schrottkatze/katzen-cafe
0
0
Fork 0
mirror of https://forge.katzen.cafe/katzen-cafe/katzen-cafe.git synced 2025-12-23 15:57:14 +01:00
Code Issues Projects Releases Packages Wiki Activity

Compare commits

base: schrottkatze:88223ad8932ef1de44beeb2e6e98b4dc076d1f09
Branches Tags
schrottkatze:main
..
compare: schrottkatze:7d126b7bda288308ddc2de5435a2ddccfbf48d98
Branches Tags
schrottkatze:main

No commits in common. "88223ad8932ef1de44beeb2e6e98b4dc076d1f09" and "7d126b7bda288308ddc2de5435a2ddccfbf48d98" have entirely different histories.
88223ad893 ... 7d126b7bda

10 changed files with 110 additions and 129 deletions
Download patch file Download diff file Expand all files Collapse all files

128
flake.lock generated
View file

@ -8,11 +8,11 @@
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1720147808,
"narHash": "sha256-hlWEQGUbIwYb+vnd8egzlW/P++yKu3HjV/rOdOPVank=",
"lastModified": 1713728172,
"narHash": "sha256-rac5WwUyZGxVqcNh2PIOxXJFGPXBSFPfkox1AdqwVgk=",
"owner": "hercules-ci",
"repo": "arion",
"rev": "236f9dd82d6ef6a2d9987c7a7df3e75f1bc8b318",
"rev": "add0e67d2b83814667490985ea4ef1226d3b4511",
"type": "github"
},
"original": {
@ -71,11 +71,11 @@
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1721379485,
"narHash": "sha256-Pcfv3IB4yGiSC4N5BqD6T9u+YYBiwjJ+VGzg0WGCjK8=",
"lastModified": 1713731448,
"narHash": "sha256-IDZfplo83qIi66Vpq1bqwwhm9FNs+6xW3d6EhMBGNCk=",
"owner": "famedly",
"repo": "conduit",
"rev": "44dd21f432a22c82adab77c25469c336976f4081",
"rev": "27753b1d9624fc7a295eaf6009b71ede5804de62",
"type": "gitlab"
},
"original": {
@ -201,11 +201,11 @@
"flake-compat_4": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"lastModified": 1668681692,
"narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"rev": "009399224d5e398d03b22badca40a37ac85412a1",
"type": "github"
},
"original": {
@ -222,11 +222,11 @@
]
},
"locked": {
"lastModified": 1719994518,
"narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=",
"lastModified": 1712014858,
"narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7",
"rev": "9126214d0a59633752a136528f5f3b9aa8565b7d",
"type": "github"
},
"original": {
@ -244,11 +244,11 @@
]
},
"locked": {
"lastModified": 1712014858,
"narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
"lastModified": 1709336216,
"narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "9126214d0a59633752a136528f5f3b9aa8565b7d",
"rev": "f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2",
"type": "github"
},
"original": {
@ -329,11 +329,11 @@
]
},
"locked": {
"lastModified": 1719226092,
"narHash": "sha256-YNkUMcCUCpnULp40g+svYsaH1RbSEj6s4WdZY/SHe38=",
"lastModified": 1710478346,
"narHash": "sha256-Xjf8BdnQG0tLhPMlqQdwCIjOp7Teox0DP3N/jjyiGM4=",
"owner": "hercules-ci",
"repo": "hercules-ci-effects",
"rev": "11e4b8dc112e2f485d7c97e1cee77f9958f498f5",
"rev": "64e7763d72c1e4c1e5e6472640615b6ae2d40fbf",
"type": "github"
},
"original": {
@ -416,11 +416,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1720031269,
"narHash": "sha256-rwz8NJZV+387rnWpTYcXaRNvzUSnnF9aHONoJIYmiUQ=",
"lastModified": 1713537308,
"narHash": "sha256-XtTSSIB2DA6tOv+l0FhvfDMiyCmhoRbNB+0SeInZkbk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9f4128e00b0ae8ec65918efeba59db998750ead6",
"rev": "5c24cf2f0a12ad855f444c30b2421d044120c66f",
"type": "github"
},
"original": {
@ -430,18 +430,33 @@
"type": "github"
}
},
"nixpkgs-24_05": {
"nixpkgs-22_11": {
"locked": {
"lastModified": 1717144377,
"narHash": "sha256-F/TKWETwB5RaR8owkPPi+SPJh83AQsm6KrQAlJ8v/uA=",
"lastModified": 1669558522,
"narHash": "sha256-yqxn+wOiPqe6cxzOo4leeJOp1bXE/fjPEi/3F/bBHv8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "805a384895c696f802a9bf5bf4720f37385df547",
"rev": "ce5fe99df1f15a09a91a86be9738d68fadfbad82",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-24.05",
