Compare commits

...

11 commits

Author SHA1 Message Date
281ad152d6
remove nixpkgs-unstable
the current version of woodpecker-server in stable now has the features this was original used for, not other usages of unstable are in tree left so removing it.
2024-11-12 19:55:48 +01:00
39b73b0926
format files with nix fmt 2024-11-12 19:54:46 +01:00
1283d7664f
make use of nixosModules output 2024-11-12 19:54:46 +01:00
4978ffc758
move overlay to overlays output 2024-11-12 19:54:46 +01:00
fi
c84d9e7d0a
Update element to 1.11.84 2024-11-11 02:43:08 +01:00
33b2cbf5d0
flake.lock: Update
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/38edd08881ce4dc24056eec173b43587a93c990f' (2024-11-01)
  → 'github:nixos/nixpkgs/11f65b4b0405cff5b54c813626bddcf5435d7ad2' (2024-11-09)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/ab464abbeb3a2833288c6e907488c49c2e599f88' (2024-11-01)
  → 'github:nixos/nixpkgs/8aed22ecd71e5b67e5299efae8b9dc580dec711c' (2024-11-10)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/1666d16426abe79af5c47b7c0efa82fd31bf4c56' (2024-10-27)
  → 'github:Mic92/sops-nix/f1675e3b0e1e663a4af49be67ecbc9e749f85eb7' (2024-11-10)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/cd3e8833d70618c4eea8df06f95b364b016d4950' (2024-10-26)
  → 'github:NixOS/nixpkgs/3c2f1c4ca372622cb2f9de8016c9a0b1cbd0f37c' (2024-11-03)
2024-11-10 23:14:58 +01:00
afb4fc71ce
Update infrastructure-authorized-keys rev 2024-11-10 23:10:50 +01:00
1fcd8c6421
fix typo and writing improvement 2024-11-10 20:18:59 +01:00
ff1a12846a
Add how to generate the NixOS Proxmox VE templates 2024-11-10 20:18:59 +01:00
2ba371f8cd
git: disable making org users auto watch new repos on creation
Also explicitly disable making users auto watch repos after their first
commit to it.
2024-11-10 19:38:05 +01:00
c8e7bd1ccf
git: enable sending of e-mails to watchers of repositories 2024-11-10 19:26:26 +01:00
24 changed files with 165 additions and 164 deletions

View file

@ -62,3 +62,14 @@ This is exactly what we're doing to set the default deployment user to `colmena-
}; };
``` ```
This secret would then be available under `/run/secrets/forgejo_git_smtp_password` on the host. This secret would then be available under `/run/secrets/forgejo_git_smtp_password` on the host.
## Build NixOS Proxmox VE Template
Build a new NixOS Proxmox VE Template for the thinkcccore's:
```shell
nix build .#proxmox-nixos-template
```
Build a new NixOS Proxmox VE Template for the chaosknoten:
```shell
nix build .#proxmox-chaosknoten-nixos-template
```

View file

@ -11,8 +11,8 @@
let let
authorizedKeysRepo = pkgs.fetchgit { authorizedKeysRepo = pkgs.fetchgit {
url = "https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys"; url = "https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys";
rev = "b6a29dc7af0a45a8c0b4904290c7cb0c5bc51413"; rev = "686a6af22f6696f0c0595c56f463c078550049fc";
hash = "sha256-c0aH0wQeJtfXJG5wAbS6aO8yILLI1NNkFAHAeOm8RXA="; hash = "sha256-plTYjM6zPzoBE/dp6EUrk9mCqmab278p8FqBCTX8Grc=";
}; };
authorizedKeys = builtins.filter (item: item != "") (lib.strings.splitString "\n" (builtins.readFile "${authorizedKeysRepo}/authorized_keys")); authorizedKeys = builtins.filter (item: item != "") (lib.strings.splitString "\n" (builtins.readFile "${authorizedKeysRepo}/authorized_keys"));
in in

View file

@ -21,7 +21,8 @@ let
app = "dokuwiki"; app = "dokuwiki";
domain = "eh22.easterhegg.eu"; domain = "eh22.easterhegg.eu";
dataDir = "/srv/www/${domain}"; dataDir = "/srv/www/${domain}";
in { in
{
