daniel/dotfiles
1
0
Fork 0
Code Activity Actions

Update deps

Browse source
This commit is contained in:
Daniel Kempkens 2023-09-04 12:45:06 +02:00
parent e0d3ddae12
commit f5bbd84fcd
Signed by: daniel
SSH key fingerprint: SHA256:Ks/MyhQYcPRQiwMKLAKquWCdCPe3JXlb1WttgnAoSeM
16 changed files with 190 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
container/proxitok/default.nix
View file

@ -30,7 +30,7 @@
]; ];
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d /etc/container-proxitok/cache 0755 33 33" "d /etc/container-proxitok/cache 0755 nobody nogroup"
]; ];
services.redis.servers.proxitok = { services.redis.servers.proxitok = {

30
flake.lock
View file

@ -137,11 +137,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1693677537, "lastModified": 1693791515,
"narHash": "sha256-F8ozidIQV4Sp/IfTE54U+qIOuC88b9WskFWK5VrHBs4=", "narHash": "sha256-1HXhqNCd1nyxhUvhLuH8pb+wxBm5DNgxhRbBnERdAr8=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "06481a9836c37b7c1aba784092a984c2d2ef5431", "rev": "1c38664f59f95ac6ddef77a418df85ee662036d2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -514,11 +514,11 @@
}, },
"locked": { "locked": {
"dir": "contrib", "dir": "contrib",
"lastModified": 1693720845, "lastModified": 1693814116,
"narHash": "sha256-np6BdXUBSr34MATRnGWVz3refOKgGSql7W8CMCYmmFs=", "narHash": "sha256-9UWvn4tPo6Z7dCWzAfD9kTq31j5KyQf8MH1eogiKL9g=",
"owner": "neovim", "owner": "neovim",
"repo": "neovim", "repo": "neovim",
"rev": "820522d685e2794c638144a88ceee50d53bdc104", "rev": "069fad6e2df25e6b079879670cf6c68ae7ddb012",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -539,11 +539,11 @@
"weewx-proxy-flake": "weewx-proxy-flake" "weewx-proxy-flake": "weewx-proxy-flake"
}, },
"locked": { "locked": {
"lastModified": 1693729053, "lastModified": 1693815598,
"narHash": "sha256-cN0IyXk+mDveMM7pIBhnmEltb8d6RxMjHbpIQzitDYI=", "narHash": "sha256-DK026bknR7R2SmcoCDStZL/NrTxWPFunJEe23TLu3Gs=",
"owner": "nifoc", "owner": "nifoc",
"repo": "nix-overlay", "repo": "nix-overlay",
"rev": "3c30431db022fc05ad40400af3af6f1ec87ae61c", "rev": "ecab65354626cafb65dee976233250dd4d1199d9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -606,11 +606,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1693654884, "lastModified": 1693714546,
"narHash": "sha256-EqKKEl+IOS8TSjkt+xn1qGpsjnx5/ag33YNQ1+c7OuM=", "narHash": "sha256-3EMJZeGSZT6pD1eNwI/6Yc0R4rxklNvJ2SDFcsCnjpM=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "e7f35e03abd06a2faef6684d0de813370e13bda8", "rev": "d816b5ab44187a2dd84806630ce77a733724f95f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -975,11 +975,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1693689099, "lastModified": 1693817438,
"narHash": "sha256-NuilTRYMH+DDR/uBWQjDbX5mWCA05lwo2Sg9iTkkEs4=", "narHash": "sha256-fg3+n4Ky1gCzDtPm0MomMTFw0YkH05Y8ojy5t7bkfHg=",
"owner": "numtide", "owner": "numtide",
"repo": "treefmt-nix", "repo": "treefmt-nix",
"rev": "e3e0f9f6d47f8fc68aff15150eda1224fb46f4d4", "rev": "b8d3a059f5487d6767d07c3716386753e3132d9f",
"type": "github" "type": "github"
}, },
"original": { "original": {

