Merge remote-tracking branch 'prism/master'
This commit is contained in:
commit
d825d2db87
|
@ -10,7 +10,7 @@ let
|
||||||
addresses = peer.addresses;
|
addresses = peer.addresses;
|
||||||
}) cfg.peers;
|
}) cfg.peers;
|
||||||
|
|
||||||
folders = map (folder: {
|
folders = mapAttrsToList ( _: folder: {
|
||||||
inherit (folder) path id type;
|
inherit (folder) path id type;
|
||||||
devices = map (peer: { deviceId = cfg.peers.${peer}.id; }) folder.peers;
|
devices = map (peer: { deviceId = cfg.peers.${peer}.id; }) folder.peers;
|
||||||
rescanIntervalS = folder.rescanInterval;
|
rescanIntervalS = folder.rescanInterval;
|
||||||
|
@ -81,17 +81,18 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
folders = mkOption {
|
folders = mkOption {
|
||||||
default = [];
|
default = {};
|
||||||
type = types.listOf (types.submodule ({ config, ... }: {
|
type = types.attrsOf (types.submodule ({ config, ... }: {
|
||||||
options = {
|
options = {
|
||||||
|
|
||||||
path = mkOption {
|
path = mkOption {
|
||||||
type = types.absolute-pathname;
|
type = types.absolute-pathname;
|
||||||
|
default = config._module.args.name;
|
||||||
};
|
};
|
||||||
|
|
||||||
id = mkOption {
|
id = mkOption {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
default = config.path;
|
default = config._module.args.name;
|
||||||
};
|
};
|
||||||
|
|
||||||
peers = mkOption {
|
peers = mkOption {
|
||||||
|
|
|
@ -49,12 +49,15 @@ with import <stockholm/lib>;
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
krebs.syncthing.folders = [
|
krebs.syncthing.folders."the_playlist" = {
|
||||||
{ id = "the_playlist"; path = "/home/lass/tmp/the_playlist"; peers = [ "mors" "phone" "prism" ]; }
|
path = "/home/lass/tmp/the_playlist";
|
||||||
];
|
peers = [ "mors" "phone" "prism" ];
|
||||||
lass.ensure-permissions = [
|
};
|
||||||
{ folder = "/home/lass/tmp/the_playlist"; owner = "lass"; group = "syncthing"; }
|
krebs.permown."/home/lass/tmp/the_playlist" = {
|
||||||
];
|
owner = "lass";
|
||||||
|
group = "syncthing";
|
||||||
|
umask = "0007";
|
||||||
|
};
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
lass.umts = {
|
lass.umts = {
|
||||||
|
|
|
@ -20,13 +20,12 @@ with import <stockholm/lib>;
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
lass.ensure-permissions = [
|
krebs.syncthing.folders."/var/lib/sync-containers".peers = [ "icarus" "skynet" "littleT" "shodan" ];
|
||||||
{ folder = "/var/lib/sync-containers"; owner = "root"; group = "syncthing"; }
|
krebs.permown."/var/lib/sync-containers" = {
|
||||||
];
|
owner = "root";
|
||||||
|
group = "syncthing";
|
||||||
krebs.syncthing.folders = [
|
umask = "0007";
|
||||||
{ path = "/var/lib/sync-containers"; peers = [ "icarus" "skynet" "littleT" "shodan" ]; }
|
};
|
||||||
];
|
|
||||||
|
|
||||||
system.activationScripts.containerPermissions = ''
|
system.activationScripts.containerPermissions = ''
|
||||||
mkdir -p /var/lib/containers
|
mkdir -p /var/lib/containers
|
||||||
|
|
|
@ -10,7 +10,7 @@ let
|
||||||
source-password = import <secrets/icecast-source-pw>;
|
source-password = import <secrets/icecast-source-pw>;
|
||||||
|
|
||||||
add_random = pkgs.writeDashBin "add_random" ''
|
add_random = pkgs.writeDashBin "add_random" ''
|
||||||
${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.mpc_cli}/bin/mpc ls | shuf -n1)"
