From 517b25a10908b569bf1d4725b27fdb8aa5a9b7f8 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sun, 20 Oct 2024 15:12:06 +0800 Subject: [PATCH 01/10] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/64c6325b28ebd708653dd41d88f306023f296184' (2024-10-13) → 'github:nix-community/home-manager/122f70545b29ccb922e655b08acfe05bfb44ec68' (2024-10-19) • Updated input 'nix-index-database': 'github:Mic92/nix-index-database/5c54c33aa04df5dd4b0984b7eb861d1981009b22' (2024-10-13) → 'github:Mic92/nix-index-database/04f8a11f247ba00263b060fbcdc95484fd046104' (2024-10-20) • Updated input 'nix-vscode-extensions': 'github:nix-community/nix-vscode-extensions/018196c371073d669510fd69dd2f6dc0ec608c41' (2024-10-06) → 'github:nix-community/nix-vscode-extensions/f4dd6d6b728a61095b944de1fbc58c5bbdc87320' (2024-10-20) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/a8dd1b21995964b115b1e3ec639dd6ce24ab9806' (2024-10-12) → 'github:NixOS/nixos-hardware/38279034170b1e2929b2be33bdaedbf14a57bfeb' (2024-10-19) • Updated input 'nixpkgs-stable': 'github:nixos/nixpkgs/a3f9ad65a0bf298ed5847629a57808b97e6e8077' (2024-10-12) → 'github:nixos/nixpkgs/4eb33fe664af7b41a4c446f87d20c9a0a6321fa3' (2024-10-17) • Updated input 'nur': 'github:nix-community/NUR/23d88faa35dc9de0e35fc3dc2a863c4cf451a8f8' (2024-10-14) → 'github:nix-community/NUR/a05b041fff7a2e4872d361dc03025d0f4cadb2f6' (2024-10-20) • Updated input 'sops-nix': 'github:Mic92/sops-nix/06535d0e3d0201e6a8080dd32dbfde339b94f01b' (2024-10-08) → 'github:Mic92/sops-nix/c504fd7ac946d7a1b17944d73b261ca0a0b226a5' (2024-10-20) • Updated input 'sops-nix/nixpkgs-stable': 'github:NixOS/nixpkgs/17ae88b569bb15590549ff478bab6494dde4a907' (2024-10-05) → 'github:NixOS/nixpkgs/bb8c2cf7ea0dd2e18a52746b2c3a5b0c73b93c22' (2024-10-19) --- flake.lock | 48 ++++++++++++++++++++++++------------------------ 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/flake.lock b/flake.lock index 632d531..222391d 100644 --- a/flake.lock +++ b/flake.lock @@ -433,11 +433,11 @@ ] }, "locked": { - "lastModified": 1728791962, - "narHash": "sha256-nr5QiXwQcZmf6/auC1UpX8iAtINMtdi2mH+OkqJQVmU=", + "lastModified": 1729321331, + "narHash": "sha256-KVyQq+ez/oB30/WbdNgVD8g/bda34z8NiU187QKQb74=", "owner": "nix-community", "repo": "home-manager", - "rev": "64c6325b28ebd708653dd41d88f306023f296184", + "rev": "122f70545b29ccb922e655b08acfe05bfb44ec68", "type": "github" }, "original": { @@ -540,11 +540,11 @@ ] }, "locked": { - "lastModified": 1728790083, - "narHash": "sha256-grMdAd4KSU6uPqsfLzA1B/3pb9GtGI9o8qb0qFzEU/Y=", + "lastModified": 1729394935, + "narHash": "sha256-2ntUG+NJKdfhlrh/tF+jOU0fOesO7lm5ZZVSYitsvH8=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "5c54c33aa04df5dd4b0984b7eb861d1981009b22", + "rev": "04f8a11f247ba00263b060fbcdc95484fd046104", "type": "github" }, "original": { @@ -564,11 +564,11 @@ ] }, "locked": { - "lastModified": 1728179514, - "narHash": "sha256-mOGZFPYm9SuEXnYiXhgs/JmLu7RofRaMpAYyJiWudkc=", + "lastModified": 1729389220, + "narHash": "sha256-vHCkVYWrw03vn48Yihor5PXiSuxDSF1TcyO2kAs1Ehg=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "018196c371073d669510fd69dd2f6dc0ec608c41", + "rev": "f4dd6d6b728a61095b944de1fbc58c5bbdc87320", "type": "github" }, "original": { @@ -579,11 +579,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1728729581, - "narHash": "sha256-oazkQ/z7r43YkDLLQdMg8oIB3CwWNb+2ZrYOxtLEWTQ=", + "lastModified": 1729333370, + "narHash": "sha256-NU+tYe3QWzDNpB8RagpqR3hNQXn4BNuBd7ZGosMHLL8=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "a8dd1b21995964b115b1e3ec639dd6ce24ab9806", + "rev": "38279034170b1e2929b2be33bdaedbf14a57bfeb", "type": "github" }, "original": { @@ -623,11 +623,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1728740863, - "narHash": "sha256-u+rxA79a0lyhG+u+oPBRtTDtzz8kvkc9a6SWSt9ekVc=", + "lastModified": 1729181673, + "narHash": "sha256-LDiPhQ3l+fBjRATNtnuDZsBS7hqoBtPkKBkhpoBHv3I=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a3f9ad65a0bf298ed5847629a57808b97e6e8077", + "rev": "4eb33fe664af7b41a4c446f87d20c9a0a6321fa3", "type": "github" }, "original": { @@ -639,11 +639,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1728156290, - "narHash": "sha256-uogSvuAp+1BYtdu6UWuObjHqSbBohpyARXDWqgI12Ss=", + "lastModified": 1729357638, + "narHash": "sha256-66RHecx+zohbZwJVEPF7uuwHeqf8rykZTMCTqIrOew4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "17ae88b569bb15590549ff478bab6494dde4a907", + "rev": "bb8c2cf7ea0dd2e18a52746b2c3a5b0c73b93c22", "type": "github" }, "original": { @@ -713,11 +713,11 @@ }, "nur": { "locked": { - "lastModified": 1728878648, - "narHash": "sha256-JYNGkY30+zGclR1zebnyHOtRhWKfKHLw6T4IoqhmJFs=", + "lastModified": 1729400812, + "narHash": "sha256-9o1t9ZOK9TH0N8HhoBzJ5jbg8jy72qM45xJ4QyffBvM=", "owner": "nix-community", "repo": "NUR", - "rev": "23d88faa35dc9de0e35fc3dc2a863c4cf451a8f8", + "rev": "a05b041fff7a2e4872d361dc03025d0f4cadb2f6", "type": "github" }, "original": { @@ -774,11 +774,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1728345710, - "narHash": "sha256-lpunY1+bf90ts+sA2/FgxVNIegPDKCpEoWwOPu4ITTQ=", + "lastModified": 1729394972, + "narHash": "sha256-fADlzOzcSaGsrO+THUZ8SgckMMc7bMQftztKFCLVcFI=", "owner": "Mic92", "repo": "sops-nix", - "rev": "06535d0e3d0201e6a8080dd32dbfde339b94f01b", + "rev": "c504fd7ac946d7a1b17944d73b261ca0a0b226a5", "type": "github" }, "original": { From ac6ebac159cab11fdd65ece71cd6a5440d4e5a4b Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sun, 20 Oct 2024 15:14:01 +0800 Subject: [PATCH 02/10] raspite: fix hass --- flake.nix | 2 +- machines/raspite/configuration.nix | 29 +++++++----------- machines/raspite/hass.nix | 48 ++++++++++++++++-------------- 3 files changed, 38 insertions(+), 41 deletions(-) diff --git a/flake.nix b/flake.nix index 4af8705..e8700a4 100644 --- a/flake.nix +++ b/flake.nix @@ -208,7 +208,7 @@ { ... }: { deployment = { - targetHost = "raspite.local"; + targetHost = "raspite.coho-tet.ts.net"; buildOnTarget = false; }; nixpkgs.system = "aarch64-linux"; diff --git a/machines/raspite/configuration.nix b/machines/raspite/configuration.nix index 049e67e..234d0e9 100644 --- a/machines/raspite/configuration.nix +++ b/machines/raspite/configuration.nix @@ -8,7 +8,10 @@ { imports = [ ./hass.nix ]; - commonSettings.nix.enableMirrors = true; + commonSettings = { + nix.enableMirrors = true; + auth.enable = true; + }; nixpkgs.overlays = [ # Workaround https://github.com/NixOS/nixpkgs/issues/126755#issuecomment-869149243 @@ -33,25 +36,15 @@ # boot.kernelPackages = pkgs.linuxPackages_stable; - custom.kanidm-client = { - enable = true; - uri = "https://auth.xinyang.life"; - asSSHAuth = { - enable = true; - allowedGroups = [ "linux_users" ]; - hardening = true; - }; - sudoers = [ "xin@auth.xinyang.life" ]; - }; - - security.sudo = { - execWheelOnly = true; - wheelNeedsPassword = false; - }; - # fileSystems."