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d ${dataDir} 0755 ${app} ${app}" "d ${dataDir} 0755 ${app} ${app}"
]; ];
@ -76,7 +77,7 @@ in {
default = true; default = true;
enableACME = true; enableACME = true;
serverName = "${domain}"; serverName = "${domain}";
listen = [ listen = [
{ {
addr = "0.0.0.0"; addr = "0.0.0.0";

View file

@ -45,6 +45,9 @@
DEFAULT_USER_VISIBILITY = "limited"; DEFAULT_USER_VISIBILITY = "limited";
DEFAULT_KEEP_EMAIL_PRIVATE = true; DEFAULT_KEEP_EMAIL_PRIVATE = true;
ENABLE_BASIC_AUTHENTICATION = false; ENABLE_BASIC_AUTHENTICATION = false;
ENABLE_NOTIFY_MAIL = true;
AUTO_WATCH_NEW_REPOS = false;
AUTO_WATCH_ON_CHANGES = false;
}; };
repo = { repo = {
DEFAULT_REPO_UNITS = "repo.code,repo.issues,repo.pulls"; DEFAULT_REPO_UNITS = "repo.code,repo.issues,repo.pulls";

View file

@ -1,10 +1,10 @@
{ ... }: { ... }:
{ {
networking = { networking = {
hostName = "mqtt"; hostName = "mqtt";
domain = "z9.ccchh.net"; domain = "z9.ccchh.net";
}; };
system.stateVersion = "23.11"; system.stateVersion = "23.11";
} }

View file

@ -1,9 +1,9 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
imports = [ imports = [
./configuration.nix ./configuration.nix
./networking.nix ./networking.nix
./mosquitto.nix ./mosquitto.nix
]; ];
} }

View file

@ -5,29 +5,29 @@
{ ... }: { ... }:
{ {
services.mosquitto = { services.mosquitto = {
enable = true; enable = true;
persistence = true; persistence = true;
# set config for all listeners # set config for all listeners
listeners = [ { listeners = [{
settings.allow_anonymous = true; settings.allow_anonymous = true;
omitPasswordAuth = true; omitPasswordAuth = true;
acl = ["topic readwrite #"]; acl = [ "topic readwrite #" ];
} ]; }];
bridges.winkekatz = { bridges.winkekatz = {
addresses = [ addresses = [
{ address = "mqtt.winkekatze24.de"; } { address = "mqtt.winkekatze24.de"; }
]; ];
topics = [ topics = [
"winkekatze/allcats/eye/set in 2" "winkekatze/allcats/eye/set in 2"
"winkekatze/allcats in 2" "winkekatze/allcats in 2"
"+/status out 2 winkekatze/ \"\"" "+/status out 2 winkekatze/ \"\""
"+/connected out 2 winkekatze/ \"\"" "+/connected out 2 winkekatze/ \"\""
]; ];
};
}; };
};
networking.firewall.allowedTCPPorts = [ 1883 ]; networking.firewall.allowedTCPPorts = [ 1883 ];
} }

View file

@ -26,7 +26,7 @@
}; };
yuri = { yuri = {
isNormalUser = true; isNormalUser = true;
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDdk3FLQRoCWxdOxg4kHcPqAu3QQOs/rY9na2Al2ilGl yuri@violet" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDdk3FLQRoCWxdOxg4kHcPqAu3QQOs/rY9na2Al2ilGl yuri@violet"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJEvM35w+UaSpDTuaG5pGPgfHcfwscr+wSZN9Z5Jle82 yuri@kiara" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJEvM35w+UaSpDTuaG5pGPgfHcfwscr+wSZN9Z5Jle82 yuri@kiara"
]; ];

View file

@ -1,10 +1,10 @@
{ pkgs, ... }: { pkgs, ... }:
let let
elementWebVersion = "1.11.80"; elementWebVersion = "1.11.84";
element-web = pkgs.fetchzip { element-web = pkgs.fetchzip {
url = "https://github.com/vector-im/element-web/releases/download/v${elementWebVersion}/element-v${elementWebVersion}.tar.gz"; url = "https://github.com/vector-im/element-web/releases/download/v${elementWebVersion}/element-v${elementWebVersion}.tar.gz";
sha256 = "sha256-sudWmNehxGsbZTNirTkoWQ/Bln1DC1CI30wocw9VoH8="; sha256 = "sha256-z2qaKKyUq2S/r3xUUU3ym0FgFbiQr6bcltuKvUMPbH4=";
}; };
elementSecurityHeaders = '' elementSecurityHeaders = ''
# Configuration best practices # Configuration best practices

View file

@ -4,7 +4,8 @@ let
