Compare commits
2 commits
d42f70bb43
...
b438a36f3b
Author | SHA1 | Date | |
---|---|---|---|
b438a36f3b | |||
178b0e28ca |
28 changed files with 225 additions and 129 deletions
Binary file not shown.
|
@ -1,10 +1,10 @@
|
||||||
age-encryption.org/v1
|
age-encryption.org/v1
|
||||||
-> ssh-ed25519 MtGp6g WF7NACS4+2IWcLmDTjbiXQsI93ZUDUeofMg6eYwXyRM
|
-> ssh-ed25519 MtGp6g f+HNEy02C/zWGNsrPpPzJiZc2JvRDH6L5vNqd3Hh2Tk
|
||||||
xy71RLaW5MwZU69EP4A4x9SSTLsv2vINzdjPZbHUJ+8
|
U2BMb3YczFvYe2EXsRpg+L4GRJ8cwYNPXmEqwHZj2Us
|
||||||
-> ssh-ed25519 Y94Yig nCe73IOsZbRmWpGBAg26zTkTP3GC3FnpmS7UujJkTyU
|
-> ssh-ed25519 Y94Yig HXut7W1n8I/PjISX8+wCAddIg3509V3Z4pw0KcBilGo
|
||||||
kY6qLgHIH+5bUTKDTqcak2r2l15XNJR2Hm7uCk1OxGM
|
LW4jo71cZ6oHu0UnnikI0iEM17HlhUHFz02eO/ZAAnU
|
||||||
-> F>J-grease @@cdP
|
-> $vz-grease
|
||||||
NHDpMlW3kAJD9b/YgQkciZs7IILSWIFi0LY5L6j3IaQp1QTU1xQRzGs0QpH2jYCs
|
uKSVRbtXjOS6mUAzvk9xa3JWgWmktEmNHO6NPalag3C8OULWzDWPsGNaTpY/OCV+
|
||||||
6UIr2dIfw/qc9Q8IGeOYJvHXfjtw
|
Re5Uq458B62NwvLlLbw
|
||||||
--- l+vCsTsawEm3J0DqduySW+9k3YMqa0iSHMoo/7Kk9xo
|
--- /wV5Bm3A43iFaxc6VAq8YJAei/PDFLCAzMz/TpXmRKA
|
||||||
i(èA]÷‚b ÖÍ“gônÑ:
#|<7C>=Kcµ4ƒ…¥ˆ „Rê<52>X:‡#D.~í<=Ës«KžËÖbøþ>ž.À¹ˆ]"ãôV$<24>C廊(ôÚ͹Øÿ
|
™÷ÎŻ
žĹłIXă›xżJ|´”ÖEx×=n0J™{ŮNôŐ¶·±h'ÇĎ0š˛Ń}q<>ófhą;ĚyČ0ÄDJmáQ(‚ç<E2809A>'źă'EÜą3
|
|
@ -31,6 +31,18 @@
|
||||||
file = ./forgejo-actions/token.age;
|
file = ./forgejo-actions/token.age;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
headscale-database-password = {
|
||||||
|
file = ./headscale/dbPassword.age;
|
||||||
|
owner = "headscale";
|
||||||
|
group = "headscale";
|
||||||
|
};
|
||||||
|
|
||||||
|
headscale-acls = {
|
||||||
|
file = ./headscale/acls.age;
|
||||||
|
owner = "headscale";
|
||||||
|
group = "headscale";
|
||||||
|
};
|
||||||
|
|
||||||
linkding-environment = {
|
linkding-environment = {
|
||||||
file = ./linkding/environment.age;
|
file = ./linkding/environment.age;
|
||||||
};
|
};
|
||||||
|
|
BIN
agenix/hosts/tanker/headscale/acls.age
Normal file
BIN
agenix/hosts/tanker/headscale/acls.age
Normal file
Binary file not shown.
11
agenix/hosts/tanker/headscale/dbPassword.age
Normal file
11
agenix/hosts/tanker/headscale/dbPassword.age
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 MtGp6g Ksx8IgaAlR47n4KH6gqrFa0/LTbJdng+Y4LyaIyUoHM
|
||||||
|
Us/MXus/dEo5z3q9Un44jGgAPOQmQABhSvEEFbSNZaY
|
||||||
|
-> ssh-ed25519 iO8/4g bb5CMC4W+/8LqXV4wo5lL/pEPiDv8aTB2JTP4WAU8RI
|
||||||
|
zUDaW+pIBLWzNpeoRnSVTrs0FzCzGp88xOJQCJ23Abg
|
||||||
|
-> 9Avzmsce-grease *| wURxw
|
||||||
|
N/PIH4VmQp68zcOwFozdd/46yiXa7YT3kughflU+PnxACswnu0r56YYEoU40lPqV
|
||||||
|
kIdUiACfIFkXByDvS4Xt/WlT4X9Ncu0LCEzMZhnT4HQtL8lVMMAWqm6BdDDn4yBs
|
||||||
|
VuA
|
||||||
|
--- EN7FwLG8kh/pxDa8gJyFwccM3ew8LqhmJDN7TTVMiSE
|
||||||
|
”+lûáÿ1÷ccœõ’:cnGÄÎüá=+Þ´Ä `'‚Ãô>AÄ0q z*çÕe0D¶D
|
|
@ -1,10 +1,9 @@
|
||||||
age-encryption.org/v1
|
age-encryption.org/v1
|
||||||
-> ssh-ed25519 MtGp6g 8/VvalpTjMjXQYaGZiNTJ/UyXXcgaaKXT46+sn2IuC0
|
-> ssh-ed25519 MtGp6g 4pT/Mw3rQ4Fce6O8VQUg0iiwm5a2uTkBLtGuyhWrtHE
|
||||||
eH+i//7AQiJ9KSD8NUkAd6CL6G6wuPeWBYLaUVUkH1s
|
uc2ECQhpzARnywarhHF7yQa6SY7DYg7q6f4GaWxIJsA
|
||||||
-> ssh-ed25519 iO8/4g B9Tzo0djfjhV5wDj3i6JZseYJth+zIxkfbbMDuK8y3s
|
-> ssh-ed25519 iO8/4g ZuFmCVHKMjwtchVw/MXr3OEOIuXMmB3OJcVjeXf6kQg
|
||||||
Wgokb9VVhd49riNZZ1JxuCGX1MgwzGr1Yqju475U0YA
|
g8JMv21lAtoogNITlpSfa4yfQP0ouqD961OcoYXbWBA
|
||||||
-> 4S?&lGG-grease ? {z[+;U.< l8P&' !'eh+
|
-> 'D~T-grease L<0z6X|I ~0ki Z,Vsm !LvoC'*
|
||||||
mEhY97w5jF9ubheu6mx4puGrqsUyPxwGLhiwMjr5YLLwR5Hnj9xRY40UHGdng1H1
|
|
||||||
ssoX94PaJQN2YwwMSa8WudBhe2hAP7cWpH8tFMH6u/exmGO4UA
|
--- k/qNUN24AQe4kouuHkT1wbnUkJnXIPOBH9suI/ZX4ow
|
||||||
--- x1cfStmTuQb1xfYJ5DazYeAhjA1JcHZJF7Z4dhy2V58
|
ܼjY>¸=ÓqÒâ¿M‘¾u-ÖÙÍBi+þ†—˜¢=Ì/!KÎa”ñ³íÝêD‹jëkBØ‹0Ï'<27>sî²a{cŇW)º”ouÚô
|
||||||
Åú´ÌXK†eµtš0ùM(QiœB-7ÒxgG<67>NÁ¿ŠÀéBXÉ’ÿ\V†ÎØ=GfM§KÀèÀšé.<2E>$+ÿÂË'‹ØŸ;Ó€¨›ôdÈMÇrǯ¢H
|
|
|
@ -52,7 +52,7 @@
|
||||||
