mirror of
https://github.com/CHN-beta/nixos.git
synced 2026-01-12 20:59:23 +08:00
Compare commits
1 Commits
xray
...
split-desk
| Author | SHA1 | Date | |
|---|---|---|---|
| 53bf14e159 |
@@ -14,6 +14,8 @@ postgresql:
|
||||
misskey_misskey: ENC[AES256_GCM,data:MSDbQffk/WjZ6EYiwVuUMdhdv9VE59ZM7t4XldOKRO0=,iv:J/x9t4Pk5zi7Av9fbzxgAbbtbEUZttSx/JGRmmgmvE4=,tag:CwFR9K++T7YqYR932z3IAg==,type:str]
|
||||
redis:
|
||||
misskey-misskey: ENC[AES256_GCM,data:vcvQ/hs/F3BZd1sfvWwfEeB8vVoqdnprxobcmL6xsmg=,iv:S32yrjrjj56HbxTlfFGjOb+sO2M9KKEDEazCrpQWj6Q=,tag:iwnvqwQEdd6jicx9jJBdbg==,type:str]
|
||||
meilisearch:
|
||||
misskey-misskey: ENC[AES256_GCM,data:/wYR3Bz4LRk/Ks0vizlZS3Ebf5qVfnlBBqZEm/ZIBFdDuhddgu71cqCjTHIKQ6CYh3CoUyguKIIFWku/kOCHKA==,iv:dllKvZwxvZC4pVyEMOB9WNiVBsVxzo5kwbdYKCzzyrY=,tag:MvzqalVvBkyJoLbirN0V8Q==,type:str]
|
||||
wireguard:
|
||||
privateKey: ENC[AES256_GCM,data:oIpiXJvEoyryS4eEutoe85Af0L5a5iNuOsCWCat9KEhr2ecY/vRimk/1fbA=,iv:dm2hTSNX7Q38yASon5o1jxEJZbWPXUWYydXYMBHF/sE=,tag:yrANhwIF/wHQGHGA1bfPgw==,type:str]
|
||||
mariadb:
|
||||
@@ -44,8 +46,8 @@ sops:
|
||||
OUlxNjdQaXdXMkZ6bnV1ek4yZ2dpbkEKpKGOAxo5Eef2jtGrg4iSzmGCeg+vTgvu
|
||||
+K8b+O19MIkGMDBm6UbYUPtc/7eqoEZRiTUzNMTmfkLVS4ul5zou9A==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-04-08T08:13:10Z"
|
||||
mac: ENC[AES256_GCM,data:44e5uZrJ25aRlrSUlbakyWpqhloyGBjJhHXCJBVBJKi0OKn+QPluS0exBvNhTERhFmGk9qHwiIvjbAbplpg+83/IIcXd3NGxekEhwSAXS5Z+AMGIJ4AMet1SSwP6n8fOiI52hCFFRNJj66MyqKXFrNNye4/DF5Bh0dvXQDQbjSQ=,iv:PHpQ/bGrjrBWCj74kKevBlAV08+SAfV9bXJ7hC4lVYc=,tag:ATLe+m8oYKR0im86UekPAA==,type:str]
|
||||
lastmodified: "2024-03-11T08:27:38Z"
|
||||
mac: ENC[AES256_GCM,data:X5AqIdnMzLNCHXbN3TuG4st907Rw080V8AqzesiwVFOjbBYRZWetCndtfE+/o8G1q5YE/Qwspy7HsxP5tCbSNI5c8P0XTjRTCEGyRFY8fM1TFIM32rCFjUot1iFC+l//iq62M/5iMhT2Z7pi+CDIyNMEE3TJMhBc8JmgTJXIsI8=,iv:UZXFi3rJgVHBNVqwNHlIkmW+xYkX6X2/54QQ1aZTmyU=,tag:SXyL69DZ5i0cQFvXnFkZIg==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
|
||||
@@ -53,7 +53,7 @@ inputs:
|
||||
};
|
||||
beesd.instances.root = { device = "/"; hashTableSizeMB = 512; };
|
||||
};
|
||||
bugs = [ "xmunet" "suspend-hibernate-no-platform" ];
|
||||
bugs = [ "xmunet" ];
|
||||
};
|
||||
boot.kernelParams = [ "intel_iommu=off" ];
|
||||
environment.systemPackages = with inputs.pkgs; [ maliit-keyboard maliit-framework ];
|
||||
|
||||
@@ -41,7 +41,10 @@ inputs:
|
||||
rsshub.enable = true;
|
||||
wallabag.enable = true;
|
||||
misskey.instances =
|
||||
{ misskey.hostname = "xn--s8w913fdga.chn.moe"; misskey-old = { port = 9727; redis.port = 3546; }; };
|
||||
{
|
||||
misskey.hostname = "xn--s8w913fdga.chn.moe";
|
||||
misskey-old = { port = 9727; redis.port = 3546; meilisearch.enable = false; };
|
||||
};
|
||||
synapse.instances =
|
||||
{
|
||||
synapse.matrixHostname = "synapse.chn.moe";
|
||||
|
||||
