nrabulinski/nix-config - Change S5GPMMOWQ7AAMERJR4CAOU3QEINCLCSG5OAI4R2HJE3NF6DJSWRQC

Fixed satelite. Started removing overlays

Created by nrabulinski on January 16, 2023

S5GPMMOWQ7AAMERJR4CAOU3QEINCLCSG5OAI4R2HJE3NF6DJSWRQC

Dependencies

In channels

main

Change contents

File deletion: scaleway.nix

BF:BFD[3.3255] → [4.3521:3557]

BF:BFD[4.3557] → [4.3558:3558]

B:BD[4.3558] → [5.1216:1465]

∅:D[6.52] → [4.3708:3748]

∅:D[5.1465] → [4.3708:3748]

B:BD[4.3708] → [4.3708:3748]

B:BD[4.3748] → [5.1466:1659]

∅:D[5.1659] → [6.53:125]

B:BD[4.3935] → [6.53:125]

B:BD[6.125] → [5.1660:1703]

∅:D[5.1703] → [6.170:175]

B:BD[6.170] → [6.170:175]

∅:D[6.175] → [4.3935:4024]

B:BD[4.3935] → [4.3935:4024]

B:BD[4.4024] → [5.1704:1764]

∅:D[5.1764] → [4.4476:4500]

B:BD[4.4476] → [4.4476:4500]

B:BD[4.4500] → [7.2033:2103]

∅:D[7.2103] → [6.249:277]

B:BD[6.249] → [6.249:277]

B:BD[6.277] → [7.2104:2105]

∅:D[7.2105] → [6.280:344]

B:BD[6.280] → [6.280:344]

B:BD[6.344] → [5.1765:1793]

∅:D[5.1793] → [7.2106:2107]

B:BD[6.374] → [7.2106:2107]

∅:D[7.2107] → [6.379:609]

B:BD[6.379] → [6.379:609]

B:BD[6.609] → [7.2108:2109]

∅:D[7.2109] → [6.614:641]

B:BD[6.614] → [6.614:641]

B:BD[6.641] → [5.1794:1982]

∅:D[5.1982] → [6.641:646]

B:BD[6.641] → [6.641:646]

B:BD[6.646] → [5.1983:1984]

∅:D[5.1984] → [6.646:737]

B:BD[6.646] → [6.646:737]

B:BD[6.737] → [5.1985:3798]

∅:D[5.3798] → [6.737:742]

B:BD[6.737] → [6.737:742]

∅:D[6.742] → [4.4566:4568]

B:BD[4.4566] → [4.4566:4568]

