From 8dd4dce913b60163afb0b4a9bdecc79c0c7ef873 Mon Sep 17 00:00:00 2001 From: Azat Bahawi Date: Sun, 21 Jan 2024 15:11:34 +0300 Subject: 2024-01-21 --- modules/common/git.nix | 13 ++++++++----- modules/common/profiles/dev/default.nix | 13 +++++++------ modules/nixos/k3s.nix | 2 +- modules/nixos/lxc.nix | 7 +++---- modules/nixos/unbound.nix | 25 +------------------------ 5 files changed, 20 insertions(+), 40 deletions(-) (limited to 'modules') diff --git a/modules/common/git.nix b/modules/common/git.nix index fbd7ec7..45a0347 100644 --- a/modules/common/git.nix +++ b/modules/common/git.nix @@ -68,7 +68,7 @@ in { core.whitespace = "trailing-space"; init.defaultBranch = "master"; status.submoduleSummary = true; - commit.verbose = 1; + commit.verbose = true; push.autoSetupRemote = true; pull.rebase = true; rebase = { @@ -93,19 +93,22 @@ in { gitlab.user = my.username; } // mapAttrs' - (n: v: nameValuePair ''url "git@${v}:"'' {insteadOf = "${n}:";}) { - "alpine" = "gitlab.alpinelinux.org"; + (name: value: nameValuePair ''url "git@${value}:"'' {insteadOf = "${name}:";}) { "bitbucket" = "bitbucket.com"; "codeberg" = "codeberg.org"; - "freedesktop" = "gitlab.freedesktop.org"; "github" = "github.com"; "gitlab" = "gitlab.com"; + "sourcehut" = "git.sr.ht"; + } + // mapAttrs' + (name: values: nameValuePair ''url "https://${values}/"'' {insteadOf = "${name}:";}) { + "alpine" = "gitlab.alpinelinux.org"; + "freedesktop" = "gitlab.freedesktop.org"; "gnome" = "gitlab.gnome.org"; "haskell" = "gitlab.haskell.org"; "kde" = "invent.kde.org"; "notabug" = "notabug.org"; "opencode" = "opencode.net"; - "sourcehut" = "git.sr.ht"; "torproject" = "gitlab.torproject.org"; "videolan" = "code.videolan.org"; }; diff --git a/modules/common/profiles/dev/default.nix b/modules/common/profiles/dev/default.nix index f7c313f..1bc0b0e 100644 --- a/modules/common/profiles/dev/default.nix +++ b/modules/common/profiles/dev/default.nix @@ -61,16 +61,17 @@ in { }; packages = with pkgs; [ + age + htmlq + httpie + hydra-check + jq + logcli nix-index nix-update nixpkgs-review - hydra-check - jq - yq - htmlq sops - httpie - logcli + yq ]; }; diff --git a/modules/nixos/k3s.nix b/modules/nixos/k3s.nix index dcbd052..016eb50 100644 --- a/modules/nixos/k3s.nix +++ b/modules/nixos/k3s.nix @@ -23,7 +23,7 @@ in { systemd.services.k3s.environment = { K3S_KUBECONFIG_OUTPUT = "/etc/rancher/k3s/k3s.yaml"; - K3S_KUBECONFIG_MODE = "600"; + K3S_KUBECONFIG_MODE = "664"; }; }; } diff --git a/modules/nixos/lxc.nix b/modules/nixos/lxc.nix index 4f7805f..bfdab8f 100644 --- a/modules/nixos/lxc.nix +++ b/modules/nixos/lxc.nix @@ -6,11 +6,10 @@ with lib; let cfg = config.nixfiles.modules.lxc; in { - options.nixfiles.modules.lxc.enable = - mkEnableOption "LXC/LXD"; + options.nixfiles.modules.lxc.enable = mkEnableOption "LXC/Incus"; config = mkIf cfg.enable { - virtualisation.lxd.enable = true; - my.extraGroups = "lxd"; + virtualisation.incus.enable = true; + my.extraGroups = ["incus-admin"]; }; } diff --git a/modules/nixos/unbound.nix b/modules/nixos/unbound.nix index 8dce3f5..e6cad81 100644 --- a/modules/nixos/unbound.nix +++ b/modules/nixos/unbound.nix @@ -24,30 +24,7 @@ in { mkIf cfg.enable { ark.directories = [config.services.unbound.stateDir]; - nixfiles.modules = { - redis.enable = true; - - promtail.filters = [ - { - match = { - selector = ''{syslog_identifier="unbound"} |~ " start | stopped |.*in-addr.arpa."''; - action = "drop"; - }; - } - { - match = { - selector = ''{syslog_identifier="unbound"} |= "reply:"''; - stages = [{static_labels.dns = "reply";}]; - }; - } - { - match = { - selector = ''{syslog_identifier="unbound"} |~ "redirect |always_null|always_nxdomain"''; - stages = [{static_labels.dns = "block";}]; - }; - } - ]; - }; + nixfiles.modules.redis.enable = true; services = { unbound = { -- cgit 1.4.1