|
${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.mpc_cli}/bin/mpc ls the_playlist/music | grep '\.ogg$' | shuf -n1)"
|
||||||
'';
|
'';
|
||||||
|
|
||||||
skip_track = pkgs.writeDashBin "skip_track" ''
|
skip_track = pkgs.writeDashBin "skip_track" ''
|
||||||
|
@ -57,7 +57,7 @@ in {
|
||||||
services.mpd = {
|
services.mpd = {
|
||||||
enable = true;
|
enable = true;
|
||||||
group = "radio";
|
group = "radio";
|
||||||
musicDirectory = "/home/radio/the_playlist/music";
|
musicDirectory = "/home/radio/music";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
log_level "default"
|
log_level "default"
|
||||||
auto_update "yes"
|
auto_update "yes"
|
||||||
|
@ -248,10 +248,13 @@ in {
|
||||||
alias ${html};
|
alias ${html};
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
krebs.syncthing.folders = [
|
krebs.syncthing.folders."the_playlist" = {
|
||||||
{ id = "the_playlist"; path = "/home/radio/music/the_playlist"; peers = [ "mors" "phone" "prism" ]; }
|
path = "/home/radio/music/the_playlist";
|
||||||
];
|
peers = [ "mors" "phone" "prism" ];
|
||||||
lass.ensure-permissions = [
|
};
|
||||||
{ folder = "/home/radio/music/the_playlist"; owner = "radio"; group = "syncthing"; }
|
krebs.permown."/home/radio/music/the_playlist" = {
|
||||||
];
|
owner = "radio";
|
||||||
|
group = "syncthing";
|
||||||
|
umask = "0002";
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,8 +1,11 @@
|
||||||
{
|
{
|
||||||
krebs.syncthing.folders = [
|
krebs.syncthing.folders.decsync = {
|
||||||
{ id = "decsync"; path = "/home/lass/decsync"; peers = [ "mors" "blue" "green" "phone" ]; }
|
path = "/home/lass/decsync";
|
||||||
];
|
peers = [ "mors" "blue" "green" "phone" ];
|
||||||
lass.ensure-permissions = [
|
};
|
||||||
{ folder = "/home/lass/decsync"; owner = "lass"; group = "syncthing"; }
|
krebs.permown."/home/lass/decsync" = {
|
||||||
];
|
owner = "lass";
|
||||||
|
group = "syncthing";
|
||||||
|
umask = "0007";
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
{
|
{
|
||||||
krebs.syncthing.folders = [
|
krebs.syncthing.folders."/home/lass/.weechat".peers = [ "blue" "green" "mors" ];
|
||||||
{ path = "/home/lass/.weechat"; peers = [ "blue" "green" "mors" ]; }
|
krebs.permown."/home/lass/.weechat" = {
|
||||||
];
|
owner = "lass";
|
||||||
lass.ensure-permissions = [
|
group = "syncthing";
|
||||||
{ folder = "/home/lass/.weechat"; owner = "lass"; group = "syncthing"; }
|
umask = "0007";
|
||||||
];
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }: with import <stockholm/lib>; let
|
||||||
with import <stockholm/lib>;
|
peers = mapAttrs (n: v: { id = v.syncthing.id; }) (filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts);
|
||||||
{
|
in {
|
||||||
services.syncthing = {
|
services.syncthing = {
|
||||||
enable = true;
|
enable = true;
|
||||||
group = "syncthing";
|
group = "syncthing";
|
||||||
|
@ -14,17 +14,17 @@ with import <stockholm/lib>;
|
||||||
enable = true;
|
enable = true;
|
||||||
cert = toString <secrets/syncthing.cert>;
|
cert = toString <secrets/syncthing.cert>;
|
||||||
key = toString <secrets/syncthing.key>;
|
key = toString <secrets/syncthing.key>;
|
||||||
peers = mapAttrs (n: v: { id = v.syncthing.id; }) (filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts);
|
peers = peers;
|
||||||
