chayleaf/dotfiles
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

small random fixes

Browse source
This commit is contained in:
chayleaf 2023-07-28 12:02:37 +07:00
parent 64707b8084
commit 6e9682800f
3 changed files with 46 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
flake.nix
View file

@ -93,7 +93,25 @@
overlays = (if config?overlays then config.overlays else [ ]) ++ [ overlay ]; overlays = (if config?overlays then config.overlays else [ ]) ++ [ overlay ];
}); });
# this is actual config, it gets processed below # this is actual config, it gets processed below
config = { config = let
mkBpiR3 = storage: config: config // {
system = "aarch64-linux";
modules = (config.modules or [ ]) ++ [ (import ./system/devices/bpi-r3-router.nix storage) ];
};
routerConfig = rec {
system = "aarch64-linux";
specialArgs.server-config = nixosConfigurations.nixserver.config;
modules = [
{
_module.args.pkgs2 = import nixpkgs2 { inherit system; overlays = [ overlay ]; };
_module.args.notnft = if devNft then (import /${devPath}/notnft { inherit (nixpkgs) lib; }).config.notnft else notnft.lib.${system};
}
(if devNixRt then import /${devPath}/nixos-router else nixos-router.nixosModules.default)
];
};
in {
router-emmc = mkBpiR3 "emmc" routerConfig;
router-sd = mkBpiR3 "sd" routerConfig;
nixserver = { nixserver = {
modules = [ modules = [
nixos-mailserver.nixosModules.default nixos-mailserver.nixosModules.default
@ -101,30 +119,6 @@
(if devMaubot then import /${devPath}/maubot.nix/module else maubot.nixosModules.default) (if devMaubot then import /${devPath}/maubot.nix/module else maubot.nixosModules.default)
]; ];
}; };
router-emmc = rec {
system = "aarch64-linux";
specialArgs.server-config = nixosConfigurations.nixserver.config;
modules = [
{
_module.args.pkgs2 = import nixpkgs2 { inherit system; overlays = [ overlay ]; };
_module.args.notnft = if devNft then (import /${devPath}/notnft { inherit (nixpkgs) lib; }).config.notnft else notnft.lib.${system};
}
(import ./system/devices/bpi-r3-router.nix "emmc")
(if devNixRt then import /${devPath}/nixos-router else nixos-router.nixosModules.default)
];
};
router-sd = rec {
system = "aarch64-linux";
specialArgs.server-config = nixosConfigurations.nixserver.config;
modules = [
{
_module.args.pkgs2 = import nixpkgs2 { inherit system; overlays = [ overlay ]; };
_module.args.notnft = if devNft then (import /${devPath}/notnft { inherit (nixpkgs) lib; }).config.notnft else notnft.lib.${system};
}
(import ./system/devices/bpi-r3-router.nix "sd")
(if devNixRt then (import /${devPath}/nixos-router) else nixos-router.nixosModules.default)
];
};
nixmsi = rec { nixmsi = rec {
system = "x86_64-linux"; system = "x86_64-linux";
modules = [ modules = [
@ -274,7 +268,7 @@
hydraJobs = { hydraJobs = {
server.${config.nixserver.system or "x86_64-linux"} = nixosConfigurations.nixserver; server.${config.nixserver.system or "x86_64-linux"} = nixosConfigurations.nixserver;
workstation.${config.nixmsi.system or "x86_64-linux"} = nixosConfigurations.nixmsi; workstation.${config.nixmsi.system or "x86_64-linux"} = nixosConfigurations.nixmsi;
router.${config.router.system or "x86_64-linux"} = nixosConfigurations.router; router.${config.router-emmc.system or "x86_64-linux"} = nixosConfigurations.router-emmc;
workstation-home.${config.nixmsi.system or "x86_64-linux"} = homeConfigurations."user@nixmsi"; workstation-home.${config.nixmsi.system or "x86_64-linux"} = homeConfigurations."user@nixmsi";
}; };
}; };

