L-Nafaryus/bonfire
L-Nafaryus/bonfire
1
0
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects 4 Releases Wiki Activity

Compare commits

base: L-Nafaryus:a51b44570666bb7dbafd1e7e3515313d82b61036
Branches Tags
L-Nafaryus:master
L-Nafaryus:devel
L-Nafaryus:catarina-radio-service
L-Nafaryus:packages-onetagger
L-Nafaryus:packages-wezterm
..
compare: L-Nafaryus:79b02533cf86ec2d1e0240cbe49ec290c89502a9
Branches Tags
L-Nafaryus:devel
L-Nafaryus:master
L-Nafaryus:catarina-radio-service
L-Nafaryus:packages-onetagger
L-Nafaryus:packages-wezterm

No commits in common. "a51b44570666bb7dbafd1e7e3515313d82b61036" and "79b02533cf86ec2d1e0240cbe49ec290c89502a9" have entirely different histories.
a51b445706 ... 79b02533cf

13 changed files with 7 additions and 245 deletions
Show Stats Expand all files Collapse all files

2
config/git/config
View File

@ -1,7 +1,7 @@
[user] [user]
name = L-Nafaryus name = L-Nafaryus
email = l.nafaryus@gmail.com email = l.nafaryus@gmail.com
signingKey = 9B576DE3 signingKey = C76D8DCD2727DBB7
[commit] [commit]
gpgsign = true gpgsign = true
[tag] [tag]

5
config/nvim/init.lua
View File

@ -1,7 +1,2 @@
-- bootstrap lazy.nvim, LazyVim and your plugins -- bootstrap lazy.nvim, LazyVim and your plugins
require("config.lazy") require("config.lazy")
vim.o.tabstop = 4 -- A TAB character looks like 4 spaces
vim.o.expandtab = true -- Pressing the TAB key will insert spaces instead of a TAB character
vim.o.softtabstop = 4 -- Number of spaces inserted instead of a TAB character
vim.o.shiftwidth = 4 -- Number of spaces inserted when indenting

3
devShells/default.nix
View File

@ -17,7 +17,4 @@ in forAllSystems(system: let
openfoam = import ./openfoam.nix { inherit pkgs bpkgs; }; openfoam = import ./openfoam.nix { inherit pkgs bpkgs; };
rust = import ./rust.nix { inherit pkgs cranelib; }; rust = import ./rust.nix { inherit pkgs cranelib; };
rust-x11 = import ./rust-x11.nix { inherit pkgs cranelib; };
go = import ./go.nix { inherit pkgs; };
}) })

4
devShells/go.nix
View File

@ -1,4 +0,0 @@
{ pkgs, ... }:
pkgs.mkShell {
buildInputs = with pkgs; [ go gopls gotools go-tools golangci-lint gnumake ];
}

21
devShells/rust-x11.nix
View File

@ -1,21 +0,0 @@
{ pkgs, cranelib, ... }:
cranelib.devShell {
packages = with pkgs; [
libGL
xorg.libXi xorg.libX11 xorg.libXcursor xorg.libXrandr
lld
libxkbcommon
vulkan-loader
];
shellHook = ''
export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:${
with pkgs; lib.makeLibraryPath [
libGL
xorg.libX11 xorg.libXi xorg.libXcursor xorg.libXrandr
libxkbcommon
vulkan-loader
]
}"
'';
}

2
flake.nix
View File

@ -37,7 +37,7 @@
./nixosModules/bonfire.nix ./nixosModules/bonfire.nix
self.nixosModules.spoofdpi self.nixosModules.spoofdpi
]; ];
specialArgs = { inherit inputs self; }; specialArgs = { inherit inputs; };
}; };
}; };