"ref": "nixos-22.11",
"type": "indirect"
}
},
"nixpkgs-23_05": {
"locked": {
"lastModified": 1684782344,
"narHash": "sha256-SHN8hPYYSX0thDrMLMWPWYulK3YFgASOrCsIL3AJ78g=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8966c43feba2c701ed624302b6a935f97bcbdf88",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-23.05",
"type": "indirect"
}
},
@ -479,11 +494,11 @@
},
"nixpkgsOld": {
"locked": {
"lastModified": 1720535198,
"narHash": "sha256-zwVvxrdIzralnSbcpghA92tWu2DV2lwv89xZc8MTrbg=",
"lastModified": 1713725259,
"narHash": "sha256-9ZR/Rbx5/Z/JZf5ehVNMoz/s5xjpP0a22tL6qNvLt5E=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "205fd4226592cc83fd4c0885a3e4c9c400efabb5",
"rev": "a5e4bbcb4780c63c79c87d29ea409abf097de3f7",
"type": "github"
},
"original": {
@ -495,11 +510,11 @@
},
"nixpkgsUnstable": {
"locked": {
"lastModified": 1722062969,
"narHash": "sha256-QOS0ykELUmPbrrUGmegAUlpmUFznDQeR4q7rFhl8eQg=",
"lastModified": 1713714899,
"narHash": "sha256-+z/XjO3QJs5rLE5UOf015gdVauVRQd2vZtsFkaXBq2Y=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b73c2221a46c13557b1b3be9c2070cc42cf01eb3",
"rev": "6143fc5eeb9c4f00163267708e26191d1e918932",
"type": "github"
},
"original": {
@ -575,27 +590,27 @@
},
"nixpkgs_6": {
"locked": {
"lastModified": 1722087241,
"narHash": "sha256-2ShmEaFi0kJVOEEu5gmlykN5dwjWYWYUJmlRTvZQRpU=",
"lastModified": 1713725259,
"narHash": "sha256-9ZR/Rbx5/Z/JZf5ehVNMoz/s5xjpP0a22tL6qNvLt5E=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8c50662509100d53229d4be607f1a3a31157fa12",
"rev": "a5e4bbcb4780c63c79c87d29ea409abf097de3f7",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_7": {
"locked": {
"lastModified": 1717602782,
"narHash": "sha256-pL9jeus5QpX5R+9rsp3hhZ+uplVHscNJh8n8VpqscM0=",
"lastModified": 1670751203,
"narHash": "sha256-XdoH1v3shKDGlrwjgrNX/EN8s3c+kQV7xY6cLCE8vcI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e8057b67ebf307f01bdcc8fba94d94f75039d1f6",
"rev": "64e0bf055f9d25928c31fb12924e59ff8ce71e60",
"type": "github"
},
"original": {
@ -637,20 +652,21 @@
"blobs": "blobs",
"flake-compat": "flake-compat_4",
"nixpkgs": "nixpkgs_7",
"nixpkgs-24_05": "nixpkgs-24_05",
"nixpkgs-22_11": "nixpkgs-22_11",
"nixpkgs-23_05": "nixpkgs-23_05",
"utils": "utils"
},
"locked": {
"lastModified": 1718084203,
"narHash": "sha256-Cx1xoVfSMv1XDLgKg08CUd1EoTYWB45VmB9XIQzhmzI=",
"lastModified": 1687462267,
"narHash": "sha256-rNSputjn/0HEHHnsKfQ8mQVEPVchcBw7DsbND7Wg8dk=",
"owner": "simple-nixos-mailserver",
"repo": "nixos-mailserver",
"rev": "29916981e7b3b5782dc5085ad18490113f8ff63b",
"rev": "24128c3052090311688b09a400aa408ba61c6ee5",
"type": "gitlab"
},
"original": {
"owner": "simple-nixos-mailserver",
"ref": "nixos-24.05",
"ref": "nixos-23.05",
"repo": "nixos-mailserver",
"type": "gitlab"
}
@ -670,31 +686,13 @@
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1709126324,
"narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=",
"lastModified": 1605370193,
"narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "d465f4819400de7c8d874d50b982301f28a84605",
"rev": "5021eac20303a61fafe17224c087f5519baed54d",
"type": "github"
},
"original": {

4
flake.nix
View file

@ -1,12 +1,12 @@
{
inputs = {
nixpkgsOld.url = "github:NixOS/nixpkgs/nixos-23.11";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11";
nixpkgsUnstable.url = "github:NixOS/nixpkgs/nixos-unstable";
#nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
arion.url = "github:hercules-ci/arion";
mms.url = "github:mkaito/nixos-modded-minecraft-servers";
simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-24.05";
simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-23.05";
conduit = {
url = "gitlab:famedly/conduit";
};

3
justfile
View file

@ -1,6 +1,9 @@
deploy:
colmena apply
build:
colmena build
update:
nix flake update --commit-lock-file
just deploy