/".fsType = lib.mkForce "btrfs"; boot.supportedFilesystems.zfs = lib.mkForce false; - services.dae.enable = false; + services.dae.enable = true; services.dae.configFile = "/var/lib/dae/config.dae"; + + services.tailscale = { + enable = true; + permitCertUid = config.services.caddy.user; + openFirewall = true; + }; } diff --git a/machines/raspite/hass.nix b/machines/raspite/hass.nix index 68d161b..f7b682e 100644 --- a/machines/raspite/hass.nix +++ b/machines/raspite/hass.nix @@ -2,22 +2,21 @@ { services.home-assistant = { enable = true; - extraComponents = [ - "default_config" - "esphome" - "met" - "radio_browser" - ]; openFirewall = false; config = { default_config = { }; http = { - server_host = "::1"; - base_url = "raspite.local:1000"; - use_x_forward_for = true; - trusted_proxies = [ "::1" ]; + server_host = "127.0.0.1"; + use_x_forwarded_for = true; + trusted_proxies = [ "127.0.0.1" ]; }; }; + extraPackages = + python3Packages: with python3Packages; [ + # speed up aiohttp + isal + zlib-ng + ]; }; services.esphome = { @@ -27,23 +26,28 @@ users.groups.dialout.members = config.users.groups.wheel.members; - environment.systemPackages = with pkgs; [ zigbee2mqtt ]; + services.mosquitto = { + enable = true; + }; - networking.firewall.allowedTCPPorts = [ - 1000 - 1001 - ]; + services.zigbee2mqtt = { + enable = true; + settings = { + home-assistant = config.services.home-assistant.enable; + permit_join = true; + serial = { + port = "/dev/ttyUSB0"; + }; + }; + }; + + networking.firewall.allowedTCPPorts = [ 8443 ]; services.caddy = { enable = true; virtualHosts = { - # reverse_proxy ${config.services.home-assistant.config.http.server_host}:${toString config.services.home-assistant.config.http.server_port} - "raspite.local:1000".extraConfig = '' - reverse_proxy http://[::1]:8123 - ''; - - "raspite.local:1001".extraConfig = '' - reverse_proxy ${config.services.esphome.address}:${toString config.services.esphome.port} + "raspite.coho-tet.ts.net".extraConfig = '' + reverse_proxy ${config.services.home-assistant.config.http.server_host}:${toString config.services.home-assistant.config.http.server_port} ''; }; }; From 013dcec3a43efc079f1f61bf5cad659b1d166948 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sun, 3 Nov 2024 22:26:50 +0800 Subject: [PATCH 03/10] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'catppuccin': 'github:catppuccin/nix/96cf8b4a05fb23a53c027621b1147b5cf9e5439f' (2024-10-08) → 'github:catppuccin/nix/191fbf2d81a63fad8f62f1233c0051f09b75d0ad' (2024-11-01) • Updated input 'home-manager': 'github:nix-community/home-manager/122f70545b29ccb922e655b08acfe05bfb44ec68' (2024-10-19) → 'github:nix-community/home-manager/8f6ca7855d409aeebe2a582c6fd6b6a8d0bf5661' (2024-11-03) • Updated input 'my-nixvim': 'git+https://git.xinyang.life/xin/nixvim?ref=refs/heads/master&rev=0df66b4ab6faf481b1a94dd2edef66eec8e1efde' (2024-10-14) → 'git+https://git.xinyang.life/xin/nixvim?ref=refs/heads/master&rev=a09d2b94efb5e2d801275a244eedaab0816f3702' (2024-11-03) • Updated input 'my-nixvim/flake-parts': 'github:hercules-ci/flake-parts/3d04084d54bedc3d6b8b736c70ef449225c361b1' (2024-10-01) → 'github:hercules-ci/flake-parts/506278e768c2a08bec68eb62932193e341f55c90' (2024-11-01) • Updated input 'my-nixvim/flake-parts/nixpkgs-lib': 'https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz?narHash=sha256-0xHYkMkeLVQAMa7gvkddbPqpxph%2BhDzdu1XdGPJR%2BOs%3D' (2024-10-01) → 'https://github.com/NixOS/nixpkgs/archive/cc2f28000298e1269cea6612cd06ec9979dd5d7f.tar.gz?narHash=sha256-lXvH/vOfb4aGYyvFmZK/HlsNsr/0CVWlwYvo2rxJk3s%3D' (2024-11-01) • Updated input 'my-nixvim/nixvim': 'github:nix-community/nixvim/619e24366e8ad34230d65a323d26ca981bfa6927' (2024-10-13) → 'github:nix-community/nixvim/6f210158b03b01a1fd44bf3968165e6da80635ce' (2024-11-02) • Updated input 'my-nixvim/nixvim/flake-parts': 'github:hercules-ci/flake-parts/3d04084d54bedc3d6b8b736c70ef449225c361b1' (2024-10-01) → 'github:hercules-ci/flake-parts/506278e768c2a08bec68eb62932193e341f55c90' (2024-11-01) • Updated input 'my-nixvim/nixvim/git-hooks': 'github:cachix/git-hooks.nix/eb74e0be24a11a1531b5b8659535580554d30b28' (2024-10-12) → 'github:cachix/git-hooks.nix/af8a16fe5c264f5e9e18bcee2859b40a656876cf' (2024-10-30) • Updated input 'my-nixvim/nixvim/home-manager': 'github:nix-community/home-manager/d57112db877f07387ce7104b5ac346ede556d2d7' (2024-10-12) → 'github:nix-community/home-manager/1743615b61c7285976f85b303a36cdf88a556503' (2024-11-01) • Updated input 'my-nixvim/nixvim/nix-darwin': 'github:lnl7/nix-darwin/48b50b3b137be5cfb9f4d006835ce7c3fe558ccc' (2024-10-08) → 'github:lnl7/nix-darwin/683d0c4cd1102dcccfa3f835565378c7f3cbe05e' (2024-11-01) • Updated input 'my-nixvim/nixvim/nixpkgs': 'github:NixOS/nixpkgs/5633bcff0c6162b9e4b5f1264264611e950c8ec7' (2024-10-09) → 'github:NixOS/nixpkgs/807e9154dcb16384b1b765ebe9cd2bba2ac287fd' (2024-10-29) • Updated input 'my-nixvim/nixvim/nuschtosSearch': 'github:NuschtOS/search/9578d865b081c29ae98131caf7d2f69a42f0ca6e' (2024-10-12) → 'github:NuschtOS/search/9e22bd742480916ff5d0ab20ca2522eaa3fa061e' (2024-11-02) • Added input 'my-nixvim/nixvim/nuschtosSearch/ixx': 'github:NuschtOS/ixx/65c207c92befec93e22086da9456d3906a4e999c' (2024-10-21) • Added input 'my-nixvim/nixvim/nuschtosSearch/ixx/flake-utils': follows 'my-nixvim/nixvim/nuschtosSearch/flake-utils' • Added input 'my-nixvim/nixvim/nuschtosSearch/ixx/nixpkgs': follows 'my-nixvim/nixvim/nuschtosSearch/nixpkgs' • Updated input 'my-nixvim/nixvim/treefmt-nix': 'github:numtide/treefmt-nix/4446c7a6fc0775df028c5a3f6727945ba8400e64' (2024-10-03) → 'github:numtide/treefmt-nix/746901bb8dba96d154b66492a29f5db0693dbfcc' (2024-10-30) • Updated input 'nix-index-database': 'github:Mic92/nix-index-database/04f8a11f247ba00263b060fbcdc95484fd046104' (2024-10-20) → 'github:Mic92/nix-index-database/cc2ddbf2df8ef7cc933543b1b42b845ee4772318' (2024-11-03) • Updated input 'nix-vscode-extensions': 'github:nix-community/nix-vscode-extensions/f4dd6d6b728a61095b944de1fbc58c5bbdc87320' (2024-10-20) → 'github:nix-community/nix-vscode-extensions/4a91ab65b7d145e15d1be7469f3bc2198f9c9185' (2024-11-03) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/38279034170b1e2929b2be33bdaedbf14a57bfeb' (2024-10-19) → 'github:NixOS/nixos-hardware/f6e0cd5c47d150c4718199084e5764f968f1b560' (2024-11-02) • Updated input 'nixpkgs': 'github:xinyangli/nixpkgs/5f7b4a8a49de5fb589a4f67f1ec888382312a490' (2024-10-14) → 'github:xinyangli/nixpkgs/90bca654ccbba5b6b357c0837ba4dc0b00f08e95' (2024-11-03) • Updated input 'nixpkgs-stable': 'github:nixos/nixpkgs/4eb33fe664af7b41a4c446f87d20c9a0a6321fa3' (2024-10-17) → 'github:nixos/nixpkgs/080166c15633801df010977d9d7474b4a6c549d7' (2024-10-30) • Updated input 'nur': 'github:nix-community/NUR/a05b041fff7a2e4872d361dc03025d0f4cadb2f6' (2024-10-20) → 'github:nix-community/NUR/004f4f8f2f56e8a649227638f1401d1e84697f04' (2024-11-03) • Updated input 'sops-nix': 'github:Mic92/sops-nix/c504fd7ac946d7a1b17944d73b261ca0a0b226a5' (2024-10-20) → 'github:Mic92/sops-nix/e9b5eef9b51cdf966c76143e13a9476725b2f760' (2024-11-03) • Updated input 'sops-nix/nixpkgs-stable': 'github:NixOS/nixpkgs/bb8c2cf7ea0dd2e18a52746b2c3a5b0c73b93c22' (2024-10-19) → 'github:NixOS/nixpkgs/3c2f1c4ca372622cb2f9de8016c9a0b1cbd0f37c' (2024-11-03) --- flake.lock | 161 ++++++++++++++++++++++++++++++++--------------------- 1 file changed, 96 insertions(+), 65 deletions(-) diff --git a/flake.lock b/flake.lock index 222391d..9420661 100644 --- a/flake.lock +++ b/flake.lock @@ -116,11 +116,11 @@ }, "catppuccin": { "locked": { - "lastModified": 1728407414, - "narHash": "sha256-B8LaxUP93eh+it8RW1pGq4SsU2kj7f0ipzFuhBvpON8=", + "lastModified": 1730458408, + "narHash": "sha256-JQ+SphQn13bdibKUrBBBznYehXX4xJrxD1ifBp6vSWw=", "owner": "catppuccin", "repo": "nix", - "rev": "96cf8b4a05fb23a53c027621b1147b5cf9e5439f", + "rev": "191fbf2d81a63fad8f62f1233c0051f09b75d0ad", "type": "github" }, "original": { @@ -245,11 +245,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1727826117, - "narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=", + "lastModified": 