfile --- nixos/hosts/olympus/woodpecker/configuration.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/nixos/hosts/olympus/woodpecker/configuration.nix b/nixos/hosts/olympus/woodpecker/configuration.nix index 73bacde8..078b3333 100644 --- a/nixos/hosts/olympus/woodpecker/configuration.nix +++ b/nixos/hosts/olympus/woodpecker/configuration.nix @@ -27,6 +27,8 @@ in { quoteEnvironmentValues = false; # Needed for docker }; + vault-secrets.secrets.gitea_runner = { }; + virtualisation.podman = { enable = true; dockerSocket.enable = true; @@ -49,6 +51,7 @@ in { name = "nix-native"; labels = [ "native:host" ]; url = "https://git.0x76.dev"; + tokenFile = "${vs.gitea_runner}/token_native"; hostPackages = with pkgs; [ bash coreutils -- 2.47.1 From b85af3a9904a19208fc70477bc8727786af91fd6 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 26 May 2023 21:18:22 +0200 Subject: [PATCH 1617/1882] test ci --- .forgejo/workflows/test.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 .forgejo/workflows/test.yml diff --git a/.forgejo/workflows/test.yml b/.forgejo/workflows/test.yml new file mode 100644 index 00000000..90f69a37 --- /dev/null +++ b/.forgejo/workflows/test.yml @@ -0,0 +1,10 @@ +name: Test +on: [push] +jobs: + setup-forgejo: + runs-on: nix-native + steps: + - uses: actions/checkout@v3 + - run: | + ls + echo "Hello, World!" -- 2.47.1 From eb114b11108a288205cb4cc035101427082bda4e Mon Sep 17 00:00:00 2001 From: v Date: Fri, 26 May 2023 22:19:20 +0200 Subject: [PATCH 1618/1882] CI (#170) Co-authored-by: Victor Co-authored-by: Forgejo Actions Bot <> Reviewed-on: https://git.0x76.dev/v/infrastructure/pulls/170 --- .forgejo/workflows/plex_update.yml | 18 ++++++++++++++++++ .forgejo/workflows/test.yml | 10 ---------- .../hosts/olympus/woodpecker/configuration.nix | 7 ++++++- nixos/pkgs/plex-pass/update.sh | 2 -- 4 files changed, 24 insertions(+), 13 deletions(-) create mode 100644 .forgejo/workflows/plex_update.yml delete mode 100644 .forgejo/workflows/test.yml diff --git a/.forgejo/workflows/plex_update.yml b/.forgejo/workflows/plex_update.yml new file mode 100644 index 00000000..a9ed6337 --- /dev/null +++ b/.forgejo/workflows/plex_update.yml @@ -0,0 +1,18 @@ +name: Plex Update +on: [push] +jobs: + native-test: + runs-on: native + steps: + - uses: actions/checkout@v3 + - env: + VAULT_ADDR: ${{ secrets.VAULT_ADDR }} + VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }} + run: | + git config user.name "Forgejo Actions Bot" + git config user.email "<>" + ./nixos/pkgs/plex-pass/update.sh + git add ./nixos/pkgs/plex-pass/ + git commit -m "Update Plex" + git push origin actions-ci + diff --git a/.forgejo/workflows/test.yml b/.forgejo/workflows/test.yml deleted file mode 100644 index 90f69a37..00000000 --- a/.forgejo/workflows/test.yml +++ /dev/null @@ -1,10 +0,0 @@ -name: Test -on: [push] -jobs: - setup-forgejo: - runs-on: nix-native - steps: - - uses: actions/checkout@v3 - - run: | - ls - echo "Hello, World!" diff --git a/nixos/hosts/olympus/woodpecker/configuration.nix b/nixos/hosts/olympus/woodpecker/configuration.nix index 078b3333..9c5d0c29 100644 --- a/nixos/hosts/olympus/woodpecker/configuration.nix +++ b/nixos/hosts/olympus/woodpecker/configuration.nix @@ -27,7 +27,9 @@ in { quoteEnvironmentValues = false; # Needed for docker }; - vault-secrets.secrets.gitea_runner = { }; + vault-secrets.secrets.gitea_runner = { + services = [ "gitea-runner-nix\x2dnative" ]; + }; virtualisation.podman = { enable = true; @@ -59,7 +61,10 @@ in { gawk gitMinimal gnused + jq nodejs + nixUnstable + vault wget ]; }; diff --git a/nixos/pkgs/plex-pass/update.sh b/nixos/pkgs/plex-pass/update.sh index 4dc8e124..90c07c34 100755 --- a/nixos/pkgs/plex-pass/update.sh +++ b/nixos/pkgs/plex-pass/update.sh @@ -1,6 +1,4 @@ #! /usr/bin/env bash - -set -x shopt -s extglob set -eu -o pipefail -- 2.47.1 From 5392a98f3cd8335a2c49a83aa7e1d1cef0cc42fe Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 26 May 2023 22:26:33 +0200 Subject: [PATCH 1619/1882] improved script --- .forgejo/workflows/plex_update.yml | 15 ++- .github/workflows/nixos.yml | 147 ----------------------------- 2 files changed, 11 insertions(+), 151 deletions(-) delete mode 100644 .github/workflows/nixos.yml diff --git a/.forgejo/workflows/plex_update.yml b/.forgejo/workflows/plex_update.yml index a9ed6337..748c232b 100644 --- a/.forgejo/workflows/plex_update.yml +++ b/.forgejo/workflows/plex_update.yml @@ -11,8 +11,15 @@ jobs: run: | git config user.name "Forgejo Actions Bot" git config user.email "<>" - ./nixos/pkgs/plex-pass/update.sh - git add ./nixos/pkgs/plex-pass/ - git commit -m "Update Plex" - git push origin actions-ci + # Run Update script + ./nixos/pkgs/plex-pass/update.sh + + git add ./nixos/pkgs/plex-pass/ + + # Push if changed + git status ./nixos/pkgs/plex-pass/ | grep -q modified + if [ $? == 0 ]; then + git commit -m "Update Plex" + git push origin main + fi diff --git a/.github/workflows/nixos.yml b/.github/workflows/nixos.yml deleted file mode 100644 index 9ff6ee2a..00000000 --- a/.github/workflows/nixos.yml +++ /dev/null @@ -1,147 +0,0 @@ -name: NixOS - -on: workflow_dispatch - -jobs: - build-aoife: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@main - with: - # this might remove tools that are actually needed, - # if set to "true" but frees about 6 GB - tool-cache: true - # all of these default to true, but feel free to set to - # "false" if necessary for your workflow - android: true - dotnet: true - haskell: true - large-packages: true - swap-storage: true - - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v21 - - name: "Install Cachix ❄️" - uses: cachix/cachix-action@v12 - with: - name: 0x76-infra - authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" - extraPullNames: hyprland - - name: "Build NixOS config ❄️" - run: | - nix run '.#' build -- --on "aoife" - build-iso: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v21 - - - name: "Install Cachix ❄️" - uses: cachix/cachix-action@v12 - with: - name: 0x76-infra - authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" - - - name: "Build NixOS ISO ❄️" - run: | - nix build '.#iso' - build-lxc: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v21 - - - name: "Install Cachix ❄️" - uses: cachix/cachix-action@v12 - with: - name: 0x76-infra - authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" - - - name: "Build NixOS Proxmox LXC ❄️" - run: | - nix build '.#proxmox-lxc' - build-olympus: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@main - with: - # this might remove tools that are actually needed, - # if set to "true" but frees about 6 GB - tool-cache: true - # all of these default to true, but feel free to set to - # "false" if necessary for your workflow - android: true - dotnet: true - haskell: true - large-packages: true - swap-storage: true - - - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v21 - - name: "Install Cachix ❄️" - uses: cachix/cachix-action@v12 - with: - name: 0x76-infra - authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" - extraPullNames: hyprland - - - name: "Build NixOS config ❄️" - run: | - nix run '.#' build -- --on "@olympus" - build-hades: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@main - with: - # this might remove tools that are actually needed, - # if set to "true" but frees about 6 GB - tool-cache: true - # all of these default to true, but feel free to set to - # "false" if necessary for your workflow - android: true - dotnet: true - haskell: true - large-packages: true - swap-storage: true - - - name: "Install Nix ❄️" - uses: cachix/install-nix-action@v21 - - - name: "Install Cachix ❄️" - uses: cachix/cachix-action@v12 - with: - name: 0x76-infra - authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" - - - name: "Build NixOS config ❄️" - run: | - nix run '.#' build -- --on "@hades" - # disabled because of OOM errors - # check: - # runs-on: ubuntu-latest - # steps: - # - uses: actions/checkout@v3 - - # - name: "Install Nix ❄️" - # uses: cachix/install-nix-action@v18 - - # - name: "Install Cachix ❄️" - # uses: cachix/cachix-action@v11 - # with: - # name: 0x76-infra - # authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" - - # - name: "Check NixOS Flake ❄️" - # run: | - # nix flake check -- 2.47.1 From 083816c7ae1412e6b4c7f28fe961dceac49709b7 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 26 May 2023 22:27:10 +0200 Subject: [PATCH 1620/1882] fixed error cond --- .forgejo/workflows/plex_update.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.forgejo/workflows/plex_update.yml b/.forgejo/workflows/plex_update.yml index 748c232b..acd34ed4 100644 --- a/.forgejo/workflows/plex_update.yml +++ b/.forgejo/workflows/plex_update.yml @@ -23,3 +23,5 @@ jobs: git commit -m "Update Plex" git push origin main fi + + true -- 2.47.1 From 6719d137d71e2c830564fb48c1c9953939464098 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 26 May 2023 22:29:31 +0200 Subject: [PATCH 1621/1882] fixed error cond 2 --- .forgejo/workflows/plex_update.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.forgejo/workflows/plex_update.yml b/.forgejo/workflows/plex_update.yml index acd34ed4..7bf027c5 100644 --- a/.forgejo/workflows/plex_update.yml +++ b/.forgejo/workflows/plex_update.yml @@ -18,10 +18,9 @@ jobs: git add ./nixos/pkgs/plex-pass/ # Push if changed - git status ./nixos/pkgs/plex-pass/ | grep -q modified - if [ $? == 0 ]; then + + if git status ./nixos/pkgs/plex-pass/ | grep -q modified; then git commit -m "Update Plex" git push origin main fi - true -- 2.47.1 From 45bd9c1f550965e72eece74789cd79288a71e739 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 26 May 2023 22:30:05 +0200 Subject: [PATCH 1622/1882] test final (?) --- nixos/pkgs/plex-pass/sources.json | 14 -------------- 1 file changed, 14 deletions(-) delete mode 100644 nixos/pkgs/plex-pass/sources.json diff --git a/nixos/pkgs/plex-pass/sources.json b/nixos/pkgs/plex-pass/sources.json deleted file mode 100644 index e7fbf527..00000000 --- a/nixos/pkgs/plex-pass/sources.json +++ /dev/null @@ -1,14 +0,0 @@ -[ - { - "version": "1.32.3.7089", - "platform": "aarch64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.3.7089-b0a36929b/debian/plexmediaserver_1.32.3.7089-b0a36929b_arm64.deb", - "hash": "1sc6h04l0lxw3jzz01gn7i6wikqqds7nqh35rqvwhffjgdvmcjhq" - }, - { - "version": "1.32.3.7089", - "platform": "x86_64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.3.7089-b0a36929b/debian/plexmediaserver_1.32.3.7089-b0a36929b_amd64.deb", - "hash": "074qvjl49rfn6s3naa5s71i5kd0an64laijz13cpsh55yy6zwgb3" - } -] -- 2.47.1 From e26cc9a65c15eedc968166210f974d2ea3fd68de Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 26 May 2023 22:30:44 +0200 Subject: [PATCH 1623/1882] debug --- .forgejo/workflows/plex_update.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.forgejo/workflows/plex_update.yml b/.forgejo/workflows/plex_update.yml index 7bf027c5..df7c807f 100644 --- a/.forgejo/workflows/plex_update.yml +++ b/.forgejo/workflows/plex_update.yml @@ -17,8 +17,11 @@ jobs: git add ./nixos/pkgs/plex-pass/ - # Push if changed + git status + git diff + + # Push if changed if git status ./nixos/pkgs/plex-pass/ | grep -q modified; then git commit -m "Update Plex" git push origin main -- 2.47.1 From 3e85c1a14d4b320a98c2364bf9f924d4da54ec1f Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 26 May 2023 22:32:12 +0200 Subject: [PATCH 1624/1882] fix grep --- .forgejo/workflows/plex_update.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.forgejo/workflows/plex_update.yml b/.forgejo/workflows/plex_update.yml index df7c807f..89644c57 100644 --- a/.forgejo/workflows/plex_update.yml +++ b/.forgejo/workflows/plex_update.yml @@ -17,12 +17,8 @@ jobs: git add ./nixos/pkgs/plex-pass/ - git status - - git diff - # Push if changed - if git status ./nixos/pkgs/plex-pass/ | grep -q modified; then + if git status ./nixos/pkgs/plex-pass/ | grep -q "to be committed"; then git commit -m "Update Plex" git push origin main fi -- 2.47.1 From 6478869f2eef16d754ab0ba0ecc000d63108ee63 Mon Sep 17 00:00:00 2001 From: Forgejo Actions Bot <> Date: Fri, 26 May 2023 22:32:25 +0200 Subject: [PATCH 1625/1882] Update Plex --- nixos/pkgs/plex-pass/sources.json | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 nixos/pkgs/plex-pass/sources.json diff --git a/nixos/pkgs/plex-pass/sources.json b/nixos/pkgs/plex-pass/sources.json new file mode 100644 index 00000000..e7fbf527 --- /dev/null +++ b/nixos/pkgs/plex-pass/sources.json @@ -0,0 +1,14 @@ +[ + { + "version": "1.32.3.7089", + "platform": "aarch64-linux", + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.3.7089-b0a36929b/debian/plexmediaserver_1.32.3.7089-b0a36929b_arm64.deb", + "hash": "1sc6h04l0lxw3jzz01gn7i6wikqqds7nqh35rqvwhffjgdvmcjhq" + }, + { + "version": "1.32.3.7089", + "platform": "x86_64-linux", + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.3.7089-b0a36929b/debian/plexmediaserver_1.32.3.7089-b0a36929b_amd64.deb", + "hash": "074qvjl49rfn6s3naa5s71i5kd0an64laijz13cpsh55yy6zwgb3" + } +] -- 2.47.1 From 1c77a471e546522c814ceef61742f811d671d1a2 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 26 May 2023 22:35:14 +0200 Subject: [PATCH 1626/1882] make update a cron job --- .forgejo/workflows/plex_update.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.forgejo/workflows/plex_update.yml b/.forgejo/workflows/plex_update.yml index 89644c57..2da5b559 100644 --- a/.forgejo/workflows/plex_update.yml +++ b/.forgejo/workflows/plex_update.yml @@ -1,7 +1,11 @@ name: Plex Update -on: [push] + +on: + schedule: + - cron: '0 0 * * *' + jobs: - native-test: + update: runs-on: native steps: - uses: actions/checkout@v3 @@ -22,4 +26,3 @@ jobs: git commit -m "Update Plex" git push origin main fi - -- 2.47.1 From 375b6eabb64abedab3c38a654f0c61f7f78731c9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 26 May 2023 22:02:45 +0000 Subject: [PATCH 1627/1882] Update Helm release external-secrets to v0.8.3 --- flux/olympus/core/external-secrets/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/core/external-secrets/helm-release.yaml b/flux/olympus/core/external-secrets/helm-release.yaml index e5abc381..ca2393df 100644 --- a/flux/olympus/core/external-secrets/helm-release.yaml +++ b/flux/olympus/core/external-secrets/helm-release.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: external-secrets - version: 0.8.2 + version: 0.8.3 interval: 30m sourceRef: kind: HelmRepository -- 2.47.1 From d05aa1c5d80e41e38ad0f4f486d03ac7b3a38b16 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 27 May 2023 10:43:58 +0200 Subject: [PATCH 1628/1882] use forgejo actions lint job --- .forgejo/workflows/lint.yml | 12 ++++++++++ .woodpecker.yml | 23 ------------------- .../olympus/woodpecker/configuration.nix | 3 +++ 3 files changed, 15 insertions(+), 23 deletions(-) create mode 100644 .forgejo/workflows/lint.yml delete mode 100644 .woodpecker.yml diff --git a/.forgejo/workflows/lint.yml b/.forgejo/workflows/lint.yml new file mode 100644 index 00000000..49f43edc --- /dev/null +++ b/.forgejo/workflows/lint.yml @@ -0,0 +1,12 @@ +name: Lint + +on: [push] + +jobs: + lint: + runs-on: native + steps: + - uses: actions/checkout@v3 + - run: statix check . + - run: deadnix -f + - run: yamllint . diff --git a/.woodpecker.yml b/.woodpecker.yml deleted file mode 100644 index b6e586df..00000000 --- a/.woodpecker.yml +++ /dev/null @@ -1,23 +0,0 @@ -pipeline: - check: - image: nixos/nix:2.15.1 - commands: - - echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf - - echo "store = unix:///mnt/nix/var/nix/daemon-socket/socket?root=/mnt" >> /etc/nix/nix.conf - - nix run 'nixpkgs#statix' check . - - nix run 'nixpkgs#deadnix' -- -f - - nix run 'nixpkgs#yamllint' . -<<<<<<< HEAD -======= - volumes: - - /nix:/mnt/nix:ro - update_plex: - image: nixos/nix:2.15.1 - commands: - - echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf - - echo "store = unix:///mnt/nix/var/nix/daemon-socket/socket?root=/mnt" >> /etc/nix/nix.conf - - nix profile install 'nixpkgs#jq' 'nixpkgs#curl' 'nixpkgs#vault' - - ./nixos/pkgs/plex-pass/update.sh ->>>>>>> 9714ee2bd90ec358d58d02f7b492677b1b6a1c6a - volumes: - - /nix:/mnt/nix:ro diff --git a/nixos/hosts/olympus/woodpecker/configuration.nix b/nixos/hosts/olympus/woodpecker/configuration.nix index 9c5d0c29..0062a594 100644 --- a/nixos/hosts/olympus/woodpecker/configuration.nix +++ b/nixos/hosts/olympus/woodpecker/configuration.nix @@ -63,6 +63,9 @@ in { gnused jq nodejs + statix + deadnix + yamllint nixUnstable vault wget -- 2.47.1 From 5f24027a60e21c8e88236e6654377d496970492e Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 27 May 2023 10:45:20 +0200 Subject: [PATCH 1629/1882] format --- nixos/hosts/olympus/woodpecker/configuration.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/nixos/hosts/olympus/woodpecker/configuration.nix b/nixos/hosts/olympus/woodpecker/configuration.nix index 0062a594..e7eede9e 100644 --- a/nixos/hosts/olympus/woodpecker/configuration.nix +++ b/nixos/hosts/olympus/woodpecker/configuration.nix @@ -58,17 +58,17 @@ in { bash coreutils curl + deadnix gawk gitMinimal gnused jq + nixUnstable nodejs statix - deadnix - yamllint - nixUnstable vault wget + yamllint ]; }; }; -- 2.47.1 From 5218715f89c98a2b55999b1ffeabb6bac54f1d82 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 27 May 2023 12:33:30 +0200 Subject: [PATCH 1630/1882] downgrade flake --- flake.lock | 38 +++++++++++++++++++------------------- flake.nix | 3 +-- 2 files changed, 20 insertions(+), 21 deletions(-) diff --git a/flake.lock b/flake.lock index c7601577..e8e326c3 100644 --- a/flake.lock +++ b/flake.lock @@ -88,11 +88,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1684127527, - "narHash": "sha256-tAzgb2jgmRaX9HETry38h2OvBf9YkHEH1fFvIJQV9A0=", + "lastModified": 1685163780, + "narHash": "sha256-tMwseHtEFDpO3WKeZKWqrKRAZI6TiEULidxEbzicuFg=", "owner": "zhaofengli", "repo": "colmena", - "rev": "caf33af7d854c8d9b88a8f3dae7adb1c24c1407b", + "rev": "c61bebae1dc1d57237577080b1ca1e37a3fbcebf", "type": "github" }, "original": { @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1685108129, - "narHash": "sha256-6Jv6LxrLfaueHj095oBUKBk++eW4Ya0qfHwhQVQqyoo=", + "lastModified": 1685171645, + "narHash": "sha256-CpJfOjvsbxQzevKiV8jWK/c+j/eW61HgvCrImeFeCpY=", "owner": "nix-community", "repo": "home-manager", - "rev": "bec196cd9b5f34213c7dc90ef2a524336df70e30", + "rev": "6a1922568337e7cf21175213d3aafd1ac79c9a2e", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1684936879, - "narHash": "sha256-BOSq/QiX7MDs8tUnAt4+nYTJctgYkzVSNL95qlfMYeM=", + "lastModified": 1685043448, + "narHash": "sha256-U3BwyDc2OzBcZ8tD09qXibyivgOtOQFTFCVgFyJ+6MM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "99fe1b870522d6ee3e692c2b6e663d6868a3fde4", + "rev": "9886352ec9ab3945896ee8a4185e961fe29df209", "type": "github" }, "original": { @@ -815,16 +815,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1685125545, - "narHash": "sha256-eOwoViAA1nR1r3uGRmUmOuCkwg6asYx9+gHT18Hdxsk=", + "lastModified": 1684935479, + "narHash": "sha256-6QMMsXMr2nhmOPHdti2j3KRHt+bai2zw+LJfdCl97Mk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "23c6303e9953d9691f74d05d49399508927f5dd1", + "rev": "f91ee3065de91a3531329a674a45ddcb3467a650", "type": "github" }, "original": { "owner": "nixos", - "ref": "master", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -931,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1685036478, - "narHash": "sha256-KE5t2UI1K3hZujuAQTWyzDPJUAZbvJlCYRlj2UoHFvY=", + "lastModified": 1685138650, + "narHash": "sha256-1tNM1vxFCX2S1hi/baivwuMPLZ8tAp/jhQl+KOykDws=", "owner": "pta2002", "repo": "nixvim", - "rev": "51afeda8e592a29b08b98e86b0e4e29d7eb7d5a5", + "rev": "246f811084886285696a96cdfc45f416af633449", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1685121851, - "narHash": "sha256-tPvAxqsM4VkPoO4QyqQxTYecv1ormqhZ+JmsUC/PUEA=", + "lastModified": 1685180753, + "narHash": "sha256-RVht5H8VG6iycc70csZmbjFbt83JDQscMnQzGPxXRvM=", "owner": "nix-community", "repo": "NUR", - "rev": "4a2a958322444e3c3156b3442872f34b38db2ac8", + "rev": "f9709bc9023eec5581bd0d52eef4aca723e72494", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index f1ba3fd4..98f81d55 100644 --- a/flake.nix +++ b/flake.nix @@ -9,8 +9,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "github:nixos/nixpkgs/master"; - # nixpkgs.url = "github:NULLx76/nixpkgs/bazarr-1.2.1"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs_22-11.url = "github:nixos/nixpkgs/nixos-22.11"; -- 2.47.1 From 2e869b81c9d306cdeffa04e9fb9f9100b62a5a93 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 27 May 2023 13:50:41 +0200 Subject: [PATCH 1631/1882] also run plex update on push --- .forgejo/workflows/plex_update.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.forgejo/workflows/plex_update.yml b/.forgejo/workflows/plex_update.yml index 2da5b559..9efd9729 100644 --- a/.forgejo/workflows/plex_update.yml +++ b/.forgejo/workflows/plex_update.yml @@ -1,6 +1,7 @@ name: Plex Update on: + push: schedule: - cron: '0 0 * * *' -- 2.47.1 From a9cea97f03b23b50dc1c15014adc513f69c504f0 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 27 May 2023 14:54:55 +0000 Subject: [PATCH 1632/1882] Update renovate/renovate Docker tag to v35.102.7 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index a4e5fd1b..3fbaf0e1 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.82.0 + image: renovate/renovate:35.102.7 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From e39808842755d602cd2dbd814ee7b8a011b5fd3d Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 28 May 2023 10:33:52 +0200 Subject: [PATCH 1633/1882] only run plex update on main --- .forgejo/workflows/plex_update.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.forgejo/workflows/plex_update.yml b/.forgejo/workflows/plex_update.yml index 9efd9729..7e2b2f5f 100644 --- a/.forgejo/workflows/plex_update.yml +++ b/.forgejo/workflows/plex_update.yml @@ -2,6 +2,9 @@ name: Plex Update on: push: + branches: + - main + - ci schedule: - cron: '0 0 * * *' -- 2.47.1 From ec68da571022d2c084f23ffaafac9b4418392f02 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 28 May 2023 08:41:18 +0000 Subject: [PATCH 1634/1882] Update renovate/renovate Docker tag to v35.102.10 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 3fbaf0e1..bd0c9c18 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.102.7 + image: renovate/renovate:35.102.10 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 561039afae0b65c9f12df6d19bba2187391bdbaa Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 28 May 2023 11:16:27 +0200 Subject: [PATCH 1635/1882] update flake lock --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index e8e326c3..297ba20a 100644 --- a/flake.lock +++ b/flake.lock @@ -502,11 +502,11 @@ ] }, "locked": { - "lastModified": 1685171645, - "narHash": "sha256-CpJfOjvsbxQzevKiV8jWK/c+j/eW61HgvCrImeFeCpY=", + "lastModified": 1685189510, + "narHash": "sha256-Hq5WF7zIixojPgvhgcd6MBvywwycVZ9wpK/8ogOyoaA=", "owner": "nix-community", "repo": "home-manager", - "rev": "6a1922568337e7cf21175213d3aafd1ac79c9a2e", + "rev": "2d963854ae2499193c0c72fd67435fee34d3e4fd", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1684935479, - "narHash": "sha256-6QMMsXMr2nhmOPHdti2j3KRHt+bai2zw+LJfdCl97Mk=", + "lastModified": 1685168767, + "narHash": "sha256-wQgnxz0PdqbyKKpsWl/RU8T8QhJQcHfeC6lh1xRUTfk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f91ee3065de91a3531329a674a45ddcb3467a650", + "rev": "e10802309bf9ae351eb27002c85cfdeb1be3b262", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1685180753, - "narHash": "sha256-RVht5H8VG6iycc70csZmbjFbt83JDQscMnQzGPxXRvM=", + "lastModified": 1685263548, + "narHash": "sha256-qljNXIQePMRWr0yhQP16C/rBPSjzqcF38Y2ad4/KnXQ=", "owner": "nix-community", "repo": "NUR", - "rev": "f9709bc9023eec5581bd0d52eef4aca723e72494", + "rev": "5e934ff2c9502937ebd39cff1aeebe7e60126c45", "type": "github" }, "original": { -- 2.47.1 From e6ec6d548212a8e436bfc75e2098db869e74520f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 28 May 2023 14:01:47 +0000 Subject: [PATCH 1636/1882] Update renovate/renovate Docker tag to v35.103.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index bd0c9c18..8383af78 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.102.10 + image: renovate/renovate:35.103.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 48f074e2fa4130a724e273a5b6fdf4c61587d952 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 29 May 2023 16:24:59 +0200 Subject: [PATCH 1637/1882] flake update --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index 297ba20a..53bbfd45 100644 --- a/flake.lock +++ b/flake.lock @@ -799,11 +799,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1685043448, - "narHash": "sha256-U3BwyDc2OzBcZ8tD09qXibyivgOtOQFTFCVgFyJ+6MM=", + "lastModified": 1685314633, + "narHash": "sha256-8LXBPqTQXl5ofkjpJ18JcbmLJ/lWDoMxtUwiDYv0wro=", "owner": "nixos", "repo": "nixpkgs", - "rev": "9886352ec9ab3945896ee8a4185e961fe29df209", + "rev": "c8a17ce7abc03c50cd072e9e6c9b389c5f61836b", "type": "github" }, "original": { @@ -815,11 +815,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1685168767, - "narHash": "sha256-wQgnxz0PdqbyKKpsWl/RU8T8QhJQcHfeC6lh1xRUTfk=", + "lastModified": 1685290091, + "narHash": "sha256-GGQYNZ7POoqPTtXgPOLUuSiHkOKFRWYpCoWUOSeSRoU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e10802309bf9ae351eb27002c85cfdeb1be3b262", + "rev": "4e37b4e55b60fb7d43d2b62deb51032a489bcbe8", "type": "github" }, "original": { @@ -831,11 +831,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1684754342, - "narHash": "sha256-plGnjnbnPLoZCTdQX21oT7xliQhFtgcWlkuDHgtEb1o=", + "lastModified": 1685168767, + "narHash": "sha256-wQgnxz0PdqbyKKpsWl/RU8T8QhJQcHfeC6lh1xRUTfk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7084250df3d7f9735087d3234407f3c1fc2400e3", + "rev": "e10802309bf9ae351eb27002c85cfdeb1be3b262", "type": "github" }, "original": { @@ -931,11 +931,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1685138650, - "narHash": "sha256-1tNM1vxFCX2S1hi/baivwuMPLZ8tAp/jhQl+KOykDws=", + "lastModified": 1685357461, + "narHash": "sha256-UUOEz2VGMc8giiaDF7lpq7ol7bx71mqepRFu2lBzNF8=", "owner": "pta2002", "repo": "nixvim", - "rev": "246f811084886285696a96cdfc45f416af633449", + "rev": "3f08cff1d0c2a45e5bf0448a074c5bcc152cf2c5", "type": "github" }, "original": { @@ -946,11 +946,11 @@ }, "nur": { "locked": { - "lastModified": 1685263548, - "narHash": "sha256-qljNXIQePMRWr0yhQP16C/rBPSjzqcF38Y2ad4/KnXQ=", + "lastModified": 1685367958, + "narHash": "sha256-7KqC9OKOfQPkwLVh8E+rAOPQ/yEzw82GcUYS4/V9v6g=", "owner": "nix-community", "repo": "NUR", - "rev": "5e934ff2c9502937ebd39cff1aeebe7e60126c45", + "rev": "95e05399f4527fdde06cd151780324fb4f05ac9e", "type": "github" }, "original": { @@ -1015,11 +1015,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1684763926, - "narHash": "sha256-1pSTzogoCmZc7JB3VrFFgFoj5lNXIIWwkVReFVMHDT8=", + "lastModified": 1684842236, + "narHash": "sha256-rYWsIXHvNhVQ15RQlBUv67W3YnM+Pd+DuXGMvCBq2IE=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "df448ffc5d244f52261d05894c5a96af7f3758a1", + "rev": "61e567d6497bc9556f391faebe5e410e6623217f", "type": "github" }, "original": { -- 2.47.1 From 576c5db3330c3dc6f16c53d771954896b0380f7e Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 29 May 2023 18:08:25 +0200 Subject: [PATCH 1638/1882] add split-dns settings --- nixos/hosts/hades/dns/configuration.nix | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/nixos/hosts/hades/dns/configuration.nix b/nixos/hosts/hades/dns/configuration.nix index 22948108..3e7e897d 100644 --- a/nixos/hosts/hades/dns/configuration.nix +++ b/nixos/hosts/hades/dns/configuration.nix @@ -17,4 +17,22 @@ openFirewall = true; mode = "server"; }; + + services.unbound.settings.server = { + local-zone = [ + "xirion.net typetransparent" + "hades.xirion.net typetransparent" + "requests.xirion.net typetransparent" + "ha.xirion.net typetransparent" + "mail.xirion.net typetransparent" + ]; + + local-data = [ + ''"xirion.net A 192.168.0.122"'' + ''"hades.xirion.net A 192.168.0.122"'' + ''"requests.xirion.net A 192.168.0.122"'' + ''"ha.xirion.net A 192.168.0.122"'' + ''"mail.xirion.net A 192.168.0.122"'' + ]; + }; } -- 2.47.1 From 9a4b0d51c0bcd0716123bb2658873546c1ac22e4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 29 May 2023 22:00:26 +0000 Subject: [PATCH 1639/1882] Update renovate/renovate Docker tag to v35.105.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 8383af78..92a71746 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.103.0 + image: renovate/renovate:35.105.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From f29f2e9b20f5f1a7f3ceec7cb919eb0bcdb1e8be Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 30 May 2023 08:41:42 +0200 Subject: [PATCH 1640/1882] aoife: enable secure boot --- README.md | 6 + flake.lock | 264 +++++++++++++++++-- flake.nix | 11 +- nixos/common/desktop/default.nix | 2 +- nixos/hosts/thalassa/aoife/configuration.nix | 10 +- nixos/util.nix | 7 +- 6 files changed, 272 insertions(+), 28 deletions(-) diff --git a/README.md b/README.md index d55c0019..9fd288da 100644 --- a/README.md +++ b/README.md @@ -10,3 +10,9 @@ to deploy the infrastructure, this can be accessed running `nix develop`. [Flux]: https://github.com/fluxcd/flux2 [colmena]: https://colmena.cli.rs/unstable/ + +## Inspired by the following repos +* +* +* +* diff --git a/flake.lock b/flake.lock index 53bbfd45..118d301b 100644 --- a/flake.lock +++ b/flake.lock @@ -123,6 +123,39 @@ } }, "crane": { + "inputs": { + "flake-compat": [ + "lanzaboote", + "flake-compat" + ], + "flake-utils": [ + "lanzaboote", + "flake-utils" + ], + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ], + "rust-overlay": [ + "lanzaboote", + "rust-overlay" + ] + }, + "locked": { + "lastModified": 1683505101, + "narHash": "sha256-VBU64Jfu2V4sUR5+tuQS9erBRAe/QEYUxdVMcJGMZZs=", + "owner": "ipetkov", + "repo": "crane", + "rev": "7b5bd9e5acb2bb0cfba2d65f34d8568a894cdb6c", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "crane_2": { "flake": false, "locked": { "lastModified": 1670284777, @@ -158,9 +191,9 @@ "inputs": { "alejandra": "alejandra", "all-cabal-json": "all-cabal-json", - "crane": "crane", + "crane": "crane_2", "devshell": "devshell", - "flake-parts": "flake-parts", + "flake-parts": "flake-parts_2", "flake-utils-pre-commit": "flake-utils-pre-commit", "ghc-utils": "ghc-utils", "gomod2nix": "gomod2nix", @@ -268,11 +301,11 @@ "flake-compat_3": { "flake": false, "locked": { - "lastModified": 1668681692, - "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", "owner": "edolstra", "repo": "flake-compat", - "rev": "009399224d5e398d03b22badca40a37ac85412a1", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", "type": "github" }, "original": { @@ -284,11 +317,11 @@ "flake-compat_4": { "flake": false, "locked": { - "lastModified": 1673956053, - "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", "owner": "edolstra", "repo": "flake-compat", - "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", "type": "github" }, "original": { @@ -298,6 +331,22 @@ } }, "flake-compat_5": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_6": { "flake": false, "locked": { "lastModified": 1673956053, @@ -313,6 +362,27 @@ } }, "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1683560683, + "narHash": "sha256-XAygPMN5Xnk/W2c1aW0jyEa6lfMDZWlQgiNtmHXytPc=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "006c75898cf814ef9497252b022e91c946ba8e17", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_2": { "inputs": { "nixpkgs-lib": "nixpkgs-lib" }, @@ -379,6 +449,24 @@ } }, "flake-utils_3": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1681202837, + "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { "locked": { "lastModified": 1667395993, "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", @@ -393,7 +481,7 @@ "type": "github" } }, - "flake-utils_4": { + "flake-utils_5": { "locked": { "lastModified": 1678901627, "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", @@ -407,9 +495,9 @@ "type": "indirect" } }, - "flake-utils_5": { + "flake-utils_6": { "inputs": { - "systems": "systems_2" + "systems": "systems_3" }, "locked": { "lastModified": 1681202837, @@ -458,6 +546,28 @@ } }, "gitignore": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "pre-commit-hooks-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1660459072, + "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "gitignore_2": { "inputs": { "nixpkgs": [ "nixvim", @@ -515,6 +625,32 @@ "type": "github" } }, + "lanzaboote": { + "inputs": { + "crane": "crane", + "flake-compat": "flake-compat_3", + "flake-parts": "flake-parts", + "flake-utils": "flake-utils_2", + "nixpkgs": [ + "nixpkgs" + ], + "pre-commit-hooks-nix": "pre-commit-hooks-nix", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1685349926, + "narHash": "sha256-c1rKI1glJWdJIPefp9aiyhAkEZ4Sc6Rh/J5VumEXu1M=", + "owner": "nix-community", + "repo": "lanzaboote", + "rev": "2e62c11babeead4b26efbb7f2cd4488baaa2e897", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "lanzaboote", + "type": "github" + } + }, "lowdown-src": { "flake": false, "locked": { @@ -549,7 +685,7 @@ "mailserver": { "inputs": { "blobs": "blobs", - "flake-compat": "flake-compat_3", + "flake-compat": "flake-compat_4", "nixpkgs": [ "nixpkgs" ], @@ -781,6 +917,22 @@ "type": "github" } }, + "nixpkgs-stable_2": { + "locked": { + "lastModified": 1678872516, + "narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs_2": { "locked": { "lastModified": 1680668850, @@ -926,7 +1078,7 @@ "nixvim": { "inputs": { "beautysh": "beautysh", - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils_3", "nixpkgs": "nixpkgs_4", "pre-commit-hooks": "pre-commit-hooks" }, @@ -1005,14 +1157,14 @@ }, "pre-commit-hooks": { "inputs": { - "flake-compat": "flake-compat_4", - "flake-utils": "flake-utils_3", - "gitignore": "gitignore", + "flake-compat": "flake-compat_5", + "flake-utils": "flake-utils_4", + "gitignore": "gitignore_2", "nixpkgs": [ "nixvim", "nixpkgs" ], - "nixpkgs-stable": "nixpkgs-stable" + "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { "lastModified": 1684842236, @@ -1028,6 +1180,37 @@ "type": "github" } }, + "pre-commit-hooks-nix": { + "inputs": { + "flake-compat": [ + "lanzaboote", + "flake-compat" + ], + "flake-utils": [ + "lanzaboote", + "flake-utils" + ], + "gitignore": "gitignore", + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1682596858, + "narHash": "sha256-Hf9XVpqaGqe/4oDGr30W8HlsWvJXtMsEPHDqHZA6dDg=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "fb58866e20af98779017134319b5663b8215d912", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, "pre-commit-hooks_2": { "inputs": { "flake-utils": [ @@ -1080,6 +1263,7 @@ "colmena": "colmena", "comma": "comma", "home-manager": "home-manager", + "lanzaboote": "lanzaboote", "mailserver": "mailserver", "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", @@ -1127,6 +1311,31 @@ "type": "github" } }, + "rust-overlay": { + "inputs": { + "flake-utils": [ + "lanzaboote", + "flake-utils" + ], + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1684030847, + "narHash": "sha256-z4tOxaN9Cl8C80u6wyZBpPt9A9MbL21fZ3zdB/vG+AU=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "aa1480f16bec7dda3c62b8cdb184c7e823331ba2", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, "stable": { "locked": { "lastModified": 1669735802, @@ -1173,6 +1382,21 @@ "type": "github" } }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "utils": { "locked": { "lastModified": 1678901627, @@ -1220,8 +1444,8 @@ }, "vault-secrets": { "inputs": { - "flake-compat": "flake-compat_5", - "flake-utils": "flake-utils_4", + "flake-compat": "flake-compat_6", + "flake-utils": "flake-utils_5", "nix": "nix", "nixpkgs": "nixpkgs_7" }, @@ -1241,7 +1465,7 @@ }, "vault-unseal": { "inputs": { - "flake-utils": "flake-utils_5", + "flake-utils": "flake-utils_6", "nixpkgs": "nixpkgs_8" }, "locked": { diff --git a/flake.nix b/flake.nix index 98f81d55..40353fd3 100644 --- a/flake.nix +++ b/flake.nix @@ -1,10 +1,6 @@ { description = "0x76's infrastructure"; - # Based on: - # * https://github.com/serokell/pegasus-infra/blob/master/flake.nix - # * https://git.voidcorp.nl/j00lz/nixos-configs/src/branch/main/flake.nix - # For minecraft use: # * https://github.com/Infinidoge/nix-minecraft @@ -38,6 +34,13 @@ nixos-hardware.url = "github:toastal/nixos-hardware/z-series-no-hidpi"; + lanzaboote = { + url = "github:nix-community/lanzaboote"; + + # Optional but recommended to limit the size of your system closure. + inputs.nixpkgs.follows = "nixpkgs"; + }; + vault-unseal.url = "git+https://git.0x76.dev/v/vault-unseal.git"; }; diff --git a/nixos/common/desktop/default.nix b/nixos/common/desktop/default.nix index 9a93dbe1..af704c11 100644 --- a/nixos/common/desktop/default.nix +++ b/nixos/common/desktop/default.nix @@ -38,7 +38,7 @@ services.printing.enable = true; # Global Packages - environment.systemPackages = with pkgs; [ wireguard-tools ]; + environment.systemPackages = with pkgs; [ wireguard-tools sbctl ]; # Enable sound with pipewire. sound.enable = true; diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index 75ceeb5e..566477e6 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ inputs, ... }: { +{ inputs, lib, ... }: { imports = [ ./hardware-configuration.nix inputs.nixos-hardware.nixosModules.lenovo-thinkpad-z @@ -11,8 +11,16 @@ # Bootloader. boot = { + bootspec.enable = true; initrd.kernelModules = [ "amdgpu" ]; resumeDevice = "/dev/nvme0n1p2"; + loader.systemd-boot.enable = lib.mkForce false; + + lanzaboote = { + enable = true; + configurationLimit = 5; + pkiBundle = "/etc/secureboot"; + }; }; home-manager = { diff --git a/nixos/util.nix b/nixos/util.nix index 6f6511a8..05f10f5a 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -1,4 +1,4 @@ -{ nixpkgs, home-manager, mailserver, ... }: +{ nixpkgs, home-manager, mailserver, lanzaboote, ... }: let inherit (builtins) filter attrValues concatMap mapAttrs; inherit (nixpkgs.lib.attrsets) mapAttrsToList; @@ -13,7 +13,10 @@ let ./common/generic-lxc.nix ]; "vm" = [ ./common/generic-vm.nix ]; - "local" = [ ./common/desktop ]; + "local" = [ + lanzaboote.nixosModules.lanzaboote + ./common/desktop + ]; }; in type: import_cases.${type} ++ base_imports; # Helper function to resolve what should be imported depending on the type of config (lxc, vm, bare metal) -- 2.47.1 From 2cad79d4b5de80b2f808c5a8d6273edbf07be210 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 30 May 2023 09:58:17 +0200 Subject: [PATCH 1641/1882] various updates --- flake.nix | 29 ++++++++++++++------ nixos/common/common.nix | 8 ++---- nixos/common/desktop/default.nix | 18 ++++++++++-- nixos/common/desktop/home.nix | 2 ++ nixos/common/hm-modules/nvim.nix | 20 +++++++++++++- nixos/common/users/default.nix | 2 ++ nixos/hosts/olympus/eevee/hardware.nix | 5 ++++ nixos/pkgs/dnd-5e-latex-template/default.nix | 7 +++-- nixos/pkgs/gitea-agatheme/default.nix | 6 +++- 9 files changed, 76 insertions(+), 21 deletions(-) diff --git a/flake.nix b/flake.nix index 40353fd3..18ce4d96 100644 --- a/flake.nix +++ b/flake.nix @@ -44,8 +44,16 @@ vault-unseal.url = "git+https://git.0x76.dev/v/vault-unseal.git"; }; - outputs = { self, nixpkgs, nixpkgs_22-11, vault-secrets, colmena - , nixos-generators, nur, ... }@inputs: + outputs = + { self + , nixpkgs + , nixpkgs_22-11 + , vault-secrets + , colmena + , nixos-generators + , nur + , ... + }@inputs: let inherit (nixpkgs) lib; @@ -79,7 +87,8 @@ source /etc/set-environment nix repl --file "${./.}/repl.nix" $@ ''; - in { + in + { # Make the nixosConfigurations for compat reasons (e.g. vault) nixosConfigurations = (import (inputs.colmena + "/src/nix/hive/eval.nix") { @@ -91,12 +100,14 @@ }).nodes; # Make the colmena configuration - colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el) { - meta = { - inherit specialArgs; - nixpkgs = pkgs; - }; - } nixHosts; + colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el) + { + meta = { + inherit specialArgs; + nixpkgs = pkgs; + }; + } + nixHosts; packages.${system} = { inherit apply-local; diff --git a/nixos/common/common.nix b/nixos/common/common.nix index 7a34a8a7..a61ac68f 100644 --- a/nixos/common/common.nix +++ b/nixos/common/common.nix @@ -57,12 +57,8 @@ nixpkgs.config.allowUnfree = true; - nixpkgs.config.permittedInsecurePackages = [ - "nodejs-14.21.3" - "openssl-1.1.1t" - "nodejs-16.20.0" - ]; - + nixpkgs.config.permittedInsecurePackages = + [ "nodejs-14.21.3" "openssl-1.1.1t" "nodejs-16.20.0" ]; # Limit the systemd journal to 100 MB of disk or the # last 7 days of logs, whichever happens first. diff --git a/nixos/common/desktop/default.nix b/nixos/common/desktop/default.nix index af704c11..e9bf1976 100644 --- a/nixos/common/desktop/default.nix +++ b/nixos/common/desktop/default.nix @@ -3,7 +3,7 @@ boot = { kernelPackages = lib.mkDefault pkgs.linuxPackages_latest; loader = { - systemd-boot.enable = true; + systemd-boot.enable = lib.mkDefault true; efi.canTouchEfiVariables = true; efi.efiSysMountPoint = "/boot/efi"; }; @@ -38,7 +38,9 @@ services.printing.enable = true; # Global Packages - environment.systemPackages = with pkgs; [ wireguard-tools sbctl ]; + environment = { + systemPackages = with pkgs; [ wireguard-tools sbctl ]; + }; # Enable sound with pipewire. sound.enable = true; @@ -83,6 +85,18 @@ remotePlay.openFirewall = true; }; + programs.adb.enable = true; + + # Debloat + documentation = { + enable = false; + doc.enable = false; + man.enable = false; + info.enable = false; + nixos.enable = false; + }; + system.disableInstallerTools = true; + # Networking networking.networkmanager.enable = true; networking.firewall.checkReversePath = false; diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index c575b57f..7a649429 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -59,6 +59,8 @@ in { push.autoSetupRemote = true; init.defaultBranch = "main"; }; + + difftastic.enable = true; }; programs.tmux = { diff --git a/nixos/common/hm-modules/nvim.nix b/nixos/common/hm-modules/nvim.nix index b2a96e37..4818d836 100644 --- a/nixos/common/hm-modules/nvim.nix +++ b/nixos/common/hm-modules/nvim.nix @@ -11,11 +11,16 @@ in { globals = { mapleader = " "; }; + options = { number = true; }; + maps.normal = { "ff" = "lua require('telescope.builtin').find_files()"; "fg" = "lua require('telescope.builtin').live_grep()"; + "" = "lua require('Comment.api').toggle.linewise.current()"; # map ctrl+/ to commenting code + + "g=" = "lua vim.lsp.buf.format{async=true}"; }; extraPlugins = with pkgs.vimPlugins; [ catppuccin-nvim luasnip ]; @@ -26,6 +31,19 @@ in { plugins = { bufferline.enable = true; + null-ls = { + enable = true; + sources = { + formatting.nixpkgs_fmt.enable = true; + code_actions.shellcheck.enable = true; + code_actions.statix.enable = true; + diagnostics = { + statix.enable = true; + deadnix.enable = true; + shellcheck.enable = true; + }; + }; + }; nix.enable = true; treesitter = { enable = true; @@ -47,8 +65,8 @@ in { comment-nvim = { enable = true; }; lsp = { enable = true; + servers.nil_ls.enable = true; servers.rust-analyzer.enable = true; - servers.rnix-lsp.enable = true; servers.pyright.enable = true; servers.elixirls.enable = true; servers.clangd.enable = true; diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index 674a6d74..bf0253f6 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -23,6 +23,8 @@ programs.neovim = { enable = true; viAlias = true; + vimAlias = true; + defaultEditor = true; }; # Disable sudo prompt for `wheel` users. diff --git a/nixos/hosts/olympus/eevee/hardware.nix b/nixos/hosts/olympus/eevee/hardware.nix index 561c5709..6efe1de8 100644 --- a/nixos/hosts/olympus/eevee/hardware.nix +++ b/nixos/hosts/olympus/eevee/hardware.nix @@ -22,6 +22,11 @@ driSupport = true; }; + hardware.logitech.wireless = { + enable = true; + enableGraphical = true; + }; + # udev services.udev.packages = with pkgs; [ android-udev-rules diff --git a/nixos/pkgs/dnd-5e-latex-template/default.nix b/nixos/pkgs/dnd-5e-latex-template/default.nix index ef5ffcaa..c295de61 100644 --- a/nixos/pkgs/dnd-5e-latex-template/default.nix +++ b/nixos/pkgs/dnd-5e-latex-template/default.nix @@ -1,4 +1,4 @@ -{ stdenvNoCC, fetchFromGitHub }: +{ lib, stdenvNoCC, fetchFromGitHub }: stdenvNoCC.mkDerivation rec { pname = "dnd-5e-latex-template"; version = "0.8.0"; @@ -23,5 +23,8 @@ stdenvNoCC.mkDerivation rec { runHook postInstall ''; - meta = { description = "DnD 5e latex template"; }; + meta = { + description = "DnD 5e latex template"; + license = lib.licenses.mit; + }; } diff --git a/nixos/pkgs/gitea-agatheme/default.nix b/nixos/pkgs/gitea-agatheme/default.nix index ec5fdf77..0901a05c 100644 --- a/nixos/pkgs/gitea-agatheme/default.nix +++ b/nixos/pkgs/gitea-agatheme/default.nix @@ -1,4 +1,4 @@ -{ stdenvNoCC, fetchurl }: +{ stdenvNoCC, fetchurl, lib }: stdenvNoCC.mkDerivation { pname = "gitea-agatheme"; version = "1.2"; @@ -14,4 +14,8 @@ stdenvNoCC.mkDerivation { installPhase = '' cp $src $out ''; + + meta = with lib; { + description = "Gitea/Forgejo purple theme"; + }; } -- 2.47.1 From 557bc492f4eb99b15342be26119be9b8d4338e02 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 30 May 2023 10:01:49 +0200 Subject: [PATCH 1642/1882] disable docs everywhere --- nixos/common/common.nix | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/nixos/common/common.nix b/nixos/common/common.nix index a61ac68f..0a589b65 100644 --- a/nixos/common/common.nix +++ b/nixos/common/common.nix @@ -75,4 +75,15 @@ PermitRootLogin = lib.mkDefault "no"; }; }; + + # Debloat + documentation = { + enable = false; + doc.enable = false; + man.enable = false; + info.enable = false; + nixos.enable = false; + }; + + system.disableInstallerTools = lib.mkDefault true; } -- 2.47.1 From 80cda8ed2baa3ed4bdca5346af14a9ed3dcb7f05 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Tue, 30 May 2023 12:08:32 +0200 Subject: [PATCH 1643/1882] fix build error --- nixos/common/common.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/nixos/common/common.nix b/nixos/common/common.nix index 0a589b65..8c516434 100644 --- a/nixos/common/common.nix +++ b/nixos/common/common.nix @@ -78,11 +78,11 @@ # Debloat documentation = { - enable = false; - doc.enable = false; - man.enable = false; - info.enable = false; - nixos.enable = false; + enable = lib.mkForce false; + doc.enable = lib.mkForce false; + man.enable = lib.mkForce false; + info.enable = lib.mkForce false; + nixos.enable = lib.mkForce false; }; system.disableInstallerTools = lib.mkDefault true; -- 2.47.1 From 2f82c391e0ec3dcea47894fbdfc4ae5854758fcd Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 30 May 2023 12:09:05 +0200 Subject: [PATCH 1644/1882] simplify hm (also as prep to use it on servers) --- nixos/common/desktop/default.nix | 20 ++++++++------------ nixos/common/desktop/home.nix | 15 ++++++++++++--- nixos/hosts/olympus/eevee/configuration.nix | 3 --- nixos/hosts/olympus/eevee/home/default.nix | 8 -------- nixos/hosts/thalassa/aoife/configuration.nix | 7 +------ nixos/hosts/thalassa/aoife/home/default.nix | 8 -------- 6 files changed, 21 insertions(+), 40 deletions(-) diff --git a/nixos/common/desktop/default.nix b/nixos/common/desktop/default.nix index e9bf1976..a3e56931 100644 --- a/nixos/common/desktop/default.nix +++ b/nixos/common/desktop/default.nix @@ -1,4 +1,4 @@ -{ pkgs, lib, ... }: { +{ pkgs, lib, inputs, ... }: { # Bootloader. boot = { kernelPackages = lib.mkDefault pkgs.linuxPackages_latest; @@ -14,6 +14,13 @@ }; }; + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + users.victor = import ./home.nix; + extraSpecialArgs = { inherit inputs; }; + }; + # Enable my config for the gnome desktop environment services.v.gnome.enable = true; @@ -86,17 +93,6 @@ }; programs.adb.enable = true; - - # Debloat - documentation = { - enable = false; - doc.enable = false; - man.enable = false; - info.enable = false; - nixos.enable = false; - }; - system.disableInstallerTools = true; - # Networking networking.networkmanager.enable = true; networking.firewall.checkReversePath = false; diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index 7a649429..6ec552f1 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -6,7 +6,14 @@ let }; my-python-packages = ps: with ps; [ pandas requests numpy ]; in { + programs.home-manager.enable = true; + + home.username = "victor"; + home.homeDirectory = "/home/victor"; + home.stateVersion = "23.05"; + home.packages = with pkgs; [ + (python3.withPackages my-python-packages) btop calibre celluloid @@ -16,13 +23,11 @@ in { gimp inputs.comma.packages.${pkgs.system}.default inputs.webcord.packages.${pkgs.system}.default - # jetbrains.clion kdenlive mullvad-vpn neofetch nixfmt nixpkgs-review - (python3.withPackages my-python-packages) plex-media-player rustup solo2-cli @@ -54,7 +59,6 @@ in { userName = "Victor"; userEmail = "victor@xirion.net"; lfs.enable = true; - # delta.enable = true; extraConfig = { push.autoSetupRemote = true; init.defaultBranch = "main"; @@ -72,6 +76,11 @@ in { programs.firefox.enable = true; + programs.chromium = { + enable = true; + package = pkgs.ungoogled-chromium; + }; + programs.direnv = { enable = true; nix-direnv.enable = true; diff --git a/nixos/hosts/olympus/eevee/configuration.nix b/nixos/hosts/olympus/eevee/configuration.nix index bf240a9f..70b4cc4a 100644 --- a/nixos/hosts/olympus/eevee/configuration.nix +++ b/nixos/hosts/olympus/eevee/configuration.nix @@ -41,10 +41,7 @@ environment.sessionVariables.NIXOS_OZONE_WL = "1"; home-manager = { - useGlobalPkgs = true; - useUserPackages = true; users.victor = import ./home; - extraSpecialArgs = { inherit inputs; }; }; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions diff --git a/nixos/hosts/olympus/eevee/home/default.nix b/nixos/hosts/olympus/eevee/home/default.nix index ce2eaae2..2e78a54c 100644 --- a/nixos/hosts/olympus/eevee/home/default.nix +++ b/nixos/hosts/olympus/eevee/home/default.nix @@ -1,12 +1,4 @@ _: { - programs.home-manager.enable = true; - - home.username = "victor"; - home.homeDirectory = "/home/victor"; - home.stateVersion = "23.05"; - - imports = [ ../../../../common/desktop/home.nix ]; - dconf.settings."org/gnome/desktop/peripherals/mouse" = { accel-profile = "flat"; }; diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index 566477e6..928e8c26 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -23,12 +23,7 @@ }; }; - home-manager = { - useGlobalPkgs = true; - useUserPackages = true; - users.victor = import ./home; - extraSpecialArgs = { inherit inputs; }; - }; + home-manager.users.victor = import ./home; # Enable Ozone rendering for Chromium and Electron apps. environment.sessionVariables.NIXOS_OZONE_WL = "1"; diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index cce6c37d..b126d8e3 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -1,12 +1,4 @@ _: { - programs.home-manager.enable = true; - - home.username = "victor"; - home.homeDirectory = "/home/victor"; - home.stateVersion = "23.05"; - - imports = [ ../../../../common/desktop/home.nix ]; - # Custom dconf settings dconf.settings."org/gnome/desktop/input-sources" = { xkb-options = [ "caps:swapescape" ]; -- 2.47.1 From af8d436204227488418cf3357cd5bf236bf1069a Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 30 May 2023 14:36:52 +0200 Subject: [PATCH 1645/1882] fix deadnix --- nixos/hosts/olympus/eevee/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/olympus/eevee/configuration.nix b/nixos/hosts/olympus/eevee/configuration.nix index 70b4cc4a..26a0bfd3 100644 --- a/nixos/hosts/olympus/eevee/configuration.nix +++ b/nixos/hosts/olympus/eevee/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ pkgs, inputs, ... }: { +{ pkgs, ... }: { imports = [ ./hardware-configuration.nix ./hardware.nix ]; # Bootloader. -- 2.47.1 From 841f34cdd16b25a57042615aab12ae253dc7b12c Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 30 May 2023 14:50:49 +0200 Subject: [PATCH 1646/1882] add hm config for all machines --- nixos/common/common.nix | 2 ++ nixos/common/default.nix | 8 ++++++-- nixos/common/desktop/home.nix | 14 -------------- nixos/common/users/victor.nix | 17 +++++++++++++++++ nixos/hosts/olympus/bastion/configuration.nix | 2 -- nixos/hosts/olympus/bastion/home.nix | 5 ----- 6 files changed, 25 insertions(+), 23 deletions(-) diff --git a/nixos/common/common.nix b/nixos/common/common.nix index 8c516434..fa2b2a85 100644 --- a/nixos/common/common.nix +++ b/nixos/common/common.nix @@ -76,6 +76,8 @@ }; }; + + # Debloat documentation = { enable = lib.mkForce false; diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 7d08263b..0144463a 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -6,8 +6,12 @@ nix.nixPath = [ "nixpkgs=${inputs.nixpkgs}" ]; nix.registry.nixpkgs.flake = inputs.nixpkgs; - home-manager.sharedModules = - [ ./hm-modules inputs.nixvim.homeManagerModules.nixvim ]; + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + extraSpecialArgs = { inherit inputs; }; + sharedModules = [ ./hm-modules inputs.nixvim.homeManagerModules.nixvim ]; + }; vault-secrets = let inherit (config.networking) domain hostName; diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index 6ec552f1..efbc7cf1 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -6,12 +6,6 @@ let }; my-python-packages = ps: with ps; [ pandas requests numpy ]; in { - programs.home-manager.enable = true; - - home.username = "victor"; - home.homeDirectory = "/home/victor"; - home.stateVersion = "23.05"; - home.packages = with pkgs; [ (python3.withPackages my-python-packages) btop @@ -38,7 +32,6 @@ in { # Enable my own hm modules themes.v.catppuccin.enable = true; - programs.v.nvim.enable = true; programs.v.vscode.enable = true; programs.riff = { @@ -67,13 +60,6 @@ in { difftastic.enable = true; }; - programs.tmux = { - enable = true; - shortcut = "b"; - terminal = "screen-256color"; - clock24 = true; - }; - programs.firefox.enable = true; programs.chromium = { diff --git a/nixos/common/users/victor.nix b/nixos/common/users/victor.nix index 3718bdcd..51477333 100644 --- a/nixos/common/users/victor.nix +++ b/nixos/common/users/victor.nix @@ -21,4 +21,21 @@ extraGroups = [ "systemd-journal" "wheel" "networkmanager" "libvirtd" "dialout" ]; }; + + home-manager.users.victor = { + programs.home-manager.enable = true; + + home.username = "victor"; + home.homeDirectory = "/home/victor"; + home.stateVersion = "23.05"; + + programs.v.nvim.enable = true; + + programs.tmux = { + enable = true; + shortcut = "b"; + terminal = "screen-256color"; + clock24 = true; + }; + }; } diff --git a/nixos/hosts/olympus/bastion/configuration.nix b/nixos/hosts/olympus/bastion/configuration.nix index 77705739..81273483 100644 --- a/nixos/hosts/olympus/bastion/configuration.nix +++ b/nixos/hosts/olympus/bastion/configuration.nix @@ -69,7 +69,5 @@ in { pinentryFlavor = "curses"; }; - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; home-manager.users.victor = import ./home.nix; } diff --git a/nixos/hosts/olympus/bastion/home.nix b/nixos/hosts/olympus/bastion/home.nix index fad23ec8..a65de8e8 100644 --- a/nixos/hosts/olympus/bastion/home.nix +++ b/nixos/hosts/olympus/bastion/home.nix @@ -1,9 +1,4 @@ _: { - programs.home-manager.enable = true; - home.username = "victor"; - home.homeDirectory = "/home/victor"; - home.stateVersion = "22.05"; - programs.direnv = { enable = true; nix-direnv = { enable = true; }; -- 2.47.1 From 4aa82b8964a8fb5e2e34847e3526ecc8569482b6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 30 May 2023 14:01:56 +0000 Subject: [PATCH 1647/1882] chore(deps): update renovate/renovate docker tag to v35.105.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 92a71746..232b6cfc 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.105.0 + image: renovate/renovate:35.105.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From fd9b354c4d3538409b1119246af919b0fd6727d6 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 30 May 2023 17:14:45 +0200 Subject: [PATCH 1648/1882] fix J00LZ nixos link --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 9fd288da..373e02b7 100644 --- a/README.md +++ b/README.md @@ -14,5 +14,5 @@ to deploy the infrastructure, this can be accessed running `nix develop`. ## Inspired by the following repos * * -* +* * -- 2.47.1 From 294135e4f1e542df4d3f5b91b3e45daac35db26e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 31 May 2023 06:00:25 +0000 Subject: [PATCH 1649/1882] chore(deps): update renovate/renovate docker tag to v35.105.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 232b6cfc..f49f8dd0 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.105.1 + image: renovate/renovate:35.105.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 78dfe88c65c870abe385903381e3840e7902c684 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 31 May 2023 16:45:10 +0200 Subject: [PATCH 1650/1882] fix infinite recursion --- flake.nix | 45 +++--------- nixos/common/common.nix | 91 ------------------------ nixos/common/default.nix | 112 ++++++++++++++++++++++++++---- nixos/templates/iso-graphical.nix | 13 ---- nixos/templates/iso.nix | 12 ---- nixos/templates/proxmox-lxc.nix | 2 +- 6 files changed, 110 insertions(+), 165 deletions(-) delete mode 100644 nixos/common/common.nix delete mode 100644 nixos/templates/iso-graphical.nix delete mode 100644 nixos/templates/iso.nix diff --git a/flake.nix b/flake.nix index 18ce4d96..77712d2d 100644 --- a/flake.nix +++ b/flake.nix @@ -44,16 +44,8 @@ vault-unseal.url = "git+https://git.0x76.dev/v/vault-unseal.git"; }; - outputs = - { self - , nixpkgs - , nixpkgs_22-11 - , vault-secrets - , colmena - , nixos-generators - , nur - , ... - }@inputs: + outputs = { self, nixpkgs, nixpkgs_22-11, vault-secrets, colmena + , nixos-generators, nur, nixvim, ... }@inputs: let inherit (nixpkgs) lib; @@ -87,8 +79,7 @@ source /etc/set-environment nix repl --file "${./.}/repl.nix" $@ ''; - in - { + in { # Make the nixosConfigurations for compat reasons (e.g. vault) nixosConfigurations = (import (inputs.colmena + "/src/nix/hive/eval.nix") { @@ -100,34 +91,20 @@ }).nodes; # Make the colmena configuration - colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el) - { - meta = { - inherit specialArgs; - nixpkgs = pkgs; - }; - } - nixHosts; + colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el) { + meta = { + inherit specialArgs; + nixpkgs = pkgs; + }; + } nixHosts; packages.${system} = { inherit apply-local; default = colmena.packages.${system}.colmena; - iso = nixos-generators.nixosGenerate { - inherit system pkgs; - format = "install-iso"; - modules = [ (import ./nixos/templates/iso.nix) ]; - }; - - iso-graphical = nixos-generators.nixosGenerate { - inherit system pkgs; - format = "install-iso"; - modules = [ (import ./nixos/templates/iso-graphical.nix) ]; - }; - proxmox-lxc = nixos-generators.nixosGenerate { - inherit pkgs; + inherit system pkgs specialArgs; format = "proxmox-lxc"; modules = util.base_imports ++ [ (import ./nixos/templates/proxmox-lxc.nix) ]; @@ -135,7 +112,7 @@ # Broken # proxmox-vm = nixos-generators.nixosGenerate { - # inherit system pkgs; + # inherit system pkgs specialArgs; # format = "proxmox"; # modules = util.base_imports # ++ [ (import ./nixos/templates/proxmox-vm.nix) ]; diff --git a/nixos/common/common.nix b/nixos/common/common.nix deleted file mode 100644 index fa2b2a85..00000000 --- a/nixos/common/common.nix +++ /dev/null @@ -1,91 +0,0 @@ -{ config, lib, pkgs, ... }: { - imports = [ ./users ./modules ]; - - # Clean /tmp on boot. - boot.tmp.cleanOnBoot = true; - - # Set your time zone. - time.timeZone = lib.mkDefault "Europe/Amsterdam"; - - # Systemd OOMd - # Fedora enables these options by default. See the 10-oomd-* files here: - # https://src.fedoraproject.org/rpms/systemd/tree/acb90c49c42276b06375a66c73673ac3510255 - systemd.oomd = { - enableRootSlice = true; - enableUserServices = true; - }; - - # Nix Settings - nix = { - package = pkgs.nixUnstable; - settings = { - auto-optimise-store = true; - trusted-users = [ "root" "victor" ]; - substituters = [ - "https://cachix.cachix.org" - "https://nix-community.cachix.org" - "https://nixpkgs-review-bot.cachix.org" - "https://colmena.cachix.org" - "https://cache.garnix.io" - "https://0x76-infra.cachix.org" - "https://webcord.cachix.org" - ]; - trusted-public-keys = [ - "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=" - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - "nixpkgs-review-bot.cachix.org-1:eppgiDjPk7Hkzzz7XlUesk3rcEHqNDozGOrcLc8IqwE=" - "colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg=" - "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" - "0x76-infra.cachix.org-1:dC1qp+VEN3jj5pdK4URlXR9hf3atT+MnpKGu6PZjMc8=" - "webcord.cachix.org-1:l555jqOZGHd2C9+vS8ccdh8FhqnGe8L78QrHNn+EFEs=" - ]; - }; - optimise = { - automatic = true; - dates = [ "weekly" ]; - }; - gc = { - automatic = true; - dates = "weekly"; - randomizedDelaySec = "3h"; - options = "--delete-older-than 7d"; - }; - extraOptions = '' - experimental-features = nix-command flakes - ''; - }; - - nixpkgs.config.allowUnfree = true; - - nixpkgs.config.permittedInsecurePackages = - [ "nodejs-14.21.3" "openssl-1.1.1t" "nodejs-16.20.0" ]; - - # Limit the systemd journal to 100 MB of disk or the - # last 7 days of logs, whichever happens first. - services.journald.extraConfig = '' - SystemMaxUse=100M - MaxFileSec=7day - ''; - - # Enable SSH - services.openssh = { - enable = true; - settings = { - PasswordAuthentication = lib.mkDefault false; - PermitRootLogin = lib.mkDefault "no"; - }; - }; - - - - # Debloat - documentation = { - enable = lib.mkForce false; - doc.enable = lib.mkForce false; - man.enable = lib.mkForce false; - info.enable = lib.mkForce false; - nixos.enable = lib.mkForce false; - }; - - system.disableInstallerTools = lib.mkDefault true; -} diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 0144463a..f07a0f80 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -1,17 +1,6 @@ -{ inputs, lib, config, ... }: { - # This file deals with everything requiring `inputs`, the rest being delagated to `common.nix` - # this is because we can't import inputs from all contexts as that can lead to infinite recursion. - imports = [ ./common.nix inputs.vault-secrets.nixosModules.vault-secrets ]; - - nix.nixPath = [ "nixpkgs=${inputs.nixpkgs}" ]; - nix.registry.nixpkgs.flake = inputs.nixpkgs; - - home-manager = { - useGlobalPkgs = true; - useUserPackages = true; - extraSpecialArgs = { inherit inputs; }; - sharedModules = [ ./hm-modules inputs.nixvim.homeManagerModules.nixvim ]; - }; +{ lib, pkgs, inputs, config, ... }: { + imports = + [ ./users ./modules inputs.vault-secrets.nixosModules.vault-secrets ]; vault-secrets = let inherit (config.networking) domain hostName; @@ -21,4 +10,99 @@ vaultAddress = "http://${server}.${domain}:8200/"; approlePrefix = "${domain}-${hostName}"; }; + + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + extraSpecialArgs = { inherit inputs; }; + sharedModules = [ ./hm-modules inputs.nixvim.homeManagerModules.nixvim ]; + }; + + # Clean /tmp on boot. + boot.tmp.cleanOnBoot = true; + + # Set your time zone. + time.timeZone = lib.mkDefault "Europe/Amsterdam"; + + # Systemd OOMd + # Fedora enables these options by default. See the 10-oomd-* files here: + # https://src.fedoraproject.org/rpms/systemd/tree/acb90c49c42276b06375a66c73673ac3510255 + systemd.oomd = { + enableRootSlice = true; + enableUserServices = true; + }; + + # Nix Settings + nix = { + registry.nixpkgs.flake = inputs.nixpkgs; + nixPath = [ "nixpkgs=${inputs.nixpkgs}" ]; + package = pkgs.nixUnstable; + settings = { + auto-optimise-store = true; + trusted-users = [ "root" "victor" ]; + substituters = [ + "https://cachix.cachix.org" + "https://nix-community.cachix.org" + "https://nixpkgs-review-bot.cachix.org" + "https://colmena.cachix.org" + "https://cache.garnix.io" + "https://0x76-infra.cachix.org" + "https://webcord.cachix.org" + ]; + trusted-public-keys = [ + "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + "nixpkgs-review-bot.cachix.org-1:eppgiDjPk7Hkzzz7XlUesk3rcEHqNDozGOrcLc8IqwE=" + "colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg=" + "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" + "0x76-infra.cachix.org-1:dC1qp+VEN3jj5pdK4URlXR9hf3atT+MnpKGu6PZjMc8=" + "webcord.cachix.org-1:l555jqOZGHd2C9+vS8ccdh8FhqnGe8L78QrHNn+EFEs=" + ]; + }; + optimise = { + automatic = true; + dates = [ "weekly" ]; + }; + gc = { + automatic = true; + dates = "weekly"; + randomizedDelaySec = "3h"; + options = "--delete-older-than 7d"; + }; + extraOptions = '' + experimental-features = nix-command flakes + ''; + }; + + nixpkgs.config.allowUnfree = true; + + nixpkgs.config.permittedInsecurePackages = + [ "nodejs-14.21.3" "openssl-1.1.1t" "nodejs-16.20.0" ]; + + # Limit the systemd journal to 100 MB of disk or the + # last 7 days of logs, whichever happens first. + services.journald.extraConfig = '' + SystemMaxUse=100M + MaxFileSec=7day + ''; + + # Enable SSH + services.openssh = { + enable = true; + settings = { + PasswordAuthentication = lib.mkDefault false; + PermitRootLogin = lib.mkDefault "no"; + }; + }; + + # Debloat + documentation = { + enable = lib.mkForce false; + doc.enable = lib.mkForce false; + man.enable = lib.mkForce false; + info.enable = lib.mkForce false; + nixos.enable = lib.mkForce false; + }; + + system.disableInstallerTools = lib.mkDefault true; } diff --git a/nixos/templates/iso-graphical.nix b/nixos/templates/iso-graphical.nix deleted file mode 100644 index 4d927270..00000000 --- a/nixos/templates/iso-graphical.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ pkgs, modulesPath, lib, ... }: { - imports = [ - "${modulesPath}/installer/cd-dvd/installation-cd-graphical-calamares-gnome.nix" - ]; - - # use the latest Linux kernel - boot.kernelPackages = pkgs.linuxPackages_latest; - - environment.systemPackages = with pkgs; [ git ]; - - # Needed for https://github.com/NixOS/nixpkgs/issues/58959 - boot.supportedFilesystems = lib.mkForce [ "btrfs" "ext4" ]; -} diff --git a/nixos/templates/iso.nix b/nixos/templates/iso.nix deleted file mode 100644 index 48d7dc93..00000000 --- a/nixos/templates/iso.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ pkgs, modulesPath, lib, ... }: { - imports = [ "${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix" ]; - - # use the latest Linux kernel - boot.kernelPackages = pkgs.linuxPackages_latest; - - environment.systemPackages = with pkgs; [ git ]; - - # Needed for https://github.com/NixOS/nixpkgs/issues/58959 - boot.supportedFilesystems = - lib.mkForce [ "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "ntfs" "cifs" ]; -} diff --git a/nixos/templates/proxmox-lxc.nix b/nixos/templates/proxmox-lxc.nix index 2d1502bd..74079ddf 100644 --- a/nixos/templates/proxmox-lxc.nix +++ b/nixos/templates/proxmox-lxc.nix @@ -1,5 +1,5 @@ { lib, ... }: { - imports = [ ../common/common.nix ../common/generic-lxc.nix ]; + imports = [ ../common ../common/generic-lxc.nix ]; proxmoxLXC = { manageNetwork = true; -- 2.47.1 From 85dafd6786941bbefcb7c7314b307eb7b45c2839 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 31 May 2023 17:24:17 +0200 Subject: [PATCH 1651/1882] fix deadnix --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 77712d2d..4c581b0c 100644 --- a/flake.nix +++ b/flake.nix @@ -45,7 +45,7 @@ }; outputs = { self, nixpkgs, nixpkgs_22-11, vault-secrets, colmena - , nixos-generators, nur, nixvim, ... }@inputs: + , nixos-generators, nur, ... }@inputs: let inherit (nixpkgs) lib; -- 2.47.1 From 78f8e9b2f1f1eff00fd15853407c1dad63cecc96 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 31 May 2023 17:26:17 +0200 Subject: [PATCH 1652/1882] disable docker registries --- nixos/hosts/hades/default.nix | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 7670659a..6945a4ef 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -136,19 +136,19 @@ mac = "12:fa:24:02:65:e6"; nix = false; }; - "docker-registry-proxy" = { - ip = "192.168.0.128"; - mac = "0e:11:65:62:66:9f"; - }; + # "docker-registry-proxy" = { + # ip = "192.168.0.128"; + # mac = "0e:11:65:62:66:9f"; + # }; "hassio" = { ip = "192.168.0.129"; mac = "e6:80:32:fb:00:75"; nix = false; }; - "docker-registry" = { - ip = "192.168.0.130"; - mac = "5e:0e:a6:cf:64:70"; - }; + # "docker-registry" = { + # ip = "192.168.0.130"; + # mac = "5e:0e:a6:cf:64:70"; + # }; "minecraft" = { ip = "192.168.0.131"; mac = "00:0c:29:9b:e1:c4"; -- 2.47.1 From 8d9c36d0e579d22899ca4712b24716eede28b227 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 1 Jun 2023 09:14:53 +0200 Subject: [PATCH 1653/1882] changes --- flake.nix | 20 ------------------- nixos/common/desktop/default.nix | 2 ++ nixos/common/desktop/home.nix | 2 ++ nixos/hosts/olympus/eevee/hardware.nix | 1 - .../olympus/mailserver/configuration.nix | 2 +- nixos/hosts/thalassa/null/configuration.nix | 1 - nixos/templates/iso-graphical.nix | 13 ------------ nixos/templates/iso.nix | 12 ----------- nixos/templates/proxmox-vm.nix | 2 +- 9 files changed, 6 insertions(+), 49 deletions(-) delete mode 100644 nixos/templates/iso-graphical.nix delete mode 100644 nixos/templates/iso.nix diff --git a/flake.nix b/flake.nix index 98f81d55..9edbb126 100644 --- a/flake.nix +++ b/flake.nix @@ -100,32 +100,12 @@ default = colmena.packages.${system}.colmena; - iso = nixos-generators.nixosGenerate { - inherit system pkgs; - format = "install-iso"; - modules = [ (import ./nixos/templates/iso.nix) ]; - }; - - iso-graphical = nixos-generators.nixosGenerate { - inherit system pkgs; - format = "install-iso"; - modules = [ (import ./nixos/templates/iso-graphical.nix) ]; - }; - proxmox-lxc = nixos-generators.nixosGenerate { inherit pkgs; format = "proxmox-lxc"; modules = util.base_imports ++ [ (import ./nixos/templates/proxmox-lxc.nix) ]; }; - - # Broken - # proxmox-vm = nixos-generators.nixosGenerate { - # inherit system pkgs; - # format = "proxmox"; - # modules = util.base_imports - # ++ [ (import ./nixos/templates/proxmox-vm.nix) ]; - # }; }; # Use by running `nix develop` diff --git a/nixos/common/desktop/default.nix b/nixos/common/desktop/default.nix index 9a93dbe1..49a2d904 100644 --- a/nixos/common/desktop/default.nix +++ b/nixos/common/desktop/default.nix @@ -14,6 +14,8 @@ }; }; + hardware.keyboard.qmk.enable = true; + # Enable my config for the gnome desktop environment services.v.gnome.enable = true; diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index c575b57f..b36249d1 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -10,6 +10,7 @@ in { btop calibre celluloid + chromium element-desktop fusee-launcher gcc @@ -29,6 +30,7 @@ in { tex unzip yt-dlp + qmk ]; # Enable my own hm modules diff --git a/nixos/hosts/olympus/eevee/hardware.nix b/nixos/hosts/olympus/eevee/hardware.nix index 561c5709..14ca7651 100644 --- a/nixos/hosts/olympus/eevee/hardware.nix +++ b/nixos/hosts/olympus/eevee/hardware.nix @@ -26,7 +26,6 @@ services.udev.packages = with pkgs; [ android-udev-rules logitech-udev-rules - qmk-udev-rules wooting-udev-rules ]; diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index 0872c146..edce9cb8 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -28,7 +28,7 @@ in { enable = true; fqdn = "mail.0x76.dev"; domains = [ "0x76.dev" "meowy.tech" ]; - certificateScheme = 3; + certificateScheme = "acme-nginx"; loginAccounts = { # People diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 4b40a89a..03532097 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -237,7 +237,6 @@ in { services.udev.packages = with pkgs; [ android-udev-rules logitech-udev-rules - qmk-udev-rules wooting-udev-rules ]; diff --git a/nixos/templates/iso-graphical.nix b/nixos/templates/iso-graphical.nix deleted file mode 100644 index 4d927270..00000000 --- a/nixos/templates/iso-graphical.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ pkgs, modulesPath, lib, ... }: { - imports = [ - "${modulesPath}/installer/cd-dvd/installation-cd-graphical-calamares-gnome.nix" - ]; - - # use the latest Linux kernel - boot.kernelPackages = pkgs.linuxPackages_latest; - - environment.systemPackages = with pkgs; [ git ]; - - # Needed for https://github.com/NixOS/nixpkgs/issues/58959 - boot.supportedFilesystems = lib.mkForce [ "btrfs" "ext4" ]; -} diff --git a/nixos/templates/iso.nix b/nixos/templates/iso.nix deleted file mode 100644 index 48d7dc93..00000000 --- a/nixos/templates/iso.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ pkgs, modulesPath, lib, ... }: { - imports = [ "${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix" ]; - - # use the latest Linux kernel - boot.kernelPackages = pkgs.linuxPackages_latest; - - environment.systemPackages = with pkgs; [ git ]; - - # Needed for https://github.com/NixOS/nixpkgs/issues/58959 - boot.supportedFilesystems = - lib.mkForce [ "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "ntfs" "cifs" ]; -} diff --git a/nixos/templates/proxmox-vm.nix b/nixos/templates/proxmox-vm.nix index 268bcc78..567090f3 100644 --- a/nixos/templates/proxmox-vm.nix +++ b/nixos/templates/proxmox-vm.nix @@ -2,7 +2,7 @@ imports = [ ../common/common.nix ../common/generic-vm.nix ]; proxmox.qemuConf = { - virtio0 = "local-zsfs:vm-9999-disk-0"; + virtio0 = "local-zfs:vm-9999-disk-0"; cores = 1; memory = 1024; bios = "ovmf"; -- 2.47.1 From 12d04ee639f027db3a51d078e97fba32218d9440 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 1 Jun 2023 11:32:18 +0200 Subject: [PATCH 1654/1882] fix conflict --- nixos/common/desktop/home.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index 858afda3..befc9265 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -11,7 +11,6 @@ in { btop calibre celluloid - chromium element-desktop fusee-launcher gcc -- 2.47.1 From 1e702d8469ad72e2d75af0c717ab012c5896ac0a Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 1 Jun 2023 12:26:55 +0200 Subject: [PATCH 1655/1882] flake update --- flake.lock | 36 +++++++++++++++---------------- nixos/common/modules/gnome/hm.nix | 13 ++++++++++- 2 files changed, 30 insertions(+), 19 deletions(-) diff --git a/flake.lock b/flake.lock index 118d301b..bc027cb6 100644 --- a/flake.lock +++ b/flake.lock @@ -612,11 +612,11 @@ ] }, "locked": { - "lastModified": 1685189510, - "narHash": "sha256-Hq5WF7zIixojPgvhgcd6MBvywwycVZ9wpK/8ogOyoaA=", + "lastModified": 1685573051, + "narHash": "sha256-zrpbdQVJFpNVFK3SlA6mE0le8qnKjUjcuY4OzL+wSHw=", "owner": "nix-community", "repo": "home-manager", - "rev": "2d963854ae2499193c0c72fd67435fee34d3e4fd", + "rev": "3876cc613ac3983078964ffb5a0c01d00028139e", "type": "github" }, "original": { @@ -807,11 +807,11 @@ ] }, "locked": { - "lastModified": 1685000237, - "narHash": "sha256-pm+2xP9g9sh6wapk1ulg7/1DdENkTNDB7Kx+6lwGs/k=", + "lastModified": 1685446848, + "narHash": "sha256-vEU1jynjDXwOJESHeJyABqbY/Y+DoihZq9iDVtYgrMg=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "05bef004794f352ea12475a89f3f55b4102c0728", + "rev": "b6114e214e5b546c4cceccd33ee6b72294a76b60", "type": "github" }, "original": { @@ -951,11 +951,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1685314633, - "narHash": "sha256-8LXBPqTQXl5ofkjpJ18JcbmLJ/lWDoMxtUwiDYv0wro=", + "lastModified": 1685468986, + "narHash": "sha256-YSj3K71KjRZgeL0hS3sYLYHI0g8aIVIf9lcsRMCIW2A=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c8a17ce7abc03c50cd072e9e6c9b389c5f61836b", + "rev": "9af373a61647257d16ae6062cddaa9094d24920c", "type": "github" }, "original": { @@ -967,11 +967,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1685290091, - "narHash": "sha256-GGQYNZ7POoqPTtXgPOLUuSiHkOKFRWYpCoWUOSeSRoU=", + "lastModified": 1685383865, + "narHash": "sha256-3uQytfnotO6QJv3r04ajSXbEFMII0dUtw0uqYlZ4dbk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4e37b4e55b60fb7d43d2b62deb51032a489bcbe8", + "rev": "5e871d8aa6f57cc8e0dc087d1c5013f6e212b4ce", "type": "github" }, "original": { @@ -1083,11 +1083,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1685357461, - "narHash": "sha256-UUOEz2VGMc8giiaDF7lpq7ol7bx71mqepRFu2lBzNF8=", + "lastModified": 1685370907, + "narHash": "sha256-3AHPdXt/w2dyH4qGaflR8eSdZiQ6Lhlj38rDS6ZPgyY=", "owner": "pta2002", "repo": "nixvim", - "rev": "3f08cff1d0c2a45e5bf0448a074c5bcc152cf2c5", + "rev": "cf6a614e8b89eea8f989ef6103debe65984a1fd5", "type": "github" }, "original": { @@ -1098,11 +1098,11 @@ }, "nur": { "locked": { - "lastModified": 1685367958, - "narHash": "sha256-7KqC9OKOfQPkwLVh8E+rAOPQ/yEzw82GcUYS4/V9v6g=", + "lastModified": 1685612768, + "narHash": "sha256-XD1LKFG1N/VpcqQ63lQd6LdPHPAl/XbbLa00p5hfMW4=", "owner": "nix-community", "repo": "NUR", - "rev": "95e05399f4527fdde06cd151780324fb4f05ac9e", + "rev": "23621ea768b76cc7d98a1bd66f4bd90f049d9dda", "type": "github" }, "original": { diff --git a/nixos/common/modules/gnome/hm.nix b/nixos/common/modules/gnome/hm.nix index 87b852cb..d852a9aa 100644 --- a/nixos/common/modules/gnome/hm.nix +++ b/nixos/common/modules/gnome/hm.nix @@ -18,10 +18,21 @@ let in { xdg.mimeApps.enable = true; xdg.mimeApps.defaultApplications = { - "text/html" = "firefox.desktop"; "text/plain" = "org.gnome.TextEditor.desktop"; "application/pdf" = "org.gnome.Evince.desktop"; + # Firefox + "text/html" = "firefox.desktop"; + "x-scheme-handler/http" = "firefox.desktop"; + "x-scheme-handler/https" = "firefox.desktop"; + "x-scheme-handler/chrome" = "firefox.desktop"; + "application/x-extension-htm" = "firefox.desktop"; + "application/x-extension-shtml" = "firefox.desktop"; + "application/xhtml+xml" = "firefox.desktop"; + "application/x-extension-xhtml" = "firefox.desktop"; + "application/x-extension-xht" = "firefox.desktop"; + "application/x-extension-html" = "firefox.desktop"; + # Images "image/bmp" = "org.gnome.eog.desktop"; "image/gif" = "org.gnome.eog.desktop"; -- 2.47.1 From 6fb4627cbdbe173a2a569da2b31d7b37b71242ce Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 1 Jun 2023 16:36:05 +0200 Subject: [PATCH 1656/1882] add garage skeleton --- nixos/hosts/hades/_template/configuration.nix | 2 +- nixos/hosts/hades/default.nix | 5 +- nixos/hosts/hades/garage/configuration.nix | 50 +++++++++++++++++++ nixos/hosts/hades/mastodon/configuration.nix | 14 ++---- .../hosts/olympus/_template/configuration.nix | 2 +- 5 files changed, 59 insertions(+), 14 deletions(-) create mode 100644 nixos/hosts/hades/garage/configuration.nix diff --git a/nixos/hosts/hades/_template/configuration.nix b/nixos/hosts/hades/_template/configuration.nix index 0947f389..b1c2ee42 100644 --- a/nixos/hosts/hades/_template/configuration.nix +++ b/nixos/hosts/hades/_template/configuration.nix @@ -13,7 +13,7 @@ # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "23.05"; # Did you read the comment? + system.stateVersion = "23.11"; # Did you read the comment? # Additional packages environment.systemPackages = with pkgs; [ ]; diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 6945a4ef..875312e9 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -107,7 +107,10 @@ mac = "A2:2C:65:32:54:8A"; profile = "plex"; }; - # ip = "192.168.0.121"; + "garage" = { + ip = "192.168.0.121"; + mac = "3A:19:32:A2:F8:96"; + }; "nginx" = { ip = "192.168.0.122"; mac = "52:8E:72:31:AE:AC"; diff --git a/nixos/hosts/hades/garage/configuration.nix b/nixos/hosts/hades/garage/configuration.nix new file mode 100644 index 00000000..2a7bd6bd --- /dev/null +++ b/nixos/hosts/hades/garage/configuration.nix @@ -0,0 +1,50 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ pkgs, ... }: + +{ + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + networking.firewall.allowedTCPPorts = [ ]; + + # See also: https://github.com/NixOS/nixpkgs/tree/master/nixos/tests/garage + services.garage = { + enable = false; + package = pkgs.garage_0_8; + settings = { + # rpc_bind_addr = "[::]:3901" + # rpc_public_addr = "127.0.0.1:3901" + # rpc_secret = "$(openssl rand -hex 32)" + + # [s3_api] + # s3_region = "garage" + # api_bind_addr = "[::]:3900" + # root_domain = ".s3.garage.localhost" + + # [s3_web] + # bind_addr = "[::]:3902" + # root_domain = ".web.garage.localhost" + # index = "index.html" + + # [k2v_api] + # api_bind_addr = "[::]:3904" + + # [admin] + # api_bind_addr = "0.0.0.0:3903" + # admin_token = "$(openssl rand -base64 32)" + }; + }; +} diff --git a/nixos/hosts/hades/mastodon/configuration.nix b/nixos/hosts/hades/mastodon/configuration.nix index 1c845401..822d6717 100644 --- a/nixos/hosts/hades/mastodon/configuration.nix +++ b/nixos/hosts/hades/mastodon/configuration.nix @@ -7,17 +7,9 @@ in { # Use DHCP with static leases networking.interfaces.eth0.useDHCP = true; - nixpkgs.config.permittedInsecurePackages = [ - "openssl-1.1.1t" - ]; - # Better cache hits environment.noXlibs = lib.mkForce false; - networking.hosts = { - "192.168.0.122" = [ "xirion.net" "o.xirion.net" ]; - }; - services.elasticsearch = { enable = true; cluster_name = "mastodon-es"; @@ -25,7 +17,7 @@ in { }; vault-secrets.secrets.mastodon = { - services = [ "mastodon-init-dirs" "mastodon" "mastodon-media-prune" ]; + services = [ "mastodon-init-dirs" "mastodon" "mastodon-media-autoremove" ]; inherit (cfg) user group; }; @@ -49,12 +41,12 @@ in { mediaAutoRemove = { enable = true; olderThanDays = 30; - startAt = "weekly"; + startAt = "daily"; }; configureNginx = false; - redis = { createLocally = true; }; + redis.createLocally = true; elasticsearch = { host = "127.0.0.1"; diff --git a/nixos/hosts/olympus/_template/configuration.nix b/nixos/hosts/olympus/_template/configuration.nix index 0947f389..b1c2ee42 100644 --- a/nixos/hosts/olympus/_template/configuration.nix +++ b/nixos/hosts/olympus/_template/configuration.nix @@ -13,7 +13,7 @@ # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "23.05"; # Did you read the comment? + system.stateVersion = "23.11"; # Did you read the comment? # Additional packages environment.systemPackages = with pkgs; [ ]; -- 2.47.1 From 2961c9cfe55916dbcc18f8655ce0c3d5a3a57e3b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 1 Jun 2023 22:00:24 +0000 Subject: [PATCH 1657/1882] chore(deps): update renovate/renovate docker tag to v35.105.5 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index f49f8dd0..b7bf6723 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.105.2 + image: renovate/renovate:35.105.5 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 1b65ed4c305946295f891bba4ba2c11fbeef7fd9 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 2 Jun 2023 11:30:48 +0200 Subject: [PATCH 1658/1882] started switch to garage --- nixos/hosts/hades/dns/configuration.nix | 4 ++ nixos/hosts/hades/garage/configuration.nix | 48 +++++++++++--------- nixos/hosts/hades/mastodon/configuration.nix | 10 ++-- nixos/hosts/hades/nginx/configuration.nix | 8 ++-- 4 files changed, 40 insertions(+), 30 deletions(-) diff --git a/nixos/hosts/hades/dns/configuration.nix b/nixos/hosts/hades/dns/configuration.nix index 3e7e897d..84fb9e15 100644 --- a/nixos/hosts/hades/dns/configuration.nix +++ b/nixos/hosts/hades/dns/configuration.nix @@ -21,6 +21,8 @@ services.unbound.settings.server = { local-zone = [ "xirion.net typetransparent" + "o.xirion.net typetransparent" + "fedi-media.xirion.net typetransparent" "hades.xirion.net typetransparent" "requests.xirion.net typetransparent" "ha.xirion.net typetransparent" @@ -30,6 +32,8 @@ local-data = [ ''"xirion.net A 192.168.0.122"'' ''"hades.xirion.net A 192.168.0.122"'' + ''"o.xirion.net A 192.168.0.122"'' + ''"fedi-media.xirion.net A 192.168.0.122"'' ''"requests.xirion.net A 192.168.0.122"'' ''"ha.xirion.net A 192.168.0.122"'' ''"mail.xirion.net A 192.168.0.122"'' diff --git a/nixos/hosts/hades/garage/configuration.nix b/nixos/hosts/hades/garage/configuration.nix index 2a7bd6bd..00047f92 100644 --- a/nixos/hosts/hades/garage/configuration.nix +++ b/nixos/hosts/hades/garage/configuration.nix @@ -2,11 +2,13 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ pkgs, ... }: - -{ +{ pkgs, config, ... }: +let vs = config.vault-secrets.secrets; +in { imports = [ ]; + vault-secrets.secrets.garage = { }; + # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave @@ -18,33 +20,35 @@ # Additional packages environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ ]; + networking.firewall.allowedTCPPorts = [ 3900 3901 3902 ]; + + # Defines rpc_secret + systemd.services.garage.serviceConfig.EnvironmentFile = "${vs.garage}/environment"; # See also: https://github.com/NixOS/nixpkgs/tree/master/nixos/tests/garage services.garage = { - enable = false; + enable = true; package = pkgs.garage_0_8; settings = { - # rpc_bind_addr = "[::]:3901" - # rpc_public_addr = "127.0.0.1:3901" - # rpc_secret = "$(openssl rand -hex 32)" + db_engine = "lmdb"; # Recommended for mastodon + replication_mode = "1"; + compression_level = 0; - # [s3_api] - # s3_region = "garage" - # api_bind_addr = "[::]:3900" - # root_domain = ".s3.garage.localhost" + # For inter-node comms + rpc_bind_addr = "[::]:3901"; + rpc_public_addr = "${config.meta.ipv4}:3901"; - # [s3_web] - # bind_addr = "[::]:3902" - # root_domain = ".web.garage.localhost" - # index = "index.html" + # Standard S3 api endpoint + s3_api = { + s3_region = "hades"; + api_bind_addr = "[::]:3900"; + }; - # [k2v_api] - # api_bind_addr = "[::]:3904" - - # [admin] - # api_bind_addr = "0.0.0.0:3903" - # admin_token = "$(openssl rand -base64 32)" + # Static file serve endpoint + s3_web = { + bind_addr = "[::]:3902"; + root_domain = "g.xirion.net"; + }; }; }; } diff --git a/nixos/hosts/hades/mastodon/configuration.nix b/nixos/hosts/hades/mastodon/configuration.nix index 822d6717..4f37f9a1 100644 --- a/nixos/hosts/hades/mastodon/configuration.nix +++ b/nixos/hosts/hades/mastodon/configuration.nix @@ -24,8 +24,8 @@ in { # Append the init-dirs script to add AWS/Minio secrets systemd.services.mastodon-init-dirs.script = '' cat >> /var/lib/mastodon/.secrets_env < Date: Fri, 2 Jun 2023 13:36:44 +0200 Subject: [PATCH 1659/1882] rename woodpecker to ci --- nixos/hosts/hades/garage/configuration.nix | 1 - .../{woodpecker => ci}/configuration.nix | 32 ------------------- nixos/hosts/olympus/default.nix | 6 +--- 3 files changed, 1 insertion(+), 38 deletions(-) rename nixos/hosts/olympus/{woodpecker => ci}/configuration.nix (67%) diff --git a/nixos/hosts/hades/garage/configuration.nix b/nixos/hosts/hades/garage/configuration.nix index 00047f92..a1e52a1b 100644 --- a/nixos/hosts/hades/garage/configuration.nix +++ b/nixos/hosts/hades/garage/configuration.nix @@ -25,7 +25,6 @@ in { # Defines rpc_secret systemd.services.garage.serviceConfig.EnvironmentFile = "${vs.garage}/environment"; - # See also: https://github.com/NixOS/nixpkgs/tree/master/nixos/tests/garage services.garage = { enable = true; package = pkgs.garage_0_8; diff --git a/nixos/hosts/olympus/woodpecker/configuration.nix b/nixos/hosts/olympus/ci/configuration.nix similarity index 67% rename from nixos/hosts/olympus/woodpecker/configuration.nix rename to nixos/hosts/olympus/ci/configuration.nix index e7eede9e..75fc9575 100644 --- a/nixos/hosts/olympus/woodpecker/configuration.nix +++ b/nixos/hosts/olympus/ci/configuration.nix @@ -22,11 +22,6 @@ in { networking.firewall.allowedTCPPorts = [ port 9000 ]; - vault-secrets.secrets.woodpecker = { - services = [ "woodpecker-server" "woodpecker-agent-docker" ]; - quoteEnvironmentValues = false; # Needed for docker - }; - vault-secrets.secrets.gitea_runner = { services = [ "gitea-runner-nix\x2dnative" ]; }; @@ -72,31 +67,4 @@ in { ]; }; }; - - services.woodpecker-server = { - enable = true; - environment = { - WOODPECKER_OPEN = "true"; - WOODPECKER_HOST = "https://ci.0x76.dev"; - WOODPECKER_GITEA = "true"; - WOODPECKER_GITEA_URL = "https://git.0x76.dev"; - WOODPECKER_ADMIN = "v"; - WOODPECKER_AUTHENTICATE_PUBLIC_REPOS = "true"; - WOODPECKER_SERVER_ADDR = "10.42.42.33:${toString port}"; - }; - environmentFile = "${vs.woodpecker}/environment"; - }; - - services.woodpecker-agents.agents = { - docker = { - enable = true; - environment = { - DOCKER_HOST = "unix:///run/podman/podman.sock"; - WOODPECKER_BACKEND = "docker"; - WOODPECKER_SERVER = "localhost:9000"; - }; - environmentFile = [ "${vs.woodpecker}/environment" ]; - extraGroups = [ "podman" ]; - }; - }; } diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 8bce28ed..07f1f362 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -180,13 +180,9 @@ mac = "7A:17:9E:80:72:01"; exposes.ntfy.domain = "ntfy.0x76.dev"; }; - "woodpecker" = { + "ci" = { ip = "10.42.42.33"; mac = "1E:24:DA:DB:4A:1A"; - exposes.ci = { - domain = "ci.0x76.dev"; - port = 8000; - }; }; "nuc" = { ip = "10.42.42.42"; -- 2.47.1 From 73d67957ec123712bc9060890b864062f7e8ddb5 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 2 Jun 2023 14:03:59 +0200 Subject: [PATCH 1660/1882] expose tautulli --- nixos/hosts/hades/nginx/configuration.nix | 3 +++ nixos/hosts/olympus/ci/configuration.nix | 3 --- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix index 7b9ce1aa..0585596a 100644 --- a/nixos/hosts/hades/nginx/configuration.nix +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -64,6 +64,9 @@ in { virtualHosts."repo.xirion.net" = proxy "http://archlinux"; virtualHosts."thelounge.xirion.net" = proxy "http://thelounge:9000"; + virtualHosts."tautulli.xirion.net" = proxy "http://tautulli.hades:8080"; + virtualHosts."peepeepoopoo.xirion.net" = proxy "http://tautulli.hades:8080"; # Deprecated but Ricardo has it bookmarked already! + virtualHosts."registry.xirion.net" = proxy "http://docker-registry:5000" // { locations."/".extraConfig = '' diff --git a/nixos/hosts/olympus/ci/configuration.nix b/nixos/hosts/olympus/ci/configuration.nix index 75fc9575..d3161897 100644 --- a/nixos/hosts/olympus/ci/configuration.nix +++ b/nixos/hosts/olympus/ci/configuration.nix @@ -4,7 +4,6 @@ { config, pkgs, ... }: let - inherit (config.meta.exposes.ci) port; vs = config.vault-secrets.secrets; in { imports = [ ]; @@ -20,8 +19,6 @@ in { # Additional packages environment.systemPackages = with pkgs; [ ]; - networking.firewall.allowedTCPPorts = [ port 9000 ]; - vault-secrets.secrets.gitea_runner = { services = [ "gitea-runner-nix\x2dnative" ]; }; -- 2.47.1 From 2d3b27faec89a5977280f4af4e19df757cfd9258 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 2 Jun 2023 17:16:36 +0200 Subject: [PATCH 1661/1882] deploy attic --- flake.lock | 491 +++++++++++------- flake.nix | 4 +- nixos/hosts/hades/attic/configuration.nix | 80 +++ nixos/hosts/hades/default.nix | 10 +- .../docker-registry-proxy/configuration.nix | 42 -- .../hades/docker-registry/configuration.nix | 49 -- nixos/hosts/hades/jackett/configuration.nix | 10 - nixos/hosts/hades/nginx/configuration.nix | 1 + nixos/util.nix | 3 +- 9 files changed, 408 insertions(+), 282 deletions(-) create mode 100644 nixos/hosts/hades/attic/configuration.nix delete mode 100644 nixos/hosts/hades/docker-registry-proxy/configuration.nix delete mode 100644 nixos/hosts/hades/docker-registry/configuration.nix delete mode 100644 nixos/hosts/hades/jackett/configuration.nix diff --git a/flake.lock b/flake.lock index bc027cb6..82a4c50a 100644 --- a/flake.lock +++ b/flake.lock @@ -41,6 +41,28 @@ "type": "github" } }, + "attic": { + "inputs": { + "crane": "crane", + "flake-compat": "flake-compat", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs", + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1685309025, + "narHash": "sha256-pZxMM3AMP/ojwhrFD0A2ML4NOgehlBLGHseInnO5evc=", + "owner": "zhaofengli", + "repo": "attic", + "rev": "b1fb790b5f2afaaa1b2f7f18979b8318abe604bb", + "type": "github" + }, + "original": { + "owner": "zhaofengli", + "repo": "attic", + "type": "github" + } + }, "beautysh": { "inputs": { "nixpkgs": [ @@ -82,9 +104,9 @@ }, "colmena": { "inputs": { - "flake-compat": "flake-compat", - "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs", + "flake-compat": "flake-compat_2", + "flake-utils": "flake-utils_2", + "nixpkgs": "nixpkgs_2", "stable": "stable" }, "locked": { @@ -103,9 +125,9 @@ }, "comma": { "inputs": { - "flake-compat": "flake-compat_2", + "flake-compat": "flake-compat_3", "naersk": "naersk", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "utils": "utils" }, "locked": { @@ -123,6 +145,36 @@ } }, "crane": { + "inputs": { + "flake-compat": [ + "attic", + "flake-compat" + ], + "flake-utils": [ + "attic", + "flake-utils" + ], + "nixpkgs": [ + "attic", + "nixpkgs" + ], + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1677892403, + "narHash": "sha256-/Wi0L1spSWLFj+UQxN3j0mPYMoc7ZoAujpUF/juFVII=", + "owner": "ipetkov", + "repo": "crane", + "rev": "105e27adb70a9890986b6d543a67761cbc1964a2", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "crane_2": { "inputs": { "flake-compat": [ "lanzaboote", @@ -155,7 +207,7 @@ "type": "github" } }, - "crane_2": { + "crane_3": { "flake": false, "locked": { "lastModified": 1670284777, @@ -191,7 +243,7 @@ "inputs": { "alejandra": "alejandra", "all-cabal-json": "all-cabal-json", - "crane": "crane_2", + "crane": "crane_3", "devshell": "devshell", "flake-parts": "flake-parts_2", "flake-utils-pre-commit": "flake-utils-pre-commit", @@ -269,11 +321,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1650374568, - "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", "owner": "edolstra", "repo": "flake-compat", - "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", "type": "github" }, "original": { @@ -285,11 +337,11 @@ "flake-compat_2": { "flake": false, "locked": { - "lastModified": 1673956053, - "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", "owner": "edolstra", "repo": "flake-compat", - "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", "type": "github" }, "original": { @@ -315,6 +367,22 @@ } }, "flake-compat_4": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_5": { "flake": false, "locked": { "lastModified": 1668681692, @@ -330,7 +398,7 @@ "type": "github" } }, - "flake-compat_5": { + "flake-compat_6": { "flake": false, "locked": { "lastModified": 1673956053, @@ -346,7 +414,7 @@ "type": "github" } }, - "flake-compat_6": { + "flake-compat_7": { "flake": false, "locked": { "lastModified": 1673956053, @@ -402,11 +470,11 @@ }, "flake-utils": { "locked": { - "lastModified": 1659877975, - "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", "owner": "numtide", "repo": "flake-utils", - "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", "type": "github" }, "original": { @@ -431,6 +499,21 @@ } }, "flake-utils_2": { + "locked": { + "lastModified": 1659877975, + "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { "inputs": { "systems": "systems" }, @@ -448,7 +531,7 @@ "type": "github" } }, - "flake-utils_3": { + "flake-utils_4": { "inputs": { "systems": "systems_2" }, @@ -466,7 +549,7 @@ "type": "github" } }, - "flake-utils_4": { + "flake-utils_5": { "locked": { "lastModified": 1667395993, "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", @@ -481,7 +564,7 @@ "type": "github" } }, - "flake-utils_5": { + "flake-utils_6": { "locked": { "lastModified": 1678901627, "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", @@ -495,7 +578,7 @@ "type": "indirect" } }, - "flake-utils_6": { + "flake-utils_7": { "inputs": { "systems": "systems_3" }, @@ -627,22 +710,22 @@ }, "lanzaboote": { "inputs": { - "crane": "crane", - "flake-compat": "flake-compat_3", + "crane": "crane_2", + "flake-compat": "flake-compat_4", "flake-parts": "flake-parts", - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils_3", "nixpkgs": [ "nixpkgs" ], "pre-commit-hooks-nix": "pre-commit-hooks-nix", - "rust-overlay": "rust-overlay" + "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1685349926, - "narHash": "sha256-c1rKI1glJWdJIPefp9aiyhAkEZ4Sc6Rh/J5VumEXu1M=", + "lastModified": 1685709197, + "narHash": "sha256-ASoXZVoXj6L9PzNDfuDrAxrqaDuH7e1qTzdzkOODu4M=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "2e62c11babeead4b26efbb7f2cd4488baaa2e897", + "rev": "e422970c1bc3351bb7a20cf6e30e78d975280ed3", "type": "github" }, "original": { @@ -685,7 +768,7 @@ "mailserver": { "inputs": { "blobs": "blobs", - "flake-compat": "flake-compat_4", + "flake-compat": "flake-compat_5", "nixpkgs": [ "nixpkgs" ], @@ -752,7 +835,7 @@ "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs_6", + "nixpkgs": "nixpkgs_7", "nixpkgs-regression": "nixpkgs-regression" }, "locked": { @@ -838,16 +921,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1683408522, - "narHash": "sha256-9kcPh6Uxo17a3kK3XCHhcWiV1Yu1kYj22RHiymUhMkU=", + "lastModified": 1685012353, + "narHash": "sha256-U3oOge4cHnav8OLGdRVhL45xoRj4Ppd+It6nPC9nNIU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "897876e4c484f1e8f92009fd11b7d988a121a4e7", + "rev": "aeb75dba965e790de427b73315d5addf91a54955", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } @@ -903,16 +986,16 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1678872516, - "narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=", + "lastModified": 1685004253, + "narHash": "sha256-AbVL1nN/TDicUQ5wXZ8xdLERxz/eJr7+o8lqkIOVuaE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8", + "rev": "3e01645c40b92d29f3ae76344a6d654986a91a91", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-22.11", + "ref": "nixos-23.05", "repo": "nixpkgs", "type": "github" } @@ -933,133 +1016,23 @@ "type": "github" } }, - "nixpkgs_2": { + "nixpkgs-stable_3": { "locked": { - "lastModified": 1680668850, - "narHash": "sha256-mQMg13yRsS0LXVzaeoSPwqgPO6yhkGzGewPgMSqXSv8=", + "lastModified": 1678872516, + "narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4a65e9f64e53fdca6eed31adba836717a11247d2", + "rev": "9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_22-11": { - "locked": { - "lastModified": 1685468986, - "narHash": "sha256-YSj3K71KjRZgeL0hS3sYLYHI0g8aIVIf9lcsRMCIW2A=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "9af373a61647257d16ae6062cddaa9094d24920c", - "type": "github" - }, - "original": { - "owner": "nixos", "ref": "nixos-22.11", "repo": "nixpkgs", "type": "github" } }, - "nixpkgs_3": { - "locked": { - "lastModified": 1685383865, - "narHash": "sha256-3uQytfnotO6QJv3r04ajSXbEFMII0dUtw0uqYlZ4dbk=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "5e871d8aa6f57cc8e0dc087d1c5013f6e212b4ce", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { - "locked": { - "lastModified": 1685168767, - "narHash": "sha256-wQgnxz0PdqbyKKpsWl/RU8T8QhJQcHfeC6lh1xRUTfk=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "e10802309bf9ae351eb27002c85cfdeb1be3b262", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_5": { - "locked": { - "lastModified": 1672580127, - "narHash": "sha256-3lW3xZslREhJogoOkjeZtlBtvFMyxHku7I/9IVehhT8=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "0874168639713f547c05947c76124f78441ea46c", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-22.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_6": { - "locked": { - "lastModified": 1645296114, - "narHash": "sha256-y53N7TyIkXsjMpOG7RhvqJFGDacLs9HlyHeSTBioqYU=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "530a53dcbc9437363471167a5e4762c5fcfa34a1", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-21.05-small", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_7": { - "locked": { - "lastModified": 1674736538, - "narHash": "sha256-/DszFMkAgYyB9dTWKkoZa9i0zcrA6Z4hYrOr/u/FSxY=", - "owner": "serokell", - "repo": "nixpkgs", - "rev": "1dfdbb65d77430fc0935e8592d0abc4addcce711", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "type": "indirect" - } - }, - "nixpkgs_8": { - "locked": { - "lastModified": 1682526928, - "narHash": "sha256-2cKh4O6t1rQ8Ok+v16URynmb0rV7oZPEbXkU0owNLQs=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "d6b863fd9b7bb962e6f9fdf292419a775e772891", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_9": { + "nixpkgs_10": { "locked": { "lastModified": 1670507980, "narHash": "sha256-riNZa0xzM1it3pzxciwALeMs+0CsBMWIW2FqulzK8vM=", @@ -1075,19 +1048,161 @@ "type": "github" } }, + "nixpkgs_2": { + "locked": { + "lastModified": 1683408522, + "narHash": "sha256-9kcPh6Uxo17a3kK3XCHhcWiV1Yu1kYj22RHiymUhMkU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "897876e4c484f1e8f92009fd11b7d988a121a4e7", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_22-11": { + "locked": { + "lastModified": 1685650716, + "narHash": "sha256-sDd7QIcMbIb37nuqMrJElvuyE5eVgWuKGtIPP8IWwCc=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "f7c1500e2eefa58f3c80dd046cba256e10440201", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1680668850, + "narHash": "sha256-mQMg13yRsS0LXVzaeoSPwqgPO6yhkGzGewPgMSqXSv8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "4a65e9f64e53fdca6eed31adba836717a11247d2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1685693126, + "narHash": "sha256-Q+fZjmYsFYOjOB8RFRkOqQj09tJa4pVh8qaZCYmsw1o=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "b49720ccd2ca03ef35e213ebd43bd57c7eb83fa7", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable-small", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1685168767, + "narHash": "sha256-wQgnxz0PdqbyKKpsWl/RU8T8QhJQcHfeC6lh1xRUTfk=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e10802309bf9ae351eb27002c85cfdeb1be3b262", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_6": { + "locked": { + "lastModified": 1672580127, + "narHash": "sha256-3lW3xZslREhJogoOkjeZtlBtvFMyxHku7I/9IVehhT8=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "0874168639713f547c05947c76124f78441ea46c", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-22.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_7": { + "locked": { + "lastModified": 1645296114, + "narHash": "sha256-y53N7TyIkXsjMpOG7RhvqJFGDacLs9HlyHeSTBioqYU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "530a53dcbc9437363471167a5e4762c5fcfa34a1", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-21.05-small", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_8": { + "locked": { + "lastModified": 1674736538, + "narHash": "sha256-/DszFMkAgYyB9dTWKkoZa9i0zcrA6Z4hYrOr/u/FSxY=", + "owner": "serokell", + "repo": "nixpkgs", + "rev": "1dfdbb65d77430fc0935e8592d0abc4addcce711", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs_9": { + "locked": { + "lastModified": 1682526928, + "narHash": "sha256-2cKh4O6t1rQ8Ok+v16URynmb0rV7oZPEbXkU0owNLQs=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "d6b863fd9b7bb962e6f9fdf292419a775e772891", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nixvim": { "inputs": { "beautysh": "beautysh", - "flake-utils": "flake-utils_3", - "nixpkgs": "nixpkgs_4", + "flake-utils": "flake-utils_4", + "nixpkgs": "nixpkgs_5", "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1685370907, - "narHash": "sha256-3AHPdXt/w2dyH4qGaflR8eSdZiQ6Lhlj38rDS6ZPgyY=", + "lastModified": 1685708456, + "narHash": "sha256-3zKQMUJhAK19NIzWyLBn3ggEsMtgamVd7l0+PWtFYEM=", "owner": "pta2002", "repo": "nixvim", - "rev": "cf6a614e8b89eea8f989ef6103debe65984a1fd5", + "rev": "1f285df66498952c9b1315fdc591c0c3e1d3b5f1", "type": "github" }, "original": { @@ -1098,11 +1213,11 @@ }, "nur": { "locked": { - "lastModified": 1685612768, - "narHash": "sha256-XD1LKFG1N/VpcqQ63lQd6LdPHPAl/XbbLa00p5hfMW4=", + "lastModified": 1685699083, + "narHash": "sha256-EqgVvQLjMuXMU0yiSRoCZZnnU8ATWdd8vWzWOBAeT4M=", "owner": "nix-community", "repo": "NUR", - "rev": "23621ea768b76cc7d98a1bd66f4bd90f049d9dda", + "rev": "7dbd5a6621059db78edd523eb1da98252d96b23d", "type": "github" }, "original": { @@ -1157,14 +1272,14 @@ }, "pre-commit-hooks": { "inputs": { - "flake-compat": "flake-compat_5", - "flake-utils": "flake-utils_4", + "flake-compat": "flake-compat_6", + "flake-utils": "flake-utils_5", "gitignore": "gitignore_2", "nixpkgs": [ "nixvim", "nixpkgs" ], - "nixpkgs-stable": "nixpkgs-stable_2" + "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { "lastModified": 1684842236, @@ -1195,7 +1310,7 @@ "lanzaboote", "nixpkgs" ], - "nixpkgs-stable": "nixpkgs-stable" + "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { "lastModified": 1682596858, @@ -1242,7 +1357,7 @@ "inputs": { "fenix": "fenix", "naersk": "naersk_2", - "nixpkgs": "nixpkgs_5" + "nixpkgs": "nixpkgs_6" }, "locked": { "lastModified": 1677774593, @@ -1260,6 +1375,7 @@ }, "root": { "inputs": { + "attic": "attic", "colmena": "colmena", "comma": "comma", "home-manager": "home-manager", @@ -1267,7 +1383,7 @@ "mailserver": "mailserver", "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "nixpkgs_22-11": "nixpkgs_22-11", "nixvim": "nixvim", "nur": "nur", @@ -1312,6 +1428,33 @@ } }, "rust-overlay": { + "inputs": { + "flake-utils": [ + "attic", + "crane", + "flake-utils" + ], + "nixpkgs": [ + "attic", + "crane", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1675391458, + "narHash": "sha256-ukDKZw922BnK5ohL9LhwtaDAdCsJL7L6ScNEyF1lO9w=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "383a4acfd11d778d5c2efcf28376cbd845eeaedf", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rust-overlay_2": { "inputs": { "flake-utils": [ "lanzaboote", @@ -1444,10 +1587,10 @@ }, "vault-secrets": { "inputs": { - "flake-compat": "flake-compat_6", - "flake-utils": "flake-utils_5", + "flake-compat": "flake-compat_7", + "flake-utils": "flake-utils_6", "nix": "nix", - "nixpkgs": "nixpkgs_7" + "nixpkgs": "nixpkgs_8" }, "locked": { "lastModified": 1683797625, @@ -1465,8 +1608,8 @@ }, "vault-unseal": { "inputs": { - "flake-utils": "flake-utils_6", - "nixpkgs": "nixpkgs_8" + "flake-utils": "flake-utils_7", + "nixpkgs": "nixpkgs_9" }, "locked": { "lastModified": 1683013874, @@ -1485,7 +1628,7 @@ "webcord": { "inputs": { "dream2nix": "dream2nix", - "nixpkgs": "nixpkgs_9", + "nixpkgs": "nixpkgs_10", "webcord": "webcord_2" }, "locked": { diff --git a/flake.nix b/flake.nix index 4c581b0c..af4845ae 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; nixpkgs_22-11.url = "github:nixos/nixpkgs/nixos-22.11"; @@ -42,6 +42,8 @@ }; vault-unseal.url = "git+https://git.0x76.dev/v/vault-unseal.git"; + + attic.url = "github:zhaofengli/attic"; }; outputs = { self, nixpkgs, nixpkgs_22-11, vault-secrets, colmena diff --git a/nixos/hosts/hades/attic/configuration.nix b/nixos/hosts/hades/attic/configuration.nix new file mode 100644 index 00000000..c13b4308 --- /dev/null +++ b/nixos/hosts/hades/attic/configuration.nix @@ -0,0 +1,80 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ pkgs, config, ... }: +let vs = config.vault-secrets.secrets; +in { + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.11"; # Did you read the comment? + + # Additional packages + environment.systemPackages = with pkgs; [ ]; + + vault-secrets.secrets.attic = { + services = [ "atticd" ]; + }; + + + services.atticd = { + enable = true; + + credentialsFile = "${vs.attic}/environment"; + + settings = { + listen = "[::]:8080"; + allowed-hosts = [ "attic.xirion.net" ]; + api-endpoint = "https://attic.xirion.net/"; + require-proof-of-possession = false; + + garbage-collection = { + interval = "12 hours"; + default-retention-period = "1 month"; + }; + + compression = { + type = "zstd"; + level = 8; + }; + + storage = { + type = "s3"; + region = "hades"; + bucket = "attic"; + endpoint = "http://garage.hades:3900"; + }; + + # Data chunking + # + # Warning: If you change any of the values here, it will be + # difficult to reuse existing chunks for newly-uploaded NARs + # since the cutpoints will be different. As a result, the + # deduplication ratio will suffer for a while after the change. + chunking = { + # The minimum NAR size to trigger chunking + # + # If 0, chunking is disabled entirely for newly-uploaded NARs. + # If 1, all NARs are chunked. + nar-size-threshold = 64 * 1024; # 64 KiB + + # The preferred minimum size of a chunk, in bytes + min-size = 16 * 1024; # 16 KiB + + # The preferred average size of a chunk, in bytes + avg-size = 64 * 1024; # 64 KiB + + # The preferred maximum size of a chunk, in bytes + max-size = 256 * 1024; # 256 KiB + }; + }; + }; + + networking.firewall.allowedTCPPorts = [ 8080 ]; +} diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 875312e9..24679252 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -139,17 +139,17 @@ mac = "12:fa:24:02:65:e6"; nix = false; }; - # "docker-registry-proxy" = { - # ip = "192.168.0.128"; - # mac = "0e:11:65:62:66:9f"; - # }; + "attic" = { + ip = "192.168.0.128"; + mac = "9E:AF:E9:FE:D4:D9"; + }; "hassio" = { ip = "192.168.0.129"; mac = "e6:80:32:fb:00:75"; nix = false; }; # "docker-registry" = { - # ip = "192.168.0.130"; + # ip = "192.168.0.130"attic, ; # mac = "5e:0e:a6:cf:64:70"; # }; "minecraft" = { diff --git a/nixos/hosts/hades/docker-registry-proxy/configuration.nix b/nixos/hosts/hades/docker-registry-proxy/configuration.nix deleted file mode 100644 index 5bf46699..00000000 --- a/nixos/hosts/hades/docker-registry-proxy/configuration.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ config, ... }: -let vs = config.vault-secrets.secrets; -in { - system.stateVersion = "22.05"; - - networking.interfaces.eth0.useDHCP = true; - - # the registry port and metrics port - networking.firewall.allowedTCPPorts = - [ config.services.dockerRegistry.port 5001 ]; - - vault-secrets.secrets.docker-registry = { }; - - # Sets the minio user and password - systemd.services.docker-registry.serviceConfig.EnvironmentFile = - "${vs.docker-registry}/environment"; - - services.dockerRegistry = { - enable = true; - enableDelete = true; - enableGarbageCollect = true; - listenAddress = "0.0.0.0"; - storagePath = null; # We want to store in s3 - garbageCollectDates = "weekly"; - extraConfig = { - # S3 Storages - storage.s3 = { - regionendpoint = "https://o.xirion.net"; - bucket = "docker-registry-proxy"; - region = "us-east-1"; # Fake but needed - }; - - # The actual proxy - proxy.remoteurl = "https://registry-1.docker.io"; - - # Enable prom under :5001/metrics - http.debug.addr = "0.0.0.0:5001"; - http.debug.prometheus.enabled = true; - }; - }; -} - diff --git a/nixos/hosts/hades/docker-registry/configuration.nix b/nixos/hosts/hades/docker-registry/configuration.nix deleted file mode 100644 index 0dcb94f8..00000000 --- a/nixos/hosts/hades/docker-registry/configuration.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ config, ... }: -let vs = config.vault-secrets.secrets; -in { - system.stateVersion = "22.05"; - - networking.interfaces.eth0.useDHCP = true; - - # the registry port and metrics port - networking.firewall.allowedTCPPorts = - [ config.services.dockerRegistry.port 5001 ]; - - vault-secrets.secrets.docker-registry = { }; - - # Sets the minio user and password - systemd.services.docker-registry.serviceConfig.EnvironmentFile = - "${vs.docker-registry}/environment"; - - services.dockerRegistry = { - enable = true; - enableDelete = true; - enableGarbageCollect = true; - listenAddress = "0.0.0.0"; - storagePath = null; # We want to store in s3 - garbageCollectDates = "weekly"; - - extraConfig = { - # S3 Storages - storage.s3 = { - regionendpoint = "https://o.xirion.net"; - bucket = "docker-registry"; - region = "us-east-1"; # Fake but needed - }; - - # Enable prom under :5001/metrics - http.debug.addr = "0.0.0.0:5001"; - http.debug.prometheus.enabled = true; - - # Webhooks - notifications.endpoints = [{ - name = "keel"; - url = "http://10.10.10.17:9300/v1/webhooks/registry"; - timeout = "500ms"; - treshold = 5; - backoff = "1s"; - }]; - }; - }; -} - diff --git a/nixos/hosts/hades/jackett/configuration.nix b/nixos/hosts/hades/jackett/configuration.nix deleted file mode 100644 index 982919bf..00000000 --- a/nixos/hosts/hades/jackett/configuration.nix +++ /dev/null @@ -1,10 +0,0 @@ -_: { - system.stateVersion = "21.05"; - networking.interfaces.eth0.useDHCP = true; - - services.jackett = { - enable = true; - dataDir = "/var/lib/jackett/"; - openFirewall = true; - }; -} diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix index 0585596a..5b38cac8 100644 --- a/nixos/hosts/hades/nginx/configuration.nix +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -63,6 +63,7 @@ in { virtualHosts."pass.xirion.net" = proxy "http://bitwarden_rs"; virtualHosts."repo.xirion.net" = proxy "http://archlinux"; virtualHosts."thelounge.xirion.net" = proxy "http://thelounge:9000"; + virtualHosts."attic.xirion.net" = proxy "http://attic.hades:8080"; virtualHosts."tautulli.xirion.net" = proxy "http://tautulli.hades:8080"; virtualHosts."peepeepoopoo.xirion.net" = proxy "http://tautulli.hades:8080"; # Deprecated but Ricardo has it bookmarked already! diff --git a/nixos/util.nix b/nixos/util.nix index 05f10f5a..3ed3f20a 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -1,10 +1,11 @@ -{ nixpkgs, home-manager, mailserver, lanzaboote, ... }: +{ nixpkgs, home-manager, mailserver, lanzaboote, attic, ... }: let inherit (builtins) filter attrValues concatMap mapAttrs; inherit (nixpkgs.lib.attrsets) mapAttrsToList; base_imports = [ home-manager.nixosModules.home-manager mailserver.nixosModules.mailserver + attic.nixosModules.atticd ]; type_import = let import_cases = { -- 2.47.1 From 065e09724eb66d69ae50294535f661844addb0e9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 3 Jun 2023 14:00:24 +0000 Subject: [PATCH 1662/1882] chore(deps): update renovate/renovate docker tag to v35.110.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index b7bf6723..e533e881 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.105.5 + image: renovate/renovate:35.110.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 9a14d36d7f86ffccd818520ae177ac39fbbb688b Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 5 Jun 2023 10:20:08 +0200 Subject: [PATCH 1663/1882] updates --- flake.nix | 3 ++- nixos/common/desktop/home.nix | 1 + nixos/hosts/hades/rtorrent/configuration.nix | 20 ++++++++++++++------ 3 files changed, 17 insertions(+), 7 deletions(-) diff --git a/flake.nix b/flake.nix index af4845ae..0b658d39 100644 --- a/flake.nix +++ b/flake.nix @@ -47,7 +47,7 @@ }; outputs = { self, nixpkgs, nixpkgs_22-11, vault-secrets, colmena - , nixos-generators, nur, ... }@inputs: + , nixos-generators, nur, attic, ... }@inputs: let inherit (nixpkgs) lib; @@ -125,6 +125,7 @@ devShells.${system}.default = pkgs.mkShell { VAULT_ADDR = "http://vault.olympus:8200/"; buildInputs = with pkgs; [ + attic.packages.${pkgs.system}.attic apply-local colmena.packages.${system}.colmena cachix diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index befc9265..fcd9e33e 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -15,6 +15,7 @@ in { fusee-launcher gcc gimp + inputs.attic.packages.${pkgs.system}.attic inputs.comma.packages.${pkgs.system}.default inputs.webcord.packages.${pkgs.system}.default kdenlive diff --git a/nixos/hosts/hades/rtorrent/configuration.nix b/nixos/hosts/hades/rtorrent/configuration.nix index 1bc021e4..30cb7afd 100644 --- a/nixos/hosts/hades/rtorrent/configuration.nix +++ b/nixos/hosts/hades/rtorrent/configuration.nix @@ -34,12 +34,20 @@ in { privateKeyFile = "${vs.rtorrent}/wireguardKey"; postUp = "${postUpScript}/bin/post_up || true"; - peers = [{ - publicKey = "DVui+5aifNFRIVDjH3v2y+dQ+uwI+HFZOd21ajbEpBo="; - allowedIPs = [ "0.0.0.0/0" "::/0" ]; - endpoint = "185.65.134.82:51820"; - persistentKeepalive = 25; - }]; + peers = [ + { + publicKey = "33BoONMGCm2vknq2eq72eozRsHmHQY6ZHEEZ4851TkY="; + allowedIPs = [ "0.0.0.0/0" "::/0"]; + endpoint = "193.32.249.70:51820"; + persistentKeepalive = 25; + } + # { + # publicKey = "DVui+5aifNFRIVDjH3v2y+dQ+uwI+HFZOd21ajbEpBo="; + # allowedIPs = [ "0.0.0.0/0" "::/0" ]; + # endpoint = "185.65.134.82:51820"; + # persistentKeepalive = 25; + # } + ]; }; }; } -- 2.47.1 From cc2dec177259e2bd0d8a09bad79b611b4ac912f2 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 6 Jun 2023 09:19:47 +0200 Subject: [PATCH 1664/1882] small updates to fix attic --- nixos/common/hm-modules/nvim.nix | 1 + nixos/hosts/hades/attic/configuration.nix | 19 ++++++++++++++++--- nixos/hosts/hades/nginx/configuration.nix | 1 + 3 files changed, 18 insertions(+), 3 deletions(-) diff --git a/nixos/common/hm-modules/nvim.nix b/nixos/common/hm-modules/nvim.nix index 4818d836..46c5fbf4 100644 --- a/nixos/common/hm-modules/nvim.nix +++ b/nixos/common/hm-modules/nvim.nix @@ -70,6 +70,7 @@ in { servers.pyright.enable = true; servers.elixirls.enable = true; servers.clangd.enable = true; + servers.yamlls.enable = true; }; trouble.enable = true; lspkind.enable = true; diff --git a/nixos/hosts/hades/attic/configuration.nix b/nixos/hosts/hades/attic/configuration.nix index c13b4308..7b088d38 100644 --- a/nixos/hosts/hades/attic/configuration.nix +++ b/nixos/hosts/hades/attic/configuration.nix @@ -18,10 +18,21 @@ in { # Additional packages environment.systemPackages = with pkgs; [ ]; - vault-secrets.secrets.attic = { - services = [ "atticd" ]; - }; + vault-secrets.secrets.attic = { services = [ "atticd" ]; }; + services.postgresql = { + enable = true; + package = pkgs.postgresql_15; + ensureDatabases = [ "atticd" ]; + ensureUsers = [{ + name = "atticd"; + ensurePermissions = { + "DATABASE atticd" = "ALL PRIVILEGES"; + "schema public" = "ALL"; + }; + }]; + + }; services.atticd = { enable = true; @@ -44,6 +55,8 @@ in { level = 8; }; + database.url = "postgresql://atticd?host=/run/postgresql"; + storage = { type = "s3"; region = "hades"; diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix index 5b38cac8..343dd1df 100644 --- a/nixos/hosts/hades/nginx/configuration.nix +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -59,6 +59,7 @@ in { virtualHosts."git.xirion.net" = proxy "http://10.10.10.12"; virtualHosts."mail.xirion.net" = proxy "http://192.168.0.118"; virtualHosts."o.xirion.net" = proxy "http://192.168.0.112:9000"; + virtualHosts."g.xirion.net" = proxy "http://garage.hades:3900"; virtualHosts."requests.xirion.net" = proxy "http://overseerr.hades:5055"; virtualHosts."pass.xirion.net" = proxy "http://bitwarden_rs"; virtualHosts."repo.xirion.net" = proxy "http://archlinux"; -- 2.47.1 From f6138a3fb2218eb358cdaf32b3d06c7609158bb6 Mon Sep 17 00:00:00 2001 From: Forgejo Actions Bot <> Date: Tue, 6 Jun 2023 09:20:27 +0200 Subject: [PATCH 1665/1882] Update Plex --- nixos/pkgs/plex-pass/sources.