{
  config,
  lib,
  pkgs,
  modulesPath,
  user,
  ...
}: let
  formatJson = pkgs.formats.json {};
in {
  imports = [./common.nix ./scaleway-module.nix (modulesPath + "/profiles/qemu-guest.nix") ./ssh.nix];
  boot.supportedFilesystems = ["btrfs"];
  boot.loader.grub.device = "/dev/vda";
  boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront"];
  boot.initrd.kernelModules = ["nvme"];
  fileSystems."/" = {
    device = "/dev/vda1";
    fsType = "ext4";
  };
  fileSystems."/nix" = {
    device = "/dev/sda";
    fsType = "btrfs";
    options = ["compress=zstd" "noatime"];
  };
  boot.cleanTmpDir = true;
  zramSwap.enable = true;
  networking.hostName = "satelite";
  networking.firewall.allowedTCPPorts = [80 443 8448 2222];
  boot.scaleway = true;
  environment.systemPackages = with pkgs; [
    vim
    foot.terminfo
    alacritty.terminfo
  ];
  mailserver = {
    enable = true;
    fqdn = "mail.nrab.lol";
    domains = ["nrab.lol"];
    # nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2
    loginAccounts = {
      "1337@nrab.lol" = {
        hashedPasswordFile = pkgs.copyPathToStore ../assets/leetpassword;
      };
    };
    certificateScheme = 3;
  };
  services.matrix-conduit = {
    enable = true;
    settings.global = {
      server_name = "nrab.lol";
      database_backend = "rocksdb";
      allow_registration = false;
    };
  };
  security.acme = {
    acceptTerms = true;
    defaults.email = "nikodem@rabulinski.com";
  };
  users.users.nginx.extraGroups = ["acme"];
  services.nginx = {
    enable = true;
    recommendedProxySettings = true;
    virtualHosts = {
      "nrab.lol" = {
        forceSSL = true;
        enableACME = true;
        locations."=/.well-known/matrix/server" = {
          alias = formatJson.generate "well-known-matrix-server" {
            "m.server" = "matrix.nrab.lol";
          };
          extraConfig = ''
            default_type application/json;
            add_header Access-Control-Allow-Origin "*";
          '';
        };
        locations."=/.well-known/matrix/client" = {
          alias = formatJson.generate "well-known-matrix-client" {
            "m.homeserver" = {
              "base_url" = "https://matrix.nrab.lol";
            };
          };
          extraConfig = ''
            default_type application/json;
            add_header Access-Control-Allow-Origin "*";
          '';
        };
      };
      "matrix.nrab.lol" = {
        forceSSL = true;
        enableACME = true;
        listen = [
          {
            addr = "0.0.0.0";
            port = 80;
          }
          {
            addr = "0.0.0.0";
            port = 443;
            ssl = true;
          }
          {
            addr = "0.0.0.0";
            port = 8448;
            ssl = true;
          }
        ];
        extraConfig = ''
          merge_slashes off;
        '';
        locations."/_matrix/" = {
          proxyPass = "http://backend_conduit$request_uri";
          proxyWebsockets = true;
          extraConfig = ''
            proxy_set_header Host $host;
            proxy_buffering off;
          '';
        };
      };
    };
    upstreams."backend_conduit".servers = {
      "localhost:${toString config.services.matrix-conduit.settings.global.port}" = {};
    };
  };
}

File deletion: scaleway-module.nix

BF:BFD[3.3255] → [4.4569:4612]

BF:BFD[4.4612] → [4.4613:4613]

B:BD[4.4642] → [4.4642:4644]

∅:D[5.3835] → [4.4644:4674]

B:BD[4.4644] → [4.4644:4674]

B:BD[4.4674] → [5.3836:4033]

∅:D[5.4033] → [4.4857:4906]

B:BD[4.4857] → [4.4857:4906]

B:BD[4.4906] → [5.4034:4086]

∅:D[5.4086] → [4.4960:5132]

B:BD[4.4960] → [4.4960:5132]

B:BD[4.5133] → [4.5133:5280]

B:BD[4.5280] → [5.4087:4173]

∅:D[5.4173] → [4.5338:5524]

B:BD[4.5338] → [4.5338:5524]

B:BD[4.5524] → [5.4174:4208]

∅:D[5.4208] → [4.5560:5949]

B:BD[4.5560] → [4.5560:5949]

B:BD[4.5949] → [5.4209:4249]

∅:D[5.4249] → [4.5991:6003]

B:BD[4.5991] → [4.5991:6003]

B:BD[4.6005] → [4.6005:6007]

B:BD[4.4644] → [5.3799:3835]

{
  options = with lib.types; {
    boot.scaleway = with lib.types;
      lib.mkOption {
        description = "Automatically configure the system from scaleway's metadata";
        type = bool;
        default = false;
      };
  };
  config = lib.mkIf config.boot.scaleway {
    boot.kernelParams = ["console=ttyS0,115200n8"];
    boot.loader.grub.extraConfig = ''
      serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1
      terminal_input console
      terminal_output console
    '';
    networking.useDHCP = false;
    networking.useNetworkd = true;
    networking.interfaces.ens2 = {
      useDHCP = true;
      ipv4.routes = [
        {
          address = "169.254.42.42";
          prefixLength = 32;
        }
      ];
    };
    services.openssh.authorizedKeysFiles = [
      "/run/scw-autoconf/ssh-keys/%u"
    ];
    systemd.services.scw-autoconfig = {
      serviceConfig.Type = "oneshot";
      after = ["network.target"];
      script = ''
        install -o 0 -g 0 -m 755 -d /run/scw-autoconf
        install -o 0 -g 0 -m 755 -d /run/scw-autoconf/ssh-keys
        ${pkgs.curl}/bin/curl --local-port 1-1024 http://169.254.42.42/conf?format=json >/run/scw-autoconf/config.json
        ${pkgs.jq}/bin/jq -r '.ssh_public_keys | .[] | .key' </run/scw-autoconf/config.json >/run/scw-autoconf/ssh-keys/root
      '';
      wantedBy = ["multi-user.target"];
    };
  };
}
  config,
  pkgs,
  lib,
  ...
}: {

File addition: scaleway.nix (----------)

[8.19]

{
  config,
  pkgs,
  lib,
  ...
}: {
  options = with lib.types; {
    boot.scaleway = with lib.types;
      lib.mkOption {
        description = "Automatically configure the system from scaleway's metadata";
        type = bool;
        default = false;
      };
  };
  config = lib.mkIf config.boot.scaleway {
    boot.kernelParams = ["console=ttyS0,115200n8"];
    boot.loader.grub.extraConfig = ''
      serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1
      terminal_input console
      terminal_output console
    '';
    networking.useDHCP = false;
    networking.useNetworkd = true;
    networking.interfaces.ens2 = {
      useDHCP = true;
      ipv4.routes = [
        {
          address = "169.254.42.42";
          prefixLength = 32;
        }
      ];
    };
    services.openssh.authorizedKeysFiles = [
      "/run/scw-autoconf/ssh-keys/%u"
    ];
    systemd.services.scw-autoconfig = {
      serviceConfig.Type = "oneshot";
      after = ["network.target"];
      script = ''
        install -o 0 -g 0 -m 755 -d /run/scw-autoconf
        install -o 0 -g 0 -m 755 -d /run/scw-autoconf/ssh-keys
        ${pkgs.curl}/bin/curl --local-port 1-1024 http://169.254.42.42/conf?format=json >/run/scw-autoconf/config.json
        ${pkgs.jq}/bin/jq -r '.ssh_public_keys | .[] | .key' </run/scw-autoconf/config.json >/run/scw-autoconf/ssh-keys/root
      '';
      wantedBy = ["multi-user.target"];
    };
  };
}

Insertion in nixos/modules/default.nix at line 4 [8.1136]
[8.1209]
[8.1209]
```
    scaleway = import ./scaleway.nix;
```
Insertion in lib/mksystem.nix at line 5 [2.139]
[2.176]
[2.176]
```
  self',
```

Replacement in lib/mksystem.nix at line 56 [2.139]

B:BD[2.1284] → [2.1284:1321]

              inherit inputs' theme;

[2.1284]

[2.1321]

              inherit inputs' self' theme;

Replacement in lib/default.nix at line 16 [9.1454]
B:BD[2.2595] → [2.2595:2627]
```
        inherit inputs inputs';
```
[2.2595]
[10.8611]
```
        inherit inputs inputs' self';
```
Insertion in hosts/satelite/default.nix at line 4 [5.6968]
[5.6995]
[5.6995]
```
  self,
```

Replacement in hosts/satelite/default.nix at line 7 [5.6968]

B:BD[5.7006] → [5.7006:7295]

  flake.nixosConfigurations.satelite = withSystem "x86_64-linux" ({
    system,
    self',
    ...
  }: let
    inherit (inputs) nixpkgs home-manager mailserver;
    user = self'.lib.const.user;
  in
    nixpkgs.lib.nixosSystem {
      inherit system;
      specialArgs = {inherit user;};

[5.7006]

