lelgenio/nixos-config
1
0
Fork 0
Code Issues 1 Pull requests Projects 2 Releases Packages Wiki Activity Actions

Compare commits

base: lelgenio:80a42cc5788cd1efd31abdf408b04b7d99fd989e
Branches Tags
lelgenio:main
lelgenio:wipg
lelgenio:caffeinated
lelgenio:try-fix-firefox
lelgenio:multiline-edit
lelgenio:gnome-the-second
lelgenio:gnome-pass-search-provider
lelgenio:refactor
lelgenio:sops
lelgenio:update-24.11
lelgenio:disko
lelgenio:release-24.05
lelgenio:niri
lelgenio:gnome
lelgenio:hyprland
..
compare: lelgenio:6892829a35037ee1dd0cf6707f0107346558f0c4
Branches Tags
lelgenio:main
lelgenio:wipg
lelgenio:caffeinated
lelgenio:try-fix-firefox
lelgenio:multiline-edit
lelgenio:gnome-the-second
lelgenio:gnome-pass-search-provider
lelgenio:refactor
lelgenio:sops
lelgenio:update-24.11
lelgenio:disko
lelgenio:release-24.05
lelgenio:niri
lelgenio:gnome
lelgenio:hyprland

No commits in common. "80a42cc5788cd1efd31abdf408b04b7d99fd989e" and "6892829a35037ee1dd0cf6707f0107346558f0c4" have entirely different histories.
80a42cc578 ... 6892829a35

4 changed files with 3 additions and 59 deletions
Download patch file Download diff file Expand all files Collapse all files

1
hosts/monolith/default.nix
View file

@ -26,7 +26,6 @@ in
./amdgpu.nix ./amdgpu.nix
./factorio-server.nix ./factorio-server.nix
./nebula-vpn.nix ./nebula-vpn.nix
./minio.nix
]; ];
boot.initrd.availableKernelModules = [ boot.initrd.availableKernelModules = [
"nvme" "nvme"

43
hosts/monolith/minio.nix
View file

@ -1,43 +0,0 @@
{
pkgs,
config,
lib,
...
}:
let
s = config.sops.secrets;
dataDir = "/var/lib/minio";
s3Port = 14749;
consolePort = 10601;
secretConfig = {
owner = "minio";
group = "minio";
restartUnits = [ "minio.service" ];
sopsFile = ../../secrets/monolith/default.yaml;
};
in
{
services.minio = {
enable = true;
dataDir = [ dataDir ];
listenAddress = "0.0.0.0:${toString s3Port}";
consoleAddress = "127.0.0.1:${toString consolePort}";
rootCredentialsFile = config.sops.secrets."minio/root-credentials".path;
};
systemd.tmpfiles.rules = [
"d ${dataDir} 0755 minio minio -"
];
networking.firewall.allowedTCPPorts = [ s3Port ];
sops.secrets = {
"minio/root-credentials" = secretConfig;
};
}

12
hosts/monolith/nebula-vpn.nix
View file

@ -15,11 +15,7 @@ in
services.nebula.networks.wopus = { services.nebula.networks.wopus = {
enable = true; enable = true;
isLighthouse = false; isLighthouse = false;
lighthouses = [ lighthouses = [ "192.168.88.1" ];
"192.168.88.1"
"192.168.88.2"
"192.168.88.3"
];
settings = { settings = {
cipher = "aes"; cipher = "aes";
}; };
@ -30,12 +26,6 @@ in
"192.168.88.1" = [ "192.168.88.1" = [
"neubla-vpn.wopus.dev:4242" "neubla-vpn.wopus.dev:4242"
]; ];
"192.168.88.2" = [
"82.25.77.78:4242"
];
"192.168.88.3" = [
"72.60.60.221:4242"
];
}; };
firewall.outbound = [ firewall.outbound = [
{ {

