chaos/nixfiles
1
0
Fork 0
Code Issues 2 Releases Activity

updates & formatting

Browse source
This commit is contained in:
chaos 2023-12-20 17:38:38 +00:00
parent 87faf1ee98
commit eac4a8f630
No known key found for this signature in database
5 changed files with 50 additions and 46 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
flake.lock
View file

@ -21,11 +21,11 @@
"systems": "systems" "systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1694529238, "lastModified": 1701680307,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384", "rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -65,11 +65,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1701071203, "lastModified": 1703072477,
"narHash": "sha256-lQywA7QU/vzTdZ1apI0PfgCWNyQobXUYghVrR5zuIeM=", "narHash": "sha256-I2g7o+J26iK3sGk53iuaYiMWryzAYx0zhNQUFzTID/A=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "db1878f013b52ba5e4034db7c1b63e8d04173a86", "rev": "433120e47d016c9960dd9c2b1821e97d223a6a39",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -115,11 +115,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1700665566, "lastModified": 1702867085,
"narHash": "sha256-+AU2AdpA2eHlVwH3LL1qCWCTJyOJwCw/7pwampP3Jy8=", "narHash": "sha256-zcKtsexiTURppa7styWbMvrFiIYfoY5mBtWeIlh7YqU=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NixOS-WSL", "repo": "NixOS-WSL",
"rev": "a9287f7191467138d6203ea44b3a0b9c745cb145", "rev": "86f3b26038b36603f51e260979a09e9c659415e9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -146,11 +146,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1700794826, "lastModified": 1703013332,
"narHash": "sha256-RyJTnTNKhO0yqRpDISk03I/4A67/dp96YRxc86YOPgU=", "narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "5a09cb4b393d58f9ed0d9ca1555016a8543c2ac8", "rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -194,11 +194,11 @@
}, },
"nur": { "nur": {
"locked": { "locked": {
"lastModified": 1701085559, "lastModified": 1703085539,
"narHash": "sha256-BHT8Zxl/4iQ4NQ8N+fvJhi+LoblGNUz8p+axv40RDjY=", "narHash": "sha256-4YE7zXvzWUtnAyzV9+9VYrfr/o+Y/k4ka7yWO2MtAaI=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "5b543aa25fdc06ae3f60c45acc050bd0876541bc", "rev": "d19b0ed13ad371fe975f20872d7d198d50ecf763",
"type": "github" "type": "github"
}, },
"original": { "original": {

2
hosts/hetzner-arm/containers/social/profiles/gotosocial.nix
View file

@ -45,7 +45,7 @@ in {
smtp-username = "gotosocial@owo.monster"; smtp-username = "gotosocial@owo.monster";
smtp-password = ""; # set via env variables smtp-password = ""; # set via env variables
instance-languages = [ "en" "de" ]; instance-languages = ["en" "de"];
media-image-max-size = 1000000 * 64; # MB media-image-max-size = 1000000 * 64; # MB
media-video-max-size = 1000000 * 1024; # MB media-video-max-size = 1000000 * 1024; # MB

14
overlay/default.nix
View file

@ -41,17 +41,19 @@ final: prev: rec {
]; ];
}; };
owncast = (prev.owncast.override { owncast =
ffmpeg = final.ffmpeg_6-headless; (prev.owncast.override {
}).overrideAttrs (_old: { doCheck = false; }); ffmpeg = final.ffmpeg_6-headless;
})
.overrideAttrs (_old: {doCheck = false;});
gotosocial = prev.gotosocial.overrideAttrs (_old: let gotosocial = prev.gotosocial.overrideAttrs (_old: let
owner = "superseriousbusiness"; owner = "superseriousbusiness";
repo = "gotosocial"; repo = "gotosocial";
version = "0.13.0-rc1"; version = "0.13.0";
source-hash = "sha256-Ppnv35Iq3tk3qGlBAQJbTy4HA8piqK2hTLNLWREMN18="; source-hash = "sha256-+/x3CAGF/cjK1/7fHgC8EzlGR/Xmq3aFL5Ogc/QZCpA=";
web-assets-hash = "sha256-2QCOf55l8O552Mko5DZkrJUlATcWln718kYr7sHw6n0="; web-assets-hash = "sha256-aPxjfe+0f4hUBfwBH67LsR1/Kv/42sPhlHwmVmDfp30=";
web-assets = final.fetchurl { web-assets = final.fetchurl {
url = "https://github.com/${owner}/${repo}/releases/download/v${version}/${repo}_${version}_web-assets.tar.gz"; url = "https://github.com/${owner}/${repo}/releases/download/v${version}/${repo}_${version}_web-assets.tar.gz";