@@ -29,6 +29,8 @@ postgresql:
|
||||
akkoma: ENC[AES256_GCM,data:6piRt7BbMBLVGdot+VyoJN3/S8DoPNTYHFh/1coHSLNmiA6kU/6sca4Bts1Up/Vu164oTsFAr1JsKx6tzNzAPg==,iv:qplA1GXHwzVrmjm7eagCk3PFa7DRdwaf+p7N1HLb6mw=,tag:W6WedSK3R1IgZVo/0Hr9vA==,type:str]
|
||||
synapse_matrix: ENC[AES256_GCM,data:5j+TYJ3vYUqu6CdRDYAT558DsTWbX4Rh+HuukPog5HGXlhneL3RnxVeGBR9CV1rlCP1NY99Nm8roBG+BcyPYHQ==,iv:CboB6lzqxAE/8ZlzaTU3bxw94N6OAhrq8pZ0AfxQiUc=,tag:z6cM3ufgbMn5n5PzgqdRjw==,type:str]
|
||||
vikunja: ENC[AES256_GCM,data:syb4NYBxL3DdmZmcC+em0klmm6bkkIL/DH/gnzShYRiaezRFskT+yay9govn++SpbuvkoCJq/GYAFxNL+hcVtw==,iv:TQUgdzYQ0gqsAmux9v3BAQFNzHnCTZ+X/OC0b9Bfya8=,tag:b1AsiAW5XzA3DzGdf8J03g==,type:str]
|
||||
meilisearch:
|
||||
misskey-misskey: ENC[AES256_GCM,data:4s+qqd6mmstioC0XmG/vA6ED9mzu1vRJVPFFalRiqnnsFy0dYEU87H+y12eOp/KDSLdTNvpp6Z6jCNvxnpDXzQ==,iv:x6L9OPu/dwVsD9pYb4dqavw9NesMbo7LB+rwz6veAR4=,tag:/BBqV2sHIgPas7XsZydh2g==,type:str]
|
||||
rsshub:
|
||||
pixiv-refreshtoken: ENC[AES256_GCM,data:EeSOTSAAh+1Dc8+a/AaPJ0aBK5DTa3pdS6DrIMQmRw/n0SRu2QoynIF76w==,iv:dnZxi8jM1I4w3C2duYielpP/8wOAdHDjcqDIrowM0dM=,tag:8irGvLEbRJHV9TB8Jibs9g==,type:str]
|
||||
youtube-key: ENC[AES256_GCM,data:OEm/ynOUPUq7ZEVzL2jgs9d+utkLTIdNq0MHE0JDujb9ndAwyJJI,iv:RRae6Cg6GdDnXAQOdtBYmcA7ZNuu70VpIg2MEezBn5k=,tag:gX4ZG345cT3Jh3ovUxtLGw==,type:str]
|
||||
@@ -131,8 +133,8 @@ sops:
|
||||
SnFHS1Z0SXUzTFdEd29KTy9DU3Y3R0UKfhh+rUmWDrf+UGjclP57dHipPLFoXSqy
|
||||
HdelmfV6q4/c7ppx2E+oZw3VNgoZCsrxxzYZfwxHJiZb+5vkE0D8iA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-04-08T08:12:57Z"
|
||||
mac: ENC[AES256_GCM,data:o+T7o5Z/8JIoS/a3iqFe8CphZzwgQl3RlalGMFE9YEprLUuXLwL4IioU7Q1WKHTS+ih1Q1oCye/7363njewo+8PZq+BbJXOP+cSpoSUflsfyGymxgdQk2vo308TTvCXuHJobVqtxPd2QLUzvCpEXuatUWmxbmJNpSFO+kEvM3qU=,iv:YUUST05szM5BII4SaO8vRm7prS5L5MJJJuecRL5sLUM=,tag:K0NRXtDcn2poi5I7QCl50w==,type:str]
|
||||
lastmodified: "2024-04-06T14:33:12Z"
|
||||
mac: ENC[AES256_GCM,data:bQIh7fDdE5/fEbTP1pNWcGwZILfOcWoNM/uhj3A+rxYukwMSLKL7MUHnLCFEnjrTkm2CxOdXYda5jCGEOKgRZsKePSz4/8sFKX2yJrWpRCn+02/wtDyCc1JSFgV9TmJpydmdltZvl663vU6Fot0/9oIvGH/M6GiGo3OAqjhl1ig=,iv:i1w31ujw3wcFat33auutDuxBDQ9YpWkJLvKxZ625NWM=,tag:mAk0tLLe07hLtZUQjKNKFg==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
|
||||
17
flake.lock
generated
17
flake.lock
generated
@@ -1554,6 +1554,22 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-desktop": {
|
||||
"locked": {
|
||||
"lastModified": 1712556756,
|
||||
"narHash": "sha256-CY2DdAgfkZhXkMI4qZuFzLDZXIHdLiGRT5xoubBJ5E8=",
|
||||
"owner": "CHN-beta",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "83e5df8d893894fb6777e706dcd8f8ab68827343",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "CHN-beta",
|
||||
"ref": "nixos-23.11-desktop",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-lib": {
|
||||
"locked": {
|
||||
"dir": "lib",
|
||||
@@ -1972,6 +1988,7 @@