folders = [
|
folders."/home/lass/sync".peers = attrNames peers;
|
||||||
{ path = "/home/lass/sync"; peers = [ "icarus" "mors" "skynet" "blue" "green" "littleT" "prism" "shodan" ]; }
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
|
|
||||||
system.activationScripts.syncthing-home = ''
|
system.activationScripts.syncthing-home = ''
|
||||||
${pkgs.coreutils}/bin/chmod a+x /home/lass
|
${pkgs.coreutils}/bin/chmod a+x /home/lass
|
||||||
'';
|
'';
|
||||||
|
|
||||||
lass.ensure-permissions = [
|
krebs.permown."/home/lass/sync" = {
|
||||||
{ folder = "/home/lass/sync"; owner = "lass"; group = "syncthing"; }
|
owner = "lass";
|
||||||
];
|
group = "syncthing";
|
||||||
|
umask = "0007";
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,7 +3,6 @@ _:
|
||||||
imports = [
|
imports = [
|
||||||
./dnsmasq.nix
|
./dnsmasq.nix
|
||||||
./ejabberd
|
./ejabberd
|
||||||
./ensure-permissions.nix
|
|
||||||
./folderPerms.nix
|
./folderPerms.nix
|
||||||
./hosts.nix
|
./hosts.nix
|
||||||
./mysql-backup.nix
|
./mysql-backup.nix
|
||||||
|
|
|
@ -1,66 +0,0 @@
|
||||||
{ config, pkgs, ... }: with import <stockholm/lib>;
|
|
||||||
|
|
||||||
let
|
|
||||||
|
|
||||||
cfg = config.lass.ensure-permissions;
|
|
||||||
|
|
||||||
in
|
|
||||||
|
|
||||||
{
|
|
||||||
options.lass.ensure-permissions = mkOption {
|
|
||||||
default = [];
|
|
||||||
type = types.listOf (types.submodule ({
|
|
||||||
options = {
|
|
||||||
|
|
||||||
folder = mkOption {
|
|
||||||
type = types.absolute-pathname;
|
|
||||||
};
|
|
||||||
|
|
||||||
owner = mkOption {
|
|
||||||
# TODO user type
|
|
||||||
type = types.str;
|
|
||||||
default = "root";
|
|
||||||
};
|
|
||||||
|
|
||||||
group = mkOption {
|
|
||||||
# TODO group type
|
|
||||||
type = types.str;
|
|
||||||
default = "root";
|
|
||||||
};
|
|
||||||
|
|
||||||
permission = mkOption {
|
|
||||||
# TODO permission type
|
|
||||||
type = types.str;
|
|
||||||
default = "u+rw,g+rw";
|
|
||||||
};
|
|
||||||
|
|
||||||
};
|
|
||||||
}));
|
|
||||||
};
|
|
||||||
|
|
||||||
config = mkIf (cfg != []) {
|
|
||||||
|
|
||||||
system.activationScripts.ensure-permissions = concatMapStringsSep "\n" (plan: ''
|
|
||||||
${pkgs.coreutils}/bin/mkdir -p ${plan.folder}
|
|
||||||
${pkgs.coreutils}/bin/chmod -R ${plan.permission} ${plan.folder}
|
|
||||||
${pkgs.coreutils}/bin/chown -R ${plan.owner}:${plan.group} ${plan.folder}
|
|
||||||
'') cfg;
|
|
||||||
systemd.services =
|
|
||||||
listToAttrs (map (plan: nameValuePair "ensure-permisson.${replaceStrings ["/"] ["_"] plan.folder}" {
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
serviceConfig = {
|
|
||||||
Restart = "always";
|
|
||||||
RestartSec = 10;
|
|
||||||
ExecStart = pkgs.writeDash "ensure-perms" ''
|
|
||||||
${pkgs.inotifyTools}/bin/inotifywait -mrq -e CREATE --format %w%f ${plan.folder} \
|
|
||||||
| while IFS= read -r FILE; do
|
|
||||||
${pkgs.coreutils}/bin/chmod -R ${plan.permission} "$FILE" 2>/dev/null
|
|
||||||
${pkgs.coreutils}/bin/chown -R ${plan.owner}:${plan.group} "$FILE" 2>/dev/null
|
|
||||||
done
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
}) cfg)
|
|
||||||
;
|
|
||||||
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -6,13 +6,13 @@
|
||||||
[ # Include the results of the hardware scan.
|
[ # Include the results of the hardware scan.