domain = "hacker.tours"; domain = "hacker.tours";
dataDir = "/var/www/${domain}"; dataDir = "/var/www/${domain}";
deployUser = "hackertours-website-deploy"; deployUser = "hackertours-website-deploy";
in { in
{
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
"acme-${domain}" = { "acme-${domain}" = {
enableACME = true; enableACME = true;

View file

@ -4,7 +4,8 @@ let
domain = "hackertours.hamburg.ccc.de"; domain = "hackertours.hamburg.ccc.de";
dataDir = "/var/www/${domain}"; dataDir = "/var/www/${domain}";
deployUser = "ht-ccchh-website-deploy"; deployUser = "ht-ccchh-website-deploy";
in { in
{
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
"acme-${domain}" = { "acme-${domain}" = {
enableACME = true; enableACME = true;

View file

@ -1,4 +1,4 @@
{...}: { ... }:
{ {
imports = [ imports = [
@ -9,4 +9,4 @@
./eh11.nix ./eh11.nix
./eh20.nix ./eh20.nix
]; ];
} }

View file

@ -6,7 +6,7 @@ let
rev = "74977c56486cd060566bf06678a936e801952f9e"; rev = "74977c56486cd060566bf06678a936e801952f9e";
hash = "sha256-ded/NO+Jex2Sa4yWAIRpqANsv8i0vKmJSkM5r9KxaVk="; hash = "sha256-ded/NO+Jex2Sa4yWAIRpqANsv8i0vKmJSkM5r9KxaVk=";
}; };
in in
{ {
security.acme.certs."eh03.easterhegg.eu".extraDomainNames = [ security.acme.certs."eh03.easterhegg.eu".extraDomainNames = [
"eh2003.hamburg.ccc.de" "eh2003.hamburg.ccc.de"
@ -48,7 +48,7 @@ in
}]; }];
locations."/".return = "302 https://eh03.easterhegg.eu"; locations."/".return = "302 https://eh03.easterhegg.eu";
extraConfig = '' extraConfig = ''
# Make use of the ngx_http_realip_module to set the $remote_addr and # Make use of the ngx_http_realip_module to set the $remote_addr and
# $remote_port to the client address and client port, when using proxy # $remote_port to the client address and client port, when using proxy

View file

@ -48,7 +48,7 @@ in
}]; }];
locations."/".return = "302 https://eh05.easterhegg.eu"; locations."/".return = "302 https://eh05.easterhegg.eu";
extraConfig = '' extraConfig = ''
# Make use of the ngx_http_realip_module to set the $remote_addr and # Make use of the ngx_http_realip_module to set the $remote_addr and
# $remote_port to the client address and client port, when using proxy # $remote_port to the client address and client port, when using proxy
@ -60,7 +60,7 @@ in
real_ip_header proxy_protocol; real_ip_header proxy_protocol;
''; '';
}; };
"eh05.easterhegg.eu" = { "eh05.easterhegg.eu" = {
forceSSL = true; forceSSL = true;
useACMEHost = "eh05.easterhegg.eu"; useACMEHost = "eh05.easterhegg.eu";
@ -71,7 +71,7 @@ in
ssl = true; ssl = true;
proxyProtocol = true; proxyProtocol = true;
}]; }];
locations."/" = { locations."/" = {
index = "index.shtml"; index = "index.shtml";
root = eh05; root = eh05;
@ -80,7 +80,7 @@ in
default_type text/html; default_type text/html;
# Enable SSI # Enable SSI
ssi on; ssi on;
''; '';
}; };
extraConfig = '' extraConfig = ''

View file

@ -54,7 +54,7 @@ in
}]; }];
locations."/".return = "302 https://eh07.easterhegg.eu"; locations."/".return = "302 https://eh07.easterhegg.eu";
extraConfig = '' extraConfig = ''
# Make use of the ngx_http_realip_module to set the $remote_addr and # Make use of the ngx_http_realip_module to set the $remote_addr and
# $remote_port to the client address and client port, when using proxy # $remote_port to the client address and client port, when using proxy
@ -86,7 +86,7 @@ in
default_type text/html; default_type text/html;
# Enable SSI # Enable SSI
ssi on; ssi on;
''; '';
}; };
extraConfig = '' extraConfig = ''

View file

@ -54,7 +54,7 @@ in
}]; }];
