pim/nixos-configs
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: pim:master
Branches Tags
pim:master
pim:jellyseerr-test
pim:hyprland
pim:vuescan
..
compare: pim:jellyseerr-test
Branches Tags
pim:master
pim:jellyseerr-test
pim:hyprland
pim:vuescan

1 commit
master ... jellyseerr

Author SHA1 Message Date
Pim Kunis
c4d676c9f9 Test new jellyseerr version 2024-12-17 17:26:57 +01:00
39 changed files with 3688 additions and 2162 deletions
Show stats Expand all files Collapse all files

54
.sops.yaml
View file

@ -1,7 +1,7 @@
# Public keys are combination of host + user # Public keys are combination of host + user
keys: keys:
- &laptop_root age1w99m9klvc7m5qtmtmu3l0jx8ksdzp5c4p9rkvh5fdullfc6afemqv5py2q - &sue_root age1w99m9klvc7m5qtmtmu3l0jx8ksdzp5c4p9rkvh5fdullfc6afemqv5py2q
- &laptop_pim age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw - &sue_pim age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw
- &gamepc_root age1y5wgcxmn37drmjtpgld3xc76mw8dckhred8hecusywjlvdyfedfse8y60u - &gamepc_root age1y5wgcxmn37drmjtpgld3xc76mw8dckhred8hecusywjlvdyfedfse8y60u
- &gamepc_pim age1qlldg2c6kptvnmvlkpf9pae3wnczk6eklcmwdvnzyvvnur3aqdcq3c3trt - &gamepc_pim age1qlldg2c6kptvnmvlkpf9pae3wnczk6eklcmwdvnzyvvnur3aqdcq3c3trt
- &warwick_root age1th8rdw4fs3vmgy9gzc0k9xy88tddjj4vasepckfx9h4nlzsg3q3q4cjgwu - &warwick_root age1th8rdw4fs3vmgy9gzc0k9xy88tddjj4vasepckfx9h4nlzsg3q3q4cjgwu
@ -11,36 +11,36 @@ keys:
- &lewis_root age108fn93z2c55g9dm9cv5v4w47pykf3khz7e3dmnpv5dhchwnaau0qs20stq - &lewis_root age108fn93z2c55g9dm9cv5v4w47pykf3khz7e3dmnpv5dhchwnaau0qs20stq
creation_rules: creation_rules:
- path_regex: secrets/blocktech/colmena.yaml - path_regex: secrets/sue/colmena.yaml
key_groups: key_groups:
- age: - age:
- *laptop_root - *sue_root
- path_regex: secrets/blocktech/nixos.yaml - path_regex: secrets/sue/nixos.yaml
key_groups: key_groups:
- age: - age:
- *laptop_root - *sue_root
- path_regex: secrets/blocktech/pkunis.yaml - path_regex: secrets/sue/pim.yaml
key_groups: key_groups:
- age: - age:
- *laptop_pim - *sue_pim
- *laptop_root - *sue_root
- path_regex: secrets/gamepc/colmena.yaml - path_regex: secrets/gamepc/colmena.yaml
key_groups: key_groups:
- age: - age:
- *laptop_pim - *sue_pim
- *laptop_root - *sue_root
- path_regex: secrets/gamepc/pim.yaml - path_regex: secrets/gamepc/pim.yaml
key_groups: key_groups:
- age: - age:
- *laptop_pim - *sue_pim
- *laptop_root - *sue_root
- *gamepc_root - *gamepc_root
- *gamepc_pim - *gamepc_pim
- path_regex: secrets/warwick/colmena.yaml - path_regex: secrets/warwick/colmena.yaml
key_groups: key_groups:
- age: - age:
- *laptop_pim - *sue_pim
- *laptop_root - *sue_root
- *niels - *niels
- path_regex: secrets/servers.yaml - path_regex: secrets/servers.yaml
key_groups: key_groups:
@ -49,14 +49,14 @@ creation_rules:
- *atlas_root - *atlas_root
- *jefke_root - *jefke_root
- *lewis_root - *lewis_root
- *laptop_pim - *sue_pim
- *laptop_root - *sue_root
- *niels - *niels
- path_regex: secrets/atlas/colmena.yaml - path_regex: secrets/atlas/colmena.yaml
key_groups: key_groups:
- age: - age:
- *laptop_pim - *sue_pim
- *laptop_root - *sue_root
- *niels - *niels
- path_regex: secrets/kubernetes.yaml - path_regex: secrets/kubernetes.yaml
key_groups: key_groups:
@ -64,25 +64,25 @@ creation_rules:
- *atlas_root - *atlas_root
- *jefke_root - *jefke_root
- *lewis_root - *lewis_root
- *laptop_pim - *sue_pim
- *laptop_root - *sue_root
- *niels - *niels
- path_regex: secrets/jefke/colmena.yaml - path_regex: secrets/jefke/colmena.yaml
key_groups: key_groups:
- age: - age:
- *laptop_pim - *sue_pim
- *laptop_root - *sue_root
- *niels - *niels
- path_regex: secrets/lewis/colmena.yaml - path_regex: secrets/lewis/colmena.yaml
key_groups: key_groups:
- age: - age:
- *laptop_pim - *sue_pim
- *laptop_root - *sue_root
- *niels - *niels
- path_regex: secrets/lewis/nixos.yaml - path_regex: secrets/lewis/nixos.yaml
key_groups: key_groups:
- age: - age:
- *lewis_root - *lewis_root
- *laptop_pim - *sue_pim
- *laptop_root - *sue_root
- *niels - *niels

17
README.md
View file

@ -3,40 +3,33 @@
NixOS configurations for the machines I manage. NixOS configurations for the machines I manage.
Currently managed systems: Currently managed systems:
- **sue**: My current laptop, a Dell XPS 9315. It has two flavours:
- **blocktech**: My current laptop, a ThinkPad P1. It has two flavours: - Default running GNOME
- Default running GNOME - Specialisation running Cosmic
- Specialisation running Cosmic
- **gamepc**: My gaming PC running Cinnamon - **gamepc**: My gaming PC running Cinnamon
- **warwick**: A Raspberry Pi 4 Model B, which mostly does some monitoring - **warwick**: A Raspberry Pi 4 Model B, which mostly does some monitoring
- **atlas**: A Gigabyte Brix, one of my Kubernetes nodes - **atlas**: A Gigabyte Brix, one of my Kubernetes nodes
- **jefke**: A Gigabyte Brix, one of my Kubernetes nodes - **jefke**: A Gigabyte Brix, one of my Kubernetes nodes
- **lewis**: A Gigabyte Brix, one of my Kubernetes nodes. Additionally, contains - **lewis**: A Gigabyte Brix, one of my Kubernetes nodes. Additionally, contains my media collection and does backups.
my media collection and does backups.
## Deployment ## Deployment
I use [Colmena](https://colmena.cli.rs) for deploying my machines. I use [Colmena](https://colmena.cli.rs) for deploying my machines.
Create garbage collection roots like so: Create garbage collection roots like so:
``` ```
colmena build --keep-result --experimental-flake-eval colmena build --keep-result --experimental-flake-eval
``` ```
To apply to the local machine: To apply to the local machine:
``` ```
sudo colmena apply-local --sudo --experimental-flake-eval sudo colmena apply-local --sudo --experimental-flake-eval
``` ```
To apply to all remotely managed systems: To apply to all remotely managed systems:
``` ```
colmena apply --experimental-flake-eval colmena apply --experimental-flake-eval
``` ```
> [!NOTE] > [!NOTE]
> Currently the `--experimental-flake-eval` flag is necessary to properly use > Currently the `--experimental-flake-eval` flag is necessary to properly use Colmena with flakes. See [this PR](https://github.com/zhaofengli/colmena/pull/228).
> Colmena with flakes. See
> [this PR](https://github.com/zhaofengli/colmena/pull/228).

