0xa/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Compare commits

base: 0xa:bf83ce5fdf1e26b71e68288461331ff08be1a2af
Branches Tags
0xa:main
0xa:sway
0xa:conduwuit
0xa:NTWRKMNGR
..
compare: 0xa:20ac636eb8e5bfebc104d7a3653faa2a852fa3fd
Branches Tags
0xa:main
0xa:sway
0xa:conduwuit
0xa:NTWRKMNGR

4 commits
bf83ce5fdf ... 20ac636eb8

Author SHA1 Message Date
Grigory Shipunov
20ac636eb8 add forgejo microvm 2025-02-05 18:39:49 +01:00
Grigory Shipunov
9ebfe0c59b less microvm boilerplate 2025-02-05 18:39:11 +01:00
Grisha Shipunov
9842b2df1a wifi sleep seems to work again 2025-02-04 21:59:05 +01:00
Grisha Shipunov
6e1af4849c bump lock 2025-02-04 21:50:28 +01:00
4 changed files with 57 additions and 48 deletions
Show stats Expand all files Collapse all files

26
flake.lock generated
View file

@ -385,11 +385,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1738471961, "lastModified": 1738638143,
"narHash": "sha256-cgXDFrplNGs7bCVzXhRofjD8oJYqqXGcmUzXjHmip6Y=", "narHash": "sha256-ZYMe4c4OCtIUBn5hx15PEGr0+B1cNEpl2dsaLxwY2W0=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "537286c3c59b40311e5418a180b38034661d2536", "rev": "9bdd53f5908453e4d03f395eb1615c3e9a351f70",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -401,11 +401,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1738435198, "lastModified": 1738574474,
"narHash": "sha256-5+Hmo4nbqw8FrW85FlNm4IIrRnZ7bn0cmXlScNsNRLo=", "narHash": "sha256-rvyfF49e/k6vkrRTV4ILrWd92W+nmBDfRYZgctOyolQ=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "f6687779bf4c396250831aa5a32cbfeb85bb07a3", "rev": "fecfeb86328381268e29e998ddd3ebc70bbd7f7c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -445,11 +445,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1738410390, "lastModified": 1738546358,
"narHash": "sha256-xvTo0Aw0+veek7hvEVLzErmJyQkEcRk6PSR4zsRQFEc=", "narHash": "sha256-nLivjIygCiqLp5QcL7l56Tca/elVqM9FG1hGd9ZSsrg=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "3a228057f5b619feb3186e986dbe76278d707b6e", "rev": "c6e957d81b96751a3d5967a0fd73694f303cc914",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -701,11 +701,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1738526440, "lastModified": 1738536830,
"narHash": "sha256-pveA7FOO6Y4pTnVIyx3xLUHUpq9JW9FqEj8E0t+YIjQ=", "narHash": "sha256-3QbNcI9qJ0tKv00w0r2Amqf9pylHVolcTyEi30WZxY8=",
"ref": "main", "ref": "main",
"rev": "b1c65c444b21d1c8ddbefcfa339ac7861358d323", "rev": "6fd169aab3ce461fef6a1a4dcbb2ef643e12d9e6",
"revCount": 4, "revCount": 5,
"type": "git", "type": "git",
"url": "https://codeberg.org/0xa/website.git" "url": "https://codeberg.org/0xa/website.git"
}, },

31
hosts/cloud/proxy/git.nix
View file

@ -2,7 +2,9 @@
{ {
# ssh config for forgejo # ssh config for forgejo
# need ip forward for nat # need ip forward for nat
boot.kernel.sysctl = { "net.ipv4.ip_forward" = 1; }; boot.kernel.sysctl = {
"net.ipv4.ip_forward" = 1;
};
networking.firewall = { networking.firewall = {
# open port explicitly # open port explicitly
@ -18,19 +20,20 @@
''; '';
}; };
# host sshd: only listen on oxapentane.com and mgmt vpn # host sshd: only listen on oxapentane.com and mgmt vpn
services.openssh.listenAddresses = map (a : services.openssh.listenAddresses =
{ map
addr = a; (a: {
port = 22; addr = a;
}) [ port = 22;
# enp1s0 })
"188.245.196.27" [
"2a01:4f8:c17:7f8a::1" # enp1s0
# wg-0xa-mgmt "188.245.196.27"
"10.89.87.1" "2a01:4f8:c17:7f8a::1"
"fd31:185d:722e::1" # wg-0xa-mgmt
]; "10.89.87.1"
"fd31:185d:722e::1"
];
services.nginx.upstreams.forgejo = { services.nginx.upstreams.forgejo = {
servers = { servers = {

47
hosts/forgejo/forgejo.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
{ {
services.forgejo = { services.forgejo = {
enable = true; enable = true;
@ -27,8 +32,8 @@
SSH_LISTEN_PORT = 2222; SSH_LISTEN_PORT = 2222;
}; };
repository = { repository = {
DEFAULT_REPO_UNITS="repo.code,repo.releases,repo.issues,repo.pulls"; DEFAULT_REPO_UNITS = "repo.code,repo.releases,repo.issues,repo.pulls";
ENABLE_PUSH_CREATE_USER=true; ENABLE_PUSH_CREATE_USER = true;
}; };
service = { service = {
REGISTER_EMAIL_CONFIRM = false; REGISTER_EMAIL_CONFIRM = false;
@ -43,21 +48,23 @@
}; };
# expose forgejo cli # expose forgejo cli
environment.systemPackages = let environment.systemPackages =
cfg = config.services.forgejo; let
forgejo-cli = pkgs.writeScriptBin "forgejo-cli" '' cfg = config.services.forgejo;
#!${pkgs.runtimeShell} forgejo-cli = pkgs.writeScriptBin "forgejo-cli" ''
cd ${cfg.stateDir} #!${pkgs.runtimeShell}
sudo=exec cd ${cfg.stateDir}
if [[ "$USER" != forgejo ]]; then sudo=exec
sudo='exec /run/wrappers/bin/sudo -u ${cfg.user} -g ${cfg.group} --preserve-env=GITEA_WORK_DIR --preserve-env=GITEA_CUSTOM' if [[ "$USER" != forgejo ]]; then
fi sudo='exec /run/wrappers/bin/sudo -u ${cfg.user} -g ${cfg.group} --preserve-env=GITEA_WORK_DIR --preserve-env=GITEA_CUSTOM'
# Note that these variable names will change fi
export GITEA_WORK_DIR=${cfg.stateDir} # Note that these variable names will change
export GITEA_CUSTOM=${cfg.customDir} export GITEA_WORK_DIR=${cfg.stateDir}
$sudo ${lib.getExe cfg.package} "$@" export GITEA_CUSTOM=${cfg.customDir}
''; in [ $sudo ${lib.getExe cfg.package} "$@"
forgejo-cli '';
]; in
[
forgejo-cli
];
} }

1
modules/tlp.nix
View file

@ -9,7 +9,6 @@
USB_BLACKLIST = "1d50:604b 1d50:6089 1d50:cc15 1fc9:000c"; USB_BLACKLIST = "1d50:604b 1d50:6089 1d50:cc15 1fc9:000c";
CPU_SCALING_GOVERNOR_ON_AC = "performance"; CPU_SCALING_GOVERNOR_ON_AC = "performance";
CPU_SCALING_GOVERNOR_ON_BAT = "powersave"; CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
WIFI_PWR_ON_BAT = "off";
}; };
}; };
} }