6
secrets/monolith/default.yaml
View file

@ -11,8 +11,6 @@ nebula-wopus-vpn:
ca-crt: ENC[AES256_GCM,data:sFc9SxfCVaDYxbJqzEK6pRsVoJSFbD1qs/oVKLXXJPrR2y5jVM/ESk/xwaemwEBDPn2VOxLqD62lPF8jP665w/rutskKJ4pMji+Ev2zeryaxDmEwSOL8EbEQtlNxkZZEX3dwVNxykbK5A3bIrcI6vHaOTFeMht6IanO6CdeQOS0KoyYW0fHbW0Dc/YytBMjVWCPQk2VeWCl7X4JBsjj8aVQ8qgupsI16tJmETetO3lHAaYt6dk0Fp51XVaKSuaYGBhnoADXEKA3cIQoPUOaJ1Q0CmdfYk5XWEr0q0OcqjeAn8OERGufHr227tJgYx8A=,iv:G5iq5qeX9NlkOdmj9K0GRQ/6lAU0cBNEO2hQe9kyirY=,tag:b3sW5hs0pkIqqm2j81BIIA==,type:str] ca-crt: ENC[AES256_GCM,data:sFc9SxfCVaDYxbJqzEK6pRsVoJSFbD1qs/oVKLXXJPrR2y5jVM/ESk/xwaemwEBDPn2VOxLqD62lPF8jP665w/rutskKJ4pMji+Ev2zeryaxDmEwSOL8EbEQtlNxkZZEX3dwVNxykbK5A3bIrcI6vHaOTFeMht6IanO6CdeQOS0KoyYW0fHbW0Dc/YytBMjVWCPQk2VeWCl7X4JBsjj8aVQ8qgupsI16tJmETetO3lHAaYt6dk0Fp51XVaKSuaYGBhnoADXEKA3cIQoPUOaJ1Q0CmdfYk5XWEr0q0OcqjeAn8OERGufHr227tJgYx8A=,iv:G5iq5qeX9NlkOdmj9K0GRQ/6lAU0cBNEO2hQe9kyirY=,tag:b3sW5hs0pkIqqm2j81BIIA==,type:str]
monolith-crt: ENC[AES256_GCM,data:+0YbGYreXYR2+cu0NwXUuAnfIEUBGXm5J6nUTx2/z25gDTOVx9eI7USX6cQT/3NOt9S8odHcHeWQXChgWU9Xf+avdXmNO9vQGf8bZCybDQltPF+Gb2zRiFWiAy7raQaZc74SMbGCzABdfQBnEnqs+s/y0+ovilzOmcopnu551QEyjojuMLVcpUsvrEoQBx+dLYBjx22xob0wNUmXgBFxLRuDvYHGdehZ4jg8Ihf9kpDyjtjpfa8mF1kmdKZvPI5Y9z4ZOvA8266H+jFSqfx41nIuYcIwi8naKkoRue4kRCv71IXyK5DJNEweZPXD5sCdd005sxGgBnpSJCpSfr7TsCy5FxDcf9ISi3yrXLttcnOt2u1b3FFKNQiwlo5s2PQB2AB2Zf3nvKPqICmcXtGN3w==,iv:Q6izpQw3SymKNjnjO4x3pzqGJo5SxYZkVYdXcHQBi0A=,tag:9tlMYrN+/mMNYifw1F3yZQ==,type:str] monolith-crt: ENC[AES256_GCM,data:+0YbGYreXYR2+cu0NwXUuAnfIEUBGXm5J6nUTx2/z25gDTOVx9eI7USX6cQT/3NOt9S8odHcHeWQXChgWU9Xf+avdXmNO9vQGf8bZCybDQltPF+Gb2zRiFWiAy7raQaZc74SMbGCzABdfQBnEnqs+s/y0+ovilzOmcopnu551QEyjojuMLVcpUsvrEoQBx+dLYBjx22xob0wNUmXgBFxLRuDvYHGdehZ4jg8Ihf9kpDyjtjpfa8mF1kmdKZvPI5Y9z4ZOvA8266H+jFSqfx41nIuYcIwi8naKkoRue4kRCv71IXyK5DJNEweZPXD5sCdd005sxGgBnpSJCpSfr7TsCy5FxDcf9ISi3yrXLttcnOt2u1b3FFKNQiwlo5s2PQB2AB2Zf3nvKPqICmcXtGN3w==,iv:Q6izpQw3SymKNjnjO4x3pzqGJo5SxYZkVYdXcHQBi0A=,tag:9tlMYrN+/mMNYifw1F3yZQ==,type:str]