|
||||
"nixpkgs-22.05": "nixpkgs-22.05",
|
||||
"nixpkgs-22.11": "nixpkgs-22.11",
|
||||
"nixpkgs-23.05": "nixpkgs-23.05",
|
||||
"nixpkgs-desktop": "nixpkgs-desktop",
|
||||
"nixpkgs-unstable": "nixpkgs-unstable",
|
||||
"nodesoup": "nodesoup",
|
||||
"nur": "nur",
|
||||
|
||||
223
flake.nix
223
flake.nix
@@ -4,6 +4,7 @@
|
||||
inputs =
|
||||
{
|
||||
nixpkgs.url = "github:CHN-beta/nixpkgs/nixos-23.11";
|
||||
nixpkgs-desktop.url = "github:CHN-beta/nixpkgs/nixos-23.11-desktop";
|
||||
nixpkgs-unstable.url = "github:CHN-beta/nixpkgs/nixos-unstable";
|
||||
"nixpkgs-23.05".url = "github:CHN-beta/nixpkgs/nixos-23.05";
|
||||
"nixpkgs-22.11".url = "github:NixOS/nixpkgs/nixos-22.11";
|
||||
@@ -39,10 +40,7 @@
|
||||
nix-fast-build = { url = "github:/Mic92/nix-fast-build"; inputs.nixpkgs.follows = "nixpkgs"; };
|
||||
nix-flatpak.url = "github:gmodena/nix-flatpak";
|
||||
chaotic =
|
||||
{
|
||||
url = "github:chaotic-cx/nyx?rev=03b2bea544688068025df1912ff1e9a1ad4a642a";
|
||||
inputs = { nixpkgs.follows = "nixpkgs"; home-manager.follows = "home-manager"; };
|
||||
};
|
||||
{ url = "github:chaotic-cx/nyx"; inputs = { nixpkgs.follows = "nixpkgs"; home-manager.follows = "home-manager"; }; };
|
||||
gricad = { url = "github:Gricad/nur-packages"; flake = false; };
|
||||
|
||||
misskey = { url = "git+https://github.com/CHN-beta/misskey?submodules=1"; flake = false; };
|
||||
@@ -71,55 +69,32 @@
|
||||
};
|
||||
|
||||
outputs = inputs:
|
||||
let
|
||||
localLib = import ./local/lib inputs.nixpkgs.lib;
|
||||
devices = builtins.attrNames (builtins.readDir ./devices);
|
||||
in
|
||||
{
|
||||
packages.x86_64-linux = let devices = builtins.attrNames (builtins.readDir ./devices); in
|
||||
{
|
||||
packages.x86_64-linux =
|
||||
{
|
||||
default = inputs.nixpkgs.legacyPackages.x86_64-linux.writeText "systems"
|
||||
(builtins.concatStringsSep "\n" (builtins.map
|
||||
(system: builtins.toString inputs.self.outputs.nixosConfigurations.${system}.config.system.build.toplevel)
|
||||
devices));
|
||||
}
|
||||
// (
|
||||
builtins.listToAttrs (builtins.map
|
||||
(system:
|
||||
default = inputs.nixpkgs.legacyPackages.x86_64-linux.writeText "systems"
|
||||
(builtins.concatStringsSep "\n" (builtins.map
|
||||
(system: builtins.toString inputs.self.outputs.nixosConfigurations.${system}.config.system.build.toplevel)
|
||||
devices));
|
||||
}
|
||||
// (
|
||||
builtins.listToAttrs (builtins.map
|
||||
(system:
|
||||
{
|
||||
name = system;
|
||||
value = inputs.self.outputs.nixosConfigurations.${system}.config.system.build.toplevel;
|
||||
})
|
||||
devices)
|
||||
);
|
||||
nixosConfigurations = builtins.listToAttrs (builtins.concatLists
|
||||
[
|
||||
(builtins.map
|
||||
(system:
|
||||
{
|
||||
name = system;
|
||||