4
colmena.nix
View file

@ -15,9 +15,9 @@ inputs @ {
}; };
}; };
blocktech = { sue = {
imports = [ imports = [
(import ./machines).blocktech.nixosModule (import ./machines).sue.nixosModule
./nixos ./nixos
]; ];
}; };

376
flake.lock generated
View file

@ -123,11 +123,11 @@
"stable": "stable" "stable": "stable"
}, },
"locked": { "locked": {
"lastModified": 1739900653, "lastModified": 1731527002,
"narHash": "sha256-hPSLvw6AZQYrZyGI6Uq4XgST7benF/0zcCpugn/P0yM=", "narHash": "sha256-dI9I6suECoIAmbS4xcrqF8r2pbmed8WWm5LIF1yWPw8=",
"owner": "zhaofengli", "owner": "zhaofengli",
"repo": "colmena", "repo": "colmena",
"rev": "2370d4336eda2a9ef29fce10fa7076ae011983ab", "rev": "e3ad42138015fcdf2524518dd564a13145c72ea1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -176,11 +176,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1741786315, "lastModified": 1733168902,
"narHash": "sha256-VT65AE2syHVj6v/DGB496bqBnu1PXrrzwlw07/Zpllc=", "narHash": "sha256-8dupm9GfK+BowGdQd7EHK5V61nneLfr9xR6sc5vtDi0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "0d8c6ad4a43906d14abd5c60e0ffe7b587b213de", "rev": "785c1e02c7e465375df971949b8dcbde9ec362e5",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -256,11 +256,11 @@
"flake-compat_5": { "flake-compat_5": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1733328505, "lastModified": 1696426674,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra", "owner": "edolstra",
"repo": "flake-compat", "repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -330,50 +330,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1733312601, "lastModified": 1704152458,
"narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", "narHash": "sha256-DS+dGw7SKygIWf9w4eNBUZsK+4Ug27NwEWmn2tnbycg=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", "rev": "88a2cd8166694ba0b6cb374700799cec53aef527",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_3": {
"inputs": {
"nixpkgs-lib": [
"nur",
"nixpkgs"
]
},
"locked": {
"lastModified": 1733312601,
"narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_4": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1741352980,
"narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -434,24 +395,6 @@
} }
}, },
"flake-utils_4": { "flake-utils_4": {
"inputs": {
"systems": "systems_4"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_5": {
"inputs": { "inputs": {
"systems": [ "systems": [
"stylix", "stylix",
@ -494,14 +437,15 @@
"gitignore": "gitignore", "gitignore": "gitignore",
"nixpkgs": [ "nixpkgs": [
"nixpkgs-unstable" "nixpkgs-unstable"
] ],
"nixpkgs-stable": "nixpkgs-stable"
}, },
"locked": { "locked": {
"lastModified": 1742649964, "lastModified": 1733318908,
"narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", "narHash": "sha256-SVQVsbafSM1dJ4fpgyBqLZ+Lft+jcQuMtEL3lQWx2Sk=",
"owner": "cachix", "owner": "cachix",
"repo": "git-hooks.nix", "repo": "git-hooks.nix",
"rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", "rev": "6f4e2a2112050951a314d2733a994fbab94864c6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -598,11 +542,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1742655702, "lastModified": 1733050161,
"narHash": "sha256-jbqlw4sPArFtNtA1s3kLg7/A4fzP4GLk9bGbtUJg0JQ=", "narHash": "sha256-lYnT+EYE47f5yY3KS/Kd4pJ6CO9fhCqumkYYkQ3TK20=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "0948aeedc296f964140d9429223c7e4a0702a1ff", "rev": "62d536255879be574ebfe9b87c4ac194febf47c5",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -683,47 +627,6 @@
"type": "github" "type": "github"
} }
}, },
"mnw": {
"locked": {
"lastModified": 1742255973,
"narHash": "sha256-XfEGVKatTgEMMOVb4SNp1LYLQOSzzrFTDMVDTZFyMVE=",
"owner": "Gerg-L",
"repo": "mnw",
"rev": "b982dbd5e6d55d4438832b3567c09bc2a129649d",
"type": "github"
},
"original": {
"owner": "Gerg-L",
"repo": "mnw",
"type": "github"
}
},
"nil": {
"inputs": {
"flake-utils": [
"nvf",
"flake-utils"
],
"nixpkgs": [
"nvf",
"nixpkgs"
],
"rust-overlay": "rust-overlay_3"
},
"locked": {
"lastModified": 1741118843,
"narHash": "sha256-ggXU3RHv6NgWw+vc+HO4/9n0GPufhTIUjVuLci8Za8c=",
"owner": "oxalica",
"repo": "nil",
"rev": "577d160da311cc7f5042038456a0713e9863d09e",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "nil",
"type": "github"
}
},
"nix-github-actions": { "nix-github-actions": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -752,11 +655,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1743306489, "lastModified": 1733024876,
"narHash": "sha256-LROaIjSLo347cwcHRfSpqzEOa2FoLSeJwU4dOrGm55E=", "narHash": "sha256-vy9Q41hBE7Zg0yakF79neVgb3i3PQMSMR7uHPpPywFE=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nix-index-database", "repo": "nix-index-database",
"rev": "b3696bfb6c24aa61428839a99e8b40c53ac3a82d", "rev": "6e0b7f81367069589a480b91603a10bcf71f3103",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -775,11 +678,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1734289443, "lastModified": 1730022297,
"narHash": "sha256-oU3AGvzByR7622kntPUPIHfAreOIktAsJav2ATHuc18=", "narHash": "sha256-eVMEONp3yqu0gy0RtOSEpOAueXuQsGQVqac3qCJixMU=",
"owner": "pdtpartners", "owner": "pdtpartners",
"repo": "nix-snapshotter", "repo": "nix-snapshotter",
"rev": "387e220d369dfa0ad093035515e8757f83144be8", "rev": "c738f1a16a8612dfc474a4424bacff7e89369ca3",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -812,11 +715,11 @@
"nixos-artwork": { "nixos-artwork": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1738002455, "lastModified": 1731943625,
"narHash": "sha256-VIrSOBCCNq6Fc0dS7XMtC1VebnjRvIUi0/kPal2gWcU=", "narHash": "sha256-XquSEijNYtGDkW35bibT2ki18qicENCsIcDzDxrgQkM=",
"ref": "refs/heads/master", "ref": "refs/heads/master",
"rev": "33856d7837cb8ba76c4fc9e26f91a659066ee31f", "rev": "63f68a917f4e8586c5d35e050cdaf1309832272d",
"revCount": 215, "revCount": 214,
"type": "git", "type": "git",
"url": "https://github.com/NixOS/nixos-artwork.git" "url": "https://github.com/NixOS/nixos-artwork.git"
}, },
@ -835,11 +738,11 @@
"rust-overlay": "rust-overlay_2" "rust-overlay": "rust-overlay_2"
}, },
"locked": { "locked": {
"lastModified": 1743246566, "lastModified": 1733328873,
"narHash": "sha256-arEFUDLjADYIZ7T6PZX1yLOnfMoZ1ByebtmPuvV98+s=", "narHash": "sha256-tvy/IE0qwY37JcSZhhqNbhvVi1xdWrMRsLZ6D/+0Eyw=",
"owner": "lilyinstarlight", "owner": "lilyinstarlight",
"repo": "nixos-cosmic", "repo": "nixos-cosmic",
"rev": "c709db4b95e58f410978bb49c87cb74214d03e78", "rev": "2e87e0f9f40a31396ed94b4a42595662c2eeaf31",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -850,11 +753,11 @@
}, },
"nixos-facter-modules": { "nixos-facter-modules": {
"locked": { "locked": {
"lastModified": 1738752252, "lastModified": 1732288619,
"narHash": "sha256-/nA3tDdp/2g0FBy8966ppC2WDoyXtUWaHkZWL+N3ZKc=", "narHash": "sha256-zSQ2cR+NRJfHUVfkv+O6Wi53wXfzX8KHiO8fRfnvc0M=",
"owner": "numtide", "owner": "numtide",
"repo": "nixos-facter-modules", "repo": "nixos-facter-modules",
"rev": "60f8b8f3f99667de6a493a44375e5506bf0c48b1", "rev": "862648589993a96480c2255197a28feea712f68f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -865,11 +768,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1743167577, "lastModified": 1733217105,
"narHash": "sha256-I09SrXIO0UdyBFfh0fxDq5WnCDg8XKmZ1HQbaXzMA1k=", "narHash": "sha256-fc6jTzIwCIVWTX50FtW6AZpuukuQWSEbPiyg6ZRGWFY=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "0ed819e708af17bfc4bbc63ee080ef308a24aa42", "rev": "cceee0a31d2f01bcc98b2fbd591327c06a4ea4f9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -881,11 +784,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1734119587, "lastModified": 1730785428,