monolith-key: ENC[AES256_GCM,data:Y8KVQk66dewyeRIF+6HJeufD9EYO55m73LxrtZi4KQU0RbUpsV0eiRMX62rYtw6+uP87f5Tx6kC3fX4+mqNb2ZgDtVvm3/Qnz5Ly112c/h33krNqRpv6pEHRkrS9j01tLkJnxwiyIvq3b03GTAIoCKWgqaaagCXYHArgzRrDIw==,iv:lp3zuD8XWaiJvyxzXHrgpF4qbrCv/uf9l9qyWXVrkkM=,tag:eSlTCa2TrIuga7UUxoloBQ==,type:str] monolith-key: ENC[AES256_GCM,data:Y8KVQk66dewyeRIF+6HJeufD9EYO55m73LxrtZi4KQU0RbUpsV0eiRMX62rYtw6+uP87f5Tx6kC3fX4+mqNb2ZgDtVvm3/Qnz5Ly112c/h33krNqRpv6pEHRkrS9j01tLkJnxwiyIvq3b03GTAIoCKWgqaaagCXYHArgzRrDIw==,iv:lp3zuD8XWaiJvyxzXHrgpF4qbrCv/uf9l9qyWXVrkkM=,tag:eSlTCa2TrIuga7UUxoloBQ==,type:str]
minio:
root-credentials: ENC[AES256_GCM,data:izDiis6BgAubbe91EUcuwMKrSrYEDQFQbaEGzpdjj3Wlt8Z8gzgvGmYCryAK8GBUMbzQvy0do26xMGMl3LxLWz9bgixixPVFTTg5GhfUJw==,iv:hkrkGz+EpVwkWEMQWBrm2u4Jti7azsDtsTmyouDREug=,tag:mDnOKKBwgKOmsxegKcRhpQ==,type:str]
sops: sops:
age: age:
- recipient: age1zrgu7w8059xydagm60phnffghvfe9h2ca58cx8qwagqpyfuvs9fqw79c8h - recipient: age1zrgu7w8059xydagm60phnffghvfe9h2ca58cx8qwagqpyfuvs9fqw79c8h
@ -33,8 +31,8 @@ sops:
aFVxcDFhaGdYekRWRVFIWnRsZndtZFkKgsvxOFHOcO306Z9FkucA1fDOpZA8N1/h aFVxcDFhaGdYekRWRVFIWnRsZndtZFkKgsvxOFHOcO306Z9FkucA1fDOpZA8N1/h
jYmIgcKTFgWoSCvux67lK30jFsYp7sm5z6WxxDYsGcoQ/+pxoUX2jQ== jYmIgcKTFgWoSCvux67lK30jFsYp7sm5z6WxxDYsGcoQ/+pxoUX2jQ==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-11-27T15:58:01Z" lastmodified: "2025-11-10T03:03:07Z"
mac: ENC[AES256_GCM,data:8JemHyxdcDjkg++kgBAGpvGZAyGnQhcAOzs58D8EqjJzTWWf4HgF3uD8od5EGu5i1f7IzUBNio57H/0DC7fWZk/vIRM/Xn7DREuXClBGmBsc32H+K0tOKg8hMb11PDGqviw0qj0qwl1Gs0+j8C4OY9qLupTDzsECUgRXBtsD4cU=,iv:vOV25BV/C3hK/D4bKb26Xi0PaiSlJ5t9bN18ZJQnCRs=,tag:1AZyn4Zj1/e/2dhNzcfPqg==,type:str] mac: ENC[AES256_GCM,data:GYriodre07cwdOik6Zh3ab3EzMTikF1BxMlKX+Fx1yurwkuBX9ULp04xN4TYWHlMgrDyQc/6c9K6P7yiT/XDBgLmdOUmdUJCkhHRobBID1oBjceKo/bcEhEx13qbKol11aKS9JFpAXGIogHk/ukElxrNTWiDlk409k7+WNn5l2k=,iv:DFSVmaTn2fUuAVf42v9wC/aekajgVjX+RmlG32aGD7E=,tag:noYDrelrDC5lIHS7b8Gj/g==,type:str]
pgp: pgp:
- created_at: "2025-03-07T22:49:16Z" - created_at: "2025-03-07T22:49:16Z"
enc: |- enc: |-