networking.firewall.interfaces."podman+".allowedTCPPorts = [ 6381 ];
|
networking.firewall.interfaces."podman+".allowedTCPPorts = [ 6381 ];
|
||||||
|
|
||||||
services.nginx.virtualHosts."tictac.daniel.sx" = {
|
services.nginx.virtualHosts."tictac.daniel.sx" = {
|
||||||
listenAddresses = [ "100.108.165.26" "[fd7a:115c:a1e0:ab12:4843:cd96:626c:a51a]" ];
|
listenAddresses = [ "100.64.10.2" "[fd7a:115c:a1e0:1010::2]" ];
|
||||||
quic = true;
|
quic = true;
|
||||||
http3 = true;
|
http3 = true;
|
||||||
|
|
||||||
|
|
79
flake.lock
79
flake.lock
|
@ -89,11 +89,11 @@
|
||||||
"utils": "utils"
|
"utils": "utils"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1695029081,
|
"lastModified": 1695052866,
|
||||||
"narHash": "sha256-1jpJoeDbxYXWViVRkiSyDxsT4SqqsxgYu5Cg7xisKrA=",
|
"narHash": "sha256-agn7F9Oww4oU6nPiw+YiYI9Xb4vOOE73w8PAoBRP4AA=",
|
||||||
"owner": "serokell",
|
"owner": "serokell",
|
||||||
"repo": "deploy-rs",
|
"repo": "deploy-rs",
|
||||||
"rev": "57d5071e60c1318ec27eb987f96504ce3d58cb34",
|
"rev": "e3f41832680801d0ee9e2ed33eb63af398b090e9",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -109,11 +109,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1695000028,
|
"lastModified": 1695204792,
|
||||||
"narHash": "sha256-PAZl5eDhj44b7+1JOdT+BGGK1UsCHWKG+v8tw/Gmy34=",
|
"narHash": "sha256-8hsi2L8e5EiWZBcbjmKTDWXXLsi4BOC2FEjaZFPdjWo=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "disko",
|
"repo": "disko",
|
||||||
"rev": "7548ad94698adb90ee17ff62581f2b2457faaedd",
|
"rev": "f43f106e91fe4f6591cf80cc5c8179e841c6e922",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -300,11 +300,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1694643239,
|
"lastModified": 1695224363,
|
||||||
"narHash": "sha256-pv2k/5FvyirDE8g4TNehzwZ0T4UOMMmqWSQnM/luRtE=",
|
"narHash": "sha256-+hfjJLUMck5G92RVFDZA7LWkR3kOxs5zQ7RPW9t3eM8=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "d9b88b43524db1591fb3d9410a21428198d75d49",
|
"rev": "408ba13188ff9ce309fa2bdd2f81287d79773b00",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -323,11 +323,11 @@
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"dir": "contrib",
|
"dir": "contrib",
|
||||||
"lastModified": 1695010592,
|
"lastModified": 1695293905,
|
||||||
"narHash": "sha256-TbYvLxmx2O6d/oVCG+yHpSg1ZJZRsq4PRVZFV0AOhrg=",
|
"narHash": "sha256-vwuytAB/nKLQQ1itTN/Bh1bsRjf31fP/MHNbQkn01DQ=",
|
||||||
"owner": "neovim",
|
"owner": "neovim",
|
||||||
"repo": "neovim",
|
"repo": "neovim",
|
||||||
"rev": "9cadbf1d36b63f53f0de48c8c5ff6c752ff05d70",
|
"rev": "5e43a4ce4d973677172519a50e4f6f49e6dd4a2b",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -346,11 +346,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1695020316,
|
"lastModified": 1695306705,
|
||||||
"narHash": "sha256-DTVi6jrCNcR1xWzZVru5FecLK3Az0+eTR8IoJRLteUI=",
|
"narHash": "sha256-20Li8SnO/ByNkYWmfrx7KDUQftz/2tnRSYGAXACzVMo=",
|
||||||
"ref": "refs/heads/master",
|
"ref": "refs/heads/master",
|
||||||
"rev": "d5ed014c12239f9b76cf5aeb80002ae9f74b227a",
|
"rev": "1845949793f5a16d5ab6c7c1bc4c9c7eed229b71",
|
||||||
"revCount": 494,
|
"revCount": 496,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://git.kempkens.io/daniel/nix-overlay"
|
"url": "https://git.kempkens.io/daniel/nix-overlay"
|
||||||
},
|
},
|
||||||
|
@ -366,11 +366,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1694810318,
|
"lastModified": 1695114819,
|
||||||
"narHash": "sha256-LuvrVj2oj9TzdnnwtQUClqcXjpgwCP01FFVBM7azGV8=",
|
"narHash": "sha256-/aIfbZxP39QZ8m7qX2RzQTy5PWzz2e22cCcZ+AOO7lA=",
|
||||||
"owner": "lnl7",
|
"owner": "lnl7",
|
||||||
"repo": "nix-darwin",
|
"repo": "nix-darwin",
|
||||||
"rev": "80bb201f4925cdda5a7a3c7b1900fb26bb2af2e8",
|
"rev": "afeddc412b3a3b0e7c9ef7ea5fbdf2186781d102",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -381,11 +381,11 @@
|
||||||
},
|
},
|
||||||
"nixos-hardware": {
|
"nixos-hardware": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1695031320,