"narHash": "sha256-AKU6qqskl0yf2+JdRdD0cfxX4b9x3KKV5RqA6wijmPM=", "narHash": "sha256-Zwl8YgTVJTEum+L+0zVAWvXAGbWAuXHax3KzuejaDyo=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "3566ab7246670a43abd2ffa913cc62dad9cdf7d5", "rev": "4aa36568d413aca0ea84a1684d2d46f55dbabad7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -895,22 +798,23 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-lib": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1740877520, "lastModified": 1730741070,
"narHash": "sha256-oiwv/ZK/2FhGxrCkQkB83i7GnWXPPLzoqFHpDD3uYpk=", "narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=",
"owner": "nix-community", "owner": "NixOS",
"repo": "nixpkgs.lib", "repo": "nixpkgs",
"rev": "147dee35aab2193b174e4c0868bd80ead5ce755c", "rev": "d063c1dd113c91ab27959ba540c0d9753409edf3",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "NixOS",
"repo": "nixpkgs.lib", "ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixpkgs-stable": { "nixpkgs-stable_2": {
"locked": { "locked": {
"lastModified": 1678872516, "lastModified": 1678872516,
"narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=", "narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=",
@ -928,11 +832,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1743259260, "lastModified": 1733097829,
"narHash": "sha256-ArWLUgRm1tKHiqlhnymyVqi5kLNCK5ghvm06mfCl4QY=", "narHash": "sha256-9hbb1rqGelllb4kVUCZ307G2k3/UhmA8PPGBoyuWaSw=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "eb0e0f21f15c559d2ac7633dc81d079d1caf5f5f", "rev": "2c15aa59df0017ca140d9ba302412298ab4bf22a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -944,11 +848,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1743095683, "lastModified": 1732837521,
"narHash": "sha256-gWd4urRoLRe8GLVC/3rYRae1h+xfQzt09xOfb0PaHSk=", "narHash": "sha256-jNRNr49UiuIwaarqijgdTR2qLPifxsVhlJrKzQ8XUIE=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "5e5402ecbcb27af32284d4a62553c019a3a49ea6", "rev": "970e93b9f82e2a0f3675757eb0bfc73297cc6370",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -960,11 +864,11 @@
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1743231893, "lastModified": 1733261153,
"narHash": "sha256-tpJsHMUPEhEnzySoQxx7+kA+KUtgWqvlcUBqROYNNt0=", "narHash": "sha256-eq51hyiaIwtWo19fPEeE0Zr2s83DYMKJoukNLgGGpek=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "c570c1f5304493cafe133b8d843c7c1c4a10d3a6", "rev": "b681065d0919f7eb5309a93cea2cfa84dec9aa88",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -975,22 +879,6 @@
} }
}, },
"nixpkgs_4": { "nixpkgs_4": {
"locked": {
"lastModified": 1743095683,
"narHash": "sha256-gWd4urRoLRe8GLVC/3rYRae1h+xfQzt09xOfb0PaHSk=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "5e5402ecbcb27af32284d4a62553c019a3a49ea6",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": { "locked": {
"lastModified": 1725194671, "lastModified": 1725194671,
"narHash": "sha256-tLGCFEFTB5TaOKkpfw3iYT9dnk4awTP/q4w+ROpMfuw=", "narHash": "sha256-tLGCFEFTB5TaOKkpfw3iYT9dnk4awTP/q4w+ROpMfuw=",
@ -1006,13 +894,13 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_6": { "nixpkgs_5": {
"locked": { "locked": {
"lastModified": 1735554305, "lastModified": 1731890469,
"narHash": "sha256-zExSA1i/b+1NMRhGGLtNfFGXgLtgo+dcuzHzaWA6w3Q=", "narHash": "sha256-D1FNZ70NmQEwNxpSSdTXCSklBH1z2isPR84J6DQrJGs=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "0e82ab234249d8eee3e8c91437802b32c74bb3fd", "rev": "5083ec887760adfe12af64830a66807423a859a7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1023,17 +911,12 @@
} }
}, },
"nur": { "nur": {
"inputs": {
"flake-parts": "flake-parts_3",
"nixpkgs": "nixpkgs_4",
"treefmt-nix": "treefmt-nix"
},
"locked": { "locked": {
"lastModified": 1743330389, "lastModified": 1733327348,
"narHash": "sha256-R75j7SG54s7Q2wqnT+LBXVWgcAcR5ZSFmMOWmCem1tQ=", "narHash": "sha256-C9cakd/zcXDhzIeHjjzToBx8bEVqWVB53RUzpUcKboM=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "18d012e20b24fefad08de4460c6afcdece34abe6", "rev": "81acc5a20ba2d84d206f61d2784147900965cd9f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1042,31 +925,6 @@
"type": "github" "type": "github"
} }
}, },
"nvf": {
"inputs": {
"flake-parts": "flake-parts_4",
"flake-utils": "flake-utils_4",
"mnw": "mnw",
"nil": "nil",
"nixpkgs": [
"nixpkgs"
],
"systems": "systems_5"
},
"locked": {
"lastModified": 1743301931,
"narHash": "sha256-gex4W+Fyn6RB8x9/y+VWY1EG6RItmlW1HJjAj3mWqKc=",
"owner": "notashelf",
"repo": "nvf",
"rev": "05489d95b69b4c81e9b9a66a23f6e0cb1c8edb3d",
"type": "github"
},
"original": {
"owner": "notashelf",
"repo": "nvf",
"type": "github"
}
},
"pre-commit-hooks-nix": { "pre-commit-hooks-nix": {
"inputs": { "inputs": {
"flake-compat": [ "flake-compat": [
@ -1082,7 +940,7 @@
"lanzaboote", "lanzaboote",
"nixpkgs" "nixpkgs"
], ],
"nixpkgs-stable": "nixpkgs-stable" "nixpkgs-stable": "nixpkgs-stable_2"
}, },
"locked": { "locked": {
"lastModified": 1681413034, "lastModified": 1681413034,
@ -1117,10 +975,9 @@
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_3",
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable",
"nur": "nur", "nur": "nur",
"nvf": "nvf",
"sops-nix": "sops-nix", "sops-nix": "sops-nix",
"stylix": "stylix", "stylix": "stylix",
"treefmt-nix": "treefmt-nix_2" "treefmt-nix": "treefmt-nix"
} }
}, },
"rust-overlay": { "rust-overlay": {
@ -1156,33 +1013,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1743215516, "lastModified": 1732933841,
"narHash": "sha256-52qbrkG65U1hyrQWltgHTgH4nm0SJL+9TWv2UDCEPNI=", "narHash": "sha256-dge02pUSe2QeC/B3PriA0R8eAX+EU3aDoXj9FcS3XDw=",
"owner": "oxalica", "owner": "oxalica",
"repo": "rust-overlay", "repo": "rust-overlay",
"rev": "524463199fdee49338006b049bc376b965a2cfed", "rev": "c65e91d4a33abc3bc4a892d3c5b5b378bad64ea1",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"rust-overlay_3": {
"inputs": {
"nixpkgs": [
"nvf",
"nil",
"nixpkgs"
]
},
"locked": {
"lastModified": 1741055476,
"narHash": "sha256-52vwEV0oS2lCnx3c/alOFGglujZTLmObit7K8VblnS8=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "aefb7017d710f150970299685e8d8b549d653649",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1198,11 +1033,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1743305778, "lastModified": 1733128155,
"narHash": "sha256-Ux/UohNtnM5mn9SFjaHp6IZe2aAnUCzklMluNtV6zFo=", "narHash": "sha256-m6/qwJAJYcidGMEdLqjKzRIjapK4nUfMq7rDCTmZajc=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "8e873886bbfc32163fe027b8676c75637b7da114", "rev": "c6134b6fff6bda95a1ac872a2a9d5f32e3c37856",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1237,11 +1072,11 @@
"base16-tmux": "base16-tmux", "base16-tmux": "base16-tmux",
"base16-vim": "base16-vim", "base16-vim": "base16-vim",
"flake-compat": "flake-compat_7", "flake-compat": "flake-compat_7",
"flake-utils": "flake-utils_5", "flake-utils": "flake-utils_4",
"gnome-shell": "gnome-shell", "gnome-shell": "gnome-shell",
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"nixpkgs": "nixpkgs_5", "nixpkgs": "nixpkgs_4",
"systems": "systems_6" "systems": "systems_4"
}, },
"locked": { "locked": {
"lastModified": 1726497442, "lastModified": 1726497442,
@ -1317,36 +1152,6 @@
"type": "github" "type": "github"
} }
}, },
"systems_5": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_6": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt": { "treefmt": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -1370,10 +1175,7 @@
}, },
"treefmt-nix": { "treefmt-nix": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": "nixpkgs_5"
"nur",
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1733222881, "lastModified": 1733222881,
@ -1388,24 +1190,6 @@
"repo": "treefmt-nix", "repo": "treefmt-nix",
"type": "github" "type": "github"
} }
},
"treefmt-nix_2": {
"inputs": {
"nixpkgs": "nixpkgs_6"
},
"locked": {
"lastModified": 1743081648,
"narHash": "sha256-WRAylyYptt6OX5eCEBWyTwOEqEtD6zt33rlUkr6u3cE=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "29a3d7b768c70addce17af0869f6e2bd8f5be4b7",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

