root/flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fmt

Browse source
This commit is contained in:
root 2025-11-09 23:35:16 +00:00
parent f418e5ec19
commit bfc55f27f3
9 changed files with 60 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

4
flake.nix
View file

@ -25,11 +25,11 @@
nixosConfigurations = {
distrust = lib.nixosSystem {
system = "x86_64-linux";
modules = [./system/distrust ./services/distrust ./helpers/services.nix nixos-mailserver.nixosModules.default agenix.nixosModules.default { networking.hostName = "distrust"; }];
modules = [./system/distrust ./services/distrust ./helpers/services.nix nixos-mailserver.nixosModules.default agenix.nixosModules.default {networking.hostName = "distrust";}];
};
distrust-mini = lib.nixosSystem {
system = "x86_64-linux";
modules = [./system/distrust-mini ./services/distrust-mini ./helpers/services.nix { networking.hostName = "distrust-mini"; }];
modules = [./system/distrust-mini ./services/distrust-mini ./helpers/services.nix {networking.hostName = "distrust-mini";}];
};
};
};

2
helpers/services.nix
View file

@ -140,7 +140,7 @@ in {
else []
)
];
readWritePaths = lib.mkIf (dump != null) [ "/var/backup/postgres/" ];
readWritePaths = lib.mkIf (dump != null) ["/var/backup/postgres/"];
preHook = lib.mkIf (dump != null) ''
mkdir -p /var/backup/postgres
${pkgs.sudo}/bin/sudo -u postgres ${pkgs.postgresql}/bin/pg_dump ${dump} > /var/backup/postgres/${key}.sql

2
services/distrust-mini/default.nix
View file

@ -6,5 +6,5 @@
./tor.nix
# Status page in diff. data center for redundancy/resilience
./uptime-kuma.nix
]
];
}

3
services/distrust-mini/uptime-kuma.nix
View file

@ -1,7 +1,6 @@
let
kumaPort = 3001;
in
{
in {
services.uptime-kuma = {
enable = true;
settings = {

2
services/distrust/lldap.nix
View file

@ -43,6 +43,6 @@ in {
# Creates a group for the LLDAP DynamicUser to read the secret
users.groups.lldap-secrets = {};
systemd.services.lldap.serviceConfig = {
SupplementaryGroups = [ "lldap-secrets" ];
SupplementaryGroups = ["lldap-secrets"];
};
}

15
system/distrust/hardware-configuration.nix
View file

@ -1,9 +1,10 @@
{ modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
{modulesPath, ...}: {
imports = [(modulesPath + "/profiles/qemu-guest.nix")];
boot.loader.grub.device = "/dev/sda";
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi"];
boot.initrd.kernelModules = ["nvme"];
fileSystems."/" = {
device = "/dev/sda1";
fsType = "ext4";
};
}

35
system/distrust/networking.nix
View file

@ -1,8 +1,9 @@
{ lib, ... }: {
{lib, ...}: {
# This file was populated at runtime with the networking
# details gathered from the active system.
networking = {
nameservers = [ "2a01:4ff:ff00::add:2"
nameservers = [
"2a01:4ff:ff00::add:2"
"2a01:4ff:ff00::add:1"
"185.12.64.2"
];
@ -16,16 +17,34 @@
interfaces = {
eth0 = {
ipv4.addresses = [
{ address="95.217.161.66"; prefixLength=32; }
{
address = "95.217.161.66";
prefixLength = 32;
}
];
ipv6.addresses = [
{ address="2a01:4f9:c012:215b::1"; prefixLength=64; }
{ address="fe80::9000:6ff:feb6:58bb"; prefixLength=64; }
{
address = "2a01:4f9:c012:215b::1";
prefixLength = 64;
}
{
address = "fe80::9000:6ff:feb6:58bb";
prefixLength = 64;
}
];
ipv4.routes = [
{
address = "172.31.1.1";
prefixLength = 32;
}
];
ipv6.routes = [
{
address = "fe80::1";
prefixLength = 128;
}
];
ipv4.routes = [ { address = "172.31.1.1"; prefixLength = 32; } ];
ipv6.routes = [ { address = "fe80::1"; prefixLength = 128; } ];
};
};
};
services.udev.extraRules = ''