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/nixos/pkgs/plex-pass/sources.json b/nixos/pkgs/plex-pass/sources.json index e7fbf527..a0c5706e 100644 --- a/nixos/pkgs/plex-pass/sources.json +++ b/nixos/pkgs/plex-pass/sources.json @@ -1,14 +1,14 @@ [ { - "version": "1.32.3.7089", + "version": "1.32.4.7164", "platform": "aarch64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.3.7089-b0a36929b/debian/plexmediaserver_1.32.3.7089-b0a36929b_arm64.deb", - "hash": "1sc6h04l0lxw3jzz01gn7i6wikqqds7nqh35rqvwhffjgdvmcjhq" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.4.7164-1dc22f47b/debian/plexmediaserver_1.32.4.7164-1dc22f47b_arm64.deb", + "hash": "1k61rrdjlwhf14q8qdj976a53wf9f9ask0fwynldyqbvjfjgy0ws" }, { - "version": "1.32.3.7089", + "version": "1.32.4.7164", "platform": "x86_64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.3.7089-b0a36929b/debian/plexmediaserver_1.32.3.7089-b0a36929b_amd64.deb", - "hash": "074qvjl49rfn6s3naa5s71i5kd0an64laijz13cpsh55yy6zwgb3" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.4.7164-1dc22f47b/debian/plexmediaserver_1.32.4.7164-1dc22f47b_amd64.deb", + "hash": "0sa537yx7gjbabmisb26yrrlg7ql124qhwlc20r5m1hbq8i1i23w" } ] -- 2.47.1 From 6b13c82fc11a38a8dab8139d22e89c665280d178 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 6 Jun 2023 09:47:38 +0200 Subject: [PATCH 1666/1882] update flake --- flake.lock | 66 +++++++++++++++++++++++++++--------------------------- flake.nix | 2 +- 2 files changed, 34 insertions(+), 34 deletions(-) diff --git a/flake.lock b/flake.lock index 82a4c50a..f6d90af5 100644 --- a/flake.lock +++ b/flake.lock @@ -536,11 +536,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1681202837, - "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "lastModified": 1685518550, + "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", "owner": "numtide", "repo": "flake-utils", - "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef", "type": "github" }, "original": { @@ -695,11 +695,11 @@ ] }, "locked": { - "lastModified": 1685573051, - "narHash": "sha256-zrpbdQVJFpNVFK3SlA6mE0le8qnKjUjcuY4OzL+wSHw=", + "lastModified": 1685999310, + "narHash": "sha256-gaRMZhc7z4KeU/xS3IWv3kC+WhVcAXOLXXGKLe5zn1Y=", "owner": "nix-community", "repo": "home-manager", - "rev": "3876cc613ac3983078964ffb5a0c01d00028139e", + "rev": "28614ed7a1e3ace824c122237bdc0e5e0b62c5c3", "type": "github" }, "original": { @@ -721,11 +721,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1685709197, - "narHash": "sha256-ASoXZVoXj6L9PzNDfuDrAxrqaDuH7e1qTzdzkOODu4M=", + "lastModified": 1685953862, + "narHash": "sha256-aROVoLllFZde9EWr3EP97fXIlOghgrdmO6TeYkZRs5g=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "e422970c1bc3351bb7a20cf6e30e78d975280ed3", + "rev": "45d04a45d3dfcdee5246f7c0dfed056313de2a61", "type": "github" }, "original": { @@ -869,11 +869,11 @@ }, "nixlib": { "locked": { - "lastModified": 1681001314, - "narHash": "sha256-5sDnCLdrKZqxLPK4KA8+f4A3YKO/u6ElpMILvX0g72c=", + "lastModified": 1685840432, + "narHash": "sha256-VJIbiKsY7Xy4E4WcgwUt/UiwYDmN5BAk8tngAjcWsqY=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "367c0e1086a4eb4502b24d872cea2c7acdd557f4", + "rev": "961e99baaaa57f5f7042fe7ce089a88786c839f4", "type": "github" }, "original": { @@ -890,11 +890,11 @@ ] }, "locked": { - "lastModified": 1685446848, - "narHash": "sha256-vEU1jynjDXwOJESHeJyABqbY/Y+DoihZq9iDVtYgrMg=", + "lastModified": 1685943944, + "narHash": "sha256-GpaQwOkvwkmSWxvWaZqbMKyyOSaBAwgdEcHCqLW/240=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "b6114e214e5b546c4cceccd33ee6b72294a76b60", + "rev": "122dcc32cadf14c5015aa021fae8882c5058263a", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1685650716, - "narHash": "sha256-sDd7QIcMbIb37nuqMrJElvuyE5eVgWuKGtIPP8IWwCc=", + "lastModified": 1685883127, + "narHash": "sha256-zPDaPNrAtBnO24rNqjHLINHsqTdRbgWy1c/TL3EdwlM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f7c1500e2eefa58f3c80dd046cba256e10440201", + "rev": "d4a9ff82fc18723219b60c66fb2ccb0734c460eb", "type": "github" }, "original": { @@ -1098,11 +1098,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1685693126, - "narHash": "sha256-Q+fZjmYsFYOjOB8RFRkOqQj09tJa4pVh8qaZCYmsw1o=", + "lastModified": 1685967306, + "narHash": "sha256-SK2w2I7CgnVY2vRSfhl0yRMeAjn6SKpUDla9+yMbW6s=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b49720ccd2ca03ef35e213ebd43bd57c7eb83fa7", + "rev": "09720cc41f0dad446f119e3a6259c640d4b33003", "type": "github" }, "original": { @@ -1114,11 +1114,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1685168767, - "narHash": "sha256-wQgnxz0PdqbyKKpsWl/RU8T8QhJQcHfeC6lh1xRUTfk=", + "lastModified": 1685655444, + "narHash": "sha256-6EujQNAeaUkWvpEZZcVF8qSfQrNVWFNNGbUJxv/A5a8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e10802309bf9ae351eb27002c85cfdeb1be3b262", + "rev": "e635192892f5abbc2289eaac3a73cdb249abaefd", "type": "github" }, "original": { @@ -1198,11 +1198,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1685708456, - "narHash": "sha256-3zKQMUJhAK19NIzWyLBn3ggEsMtgamVd7l0+PWtFYEM=", + "lastModified": 1685952940, + "narHash": "sha256-TbdzFY9Dqo5+PHh0tBgsSG2MBL3cl+oEs+CdI8KPFJ8=", "owner": "pta2002", "repo": "nixvim", - "rev": "1f285df66498952c9b1315fdc591c0c3e1d3b5f1", + "rev": "fce6a33488906097f158ec2fc2b7c2952728a451", "type": "github" }, "original": { @@ -1213,11 +1213,11 @@ }, "nur": { "locked": { - "lastModified": 1685699083, - "narHash": "sha256-EqgVvQLjMuXMU0yiSRoCZZnnU8ATWdd8vWzWOBAeT4M=", + "lastModified": 1686033919, + "narHash": "sha256-eSkt/vmE7M0eg9Xd2OEpJHWXNZSn3CjgnKJdOtEw8Bc=", "owner": "nix-community", "repo": "NUR", - "rev": "7dbd5a6621059db78edd523eb1da98252d96b23d", + "rev": "30bca189f3a02281d51db0be0d537825b02059ca", "type": "github" }, "original": { @@ -1282,11 +1282,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1684842236, - "narHash": "sha256-rYWsIXHvNhVQ15RQlBUv67W3YnM+Pd+DuXGMvCBq2IE=", + "lastModified": 1685361114, + "narHash": "sha256-4RjrlSb+OO+e1nzTExKW58o3WRwVGpXwj97iCta8aj4=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "61e567d6497bc9556f391faebe5e410e6623217f", + "rev": "ca2fdbf3edda2a38140184da6381d49f8206eaf4", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 0b658d39..03c7b991 100644 --- a/flake.nix +++ b/flake.nix @@ -74,7 +74,7 @@ apply-local = pkgs.writeShellScriptBin "apply-local" '' "${ colmena.packages.${system}.colmena - }"/bin/colmena apply-local --sudo $@ + }"/bin/colmena apply-local --sudo --keep-result $@ ''; fast-repl = pkgs.writeShellScriptBin "fast-repl" '' -- 2.47.1 From 5fbe66803d717a3ec88c0dcc78d1c051c77290e4 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 6 Jun 2023 10:13:26 +0200 Subject: [PATCH 1667/1882] more loopback dns --- nixos/hosts/hades/dns/configuration.nix | 4 ++++ nixos/hosts/hades/nginx/configuration.nix | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/nixos/hosts/hades/dns/configuration.nix b/nixos/hosts/hades/dns/configuration.nix index 84fb9e15..8dfdf95b 100644 --- a/nixos/hosts/hades/dns/configuration.nix +++ b/nixos/hosts/hades/dns/configuration.nix @@ -22,6 +22,8 @@ local-zone = [ "xirion.net typetransparent" "o.xirion.net typetransparent" + "attic.xirion.net typetransparent" + "g.xirion.net typetransparent" "fedi-media.xirion.net typetransparent" "hades.xirion.net typetransparent" "requests.xirion.net typetransparent" @@ -33,6 +35,8 @@ ''"xirion.net A 192.168.0.122"'' ''"hades.xirion.net A 192.168.0.122"'' ''"o.xirion.net A 192.168.0.122"'' + ''"attic.xirion.net A 192.168.0.122"'' + ''"g.xirion.net A 192.168.0.122"'' ''"fedi-media.xirion.net A 192.168.0.122"'' ''"requests.xirion.net A 192.168.0.122"'' ''"ha.xirion.net A 192.168.0.122"'' diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix index 343dd1df..6f618d1d 100644 --- a/nixos/hosts/hades/nginx/configuration.nix +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -36,7 +36,7 @@ in { recommendedTlsSettings = true; recommendedOptimisation = true; recommendedBrotliSettings = true; - clientMaxBodySize = "500m"; + clientMaxBodySize = "1024m"; package = pkgs.nginxMainline; -- 2.47.1 From 38d2e2f064242a4d1d2779fe2678d39186ca6209 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Tue, 6 Jun 2023 10:13:42 +0200 Subject: [PATCH 1668/1882] fix --- nixos/common/default.nix | 2 +- nixos/hosts/hades/dns/configuration.nix | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/nixos/common/default.nix b/nixos/common/default.nix index f07a0f80..e2bf7251 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -77,7 +77,7 @@ nixpkgs.config.allowUnfree = true; nixpkgs.config.permittedInsecurePackages = - [ "nodejs-14.21.3" "openssl-1.1.1t" "nodejs-16.20.0" ]; + [ "nodejs-14.21.3" "openssl-1.1.1t" "nodejs-16.20.0" "openssl-1.1.1u" ]; # Limit the systemd journal to 100 MB of disk or the # last 7 days of logs, whichever happens first. diff --git a/nixos/hosts/hades/dns/configuration.nix b/nixos/hosts/hades/dns/configuration.nix index 84fb9e15..72e0c101 100644 --- a/nixos/hosts/hades/dns/configuration.nix +++ b/nixos/hosts/hades/dns/configuration.nix @@ -21,6 +21,7 @@ services.unbound.settings.server = { local-zone = [ "xirion.net typetransparent" + "attic.xirion.net typetransparent" "o.xirion.net typetransparent" "fedi-media.xirion.net typetransparent" "hades.xirion.net typetransparent" @@ -31,6 +32,7 @@ local-data = [ ''"xirion.net A 192.168.0.122"'' + ''"attic.xirion.net A 192.168.0.122"'' ''"hades.xirion.net A 192.168.0.122"'' ''"o.xirion.net A 192.168.0.122"'' ''"fedi-media.xirion.net A 192.168.0.122"'' -- 2.47.1 From 6f16efd9cde0bdfd0d3fb2eec121d96363c629e0 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Wed, 7 Jun 2023 11:34:57 +0200 Subject: [PATCH 1669/1882] update flake --- flake.lock | 30 ++++++++++----------- nixos/pkgs/vscode-extensions/platformio.nix | 2 +- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/flake.lock b/flake.lock index f6d90af5..fc56a433 100644 --- a/flake.lock +++ b/flake.lock @@ -131,11 +131,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1680733215, - "narHash": "sha256-5HNH/Lqj8OU/piH3tvPRkINXHHkt6bRp0QYYR4xOybE=", + "lastModified": 1686077956, + "narHash": "sha256-zkkjqU5NZipqakDfPSve85ljyZJ8aQtfk9mPkJ+w3IE=", "owner": "nix-community", "repo": "comma", - "rev": "ef97634016d17cc8cdea396ebcc002320494391a", + "rev": "59a88b9b86bc35ee6c5ec02fab6819ad68bdaa3f", "type": "github" }, "original": { @@ -695,11 +695,11 @@ ] }, "locked": { - "lastModified": 1685999310, - "narHash": "sha256-gaRMZhc7z4KeU/xS3IWv3kC+WhVcAXOLXXGKLe5zn1Y=", + "lastModified": 1686126776, + "narHash": "sha256-cgomr+NMvIS9ov6OpwPFfnmwfzEisukjodQ+ZJy4YzE=", "owner": "nix-community", "repo": "home-manager", - "rev": "28614ed7a1e3ace824c122237bdc0e5e0b62c5c3", + "rev": "3512a6dafb7836cfceef00dcb29ce6f01c2ce280", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1685883127, - "narHash": "sha256-zPDaPNrAtBnO24rNqjHLINHsqTdRbgWy1c/TL3EdwlM=", + "lastModified": 1686035213, + "narHash": "sha256-hRcXUoVWWuLqFzQ1QVQx4ewvbnst1NkCxoZhmpzrilA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d4a9ff82fc18723219b60c66fb2ccb0734c460eb", + "rev": "d83945caa7624015f11b152bf5c6c4363ffe9f7c", "type": "github" }, "original": { @@ -1098,11 +1098,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1685967306, - "narHash": "sha256-SK2w2I7CgnVY2vRSfhl0yRMeAjn6SKpUDla9+yMbW6s=", + "lastModified": 1686025136, + "narHash": "sha256-yd/Lr6RjjeyF7PpA+TpFT4E5LZeDyiMLVJUXIWxB4Rs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "09720cc41f0dad446f119e3a6259c640d4b33003", + "rev": "22467e240f390f029d6c745ce031f0ffbdc40916", "type": "github" }, "original": { @@ -1213,11 +1213,11 @@ }, "nur": { "locked": { - "lastModified": 1686033919, - "narHash": "sha256-eSkt/vmE7M0eg9Xd2OEpJHWXNZSn3CjgnKJdOtEw8Bc=", + "lastModified": 1686127382, + "narHash": "sha256-iFyvwOxYlTt23ttL2jdyBFSfcE752hPNu7zc4m7QSXY=", "owner": "nix-community", "repo": "NUR", - "rev": "30bca189f3a02281d51db0be0d537825b02059ca", + "rev": "f774a40d3b542d2d5e0fc5cdc09136f0b4cb11c8", "type": "github" }, "original": { diff --git a/nixos/pkgs/vscode-extensions/platformio.nix b/nixos/pkgs/vscode-extensions/platformio.nix index 98d5d7cd..90367dcc 100644 --- a/nixos/pkgs/vscode-extensions/platformio.nix +++ b/nixos/pkgs/vscode-extensions/platformio.nix @@ -5,7 +5,7 @@ in buildVscodeMarketplaceExtension { name = "platformio-ide"; publisher = "platformio"; version = "3.1.1"; - sha256 = "sha256-fwEct7Tj8bfTOLRozSZJGWoLzWRSvYz/KxcnfpO8Usg="; + sha256 = "sha256-g9yTG3DjVUS2w9eHGAai5LoIfEGus+FPhqDnCi4e90Q="; # sha256 = lib.fakeSha256; }; } -- 2.47.1 From 224cd28112e92149914d92d053df6b49ed3876b1 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 7 Jun 2023 14:03:42 +0200 Subject: [PATCH 1670/1882] add docker runner; --- .forgejo/workflows/test.yml | 12 ++++++++++++ flake.nix | 2 +- nixos/hosts/olympus/ci/configuration.nix | 9 +++++++++ 3 files changed, 22 insertions(+), 1 deletion(-) create mode 100644 .forgejo/workflows/test.yml diff --git a/.forgejo/workflows/test.yml b/.forgejo/workflows/test.yml new file mode 100644 index 00000000..8dd9abe0 --- /dev/null +++ b/.forgejo/workflows/test.yml @@ -0,0 +1,12 @@ +name: Testing + +on: [push] + +jobs: + lint: + runs-on: docker + steps: + - uses: actions/checkout@v3 + - run: ls -l + - run: uname -a + diff --git a/flake.nix b/flake.nix index 03c7b991..0b658d39 100644 --- a/flake.nix +++ b/flake.nix @@ -74,7 +74,7 @@ apply-local = pkgs.writeShellScriptBin "apply-local" '' "${ colmena.packages.${system}.colmena - }"/bin/colmena apply-local --sudo --keep-result $@ + }"/bin/colmena apply-local --sudo $@ ''; fast-repl = pkgs.writeShellScriptBin "fast-repl" '' diff --git a/nixos/hosts/olympus/ci/configuration.nix b/nixos/hosts/olympus/ci/configuration.nix index d3161897..f0c7df52 100644 --- a/nixos/hosts/olympus/ci/configuration.nix +++ b/nixos/hosts/olympus/ci/configuration.nix @@ -40,6 +40,15 @@ in { }; services.gitea-actions-runner.instances = { + runner_1 = { + name = "runner_1"; + enable = true; + labels = [ + "docker:docker://node:16-bullseye" + ]; + url = "https://git.0x76.dev"; + tokenFile = "${vs.gitea_runner}/token_runner_1"; + }; nix-native = { enable = true; name = "nix-native"; -- 2.47.1 From 8288611ef9a437b16baedc5ab6800d9fba5669ce Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 7 Jun 2023 22:00:24 +0000 Subject: [PATCH 1671/1882] chore(deps): update renovate/renovate docker tag to v35.114.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index e533e881..6f4a40f1 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.110.1 + image: renovate/renovate:35.114.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 1403a1b2c020c998bec4eda1b2ca83e8d2eb4432 Mon Sep 17 00:00:00 2001 From: v Date: Thu, 8 Jun 2023 09:58:00 +0200 Subject: [PATCH 1672/1882] Nix CI (#176) Co-authored-by: Victor Reviewed-on: https://git.0x76.dev/v/infrastructure/pulls/176 --- .forgejo/workflows/nix.yml | 20 ++++++++++++++++++++ .forgejo/workflows/test.yml | 12 ------------ flake.lock | 18 +++++++++--------- 3 files changed, 29 insertions(+), 21 deletions(-) create mode 100644 .forgejo/workflows/nix.yml delete mode 100644 .forgejo/workflows/test.yml diff --git a/.forgejo/workflows/nix.yml b/.forgejo/workflows/nix.yml new file mode 100644 index 00000000..f00297f4 --- /dev/null +++ b/.forgejo/workflows/nix.yml @@ -0,0 +1,20 @@ +name: Nix + +on: [push] + +jobs: + lint: + runs-on: docker + env: + container: + image: ghcr.io/catthehacker/ubuntu:js-20.04 + steps: + - uses: actions/checkout@v3 + - uses: https://github.com/cachix/install-nix-action@v20 + env: + with: + nix_path: nixpkgs=channel:nixos-unstable + - name: Run `nix flake check` + run: | + sed -i '/^access-tokens/ d' /etc/nix/nix.conf + nix run '.#' -- -V diff --git a/.forgejo/workflows/test.yml b/.forgejo/workflows/test.yml deleted file mode 100644 index 8dd9abe0..00000000 --- a/.forgejo/workflows/test.yml +++ /dev/null @@ -1,12 +0,0 @@ -name: Testing - -on: [push] - -jobs: - lint: - runs-on: docker - steps: - - uses: actions/checkout@v3 - - run: ls -l - - run: uname -a - diff --git a/flake.lock b/flake.lock index fc56a433..7e13dd71 100644 --- a/flake.lock +++ b/flake.lock @@ -695,11 +695,11 @@ ] }, "locked": { - "lastModified": 1686126776, - "narHash": "sha256-cgomr+NMvIS9ov6OpwPFfnmwfzEisukjodQ+ZJy4YzE=", + "lastModified": 1686142265, + "narHash": "sha256-IP0xPa0VYqxCzpqZsg3iYGXarUF+4r2zpkhwdHy9WsM=", "owner": "nix-community", "repo": "home-manager", - "rev": "3512a6dafb7836cfceef00dcb29ce6f01c2ce280", + "rev": "39c7d0a97a77d3f31953941767a0822c94dc01f5", "type": "github" }, "original": { @@ -1098,11 +1098,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1686025136, - "narHash": "sha256-yd/Lr6RjjeyF7PpA+TpFT4E5LZeDyiMLVJUXIWxB4Rs=", + "lastModified": 1686131476, + "narHash": "sha256-d/VZjsgW7dBwqN77EcQ4HqQifpATkT5WnCvYbovIhf0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "22467e240f390f029d6c745ce031f0ffbdc40916", + "rev": "32d8e07a8ea673bc9b8c0f8106fb0b776c6ea6a8", "type": "github" }, "original": { @@ -1213,11 +1213,11 @@ }, "nur": { "locked": { - "lastModified": 1686127382, - "narHash": "sha256-iFyvwOxYlTt23ttL2jdyBFSfcE752hPNu7zc4m7QSXY=", + "lastModified": 1686143635, + "narHash": "sha256-BmsQRuHNoOIQl9Zv/aettlJUt366HoRW1xQnI8n3C64=", "owner": "nix-community", "repo": "NUR", - "rev": "f774a40d3b542d2d5e0fc5cdc09136f0b4cb11c8", + "rev": "b54d94d6eb99231590921225e1601705b97aa968", "type": "github" }, "original": { -- 2.47.1 From 3201b153fd7a849d7a0924765bc24ad150651a36 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 8 Jun 2023 10:30:49 +0200 Subject: [PATCH 1673/1882] flake update --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 7e13dd71..4b165c24 100644 --- a/flake.lock +++ b/flake.lock @@ -695,11 +695,11 @@ ] }, "locked": { - "lastModified": 1686142265, - "narHash": "sha256-IP0xPa0VYqxCzpqZsg3iYGXarUF+4r2zpkhwdHy9WsM=", + "lastModified": 1686168915, + "narHash": "sha256-zV5lh3PGKcI8W7+5bXSRsCetfsi6x10Xvojpk5HAQHU=", "owner": "nix-community", "repo": "home-manager", - "rev": "39c7d0a97a77d3f31953941767a0822c94dc01f5", + "rev": "cc6745b35fefe48624ebf573382e1e0e4a6fe85e", "type": "github" }, "original": { @@ -1198,11 +1198,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1685952940, - "narHash": "sha256-TbdzFY9Dqo5+PHh0tBgsSG2MBL3cl+oEs+CdI8KPFJ8=", + "lastModified": 1686210684, + "narHash": "sha256-dlQDXx0P/MmiBOhJ733AyD0+ym7U7Pe080gIBSgFK0E=", "owner": "pta2002", "repo": "nixvim", - "rev": "fce6a33488906097f158ec2fc2b7c2952728a451", + "rev": "ab8377f319a2d84026244bf81b3b3f8e49c2a518", "type": "github" }, "original": { @@ -1213,11 +1213,11 @@ }, "nur": { "locked": { - "lastModified": 1686143635, - "narHash": "sha256-BmsQRuHNoOIQl9Zv/aettlJUt366HoRW1xQnI8n3C64=", + "lastModified": 1686210105, + "narHash": "sha256-hA1NWUCfZHmZcUaLP7R8rDHp4ssZI1CbreGMol5vKqM=", "owner": "nix-community", "repo": "NUR", - "rev": "b54d94d6eb99231590921225e1601705b97aa968", + "rev": "dd2b073a0d02c76e1b22d6f017675522464642fb", "type": "github" }, "original": { -- 2.47.1 From a19ada3331d5c4e92898334618d2affa3612f853 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 8 Jun 2023 16:46:19 +0200 Subject: [PATCH 1674/1882] hopefully fixes #173 --- .../olympus/mailserver/configuration.nix | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index edce9cb8..de6a8790 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -27,20 +27,32 @@ in { mailserver = { enable = true; fqdn = "mail.0x76.dev"; - domains = [ "0x76.dev" "meowy.tech" ]; + domains = [ "0x76.dev" "meowy.tech" "xirion.net" ]; certificateScheme = "acme-nginx"; + enableManageSieve = true; loginAccounts = { # People "v@0x76.dev" = { hashedPasswordFile = "${vs.mailserver}/v@0x76.dev"; - aliases = - [ "v@meowy.tech" "postmaster@0x76.dev" "postmaster@meowy.tech" ]; + catchAll = [ "xirion.net" "0x76.dev" ]; + aliases = [ + "postmaster@0x76.dev" + "abuse@0x76.dev" + + "v@meowy.tech" + "abuse@meowy.tech" + "postmaster@meowy.tech" + + "@xirion.net" + "@0x76.dev" + ]; }; "laura@meowy.tech" = { hashedPasswordFile = "${vs.mailserver}/laura@meowy.tech"; aliases = [ "lau@meowy.tech" ]; }; + # Services "gitea@0x76.dev" = { hashedPasswordFile = "${vs.mailserver}/gitea@0x76.dev"; @@ -82,6 +94,7 @@ in { pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]); plugins = [ "archive" + "managesieve" # "enigma" # "markasjunk" "persistent_login" -- 2.47.1 From bf5c22306818913b1f864d1f897a08d26257dc61 Mon Sep 17 00:00:00 2001 From: v Date: Thu, 8 Jun 2023 16:53:41 +0200 Subject: [PATCH 1675/1882] Update '.forgejo/workflows/nix.yml' --- .forgejo/workflows/nix.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.forgejo/workflows/nix.yml b/.forgejo/workflows/nix.yml index f00297f4..c8abaec7 100644 --- a/.forgejo/workflows/nix.yml +++ b/.forgejo/workflows/nix.yml @@ -1,7 +1,5 @@ name: Nix -on: [push] - jobs: lint: runs-on: docker -- 2.47.1 From 2ec7f547f723fef0321af644b9f113a82be62ec8 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 8 Jun 2023 16:53:56 +0200 Subject: [PATCH 1676/1882] mail: enable monitoring --- nixos/hosts/olympus/mailserver/configuration.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index de6a8790..e5fa5eb6 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -31,6 +31,11 @@ in { certificateScheme = "acme-nginx"; enableManageSieve = true; + monitoring = { + alertAddress = "v@0x76.dev"; + enable = true; + }; + loginAccounts = { # People "v@0x76.dev" = { -- 2.47.1 From 69020c4d219a2020ac37ff0cb3f1fd771d2c3248 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 9 Jun 2023 09:17:39 +0200 Subject: [PATCH 1677/1882] add thunderbird --- flake.lock | 24 ++++++++++++------------ nixos/common/desktop/home.nix | 7 +++++++ 2 files changed, 19 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 4b165c24..9d87df60 100644 --- a/flake.lock +++ b/flake.lock @@ -695,11 +695,11 @@ ] }, "locked": { - "lastModified": 1686168915, - "narHash": "sha256-zV5lh3PGKcI8W7+5bXSRsCetfsi6x10Xvojpk5HAQHU=", + "lastModified": 1686265146, + "narHash": "sha256-w5RtAG37rqcfqVWEQrJGUvZnUjt/BKdGvf+3XAw09ps=", "owner": "nix-community", "repo": "home-manager", - "rev": "cc6745b35fefe48624ebf573382e1e0e4a6fe85e", + "rev": "69bdd6de50df2082901d94dbf70ecb762d8b636c", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1686035213, - "narHash": "sha256-hRcXUoVWWuLqFzQ1QVQx4ewvbnst1NkCxoZhmpzrilA=", + "lastModified": 1686190112, + "narHash": "sha256-BRDO/tnq+ruwv14caQLIqejYJ6w5icja5KYpNunOW24=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d83945caa7624015f11b152bf5c6c4363ffe9f7c", + "rev": "41b86284d3e073bb322da076ae8cd6e116b2ee2a", "type": "github" }, "original": { @@ -1098,11 +1098,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1686131476, - "narHash": "sha256-d/VZjsgW7dBwqN77EcQ4HqQifpATkT5WnCvYbovIhf0=", + "lastModified": 1686216645, + "narHash": "sha256-jwZN8b3fh/md5+zoaekYInEz3JXLQYvxkc9097Ft4V8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "32d8e07a8ea673bc9b8c0f8106fb0b776c6ea6a8", + "rev": "58ca986543b591a8269cbce3328293ca8d64480f", "type": "github" }, "original": { @@ -1213,11 +1213,11 @@ }, "nur": { "locked": { - "lastModified": 1686210105, - "narHash": "sha256-hA1NWUCfZHmZcUaLP7R8rDHp4ssZI1CbreGMol5vKqM=", + "lastModified": 1686289365, + "narHash": "sha256-NhFI5JgL4e2EW8rNnJ5B8lBf0awZ3DtMqnhGuv5A8kc=", "owner": "nix-community", "repo": "NUR", - "rev": "dd2b073a0d02c76e1b22d6f017675522464642fb", + "rev": "8692a69c88fecbe83659ca4c82f87dbb1a37d5d6", "type": "github" }, "original": { diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index fcd9e33e..67407df8 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -79,6 +79,13 @@ in { sessionVariables = { DIRENV_LOG_FORMAT = ""; }; }; + programs.thunderbird = { + enable = true; + profiles.default = { + isDefault = true; + }; + }; + # Syncthing services.syncthing.enable = true; xdg.userDirs = let home = config.home.homeDirectory; -- 2.47.1 From cc6d86606925e39d0964426d1329c9c4a78a1bbe Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 9 Jun 2023 15:06:44 +0200 Subject: [PATCH 1678/1882] added alt domain masto --- nixos/hosts/hades/mastodon/configuration.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/hosts/hades/mastodon/configuration.nix b/nixos/hosts/hades/mastodon/configuration.nix index 4f37f9a1..43090346 100644 --- a/nixos/hosts/hades/mastodon/configuration.nix +++ b/nixos/hosts/hades/mastodon/configuration.nix @@ -79,6 +79,7 @@ in { DEFAULT_LOCALE = "en"; WEB_DOMAIN = "fedi.xirion.net"; + ALTERNATE_DOMAINS = "meowy.tech"; SMTP_AUTH_METHOD = "plain"; SMTP_OPENSSL_VERIFY_MODE = "none"; -- 2.47.1 From 51fea5c507bdfa309e29486a540f31032eae474e Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 9 Jun 2023 19:19:15 +0200 Subject: [PATCH 1679/1882] add snapraid account --- nixos/hosts/olympus/mailserver/configuration.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index e5fa5eb6..6440344f 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -75,6 +75,10 @@ in { hashedPasswordFile = "${vs.mailserver}/vaultwarden@0x76.dev"; sendOnly = true; }; + "snapraid@0x76.dev" = { + hashedPasswordFile = "${vs.mailserver}/snapraid@0x76.dev"; + sendOnly = true; + }; }; indexDir = "/var/lib/dovecot/indices"; -- 2.47.1 From d1b91554ac3cc638b8f835f3333fc2fd9df2a062 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 9 Jun 2023 22:00:26 +0000 Subject: [PATCH 1680/1882] chore(deps): update renovate/renovate docker tag to v35.115.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 6f4a40f1..f87c3532 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.114.2 + image: renovate/renovate:35.115.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 885fdb81c6299b593030b327703255f7970249e5 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 10 Jun 2023 13:24:02 +0200 Subject: [PATCH 1681/1882] fixed wireguard apparently using the same port on both sides can calsh --- flake.lock | 24 +++++++++---------- .../hosts/olympus/wireguard/configuration.nix | 2 +- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/flake.lock b/flake.lock index 9d87df60..b295cc51 100644 --- a/flake.lock +++ b/flake.lock @@ -695,11 +695,11 @@ ] }, "locked": { - "lastModified": 1686265146, - "narHash": "sha256-w5RtAG37rqcfqVWEQrJGUvZnUjt/BKdGvf+3XAw09ps=", + "lastModified": 1686342731, + "narHash": "sha256-GwCwviXcc5nrewuFwtsrxys8srrZcI+m8hdIGOt+fHY=", "owner": "nix-community", "repo": "home-manager", - "rev": "69bdd6de50df2082901d94dbf70ecb762d8b636c", + "rev": "0945875a2a20de314093b0f9d4d5448e9b4fdccb", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1686190112, - "narHash": "sha256-BRDO/tnq+ruwv14caQLIqejYJ6w5icja5KYpNunOW24=", + "lastModified": 1686306016, + "narHash": "sha256-I3ziTWye7k07KknmO1WHym1YpKYaeZs+0GsxA9nRyTc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "41b86284d3e073bb322da076ae8cd6e116b2ee2a", + "rev": "124e028a0c59db58bc60e855a92eeb9299fd0be3", "type": "github" }, "original": { @@ -1098,11 +1098,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1686216645, - "narHash": "sha256-jwZN8b3fh/md5+zoaekYInEz3JXLQYvxkc9097Ft4V8=", + "lastModified": 1686312845, + "narHash": "sha256-A03Yo7hCda60Kmpw6IuvZl/Zngd9oSijyapjYymOlwk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "58ca986543b591a8269cbce3328293ca8d64480f", + "rev": "ccde02dcbc29eab5fe745c5f4c08c905584627bc", "type": "github" }, "original": { @@ -1213,11 +1213,11 @@ }, "nur": { "locked": { - "lastModified": 1686289365, - "narHash": "sha256-NhFI5JgL4e2EW8rNnJ5B8lBf0awZ3DtMqnhGuv5A8kc=", + "lastModified": 1686347125, + "narHash": "sha256-Ysyr8LNxSx4M7ZWuqZSSxKNHbF0OzcuanM1qknmpC+Y=", "owner": "nix-community", "repo": "NUR", - "rev": "8692a69c88fecbe83659ca4c82f87dbb1a37d5d6", + "rev": "aa3eed5432264e47084272aa9f679ec8aaa795ea", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/wireguard/configuration.nix b/nixos/hosts/olympus/wireguard/configuration.nix index 59fefa8f..ee24f55d 100644 --- a/nixos/hosts/olympus/wireguard/configuration.nix +++ b/nixos/hosts/olympus/wireguard/configuration.nix @@ -47,7 +47,7 @@ in { networking.wireguard.interfaces.wg0 = { ips = [ "10.100.0.1/24" ]; - listenPort = 51820; + listenPort = 51821; privateKeyFile = "${vs.wireguard}/privateKey"; peers = [ -- 2.47.1 From 5164f256f9ba8ba4ee386d2c58aa8688376f978c Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sat, 10 Jun 2023 13:47:02 +0200 Subject: [PATCH 1682/1882] lock update --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index b295cc51..ef511f34 100644 --- a/flake.lock +++ b/flake.lock @@ -695,11 +695,11 @@ ] }, "locked": { - "lastModified": 1686342731, - "narHash": "sha256-GwCwviXcc5nrewuFwtsrxys8srrZcI+m8hdIGOt+fHY=", + "lastModified": 1686391840, + "narHash": "sha256-5S0APl6Mfm6a37taHwvuf11UHnAX0+PnoWQbsYbMUnc=", "owner": "nix-community", "repo": "home-manager", - "rev": "0945875a2a20de314093b0f9d4d5448e9b4fdccb", + "rev": "0144ac418ef633bfc9dbd89b8c199ad3a617c59f", "type": "github" }, "original": { @@ -1098,11 +1098,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1686312845, - "narHash": "sha256-A03Yo7hCda60Kmpw6IuvZl/Zngd9oSijyapjYymOlwk=", + "lastModified": 1686371756, + "narHash": "sha256-noR4uAAmla3RFMqQAgMP2BRHnFGw7jEiAMjDBM2pWP4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "ccde02dcbc29eab5fe745c5f4c08c905584627bc", + "rev": "90d69b1634d6941300d790ec84d91a4dd40b3902", "type": "github" }, "original": { @@ -1213,11 +1213,11 @@ }, "nur": { "locked": { - "lastModified": 1686347125, - "narHash": "sha256-Ysyr8LNxSx4M7ZWuqZSSxKNHbF0OzcuanM1qknmpC+Y=", + "lastModified": 1686395000, + "narHash": "sha256-zb2vLIvdjjmQq/+nPLHTus4C522Z/Rkp51JmZL/yfyw=", "owner": "nix-community", "repo": "NUR", - "rev": "aa3eed5432264e47084272aa9f679ec8aaa795ea", + "rev": "1dd74ed8fb466ade06a0290e59601a8224ac0e33", "type": "github" }, "original": { -- 2.47.1 From 04d20482e15c0ec00cbfb53e47f7a831d278b4b7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 10 Jun 2023 22:00:26 +0000 Subject: [PATCH 1683/1882] chore(deps): update flaresolverr/flaresolverr docker tag to v3.2.1 --- nixos/hosts/hades/overseerr/prowlarr.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/overseerr/prowlarr.nix b/nixos/hosts/hades/overseerr/prowlarr.nix index ff7e9465..1fe2599b 100644 --- a/nixos/hosts/hades/overseerr/prowlarr.nix +++ b/nixos/hosts/hades/overseerr/prowlarr.nix @@ -5,7 +5,7 @@ _: { }; virtualisation.oci-containers.containers.flaresolverr = { - image = "flaresolverr/flaresolverr:v3.2.0"; + image = "flaresolverr/flaresolverr:v3.2.1"; ports = [ "8191:8191" ]; }; } -- 2.47.1 From 108a8bc0687a948abc668ce8ce878dd1cbb54001 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 11 Jun 2023 10:23:26 +0200 Subject: [PATCH 1684/1882] flake update --- flake.lock | 82 +++++++++++++++++++++++++++++++++--------------------- 1 file changed, 50 insertions(+), 32 deletions(-) diff --git a/flake.lock b/flake.lock index ef511f34..fcc0c9ec 100644 --- a/flake.lock +++ b/flake.lock @@ -550,12 +550,15 @@ } }, "flake-utils_5": { + "inputs": { + "systems": "systems_3" + }, "locked": { - "lastModified": 1667395993, - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "lastModified": 1685518550, + "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", "owner": "numtide", "repo": "flake-utils", - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef", "type": "github" }, "original": { @@ -580,7 +583,7 @@ }, "flake-utils_7": { "inputs": { - "systems": "systems_3" + "systems": "systems_4" }, "locked": { "lastModified": 1681202837, @@ -721,11 +724,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1685953862, - "narHash": "sha256-aROVoLllFZde9EWr3EP97fXIlOghgrdmO6TeYkZRs5g=", + "lastModified": 1686415556, + "narHash": "sha256-88nOOiLYzYGIMEiQ91DxuyUa786mqunRw6k6GipXmxg=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "45d04a45d3dfcdee5246f7c0dfed056313de2a61", + "rev": "9f97a908e4059221d39c7b7d0906c88b9fcc9c9b", "type": "github" }, "original": { @@ -776,11 +779,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1684964237, - "narHash": "sha256-dDS+GhdZN2MAa2FJKFGM2gpgAXhx+xoMkpVsRx9qpDE=", + "lastModified": 1686468558, + "narHash": "sha256-K69Ojlx3N8I6tRTZsrKFMIqK4yrnJ6/PjfKZi3wchYg=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "1bcfcf786bc289ca1bd2c9d29d6f02d9141b1da3", + "rev": "290d00f6db4e80467013728819ad73dd4a394d9a", "type": "gitlab" }, "original": { @@ -1018,16 +1021,16 @@ }, "nixpkgs-stable_3": { "locked": { - "lastModified": 1678872516, - "narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=", + "lastModified": 1685801374, + "narHash": "sha256-otaSUoFEMM+LjBI1XL/xGB5ao6IwnZOXc47qhIgJe8U=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8", + "rev": "c37ca420157f4abc31e26f436c1145f8951ff373", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-22.11", + "ref": "nixos-23.05", "repo": "nixpkgs", "type": "github" } @@ -1066,11 +1069,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1686306016, - "narHash": "sha256-I3ziTWye7k07KknmO1WHym1YpKYaeZs+0GsxA9nRyTc=", + "lastModified": 1686392259, + "narHash": "sha256-hqSS9hKhWldIZr1bBp9xKhIznnGPICGKzuehd2LH0UA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "124e028a0c59db58bc60e855a92eeb9299fd0be3", + "rev": "ef24b2fa0c5f290a35064b847bc211f25cb85c88", "type": "github" }, "original": { @@ -1098,11 +1101,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1686371756, - "narHash": "sha256-noR4uAAmla3RFMqQAgMP2BRHnFGw7jEiAMjDBM2pWP4=", + "lastModified": 1686406799, + "narHash": "sha256-/MHAr6x5/DDEAWFQLgIlyFT9jCXl5O6OWCoNGmfnL3g=", "owner": "nixos", "repo": "nixpkgs", - "rev": "90d69b1634d6941300d790ec84d91a4dd40b3902", + "rev": "9166729004aef4db3390d7199a45f6c7331275a2", "type": "github" }, "original": { @@ -1114,11 +1117,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1685655444, - "narHash": "sha256-6EujQNAeaUkWvpEZZcVF8qSfQrNVWFNNGbUJxv/A5a8=", + "lastModified": 1686319658, + "narHash": "sha256-tGWdoUAqKnE866mYFlEfc2a99kxFy31hOQJH5YQKrTQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e635192892f5abbc2289eaac3a73cdb249abaefd", + "rev": "ae766d59b07c450e0f1de8a1bfd6529089f40849", "type": "github" }, "original": { @@ -1198,11 +1201,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1686210684, - "narHash": "sha256-dlQDXx0P/MmiBOhJ733AyD0+ym7U7Pe080gIBSgFK0E=", + "lastModified": 1686407073, + "narHash": "sha256-FFDLQgHsuGQJlqYs8CwDIHhRszDyX0Xb1wjbCwGQVdI=", "owner": "pta2002", "repo": "nixvim", - "rev": "ab8377f319a2d84026244bf81b3b3f8e49c2a518", + "rev": "a2ef858ea5599dc547011c19c40a962bc72a80e7", "type": "github" }, "original": { @@ -1213,11 +1216,11 @@ }, "nur": { "locked": { - "lastModified": 1686395000, - "narHash": "sha256-zb2vLIvdjjmQq/+nPLHTus4C522Z/Rkp51JmZL/yfyw=", + "lastModified": 1686462208, + "narHash": "sha256-L58OUbCXtIzlBJ5QQBETWgPFgmekOwW99LhiyUp9Cto=", "owner": "nix-community", "repo": "NUR", - "rev": "1dd74ed8fb466ade06a0290e59601a8224ac0e33", + "rev": "416eb10d0850d5041169b70e57df91206f7a613d", "type": "github" }, "original": { @@ -1282,11 +1285,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1685361114, - "narHash": "sha256-4RjrlSb+OO+e1nzTExKW58o3WRwVGpXwj97iCta8aj4=", + "lastModified": 1686213770, + "narHash": "sha256-Re6xXLEqQ/HRnThryumyGzEf3Uv0Pl4cuG50MrDofP8=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "ca2fdbf3edda2a38140184da6381d49f8206eaf4", + "rev": "182af51202998af5b64ddecaa7ff9be06425399b", "type": "github" }, "original": { @@ -1540,6 +1543,21 @@ "type": "github" } }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "utils": { "locked": { "lastModified": 1678901627, -- 2.47.1 From f1d475aa0a52c21ad43ae6102358537d18d95dd1 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 13 Jun 2023 09:53:54 +0200 Subject: [PATCH 1685/1882] fix mastodon email --- nixos/hosts/hades/mastodon/configuration.nix | 2 +- nixos/hosts/olympus/mailserver/configuration.nix | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/nixos/hosts/hades/mastodon/configuration.nix b/nixos/hosts/hades/mastodon/configuration.nix index 4f37f9a1..4302199e 100644 --- a/nixos/hosts/hades/mastodon/configuration.nix +++ b/nixos/hosts/hades/mastodon/configuration.nix @@ -65,7 +65,7 @@ in { smtp = { createLocally = false; fromAddress = "mastodon@xirion.net"; - host = "mail.xirion.net"; + host = "mail.0x76.dev"; user = "mastodon@xirion.net"; authenticate = true; port = 587; diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index 6440344f..29965391 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -79,6 +79,10 @@ in { hashedPasswordFile = "${vs.mailserver}/snapraid@0x76.dev"; sendOnly = true; }; + "mastodon@xirion.net" = { + hashedPasswordFile = "${vs.mailserver}/mastodon@xirion.net"; + sendOnly = true; + }; }; indexDir = "/var/lib/dovecot/indices"; -- 2.47.1 From 55a5c3bae0e9ff96fbbfd0d49c41254cae032401 Mon Sep 17 00:00:00 2001 From: Forgejo Actions Bot <> Date: Tue, 13 Jun 2023 09:54:11 +0200 Subject: [PATCH 1686/1882] Update Plex --- nixos/pkgs/plex-pass/sources.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/nixos/pkgs/plex-pass/sources.json b/nixos/pkgs/plex-pass/sources.json index a0c5706e..fe1232f7 100644 --- a/nixos/pkgs/plex-pass/sources.json +++ b/nixos/pkgs/plex-pass/sources.json @@ -1,14 +1,14 @@ [ { - "version": "1.32.4.7164", + "version": "1.32.4.7195", "platform": "aarch64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.4.7164-1dc22f47b/debian/plexmediaserver_1.32.4.7164-1dc22f47b_arm64.deb", - "hash": "1k61rrdjlwhf14q8qdj976a53wf9f9ask0fwynldyqbvjfjgy0ws" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.4.7195-7c8f9d3b6/debian/plexmediaserver_1.32.4.7195-7c8f9d3b6_arm64.deb", + "hash": "0fqmwijyp3nkii47s9w0a23r291cbifxgip2flp49wxlr7hbrgj1" }, { - "version": "1.32.4.7164", + "version": "1.32.4.7195", "platform": "x86_64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.4.7164-1dc22f47b/debian/plexmediaserver_1.32.4.7164-1dc22f47b_amd64.deb", - "hash": "0sa537yx7gjbabmisb26yrrlg7ql124qhwlc20r5m1hbq8i1i23w" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.4.7195-7c8f9d3b6/debian/plexmediaserver_1.32.4.7195-7c8f9d3b6_amd64.deb", + "hash": "18c0wxfqrhisbrsp51hb3r95bxgi47p3ykaj146k3x2n627j2ycn" } ] -- 2.47.1 From 0c59d6c7e26b590f9c962830ced93c29aa176f64 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Tue, 13 Jun 2023 10:02:27 +0200 Subject: [PATCH 1687/1882] fix unifi mongo version --- flake.lock | 18 +++++++++--------- nixos/hosts/hades/default.nix | 4 ---- nixos/hosts/hades/unifi/configuration.nix | 6 +++--- nixos/hosts/olympus/unifi/configuration.nix | 4 ++-- 4 files changed, 14 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index fcc0c9ec..67a5046d 100644 --- a/flake.lock +++ b/flake.lock @@ -1069,11 +1069,11 @@ }, "nixpkgs_22-11": { "locked": { - "lastModified": 1686392259, - "narHash": "sha256-hqSS9hKhWldIZr1bBp9xKhIznnGPICGKzuehd2LH0UA=", + "lastModified": 1686476475, + "narHash": "sha256-W9yUePvCSDghn+YUXewuodyPxt+kJl/a7zdY4Q6r4MU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "ef24b2fa0c5f290a35064b847bc211f25cb85c88", + "rev": "eef86b8a942913a828b9ef13722835f359deef29", "type": "github" }, "original": { @@ -1101,11 +1101,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1686406799, - "narHash": "sha256-/MHAr6x5/DDEAWFQLgIlyFT9jCXl5O6OWCoNGmfnL3g=", + "lastModified": 1686496983, + "narHash": "sha256-DX7PZwzBVHQpwG4vK5zUa61/RFk2BQb3uTxJQg2wiM0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "9166729004aef4db3390d7199a45f6c7331275a2", + "rev": "3d318cb303f285d2964d4137619cb21ddd56cfd5", "type": "github" }, "original": { @@ -1216,11 +1216,11 @@ }, "nur": { "locked": { - "lastModified": 1686462208, - "narHash": "sha256-L58OUbCXtIzlBJ5QQBETWgPFgmekOwW99LhiyUp9Cto=", + "lastModified": 1686551572, + "narHash": "sha256-F6LQMUbXBohE9gxB4jpfyJ6aQsWMKH8DQGYnYzlTW8M=", "owner": "nix-community", "repo": "NUR", - "rev": "416eb10d0850d5041169b70e57df91206f7a613d", + "rev": "d5d81b26c82b80b05d5d64c442b79fb45428cb00", "type": "github" }, "original": { diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 24679252..ba83fad4 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -66,10 +66,6 @@ ip = "192.168.0.111"; mac = "7a:5f:9b:62:49:91"; }; - "minio" = { - ip = "192.168.0.112"; - mac = "ae:c6:94:bb:c5:d9"; - }; "cshub2" = { ip = "192.168.0.113"; mac = "26:8c:f6:f4:21:76"; diff --git a/nixos/hosts/hades/unifi/configuration.nix b/nixos/hosts/hades/unifi/configuration.nix index f4c3e5ff..858a2efb 100644 --- a/nixos/hosts/hades/unifi/configuration.nix +++ b/nixos/hosts/hades/unifi/configuration.nix @@ -1,13 +1,13 @@ -{ pkgs, lib, ... }: { +{ pkgs, lib, pkgs_22-11,... }: { system.stateVersion = "21.05"; networking.interfaces.eth0.useDHCP = true; - environment.systemPackages = [ pkgs.mongodb-4_2 ]; + environment.systemPackages = [ pkgs_22-11.mongodb-4_2 ]; services.unifi = { enable = true; unifiPackage = pkgs.unifi; - mongodbPackage = pkgs.mongodb-4_2; + mongodbPackage = pkgs_22-11.mongodb-4_2; openFirewall = true; }; diff --git a/nixos/hosts/olympus/unifi/configuration.nix b/nixos/hosts/olympus/unifi/configuration.nix index 4b1c60af..8538a80b 100644 --- a/nixos/hosts/olympus/unifi/configuration.nix +++ b/nixos/hosts/olympus/unifi/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ pkgs, lib, ... }: +{ pkgs, pkgs_22-11, lib, ... }: { imports = [ ]; @@ -22,7 +22,7 @@ services.unifi = { enable = true; unifiPackage = pkgs.unifi; - mongodbPackage = pkgs.mongodb-4_2; + mongodbPackage = pkgs_22-11.mongodb-4_2; openFirewall = true; }; } -- 2.47.1 From 35f351946e4193a9789e6e01f7572d9536ca79ac Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 13 Jun 2023 10:15:19 +0200 Subject: [PATCH 1688/1882] merge --- flake.lock | 152 ++++++++++++++++------------------------------------- flake.nix | 10 ++-- 2 files changed, 50 insertions(+), 112 deletions(-) diff --git a/flake.lock b/flake.lock index 67a5046d..77c6027c 100644 --- a/flake.lock +++ b/flake.lock @@ -50,11 +50,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1685309025, - "narHash": "sha256-pZxMM3AMP/ojwhrFD0A2ML4NOgehlBLGHseInnO5evc=", + "lastModified": 1686620679, + "narHash": "sha256-Ck/r3f+W9mOn3cHn5ii/fogBiJtosFnDaOQveaJ0zVU=", "owner": "zhaofengli", "repo": "attic", - "rev": "b1fb790b5f2afaaa1b2f7f18979b8318abe604bb", + "rev": "4fedffe6a1020edfcfa7bef18d21321d4983b3a7", "type": "github" }, "original": { @@ -175,39 +175,6 @@ } }, "crane_2": { - "inputs": { - "flake-compat": [ - "lanzaboote", - "flake-compat" - ], - "flake-utils": [ - "lanzaboote", - "flake-utils" - ], - "nixpkgs": [ - "lanzaboote", - "nixpkgs" - ], - "rust-overlay": [ - "lanzaboote", - "rust-overlay" - ] - }, - "locked": { - "lastModified": 1683505101, - "narHash": "sha256-VBU64Jfu2V4sUR5+tuQS9erBRAe/QEYUxdVMcJGMZZs=", - "owner": "ipetkov", - "repo": "crane", - "rev": "7b5bd9e5acb2bb0cfba2d65f34d8568a894cdb6c", - "type": "github" - }, - "original": { - "owner": "ipetkov", - "repo": "crane", - "type": "github" - } - }, - "crane_3": { "flake": false, "locked": { "lastModified": 1670284777, @@ -243,7 +210,7 @@ "inputs": { "alejandra": "alejandra", "all-cabal-json": "all-cabal-json", - "crane": "crane_3", + "crane": "crane_2", "devshell": "devshell", "flake-parts": "flake-parts_2", "flake-utils-pre-commit": "flake-utils-pre-commit", @@ -698,11 +665,11 @@ ] }, "locked": { - "lastModified": 1686391840, - "narHash": "sha256-5S0APl6Mfm6a37taHwvuf11UHnAX0+PnoWQbsYbMUnc=", + "lastModified": 1686639065, + "narHash": "sha256-ZBDPI1GCsZaQBzPd6zjowqfNj58sRE+PTpZiThQCj68=", "owner": "nix-community", "repo": "home-manager", - "rev": "0144ac418ef633bfc9dbd89b8c199ad3a617c59f", + "rev": "d437f0d4e0f72fe76688142e954a4a9b61ac9833", "type": "github" }, "original": { @@ -713,22 +680,20 @@ }, "lanzaboote": { "inputs": { - "crane": "crane_2", "flake-compat": "flake-compat_4", "flake-parts": "flake-parts", "flake-utils": "flake-utils_3", "nixpkgs": [ "nixpkgs" ], - "pre-commit-hooks-nix": "pre-commit-hooks-nix", - "rust-overlay": "rust-overlay_2" + "pre-commit-hooks-nix": "pre-commit-hooks-nix" }, "locked": { - "lastModified": 1686415556, - "narHash": "sha256-88nOOiLYzYGIMEiQ91DxuyUa786mqunRw6k6GipXmxg=", + "lastModified": 1686559216, + "narHash": "sha256-8yFA8F8dqUziMgd94DUSM4ljCgudcMYyWeaqdHFUvWE=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "9f97a908e4059221d39c7b7d0906c88b9fcc9c9b", + "rev": "59e3ebb19fdd3fd235d8275b008538a72872bad7", "type": "github" }, "original": { @@ -924,11 +889,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1685012353, - "narHash": "sha256-U3oOge4cHnav8OLGdRVhL45xoRj4Ppd+It6nPC9nNIU=", + "lastModified": 1686519857, + "narHash": "sha256-VkBhuq67aXXiCoEmicziuDLUPPjeOTLQoj6OeVai5zM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "aeb75dba965e790de427b73315d5addf91a54955", + "rev": "6b1b72c0f887a478a5aac355674ff6df0fc44f44", "type": "github" }, "original": { @@ -1067,22 +1032,6 @@ "type": "github" } }, - "nixpkgs_22-11": { - "locked": { - "lastModified": 1686476475, - "narHash": "sha256-W9yUePvCSDghn+YUXewuodyPxt+kJl/a7zdY4Q6r4MU=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "eef86b8a942913a828b9ef13722835f359deef29", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-22.11", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs_3": { "locked": { "lastModified": 1680668850, @@ -1101,18 +1050,17 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1686496983, - "narHash": "sha256-DX7PZwzBVHQpwG4vK5zUa61/RFk2BQb3uTxJQg2wiM0=", - "owner": "nixos", + "lastModified": 1686587353, + "narHash": "sha256-LW8lIsKj+Y9jM25p15kdokqBHK+R7YpA/FmV2x379D8=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "3d318cb303f285d2964d4137619cb21ddd56cfd5", + "rev": "3463e24e1d1df4d9f47c6e74e62864f915010db2", "type": "github" }, "original": { - "owner": "nixos", + "id": "nixpkgs", "ref": "nixos-unstable-small", - "repo": "nixpkgs", - "type": "github" + "type": "indirect" } }, "nixpkgs_5": { @@ -1193,6 +1141,21 @@ "type": "github" } }, + "nixpkgs_stable": { + "locked": { + "lastModified": 1686431482, + "narHash": "sha256-oPVQ/0YP7yC2ztNsxvWLrV+f0NQ2QAwxbrZ+bgGydEM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "d3bb401dcfc5a46ce51cdfb5762e70cc75d082d2", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-23.05", + "type": "indirect" + } + }, "nixvim": { "inputs": { "beautysh": "beautysh", @@ -1201,11 +1164,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1686407073, - "narHash": "sha256-FFDLQgHsuGQJlqYs8CwDIHhRszDyX0Xb1wjbCwGQVdI=", + "lastModified": 1686566878, + "narHash": "sha256-GzGegnA1zl3GAp0m1fXPu1RRRpQ4wCi2WcNCsnTr81s=", "owner": "pta2002", "repo": "nixvim", - "rev": "a2ef858ea5599dc547011c19c40a962bc72a80e7", + "rev": "895998b5a74c6123c26ea6e2c6af766057428551", "type": "github" }, "original": { @@ -1216,11 +1179,11 @@ }, "nur": { "locked": { - "lastModified": 1686551572, - "narHash": "sha256-F6LQMUbXBohE9gxB4jpfyJ6aQsWMKH8DQGYnYzlTW8M=", + "lastModified": 1686639909, + "narHash": "sha256-cc7sdnDgyf87uy+vzhOqRPTKEE91a3mKd5mByakuI2I=", "owner": "nix-community", "repo": "NUR", - "rev": "d5d81b26c82b80b05d5d64c442b79fb45428cb00", + "rev": "588cf2f61a156266463a2291e3c63d838f992fca", "type": "github" }, "original": { @@ -1316,11 +1279,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1682596858, - "narHash": "sha256-Hf9XVpqaGqe/4oDGr30W8HlsWvJXtMsEPHDqHZA6dDg=", + "lastModified": 1684842236, + "narHash": "sha256-rYWsIXHvNhVQ15RQlBUv67W3YnM+Pd+DuXGMvCBq2IE=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "fb58866e20af98779017134319b5663b8215d912", + "rev": "61e567d6497bc9556f391faebe5e410e6623217f", "type": "github" }, "original": { @@ -1387,7 +1350,7 @@ "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_4", - "nixpkgs_22-11": "nixpkgs_22-11", + "nixpkgs_stable": "nixpkgs_stable", "nixvim": "nixvim", "nur": "nur", "riff": "riff", @@ -1457,31 +1420,6 @@ "type": "github" } }, - "rust-overlay_2": { - "inputs": { - "flake-utils": [ - "lanzaboote", - "flake-utils" - ], - "nixpkgs": [ - "lanzaboote", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1684030847, - "narHash": "sha256-z4tOxaN9Cl8C80u6wyZBpPt9A9MbL21fZ3zdB/vG+AU=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "aa1480f16bec7dda3c62b8cdb184c7e823331ba2", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, "stable": { "locked": { "lastModified": 1669735802, diff --git a/flake.nix b/flake.nix index 0b658d39..885e1e63 100644 --- a/flake.nix +++ b/flake.nix @@ -5,9 +5,9 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; + nixpkgs.url = "nixpkgs/nixos-unstable-small"; - nixpkgs_22-11.url = "github:nixos/nixpkgs/nixos-22.11"; + nixpkgs_stable.url = "nixpkgs/nixos-23.05"; nur.url = "github:nix-community/NUR"; @@ -46,7 +46,7 @@ attic.url = "github:zhaofengli/attic"; }; - outputs = { self, nixpkgs, nixpkgs_22-11, vault-secrets, colmena + outputs = { self, nixpkgs, nixpkgs_stable, vault-secrets, colmena , nixos-generators, nur, attic, ... }@inputs: let inherit (nixpkgs) lib; @@ -62,13 +62,13 @@ overlays = [ (import ./nixos/pkgs) vault-secrets.overlay nur.overlay ]; }; - pkgs_22-11 = import nixpkgs_22-11 { + pkgs_stable = import nixpkgs_stable { inherit system; config.allowUnfree = true; }; # Define args each module gets access to (access to hosts is useful for DNS/DHCP) - specialArgs = { inherit hosts flat_hosts inputs pkgs_22-11; }; + specialArgs = { inherit hosts flat_hosts inputs pkgs_stable; }; # Script to apply local colmena deployments apply-local = pkgs.writeShellScriptBin "apply-local" '' -- 2.47.1 From 628bf11cdb4fbba1101eb7f5b1c78261b6e30be2 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 13 Jun 2023 10:16:24 +0200 Subject: [PATCH 1689/1882] fix pkgs --- nixos/hosts/hades/unifi/configuration.nix | 6 +++--- nixos/hosts/olympus/unifi/configuration.nix | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/nixos/hosts/hades/unifi/configuration.nix b/nixos/hosts/hades/unifi/configuration.nix index 858a2efb..7659d411 100644 --- a/nixos/hosts/hades/unifi/configuration.nix +++ b/nixos/hosts/hades/unifi/configuration.nix @@ -1,13 +1,13 @@ -{ pkgs, lib, pkgs_22-11,... }: { +{ pkgs, lib, pkgs_stable,... }: { system.stateVersion = "21.05"; networking.interfaces.eth0.useDHCP = true; - environment.systemPackages = [ pkgs_22-11.mongodb-4_2 ]; + environment.systemPackages = [ pkgs_stable.mongodb-4_2 ]; services.unifi = { enable = true; unifiPackage = pkgs.unifi; - mongodbPackage = pkgs_22-11.mongodb-4_2; + mongodbPackage = pkgs_stable.mongodb-4_2; openFirewall = true; }; diff --git a/nixos/hosts/olympus/unifi/configuration.nix b/nixos/hosts/olympus/unifi/configuration.nix index 8538a80b..d67b079d 100644 --- a/nixos/hosts/olympus/unifi/configuration.nix +++ b/nixos/hosts/olympus/unifi/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ pkgs, pkgs_22-11, lib, ... }: +{ pkgs, pkgs_stable, lib, ... }: { imports = [ ]; @@ -22,7 +22,7 @@ services.unifi = { enable = true; unifiPackage = pkgs.unifi; - mongodbPackage = pkgs_22-11.mongodb-4_2; + mongodbPackage = pkgs_stable.mongodb-4_2; openFirewall = true; }; } -- 2.47.1 From 3283111c8d2972a3fda11ccab498e338151dfdaf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 14 Jun 2023 06:00:22 +0000 Subject: [PATCH 1690/1882] chore(deps): update renovate/renovate docker tag to v35.117.3 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index f87c3532..50ff8c33 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.115.2 + image: renovate/renovate:35.117.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From dbd975c463d142c5724c77321e1a1e5593ad43d6 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 15 Jun 2023 11:33:56 +0200 Subject: [PATCH 1691/1882] deploy mqtt --- nixos/hosts/hades/lucy/configuration.nix | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/nixos/hosts/hades/lucy/configuration.nix b/nixos/hosts/hades/lucy/configuration.nix index f776fe7c..1df2976e 100644 --- a/nixos/hosts/hades/lucy/configuration.nix +++ b/nixos/hosts/hades/lucy/configuration.nix @@ -36,9 +36,15 @@ in { system.stateVersion = "23.05"; # Did you read the comment? # Additional packages - environment.systemPackages = with pkgs; [ gcc go jq rustup trivy nuclei-latest ]; + environment.systemPackages = with pkgs; [ + gcc + go + jq + rustup + trivy + nuclei-latest + ]; - networking.firewall.allowedTCPPorts = [ ]; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -46,6 +52,20 @@ in { virtualisation.docker.enable = true; + services.mosquitto = { + enable = true; + listeners = [{ + acl = [ "pattern readwrite #" ]; + omitPasswordAuth = true; + settings.allow_anonymous = true; + }]; + }; + + networking.firewall = { + enable = true; + allowedTCPPorts = [ 1883 ]; + }; + users.extraUsers.laura.extraGroups = [ "wheel" "docker" ]; users.extraUsers.victor.extraGroups = [ "docker" ]; } -- 2.47.1 From 4b5b4e38ea24b832b8f95412a2bbb7aad2506080 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 15 Jun 2023 17:13:21 +0200 Subject: [PATCH 1692/1882] flake update --- flake.lock | 42 ++++++++++++------------ nixos/hosts/hades/lucy/configuration.nix | 1 - 2 files changed, 21 insertions(+), 22 deletions(-) diff --git a/flake.lock b/flake.lock index 77c6027c..cb6094e2 100644 --- a/flake.lock +++ b/flake.lock @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1686639065, - "narHash": "sha256-ZBDPI1GCsZaQBzPd6zjowqfNj58sRE+PTpZiThQCj68=", + "lastModified": 1686778999, + "narHash": "sha256-3qBtOJdznerw33LgwJTSUL6u8/j1Ot83fcc0f6oHKmk=", "owner": "nix-community", "repo": "home-manager", - "rev": "d437f0d4e0f72fe76688142e954a4a9b61ac9833", + "rev": "e0034971f9def16bbc32124147787bc0f09f0e59", "type": "github" }, "original": { @@ -689,11 +689,11 @@ "pre-commit-hooks-nix": "pre-commit-hooks-nix" }, "locked": { - "lastModified": 1686559216, - "narHash": "sha256-8yFA8F8dqUziMgd94DUSM4ljCgudcMYyWeaqdHFUvWE=", + "lastModified": 1686692834, + "narHash": "sha256-EFjJ/r4iYVKO+XdL15g9bzOKbCExTGeqNEVHSn0H7/E=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "59e3ebb19fdd3fd235d8275b008538a72872bad7", + "rev": "823ad6b70bf09b91c3a9dd9a64678ec80ba3c1ee", "type": "github" }, "original": { @@ -858,11 +858,11 @@ ] }, "locked": { - "lastModified": 1685943944, - "narHash": "sha256-GpaQwOkvwkmSWxvWaZqbMKyyOSaBAwgdEcHCqLW/240=", + "lastModified": 1686644215, + "narHash": "sha256-FYa25w7gt8FqzWLl4UuwLLG7BiKZiAW/PFGbXWW6UAc=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "122dcc32cadf14c5015aa021fae8882c5058263a", + "rev": "f17fb67fc81a9f3b166cee711089466ba6617154", "type": "github" }, "original": { @@ -1050,11 +1050,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1686587353, - "narHash": "sha256-LW8lIsKj+Y9jM25p15kdokqBHK+R7YpA/FmV2x379D8=", + "lastModified": 1686718773, + "narHash": "sha256-x+4xs6+jWhFaYwt6REH7e91rm5vt2GCPEfmRdNcHyi4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3463e24e1d1df4d9f47c6e74e62864f915010db2", + "rev": "ba1a6ec548000d4a50719d14e6f73f63016674d5", "type": "github" }, "original": { @@ -1143,11 +1143,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1686431482, - "narHash": "sha256-oPVQ/0YP7yC2ztNsxvWLrV+f0NQ2QAwxbrZ+bgGydEM=", + "lastModified": 1686736559, + "narHash": "sha256-YyUSVoOKIDAscTx7IZhF9x3qgZ9dPNF19fKk+4c5irc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d3bb401dcfc5a46ce51cdfb5762e70cc75d082d2", + "rev": "ddf4688dc7aeb14e8a3c549cb6aa6337f187a884", "type": "github" }, "original": { @@ -1164,11 +1164,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1686566878, - "narHash": "sha256-GzGegnA1zl3GAp0m1fXPu1RRRpQ4wCi2WcNCsnTr81s=", + "lastModified": 1686822953, + "narHash": "sha256-O7famU9SxDRJqa4fob1Ja2Aclr9XqKu3k4uhpvPnZ+c=", "owner": "pta2002", "repo": "nixvim", - "rev": "895998b5a74c6123c26ea6e2c6af766057428551", + "rev": "9fd431366acf7a6cb8e38c9b19a70b6376b16014", "type": "github" }, "original": { @@ -1179,11 +1179,11 @@ }, "nur": { "locked": { - "lastModified": 1686639909, - "narHash": "sha256-cc7sdnDgyf87uy+vzhOqRPTKEE91a3mKd5mByakuI2I=", + "lastModified": 1686807758, + "narHash": "sha256-0Kg2VqEZzrwZubTrtj+fu77F/IftkDH6ZESwe4ZXkfw=", "owner": "nix-community", "repo": "NUR", - "rev": "588cf2f61a156266463a2291e3c63d838f992fca", + "rev": "53bdfe0d57ba919516d99906d18db3a6f96b53f2", "type": "github" }, "original": { diff --git a/nixos/hosts/hades/lucy/configuration.nix b/nixos/hosts/hades/lucy/configuration.nix index 1df2976e..e5f1f0ae 100644 --- a/nixos/hosts/hades/lucy/configuration.nix +++ b/nixos/hosts/hades/lucy/configuration.nix @@ -45,7 +45,6 @@ in { nuclei-latest ]; - boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.efiSysMountPoint = "/boot"; -- 2.47.1 From 71fa982a3f084c5e6734b97d9bfe4714c9b9b4a7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 16 Jun 2023 06:00:25 +0000 Subject: [PATCH 1693/1882] chore(deps): update ghcr.io/sct/overseerr docker tag to v1.33.0 --- nixos/hosts/hades/overseerr/overseerr.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/overseerr/overseerr.nix b/nixos/hosts/hades/overseerr/overseerr.nix index c0787990..f987831d 100644 --- a/nixos/hosts/hades/overseerr/overseerr.nix +++ b/nixos/hosts/hades/overseerr/overseerr.nix @@ -2,7 +2,7 @@ _: { networking.firewall.allowedTCPPorts = [ 5055 ]; # TODO: Write NixOS package https://github.com/NixOS/nixpkgs/issues/135885 virtualisation.oci-containers.containers.overseerr = { - image = "ghcr.io/sct/overseerr:1.32.5"; + image = "ghcr.io/sct/overseerr:1.33.0"; environment = { TZ = "Europe/Amsterdam"; }; ports = [ "5055:5055" ]; volumes = [ "/var/lib/overseerr/config:/app/config" ]; -- 2.47.1 From 7242ccf9ae88d1c6e3c668f81d3bf2603502e79c Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 16 Jun 2023 09:05:38 +0200 Subject: [PATCH 1694/1882] add swipe action --- flake.lock | 18 +++++++++--------- .../hosts/olympus/mailserver/configuration.nix | 18 ++++++++++++++++-- nixos/pkgs/default.nix | 2 ++ nixos/pkgs/roundcube-swipe/default.nix | 18 ++++++++++++++++++ 4 files changed, 45 insertions(+), 11 deletions(-) create mode 100644 nixos/pkgs/roundcube-swipe/default.nix diff --git a/flake.lock b/flake.lock index cb6094e2..7f77b170 100644 --- a/flake.lock +++ b/flake.lock @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1686778999, - "narHash": "sha256-3qBtOJdznerw33LgwJTSUL6u8/j1Ot83fcc0f6oHKmk=", + "lastModified": 1686852570, + "narHash": "sha256-Hzufya/HxjSliCwpuLJCGY0WCQajzcpsnhFGa+TCkCM=", "owner": "nix-community", "repo": "home-manager", - "rev": "e0034971f9def16bbc32124147787bc0f09f0e59", + "rev": "4e09c83255c5b23d58714d56672d3946faf1bcef", "type": "github" }, "original": { @@ -1179,11 +1179,11 @@ }, "nur": { "locked": { - "lastModified": 1686807758, - "narHash": "sha256-0Kg2VqEZzrwZubTrtj+fu77F/IftkDH6ZESwe4ZXkfw=", + "lastModified": 1686894171, + "narHash": "sha256-QyEdSgyOdSGM3kS6N/r+0i47VbeZI41OZik37ipkQBs=", "owner": "nix-community", "repo": "NUR", - "rev": "53bdfe0d57ba919516d99906d18db3a6f96b53f2", + "rev": "1c14e580cdf9e778d76a15ff13d6d302da628a30", "type": "github" }, "original": { @@ -1549,11 +1549,11 @@ "nixpkgs": "nixpkgs_8" }, "locked": { - "lastModified": 1683797625, - "narHash": "sha256-Fgu9rxFziIJ47NiSdEUGO0PSwN9KTwW9lN0iT3uBpYI=", + "lastModified": 1686833044, + "narHash": "sha256-pl5qH72KNOgS9ivj06Nh272HTPd5cYPSL768RsYiLDg=", "owner": "serokell", "repo": "vault-secrets", - "rev": "9b23805fd05bf3b291d6f80ddfeb9a97318b6547", + "rev": "30c5b1c532d10e40c8a196995acee675d7d731f2", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index 29965391..fd6ca36d 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -103,11 +103,12 @@ in { services.roundcube = { enable = true; - package = - pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]); + package = pkgs.roundcube.withPlugins + (plugins: [ plugins.persistent_login pkgs.v.roundcube-swipe ]); plugins = [ "archive" "managesieve" + "swipe" # "enigma" # "markasjunk" "persistent_login" @@ -121,6 +122,19 @@ in { $config['smtp_host'] = "tls://${config.mailserver.fqdn}"; $config['smtp_user'] = "%u"; $config['smtp_pass'] = "%p"; + + $config['swipe_actions'] = [ + 'messagelist' => [ + 'left' => 'archive', + 'right' => 'archive', + 'down' => 'none' + ], + 'contactlist' => [ + 'left' => 'none', + 'right' => 'none', + 'down' => 'none' + ] + ]; ''; }; diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index 537224d7..52134add 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -14,6 +14,8 @@ _final: prev: { dnd-5e-latex-template = prev.callPackage ./dnd-5e-latex-template { }; + roundcube-swipe = prev.callPackage ./roundcube-swipe { }; + gitea-agatheme = prev.callPackage ./gitea-agatheme { }; # nix-shell -p "(vscode-with-extensions.override {vscodeExtensions = with vscode-extensions; [ jnoortheen.nix-ide ]; })" -I nixpkgs=. diff --git a/nixos/pkgs/roundcube-swipe/default.nix b/nixos/pkgs/roundcube-swipe/default.nix new file mode 100644 index 00000000..154e9f76 --- /dev/null +++ b/nixos/pkgs/roundcube-swipe/default.nix @@ -0,0 +1,18 @@ +{ runCommand, fetchzip }: +let + roundcubePlugin = { pname, version, src }: + + runCommand "roundcube-plugin-${pname}-${version}" { } '' + mkdir -p $out/plugins/ + cp -r ${src} $out/plugins/${pname} + ''; +in roundcubePlugin rec { + pname = "roundcube-swipe"; + version = "0.5"; + + src = fetchzip { + url = + "https://github.com/johndoh/roundcube-swipe/archive/refs/tags/${version}.tar.gz"; + sha256 = "sha256-ExTnYE4uF8E+Fatz7fL+vVmxgLxawEI30Rw2uAWNCNw="; + }; +} -- 2.47.1 From 434952cca0d3d989b829778386767bbd1fa7fffa Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 16 Jun 2023 09:31:17 +0200 Subject: [PATCH 1695/1882] fix roundcube swipe --- nixos/pkgs/roundcube-swipe/default.nix | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/nixos/pkgs/roundcube-swipe/default.nix b/nixos/pkgs/roundcube-swipe/default.nix index 154e9f76..d89003d4 100644 --- a/nixos/pkgs/roundcube-swipe/default.nix +++ b/nixos/pkgs/roundcube-swipe/default.nix @@ -1,18 +1,19 @@ -{ runCommand, fetchzip }: +{ runCommand, fetchFromGitHub }: let roundcubePlugin = { pname, version, src }: - runCommand "roundcube-plugin-${pname}-${version}" { } '' + runCommand "roundcube-plugin-swipe-${version}" { } '' mkdir -p $out/plugins/ - cp -r ${src} $out/plugins/${pname} + cp -r ${src} $out/plugins/swipe ''; in roundcubePlugin rec { pname = "roundcube-swipe"; version = "0.5"; - src = fetchzip { - url = - "https://github.com/johndoh/roundcube-swipe/archive/refs/tags/${version}.tar.gz"; - sha256 = "sha256-ExTnYE4uF8E+Fatz7fL+vVmxgLxawEI30Rw2uAWNCNw="; + src = fetchFromGitHub { + owner = "johndoh"; + repo = pname; + rev = "de96f82183bc593d879c335e6614fa983d51abfc"; + sha256 = "sha256-vrMSvGwUzufSFDsUvUSL9JLR/+GtWdebVqgKiXMOOq4="; }; } -- 2.47.1 From d1cf0ae6127d976e53adc1a714c33f96c78357b7 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 17 Jun 2023 19:12:49 +0200 Subject: [PATCH 1696/1882] changes --- nixos/hosts/hades/dns/configuration.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/nixos/hosts/hades/dns/configuration.nix b/nixos/hosts/hades/dns/configuration.nix index 6e314dad..89df9fee 100644 --- a/nixos/hosts/hades/dns/configuration.nix +++ b/nixos/hosts/hades/dns/configuration.nix @@ -30,6 +30,7 @@ "requests.xirion.net typetransparent" "ha.xirion.net typetransparent" "mail.xirion.net typetransparent" + "plex.xirion.net typetransparent" ]; local-data = [ @@ -43,6 +44,7 @@ ''"requests.xirion.net A 192.168.0.122"'' ''"ha.xirion.net A 192.168.0.122"'' ''"mail.xirion.net A 192.168.0.122"'' + ''"plex.xirion.net A 192.168.0.122"'' ]; }; } -- 2.47.1 From 97023bc2e2cdbdbcf32eb0a0b18610e766628201 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 17 Jun 2023 22:00:26 +0000 Subject: [PATCH 1697/1882] chore(deps): update renovate/renovate docker tag to v35.126.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 50ff8c33..c9a1503a 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.117.3 + image: renovate/renovate:35.126.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 1ce159b5370dc0eaaed737450b8456ec22418774 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Sun, 18 Jun 2023 10:00:06 +0200 Subject: [PATCH 1698/1882] fix lint --- nixos/pkgs/roundcube-swipe/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/pkgs/roundcube-swipe/default.nix b/nixos/pkgs/roundcube-swipe/default.nix index d89003d4..2d5234f0 100644 --- a/nixos/pkgs/roundcube-swipe/default.nix +++ b/nixos/pkgs/roundcube-swipe/default.nix @@ -1,6 +1,6 @@ { runCommand, fetchFromGitHub }: let - roundcubePlugin = { pname, version, src }: + roundcubePlugin = { version, src }: runCommand "roundcube-plugin-swipe-${version}" { } '' mkdir -p $out/plugins/ -- 2.47.1 From 096ab865ee7a3db51618f489b89ee6a542e66864 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 20 Jun 2023 11:20:10 +0200 Subject: [PATCH 1699/1882] updates --- flake.lock | 100 ++++++++++++++-------------- flake.nix | 4 +- nixos/pkgs/default.nix | 2 - nixos/pkgs/weave-gitops/default.nix | 26 -------- 4 files changed, 52 insertions(+), 80 deletions(-) delete mode 100644 nixos/pkgs/weave-gitops/default.nix diff --git a/flake.lock b/flake.lock index 7f77b170..680ed4e0 100644 --- a/flake.lock +++ b/flake.lock @@ -131,11 +131,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1686077956, - "narHash": "sha256-zkkjqU5NZipqakDfPSve85ljyZJ8aQtfk9mPkJ+w3IE=", + "lastModified": 1687186099, + "narHash": "sha256-J5/LWwTqpSphwgvzZl4AJ6TlrJpdEG8PRLjlGr8D24U=", "owner": "nix-community", "repo": "comma", - "rev": "59a88b9b86bc35ee6c5ec02fab6819ad68bdaa3f", + "rev": "3c039932f6032454db850296b1ea73537a06ff3f", "type": "github" }, "original": { @@ -248,11 +248,11 @@ "rust-analyzer-src": "rust-analyzer-src" }, "locked": { - "lastModified": 1674282107, - "narHash": "sha256-0wBK+1IMJdAkckR715ssMPFUhCAqRpRcppGwraiWREU=", + "lastModified": 1686896497, + "narHash": "sha256-IphIS1KpiFXp/j0v7mEMhtw51uvU5F0mqF2j4//7VAA=", "owner": "nix-community", "repo": "fenix", - "rev": "18fc1446c44e05165437c5900b95670166a09270", + "rev": "9c69d11badcd78710d7d8665bc3d2e1adc450ffe", "type": "github" }, "original": { @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1686852570, - "narHash": "sha256-Hzufya/HxjSliCwpuLJCGY0WCQajzcpsnhFGa+TCkCM=", + "lastModified": 1687204608, + "narHash": "sha256-rZ0e0iAIQM7vlsMd2/pcGfymZzNBRawObFgqIpxE94c=", "owner": "nix-community", "repo": "home-manager", - "rev": "4e09c83255c5b23d58714d56672d3946faf1bcef", + "rev": "f06a43dca05fb7f1aa44742bf861d9c827b45122", "type": "github" }, "original": { @@ -689,11 +689,11 @@ "pre-commit-hooks-nix": "pre-commit-hooks-nix" }, "locked": { - "lastModified": 1686692834, - "narHash": "sha256-EFjJ/r4iYVKO+XdL15g9bzOKbCExTGeqNEVHSn0H7/E=", + "lastModified": 1687124707, + "narHash": "sha256-BEC2y7zwDI/Saeupr9rijLvwb0OoqTD9vntlcyciyrM=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "823ad6b70bf09b91c3a9dd9a64678ec80ba3c1ee", + "rev": "c758cdad465e0c8174db57dc493f51a89f0e3372", "type": "github" }, "original": { @@ -787,11 +787,11 @@ ] }, "locked": { - "lastModified": 1671096816, - "narHash": "sha256-ezQCsNgmpUHdZANDCILm3RvtO1xH8uujk/+EqNvzIOg=", + "lastModified": 1686572087, + "narHash": "sha256-jXTut7ZSYqLEgm/nTk7TuVL2ExahTip605bLINklAnQ=", "owner": "nix-community", "repo": "naersk", - "rev": "d998160d6a076cfe8f9741e56aeec7e267e3e114", + "rev": "8507af04eb40c5520bd35d9ce6f9d2342cea5ad1", "type": "github" }, "original": { @@ -837,11 +837,11 @@ }, "nixlib": { "locked": { - "lastModified": 1685840432, - "narHash": "sha256-VJIbiKsY7Xy4E4WcgwUt/UiwYDmN5BAk8tngAjcWsqY=", + "lastModified": 1687049841, + "narHash": "sha256-FBNZQfWtA7bb/rwk92mfiWc85x4hXta2OAouDqO5W8w=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "961e99baaaa57f5f7042fe7ce089a88786c839f4", + "rev": "908af6d1fa3643c5818ea45aa92b21d6385fbbe5", "type": "github" }, "original": { @@ -858,11 +858,11 @@ ] }, "locked": { - "lastModified": 1686644215, - "narHash": "sha256-FYa25w7gt8FqzWLl4UuwLLG7BiKZiAW/PFGbXWW6UAc=", + "lastModified": 1687183443, + "narHash": "sha256-foX4pkph2AwUdJL3JURa7IHog+YRIheZ54vwHwxqwhU=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "f17fb67fc81a9f3b166cee711089466ba6617154", + "rev": "09140f23f5ffce828db4ef040070bdd9595b1f3a", "type": "github" }, "original": { @@ -1050,26 +1050,26 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1686718773, - "narHash": "sha256-x+4xs6+jWhFaYwt6REH7e91rm5vt2GCPEfmRdNcHyi4=", + "lastModified": 1686960236, + "narHash": "sha256-AYCC9rXNLpUWzD9hm+askOfpliLEC9kwAo7ITJc4HIw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ba1a6ec548000d4a50719d14e6f73f63016674d5", + "rev": "04af42f3b31dba0ef742d254456dc4c14eedac86", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-unstable-small", + "ref": "nixos-unstable", "type": "indirect" } }, "nixpkgs_5": { "locked": { - "lastModified": 1686319658, - "narHash": "sha256-tGWdoUAqKnE866mYFlEfc2a99kxFy31hOQJH5YQKrTQ=", + "lastModified": 1686960236, + "narHash": "sha256-AYCC9rXNLpUWzD9hm+askOfpliLEC9kwAo7ITJc4HIw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ae766d59b07c450e0f1de8a1bfd6529089f40849", + "rev": "04af42f3b31dba0ef742d254456dc4c14eedac86", "type": "github" }, "original": { @@ -1081,16 +1081,16 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1672580127, - "narHash": "sha256-3lW3xZslREhJogoOkjeZtlBtvFMyxHku7I/9IVehhT8=", + "lastModified": 1686736559, + "narHash": "sha256-YyUSVoOKIDAscTx7IZhF9x3qgZ9dPNF19fKk+4c5irc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0874168639713f547c05947c76124f78441ea46c", + "rev": "ddf4688dc7aeb14e8a3c549cb6aa6337f187a884", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-22.05", + "ref": "nixos-23.05", "repo": "nixpkgs", "type": "github" } @@ -1143,11 +1143,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1686736559, - "narHash": "sha256-YyUSVoOKIDAscTx7IZhF9x3qgZ9dPNF19fKk+4c5irc=", + "lastModified": 1687193290, + "narHash": "sha256-3bknptEbd9LLlCiFRFkMwmciHB+QXET41gH/RX+Nr1A=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ddf4688dc7aeb14e8a3c549cb6aa6337f187a884", + "rev": "ad157fe26e74211e7dde0456cb3fd9ab78b6e552", "type": "github" }, "original": { @@ -1164,11 +1164,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1686822953, - "narHash": "sha256-O7famU9SxDRJqa4fob1Ja2Aclr9XqKu3k4uhpvPnZ+c=", + "lastModified": 1687172883, + "narHash": "sha256-7i9eGpvo9uYSOQ07acTfVpIk/r2okIumWBA4apOiO7Y=", "owner": "pta2002", "repo": "nixvim", - "rev": "9fd431366acf7a6cb8e38c9b19a70b6376b16014", + "rev": "885a7460735c3547f06a5f8af30ed22e39642806", "type": "github" }, "original": { @@ -1179,11 +1179,11 @@ }, "nur": { "locked": { - "lastModified": 1686894171, - "narHash": "sha256-QyEdSgyOdSGM3kS6N/r+0i47VbeZI41OZik37ipkQBs=", + "lastModified": 1687242811, + "narHash": "sha256-PHdt+saMHnW6vcUGDnJxBWSBx8tDI7lePpgNdfujEfQ=", "owner": "nix-community", "repo": "NUR", - "rev": "1c14e580cdf9e778d76a15ff13d6d302da628a30", + "rev": "75d50b0fe99a652e80ce00c64e8c9adf395dd807", "type": "github" }, "original": { @@ -1248,11 +1248,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1686213770, - "narHash": "sha256-Re6xXLEqQ/HRnThryumyGzEf3Uv0Pl4cuG50MrDofP8=", + "lastModified": 1686668298, + "narHash": "sha256-AADh9NqHh6X2LOem4BvI7oCkMm+JPCSCE7iIw5nn0VA=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "182af51202998af5b64ddecaa7ff9be06425399b", + "rev": "5b6b54d3f722aa95cbf4ddbe35390a0af8c0015a", "type": "github" }, "original": { @@ -1326,11 +1326,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1677774593, - "narHash": "sha256-Drh8t1PPm7xSU8EzDkL2tJf7u75/jUiUKnVBarQkFro=", + "lastModified": 1686943106, + "narHash": "sha256-rTYwDvTLFCCbyGHDM/Si7v7RR7A6pcnXyO85NtMmAH4=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "330868ae137cd8baefa6fb53e1cf5847ad7d2320", + "rev": "2e19c1097c922cdeb90fdaec60f9bc592b8c4ffe", "type": "github" }, "original": { @@ -1362,11 +1362,11 @@ "rust-analyzer-src": { "flake": false, "locked": { - "lastModified": 1674253028, - "narHash": "sha256-OzdEJpxIZw50DuZ1aBJlZnJ/GxHfKhexhn4Eu53YnEo=", + "lastModified": 1686818168, + "narHash": "sha256-yyoJmC17T6mXqthzgGiTKSdUJ0cTEuqQmkmd3iW4ay8=", "owner": "rust-lang", "repo": "rust-analyzer", - "rev": "9a6294d7038e7eab00beafdf64ec4aa50a4c66a2", + "rev": "ff864fbb9fc21f0cdae408fe8f5b2f43141b45a7", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 885e1e63..8e9cfe49 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "nixpkgs/nixos-unstable-small"; + nixpkgs.url = "nixpkgs/nixos-unstable"; nixpkgs_stable.url = "nixpkgs/nixos-23.05"; @@ -145,7 +145,7 @@ (vault-push-approle-envs self { }) (vault-push-approles self { }) fast-repl - v.weave-gitops + weave-gitops ]; }; }; diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index 52134add..5f7180fc 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -3,8 +3,6 @@ _final: prev: { v = { glitch-soc = prev.callPackage ./glitch-soc { }; - weave-gitops = prev.callPackage ./weave-gitops { }; - unbound = prev.unbound.override { withSystemd = true; withDoH = true; diff --git a/nixos/pkgs/weave-gitops/default.nix b/nixos/pkgs/weave-gitops/default.nix deleted file mode 100644 index 9faf7e98..00000000 --- a/nixos/pkgs/weave-gitops/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ lib, fetchFromGitHub, buildGoModule }: -buildGoModule rec { - pname = "weave-gitops"; - version = "0.23.0"; - - src = fetchFromGitHub { - owner = "weaveworks"; - repo = pname; - rev = "v${version}"; - sha256 = "sha256-nXFR+X63yp9IFTeW41ncBt77bCD3QFTs4phJMMLWrxs="; - }; - - ldflags = [ "-s" "-w" "-X github.com/weaveworks/weave-gitops/cmd/gitops/version.Version=${version}" ]; - - vendorSha256 = "sha256-3CgR9F3Bz4k1MVOufaF/E2GD6+bTOnnUqOXkNO9ZFrc="; - - subPackages = [ "cmd/gitops" ]; - - meta = with lib; { - homepage = "https://github.com/weaveworks/weave-gitops"; - description = "Weave Gitops CLI"; - license = licenses.mpl20; - platforms = platforms.linux; - maintainers = with maintainers; [ nullx76 ]; - }; -} -- 2.47.1 From 1e5a26cf3dd4b5d48028aa34ebc95c454d2cbbcf Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Wed, 21 Jun 2023 13:19:14 +0200 Subject: [PATCH 1700/1882] fixes --- flake.lock | 68 +++++++++++++------------- flake.nix | 2 +- nixos/pkgs/roundcube-swipe/default.nix | 2 +- 3 files changed, 36 insertions(+), 36 deletions(-) diff --git a/flake.lock b/flake.lock index 7f77b170..8f41edd5 100644 --- a/flake.lock +++ b/flake.lock @@ -248,11 +248,11 @@ "rust-analyzer-src": "rust-analyzer-src" }, "locked": { - "lastModified": 1674282107, - "narHash": "sha256-0wBK+1IMJdAkckR715ssMPFUhCAqRpRcppGwraiWREU=", + "lastModified": 1686896497, + "narHash": "sha256-IphIS1KpiFXp/j0v7mEMhtw51uvU5F0mqF2j4//7VAA=", "owner": "nix-community", "repo": "fenix", - "rev": "18fc1446c44e05165437c5900b95670166a09270", + "rev": "9c69d11badcd78710d7d8665bc3d2e1adc450ffe", "type": "github" }, "original": { @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1686852570, - "narHash": "sha256-Hzufya/HxjSliCwpuLJCGY0WCQajzcpsnhFGa+TCkCM=", + "lastModified": 1687041769, + "narHash": "sha256-lPDVNMrDF/hOVy+P8pEtKzvSN/Akk9RbDcyNuvW1T+M=", "owner": "nix-community", "repo": "home-manager", - "rev": "4e09c83255c5b23d58714d56672d3946faf1bcef", + "rev": "edf9cf65238609db16680be74fe28d4d4858476e", "type": "github" }, "original": { @@ -787,11 +787,11 @@ ] }, "locked": { - "lastModified": 1671096816, - "narHash": "sha256-ezQCsNgmpUHdZANDCILm3RvtO1xH8uujk/+EqNvzIOg=", + "lastModified": 1686572087, + "narHash": "sha256-jXTut7ZSYqLEgm/nTk7TuVL2ExahTip605bLINklAnQ=", "owner": "nix-community", "repo": "naersk", - "rev": "d998160d6a076cfe8f9741e56aeec7e267e3e114", + "rev": "8507af04eb40c5520bd35d9ce6f9d2342cea5ad1", "type": "github" }, "original": { @@ -858,11 +858,11 @@ ] }, "locked": { - "lastModified": 1686644215, - "narHash": "sha256-FYa25w7gt8FqzWLl4UuwLLG7BiKZiAW/PFGbXWW6UAc=", + "lastModified": 1686924781, + "narHash": "sha256-6r3Hm2Fxf4F7LIWRYKU9bsS/xJwlG6L2+/I/pdffvOs=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "f17fb67fc81a9f3b166cee711089466ba6617154", + "rev": "a54683aa7eff00ee5b33dec225525d0eb6ab02de", "type": "github" }, "original": { @@ -1050,11 +1050,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1686718773, - "narHash": "sha256-x+4xs6+jWhFaYwt6REH7e91rm5vt2GCPEfmRdNcHyi4=", + "lastModified": 1687021647, + "narHash": "sha256-VGCwI55Xx0bQUFJpAN624d0BJqi+dz5V8hrk04OwXCI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ba1a6ec548000d4a50719d14e6f73f63016674d5", + "rev": "1ad5661ab394e6ee03c6488b644d75dc4b44c5bc", "type": "github" }, "original": { @@ -1081,16 +1081,16 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1672580127, - "narHash": "sha256-3lW3xZslREhJogoOkjeZtlBtvFMyxHku7I/9IVehhT8=", + "lastModified": 1686736559, + "narHash": "sha256-YyUSVoOKIDAscTx7IZhF9x3qgZ9dPNF19fKk+4c5irc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0874168639713f547c05947c76124f78441ea46c", + "rev": "ddf4688dc7aeb14e8a3c549cb6aa6337f187a884", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-22.05", + "ref": "nixos-23.05", "repo": "nixpkgs", "type": "github" } @@ -1143,11 +1143,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1686736559, - "narHash": "sha256-YyUSVoOKIDAscTx7IZhF9x3qgZ9dPNF19fKk+4c5irc=", + "lastModified": 1686921029, + "narHash": "sha256-J1bX9plPCFhTSh6E3TWn9XSxggBh/zDD4xigyaIQBy8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ddf4688dc7aeb14e8a3c549cb6aa6337f187a884", + "rev": "c7ff1b9b95620ce8728c0d7bd501c458e6da9e04", "type": "github" }, "original": { @@ -1164,11 +1164,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1686822953, - "narHash": "sha256-O7famU9SxDRJqa4fob1Ja2Aclr9XqKu3k4uhpvPnZ+c=", + "lastModified": 1687032041, + "narHash": "sha256-IZvHsFaGPQ4bt6InEEm82/PZUtg+G5DCYZi1kFSmHJg=", "owner": "pta2002", "repo": "nixvim", - "rev": "9fd431366acf7a6cb8e38c9b19a70b6376b16014", + "rev": "e294518a68a6ca5c79ce64a572ff72f9da479496", "type": "github" }, "original": { @@ -1179,11 +1179,11 @@ }, "nur": { "locked": { - "lastModified": 1686894171, - "narHash": "sha256-QyEdSgyOdSGM3kS6N/r+0i47VbeZI41OZik37ipkQBs=", + "lastModified": 1687061392, + "narHash": "sha256-NYwmbCnNfxkEI8kkDFjvIfA+yWqe4ief4J9CVTGbC18=", "owner": "nix-community", "repo": "NUR", - "rev": "1c14e580cdf9e778d76a15ff13d6d302da628a30", + "rev": "dc059a33ffca01b284fb75a37f1f3445c348147a", "type": "github" }, "original": { @@ -1326,11 +1326,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1677774593, - "narHash": "sha256-Drh8t1PPm7xSU8EzDkL2tJf7u75/jUiUKnVBarQkFro=", + "lastModified": 1686943106, + "narHash": "sha256-rTYwDvTLFCCbyGHDM/Si7v7RR7A6pcnXyO85NtMmAH4=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "330868ae137cd8baefa6fb53e1cf5847ad7d2320", + "rev": "2e19c1097c922cdeb90fdaec60f9bc592b8c4ffe", "type": "github" }, "original": { @@ -1362,11 +1362,11 @@ "rust-analyzer-src": { "flake": false, "locked": { - "lastModified": 1674253028, - "narHash": "sha256-OzdEJpxIZw50DuZ1aBJlZnJ/GxHfKhexhn4Eu53YnEo=", + "lastModified": 1686818168, + "narHash": "sha256-yyoJmC17T6mXqthzgGiTKSdUJ0cTEuqQmkmd3iW4ay8=", "owner": "rust-lang", "repo": "rust-analyzer", - "rev": "9a6294d7038e7eab00beafdf64ec4aa50a4c66a2", + "rev": "ff864fbb9fc21f0cdae408fe8f5b2f43141b45a7", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 885e1e63..9526c29d 100644 --- a/flake.nix +++ b/flake.nix @@ -145,7 +145,7 @@ (vault-push-approle-envs self { }) (vault-push-approles self { }) fast-repl - v.weave-gitops + weave-gitops ]; }; }; diff --git a/nixos/pkgs/roundcube-swipe/default.nix b/nixos/pkgs/roundcube-swipe/default.nix index 2d5234f0..1287e7bb 100644 --- a/nixos/pkgs/roundcube-swipe/default.nix +++ b/nixos/pkgs/roundcube-swipe/default.nix @@ -1,6 +1,6 @@ { runCommand, fetchFromGitHub }: let - roundcubePlugin = { version, src }: + roundcubePlugin = { version, src, ... }: runCommand "roundcube-plugin-swipe-${version}" { } '' mkdir -p $out/plugins/ -- 2.47.1 From 8650f2233c0d98f8aa985fca1c14989d067ffc84 Mon Sep 17 00:00:00 2001 From: Forgejo Actions Bot <> Date: Wed, 21 Jun 2023 13:23:10 +0200 Subject: [PATCH 1701/1882] Update Plex --- nixos/pkgs/plex-pass/sources.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/nixos/pkgs/plex-pass/sources.json b/nixos/pkgs/plex-pass/sources.json index fe1232f7..8fea2075 100644 --- a/nixos/pkgs/plex-pass/sources.json +++ b/nixos/pkgs/plex-pass/sources.json @@ -1,14 +1,14 @@ [ { - "version": "1.32.4.7195", + "version": "1.32.5.7210", "platform": "aarch64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.4.7195-7c8f9d3b6/debian/plexmediaserver_1.32.4.7195-7c8f9d3b6_arm64.deb", - "hash": "0fqmwijyp3nkii47s9w0a23r291cbifxgip2flp49wxlr7hbrgj1" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.5.7210-77f7f99fa/debian/plexmediaserver_1.32.5.7210-77f7f99fa_arm64.deb", + "hash": "0406rk04fxn3skd6y40ami0w4fym88qyywx7x7s49a177s1lsmi6" }, { - "version": "1.32.4.7195", + "version": "1.32.5.7210", "platform": "x86_64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.4.7195-7c8f9d3b6/debian/plexmediaserver_1.32.4.7195-7c8f9d3b6_amd64.deb", - "hash": "18c0wxfqrhisbrsp51hb3r95bxgi47p3ykaj146k3x2n627j2ycn" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.5.7210-77f7f99fa/debian/plexmediaserver_1.32.5.7210-77f7f99fa_amd64.deb", + "hash": "1cy53v6y88r6c9smg2xvlkzq9wi56dxgvbssnxccgz1n6dwmq2nm" } ] -- 2.47.1 From 62a9a1c993c803c79bfc6ed11f6f4191e4c6dda7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 21 Jun 2023 22:00:28 +0000 Subject: [PATCH 1702/1882] chore(deps): update renovate/renovate docker tag to v35.140.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index c9a1503a..fff43b33 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.126.0 + image: renovate/renovate:35.140.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 03dc6d54f1f4ef02cec22780954c163d211a8213 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 22 Jun 2023 11:44:07 +0200 Subject: [PATCH 1703/1882] lock flake --- flake.lock | 1623 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 1623 insertions(+) create mode 100644 flake.lock diff --git a/flake.lock b/flake.lock new file mode 100644 index 00000000..3342782c --- /dev/null +++ b/flake.lock @@ -0,0 +1,1623 @@ +{ + "nodes": { + "alejandra": { + "inputs": { + "fenix": "fenix_2", + "flakeCompat": "flakeCompat", + "nixpkgs": [ + "webcord", + "dream2nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1658427149, + "narHash": "sha256-ToD/1z/q5VHsLMrS2h96vjJoLho59eNRtknOUd19ey8=", + "owner": "kamadorueda", + "repo": "alejandra", + "rev": "f5a22afd2adfb249b4e68e0b33aa1f0fb73fb1be", + "type": "github" + }, + "original": { + "owner": "kamadorueda", + "repo": "alejandra", + "type": "github" + } + }, + "all-cabal-json": { + "flake": false, + "locked": { + "lastModified": 1665552503, + "narHash": "sha256-r14RmRSwzv5c+bWKUDaze6pXM7nOsiz1H8nvFHJvufc=", + "owner": "nix-community", + "repo": "all-cabal-json", + "rev": "d7c0434eebffb305071404edcf9d5cd99703878e", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "hackage", + "repo": "all-cabal-json", + "type": "github" + } + }, + "attic": { + "inputs": { + "crane": "crane", + "flake-compat": "flake-compat", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs", + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1686620679, + "narHash": "sha256-Ck/r3f+W9mOn3cHn5ii/fogBiJtosFnDaOQveaJ0zVU=", + "owner": "zhaofengli", + "repo": "attic", + "rev": "4fedffe6a1020edfcfa7bef18d21321d4983b3a7", + "type": "github" + }, + "original": { + "owner": "zhaofengli", + "repo": "attic", + "type": "github" + } + }, + "beautysh": { + "inputs": { + "nixpkgs": [ + "nixvim", + "nixpkgs" + ], + "poetry2nix": "poetry2nix", + "utils": "utils_3" + }, + "locked": { + "lastModified": 1680308980, + "narHash": "sha256-aUEHV0jk2qIFP3jlsWYWhBbm+w/N9gzH3e4I5DcdB5s=", + "owner": "lovesegfault", + "repo": "beautysh", + "rev": "9845efc3ea3e86cc0d41465d720a47f521b2799c", + "type": "github" + }, + "original": { + "owner": "lovesegfault", + "repo": "beautysh", + "type": "github" + } + }, + "blobs": { + "flake": false, + "locked": { + "lastModified": 1604995301, + "narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=", + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265", + "type": "gitlab" + }, + "original": { + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "type": "gitlab" + } + }, + "colmena": { + "inputs": { + "flake-compat": "flake-compat_2", + "flake-utils": "flake-utils_2", + "nixpkgs": "nixpkgs_2", + "stable": "stable" + }, + "locked": { + "lastModified": 1685163780, + "narHash": "sha256-tMwseHtEFDpO3WKeZKWqrKRAZI6TiEULidxEbzicuFg=", + "owner": "zhaofengli", + "repo": "colmena", + "rev": "c61bebae1dc1d57237577080b1ca1e37a3fbcebf", + "type": "github" + }, + "original": { + "owner": "zhaofengli", + "repo": "colmena", + "type": "github" + } + }, + "comma": { + "inputs": { + "flake-compat": "flake-compat_3", + "naersk": "naersk", + "nixpkgs": "nixpkgs_3", + "utils": "utils" + }, + "locked": { + "lastModified": 1687186099, + "narHash": "sha256-J5/LWwTqpSphwgvzZl4AJ6TlrJpdEG8PRLjlGr8D24U=", + "owner": "nix-community", + "repo": "comma", + "rev": "3c039932f6032454db850296b1ea73537a06ff3f", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "comma", + "type": "github" + } + }, + "crane": { + "inputs": { + "flake-compat": [ + "attic", + "flake-compat" + ], + "flake-utils": [ + "attic", + "flake-utils" + ], + "nixpkgs": [ + "attic", + "nixpkgs" + ], + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1677892403, + "narHash": "sha256-/Wi0L1spSWLFj+UQxN3j0mPYMoc7ZoAujpUF/juFVII=", + "owner": "ipetkov", + "repo": "crane", + "rev": "105e27adb70a9890986b6d543a67761cbc1964a2", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "crane_2": { + "flake": false, + "locked": { + "lastModified": 1670284777, + "narHash": "sha256-JF0pc0s4z/X+Iy+lNHOwUQ8I5bz+q7uX4HrKTNIEj24=", + "owner": "ipetkov", + "repo": "crane", + "rev": "2243fb9c872de25cb564a02d324ea6a5b9853052", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "devshell": { + "flake": false, + "locked": { + "lastModified": 1663445644, + "narHash": "sha256-+xVlcK60x7VY1vRJbNUEAHi17ZuoQxAIH4S4iUFUGBA=", + "owner": "numtide", + "repo": "devshell", + "rev": "e3dc3e21594fe07bdb24bdf1c8657acaa4cb8f66", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "devshell", + "type": "github" + } + }, + "dream2nix": { + "inputs": { + "alejandra": "alejandra", + "all-cabal-json": "all-cabal-json", + "crane": "crane_2", + "devshell": "devshell", + "flake-parts": "flake-parts_2", + "flake-utils-pre-commit": "flake-utils-pre-commit", + "ghc-utils": "ghc-utils", + "gomod2nix": "gomod2nix", + "mach-nix": "mach-nix", + "nix-pypi-fetcher": "nix-pypi-fetcher", + "nixpkgs": [ + "webcord", + "nixpkgs" + ], + "poetry2nix": "poetry2nix_2", + "pre-commit-hooks": "pre-commit-hooks_2" + }, + "locked": { + "lastModified": 1670715183, + "narHash": "sha256-l3OhVCCimrN1HFPfqfKAyzuMuPxNXZYLsI9w7AaQXv8=", + "owner": "nix-community", + "repo": "dream2nix", + "rev": "3d6f13ef9d4cb8c41bc83383bbec3e74865ef90d", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "dream2nix", + "type": "github" + } + }, + "fenix": { + "inputs": { + "nixpkgs": [ + "riff", + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src" + }, + "locked": { + "lastModified": 1686896497, + "narHash": "sha256-IphIS1KpiFXp/j0v7mEMhtw51uvU5F0mqF2j4//7VAA=", + "owner": "nix-community", + "repo": "fenix", + "rev": "9c69d11badcd78710d7d8665bc3d2e1adc450ffe", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, + "fenix_2": { + "inputs": { + "nixpkgs": [ + "webcord", + "dream2nix", + "alejandra", + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src_2" + }, + "locked": { + "lastModified": 1657607339, + "narHash": "sha256-HaqoAwlbVVZH2n4P3jN2FFPMpVuhxDy1poNOR7kzODc=", + "owner": "nix-community", + "repo": "fenix", + "rev": "b814c83d9e6aa5a28d0cf356ecfdafb2505ad37d", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_4": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_5": { + "flake": false, + "locked": { + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_6": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_7": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "id": "flake-compat", + "type": "indirect" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1683560683, + "narHash": "sha256-XAygPMN5Xnk/W2c1aW0jyEa6lfMDZWlQgiNtmHXytPc=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "006c75898cf814ef9497252b022e91c946ba8e17", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_2": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1668450977, + "narHash": "sha256-cfLhMhnvXn6x1vPm+Jow3RiFAUSCw/l1utktCw5rVA4=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "d591857e9d7dd9ddbfba0ea02b43b927c3c0f1fa", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-utils": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils-pre-commit": { + "locked": { + "lastModified": 1644229661, + "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { + "locked": { + "lastModified": 1659877975, + "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1681202837, + "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1685518550, + "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_5": { + "inputs": { + "systems": "systems_3" + }, + "locked": { + "lastModified": 1685518550, + "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_6": { + "locked": { + "lastModified": 1678901627, + "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6", + "type": "github" + }, + "original": { + "id": "flake-utils", + "type": "indirect" + } + }, + "flake-utils_7": { + "inputs": { + "systems": "systems_4" + }, + "locked": { + "lastModified": 1681202837, + "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flakeCompat": { + "flake": false, + "locked": { + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "ghc-utils": { + "flake": false, + "locked": { + "lastModified": 1662774800, + "narHash": "sha256-1Rd2eohGUw/s1tfvkepeYpg8kCEXiIot0RijapUjAkE=", + "ref": "refs/heads/master", + "rev": "bb3a2d3dc52ff0253fb9c2812bd7aa2da03e0fea", + "revCount": 1072, + "type": "git", + "url": "https://gitlab.haskell.org/bgamari/ghc-utils" + }, + "original": { + "type": "git", + "url": "https://gitlab.haskell.org/bgamari/ghc-utils" + } + }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "pre-commit-hooks-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1660459072, + "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "gitignore_2": { + "inputs": { + "nixpkgs": [ + "nixvim", + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1660459072, + "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "gomod2nix": { + "flake": false, + "locked": { + "lastModified": 1627572165, + "narHash": "sha256-MFpwnkvQpauj799b4QTBJQFEddbD02+Ln5k92QyHOSk=", + "owner": "tweag", + "repo": "gomod2nix", + "rev": "67f22dd738d092c6ba88e420350ada0ed4992ae8", + "type": "github" + }, + "original": { + "owner": "tweag", + "repo": "gomod2nix", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1687421788, + "narHash": "sha256-CgoHjiUBnru0bV4PE8z1R6ZD9KeWtuAaUkyYWYJmQUE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "a4817894576f9cd01d784e60a0bfb143c81fc2be", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "lanzaboote": { + "inputs": { + "flake-compat": "flake-compat_4", + "flake-parts": "flake-parts", + "flake-utils": "flake-utils_3", + "nixpkgs": [ + "nixpkgs" + ], + "pre-commit-hooks-nix": "pre-commit-hooks-nix" + }, + "locked": { + "lastModified": 1687124707, + "narHash": "sha256-BEC2y7zwDI/Saeupr9rijLvwb0OoqTD9vntlcyciyrM=", + "owner": "nix-community", + "repo": "lanzaboote", + "rev": "c758cdad465e0c8174db57dc493f51a89f0e3372", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "lanzaboote", + "type": "github" + } + }, + "lowdown-src": { + "flake": false, + "locked": { + "lastModified": 1633514407, + "narHash": "sha256-Dw32tiMjdK9t3ETl5fzGrutQTzh2rufgZV4A/BbxuD4=", + "owner": "kristapsdz", + "repo": "lowdown", + "rev": "d2c2b44ff6c27b936ec27358a2653caaef8f73b8", + "type": "github" + }, + "original": { + "owner": "kristapsdz", + "repo": "lowdown", + "type": "github" + } + }, + "mach-nix": { + "flake": false, + "locked": { + "lastModified": 1634711045, + "narHash": "sha256-m5A2Ty88NChLyFhXucECj6+AuiMZPHXNbw+9Kcs7F6Y=", + "owner": "DavHau", + "repo": "mach-nix", + "rev": "4433f74a97b94b596fa6cd9b9c0402104aceef5d", + "type": "github" + }, + "original": { + "id": "mach-nix", + "type": "indirect" + } + }, + "mailserver": { + "inputs": { + "blobs": "blobs", + "flake-compat": "flake-compat_5", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-22_11": "nixpkgs-22_11", + "utils": "utils_2" + }, + "locked": { + "lastModified": 1686468558, + "narHash": "sha256-K69Ojlx3N8I6tRTZsrKFMIqK4yrnJ6/PjfKZi3wchYg=", + "owner": "simple-nixos-mailserver", + "repo": "nixos-mailserver", + "rev": "290d00f6db4e80467013728819ad73dd4a394d9a", + "type": "gitlab" + }, + "original": { + "owner": "simple-nixos-mailserver", + "repo": "nixos-mailserver", + "type": "gitlab" + } + }, + "naersk": { + "inputs": { + "nixpkgs": [ + "comma", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1679567394, + "narHash": "sha256-ZvLuzPeARDLiQUt6zSZFGOs+HZmE+3g4QURc8mkBsfM=", + "owner": "nix-community", + "repo": "naersk", + "rev": "88cd22380154a2c36799fe8098888f0f59861a15", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "master", + "repo": "naersk", + "type": "github" + } + }, + "naersk_2": { + "inputs": { + "nixpkgs": [ + "riff", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1686572087, + "narHash": "sha256-jXTut7ZSYqLEgm/nTk7TuVL2ExahTip605bLINklAnQ=", + "owner": "nix-community", + "repo": "naersk", + "rev": "8507af04eb40c5520bd35d9ce6f9d2342cea5ad1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "naersk", + "type": "github" + } + }, + "nix": { + "inputs": { + "lowdown-src": "lowdown-src", + "nixpkgs": "nixpkgs_7", + "nixpkgs-regression": "nixpkgs-regression" + }, + "locked": { + "lastModified": 1654239108, + "narHash": "sha256-0JzuElxLe5DxM+R4tvBYfvQnMGCERZy4KMRf0JYxxS4=", + "owner": "nixos", + "repo": "nix", + "rev": "1dd7253133c4dfd2e7a16ad6fe505442cef38a5b", + "type": "github" + }, + "original": { + "id": "nix", + "type": "indirect" + } + }, + "nix-pypi-fetcher": { + "flake": false, + "locked": { + "lastModified": 1669065297, + "narHash": "sha256-UStjXjNIuIm7SzMOWvuYWIHBkPUKQ8Id63BMJjnIDoA=", + "owner": "DavHau", + "repo": "nix-pypi-fetcher", + "rev": "a9885ac6a091576b5195d547ac743d45a2a615ac", + "type": "github" + }, + "original": { + "owner": "DavHau", + "repo": "nix-pypi-fetcher", + "type": "github" + } + }, + "nixlib": { + "locked": { + "lastModified": 1687049841, + "narHash": "sha256-FBNZQfWtA7bb/rwk92mfiWc85x4hXta2OAouDqO5W8w=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "908af6d1fa3643c5818ea45aa92b21d6385fbbe5", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, + "nixos-generators": { + "inputs": { + "nixlib": "nixlib", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1687398392, + "narHash": "sha256-T6kc3NMTpGJk1/dve8PGupeVcxboEb78xtTKhe3LL/A=", + "owner": "nix-community", + "repo": "nixos-generators", + "rev": "649171f56a45af13ba693c156207eafbbbf7edfe", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixos-generators", + "type": "github" + } + }, + "nixos-hardware": { + "locked": { + "lastModified": 1679726555, + "narHash": "sha256-h7Dd/uWu7i5Yv1E+DweyJJUzTvGWXqfSo8/hz1YEolY=", + "owner": "toastal", + "repo": "nixos-hardware", + "rev": "0889479119961000c4a15801a0343cd1f11de556", + "type": "github" + }, + "original": { + "owner": "toastal", + "ref": "z-series-no-hidpi", + "repo": "nixos-hardware", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1686519857, + "narHash": "sha256-VkBhuq67aXXiCoEmicziuDLUPPjeOTLQoj6OeVai5zM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "6b1b72c0f887a478a5aac355674ff6df0fc44f44", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-22_11": { + "locked": { + "lastModified": 1669558522, + "narHash": "sha256-yqxn+wOiPqe6cxzOo4leeJOp1bXE/fjPEi/3F/bBHv8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "ce5fe99df1f15a09a91a86be9738d68fadfbad82", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-22.11", + "type": "indirect" + } + }, + "nixpkgs-lib": { + "locked": { + "dir": "lib", + "lastModified": 1665349835, + "narHash": "sha256-UK4urM3iN80UXQ7EaOappDzcisYIuEURFRoGQ/yPkug=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "34c5293a71ffdb2fe054eb5288adc1882c1eb0b1", + "type": "github" + }, + "original": { + "dir": "lib", + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-regression": { + "locked": { + "lastModified": 1643052045, + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + } + }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1685004253, + "narHash": "sha256-AbVL1nN/TDicUQ5wXZ8xdLERxz/eJr7+o8lqkIOVuaE=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3e01645c40b92d29f3ae76344a6d654986a91a91", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_2": { + "locked": { + "lastModified": 1678872516, + "narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_3": { + "locked": { + "lastModified": 1685801374, + "narHash": "sha256-otaSUoFEMM+LjBI1XL/xGB5ao6IwnZOXc47qhIgJe8U=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "c37ca420157f4abc31e26f436c1145f8951ff373", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_10": { + "locked": { + "lastModified": 1670507980, + "narHash": "sha256-riNZa0xzM1it3pzxciwALeMs+0CsBMWIW2FqulzK8vM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "2787fc7d1e51404678614bf0fe92fc296746eec0", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1683408522, + "narHash": "sha256-9kcPh6Uxo17a3kK3XCHhcWiV1Yu1kYj22RHiymUhMkU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "897876e4c484f1e8f92009fd11b7d988a121a4e7", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1680668850, + "narHash": "sha256-mQMg13yRsS0LXVzaeoSPwqgPO6yhkGzGewPgMSqXSv8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "4a65e9f64e53fdca6eed31adba836717a11247d2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1686960236, + "narHash": "sha256-AYCC9rXNLpUWzD9hm+askOfpliLEC9kwAo7ITJc4HIw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "04af42f3b31dba0ef742d254456dc4c14eedac86", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-unstable", + "type": "indirect" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1686960236, + "narHash": "sha256-AYCC9rXNLpUWzD9hm+askOfpliLEC9kwAo7ITJc4HIw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "04af42f3b31dba0ef742d254456dc4c14eedac86", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_6": { + "locked": { + "lastModified": 1686736559, + "narHash": "sha256-YyUSVoOKIDAscTx7IZhF9x3qgZ9dPNF19fKk+4c5irc=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "ddf4688dc7aeb14e8a3c549cb6aa6337f187a884", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-23.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_7": { + "locked": { + "lastModified": 1645296114, + "narHash": "sha256-y53N7TyIkXsjMpOG7RhvqJFGDacLs9HlyHeSTBioqYU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "530a53dcbc9437363471167a5e4762c5fcfa34a1", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-21.05-small", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_8": { + "locked": { + "lastModified": 1674736538, + "narHash": "sha256-/DszFMkAgYyB9dTWKkoZa9i0zcrA6Z4hYrOr/u/FSxY=", + "owner": "serokell", + "repo": "nixpkgs", + "rev": "1dfdbb65d77430fc0935e8592d0abc4addcce711", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs_9": { + "locked": { + "lastModified": 1682526928, + "narHash": "sha256-2cKh4O6t1rQ8Ok+v16URynmb0rV7oZPEbXkU0owNLQs=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "d6b863fd9b7bb962e6f9fdf292419a775e772891", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_stable": { + "locked": { + "lastModified": 1687288566, + "narHash": "sha256-VckkiJ88Gzdc2cstm0z5eFcrHbvkm4VjxavHBGssvZI=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b6c73c5fe53bb3afbf65e870541e0645e9145171", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-23.05", + "type": "indirect" + } + }, + "nixvim": { + "inputs": { + "beautysh": "beautysh", + "flake-utils": "flake-utils_4", + "nixpkgs": "nixpkgs_5", + "pre-commit-hooks": "pre-commit-hooks" + }, + "locked": { + "lastModified": 1687424051, + "narHash": "sha256-UkMpIRjjviVklTesZIR2q7QFNTlGepgSrl9uewdA1JU=", + "owner": "pta2002", + "repo": "nixvim", + "rev": "1a8bd3bdc1798214ef7ad77cfc4365d140a50a0d", + "type": "github" + }, + "original": { + "owner": "pta2002", + "repo": "nixvim", + "type": "github" + } + }, + "nur": { + "locked": { + "lastModified": 1687422705, + "narHash": "sha256-qO5Uesc0wNg60Zp3P1QXgLVFiC3cHCqd34dQSmU9OMw=", + "owner": "nix-community", + "repo": "NUR", + "rev": "2deeab84b27858c0c5537c41c243144829b55928", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "NUR", + "type": "github" + } + }, + "poetry2nix": { + "inputs": { + "flake-utils": [ + "nixvim", + "beautysh", + "utils" + ], + "nixpkgs": [ + "nixvim", + "beautysh", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1658665240, + "narHash": "sha256-/wkx7D7enyBPRjIkK0w7QxLQhzEkb3UxNQnjyc3FTUI=", + "owner": "nix-community", + "repo": "poetry2nix", + "rev": "8b8edc85d24661d5a6d0d71d6a7011f3e699780f", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "poetry2nix", + "type": "github" + } + }, + "poetry2nix_2": { + "flake": false, + "locked": { + "lastModified": 1666918719, + "narHash": "sha256-BkK42fjAku+2WgCOv2/1NrPa754eQPV7gPBmoKQBWlc=", + "owner": "nix-community", + "repo": "poetry2nix", + "rev": "289efb187123656a116b915206e66852f038720e", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "1.36.0", + "repo": "poetry2nix", + "type": "github" + } + }, + "pre-commit-hooks": { + "inputs": { + "flake-compat": "flake-compat_6", + "flake-utils": "flake-utils_5", + "gitignore": "gitignore_2", + "nixpkgs": [ + "nixvim", + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable_3" + }, + "locked": { + "lastModified": 1686668298, + "narHash": "sha256-AADh9NqHh6X2LOem4BvI7oCkMm+JPCSCE7iIw5nn0VA=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "5b6b54d3f722aa95cbf4ddbe35390a0af8c0015a", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, + "pre-commit-hooks-nix": { + "inputs": { + "flake-compat": [ + "lanzaboote", + "flake-compat" + ], + "flake-utils": [ + "lanzaboote", + "flake-utils" + ], + "gitignore": "gitignore", + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable_2" + }, + "locked": { + "lastModified": 1684842236, + "narHash": "sha256-rYWsIXHvNhVQ15RQlBUv67W3YnM+Pd+DuXGMvCBq2IE=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "61e567d6497bc9556f391faebe5e410e6623217f", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, + "pre-commit-hooks_2": { + "inputs": { + "flake-utils": [ + "webcord", + "dream2nix", + "flake-utils-pre-commit" + ], + "nixpkgs": [ + "webcord", + "dream2nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1646153636, + "narHash": "sha256-AlWHMzK+xJ1mG267FdT8dCq/HvLCA6jwmx2ZUy5O8tY=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "b6bc0b21e1617e2b07d8205e7fae7224036dfa4b", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, + "riff": { + "inputs": { + "fenix": "fenix", + "naersk": "naersk_2", + "nixpkgs": "nixpkgs_6" + }, + "locked": { + "lastModified": 1686943106, + "narHash": "sha256-rTYwDvTLFCCbyGHDM/Si7v7RR7A6pcnXyO85NtMmAH4=", + "owner": "DeterminateSystems", + "repo": "riff", + "rev": "2e19c1097c922cdeb90fdaec60f9bc592b8c4ffe", + "type": "github" + }, + "original": { + "owner": "DeterminateSystems", + "repo": "riff", + "type": "github" + } + }, + "root": { + "inputs": { + "attic": "attic", + "colmena": "colmena", + "comma": "comma", + "home-manager": "home-manager", + "lanzaboote": "lanzaboote", + "mailserver": "mailserver", + "nixos-generators": "nixos-generators", + "nixos-hardware": "nixos-hardware", + "nixpkgs": "nixpkgs_4", + "nixpkgs_stable": "nixpkgs_stable", + "nixvim": "nixvim", + "nur": "nur", + "riff": "riff", + "vault-secrets": "vault-secrets", + "vault-unseal": "vault-unseal", + "webcord": "webcord" + } + }, + "rust-analyzer-src": { + "flake": false, + "locked": { + "lastModified": 1686818168, + "narHash": "sha256-yyoJmC17T6mXqthzgGiTKSdUJ0cTEuqQmkmd3iW4ay8=", + "owner": "rust-lang", + "repo": "rust-analyzer", + "rev": "ff864fbb9fc21f0cdae408fe8f5b2f43141b45a7", + "type": "github" + }, + "original": { + "owner": "rust-lang", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, + "rust-analyzer-src_2": { + "flake": false, + "locked": { + "lastModified": 1657557289, + "narHash": "sha256-PRW+nUwuqNTRAEa83SfX+7g+g8nQ+2MMbasQ9nt6+UM=", + "owner": "rust-lang", + "repo": "rust-analyzer", + "rev": "caf23f29144b371035b864a1017dbc32573ad56d", + "type": "github" + }, + "original": { + "owner": "rust-lang", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, + "rust-overlay": { + "inputs": { + "flake-utils": [ + "attic", + "crane", + "flake-utils" + ], + "nixpkgs": [ + "attic", + "crane", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1675391458, + "narHash": "sha256-ukDKZw922BnK5ohL9LhwtaDAdCsJL7L6ScNEyF1lO9w=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "383a4acfd11d778d5c2efcf28376cbd845eeaedf", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "stable": { + "locked": { + "lastModified": 1669735802, + "narHash": "sha256-qtG/o/i5ZWZLmXw108N2aPiVsxOcidpHJYNkT45ry9Q=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "731cc710aeebecbf45a258e977e8b68350549522", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "utils": { + "locked": { + "lastModified": 1678901627, + "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "utils_2": { + "locked": { + "lastModified": 1605370193, + "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5021eac20303a61fafe17224c087f5519baed54d", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "utils_3": { + "locked": { + "lastModified": 1678901627, + "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "vault-secrets": { + "inputs": { + "flake-compat": "flake-compat_7", + "flake-utils": "flake-utils_6", + "nix": "nix", + "nixpkgs": "nixpkgs_8" + }, + "locked": { + "lastModified": 1686833044, + "narHash": "sha256-pl5qH72KNOgS9ivj06Nh272HTPd5cYPSL768RsYiLDg=", + "owner": "serokell", + "repo": "vault-secrets", + "rev": "30c5b1c532d10e40c8a196995acee675d7d731f2", + "type": "github" + }, + "original": { + "owner": "serokell", + "repo": "vault-secrets", + "type": "github" + } + }, + "vault-unseal": { + "inputs": { + "flake-utils": "flake-utils_7", + "nixpkgs": "nixpkgs_9" + }, + "locked": { + "lastModified": 1683013874, + "narHash": "sha256-B8bQb9IMkrDvtqFUoF/PuBma8Qa2jU7Xv7cFSchg9V8=", + "ref": "refs/heads/main", + "rev": "91e7262e87878609c2d6619210988b241e8f8f62", + "revCount": 11, + "type": "git", + "url": "https://git.0x76.dev/v/vault-unseal.git" + }, + "original": { + "type": "git", + "url": "https://git.0x76.dev/v/vault-unseal.git" + } + }, + "webcord": { + "inputs": { + "dream2nix": "dream2nix", + "nixpkgs": "nixpkgs_10", + "webcord": "webcord_2" + }, + "locked": { + "lastModified": 1670874335, + "narHash": "sha256-nJ1LUVj3dIHP5B+XkZXUvY39OqaZn/MMHSFwsOSPnwI=", + "owner": "fufexan", + "repo": "webcord-flake", + "rev": "b462d57c36d664b48f047c96b2f9de091bff6e8b", + "type": "github" + }, + "original": { + "owner": "fufexan", + "repo": "webcord-flake", + "type": "github" + } + }, + "webcord_2": { + "flake": false, + "locked": { + "lastModified": 1670713990, + "narHash": "sha256-e+y/M+/gjezHoNrdXeFhqtvxbPdhRSDOQlwK1nUhNfo=", + "owner": "SpacingBat3", + "repo": "WebCord", + "rev": "80ba858c025e0bb59510f7136211948d8ae10ece", + "type": "github" + }, + "original": { + "owner": "SpacingBat3", + "repo": "WebCord", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} -- 2.47.1 From 6e1c1691b6fbbbfb994dd8653ebd9c83d8464d8b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 22 Jun 2023 22:00:26 +0000 Subject: [PATCH 1704/1882] chore(deps): update helm release external-secrets to v0.9.0 --- flux/olympus/core/external-secrets/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/core/external-secrets/helm-release.yaml b/flux/olympus/core/external-secrets/helm-release.yaml index ca2393df..39c8dc9d 100644 --- a/flux/olympus/core/external-secrets/helm-release.yaml +++ b/flux/olympus/core/external-secrets/helm-release.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: external-secrets - version: 0.8.3 + version: 0.9.0 interval: 30m sourceRef: kind: HelmRepository -- 2.47.1 From c52872ad07016f4c6801b8c7bb74ba89577b3be8 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 23 Jun 2023 09:10:07 +0200 Subject: [PATCH 1705/1882] updates --- flake.lock | 52 ++++++++++++++++++++++++++++++++++------------------ 1 file changed, 34 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index 3342782c..8658b1b7 100644 --- a/flake.lock +++ b/flake.lock @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1687421788, - "narHash": "sha256-CgoHjiUBnru0bV4PE8z1R6ZD9KeWtuAaUkyYWYJmQUE=", + "lastModified": 1687473300, + "narHash": "sha256-4LflQpktYFiub8xVhEN9EZf1cYsr09md01rBJZRCGCc=", "owner": "nix-community", "repo": "home-manager", - "rev": "a4817894576f9cd01d784e60a0bfb143c81fc2be", + "rev": "70ac18872a5f1a57a4546ff58888bf67a8bbb5b3", "type": "github" }, "original": { @@ -741,14 +741,15 @@ "nixpkgs" ], "nixpkgs-22_11": "nixpkgs-22_11", + "nixpkgs-23_05": "nixpkgs-23_05", "utils": "utils_2" }, "locked": { - "lastModified": 1686468558, - "narHash": "sha256-K69Ojlx3N8I6tRTZsrKFMIqK4yrnJ6/PjfKZi3wchYg=", + "lastModified": 1687462267, + "narHash": "sha256-rNSputjn/0HEHHnsKfQ8mQVEPVchcBw7DsbND7Wg8dk=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "290d00f6db4e80467013728819ad73dd4a394d9a", + "rev": "24128c3052090311688b09a400aa408ba61c6ee5", "type": "gitlab" }, "original": { @@ -918,6 +919,21 @@ "type": "indirect" } }, + "nixpkgs-23_05": { + "locked": { + "lastModified": 1684782344, + "narHash": "sha256-SHN8hPYYSX0thDrMLMWPWYulK3YFgASOrCsIL3AJ78g=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "8966c43feba2c701ed624302b6a935f97bcbdf88", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-23.05", + "type": "indirect" + } + }, "nixpkgs-lib": { "locked": { "dir": "lib", @@ -1050,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1686960236, - "narHash": "sha256-AYCC9rXNLpUWzD9hm+askOfpliLEC9kwAo7ITJc4HIw=", + "lastModified": 1687412861, + "narHash": "sha256-Z/g0wbL68C+mSGerYS2quv9FXQ1RRP082cAC0Bh4vcs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "04af42f3b31dba0ef742d254456dc4c14eedac86", + "rev": "e603dc5f061ca1d8a19b3ede6a8cf9c9fcba6cdc", "type": "github" }, "original": { @@ -1143,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1687288566, - "narHash": "sha256-VckkiJ88Gzdc2cstm0z5eFcrHbvkm4VjxavHBGssvZI=", + "lastModified": 1687379288, + "narHash": "sha256-cSuwfiqYfeVyqzCRkU9AvLTysmEuSal8nh6CYr+xWog=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b6c73c5fe53bb3afbf65e870541e0645e9145171", + "rev": "ef0bc3976340dab9a4e087a0bcff661a8b2e87f3", "type": "github" }, "original": { @@ -1164,11 +1180,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1687424051, - "narHash": "sha256-UkMpIRjjviVklTesZIR2q7QFNTlGepgSrl9uewdA1JU=", + "lastModified": 1687436522, + "narHash": "sha256-qVe/gt1qgVpr+kianMSpp3rQM6GTyYkJf3bM5k+Fr0k=", "owner": "pta2002", "repo": "nixvim", - "rev": "1a8bd3bdc1798214ef7ad77cfc4365d140a50a0d", + "rev": "f43505d54fba9141a1f905e140980c3b431b0d1b", "type": "github" }, "original": { @@ -1179,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1687422705, - "narHash": "sha256-qO5Uesc0wNg60Zp3P1QXgLVFiC3cHCqd34dQSmU9OMw=", + "lastModified": 1687497781, + "narHash": "sha256-iySsVFg90kwpIs5E4u71cEVkZZRPRsqYvDmZjPtbgvc=", "owner": "nix-community", "repo": "NUR", - "rev": "2deeab84b27858c0c5537c41c243144829b55928", + "rev": "299f27861e05df6637aa586ab8eaf7c8f33db863", "type": "github" }, "original": { -- 2.47.1 From 8f45c9c53bbcf6f1f580012f2d03a9c1282dff0f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 23 Jun 2023 14:00:23 +0000 Subject: [PATCH 1706/1882] chore(deps): update renovate/renovate docker tag to v35.140.3 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index fff43b33..c03808cb 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.140.0 + image: renovate/renovate:35.140.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From f4078cfd62e6858cf6c661130069ef8323ca3638 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 24 Jun 2023 11:37:39 +0200 Subject: [PATCH 1707/1882] update flake --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 8658b1b7..87a2436a 100644 --- a/flake.lock +++ b/flake.lock @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1687473300, - "narHash": "sha256-4LflQpktYFiub8xVhEN9EZf1cYsr09md01rBJZRCGCc=", + "lastModified": 1687506590, + "narHash": "sha256-CSou9mrG9h/WVRjCptfTrATVxvhmtdQXElmWV/ZkrAs=", "owner": "nix-community", "repo": "home-manager", - "rev": "70ac18872a5f1a57a4546ff58888bf67a8bbb5b3", + "rev": "d2b6f2d154bf6b27a93ed895392f80c503df7cfa", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1687412861, - "narHash": "sha256-Z/g0wbL68C+mSGerYS2quv9FXQ1RRP082cAC0Bh4vcs=", + "lastModified": 1687502512, + "narHash": "sha256-dBL/01TayOSZYxtY4cMXuNCBk8UMLoqRZA+94xiFpJA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e603dc5f061ca1d8a19b3ede6a8cf9c9fcba6cdc", + "rev": "3ae20aa58a6c0d1ca95c9b11f59a2d12eebc511f", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1687379288, - "narHash": "sha256-cSuwfiqYfeVyqzCRkU9AvLTysmEuSal8nh6CYr+xWog=", + "lastModified": 1687466461, + "narHash": "sha256-oupXI7g7RPzlpGUfAu1xG4KBK53GrZH8/xeKgKDB4+Q=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ef0bc3976340dab9a4e087a0bcff661a8b2e87f3", + "rev": "ecb441f22067ba1d6312f4932a7c64efa8d19a7b", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1687497781, - "narHash": "sha256-iySsVFg90kwpIs5E4u71cEVkZZRPRsqYvDmZjPtbgvc=", + "lastModified": 1687596377, + "narHash": "sha256-WmwCXiNvZoOdAaKFFzZQ2SIE0FGxfz+VVHAwyiYBJHY=", "owner": "nix-community", "repo": "NUR", - "rev": "299f27861e05df6637aa586ab8eaf7c8f33db863", + "rev": "6ec87d8ba9fc4d280242d6c39952119d0e8e846c", "type": "github" }, "original": { -- 2.47.1 From 6c5ad1eabcd8ec170a3e2537733b94d6bf2333a3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 24 Jun 2023 22:00:25 +0000 Subject: [PATCH 1708/1882] chore(deps): update renovate/renovate docker tag to v35.141.3 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index c03808cb..1a0d76fd 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.140.3 + image: renovate/renovate:35.141.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 54f428919805a7e06fde20013cf62ec059019639 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 26 Jun 2023 16:36:35 +0200 Subject: [PATCH 1709/1882] updates --- flake.lock | 20 ++++++++++---------- flake.nix | 2 +- nixos/common/desktop/home.nix | 1 + 3 files changed, 12 insertions(+), 11 deletions(-) diff --git a/flake.lock b/flake.lock index 87a2436a..16820bc8 100644 --- a/flake.lock +++ b/flake.lock @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1687506590, - "narHash": "sha256-CSou9mrG9h/WVRjCptfTrATVxvhmtdQXElmWV/ZkrAs=", + "lastModified": 1687647343, + "narHash": "sha256-1/o/i9KEFOBdlF9Cs04kBcqDFbYMt6W4SMqGa+QnnaI=", "owner": "nix-community", "repo": "home-manager", - "rev": "d2b6f2d154bf6b27a93ed895392f80c503df7cfa", + "rev": "0ee5ab611dc1fbb5180bd7d88d2aeb7841a4d179", "type": "github" }, "original": { @@ -1066,16 +1066,16 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1687502512, - "narHash": "sha256-dBL/01TayOSZYxtY4cMXuNCBk8UMLoqRZA+94xiFpJA=", + "lastModified": 1687639213, + "narHash": "sha256-m/jb2D62UXMPy8LeiF39/qGbDBpNpix/h7ne1EXRl9M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3ae20aa58a6c0d1ca95c9b11f59a2d12eebc511f", + "rev": "8eef75145e6c3beada369aee48bd9c2c3a4dee88", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-unstable", + "ref": "nixos-unstable-small", "type": "indirect" } }, @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1687596377, - "narHash": "sha256-WmwCXiNvZoOdAaKFFzZQ2SIE0FGxfz+VVHAwyiYBJHY=", + "lastModified": 1687666225, + "narHash": "sha256-ldABbbs4tP6SGigIc3ihm1962thOpZ9wT9NpX2vHaKc=", "owner": "nix-community", "repo": "NUR", - "rev": "6ec87d8ba9fc4d280242d6c39952119d0e8e846c", + "rev": "e9ad8e2cc54478c5e537822a24d2f80772e4574b", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 8e9cfe49..9526c29d 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "nixpkgs/nixos-unstable"; + nixpkgs.url = "nixpkgs/nixos-unstable-small"; nixpkgs_stable.url = "nixpkgs/nixos-23.05"; diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index 67407df8..596fde53 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -27,6 +27,7 @@ in { rustup solo2-cli tex + plexamp unzip yt-dlp qmk -- 2.47.1 From 4530fb906ab275173dbcef728485cfe0b0fddbde Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 26 Jun 2023 16:54:12 +0200 Subject: [PATCH 1710/1882] updates --- flake.lock | 54 +++++++++++++++++++++++++++--------------------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/flake.lock b/flake.lock index 16820bc8..b59ac107 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1685518550, - "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", + "lastModified": 1687171271, + "narHash": "sha256-BJlq+ozK2B1sJDQXS3tzJM5a+oVZmi1q0FlBK/Xqv7M=", "owner": "numtide", "repo": "flake-utils", - "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef", + "rev": "abfb11bd1aec8ced1c9bb9adfe68018230f4fb3c", "type": "github" }, "original": { @@ -838,11 +838,11 @@ }, "nixlib": { "locked": { - "lastModified": 1687049841, - "narHash": "sha256-FBNZQfWtA7bb/rwk92mfiWc85x4hXta2OAouDqO5W8w=", + "lastModified": 1687654967, + "narHash": "sha256-ki8vItcjn8Z8n+QD9NEoCQbbbG7VzWy71hyOkFFwCkM=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "908af6d1fa3643c5818ea45aa92b21d6385fbbe5", + "rev": "b3ec8fb525fc0c8f08eff5ef93c684b4c6d0e777", "type": "github" }, "original": { @@ -859,11 +859,11 @@ ] }, "locked": { - "lastModified": 1687398392, - "narHash": "sha256-T6kc3NMTpGJk1/dve8PGupeVcxboEb78xtTKhe3LL/A=", + "lastModified": 1687743756, + "narHash": "sha256-WhDERdaMGX73CBxpDfoauKU2Z4NC10+/4khdBbpXjWs=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "649171f56a45af13ba693c156207eafbbbf7edfe", + "rev": "844ce2ab9a0ba819b30df1fff2c48c9b2b2344be", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1687639213, - "narHash": "sha256-m/jb2D62UXMPy8LeiF39/qGbDBpNpix/h7ne1EXRl9M=", + "lastModified": 1687759413, + "narHash": "sha256-gudxKop+lwTr17p5zJLi+od4F9SOAuUQtxz9TB9DS9A=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8eef75145e6c3beada369aee48bd9c2c3a4dee88", + "rev": "cac7725d3c2c1d0930daf7d30019512c2421abe1", "type": "github" }, "original": { @@ -1081,11 +1081,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1686960236, - "narHash": "sha256-AYCC9rXNLpUWzD9hm+askOfpliLEC9kwAo7ITJc4HIw=", + "lastModified": 1687502512, + "narHash": "sha256-dBL/01TayOSZYxtY4cMXuNCBk8UMLoqRZA+94xiFpJA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "04af42f3b31dba0ef742d254456dc4c14eedac86", + "rev": "3ae20aa58a6c0d1ca95c9b11f59a2d12eebc511f", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1687466461, - "narHash": "sha256-oupXI7g7RPzlpGUfAu1xG4KBK53GrZH8/xeKgKDB4+Q=", + "lastModified": 1687729501, + "narHash": "sha256-mTLkMePoHUWvTCf3NuKbeYEea/tsikSIKBWwb9OfRr4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ecb441f22067ba1d6312f4932a7c64efa8d19a7b", + "rev": "35130d4b4f0b8c50ed2aceb909a538c66c91d4a0", "type": "github" }, "original": { @@ -1180,11 +1180,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1687436522, - "narHash": "sha256-qVe/gt1qgVpr+kianMSpp3rQM6GTyYkJf3bM5k+Fr0k=", + "lastModified": 1687780878, + "narHash": "sha256-cv0S9UcNAly+Ga1e/GTUKGOcwbvnif0D7sW8vTs2Tug=", "owner": "pta2002", "repo": "nixvim", - "rev": "f43505d54fba9141a1f905e140980c3b431b0d1b", + "rev": "01a45fd033417667b91b773188f55ca15072d407", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1687666225, - "narHash": "sha256-ldABbbs4tP6SGigIc3ihm1962thOpZ9wT9NpX2vHaKc=", + "lastModified": 1687784764, + "narHash": "sha256-bbFyFuc6YmTYe2caOAig+45ZTVopXTWckTcIjsLqwHs=", "owner": "nix-community", "repo": "NUR", - "rev": "e9ad8e2cc54478c5e537822a24d2f80772e4574b", + "rev": "0ae946ea16544309622773a163d58f67897a2021", "type": "github" }, "original": { @@ -1264,11 +1264,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1686668298, - "narHash": "sha256-AADh9NqHh6X2LOem4BvI7oCkMm+JPCSCE7iIw5nn0VA=", + "lastModified": 1687251716, + "narHash": "sha256-+sFS41thsB5U+lY/dBYPSmU4AJ7nz/VdM1WD35fXVeM=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "5b6b54d3f722aa95cbf4ddbe35390a0af8c0015a", + "rev": "7807e1851d95828ed98491930d2d9e7ddbe65da4", "type": "github" }, "original": { -- 2.47.1 From bb5c75bc701cf39f65ab24695daf8dd394b8bb33 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 26 Jun 2023 22:00:28 +0000 Subject: [PATCH 1711/1882] chore(deps): update renovate/renovate docker tag to v35.143.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 1a0d76fd..500e1352 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.141.3 + image: renovate/renovate:35.143.