1730504689, + "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1", + "rev": "506278e768c2a08bec68eb62932193e341f55c90", "type": "github" }, "original": { @@ -267,11 +267,11 @@ ] }, "locked": { - "lastModified": 1727826117, - "narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=", + "lastModified": 1730504689, + "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1", + "rev": "506278e768c2a08bec68eb62932193e341f55c90", "type": "github" }, "original": { @@ -373,11 +373,11 @@ ] }, "locked": { - "lastModified": 1728727368, - "narHash": "sha256-7FMyNISP7K6XDSIt1NJxkXZnEdV3HZUXvFoBaJ/qdOg=", + "lastModified": 1730302582, + "narHash": "sha256-W1MIJpADXQCgosJZT8qBYLRuZls2KSiKdpnTVdKBuvU=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "eb74e0be24a11a1531b5b8659535580554d30b28", + "rev": "af8a16fe5c264f5e9e18bcee2859b40a656876cf", "type": "github" }, "original": { @@ -433,11 +433,11 @@ ] }, "locked": { - "lastModified": 1729321331, - "narHash": "sha256-KVyQq+ez/oB30/WbdNgVD8g/bda34z8NiU187QKQb74=", + "lastModified": 1730633670, + "narHash": "sha256-ZFJqIXpvVKvzOVFKWNRDyIyAo+GYdmEPaYi1bZB6uf0=", "owner": "nix-community", "repo": "home-manager", - "rev": "122f70545b29ccb922e655b08acfe05bfb44ec68", + "rev": "8f6ca7855d409aeebe2a582c6fd6b6a8d0bf5661", "type": "github" }, "original": { @@ -455,11 +455,11 @@ ] }, "locked": { - "lastModified": 1728726232, - "narHash": "sha256-8ZWr1HpciQsrFjvPMvZl0W+b0dilZOqXPoKa2Ux36bc=", + "lastModified": 1730490306, + "narHash": "sha256-AvCVDswOUM9D368HxYD25RsSKp+5o0L0/JHADjLoD38=", "owner": "nix-community", "repo": "home-manager", - "rev": "d57112db877f07387ce7104b5ac346ede556d2d7", + "rev": "1743615b61c7285976f85b303a36cdf88a556503", "type": "github" }, "original": { @@ -489,6 +489,36 @@ "type": "github" } }, + "ixx": { + "inputs": { + "flake-utils": [ + "my-nixvim", + "nixvim", + "nuschtosSearch", + "flake-utils" + ], + "nixpkgs": [ + "my-nixvim", + "nixvim", + "nuschtosSearch", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1729544999, + "narHash": "sha256-YcyJLvTmN6uLEBGCvYoMLwsinblXMkoYkNLEO4WnKus=", + "owner": "NuschtOS", + "repo": "ixx", + "rev": "65c207c92befec93e22086da9456d3906a4e999c", + "type": "github" + }, + "original": { + "owner": "NuschtOS", + "ref": "v0.0.5", + "repo": "ixx", + "type": "github" + } + }, "my-nixvim": { "inputs": { "flake-parts": "flake-parts", @@ -498,11 +528,11 @@ "nixvim": "nixvim" }, "locked": { - "lastModified": 1728878762, - "narHash": "sha256-aYYyuY+IM3d/5NbogZx7ctd8bfNmzHklNIwazSn3jx0=", + "lastModified": 1730642581, + "narHash": "sha256-Tcq+RnctJTm+TUr1fN3ivqYNcd1pJnHYzLDQdgUCX70=", "ref": "refs/heads/master", - "rev": "0df66b4ab6faf481b1a94dd2edef66eec8e1efde", - "revCount": 16, + "rev": "a09d2b94efb5e2d801275a244eedaab0816f3702", + "revCount": 18, "type": "git", "url": "https://git.xinyang.life/xin/nixvim" }, @@ -520,11 +550,11 @@ ] }, "locked": { - "lastModified": 1728385805, - "narHash": "sha256-mUd38b0vhB7yzgAjNOaFz7VY9xIVzlbn3P2wjGBcVV0=", + "lastModified": 1730448474, + "narHash": "sha256-qE/cYKBhzxHMtKtLK3hlSR3uzO1pWPGLrBuQK7r0CHc=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "48b50b3b137be5cfb9f4d006835ce7c3fe558ccc", + "rev": "683d0c4cd1102dcccfa3f835565378c7f3cbe05e", "type": "github" }, "original": { @@ -540,11 +570,11 @@ ] }, "locked": { - "lastModified": 1729394935, - "narHash": "sha256-2ntUG+NJKdfhlrh/tF+jOU0fOesO7lm5ZZVSYitsvH8=", + "lastModified": 1730604744, + "narHash": "sha256-/MK6QU4iOozJ4oHTfZipGtOgaT/uy/Jm4foCqHQeYR4=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "04f8a11f247ba00263b060fbcdc95484fd046104", + "rev": "cc2ddbf2df8ef7cc933543b1b42b845ee4772318", "type": "github" }, "original": { @@ -564,11 +594,11 @@ ] }, "locked": { - "lastModified": 1729389220, - "narHash": "sha256-vHCkVYWrw03vn48Yihor5PXiSuxDSF1TcyO2kAs1Ehg=", + "lastModified": 1730598859, + "narHash": "sha256-fsLKI8Bc+ONTcPEVL8L84d7fWOGCbOHILJlZ+JEt+XI=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "f4dd6d6b728a61095b944de1fbc58c5bbdc87320", + "rev": "4a91ab65b7d145e15d1be7469f3bc2198f9c9185", "type": "github" }, "original": { @@ -579,11 +609,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1729333370, - "narHash": "sha256-NU+tYe3QWzDNpB8RagpqR3hNQXn4BNuBd7ZGosMHLL8=", + "lastModified": 1730537918, + "narHash": "sha256-GJB1/aaTnAtt9sso/EQ77TAGJ/rt6uvlP0RqZFnWue8=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "38279034170b1e2929b2be33bdaedbf14a57bfeb", + "rev": "f6e0cd5c47d150c4718199084e5764f968f1b560", "type": "github" }, "original": { @@ -595,11 +625,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1728492678, - "narHash": "sha256-9UTxR8eukdg+XZeHgxW5hQA9fIKHsKCdOIUycTryeVw=", + "lastModified": 1730200266, + "narHash": "sha256-l253w0XMT8nWHGXuXqyiIC/bMvh1VRszGXgdpQlfhvU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5633bcff0c6162b9e4b5f1264264611e950c8ec7", + "rev": "807e9154dcb16384b1b765ebe9cd2bba2ac287fd", "type": "github" }, "original": { @@ -611,23 +641,23 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1727825735, - "narHash": "sha256-0xHYkMkeLVQAMa7gvkddbPqpxph+hDzdu1XdGPJR+Os=", + "lastModified": 1730504152, + "narHash": "sha256-lXvH/vOfb4aGYyvFmZK/HlsNsr/0CVWlwYvo2rxJk3s=", "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz" + "url": "https://github.com/NixOS/nixpkgs/archive/cc2f28000298e1269cea6612cd06ec9979dd5d7f.tar.gz" }, "original": { "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz" + "url": "https://github.com/NixOS/nixpkgs/archive/cc2f28000298e1269cea6612cd06ec9979dd5d7f.tar.gz" } }, "nixpkgs-stable": { "locked": { - "lastModified": 1729181673, - "narHash": "sha256-LDiPhQ3l+fBjRATNtnuDZsBS7hqoBtPkKBkhpoBHv3I=", + "lastModified": 1730327045, + "narHash": "sha256-xKel5kd1AbExymxoIfQ7pgcX6hjw9jCgbiBjiUfSVJ8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4eb33fe664af7b41a4c446f87d20c9a0a6321fa3", + "rev": "080166c15633801df010977d9d7474b4a6c549d7", "type": "github" }, "original": { @@ -639,11 +669,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1729357638, - "narHash": "sha256-66RHecx+zohbZwJVEPF7uuwHeqf8rykZTMCTqIrOew4=", + "lastModified": 1730602179, + "narHash": "sha256-efgLzQAWSzJuCLiCaQUCDu4NudNlHdg2NzGLX5GYaEY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "bb8c2cf7ea0dd2e18a52746b2c3a5b0c73b93c22", + "rev": "3c2f1c4ca372622cb2f9de8016c9a0b1cbd0f37c", "type": "github" }, "original": { @@ -655,11 +685,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1728876479, - "narHash": "sha256-tjVsONpCYX+pOBqpnLsNOcd9DpbzG2Tnm8K/lgTqQc8=", + "lastModified": 1730642354, + "narHash": "sha256-7XLksCRglrOlTvmmTKLFKEsrMe4O7AdHsZZ/C/pF3bA=", "owner": "xinyangli", "repo": "nixpkgs", - "rev": "5f7b4a8a49de5fb589a4f67f1ec888382312a490", + "rev": "90bca654ccbba5b6b357c0837ba4dc0b00f08e95", "type": "github" }, "original": { @@ -698,11 +728,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1728829992, - "narHash": "sha256-722PdOQ4uTTAOyS3Ze4H7LXDNVi9FecKbLEvj3Qu0hM=", + "lastModified": 1730569492, + "narHash": "sha256-NByr7l7JetL9kIrdCOcRqBu+lAkruYXETp1DMiDHNQs=", "owner": "nix-community", "repo": "nixvim", - "rev": "619e24366e8ad34230d65a323d26ca981bfa6927", + "rev": "6f210158b03b01a1fd44bf3968165e6da80635ce", "type": "github" }, "original": { @@ -713,11 +743,11 @@ }, "nur": { "locked": { - "lastModified": 1729400812, - "narHash": "sha256-9o1t9ZOK9TH0N8HhoBzJ5jbg8jy72qM45xJ4QyffBvM=", + "lastModified": 