value = let localLib = import ./local/lib inputs.nixpkgs.lib; in inputs.nixpkgs.lib.nixosSystem
|
||||
{
|
||||
name = system;
|
||||
value = inputs.self.outputs.nixosConfigurations.${system}.config.system.build.toplevel;
|
||||
})
|
||||
devices)
|
||||
);
|
||||
# ssh-keygen -t rsa -C root@pe -f /mnt/nix/persistent/etc/ssh/ssh_host_rsa_key
|
||||
# ssh-keygen -t ed25519 -C root@pe -f /mnt/nix/persistent/etc/ssh/ssh_host_ed25519_key
|
||||
# systemd-machine-id-setup --root=/mnt/nix/persistent
|
||||
nixosConfigurations =
|
||||
(
|
||||
(builtins.listToAttrs (builtins.map
|
||||
(system:
|
||||
{
|
||||
name = system;
|
||||
value = inputs.nixpkgs.lib.nixosSystem
|
||||
{
|
||||
system = "x86_64-linux";
|
||||
specialArgs = { topInputs = inputs; inherit localLib; };
|
||||
modules = localLib.mkModules
|
||||
[
|
||||
(moduleInputs: { config.nixpkgs.overlays = [(prev: final:
|
||||
# replace pkgs with final to avoid infinite recursion
|
||||
{ localPackages = import ./local/pkgs (moduleInputs // { pkgs = final; }); })]; })
|
||||
./modules
|
||||
./devices/${system}
|
||||
];
|
||||
};
|
||||
})
|
||||
devices))
|
||||
// {
|
||||
pi3b = inputs.nixpkgs.lib.nixosSystem
|
||||
{
|
||||
system = "aarch64-linux";
|
||||
system = "x86_64-linux";
|
||||
specialArgs = { topInputs = inputs; inherit localLib; };
|
||||
modules = localLib.mkModules
|
||||
[
|
||||
@@ -127,61 +102,101 @@
|
||||
# replace pkgs with final to avoid infinite recursion
|
||||
{ localPackages = import ./local/pkgs (moduleInputs // { pkgs = final; }); })]; })
|
||||
./modules
|
||||
./devices/pi3b
|
||||
./devices/${system}
|
||||
];
|
||||
};
|
||||
}
|
||||
);
|
||||
# sudo HTTPS_PROXY=socks5://127.0.0.1:10884 nixos-install --flake .#bootstrap --option substituters http://127.0.0.1:5000 --option require-sigs false --option system-features gccarch-silvermont
|
||||
# nix-serve -p 5000
|
||||
# nix copy --substitute-on-destination --to ssh://server /run/current-system
|
||||
# nix copy --to ssh://nixos@192.168.122.56 ./result
|
||||
# sudo nixos-install --flake .#bootstrap
|
||||
# --option substituters http://192.168.122.1:5000 --option require-sigs false
|
||||
# sudo chattr -i var/empty
|
||||
# nix-shell -p ssh-to-age --run 'cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'
|
||||
# sudo nixos-rebuild switch --flake .#vps6 --log-format internal-json -v |& nom --json
|
||||
# boot.shell_on_fail systemd.setenv=SYSTEMD_SULOGIN_FORCE=1
|
||||
# sudo usbipd
|
||||
# ssh -R 3240:127.0.0.1:3240 root@192.168.122.57
|
||||
# modprobe vhci-hcd
|
||||
# sudo usbip bind -b 3-6
|
||||
# usbip attach -r 127.0.0.1 -b 3-6
|
||||
# systemd-cryptenroll --fido2-device=auto /dev/vda2
|
||||
# systemd-cryptsetup attach root /dev/vda2
|
||||
deploy =
|
||||
{
|
||||
sshUser = "root";
|
||||
user = "root";
|
||||
fastConnection = true;
|
||||
autoRollback = false;