5
flake.nix
View file

@ -12,11 +12,6 @@
nixos-hardware.url = "github:NixOS/nixos-hardware/master"; nixos-hardware.url = "github:NixOS/nixos-hardware/master";
colmena.url = "github:zhaofengli/colmena"; colmena.url = "github:zhaofengli/colmena";
nvf = {
url = "github:notashelf/nvf";
inputs.nixpkgs.follows = "nixpkgs";
};
git-hooks = { git-hooks = {
url = "github:cachix/git-hooks.nix"; url = "github:cachix/git-hooks.nix";
inputs.nixpkgs.follows = "nixpkgs-unstable"; inputs.nixpkgs.follows = "nixpkgs-unstable";

2
formatter.nix
View file

@ -4,5 +4,5 @@
... ...
}: }:
flake-utils.lib.eachDefaultSystem (system: { flake-utils.lib.eachDefaultSystem (system: {
inherit (self.packages.${system}) formatter; formatter = self.packages.${system}.formatter;
}) })

2
home-manager/default.nix
View file

@ -5,6 +5,7 @@
... ...
}: { }: {
imports = [ imports = [
./neovim
./firefox ./firefox
./tidal.nix ./tidal.nix
./gnome ./gnome
@ -12,7 +13,6 @@
./vscode.nix ./vscode.nix
inputs.nix-index-database.hmModules.nix-index inputs.nix-index-database.hmModules.nix-index
inputs.sops-nix.homeManagerModules.sops inputs.sops-nix.homeManagerModules.sops
inputs.nvf.homeManagerModules.default
]; ];
xsession.enable = true; xsession.enable = true;

13
home-manager/neovim/bufferline.lua Normal file
View file

@ -0,0 +1,13 @@
require("bufferline").setup({
options = {
diagnostics = "nvim_lsp",
diagnostics_indicator = function(count, level, diagnostics_dict, context)
local icon = level:match("error") and "" or ""
return " " .. icon .. count
end,
separator_style = "slant",
hover = { enabled = true, reveal = { "close" } },
},
})
vim.keymap.set("n", "<leader>ft", ":BufferLinePick<CR>", {})

43
home-manager/neovim/cmp.lua Normal file
View file

@ -0,0 +1,43 @@
local cmp = require("cmp")
local luasnip = require("luasnip")
require("luasnip.loaders.from_vscode").lazy_load()
luasnip.config.setup({})
cmp.setup({
snippet = {
expand = function(args)
luasnip.lsp_expand(args.body)
end,
},
mapping = cmp.mapping.preset.insert({
["<C-n>"] = cmp.mapping.select_next_item(),
["<C-p>"] = cmp.mapping.select_prev_item(),
["<C-d>"] = cmp.mapping.scroll_docs(-4),
["<C-f>"] = cmp.mapping.scroll_docs(4),
["<C-Space>"] = cmp.mapping.complete({}),
["<CR>"] = cmp.mapping.confirm({
behavior = cmp.ConfirmBehavior.Replace,
select = true,
}),
["<Tab>"] = cmp.mapping(function(fallback)
if cmp.visible() then
cmp.select_next_item()
elseif luasnip.expand_or_locally_jumpable() then
luasnip.expand_or_jump()
else
fallback()
end
end, { "i", "s" }),
["<S-Tab>"] = cmp.mapping(function(fallback)
if cmp.visible() then
cmp.select_prev_item()
elseif luasnip.locally_jumpable(-1) then
luasnip.jump(-1)
else
fallback()
end
end, { "i", "s" }),
}),
sources = { { name = "nvim_lsp" }, { name = "luasnip" } },
})

2
home-manager/neovim/commentary.lua Normal file
View file

@ -0,0 +1,2 @@
vim.cmd([[autocmd FileType nix setlocal commentstring=#%s]])
vim.cmd([[autocmd FileType terraform setlocal commentstring=#%s]])

9
home-manager/neovim/core.lua Normal file
View file

@ -0,0 +1,9 @@
vim.o.background = "dark"
vim.cmd([[colorscheme gruvbox]])
vim.g.mapleader = ";"
vim.o.signcolumn = "yes"
vim.wo.number = true
vim.wo.relativenumber = true
vim.wo.cursorline = true
vim.opt.termguicolors = true
vim.o.mousemoveevent = true

91
home-manager/neovim/default.nix Normal file
View file

@ -0,0 +1,91 @@
{
pkgs,
config,
lib,
...
}: let
cfg = config.pim.neovim;
in {
options.pim.neovim.enable = lib.mkEnableOption "neovim";
config = lib.mkIf cfg.enable {
programs.neovim = {
enable = true;
viAlias = true;
vimAlias = true;
vimdiffAlias = true;
defaultEditor = true;
extraLuaConfig = builtins.readFile ./core.lua;
extraPackages = with pkgs; [
nil
pyright
gopls
terraform-ls
nixfmt-classic
stylua
black
nixpkgs-fmt
];
plugins = with pkgs.vimPlugins; [
{
plugin = nvim-lspconfig;
type = "lua";
config = builtins.readFile ./lspconfig.lua;
}
gruvbox-nvim
{
plugin = leap-nvim;
type = "lua";
config = builtins.readFile ./leap.lua;
}
{
plugin = telescope-nvim;
type = "lua";
config = builtins.readFile ./telescope.lua;
}
{
plugin = vim-commentary;
type = "lua";
config = builtins.readFile ./commentary.lua;
}
vim-sleuth
{
plugin = gitsigns-nvim;
type = "lua";
config = ''require("gitsigns").setup()'';
}
{
plugin = nvim-cmp;
type = "lua";
config = builtins.readFile ./cmp.lua;
}
cmp-nvim-lsp
friendly-snippets
neodev-nvim
luasnip
cmp_luasnip
{
plugin = nvim-treesitter.withAllGrammars;
type = "lua";
config = builtins.readFile ./treesitter.lua;
}
{
plugin = bufferline-nvim;
type = "lua";
config = builtins.readFile ./bufferline.lua;
}
nvim-web-devicons
lsp-format-nvim
{
plugin = pkgs.vimPlugins.none-ls-nvim;
type = "lua";
config = builtins.readFile ./none-ls.lua;
}
];
};
programs.git.extraConfig.core.editor = "nvim";
};
}

4
home-manager/neovim/leap.lua Normal file
View file

@ -0,0 +1,4 @@
require("leap").add_default_mappings()
-- Don't remap 'x' in visual mode.
vim.keymap.del({ "x", "o" }, "x")
vim.keymap.del({ "x", "o" }, "X")