|
"lastModified": 1695109627,
|
||||||
"narHash": "sha256-n3+Gj013nrkmbdgMOVMPHflZGvG+uUHVY7fwGlm4tsA=",
|
"narHash": "sha256-4rpyoVzmunIG6xWA/EonnSSqC69bDBzciFi6SjBze/0=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixos-hardware",
|
"repo": "nixos-hardware",
|
||||||
"rev": "d53069def4fb2d92da1ec062b583c088426dc61a",
|
"rev": "cb4dc98f776ddb6af165e6f06b2902efe31ca67a",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -397,11 +397,11 @@
|
||||||
},
|
},
|
||||||
"nixos-unstable": {
|
"nixos-unstable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1694767346,
|
"lastModified": 1695145219,
|
||||||
"narHash": "sha256-5uH27SiVFUwsTsqC5rs3kS7pBoNhtoy9QfTP9BmknGk=",
|
"narHash": "sha256-Eoe9IHbvmo5wEDeJXKFOpKUwxYJIOxKUesounVccNYk=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "ace5093e36ab1e95cb9463863491bee90d5a4183",
|
"rev": "5ba549eafcf3e33405e5f66decd1a72356632b96",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -413,11 +413,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1694948089,
|
"lastModified": 1695132891,
|
||||||
"narHash": "sha256-d2B282GmQ9o8klc22/Rbbbj6r99EnELQpOQjWMyv0rU=",
|
"narHash": "sha256-cJR9AFHmt816cW/C9necLJyOg/gsnkvEeFAfxgeM1hc=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "5148520bfab61f99fd25fb9ff7bfbb50dad3c9db",
|
"rev": "8b5ab8341e33322e5b66fb46ce23d724050f6606",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -463,6 +463,22 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"nixpkgs-master": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1695306240,
|
||||||
|
"narHash": "sha256-MsVESu3+HK9cZZ7755uT26n1REpNRgC3Ry7keQ0dIcU=",
|
||||||
|
"owner": "nixos",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "d9c6fcb483ae66621c1dd382cdd939493b8712d0",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nixos",
|
||||||
|
"ref": "master",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"nixpkgs-stable": {
|
"nixpkgs-stable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1685004253,
|
"lastModified": 1685004253,
|
||||||
|
@ -533,6 +549,7 @@
|
||||||
"nixos-hardware": "nixos-hardware",
|
"nixos-hardware": "nixos-hardware",
|
||||||
"nixos-unstable": "nixos-unstable",
|
"nixos-unstable": "nixos-unstable",
|
||||||
"nixpkgs": "nixpkgs",
|
"nixpkgs": "nixpkgs",
|
||||||
|
"nixpkgs-master": "nixpkgs-master",
|
||||||
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
|
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
|
||||||
"treefmt-nix": "treefmt-nix"
|
"treefmt-nix": "treefmt-nix"
|
||||||
}
|
}
|
||||||
|
@ -601,11 +618,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1694528738,
|
"lastModified": 1695290086,
|
||||||
"narHash": "sha256-aWMEjib5oTqEzF9f3WXffC1cwICo6v/4dYKjwNktV8k=",
|
"narHash": "sha256-ol6licpIAzc9oMsEai/9YZhgSMcrnlnD/3ulMLGNKL0=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "treefmt-nix",
|
"repo": "treefmt-nix",
|
||||||
"rev": "7a49c388d7a6b63bb551b1ddedfa4efab8f400d8",
|
"rev": "e951529be2e7c669487de78f5aef8597bbae5fca",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
inputs = {
|
inputs = {
|
||||||
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
|
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
|
||||||
nixos-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
|
nixos-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||||
# nixpkgs-master.url = "github:nixos/nixpkgs/master";
|
nixpkgs-master.url = "github:nixos/nixpkgs/master";
|
||||||
|
|
||||||
# Tools
|
# Tools
|
||||||
|
|
||||||
|
@ -76,7 +76,7 @@
|
||||||
tanker = import ./system/flakes/tanker.nix {
|
tanker = import ./system/flakes/tanker.nix {
|
||||||
nixpkgs = inputs.nixos-unstable;
|
nixpkgs = inputs.nixos-unstable;
|
||||||
|
|
||||||
inherit (inputs) disko deploy-rs home-manager agenix attic;
|
inherit (inputs) nixpkgs-master disko deploy-rs home-manager agenix attic;
|
||||||
inherit inputs;
|
inherit inputs;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -63,12 +63,12 @@ in
