Compare commits

...

34 commits

Author SHA1 Message Date
Ingolf Wagner
d591d6ecb2
wip 2024-07-25 00:06:28 +02:00
Ingolf Wagner
2492d67cd7
various optimizations 2024-07-24 00:55:55 +02:00
Ingolf Wagner
5063b12521
put everything in configuration.nix possible. 2024-07-22 18:00:31 +02:00
Ingolf Wagner
6ec3819bfc
add asciidoc pandoc output 2024-07-22 17:16:19 +02:00
Forgejo Action :robot
2f6b461eb8 ⬆️ nix flake update 2024-07-22 02:39:32 +02:00
Ingolf Wagner
6a81eb5896
buildbot tests 2024-07-22 00:34:28 +02:00
Ingolf Wagner
7fabef2424
remove secrets repository 2024-07-22 00:33:11 +02:00
Ingolf Wagner
9631758da0
add paste.ingolf-wagner.de 2024-07-22 00:19:08 +02:00
Ingolf Wagner
9eab6b77fa
reformat 2024-07-22 00:18:48 +02:00
Ingolf Wagner
4a9d351319
add zed-editor 2024-07-21 21:57:34 +02:00
Ingolf Wagner
71c1eaae3e
down use copyq anymore 2024-07-21 14:50:00 +02:00
Ingolf Wagner
8bc98a55a3
add comments 2024-07-21 13:15:42 +02:00
Ingolf Wagner
6b5b8cd9bf
use gitmojis 2024-07-21 13:15:41 +02:00
Ingolf Wagner
56b672def4
renamed ssh key in action script 2024-07-21 13:15:40 +02:00
Forgejo Action
e631dbf1ce Update Nix flakes 2024-07-21 13:14:36 +02:00
Ingolf Wagner
b5ac0646ce
try how it kinda should work (let's see if this works) 2024-07-21 12:41:02 +02:00
Ingolf Wagner
6e50445f50
try how it kinda should work (again) 2024-07-21 12:40:02 +02:00
Ingolf Wagner
5152d2e633
try how it kinda should work (again) 2024-07-21 12:36:44 +02:00
Ingolf Wagner
859c622522
try how it kinda should work 2024-07-21 12:35:16 +02:00
Ingolf Wagner
17806e1b2e
try how it kinda should work 2024-07-21 12:34:51 +02:00
Ingolf Wagner
61762eb22d
try how it kinda should work 2024-07-21 12:33:53 +02:00
Ingolf Wagner
d3f064cc3b
try with schedule 2024-07-21 12:32:04 +02:00
Ingolf Wagner
17d6733c21
try with schedule 2024-07-21 12:29:29 +02:00
Ingolf Wagner
26373a9407
try 2024-07-21 12:27:57 +02:00
Ingolf Wagner
101425655b
try 2024-07-21 12:26:11 +02:00
Ingolf Wagner
955d1f194d
try to fix the git push frogejo action 2024-07-21 12:24:00 +02:00
Ingolf Wagner
41f53486db
try to fix the git push frogejo action 2024-07-21 12:21:46 +02:00
Ingolf Wagner
31486c0e2d
try to fix the git push frogejo action 2024-07-21 12:21:19 +02:00
Ingolf Wagner
854b7b6c19
try to fix the git push frogejo action 2024-07-21 12:18:43 +02:00
Ingolf Wagner
a96bde664a
try to fix the git push frogejo action 2024-07-21 12:17:38 +02:00
Ingolf Wagner
19f657edba
try to fix the git push frogejo action 2024-07-21 12:16:40 +02:00
Ingolf Wagner
dc21678ad3
try to fix the git push frogejo action 2024-07-21 12:15:56 +02:00
Ingolf Wagner
4e9205322c
try to fix the git push frogejo action 2024-07-21 11:26:44 +02:00
Ingolf Wagner
029d2ee17b
try to fix the git push frogejo action 2024-07-21 11:23:16 +02:00
11 changed files with 179 additions and 167 deletions