65
home-manager/neovim/lspconfig.lua Normal file
View file

@ -0,0 +1,65 @@
require("lsp-format").setup({})
local on_attach = function(client, bufnr)
local bufmap = function(keys, func)
vim.keymap.set("n", keys, func, { buffer = bufnr })
end
bufmap("<leader>r", vim.lsp.buf.rename)
bufmap("<leader>a", vim.lsp.buf.code_action)
bufmap("gd", vim.lsp.buf.definition)
bufmap("gD", vim.lsp.buf.declaration)
bufmap("gI", vim.lsp.buf.implementation)
bufmap("<leader>D", vim.lsp.buf.type_definition)
bufmap("gr", require("telescope.builtin").lsp_references)
bufmap("<leader>s", require("telescope.builtin").lsp_document_symbols)
bufmap("<leader>S", require("telescope.builtin").lsp_dynamic_workspace_symbols)
bufmap("K", vim.lsp.buf.hover)
vim.api.nvim_buf_create_user_command(bufnr, "Format", function(_)
vim.lsp.buf.format()
end, {})
end
local capabilities = vim.lsp.protocol.make_client_capabilities()
capabilities = require("cmp_nvim_lsp").default_capabilities(capabilities)
require("neodev").setup()
require("lspconfig").nil_ls.setup({
on_attach = on_attach,
capabilities = capabilities,
})
require("lspconfig").pyright.setup({
on_attach = on_attach,
capabilities = capabilities,
})
require("lspconfig").gopls.setup({
on_attach = on_attach,
capabilities = capabilities,
})
require("lspconfig").terraformls.setup({
on_attach = on_attach,
capabilities = capabilities,
})
local function has_treefmt()
local git_root = vim.fn.systemlist("git rev-parse --show-toplevel")[1]
if vim.v.shell_error ~= 0 then
return false
end
local treefmt_path = git_root .. "/treefmt.nix"
return vim.fn.filereadable(treefmt_path) == 1
end
vim.api.nvim_create_autocmd("BufWritePost", {
pattern = "*",
callback = function()
if vim.fn.expand("%:p") ~= vim.fn.getcwd() .. "/.git/COMMIT_EDITMSG" and has_treefmt() then
vim.cmd("silent !treefmt > /dev/null 2>&1")
end
end,
group = vim.api.nvim_create_augroup("TreefmtAutoformat", { clear = true }),
})

53
home-manager/neovim/none-ls.lua Normal file
View file

@ -0,0 +1,53 @@
-- renamed to none-ls
local null_ls_status_ok, null_ls = pcall(require, "null-ls")
if not null_ls_status_ok then
return
end
local formatting = null_ls.builtins.formatting
local diagnostics = null_ls.builtins.diagnostics
local code_actions = null_ls.builtins.code_actions
-- to setup format on save
local augroup = vim.api.nvim_create_augroup("LspFormatting", {})
require("null-ls").setup({
sources = {
formatting.stylua,
formatting.black,
formatting.nixpkgs_fmt,
formatting.mix,
},
-- configure format on save
-- on_attach = function(current_client, bufnr)
-- if current_client.supports_method("textDocument/formatting") then
-- vim.api.nvim_clear_autocmds({ group = augroup, buffer = bufnr })
-- vim.api.nvim_create_autocmd("BufWritePre", {
-- group = augroup,
-- buffer = bufnr,
-- callback = function()
-- vim.lsp.buf.format({
-- filter = function(client)
-- -- only use null-ls for formatting instead of lsp server
-- return client.name == "null-ls"
-- end,
-- bufnr = bufnr,
-- })
-- end,
-- })
-- end
-- end,
})
-- formatting command
vim.api.nvim_create_user_command("Format", function()
vim.lsp.buf.format(nil, 10000)
end, {})
vim.keymap.set(
"n",
"<leader>fm",
":Format<CR>",
{ desc = "Format current buffer (also done on save)", noremap = true, silent = true }
)

17
home-manager/neovim/telescope.lua Normal file
View file

@ -0,0 +1,17 @@
local builtin = require("telescope.builtin")
vim.keymap.set("n", "<leader>ff", builtin.find_files, {})
vim.keymap.set("n", "<leader>fg", builtin.live_grep, {})
vim.keymap.set("n", "<leader>fb", builtin.buffers, {})
vim.keymap.set("n", "<leader>fr", builtin.lsp_references, {})
vim.keymap.set("n", "<leader>fs", builtin.lsp_document_symbols, {})
require("telescope").setup({
pickers = {
find_files = { theme = "dropdown" },
live_grep = { theme = "dropdown" },
buffers = { theme = "dropdown" },
lsp_references = { theme = "dropdown" },
lsp_document_symbols = { theme = "dropdown" },
},
})

9
home-manager/neovim/treesitter.lua Normal file
View file

@ -0,0 +1,9 @@
require("nvim-treesitter.configs").setup({
ensure_installed = {},
auto_install = false,
highlight = { enable = true },
indent = { enable = true },
})

15
machines/atlas/configuration.nix
View file

@ -1,4 +1,12 @@
{config, ...}: { {
config,
pkgs,
...
}: {
imports = [./jellyseerr-module.nix];
disabledModules = ["services/misc/jellyseerr.nix"];
config = { config = {
facter.reportPath = ./facter.json; facter.reportPath = ./facter.json;
system.stateVersion = "23.05"; system.stateVersion = "23.05";
@ -10,5 +18,10 @@
targetUser = "root"; targetUser = "root";
tags = ["server" "kubernetes"]; tags = ["server" "kubernetes"];
}; };
services.jellyseerr = {
enable = true;
package = pkgs.callPackage ./jellyseerr.nix {};
};
}; };
} }

76
machines/atlas/jellyseerr-module.nix Normal file
View file

@ -0,0 +1,76 @@
{
config,
pkgs,
lib,
...
}: let
cfg = config.services.jellyseerr;
in {
meta.maintainers = with lib.maintainers; [camillemndn pizzapim];
options.services.jellyseerr = {
enable = lib.mkEnableOption ''Jellyseerr, a requests manager for Jellyfin'';
package = lib.mkPackageOption pkgs "jellyseerr" {};
openFirewall = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''Open port in the firewall for the Jellyseerr web interface.'';
};
port = lib.mkOption {
type = lib.types.port;
default = 5055;
description = ''The port which the Jellyseerr web UI should listen to.'';
};
config_directory = lib.mkOption {
description = ''
The directory to save run-time configuration.
'';
type = lib.types.str;
example = "/jellyseerr";
default = "/var/lib/jellyseerr";
};
};
config = lib.mkIf cfg.enable {
systemd.services.jellyseerr = {
description = "Jellyseerr, a requests manager for Jellyfin";
after = ["network.target"];
wantedBy = ["multi-user.target"];
environment = {
PORT = toString cfg.port;
CONFIG_DIRECTORY = cfg.config_directory;
};
serviceConfig = {
Type = "exec";
StateDirectory = "jellyseerr";
# WorkingDirectory = "${cfg.package}/libexec/jellyseerr/deps/jellyseerr";
DynamicUser = true;
ExecStart = lib.getExe cfg.package;
# BindPaths = ["/var/lib/jellyseerr/:${cfg.package}/libexec/jellyseerr/deps/jellyseerr/config/"];
Restart = "on-failure";
ProtectHome = true;
ProtectSystem = "strict";
PrivateTmp = true;
PrivateDevices = true;
ProtectHostname = true;
ProtectClock = true;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectKernelLogs = true;
ProtectControlGroups = true;
NoNewPrivileges = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
RemoveIPC = true;
PrivateMounts = true;
};
};
networking.firewall = lib.mkIf cfg.openFirewall {
allowedTCPPorts = [cfg.port];
};
};
}

