lelgenio/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: lelgenio:68a7125822b0d7a2bfd4fd480b69754dbc335922
Branches Tags
lelgenio:main
lelgenio:teste
lelgenio:update-24.11
lelgenio:niri
lelgenio:gnome
lelgenio:gnome-pass-search-provider
lelgenio:wip
lelgenio:disko
lelgenio:release-24.05
lelgenio:kak-tree-sitter
lelgenio:hyprland
..
compare: lelgenio:5b963a48c6b2b31a602ebe9b6fc1b72f265903e4
Branches Tags
lelgenio:main
lelgenio:teste
lelgenio:update-24.11
lelgenio:niri
lelgenio:gnome
lelgenio:gnome-pass-search-provider
lelgenio:wip
lelgenio:disko
lelgenio:release-24.05
lelgenio:kak-tree-sitter
lelgenio:hyprland

5 commits
68a7125822 ... 5b963a48c6

Author SHA1 Message Date
lelgenio 5b963a48c6 Atualizar .forgejo/workflows/demo.yaml
All checks were successful
/ test (push) Successful in 3s
Details
2024-04-06 20:51:33 -03:00
lelgenio 0d80bd1b6d Atualizar .forgejo/workflows/demo.yaml
Some checks failed
/ test (push) Failing after 3s
Details
2024-04-06 20:31:46 -03:00
lelgenio 2655e93b8b Atualizar .forgejo/workflows/demo.yaml
All checks were successful
/ test (push) Successful in 21s
Details
2024-04-06 17:49:45 -03:00
lelgenio 6e207cc20e Adicionar .forgejo/workflows/demo.yaml
Some checks reported warnings
/ test (push) Has been cancelled
Details
2024-04-06 17:49:00 -03:00
Leonardo Eugênio d143dbef21 wip 2024-04-06 16:59:44 -03:00
10 changed files with 15 additions and 49 deletions
Show stats Expand all files Collapse all files

6
.forgejo/workflows/demo.yaml Normal file
View file

@ -0,0 +1,6 @@
on: [push]
jobs:
test:
runs-on: ubuntu-latest
steps:
- run: echo All Good!

6
flake.lock
View file

@ -866,11 +866,11 @@
},
"nixpkgs_4": {
"locked": {
"lastModified": 1710695816,
"narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=",
"lastModified": 1712310679,
"narHash": "sha256-XgC/a/giEeNkhme/AV1ToipoZ/IVm1MV2ntiK4Tm+pw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "614b4613980a522ba49f0d194531beddbb7220d3",
"rev": "72da83d9515b43550436891f538ff41d68eecc7f",
"type": "github"
},
"original": {

10
hosts/phantom/email.nix
View file

@ -9,21 +9,13 @@
mailserver = {
enable = true;
fqdn = "mail.lelgenio.xyz";
domains = [
"lelgenio.xyz"
"git.lelgenio.xyz"
];
domains = [ "lelgenio.xyz" ];
certificateScheme = "acme-nginx";
# Create passwords with
# nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
loginAccounts = {
"lelgenio@lelgenio.xyz" = {
hashedPassword = "$2y$05$z5s7QCXcs5uTFsfyYpwNJeWzb3RmzgWxNgcPCr0zjSytkLFF/qZmS";
aliases = [ "postmaster@lelgenio.xyz" ];
};
"noreply@git.lelgenio.xyz" = {
hashedPassword = "$2b$05$TmR1R7ZwXfec7yrOfeBL7u3ZtyXf0up5dEO6uMWSvb/O7LPEm.j0.";
};
};
};

20
hosts/phantom/forgejo.nix
View file

@ -29,28 +29,12 @@ in
lfs.enable = true;
settings = {
service.DISABLE_REGISTRATION = true;
actions = {
ENABLED = true;
DEFAULT_ACTIONS_URL = "github";
};
server = {
DOMAIN = "git.lelgenio.xyz";
HTTP_PORT = 3000;
ROOT_URL = "https://${srv.DOMAIN}/";
};
mailer = {
ENABLED = true;
SMTP_ADDR = "mail.lelgenio.xyz";
FROM = "noreply@git.lelgenio.xyz";
USER = "noreply@git.lelgenio.xyz";
ROOT_URL = "${srv.PROTOCOL}://${srv.DOMAIN}/";
SSH_PORT = 9022;
};
};
mailerPasswordFile = config.age.secrets.phantom-forgejo-mailer-password.path;
};
age.secrets.phantom-forgejo-mailer-password = {
file = ../../secrets/phantom-forgejo-mailer-password.age;
mode = "400";
owner = "forgejo";
};
}

2
hosts/phantom/users.nix
View file

@ -2,7 +2,7 @@
security.rtkit.enable = true;
services.openssh = {
enable = true;
ports = [ 9022 22 ];
ports = [ 9022 ];
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;

5
hosts/phantom/vpsadminos.nix
View file

@ -13,8 +13,7 @@ let
"1.1.1.1"
"2606:4700:4700::1111"
];
in
{
in {
networking.nameservers = mkDefault nameservers;
services.resolved = mkDefault { fallbackDns = nameservers; };
networking.dhcpcd.extraConfig = "noipv4ll";
@ -22,7 +21,7 @@ in
systemd.services.systemd-sysctl.enable = false;
systemd.services.systemd-oomd.enable = false;
systemd.sockets."systemd-journald-audit".enable = false;
systemd.mounts = [{ where = "/sys/kernel/debug"; enable = false; }];
systemd.mounts = [ {where = "/sys/kernel/debug"; enable = false;} ];
systemd.services.rpc-gssd.enable = false;
# Due to our restrictions in /sys, the default systemd-udev-trigger fails

BIN
secrets/phantom-forgejo-mailer-password.age
View file

Binary file not shown.

1
secrets/secrets.nix
View file

@ -10,5 +10,4 @@ in
"phantom-nextcloud.age".publicKeys = [ main_ssh_public_key ];
"phantom-writefreely.age".publicKeys = [ main_ssh_public_key ];
"phantom-renawiki.age".publicKeys = [ main_ssh_public_key ];
"phantom-forgejo-mailer-password.age".publicKeys = [ main_ssh_public_key ];
}

12
switch-phantom
View file

@ -1,12 +0,0 @@
#!/bin/sh
nix fmt
git diff
nixos-rebuild switch --flake .#phantom \
--update-input nixpkgs \
--no-write-lock-file \
--build-host phantom \
--target-host phantom \
"$@"

2
system/secrets.nix
View file

@ -10,7 +10,5 @@
../secrets/rainbow-gitlab-runner-thoreb-itinerario-registrationConfigFile.age;
secrets.monolith-nix-serve-privkey.file =
../secrets/monolith-nix-serve-privkey.age;
secrets.phantom-forgejo-mailer-password.file =
../secrets/phantom-forgejo-mailer-password.age;
};
}