|
||||||
};
|
};
|
||||||
yanky-nvim = buildVimPluginFrom2Nix {
|
yanky-nvim = buildVimPluginFrom2Nix {
|
||||||
pname = "yanky.nvim";
|
pname = "yanky.nvim";
|
||||||
version = "2023-09-11";
|
version = "2023-09-19";
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "gbprod";
|
owner = "gbprod";
|
||||||
repo = "yanky.nvim";
|
repo = "yanky.nvim";
|
||||||
rev = "4c85d8d6808d9859e72f8bd6c25302199e6a5eac";
|
rev = "4f5f15829fbad15ed703e7cb072cdf2a488cf5e7";
|
||||||
sha256 = "0ph1mc7nlfsx0aaybnvg6wwpx7hv2ks621qkjcrl3hf8dbc173xs";
|
sha256 = "0gqzaifbvaj7l9x3l5m2wwn52r2a3giysdbzvmnkyjkj53jn3ya6";
|
||||||
fetchSubmodules = false;
|
fetchSubmodules = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -118,12 +118,12 @@ in
|
||||||
};
|
};
|
||||||
nvim-treesitter = buildVimPluginFrom2Nix {
|
nvim-treesitter = buildVimPluginFrom2Nix {
|
||||||
pname = "nvim-treesitter";
|
pname = "nvim-treesitter";
|
||||||
version = "2023-09-18";
|
version = "2023-09-21";
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "nvim-treesitter";
|
owner = "nvim-treesitter";
|
||||||
repo = "nvim-treesitter";
|
repo = "nvim-treesitter";
|
||||||
rev = "f9034812d8335356ef3ede49110d1569624033fa";
|
rev = "b7f2dd5dfbd24a1239844e15637b637b990df164";
|
||||||
sha256 = "199dhiv68j9rhq14lvckz04hrlrz8p9ipmbbh32wjhj46j0q5f6k";
|
sha256 = "199hp19b8wp9fxzcb7pakcs4djbsnghbkv5914llc57w6ybhdqdb";
|
||||||
fetchSubmodules = false;
|
fetchSubmodules = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -162,12 +162,12 @@ in
|
||||||
};
|
};
|
||||||
telescope-nvim = buildVimPluginFrom2Nix {
|
telescope-nvim = buildVimPluginFrom2Nix {
|
||||||
pname = "telescope.nvim";
|
pname = "telescope.nvim";
|
||||||
version = "2023-09-16";
|
version = "2023-09-20";
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "nvim-telescope";
|
owner = "nvim-telescope";
|
||||||
repo = "telescope.nvim";
|
repo = "telescope.nvim";
|
||||||
rev = "b543aaa2c9cf8123ed2fe7dbb6c211a9cd415124";
|
rev = "40c8d2fc2b729dd442eda093cf8c9496d6e23732";
|
||||||
sha256 = "0k0jymfkp9n65pb5iak7kf89pl41zr7iwg19ww31j3b814am4pjd";
|
sha256 = "08nxnnglli2j07k70xxfjnd02iysr3zbac26xqjv0b1rdn24w9gx";
|
||||||
fetchSubmodules = false;
|
fetchSubmodules = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -242,23 +242,23 @@ in
|
||||||
};
|
};
|
||||||
nvim-lspconfig = buildVimPluginFrom2Nix {
|
nvim-lspconfig = buildVimPluginFrom2Nix {
|
||||||
pname = "nvim-lspconfig";
|
pname = "nvim-lspconfig";
|
||||||
version = "2023-09-15";
|
version = "2023-09-20";
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "neovim";
|
owner = "neovim";
|
||||||
repo = "nvim-lspconfig";
|
repo = "nvim-lspconfig";
|
||||||
rev = "cc388d3f6b9c7c943ae2b2dcd46ad470fd257f91";
|
rev = "4266f9bb36b4fb09edd19b67d95043cf7ff88ddf";
|
||||||
sha256 = "0xw1xya93qks2azp0rg2k7fyg2ak31c3z897af9d3lx0nrhy31xs";
|
sha256 = "1fj81152cpcmbbc9vkbv7cr94i0y9hz4gi0bzsar632wrdsni5q0";
|
||||||
fetchSubmodules = false;
|
fetchSubmodules = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
nvim-jdtls = buildVimPluginFrom2Nix {
|
nvim-jdtls = buildVimPluginFrom2Nix {
|
||||||
pname = "nvim-jdtls";
|
pname = "nvim-jdtls";
|
||||||
version = "2023-09-14";
|
version = "2023-09-19";
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "mfussenegger";
|
owner = "mfussenegger";
|
||||||
repo = "nvim-jdtls";
|
repo = "nvim-jdtls";
|
||||||
rev = "697b39e3db0e0d0ce9ee4c2df506a4e0386af6c2";
|
rev = "3ca419c52a7c20a2565237db2c110ed68fc7e6f1";
|
||||||
sha256 = "0iaccv986r4z1lmfih24dk2ls501bfqw3n7z4h0mwbf7xqm9jml3";
|
sha256 = "1jy5yklfc3fvajy5mqwfi4h6p5bxb71ar1hnck8k8hciggrijhrq";
|
||||||
fetchSubmodules = false;
|
fetchSubmodules = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -286,23 +286,23 @@ in
|
||||||
};
|
};
|
||||||
vim-illuminate = buildVimPluginFrom2Nix {
|
vim-illuminate = buildVimPluginFrom2Nix {
|
||||||
pname = "vim-illuminate";
|