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 4ce035696d05ece8fdca2307f707daf619c3a253 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Tue, 27 Jun 2023 11:01:45 +0200 Subject: [PATCH 1712/1882] add more insecure packages --- nixos/common/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/common/default.nix b/nixos/common/default.nix index e2bf7251..867f1499 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -77,7 +77,7 @@ nixpkgs.config.allowUnfree = true; nixpkgs.config.permittedInsecurePackages = - [ "nodejs-14.21.3" "openssl-1.1.1t" "nodejs-16.20.0" "openssl-1.1.1u" ]; + [ "nodejs-16.20.1" "nodejs-14.21.3" "openssl-1.1.1t" "nodejs-16.20.0" "openssl-1.1.1u" ]; # Limit the systemd journal to 100 MB of disk or the # last 7 days of logs, whichever happens first. -- 2.47.1 From bd206ee8009004292f98939d062ccfe18f46df5d Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Tue, 27 Jun 2023 11:01:57 +0200 Subject: [PATCH 1713/1882] flake lock --- flake.lock | 60 +++++++++++++++++++++++++++--------------------------- 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/flake.lock b/flake.lock index 87a2436a..5291c0e7 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1685518550, - "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", + "lastModified": 1687171271, + "narHash": "sha256-BJlq+ozK2B1sJDQXS3tzJM5a+oVZmi1q0FlBK/Xqv7M=", "owner": "numtide", "repo": "flake-utils", - "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef", + "rev": "abfb11bd1aec8ced1c9bb9adfe68018230f4fb3c", "type": "github" }, "original": { @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1687506590, - "narHash": "sha256-CSou9mrG9h/WVRjCptfTrATVxvhmtdQXElmWV/ZkrAs=", + "lastModified": 1687647343, + "narHash": "sha256-1/o/i9KEFOBdlF9Cs04kBcqDFbYMt6W4SMqGa+QnnaI=", "owner": "nix-community", "repo": "home-manager", - "rev": "d2b6f2d154bf6b27a93ed895392f80c503df7cfa", + "rev": "0ee5ab611dc1fbb5180bd7d88d2aeb7841a4d179", "type": "github" }, "original": { @@ -838,11 +838,11 @@ }, "nixlib": { "locked": { - "lastModified": 1687049841, - "narHash": "sha256-FBNZQfWtA7bb/rwk92mfiWc85x4hXta2OAouDqO5W8w=", + "lastModified": 1687654967, + "narHash": "sha256-ki8vItcjn8Z8n+QD9NEoCQbbbG7VzWy71hyOkFFwCkM=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "908af6d1fa3643c5818ea45aa92b21d6385fbbe5", + "rev": "b3ec8fb525fc0c8f08eff5ef93c684b4c6d0e777", "type": "github" }, "original": { @@ -859,11 +859,11 @@ ] }, "locked": { - "lastModified": 1687398392, - "narHash": "sha256-T6kc3NMTpGJk1/dve8PGupeVcxboEb78xtTKhe3LL/A=", + "lastModified": 1687743756, + "narHash": "sha256-WhDERdaMGX73CBxpDfoauKU2Z4NC10+/4khdBbpXjWs=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "649171f56a45af13ba693c156207eafbbbf7edfe", + "rev": "844ce2ab9a0ba819b30df1fff2c48c9b2b2344be", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1687502512, - "narHash": "sha256-dBL/01TayOSZYxtY4cMXuNCBk8UMLoqRZA+94xiFpJA=", + "lastModified": 1687681650, + "narHash": "sha256-M2If+gRcfpmaJy/XbfSsRzLlPpoU4nr0NHnKKl50fd8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3ae20aa58a6c0d1ca95c9b11f59a2d12eebc511f", + "rev": "1c9db9710cb23d60570ad4d7ab829c2d34403de3", "type": "github" }, "original": { @@ -1081,11 +1081,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1686960236, - "narHash": "sha256-AYCC9rXNLpUWzD9hm+askOfpliLEC9kwAo7ITJc4HIw=", + "lastModified": 1687502512, + "narHash": "sha256-dBL/01TayOSZYxtY4cMXuNCBk8UMLoqRZA+94xiFpJA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "04af42f3b31dba0ef742d254456dc4c14eedac86", + "rev": "3ae20aa58a6c0d1ca95c9b11f59a2d12eebc511f", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1687466461, - "narHash": "sha256-oupXI7g7RPzlpGUfAu1xG4KBK53GrZH8/xeKgKDB4+Q=", + "lastModified": 1687729501, + "narHash": "sha256-mTLkMePoHUWvTCf3NuKbeYEea/tsikSIKBWwb9OfRr4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ecb441f22067ba1d6312f4932a7c64efa8d19a7b", + "rev": "35130d4b4f0b8c50ed2aceb909a538c66c91d4a0", "type": "github" }, "original": { @@ -1180,11 +1180,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1687436522, - "narHash": "sha256-qVe/gt1qgVpr+kianMSpp3rQM6GTyYkJf3bM5k+Fr0k=", + "lastModified": 1687763881, + "narHash": "sha256-8ISwQzRBHNc5PkkgkEFn2QXeWsgWhFlwX9RMb3MAgLU=", "owner": "pta2002", "repo": "nixvim", - "rev": "f43505d54fba9141a1f905e140980c3b431b0d1b", + "rev": "be6a29c8004fe23a4eb88e64052324e3470f2a48", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1687596377, - "narHash": "sha256-WmwCXiNvZoOdAaKFFzZQ2SIE0FGxfz+VVHAwyiYBJHY=", + "lastModified": 1687766732, + "narHash": "sha256-CAuZpKlHZhjCsIguQX1fSdw+dhf0vURQb1aJ45gw9T0=", "owner": "nix-community", "repo": "NUR", - "rev": "6ec87d8ba9fc4d280242d6c39952119d0e8e846c", + "rev": "6658c5ed7a14b950cc47db1508a9f7f7a86de72a", "type": "github" }, "original": { @@ -1264,11 +1264,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1686668298, - "narHash": "sha256-AADh9NqHh6X2LOem4BvI7oCkMm+JPCSCE7iIw5nn0VA=", + "lastModified": 1687251716, + "narHash": "sha256-+sFS41thsB5U+lY/dBYPSmU4AJ7nz/VdM1WD35fXVeM=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "5b6b54d3f722aa95cbf4ddbe35390a0af8c0015a", + "rev": "7807e1851d95828ed98491930d2d9e7ddbe65da4", "type": "github" }, "original": { -- 2.47.1 From 3d3a933465c076677733c98ccdd66fea564f8d14 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 27 Jun 2023 11:19:54 +0200 Subject: [PATCH 1714/1882] add lock merge strategy --- flake.lock | 60 ++++++++++++++--------------- nixos/common/desktop/home.nix | 21 ---------- nixos/common/hm-modules/default.nix | 4 +- nixos/common/hm-modules/git.nix | 31 +++++++++++++++ nixos/common/users/victor.nix | 9 +++++ 5 files changed, 73 insertions(+), 52 deletions(-) create mode 100644 nixos/common/hm-modules/git.nix diff --git a/flake.lock b/flake.lock index 87a2436a..8acde919 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1685518550, - "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", + "lastModified": 1687171271, + "narHash": "sha256-BJlq+ozK2B1sJDQXS3tzJM5a+oVZmi1q0FlBK/Xqv7M=", "owner": "numtide", "repo": "flake-utils", - "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef", + "rev": "abfb11bd1aec8ced1c9bb9adfe68018230f4fb3c", "type": "github" }, "original": { @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1687506590, - "narHash": "sha256-CSou9mrG9h/WVRjCptfTrATVxvhmtdQXElmWV/ZkrAs=", + "lastModified": 1687856573, + "narHash": "sha256-rzC+5rRsy92Dhjb1q5e5tDjdhRfL1z4WFWwlcD3a+4Q=", "owner": "nix-community", "repo": "home-manager", - "rev": "d2b6f2d154bf6b27a93ed895392f80c503df7cfa", + "rev": "4c08f65ab5105a55eed3fc9003f3e6874b69fe13", "type": "github" }, "original": { @@ -838,11 +838,11 @@ }, "nixlib": { "locked": { - "lastModified": 1687049841, - "narHash": "sha256-FBNZQfWtA7bb/rwk92mfiWc85x4hXta2OAouDqO5W8w=", + "lastModified": 1687654967, + "narHash": "sha256-ki8vItcjn8Z8n+QD9NEoCQbbbG7VzWy71hyOkFFwCkM=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "908af6d1fa3643c5818ea45aa92b21d6385fbbe5", + "rev": "b3ec8fb525fc0c8f08eff5ef93c684b4c6d0e777", "type": "github" }, "original": { @@ -859,11 +859,11 @@ ] }, "locked": { - "lastModified": 1687398392, - "narHash": "sha256-T6kc3NMTpGJk1/dve8PGupeVcxboEb78xtTKhe3LL/A=", + "lastModified": 1687743756, + "narHash": "sha256-WhDERdaMGX73CBxpDfoauKU2Z4NC10+/4khdBbpXjWs=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "649171f56a45af13ba693c156207eafbbbf7edfe", + "rev": "844ce2ab9a0ba819b30df1fff2c48c9b2b2344be", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1687502512, - "narHash": "sha256-dBL/01TayOSZYxtY4cMXuNCBk8UMLoqRZA+94xiFpJA=", + "lastModified": 1687681650, + "narHash": "sha256-M2If+gRcfpmaJy/XbfSsRzLlPpoU4nr0NHnKKl50fd8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3ae20aa58a6c0d1ca95c9b11f59a2d12eebc511f", + "rev": "1c9db9710cb23d60570ad4d7ab829c2d34403de3", "type": "github" }, "original": { @@ -1081,11 +1081,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1686960236, - "narHash": "sha256-AYCC9rXNLpUWzD9hm+askOfpliLEC9kwAo7ITJc4HIw=", + "lastModified": 1687502512, + "narHash": "sha256-dBL/01TayOSZYxtY4cMXuNCBk8UMLoqRZA+94xiFpJA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "04af42f3b31dba0ef742d254456dc4c14eedac86", + "rev": "3ae20aa58a6c0d1ca95c9b11f59a2d12eebc511f", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1687466461, - "narHash": "sha256-oupXI7g7RPzlpGUfAu1xG4KBK53GrZH8/xeKgKDB4+Q=", + "lastModified": 1687729501, + "narHash": "sha256-mTLkMePoHUWvTCf3NuKbeYEea/tsikSIKBWwb9OfRr4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ecb441f22067ba1d6312f4932a7c64efa8d19a7b", + "rev": "35130d4b4f0b8c50ed2aceb909a538c66c91d4a0", "type": "github" }, "original": { @@ -1180,11 +1180,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1687436522, - "narHash": "sha256-qVe/gt1qgVpr+kianMSpp3rQM6GTyYkJf3bM5k+Fr0k=", + "lastModified": 1687855346, + "narHash": "sha256-jC4IPURCQz38VKU9RgeU9+j49qdAYSVYhXZdfr+/Up4=", "owner": "pta2002", "repo": "nixvim", - "rev": "f43505d54fba9141a1f905e140980c3b431b0d1b", + "rev": "b15623e3908e90ef64c31633ca8d0cd8c73ac648", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1687596377, - "narHash": "sha256-WmwCXiNvZoOdAaKFFzZQ2SIE0FGxfz+VVHAwyiYBJHY=", + "lastModified": 1687855182, + "narHash": "sha256-QrroBJ1lhh/vNbPWxVmSk1nyJszqOwAZ1MdwC+VwIfA=", "owner": "nix-community", "repo": "NUR", - "rev": "6ec87d8ba9fc4d280242d6c39952119d0e8e846c", + "rev": "b6d71a0534aa7ef33b061d3d1cf2c5a4969acd72", "type": "github" }, "original": { @@ -1264,11 +1264,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1686668298, - "narHash": "sha256-AADh9NqHh6X2LOem4BvI7oCkMm+JPCSCE7iIw5nn0VA=", + "lastModified": 1687251716, + "narHash": "sha256-+sFS41thsB5U+lY/dBYPSmU4AJ7nz/VdM1WD35fXVeM=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "5b6b54d3f722aa95cbf4ddbe35390a0af8c0015a", + "rev": "7807e1851d95828ed98491930d2d9e7ddbe65da4", "type": "github" }, "original": { diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index 67407df8..b84eb644 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -41,27 +41,6 @@ in { direnv = true; }; - programs.exa = { - enable = true; - enableAliases = true; - }; - - programs.bat.enable = true; - - programs.git = { - enable = true; - package = pkgs.gitAndTools.gitFull; - userName = "Victor"; - userEmail = "victor@xirion.net"; - lfs.enable = true; - extraConfig = { - push.autoSetupRemote = true; - init.defaultBranch = "main"; - }; - - difftastic.enable = true; - }; - programs.firefox.enable = true; programs.chromium = { diff --git a/nixos/common/hm-modules/default.nix b/nixos/common/hm-modules/default.nix index 914008ee..29d2e443 100644 --- a/nixos/common/hm-modules/default.nix +++ b/nixos/common/hm-modules/default.nix @@ -1 +1,3 @@ -{ ... }: { imports = [ ./catppuccin.nix ./nvim.nix ./riff.nix ./vscode.nix ]; } +{ ... }: { + imports = [ ./catppuccin.nix ./nvim.nix ./riff.nix ./vscode.nix ./git.nix ]; +} diff --git a/nixos/common/hm-modules/git.nix b/nixos/common/hm-modules/git.nix new file mode 100644 index 00000000..1237fccc --- /dev/null +++ b/nixos/common/hm-modules/git.nix @@ -0,0 +1,31 @@ +{ config, pkgs, lib, ... }: +with lib; +let cfg = config.programs.v.git; +in { + options.programs.v.git = { enable = mkEnableOption "git"; }; + config = mkIf cfg.enable { + programs.git = { + enable = true; + package = pkgs.gitAndTools.gitFull; + userName = "Victor"; + userEmail = "victor@xirion.net"; + lfs.enable = true; + extraConfig = { + push.autoSetupRemote = true; + init.defaultBranch = "main"; + # Git merge driver that always grabs upstream changes + # Useful for e.g. lock files + merge.theirs = { + name = "Keep Upstream Changes"; + driver = "cp -f '%B' '%A'"; + }; + }; + + difftastic.enable = true; + }; + + home.file.".config/git/attributes".text = '' + flake.lock merge=theirs + ''; + }; +} diff --git a/nixos/common/users/victor.nix b/nixos/common/users/victor.nix index 51477333..692ddd70 100644 --- a/nixos/common/users/victor.nix +++ b/nixos/common/users/victor.nix @@ -30,6 +30,7 @@ home.stateVersion = "23.05"; programs.v.nvim.enable = true; + programs.v.git.enable = true; programs.tmux = { enable = true; @@ -37,5 +38,13 @@ terminal = "screen-256color"; clock24 = true; }; + + programs.exa = { + enable = true; + enableAliases = true; + }; + + programs.bat.enable = true; + }; } -- 2.47.1 From 0260a1cec609a4995fecfc15faf864044d668c3c Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 27 Jun 2023 11:23:25 +0200 Subject: [PATCH 1715/1882] invert meger strategy --- flake.lock | 6 +++--- nixos/common/hm-modules/git.nix | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index 09680f8e..2737626d 100644 --- a/flake.lock +++ b/flake.lock @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1687847320, - "narHash": "sha256-/nISfR5SHOYWhpoMFp1LqXbRm1MuqY+gxUMggXM9HMk=", + "lastModified": 1687856573, + "narHash": "sha256-rzC+5rRsy92Dhjb1q5e5tDjdhRfL1z4WFWwlcD3a+4Q=", "owner": "nix-community", "repo": "home-manager", - "rev": "3bc1bc40121eb0975dc3d96741300bb4fd16be29", + "rev": "4c08f65ab5105a55eed3fc9003f3e6874b69fe13", "type": "github" }, "original": { diff --git a/nixos/common/hm-modules/git.nix b/nixos/common/hm-modules/git.nix index 1237fccc..f7bb1392 100644 --- a/nixos/common/hm-modules/git.nix +++ b/nixos/common/hm-modules/git.nix @@ -15,9 +15,9 @@ in { init.defaultBranch = "main"; # Git merge driver that always grabs upstream changes # Useful for e.g. lock files - merge.theirs = { - name = "Keep Upstream Changes"; - driver = "cp -f '%B' '%A'"; + merge.ours = { + name = "Overwrite Upstream Changes"; + driver = "cp -f '%A' '%B'"; }; }; @@ -25,7 +25,7 @@ in { }; home.file.".config/git/attributes".text = '' - flake.lock merge=theirs + flake.lock merge=ours ''; }; } -- 2.47.1 From 35309a83c13709bb75d30c73991ac299defcb5b8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 27 Jun 2023 22:00:30 +0000 Subject: [PATCH 1716/1882] chore(deps): update renovate/renovate docker tag to v35.144.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 500e1352..3b848c81 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.143.0 + image: renovate/renovate:35.144.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From a1b8261328ea795a04111c77628dae13f7855dab Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 29 Jun 2023 18:57:42 +0200 Subject: [PATCH 1717/1882] lock flake --- flake.lock | 60 +++++++++++++++++++++++++++--------------------------- 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/flake.lock b/flake.lock index 2737626d..16bbc45e 100644 --- a/flake.lock +++ b/flake.lock @@ -131,11 +131,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1687186099, - "narHash": "sha256-J5/LWwTqpSphwgvzZl4AJ6TlrJpdEG8PRLjlGr8D24U=", + "lastModified": 1687971279, + "narHash": "sha256-xqlz/RvtSGn2Abb1LKu3++NjJ0D8jt/Y+tHIhIpHU2E=", "owner": "nix-community", "repo": "comma", - "rev": "3c039932f6032454db850296b1ea73537a06ff3f", + "rev": "bea6db4db59bf4f299aa78d1d9e8be7f2b726b5a", "type": "github" }, "original": { @@ -503,11 +503,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1687171271, - "narHash": "sha256-BJlq+ozK2B1sJDQXS3tzJM5a+oVZmi1q0FlBK/Xqv7M=", + "lastModified": 1687709756, + "narHash": "sha256-Y5wKlQSkgEK2weWdOu4J3riRd+kV/VCgHsqLNTTWQ/0=", "owner": "numtide", "repo": "flake-utils", - "rev": "abfb11bd1aec8ced1c9bb9adfe68018230f4fb3c", + "rev": "dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7", "type": "github" }, "original": { @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1687856573, - "narHash": "sha256-rzC+5rRsy92Dhjb1q5e5tDjdhRfL1z4WFWwlcD3a+4Q=", + "lastModified": 1687969886, + "narHash": "sha256-tC2qFLmuM0PFaw0tMHVcFmzsG/351q09qa1EpuL2n1U=", "owner": "nix-community", "repo": "home-manager", - "rev": "4c08f65ab5105a55eed3fc9003f3e6874b69fe13", + "rev": "a7002d6bfca54742d5fc9b485a1879953b4585b9", "type": "github" }, "original": { @@ -859,11 +859,11 @@ ] }, "locked": { - "lastModified": 1687743756, - "narHash": "sha256-WhDERdaMGX73CBxpDfoauKU2Z4NC10+/4khdBbpXjWs=", + "lastModified": 1688003049, + "narHash": "sha256-5oSxbv8OVSg2dOvycJ9eisacxF8e52N0PVUFryWWJmE=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "844ce2ab9a0ba819b30df1fff2c48c9b2b2344be", + "rev": "bde0bc291c95b710dd63d5e5c422e47f760a1406", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1687806882, - "narHash": "sha256-VQJTKlPf/05AhAKrgkeYhtE3Ti2AxhPGrRC+GoqWmEY=", + "lastModified": 1687893427, + "narHash": "sha256-jJHj0Lxpvov1IPYQK441oLAKxxemHm16U9jf60bXAFU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "90de72aacb4836e381afdd559e76daefdcf7171c", + "rev": "4b14ab2a916508442e685089672681dff46805be", "type": "github" }, "original": { @@ -1081,11 +1081,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1687502512, - "narHash": "sha256-dBL/01TayOSZYxtY4cMXuNCBk8UMLoqRZA+94xiFpJA=", + "lastModified": 1687807295, + "narHash": "sha256-7TUD0p0m4mZpIi1O+Cyk5NCqpJUnhv/CJOAuHOndjao=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3ae20aa58a6c0d1ca95c9b11f59a2d12eebc511f", + "rev": "6b3d1b1cf13f407fef5e634b224d575eb7211975", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1687729501, - "narHash": "sha256-mTLkMePoHUWvTCf3NuKbeYEea/tsikSIKBWwb9OfRr4=", + "lastModified": 1687829761, + "narHash": "sha256-QRe1Y8SS3M4GeC58F/6ajz6V0ZLUVWX3ZAMgov2N3/g=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "35130d4b4f0b8c50ed2aceb909a538c66c91d4a0", + "rev": "9790f3242da2152d5aa1976e3e4b8b414f4dd206", "type": "github" }, "original": { @@ -1180,11 +1180,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1687855346, - "narHash": "sha256-jC4IPURCQz38VKU9RgeU9+j49qdAYSVYhXZdfr+/Up4=", + "lastModified": 1687879003, + "narHash": "sha256-EaMXh13XOu8KJktF3ZD9CW3rijOI257XDvtDeEm7y0M=", "owner": "pta2002", "repo": "nixvim", - "rev": "b15623e3908e90ef64c31633ca8d0cd8c73ac648", + "rev": "dfc00b20329a165ce45d88a18dd00415c683a2a5", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1687855182, - "narHash": "sha256-QrroBJ1lhh/vNbPWxVmSk1nyJszqOwAZ1MdwC+VwIfA=", + "lastModified": 1688028455, + "narHash": "sha256-sMlbGLSU8uvqdkyb7rp561usOoMEQmsQpky6NY6TdIM=", "owner": "nix-community", "repo": "NUR", - "rev": "b6d71a0534aa7ef33b061d3d1cf2c5a4969acd72", + "rev": "fee73837636df9092dbd72241f6b9ad281850056", "type": "github" }, "original": { @@ -1264,11 +1264,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1687251716, - "narHash": "sha256-+sFS41thsB5U+lY/dBYPSmU4AJ7nz/VdM1WD35fXVeM=", + "lastModified": 1687779420, + "narHash": "sha256-noueZE/Z5qx6NF/grg46qlpZ/1nuPpc92RvqgCmRaLI=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "7807e1851d95828ed98491930d2d9e7ddbe65da4", + "rev": "1fa438eee82f35bdd4bc30a9aacd7648d757b388", "type": "github" }, "original": { -- 2.47.1 From 92e314baecdf6ffd5b019d29f52c497349903471 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 30 Jun 2023 11:12:22 +0200 Subject: [PATCH 1718/1882] locked flake --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 16bbc45e..5d56baa0 100644 --- a/flake.lock +++ b/flake.lock @@ -745,11 +745,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1687462267, - "narHash": "sha256-rNSputjn/0HEHHnsKfQ8mQVEPVchcBw7DsbND7Wg8dk=", + "lastModified": 1688064897, + "narHash": "sha256-Q3CZc6ZfC4KpjGWVPsrofFgxor+UjqhbFBSi7YmHVvI=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "24128c3052090311688b09a400aa408ba61c6ee5", + "rev": "0c1801b48995ec6909e040abedaa56a64f0db430", "type": "gitlab" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1687893427, - "narHash": "sha256-jJHj0Lxpvov1IPYQK441oLAKxxemHm16U9jf60bXAFU=", + "lastModified": 1688034761, + "narHash": "sha256-5JvF67rWxHSoM8Wdkd33LSiHXBmXmiVFv53R7yRmfGw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4b14ab2a916508442e685089672681dff46805be", + "rev": "d02209e8cfbdc925ec204a5c75d5551374516002", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1688028455, - "narHash": "sha256-sMlbGLSU8uvqdkyb7rp561usOoMEQmsQpky6NY6TdIM=", + "lastModified": 1688114728, + "narHash": "sha256-y/Fq9Z46/S7dfV6mGn3AXPF5esdKtnwd/VPDEx4XqIU=", "owner": "nix-community", "repo": "NUR", - "rev": "fee73837636df9092dbd72241f6b9ad281850056", + "rev": "69e27788f5cbf3474ca6e8e5f074f99d134f4455", "type": "github" }, "original": { -- 2.47.1 From 82e6f177392778f3425babc84c45df21f3edf516 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 30 Jun 2023 22:00:24 +0000 Subject: [PATCH 1719/1882] chore(deps): update renovate/renovate docker tag to v35.148.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 3b848c81..5be5d15a 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.144.0 + image: renovate/renovate:35.148.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 8dd971c1d81ba33b2d8cf00f80c9a16ddbf33893 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 1 Jul 2023 13:21:07 +0200 Subject: [PATCH 1720/1882] update lock file --- flake.lock | 8 ++++---- flake.nix | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index 5d56baa0..2daf1004 100644 --- a/flake.lock +++ b/flake.lock @@ -1066,16 +1066,16 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1688034761, - "narHash": "sha256-5JvF67rWxHSoM8Wdkd33LSiHXBmXmiVFv53R7yRmfGw=", + "lastModified": 1688049487, + "narHash": "sha256-100g4iaKC9MalDjUW9iN6Jl/OocTDtXdeAj7pEGIRh4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d02209e8cfbdc925ec204a5c75d5551374516002", + "rev": "4bc72cae107788bf3f24f30db2e2f685c9298dc9", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-unstable-small", + "ref": "nixos-unstable", "type": "indirect" } }, diff --git a/flake.nix b/flake.nix index 9526c29d..8e9cfe49 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "nixpkgs/nixos-unstable-small"; + nixpkgs.url = "nixpkgs/nixos-unstable"; nixpkgs_stable.url = "nixpkgs/nixos-23.05"; -- 2.47.1 From 8b717411ce57776535042c0af89b326f276bab05 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 2 Jul 2023 10:31:37 +0200 Subject: [PATCH 1721/1882] flake.lock --- flake.lock | 48 ++++++++++++++++++++++++------------------------ 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/flake.lock b/flake.lock index 2daf1004..4b35453e 100644 --- a/flake.lock +++ b/flake.lock @@ -110,11 +110,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1685163780, - "narHash": "sha256-tMwseHtEFDpO3WKeZKWqrKRAZI6TiEULidxEbzicuFg=", + "lastModified": 1688224393, + "narHash": "sha256-rsAvFNhRFzTF7qyb6WprLFghJnRxMFjvD2e5/dqMp4I=", "owner": "zhaofengli", "repo": "colmena", - "rev": "c61bebae1dc1d57237577080b1ca1e37a3fbcebf", + "rev": "19384f3ee2058c56021e4465a3ec57e84a47d8dd", "type": "github" }, "original": { @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1687969886, - "narHash": "sha256-tC2qFLmuM0PFaw0tMHVcFmzsG/351q09qa1EpuL2n1U=", + "lastModified": 1688220547, + "narHash": "sha256-cNKKLPaEOxd6t22Mt3tHGubyylbKGdoi2A3QkMTKes0=", "owner": "nix-community", "repo": "home-manager", - "rev": "a7002d6bfca54742d5fc9b485a1879953b4585b9", + "rev": "89d10f8adce369a80e046c2fd56d1e7b7507bb5b", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1688049487, - "narHash": "sha256-100g4iaKC9MalDjUW9iN6Jl/OocTDtXdeAj7pEGIRh4=", + "lastModified": 1688141540, + "narHash": "sha256-xh2aLD8R6gau+O+9h1ad+OAjCAj07lCKsY44+p/bJS8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4bc72cae107788bf3f24f30db2e2f685c9298dc9", + "rev": "4ffc4dc91838df228c8214162c106c24ec8fe03f", "type": "github" }, "original": { @@ -1081,11 +1081,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1687807295, - "narHash": "sha256-7TUD0p0m4mZpIi1O+Cyk5NCqpJUnhv/CJOAuHOndjao=", + "lastModified": 1688049487, + "narHash": "sha256-100g4iaKC9MalDjUW9iN6Jl/OocTDtXdeAj7pEGIRh4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6b3d1b1cf13f407fef5e634b224d575eb7211975", + "rev": "4bc72cae107788bf3f24f30db2e2f685c9298dc9", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1687829761, - "narHash": "sha256-QRe1Y8SS3M4GeC58F/6ajz6V0ZLUVWX3ZAMgov2N3/g=", + "lastModified": 1688109178, + "narHash": "sha256-BSdeYp331G4b1yc7GIRgAnfUyaktW2nl7k0C577Tttk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9790f3242da2152d5aa1976e3e4b8b414f4dd206", + "rev": "b72aa95f7f096382bff3aea5f8fde645bca07422", "type": "github" }, "original": { @@ -1180,11 +1180,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1687879003, - "narHash": "sha256-EaMXh13XOu8KJktF3ZD9CW3rijOI257XDvtDeEm7y0M=", + "lastModified": 1688132679, + "narHash": "sha256-tcgiYX8cxJv2kRf9en/Czt/c3eoeUD7Vt/iiJ9crbcU=", "owner": "pta2002", "repo": "nixvim", - "rev": "dfc00b20329a165ce45d88a18dd00415c683a2a5", + "rev": "4a9a3c1f6cea52d756d406d6467b48898cdbff07", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1688114728, - "narHash": "sha256-y/Fq9Z46/S7dfV6mGn3AXPF5esdKtnwd/VPDEx4XqIU=", + "lastModified": 1688281346, + "narHash": "sha256-8Ye+22AiHy2Uv2ZCk7xs8gQja2w/q8zHbQtXuK5u77M=", "owner": "nix-community", "repo": "NUR", - "rev": "69e27788f5cbf3474ca6e8e5f074f99d134f4455", + "rev": "4f2ed25a697069bfd53f7421b6c2123a47790276", "type": "github" }, "original": { @@ -1264,11 +1264,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1687779420, - "narHash": "sha256-noueZE/Z5qx6NF/grg46qlpZ/1nuPpc92RvqgCmRaLI=", + "lastModified": 1688056373, + "narHash": "sha256-2+SDlNRTKsgo3LBRiMUcoEUb6sDViRNQhzJquZ4koOI=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "1fa438eee82f35bdd4bc30a9aacd7648d757b388", + "rev": "5843cf069272d92b60c3ed9e55b7a8989c01d4c7", "type": "github" }, "original": { -- 2.47.1 From 4987946cf19b027ddd57a7e9b47df771498e5118 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 2 Jul 2023 22:00:41 +0000 Subject: [PATCH 1722/1882] chore(deps): update renovate/renovate docker tag to v35.158.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 5be5d15a..73aea3d1 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.148.0 + image: renovate/renovate:35.158.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 37d3170c72c97732ba0096e240061028493f5b5f Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 3 Jul 2023 11:51:35 +0200 Subject: [PATCH 1723/1882] lock flake --- flake.lock | 54 +++++++++++++++++++++++++++--------------------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/flake.lock b/flake.lock index 4b35453e..96e798dc 100644 --- a/flake.lock +++ b/flake.lock @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1688220547, - "narHash": "sha256-cNKKLPaEOxd6t22Mt3tHGubyylbKGdoi2A3QkMTKes0=", + "lastModified": 1688302761, + "narHash": "sha256-YIYKeX3YfoAIg9DTe6cl1ga87rDCNDZugdGuqsvEN30=", "owner": "nix-community", "repo": "home-manager", - "rev": "89d10f8adce369a80e046c2fd56d1e7b7507bb5b", + "rev": "c85d9137db45a1c9c161f4718b13cc3bd4cbd173", "type": "github" }, "original": { @@ -838,11 +838,11 @@ }, "nixlib": { "locked": { - "lastModified": 1687654967, - "narHash": "sha256-ki8vItcjn8Z8n+QD9NEoCQbbbG7VzWy71hyOkFFwCkM=", + "lastModified": 1688259758, + "narHash": "sha256-CYVbYQfIm3vwciCf6CCYE+WOOLE3vcfxfEfNHIfKUJQ=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "b3ec8fb525fc0c8f08eff5ef93c684b4c6d0e777", + "rev": "a92befce80a487380ea5e92ae515fe33cebd3ac6", "type": "github" }, "original": { @@ -859,11 +859,11 @@ ] }, "locked": { - "lastModified": 1688003049, - "narHash": "sha256-5oSxbv8OVSg2dOvycJ9eisacxF8e52N0PVUFryWWJmE=", + "lastModified": 1688349424, + "narHash": "sha256-/wRCJP2d9ZmfZKrREWthpDHIx/F02Z1J2bytbC+gUiU=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "bde0bc291c95b710dd63d5e5c422e47f760a1406", + "rev": "cf341a2c94338eed91c35df291931ea775b31e99", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1688141540, - "narHash": "sha256-xh2aLD8R6gau+O+9h1ad+OAjCAj07lCKsY44+p/bJS8=", + "lastModified": 1688231357, + "narHash": "sha256-ZOn16X5jZ6X5ror58gOJAxPfFLAQhZJ6nOUeS4tfFwo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4ffc4dc91838df228c8214162c106c24ec8fe03f", + "rev": "645ff62e09d294a30de823cb568e9c6d68e92606", "type": "github" }, "original": { @@ -1081,11 +1081,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1688049487, - "narHash": "sha256-100g4iaKC9MalDjUW9iN6Jl/OocTDtXdeAj7pEGIRh4=", + "lastModified": 1688231357, + "narHash": "sha256-ZOn16X5jZ6X5ror58gOJAxPfFLAQhZJ6nOUeS4tfFwo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4bc72cae107788bf3f24f30db2e2f685c9298dc9", + "rev": "645ff62e09d294a30de823cb568e9c6d68e92606", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1688109178, - "narHash": "sha256-BSdeYp331G4b1yc7GIRgAnfUyaktW2nl7k0C577Tttk=", + "lastModified": 1688177999, + "narHash": "sha256-JZ5nk90Ym79b4J593xYb0mI79QxU0efJLuCU3sXDalQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b72aa95f7f096382bff3aea5f8fde645bca07422", + "rev": "0de86059128947b2438995450f2c2ca08cc783d5", "type": "github" }, "original": { @@ -1180,11 +1180,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1688132679, - "narHash": "sha256-tcgiYX8cxJv2kRf9en/Czt/c3eoeUD7Vt/iiJ9crbcU=", + "lastModified": 1688370989, + "narHash": "sha256-AFc+oyb7joWjMjVDVsNKENjJ94eA/ub9uEmyk68lOJc=", "owner": "pta2002", "repo": "nixvim", - "rev": "4a9a3c1f6cea52d756d406d6467b48898cdbff07", + "rev": "d39103bba5661bd3598de3f26374eaf987951553", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1688281346, - "narHash": "sha256-8Ye+22AiHy2Uv2ZCk7xs8gQja2w/q8zHbQtXuK5u77M=", + "lastModified": 1688373029, + "narHash": "sha256-lHCdKJ79pBWcILK73ajNh3qTb+Sqc5k9M7MkNLMROQY=", "owner": "nix-community", "repo": "NUR", - "rev": "4f2ed25a697069bfd53f7421b6c2123a47790276", + "rev": "6874f4eb899371204e9357da3881a57ca9844e00", "type": "github" }, "original": { @@ -1264,11 +1264,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1688056373, - "narHash": "sha256-2+SDlNRTKsgo3LBRiMUcoEUb6sDViRNQhzJquZ4koOI=", + "lastModified": 1688137124, + "narHash": "sha256-ramG4s/+A5+t/QG2MplTNPP/lmBWDtbW6ilpwb9sKVo=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "5843cf069272d92b60c3ed9e55b7a8989c01d4c7", + "rev": "522fd47af79b66cdd04b92618e65c7a11504650a", "type": "github" }, "original": { -- 2.47.1 From c740f8ec15d544a1d640a2b2ff187c1dc2a6f8c6 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 4 Jul 2023 12:32:41 +0200 Subject: [PATCH 1724/1882] update mastodon --- flake.lock | 24 +- nixos/pkgs/glitch-soc/default.nix | 2 +- nixos/pkgs/glitch-soc/gemset.nix | 371 ++++++++++++++---------------- nixos/pkgs/glitch-soc/source.nix | 4 +- 4 files changed, 184 insertions(+), 217 deletions(-) diff --git a/flake.lock b/flake.lock index 96e798dc..f0a47d97 100644 --- a/flake.lock +++ b/flake.lock @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1688302761, - "narHash": "sha256-YIYKeX3YfoAIg9DTe6cl1ga87rDCNDZugdGuqsvEN30=", + "lastModified": 1688462905, + "narHash": "sha256-O0z2MLPwqloy0I46rAKWO4G4WUuUgSvzbUD5ujcVlN8=", "owner": "nix-community", "repo": "home-manager", - "rev": "c85d9137db45a1c9c161f4718b13cc3bd4cbd173", + "rev": "3be2abb2e6df41d9ddd5816032adf91691328225", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1688177999, - "narHash": "sha256-JZ5nk90Ym79b4J593xYb0mI79QxU0efJLuCU3sXDalQ=", + "lastModified": 1688389917, + "narHash": "sha256-RKiK1QeommEsjQ8fLgxt4831x9O6n2gD7wAhVZTrr8M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0de86059128947b2438995450f2c2ca08cc783d5", + "rev": "aed4b19d312525ae7ca9bceb4e1efe3357d0e2eb", "type": "github" }, "original": { @@ -1180,11 +1180,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1688370989, - "narHash": "sha256-AFc+oyb7joWjMjVDVsNKENjJ94eA/ub9uEmyk68lOJc=", + "lastModified": 1688411300, + "narHash": "sha256-oQlZ3KmMKsEfihUZYMzTP4qottrv8jM8JVi1y75TvmU=", "owner": "pta2002", "repo": "nixvim", - "rev": "d39103bba5661bd3598de3f26374eaf987951553", + "rev": "89d0b05c9d2a677489fbcfb7a0cff66d5af1ed67", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1688373029, - "narHash": "sha256-lHCdKJ79pBWcILK73ajNh3qTb+Sqc5k9M7MkNLMROQY=", + "lastModified": 1688457350, + "narHash": "sha256-M+Vt3CKilvjY44vlodUmcj18nGAFJIMUN654NIgAUVw=", "owner": "nix-community", "repo": "NUR", - "rev": "6874f4eb899371204e9357da3881a57ca9844e00", + "rev": "a7780363dafaf0f4715ae0c3c37d2fe44601e019", "type": "github" }, "original": { diff --git a/nixos/pkgs/glitch-soc/default.nix b/nixos/pkgs/glitch-soc/default.nix index 74839caf..1ffe0d39 100644 --- a/nixos/pkgs/glitch-soc/default.nix +++ b/nixos/pkgs/glitch-soc/default.nix @@ -42,7 +42,7 @@ stdenv.mkDerivation rec { yarnOfflineCache = fetchYarnDeps { yarnLock = "${src}/yarn.lock"; # sha256 = lib.fakeSha256; - sha256 = "sha256-+i5vejb1XWwNQffg9gzRY8FVOt8MK6ht4cxSSrGAS/Q="; + sha256 = "sha256-8fUJ1RBQZ16R3IpA/JEcn+PO04ApQ9TkHuYKycvV8BY="; }; nativeBuildInputs = [ diff --git a/nixos/pkgs/glitch-soc/gemset.nix b/nixos/pkgs/glitch-soc/gemset.nix index e67520a5..855957d8 100644 --- a/nixos/pkgs/glitch-soc/gemset.nix +++ b/nixos/pkgs/glitch-soc/gemset.nix @@ -5,10 +5,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0bndmmby5qxq8rs42fbb2ax3hhbjj2ds8wja08s0iadkbrn7shvf"; + sha256 = "10y18l67i6ry7v9w0qwh26477g4gm0qrjjpa87pa5a42hzkglnc7"; type = "gem"; }; - version = "6.1.7.3"; + version = "6.1.7.4"; }; actionmailbox = { dependencies = ["actionpack" "activejob" "activerecord" "activestorage" "activesupport" "mail"]; @@ -16,10 +16,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0cx00kf0syq5gdhlrmw0q9v92ki55drbsk4gzy86ls2q8xkd792s"; + sha256 = "1ihayijdgasf0rp10x6h335k3y1hgqr6c9s8lxqmhm4gpczajaac"; type = "gem"; }; - version = "6.1.7.3"; + version = "6.1.7.4"; }; actionmailer = { dependencies = ["actionpack" "actionview" "activejob" "activesupport" "mail" "rails-dom-testing"]; @@ -27,10 +27,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0vbif021cyndq3v3m61dkmgdbbirqk9zcsszb9nisq24m3gx1aai"; + sha256 = "03557cskby5alpncnhgm1j1kq43xqq75sdd6r2x22q3j2jv68pj5"; type = "gem"; }; - version = "6.1.7.3"; + version = "6.1.7.4"; }; actionpack = { dependencies = ["actionview" "activesupport" "rack" "rack-test" "rails-dom-testing" "rails-html-sanitizer"]; @@ -38,10 +38,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0k6hc7klvn8m88b88vykl83jrpqhn4zz67l2zx9v266xga6fhala"; + sha256 = "1x7ffyan8sbv4ywjghiyiv077vfxyf6i6y0h4k0mfpdmf76l0i86"; type = "gem"; }; - version = "6.1.7.3"; + version = "6.1.7.4"; }; actiontext = { dependencies = ["actionpack" "activerecord" "activestorage" "activesupport" "nokogiri"]; @@ -49,10 +49,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "16ldxyxlxl9scggpmkww2fxzim7sl2b4js610pvddcsr74z9fjs7"; + sha256 = "0g5gw9ywirw7814wn8cdnnv1df58x5gplgpb15gaw5gzkw9cgvd8"; type = "gem"; }; - version = "6.1.7.3"; + version = "6.1.7.4"; }; actionview = { dependencies = ["activesupport" "builder" "erubi" "rails-dom-testing" "rails-html-sanitizer"]; @@ -60,10 +60,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ck02cfc17s6g05qn0k7khwvvazwbf2rxbjcma8px2nw2j1ngvcn"; + sha256 = "0cmzc2c00lsdr5hpmsgs8axs5pbhv5xyqiyi69wf81pqypd2cy3l"; type = "gem"; }; - version = "6.1.7.3"; + version = "6.1.7.4"; }; active_model_serializers = { dependencies = ["actionpack" "activemodel" "case_transform" "jsonapi-renderer"]; @@ -82,10 +82,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "05bkw9qgjgj2nxzjj2fh6jp1fcvgff0aa4r77k0gcfmnzc1g8wdl"; + sha256 = "153z9lmkip3v243xxa5rcc8am82ma73ar46q4vxbmzi850a5yjj2"; type = "gem"; }; - version = "6.1.7.3"; + version = "6.1.7.4"; }; activemodel = { dependencies = ["activesupport"]; @@ -93,10 +93,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "03hy5bwghdklcxbdylmsq70y0qzslck5slb2zkvp7g6mmvk86kwd"; + sha256 = "1bpr0zspih2rf2ppzjxaw8sq6gfqg9vss5h0fs4r85p03579swin"; type = "gem"; }; - version = "6.1.7.3"; + version = "6.1.7.4"; }; activerecord = { dependencies = ["activemodel" "activesupport"]; @@ -104,10 +104,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1alshkgbcxp9s4vqb2b0yrrnyg15kxhlp1slsb03a61w7h42pspw"; + sha256 = "06403rkjnyr80yj4g05lb5hn04yfzipa7bm0gplbqrrykr3hvh5r"; type = "gem"; }; - version = "6.1.7.3"; + version = "6.1.7.4"; }; activestorage = { dependencies = ["actionpack" "activejob" "activerecord" "activesupport" "marcel" "mini_mime"]; @@ -115,10 +115,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "06w4wlabqqr9bwdig44r5vdwkcbbivwgwn2fl775w7h05vrccgp8"; + sha256 = "094kvh8bp792xccql54kky8prmvqvfzwwv9xas2pnh8s4v3avbzl"; type = "gem"; }; - version = "6.1.7.3"; + version = "6.1.7.4"; }; activesupport = { dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo" "zeitwerk"]; @@ -126,10 +126,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "06mihpy83a5xmavvn7l8vbix472dsi0vh30xj6g594k0679m0ir6"; + sha256 = "0s465919p6fcgcsqin8w8hay2m598dvnzks490hbsb0p68sdz69m"; type = "gem"; }; - version = "6.1.7.3"; + version = "6.1.7.4"; }; addressable = { dependencies = ["public_suffix"]; @@ -185,7 +185,7 @@ version = "3.2.0"; }; ast = { - groups = ["default" "development" "test"]; + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -240,10 +240,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "18ndv604p1p3gkyy0d958jx2wp74d100q6vbc6ak70a7bv93wqsg"; + sha256 = "0plbj6d69j3vi8zwg9q8hkr77b7p7kg8bfqpvv9ghv2zay3igp3v"; type = "gem"; }; - version = "1.752.0"; + version = "1.780.0"; }; aws-sdk-core = { dependencies = ["aws-eventstream" "aws-partitions" "aws-sigv4" "jmespath"]; @@ -251,10 +251,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0732vv8zi67z25fss1sdvqx0vv1ap3w6hz1avxzwznkjp002vj39"; + sha256 = "1fbbzcszpdjy2yzxfvl5fzgn0jgznkwxvqpb46nxv69gqhv3dpsg"; type = "gem"; }; - version = "3.171.0"; + version = "3.175.0"; }; aws-sdk-kms = { dependencies = ["aws-sdk-core" "aws-sigv4"]; @@ -262,10 +262,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0v87zi28dfmrv7bv91yfldccnpd63n295siirbz7wqv1rajn8n02"; + sha256 = "0dkgcgvif4hjlq5jhixd2hf17pm2pib7p3jxg9g92pybsff9rk7c"; type = "gem"; }; - version = "1.63.0"; + version = "1.67.0"; }; aws-sdk-s3 = { dependencies = ["aws-sdk-core" "aws-sdk-kms" "aws-sigv4"]; @@ -273,10 +273,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1s5v3799pi7ik53gv7dl02am5pngv6x4azzwx9my09nll4q3lfk8"; + sha256 = "17ya49rwjzimqhzsj6vlc4xfvj2sixy04kr4b6ddg3r6y0jrsixi"; type = "gem"; }; - version = "1.121.0"; + version = "1.126.0"; }; aws-sigv4 = { dependencies = ["aws-eventstream"]; @@ -300,19 +300,19 @@ version = "3.1.18"; }; better_errors = { - dependencies = ["coderay" "erubi" "rack"]; + dependencies = ["erubi" "rack" "rouge"]; groups = ["development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "11220lfzhsyf5fcril3qd689kgg46qlpiiaj00hc9mh4mcbc3vrr"; + sha256 = "0wqazisnn6hn1wsza412xribpw5wzx6b5z5p4mcpfgizr6xg367p"; type = "gem"; }; - version = "2.9.1"; + version = "2.10.1"; }; better_html = { dependencies = ["actionview" "activesupport" "ast" "erubi" "parser" "smart_properties"]; - groups = ["default" "development" "test"]; + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -421,10 +421,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0nwn1a20q7xmlsgjqzf8msicyi6wkrjvgw62625717323ymz6qsr"; + sha256 = "14pflh85rrs2l8k0m286j4vaab5vad2sfqq9dncqb31z05vy29mn"; type = "gem"; }; - version = "3.17.2"; + version = "3.17.3"; }; capistrano-bundler = { dependencies = ["capistrano"]; @@ -476,10 +476,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "06b4nlhirsq8ny17s8zgz7qyvl9v41rixj1xkviiiwxlnjz982d3"; + sha256 = "114qm5f5vhwaaw9rj1h2lcamh46zl13v1m18jiw68zl961gwmw6n"; type = "gem"; }; - version = "3.39.0"; + version = "3.39.2"; }; case_transform = { dependencies = ["activesupport"]; @@ -553,16 +553,6 @@ }; version = "1.2.15"; }; - coderay = { - groups = ["default" "development"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0jvxqxzply1lwp7ysn94zjhh57vc14mcshw1ygw14ib8lhc00lyw"; - type = "gem"; - }; - version = "1.1.3"; - }; color_diff = { groups = ["default"]; platforms = []; @@ -588,10 +578,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0dndngqvkm2ih3wqn5ilf9980c1cc57lqn5lywx3myalzpilq05z"; + sha256 = "1x32mcpm2cl5492kd6lbjbaf17qsssmpx9kdyr7z1wcif2cwyh0g"; type = "gem"; }; - version = "2.4.0"; + version = "2.4.1"; }; cose = { dependencies = ["cbor" "openssl-signature_algorithm"]; @@ -690,7 +680,7 @@ version = "9.2.0"; }; diff-lcs = { - groups = ["default" "development" "test"]; + groups = ["default" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -852,13 +842,13 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0j826kfvzn7nc5pv950n270r0sx1702k988ad11cdlav3dcxxw09"; + sha256 = "08r6qgbpkxxsihjmlspk3l1sr69q5hx35p1l4wp7rmkbzys89867"; type = "gem"; }; - version = "0.99.0"; + version = "0.100.0"; }; fabrication = { - groups = ["development" "test"]; + groups = ["test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -1005,10 +995,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0nnggg20za5vamdpkgrxxa32z33d8hf0g2bciswkhqnc6amb3yjr"; + sha256 = "1pd7pamzhdz2w0fbcvsfn2nyslznvphnwj16zw35g2b28zd2xyzx"; type = "gem"; }; - version = "2.2.6"; + version = "2.2.7"; }; ffi = { groups = ["default"]; @@ -1087,7 +1077,7 @@ }; fuubar = { dependencies = ["rspec-core" "ruby-progressbar"]; - groups = ["development" "test"]; + groups = ["test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -1172,7 +1162,7 @@ version = "7.1.0"; }; highline = { - groups = ["default" "development" "test"]; + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -1280,14 +1270,14 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1vdcchz7jli1p0gnc669a7bj3q1fv09y9ppf0y3k0vb1jwdwrqwi"; + sha256 = "0qaamqsh5f3szhcakkak8ikxlzxqnv49n2p7504hcz2l0f4nj0wx"; type = "gem"; }; - version = "1.12.0"; + version = "1.14.1"; }; i18n-tasks = { dependencies = ["activesupport" "ast" "better_html" "erubi" "highline" "i18n" "parser" "rails-i18n" "rainbow" "terminal-table"]; - groups = ["development" "test"]; + groups = ["development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -1327,7 +1317,7 @@ version = "1.6.2"; }; json = { - groups = ["default" "development" "test"]; + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -1405,10 +1395,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "09yj3z5snhaawh2z1w45yyihzmh57m6m7dp8ra8gxavhj5kbiq5p"; + sha256 = "16z11alz13vfc4zs5l3fk6n51n2jw9lskvc4h4prnww0y797qd87"; type = "gem"; }; - version = "2.7.0"; + version = "2.7.1"; }; kaminari = { dependencies = ["activesupport" "kaminari-actionview" "kaminari-activerecord" "kaminari-core"]; @@ -1458,13 +1448,11 @@ groups = ["default"]; platforms = []; source = { - fetchSubmodules = false; - rev = "11abf222dc31bff71160a1d138b445214f434b2b"; - sha256 = "03mw3vaqwwi92l1nfd7lrhdiv9gcvdbar2wl1bi4pb3ja4h8nx2v"; - type = "git"; - url = "https://github.com/kreeti/kt-paperclip.git"; + remotes = ["https://rubygems.org"]; + sha256 = "0qrv9xyxxhxr482p25f3m7nfghw66i8jl02hy9b6pwam8m1knngp"; + type = "gem"; }; - version = "7.1.1"; + version = "7.2.0"; }; launchy = { dependencies = ["addressable"]; @@ -1537,10 +1525,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1mi4ia13fisc97fzd8xcd9wkjdki7zfbmdn1xkdzplicir68gyp8"; + sha256 = "1p744kjpb5zk2ihklbykzii77alycjc04vpnm2ch2f3cp65imlj3"; type = "gem"; }; - version = "2.20.0"; + version = "2.21.3"; }; mail = { dependencies = ["mini_mime" "net-imap" "net-pop" "net-smtp"]; @@ -1651,30 +1639,30 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1af4yarhbbx62f7qsmgg5fynrik0s36wjy3difkawy536xg343mp"; + sha256 = "0z7f38iq37h376n9xbl4gajdrnwzq284c9v1py4imw3gri2d5cj6"; type = "gem"; }; - version = "2.8.1"; + version = "2.8.2"; }; minitest = { groups = ["default" "development" "pam_authentication" "production" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ic7i5z88zcaqnpzprf7saimq2f6sad57g5mkkqsrqrcd6h3mx06"; + sha256 = "1kg9wh7jlc9zsr3hkhpzkbn0ynf4np5ap9m2d8xdrb8shy0y6pmb"; type = "gem"; }; - version = "5.18.0"; + version = "5.18.1"; }; msgpack = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "172ky0r1jfcm3xyg067pia7k1lhc15vw9svv93max120gcdbrvji"; + sha256 = "06n7556vxr3awh92xy1k5bli98bvq4pjm08mnl68ay4fzln7lcsg"; type = "gem"; }; - version = "1.7.0"; + version = "1.7.1"; }; multi_json = { groups = ["default"]; @@ -1713,10 +1701,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1d996zf3g8xz244791b0qsl9vr7zg4lqnnmf9k2kshr9lki5jam8"; + sha256 = "1k1qyjr9lkk5y3483k6wk6d9h1jx4v5hzby1mf0pj3b4kr2arxbm"; type = "gem"; }; - version = "0.3.4"; + version = "0.3.6"; }; net-ldap = { groups = ["default"]; @@ -1798,31 +1786,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0fnw0z8zl8b5k35g9m5hhc1g4s6ajzjinhyxnqjrx7l7p07fw71v"; + sha256 = "1mr2ibfk874ncv0qbdkynay738w2mfinlkhnbd5lyk5yiw5q1p10"; type = "gem"; }; - version = "1.14.3"; - }; - nsa = { - dependencies = ["activesupport" "concurrent-ruby" "sidekiq" "statsd-ruby"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1jzs1n71pi6najhs9h8jx156gzgk3h9bwjr60vazizwdz3mm69ia"; - type = "gem"; - }; - version = "0.2.8"; + version = "1.15.2"; }; oj = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0l8l90iibzrxs33vn3adrhbg8cbmbn1qfh962p7gzwwybsdw73qy"; + sha256 = "1s6ipcar6sgwipnc577d4x80ypq2s35k9142jn3l89lh53888mmg"; type = "gem"; }; - version = "3.14.3"; + version = "3.15.0"; }; omniauth = { dependencies = ["hashie" "rack"]; @@ -1932,7 +1909,7 @@ version = "2.14.16"; }; parallel = { - groups = ["default" "development" "test"]; + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -1942,15 +1919,15 @@ version = "1.23.0"; }; parser = { - dependencies = ["ast"]; - groups = ["default" "development" "test"]; + dependencies = ["ast" "racc"]; + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08f89nssj7ws7sjfvc2fcjpfm83sjgmniyh0npnmpqf5sfv44r8x"; + sha256 = "1swigds85jddb5gshll1g8lkmbcgbcp9bi1d4nigwvxki8smys0h"; type = "gem"; }; - version = "3.2.2.1"; + version = "3.2.2.3"; }; parslet = { groups = ["default"]; @@ -1994,16 +1971,6 @@ }; version = "3.3.3"; }; - pkg-config = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "02fw2pzrmvwp67nbndpy8a2ln74fd8kmsiffw77z7g1mp58ww651"; - type = "gem"; - }; - version = "1.5.1"; - }; posix-spawn = { groups = ["default"]; platforms = []; @@ -2037,7 +2004,7 @@ version = "1.12.0"; }; private_address_check = { - groups = ["production" "test"]; + groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -2062,10 +2029,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0yf4jmkyy8das7pj1xzwllfvzkhq2p6p534j61d9h4wz3nfyf0s5"; + sha256 = "1v7fmv0n4bhdcwh60dgza44iqai5pg34f5pzm4vh4i5fwx7mpqxh"; type = "gem"; }; - version = "6.2.2"; + version = "6.3.0"; }; pundit = { dependencies = ["activesupport"]; @@ -2093,10 +2060,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "09jgz6r0f7v84a7jz9an85q8vvmp743dqcsdm3z9c8rqcqv6pljq"; + sha256 = "11v3l46mwnlzlc371wr3x6yylpgafgwdf0q7hc7c1lzx6r414r5g"; type = "gem"; }; - version = "1.6.2"; + version = "1.7.1"; }; rack = { groups = ["default" "development" "pam_authentication" "production" "test"]; @@ -2169,10 +2136,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "07cs7qdkx6vwp66diwdy9g6mx52rsd8rxhbnsqf9bqam58g2aynj"; + sha256 = "17ympjpkhz06xqsay18hskpbs64nh05hzrsckx8va6ikrxhs2ksq"; type = "gem"; }; - version = "6.1.7.3"; + version = "6.1.7.4"; }; rails-controller-testing = { dependencies = ["actionpack" "actionview" "activesupport"]; @@ -2197,19 +2164,19 @@ version = "2.0.3"; }; rails-html-sanitizer = { - dependencies = ["loofah"]; + dependencies = ["loofah" "nokogiri"]; groups = ["default" "development" "pam_authentication" "production" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ygav4xyq943qqyhjmi3mzirn180j565mc9h5j4css59x1sn0cmz"; + sha256 = "1pm4z853nyz1bhhqr7fzl44alnx4bjachcr6rh6qjj375sfz3sc6"; type = "gem"; }; - version = "1.5.0"; + version = "1.6.0"; }; rails-i18n = { dependencies = ["i18n" "railties"]; - groups = ["default" "development" "test"]; + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -2237,13 +2204,13 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1d2snjnx1j848axppj2napy3zjgbka3fnw2528rcamhm6dp694nd"; + sha256 = "0g92if3cxxysl9h6x6ibs7y9dsbcniiwgcldvg00kib02b3pxkbb"; type = "gem"; }; - version = "6.1.7.3"; + version = "6.1.7.4"; }; rainbow = { - groups = ["default" "development" "test"]; + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -2268,10 +2235,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "097r6fc1gkb62lq0ny9xblvxrg84vdq9w1p6v0hjw20cdgracsdj"; + sha256 = "1jx4xyip4inrhr099zac8ah5232g70rv39mm19p85sgpwg80a6ip"; type = "gem"; }; - version = "3.2.10"; + version = "3.2.11"; }; rdf-normalize = { dependencies = ["rdf"]; @@ -2279,10 +2246,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1dngmsk9wg1vws56pl87dys0ns4bcn9arf8ip6zxa0gypr3ifq3m"; + sha256 = "1rn9j5skl04403b5sxhpq2j9m9k7vl0wjwvycs6piknn7ahrfxh9"; type = "gem"; }; - version = "0.5.1"; + version = "0.6.0"; }; redcarpet = { groups = ["default"]; @@ -2310,10 +2277,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "154dfnrjpbv7fhwhfrcnp6jn9qv5qaj3mvlvbgkl7qy5qsknw71c"; + sha256 = "0f92i9cwlp6xj6fyn7qn4qsaqvxfw4wqvayll7gbd26qnai1l6p9"; type = "gem"; }; - version = "1.10.0"; + version = "1.11.0"; }; redlock = { dependencies = ["redis"]; @@ -2331,10 +2298,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "17xizkw5ryw8hhq64iqxmzdrrdxpc5lhkqc1fgm1aj0zsk1r2950"; + sha256 = "136br91alxdwh1s85z912dwz23qlhm212vy6i3wkinz3z8mkxxl3"; type = "gem"; }; - version = "2.8.0"; + version = "2.8.1"; }; request_store = { dependencies = ["rack"]; @@ -2378,6 +2345,16 @@ }; version = "6.2.2"; }; + rouge = { + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0pym2zjwl6dwdfvbn7rbvmds32r70jx9qddhvvi6pqy6987ack1v"; + type = "gem"; + }; + version = "4.1.2"; + }; rpam2 = { groups = ["default" "pam_authentication"]; platforms = []; @@ -2394,10 +2371,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0s97q1rqmw7rzsdr500hr4f2k6s24n8qk1klciz5q94zvdrygx3p"; + sha256 = "1hggzz8i1l62pkkiybhiqv6ypxw7q844sddrrbbfczjcnj5sivi3"; type = "gem"; }; - version = "2.1.2"; + version = "2.2.0"; }; rqrcode_core = { groups = ["default"]; @@ -2411,7 +2388,7 @@ }; rspec-core = { dependencies = ["rspec-support"]; - groups = ["default" "development" "test"]; + groups = ["default" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -2422,7 +2399,7 @@ }; rspec-expectations = { dependencies = ["diff-lcs" "rspec-support"]; - groups = ["default" "development" "test"]; + groups = ["default" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -2433,7 +2410,7 @@ }; rspec-mocks = { dependencies = ["diff-lcs" "rspec-support"]; - groups = ["default" "development" "test"]; + groups = ["default" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -2444,14 +2421,14 @@ }; rspec-rails = { dependencies = ["actionpack" "activesupport" "railties" "rspec-core" "rspec-expectations" "rspec-mocks" "rspec-support"]; - groups = ["development" "test"]; + groups = ["test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0d3fnabkaw8n0na2dpnlg2xygggj51djzpj9x6y5rkiqbfyqwv01"; + sha256 = "086qdyz7c4s5dslm6j06mq7j4jmj958whc3yinhabnqqmz7i463d"; type = "gem"; }; - version = "6.0.1"; + version = "6.0.3"; }; rspec-sidekiq = { dependencies = ["rspec-core" "sidekiq"]; @@ -2465,7 +2442,7 @@ version = "3.1.0"; }; rspec-support = { - groups = ["default" "development" "test"]; + groups = ["default" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -2475,7 +2452,7 @@ version = "3.12.0"; }; rspec_chunked = { - groups = ["development" "test"]; + groups = ["test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -2484,42 +2461,31 @@ }; version = "0.6"; }; - rspec_junit_formatter = { - dependencies = ["rspec-core"]; - groups = ["test"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "059bnq1gcwl9g93cqf13zpz38zk7jxaa43anzz06qkmfwrsfdpa0"; - type = "gem"; - }; - version = "0.6.0"; - }; rubocop = { dependencies = ["json" "parallel" "parser" "rainbow" "regexp_parser" "rexml" "rubocop-ast" "ruby-progressbar" "unicode-display_width"]; - groups = ["development" "test"]; + groups = ["development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0l46lw5gfj3mcm982wpmx7br4rs466gyislv0hfwcsk8dxhv1zkw"; + sha256 = "0bxc1p7bwh8dlmcvh6ns239sp9v8j46vw4h450ag8wa7bh1ii1wh"; type = "gem"; }; - version = "1.50.2"; + version = "1.52.1"; }; rubocop-ast = { dependencies = ["parser"]; - groups = ["default" "development" "test"]; + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0n2gsafg6p7nr1z8i1hkvp2qqkkbg842ba183dnl0h08xd9ms6q5"; + sha256 = "188bs225kkhrb17dsf3likdahs2p1i1sqn0pr3pvlx50g6r2mnni"; type = "gem"; }; - version = "1.28.0"; + version = "1.29.0"; }; rubocop-capybara = { dependencies = ["rubocop"]; - groups = ["development" "test"]; + groups = ["development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -2528,20 +2494,31 @@ }; version = "2.18.0"; }; - rubocop-performance = { - dependencies = ["rubocop" "rubocop-ast"]; - groups = ["development" "test"]; + rubocop-factory_bot = { + dependencies = ["rubocop"]; + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1z6i24r0485fxa5n4g3rhp88w589fifszhd1khbzya2iiknkjxkr"; + sha256 = "0kqchl8f67k2g56sq2h1sm2wb6br5gi47s877hlz94g5086f77n1"; type = "gem"; }; - version = "1.17.1"; + version = "2.23.1"; + }; + rubocop-performance = { + dependencies = ["rubocop" "rubocop-ast"]; + groups = ["development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0bp02784v0qm8qcswi169s0ar6216rwk516v3idzpbxznpqp97ac"; + type = "gem"; + }; + version = "1.18.0"; }; rubocop-rails = { dependencies = ["activesupport" "rack" "rubocop"]; - groups = ["development" "test"]; + groups = ["development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -2551,15 +2528,15 @@ version = "2.19.1"; }; rubocop-rspec = { - dependencies = ["rubocop" "rubocop-capybara"]; - groups = ["development" "test"]; + dependencies = ["rubocop" "rubocop-capybara" "rubocop-factory_bot"]; + groups = ["development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1k8yh0nzlz0g8igmj5smnxq71qmi2b005nkl25wkpjkwvzn2wfdx"; + sha256 = "00rsflhijcr0q838fgbdmk7knm5kcjpimn6x0k9qmiw15hi96x1d"; type = "gem"; }; - version = "2.19.0"; + version = "2.22.0"; }; ruby-progressbar = { groups = ["default" "development" "test"]; @@ -2577,10 +2554,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1706dyk5jdma75bnl9rhmx8vgzjw12ixnj3y32inmpcgzgsvs76k"; + sha256 = "18vnbzin5ypxrgcs9lllg7x311b69dyrdw2w1pwz84438hmxm79s"; type = "gem"; }; - version = "1.13.0"; + version = "1.15.0"; }; ruby2_keywords = { groups = ["default"]; @@ -2608,10 +2585,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1as4yrb8y5lq49div8p3vqgwrrhdgwnvx4m73y3712nmnlpx6cws"; + sha256 = "14lr8c2sswn0sisvrfi4448pmr34za279k3zlxgh581rl1y0gjjz"; type = "gem"; }; - version = "3.8.2"; + version = "3.9.1"; }; safety_net_attestation = { dependencies = ["jwt"]; @@ -2662,10 +2639,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1z2fx4fzgnw4rzj3h1h4sk6qbkp7p2rdr58b2spxgkcsdzg0i5hh"; + sha256 = "0iv7vgqyrpymiwvc3ca24sl4lda8m627p657p0v4xzdpzincrnbr"; type = "gem"; }; - version = "6.5.8"; + version = "6.5.9"; }; sidekiq-bulk = { dependencies = ["sidekiq"]; @@ -2684,10 +2661,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ygsynfb214g9ijgj4wl88jbkx79js8hd6wn65cxaaa54l82w1fj"; + sha256 = "0p5jjs3x2pa2fy494xs39xbq642pri13809dcr1l3hjsm56qvp1h"; type = "gem"; }; - version = "5.0.2"; + version = "5.0.3"; }; sidekiq-unique-jobs = { dependencies = ["brpoplpush-redis_script" "concurrent-ruby" "redis" "sidekiq" "thor"]; @@ -2754,7 +2731,7 @@ version = "0.1.4"; }; smart_properties = { - groups = ["default" "development" "test"]; + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -2806,16 +2783,6 @@ }; version = "0.2.25"; }; - statsd-ruby = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "028136c463nbravckxb1qi5c5nnv9r6vh2cyhiry423lac4xz79n"; - type = "gem"; - }; - version = "1.5.0"; - }; stoplight = { dependencies = ["redlock"]; groups = ["default"]; @@ -2864,14 +2831,14 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "07k5wr2ypsmsbyc9d1plhdki4xr7vvggld8r1i49iljkrpx5nbqc"; + sha256 = "09p32vp94sa1mbr0if0adf02yzc4ns00lsmpwns2xbkncwpzrqm4"; type = "gem"; }; - version = "0.10.0"; + version = "0.10.2"; }; terminal-table = { dependencies = ["unicode-display_width"]; - groups = ["default" "development" "test"]; + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -2896,20 +2863,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0inl77jh4ia03jw3iqm5ipr76ghal3hyjrd6r8zqsswwvi9j2xdi"; + sha256 = "0k7j2wn14h1pl4smibasw0bp66kg626drxb59z7rzflch99cd4rg"; type = "gem"; }; - version = "1.2.1"; + version = "1.2.2"; }; tilt = { groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1qmhi6d9przjzhsyk9g5pq2j75c656msh6xzprqd2mxgphf23jxs"; + sha256 = "0bmjgbv8158klwp2r3klxjwaj93nh1sbl4xvj9wsha0ic478avz7"; type = "gem"; }; - version = "2.1.0"; + version = "2.2.0"; }; timeout = { groups = ["default" "development"]; @@ -3039,7 +3006,7 @@ version = "0.0.8.2"; }; unicode-display_width = { - groups = ["default" "development" "test"]; + groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -3053,10 +3020,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1vigw7nfszfqgikr6n574k9bfh0rvs74z8xq46rz2zsm8249l8cc"; + sha256 = "0fa49cdssxllj1j37a56kq27wsibx5lmqxkqdk1rz3452y0bsydy"; type = "gem"; }; - version = "0.12.1"; + version = "0.12.2"; }; validate_email = { dependencies = ["activemodel" "mail"]; @@ -3205,10 +3172,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "028ld9qmgdllxrl7d0qkl65s58wb1n3gv8yjs28g43a8b1hplxk1"; + sha256 = "0ck6bj7wa73dkdh13735jl06k6cfny98glxjkas82aivlmyzqqbk"; type = "gem"; }; - version = "2.6.7"; + version = "2.6.8"; }; } diff --git a/nixos/pkgs/glitch-soc/source.nix b/nixos/pkgs/glitch-soc/source.nix index 1d38a9aa..3613bb19 100644 --- a/nixos/pkgs/glitch-soc/source.nix +++ b/nixos/pkgs/glitch-soc/source.nix @@ -2,8 +2,8 @@ { fetchgit, applyPatches }: let src = fetchgit { url = "https://github.com/glitch-soc/mastodon.git"; - rev = "058898802a377877961ff3bfa7d5209a5e275545"; - sha256 = "0rn7l94031yl1lyyz7yvky6bqshw4nllwissxlpyqcmii52gwp7y"; + rev = "ed15893eed1d0f0b80867c0b834a5962c0dbd3c2"; + sha256 = "1lkcqqgk8pfrwjz5m8zq5dnwix18sc4i89cc58iqifwqzb53wqxl"; }; in applyPatches { inherit src; -- 2.47.1 From 321e2018b27be553090ecf7895143e37a371f5e3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 4 Jul 2023 14:00:23 +0000 Subject: [PATCH 1725/1882] chore(deps): update renovate/renovate docker tag to v35.159.5 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 73aea3d1..c3aeec2d 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.158.0 + image: renovate/renovate:35.159.5 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From f3db53cb156f63faeacdd0e09e1baeeafbb83bf0 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 5 Jul 2023 12:48:01 +0200 Subject: [PATCH 1726/1882] fix nginx --- flake.lock | 24 +++++++++++------------ nixos/hosts/hades/nginx/configuration.nix | 2 +- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/flake.lock b/flake.lock index f0a47d97..dfe1cef3 100644 --- a/flake.lock +++ b/flake.lock @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1688462905, - "narHash": "sha256-O0z2MLPwqloy0I46rAKWO4G4WUuUgSvzbUD5ujcVlN8=", + "lastModified": 1688552611, + "narHash": "sha256-pV/1/AU1l5CNFeKmdJ1jofcaKHhtKAbxY4gazeCyoSo=", "owner": "nix-community", "repo": "home-manager", - "rev": "3be2abb2e6df41d9ddd5816032adf91691328225", + "rev": "b23c7501f7e0a001486c9a5555a6c53ac7b08e85", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1688231357, - "narHash": "sha256-ZOn16X5jZ6X5ror58gOJAxPfFLAQhZJ6nOUeS4tfFwo=", + "lastModified": 1688500189, + "narHash": "sha256-djYYiY4lzJOlXOnTHytH6BUugrxHDZjuGxTSrU4gt4M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "645ff62e09d294a30de823cb568e9c6d68e92606", + "rev": "78419edadf0fabbe5618643bd850b2f2198ed060", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1688389917, - "narHash": "sha256-RKiK1QeommEsjQ8fLgxt4831x9O6n2gD7wAhVZTrr8M=", + "lastModified": 1688482527, + "narHash": "sha256-9zd0YC2gfsRvVJENZsVs1R5LBj5/t127JlCLggn/970=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "aed4b19d312525ae7ca9bceb4e1efe3357d0e2eb", + "rev": "c7a18f89ef1dc423f57f3de9bd5d9355550a5d15", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1688457350, - "narHash": "sha256-M+Vt3CKilvjY44vlodUmcj18nGAFJIMUN654NIgAUVw=", + "lastModified": 1688549687, + "narHash": "sha256-O/EMxPUQmPPcjbv8dlpEsPTm60RNodrm6lZcL5Edec0=", "owner": "nix-community", "repo": "NUR", - "rev": "a7780363dafaf0f4715ae0c3c37d2fe44601e019", + "rev": "86dbcd4e5454c5cc2ca5c0c944e83e5227c44bde", "type": "github" }, "original": { diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix index 6f618d1d..71b0a245 100644 --- a/nixos/hosts/hades/nginx/configuration.nix +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -57,7 +57,7 @@ in { }; # virtualHosts."blog.xirion.net" = proxy "http://10.10.10.12"; virtualHosts."git.xirion.net" = proxy "http://10.10.10.12"; - virtualHosts."mail.xirion.net" = proxy "http://192.168.0.118"; + # virtualHosts."mail.xirion.net" = proxy "http://192.168.0.118"; virtualHosts."o.xirion.net" = proxy "http://192.168.0.112:9000"; virtualHosts."g.xirion.net" = proxy "http://garage.hades:3900"; virtualHosts."requests.xirion.net" = proxy "http://overseerr.hades:5055"; -- 2.47.1 From c890baa636540e85605cbbd5c7fbf086ba059a3d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 5 Jul 2023 22:00:28 +0000 Subject: [PATCH 1727/1882] chore(deps): update dependency fluxcd/flux2 to v2 --- .../base/flux-system/gotk-components.yaml | 5481 ++++++++++------- 1 file changed, 3334 insertions(+), 2147 deletions(-) diff --git a/flux/olympus/base/flux-system/gotk-components.yaml b/flux/olympus/base/flux-system/gotk-components.yaml index 71fd9895..3736b749 100644 --- a/flux/olympus/base/flux-system/gotk-components.yaml +++ b/flux/olympus/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.41.2 +# Flux Version: v2.0.0 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -8,442 +8,293 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 + app.kubernetes.io/version: v2.0.0 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system --- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null labels: - app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 - name: alerts.notification.toolkit.fluxcd.io + app.kubernetes.io/version: v2.0.0 + name: allow-egress + namespace: flux-system spec: - group: notification.toolkit.fluxcd.io - names: - kind: Alert - listKind: AlertList - plural: alerts - singular: alert - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: Alert is the Schema for the alerts API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AlertSpec defines an alerting rule for events involving a - list of objects - properties: - eventSeverity: - default: info - description: Filter events based on severity, defaults to ('info'). - If set to 'info' no events will be filtered. - enum: - - info - - error - type: string - eventSources: - description: Filter events based on the involved objects. - items: - description: CrossNamespaceObjectReference contains enough information - to let you locate the typed referenced object at cluster level - properties: - apiVersion: - description: API version of the referent - type: string - kind: - description: Kind of the referent - enum: - - Bucket - - GitRepository - - Kustomization - - HelmRelease - - HelmChart - - HelmRepository - - ImageRepository - - ImagePolicy - - ImageUpdateAutomation - - OCIRepository - type: string - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - name: - description: Name of the referent - maxLength: 53 - minLength: 1 - type: string - namespace: - description: Namespace of the referent - maxLength: 53 - minLength: 1 - type: string - required: - - name - type: object - type: array - exclusionList: - description: A list of Golang regular expressions to be used for excluding - messages. - items: - type: string - type: array - providerRef: - description: Send events using this provider. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - summary: - description: Short description of the impact and affected cluster. - type: string - suspend: - description: This flag tells the controller to suspend subsequent - events dispatching. Defaults to false. - type: boolean - required: - - eventSources - - providerRef - type: object - status: - default: - observedGeneration: -1 - description: AlertStatus defines the observed state of Alert - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta2 - schema: - openAPIV3Schema: - description: Alert is the Schema for the alerts API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AlertSpec defines an alerting rule for events involving a - list of objects. - properties: - eventSeverity: - default: info - description: EventSeverity specifies how to filter events based on - severity. If set to 'info' no events will be filtered. - enum: - - info - - error - type: string - eventSources: - description: EventSources specifies how to filter events based on - the involved object kind, name and namespace. - items: - description: CrossNamespaceObjectReference contains enough information - to let you locate the typed referenced object at cluster level - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - Bucket - - GitRepository - - Kustomization - - HelmRelease - - HelmChart - - HelmRepository - - ImageRepository - - ImagePolicy - - ImageUpdateAutomation - - OCIRepository - type: string - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - name: - description: Name of the referent. - maxLength: 53 - minLength: 1 - type: string - namespace: - description: Namespace of the referent. - maxLength: 53 - minLength: 1 - type: string - required: - - name - type: object - type: array - exclusionList: - description: ExclusionList specifies a list of Golang regular expressions - to be used for excluding messages. - items: - type: string - type: array - providerRef: - description: ProviderRef specifies which Provider this Alert should - use. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - summary: - description: Summary holds a short description of the impact and affected - cluster. - maxLength: 255 - type: string - suspend: - description: Suspend tells the controller to suspend subsequent events - handling for this Alert. - type: boolean - required: - - eventSources - - providerRef - type: object - status: - default: - observedGeneration: -1 - description: AlertStatus defines the observed state of the Alert. - properties: - conditions: - description: Conditions holds the conditions for the Alert. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} + egress: + - {} + ingress: + - from: + - podSelector: {} + podSelector: {} + policyTypes: + - Ingress + - Egress +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v2.0.0 + name: allow-scraping + namespace: flux-system +spec: + ingress: + - from: + - namespaceSelector: {} + ports: + - port: 8080 + protocol: TCP + podSelector: {} + policyTypes: + - Ingress +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v2.0.0 + name: allow-webhooks + namespace: flux-system +spec: + ingress: + - from: + - namespaceSelector: {} + podSelector: + matchLabels: + app: notification-controller + policyTypes: + - Ingress +--- +apiVersion: v1 +kind: ResourceQuota +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v2.0.0 + name: critical-pods-flux-system + namespace: flux-system +spec: + hard: + pods: "1000" + scopeSelector: + matchExpressions: + - operator: In + scopeName: PriorityClass + values: + - system-node-critical + - system-cluster-critical +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v2.0.0 + name: crd-controller-flux-system +rules: +- apiGroups: + - source.toolkit.fluxcd.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - kustomize.toolkit.fluxcd.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - helm.toolkit.fluxcd.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - notification.toolkit.fluxcd.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - image.toolkit.fluxcd.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - "" + resources: + - namespaces + - secrets + - configmaps + - serviceaccounts + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - configmaps/status + verbs: + - get + - update + - patch +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v2.0.0 + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + name: flux-edit-flux-system +rules: +- apiGroups: + - notification.toolkit.fluxcd.io + - source.toolkit.fluxcd.io + - helm.toolkit.fluxcd.io + - image.toolkit.fluxcd.io + - kustomize.toolkit.fluxcd.io + resources: + - '*' + verbs: + - create + - delete + - deletecollection + - patch + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v2.0.0 + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" + name: flux-view-flux-system +rules: +- apiGroups: + - notification.toolkit.fluxcd.io + - source.toolkit.fluxcd.io + - helm.toolkit.fluxcd.io + - image.toolkit.fluxcd.io + - kustomize.toolkit.fluxcd.io + resources: + - '*' + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v2.0.0 + name: cluster-reconciler-flux-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- kind: ServiceAccount + name: kustomize-controller + namespace: flux-system +- kind: ServiceAccount + name: helm-controller + namespace: flux-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v2.0.0 + name: crd-controller-flux-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: crd-controller-flux-system +subjects: +- kind: ServiceAccount + name: kustomize-controller + namespace: flux-system +- kind: ServiceAccount + name: helm-controller + namespace: flux-system +- kind: ServiceAccount + name: source-controller + namespace: flux-system +- kind: ServiceAccount + name: notification-controller + namespace: flux-system +- kind: ServiceAccount + name: image-reflector-controller + namespace: flux-system +- kind: ServiceAccount + name: image-automation-controller + namespace: flux-system --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 + app.kubernetes.io/version: v2.0.0 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -815,10 +666,6 @@ spec: artifact: description: Artifact represents the last successful Bucket reconciliation. properties: - checksum: - description: 'Checksum is the SHA256 checksum of the Artifact - file. Deprecated: use Artifact.Digest instead.' - type: string digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ @@ -854,7 +701,9 @@ spec: the Artifact contents. type: string required: + - lastUpdateTime - path + - revision - url type: object conditions: @@ -956,13 +805,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 + app.kubernetes.io/version: v2.0.0 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -975,6 +823,391 @@ spec: singular: gitrepository scope: Namespaced versions: + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: GitRepository is the Schema for the gitrepositories API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: GitRepositorySpec specifies the required configuration to + produce an Artifact for a Git repository. + properties: + ignore: + description: Ignore overrides the set of excluded patterns in the + .sourceignore format (which is the same as .gitignore). If not provided, + a default will be used, consult the documentation for your version + to find out what those are. + type: string + include: + description: Include specifies a list of GitRepository resources which + Artifacts should be included in the Artifact produced for this GitRepository. + items: + description: GitRepositoryInclude specifies a local reference to + a GitRepository which Artifact (sub-)contents must be included, + and where they should be placed. + properties: + fromPath: + description: FromPath specifies the path to copy contents from, + defaults to the root of the Artifact. + type: string + repository: + description: GitRepositoryRef specifies the GitRepository which + Artifact contents must be included. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + toPath: + description: ToPath specifies the path to copy contents to, + defaults to the name of the GitRepositoryRef. + type: string + required: + - repository + type: object + type: array + interval: + description: Interval at which to check the GitRepository for updates. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + recurseSubmodules: + description: RecurseSubmodules enables the initialization of all submodules + within the GitRepository as cloned from the URL, using their default + settings. + type: boolean + ref: + description: Reference specifies the Git reference to resolve and + monitor for changes, defaults to the 'master' branch. + properties: + branch: + description: Branch to check out, defaults to 'master' if no other + field is defined. + type: string + commit: + description: "Commit SHA to check out, takes precedence over all + reference fields. \n This can be combined with Branch to shallow + clone the branch, in which the commit is expected to exist." + type: string + name: + description: "Name of the reference to check out; takes precedence + over Branch, Tag and SemVer. \n It must be a valid Git reference: + https://git-scm.com/docs/git-check-ref-format#_description Examples: + \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\", + \"refs/merge-requests/1/head\"" + type: string + semver: + description: SemVer tag expression to check out, takes precedence + over Tag. + type: string + tag: + description: Tag to check out, takes precedence over Branch. + type: string + type: object + secretRef: + description: SecretRef specifies the Secret containing authentication + credentials for the GitRepository. For HTTPS repositories the Secret + must contain 'username' and 'password' fields for basic auth or + 'bearerToken' field for token auth. For SSH repositories the Secret + must contain 'identity' and 'known_hosts' fields. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: Suspend tells the controller to suspend the reconciliation + of this GitRepository. + type: boolean + timeout: + default: 60s + description: Timeout for Git operations like cloning, defaults to + 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + url: + description: URL specifies the Git repository URL, it can be an HTTP/S + or SSH address. + pattern: ^(http|https|ssh)://.*$ + type: string + verify: + description: Verification specifies the configuration to verify the + Git commit signature(s). + properties: + mode: + description: Mode specifies what Git object should be verified, + currently ('head'). + enum: + - head + type: string + secretRef: + description: SecretRef specifies the Secret containing the public + keys of trusted Git authors. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - mode + - secretRef + type: object + required: + - interval + - url + type: object + status: + default: + observedGeneration: -1 + description: GitRepositoryStatus records the observed state of a Git repository. + properties: + artifact: + description: Artifact represents the last successful GitRepository + reconciliation. + properties: + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of the Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: Path is the relative file path of the Artifact. It + can be used to locate the file in the root of the Artifact storage + on the local file system of the controller managing the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: URL is the HTTP address of the Artifact as exposed + by the controller managing the Source. It can be used to retrieve + the Artifact for consumption, e.g. by another controller applying + the Artifact contents. + type: string + required: + - lastUpdateTime + - path + - revision + - url + type: object + conditions: + description: Conditions holds the conditions for the GitRepository. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + includedArtifacts: + description: IncludedArtifacts contains a list of the last successfully + included Artifacts as instructed by GitRepositorySpec.Include. + items: + description: Artifact represents the output of a Source reconciliation. + properties: + digest: + description: Digest is the digest of the file in the form of + ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of the Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI + annotations. + type: object + path: + description: Path is the relative file path of the Artifact. + It can be used to locate the file in the root of the Artifact + storage on the local file system of the controller managing + the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: URL is the HTTP address of the Artifact as exposed + by the controller managing the Source. It can be used to retrieve + the Artifact for consumption, e.g. by another controller applying + the Artifact contents. + type: string + required: + - lastUpdateTime + - path + - revision + - url + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation of + the GitRepository object. + format: int64 + type: integer + observedIgnore: + description: ObservedIgnore is the observed exclusion patterns used + for constructing the source artifact. + type: string + observedInclude: + description: ObservedInclude is the observed list of GitRepository + resources used to produce the current Artifact. + items: + description: GitRepositoryInclude specifies a local reference to + a GitRepository which Artifact (sub-)contents must be included, + and where they should be placed. + properties: + fromPath: + description: FromPath specifies the path to copy contents from, + defaults to the root of the Artifact. + type: string + repository: + description: GitRepositoryRef specifies the GitRepository which + Artifact contents must be included. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + toPath: + description: ToPath specifies the path to copy contents to, + defaults to the name of the GitRepositoryRef. + type: string + required: + - repository + type: object + type: array + observedRecurseSubmodules: + description: ObservedRecurseSubmodules is the observed resource submodules + configuration used to produce the current Artifact. + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} - additionalPrinterColumns: - jsonPath: .spec.url name: URL @@ -988,6 +1221,8 @@ spec: - jsonPath: .metadata.creationTimestamp name: Age type: date + deprecated: true + deprecationWarning: v1beta1 GitRepository is deprecated, upgrade to v1 name: v1beta1 schema: openAPIV3Schema: @@ -1318,6 +1553,8 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 GitRepository is deprecated, upgrade to v1 name: v1beta2 schema: openAPIV3Schema: @@ -1500,6 +1737,7 @@ spec: type: object required: - mode + - secretRef type: object required: - interval @@ -1514,10 +1752,6 @@ spec: description: Artifact represents the last successful GitRepository reconciliation. properties: - checksum: - description: 'Checksum is the SHA256 checksum of the Artifact - file. Deprecated: use Artifact.Digest instead.' - type: string digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ @@ -1553,7 +1787,9 @@ spec: the Artifact contents. type: string required: + - lastUpdateTime - path + - revision - url type: object conditions: @@ -1641,10 +1877,6 @@ spec: items: description: Artifact represents the output of a Source reconciliation. properties: - checksum: - description: 'Checksum is the SHA256 checksum of the Artifact - file. Deprecated: use Artifact.Digest instead.' - type: string digest: description: Digest is the digest of the file in the form of ':'. @@ -1683,7 +1915,9 @@ spec: the Artifact contents. type: string required: + - lastUpdateTime - path + - revision - url type: object type: array @@ -1743,7 +1977,7 @@ spec: type: object type: object served: true - storage: true + storage: false subresources: status: {} --- @@ -1751,13 +1985,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 + app.kubernetes.io/version: v2.0.0 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2204,10 +2437,6 @@ spec: description: Artifact represents the output of the last successful reconciliation. properties: - checksum: - description: 'Checksum is the SHA256 checksum of the Artifact - file. Deprecated: use Artifact.Digest instead.' - type: string digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ @@ -2243,7 +2472,9 @@ spec: the Artifact contents. type: string required: + - lastUpdateTime - path + - revision - url type: object conditions: @@ -2349,898 +2580,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null - labels: - app.kubernetes.io/component: helm-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 - name: helmreleases.helm.toolkit.fluxcd.io -spec: - group: helm.toolkit.fluxcd.io - names: - kind: HelmRelease - listKind: HelmReleaseList - plural: helmreleases - shortNames: - - hr - singular: helmrelease - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v2beta1 - schema: - openAPIV3Schema: - description: HelmRelease is the Schema for the helmreleases API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HelmReleaseSpec defines the desired state of a Helm release. - properties: - chart: - description: Chart defines the template of the v1beta2.HelmChart that - should be created for this HelmRelease. - properties: - spec: - description: Spec holds the template for the v1beta2.HelmChartSpec - for this HelmRelease. - properties: - chart: - description: The name or path the Helm chart is available - at in the SourceRef. - type: string - interval: - description: Interval at which to check the v1beta2.Source - for updates. Defaults to 'HelmReleaseSpec.Interval'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - reconcileStrategy: - default: ChartVersion - description: Determines what enables the creation of a new - artifact. Valid values are ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on - their behavior. Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: The name and namespace of the v1beta2.Source - the chart is available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace of the referent. - maxLength: 63 - minLength: 1 - type: string - required: - - name - type: object - valuesFile: - description: Alternative values file to use as the default - chart values, expected to be a relative path in the SourceRef. - Deprecated in favor of ValuesFiles, for backwards compatibility - the file defined here is merged before the ValuesFiles items. - Ignored when omitted. - type: string - valuesFiles: - description: Alternative list of values files to use as the - chart values (values.yaml is not included by default), expected - to be a relative path in the SourceRef. Values files are - merged in the order of this list with the last file overriding - the first. Ignored when omitted. - items: - type: string - type: array - verify: - description: Verify contains the secret name containing the - trusted public keys used to verify the signature and specifies - which provider to use to check whether OCI image is authentic. - This field is only supported for OCI sources. Chart dependencies, - which are not bundled in the umbrella chart artifact, are - not verified. - properties: - provider: - default: cosign - description: Provider specifies the technology used to - sign the OCI Helm chart. - enum: - - cosign - type: string - secretRef: - description: SecretRef specifies the Kubernetes Secret - containing the trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - version: - default: '*' - description: Version semver expression, ignored for charts - from v1beta2.GitRepository and v1beta2.Bucket sources. Defaults - to latest when omitted. - type: string - required: - - chart - - sourceRef - type: object - required: - - spec - type: object - dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference - slice with references to HelmRelease resources that must be ready - before this HelmRelease can be reconciled. - items: - description: NamespacedObjectReference contains enough information - to locate the referenced Kubernetes resource object in any namespace. - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - name - type: object - type: array - install: - description: Install holds the configuration for Helm install actions - for this HelmRelease. - properties: - crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory - according to the CRD upgrade policy provided here. Valid values - are `Skip`, `Create` or `CreateReplace`. Default is `Create` - and if omitted CRDs are installed but not updated. \n Skip: - do neither install nor replace (update) any CRDs. \n Create: - new CRDs are created, existing CRDs are neither updated nor - deleted. \n CreateReplace: new CRDs are created, existing CRDs - are updated (replaced) but not deleted. \n By default, CRDs - are applied (installed) during Helm install action. With this - option users can opt-in to CRD replace existing CRDs on Helm - install actions, which is not (yet) natively supported by Helm. - https://helm.sh/docs/chart_best_practices/custom_resource_definitions." - enum: - - Skip - - Create - - CreateReplace - type: string - createNamespace: - description: CreateNamespace tells the Helm install action to - create the HelmReleaseSpec.TargetNamespace if it does not exist - yet. On uninstall, the namespace will not be garbage collected. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm install action. - type: boolean - disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm install - action from validating rendered templates against the Kubernetes - OpenAPI Schema. - type: boolean - disableWait: - description: DisableWait disables the waiting for resources to - be ready after a Helm install has been performed. - type: boolean - disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete - after a Helm install has been performed. - type: boolean - remediation: - description: Remediation holds the remediation configuration for - when the Helm install action for the HelmRelease fails. The - default is to not perform any action. - properties: - ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip - remediation when the Helm tests are run after an install - action but fail. Defaults to 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: RemediateLastFailure tells the controller to - remediate the last failure, when no retries remain. Defaults - to 'false'. - type: boolean - retries: - description: Retries is the number of retries that should - be attempted on failures before bailing. Remediation, using - an uninstall, is performed between each attempt. Defaults - to '0', a negative integer equals to unlimited retries. - type: integer - type: object - replace: - description: Replace tells the Helm install action to re-use the - 'ReleaseName', but only if that name is a deleted release which - remains in the history. - type: boolean - skipCRDs: - description: "SkipCRDs tells the Helm install action to not install - any CRDs. By default, CRDs are installed if not already present. - \n Deprecated use CRD policy (`crds`) attribute with value `Skip` - instead." - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm install action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - interval: - description: Interval at which to reconcile the Helm release. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - kubeConfig: - description: KubeConfig for reconciling the HelmRelease on a remote - cluster. When used in combination with HelmReleaseSpec.ServiceAccountName, - forces the controller to act on behalf of that Service Account at - the target cluster. If the --default-service-account flag is set, - its value will be used as a controller level fallback for when HelmReleaseSpec.ServiceAccountName - is empty. - properties: - secretRef: - description: SecretRef holds the name of a secret that contains - a key with the kubeconfig file as the value. If no key is set, - the key will default to 'value'. It is recommended that the - kubeconfig is self-contained, and the secret is regularly updated - if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries - and credentials to the Pod that is responsible for reconciling - Kubernetes resources. - properties: - key: - description: Key in the Secret, when not specified an implementation-specific - default key is used. - type: string - name: - description: Name of the Secret. - type: string - required: - - name - type: object - required: - - secretRef - type: object - maxHistory: - description: MaxHistory is the number of revisions saved by Helm for - this HelmRelease. Use '0' for an unlimited number of revisions; - defaults to '10'. - type: integer - postRenderers: - description: PostRenderers holds an array of Helm PostRenderers, which - will be applied in order of their definition. - items: - description: PostRenderer contains a Helm PostRenderer specification. - properties: - kustomize: - description: Kustomization to apply as PostRenderer. - properties: - images: - description: Images is a list of (image name, new name, - new tag or digest) for changing image names, tags or digests. - This can also be achieved with a patch, but this operator - is simpler to specify. - items: - description: Image contains an image name, a new name, - a new tag or digest, which will replace the original - name and tag. - properties: - digest: - description: Digest is the value used to replace the - original image tag. If digest is present NewTag - value is ignored. - type: string - name: - description: Name is a tag-less image name. - type: string - newName: - description: NewName is the value used to replace - the original name. - type: string - newTag: - description: NewTag is the value used to replace the - original tag. - type: string - required: - - name - type: object - type: array - patches: - description: Strategic merge and JSON patches, defined as - inline YAML objects, capable of targeting objects based - on kind, label and annotation selectors. - items: - description: Patch contains an inline StrategicMerge or - JSON6902 patch, and the target the patch should be applied - to. - properties: - patch: - description: Patch contains an inline StrategicMerge - patch or an inline JSON6902 patch with an array - of operation objects. - type: string - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: AnnotationSelector is a string that - follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: Group is the API group to select - resources from. Together with Version and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: Kind of the API Group to select resources - from. Together with Group and Version it is - capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: LabelSelector is a string that follows - the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: Version of the API Group to select - resources from. Together with Group and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - type: object - type: array - patchesJson6902: - description: JSON 6902 patches, defined as inline YAML objects. - items: - description: JSON6902Patch contains a JSON6902 patch and - the target the patch should be applied to. - properties: - patch: - description: Patch contains the JSON6902 patch document - with an array of operation objects. - items: - description: JSON6902 is a JSON6902 operation object. - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - properties: - from: - description: From contains a JSON-pointer value - that references a location within the target - document where the operation is performed. - The meaning of the value depends on the value - of Op, and is NOT taken into account by all - operations. - type: string - op: - description: Op indicates the operation to perform. - Its value MUST be one of "add", "remove", - "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 - enum: - - test - - remove - - add - - replace - - move - - copy - type: string - path: - description: Path contains the JSON-pointer - value that references a location within the - target document where the operation is performed. - The meaning of the value depends on the value - of Op. - type: string - value: - description: Value contains a valid JSON structure. - The meaning of the value depends on the value - of Op, and is NOT taken into account by all - operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path - type: object - type: array - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: AnnotationSelector is a string that - follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: Group is the API group to select - resources from. Together with Version and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: Kind of the API Group to select resources - from. Together with Group and Version it is - capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: LabelSelector is a string that follows - the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: Version of the API Group to select - resources from. Together with Group and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - - target - type: object - type: array - patchesStrategicMerge: - description: Strategic merge patches, defined as inline - YAML objects. - items: - x-kubernetes-preserve-unknown-fields: true - type: array - type: object - type: object - type: array - releaseName: - description: ReleaseName used for the Helm release. Defaults to a - composition of '[TargetNamespace-]Name'. - maxLength: 53 - minLength: 1 - type: string - rollback: - description: Rollback holds the configuration for Helm rollback actions - for this HelmRelease. - properties: - cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created - during the Helm rollback action when it fails. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: DisableWait disables the waiting for resources to - be ready after a Helm rollback has been performed. - type: boolean - disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete - after a Helm rollback has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - recreate: - description: Recreate performs pod restarts for the resource if - applicable. - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - serviceAccountName: - description: The name of the Kubernetes service account to impersonate - when reconciling this HelmRelease. - type: string - storageNamespace: - description: StorageNamespace used for the Helm storage. Defaults - to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - suspend: - description: Suspend tells the controller to suspend reconciliation - for this HelmRelease, it does not apply to already started reconciliations. - Defaults to false. - type: boolean - targetNamespace: - description: TargetNamespace to target when performing operations - for the HelmRelease. Defaults to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - test: - description: Test holds the configuration for Helm test actions for - this HelmRelease. - properties: - enable: - description: Enable enables Helm test actions for this HelmRelease - after an Helm install or upgrade action has been performed. - type: boolean - ignoreFailures: - description: IgnoreFailures tells the controller to skip remediation - when the Helm tests are run but fail. Can be overwritten for - tests run after install or upgrade actions in 'Install.IgnoreTestFailures' - and 'Upgrade.IgnoreTestFailures'. - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation during the performance of a Helm test action. Defaults - to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a Helm - action. Defaults to '5m0s'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - uninstall: - description: Uninstall holds the configuration for Helm uninstall - actions for this HelmRelease. - properties: - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: DisableWait disables waiting for all the resources - to be deleted after a Helm uninstall is performed. - type: boolean - keepHistory: - description: KeepHistory tells Helm to remove all associated resources - and mark the release as deleted, but retain the release history. - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - upgrade: - description: Upgrade holds the configuration for Helm upgrade actions - for this HelmRelease. - properties: - cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created - during the Helm upgrade action when it fails. - type: boolean - crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory - according to the CRD upgrade policy provided here. Valid values - are `Skip`, `Create` or `CreateReplace`. Default is `Skip` and - if omitted CRDs are neither installed nor upgraded. \n Skip: - do neither install nor replace (update) any CRDs. \n Create: - new CRDs are created, existing CRDs are neither updated nor - deleted. \n CreateReplace: new CRDs are created, existing CRDs - are updated (replaced) but not deleted. \n By default, CRDs - are not applied during Helm upgrade action. With this option - users can opt-in to CRD upgrade, which is not (yet) natively - supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." - enum: - - Skip - - Create - - CreateReplace - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm upgrade action. - type: boolean - disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm upgrade - action from validating rendered templates against the Kubernetes - OpenAPI Schema. - type: boolean - disableWait: - description: DisableWait disables the waiting for resources to - be ready after a Helm upgrade has been performed. - type: boolean - disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete - after a Helm upgrade has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - preserveValues: - description: PreserveValues will make Helm reuse the last release's - values and merge in overrides from 'Values'. Setting this flag - makes the HelmRelease non-declarative. - type: boolean - remediation: - description: Remediation holds the remediation configuration for - when the Helm upgrade action for the HelmRelease fails. The - default is to not perform any action. - properties: - ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip - remediation when the Helm tests are run after an upgrade - action but fail. Defaults to 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: RemediateLastFailure tells the controller to - remediate the last failure, when no retries remain. Defaults - to 'false' unless 'Retries' is greater than 0. - type: boolean - retries: - description: Retries is the number of retries that should - be attempted on failures before bailing. Remediation, using - 'Strategy', is performed between each attempt. Defaults - to '0', a negative integer equals to unlimited retries. - type: integer - strategy: - description: Strategy to use for failure remediation. Defaults - to 'rollback'. - enum: - - rollback - - uninstall - type: string - type: object - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - values: - description: Values holds the values for this Helm release. - x-kubernetes-preserve-unknown-fields: true - valuesFrom: - description: ValuesFrom holds references to resources containing Helm - values for this HelmRelease, and information about how they should - be merged. - items: - description: ValuesReference contains a reference to a resource - containing Helm values, and optionally the key they can be found - at. - properties: - kind: - description: Kind of the values referent, valid values are ('Secret', - 'ConfigMap'). - enum: - - Secret - - ConfigMap - type: string - name: - description: Name of the values referent. Should reside in the - same namespace as the referring resource. - maxLength: 253 - minLength: 1 - type: string - optional: - description: Optional marks this ValuesReference as optional. - When set, a not found error for the values reference is ignored, - but any ValuesKey, TargetPath or transient error will still - result in a reconciliation failure. - type: boolean - targetPath: - description: TargetPath is the YAML dot notation path the value - should be merged at. When set, the ValuesKey is expected to - be a single flat value. Defaults to 'None', which results - in the values getting merged at the root. - maxLength: 250 - pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ - type: string - valuesKey: - description: ValuesKey is the data key where the values.yaml - or a specific value can be found at. Defaults to 'values.yaml'. - When set, must be a valid Data Key, consisting of alphanumeric - characters, '-', '_' or '.'. - maxLength: 253 - pattern: ^[\-._a-zA-Z0-9]+$ - type: string - required: - - kind - - name - type: object - type: array - required: - - chart - - interval - type: object - status: - default: - observedGeneration: -1 - description: HelmReleaseStatus defines the observed state of a HelmRelease. - properties: - conditions: - description: Conditions holds the conditions for the HelmRelease. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - failures: - description: Failures is the reconciliation failure count against - the latest desired state. It is reset after a successful reconciliation. - format: int64 - type: integer - helmChart: - description: HelmChart is the namespaced name of the HelmChart resource - created by the controller for the HelmRelease. - type: string - installFailures: - description: InstallFailures is the install failure count against - the latest desired state. It is reset after a successful reconciliation. - format: int64 - type: integer - lastAppliedRevision: - description: LastAppliedRevision is the revision of the last successfully - applied source. - type: string - lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation - attempt. - type: string - lastAttemptedValuesChecksum: - description: LastAttemptedValuesChecksum is the SHA1 checksum of the - values of the last reconciliation attempt. - type: string - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - lastReleaseRevision: - description: LastReleaseRevision is the revision of the last successful - Helm release. - type: integer - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - upgradeFailures: - description: UpgradeFailures is the upgrade failure count against - the latest desired state. It is reset after a successful reconciliation. - format: int64 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.0 labels: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 + app.kubernetes.io/version: v2.0.0 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3604,10 +2949,6 @@ spec: description: Artifact represents the last successful HelmRepository reconciliation. properties: - checksum: - description: 'Checksum is the SHA256 checksum of the Artifact - file. Deprecated: use Artifact.Digest instead.' - type: string digest: description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ @@ -3643,7 +2984,9 @@ spec: the Artifact contents. type: string required: + - lastUpdateTime - path + - revision - url type: object conditions: @@ -3741,13 +3084,502 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.0 + labels: + app.kubernetes.io/component: source-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v2.0.0 + name: ocirepositories.source.toolkit.fluxcd.io +spec: + group: source.toolkit.fluxcd.io + names: + kind: OCIRepository + listKind: OCIRepositoryList + plural: ocirepositories + shortNames: + - ocirepo + singular: ocirepository + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + description: OCIRepository is the Schema for the ocirepositories API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OCIRepositorySpec defines the desired state of OCIRepository + properties: + certSecretRef: + description: "CertSecretRef can be given the name of a secret containing + either or both of \n - a PEM-encoded client certificate (`certFile`) + and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) + \n and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are authenticating + with a certificate; the CA cert is useful if you are using a self-signed + server certificate." + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + ignore: + description: Ignore overrides the set of excluded patterns in the + .sourceignore format (which is the same as .gitignore). If not provided, + a default will be used, consult the documentation for your version + to find out what those are. + type: string + insecure: + description: Insecure allows connecting to a non-TLS HTTP container + registry. + type: boolean + interval: + description: The interval at which to check for image updates. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + layerSelector: + description: LayerSelector specifies which layer should be extracted + from the OCI artifact. When not specified, the first layer found + in the artifact is selected. + properties: + mediaType: + description: MediaType specifies the OCI media type of the layer + which should be extracted from the OCI Artifact. The first layer + matching this type is selected. + type: string + operation: + description: Operation specifies how the selected layer should + be processed. By default, the layer compressed content is extracted + to storage. When the operation is set to 'copy', the layer compressed + content is persisted to storage as it is. + enum: + - extract + - copy + type: string + type: object + provider: + default: generic + description: The provider used for authentication, can be 'aws', 'azure', + 'gcp' or 'generic'. When not specified, defaults to 'generic'. + enum: + - generic + - aws + - azure + - gcp + type: string + ref: + description: The OCI reference to pull and monitor for changes, defaults + to the latest tag. + properties: + digest: + description: Digest is the image digest to pull, takes precedence + over SemVer. The value should be in the format 'sha256:'. + type: string + semver: + description: SemVer is the range of tags to pull selecting the + latest within the range, takes precedence over Tag. + type: string + tag: + description: Tag is the image tag to pull, defaults to latest. + type: string + type: object + secretRef: + description: SecretRef contains the secret name containing the registry + login credentials to resolve image metadata. The secret must be + of type kubernetes.io/dockerconfigjson. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + serviceAccountName: + description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount + used to authenticate the image pull if the service account has attached + pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' + type: string + suspend: + description: This flag tells the controller to suspend the reconciliation + of this source. + type: boolean + timeout: + default: 60s + description: The timeout for remote OCI Repository operations like + pulling, defaults to 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + url: + description: URL is a reference to an OCI artifact repository hosted + on a remote container registry. + pattern: ^oci://.*$ + type: string + verify: + description: Verify contains the secret name containing the trusted + public keys used to verify the signature and specifies which provider + to use to check whether OCI image is authentic. + properties: + provider: + default: cosign + description: Provider specifies the technology used to sign the + OCI Artifact. + enum: + - cosign + type: string + secretRef: + description: SecretRef specifies the Kubernetes Secret containing + the trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + required: + - interval + - url + type: object + status: + default: + observedGeneration: -1 + description: OCIRepositoryStatus defines the observed state of OCIRepository + properties: + artifact: + description: Artifact represents the output of the last successful + OCI Repository sync. + properties: + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of the Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: Path is the relative file path of the Artifact. It + can be used to locate the file in the root of the Artifact storage + on the local file system of the controller managing the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: URL is the HTTP address of the Artifact as exposed + by the controller managing the Source. It can be used to retrieve + the Artifact for consumption, e.g. by another controller applying + the Artifact contents. + type: string + required: + - lastUpdateTime + - path + - revision + - url + type: object + conditions: + description: Conditions holds the conditions for the OCIRepository. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + contentConfigChecksum: + description: "ContentConfigChecksum is a checksum of all the configurations + related to the content of the source artifact: - .spec.ignore - + .spec.layerSelector observed in .status.observedGeneration version + of the object. This can be used to determine if the content configuration + has changed and the artifact needs to be rebuilt. It has the format + of `:`, for example: `sha256:`. \n Deprecated: + Replaced with explicit fields for observed artifact content config + in the status." + type: string + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + observedIgnore: + description: ObservedIgnore is the observed exclusion patterns used + for constructing the source artifact. + type: string + observedLayerSelector: + description: ObservedLayerSelector is the observed layer selector + used for constructing the source artifact. + properties: + mediaType: + description: MediaType specifies the OCI media type of the layer + which should be extracted from the OCI Artifact. The first layer + matching this type is selected. + type: string + operation: + description: Operation specifies how the selected layer should + be processed. By default, the layer compressed content is extracted + to storage. When the operation is set to 'copy', the layer compressed + content is persisted to storage as it is. + enum: + - extract + - copy + type: string + type: object + url: + description: URL is the download link for the artifact output of the + last OCI Repository sync. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: source-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v2.0.0 + name: source-controller + namespace: flux-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/component: source-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v2.0.0 + control-plane: controller + name: source-controller + namespace: flux-system +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: http + selector: + app: source-controller + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/component: source-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v2.0.0 + control-plane: controller + name: source-controller + namespace: flux-system +spec: + replicas: 1 + selector: + matchLabels: + app: source-controller + strategy: + type: Recreate + template: + metadata: + annotations: + prometheus.io/port: "8080" + prometheus.io/scrape: "true" + labels: + app: source-controller + spec: + containers: + - args: + - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ + - --watch-all-namespaces=true + - --log-level=info + - --log-encoding=json + - --enable-leader-election + - --storage-path=/data + - --storage-adv-addr=source-controller.$(RUNTIME_NAMESPACE).svc.cluster.local. + env: + - name: RUNTIME_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: TUF_ROOT + value: /tmp/.sigstore + image: ghcr.io/fluxcd/source-controller:v1.0.0 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: healthz + name: manager + ports: + - containerPort: 9090 + name: http + protocol: TCP + - containerPort: 8080 + name: http-prom + protocol: TCP + - containerPort: 9440 + name: healthz + protocol: TCP + readinessProbe: + httpGet: + path: / + port: http + resources: + limits: + cpu: 1000m + memory: 1Gi + requests: + cpu: 50m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /data + name: data + - mountPath: /tmp + name: tmp + nodeSelector: + kubernetes.io/os: linux + priorityClassName: system-cluster-critical + securityContext: + fsGroup: 1337 + serviceAccountName: source-controller + terminationGracePeriodSeconds: 10 + volumes: + - emptyDir: {} + name: data + - emptyDir: {} + name: tmp +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.12.0 labels: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 + app.kubernetes.io/version: v2.0.0 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -3760,6 +3592,488 @@ spec: singular: kustomization scope: Namespaced versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: Kustomization is the Schema for the kustomizations API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KustomizationSpec defines the configuration to calculate + the desired state from a Source using Kustomize. + properties: + commonMetadata: + description: CommonMetadata specifies the common labels and annotations + that are applied to all resources. Any existing label or annotation + will be overridden if its key matches a common one. + properties: + annotations: + additionalProperties: + type: string + description: Annotations to be added to the object's metadata. + type: object + labels: + additionalProperties: + type: string + description: Labels to be added to the object's metadata. + type: object + type: object + components: + description: Components specifies relative paths to specifications + of other Components. + items: + type: string + type: array + decryption: + description: Decrypt Kubernetes secrets before applying them on the + cluster. + properties: + provider: + description: Provider is the name of the decryption engine. + enum: + - sops + type: string + secretRef: + description: The secret name containing the private OpenPGP keys + used for decryption. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + dependsOn: + description: DependsOn may contain a meta.NamespacedObjectReference + slice with references to Kustomization resources that must be ready + before this Kustomization can be reconciled. + items: + description: NamespacedObjectReference contains enough information + to locate the referenced Kubernetes resource object in any namespace. + properties: + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. + type: string + required: + - name + type: object + type: array + force: + default: false + description: Force instructs the controller to recreate resources + when patching fails due to an immutable field change. + type: boolean + healthChecks: + description: A list of resources to be included in the health assessment. + items: + description: NamespacedObjectKindReference contains enough information + to locate the typed referenced Kubernetes resource object in any + namespace. + properties: + apiVersion: + description: API version of the referent, if not specified the + Kubernetes preferred version will be used. + type: string + kind: + description: Kind of the referent. + type: string + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. + type: string + required: + - kind + - name + type: object + type: array + images: + description: Images is a list of (image name, new name, new tag or + digest) for changing image names, tags or digests. This can also + be achieved with a patch, but this operator is simpler to specify. + items: + description: Image contains an image name, a new name, a new tag + or digest, which will replace the original name and tag. + properties: + digest: + description: Digest is the value used to replace the original + image tag. If digest is present NewTag value is ignored. + type: string + name: + description: Name is a tag-less image name. + type: string + newName: + description: NewName is the value used to replace the original + name. + type: string + newTag: + description: NewTag is the value used to replace the original + tag. + type: string + required: + - name + type: object + type: array + interval: + description: The interval at which to reconcile the Kustomization. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + kubeConfig: + description: The KubeConfig for reconciling the Kustomization on a + remote cluster. When used in combination with KustomizationSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at + the target cluster. If the --default-service-account flag is set, + its value will be used as a controller level fallback for when KustomizationSpec.ServiceAccountName + is empty. + properties: + secretRef: + description: SecretRef holds the name of a secret that contains + a key with the kubeconfig file as the value. If no key is set, + the key will default to 'value'. It is recommended that the + kubeconfig is self-contained, and the secret is regularly updated + if credentials such as a cloud-access-token expire. Cloud specific + `cmd-path` auth helpers will not function without adding binaries + and credentials to the Pod that is responsible for reconciling + Kubernetes resources. + properties: + key: + description: Key in the Secret, when not specified an implementation-specific + default key is used. + type: string + name: + description: Name of the Secret. + type: string + required: + - name + type: object + required: + - secretRef + type: object + patches: + description: Strategic merge and JSON patches, defined as inline YAML + objects, capable of targeting objects based on kind, label and annotation + selectors. + items: + description: Patch contains an inline StrategicMerge or JSON6902 + patch, and the target the patch should be applied to. + properties: + patch: + description: Patch contains an inline StrategicMerge patch or + an inline JSON6902 patch with an array of operation objects. + type: string + target: + description: Target points to the resources that the patch document + should be applied to. + properties: + annotationSelector: + description: AnnotationSelector is a string that follows + the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: Group is the API group to select resources + from. Together with Version and Kind it is capable of + unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: Kind of the API Group to select resources from. + Together with Group and Version it is capable of unambiguously + identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: LabelSelector is a string that follows the + label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: Version of the API Group to select resources + from. Together with Group and Kind it is capable of unambiguously + identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + type: object + type: array + path: + description: Path to the directory containing the kustomization.yaml + file, or the set of plain YAMLs a kustomization.yaml should be generated + for. Defaults to 'None', which translates to the root path of the + SourceRef. + type: string + postBuild: + description: PostBuild describes which actions to perform on the YAML + manifest generated by building the kustomize overlay. + properties: + substitute: + additionalProperties: + type: string + description: Substitute holds a map of key/value pairs. The variables + defined in your YAML manifests that match any of the keys defined + in the map will be substituted with the set value. Includes + support for bash string replacement functions e.g. ${var:=default}, + ${var:position} and ${var/substring/replacement}. + type: object + substituteFrom: + description: SubstituteFrom holds references to ConfigMaps and + Secrets containing the variables and their values to be substituted + in the YAML manifests. The ConfigMap and the Secret data keys + represent the var names, and they must match the vars declared + in the manifests for the substitution to happen. + items: + description: SubstituteReference contains a reference to a resource + containing the variables name and value. + properties: + kind: + description: Kind of the values referent, valid values are + ('Secret', 'ConfigMap'). + enum: + - Secret + - ConfigMap + type: string + name: + description: Name of the values referent. Should reside + in the same namespace as the referring resource. + maxLength: 253 + minLength: 1 + type: string + optional: + default: false + description: Optional indicates whether the referenced resource + must exist, or whether to tolerate its absence. If true + and the referenced resource is absent, proceed as if the + resource was present but empty, without any variables + defined. + type: boolean + required: + - kind + - name + type: object + type: array + type: object + prune: + description: Prune enables garbage collection. + type: boolean + retryInterval: + description: The interval at which to retry a previously failed reconciliation. + When not specified, the controller uses the KustomizationSpec.Interval + value to retry failures. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + serviceAccountName: + description: The name of the Kubernetes service account to impersonate + when reconciling this Kustomization. + type: string + sourceRef: + description: Reference of the source where the kustomization file + is. + properties: + apiVersion: + description: API version of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - OCIRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, defaults to the namespace + of the Kubernetes resource object that contains the reference. + type: string + required: + - kind + - name + type: object + suspend: + description: This flag tells the controller to suspend subsequent + kustomize executions, it does not apply to already started executions. + Defaults to false. + type: boolean + targetNamespace: + description: TargetNamespace sets or overrides the namespace in the + kustomization.yaml file. + maxLength: 63 + minLength: 1 + type: string + timeout: + description: Timeout for validation, apply and health checking operations. + Defaults to 'Interval' duration. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + wait: + description: Wait instructs the controller to check the health of + all the reconciled resources. When enabled, the HealthChecks are + ignored. Defaults to false. + type: boolean + required: + - interval + - prune + - sourceRef + type: object + status: + default: + observedGeneration: -1 + description: KustomizationStatus defines the observed state of a kustomization. + properties: + conditions: + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + inventory: + description: Inventory contains the list of Kubernetes resource object + references that have been successfully applied. + properties: + entries: + description: Entries of Kubernetes resource object references. + items: + description: ResourceRef contains the information necessary + to locate a resource within a cluster. + properties: + id: + description: ID is the string representation of the Kubernetes + resource object's metadata, in the format '___'. + type: string + v: + description: Version is the API version of the Kubernetes + resource object's kind. + type: string + required: + - id + - v + type: object + type: array + required: + - entries + type: object + lastAppliedRevision: + description: The last successfully applied revision. Equals the Revision + of the applied Artifact from the referenced Source. + type: string + lastAttemptedRevision: + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. + type: string + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last reconciled generation. + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} - additionalPrinterColumns: - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready @@ -3770,6 +4084,8 @@ spec: - jsonPath: .metadata.creationTimestamp name: Age type: date + deprecated: true + deprecationWarning: v1beta1 Kustomization is deprecated, upgrade to v1 name: v1beta1 schema: openAPIV3Schema: @@ -3963,6 +4279,8 @@ spec: identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object + required: + - patch type: object type: array patchesJson6902: @@ -4307,6 +4625,8 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 Kustomization is deprecated, upgrade to v1 name: v1beta2 schema: openAPIV3Schema: @@ -4328,9 +4648,25 @@ spec: description: KustomizationSpec defines the configuration to calculate the desired state from a Source using Kustomize. properties: + commonMetadata: + description: CommonMetadata specifies the common labels and annotations + that are applied to all resources. Any existing label or annotation + will be overridden if its key matches a common one. + properties: + annotations: + additionalProperties: + type: string + description: Annotations to be added to the object's metadata. + type: object + labels: + additionalProperties: + type: string + description: Labels to be added to the object's metadata. + type: object + type: object components: description: Components specifies relative paths to specifications - of other Components + of other Components. items: type: string type: array @@ -4517,6 +4853,8 @@ spec: identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string type: object + required: + - patch type: object type: array patchesJson6902: @@ -4860,50 +5198,141 @@ spec: type: object type: object served: true - storage: true + storage: false subresources: status: {} --- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: kustomize-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v2.0.0 + name: kustomize-controller + namespace: flux-system +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/component: kustomize-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v2.0.0 + control-plane: controller + name: kustomize-controller + namespace: flux-system +spec: + replicas: 1 + selector: + matchLabels: + app: kustomize-controller + template: + metadata: + annotations: + prometheus.io/port: "8080" + prometheus.io/scrape: "true" + labels: + app: kustomize-controller + spec: + containers: + - args: + - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ + - --watch-all-namespaces=true + - --log-level=info + - --log-encoding=json + - --enable-leader-election + env: + - name: RUNTIME_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: ghcr.io/fluxcd/kustomize-controller:v1.0.0 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: healthz + name: manager + ports: + - containerPort: 8080 + name: http-prom + protocol: TCP + - containerPort: 9440 + name: healthz + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz + resources: + limits: + cpu: 1000m + memory: 1Gi + requests: + cpu: 100m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /tmp + name: temp + nodeSelector: + kubernetes.io/os: linux + priorityClassName: system-cluster-critical + securityContext: + fsGroup: 1337 + serviceAccountName: kustomize-controller + terminationGracePeriodSeconds: 60 + volumes: + - emptyDir: {} + name: temp +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.0 labels: - app.kubernetes.io/component: source-controller + app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 - name: ocirepositories.source.toolkit.fluxcd.io + app.kubernetes.io/version: v2.0.0 + name: helmreleases.helm.toolkit.fluxcd.io spec: - group: source.toolkit.fluxcd.io + group: helm.toolkit.fluxcd.io names: - kind: OCIRepository - listKind: OCIRepositoryList - plural: ocirepositories + kind: HelmRelease + listKind: HelmReleaseList + plural: helmreleases shortNames: - - ocirepo - singular: ocirepository + - hr + singular: helmrelease scope: Namespaced versions: - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta2 + name: v2beta1 schema: openAPIV3Schema: - description: OCIRepository is the Schema for the ocirepositories API + description: HelmRelease is the Schema for the helmreleases API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -4918,196 +5347,765 @@ spec: metadata: type: object spec: - description: OCIRepositorySpec defines the desired state of OCIRepository + description: HelmReleaseSpec defines the desired state of a Helm release. properties: - certSecretRef: - description: "CertSecretRef can be given the name of a secret containing - either or both of \n - a PEM-encoded client certificate (`certFile`) - and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) - \n and whichever are supplied, will be used for connecting to the - registry. The client cert and key are useful if you are authenticating - with a certificate; the CA cert is useful if you are using a self-signed - server certificate." + chart: + description: Chart defines the template of the v1beta2.HelmChart that + should be created for this HelmRelease. properties: - name: - description: Name of the referent. - type: string + metadata: + description: ObjectMeta holds the template for metadata like labels + and annotations. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' + type: object + type: object + spec: + description: Spec holds the template for the v1beta2.HelmChartSpec + for this HelmRelease. + properties: + chart: + description: The name or path the Helm chart is available + at in the SourceRef. + type: string + interval: + description: Interval at which to check the v1beta2.Source + for updates. Defaults to 'HelmReleaseSpec.Interval'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: Determines what enables the creation of a new + artifact. Valid values are ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on + their behavior. Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: The name and namespace of the v1beta2.Source + the chart is available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: Namespace of the referent. + maxLength: 63 + minLength: 1 + type: string + required: + - name + type: object + valuesFile: + description: Alternative values file to use as the default + chart values, expected to be a relative path in the SourceRef. + Deprecated in favor of ValuesFiles, for backwards compatibility + the file defined here is merged before the ValuesFiles items. + Ignored when omitted. + type: string + valuesFiles: + description: Alternative list of values files to use as the + chart values (values.yaml is not included by default), expected + to be a relative path in the SourceRef. Values files are + merged in the order of this list with the last file overriding + the first. Ignored when omitted. + items: + type: string + type: array + verify: + description: Verify contains the secret name containing the + trusted public keys used to verify the signature and specifies + which provider to use to check whether OCI image is authentic. + This field is only supported for OCI sources. Chart dependencies, + which are not bundled in the umbrella chart artifact, are + not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to + sign the OCI Helm chart. + enum: + - cosign + type: string + secretRef: + description: SecretRef specifies the Kubernetes Secret + containing the trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: Version semver expression, ignored for charts + from v1beta2.GitRepository and v1beta2.Bucket sources. Defaults + to latest when omitted. + type: string + required: + - chart + - sourceRef + type: object required: - - name + - spec + type: object + dependsOn: + description: DependsOn may contain a meta.NamespacedObjectReference + slice with references to HelmRelease resources that must be ready + before this HelmRelease can be reconciled. + items: + description: NamespacedObjectReference contains enough information + to locate the referenced Kubernetes resource object in any namespace. + properties: + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. + type: string + required: + - name + type: object + type: array + install: + description: Install holds the configuration for Helm install actions + for this HelmRelease. + properties: + crds: + description: "CRDs upgrade CRDs from the Helm Chart's crds directory + according to the CRD upgrade policy provided here. Valid values + are `Skip`, `Create` or `CreateReplace`. Default is `Create` + and if omitted CRDs are installed but not updated. \n Skip: + do neither install nor replace (update) any CRDs. \n Create: + new CRDs are created, existing CRDs are neither updated nor + deleted. \n CreateReplace: new CRDs are created, existing CRDs + are updated (replaced) but not deleted. \n By default, CRDs + are applied (installed) during Helm install action. With this + option users can opt-in to CRD replace existing CRDs on Helm + install actions, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions." + enum: + - Skip + - Create + - CreateReplace + type: string + createNamespace: + description: CreateNamespace tells the Helm install action to + create the HelmReleaseSpec.TargetNamespace if it does not exist + yet. On uninstall, the namespace will not be garbage collected. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm install action. + type: boolean + disableOpenAPIValidation: + description: DisableOpenAPIValidation prevents the Helm install + action from validating rendered templates against the Kubernetes + OpenAPI Schema. + type: boolean + disableWait: + description: DisableWait disables the waiting for resources to + be ready after a Helm install has been performed. + type: boolean + disableWaitForJobs: + description: DisableWaitForJobs disables waiting for jobs to complete + after a Helm install has been performed. + type: boolean + remediation: + description: Remediation holds the remediation configuration for + when the Helm install action for the HelmRelease fails. The + default is to not perform any action. + properties: + ignoreTestFailures: + description: IgnoreTestFailures tells the controller to skip + remediation when the Helm tests are run after an install + action but fail. Defaults to 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: RemediateLastFailure tells the controller to + remediate the last failure, when no retries remain. Defaults + to 'false'. + type: boolean + retries: + description: Retries is the number of retries that should + be attempted on failures before bailing. Remediation, using + an uninstall, is performed between each attempt. Defaults + to '0', a negative integer equals to unlimited retries. + type: integer + type: object + replace: + description: Replace tells the Helm install action to re-use the + 'ReleaseName', but only if that name is a deleted release which + remains in the history. + type: boolean + skipCRDs: + description: "SkipCRDs tells the Helm install action to not install + any CRDs. By default, CRDs are installed if not already present. + \n Deprecated use CRD policy (`crds`) attribute with value `Skip` + instead." + type: boolean + timeout: + description: Timeout is the time to wait for any individual Kubernetes + operation (like Jobs for hooks) during the performance of a + Helm install action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string type: object - ignore: - description: Ignore overrides the set of excluded patterns in the - .sourceignore format (which is the same as .gitignore). If not provided, - a default will be used, consult the documentation for your version - to find out what those are. - type: string - insecure: - description: Insecure allows connecting to a non-TLS HTTP container - registry. - type: boolean interval: - description: The interval at which to check for image updates. + description: Interval at which to reconcile the Helm release. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string - layerSelector: - description: LayerSelector specifies which layer should be extracted - from the OCI artifact. When not specified, the first layer found - in the artifact is selected. + kubeConfig: + description: KubeConfig for reconciling the HelmRelease on a remote + cluster. When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at + the target cluster. If the --default-service-account flag is set, + its value will be used as a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. properties: - mediaType: - description: MediaType specifies the OCI media type of the layer - which should be extracted from the OCI Artifact. The first layer - matching this type is selected. - type: string - operation: - description: Operation specifies how the selected layer should - be processed. By default, the layer compressed content is extracted - to storage. When the operation is set to 'copy', the layer compressed - content is persisted to storage as it is. - enum: - - extract - - copy - type: string - type: object - provider: - default: generic - description: The provider used for authentication, can be 'aws', 'azure', - 'gcp' or 'generic'. When not specified, defaults to 'generic'. - enum: - - generic - - aws - - azure - - gcp - type: string - ref: - description: The OCI reference to pull and monitor for changes, defaults - to the latest tag. - properties: - digest: - description: Digest is the image digest to pull, takes precedence - over SemVer. The value should be in the format 'sha256:'. - type: string - semver: - description: SemVer is the range of tags to pull selecting the - latest within the range, takes precedence over Tag. - type: string - tag: - description: Tag is the image tag to pull, defaults to latest. - type: string - type: object - secretRef: - description: SecretRef contains the secret name containing the registry - login credentials to resolve image metadata. The secret must be - of type kubernetes.io/dockerconfigjson. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount - used to authenticate the image pull if the service account has attached - pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' - type: string - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout for remote OCI Repository operations like - pulling, defaults to 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - url: - description: URL is a reference to an OCI artifact repository hosted - on a remote container registry. - pattern: ^oci://.*$ - type: string - verify: - description: Verify contains the secret name containing the trusted - public keys used to verify the signature and specifies which provider - to use to check whether OCI image is authentic. - properties: - provider: - default: cosign - description: Provider specifies the technology used to sign the - OCI Artifact. - enum: - - cosign - type: string secretRef: - description: SecretRef specifies the Kubernetes Secret containing - the trusted public keys. + description: SecretRef holds the name of a secret that contains + a key with the kubeconfig file as the value. If no key is set, + the key will default to 'value'. It is recommended that the + kubeconfig is self-contained, and the secret is regularly updated + if credentials such as a cloud-access-token expire. Cloud specific + `cmd-path` auth helpers will not function without adding binaries + and credentials to the Pod that is responsible for reconciling + Kubernetes resources. properties: + key: + description: Key in the Secret, when not specified an implementation-specific + default key is used. + type: string name: - description: Name of the referent. + description: Name of the Secret. type: string required: - name type: object required: - - provider + - secretRef type: object + maxHistory: + description: MaxHistory is the number of revisions saved by Helm for + this HelmRelease. Use '0' for an unlimited number of revisions; + defaults to '10'. + type: integer + persistentClient: + description: "PersistentClient tells the controller to use a persistent + Kubernetes client for this release. When enabled, the client will + be reused for the duration of the reconciliation, instead of being + created and destroyed for each (step of a) Helm action. \n This + can improve performance, but may cause issues with some Helm charts + that for example do create Custom Resource Definitions during installation + outside Helm's CRD lifecycle hooks, which are then not observed + to be available by e.g. post-install hooks. \n If not set, it defaults + to true." + type: boolean + postRenderers: + description: PostRenderers holds an array of Helm PostRenderers, which + will be applied in order of their definition. + items: + description: PostRenderer contains a Helm PostRenderer specification. + properties: + kustomize: + description: Kustomization to apply as PostRenderer. + properties: + images: + description: Images is a list of (image name, new name, + new tag or digest) for changing image names, tags or digests. + This can also be achieved with a patch, but this operator + is simpler to specify. + items: + description: Image contains an image name, a new name, + a new tag or digest, which will replace the original + name and tag. + properties: + digest: + description: Digest is the value used to replace the + original image tag. If digest is present NewTag + value is ignored. + type: string + name: + description: Name is a tag-less image name. + type: string + newName: + description: NewName is the value used to replace + the original name. + type: string + newTag: + description: NewTag is the value used to replace the + original tag. + type: string + required: + - name + type: object + type: array + patches: + description: Strategic merge and JSON patches, defined as + inline YAML objects, capable of targeting objects based + on kind, label and annotation selectors. + items: + description: Patch contains an inline StrategicMerge or + JSON6902 patch, and the target the patch should be applied + to. + properties: + patch: + description: Patch contains an inline StrategicMerge + patch or an inline JSON6902 patch with an array + of operation objects. + type: string + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: AnnotationSelector is a string that + follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: Group is the API group to select + resources from. Together with Version and Kind + it is capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: Kind of the API Group to select resources + from. Together with Group and Version it is + capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: LabelSelector is a string that follows + the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: Version of the API Group to select + resources from. Together with Group and Kind + it is capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + type: object + type: array + patchesJson6902: + description: JSON 6902 patches, defined as inline YAML objects. + items: + description: JSON6902Patch contains a JSON6902 patch and + the target the patch should be applied to. + properties: + patch: + description: Patch contains the JSON6902 patch document + with an array of operation objects. + items: + description: JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 + properties: + from: + description: From contains a JSON-pointer value + that references a location within the target + document where the operation is performed. + The meaning of the value depends on the value + of Op, and is NOT taken into account by all + operations. + type: string + op: + description: Op indicates the operation to perform. + Its value MUST be one of "add", "remove", + "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + enum: + - test + - remove + - add + - replace + - move + - copy + type: string + path: + description: Path contains the JSON-pointer + value that references a location within the + target document where the operation is performed. + The meaning of the value depends on the value + of Op. + type: string + value: + description: Value contains a valid JSON structure. + The meaning of the value depends on the value + of Op, and is NOT taken into account by all + operations. + x-kubernetes-preserve-unknown-fields: true + required: + - op + - path + type: object + type: array + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: AnnotationSelector is a string that + follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: Group is the API group to select + resources from. Together with Version and Kind + it is capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: Kind of the API Group to select resources + from. Together with Group and Version it is + capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: LabelSelector is a string that follows + the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: Version of the API Group to select + resources from. Together with Group and Kind + it is capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + - target + type: object + type: array + patchesStrategicMerge: + description: Strategic merge patches, defined as inline + YAML objects. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + type: object + type: array + releaseName: + description: ReleaseName used for the Helm release. Defaults to a + composition of '[TargetNamespace-]Name'. + maxLength: 53 + minLength: 1 + type: string + rollback: + description: Rollback holds the configuration for Helm rollback actions + for this HelmRelease. + properties: + cleanupOnFail: + description: CleanupOnFail allows deletion of new resources created + during the Helm rollback action when it fails. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: DisableWait disables the waiting for resources to + be ready after a Helm rollback has been performed. + type: boolean + disableWaitForJobs: + description: DisableWaitForJobs disables waiting for jobs to complete + after a Helm rollback has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + recreate: + description: Recreate performs pod restarts for the resource if + applicable. + type: boolean + timeout: + description: Timeout is the time to wait for any individual Kubernetes + operation (like Jobs for hooks) during the performance of a + Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + serviceAccountName: + description: The name of the Kubernetes service account to impersonate + when reconciling this HelmRelease. + type: string + storageNamespace: + description: StorageNamespace used for the Helm storage. Defaults + to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + suspend: + description: Suspend tells the controller to suspend reconciliation + for this HelmRelease, it does not apply to already started reconciliations. + Defaults to false. + type: boolean + targetNamespace: + description: TargetNamespace to target when performing operations + for the HelmRelease. Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + test: + description: Test holds the configuration for Helm test actions for + this HelmRelease. + properties: + enable: + description: Enable enables Helm test actions for this HelmRelease + after an Helm install or upgrade action has been performed. + type: boolean + ignoreFailures: + description: IgnoreFailures tells the controller to skip remediation + when the Helm tests are run but fail. Can be overwritten for + tests run after install or upgrade actions in 'Install.IgnoreTestFailures' + and 'Upgrade.IgnoreTestFailures'. + type: boolean + timeout: + description: Timeout is the time to wait for any individual Kubernetes + operation during the performance of a Helm test action. Defaults + to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + timeout: + description: Timeout is the time to wait for any individual Kubernetes + operation (like Jobs for hooks) during the performance of a Helm + action. Defaults to '5m0s'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + uninstall: + description: Uninstall holds the configuration for Helm uninstall + actions for this HelmRelease. + properties: + deletionPropagation: + default: background + description: DeletionPropagation specifies the deletion propagation + policy when a Helm uninstall is performed. + enum: + - background + - foreground + - orphan + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: DisableWait disables waiting for all the resources + to be deleted after a Helm uninstall is performed. + type: boolean + keepHistory: + description: KeepHistory tells Helm to remove all associated resources + and mark the release as deleted, but retain the release history. + type: boolean + timeout: + description: Timeout is the time to wait for any individual Kubernetes + operation (like Jobs for hooks) during the performance of a + Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + upgrade: + description: Upgrade holds the configuration for Helm upgrade actions + for this HelmRelease. + properties: + cleanupOnFail: + description: CleanupOnFail allows deletion of new resources created + during the Helm upgrade action when it fails. + type: boolean + crds: + description: "CRDs upgrade CRDs from the Helm Chart's crds directory + according to the CRD upgrade policy provided here. Valid values + are `Skip`, `Create` or `CreateReplace`. Default is `Skip` and + if omitted CRDs are neither installed nor upgraded. \n Skip: + do neither install nor replace (update) any CRDs. \n Create: + new CRDs are created, existing CRDs are neither updated nor + deleted. \n CreateReplace: new CRDs are created, existing CRDs + are updated (replaced) but not deleted. \n By default, CRDs + are not applied during Helm upgrade action. With this option + users can opt-in to CRD upgrade, which is not (yet) natively + supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." + enum: + - Skip + - Create + - CreateReplace + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm upgrade action. + type: boolean + disableOpenAPIValidation: + description: DisableOpenAPIValidation prevents the Helm upgrade + action from validating rendered templates against the Kubernetes + OpenAPI Schema. + type: boolean + disableWait: + description: DisableWait disables the waiting for resources to + be ready after a Helm upgrade has been performed. + type: boolean + disableWaitForJobs: + description: DisableWaitForJobs disables waiting for jobs to complete + after a Helm upgrade has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + preserveValues: + description: PreserveValues will make Helm reuse the last release's + values and merge in overrides from 'Values'. Setting this flag + makes the HelmRelease non-declarative. + type: boolean + remediation: + description: Remediation holds the remediation configuration for + when the Helm upgrade action for the HelmRelease fails. The + default is to not perform any action. + properties: + ignoreTestFailures: + description: IgnoreTestFailures tells the controller to skip + remediation when the Helm tests are run after an upgrade + action but fail. Defaults to 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: RemediateLastFailure tells the controller to + remediate the last failure, when no retries remain. Defaults + to 'false' unless 'Retries' is greater than 0. + type: boolean + retries: + description: Retries is the number of retries that should + be attempted on failures before bailing. Remediation, using + 'Strategy', is performed between each attempt. Defaults + to '0', a negative integer equals to unlimited retries. + type: integer + strategy: + description: Strategy to use for failure remediation. Defaults + to 'rollback'. + enum: + - rollback + - uninstall + type: string + type: object + timeout: + description: Timeout is the time to wait for any individual Kubernetes + operation (like Jobs for hooks) during the performance of a + Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + values: + description: Values holds the values for this Helm release. + x-kubernetes-preserve-unknown-fields: true + valuesFrom: + description: ValuesFrom holds references to resources containing Helm + values for this HelmRelease, and information about how they should + be merged. + items: + description: ValuesReference contains a reference to a resource + containing Helm values, and optionally the key they can be found + at. + properties: + kind: + description: Kind of the values referent, valid values are ('Secret', + 'ConfigMap'). + enum: + - Secret + - ConfigMap + type: string + name: + description: Name of the values referent. Should reside in the + same namespace as the referring resource. + maxLength: 253 + minLength: 1 + type: string + optional: + description: Optional marks this ValuesReference as optional. + When set, a not found error for the values reference is ignored, + but any ValuesKey, TargetPath or transient error will still + result in a reconciliation failure. + type: boolean + targetPath: + description: TargetPath is the YAML dot notation path the value + should be merged at. When set, the ValuesKey is expected to + be a single flat value. Defaults to 'None', which results + in the values getting merged at the root. + maxLength: 250 + pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ + type: string + valuesKey: + description: ValuesKey is the data key where the values.yaml + or a specific value can be found at. Defaults to 'values.yaml'. + When set, must be a valid Data Key, consisting of alphanumeric + characters, '-', '_' or '.'. + maxLength: 253 + pattern: ^[\-._a-zA-Z0-9]+$ + type: string + required: + - kind + - name + type: object + type: array required: + - chart - interval - - url type: object status: default: observedGeneration: -1 - description: OCIRepositoryStatus defines the observed state of OCIRepository + description: HelmReleaseStatus defines the observed state of a HelmRelease. properties: - artifact: - description: Artifact represents the output of the last successful - OCI Repository sync. - properties: - checksum: - description: 'Checksum is the SHA256 checksum of the Artifact - file. Deprecated: use Artifact.Digest instead.' - type: string - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: Path is the relative file path of the Artifact. It - can be used to locate the file in the root of the Artifact storage - on the local file system of the controller managing the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - path - - url - type: object conditions: - description: Conditions holds the conditions for the OCIRepository. + description: Conditions holds the conditions for the HelmRelease. items: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct @@ -5175,16 +6173,573 @@ spec: - type type: object type: array - contentConfigChecksum: - description: "ContentConfigChecksum is a checksum of all the configurations - related to the content of the source artifact: - .spec.ignore - - .spec.layerSelector observed in .status.observedGeneration version - of the object. This can be used to determine if the content configuration - has changed and the artifact needs to be rebuilt. It has the format - of `:`, for example: `sha256:`. \n Deprecated: - Replaced with explicit fields for observed artifact content config - in the status." + failures: + description: Failures is the reconciliation failure count against + the latest desired state. It is reset after a successful reconciliation. + format: int64 + type: integer + helmChart: + description: HelmChart is the namespaced name of the HelmChart resource + created by the controller for the HelmRelease. type: string + installFailures: + description: InstallFailures is the install failure count against + the latest desired state. It is reset after a successful reconciliation. + format: int64 + type: integer + lastAppliedRevision: + description: LastAppliedRevision is the revision of the last successfully + applied source. + type: string + lastAttemptedRevision: + description: LastAttemptedRevision is the revision of the last reconciliation + attempt. + type: string + lastAttemptedValuesChecksum: + description: LastAttemptedValuesChecksum is the SHA1 checksum of the + values of the last reconciliation attempt. + type: string + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + lastReleaseRevision: + description: LastReleaseRevision is the revision of the last successful + Helm release. + type: integer + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + upgradeFailures: + description: UpgradeFailures is the upgrade failure count against + the latest desired state. It is reset after a successful reconciliation. + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: helm-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v2.0.0 + name: helm-controller + namespace: flux-system +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/component: helm-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v2.0.0 + control-plane: controller + name: helm-controller + namespace: flux-system +spec: + replicas: 1 + selector: + matchLabels: + app: helm-controller + template: + metadata: + annotations: + prometheus.io/port: "8080" + prometheus.io/scrape: "true" + labels: + app: helm-controller + spec: + containers: + - args: + - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ + - --watch-all-namespaces=true + - --log-level=info + - --log-encoding=json + - --enable-leader-election + env: + - name: RUNTIME_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: ghcr.io/fluxcd/helm-controller:v0.35.0 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: healthz + name: manager + ports: + - containerPort: 8080 + name: http-prom + protocol: TCP + - containerPort: 9440 + name: healthz + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz + resources: + limits: + cpu: 1000m + memory: 1Gi + requests: + cpu: 100m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /tmp + name: temp + nodeSelector: + kubernetes.io/os: linux + priorityClassName: system-cluster-critical + securityContext: + fsGroup: 1337 + serviceAccountName: helm-controller + terminationGracePeriodSeconds: 600 + volumes: + - emptyDir: {} + name: temp +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.12.0 + labels: + app.kubernetes.io/component: notification-controller + app.kubernetes.io/instance: flux-system + app.kubernetes.io/part-of: flux + app.kubernetes.io/version: v2.0.0 + name: alerts.notification.toolkit.fluxcd.io +spec: + group: notification.toolkit.fluxcd.io + names: + kind: Alert + listKind: AlertList + plural: alerts + singular: alert + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Alert is the Schema for the alerts API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AlertSpec defines an alerting rule for events involving a + list of objects + properties: + eventSeverity: + default: info + description: Filter events based on severity, defaults to ('info'). + If set to 'info' no events will be filtered. + enum: + - info + - error + type: string + eventSources: + description: Filter events based on the involved objects. + items: + description: CrossNamespaceObjectReference contains enough information + to let you locate the typed referenced object at cluster level + properties: + apiVersion: + description: API version of the referent + type: string + kind: + description: Kind of the referent + enum: + - Bucket + - GitRepository + - Kustomization + - HelmRelease + - HelmChart + - HelmRepository + - ImageRepository + - ImagePolicy + - ImageUpdateAutomation + - OCIRepository + type: string + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + name: + description: Name of the referent + maxLength: 53 + minLength: 1 + type: string + namespace: + description: Namespace of the referent + maxLength: 53 + minLength: 1 + type: string + required: + - name + type: object + type: array + exclusionList: + description: A list of Golang regular expressions to be used for excluding + messages. + items: + type: string + type: array + providerRef: + description: Send events using this provider. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + summary: + description: Short description of the impact and affected cluster. + type: string + suspend: + description: This flag tells the controller to suspend subsequent + events dispatching. Defaults to false. + type: boolean + required: + - eventSources + - providerRef + type: object + status: + default: + observedGeneration: -1 + description: AlertStatus defines the observed state of Alert + properties: + conditions: + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: Alert is the Schema for the alerts API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AlertSpec defines an alerting rule for events involving a + list of objects. + properties: + eventMetadata: + additionalProperties: + type: string + description: EventMetadata is an optional field for adding metadata + to events dispatched by the controller. This can be used for enhancing + the context of the event. If a field would override one already + present on the original event as generated by the emitter, then + the override doesn't happen, i.e. the original value is preserved, + and an info log is printed. + type: object + eventSeverity: + default: info + description: EventSeverity specifies how to filter events based on + severity. If set to 'info' no events will be filtered. + enum: + - info + - error + type: string + eventSources: + description: EventSources specifies how to filter events based on + the involved object kind, name and namespace. + items: + description: CrossNamespaceObjectReference contains enough information + to let you locate the typed referenced object at cluster level + properties: + apiVersion: + description: API version of the referent + type: string + kind: + description: Kind of the referent + enum: + - Bucket + - GitRepository + - Kustomization + - HelmRelease + - HelmChart + - HelmRepository + - ImageRepository + - ImagePolicy + - ImageUpdateAutomation + - OCIRepository + type: string + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. MatchLabels requires the name to be set to `*`. + type: object + name: + description: Name of the referent If multiple resources are + targeted `*` may be set. + maxLength: 53 + minLength: 1 + type: string + namespace: + description: Namespace of the referent + maxLength: 53 + minLength: 1 + type: string + required: + - kind + - name + type: object + type: array + exclusionList: + description: ExclusionList specifies a list of Golang regular expressions + to be used for excluding messages. + items: + type: string + type: array + inclusionList: + description: InclusionList specifies a list of Golang regular expressions + to be used for including messages. + items: + type: string + type: array + providerRef: + description: ProviderRef specifies which Provider this Alert should + use. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + summary: + description: Summary holds a short description of the impact and affected + cluster. + maxLength: 255 + type: string + suspend: + description: Suspend tells the controller to suspend subsequent events + handling for this Alert. + type: boolean + required: + - eventSources + - providerRef + type: object + status: + default: + observedGeneration: -1 + description: AlertStatus defines the observed state of the Alert. + properties: + conditions: + description: Conditions holds the conditions for the Alert. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array lastHandledReconcileAt: description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change of the annotation value can @@ -5194,33 +6749,6 @@ spec: description: ObservedGeneration is the last observed generation. format: int64 type: integer - observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used - for constructing the source artifact. - type: string - observedLayerSelector: - description: ObservedLayerSelector is the observed layer selector - used for constructing the source artifact. - properties: - mediaType: - description: MediaType specifies the OCI media type of the layer - which should be extracted from the OCI Artifact. The first layer - matching this type is selected. - type: string - operation: - description: Operation specifies how the selected layer should - be processed. By default, the layer compressed content is extracted - to storage. When the operation is set to 'copy', the layer compressed - content is persisted to storage as it is. - enum: - - extract - - copy - type: string - type: object - url: - description: URL is the download link for the artifact output of the - last OCI Repository sync. - type: string type: object type: object served: true @@ -5232,13 +6760,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.0 labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 + app.kubernetes.io/version: v2.0.0 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5463,10 +6990,12 @@ spec: description: ProviderSpec defines the desired state of the Provider. properties: address: - description: Address specifies the HTTP/S incoming webhook address - of this Provider. + description: Address specifies the endpoint, in a generic sense, to + where alerts are sent. What kind of endpoint depends on the specific + Provider type being used. For the generic Provider, for example, + this is an HTTP/S address. For other Provider types this could be + a project ID or a namespace. maxLength: 2048 - pattern: ^(http|https)://.*$ type: string certSecretRef: description: CertSecretRef specifies the Secret containing a PEM-encoded @@ -5526,6 +7055,7 @@ spec: - bitbucket - azuredevops - googlechat + - googlepubsub - webex - sentry - azureeventhub @@ -5536,6 +7066,7 @@ spec: - alertmanager - grafana - githubdispatch + - pagerduty type: string username: description: Username specifies the name under which events are posted. @@ -5638,13 +7169,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.0 labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 + app.kubernetes.io/version: v2.0.0 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5665,6 +7195,227 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + name: v1 + schema: + openAPIV3Schema: + description: Receiver is the Schema for the receivers API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ReceiverSpec defines the desired state of the Receiver. + properties: + events: + description: Events specifies the list of event types to handle, e.g. + 'push' for GitHub or 'Push Hook' for GitLab. + items: + type: string + type: array + interval: + default: 10m + description: Interval at which to reconcile the Receiver with its + Secret references. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + resources: + description: A list of resources to be notified about changes. + items: + description: CrossNamespaceObjectReference contains enough information + to let you locate the typed referenced object at cluster level + properties: + apiVersion: + description: API version of the referent + type: string + kind: + description: Kind of the referent + enum: + - Bucket + - GitRepository + - Kustomization + - HelmRelease + - HelmChart + - HelmRepository + - ImageRepository + - ImagePolicy + - ImageUpdateAutomation + - OCIRepository + type: string + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. MatchLabels requires the name to be set to `*`. + type: object + name: + description: Name of the referent If multiple resources are + targeted `*` may be set. + maxLength: 53 + minLength: 1 + type: string + namespace: + description: Namespace of the referent + maxLength: 53 + minLength: 1 + type: string + required: + - kind + - name + type: object + type: array + secretRef: + description: SecretRef specifies the Secret containing the token used + to validate the payload authenticity. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: Suspend tells the controller to suspend subsequent events + handling for this receiver. + type: boolean + type: + description: Type of webhook sender, used to determine the validation + procedure and payload deserialization. + enum: + - generic + - generic-hmac + - github + - gitlab + - bitbucket + - harbor + - dockerhub + - quay + - gcr + - nexus + - acr + type: string + required: + - resources + - secretRef + - type + type: object + status: + default: + observedGeneration: -1 + description: ReceiverStatus defines the observed state of the Receiver. + properties: + conditions: + description: Conditions holds the conditions for the Receiver. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation of + the Receiver object. + format: int64 + type: integer + webhookPath: + description: WebhookPath is the generated incoming webhook address + in the format of '/hook/sha256sum(token+name+namespace)'. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + deprecated: true + deprecationWarning: v1beta1 Receiver is deprecated, upgrade to v1 name: v1beta1 schema: openAPIV3Schema: @@ -5867,6 +7618,8 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 Receiver is deprecated, upgrade to v1 name: v1beta2 schema: openAPIV3Schema: @@ -5905,10 +7658,10 @@ spec: to let you locate the typed referenced object at cluster level properties: apiVersion: - description: API version of the referent. + description: API version of the referent type: string kind: - description: Kind of the referent. + description: Kind of the referent enum: - Bucket - GitRepository @@ -5928,19 +7681,21 @@ spec: {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements - are ANDed. + are ANDed. MatchLabels requires the name to be set to `*`. type: object name: - description: Name of the referent. + description: Name of the referent If multiple resources are + targeted `*` may be set. maxLength: 53 minLength: 1 type: string namespace: - description: Namespace of the referent. + description: Namespace of the referent maxLength: 53 minLength: 1 type: string required: + - kind - name type: object type: array @@ -6074,255 +7829,29 @@ spec: type: object type: object served: true - storage: true + storage: false subresources: status: {} --- apiVersion: v1 kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: helm-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 - name: helm-controller - namespace: flux-system ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: kustomize-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 - name: kustomize-controller - namespace: flux-system ---- -apiVersion: v1 -kind: ServiceAccount metadata: labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 + app.kubernetes.io/version: v2.0.0 name: notification-controller namespace: flux-system --- apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 - name: source-controller - namespace: flux-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 - name: crd-controller-flux-system -rules: -- apiGroups: - - source.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - kustomize.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - helm.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - notification.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - image.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - "" - resources: - - namespaces - - secrets - - configmaps - - serviceaccounts - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - configmaps/status - verbs: - - get - - update - - patch -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 - rbac.authorization.k8s.io/aggregate-to-admin: "true" - rbac.authorization.k8s.io/aggregate-to-edit: "true" - name: flux-edit-flux-system -rules: -- apiGroups: - - notification.toolkit.fluxcd.io - - source.toolkit.fluxcd.io - - helm.toolkit.fluxcd.io - - image.toolkit.fluxcd.io - - kustomize.toolkit.fluxcd.io - resources: - - '*' - verbs: - - create - - delete - - deletecollection - - patch - - update ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 - rbac.authorization.k8s.io/aggregate-to-admin: "true" - rbac.authorization.k8s.io/aggregate-to-edit: "true" - rbac.authorization.k8s.io/aggregate-to-view: "true" - name: flux-view-flux-system -rules: -- apiGroups: - - notification.toolkit.fluxcd.io - - source.toolkit.fluxcd.io - - helm.toolkit.fluxcd.io - - image.toolkit.fluxcd.io - - kustomize.toolkit.fluxcd.io - resources: - - '*' - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 - name: cluster-reconciler-flux-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: cluster-admin -subjects: -- kind: ServiceAccount - name: kustomize-controller - namespace: flux-system -- kind: ServiceAccount - name: helm-controller - namespace: flux-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 - name: crd-controller-flux-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: crd-controller-flux-system -subjects: -- kind: ServiceAccount - name: kustomize-controller - namespace: flux-system -- kind: ServiceAccount - name: helm-controller - namespace: flux-system -- kind: ServiceAccount - name: source-controller - namespace: flux-system -- kind: ServiceAccount - name: notification-controller - namespace: flux-system -- kind: ServiceAccount - name: image-reflector-controller - namespace: flux-system -- kind: ServiceAccount - name: image-automation-controller - namespace: flux-system ---- -apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 + app.kubernetes.io/version: v2.0.0 control-plane: controller name: notification-controller namespace: flux-system @@ -6338,33 +7867,12 @@ spec: --- apiVersion: v1 kind: Service -metadata: - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 - control-plane: controller - name: source-controller - namespace: flux-system -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: http - selector: - app: source-controller - type: ClusterIP ---- -apiVersion: v1 -kind: Service metadata: labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 + app.kubernetes.io/version: v2.0.0 control-plane: controller name: webhook-receiver namespace: flux-system @@ -6380,178 +7888,12 @@ spec: --- apiVersion: apps/v1 kind: Deployment -metadata: - labels: - app.kubernetes.io/component: helm-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 - control-plane: controller - name: helm-controller - namespace: flux-system -spec: - replicas: 1 - selector: - matchLabels: - app: helm-controller - template: - metadata: - annotations: - prometheus.io/port: "8080" - prometheus.io/scrape: "true" - labels: - app: helm-controller - spec: - containers: - - args: - - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ - - --watch-all-namespaces=true - - --log-level=info - - --log-encoding=json - - --enable-leader-election - env: - - name: RUNTIME_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.31.2 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 8080 - name: http-prom - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: healthz - resources: - limits: - cpu: 1000m - memory: 1Gi - requests: - cpu: 100m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /tmp - name: temp - nodeSelector: - kubernetes.io/os: linux - securityContext: - fsGroup: 1337 - serviceAccountName: helm-controller - terminationGracePeriodSeconds: 600 - volumes: - - emptyDir: {} - name: temp ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: kustomize-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 - control-plane: controller - name: kustomize-controller - namespace: flux-system -spec: - replicas: 1 - selector: - matchLabels: - app: kustomize-controller - template: - metadata: - annotations: - prometheus.io/port: "8080" - prometheus.io/scrape: "true" - labels: - app: kustomize-controller - spec: - containers: - - args: - - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ - - --watch-all-namespaces=true - - --log-level=info - - --log-encoding=json - - --enable-leader-election - env: - - name: RUNTIME_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.35.1 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 8080 - name: http-prom - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: healthz - resources: - limits: - cpu: 1000m - memory: 1Gi - requests: - cpu: 100m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /tmp - name: temp - nodeSelector: - kubernetes.io/os: linux - securityContext: - fsGroup: 1337 - serviceAccountName: kustomize-controller - terminationGracePeriodSeconds: 60 - volumes: - - emptyDir: {} - name: temp ---- -apiVersion: apps/v1 -kind: Deployment metadata: labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 + app.kubernetes.io/version: v2.0.0 control-plane: controller name: notification-controller namespace: flux-system @@ -6579,7 +7921,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v0.33.0 + image: ghcr.io/fluxcd/notification-controller:v1.0.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6631,158 +7973,3 @@ spec: volumes: - emptyDir: {} name: temp ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 - control-plane: controller - name: source-controller - namespace: flux-system -spec: - replicas: 1 - selector: - matchLabels: - app: source-controller - strategy: - type: Recreate - template: - metadata: - annotations: - prometheus.io/port: "8080" - prometheus.io/scrape: "true" - labels: - app: source-controller - spec: - containers: - - args: - - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ - - --watch-all-namespaces=true - - --log-level=info - - --log-encoding=json - - --enable-leader-election - - --storage-path=/data - - --storage-adv-addr=source-controller.$(RUNTIME_NAMESPACE).svc.cluster.local. - env: - - name: RUNTIME_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: TUF_ROOT - value: /tmp/.sigstore - image: ghcr.io/fluxcd/source-controller:v0.36.1 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 9090 - name: http - protocol: TCP - - containerPort: 8080 - name: http-prom - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - readinessProbe: - httpGet: - path: / - port: http - resources: - limits: - cpu: 1000m - memory: 1Gi - requests: - cpu: 50m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /data - name: data - - mountPath: /tmp - name: tmp - nodeSelector: - kubernetes.io/os: linux - securityContext: - fsGroup: 1337 - serviceAccountName: source-controller - terminationGracePeriodSeconds: 10 - volumes: - - emptyDir: {} - name: data - - emptyDir: {} - name: tmp ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 - name: allow-egress - namespace: flux-system -spec: - egress: - - {} - ingress: - - from: - - podSelector: {} - podSelector: {} - policyTypes: - - Ingress - - Egress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 - name: allow-scraping - namespace: flux-system -spec: - ingress: - - from: - - namespaceSelector: {} - ports: - - port: 8080 - protocol: TCP - podSelector: {} - policyTypes: - - Ingress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.41.2 - name: allow-webhooks - namespace: flux-system -spec: - ingress: - - from: - - namespaceSelector: {} - podSelector: - matchLabels: - app: notification-controller - policyTypes: - - Ingress -- 2.47.1 From a47134fae03422b69cdc1716a5bd440973d6dd97 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 7 Jul 2023 06:00:25 +0000 Subject: [PATCH 1728/1882] chore(deps): update renovate/renovate docker tag to v36 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index c3aeec2d..2d32c854 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.159.5 + image: renovate/renovate:36.1.16 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 80a9ca2b16b41b9e423dd528c44f034319cb5b98 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 7 Jul 2023 10:20:35 +0200 Subject: [PATCH 1729/1882] upgrade flux to v2 --- flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml | 2 +- flux/olympus/base/apps.yaml | 2 +- .../base/flux-system/repositories/helm/external-secrets.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml b/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml index 7a8f37e3..9a70ed7d 100644 --- a/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml +++ b/flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml @@ -1,5 +1,5 @@ --- -apiVersion: source.toolkit.fluxcd.io/v1beta2 +apiVersion: source.toolkit.fluxcd.io/v1 kind: HelmRepository metadata: annotations: diff --git a/flux/olympus/base/apps.yaml b/flux/olympus/base/apps.yaml index ea630d9c..0059a2e9 100644 --- a/flux/olympus/base/apps.yaml +++ b/flux/olympus/base/apps.yaml @@ -1,5 +1,5 @@ --- -apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: name: apps diff --git a/flux/olympus/base/flux-system/repositories/helm/external-secrets.yaml b/flux/olympus/base/flux-system/repositories/helm/external-secrets.yaml index a68409ba..1128f31b 100644 --- a/flux/olympus/base/flux-system/repositories/helm/external-secrets.yaml +++ b/flux/olympus/base/flux-system/repositories/helm/external-secrets.yaml @@ -1,4 +1,4 @@ -apiVersion: source.toolkit.fluxcd.io/v1beta2 +apiVersion: source.toolkit.fluxcd.io/v1 kind: HelmRepository metadata: name: external-secrets -- 2.47.1 From 3fd96b3e05545158225c1384f32f79fa046b0166 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 7 Jul 2023 10:21:21 +0200 Subject: [PATCH 1730/1882] upgrade flux to v2 - 2 --- flux/olympus/base/core.yaml | 2 +- flux/olympus/base/flux-system/gotk-sync.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/flux/olympus/base/core.yaml b/flux/olympus/base/core.yaml index d8e98213..f61c58c8 100644 --- a/flux/olympus/base/core.yaml +++ b/flux/olympus/base/core.yaml @@ -1,5 +1,5 @@ --- -apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: name: core diff --git a/flux/olympus/base/flux-system/gotk-sync.yaml b/flux/olympus/base/flux-system/gotk-sync.yaml index 33247204..094efe16 100644 --- a/flux/olympus/base/flux-system/gotk-sync.yaml +++ b/flux/olympus/base/flux-system/gotk-sync.yaml @@ -1,6 +1,6 @@ # This manifest was generated by flux. DO NOT EDIT. --- -apiVersion: source.toolkit.fluxcd.io/v1beta2 +apiVersion: source.toolkit.fluxcd.io/v1 kind: GitRepository metadata: name: flux-system @@ -13,7 +13,7 @@ spec: name: flux-system url: ssh://gitea@git.0x76.dev:42/v/infrastructure.git --- -apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: name: flux-system -- 2.47.1 From 74aaaf7ebcda34a838f11b11a0a8bb371d69e265 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 7 Jul 2023 10:42:17 +0200 Subject: [PATCH 1731/1882] update flake --- flake.lock | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/flake.lock b/flake.lock index dfe1cef3..bac0c1d1 100644 --- a/flake.lock +++ b/flake.lock @@ -745,11 +745,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1688064897, - "narHash": "sha256-Q3CZc6ZfC4KpjGWVPsrofFgxor+UjqhbFBSi7YmHVvI=", + "lastModified": 1688586836, + "narHash": "sha256-5uLYGa+8lysS1X5ehdU3ewmrMIG8p9+qS7yJ0LyhMHs=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "0c1801b48995ec6909e040abedaa56a64f0db430", + "rev": "d460e9ff62ea1238fb3348a87326b743ae177902", "type": "gitlab" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1688500189, - "narHash": "sha256-djYYiY4lzJOlXOnTHytH6BUugrxHDZjuGxTSrU4gt4M=", + "lastModified": 1688590700, + "narHash": "sha256-ZF055rIUP89cVwiLpG5xkJzx00gEuuGFF60Bs/LM3wc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "78419edadf0fabbe5618643bd850b2f2198ed060", + "rev": "f292b4964cb71f9dfbbd30dc9f511d6165cd109b", "type": "github" }, "original": { @@ -1081,11 +1081,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1688231357, - "narHash": "sha256-ZOn16X5jZ6X5ror58gOJAxPfFLAQhZJ6nOUeS4tfFwo=", + "lastModified": 1688500189, + "narHash": "sha256-djYYiY4lzJOlXOnTHytH6BUugrxHDZjuGxTSrU4gt4M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "645ff62e09d294a30de823cb568e9c6d68e92606", + "rev": "78419edadf0fabbe5618643bd850b2f2198ed060", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1688482527, - "narHash": "sha256-9zd0YC2gfsRvVJENZsVs1R5LBj5/t127JlCLggn/970=", + "lastModified": 1688594934, + "narHash": "sha256-3dUo20PsmUd57jVZRx5vgKyIN1tv+v/JQweZsve5q/A=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c7a18f89ef1dc423f57f3de9bd5d9355550a5d15", + "rev": "e11142026e2cef35ea52c9205703823df225c947", "type": "github" }, "original": { @@ -1180,11 +1180,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1688411300, - "narHash": "sha256-oQlZ3KmMKsEfihUZYMzTP4qottrv8jM8JVi1y75TvmU=", + "lastModified": 1688709814, + "narHash": "sha256-4VRfLCNiU0IXsB2OK34E/hQ+xQBFFoAYrYEurWqm/wU=", "owner": "pta2002", "repo": "nixvim", - "rev": "89d0b05c9d2a677489fbcfb7a0cff66d5af1ed67", + "rev": "3ef05b4f13b427b271a477b7368c9efc1f3a1b73", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1688549687, - "narHash": "sha256-O/EMxPUQmPPcjbv8dlpEsPTm60RNodrm6lZcL5Edec0=", + "lastModified": 1688714750, + "narHash": "sha256-GaDYFIQgnhWtjKpM5Cd0SGOip5NgVtx4otyPt/CDLU0=", "owner": "nix-community", "repo": "NUR", - "rev": "86dbcd4e5454c5cc2ca5c0c944e83e5227c44bde", + "rev": "2f2dc4548fba407d4b609e311fa8e9c7d07801e0", "type": "github" }, "original": { @@ -1264,11 +1264,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1688137124, - "narHash": "sha256-ramG4s/+A5+t/QG2MplTNPP/lmBWDtbW6ilpwb9sKVo=", + "lastModified": 1688473851, + "narHash": "sha256-j+ViA3lh4uQGIDqB6TjM4+wijX2M5mfNb6MVJVekpAs=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "522fd47af79b66cdd04b92618e65c7a11504650a", + "rev": "f6a6863a3bcb61e846a9e4777b90ee365607a925", "type": "github" }, "original": { -- 2.47.1 From 54e1ed3a2c33e812eeea69d5bae59cfdf3056906 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 9 Jul 2023 13:05:48 +0200 Subject: [PATCH 1732/1882] update mastodon --- nixos/pkgs/glitch-soc/default.nix | 1 - nixos/pkgs/glitch-soc/gemset.nix | 8 ++++---- nixos/pkgs/glitch-soc/source.nix | 4 ++-- nixos/pkgs/glitch-soc/version.nix | 2 +- 4 files changed, 7 insertions(+), 8 deletions(-) diff --git a/nixos/pkgs/glitch-soc/default.nix b/nixos/pkgs/glitch-soc/default.nix index 1ffe0d39..9e48ff7d 100644 --- a/nixos/pkgs/glitch-soc/default.nix +++ b/nixos/pkgs/glitch-soc/default.nix @@ -41,7 +41,6 @@ stdenv.mkDerivation rec { yarnOfflineCache = fetchYarnDeps { yarnLock = "${src}/yarn.lock"; - # sha256 = lib.fakeSha256; sha256 = "sha256-8fUJ1RBQZ16R3IpA/JEcn+PO04ApQ9TkHuYKycvV8BY="; }; diff --git a/nixos/pkgs/glitch-soc/gemset.nix b/nixos/pkgs/glitch-soc/gemset.nix index 855957d8..dc7fe6fc 100644 --- a/nixos/pkgs/glitch-soc/gemset.nix +++ b/nixos/pkgs/glitch-soc/gemset.nix @@ -1786,10 +1786,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1mr2ibfk874ncv0qbdkynay738w2mfinlkhnbd5lyk5yiw5q1p10"; + sha256 = "1jw8a20a9k05fpz3q24im19b97idss3179z76yn5scc5b8lk2rl7"; type = "gem"; }; - version = "1.15.2"; + version = "1.15.3"; }; oj = { groups = ["default"]; @@ -2607,10 +2607,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ga8yzc9zj45m92ycwnzhzahkwvc3dp3lym5m3f3880hs4jhh7l3"; + sha256 = "1kymrjdpbmn4yaml3aaqyj1dzj8gqmm9h030dc2rj5mvja7fpi28"; type = "gem"; }; - version = "6.0.1"; + version = "6.0.2"; }; scenic = { dependencies = ["activerecord" "railties"]; diff --git a/nixos/pkgs/glitch-soc/source.nix b/nixos/pkgs/glitch-soc/source.nix index 3613bb19..07ddd948 100644 --- a/nixos/pkgs/glitch-soc/source.nix +++ b/nixos/pkgs/glitch-soc/source.nix @@ -2,8 +2,8 @@ { fetchgit, applyPatches }: let src = fetchgit { url = "https://github.com/glitch-soc/mastodon.git"; - rev = "ed15893eed1d0f0b80867c0b834a5962c0dbd3c2"; - sha256 = "1lkcqqgk8pfrwjz5m8zq5dnwix18sc4i89cc58iqifwqzb53wqxl"; + rev = "a40529fa79c6882eb1929014e5f9324d8e81ae49"; + sha256 = "0xppgbbms9a856w9h3pdzv4cxf4rgcg1wrxy8pmfmbf4cvjxkgpx"; }; in applyPatches { inherit src; diff --git a/nixos/pkgs/glitch-soc/version.nix b/nixos/pkgs/glitch-soc/version.nix index d80cafca..6ee44f9e 100644 --- a/nixos/pkgs/glitch-soc/version.nix +++ b/nixos/pkgs/glitch-soc/version.nix @@ -1 +1 @@ -"4.1.2" +"4.1.4" -- 2.47.1 From e1b5a39bc0d926c0991b3945bc9312f46f6a35d9 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 11 Jul 2023 15:31:12 +0200 Subject: [PATCH 1733/1882] update lucy --- nixos/hosts/hades/lucy/configuration.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/nixos/hosts/hades/lucy/configuration.nix b/nixos/hosts/hades/lucy/configuration.nix index e5f1f0ae..19f9c704 100644 --- a/nixos/hosts/hades/lucy/configuration.nix +++ b/nixos/hosts/hades/lucy/configuration.nix @@ -37,12 +37,14 @@ in { # Additional packages environment.systemPackages = with pkgs; [ + ffuf gcc go jq + nuclei-latest rustup trivy - nuclei-latest + wapiti ]; boot.loader.systemd-boot.enable = true; -- 2.47.1 From 4f244908ef2fa9c88acf93e792a529f3152913a1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 11 Jul 2023 14:00:26 +0000 Subject: [PATCH 1734/1882] chore(deps): update dependency fluxcd/flux2 to v2.0.1 --- .../base/flux-system/gotk-components.yaml | 68 +++++++++---------- 1 file changed, 34 insertions(+), 34 deletions(-) diff --git a/flux/olympus/base/flux-system/gotk-components.yaml b/flux/olympus/base/flux-system/gotk-components.yaml index 3736b749..e720d3eb 100644 --- a/flux/olympus/base/flux-system/gotk-components.yaml +++ b/flux/olympus/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v2.0.0 +# Flux Version: v2.0.1 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -19,7 +19,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: allow-egress namespace: flux-system spec: @@ -39,7 +39,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: allow-scraping namespace: flux-system spec: @@ -59,7 +59,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: allow-webhooks namespace: flux-system spec: @@ -78,7 +78,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: critical-pods-flux-system namespace: flux-system spec: @@ -98,7 +98,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: crd-controller-flux-system rules: - apiGroups: @@ -188,7 +188,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" name: flux-edit-flux-system @@ -214,7 +214,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-view: "true" @@ -239,7 +239,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -259,7 +259,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -294,7 +294,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -810,7 +810,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1990,7 +1990,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2585,7 +2585,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3089,7 +3089,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: ocirepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3448,7 +3448,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: source-controller namespace: flux-system --- @@ -3459,7 +3459,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 control-plane: controller name: source-controller namespace: flux-system @@ -3480,7 +3480,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 control-plane: controller name: source-controller namespace: flux-system @@ -3515,7 +3515,7 @@ spec: fieldPath: metadata.namespace - name: TUF_ROOT value: /tmp/.sigstore - image: ghcr.io/fluxcd/source-controller:v1.0.0 + image: ghcr.io/fluxcd/source-controller:v1.0.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -3579,7 +3579,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -5209,7 +5209,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: kustomize-controller namespace: flux-system --- @@ -5220,7 +5220,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 control-plane: controller name: kustomize-controller namespace: flux-system @@ -5249,7 +5249,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v1.0.0 + image: ghcr.io/fluxcd/kustomize-controller:v1.0.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5306,7 +5306,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -6231,7 +6231,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: helm-controller namespace: flux-system --- @@ -6242,7 +6242,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 control-plane: controller name: helm-controller namespace: flux-system @@ -6328,7 +6328,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6765,7 +6765,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -7174,7 +7174,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -7840,7 +7840,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 name: notification-controller namespace: flux-system --- @@ -7851,7 +7851,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 control-plane: controller name: notification-controller namespace: flux-system @@ -7872,7 +7872,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 control-plane: controller name: webhook-receiver namespace: flux-system @@ -7893,7 +7893,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.0 + app.kubernetes.io/version: v2.0.1 control-plane: controller name: notification-controller namespace: flux-system -- 2.47.1 From 9da33128f0e9cbe1a2e7f4b0c46456777e3f8bde Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 7 Jul 2023 22:00:30 +0000 Subject: [PATCH 1735/1882] chore(deps): update helm release external-secrets to v0.9.1 --- flux/olympus/core/external-secrets/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/core/external-secrets/helm-release.yaml b/flux/olympus/core/external-secrets/helm-release.yaml index 39c8dc9d..7affcfd4 100644 --- a/flux/olympus/core/external-secrets/helm-release.yaml +++ b/flux/olympus/core/external-secrets/helm-release.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: external-secrets - version: 0.9.0 + version: 0.9.1 interval: 30m sourceRef: kind: HelmRepository -- 2.47.1 From 37480e463ba01d832b2a802566c70f86c3f2650f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 12 Jul 2023 06:00:30 +0000 Subject: [PATCH 1736/1882] chore(deps): update renovate/renovate docker tag to v36.7.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 2d32c854..7f003c9a 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.1.16 + image: renovate/renovate:36.7.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 59fad14a0de789b31394c616da6297d4c26abd82 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 12 Jul 2023 11:09:15 +0200 Subject: [PATCH 1737/1882] fix ci --- nixos/hosts/olympus/ci/configuration.nix | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/nixos/hosts/olympus/ci/configuration.nix b/nixos/hosts/olympus/ci/configuration.nix index f0c7df52..0c694019 100644 --- a/nixos/hosts/olympus/ci/configuration.nix +++ b/nixos/hosts/olympus/ci/configuration.nix @@ -3,8 +3,7 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: -let - vs = config.vault-secrets.secrets; +let vs = config.vault-secrets.secrets; in { imports = [ ]; @@ -20,7 +19,7 @@ in { environment.systemPackages = with pkgs; [ ]; vault-secrets.secrets.gitea_runner = { - services = [ "gitea-runner-nix\x2dnative" ]; + services = [ "gitea-runner-nix_native" "gitea-runner-runner_1" ]; }; virtualisation.podman = { @@ -43,13 +42,11 @@ in { runner_1 = { name = "runner_1"; enable = true; - labels = [ - "docker:docker://node:16-bullseye" - ]; + labels = [ "docker:docker://node:16-bullseye" ]; url = "https://git.0x76.dev"; tokenFile = "${vs.gitea_runner}/token_runner_1"; }; - nix-native = { + nix_native = { enable = true; name = "nix-native"; labels = [ "native:host" ]; -- 2.47.1 From 002ca8f22a1d62f27bc2e87a42b906f45e2fd765 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 12 Jul 2023 11:15:58 +0200 Subject: [PATCH 1738/1882] nix flake update --- flake.lock | 54 +++++++++++++++++++++++++++--------------------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/flake.lock b/flake.lock index bac0c1d1..644199de 100644 --- a/flake.lock +++ b/flake.lock @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1688552611, - "narHash": "sha256-pV/1/AU1l5CNFeKmdJ1jofcaKHhtKAbxY4gazeCyoSo=", + "lastModified": 1689134369, + "narHash": "sha256-0G9dutIvhS/WUr3Awcnqw71g8EVVvvkOhVDnDDbY4Fw=", "owner": "nix-community", "repo": "home-manager", - "rev": "b23c7501f7e0a001486c9a5555a6c53ac7b08e85", + "rev": "e42fb59768f0305085abde0dd27ab5e0cc15420c", "type": "github" }, "original": { @@ -745,11 +745,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1688586836, - "narHash": "sha256-5uLYGa+8lysS1X5ehdU3ewmrMIG8p9+qS7yJ0LyhMHs=", + "lastModified": 1689103880, + "narHash": "sha256-vHRCkcpnBbFsPqUNXliUmdPU81jqyuL9ZPzj3vJx2RE=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "d460e9ff62ea1238fb3348a87326b743ae177902", + "rev": "69a4b7ad67d2732ba1f86666b3d4d2d83b15200e", "type": "gitlab" }, "original": { @@ -859,11 +859,11 @@ ] }, "locked": { - "lastModified": 1688349424, - "narHash": "sha256-/wRCJP2d9ZmfZKrREWthpDHIx/F02Z1J2bytbC+gUiU=", + "lastModified": 1688738567, + "narHash": "sha256-yax5BYOfpE0+95kyJmEcfKEdZBaFvCENDogBB4VQB3Q=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "cf341a2c94338eed91c35df291931ea775b31e99", + "rev": "9191c85aab6b1a7ad395c13d340f2aa0e3ddf552", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1688590700, - "narHash": "sha256-ZF055rIUP89cVwiLpG5xkJzx00gEuuGFF60Bs/LM3wc=", + "lastModified": 1689008574, + "narHash": "sha256-VFMgyHDiqsGDkRg73alv6OdHJAqhybryWHv77bSCGIw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f292b4964cb71f9dfbbd30dc9f511d6165cd109b", + "rev": "4a729ce4b1fe5ec4fffc71c67c96aa5184ebb462", "type": "github" }, "original": { @@ -1081,11 +1081,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1688500189, - "narHash": "sha256-djYYiY4lzJOlXOnTHytH6BUugrxHDZjuGxTSrU4gt4M=", + "lastModified": 1688679045, + "narHash": "sha256-t3xGEfYIwhaLTPU8FLtN/pLPytNeDwbLI6a7XFFBlGo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "78419edadf0fabbe5618643bd850b2f2198ed060", + "rev": "3c7487575d9445185249a159046cc02ff364bff8", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1688594934, - "narHash": "sha256-3dUo20PsmUd57jVZRx5vgKyIN1tv+v/JQweZsve5q/A=", + "lastModified": 1689048911, + "narHash": "sha256-pODI2CkjWbSLo5nPMZoLtkRNJU/Nr3VSITXZqqmNtIk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e11142026e2cef35ea52c9205703823df225c947", + "rev": "8163a64662b43848802092d52015ef60777d6129", "type": "github" }, "original": { @@ -1180,11 +1180,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1688709814, - "narHash": "sha256-4VRfLCNiU0IXsB2OK34E/hQ+xQBFFoAYrYEurWqm/wU=", + "lastModified": 1688901444, + "narHash": "sha256-ZLGnwNpIRg7oW7+e9SupKoRDyt8hQBaB7Jknq+MctKg=", "owner": "pta2002", "repo": "nixvim", - "rev": "3ef05b4f13b427b271a477b7368c9efc1f3a1b73", + "rev": "89bbd4b916e99aa9719d133a101bce88694a70db", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1688714750, - "narHash": "sha256-GaDYFIQgnhWtjKpM5Cd0SGOip5NgVtx4otyPt/CDLU0=", + "lastModified": 1689151250, + "narHash": "sha256-9MCb8HVx48LTJUu3XvQPVodS+f9VjmGnUqhSPbwBat8=", "owner": "nix-community", "repo": "NUR", - "rev": "2f2dc4548fba407d4b609e311fa8e9c7d07801e0", + "rev": "3187484684e41a55227f9a886bfb6239d76fe5df", "type": "github" }, "original": { @@ -1264,11 +1264,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1688473851, - "narHash": "sha256-j+ViA3lh4uQGIDqB6TjM4+wijX2M5mfNb6MVJVekpAs=", + "lastModified": 1688596063, + "narHash": "sha256-9t7RxBiKWHygsqXtiNATTJt4lim/oSYZV3RG8OjDDng=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "f6a6863a3bcb61e846a9e4777b90ee365607a925", + "rev": "c8d18ba345730019c3faf412c96a045ade171895", "type": "github" }, "original": { -- 2.47.1 From d918db0b4c5568b53aadfc2c4472f4d39aec23de Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 14 Jul 2023 11:45:31 +0200 Subject: [PATCH 1739/1882] nix flake lock --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index 644199de..3b7446de 100644 --- a/flake.lock +++ b/flake.lock @@ -503,11 +503,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1687709756, - "narHash": "sha256-Y5wKlQSkgEK2weWdOu4J3riRd+kV/VCgHsqLNTTWQ/0=", + "lastModified": 1689068808, + "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", "owner": "numtide", "repo": "flake-utils", - "rev": "dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7", + "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1689008574, - "narHash": "sha256-VFMgyHDiqsGDkRg73alv6OdHJAqhybryWHv77bSCGIw=", + "lastModified": 1689192006, + "narHash": "sha256-QM0f0d8oPphOTYJebsHioR9+FzJcy1QNIzREyubB91U=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4a729ce4b1fe5ec4fffc71c67c96aa5184ebb462", + "rev": "2de8efefb6ce7f5e4e75bdf57376a96555986841", "type": "github" }, "original": { @@ -1081,11 +1081,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1688679045, - "narHash": "sha256-t3xGEfYIwhaLTPU8FLtN/pLPytNeDwbLI6a7XFFBlGo=", + "lastModified": 1689098530, + "narHash": "sha256-fxc/9f20wRyo/5ydkmZkX/Sh/ULa7RcT8h+cUv8p/44=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3c7487575d9445185249a159046cc02ff364bff8", + "rev": "f2406198ea0e4e37d4380d0e20336c575b8f8ef9", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1689048911, - "narHash": "sha256-pODI2CkjWbSLo5nPMZoLtkRNJU/Nr3VSITXZqqmNtIk=", + "lastModified": 1689209875, + "narHash": "sha256-8AVcBV1DiszaZzHFd5iLc8HSLfxRAuqcU0QdfBEF3Ag=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8163a64662b43848802092d52015ef60777d6129", + "rev": "fcc147b1e9358a8386b2c4368bd928e1f63a7df2", "type": "github" }, "original": { @@ -1180,11 +1180,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1688901444, - "narHash": "sha256-ZLGnwNpIRg7oW7+e9SupKoRDyt8hQBaB7Jknq+MctKg=", + "lastModified": 1689194479, + "narHash": "sha256-GYAaj78gtr1c8YHSP5X5gXK7b1OPI+kqluqJwPpIwM8=", "owner": "pta2002", "repo": "nixvim", - "rev": "89bbd4b916e99aa9719d133a101bce88694a70db", + "rev": "22306af9aaa574e3ced2d582ab2aba090c3e6948", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1689151250, - "narHash": "sha256-9MCb8HVx48LTJUu3XvQPVodS+f9VjmGnUqhSPbwBat8=", + "lastModified": 1689318000, + "narHash": "sha256-mPb9paITPg0j5NPxQAQpvY44/zl2Uflj20XVDc5wEXc=", "owner": "nix-community", "repo": "NUR", - "rev": "3187484684e41a55227f9a886bfb6239d76fe5df", + "rev": "a5acf638edd0fa9c221906b71407e590be971b30", "type": "github" }, "original": { -- 2.47.1 From 7665cd6112ecb793a6816a504820ff9ef34182bc Mon Sep 17 00:00:00 2001 From: Forgejo Actions Bot <> Date: Fri, 14 Jul 2023 11:45:47 +0200 Subject: [PATCH 1740/1882] Update Plex --- nixos/pkgs/plex-pass/sources.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/nixos/pkgs/plex-pass/sources.json b/nixos/pkgs/plex-pass/sources.json index 8fea2075..d1769a98 100644 --- a/nixos/pkgs/plex-pass/sources.json +++ b/nixos/pkgs/plex-pass/sources.json @@ -1,14 +1,14 @@ [ { - "version": "1.32.5.7210", + "version": "1.32.5.7318", "platform": "aarch64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.5.7210-77f7f99fa/debian/plexmediaserver_1.32.5.7210-77f7f99fa_arm64.deb", - "hash": "0406rk04fxn3skd6y40ami0w4fym88qyywx7x7s49a177s1lsmi6" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.5.7318-0b5fb6462/debian/plexmediaserver_1.32.5.7318-0b5fb6462_arm64.deb", + "hash": "0zk3a10ylwfjwh7gmr4fm52hnar2svr21jfgccm7zi609qyyzgwb" }, { - "version": "1.32.5.7210", + "version": "1.32.5.7318", "platform": "x86_64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.5.7210-77f7f99fa/debian/plexmediaserver_1.32.5.7210-77f7f99fa_amd64.deb", - "hash": "1cy53v6y88r6c9smg2xvlkzq9wi56dxgvbssnxccgz1n6dwmq2nm" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.5.7318-0b5fb6462/debian/plexmediaserver_1.32.5.7318-0b5fb6462_amd64.deb", + "hash": "1994znj5m5nljz2mqfqsij7gskj757jlgsi4r8yrv9p56sxc4kzn" } ] -- 2.47.1 From afbe88e528e479c99fc2ef753194760cac356ee5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 14 Jul 2023 14:00:24 +0000 Subject: [PATCH 1741/1882] chore(deps): update renovate/renovate docker tag to v36.8.5 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 7f003c9a..68fd3f04 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.7.2 + image: renovate/renovate:36.8.5 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From ea96d83d94164c35bdab1a47f3f5860eea54644d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 15 Jul 2023 14:00:27 +0000 Subject: [PATCH 1742/1882] chore(deps): update renovate/renovate docker tag to v36.8.11 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 68fd3f04..b7fb4ddc 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.8.5 + image: renovate/renovate:36.8.11 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 16d927dbf274a3253f106fe40d1bc5b2b112c8a2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 17 Jul 2023 22:00:29 +0000 Subject: [PATCH 1743/1882] chore(deps): update renovate/renovate docker tag to v36.9.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index b7fb4ddc..b30af498 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.8.11 + image: renovate/renovate:36.9.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 87e4357b3604606a40901deae9ceaa90eac4402d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 17 Jul 2023 06:00:26 +0000 Subject: [PATCH 1744/1882] chore(deps): update flaresolverr/flaresolverr docker tag to v3.2.2 --- nixos/hosts/hades/overseerr/prowlarr.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/overseerr/prowlarr.nix b/nixos/hosts/hades/overseerr/prowlarr.nix index 1fe2599b..43e31d5b 100644 --- a/nixos/hosts/hades/overseerr/prowlarr.nix +++ b/nixos/hosts/hades/overseerr/prowlarr.nix @@ -5,7 +5,7 @@ _: { }; virtualisation.oci-containers.containers.flaresolverr = { - image = "flaresolverr/flaresolverr:v3.2.1"; + image = "flaresolverr/flaresolverr:v3.2.2"; ports = [ "8191:8191" ]; }; } -- 2.47.1 From 2aa514e4ead4dcc58cb46e87cda140effbbec961 Mon Sep 17 00:00:00 2001 From: Forgejo Actions Bot <> Date: Wed, 19 Jul 2023 11:19:28 +0200 Subject: [PATCH 1745/1882] Update Plex --- nixos/pkgs/plex-pass/sources.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/nixos/pkgs/plex-pass/sources.json b/nixos/pkgs/plex-pass/sources.json index d1769a98..28fd5704 100644 --- a/nixos/pkgs/plex-pass/sources.json +++ b/nixos/pkgs/plex-pass/sources.json @@ -1,14 +1,14 @@ [ { - "version": "1.32.5.7318", + "version": "1.32.5.7328", "platform": "aarch64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.5.7318-0b5fb6462/debian/plexmediaserver_1.32.5.7318-0b5fb6462_arm64.deb", - "hash": "0zk3a10ylwfjwh7gmr4fm52hnar2svr21jfgccm7zi609qyyzgwb" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.5.7328-2632c9d3a/debian/plexmediaserver_1.32.5.7328-2632c9d3a_arm64.deb", + "hash": "1dxhwggkj944ysm3nw4fkh46paf4c8xbyw7vls5hlbdp8pfknaaz" }, { - "version": "1.32.5.7318", + "version": "1.32.5.7328", "platform": "x86_64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.5.7318-0b5fb6462/debian/plexmediaserver_1.32.5.7318-0b5fb6462_amd64.deb", - "hash": "1994znj5m5nljz2mqfqsij7gskj757jlgsi4r8yrv9p56sxc4kzn" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.5.7328-2632c9d3a/debian/plexmediaserver_1.32.5.7328-2632c9d3a_amd64.deb", + "hash": "1qbw1ws8vjkcbj2nv3mvb31g00144wbjpgnwmm1x2ny00yfp4q57" } ] -- 2.47.1 From 87149b07f7f4f584189ad2e7b1e2b0fe44131fc3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 19 Jul 2023 22:00:29 +0000 Subject: [PATCH 1746/1882] chore(deps): update renovate/renovate docker tag to v36.14.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index b30af498..de9ea989 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.9.1 + image: renovate/renovate:36.14.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 5a26864eafc11f6535c53248919ff296f3ed941a Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 20 Jul 2023 11:10:25 +0200 Subject: [PATCH 1747/1882] flake update --- flake.lock | 124 ++++++++++++--------- nixos/hosts/olympus/eevee/home/default.nix | 6 +- 2 files changed, 76 insertions(+), 54 deletions(-) diff --git a/flake.lock b/flake.lock index 3b7446de..5f740b36 100644 --- a/flake.lock +++ b/flake.lock @@ -50,11 +50,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1686620679, - "narHash": "sha256-Ck/r3f+W9mOn3cHn5ii/fogBiJtosFnDaOQveaJ0zVU=", + "lastModified": 1689457600, + "narHash": "sha256-1XLn2ZZMaqQx+Ys3eel5hQRkgUn3DeHcVb2JT8WYU0A=", "owner": "zhaofengli", "repo": "attic", - "rev": "4fedffe6a1020edfcfa7bef18d21321d4983b3a7", + "rev": "4902d57f5dae8ec660ee9ee14c45c2192f9fe8b1", "type": "github" }, "original": { @@ -131,11 +131,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1687971279, - "narHash": "sha256-xqlz/RvtSGn2Abb1LKu3++NjJ0D8jt/Y+tHIhIpHU2E=", + "lastModified": 1689448725, + "narHash": "sha256-fMW3jqLuEnMFO0j7LaAEHwHiKLeTMvaPe6LHMGUVjVk=", "owner": "nix-community", "repo": "comma", - "rev": "bea6db4db59bf4f299aa78d1d9e8be7f2b726b5a", + "rev": "daf2e1ab84d270581ceb507356677bd016fcf614", "type": "github" }, "original": { @@ -482,7 +482,7 @@ }, "flake-utils_3": { "inputs": { - "systems": "systems" + "systems": "systems_2" }, "locked": { "lastModified": 1681202837, @@ -500,7 +500,7 @@ }, "flake-utils_4": { "inputs": { - "systems": "systems_2" + "systems": "systems_3" }, "locked": { "lastModified": 1689068808, @@ -518,7 +518,7 @@ }, "flake-utils_5": { "inputs": { - "systems": "systems_3" + "systems": "systems_4" }, "locked": { "lastModified": 1685518550, @@ -550,7 +550,7 @@ }, "flake-utils_7": { "inputs": { - "systems": "systems_4" + "systems": "systems_5" }, "locked": { "lastModified": 1681202837, @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1689134369, - "narHash": "sha256-0G9dutIvhS/WUr3Awcnqw71g8EVVvvkOhVDnDDbY4Fw=", + "lastModified": 1689802112, + "narHash": "sha256-Se7oHV/L0dHTQ4xp8MvYafaVdkSzF04Hx5NeloUYHtM=", "owner": "nix-community", "repo": "home-manager", - "rev": "e42fb59768f0305085abde0dd27ab5e0cc15420c", + "rev": "0cb3ac57fca6b52c42e4c0f560185540ae1dfb6c", "type": "github" }, "original": { @@ -689,11 +689,11 @@ "pre-commit-hooks-nix": "pre-commit-hooks-nix" }, "locked": { - "lastModified": 1687124707, - "narHash": "sha256-BEC2y7zwDI/Saeupr9rijLvwb0OoqTD9vntlcyciyrM=", + "lastModified": 1689842110, + "narHash": "sha256-4+5IQ+893ZgI9pY1DPw0/Wkzq+/6WdShnes7lTNn4dU=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "c758cdad465e0c8174db57dc493f51a89f0e3372", + "rev": "85420159e7d37b960f11c3aa64324b34db70d10b", "type": "github" }, "original": { @@ -745,11 +745,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1689103880, - "narHash": "sha256-vHRCkcpnBbFsPqUNXliUmdPU81jqyuL9ZPzj3vJx2RE=", + "lastModified": 1689610936, + "narHash": "sha256-g/+hhD6Kpz8EQvE93q3tpP58LBxNyR7f1UhREKZJvXM=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "69a4b7ad67d2732ba1f86666b3d4d2d83b15200e", + "rev": "a3b03d1b5af5112bc94b448879a2f401043b42ea", "type": "gitlab" }, "original": { @@ -766,11 +766,11 @@ ] }, "locked": { - "lastModified": 1679567394, - "narHash": "sha256-ZvLuzPeARDLiQUt6zSZFGOs+HZmE+3g4QURc8mkBsfM=", + "lastModified": 1688534083, + "narHash": "sha256-/bI5vsioXscQTsx+Hk9X5HfweeNZz/6kVKsbdqfwW7g=", "owner": "nix-community", "repo": "naersk", - "rev": "88cd22380154a2c36799fe8098888f0f59861a15", + "rev": "abca1fb7a6cfdd355231fc220c3d0302dbb4369a", "type": "github" }, "original": { @@ -838,11 +838,11 @@ }, "nixlib": { "locked": { - "lastModified": 1688259758, - "narHash": "sha256-CYVbYQfIm3vwciCf6CCYE+WOOLE3vcfxfEfNHIfKUJQ=", + "lastModified": 1689469483, + "narHash": "sha256-2SBhY7rZQ/iNCxe04Eqxlz9YK9KgbaTMBssq3/BgdWY=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "a92befce80a487380ea5e92ae515fe33cebd3ac6", + "rev": "02fea408f27186f139153e1ae88f8ab2abd9c22c", "type": "github" }, "original": { @@ -859,11 +859,11 @@ ] }, "locked": { - "lastModified": 1688738567, - "narHash": "sha256-yax5BYOfpE0+95kyJmEcfKEdZBaFvCENDogBB4VQB3Q=", + "lastModified": 1689558522, + "narHash": "sha256-diNpqSRebzvT3P4fLX+40VWZbf2H2hraJDDdg5NJSj0=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "9191c85aab6b1a7ad395c13d340f2aa0e3ddf552", + "rev": "11c98929963a95ad3830960a9216d00e2f792502", "type": "github" }, "original": { @@ -1050,11 +1050,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1680668850, - "narHash": "sha256-mQMg13yRsS0LXVzaeoSPwqgPO6yhkGzGewPgMSqXSv8=", + "lastModified": 1689321787, + "narHash": "sha256-ifk7hrfWnJaLlcjCf8YaWDR+9kQ0uT3x9eCz31D9qB0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4a65e9f64e53fdca6eed31adba836717a11247d2", + "rev": "c11464c6625d9a71d91a3718a3567394638efc3e", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1689192006, - "narHash": "sha256-QM0f0d8oPphOTYJebsHioR9+FzJcy1QNIzREyubB91U=", + "lastModified": 1689679375, + "narHash": "sha256-LHUC52WvyVDi9PwyL1QCpaxYWBqp4ir4iL6zgOkmcb8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2de8efefb6ce7f5e4e75bdf57376a96555986841", + "rev": "684c17c429c42515bafb3ad775d2a710947f3d67", "type": "github" }, "original": { @@ -1081,11 +1081,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1689098530, - "narHash": "sha256-fxc/9f20wRyo/5ydkmZkX/Sh/ULa7RcT8h+cUv8p/44=", + "lastModified": 1689679375, + "narHash": "sha256-LHUC52WvyVDi9PwyL1QCpaxYWBqp4ir4iL6zgOkmcb8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f2406198ea0e4e37d4380d0e20336c575b8f8ef9", + "rev": "684c17c429c42515bafb3ad775d2a710947f3d67", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1689209875, - "narHash": "sha256-8AVcBV1DiszaZzHFd5iLc8HSLfxRAuqcU0QdfBEF3Ag=", + "lastModified": 1689680872, + "narHash": "sha256-brNix2+ihJSzCiKwLafbyejrHJZUP0Fy6z5+xMOC27M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "fcc147b1e9358a8386b2c4368bd928e1f63a7df2", + "rev": "08700de174bc6235043cb4263b643b721d936bdb", "type": "github" }, "original": { @@ -1180,11 +1180,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1689194479, - "narHash": "sha256-GYAaj78gtr1c8YHSP5X5gXK7b1OPI+kqluqJwPpIwM8=", + "lastModified": 1689834273, + "narHash": "sha256-s3+iQ+wMR9of/rKWDlsoPlYVdWOHYMIJV/q0uWTZmA0=", "owner": "pta2002", "repo": "nixvim", - "rev": "22306af9aaa574e3ced2d582ab2aba090c3e6948", + "rev": "54ebe3b0eeacbd7397d7f867a0b0e440127a34c2", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1689318000, - "narHash": "sha256-mPb9paITPg0j5NPxQAQpvY44/zl2Uflj20XVDc5wEXc=", + "lastModified": 1689835495, + "narHash": "sha256-E7UoeLrHuiXR5S4zISzZSXDMIdn6qyf1Ybuc3sPLHUg=", "owner": "nix-community", "repo": "NUR", - "rev": "a5acf638edd0fa9c221906b71407e590be971b30", + "rev": "d98419c13076da506af00f86a2a8249da586657d", "type": "github" }, "original": { @@ -1264,11 +1264,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1688596063, - "narHash": "sha256-9t7RxBiKWHygsqXtiNATTJt4lim/oSYZV3RG8OjDDng=", + "lastModified": 1689668210, + "narHash": "sha256-XAATwDkaUxH958yXLs1lcEOmU6pSEIkatY3qjqk8X0E=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "c8d18ba345730019c3faf412c96a045ade171895", + "rev": "eb433bff05b285258be76513add6f6c57b441775", "type": "github" }, "original": { @@ -1512,13 +1512,31 @@ "type": "github" } }, - "utils": { + "systems_5": { "locked": { - "lastModified": 1678901627, - "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1689068808, + "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", "owner": "numtide", "repo": "flake-utils", - "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6", + "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/eevee/home/default.nix b/nixos/hosts/olympus/eevee/home/default.nix index 2e78a54c..bf2d078a 100644 --- a/nixos/hosts/olympus/eevee/home/default.nix +++ b/nixos/hosts/olympus/eevee/home/default.nix @@ -1,5 +1,9 @@ -_: { +{ pkgs, ... }: { dconf.settings."org/gnome/desktop/peripherals/mouse" = { accel-profile = "flat"; }; + + home.packages = with pkgs; [ + zoom-us + ]; } -- 2.47.1 From 0cd068d5084d4566af03cbb75710d4189ca8cfcf Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 21 Jul 2023 09:58:24 +0200 Subject: [PATCH 1748/1882] update to master to fix rtorrent: --- flake.lock | 8 ++++---- flake.nix | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index 5f740b36..0e607bd6 100644 --- a/flake.lock +++ b/flake.lock @@ -1066,16 +1066,16 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1689679375, - "narHash": "sha256-LHUC52WvyVDi9PwyL1QCpaxYWBqp4ir4iL6zgOkmcb8=", + "lastModified": 1689925568, + "narHash": "sha256-ytk3dTHQmgU5E7VaqjOAAGGpjSSzqfxYvErXDhJbLSo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "684c17c429c42515bafb3ad775d2a710947f3d67", + "rev": "acf7891bf8de021e304cd2f218f1d38a418d7d79", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-unstable", + "ref": "master", "type": "indirect" } }, diff --git a/flake.nix b/flake.nix index 8e9cfe49..7e225b3e 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "nixpkgs/nixos-unstable"; + nixpkgs.url = "nixpkgs/master"; nixpkgs_stable.url = "nixpkgs/nixos-23.05"; -- 2.47.1 From 49c06a5ce323e5fa337245ed3631757ef3dffcdc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 24 Jul 2023 14:00:28 +0000 Subject: [PATCH 1749/1882] chore(deps): update ghcr.io/sct/overseerr docker tag to v1.33.1 --- nixos/hosts/hades/overseerr/overseerr.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/overseerr/overseerr.nix b/nixos/hosts/hades/overseerr/overseerr.nix index f987831d..2d77bfcc 100644 --- a/nixos/hosts/hades/overseerr/overseerr.nix +++ b/nixos/hosts/hades/overseerr/overseerr.nix @@ -2,7 +2,7 @@ _: { networking.firewall.allowedTCPPorts = [ 5055 ]; # TODO: Write NixOS package https://github.com/NixOS/nixpkgs/issues/135885 virtualisation.oci-containers.containers.overseerr = { - image = "ghcr.io/sct/overseerr:1.33.0"; + image = "ghcr.io/sct/overseerr:1.33.1"; environment = { TZ = "Europe/Amsterdam"; }; ports = [ "5055:5055" ]; volumes = [ "/var/lib/overseerr/config:/app/config" ]; -- 2.47.1 From 49112a96a659332541259b72b03b033f35c57bd8 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 27 Jul 2023 14:02:01 +0200 Subject: [PATCH 1750/1882] flake update --- flake.lock | 92 +++++++++++++++++++++++++++--------------------------- 1 file changed, 46 insertions(+), 46 deletions(-) diff --git a/flake.lock b/flake.lock index 0e607bd6..d7914168 100644 --- a/flake.lock +++ b/flake.lock @@ -131,11 +131,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1689448725, - "narHash": "sha256-fMW3jqLuEnMFO0j7LaAEHwHiKLeTMvaPe6LHMGUVjVk=", + "lastModified": 1690218746, + "narHash": "sha256-ms99rTSdFa24vrZLF7jUunmDA+0m/vMlPwUJ8XMu8v4=", "owner": "nix-community", "repo": "comma", - "rev": "daf2e1ab84d270581ceb507356677bd016fcf614", + "rev": "3b35742f0365f72fa9f5aa739d9f63c1ff9ba133", "type": "github" }, "original": { @@ -404,11 +404,11 @@ ] }, "locked": { - "lastModified": 1683560683, - "narHash": "sha256-XAygPMN5Xnk/W2c1aW0jyEa6lfMDZWlQgiNtmHXytPc=", + "lastModified": 1688466019, + "narHash": "sha256-VeM2akYrBYMsb4W/MmBo1zmaMfgbL4cH3Pu8PGyIwJ0=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "006c75898cf814ef9497252b022e91c946ba8e17", + "rev": "8e8d955c22df93dbe24f19ea04f47a74adbdc5ec", "type": "github" }, "original": { @@ -485,11 +485,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1681202837, - "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "lastModified": 1689068808, + "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", "owner": "numtide", "repo": "flake-utils", - "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", "type": "github" }, "original": { @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1689802112, - "narHash": "sha256-Se7oHV/L0dHTQ4xp8MvYafaVdkSzF04Hx5NeloUYHtM=", + "lastModified": 1690303752, + "narHash": "sha256-2YiwFHQERGoaORNORmsdmVlPD8CVVwlwbV2+f77sFhg=", "owner": "nix-community", "repo": "home-manager", - "rev": "0cb3ac57fca6b52c42e4c0f560185540ae1dfb6c", + "rev": "ba2c0737cc848db03470828fdb5e86df75ed42a8", "type": "github" }, "original": { @@ -689,11 +689,11 @@ "pre-commit-hooks-nix": "pre-commit-hooks-nix" }, "locked": { - "lastModified": 1689842110, - "narHash": "sha256-4+5IQ+893ZgI9pY1DPw0/Wkzq+/6WdShnes7lTNn4dU=", + "lastModified": 1689889377, + "narHash": "sha256-ChBawisTCY3Cl06CSG+QNC2ES+G0ASiOxtOVif9uP/0=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "85420159e7d37b960f11c3aa64324b34db70d10b", + "rev": "e7246c6bce1733d373059e6342f67fd53f90c198", "type": "github" }, "original": { @@ -745,11 +745,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1689610936, - "narHash": "sha256-g/+hhD6Kpz8EQvE93q3tpP58LBxNyR7f1UhREKZJvXM=", + "lastModified": 1689976554, + "narHash": "sha256-uWJq3sIhkqfzPmfB2RWd5XFVooGFfSuJH9ER/r302xQ=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "a3b03d1b5af5112bc94b448879a2f401043b42ea", + "rev": "c63f6e7b053c18325194ff0e274dba44e8d2271e", "type": "gitlab" }, "original": { @@ -859,11 +859,11 @@ ] }, "locked": { - "lastModified": 1689558522, - "narHash": "sha256-diNpqSRebzvT3P4fLX+40VWZbf2H2hraJDDdg5NJSj0=", + "lastModified": 1690133435, + "narHash": "sha256-YNZiefETggroaTLsLJG2M+wpF0pJPwiauKG4q48ddNU=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "11c98929963a95ad3830960a9216d00e2f792502", + "rev": "b1171de4d362c022130c92d7c8adc4bf2b83d586", "type": "github" }, "original": { @@ -986,16 +986,16 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1678872516, - "narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=", + "lastModified": 1685801374, + "narHash": "sha256-otaSUoFEMM+LjBI1XL/xGB5ao6IwnZOXc47qhIgJe8U=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8", + "rev": "c37ca420157f4abc31e26f436c1145f8951ff373", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-22.11", + "ref": "nixos-23.05", "repo": "nixpkgs", "type": "github" } @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1689925568, - "narHash": "sha256-ytk3dTHQmgU5E7VaqjOAAGGpjSSzqfxYvErXDhJbLSo=", + "lastModified": 1690451546, + "narHash": "sha256-e54BqPfN3ejWfq9r759E2UvaP6JMEgBK4fXANtULJ/g=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "acf7891bf8de021e304cd2f218f1d38a418d7d79", + "rev": "d205f49d6a6fb666292f5c5b256461ddb9d7e4b2", "type": "github" }, "original": { @@ -1081,11 +1081,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1689679375, - "narHash": "sha256-LHUC52WvyVDi9PwyL1QCpaxYWBqp4ir4iL6zgOkmcb8=", + "lastModified": 1690031011, + "narHash": "sha256-kzK0P4Smt7CL53YCdZCBbt9uBFFhE0iNvCki20etAf4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "684c17c429c42515bafb3ad775d2a710947f3d67", + "rev": "12303c652b881435065a98729eb7278313041e49", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1689680872, - "narHash": "sha256-brNix2+ihJSzCiKwLafbyejrHJZUP0Fy6z5+xMOC27M=", + "lastModified": 1690370995, + "narHash": "sha256-9z//23jGegLJrf3ITStLwVf715O39dq5u48Kr/XW14U=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "08700de174bc6235043cb4263b643b721d936bdb", + "rev": "f3fbbc36b4e179a5985b9ab12624e9dfe7989341", "type": "github" }, "original": { @@ -1180,11 +1180,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1689834273, - "narHash": "sha256-s3+iQ+wMR9of/rKWDlsoPlYVdWOHYMIJV/q0uWTZmA0=", + "lastModified": 1690107839, + "narHash": "sha256-ll3j+g3qz239sfLHYhHynKRWhMkxFXsJ9MOAXzSqQMc=", "owner": "pta2002", "repo": "nixvim", - "rev": "54ebe3b0eeacbd7397d7f867a0b0e440127a34c2", + "rev": "4c25722d73694245e767839b462026ab2296542b", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1689835495, - "narHash": "sha256-E7UoeLrHuiXR5S4zISzZSXDMIdn6qyf1Ybuc3sPLHUg=", + "lastModified": 1690442491, + "narHash": "sha256-P7X5kQYcX0keEBbJgcdtIIb7l68CXXlvjIpgUGlEDZ4=", "owner": "nix-community", "repo": "NUR", - "rev": "d98419c13076da506af00f86a2a8249da586657d", + "rev": "2168d5fff432bb7ee332984712ee32e66ecce651", "type": "github" }, "original": { @@ -1295,11 +1295,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1684842236, - "narHash": "sha256-rYWsIXHvNhVQ15RQlBUv67W3YnM+Pd+DuXGMvCBq2IE=", + "lastModified": 1689668210, + "narHash": "sha256-XAATwDkaUxH958yXLs1lcEOmU6pSEIkatY3qjqk8X0E=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "61e567d6497bc9556f391faebe5e410e6623217f", + "rev": "eb433bff05b285258be76513add6f6c57b441775", "type": "github" }, "original": { @@ -1342,11 +1342,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1686943106, - "narHash": "sha256-rTYwDvTLFCCbyGHDM/Si7v7RR7A6pcnXyO85NtMmAH4=", + "lastModified": 1690193312, + "narHash": "sha256-JZQoHRBpNM1ucZ9A9ZE3Q67z8AuaBa/WKIS2Wm8zHHo=", "owner": "DeterminateSystems", "repo": "riff", - "rev": "2e19c1097c922cdeb90fdaec60f9bc592b8c4ffe", + "rev": "aec5418dbae0c468652eaac7f8f3d85ed83c89ce", "type": "github" }, "original": { -- 2.47.1 From ebeeada3bb867bba5ed3e218ebb1697bec5f0d54 Mon Sep 17 00:00:00 2001 From: Forgejo Actions Bot <> Date: Thu, 27 Jul 2023 14:02:21 +0200 Subject: [PATCH 1751/1882] Update Plex --- nixos/pkgs/plex-pass/sources.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/nixos/pkgs/plex-pass/sources.json b/nixos/pkgs/plex-pass/sources.json index 28fd5704..2e61c414 100644 --- a/nixos/pkgs/plex-pass/sources.json +++ b/nixos/pkgs/plex-pass/sources.json @@ -1,14 +1,14 @@ [ { - "version": "1.32.5.7328", + "version": "1.32.5.7349", "platform": "aarch64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.5.7328-2632c9d3a/debian/plexmediaserver_1.32.5.7328-2632c9d3a_arm64.deb", - "hash": "1dxhwggkj944ysm3nw4fkh46paf4c8xbyw7vls5hlbdp8pfknaaz" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.5.7349-8f4248874/debian/plexmediaserver_1.32.5.7349-8f4248874_arm64.deb", + "hash": "18j98za5498v02asyyz2sakbl4inyxd6jsa4bjz8zm2jb1knk236" }, { - "version": "1.32.5.7328", + "version": "1.32.5.7349", "platform": "x86_64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.5.7328-2632c9d3a/debian/plexmediaserver_1.32.5.7328-2632c9d3a_amd64.deb", - "hash": "1qbw1ws8vjkcbj2nv3mvb31g00144wbjpgnwmm1x2ny00yfp4q57" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.5.7349-8f4248874/debian/plexmediaserver_1.32.5.7349-8f4248874_amd64.deb", + "hash": "0gm9i752fbplw1l0xlrhzpif5fjiwx471hv55bwbs3ywz3hp0jnb" } ] -- 2.47.1 From 7ea93c12dbbe0190551dac76b297c832647927b8 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 28 Jul 2023 10:40:28 +0200 Subject: [PATCH 1752/1882] fix gitea --- nixos/hosts/olympus/gitea/configuration.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/nixos/hosts/olympus/gitea/configuration.nix b/nixos/hosts/olympus/gitea/configuration.nix index 8b8823c7..45b52de8 100644 --- a/nixos/hosts/olympus/gitea/configuration.nix +++ b/nixos/hosts/olympus/gitea/configuration.nix @@ -52,6 +52,7 @@ in { mailerPasswordFile = "${vs.gitea}/mailPassword"; settings = { + default.WORK_PATH = "/var/lib/gitea"; actions = { "ENABLED" = true; }; repository = { "ENABLE_PUSH_CREATE_USER" = true; @@ -64,7 +65,6 @@ in { indexer = { "REPO_INDEXER_ENABLED" = true; "REPO_INDEXER_PATH" = "indexers/repos.bleve"; - "UPDATE_BUFFER_LEN" = 20; "MAX_FILE_SIZE" = 1048576; "REPO_INDEXER_EXCLUDE" = "node_modules/**"; }; @@ -86,10 +86,10 @@ in { }; mailer = { "ENABLED" = true; - "IS_TLS_ENABLED" = true; - "HOST" = "mail.0x76.dev:465"; + # "IS_TLS_ENABLED" = true; + # "HOST" = "mail.0x76.dev:465"; "FROM" = "gitea@0x76.dev"; - "MAILER_TYPE" = "smtp"; + # "MAILER_TYPE" = "smtp"; "USER" = "gitea@0x76.dev"; # Below is prep for 1.18 -- 2.47.1 From a9ebb8425c261c4b0e09d1af3352bbe08aee9d5d Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 28 Jul 2023 11:10:21 +0200 Subject: [PATCH 1753/1882] updates --- flake.lock | 18 +++++++++--------- nixos/common/desktop/home.nix | 1 + 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index d7914168..4fefbf74 100644 --- a/flake.lock +++ b/flake.lock @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1690303752, - "narHash": "sha256-2YiwFHQERGoaORNORmsdmVlPD8CVVwlwbV2+f77sFhg=", + "lastModified": 1690476848, + "narHash": "sha256-PSmzyuEbMxEn2uwwLYUN2l1psoJXb7jm/kfHD12Sq0k=", "owner": "nix-community", "repo": "home-manager", - "rev": "ba2c0737cc848db03470828fdb5e86df75ed42a8", + "rev": "8d243f7da13d6ee32f722a3f1afeced150b6d4da", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1690451546, - "narHash": "sha256-e54BqPfN3ejWfq9r759E2UvaP6JMEgBK4fXANtULJ/g=", + "lastModified": 1690535283, + "narHash": "sha256-yPBuu+ZpGH2lo2F2G5XUTSC3oeK5kIEOwKXF9W6RdPI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d205f49d6a6fb666292f5c5b256461ddb9d7e4b2", + "rev": "4d3e4f26e9675f9ba09890088165ee866f40e4a8", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1690442491, - "narHash": "sha256-P7X5kQYcX0keEBbJgcdtIIb7l68CXXlvjIpgUGlEDZ4=", + "lastModified": 1690531329, + "narHash": "sha256-8/w+RXO6YlGZWRWCT9XjbFJH8IoHIsYB4XzQs63IwFY=", "owner": "nix-community", "repo": "NUR", - "rev": "2168d5fff432bb7ee332984712ee32e66ecce651", + "rev": "4b571e4114deb396b4e72c33ab816ef724993f6f", "type": "github" }, "original": { diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index a11f53cf..3b22d7b1 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -11,6 +11,7 @@ in { btop calibre celluloid + cinny-desktop element-desktop fusee-launcher gcc -- 2.47.1 From bf55b9b2b43e8852c3dc8d1daa2fdd8f4c006905 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 28 Jul 2023 14:00:24 +0000 Subject: [PATCH 1754/1882] chore(deps): update ghcr.io/sct/overseerr docker tag to v1.33.2 --- nixos/hosts/hades/overseerr/overseerr.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/overseerr/overseerr.nix b/nixos/hosts/hades/overseerr/overseerr.nix index 2d77bfcc..eee8ac42 100644 --- a/nixos/hosts/hades/overseerr/overseerr.nix +++ b/nixos/hosts/hades/overseerr/overseerr.nix @@ -2,7 +2,7 @@ _: { networking.firewall.allowedTCPPorts = [ 5055 ]; # TODO: Write NixOS package https://github.com/NixOS/nixpkgs/issues/135885 virtualisation.oci-containers.containers.overseerr = { - image = "ghcr.io/sct/overseerr:1.33.1"; + image = "ghcr.io/sct/overseerr:1.33.2"; environment = { TZ = "Europe/Amsterdam"; }; ports = [ "5055:5055" ]; volumes = [ "/var/lib/overseerr/config:/app/config" ]; -- 2.47.1 From 3bb856d05a1e418449cf13d3005edd9e73539260 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 29 Jul 2023 14:00:25 +0000 Subject: [PATCH 1755/1882] chore(deps): update renovate/renovate docker tag to v36.25.5 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index de9ea989..0227f522 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.14.0 + image: renovate/renovate:36.25.5 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 921289d1c959160dbe67ffded769d1e4b064bcaf Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 31 Jul 2023 22:50:17 +0200 Subject: [PATCH 1756/1882] updates --- flake.lock | 30 ++++++++++---------- nixos/common/desktop/default.nix | 2 +- nixos/hosts/hades/rtorrent/configuration.nix | 12 ++------ 3 files changed, 19 insertions(+), 25 deletions(-) diff --git a/flake.lock b/flake.lock index 4fefbf74..578423ab 100644 --- a/flake.lock +++ b/flake.lock @@ -131,11 +131,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1690218746, - "narHash": "sha256-ms99rTSdFa24vrZLF7jUunmDA+0m/vMlPwUJ8XMu8v4=", + "lastModified": 1690833717, + "narHash": "sha256-67x6G8cl0lGhI4+EUSRNG/N1VAvqDDWdp4pUVfWwPLc=", "owner": "nix-community", "repo": "comma", - "rev": "3b35742f0365f72fa9f5aa739d9f63c1ff9ba133", + "rev": "da2e97c626109f37c6931222c0f7dd5444f4dc06", "type": "github" }, "original": { @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1690476848, - "narHash": "sha256-PSmzyuEbMxEn2uwwLYUN2l1psoJXb7jm/kfHD12Sq0k=", + "lastModified": 1690790567, + "narHash": "sha256-fymHCZFy+qjrNh+EZDHYEEtbZw1TvjtxtCBPBSWU7CM=", "owner": "nix-community", "repo": "home-manager", - "rev": "8d243f7da13d6ee32f722a3f1afeced150b6d4da", + "rev": "729ab77f9e998e0989fa30140ecc91e738bc0cb1", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1690535283, - "narHash": "sha256-yPBuu+ZpGH2lo2F2G5XUTSC3oeK5kIEOwKXF9W6RdPI=", + "lastModified": 1690835211, + "narHash": "sha256-YQICU57fgQqgvA3oKFSAvwK2CPqjmUVOoqmH4KvKJvA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4d3e4f26e9675f9ba09890088165ee866f40e4a8", + "rev": "5988b8b1075096753e5cce6b73b3090d988783bd", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1690370995, - "narHash": "sha256-9z//23jGegLJrf3ITStLwVf715O39dq5u48Kr/XW14U=", + "lastModified": 1690630041, + "narHash": "sha256-gbnvqm5goS9DSKAqGFpq3398aOpwejmq4qWikqmQyRo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f3fbbc36b4e179a5985b9ab12624e9dfe7989341", + "rev": "d57e8c535d4cbb07f441c30988ce52eec69db7a8", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1690531329, - "narHash": "sha256-8/w+RXO6YlGZWRWCT9XjbFJH8IoHIsYB4XzQs63IwFY=", + "lastModified": 1690832783, + "narHash": "sha256-CkT0zgnbaB8MrVka5lN93gcgK7RSJXxImebZA7Ezvl0=", "owner": "nix-community", "repo": "NUR", - "rev": "4b571e4114deb396b4e72c33ab816ef724993f6f", + "rev": "620e8c7b96e2e050645d4d31fd2585800f18e26a", "type": "github" }, "original": { diff --git a/nixos/common/desktop/default.nix b/nixos/common/desktop/default.nix index 73d5bd31..f00c3c67 100644 --- a/nixos/common/desktop/default.nix +++ b/nixos/common/desktop/default.nix @@ -75,7 +75,7 @@ }; }; - fonts.fonts = with pkgs; [ + fonts.packages = with pkgs; [ material-design-icons noto-fonts noto-fonts-cjk diff --git a/nixos/hosts/hades/rtorrent/configuration.nix b/nixos/hosts/hades/rtorrent/configuration.nix index 30cb7afd..865654d4 100644 --- a/nixos/hosts/hades/rtorrent/configuration.nix +++ b/nixos/hosts/hades/rtorrent/configuration.nix @@ -36,17 +36,11 @@ in { peers = [ { - publicKey = "33BoONMGCm2vknq2eq72eozRsHmHQY6ZHEEZ4851TkY="; + publicKey = "HQHCrq4J6bSpdW1fI5hR/bvcrYa6HgGgwaa5ZY749ik="; allowedIPs = [ "0.0.0.0/0" "::/0"]; - endpoint = "193.32.249.70:51820"; - persistentKeepalive = 25; + endpoint = "185.213.155.73:51820"; + # persistentKeepalive = 25; } - # { - # publicKey = "DVui+5aifNFRIVDjH3v2y+dQ+uwI+HFZOd21ajbEpBo="; - # allowedIPs = [ "0.0.0.0/0" "::/0" ]; - # endpoint = "185.65.134.82:51820"; - # persistentKeepalive = 25; - # } ]; }; }; -- 2.47.1 From b50df437006117a5b5f791e74e321d7e1a94c76d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 31 Jul 2023 22:00:36 +0000 Subject: [PATCH 1757/1882] chore(deps): update renovate/renovate docker tag to v36.26.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 0227f522..f8ac9b39 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.25.5 + image: renovate/renovate:36.26.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From a49303fd116bf38f1e9dbbc4b839ea33fd38444a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 1 Aug 2023 14:00:28 +0000 Subject: [PATCH 1758/1882] chore(deps): update renovate/renovate docker tag to v36.27.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index f8ac9b39..043ae69f 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.26.1 + image: renovate/renovate:36.27.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From f153adfab2496a213bad02e5c26b7b851ab945d4 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 2 Aug 2023 14:02:28 +0200 Subject: [PATCH 1759/1882] updates --- flake.lock | 30 ++++++++++----------- nixos/hosts/olympus/eevee/configuration.nix | 14 ++++++++++ 2 files changed, 29 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 4fefbf74..07bbcf4e 100644 --- a/flake.lock +++ b/flake.lock @@ -131,11 +131,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1690218746, - "narHash": "sha256-ms99rTSdFa24vrZLF7jUunmDA+0m/vMlPwUJ8XMu8v4=", + "lastModified": 1690833717, + "narHash": "sha256-67x6G8cl0lGhI4+EUSRNG/N1VAvqDDWdp4pUVfWwPLc=", "owner": "nix-community", "repo": "comma", - "rev": "3b35742f0365f72fa9f5aa739d9f63c1ff9ba133", + "rev": "da2e97c626109f37c6931222c0f7dd5444f4dc06", "type": "github" }, "original": { @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1690476848, - "narHash": "sha256-PSmzyuEbMxEn2uwwLYUN2l1psoJXb7jm/kfHD12Sq0k=", + "lastModified": 1690970947, + "narHash": "sha256-7vOE9NFsNhe3+cpgGZ9ZLuSIzE+b8oNutezmr8tI60w=", "owner": "nix-community", "repo": "home-manager", - "rev": "8d243f7da13d6ee32f722a3f1afeced150b6d4da", + "rev": "484a1c94424d296b15af3e6858f08b576b842ec2", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1690535283, - "narHash": "sha256-yPBuu+ZpGH2lo2F2G5XUTSC3oeK5kIEOwKXF9W6RdPI=", + "lastModified": 1690971753, + "narHash": "sha256-xrFa1LINjaIcI+N7bhSbyOygjHFGsyUQhFYihyXnafI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4d3e4f26e9675f9ba09890088165ee866f40e4a8", + "rev": "54a572ac075b0f3e50588a2b799e58f0aa2ecd01", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1690370995, - "narHash": "sha256-9z//23jGegLJrf3ITStLwVf715O39dq5u48Kr/XW14U=", + "lastModified": 1690835256, + "narHash": "sha256-SZy/Nvwbf6CorhEsvmjqgjoYNLnRfaKVZMfSnpUDPnc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f3fbbc36b4e179a5985b9ab12624e9dfe7989341", + "rev": "b7cde1c47b7316f6138a2b36ef6627f3d16d645c", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1690531329, - "narHash": "sha256-8/w+RXO6YlGZWRWCT9XjbFJH8IoHIsYB4XzQs63IwFY=", + "lastModified": 1690969459, + "narHash": "sha256-yjMf4/XkZ33jUIhKmOBqQnXeULnZlpOJucflKr9UEbg=", "owner": "nix-community", "repo": "NUR", - "rev": "4b571e4114deb396b4e72c33ab816ef724993f6f", + "rev": "bd6c774ef64e21d5aa3a4fa05fdd6ba0b502a801", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/eevee/configuration.nix b/nixos/hosts/olympus/eevee/configuration.nix index 26a0bfd3..63ff8394 100644 --- a/nixos/hosts/olympus/eevee/configuration.nix +++ b/nixos/hosts/olympus/eevee/configuration.nix @@ -40,6 +40,20 @@ environment.sessionVariables.NIXOS_OZONE_WL = "1"; + + services.kubo = { + enable = true; + # enableGC = true; + autoMount = true; + settings = { + Addresses.API = "/ip4/127.0.0.1/tcp/2324"; + Experimental = { + AcceleratedDHTClient = true; + FilestoreEnabled = true; + }; + }; + }; + home-manager = { users.victor = import ./home; }; -- 2.47.1 From 8f6ee24c40aa7c43fcc03eef656504178492ff27 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 2 Aug 2023 22:00:27 +0000 Subject: [PATCH 1760/1882] chore(deps): update renovate/renovate docker tag to v36.27.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 043ae69f..02175ad7 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.27.1 + image: renovate/renovate:36.27.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 52d72c648da56fee29937d1d50153cabab2e899c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 3 Aug 2023 22:00:33 +0000 Subject: [PATCH 1761/1882] chore(deps): update renovate/renovate docker tag to v36.31.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 02175ad7..3548b8b1 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.27.2 + image: renovate/renovate:36.31.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 1fa5a150c02faa3d0336be752f32180181bfbd6b Mon Sep 17 00:00:00 2001 From: Forgejo Actions Bot <> Date: Fri, 4 Aug 2023 08:00:46 +0200 Subject: [PATCH 1762/1882] Update Plex --- nixos/pkgs/plex-pass/sources.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/nixos/pkgs/plex-pass/sources.json b/nixos/pkgs/plex-pass/sources.json index 2e61c414..f8fe4d0a 100644 --- a/nixos/pkgs/plex-pass/sources.json +++ b/nixos/pkgs/plex-pass/sources.json @@ -1,14 +1,14 @@ [ { - "version": "1.32.5.7349", + "version": "1.32.6.7371", "platform": "aarch64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.5.7349-8f4248874/debian/plexmediaserver_1.32.5.7349-8f4248874_arm64.deb", - "hash": "18j98za5498v02asyyz2sakbl4inyxd6jsa4bjz8zm2jb1knk236" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.6.7371-b6a09ad81/debian/plexmediaserver_1.32.6.7371-b6a09ad81_arm64.deb", + "hash": "0if5bwa824ijqss5h2airn36dhwn4krfg90jsw8sj7afw1llngf1" }, { - "version": "1.32.5.7349", + "version": "1.32.6.7371", "platform": "x86_64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.5.7349-8f4248874/debian/plexmediaserver_1.32.5.7349-8f4248874_amd64.deb", - "hash": "0gm9i752fbplw1l0xlrhzpif5fjiwx471hv55bwbs3ywz3hp0jnb" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.6.7371-b6a09ad81/debian/plexmediaserver_1.32.6.7371-b6a09ad81_amd64.deb", + "hash": "0dr0n7imf9vhvbq7398mjaf53qj1lw5lwjjia0aglg4idmhvgw7h" } ] -- 2.47.1 From 9f8b04917b4985b900356d2c29ebb3704cfa2705 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 5 Aug 2023 06:00:32 +0000 Subject: [PATCH 1763/1882] chore(deps): update renovate/renovate docker tag to v36.33.5 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 3548b8b1..09f91d74 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.31.0 + image: renovate/renovate:36.33.5 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 0e75f0c3d36d101d088e35130eee47ff75497df8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 6 Aug 2023 22:00:33 +0000 Subject: [PATCH 1764/1882] chore(deps): update renovate/renovate docker tag to v36.34.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 09f91d74..c32e7231 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.33.5 + image: renovate/renovate:36.34.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 6480cc6a03840901494747b63df420bd81321995 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 7 Aug 2023 10:07:59 +0200 Subject: [PATCH 1765/1882] gamemode enabled --- flake.lock | 24 ++++++++++++------------ nixos/common/default.nix | 2 +- nixos/common/desktop/default.nix | 9 ++++++--- 3 files changed, 19 insertions(+), 16 deletions(-) diff --git a/flake.lock b/flake.lock index 07bbcf4e..e2fdaa13 100644 --- a/flake.lock +++ b/flake.lock @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1690970947, - "narHash": "sha256-7vOE9NFsNhe3+cpgGZ9ZLuSIzE+b8oNutezmr8tI60w=", + "lastModified": 1691312444, + "narHash": "sha256-J9e9dGwAPTX+UlAn8jehoyaEq6fwK+L+gunfx0cYT4E=", "owner": "nix-community", "repo": "home-manager", - "rev": "484a1c94424d296b15af3e6858f08b576b842ec2", + "rev": "903e06d734bcae48efb79b9afd51b406d2744179", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1690971753, - "narHash": "sha256-xrFa1LINjaIcI+N7bhSbyOygjHFGsyUQhFYihyXnafI=", + "lastModified": 1691326156, + "narHash": "sha256-dHU6PNk+KzXb2DKld/ooTWPBMYzY4lz+ftKxBc1k4PQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "54a572ac075b0f3e50588a2b799e58f0aa2ecd01", + "rev": "8f5f44b9055be7ef3363899d9773306f124a070a", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1690835256, - "narHash": "sha256-SZy/Nvwbf6CorhEsvmjqgjoYNLnRfaKVZMfSnpUDPnc=", + "lastModified": 1691252436, + "narHash": "sha256-SKKPKYOnFcwqECehxoFBMLv29CZXC5qCDuETSuXd82g=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b7cde1c47b7316f6138a2b36ef6627f3d16d645c", + "rev": "9607b9149c9d81fdf3dc4f3bcc278da146ffbd77", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1690969459, - "narHash": "sha256-yjMf4/XkZ33jUIhKmOBqQnXeULnZlpOJucflKr9UEbg=", + "lastModified": 1691318782, + "narHash": "sha256-UP1w2BAIBthDhCLpxrteyFZYk6SL8VdpjwwNHsfntaM=", "owner": "nix-community", "repo": "NUR", - "rev": "bd6c774ef64e21d5aa3a4fa05fdd6ba0b502a801", + "rev": "9ce7b351a3fb6ffd2ab2270d68545ac37781af5e", "type": "github" }, "original": { diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 867f1499..f6ebf449 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -77,7 +77,7 @@ nixpkgs.config.allowUnfree = true; nixpkgs.config.permittedInsecurePackages = - [ "nodejs-16.20.1" "nodejs-14.21.3" "openssl-1.1.1t" "nodejs-16.20.0" "openssl-1.1.1u" ]; + [ "nodejs-16.20.1" "nodejs-14.21.3" "openssl-1.1.1t" "nodejs-16.20.0" "openssl-1.1.1u" "openssl-1.1.1v" ]; # Limit the systemd journal to 100 MB of disk or the # last 7 days of logs, whichever happens first. diff --git a/nixos/common/desktop/default.nix b/nixos/common/desktop/default.nix index f00c3c67..f4e4c905 100644 --- a/nixos/common/desktop/default.nix +++ b/nixos/common/desktop/default.nix @@ -46,9 +46,7 @@ services.printing.enable = true; # Global Packages - environment = { - systemPackages = with pkgs; [ wireguard-tools sbctl ]; - }; + environment = { systemPackages = with pkgs; [ wireguard-tools sbctl ]; }; # Enable sound with pipewire. sound.enable = true; @@ -91,8 +89,13 @@ enable = true; # Open ports in the firewall for Steam Remote Play remotePlay.openFirewall = true; + package = pkgs.steam.override { + extraPkgs = pkgs: with pkgs; [ gamescope mangohud ]; + }; }; + programs.gamemode.enable = true; + programs.adb.enable = true; # Networking networking.networkmanager.enable = true; -- 2.47.1 From 7c407fe0c48f8d69bb32289c873b9147c78f6b75 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 7 Aug 2023 14:00:30 +0000 Subject: [PATCH 1766/1882] chore(deps): update renovate/renovate docker tag to v36.35.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index c32e7231..1e4c640d 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.34.0 + image: renovate/renovate:36.35.