|
||||||
<stockholm/makefu>
|
<stockholm/makefu>
|
||||||
|
|
||||||
<stockholm/makefu/2configs/hw/vbox-guest.nix>
|
# <stockholm/makefu/2configs/hw/vbox-guest.nix> # broken since 2019-04-18
|
||||||
#{ # until virtualbox-image is fixed
|
{ # until virtualbox-image is fixed
|
||||||
# imports = [
|
imports = [
|
||||||
# <stockholm/makefu/2configs/fs/single-partition-ext4.nix>
|
<stockholm/makefu/2configs/fs/single-partition-ext4.nix>
|
||||||
# ];
|
];
|
||||||
# boot.loader.grub.device = lib.mkForce "/dev/sda";
|
boot.loader.grub.device = lib.mkForce "/dev/sda";
|
||||||
#}
|
}
|
||||||
<stockholm/makefu/2configs/main-laptop.nix>
|
<stockholm/makefu/2configs/main-laptop.nix>
|
||||||
# <secrets/extra-hosts.nix>
|
# <secrets/extra-hosts.nix>
|
||||||
|
|
||||||
|
|
|
@ -11,9 +11,13 @@
|
||||||
<stockholm/makefu/2configs/home-manager/desktop.nix>
|
<stockholm/makefu/2configs/home-manager/desktop.nix>
|
||||||
<stockholm/makefu/2configs/home-manager/cli.nix>
|
<stockholm/makefu/2configs/home-manager/cli.nix>
|
||||||
<stockholm/makefu/2configs/home-manager/mail.nix>
|
<stockholm/makefu/2configs/home-manager/mail.nix>
|
||||||
|
<stockholm/makefu/2configs/home-manager/taskwarrior.nix>
|
||||||
|
|
||||||
<stockholm/makefu/2configs/main-laptop.nix>
|
<stockholm/makefu/2configs/main-laptop.nix>
|
||||||
<stockholm/makefu/2configs/extra-fonts.nix>
|
<stockholm/makefu/2configs/extra-fonts.nix>
|
||||||
<stockholm/makefu/2configs/tools/all.nix>
|
<stockholm/makefu/2configs/tools/all.nix>
|
||||||
|
{ programs.adb.enable = true; }
|
||||||
|
|
||||||
<stockholm/makefu/2configs/dict.nix>
|
<stockholm/makefu/2configs/dict.nix>
|
||||||
#<stockholm/makefu/3modules/netboot_server.nix>
|
#<stockholm/makefu/3modules/netboot_server.nix>
|
||||||
#{
|
#{
|
||||||
|
@ -23,7 +27,14 @@
|
||||||
# };
|
# };
|
||||||
#}
|
#}
|
||||||
|
|
||||||
|
# Restore:
|
||||||
|
# systemctl cat borgbackup-job-state
|
||||||
|
# export BORG_PASSCOMMAND BORG_REPO BORG_RSH
|
||||||
|
# borg list "$BORG_REPO"
|
||||||
|
# mount newroot somewhere && cd somewhere
|
||||||
|
# borg extract "$BORG_REPO::x-state-2019-04-17T01:41:51" --progress # < extract to cwd
|
||||||
<stockholm/makefu/2configs/backup/state.nix>
|
<stockholm/makefu/2configs/backup/state.nix>
|
||||||
|
|
||||||
# <stockholm/makefu/2configs/dnscrypt/client.nix>
|
# <stockholm/makefu/2configs/dnscrypt/client.nix>
|
||||||
<stockholm/makefu/2configs/avahi.nix>
|
<stockholm/makefu/2configs/avahi.nix>
|
||||||
<stockholm/makefu/2configs/support-nixos.nix>
|
<stockholm/makefu/2configs/support-nixos.nix>
|
||||||
|
@ -46,19 +57,18 @@
|
||||||
|
|
||||||
# Krebs
|
# Krebs
|
||||||
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
||||||
<stockholm/makefu/2configs/share/gum-client.nix>
|
# <stockholm/makefu/2configs/share/gum-client.nix>
|
||||||
|
|
||||||
|
|
||||||
# applications
|
# applications
|
||||||
<stockholm/makefu/2configs/exim-retiolum.nix>
|
<stockholm/makefu/2configs/exim-retiolum.nix>
|
||||||
<stockholm/makefu/2configs/mail-client.nix>
|
<stockholm/makefu/2configs/mail-client.nix>
|
||||||
<stockholm/makefu/2configs/printer.nix>
|
<stockholm/makefu/2configs/printer.nix>
|
||||||
<stockholm/makefu/2configs/task-client.nix>