89
machines/atlas/jellyseerr.nix Normal file
View file

@ -0,0 +1,89 @@
{
lib,
fetchFromGitHub,
makeWrapper,
node-pre-gyp,
nodejs,
pnpm_9,
python3,
stdenv,
}:
stdenv.mkDerivation (finalAttrs: {
pname = "jellyseerr";
version = "2.1.0";
src = with finalAttrs;
fetchFromGitHub {
owner = "Fallenbagel";
repo = "jellyseerr";
rev = "v${version}";
hash = "sha256-5kaeqhjUy9Lgx4/uFcGRlAo+ROEOdTWc2m49rq8R8Hs=";
};
nativeBuildInputs = [
nodejs
makeWrapper
pnpm_9.configHook
# Needed for compiling sqlite3 and bcrypt from source
node-pre-gyp
python3
];
pnpmDeps = pnpm_9.fetchDeps {
inherit (finalAttrs) pname version src;
hash = "sha256-xu6DeaBArQmnqEnIgjc1DTZujQebSkjuai9tMHeQWCk=";
};
buildPhase = ''
runHook preBuild
pnpm build
# Fixes "SQLite package has not been found installed" at launch
pushd node_modules/sqlite3
export CPPFLAGS="-I${nodejs}/include/node"
npm run install --build-from-source --nodedir=${nodejs}/include/node
popd
pushd node_modules/bcrypt
export CPPFLAGS="-I${nodejs}/include/node"
npm run install --build-from-source --nodedir=${nodejs}/include/node
popd
runHook postBuild
'';
preInstall = ''
mkdir $out
cp ./package.json $out
rm -r .next/cache
cp -R ./.next $out
cp -R ./dist $out
cp ./overseerr-api.yml $out
cp -R ./node_modules $out
'';
postInstall = ''
makeWrapper '${nodejs}/bin/node' "$out/bin/jellyseerr" \
--chdir $out \
--add-flags "$out/dist/index.js" \
--set NODE_ENV production
'';
meta = with lib; {
description = "Fork of overseerr for jellyfin support";
homepage = "https://github.com/Fallenbagel/jellyseerr";
longDescription = ''
Jellyseerr is a free and open source software application for managing
requests for your media library. It is a a fork of Overseerr built to
bring support for Jellyfin & Emby media servers!
'';
license = licenses.mit;
maintainers = with maintainers; [
camillemndn
pizzapim
];
platforms = platforms.linux;
mainProgram = "jellyseerr";
};
})

4
machines/default.nix
View file

@ -1,7 +1,7 @@
{ {
blocktech = { sue = {
system = "x86_64-linux"; system = "x86_64-linux";
nixosModule = import ./blocktech/configuration.nix; nixosModule = import ./sue/configuration.nix;
}; };
gamepc = { gamepc = {

7
machines/gamepc/configuration.nix
View file

@ -33,13 +33,6 @@
services = { services = {
openssh.enable = true; openssh.enable = true;
ollama = {
enable = true;
rocmOverrideGfx = "10.3.0";
loadModels = ["deepseek-r1:32b" "hf.co/mradermacher/DeepSeek-R1-Distill-Qwen-32B-Uncensored-GGUF:Q4_K_M"];
acceleration = "rocm";
};
xserver.displayManager.lightdm.extraSeatDefaults = '' xserver.displayManager.lightdm.extraSeatDefaults = ''
autologin-user=pim autologin-user=pim
''; '';

1
machines/gamepc/pim.home.nix
View file

@ -14,7 +14,6 @@
vlc vlc
handbrake handbrake
lutris lutris
chromium
]; ];
}; };

50
machines/lewis/configuration.nix
View file

@ -2,7 +2,6 @@
self, self,
config, config,
pkgs, pkgs,
lib,
... ...
}: { }: {
config = { config = {
@ -23,54 +22,5 @@
data-sharing.enable = true; data-sharing.enable = true;
backups.enable = true; backups.enable = true;
}; };
systemd = {
timers.read-dir-sizes = {
wantedBy = ["timers.target"];
timerConfig = {
OnBootSec = "5m";
OnUnitActiveSec = "5m";
Unit = "read-dir-sizes.service";
};
};
services."read-dir-sizes" = {
script = let
script = pkgs.writeShellScriptBin "read-dir-sizes.sh" ''
DIRS=(
"/mnt/longhorn/persistent/media/movies"
"/mnt/longhorn/persistent/media/shows"
)
temp_file=$(mktemp)
trap 'rm -f "$temp_file"' EXIT
for DIR_PATH in "''${DIRS[@]}"; do
# Find all top-level subdirectories and calculate their size
find "$DIR_PATH" -mindepth 1 -maxdepth 1 -type d | while read -r subdir; do
# Calculate the size of the top-level subdirectory
du --block-size=1 -s "$subdir" | while read -r size path; do
# Print size in Prometheus format
echo "directory_size_bytes{dir=\"$path\"} $size" >> $temp_file
done
done
done
mkdir -p /var/lib/node_exporter/textfile_collector
cp $temp_file /var/lib/node_exporter/textfile_collector/dir_sizes.prom
chmod o=r /var/lib/node_exporter/textfile_collector/dir_sizes.prom
'';
in "${lib.getExe script}";
serviceConfig = {
Type = "oneshot";
User = "root";
};
};
tmpfiles.rules = [
"d /mnt/longhorn/persistent/media/torrents 775 414 51 8d"
];
};
services.prometheus.exporters.node.extraFlags = ["--collector.textfile.directory=/var/lib/node_exporter/textfile_collector"];
}; };
} }

48
machines/blocktech/configuration.nix → machines/sue/configuration.nix
View file

@ -12,15 +12,16 @@
config = { config = {
pim = { pim = {
lanzaboote.enable = false; lanzaboote.enable = true;
tidal.enable = false; tidal.enable = true;
gnome.enable = true; gnome.enable = true;
stylix.enable = true; stylix.enable = true;
wireguard.enable = true; wireguard.enable = true;
sops-nix.usersWithSopsKeys = ["pkunis"]; compliance.enable = true;
sops-nix.usersWithSopsKeys = ["pim"];
}; };
users.users.pkunis = { users.users.pim = {
isNormalUser = true; isNormalUser = true;
extraGroups = ["wheel" "docker" "input" "wireshark" "dialout"]; extraGroups = ["wheel" "docker" "input" "wireshark" "dialout"];
}; };
@ -32,10 +33,10 @@
}; };
facter.reportPath = ./facter.json; facter.reportPath = ./facter.json;
home-manager.users.pkunis.imports = [./pkunis.home.nix]; home-manager.users.pim.imports = [./pim.home.nix];
nix.settings.trusted-users = ["pkunis"]; nix.settings.trusted-users = ["pim"];
system.stateVersion = "23.05"; system.stateVersion = "23.05";
sops.defaultSopsFile = "${self}/secrets/blocktech/nixos.yaml"; sops.defaultSopsFile = "${self}/secrets/sue/nixos.yaml";
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
borgbackup borgbackup
@ -59,26 +60,18 @@
}; };
}; };
swapDevices = [ swapDevices = [{device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b";}];
{device = "/dev/disk/by-uuid/949815d4-cfc4-4cf3-bbbe-22516f91119c";} fileSystems = {
]; "/" = {
device = "/dev/disk/by-uuid/31638735-5cc4-4013-8037-17e30edcbb0a";
fsType = "ext4";
};
fileSystems."/" = { "/boot" = {
device = "/dev/disk/by-uuid/06710546-327b-402a-b221-8d88b75301d2"; device = "/dev/disk/by-uuid/560E-F8A2";
fsType = "ext4"; fsType = "vfat";
}; options = ["fmask=0022" "dmask=0022"];
fileSystems."/boot" = { };
device = "/dev/disk/by-uuid/E547-7E6C";
fsType = "vfat";
options = ["fmask=0077" "dmask=0077"];
};
boot = {
initrd.luks.devices."luks-4cc1ad7c-a794-4c54-adc8-c9f666c9b781".device = "/dev/disk/by-uuid/4cc1ad7c-a794-4c54-adc8-c9f666c9b781";
initrd.luks.devices."luks-161f5109-c2d7-4307-91f6-27c655d6ab3e".device = "/dev/disk/by-uuid/161f5109-c2d7-4307-91f6-27c655d6ab3e";
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
}; };
nix.settings = { nix.settings = {
@ -86,6 +79,8 @@
trusted-public-keys = ["cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="]; trusted-public-keys = ["cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="];
}; };
boot.initrd.luks.devices."luks-8ffd3129-4908-4209-98c4-4eb68a35c494".device = "/dev/disk/by-uuid/8ffd3129-4908-4209-98c4-4eb68a35c494";
specialisation.cosmic = lib.mkIf config.pim.cosmic.enable { specialisation.cosmic = lib.mkIf config.pim.cosmic.enable {
configuration = { configuration = {
imports = [ imports = [
@ -95,7 +90,6 @@
services = { services = {
desktopManager.cosmic.enable = true; desktopManager.cosmic.enable = true;
displayManager.cosmic-greeter.enable = true; displayManager.cosmic-greeter.enable = true;
services.xserver.videoDrivers = ["nvidia"];
}; };
}; };
}; };