18
nixosConfigurations/astora/default.nix
View File

@ -44,10 +44,7 @@
videoDrivers = [ "nvidia" ]; videoDrivers = [ "nvidia" ];
displayManager.gdm = { displayManager.gdm.enable = true;
enable = true;
autoSuspend = false;
};
desktopManager.gnome.enable = true; desktopManager.gnome.enable = true;
windowManager.awesome.enable = true; windowManager.awesome.enable = true;
@ -66,7 +63,6 @@
services.openssh = { services.openssh = {
enable = true; enable = true;
startWhenNeeded = true; startWhenNeeded = true;
settings.PasswordAuthentication = false;
}; };
services.udev = { services.udev = {
@ -120,18 +116,6 @@
}; };
}; };
programs.ssh.extraConfig = ''
Host astora
HostName 192.168.156.101
Port 22
User nafaryus
Host catarina
HostName 192.168.156.102
Port 22
User nafaryus
'';
programs.direnv.enable = true; programs.direnv.enable = true;
fonts.packages = with pkgs; [ nerdfonts ]; fonts.packages = with pkgs; [ nerdfonts ];

8
nixosConfigurations/astora/hardware.nix
View File

@ -128,14 +128,6 @@
enable = true; enable = true;
allowedTCPPorts = [ 80 443 ]; allowedTCPPorts = [ 80 443 ];
}; };
interfaces.wlo1.ipv4.addresses = [ {
address = "192.168.156.101";
prefixLength = 24;
} ];
defaultGateway = "192.168.156.1";
nameservers = [ "192.168.156.1" "8.8.8.8" ];
}; };
# Common # Common

135
nixosConfigurations/catarina/default.nix
View File

@ -1,4 +1,4 @@
{ config, pkgs, lib, inputs, self, ... }: { config, pkgs, lib, inputs, ... }:
{ {
system.stateVersion = "23.11"; system.stateVersion = "23.11";
@ -28,9 +28,6 @@
hostPlatform = lib.mkDefault "x86_64-linux"; hostPlatform = lib.mkDefault "x86_64-linux";
config.allowUnfree = true; config.allowUnfree = true;
config.cudaSupport = false; config.cudaSupport = false;
config.packageOverrides = super: {
lego = self.packages.${pkgs.system}.lego;
};
}; };
# Services # Services
@ -42,10 +39,7 @@
videoDrivers = [ "nvidia" ]; videoDrivers = [ "nvidia" ];
displayManager.gdm = { displayManager.gdm.enable = true;
enable = true;
autoSuspend = false;
};
desktopManager.gnome.enable = true; desktopManager.gnome.enable = true;
windowManager.awesome.enable = true; windowManager.awesome.enable = true;
}; };
@ -62,7 +56,6 @@
services.openssh = { services.openssh = {
enable = true; enable = true;
startWhenNeeded = true; startWhenNeeded = true;
settings.PasswordAuthentication = false;
}; };
services.udev = { services.udev = {
@ -71,118 +64,6 @@
services.blueman.enable = true; services.blueman.enable = true;
services.fail2ban = {
enable = true;
maxretry = 5;
ignoreIP = [
"192.168.0.0/16"
];
bantime = "24h";
bantime-increment = {
enable = true;
multipliers = "1 2 4 8";
maxtime = "168h";
overalljails = true;
};
};
security.acme = {
acceptTerms = true;
defaults.email = "l.nafaryus@gmail.com";
defaults.group = "nginx";
certs = {
"elnafo.ru" = {
domain = "elnafo.ru";
extraDomainNames = [ "*.elnafo.ru" ];
dnsProvider = "webnames";
credentialsFile = "/var/lib/secrets/certs.secret";
group = "nginx";
webroot = null;
};
};
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedTlsSettings = true;
virtualHosts = {
"elnafo.ru" = {
forceSSL = true;
enableACME = true;
root = "/var/www";
};
"www.elnafo.ru" = {
forceSSL = true;
useACMEHost = "elnafo.ru";
globalRedirect = "elnafo.ru";
};
"vcs.elnafo.ru" = {
forceSSL = true;
useACMEHost = "elnafo.ru";
locations."/".proxyPass = "http://127.0.0.1:3001";
};
};
};
services.postgresql = {
enable = true;
authentication = ''
# Type Database DB-User Auth-Method Ident-Map(optional)
local gitea all ident map=gitea-users
'';
identMap = ''
# MapName System-User DB-User
gitea-users gitea gitea
'';
ensureDatabases = [ "gitea" ];
};
services.gitea = {
enable = true;
settings = {
server = {
DOMAIN = "vcs.elnafo.ru";
ROOT_URL = "https://vcs.elnafo.ru/";
HTTP_ADDRESS = "127.0.0.1";
HTTP_PORT = 3001;
};
session.COOKIE_SECURE = true;
mailer = {
ENABLED = true;
FROM = "gitea@elnafo.ru";
};
service.DISABLE_REGISTRATION = true;
other = {
SHOW_FOOTER_VERSION = false;
SHOW_FOOTER_TEMPLATE_LOAD_TIME = false;
};
};
database = {
type = "postgres";
passwordFile = "/var/lib/secrets/gitea/gitea-dbpassword";
name = "gitea";
user = "gitea";
};
lfs.enable = true;
appName = "Elnafo VCS";
};
services.spoofdpi.enable = true; services.spoofdpi.enable = true;
# Packages # Packages
@ -230,18 +111,6 @@
}; };
}; };
programs.ssh.extraConfig = ''
Host astora
HostName 192.168.156.101
Port 22
User nafaryus
Host catarina
HostName 192.168.156.102
Port 22
User nafaryus
'';
programs.direnv.enable = true; programs.direnv.enable = true;
fonts.packages = with pkgs; [ nerdfonts ]; fonts.packages = with pkgs; [ nerdfonts ];