pname = "vim-illuminate";
|
||||||
version = "2023-09-12";
|
version = "2023-09-20";
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "RRethy";
|
owner = "RRethy";
|
||||||
repo = "vim-illuminate";
|
repo = "vim-illuminate";
|
||||||
rev = "8c910b2f84ae6acd9b4b17330bb94dd783c0c11a";
|
rev = "6acf7d4a18255a3ddc43770866c8e148fe85af7b";
|
||||||
sha256 = "0v6w5lm8f39yg9s3lfh15a2sbw8sr6pfiz6p83fmigrxncvb49cp";
|
sha256 = "1vgr5cjvkv7jxiwap7fzlhmpmhs8xmlswbzvi747zsbsgwvrk5yf";
|
||||||
fetchSubmodules = false;
|
fetchSubmodules = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
nvim-lint = buildVimPluginFrom2Nix {
|
nvim-lint = buildVimPluginFrom2Nix {
|
||||||
pname = "nvim-lint";
|
pname = "nvim-lint";
|
||||||
version = "2023-09-17";
|
version = "2023-09-21";
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "mfussenegger";
|
owner = "mfussenegger";
|
||||||
repo = "nvim-lint";
|
repo = "nvim-lint";
|
||||||
rev = "3c936d9d28aa5c5d4c90780e1c3430171bdcb3c2";
|
rev = "75a837ce983c0fb94c1abd81a11371dc62c404a8";
|
||||||
sha256 = "12db99jb2wwbf6j8y1d7q5dgrnr5x11j5x83f72sbl800axlkdvf";
|
sha256 = "1wq18qamr5a3khyx52jgaz597cbizpc007cv45cffn11q0sy15s4";
|
||||||
fetchSubmodules = false;
|
fetchSubmodules = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -319,12 +319,12 @@ in
|
||||||
};
|
};
|
||||||
LuaSnip = buildVimPluginFrom2Nix {
|
LuaSnip = buildVimPluginFrom2Nix {
|
||||||
pname = "LuaSnip";
|
pname = "LuaSnip";
|
||||||
version = "2023-09-17";
|
version = "2023-09-21";
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "L3MON4D3";
|
owner = "L3MON4D3";
|
||||||
repo = "LuaSnip";
|
repo = "LuaSnip";
|
||||||
rev = "3657c3f3cb2214a681fc7e95b6ffb509d076ebfb";
|
rev = "c5fb16a934892086d4ba01bac48b77c65435025e";
|
||||||
sha256 = "1w7jzcwkyikl4v5irb5yc0v5vs0k758mdwvgnscc9zzwsg6vs642";
|
sha256 = "08gqbwpsqnlvrn11g51h44npfhh1gbxkw55sl7qpa5q3bvh8q5q1";
|
||||||
fetchSubmodules = false;
|
fetchSubmodules = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -462,12 +462,12 @@ in
|
||||||
};
|
};
|
||||||
nvim-autopairs = buildVimPluginFrom2Nix {
|
nvim-autopairs = buildVimPluginFrom2Nix {
|
||||||
pname = "nvim-autopairs";
|
pname = "nvim-autopairs";
|
||||||
version = "2023-09-08";
|
version = "2023-09-19";
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "windwp";
|
owner = "windwp";
|
||||||
repo = "nvim-autopairs";
|
repo = "nvim-autopairs";
|
||||||
rev = "defad64afbf19381fe31488a7582bbac421d6e38";
|
rev = "7b3eb9b5813a22188c4dbb248475fcbaf9f4d195";
|
||||||
sha256 = "05ihrriym44g01rryaah2h2xnl183dpwcsf8q8rxzr29z0jpxxip";
|
sha256 = "1ml9r1n4yc4xzalphm33m66m46q8g0c54krd29rabi67ymcc7vr3";
|
||||||
fetchSubmodules = false;
|
fetchSubmodules = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -539,12 +539,12 @@ in
|
||||||
};
|
};
|
||||||
virt-column-nvim = buildVimPluginFrom2Nix {
|
virt-column-nvim = buildVimPluginFrom2Nix {
|
||||||
pname = "virt-column.nvim";
|
pname = "virt-column.nvim";
|
||||||
version = "2023-07-24";
|
version = "2023-09-19";
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "lukas-reineke";
|
owner = "lukas-reineke";
|
||||||
repo = "virt-column.nvim";
|
repo = "virt-column.nvim";
|
||||||
rev = "1917bfb519729dea7b4f5d13aa9c810c9579b0ea";
|
rev = "5fc72873dc3175eddbdbbedea8071919c99ad755";
|
||||||
sha256 = "08brm8by7fzwqzgzcgcrzk7vq1dmknh5r4wxisc725rwkxjzmfkl";
|
sha256 = "071cpga3fapqqpifd04hc5fwsq5v27p32vhli5zy8b8awg1qw9sm";
|
||||||
fetchSubmodules = false;
|
fetchSubmodules = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -561,12 +561,12 @@ in
|
||||||
};
|
};
|
||||||
urlview-nvim = buildVimPluginFrom2Nix {
|
urlview-nvim = buildVimPluginFrom2Nix {
|
||||||
pname = "urlview.nvim";
|
pname = "urlview.nvim";
|
||||||
version = "2023-05-23";
|
version = "2023-09-19";
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "axieax";
|
owner = "axieax";
|
||||||
repo = "urlview.nvim";
|
repo = "urlview.nvim";
|
||||||