locations."/".return = "302 https://eh09.easterhegg.eu"; locations."/".return = "302 https://eh09.easterhegg.eu";
extraConfig = '' extraConfig = ''
# Make use of the ngx_http_realip_module to set the $remote_addr and # Make use of the ngx_http_realip_module to set the $remote_addr and
# $remote_port to the client address and client port, when using proxy # $remote_port to the client address and client port, when using proxy
@ -86,7 +86,7 @@ in
default_type text/html; default_type text/html;
# Enable SSI # Enable SSI
ssi on; ssi on;
''; '';
}; };
extraConfig = '' extraConfig = ''
# Make use of the ngx_http_realip_module to set the $remote_addr and # Make use of the ngx_http_realip_module to set the $remote_addr and

View file

@ -54,7 +54,7 @@ in
}]; }];
locations."/".return = "302 https://eh11.easterhegg.eu"; locations."/".return = "302 https://eh11.easterhegg.eu";
extraConfig = '' extraConfig = ''
# Make use of the ngx_http_realip_module to set the $remote_addr and # Make use of the ngx_http_realip_module to set the $remote_addr and
# $remote_port to the client address and client port, when using proxy # $remote_port to the client address and client port, when using proxy
@ -86,7 +86,7 @@ in
default_type text/html; default_type text/html;
# Enable SSI # Enable SSI
ssi on; ssi on;
''; '';
}; };
extraConfig = '' extraConfig = ''

View file

@ -4,7 +4,8 @@ let
domain = "staging.hacker.tours"; domain = "staging.hacker.tours";
dataDir = "/var/www/${domain}"; dataDir = "/var/www/${domain}";
deployUser = "hackertours-website-deploy"; deployUser = "hackertours-website-deploy";
in { in
{
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
"acme-${domain}" = { "acme-${domain}" = {
enableACME = true; enableACME = true;

View file

@ -4,7 +4,8 @@ let
domain = "staging.hackertours.hamburg.ccc.de"; domain = "staging.hackertours.hamburg.ccc.de";
dataDir = "/var/www/${domain}"; dataDir = "/var/www/${domain}";
deployUser = "ht-ccchh-website-deploy"; deployUser = "ht-ccchh-website-deploy";
in { in
{
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
"acme-${domain}" = { "acme-${domain}" = {
enableACME = true; enableACME = true;

View file

@ -3,13 +3,12 @@
# - https://woodpecker-ci.org/docs/administration/agent-config # - https://woodpecker-ci.org/docs/administration/agent-config
# - https://woodpecker-ci.org/docs/administration/backends/docker # - https://woodpecker-ci.org/docs/administration/backends/docker
{ config, pkgs, pkgs-unstable, ... }: { config, pkgs, ... }:
{ {
services.woodpecker-agents.agents."docker" = { services.woodpecker-agents.agents."docker" = {
enable = true; enable = true;
# Since we use woodpecker-server from unstable, use the agent from unstable as well. package = pkgs.woodpecker-agent;
package = pkgs-unstable.woodpecker-agent;
extraGroups = [ "docker" ]; extraGroups = [ "docker" ];
environment = { environment = {
WOODPECKER_SERVER = "localhost${config.services.woodpecker-server.environment.WOODPECKER_GRPC_ADDR}"; WOODPECKER_SERVER = "localhost${config.services.woodpecker-server.environment.WOODPECKER_GRPC_ADDR}";

View file

@ -5,14 +5,12 @@
# - https://woodpecker-ci.org/docs/administration/forges/forgejo # - https://woodpecker-ci.org/docs/administration/forges/forgejo
# - https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING # - https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING
{ config, pkgs, pkgs-unstable, ... }: { config, pkgs, ... }:
{ {
services.woodpecker-server = { services.woodpecker-server = {
enable = true; enable = true;