3
hardware/hosts/argon.nix
View file

@ -9,9 +9,10 @@
kernel.sysctl = { kernel.sysctl = {
"net.core.default_qdisc" = "fq"; "net.core.default_qdisc" = "fq";
"net.ipv4.tcp_congestion_control" = "bbr"; "net.ipv4.tcp_congestion_control" = "bbr";
"net.ipv4.tcp_syncookies" = 0; "net.ipv4.tcp_syncookies" = 1;
"net.ipv4.tcp_timestamps" = 1; "net.ipv4.tcp_timestamps" = 1;
"net.ipv4.tcp_window_scaling" = 1; "net.ipv4.tcp_window_scaling" = 1;
"net.ipv4.tcp_fastopen" = 3;
"net.core.rmem_max" = 2500000; "net.core.rmem_max" = 2500000;
"net.core.wmem_max" = 2500000; "net.core.wmem_max" = 2500000;
}; };

4
hardware/hosts/mediaserver.nix
View file

@ -20,10 +20,12 @@
kernel.sysctl = { kernel.sysctl = {
"net.core.default_qdisc" = "fq"; "net.core.default_qdisc" = "fq";
"net.ipv4.tcp_congestion_control" = "bbr"; "net.ipv4.tcp_congestion_control" = "bbr";
"net.ipv4.tcp_syncookies" = 0; "net.ipv4.tcp_syncookies" = 1;
"net.ipv4.tcp_timestamps" = 1; "net.ipv4.tcp_timestamps" = 1;
"net.ipv4.tcp_window_scaling" = 1; "net.ipv4.tcp_window_scaling" = 1;
"net.ipv4.tcp_fastopen" = 3;
"net.core.rmem_max" = 2500000; "net.core.rmem_max" = 2500000;
"net.core.wmem_max" = 2500000;
}; };
}; };

3
hardware/hosts/tanker.nix
View file

@ -28,9 +28,10 @@
kernel.sysctl = { kernel.sysctl = {
"net.core.default_qdisc" = "fq"; "net.core.default_qdisc" = "fq";
"net.ipv4.tcp_congestion_control" = "bbr"; "net.ipv4.tcp_congestion_control" = "bbr";
"net.ipv4.tcp_syncookies" = 0; "net.ipv4.tcp_syncookies" = 1;
"net.ipv4.tcp_timestamps" = 1; "net.ipv4.tcp_timestamps" = 1;
"net.ipv4.tcp_window_scaling" = 1; "net.ipv4.tcp_window_scaling" = 1;
"net.ipv4.tcp_fastopen" = 3;
"net.core.rmem_max" = 2500000; "net.core.rmem_max" = 2500000;
"vm.overcommit_memory" = 1; "vm.overcommit_memory" = 1;
}; };