1730637657, + "narHash": "sha256-7AytYxxgajveX29o9LKKgEDR5VxOHJl1NtiZY0hNXQA=", "owner": "nix-community", "repo": "NUR", - "rev": "a05b041fff7a2e4872d361dc03025d0f4cadb2f6", + "rev": "004f4f8f2f56e8a649227638f1401d1e84697f04", "type": "github" }, "original": { @@ -729,6 +759,7 @@ "nuschtosSearch": { "inputs": { "flake-utils": "flake-utils_2", + "ixx": "ixx", "nixpkgs": [ "my-nixvim", "nixvim", @@ -736,11 +767,11 @@ ] }, "locked": { - "lastModified": 1728701796, - "narHash": "sha256-FTDCOUnq+gdnHC3p5eisv1X1mMtKJDNMegwpZjRzQKY=", + "lastModified": 1730515563, + "narHash": "sha256-8lklUZRV7nwkPLF3roxzi4C2oyLydDXyAzAnDvjkOms=", "owner": "NuschtOS", "repo": "search", - "rev": "9578d865b081c29ae98131caf7d2f69a42f0ca6e", + "rev": "9e22bd742480916ff5d0ab20ca2522eaa3fa061e", "type": "github" }, "original": { @@ -774,11 +805,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1729394972, - "narHash": "sha256-fADlzOzcSaGsrO+THUZ8SgckMMc7bMQftztKFCLVcFI=", + "lastModified": 1730605784, + "narHash": "sha256-1NveNAMLHbxOg0BpBMSVuZ2yW2PpDnZLbZ25wV50PMc=", "owner": "Mic92", "repo": "sops-nix", - "rev": "c504fd7ac946d7a1b17944d73b261ca0a0b226a5", + "rev": "e9b5eef9b51cdf966c76143e13a9476725b2f760", "type": "github" }, "original": { @@ -871,11 +902,11 @@ ] }, "locked": { - "lastModified": 1727984844, - "narHash": "sha256-xpRqITAoD8rHlXQafYZOLvUXCF6cnZkPfoq67ThN0Hc=", + "lastModified": 1730321837, + "narHash": "sha256-vK+a09qq19QNu2MlLcvN4qcRctJbqWkX7ahgPZ/+maI=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "4446c7a6fc0775df028c5a3f6727945ba8400e64", + "rev": "746901bb8dba96d154b66492a29f5db0693dbfcc", "type": "github" }, "original": { From a910cae2dd6ba192d77fdf508f7a6a6ab1a9f3b8 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Mon, 4 Nov 2024 10:06:06 +0800 Subject: [PATCH 04/10] fixup! flake.lock: Update --- home/xin/calcite.nix | 2 +- machines/calcite/configuration.nix | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/home/xin/calcite.nix b/home/xin/calcite.nix index 20b90e6..b90e361 100644 --- a/home/xin/calcite.nix +++ b/home/xin/calcite.nix @@ -29,7 +29,7 @@ }; home.packages = with pkgs; [ - betterbird + thunderbird remmina ]; diff --git a/machines/calcite/configuration.nix b/machines/calcite/configuration.nix index 4601e8c..7fa91d2 100644 --- a/machines/calcite/configuration.nix +++ b/machines/calcite/configuration.nix @@ -225,6 +225,8 @@ # ==== GUI Softwares ==== # + eudic + # Gnome tweaks gnomeExtensions.paperwm gnomeExtensions.search-light @@ -348,11 +350,11 @@ fontconfig = { defaultFonts = { serif = [ - "Noto Serif CJK SC" + "Source Han Serif SC" "Ubuntu" ]; sansSerif = [ - "Noto Sans CJK SC" + "Source Han Sans SC" "Ubuntu" ]; monospace = [ From d3fd04c073cd2ce4209a420b044b2952fba48b6e Mon Sep 17 00:00:00 2001 From: xinyangli Date: Wed, 6 Nov 2024 17:52:53 +0800 Subject: [PATCH 05/10] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/8f6ca7855d409aeebe2a582c6fd6b6a8d0bf5661?narHash=sha256-ZFJqIXpvVKvzOVFKWNRDyIyAo%2BGYdmEPaYi1bZB6uf0%3D' (2024-11-03) → 'github:nix-community/home-manager/2f607e07f3ac7e53541120536708e824acccfaa8?narHash=sha256-0kZL4m%2BbKBJUBQse0HanewWO0g8hDdCvBhudzxgehqc%3D' (2024-11-05) • Updated input 'nix-vscode-extensions': 'github:nix-community/nix-vscode-extensions/4a91ab65b7d145e15d1be7469f3bc2198f9c9185?narHash=sha256-fsLKI8Bc%2BONTcPEVL8L84d7fWOGCbOHILJlZ%2BJEt%2BXI%3D' (2024-11-03) → 'github:nix-community/nix-vscode-extensions/b3690ec13c5fe8dba550b1f6f4c3f0acc0f86cee?narHash=sha256-94IqaCMuMtLcdPabzzwyDOCEebt9LFqvgznDnVtsq7c%3D' (2024-11-06) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/f6e0cd5c47d150c4718199084e5764f968f1b560?narHash=sha256-GJB1/aaTnAtt9sso/EQ77TAGJ/rt6uvlP0RqZFnWue8%3D' (2024-11-02) → 'github:NixOS/nixos-hardware/12ad8c1bf13ff15ffa6afe82c59b4af0b9226035?narHash=sha256-VK7LkfdcpUi8tqcgMIYY2jejDh4O3MNw9An0FcKveRQ%3D' (2024-11-06) • Updated input 'nixpkgs': 'github:xinyangli/nixpkgs/90bca654ccbba5b6b357c0837ba4dc0b00f08e95?narHash=sha256-7XLksCRglrOlTvmmTKLFKEsrMe4O7AdHsZZ/C/pF3bA%3D' (2024-11-03) → 'github:xinyangli/nixpkgs/bb79ee9b6d87561bdbc8cedffc9969c7dd6a1eb0?narHash=sha256-CEWpfRT1kF6YjNsHEnF33mbz5wtWlzn4eKzEYsdx%2B5A%3D' (2024-11-06) • Updated input 'nixpkgs-stable': 'github:nixos/nixpkgs/080166c15633801df010977d9d7474b4a6c549d7?narHash=sha256-xKel5kd1AbExymxoIfQ7pgcX6hjw9jCgbiBjiUfSVJ8%3D' (2024-10-30) → 'github:nixos/nixpkgs/d063c1dd113c91ab27959ba540c0d9753409edf3?narHash=sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo%3D' (2024-11-04) • Updated input 'nur': 'github:nix-community/NUR/004f4f8f2f56e8a649227638f1401d1e84697f04?narHash=sha256-7AytYxxgajveX29o9LKKgEDR5VxOHJl1NtiZY0hNXQA%3D' (2024-11-03) → 'github:nix-community/NUR/c0d8828600ef47d475e6ec33513bf9af6eb6b991?narHash=sha256-UPrBEY0No1O3ULb67xYjRh2r3u7MnZovfo1oYSPCIxI%3D' (2024-11-06) • Updated input 'sops-nix': 'github:Mic92/sops-nix/e9b5eef9b51cdf966c76143e13a9476725b2f760?narHash=sha256-1NveNAMLHbxOg0BpBMSVuZ2yW2PpDnZLbZ25wV50PMc%3D' (2024-11-03) → 'github:Mic92/sops-nix/c5ae1e214ff935f2d3593187a131becb289ea639?narHash=sha256-pvXMOJIqRW0trsW%2BFzRMl6d5PbsM4rWfD5lcKCOrrwI%3D' (2024-11-06) --- flake.lock | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/flake.lock b/flake.lock index 9420661..8a83374 100644 --- a/flake.lock +++ b/flake.lock @@ -433,11 +433,11 @@ ] }, "locked": { - "lastModified": 1730633670, - "narHash": "sha256-ZFJqIXpvVKvzOVFKWNRDyIyAo+GYdmEPaYi1bZB6uf0=", + "lastModified": 1730837930, + "narHash": "sha256-0kZL4m+bKBJUBQse0HanewWO0g8hDdCvBhudzxgehqc=", "owner": "nix-community", "repo": "home-manager", - "rev": "8f6ca7855d409aeebe2a582c6fd6b6a8d0bf5661", + "rev": "2f607e07f3ac7e53541120536708e824acccfaa8", "type": "github" }, "original": { @@ -594,11 +594,11 @@ ] }, "locked": { - "lastModified": 1730598859, - "narHash": "sha256-fsLKI8Bc+ONTcPEVL8L84d7fWOGCbOHILJlZ+JEt+XI=", + "lastModified": 1730857608, + "narHash": "sha256-94IqaCMuMtLcdPabzzwyDOCEebt9LFqvgznDnVtsq7c=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "4a91ab65b7d145e15d1be7469f3bc2198f9c9185", + "rev": "b3690ec13c5fe8dba550b1f6f4c3f0acc0f86cee", "type": "github" }, "original": { @@ -609,11 +609,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1730537918, - "narHash": "sha256-GJB1/aaTnAtt9sso/EQ77TAGJ/rt6uvlP0RqZFnWue8=", + "lastModified": 1730874081, + "narHash": "sha256-VK7LkfdcpUi8tqcgMIYY2jejDh4O3MNw9An0FcKveRQ=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "f6e0cd5c47d150c4718199084e5764f968f1b560", + "rev": "12ad8c1bf13ff15ffa6afe82c59b4af0b9226035", "type": "github" }, "original": { @@ -653,11 +653,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1730327045, - "narHash": "sha256-xKel5kd1AbExymxoIfQ7pgcX6hjw9jCgbiBjiUfSVJ8=", + "lastModified": 1730741070, + "narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=", "owner": "nixos", "repo": "nixpkgs", - "rev": "080166c15633801df010977d9d7474b4a6c549d7", + "rev": "d063c1dd113c91ab27959ba540c0d9753409edf3", "type": "github" }, "original": { @@ -685,11 +685,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1730642354, - "narHash": "sha256-7XLksCRglrOlTvmmTKLFKEsrMe4O7AdHsZZ/C/pF3bA=", + "lastModified": 1730886641, + "narHash": "sha256-CEWpfRT1kF6YjNsHEnF33mbz5wtWlzn4eKzEYsdx+5A=", "owner": "xinyangli", "repo": "nixpkgs", - "rev": "90bca654ccbba5b6b357c0837ba4dc0b00f08e95", + "rev": "bb79ee9b6d87561bdbc8cedffc9969c7dd6a1eb0", "type": "github" }, "original": { @@ -743,11 +743,11 @@ }, "nur": { "locked": { - "lastModified": 