# Use package from unstable to get at least version 2.6.0 for native Forgejo support. package = pkgs.woodpecker-server;
# https://github.com/woodpecker-ci/woodpecker/releases/tag/v2.6.0
package = pkgs-unstable.woodpecker-server;
environment = { environment = {
WOODPECKER_HOST = "https://woodpecker.hamburg.ccc.de"; WOODPECKER_HOST = "https://woodpecker.hamburg.ccc.de";
WOODPECKER_SERVER_ADDR = ":8001"; WOODPECKER_SERVER_ADDR = ":8001";

View file

@ -6,16 +6,16 @@
description = "Yate telehony engine"; description = "Yate telehony engine";
unitConfig = { unitConfig = {
Type = "simple"; Type = "simple";
After="network.target"; After = "network.target";
}; };
serviceConfig = { serviceConfig = {
ExecStart = "${pkgs.yate}/bin/yate -c /yate -e /yate/share -Do"; ExecStart = "${pkgs.yate}/bin/yate -c /yate -e /yate/share -Do";
Type="simple"; Type = "simple";
Restart="always"; Restart = "always";
# ... # ...
}; };
wantedBy = [ "default.target" ]; wantedBy = [ "default.target" ];
requiredBy = [ "network.target" ]; requiredBy = [ "network.target" ];
# ... # ...
}; };
} }

View file

@ -38,11 +38,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1730428893, "lastModified": 1731133565,
"narHash": "sha256-fLLUd2dO/Vnf96UDr8YPzerYi+n99l3S5yIUDnmcPBE=", "narHash": "sha256-tCErjTdCUWK06LzkcvwUM+3pyrrmdf8e0VDBBTgqznE=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "38edd08881ce4dc24056eec173b43587a93c990f", "rev": "11f65b4b0405cff5b54c813626bddcf5435d7ad2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -54,11 +54,11 @@
}, },
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1729973466, "lastModified": 1730602179,
"narHash": "sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk=", "narHash": "sha256-efgLzQAWSzJuCLiCaQUCDu4NudNlHdg2NzGLX5GYaEY=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "cd3e8833d70618c4eea8df06f95b364b016d4950", "rev": "3c2f1c4ca372622cb2f9de8016c9a0b1cbd0f37c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -68,27 +68,10 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-unstable": {
"locked": {
"lastModified": 1730449684,
"narHash": "sha256-Hlv3rTPxnO+DpKRXw9yjzERLdk05h7+fEbZxWM2taCw=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "ab464abbeb3a2833288c6e907488c49c2e599f88",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable-small",
"repo": "nixpkgs",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"nixos-generators": "nixos-generators", "nixos-generators": "nixos-generators",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nixpkgs-unstable": "nixpkgs-unstable",
"sops-nix": "sops-nix" "sops-nix": "sops-nix"
} }
}, },
@ -100,11 +83,11 @@
"nixpkgs-stable": "nixpkgs-stable" "nixpkgs-stable": "nixpkgs-stable"
}, },
"locked": { "locked": {
"lastModified": 1729999681, "lastModified": 1731213149,
"narHash": "sha256-qm0uCtM9bg97LeJTKQ8dqV/FvqRN+ompyW4GIJruLuw=", "narHash": "sha256-jR8i6nFLmSmm0cIoeRQ8Q4EBARa3oGaAtEER/OMMxus=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "1666d16426abe79af5c47b7c0efa82fd31bf4c56", "rev": "f1675e3b0e1e663a4af49be67ecbc9e749f85eb7",
"type": "github" "type": "github"
}, },
"original": { "original": {

138
flake.nix
View file

@ -6,7 +6,6 @@
# https://nixos.org/manual/nixos/stable/#sec-upgrading # https://nixos.org/manual/nixos/stable/#sec-upgrading
# https://github.com/NixOS/nixpkgs # https://github.com/NixOS/nixpkgs
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05-small"; nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05-small";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small";