26
system/hosts/nixserver/home.nix
View file

@ -52,6 +52,10 @@ in {
proxyWebsockets = true; proxyWebsockets = true;
}; };
locations."/grafana/public/".alias = "${config.services.grafana.settings.server.static_root_path}/"; locations."/grafana/public/".alias = "${config.services.grafana.settings.server.static_root_path}/";
locations."/printer/" = {
proxyPass = "http://127.0.0.1:631/";
proxyWebsockets = true;
};
}; };
services.nginx.virtualHosts."hydra.${cfg.domainName}" = { services.nginx.virtualHosts."hydra.${cfg.domainName}" = {
quic = true; quic = true;
@ -98,9 +102,19 @@ in {
# smtpHost = "mail.${cfg.domainName}"; # smtpHost = "mail.${cfg.domainName}";
useSubstitutes = true; useSubstitutes = true;
}; };
systemd.services.nix-daemon = { boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
serviceConfig.CPUQuota = "50%"; nix.buildMachines = [
}; {
hostName = "localhost";
protocol = null;
supportedFeatures = [ "kvm" "local" "nixos-test" "benchmark" "big-parallel" ];
systems = [ "builtin" "x86_64-linux" "i686-linux" "aarch64-linux" ];
}
];
# limit CI CPU usage since I'm running everything else off this server too
# systemd.services.nix-daemon.serviceConfig.CPUQuota = "50%";
systemd.services.hydra-evaluator.serviceConfig.CPUQuota = "50%";
programs.ccache.enable = true;
services.nginx.statusPage = true; services.nginx.statusPage = true;
services.gitea.settings.metrics.ENABLED = true; services.gitea.settings.metrics.ENABLED = true;
@ -168,7 +182,7 @@ in {
job_name = "local_medium_freq"; job_name = "local_medium_freq";
scrape_interval = "15m"; scrape_interval = "15m";
static_configs = [ { static_configs = [ {
targets = [ "127.0.0.1:9548" ]; targets = [ "127.0.0.1:9548" "127.0.0.1:9198" ];
labels.machine = "server"; labels.machine = "server";
} ]; } ];
} }
@ -279,7 +293,7 @@ in {
}; };
};*/ };*/
networking.firewall.allowedTCPPorts = [ 631 9100 ]; networking.firewall.allowedTCPPorts = [ 631 ];
services.printing = { services.printing = {
enable = true; enable = true;
allowFrom = [ cfg.lanCidrV4 cfg.lanCidrV6 ]; allowFrom = [ cfg.lanCidrV4 cfg.lanCidrV6 ];
@ -287,7 +301,7 @@ in {
clientConf = '' clientConf = ''
ServerName home.${cfg.domainName} ServerName home.${cfg.domainName}
''; '';
listenAddresses = [ "*:631" "*:9100" ]; listenAddresses = [ "*:631" ];
defaultShared = true; defaultShared = true;
drivers = [ pkgs.hplip ]; drivers = [ pkgs.hplip ];
startWhenNeeded = false; startWhenNeeded = false;

6
system/modules/impermanence.nix
View file

@ -98,6 +98,12 @@ in {
{ directory = /var/lib/pleroma; user = "pleroma"; group = "pleroma"; mode = "0700"; } { directory = /var/lib/pleroma; user = "pleroma"; group = "pleroma"; mode = "0700"; }
] ++ lib.optionals config.services.akkoma.enable [ ] ++ lib.optionals config.services.akkoma.enable [
{ directory = /var/lib/akkoma; user = "akkoma"; group = "akkoma"; mode = "0700"; } { directory = /var/lib/akkoma; user = "akkoma"; group = "akkoma"; mode = "0700"; }
] ++ lib.optionals config.services.hydra.enable [
{ directory = /var/lib/hydra; user = "hydra"; group = "hydra"; mode = "0755"; }
] ++ lib.optionals config.services.grafana.enable [
{ directory = /var/lib/grafana; user = "grafana"; group = "grafana"; mode = "0755"; }
] ++ lib.optionals config.services.prometheus.enable [
{ directory = /var/lib/${config.services.prometheus.stateDir}; user = "prometheus"; group = "prometheus"; mode = "0755"; }
] ++ lib.optionals config.services.postfix.enable [ ] ++ lib.optionals config.services.postfix.enable [
{ directory = /var/lib/postfix; user = "root"; group = "root"; mode = "0755"; } { directory = /var/lib/postfix; user = "root"; group = "root"; mode = "0755"; }
] ++ lib.optionals config.services.postgresql.enable [ ] ++ lib.optionals config.services.postgresql.enable [