|
||||
magicRollback = false;
|
||||
nodes = builtins.listToAttrs (builtins.map
|
||||
(node:
|
||||
})
|
||||
[ "nas" "pcarm" "vps6" "vps7" "xmupc1" "xmupc2" ])
|
||||
(builtins.map
|
||||
(system:
|
||||
{
|
||||
name = system;
|
||||
value = let localLib = import ./local/lib inputs.nixpkgs-desktop.lib; in inputs.nixpkgs.lib.nixosSystem
|
||||
{
|
||||
name = node;
|
||||
value =
|
||||
{
|
||||
hostname = node;
|
||||
profiles.system.path = inputs.self.nixosConfigurations.${node}.pkgs.deploy-rs.lib.activate.nixos
|
||||
inputs.self.nixosConfigurations.${node};
|
||||
};
|
||||
})
|
||||
[ "vps6" "vps7" "nas" "surface" "xmupc1" "xmupc2" "pi3b" ]
|
||||
);
|
||||
};
|
||||
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks inputs.self.deploy) inputs.deploy-rs.lib;
|
||||
overlays.default = final: prev:
|
||||
{ localPackages = (import ./local/pkgs { inherit (inputs) lib; pkgs = final; topInputs = inputs; }); };
|
||||
config.archive = false;
|
||||
devShell.x86_64-linux = let inherit (inputs.self.nixosConfigurations.pc) pkgs; in pkgs.mkShell
|
||||
{
|
||||
packages = with pkgs; [ pkg-config cmake ninja clang-tools_17 ];
|
||||
buildInputs =
|
||||
(with pkgs; [ fmt boost magic-enum libbacktrace eigen range-v3 ])
|
||||
++ (with pkgs.localPackages; [ concurrencpp tgbot-cpp nameof ]);
|
||||
# hardeningDisable = [ "all" ];
|
||||
# NIX_DEBUG = "1";
|
||||
};
|
||||
system = "x86_64-linux";
|
||||
specialArgs = { topInputs = inputs; inherit localLib; };
|
||||
modules = localLib.mkModules
|
||||
[
|
||||
(moduleInputs: { config.nixpkgs.overlays = [(prev: final:
|
||||
{ localPackages = import ./local/pkgs (moduleInputs // { pkgs = final; }); })]; })
|
||||
./modules
|
||||
./devices/${system}
|
||||
];
|
||||
};
|
||||
})
|
||||
[ "pc" "surface" ])
|
||||
(builtins.map
|
||||
(system:
|
||||
{
|
||||
name = system;
|
||||
value = let localLib = import ./local/lib inputs.nixpkgs.lib; in inputs.nixpkgs.lib.nixosSystem
|
||||
{
|
||||
system = "aarch64-linux";
|
||||
specialArgs = { topInputs = inputs; inherit localLib; };
|
||||
modules = inputs.nixpkgs.lib.mkModules
|
||||
[
|
||||
(moduleInputs: { config.nixpkgs.overlays = [(prev: final:
|
||||
{ localPackages = import ./local/pkgs (moduleInputs // { pkgs = final; }); })]; })
|
||||
./modules
|
||||
./devices/${system}
|
||||
];
|
||||
};
|
||||
})
|
||||
[ "pi3b" ])
|
||||
]);
|
||||
# sudo HTTPS_PROXY=socks5://127.0.0.1:10884 nixos-install --flake .#bootstrap --option substituters http://127.0.0.1:5000 --option require-sigs false --option system-features gccarch-silvermont
|
||||
# nix-serve -p 5000
|
||||
# nix copy --substitute-on-destination --to ssh://server /run/current-system
|
||||
# nix copy --to ssh://nixos@192.168.122.56 ./result
|
||||
# sudo nixos-install --flake .#bootstrap
|
||||