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 13d20e27a6c641be306752e4d0db29fc3dd1640e Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 8 Aug 2023 09:35:58 +0200 Subject: [PATCH 1767/1882] updates --- flake.lock | 24 ++++++++++----------- nixos/common/default.nix | 2 +- nixos/hosts/olympus/eevee/configuration.nix | 4 ++-- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 07bbcf4e..bb653698 100644 --- a/flake.lock +++ b/flake.lock @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1690970947, - "narHash": "sha256-7vOE9NFsNhe3+cpgGZ9ZLuSIzE+b8oNutezmr8tI60w=", + "lastModified": 1691225770, + "narHash": "sha256-O5slH8nW8msTAqVAS5rkvdHSkjmrO+JauuSDzZCmv2M=", "owner": "nix-community", "repo": "home-manager", - "rev": "484a1c94424d296b15af3e6858f08b576b842ec2", + "rev": "0a014a729cdd54d9919ff36b714d047909d7a4c8", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1690971753, - "narHash": "sha256-xrFa1LINjaIcI+N7bhSbyOygjHFGsyUQhFYihyXnafI=", + "lastModified": 1691237572, + "narHash": "sha256-aOYQEPbPEj39TauLhvPoj2gklOPfUo/hDXBhB03xccI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "54a572ac075b0f3e50588a2b799e58f0aa2ecd01", + "rev": "404abaa27acc261d654bd8ec384641200feb8e2a", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1690835256, - "narHash": "sha256-SZy/Nvwbf6CorhEsvmjqgjoYNLnRfaKVZMfSnpUDPnc=", + "lastModified": 1691155011, + "narHash": "sha256-O15tC0ysw+fcacEbOzrDrkVNIR+SgtArSGvpgsEqpvA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b7cde1c47b7316f6138a2b36ef6627f3d16d645c", + "rev": "9652a97d9738d3e65cf33c0bc24429e495a7868f", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1690969459, - "narHash": "sha256-yjMf4/XkZ33jUIhKmOBqQnXeULnZlpOJucflKr9UEbg=", + "lastModified": 1691228774, + "narHash": "sha256-QDue4f9gTqrvIBYZ+cDZpLpQSOogyq+9fD6fGxNQ2ak=", "owner": "nix-community", "repo": "NUR", - "rev": "bd6c774ef64e21d5aa3a4fa05fdd6ba0b502a801", + "rev": "57a4d34b44b8bf536a6e8f4b575ac0691df71653", "type": "github" }, "original": { diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 867f1499..22c56cf4 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -77,7 +77,7 @@ nixpkgs.config.allowUnfree = true; nixpkgs.config.permittedInsecurePackages = - [ "nodejs-16.20.1" "nodejs-14.21.3" "openssl-1.1.1t" "nodejs-16.20.0" "openssl-1.1.1u" ]; + [ "nodejs-16.20.1" "nodejs-14.21.3" "openssl-1.1.1t" "nodejs-16.20.0" "openssl-1.1.1u" "openssl-1.1.1v"]; # Limit the systemd journal to 100 MB of disk or the # last 7 days of logs, whichever happens first. diff --git a/nixos/hosts/olympus/eevee/configuration.nix b/nixos/hosts/olympus/eevee/configuration.nix index 63ff8394..e9e27fb8 100644 --- a/nixos/hosts/olympus/eevee/configuration.nix +++ b/nixos/hosts/olympus/eevee/configuration.nix @@ -43,8 +43,8 @@ services.kubo = { enable = true; - # enableGC = true; - autoMount = true; + enableGC = true; + # autoMount = true; settings = { Addresses.API = "/ip4/127.0.0.1/tcp/2324"; Experimental = { -- 2.47.1 From 3468d426ed97645a256f80f2811247194cd8a960 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 11 Aug 2023 14:23:36 +0200 Subject: [PATCH 1768/1882] flake update --- flake.lock | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/flake.lock b/flake.lock index bb653698..d16380c8 100644 --- a/flake.lock +++ b/flake.lock @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1691225770, - "narHash": "sha256-O5slH8nW8msTAqVAS5rkvdHSkjmrO+JauuSDzZCmv2M=", + "lastModified": 1691672736, + "narHash": "sha256-HNPA/dKHerA0p4OsToEcW/DtTSXBcK5gFRsy/yPgV/Y=", "owner": "nix-community", "repo": "home-manager", - "rev": "0a014a729cdd54d9919ff36b714d047909d7a4c8", + "rev": "6e1eff9aac0e8d84bda7f2d60ba6108eea9b7e79", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1691237572, - "narHash": "sha256-aOYQEPbPEj39TauLhvPoj2gklOPfUo/hDXBhB03xccI=", + "lastModified": 1691750980, + "narHash": "sha256-SR9nUL3cVNkAu6/S7bu917wajpw3RjVGBuzlUIOBOms=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "404abaa27acc261d654bd8ec384641200feb8e2a", + "rev": "25159f4f39cb3c84945312ef16d4886db8b76ab3", "type": "github" }, "original": { @@ -1081,11 +1081,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1690031011, - "narHash": "sha256-kzK0P4Smt7CL53YCdZCBbt9uBFFhE0iNvCki20etAf4=", + "lastModified": 1691186842, + "narHash": "sha256-wxBVCvZUwq+XS4N4t9NqsHV4E64cPVqQ2fdDISpjcw0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "12303c652b881435065a98729eb7278313041e49", + "rev": "18036c0be90f4e308ae3ebcab0e14aae0336fe42", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1691155011, - "narHash": "sha256-O15tC0ysw+fcacEbOzrDrkVNIR+SgtArSGvpgsEqpvA=", + "lastModified": 1691592289, + "narHash": "sha256-Lqpw7lrXlLkYra33tp57ms8tZ0StWhbcl80vk4D90F8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9652a97d9738d3e65cf33c0bc24429e495a7868f", + "rev": "9034b46dc4c7596a87ab837bb8a07ef2d887e8c7", "type": "github" }, "original": { @@ -1180,11 +1180,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1690107839, - "narHash": "sha256-ll3j+g3qz239sfLHYhHynKRWhMkxFXsJ9MOAXzSqQMc=", + "lastModified": 1691674049, + "narHash": "sha256-M9SA4MZ3IuFCP4XI2IGAepvEYp3stmTwltUcnGu3Ml8=", "owner": "pta2002", "repo": "nixvim", - "rev": "4c25722d73694245e767839b462026ab2296542b", + "rev": "36a6ab4ba7403dca50b2ca2de5fd5fd57fb19335", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1691228774, - "narHash": "sha256-QDue4f9gTqrvIBYZ+cDZpLpQSOogyq+9fD6fGxNQ2ak=", + "lastModified": 1691743508, + "narHash": "sha256-jMaMPFI/Lr4LZGFWP2ymS+0qDryrv8hzGu1/zzezTNk=", "owner": "nix-community", "repo": "NUR", - "rev": "57a4d34b44b8bf536a6e8f4b575ac0691df71653", + "rev": "3873accac1f8765f2a50148db4237edbf728de66", "type": "github" }, "original": { @@ -1264,11 +1264,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1689668210, - "narHash": "sha256-XAATwDkaUxH958yXLs1lcEOmU6pSEIkatY3qjqk8X0E=", + "lastModified": 1691256628, + "narHash": "sha256-M0YXHemR3zbyhM7PvJa5lzGhWVf6kM/fpZ4cWe/VIhI=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "eb433bff05b285258be76513add6f6c57b441775", + "rev": "3139c4d1f7732cab89f06492bdd4677b877e3785", "type": "github" }, "original": { -- 2.47.1 From bc661e419a2c594be808b439fc8a462c31db1dcf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 11 Aug 2023 14:00:29 +0000 Subject: [PATCH 1769/1882] chore(deps): update renovate/renovate docker tag to v36.42.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 1e4c640d..29b82311 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.35.0 + image: renovate/renovate:36.42.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 2991ea7fc69e5e53636657eea6e8c83d0304d61b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 12 Aug 2023 06:00:27 +0000 Subject: [PATCH 1770/1882] chore(deps): update renovate/renovate docker tag to v36.42.3 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 29b82311..31d852fd 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.42.1 + image: renovate/renovate:36.42.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 87b1f93ae2d5b428f7962f79349154455a49a95d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 13 Aug 2023 06:00:27 +0000 Subject: [PATCH 1771/1882] chore(deps): update renovate/renovate docker tag to v36.42.4 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 31d852fd..740aa9f7 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.42.3 + image: renovate/renovate:36.42.4 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From b63240912432d24c295ea8ba0b4851a712481390 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 13 Aug 2023 16:48:21 +0200 Subject: [PATCH 1772/1882] flake lock --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index d16380c8..6c5f836d 100644 --- a/flake.lock +++ b/flake.lock @@ -689,11 +689,11 @@ "pre-commit-hooks-nix": "pre-commit-hooks-nix" }, "locked": { - "lastModified": 1689889377, - "narHash": "sha256-ChBawisTCY3Cl06CSG+QNC2ES+G0ASiOxtOVif9uP/0=", + "lastModified": 1691761621, + "narHash": "sha256-xTPifd7/93/bmBEPMhb0zuU9nzRkUIZHr+PJUHoUld8=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "e7246c6bce1733d373059e6342f67fd53f90c198", + "rev": "f13848606f5a313c33b9c9ceb34e0ae4d51b6766", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1691750980, - "narHash": "sha256-SR9nUL3cVNkAu6/S7bu917wajpw3RjVGBuzlUIOBOms=", + "lastModified": 1691847570, + "narHash": "sha256-wwsajBZfNz5JhzLCD5vDXEpXNs0dUyTcwamMF7S3ww4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "25159f4f39cb3c84945312ef16d4886db8b76ab3", + "rev": "1d9c70ea2d9daf99e85b64fc79f375bbb3837c24", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1691592289, - "narHash": "sha256-Lqpw7lrXlLkYra33tp57ms8tZ0StWhbcl80vk4D90F8=", + "lastModified": 1691693223, + "narHash": "sha256-9t8ZY1XNAsWqxAJmXgg+GXqF5chORMVnBT6PSHaRV3I=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9034b46dc4c7596a87ab837bb8a07ef2d887e8c7", + "rev": "18784aac1013da9b442adf29b6c7c228518b5d3f", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1691743508, - "narHash": "sha256-jMaMPFI/Lr4LZGFWP2ymS+0qDryrv8hzGu1/zzezTNk=", + "lastModified": 1691846501, + "narHash": "sha256-rahFv7X7C2uA0yU91EJdB5rxV9+ZX/RKUJEnfA1HXnY=", "owner": "nix-community", "repo": "NUR", - "rev": "3873accac1f8765f2a50148db4237edbf728de66", + "rev": "892ced401e457c150de968ff77e970f0b3f97487", "type": "github" }, "original": { -- 2.47.1 From 3e8e7ed0d4cc769256e71e212e771910506573ce Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 15 Aug 2023 22:00:30 +0000 Subject: [PATCH 1773/1882] chore(deps): update renovate/renovate docker tag to v36.46.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 740aa9f7..d069d0d4 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.42.4 + image: renovate/renovate:36.46.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From b1262bbf03cb859d7095a319e6cd6536062f053b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 16 Aug 2023 14:00:30 +0000 Subject: [PATCH 1774/1882] chore(deps): update renovate/renovate docker tag to v36.49.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index d069d0d4..9dbdf7c6 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.46.0 + image: renovate/renovate:36.49.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 7ab1546b72277c5a61e31e15117eacb9f3a10985 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 3 Aug 2023 14:00:24 +0000 Subject: [PATCH 1775/1882] chore(deps): update flaresolverr/flaresolverr docker tag to v3.3.2 --- nixos/hosts/hades/overseerr/prowlarr.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/overseerr/prowlarr.nix b/nixos/hosts/hades/overseerr/prowlarr.nix index 43e31d5b..7840fe81 100644 --- a/nixos/hosts/hades/overseerr/prowlarr.nix +++ b/nixos/hosts/hades/overseerr/prowlarr.nix @@ -5,7 +5,7 @@ _: { }; virtualisation.oci-containers.containers.flaresolverr = { - image = "flaresolverr/flaresolverr:v3.2.2"; + image = "flaresolverr/flaresolverr:v3.3.2"; ports = [ "8191:8191" ]; }; } -- 2.47.1 From 1e4efa218bbc230bc50e28658c94cc16c61b7f80 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 15 Aug 2023 14:00:25 +0000 Subject: [PATCH 1776/1882] chore(deps): update helm release external-secrets to v0.9.3 --- flux/olympus/core/external-secrets/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/core/external-secrets/helm-release.yaml b/flux/olympus/core/external-secrets/helm-release.yaml index 7affcfd4..370d21a9 100644 --- a/flux/olympus/core/external-secrets/helm-release.yaml +++ b/flux/olympus/core/external-secrets/helm-release.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: external-secrets - version: 0.9.1 + version: 0.9.3 interval: 30m sourceRef: kind: HelmRepository -- 2.47.1 From 266faf9a47ee369aaf0dd4c294b23aeca918c199 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 17 Aug 2023 14:39:08 +0200 Subject: [PATCH 1777/1882] updates --- flake.lock | 54 ++++++++++----------- nixos/hosts/olympus/eevee/configuration.nix | 4 +- 2 files changed, 30 insertions(+), 28 deletions(-) diff --git a/flake.lock b/flake.lock index 6c5f836d..f97e1ee5 100644 --- a/flake.lock +++ b/flake.lock @@ -50,11 +50,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1689457600, - "narHash": "sha256-1XLn2ZZMaqQx+Ys3eel5hQRkgUn3DeHcVb2JT8WYU0A=", + "lastModified": 1692225040, + "narHash": "sha256-jbQNvkgWGioiC6S39dZVyn6us8p/DlEvm5hQKEYkzDU=", "owner": "zhaofengli", "repo": "attic", - "rev": "4902d57f5dae8ec660ee9ee14c45c2192f9fe8b1", + "rev": "b43d12082e34bceb26038bdad0438fd68804cfcd", "type": "github" }, "original": { @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1691672736, - "narHash": "sha256-HNPA/dKHerA0p4OsToEcW/DtTSXBcK5gFRsy/yPgV/Y=", + "lastModified": 1692260837, + "narHash": "sha256-2FpkX1zl+7ni7djK7NeE1ZGupRUwZgjW+RPCSBgDf4k=", "owner": "nix-community", "repo": "home-manager", - "rev": "6e1eff9aac0e8d84bda7f2d60ba6108eea9b7e79", + "rev": "6a94c1a59737783c282c4031555a289c28b961e4", "type": "github" }, "original": { @@ -890,11 +890,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1686519857, - "narHash": "sha256-VkBhuq67aXXiCoEmicziuDLUPPjeOTLQoj6OeVai5zM=", + "lastModified": 1691853136, + "narHash": "sha256-wTzDsRV4HN8A2Sl0SVQY0q8ILs90CD43Ha//7gNZE+E=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6b1b72c0f887a478a5aac355674ff6df0fc44f44", + "rev": "f0451844bbdf545f696f029d1448de4906c7f753", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1691847570, - "narHash": "sha256-wwsajBZfNz5JhzLCD5vDXEpXNs0dUyTcwamMF7S3ww4=", + "lastModified": 1692261193, + "narHash": "sha256-niCyh3bxsfMh0be3iYbVYY32UntLc2jk3hERRy8eg/I=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1d9c70ea2d9daf99e85b64fc79f375bbb3837c24", + "rev": "3e3d385b299b284ba511eb1862395b4d40cd924e", "type": "github" }, "original": { @@ -1081,11 +1081,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1691186842, - "narHash": "sha256-wxBVCvZUwq+XS4N4t9NqsHV4E64cPVqQ2fdDISpjcw0=", + "lastModified": 1691990649, + "narHash": "sha256-gMbKOiX1HwClRP9lADaaV/lnZr93NEaOFe4ApDx/zd8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "18036c0be90f4e308ae3ebcab0e14aae0336fe42", + "rev": "6e287913f7b1ef537c97aa301b67c34ea46b640f", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1691693223, - "narHash": "sha256-9t8ZY1XNAsWqxAJmXgg+GXqF5chORMVnBT6PSHaRV3I=", + "lastModified": 1692134936, + "narHash": "sha256-Z68O969cioC6I3k/AFBxsuEwpJwt4l9fzwuAMUhCCs0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "18784aac1013da9b442adf29b6c7c228518b5d3f", + "rev": "bfd953b2c6de4f550f75461bcc5768b6f966be10", "type": "github" }, "original": { @@ -1180,11 +1180,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1691674049, - "narHash": "sha256-M9SA4MZ3IuFCP4XI2IGAepvEYp3stmTwltUcnGu3Ml8=", + "lastModified": 1692189925, + "narHash": "sha256-Yt6jKh8YIu4WLnKDfdo9yNU+vS2NPGeAWk+7VfLUsxk=", "owner": "pta2002", "repo": "nixvim", - "rev": "36a6ab4ba7403dca50b2ca2de5fd5fd57fb19335", + "rev": "9f8ce75653d0c0a6d0175166e6dd0286a58fe5ef", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1691846501, - "narHash": "sha256-rahFv7X7C2uA0yU91EJdB5rxV9+ZX/RKUJEnfA1HXnY=", + "lastModified": 1692258137, + "narHash": "sha256-EaYwGYxh9/86Pm6xd2wxMbVCTO0cyY3uTm1/JwElKn8=", "owner": "nix-community", "repo": "NUR", - "rev": "892ced401e457c150de968ff77e970f0b3f97487", + "rev": "3af804ae643adc5723ef7d3097dce8eab25c2803", "type": "github" }, "original": { @@ -1264,11 +1264,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1691256628, - "narHash": "sha256-M0YXHemR3zbyhM7PvJa5lzGhWVf6kM/fpZ4cWe/VIhI=", + "lastModified": 1691747570, + "narHash": "sha256-J3fnIwJtHVQ0tK2JMBv4oAmII+1mCdXdpeCxtIsrL2A=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "3139c4d1f7732cab89f06492bdd4677b877e3785", + "rev": "c5ac3aa3324bd8aebe8622a3fc92eeb3975d317a", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/eevee/configuration.nix b/nixos/hosts/olympus/eevee/configuration.nix index e9e27fb8..3860b43e 100644 --- a/nixos/hosts/olympus/eevee/configuration.nix +++ b/nixos/hosts/olympus/eevee/configuration.nix @@ -47,8 +47,10 @@ # autoMount = true; settings = { Addresses.API = "/ip4/127.0.0.1/tcp/2324"; - Experimental = { + Routing = { AcceleratedDHTClient = true; + }; + Experimental = { FilestoreEnabled = true; }; }; -- 2.47.1 From 66e5d6f25d643400df6aa3a1e98f653fde6da4ed Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 18 Aug 2023 22:00:26 +0000 Subject: [PATCH 1778/1882] chore(deps): update renovate/renovate docker tag to v36.52.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 9dbdf7c6..9aa3ae93 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.49.0 + image: renovate/renovate:36.52.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 7f8c783bd29a99cca43332874c42e416020b3ada Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 22 Aug 2023 15:14:39 +0200 Subject: [PATCH 1779/1882] updates --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index f97e1ee5..f8c1302a 100644 --- a/flake.lock +++ b/flake.lock @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1692260837, - "narHash": "sha256-2FpkX1zl+7ni7djK7NeE1ZGupRUwZgjW+RPCSBgDf4k=", + "lastModified": 1692686040, + "narHash": "sha256-4GkXTC7sXpEL40QbJip49qsINAH+aKSciPT/1Pz6hfM=", "owner": "nix-community", "repo": "home-manager", - "rev": "6a94c1a59737783c282c4031555a289c28b961e4", + "rev": "ea59b79f31beaf4a8cb0ea2fc4dfba5732e4212a", "type": "github" }, "original": { @@ -1066,11 +1066,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1692261193, - "narHash": "sha256-niCyh3bxsfMh0be3iYbVYY32UntLc2jk3hERRy8eg/I=", + "lastModified": 1692684269, + "narHash": "sha256-zJk2pyF4Cuhtor0khtPlf+hfJIh22rzAUC+KU3Ob31Q=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3e3d385b299b284ba511eb1862395b4d40cd924e", + "rev": "9d757ec498666cc1dcc6f2be26db4fd3e1e9ab37", "type": "github" }, "original": { @@ -1159,11 +1159,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1692134936, - "narHash": "sha256-Z68O969cioC6I3k/AFBxsuEwpJwt4l9fzwuAMUhCCs0=", + "lastModified": 1692525914, + "narHash": "sha256-MUgZ9/9mE/EbEQA6JPdcQHkjoR5fgvaKhpy6UO67uEc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "bfd953b2c6de4f550f75461bcc5768b6f966be10", + "rev": "475d5ae2c4cb87b904545bdb547af05681198fcc", "type": "github" }, "original": { @@ -1180,11 +1180,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1692189925, - "narHash": "sha256-Yt6jKh8YIu4WLnKDfdo9yNU+vS2NPGeAWk+7VfLUsxk=", + "lastModified": 1692606547, + "narHash": "sha256-XiUT92TRxVRRPgKGsJ+G4hunqyuIIEJ91ENxSA+68r0=", "owner": "pta2002", "repo": "nixvim", - "rev": "9f8ce75653d0c0a6d0175166e6dd0286a58fe5ef", + "rev": "56b2169683bc2389281f247697f6a14867fabd19", "type": "github" }, "original": { @@ -1195,11 +1195,11 @@ }, "nur": { "locked": { - "lastModified": 1692258137, - "narHash": "sha256-EaYwGYxh9/86Pm6xd2wxMbVCTO0cyY3uTm1/JwElKn8=", + "lastModified": 1692686760, + "narHash": "sha256-Jos0lAuo6E8f3CEHtMlkmanCLY4PVo3dyn5Y/5TUxVk=", "owner": "nix-community", "repo": "NUR", - "rev": "3af804ae643adc5723ef7d3097dce8eab25c2803", + "rev": "c2ade119d26d95bc84b0f48afa10c63894e1150e", "type": "github" }, "original": { -- 2.47.1 From e7e98534cbb81a3b92b11994c31b57c71945c859 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 31 Aug 2023 22:00:31 +0000 Subject: [PATCH 1780/1882] chore(deps): update flaresolverr/flaresolverr docker tag to v3.3.3 --- nixos/hosts/hades/overseerr/prowlarr.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/overseerr/prowlarr.nix b/nixos/hosts/hades/overseerr/prowlarr.nix index 7840fe81..2b583fb4 100644 --- a/nixos/hosts/hades/overseerr/prowlarr.nix +++ b/nixos/hosts/hades/overseerr/prowlarr.nix @@ -5,7 +5,7 @@ _: { }; virtualisation.oci-containers.containers.flaresolverr = { - image = "flaresolverr/flaresolverr:v3.3.2"; + image = "flaresolverr/flaresolverr:v3.3.3"; ports = [ "8191:8191" ]; }; } -- 2.47.1 From 3c646a30dfd04f256b8948673004ddb31014c16c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 24 Aug 2023 14:00:46 +0000 Subject: [PATCH 1781/1882] chore(deps): update dependency fluxcd/flux2 to v2.1.0 --- .../base/flux-system/gotk-components.yaml | 162 ++++++++++++------ 1 file changed, 108 insertions(+), 54 deletions(-) diff --git a/flux/olympus/base/flux-system/gotk-components.yaml b/flux/olympus/base/flux-system/gotk-components.yaml index e720d3eb..71f811a6 100644 --- a/flux/olympus/base/flux-system/gotk-components.yaml +++ b/flux/olympus/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v2.0.1 +# Flux Version: v2.1.0 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -19,7 +19,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: allow-egress namespace: flux-system spec: @@ -39,7 +39,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: allow-scraping namespace: flux-system spec: @@ -59,7 +59,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: allow-webhooks namespace: flux-system spec: @@ -78,7 +78,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: critical-pods-flux-system namespace: flux-system spec: @@ -98,7 +98,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: crd-controller-flux-system rules: - apiGroups: @@ -188,7 +188,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" name: flux-edit-flux-system @@ -214,7 +214,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-view: "true" @@ -239,7 +239,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -259,7 +259,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -294,7 +294,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -617,7 +617,9 @@ spec: description: Insecure allows connecting to a non-TLS HTTP Endpoint. type: boolean interval: - description: Interval at which to check the Endpoint for updates. + description: Interval at which the Bucket Endpoint is checked for + updates. This interval is approximate and may be subject to jitter + to ensure efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string provider: @@ -810,7 +812,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -894,9 +896,21 @@ spec: type: object type: array interval: - description: Interval at which to check the GitRepository for updates. + description: Interval at which the GitRepository URL is checked for + updates. This interval is approximate and may be subject to jitter + to ensure efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string + proxySecretRef: + description: ProxySecretRef specifies the Secret containing the proxy + configuration to use while communicating with the Git server. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object recurseSubmodules: description: RecurseSubmodules enables the initialization of all submodules within the GitRepository as cloned from the URL, using their default @@ -963,10 +977,16 @@ spec: Git commit signature(s). properties: mode: - description: Mode specifies what Git object should be verified, - currently ('head'). + default: HEAD + description: "Mode specifies which Git object(s) should be verified. + \n The variants \"head\" and \"HEAD\" both imply the same thing, + i.e. verify the commit that the HEAD of the Git repository points + to. The variant \"head\" solely exists to ensure backwards compatibility." enum: - head + - HEAD + - Tag + - TagAndHEAD type: string secretRef: description: SecretRef specifies the Secret containing the public @@ -979,7 +999,6 @@ spec: - name type: object required: - - mode - secretRef type: object required: @@ -1202,6 +1221,10 @@ spec: description: ObservedRecurseSubmodules is the observed resource submodules configuration used to produce the current Artifact. type: boolean + sourceVerificationMode: + description: SourceVerificationMode is the last used verification + mode indicating which Git object(s) have been verified. + type: string type: object type: object served: true @@ -1990,7 +2013,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2333,8 +2356,9 @@ spec: at in the SourceRef. type: string interval: - description: Interval is the interval at which to check the Source - for updates. + description: Interval at which the HelmChart SourceRef is checked + for updates. This interval is approximate and may be subject to + jitter to ensure efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string reconcileStrategy: @@ -2585,7 +2609,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2878,8 +2902,27 @@ spec: required: - namespaceSelectors type: object + certSecretRef: + description: "CertSecretRef can be given the name of a Secret containing + either or both of \n - a PEM-encoded client certificate (`tls.crt`) + and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`) + \n and whichever are supplied, will be used for connecting to the + registry. The client cert and key are useful if you are authenticating + with a certificate; the CA cert is useful if you are using a self-signed + server certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`. + \n It takes precedence over the values specified in the Secret referred + to by `.spec.secretRef`." + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object interval: - description: Interval at which to check the URL for updates. + description: Interval at which the HelmRepository URL is checked for + updates. This interval is approximate and may be subject to jitter + to ensure efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string passCredentials: @@ -2905,8 +2948,9 @@ spec: secretRef: description: SecretRef specifies the Secret containing authentication credentials for the HelmRepository. For HTTP/S basic auth the secret - must contain 'username' and 'password' fields. For TLS the secret - must contain a 'certFile' and 'keyFile', and/or 'caFile' fields. + must contain 'username' and 'password' fields. Support for TLS auth + using the 'certFile' and 'keyFile', and/or 'caFile' keys is deprecated. + Please use `.spec.certSecretRef` instead. properties: name: description: Name of the referent. @@ -3089,7 +3133,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: ocirepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3136,13 +3180,15 @@ spec: description: OCIRepositorySpec defines the desired state of OCIRepository properties: certSecretRef: - description: "CertSecretRef can be given the name of a secret containing - either or both of \n - a PEM-encoded client certificate (`certFile`) - and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) + description: "CertSecretRef can be given the name of a Secret containing + either or both of \n - a PEM-encoded client certificate (`tls.crt`) + and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`) \n and whichever are supplied, will be used for connecting to the registry. The client cert and key are useful if you are authenticating with a certificate; the CA cert is useful if you are using a self-signed - server certificate." + server certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`. + \n Note: Support for the `caFile`, `certFile` and `keyFile` keys + have been deprecated." properties: name: description: Name of the referent. @@ -3161,7 +3207,9 @@ spec: registry. type: boolean interval: - description: The interval at which to check for image updates. + description: Interval at which the OCIRepository URL is checked for + updates. This interval is approximate and may be subject to jitter + to ensure efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string layerSelector: @@ -3448,7 +3496,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: source-controller namespace: flux-system --- @@ -3459,7 +3507,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 control-plane: controller name: source-controller namespace: flux-system @@ -3480,7 +3528,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 control-plane: controller name: source-controller namespace: flux-system @@ -3515,7 +3563,7 @@ spec: fieldPath: metadata.namespace - name: TUF_ROOT value: /tmp/.sigstore - image: ghcr.io/fluxcd/source-controller:v1.0.1 + image: ghcr.io/fluxcd/source-controller:v1.1.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -3579,7 +3627,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -3746,6 +3794,8 @@ spec: type: array interval: description: The interval at which to reconcile the Kustomization. + This interval is approximate and may be subject to jitter to ensure + efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string kubeConfig: @@ -5209,7 +5259,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: kustomize-controller namespace: flux-system --- @@ -5220,7 +5270,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 control-plane: controller name: kustomize-controller namespace: flux-system @@ -5249,7 +5299,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v1.0.1 + image: ghcr.io/fluxcd/kustomize-controller:v1.1.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5306,7 +5356,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -5585,7 +5635,9 @@ spec: type: string type: object interval: - description: Interval at which to reconcile the Helm release. + description: Interval at which to reconcile the Helm release. This + interval is approximate and may be subject to jitter to ensure efficient + use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string kubeConfig: @@ -6231,7 +6283,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: helm-controller namespace: flux-system --- @@ -6242,7 +6294,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 control-plane: controller name: helm-controller namespace: flux-system @@ -6271,7 +6323,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.35.0 + image: ghcr.io/fluxcd/helm-controller:v0.36.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6328,7 +6380,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6765,7 +6817,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6998,8 +7050,9 @@ spec: maxLength: 2048 type: string certSecretRef: - description: CertSecretRef specifies the Secret containing a PEM-encoded - CA certificate (`caFile`). + description: "CertSecretRef specifies the Secret containing a PEM-encoded + CA certificate (in the `ca.crt` key). \n Note: Support for the `caFile` + key has been deprecated." properties: name: description: Name of the referent. @@ -7067,6 +7120,7 @@ spec: - grafana - githubdispatch - pagerduty + - datadog type: string username: description: Username specifies the name under which events are posted. @@ -7174,7 +7228,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -7840,7 +7894,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 name: notification-controller namespace: flux-system --- @@ -7851,7 +7905,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 control-plane: controller name: notification-controller namespace: flux-system @@ -7872,7 +7926,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 control-plane: controller name: webhook-receiver namespace: flux-system @@ -7893,7 +7947,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.0.1 + app.kubernetes.io/version: v2.1.0 control-plane: controller name: notification-controller namespace: flux-system @@ -7921,7 +7975,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v1.0.0 + image: ghcr.io/fluxcd/notification-controller:v1.1.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: -- 2.47.1 From 8934de25d6192fa35e3e8ba61337ec1bd1888a7a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 1 Sep 2023 06:00:33 +0000 Subject: [PATCH 1782/1882] chore(deps): update renovate/renovate docker tag to v36.78.4 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 9aa3ae93..b42edca5 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.52.2 + image: renovate/renovate:36.78.4 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 1cdc6503221140cad3229972181f52b787e67368 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 24 Aug 2023 14:00:26 +0000 Subject: [PATCH 1783/1882] chore(deps): update helm release external-secrets to v0.9.4 --- flux/olympus/core/external-secrets/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/core/external-secrets/helm-release.yaml b/flux/olympus/core/external-secrets/helm-release.yaml index 370d21a9..5812d6f1 100644 --- a/flux/olympus/core/external-secrets/helm-release.yaml +++ b/flux/olympus/core/external-secrets/helm-release.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: external-secrets - version: 0.9.3 + version: 0.9.4 interval: 30m sourceRef: kind: HelmRepository -- 2.47.1 From 6df69984c014df8a1cb7e6d41e7dbcccfae407d1 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 1 Sep 2023 20:35:06 +0200 Subject: [PATCH 1784/1882] update caches --- flake.lock | 118 +++++++++++++++++++++++++++++---------- nixos/common/default.nix | 6 +- 2 files changed, 90 insertions(+), 34 deletions(-) diff --git a/flake.lock b/flake.lock index f8c1302a..02753e2f 100644 --- a/flake.lock +++ b/flake.lock @@ -175,6 +175,39 @@ } }, "crane_2": { + "inputs": { + "flake-compat": [ + "lanzaboote", + "flake-compat" + ], + "flake-utils": [ + "lanzaboote", + "flake-utils" + ], + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ], + "rust-overlay": [ + "lanzaboote", + "rust-overlay" + ] + }, + "locked": { + "lastModified": 1688772518, + "narHash": "sha256-ol7gZxwvgLnxNSZwFTDJJ49xVY5teaSvF7lzlo3YQfM=", + "owner": "ipetkov", + "repo": "crane", + "rev": "8b08e96c9af8c6e3a2b69af5a7fa168750fcf88e", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "crane_3": { "flake": false, "locked": { "lastModified": 1670284777, @@ -210,7 +243,7 @@ "inputs": { "alejandra": "alejandra", "all-cabal-json": "all-cabal-json", - "crane": "crane_2", + "crane": "crane_3", "devshell": "devshell", "flake-parts": "flake-parts_2", "flake-utils-pre-commit": "flake-utils-pre-commit", @@ -503,11 +536,11 @@ "systems": "systems_3" }, "locked": { - "lastModified": 1689068808, - "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", + "lastModified": 1692799911, + "narHash": "sha256-3eihraek4qL744EvQXsK1Ha6C3CR7nnT8X2qWap4RNk=", "owner": "numtide", "repo": "flake-utils", - "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", + "rev": "f9e7cf818399d17d347f847525c5a5a8032e4e44", "type": "github" }, "original": { @@ -665,11 +698,11 @@ ] }, "locked": { - "lastModified": 1692686040, - "narHash": "sha256-4GkXTC7sXpEL40QbJip49qsINAH+aKSciPT/1Pz6hfM=", + "lastModified": 1693399033, + "narHash": "sha256-yXhiMo8MnE86sGtPIHAKaLHhmhe8v9tqGGotlUgKJvY=", "owner": "nix-community", "repo": "home-manager", - "rev": "ea59b79f31beaf4a8cb0ea2fc4dfba5732e4212a", + "rev": "f5c15668f9842dd4d5430787d6aa8a28a07f7c10", "type": "github" }, "original": { @@ -680,20 +713,22 @@ }, "lanzaboote": { "inputs": { + "crane": "crane_2", "flake-compat": "flake-compat_4", "flake-parts": "flake-parts", "flake-utils": "flake-utils_3", "nixpkgs": [ "nixpkgs" ], - "pre-commit-hooks-nix": "pre-commit-hooks-nix" + "pre-commit-hooks-nix": "pre-commit-hooks-nix", + "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1691761621, - "narHash": "sha256-xTPifd7/93/bmBEPMhb0zuU9nzRkUIZHr+PJUHoUld8=", + "lastModified": 1692972892, + "narHash": "sha256-ifDTnczs4c/v73LKQdmoGYO81JmysKTlR5ZUH5cr+cE=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "f13848606f5a313c33b9c9ceb34e0ae4d51b6766", + "rev": "6d6cdf59b9d1ca6a2732c57e40f7cbd0f1eb1755", "type": "github" }, "original": { @@ -1066,11 +1101,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1692684269, - "narHash": "sha256-zJk2pyF4Cuhtor0khtPlf+hfJIh22rzAUC+KU3Ob31Q=", + "lastModified": 1693576890, + "narHash": "sha256-GvUL36la2tOjKRRRZkTSQFusbaCvItoZNA8UNIPLXeU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9d757ec498666cc1dcc6f2be26db4fd3e1e9ab37", + "rev": "30291c839a688a77c637024b99c9e10be398ea22", "type": "github" }, "original": { @@ -1081,11 +1116,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1691990649, - "narHash": "sha256-gMbKOiX1HwClRP9lADaaV/lnZr93NEaOFe4ApDx/zd8=", + "lastModified": 1693003285, + "narHash": "sha256-5nm4yrEHKupjn62MibENtfqlP6pWcRTuSKrMiH9bLkc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6e287913f7b1ef537c97aa301b67c34ea46b640f", + "rev": "5690c4271f2998c304a45c91a0aeb8fb69feaea7", "type": "github" }, "original": { @@ -1159,11 +1194,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1692525914, - "narHash": "sha256-MUgZ9/9mE/EbEQA6JPdcQHkjoR5fgvaKhpy6UO67uEc=", + "lastModified": 1693428224, + "narHash": "sha256-FWUUlhYqkGEySUD0blTADRiDQ7fw+H1ikivfu88uy+w=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "475d5ae2c4cb87b904545bdb547af05681198fcc", + "rev": "841889913dfd06a70ffb39f603e29e46f45f0c1a", "type": "github" }, "original": { @@ -1180,11 +1215,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1692606547, - "narHash": "sha256-XiUT92TRxVRRPgKGsJ+G4hunqyuIIEJ91ENxSA+68r0=", + "lastModified": 1693552651, + "narHash": "sha256-U0PdjLxFtgK1a7leKgzqPeorhncO9xo+wmPJ/NK8fIg=", "owner": "pta2002", "repo": "nixvim", - "rev": "56b2169683bc2389281f247697f6a14867fabd19", + "rev": "186b790febffd6d16c2ba6bbe55655ddbdeec894", "type": "github" }, "original": { @@ -1195,11 +1230,11 @@ }, "nur": { "locked": { - "lastModified": 1692686760, - "narHash": "sha256-Jos0lAuo6E8f3CEHtMlkmanCLY4PVo3dyn5Y/5TUxVk=", + "lastModified": 1693577091, + "narHash": "sha256-2f63QZib9qKskqTWs6f0Mu0HKWVE9iRJUaCokKCnMls=", "owner": "nix-community", "repo": "NUR", - "rev": "c2ade119d26d95bc84b0f48afa10c63894e1150e", + "rev": "dd22fdec18a5b2c1403b40ca2122db1a0c000f6b", "type": "github" }, "original": { @@ -1264,11 +1299,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1691747570, - "narHash": "sha256-J3fnIwJtHVQ0tK2JMBv4oAmII+1mCdXdpeCxtIsrL2A=", + "lastModified": 1692274144, + "narHash": "sha256-BxTQuRUANQ81u8DJznQyPmRsg63t4Yc+0kcyq6OLz8s=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "c5ac3aa3324bd8aebe8622a3fc92eeb3975d317a", + "rev": "7e3517c03d46159fdbf8c0e5c97f82d5d4b0c8fa", "type": "github" }, "original": { @@ -1436,6 +1471,31 @@ "type": "github" } }, + "rust-overlay_2": { + "inputs": { + "flake-utils": [ + "lanzaboote", + "flake-utils" + ], + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1689906077, + "narHash": "sha256-2tjLXKoSK7O0LYHlA6GCWL0gy2kZZno4krg+KZpDh6U=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "c88b28944129eeff5e819bdc21248dc07eb0625d", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, "stable": { "locked": { "lastModified": 1669735802, diff --git a/nixos/common/default.nix b/nixos/common/default.nix index f6ebf449..3f3782f0 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -41,13 +41,11 @@ auto-optimise-store = true; trusted-users = [ "root" "victor" ]; substituters = [ - "https://cachix.cachix.org" "https://nix-community.cachix.org" "https://nixpkgs-review-bot.cachix.org" "https://colmena.cachix.org" "https://cache.garnix.io" - "https://0x76-infra.cachix.org" - "https://webcord.cachix.org" + "https://cachix.cachix.org" ]; trusted-public-keys = [ "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=" @@ -55,8 +53,6 @@ "nixpkgs-review-bot.cachix.org-1:eppgiDjPk7Hkzzz7XlUesk3rcEHqNDozGOrcLc8IqwE=" "colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg=" "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" - "0x76-infra.cachix.org-1:dC1qp+VEN3jj5pdK4URlXR9hf3atT+MnpKGu6PZjMc8=" - "webcord.cachix.org-1:l555jqOZGHd2C9+vS8ccdh8FhqnGe8L78QrHNn+EFEs=" ]; }; optimise = { -- 2.47.1 From ffb8ac07105d38c53c76541d0af1f330c028e78d Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 1 Sep 2023 21:06:09 +0200 Subject: [PATCH 1785/1882] updates --- flake.lock | 19 ++++++------ flake.nix | 4 +-- nixos/hosts/olympus/eevee/configuration.nix | 28 +++++++++--------- nixos/hosts/olympus/eevee/hardware.nix | 2 +- nixos/hosts/olympus/eevee/home/theme.nix | 32 --------------------- nixos/pkgs/plex-pass/sources.json | 12 ++++---- 6 files changed, 32 insertions(+), 65 deletions(-) delete mode 100644 nixos/hosts/olympus/eevee/home/theme.nix diff --git a/flake.lock b/flake.lock index 02753e2f..f174457b 100644 --- a/flake.lock +++ b/flake.lock @@ -909,16 +909,15 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1679726555, - "narHash": "sha256-h7Dd/uWu7i5Yv1E+DweyJJUzTvGWXqfSo8/hz1YEolY=", - "owner": "toastal", + "lastModified": 1693588489, + "narHash": "sha256-hUGiONyurfBxmTtRUttdlkdq+ml16L1MiKKAS1047OE=", + "owner": "nixos", "repo": "nixos-hardware", - "rev": "0889479119961000c4a15801a0343cd1f11de556", + "rev": "fe0ea731b84b10143fc68cd557368ac70f0fb65c", "type": "github" }, "original": { - "owner": "toastal", - "ref": "z-series-no-hidpi", + "owner": "nixos", "repo": "nixos-hardware", "type": "github" } @@ -1101,16 +1100,16 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1693576890, - "narHash": "sha256-GvUL36la2tOjKRRRZkTSQFusbaCvItoZNA8UNIPLXeU=", + "lastModified": 1693471703, + "narHash": "sha256-0l03ZBL8P1P6z8MaSDS/MvuU8E75rVxe5eE1N6gxeTo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "30291c839a688a77c637024b99c9e10be398ea22", + "rev": "3e52e76b70d5508f3cec70b882a29199f4d1ee85", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "master", + "ref": "nixos-unstable", "type": "indirect" } }, diff --git a/flake.nix b/flake.nix index 7e225b3e..dab0f582 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "nixpkgs/master"; + nixpkgs.url = "nixpkgs/nixos-unstable"; nixpkgs_stable.url = "nixpkgs/nixos-23.05"; @@ -32,7 +32,7 @@ nixos-generators.url = "github:nix-community/nixos-generators"; nixos-generators.inputs.nixpkgs.follows = "nixpkgs"; - nixos-hardware.url = "github:toastal/nixos-hardware/z-series-no-hidpi"; + nixos-hardware.url = "github:nixos/nixos-hardware"; lanzaboote = { url = "github:nix-community/lanzaboote"; diff --git a/nixos/hosts/olympus/eevee/configuration.nix b/nixos/hosts/olympus/eevee/configuration.nix index 3860b43e..40987178 100644 --- a/nixos/hosts/olympus/eevee/configuration.nix +++ b/nixos/hosts/olympus/eevee/configuration.nix @@ -41,20 +41,20 @@ environment.sessionVariables.NIXOS_OZONE_WL = "1"; - services.kubo = { - enable = true; - enableGC = true; - # autoMount = true; - settings = { - Addresses.API = "/ip4/127.0.0.1/tcp/2324"; - Routing = { - AcceleratedDHTClient = true; - }; - Experimental = { - FilestoreEnabled = true; - }; - }; - }; + # services.kubo = { + # enable = true; + # enableGC = true; + # # autoMount = true; + # settings = { + # Addresses.API = "/ip4/127.0.0.1/tcp/2324"; + # Routing = { + # AcceleratedDHTClient = true; + # }; + # Experimental = { + # FilestoreEnabled = true; + # }; + # }; + # }; home-manager = { users.victor = import ./home; diff --git a/nixos/hosts/olympus/eevee/hardware.nix b/nixos/hosts/olympus/eevee/hardware.nix index f051d030..37c1a85c 100644 --- a/nixos/hosts/olympus/eevee/hardware.nix +++ b/nixos/hosts/olympus/eevee/hardware.nix @@ -5,7 +5,7 @@ services.xserver.videoDrivers = [ "nvidia" ]; hardware.nvidia = { - package = config.boot.kernelPackages.nvidiaPackages.beta; + package = config.boot.kernelPackages.nvidiaPackages.stable; # Open drivers cause gdm to crash # open = true; diff --git a/nixos/hosts/olympus/eevee/home/theme.nix b/nixos/hosts/olympus/eevee/home/theme.nix deleted file mode 100644 index aa462fc9..00000000 --- a/nixos/hosts/olympus/eevee/home/theme.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ pkgs, config, ... }: -let - theme = "Catppuccin-Pink-Dark"; - cursorTheme = config.home.pointerCursor.name; -in { - home.pointerCursor = { - name = "Bibata-Modern-Classic"; - size = 24; - package = pkgs.bibata-cursors; - }; - - gtk = { - enable = true; - theme = { - name = theme; - package = pkgs.catppuccin-gtk; - }; - iconTheme = { - name = "Papirus-Dark"; - package = pkgs.papirus-icon-theme.override { color = "violet"; }; - }; - cursorTheme = { - name = cursorTheme; - inherit (config.home.pointerCursor) package size; - }; - }; - - programs.vscode = { - userSettings."workbench.colorTheme" = "Catppuccin Frappé"; - extensions = [ pkgs.vscode-extensions.catppuccin.catppuccin-vsc ]; - }; -} diff --git a/nixos/pkgs/plex-pass/sources.json b/nixos/pkgs/plex-pass/sources.json index f8fe4d0a..6851d7ee 100644 --- a/nixos/pkgs/plex-pass/sources.json +++ b/nixos/pkgs/plex-pass/sources.json @@ -1,14 +1,14 @@ [ { - "version": "1.32.6.7371", + "version": "1.32.6.7468", "platform": "aarch64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.6.7371-b6a09ad81/debian/plexmediaserver_1.32.6.7371-b6a09ad81_arm64.deb", - "hash": "0if5bwa824ijqss5h2airn36dhwn4krfg90jsw8sj7afw1llngf1" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.6.7468-07e0d4a7e/debian/plexmediaserver_1.32.6.7468-07e0d4a7e_arm64.deb", + "hash": "01sdhm307zsnsj893qch9h2yc07y7yijz5j0y4p223v29picr3h6" }, { - "version": "1.32.6.7371", + "version": "1.32.6.7468", "platform": "x86_64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.6.7371-b6a09ad81/debian/plexmediaserver_1.32.6.7371-b6a09ad81_amd64.deb", - "hash": "0dr0n7imf9vhvbq7398mjaf53qj1lw5lwjjia0aglg4idmhvgw7h" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.6.7468-07e0d4a7e/debian/plexmediaserver_1.32.6.7468-07e0d4a7e_amd64.deb", + "hash": "066hfidm25830xljj3ygq6vr142v2n4z3w94wnxfhxv2mx5fxall" } ] -- 2.47.1 From 4bafe38997fa4e89adb3fa0c1aafc68b9039c84f Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 2 Sep 2023 18:43:55 +0200 Subject: [PATCH 1786/1882] flake update --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index f174457b..911b4b3c 100644 --- a/flake.lock +++ b/flake.lock @@ -1100,11 +1100,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1693471703, - "narHash": "sha256-0l03ZBL8P1P6z8MaSDS/MvuU8E75rVxe5eE1N6gxeTo=", + "lastModified": 1693565476, + "narHash": "sha256-ya00zHt7YbPo3ve/wNZ/6nts61xt7wK/APa6aZAfey0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3e52e76b70d5508f3cec70b882a29199f4d1ee85", + "rev": "aa8aa7e2ea35ce655297e8322dc82bf77a31d04b", "type": "github" }, "original": { @@ -1229,11 +1229,11 @@ }, "nur": { "locked": { - "lastModified": 1693577091, - "narHash": "sha256-2f63QZib9qKskqTWs6f0Mu0HKWVE9iRJUaCokKCnMls=", + "lastModified": 1693639925, + "narHash": "sha256-Wpn7RlqbXjwSdAima9VbTwnGZm1vmsR0gid/CrHMMf0=", "owner": "nix-community", "repo": "NUR", - "rev": "dd22fdec18a5b2c1403b40ca2122db1a0c000f6b", + "rev": "652f5c78eb77c74bf8b0b7da41a8087601ecc0aa", "type": "github" }, "original": { -- 2.47.1 From ca30e42ecd2af712c2e10e3707cdf89ec3149b7a Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 2 Sep 2023 20:13:21 +0200 Subject: [PATCH 1787/1882] update flake --- flake.lock | 20 ++++++++++---------- flake.nix | 2 +- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/flake.lock b/flake.lock index 911b4b3c..50d1324d 100644 --- a/flake.lock +++ b/flake.lock @@ -698,11 +698,11 @@ ] }, "locked": { - "lastModified": 1693399033, - "narHash": "sha256-yXhiMo8MnE86sGtPIHAKaLHhmhe8v9tqGGotlUgKJvY=", + "lastModified": 1693646047, + "narHash": "sha256-VsuXtCGOhrzp1qb1CSoV/cO+5f+GPtA4J/SFYqqLyfo=", "owner": "nix-community", "repo": "home-manager", - "rev": "f5c15668f9842dd4d5430787d6aa8a28a07f7c10", + "rev": "fae8af43e201a8929ce45a5ea46192bbd1ffff18", "type": "github" }, "original": { @@ -1100,16 +1100,16 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1693565476, - "narHash": "sha256-ya00zHt7YbPo3ve/wNZ/6nts61xt7wK/APa6aZAfey0=", + "lastModified": 1693626178, + "narHash": "sha256-Rpiy6lIOu4zny8tfGuIeN1ji9eSz9nPmm9yBhh/4IOM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "aa8aa7e2ea35ce655297e8322dc82bf77a31d04b", + "rev": "bfb7dfec93f3b5d7274db109f2990bc889861caf", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-unstable", + "ref": "nixos-unstable-small", "type": "indirect" } }, @@ -1229,11 +1229,11 @@ }, "nur": { "locked": { - "lastModified": 1693639925, - "narHash": "sha256-Wpn7RlqbXjwSdAima9VbTwnGZm1vmsR0gid/CrHMMf0=", + "lastModified": 1693662274, + "narHash": "sha256-hf2iQylOVR/RnuEroAOCuaCgC/9oJ+K5CVqYF932LeQ=", "owner": "nix-community", "repo": "NUR", - "rev": "652f5c78eb77c74bf8b0b7da41a8087601ecc0aa", + "rev": "543e8d29d1b0c1bdefb2a0d7b8a3ed478e74fd5b", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index dab0f582..d5ce38e6 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "nixpkgs/nixos-unstable"; + nixpkgs.url = "nixpkgs/nixos-unstable-small"; nixpkgs_stable.url = "nixpkgs/nixos-23.05"; -- 2.47.1 From 6ef0ea29fdd9ab4407f5177ea851fc161a1f7b44 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 3 Sep 2023 10:24:18 +0200 Subject: [PATCH 1788/1882] fix ntfy --- nixos/hosts/olympus/ntfy/configuration.nix | 2 +- nixos/hosts/thalassa/aoife/hardware.nix | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/nixos/hosts/olympus/ntfy/configuration.nix b/nixos/hosts/olympus/ntfy/configuration.nix index 00777670..b8ce52e5 100644 --- a/nixos/hosts/olympus/ntfy/configuration.nix +++ b/nixos/hosts/olympus/ntfy/configuration.nix @@ -20,7 +20,7 @@ networking.firewall.allowedTCPPorts = [ 80 9090 ]; - services.ntfy-sh = let datadir = "/var/lib/ntfy"; + services.ntfy-sh = let datadir = "/var/lib/ntfy-sh"; in { enable = true; settings = { diff --git a/nixos/hosts/thalassa/aoife/hardware.nix b/nixos/hosts/thalassa/aoife/hardware.nix index f00abf81..03457648 100644 --- a/nixos/hosts/thalassa/aoife/hardware.nix +++ b/nixos/hosts/thalassa/aoife/hardware.nix @@ -5,6 +5,8 @@ services.hardware.bolt.enable = true; + services.fprintd.enable = true; + # hardware.trackpoint.enable = true; # FS @@ -39,4 +41,10 @@ enable = true; powertop.enable = true; }; + + # tpm + security.tpm2.enable = true; + security.tpm2.pkcs11.enable = true; # expose /run/current-system/sw/lib/libtpm2_pkcs11.so + security.tpm2.tctiEnvironment.enable = true; # TPM2TOOLS_TCTI and TPM2_PKCS11_TCTI env variables + users.users.victor.extraGroups = [ "tss" ]; # tss group has access to TPM devices } -- 2.47.1 From c973ee99205d74b9a89f5fa52351b6754d05f35d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 2 Sep 2023 14:00:25 +0000 Subject: [PATCH 1789/1882] chore(deps): update flaresolverr/flaresolverr docker tag to v3.3.4 --- nixos/hosts/hades/overseerr/prowlarr.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/overseerr/prowlarr.nix b/nixos/hosts/hades/overseerr/prowlarr.nix index 2b583fb4..b03255ae 100644 --- a/nixos/hosts/hades/overseerr/prowlarr.nix +++ b/nixos/hosts/hades/overseerr/prowlarr.nix @@ -5,7 +5,7 @@ _: { }; virtualisation.oci-containers.containers.flaresolverr = { - image = "flaresolverr/flaresolverr:v3.3.3"; + image = "flaresolverr/flaresolverr:v3.3.4"; ports = [ "8191:8191" ]; }; } -- 2.47.1 From bca7181ff2051dcb06a5969778f8ac7d0ebfb9a1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 4 Sep 2023 22:00:31 +0000 Subject: [PATCH 1790/1882] chore(deps): update renovate/renovate docker tag to v36.81.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index b42edca5..960e21d2 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.78.4 + image: renovate/renovate:36.81.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 90f0c7bbbed706d90d71223336fbe1d359b53dc2 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 5 Sep 2023 15:09:15 +0200 Subject: [PATCH 1791/1882] flake update --- flake.lock | 54 +++++++++++++++++++++++++++--------------------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/flake.lock b/flake.lock index 50d1324d..f9ffe3ac 100644 --- a/flake.lock +++ b/flake.lock @@ -698,11 +698,11 @@ ] }, "locked": { - "lastModified": 1693646047, - "narHash": "sha256-VsuXtCGOhrzp1qb1CSoV/cO+5f+GPtA4J/SFYqqLyfo=", + "lastModified": 1693859358, + "narHash": "sha256-r3Pak/ao3p8weTzR+Ry3qQrfRsmSOwWW5sAe73mrYKs=", "owner": "nix-community", "repo": "home-manager", - "rev": "fae8af43e201a8929ce45a5ea46192bbd1ffff18", + "rev": "886ea1d213efd1082f419d066e89ef37635dc970", "type": "github" }, "original": { @@ -873,11 +873,11 @@ }, "nixlib": { "locked": { - "lastModified": 1689469483, - "narHash": "sha256-2SBhY7rZQ/iNCxe04Eqxlz9YK9KgbaTMBssq3/BgdWY=", + "lastModified": 1693701915, + "narHash": "sha256-waHPLdDYUOHSEtMKKabcKIMhlUOHPOOPQ9UyFeEoovs=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "02fea408f27186f139153e1ae88f8ab2abd9c22c", + "rev": "f5af57d3ef9947a70ac86e42695231ac1ad00c25", "type": "github" }, "original": { @@ -894,11 +894,11 @@ ] }, "locked": { - "lastModified": 1690133435, - "narHash": "sha256-YNZiefETggroaTLsLJG2M+wpF0pJPwiauKG4q48ddNU=", + "lastModified": 1693791338, + "narHash": "sha256-wHmtB5H8AJTUaeGHw+0hsQ6nU4VyvVrP2P4NeCocRzY=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "b1171de4d362c022130c92d7c8adc4bf2b83d586", + "rev": "8ee78470029e641cddbd8721496da1316b47d3b4", "type": "github" }, "original": { @@ -909,11 +909,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1693588489, - "narHash": "sha256-hUGiONyurfBxmTtRUttdlkdq+ml16L1MiKKAS1047OE=", + "lastModified": 1693718952, + "narHash": "sha256-+nGdJlgTk0MPN7NygopipmyylVuAVi7OItIwTlwtGnw=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "fe0ea731b84b10143fc68cd557368ac70f0fb65c", + "rev": "793de77d9f83418b428e8ba70d1e42c6507d0d35", "type": "github" }, "original": { @@ -1100,11 +1100,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1693626178, - "narHash": "sha256-Rpiy6lIOu4zny8tfGuIeN1ji9eSz9nPmm9yBhh/4IOM=", + "lastModified": 1693843476, + "narHash": "sha256-0T1iTp/+HNgi/b03bB4JA5LkaUS31CCBKhbti6Jb/RA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "bfb7dfec93f3b5d7274db109f2990bc889861caf", + "rev": "278796c737d3fa1e2c516d49720adb451198dc4d", "type": "github" }, "original": { @@ -1115,11 +1115,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1693003285, - "narHash": "sha256-5nm4yrEHKupjn62MibENtfqlP6pWcRTuSKrMiH9bLkc=", + "lastModified": 1693565476, + "narHash": "sha256-ya00zHt7YbPo3ve/wNZ/6nts61xt7wK/APa6aZAfey0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5690c4271f2998c304a45c91a0aeb8fb69feaea7", + "rev": "aa8aa7e2ea35ce655297e8322dc82bf77a31d04b", "type": "github" }, "original": { @@ -1193,11 +1193,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1693428224, - "narHash": "sha256-FWUUlhYqkGEySUD0blTADRiDQ7fw+H1ikivfu88uy+w=", + "lastModified": 1693771906, + "narHash": "sha256-32EnPCaVjOiEERZ+o/2Ir7JH9pkfwJZJ27SKHNvt4yk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "841889913dfd06a70ffb39f603e29e46f45f0c1a", + "rev": "da5adce0ffaff10f6d0fee72a02a5ed9d01b52fc", "type": "github" }, "original": { @@ -1214,11 +1214,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1693552651, - "narHash": "sha256-U0PdjLxFtgK1a7leKgzqPeorhncO9xo+wmPJ/NK8fIg=", + "lastModified": 1693862861, + "narHash": "sha256-+ynDsujluFf187KZvyBZ1C/BTty3TtKWuzuvpQ7sy/Q=", "owner": "pta2002", "repo": "nixvim", - "rev": "186b790febffd6d16c2ba6bbe55655ddbdeec894", + "rev": "b7611f74a9b1107e09925664f652b141926b0b92", "type": "github" }, "original": { @@ -1229,11 +1229,11 @@ }, "nur": { "locked": { - "lastModified": 1693662274, - "narHash": "sha256-hf2iQylOVR/RnuEroAOCuaCgC/9oJ+K5CVqYF932LeQ=", + "lastModified": 1693897617, + "narHash": "sha256-4Cs/ViCgZIVA/yo44aGnAuw3w3pQg7D+nr3zHPtRp4Y=", "owner": "nix-community", "repo": "NUR", - "rev": "543e8d29d1b0c1bdefb2a0d7b8a3ed478e74fd5b", + "rev": "d914dfcbb7fdd85b4d1dd543de77571774aacbd1", "type": "github" }, "original": { -- 2.47.1 From 55be8278ca747f97cced56914e7f4295a96a5763 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 9 Sep 2023 10:33:04 +0200 Subject: [PATCH 1792/1882] updates --- flake.lock | 30 ++++++++++++------------ nixos/common/users/victor.nix | 5 ---- nixos/hosts/olympus/ci/configuration.nix | 4 ++-- 3 files changed, 17 insertions(+), 22 deletions(-) diff --git a/flake.lock b/flake.lock index f9ffe3ac..4e1515c1 100644 --- a/flake.lock +++ b/flake.lock @@ -698,11 +698,11 @@ ] }, "locked": { - "lastModified": 1693859358, - "narHash": "sha256-r3Pak/ao3p8weTzR+Ry3qQrfRsmSOwWW5sAe73mrYKs=", + "lastModified": 1694134858, + "narHash": "sha256-fG/ESauOGmiojKlpJG8gB62dJa5Wd+ZIuiDMKK/HD3g=", "owner": "nix-community", "repo": "home-manager", - "rev": "886ea1d213efd1082f419d066e89ef37635dc970", + "rev": "19c6a4081b14443420358262f8416149bd79561a", "type": "github" }, "original": { @@ -1100,11 +1100,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1693843476, - "narHash": "sha256-0T1iTp/+HNgi/b03bB4JA5LkaUS31CCBKhbti6Jb/RA=", + "lastModified": 1694068030, + "narHash": "sha256-q21JdfZjK4XN5QwWTzCHF/G6uuZtwASNW9/ZBaak65M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "278796c737d3fa1e2c516d49720adb451198dc4d", + "rev": "9e26139b45147aadd25ab7ab3bc4a93d6d5e94e7", "type": "github" }, "original": { @@ -1193,11 +1193,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1693771906, - "narHash": "sha256-32EnPCaVjOiEERZ+o/2Ir7JH9pkfwJZJ27SKHNvt4yk=", + "lastModified": 1694048570, + "narHash": "sha256-PEQptwFCVaJ+jLFJgrZll2shQ9VI/7xVhrCYkJo8iIw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "da5adce0ffaff10f6d0fee72a02a5ed9d01b52fc", + "rev": "4f77ea639305f1de0a14d9d41eef83313360638c", "type": "github" }, "original": { @@ -1214,11 +1214,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1693862861, - "narHash": "sha256-+ynDsujluFf187KZvyBZ1C/BTty3TtKWuzuvpQ7sy/Q=", + "lastModified": 1694184429, + "narHash": "sha256-23yG6qO7y9ICfMDzm5mFbCgD5M7NxpAuCdGo7EqmBjs=", "owner": "pta2002", "repo": "nixvim", - "rev": "b7611f74a9b1107e09925664f652b141926b0b92", + "rev": "ee4e67a5164c124438cdf18f62e5df37067df128", "type": "github" }, "original": { @@ -1229,11 +1229,11 @@ }, "nur": { "locked": { - "lastModified": 1693897617, - "narHash": "sha256-4Cs/ViCgZIVA/yo44aGnAuw3w3pQg7D+nr3zHPtRp4Y=", + "lastModified": 1694246366, + "narHash": "sha256-A1QJv4wFxkc4VySvjcV6avXqTc9Dl88vS8dJUaO/klA=", "owner": "nix-community", "repo": "NUR", - "rev": "d914dfcbb7fdd85b4d1dd543de77571774aacbd1", + "rev": "9fb503bd063920edd62d2f7ac8303015817e08a2", "type": "github" }, "original": { diff --git a/nixos/common/users/victor.nix b/nixos/common/users/victor.nix index 692ddd70..18a57ad9 100644 --- a/nixos/common/users/victor.nix +++ b/nixos/common/users/victor.nix @@ -39,11 +39,6 @@ clock24 = true; }; - programs.exa = { - enable = true; - enableAliases = true; - }; - programs.bat.enable = true; }; diff --git a/nixos/hosts/olympus/ci/configuration.nix b/nixos/hosts/olympus/ci/configuration.nix index 0c694019..0c80aac0 100644 --- a/nixos/hosts/olympus/ci/configuration.nix +++ b/nixos/hosts/olympus/ci/configuration.nix @@ -46,9 +46,9 @@ in { url = "https://git.0x76.dev"; tokenFile = "${vs.gitea_runner}/token_runner_1"; }; - nix_native = { + native_nix = { enable = true; - name = "nix-native"; + name = "native_nix"; labels = [ "native:host" ]; url = "https://git.0x76.dev"; tokenFile = "${vs.gitea_runner}/token_native"; -- 2.47.1 From ea08de41c6a6d6886be7e72a77e557bba65e6653 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 9 Sep 2023 06:00:26 +0000 Subject: [PATCH 1793/1882] chore(deps): update renovate/renovate docker tag to v36.89.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 960e21d2..33f37ce9 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.81.0 + image: renovate/renovate:36.89.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 6bb6d4ae91c1ec9275c3322e74ad3092c67e0851 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 9 Sep 2023 16:18:16 +0200 Subject: [PATCH 1794/1882] fix ci (#200) Reviewed-on: https://git.0x76.dev/v/infrastructure/pulls/200 Co-authored-by: Victor Co-committed-by: Victor --- .forgejo/workflows/lint.yml | 18 ++++++++++++++---- .forgejo/workflows/nix.yml | 4 +++- .forgejo/workflows/plex_update.yml | 7 ++++++- nixos/common/desktop/home.nix | 1 + nixos/hosts/olympus/gitea/configuration.nix | 4 ++-- nixos/pkgs/plex-pass/update.sh | 4 +++- 6 files changed, 29 insertions(+), 9 deletions(-) diff --git a/.forgejo/workflows/lint.yml b/.forgejo/workflows/lint.yml index 49f43edc..85b68639 100644 --- a/.forgejo/workflows/lint.yml +++ b/.forgejo/workflows/lint.yml @@ -4,9 +4,19 @@ on: [push] jobs: lint: - runs-on: native + runs-on: docker + env: + container: + image: ghcr.io/catthehacker/ubuntu:js-20.04 steps: - uses: actions/checkout@v3 - - run: statix check . - - run: deadnix -f - - run: yamllint . + - uses: https://github.com/cachix/install-nix-action@v22 + env: + with: + nix_path: nixpkgs=channel:nixos-unstable + - run: | + sed -i '/^access-tokens/ d' /etc/nix/nix.conf + nix profile install 'nixpkgs#deadnix' 'nixpkgs#statix' 'nixpkgs#yamllint' + statix check . + deadnix -f + yamllint . diff --git a/.forgejo/workflows/nix.yml b/.forgejo/workflows/nix.yml index c8abaec7..8dbafa26 100644 --- a/.forgejo/workflows/nix.yml +++ b/.forgejo/workflows/nix.yml @@ -1,5 +1,7 @@ name: Nix +# on: [push] + jobs: lint: runs-on: docker @@ -8,7 +10,7 @@ jobs: image: ghcr.io/catthehacker/ubuntu:js-20.04 steps: - uses: actions/checkout@v3 - - uses: https://github.com/cachix/install-nix-action@v20 + - uses: https://github.com/cachix/install-nix-action@v22 env: with: nix_path: nixpkgs=channel:nixos-unstable diff --git a/.forgejo/workflows/plex_update.yml b/.forgejo/workflows/plex_update.yml index 7e2b2f5f..2d5a2393 100644 --- a/.forgejo/workflows/plex_update.yml +++ b/.forgejo/workflows/plex_update.yml @@ -10,9 +10,14 @@ on: jobs: update: - runs-on: native + runs-on: docker + container: + image: ghcr.io/catthehacker/ubuntu:js-20.04 steps: - uses: actions/checkout@v3 + - uses: https://github.com/cachix/install-nix-action@v22 + with: + nix_path: nixpkgs=channel:nixos-unstable - env: VAULT_ADDR: ${{ secrets.VAULT_ADDR }} VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }} diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index 3b22d7b1..db10fb84 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -20,6 +20,7 @@ in { inputs.comma.packages.${pkgs.system}.default inputs.webcord.packages.${pkgs.system}.default kdenlive + mattermost-desktop mullvad-vpn neofetch nixfmt diff --git a/nixos/hosts/olympus/gitea/configuration.nix b/nixos/hosts/olympus/gitea/configuration.nix index 45b52de8..9deb5836 100644 --- a/nixos/hosts/olympus/gitea/configuration.nix +++ b/nixos/hosts/olympus/gitea/configuration.nix @@ -69,8 +69,8 @@ in { "REPO_INDEXER_EXCLUDE" = "node_modules/**"; }; ui = { - "THEMES" = "gitea,arc-green,agatheme"; - "DEFAULT_THEME" = "agatheme"; + "THEMES" = "forgejo-auto,forgejo-light,forgejo-dark,auto,gitea,arc-green,agatheme"; + "DEFAULT_THEME" = "forgejo-auto"; "USE_SERVICE_WORKER" = true; }; server = { diff --git a/nixos/pkgs/plex-pass/update.sh b/nixos/pkgs/plex-pass/update.sh index 90c07c34..bead2f32 100755 --- a/nixos/pkgs/plex-pass/update.sh +++ b/nixos/pkgs/plex-pass/update.sh @@ -1,4 +1,6 @@ -#! /usr/bin/env bash +#! /usr/bin/env nix-shell +#! nix-shell -i bash -p vault curl jq + shopt -s extglob set -eu -o pipefail -- 2.47.1 From c587f10d3e8361793485d3b8c5b8bda4f813db63 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 10 Sep 2023 09:22:55 +0200 Subject: [PATCH 1795/1882] add flake checker to ci --- .forgejo/workflows/plex_update.yml | 2 ++ flake.lock | 24 ++++++++++++------------ 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/.forgejo/workflows/plex_update.yml b/.forgejo/workflows/plex_update.yml index 2d5a2393..cc6adee6 100644 --- a/.forgejo/workflows/plex_update.yml +++ b/.forgejo/workflows/plex_update.yml @@ -15,6 +15,8 @@ jobs: image: ghcr.io/catthehacker/ubuntu:js-20.04 steps: - uses: actions/checkout@v3 + - name: Check Nix flake inputs + uses: DeterminateSystems/flake-checker-action@v5 - uses: https://github.com/cachix/install-nix-action@v22 with: nix_path: nixpkgs=channel:nixos-unstable diff --git a/flake.lock b/flake.lock index 4e1515c1..570889db 100644 --- a/flake.lock +++ b/flake.lock @@ -1100,11 +1100,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1694068030, - "narHash": "sha256-q21JdfZjK4XN5QwWTzCHF/G6uuZtwASNW9/ZBaak65M=", + "lastModified": 1694254102, + "narHash": "sha256-oM2qC5TyeM1zZE3BQnOodg31a2u/G5DF/Yx02UJRGfc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9e26139b45147aadd25ab7ab3bc4a93d6d5e94e7", + "rev": "4a76638020344ae8a9f061856431182179ab0d28", "type": "github" }, "original": { @@ -1115,11 +1115,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1693565476, - "narHash": "sha256-ya00zHt7YbPo3ve/wNZ/6nts61xt7wK/APa6aZAfey0=", + "lastModified": 1693985761, + "narHash": "sha256-K5b+7j7Tt3+AqbWkcw+wMeqOAWyCD1MH26FPZyWXpdo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "aa8aa7e2ea35ce655297e8322dc82bf77a31d04b", + "rev": "0bffda19b8af722f8069d09d8b6a24594c80b352", "type": "github" }, "original": { @@ -1214,11 +1214,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1694184429, - "narHash": "sha256-23yG6qO7y9ICfMDzm5mFbCgD5M7NxpAuCdGo7EqmBjs=", + "lastModified": 1694274712, + "narHash": "sha256-XoqfgaqzvS9FS2Ci2NXEPkuY5Shc3Z4RACEeJrWDSsI=", "owner": "pta2002", "repo": "nixvim", - "rev": "ee4e67a5164c124438cdf18f62e5df37067df128", + "rev": "6efbb5353c08e6bcee24f3ed7314e51767a52d9e", "type": "github" }, "original": { @@ -1229,11 +1229,11 @@ }, "nur": { "locked": { - "lastModified": 1694246366, - "narHash": "sha256-A1QJv4wFxkc4VySvjcV6avXqTc9Dl88vS8dJUaO/klA=", + "lastModified": 1694270448, + "narHash": "sha256-3o8OvyMAgFeyFG/nZl5EK1n24kiGc3Q0ZZZAYRDAe/I=", "owner": "nix-community", "repo": "NUR", - "rev": "9fb503bd063920edd62d2f7ac8303015817e08a2", + "rev": "b944476b030a89bc4ca83a10944476afa5ea5548", "type": "github" }, "original": { -- 2.47.1 From 6bb7fc9f8478dfa6cc1adee09b7d5421e72904ca Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 10 Sep 2023 09:26:19 +0200 Subject: [PATCH 1796/1882] fix flake checker action --- .forgejo/workflows/nix.yml | 2 ++ .forgejo/workflows/plex_update.yml | 2 -- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.forgejo/workflows/nix.yml b/.forgejo/workflows/nix.yml index 8dbafa26..a67c4890 100644 --- a/.forgejo/workflows/nix.yml +++ b/.forgejo/workflows/nix.yml @@ -10,6 +10,8 @@ jobs: image: ghcr.io/catthehacker/ubuntu:js-20.04 steps: - uses: actions/checkout@v3 + - name: Check Nix flake inputs + uses: https://github.com/DeterminateSystems/flake-checker-action@v5 - uses: https://github.com/cachix/install-nix-action@v22 env: with: diff --git a/.forgejo/workflows/plex_update.yml b/.forgejo/workflows/plex_update.yml index cc6adee6..2d5a2393 100644 --- a/.forgejo/workflows/plex_update.yml +++ b/.forgejo/workflows/plex_update.yml @@ -15,8 +15,6 @@ jobs: image: ghcr.io/catthehacker/ubuntu:js-20.04 steps: - uses: actions/checkout@v3 - - name: Check Nix flake inputs - uses: DeterminateSystems/flake-checker-action@v5 - uses: https://github.com/cachix/install-nix-action@v22 with: nix_path: nixpkgs=channel:nixos-unstable -- 2.47.1 From 1baad4b758a92cde1686a1c98d142c918c593dc6 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 10 Sep 2023 09:42:53 +0200 Subject: [PATCH 1797/1882] update mastodon --- nixos/pkgs/glitch-soc/default.nix | 3 +- nixos/pkgs/glitch-soc/gemset.nix | 468 ++++++++++++++++++++---------- nixos/pkgs/glitch-soc/source.nix | 4 +- nixos/pkgs/glitch-soc/version.nix | 2 +- 4 files changed, 320 insertions(+), 157 deletions(-) diff --git a/nixos/pkgs/glitch-soc/default.nix b/nixos/pkgs/glitch-soc/default.nix index 9e48ff7d..415a9be3 100644 --- a/nixos/pkgs/glitch-soc/default.nix +++ b/nixos/pkgs/glitch-soc/default.nix @@ -41,7 +41,8 @@ stdenv.mkDerivation rec { yarnOfflineCache = fetchYarnDeps { yarnLock = "${src}/yarn.lock"; - sha256 = "sha256-8fUJ1RBQZ16R3IpA/JEcn+PO04ApQ9TkHuYKycvV8BY="; + sha256 = "sha256-iSqMe4B9ZEFPAw7uXgnbTWBnXg89WM/3gnDbQAUJv2E="; + # sha256 = lib.fakeSha256; }; nativeBuildInputs = [ diff --git a/nixos/pkgs/glitch-soc/gemset.nix b/nixos/pkgs/glitch-soc/gemset.nix index dc7fe6fc..9c22fd6e 100644 --- a/nixos/pkgs/glitch-soc/gemset.nix +++ b/nixos/pkgs/glitch-soc/gemset.nix @@ -5,32 +5,32 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "10y18l67i6ry7v9w0qwh26477g4gm0qrjjpa87pa5a42hzkglnc7"; + sha256 = "1i98vjh8l1xrf0ihdpvgq7mz7cfj4aww77swjlwljcgfb45868d9"; type = "gem"; }; - version = "6.1.7.4"; + version = "7.0.7.2"; }; actionmailbox = { - dependencies = ["actionpack" "activejob" "activerecord" "activestorage" "activesupport" "mail"]; + dependencies = ["actionpack" "activejob" "activerecord" "activestorage" "activesupport" "mail" "net-imap" "net-pop" "net-smtp"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ihayijdgasf0rp10x6h335k3y1hgqr6c9s8lxqmhm4gpczajaac"; + sha256 = "093snb186qdvj1isss0k74ym7kkaq7zwfa5dwmrc0xn8kwhaxbik"; type = "gem"; }; - version = "6.1.7.4"; + version = "7.0.7.2"; }; actionmailer = { - dependencies = ["actionpack" "actionview" "activejob" "activesupport" "mail" "rails-dom-testing"]; + dependencies = ["actionpack" "actionview" "activejob" "activesupport" "mail" "net-imap" "net-pop" "net-smtp" "rails-dom-testing"]; groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "03557cskby5alpncnhgm1j1kq43xqq75sdd6r2x22q3j2jv68pj5"; + sha256 = "180ik1gkwy8lqwg0427k0hlivmz206xa453p5c221hpqk8an340f"; type = "gem"; }; - version = "6.1.7.4"; + version = "7.0.7.2"; }; actionpack = { dependencies = ["actionview" "activesupport" "rack" "rack-test" "rails-dom-testing" "rails-html-sanitizer"]; @@ -38,21 +38,21 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1x7ffyan8sbv4ywjghiyiv077vfxyf6i6y0h4k0mfpdmf76l0i86"; + sha256 = "0qamc5ly521wk9i1658h9jv7avmyyp92kffa1da2fn5zk0wgyhf4"; type = "gem"; }; - version = "6.1.7.4"; + version = "7.0.7.2"; }; actiontext = { - dependencies = ["actionpack" "activerecord" "activestorage" "activesupport" "nokogiri"]; + dependencies = ["actionpack" "activerecord" "activestorage" "activesupport" "globalid" "nokogiri"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0g5gw9ywirw7814wn8cdnnv1df58x5gplgpb15gaw5gzkw9cgvd8"; + sha256 = "0cx0zg6y0w5njl721vqx7bn0kqj5c9zbvingvl5ll20gpyzsp7nj"; type = "gem"; }; - version = "6.1.7.4"; + version = "7.0.7.2"; }; actionview = { dependencies = ["activesupport" "builder" "erubi" "rails-dom-testing" "rails-html-sanitizer"]; @@ -60,10 +60,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0cmzc2c00lsdr5hpmsgs8axs5pbhv5xyqiyi69wf81pqypd2cy3l"; + sha256 = "151zxb61bb6q7g0sn34qz79k8bg02vmb8mmnsn0fr15lxw92dfhm"; type = "gem"; }; - version = "6.1.7.4"; + version = "7.0.7.2"; }; active_model_serializers = { dependencies = ["actionpack" "activemodel" "case_transform" "jsonapi-renderer"]; @@ -82,32 +82,32 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "153z9lmkip3v243xxa5rcc8am82ma73ar46q4vxbmzi850a5yjj2"; + sha256 = "191320166dxiq9a4lwbi1nmlq7phsfi0yr1hg2smprlwsa0vv3kd"; type = "gem"; }; - version = "6.1.7.4"; + version = "7.0.7.2"; }; activemodel = { dependencies = ["activesupport"]; - groups = ["default" "development"]; + groups = ["default" "development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1bpr0zspih2rf2ppzjxaw8sq6gfqg9vss5h0fs4r85p03579swin"; + sha256 = "1crjq1dznlbsrwd5yijxraz1591xmg4vdcwwnmrw4nh6hrwq5fj5"; type = "gem"; }; - version = "6.1.7.4"; + version = "7.0.7.2"; }; activerecord = { dependencies = ["activemodel" "activesupport"]; - groups = ["default" "development"]; + groups = ["default" "development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "06403rkjnyr80yj4g05lb5hn04yfzipa7bm0gplbqrrykr3hvh5r"; + sha256 = "03vrssdqaqm41w27s21r37skdfxa41midvjy37i2zh3rnbnq8ps2"; type = "gem"; }; - version = "6.1.7.4"; + version = "7.0.7.2"; }; activestorage = { dependencies = ["actionpack" "activejob" "activerecord" "activesupport" "marcel" "mini_mime"]; @@ -115,21 +115,21 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "094kvh8bp792xccql54kky8prmvqvfzwwv9xas2pnh8s4v3avbzl"; + sha256 = "1w7l2i0n84axr4da7y381k8y0wa1y3rr3k3zrkhp938ldwk7j7cg"; type = "gem"; }; - version = "6.1.7.4"; + version = "7.0.7.2"; }; activesupport = { - dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo" "zeitwerk"]; + dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo"]; groups = ["default" "development" "pam_authentication" "production" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0s465919p6fcgcsqin8w8hay2m598dvnzks490hbsb0p68sdz69m"; + sha256 = "1vlzcnyqlbchaq85phmdv73ydlc18xpvxy1cbsk191cwd29i7q32"; type = "gem"; }; - version = "6.1.7.4"; + version = "7.0.7.2"; }; addressable = { dependencies = ["public_suffix"]; @@ -137,10 +137,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "15s8van7r2ad3dq6i03l3z4hqnvxcq75a3h72kxvf9an53sqma20"; + sha256 = "05r1fwy487klqkya7vzia8hnklcxy4vr92m9dmni3prfwk6zpw33"; type = "gem"; }; - version = "2.8.4"; + version = "2.8.5"; }; aes_key_wrap = { groups = ["default"]; @@ -240,10 +240,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0plbj6d69j3vi8zwg9q8hkr77b7p7kg8bfqpvv9ghv2zay3igp3v"; + sha256 = "0m2kha6ip4ynhvl1l8z4vg0j96ngq4f2v6jl4j2y27m2kzmgcxz5"; type = "gem"; }; - version = "1.780.0"; + version = "1.809.0"; }; aws-sdk-core = { dependencies = ["aws-eventstream" "aws-partitions" "aws-sigv4" "jmespath"]; @@ -251,10 +251,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1fbbzcszpdjy2yzxfvl5fzgn0jgznkwxvqpb46nxv69gqhv3dpsg"; + sha256 = "0xjw9cf6ldbw50xi5ric8d63r8kybpsvaqxh2v6n7374hfady73i"; type = "gem"; }; - version = "3.175.0"; + version = "3.181.0"; }; aws-sdk-kms = { dependencies = ["aws-sdk-core" "aws-sigv4"]; @@ -262,10 +262,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0dkgcgvif4hjlq5jhixd2hf17pm2pib7p3jxg9g92pybsff9rk7c"; + sha256 = "1zr5w2cjd895abyn7y5gifhq37bxcinssvdx2l1qmlkllbdxbwq0"; type = "gem"; }; - version = "1.67.0"; + version = "1.71.0"; }; aws-sdk-s3 = { dependencies = ["aws-sdk-core" "aws-sdk-kms" "aws-sigv4"]; @@ -273,10 +273,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "17ya49rwjzimqhzsj6vlc4xfvj2sixy04kr4b6ddg3r6y0jrsixi"; + sha256 = "0yymj15nwnvam95lw5fxwxx7b6xm4hkj8z7byzvjmx9aji1x245m"; type = "gem"; }; - version = "1.126.0"; + version = "1.133.0"; }; aws-sigv4 = { dependencies = ["aws-eventstream"]; @@ -284,10 +284,42 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "11hkna2av47bl0yprgp8k4ya70rc3m2ib5w10fn0piplgkkmhz7m"; + sha256 = "0z889c4c1w7wsjm3szg64ay5j51kjl4pdf94nlr1yks2rlanm7na"; type = "gem"; }; - version = "1.5.2"; + version = "1.6.0"; + }; + azure-storage-blob = { + dependencies = ["azure-storage-common" "nokogiri"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0qq3knsy7nj7a0r8m19spg2bgzns9b3j5vjbs9mpg49whhc63dv1"; + type = "gem"; + }; + version = "2.0.3"; + }; + azure-storage-common = { + dependencies = ["faraday" "faraday_middleware" "net-http-persistent" "nokogiri"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0swmsvvpmy8cdcl305p3dl2pi7m3dqjd7zywfcxmhsz0n2m4v3v0"; + type = "gem"; + }; + version = "2.0.4"; + }; + base64 = { + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0cydk9p2cv25qysm0sn2pb97fcpz1isa7n3c8xm1gd99li8x6x8c"; + type = "gem"; + }; + version = "0.1.1"; }; bcrypt = { groups = ["default" "pam_authentication"]; @@ -368,10 +400,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0wzvxpabnjwwjgr9s13965dbdgl3qfvwjbmhimh83p81bm5lsrnw"; + sha256 = "1gliwnyma9f1mpr928c79i36q51yl68dwjd3jgwvsyr4piiiqr1r"; type = "gem"; }; - version = "5.4.1"; + version = "6.0.1"; }; browser = { groups = ["default"]; @@ -443,10 +475,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1iyhs77bff09g18dlz0li5f44khjwpqc09gk5hzcnf5v9yvijpg9"; + sha256 = "05lk7y4qyzadzzshjyhgfgx00ggqliq7n561wkx8m331wljv7kx7"; type = "gem"; }; - version = "1.6.2"; + version = "1.6.3"; }; capistrano-rbenv = { dependencies = ["capistrano" "sshkit"]; @@ -518,10 +550,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1wxq6396814ngwnvwcjkkqm8ji8d7q385gw53kr1dbfihiivlizq"; + sha256 = "0zca6v8i66jkxfdfjnn9xwg21pk95qn4ic8vzfvrx49d6sb8319y"; type = "gem"; }; - version = "7.3.2"; + version = "7.3.4"; }; chunky_png = { groups = ["default"]; @@ -626,6 +658,27 @@ }; version = "1.14.0"; }; + database_cleaner-active_record = { + dependencies = ["activerecord" "database_cleaner-core"]; + groups = ["test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "12hdsqnws9gyc9sxiyc8pjiwr0xa7136m1qbhmd1pk3vsrrvk13k"; + type = "gem"; + }; + version = "2.1.0"; + }; + database_cleaner-core = { + groups = ["default" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0v44bn386ipjjh4m2kl53dal8g4d41xajn2jggnmjbhn6965fil6"; + type = "gem"; + }; + version = "2.0.1"; + }; date = { groups = ["default" "development"]; platforms = []; @@ -680,7 +733,7 @@ version = "9.2.0"; }; diff-lcs = { - groups = ["default" "test"]; + groups = ["default" "development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -863,10 +916,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1i3l58jrcapkp70v3swr0x4s6bj1101920al50wsaaj9dv0vhvm7"; + sha256 = "0ysiqlvyy1351bzx7h92r93a35s32l8giyf9bac6sgr142sh3cnn"; type = "gem"; }; - version = "3.2.0"; + version = "3.2.1"; }; faraday = { dependencies = ["faraday-em_http" "faraday-em_synchrony" "faraday-excon" "faraday-httpclient" "faraday-multipart" "faraday-net_http" "faraday-net_http_persistent" "faraday-patron" "faraday-rack" "faraday-retry" "ruby2_keywords"]; @@ -980,6 +1033,17 @@ }; version = "1.0.3"; }; + faraday_middleware = { + dependencies = ["faraday"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1bw8mfh4yin2xk7138rg3fhb2p5g2dlmdma88k82psah9mbmvlfy"; + type = "gem"; + }; + version = "1.2.0"; + }; fast_blank = { groups = ["default"]; platforms = []; @@ -1103,10 +1167,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1vcr5wcvfbsq91302playk3i98wdisspkybcmajl04agv4k8xr68"; + sha256 = "154svzqlkdq7gslv3p8mfih28gbw4gsj4pd8wr1wpwz6nyzmhh8m"; type = "gem"; }; - version = "6.1.1"; + version = "6.1.2"; }; haml-rails = { dependencies = ["actionpack" "activesupport" "haml" "railties"]; @@ -1125,10 +1189,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1yz5g7ffyv99vd9x3yj64ba4zv2bd71gmgrf60a3kc8m1cvc1z5p"; + sha256 = "1qics7sll6yw7fm499q4b1frfr5f3gav94ach0fwy49zprl9yk33"; type = "gem"; }; - version = "0.45.0"; + version = "0.50.0"; }; hashdiff = { groups = ["default" "test"]; @@ -1454,6 +1518,16 @@ }; version = "7.2.0"; }; + language_server-protocol = { + groups = ["default" "development"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0gvb1j8xsqxms9mww01rmdl78zkd72zgxaap56bhv8j45z05hp1x"; + type = "gem"; + }; + version = "3.17.0.3"; + }; launchy = { dependencies = ["addressable"]; groups = ["default" "development"]; @@ -1514,10 +1588,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "15pjm9pa5m3mbv9xvfgfr16q4jyaznsg8y63jz9x4jqr8npw0vx3"; + sha256 = "01kdw5dbzimb89rq4zf44zf8990czb5qxvib0hzja1l4hrha8cki"; type = "gem"; }; - version = "0.12.0"; + version = "0.13.0"; }; loofah = { dependencies = ["crass" "nokogiri"]; @@ -1541,17 +1615,6 @@ }; version = "2.8.1"; }; - makara = { - dependencies = ["activerecord"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0a6x6w1ij484s1z0wp667d6v0zb8bylhhr3av10yz60a2nz4r1l7"; - type = "gem"; - }; - version = "0.5.1"; - }; marcel = { groups = ["default"]; platforms = []; @@ -1583,8 +1646,19 @@ }; version = "0.4.2"; }; + md-paperclip-azure = { + dependencies = ["addressable" "azure-storage-blob" "hashie"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1hb1a06x3i8zrhl715jf46ha8r4iy0srcpdhnmp9l14qnnhzn0l5"; + type = "gem"; + }; + version = "2.2.0"; + }; memory_profiler = { - groups = ["development"]; + groups = ["development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -1609,50 +1683,50 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ipw892jbksbxxcrlx9g5ljq60qx47pm24ywgfbyjskbcl78pkvb"; + sha256 = "0q8d881k1b3rbsfcdi3fx0b5vpdr5wcrhn88r2d9j7zjdkxp5mw5"; type = "gem"; }; - version = "3.4.1"; + version = "3.5.1"; }; mime-types-data = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1pky3vzaxlgm9gw5wlqwwi7wsw3jrglrfflrppvvnsrlaiz043z9"; + sha256 = "17zdim7kzrh5j8c97vjqp4xp78wbyz7smdp4hi5iyzk0s9imdn5a"; type = "gem"; }; - version = "3.2023.0218.1"; + version = "3.2023.0808"; }; mini_mime = { groups = ["default" "development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0lbim375gw2dk6383qirz13hgdmxlan0vc5da2l072j3qw6fqjm5"; + sha256 = "1vycif7pjzkr29mfk4dlqv3disc5dn0va04lkwajlpr1wkibg0c6"; type = "gem"; }; - version = "1.1.2"; + version = "1.1.5"; }; mini_portile2 = { groups = ["default" "development" "pam_authentication" "production" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0z7f38iq37h376n9xbl4gajdrnwzq284c9v1py4imw3gri2d5cj6"; + sha256 = "02mj8mpd6ck5gpcnsimx5brzggw5h5mmmpq2djdypfq16wcw82qq"; type = "gem"; }; - version = "2.8.2"; + version = "2.8.4"; }; minitest = { groups = ["default" "development" "pam_authentication" "production" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1kg9wh7jlc9zsr3hkhpzkbn0ynf4np5ap9m2d8xdrb8shy0y6pmb"; + sha256 = "0jnpsbb2dbcs95p4is4431l2pw1l5pn7dfg3vkgb4ga464j0c5l6"; type = "gem"; }; - version = "5.18.1"; + version = "5.19.0"; }; msgpack = { groups = ["default"]; @@ -1695,16 +1769,27 @@ }; version = "0.3.2"; }; + net-http-persistent = { + dependencies = ["connection_pool"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0i1as2lgnw7b4jid0gw5glv5hnxz36nmfsbr9rmxbcap72ijgy03"; + type = "gem"; + }; + version = "4.0.2"; + }; net-imap = { dependencies = ["date" "net-protocol"]; groups = ["default" "development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1k1qyjr9lkk5y3483k6wk6d9h1jx4v5hzby1mf0pj3b4kr2arxbm"; + sha256 = "0lf7wqg7czhaj51qsnmn28j7jmcxhkh3m28rl1cjrqsgjxhwj7r3"; type = "gem"; }; - version = "0.3.6"; + version = "0.3.7"; }; net-ldap = { groups = ["default"]; @@ -1786,40 +1871,55 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1jw8a20a9k05fpz3q24im19b97idss3179z76yn5scc5b8lk2rl7"; + sha256 = "0k9w2z0953mnjrsji74cshqqp08q7m1r6zhadw1w0g34xzjh3a74"; type = "gem"; }; - version = "1.15.3"; + version = "1.15.4"; + }; + nsa = { + dependencies = ["activesupport" "concurrent-ruby" "sidekiq" "statsd-ruby"]; + groups = ["default"]; + platforms = []; + source = { + fetchSubmodules = false; + rev = "e020fcc3a54d993ab45b7194d89ab720296c111b"; + sha256 = "18pbm9qkancy38v0gpb6f5k0xd8r347jl4xvj4jn98ihfhzgwygj"; + type = "git"; + url = "https://github.com/jhawthorn/nsa.git"; + }; + version = "0.2.8"; }; oj = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1s6ipcar6sgwipnc577d4x80ypq2s35k9142jn3l89lh53888mmg"; + sha256 = "0m4vsd6i093kmyz9gckvzpnws997laldaiaf86hg5lza1ir82x7n"; type = "gem"; }; - version = "3.15.0"; + version = "3.16.1"; }; omniauth = { - dependencies = ["hashie" "rack"]; + dependencies = ["hashie" "rack" "rack-protection"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1jn9j54l5h7xcba2vjq74l1dk0xrwvsjxam4qhylpi52nw0h5502"; + sha256 = "15xjsxis357np7dy1lak39x1n8g8wxljb08wplw5i4gxi743zr7j"; type = "gem"; }; - version = "1.9.2"; + version = "2.1.1"; }; omniauth-cas = { dependencies = ["addressable" "nokogiri" "omniauth"]; groups = ["default"]; platforms = []; source = { - remotes = ["https://rubygems.org"]; - sha256 = "0kzlh1nac4yz70917cdcsk0r23gy5h7i0x5kbmkvkpbgk6gvrb0z"; - type = "gem"; + fetchSubmodules = false; + rev = "4211e6d05941b4a981f9a36b49ec166cecd0e271"; + sha256 = "1zs0xp062f6wk7xxy8w81838qr855kp7idbgpbrhpl319xzc1xkc"; + type = "git"; + url = "https://github.com/stanhu/omniauth-cas.git"; }; version = "2.0.0"; }; @@ -1829,10 +1929,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xgkxwg17w39q3yjqcj0fm6hdkw37qm1l82dvm9zxn6q2pbzm2zv"; + sha256 = "1kwswnkyl8ym6i4wv65qh3qchqbf2n0c6lbhfgbvkds3gpmnlm7w"; type = "gem"; }; - version = "0.1.2"; + version = "1.0.1"; }; omniauth-saml = { dependencies = ["omniauth" "ruby-saml"]; @@ -1840,10 +1940,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0gxl14lbksnjkl8dfn23lsjkk63md77icm5racrh6fsp5n4ni9d4"; + sha256 = "01k9rkg97npcgm8r4x3ja8y20hsg4zy0dcjpzafx148q4yxbg74n"; type = "gem"; }; - version = "1.10.3"; + version = "2.1.0"; }; omniauth_openid_connect = { dependencies = ["omniauth" "openid_connect"]; @@ -1903,10 +2003,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0i1qq88cwh9pccg59whg50rpkgdfrijn4q6k5p3clwrjqgm56lrd"; + sha256 = "1yq0h1niimm8z6z8p1yxb104kxqw69bvbrax84598zfjxifcxhxz"; type = "gem"; }; - version = "2.14.16"; + version = "2.14.17"; }; parallel = { groups = ["default" "development"]; @@ -1955,10 +2055,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1zcvxmfa8hxkhpp59fhxyxy1arp70f11zi1jh9c7bsdfspifb7kb"; + sha256 = "0pfj771p5a29yyyw58qacks464sl86d5m3jxjl5rlqqw2m3v5xq4"; type = "gem"; }; - version = "1.5.3"; + version = "1.5.4"; }; pghero = { dependencies = ["activerecord"]; @@ -2018,10 +2118,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0hz0bx2qs2pwb0bwazzsah03ilpf3aai8b7lk7s35jsfzwbkjq35"; + sha256 = "0n9j7mczl15r3kwqrah09cxj8hxdfawiqxa60kga2bmxl9flfz9k"; type = "gem"; }; - version = "5.0.1"; + version = "5.0.3"; }; puma = { dependencies = ["nio4r"]; @@ -2029,10 +2129,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1v7fmv0n4bhdcwh60dgza44iqai5pg34f5pzm4vh4i5fwx7mpqxh"; + sha256 = "1x4dwx2shx0p7lsms97r85r7ji7zv57bjy3i1kmcpxc8bxvrr67c"; type = "gem"; }; - version = "6.3.0"; + version = "6.3.1"; }; pundit = { dependencies = ["activesupport"]; @@ -2070,10 +2170,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "16w217k9z02c4hqizym8dkj6bqmmzx4qdvqpnskgzf174a5pwdxk"; + sha256 = "15rdwbyk71c9nxvd527bvb8jxkcys8r3dj3vqra5b3sa63qs30vv"; type = "gem"; }; - version = "2.2.7"; + version = "2.2.8"; }; rack-attack = { dependencies = ["rack"]; @@ -2081,10 +2181,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "049s3y3dpl6dn478g912y6f9nzclnnkl30psrbc2w5kaihj5szhq"; + sha256 = "0z6pj5vjgl6swq7a33gssf795k958mss8gpmdb4v4cydcs7px91w"; type = "gem"; }; - version = "6.6.1"; + version = "6.7.0"; }; rack-cors = { dependencies = ["rack"]; @@ -2108,6 +2208,17 @@ }; version = "1.21.3"; }; + rack-protection = { + dependencies = ["rack"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1a12m1mv8dc0g90fs1myvis8vsgr427k1arg1q4a9qlfw6fqyhis"; + type = "gem"; + }; + version = "3.0.5"; + }; rack-proxy = { dependencies = ["rack"]; groups = ["default"]; @@ -2131,15 +2242,15 @@ version = "2.1.0"; }; rails = { - dependencies = ["actioncable" "actionmailbox" "actionmailer" "actionpack" "actiontext" "actionview" "activejob" "activemodel" "activerecord" "activestorage" "activesupport" "railties" "sprockets-rails"]; + dependencies = ["actioncable" "actionmailbox" "actionmailer" "actionpack" "actiontext" "actionview" "activejob" "activemodel" "activerecord" "activestorage" "activesupport" "railties"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "17ympjpkhz06xqsay18hskpbs64nh05hzrsckx8va6ikrxhs2ksq"; + sha256 = "0pxi3psfl4kpgjf6bhch1albjy9knn9c2s6sammy9lyckhh7akhq"; type = "gem"; }; - version = "6.1.7.4"; + version = "7.0.7.2"; }; rails-controller-testing = { dependencies = ["actionpack" "actionview" "activesupport"]; @@ -2153,15 +2264,15 @@ version = "1.0.5"; }; rails-dom-testing = { - dependencies = ["activesupport" "nokogiri"]; + dependencies = ["activesupport" "minitest" "nokogiri"]; groups = ["default" "development" "pam_authentication" "production" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1lfq2a7kp2x64dzzi5p4cjcbiv62vxh9lyqk2f0rqq3fkzrw8h5i"; + sha256 = "17g05y7q7934z0ib4aph8h71c2qwjmlakkm7nb2ab45q0aqkfgjd"; type = "gem"; }; - version = "2.0.3"; + version = "2.1.1"; }; rails-html-sanitizer = { dependencies = ["loofah" "nokogiri"]; @@ -2180,10 +2291,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "05mcgv748vppnm3fnml37wjy3dw61wj8vfw14ldaj1yx1bmkhb07"; + sha256 = "1bbh5gsw46djmrgddwaq3wsjmj9rsh5dk13wkclwxf1rg9jpkn3g"; type = "gem"; }; - version = "6.0.0"; + version = "7.0.7"; }; rails-settings-cached = { dependencies = ["rails"]; @@ -2199,15 +2310,15 @@ version = "0.6.6"; }; railties = { - dependencies = ["actionpack" "activesupport" "method_source" "rake" "thor"]; + dependencies = ["actionpack" "activesupport" "method_source" "rake" "thor" "zeitwerk"]; groups = ["default" "development" "pam_authentication" "production" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0g92if3cxxysl9h6x6ibs7y9dsbcniiwgcldvg00kib02b3pxkbb"; + sha256 = "01pdn9sn7kawwrvrbr3vz44j287xbka8mm7nrv9cl510y8gzxi2x"; type = "gem"; }; - version = "6.1.7.4"; + version = "7.0.7.2"; }; rainbow = { groups = ["default" "development"]; @@ -2246,10 +2357,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1rn9j5skl04403b5sxhpq2j9m9k7vl0wjwvycs6piknn7ahrfxh9"; + sha256 = "12slrdq6xch5rqj1m79k1wv09264pmhs76nm300j1jsjpcfmdg0r"; type = "gem"; }; - version = "0.6.0"; + version = "0.6.1"; }; redcarpet = { groups = ["default"]; @@ -2330,10 +2441,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08ximcyfjy94pm1rhcx04ny1vx2sk0x4y185gzn86yfsbzwkng53"; + sha256 = "05i8518ay14kjbma550mv0jm8a6di8yp5phzrd8rj44z9qnrlrp0"; type = "gem"; }; - version = "3.2.5"; + version = "3.2.6"; }; rotp = { groups = ["default"]; @@ -2388,7 +2499,7 @@ }; rspec-core = { dependencies = ["rspec-support"]; - groups = ["default" "test"]; + groups = ["default" "development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -2399,7 +2510,7 @@ }; rspec-expectations = { dependencies = ["diff-lcs" "rspec-support"]; - groups = ["default" "test"]; + groups = ["default" "development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -2410,7 +2521,7 @@ }; rspec-mocks = { dependencies = ["diff-lcs" "rspec-support"]; - groups = ["default" "test"]; + groups = ["default" "development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -2421,7 +2532,7 @@ }; rspec-rails = { dependencies = ["actionpack" "activesupport" "railties" "rspec-core" "rspec-expectations" "rspec-mocks" "rspec-support"]; - groups = ["test"]; + groups = ["development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -2431,25 +2542,25 @@ version = "6.0.3"; }; rspec-sidekiq = { - dependencies = ["rspec-core" "sidekiq"]; + dependencies = ["rspec-core" "rspec-expectations" "rspec-mocks" "sidekiq"]; groups = ["test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1spzw3sc2p0n9qfb89y1v8igd60y7c5z9w2hjqqbbgbyjvy0agp8"; + sha256 = "0dijmcwjn8k6lrld3yqbqfrqb5g73l57yx98y5frx54p5qxjzbzy"; type = "gem"; }; - version = "3.1.0"; + version = "4.0.1"; }; rspec-support = { - groups = ["default" "test"]; + groups = ["default" "development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "12y52zwwb3xr7h91dy9k3ndmyyhr3mjcayk0nnarnrzz8yr48kfx"; + sha256 = "1ky86j3ksi26ng9ybd7j0qsdf1lpr8mzrmn98yy9gzv801fvhsgr"; type = "gem"; }; - version = "3.12.0"; + version = "3.12.1"; }; rspec_chunked = { groups = ["test"]; @@ -2462,15 +2573,15 @@ version = "0.6"; }; rubocop = { - dependencies = ["json" "parallel" "parser" "rainbow" "regexp_parser" "rexml" "rubocop-ast" "ruby-progressbar" "unicode-display_width"]; + dependencies = ["base64" "json" "language_server-protocol" "parallel" "parser" "rainbow" "regexp_parser" "rexml" "rubocop-ast" "ruby-progressbar" "unicode-display_width"]; groups = ["development"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0bxc1p7bwh8dlmcvh6ns239sp9v8j46vw4h450ag8wa7bh1ii1wh"; + sha256 = "1hr8g9pqw3w87a83kqcxpayrx4jmsziharrg4vqw0gr9kksx2dfv"; type = "gem"; }; - version = "1.52.1"; + version = "1.56.2"; }; rubocop-ast = { dependencies = ["parser"]; @@ -2511,10 +2622,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0bp02784v0qm8qcswi169s0ar6216rwk516v3idzpbxznpqp97ac"; + sha256 = "1v3a2g3wk3aqa0k0zzla10qkxlc625zkj3yf4zcsybs86r5bm4xn"; type = "gem"; }; - version = "1.18.0"; + version = "1.19.0"; }; rubocop-rails = { dependencies = ["activesupport" "rack" "rubocop"]; @@ -2522,10 +2633,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0j6dn8pz70bngx6van8yzsimpdd93gm7c8lr93wz1j4ahm6q4hn9"; + sha256 = "05r46ds0dm44fb4p67hbz721zck8mdwblzssz2y25yh075hvs36j"; type = "gem"; }; - version = "2.19.1"; + version = "2.20.2"; }; rubocop-rspec = { dependencies = ["rubocop" "rubocop-capybara" "rubocop-factory_bot"]; @@ -2533,10 +2644,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "00rsflhijcr0q838fgbdmk7knm5kcjpimn6x0k9qmiw15hi96x1d"; + sha256 = "0ylwy4afnxhbrvlaf8an9nrizj78axnzggiyfcp8v531cv8six5f"; type = "gem"; }; - version = "2.22.0"; + version = "2.23.2"; + }; + ruby-prof = { + groups = ["development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "13fsfw43zx9pcix1fzxb95g09yadqjvc8971k74krrjz81vbyh51"; + type = "gem"; + }; + version = "1.6.3"; }; ruby-progressbar = { groups = ["default" "development" "test"]; @@ -2570,7 +2691,7 @@ version = "0.0.5"; }; rubyzip = { - groups = ["default"]; + groups = ["default" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -2623,6 +2744,17 @@ }; version = "1.7.0"; }; + selenium-webdriver = { + dependencies = ["rexml" "rubyzip" "websocket"]; + groups = ["test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ws0mh230l1pvyxcrlcr48w01alfhprjs1jbd8yrn463drsr2yac"; + type = "gem"; + }; + version = "4.11.0"; + }; semantic_range = { groups = ["default"]; platforms = []; @@ -2768,13 +2900,13 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1y6w2qkwg0ygn85x0afscnj0dv8iwkvm153zjclvwafkm6g0pknk"; + sha256 = "14a717mr2cmpgld5fcdd124cvlc5b634f96rhwlnmmc4m8bbkcp9"; type = "gem"; }; - version = "1.21.4"; + version = "1.21.5"; }; stackprof = { - groups = ["development"]; + groups = ["development" "test"]; platforms = []; source = { remotes = ["https://rubygems.org"]; @@ -2783,16 +2915,26 @@ }; version = "0.2.25"; }; + statsd-ruby = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "028136c463nbravckxb1qi5c5nnv9r6vh2cyhiry423lac4xz79n"; + type = "gem"; + }; + version = "1.5.0"; + }; stoplight = { dependencies = ["redlock"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0rmhhqvvrn7874r9cjf4wpv36vnxvxsrgb1kfgdk3dalg4rig7q6"; + sha256 = "1vhqx7q8qpq3x9ba504n7bp0r9dxcck0r0hd73cac2iqkix6khlv"; type = "gem"; }; - version = "3.0.1"; + version = "3.0.2"; }; strong_migrations = { dependencies = ["activerecord"]; @@ -2858,6 +3000,16 @@ }; version = "0.6.0"; }; + test-prof = { + groups = ["development" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "08j5456rdpgxvv8bs44x81jrxzpxb79wxfxdq4fqwxyircxzi2jj"; + type = "gem"; + }; + version = "1.2.2"; + }; thor = { groups = ["default" "development" "pam_authentication" "production" "test"]; platforms = []; @@ -2883,10 +3035,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1pfddf51n5fnj4f9ggwj3wbf23ynj0nbxlxqpz12y1gvl9g7d6r6"; + sha256 = "1d9cvm0f4zdpwa795v3zv4973y5zk59j7s1x3yn90jjrhcz1yvfd"; type = "gem"; }; - version = "0.3.2"; + version = "0.4.0"; }; tpm-key_attestation = { dependencies = ["bindata" "openssl" "openssl-signature_algorithm"]; @@ -3086,10 +3238,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1myj44wvbbqvv18ragv3ihl0h61acgnfwrnj3lccdgp49bgmbjal"; + sha256 = "0vfispr7wd2p1fs9ckn1qnby1yyp4i1dl7qz8n482iw977iyxrza"; type = "gem"; }; - version = "3.18.1"; + version = "3.19.1"; }; webpacker = { dependencies = ["activesupport" "rack-proxy" "railties" "semantic_range"]; @@ -3115,16 +3267,26 @@ }; version = "0.3.8"; }; + websocket = { + groups = ["default" "test"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0dib6p55sl606qb4vpwrvj5wh881kk4aqn2zpfapf8ckx7g14jw8"; + type = "gem"; + }; + version = "1.2.9"; + }; websocket-driver = { dependencies = ["websocket-extensions"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0a3bwxd9v3ghrxzjc4vxmf4xa18c6m4xqy5wb0yk5c6b9psc7052"; + sha256 = "1nyh873w4lvahcl8kzbjfca26656d5c6z3md4sbqg5y1gfz0157n"; type = "gem"; }; - version = "0.7.5"; + version = "0.7.6"; }; websocket-extensions = { groups = ["default"]; @@ -3172,10 +3334,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ck6bj7wa73dkdh13735jl06k6cfny98glxjkas82aivlmyzqqbk"; + sha256 = "1mwdd445w63khz13hpv17m2br5xngyjl3jdj08xizjbm78i2zrxd"; type = "gem"; }; - version = "2.6.8"; + version = "2.6.11"; }; } diff --git a/nixos/pkgs/glitch-soc/source.nix b/nixos/pkgs/glitch-soc/source.nix index 07ddd948..cf57d443 100644 --- a/nixos/pkgs/glitch-soc/source.nix +++ b/nixos/pkgs/glitch-soc/source.nix @@ -2,8 +2,8 @@ { fetchgit, applyPatches }: let src = fetchgit { url = "https://github.com/glitch-soc/mastodon.git"; - rev = "a40529fa79c6882eb1929014e5f9324d8e81ae49"; - sha256 = "0xppgbbms9a856w9h3pdzv4cxf4rgcg1wrxy8pmfmbf4cvjxkgpx"; + rev = "a1df9fdb06854bd55f018918236132ccfa7d9d84"; + sha256 = "0amqiigq3qgag6qm119aaysmd2k93vwgr1aynxjxmbpn35ykcay3"; }; in applyPatches { inherit src; diff --git a/nixos/pkgs/glitch-soc/version.nix b/nixos/pkgs/glitch-soc/version.nix index 6ee44f9e..2d0483ea 100644 --- a/nixos/pkgs/glitch-soc/version.nix +++ b/nixos/pkgs/glitch-soc/version.nix @@ -1 +1 @@ -"4.1.4" +"4.1.7" -- 2.47.1 From a4704cb2be1259f00e9859cec975ccd9db26c5ca Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 14 Sep 2023 14:00:27 +0000 Subject: [PATCH 1798/1882] chore(deps): update renovate/renovate docker tag to v36.93.7 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 33f37ce9..cae33349 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.89.0 + image: renovate/renovate:36.93.7 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 58605df1b7e101e0adf2e267df319c4665fd3d0d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 13 Sep 2023 14:00:24 +0000 Subject: [PATCH 1799/1882] chore(deps): update flaresolverr/flaresolverr docker tag to v3.3.5 --- nixos/hosts/hades/overseerr/prowlarr.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/overseerr/prowlarr.nix b/nixos/hosts/hades/overseerr/prowlarr.nix index b03255ae..d56c8b2f 100644 --- a/nixos/hosts/hades/overseerr/prowlarr.nix +++ b/nixos/hosts/hades/overseerr/prowlarr.nix @@ -5,7 +5,7 @@ _: { }; virtualisation.oci-containers.containers.flaresolverr = { - image = "flaresolverr/flaresolverr:v3.3.4"; + image = "flaresolverr/flaresolverr:v3.3.5"; ports = [ "8191:8191" ]; }; } -- 2.47.1 From 218234162f2b877e54b0707c53e9143e57c8f933 Mon Sep 17 00:00:00 2001 From: Forgejo Actions Bot <> Date: Fri, 15 Sep 2023 09:39:48 +0000 Subject: [PATCH 1800/1882] Update Plex --- nixos/pkgs/plex-pass/sources.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/nixos/pkgs/plex-pass/sources.json b/nixos/pkgs/plex-pass/sources.json index 6851d7ee..3cc228f8 100644 --- a/nixos/pkgs/plex-pass/sources.json +++ b/nixos/pkgs/plex-pass/sources.json @@ -1,14 +1,14 @@ [ { - "version": "1.32.6.7468", + "version": "1.32.7.7484", "platform": "aarch64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.6.7468-07e0d4a7e/debian/plexmediaserver_1.32.6.7468-07e0d4a7e_arm64.deb", - "hash": "01sdhm307zsnsj893qch9h2yc07y7yijz5j0y4p223v29picr3h6" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.7.7484-337c79318/debian/plexmediaserver_1.32.7.7484-337c79318_arm64.deb", + "hash": "17z01x0j27gcdjx5z2yzsdrybji173xsmdrc5sn88f0d4hsr1467" }, { - "version": "1.32.6.7468", + "version": "1.32.7.7484", "platform": "x86_64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.6.7468-07e0d4a7e/debian/plexmediaserver_1.32.6.7468-07e0d4a7e_amd64.deb", - "hash": "066hfidm25830xljj3ygq6vr142v2n4z3w94wnxfhxv2mx5fxall" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.7.7484-337c79318/debian/plexmediaserver_1.32.7.7484-337c79318_amd64.deb", + "hash": "1xdxpbid6qkblmmy8x3i5nnfanhn0id7mcjm5vh4vrf1zgfg40iw" } ] -- 2.47.1 From 16d9d60815177c859f31cd842b2353231537b8ce Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 15 Sep 2023 17:44:33 +0200 Subject: [PATCH 1801/1882] updates --- flake.lock | 60 +++++++++++++++++++++++++++--------------------------- 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/flake.lock b/flake.lock index 570889db..66dad857 100644 --- a/flake.lock +++ b/flake.lock @@ -131,11 +131,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1690833717, - "narHash": "sha256-67x6G8cl0lGhI4+EUSRNG/N1VAvqDDWdp4pUVfWwPLc=", + "lastModified": 1694469372, + "narHash": "sha256-cgBpiixX562pyAaXzWgDWxxZnV1a+D3N9qjqb9Dt1no=", "owner": "nix-community", "repo": "comma", - "rev": "da2e97c626109f37c6931222c0f7dd5444f4dc06", + "rev": "4c06de761a390f57fdf98fb0461e3089ec5c1a8a", "type": "github" }, "original": { @@ -698,11 +698,11 @@ ] }, "locked": { - "lastModified": 1694134858, - "narHash": "sha256-fG/ESauOGmiojKlpJG8gB62dJa5Wd+ZIuiDMKK/HD3g=", + "lastModified": 1694643239, + "narHash": "sha256-pv2k/5FvyirDE8g4TNehzwZ0T4UOMMmqWSQnM/luRtE=", "owner": "nix-community", "repo": "home-manager", - "rev": "19c6a4081b14443420358262f8416149bd79561a", + "rev": "d9b88b43524db1591fb3d9410a21428198d75d49", "type": "github" }, "original": { @@ -724,11 +724,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1692972892, - "narHash": "sha256-ifDTnczs4c/v73LKQdmoGYO81JmysKTlR5ZUH5cr+cE=", + "lastModified": 1694697985, + "narHash": "sha256-tAa0pyDOazvMfEjDhajcyLadu5a3euSMzzwia37J8x8=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "6d6cdf59b9d1ca6a2732c57e40f7cbd0f1eb1755", + "rev": "7f92dd1e7b0ff92c65856cd9015f651c151f0229", "type": "github" }, "original": { @@ -909,11 +909,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1693718952, - "narHash": "sha256-+nGdJlgTk0MPN7NygopipmyylVuAVi7OItIwTlwtGnw=", + "lastModified": 1694710316, + "narHash": "sha256-uRh46iIC86D8BD1wCDA5gRrt+hslUXiD0kx/UjnjBcs=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "793de77d9f83418b428e8ba70d1e42c6507d0d35", + "rev": "570256327eb6ca6f7bebe8d93af49459092a0c43", "type": "github" }, "original": { @@ -1100,11 +1100,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1694254102, - "narHash": "sha256-oM2qC5TyeM1zZE3BQnOodg31a2u/G5DF/Yx02UJRGfc=", + "lastModified": 1694669921, + "narHash": "sha256-6ESpJ6FsftHV96JO/zn6je07tyV2dlLR7SdLsmkegTY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4a76638020344ae8a9f061856431182179ab0d28", + "rev": "f2ea252d23ebc9a5336bf6a61e0644921f64e67c", "type": "github" }, "original": { @@ -1115,11 +1115,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1693985761, - "narHash": "sha256-K5b+7j7Tt3+AqbWkcw+wMeqOAWyCD1MH26FPZyWXpdo=", + "lastModified": 1694183432, + "narHash": "sha256-YyPGNapgZNNj51ylQMw9lAgvxtM2ai1HZVUu3GS8Fng=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0bffda19b8af722f8069d09d8b6a24594c80b352", + "rev": "db9208ab987cdeeedf78ad9b4cf3c55f5ebd269b", "type": "github" }, "original": { @@ -1193,11 +1193,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1694048570, - "narHash": "sha256-PEQptwFCVaJ+jLFJgrZll2shQ9VI/7xVhrCYkJo8iIw=", + "lastModified": 1694499547, + "narHash": "sha256-R7xMz1Iia6JthWRHDn36s/E248WB1/je62ovC/dUVKI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4f77ea639305f1de0a14d9d41eef83313360638c", + "rev": "e5f018cf150e29aac26c61dac0790ea023c46b24", "type": "github" }, "original": { @@ -1214,11 +1214,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1694274712, - "narHash": "sha256-XoqfgaqzvS9FS2Ci2NXEPkuY5Shc3Z4RACEeJrWDSsI=", + "lastModified": 1694341786, + "narHash": "sha256-7xp0lZ0Ihx1f9WLYxOWP73PlM0HOa0Wrp3/iF7D++zc=", "owner": "pta2002", "repo": "nixvim", - "rev": "6efbb5353c08e6bcee24f3ed7314e51767a52d9e", + "rev": "9e6892e8391a5bcc3727802b6a9fb2b9b52537df", "type": "github" }, "original": { @@ -1229,11 +1229,11 @@ }, "nur": { "locked": { - "lastModified": 1694270448, - "narHash": "sha256-3o8OvyMAgFeyFG/nZl5EK1n24kiGc3Q0ZZZAYRDAe/I=", + "lastModified": 1694778311, + "narHash": "sha256-Hu5U9pXwMqUjWF7uh4SKqdKy1QMy9RVGxmst11srSgA=", "owner": "nix-community", "repo": "NUR", - "rev": "b944476b030a89bc4ca83a10944476afa5ea5548", + "rev": "7a673ac1f35648a908730206a2793b0e3818bc25", "type": "github" }, "original": { @@ -1482,11 +1482,11 @@ ] }, "locked": { - "lastModified": 1689906077, - "narHash": "sha256-2tjLXKoSK7O0LYHlA6GCWL0gy2kZZno4krg+KZpDh6U=", + "lastModified": 1694657451, + "narHash": "sha256-cRZa9ZmUi0EFKcmzpsOXLVhiMQD8XLrku8v+U1YiGm8=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "c88b28944129eeff5e819bdc21248dc07eb0625d", + "rev": "7c4f46f0b3597e3c4663285e6794194e55574879", "type": "github" }, "original": { -- 2.47.1 From 869bc9205d40f2df0aafad59a0235534b53c0abd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 21 Sep 2023 22:00:32 +0000 Subject: [PATCH 1802/1882] chore(deps): update helm release external-secrets to v0.9.5 --- flux/olympus/core/external-secrets/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/core/external-secrets/helm-release.yaml b/flux/olympus/core/external-secrets/helm-release.yaml index 5812d6f1..7fa3995e 100644 --- a/flux/olympus/core/external-secrets/helm-release.yaml +++ b/flux/olympus/core/external-secrets/helm-release.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: external-secrets - version: 0.9.4 + version: 0.9.5 interval: 30m sourceRef: kind: HelmRepository -- 2.47.1 From f3c9d78d0465bf53cffcf3b9849c5138f9505b18 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 25 Sep 2023 10:30:29 +0200 Subject: [PATCH 1803/1882] local changes --- flake.lock | 60 ++++++++++---------- nixos/common/desktop/home.nix | 2 +- nixos/common/hm-modules/vscode.nix | 1 + nixos/hosts/thalassa/aoife/configuration.nix | 4 ++ nixos/hosts/thalassa/aoife/home/default.nix | 7 ++- 5 files changed, 42 insertions(+), 32 deletions(-) diff --git a/flake.lock b/flake.lock index 570889db..164eca27 100644 --- a/flake.lock +++ b/flake.lock @@ -131,11 +131,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1690833717, - "narHash": "sha256-67x6G8cl0lGhI4+EUSRNG/N1VAvqDDWdp4pUVfWwPLc=", + "lastModified": 1694469372, + "narHash": "sha256-cgBpiixX562pyAaXzWgDWxxZnV1a+D3N9qjqb9Dt1no=", "owner": "nix-community", "repo": "comma", - "rev": "da2e97c626109f37c6931222c0f7dd5444f4dc06", + "rev": "4c06de761a390f57fdf98fb0461e3089ec5c1a8a", "type": "github" }, "original": { @@ -698,11 +698,11 @@ ] }, "locked": { - "lastModified": 1694134858, - "narHash": "sha256-fG/ESauOGmiojKlpJG8gB62dJa5Wd+ZIuiDMKK/HD3g=", + "lastModified": 1694643239, + "narHash": "sha256-pv2k/5FvyirDE8g4TNehzwZ0T4UOMMmqWSQnM/luRtE=", "owner": "nix-community", "repo": "home-manager", - "rev": "19c6a4081b14443420358262f8416149bd79561a", + "rev": "d9b88b43524db1591fb3d9410a21428198d75d49", "type": "github" }, "original": { @@ -724,11 +724,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1692972892, - "narHash": "sha256-ifDTnczs4c/v73LKQdmoGYO81JmysKTlR5ZUH5cr+cE=", + "lastModified": 1694697985, + "narHash": "sha256-tAa0pyDOazvMfEjDhajcyLadu5a3euSMzzwia37J8x8=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "6d6cdf59b9d1ca6a2732c57e40f7cbd0f1eb1755", + "rev": "7f92dd1e7b0ff92c65856cd9015f651c151f0229", "type": "github" }, "original": { @@ -909,11 +909,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1693718952, - "narHash": "sha256-+nGdJlgTk0MPN7NygopipmyylVuAVi7OItIwTlwtGnw=", + "lastModified": 1694710316, + "narHash": "sha256-uRh46iIC86D8BD1wCDA5gRrt+hslUXiD0kx/UjnjBcs=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "793de77d9f83418b428e8ba70d1e42c6507d0d35", + "rev": "570256327eb6ca6f7bebe8d93af49459092a0c43", "type": "github" }, "original": { @@ -1100,11 +1100,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1694254102, - "narHash": "sha256-oM2qC5TyeM1zZE3BQnOodg31a2u/G5DF/Yx02UJRGfc=", + "lastModified": 1694669921, + "narHash": "sha256-6ESpJ6FsftHV96JO/zn6je07tyV2dlLR7SdLsmkegTY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4a76638020344ae8a9f061856431182179ab0d28", + "rev": "f2ea252d23ebc9a5336bf6a61e0644921f64e67c", "type": "github" }, "original": { @@ -1115,11 +1115,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1693985761, - "narHash": "sha256-K5b+7j7Tt3+AqbWkcw+wMeqOAWyCD1MH26FPZyWXpdo=", + "lastModified": 1694183432, + "narHash": "sha256-YyPGNapgZNNj51ylQMw9lAgvxtM2ai1HZVUu3GS8Fng=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0bffda19b8af722f8069d09d8b6a24594c80b352", + "rev": "db9208ab987cdeeedf78ad9b4cf3c55f5ebd269b", "type": "github" }, "original": { @@ -1193,11 +1193,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1694048570, - "narHash": "sha256-PEQptwFCVaJ+jLFJgrZll2shQ9VI/7xVhrCYkJo8iIw=", + "lastModified": 1694499547, + "narHash": "sha256-R7xMz1Iia6JthWRHDn36s/E248WB1/je62ovC/dUVKI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4f77ea639305f1de0a14d9d41eef83313360638c", + "rev": "e5f018cf150e29aac26c61dac0790ea023c46b24", "type": "github" }, "original": { @@ -1214,11 +1214,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1694274712, - "narHash": "sha256-XoqfgaqzvS9FS2Ci2NXEPkuY5Shc3Z4RACEeJrWDSsI=", + "lastModified": 1694341786, + "narHash": "sha256-7xp0lZ0Ihx1f9WLYxOWP73PlM0HOa0Wrp3/iF7D++zc=", "owner": "pta2002", "repo": "nixvim", - "rev": "6efbb5353c08e6bcee24f3ed7314e51767a52d9e", + "rev": "9e6892e8391a5bcc3727802b6a9fb2b9b52537df", "type": "github" }, "original": { @@ -1229,11 +1229,11 @@ }, "nur": { "locked": { - "lastModified": 1694270448, - "narHash": "sha256-3o8OvyMAgFeyFG/nZl5EK1n24kiGc3Q0ZZZAYRDAe/I=", + "lastModified": 1694769994, + "narHash": "sha256-IQXCa50IMb+Q5jXQYplmbAsui+F3O9U3iZ5zeS1VLHI=", "owner": "nix-community", "repo": "NUR", - "rev": "b944476b030a89bc4ca83a10944476afa5ea5548", + "rev": "32a38aa09c98243d59ab3272c620858db6018782", "type": "github" }, "original": { @@ -1482,11 +1482,11 @@ ] }, "locked": { - "lastModified": 1689906077, - "narHash": "sha256-2tjLXKoSK7O0LYHlA6GCWL0gy2kZZno4krg+KZpDh6U=", + "lastModified": 1694657451, + "narHash": "sha256-cRZa9ZmUi0EFKcmzpsOXLVhiMQD8XLrku8v+U1YiGm8=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "c88b28944129eeff5e819bdc21248dc07eb0625d", + "rev": "7c4f46f0b3597e3c4663285e6794194e55574879", "type": "github" }, "original": { diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index db10fb84..a9565d1e 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -19,7 +19,7 @@ in { inputs.attic.packages.${pkgs.system}.attic inputs.comma.packages.${pkgs.system}.default inputs.webcord.packages.${pkgs.system}.default - kdenlive + kdenliv mattermost-desktop mullvad-vpn neofetch diff --git a/nixos/common/hm-modules/vscode.nix b/nixos/common/hm-modules/vscode.nix index acc4d99b..6680e213 100644 --- a/nixos/common/hm-modules/vscode.nix +++ b/nixos/common/hm-modules/vscode.nix @@ -23,6 +23,7 @@ in { "[python]" = { "editor.formatOnType" = true; }; "rust-analyzer.checkOnSave.command" = "clippy"; "debug.allowBreakpointsEverywhere" = true; + "C_Cpp.clang_format_fallbackStyle" = "{ BasedOnStyle: Google, IndentWidth: 4, ColumnLimit: 0}"; # Don't index unecessary things "files.exclude" = { "**/.vscode" = true; diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index 928e8c26..d6a93a7f 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -16,6 +16,10 @@ resumeDevice = "/dev/nvme0n1p2"; loader.systemd-boot.enable = lib.mkForce false; + kernel.sysctl = { + "perf_event_paranoid" = 1; + "kptr_restrict" = 0; + }; lanzaboote = { enable = true; configurationLimit = 5; diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index b126d8e3..c49ebb24 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -1,4 +1,4 @@ -_: { +{pkgs, ...}: { # Custom dconf settings dconf.settings."org/gnome/desktop/input-sources" = { xkb-options = [ "caps:swapescape" ]; @@ -7,4 +7,9 @@ _: { programs.zsh.envExtra = '' source ~/.zshrc.secrets ''; + + home.packages = with pkgs; [ + libreoffice-fresh + jetbrains.clion + ]; } -- 2.47.1 From 5170822b2c077bcc39769698383f08b0dbd1ad83 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 20 Sep 2023 14:00:29 +0000 Subject: [PATCH 1804/1882] chore(deps): update meisnate12/plex-meta-manager docker tag to v1.19.1 --- nixos/hosts/hades/pmm/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/pmm/configuration.nix b/nixos/hosts/hades/pmm/configuration.nix index b7dbd66f..0e079e85 100644 --- a/nixos/hosts/hades/pmm/configuration.nix +++ b/nixos/hosts/hades/pmm/configuration.nix @@ -36,7 +36,7 @@ in { backend = "podman"; containers = { plex-meta-manager = { - image = "meisnate12/plex-meta-manager:v1.19.0"; + image = "meisnate12/plex-meta-manager:v1.19.1"; volumes = [ "${datadir}:/config:rw" "/etc/pmm/Anime.yml:/config/Anime.yml:ro" -- 2.47.1 From d59fe55050d48b31c1673eae3eaca6939fa7c3e1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 19 Sep 2023 14:00:27 +0000 Subject: [PATCH 1805/1882] chore(deps): update dependency fluxcd/flux2 to v2.1.1 --- .../base/flux-system/gotk-components.yaml | 68 +++++++++---------- 1 file changed, 34 insertions(+), 34 deletions(-) diff --git a/flux/olympus/base/flux-system/gotk-components.yaml b/flux/olympus/base/flux-system/gotk-components.yaml index 71f811a6..1d5c44b4 100644 --- a/flux/olympus/base/flux-system/gotk-components.yaml +++ b/flux/olympus/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v2.1.0 +# Flux Version: v2.1.1 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -19,7 +19,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: allow-egress namespace: flux-system spec: @@ -39,7 +39,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: allow-scraping namespace: flux-system spec: @@ -59,7 +59,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: allow-webhooks namespace: flux-system spec: @@ -78,7 +78,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: critical-pods-flux-system namespace: flux-system spec: @@ -98,7 +98,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: crd-controller-flux-system rules: - apiGroups: @@ -188,7 +188,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" name: flux-edit-flux-system @@ -214,7 +214,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-view: "true" @@ -239,7 +239,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -259,7 +259,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -294,7 +294,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -812,7 +812,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2013,7 +2013,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2609,7 +2609,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3133,7 +3133,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: ocirepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3496,7 +3496,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: source-controller namespace: flux-system --- @@ -3507,7 +3507,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 control-plane: controller name: source-controller namespace: flux-system @@ -3528,7 +3528,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 control-plane: controller name: source-controller namespace: flux-system @@ -3563,7 +3563,7 @@ spec: fieldPath: metadata.namespace - name: TUF_ROOT value: /tmp/.sigstore - image: ghcr.io/fluxcd/source-controller:v1.1.0 + image: ghcr.io/fluxcd/source-controller:v1.1.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -3627,7 +3627,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -5259,7 +5259,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: kustomize-controller namespace: flux-system --- @@ -5270,7 +5270,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 control-plane: controller name: kustomize-controller namespace: flux-system @@ -5356,7 +5356,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -6283,7 +6283,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: helm-controller namespace: flux-system --- @@ -6294,7 +6294,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 control-plane: controller name: helm-controller namespace: flux-system @@ -6323,7 +6323,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.36.0 + image: ghcr.io/fluxcd/helm-controller:v0.36.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6380,7 +6380,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6817,7 +6817,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -7228,7 +7228,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -7894,7 +7894,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 name: notification-controller namespace: flux-system --- @@ -7905,7 +7905,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 control-plane: controller name: notification-controller namespace: flux-system @@ -7926,7 +7926,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 control-plane: controller name: webhook-receiver namespace: flux-system @@ -7947,7 +7947,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.0 + app.kubernetes.io/version: v2.1.1 control-plane: controller name: notification-controller namespace: flux-system -- 2.47.1 From b03361c9183df8840f0418d513ccd2b7b8ba9f46 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 25 Sep 2023 06:00:32 +0000 Subject: [PATCH 1806/1882] chore(deps): update renovate/renovate docker tag to v36.107.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index cae33349..0c53717a 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.93.7 + image: renovate/renovate:36.107.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 7c6ab98b9f65ed37aa935009a3861fd2b9d49710 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 15 Sep 2023 22:00:26 +0000 Subject: [PATCH 1807/1882] chore(deps): update flaresolverr/flaresolverr docker tag to v3.3.6 --- nixos/hosts/hades/overseerr/prowlarr.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/overseerr/prowlarr.nix b/nixos/hosts/hades/overseerr/prowlarr.nix index d56c8b2f..5f7976ac 100644 --- a/nixos/hosts/hades/overseerr/prowlarr.nix +++ b/nixos/hosts/hades/overseerr/prowlarr.nix @@ -5,7 +5,7 @@ _: { }; virtualisation.oci-containers.containers.flaresolverr = { - image = "flaresolverr/flaresolverr:v3.3.5"; + image = "flaresolverr/flaresolverr:v3.3.6"; ports = [ "8191:8191" ]; }; } -- 2.47.1 From c5a19a16cbdad22e3ce2f32a8af048eeb61a07dc Mon Sep 17 00:00:00 2001 From: Forgejo Actions Bot <> Date: Mon, 25 Sep 2023 08:53:22 +0000 Subject: [PATCH 1808/1882] Update Plex --- nixos/pkgs/plex-pass/sources.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/nixos/pkgs/plex-pass/sources.json b/nixos/pkgs/plex-pass/sources.json index 3cc228f8..5fc9079a 100644 --- a/nixos/pkgs/plex-pass/sources.json +++ b/nixos/pkgs/plex-pass/sources.json @@ -1,14 +1,14 @@ [ { - "version": "1.32.7.7484", + "version": "1.32.6.7521", "platform": "aarch64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.7.7484-337c79318/debian/plexmediaserver_1.32.7.7484-337c79318_arm64.deb", - "hash": "17z01x0j27gcdjx5z2yzsdrybji173xsmdrc5sn88f0d4hsr1467" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.6.7521-24e4dff81/debian/plexmediaserver_1.32.6.7521-24e4dff81_arm64.deb", + "hash": "19c9nryv2pl1w473ik7b655zsh97badil7fj5x0nrs295n9g5v6m" }, { - "version": "1.32.7.7484", + "version": "1.32.6.7521", "platform": "x86_64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.7.7484-337c79318/debian/plexmediaserver_1.32.7.7484-337c79318_amd64.deb", - "hash": "1xdxpbid6qkblmmy8x3i5nnfanhn0id7mcjm5vh4vrf1zgfg40iw" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.6.7521-24e4dff81/debian/plexmediaserver_1.32.6.7521-24e4dff81_amd64.deb", + "hash": "19h7r04ccnlhs4kh3r4fa464s07hypb3gyfk7s3bgjmqvscdnr3g" } ] -- 2.47.1 From 290ce7f72ddc1d315040980fb66190688b0bf731 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 25 Sep 2023 11:47:59 +0200 Subject: [PATCH 1809/1882] update flake --- flake.lock | 54 ++++++++++----------- nixos/common/desktop/home.nix | 2 +- nixos/hosts/thalassa/aoife/home/default.nix | 1 + 3 files changed, 29 insertions(+), 28 deletions(-) diff --git a/flake.lock b/flake.lock index 164eca27..267ad24f 100644 --- a/flake.lock +++ b/flake.lock @@ -536,11 +536,11 @@ "systems": "systems_3" }, "locked": { - "lastModified": 1692799911, - "narHash": "sha256-3eihraek4qL744EvQXsK1Ha6C3CR7nnT8X2qWap4RNk=", + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", "owner": "numtide", "repo": "flake-utils", - "rev": "f9e7cf818399d17d347f847525c5a5a8032e4e44", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", "type": "github" }, "original": { @@ -698,11 +698,11 @@ ] }, "locked": { - "lastModified": 1694643239, - "narHash": "sha256-pv2k/5FvyirDE8g4TNehzwZ0T4UOMMmqWSQnM/luRtE=", + "lastModified": 1695550077, + "narHash": "sha256-xoxR/iY69/3lTnnZDP6gf3J46DUKPcf+Y1jH03tfZXE=", "owner": "nix-community", "repo": "home-manager", - "rev": "d9b88b43524db1591fb3d9410a21428198d75d49", + "rev": "a88df2fb101778bfd98a17556b3a2618c6c66091", "type": "github" }, "original": { @@ -909,11 +909,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1694710316, - "narHash": "sha256-uRh46iIC86D8BD1wCDA5gRrt+hslUXiD0kx/UjnjBcs=", + "lastModified": 1695541019, + "narHash": "sha256-rs++zfk41K9ArWkDAlmBDlGlKO8qeRIRzdjo+9SmNFI=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "570256327eb6ca6f7bebe8d93af49459092a0c43", + "rev": "61283b30d11f27d5b76439d43f20d0c0c8ff5296", "type": "github" }, "original": { @@ -1100,11 +1100,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1694669921, - "narHash": "sha256-6ESpJ6FsftHV96JO/zn6je07tyV2dlLR7SdLsmkegTY=", + "lastModified": 1695521010, + "narHash": "sha256-2raGKYu7U7nqBKUBPzZbnRAEraRstM4CHPN4GZHXtJM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f2ea252d23ebc9a5336bf6a61e0644921f64e67c", + "rev": "397b1733f45dc601e82ab9e13d5d427167fc284e", "type": "github" }, "original": { @@ -1115,11 +1115,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1694183432, - "narHash": "sha256-YyPGNapgZNNj51ylQMw9lAgvxtM2ai1HZVUu3GS8Fng=", + "lastModified": 1695360818, + "narHash": "sha256-JlkN3R/SSoMTa+CasbxS1gq+GpGxXQlNZRUh9+LIy/0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "db9208ab987cdeeedf78ad9b4cf3c55f5ebd269b", + "rev": "e35dcc04a3853da485a396bdd332217d0ac9054f", "type": "github" }, "original": { @@ -1193,11 +1193,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1694499547, - "narHash": "sha256-R7xMz1Iia6JthWRHDn36s/E248WB1/je62ovC/dUVKI=", + "lastModified": 1695559356, + "narHash": "sha256-kXZ1pUoImD9OEbPCwpTz4tHsNTr4CIyIfXb3ocuR8sI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e5f018cf150e29aac26c61dac0790ea023c46b24", + "rev": "261abe8a44a7e8392598d038d2e01f7b33cf26d0", "type": "github" }, "original": { @@ -1214,11 +1214,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1694341786, - "narHash": "sha256-7xp0lZ0Ihx1f9WLYxOWP73PlM0HOa0Wrp3/iF7D++zc=", + "lastModified": 1695625700, + "narHash": "sha256-lphJKrXUebw8LXkBZ2XMTvXO7fCoEJsWQ4HYebyqre0=", "owner": "pta2002", "repo": "nixvim", - "rev": "9e6892e8391a5bcc3727802b6a9fb2b9b52537df", + "rev": "4316099f050112ca1377d9d2a274de3c744746dc", "type": "github" }, "original": { @@ -1229,11 +1229,11 @@ }, "nur": { "locked": { - "lastModified": 1694769994, - "narHash": "sha256-IQXCa50IMb+Q5jXQYplmbAsui+F3O9U3iZ5zeS1VLHI=", + "lastModified": 1695629172, + "narHash": "sha256-uyX3hb9n8O4DdtRLi3VsNLhhgsgV0NwDC0AJ3FT61rI=", "owner": "nix-community", "repo": "NUR", - "rev": "32a38aa09c98243d59ab3272c620858db6018782", + "rev": "d68e23fbf48d0ac738fccb263ba30c7c3441cbe8", "type": "github" }, "original": { @@ -1298,11 +1298,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1692274144, - "narHash": "sha256-BxTQuRUANQ81u8DJznQyPmRsg63t4Yc+0kcyq6OLz8s=", + "lastModified": 1695576016, + "narHash": "sha256-71KxwRhTfVuh7kNrg3/edNjYVg9DCyKZl2QIKbhRggg=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "7e3517c03d46159fdbf8c0e5c97f82d5d4b0c8fa", + "rev": "cb770e93516a1609652fa8e945a0f310e98f10c0", "type": "github" }, "original": { diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index a9565d1e..db10fb84 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -19,7 +19,7 @@ in { inputs.attic.packages.