rev = "b183133fd25caa6dd98b415e0f62e51e061cd522";
|
rev = "bdbdf1e020e283551f003e71b0004096c746ef57";
|
||||||
sha256 = "0ychlw7lnnpmjflb5f5xyspv63kyrdzbxx88aw9ifaqiiyz3i4aq";
|
sha256 = "1bf226s400vyjffr6zqx9kr52qznzcgx1jnh356vfx3fjxsq81nl";
|
||||||
fetchSubmodules = false;
|
fetchSubmodules = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
Binary file not shown.
|
@ -27,6 +27,9 @@ in
|
||||||
|
|
||||||
"agenix/hosts/tanker/forgejo-actions/token.age".publicKeys = tanker;
|
"agenix/hosts/tanker/forgejo-actions/token.age".publicKeys = tanker;
|
||||||
|
|
||||||
|
"agenix/hosts/tanker/headscale/dbPassword.age".publicKeys = tanker;
|
||||||
|
"agenix/hosts/tanker/headscale/acls.age".publicKeys = tanker;
|
||||||
|
|
||||||
"agenix/hosts/tanker/mastodon/databasePassword.age".publicKeys = tanker;
|
"agenix/hosts/tanker/mastodon/databasePassword.age".publicKeys = tanker;
|
||||||
"agenix/hosts/tanker/mastodon/smtpPassword.age".publicKeys = tanker;
|
"agenix/hosts/tanker/mastodon/smtpPassword.age".publicKeys = tanker;
|
||||||
"agenix/hosts/tanker/mastodon/otpSecret.age".publicKeys = tanker;
|
"agenix/hosts/tanker/mastodon/otpSecret.age".publicKeys = tanker;
|
||||||
|
|
|
@ -1,15 +1,15 @@
|
||||||
{ nixpkgs, disko, deploy-rs, home-manager, agenix, attic, inputs, ... }:
|
{ nixpkgs, nixpkgs-master, disko, deploy-rs, home-manager, agenix, attic, inputs, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
default-system = "x86_64-linux";
|
default-system = "x86_64-linux";
|
||||||
|
|
||||||
# overlay-master = _: _: { pkgs-master = import inputs.nixpkgs-master { system = default-system; }; };
|
overlay-master = _: _: { pkgs-master = import inputs.nixpkgs-master { system = default-system; }; };
|
||||||
overlay-deploy-rs = _: _: { inherit (inputs.deploy-rs.packages.${default-system}) deploy-rs; };
|
overlay-deploy-rs = _: _: { inherit (inputs.deploy-rs.packages.${default-system}) deploy-rs; };
|
||||||
overlay-nifoc = inputs.nifoc-overlay.overlay;
|
overlay-nifoc = inputs.nifoc-overlay.overlay;
|
||||||
|
|
||||||
nixpkgsConfig = {
|
nixpkgsConfig = {
|
||||||
overlays = [
|
overlays = [
|
||||||
# overlay-master
|
overlay-master
|
||||||
overlay-deploy-rs
|
overlay-deploy-rs
|
||||||
overlay-nifoc
|
overlay-nifoc
|
||||||
];
|
];
|
||||||
|
|
|
@ -7,9 +7,6 @@
|
||||||
|
|
||||||
../darwin/fish.nix
|
../darwin/fish.nix
|
||||||
../darwin/attic.nix
|
../darwin/attic.nix
|
||||||
|
|
||||||
../darwin/skhd.nix
|
|
||||||
../darwin/yabai.nix
|
|
||||||
];
|
];
|
||||||
|
|
||||||
nix = {
|
nix = {
|
||||||
|
|
|
@ -35,6 +35,8 @@ in
|
||||||
../nixos/forgejo.nix
|
../nixos/forgejo.nix
|
||||||
(import ../nixos/forgejo-runner.nix (args // { name = "tanker"; tag = "ubuntu-latest-amd64"; }))
|
(import ../nixos/forgejo-runner.nix (args // { name = "tanker"; tag = "ubuntu-latest-amd64"; }))
|
||||||
|
|
||||||
|
../nixos/headscale.nix
|
||||||
|
|
||||||
(import ../nixos/home-proxy.nix (args // { inherit secret; }))
|
(import ../nixos/home-proxy.nix (args // { inherit secret; }))
|
||||||
|
|
||||||
../nixos/invidious.nix
|
../nixos/invidious.nix
|
||||||
|
|
|
@ -27,6 +27,10 @@
|
||||||
"nifoc.pw" = {
|
"nifoc.pw" = {
|
||||||
domain = "*.nifoc.pw";
|
domain = "*.nifoc.pw";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
"headscale.kempkens.network" = {
|
||||||
|
domain = "*.headscale.kempkens.network";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -105,8 +105,8 @@
|
||||||
useACMEHost = "internal.kempkens.network";
|
useACMEHost = "internal.kempkens.network";
|
||||||
|
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
set_real_ip_from 100.108.165.26/32;
|
set_real_ip_from 100.64.10.2/32;
|
||||||
set_real_ip_from fd7a:115c:a1e0:ab12:4843:cd96:626c:a51a/128;
|
set_real_ip_from fd7a:115c:a1e0:1010::2/128;
|
||||||
real_ip_header X-Forwarded-For;
|
real_ip_header X-Forwarded-For;
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
|
|