# --option substituters http://192.168.122.1:5000 --option require-sigs false
|
||||
# sudo chattr -i var/empty
|
||||
# nix-shell -p ssh-to-age --run 'cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'
|
||||
# sudo nixos-rebuild switch --flake .#vps6 --log-format internal-json -v |& nom --json
|
||||
# boot.shell_on_fail systemd.setenv=SYSTEMD_SULOGIN_FORCE=1
|
||||
# sudo usbipd
|
||||
# ssh -R 3240:127.0.0.1:3240 root@192.168.122.57
|
||||
# modprobe vhci-hcd
|
||||
# sudo usbip bind -b 3-6
|
||||
# usbip attach -r 127.0.0.1 -b 3-6
|
||||
# systemd-cryptenroll --fido2-device=auto /dev/vda2
|
||||
# systemd-cryptsetup attach root /dev/vda2
|
||||
# ssh-keygen -t rsa -C root@pe -f /mnt/nix/persistent/etc/ssh/ssh_host_rsa_key
|
||||
# ssh-keygen -t ed25519 -C root@pe -f /mnt/nix/persistent/etc/ssh/ssh_host_ed25519_key
|
||||
# systemd-machine-id-setup --root=/mnt/nix/persistent
|
||||
deploy =
|
||||
{
|
||||
sshUser = "root";
|
||||
user = "root";
|
||||
fastConnection = true;
|
||||
autoRollback = false;
|
||||
magicRollback = false;
|
||||
nodes = builtins.listToAttrs (builtins.map
|
||||
(node:
|
||||
{
|
||||
name = node;
|
||||
value =
|
||||
{
|
||||
hostname = node;
|
||||
profiles.system.path = inputs.self.nixosConfigurations.${node}.pkgs.deploy-rs.lib.activate.nixos
|
||||
inputs.self.nixosConfigurations.${node};
|
||||
};
|
||||
})
|
||||
[ "vps6" "vps7" "nas" "surface" "xmupc1" "xmupc2" "pi3b" ]
|
||||
);
|
||||
};
|
||||
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks inputs.self.deploy) inputs.deploy-rs.lib;
|
||||
overlays.default = final: prev:
|
||||
{ localPackages = (import ./local/pkgs { inherit (inputs) lib; pkgs = final; topInputs = inputs; }); };
|
||||
config.archive = false;
|
||||
devShell.x86_64-linux = let inherit (inputs.self.nixosConfigurations.pc) pkgs; in pkgs.mkShell
|
||||
{
|
||||
packages = with pkgs; [ pkg-config cmake ninja clang-tools_17 ];
|
||||
buildInputs =
|
||||
(with pkgs; [ fmt boost magic-enum libbacktrace eigen range-v3 ])
|
||||
++ (with pkgs.localPackages; [ concurrencpp tgbot-cpp nameof ]);
|
||||
# hardeningDisable = [ "all" ];
|
||||
# NIX_DEBUG = "1";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
@@ -8,6 +8,11 @@ inputs:
|
||||
port = mkOption { type = types.ints.unsigned; default = 9726; };
|
||||
redis.port = mkOption { type = types.ints.unsigned; default = 3545; };
|
||||
hostname = mkOption { type = types.nonEmptyStr; default = "misskey.chn.moe"; };
|
||||
meilisearch =
|
||||
{
|
||||
enable = mkOption { type = types.bool; default = true; };
|
||||
port = mkOption { type = types.ints.unsigned; default = 7700; };
|
||||
};
|
||||
};});
|
||||
default = {};
|
||||
};
|
||||
@@ -26,7 +31,9 @@ inputs:
|
||||
{
|
||||
enable = instance.value.autoStart;
|
||||
description = "misskey ${instance.name}";
|
||||