46
presets/nixos/encryptedDrive.nix
View file

@ -24,18 +24,18 @@ in {
"cryptd" "cryptd"
]; ];
initrd.postDeviceCommands = mkBefore '' initrd.postDeviceCommands = mkBefore ''
mkdir -m 0755 -p /keys mkdir -m 0755 -p /keys
mkdir -m 0755 -p ${encryptedUSB.mountpoint} mkdir -m 0755 -p ${encryptedUSB.mountpoint}
if grep --quiet "cryptsetup_password" /proc/cmdline; then if grep --quiet "cryptsetup_password" /proc/cmdline; then
USE_PASSWORD=true USE_PASSWORD=true
else else
USE_PASSWORD=false USE_PASSWORD=false
fi fi
while !(test -b ${encryptedUSB.encryptedPath}) && [ "$USE_PASSWORD" == "false" ] while !(test -b ${encryptedUSB.encryptedPath}) && [ "$USE_PASSWORD" == "false" ]
do do
${ ${
if config.boot.plymouth.enable if config.boot.plymouth.enable
then '' then ''
${pkgs.plymouth}/bin/plymouth display-message --text="Please Plug In USB" ${pkgs.plymouth}/bin/plymouth display-message --text="Please Plug In USB"
@ -44,15 +44,15 @@ in {
echo "Please Plug In USB" echo "Please Plug In USB"
'' ''
} }
sleep 1 sleep 1
done done
${ ${
if config.boot.plymouth.enable if config.boot.plymouth.enable
then '' then ''
${pkgs.plymouth}/bin/plymouth hide-message --text="Please Plug In USB" ${pkgs.plymouth}/bin/plymouth hide-message --text="Please Plug In USB"
if [ "$USE_PASSWORD" == "true" ]; then if [ "$USE_PASSWORD" == "true" ]; then
${pkgs.plymouth}/bin/plymouth ask-for-password \ ${pkgs.plymouth}/bin/plymouth ask-for-password \
--prompt="Please Enter Password" \ --prompt="Please Enter Password" \
--command="cryptsetup -T1 open ${driveData.encryptedPath} ${driveData.mapperName}" \ --command="cryptsetup -T1 open ${driveData.encryptedPath} ${driveData.mapperName}" \
@ -65,25 +65,25 @@ in {
fi fi
'' ''
else '' else ''
if [ "$USE_PASSWORD" == "true" ]; then if [ "$USE_PASSWORD" == "true" ]; then
echo "Please Decrypt Drive" echo "Please Decrypt Drive"
cryptsetup open ${driveData.encryptedPath} ${driveData.mapperName} cryptsetup open ${driveData.encryptedPath} ${driveData.mapperName}
else else
echo "Please Decrypt USB" echo "Please Decrypt USB"
cryptsetup open ${encryptedUSB.encryptedPath} ${encryptedUSB.preBootMapperName} cryptsetup open ${encryptedUSB.encryptedPath} ${encryptedUSB.preBootMapperName}
fi fi
'' ''
} }
if [ "$USE_PASSWORD" == "false" ]; then if [ "$USE_PASSWORD" == "false" ]; then
mount -n -t ${encryptedUSB.unencryptedFSType} -o ro ${encryptedUSB.preBootMapperPath} ${encryptedUSB.mountpoint} mount -n -t ${encryptedUSB.unencryptedFSType} -o ro ${encryptedUSB.preBootMapperPath} ${encryptedUSB.mountpoint}
cp ${encryptedUSB.encryptionKeysPath}/${config.networking.hostName}.key /keys cp ${encryptedUSB.encryptionKeysPath}/${config.networking.hostName}.key /keys
chmod 0755 /keys/${config.networking.hostName}.key chmod 0755 /keys/${config.networking.hostName}.key
umount -f ${encryptedUSB.mountpoint} umount -f ${encryptedUSB.mountpoint}
cryptsetup close ${encryptedUSB.preBootMapperName} cryptsetup close ${encryptedUSB.preBootMapperName}
fi fi
''; '';
initrd.luks.devices = { initrd.luks.devices = {
"${driveData.mapperName}" = { "${driveData.mapperName}" = {

4
profiles/base/nix.nix
View file

@ -23,7 +23,9 @@ in {
config = { config = {
allowUnfree = true; allowUnfree = true;
permittedInsecurePackages = []; permittedInsecurePackages = [
"electron-25.9.0"
];
}; };
overlays = [ overlays = [
(import ../../overlay) (import ../../overlay)