@ -39,7 +39,7 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
services.nginx.virtualHosts."overflow.daniel.sx" = {
|
services.nginx.virtualHosts."overflow.daniel.sx" = {
|
||||||
listenAddresses = [ "100.108.165.26" "[fd7a:115c:a1e0:ab12:4843:cd96:626c:a51a]" ];
|
listenAddresses = [ "100.64.10.2" "[fd7a:115c:a1e0:1010::2]" ];
|
||||||
quic = true;
|
quic = true;
|
||||||
http3 = true;
|
http3 = true;
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
services.nginx.virtualHosts."atuin-sync.kempkens.io" = {
|
services.nginx.virtualHosts."atuin-sync.kempkens.io" = {
|
||||||
listenAddresses = [ "100.108.165.26" "[fd7a:115c:a1e0:ab12:4843:cd96:626c:a51a]" ];
|
listenAddresses = [ "100.64.10.2" "[fd7a:115c:a1e0:1010::2]" ];
|
||||||
quic = true;
|
quic = true;
|
||||||
http3 = true;
|
http3 = true;
|
||||||
|
|
||||||
|
|
65
system/nixos/headscale.nix
Normal file
65
system/nixos/headscale.nix
Normal file
|
@ -0,0 +1,65 @@
|
||||||
|
{ pkgs, config, ... }:
|
||||||
|
let
|
||||||
|
fqdn = "ctrl.headscale.kempkens.network";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
environment.systemPackages = [ pkgs.headscale ];
|
||||||
|
|
||||||
|
services.headscale = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
address = "127.0.0.1";
|
||||||
|
port = 8017;
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
ip_prefixes = [
|
||||||
|
"fd7a:115c:a1e0:1010::/64"
|
||||||
|
"100.64.10.0/24"
|
||||||
|
];
|
||||||
|
|
||||||
|
db_type = "postgres";
|
||||||
|
db_host = "/run/postgresql";
|
||||||
|
db_name = "headscale";
|
||||||
|
db_user = "headscale";
|
||||||
|
db_password_file = config.age.secrets.headscale-database-password.path;
|
||||||
|
|
||||||
|
server_url = "https://${fqdn}";
|
||||||
|
acl_policy_path = config.age.secrets.headscale-acls.path;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.postgresql = {
|
||||||
|
ensureDatabases = [ "headscale" ];
|
||||||
|
|
||||||
|
ensureUsers = [
|
||||||
|
{
|
||||||
|
name = "headscale";
|
||||||
|
ensurePermissions = {
|
||||||
|
"DATABASE headscale" = "ALL PRIVILEGES";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
services.nginx.virtualHosts."${fqdn}" = {
|
||||||
|
quic = true;
|
||||||
|
http3 = true;
|
||||||
|
|
||||||
|
onlySSL = true;
|
||||||
|
useACMEHost = "headscale.kempkens.network";
|
||||||
|
|
||||||
|
extraConfig = ''
|
||||||
|
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
|
||||||
|
'';
|
||||||
|
|
||||||
|
locations."/" = {
|
||||||
|
recommendedProxySettings = true;
|
||||||
|
proxyPass = "http://127.0.0.1:8017";
|
||||||
|
proxyWebsockets = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
locations."/web" = {
|
||||||
|
root = "${pkgs.headscale-ui}/share";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -43,7 +43,7 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
services.nginx.virtualHosts."${fqdn}" = {
|
services.nginx.virtualHosts."${fqdn}" = {
|
||||||
listenAddresses = [ "100.108.165.26" "[fd7a:115c:a1e0:ab12:4843:cd96:626c:a51a]" ];
|
listenAddresses = [ "100.64.10.2" "[fd7a:115c:a1e0:1010::2]" ];
|
||||||
quic = true;
|
quic = true;
|
||||||
http3 = true;
|
http3 = true;
|
||||||
|
|
||||||
|
|
|
@ -78,8 +78,8 @@
|
||||||
useACMEHost = "internal.kempkens.network";
|
useACMEHost = "internal.kempkens.network";
|
||||||
|
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
set_real_ip_from 100.108.165.26/32;
|
set_real_ip_from 100.64.10.2/32;
|
||||||
set_real_ip_from fd7a:115c:a1e0:ab12:4843:cd96:626c:a51a/128;
|
set_real_ip_from fd7a:115c:a1e0:1010::2/128;
|
||||||
real_ip_header proxy_protocol;
|
real_ip_header proxy_protocol;
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
|
|
@ -11,7 +11,7 @@
|
||||||
services.nginx.virtualHosts."${secret.nginx.hostnames.libreddit}" = {
|
services.nginx.virtualHosts."${secret.nginx.hostnames.libreddit}" = {
|
||||||
# listen = [
|
# listen = [
|
||||||
# {
|
# {
|
||||||
# addr = "100.108.165.26";
|
# addr = "100.64.10.2";
|