${pkgs.system}.attic inputs.comma.packages.${pkgs.system}.default inputs.webcord.packages.${pkgs.system}.default - kdenliv + kdenlive mattermost-desktop mullvad-vpn neofetch diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index c49ebb24..f4f05f60 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -11,5 +11,6 @@ home.packages = with pkgs; [ libreoffice-fresh jetbrains.clion + jetbrains.rust-rover ]; } -- 2.47.1 From ea83c79fb32e72ee4f8dd7adb16adef5544afcb0 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 25 Sep 2023 11:56:02 +0200 Subject: [PATCH 1810/1882] fixed linting --- flake.nix | 31 +- nixos/common/default.nix | 18 +- nixos/common/desktop/default.nix | 70 +- nixos/common/desktop/home.nix | 76 +- nixos/common/hm-modules/catppuccin.nix | 56 +- nixos/common/hm-modules/nvim.nix | 14 +- nixos/common/modules/dns.nix | 5 +- nixos/common/modules/gnome/default.nix | 34 +- nixos/common/modules/gnome/hm.nix | 17 +- nixos/common/modules/meta.nix | 6 +- nixos/common/modules/nginx.nix | 40 +- nixos/common/modules/unpackerr.nix | 104 +- nixos/common/modules/vault.nix | 17 +- nixos/common/users/victor.nix | 28 +- nixos/hosts/hades/immich/configuration.nix | 3 +- nixos/hosts/hades/lucy/configuration.nix | 11 +- .../hades/lucy/hardware-configuration.nix | 26 +- nixos/hosts/hades/mastodon/configuration.nix | 8 +- nixos/hosts/hades/nginx/configuration.nix | 223 +- nixos/hosts/hades/pmm/configuration.nix | 3 +- nixos/hosts/hades/rtorrent/configuration.nix | 44 +- nixos/hosts/hades/rtorrent/rtorrent.nix | 165 +- nixos/hosts/hades/unifi/configuration.nix | 2 +- nixos/hosts/olympus/bastion/configuration.nix | 3 +- .../bastion/hardware-configuration.nix | 12 +- nixos/hosts/olympus/dex/configuration.nix | 3 +- nixos/hosts/olympus/dhcp/configuration.nix | 5 +- .../olympus/eevee/hardware-configuration.nix | 12 +- nixos/hosts/olympus/eevee/hardware.nix | 62 +- nixos/hosts/olympus/gitea/configuration.nix | 127 +- .../hosts/olympus/hedgedoc/configuration.nix | 30 +- .../olympus/mailserver/configuration.nix | 78 +- nixos/hosts/olympus/minio/configuration.nix | 3 +- nixos/hosts/olympus/nginx/configuration.nix | 201 +- nixos/hosts/olympus/ntfy/configuration.nix | 27 +- nixos/hosts/olympus/outline/configuration.nix | 3 +- nixos/hosts/olympus/synapse/configuration.nix | 109 +- .../olympus/vaultwarden/configuration.nix | 3 +- .../olympus/victoriametrics/configuration.nix | 191 +- .../hosts/olympus/wireguard/configuration.nix | 96 +- .../thalassa/aoife/hardware-configuration.nix | 12 +- nixos/hosts/thalassa/aoife/hardware.nix | 70 +- nixos/hosts/thalassa/aoife/home/default.nix | 2 +- nixos/hosts/thalassa/null/configuration.nix | 259 +- .../thalassa/null/hardware-configuration.nix | 50 +- nixos/hosts/thalassa/null/home/default.nix | 373 +-- .../hosts/thalassa/null/home/eww/default.nix | 62 +- nixos/hosts/thalassa/null/home/hyprland.nix | 226 +- nixos/hosts/thalassa/null/home/neovim.nix | 8 +- nixos/hosts/thalassa/null/home/theme.nix | 79 +- nixos/hosts/thalassa/null/rescue-boot.nix | 3 +- nixos/pkgs/glitch-soc/default.nix | 41 +- nixos/pkgs/glitch-soc/gemset.nix | 2246 ++++++++--------- nixos/pkgs/glitch-soc/source.nix | 8 +- nixos/pkgs/glitch-soc/update.nix | 17 +- nixos/pkgs/plex-pass/raw.nix | 6 +- nixos/pkgs/roundcube-swipe/default.nix | 3 +- nixos/util.nix | 47 +- repl.nix | 3 +- 59 files changed, 2843 insertions(+), 2638 deletions(-) diff --git a/flake.nix b/flake.nix index d5ce38e6..96f4d3b8 100644 --- a/flake.nix +++ b/flake.nix @@ -46,8 +46,17 @@ attic.url = "github:zhaofengli/attic"; }; - outputs = { self, nixpkgs, nixpkgs_stable, vault-secrets, colmena - , nixos-generators, nur, attic, ... }@inputs: + outputs = + { self + , nixpkgs + , nixpkgs_stable + , vault-secrets + , colmena + , nixos-generators + , nur + , attic + , ... + }@inputs: let inherit (nixpkgs) lib; @@ -81,7 +90,8 @@ source /etc/set-environment nix repl --file "${./.}/repl.nix" $@ ''; - in { + in + { # Make the nixosConfigurations for compat reasons (e.g. vault) nixosConfigurations = (import (inputs.colmena + "/src/nix/hive/eval.nix") { @@ -93,12 +103,14 @@ }).nodes; # Make the colmena configuration - colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el) { - meta = { - inherit specialArgs; - nixpkgs = pkgs; - }; - } nixHosts; + colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el) + { + meta = { + inherit specialArgs; + nixpkgs = pkgs; + }; + } + nixHosts; packages.${system} = { inherit apply-local; @@ -137,6 +149,7 @@ statix terraform nixfmt + nixpkgs-fmt nixUnstable nil vault diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 3f3782f0..317d57df 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -2,14 +2,16 @@ imports = [ ./users ./modules inputs.vault-secrets.nixosModules.vault-secrets ]; - vault-secrets = let - inherit (config.networking) domain hostName; - server = if domain == "olympus" then "vault" else "vault-0"; - in lib.mkIf (domain == "olympus" || domain == "hades") { - vaultPrefix = "${domain}_secrets/nixos"; - vaultAddress = "http://${server}.${domain}:8200/"; - approlePrefix = "${domain}-${hostName}"; - }; + vault-secrets = + let + inherit (config.networking) domain hostName; + server = if domain == "olympus" then "vault" else "vault-0"; + in + lib.mkIf (domain == "olympus" || domain == "hades") { + vaultPrefix = "${domain}_secrets/nixos"; + vaultAddress = "http://${server}.${domain}:8200/"; + approlePrefix = "${domain}-${hostName}"; + }; home-manager = { useGlobalPkgs = true; diff --git a/nixos/common/desktop/default.nix b/nixos/common/desktop/default.nix index f4e4c905..4e02b9a3 100644 --- a/nixos/common/desktop/default.nix +++ b/nixos/common/desktop/default.nix @@ -21,9 +21,26 @@ users.victor = import ./home.nix; extraSpecialArgs = { inherit inputs; }; }; + services = { - # Enable my config for the gnome desktop environment - services.v.gnome.enable = true; + # Enable my config for the gnome desktop environment + v.gnome.enable = true; + + # Enable CUPS to print documents. + printing.enable = true; + pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + }; # Set your time zone. time.timeZone = "Europe/Amsterdam"; @@ -42,9 +59,6 @@ LC_TIME = "nl_NL.UTF-8"; }; - # Enable CUPS to print documents. - services.printing.enable = true; - # Global Packages environment = { systemPackages = with pkgs; [ wireguard-tools sbctl ]; }; @@ -52,18 +66,6 @@ sound.enable = true; hardware.pulseaudio.enable = false; security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - # If you want to use JACK applications, uncomment this - #jack.enable = true; - - # use the example session manager (no others are packaged yet so this is enabled by default, - # no need to redefine it in your config for now) - #media-session.enable = true; - }; virtualisation = { podman.enable = true; @@ -84,21 +86,27 @@ [ "DejaVuSansMono" "Ubuntu" "DroidSansMono" "NerdFontsSymbolsOnly" ]; }) ]; + programs = { + steam = { - programs.steam = { - enable = true; - # Open ports in the firewall for Steam Remote Play - remotePlay.openFirewall = true; - package = pkgs.steam.override { - extraPkgs = pkgs: with pkgs; [ gamescope mangohud ]; + + enable = true; + # Open ports in the firewall for Steam Remote Play + remotePlay.openFirewall = true; + package = pkgs.steam.override { + extraPkgs = pkgs: with pkgs; [ gamescope mangohud ]; + }; }; + + + gamemode.enable = true; + + adb.enable = true; + }; + networking = { + # Networking + networkmanager.enable = true; + firewall.checkReversePath = false; + firewall.enable = false; }; - - programs.gamemode.enable = true; - - programs.adb.enable = true; - # Networking - networking.networkmanager.enable = true; - networking.firewall.checkReversePath = false; - networking.firewall.enable = false; } diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index db10fb84..3650e3fe 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -5,7 +5,8 @@ let dnd-5e-latex-template = { pkgs = [ pkgs.v.dnd-5e-latex-template ]; }; }; my-python-packages = ps: with ps; [ pandas requests numpy ]; -in { +in +{ home.packages = with pkgs; [ (python3.withPackages my-python-packages) btop @@ -37,50 +38,53 @@ in { # Enable my own hm modules themes.v.catppuccin.enable = true; - programs.v.vscode.enable = true; + programs = { + v.vscode.enable = true; - programs.riff = { - enable = true; - direnv = true; - }; + riff = { + enable = true; + direnv = true; + }; - programs.firefox.enable = true; + firefox.enable = true; - programs.chromium = { - enable = true; - package = pkgs.ungoogled-chromium; - }; + chromium = { + enable = true; + package = pkgs.ungoogled-chromium; + }; - programs.direnv = { - enable = true; - nix-direnv.enable = true; - }; + direnv = { + enable = true; + nix-direnv.enable = true; + }; - programs.zsh = { - enable = true; - sessionVariables = { DIRENV_LOG_FORMAT = ""; }; - }; + zsh = { + enable = true; + sessionVariables = { DIRENV_LOG_FORMAT = ""; }; + }; - programs.thunderbird = { - enable = true; - profiles.default = { - isDefault = true; + thunderbird = { + enable = true; + profiles.default = { + isDefault = true; + }; }; }; # Syncthing services.syncthing.enable = true; - xdg.userDirs = let home = config.home.homeDirectory; - in { - enable = true; - createDirectories = true; - desktop = "${home}/.desktop"; - documents = "${home}/cloud/Documents"; - download = "${home}/dl"; - music = "${home}/cloud/Music"; - pictures = "${home}/cloud/Pictures"; - publicShare = "${home}/.publicShare"; - templates = "${home}/.templates"; - videos = "${home}/cloud/Videos"; - }; + xdg.userDirs = + let home = config.home.homeDirectory; + in { + enable = true; + createDirectories = true; + desktop = "${home}/.desktop"; + documents = "${home}/cloud/Documents"; + download = "${home}/dl"; + music = "${home}/cloud/Music"; + pictures = "${home}/cloud/Pictures"; + publicShare = "${home}/.publicShare"; + templates = "${home}/.templates"; + videos = "${home}/cloud/Videos"; + }; } diff --git a/nixos/common/hm-modules/catppuccin.nix b/nixos/common/hm-modules/catppuccin.nix index 2aceac0e..68c7191e 100644 --- a/nixos/common/hm-modules/catppuccin.nix +++ b/nixos/common/hm-modules/catppuccin.nix @@ -3,36 +3,38 @@ with lib; let cfg = config.themes.v.catppuccin; in { options.themes.v.catppuccin = { enable = mkEnableOption "catppuccin"; }; - config = let - theme = "Catppuccin-Pink-Dark"; - cursorTheme = config.home.pointerCursor.name; - in mkIf cfg.enable { - home.pointerCursor = { - name = "Bibata_Ghost"; - size = 24; - package = pkgs.bibata-cursors-translucent; - }; + config = + let + theme = "Catppuccin-Pink-Dark"; + cursorTheme = config.home.pointerCursor.name; + in + mkIf cfg.enable { + home.pointerCursor = { + name = "Bibata_Ghost"; + size = 24; + package = pkgs.bibata-cursors-translucent; + }; - gtk = { - enable = true; - theme = { - name = theme; - package = pkgs.catppuccin-gtk; + gtk = { + enable = true; + theme = { + name = theme; + package = pkgs.catppuccin-gtk; + }; + iconTheme = { + name = "Papirus-Dark"; + package = pkgs.papirus-icon-theme.override { color = "violet"; }; + }; + cursorTheme = { + name = cursorTheme; + inherit (config.home.pointerCursor) package size; + }; }; - iconTheme = { - name = "Papirus-Dark"; - package = pkgs.papirus-icon-theme.override { color = "violet"; }; - }; - cursorTheme = { - name = cursorTheme; - inherit (config.home.pointerCursor) package size; - }; - }; - programs.vscode = { - userSettings."workbench.colorTheme" = "Catppuccin Frappé"; - extensions = [ pkgs.vscode-extensions.catppuccin.catppuccin-vsc ]; + programs.vscode = { + userSettings."workbench.colorTheme" = "Catppuccin Frappé"; + extensions = [ pkgs.vscode-extensions.catppuccin.catppuccin-vsc ]; + }; }; - }; } diff --git a/nixos/common/hm-modules/nvim.nix b/nixos/common/hm-modules/nvim.nix index 46c5fbf4..8d9e306c 100644 --- a/nixos/common/hm-modules/nvim.nix +++ b/nixos/common/hm-modules/nvim.nix @@ -65,12 +65,14 @@ in { comment-nvim = { enable = true; }; lsp = { enable = true; - servers.nil_ls.enable = true; - servers.rust-analyzer.enable = true; - servers.pyright.enable = true; - servers.elixirls.enable = true; - servers.clangd.enable = true; - servers.yamlls.enable = true; + servers = { + nil_ls.enable = true; + rust-analyzer.enable = true; + pyright.enable = true; + elixirls.enable = true; + clangd.enable = true; + yamlls.enable = true; + }; }; trouble.enable = true; lspkind.enable = true; diff --git a/nixos/common/modules/dns.nix b/nixos/common/modules/dns.nix index e90e1c79..0b9ed85e 100644 --- a/nixos/common/modules/dns.nix +++ b/nixos/common/modules/dns.nix @@ -15,7 +15,8 @@ let ptr6Data = { hostname, realm, ip6, ... }: ''"${ip6} ${hostname}.${realm}"''; cfg = config.services.v.dns; -in { +in +{ options.services.v.dns = { enable = mkEnableOption "v.dns"; @@ -47,7 +48,7 @@ in { config = mkIf cfg.enable { networking.firewall = mkIf cfg.openFirewall { - allowedTCPPorts = [ 53 ] ; + allowedTCPPorts = [ 53 ]; allowedUDPPorts = [ 53 ]; }; services.prometheus.exporters.unbound = mkIf cfg.enableMetrics { diff --git a/nixos/common/modules/gnome/default.nix b/nixos/common/modules/gnome/default.nix index 90b95a52..eb2d4f09 100644 --- a/nixos/common/modules/gnome/default.nix +++ b/nixos/common/modules/gnome/default.nix @@ -14,22 +14,28 @@ in { }; config = mkIf cfg.enable { - services.xserver.enable = true; - services.xserver.excludePackages = [ pkgs.xterm ]; + services = { + xserver = { + enable = true; + excludePackages = [ pkgs.xterm ]; + + # Configure keymap in X11 + + layout = "us"; + xkbVariant = "altgr-intl"; + + + # Enable the GNOME Desktop Environment. + displayManager.gdm.enable = true; + desktopManager.gnome.enable = true; + }; + udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; + dbus.enable = true; + udisks2.enable = true; + }; # Add Home-manager dconf stuff home-manager.sharedModules = mkIf cfg.hm [ ./hm.nix ]; - - # Configure keymap in X11 - services.xserver = { - layout = "us"; - xkbVariant = "altgr-intl"; - }; - - # Enable the GNOME Desktop Environment. - services.xserver.displayManager.gdm.enable = true; - services.xserver.desktopManager.gnome.enable = true; - services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; environment.gnome.excludePackages = (with pkgs; [ gnome-photos gnome-tour gnome-connections ]) ++ (with pkgs.gnome; [ @@ -54,8 +60,6 @@ in { # Services required for gnome programs.dconf.enable = true; - services.dbus.enable = true; - services.udisks2.enable = true; # Extra gnome packages environment.systemPackages = with pkgs; [ diff --git a/nixos/common/modules/gnome/hm.nix b/nixos/common/modules/gnome/hm.nix index d852a9aa..07cc96a8 100644 --- a/nixos/common/modules/gnome/hm.nix +++ b/nixos/common/modules/gnome/hm.nix @@ -7,15 +7,18 @@ let generate_custom_keybindings = binds: { "org/gnome/settings-daemon/plugins/media-keys" = { - custom-keybindings = map (name: - "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/${name}/") + custom-keybindings = map + (name: + "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/${name}/") (attrNames binds); }; - } // mapAttrs' (name: - nameValuePair - "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/${name}") - binds; -in { + } // mapAttrs' + (name: + nameValuePair + "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/${name}") + binds; +in +{ xdg.mimeApps.enable = true; xdg.mimeApps.defaultApplications = { "text/plain" = "org.gnome.TextEditor.desktop"; diff --git a/nixos/common/modules/meta.nix b/nixos/common/modules/meta.nix index 562d21f8..639d212d 100644 --- a/nixos/common/modules/meta.nix +++ b/nixos/common/modules/meta.nix @@ -20,7 +20,8 @@ let }; }; }; -in { +in +{ options.meta = { exposes = mkOption { @@ -38,6 +39,5 @@ in { }; }; - config = { - }; + config = { }; } diff --git a/nixos/common/modules/nginx.nix b/nixos/common/modules/nginx.nix index a6ff28ad..1159e212 100644 --- a/nixos/common/modules/nginx.nix +++ b/nixos/common/modules/nginx.nix @@ -1,30 +1,32 @@ { lib, hosts, config, ... }: with lib; let cfg = config.services.v.nginx; -in { +in { options.services.v.nginx.autoExpose = mkEnableOption "generate vhosts"; - config = let + config = + let - proxy = url: { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = url; - proxyWebsockets = true; + proxy = url: { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = url; + proxyWebsockets = true; + }; }; - }; - hosts' = - filter (hasAttr "exposes") (attrValues hosts.${config.networking.domain}); - exposes = { ip, exposes, ... }: - map ({ domain, port ? 80}: { inherit ip domain port; }) (attrValues exposes); - mkVhost = { ip, domain, port}: { - "${domain}" = proxy "http://${ip}:${toString port}"; + hosts' = + filter (hasAttr "exposes") (attrValues hosts.${config.networking.domain}); + exposes = { ip, exposes, ... }: + map ({ domain, port ? 80 }: { inherit ip domain port; }) (attrValues exposes); + mkVhost = { ip, domain, port }: { + "${domain}" = proxy "http://${ip}:${toString port}"; + }; + vhosts = foldr (el: acc: acc // mkVhost el) { } (concatMap exposes hosts'); + in + mkIf cfg.autoExpose { + services.nginx.virtualHosts = vhosts; }; - vhosts = foldr (el: acc: acc // mkVhost el) { } (concatMap exposes hosts'); - in mkIf cfg.autoExpose { - services.nginx.virtualHosts = vhosts; - }; } diff --git a/nixos/common/modules/unpackerr.nix b/nixos/common/modules/unpackerr.nix index 5490ec6f..4a8043ba 100644 --- a/nixos/common/modules/unpackerr.nix +++ b/nixos/common/modules/unpackerr.nix @@ -57,7 +57,8 @@ let ''; }; }; -in { +in +{ options.services.unpackerr = { enable = mkEnableOption "unpackerr"; @@ -257,61 +258,62 @@ in { after = [ "network.target" ]; description = "unpackerr system service"; # Filter out all unset variables else unpackerr complains - environment = filterAttrs (_n: v: stringLength v > 0) { - # General options - UN_DEBUG = "${toString cfg.debug}"; - UN_INTERVAL = "${cfg.interval}"; - UN_START_DELAY = "${cfg.startDelay}"; - UN_RETRY_DELAY = "${cfg.retryDelay}"; - UN_MAX_RETRIES = "${toString cfg.maxRetries}"; - UN_PARALLEL = "${toString cfg.parallel}"; - UN_FILE_MODE = "${cfg.fileMode}"; - UN_DIR_MODE = "${cfg.dirMode}"; + environment = filterAttrs (_n: v: stringLength v > 0) + { + # General options + UN_DEBUG = "${toString cfg.debug}"; + UN_INTERVAL = "${cfg.interval}"; + UN_START_DELAY = "${cfg.startDelay}"; + UN_RETRY_DELAY = "${cfg.retryDelay}"; + UN_MAX_RETRIES = "${toString cfg.maxRetries}"; + UN_PARALLEL = "${toString cfg.parallel}"; + UN_FILE_MODE = "${cfg.fileMode}"; + UN_DIR_MODE = "${cfg.dirMode}"; - # Sonarr - UN_SONARR_0_URL = "${cfg.sonarr.url}"; - UN_SONARR_0_API_KEY = "${cfg.sonarr.apiKey}"; - UN_SONARR_0_PATHS_0 = "${cfg.sonarr.paths}"; - UN_SONARR_0_PROTOCOLS = "${cfg.sonarr.protocols}"; - UN_SONARR_0_TIMEOUT = "${cfg.sonarr.timeout}"; - UN_SONARR_0_DELETE_ORIG = "${toString cfg.sonarr.deleteOrginal}"; - UN_SONARR_0_DELETE_DELAY = "${cfg.sonarr.deleteDelay}"; + # Sonarr + UN_SONARR_0_URL = "${cfg.sonarr.url}"; + UN_SONARR_0_API_KEY = "${cfg.sonarr.apiKey}"; + UN_SONARR_0_PATHS_0 = "${cfg.sonarr.paths}"; + UN_SONARR_0_PROTOCOLS = "${cfg.sonarr.protocols}"; + UN_SONARR_0_TIMEOUT = "${cfg.sonarr.timeout}"; + UN_SONARR_0_DELETE_ORIG = "${toString cfg.sonarr.deleteOrginal}"; + UN_SONARR_0_DELETE_DELAY = "${cfg.sonarr.deleteDelay}"; - # Radarr - UN_RADARR_0_URL = "${cfg.radarr.url}"; - UN_RADARR_0_API_KEY = "${cfg.radarr.apiKey}"; - UN_RADARR_0_PATHS_0 = "${cfg.radarr.paths}"; - UN_RADARR_0_PROTOCOLS = "${cfg.radarr.protocols}"; - UN_RADARR_0_TIMEOUT = "${cfg.radarr.timeout}"; - UN_RADARR_0_DELETE_ORIG = "${toString cfg.radarr.deleteOrginal}"; - UN_RADARR_0_DELETE_DELAY = "${cfg.radarr.deleteDelay}"; + # Radarr + UN_RADARR_0_URL = "${cfg.radarr.url}"; + UN_RADARR_0_API_KEY = "${cfg.radarr.apiKey}"; + UN_RADARR_0_PATHS_0 = "${cfg.radarr.paths}"; + UN_RADARR_0_PROTOCOLS = "${cfg.radarr.protocols}"; + UN_RADARR_0_TIMEOUT = "${cfg.radarr.timeout}"; + UN_RADARR_0_DELETE_ORIG = "${toString cfg.radarr.deleteOrginal}"; + UN_RADARR_0_DELETE_DELAY = "${cfg.radarr.deleteDelay}"; - # Lidarr - UN_LIDARR_0_URL = "${cfg.lidarr.url}"; - UN_LIDARR_0_API_KEY = "${cfg.lidarr.apiKey}"; - UN_LIDARR_0_PATHS_0 = "${cfg.lidarr.paths}"; - UN_LIDARR_0_PROTOCOLS = "${cfg.lidarr.protocols}"; - UN_LIDARR_0_TIMEOUT = "${cfg.lidarr.timeout}"; - UN_LIDARR_0_DELETE_ORIG = "${toString cfg.lidarr.deleteOrginal}"; - UN_LIDARR_0_DELETE_DELAY = "${cfg.lidarr.deleteDelay}"; + # Lidarr + UN_LIDARR_0_URL = "${cfg.lidarr.url}"; + UN_LIDARR_0_API_KEY = "${cfg.lidarr.apiKey}"; + UN_LIDARR_0_PATHS_0 = "${cfg.lidarr.paths}"; + UN_LIDARR_0_PROTOCOLS = "${cfg.lidarr.protocols}"; + UN_LIDARR_0_TIMEOUT = "${cfg.lidarr.timeout}"; + UN_LIDARR_0_DELETE_ORIG = "${toString cfg.lidarr.deleteOrginal}"; + UN_LIDARR_0_DELETE_DELAY = "${cfg.lidarr.deleteDelay}"; - # Readarr - UN_READARR_0_URL = "${cfg.readarr.url}"; - UN_READARR_0_API_KEY = "${cfg.readarr.apiKey}"; - UN_READARR_0_PATHS_0 = "${cfg.readarr.paths}"; - UN_READARR_0_PROTOCOLS = "${cfg.readarr.protocols}"; - UN_READARR_0_TIMEOUT = "${cfg.readarr.timeout}"; - UN_READARR_0_DELETE_ORIG = "${toString cfg.readarr.deleteOrginal}"; - UN_READARR_0_DELETE_DELAY = "${cfg.readarr.deleteDelay}"; + # Readarr + UN_READARR_0_URL = "${cfg.readarr.url}"; + UN_READARR_0_API_KEY = "${cfg.readarr.apiKey}"; + UN_READARR_0_PATHS_0 = "${cfg.readarr.paths}"; + UN_READARR_0_PROTOCOLS = "${cfg.readarr.protocols}"; + UN_READARR_0_TIMEOUT = "${cfg.readarr.timeout}"; + UN_READARR_0_DELETE_ORIG = "${toString cfg.readarr.deleteOrginal}"; + UN_READARR_0_DELETE_DELAY = "${cfg.readarr.deleteDelay}"; - # Folder - UN_FOLDER_0_PATH = "${cfg.folder.path}"; - UN_FOLDER_0_EXTRACT_PATH = "${cfg.folder.extractPath}"; - UN_FOLDER_0_DELETE_AFTER = "${cfg.folder.deleteAfter}"; - UN_FOLDER_0_DELETE_ORIGINAL = "${toString cfg.folder.deleteOrginal}"; - UN_FOLDER_0_DELETE_FILES = "${toString cfg.folder.deleteFiles}"; - UN_FOLDER_0_MOVE_BACK = "${toString cfg.folder.moveBack}"; - } // cfg.extraConfig; + # Folder + UN_FOLDER_0_PATH = "${cfg.folder.path}"; + UN_FOLDER_0_EXTRACT_PATH = "${cfg.folder.extractPath}"; + UN_FOLDER_0_DELETE_AFTER = "${cfg.folder.deleteAfter}"; + UN_FOLDER_0_DELETE_ORIGINAL = "${toString cfg.folder.deleteOrginal}"; + UN_FOLDER_0_DELETE_FILES = "${toString cfg.folder.deleteFiles}"; + UN_FOLDER_0_MOVE_BACK = "${toString cfg.folder.moveBack}"; + } // cfg.extraConfig; serviceConfig = { User = cfg.user; Group = cfg.group; diff --git a/nixos/common/modules/vault.nix b/nixos/common/modules/vault.nix index 90b86c81..4460ee75 100644 --- a/nixos/common/modules/vault.nix +++ b/nixos/common/modules/vault.nix @@ -7,13 +7,16 @@ let # Find all vault hosts that do not have the same IP as the current host vault_hosts = filter ({ tags ? [ ], ip ? "", ... }: (elem "vault" tags) && (ip != hostIP)) - flat_hosts; - cluster_config = concatStrings (map ({ ip, ... }: '' - retry_join { - leader_api_addr = "http://${ip}:${toString cfg.port}" - } - '') vault_hosts); -in { + flat_hosts; + cluster_config = concatStrings (map + ({ ip, ... }: '' + retry_join { + leader_api_addr = "http://${ip}:${toString cfg.port}" + } + '') + vault_hosts); +in +{ options.services.v.vault = { enable = mkEnableOption "v's vault"; diff --git a/nixos/common/users/victor.nix b/nixos/common/users/victor.nix index 18a57ad9..46ff5fed 100644 --- a/nixos/common/users/victor.nix +++ b/nixos/common/users/victor.nix @@ -23,23 +23,27 @@ }; home-manager.users.victor = { - programs.home-manager.enable = true; + programs = { + home-manager.enable = true; - home.username = "victor"; - home.homeDirectory = "/home/victor"; - home.stateVersion = "23.05"; + v.nvim.enable = true; + v.git.enable = true; - programs.v.nvim.enable = true; - programs.v.git.enable = true; + tmux = { + enable = true; + shortcut = "b"; + terminal = "screen-256color"; + clock24 = true; + }; - programs.tmux = { - enable = true; - shortcut = "b"; - terminal = "screen-256color"; - clock24 = true; + bat.enable = true; }; + home = { - programs.bat.enable = true; + username = "victor"; + homeDirectory = "/home/victor"; + stateVersion = "23.05"; + }; }; } diff --git a/nixos/hosts/hades/immich/configuration.nix b/nixos/hosts/hades/immich/configuration.nix index 938bb2df..c338ea31 100644 --- a/nixos/hosts/hades/immich/configuration.nix +++ b/nixos/hosts/hades/immich/configuration.nix @@ -7,7 +7,8 @@ let # https://github.com/immich-app/immich/releases # version = "1.55.1"; dataDir = "/var/lib/immich"; -in { +in +{ imports = [ ]; # This value determines the NixOS release from which the default diff --git a/nixos/hosts/hades/lucy/configuration.nix b/nixos/hosts/hades/lucy/configuration.nix index 19f9c704..35682685 100644 --- a/nixos/hosts/hades/lucy/configuration.nix +++ b/nixos/hosts/hades/lucy/configuration.nix @@ -24,7 +24,8 @@ let doCheck = false; }; -in { +in +{ imports = [ ./hardware-configuration.nix ]; # This value determines the NixOS release from which the default @@ -46,10 +47,12 @@ in { trivy wapiti ]; + boot.loader = { - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - boot.loader.efi.efiSysMountPoint = "/boot"; + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + efi.efiSysMountPoint = "/boot"; + }; virtualisation.docker.enable = true; diff --git a/nixos/hosts/hades/lucy/hardware-configuration.nix b/nixos/hosts/hades/lucy/hardware-configuration.nix index f89cdb51..ba51cd13 100644 --- a/nixos/hosts/hades/lucy/hardware-configuration.nix +++ b/nixos/hosts/hades/lucy/hardware-configuration.nix @@ -5,19 +5,21 @@ { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; + boot = { - boot.initrd.availableKernelModules = [ - "uhci_hcd" - "ehci_pci" - "ahci" - "virtio_pci" - "virtio_scsi" - "sd_mod" - "sr_mod" - ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; + initrd.availableKernelModules = [ + "uhci_hcd" + "ehci_pci" + "ahci" + "virtio_pci" + "virtio_scsi" + "sd_mod" + "sr_mod" + ]; + initrd.kernelModules = [ ]; + kernelModules = [ ]; + extraModulePackages = [ ]; + }; fileSystems."/" = { device = "/dev/disk/by-uuid/749c02fd-209d-4974-917e-38b749d10ec2"; diff --git a/nixos/hosts/hades/mastodon/configuration.nix b/nixos/hosts/hades/mastodon/configuration.nix index 34ab313d..eee7fde6 100644 --- a/nixos/hosts/hades/mastodon/configuration.nix +++ b/nixos/hosts/hades/mastodon/configuration.nix @@ -2,7 +2,8 @@ let vs = config.vault-secrets.secrets; cfg = config.services.mastodon; -in { +in +{ system.stateVersion = "21.05"; # Use DHCP with static leases networking.interfaces.eth0.useDHCP = true; @@ -100,6 +101,7 @@ in { }; }; - networking.firewall = let cfg = config.services.mastodon; - in { allowedTCPPorts = [ cfg.streamingPort cfg.webPort ]; }; + networking.firewall = + let cfg = config.services.mastodon; + in { allowedTCPPorts = [ cfg.streamingPort cfg.webPort ]; }; } diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix index 71b0a245..566dcdf6 100644 --- a/nixos/hosts/hades/nginx/configuration.nix +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -12,7 +12,8 @@ let proxyWebsockets = true; }; }; -in { +in +{ imports = [ ]; nixpkgs.config.permittedInsecurePackages = [ "openssl-1.1.1t" ]; @@ -25,10 +26,12 @@ in { # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.05"; # Did you read the comment? networking.firewall.allowedTCPPorts = [ 80 443 ]; + security.acme = { - security.acme.defaults.email = "victorheld12@gmail.com"; - security.acme.acceptTerms = true; - security.acme.preliminarySelfsigned = true; + defaults.email = "victorheld12@gmail.com"; + acceptTerms = true; + preliminarySelfsigned = true; + }; services.nginx = { enable = true; @@ -39,38 +42,39 @@ in { clientMaxBodySize = "1024m"; package = pkgs.nginxMainline; + virtualHosts = { - virtualHosts."cshub.nl" = proxy "http://192.168.0.113"; - virtualHosts."api.cshub.nl" = proxy "http://192.168.0.113"; + "cshub.nl" = proxy "http://192.168.0.113"; + "api.cshub.nl" = proxy "http://192.168.0.113"; - virtualHosts."ha.xirion.net" = proxy "http://192.168.0.129:8123"; - virtualHosts."xirion.net" = { - enableACME = true; - forceSSL = true; - locations."/".extraConfig = '' - add_header Content-Type 'text/html; charset=UTF-8'; - return 200 'Hello, World!'; - ''; - locations."= /.well-known/host-meta".extraConfig = '' - return 301 https://fedi.xirion.net$request_uri; - ''; - }; - # virtualHosts."blog.xirion.net" = proxy "http://10.10.10.12"; - virtualHosts."git.xirion.net" = proxy "http://10.10.10.12"; - # virtualHosts."mail.xirion.net" = proxy "http://192.168.0.118"; - virtualHosts."o.xirion.net" = proxy "http://192.168.0.112:9000"; - virtualHosts."g.xirion.net" = proxy "http://garage.hades:3900"; - virtualHosts."requests.xirion.net" = proxy "http://overseerr.hades:5055"; - virtualHosts."pass.xirion.net" = proxy "http://bitwarden_rs"; - virtualHosts."repo.xirion.net" = proxy "http://archlinux"; - virtualHosts."thelounge.xirion.net" = proxy "http://thelounge:9000"; - virtualHosts."attic.xirion.net" = proxy "http://attic.hades:8080"; + "ha.xirion.net" = proxy "http://192.168.0.129:8123"; + "xirion.net" = { + enableACME = true; + forceSSL = true; + locations."/".extraConfig = '' + add_header Content-Type 'text/html; charset=UTF-8'; + return 200 'Hello, World!'; + ''; + locations."= /.well-known/host-meta".extraConfig = '' + return 301 https://fedi.xirion.net$request_uri; + ''; + }; + # virtualHosts."blog.xirion.net" = proxy "http://10.10.10.12"; + "git.xirion.net" = proxy "http://10.10.10.12"; + # virtualHosts."mail.xirion.net" = proxy "http://192.168.0.118"; + "o.xirion.net" = proxy "http://192.168.0.112:9000"; + "g.xirion.net" = proxy "http://garage.hades:3900"; + "requests.xirion.net" = proxy "http://overseerr.hades:5055"; + "pass.xirion.net" = proxy "http://bitwarden_rs"; + "repo.xirion.net" = proxy "http://archlinux"; + "thelounge.xirion.net" = proxy "http://thelounge:9000"; + "attic.xirion.net" = proxy "http://attic.hades:8080"; - virtualHosts."tautulli.xirion.net" = proxy "http://tautulli.hades:8080"; - virtualHosts."peepeepoopoo.xirion.net" = proxy "http://tautulli.hades:8080"; # Deprecated but Ricardo has it bookmarked already! + "tautulli.xirion.net" = proxy "http://tautulli.hades:8080"; + "peepeepoopoo.xirion.net" = proxy "http://tautulli.hades:8080"; # Deprecated but Ricardo has it bookmarked already! - virtualHosts."registry.xirion.net" = proxy "http://docker-registry:5000" - // { + "registry.xirion.net" = proxy "http://docker-registry:5000" + // { locations."/".extraConfig = '' allow 127.0.0.1; allow 10.42.42.0/23; @@ -83,91 +87,94 @@ in { ''; }; - virtualHosts."plex.xirion.net" = { - # Since we want a secure connection, we force SSL - forceSSL = true; - enableACME = true; + "plex.xirion.net" = { + # Since we want a secure connection, we force SSL + forceSSL = true; + enableACME = true; - extraConfig = '' - #Some players don't reopen a socket and playback stops totally instead of resuming after an extended pause - send_timeout 100m; + extraConfig = '' + #Some players don't reopen a socket and playback stops totally instead of resuming after an extended pause + send_timeout 100m; - # Why this is important: https://blog.cloudflare.com/ocsp-stapling-how-cloudflare-just-made-ssl-30/ - ssl_stapling on; - ssl_stapling_verify on; + # Why this is important: https://blog.cloudflare.com/ocsp-stapling-how-cloudflare-just-made-ssl-30/ + ssl_stapling on; + ssl_stapling_verify on; - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; - ssl_prefer_server_ciphers on; - #Intentionally not hardened for security for player support and encryption video streams has a lot of overhead with something like AES-256-GCM-SHA384. - ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + #Intentionally not hardened for security for player support and encryption video streams has a lot of overhead with something like AES-256-GCM-SHA384. + ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; - # Forward real ip and host to Plex - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Host $server_addr; - proxy_set_header Referer $server_addr; - proxy_set_header Origin $server_addr; + # Forward real ip and host to Plex + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Host $server_addr; + proxy_set_header Referer $server_addr; + proxy_set_header Origin $server_addr; - # Nginx default client_max_body_size is 1MB, which breaks Camera Upload feature from the phones. - # Increasing the limit fixes the issue. Anyhow, if 4K videos are expected to be uploaded, the size might need to be increased even more - client_max_body_size 100M; + # Nginx default client_max_body_size is 1MB, which breaks Camera Upload feature from the phones. + # Increasing the limit fixes the issue. Anyhow, if 4K videos are expected to be uploaded, the size might need to be increased even more + client_max_body_size 100M; - # Plex headers - proxy_set_header X-Plex-Client-Identifier $http_x_plex_client_identifier; - proxy_set_header X-Plex-Device $http_x_plex_device; - proxy_set_header X-Plex-Device-Name $http_x_plex_device_name; - proxy_set_header X-Plex-Platform $http_x_plex_platform; - proxy_set_header X-Plex-Platform-Version $http_x_plex_platform_version; - proxy_set_header X-Plex-Product $http_x_plex_product; - proxy_set_header X-Plex-Token $http_x_plex_token; - proxy_set_header X-Plex-Version $http_x_plex_version; - proxy_set_header X-Plex-Nocache $http_x_plex_nocache; - proxy_set_header X-Plex-Provides $http_x_plex_provides; - proxy_set_header X-Plex-Device-Vendor $http_x_plex_device_vendor; - proxy_set_header X-Plex-Model $http_x_plex_model; + # Plex headers + proxy_set_header X-Plex-Client-Identifier $http_x_plex_client_identifier; + proxy_set_header X-Plex-Device $http_x_plex_device; + proxy_set_header X-Plex-Device-Name $http_x_plex_device_name; + proxy_set_header X-Plex-Platform $http_x_plex_platform; + proxy_set_header X-Plex-Platform-Version $http_x_plex_platform_version; + proxy_set_header X-Plex-Product $http_x_plex_product; + proxy_set_header X-Plex-Token $http_x_plex_token; + proxy_set_header X-Plex-Version $http_x_plex_version; + proxy_set_header X-Plex-Nocache $http_x_plex_nocache; + proxy_set_header X-Plex-Provides $http_x_plex_provides; + proxy_set_header X-Plex-Device-Vendor $http_x_plex_device_vendor; + proxy_set_header X-Plex-Model $http_x_plex_model; - # Buffering off send to the client as soon as the data is received from Plex. - proxy_redirect off; - proxy_buffering off; - ''; - locations."/" = { + # Buffering off send to the client as soon as the data is received from Plex. + proxy_redirect off; + proxy_buffering off; + ''; + locations."/" = { - proxyWebsockets = true; - proxyPass = "http://plex2.hades:32400/"; + proxyWebsockets = true; + proxyPass = "http://plex2.hades:32400/"; + }; }; + + "fedi.xirion.net" = { + enableACME = true; + forceSSL = true; + + root = "${pkgs.v.glitch-soc}/public/"; + locations = { + "/".tryFiles = "$uri @proxy"; + + # location ~ ^/(emoji|packs|system/accounts/avatars|system/media_attachments/files) { + # add_header Cache-Control "public, max-age=31536000, immutable"; + # add_header Strict-Transport-Security "max-age=31536000"; + # try_files $uri @proxy; + # } + + # location /sw.js { + # add_header Cache-Control "public, max-age=0"; + # add_header Strict-Transport-Security "max-age=31536000"; + # try_files $uri @proxy; + # } + + "@proxy" = { + proxyPass = "http://192.168.0.138:55001"; + proxyWebsockets = true; + }; + + "/api/v1/streaming" = { + proxyPass = "http://192.168.0.138:55000"; + proxyWebsockets = true; + }; + }; + }; + + "fedi-media.xirion.net" = proxy "http://garage.hades:3902"; }; - - virtualHosts."fedi.xirion.net" = { - enableACME = true; - forceSSL = true; - - root = "${pkgs.v.glitch-soc}/public/"; - locations."/".tryFiles = "$uri @proxy"; - - # location ~ ^/(emoji|packs|system/accounts/avatars|system/media_attachments/files) { - # add_header Cache-Control "public, max-age=31536000, immutable"; - # add_header Strict-Transport-Security "max-age=31536000"; - # try_files $uri @proxy; - # } - - # location /sw.js { - # add_header Cache-Control "public, max-age=0"; - # add_header Strict-Transport-Security "max-age=31536000"; - # try_files $uri @proxy; - # } - - locations."@proxy" = { - proxyPass = "http://192.168.0.138:55001"; - proxyWebsockets = true; - }; - - locations."/api/v1/streaming" = { - proxyPass = "http://192.168.0.138:55000"; - proxyWebsockets = true; - }; - }; - - virtualHosts."fedi-media.xirion.net" = proxy "http://garage.hades:3902"; }; } diff --git a/nixos/hosts/hades/pmm/configuration.nix b/nixos/hosts/hades/pmm/configuration.nix index 0e079e85..3d9cc038 100644 --- a/nixos/hosts/hades/pmm/configuration.nix +++ b/nixos/hosts/hades/pmm/configuration.nix @@ -14,7 +14,8 @@ let -v "/etc/pmm/TVShows.yml:/config/TVShows.yml:ro" \ ${container} --run ''; -in { +in +{ imports = [ ]; # This value determines the NixOS release from which the default diff --git a/nixos/hosts/hades/rtorrent/configuration.nix b/nixos/hosts/hades/rtorrent/configuration.nix index 865654d4..9161ccd2 100644 --- a/nixos/hosts/hades/rtorrent/configuration.nix +++ b/nixos/hosts/hades/rtorrent/configuration.nix @@ -21,27 +21,29 @@ in { vault-secrets.secrets.rtorrent = { services = [ "wg-quick-wg0" ]; }; # Mullvad VPN - networking.wg-quick.interfaces = let - postUpScript = pkgs.writeScriptBin "post_up" '' - #!${pkgs.stdenv.shell} - ${pkgs.iproute2}/bin/ip route add 10.42.42.0/23 via 192.168.0.1 - ${pkgs.iproute2}/bin/ip route add 10.100.0.0/24 via 192.168.0.1 - ''; - in { - wg0 = { - address = [ "10.66.153.191/32" "fc00:bbbb:bbbb:bb01::3:99be/128" ]; - dns = [ "10.64.0.1" ]; - privateKeyFile = "${vs.rtorrent}/wireguardKey"; - postUp = "${postUpScript}/bin/post_up || true"; + networking.wg-quick.interfaces = + let + postUpScript = pkgs.writeScriptBin "post_up" '' + #!${pkgs.stdenv.shell} + ${pkgs.iproute2}/bin/ip route add 10.42.42.0/23 via 192.168.0.1 + ${pkgs.iproute2}/bin/ip route add 10.100.0.0/24 via 192.168.0.1 + ''; + in + { + wg0 = { + address = [ "10.66.153.191/32" "fc00:bbbb:bbbb:bb01::3:99be/128" ]; + dns = [ "10.64.0.1" ]; + privateKeyFile = "${vs.rtorrent}/wireguardKey"; + postUp = "${postUpScript}/bin/post_up || true"; - peers = [ - { - publicKey = "HQHCrq4J6bSpdW1fI5hR/bvcrYa6HgGgwaa5ZY749ik="; - allowedIPs = [ "0.0.0.0/0" "::/0"]; - endpoint = "185.213.155.73:51820"; - # persistentKeepalive = 25; - } - ]; + peers = [ + { + publicKey = "HQHCrq4J6bSpdW1fI5hR/bvcrYa6HgGgwaa5ZY749ik="; + allowedIPs = [ "0.0.0.0/0" "::/0" ]; + endpoint = "185.213.155.73:51820"; + # persistentKeepalive = 25; + } + ]; + }; }; - }; } diff --git a/nixos/hosts/hades/rtorrent/rtorrent.nix b/nixos/hosts/hades/rtorrent/rtorrent.nix index 2aa37509..4d721609 100644 --- a/nixos/hosts/hades/rtorrent/rtorrent.nix +++ b/nixos/hosts/hades/rtorrent/rtorrent.nix @@ -4,112 +4,113 @@ port = 54945; # Port Forwarded in mullvad downloadDir = "/mnt/storage/torrents/r"; package = pkgs.jesec-rtorrent; - configText = let cfg = config.services.rtorrent; - in pkgs.lib.mkForce '' - # rTorrent runtime directory (cfg.basedir) [default: "$HOME/.local/share/rtorrent"] - method.insert = cfg.basedir, private|const|string, (cat,"${cfg.dataDir}/") + configText = + let cfg = config.services.rtorrent; + in pkgs.lib.mkForce '' + # rTorrent runtime directory (cfg.basedir) [default: "$HOME/.local/share/rtorrent"] + method.insert = cfg.basedir, private|const|string, (cat,"${cfg.dataDir}/") - # Default download directory (cfg.download) [default: "$(cfg.basedir)/download"] - method.insert = cfg.download, private|const|string, (cat,"${cfg.downloadDir}") + # Default download directory (cfg.download) [default: "$(cfg.basedir)/download"] + method.insert = cfg.download, private|const|string, (cat,"${cfg.downloadDir}") - # RPC Socket - method.insert = cfg.rpcsock, private|const|string, (cat,"${cfg.rpcSocket}") + # RPC Socket + method.insert = cfg.rpcsock, private|const|string, (cat,"${cfg.rpcSocket}") - # Log directory (cfg.logs) [default: "$(cfg.basedir)/log"] - method.insert = cfg.logs, private|const|string, (cat,(cfg.basedir),"log/") - method.insert = cfg.logfile, private|const|string, (cat,(cfg.logs),"rtorrent-",(system.time),".log") + # Log directory (cfg.logs) [default: "$(cfg.basedir)/log"] + method.insert = cfg.logs, private|const|string, (cat,(cfg.basedir),"log/") + method.insert = cfg.logfile, private|const|string, (cat,(cfg.logs),"rtorrent-",(system.time),".log") - # Torrent session directory (cfg.session) [default: "$(cfg.basedir)/.session"] - method.insert = cfg.session, private|const|string, (cat,(cfg.basedir),".session/") + # Torrent session directory (cfg.session) [default: "$(cfg.basedir)/.session"] + method.insert = cfg.session, private|const|string, (cat,(cfg.basedir),".session/") - # Watch (drop to add) directories (cfg.watch) [default: "$(cfg.basedir)/watch"] - method.insert = cfg.watch, private|const|string, (cat,(cfg.basedir),"watch/") + # Watch (drop to add) directories (cfg.watch) [default: "$(cfg.basedir)/watch"] + method.insert = cfg.watch, private|const|string, (cat,(cfg.basedir),"watch/") - # Create directories - fs.mkdir.recursive = (cat,(cfg.basedir)) + # Create directories + fs.mkdir.recursive = (cat,(cfg.basedir)) - fs.mkdir = (cat,(cfg.download)) - fs.mkdir = (cat,(cfg.logs)) - fs.mkdir = (cat,(cfg.session)) + fs.mkdir = (cat,(cfg.download)) + fs.mkdir = (cat,(cfg.logs)) + fs.mkdir = (cat,(cfg.session)) - fs.mkdir = (cat,(cfg.watch)) - fs.mkdir = (cat,(cfg.watch),"/load") - fs.mkdir = (cat,(cfg.watch),"/start") + fs.mkdir = (cat,(cfg.watch)) + fs.mkdir = (cat,(cfg.watch),"/load") + fs.mkdir = (cat,(cfg.watch),"/start") - # Drop to "$(cfg.watch)/load" to add torrent - schedule2 = watch_load, 11, 10, ((load.verbose, (cat, (cfg.watch), "load/*.torrent"))) + # Drop to "$(cfg.watch)/load" to add torrent + schedule2 = watch_load, 11, 10, ((load.verbose, (cat, (cfg.watch), "load/*.torrent"))) - # Drop to "$(cfg.watch)/start" to add torrent and start downloading - schedule2 = watch_start, 10, 10, ((load.start_verbose, (cat, (cfg.watch), "start/*.torrent"))) + # Drop to "$(cfg.watch)/start" to add torrent and start downloading + schedule2 = watch_start, 10, 10, ((load.start_verbose, (cat, (cfg.watch), "start/*.torrent"))) - # Listening port for incoming peer traffic - network.port_range.set = ${toString cfg.port}-${toString cfg.port} - network.port_random.set = no + # Listening port for incoming peer traffic + network.port_range.set = ${toString cfg.port}-${toString cfg.port} + network.port_random.set = no - # Distributed Hash Table and Peer EXchange - dht.mode.set = disable - dht.port.set = 6881 - protocol.pex.set = yes + # Distributed Hash Table and Peer EXchange + dht.mode.set = disable + dht.port.set = 6881 + protocol.pex.set = yes - # UDP tracker support - trackers.use_udp.set = yes + # UDP tracker support + trackers.use_udp.set = yes - # Peer settings - throttle.max_uploads.set = 100 - throttle.max_uploads.global.set = 250 - throttle.min_peers.normal.set = 20 - throttle.max_peers.normal.set = 60 - throttle.min_peers.seed.set = 30 - throttle.max_peers.seed.set = 80 - trackers.numwant.set = 80 + # Peer settings + throttle.max_uploads.set = 100 + throttle.max_uploads.global.set = 250 + throttle.min_peers.normal.set = 20 + throttle.max_peers.normal.set = 60 + throttle.min_peers.seed.set = 30 + throttle.max_peers.seed.set = 80 + trackers.numwant.set = 80 - protocol.encryption.set = allow_incoming,try_outgoing,enable_retry + protocol.encryption.set = allow_incoming,try_outgoing,enable_retry - # Limits for file handle resources, this is optimized for - # an `ulimit` of 1024 (a common default). You MUST leave - # a ceiling of handles reserved for rTorrent's internal needs! - network.max_open_files.set = 600 - network.max_open_sockets.set = 300 + # Limits for file handle resources, this is optimized for + # an `ulimit` of 1024 (a common default). You MUST leave + # a ceiling of handles reserved for rTorrent's internal needs! + network.max_open_files.set = 600 + network.max_open_sockets.set = 300 - # Memory resource usage (increase if you have a large number of items loaded, - # and/or the available resources to spend) - pieces.memory.max.set = 1800M - network.xmlrpc.size_limit.set = 32M + # Memory resource usage (increase if you have a large number of items loaded, + # and/or the available resources to spend) + pieces.memory.max.set = 1800M + network.xmlrpc.size_limit.set = 32M - # Basic operational settings - session.path.set = (cat, (cfg.session)) - directory.default.set = (cat, (cfg.download)) - log.execute = (cat, (cfg.logs), "execute.log") + # Basic operational settings + session.path.set = (cat, (cfg.session)) + directory.default.set = (cat, (cfg.download)) + log.execute = (cat, (cfg.logs), "execute.log") - # Other operational settings - encoding.add = utf8 - system.umask.set = 0027 - system.cwd.set = (directory.default) - #schedule2 = low_diskspace, 5, 60, ((close_low_diskspace, 500M)) - #pieces.hash.on_completion.set = no + # Other operational settings + encoding.add = utf8 + system.umask.set = 0027 + system.cwd.set = (directory.default) + #schedule2 = low_diskspace, 5, 60, ((close_low_diskspace, 500M)) + #pieces.hash.on_completion.set = no - # HTTP and SSL - network.http.max_open.set = 50 - network.http.dns_cache_timeout.set = 25 + # HTTP and SSL + network.http.max_open.set = 50 + network.http.dns_cache_timeout.set = 25 - #network.http.ssl_verify_peer.set = 1 - #network.http.ssl_verify_host.set = 1 + #network.http.ssl_verify_peer.set = 1 + #network.http.ssl_verify_host.set = 1 - # Run the rTorrent process as a daemon in the background - system.daemon.set = true + # Run the rTorrent process as a daemon in the background + system.daemon.set = true - # XML-RPC interface - network.scgi.open_local = (cat,(cfg.rpcsock)) - schedule = scgi_group,0,0,"execute.nothrow=chown,\":rtorrent\",(cfg.rpcsock)" - schedule = scgi_permission,0,0,"execute.nothrow=chmod,\"g+w,o=\",(cfg.rpcsock)" + # XML-RPC interface + network.scgi.open_local = (cat,(cfg.rpcsock)) + schedule = scgi_group,0,0,"execute.nothrow=chown,\":rtorrent\",(cfg.rpcsock)" + schedule = scgi_permission,0,0,"execute.nothrow=chmod,\"g+w,o=\",(cfg.rpcsock)" - # Logging: - # Levels = critical error warn notice info debug - # Groups = connection_* dht_* peer_* rpc_* storage_* thread_* tracker_* torrent_* - print = (cat, "Logging to ", (cfg.logfile)) - log.open_file = "log", (cfg.logfile) - log.add_output = "debug", "log" - ''; + # Logging: + # Levels = critical error warn notice info debug + # Groups = connection_* dht_* peer_* rpc_* storage_* thread_* tracker_* torrent_* + print = (cat, "Logging to ", (cfg.logfile)) + log.open_file = "log", (cfg.logfile) + log.add_output = "debug", "log" + ''; }; } diff --git a/nixos/hosts/hades/unifi/configuration.nix b/nixos/hosts/hades/unifi/configuration.nix index 7659d411..ef1aaecc 100644 --- a/nixos/hosts/hades/unifi/configuration.nix +++ b/nixos/hosts/hades/unifi/configuration.nix @@ -1,4 +1,4 @@ -{ pkgs, lib, pkgs_stable,... }: { +{ pkgs, lib, pkgs_stable, ... }: { system.stateVersion = "21.05"; networking.interfaces.eth0.useDHCP = true; diff --git a/nixos/hosts/olympus/bastion/configuration.nix b/nixos/hosts/olympus/bastion/configuration.nix index 81273483..e306326b 100644 --- a/nixos/hosts/olympus/bastion/configuration.nix +++ b/nixos/hosts/olympus/bastion/configuration.nix @@ -17,7 +17,8 @@ let done fi ''; -in { +in +{ imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix diff --git a/nixos/hosts/olympus/bastion/hardware-configuration.nix b/nixos/hosts/olympus/bastion/hardware-configuration.nix index dec70cc5..be7d9923 100644 --- a/nixos/hosts/olympus/bastion/hardware-configuration.nix +++ b/nixos/hosts/olympus/bastion/hardware-configuration.nix @@ -5,12 +5,14 @@ { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; + boot = { - boot.initrd.availableKernelModules = - [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; + initrd.availableKernelModules = + [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; + initrd.kernelModules = [ ]; + kernelModules = [ ]; + extraModulePackages = [ ]; + }; fileSystems."/" = { device = "/dev/disk/by-uuid/e8427097-8545-4924-b033-2659fcf9adca"; diff --git a/nixos/hosts/olympus/dex/configuration.nix b/nixos/hosts/olympus/dex/configuration.nix index aa934bbb..af043f4c 100644 --- a/nixos/hosts/olympus/dex/configuration.nix +++ b/nixos/hosts/olympus/dex/configuration.nix @@ -9,7 +9,8 @@ let db_name = "dex"; inherit (config.meta.exposes.dex) port; metricsPort = 5558; -in { +in +{ imports = [ ]; # This value determines the NixOS release from which the default diff --git a/nixos/hosts/olympus/dhcp/configuration.nix b/nixos/hosts/olympus/dhcp/configuration.nix index daf061af..30aab235 100644 --- a/nixos/hosts/olympus/dhcp/configuration.nix +++ b/nixos/hosts/olympus/dhcp/configuration.nix @@ -9,8 +9,9 @@ let localDomain = config.networking.domain; hosts = filter (h: hasAttr "ip" h && hasAttr "mac" h && h.realm == localDomain) - flat_hosts; -in { + flat_hosts; +in +{ networking = { defaultGateway = "10.42.42.1"; nameservers = [ "10.42.42.15" "10.42.42.16" ]; diff --git a/nixos/hosts/olympus/eevee/hardware-configuration.nix b/nixos/hosts/olympus/eevee/hardware-configuration.nix index 4082fde0..efc77070 100644 --- a/nixos/hosts/olympus/eevee/hardware-configuration.nix +++ b/nixos/hosts/olympus/eevee/hardware-configuration.nix @@ -5,12 +5,14 @@ { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + boot = { - boot.initrd.availableKernelModules = - [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + initrd.availableKernelModules = + [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; + initrd.kernelModules = [ ]; + kernelModules = [ "kvm-intel" ]; + extraModulePackages = [ ]; + }; fileSystems."/" = { device = "/dev/disk/by-uuid/947a98af-9a4e-4811-a2ca-9aa00b319e9c"; diff --git a/nixos/hosts/olympus/eevee/hardware.nix b/nixos/hosts/olympus/eevee/hardware.nix index 37c1a85c..422c10a4 100644 --- a/nixos/hosts/olympus/eevee/hardware.nix +++ b/nixos/hosts/olympus/eevee/hardware.nix @@ -1,42 +1,46 @@ { pkgs, config, ... }: { - hardware.enableAllFirmware = true; + hardware = { + enableAllFirmware = true; + nvidia = { + package = config.boot.kernelPackages.nvidiaPackages.stable; - services.hardware.bolt.enable = true; + # Open drivers cause gdm to crash + # open = true; - services.xserver.videoDrivers = [ "nvidia" ]; - hardware.nvidia = { - package = config.boot.kernelPackages.nvidiaPackages.stable; + # nvidia-drm.modeset=1 + modesetting.enable = true; + }; - # Open drivers cause gdm to crash - # open = true; + # Hardware acceleration + opengl = { + enable = true; - # nvidia-drm.modeset=1 - modesetting.enable = true; + # Vulkan + driSupport = true; + }; + + logitech.wireless = { + enable = true; + enableGraphical = true; + }; }; + services = { - # Hardware acceleration - hardware.opengl = { - enable = true; + hardware.bolt.enable = true; - # Vulkan - driSupport = true; + xserver.videoDrivers = [ "nvidia" ]; + + # udev + udev.packages = with pkgs; [ + android-udev-rules + logitech-udev-rules + wooting-udev-rules + ]; + + # SSD Trim + fstrim.enable = true; }; - hardware.logitech.wireless = { - enable = true; - enableGraphical = true; - }; - - # udev - services.udev.packages = with pkgs; [ - android-udev-rules - logitech-udev-rules - wooting-udev-rules - ]; - # FS fileSystems."/".options = [ "compress=zstd" ]; - - # SSD Trim - services.fstrim.enable = true; } diff --git a/nixos/hosts/olympus/gitea/configuration.nix b/nixos/hosts/olympus/gitea/configuration.nix index 9deb5836..fd471d38 100644 --- a/nixos/hosts/olympus/gitea/configuration.nix +++ b/nixos/hosts/olympus/gitea/configuration.nix @@ -6,7 +6,8 @@ let vs = config.vault-secrets.secrets; inherit (config.meta.exposes.git) port; -in { +in +{ imports = [ ]; # This value determines the NixOS release from which the default @@ -23,12 +24,71 @@ in { environment.noXlibs = lib.mkForce false; networking.firewall.allowedTCPPorts = [ port ]; + services = { - services.openssh.startWhenNeeded = false; + openssh.startWhenNeeded = false; - services.fail2ban = { - enable = true; - maxretry = 3; + fail2ban = { + enable = true; + maxretry = 3; + }; + + gitea = { + enable = true; + package = pkgs.forgejo; + lfs.enable = true; + dump.type = "tar.gz"; + database.type = "postgres"; + mailerPasswordFile = "${vs.gitea}/mailPassword"; + + settings = { + default.WORK_PATH = "/var/lib/gitea"; + actions = { "ENABLED" = true; }; + repository = { + "ENABLE_PUSH_CREATE_USER" = true; + "DEFAULT_PUSH_CREATE_PRIVATE" = false; + }; + service = { + "DEFAULT_KEEP_EMAIL_PRIVATE" = true; + "DISABLE_REGISTRATION" = true; + }; + indexer = { + "REPO_INDEXER_ENABLED" = true; + "REPO_INDEXER_PATH" = "indexers/repos.bleve"; + "MAX_FILE_SIZE" = 1048576; + "REPO_INDEXER_EXCLUDE" = "node_modules/**"; + }; + ui = { + "THEMES" = "forgejo-auto,forgejo-light,forgejo-dark,auto,gitea,arc-green,agatheme"; + "DEFAULT_THEME" = "forgejo-auto"; + "USE_SERVICE_WORKER" = true; + }; + server = { + LANDING_PAGE = "explore"; + SSH_PORT = 42; + DOMAIN = "git.0x76.dev"; + ROOT_URL = "https://git.0x76.dev"; + HTTP_PORT = port; + }; + session = { + "PROVIDER" = "db"; + "COOKIE_SECURE" = true; + }; + mailer = { + "ENABLED" = true; + # "IS_TLS_ENABLED" = true; + # "HOST" = "mail.0x76.dev:465"; + "FROM" = "gitea@0x76.dev"; + # "MAILER_TYPE" = "smtp"; + "USER" = "gitea@0x76.dev"; + + # Below is prep for 1.18 + "PROTOCOL" = "smtps"; + "SMTP_ADDR" = "mail.0x76.dev"; + "SMTP_PORT" = 465; + }; + }; + }; }; vault-secrets.secrets.gitea = { @@ -42,61 +102,4 @@ in { mkdir -p ${target_dir} ln -sf ${pkgs.v.gitea-agatheme} "${target_dir}/theme-agatheme.css" ''; - - services.gitea = { - enable = true; - package = pkgs.forgejo; - lfs.enable = true; - dump.type = "tar.gz"; - database.type = "postgres"; - mailerPasswordFile = "${vs.gitea}/mailPassword"; - - settings = { - default.WORK_PATH = "/var/lib/gitea"; - actions = { "ENABLED" = true; }; - repository = { - "ENABLE_PUSH_CREATE_USER" = true; - "DEFAULT_PUSH_CREATE_PRIVATE" = false; - }; - service = { - "DEFAULT_KEEP_EMAIL_PRIVATE" = true; - "DISABLE_REGISTRATION" = true; - }; - indexer = { - "REPO_INDEXER_ENABLED" = true; - "REPO_INDEXER_PATH" = "indexers/repos.bleve"; - "MAX_FILE_SIZE" = 1048576; - "REPO_INDEXER_EXCLUDE" = "node_modules/**"; - }; - ui = { - "THEMES" = "forgejo-auto,forgejo-light,forgejo-dark,auto,gitea,arc-green,agatheme"; - "DEFAULT_THEME" = "forgejo-auto"; - "USE_SERVICE_WORKER" = true; - }; - server = { - LANDING_PAGE = "explore"; - SSH_PORT = 42; - DOMAIN = "git.0x76.dev"; - ROOT_URL = "https://git.0x76.dev"; - HTTP_PORT = port; - }; - session = { - "PROVIDER" = "db"; - "COOKIE_SECURE" = true; - }; - mailer = { - "ENABLED" = true; - # "IS_TLS_ENABLED" = true; - # "HOST" = "mail.0x76.dev:465"; - "FROM" = "gitea@0x76.dev"; - # "MAILER_TYPE" = "smtp"; - "USER" = "gitea@0x76.dev"; - - # Below is prep for 1.18 - "PROTOCOL" = "smtps"; - "SMTP_ADDR" = "mail.0x76.dev"; - "SMTP_PORT" = 465; - }; - }; - }; } diff --git a/nixos/hosts/olympus/hedgedoc/configuration.nix b/nixos/hosts/olympus/hedgedoc/configuration.nix index 1b92dc57..4525e08a 100644 --- a/nixos/hosts/olympus/hedgedoc/configuration.nix +++ b/nixos/hosts/olympus/hedgedoc/configuration.nix @@ -8,7 +8,8 @@ let db_user = "hedgedoc"; inherit (config.meta.exposes.md) port; vs = config.vault-secrets.secrets; -in { +in +{ imports = [ ]; # This value determines the NixOS release from which the default @@ -67,19 +68,20 @@ in { secretKey = "$MINIO_SECRET_KEY"; }; email = false; - oauth2 = let url = "https://dex.0x76.dev"; - in { - providerName = "Dex"; - clientID = "hedgedoc"; - clientSecret = "$DEX_CLIENT_SECRET"; - scope = "openid email profile"; - authorizationURL = "${url}/auth"; - tokenURL = "${url}/token"; - userProfileURL = "${url}/userinfo"; - userProfileUsernameAttr = "preferred_username"; - userProfileDisplayNameAttr = "name"; - userProfileEmailAttr = "email"; - }; + oauth2 = + let url = "https://dex.0x76.dev"; + in { + providerName = "Dex"; + clientID = "hedgedoc"; + clientSecret = "$DEX_CLIENT_SECRET"; + scope = "openid email profile"; + authorizationURL = "${url}/auth"; + tokenURL = "${url}/token"; + userProfileURL = "${url}/userinfo"; + userProfileUsernameAttr = "preferred_username"; + userProfileDisplayNameAttr = "name"; + userProfileEmailAttr = "email"; + }; }; }; } diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index fd6ca36d..da3ce19a 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -97,48 +97,50 @@ in { autoIndexExclude = [ "\\Junk" ]; }; }; + services = { - services.postfix.relayHost = "smtp.ziggozakelijk.nl"; - services.postfix.relayPort = 587; + postfix.relayHost = "smtp.ziggozakelijk.nl"; + postfix.relayPort = 587; - services.roundcube = { - enable = true; - package = pkgs.roundcube.withPlugins - (plugins: [ plugins.persistent_login pkgs.v.roundcube-swipe ]); - plugins = [ - "archive" - "managesieve" - "swipe" - # "enigma" - # "markasjunk" - "persistent_login" - ]; - # this is the url of the vhost, not necessarily the same as the fqdn of - # the mailserver - hostName = "webmail.0x76.dev"; - extraConfig = '' - # starttls needed for authentication, so the fqdn required to match - # the certificate - $config['smtp_host'] = "tls://${config.mailserver.fqdn}"; - $config['smtp_user'] = "%u"; - $config['smtp_pass'] = "%p"; - - $config['swipe_actions'] = [ - 'messagelist' => [ - 'left' => 'archive', - 'right' => 'archive', - 'down' => 'none' - ], - 'contactlist' => [ - 'left' => 'none', - 'right' => 'none', - 'down' => 'none' - ] + roundcube = { + enable = true; + package = pkgs.roundcube.withPlugins + (plugins: [ plugins.persistent_login pkgs.v.roundcube-swipe ]); + plugins = [ + "archive" + "managesieve" + "swipe" + # "enigma" + # "markasjunk" + "persistent_login" ]; - ''; - }; + # this is the url of the vhost, not necessarily the same as the fqdn of + # the mailserver + hostName = "webmail.0x76.dev"; + extraConfig = '' + # starttls needed for authentication, so the fqdn required to match + # the certificate + $config['smtp_host'] = "tls://${config.mailserver.fqdn}"; + $config['smtp_user'] = "%u"; + $config['smtp_pass'] = "%p"; - services.nginx = { enable = true; }; + $config['swipe_actions'] = [ + 'messagelist' => [ + 'left' => 'archive', + 'right' => 'archive', + 'down' => 'none' + ], + 'contactlist' => [ + 'left' => 'none', + 'right' => 'none', + 'down' => 'none' + ] + ]; + ''; + }; + + nginx = { enable = true; }; + }; security.acme.acceptTerms = true; security.acme.defaults.email = "v@0x76.dev"; diff --git a/nixos/hosts/olympus/minio/configuration.nix b/nixos/hosts/olympus/minio/configuration.nix index 5a05fb77..1e4ffb86 100644 --- a/nixos/hosts/olympus/minio/configuration.nix +++ b/nixos/hosts/olympus/minio/configuration.nix @@ -7,7 +7,8 @@ let vs = config.vault-secrets.secrets; listenPort = config.meta.exposes.minio.port; consolePort = listenPort + 1; -in { +in +{ imports = [ ]; # This value determines the NixOS release from which the default diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 83076ac4..fed28fe0 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -13,7 +13,8 @@ let add_header Access-Control-Allow-Origin *; return 200 '${builtins.toJSON data}'; ''; -in { +in +{ # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave @@ -23,115 +24,127 @@ in { system.stateVersion = "21.05"; # Did you read the comment? networking.firewall.allowedTCPPorts = [ 80 443 ]; + services = { - # Generates vhosts for all hosts that have an `exposes` section - services.v.nginx.autoExpose = true; + # Generates vhosts for all hosts that have an `exposes` section + v.nginx.autoExpose = true; - services.nginx = { - enable = true; - statusPage = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - recommendedOptimisation = true; - recommendedBrotliSettings = true; - clientMaxBodySize = "500m"; + nginx = { + enable = true; + statusPage = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedOptimisation = true; + recommendedBrotliSettings = true; + clientMaxBodySize = "500m"; - package = pkgs.nginxMainline; + package = pkgs.nginxMainline; - # Templated - virtualHosts = { - "pass.0x76.dev" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://vaultwarden.olympus:8222"; - proxyWebsockets = true; - }; - locations."/notifications/hub/negotiate" = { - proxyPass = "http://vaultwarden.olympus:8222"; - proxyWebsockets = true; - }; - locations."/notifications/hub" = { - proxyPass = "http://vaultwarden.olympus:3012"; - proxyWebsockets = true; - }; - }; + # Templated + virtualHosts = { + "pass.0x76.dev" = { + enableACME = true; + forceSSL = true; + locations = { - # Meow - "meowy.tech" = { - enableACME = true; - forceSSL = true; - locations."/".extraConfig = '' - add_header Content-Type 'text/html; charset=UTF-8'; - return 200 '

meow

'; - ''; - locations."= /.well-known/matrix/client".extraConfig = - mkWellKnown clientConfig; - locations."= /.well-known/matrix/server".extraConfig = - mkWellKnown serverConfig; - }; - "chat.meowy.tech" = { - enableACME = true; - forceSSL = true; - locations."/".extraConfig = '' - return 307 https://element.chat.meowy.tech; - ''; - locations."/_matrix".proxyPass = "http://synapse.olympus:8008"; - locations."/_synapse/client".proxyPass = "http://synapse.olympus:8008"; - locations."/_synapse/admin" = { - # Allow only local and my own IPs - extraConfig = '' - allow 127.0.0.1; - allow 10.42.42.0/23; - allow 192.168.0.0/23; - allow 80.60.83.220; - allow 83.128.154.23; - allow 195.85.167.32/29; - deny all; - ''; - proxyPass = "http://synapse.olympus:8008"; - }; - }; - "element.chat.meowy.tech" = { - enableACME = true; - forceSSL = true; + "/".proxyPass = "http://vaultwarden.olympus:8222"; + "/".proxyWebsockets = true; - root = pkgs.element-web.override { - conf = { - default_server_config = clientConfig; - show_labs_settings = true; - brand = "chat.meowy.tech"; + "/notifications/hub/negotiate" = { + proxyPass = "http://vaultwarden.olympus:8222"; + proxyWebsockets = true; + }; + "/notifications/hub" = { + proxyPass = "http://vaultwarden.olympus:3012"; + proxyWebsockets = true; + }; }; }; - }; - "cinny.chat.meowy.tech" = { - enableACME = true; - forceSSL = true; - root = pkgs.cinny.override { - conf = { - defaultHomeserver = 0; - allowCustomHomeservers = false; - homeserverList = [ "chat.meowy.tech" ]; + # Meow + "meowy.tech" = { + enableACME = true; + forceSSL = true; + locations = { + "/".extraConfig = '' + add_header Content-Type 'text/html; charset=UTF-8'; + return 200 '

meow

'; + ''; + "= /.well-known/matrix/client".extraConfig = + mkWellKnown clientConfig; + "= /.well-known/matrix/server".extraConfig = + mkWellKnown serverConfig; }; }; + "chat.meowy.tech" = { + enableACME = true; + forceSSL = true; + locations = { + "/".extraConfig = '' + return 307 https://element.chat.meowy.tech; + ''; + "/_matrix".proxyPass = "http://synapse.olympus:8008"; + "/_synapse/client".proxyPass = "http://synapse.olympus:8008"; + "/_synapse/admin" = { + # Allow only local and my own IPs + extraConfig = '' + allow 127.0.0.1; + allow 10.42.42.0/23; + allow 192.168.0.0/23; + allow 80.60.83.220; + allow 83.128.154.23; + allow 195.85.167.32/29; + deny all; + ''; + proxyPass = "http://synapse.olympus:8008"; + }; + }; + }; + "element.chat.meowy.tech" = { + enableACME = true; + forceSSL = true; + + root = pkgs.element-web.override { + conf = { + default_server_config = clientConfig; + show_labs_settings = true; + brand = "chat.meowy.tech"; + }; + }; + }; + "cinny.chat.meowy.tech" = { + enableACME = true; + forceSSL = true; + + root = pkgs.cinny.override { + conf = { + defaultHomeserver = 0; + allowCustomHomeservers = false; + homeserverList = [ "chat.meowy.tech" ]; + }; + }; + }; + "admin.chat.meowy.tech" = { + enableACME = true; + forceSSL = true; + root = pkgs.synapse-admin; + }; }; - "admin.chat.meowy.tech" = { - enableACME = true; - forceSSL = true; - root = pkgs.synapse-admin; + }; + + prometheus.exporters = { + nginx = { + enable = true; + openFirewall = true; }; }; }; + security = { + acme = { - security.acme.defaults.email = "victorheld12@gmail.com"; - security.acme.acceptTerms = true; - security.acme.preliminarySelfsigned = true; - - services.prometheus.exporters = { - nginx = { - enable = true; - openFirewall = true; + defaults.email = "victorheld12@gmail.com"; + acceptTerms = true; + preliminarySelfsigned = true; }; }; } diff --git a/nixos/hosts/olympus/ntfy/configuration.nix b/nixos/hosts/olympus/ntfy/configuration.nix index b8ce52e5..a20b8d2d 100644 --- a/nixos/hosts/olympus/ntfy/configuration.nix +++ b/nixos/hosts/olympus/ntfy/configuration.nix @@ -20,18 +20,19 @@ networking.firewall.allowedTCPPorts = [ 80 9090 ]; - services.ntfy-sh = let datadir = "/var/lib/ntfy-sh"; - in { - enable = true; - settings = { - base-url = "https://ntfy.0x76.dev"; - listen-http = ":80"; - cache-file = "${datadir}/cache.db"; - auth-file = "${datadir}/user.db"; - auth-default-access = "deny-all"; - behind-proxy = true; - attachment-cache-dir = "${datadir}/attachments"; - metrics-listen-http = ":9090"; + services.ntfy-sh = + let datadir = "/var/lib/ntfy-sh"; + in { + enable = true; + settings = { + base-url = "https://ntfy.0x76.dev"; + listen-http = ":80"; + cache-file = "${datadir}/cache.db"; + auth-file = "${datadir}/user.db"; + auth-default-access = "deny-all"; + behind-proxy = true; + attachment-cache-dir = "${datadir}/attachments"; + metrics-listen-http = ":9090"; + }; }; - }; } diff --git a/nixos/hosts/olympus/outline/configuration.nix b/nixos/hosts/olympus/outline/configuration.nix index 43d9e99e..7db54e9a 100644 --- a/nixos/hosts/olympus/outline/configuration.nix +++ b/nixos/hosts/olympus/outline/configuration.nix @@ -6,7 +6,8 @@ let vs = config.vault-secrets.secrets; inherit (config.meta.exposes.outline) port; -in { +in +{ imports = [ ]; # This value determines the NixOS release from which the default diff --git a/nixos/hosts/olympus/synapse/configuration.nix b/nixos/hosts/olympus/synapse/configuration.nix index 29559608..c2a87081 100644 --- a/nixos/hosts/olympus/synapse/configuration.nix +++ b/nixos/hosts/olympus/synapse/configuration.nix @@ -7,7 +7,8 @@ let vs = config.vault-secrets.secrets; port = 8008; metricsPort = 9000; -in { +in +{ imports = [ ]; # This value determines the NixOS release from which the default @@ -49,60 +50,62 @@ in { "${vs.synapse}/email_password" # Also contains the rest of the email config ]; - settings = let - log_file = pkgs.writeText "log.yml" '' - version: 1 + settings = + let + log_file = pkgs.writeText "log.yml" '' + version: 1 - formatters: - structured: - class: synapse.logging.TerseJsonFormatter + formatters: + structured: + class: synapse.logging.TerseJsonFormatter - handlers: - file: - class: logging.handlers.TimedRotatingFileHandler - formatter: structured - filename: /var/lib/matrix-synapse/synapse.log - when: midnight - backupCount: 3 # Does not include the current log file. - encoding: utf8 + handlers: + file: + class: logging.handlers.TimedRotatingFileHandler + formatter: structured + filename: /var/lib/matrix-synapse/synapse.log + when: midnight + backupCount: 3 # Does not include the current log file. + encoding: utf8 - loggers: - synapse: - level: INFO - handlers: [file] - ''; - in { - server_name = "meowy.tech"; - enable_registration = true; - public_baseurl = "https://chat.meowy.tech"; - enable_metrics = true; - max_upload_size = "100M"; - registration_requires_token = true; - media_retention = { remote_media_lifetime = "90d"; }; - log_config = "${log_file}"; - listeners = [ - { - inherit port; - bind_addresses = [ "0.0.0.0" ]; - type = "http"; - tls = false; - x_forwarded = true; - resources = [{ - names = [ "client" "federation" ]; - compress = true; - }]; - } - { - port = metricsPort; - bind_addresses = [ "0.0.0.0" ]; - type = "metrics"; - tls = false; - resources = [{ - names = [ "metrics" ]; - compress = false; - }]; - } - ]; - }; + loggers: + synapse: + level: INFO + handlers: [file] + ''; + in + { + server_name = "meowy.tech"; + enable_registration = true; + public_baseurl = "https://chat.meowy.tech"; + enable_metrics = true; + max_upload_size = "100M"; + registration_requires_token = true; + media_retention = { remote_media_lifetime = "90d"; }; + log_config = "${log_file}"; + listeners = [ + { + inherit port; + bind_addresses = [ "0.0.0.0" ]; + type = "http"; + tls = false; + x_forwarded = true; + resources = [{ + names = [ "client" "federation" ]; + compress = true; + }]; + } + { + port = metricsPort; + bind_addresses = [ "0.0.0.0" ]; + type = "metrics"; + tls = false; + resources = [{ + names = [ "metrics" ]; + compress = false; + }]; + } + ]; + }; }; } diff --git a/nixos/hosts/olympus/vaultwarden/configuration.nix b/nixos/hosts/olympus/vaultwarden/configuration.nix index f4ae4fd7..c3d89975 100644 --- a/nixos/hosts/olympus/vaultwarden/configuration.nix +++ b/nixos/hosts/olympus/vaultwarden/configuration.nix @@ -6,7 +6,8 @@ let vs = config.vault-secrets.secrets; cfg = config.services.vaultwarden.config; -in { +in +{ imports = [ ]; # This value determines the NixOS release from which the default diff --git a/nixos/hosts/olympus/victoriametrics/configuration.nix b/nixos/hosts/olympus/victoriametrics/configuration.nix index 1b88cf51..f565f79a 100644 --- a/nixos/hosts/olympus/victoriametrics/configuration.nix +++ b/nixos/hosts/olympus/victoriametrics/configuration.nix @@ -8,7 +8,8 @@ let grafanaDomain = config.meta.exposes.grafana.domain; grafanaPort = config.meta.exposes.grafana.port; vs = config.vault-secrets.secrets; -in { +in +{ imports = [ ]; # This value determines the NixOS release from which the default @@ -20,73 +21,104 @@ in { system.stateVersion = "21.11"; # Did you read the comment? networking.firewall.allowedTCPPorts = [ vmPort grafanaPort ]; networking.firewall.allowedUDPPorts = [ vmPort ]; + services = { - services.victoriametrics = { - enable = true; - listenAddress = ":${toString vmPort}"; - # Data Retention period in months - retentionPeriod = 36; - }; + victoriametrics = { + enable = true; + listenAddress = ":${toString vmPort}"; + # Data Retention period in months + retentionPeriod = 36; + }; + + vmagent = { + enable = true; + openFirewall = true; + prometheusConfig = { + global = { + scrape_interval = "1m"; + scrape_timeout = "30s"; + }; + scrape_configs = [ + { + job_name = "kea"; + static_configs = [{ + targets = [ "dhcp.olympus:9547" ]; + labels.app = "dhcp"; + }]; + } + { + job_name = "nginx"; + static_configs = [{ + targets = [ "nginx.olympus:9113" ]; + labels.app = "nginx"; + }]; + } + { + job_name = "synapse"; + static_configs = [{ + targets = [ "synapse.olympus:9000" ]; + labels.app = "synapse"; + }]; + } + { + job_name = "wireguard"; + static_configs = [{ + targets = [ "wireguard.olympus:9586" ]; + labels.app = "wireguard"; + }]; + } + { + job_name = "ntfy"; + static_configs = [{ + targets = [ "ntfy.olympus:9090" ]; + labels.app = "ntfy"; + }]; + } + { + job_name = "dex"; + static_configs = [{ + targets = [ "dex.olympus:5558" ]; + labels.app = "dex"; + }]; + } + { + job_name = "unbound"; + static_configs = [{ + targets = [ "dns-1.olympus:9167" "dns-2.olympus:9167" ]; + labels.app = "dns"; + }]; + } + ]; + }; + }; + + grafana = { + enable = true; + settings = { + server = { + domain = grafanaDomain; + root_url = "https://${grafanaDomain}"; + http_addr = "0.0.0.0"; + http_port = grafanaPort; + }; + security.admin_password = "$__file{${vs.grafana}/password}"; + + "auth.generic_oauth" = { + name = "Dex"; + icon = "signin"; + enabled = true; + allow_sign_up = true; + client_id = "grafana"; + client_secret = "$__file{${vs.grafana}/dex_client_secret}"; + scopes = toString [ "openid" "profile" "email" "groups" ]; + auth_url = "https://dex.0x76.dev/auth"; + token_url = "https://dex.0x76.dev/token"; + api_url = "https://dex.0x76.dev/userinfo"; + skip_org_role_sync = true; + auto_login = true; + }; - services.vmagent = { - enable = true; - openFirewall = true; - prometheusConfig = { - global = { - scrape_interval = "1m"; - scrape_timeout = "30s"; }; - scrape_configs = [ - { - job_name = "kea"; - static_configs = [{ - targets = [ "dhcp.olympus:9547" ]; - labels.app = "dhcp"; - }]; - } - { - job_name = "nginx"; - static_configs = [{ - targets = [ "nginx.olympus:9113" ]; - labels.app = "nginx"; - }]; - } - { - job_name = "synapse"; - static_configs = [{ - targets = [ "synapse.olympus:9000" ]; - labels.app = "synapse"; - }]; - } - { - job_name = "wireguard"; - static_configs = [{ - targets = [ "wireguard.olympus:9586" ]; - labels.app = "wireguard"; - }]; - } - { - job_name = "ntfy"; - static_configs = [{ - targets = [ "ntfy.olympus:9090"]; - labels.app = "ntfy"; - }]; - } - { - job_name = "dex"; - static_configs = [{ - targets = [ "dex.olympus:5558" ]; - labels.app = "dex"; - }]; - } - { - job_name = "unbound"; - static_configs = [{ - targets = [ "dns-1.olympus:9167" "dns-2.olympus:9167" ]; - labels.app = "dns"; - }]; - } - ]; }; }; @@ -94,33 +126,4 @@ in { user = "grafana"; group = "grafana"; }; - - services.grafana = { - enable = true; - settings = { - server = { - domain = grafanaDomain; - root_url = "https://${grafanaDomain}"; - http_addr = "0.0.0.0"; - http_port = grafanaPort; - }; - security.admin_password = "$__file{${vs.grafana}/password}"; - - "auth.generic_oauth" = { - name = "Dex"; - icon = "signin"; - enabled = true; - allow_sign_up = true; - client_id = "grafana"; - client_secret = "$__file{${vs.grafana}/dex_client_secret}"; - scopes = toString [ "openid" "profile" "email" "groups" ]; - auth_url = "https://dex.0x76.dev/auth"; - token_url = "https://dex.0x76.dev/token"; - api_url = "https://dex.0x76.dev/userinfo"; - skip_org_role_sync = true; - auto_login = true; - }; - - }; - }; } diff --git a/nixos/hosts/olympus/wireguard/configuration.nix b/nixos/hosts/olympus/wireguard/configuration.nix index ee24f55d..e032921b 100644 --- a/nixos/hosts/olympus/wireguard/configuration.nix +++ b/nixos/hosts/olympus/wireguard/configuration.nix @@ -19,22 +19,62 @@ in { environment.systemPackages = with pkgs; [ wireguard-tools ]; environment.noXlibs = lib.mkForce false; + networking = { - networking.firewall.allowedUDPPorts = - [ config.networking.wireguard.interfaces.wg0.listenPort ]; - networking.firewall.checkReversePath = false; + firewall.allowedUDPPorts = + [ config.networking.wireguard.interfaces.wg0.listenPort ]; + firewall.checkReversePath = false; + + nat = { + enable = true; + internalInterfaces = [ "wg0" "eth0" ]; + externalInterface = "eth0"; + }; + + wireguard.interfaces.wg0 = { + ips = [ "10.100.0.1/24" ]; + listenPort = 51821; + privateKeyFile = "${vs.wireguard}/privateKey"; + + peers = [ + { + # Phone + publicKey = "K+99mvSYs4urcclreQDLA1pekD4xtu/mpS2uVWw8Bws="; + allowedIPs = [ "10.100.0.2/32" ]; + } + { + # Laura's laptop + publicKey = "ZWIaDGrASlTkEK75j10VeGCvrIGfpk4GPobmqcYX2D0="; + allowedIPs = [ "10.100.0.3/32" ]; + } + { + # Old Laptop + publicKey = "L8myt2bcdja7M+i+9eatdQRW8relPUoZZ9lEKSLe+m8="; + allowedIPs = [ "10.100.0.4/32" ]; + } + { + # New Laptop + publicKey = "+Ms3xV6LxNZWTQk11zoz+AUIV2uds6A64Wz15JlR/Ak="; + allowedIPs = [ "10.100.0.6/32" ]; + } + { + # Aerdenhout + # Useful setup video for opnsense: https://www.youtube.com/watch?v=RoXHe5dqCM0 + # https://docs.opnsense.org/manual/how-tos/wireguard-s2s.html + publicKey = "KgqLhmUMX6kyTjRoa/GOCrZOvXNE5HWYuOr/T3v8/VI="; + allowedIPs = [ "10.100.0.5/32" "192.168.0.0/23" "10.10.10.0/24" ]; + endpoint = "83.128.154.23:51820"; + persistentKeepalive = 25; + } + ]; + }; + }; vault-secrets.secrets.wireguard = { services = [ "wireguard-wg0" ]; loginRetries = 25; }; - networking.nat = { - enable = true; - internalInterfaces = [ "wg0" "eth0" ]; - externalInterface = "eth0"; - }; - boot.kernel.sysctl = { "net.ipv4.ip_forward" = 1; "net.ipv6.conf.all.forwarding" = 1; @@ -44,42 +84,4 @@ in { enable = true; openFirewall = true; }; - - networking.wireguard.interfaces.wg0 = { - ips = [ "10.100.0.1/24" ]; - listenPort = 51821; - privateKeyFile = "${vs.wireguard}/privateKey"; - - peers = [ - { - # Phone - publicKey = "K+99mvSYs4urcclreQDLA1pekD4xtu/mpS2uVWw8Bws="; - allowedIPs = [ "10.100.0.2/32" ]; - } - { - # Laura's laptop - publicKey = "ZWIaDGrASlTkEK75j10VeGCvrIGfpk4GPobmqcYX2D0="; - allowedIPs = [ "10.100.0.3/32" ]; - } - { - # Old Laptop - publicKey = "L8myt2bcdja7M+i+9eatdQRW8relPUoZZ9lEKSLe+m8="; - allowedIPs = [ "10.100.0.4/32" ]; - } - { - # New Laptop - publicKey = "+Ms3xV6LxNZWTQk11zoz+AUIV2uds6A64Wz15JlR/Ak="; - allowedIPs = [ "10.100.0.6/32" ]; - } - { - # Aerdenhout - # Useful setup video for opnsense: https://www.youtube.com/watch?v=RoXHe5dqCM0 - # https://docs.opnsense.org/manual/how-tos/wireguard-s2s.html - publicKey = "KgqLhmUMX6kyTjRoa/GOCrZOvXNE5HWYuOr/T3v8/VI="; - allowedIPs = [ "10.100.0.5/32" "192.168.0.0/23" "10.10.10.0/24" ]; - endpoint = "83.128.154.23:51820"; - persistentKeepalive = 25; - } - ]; - }; } diff --git a/nixos/hosts/thalassa/aoife/hardware-configuration.nix b/nixos/hosts/thalassa/aoife/hardware-configuration.nix index 06d94880..c6cd2ce2 100644 --- a/nixos/hosts/thalassa/aoife/hardware-configuration.nix +++ b/nixos/hosts/thalassa/aoife/hardware-configuration.nix @@ -5,12 +5,14 @@ { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + boot = { - boot.initrd.availableKernelModules = - [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" "sdhci_pci" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; + initrd.availableKernelModules = + [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" "sdhci_pci" ]; + initrd.kernelModules = [ ]; + kernelModules = [ "kvm-amd" ]; + extraModulePackages = [ ]; + }; fileSystems."/" = { device = "/dev/disk/by-uuid/c184866a-9a53-4a9f-9a1f-493792af7ea9"; diff --git a/nixos/hosts/thalassa/aoife/hardware.nix b/nixos/hosts/thalassa/aoife/hardware.nix index 03457648..6c6e4102 100644 --- a/nixos/hosts/thalassa/aoife/hardware.nix +++ b/nixos/hosts/thalassa/aoife/hardware.nix @@ -1,50 +1,58 @@ { pkgs, ... }: { - hardware.enableAllFirmware = true; + hardware = { + enableAllFirmware = true; - hardware.bluetooth.enable = true; + bluetooth.enable = true; - services.hardware.bolt.enable = true; + # Vulkan + opengl.driSupport = true; + opengl.extraPackages = with pkgs; [ + amdvlk + rocm-opencl-icd + rocm-opencl-runtime + ]; + }; + services = { - services.fprintd.enable = true; + hardware.bolt.enable = true; + + fprintd.enable = true; + + # Video Driver + xserver.videoDrivers = [ "amdgpu" ]; + xserver = { + dpi = 280; + xkbOptions = "caps:swapescape"; + }; + + # SSD Trim + fstrim.enable = true; + + # Power Management + upower.enable = true; + thermald.enable = true; + }; # hardware.trackpoint.enable = true; # FS fileSystems."/".options = [ "compress=zstd" ]; - # Video Driver - services.xserver.videoDrivers = [ "amdgpu" ]; - services.xserver = { - dpi = 280; - xkbOptions = "caps:swapescape"; - }; - - # Vulkan - hardware.opengl.driSupport = true; - hardware.opengl.extraPackages = with pkgs; [ - amdvlk - rocm-opencl-icd - rocm-opencl-runtime - ]; - systemd.tmpfiles.rules = [ "L+ /opt/rocm/hip - - - - ${pkgs.hip}" ]; - # SSD Trim - services.fstrim.enable = true; - - # Power Management - services.upower.enable = true; - services.thermald.enable = true; - powerManagement = { enable = true; powertop.enable = true; }; + security = { + tpm2 = { - # tpm - security.tpm2.enable = true; - security.tpm2.pkcs11.enable = true; # expose /run/current-system/sw/lib/libtpm2_pkcs11.so - security.tpm2.tctiEnvironment.enable = true; # TPM2TOOLS_TCTI and TPM2_PKCS11_TCTI env variables - users.users.victor.extraGroups = [ "tss" ]; # tss group has access to TPM devices + # tpm + enable = true; + pkcs11.enable = true; # expose /run/current-system/sw/lib/libtpm2_pkcs11.so + tctiEnvironment.enable = true; + }; + }; # TPM2TOOLS_TCTI and TPM2_PKCS11_TCTI env variables + users.users.victor.extraGroups = [ "tss" ]; # tss group has access to TPM devices } diff --git a/nixos/hosts/thalassa/aoife/home/default.nix b/nixos/hosts/thalassa/aoife/home/default.nix index f4f05f60..5c543197 100644 --- a/nixos/hosts/thalassa/aoife/home/default.nix +++ b/nixos/hosts/thalassa/aoife/home/default.nix @@ -1,4 +1,4 @@ -{pkgs, ...}: { +{ pkgs, ... }: { # Custom dconf settings dconf.settings."org/gnome/desktop/input-sources" = { xkb-options = [ "caps:swapescape" ]; diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index 03532097..e8d0b164 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -30,23 +30,39 @@ let exec Hyprland ''; -in { +in +{ imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ./rescue-boot.nix ./networking.nix ]; + home-manager = { - # home-manager - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.victor = import ./home; - home-manager.extraSpecialArgs = { inherit inputs; }; + # home-manager + useGlobalPkgs = true; + useUserPackages = true; + users.victor = import ./home; + extraSpecialArgs = { inherit inputs; }; + }; + security = { - security.pam.services.swaylock = { }; + pam.services.swaylock = { }; - security.sudo.wheelNeedsPassword = true; + sudo.wheelNeedsPassword = true; + rtkit.enable = true; + + # Enables logging in with my Solokey + pam.u2f = { + enable = true; + debug = false; + cue = true; + control = "sufficient"; + authFile = + "/etc/u2f-mappings"; # use `pamu2fcfg` from `pkgs.pam_u2f` to generate this config + }; + }; fonts = { fonts = with pkgs; [ @@ -79,61 +95,116 @@ in { # boot.initrd.systemd.enable = true; # Experimental boot = { kernelPackages = pkgs.linuxPackages_latest; - loader.systemd-boot.editor = false; - loader.systemd-boot.enable = true; - # loader.systemd-boot.configurationLimit = 6; - loader.efi.canTouchEfiVariables = true; - loader.efi.efiSysMountPoint = "/boot/efi"; + loader = { + systemd-boot.editor = false; + systemd-boot.enable = true; + # loader.systemd-boot.configurationLimit = 6; + efi.canTouchEfiVariables = true; + efi.efiSysMountPoint = "/boot/efi"; + }; kernel.sysctl = { "fs.inotify.max_user_watches" = 524288; }; }; + services = { - services.gnome.gnome-keyring.enable = true; + gnome.gnome-keyring.enable = true; - fileSystems."/".options = [ "compress=zstd" ]; - fileSystems."/home".options = [ "compress=zstd" ]; - fileSystems."/nix".options = [ "compress=zstd" "noatime" ]; + udisks2.enable = true; + dbus.enable = true; - # Filesystem dedup - # services.beesd.filesystems = { - # root = { - # spec = "LABEL=nixos"; - # hashTableSizeMB = 256; - # verbosity = "crit"; - # extraOptions = [ "--loadavg-target" "2.0" ]; - # }; - # }; + xserver = { + enable = false; + layout = "us"; + xkbVariant = "altgr-intl"; + xkbOptions = "caps:swapescape"; + videoDrivers = [ "nvidia" ]; + }; + blueman.enable = true; - # Select internationalisation properties. - i18n.defaultLocale = "en_GB.utf8"; + # Enable CUPS to print documents. + printing.enable = true; + pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; - i18n.extraLocaleSettings = { - LC_ADDRESS = "nl_NL.UTF-8"; - LC_IDENTIFICATION = "nl_NL.UTF-8"; - LC_MEASUREMENT = "nl_NL.UTF-8"; - LC_MONETARY = "nl_NL.UTF-8"; - LC_NAME = "nl_NL.UTF-8"; - LC_NUMERIC = "nl_NL.UTF-8"; - LC_PAPER = "nl_NL.UTF-8"; - LC_TELEPHONE = "nl_NL.UTF-8"; - LC_TIME = "en_DK.UTF-8"; + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + + fstrim.enable = true; + + # don't shutdown when power button is short-pressed + logind.extraConfig = '' + HandlePowerKey=suspend + ''; + + udev.packages = with pkgs; [ + android-udev-rules + logitech-udev-rules + wooting-udev-rules + ]; }; + fileSystems = { - i18n.supportedLocales = - [ "en_GB.UTF-8/UTF-8" "nl_NL.UTF-8/UTF-8" "en_DK.UTF-8/UTF-8" ]; + "/".options = [ "compress=zstd" ]; + "/home".options = [ "compress=zstd" ]; + "/nix".options = [ "compress=zstd" "noatime" ]; + }; + i18n = { + + # Filesystem dedup + # services.beesd.filesystems = { + # root = { + # spec = "LABEL=nixos"; + # hashTableSizeMB = 256; + # verbosity = "crit"; + # extraOptions = [ "--loadavg-target" "2.0" ]; + # }; + # }; + + # Select internationalisation properties. + defaultLocale = "en_GB.utf8"; + + extraLocaleSettings = { + LC_ADDRESS = "nl_NL.UTF-8"; + LC_IDENTIFICATION = "nl_NL.UTF-8"; + LC_MEASUREMENT = "nl_NL.UTF-8"; + LC_MONETARY = "nl_NL.UTF-8"; + LC_NAME = "nl_NL.UTF-8"; + LC_NUMERIC = "nl_NL.UTF-8"; + LC_PAPER = "nl_NL.UTF-8"; + LC_TELEPHONE = "nl_NL.UTF-8"; + LC_TIME = "en_DK.UTF-8"; + }; + + supportedLocales = + [ "en_GB.UTF-8/UTF-8" "nl_NL.UTF-8/UTF-8" "en_DK.UTF-8/UTF-8" ]; + }; xdg.portal = { enable = true; wlr.enable = true; }; + programs = { - services.udisks2.enable = true; - services.dbus.enable = true; + # Hyprland + hyprland = { + enable = true; + package = null; # Managed by home manager + }; - # Hyprland - programs.hyprland = { - enable = true; - package = null; # Managed by home manager + steam = { + enable = true; + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = true; + }; + + ssh.startAgent = true; }; environment.loginShellInit = '' @@ -141,57 +212,34 @@ in { ${run-hyprland}/bin/run-hyprland fi ''; + hardware = { - services.xserver = { - enable = false; - layout = "us"; - xkbVariant = "altgr-intl"; - xkbOptions = "caps:swapescape"; - videoDrivers = [ "nvidia" ]; + nvidia.prime = { + offload.enable = true; + intelBusId = "PCI:0:2:0"; + nvidiaBusId = "PCI:1:0:0"; + }; + + opengl = { + enable = true; + extraPackages = with pkgs; [ + vaapiVdpau + intel-media-driver # LIBVA_DRIVER_NAME=iHD + vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) + libvdpau-va-gl + ]; + }; + + bluetooth.enable = true; + + saleae-logic.enable = true; + pulseaudio.enable = false; }; - hardware.nvidia.prime = { - offload.enable = true; - intelBusId = "PCI:0:2:0"; - nvidiaBusId = "PCI:1:0:0"; - }; - - hardware.opengl = { - enable = true; - extraPackages = with pkgs; [ - vaapiVdpau - intel-media-driver # LIBVA_DRIVER_NAME=iHD - vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) - libvdpau-va-gl - ]; - }; - - hardware.bluetooth.enable = true; - services.blueman.enable = true; - virtualisation.podman.enable = true; - hardware.saleae-logic.enable = true; - - # Enable CUPS to print documents. - services.printing.enable = true; - # Enable sound with pipewire. sound.enable = true; - hardware.pulseaudio.enable = false; - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - # If you want to use JACK applications, uncomment this - #jack.enable = true; - - # use the example session manager (no others are packaged yet so this is enabled by default, - # no need to redefine it in your config for now) - #media-session.enable = true; - }; environment.systemPackages = with pkgs; [ pciutils @@ -204,42 +252,11 @@ in { swaylock-effects # Has to be installed globally so that pam module works ]; - programs.steam = { - enable = true; - remotePlay.openFirewall = true; - dedicatedServer.openFirewall = true; - }; - - services.fstrim.enable = true; - nix.extraOptions = '' keep-outputs = true keep-derivations = true ''; - # Enables logging in with my Solokey - security.pam.u2f = { - enable = true; - debug = false; - cue = true; - control = "sufficient"; - authFile = - "/etc/u2f-mappings"; # use `pamu2fcfg` from `pkgs.pam_u2f` to generate this config - }; - - programs.ssh.startAgent = true; - - # don't shutdown when power button is short-pressed - services.logind.extraConfig = '' - HandlePowerKey=suspend - ''; - - services.udev.packages = with pkgs; [ - android-udev-rules - logitech-udev-rules - wooting-udev-rules - ]; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/hosts/thalassa/null/hardware-configuration.nix b/nixos/hosts/thalassa/null/hardware-configuration.nix index a7a6cd2b..4c230e9f 100644 --- a/nixos/hosts/thalassa/null/hardware-configuration.nix +++ b/nixos/hosts/thalassa/null/hardware-configuration.nix @@ -5,34 +5,38 @@ { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + boot = { - boot.initrd.availableKernelModules = - [ "xhci_pci" "ahci" "nvme" "rtsx_pci_sdmmc" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c"; - fsType = "btrfs"; - options = [ "subvol=@" ]; + initrd.availableKernelModules = + [ "xhci_pci" "ahci" "nvme" "rtsx_pci_sdmmc" ]; + initrd.kernelModules = [ ]; + kernelModules = [ "kvm-intel" ]; + extraModulePackages = [ ]; }; + fileSystems = { - fileSystems."/nix" = { - device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c"; - fsType = "btrfs"; - options = [ "subvol=@/nix" ]; - }; + "/" = { + device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c"; + fsType = "btrfs"; + options = [ "subvol=@" ]; + }; - fileSystems."/home" = { - device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c"; - fsType = "btrfs"; - options = [ "subvol=@home" ]; - }; + "/nix" = { + device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c"; + fsType = "btrfs"; + options = [ "subvol=@/nix" ]; + }; - fileSystems."/boot/efi" = { - device = "/dev/disk/by-uuid/D478-6F66"; - fsType = "vfat"; + "/home" = { + device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c"; + fsType = "btrfs"; + options = [ "subvol=@home" ]; + }; + + "/boot/efi" = { + device = "/dev/disk/by-uuid/D478-6F66"; + fsType = "vfat"; + }; }; swapDevices = [ ]; diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index f1285906..a83a1ab4 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -4,198 +4,205 @@ let inherit (pkgs.texlive) scheme-full; dnd-5e-latex-template = { pkgs = [ pkgs.v.dnd-5e-latex-template ]; }; }; -in { - programs.home-manager.enable = true; - home.username = "victor"; - home.homeDirectory = "/home/victor"; - home.stateVersion = "22.05"; +in +{ + programs = { + home-manager.enable = true; + + foot = { enable = true; }; + + nix-index.enable = true; + + exa = { + enable = true; + enableAliases = true; + }; + + bat.enable = true; + + git = { + enable = true; + package = pkgs.gitAndTools.gitFull; + userName = "Victor"; + userEmail = "victor@xirion.net"; + lfs.enable = true; + # delta.enable = true; + extraConfig = { + push.autoSetupRemote = true; + init.defaultBranch = "main"; + }; + }; + + mako = { + enable = true; + extraConfig = '' + [mode=do-not-disturb] + invisible=1 + ''; + }; + + tmux = { + enable = true; + shortcut = "b"; + terminal = "screen-256color"; + clock24 = true; + }; + + firefox = { + enable = true; + package = pkgs.firefox-devedition-bin; + }; + + vscode = { + enable = true; + package = pkgs.vscode; + userSettings = { + "ltex.language" = "en-GB"; + "latex-workshop" = { + "linting.chktex.enabled" = true; + "latex.clean.subfolder.enabled" = true; + "latex.outDir" = "%TMPDIR%/%RELATIVE_DOC%"; + }; + "workbench.colorTheme" = "Catppuccin Frappé"; + "editor.fontFamily" = + "'DejaVuSansMono Nerd Font', 'monospace', monospace"; + "keyboard.dispatch" = "keyCode"; + "rust-analyzer.server.path" = "${pkgs.rust-analyzer}/bin/rust-analyzer"; + "terminal.integrated.defaultProfile.linux" = "zsh"; + "nix.enableLanguageServer" = true; # Enable LSP. + "nix.serverPath" = + "${pkgs.nil}/bin/nil"; # The path to the LSP server executable. + "[nix]" = { "editor.defaultFormatter" = "brettm12345.nixfmt-vscode"; }; + }; + extensions = with pkgs.vscode-extensions; + with pkgs.v.vscode-extensions; [ + # astro-build.astro-vscode + brettm12345.nixfmt-vscode + catppuccin.catppuccin-vsc + codezombiech.gitignore + editorconfig.editorconfig + foxundermoon.shell-format + james-yu.latex-workshop + jnoortheen.nix-ide + matklad.rust-analyzer + mkhl.direnv + ms-vscode-remote.remote-ssh + ms-vscode.cpptools + platformio.platformio-ide + redhat.vscode-yaml + tamasfe.even-better-toml + valentjn.vscode-ltex + vscodevim.vim + xaver.clang-format + ]; + }; + + direnv = { + enable = true; + nix-direnv = { enable = true; }; + }; + + zsh = { + enable = true; + sessionVariables = { DIRENV_LOG_FORMAT = ""; }; + }; + }; + home = { + username = "victor"; + homeDirectory = "/home/victor"; + stateVersion = "22.05"; + + packages = with pkgs; [ + appimage-run + brightnessctl + btop + calibre + cinny-desktop + discord-canary + element-desktop-wayland + fluxcd + fusee-launcher + gcc + gimp + gnome.eog + gnome.file-roller + gnome.gnome-font-viewer + gnome.nautilus + grim # Screenshot tool + inputs.comma.packages.${pkgs.system}.default + inputs.riff.packages.${pkgs.system}.riff + inputs.webcord.packages.${pkgs.system}.default + k9s + kubectl + libnotify + mullvad-vpn + neofetch + nixpkgs-review + nixfmt + ouch + plex-media-player + plexamp + python3 + retroarchFull + ripgrep + rsync + rustup + saleae-logic-2 + solo2-cli + steam-run + tex + thunderbird-wayland + v.deemix-gui + wf-recorder # Screenrecorder + wl-clipboard # Clipboard manager + wofi # Wayland rofi + wpa_supplicant_gui + ]; + }; imports = [ ./hyprland.nix ./neovim.nix ./eww ./theme.nix ]; - home.packages = with pkgs; [ - appimage-run - brightnessctl - btop - calibre - cinny-desktop - discord-canary - element-desktop-wayland - fluxcd - fusee-launcher - gcc - gimp - gnome.eog - gnome.file-roller - gnome.gnome-font-viewer - gnome.nautilus - grim # Screenshot tool - inputs.comma.packages.${pkgs.system}.default - inputs.riff.packages.${pkgs.system}.riff - inputs.webcord.packages.${pkgs.system}.default - k9s - kubectl - libnotify - mullvad-vpn - neofetch - nixpkgs-review - nixfmt - ouch - plex-media-player - plexamp - python3 - retroarchFull - ripgrep - rsync - rustup - saleae-logic-2 - solo2-cli - steam-run - tex - thunderbird-wayland - v.deemix-gui - wf-recorder # Screenrecorder - wl-clipboard # Clipboard manager - wofi # Wayland rofi - wpa_supplicant_gui - ]; - xdg.mimeApps = { enable = true; - defaultApplications = let browser = [ "firefox.desktop" ]; - in { - "image/*" = "org.gnome.eog.desktop"; - "text/html" = browser; - "x-scheme-handler/http" = browser; - "x-scheme-handler/https" = browser; - "x-scheme-handler/ftp" = browser; - "x-scheme-handler/about" = browser; - "x-scheme-handler/unknown" = browser; - "application/x-extension-htm" = browser; - "application/x-extension-html" = browser; - "application/x-extension-shtml" = browser; - "application/xhtml+xml" = browser; - "application/x-extension-xhtml" = browser; - "application/x-extension-xht" = browser; + defaultApplications = + let browser = [ "firefox.desktop" ]; + in { + "image/*" = "org.gnome.eog.desktop"; + "text/html" = browser; + "x-scheme-handler/http" = browser; + "x-scheme-handler/https" = browser; + "x-scheme-handler/ftp" = browser; + "x-scheme-handler/about" = browser; + "x-scheme-handler/unknown" = browser; + "application/x-extension-htm" = browser; + "application/x-extension-html" = browser; + "application/x-extension-shtml" = browser; + "application/xhtml+xml" = browser; + "application/x-extension-xhtml" = browser; + "application/x-extension-xht" = browser; - "application/json" = browser; - "application/pdf" = browser; + "application/json" = browser; + "application/pdf" = browser; - "x-scheme-handler/vscode" = "code-url-handler.desktop"; - "x-scheme-handler/discord" = "webcord.desktop"; - }; - }; - - programs.foot = { enable = true; }; - - programs.nix-index.enable = true; - - programs.exa = { - enable = true; - enableAliases = true; - }; - - programs.bat.enable = true; - - programs.git = { - enable = true; - package = pkgs.gitAndTools.gitFull; - userName = "Victor"; - userEmail = "victor@xirion.net"; - lfs.enable = true; - # delta.enable = true; - extraConfig = { - push.autoSetupRemote = true; - init.defaultBranch = "main"; - }; - }; - - programs.mako = { - enable = true; - extraConfig = '' - [mode=do-not-disturb] - invisible=1 - ''; - }; - - programs.tmux = { - enable = true; - shortcut = "b"; - terminal = "screen-256color"; - clock24 = true; - }; - - programs.firefox = { - enable = true; - package = pkgs.firefox-devedition-bin; - }; - - programs.vscode = { - enable = true; - package = pkgs.vscode; - userSettings = { - "ltex.language" = "en-GB"; - "latex-workshop" = { - "linting.chktex.enabled" = true; - "latex.clean.subfolder.enabled" = true; - "latex.outDir" = "%TMPDIR%/%RELATIVE_DOC%"; + "x-scheme-handler/vscode" = "code-url-handler.desktop"; + "x-scheme-handler/discord" = "webcord.desktop"; }; - "workbench.colorTheme" = "Catppuccin Frappé"; - "editor.fontFamily" = - "'DejaVuSansMono Nerd Font', 'monospace', monospace"; - "keyboard.dispatch" = "keyCode"; - "rust-analyzer.server.path" = "${pkgs.rust-analyzer}/bin/rust-analyzer"; - "terminal.integrated.defaultProfile.linux" = "zsh"; - "nix.enableLanguageServer" = true; # Enable LSP. - "nix.serverPath" = - "${pkgs.nil}/bin/nil"; # The path to the LSP server executable. - "[nix]" = { "editor.defaultFormatter" = "brettm12345.nixfmt-vscode"; }; + }; + + xdg.userDirs = + let home = config.home.homeDirectory; + in { + enable = true; + createDirectories = true; + desktop = "${home}/.desktop"; + documents = "${home}/cloud/Documents"; + download = "${home}/dl"; + music = "${home}/cloud/Music"; + pictures = "${home}/cloud/Pictures"; + publicShare = "${home}/.publicShare"; + templates = "${home}/.templates"; + videos = "${home}/cloud/Videos"; }; - extensions = with pkgs.vscode-extensions; - with pkgs.v.vscode-extensions; [ - # astro-build.astro-vscode - brettm12345.nixfmt-vscode - catppuccin.catppuccin-vsc - codezombiech.gitignore - editorconfig.editorconfig - foxundermoon.shell-format - james-yu.latex-workshop - jnoortheen.nix-ide - matklad.rust-analyzer - mkhl.direnv - ms-vscode-remote.remote-ssh - ms-vscode.cpptools - platformio.platformio-ide - redhat.vscode-yaml - tamasfe.even-better-toml - valentjn.vscode-ltex - vscodevim.vim - xaver.clang-format - ]; - }; - - programs.direnv = { - enable = true; - nix-direnv = { enable = true; }; - }; - - programs.zsh = { - enable = true; - sessionVariables = { DIRENV_LOG_FORMAT = ""; }; - }; - - xdg.userDirs = let home = config.home.homeDirectory; - in { - enable = true; - createDirectories = true; - desktop = "${home}/.desktop"; - documents = "${home}/cloud/Documents"; - download = "${home}/dl"; - music = "${home}/cloud/Music"; - pictures = "${home}/cloud/Pictures"; - publicShare = "${home}/.publicShare"; - templates = "${home}/.templates"; - videos = "${home}/cloud/Videos"; - }; services.syncthing.enable = true; } diff --git a/nixos/hosts/thalassa/null/home/eww/default.nix b/nixos/hosts/thalassa/null/home/eww/default.nix index dadcc758..120b59a0 100644 --- a/nixos/hosts/thalassa/null/home/eww/default.nix +++ b/nixos/hosts/thalassa/null/home/eww/default.nix @@ -1,38 +1,42 @@ { pkgs, ... }: { - home.packages = with pkgs; [ - eww-wayland - pamixer - lua - (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) - ]; + home = { + packages = with pkgs; [ + eww-wayland + pamixer + lua + (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) + ]; + file = { - home.file.".config/eww/eww.yuck".source = ./eww.yuck; - home.file.".config/eww/eww.scss".text = builtins.readFile ./eww.scss; + ".config/eww/eww.yuck".source = ./eww.yuck; + ".config/eww/eww.scss".text = builtins.readFile ./eww.scss; - # scripts - # TODO: just link all scripts in ./scripts to .config/eww/scripts - home.file.".config/eww/scripts/volume.sh" = { - source = ./scripts/volume.sh; - executable = true; - }; + # scripts + # TODO: just link all scripts in ./scripts to .config/eww/scripts + ".config/eww/scripts/volume.sh" = { + source = ./scripts/volume.sh; + executable = true; + }; - home.file.".config/eww/scripts/wifi.sh" = { - source = ./scripts/wifi.sh; - executable = true; - }; + ".config/eww/scripts/wifi.sh" = { + source = ./scripts/wifi.sh; + executable = true; + }; - home.file.".config/eww/scripts/workspaces.sh" = { - source = ./scripts/workspaces.sh; - executable = true; - }; + ".config/eww/scripts/workspaces.sh" = { + source = ./scripts/workspaces.sh; + executable = true; + }; - home.file.".config/eww/scripts/workspaces.lua" = { - source = ./scripts/workspaces.lua; - executable = true; - }; + ".config/eww/scripts/workspaces.lua" = { + source = ./scripts/workspaces.lua; + executable = true; + }; - home.file.".config/eww/scripts/do-not-disturb.sh" = { - source = ./scripts/do-not-disturb.sh; - executable = true; + ".config/eww/scripts/do-not-disturb.sh" = { + source = ./scripts/do-not-disturb.sh; + executable = true; + }; + }; }; } diff --git a/nixos/hosts/thalassa/null/home/hyprland.nix b/nixos/hosts/thalassa/null/home/hyprland.nix index 6dac363f..cdc6efa4 100644 --- a/nixos/hosts/thalassa/null/home/hyprland.nix +++ b/nixos/hosts/thalassa/null/home/hyprland.nix @@ -5,131 +5,133 @@ wallpaper = eDP-1,~/cloud/Pictures/Wallpapers-Laptop/wallpaper-nix-pink.png ''; - wayland.windowManager.hyprland = let - startup-script = pkgs.writeScriptBin "startup" '' - #!${pkgs.stdenv.shell} - hyprctl setcursor Catppuccin-Frappe-Pink-Cursors ${ - builtins.toString config.home.pointerCursor.size - } - ${pkgs.hyprpaper}/bin/hyprpaper & - foot --server & - eww daemon & - eww open bar & - firefox-devedition & - webcord & - element-desktop & - ''; - in { - enable = true; - recommendedEnvironment = true; - extraConfig = '' - exec-once=dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP - exec-once=systemctl --user import-environment WAYLAND_DISPLAY XDG_CURRENT_DESKTOP - - monitor=eDP-1,1920x1080@60,0x0,1 - monitor=eDP-1,addreserved,0,0,48,0 - monitor=,preferred,auto,1 - - windowrulev2 = workspace 1 silent,class:^(Electron)$,title:^(.*)(WebCord)(.*)$ - windowrulev2 = workspace 1 silent,title:^(Element)(.*)$ - windowrulev2 = workspace 2 silent,class:^(firefox-aurora)$ - windowrulev2 = float,class:^(firefox-aurora)$,title:^(Picture-in-Picture)$ - - general { - layout = dwindle - col.active_border = 0xfff4b8e4 - } - - input { - kb_options=caps:escape - touchpad { - natural_scroll= true + wayland.windowManager.hyprland = + let + startup-script = pkgs.writeScriptBin "startup" '' + #!${pkgs.stdenv.shell} + hyprctl setcursor Catppuccin-Frappe-Pink-Cursors ${ + builtins.toString config.home.pointerCursor.size } - } + ${pkgs.hyprpaper}/bin/hyprpaper & + foot --server & + eww daemon & + eww open bar & + firefox-devedition & + webcord & + element-desktop & + ''; + in + { + enable = true; + recommendedEnvironment = true; + extraConfig = '' + exec-once=dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP + exec-once=systemctl --user import-environment WAYLAND_DISPLAY XDG_CURRENT_DESKTOP - gestures { - workspace_swipe = true - } + monitor=eDP-1,1920x1080@60,0x0,1 + monitor=eDP-1,addreserved,0,0,48,0 + monitor=,preferred,auto,1 - misc { - no_vfr = false - disable_hyprland_logo = true - disable_splash_rendering = true - } + windowrulev2 = workspace 1 silent,class:^(Electron)$,title:^(.*)(WebCord)(.*)$ + windowrulev2 = workspace 1 silent,title:^(Element)(.