From 8dd4dce913b60163afb0b4a9bdecc79c0c7ef873 Mon Sep 17 00:00:00 2001 From: Azat Bahawi Date: Sun, 21 Jan 2024 15:11:34 +0300 Subject: 2024-01-21 --- flake.lock | 80 ++++++++++++++++----------------- modules/common/git.nix | 13 +++--- modules/common/profiles/dev/default.nix | 13 +++--- modules/nixos/k3s.nix | 2 +- modules/nixos/lxc.nix | 7 ++- modules/nixos/unbound.nix | 25 +---------- nixosConfigurations/eonwe/default.nix | 1 + 7 files changed, 61 insertions(+), 80 deletions(-) diff --git a/flake.lock b/flake.lock index e3f1942..0a6c0fd 100644 --- a/flake.lock +++ b/flake.lock @@ -124,11 +124,11 @@ ] }, "locked": { - "lastModified": 1704277720, - "narHash": "sha256-meAKNgmh3goankLGWqqpw73pm9IvXjEENJloF0coskE=", + "lastModified": 1705452289, + "narHash": "sha256-i/WodLabBcmRr9hdSv5jzDigL1hRYuI8vNh+xTbGt+g=", "owner": "LnL7", "repo": "nix-darwin", - "rev": "0dd382b70c351f528561f71a0a7df82c9d2be9a4", + "rev": "74ab0227ee495e526f2dd57ea684b34f6396445a", "type": "github" }, "original": { @@ -179,11 +179,11 @@ "flake-registry": { "flake": false, "locked": { - "lastModified": 1692779116, - "narHash": "sha256-erTXdDToRA8whxURoEgBGWj550vcUirO6adEFIjQ0M0=", + "lastModified": 1705308826, + "narHash": "sha256-Z3xTYZ9EcRIqZAufZbci912MUKB0sD+qxi/KTGMFVwY=", "owner": "NixOS", "repo": "flake-registry", - "rev": "3f641cbae15d3c74370aa9b97fd0ac478a114305", + "rev": "9c69f7bd2363e71fe5cd7f608113290c7614dcdd", "type": "github" }, "original": { @@ -199,11 +199,11 @@ ] }, "locked": { - "lastModified": 1701680307, - "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "lastModified": 1705309234, + "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", "owner": "numtide", "repo": "flake-utils", - "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", "type": "github" }, "original": { @@ -220,11 +220,11 @@ ] }, "locked": { - "lastModified": 1660459072, - "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", + "lastModified": 1703887061, + "narHash": "sha256-gGPa9qWNc6eCXT/+Z5/zMkyYOuRZqeFZBDbopNZQkuY=", "owner": "hercules-ci", "repo": "gitignore.nix", - "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", + "rev": "43e1aa1308018f37118e34d3a9cb4f5e75dc11d5", "type": "github" }, "original": { @@ -240,11 +240,11 @@ ] }, "locked": { - "lastModified": 1704809957, - "narHash": "sha256-Z8sBeoeeY2O+BNqh5C+4Z1h1F1wQ2mij7yPZ2GY397M=", + "lastModified": 1705708511, + "narHash": "sha256-3f4BkRY70Fj7yvuo87c4QQPAjnt571g2wJ50jY7hnYc=", "owner": "nix-community", "repo": "home-manager", - "rev": "e13aa9e287b3365473e5897e3667ea80a899cdfb", + "rev": "ce4b88c465d928f4f8b75d0920f1788d5b65ca94", "type": "github" }, "original": { @@ -314,11 +314,11 @@ ] }, "locked": { - "lastModified": 1704774121, - "narHash": "sha256-ekU4NfPIRiskQPyuSEx4TA0jm0hieW4S6GblUZe9gkQ=", + "lastModified": 1705713628, + "narHash": "sha256-Z4AxGE1tFSZfj5Xy2/C396h8MqhWkKQSFFZpTz8K/40=", "owner": "Infinidoge", "repo": "nix-minecraft", - "rev": "9c4f6c849b710cff6c9970fc7c19681bfa5c43af", + "rev": "ca0510895503f8151dd0e9d38e05c183848a1e62", "type": "github" }, "original": { @@ -329,11 +329,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1704786394, - "narHash": "sha256-aJM0ln9fMGWw1+tjyl5JZWZ3ahxAA2gw2ZpZY/hkEMs=", + "lastModified": 