small random fixes
This commit is contained in:
parent
64707b8084
commit
6e9682800f
46
flake.nix
46
flake.nix
|
@ -93,7 +93,25 @@
|
||||||
overlays = (if config?overlays then config.overlays else [ ]) ++ [ overlay ];
|
overlays = (if config?overlays then config.overlays else [ ]) ++ [ overlay ];
|
||||||
});
|
});
|
||||||
# this is actual config, it gets processed below
|
# this is actual config, it gets processed below
|
||||||
config = {
|
config = let
|
||||||
|
mkBpiR3 = storage: config: config // {
|
||||||
|
system = "aarch64-linux";
|
||||||
|
modules = (config.modules or [ ]) ++ [ (import ./system/devices/bpi-r3-router.nix storage) ];
|
||||||
|
};
|
||||||
|
routerConfig = rec {
|
||||||
|
system = "aarch64-linux";
|
||||||
|
specialArgs.server-config = nixosConfigurations.nixserver.config;
|
||||||
|
modules = [
|
||||||
|
{
|
||||||
|
_module.args.pkgs2 = import nixpkgs2 { inherit system; overlays = [ overlay ]; };
|
||||||
|
_module.args.notnft = if devNft then (import /${devPath}/notnft { inherit (nixpkgs) lib; }).config.notnft else notnft.lib.${system};
|
||||||
|
}
|
||||||
|
(if devNixRt then import /${devPath}/nixos-router else nixos-router.nixosModules.default)
|
||||||
|
];
|
||||||
|
};
|
||||||
|
in {
|
||||||
|
router-emmc = mkBpiR3 "emmc" routerConfig;
|
||||||
|
router-sd = mkBpiR3 "sd" routerConfig;
|
||||||
nixserver = {
|
nixserver = {
|
||||||
modules = [
|
modules = [
|
||||||
nixos-mailserver.nixosModules.default
|
nixos-mailserver.nixosModules.default
|
||||||
|
@ -101,30 +119,6 @@
|
||||||
(if devMaubot then import /${devPath}/maubot.nix/module else maubot.nixosModules.default)
|
(if devMaubot then import /${devPath}/maubot.nix/module else maubot.nixosModules.default)
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
router-emmc = rec {
|
|
||||||
system = "aarch64-linux";
|
|
||||||
specialArgs.server-config = nixosConfigurations.nixserver.config;
|
|
||||||
modules = [
|
|
||||||
{
|
|
||||||
_module.args.pkgs2 = import nixpkgs2 { inherit system; overlays = [ overlay ]; };
|
|
||||||
_module.args.notnft = if devNft then (import /${devPath}/notnft { inherit (nixpkgs) lib; }).config.notnft else notnft.lib.${system};
|
|
||||||
}
|
|
||||||
(import ./system/devices/bpi-r3-router.nix "emmc")
|
|
||||||
(if devNixRt then import /${devPath}/nixos-router else nixos-router.nixosModules.default)
|
|
||||||
];
|
|
||||||
};
|
|
||||||
router-sd = rec {
|
|
||||||
system = "aarch64-linux";
|
|
||||||
specialArgs.server-config = nixosConfigurations.nixserver.config;
|
|
||||||
modules = [
|
|
||||||
{
|
|
||||||
_module.args.pkgs2 = import nixpkgs2 { inherit system; overlays = [ overlay ]; };
|
|
||||||
_module.args.notnft = if devNft then (import /${devPath}/notnft { inherit (nixpkgs) lib; }).config.notnft else notnft.lib.${system};
|
|
||||||
}
|
|
||||||
(import ./system/devices/bpi-r3-router.nix "sd")
|
|
||||||
(if devNixRt then (import /${devPath}/nixos-router) else nixos-router.nixosModules.default)
|
|
||||||
];
|
|
||||||
};
|
|
||||||
nixmsi = rec {
|
nixmsi = rec {
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
modules = [
|
modules = [
|
||||||
|
@ -274,7 +268,7 @@
|
||||||
hydraJobs = {
|
hydraJobs = {
|
||||||
server.${config.nixserver.system or "x86_64-linux"} = nixosConfigurations.nixserver;
|
server.${config.nixserver.system or "x86_64-linux"} = nixosConfigurations.nixserver;
|
||||||
workstation.${config.nixmsi.system or "x86_64-linux"} = nixosConfigurations.nixmsi;
|
workstation.${config.nixmsi.system or "x86_64-linux"} = nixosConfigurations.nixmsi;
|
||||||
router.${config.router.system or "x86_64-linux"} = nixosConfigurations.router;
|
router.${config.router-emmc.system or "x86_64-linux"} = nixosConfigurations.router-emmc;
|
||||||
workstation-home.${config.nixmsi.system or "x86_64-linux"} = homeConfigurations."user@nixmsi";
|
workstation-home.${config.nixmsi.system or "x86_64-linux"} = homeConfigurations."user@nixmsi";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -52,6 +52,10 @@ in {
|
||||||
proxyWebsockets = true;
|
proxyWebsockets = true;
|
||||||
};
|
};
|
||||||
locations."/grafana/public/".alias = "${config.services.grafana.settings.server.static_root_path}/";
|