# Add nixos-generators as an input. # Add nixos-generators as an input.
# See here: https://github.com/nix-community/nixos-generators#using-in-a-flake # See here: https://github.com/nix-community/nixos-generators#using-in-a-flake
@ -23,26 +22,32 @@
}; };
}; };
outputs = { self, nixpkgs, nixpkgs-unstable, nixos-generators, sops-nix, ... }: outputs = { self, nixpkgs, nixos-generators, sops-nix, ... }:
let let
system = "x86_64-linux"; system = "x86_64-linux";
shairportSync431ExtendedNixpkgsUnstableOverlay = final: prev: {
shairport-sync = (prev.shairport-sync.override { enableMetadata = true; enableAirplay2 = true; }).overrideAttrs (finalAttr: previousAttr: {
# See: https://github.com/mikebrady/shairport-sync/blob/e78a88b64adfe7b5f88fd6faedf55c57445bb240/CONFIGURATION%20FLAGS.md
configureFlags = previousAttr.configureFlags ++ [ "--with-mqtt-client" ];
buildInputs = previousAttr.buildInputs ++ [ final.mosquitto ];
});
};
pkgs-unstable = nixpkgs-unstable.legacyPackages."x86_64-linux";
in in
{ {
overlays = {
shairportSyncAirplay2 = final: prev: {
shairport-sync = (prev.shairport-sync.override { enableMetadata = true; enableAirplay2 = true; }).overrideAttrs (finalAttr: previousAttr: {
# See: https://github.com/mikebrady/shairport-sync/blob/e78a88b64adfe7b5f88fd6faedf55c57445bb240/CONFIGURATION%20FLAGS.md
configureFlags = previousAttr.configureFlags ++ [ "--with-mqtt-client" ];
buildInputs = previousAttr.buildInputs ++ [ final.mosquitto ];
});
};
};
nixosModules = {
common = ./config/common;
proxmox-vm = ./config/proxmox-vm;
prometheus-exporter = ./config/extra/prometheus-exporter.nix;
};
nixosConfigurations = { nixosConfigurations = {
audio-hauptraum-kueche = nixpkgs.lib.nixosSystem { audio-hauptraum-kueche = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
{ nixpkgs.overlays = [ shairportSync431ExtendedNixpkgsUnstableOverlay ]; } { nixpkgs.overlays = [ self.overlays.shairportSyncAirplay2 ]; }
./config/hosts/audio-hauptraum-kueche ./config/hosts/audio-hauptraum-kueche
]; ];
}; };
@ -50,9 +55,9 @@
audio-hauptraum-tafel = nixpkgs.lib.nixosSystem { audio-hauptraum-tafel = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
{ nixpkgs.overlays = [ shairportSync431ExtendedNixpkgsUnstableOverlay ]; } { nixpkgs.overlays = [ self.overlays.shairportSyncAirplay2 ]; }
./config/hosts/audio-hauptraum-tafel ./config/hosts/audio-hauptraum-tafel
]; ];
}; };
@ -60,8 +65,8 @@
esphome = nixpkgs.lib.nixosSystem { esphome = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
./config/hosts/esphome ./config/hosts/esphome
]; ];
}; };
@ -69,8 +74,8 @@
public-reverse-proxy = nixpkgs.lib.nixosSystem { public-reverse-proxy = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
./config/hosts/public-reverse-proxy ./config/hosts/public-reverse-proxy
]; ];
}; };
@ -78,10 +83,10 @@
netbox = nixpkgs.lib.nixosSystem { netbox = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/netbox ./config/hosts/netbox
]; ];
}; };
@ -89,10 +94,10 @@
matrix = nixpkgs.lib.nixosSystem { matrix = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/matrix ./config/hosts/matrix