16
home/programs/nvim/plugins.nix
View file

@ -118,12 +118,12 @@ in
}; };
nvim-treesitter = buildVimPluginFrom2Nix { nvim-treesitter = buildVimPluginFrom2Nix {
pname = "nvim-treesitter"; pname = "nvim-treesitter";
version = "2023-09-02"; version = "2023-09-04";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "nvim-treesitter"; owner = "nvim-treesitter";
repo = "nvim-treesitter"; repo = "nvim-treesitter";
rev = "17b943e7c5cc2b2db3ac7b5720fbd42e75a00d8d"; rev = "30604fd7dde5abcba7ca8f5761894dfa61febe51";
sha256 = "03yq7pn0vz93xjjrs6cbypqvqxncxgsadmrvgkx177c3w146w0zl"; sha256 = "0mzl92jdgdjr36gy58pvdsca91k0lxf6pzcf3cw86h01rai2lmfg";
fetchSubmodules = false; fetchSubmodules = false;
}; };
}; };
@ -162,12 +162,12 @@ in
}; };
telescope-nvim = buildVimPluginFrom2Nix { telescope-nvim = buildVimPluginFrom2Nix {
pname = "telescope.nvim"; pname = "telescope.nvim";
version = "2023-09-03"; version = "2023-09-04";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "nvim-telescope"; owner = "nvim-telescope";
repo = "telescope.nvim"; repo = "telescope.nvim";
rev = "3fae9c1e14910e6669bb8ecbb473aba6a9e13b33"; rev = "6b79d7a6a45adc1508a7afee5bc973173ec22f59";
sha256 = "0mh0f9wzfdh3vjv52i9h883s8i0zl4qgm3f3ykbi81ah4x25banp"; sha256 = "15lr5b7922w6wrzky0gy5sgscmw5axvhyajkfdqgrlpl98acqfgp";
fetchSubmodules = false; fetchSubmodules = false;
}; };
}; };
@ -521,8 +521,8 @@ in
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "rebelot"; owner = "rebelot";
repo = "heirline.nvim"; repo = "heirline.nvim";
rev = "033b35355852daa8b0e0f55dc346a06b303281e6"; rev = "7f1e805dfc001d5dbb7d894105063f463f6c7dcc";
sha256 = "0hzaznj54lw17zzsy3w9wnqxpd8l0avxj8lwp01sf325jvmlxvkg"; sha256 = "1hy5a30pb0cv93dh796lh08p5k43b4b732sr4ka0pwj4n4a3q82r";
fetchSubmodules = false; fetchSubmodules = false;
}; };
}; };

1
system/hosts/argon.nix
View file

@ -16,6 +16,7 @@ in
../nixos/acme-argon.nix ../nixos/acme-argon.nix
../nixos/nginx.nix ../nixos/nginx.nix
../nixos/nginx-argon.nix
(import ../nixos/adguardhome.nix (args // { inherit secret; })) (import ../nixos/adguardhome.nix (args // { inherit secret; }))

1
system/hosts/mediaserver.nix
View file

@ -15,6 +15,7 @@ in
../nixos/acme-mediaserver.nix ../nixos/acme-mediaserver.nix
../nixos/nginx.nix ../nixos/nginx.nix
../nixos/nginx-mediaserver.nix
../nixos/postgresql.nix ../nixos/postgresql.nix
(import ../nixos/adguardhome.nix (args // { inherit secret; })) (import ../nixos/adguardhome.nix (args // { inherit secret; }))

1
system/hosts/tanker.nix
View file

@ -18,6 +18,7 @@ in
../nixos/acme-tanker.nix ../nixos/acme-tanker.nix
../nixos/nginx.nix ../nixos/nginx.nix
../nixos/nginx-tanker.nix
../nixos/postgresql.nix ../nixos/postgresql.nix
../nixos/elasticsearch.nix ../nixos/elasticsearch.nix
../nixos/mosquitto.nix ../nixos/mosquitto.nix

13
system/nixos/adguardhome.nix
View file

@ -80,17 +80,26 @@
addr = "0.0.0.0"; addr = "0.0.0.0";
port = 9053; port = 9053;
ssl = true; ssl = true;
extraParameters = [
"fastopen=63"
"backlog=1023"
"deferred"
];
} }
{ {
addr = "[::0]"; addr = "[::0]";
port = 9053; port = 9053;
ssl = true; ssl = true;
extraParameters = [
"fastopen=63"
"backlog=1023"
"deferred"
];
} }
]; ];
quic = true; quic = false;
http3 = true;
onlySSL = true; onlySSL = true;
useACMEHost = "internal.kempkens.network"; useACMEHost = "internal.kempkens.network";