|
|
||||||
# <stockholm/makefu/2configs/syncthing.nix>
|
# <stockholm/makefu/2configs/syncthing.nix>
|
||||||
|
|
||||||
# Virtualization
|
# Virtualization
|
||||||
<stockholm/makefu/2configs/virtualisation/libvirt.nix>
|
# <stockholm/makefu/2configs/virtualisation/libvirt.nix>
|
||||||
<stockholm/makefu/2configs/virtualisation/docker.nix>
|
# <stockholm/makefu/2configs/virtualisation/docker.nix>
|
||||||
<stockholm/makefu/2configs/virtualisation/virtualbox.nix>
|
<stockholm/makefu/2configs/virtualisation/virtualbox.nix>
|
||||||
#{
|
#{
|
||||||
# networking.firewall.allowedTCPPorts = [ 8080 ];
|
# networking.firewall.allowedTCPPorts = [ 8080 ];
|
||||||
|
@ -71,35 +81,43 @@
|
||||||
# Services
|
# Services
|
||||||
<stockholm/makefu/2configs/git/brain-retiolum.nix>
|
<stockholm/makefu/2configs/git/brain-retiolum.nix>
|
||||||
<stockholm/makefu/2configs/tor.nix>
|
<stockholm/makefu/2configs/tor.nix>
|
||||||
<stockholm/makefu/2configs/vpn/vpngate.nix>
|
# <stockholm/makefu/2configs/vpn/vpngate.nix>
|
||||||
# <stockholm/makefu/2configs/buildbot-standalone.nix>
|
# <stockholm/makefu/2configs/buildbot-standalone.nix>
|
||||||
<stockholm/makefu/2configs/remote-build/aarch64-community.nix>
|
<stockholm/makefu/2configs/remote-build/aarch64-community.nix>
|
||||||
<stockholm/makefu/2configs/remote-build/gum.nix>
|
# <stockholm/makefu/2configs/remote-build/gum.nix>
|
||||||
{ nixpkgs.overlays = [ (self: super: super.prefer-remote-fetch self super) ]; }
|
# { nixpkgs.overlays = [ (self: super: super.prefer-remote-fetch self super) ]; }
|
||||||
|
|
||||||
|
<stockholm/makefu/2configs/binary-cache/gum.nix>
|
||||||
|
<stockholm/makefu/2configs/binary-cache/lass.nix>
|
||||||
|
|
||||||
# Hardware
|
# Hardware
|
||||||
<stockholm/makefu/2configs/hw/tp-x230.nix>
|
<stockholm/makefu/2configs/hw/tp-x230.nix>
|
||||||
<stockholm/makefu/2configs/hw/mceusb.nix>
|
# <stockholm/makefu/2configs/hw/mceusb.nix>
|
||||||
<stockholm/makefu/2configs/hw/malduino_elite.nix>
|
|
||||||
# <stockholm/makefu/2configs/hw/tpm.nix>
|
# <stockholm/makefu/2configs/hw/tpm.nix>
|
||||||
# <stockholm/makefu/2configs/hw/rtl8812au.nix>
|
# <stockholm/makefu/2configs/hw/rtl8812au.nix>
|
||||||
<stockholm/makefu/2configs/hw/network-manager.nix>
|
<stockholm/makefu/2configs/hw/network-manager.nix>
|
||||||
<stockholm/makefu/2configs/hw/stk1160.nix>
|
# <stockholm/makefu/2configs/hw/stk1160.nix>
|
||||||
<stockholm/makefu/2configs/hw/irtoy.nix>
|
# <stockholm/makefu/2configs/hw/irtoy.nix>
|
||||||
|
# <stockholm/makefu/2configs/hw/malduino_elite.nix>
|
||||||
<stockholm/makefu/2configs/hw/switch.nix>
|
<stockholm/makefu/2configs/hw/switch.nix>
|
||||||
<stockholm/makefu/2configs/hw/bluetooth.nix>
|
<stockholm/makefu/2configs/hw/bluetooth.nix>
|
||||||
# <stockholm/makefu/2configs/hw/rad1o.nix>
|
# <stockholm/makefu/2configs/hw/rad1o.nix>
|
||||||
<stockholm/makefu/2configs/hw/smartcard.nix>
|
<stockholm/makefu/2configs/hw/smartcard.nix>
|
||||||
|
|
||||||
|
{
|
||||||
|
services.upower.enable = true;
|
||||||
|
users.users.makefu.packages = [ pkgs.gnome3.gnome-power-manager ];
|
||||||
|
}
|
||||||
|
|
||||||
# Filesystem
|
# Filesystem
|
||||||
<stockholm/makefu/2configs/fs/sda-crypto-root-home.nix>