1730637657, - "narHash": "sha256-7AytYxxgajveX29o9LKKgEDR5VxOHJl1NtiZY0hNXQA=", + "lastModified": 1730885145, + "narHash": "sha256-UPrBEY0No1O3ULb67xYjRh2r3u7MnZovfo1oYSPCIxI=", "owner": "nix-community", "repo": "NUR", - "rev": "004f4f8f2f56e8a649227638f1401d1e84697f04", + "rev": "c0d8828600ef47d475e6ec33513bf9af6eb6b991", "type": "github" }, "original": { @@ -805,11 +805,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1730605784, - "narHash": "sha256-1NveNAMLHbxOg0BpBMSVuZ2yW2PpDnZLbZ25wV50PMc=", + "lastModified": 1730883027, + "narHash": "sha256-pvXMOJIqRW0trsW+FzRMl6d5PbsM4rWfD5lcKCOrrwI=", "owner": "Mic92", "repo": "sops-nix", - "rev": "e9b5eef9b51cdf966c76143e13a9476725b2f760", + "rev": "c5ae1e214ff935f2d3593187a131becb289ea639", "type": "github" }, "original": { From 014ccdefcc465b8cb8e340b263b7dbafed7dee83 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Thu, 7 Nov 2024 14:21:06 +0800 Subject: [PATCH 06/10] overlays: bump ocis --- overlays/pkgs/ocis/package.nix | 85 ++++++++++++++++++++++++++++++++++ overlays/pkgs/ocis/web.nix | 2 +- 2 files changed, 86 insertions(+), 1 deletion(-) create mode 100644 overlays/pkgs/ocis/package.nix diff --git a/overlays/pkgs/ocis/package.nix b/overlays/pkgs/ocis/package.nix new file mode 100644 index 0000000..5ead795 --- /dev/null +++ b/overlays/pkgs/ocis/package.nix @@ -0,0 +1,85 @@ +{ + lib, + stdenvNoCC, + callPackage, + fetchFromGitHub, + buildGoModule, + gnumake, + pnpm, + nodejs, +}: +let + web = callPackage ./web.nix { }; + idp-assets = stdenvNoCC.mkDerivation { + pname = "idp-assets"; + version = "0-unstable-2020-10-14"; + src = fetchFromGitHub { + owner = "owncloud"; + repo = "assets"; + rev = "e8b6aeadbcee1865b9df682e9bd78083842d2b5c"; + hash = "sha256-PzGff2Zx8xmvPYQa4lS4yz2h+y/lerKvUZkYI7XvAUw="; + }; + installPhase = '' + mkdir -p $out/share + cp logo.svg favicon.ico $out/share/ + ''; + dontConfigure = true; + dontBuild = true; + dontFixup = true; + }; +in +buildGoModule rec { + pname = "ocis"; + version = "v5.0.7"; + + vendorHash = null; + + src = fetchFromGitHub { + owner = "owncloud"; + repo = "ocis"; + rev = version; + hash = "sha256-vCEr7UCGEPm0x04U8DpsUNz9c64ZSEIK4SDcitCIDCw="; + }; + + nativeBuildInputs = [ + gnumake + nodejs + pnpm.configHook + ]; + + pnpmDeps = pnpm.fetchDeps { + inherit pname version src; + sourceRoot = "${src.name}/services/idp"; + hash = "sha256-gNlN+u/bobnTsXrsOmkDcWs67D/trH3inT5AVQs3Brs="; + }; + pnpmRoot = "services/idp"; + + buildPhase = '' + runHook preBuild + cp -r ${web}/share/* services/web/assets/ + pnpm -C services/idp build + + mkdir -p services/idp/assets/identifier/static + cp -r ${idp-assets}/share/* services/idp/assets/identifier/static/ + + make -C ocis VERSION=${version} DATE=${version} build + runHook postBuild + ''; + + installPhase = '' + mkdir -p $out/bin/ + cp ocis/bin/ocis $out/bin/ + ''; + + passthru = { + inherit web; + }; + + meta = with lib; { + homepage = "https://github.com/owncloud/ocis"; + description = "ownCloud Infinite Scale Stack"; + mainProgram = "ocis"; + license = licenses.asl20; + maintainers = with maintainers; [ xinyangli ]; + }; +} diff --git a/overlays/pkgs/ocis/web.nix b/overlays/pkgs/ocis/web.nix index d28340c..1b44901 100644 --- a/overlays/pkgs/ocis/web.nix +++ b/overlays/pkgs/ocis/web.nix @@ -31,7 +31,7 @@ stdenvNoCC.mkDerivation rec { pnpmDeps = pnpm.fetchDeps { inherit pname version src; - hash = "sha256-m6yGqUmDor5273JsAlKs52Ug+bc3uhpI8F+MUhULAh4="; + hash = "sha256-3Erva6srdkX1YQ727trx34Ufx524nz19MUyaDQToz6M="; }; meta = with lib; { From e6d8aa552275fa10136ea58b9e18f97a02770849 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Thu, 7 Nov 2024 14:37:52 +0800 Subject: [PATCH 07/10] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nix-vscode-extensions': 'github:nix-community/nix-vscode-extensions/b3690ec13c5fe8dba550b1f6f4c3f0acc0f86cee?narHash=sha256-94IqaCMuMtLcdPabzzwyDOCEebt9LFqvgznDnVtsq7c%3D' (2024-11-06) → 'github:nix-community/nix-vscode-extensions/0a959b25ff573f079ed032f88d8c988561b96a96?narHash=sha256-DIYTHa57pQQc9ARiMpJWYkaoiTaQPLH7Y4qK0J10Khk%3D' (2024-11-07) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/12ad8c1bf13ff15ffa6afe82c59b4af0b9226035?narHash=sha256-VK7LkfdcpUi8tqcgMIYY2jejDh4O3MNw9An0FcKveRQ%3D' (2024-11-06) → 'github:NixOS/nixos-hardware/e1cc1f6483393634aee94514186d21a4871e78d7?narHash=sha256-yMO0T0QJlmT/x4HEyvrCyigGrdYfIXX3e5gWqB64wLg%3D' (2024-11-06) • Updated input 'nixpkgs': 'github:xinyangli/nixpkgs/bb79ee9b6d87561bdbc8cedffc9969c7dd6a1eb0?narHash=sha256-CEWpfRT1kF6YjNsHEnF33mbz5wtWlzn4eKzEYsdx%2B5A%3D' (2024-11-06) → 'github:xinyangli/nixpkgs/82596c07592c14102071f72488ace046aa8e93a9?narHash=sha256-WrHPXxaPWDqu5r/546jf1pdfvEEuf0CIPuo7HjRLDdU%3D' (2024-11-07) • Updated input 'nur': 'github:nix-community/NUR/c0d8828600ef47d475e6ec33513bf9af6eb6b991?narHash=sha256-UPrBEY0No1O3ULb67xYjRh2r3u7MnZovfo1oYSPCIxI%3D' (2024-11-06) → 'github:nix-community/NUR/bc4d2a3b71c75d81cc247b1bf991b63f75358004?narHash=sha256-UZ6oSptjE04ooORHvvR%2BkiGnr/nhzWgYwGryxUkKAv0%3D' (2024-11-07) --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 8a83374..b7e6d97 100644 --- a/flake.lock +++ b/flake.lock @@ -594,11 +594,11 @@ ] }, "locked": { - "lastModified": 1730857608, - "narHash": "sha256-94IqaCMuMtLcdPabzzwyDOCEebt9LFqvgznDnVtsq7c=", + "lastModified": 1730944043, + "narHash": "sha256-DIYTHa57pQQc9ARiMpJWYkaoiTaQPLH7Y4qK0J10Khk=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "b3690ec13c5fe8dba550b1f6f4c3f0acc0f86cee", + "rev": "0a959b25ff573f079ed032f88d8c988561b96a96", "type": "github" }, "original": { @@ -609,11 +609,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1730874081, - "narHash": "sha256-VK7LkfdcpUi8tqcgMIYY2jejDh4O3MNw9An0FcKveRQ=", + "lastModified": 1730919458, + "narHash": "sha256-yMO0T0QJlmT/x4HEyvrCyigGrdYfIXX3e5gWqB64wLg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "12ad8c1bf13ff15ffa6afe82c59b4af0b9226035", + "rev": "e1cc1f6483393634aee94514186d21a4871e78d7", "type": "github" }, "original": { @@ -685,11 +685,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1730886641, - "narHash": "sha256-CEWpfRT1kF6YjNsHEnF33mbz5wtWlzn4eKzEYsdx+5A=", + "lastModified": 1730961289, + "narHash": "sha256-WrHPXxaPWDqu5r/546jf1pdfvEEuf0CIPuo7HjRLDdU=", "owner": "xinyangli", "repo": "nixpkgs", - "rev": "bb79ee9b6d87561bdbc8cedffc9969c7dd6a1eb0", + "rev": "82596c07592c14102071f72488ace046aa8e93a9", "type": "github" }, "original": { @@ -743,11 +743,11 @@ }, "nur": { "locked": { - "lastModified": 1730885145, - "narHash": "sha256-UPrBEY0No1O3ULb67xYjRh2r3u7MnZovfo1oYSPCIxI=", + "lastModified": 1730959878, + "narHash": "sha256-UZ6oSptjE04ooORHvvR+kiGnr/nhzWgYwGryxUkKAv0=", "owner": "nix-community", "repo": "NUR", - "rev": "c0d8828600ef47d475e6ec33513bf9af6eb6b991", + "rev": "bc4d2a3b71c75d81cc247b1bf991b63f75358004", "type": "github" }, "original": { From 2864fe9f87980109fe0ddb32d9ac997450363312 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Thu, 7 Nov 2024 14:38:35 +0800 Subject: [PATCH 08/10] fixup! flake.lock: Update --- overlays/add-pkgs.nix | 1 - overlays/pkgs/ocis/default.nix | 85 ---------------------------------- overlays/pkgs/ocis/package.nix | 85 ---------------------------------- overlays/pkgs/ocis/web.nix | 40 ---------------- 4 files changed, 211 deletions(-) delete mode 100644 overlays/pkgs/ocis/default.nix delete mode 100644 overlays/pkgs/ocis/package.nix delete mode 100644 overlays/pkgs/ocis/web.nix diff --git a/overlays/add-pkgs.nix b/overlays/add-pkgs.nix index 