about summary refs log tree commit diff
path: root/modules
diff options
context:
space:
mode:
authorAzat Bahawi <azat@bahawi.net>2024-01-21 15:11:34 +0300
committerAzat Bahawi <azat@bahawi.net>2024-01-21 15:11:34 +0300
commit8dd4dce913b60163afb0b4a9bdecc79c0c7ef873 (patch)
tree7fac2f22f4c1db027469bcebdd7af159b56aa412 /modules
parent2024-01-17 (diff)
2024-01-21
Diffstat (limited to 'modules')
-rw-r--r--modules/common/git.nix13
-rw-r--r--modules/common/profiles/dev/default.nix13
-rw-r--r--modules/nixos/k3s.nix2
-rw-r--r--modules/nixos/lxc.nix7
-rw-r--r--modules/nixos/unbound.nix25
5 files changed, 20 insertions, 40 deletions
diff --git a/modules/common/git.nix b/modules/common/git.nix
index fbd7ec7..45a0347 100644
--- a/modules/common/git.nix
+++ b/modules/common/git.nix
@@ -68,7 +68,7 @@ in {
               core.whitespace = "trailing-space";
               init.defaultBranch = "master";
               status.submoduleSummary = true;
-              commit.verbose = 1;
+              commit.verbose = true;
               push.autoSetupRemote = true;
               pull.rebase = true;
               rebase = {
@@ -93,19 +93,22 @@ in {
               gitlab.user = my.username;
             }
             // mapAttrs'
-            (n: v: nameValuePair ''url "git@${v}:"'' {insteadOf = "${n}:";}) {
-              "alpine" = "gitlab.alpinelinux.org";
+            (name: value: nameValuePair ''url "git@${value}:"'' {insteadOf = "${name}:";}) {
               "bitbucket" = "bitbucket.com";
               "codeberg" = "codeberg.org";
-              "freedesktop" = "gitlab.freedesktop.org";
               "github" = "github.com";
               "gitlab" = "gitlab.com";
+              "sourcehut" = "git.sr.ht";
+            }
+            // mapAttrs'
+            (name: values: nameValuePair ''url "https://${values}/"'' {insteadOf = "${name}:";}) {
+              "alpine" = "gitlab.alpinelinux.org";
+              "freedesktop" = "gitlab.freedesktop.org";
               "gnome" = "gitlab.gnome.org";
               "haskell" = "gitlab.haskell.org";
               "kde" = "invent.kde.org";
               "notabug" = "notabug.org";
               "opencode" = "opencode.net";
-              "sourcehut" = "git.sr.ht";
               "torproject" = "gitlab.torproject.org";
               "videolan" = "code.videolan.org";
             };
diff --git a/modules/common/profiles/dev/default.nix b/modules/common/profiles/dev/default.nix
index f7c313f..1bc0b0e 100644
--- a/modules/common/profiles/dev/default.nix
+++ b/modules/common/profiles/dev/default.nix
@@ -61,16 +61,17 @@ in {
         };
 
         packages = with pkgs; [
+          age
+          htmlq
+          httpie
+          hydra-check
+          jq
+          logcli
           nix-index
           nix-update
           nixpkgs-review
-          hydra-check
-          jq
-          yq
-          htmlq
           sops
-          httpie
-          logcli
+          yq
         ];
       };
 
diff --git a/modules/nixos/k3s.nix b/modules/nixos/k3s.nix
index dcbd052..016eb50 100644
--- a/modules/nixos/k3s.nix
+++ b/modules/nixos/k3s.nix
@@ -23,7 +23,7 @@ in {
 
     systemd.services.k3s.environment = {
       K3S_KUBECONFIG_OUTPUT = "/etc/rancher/k3s/k3s.yaml";
-      K3S_KUBECONFIG_MODE = "600";
+      K3S_KUBECONFIG_MODE = "664";
     };
   };
 }
diff --git a/modules/nixos/lxc.nix b/modules/nixos/lxc.nix
index 4f7805f..bfdab8f 100644
--- a/modules/nixos/lxc.nix
+++ b/modules/nixos/lxc.nix
@@ -6,11 +6,10 @@
 with lib; let
   cfg = config.nixfiles.modules.lxc;
 in {
-  options.nixfiles.modules.lxc.enable =
-    mkEnableOption "LXC/LXD";
+  options.nixfiles.modules.lxc.enable = mkEnableOption "LXC/Incus";
 
   config = mkIf cfg.enable {
-    virtualisation.lxd.enable = true;
-    my.extraGroups = "lxd";
+    virtualisation.incus.enable = true;
+    my.extraGroups = ["incus-admin"];
   };
 }
diff --git a/modules/nixos/unbound.nix b/modules/nixos/unbound.nix
index 8dce3f5..e6cad81 100644
--- a/modules/nixos/unbound.nix
+++ b/modules/nixos/unbound.nix
@@ -24,30 +24,7 @@ in {
     mkIf cfg.enable {
       ark.directories = [config.services.unbound.stateDir];
 
-      nixfiles.modules = {
-        redis.enable = true;
-
-        promtail.filters = [
-          {
-            match = {
-              selector = ''{syslog_identifier="unbound"} |~ " start | stopped |.*in-addr.arpa."'';
-              action = "drop";
-            };
-          }
-          {
-            match = {
-              selector = ''{syslog_identifier="unbound"} |= "reply:"'';
-              stages = [{static_labels.dns = "reply";}];
-            };
-          }
-          {
-            match = {
-              selector = ''{syslog_identifier="unbound"} |~ "redirect |always_null|always_nxdomain"'';
-              stages = [{static_labels.dns = "block";}];
-            };
-          }
-        ];
-      };
+      nixfiles.modules.redis.enable = true;
 
       services = {
         unbound = {

Consider giving Nix/NixOS a try! <3