View file

@ -1,7 +1,11 @@
name: Build all NixOS Configurations
on:
- push
push:
branches:
- "**"
schedule:
- cron: "30 2 * * *" # not to frequent, GitHub only allows a few pulls per hour
jobs:
nix build:
@ -9,33 +13,61 @@ jobs:
steps:
- uses: actions/checkout@v4
# - name: setup ssh
# run: |
# cat <<EOF > .id_rsa
# ${{ secrets.SSH_KEY }}
# EOF
# chmod 600 .id_rsa
#
# eval $(ssh-agent)
# ssh-add .id_rsa
#
# nix flake archive
#
# echo $SSH_AGENT_PID
# kill $SSH_AGENT_PID
#
# - name: nix flake check
# run: nix flake check --verbose --log-format raw
- name: update nix flakes
if: ${{ github.event_name == 'schedule' }}
# we need to use our ssh key here because we need access to private flakes
run: |
cat <<EOF > .ssh_key
${{ secrets.SSH_KEY }}
EOF
chmod 600 .ssh_key
eval $(ssh-agent)
ssh-add .ssh_key
#- name: nix build orbi
# run: nix build .#nixosConfigurations.orbi.config.system.build.toplevel
nix flake update
#- name: nix build cream
# run: nix build .#nixosConfigurations.cream.config.system.build.toplevel
echo $SSH_AGENT_PID
kill $SSH_AGENT_PID
rm .ssh_key
#- name: nix build cherry
# run: nix build .#nixosConfigurations.cherry.config.system.build.toplevel
- name: nix flake archive/check
# we need to use our ssh key here because we need access to private flakes
run: |
cat <<EOF > .ssh_key
${{ secrets.SSH_KEY }}
EOF
chmod 600 .ssh_key
#- name: nix build chungus
# run: nix build .#nixosConfigurations.chungus.config.system.build.toplevel
eval $(ssh-agent)
ssh-add .ssh_key
nix flake archive
nix flake check --verbose --log-format raw
echo $SSH_AGENT_PID
kill $SSH_AGENT_PID
rm .ssh_key
- name: nix build orbi
run: nix build .#nixosConfigurations.orbi.config.system.build.toplevel
- name: nix build cream
run: nix build .#nixosConfigurations.cream.config.system.build.toplevel
- name: nix build cherry
run: nix build .#nixosConfigurations.cherry.config.system.build.toplevel
- name: nix build chungus
run: nix build .#nixosConfigurations.chungus.config.system.build.toplevel
- name: commit & push
if: ${{ github.event_name == 'schedule' }}
# only if all nix builds are fine we update our branch
run: |
git config --local user.email "action@git.ingolf-wagner.de"
git config --local user.name "Forgejo Action :robot:"
git diff --quiet && \
git diff --staged --quiet || \
(git commit -am ":arrow_up: nix flake update" && git push)

View file

@ -1,49 +0,0 @@
name: Update Nix flakes and commit changes
on:
schedule:
- cron: "10 11 * * *" # not to frequent, GitHub only allows a few pulls per hour
jobs:
update-and-commit:
runs-on: native
steps:
- name: checkout repository
uses: actions/checkout@v2
with:
ref: "update"
depth: 0
- name: setup git
run: |
git config --local user.email "action@git.ingolf-wagner.de"
git config --local user.name "Forgejo Action"
# fixme: not working for some reason
#- name: rebase with main branch
# run: |
# git fetch origin main
# git rebase origin/main
- name: update nix flakes
run: |
cat <<EOF > .ssh_key
${{ secrets.SSH_KEY }}
EOF
chmod 600 .ssh_key
eval $(ssh-agent)
ssh-add .ssh_key
nix flake update
export GIT_SSH_COMMAND="ssh -i .ssh_key -F /dev/null"
git diff --quiet && \
git diff --staged --quiet || \
(git commit -am "Update Nix flakes" && git push)
echo $SSH_AGENT_PID
kill $SSH_AGENT_PID