|
<stockholm/makefu/2configs/fs/sda-crypto-root-home.nix>
|
||||||
|
|
||||||
# Security
|
# Security
|
||||||
<stockholm/makefu/2configs/sshd-totp.nix>
|
<stockholm/makefu/2configs/sshd-totp.nix>
|
||||||
{ programs.adb.enable = true; }
|
|
||||||
# temporary
|
# temporary
|
||||||
{ services.redis.enable = true; }
|
# { services.redis.enable = true; }
|
||||||
<stockholm/makefu/2configs/pyload.nix>
|
# <stockholm/makefu/2configs/pyload.nix>
|
||||||
# <stockholm/makefu/2configs/dcpp/airdcpp.nix>
|
# <stockholm/makefu/2configs/dcpp/airdcpp.nix>
|
||||||
# <stockholm/makefu/2configs/nginx/rompr.nix>
|
# <stockholm/makefu/2configs/nginx/rompr.nix>
|
||||||
# <stockholm/makefu/2configs/lanparty/lancache.nix>
|
# <stockholm/makefu/2configs/lanparty/lancache.nix>
|
||||||
|
@ -136,6 +154,9 @@
|
||||||
makefu.server.primary-itf = "wlp3s0";
|
makefu.server.primary-itf = "wlp3s0";
|
||||||
|
|
||||||
nixpkgs.config.allowUnfree = true;
|
nixpkgs.config.allowUnfree = true;
|
||||||
|
nixpkgs.config.oraclejdk.accept_license = true;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# configure pulseAudio to provide a HDMI sink as well
|
# configure pulseAudio to provide a HDMI sink as well
|
||||||
networking.firewall.enable = true;
|
networking.firewall.enable = true;
|
||||||
|
@ -163,7 +184,6 @@
|
||||||
"/home/makefu/.ssh/"
|
"/home/makefu/.ssh/"
|
||||||
"/home/makefu/.zsh_history"
|
"/home/makefu/.zsh_history"
|
||||||
"/home/makefu/.bash_history"
|
"/home/makefu/.bash_history"
|
||||||
"/home/makefu/.zshrc"
|
|
||||||
"/home/makefu/bin"
|
"/home/makefu/bin"
|
||||||
"/home/makefu/.gnupg"
|
"/home/makefu/.gnupg"
|
||||||
"/home/makefu/.imapfilter"
|
"/home/makefu/.imapfilter"
|
||||||
|
@ -171,6 +191,7 @@
|
||||||
"/home/makefu/docs"
|
"/home/makefu/docs"
|
||||||
"/home/makefu/.password-store"
|
"/home/makefu/.password-store"
|
||||||
"/home/makefu/.secrets-pass"
|
"/home/makefu/.secrets-pass"
|
||||||
|
"/home/makefu/.config/syncthing"
|
||||||
];
|
];
|
||||||
|
|
||||||
services.syncthing.user = lib.mkForce "makefu";
|
services.syncthing.user = lib.mkForce "makefu";
|
||||||
|
|
13
makefu/2configs/binary-cache/gum.nix
Normal file
13
makefu/2configs/binary-cache/gum.nix
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
|
||||||
|
{ config, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
nix = {
|
||||||
|
binaryCaches = [
|
||||||
|
"https://cache.euer.krebsco.de/"
|
||||||
|
];
|
||||||
|
binaryCachePublicKeys = [
|
||||||
|
"gum:iIXIFlCAotib+MgI3V/i3HMlFXiVYOT/jfP0y54Zuvg="
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
|
@ -19,9 +19,10 @@
|
||||||
};
|
};
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
virtualHosts.nix-serve = {
|
virtualHosts."cache.euer.krebsco.de" = {
|
||||||
serverAliases = [ "cache.gum.r"
|
forceSSL = true;
|
||||||
"cache.euer.krebsco.de"
|
enableACME = true;
|
||||||
|
serverAliases = [ # "cache.gum.r"
|
||||||
"cache.gum.krebsco.de"
|
"cache.gum.krebsco.de"
|
||||||
];
|
];
|
||||||
locations."/".proxyPass= "http://localhost:${toString config.services.nix-serve.port}";
|
locations."/".proxyPass= "http://localhost:${toString config.services.nix-serve.port}";
|
||||||
|
|
Loading…
Reference in a new issue