13
nixosConfigurations/catarina/hardware.nix
View File

@ -59,6 +59,7 @@
# Security # Security
security = { security = {
protectKernelImage = true; protectKernelImage = true;
acme.acceptTerms = true;
sudo.extraConfig = ''Defaults timestamp_timeout=30''; sudo.extraConfig = ''Defaults timestamp_timeout=30'';
rtkit.enable = true; rtkit.enable = true;
}; };
@ -109,20 +110,10 @@
firewall = { firewall = {
enable = true; enable = true;
allowedTCPPorts = [ 80 443 3001 ]; allowedTCPPorts = [ 80 443 ];
}; };
interfaces.enp9s0.ipv4.addresses = [ {
address = "192.168.156.102";
prefixLength = 24;
} ];
defaultGateway = "192.168.156.1";
nameservers = [ "192.168.156.1" "8.8.8.8" ];
}; };
services.logind.lidSwitchExternalPower = "ignore";
# Common # Common
time.timeZone = "Asia/Yekaterinburg"; time.timeZone = "Asia/Yekaterinburg";

2
nixosConfigurations/catarina/users.nix
View File

@ -10,6 +10,4 @@
initialPassword = "nixos"; initialPassword = "nixos";
shell = pkgs.fish; shell = pkgs.fish;
}; };
users.users.nginx.extraGroups = [ "acme" ];
} }

2
packages/default.nix
View File

@ -16,6 +16,4 @@ in forAllSystems(system: let pkgs = nixpkgsFor.${system}; in {
openfoam = pkgs.callPackage ./openfoam {}; openfoam = pkgs.callPackage ./openfoam {};
spoofdpi = pkgs.callPackage ./spoofdpi {}; spoofdpi = pkgs.callPackage ./spoofdpi {};
lego = pkgs.callPackage ./lego {};
}) })

37
packages/lego/default.nix
View File

@ -1,37 +0,0 @@
{
lib,
fetchFromGitHub, buildGoModule, nixosTests,
version ? "c847ac4a4c55d6a5a457f6ef494cf45a47299e01",
hash ? "sha256-g9OxhM+iNUrAZgM1we8qPsismPy5a0eN654tSYuM/No=",
vendorHash ? "sha256-wG0x86lptEY3x+7kVN7v1XZniliMOxaJ6Y95YS6ivJY=", ...
}:
buildGoModule rec {
pname = "lego";
inherit version;
src = fetchFromGitHub {
owner = "go-acme";
repo = "lego";
rev = version;
hash = hash;
};
inherit vendorHash;
doCheck = false;
subPackages = [ "cmd/lego" ];
ldflags = [
"-X main.version=${version}"
];
meta = with lib; {
description = "Let's Encrypt client and ACME library written in Go";
license = licenses.mit;
homepage = "https://go-acme.github.io/lego/";
maintainers = [];
};
passthru.tests.lego = nixosTests.acme;
}