View file

@ -1,6 +1,7 @@
{ lib, ... }:
{
imports = [
./chaospott.nix
./gui
./mainUser.nix
./media
@ -8,15 +9,9 @@
./network
./nixos
./terminal
./timezone.nix
./yubikey.nix
./chaospott.nix
];
# some system stuff
# -----------------
time.timeZone = "Europe/Berlin";
#time.timeZone = lib.mkDefault "Pacific/Auckland";
#time.timeZone = lib.mkDefault "Asia/Singapore";
#time.timeZone = lib.mkDefault "Asia/Makassar";
}

View file

@ -2,7 +2,10 @@
with lib;
with types;
{
imports = [ ./default.nix ];
imports = [
./default.nix
../timezone.nix
];
config = {
components.monitor.enable = mkDefault true;

8
components/timezone.nix Normal file
View file

@ -0,0 +1,8 @@
{
# some system stuff
# -----------------
time.timeZone = "Europe/Berlin";
#time.timeZone = lib.mkDefault "Pacific/Auckland";
#time.timeZone = lib.mkDefault "Asia/Singapore";
#time.timeZone = lib.mkDefault "Asia/Makassar";
}

View file

@ -121,15 +121,16 @@
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1721402843,
"narHash": "sha256-/DiRx6TgI/3KcrgO5SAs0FjLz68j7lqp3kf8MbfSCcw=",
"owner": "nix-community",
"lastModified": 1721420442,
"narHash": "sha256-QpO+3WsdWblHHM5UMm/zuJJ0Ur4JSfDtm+B+3VbOtlA=",
"owner": "MagicRB",
"repo": "buildbot-nix",
"rev": "5bdbb7609689989a79f7d6e6e59c4b7985634230",
"rev": "c891975243d8fd82d921ebb609e13af9a65ae254",
"type": "github"
},
"original": {
"owner": "nix-community",
"owner": "MagicRB",
"ref": "pydantic-convert",
"repo": "buildbot-nix",
"type": "github"
}
@ -148,11 +149,11 @@
"treefmt-nix": "treefmt-nix_2"
},
"locked": {
"lastModified": 1721420605,
"narHash": "sha256-E2je0KB09PXoJE1ofL2GUYnwB+BIE7D5Y2Fy+F/2cJw=",
"lastModified": 1721606811,
"narHash": "sha256-whhMy+GugmIpyxVhUGvmzrdgQYyFLZmxuI5oVILKQ9g=",
"ref": "refs/heads/main",
"rev": "f3c9c379e61d127b2c5a1f7a848dcdf0e7a307b3",
"revCount": 3512,
"rev": "72019d6bcb2c95206a5f96147fa84606607b1791",
"revCount": 3524,
"type": "git",
"url": "https://git.clan.lol/clan/clan-core"
},
@ -170,11 +171,11 @@
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1720813949,
"narHash": "sha256-ZqoP7VDuliqGiBo54aYOv5VMjeX+bNaOKCXfDflj+xc=",
"lastModified": 1721508205,
"narHash": "sha256-X4xVtKAkA/gVqIaCw0L5Rk9062VqlHiH0VK5En5Oi5s=",
"owner": "mrvandalo",
"repo": "clan-fact-generators",
"rev": "aa5c71bf46b453233945380b43fac2fc3d256efb",
"rev": "b3fb36c18871861f510330c272b455eb718cd3e4",
"type": "github"
},
"original": {
@ -191,11 +192,11 @@
]
},
"locked": {
"lastModified": 1720661479,
"narHash": "sha256-nsGgA14vVn0GGiqEfomtVgviRJCuSR3UEopfP8ixW1I=",
"lastModified": 1721417620,
"narHash": "sha256-6q9b1h8fI3hXg2DG6/vrKWCeG8c5Wj2Kvv22RCgedzg=",
"owner": "nix-community",
"repo": "disko",
"rev": "786965e1b1ed3fd2018d78399984f461e2a44689",
"rev": "bec6e3cde912b8acb915fecdc509eda7c973fb42",
"type": "github"
},
"original": {
@ -426,11 +427,11 @@