65b2131..35b6981 100644 --- a/overlays/add-pkgs.nix +++ b/overlays/add-pkgs.nix @@ -1,4 +1,3 @@ (final: prev: { oidc-agent = prev.callPackage ./pkgs/oidc-agent { }; - ocis = prev.callPackage ./pkgs/ocis { }; }) diff --git a/overlays/pkgs/ocis/default.nix b/overlays/pkgs/ocis/default.nix deleted file mode 100644 index 1f1aade..0000000 --- a/overlays/pkgs/ocis/default.nix +++ /dev/null @@ -1,85 +0,0 @@ -{ - lib, - stdenvNoCC, - callPackage, - fetchFromGitHub, - buildGoModule, - gnumake, - pnpm, - nodejs, -}: -let - web = callPackage ./web.nix { }; - idp-assets = stdenvNoCC.mkDerivation { - pname = "idp-assets"; - version = "0-unstable-2020-10-14"; - src = fetchFromGitHub { - owner = "owncloud"; - repo = "assets"; - rev = "e8b6aeadbcee1865b9df682e9bd78083842d2b5c"; - hash = "sha256-PzGff2Zx8xmvPYQa4lS4yz2h+y/lerKvUZkYI7XvAUw="; - }; - installPhase = '' - mkdir -p $out/share - cp logo.svg favicon.ico $out/share/ - ''; - dontConfigure = true; - dontBuild = true; - dontFixup = true; - }; -in -buildGoModule rec { - pname = "ocis"; - version = "v5.0.7"; - - vendorHash = null; - - src = fetchFromGitHub { - owner = "owncloud"; - repo = "ocis"; - rev = version; - hash = "sha256-vCEr7UCGEPm0x04U8DpsUNz9c64ZSEIK4SDcitCIDCw="; - }; - - nativeBuildInputs = [ - gnumake - nodejs - pnpm.configHook - ]; - - pnpmDeps = pnpm.fetchDeps { - inherit pname version src; - sourceRoot = "${src.name}/services/idp"; - hash = "sha256-ojrgoyl+xBsgEsx3d3gv5Wf6ziabHoFkEpAoDZcYavo="; - }; - pnpmRoot = "services/idp"; - - buildPhase = '' - runHook preBuild - cp -r ${web}/share/* services/web/assets/ - pnpm -C services/idp build - - mkdir -p services/idp/assets/identifier/static - cp -r ${idp-assets}/share/* services/idp/assets/identifier/static/ - - make -C ocis VERSION=${version} DATE=${version} build - runHook postBuild - ''; - - installPhase = '' - mkdir -p $out/bin/ - cp ocis/bin/ocis $out/bin/ - ''; - - passthru = { - inherit web; - }; - - meta = with lib; { - homepage = "https://github.com/owncloud/ocis"; - description = "ownCloud Infinite Scale Stack"; - mainProgram = "ocis"; - license = licenses.asl20; - maintainers = with maintainers; [ xinyangli ]; - }; -} diff --git a/overlays/pkgs/ocis/package.nix b/overlays/pkgs/ocis/package.nix deleted file mode 100644 index 5ead795..0000000 --- a/overlays/pkgs/ocis/package.nix +++ /dev/null @@ -1,85 +0,0 @@ -{ - lib, - stdenvNoCC, - callPackage, - fetchFromGitHub, - buildGoModule, - gnumake, - pnpm, - nodejs, -}: -let - web = callPackage ./web.nix { }; - idp-assets = stdenvNoCC.mkDerivation { - pname = "idp-assets"; - version = "0-unstable-2020-10-14"; - src = fetchFromGitHub { - owner = "owncloud"; - repo = "assets"; - rev = "e8b6aeadbcee1865b9df682e9bd78083842d2b5c"; - hash = "sha256-PzGff2Zx8xmvPYQa4lS4yz2h+y/lerKvUZkYI7XvAUw="; - }; - installPhase = '' - mkdir -p $out/share - cp logo.svg favicon.ico $out/share/ - ''; - dontConfigure = true; - dontBuild = true; - dontFixup = true; - }; -in -buildGoModule rec { - pname = "ocis"; - version = "v5.0.7"; - - vendorHash = null; - - src = fetchFromGitHub { - owner = "owncloud"; - repo = "ocis"; - rev = version; - hash = "sha256-vCEr7UCGEPm0x04U8DpsUNz9c64ZSEIK4SDcitCIDCw="; - }; - - nativeBuildInputs = [ - gnumake - nodejs - pnpm.configHook - ]; - - pnpmDeps = pnpm.fetchDeps { - inherit pname version src; - sourceRoot = "${src.name}/services/idp"; - hash = "sha256-gNlN+u/bobnTsXrsOmkDcWs67D/trH3inT5AVQs3Brs="; - }; - pnpmRoot = "services/idp"; - - buildPhase = '' - runHook preBuild - cp -r ${web}/share/* services/web/assets/ - pnpm -C services/idp build - - mkdir -p services/idp/assets/identifier/static - cp -r ${idp-assets}/share/* services/idp/assets/identifier/static/ - - make -C ocis VERSION=${version} DATE=${version} build - runHook postBuild - ''; - - installPhase = '' - mkdir -p $out/bin/ - cp ocis/bin/ocis $out/bin/ - ''; - - passthru = { - inherit web; - }; - - meta = with lib; { - homepage = "https://github.com/owncloud/ocis"; - description = "ownCloud Infinite Scale Stack"; - mainProgram = "ocis"; - license = licenses.asl20; - maintainers = with maintainers; [ xinyangli ]; - }; -} diff --git a/overlays/pkgs/ocis/web.nix b/overlays/pkgs/ocis/web.nix deleted file mode 100644 index 1b44901..0000000 --- a/overlays/pkgs/ocis/web.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ - lib, - stdenvNoCC, - nodejs, - pnpm, - fetchFromGitHub, -}: -stdenvNoCC.mkDerivation rec { - pname = "ocis-web"; - version = "v8.0.5"; - - src = fetchFromGitHub { - owner = "owncloud"; - repo = "web"; - rev = version; - hash = "sha256-hupdtK/V74+X7/eXoDmUjFvSKuhnoOtNQz7o6TLJXG4="; - }; - - nativeBuildInputs = [ pnpm.configHook ]; - - buildInputs = [ nodejs ]; - - buildPhase = '' - pnpm build - ''; - - installPhase = '' - mkdir -p $out/share - cp -r dist/* $out/share/ - ''; - - pnpmDeps = pnpm.fetchDeps { - inherit pname version src; - hash = "sha256-3Erva6srdkX1YQ727trx34Ufx524nz19MUyaDQToz6M="; - }; - - meta = with lib; { - license = [ licenses.agpl3Only ]; - }; -} From 9071e9af7835633dee7f1c890867905df53c523c Mon Sep 17 00:00:00 2001 From: xinyangli Date: Wed, 16 Oct 2024 17:05:21 +0800 Subject: [PATCH 09/10] weilite/immich: enable machine learning --- machines/weilite/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/machines/weilite/default.nix b/machines/weilite/default.nix index ea52862..2fdacc1 100644 --- a/machines/weilite/default.nix +++ b/machines/weilite/default.nix @@ -108,9 +108,9 @@ host = "127.0.0.1"; port = 3001; openFirewall = true; - machine-learning.enable = false; + machine-learning.enable = true; environment = { - IMMICH_MACHINE_LEARNING_ENABLED = "false"; + IMMICH_MACHINE_LEARNING_ENABLED = "true"; }; database.enable = true; }; From bd2004199f5aa90930d5b3d01c760859e84550db Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sun, 20 Oct 2024 10:23:46 +0800 Subject: [PATCH 10/10] dolomite: add hk-00 node --- .sops.yaml | 7 ++ flake.nix | 14 ++++ machines/dolomite/claw.nix | 57 +++++++++++++++ machines/dolomite/default.nix | 3 + machines/dolomite/secrets/hk-00.yaml | 31 ++++++++ machines/secrets.yaml | 103 +++++++++++++++------------ 6 files changed, 168 insertions(+), 47 deletions(-) create mode 100644 machines/dolomite/claw.nix create mode 100644 machines/dolomite/secrets/hk-00.yaml diff --git a/.sops.yaml b/.sops.yaml index a716cb1..79707f1 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -7,6 +7,7 @@ keys: - &host-la-00 age1fw2sqaa5s9c8ml6ncsexkj8ar4288387ju92ytjys4awf9aw6smqqz94dh - &host-massicot age1jle2auermhswqtehww9gqada8car5aczrx43ztzqf9wtcld0sfmqzaecta - &host-weilite age17r3fxfmt6hgwe984w4lds9u0cnkf5ttq8hnqt800ayfmx7t8t5gqjddyml + - &host-hk-00 age1w3x5mz2g8jc9aq8cajdpg62f8n5p4qr6jgjlxw9seagyw0t0fsuqvkmym0 creation_rules: - path_regex: machines/calcite/secrets.yaml key_groups: @@ -38,6 +39,11 @@ creation_rules: - age: - *xin - *host-la-00 + - path_regex: machines/dolomite/secrets/hk-00.yaml + key_groups: + - age: + - *xin + - *host-hk-00 - path-regex: machines/weilite/secrets.yaml key_groups: - age: @@ -52,6 +58,7 @@ creation_rules: - *host-sgp-00 - *host-tok-00 - *host-la-00 + - *host-hk-00 - *host-massicot - path_regex: home/xin/secrets.yaml key_groups: diff --git a/flake.nix b/flake.nix index e8700a4..7bc10db 100644 --- a/flake.nix +++ b/flake.nix @@ -204,6 +204,20 @@ }; }; + hk-00 = + { ... }: + { + imports = [ machines/dolomite ] ++ sharedColmenaModules; + nixpkgs.system = "x86_64-linux"; + networking.hostName = "hk-00"; + system.stateVersion = "24.05"; + deployment = { + targetHost = "hk-00.video.namely.icu"; + buildOnTarget = false; + tags = [ "proxy" ]; + }; + }; + raspite = { ... }: { diff --git a/machines/dolomite/claw.nix b/machines/dolomite/claw.nix new file mode 100644 index 0000000..82bad29 --- /dev/null +++ b/machines/dolomite/claw.nix @@ -0,0 +1,57 @@ +{ + lib, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + options = { + isClaw = lib.mkEnableOption "Lightsail instance"; + }; + + config = { + boot.initrd.availableKernelModules = [ + "uhci_hcd" + "virtio_blk" + "ahci" + "ata_piix" + "virtio_pci" + "xen_blkfront" + "vmw_pvscsi" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + boot.loader.grub = { + enable = true; + device = "/dev/vda"; + }; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/fe563e38-9a57-447a-ba57-c3e53ddd84ee"; + fsType = "ext4"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useNetworkd = true; + systemd.network.networks."10-wan" = { + matchConfig.MACAddress = "00:16:3e:0a:ec:45"; + networkConfig.DHCP = "ipv4"; + dhcpV4Config = { + UseDNS = true; + }; + }; + # networking.interfaces.eth0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + }; +} diff --git a/machines/dolomite/default.nix b/machines/dolomite/default.nix index 0576114..32e2425 100644 --- a/machines/dolomite/default.nix +++ b/machines/dolomite/default.nix @@ -2,17 +2,20 @@ let awsHosts = [ "tok-00" ]; bwgHosts = [ "la-00" ]; + clawHosts = [ "hk-00" ]; in { imports = [ ../sops.nix ./bandwagon.nix ./lightsail.nix + ./claw.nix ]; config = { isBandwagon = builtins.elem config.networking.hostName bwgHosts; isLightsail = builtins.elem config.networking.hostName awsHosts; + isClaw = builtins.elem config.networking.hostName clawHosts; sops = { secrets = { wg_private_key = { diff --git a/machines/dolomite/secrets/hk-00.yaml b/machines/dolomite/secrets/hk-00.yaml new file mode 100644 index 0000000..91d6540 --- /dev/null +++ b/machines/dolomite/secrets/hk-00.yaml @@ -0,0 +1,31 @@ +wg_private_key: ENC[AES256_GCM,data:M4lSTVf5cCbjuPjabYzGV1RQ0ZarM9vP2V8l1MJbLCKPTKGZV5wi9a3IIzA=,iv:M9jU7/xpzHxV3pYIfZqxGnsnbrx8wKN4zKa4qqyL7ak=,tag:+sQMIpmEwqOsBWBnqN6J1Q==,type:str] +wg_ipv6_local_addr: ENC[AES256_GCM,data:mzZDRHo5bD6Vji4LuvE8vEmQR/J5MeCXuS0DVihJcQdBw/NJ5zdATNVD,iv:5OevY9C3oqPhhksnd5itz8TWorFsm/mjs430c2ki+ZM=,tag:/hixvECSasepzvZdBOoO7g==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1uw059wcwfvd9xuj0hpqzqpeg7qemecspjrsatg37wc7rs2pumfdsgken0c + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkNmVpY09ZNzhacDdpdVUr + SGc2NGNrRWlMMzE2RVNSN0tHTGNoeVhlWUFRCnpqNy9qMExKUFA0akFnNG1HS0h2 + NXlmWkJMemJkam5oSEFaSENkRTRnczQKLS0tIGNha0RWbGFUWGpROEdoKy9WbC9n + WTUrUjMydHRHODN3TDhyakpHNG1hZjQKR3I8TwUDvvht9ck8YIplCjafhUdvxw7M + VNSjUoacKg0Uu5m777UlBpDdDXBwulrVryFxrKA0Q395+YRJ2Sg0wQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1w3x5mz2g8jc9aq8cajdpg62f8n5p4qr6jgjlxw9seagyw0t0fsuqvkmym0 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKZC9GU085TmV6b1FsdGFw + OEFJeVM1WFJib1lFM1luQmlQSGt3Ym1PaVVjCkd4TmhIcVB2Nk4xaHdwSVVHOGJJ + TVErNHZ1ZURKMmk2SzJUajFTV0tJSE0KLS0tIG5jVnZHNm55dncvaDdsWXNidDB1 + TURVTjR3RUJzMmxmNVIyTk5rM0YvMU0KP3R78NlGqbRHmSn2WqanPq8Y9m+olBLO + 2CTJI9QQfPACzz9KoEt5hlpqVpsgQT9CGDpyYEwXrFyxFY4QIh5NPw== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-10-17T10:52:20Z" + mac: ENC[AES256_GCM,data:lxqZaTqs5d/b/iIZ7BbD2jYJq3fTIbFlbdwKbCAAiXJv8abxN6SjOKuecKEvkJ0Y7qf2e0Cl8lbRwSy5FJb9Wsl9O4LzF0KBu0lssnBtDuZujFldgxJSWB8kQ3vMsPQ+NbmRME3zdKazmuhEwS0h/O6L6KmnfHjtfnDpAjYD+MY=,iv:Xue3R2qGxiw5/hjr9dLiLqeKDTpnwAnx8v9M3qjz5EM=,tag:T67z1oCMoW/ApF6tFJL3dA==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.1 diff --git a/machines/secrets.yaml b/machines/secrets.yaml index dec3d21..58dc777 100644 --- a/machines/secrets.yaml +++ b/machines/secrets.yaml @@ -1,13 +1,13 @@ -clash_subscription_link: ENC[AES256_GCM,data:Vwy0c8gOeR1XG/QNp8TGuBe/5kezD7SSStN/iCnihbbJYW78LNfPfvmVAEXjQlf5Ycts2Cb2JHGtWp3rmQQtWBx8LfIewqhNDk9fCywqIv7uSmqVpJNTHfYhjpF6PLvtz51VfTKph+fplZ9dMu23P9g7Wn6dzVizo8DX6xHWN2jDyHza5zkiNrzbmiaLwbLu1dAzvNSI67A=,iv:pZ189IPPCBjscXzEdgQCRdFlls3TniwDfNCd+H1FFaQ=,tag:dpt+3kdx8m1f0X0SHm+ATA==,type:str] -autofs-nas: ENC[AES256_GCM,data:wcrA2t8/i9PaxA1PQ3CDVJZUhVchGV4vCfa5j/ReNahKV3cfDf2owbpeB827sMpjYyyvSH6nri7mra/BLMAPcgySCpZNAgdR9DQZXAQ=,iv:QJzsS5a6vWeoBxkB13yXdVbyn0tt2QTvqj0LaHn6S2g=,tag:TtgubLgWBBzl67MVal5BvQ==,type:str] -autofs-nas-secret: ENC[AES256_GCM,data:OBh8h5CFv1Z4G6bMesna4zmXNASKhYdjFBvg47T9aKBCLDp/xVWnnQj8N7AFGg49wJ+0gYuqb33lIqpSnQ==,iv:UCaGeE8j4RqJzA0xhu3oB2xvzombzQD3fjLKCWd5fDg=,tag:+Oc78ddpLH7R2aT7gW3Ouw==,type:str] -github_public_token: ENC[AES256_GCM,data:AmAfmq5mDGxmHUUlGzD7k50jRTCcnZqqFdYdrMtYysmw6FUjPc1YgsEVNqHOjiEMYbr8Gs+wjVu8BYIuh1wuDzOOfE+ejIbosrOtK4dCapmIzZFlRiK/AyrUCm2qDWUObhJDPMJN4px947VFJ5to5GLifGEXdUGm,iv:PJSFtJBelyc3rzd6hqjMp+ciU2Q3FTOEXsiq5F2KKTY=,tag:MjrTl+4+8SZeBDJpUJtsiw==,type:str] -singbox_sg_server: ENC[AES256_GCM,data:5rogqKm5yiy5Yvz4Vo1a6Q==,iv:Vx9wNTdVHkReux4YeQY+0VkC1Wqg/CRkY7frVY/3e50=,tag:9fVlCP/DadcOvhO3c1oCzw==,type:str] -singbox_jp_server: ENC[AES256_GCM,data:xKTcxkcu1WIsT/wlMpEoqGJK,iv:nXetY339YuOi2jFEb3xkPTglHRMk/quIrQL4ko+8MxY=,tag:+Nwsx65/gdrDhL1ZurR5Ng==,type:str] -singbox_password: ENC[AES256_GCM,data:0tBIzwtNSQqbGlD+CDnQfJigbFVBChEL,iv:W2HaHeSkvmS6jHSnfOJ6tD2QXuUq1A+mfZf7sEXB++E=,tag:5BtYAv1NO70IL4m/uG8QKA==,type:str] -singbox_uuid: ENC[AES256_GCM,data:ufN+vDl/rDASoQL23tHwlr3ybMyrlC/Kd7bT0c5+SP+bc6Zj,iv:+uwt/N9LpFaJK6MjoczyrZ039MDZn4kRmtEoq4OvdFU=,tag:6Yma9+yrISwQoSRDgUbuwA==,type:str] -grafana_cloud_api: ENC[AES256_GCM,data:Pz+tE09dcJa+ZEWS3vtpOtitGCA9Cg/+gOd/0FsF8ooxzPyN9/UMuTcP02aIPW5v7yZCkGJOAXufIyechNf0crgAV/KmwGGwixH7I+1f3sDtGiFZEMnQgrysyfJo0KIrIZ8XP0SyXDs3vKjDU8cUI4+IyucHacWQ1kWdEtINjcPNHRPS2yaMUIvsRn0z8Cs2byMD3ghUHHHOz40CuO6r4A==,iv:cHvbeCmLFmJPNKsl1BBYx9WJP7ZJWi+8c9yHZWc6FTs=,tag:yWXtPokYE4frCmzzzyEqEg==,type:str] -private_dns_address: ENC[AES256_GCM,data:m/u3oc+6ef8dLa7Dpu+5T9TTSdXqJjS9ecA+sPj0r8qX06+QgiQnpmEW4w==,iv:8+qG5rQXAKfrykEjt9qrbtyNaBuKvi7EaIWouRqEipY=,tag:XlMccTKL239/NnAprtqYrg==,type:str] +clash_subscription_link: ENC[AES256_GCM,data:uDaX2BE/qRdfXVtckX0VKpu0LN3j0YaxVIPbQt3tGAfdfqFqlp0IzFgNiZBIEcIltYkeEyqFSA0QnttoMb0QYe9f2rtgjztwk10SOGViGaeFWPfkdlHP04qhm5OOOddi3OwT5rUNwvBU79AdCnLJ9QwqMbOaNm/JTtbkcjf8huxc2UcYAQcY/YNJ7aTEhWIw98Ab85aih+w=,iv:pZ189IPPCBjscXzEdgQCRdFlls3TniwDfNCd+H1FFaQ=,tag:dMmGZvppWtkc82b5dTnJwg==,type:str] +autofs-nas: ENC[AES256_GCM,data:LnCKGKARx6Vd99VwAX/6PXOJwo+a7GP8fNmM9yuuC2xITGxtWCsDdOZL1+IA5LS/gbOYINgQWDzWirJF3LCP27BQeLwXYpD7/UAwwVI=,iv:QJzsS5a6vWeoBxkB13yXdVbyn0tt2QTvqj0LaHn6S2g=,tag:D/JKXQIw1EzIh3wjGhHgHg==,type:str] +autofs-nas-secret: ENC[AES256_GCM,data:gbOizRZAvh79HlJWIWeKTk79Ux311XGL1eIswc0P2U2huCibD/ji3kOlSjZXENG+fJQKNz2AlDTk3g2cQQ==,iv:UCaGeE8j4RqJzA0xhu3oB2xvzombzQD3fjLKCWd5fDg=,tag:II4eEMr7f2TDUl1qUcDYXA==,type:str] +github_public_token: ENC[AES256_GCM,data:6Gt+oJcCRHeoLK7CRndMMbszTXSEbnN0nQzsVOnl/+zB4hxbEPD5k/vkkl+cZ/qmxdxFXV0OOsYvktn44Yv1DMUE3mkB0hcAdoyPwLuYM7W3RpOoW3OktH8DRCUi6msvFp3ykpdmIl9WyjVhc/lMwTaYJQyRh1ue,iv:PJSFtJBelyc3rzd6hqjMp+ciU2Q3FTOEXsiq5F2KKTY=,tag:Y/stRg6kwyjjIFZCXS/peg==,type:str] +singbox_sg_server: ENC[AES256_GCM,data:SF2ja6W4TwThwoug5x2KTA==,iv:Vx9wNTdVHkReux4YeQY+0VkC1Wqg/CRkY7frVY/3e50=,tag:7XA9KSoR0GA6FoYRhCv4BQ==,type:str] +singbox_jp_server: ENC[AES256_GCM,data:S3Bs5yVMzyz6vD51GYElOM5h,iv:nXetY339YuOi2jFEb3xkPTglHRMk/quIrQL4ko+8MxY=,tag:o9d55cZuWmX4NDYexWjvYQ==,type:str] +singbox_password: ENC[AES256_GCM,data:bZ50/gG53D9fyGnQ7ky8VRdNEDhGjbFD,iv:W2HaHeSkvmS6jHSnfOJ6tD2QXuUq1A+mfZf7sEXB++E=,tag:nbr2zNCs3RAr/uidkp08ng==,type:str] +singbox_uuid: ENC[AES256_GCM,data:gYppcUvF5Aj4mBQTMy56kb9JazUM6SeiYLspqiZjbTkPOhhk,iv:+uwt/N9LpFaJK6MjoczyrZ039MDZn4kRmtEoq4OvdFU=,tag:IiBZRfFpjKB/swmJNjodyA==,type:str] +grafana_cloud_api: ENC[AES256_GCM,data:eEvPAwtThK1FMhbrnmSo89+GlWZAF+LQRMLXA2C6f1vR7ZPlXJZGWzjYwDcPlnpiC737/cG14M4kZqvPGBuNub5A83rBS/+FeebvGDIF59L5PC1Ys1jWBB9YRI/L9EU0tvwTTUCvLRA9j28n7Jw7wR6mWXm63XA+OMu8/UbTwbeV/WUQn8vnwqadSUdCnNKJXMsAY+q9t/st0DPm5+aNxA==,iv:cHvbeCmLFmJPNKsl1BBYx9WJP7ZJWi+8c9yHZWc6FTs=,tag:87C+0FVvzDIowE0+QpY1zA==,type:str] +private_dns_address: ENC[AES256_GCM,data:YJxNOH4hsZHResvANEqJRTANhnL4PLp/Pmi/PhgtSTbTKiJKPqudhTEkNg==,iv:8+qG5rQXAKfrykEjt9qrbtyNaBuKvi7EaIWouRqEipY=,tag:VH0w5ZbXcWFGZ9GLavm7/w==,type:str] sops: kms: [] gcp_kms: [] @@ -17,68 +17,77 @@ sops: - recipient: age1uw059wcwfvd9xuj0hpqzqpeg7qemecspjrsatg37wc7rs2pumfdsgken0c enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMdjlhNVZpUjYzRTVXNG9Y - S0lEUVdoM003YVZoeXYyOXdwY3Rla3VJSkZvCkl0a3FPeVpMY1JTWkdCb3NaeVBQ - dHVSVzg1cDNIS3JnMmYxbUlzbjFicG8KLS0tIHFENDNaZENzSzJQZDVLSVJ5VHBP - aVpJN1dkbEQ2djQyWVdRTUx4NGdaaTgKgfcGovmMgVFHkPLHT7C5bg75LXg8MFK0 - s8IL8qhHif4uzMuFjdw9MzyuQc1bqGzazX5YC1MYLYCOWHRlLq9mXw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiRzZVNGFocUN2VzZLTmJz + WlJnUmxhZS92citDRkVZVnJZQU9YWVZORlNjCkgzeWl5dTl1YmpjZGt2anF3dGgr + K1hOSTRmakNrZ2JoNit3NDIzK1FCcWMKLS0tIEdqY3VvR3gxd1JoQlhPR3JvcXBF + K2g4VFpqUEF5RTQ3cmpUSG0xajN2bUUKMuwx5cO1nHokV1NOloXfl9wTBN/+/Rlq + UJKP/qaI23tpyMXN1U40iF20ecO1U5Ad8wAQ61C/tldSVULizDihpw== -----END AGE ENCRYPTED FILE----- - recipient: age1ytwfqfeez3dqtazyjltn7mznccwx3ua8djhned7n8mxqhw4p6e5s97skfa enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWQXdMdzMxNzE3SHpZR09w - OTFtNzJLdVk5bWlyNGl4RzA4NWFUQTlvbUQ4ClhGZHI3ekJWYnNwamJXWWVtc3do - TXpoWERqT24rMjRtQUJUb2RKSm9BUjQKLS0tIHd6QXUrWVJ5aU52VEtDL01Kd2d2 - V3U4cTNoVzYzdmt5YkpNUmsyUWtCaEkKhxEQVVt2zvVGFGtlfPr0sQ7b0yUDRDOV - CN8nxyO0NiuvEKSkw+KCkcNWNQZDnHTQ3pwWyAohRZk3vB/RSuApCg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMYXlwdytVSm1SQzRubHdX + dHhrTWxyamo3OFRraEVRQ3plK1cwUWt0a1JRCkdqaVRTQ0NaTkdoMlpDT3Yyallq + eTd0bDViVTgwZGRTUmlYTzR0Y09iWWcKLS0tIEFlQnFPVFRVNlAxdExMekJ2b295 + UUJkUUZCNUZnbkNFZHVBYXNHQklOL2MKujgh6REuAKu6ZLVA7atiWUqhnvYJnQjb + WsxCa9ZXZRgfbhcNlZ3qIKJpWWI/RMS17+Nm5yIl+2cSqe2UJMjZdg== -----END AGE ENCRYPTED FILE----- - recipient: age1nugzw24upk8pz5lyz2z89qk8se4gpcsg3ypcs58nykncr56sevrsm8qpvj enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsdlh1Kyt4KzlFR2RkTmFo - S00zK1RDNnJwVzQ4Um93TDBEcnJZUjJLUG00CjloMFdaNm5LU2lRRVpnM0RpN3BR - Ly9pUkxuZHd3NHJRSG1Ha3ZVcE50RkUKLS0tIDN1K0xnb01EL2Q3aG5RV0grdmdl - TWh3ZStZQ3lNYkh2cjJ1RWhLRDJ0KzQK/+R6hFg8ErtT/rkSOCwRdArTPIE/J9Yv - 2qZmREM7q99L5w6lEBTn9SRekowk0ncwIoTxRfn576wyl++b8gBv9Q== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHNXQ4RVVRd3RYRkhUVExG + SHJON0hwSmJtUkYrd1dldHJRN2tPKzBsNlNjCi9xYVhaanF5TDU2Q0xadXNWR2tN + dHhQVkpRREFlRm5MM2pwVytEaGhHT0EKLS0tIE9sRUtLako3cnAxNm82RDhiWEVM + ZW1IMXkzYkhqbW1ZdVRabUlkK2oxSTgKHC22uQqMq+cJ7vrONkGgoH8snxGef6Ft + QbtoJziERjAhK6B7TOY8AJ3WVRpCzZN70HjLNYa+bMMNOvmlsVxfZg== -----END AGE ENCRYPTED FILE----- - recipient: age13s6rwd3wjk2x5wkn69tdczhl3l5d7mfmlv90efsv4q67jne43qss9tcakx enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJelptN09Oa0NRdTFER2du - clZGM09uMlhpMlZDQ2VvTTZOZ09VWGNwaWpjCmRuMjM3VTRpT3hRaWpEYW5HaWRr - K2pEM3dLYjhSS25hSUtrYkRvYXpCd2MKLS0tIHU2eDlXdVBlZUFTMjYxRTladVJV - cjZ0dGtmM29YdXI5Z1RpVVdRSktBU2MKdR5d6fb2EHX5j51qE5gg0GXKjy4fCpT0 - Q+fZslCPDZqaOX/9kGT874TuW4CC1wttpsCDNIEzrX54SvIGfsVPgg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwSmZ5YUpFdzRNdWZVNmxJ + bm5ucUhVeTV2TkE4ZElkZ1N3aXc2eVEwMlRNCmxXRElPb2pGYzJFVnUxQkRtMlNF + cjgwUzh5UWNLTk01U0h2bHNpaXVzZkkKLS0tIDczUkkwTG8rL1V3UU9lenk4V2tl + TUxDd2huTllMRG9MZTJZdzRwaWxqUVEKLA3y+heUA8cK31LZzv5A1wtgf+sauuwE + 7SGU3uYU650tJM3e6Lveo+JOAD7Z1jrAomT5Bub+jjSHnpeFC9yMbA== -----END AGE ENCRYPTED FILE----- - recipient: age1t5nw2jx4dw67jkf72uxcxt72j7lq3xyj35lvl09f8kala90h2g2s2a5yvj enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmRUhOaVhSMFJFcC9qYytK - dHJ1ZUg1SWRBeTVSeFhDRW1VbG1HWUJaUEhvCnBOaENFUXlJWHAxQ0ZGVGFxQkpC - b3dwb0VJVTR1MUNDT3VQR0tsNE5vUDQKLS0tIEJkbWN5MWRtKzRveldvT2dMR2k1 - djdBQzNvSFNPRDZwN1B1dG5sUzlRdzgK35bNxRGDQw+dtnXcXSXk67kJFce52vqn - srABR9FOYmSfesLKXOdKItLAGffkfB7kuiXO7CvyVTkgJOjBgK6Tnw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4enA2bnlrV3ViY1RHaTVS + Ym5VV005NFlXZUl2NDNXYXBoOHh0SGQ0YVNnCm1KdHBSeE9lQzZEM2hFZUwzRitS + K3BEWGhtWmxKc2RJd0FTMEs2b1ArOUkKLS0tIG5kaWc3U0o4SG9teXk5dVZWWjkz + cS9VMU5YbEl3UE5mODJ1THNLVEdVblEKNQF0b9r1XPD819Z6Uy0b9hT4Uek2tNWU + 3z3H7V/UiB1TMW+qgs6BC6bDkDf7oG//qmZEdYF+lDXcNSwai25xyg== -----END AGE ENCRYPTED FILE----- - recipient: age1fw2sqaa5s9c8ml6ncsexkj8ar4288387ju92ytjys4awf9aw6smqqz94dh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNb2JOOUlGL1pCVXVYZk1j - cWg0NE13WnBUWDA4VTNRdlNmWktRN0lJbkVBCkpHTklwbnFsd0NBOTY5V0JCTVJN - alVFeW41ajlZR2dHZDlrL2FtazB6QU0KLS0tIDhoTXppS0lnZmFJY1lhSDBudVB4 - NHFLdnorOUtJSzVPWldYakppZFJwdlEKbZnT7m6R7H/yLG+tDbQECgQVGX0xT4jC - 67z8k6xbnsT2srhhXk/NHi+/j7AcHhPG6cTO1z8MrxkMikk8ihU1Iw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBreHJNRXlpOEh6YUxaSmJj + ZDlVdHh2b1p6aEs3eDAvbkk4WExxWmE5bDM0CkZzT2l1K09UbmNFNEpZUVY2NVlB + dVFYbnpvTjlUcTdZejMrelpscXRJQzAKLS0tIEVIaVByVmp0aUU1ZWJLajBhcjRk + QVZMRXBRVVhaY3JKZEJjMTdEeEVqcWMKT+DoevNQAxCrty2VkRDLWGFzs9GsW3F7 + txz73tAceAIiocC1z7IV2TaYULYf7Z75HAje/SOTlGHBIDiVZ0vyLw== -----END AGE ENCRYPTED FILE----- - recipient: age1jle2auermhswqtehww9gqada8car5aczrx43ztzqf9wtcld0sfmqzaecta enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIaHFOa1ArRW5xWFAyWXlh - enpQUzZKbFFFUzN1cisrd2JGelpXSWppRnhvCmY5VDlSTFhJakt3aU8zYjRrZXVQ - b3o2NlpCeGZZU1ROeW5XOFVpdEZnZXcKLS0tIGZ5M2IxNHp0Qm8rckROdy96a0pG - NjVEaWN3cU1rRjQ2a29wV1g1NzE0UTAKNefzj+p+U735LHqm5lnWGHCARuqvFmgA - 6bxJN9frAMZQIXZSwOTrfpYrTmKcBLcfWxq7LUPluw9HinQnkFpWqg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEZEJHQlJqMWxob1lxOUFK + dDZIN3FaNWR1L0gyN3I1MXVXZlpzdlpQUHpjCmIwTWhRamZvSTF3cHZMNk9YUlRv + U2tOK3E5MFBFNERsUHVzVnhsUDFRd00KLS0tIFd1MUpaaFU0bWdVRjJ6NjFwcFZt + bkJGWFFWanFBK1drZlBNcHo0c3Bjc00K/vPBLocRhtcJ3snGYFr+H7qhbg6iSSPP + OSH8WnaM5JmmA9IQlm5uGiG74PHi5sg5d+bwG8pPQtMKN+Ndxh7JIA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-07-17T03:43:42Z" - mac: ENC[AES256_GCM,data:5dnJSeY8lZrIo/bl8MECwmaQo+fQ+BEun9BQ7tFHUo1lzk4wn2N1RuPMuPLPE1wARfOJR2lUyh+o3froFqQT6EGDhA68ETHxm+NqxbstouK+pSu0WJzg7ImuAuzd8B81xXBTQj6umOZy6oRsgvAYo2C8aEfzs19+kYrAM4bXo7k=,iv:YvtOVDD347fCFvqyTljHOQm6ewSR01WlYVBNVdm/BNc=,tag:r/HzESO6csxzLJMHTRC7bA==,type:str] + - recipient: age1w3x5mz2g8jc9aq8cajdpg62f8n5p4qr6jgjlxw9seagyw0t0fsuqvkmym0 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlN291MzZOaU4zazhEeXBh + WlhoYmh2ZDBsZmc3cEthdW5paWpXbXQvUG1FCjBLZ0FPVWR3T2pVWTZrRmkxSWUr + MHhkUFFPK1Z0b2t1Z1J0VjlER1JvcGMKLS0tIE45YndxVW4vak1wcEJoZzhHQ0E0 + NzA1cy80ZW5vUFplQzVMZ0txSmVkMUEKFUvgmJNdo9sV33gOx7LVUSCYvIqCNwaP + u+XoWTfg4kp9f4KVTy/8huPsVLhZBUaf6jI10mV2z4QwaLHje4JiHw== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-10-17T12:19:12Z" + mac: ENC[AES256_GCM,data:3Z22GxxDjR2FVZ7VnFY/QhQ1i//1WC93GIwK4d51i13OWmcb71UPmmA6O/HlvLdP6goFCj95eRMUEiiVcdKagt1ca6HsDd6bkOEXwdl//fgOHUsgx5SNtA4kVJwK2bJuUvG72aOiLq89qvNprMLslJ47YqS9WM3rudk3Wp/P+og=,iv:GMN806nsrQg0+ZS0AReamzVv2FrLGELfA6x3RLNE/II=,tag:j2Bq9xYETCSL13zHx1BztA==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.0