locations."/grafana/public/".alias = "${config.services.grafana.settings.server.static_root_path}/";
|
||||||
|
locations."/printer/" = {
|
||||||
|
proxyPass = "http://127.0.0.1:631/";
|
||||||
|
proxyWebsockets = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
services.nginx.virtualHosts."hydra.${cfg.domainName}" = {
|
services.nginx.virtualHosts."hydra.${cfg.domainName}" = {
|
||||||
quic = true;
|
quic = true;
|
||||||
|
@ -98,9 +102,19 @@ in {
|
||||||
# smtpHost = "mail.${cfg.domainName}";
|
# smtpHost = "mail.${cfg.domainName}";
|
||||||
useSubstitutes = true;
|
useSubstitutes = true;
|
||||||
};
|
};
|
||||||
systemd.services.nix-daemon = {
|
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
|
||||||
serviceConfig.CPUQuota = "50%";
|
nix.buildMachines = [
|
||||||
};
|
{
|
||||||
|
hostName = "localhost";
|
||||||
|
protocol = null;
|
||||||
|
supportedFeatures = [ "kvm" "local" "nixos-test" "benchmark" "big-parallel" ];
|
||||||
|
systems = [ "builtin" "x86_64-linux" "i686-linux" "aarch64-linux" ];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
# limit CI CPU usage since I'm running everything else off this server too
|
||||||
|
# systemd.services.nix-daemon.serviceConfig.CPUQuota = "50%";
|
||||||
|
systemd.services.hydra-evaluator.serviceConfig.CPUQuota = "50%";
|
||||||
|
programs.ccache.enable = true;
|
||||||
|
|
||||||
services.nginx.statusPage = true;
|
services.nginx.statusPage = true;
|
||||||
services.gitea.settings.metrics.ENABLED = true;
|
services.gitea.settings.metrics.ENABLED = true;
|
||||||
|
@ -168,7 +182,7 @@ in {
|
||||||
job_name = "local_medium_freq";
|
job_name = "local_medium_freq";
|
||||||
scrape_interval = "15m";
|
scrape_interval = "15m";
|
||||||
static_configs = [ {
|
static_configs = [ {
|
||||||
targets = [ "127.0.0.1:9548" ];
|
targets = [ "127.0.0.1:9548" "127.0.0.1:9198" ];
|
||||||
labels.machine = "server";
|
labels.machine = "server";
|
||||||
} ];
|
} ];
|
||||||
}
|
}
|
||||||
|
@ -279,7 +293,7 @@ in {
|
||||||
};
|
};
|
||||||
};*/
|
};*/
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [ 631 9100 ];
|
networking.firewall.allowedTCPPorts = [ 631 ];
|
||||||
services.printing = {
|
services.printing = {
|
||||||
enable = true;
|
enable = true;
|
||||||
allowFrom = [ cfg.lanCidrV4 cfg.lanCidrV6 ];
|
allowFrom = [ cfg.lanCidrV4 cfg.lanCidrV6 ];
|
||||||
|
@ -287,7 +301,7 @@ in {
|
||||||
clientConf = ''
|
clientConf = ''
|
||||||
ServerName home.${cfg.domainName}
|
ServerName home.${cfg.domainName}
|
||||||
'';
|
'';
|
||||||
listenAddresses = [ "*:631" "*:9100" ];
|
listenAddresses = [ "*:631" ];
|
||||||
defaultShared = true;
|
defaultShared = true;
|
||||||
drivers = [ pkgs.hplip ];
|
drivers = [ pkgs.hplip ];
|
||||||
startWhenNeeded = false;
|
startWhenNeeded = false;
|
||||||
|
|
|
@ -98,6 +98,12 @@ in {
|
||||||
{ directory = /var/lib/pleroma; user = "pleroma"; group = "pleroma"; mode = "0700"; }
|
{ directory = /var/lib/pleroma; user = "pleroma"; group = "pleroma"; mode = "0700"; }
|
||||||
] ++ lib.optionals config.services.akkoma.enable [
|
] ++ lib.optionals config.services.akkoma.enable [
|
||||||
{ directory = /var/lib/akkoma; user = "akkoma"; group = "akkoma"; mode = "0700"; }
|
{ directory = /var/lib/akkoma; user = "akkoma"; group = "akkoma"; mode = "0700"; }
|
||||||
|
] ++ lib.optionals config.services.hydra.enable [
|
||||||
|
{ directory = /var/lib/hydra; user = "hydra"; group = "hydra"; mode = "0755"; }
|
||||||
|
] ++ lib.optionals config.services.grafana.enable [
|
||||||
|
{ directory = /var/lib/grafana; user = "grafana"; group = "grafana"; mode = "0755"; }
|
||||||
|
] ++ lib.optionals config.services.prometheus.enable [
|
||||||
|
{ directory = /var/lib/${config.services.prometheus.stateDir}; user = "prometheus"; group = "prometheus"; mode = "0755"; }
|
||||||
] ++ lib.optionals config.services.postfix.enable [
|
] ++ lib.optionals config.services.postfix.enable [
|
||||||
{ directory = /var/lib/postfix; user = "root"; group = "root"; mode = "0755"; }
|
{ directory = /var/lib/postfix; user = "root"; group = "root"; mode = "0755"; }
|
||||||
] ++ lib.optionals config.services.postgresql.enable [
|
] ++ lib.optionals config.services.postgresql.enable [
|
||||||
|
|
Loading…
Reference in a new issue