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1721135958,
"narHash": "sha256-H548rpPMsn25LDKn1PCFmPxmWlClJJGnvdzImHkqjuY=",
"lastModified": 1721534365,
"narHash": "sha256-XpZOkaSJKdOsz1wU6JfO59Rx2fqtcarQ0y6ndIOKNpI=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "afd2021bedff2de92dfce0e257a3d03ae65c603d",
"rev": "635563f245309ef5320f80c7ebcb89b2398d2949",
"type": "github"
},
"original": {
@ -467,11 +468,11 @@
},
"locked": {
"dir": "nix",
"lastModified": 1721284730,
"narHash": "sha256-eWPldqxXsqtbWrXflLEhZBjiSq0TJvIYoXQ/ExDKmls=",
"lastModified": 1721551388,
"narHash": "sha256-JR9/TqQi4a14kmH+iypGZKa7H2VZhr2jL9QgHLx3LUw=",
"owner": "kmonad",
"repo": "kmonad",
"rev": "e5e839bcbedda23df0b8a3f8659edfa2c9bef8f8",
"rev": "31c591b647d277fe34cb06fc70b0d053dd15f867",
"type": "github"
},
"original": {
@ -549,11 +550,11 @@
]
},
"locked": {
"lastModified": 1720659757,
"narHash": "sha256-ltzUuCsEfPA9CYM9BAnwObBGqDyQIs2OLkbVMeOOk00=",
"lastModified": 1721571445,
"narHash": "sha256-2MnlPVcNJZ9Nbu90kFyo7+lng366gswErP4FExfrUbc=",
"owner": "nix-community",
"repo": "nixos-images",
"rev": "5eddae0afbcfd4283af5d6676d08ad059ca04b70",
"rev": "accee005735844d57b411d9969c5d0aabc6a55f6",
"type": "github"
},
"original": {
@ -605,11 +606,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1721215108,
"narHash": "sha256-aOiSBcftoGye0spDdIylZE6TVTo7C/B4atYH25tSemQ=",
"lastModified": 1720890539,
"narHash": "sha256-1K32XHPcQBo8XdLDQNybfLQc9I8hqSZdjA/Ur3zW/io=",
"owner": "Nixos",
"repo": "nixpkgs",
"rev": "7edc243443b44444eba596557de03ee52beca2eb",
"rev": "19116ccf234e32acf133863d430506da68008550",
"type": "github"
},
"original": {
@ -653,11 +654,11 @@
},
"nixpkgs-legacy_2405": {
"locked": {
"lastModified": 1721226092,
"narHash": "sha256-UBvzVpo5sXSi2S/Av+t+Q+C2mhMIw/LBEZR+d6NMjws=",
"lastModified": 1721409541,
"narHash": "sha256-b6PLr0Ty7JPDBtJtjnYzlBf02bbH9alWMAgispMkTwk=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "c716603a63aca44f39bef1986c13402167450e0a",
"rev": "0c53b6b8c2a3e46c68e04417e247bba660689c9d",
"type": "github"
},
"original": {
@ -681,11 +682,11 @@
},
"nixpkgs-unstable-small": {
"locked": {
"lastModified": 1721393053,
"narHash": "sha256-xNiw9gIxyF6xsyXCiFESPjxMjuVAfmr4sBpM9u2l5io=",
"lastModified": 1721571961,
"narHash": "sha256-jfF4gpRUpTBY2OxDB0FRySsgNGOiuDckEtu7YDQom3Y=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "a0691657e9634cfc001f02995cca394025e3e940",
"rev": "4cc8b29327bed3d52b40041f810f49734298af46",
"type": "github"
},
"original": {
@ -713,11 +714,11 @@
},
"nixpkgs_3": {
"locked": {
"lastModified": 1719848872,
"narHash": "sha256-H3+EC5cYuq+gQW8y0lSrrDZfH71LB4DAf+TDFyvwCNA=",
"lastModified": 1721379653,
"narHash": "sha256-8MUgifkJ7lkZs3u99UDZMB4kbOxvMEXQZ31FO3SopZ0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "00d80d13810dbfea8ab4ed1009b09100cca86ba8",
"rev": "1d9c2c9b3e71b9ee663d11c5d298727dace8d374",