4520
machines/blocktech/facter.json → machines/sue/facter.json
View file

File diff suppressed because it is too large Load diff

30
machines/blocktech/pkunis.home.nix → machines/sue/pim.home.nix
View file

@ -1,54 +1,43 @@
{ {
lib,
self, self,
pkgs, pkgs,
config, config,
... ...
}: let }: {
inherit (self.packages.${pkgs.system}) neovim;
in {
config = { config = {
pim = { pim = {
tidal.enable = false; tidal.enable = true;
gnome.enable = true; gnome.enable = true;
vscode.enable = true; vscode.enable = true;
syncthing.enable = true; syncthing.enable = true;
neovim.enable = true;
firefox.enable = true; firefox.enable = true;
}; };
programs = { programs.chromium.enable = true;
chromium.enable = true;
git.extraConfig.core.editor = lib.getExe neovim;
};
home = { home = {
username = "pkunis"; username = "pim";
homeDirectory = "/home/pkunis"; homeDirectory = "/home/pim";
stateVersion = "23.05"; stateVersion = "23.05";
sessionVariables = {
MANPAGER = "${lib.getExe neovim} +Man!";
EDITOR = lib.getExe neovim;
};
}; };
sops = { sops = {
defaultSopsFile = "${self}/secrets/blocktech/pkunis.yaml"; defaultSopsFile = "${self}/secrets/sue/pim.yaml";
age.keyFile = "${config.xdg.configHome}/sops/age/keys.txt"; age.keyFile = "${config.xdg.configHome}/sops/age/keys.txt";
secrets."keepassxc".path = "${config.xdg.configHome}/keepassxc/keepassxc.ini"; secrets."keepassxc".path = "${config.xdg.configHome}/keepassxc/keepassxc.ini";
}; };
home.packages = home.packages =
[self.packages.${pkgs.system}.neovim] (with pkgs; [
++ (with pkgs; [
jellyfin-media-player jellyfin-media-player
virt-manager virt-manager
bottles-unwrapped
feishin
]) ])
++ (with pkgs.unstable; [ ++ (with pkgs.unstable; [
attic-client attic-client
dbeaver-bin dbeaver-bin
devenv devenv
bottles-unwrapped
gimp gimp
hexchat hexchat
impression impression
@ -68,6 +57,7 @@ in {
wireshark wireshark
# nheko # Has insecure olm dependency # nheko # Has insecure olm dependency
handbrake handbrake
feishin
redfishtool redfishtool
]); ]);
}; };

2
nixos-configurations.nix
View file

@ -3,7 +3,7 @@ inputs @ {
self, self,
... ...
}: { }: {
nixosConfigurations = nixpkgs.lib.mapAttrs (_: { nixosConfigurations = nixpkgs.lib.mapAttrs (name: {
system, system,
nixosModule, nixosModule,
}: }:

14
nixos/compliance.nix Normal file
View file

@ -0,0 +1,14 @@
{
config,
lib,
...
}: let
cfg = config.pim.compliance;
in {
options.pim.compliance.enable = lib.mkEnableOption "compliance";
config = lib.mkIf cfg.enable {
services.clamav = {
daemon.enable = true;
};
};
}

10
nixos/data-sharing.nix
View file

@ -4,7 +4,15 @@
... ...
}: let }: let
cfg = config.pim.data-sharing; cfg = config.pim.data-sharing;
nfsShares = ["/mnt/longhorn/persistent/longhorn-backup"];
nfsShares = [
"/mnt/longhorn/persistent/media"
"/mnt/longhorn/persistent/media/books"
"/mnt/longhorn/persistent/media/movies"
"/mnt/longhorn/persistent/media/music"
"/mnt/longhorn/persistent/media/shows"
"/mnt/longhorn/persistent/longhorn-backup"
];
nfsExports = lib.strings.concatLines ( nfsExports = lib.strings.concatLines (
builtins.map builtins.map

22
nixos/default.nix
View file

@ -18,6 +18,7 @@
./stylix.nix ./stylix.nix
./wireguard.nix ./wireguard.nix
./gnome.nix ./gnome.nix
./compliance.nix
./cinnamon.nix ./cinnamon.nix
./ssh.nix ./ssh.nix
./desktop.nix ./desktop.nix
@ -127,7 +128,6 @@
ncdu ncdu
lshw lshw
sops sops
nix-tree
]; ];
}; };
@ -170,6 +170,8 @@
}; };
nixpkgs = { nixpkgs = {
# hostPlatform = lib.mkDefault "x86_64-linux";
config = { config = {
allowUnfreePredicate = pkg: allowUnfreePredicate = pkg:
builtins.elem (lib.getName pkg) [ builtins.elem (lib.getName pkg) [
@ -179,15 +181,11 @@
"steam-run" "steam-run"
"steam-unwrapped" "steam-unwrapped"
]; ];
permittedInsecurePackages = [
"electron-31.7.7"
];
}; };
overlays = [ overlays = [
inputs.nur.overlays.default inputs.nur.overlay
(_final: _prev: { (final: _prev: {
unstable = import inputs.nixpkgs-unstable { unstable = import inputs.nixpkgs-unstable {
inherit (pkgs) system; inherit (pkgs) system;
config.allowUnfree = true; config.allowUnfree = true;
@ -196,13 +194,9 @@
]; ];
}; };
boot = { boot.kernel.sysctl = {
kernelPackages = pkgs.linuxKernel.packages.linux_6_13; "net.core.default_qdisc" = "fq";
"net.ipv4.tcp_congestion_control" = "bbr";
kernel.sysctl = {
"net.core.default_qdisc" = "fq";
"net.ipv4.tcp_congestion_control" = "bbr";
};
}; };
home-manager = { home-manager = {

5
nixos/desktop.nix
View file

@ -6,11 +6,6 @@
config = lib.mkIf (builtins.elem "desktop" config.deployment.tags) { config = lib.mkIf (builtins.elem "desktop" config.deployment.tags) {
programs.ssh.startAgent = true; programs.ssh.startAgent = true;
hardware.graphics = {
enable = true;
enable32Bit = true;
};
services = { services = {
xserver.enable = true; xserver.enable = true;
printing.enable = true; printing.enable = true;

61
nixos/prometheus.nix
View file

@ -12,39 +12,42 @@
services.prometheus = { services.prometheus = {
enable = true; enable = true;
scrapeConfigs = let scrapeConfigs = (
node = { let
job_name = "node"; generated = lib.pipe nodes [
static_configs = [ (lib.filterAttrs (name: node: node.config.services.prometheus.exporters.node.enable))
{ (lib.attrsets.mapAttrsToList
targets = lib.pipe nodes [ (name: node: {
(lib.filterAttrs (_name: node: node.config.services.prometheus.exporters.node.enable)) job_name = name;
(lib.attrsets.mapAttrsToList static_configs = [
(_name: node: "${node.config.networking.fqdn}:${toString node.config.services.prometheus.exporters.node.port}")) {
]; targets = ["${node.config.networking.fqdn}:${toString node.config.services.prometheus.exporters.node.port}"];
} }
];
}))
]; ];
};
pikvm = { pikvm = {
job_name = "pikvm"; job_name = "pikvm";
metrics_path = "/api/export/prometheus/metrics"; metrics_path = "/api/export/prometheus/metrics";
scheme = "https"; scheme = "https";
tls_config.insecure_skip_verify = true; tls_config.insecure_skip_verify = true;
# We don't care about security here, it's behind a VPN. # We don't care about security here, it's behind a VPN.
basic_auth = { basic_auth = {
username = "admin"; username = "admin";
password = "admin"; password = "admin";
};
static_configs = [
{
targets = ["pikvm.dmz"];
}
];
}; };
in
static_configs = [ generated ++ [pikvm]
{ );
targets = ["pikvm.dmz"];
}
];
};
in [node pikvm];
}; };
services.nginx = { services.nginx = {