]; ];
}; };
@ -100,10 +105,10 @@
public-web-static = nixpkgs.lib.nixosSystem { public-web-static = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/public-web-static ./config/hosts/public-web-static
]; ];
}; };
@ -111,10 +116,10 @@
git = nixpkgs.lib.nixosSystem { git = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/git ./config/hosts/git
]; ];
}; };
@ -122,10 +127,10 @@
forgejo-actions-runner = nixpkgs.lib.nixosSystem { forgejo-actions-runner = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/forgejo-actions-runner ./config/hosts/forgejo-actions-runner
]; ];
}; };
@ -133,8 +138,8 @@
ptouch-print-server = nixpkgs.lib.nixosSystem { ptouch-print-server = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
./config/hosts/ptouch-print-server ./config/hosts/ptouch-print-server
]; ];
}; };
@ -142,9 +147,9 @@
eh22-wiki = nixpkgs.lib.nixosSystem { eh22-wiki = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/eh22-wiki ./config/hosts/eh22-wiki
]; ];
}; };
@ -152,9 +157,9 @@
nix-box-june = nixpkgs.lib.nixosSystem { nix-box-june = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/nix-box-june ./config/hosts/nix-box-june
]; ];
}; };
@ -162,8 +167,8 @@
yate = nixpkgs.lib.nixosSystem { yate = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
./config/hosts/yate ./config/hosts/yate
]; ];
}; };
@ -171,8 +176,8 @@
mqtt = nixpkgs.lib.nixosSystem { mqtt = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
./config/hosts/mqtt ./config/hosts/mqtt
]; ];
}; };
@ -180,10 +185,10 @@
mjolnir = nixpkgs.lib.nixosSystem { mjolnir = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/mjolnir ./config/hosts/mjolnir
]; ];
}; };
@ -191,22 +196,19 @@
woodpecker = nixpkgs.lib.nixosSystem { woodpecker = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/woodpecker ./config/hosts/woodpecker
]; ];
specialArgs = {
inherit pkgs-unstable;
};
}; };
status = nixpkgs.lib.nixosSystem { status = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
./config/hosts/status ./config/hosts/status
]; ];
@ -215,10 +217,10 @@
penpot = nixpkgs.lib.nixosSystem { penpot = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/penpot ./config/hosts/penpot
]; ];
}; };
@ -226,9 +228,9 @@
hydra = nixpkgs.lib.nixosSystem { hydra = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/hydra ./config/hosts/hydra
]; ];
}; };
@ -239,8 +241,8 @@
system = "x86_64-linux"; system = "x86_64-linux";
modules = [ modules = [
./config/nixos-generators/proxmox.nix ./config/nixos-generators/proxmox.nix
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
]; ];
format = "proxmox"; format = "proxmox";
}; };
@ -250,8 +252,8 @@
modules = [ modules = [
./config/nixos-generators/proxmox-chaosknoten.nix ./config/nixos-generators/proxmox-chaosknoten.nix
./config/proxmox-chaosknoten-additional-initial-config.nix ./config/proxmox-chaosknoten-additional-initial-config.nix
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
]; ];
format = "proxmox"; format = "proxmox";
}; };