"type": "github"
},
"original": {
@ -898,11 +899,11 @@
},
"private_assets": {
"locked": {
"lastModified": 1718795974,
"narHash": "sha256-wK4G35I23mDBKmEZ07Xz0+064g/I+vuJ6hkXNguT7lA=",
"lastModified": 1721858622,
"narHash": "sha256-ocxF1NK8+K0UyuODwnedsDPyLaErEceaRZSeeejFAkQ=",
"ref": "main",
"rev": "77822a68120c56f6fc809a291e7d13173b8f7cea",
"revCount": 30,
"rev": "a460298aa522b5839dcd661ba32fc8fcbaccd11f",
"revCount": 42,
"type": "git",
"url": "ssh://forgejo@git.ingolf-wagner.de/palo/nixos-private-assets.git"
},
@ -949,29 +950,11 @@
"polygon-art": "polygon-art",
"private_assets": "private_assets",
"retiolum": "retiolum",
"secrets": "secrets",
"srvos": "srvos",
"stylix": "stylix",
"taskshell": "taskshell"
}
},
"secrets": {
"flake": false,
"locked": {
"lastModified": 1712505515,
"narHash": "sha256-XvuG5hC5EKAcie8dycZ7x5myPrObCkrCfUNkH/rsiTE=",
"ref": "main",
"rev": "edb5928f4d18aa58856b695139fc20a77c8763d5",
"revCount": 66,
"type": "git",
"url": "ssh://forgejo@git.ingolf-wagner.de/palo/nixos-secrets.git"
},
"original": {
"ref": "main",
"type": "git",
"url": "ssh://forgejo@git.ingolf-wagner.de/palo/nixos-secrets.git"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": [
@ -983,11 +966,11 @@
]
},
"locked": {
"lastModified": 1720926522,
"narHash": "sha256-eTpnrT6yu1vp8C0B5fxHXhgKxHoYMoYTEikQx///jxY=",
"lastModified": 1721531171,
"narHash": "sha256-AsvPw7T0tBLb53xZGcUC3YPqlIpdxoSx56u8vPCr6gU=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "0703ba03fd9c1665f8ab68cc3487302475164617",
"rev": "909e8cfb60d83321d85c8d17209d733658a21c95",
"type": "github"
},
"original": {
@ -1033,11 +1016,11 @@
]
},
"locked": {
"lastModified": 1721429336,
"narHash": "sha256-DTJUvI4Xkj4KC5tdq15OEUkPpk7Ebvqcz356dIT6jtY=",
"lastModified": 1721573849,
"narHash": "sha256-pHfzFzjADtCqMswGwrfC5klBWJZ6h94bxVrVObJLrEM=",
"owner": "danth",
"repo": "stylix",
"rev": "6bbae4f85b891df2e6e48b649919420434088507",
"rev": "0ef70039a6435446472182c8f8106947abfc523d",
"type": "github"
},
"original": {
@ -1105,11 +1088,11 @@
]
},
"locked": {
"lastModified": 1721059077,
"narHash": "sha256-gCICMMX7VMSKKt99giDDtRLkHJ0cwSgBtDijJAqTlto=",
"lastModified": 1720818892,
"narHash": "sha256-f52x9srIcqQm1Df3T+xYR5P6VfdnDFa2vkkcLhlTp6U=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "0fb28f237f83295b4dd05e342f333b447c097398",
"rev": "5b002f8a53ed04c1a4177e7b00809d57bd2c696f",
"type": "github"
},
"original": {
@ -1126,11 +1109,11 @@
]
},
"locked": {
"lastModified": 1720930114,
"narHash": "sha256-VZK73b5hG5bSeAn97TTcnPjXUXtV7j/AtS4KN8ggCS0=",
"lastModified": 1721458737,
"narHash": "sha256-wNXLQ/ATs1S4Opg1PmuNoJ+Wamqj93rgZYV3Di7kxkg=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "b92afa1501ac73f1d745526adc4f89b527595f14",
"rev": "888bfb10a9b091d9ed2f5f8064de8d488f7b7c97",
"type": "github"
},
"original": {