1705312285, + "narHash": "sha256-rd+dY+v61Y8w3u9bukO/hB55Xl4wXv4/yC8rCGVnK5U=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "b34a6075e9e298c4124e35c3ccaf2210c1f3a43b", + "rev": "bee2202bec57e521e3bd8acd526884b9767d7fa0", "type": "github" }, "original": { @@ -344,11 +344,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1704842529, - "narHash": "sha256-OTeQA+F8d/Evad33JMfuXC89VMetQbsU4qcaePchGr4=", + "lastModified": 1705666311, + "narHash": "sha256-VYdSQm7zq3AStyHhRr3SBCTA8fVzrl6WtIlXTs2Wlts=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "eabe8d3eface69f5bb16c18f8662a702f50c20d5", + "rev": "a455c5fb3ee513e2f443838a0e84d52b035adb67", "type": "github" }, "original": { @@ -360,11 +360,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1704917226, - "narHash": "sha256-81Mz54Gu49h2pA51Em0uEUMfeQTm9Etgs9a1ohqmPwo=", + "lastModified": 1705740246, + "narHash": "sha256-APl3uibJr7dWxzSa17VCY1IceWz9UT1ySehju8SIYYM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3534a235f11c376779a900694008b9d1fa0be14d", + "rev": "a268720526d5a602e902b68b27667b1e7eec8e48", "type": "github" }, "original": { @@ -376,11 +376,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1704916268, - "narHash": "sha256-4QqFzzV7sfUQCW/6Xkjd2ETA8ogfdZU95BhzU3txyGs=", + "lastModified": 1705736500, + "narHash": "sha256-63GKAub3O5JtzcMDgidEKOU5+2jjXlhc1n8aVxv0pbk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "33e57e0c38127b5140b3505deda8669fcf4ab4ea", + "rev": "e31f16e3f93c25159b02627198d065ad6480c19a", "type": "github" }, "original": { @@ -392,16 +392,16 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1685801374, - "narHash": "sha256-otaSUoFEMM+LjBI1XL/xGB5ao6IwnZOXc47qhIgJe8U=", + "lastModified": 1704874635, + "narHash": "sha256-YWuCrtsty5vVZvu+7BchAxmcYzTMfolSPP5io8+WYCg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c37ca420157f4abc31e26f436c1145f8951ff373", + "rev": "3dc440faeee9e889fe2d1b4d25ad0f430d449356", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-23.05", + "ref": "nixos-23.11", "repo": "nixpkgs", "type": "github" } @@ -455,11 +455,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1704913983, - "narHash": "sha256-K/GuHFFriQhH3VPWMhm6bYelDuPyGGjGu1OF1EWUn5k=", + "lastModified": 1705229514, + "narHash": "sha256-itILy0zimR/iyUGq5Dgg0fiW8plRDyxF153LWGsg3Cw=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "b0265634df1dc584585c159b775120e637afdb41", + "rev": "ffa9a5b90b0acfaa03b1533b83eaf5dead819a05", "type": "github" }, "original": { @@ -524,11 +524,11 @@ ] }, "locked": { - "lastModified": 1704849611, - "narHash": "sha256-AzXnAJ5S3E2FUMPQmflYp8tsbhHBx+uK4lfKG7OKRFI=", + "lastModified": 1705713606, + "narHash": "sha256-8VYBrwOxaofT+GAxQ5Z1wYF22KHOPwTrfliDTuOrNEc=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "657b4c72ffc5fef00090418bd5080f331b646a75", + "rev": "8430e52a88282c7295c409ba315f6e0967403f39", "type": "github" }, "original": { diff --git a/modules/common/git.nix b/modules/common/git.nix index fbd7ec7..45a0347 100644 --- a/modules/common/git.nix +++ b/modules/common/git.nix @@ -68,7 +68,7 @@ in { core.whitespace = "trailing-space"; init.defaultBranch = "master"; status.submoduleSummary = true; - commit.verbose = 1; + commit.verbose = true; push.autoSetupRemote = true; pull.rebase = true; rebase = { @@ -93,19 +93,22 @@ in { gitlab.user = my.username; } // mapAttrs' - (n: v: nameValuePair ''url "git@${v}:"'' {insteadOf = "${n}:";}) { - "alpine" = "gitlab.alpinelinux.org"; + (name: value: nameValuePair ''url "git@${value}:"'' {insteadOf = "${name}:";}) { "bitbucket" = "bitbucket.com"; "codeberg" = "codeberg.org"; - "freedesktop" = "gitlab.freedesktop.org"; "github" = "github.com"; "gitlab" = "gitlab.com"; + "sourcehut" = "git.sr.ht"; + } + // mapAttrs' + (name: values: nameValuePair ''url "https://${values}/"'' {insteadOf = "${name}:";}) { + "alpine" = "gitlab.alpinelinux.org"; + "freedesktop" = "gitlab.freedesktop.org"; "gnome" = "gitlab.gnome.org"; "haskell" = "gitlab.haskell.org"; "kde" = "invent.kde.org"; "notabug" = "notabug.org"; "opencode" = "opencode.net"; - "sourcehut" = "git.sr.ht"; "torproject" = "gitlab.torproject.org"; "videolan" = "code.videolan.org"; }; diff --git a/modules/common/profiles/dev/default.nix b/modules/common/profiles/dev/default.nix index f7c313f..1bc0b0e 100644 --- a/modules/common/profiles/dev/default.nix +++ b/modules/common/profiles/dev/default.nix @@ -61,16 +61,17 @@ in { }; packages = with pkgs; [ + age + htmlq + httpie + hydra-check + jq + logcli nix-index nix-update nixpkgs-review - hydra-check - jq - yq - htmlq sops - httpie - logcli + yq ]; }; diff --git a/modules/nixos/k3s.nix b/modules/nixos/k3s.nix index dcbd052..016eb50 100644 --- a/modules/nixos/k3s.nix +++ b/modules/nixos/k3s.nix @@ -23,7 +23,7 @@ in { systemd.services.k3s.environment = { K3S_KUBECONFIG_OUTPUT = "/etc/rancher/k3s/k3s.yaml"; - K3S_KUBECONFIG_MODE = "600"; + K3S_KUBECONFIG_MODE = "664"; }; }; } diff --git a/modules/nixos/lxc.nix b/modules/nixos/lxc.nix index 4f7805f..bfdab8f 100644 --- a/modules/nixos/lxc.nix +++ b/modules/nixos/lxc.nix @@ -6,11 +6,10 @@ with lib; let cfg = config.nixfiles.modules.lxc; in { - options.nixfiles.modules.lxc.enable = - mkEnableOption "LXC/LXD"; + options.nixfiles.modules.lxc.enable = mkEnableOption "LXC/Incus"; config = mkIf cfg.enable { - virtualisation.lxd.enable = true; - my.extraGroups = "lxd"; + virtualisation.incus.enable = true; + my.extraGroups = ["incus-admin"]; }; } diff --git a/modules/nixos/unbound.nix b/modules/nixos/unbound.nix index 8dce3f5..e6cad81 100644 --- a/modules/nixos/unbound.nix +++ b/modules/nixos/unbound.nix @@ -24,30 +24,7 @@ in { mkIf cfg.enable { ark.directories = [config.services.unbound.stateDir]; - nixfiles.modules = { - redis.enable = true; - - promtail.filters = [ - { - match = { - selector = ''{syslog_identifier="unbound"} |~ " start | stopped |.*in-addr.arpa."''; - action = "drop"; - }; - } - { - match = { - selector = ''{syslog_identifier="unbound"} |= "reply:"''; - stages = [{static_labels.dns = "reply";}]; - }; - } - { - match = { - selector = ''{syslog_identifier="unbound"} |~ "redirect |always_null|always_nxdomain"''; - stages = [{static_labels.dns = "block";}]; - }; - } - ]; - }; + nixfiles.modules.redis.enable = true; services = { unbound = { diff --git a/nixosConfigurations/eonwe/default.nix b/nixosConfigurations/eonwe/default.nix index 9afaf2c..219991a 100644 --- a/nixosConfigurations/eonwe/default.nix +++ b/nixosConfigurations/eonwe/default.nix @@ -24,6 +24,7 @@ with lib; { steam-run.quirks.blackIsleStudios = true; }; libvirtd.enable = true; + lxc.enable = true; mpd.enable = true; qutebrowser.enable = true; }; -- cgit 1.4.1