10
modules/base-stuff.nix
View file

@ -65,7 +65,6 @@
};
programs.mosh.enable = true;
users.defaultUserShell = pkgs.nushell;
services.openssh = {
enable = true;
@ -73,7 +72,7 @@
};
environment.systemPackages = with pkgs; [
helix
vim
wget
neofetch
btop
@ -94,11 +93,4 @@
device = "/dev/sda2";
}
];
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 14d";
};
virtualisation.docker.autoPrune.enable = true;
}

2
modules/containers/default.nix
View file

@ -2,7 +2,7 @@
imports = [
./katzencafe-wiki.nix
./phtanumb-wiki.nix
# ./calckey.nix
./calckey.nix
./penpot.nix
./nextcloud.nix
];

11
modules/containers/katzencafe-wiki.nix
View file

@ -1,4 +1,5 @@
{pkgsOld, ...}: {
{ pkgsOld, ... }:
{
containers."katzenwiki" = {
autoStart = true;
privateNetwork = true;
@ -16,11 +17,7 @@
# localAddress = "10.0.2.2";
# };
# };
config = {
config,
pkgs,
...
}: {
config = { config, pkgs, ... }: {
environment.systemPackages = with pkgs; [btop ];
networking.firewall.enable = false;
# networking.nameservers = [ "9.9.9.9" "149.112.112.112" ];
@ -51,7 +48,7 @@
# Disable anonymous editing
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['oidc_interface_admin'] = $wgGroupPermissions['interface-admin'];
$wgGroupPermissions['oidc_interface_admin'] = $wgGroupPermissions['interface_admin'];
$wgGroupPermissions['oidc_admin'] = $wgGroupPermissions['sysop'];
$wgGroupPermissions['oidc_admin']['userrights'] = true;

11
modules/containers/nextcloud.nix
View file

@ -35,13 +35,13 @@
trustedProxies = ["10.0.3.1"];
};
hostName = "wolke.katzen.cafe";
package = pkgs.nextcloud29;
package = pkgs.nextcloud27;
extraApps = with config.services.nextcloud.package.packages.apps; {
inherit bookmarks calendar contacts;
user_oidc = pkgs.fetchNextcloudApp rec {
url = "https://github.com/nextcloud-releases/user_oidc/releases/download/v5.0.3/user_oidc-v5.0.3.tar.gz";
sha256 = "sha256-oaN4nYIKzP7r9pB/6szZnkR+liSMARd3Nb8aM3m9WeE=";
license = "gpl3";
url = "https://github.com/nextcloud-releases/user_oidc/releases/download/v1.3.3/user_oidc-v1.3.3.tar.gz";
sha256 = "sha256-s8xr25a40/ot7KDv3Vn7WBm4Pb13LzzK62ZNYufXQ2w";
license = "agpl3";
};
};
};
@ -51,8 +51,7 @@
ensureUsers = [
{
name = "nextcloud";
# ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
ensureDBOwnership = true;
ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
}
];
};

15
modules/containers/phtanumb-wiki.nix
View file

@ -1,14 +1,11 @@
{ pkgsOld, ... }:
{
pkgs,
pkgsOld,
...
}: {
containers."phtanumb-wiki" = {
autoStart = true;
privateNetwork = true;
hostAddress = "10.0.1.1";
localAddress = "10.0.1.2";
nixpkgs = pkgs.path;
nixpkgs = pkgsOld.path;
bindMounts = {
"/var/mediawiki" = {
hostPath = "/phtanum-b/wiki";
@ -21,11 +18,7 @@
# localAddress = "10.0.1.2";
# };
# };
config = {
config,
pkgs,
...
}: {
config = { config, pkgs, ... }: {
environment.systemPackages = with pkgs; [ luajit ];
networking.firewall.enable = false;
# networking.nameservers = [ "9.9.9.9" "149.112.112.112" ];
@ -65,7 +58,7 @@
$wgScribuntoUseGeSHi = true;
$wgScribuntoUseCodeEditor = true;
$wgGroupPermissions['oidc_interface_admin'] = $wgGroupPermissions['interface-admin'];
$wgGroupPermissions['oidc_interface_admin'] = $wgGroupPermissions['interface_admin'];
$wgGroupPermissions['oidc_admin'] = $wgGroupPermissions['sysop'];
$wgGroupPermissions['oidc_admin']['userrights'] = true;

5
modules/mailserver.nix
View file

@ -1,7 +1,6 @@
{inputs, ...}: {
{ inputs, ... }:
{
imports = [ inputs.simple-nixos-mailserver.nixosModule ];
# hack to fix https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/issues/275
services.dovecot2.sieve.extensions = ["fileinto"];
mailserver = {
enable = true;
fqdn = "mail.katzen.cafe";

10
modules/postgres.nix
View file

@ -1,13 +1,13 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
services.postgresql = {
enable = true;
ensureUsers = [
{
name = "forgejo";
# ensurePermissions = {
# "DATABASE \"forgejo\"" = "ALL PRIVILEGES";
# };
ensureDBOwnership = true;
ensurePermissions = {
"DATABASE \"forgejo\"" = "ALL PRIVILEGES";
};
}
];
ensureDatabases = [