4
system/nixos/home-proxy.nix
View file

@ -9,8 +9,8 @@
} }
server { server {
listen *:${builtins.toString secret.nginx.upstream.video.externalPort}; listen *:${builtins.toString secret.nginx.upstream.video.externalPort} fastopen=63 backlog=1023;
listen [::]:${builtins.toString secret.nginx.upstream.video.externalPort}; listen [::]:${builtins.toString secret.nginx.upstream.video.externalPort} fastopen=63 backlog=1023;
proxy_protocol on; proxy_protocol on;
proxy_pass video; proxy_pass video;

9
system/nixos/jellyfin.nix
View file

@ -63,10 +63,17 @@
addr = "0.0.0.0"; addr = "0.0.0.0";
port = 9921; port = 9921;
ssl = true; ssl = true;
extraParameters = [ "proxy_protocol" ]; extraParameters = [
"proxy_protocol"
"fastopen=63"
"backlog=1023"
"deferred"
];
} }
]; ];
quic = false;
onlySSL = true; onlySSL = true;
useACMEHost = "internal.kempkens.network"; useACMEHost = "internal.kempkens.network";

24
system/nixos/libreddit.nix
View file

@ -9,7 +9,31 @@
}; };
services.nginx.virtualHosts."${secret.nginx.hostnames.libreddit}" = { services.nginx.virtualHosts."${secret.nginx.hostnames.libreddit}" = {
# listen = [
# {
# addr = "100.108.165.26";
# port = 443;
# ssl = true;
# extraParameters = [
# "fastopen=63"
# "backlog=1023"
# "deferred"
# ];
# }
#
# {
# addr = "[fd7a:115c:a1e0:ab12:4843:cd96:626c:a51a]";
# port = 443;
# ssl = true;
# extraParameters = [
# "fastopen=63"
# "backlog=1023"
# ];
# }
# ];
listenAddresses = [ "100.108.165.26" "[fd7a:115c:a1e0:ab12:4843:cd96:626c:a51a]" ]; listenAddresses = [ "100.108.165.26" "[fd7a:115c:a1e0:ab12:4843:cd96:626c:a51a]" ];
quic = true; quic = true;
http3 = true; http3 = true;

37
system/nixos/nginx-argon.nix Normal file
View file

@ -0,0 +1,37 @@
{
services.nginx.virtualHosts."default.internal.kempkens.network" = {
listen = [
{
addr = "0.0.0.0";
port = 443;
ssl = true;
extraParameters = [
"fastopen=63"
"backlog=1023"
"deferred"
];
}
{
addr = "[::0]";
port = 443;
ssl = true;
extraParameters = [
"fastopen=63"
"backlog=1023"
"deferred"
];
}
];
default = true;
quic = false;
onlySSL = true;
useACMEHost = "internal.kempkens.network";
locations."/" = {
return = "418";
};
};
}

37
system/nixos/nginx-mediaserver.nix Normal file
View file

@ -0,0 +1,37 @@
{
services.nginx.virtualHosts."default.internal.kempkens.network" = {
listen = [
{
addr = "0.0.0.0";
port = 443;
ssl = true;
extraParameters = [
"fastopen=63"
"backlog=1023"
"deferred"
];
}
{
addr = "[::0]";
port = 443;
ssl = true;
extraParameters = [
"fastopen=63"
"backlog=1023"
"deferred"
];
}
];
default = true;
quic = false;
onlySSL = true;
useACMEHost = "internal.kempkens.network";
locations."/" = {
return = "418";
};
};
}

37
system/nixos/nginx-tanker.nix Normal file
View file

@ -0,0 +1,37 @@
{
services.nginx.virtualHosts."default.kempkens.io" = {
listen = [
{
addr = "0.0.0.0";
port = 443;
ssl = true;
extraParameters = [
"fastopen=63"
"backlog=1023"
"deferred"
];
}
{
addr = "[::0]";
port = 443;
ssl = true;
extraParameters = [
"fastopen=63"
"backlog=1023"
"deferred"
];
}
];
default = true;
quic = false;
onlySSL = true;
useACMEHost = "kempkens.io";
locations."/" = {
return = "418";
};
};
}