||||||
# port = 443;
|
# port = 443;
|
||||||
# ssl = true;
|
# ssl = true;
|
||||||
# extraParameters = [
|
# extraParameters = [
|
||||||
|
@ -22,7 +22,7 @@
|
||||||
# }
|
# }
|
||||||
#
|
#
|
||||||
# {
|
# {
|
||||||
# addr = "[fd7a:115c:a1e0:ab12:4843:cd96:626c:a51a]";
|
# addr = "[fd7a:115c:a1e0:1010::2]";
|
||||||
# port = 443;
|
# port = 443;
|
||||||
# ssl = true;
|
# ssl = true;
|
||||||
# extraParameters = [
|
# extraParameters = [
|
||||||
|
@ -32,7 +32,7 @@
|
||||||
# }
|
# }
|
||||||
# ];
|
# ];
|
||||||
|
|
||||||
listenAddresses = [ "100.108.165.26" "[fd7a:115c:a1e0:ab12:4843:cd96:626c:a51a]" ];
|
listenAddresses = [ "100.64.10.2" "[fd7a:115c:a1e0:1010::2]" ];
|
||||||
|
|
||||||
quic = true;
|
quic = true;
|
||||||
http3 = true;
|
http3 = true;
|
||||||
|
|
|
@ -7,7 +7,7 @@ in
|
||||||
services.mastodon = {
|
services.mastodon = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
# package = pkgs.pkgs-master.mastodon;
|
package = pkgs.pkgs-master.mastodon;
|
||||||
|
|
||||||
configureNginx = false;
|
configureNginx = false;
|
||||||
|
|
||||||
|
|
|
@ -62,7 +62,7 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
services.nginx.virtualHosts."${secret.nginx.hostnames.nitter}" = {
|
services.nginx.virtualHosts."${secret.nginx.hostnames.nitter}" = {
|
||||||
listenAddresses = [ "100.108.165.26" "[fd7a:115c:a1e0:ab12:4843:cd96:626c:a51a]" ];
|
listenAddresses = [ "100.64.10.2" "[fd7a:115c:a1e0:1010::2]" ];
|
||||||
quic = true;
|
quic = true;
|
||||||
http3 = true;
|
http3 = true;
|
||||||
|
|
||||||
|
|
|
@ -41,7 +41,7 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
services.nginx.virtualHosts."ringo.daniel.sx" = {
|
services.nginx.virtualHosts."ringo.daniel.sx" = {
|
||||||
listenAddresses = [ "100.108.165.26" "[fd7a:115c:a1e0:ab12:4843:cd96:626c:a51a]" ];
|
listenAddresses = [ "100.64.10.2" "[fd7a:115c:a1e0:1010::2]" ];
|
||||||
quic = true;
|
quic = true;
|
||||||
http3 = true;
|
http3 = true;
|
||||||
|
|
||||||
|
|
|
@ -1,32 +1,18 @@
|
||||||
{ pkgs, config, ... }:
|
{ pkgs, config, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
headscale = "https://ctrl.headscale.kempkens.network";
|
||||||
|
in
|
||||||
{
|
{
|
||||||
environment.systemPackages = [ pkgs.tailscale ];
|
environment.systemPackages = [ pkgs.tailscale ];
|
||||||
|
|
||||||
services.tailscale.enable = true;
|
services.tailscale = {
|
||||||
|
enable = true;
|
||||||
|
authKeyFile = config.age.secrets.tailscale-authkey.path;
|
||||||
|
|
||||||
systemd.services.tailscale-autoconnect = {
|
extraUpFlags = [
|
||||||
description = "Automatic connection to Tailscale";
|
"--login-server"
|
||||||
|
headscale
|
||||||
after = [ "network-pre.target" "tailscale.service" ];
|
];
|
||||||
wants = [ "network-pre.target" "tailscale.service" ];
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
|
|
||||||
serviceConfig.Type = "oneshot";
|
|
||||||
|
|
||||||
script = ''
|
|
||||||
# wait for tailscaled to settle
|
|
||||||
sleep 2
|
|
||||||
|
|
||||||
# check if we are already authenticated to tailscale
|
|
||||||
status="$(${pkgs.tailscale}/bin/tailscale status -json | ${pkgs.jq}/bin/jq -r .BackendState)"
|
|
||||||
if [ $status = "Running" ]; then # if so, then do nothing
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
# otherwise authenticate with tailscale
|
|
||||||
authkey="$(cat ${config.age.secrets.tailscale-authkey.path})"
|
|
||||||
${pkgs.tailscale}/bin/tailscale up -authkey "$authkey"
|
|
||||||
'';
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
services.nginx.virtualHosts."voyager.daniel.sx" = {
|
services.nginx.virtualHosts."voyager.daniel.sx" = {
|
||||||
listenAddresses = [ "100.108.165.26" "[fd7a:115c:a1e0:ab12:4843:cd96:626c:a51a]" ];
|
listenAddresses = [ "100.64.10.2" "[fd7a:115c:a1e0:1010::2]" ];
|
||||||
quic = true;
|
quic = true;
|
||||||
http3 = true;
|
http3 = true;
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue