upRootNutrition/dotfiles
upRootNutrition/dotfiles
1
0
Fork 0
mirror of https://gitlab.com/upRootNutrition/dotfiles.git synced 2025-12-06 21:17:14 -06:00
Code Issues Projects 1 Releases Packages Wiki Activity Actions

feat: added midnight miner

Browse source
This commit is contained in:
Nick 2025-11-12 04:43:11 -06:00
parent ada1ed4b14
commit 5e24256bcf
11 changed files with 775 additions and 117 deletions
Download patch file Download diff file Expand all files Collapse all files

518
flake.lock generated
View file

@ -33,6 +33,98 @@
"type": "github"
}
},
"elm-spa": {
"inputs": {
"nixpkgs": [
"linkpage",
"mkElmDerivation",
"nixpkgs"
]
},
"locked": {
"lastModified": 1706301604,
"narHash": "sha256-n6LDjnPCTLbKTrRgeZhlLTfY6V45xNYcb4NYEMuO4jg=",
"owner": "jeslie0",
"repo": "elm-spa",
"rev": "4c82e18d5fcf9d4c027f0ef0e89204dd87584f7f",
"type": "github"
},
"original": {
"owner": "jeslie0",
"repo": "elm-spa",
"type": "github"
}
},
"elm-spa_2": {
"inputs": {
"nixpkgs": [
"upRootNutrition",
"mkElmDerivation",
"nixpkgs"
]
},
"locked": {
"lastModified": 1706301604,
"narHash": "sha256-n6LDjnPCTLbKTrRgeZhlLTfY6V45xNYcb4NYEMuO4jg=",
"owner": "jeslie0",
"repo": "elm-spa",
"rev": "4c82e18d5fcf9d4c027f0ef0e89204dd87584f7f",
"type": "github"
},
"original": {
"owner": "jeslie0",
"repo": "elm-spa",
"type": "github"
}
},
"elm-watch": {
"inputs": {
"nixpkgs": [
"linkpage",
"mkElmDerivation",
"nixpkgs"
],
"npm-fix": "npm-fix",
"npmlock2nix": "npmlock2nix"
},
"locked": {
"lastModified": 1706304401,
"narHash": "sha256-992cypnhoRbsGkDc5/X241rafBML4EP0EuT6cBcaY/8=",
"owner": "jeslie0",
"repo": "elm-watch",
"rev": "2f1c6c0e69b163c15e2ce66f543c38021b2a0ea3",
"type": "github"
},
"original": {
"owner": "jeslie0",
"repo": "elm-watch",
"type": "github"
}
},
"elm-watch_2": {
"inputs": {
"nixpkgs": [
"upRootNutrition",
"mkElmDerivation",
"nixpkgs"
],
"npm-fix": "npm-fix_2",
"npmlock2nix": "npmlock2nix_2"
},
"locked": {
"lastModified": 1706304401,
"narHash": "sha256-992cypnhoRbsGkDc5/X241rafBML4EP0EuT6cBcaY/8=",
"owner": "jeslie0",
"repo": "elm-watch",
"rev": "2f1c6c0e69b163c15e2ce66f543c38021b2a0ea3",
"type": "github"
},
"original": {
"owner": "jeslie0",
"repo": "elm-watch",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
@ -119,6 +211,24 @@
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1756770412,
"narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "4524271976b625a4a605beefd893f270620fd751",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_3": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_2"
},
"locked": {
"lastModified": 1754091436,
"narHash": "sha256-XKqDMN1/Qj1DKivQvscI4vmHfDfvYR2pfuFOJiCeewM=",
@ -133,7 +243,7 @@
"type": "github"
}
},
"flake-parts_3": {
"flake-parts_4": {
"inputs": {
"nixpkgs-lib": [
"nur",
@ -154,6 +264,24 @@
"type": "github"
}
},
"flake-parts_5": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_3"
},
"locked": {
"lastModified": 1759362264,
"narHash": "sha256-wfG0S7pltlYyZTM+qqlhJ7GMw2fTF4mLKCIVhLii/4M=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "758cf7296bee11f1706a574c77d072b8a7baa881",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems_3"
@ -673,6 +801,28 @@
"type": "github"
}
},
"linkpage": {
"inputs": {
"flake-parts": "flake-parts_2",
"mkElmDerivation": "mkElmDerivation",
"nixpkgs": "nixpkgs_2",
"nixpkgs-stable": "nixpkgs-stable",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1762929110,
"narHash": "sha256-MZXAaL2gJJhFMk8eg3reeVGXcLucvQrNhwCmxIbGV3U=",
"ref": "refs/heads/main",
"rev": "fc1f9a7ba28370a1fcb63ed2917e9a053f9c1480",
"revCount": 56,
"type": "git",
"url": "ssh://git@gitlab.com/uprootnutrition/linkpage.git"
},
"original": {
"type": "git",
"url": "ssh://git@gitlab.com/uprootnutrition/linkpage.git"
}
},
"lix": {
"flake": false,
"locked": {
@ -732,6 +882,46 @@
"type": "github"
}
},
"mkElmDerivation": {
"inputs": {
"elm-spa": "elm-spa",
"elm-watch": "elm-watch",
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1762652710,
"narHash": "sha256-fTprY2KP2IW9SR1+8fWhQecA+CZ3+koNIQg608h+NhY=",
"owner": "jeslie0",
"repo": "mkElmDerivation",
"rev": "2e13a2a1c550d0a30c3672798779a8ce1a989e00",
"type": "github"
},
"original": {
"owner": "jeslie0",
"repo": "mkElmDerivation",
"type": "github"
}
},
"mkElmDerivation_2": {
"inputs": {
"elm-spa": "elm-spa_2",
"elm-watch": "elm-watch_2",
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1759023814,
"narHash": "sha256-uBmxzIRNLyW69/mOkSkbSTmuQG/zu68dNEnt0xTiYzs=",
"owner": "jeslie0",
"repo": "mkElmDerivation",
"rev": "f2b9966af4a7965cd47ac707ab81aeef9a8a3fa6",
"type": "github"
},
"original": {
"owner": "jeslie0",
"repo": "mkElmDerivation",
"type": "github"
}
},
"niri": {
"inputs": {
"niri-stable": "niri-stable",
@ -739,7 +929,7 @@
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable",
"nixpkgs-stable": "nixpkgs-stable_2",
"xwayland-satellite-stable": "xwayland-satellite-stable",
"xwayland-satellite-unstable": "xwayland-satellite-unstable"
},
@ -793,7 +983,7 @@
"nixcord": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-parts": "flake-parts_2",
"flake-parts": "flake-parts_3",
"nixpkgs": [
"nixpkgs"
]
@ -814,21 +1004,36 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1761907660,
"narHash": "sha256-kJ8lIZsiPOmbkJypG+B5sReDXSD1KGu2VEPNqhRa/ew=",
"owner": "NixOS",
"lastModified": 1696757521,
"narHash": "sha256-cfgtLNCBLFx2qOzRLI6DHfqTdfWI+UbvsKYa3b3fvaA=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "2fb006b87f04c4d3bdf08cfdbc7fab9c13d94a15",
"rev": "2646b294a146df2781b1ca49092450e8a32814e1",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1754788789,
"narHash": "sha256-x2rJ+Ovzq0sCMpgfgGaaqgBSwY+LST+WbZ6TytnT9Rk=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "a73b9c743612e4244d865a2fdee11865283c04e6",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-lib_2": {
"locked": {
"lastModified": 1753579242,
"narHash": "sha256-zvaMGVn14/Zz8hnp4VWT9xVnhc8vuL3TStRqwk22biA=",
@ -843,13 +1048,28 @@
"type": "github"
}
},
"nixpkgs-lib_3": {
"locked": {
"lastModified": 1754788789,
"narHash": "sha256-x2rJ+Ovzq0sCMpgfgGaaqgBSwY+LST+WbZ6TytnT9Rk=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "a73b9c743612e4244d865a2fdee11865283c04e6",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1761999846,
"narHash": "sha256-IYlYnp4O4dzEpL77BD/lj5NnJy2J8qbHkNSFiPBCbqo=",
"lastModified": 1762756533,
"narHash": "sha256-HiRDeUOD1VLklHeOmaKDzf+8Hb7vSWPVFcWwaTrpm+U=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3de8f8d73e35724bf9abef41f1bdbedda1e14a31",
"rev": "c2448301fb856e351aab33e64c33a3fc8bcf637d",
"type": "github"
},
"original": {
@ -875,9 +1095,215 @@
"type": "github"
}
},
"nixpkgs-stable_3": {
"locked": {
"lastModified": 1761999846,
"narHash": "sha256-IYlYnp4O4dzEpL77BD/lj5NnJy2J8qbHkNSFiPBCbqo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3de8f8d73e35724bf9abef41f1bdbedda1e14a31",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable_4": {
"locked": {
"lastModified": 1759281824,
"narHash": "sha256-FIBE1qXv9TKvSNwst6FumyHwCRH3BlWDpfsnqRDCll0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5b5be50345d4113d04ba58c444348849f5585b4a",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1758690382,
"narHash": "sha256-NY3kSorgqE5LMm1LqNwGne3ZLMF2/ILgLpFr1fS4X3o=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e643668fd71b949c53f8626614b21ff71a07379d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1754340878,
"narHash": "sha256-lgmUyVQL9tSnvvIvBp7x1euhkkCho7n3TMzgjdvgPoU=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "cab778239e705082fe97bb4990e0d24c50924c04",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1761907660,
"narHash": "sha256-kJ8lIZsiPOmbkJypG+B5sReDXSD1KGu2VEPNqhRa/ew=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "2fb006b87f04c4d3bdf08cfdbc7fab9c13d94a15",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1696757521,
"narHash": "sha256-cfgtLNCBLFx2qOzRLI6DHfqTdfWI+UbvsKYa3b3fvaA=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "2646b294a146df2781b1ca49092450e8a32814e1",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1759036355,
"narHash": "sha256-0m27AKv6ka+q270dw48KflE0LwQYrO7Fm4/2//KCVWg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e9f00bd893984bc8ce46c895c3bf7cac95331127",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_7": {
"locked": {
"lastModified": 1754340878,
"narHash": "sha256-lgmUyVQL9tSnvvIvBp7x1euhkkCho7n3TMzgjdvgPoU=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "cab778239e705082fe97bb4990e0d24c50924c04",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"npm-fix": {
"inputs": {
"nixpkgs": [
"linkpage",
"mkElmDerivation",
"elm-watch",
"nixpkgs"
]
},
"locked": {
"lastModified": 1706304213,
"narHash": "sha256-XN9ESRSOANR0iFbEMMY1C1jvgZlYJsXQYVAHxxRmn+c=",
"owner": "jeslie0",
"repo": "npm-lockfile-fix",
"rev": "e9851274afa12b04d98e694ed089aa9cde8d7349",
"type": "github"
},
"original": {
"owner": "jeslie0",
"repo": "npm-lockfile-fix",
"type": "github"
}
},
"npm-fix_2": {
"inputs": {
"nixpkgs": [
"upRootNutrition",
"mkElmDerivation",
"elm-watch",
"nixpkgs"
]
},
"locked": {
"lastModified": 1706304213,
"narHash": "sha256-XN9ESRSOANR0iFbEMMY1C1jvgZlYJsXQYVAHxxRmn+c=",
"owner": "jeslie0",
"repo": "npm-lockfile-fix",
"rev": "e9851274afa12b04d98e694ed089aa9cde8d7349",
"type": "github"
},
"original": {
"owner": "jeslie0",
"repo": "npm-lockfile-fix",
"type": "github"
}
},
"npmlock2nix": {
"flake": false,
"locked": {
"lastModified": 1673447413,
"narHash": "sha256-sJM82Sj8yfQYs9axEmGZ9Evzdv/kDcI9sddqJ45frrU=",
"owner": "nix-community",
"repo": "npmlock2nix",
"rev": "9197bbf397d76059a76310523d45df10d2e4ca81",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "npmlock2nix",
"type": "github"
}
},
"npmlock2nix_2": {
"flake": false,
"locked": {
"lastModified": 1673447413,
"narHash": "sha256-sJM82Sj8yfQYs9axEmGZ9Evzdv/kDcI9sddqJ45frrU=",
"owner": "nix-community",
"repo": "npmlock2nix",
"rev": "9197bbf397d76059a76310523d45df10d2e4ca81",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "npmlock2nix",
"type": "github"
}
},
"nur": {
"inputs": {
"flake-parts": "flake-parts_3",
"flake-parts": "flake-parts_4",
"nixpkgs": [
"nixpkgs"
]
@ -971,19 +1397,21 @@
"hyprland": "hyprland",
"hyprland-portal": "hyprland-portal",
"impermanence": "impermanence",
"linkpage": "linkpage",
"lix": "lix",
"lix-module": "lix-module",
"microvm": "microvm",
"niri": "niri",
"nixcord": "nixcord",
"nixpkgs": "nixpkgs",
"nixpkgs-stable": "nixpkgs-stable_2",
"nixpkgs": "nixpkgs_4",
"nixpkgs-stable": "nixpkgs-stable_3",
"nur": "nur",
"plasma-manager": "plasma-manager",
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
"sops-nix": "sops-nix",
"systems": "systems_5",
"treefmt-nix": "treefmt-nix",
"treefmt-nix": "treefmt-nix_2",
"upRootNutrition": "upRootNutrition",
"waybar": "waybar",
"wpaperd": "wpaperd"
}
@ -1136,6 +1564,24 @@
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1758728421,
"narHash": "sha256-ySNJ008muQAds2JemiyrWYbwbG+V7S5wg3ZVKGHSFu8=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "5eda4ee8121f97b218f7cc73f5172098d458f1d1",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"treefmt-nix_2": {
"inputs": {
"nixpkgs": [
"nixpkgs"
@ -1155,6 +1601,46 @@
"type": "github"
}
},
"treefmt-nix_3": {
"inputs": {
"nixpkgs": "nixpkgs_7"
},
"locked": {
"lastModified": 1758728421,
"narHash": "sha256-ySNJ008muQAds2JemiyrWYbwbG+V7S5wg3ZVKGHSFu8=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "5eda4ee8121f97b218f7cc73f5172098d458f1d1",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"upRootNutrition": {
"inputs": {
"flake-parts": "flake-parts_5",
"mkElmDerivation": "mkElmDerivation_2",
"nixpkgs": "nixpkgs_6",
"nixpkgs-stable": "nixpkgs-stable_4",
"treefmt-nix": "treefmt-nix_3"
},
"locked": {
"lastModified": 1761538643,
"narHash": "sha256-467x2JQVdMGnCuAn0Ci2MnRMYg7UwGtYywdI4Tyz4A8=",
"ref": "refs/heads/main",
"rev": "ab8a9b6ed63be60c3fd2f49ea2add13a40790c51",
"revCount": 255,
"type": "git",
"url": "ssh://git@gitlab.com/uprootnutrition/website.git"
},
"original": {
"type": "git",
"url": "ssh://git@gitlab.com/uprootnutrition/website.git"
}
},
"waybar": {
"inputs": {
"flake-compat": "flake-compat_4",

12
flake.nix
View file

@ -75,12 +75,12 @@
url = "github:microvm-nix/microvm.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
# upRootNutrition = {
# url = "git+ssh://git@gitlab.com/uprootnutrition/website.git";
# };
# linkpage = {
# url = "git+ssh://git@gitlab.com/uprootnutrition/linkpage.git";
# };
upRootNutrition = {
url = "git+ssh://git@gitlab.com/uprootnutrition/website.git";
};
linkpage = {
url = "git+ssh://git@gitlab.com/uprootnutrition/linkpage.git";
};
# filesorter = {
# url = "git+ssh://git@gitlab.com/uprootnutrition/filesorter.git";
# inputs.nixpkgs.follows = "nixpkgs";

39
modules/config/instances/config/projectSite.nix
View file

@ -1,31 +1,46 @@
{ moduleFunctions }:
let
inherit (moduleFunctions.instancesFunctions)
sslPath
sopsPath
domain0
varPath
mntPath
;
label = "projectSite";
label = "ProjectSite";
name = "projectsite";
domain = "${name}.${domain0}";
in
{
label = label;
name = name;
short = "Project";
sops = {
path0 = "${sopsPath}/${name}";
email = {
address0 = "noreply@${domain0}";
};
domains = {
url0 = domain;
};
tags = [
"project"
];
paths = {
path0 = "/var/lib/projectsite/dist";
};
subdomain = name;
ports = {
port0 = 1334;
};
ssl = {
cert = sslPath;
key = sslPath;
interface = {
id = "vm-project";
mac = "02:00:00:00:52:22";
idUser = "vmuser-project";
macUser = "02:00:00:00:00:22";
ip = "192.168.50.212";
gate = "192.168.50.1";
ssh = 2299;
};
varPaths = {
path0 = "${varPath}/${name}";
path1 = "${varPath}/${name}/dist";
};
mntPaths = {
path0 = "${mntPath}/${name}";
};
}

37
modules/config/instances/config/upRootNutrition.nix
View file

@ -2,13 +2,15 @@
let
inherit (moduleFunctions.instancesFunctions)
domain1
varPath
mntPath
sslPath
sopsPath
;
label = "upRootNutrition";
name = "uprootnutrition";
ssl = "${sslPath}/${domain1}";
in
{
label = label;
name = name;
@ -16,9 +18,6 @@ in
email = {
address0 = "nick@${domain1}";
};
sops = {
path0 = "${sopsPath}/${name}";
};
domains = {
url0 = domain1;
};
@ -26,16 +25,26 @@ in
name
"blog"
];
paths = {
path0 = "/var/lib/website/dist";
path1 = "";
path2 = "";
};
ports = {
port0 = 1234;
interface = {
id = "vm-uproot";
mac = "02:00:00:00:52:21";
idUser = "vmuser-uproot";
macUser = "02:00:00:00:00:21";
ip = "192.168.50.211";
gate = "192.168.50.1";
ssh = 2300;
};
ssl = {
cert = "${sslPath}/${domain1}/fullchain.pem";
key = "${sslPath}/${domain1}/key.pem";
path = ssl;
cert = "${ssl}/fullchain.pem";
key = "${ssl}/key.pem";
};
varPaths = {
path0 = "${varPath}/${name}";
};
mntPaths = {
path0 = "${mntPath}/${name}";
};
}

4
modules/nixos/default.nix
View file

@ -62,12 +62,12 @@ in
# minecraft
# ollamaCeres
# postgresCeres
# projectSite
projectSite
# prompter
sambaCeres
# searx
vaultwarden
# website
website
# zookeeper
;
};

24
modules/nixos/guests/mastodon/default.nix
View file

@ -124,8 +124,9 @@ in
caddy = {
enable = true;
virtualHosts = {
"${serviceCfg.interface.ip}" = {
":80" = {
extraConfig = ''
# Remove the outer http:// block wrapper
handle_path /system/* {
file_server * {
root /var/lib/mastodon/public-system
@ -198,6 +199,27 @@ in
systemd = {
services = {
systemd-networkd.wantedBy = [ "multi-user.target" ];
mastodon-web.wantedBy = [ "multi-user.target" ];
mastodon-streaming-1.wantedBy = [ "multi-user.target" ];
mastodon-streaming-2.wantedBy = [ "multi-user.target" ];
mastodon-streaming-3.wantedBy = [ "multi-user.target" ];
mastodon-streaming-4.wantedBy = [ "multi-user.target" ];
mastodon-streaming-5.wantedBy = [ "multi-user.target" ];
mastodon-streaming-6.wantedBy = [ "multi-user.target" ];
mastodon-streaming-7.wantedBy = [ "multi-user.target" ];
mastodon-sidekiq-all.wantedBy = [ "multi-user.target" ];
mastodon-sidekiq-default.wantedBy = [ "multi-user.target" ];
mastodon-sidekiq-ingress.wantedBy = [ "multi-user.target" ];
mastodon-sidekiq-mailers.wantedBy = [ "multi-user.target" ];
mastodon-sidekiq-push-pull.wantedBy = [ "multi-user.target" ];
mastodon-init-db = {
environment = {
DISABLE_BOOTSNAP = "1";
};
serviceConfig = {
TimeoutStartSec = "10min";
};
};
copy-secrets-to-tmpfs = {
description = "Copy secrets from virtiofs to tmpfs";
wantedBy = [ "multi-user.target" ];

2
modules/nixos/guests/midnight/default.nix
View file

@ -38,7 +38,7 @@ in
config =
let
macAddress = "02:00:00:00:00:${macOctet}";
workers = deviceLogic 45 4 16 6;
workers = deviceLogic 45 4 18 6;
in
{
environment.systemPackages = [

94
modules/nixos/guests/projectSite/default.nix Executable file
View file

@ -0,0 +1,94 @@
{
config,
flake,
pkgs,
...
}:
let
inherit (flake.config.people) user0;
inherit (flake.config.services) instances;
serviceCfg = instances.projectSite;
host = flake.inputs.linkpage.secrets.domains.projectsite;
websitePkg = flake.inputs.linkpage.packages.${pkgs.system}.websiteFrontend;
in
{
systemd.tmpfiles.rules = [
"d ${serviceCfg.mntPaths.path0} 0755 microvm wheel - -"
];
microvm.vms.${serviceCfg.name} = {
autostart = true;
config = {
system.stateVersion = "25.05";
networking.firewall.allowedTCPPorts = [
22
8080
];
services.openssh = {
enable = true;
settings.PasswordAuthentication = false;
};
environment.etc."website".source = websitePkg;
users.users.root.openssh.authorizedKeys.keys = flake.config.people.users.${user0}.sshKeys;
systemd = {
network = {
enable = true;
networks."10-enp" = {
matchConfig.Name = "enp0s3";
addresses = [ { Address = "${serviceCfg.interface.ip}/24"; } ];
gateway = [ serviceCfg.interface.gate ];
};
};
services.website = {
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
ExecStart = "${pkgs.miniserve}/bin/miniserve /etc/website --index index.html -p 8080";
Restart = "always";
};
};
};
microvm = {
vcpu = 2;
mem = 3072;
hypervisor = "qemu";
interfaces = [
{
type = "tap";
id = serviceCfg.interface.id;
mac = serviceCfg.interface.mac;
}
];
shares = [
{
source = "/nix/store";
mountPoint = "/nix/.ro-store";
tag = "ro-store";
proto = "virtiofs";
}
];
};
};
};
# Host Caddy
services.caddy = {
enable = true;
virtualHosts.${host}.extraConfig = ''
reverse_proxy ${serviceCfg.interface.ip}:8080
'';
};
# ACME cert
security.acme.certs.${host} = {
dnsProvider = instances.web.dns.provider1;
environmentFile = config.sops.secrets."dns/${instances.web.dns.provider1}".path;
};
}

97
modules/nixos/guests/website/default.nix Executable file
View file

@ -0,0 +1,97 @@
{
config,
flake,
pkgs,
...
}:
let
inherit (flake.config.people) user0;
inherit (flake.config.services) instances;
serviceCfg = instances.upRootNutrition;
host = serviceCfg.domains.url0;
websitePkg = flake.inputs.upRootNutrition.packages.${pkgs.system}.websiteFrontend;
in
{
microvm.vms.${serviceCfg.name} = {
autostart = true;
config = {
system.stateVersion = "25.05";
networking.firewall.allowedTCPPorts = [
22
8080
];
services.openssh = {
enable = true;
settings.PasswordAuthentication = false;
};
environment.etc."website".source = websitePkg;
users.users.root.openssh.authorizedKeys.keys = flake.config.people.users.${user0}.sshKeys;
systemd = {
network = {
enable = true;
networks."10-enp" = {
matchConfig.Name = "enp0s3";
addresses = [
{ Address = "${serviceCfg.interface.ip}/24"; }
];
gateway = [ serviceCfg.interface.gate ];
};
};
services.website = {
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
ExecStart = "${pkgs.miniserve}/bin/miniserve /etc/website --index index.html -p 8080";
Restart = "always";
};
};
};
microvm = {
vcpu = 2;
mem = 3072;
hypervisor = "qemu";
interfaces = [
{
type = "tap";
id = serviceCfg.interface.id;
mac = serviceCfg.interface.mac;
}
];
shares = [
{
source = "/nix/store";
mountPoint = "/nix/.ro-store";
tag = "ro-store";
proto = "virtiofs";
}
];
};
};
};
services.caddy = {
enable = true;
virtualHosts.${host}.extraConfig = ''
reverse_proxy ${serviceCfg.interface.ip}:8080
tls ${serviceCfg.ssl.cert} ${serviceCfg.ssl.key}
'';
};
security.acme.certs.${host} = {
dnsProvider = instances.web.dns.provider0;
environmentFile = config.sops.secrets."dns/${instances.web.dns.provider0}".path;
};
systemd.tmpfiles.rules = [
"d ${serviceCfg.mntPaths.path0} 0755 microvm wheel - -"
];
}

33
modules/nixos/services/projectSite/default.nix
View file

@ -1,33 +0,0 @@
{ flake, config, ... }:
let
inherit (flake.config.services.instances)
projectSite
;
service = projectSite;
host = flake.inputs.linkpage.secrets.domains.projectsite;
in
{
services = {
caddy = {
virtualHosts = {
"${host}" = {
extraConfig = ''
root * ${service.paths.path0}
file_server
encode gzip
try_files {path} /index.html
tls ${service.ssl.cert}/${host}/fullchain.pem ${service.ssl.key}/${host}/key.pem
'';
};
};
};
};
systemd.tmpfiles.rules = [
"Z ${service.paths.path0} 755 caddy caddy -"
];
}

32
modules/nixos/services/website/default.nix
View file

@ -1,32 +0,0 @@
{ flake, pkgs, ... }:
let
inherit (flake.config.services.instances)
upRootNutrition
web
;
service = upRootNutrition;
host = web.domains.url1;
websitePkg = flake.inputs.upRootNutrition.packages.${pkgs.system}.websiteFrontend;
in
{
services = {
caddy = {
virtualHosts = {
"${host}" = {
extraConfig = ''
root * ${websitePkg}
file_server
encode gzip
try_files {path} /index.html
tls ${service.ssl.cert} ${service.ssl.key}
'';
};
};
};
};
}