3
nixos/server.nix
View file

@ -2,7 +2,6 @@
lib, lib,
config, config,
self, self,
pkgs,
... ...
}: { }: {
options.pim.tailscale.advertiseExitNode = lib.mkOption { options.pim.tailscale.advertiseExitNode = lib.mkOption {
@ -11,8 +10,6 @@
}; };
config = lib.mkIf (builtins.elem "server" config.deployment.tags) { config = lib.mkIf (builtins.elem "server" config.deployment.tags) {
environment.systemPackages = [pkgs.unar];
networking = { networking = {
firewall.allowedTCPPorts = [config.services.prometheus.exporters.node.port]; firewall.allowedTCPPorts = [config.services.prometheus.exporters.node.port];
domain = "dmz"; domain = "dmz";

1
nixos/tidal.nix
View file

@ -5,7 +5,6 @@
}: let }: let
cfg = config.pim.tidal; cfg = config.pim.tidal;
in { in {
# TODO: this is bad and broken
options.pim.tidal.enable = lib.mkEnableOption "tidal"; options.pim.tidal.enable = lib.mkEnableOption "tidal";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {

120
packages.nix
View file

@ -2,130 +2,12 @@
nixpkgs, nixpkgs,
flake-utils, flake-utils,
treefmt-nix, treefmt-nix,
nvf,
... ...
}: }:
flake-utils.lib.eachDefaultSystem (system: let flake-utils.lib.eachDefaultSystem (system: let
pkgs = nixpkgs.legacyPackages.${system}; pkgs = nixpkgs.legacyPackages.${system};
treefmtEval = treefmt-nix.lib.evalModule pkgs ./treefmt.nix; treefmtEval = treefmt-nix.lib.evalModule pkgs ./treefmt.nix;
treefmtWrapper = treefmtEval.config.build.wrapper; treefmtWrapper = treefmtEval.config.build.wrapper;
neovimConfigured = nvf.lib.neovimConfiguration {
inherit pkgs;
modules = [
{
config.vim = {
preventJunkFiles = true;
telescope.enable = true;
autopairs.nvim-autopairs.enable = true;
autocomplete.nvim-cmp.enable = true;
snippets.luasnip.enable = true;
filetree.neo-tree.enable = true;
tabline.nvimBufferline.enable = true;
dashboard.alpha.enable = true;
notify.nvim-notify.enable = true;
projects.project-nvim.enable = true;
comments.comment-nvim.enable = true;
extraPlugins.vim-sleuth.package = pkgs.vimPlugins.vim-sleuth;
keymaps = [
{
key = "<C-e>";
mode = ["n"];
action = ":Neotree toggle<CR>";
silent = true;
desc = "Toggle Neotree";
}
];
lsp = {
formatOnSave = true;
lightbulb.enable = true;
trouble.enable = true;
lspSignature.enable = true;
otter-nvim.enable = true;
lsplines.enable = true;
};
languages = {
enableLSP = true;
enableFormat = true;
enableTreesitter = true;
enableExtraDiagnostics = true;
nix.enable = true;
markdown.enable = true;
bash.enable = true;
clang.enable = true;
css.enable = true;
html.enable = true;
sql.enable = true;
go.enable = true;
python.enable = true;
rust = {
enable = true;
crates.enable = true;
};
};
visuals = {
nvim-web-devicons.enable = true;
cinnamon-nvim.enable = true;
fidget-nvim.enable = true;
highlight-undo.enable = true;
cellular-automaton.enable = true;
};
statusline.lualine = {
enable = true;
theme = "gruvbox";
};
theme = {
enable = true;
name = "gruvbox";
style = "dark";
transparent = false;
};
binds = {
whichKey.enable = true;
cheatsheet.enable = true;
};
git = {
enable = true;
gitsigns.enable = true;
};
utility = {
surround.enable = true;
diffview-nvim.enable = true;
motion = {
hop.enable = true;
leap.enable = true;
};
};
terminal.toggleterm = {
enable = true;
lazygit.enable = true;
};
ui = {
borders.enable = true;
noice.enable = true;
colorizer.enable = true;
smartcolumn.enable = true;
fastaction.enable = true;
};
};
}
];
};
in { in {
packages = { packages.formatter = treefmtWrapper;
formatter = treefmtWrapper;
inherit (neovimConfigured) neovim;
};
}) })

6
secrets/blocktech/colmena.yaml → secrets/sue/colmena.yaml
View file

@ -1,6 +1,6 @@
sops_nix_keys: sops_nix_keys:
root: ENC[AES256_GCM,data:CxF2wjcQ2OFuS7Pgjnc8zc7sqGEz3dcHt4NXkL+V6w7kGPP+b4wBhOlT7b+bEESNslpK2htLY7x+IZWIA8JQpeRKHAKymAUK86I=,iv:5qNFDb86/Vr9Iqzx1eES4wUVY5XTq3iOR4VQliuP1lg=,tag:gx/Q7t52l9kMhPRXdpsB6A==,type:str] root: ENC[AES256_GCM,data:CxF2wjcQ2OFuS7Pgjnc8zc7sqGEz3dcHt4NXkL+V6w7kGPP+b4wBhOlT7b+bEESNslpK2htLY7x+IZWIA8JQpeRKHAKymAUK86I=,iv:5qNFDb86/Vr9Iqzx1eES4wUVY5XTq3iOR4VQliuP1lg=,tag:gx/Q7t52l9kMhPRXdpsB6A==,type:str]
pkunis: ENC[AES256_GCM,data:192vkgOdMoDEhPU6yilatIfaFS/1LJFvteEMYI1/3SBP773lN62pWoDiJDiBtjBCisA/3yHriL3Dpvs1PwbV0BChmbL+svwKrFE=,iv:/YyZ+NSyZwyGp4NJYUSeYOOUfGaH5jOiVUH8QeWnFUA=,tag:sWN0bQvm8Ejw5+XST0pAEQ==,type:str] pim: ENC[AES256_GCM,data:PWFlRBaqImbCpj3IXU+BtNIRvwru+GRwxDQO4QwINRvxRqC36LE6JpMqaJNrTdCPy+aQ01brTN8y99qXTDlrul32cZnopc37r78=,iv:1tG7rDB5D7D2myes6Ro8hXC140ugjXpiwNpivWFw/xw=,tag:BNm/Ep55tt7xBWZFyzTR5g==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -16,8 +16,8 @@ sops:
NkJzL3JSN2sxbnF6NGNhQlJqTHpHRTAKK+3FqqBAGxdlMtnbsySEcZT1lkQwJWvK NkJzL3JSN2sxbnF6NGNhQlJqTHpHRTAKK+3FqqBAGxdlMtnbsySEcZT1lkQwJWvK
GFB+6CtH9UtyIGrdK8Pm/0ahsolYGAim2OjeiKBbs3Q8kLm5WAsgRg== GFB+6CtH9UtyIGrdK8Pm/0ahsolYGAim2OjeiKBbs3Q8kLm5WAsgRg==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-02-25T13:53:06Z" lastmodified: "2024-11-30T23:42:51Z"
mac: ENC[AES256_GCM,data:lLojNOq2QtdeqiCHOg6+Kssfa+Ey6JefPQulFkgnr1Onrt60ds2qWg5TTMHMlUaa6vB1S78WqyquTRBLv9Ek/alOae+CgdDi+vVX8hG5Mc2Edcfl+z8rRNFB+2mOEl1gJwKntyxySx6YBiDhZsH0p+Xflw9WGm/lL/FyRCJCwq0=,iv:8PqXupgwdfgdfIzsymVSrjQACoMODR+XYPgLMvASjos=,tag:rLGJlL3alm/qy+3qeS637g==,type:str] mac: ENC[AES256_GCM,data:fo856uaz54nxHDJVDpMOPc6GHAzMdVJTfqBiMtJkEwm3AVICtRcI8ucceBnmfKZf9DM2MC2DffU1tvJd5iqpqFZMXCElRnBxWVZGhvrZqIZtmoAin5zBgwOudf1o6msmdNGmZk1ECq/HpHNO/QMQ3rnFdBvOZwL0zu6iZm9XwC0=,iv:T6Tv1ukk0CWbTRVWYdfn/bWQoETk8DRVMOzpJE9mCWE=,tag:eICIYTBvAJLUTpRcMYqc5Q==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.9.1 version: 3.9.1

0
secrets/blocktech/nixos.yaml → secrets/sue/nixos.yaml
View file

0
secrets/blocktech/pkunis.yaml → secrets/sue/pim.yaml
View file