*)$ + windowrulev2 = workspace 2 silent,class:^(firefox-aurora)$ + windowrulev2 = float,class:^(firefox-aurora)$,title:^(Picture-in-Picture)$ - dwindle { - pseudotile=true - } + general { + layout = dwindle + col.active_border = 0xfff4b8e4 + } - bind=SUPER,RETURN,exec,footclient - bind=SUPER,f,exec,firefox-devedition - bind=SUPER,d,exec,wofi --show run,drun + input { + kb_options=caps:escape + touchpad { + natural_scroll= true + } + } - bind=,Print,exec,grim -g "$(slurp)" -t png - | wl-copy -t image/png - bind=SUPER,W,killactive, - bind=SUPERSHIFT,Q,exit, - bind=SUPER,S,togglefloating, - bind=SUPER,P,pin, + gestures { + workspace_swipe = true + } - bindm=SUPER,mouse:272,movewindow - bindm=SUPER,mouse:273,resizewindow + misc { + no_vfr = false + disable_hyprland_logo = true + disable_splash_rendering = true + } - bind=SUPER,left,movefocus,l - bind=SUPER,right,movefocus,r - bind=SUPER,up,movefocus,u - bind=SUPER,down,movefocus,d + dwindle { + pseudotile=true + } - bind=SUPER,1,workspace,1 - bind=SUPER,2,workspace,2 - bind=SUPER,3,workspace,3 - bind=SUPER,4,workspace,4 - bind=SUPER,5,workspace,5 - bind=SUPER,6,workspace,6 - bind=SUPER,7,workspace,7 - bind=SUPER,8,workspace,8 - bind=SUPER,9,workspace,9 - bind=SUPER,0,workspace,10 - bind=SUPER,grave,togglespecialworkspace + bind=SUPER,RETURN,exec,footclient + bind=SUPER,f,exec,firefox-devedition + bind=SUPER,d,exec,wofi --show run,drun - bind=ALT,1,movetoworkspace,1 - bind=ALT,2,movetoworkspace,2 - bind=ALT,3,movetoworkspace,3 - bind=ALT,4,movetoworkspace,4 - bind=ALT,5,movetoworkspace,5 - bind=ALT,6,movetoworkspace,6 - bind=ALT,7,movetoworkspace,7 - bind=ALT,8,movetoworkspace,8 - bind=ALT,9,movetoworkspace,9 - bind=ALT,0,movetoworkspace,10 - bind=ALT,grave,movetoworkspace,special + bind=,Print,exec,grim -g "$(slurp)" -t png - | wl-copy -t image/png + bind=SUPER,W,killactive, + bind=SUPERSHIFT,Q,exit, + bind=SUPER,S,togglefloating, + bind=SUPER,P,pin, - bind=SUPERSHIFT,1,movetoworkspacesilent,1 - bind=SUPERSHIFT,2,movetoworkspacesilent,2 - bind=SUPERSHIFT,3,movetoworkspacesilent,3 - bind=SUPERSHIFT,4,movetoworkspacesilent,4 - bind=SUPERSHIFT,5,movetoworkspacesilent,5 - bind=SUPERSHIFT,6,movetoworkspacesilent,6 - bind=SUPERSHIFT,7,movetoworkspacesilent,7 - bind=SUPERSHIFT,8,movetoworkspacesilent,8 - bind=SUPERSHIFT,9,movetoworkspacesilent,9 - bind=SUPERSHIFT,0,movetoworkspacesilent,10 - bind=SUPERSHIFT,grave,movetoworkspacesilent,special + bindm=SUPER,mouse:272,movewindow + bindm=SUPER,mouse:273,resizewindow - bind=SUPER,mouse_down,workspace,e+1 - bind=SUPER,mouse_up,workspace,e-1 + bind=SUPER,left,movefocus,l + bind=SUPER,right,movefocus,r + bind=SUPER,up,movefocus,u + bind=SUPER,down,movefocus,d - bind=SUPER,g,togglegroup - bind=SUPER,tab,changegroupactive - bind=SUPER,m,fullscreen,1 - bind=SUPERSHIFT,m,fullscreen,0 + bind=SUPER,1,workspace,1 + bind=SUPER,2,workspace,2 + bind=SUPER,3,workspace,3 + bind=SUPER,4,workspace,4 + bind=SUPER,5,workspace,5 + bind=SUPER,6,workspace,6 + bind=SUPER,7,workspace,7 + bind=SUPER,8,workspace,8 + bind=SUPER,9,workspace,9 + bind=SUPER,0,workspace,10 + bind=SUPER,grave,togglespecialworkspace - bind=,XF86MonBrightnessUp,exec,brightnessctl -q s +5% - bind=,XF86MonBrightnessDown,exec,brightnessctl -q s 5%- - bind=,XF86MonRaiseVolume,exec,pamixer -i 5 - bind=,XF86MonLowerVolume,exec,pamixer -d 5 - bind=,XF86AudioMute,exec,pamixer -t + bind=ALT,1,movetoworkspace,1 + bind=ALT,2,movetoworkspace,2 + bind=ALT,3,movetoworkspace,3 + bind=ALT,4,movetoworkspace,4 + bind=ALT,5,movetoworkspace,5 + bind=ALT,6,movetoworkspace,6 + bind=ALT,7,movetoworkspace,7 + bind=ALT,8,movetoworkspace,8 + bind=ALT,9,movetoworkspace,9 + bind=ALT,0,movetoworkspace,10 + bind=ALT,grave,movetoworkspace,special - exec-once=${startup-script}/bin/startup - ''; - }; + bind=SUPERSHIFT,1,movetoworkspacesilent,1 + bind=SUPERSHIFT,2,movetoworkspacesilent,2 + bind=SUPERSHIFT,3,movetoworkspacesilent,3 + bind=SUPERSHIFT,4,movetoworkspacesilent,4 + bind=SUPERSHIFT,5,movetoworkspacesilent,5 + bind=SUPERSHIFT,6,movetoworkspacesilent,6 + bind=SUPERSHIFT,7,movetoworkspacesilent,7 + bind=SUPERSHIFT,8,movetoworkspacesilent,8 + bind=SUPERSHIFT,9,movetoworkspacesilent,9 + bind=SUPERSHIFT,0,movetoworkspacesilent,10 + bind=SUPERSHIFT,grave,movetoworkspacesilent,special + + bind=SUPER,mouse_down,workspace,e+1 + bind=SUPER,mouse_up,workspace,e-1 + + bind=SUPER,g,togglegroup + bind=SUPER,tab,changegroupactive + bind=SUPER,m,fullscreen,1 + bind=SUPERSHIFT,m,fullscreen,0 + + bind=,XF86MonBrightnessUp,exec,brightnessctl -q s +5% + bind=,XF86MonBrightnessDown,exec,brightnessctl -q s 5%- + bind=,XF86MonRaiseVolume,exec,pamixer -i 5 + bind=,XF86MonLowerVolume,exec,pamixer -d 5 + bind=,XF86AudioMute,exec,pamixer -t + + exec-once=${startup-script}/bin/startup + ''; + }; } diff --git a/nixos/hosts/thalassa/null/home/neovim.nix b/nixos/hosts/thalassa/null/home/neovim.nix index 983f6a45..a6eb4fa8 100644 --- a/nixos/hosts/thalassa/null/home/neovim.nix +++ b/nixos/hosts/thalassa/null/home/neovim.nix @@ -27,9 +27,11 @@ }; lsp = { enable = true; - servers.rust-analyzer.enable = true; - servers.rnix-lsp.enable = true; - servers.pyright.enable = true; + servers = { + rust-analyzer.enable = true; + rnix-lsp.enable = true; + pyright.enable = true; + }; }; nvim-cmp = { enable = true; }; }; diff --git a/nixos/hosts/thalassa/null/home/theme.nix b/nixos/hosts/thalassa/null/home/theme.nix index 128cd75e..fecec7af 100644 --- a/nixos/hosts/thalassa/null/home/theme.nix +++ b/nixos/hosts/thalassa/null/home/theme.nix @@ -34,16 +34,48 @@ let hex = mapAttrs (_name: value: "#${value}") colour; }; -in { - home.file.".xsettingsd".text = '' - Net/ThemeName "${theme}" - Gtk/CursorThemeName "${cursorTheme}" - ''; +in +{ + home = { + file.".xsettingsd".text = '' + Net/ThemeName "${theme}" + Gtk/CursorThemeName "${cursorTheme}" + ''; - home.pointerCursor = { - name = "Catppuccin-Frappe-Pink-Cursors"; - size = 32; - package = pkgs.catppuccin-cursors.frappePink; + pointerCursor = { + name = "Catppuccin-Frappe-Pink-Cursors"; + size = 32; + package = pkgs.catppuccin-cursors.frappePink; + }; + + file.".config/eww/eww.scss".text = lib.mkBefore '' + $rosewater: ${colour.hex.rosewater}; + $flamingo: ${colour.hex.flamingo}; + $pink: ${colour.hex.pink}; + $mauve: ${colour.hex.mauve}; + $red: ${colour.hex.red}; + $maroon: ${colour.hex.maroon}; + $peach: ${colour.hex.peach}; + $yellow: ${colour.hex.yellow}; + $green: ${colour.hex.green}; + $teal: ${colour.hex.teal}; + $sky: ${colour.hex.sky}; + $sapphire: ${colour.hex.sapphire}; + $blue: ${colour.hex.blue}; + $lavender: ${colour.hex.lavender}; + $text: ${colour.hex.text}; + $subtext0: ${colour.hex.subtext0}; + $subtext1: ${colour.hex.subtext1}; + $overlay0: ${colour.hex.overlay0}; + $overlay1: ${colour.hex.overlay1}; + $overlay2: ${colour.hex.overlay2}; + $surface0: ${colour.hex.surface0}; + $surface1: ${colour.hex.surface1}; + $surface2: ${colour.hex.surface2}; + $base: ${colour.hex.base}; + $mantle: ${colour.hex.mantle}; + $crust: ${colour.hex.crust}; + ''; }; gtk = { @@ -92,33 +124,4 @@ in { textColor = colour.hex.text; borderRadius = 5; }; - - home.file.".config/eww/eww.scss".text = lib.mkBefore '' - $rosewater: ${colour.hex.rosewater}; - $flamingo: ${colour.hex.flamingo}; - $pink: ${colour.hex.pink}; - $mauve: ${colour.hex.mauve}; - $red: ${colour.hex.red}; - $maroon: ${colour.hex.maroon}; - $peach: ${colour.hex.peach}; - $yellow: ${colour.hex.yellow}; - $green: ${colour.hex.green}; - $teal: ${colour.hex.teal}; - $sky: ${colour.hex.sky}; - $sapphire: ${colour.hex.sapphire}; - $blue: ${colour.hex.blue}; - $lavender: ${colour.hex.lavender}; - $text: ${colour.hex.text}; - $subtext0: ${colour.hex.subtext0}; - $subtext1: ${colour.hex.subtext1}; - $overlay0: ${colour.hex.overlay0}; - $overlay1: ${colour.hex.overlay1}; - $overlay2: ${colour.hex.overlay2}; - $surface0: ${colour.hex.surface0}; - $surface1: ${colour.hex.surface1}; - $surface2: ${colour.hex.surface2}; - $base: ${colour.hex.base}; - $mantle: ${colour.hex.mantle}; - $crust: ${colour.hex.crust}; - ''; } diff --git a/nixos/hosts/thalassa/null/rescue-boot.nix b/nixos/hosts/thalassa/null/rescue-boot.nix index 507b4272..a6cf2a2c 100644 --- a/nixos/hosts/thalassa/null/rescue-boot.nix +++ b/nixos/hosts/thalassa/null/rescue-boot.nix @@ -13,7 +13,8 @@ let boot.supportedFilesystems = [ "btrfs" "ext4" ]; environment.systemPackages = with pkgs; [ git ]; }; -in { +in +{ boot.loader.systemd-boot = { extraEntries = { "rescue.conf" = '' diff --git a/nixos/pkgs/glitch-soc/default.nix b/nixos/pkgs/glitch-soc/default.nix index 415a9be3..28ac565f 100644 --- a/nixos/pkgs/glitch-soc/default.nix +++ b/nixos/pkgs/glitch-soc/default.nix @@ -1,9 +1,22 @@ -{ lib, stdenv, nodejs-slim, bundlerEnv, nixosTests, yarn, callPackage -, imagemagick, ffmpeg, file, ruby_3_0, writeShellScript, fetchYarnDeps +{ lib +, stdenv +, nodejs-slim +, bundlerEnv +, nixosTests +, yarn +, callPackage +, imagemagick +, ffmpeg +, file +, ruby_3_0 +, writeShellScript +, fetchYarnDeps , fixup_yarn_lock -# Allow building a fork or custom version of Mastodon: -, pname ? "mastodon", version ? import ./version.nix, srcOverride ? null + # Allow building a fork or custom version of Mastodon: +, pname ? "mastodon" +, version ? import ./version.nix +, srcOverride ? null , dependenciesDir ? ./. # Should contain gemset.nix, yarn.nix and package.json. }: @@ -106,16 +119,18 @@ stdenv.mkDerivation rec { ln -s /tmp tmp ''; - installPhase = let - run-streaming = writeShellScript "run-streaming.sh" '' - # NixOS helper script to consistently use the same NodeJS version the package was built with. - ${nodejs-slim}/bin/node ./streaming + installPhase = + let + run-streaming = writeShellScript "run-streaming.sh" '' + # NixOS helper script to consistently use the same NodeJS version the package was built with. + ${nodejs-slim}/bin/node ./streaming + ''; + in + '' + mkdir -p $out + cp -r * $out/ + ln -s ${run-streaming} $out/run-streaming.sh ''; - in '' - mkdir -p $out - cp -r * $out/ - ln -s ${run-streaming} $out/run-streaming.sh - ''; passthru = { tests.mastodon = nixosTests.mastodon; diff --git a/nixos/pkgs/glitch-soc/gemset.nix b/nixos/pkgs/glitch-soc/gemset.nix index 9c22fd6e..0fc8dfa4 100644 --- a/nixos/pkgs/glitch-soc/gemset.nix +++ b/nixos/pkgs/glitch-soc/gemset.nix @@ -1,1885 +1,1885 @@ { actioncable = { - dependencies = ["actionpack" "activesupport" "nio4r" "websocket-driver"]; - groups = ["default"]; - platforms = []; + dependencies = [ "actionpack" "activesupport" "nio4r" "websocket-driver" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1i98vjh8l1xrf0ihdpvgq7mz7cfj4aww77swjlwljcgfb45868d9"; type = "gem"; }; version = "7.0.7.2"; }; actionmailbox = { - dependencies = ["actionpack" "activejob" "activerecord" "activestorage" "activesupport" "mail" "net-imap" "net-pop" "net-smtp"]; - groups = ["default"]; - platforms = []; + dependencies = [ "actionpack" "activejob" "activerecord" "activestorage" "activesupport" "mail" "net-imap" "net-pop" "net-smtp" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "093snb186qdvj1isss0k74ym7kkaq7zwfa5dwmrc0xn8kwhaxbik"; type = "gem"; }; version = "7.0.7.2"; }; actionmailer = { - dependencies = ["actionpack" "actionview" "activejob" "activesupport" "mail" "net-imap" "net-pop" "net-smtp" "rails-dom-testing"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "actionpack" "actionview" "activejob" "activesupport" "mail" "net-imap" "net-pop" "net-smtp" "rails-dom-testing" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "180ik1gkwy8lqwg0427k0hlivmz206xa453p5c221hpqk8an340f"; type = "gem"; }; version = "7.0.7.2"; }; actionpack = { - dependencies = ["actionview" "activesupport" "rack" "rack-test" "rails-dom-testing" "rails-html-sanitizer"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ "actionview" "activesupport" "rack" "rack-test" "rails-dom-testing" "rails-html-sanitizer" ]; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0qamc5ly521wk9i1658h9jv7avmyyp92kffa1da2fn5zk0wgyhf4"; type = "gem"; }; version = "7.0.7.2"; }; actiontext = { - dependencies = ["actionpack" "activerecord" "activestorage" "activesupport" "globalid" "nokogiri"]; - groups = ["default"]; - platforms = []; + dependencies = [ "actionpack" "activerecord" "activestorage" "activesupport" "globalid" "nokogiri" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0cx0zg6y0w5njl721vqx7bn0kqj5c9zbvingvl5ll20gpyzsp7nj"; type = "gem"; }; version = "7.0.7.2"; }; actionview = { - dependencies = ["activesupport" "builder" "erubi" "rails-dom-testing" "rails-html-sanitizer"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ "activesupport" "builder" "erubi" "rails-dom-testing" "rails-html-sanitizer" ]; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "151zxb61bb6q7g0sn34qz79k8bg02vmb8mmnsn0fr15lxw92dfhm"; type = "gem"; }; version = "7.0.7.2"; }; active_model_serializers = { - dependencies = ["actionpack" "activemodel" "case_transform" "jsonapi-renderer"]; - groups = ["default"]; - platforms = []; + dependencies = [ "actionpack" "activemodel" "case_transform" "jsonapi-renderer" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0xdp7cpj3yj3wl4vj0nqq44kzjavlxi1wq3cf9zp0whkir0ym0gy"; type = "gem"; }; version = "0.10.13"; }; activejob = { - dependencies = ["activesupport" "globalid"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "activesupport" "globalid" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "191320166dxiq9a4lwbi1nmlq7phsfi0yr1hg2smprlwsa0vv3kd"; type = "gem"; }; version = "7.0.7.2"; }; activemodel = { - dependencies = ["activesupport"]; - groups = ["default" "development" "test"]; - platforms = []; + dependencies = [ "activesupport" ]; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1crjq1dznlbsrwd5yijxraz1591xmg4vdcwwnmrw4nh6hrwq5fj5"; type = "gem"; }; version = "7.0.7.2"; }; activerecord = { - dependencies = ["activemodel" "activesupport"]; - groups = ["default" "development" "test"]; - platforms = []; + dependencies = [ "activemodel" "activesupport" ]; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "03vrssdqaqm41w27s21r37skdfxa41midvjy37i2zh3rnbnq8ps2"; type = "gem"; }; version = "7.0.7.2"; }; activestorage = { - dependencies = ["actionpack" "activejob" "activerecord" "activesupport" "marcel" "mini_mime"]; - groups = ["default"]; - platforms = []; + dependencies = [ "actionpack" "activejob" "activerecord" "activesupport" "marcel" "mini_mime" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1w7l2i0n84axr4da7y381k8y0wa1y3rr3k3zrkhp938ldwk7j7cg"; type = "gem"; }; version = "7.0.7.2"; }; activesupport = { - dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ "concurrent-ruby" "i18n" "minitest" "tzinfo" ]; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1vlzcnyqlbchaq85phmdv73ydlc18xpvxy1cbsk191cwd29i7q32"; type = "gem"; }; version = "7.0.7.2"; }; addressable = { - dependencies = ["public_suffix"]; - groups = ["default" "development" "test"]; - platforms = []; + dependencies = [ "public_suffix" ]; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "05r1fwy487klqkya7vzia8hnklcxy4vr92m9dmni3prfwk6zpw33"; type = "gem"; }; version = "2.8.5"; }; aes_key_wrap = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "19bn0y70qm6mfj4y1m0j3s8ggh6dvxwrwrj5vfamhdrpddsz8ddr"; type = "gem"; }; version = "1.1.0"; }; airbrussh = { - dependencies = ["sshkit"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "sshkit" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0x55y3ynkda76pwnsvrrjlvxfcc7yn1irad8radll9c9cif41jqv"; type = "gem"; }; version = "1.4.1"; }; android_key_attestation = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "02spc1sh7zsljl02v9d5rdb717b628vw2k7jkkplifyjk4db0zj6"; type = "gem"; }; version = "0.3.0"; }; annotate = { - dependencies = ["activerecord" "rake"]; - groups = ["development"]; - platforms = []; + dependencies = [ "activerecord" "rake" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1lw0fxb5mirsdp3bp20gjyvs7clvi19jbxnrm2ihm20kzfhvlqcs"; type = "gem"; }; version = "3.2.0"; }; ast = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "04nc8x27hlzlrr5c2gn7mar4vdr0apw5xg22wp6m8dx3wqr04a0y"; type = "gem"; }; version = "2.4.2"; }; attr_encrypted = { - dependencies = ["encryptor"]; - groups = ["default"]; - platforms = []; + dependencies = [ "encryptor" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "034x6mbrv9apd83v99v9pm8vl3d17w5bbwws26gr4wv95fylmgnc"; type = "gem"; }; version = "4.0.0"; }; attr_required = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1g22axmi2rhhy7w8c3x6gppsawxqavbrnxpnmphh22fk7cwi0kh2"; type = "gem"; }; version = "1.0.1"; }; awrence = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0gj8f8c54r9cabkm41s59sa1ca5wpbipw7gq3sfl87x9296227fx"; type = "gem"; }; version = "1.2.1"; }; aws-eventstream = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1pyis1nvnbjxk12a43xvgj2gv0mvp4cnkc1gzw0v1018r61399gz"; type = "gem"; }; version = "1.2.0"; }; aws-partitions = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0m2kha6ip4ynhvl1l8z4vg0j96ngq4f2v6jl4j2y27m2kzmgcxz5"; type = "gem"; }; version = "1.809.0"; }; aws-sdk-core = { - dependencies = ["aws-eventstream" "aws-partitions" "aws-sigv4" "jmespath"]; - groups = ["default"]; - platforms = []; + dependencies = [ "aws-eventstream" "aws-partitions" "aws-sigv4" "jmespath" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0xjw9cf6ldbw50xi5ric8d63r8kybpsvaqxh2v6n7374hfady73i"; type = "gem"; }; version = "3.181.0"; }; aws-sdk-kms = { - dependencies = ["aws-sdk-core" "aws-sigv4"]; - groups = ["default"]; - platforms = []; + dependencies = [ "aws-sdk-core" "aws-sigv4" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1zr5w2cjd895abyn7y5gifhq37bxcinssvdx2l1qmlkllbdxbwq0"; type = "gem"; }; version = "1.71.0"; }; aws-sdk-s3 = { - dependencies = ["aws-sdk-core" "aws-sdk-kms" "aws-sigv4"]; - groups = ["default"]; - platforms = []; + dependencies = [ "aws-sdk-core" "aws-sdk-kms" "aws-sigv4" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0yymj15nwnvam95lw5fxwxx7b6xm4hkj8z7byzvjmx9aji1x245m"; type = "gem"; }; version = "1.133.0"; }; aws-sigv4 = { - dependencies = ["aws-eventstream"]; - groups = ["default"]; - platforms = []; + dependencies = [ "aws-eventstream" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0z889c4c1w7wsjm3szg64ay5j51kjl4pdf94nlr1yks2rlanm7na"; type = "gem"; }; version = "1.6.0"; }; azure-storage-blob = { - dependencies = ["azure-storage-common" "nokogiri"]; - groups = ["default"]; - platforms = []; + dependencies = [ "azure-storage-common" "nokogiri" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0qq3knsy7nj7a0r8m19spg2bgzns9b3j5vjbs9mpg49whhc63dv1"; type = "gem"; }; version = "2.0.3"; }; azure-storage-common = { - dependencies = ["faraday" "faraday_middleware" "net-http-persistent" "nokogiri"]; - groups = ["default"]; - platforms = []; + dependencies = [ "faraday" "faraday_middleware" "net-http-persistent" "nokogiri" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0swmsvvpmy8cdcl305p3dl2pi7m3dqjd7zywfcxmhsz0n2m4v3v0"; type = "gem"; }; version = "2.0.4"; }; base64 = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0cydk9p2cv25qysm0sn2pb97fcpz1isa7n3c8xm1gd99li8x6x8c"; type = "gem"; }; version = "0.1.1"; }; bcrypt = { - groups = ["default" "pam_authentication"]; - platforms = []; + groups = [ "default" "pam_authentication" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "048z3fvcknqx7ikkhrcrykxlqmf9bzc7l0y5h1cnvrc9n2qf0k8m"; type = "gem"; }; version = "3.1.18"; }; better_errors = { - dependencies = ["erubi" "rack" "rouge"]; - groups = ["development"]; - platforms = []; + dependencies = [ "erubi" "rack" "rouge" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0wqazisnn6hn1wsza412xribpw5wzx6b5z5p4mcpfgizr6xg367p"; type = "gem"; }; version = "2.10.1"; }; better_html = { - dependencies = ["actionview" "activesupport" "ast" "erubi" "parser" "smart_properties"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "actionview" "activesupport" "ast" "erubi" "parser" "smart_properties" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1y090dmgjxr3yzxi3pg5jgirkmyfdrmjhabmzmhg5i8ssiqr2gdz"; type = "gem"; }; version = "2.0.1"; }; bindata = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "04y4zgh4bbcb8wmkxwfqg4saky1d1f3xw8z6yk543q13h8ky8rz5"; type = "gem"; }; version = "2.4.15"; }; binding_of_caller = { - dependencies = ["debug_inspector"]; - groups = ["development"]; - platforms = []; + dependencies = [ "debug_inspector" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "078n2dkpgsivcf0pr50981w95nfc2bsrp3wpf9wnxz1qsp8jbb9s"; type = "gem"; }; version = "1.0.0"; }; blurhash = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "057afgqy73n8vm7k3cr4pbwm1hhqnm58lp4x7bgm5wzbs39m7xf8"; type = "gem"; }; version = "0.1.7"; }; bootsnap = { - dependencies = ["msgpack"]; - groups = ["default"]; - platforms = []; + dependencies = [ "msgpack" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1vcg52gwl64xhhal6kwk1pc01y1klzdlnv1awyk89kb91z010x7q"; type = "gem"; }; version = "1.16.0"; }; brakeman = { - groups = ["development"]; - platforms = []; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1gliwnyma9f1mpr928c79i36q51yl68dwjd3jgwvsyr4piiiqr1r"; type = "gem"; }; version = "6.0.1"; }; browser = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0g4bcpax07kqqr9cp7cjc7i0pcij4nqpn1rdsg2wdwhzf00m6x32"; type = "gem"; }; version = "5.3.1"; }; brpoplpush-redis_script = { - dependencies = ["concurrent-ruby" "redis"]; - groups = ["default"]; - platforms = []; + dependencies = [ "concurrent-ruby" "redis" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1nd5zj5yqmhv9lrsqz8s2dqq28v4ywy95qrw7nzhhf89dl4dq49l"; type = "gem"; }; version = "0.1.3"; }; builder = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "045wzckxpwcqzrjr353cxnyaxgf0qg22jh00dcx7z38cys5g1jlr"; type = "gem"; }; version = "3.2.4"; }; bundler-audit = { - dependencies = ["thor"]; - groups = ["development"]; - platforms = []; + dependencies = [ "thor" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0gdx0019vj04n1512shhdx7hwphzqmdpw4vva2k551nd47y1dixx"; type = "gem"; }; version = "0.9.1"; }; capistrano = { - dependencies = ["airbrussh" "i18n" "rake" "sshkit"]; - groups = ["development"]; - platforms = []; + dependencies = [ "airbrussh" "i18n" "rake" "sshkit" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "14pflh85rrs2l8k0m286j4vaab5vad2sfqq9dncqb31z05vy29mn"; type = "gem"; }; version = "3.17.3"; }; capistrano-bundler = { - dependencies = ["capistrano"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "capistrano" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "09rndb1fa9r7mhb2sc6p3k0pcarhg8mv0kfmvd1zdb0ciwwp7514"; type = "gem"; }; version = "2.1.0"; }; capistrano-rails = { - dependencies = ["capistrano" "capistrano-bundler"]; - groups = ["development"]; - platforms = []; + dependencies = [ "capistrano" "capistrano-bundler" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "05lk7y4qyzadzzshjyhgfgx00ggqliq7n561wkx8m331wljv7kx7"; type = "gem"; }; version = "1.6.3"; }; capistrano-rbenv = { - dependencies = ["capistrano" "sshkit"]; - groups = ["development"]; - platforms = []; + dependencies = [ "capistrano" "sshkit" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1x9m1i5zd0wx122zw3m40zprlmxk9d47bd6w61k81wr4qsvkk3rw"; type = "gem"; }; version = "2.2.0"; }; capistrano-yarn = { - dependencies = ["capistrano"]; - groups = ["development"]; - platforms = []; + dependencies = [ "capistrano" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1zdg2s061vl5b8114n909mrjb2hc1qx0i4wqx9nacsrcjgyp07l9"; type = "gem"; }; version = "2.0.2"; }; capybara = { - dependencies = ["addressable" "matrix" "mini_mime" "nokogiri" "rack" "rack-test" "regexp_parser" "xpath"]; - groups = ["test"]; - platforms = []; + dependencies = [ "addressable" "matrix" "mini_mime" "nokogiri" "rack" "rack-test" "regexp_parser" "xpath" ]; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "114qm5f5vhwaaw9rj1h2lcamh46zl13v1m18jiw68zl961gwmw6n"; type = "gem"; }; version = "3.39.2"; }; case_transform = { - dependencies = ["activesupport"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0fzyws6spn5arqf6q604dh9mrj84a36k5hsc8z7jgcpfvhc49bg2"; type = "gem"; }; version = "0.2"; }; cbor = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0511idr8xps9625nh3kxr68sdy6l3xy2kcz7r57g47fxb1v18jj3"; type = "gem"; }; version = "0.5.9.6"; }; charlock_holmes = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0hybw8jw9ryvz5zrki3gc9r88jqy373m6v46ynxsdzv1ysiyr40p"; type = "gem"; }; version = "0.7.7"; }; chewy = { - dependencies = ["activesupport" "elasticsearch" "elasticsearch-dsl"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" "elasticsearch" "elasticsearch-dsl" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0zca6v8i66jkxfdfjnn9xwg21pk95qn4ic8vzfvrx49d6sb8319y"; type = "gem"; }; version = "7.3.4"; }; chunky_png = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1znw5x86hmm9vfhidwdsijz8m38pqgmv98l9ryilvky0aldv7mc9"; type = "gem"; }; version = "1.4.0"; }; climate_control = { - groups = ["test"]; - platforms = []; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0q11v0iabvr6rif0d025xh078ili5frrihlj0m04zfg7lgvagxji"; type = "gem"; }; version = "0.2.0"; }; cocoon = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "038z97pkhvsqbh6cmyyzj58ya968p24k7r0f0rx7sa2kjvk193yh"; type = "gem"; }; version = "1.2.15"; }; color_diff = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "01dpvqlzybpb3pkcwd9ik5sbjw283618ywvdphxslhiy8ps3kp4r"; type = "gem"; }; version = "0.1"; }; concurrent-ruby = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0krcwb6mn0iklajwngwsg850nk8k9b35dhmc2qkbdqvmifdi2y9q"; type = "gem"; }; version = "1.2.2"; }; connection_pool = { - groups = ["default" "test"]; - platforms = []; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1x32mcpm2cl5492kd6lbjbaf17qsssmpx9kdyr7z1wcif2cwyh0g"; type = "gem"; }; version = "2.4.1"; }; cose = { - dependencies = ["cbor" "openssl-signature_algorithm"]; - groups = ["default"]; - platforms = []; + dependencies = [ "cbor" "openssl-signature_algorithm" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "00c6x4ha7qiaaf88qdbyf240mk146zz78rbm4qwyaxmwlmk7q933"; type = "gem"; }; version = "1.3.0"; }; crack = { - dependencies = ["rexml"]; - groups = ["default" "test"]; - platforms = []; + dependencies = [ "rexml" ]; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1cr1kfpw3vkhysvkk3wg7c54m75kd68mbm9rs5azdjdq57xid13r"; type = "gem"; }; version = "0.4.5"; }; crass = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0pfl5c0pyqaparxaqxi6s4gfl21bdldwiawrc0aknyvflli60lfw"; type = "gem"; }; version = "1.0.6"; }; css_parser = { - dependencies = ["addressable"]; - groups = ["default"]; - platforms = []; + dependencies = [ "addressable" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "04q1vin8slr3k8mp76qz0wqgap6f9kdsbryvgfq9fljhrm463kpj"; type = "gem"; }; version = "1.14.0"; }; database_cleaner-active_record = { - dependencies = ["activerecord" "database_cleaner-core"]; - groups = ["test"]; - platforms = []; + dependencies = [ "activerecord" "database_cleaner-core" ]; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "12hdsqnws9gyc9sxiyc8pjiwr0xa7136m1qbhmd1pk3vsrrvk13k"; type = "gem"; }; version = "2.1.0"; }; database_cleaner-core = { - groups = ["default" "test"]; - platforms = []; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0v44bn386ipjjh4m2kl53dal8g4d41xajn2jggnmjbhn6965fil6"; type = "gem"; }; version = "2.0.1"; }; date = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "03skfikihpx37rc27vr3hwrb057gxnmdzxhmzd4bf4jpkl0r55w1"; type = "gem"; }; version = "3.3.3"; }; debug_inspector = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "01l678ng12rby6660pmwagmyg8nccvjfgs3487xna7ay378a59ga"; type = "gem"; }; version = "1.1.0"; }; devise = { - dependencies = ["bcrypt" "orm_adapter" "railties" "responders" "warden"]; - groups = ["default" "pam_authentication"]; - platforms = []; + dependencies = [ "bcrypt" "orm_adapter" "railties" "responders" "warden" ]; + groups = [ "default" "pam_authentication" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0vpd7d61d4pfmyb2plnnv82wmczzlhw4k4gjhd2fv4r6vq8ilqqi"; type = "gem"; }; version = "4.9.2"; }; devise-two-factor = { - dependencies = ["activesupport" "attr_encrypted" "devise" "railties" "rotp"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" "attr_encrypted" "devise" "railties" "rotp" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1nk43p339zyp4y5vab3w3s0zbjd4xfs8qn0ymxdnz6d961dbbdm8"; type = "gem"; }; version = "4.1.0"; }; devise_pam_authenticatable2 = { - dependencies = ["devise" "rpam2"]; - groups = ["pam_authentication"]; - platforms = []; + dependencies = [ "devise" "rpam2" ]; + groups = [ "pam_authentication" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "13ipl52pkhc6vxp8ca31viwv01237bi2bfk3b1fixq1x46nf87p2"; type = "gem"; }; version = "9.2.0"; }; diff-lcs = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0rwvjahnp7cpmracd8x732rjgnilqv2sx7d1gfrysslc3h039fa9"; type = "gem"; }; version = "1.5.0"; }; discard = { - dependencies = ["activerecord"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activerecord" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1xavjhccyyzn9z6fz3034vgvzprc983mbrq6n9sc0drfw7m3vrip"; type = "gem"; }; version = "1.2.1"; }; docile = { - groups = ["default" "test"]; - platforms = []; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1lxqxgq71rqwj1lpl9q1mbhhhhhhdkkj7my341f2889pwayk85sz"; type = "gem"; }; version = "1.4.0"; }; domain_name = { - dependencies = ["unf"]; - groups = ["default"]; - platforms = []; + dependencies = [ "unf" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0lcqjsmixjp52bnlgzh4lg9ppsk52x9hpwdjd53k8jnbah2602h0"; type = "gem"; }; version = "0.5.20190701"; }; doorkeeper = { - dependencies = ["railties"]; - groups = ["default"]; - platforms = []; + dependencies = [ "railties" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1q2pywgyn6cbnm0fh3dln5z1qgd1g8hvb4x8rppjc1bpfxnfhi13"; type = "gem"; }; version = "5.6.6"; }; dotenv = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1n0pi8x8ql5h1mijvm8lgn6bhq4xjb5a500p5r1krq4s6j9lg565"; type = "gem"; }; version = "2.8.1"; }; dotenv-rails = { - dependencies = ["dotenv" "railties"]; - groups = ["default"]; - platforms = []; + dependencies = [ "dotenv" "railties" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0v0gcbxzypcvy6fqq4gp80jb310xvdwj5n8qw9ci67g5yjvq2nxh"; type = "gem"; }; version = "2.8.1"; }; ed25519 = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0zb2dr2ihb1qiknn5iaj1ha1w9p7lj9yq5waasndlfadz225ajji"; type = "gem"; }; version = "1.3.0"; }; elasticsearch = { - dependencies = ["elasticsearch-api" "elasticsearch-transport"]; - groups = ["default"]; - platforms = []; + dependencies = [ "elasticsearch-api" "elasticsearch-transport" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0havyxmvl157a653prspnbhgdchlx44xqxl170v1im5ggxwavcaq"; type = "gem"; }; version = "7.13.3"; }; elasticsearch-api = { - dependencies = ["multi_json"]; - groups = ["default"]; - platforms = []; + dependencies = [ "multi_json" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0bmssarkk7lqkjdn8c9j7jvxcnn4hg1zcmhsky8bfvc99k33b3w8"; type = "gem"; }; version = "7.13.3"; }; elasticsearch-dsl = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "174m3fwm3mawbkjg2xbmqvljq7ava4s95m8vpg5khcvfj506wxfk"; type = "gem"; }; version = "0.1.10"; }; elasticsearch-transport = { - dependencies = ["faraday" "multi_json"]; - groups = ["default"]; - platforms = []; + dependencies = [ "faraday" "multi_json" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0blfii8qvj0m6bg9sbfynxc40in7zfmw2wpi4clv7d9gclk053db"; type = "gem"; }; version = "7.13.3"; }; encryptor = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0s8rvfl0vn8w7k1sgkc234060jh468s3zd45xa64p1jdmfa3zwmb"; type = "gem"; }; version = "3.0.0"; }; erubi = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "08s75vs9cxlc4r1q2bjg4br8g9wc5lc5x5vl0vv4zq5ivxsdpgi7"; type = "gem"; }; version = "1.12.0"; }; et-orbi = { - dependencies = ["tzinfo"]; - groups = ["default"]; - platforms = []; + dependencies = [ "tzinfo" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1d2z4ky2v15dpcz672i2p7lb2nc793dasq3yq3660h2az53kss9v"; type = "gem"; }; version = "1.2.7"; }; excon = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "08r6qgbpkxxsihjmlspk3l1sr69q5hx35p1l4wp7rmkbzys89867"; type = "gem"; }; version = "0.100.0"; }; fabrication = { - groups = ["test"]; - platforms = []; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0bxssmjp49whzq2zv7w751gr4nkdaiwcxd1vda0byigwyrnj6f5q"; type = "gem"; }; version = "2.30.0"; }; faker = { - dependencies = ["i18n"]; - groups = ["test"]; - platforms = []; + dependencies = [ "i18n" ]; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0ysiqlvyy1351bzx7h92r93a35s32l8giyf9bac6sgr142sh3cnn"; type = "gem"; }; version = "3.2.1"; }; faraday = { - dependencies = ["faraday-em_http" "faraday-em_synchrony" "faraday-excon" "faraday-httpclient" "faraday-multipart" "faraday-net_http" "faraday-net_http_persistent" "faraday-patron" "faraday-rack" "faraday-retry" "ruby2_keywords"]; - groups = ["default"]; - platforms = []; + dependencies = [ "faraday-em_http" "faraday-em_synchrony" "faraday-excon" "faraday-httpclient" "faraday-multipart" "faraday-net_http" "faraday-net_http_persistent" "faraday-patron" "faraday-rack" "faraday-retry" "ruby2_keywords" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1c760q0ks4vj4wmaa7nh1dgvgqiwaw0mjr7v8cymy7i3ffgjxx90"; type = "gem"; }; version = "1.10.3"; }; faraday-em_http = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "12cnqpbak4vhikrh2cdn94assh3yxza8rq2p9w2j34bqg5q4qgbs"; type = "gem"; }; version = "1.0.0"; }; faraday-em_synchrony = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1vgrbhkp83sngv6k4mii9f2s9v5lmp693hylfxp2ssfc60fas3a6"; type = "gem"; }; version = "1.0.0"; }; faraday-excon = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0h09wkb0k0bhm6dqsd47ac601qiaah8qdzjh8gvxfd376x1chmdh"; type = "gem"; }; version = "1.1.0"; }; faraday-httpclient = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0fyk0jd3ks7fdn8nv3spnwjpzx2lmxmg2gh4inz3by1zjzqg33sc"; type = "gem"; }; version = "1.0.1"; }; faraday-multipart = { - dependencies = ["multipart-post"]; - groups = ["default"]; - platforms = []; + dependencies = [ "multipart-post" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "09871c4hd7s5ws1wl4gs7js1k2wlby6v947m2bbzg43pnld044lh"; type = "gem"; }; version = "1.0.4"; }; faraday-net_http = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1fi8sda5hc54v1w3mqfl5yz09nhx35kglyx72w7b8xxvdr0cwi9j"; type = "gem"; }; version = "1.0.1"; }; faraday-net_http_persistent = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0dc36ih95qw3rlccffcb0vgxjhmipsvxhn6cw71l7ffs0f7vq30b"; type = "gem"; }; version = "1.2.0"; }; faraday-patron = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "19wgsgfq0xkski1g7m96snv39la3zxz6x7nbdgiwhg5v82rxfb6w"; type = "gem"; }; version = "1.0.0"; }; faraday-rack = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1h184g4vqql5jv9s9im6igy00jp6mrah2h14py6mpf9bkabfqq7g"; type = "gem"; }; version = "1.0.0"; }; faraday-retry = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "153i967yrwnswqgvnnajgwp981k9p50ys1h80yz3q94rygs59ldd"; type = "gem"; }; version = "1.0.3"; }; faraday_middleware = { - dependencies = ["faraday"]; - groups = ["default"]; - platforms = []; + dependencies = [ "faraday" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1bw8mfh4yin2xk7138rg3fhb2p5g2dlmdma88k82psah9mbmvlfy"; type = "gem"; }; version = "1.2.0"; }; fast_blank = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1shpmamyzyhyxmv95r96ja5rylzaw60r19647d0fdm7y2h2c77r6"; type = "gem"; }; version = "1.0.1"; }; fastimage = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1pd7pamzhdz2w0fbcvsfn2nyslznvphnwj16zw35g2b28zd2xyzx"; type = "gem"; }; version = "2.2.7"; }; ffi = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1862ydmclzy1a0cjbvm8dz7847d9rch495ib0zb64y84d3xd4bkg"; type = "gem"; }; version = "1.15.5"; }; ffi-compiler = { - dependencies = ["ffi" "rake"]; - groups = ["default"]; - platforms = []; + dependencies = [ "ffi" "rake" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0c2caqm9wqnbidcb8dj4wd3s902z15qmgxplwyfyqbwa0ydki7q1"; type = "gem"; }; version = "1.0.1"; }; fog-core = { - dependencies = ["builder" "excon" "formatador" "mime-types"]; - groups = ["default"]; - platforms = []; + dependencies = [ "builder" "excon" "formatador" "mime-types" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1agd6xgzk0rxrsjdpn94v4hy89s0nm2cs4zg2p880w2dan9xgrak"; type = "gem"; }; version = "2.1.0"; }; fog-json = { - dependencies = ["fog-core" "multi_json"]; - groups = ["default"]; - platforms = []; + dependencies = [ "fog-core" "multi_json" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1zj8llzc119zafbmfa4ai3z5s7c4vp9akfs0f9l2piyvcarmlkyx"; type = "gem"; }; version = "1.2.0"; }; fog-openstack = { - dependencies = ["fog-core" "fog-json" "ipaddress"]; - groups = ["default"]; - platforms = []; + dependencies = [ "fog-core" "fog-json" "ipaddress" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "11j18h61d3p0pcp9k5346lbj1lahab1dqybkrx9338932lmjn7ap"; type = "gem"; }; version = "0.3.10"; }; formatador = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0mprf1dwznz5ld0q1jpbyl59fwnwk6azspnd0am7zz7kfg3pxhv5"; type = "gem"; }; version = "0.3.0"; }; fugit = { - dependencies = ["et-orbi" "raabro"]; - groups = ["default"]; - platforms = []; + dependencies = [ "et-orbi" "raabro" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1cm2lrvhrpqq19hbdsxf4lq2nkb2qdldbdxh3gvi15l62dlb5zqq"; type = "gem"; }; version = "1.8.1"; }; fuubar = { - dependencies = ["rspec-core" "ruby-progressbar"]; - groups = ["test"]; - platforms = []; + dependencies = [ "rspec-core" "ruby-progressbar" ]; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1028vn7j3kc5qqwswrf3has3qm4j9xva70xmzb3n29i89f0afwmj"; type = "gem"; }; version = "2.5.1"; }; globalid = { - dependencies = ["activesupport"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "activesupport" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0kqm5ndzaybpnpxqiqkc41k4ksyxl41ln8qqr6kb130cdxsf2dxk"; type = "gem"; }; version = "1.1.0"; }; haml = { - dependencies = ["temple" "thor" "tilt"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "temple" "thor" "tilt" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "154svzqlkdq7gslv3p8mfih28gbw4gsj4pd8wr1wpwz6nyzmhh8m"; type = "gem"; }; version = "6.1.2"; }; haml-rails = { - dependencies = ["actionpack" "activesupport" "haml" "railties"]; - groups = ["default"]; - platforms = []; + dependencies = [ "actionpack" "activesupport" "haml" "railties" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1sjrdwc4azzfpsp2xk0365z031482gcrs0c54d5wx0igkqca0fr7"; type = "gem"; }; version = "2.1.0"; }; haml_lint = { - dependencies = ["haml" "parallel" "rainbow" "rubocop" "sysexits"]; - groups = ["development"]; - platforms = []; + dependencies = [ "haml" "parallel" "rainbow" "rubocop" "sysexits" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1qics7sll6yw7fm499q4b1frfr5f3gav94ach0fwy49zprl9yk33"; type = "gem"; }; version = "0.50.0"; }; hashdiff = { - groups = ["default" "test"]; - platforms = []; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1nynpl0xbj0nphqx1qlmyggq58ms1phf5i03hk64wcc0a17x1m1c"; type = "gem"; }; version = "1.0.1"; }; hashie = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1nh3arcrbz1rc1cr59qm53sdhqm137b258y8rcb4cvd3y98lwv4x"; type = "gem"; }; version = "5.0.0"; }; hcaptcha = { - dependencies = ["json"]; - groups = ["default"]; - platforms = []; + dependencies = [ "json" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0fh6391zlv2ikvzqj2gymb70k1avk1j9da8bzgw0scsz2wqq98m2"; type = "gem"; }; version = "7.1.0"; }; highline = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1f8cr014j7mdqpdb9q17fp5vb5b8n1pswqaif91s3ylg5x3pygfn"; type = "gem"; }; version = "2.1.0"; }; hiredis = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "04jj8k7lxqxw24sp0jiravigdkgsyrpprxpxm71ba93x1wr2w1bz"; type = "gem"; }; version = "0.6.3"; }; hkdf = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "04fixg0a51n4vy0j6c1hvisa2yl33m3jrrpxpb5sq6j511vjriil"; type = "gem"; }; version = "0.3.0"; }; htmlentities = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1nkklqsn8ir8wizzlakncfv42i32wc0w9hxp00hvdlgjr7376nhj"; type = "gem"; }; version = "4.3.4"; }; http = { - dependencies = ["addressable" "http-cookie" "http-form_data" "llhttp-ffi"]; - groups = ["default"]; - platforms = []; + dependencies = [ "addressable" "http-cookie" "http-form_data" "llhttp-ffi" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1bzb8p31kzv6q5p4z5xq88mnqk414rrw0y5rkhpnvpl29x5c3bpw"; type = "gem"; }; version = "5.1.1"; }; http-cookie = { - dependencies = ["domain_name"]; - groups = ["default"]; - platforms = []; + dependencies = [ "domain_name" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "13rilvlv8kwbzqfb644qp6hrbsj82cbqmnzcvqip1p6vqx36sxbk"; type = "gem"; }; version = "1.0.5"; }; http-form_data = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1wx591jdhy84901pklh1n9sgh74gnvq1qyqxwchni1yrc49ynknc"; type = "gem"; }; version = "2.3.0"; }; http_accept_language = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0d0nlfz9vm4jr1l6q0chx4rp2hrnrfbx3gadc1dz930lbbaz0hq0"; type = "gem"; }; version = "2.1.1"; }; httpclient = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "19mxmvghp7ki3klsxwrlwr431li7hm1lczhhj8z4qihl2acy8l99"; type = "gem"; }; version = "2.8.3"; }; httplog = { - dependencies = ["rack" "rainbow"]; - groups = ["default"]; - platforms = []; + dependencies = [ "rack" "rainbow" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0zjsgrlvwpqsnrza4ijlxjld4550c661sgbqp2j2wp638nlnls1a"; type = "gem"; }; version = "1.6.2"; }; i18n = { - dependencies = ["concurrent-ruby"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ "concurrent-ruby" ]; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0qaamqsh5f3szhcakkak8ikxlzxqnv49n2p7504hcz2l0f4nj0wx"; type = "gem"; }; version = "1.14.1"; }; i18n-tasks = { - dependencies = ["activesupport" "ast" "better_html" "erubi" "highline" "i18n" "parser" "rails-i18n" "rainbow" "terminal-table"]; - groups = ["development"]; - platforms = []; + dependencies = [ "activesupport" "ast" "better_html" "erubi" "highline" "i18n" "parser" "rails-i18n" "rainbow" "terminal-table" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "19zkcsqwzc3i6vizj26mxxww6m5grv9zmp6yxyswbqq9kyzb081z"; type = "gem"; }; version = "1.0.12"; }; idn-ruby = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0dy04jx3n1ddz744b80mg7hp87miysnjp0h21lqr43hpmhdglxih"; type = "gem"; }; version = "0.1.5"; }; ipaddress = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1x86s0s11w202j6ka40jbmywkrx8fhq8xiy8mwvnkhllj57hqr45"; type = "gem"; }; version = "0.8.3"; }; jmespath = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1cdw9vw2qly7q7r41s7phnac264rbsdqgj4l0h4nqgbjb157g393"; type = "gem"; }; version = "1.6.2"; }; json = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0nalhin1gda4v8ybk6lq8f407cgfrj6qzn234yra4ipkmlbfmal6"; type = "gem"; }; version = "2.6.3"; }; json-canonicalization = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1rvsalsrs8njk2gqxgq0ydg5cd02jqdawskbq2ccz663qxz8wwq5"; type = "gem"; }; version = "0.3.2"; }; json-jwt = { - dependencies = ["activesupport" "aes_key_wrap" "bindata" "httpclient"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" "aes_key_wrap" "bindata" "httpclient" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "04315mf4p9qa97grdfqv922paghzdfrbb982ap0p99rqwla4znv6"; type = "gem"; }; version = "1.15.3"; }; json-ld = { - dependencies = ["htmlentities" "json-canonicalization" "link_header" "multi_json" "rack" "rdf"]; - groups = ["default"]; - platforms = []; + dependencies = [ "htmlentities" "json-canonicalization" "link_header" "multi_json" "rack" "rdf" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1z3kqacjmqs02vwwqm9di7sw7f7nchxx99v84myrrzmh64c6zfcq"; type = "gem"; }; version = "3.2.5"; }; json-ld-preloaded = { - dependencies = ["json-ld" "rdf"]; - groups = ["default"]; - platforms = []; + dependencies = [ "json-ld" "rdf" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "004s52m37b2kbw8dv4rdfm2d90h1023z1mw9zfcs0x87v8aq7zyn"; type = "gem"; }; version = "3.2.2"; }; json-schema = { - dependencies = ["addressable"]; - groups = ["test"]; - platforms = []; + dependencies = [ "addressable" ]; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "155rygs093i8i04i38a97hs5icmqk2jkkhx76w31yxyr3bxfbgx3"; type = "gem"; }; version = "4.0.0"; }; jsonapi-renderer = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0ys4drd0k9rw5ixf8n8fx8v0pjh792w4myh0cpdspd317l1lpi5m"; type = "gem"; }; version = "0.2.2"; }; jwt = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "16z11alz13vfc4zs5l3fk6n51n2jw9lskvc4h4prnww0y797qd87"; type = "gem"; }; version = "2.7.1"; }; kaminari = { - dependencies = ["activesupport" "kaminari-actionview" "kaminari-activerecord" "kaminari-core"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" "kaminari-actionview" "kaminari-activerecord" "kaminari-core" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0gia8irryvfhcr6bsr64kpisbgdbqjsqfgrk12a11incmpwny1y4"; type = "gem"; }; version = "1.2.2"; }; kaminari-actionview = { - dependencies = ["actionview" "kaminari-core"]; - groups = ["default"]; - platforms = []; + dependencies = [ "actionview" "kaminari-core" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "02f9ghl3a9b5q7l079d3yzmqjwkr4jigi7sldbps992rigygcc0k"; type = "gem"; }; version = "1.2.2"; }; kaminari-activerecord = { - dependencies = ["activerecord" "kaminari-core"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activerecord" "kaminari-core" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0c148z97s1cqivzbwrak149z7kl1rdmj7dxk6rpkasimmdxsdlqd"; type = "gem"; }; version = "1.2.2"; }; kaminari-core = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1zw3pg6kj39y7jxakbx7if59pl28lhk98fx71ks5lr3hfgn6zliv"; type = "gem"; }; version = "1.2.2"; }; kt-paperclip = { - dependencies = ["activemodel" "activesupport" "marcel" "mime-types" "terrapin"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activemodel" "activesupport" "marcel" "mime-types" "terrapin" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0qrv9xyxxhxr482p25f3m7nfghw66i8jl02hy9b6pwam8m1knngp"; type = "gem"; }; version = "7.2.0"; }; language_server-protocol = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0gvb1j8xsqxms9mww01rmdl78zkd72zgxaap56bhv8j45z05hp1x"; type = "gem"; }; version = "3.17.0.3"; }; launchy = { - dependencies = ["addressable"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "addressable" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "06r43899384das2bkbrpsdxsafyyqa94il7111053idfalb4984a"; type = "gem"; }; version = "2.5.2"; }; letter_opener = { - dependencies = ["launchy"]; - groups = ["development"]; - platforms = []; + dependencies = [ "launchy" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1y5d4ip4l12v58bgazadl45iv3a5j7jp2gwg96b6jy378zn42a1d"; type = "gem"; }; version = "1.8.1"; }; letter_opener_web = { - dependencies = ["actionmailer" "letter_opener" "railties" "rexml"]; - groups = ["development"]; - platforms = []; + dependencies = [ "actionmailer" "letter_opener" "railties" "rexml" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0vvvaz2ngaxv0s6sj25gdvp73vd8pfl8q3jharadg18p3va0m1ik"; type = "gem"; }; version = "2.0.0"; }; link_header = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1yamrdq4rywmnpdhbygnkkl9fdy249fg5r851nrkkxr97gj5rihm"; type = "gem"; }; version = "0.0.8"; }; llhttp-ffi = { - dependencies = ["ffi-compiler" "rake"]; - groups = ["default"]; - platforms = []; + dependencies = [ "ffi-compiler" "rake" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "00dh6zmqdj59rhcya0l4b9aaxq6n8xizfbil93k0g06gndyk5xz5"; type = "gem"; }; version = "0.4.0"; }; lograge = { - dependencies = ["actionpack" "activesupport" "railties" "request_store"]; - groups = ["production"]; - platforms = []; + dependencies = [ "actionpack" "activesupport" "railties" "request_store" ]; + groups = [ "production" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "01kdw5dbzimb89rq4zf44zf8990czb5qxvib0hzja1l4hrha8cki"; type = "gem"; }; version = "0.13.0"; }; loofah = { - dependencies = ["crass" "nokogiri"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ "crass" "nokogiri" ]; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1p744kjpb5zk2ihklbykzii77alycjc04vpnm2ch2f3cp65imlj3"; type = "gem"; }; version = "2.21.3"; }; mail = { - dependencies = ["mini_mime" "net-imap" "net-pop" "net-smtp"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "mini_mime" "net-imap" "net-pop" "net-smtp" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1bf9pysw1jfgynv692hhaycfxa8ckay1gjw5hz3madrbrynryfzc"; type = "gem"; }; version = "2.8.1"; }; marcel = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0kky3yiwagsk8gfbzn3mvl2fxlh3b39v6nawzm4wpjs6xxvvc4x0"; type = "gem"; }; version = "1.0.2"; }; mario-redis-lock = { - dependencies = ["redis"]; - groups = ["default"]; - platforms = []; + dependencies = [ "redis" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1v9wdjcjqzpns2migxp4a5b4w82mipi0fwihbqz3q2qj2qm7wc17"; type = "gem"; }; version = "1.2.1"; }; matrix = { - groups = ["default" "test"]; - platforms = []; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1h2cgkpzkh3dd0flnnwfq6f3nl2b1zff9lvqz8xs853ssv5kq23i"; type = "gem"; }; version = "0.4.2"; }; md-paperclip-azure = { - dependencies = ["addressable" "azure-storage-blob" "hashie"]; - groups = ["default"]; - platforms = []; + dependencies = [ "addressable" "azure-storage-blob" "hashie" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1hb1a06x3i8zrhl715jf46ha8r4iy0srcpdhnmp9l14qnnhzn0l5"; type = "gem"; }; version = "2.2.0"; }; memory_profiler = { - groups = ["development" "test"]; - platforms = []; + groups = [ "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1c81d68r4wx0ckbmqxlfqc2qpd94jwcmqdm0xgr0s46r48pv9k9q"; type = "gem"; }; version = "1.0.1"; }; method_source = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1pnyh44qycnf9mzi1j6fywd5fkskv3x7nmsqrrws0rjn5dd4ayfp"; type = "gem"; }; version = "1.0.0"; }; mime-types = { - dependencies = ["mime-types-data"]; - groups = ["default"]; - platforms = []; + dependencies = [ "mime-types-data" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0q8d881k1b3rbsfcdi3fx0b5vpdr5wcrhn88r2d9j7zjdkxp5mw5"; type = "gem"; }; version = "3.5.1"; }; mime-types-data = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "17zdim7kzrh5j8c97vjqp4xp78wbyz7smdp4hi5iyzk0s9imdn5a"; type = "gem"; }; version = "3.2023.0808"; }; mini_mime = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1vycif7pjzkr29mfk4dlqv3disc5dn0va04lkwajlpr1wkibg0c6"; type = "gem"; }; version = "1.1.5"; }; mini_portile2 = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "02mj8mpd6ck5gpcnsimx5brzggw5h5mmmpq2djdypfq16wcw82qq"; type = "gem"; }; version = "2.8.4"; }; minitest = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0jnpsbb2dbcs95p4is4431l2pw1l5pn7dfg3vkgb4ga464j0c5l6"; type = "gem"; }; version = "5.19.0"; }; msgpack = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "06n7556vxr3awh92xy1k5bli98bvq4pjm08mnl68ay4fzln7lcsg"; type = "gem"; }; version = "1.7.1"; }; multi_json = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0pb1g1y3dsiahavspyzkdy39j4q377009f6ix0bh1ag4nqw43l0z"; type = "gem"; }; version = "1.15.0"; }; multipart-post = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0lgyysrpl50wgcb9ahg29i4p01z0irb3p9lirygma0kkfr5dgk9x"; type = "gem"; }; version = "2.3.0"; }; net-http = { - dependencies = ["uri"]; - groups = ["default"]; - platforms = []; + dependencies = [ "uri" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0y55ib1v2b8prqfi9ij7hca60b1j94s2bzr6vskwi3i5735472wq"; type = "gem"; }; version = "0.3.2"; }; net-http-persistent = { - dependencies = ["connection_pool"]; - groups = ["default"]; - platforms = []; + dependencies = [ "connection_pool" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0i1as2lgnw7b4jid0gw5glv5hnxz36nmfsbr9rmxbcap72ijgy03"; type = "gem"; }; version = "4.0.2"; }; net-imap = { - dependencies = ["date" "net-protocol"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "date" "net-protocol" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0lf7wqg7czhaj51qsnmn28j7jmcxhkh3m28rl1cjrqsgjxhwj7r3"; type = "gem"; }; version = "0.3.7"; }; net-ldap = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0xqcffn3c1564c4fizp10dzw2v5g2pabdzrcn25hq05bqhsckbar"; type = "gem"; }; version = "0.18.0"; }; net-pop = { - dependencies = ["net-protocol"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "net-protocol" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1wyz41jd4zpjn0v1xsf9j778qx1vfrl24yc20cpmph8k42c4x2w4"; type = "gem"; }; version = "0.1.2"; }; net-protocol = { - dependencies = ["timeout"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "timeout" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0dxckrlw4q1lcn3qg4mimmjazmg9bma5gllv72f8js3p36fb3b91"; type = "gem"; }; version = "0.2.1"; }; net-scp = { - dependencies = ["net-ssh"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "net-ssh" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1si2nq9l6jy5n2zw1q59a5gaji7v9vhy8qx08h4fg368906ysbdk"; type = "gem"; }; version = "4.0.0"; }; net-smtp = { - dependencies = ["net-protocol"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "net-protocol" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1c6md06hm5bf6rv53sk54dl2vg038pg8kglwv3rayx0vk2mdql9x"; type = "gem"; }; version = "0.3.3"; }; net-ssh = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0yx0pb5fmziz92bw8qzbh8vf20lr56nd3s6q8h0gsgr307lki687"; type = "gem"; }; version = "7.1.0"; }; nio4r = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0w9978zwjf1qhy3amkivab0f9syz6a7k0xgydjidaf7xc831d78f"; type = "gem"; }; version = "2.5.9"; }; nokogiri = { - dependencies = ["mini_portile2" "racc"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ "mini_portile2" "racc" ]; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0k9w2z0953mnjrsji74cshqqp08q7m1r6zhadw1w0g34xzjh3a74"; type = "gem"; }; version = "1.15.4"; }; nsa = { - dependencies = ["activesupport" "concurrent-ruby" "sidekiq" "statsd-ruby"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" "concurrent-ruby" "sidekiq" "statsd-ruby" ]; + groups = [ "default" ]; + platforms = [ ]; source = { fetchSubmodules = false; rev = "e020fcc3a54d993ab45b7194d89ab720296c111b"; @@ -1890,30 +1890,30 @@ version = "0.2.8"; }; oj = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0m4vsd6i093kmyz9gckvzpnws997laldaiaf86hg5lza1ir82x7n"; type = "gem"; }; version = "3.16.1"; }; omniauth = { - dependencies = ["hashie" "rack" "rack-protection"]; - groups = ["default"]; - platforms = []; + dependencies = [ "hashie" "rack" "rack-protection" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "15xjsxis357np7dy1lak39x1n8g8wxljb08wplw5i4gxi743zr7j"; type = "gem"; }; version = "2.1.1"; }; omniauth-cas = { - dependencies = ["addressable" "nokogiri" "omniauth"]; - groups = ["default"]; - platforms = []; + dependencies = [ "addressable" "nokogiri" "omniauth" ]; + groups = [ "default" ]; + platforms = [ ]; source = { fetchSubmodules = false; rev = "4211e6d05941b4a981f9a36b49ec166cecd0e271"; @@ -1924,382 +1924,382 @@ version = "2.0.0"; }; omniauth-rails_csrf_protection = { - dependencies = ["actionpack" "omniauth"]; - groups = ["default"]; - platforms = []; + dependencies = [ "actionpack" "omniauth" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1kwswnkyl8ym6i4wv65qh3qchqbf2n0c6lbhfgbvkds3gpmnlm7w"; type = "gem"; }; version = "1.0.1"; }; omniauth-saml = { - dependencies = ["omniauth" "ruby-saml"]; - groups = ["default"]; - platforms = []; + dependencies = [ "omniauth" "ruby-saml" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "01k9rkg97npcgm8r4x3ja8y20hsg4zy0dcjpzafx148q4yxbg74n"; type = "gem"; }; version = "2.1.0"; }; omniauth_openid_connect = { - dependencies = ["omniauth" "openid_connect"]; - groups = ["default"]; - platforms = []; + dependencies = [ "omniauth" "openid_connect" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "08yl0x203k6nrshc70zawfqh79ap1c3fyka9zwwy61cvn7sih4sz"; type = "gem"; }; version = "0.6.1"; }; openid_connect = { - dependencies = ["activemodel" "attr_required" "json-jwt" "net-smtp" "rack-oauth2" "swd" "tzinfo" "validate_email" "validate_url" "webfinger"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activemodel" "attr_required" "json-jwt" "net-smtp" "rack-oauth2" "swd" "tzinfo" "validate_email" "validate_url" "webfinger" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1k9kdivp45v6vhzdrnl5fzhd378gjj2hl4w9bazbqnfm15rsnzc8"; type = "gem"; }; version = "1.4.2"; }; openssl = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0c649921vg2l939z5cc3jwd8p1v49099pdhxfk7sb9qqx5wi5873"; type = "gem"; }; version = "3.1.0"; }; openssl-signature_algorithm = { - dependencies = ["openssl"]; - groups = ["default"]; - platforms = []; + dependencies = [ "openssl" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "103yjl68wqhl5kxaciir5jdnyi7iv9yckishdr52s5knh9g0pd53"; type = "gem"; }; version = "1.3.0"; }; orm_adapter = { - groups = ["default" "pam_authentication"]; - platforms = []; + groups = [ "default" "pam_authentication" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1fg9jpjlzf5y49qs9mlpdrgs5rpcyihq1s4k79nv9js0spjhnpda"; type = "gem"; }; version = "0.5.0"; }; ox = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1yq0h1niimm8z6z8p1yxb104kxqw69bvbrax84598zfjxifcxhxz"; type = "gem"; }; version = "2.14.17"; }; parallel = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0jcc512l38c0c163ni3jgskvq1vc3mr8ly5pvjijzwvfml9lf597"; type = "gem"; }; version = "1.23.0"; }; parser = { - dependencies = ["ast" "racc"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "ast" "racc" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1swigds85jddb5gshll1g8lkmbcgbcp9bi1d4nigwvxki8smys0h"; type = "gem"; }; version = "3.2.2.3"; }; parslet = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "01pnw6ymz6nynklqvqxs4bcai25kcvnd5x4id9z3vd1rbmlk0lfl"; type = "gem"; }; version = "2.0.0"; }; pastel = { - dependencies = ["tty-color"]; - groups = ["default"]; - platforms = []; + dependencies = [ "tty-color" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0xash2gj08dfjvq4hy6l1z22s5v30fhizwgs10d6nviggpxsj7a8"; type = "gem"; }; version = "0.8.0"; }; pg = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0pfj771p5a29yyyw58qacks464sl86d5m3jxjl5rlqqw2m3v5xq4"; type = "gem"; }; version = "1.5.4"; }; pghero = { - dependencies = ["activerecord"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activerecord" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "002v32dzyyr29xd9cdsqp55g5gx19skvq9b4a4hr9lrs4i1xsavm"; type = "gem"; }; version = "3.3.3"; }; posix-spawn = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0cmb0svalqcxfzlzc5fvrci12b79x7bakasr8gkl3q5rz6di1q52"; type = "gem"; }; version = "0.3.15"; }; premailer = { - dependencies = ["addressable" "css_parser" "htmlentities"]; - groups = ["default"]; - platforms = []; + dependencies = [ "addressable" "css_parser" "htmlentities" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "10rzwdz43yy20lwzsr2as6aivhvwjvqh4nd48sa0ga57sizf1fb4"; type = "gem"; }; version = "1.21.0"; }; premailer-rails = { - dependencies = ["actionmailer" "net-smtp" "premailer"]; - groups = ["default"]; - platforms = []; + dependencies = [ "actionmailer" "net-smtp" "premailer" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0004f73kgrglida336fqkgx906m6n05nnfc17mypzg5rc78iaf61"; type = "gem"; }; version = "1.12.0"; }; private_address_check = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "05phz0vscfh9chv90yc9091pifw3cpwkh76flnhrmvja1q3na4cy"; type = "gem"; }; version = "0.5.0"; }; public_suffix = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0n9j7mczl15r3kwqrah09cxj8hxdfawiqxa60kga2bmxl9flfz9k"; type = "gem"; }; version = "5.0.3"; }; puma = { - dependencies = ["nio4r"]; - groups = ["default"]; - platforms = []; + dependencies = [ "nio4r" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1x4dwx2shx0p7lsms97r85r7ji7zv57bjy3i1kmcpxc8bxvrr67c"; type = "gem"; }; version = "6.3.1"; }; pundit = { - dependencies = ["activesupport"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1wb03yzy1j41822rbfh9nn77im3zh1f5v8di05cd8rsrdpws542b"; type = "gem"; }; version = "2.3.0"; }; raabro = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "10m8bln9d00dwzjil1k42i5r7l82x25ysbi45fwyv4932zsrzynl"; type = "gem"; }; version = "1.4.0"; }; racc = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "11v3l46mwnlzlc371wr3x6yylpgafgwdf0q7hc7c1lzx6r414r5g"; type = "gem"; }; version = "1.7.1"; }; rack = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "15rdwbyk71c9nxvd527bvb8jxkcys8r3dj3vqra5b3sa63qs30vv"; type = "gem"; }; version = "2.2.8"; }; rack-attack = { - dependencies = ["rack"]; - groups = ["default"]; - platforms = []; + dependencies = [ "rack" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0z6pj5vjgl6swq7a33gssf795k958mss8gpmdb4v4cydcs7px91w"; type = "gem"; }; version = "6.7.0"; }; rack-cors = { - dependencies = ["rack"]; - groups = ["default"]; - platforms = []; + dependencies = [ "rack" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "02lvkg1nb4z3zc2nry545dap7a64bb9h2k8waxfz0jkabkgnpimw"; type = "gem"; }; version = "2.0.1"; }; rack-oauth2 = { - dependencies = ["activesupport" "attr_required" "httpclient" "json-jwt" "rack"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" "attr_required" "httpclient" "json-jwt" "rack" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1fknwsxz4429w1hndl6y30cmm2n34wmmaaj2hhp6jrm8ssfsfwjf"; type = "gem"; }; version = "1.21.3"; }; rack-protection = { - dependencies = ["rack"]; - groups = ["default"]; - platforms = []; + dependencies = [ "rack" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1a12m1mv8dc0g90fs1myvis8vsgr427k1arg1q4a9qlfw6fqyhis"; type = "gem"; }; version = "3.0.5"; }; rack-proxy = { - dependencies = ["rack"]; - groups = ["default"]; - platforms = []; + dependencies = [ "rack" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1a62439xwn5v6hsl9s11hdk4wj58czhcbg7lminv23mnkc0ca147"; type = "gem"; }; version = "0.7.6"; }; rack-test = { - dependencies = ["rack"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ "rack" ]; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1ysx29gk9k14a14zsp5a8czys140wacvp91fja8xcja0j1hzqq8c"; type = "gem"; }; version = "2.1.0"; }; rails = { - dependencies = ["actioncable" "actionmailbox" "actionmailer" "actionpack" "actiontext" "actionview" "activejob" "activemodel" "activerecord" "activestorage" "activesupport" "railties"]; - groups = ["default"]; - platforms = []; + dependencies = [ "actioncable" "actionmailbox" "actionmailer" "actionpack" "actiontext" "actionview" "activejob" "activemodel" "activerecord" "activestorage" "activesupport" "railties" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0pxi3psfl4kpgjf6bhch1albjy9knn9c2s6sammy9lyckhh7akhq"; type = "gem"; }; version = "7.0.7.2"; }; rails-controller-testing = { - dependencies = ["actionpack" "actionview" "activesupport"]; - groups = ["test"]; - platforms = []; + dependencies = [ "actionpack" "actionview" "activesupport" ]; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "151f303jcvs8s149mhx2g5mn67487x0blrf9dzl76q1nb7dlh53l"; type = "gem"; }; version = "1.0.5"; }; rails-dom-testing = { - dependencies = ["activesupport" "minitest" "nokogiri"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ "activesupport" "minitest" "nokogiri" ]; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "17g05y7q7934z0ib4aph8h71c2qwjmlakkm7nb2ab45q0aqkfgjd"; type = "gem"; }; version = "2.1.1"; }; rails-html-sanitizer = { - dependencies = ["loofah" "nokogiri"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ "loofah" "nokogiri" ]; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1pm4z853nyz1bhhqr7fzl44alnx4bjachcr6rh6qjj375sfz3sc6"; type = "gem"; }; version = "1.6.0"; }; rails-i18n = { - dependencies = ["i18n" "railties"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "i18n" "railties" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1bbh5gsw46djmrgddwaq3wsjmj9rsh5dk13wkclwxf1rg9jpkn3g"; type = "gem"; }; version = "7.0.7"; }; rails-settings-cached = { - dependencies = ["rails"]; - groups = ["default"]; - platforms = []; + dependencies = [ "rails" ]; + groups = [ "default" ]; + platforms = [ ]; source = { fetchSubmodules = false; rev = "86328ef0bd04ce21cc0504ff5e334591e8c2ccab"; @@ -2310,954 +2310,954 @@ version = "0.6.6"; }; railties = { - dependencies = ["actionpack" "activesupport" "method_source" "rake" "thor" "zeitwerk"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ "actionpack" "activesupport" "method_source" "rake" "thor" "zeitwerk" ]; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "01pdn9sn7kawwrvrbr3vz44j287xbka8mm7nrv9cl510y8gzxi2x"; type = "gem"; }; version = "7.0.7.2"; }; rainbow = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0smwg4mii0fm38pyb5fddbmrdpifwv22zv3d3px2xx497am93503"; type = "gem"; }; version = "3.1.1"; }; rake = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "15whn7p9nrkxangbs9hh75q585yfn66lv0v2mhj6q6dl6x8bzr2w"; type = "gem"; }; version = "13.0.6"; }; rdf = { - dependencies = ["link_header"]; - groups = ["default"]; - platforms = []; + dependencies = [ "link_header" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1jx4xyip4inrhr099zac8ah5232g70rv39mm19p85sgpwg80a6ip"; type = "gem"; }; version = "3.2.11"; }; rdf-normalize = { - dependencies = ["rdf"]; - groups = ["default"]; - platforms = []; + dependencies = [ "rdf" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "12slrdq6xch5rqj1m79k1wv09264pmhs76nm300j1jsjpcfmdg0r"; type = "gem"; }; version = "0.6.1"; }; redcarpet = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1sg9sbf9pm91l7lac7fs4silabyn0vflxwaa2x3lrzsm0ff8ilca"; type = "gem"; }; version = "3.6.0"; }; redis = { - groups = ["default" "test"]; - platforms = []; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0fikjg6j12ka6hh36dxzhfkpqqmilzjfzcdf59iwkzsgd63f0ziq"; type = "gem"; }; version = "4.8.1"; }; redis-namespace = { - dependencies = ["redis"]; - groups = ["default"]; - platforms = []; + dependencies = [ "redis" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0f92i9cwlp6xj6fyn7qn4qsaqvxfw4wqvayll7gbd26qnai1l6p9"; type = "gem"; }; version = "1.11.0"; }; redlock = { - dependencies = ["redis"]; - groups = ["default"]; - platforms = []; + dependencies = [ "redis" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0xvjwfzq7rqj4k311kidwmv5app3i7glz4miys6ixqy6c8yylz3c"; type = "gem"; }; version = "1.3.2"; }; regexp_parser = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "136br91alxdwh1s85z912dwz23qlhm212vy6i3wkinz3z8mkxxl3"; type = "gem"; }; version = "2.8.1"; }; request_store = { - dependencies = ["rack"]; - groups = ["default" "production"]; - platforms = []; + dependencies = [ "rack" ]; + groups = [ "default" "production" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "13ppgmsbrqah08j06bybd3cddv6dml79yzyjn7r8j1src78h98h7"; type = "gem"; }; version = "1.5.1"; }; responders = { - dependencies = ["actionpack" "railties"]; - groups = ["default" "pam_authentication"]; - platforms = []; + dependencies = [ "actionpack" "railties" ]; + groups = [ "default" "pam_authentication" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0m9s0mkkprrz02gxhq0ijlwjy0nx1j5yrjf8ssjnhyagnx03lyrx"; type = "gem"; }; version = "3.1.0"; }; rexml = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "05i8518ay14kjbma550mv0jm8a6di8yp5phzrd8rj44z9qnrlrp0"; type = "gem"; }; version = "3.2.6"; }; rotp = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "10mmzc85y7andsich586ndykw678qn1ns2wpjxrg0sc0gr4w3pig"; type = "gem"; }; version = "6.2.2"; }; rouge = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0pym2zjwl6dwdfvbn7rbvmds32r70jx9qddhvvi6pqy6987ack1v"; type = "gem"; }; version = "4.1.2"; }; rpam2 = { - groups = ["default" "pam_authentication"]; - platforms = []; + groups = [ "default" "pam_authentication" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1zvli3s4z1hf2l7gyfickm5i3afjrnycc3ihbiax6ji6arpbyf33"; type = "gem"; }; version = "4.0.2"; }; rqrcode = { - dependencies = ["chunky_png" "rqrcode_core"]; - groups = ["default"]; - platforms = []; + dependencies = [ "chunky_png" "rqrcode_core" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1hggzz8i1l62pkkiybhiqv6ypxw7q844sddrrbbfczjcnj5sivi3"; type = "gem"; }; version = "2.2.0"; }; rqrcode_core = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "06ld6386hbdhy5h0k09axmgn424kavpc8f27k1vjhknjhbf8jjfg"; type = "gem"; }; version = "1.2.0"; }; rspec-core = { - dependencies = ["rspec-support"]; - groups = ["default" "development" "test"]; - platforms = []; + dependencies = [ "rspec-support" ]; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0l95bnjxdabrn79hwdhn2q1n7mn26pj7y1w5660v5qi81x458nqm"; type = "gem"; }; version = "3.12.2"; }; rspec-expectations = { - dependencies = ["diff-lcs" "rspec-support"]; - groups = ["default" "development" "test"]; - platforms = []; + dependencies = [ "diff-lcs" "rspec-support" ]; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "05j44jfqlv7j2rpxb5vqzf9hfv7w8ba46wwgxwcwd8p0wzi1hg89"; type = "gem"; }; version = "3.12.3"; }; rspec-mocks = { - dependencies = ["diff-lcs" "rspec-support"]; - groups = ["default" "development" "test"]; - platforms = []; + dependencies = [ "diff-lcs" "rspec-support" ]; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1hfm17xakfvwya236graj6c2arr4sb9zasp35q5fykhyz8mhs0w2"; type = "gem"; }; version = "3.12.5"; }; rspec-rails = { - dependencies = ["actionpack" "activesupport" "railties" "rspec-core" "rspec-expectations" "rspec-mocks" "rspec-support"]; - groups = ["development" "test"]; - platforms = []; + dependencies = [ "actionpack" "activesupport" "railties" "rspec-core" "rspec-expectations" "rspec-mocks" "rspec-support" ]; + groups = [ "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "086qdyz7c4s5dslm6j06mq7j4jmj958whc3yinhabnqqmz7i463d"; type = "gem"; }; version = "6.0.3"; }; rspec-sidekiq = { - dependencies = ["rspec-core" "rspec-expectations" "rspec-mocks" "sidekiq"]; - groups = ["test"]; - platforms = []; + dependencies = [ "rspec-core" "rspec-expectations" "rspec-mocks" "sidekiq" ]; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0dijmcwjn8k6lrld3yqbqfrqb5g73l57yx98y5frx54p5qxjzbzy"; type = "gem"; }; version = "4.0.1"; }; rspec-support = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1ky86j3ksi26ng9ybd7j0qsdf1lpr8mzrmn98yy9gzv801fvhsgr"; type = "gem"; }; version = "3.12.1"; }; rspec_chunked = { - groups = ["test"]; - platforms = []; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0h4bsj3m7vb47qnx5bry4v0xscrb3lhg1f1vyxl524znb3i2qqzv"; type = "gem"; }; version = "0.6"; }; rubocop = { - dependencies = ["base64" "json" "language_server-protocol" "parallel" "parser" "rainbow" "regexp_parser" "rexml" "rubocop-ast" "ruby-progressbar" "unicode-display_width"]; - groups = ["development"]; - platforms = []; + dependencies = [ "base64" "json" "language_server-protocol" "parallel" "parser" "rainbow" "regexp_parser" "rexml" "rubocop-ast" "ruby-progressbar" "unicode-display_width" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1hr8g9pqw3w87a83kqcxpayrx4jmsziharrg4vqw0gr9kksx2dfv"; type = "gem"; }; version = "1.56.2"; }; rubocop-ast = { - dependencies = ["parser"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "parser" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "188bs225kkhrb17dsf3likdahs2p1i1sqn0pr3pvlx50g6r2mnni"; type = "gem"; }; version = "1.29.0"; }; rubocop-capybara = { - dependencies = ["rubocop"]; - groups = ["development"]; - platforms = []; + dependencies = [ "rubocop" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "01fn05a87g009ch1sh00abdmgjab87i995msap26vxq1a5smdck6"; type = "gem"; }; version = "2.18.0"; }; rubocop-factory_bot = { - dependencies = ["rubocop"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "rubocop" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0kqchl8f67k2g56sq2h1sm2wb6br5gi47s877hlz94g5086f77n1"; type = "gem"; }; version = "2.23.1"; }; rubocop-performance = { - dependencies = ["rubocop" "rubocop-ast"]; - groups = ["development"]; - platforms = []; + dependencies = [ "rubocop" "rubocop-ast" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1v3a2g3wk3aqa0k0zzla10qkxlc625zkj3yf4zcsybs86r5bm4xn"; type = "gem"; }; version = "1.19.0"; }; rubocop-rails = { - dependencies = ["activesupport" "rack" "rubocop"]; - groups = ["development"]; - platforms = []; + dependencies = [ "activesupport" "rack" "rubocop" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "05r46ds0dm44fb4p67hbz721zck8mdwblzssz2y25yh075hvs36j"; type = "gem"; }; version = "2.20.2"; }; rubocop-rspec = { - dependencies = ["rubocop" "rubocop-capybara" "rubocop-factory_bot"]; - groups = ["development"]; - platforms = []; + dependencies = [ "rubocop" "rubocop-capybara" "rubocop-factory_bot" ]; + groups = [ "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0ylwy4afnxhbrvlaf8an9nrizj78axnzggiyfcp8v531cv8six5f"; type = "gem"; }; version = "2.23.2"; }; ruby-prof = { - groups = ["development" "test"]; - platforms = []; + groups = [ "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "13fsfw43zx9pcix1fzxb95g09yadqjvc8971k74krrjz81vbyh51"; type = "gem"; }; version = "1.6.3"; }; ruby-progressbar = { - groups = ["default" "development" "test"]; - platforms = []; + groups = [ "default" "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0cwvyb7j47m7wihpfaq7rc47zwwx9k4v7iqd9s1xch5nm53rrz40"; type = "gem"; }; version = "1.13.0"; }; ruby-saml = { - dependencies = ["nokogiri" "rexml"]; - groups = ["default"]; - platforms = []; + dependencies = [ "nokogiri" "rexml" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "18vnbzin5ypxrgcs9lllg7x311b69dyrdw2w1pwz84438hmxm79s"; type = "gem"; }; version = "1.15.0"; }; ruby2_keywords = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1vz322p8n39hz3b4a9gkmz9y7a5jaz41zrm2ywf31dvkqm03glgz"; type = "gem"; }; version = "0.0.5"; }; rubyzip = { - groups = ["default" "test"]; - platforms = []; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0grps9197qyxakbpw02pda59v45lfgbgiyw48i0mq9f2bn9y6mrz"; type = "gem"; }; version = "2.3.2"; }; rufus-scheduler = { - dependencies = ["fugit"]; - groups = ["default"]; - platforms = []; + dependencies = [ "fugit" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "14lr8c2sswn0sisvrfi4448pmr34za279k3zlxgh581rl1y0gjjz"; type = "gem"; }; version = "3.9.1"; }; safety_net_attestation = { - dependencies = ["jwt"]; - groups = ["default"]; - platforms = []; + dependencies = [ "jwt" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1khq0y5w7lf2b9a220298hphf3pakd216jc9a4x4a9pdwxs2vgln"; type = "gem"; }; version = "0.4.0"; }; sanitize = { - dependencies = ["crass" "nokogiri"]; - groups = ["default"]; - platforms = []; + dependencies = [ "crass" "nokogiri" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1kymrjdpbmn4yaml3aaqyj1dzj8gqmm9h030dc2rj5mvja7fpi28"; type = "gem"; }; version = "6.0.2"; }; scenic = { - dependencies = ["activerecord" "railties"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activerecord" "railties" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "04sd4jmgnwpilr3k061x87yyryya2mj15a8602fip49lfxza5548"; type = "gem"; }; version = "1.7.0"; }; selenium-webdriver = { - dependencies = ["rexml" "rubyzip" "websocket"]; - groups = ["test"]; - platforms = []; + dependencies = [ "rexml" "rubyzip" "websocket" ]; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0ws0mh230l1pvyxcrlcr48w01alfhprjs1jbd8yrn463drsr2yac"; type = "gem"; }; version = "4.11.0"; }; semantic_range = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1dlp97vg95plrsaaqj7x8l7z9vsjbhnqk4rw1l30gy26lmxpfrih"; type = "gem"; }; version = "3.0.0"; }; sidekiq = { - dependencies = ["connection_pool" "rack" "redis"]; - groups = ["default" "test"]; - platforms = []; + dependencies = [ "connection_pool" "rack" "redis" ]; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0iv7vgqyrpymiwvc3ca24sl4lda8m627p657p0v4xzdpzincrnbr"; type = "gem"; }; version = "6.5.9"; }; sidekiq-bulk = { - dependencies = ["sidekiq"]; - groups = ["default"]; - platforms = []; + dependencies = [ "sidekiq" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "08nyxzmgf742irafy3l4fj09d4s5pyvsh0dzlh8y4hl51rgkh4xv"; type = "gem"; }; version = "0.2.0"; }; sidekiq-scheduler = { - dependencies = ["rufus-scheduler" "sidekiq" "tilt"]; - groups = ["default"]; - platforms = []; + dependencies = [ "rufus-scheduler" "sidekiq" "tilt" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0p5jjs3x2pa2fy494xs39xbq642pri13809dcr1l3hjsm56qvp1h"; type = "gem"; }; version = "5.0.3"; }; sidekiq-unique-jobs = { - dependencies = ["brpoplpush-redis_script" "concurrent-ruby" "redis" "sidekiq" "thor"]; - groups = ["default"]; - platforms = []; + dependencies = [ "brpoplpush-redis_script" "concurrent-ruby" "redis" "sidekiq" "thor" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "02f91b24hrrn688wqvxb13lwvcgqb7g9k3sxylnydd6v89wr8mcg"; type = "gem"; }; version = "7.1.29"; }; simple-navigation = { - dependencies = ["activesupport"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1wc1rapwhqymcjfxmlgam4cvbyhnzfxada2damq88ij2p77pjz4q"; type = "gem"; }; version = "4.4.0"; }; simple_form = { - dependencies = ["actionpack" "activemodel"]; - groups = ["default"]; - platforms = []; + dependencies = [ "actionpack" "activemodel" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0z4df65w9qpri315lpvzazdxa9xb7yj0j3d77q06wf0jnpvw4mzs"; type = "gem"; }; version = "5.2.0"; }; simplecov = { - dependencies = ["docile" "simplecov-html" "simplecov_json_formatter"]; - groups = ["test"]; - platforms = []; + dependencies = [ "docile" "simplecov-html" "simplecov_json_formatter" ]; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "198kcbrjxhhzca19yrdcd6jjj9sb51aaic3b0sc3pwjghg3j49py"; type = "gem"; }; version = "0.22.0"; }; simplecov-html = { - groups = ["default" "test"]; - platforms = []; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0yx01bxa8pbf9ip4hagqkp5m0mqfnwnw2xk8kjraiywz4lrss6jb"; type = "gem"; }; version = "0.12.3"; }; simplecov_json_formatter = { - groups = ["default" "test"]; - platforms = []; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0a5l0733hj7sk51j81ykfmlk2vd5vaijlq9d5fn165yyx3xii52j"; type = "gem"; }; version = "0.1.4"; }; smart_properties = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0jrqssk9qhwrpq41arm712226vpcr458xv6xaqbk8cp94a0kycpr"; type = "gem"; }; version = "1.17.0"; }; sprockets = { - dependencies = ["concurrent-ruby" "rack"]; - groups = ["default"]; - platforms = []; + dependencies = [ "concurrent-ruby" "rack" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "182jw5a0fbqah5w9jancvfmjbk88h8bxdbwnl4d3q809rpxdg8ay"; type = "gem"; }; version = "3.7.2"; }; sprockets-rails = { - dependencies = ["actionpack" "activesupport" "sprockets"]; - groups = ["default"]; - platforms = []; + dependencies = [ "actionpack" "activesupport" "sprockets" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1b9i14qb27zs56hlcc2hf139l0ghbqnjpmfi0054dxycaxvk5min"; type = "gem"; }; version = "3.4.2"; }; sshkit = { - dependencies = ["net-scp" "net-ssh"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "net-scp" "net-ssh" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "14a717mr2cmpgld5fcdd124cvlc5b634f96rhwlnmmc4m8bbkcp9"; type = "gem"; }; version = "1.21.5"; }; stackprof = { - groups = ["development" "test"]; - platforms = []; + groups = [ "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0bhdgfb0pmw9mav1kw9fn0ka012sa0i3h5ppvqssw5xq48nhxnr8"; type = "gem"; }; version = "0.2.25"; }; statsd-ruby = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "028136c463nbravckxb1qi5c5nnv9r6vh2cyhiry423lac4xz79n"; type = "gem"; }; version = "1.5.0"; }; stoplight = { - dependencies = ["redlock"]; - groups = ["default"]; - platforms = []; + dependencies = [ "redlock" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1vhqx7q8qpq3x9ba504n7bp0r9dxcck0r0hd73cac2iqkix6khlv"; type = "gem"; }; version = "3.0.2"; }; strong_migrations = { - dependencies = ["activerecord"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activerecord" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0wz4zhsp4xia8zcpi98v4sgjlv2prd515l8jz4f7j0wk45dfkjs1"; type = "gem"; }; version = "0.8.0"; }; swd = { - dependencies = ["activesupport" "attr_required" "httpclient"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" "attr_required" "httpclient" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "12b3q2sw42nnilfb51nlqdv07f31vdv2j595kd99asnkw4cjlf5w"; type = "gem"; }; version = "1.3.0"; }; sysexits = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0qjng6pllznmprzx8vb0zg0c86hdrkyjs615q41s9fjpmv2430jr"; type = "gem"; }; version = "1.2.0"; }; temple = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "09p32vp94sa1mbr0if0adf02yzc4ns00lsmpwns2xbkncwpzrqm4"; type = "gem"; }; version = "0.10.2"; }; terminal-table = { - dependencies = ["unicode-display_width"]; - groups = ["default" "development"]; - platforms = []; + dependencies = [ "unicode-display_width" ]; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "14dfmfjppmng5hwj7c5ka6qdapawm3h6k9lhn8zj001ybypvclgr"; type = "gem"; }; version = "3.0.2"; }; terrapin = { - dependencies = ["climate_control"]; - groups = ["default"]; - platforms = []; + dependencies = [ "climate_control" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0p18f05r0c5s70571gqig3z2ym74wx79s6rd45sprp207bqskzn9"; type = "gem"; }; version = "0.6.0"; }; test-prof = { - groups = ["development" "test"]; - platforms = []; + groups = [ "development" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "08j5456rdpgxvv8bs44x81jrxzpxb79wxfxdq4fqwxyircxzi2jj"; type = "gem"; }; version = "1.2.2"; }; thor = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0k7j2wn14h1pl4smibasw0bp66kg626drxb59z7rzflch99cd4rg"; type = "gem"; }; version = "1.2.2"; }; tilt = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0bmjgbv8158klwp2r3klxjwaj93nh1sbl4xvj9wsha0ic478avz7"; type = "gem"; }; version = "2.2.0"; }; timeout = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1d9cvm0f4zdpwa795v3zv4973y5zk59j7s1x3yn90jjrhcz1yvfd"; type = "gem"; }; version = "0.4.0"; }; tpm-key_attestation = { - dependencies = ["bindata" "openssl" "openssl-signature_algorithm"]; - groups = ["default"]; - platforms = []; + dependencies = [ "bindata" "openssl" "openssl-signature_algorithm" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0v8y5dibsyskv1ncdgszhxwzq0gzmvb0zl7sgmx0xvsgy86dhcz1"; type = "gem"; }; version = "0.12.0"; }; tty-color = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0aik4kmhwwrmkysha7qibi2nyzb4c8kp42bd5vxnf8sf7b53g73g"; type = "gem"; }; version = "0.6.0"; }; tty-cursor = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0j5zw041jgkmn605ya1zc151bxgxl6v192v2i26qhxx7ws2l2lvr"; type = "gem"; }; version = "0.7.1"; }; tty-prompt = { - dependencies = ["pastel" "tty-reader"]; - groups = ["default"]; - platforms = []; + dependencies = [ "pastel" "tty-reader" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1j4y8ik82azjxshgd4i1v4wwhsv3g9cngpygxqkkz69qaa8cxnzw"; type = "gem"; }; version = "0.23.1"; }; tty-reader = { - dependencies = ["tty-cursor" "tty-screen" "wisper"]; - groups = ["default"]; - platforms = []; + dependencies = [ "tty-cursor" "tty-screen" "wisper" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1cf2k7w7d84hshg4kzrjvk9pkyc2g1m3nx2n1rpmdcf0hp4p4af6"; type = "gem"; }; version = "0.9.0"; }; tty-screen = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "18jr6s1cg8yb26wzkqa6874q0z93rq0y5aw092kdqazk71y6a235"; type = "gem"; }; version = "0.8.1"; }; twitter-text = { - dependencies = ["idn-ruby" "unf"]; - groups = ["default"]; - platforms = []; + dependencies = [ "idn-ruby" "unf" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1dnmp0bj3l01nbb52zby2c7hrazcdwfg846knkrjdfl0yfmv793z"; type = "gem"; }; version = "3.1.0"; }; tzinfo = { - dependencies = ["concurrent-ruby"]; - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + dependencies = [ "concurrent-ruby" ]; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "16w2g84dzaf3z13gxyzlzbf748kylk5bdgg3n1ipvkvvqy685bwd"; type = "gem"; }; version = "2.0.6"; }; tzinfo-data = { - dependencies = ["tzinfo"]; - groups = ["default"]; - platforms = []; + dependencies = [ "tzinfo" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0m2d0gpsgqnv29j5h2d6g57g0rayvd460b8s2vjr8sn46bqf89m5"; type = "gem"; }; version = "1.2023.3"; }; unf = { - dependencies = ["unf_ext"]; - groups = ["default"]; - platforms = []; + dependencies = [ "unf_ext" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0bh2cf73i2ffh4fcpdn9ir4mhq8zi50ik0zqa1braahzadx536a9"; type = "gem"; }; version = "0.1.4"; }; unf_ext = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1yj2nz2l101vr1x9w2k83a0fag1xgnmjwp8w8rw4ik2rwcz65fch"; type = "gem"; }; version = "0.0.8.2"; }; unicode-display_width = { - groups = ["default" "development"]; - platforms = []; + groups = [ "default" "development" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1gi82k102q7bkmfi7ggn9ciypn897ylln1jk9q67kjhr39fj043a"; type = "gem"; }; version = "2.4.2"; }; uri = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0fa49cdssxllj1j37a56kq27wsibx5lmqxkqdk1rz3452y0bsydy"; type = "gem"; }; version = "0.12.2"; }; validate_email = { - dependencies = ["activemodel" "mail"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activemodel" "mail" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1r1fz29l699arka177c9xw7409d1a3ff95bf7a6pmc97slb91zlx"; type = "gem"; }; version = "0.1.6"; }; validate_url = { - dependencies = ["activemodel" "public_suffix"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activemodel" "public_suffix" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0lblym140w5n88ijyfgcvkxvpfj8m6z00rxxf2ckmmhk0x61dzkj"; type = "gem"; }; version = "1.0.15"; }; warden = { - dependencies = ["rack"]; - groups = ["default" "pam_authentication"]; - platforms = []; + dependencies = [ "rack" ]; + groups = [ "default" "pam_authentication" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1l7gl7vms023w4clg02pm4ky9j12la2vzsixi2xrv9imbn44ys26"; type = "gem"; }; version = "1.2.9"; }; webauthn = { - dependencies = ["android_key_attestation" "awrence" "bindata" "cbor" "cose" "openssl" "safety_net_attestation" "tpm-key_attestation"]; - groups = ["default"]; - platforms = []; + dependencies = [ "android_key_attestation" "awrence" "bindata" "cbor" "cose" "openssl" "safety_net_attestation" "tpm-key_attestation" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1ri09bf640kkw4v6k2g90q2nw1mx2hsghhngaqgb7958q8id8xrz"; type = "gem"; }; version = "3.0.0"; }; webfinger = { - dependencies = ["activesupport" "httpclient"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" "httpclient" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "18jj50b44a471ig7hw1ax90wxaaz40acmrf6cm7m2iyshlffy53q"; type = "gem"; }; version = "1.2.0"; }; webmock = { - dependencies = ["addressable" "crack" "hashdiff"]; - groups = ["test"]; - platforms = []; + dependencies = [ "addressable" "crack" "hashdiff" ]; + groups = [ "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0vfispr7wd2p1fs9ckn1qnby1yyp4i1dl7qz8n482iw977iyxrza"; type = "gem"; }; version = "3.19.1"; }; webpacker = { - dependencies = ["activesupport" "rack-proxy" "railties" "semantic_range"]; - groups = ["default"]; - platforms = []; + dependencies = [ "activesupport" "rack-proxy" "railties" "semantic_range" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0fh4vijqiq1h7w28llk67y9csc0m4wkdivrsl4fsxg279v6j5z3i"; type = "gem"; }; version = "5.4.4"; }; webpush = { - dependencies = ["hkdf" "jwt"]; - groups = ["default"]; - platforms = []; + dependencies = [ "hkdf" "jwt" ]; + groups = [ "default" ]; + platforms = [ ]; source = { fetchSubmodules = false; rev = "f14a4d52e201128b1b00245d11b6de80d6cfdcd9"; @@ -3268,72 +3268,72 @@ version = "0.3.8"; }; websocket = { - groups = ["default" "test"]; - platforms = []; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0dib6p55sl606qb4vpwrvj5wh881kk4aqn2zpfapf8ckx7g14jw8"; type = "gem"; }; version = "1.2.9"; }; websocket-driver = { - dependencies = ["websocket-extensions"]; - groups = ["default"]; - platforms = []; + dependencies = [ "websocket-extensions" ]; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1nyh873w4lvahcl8kzbjfca26656d5c6z3md4sbqg5y1gfz0157n"; type = "gem"; }; version = "0.7.6"; }; websocket-extensions = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0hc2g9qps8lmhibl5baa91b4qx8wqw872rgwagml78ydj8qacsqw"; type = "gem"; }; version = "0.1.5"; }; wisper = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1rpsi0ziy78cj82sbyyywby4d0aw0a5q84v65qd28vqn79fbq5yf"; type = "gem"; }; version = "2.0.1"; }; xorcist = { - groups = ["default"]; - platforms = []; + groups = [ "default" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1dbbiy8xlcfvn9ais37xfb5rci4liwakkmxzbkp72wmvlgcrf339"; type = "gem"; }; version = "1.1.3"; }; xpath = { - dependencies = ["nokogiri"]; - groups = ["default" "test"]; - platforms = []; + dependencies = [ "nokogiri" ]; + groups = [ "default" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "0bh8lk9hvlpn7vmi6h4hkcwjzvs2y0cmkk3yjjdr8fxvj6fsgzbd"; type = "gem"; }; version = "3.2.0"; }; zeitwerk = { - groups = ["default" "development" "pam_authentication" "production" "test"]; - platforms = []; + groups = [ "default" "development" "pam_authentication" "production" "test" ]; + platforms = [ ]; source = { - remotes = ["https://rubygems.org"]; + remotes = [ "https://rubygems.org" ]; sha256 = "1mwdd445w63khz13hpv17m2br5xngyjl3jdj08xizjbm78i2zrxd"; type = "gem"; }; diff --git a/nixos/pkgs/glitch-soc/source.nix b/nixos/pkgs/glitch-soc/source.nix index cf57d443..9f67c32e 100644 --- a/nixos/pkgs/glitch-soc/source.nix +++ b/nixos/pkgs/glitch-soc/source.nix @@ -1,11 +1,13 @@ # This file was generated by pkgs.mastodon.updateScript. -{ fetchgit, applyPatches }: let +{ fetchgit, applyPatches }: +let src = fetchgit { url = "https://github.com/glitch-soc/mastodon.git"; rev = "a1df9fdb06854bd55f018918236132ccfa7d9d84"; sha256 = "0amqiigq3qgag6qm119aaysmd2k93vwgr1aynxjxmbpn35ykcay3"; }; -in applyPatches { +in +applyPatches { inherit src; - patches = []; + patches = [ ]; } diff --git a/nixos/pkgs/glitch-soc/update.nix b/nixos/pkgs/glitch-soc/update.nix index 40a7fe50..a4318e7c 100644 --- a/nixos/pkgs/glitch-soc/update.nix +++ b/nixos/pkgs/glitch-soc/update.nix @@ -1,5 +1,14 @@ -{ runCommand, lib, makeWrapper, yarn2nix, bundix, coreutils, diffutils -, nix-prefetch-git, gnused, jq }: +{ runCommand +, lib +, makeWrapper +, yarn2nix +, bundix +, coreutils +, diffutils +, nix-prefetch-git +, gnused +, jq +}: let binPath = lib.makeBinPath [ yarn2nix @@ -10,7 +19,9 @@ let gnused jq ]; -in runCommand "mastodon-update-script" { +in +runCommand "mastodon-update-script" +{ nativeBuildInputs = [ makeWrapper ]; meta = { diff --git a/nixos/pkgs/plex-pass/raw.nix b/nixos/pkgs/plex-pass/raw.nix index b2f13fff..425928b0 100644 --- a/nixos/pkgs/plex-pass/raw.nix +++ b/nixos/pkgs/plex-pass/raw.nix @@ -2,8 +2,10 @@ let sources = builtins.fromJSON (builtins.readFile ./sources.json); source = lib.findFirst (x: x.platform == stdenv.hostPlatform.system) - (throw "unsupported platform: ${stdenv.hostPlatform.system}") sources; -in plexRaw.overrideAttrs (attrs: { + (throw "unsupported platform: ${stdenv.hostPlatform.system}") + sources; +in +plexRaw.overrideAttrs (attrs: { pname = attrs.pname + "-plexpass"; inherit (source) version; src = fetchurl { diff --git a/nixos/pkgs/roundcube-swipe/default.nix b/nixos/pkgs/roundcube-swipe/default.nix index 1287e7bb..50aeb281 100644 --- a/nixos/pkgs/roundcube-swipe/default.nix +++ b/nixos/pkgs/roundcube-swipe/default.nix @@ -6,7 +6,8 @@ let mkdir -p $out/plugins/ cp -r ${src} $out/plugins/swipe ''; -in roundcubePlugin rec { +in +roundcubePlugin rec { pname = "roundcube-swipe"; version = "0.5"; diff --git a/nixos/util.nix b/nixos/util.nix index 3ed3f20a..5a55aa5e 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -7,19 +7,21 @@ let mailserver.nixosModules.mailserver attic.nixosModules.atticd ]; - type_import = let - import_cases = { - "lxc" = [ - "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" - ./common/generic-lxc.nix - ]; - "vm" = [ ./common/generic-vm.nix ]; - "local" = [ - lanzaboote.nixosModules.lanzaboote - ./common/desktop - ]; - }; - in type: import_cases.${type} ++ base_imports; + type_import = + let + import_cases = { + "lxc" = [ + "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" + ./common/generic-lxc.nix + ]; + "vm" = [ ./common/generic-vm.nix ]; + "local" = [ + lanzaboote.nixosModules.lanzaboote + ./common/desktop + ]; + }; + in + type: import_cases.${type} ++ base_imports; # Helper function to resolve what should be imported depending on the type of config (lxc, vm, bare metal) resolve_imports = { hostname, realm, profile ? hostname, type ? "lxc", ... }: type_import type @@ -38,7 +40,7 @@ let # Flatten all hosts to a single list flatten_hosts = realms: concatMap (mapAttrsToList (name: value: value // { hostname = name; })) - (attrValues realms); + (attrValues realms); # Filter out all hosts which aren't nixos filter_nix_hosts = filter ({ nix ? true, ... }: nix); @@ -46,12 +48,20 @@ let # outputs # Helper function to build a colmena host definition - mkColmenaHost = { ip ? null, exposes ? null, hostname, tags, realm - , type ? "lxc", ... }@host: + mkColmenaHost = + { ip ? null + , exposes ? null + , hostname + , tags + , realm + , type ? "lxc" + , ... + }@host: let # this makes local apply work a bit nicer name = if type == "local" then hostname else "${hostname}.${realm}"; - in { + in + { "${name}" = { imports = resolve_imports host; networking = { @@ -73,4 +83,5 @@ let hosts = add_realm_to_tags (import ./hosts); flat_hosts = flatten_hosts hosts; nixHosts = filter_nix_hosts flat_hosts; -in { inherit base_imports mkColmenaHost hosts flat_hosts nixHosts; } +in +{ inherit base_imports mkColmenaHost hosts flat_hosts nixHosts; } diff --git a/repl.nix b/repl.nix index 592bf148..71413191 100644 --- a/repl.nix +++ b/repl.nix @@ -1,6 +1,7 @@ let flake = builtins.getFlake (toString ./.); nixpkgs = import { }; -in { +in +{ inherit flake; } // flake // builtins // nixpkgs // nixpkgs.lib // flake.nixosConfigurations -- 2.47.1 From f45486254fb91ffd21f29794f4bef48f7478cc0a Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 26 Sep 2023 17:40:48 +0200 Subject: [PATCH 1811/1882] update lock --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 267ad24f..1218765b 100644 --- a/flake.lock +++ b/flake.lock @@ -698,11 +698,11 @@ ] }, "locked": { - "lastModified": 1695550077, - "narHash": "sha256-xoxR/iY69/3lTnnZDP6gf3J46DUKPcf+Y1jH03tfZXE=", + "lastModified": 1695738267, + "narHash": "sha256-LTNAbTQ96xSj17xBfsFrFS9i56U2BMLpD0BduhrsVkU=", "owner": "nix-community", "repo": "home-manager", - "rev": "a88df2fb101778bfd98a17556b3a2618c6c66091", + "rev": "0f4e5b4999fd6a42ece5da8a3a2439a50e48e486", "type": "github" }, "original": { @@ -1100,11 +1100,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1695521010, - "narHash": "sha256-2raGKYu7U7nqBKUBPzZbnRAEraRstM4CHPN4GZHXtJM=", + "lastModified": 1695597504, + "narHash": "sha256-CKhj6wOKqndfHsDg8CKVBbpJWG8zHRZRLi7MnOatf0U=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "397b1733f45dc601e82ab9e13d5d427167fc284e", + "rev": "7a862f0a660d5bd850457a0ad7772e1672109ccd", "type": "github" }, "original": { @@ -1214,11 +1214,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1695625700, - "narHash": "sha256-lphJKrXUebw8LXkBZ2XMTvXO7fCoEJsWQ4HYebyqre0=", + "lastModified": 1695711035, + "narHash": "sha256-zMpaY4rOdjtYRxtrzFM/Ulo10thVWHD/fxq0eecWEPQ=", "owner": "pta2002", "repo": "nixvim", - "rev": "4316099f050112ca1377d9d2a274de3c744746dc", + "rev": "70b5f969ca5e235ff47c989f4a244eba5c0b8f3b", "type": "github" }, "original": { @@ -1229,11 +1229,11 @@ }, "nur": { "locked": { - "lastModified": 1695629172, - "narHash": "sha256-uyX3hb9n8O4DdtRLi3VsNLhhgsgV0NwDC0AJ3FT61rI=", + "lastModified": 1695736687, + "narHash": "sha256-UlPrbOrP1e1K9e2ELHNfF/NqAELQ0n4tsQQUj62IQXo=", "owner": "nix-community", "repo": "NUR", - "rev": "d68e23fbf48d0ac738fccb263ba30c7c3441cbe8", + "rev": "edba3ca416a4f368b62425aace11a8cc9748a47f", "type": "github" }, "original": { -- 2.47.1 From dfafc305e604ec39c377400f19d8dc77a86c3afb Mon Sep 17 00:00:00 2001 From: Forgejo Actions Bot <> Date: Tue, 26 Sep 2023 15:44:16 +0000 Subject: [PATCH 1812/1882] Update Plex --- nixos/pkgs/plex-pass/sources.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/nixos/pkgs/plex-pass/sources.json b/nixos/pkgs/plex-pass/sources.json index 5fc9079a..4ff6468e 100644 --- a/nixos/pkgs/plex-pass/sources.json +++ b/nixos/pkgs/plex-pass/sources.json @@ -1,14 +1,14 @@ [ { - "version": "1.32.6.7521", + "version": "1.32.6.7557", "platform": "aarch64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.6.7521-24e4dff81/debian/plexmediaserver_1.32.6.7521-24e4dff81_arm64.deb", - "hash": "19c9nryv2pl1w473ik7b655zsh97badil7fj5x0nrs295n9g5v6m" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.6.7557-1cf77d501/debian/plexmediaserver_1.32.6.7557-1cf77d501_arm64.deb", + "hash": "0ym2s425084l5lzpw9j1aqw2nc6f4l5vzizvpj1gicf4yp2dyk91" }, { - "version": "1.32.6.7521", + "version": "1.32.6.7557", "platform": "x86_64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.6.7521-24e4dff81/debian/plexmediaserver_1.32.6.7521-24e4dff81_amd64.deb", - "hash": "19h7r04ccnlhs4kh3r4fa464s07hypb3gyfk7s3bgjmqvscdnr3g" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.6.7557-1cf77d501/debian/plexmediaserver_1.32.6.7557-1cf77d501_amd64.deb", + "hash": "1jqgglyzlfzq5saa21338vn2v3x25vl24x1w17j5wq30ca7nmzdr" } ] -- 2.47.1 From 9ae32f431d8b271cf4529e36ca2884dc1c980001 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 27 Sep 2023 14:00:25 +0000 Subject: [PATCH 1813/1882] chore(deps): update renovate/renovate docker tag to v36.109.4 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 0c53717a..42cfb6ca 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.107.1 + image: renovate/renovate:36.109.4 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From b51fd43749903d9da0b87e2aaddd93eb0bd5751c Mon Sep 17 00:00:00 2001 From: Forgejo Actions Bot <> Date: Wed, 27 Sep 2023 22:03:14 +0000 Subject: [PATCH 1814/1882] Update Plex --- nixos/pkgs/plex-pass/sources.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/nixos/pkgs/plex-pass/sources.json b/nixos/pkgs/plex-pass/sources.json index 4ff6468e..c27909f5 100644 --- a/nixos/pkgs/plex-pass/sources.json +++ b/nixos/pkgs/plex-pass/sources.json @@ -1,14 +1,14 @@ [ { - "version": "1.32.6.7557", + "version": "1.32.7.7571", "platform": "aarch64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.6.7557-1cf77d501/debian/plexmediaserver_1.32.6.7557-1cf77d501_arm64.deb", - "hash": "0ym2s425084l5lzpw9j1aqw2nc6f4l5vzizvpj1gicf4yp2dyk91" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.7.7571-13cdc68dc/debian/plexmediaserver_1.32.7.7571-13cdc68dc_arm64.deb", + "hash": "0cx3cnw8f19njdywdkfzgxy13bdnqnfdg33jb2hvqcdin7fmj08q" }, { - "version": "1.32.6.7557", + "version": "1.32.7.7571", "platform": "x86_64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.6.7557-1cf77d501/debian/plexmediaserver_1.32.6.7557-1cf77d501_amd64.deb", - "hash": "1jqgglyzlfzq5saa21338vn2v3x25vl24x1w17j5wq30ca7nmzdr" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.7.7571-13cdc68dc/debian/plexmediaserver_1.32.7.7571-13cdc68dc_amd64.deb", + "hash": "1cak9p3x5p1yh76f0zfqhvymi6r0bm877gssrl7c7y42k3984xcz" } ] -- 2.47.1 From e67fe81fff33b586b5dcf9a899c449357c59e118 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 28 Sep 2023 13:27:42 +0200 Subject: [PATCH 1815/1882] updates --- nixos/common/default.nix | 2 +- nixos/hosts/hades/garage/configuration.nix | 2 +- nixos/hosts/hades/nginx/configuration.nix | 2 -- 3 files changed, 2 insertions(+), 4 deletions(-) diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 317d57df..4ba2c85e 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -75,7 +75,7 @@ nixpkgs.config.allowUnfree = true; nixpkgs.config.permittedInsecurePackages = - [ "nodejs-16.20.1" "nodejs-14.21.3" "openssl-1.1.1t" "nodejs-16.20.0" "openssl-1.1.1u" "openssl-1.1.1v" ]; + [ "nodejs-16.20.2" "nodejs-14.21.3" "openssl-1.1.1w" ]; # Limit the systemd journal to 100 MB of disk or the # last 7 days of logs, whichever happens first. diff --git a/nixos/hosts/hades/garage/configuration.nix b/nixos/hosts/hades/garage/configuration.nix index a1e52a1b..ca090ca6 100644 --- a/nixos/hosts/hades/garage/configuration.nix +++ b/nixos/hosts/hades/garage/configuration.nix @@ -23,7 +23,7 @@ in { networking.firewall.allowedTCPPorts = [ 3900 3901 3902 ]; # Defines rpc_secret - systemd.services.garage.serviceConfig.EnvironmentFile = "${vs.garage}/environment"; + systemd.services.garage.serviceConfig.EnvironmentFile = [ "${vs.garage}/environment" ]; services.garage = { enable = true; diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix index 566dcdf6..c2a2d7d8 100644 --- a/nixos/hosts/hades/nginx/configuration.nix +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -16,8 +16,6 @@ in { imports = [ ]; - nixpkgs.config.permittedInsecurePackages = [ "openssl-1.1.1t" ]; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave -- 2.47.1 From f6e8c26858fdfab5b78e3d94ee1fd3557cf60ddd Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 29 Sep 2023 11:29:42 +0200 Subject: [PATCH 1816/1882] disable nvim for all hosts --- nixos/common/desktop/home.nix | 1 + nixos/common/users/victor.nix | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index 3650e3fe..993263e1 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -40,6 +40,7 @@ in themes.v.catppuccin.enable = true; programs = { v.vscode.enable = true; + v.nvim.enable = true; riff = { enable = true; diff --git a/nixos/common/users/victor.nix b/nixos/common/users/victor.nix index 46ff5fed..9fa87ac3 100644 --- a/nixos/common/users/victor.nix +++ b/nixos/common/users/victor.nix @@ -26,7 +26,6 @@ programs = { home-manager.enable = true; - v.nvim.enable = true; v.git.enable = true; tmux = { -- 2.47.1 From a2787c070c5743143d1818b02aed4c1a1d5e68eb Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 4 Oct 2023 20:19:55 +0200 Subject: [PATCH 1817/1882] clion and rust rover --- nixos/common/desktop/home.nix | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index 3650e3fe..89fc89e8 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -20,20 +20,23 @@ in inputs.attic.packages.${pkgs.system}.attic inputs.comma.packages.${pkgs.system}.default inputs.webcord.packages.${pkgs.system}.default + jetbrains.clion + jetbrains.rust-rover kdenlive + libreoffice-fresh mattermost-desktop mullvad-vpn neofetch nixfmt nixpkgs-review plex-media-player + plexamp + qmk rustup solo2-cli tex - plexamp unzip yt-dlp - qmk ]; # Enable my own hm modules -- 2.47.1 From cf7adef251bd4e5ac91969e76e4bbff3c5132089 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 5 Oct 2023 14:00:26 +0000 Subject: [PATCH 1818/1882] chore(deps): update renovate/renovate docker tag to v37 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 42cfb6ca..267d2863 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:36.109.4 + image: renovate/renovate:37.6.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 857ae4273a4b2a7c3242292645354b491a3a1cca Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 6 Oct 2023 22:00:29 +0000 Subject: [PATCH 1819/1882] chore(deps): update renovate/renovate docker tag to v37.6.3 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 267d2863..f639c29f 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.6.2 + image: renovate/renovate:37.6.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 4a2c31a02ed4e5ead1cad266abc95a4aa3be701b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 7 Oct 2023 14:00:24 +0000 Subject: [PATCH 1820/1882] chore(deps): update renovate/renovate docker tag to v37.7.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index f639c29f..e4a68337 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.6.3 + image: renovate/renovate:37.7.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 8479436aff7e7d977c6be24e91a313618428f4a2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 8 Oct 2023 06:00:26 +0000 Subject: [PATCH 1821/1882] chore(deps): update renovate/renovate docker tag to v37.8.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index e4a68337..7468dc3c 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.7.1 + image: renovate/renovate:37.8.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From f7433afcb58ea66360e2aad7e1cdce5cd1f725a1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 8 Oct 2023 22:00:29 +0000 Subject: [PATCH 1822/1882] chore(deps): update renovate/renovate docker tag to v37.8.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 7468dc3c..cf0456c6 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.8.0 + image: renovate/renovate:37.8.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 373b6ffc3f87229c4b2a53c48aad612b53f24939 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 10 Oct 2023 14:54:37 +0200 Subject: [PATCH 1823/1882] update lock --- flake.lock | 129 ++++++++++++++++++++++++++++++++++------------------- 1 file changed, 83 insertions(+), 46 deletions(-) diff --git a/flake.lock b/flake.lock index 1218765b..6b8b908d 100644 --- a/flake.lock +++ b/flake.lock @@ -110,11 +110,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1688224393, - "narHash": "sha256-rsAvFNhRFzTF7qyb6WprLFghJnRxMFjvD2e5/dqMp4I=", + "lastModified": 1695926452, + "narHash": "sha256-ILZQx5NwLRekMHkIcKXqUqPP4di8VAOGurErzjq39bY=", "owner": "zhaofengli", "repo": "colmena", - "rev": "19384f3ee2058c56021e4465a3ec57e84a47d8dd", + "rev": "4e9b52bdbc920a55feac78369f0efd6122fdb88a", "type": "github" }, "original": { @@ -425,8 +425,9 @@ "type": "github" }, "original": { - "id": "flake-compat", - "type": "indirect" + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" } }, "flake-parts": { @@ -583,7 +584,7 @@ }, "flake-utils_7": { "inputs": { - "systems": "systems_5" + "systems": "systems_6" }, "locked": { "lastModified": 1681202837, @@ -698,11 +699,11 @@ ] }, "locked": { - "lastModified": 1695738267, - "narHash": "sha256-LTNAbTQ96xSj17xBfsFrFS9i56U2BMLpD0BduhrsVkU=", + "lastModified": 1696776279, + "narHash": "sha256-PRJiq+DSq5o/Dzd7ZYWTA8larDg4btkTICPzfjjalig=", "owner": "nix-community", "repo": "home-manager", - "rev": "0f4e5b4999fd6a42ece5da8a3a2439a50e48e486", + "rev": "6dfbdc977e059f30376e23f70f67d9726d5c91b8", "type": "github" }, "original": { @@ -724,11 +725,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1694697985, - "narHash": "sha256-tAa0pyDOazvMfEjDhajcyLadu5a3euSMzzwia37J8x8=", + "lastModified": 1696410458, + "narHash": "sha256-ohrrFywK7WIHEGWosBVRFZF5D2q2AeIGFGp9mMZRc40=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "7f92dd1e7b0ff92c65856cd9015f651c151f0229", + "rev": "ac43ac3024f814fcf3a3bab41873019109521442", "type": "github" }, "original": { @@ -894,11 +895,11 @@ ] }, "locked": { - "lastModified": 1693791338, - "narHash": "sha256-wHmtB5H8AJTUaeGHw+0hsQ6nU4VyvVrP2P4NeCocRzY=", + "lastModified": 1696058303, + "narHash": "sha256-eNqKWpF5zG0SrgbbtljFOrRgFgRzCc4++TMFADBMLnc=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "8ee78470029e641cddbd8721496da1316b47d3b4", + "rev": "150f38bd1e09e20987feacb1b0d5991357532fb5", "type": "github" }, "original": { @@ -909,11 +910,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1695541019, - "narHash": "sha256-rs++zfk41K9ArWkDAlmBDlGlKO8qeRIRzdjo+9SmNFI=", + "lastModified": 1696614066, + "narHash": "sha256-nAyYhO7TCr1tikacP37O9FnGr2USOsVBD3IgvndUYjM=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "61283b30d11f27d5b76439d43f20d0c0c8ff5296", + "rev": "bb2db418b616fea536b1be7f6ee72fb45c11afe0", "type": "github" }, "original": { @@ -1100,11 +1101,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1695597504, - "narHash": "sha256-CKhj6wOKqndfHsDg8CKVBbpJWG8zHRZRLi7MnOatf0U=", + "lastModified": 1696874314, + "narHash": "sha256-Tdq3pVF1We5rX5sI6IsyFmh0pHQmpS6GQBdaBdH0FkY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7a862f0a660d5bd850457a0ad7772e1672109ccd", + "rev": "38aa96fc39c9719994f08100f791c27d31ee7892", "type": "github" }, "original": { @@ -1115,11 +1116,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1695360818, - "narHash": "sha256-JlkN3R/SSoMTa+CasbxS1gq+GpGxXQlNZRUh9+LIy/0=", + "lastModified": 1696019113, + "narHash": "sha256-X3+DKYWJm93DRSdC5M6K5hLqzSya9BjibtBsuARoPco=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e35dcc04a3853da485a396bdd332217d0ac9054f", + "rev": "f5892ddac112a1e9b3612c39af1b72987ee5783a", "type": "github" }, "original": { @@ -1163,16 +1164,18 @@ }, "nixpkgs_8": { "locked": { - "lastModified": 1674736538, - "narHash": "sha256-/DszFMkAgYyB9dTWKkoZa9i0zcrA6Z4hYrOr/u/FSxY=", - "owner": "serokell", + "lastModified": 1696165369, + "narHash": "sha256-pd1cjFHCoEf9q5f9B0HhlOwwpBI9RP3HbUE6xjI7wAI=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "1dfdbb65d77430fc0935e8592d0abc4addcce711", + "rev": "d7186d62bb68fac3c90f1d95515e613ef299e992", "type": "github" }, "original": { - "id": "nixpkgs", - "type": "indirect" + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" } }, "nixpkgs_9": { @@ -1193,11 +1196,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1695559356, - "narHash": "sha256-kXZ1pUoImD9OEbPCwpTz4tHsNTr4CIyIfXb3ocuR8sI=", + "lastModified": 1696697597, + "narHash": "sha256-q26Qv4DQ+h6IeozF2o1secyQG0jt2VUT3V0K58jr3pg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "261abe8a44a7e8392598d038d2e01f7b33cf26d0", + "rev": "5a237aecb57296f67276ac9ab296a41c23981f56", "type": "github" }, "original": { @@ -1214,11 +1217,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1695711035, - "narHash": "sha256-zMpaY4rOdjtYRxtrzFM/Ulo10thVWHD/fxq0eecWEPQ=", + "lastModified": 1696859421, + "narHash": "sha256-cEEUxnv9oX9NDWo9cox7I5Rq59afIeEVilHkRuvE3jk=", "owner": "pta2002", "repo": "nixvim", - "rev": "70b5f969ca5e235ff47c989f4a244eba5c0b8f3b", + "rev": "934bf7e2e3770ad7302e3ac90c2011dde72ca8e7", "type": "github" }, "original": { @@ -1229,11 +1232,11 @@ }, "nur": { "locked": { - "lastModified": 1695736687, - "narHash": "sha256-UlPrbOrP1e1K9e2ELHNfF/NqAELQ0n4tsQQUj62IQXo=", + "lastModified": 1696923989, + "narHash": "sha256-cANE1rSfOb3yxQ+bH7CTXZbj34AnQyzu0g22JDbLUpE=", "owner": "nix-community", "repo": "NUR", - "rev": "edba3ca416a4f368b62425aace11a8cc9748a47f", + "rev": "0268065df586f8cae6b648432ebbda3b5ac96503", "type": "github" }, "original": { @@ -1298,11 +1301,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1695576016, - "narHash": "sha256-71KxwRhTfVuh7kNrg3/edNjYVg9DCyKZl2QIKbhRggg=", + "lastModified": 1696158581, + "narHash": "sha256-h0vY4E7Lx95lpYQbG2w4QH4yG5wCYOvPJzK93wVQbT0=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "cb770e93516a1609652fa8e945a0f310e98f10c0", + "rev": "033453f85064ccac434dfd957f95d8457901ecd6", "type": "github" }, "original": { @@ -1586,6 +1589,21 @@ "type": "github" } }, + "systems_6": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "utils": { "inputs": { "systems": "systems" @@ -1634,19 +1652,38 @@ "type": "github" } }, + "utils_4": { + "inputs": { + "systems": "systems_5" + }, + "locked": { + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "vault-secrets": { "inputs": { "flake-compat": "flake-compat_7", "flake-utils": "flake-utils_6", "nix": "nix", - "nixpkgs": "nixpkgs_8" + "nixpkgs": "nixpkgs_8", + "utils": "utils_4" }, "locked": { - "lastModified": 1686833044, - "narHash": "sha256-pl5qH72KNOgS9ivj06Nh272HTPd5cYPSL768RsYiLDg=", + "lastModified": 1696237116, + "narHash": "sha256-aXoaKr5aoS8HtEJNACekprmLZX6mUaHaiSdlNn+03XU=", "owner": "serokell", "repo": "vault-secrets", - "rev": "30c5b1c532d10e40c8a196995acee675d7d731f2", + "rev": "70053bc4a27f542dd0c1e30a1d201df6b75bdd6e", "type": "github" }, "original": { -- 2.47.1 From 520ecb4fa689e40eb3738f5f73340859603a11a6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 10 Oct 2023 22:00:33 +0000 Subject: [PATCH 1824/1882] chore(deps): update renovate/renovate docker tag to v37.13.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index cf0456c6..adf066a9 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.8.1 + image: renovate/renovate:37.13.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 6bf1c6e0dbdfb2b31c081f10d8f2f9d948bbde80 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 12 Oct 2023 14:00:30 +0000 Subject: [PATCH 1825/1882] chore(deps): update dependency fluxcd/flux2 to v2.1.2 --- .../base/flux-system/gotk-components.yaml | 70 +++++++++---------- 1 file changed, 35 insertions(+), 35 deletions(-) diff --git a/flux/olympus/base/flux-system/gotk-components.yaml b/flux/olympus/base/flux-system/gotk-components.yaml index 1d5c44b4..d8d8bed8 100644 --- a/flux/olympus/base/flux-system/gotk-components.yaml +++ b/flux/olympus/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v2.1.1 +# Flux Version: v2.1.2 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -19,7 +19,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: allow-egress namespace: flux-system spec: @@ -39,7 +39,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: allow-scraping namespace: flux-system spec: @@ -59,7 +59,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: allow-webhooks namespace: flux-system spec: @@ -78,7 +78,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: critical-pods-flux-system namespace: flux-system spec: @@ -98,7 +98,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: crd-controller-flux-system rules: - apiGroups: @@ -188,7 +188,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" name: flux-edit-flux-system @@ -214,7 +214,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-view: "true" @@ -239,7 +239,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -259,7 +259,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -294,7 +294,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -812,7 +812,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2013,7 +2013,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2609,7 +2609,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3133,7 +3133,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: ocirepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3496,7 +3496,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: source-controller namespace: flux-system --- @@ -3507,7 +3507,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 control-plane: controller name: source-controller namespace: flux-system @@ -3528,7 +3528,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 control-plane: controller name: source-controller namespace: flux-system @@ -3563,7 +3563,7 @@ spec: fieldPath: metadata.namespace - name: TUF_ROOT value: /tmp/.sigstore - image: ghcr.io/fluxcd/source-controller:v1.1.1 + image: ghcr.io/fluxcd/source-controller:v1.1.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -3627,7 +3627,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -5259,7 +5259,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: kustomize-controller namespace: flux-system --- @@ -5270,7 +5270,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 control-plane: controller name: kustomize-controller namespace: flux-system @@ -5299,7 +5299,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v1.1.0 + image: ghcr.io/fluxcd/kustomize-controller:v1.1.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5356,7 +5356,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -6283,7 +6283,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: helm-controller namespace: flux-system --- @@ -6294,7 +6294,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 control-plane: controller name: helm-controller namespace: flux-system @@ -6323,7 +6323,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.36.1 + image: ghcr.io/fluxcd/helm-controller:v0.36.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6380,7 +6380,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6817,7 +6817,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -7228,7 +7228,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -7894,7 +7894,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 name: notification-controller namespace: flux-system --- @@ -7905,7 +7905,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 control-plane: controller name: notification-controller namespace: flux-system @@ -7926,7 +7926,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 control-plane: controller name: webhook-receiver namespace: flux-system @@ -7947,7 +7947,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.1.1 + app.kubernetes.io/version: v2.1.2 control-plane: controller name: notification-controller namespace: flux-system -- 2.47.1 From fbf3951ede8960e0d63c070837ed0ed9a59b4cca Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 13 Oct 2023 22:00:30 +0000 Subject: [PATCH 1826/1882] chore(deps): update renovate/renovate docker tag to v37.19.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index adf066a9..297045b3 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.13.0 + image: renovate/renovate:37.19.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 17df29f3893a5d3bd31eebe16bcb46d7b66debb8 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 15 Oct 2023 16:29:52 +0200 Subject: [PATCH 1827/1882] update flake --- flake.lock | 50 +++++++++++++++++++++++++------------------------- flake.nix | 2 +- 2 files changed, 26 insertions(+), 26 deletions(-) diff --git a/flake.lock b/flake.lock index 6b8b908d..9c1b74c4 100644 --- a/flake.lock +++ b/flake.lock @@ -699,11 +699,11 @@ ] }, "locked": { - "lastModified": 1696776279, - "narHash": "sha256-PRJiq+DSq5o/Dzd7ZYWTA8larDg4btkTICPzfjjalig=", + "lastModified": 1697371398, + "narHash": "sha256-Tn5feZ5SoYHQM9BTjw5e06DuNu8wc21gC9+bq/kXA8Y=", "owner": "nix-community", "repo": "home-manager", - "rev": "6dfbdc977e059f30376e23f70f67d9726d5c91b8", + "rev": "3b67ae3f665379c06999641f99d94dba75b53876", "type": "github" }, "original": { @@ -725,11 +725,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1696410458, - "narHash": "sha256-ohrrFywK7WIHEGWosBVRFZF5D2q2AeIGFGp9mMZRc40=", + "lastModified": 1697302012, + "narHash": "sha256-GHDYRusc6QnAEI9dWryaLIpKG9LBqb+zQdL9l1FNqjU=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "ac43ac3024f814fcf3a3bab41873019109521442", + "rev": "62ffd894f0a0eac29078e6db836752c1f8a21b38", "type": "github" }, "original": { @@ -781,11 +781,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1689976554, - "narHash": "sha256-uWJq3sIhkqfzPmfB2RWd5XFVooGFfSuJH9ER/r302xQ=", + "lastModified": 1695910380, + "narHash": "sha256-CyzeiXQGm8ceEOSK1dffBCfO7JNp8XhQeNkUiJ5HxgY=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "c63f6e7b053c18325194ff0e274dba44e8d2271e", + "rev": "84783b661ecf33927c534b6476beb74ea3308968", "type": "gitlab" }, "original": { @@ -910,11 +910,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1696614066, - "narHash": "sha256-nAyYhO7TCr1tikacP37O9FnGr2USOsVBD3IgvndUYjM=", + "lastModified": 1697100850, + "narHash": "sha256-qSAzJVzNRIo+r3kBjL8TcpJctcgcHlnZyqdzpWgtg0M=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "bb2db418b616fea536b1be7f6ee72fb45c11afe0", + "rev": "fb6af288f6cf0f00d3af60cf9d5110433b954565", "type": "github" }, "original": { @@ -1101,16 +1101,16 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1696874314, - "narHash": "sha256-Tdq3pVF1We5rX5sI6IsyFmh0pHQmpS6GQBdaBdH0FkY=", + "lastModified": 1697059129, + "narHash": "sha256-9NJcFF9CEYPvHJ5ckE8kvINvI84SZZ87PvqMbH6pro0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "38aa96fc39c9719994f08100f791c27d31ee7892", + "rev": "5e4c2ada4fcd54b99d56d7bd62f384511a7e2593", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-unstable-small", + "ref": "nixos-unstable", "type": "indirect" } }, @@ -1196,11 +1196,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1696697597, - "narHash": "sha256-q26Qv4DQ+h6IeozF2o1secyQG0jt2VUT3V0K58jr3pg=", + "lastModified": 1697226376, + "narHash": "sha256-cumLLb1QOUtWieUnLGqo+ylNt3+fU8Lcv5Zl+tYbRUE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5a237aecb57296f67276ac9ab296a41c23981f56", + "rev": "898cb2064b6e98b8c5499f37e81adbdf2925f7c5", "type": "github" }, "original": { @@ -1217,11 +1217,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1696859421, - "narHash": "sha256-cEEUxnv9oX9NDWo9cox7I5Rq59afIeEVilHkRuvE3jk=", + "lastModified": 1697233664, + "narHash": "sha256-cDVP6YJGaWOKdBCzx42MiY2PUKXkjb2b4c/q+lK0yFY=", "owner": "pta2002", "repo": "nixvim", - "rev": "934bf7e2e3770ad7302e3ac90c2011dde72ca8e7", + "rev": "bab56daddbe70141fb5fec85adb4cc0d61180b8d", "type": "github" }, "original": { @@ -1232,11 +1232,11 @@ }, "nur": { "locked": { - "lastModified": 1696923989, - "narHash": "sha256-cANE1rSfOb3yxQ+bH7CTXZbj34AnQyzu0g22JDbLUpE=", + "lastModified": 1697363080, + "narHash": "sha256-/49Rh5mohp0ZD6HaNbDn9oIsLt+d7Tzbc/BGkb/7o+g=", "owner": "nix-community", "repo": "NUR", - "rev": "0268065df586f8cae6b648432ebbda3b5ac96503", + "rev": "5771ba6f22db037b037a8bdd82acc5467c965c7e", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 96f4d3b8..81fff41c 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "nixpkgs/nixos-unstable-small"; + nixpkgs.url = "nixpkgs/nixos-unstable"; nixpkgs_stable.url = "nixpkgs/nixos-23.05"; -- 2.47.1 From 5a6c812f33bb6433caff2ed51c437783de550631 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 15 Oct 2023 16:49:20 +0200 Subject: [PATCH 1828/1882] update flake --- nixos/common/desktop/home.nix | 2 +- nixos/hosts/thalassa/null/home/default.nix | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index 7375de11..0e96c399 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -13,7 +13,7 @@ in calibre celluloid cinny-desktop - element-desktop + element-desktop-wayland fusee-launcher gcc gimp diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index a83a1ab4..9fe33bc1 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -119,7 +119,6 @@ in calibre cinny-desktop discord-canary - element-desktop-wayland fluxcd fusee-launcher gcc -- 2.47.1 From 42ffbc8b9182c883f3ec1a493d9ab914790bc575 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 19 Oct 2023 00:02:25 +0200 Subject: [PATCH 1829/1882] update --- flake.lock | 30 ++++++++++++------------- nixos/hosts/thalassa/aoife/hardware.nix | 3 --- 2 files changed, 15 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index 9c1b74c4..0ba56c40 100644 --- a/flake.lock +++ b/flake.lock @@ -699,11 +699,11 @@ ] }, "locked": { - "lastModified": 1697371398, - "narHash": "sha256-Tn5feZ5SoYHQM9BTjw5e06DuNu8wc21gC9+bq/kXA8Y=", + "lastModified": 1697611555, + "narHash": "sha256-8nYMduRQfGSQJr2cDMyodsuGlRcJAy0Ko8K4KkjurP8=", "owner": "nix-community", "repo": "home-manager", - "rev": "3b67ae3f665379c06999641f99d94dba75b53876", + "rev": "05649393ac1f34980a5cf6a6e89de77626c9182b", "type": "github" }, "original": { @@ -725,11 +725,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1697302012, - "narHash": "sha256-GHDYRusc6QnAEI9dWryaLIpKG9LBqb+zQdL9l1FNqjU=", + "lastModified": 1697447002, + "narHash": "sha256-SEirTeG4nOa78j8f/bvwyykUiURYPIQc/gkdxycDKSc=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "62ffd894f0a0eac29078e6db836752c1f8a21b38", + "rev": "778e21733b2b7d11771caee2b4678524042dfd51", "type": "github" }, "original": { @@ -1101,11 +1101,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1697059129, - "narHash": "sha256-9NJcFF9CEYPvHJ5ckE8kvINvI84SZZ87PvqMbH6pro0=", + "lastModified": 1697456312, + "narHash": "sha256-roiSnrqb5r+ehnKCauPLugoU8S36KgmWraHgRqVYndo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5e4c2ada4fcd54b99d56d7bd62f384511a7e2593", + "rev": "ca012a02bf8327be9e488546faecae5e05d7d749", "type": "github" }, "original": { @@ -1217,11 +1217,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1697233664, - "narHash": "sha256-cDVP6YJGaWOKdBCzx42MiY2PUKXkjb2b4c/q+lK0yFY=", + "lastModified": 1697617186, + "narHash": "sha256-EWOSmlFCDBmGEKnTnU782gdGNzT4t0RJX9DwpQhKpK8=", "owner": "pta2002", "repo": "nixvim", - "rev": "bab56daddbe70141fb5fec85adb4cc0d61180b8d", + "rev": "0ece949f9881c36b07e39d7caa1db107d5a57e9e", "type": "github" }, "original": { @@ -1232,11 +1232,11 @@ }, "nur": { "locked": { - "lastModified": 1697363080, - "narHash": "sha256-/49Rh5mohp0ZD6HaNbDn9oIsLt+d7Tzbc/BGkb/7o+g=", + "lastModified": 1697620530, + "narHash": "sha256-yP1UqYQXHrA7QmXUHqlx9lVEBjzmtLPOJwmEk8fyUeY=", "owner": "nix-community", "repo": "NUR", - "rev": "5771ba6f22db037b037a8bdd82acc5467c965c7e", + "rev": "51314cbd9e37c1ed544e336b60a0ac73e1709a13", "type": "github" }, "original": { diff --git a/nixos/hosts/thalassa/aoife/hardware.nix b/nixos/hosts/thalassa/aoife/hardware.nix index 6c6e4102..df0ee6d1 100644 --- a/nixos/hosts/thalassa/aoife/hardware.nix +++ b/nixos/hosts/thalassa/aoife/hardware.nix @@ -38,9 +38,6 @@ # FS fileSystems."/".options = [ "compress=zstd" ]; - systemd.tmpfiles.rules = - [ "L+ /opt/rocm/hip - - - - ${pkgs.hip}" ]; - powerManagement = { enable = true; powertop.enable = true; -- 2.47.1 From b387d401b0b148e698ab7006caae6ef6dab9a329 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 20 Oct 2023 22:00:32 +0000 Subject: [PATCH 1830/1882] chore(deps): update renovate/renovate docker tag to v37.31.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 297045b3..b8713515 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.19.0 + image: renovate/renovate:37.31.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From c93c0d777abfcfa2b3b0ca8e527e520061f8c6c4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 23 Oct 2023 06:00:28 +0000 Subject: [PATCH 1831/1882] chore(deps): update renovate/renovate docker tag to v37.31.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index b8713515..b363aa95 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.31.1 + image: renovate/renovate:37.31.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 081a7350ea761f68ac2779f5cdfd2d83084156c3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 24 Oct 2023 22:00:32 +0000 Subject: [PATCH 1832/1882] chore(deps): update renovate/renovate docker tag to v37.31.7 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index b363aa95..54004b47 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.31.2 + image: renovate/renovate:37.31.7 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 8094ac2d5113b06af7c63d8bfbef7a1520d5fbd1 Mon Sep 17 00:00:00 2001 From: Forgejo Actions Bot <> Date: Wed, 25 Oct 2023 06:03:46 +0000 Subject: [PATCH 1833/1882] Update Plex --- nixos/pkgs/plex-pass/sources.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/nixos/pkgs/plex-pass/sources.json b/nixos/pkgs/plex-pass/sources.json index c27909f5..451dd4d3 100644 --- a/nixos/pkgs/plex-pass/sources.json +++ b/nixos/pkgs/plex-pass/sources.json @@ -1,14 +1,14 @@ [ { - "version": "1.32.7.7571", + "version": "1.32.7.7621", "platform": "aarch64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.7.7571-13cdc68dc/debian/plexmediaserver_1.32.7.7571-13cdc68dc_arm64.deb", - "hash": "0cx3cnw8f19njdywdkfzgxy13bdnqnfdg33jb2hvqcdin7fmj08q" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.7.7621-871adbd44/debian/plexmediaserver_1.32.7.7621-871adbd44_arm64.deb", + "hash": "0894hwbl05rsv80p3k0wjs1hv5jwn2zakv758kzx1dvqcmjzhy2w" }, { - "version": "1.32.7.7571", + "version": "1.32.7.7621", "platform": "x86_64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.7.7571-13cdc68dc/debian/plexmediaserver_1.32.7.7571-13cdc68dc_amd64.deb", - "hash": "1cak9p3x5p1yh76f0zfqhvymi6r0bm877gssrl7c7y42k3984xcz" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.7.7621-871adbd44/debian/plexmediaserver_1.32.7.7621-871adbd44_amd64.deb", + "hash": "0r2i4y00pcd6hkrypzmgd03w4vj2hchhicgdy3zdwjmfk3aqs4jf" } ] -- 2.47.1 From e17cd0081f06694f829de1dcd6be6f79ae3c07c5 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 25 Oct 2023 13:56:15 +0200 Subject: [PATCH 1834/1882] fix nvim --- flake.lock | 152 ++++++++++++++----------------- nixos/common/hm-modules/nvim.nix | 35 ++++--- 2 files changed, 93 insertions(+), 94 deletions(-) diff --git a/flake.lock b/flake.lock index 0ba56c40..ece57131 100644 --- a/flake.lock +++ b/flake.lock @@ -110,11 +110,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1695926452, - "narHash": "sha256-ILZQx5NwLRekMHkIcKXqUqPP4di8VAOGurErzjq39bY=", + "lastModified": 1698144717, + "narHash": "sha256-uN3u8LjqmVVTqam80YgzcOWCSixZg2hRjUBGHbqTX0Y=", "owner": "zhaofengli", "repo": "colmena", - "rev": "4e9b52bdbc920a55feac78369f0efd6122fdb88a", + "rev": "3538f18b30a8b1ca67978972419263d2849331a7", "type": "github" }, "original": { @@ -131,11 +131,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1694469372, - "narHash": "sha256-cgBpiixX562pyAaXzWgDWxxZnV1a+D3N9qjqb9Dt1no=", + "lastModified": 1698117587, + "narHash": "sha256-2v4rpSK7SHQfzs2jqqJp/Sd/YA07jA1e9NcxcW4nT54=", "owner": "nix-community", "repo": "comma", - "rev": "4c06de761a390f57fdf98fb0461e3089ec5c1a8a", + "rev": "0373430d2f3246289fd7dab9867a28e2bab39300", "type": "github" }, "original": { @@ -176,29 +176,17 @@ }, "crane_2": { "inputs": { - "flake-compat": [ - "lanzaboote", - "flake-compat" - ], - "flake-utils": [ - "lanzaboote", - "flake-utils" - ], "nixpkgs": [ "lanzaboote", "nixpkgs" - ], - "rust-overlay": [ - "lanzaboote", - "rust-overlay" ] }, "locked": { - "lastModified": 1688772518, - "narHash": "sha256-ol7gZxwvgLnxNSZwFTDJJ49xVY5teaSvF7lzlo3YQfM=", + "lastModified": 1697840921, + "narHash": "sha256-zXHwu104SQOxogkMgg+w22c3+zI/FvK83TAkfLmeKw0=", "owner": "ipetkov", "repo": "crane", - "rev": "8b08e96c9af8c6e3a2b69af5a7fa168750fcf88e", + "rev": "758ae442227103fa501276e8225609a11c99718e", "type": "github" }, "original": { @@ -353,11 +341,11 @@ "flake-compat_3": { "flake": false, "locked": { - "lastModified": 1673956053, - "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "owner": "edolstra", "repo": "flake-compat", - "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", "type": "github" }, "original": { @@ -369,11 +357,11 @@ "flake-compat_4": { "flake": false, "locked": { - "lastModified": 1673956053, - "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "owner": "edolstra", "repo": "flake-compat", - "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", "type": "github" }, "original": { @@ -438,11 +426,11 @@ ] }, "locked": { - "lastModified": 1688466019, - "narHash": "sha256-VeM2akYrBYMsb4W/MmBo1zmaMfgbL4cH3Pu8PGyIwJ0=", + "lastModified": 1696343447, + "narHash": "sha256-B2xAZKLkkeRFG5XcHHSXXcP7To9Xzr59KXeZiRf4vdQ=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "8e8d955c22df93dbe24f19ea04f47a74adbdc5ec", + "rev": "c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4", "type": "github" }, "original": { @@ -519,11 +507,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1689068808, - "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", "owner": "numtide", "repo": "flake-utils", - "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", "type": "github" }, "original": { @@ -699,11 +687,11 @@ ] }, "locked": { - "lastModified": 1697611555, - "narHash": "sha256-8nYMduRQfGSQJr2cDMyodsuGlRcJAy0Ko8K4KkjurP8=", + "lastModified": 1698162493, + "narHash": "sha256-Zehw3cWiTXGGlDDjzTgIX1BhWG+049D/RcSMAiypAcM=", "owner": "nix-community", "repo": "home-manager", - "rev": "05649393ac1f34980a5cf6a6e89de77626c9182b", + "rev": "14b54157201fd574b0fa1b3ce7394c9d3a87fbc1", "type": "github" }, "original": { @@ -725,11 +713,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1697447002, - "narHash": "sha256-SEirTeG4nOa78j8f/bvwyykUiURYPIQc/gkdxycDKSc=", + "lastModified": 1698100456, + "narHash": "sha256-Hx9ZVZYARVbzJB0fFNe/lPE9a4oP1dDGJnl3siRtBJ0=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "778e21733b2b7d11771caee2b4678524042dfd51", + "rev": "bb380e19488ec6105d07b57c23ac518be51bf901", "type": "github" }, "original": { @@ -802,11 +790,11 @@ ] }, "locked": { - "lastModified": 1688534083, - "narHash": "sha256-/bI5vsioXscQTsx+Hk9X5HfweeNZz/6kVKsbdqfwW7g=", + "lastModified": 1697664192, + "narHash": "sha256-nRTG3rYEGFV2+putRiC96+kNXDyKaPJgT6K/1FWN7yo=", "owner": "nix-community", "repo": "naersk", - "rev": "abca1fb7a6cfdd355231fc220c3d0302dbb4369a", + "rev": "636a9b5dd7f2ad7d7c3af929ecf95e4d4fab9e97", "type": "github" }, "original": { @@ -910,11 +898,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1697100850, - "narHash": "sha256-qSAzJVzNRIo+r3kBjL8TcpJctcgcHlnZyqdzpWgtg0M=", + "lastModified": 1698053470, + "narHash": "sha256-sP8D/41UiwC2qn0X40oi+DfuVzNHMROqIWdSdCI/AYA=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "fb6af288f6cf0f00d3af60cf9d5110433b954565", + "rev": "80d98a7d55c6e27954a166cb583a41325e9512d7", "type": "github" }, "original": { @@ -1069,11 +1057,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1683408522, - "narHash": "sha256-9kcPh6Uxo17a3kK3XCHhcWiV1Yu1kYj22RHiymUhMkU=", + "lastModified": 1696019113, + "narHash": "sha256-X3+DKYWJm93DRSdC5M6K5hLqzSya9BjibtBsuARoPco=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "897876e4c484f1e8f92009fd11b7d988a121a4e7", + "rev": "f5892ddac112a1e9b3612c39af1b72987ee5783a", "type": "github" }, "original": { @@ -1085,11 +1073,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1689321787, - "narHash": "sha256-ifk7hrfWnJaLlcjCf8YaWDR+9kQ0uT3x9eCz31D9qB0=", + "lastModified": 1697915759, + "narHash": "sha256-WyMj5jGcecD+KC8gEs+wFth1J1wjisZf8kVZH13f1Zo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c11464c6625d9a71d91a3718a3567394638efc3e", + "rev": "51d906d2341c9e866e48c2efcaac0f2d70bfd43e", "type": "github" }, "original": { @@ -1101,11 +1089,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1697456312, - "narHash": "sha256-roiSnrqb5r+ehnKCauPLugoU8S36KgmWraHgRqVYndo=", + "lastModified": 1697723726, + "narHash": "sha256-SaTWPkI8a5xSHX/rrKzUe+/uVNy6zCGMXgoeMb7T9rg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ca012a02bf8327be9e488546faecae5e05d7d749", + "rev": "7c9cc5a6e5d38010801741ac830a3f8fd667a7a0", "type": "github" }, "original": { @@ -1116,11 +1104,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1696019113, - "narHash": "sha256-X3+DKYWJm93DRSdC5M6K5hLqzSya9BjibtBsuARoPco=", + "lastModified": 1697723726, + "narHash": "sha256-SaTWPkI8a5xSHX/rrKzUe+/uVNy6zCGMXgoeMb7T9rg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f5892ddac112a1e9b3612c39af1b72987ee5783a", + "rev": "7c9cc5a6e5d38010801741ac830a3f8fd667a7a0", "type": "github" }, "original": { @@ -1196,11 +1184,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1697226376, - "narHash": "sha256-cumLLb1QOUtWieUnLGqo+ylNt3+fU8Lcv5Zl+tYbRUE=", + "lastModified": 1697851979, + "narHash": "sha256-lJ8k4qkkwdvi+t/Xc6Fn74kUuobpu9ynPGxNZR6OwoA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "898cb2064b6e98b8c5499f37e81adbdf2925f7c5", + "rev": "5550a85a087c04ddcace7f892b0bdc9d8bb080c8", "type": "github" }, "original": { @@ -1217,11 +1205,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1697617186, - "narHash": "sha256-EWOSmlFCDBmGEKnTnU782gdGNzT4t0RJX9DwpQhKpK8=", + "lastModified": 1698063089, + "narHash": "sha256-fJRcsO+KHf0K04fRHIS6HETJRWMakTNbUaWx8WeYHX4=", "owner": "pta2002", "repo": "nixvim", - "rev": "0ece949f9881c36b07e39d7caa1db107d5a57e9e", + "rev": "0c5dcb56d105addedd001f043e6a32ab9f1abe92", "type": "github" }, "original": { @@ -1232,11 +1220,11 @@ }, "nur": { "locked": { - "lastModified": 1697620530, - "narHash": "sha256-yP1UqYQXHrA7QmXUHqlx9lVEBjzmtLPOJwmEk8fyUeY=", + "lastModified": 1698230934, + "narHash": "sha256-SHVA4EYNgJqKu3sY0K8uzVGFwAuPFQzNqf6s3nUFr0Q=", "owner": "nix-community", "repo": "NUR", - "rev": "51314cbd9e37c1ed544e336b60a0ac73e1709a13", + "rev": "b61c5c0065ca5842a22228adec3ec8697c96899e", "type": "github" }, "original": { @@ -1301,11 +1289,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1696158581, - "narHash": "sha256-h0vY4E7Lx95lpYQbG2w4QH4yG5wCYOvPJzK93wVQbT0=", + "lastModified": 1697746376, + "narHash": "sha256-gu77VkgdfaHgNCVufeb6WP9oqFLjwK4jHcoPZmBVF3E=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "033453f85064ccac434dfd957f95d8457901ecd6", + "rev": "8cc349bfd082da8782b989cad2158c9ad5bd70fd", "type": "github" }, "original": { @@ -1332,11 +1320,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1689668210, - "narHash": "sha256-XAATwDkaUxH958yXLs1lcEOmU6pSEIkatY3qjqk8X0E=", + "lastModified": 1697746376, + "narHash": "sha256-gu77VkgdfaHgNCVufeb6WP9oqFLjwK4jHcoPZmBVF3E=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "eb433bff05b285258be76513add6f6c57b441775", + "rev": "8cc349bfd082da8782b989cad2158c9ad5bd70fd", "type": "github" }, "original": { @@ -1485,11 +1473,11 @@ ] }, "locked": { - "lastModified": 1694657451, - "narHash": "sha256-cRZa9ZmUi0EFKcmzpsOXLVhiMQD8XLrku8v+U1YiGm8=", + "lastModified": 1697940838, + "narHash": "sha256-eyk92QqAoRNC0V99KOcKcBZjLPixxNBS0PRc4KlSQVs=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "7c4f46f0b3597e3c4663285e6794194e55574879", + "rev": "a3e829c06eadf848f13d109c7648570ce37ebccd", "type": "github" }, "original": { @@ -1500,16 +1488,16 @@ }, "stable": { "locked": { - "lastModified": 1669735802, - "narHash": "sha256-qtG/o/i5ZWZLmXw108N2aPiVsxOcidpHJYNkT45ry9Q=", + "lastModified": 1696039360, + "narHash": "sha256-g7nIUV4uq1TOVeVIDEZLb005suTWCUjSY0zYOlSBsyE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "731cc710aeebecbf45a258e977e8b68350549522", + "rev": "32dcb45f66c0487e92db8303a798ebc548cadedc", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-22.11", + "ref": "nixos-23.05", "repo": "nixpkgs", "type": "github" } @@ -1609,11 +1597,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1689068808, - "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", "owner": "numtide", "repo": "flake-utils", - "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", "type": "github" }, "original": { diff --git a/nixos/common/hm-modules/nvim.nix b/nixos/common/hm-modules/nvim.nix index 8d9e306c..3b83a7e3 100644 --- a/nixos/common/hm-modules/nvim.nix +++ b/nixos/common/hm-modules/nvim.nix @@ -9,19 +9,30 @@ in { package = pkgs.neovim-unwrapped; vimAlias = true; - globals = { mapleader = " "; }; + globals.mapleader = " "; - options = { number = true; }; + options.number = true; - maps.normal = { - "ff" = "lua require('telescope.builtin').find_files()"; - "fg" = "lua require('telescope.builtin').live_grep()"; - - "" = - "lua require('Comment.api').toggle.linewise.current()"; # map ctrl+/ to commenting code - - "g=" = "lua vim.lsp.buf.format{async=true}"; - }; + keymaps = [ + { + key = "ff"; + mode = "n"; + lua = true; + action = "require('telescope.builtin').find_files()"; + } + { + key = "fg"; + mode = "n"; + lua = true; + action = "require('Comment.api').toggle.linewise.current()"; + } + { + key = "g="; + mode = "n"; + lua = true; + action = "vim.lsp.buf.format{async=true}"; + } + ]; extraPlugins = with pkgs.vimPlugins; [ catppuccin-nvim luasnip ]; @@ -31,7 +42,7 @@ in { plugins = { bufferline.enable = true; - null-ls = { + none-ls = { enable = true; sources = { formatting.nixpkgs_fmt.enable = true; -- 2.47.1 From 98e2fa62958aed1929344601ffaaef9671c748a2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 25 Oct 2023 14:00:29 +0000 Subject: [PATCH 1835/1882] chore(deps): update renovate/renovate docker tag to v37.33.1 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 54004b47..03519f46 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.31.7 + image: renovate/renovate:37.33.1 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From a8eb8941a2023f69b7162992e5b1f3f04c72a4dc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 26 Oct 2023 22:00:34 +0000 Subject: [PATCH 1836/1882] chore(deps): update renovate/renovate docker tag to v37.33.6 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 03519f46..a8c33543 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.33.1 + image: renovate/renovate:37.33.6 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 5c89bde2a34e54bc0225a8257ebf9c793073b9f2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 27 Oct 2023 22:00:30 +0000 Subject: [PATCH 1837/1882] chore(deps): update renovate/renovate docker tag to v37.34.