[5.7295]

  flake.nixosConfigurations.satelite = withSystem "x86_64-linux" (
    {
      system,
      self',
      ...
    }: let
      inherit (inputs) nixpkgs home-manager mailserver;
      user = self'.lib.const.user;
    in
      self'.lib.mkSystem {
        system = {
          imports = [
            mailserver.nixosModule
            self.nixosModules.scaleway
            ../../nixos/ssh.nix
            ./configuration.nix
          ];
        };

Replacement in hosts/satelite/default.nix at line 26 [5.6968]

B:BD[5.7296] → [5.7296:7547]

      modules = [
        ../../nixos/scaleway.nix
        ../../nixos/ssh.nix
        mailserver.nixosModule
        home-manager.nixosModules.home-manager
        {
          nixpkgs.overlays = [
            # (import ../../nixos/wrappedForGpg.nix)

[5.7296]

[5.7547]

        user = {
          imports = [
            ../../home-manager/pijul.nix

Replacement in hosts/satelite/default.nix at line 30 [5.6968]

B:BD[5.7560] → [5.7560:7805]

B:BD[5.7805] → [11.7347:7422]

∅:D[11.7422] → [5.7805:7832]

B:BD[5.7805] → [5.7805:7832]

          home-manager.useGlobalPkgs = true;
          home-manager.useUserPackages = true;
          home-manager.users.${user} = self'.lib.mkHome {
            imports = [
              ../../home-manager/pijul.nix
            ];
          };
          services.matrix-conduit.package = self'.packages.conduit-latest;
        }
      ];
    });

[5.7560]

[5.7832]

        };
      }
  );

File addition: configuration.nix (----------)

[5.6930]

{
  config,
  lib,
  pkgs,
  modulesPath,
  user,
  ...
}: {
  imports = [
    ./conduit.nix
    (modulesPath + "/profiles/qemu-guest.nix")
  ];
  boot.supportedFilesystems = ["btrfs"];
  boot.loader.grub.device = "/dev/vda";
  boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront"];
  boot.initrd.kernelModules = ["nvme"];
  fileSystems."/" = {
    device = "/dev/vda1";
    fsType = "ext4";
  };
  fileSystems."/nix" = {
    device = "/dev/sda";
    fsType = "btrfs";
    options = ["compress=zstd" "noatime"];
  };
  boot.cleanTmpDir = true;
  zramSwap.enable = true;
  networking.hostName = "satelite";
  networking.firewall.allowedTCPPorts = [80 443 8448 2222];
  boot.scaleway = true;
  environment.systemPackages = with pkgs; [
    vim
    foot.terminfo
    alacritty.terminfo
  ];
  mailserver = {
    enable = true;
    fqdn = "mail.nrab.lol";
    domains = ["nrab.lol"];
    # nix shell nixpkgs#apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2
    loginAccounts = {
      "1337@nrab.lol" = {
        hashedPasswordFile = pkgs.copyPathToStore ../../assets/leetpassword;
      };
    };
    certificateScheme = 3;
  };
}

File addition: conduit.nix (----------)

[5.6930]