after = [ "network.target" "redis-misskey-${instance.name}.service" "postgresql.service" ];
|
||||
after = [ "network.target" "redis-misskey-${instance.name}.service" "postgresql.service" ]
|
||||
++ (if instance.value.meilisearch.enable then [ "meilisearch-misskey-${instance.name}.service" ]
|
||||
else []);
|
||||
requires = after;
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
environment.MISSKEY_CONFIG_YML = inputs.config.sops.templates."misskey/${instance.name}.yml".path;
|
||||
@@ -70,6 +77,7 @@ inputs:
|
||||
let
|
||||
placeholder = inputs.config.sops.placeholder;
|
||||
redis = inputs.config.nixos.services.redis.instances."misskey-${instance.name}";
|
||||
meilisearch = inputs.config.nixos.services.meilisearch.instances."misskey-${instance.name}";
|
||||
in
|
||||
''
|
||||
url: https://${instance.value.hostname}/
|
||||
@@ -97,7 +105,17 @@ inputs:
|
||||
proxyRemoteFiles: true
|
||||
signToActivityPubGet: true
|
||||
maxFileSize: 1073741824
|
||||
'';
|
||||
''
|
||||
+ (if instance.value.meilisearch.enable then
|
||||
''
|
||||
meilisearch:
|
||||
host: 127.0.0.1
|
||||
port: ${toString meilisearch.port}
|
||||
apiKey: ${placeholder."meilisearch/misskey-${instance.name}"}
|
||||
ssl: false
|
||||
index: misskey
|
||||
scope: global
|
||||
'' else "");
|
||||
owner = inputs.config.users.users."misskey-${instance.name}".name;
|
||||
};
|
||||
})
|
||||
@@ -128,6 +146,17 @@ inputs:
|
||||
(instance: { name = "misskey_${replaceStrings [ "-" ] [ "_" ] instance.name}"; value = {}; })
|
||||
(attrsToList misskey.instances));
|
||||
};
|
||||
meilisearch.instances = listToAttrs (map
|
||||
(instance:
|
||||
{
|
||||
name = "misskey-${instance.name}";
|
||||
value =
|
||||
{
|
||||
user = inputs.config.users.users."misskey-${instance.name}".name;
|
||||
port = instance.value.meilisearch.port;
|
||||
};
|
||||
})
|
||||
(filter (instance: instance.value.meilisearch.enable) (attrsToList misskey.instances)));
|
||||
nginx =
|
||||
{
|
||||
enable = mkIf (misskey.instances != {}) true;
|
||||
|
||||
@@ -75,7 +75,7 @@ inputs:
|
||||
dae =
|
||||
{
|
||||
enable = true;
|
||||
# package = inputs.pkgs.callPackage "${inputs.topInputs.nixpkgs-unstable}/pkgs/tools/networking/dae" {};
|
||||
package = inputs.pkgs.callPackage "${inputs.topInputs.nixpkgs-unstable}/pkgs/tools/networking/dae" {};
|
||||
config =
|
||||
let
|
||||
lanString = (inputs.lib.optionalString (xray.client.dae.lanInterfaces != []) "lan_interface: ")
|
||||
|
||||
@@ -4,7 +4,7 @@ inputs:
|
||||
let wallpaper =
|
||||
{
|
||||
pc = ./pixiv-117612023.png;
|
||||
surface = ./misskey.io-9rr96ml6nti300ds-x4.png;
|
||||
surface = ./pixiv-116547323.jpg;
|
||||
}.${inputs.config.nixos.system.networking.hostname} or ./pixiv-96734339-x2.png;
|
||||
in
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user