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index a8c33543..c7995e08 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.33.6 + image: renovate/renovate:37.34.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From f3362b00d60da67a88adca73ba77fd4f8fd8c3de Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 28 Oct 2023 13:57:10 +0200 Subject: [PATCH 1838/1882] flake update --- flake.lock | 54 +++++++++++++++++++++++++++--------------------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/flake.lock b/flake.lock index ece57131..c42ae6a9 100644 --- a/flake.lock +++ b/flake.lock @@ -50,11 +50,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1692225040, - "narHash": "sha256-jbQNvkgWGioiC6S39dZVyn6us8p/DlEvm5hQKEYkzDU=", + "lastModified": 1698258239, + "narHash": "sha256-qnhoYYIJ0L/P7H/f56lQUEvpzNlXh4sxuHpRERV+B44=", "owner": "zhaofengli", "repo": "attic", - "rev": "b43d12082e34bceb26038bdad0438fd68804cfcd", + "rev": "e9918bc6be268da6fa97af6ced15193d8a0421c0", "type": "github" }, "original": { @@ -131,11 +131,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1698117587, - "narHash": "sha256-2v4rpSK7SHQfzs2jqqJp/Sd/YA07jA1e9NcxcW4nT54=", + "lastModified": 1698440846, + "narHash": "sha256-GKvNrjbuuHoahfGK9V2UMtT6qf91SWLdXrrTITBmR6k=", "owner": "nix-community", "repo": "comma", - "rev": "0373430d2f3246289fd7dab9867a28e2bab39300", + "rev": "5ecd5024b4e490a0a69628c5ae96506f141551c0", "type": "github" }, "original": { @@ -687,11 +687,11 @@ ] }, "locked": { - "lastModified": 1698162493, - "narHash": "sha256-Zehw3cWiTXGGlDDjzTgIX1BhWG+049D/RcSMAiypAcM=", + "lastModified": 1698479159, + "narHash": "sha256-rJHBDwW4LbADEfhkgGHjKGfL2dF44NrlyXdXeZrQahs=", "owner": "nix-community", "repo": "home-manager", - "rev": "14b54157201fd574b0fa1b3ce7394c9d3a87fbc1", + "rev": "f92a54fef4eacdbe86b0a2054054dd58b0e2a2a4", "type": "github" }, "original": { @@ -1089,11 +1089,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1697723726, - "narHash": "sha256-SaTWPkI8a5xSHX/rrKzUe+/uVNy6zCGMXgoeMb7T9rg=", + "lastModified": 1698318101, + "narHash": "sha256-gUihHt3yPD7bVqg+k/UVHgngyaJ3DMEBchbymBMvK1E=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7c9cc5a6e5d38010801741ac830a3f8fd667a7a0", + "rev": "63678e9f3d3afecfeafa0acead6239cdb447574c", "type": "github" }, "original": { @@ -1104,11 +1104,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1697723726, - "narHash": "sha256-SaTWPkI8a5xSHX/rrKzUe+/uVNy6zCGMXgoeMb7T9rg=", + "lastModified": 1698134075, + "narHash": "sha256-foCD+nuKzfh49bIoiCBur4+Fx1nozo+4C/6k8BYk4sg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7c9cc5a6e5d38010801741ac830a3f8fd667a7a0", + "rev": "8efd5d1e283604f75a808a20e6cde0ef313d07d4", "type": "github" }, "original": { @@ -1184,11 +1184,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1697851979, - "narHash": "sha256-lJ8k4qkkwdvi+t/Xc6Fn74kUuobpu9ynPGxNZR6OwoA=", + "lastModified": 1698288402, + "narHash": "sha256-jIIjApPdm+4yt8PglX8pUOexAdEiAax/DXW3S/Mb21E=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5550a85a087c04ddcace7f892b0bdc9d8bb080c8", + "rev": "60b9db998f71ea49e1a9c41824d09aa274be1344", "type": "github" }, "original": { @@ -1205,11 +1205,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1698063089, - "narHash": "sha256-fJRcsO+KHf0K04fRHIS6HETJRWMakTNbUaWx8WeYHX4=", + "lastModified": 1698490209, + "narHash": "sha256-46oG4hK02FLAWI+nuWT19NHbsjzpbOHCEv46jtsgwyY=", "owner": "pta2002", "repo": "nixvim", - "rev": "0c5dcb56d105addedd001f043e6a32ab9f1abe92", + "rev": "8e34083935d67e4ec134fe6e221da8fb09ae43a6", "type": "github" }, "original": { @@ -1220,11 +1220,11 @@ }, "nur": { "locked": { - "lastModified": 1698230934, - "narHash": "sha256-SHVA4EYNgJqKu3sY0K8uzVGFwAuPFQzNqf6s3nUFr0Q=", + "lastModified": 1698486372, + "narHash": "sha256-gLMfZbqjUHh46rrGFjjzScQvuYyx8OZD3akEuo8IT6A=", "owner": "nix-community", "repo": "NUR", - "rev": "b61c5c0065ca5842a22228adec3ec8697c96899e", + "rev": "1d9489ab1c262752a1ccddf01e8a4054cd2cb45c", "type": "github" }, "original": { @@ -1289,11 +1289,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1697746376, - "narHash": "sha256-gu77VkgdfaHgNCVufeb6WP9oqFLjwK4jHcoPZmBVF3E=", + "lastModified": 1698227354, + "narHash": "sha256-Fi5H9jbaQLmLw9qBi/mkR33CoFjNbobo5xWdX4tKz1Q=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "8cc349bfd082da8782b989cad2158c9ad5bd70fd", + "rev": "bd38df3d508dfcdff52cd243d297f218ed2257bf", "type": "github" }, "original": { -- 2.47.1 From 7270c0115830dcec189460a64d65ae55d62dfef6 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 29 Oct 2023 15:11:57 +0100 Subject: [PATCH 1839/1882] add forward --- flake.lock | 30 +++++++++---------- .../olympus/mailserver/configuration.nix | 4 +++ 2 files changed, 19 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index c42ae6a9..896646f9 100644 --- a/flake.lock +++ b/flake.lock @@ -713,11 +713,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1698100456, - "narHash": "sha256-Hx9ZVZYARVbzJB0fFNe/lPE9a4oP1dDGJnl3siRtBJ0=", + "lastModified": 1698582829, + "narHash": "sha256-C+KgImlMD/39AlRtHr9KXEmhmAWrSMZmn/cagOgARQk=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "bb380e19488ec6105d07b57c23ac518be51bf901", + "rev": "a5e89456fc931d89917eb1818371762481fead9f", "type": "github" }, "original": { @@ -1104,11 +1104,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1698134075, - "narHash": "sha256-foCD+nuKzfh49bIoiCBur4+Fx1nozo+4C/6k8BYk4sg=", + "lastModified": 1698318101, + "narHash": "sha256-gUihHt3yPD7bVqg+k/UVHgngyaJ3DMEBchbymBMvK1E=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8efd5d1e283604f75a808a20e6cde0ef313d07d4", + "rev": "63678e9f3d3afecfeafa0acead6239cdb447574c", "type": "github" }, "original": { @@ -1184,11 +1184,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1698288402, - "narHash": "sha256-jIIjApPdm+4yt8PglX8pUOexAdEiAax/DXW3S/Mb21E=", + "lastModified": 1698434055, + "narHash": "sha256-Phxi5mUKSoL7A0IYUiYtkI9e8NcGaaV5PJEaJApU1Ko=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "60b9db998f71ea49e1a9c41824d09aa274be1344", + "rev": "1a3c95e3b23b3cdb26750621c08cc2f1560cb883", "type": "github" }, "original": { @@ -1205,11 +1205,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1698490209, - "narHash": "sha256-46oG4hK02FLAWI+nuWT19NHbsjzpbOHCEv46jtsgwyY=", + "lastModified": 1698504351, + "narHash": "sha256-/bj7Sy32j2HPtIuwjV94ZqF3A8A3CIouOngz8pdMn2I=", "owner": "pta2002", "repo": "nixvim", - "rev": "8e34083935d67e4ec134fe6e221da8fb09ae43a6", + "rev": "9004ffe32f68bb9cc3e5907bdb55ceccddca44a0", "type": "github" }, "original": { @@ -1220,11 +1220,11 @@ }, "nur": { "locked": { - "lastModified": 1698486372, - "narHash": "sha256-gLMfZbqjUHh46rrGFjjzScQvuYyx8OZD3akEuo8IT6A=", + "lastModified": 1698587123, + "narHash": "sha256-xTcfehuX5AgsFlHz2ndlaGsjLorHQ2TYJDykLY1G69w=", "owner": "nix-community", "repo": "NUR", - "rev": "1d9489ab1c262752a1ccddf01e8a4054cd2cb45c", + "rev": "8086174f8df85cb4d583c64351a4f7b410b87392", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index da3ce19a..c434d166 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -36,6 +36,10 @@ in { enable = true; }; + forwards = { + "thijmen@xirion.net" = "Thijmen@nouwens-lindemans.nl"; + }; + loginAccounts = { # People "v@0x76.dev" = { -- 2.47.1 From 305ca412be8ed3019885dbdd732284bd152c528e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 29 Oct 2023 23:00:30 +0000 Subject: [PATCH 1840/1882] chore(deps): update renovate/renovate docker tag to v37.35.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index c7995e08..764b5d68 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.34.2 + image: renovate/renovate:37.35.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 92f141dbad5367d235f04681fd43d60cc504a076 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Oct 2023 15:00:26 +0000 Subject: [PATCH 1841/1882] chore(deps): update helm release external-secrets to v0.9.8 --- flux/olympus/core/external-secrets/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/core/external-secrets/helm-release.yaml b/flux/olympus/core/external-secrets/helm-release.yaml index 7fa3995e..e39af7e7 100644 --- a/flux/olympus/core/external-secrets/helm-release.yaml +++ b/flux/olympus/core/external-secrets/helm-release.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: external-secrets - version: 0.9.5 + version: 0.9.8 interval: 30m sourceRef: kind: HelmRepository -- 2.47.1 From f62c2b5cc054f2f393ef0f92f9d2e08f3de414ac Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 31 Oct 2023 17:56:38 +0100 Subject: [PATCH 1842/1882] fix nvim --- flake.lock | 60 ++++++++++++++++---------------- nixos/common/hm-modules/nvim.nix | 39 +++++++++++++++++---- 2 files changed, 63 insertions(+), 36 deletions(-) diff --git a/flake.lock b/flake.lock index 896646f9..068c8927 100644 --- a/flake.lock +++ b/flake.lock @@ -182,11 +182,11 @@ ] }, "locked": { - "lastModified": 1697840921, - "narHash": "sha256-zXHwu104SQOxogkMgg+w22c3+zI/FvK83TAkfLmeKw0=", + "lastModified": 1698166613, + "narHash": "sha256-y4rdN4flxRiROqNi1waMYIZj/Fs7L2OrszFk/1ry9vU=", "owner": "ipetkov", "repo": "crane", - "rev": "758ae442227103fa501276e8225609a11c99718e", + "rev": "b7db46f0f1751f7b1d1911f6be7daf568ad5bc65", "type": "github" }, "original": { @@ -426,11 +426,11 @@ ] }, "locked": { - "lastModified": 1696343447, - "narHash": "sha256-B2xAZKLkkeRFG5XcHHSXXcP7To9Xzr59KXeZiRf4vdQ=", + "lastModified": 1698579227, + "narHash": "sha256-KVWjFZky+gRuWennKsbo6cWyo7c/z/VgCte5pR9pEKg=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4", + "rev": "f76e870d64779109e41370848074ac4eaa1606ec", "type": "github" }, "original": { @@ -687,11 +687,11 @@ ] }, "locked": { - "lastModified": 1698479159, - "narHash": "sha256-rJHBDwW4LbADEfhkgGHjKGfL2dF44NrlyXdXeZrQahs=", + "lastModified": 1698670511, + "narHash": "sha256-jQIu3UhBMPHXzVkHQO1O2gg8SVo5lqAVoC6mOaLQcLQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "f92a54fef4eacdbe86b0a2054054dd58b0e2a2a4", + "rev": "8e5416b478e465985eec274bc3a018024435c106", "type": "github" }, "original": { @@ -713,11 +713,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1698582829, - "narHash": "sha256-C+KgImlMD/39AlRtHr9KXEmhmAWrSMZmn/cagOgARQk=", + "lastModified": 1698669922, + "narHash": "sha256-qgx17PQkAwF4S2jdXk2bs2wifOhjesiAdVAmFqL5GNM=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "a5e89456fc931d89917eb1818371762481fead9f", + "rev": "781303ad7ca3e41d38d18b6fd293163a61d4b319", "type": "github" }, "original": { @@ -1089,11 +1089,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1698318101, - "narHash": "sha256-gUihHt3yPD7bVqg+k/UVHgngyaJ3DMEBchbymBMvK1E=", + "lastModified": 1698611440, + "narHash": "sha256-jPjHjrerhYDy3q9+s5EAsuhyhuknNfowY6yt6pjn9pc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "63678e9f3d3afecfeafa0acead6239cdb447574c", + "rev": "0cbe9f69c234a7700596e943bfae7ef27a31b735", "type": "github" }, "original": { @@ -1184,11 +1184,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1698434055, - "narHash": "sha256-Phxi5mUKSoL7A0IYUiYtkI9e8NcGaaV5PJEaJApU1Ko=", + "lastModified": 1698562188, + "narHash": "sha256-9nkxGnA/T+jLhHAMFRW157Qi/zfbf5dF1q7HfKROl3o=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1a3c95e3b23b3cdb26750621c08cc2f1560cb883", + "rev": "3e10c80821dedb93592682379f476745f370a58e", "type": "github" }, "original": { @@ -1205,11 +1205,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1698504351, - "narHash": "sha256-/bj7Sy32j2HPtIuwjV94ZqF3A8A3CIouOngz8pdMn2I=", + "lastModified": 1698761408, + "narHash": "sha256-9uw2BSrhFaWZwOstP6hY8jgrs/w45kz7TSP5+KdZZKg=", "owner": "pta2002", "repo": "nixvim", - "rev": "9004ffe32f68bb9cc3e5907bdb55ceccddca44a0", + "rev": "77a3f3c29817e8ec14448022c934ae708968fd22", "type": "github" }, "original": { @@ -1220,11 +1220,11 @@ }, "nur": { "locked": { - "lastModified": 1698587123, - "narHash": "sha256-xTcfehuX5AgsFlHz2ndlaGsjLorHQ2TYJDykLY1G69w=", + "lastModified": 1698768230, + "narHash": "sha256-+JF5f55wMLPVMbFnxL8ssDPU///dWIeyqjMvFvkyF9I=", "owner": "nix-community", "repo": "NUR", - "rev": "8086174f8df85cb4d583c64351a4f7b410b87392", + "rev": "50fc27d8d5623c0abc0f8db1d4431a8731a9a86e", "type": "github" }, "original": { @@ -1320,11 +1320,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1697746376, - "narHash": "sha256-gu77VkgdfaHgNCVufeb6WP9oqFLjwK4jHcoPZmBVF3E=", + "lastModified": 1698227354, + "narHash": "sha256-Fi5H9jbaQLmLw9qBi/mkR33CoFjNbobo5xWdX4tKz1Q=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "8cc349bfd082da8782b989cad2158c9ad5bd70fd", + "rev": "bd38df3d508dfcdff52cd243d297f218ed2257bf", "type": "github" }, "original": { @@ -1473,11 +1473,11 @@ ] }, "locked": { - "lastModified": 1697940838, - "narHash": "sha256-eyk92QqAoRNC0V99KOcKcBZjLPixxNBS0PRc4KlSQVs=", + "lastModified": 1698631970, + "narHash": "sha256-uO+iqGslP1TdH0q3pMkpo6XHtzoEa6bjjF3dEQJSDcc=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "a3e829c06eadf848f13d109c7648570ce37ebccd", + "rev": "44210df7a70dcf0a81a5919f9422b6ae589ee673", "type": "github" }, "original": { diff --git a/nixos/common/hm-modules/nvim.nix b/nixos/common/hm-modules/nvim.nix index 3b83a7e3..2accf6a0 100644 --- a/nixos/common/hm-modules/nvim.nix +++ b/nixos/common/hm-modules/nvim.nix @@ -15,25 +15,52 @@ in { keymaps = [ { + mode = "n"; key = "ff"; - mode = "n"; + action = "require('telescope.builtin').find_files"; lua = true; - action = "require('telescope.builtin').find_files()"; } { + mode = "n"; key = "fg"; - mode = "n"; + action = "require('telescope.builtin').live_grep"; lua = true; - action = "require('Comment.api').toggle.linewise.current()"; } { - key = "g="; mode = "n"; + key = ""; + action = "require('Comment.api').toggle.linewise.current"; + lua = true; + } + { + mode = "n"; + key = "g="; + action = "vim.lsp.buf.format"; lua = true; - action = "vim.lsp.buf.format{async=true}"; } ]; + # keymaps = [ + # { + # key = "ff"; + # mode = "n"; + # lua = true; + # action = "require('telescope.builtin').find_files()"; + # } + # { + # key = "fg"; + # mode = "n"; + # lua = true; + # action = "require('Comment.api').toggle.linewise.current()"; + # } + # { + # key = "g="; + # mode = "n"; + # lua = true; + # action = "vim.lsp.buf.format{async=true}"; + # } + # ]; + extraPlugins = with pkgs.vimPlugins; [ catppuccin-nvim luasnip ]; colorscheme = "catppuccin-frappe"; -- 2.47.1 From acf981e3bba9afe04dfe0520e02a5948555b4d34 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 31 Oct 2023 23:00:27 +0000 Subject: [PATCH 1843/1882] chore(deps): update renovate/renovate docker tag to v37.37.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 764b5d68..1b1cfb3b 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.35.2 + image: renovate/renovate:37.37.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From b36c8b4ead9003101b41f8301a38c874500a7d04 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Nov 2023 23:00:26 +0000 Subject: [PATCH 1844/1882] chore(deps): update renovate/renovate docker tag to v37.42.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 1b1cfb3b..fd231cf0 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.37.2 + image: renovate/renovate:37.42.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 2f345a68650b6d17b7fee5977e7186819f3094a8 Mon Sep 17 00:00:00 2001 From: Forgejo Actions Bot <> Date: Thu, 2 Nov 2023 07:03:25 +0000 Subject: [PATCH 1845/1882] Update Plex --- nixos/pkgs/plex-pass/sources.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/nixos/pkgs/plex-pass/sources.json b/nixos/pkgs/plex-pass/sources.json index 451dd4d3..ad6acea4 100644 --- a/nixos/pkgs/plex-pass/sources.json +++ b/nixos/pkgs/plex-pass/sources.json @@ -1,14 +1,14 @@ [ { - "version": "1.32.7.7621", + "version": "1.32.8.7639", "platform": "aarch64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.7.7621-871adbd44/debian/plexmediaserver_1.32.7.7621-871adbd44_arm64.deb", - "hash": "0894hwbl05rsv80p3k0wjs1hv5jwn2zakv758kzx1dvqcmjzhy2w" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.8.7639-fb6452ebf/debian/plexmediaserver_1.32.8.7639-fb6452ebf_arm64.deb", + "hash": "1drfqcjlp4qyy47wy7mjwxi36c8q3dly0nmzgjbnl8b0v7jmpldz" }, { - "version": "1.32.7.7621", + "version": "1.32.8.7639", "platform": "x86_64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.7.7621-871adbd44/debian/plexmediaserver_1.32.7.7621-871adbd44_amd64.deb", - "hash": "0r2i4y00pcd6hkrypzmgd03w4vj2hchhicgdy3zdwjmfk3aqs4jf" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.8.7639-fb6452ebf/debian/plexmediaserver_1.32.8.7639-fb6452ebf_amd64.deb", + "hash": "1jzxfjjislfwmr9jyjvh4iy5p9kl7af47hpx9kqlivp6vc0rblcd" } ] -- 2.47.1 From e9de6392afc63b301053ff9e47cfaba90bed19f1 Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 2 Nov 2023 11:32:05 +0100 Subject: [PATCH 1846/1882] minor updates --- flake.lock | 30 +++++++++++++++--------------- nixos/common/desktop/home.nix | 1 + 2 files changed, 16 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 068c8927..7a7e15f9 100644 --- a/flake.lock +++ b/flake.lock @@ -687,11 +687,11 @@ ] }, "locked": { - "lastModified": 1698670511, - "narHash": "sha256-jQIu3UhBMPHXzVkHQO1O2gg8SVo5lqAVoC6mOaLQcLQ=", + "lastModified": 1698873617, + "narHash": "sha256-FfGFcfbULwbK1vD+H0rslIOfmy4g8f2hXiPkQG3ZCTk=", "owner": "nix-community", "repo": "home-manager", - "rev": "8e5416b478e465985eec274bc3a018024435c106", + "rev": "48b0a30202516e25d9885525fbb200a045f23f26", "type": "github" }, "original": { @@ -898,11 +898,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1698053470, - "narHash": "sha256-sP8D/41UiwC2qn0X40oi+DfuVzNHMROqIWdSdCI/AYA=", + "lastModified": 1698853384, + "narHash": "sha256-/FQ2WeCjdjdNo9eGTO7JruGAjO2Ccime8y1OU4/Aesk=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "80d98a7d55c6e27954a166cb583a41325e9512d7", + "rev": "11d50c5d52472ed40d3cb109daad03c836d2b328", "type": "github" }, "original": { @@ -1184,11 +1184,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1698562188, - "narHash": "sha256-9nkxGnA/T+jLhHAMFRW157Qi/zfbf5dF1q7HfKROl3o=", + "lastModified": 1698846319, + "narHash": "sha256-4jyW/dqFBVpWFnhl0nvP6EN4lP7/ZqPxYRjl6var0Oc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3e10c80821dedb93592682379f476745f370a58e", + "rev": "34bdaaf1f0b7fb6d9091472edc968ff10a8c2857", "type": "github" }, "original": { @@ -1205,11 +1205,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1698761408, - "narHash": "sha256-9uw2BSrhFaWZwOstP6hY8jgrs/w45kz7TSP5+KdZZKg=", + "lastModified": 1698850065, + "narHash": "sha256-dsIOI3TxPoUi60QKnrx5+vObW4z6DS7HSaXVIcpjBiM=", "owner": "pta2002", "repo": "nixvim", - "rev": "77a3f3c29817e8ec14448022c934ae708968fd22", + "rev": "b5414a38415f084d889fa99f890ed6a61aab8bb8", "type": "github" }, "original": { @@ -1220,11 +1220,11 @@ }, "nur": { "locked": { - "lastModified": 1698768230, - "narHash": "sha256-+JF5f55wMLPVMbFnxL8ssDPU///dWIeyqjMvFvkyF9I=", + "lastModified": 1698918316, + "narHash": "sha256-RLT2wD8aTLX8Sgbemou258oXYUfqq2rHdT4V0zSJ2eY=", "owner": "nix-community", "repo": "NUR", - "rev": "50fc27d8d5623c0abc0f8db1d4431a8731a9a86e", + "rev": "e77ad2a44db1d91f5e7c916966e6118bfdf6e565", "type": "github" }, "original": { diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index 0e96c399..fc72106c 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -17,6 +17,7 @@ in fusee-launcher gcc gimp + helix inputs.attic.packages.${pkgs.system}.attic inputs.comma.packages.${pkgs.system}.default inputs.webcord.packages.${pkgs.system}.default -- 2.47.1 From d4b964b4c2a833f758f8a5434717f085bb509bf4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 3 Nov 2023 23:00:31 +0000 Subject: [PATCH 1847/1882] chore(deps): update renovate/renovate docker tag to v37.44.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index fd231cf0..1becb3a9 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.42.0 + image: renovate/renovate:37.44.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 8cc6790a3efe642384c13c8a15bf07c44941bfc2 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 4 Nov 2023 23:00:27 +0000 Subject: [PATCH 1848/1882] chore(deps): update renovate/renovate docker tag to v37.45.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 1becb3a9..ce8acec8 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.44.0 + image: renovate/renovate:37.45.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 0f29d768ac50cb064e8054e5fa3cd8ab0e60378a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 5 Nov 2023 23:00:29 +0000 Subject: [PATCH 1849/1882] chore(deps): update renovate/renovate docker tag to v37.46.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index ce8acec8..c7b44446 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.45.0 + image: renovate/renovate:37.46.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From e4c92ef6de87a6aed22269adc81788e99ee99eb3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 5 Nov 2023 15:00:26 +0000 Subject: [PATCH 1850/1882] chore(deps): update flaresolverr/flaresolverr docker tag to v3.3.7 --- nixos/hosts/hades/overseerr/prowlarr.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/overseerr/prowlarr.nix b/nixos/hosts/hades/overseerr/prowlarr.nix index 5f7976ac..f37c3071 100644 --- a/nixos/hosts/hades/overseerr/prowlarr.nix +++ b/nixos/hosts/hades/overseerr/prowlarr.nix @@ -5,7 +5,7 @@ _: { }; virtualisation.oci-containers.containers.flaresolverr = { - image = "flaresolverr/flaresolverr:v3.3.6"; + image = "flaresolverr/flaresolverr:v3.3.7"; ports = [ "8191:8191" ]; }; } -- 2.47.1 From 614ef16063e7bc7954a69339435fa83c2f86b538 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 7 Nov 2023 14:37:09 +0100 Subject: [PATCH 1851/1882] add jona --- flake.lock | 54 ++++++++++++++++---------------- nixos/common/desktop/default.nix | 4 +++ nixos/common/users/default.nix | 2 +- nixos/common/users/jonathan.nix | 13 ++++++++ 4 files changed, 45 insertions(+), 28 deletions(-) create mode 100644 nixos/common/users/jonathan.nix diff --git a/flake.lock b/flake.lock index 7a7e15f9..006f0d28 100644 --- a/flake.lock +++ b/flake.lock @@ -110,11 +110,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1698144717, - "narHash": "sha256-uN3u8LjqmVVTqam80YgzcOWCSixZg2hRjUBGHbqTX0Y=", + "lastModified": 1699171528, + "narHash": "sha256-ZsN6y+tgN5w84oAqRQpMhIvQM39ZNSZoZvn2AK0QYr4=", "owner": "zhaofengli", "repo": "colmena", - "rev": "3538f18b30a8b1ca67978972419263d2849331a7", + "rev": "665603956a1c3040d756987bc7a810ffe86a3b15", "type": "github" }, "original": { @@ -687,11 +687,11 @@ ] }, "locked": { - "lastModified": 1698873617, - "narHash": "sha256-FfGFcfbULwbK1vD+H0rslIOfmy4g8f2hXiPkQG3ZCTk=", + "lastModified": 1699345318, + "narHash": "sha256-JxMtX7/2PdxSUXu38S8ACH71TcZULiztlkv+elEq7og=", "owner": "nix-community", "repo": "home-manager", - "rev": "48b0a30202516e25d9885525fbb200a045f23f26", + "rev": "76e7c05f7d3d5ffac219450af824043da52af1cc", "type": "github" }, "original": { @@ -898,11 +898,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1698853384, - "narHash": "sha256-/FQ2WeCjdjdNo9eGTO7JruGAjO2Ccime8y1OU4/Aesk=", + "lastModified": 1699159446, + "narHash": "sha256-cL63IjsbPl2otS7R4kdXbVOJOXYMpGw5KGZoWgdCuCM=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "11d50c5d52472ed40d3cb109daad03c836d2b328", + "rev": "627bc9b88256379578885a7028c9e791c29fb581", "type": "github" }, "original": { @@ -1089,11 +1089,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1698611440, - "narHash": "sha256-jPjHjrerhYDy3q9+s5EAsuhyhuknNfowY6yt6pjn9pc=", + "lastModified": 1699099776, + "narHash": "sha256-X09iKJ27mGsGambGfkKzqvw5esP1L/Rf8H3u3fCqIiU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0cbe9f69c234a7700596e943bfae7ef27a31b735", + "rev": "85f1ba3e51676fa8cc604a3d863d729026a6b8eb", "type": "github" }, "original": { @@ -1104,11 +1104,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1698318101, - "narHash": "sha256-gUihHt3yPD7bVqg+k/UVHgngyaJ3DMEBchbymBMvK1E=", + "lastModified": 1698924604, + "narHash": "sha256-GCFbkl2tj8fEZBZCw3Tc0AkGo0v+YrQlohhEGJ/X4s0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "63678e9f3d3afecfeafa0acead6239cdb447574c", + "rev": "fa804edfb7869c9fb230e174182a8a1a7e512c40", "type": "github" }, "original": { @@ -1184,11 +1184,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1698846319, - "narHash": "sha256-4jyW/dqFBVpWFnhl0nvP6EN4lP7/ZqPxYRjl6var0Oc=", + "lastModified": 1699169573, + "narHash": "sha256-cvUb1xZkvOp3W2SzylStrTirhVd9zCeo5utJl9nSIhw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "34bdaaf1f0b7fb6d9091472edc968ff10a8c2857", + "rev": "aeefe2054617cae501809b82b44a8e8f7be7cc4b", "type": "github" }, "original": { @@ -1205,11 +1205,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1698850065, - "narHash": "sha256-dsIOI3TxPoUi60QKnrx5+vObW4z6DS7HSaXVIcpjBiM=", + "lastModified": 1699308475, + "narHash": "sha256-sFHOFiE+GV1JkwDmHi0LLJLSRyggdIK1Yra02oj2eZg=", "owner": "pta2002", "repo": "nixvim", - "rev": "b5414a38415f084d889fa99f890ed6a61aab8bb8", + "rev": "6b93c8fa6db999320d53f13e0ebd555e33f86577", "type": "github" }, "original": { @@ -1220,11 +1220,11 @@ }, "nur": { "locked": { - "lastModified": 1698918316, - "narHash": "sha256-RLT2wD8aTLX8Sgbemou258oXYUfqq2rHdT4V0zSJ2eY=", + "lastModified": 1699345929, + "narHash": "sha256-MBW4V6UPs+KEMQI3BDFOOaSCR+DmtsoBJRF2ppgFBIk=", "owner": "nix-community", "repo": "NUR", - "rev": "e77ad2a44db1d91f5e7c916966e6118bfdf6e565", + "rev": "1a48171960608a6ff4e7f73a3e381bf005b625d7", "type": "github" }, "original": { @@ -1289,11 +1289,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1698227354, - "narHash": "sha256-Fi5H9jbaQLmLw9qBi/mkR33CoFjNbobo5xWdX4tKz1Q=", + "lastModified": 1698852633, + "narHash": "sha256-Hsc/cCHud8ZXLvmm8pxrXpuaPEeNaaUttaCvtdX/Wug=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "bd38df3d508dfcdff52cd243d297f218ed2257bf", + "rev": "dec10399e5b56aa95fcd530e0338be72ad6462a0", "type": "github" }, "original": { diff --git a/nixos/common/desktop/default.nix b/nixos/common/desktop/default.nix index 4e02b9a3..5c2b2c8b 100644 --- a/nixos/common/desktop/default.nix +++ b/nixos/common/desktop/default.nix @@ -62,6 +62,10 @@ # Global Packages environment = { systemPackages = with pkgs; [ wireguard-tools sbctl ]; }; + # programs.virt-manager = { + # enable = true; + # }; + # Enable sound with pipewire. sound.enable = true; hardware.pulseaudio.enable = false; diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index bf0253f6..73af8c4c 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -1,5 +1,5 @@ { config, pkgs, lib, ... }: { - imports = [ ./laura.nix ./victor.nix ]; + imports = [ ./laura.nix ./victor.nix ./jonathan.nix ]; # Setup ZSH to use grml config programs.zsh = { diff --git a/nixos/common/users/jonathan.nix b/nixos/common/users/jonathan.nix new file mode 100644 index 00000000..f5ac50d4 --- /dev/null +++ b/nixos/common/users/jonathan.nix @@ -0,0 +1,13 @@ +{ pkgs, ... }: { + users.extraUsers.jonathan = { + isNormalUser = true; + shell = pkgs.zsh; + + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOAXOTU6E06zjK/zkzlSPhTG35PoNRYgTCStEPUYyjeE jonathan@kili" + ]; + + extraGroups = [ ]; + }; +} + -- 2.47.1 From 6da9551d664c694a4f9e22db78c0c4e3deeb73f8 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 7 Nov 2023 15:58:47 +0100 Subject: [PATCH 1852/1882] add oauth2-proxy --- .../apps/services/grist/external-secret.yaml | 17 +++++ flux/olympus/apps/services/grist/grist.yaml | 47 +++++++++++++ flux/olympus/apps/services/grist/ingress.yaml | 29 ++++++++ .../apps/services/grist/kustomization.yaml | 7 ++ flux/olympus/apps/services/grist/pvc.yaml | 12 ++++ flux/olympus/apps/services/kustomization.yaml | 1 + .../oauth2-proxy/external-secret.yaml | 25 +++++++ .../services/oauth2-proxy/kustomization.yaml | 5 ++ .../services/oauth2-proxy/oauth2-proxy.yaml | 67 +++++++++++++++++++ nixos/hosts/olympus/dex/configuration.nix | 6 ++ 10 files changed, 216 insertions(+) create mode 100644 flux/olympus/apps/services/grist/external-secret.yaml create mode 100644 flux/olympus/apps/services/grist/grist.yaml create mode 100644 flux/olympus/apps/services/grist/ingress.yaml create mode 100644 flux/olympus/apps/services/grist/kustomization.yaml create mode 100644 flux/olympus/apps/services/grist/pvc.yaml create mode 100644 flux/olympus/apps/services/oauth2-proxy/external-secret.yaml create mode 100644 flux/olympus/apps/services/oauth2-proxy/kustomization.yaml create mode 100644 flux/olympus/apps/services/oauth2-proxy/oauth2-proxy.yaml diff --git a/flux/olympus/apps/services/grist/external-secret.yaml b/flux/olympus/apps/services/grist/external-secret.yaml new file mode 100644 index 00000000..21a84e7b --- /dev/null +++ b/flux/olympus/apps/services/grist/external-secret.yaml @@ -0,0 +1,17 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: grist + namespace: services +spec: + refreshInterval: "5m" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: grist + data: + - secretKey: GRIST_SESSION_SECRET + remoteRef: + key: services/grist + property: grist_session_secret diff --git a/flux/olympus/apps/services/grist/grist.yaml b/flux/olympus/apps/services/grist/grist.yaml new file mode 100644 index 00000000..b2ce844e --- /dev/null +++ b/flux/olympus/apps/services/grist/grist.yaml @@ -0,0 +1,47 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: grist + namespace: services + labels: + app: grist +spec: + replicas: 1 + selector: + matchLabels: + app: grist + template: + metadata: + labels: + app: grist + spec: + volumes: + - name: persist + persistentVolumeClaim: + claimName: grist + containers: + - name: grist-core + image: gristlabs/grist:1.1.7 + volumeMounts: + - name: persist + mountPath: /persist + env: + - name: APP_HOME_URL + value: "https://grist.0x76.dev" + - name: GRIST_SINGLE_ORG + value: "" + - name: GRIST_SUPPORT_ANON + value: false + - name: PYTHON_VERSION + value: 3 + - name: PYTHON_VERSION_ON_CREATION + value: 3 + - name: GRIST_FORWARD_AUTH_HEADER + value: X-Forwarded-User + - name: GRIST_FORWARD_AUTH_LOGOUT_PATH + value: /_oauth/logout + envFrom: + - secretRef: + name: grist + ports: + - containerPort: 8484 diff --git a/flux/olympus/apps/services/grist/ingress.yaml b/flux/olympus/apps/services/grist/ingress.yaml new file mode 100644 index 00000000..c648f4e5 --- /dev/null +++ b/flux/olympus/apps/services/grist/ingress.yaml @@ -0,0 +1,29 @@ +apiVersion: v1 +kind: Service +metadata: + name: grist + namespace: services +spec: + selector: + app: grist + ports: + - protocol: TCP + port: 8484 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: grist + namespace: services +spec: + rules: + - host: "grist.0x76.dev" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: grist + port: + number: 8484 diff --git a/flux/olympus/apps/services/grist/kustomization.yaml b/flux/olympus/apps/services/grist/kustomization.yaml new file mode 100644 index 00000000..2bb88f38 --- /dev/null +++ b/flux/olympus/apps/services/grist/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - external-secret.yaml + - pvc.yaml + - grist.yaml + - ingress.yaml diff --git a/flux/olympus/apps/services/grist/pvc.yaml b/flux/olympus/apps/services/grist/pvc.yaml new file mode 100644 index 00000000..eefaa64a --- /dev/null +++ b/flux/olympus/apps/services/grist/pvc.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: grist + namespace: services +spec: + accessModes: + - ReadWriteOnce + storageClassName: local-path + resources: + requests: + storage: 2Gi diff --git a/flux/olympus/apps/services/kustomization.yaml b/flux/olympus/apps/services/kustomization.yaml index 4ddab702..c3536ca1 100644 --- a/flux/olympus/apps/services/kustomization.yaml +++ b/flux/olympus/apps/services/kustomization.yaml @@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - renovate + - oauth2-proxy diff --git a/flux/olympus/apps/services/oauth2-proxy/external-secret.yaml b/flux/olympus/apps/services/oauth2-proxy/external-secret.yaml new file mode 100644 index 00000000..c127b728 --- /dev/null +++ b/flux/olympus/apps/services/oauth2-proxy/external-secret.yaml @@ -0,0 +1,25 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: oauth2-proxy + namespace: services +spec: + refreshInterval: "5m" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: oauth2-proxy + data: + - secretKey: OAUTH2_PROXY_CLIENT_ID + remoteRef: + key: services/oauth2-proxy + property: client_id + - secretKey: OAUTH2_PROXY_CLIENT_SECRET + remoteRef: + key: services/oauth2-proxy + property: client_secret + - secretKey: OAUTH2_PROXY_COOKIE_SECRET + remoteRef: + key: services/oauth2-proxy + property: cookie_secret diff --git a/flux/olympus/apps/services/oauth2-proxy/kustomization.yaml b/flux/olympus/apps/services/oauth2-proxy/kustomization.yaml new file mode 100644 index 00000000..fb4e8cde --- /dev/null +++ b/flux/olympus/apps/services/oauth2-proxy/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - external-secret.yaml + - oauth2-proxy.yaml diff --git a/flux/olympus/apps/services/oauth2-proxy/oauth2-proxy.yaml b/flux/olympus/apps/services/oauth2-proxy/oauth2-proxy.yaml new file mode 100644 index 00000000..1cc4de8f --- /dev/null +++ b/flux/olympus/apps/services/oauth2-proxy/oauth2-proxy.yaml @@ -0,0 +1,67 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + k8s-app: oauth2-proxy + name: oauth2-proxy + namespace: services +spec: + replicas: 1 + selector: + matchLabels: + k8s-app: oauth2-proxy + template: + metadata: + labels: + k8s-app: oauth2-proxy + spec: + containers: + - args: + - --provider=oidc + - --provider-display2-name="Dex" + - --oidc-issuer-url=https://dex.0x76.dev/dex + - --redirect-url=https://o2p.0x76.dev/oauth2/callback + - --cookie-secure=false + - --http-address=0.0.0.0:4180 + image: quay.io/oauth2-proxy/oauth2-proxy:v7.5.1 + envFrom: + - secretRef: + name: oauth2-proxy + name: oauth2-proxy + ports: + - containerPort: 4180 + protocol: TCP +--- +apiVersion: v1 +kind: Service +metadata: + labels: + k8s-app: oauth2-proxy + name: oauth2-proxy + namespace: services +spec: + ports: + - name: http + port: 4180 + protocol: TCP + targetPort: 4180 + selector: + k8s-app: oauth2-proxy +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: oauth2-proxy + namespace: services +spec: + rules: + - host: "o2p.0x76.dev" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: oauth2-proxy + port: + number: 4180 diff --git a/nixos/hosts/olympus/dex/configuration.nix b/nixos/hosts/olympus/dex/configuration.nix index af043f4c..40ee5acd 100644 --- a/nixos/hosts/olympus/dex/configuration.nix +++ b/nixos/hosts/olympus/dex/configuration.nix @@ -90,6 +90,12 @@ in redirectURIs = [ "https://flux.0x76.dev/oauth2/callback" ]; secretEnv = "FLUX_CLIENT_SECRET"; } + { + id = "oauth2-proxy"; + name = "OAuth2 Proxy"; + redirectURIs = [ "https://o2p.0x76.dev/oauth2/callback" ]; + secretEnv = "O2P_CLIENT_SECRET"; + } ]; }; -- 2.47.1 From b56a8a995b8ac7a6a08377b8296f256130ee7824 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 7 Nov 2023 16:05:35 +0100 Subject: [PATCH 1853/1882] fix indent --- .../services/oauth2-proxy/oauth2-proxy.yaml | 38 +++++++++---------- nixos/hosts/olympus/default.nix | 1 + 2 files changed, 20 insertions(+), 19 deletions(-) diff --git a/flux/olympus/apps/services/oauth2-proxy/oauth2-proxy.yaml b/flux/olympus/apps/services/oauth2-proxy/oauth2-proxy.yaml index 1cc4de8f..68fc2877 100644 --- a/flux/olympus/apps/services/oauth2-proxy/oauth2-proxy.yaml +++ b/flux/olympus/apps/services/oauth2-proxy/oauth2-proxy.yaml @@ -16,21 +16,21 @@ spec: k8s-app: oauth2-proxy spec: containers: - - args: - - --provider=oidc - - --provider-display2-name="Dex" - - --oidc-issuer-url=https://dex.0x76.dev/dex - - --redirect-url=https://o2p.0x76.dev/oauth2/callback - - --cookie-secure=false - - --http-address=0.0.0.0:4180 - image: quay.io/oauth2-proxy/oauth2-proxy:v7.5.1 - envFrom: - - secretRef: - name: oauth2-proxy - name: oauth2-proxy - ports: - - containerPort: 4180 - protocol: TCP + - args: + - --provider=oidc + - --provider-display2-name="Dex" + - --oidc-issuer-url=https://dex.0x76.dev/dex + - --redirect-url=https://o2p.0x76.dev/oauth2/callback + - --cookie-secure=false + - --http-address=0.0.0.0:4180 + image: quay.io/oauth2-proxy/oauth2-proxy:v7.5.1 + envFrom: + - secretRef: + name: oauth2-proxy + name: oauth2-proxy + ports: + - containerPort: 4180 + protocol: TCP --- apiVersion: v1 kind: Service @@ -41,10 +41,10 @@ metadata: namespace: services spec: ports: - - name: http - port: 4180 - protocol: TCP - targetPort: 4180 + - name: http + port: 4180 + protocol: TCP + targetPort: 4180 selector: k8s-app: oauth2-proxy --- diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 07f1f362..d50a25ae 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -53,6 +53,7 @@ exposes = { www.domain = "0x76.dev"; flux.domain = "flux.0x76.dev"; + o2p.domain = "o2p.0x76.dev"; internal.domain = "internal.xirion.net"; blog.domain = "blog.xirion.net"; }; -- 2.47.1 From 21c4f94f263ebdd6a41b8ba7014fbe0c941b3b1d Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 7 Nov 2023 16:12:44 +0100 Subject: [PATCH 1854/1882] fix? flux --- .../base/flux-system/repositories/helm/external-secrets.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/base/flux-system/repositories/helm/external-secrets.yaml b/flux/olympus/base/flux-system/repositories/helm/external-secrets.yaml index 1128f31b..a68409ba 100644 --- a/flux/olympus/base/flux-system/repositories/helm/external-secrets.yaml +++ b/flux/olympus/base/flux-system/repositories/helm/external-secrets.yaml @@ -1,4 +1,4 @@ -apiVersion: source.toolkit.fluxcd.io/v1 +apiVersion: source.toolkit.fluxcd.io/v1beta2 kind: HelmRepository metadata: name: external-secrets -- 2.47.1 From f0e2a89a2594d3d7b88c78c11262bda7744a9a34 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Nov 2023 23:00:25 +0000 Subject: [PATCH 1855/1882] chore(deps): update renovate/renovate docker tag to v37.50.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index c7b44446..5d1c3a88 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.46.0 + image: renovate/renovate:37.50.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 2bcd118604785f1d4b63199380e674e5172f4ac3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 8 Nov 2023 23:00:25 +0000 Subject: [PATCH 1856/1882] chore(deps): update renovate/renovate docker tag to v37.51.3 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 5d1c3a88..57384d00 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.50.2 + image: renovate/renovate:37.51.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 1b47463d2bc46cd62a378950aa879c6fe0b867ae Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 9 Nov 2023 15:36:53 +0100 Subject: [PATCH 1857/1882] update nix --- flake.lock | 62 +++++++++++------------ flake.nix | 2 +- nixos/hosts/olympus/dex/configuration.nix | 9 ++++ 3 files changed, 41 insertions(+), 32 deletions(-) diff --git a/flake.lock b/flake.lock index 006f0d28..1357682d 100644 --- a/flake.lock +++ b/flake.lock @@ -182,11 +182,11 @@ ] }, "locked": { - "lastModified": 1698166613, - "narHash": "sha256-y4rdN4flxRiROqNi1waMYIZj/Fs7L2OrszFk/1ry9vU=", + "lastModified": 1699218802, + "narHash": "sha256-5l0W4Q7z7A4BCstaF5JuBqXOVrZ3Vqst5+hUnP7EdUc=", "owner": "ipetkov", "repo": "crane", - "rev": "b7db46f0f1751f7b1d1911f6be7daf568ad5bc65", + "rev": "2d6c2aaff5a05e443eb15efddc21f9c73720340c", "type": "github" }, "original": { @@ -426,11 +426,11 @@ ] }, "locked": { - "lastModified": 1698579227, - "narHash": "sha256-KVWjFZky+gRuWennKsbo6cWyo7c/z/VgCte5pR9pEKg=", + "lastModified": 1698882062, + "narHash": "sha256-HkhafUayIqxXyHH1X8d9RDl1M2CkFgZLjKD3MzabiEo=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "f76e870d64779109e41370848074ac4eaa1606ec", + "rev": "8c9fa2545007b49a5db5f650ae91f227672c3877", "type": "github" }, "original": { @@ -687,11 +687,11 @@ ] }, "locked": { - "lastModified": 1699345318, - "narHash": "sha256-JxMtX7/2PdxSUXu38S8ACH71TcZULiztlkv+elEq7og=", + "lastModified": 1699368917, + "narHash": "sha256-nUtGIWf86BOkUbtksWtfglvCZ/otP0FTZlQH8Rzc7PA=", "owner": "nix-community", "repo": "home-manager", - "rev": "76e7c05f7d3d5ffac219450af824043da52af1cc", + "rev": "6a8444467c83c961e2f5ff64fb4f422e303c98d3", "type": "github" }, "original": { @@ -713,11 +713,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1698669922, - "narHash": "sha256-qgx17PQkAwF4S2jdXk2bs2wifOhjesiAdVAmFqL5GNM=", + "lastModified": 1699469975, + "narHash": "sha256-TVYObcXFB6c3z5vF/aLZKDL7u+Rt0OZLWpvIdMcJZ4Q=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "781303ad7ca3e41d38d18b6fd293163a61d4b319", + "rev": "bc0fd4e1d9cbba5f8dce5df845246d77eb7c01d6", "type": "github" }, "original": { @@ -1089,16 +1089,16 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1699099776, - "narHash": "sha256-X09iKJ27mGsGambGfkKzqvw5esP1L/Rf8H3u3fCqIiU=", + "lastModified": 1699354722, + "narHash": "sha256-abmqUReg4PsyQSwv4d0zjcWpMHrd3IFJiTb2tZpfF04=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "85f1ba3e51676fa8cc604a3d863d729026a6b8eb", + "rev": "cfbb29d76949ae53c457f152c52c173ea4bdd862", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-unstable", + "ref": "nixos-unstable-small", "type": "indirect" } }, @@ -1184,11 +1184,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1699169573, - "narHash": "sha256-cvUb1xZkvOp3W2SzylStrTirhVd9zCeo5utJl9nSIhw=", + "lastModified": 1699291058, + "narHash": "sha256-5ggduoaAMPHUy4riL+OrlAZE14Kh7JWX4oLEs22ZqfU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "aeefe2054617cae501809b82b44a8e8f7be7cc4b", + "rev": "41de143fda10e33be0f47eab2bfe08a50f234267", "type": "github" }, "original": { @@ -1220,11 +1220,11 @@ }, "nur": { "locked": { - "lastModified": 1699345929, - "narHash": "sha256-MBW4V6UPs+KEMQI3BDFOOaSCR+DmtsoBJRF2ppgFBIk=", + "lastModified": 1699536582, + "narHash": "sha256-xW16bouhkI9fx6wMLy8002cbLvB3UK4B3J10+Anq9BU=", "owner": "nix-community", "repo": "NUR", - "rev": "1a48171960608a6ff4e7f73a3e381bf005b625d7", + "rev": "71d46644e40610ea90c7e97ba32667de90c5f1a5", "type": "github" }, "original": { @@ -1320,11 +1320,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1698227354, - "narHash": "sha256-Fi5H9jbaQLmLw9qBi/mkR33CoFjNbobo5xWdX4tKz1Q=", + "lastModified": 1699271226, + "narHash": "sha256-8Jt1KW3xTjolD6c6OjJm9USx/jmL+VVmbooADCkdDfU=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "bd38df3d508dfcdff52cd243d297f218ed2257bf", + "rev": "ea758da1a6dcde6dc36db348ed690d09b9864128", "type": "github" }, "original": { @@ -1473,11 +1473,11 @@ ] }, "locked": { - "lastModified": 1698631970, - "narHash": "sha256-uO+iqGslP1TdH0q3pMkpo6XHtzoEa6bjjF3dEQJSDcc=", + "lastModified": 1699409596, + "narHash": "sha256-L3g1smIol3dGTxkUQOlNShJtZLvjLzvtbaeTRizwZBU=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "44210df7a70dcf0a81a5919f9422b6ae589ee673", + "rev": "58240e1ac627cef3ea30c7732fedfb4f51afd8e7", "type": "github" }, "original": { @@ -1667,11 +1667,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1696237116, - "narHash": "sha256-aXoaKr5aoS8HtEJNACekprmLZX6mUaHaiSdlNn+03XU=", + "lastModified": 1699433213, + "narHash": "sha256-NbYXC4jjAuxbw1mL7w5LqYd3jBKnwxk36jTQA8rnERM=", "owner": "serokell", "repo": "vault-secrets", - "rev": "70053bc4a27f542dd0c1e30a1d201df6b75bdd6e", + "rev": "7686f5d6f0411040407435e4361663b7fabaf171", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 81fff41c..96f4d3b8 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,7 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "nixpkgs/nixos-unstable"; + nixpkgs.url = "nixpkgs/nixos-unstable-small"; nixpkgs_stable.url = "nixpkgs/nixos-23.05"; diff --git a/nixos/hosts/olympus/dex/configuration.nix b/nixos/hosts/olympus/dex/configuration.nix index 40ee5acd..e70f16c6 100644 --- a/nixos/hosts/olympus/dex/configuration.nix +++ b/nixos/hosts/olympus/dex/configuration.nix @@ -101,4 +101,13 @@ in environmentFile = "${vs.dex}/environment"; }; + + services.oauth2_proxy = { + enable = true; + provider = "oidc"; + redirectURL = "https://o2p.0x76.dev/oauth2/callback"; + cookie.secure = false; + httpAddress = "0.0.0.0:4180"; + keyFile = ""; + }; } -- 2.47.1 From 66bcfd68399a770ac9f1a3d9bbf5d454fab370c6 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 10 Nov 2023 19:23:36 +0100 Subject: [PATCH 1858/1882] install fractal --- nixos/common/desktop/home.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index fc72106c..0a62c899 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -15,6 +15,7 @@ in cinny-desktop element-desktop-wayland fusee-launcher + fractal-next gcc gimp helix -- 2.47.1 From 0eebdf6bd0ac93a999cad17b3ddf1899ef5d74a1 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 10 Nov 2023 22:53:33 +0100 Subject: [PATCH 1859/1882] fix dhcp --- nixos/common/desktop/home.nix | 1 + nixos/hosts/olympus/dhcp/configuration.nix | 19 ++++++++++--------- nixos/hosts/olympus/eevee/configuration.nix | 16 ---------------- nixos/hosts/olympus/eevee/hardware.nix | 4 +++- 4 files changed, 14 insertions(+), 26 deletions(-) diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index 0a62c899..c63088a2 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -33,6 +33,7 @@ in nixpkgs-review plex-media-player plexamp + spotify qmk rustup solo2-cli diff --git a/nixos/hosts/olympus/dhcp/configuration.nix b/nixos/hosts/olympus/dhcp/configuration.nix index 30aab235..0503693b 100644 --- a/nixos/hosts/olympus/dhcp/configuration.nix +++ b/nixos/hosts/olympus/dhcp/configuration.nix @@ -34,11 +34,11 @@ in networking.firewall.allowedUDPPorts = [ 67 ]; - services.prometheus.exporters.kea = { - enable = true; - openFirewall = true; - controlSocketPaths = [ "/run/kea/kea-dhcp4.socket" ]; - }; + # services.prometheus.exporters.kea = { + # enable = true; + # openFirewall = true; + # controlSocketPaths = [ "/run/kea/kea-dhcp4.socket" ]; + # }; services.kea.dhcp4 = { enable = true; @@ -50,10 +50,11 @@ in interfaces-config.interfaces = [ "eth0" ]; - control-socket = { - socket-type = "unix"; - socket-name = "/run/kea/kea-dhcp4.socket"; - }; + # control-socket = { + # socket-type = "unix"; + # socket-name = "/run/kea/kea-dhcp4.socket"; + # }; + # failed to initialize Kea server: configuration error using file '/etc/kea/dhcp4-server.conf': cannot create socket lockfile, /run/kea/kea-dhcp4.socket.lock, : No such file or directory lease-database = { name = "/var/lib/kea/dhcp4.leases"; diff --git a/nixos/hosts/olympus/eevee/configuration.nix b/nixos/hosts/olympus/eevee/configuration.nix index 40987178..26a0bfd3 100644 --- a/nixos/hosts/olympus/eevee/configuration.nix +++ b/nixos/hosts/olympus/eevee/configuration.nix @@ -40,22 +40,6 @@ environment.sessionVariables.NIXOS_OZONE_WL = "1"; - - # services.kubo = { - # enable = true; - # enableGC = true; - # # autoMount = true; - # settings = { - # Addresses.API = "/ip4/127.0.0.1/tcp/2324"; - # Routing = { - # AcceleratedDHTClient = true; - # }; - # Experimental = { - # FilestoreEnabled = true; - # }; - # }; - # }; - home-manager = { users.victor = import ./home; }; diff --git a/nixos/hosts/olympus/eevee/hardware.nix b/nixos/hosts/olympus/eevee/hardware.nix index 422c10a4..e5731378 100644 --- a/nixos/hosts/olympus/eevee/hardware.nix +++ b/nixos/hosts/olympus/eevee/hardware.nix @@ -2,13 +2,14 @@ hardware = { enableAllFirmware = true; nvidia = { - package = config.boot.kernelPackages.nvidiaPackages.stable; + # package = config.boot.kernelPackages.nvidiaPackages.stable; # Open drivers cause gdm to crash # open = true; # nvidia-drm.modeset=1 modesetting.enable = true; + powerManagement.enable = false; }; # Hardware acceleration @@ -17,6 +18,7 @@ # Vulkan driSupport = true; + driSupport32Bit = true; }; logitech.wireless = { -- 2.47.1 From ec0c2f466a54948e4882a1c343a4d511169eb22d Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 10 Nov 2023 23:35:26 +0100 Subject: [PATCH 1860/1882] add sccache --- nixos/common/desktop/home.nix | 2 +- nixos/common/hm-modules/default.nix | 2 +- nixos/common/hm-modules/rust.nix | 21 +++++++++++++++++++++ 3 files changed, 23 insertions(+), 2 deletions(-) create mode 100644 nixos/common/hm-modules/rust.nix diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index c63088a2..e9b37d53 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -35,7 +35,6 @@ in plexamp spotify qmk - rustup solo2-cli tex unzip @@ -47,6 +46,7 @@ in programs = { v.vscode.enable = true; v.nvim.enable = true; + v.rust.enable = true; riff = { enable = true; diff --git a/nixos/common/hm-modules/default.nix b/nixos/common/hm-modules/default.nix index 29d2e443..2dbbe8f1 100644 --- a/nixos/common/hm-modules/default.nix +++ b/nixos/common/hm-modules/default.nix @@ -1,3 +1,3 @@ { ... }: { - imports = [ ./catppuccin.nix ./nvim.nix ./riff.nix ./vscode.nix ./git.nix ]; + imports = [ ./catppuccin.nix ./nvim.nix ./riff.nix ./vscode.nix ./git.nix ./rust.nix ]; } diff --git a/nixos/common/hm-modules/rust.nix b/nixos/common/hm-modules/rust.nix new file mode 100644 index 00000000..836eeb45 --- /dev/null +++ b/nixos/common/hm-modules/rust.nix @@ -0,0 +1,21 @@ +{ pkgs, lib, config, ... }: +with lib; +let cfg = config.programs.v.rust; +in { + options.programs.v.rust = { enable = mkEnableOption "rust"; }; + config = mkIf cfg.enable { + home.packages = with pkgs; [ rustup ]; + + home.file = { + ".cargo/config.toml".text = '' + [registries.crates-io] + protocol = "sparse" + + [build] + rustc-wrapper = "${pkgs.sccache}/bin/sccache" + ''; + }; + + home.sessionPath = [ "$HOME/.cargo/bin" ]; + }; +} -- 2.47.1 From 68cb70ee4dbb9a9c7ddeaffdb0d581b29312dd83 Mon Sep 17 00:00:00 2001 From: Victor Date: Fri, 10 Nov 2023 23:41:30 +0100 Subject: [PATCH 1861/1882] fix lint --- nixos/common/desktop/home.nix | 42 +++--- nixos/common/hm-modules/rust.nix | 22 +-- nixos/hosts/olympus/dex/configuration.nix | 163 +++++++++++----------- 3 files changed, 114 insertions(+), 113 deletions(-) diff --git a/nixos/common/desktop/home.nix b/nixos/common/desktop/home.nix index e9b37d53..033f235b 100644 --- a/nixos/common/desktop/home.nix +++ b/nixos/common/desktop/home.nix @@ -5,8 +5,7 @@ let dnd-5e-latex-template = { pkgs = [ pkgs.v.dnd-5e-latex-template ]; }; }; my-python-packages = ps: with ps; [ pandas requests numpy ]; -in -{ +in { home.packages = with pkgs; [ (python3.withPackages my-python-packages) btop @@ -44,9 +43,11 @@ in # Enable my own hm modules themes.v.catppuccin.enable = true; programs = { - v.vscode.enable = true; - v.nvim.enable = true; - v.rust.enable = true; + v = { + vscode.enable = true; + nvim.enable = true; + rust.enable = true; + }; riff = { enable = true; @@ -72,26 +73,23 @@ in thunderbird = { enable = true; - profiles.default = { - isDefault = true; - }; + profiles.default = { isDefault = true; }; }; }; # Syncthing services.syncthing.enable = true; - xdg.userDirs = - let home = config.home.homeDirectory; - in { - enable = true; - createDirectories = true; - desktop = "${home}/.desktop"; - documents = "${home}/cloud/Documents"; - download = "${home}/dl"; - music = "${home}/cloud/Music"; - pictures = "${home}/cloud/Pictures"; - publicShare = "${home}/.publicShare"; - templates = "${home}/.templates"; - videos = "${home}/cloud/Videos"; - }; + xdg.userDirs = let home = config.home.homeDirectory; + in { + enable = true; + createDirectories = true; + desktop = "${home}/.desktop"; + documents = "${home}/cloud/Documents"; + download = "${home}/dl"; + music = "${home}/cloud/Music"; + pictures = "${home}/cloud/Pictures"; + publicShare = "${home}/.publicShare"; + templates = "${home}/.templates"; + videos = "${home}/cloud/Videos"; + }; } diff --git a/nixos/common/hm-modules/rust.nix b/nixos/common/hm-modules/rust.nix index 836eeb45..752ed047 100644 --- a/nixos/common/hm-modules/rust.nix +++ b/nixos/common/hm-modules/rust.nix @@ -4,18 +4,20 @@ let cfg = config.programs.v.rust; in { options.programs.v.rust = { enable = mkEnableOption "rust"; }; config = mkIf cfg.enable { - home.packages = with pkgs; [ rustup ]; + home = { + packages = with pkgs; [ rustup ]; - home.file = { - ".cargo/config.toml".text = '' - [registries.crates-io] - protocol = "sparse" + file = { + ".cargo/config.toml".text = '' + [registries.crates-io] + protocol = "sparse" - [build] - rustc-wrapper = "${pkgs.sccache}/bin/sccache" - ''; + [build] + rustc-wrapper = "${pkgs.sccache}/bin/sccache" + ''; + }; + + sessionPath = [ "$HOME/.cargo/bin" ]; }; - - home.sessionPath = [ "$HOME/.cargo/bin" ]; }; } diff --git a/nixos/hosts/olympus/dex/configuration.nix b/nixos/hosts/olympus/dex/configuration.nix index e70f16c6..3105b95a 100644 --- a/nixos/hosts/olympus/dex/configuration.nix +++ b/nixos/hosts/olympus/dex/configuration.nix @@ -9,8 +9,7 @@ let db_name = "dex"; inherit (config.meta.exposes.dex) port; metricsPort = 5558; -in -{ +in { imports = [ ]; # This value determines the NixOS release from which the default @@ -23,91 +22,93 @@ in networking.firewall.allowedTCPPorts = [ port metricsPort ]; - services.postgresql = { - enable = true; - package = pkgs.postgresql_15; - ensureDatabases = [ db_name ]; - ensureUsers = [{ - name = db_user; - ensurePermissions = { - "DATABASE ${db_name}" = "ALL PRIVILEGES"; - "schema public" = "ALL"; - }; - }]; - }; - vault-secrets.secrets.dex = { }; + services = { - services.dex = { - enable = true; - settings = { - issuer = "https://dex.0x76.dev"; - storage = { - type = "postgres"; - config = { - host = "/var/run/postgresql"; - user = db_user; - database = db_name; - }; - }; - web.http = "0.0.0.0:${toString port}"; - telemetry.http = "0.0.0.0:${toString metricsPort}"; - - connectors = [{ - type = "gitea"; - id = "gitea"; - name = "Gitea"; - config = { - clientID = "$GITEA_CLIENT_ID"; - clientSecret = "$GITEA_CLIENT_SECRET"; - redirectURI = "https://dex.0x76.dev/callback"; - baseURL = "https://git.0x76.dev"; + postgresql = { + enable = true; + package = pkgs.postgresql_15; + ensureDatabases = [ db_name ]; + ensureUsers = [{ + name = db_user; + ensurePermissions = { + "DATABASE ${db_name}" = "ALL PRIVILEGES"; + "schema public" = "ALL"; }; }]; - - staticClients = [ - { - id = "outline"; - name = "Outline"; - redirectURIs = [ "https://outline.0x76.dev/auth/oidc.callback" ]; - secretEnv = "OUTLINE_CLIENT_SECRET"; - } - { - id = "grafana"; - name = "Grafana"; - redirectURIs = [ "https://grafana.0x76.dev/login/generic_oauth" ]; - secretEnv = "GRAFANA_CLIENT_SECRET"; - } - { - id = "hedgedoc"; - name = "Hedgedoc"; - redirectURIs = [ "https://md.0x76.dev/auth/oauth2/callback" ]; - secretEnv = "HEDGEDOC_CLIENT_SECRET"; - } - { - id = "flux"; - name = "Weave Gitops Flux Dashboard"; - redirectURIs = [ "https://flux.0x76.dev/oauth2/callback" ]; - secretEnv = "FLUX_CLIENT_SECRET"; - } - { - id = "oauth2-proxy"; - name = "OAuth2 Proxy"; - redirectURIs = [ "https://o2p.0x76.dev/oauth2/callback" ]; - secretEnv = "O2P_CLIENT_SECRET"; - } - ]; }; - environmentFile = "${vs.dex}/environment"; - }; + dex = { + enable = true; + settings = { + issuer = "https://dex.0x76.dev"; + storage = { + type = "postgres"; + config = { + host = "/var/run/postgresql"; + user = db_user; + database = db_name; + }; + }; + web.http = "0.0.0.0:${toString port}"; + telemetry.http = "0.0.0.0:${toString metricsPort}"; - services.oauth2_proxy = { - enable = true; - provider = "oidc"; - redirectURL = "https://o2p.0x76.dev/oauth2/callback"; - cookie.secure = false; - httpAddress = "0.0.0.0:4180"; - keyFile = ""; + connectors = [{ + type = "gitea"; + id = "gitea"; + name = "Gitea"; + config = { + clientID = "$GITEA_CLIENT_ID"; + clientSecret = "$GITEA_CLIENT_SECRET"; + redirectURI = "https://dex.0x76.dev/callback"; + baseURL = "https://git.0x76.dev"; + }; + }]; + + staticClients = [ + { + id = "outline"; + name = "Outline"; + redirectURIs = [ "https://outline.0x76.dev/auth/oidc.callback" ]; + secretEnv = "OUTLINE_CLIENT_SECRET"; + } + { + id = "grafana"; + name = "Grafana"; + redirectURIs = [ "https://grafana.0x76.dev/login/generic_oauth" ]; + secretEnv = "GRAFANA_CLIENT_SECRET"; + } + { + id = "hedgedoc"; + name = "Hedgedoc"; + redirectURIs = [ "https://md.0x76.dev/auth/oauth2/callback" ]; + secretEnv = "HEDGEDOC_CLIENT_SECRET"; + } + { + id = "flux"; + name = "Weave Gitops Flux Dashboard"; + redirectURIs = [ "https://flux.0x76.dev/oauth2/callback" ]; + secretEnv = "FLUX_CLIENT_SECRET"; + } + { + id = "oauth2-proxy"; + name = "OAuth2 Proxy"; + redirectURIs = [ "https://o2p.0x76.dev/oauth2/callback" ]; + secretEnv = "O2P_CLIENT_SECRET"; + } + ]; + }; + + environmentFile = "${vs.dex}/environment"; + }; + + oauth2_proxy = { + enable = true; + provider = "oidc"; + redirectURL = "https://o2p.0x76.dev/oauth2/callback"; + cookie.secure = false; + httpAddress = "0.0.0.0:4180"; + keyFile = ""; + }; }; } -- 2.47.1 From 14405c110904c4adf8194fe450b3ac04b590d98d Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 11 Nov 2023 00:03:17 +0100 Subject: [PATCH 1862/1882] fix bastion --- nixos/hosts/hades/bastion/configuration.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/nixos/hosts/hades/bastion/configuration.nix b/nixos/hosts/hades/bastion/configuration.nix index 5b529a5b..0ca18a7e 100644 --- a/nixos/hosts/hades/bastion/configuration.nix +++ b/nixos/hosts/hades/bastion/configuration.nix @@ -9,7 +9,6 @@ direnv git-crypt nix-update - nodejs-14_x pinentry-curses ripgrep rsync -- 2.47.1 From 76f35ef704d3b22a6c05502e3dcae6084e992d55 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 12 Nov 2023 13:14:41 +0100 Subject: [PATCH 1863/1882] updates --- flake.lock | 48 +++++++++++++------------- nixos/hosts/hades/overseerr/lidarr.nix | 1 + 2 files changed, 25 insertions(+), 24 deletions(-) diff --git a/flake.lock b/flake.lock index 1357682d..3c598c16 100644 --- a/flake.lock +++ b/flake.lock @@ -687,11 +687,11 @@ ] }, "locked": { - "lastModified": 1699368917, - "narHash": "sha256-nUtGIWf86BOkUbtksWtfglvCZ/otP0FTZlQH8Rzc7PA=", + "lastModified": 1699783872, + "narHash": "sha256-4zTwLT2LL45Nmo6iwKB3ls3hWodVP9DiSWxki/oewWE=", "owner": "nix-community", "repo": "home-manager", - "rev": "6a8444467c83c961e2f5ff64fb4f422e303c98d3", + "rev": "280721186ab75a76537713ec310306f0eba3e407", "type": "github" }, "original": { @@ -713,11 +713,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1699469975, - "narHash": "sha256-TVYObcXFB6c3z5vF/aLZKDL7u+Rt0OZLWpvIdMcJZ4Q=", + "lastModified": 1699626196, + "narHash": "sha256-/arAIgFkEOTss4BsppCJn1DIBxvx1ESgWOj9CJqx4lQ=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "bc0fd4e1d9cbba5f8dce5df845246d77eb7c01d6", + "rev": "81975f3bc4a7f3f4c689c43645110c2e1aac56b2", "type": "github" }, "original": { @@ -898,11 +898,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1699159446, - "narHash": "sha256-cL63IjsbPl2otS7R4kdXbVOJOXYMpGw5KGZoWgdCuCM=", + "lastModified": 1699701045, + "narHash": "sha256-mDzUXK7jNO/utInWpSWEX1NgEEunVIpJg+LyPsDTfy0=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "627bc9b88256379578885a7028c9e791c29fb581", + "rev": "b689465d0c5d88e158e7d76094fca08cc0223aad", "type": "github" }, "original": { @@ -1089,11 +1089,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1699354722, - "narHash": "sha256-abmqUReg4PsyQSwv4d0zjcWpMHrd3IFJiTb2tZpfF04=", + "lastModified": 1699686971, + "narHash": "sha256-fttf55Uo88Ei57sxTuDOwKXg8izdR365lFjI13+XfwE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cfbb29d76949ae53c457f152c52c173ea4bdd862", + "rev": "d638da8b6a17041483d90ba9af6c3b5e30b4fbcc", "type": "github" }, "original": { @@ -1104,11 +1104,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1698924604, - "narHash": "sha256-GCFbkl2tj8fEZBZCw3Tc0AkGo0v+YrQlohhEGJ/X4s0=", + "lastModified": 1699099776, + "narHash": "sha256-X09iKJ27mGsGambGfkKzqvw5esP1L/Rf8H3u3fCqIiU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "fa804edfb7869c9fb230e174182a8a1a7e512c40", + "rev": "85f1ba3e51676fa8cc604a3d863d729026a6b8eb", "type": "github" }, "original": { @@ -1205,11 +1205,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1699308475, - "narHash": "sha256-sFHOFiE+GV1JkwDmHi0LLJLSRyggdIK1Yra02oj2eZg=", + "lastModified": 1699721903, + "narHash": "sha256-ghsMr6EqRNCRJtzNokmqeyA3soMjl7bc+/TN7LX/Izc=", "owner": "pta2002", "repo": "nixvim", - "rev": "6b93c8fa6db999320d53f13e0ebd555e33f86577", + "rev": "1286a0f41e37b2bb94f2eb87a7f4efde727f8e87", "type": "github" }, "original": { @@ -1220,11 +1220,11 @@ }, "nur": { "locked": { - "lastModified": 1699536582, - "narHash": "sha256-xW16bouhkI9fx6wMLy8002cbLvB3UK4B3J10+Anq9BU=", + "lastModified": 1699789173, + "narHash": "sha256-8ImqQHlD/RV/DqUkLX6OMOLC0L3rOnpz18/L8kt+9QQ=", "owner": "nix-community", "repo": "NUR", - "rev": "71d46644e40610ea90c7e97ba32667de90c5f1a5", + "rev": "cafc94f2fafd3bc7ef0a2f35a3484dd2df64f111", "type": "github" }, "original": { @@ -1289,11 +1289,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1698852633, - "narHash": "sha256-Hsc/cCHud8ZXLvmm8pxrXpuaPEeNaaUttaCvtdX/Wug=", + "lastModified": 1699271226, + "narHash": "sha256-8Jt1KW3xTjolD6c6OjJm9USx/jmL+VVmbooADCkdDfU=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "dec10399e5b56aa95fcd530e0338be72ad6462a0", + "rev": "ea758da1a6dcde6dc36db348ed690d09b9864128", "type": "github" }, "original": { diff --git a/nixos/hosts/hades/overseerr/lidarr.nix b/nixos/hosts/hades/overseerr/lidarr.nix index cba131e7..8a21e147 100644 --- a/nixos/hosts/hades/overseerr/lidarr.nix +++ b/nixos/hosts/hades/overseerr/lidarr.nix @@ -5,6 +5,7 @@ in { vault-secrets.secrets.lidarr = { quoteEnvironmentValues = false; # Needed for docker + services = [ "podman-lidarr" ]; }; virtualisation.oci-containers.containers.lidarr = { -- 2.47.1 From 4e5ef010d4e813ad33280a1eebb7455b08550de3 Mon Sep 17 00:00:00 2001 From: Victor Date: Sun, 12 Nov 2023 15:07:41 +0100 Subject: [PATCH 1864/1882] deploy grist --- flake.nix | 2 +- .../apps/services/grist/external-secret.yaml | 17 ----- flux/olympus/apps/services/grist/grist.yaml | 47 ------------- flux/olympus/apps/services/grist/ingress.yaml | 29 -------- .../apps/services/grist/kustomization.yaml | 7 -- flux/olympus/apps/services/grist/pvc.yaml | 12 ---- flux/olympus/apps/services/kustomization.yaml | 1 - .../oauth2-proxy/external-secret.yaml | 25 ------- .../services/oauth2-proxy/kustomization.yaml | 5 -- .../services/oauth2-proxy/oauth2-proxy.yaml | 67 ------------------- nixos/hosts/olympus/default.nix | 22 ++++-- nixos/hosts/olympus/dex/configuration.nix | 19 ++---- nixos/hosts/olympus/grist/configuration.nix | 42 ++++++++++++ 13 files changed, 66 insertions(+), 229 deletions(-) delete mode 100644 flux/olympus/apps/services/grist/external-secret.yaml delete mode 100644 flux/olympus/apps/services/grist/grist.yaml delete mode 100644 flux/olympus/apps/services/grist/ingress.yaml delete mode 100644 flux/olympus/apps/services/grist/kustomization.yaml delete mode 100644 flux/olympus/apps/services/grist/pvc.yaml delete mode 100644 flux/olympus/apps/services/oauth2-proxy/external-secret.yaml delete mode 100644 flux/olympus/apps/services/oauth2-proxy/kustomization.yaml delete mode 100644 flux/olympus/apps/services/oauth2-proxy/oauth2-proxy.yaml create mode 100644 nixos/hosts/olympus/grist/configuration.nix diff --git a/flake.nix b/flake.nix index 96f4d3b8..3ef1297e 100644 --- a/flake.nix +++ b/flake.nix @@ -118,7 +118,7 @@ default = colmena.packages.${system}.colmena; proxmox-lxc = nixos-generators.nixosGenerate { - inherit system pkgs specialArgs; + inherit system specialArgs; format = "proxmox-lxc"; modules = util.base_imports ++ [ (import ./nixos/templates/proxmox-lxc.nix) ]; diff --git a/flux/olympus/apps/services/grist/external-secret.yaml b/flux/olympus/apps/services/grist/external-secret.yaml deleted file mode 100644 index 21a84e7b..00000000 --- a/flux/olympus/apps/services/grist/external-secret.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: grist - namespace: services -spec: - refreshInterval: "5m" - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: grist - data: - - secretKey: GRIST_SESSION_SECRET - remoteRef: - key: services/grist - property: grist_session_secret diff --git a/flux/olympus/apps/services/grist/grist.yaml b/flux/olympus/apps/services/grist/grist.yaml deleted file mode 100644 index b2ce844e..00000000 --- a/flux/olympus/apps/services/grist/grist.yaml +++ /dev/null @@ -1,47 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: grist - namespace: services - labels: - app: grist -spec: - replicas: 1 - selector: - matchLabels: - app: grist - template: - metadata: - labels: - app: grist - spec: - volumes: - - name: persist - persistentVolumeClaim: - claimName: grist - containers: - - name: grist-core - image: gristlabs/grist:1.1.7 - volumeMounts: - - name: persist - mountPath: /persist - env: - - name: APP_HOME_URL - value: "https://grist.0x76.dev" - - name: GRIST_SINGLE_ORG - value: "" - - name: GRIST_SUPPORT_ANON - value: false - - name: PYTHON_VERSION - value: 3 - - name: PYTHON_VERSION_ON_CREATION - value: 3 - - name: GRIST_FORWARD_AUTH_HEADER - value: X-Forwarded-User - - name: GRIST_FORWARD_AUTH_LOGOUT_PATH - value: /_oauth/logout - envFrom: - - secretRef: - name: grist - ports: - - containerPort: 8484 diff --git a/flux/olympus/apps/services/grist/ingress.yaml b/flux/olympus/apps/services/grist/ingress.yaml deleted file mode 100644 index c648f4e5..00000000 --- a/flux/olympus/apps/services/grist/ingress.yaml +++ /dev/null @@ -1,29 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: grist - namespace: services -spec: - selector: - app: grist - ports: - - protocol: TCP - port: 8484 ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: grist - namespace: services -spec: - rules: - - host: "grist.0x76.dev" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: grist - port: - number: 8484 diff --git a/flux/olympus/apps/services/grist/kustomization.yaml b/flux/olympus/apps/services/grist/kustomization.yaml deleted file mode 100644 index 2bb88f38..00000000 --- a/flux/olympus/apps/services/grist/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - external-secret.yaml - - pvc.yaml - - grist.yaml - - ingress.yaml diff --git a/flux/olympus/apps/services/grist/pvc.yaml b/flux/olympus/apps/services/grist/pvc.yaml deleted file mode 100644 index eefaa64a..00000000 --- a/flux/olympus/apps/services/grist/pvc.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: grist - namespace: services -spec: - accessModes: - - ReadWriteOnce - storageClassName: local-path - resources: - requests: - storage: 2Gi diff --git a/flux/olympus/apps/services/kustomization.yaml b/flux/olympus/apps/services/kustomization.yaml index c3536ca1..4ddab702 100644 --- a/flux/olympus/apps/services/kustomization.yaml +++ b/flux/olympus/apps/services/kustomization.yaml @@ -2,4 +2,3 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - renovate - - oauth2-proxy diff --git a/flux/olympus/apps/services/oauth2-proxy/external-secret.yaml b/flux/olympus/apps/services/oauth2-proxy/external-secret.yaml deleted file mode 100644 index c127b728..00000000 --- a/flux/olympus/apps/services/oauth2-proxy/external-secret.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: oauth2-proxy - namespace: services -spec: - refreshInterval: "5m" - secretStoreRef: - name: vault - kind: ClusterSecretStore - target: - name: oauth2-proxy - data: - - secretKey: OAUTH2_PROXY_CLIENT_ID - remoteRef: - key: services/oauth2-proxy - property: client_id - - secretKey: OAUTH2_PROXY_CLIENT_SECRET - remoteRef: - key: services/oauth2-proxy - property: client_secret - - secretKey: OAUTH2_PROXY_COOKIE_SECRET - remoteRef: - key: services/oauth2-proxy - property: cookie_secret diff --git a/flux/olympus/apps/services/oauth2-proxy/kustomization.yaml b/flux/olympus/apps/services/oauth2-proxy/kustomization.yaml deleted file mode 100644 index fb4e8cde..00000000 --- a/flux/olympus/apps/services/oauth2-proxy/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - external-secret.yaml - - oauth2-proxy.yaml diff --git a/flux/olympus/apps/services/oauth2-proxy/oauth2-proxy.yaml b/flux/olympus/apps/services/oauth2-proxy/oauth2-proxy.yaml deleted file mode 100644 index 68fc2877..00000000 --- a/flux/olympus/apps/services/oauth2-proxy/oauth2-proxy.yaml +++ /dev/null @@ -1,67 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - k8s-app: oauth2-proxy - name: oauth2-proxy - namespace: services -spec: - replicas: 1 - selector: - matchLabels: - k8s-app: oauth2-proxy - template: - metadata: - labels: - k8s-app: oauth2-proxy - spec: - containers: - - args: - - --provider=oidc - - --provider-display2-name="Dex" - - --oidc-issuer-url=https://dex.0x76.dev/dex - - --redirect-url=https://o2p.0x76.dev/oauth2/callback - - --cookie-secure=false - - --http-address=0.0.0.0:4180 - image: quay.io/oauth2-proxy/oauth2-proxy:v7.5.1 - envFrom: - - secretRef: - name: oauth2-proxy - name: oauth2-proxy - ports: - - containerPort: 4180 - protocol: TCP ---- -apiVersion: v1 -kind: Service -metadata: - labels: - k8s-app: oauth2-proxy - name: oauth2-proxy - namespace: services -spec: - ports: - - name: http - port: 4180 - protocol: TCP - targetPort: 4180 - selector: - k8s-app: oauth2-proxy ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: oauth2-proxy - namespace: services -spec: - rules: - - host: "o2p.0x76.dev" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: oauth2-proxy - port: - number: 4180 diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index d50a25ae..58b6d7e8 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -53,7 +53,6 @@ exposes = { www.domain = "0x76.dev"; flux.domain = "flux.0x76.dev"; - o2p.domain = "o2p.0x76.dev"; internal.domain = "internal.xirion.net"; blog.domain = "blog.xirion.net"; }; @@ -61,9 +60,15 @@ "dex" = { ip = "10.42.42.11"; mac = "AE:66:7B:FA:15:72"; - exposes.dex = { - domain = "dex.0x76.dev"; - port = 5556; + exposes = { + dex = { + domain = "dex.0x76.dev"; + port = 5556; + }; + o2p_proxy = { + domain = "o2p.0x76.dev"; + port = 8484; + }; }; }; "WoolooTV" = { @@ -151,7 +156,14 @@ ip = "10.42.42.25"; mac = "1E:ED:97:2C:C3:9D"; }; - # 10.42.42.26 + "grist" = { + ip = "10.42.42.26"; + mac = "B2:AA:AB:5D:2F:22"; + exposes.grist = { + domain = "grist.0x76.dev"; + port = 8484; + }; + }; "bookwyrm" = { ip = "10.42.42.27"; mac = "9E:8A:6C:39:27:DE"; diff --git a/nixos/hosts/olympus/dex/configuration.nix b/nixos/hosts/olympus/dex/configuration.nix index 3105b95a..4bcbf5bb 100644 --- a/nixos/hosts/olympus/dex/configuration.nix +++ b/nixos/hosts/olympus/dex/configuration.nix @@ -23,6 +23,8 @@ in { networking.firewall.allowedTCPPorts = [ port metricsPort ]; vault-secrets.secrets.dex = { }; + vault-secrets.secrets.oauth2_proxy = { }; + services = { postgresql = { @@ -91,24 +93,15 @@ in { secretEnv = "FLUX_CLIENT_SECRET"; } { - id = "oauth2-proxy"; - name = "OAuth2 Proxy"; - redirectURIs = [ "https://o2p.0x76.dev/oauth2/callback" ]; - secretEnv = "O2P_CLIENT_SECRET"; + id = "grist"; + name = "grist"; + redirectURIs = [ "https://grist.0x76.dev/oauth2/callback" ]; + secretEnv = "GRIST_CLIENT_SECRET"; } ]; }; environmentFile = "${vs.dex}/environment"; }; - - oauth2_proxy = { - enable = true; - provider = "oidc"; - redirectURL = "https://o2p.0x76.dev/oauth2/callback"; - cookie.secure = false; - httpAddress = "0.0.0.0:4180"; - keyFile = ""; - }; }; } diff --git a/nixos/hosts/olympus/grist/configuration.nix b/nixos/hosts/olympus/grist/configuration.nix new file mode 100644 index 00000000..c097f5dc --- /dev/null +++ b/nixos/hosts/olympus/grist/configuration.nix @@ -0,0 +1,42 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, ... }: +let vs = config.vault-secrets.secrets; +in { + imports = [ ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.11"; # Did you read the comment? + networking.firewall.allowedTCPPorts = [ 8484 ]; + + virtualisation.podman.enable = true; + virtualisation.oci-containers.backend = "podman"; + + vault-secrets.secrets.grist = { + quoteEnvironmentValues = false; # Needed for docker + services = [ "podman-grist" ]; + }; + + virtualisation.oci-containers.containers.grist = { + image = "gristlabs/grist:latest"; + environment = { + APP_HOME_URL = "https://grist.0x76.dev"; + GRIST_SUPPORT_ANON = "false"; + PYTHON_VERSION = "3"; + PYTHON_VERSION_ON_CREATION = "3"; + + # Beta OIDC support + GRIST_OIDC_IDP_ISSUER = "https://dex.0x76.dev"; + }; + environmentFiles = [ "${vs.grist}/environment" ]; + ports = [ "8484:8484" ]; + volumes = [ "/var/lib/grist:/persist" ]; + }; +} -- 2.47.1 From c45df4dc1f41bd3a1dab3295b684776fc9014975 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 13 Nov 2023 17:39:02 +0100 Subject: [PATCH 1865/1882] fix grist deployment completely --- nixos/common/hm-modules/git.nix | 2 +- nixos/hosts/olympus/grist/configuration.nix | 18 ++++++++++++++++-- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/nixos/common/hm-modules/git.nix b/nixos/common/hm-modules/git.nix index f7bb1392..beb41506 100644 --- a/nixos/common/hm-modules/git.nix +++ b/nixos/common/hm-modules/git.nix @@ -7,7 +7,7 @@ in { programs.git = { enable = true; package = pkgs.gitAndTools.gitFull; - userName = "Victor"; + userName = "0x76"; userEmail = "victor@xirion.net"; lfs.enable = true; extraConfig = { diff --git a/nixos/hosts/olympus/grist/configuration.nix b/nixos/hosts/olympus/grist/configuration.nix index c097f5dc..5424fc45 100644 --- a/nixos/hosts/olympus/grist/configuration.nix +++ b/nixos/hosts/olympus/grist/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, ... }: +{ config, pkgs, ... }: let vs = config.vault-secrets.secrets; in { imports = [ ]; @@ -16,6 +16,8 @@ in { system.stateVersion = "23.11"; # Did you read the comment? networking.firewall.allowedTCPPorts = [ 8484 ]; + environment.systemPackages = with pkgs; [ sqlite ]; + virtualisation.podman.enable = true; virtualisation.oci-containers.backend = "podman"; @@ -25,10 +27,22 @@ in { }; virtualisation.oci-containers.containers.grist = { - image = "gristlabs/grist:latest"; + image = + "gristlabs/grist:latest"; # Switch to versioned release as soon as OIDC hits stable environment = { APP_HOME_URL = "https://grist.0x76.dev"; GRIST_SUPPORT_ANON = "false"; + GRIST_FORCE_LOGIN = "true"; + GRIST_SINGLE_ORG = "xirion"; + GRIST_ORG_IN_PATH = "false"; + GRIST_DEFAULT_EMAIL = "v@0x76.dev"; # Defines admin user + GRIST_HIDE_UI_ELEMENTS = + "helpCenter,billing,templates,multiSite,multiAccounts"; + GRIST_TELEMETRY_LEVEL = "off"; + GRIST_WIDGET_LIST_URL = + "https://github.com/gristlabs/grist-widget/releases/download/latest/manifest.json"; + + # No Python 2 PYTHON_VERSION = "3"; PYTHON_VERSION_ON_CREATION = "3"; -- 2.47.1 From dddcf0d8c67c76a164c3bb69ae7124acae1715df Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 13 Nov 2023 17:39:38 +0100 Subject: [PATCH 1866/1882] fix lints --- nixos/hosts/olympus/eevee/hardware.nix | 2 +- nixos/hosts/olympus/grist/configuration.nix | 62 +++++++++++---------- 2 files changed, 33 insertions(+), 31 deletions(-) diff --git a/nixos/hosts/olympus/eevee/hardware.nix b/nixos/hosts/olympus/eevee/hardware.nix index e5731378..cd1cb84d 100644 --- a/nixos/hosts/olympus/eevee/hardware.nix +++ b/nixos/hosts/olympus/eevee/hardware.nix @@ -1,4 +1,4 @@ -{ pkgs, config, ... }: { +{ pkgs, ... }: { hardware = { enableAllFirmware = true; nvidia = { diff --git a/nixos/hosts/olympus/grist/configuration.nix b/nixos/hosts/olympus/grist/configuration.nix index 5424fc45..726e09d1 100644 --- a/nixos/hosts/olympus/grist/configuration.nix +++ b/nixos/hosts/olympus/grist/configuration.nix @@ -17,40 +17,42 @@ in { networking.firewall.allowedTCPPorts = [ 8484 ]; environment.systemPackages = with pkgs; [ sqlite ]; + virtualisation = { - virtualisation.podman.enable = true; - virtualisation.oci-containers.backend = "podman"; + podman.enable = true; + oci-containers.backend = "podman"; + + oci-containers.containers.grist = { + image = + "gristlabs/grist:latest"; # Switch to versioned release as soon as OIDC hits stable + environment = { + APP_HOME_URL = "https://grist.0x76.dev"; + GRIST_SUPPORT_ANON = "false"; + GRIST_FORCE_LOGIN = "true"; + GRIST_SINGLE_ORG = "xirion"; + GRIST_ORG_IN_PATH = "false"; + GRIST_DEFAULT_EMAIL = "v@0x76.dev"; # Defines admin user + GRIST_HIDE_UI_ELEMENTS = + "helpCenter,billing,templates,multiSite,multiAccounts"; + GRIST_TELEMETRY_LEVEL = "off"; + GRIST_WIDGET_LIST_URL = + "https://github.com/gristlabs/grist-widget/releases/download/latest/manifest.json"; + + # No Python 2 + PYTHON_VERSION = "3"; + PYTHON_VERSION_ON_CREATION = "3"; + + # Beta OIDC support + GRIST_OIDC_IDP_ISSUER = "https://dex.0x76.dev"; + }; + environmentFiles = [ "${vs.grist}/environment" ]; + ports = [ "8484:8484" ]; + volumes = [ "/var/lib/grist:/persist" ]; + }; + }; vault-secrets.secrets.grist = { quoteEnvironmentValues = false; # Needed for docker services = [ "podman-grist" ]; }; - - virtualisation.oci-containers.containers.grist = { - image = - "gristlabs/grist:latest"; # Switch to versioned release as soon as OIDC hits stable - environment = { - APP_HOME_URL = "https://grist.0x76.dev"; - GRIST_SUPPORT_ANON = "false"; - GRIST_FORCE_LOGIN = "true"; - GRIST_SINGLE_ORG = "xirion"; - GRIST_ORG_IN_PATH = "false"; - GRIST_DEFAULT_EMAIL = "v@0x76.dev"; # Defines admin user - GRIST_HIDE_UI_ELEMENTS = - "helpCenter,billing,templates,multiSite,multiAccounts"; - GRIST_TELEMETRY_LEVEL = "off"; - GRIST_WIDGET_LIST_URL = - "https://github.com/gristlabs/grist-widget/releases/download/latest/manifest.json"; - - # No Python 2 - PYTHON_VERSION = "3"; - PYTHON_VERSION_ON_CREATION = "3"; - - # Beta OIDC support - GRIST_OIDC_IDP_ISSUER = "https://dex.0x76.dev"; - }; - environmentFiles = [ "${vs.grist}/environment" ]; - ports = [ "8484:8484" ]; - volumes = [ "/var/lib/grist:/persist" ]; - }; } -- 2.47.1 From 4123f9a4ec421ce516fef31a9c83df220b5ecfdc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Nov 2023 15:00:26 +0000 Subject: [PATCH 1867/1882] chore(deps): update flaresolverr/flaresolverr docker tag to v3.3.9 --- nixos/hosts/hades/overseerr/prowlarr.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/overseerr/prowlarr.nix b/nixos/hosts/hades/overseerr/prowlarr.nix index f37c3071..b68b64fd 100644 --- a/nixos/hosts/hades/overseerr/prowlarr.nix +++ b/nixos/hosts/hades/overseerr/prowlarr.nix @@ -5,7 +5,7 @@ _: { }; virtualisation.oci-containers.containers.flaresolverr = { - image = "flaresolverr/flaresolverr:v3.3.7"; + image = "flaresolverr/flaresolverr:v3.3.9"; ports = [ "8191:8191" ]; }; } -- 2.47.1 From aab01c9f91123b4cf7735de124644258106728f6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Nov 2023 15:00:29 +0000 Subject: [PATCH 1868/1882] chore(deps): update renovate/renovate docker tag to v37.57.0 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 57384d00..89357d57 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.51.3 + image: renovate/renovate:37.57.0 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 2c0409da67db9779c3f6e2a9975660d0389d2a99 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Nov 2023 23:00:29 +0000 Subject: [PATCH 1869/1882] chore(deps): update renovate/renovate docker tag to v37.57.2 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 89357d57..7b350492 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.57.0 + image: renovate/renovate:37.57.2 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 3767b37bbff2affd31f5940fd9fd986d6f3f26ad Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Nov 2023 23:00:32 +0000 Subject: [PATCH 1870/1882] chore(deps): update renovate/renovate docker tag to v37.59.4 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 7b350492..0d641085 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.57.2 + image: renovate/renovate:37.59.4 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From cfa3ae8d24f6929c9cafa248e89060abcfe9942b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 15 Nov 2023 23:00:31 +0000 Subject: [PATCH 1871/1882] chore(deps): update renovate/renovate docker tag to v37.59.8 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 0d641085..45fd50f8 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.59.4 + image: renovate/renovate:37.59.8 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From 1542f840dcd8660f719ed5c91d040b38699d96fa Mon Sep 17 00:00:00 2001 From: Victor Date: Thu, 16 Nov 2023 20:14:11 +0100 Subject: [PATCH 1872/1882] change name --- flake.lock | 48 +++++++++---------- nixos/common/default.nix | 2 +- nixos/common/desktop/default.nix | 6 +-- nixos/common/hm-modules/git.nix | 2 +- nixos/common/users/default.nix | 4 +- nixos/common/users/{victor.nix => vivian.nix} | 20 ++++---- nixos/hosts/hades/lucy/configuration.nix | 2 +- nixos/hosts/hades/nginx/configuration.nix | 2 +- nixos/hosts/olympus/bastion/configuration.nix | 2 +- nixos/hosts/olympus/eevee/configuration.nix | 2 +- .../hosts/olympus/mosquitto/configuration.nix | 2 +- nixos/hosts/olympus/nginx/configuration.nix | 2 +- nixos/hosts/thalassa/aoife/configuration.nix | 2 +- nixos/hosts/thalassa/aoife/hardware.nix | 2 +- nixos/hosts/thalassa/null/configuration.nix | 2 +- nixos/hosts/thalassa/null/home/default.nix | 8 ++-- 16 files changed, 53 insertions(+), 55 deletions(-) rename nixos/common/users/{victor.nix => vivian.nix} (77%) diff --git a/flake.lock b/flake.lock index 3c598c16..0a550eeb 100644 --- a/flake.lock +++ b/flake.lock @@ -687,11 +687,11 @@ ] }, "locked": { - "lastModified": 1699783872, - "narHash": "sha256-4zTwLT2LL45Nmo6iwKB3ls3hWodVP9DiSWxki/oewWE=", + "lastModified": 1700087144, + "narHash": "sha256-LJP1RW0hKNWmv2yRhnjkUptMXInKpn/rV6V6ofuZkHU=", "owner": "nix-community", "repo": "home-manager", - "rev": "280721186ab75a76537713ec310306f0eba3e407", + "rev": "ab1459a1fb646c40419c732d05ec0bf2416d4506", "type": "github" }, "original": { @@ -713,11 +713,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1699626196, - "narHash": "sha256-/arAIgFkEOTss4BsppCJn1DIBxvx1ESgWOj9CJqx4lQ=", + "lastModified": 1699973284, + "narHash": "sha256-eqic6t1+yd3JXqByexLdZiuyLBzy9KSAOvDBet6yr5Q=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "81975f3bc4a7f3f4c689c43645110c2e1aac56b2", + "rev": "2123d3a0e1ae16d0a9d1858464edfd34db653653", "type": "github" }, "original": { @@ -898,11 +898,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1699701045, - "narHash": "sha256-mDzUXK7jNO/utInWpSWEX1NgEEunVIpJg+LyPsDTfy0=", + "lastModified": 1699997707, + "narHash": "sha256-ugb+1TGoOqqiy3axyEZpfF6T4DQUGjfWZ3Htry1EfvI=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "b689465d0c5d88e158e7d76094fca08cc0223aad", + "rev": "5689f3ebf899f644a1aabe8774d4f37eb2f6c2f9", "type": "github" }, "original": { @@ -1089,11 +1089,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1699686971, - "narHash": "sha256-fttf55Uo88Ei57sxTuDOwKXg8izdR365lFjI13+XfwE=", + "lastModified": 1700083842, + "narHash": "sha256-uC5v4VyUPgC5L3zv7e9q6+TRCm+eiA+Ow5vcH67ef/I=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d638da8b6a17041483d90ba9af6c3b5e30b4fbcc", + "rev": "9008bc4eb62c878d0812105ea1b34255d651df88", "type": "github" }, "original": { @@ -1104,11 +1104,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1699099776, - "narHash": "sha256-X09iKJ27mGsGambGfkKzqvw5esP1L/Rf8H3u3fCqIiU=", + "lastModified": 1699781429, + "narHash": "sha256-UYefjidASiLORAjIvVsUHG6WBtRhM67kTjEY4XfZOFs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "85f1ba3e51676fa8cc604a3d863d729026a6b8eb", + "rev": "e44462d6021bfe23dfb24b775cc7c390844f773d", "type": "github" }, "original": { @@ -1184,11 +1184,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1699291058, - "narHash": "sha256-5ggduoaAMPHUy4riL+OrlAZE14Kh7JWX4oLEs22ZqfU=", + "lastModified": 1699994397, + "narHash": "sha256-xxNeIcMNMXH2EA9IAX6Cny+50mvY22LhIBiGZV363gc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "41de143fda10e33be0f47eab2bfe08a50f234267", + "rev": "d4b5a67bbe9ef750bd2fdffd4cad400dd5553af8", "type": "github" }, "original": { @@ -1205,11 +1205,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1699721903, - "narHash": "sha256-ghsMr6EqRNCRJtzNokmqeyA3soMjl7bc+/TN7LX/Izc=", + "lastModified": 1700090888, + "narHash": "sha256-s4PAYgu2xoIvapwVYCnQi8B/2d8Fb6kzfG7cwXFmKvQ=", "owner": "pta2002", "repo": "nixvim", - "rev": "1286a0f41e37b2bb94f2eb87a7f4efde727f8e87", + "rev": "356e0e855b5896590554ed8df660d042ca12d07d", "type": "github" }, "original": { @@ -1220,11 +1220,11 @@ }, "nur": { "locked": { - "lastModified": 1699789173, - "narHash": "sha256-8ImqQHlD/RV/DqUkLX6OMOLC0L3rOnpz18/L8kt+9QQ=", + "lastModified": 1700142333, + "narHash": "sha256-Mu0TH+JqVLCeEu2RFFnkTHluHmPc9FY7+vl4bW+EO6Y=", "owner": "nix-community", "repo": "NUR", - "rev": "cafc94f2fafd3bc7ef0a2f35a3484dd2df64f111", + "rev": "11299b3ab33b7a5128031263b8a70e94ae47b671", "type": "github" }, "original": { diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 4ba2c85e..03d5d45c 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -41,7 +41,7 @@ package = pkgs.nixUnstable; settings = { auto-optimise-store = true; - trusted-users = [ "root" "victor" ]; + trusted-users = [ "root" "vivian" ]; substituters = [ "https://nix-community.cachix.org" "https://nixpkgs-review-bot.cachix.org" diff --git a/nixos/common/desktop/default.nix b/nixos/common/desktop/default.nix index 5c2b2c8b..c7201b15 100644 --- a/nixos/common/desktop/default.nix +++ b/nixos/common/desktop/default.nix @@ -18,7 +18,7 @@ home-manager = { useGlobalPkgs = true; useUserPackages = true; - users.victor = import ./home.nix; + users.vivian = import ./home.nix; extraSpecialArgs = { inherit inputs; }; }; services = { @@ -60,7 +60,7 @@ }; # Global Packages - environment = { systemPackages = with pkgs; [ wireguard-tools sbctl ]; }; + environment.systemPackages = with pkgs; [ wireguard-tools sbctl podman-compose ]; # programs.virt-manager = { # enable = true; @@ -93,7 +93,6 @@ programs = { steam = { - enable = true; # Open ports in the firewall for Steam Remote Play remotePlay.openFirewall = true; @@ -102,7 +101,6 @@ }; }; - gamemode.enable = true; adb.enable = true; diff --git a/nixos/common/hm-modules/git.nix b/nixos/common/hm-modules/git.nix index beb41506..af8d83cf 100644 --- a/nixos/common/hm-modules/git.nix +++ b/nixos/common/hm-modules/git.nix @@ -8,7 +8,7 @@ in { enable = true; package = pkgs.gitAndTools.gitFull; userName = "0x76"; - userEmail = "victor@xirion.net"; + userEmail = "v@0x76.dev"; lfs.enable = true; extraConfig = { push.autoSetupRemote = true; diff --git a/nixos/common/users/default.nix b/nixos/common/users/default.nix index 73af8c4c..d1f0b821 100644 --- a/nixos/common/users/default.nix +++ b/nixos/common/users/default.nix @@ -1,5 +1,5 @@ { config, pkgs, lib, ... }: { - imports = [ ./laura.nix ./victor.nix ./jonathan.nix ]; + imports = [ ./laura.nix ./vivian.nix ./jonathan.nix ]; # Setup ZSH to use grml config programs.zsh = { @@ -34,7 +34,7 @@ users.extraUsers.root = { # Allow my SSH keys for logging in as root. openssh.authorizedKeys.keys = - config.users.extraUsers.victor.openssh.authorizedKeys.keys; + config.users.extraUsers.vivian.openssh.authorizedKeys.keys; # Also use zsh for root shell = pkgs.zsh; }; diff --git a/nixos/common/users/victor.nix b/nixos/common/users/vivian.nix similarity index 77% rename from nixos/common/users/victor.nix rename to nixos/common/users/vivian.nix index 9fa87ac3..35138b2f 100644 --- a/nixos/common/users/victor.nix +++ b/nixos/common/users/vivian.nix @@ -1,6 +1,7 @@ { pkgs, ... }: { # The block that specifies my user account. - users.extraUsers.victor = { + users.extraUsers.vivian = { + uid = 1000; # This account is intended for a non-system user. isNormalUser = true; @@ -9,12 +10,12 @@ # My SSH keys. openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBhJAp7NWlHgwDYd2z6VNROy5RkeZHRINFLsFvwT4b3 victor@bastion" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMMbdjysLnmwJD5Fs/SjBPstdIQNUxy8zFHP0GlhHMJB victor@bastion" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIfooZjMWXvXZu1ReOEACDZ0TMb2WJRBSOLlWE8y6fUh victor@aoife" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBMTCUjDbDjAiEKbKmLPavuYM0wJIBdjgytLsg1uWuGc victor@nord" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBhJAp7NWlHgwDYd2z6VNROy5RkeZHRINFLsFvwT4b3 vivian@bastion" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMMbdjysLnmwJD5Fs/SjBPstdIQNUxy8zFHP0GlhHMJB vivian@bastion" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIfooZjMWXvXZu1ReOEACDZ0TMb2WJRBSOLlWE8y6fUh vivian@aoife" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBMTCUjDbDjAiEKbKmLPavuYM0wJIBdjgytLsg1uWuGc vivian@nord" "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIM3TqXaApX2JZsgfZd7PKVFMecDgqTHKibpSzgdXNpYAAAAABHNzaDo= solov2-le" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID+HbsgJTQS6pvnMEI5NPKjIf78z+9A7CTIt3abi+PS6 victor@eevee" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID+HbsgJTQS6pvnMEI5NPKjIf78z+9A7CTIt3abi+PS6 vivian@eevee" ]; # Make me admin @@ -22,7 +23,7 @@ [ "systemd-journal" "wheel" "networkmanager" "libvirtd" "dialout" ]; }; - home-manager.users.victor = { + home-manager.users.vivian = { programs = { home-manager.enable = true; @@ -38,9 +39,8 @@ bat.enable = true; }; home = { - - username = "victor"; - homeDirectory = "/home/victor"; + username = "vivian"; + homeDirectory = "/home/vivian"; stateVersion = "23.05"; }; diff --git a/nixos/hosts/hades/lucy/configuration.nix b/nixos/hosts/hades/lucy/configuration.nix index 35682685..f73a5df8 100644 --- a/nixos/hosts/hades/lucy/configuration.nix +++ b/nixos/hosts/hades/lucy/configuration.nix @@ -71,5 +71,5 @@ in }; users.extraUsers.laura.extraGroups = [ "wheel" "docker" ]; - users.extraUsers.victor.extraGroups = [ "docker" ]; + users.extraUsers.vivian.extraGroups = [ "docker" ]; } diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix index c2a2d7d8..a7331d33 100644 --- a/nixos/hosts/hades/nginx/configuration.nix +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -26,7 +26,7 @@ in networking.firewall.allowedTCPPorts = [ 80 443 ]; security.acme = { - defaults.email = "victorheld12@gmail.com"; + defaults.email = "vivian@0x76.dev"; acceptTerms = true; preliminarySelfsigned = true; }; diff --git a/nixos/hosts/olympus/bastion/configuration.nix b/nixos/hosts/olympus/bastion/configuration.nix index e306326b..40d78ead 100644 --- a/nixos/hosts/olympus/bastion/configuration.nix +++ b/nixos/hosts/olympus/bastion/configuration.nix @@ -70,5 +70,5 @@ in pinentryFlavor = "curses"; }; - home-manager.users.victor = import ./home.nix; + home-manager.users.vivian = import ./home.nix; } diff --git a/nixos/hosts/olympus/eevee/configuration.nix b/nixos/hosts/olympus/eevee/configuration.nix index 26a0bfd3..6e4e1710 100644 --- a/nixos/hosts/olympus/eevee/configuration.nix +++ b/nixos/hosts/olympus/eevee/configuration.nix @@ -41,7 +41,7 @@ environment.sessionVariables.NIXOS_OZONE_WL = "1"; home-manager = { - users.victor = import ./home; + users.vivian = import ./home; }; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions diff --git a/nixos/hosts/olympus/mosquitto/configuration.nix b/nixos/hosts/olympus/mosquitto/configuration.nix index d193e63a..56cb9b65 100644 --- a/nixos/hosts/olympus/mosquitto/configuration.nix +++ b/nixos/hosts/olympus/mosquitto/configuration.nix @@ -25,7 +25,7 @@ in { settings.allow_anonymous = true; acl = [ "topic readwrite #" ]; users = { - victor = { acl = [ "readwrite #" ]; }; + vivian = { acl = [ "readwrite #" ]; }; zigbee2mqtt = { acl = [ "readwrite #" ]; }; }; }]; diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index fed28fe0..de9123c4 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -142,7 +142,7 @@ in security = { acme = { - defaults.email = "victorheld12@gmail.com"; + defaults.email = "vivian@0x76.dev"; acceptTerms = true; preliminarySelfsigned = true; }; diff --git a/nixos/hosts/thalassa/aoife/configuration.nix b/nixos/hosts/thalassa/aoife/configuration.nix index d6a93a7f..ddeb1fe8 100644 --- a/nixos/hosts/thalassa/aoife/configuration.nix +++ b/nixos/hosts/thalassa/aoife/configuration.nix @@ -27,7 +27,7 @@ }; }; - home-manager.users.victor = import ./home; + home-manager.users.vivian = import ./home; # Enable Ozone rendering for Chromium and Electron apps. environment.sessionVariables.NIXOS_OZONE_WL = "1"; diff --git a/nixos/hosts/thalassa/aoife/hardware.nix b/nixos/hosts/thalassa/aoife/hardware.nix index df0ee6d1..3c5becd6 100644 --- a/nixos/hosts/thalassa/aoife/hardware.nix +++ b/nixos/hosts/thalassa/aoife/hardware.nix @@ -51,5 +51,5 @@ tctiEnvironment.enable = true; }; }; # TPM2TOOLS_TCTI and TPM2_PKCS11_TCTI env variables - users.users.victor.extraGroups = [ "tss" ]; # tss group has access to TPM devices + users.users.vivian.extraGroups = [ "tss" ]; # tss group has access to TPM devices } diff --git a/nixos/hosts/thalassa/null/configuration.nix b/nixos/hosts/thalassa/null/configuration.nix index e8d0b164..143f5bfb 100644 --- a/nixos/hosts/thalassa/null/configuration.nix +++ b/nixos/hosts/thalassa/null/configuration.nix @@ -43,7 +43,7 @@ in # home-manager useGlobalPkgs = true; useUserPackages = true; - users.victor = import ./home; + users.vivian = import ./home; extraSpecialArgs = { inherit inputs; }; }; security = { diff --git a/nixos/hosts/thalassa/null/home/default.nix b/nixos/hosts/thalassa/null/home/default.nix index 9fe33bc1..b245deba 100644 --- a/nixos/hosts/thalassa/null/home/default.nix +++ b/nixos/hosts/thalassa/null/home/default.nix @@ -23,8 +23,8 @@ in git = { enable = true; package = pkgs.gitAndTools.gitFull; - userName = "Victor"; - userEmail = "victor@xirion.net"; + userName = "0x76"; + userEmail = "v@0x76"; lfs.enable = true; # delta.enable = true; extraConfig = { @@ -108,8 +108,8 @@ in }; }; home = { - username = "victor"; - homeDirectory = "/home/victor"; + username = "vivian"; + homeDirectory = "/home/vivian"; stateVersion = "22.05"; packages = with pkgs; [ -- 2.47.1 From 26bfe82032d25b93992377715022ac0f5c5e0739 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Thu, 16 Nov 2023 20:30:24 +0100 Subject: [PATCH 1873/1882] minor updates --- nixos/hosts/hades/bastion/configuration.nix | 1 - nixos/hosts/hades/immich/configuration.nix | 4 ++++ nixos/hosts/hades/nginx/configuration.nix | 4 ---- nixos/hosts/olympus/dex/configuration.nix | 2 +- 4 files changed, 5 insertions(+), 6 deletions(-) diff --git a/nixos/hosts/hades/bastion/configuration.nix b/nixos/hosts/hades/bastion/configuration.nix index 5b529a5b..0ca18a7e 100644 --- a/nixos/hosts/hades/bastion/configuration.nix +++ b/nixos/hosts/hades/bastion/configuration.nix @@ -9,7 +9,6 @@ direnv git-crypt nix-update - nodejs-14_x pinentry-curses ripgrep rsync diff --git a/nixos/hosts/hades/immich/configuration.nix b/nixos/hosts/hades/immich/configuration.nix index c338ea31..4434cf27 100644 --- a/nixos/hosts/hades/immich/configuration.nix +++ b/nixos/hosts/hades/immich/configuration.nix @@ -22,6 +22,8 @@ in # Additional packages environment.systemPackages = with pkgs; [ ]; + + # TODO: https://github.com/suderman/nixos/tree/main/modules/nixos/immich fileSystems."/mnt/storage" = { @@ -34,6 +36,8 @@ in ids.uids.immich = 911; ids.gids.immich = 911; + users.groups.photos = {}; + users.users.immich = { isSystemUser = true; group = "photos"; diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix index c2a2d7d8..b24a36b4 100644 --- a/nixos/hosts/hades/nginx/configuration.nix +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -41,10 +41,6 @@ in package = pkgs.nginxMainline; virtualHosts = { - - "cshub.nl" = proxy "http://192.168.0.113"; - "api.cshub.nl" = proxy "http://192.168.0.113"; - "ha.xirion.net" = proxy "http://192.168.0.129:8123"; "xirion.net" = { enableACME = true; diff --git a/nixos/hosts/olympus/dex/configuration.nix b/nixos/hosts/olympus/dex/configuration.nix index e70f16c6..94dce4c7 100644 --- a/nixos/hosts/olympus/dex/configuration.nix +++ b/nixos/hosts/olympus/dex/configuration.nix @@ -103,7 +103,7 @@ in }; services.oauth2_proxy = { - enable = true; + enable = false; provider = "oidc"; redirectURL = "https://o2p.0x76.dev/oauth2/callback"; cookie.secure = false; -- 2.47.1 From e6e12bb4f5e7ae49e336bd477d215d6f5cc47c74 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Nov 2023 07:00:25 +0000 Subject: [PATCH 1874/1882] chore(deps): update flaresolverr/flaresolverr docker tag to v3.3.10 --- nixos/hosts/hades/overseerr/prowlarr.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/hades/overseerr/prowlarr.nix b/nixos/hosts/hades/overseerr/prowlarr.nix index b68b64fd..0296a78d 100644 --- a/nixos/hosts/hades/overseerr/prowlarr.nix +++ b/nixos/hosts/hades/overseerr/prowlarr.nix @@ -5,7 +5,7 @@ _: { }; virtualisation.oci-containers.containers.flaresolverr = { - image = "flaresolverr/flaresolverr:v3.3.9"; + image = "flaresolverr/flaresolverr:v3.3.10"; ports = [ "8191:8191" ]; }; } -- 2.47.1 From 19c5e3c96e626cb091bccf4ab39e9a874aa746f1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Nov 2023 23:00:26 +0000 Subject: [PATCH 1875/1882] chore(deps): update helm release external-secrets to v0.9.9 --- flux/olympus/core/external-secrets/helm-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/core/external-secrets/helm-release.yaml b/flux/olympus/core/external-secrets/helm-release.yaml index e39af7e7..7ca3ee27 100644 --- a/flux/olympus/core/external-secrets/helm-release.yaml +++ b/flux/olympus/core/external-secrets/helm-release.yaml @@ -9,7 +9,7 @@ spec: chart: spec: chart: external-secrets - version: 0.9.8 + version: 0.9.9 interval: 30m sourceRef: kind: HelmRepository -- 2.47.1 From 97516029548b7aa087f9ecd7f3a194d5fe281354 Mon Sep 17 00:00:00 2001 From: Victor Date: Tue, 21 Nov 2023 16:29:22 +0100 Subject: [PATCH 1876/1882] update grist --- flake.lock | 42 ++++++++++----------- nixos/hosts/olympus/grist/configuration.nix | 3 +- 2 files changed, 22 insertions(+), 23 deletions(-) diff --git a/flake.lock b/flake.lock index 0a550eeb..a1b1b756 100644 --- a/flake.lock +++ b/flake.lock @@ -687,11 +687,11 @@ ] }, "locked": { - "lastModified": 1700087144, - "narHash": "sha256-LJP1RW0hKNWmv2yRhnjkUptMXInKpn/rV6V6ofuZkHU=", + "lastModified": 1700419052, + "narHash": "sha256-U6a5f9ynbzcp8PMIHULbHPkbwp7YfPKOYmTcLqlalD4=", "owner": "nix-community", "repo": "home-manager", - "rev": "ab1459a1fb646c40419c732d05ec0bf2416d4506", + "rev": "993fb02d20760067b8ee19c713d94cee07037759", "type": "github" }, "original": { @@ -769,11 +769,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1695910380, - "narHash": "sha256-CyzeiXQGm8ceEOSK1dffBCfO7JNp8XhQeNkUiJ5HxgY=", + "lastModified": 1700085753, + "narHash": "sha256-qtib7f3eRwfaUF+VziJXiBcZFqpHCAXS4HlrFsnzzl4=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "84783b661ecf33927c534b6476beb74ea3308968", + "rev": "008d78cc21959e33d0d31f375b88353a7d7121ae", "type": "gitlab" }, "original": { @@ -898,11 +898,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1699997707, - "narHash": "sha256-ugb+1TGoOqqiy3axyEZpfF6T4DQUGjfWZ3Htry1EfvI=", + "lastModified": 1700392353, + "narHash": "sha256-KARn8aVJu5fdW0jdJYoOQ1SPqWlNdz4l7r90NbArWSY=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "5689f3ebf899f644a1aabe8774d4f37eb2f6c2f9", + "rev": "2b00bc76dc893cd996a3d76a2f059d657a5ef37a", "type": "github" }, "original": { @@ -1089,11 +1089,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1700083842, - "narHash": "sha256-uC5v4VyUPgC5L3zv7e9q6+TRCm+eiA+Ow5vcH67ef/I=", + "lastModified": 1700419998, + "narHash": "sha256-aXh4adx9x9RlRMSykzR+bY8AOVjcwMEJO1ZeQROwbcE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9008bc4eb62c878d0812105ea1b34255d651df88", + "rev": "12a0ade5e458984675b9789a4b260ebabdd2d1ab", "type": "github" }, "original": { @@ -1184,11 +1184,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1699994397, - "narHash": "sha256-xxNeIcMNMXH2EA9IAX6Cny+50mvY22LhIBiGZV363gc=", + "lastModified": 1700403855, + "narHash": "sha256-Q0Uzjik9kUTN9pd/kp52XJi5kletBhy29ctBlAG+III=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d4b5a67bbe9ef750bd2fdffd4cad400dd5553af8", + "rev": "0c5678df521e1407884205fe3ce3cf1d7df297db", "type": "github" }, "original": { @@ -1205,11 +1205,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1700090888, - "narHash": "sha256-s4PAYgu2xoIvapwVYCnQi8B/2d8Fb6kzfG7cwXFmKvQ=", + "lastModified": 1700392689, + "narHash": "sha256-5eHyyjJjWOORscfN6byD4wuV6qH2g0kN+N3OP8MybL4=", "owner": "pta2002", "repo": "nixvim", - "rev": "356e0e855b5896590554ed8df660d042ca12d07d", + "rev": "c2ccb2dfabbac067193119cae4fd46d78acc03a2", "type": "github" }, "original": { @@ -1220,11 +1220,11 @@ }, "nur": { "locked": { - "lastModified": 1700142333, - "narHash": "sha256-Mu0TH+JqVLCeEu2RFFnkTHluHmPc9FY7+vl4bW+EO6Y=", + "lastModified": 1700482126, + "narHash": "sha256-4zLW96revlLur8prOh1t+Ka4yIzWge+3B2Cgg89sOQk=", "owner": "nix-community", "repo": "NUR", - "rev": "11299b3ab33b7a5128031263b8a70e94ae47b671", + "rev": "5400c2b8e6cad21911ee8d7258319dbadac87879", "type": "github" }, "original": { diff --git a/nixos/hosts/olympus/grist/configuration.nix b/nixos/hosts/olympus/grist/configuration.nix index 726e09d1..d24eec63 100644 --- a/nixos/hosts/olympus/grist/configuration.nix +++ b/nixos/hosts/olympus/grist/configuration.nix @@ -24,7 +24,7 @@ in { oci-containers.containers.grist = { image = - "gristlabs/grist:latest"; # Switch to versioned release as soon as OIDC hits stable + "gristlabs/grist:1.1.8"; environment = { APP_HOME_URL = "https://grist.0x76.dev"; GRIST_SUPPORT_ANON = "false"; @@ -42,7 +42,6 @@ in { PYTHON_VERSION = "3"; PYTHON_VERSION_ON_CREATION = "3"; - # Beta OIDC support GRIST_OIDC_IDP_ISSUER = "https://dex.0x76.dev"; }; environmentFiles = [ "${vs.grist}/environment" ]; -- 2.47.1 From d462b4c9b7ece14a7ed199c768832413c7112ce2 Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 22 Nov 2023 11:38:37 +0100 Subject: [PATCH 1877/1882] fix gnome --- nixos/common/hm-modules/vscode.nix | 2 ++ nixos/common/modules/gnome/hm.nix | 30 ++++++++++----------- nixos/hosts/hades/bastion/configuration.nix | 2 ++ 3 files changed, 18 insertions(+), 16 deletions(-) diff --git a/nixos/common/hm-modules/vscode.nix b/nixos/common/hm-modules/vscode.nix index 6680e213..8a3ce1b5 100644 --- a/nixos/common/hm-modules/vscode.nix +++ b/nixos/common/hm-modules/vscode.nix @@ -56,12 +56,14 @@ in { ms-vscode.cpptools platformio.platformio-ide redhat.vscode-yaml + redhat.vscode-xml tamasfe.even-better-toml valentjn.vscode-ltex vscodevim.vim vadimcn.vscode-lldb xaver.clang-format sumneko.lua + davidlday.languagetool-linter ]; }; diff --git a/nixos/common/modules/gnome/hm.nix b/nixos/common/modules/gnome/hm.nix index 07cc96a8..babdec76 100644 --- a/nixos/common/modules/gnome/hm.nix +++ b/nixos/common/modules/gnome/hm.nix @@ -7,18 +7,15 @@ let generate_custom_keybindings = binds: { "org/gnome/settings-daemon/plugins/media-keys" = { - custom-keybindings = map - (name: - "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/${name}/") + custom-keybindings = map (name: + "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/${name}/") (attrNames binds); }; - } // mapAttrs' - (name: - nameValuePair - "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/${name}") - binds; -in -{ + } // mapAttrs' (name: + nameValuePair + "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/${name}") + binds; +in { xdg.mimeApps.enable = true; xdg.mimeApps.defaultApplications = { "text/plain" = "org.gnome.TextEditor.desktop"; @@ -100,12 +97,12 @@ in raise-or-lower = [ "s" ]; switch-applications = [ "Tab" ]; switch-applications-backward = [ "Tab" ]; - move-to-workspace-1 = [ "exclam" ]; - move-to-workspace-2 = [ "at" ]; - move-to-workspace-3 = [ "numbersign" ]; - move-to-workspace-4 = [ "dollar" ]; - move-to-workspace-5 = [ "percent" ]; - move-to-workspace-6 = [ "asciicircum" ]; + move-to-workspace-1 = [ "1" ]; + move-to-workspace-2 = [ "2" ]; + move-to-workspace-3 = [ "3" ]; + move-to-workspace-4 = [ "4" ]; + move-to-workspace-5 = [ "5" ]; + move-to-workspace-6 = [ "6" ]; switch-to-workspace-1 = [ "1" ]; switch-to-workspace-2 = [ "2" ]; switch-to-workspace-3 = [ "3" ]; @@ -114,6 +111,7 @@ in switch-to-workspace-6 = [ "6" ]; toggle-fullscreen = [ "M" ]; toggle-maximized = [ "m" ]; + close = [ "Q" ]; }; "org/gnome/tweaks" = { show-extensions-notice = false; }; diff --git a/nixos/hosts/hades/bastion/configuration.nix b/nixos/hosts/hades/bastion/configuration.nix index 0ca18a7e..ab13ad55 100644 --- a/nixos/hosts/hades/bastion/configuration.nix +++ b/nixos/hosts/hades/bastion/configuration.nix @@ -6,12 +6,14 @@ environment.systemPackages = with pkgs; [ cachix + clang direnv git-crypt nix-update pinentry-curses ripgrep rsync + rustup tmux vault ]; -- 2.47.1 From 462663b4987d3e93dd22465393a9f3c1a9865d00 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 24 Nov 2023 15:00:24 +0000 Subject: [PATCH 1878/1882] chore(deps): update renovate/renovate docker tag to v37.67.3 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 45fd50f8..2861a3f8 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.59.8 + image: renovate/renovate:37.67.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1 From a715bf666422cd751e838a162c7409f75e49b975 Mon Sep 17 00:00:00 2001 From: 0x76 Date: Sun, 26 Nov 2023 11:32:36 +0100 Subject: [PATCH 1879/1882] switch vpn --- flake.lock | 54 ++++++++++---------- nixos/hosts/hades/rtorrent/configuration.nix | 13 ++--- nixos/hosts/hades/rtorrent/rtorrent.nix | 4 +- nixos/util.nix | 2 +- 4 files changed, 37 insertions(+), 36 deletions(-) diff --git a/flake.lock b/flake.lock index a1b1b756..faa53b27 100644 --- a/flake.lock +++ b/flake.lock @@ -687,11 +687,11 @@ ] }, "locked": { - "lastModified": 1700419052, - "narHash": "sha256-U6a5f9ynbzcp8PMIHULbHPkbwp7YfPKOYmTcLqlalD4=", + "lastModified": 1700847865, + "narHash": "sha256-uWaOIemGl9LF813MW0AEgCBpKwFo2t1Wv3BZc6e5Frw=", "owner": "nix-community", "repo": "home-manager", - "rev": "993fb02d20760067b8ee19c713d94cee07037759", + "rev": "8cedd63eede4c22deb192f1721dd67e7460e1ebe", "type": "github" }, "original": { @@ -713,11 +713,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1699973284, - "narHash": "sha256-eqic6t1+yd3JXqByexLdZiuyLBzy9KSAOvDBet6yr5Q=", + "lastModified": 1700811440, + "narHash": "sha256-wrJpW3JCJ9egZpYUMne4c3PFEp+vmkTj5VFpPAT4xdY=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "2123d3a0e1ae16d0a9d1858464edfd34db653653", + "rev": "cbafc8f8fe388fba6f2c27224276f5f984f9ae47", "type": "github" }, "original": { @@ -898,11 +898,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1700392353, - "narHash": "sha256-KARn8aVJu5fdW0jdJYoOQ1SPqWlNdz4l7r90NbArWSY=", + "lastModified": 1700559156, + "narHash": "sha256-gL4epO/qf+wo30JjC3g+b5Bs8UrpxzkhNBBsUYxpw2g=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "2b00bc76dc893cd996a3d76a2f059d657a5ef37a", + "rev": "c3abafb01cd7045dba522af29b625bd1e170c2fb", "type": "github" }, "original": { @@ -1089,11 +1089,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1700419998, - "narHash": "sha256-aXh4adx9x9RlRMSykzR+bY8AOVjcwMEJO1ZeQROwbcE=", + "lastModified": 1700775652, + "narHash": "sha256-877vMwiT+6G1bHLBW0sv0yJo8SET/5E8da2xB4WZUm8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "12a0ade5e458984675b9789a4b260ebabdd2d1ab", + "rev": "f974988b730c68f9c19de534dd832985776d3044", "type": "github" }, "original": { @@ -1104,11 +1104,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1699781429, - "narHash": "sha256-UYefjidASiLORAjIvVsUHG6WBtRhM67kTjEY4XfZOFs=", + "lastModified": 1700612854, + "narHash": "sha256-yrQ8osMD+vDLGFX7pcwsY/Qr5PUd6OmDMYJZzZi0+zc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e44462d6021bfe23dfb24b775cc7c390844f773d", + "rev": "19cbff58383a4ae384dea4d1d0c823d72b49d614", "type": "github" }, "original": { @@ -1184,11 +1184,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1700403855, - "narHash": "sha256-Q0Uzjik9kUTN9pd/kp52XJi5kletBhy29ctBlAG+III=", + "lastModified": 1700678569, + "narHash": "sha256-2Ki+2UvOidxEb3xB4ADqlbPQ2BZOF4uZMR094O8or2I=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0c5678df521e1407884205fe3ce3cf1d7df297db", + "rev": "8f1180704ac35baded1a74164365ac7cdfba6f38", "type": "github" }, "original": { @@ -1205,11 +1205,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1700392689, - "narHash": "sha256-5eHyyjJjWOORscfN6byD4wuV6qH2g0kN+N3OP8MybL4=", + "lastModified": 1700831612, + "narHash": "sha256-4rjt03g847UpPYshwItJqFqxHJ6l4aoXqDVT9CNOCu4=", "owner": "pta2002", "repo": "nixvim", - "rev": "c2ccb2dfabbac067193119cae4fd46d78acc03a2", + "rev": "bacdae2c508defccdff1af8511e4d639d26d3d47", "type": "github" }, "original": { @@ -1220,11 +1220,11 @@ }, "nur": { "locked": { - "lastModified": 1700482126, - "narHash": "sha256-4zLW96revlLur8prOh1t+Ka4yIzWge+3B2Cgg89sOQk=", + "lastModified": 1700847898, + "narHash": "sha256-TDZlLBNL6mNP0y+fQ0beDsnlRPRK/ziHWJ5e588kJCw=", "owner": "nix-community", "repo": "NUR", - "rev": "5400c2b8e6cad21911ee8d7258319dbadac87879", + "rev": "6a73c040a4b9cf6c8c2a11dddd3d98e8f56a7b70", "type": "github" }, "original": { @@ -1289,11 +1289,11 @@ "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { - "lastModified": 1699271226, - "narHash": "sha256-8Jt1KW3xTjolD6c6OjJm9USx/jmL+VVmbooADCkdDfU=", + "lastModified": 1700064067, + "narHash": "sha256-1ZWNDzhu8UlVCK7+DUN9dVQfiHX1bv6OQP9VxstY/gs=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "ea758da1a6dcde6dc36db348ed690d09b9864128", + "rev": "e558068cba67b23b4fbc5537173dbb43748a17e8", "type": "github" }, "original": { diff --git a/nixos/hosts/hades/rtorrent/configuration.nix b/nixos/hosts/hades/rtorrent/configuration.nix index 9161ccd2..60085ec3 100644 --- a/nixos/hosts/hades/rtorrent/configuration.nix +++ b/nixos/hosts/hades/rtorrent/configuration.nix @@ -20,7 +20,6 @@ in { vault-secrets.secrets.rtorrent = { services = [ "wg-quick-wg0" ]; }; - # Mullvad VPN networking.wg-quick.interfaces = let postUpScript = pkgs.writeScriptBin "post_up" '' @@ -31,17 +30,19 @@ in { in { wg0 = { - address = [ "10.66.153.191/32" "fc00:bbbb:bbbb:bb01::3:99be/128" ]; - dns = [ "10.64.0.1" ]; + address = [ "10.129.112.89/32, fd7d:76ee:e68f:a993:edd1:668b:49f7:b7c3/128" ]; + mtu = 1320; + dns = [ "10.128.0.1" "fd7d:76ee:e68f:a993::1" ]; privateKeyFile = "${vs.rtorrent}/wireguardKey"; postUp = "${postUpScript}/bin/post_up || true"; peers = [ { - publicKey = "HQHCrq4J6bSpdW1fI5hR/bvcrYa6HgGgwaa5ZY749ik="; + publicKey = "PyLCXAQT8KkM4T+dUsOQfn+Ub3pGxfGlxkIApuig+hk="; allowedIPs = [ "0.0.0.0/0" "::/0" ]; - endpoint = "185.213.155.73:51820"; - # persistentKeepalive = 25; + endpoint = "europe3.vpn.airdns.org:1637"; + presharedKeyFile = "${vs.rtorrent}/presharedKey"; + persistentKeepalive = 15; } ]; }; diff --git a/nixos/hosts/hades/rtorrent/rtorrent.nix b/nixos/hosts/hades/rtorrent/rtorrent.nix index 4d721609..bfdd6a6b 100644 --- a/nixos/hosts/hades/rtorrent/rtorrent.nix +++ b/nixos/hosts/hades/rtorrent/rtorrent.nix @@ -1,7 +1,7 @@ -{ config, lib, pkgs, ... }: { +{ config, pkgs, ... }: { services.rtorrent = { enable = true; - port = 54945; # Port Forwarded in mullvad + port = 14764; # port forwarded downloadDir = "/mnt/storage/torrents/r"; package = pkgs.jesec-rtorrent; configText = diff --git a/nixos/util.nix b/nixos/util.nix index 5a55aa5e..62a312fa 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -76,7 +76,7 @@ let inherit tags; targetHost = ip; allowLocalDeployment = type == "local"; - targetUser = null; # Defaults to $USER + targetUser = "victor"; # Defaults to $USER }; }; }; -- 2.47.1 From add34d481c1a09d69606d008ddb103349b40ee07 Mon Sep 17 00:00:00 2001 From: 0x76 Date: Sun, 26 Nov 2023 17:29:50 +0100 Subject: [PATCH 1880/1882] forward port --- nixos/hosts/hades/rtorrent/configuration.nix | 3 +++ nixos/util.nix | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/nixos/hosts/hades/rtorrent/configuration.nix b/nixos/hosts/hades/rtorrent/configuration.nix index 60085ec3..af10331c 100644 --- a/nixos/hosts/hades/rtorrent/configuration.nix +++ b/nixos/hosts/hades/rtorrent/configuration.nix @@ -6,6 +6,9 @@ in { networking.interfaces.eth0.useDHCP = true; system.stateVersion = "22.05"; + networking.firewall.allowedTCPPorts = [ config.services.rtorrent.port ]; + networking.firewall.allowedUDPPorts = [ config.services.rtorrent.port ]; + fileSystems."/mnt/storage" = { device = "storage:/mnt/storage"; fsType = "nfs"; diff --git a/nixos/util.nix b/nixos/util.nix index 62a312fa..5a55aa5e 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -76,7 +76,7 @@ let inherit tags; targetHost = ip; allowLocalDeployment = type == "local"; - targetUser = "victor"; # Defaults to $USER + targetUser = null; # Defaults to $USER }; }; }; -- 2.47.1 From ba0fa94a8e73268b895753791e2315eec4ba2cd0 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 27 Nov 2023 14:18:45 +0100 Subject: [PATCH 1881/1882] new ip --- flake.lock | 30 +++++++++---------- nixos/hosts/hades/nginx/configuration.nix | 1 + nixos/hosts/olympus/nginx/configuration.nix | 1 + .../hosts/olympus/wireguard/configuration.nix | 2 +- 4 files changed, 18 insertions(+), 16 deletions(-) diff --git a/flake.lock b/flake.lock index faa53b27..225e39e1 100644 --- a/flake.lock +++ b/flake.lock @@ -687,11 +687,11 @@ ] }, "locked": { - "lastModified": 1700847865, - "narHash": "sha256-uWaOIemGl9LF813MW0AEgCBpKwFo2t1Wv3BZc6e5Frw=", + "lastModified": 1701071203, + "narHash": "sha256-lQywA7QU/vzTdZ1apI0PfgCWNyQobXUYghVrR5zuIeM=", "owner": "nix-community", "repo": "home-manager", - "rev": "8cedd63eede4c22deb192f1721dd67e7460e1ebe", + "rev": "db1878f013b52ba5e4034db7c1b63e8d04173a86", "type": "github" }, "original": { @@ -898,11 +898,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1700559156, - "narHash": "sha256-gL4epO/qf+wo30JjC3g+b5Bs8UrpxzkhNBBsUYxpw2g=", + "lastModified": 1701020860, + "narHash": "sha256-NwnRn04C8s+hH+KdVtGmVB1FFNIG7DtPJmQSCBDaET4=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "c3abafb01cd7045dba522af29b625bd1e170c2fb", + "rev": "b006ec52fce23b1d57f6ab4a42d7400732e9a0a2", "type": "github" }, "original": { @@ -1089,11 +1089,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1700775652, - "narHash": "sha256-877vMwiT+6G1bHLBW0sv0yJo8SET/5E8da2xB4WZUm8=", + "lastModified": 1701038920, + "narHash": "sha256-qlEfi8fhKK2oJwX4V6BPEo0qbpWQzQYRU4LrDya/zi0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f974988b730c68f9c19de534dd832985776d3044", + "rev": "28f167a2e998faa5a42896add2a43ff5685832a0", "type": "github" }, "original": { @@ -1184,11 +1184,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1700678569, - "narHash": "sha256-2Ki+2UvOidxEb3xB4ADqlbPQ2BZOF4uZMR094O8or2I=", + "lastModified": 1700989516, + "narHash": "sha256-oKbmPa2wpTHh9XB3+zIx97uMZGNnp97GPliKKG2/plo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8f1180704ac35baded1a74164365ac7cdfba6f38", + "rev": "d2e4de209881b38392933fabf303cde3454b0b4c", "type": "github" }, "original": { @@ -1220,11 +1220,11 @@ }, "nur": { "locked": { - "lastModified": 1700847898, - "narHash": "sha256-TDZlLBNL6mNP0y+fQ0beDsnlRPRK/ziHWJ5e588kJCw=", + "lastModified": 1701078355, + "narHash": "sha256-BIi0h4DwYk9sjm6JxCncZAYRNnuN+W2dggVM+rMkUDQ=", "owner": "nix-community", "repo": "NUR", - "rev": "6a73c040a4b9cf6c8c2a11dddd3d98e8f56a7b70", + "rev": "1300118335519d491e7a0bd2d45d07162c567380", "type": "github" }, "original": { diff --git a/nixos/hosts/hades/nginx/configuration.nix b/nixos/hosts/hades/nginx/configuration.nix index 6b0c9e67..43738fdf 100644 --- a/nixos/hosts/hades/nginx/configuration.nix +++ b/nixos/hosts/hades/nginx/configuration.nix @@ -76,6 +76,7 @@ in allow 192.168.0.0/23; allow 80.60.83.220; allow 83.128.154.23; + allow 62.45.26.248; allow 195.85.167.32/29; deny all; ''; diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index de9123c4..8746cee7 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -93,6 +93,7 @@ in allow 192.168.0.0/23; allow 80.60.83.220; allow 83.128.154.23; + allow 62.45.26.248; allow 195.85.167.32/29; deny all; ''; diff --git a/nixos/hosts/olympus/wireguard/configuration.nix b/nixos/hosts/olympus/wireguard/configuration.nix index e032921b..3e240290 100644 --- a/nixos/hosts/olympus/wireguard/configuration.nix +++ b/nixos/hosts/olympus/wireguard/configuration.nix @@ -63,7 +63,7 @@ in { # https://docs.opnsense.org/manual/how-tos/wireguard-s2s.html publicKey = "KgqLhmUMX6kyTjRoa/GOCrZOvXNE5HWYuOr/T3v8/VI="; allowedIPs = [ "10.100.0.5/32" "192.168.0.0/23" "10.10.10.0/24" ]; - endpoint = "83.128.154.23:51820"; + endpoint = "62.45.26.248:51820"; persistentKeepalive = 25; } ]; -- 2.47.1 From 60721261b817069c9ae5b2eaad4b274292753fc6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 27 Nov 2023 15:00:24 +0000 Subject: [PATCH 1882/1882] chore(deps): update renovate/renovate docker tag to v37.68.4 --- flux/olympus/apps/services/renovate/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index 2861a3f8..c7f652c9 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:37.67.3 + image: renovate/renovate:37.68.4 volumeMounts: - name: config-volume mountPath: /opt/renovate/ -- 2.47.1