{
  config,
  pkgs,
  self',
  ...
}: let
  formatJson = pkgs.formats.json {};
in {
  services.matrix-conduit = {
    enable = true;
    package = self'.packages.conduit-latest;
    settings.global = {
      server_name = "nrab.lol";
      database_backend = "rocksdb";
      allow_registration = false;
    };
  };
  security.acme = {
    acceptTerms = true;
    defaults.email = "nikodem@rabulinski.com";
  };
  users.users.nginx.extraGroups = ["acme"];
  services.nginx = {
    enable = true;
    recommendedProxySettings = true;
    virtualHosts = {
      "nrab.lol" = {
        forceSSL = true;
        enableACME = true;
        locations."=/.well-known/matrix/server" = {
          alias = formatJson.generate "well-known-matrix-server" {
            "m.server" = "matrix.nrab.lol";
          };
          extraConfig = ''
            default_type application/json;
            add_header Access-Control-Allow-Origin "*";
          '';
        };
        locations."=/.well-known/matrix/client" = {
          alias = formatJson.generate "well-known-matrix-client" {
            "m.homeserver" = {
              "base_url" = "https://matrix.nrab.lol";
            };
          };
          extraConfig = ''
            default_type application/json;
            add_header Access-Control-Allow-Origin "*";
          '';
        };
      };
      "matrix.nrab.lol" = {
        forceSSL = true;
        enableACME = true;
        listen = [
          {
            addr = "0.0.0.0";
            port = 80;
          }
          {
            addr = "0.0.0.0";
            port = 443;
            ssl = true;
          }
          {
            addr = "0.0.0.0";
            port = 8448;
            ssl = true;
          }
        ];
        extraConfig = ''
          merge_slashes off;
        '';
        locations."/_matrix/" = {
          proxyPass = "http://backend_conduit$request_uri";
          proxyWebsockets = true;
          extraConfig = ''
            proxy_set_header Host $host;
            proxy_buffering off;
          '';
        };
      };
    };
    upstreams."backend_conduit".servers = {
      "localhost:${toString config.services.matrix-conduit.settings.global.port}" = {};
    };
  };
}

Replacement in hosts/hijiri/default.nix at line 13 [5.9586]

B:BD[2.7570] → [2.7570:7656]

      inherit (inputs) darwin home-manager fenix nur niko-nur firefox-darwin nixpkgs;

[2.7570]

[2.7656]

      nur = inputs'.niko-nur.packages;

Replacement in hosts/hijiri/default.nix at line 16 [5.9586]

B:BD[2.7690] → [2.7690:7709]

∅:D[2.7709] → [5.9995:10053]

B:BD[5.9995] → [5.9995:10053]

B:BD[5.10053] → [2.7710:7753]

∅:D[2.7753] → [5.10293:10340]

B:BD[5.10293] → [5.10293:10340]

B:BD[5.10377] → [5.10377:10808]

B:BD[5.10808] → [2.7754:7765]

        system = {
          pkgs,
          lib,
          ...
        }: {
          imports = [./configuration.nix];
          nixpkgs = {
            overlays = [
              nur.overlay
              niko-nur.overlay
              (final: prev: {
                x86-compat = import nixpkgs {system = "x86_64-darwin";};
                qutebrowser = final.qutebrowser-bin;
              })
              firefox-darwin.overlay
            ];
            config.allowUnfreePredicate = pkg:
              builtins.elem (lib.getName pkg) [
                "slack"
              ];
          };
        };

[2.7690]

[5.11271]

        system = ./configuration.nix;

Replacement in hosts/hijiri/default.nix at line 38 [5.9586]
B:BD[2.8236] → [2.8236:8252]
```
            utm
```
[2.8236]
[2.8252]
```
            nur.utm
```
Replacement in hosts/hijiri/default.nix at line 44 [5.9586]
B:BD[2.8355] → [2.8355:8373]
```
            lunar
```
[2.8355]
[2.8373]
```
            nur.lunar
```

Replacement in hosts/hijiri/default.nix at line 46 [5.9586]

B:BD[2.8394] → [2.8394:8445]

            transmission-bin
            swiftcord

[2.8394]

[2.8445]

            nur.transmission-bin
            nur.swiftcord

Replacement in hosts/hijiri/configuration.nix at line 2 [2.8599]
B:BD[2.8602] → [2.8602:8618]
```
  pkgs,
  user,
```
[2.8602]
[2.8618]
```
  lib,
  inputs,
```

Insertion in hosts/hijiri/configuration.nix at line 10 [2.8599]

[2.8679]


  nixpkgs = {
    overlays = [
      (final: prev: {
        x86-compat = import inputs.nixpkgs {system = "x86_64-darwin";};
        qutebrowser = final.qutebrowser-bin;
      })
      inputs.firefox-darwin.overlay
    ];
    config.allowUnfreePredicate = pkg:
      builtins.elem (lib.getName pkg) [
        "slack"
      ];
  };