View file

@ -1,11 +1,6 @@
{
inputs = {
secrets = {
url = "git+ssh://forgejo@git.ingolf-wagner.de/palo/nixos-secrets.git?ref=main";
flake = false;
};
flake-parts.url = "github:hercules-ci/flake-parts";
flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs";
@ -81,7 +76,8 @@
inputs.home-manager.follows = "home-manager";
};
buildbot-nix.url = "github:nix-community/buildbot-nix";
#buildbot-nix.url = "github:nix-community/buildbot-nix";
buildbot-nix.url = "github:MagicRB/buildbot-nix?ref=pydantic-convert";
# smoke test framwork to trigger tests (enable if I want to use it for real)
#smoke = {
@ -121,7 +117,6 @@
, polygon-art
, private_assets
, retiolum
, secrets
, srvos
, stylix
, taskshell
@ -180,6 +175,7 @@
factsGenerator = clan-fact-generators.lib { inherit pkgs; };
clanLib = import ./lib/clanlib.nix { inherit (pkgs) lib; machineDir = ./machines; };
zerotierDeviceName = "ztbn67ogn2";
components = ./components;
};
};
@ -264,7 +260,21 @@
nix.settings.max-jobs = 1;
# no channesl needed this way
nix.nixPath = [ "nixpkgs=${pkgs.path}" ];
# documentation
# =============
documentation.nixos.enable = true;
#documentation.nixos.includeAllModules = true; # fixme : not working (see down there)
documentation.nixos.options.warningsAreErrors = false; # todo make this true again
documentation.nixos.extraModules = [
./components
inputs.clan-core.nixosModules.clanCore
# inputs.stylix.nixosModules.stylix # fixme: not working
permown.nixosModules.permown
kmonad.nixosModules.default
home-manager.nixosModules.home-manager
# retiolum.nixosModules.retiolum # fixme: not working
];
boot.loader.systemd-boot.configurationLimit = lib.mkDefault 10;
boot.loader.generic-extlinux-compatible.configurationLimit = lib.mkDefault 10;

View file

@ -120,9 +120,9 @@ in
};
services.copyq = {
enable = true;
};
#services.copyq = {
# enable = true;
#};
stylix.targets.i3.enable = true;

View file

@ -13,6 +13,8 @@ with lib;
jetbrains.idea-ultimate
#vscode
zed-editor
#jetbrains.mps
jetbrains.datagrip
@ -133,7 +135,7 @@ with lib;
] ++ (map pandocScript (lib.cartesianProduct {
inputFormat = [ "man" "markdown" "mediawiki" "asciidoc" ];
outputFormat = [ "mediawiki" "docbook5" "html5" "man" "jira" "markdown" ];
outputFormat = [ "mediawiki" "docbook5" "html5" "man" "jira" "markdown" "asciidoc" ];
}));
}

View file

@ -8,15 +8,16 @@
../../components
../../modules
./service-forgejo.nix
./service-forgejo-runner.nix
./service-forgejo.nix
./service-hedgedoc.nix
./service-nix-cache.nix
./service-photoprism.nix
#./service-surrealdb.nix # not really needed at the moment
./service-taskserver.nix
./service-vaultwarden.nix
#./service-surrealdb.nix # not really needed at the moment
./service-vikunja.nix
./service-nix-cache.nix
./service-wastebin.nix
./nginx-ingolf-wagner-de.nix
./nginx-wkd.nix

View file

@ -0,0 +1,27 @@
{ pkgs, ... }:
let
port = 9001;
in
{
services.wastebin = {
enable = true;
settings = {
WASTEBIN_ADDRESS_PORT = "127.0.0.1:${toString port}";
WASTEBIN_TITLE = "paste.ingolf-wagner.de";
WASTEBIN_MAX_PASTE_EXPIRATION = 60 * 60 * 24 * 30;
};
};
services.nginx = {
enable = true;
virtualHosts. "paste.ingolf-wagner.de" = {
forceSSL = true;
enableACME = true;
locations."/" = {
recommendedProxySettings = true;
proxyWebsockets = true;
proxyPass = "http://127.0.0.1:${toString port}";
};
};
};
}