aciceri/nixfleet
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Compare commits

base: aciceri:389eb3d497556f8b3f56a6bec861c726420975f0
Branches Tags
aciceri:master
aciceri:update-flake-lock
aciceri:aaa
aciceri:wip
aciceri:test
...
compare: aciceri:54d97e55d9f97da9ffa50ab660fd8dab62189e5f
Branches Tags
aciceri:update-flake-lock
aciceri:master
aciceri:aaa
aciceri:wip
aciceri:test

15 commits
389eb3d497 ... 54d97e55d9

Author SHA1 Message Date
Andrea Ciceri
54d97e55d9
CI script to report checks to forgejo
Some checks failed
EVAL x86_64-linux.picard
Details
BUILD x86_64-linux.picard
Details
UPLOAD x86_64-linux.picard
Details
DOWNLOAD x86_64-linux.picard
Details
CACHIX x86_64-linux.picard
Details
ATTIC x86_64-linux.picard
Details
/ test (push) Successful in 2m2s
Details
2024-11-29 11:21:00 +01:00
Andrea Ciceri
45a78e44b4
Use home assistant local tuya integrations 2024-11-29 11:20:41 +01:00
Andrea Ciceri
4da58e8adc
Update garmin-connect home assistant integration 2024-11-29 11:20:28 +01:00
Andrea Ciceri
96bca1f669
Catpuccin theme for forgejo 2024-11-29 11:20:08 +01:00
Andrea Ciceri
d7000927a3
Enable chirp on picard 2024-11-29 11:19:47 +01:00
Andrea Ciceri
f4feb18c9a
Add vundo, pulsar and aggressive-indent emacs packages 2024-11-29 11:19:15 +01:00
Andrea Ciceri
49f2ada271
Persist adguard-home state 2024-11-29 11:18:55 +01:00
Andrea Ciceri
a121569f84
Do not use gpg for ssh keys anymore 2024-11-29 11:18:32 +01:00
Andrea Ciceri
da236805f5
Add chirp home-manager module 2024-11-29 11:17:35 +01:00
Andrea Ciceri
6efc109f1c
Format 2024-11-29 11:16:06 +01:00
Andrea Ciceri
ff2c16e55e
Enable aggressive-indent for lisps 2024-11-29 11:14:45 +01:00
Andrea Ciceri
5938a873b3
Try orderless partial-completion for files 2024-11-29 11:14:28 +01:00
Andrea Ciceri
b676b70273
Try vundo 2024-11-29 11:14:17 +01:00
Andrea Ciceri
1bbd87d36e
Try consult-focus-lines 2024-11-29 11:13:44 +01:00
Andrea Ciceri
d6d6498ee9
Enable pulsar on Emacs 2024-11-29 11:12:57 +01:00
14 changed files with 213 additions and 141 deletions
Show stats Expand all files Collapse all files

8
hmModules/chirp/default.nix Normal file
View file

@ -0,0 +1,8 @@
{ pkgs, ... }:
let
in
# nixpkgs = builtins.getFlake "github:NixOS/nixpkgs/932fc16b263f26803d3960e4400bc13dde84a972";
# chirp = nixpkgs.legacyPackages.${pkgs.system}.chirp;
{
home.packages = [ pkgs.chirp ];
}

38
hmModules/emacs/init.el
View file

@ -123,9 +123,20 @@
(use-package rainbow-delimiters
:hook (prog-mode . rainbow-delimiters-mode))
(use-package pulsar
:after (consult imenu)
:config
(pulsar-global-mode)
;; TODO use :hook (I've tried but it didn't work, why?)
(add-hook 'consult-after-jump-hook #'pulsar-recenter-top)
(add-hook 'consult-after-jump-hook #'pulsar-reveal-entry)
(add-hook 'imenu-after-jump-hook #'pulsar-recenter-top)
(add-hook 'imenu-after-jump-hook #'pulsar-reveal-entry)
(add-hook 'next-error-hook #'pulsar-pulse-line)
)
(use-package clipetty
:delight
:ensure t
:hook (after-init . global-clipetty-mode))
(use-package nerd-icons)
@ -263,7 +274,7 @@
'("s" . meow-kill)
'("t" . meow-till)
'("u" . meow-undo)
'("U" . meow-undo-in-selection)
'("U" . vundo)
'("/" . meow-visit)
'("v" . meow-visit)
'("w" . meow-mark-word)
@ -378,7 +389,8 @@
("C-c F" . consult-ripgrep)
("C-c f" . consult-find)
("C-c l" . consult-line)
("C-c m" . wconsult-mark)
("C-c L" . consult-focus-lines)
("C-c m" . consult-mark)
("C-c o o" . consult-outline)
("C-c e" . consult-flymake))
:custom
@ -387,7 +399,8 @@
(use-package orderless
:custom
(completion-styles '(orderless)))
(completion-styles '(orderless basic))
(completion-category-overrides '((file (styles basic partial-completion)))))
(use-package embark
:bind (("C-'" . embark-act)
@ -550,6 +563,10 @@
:hook ((lisp-mode . enable-paredit-mode)
(emacs-lisp-mode . enable-paredit-mode)))
(use-package aggressive-indent
:hook ((lisp-mode . aggressive-indent-mode)
(emacs-lisp-mode . aggressive-indent-mode)))
(use-package eldoc
:delight)
@ -652,17 +669,18 @@
(use-package popper
:custom
(popper-reference-buffers '("\*Messages\*"
(popper-reference-buffers
'("\*Messages\*"
"Output\*$"
"\\*Async Shell Command\\*"
(completion-list-mode . hide)
help-mode
compilation-mode
"^\\*Nix-REPL*\\*$" nix-repl-mode ;eshell as a popup
"^\\*.+-eshell.*\\*$" eshell-mode ;eshell as a popup
"^\\*shell.*\\*$" shell-mode ;shell as a popup
"^\\*term.*\\*$" term-mode ;term as a popup
"^\\*eat.*\\*$" eat-mode ;eat as a popup
"^\\*Nix-REPL*\\*$" nix-repl-mode
"^\\*.+-eshell.*\\*$" eshell-mode
"^\\*shell.*\\*$" shell-mode
"^\\*term.*\\*$" term-mode
"^\\*eat.*\\*$" eat-mode
))
(popper-window-height 0.33)
(popper-echo-lines 1)

1
hmModules/gpg/default.nix
View file

@ -3,7 +3,6 @@
services.gpg-agent = {
enable = true;
enableSshSupport = true;
sshKeys = [ "CE2FD0D9BECBD8876811714925066CC257413416" ];
extraConfig =
let
pinentryRofi = pkgs.writeShellApplication {

1
hosts/janeway/default.nix
View file

@ -46,7 +46,6 @@ in
$DRY_RUN_CMD echo ${hosts.sisko} >> "${config.user.home}/.ssh/authorized_keys"
$DRY_RUN_CMD echo ${hosts.kirk} >> "${config.user.home}/.ssh/authorized_keys"
$DRY_RUN_CMD echo ${users.ccr-ssh} >> "${config.user.home}/.ssh/authorized_keys"
$DRY_RUN_CMD echo ${users.ccr-gpg} >> "${config.user.home}/.ssh/authorized_keys"
if [[ ! -d "${sshdDirectory}" ]]; then
$DRY_RUN_CMD rm $VERBOSE_ARG --recursive --force "${sshdTmpDirectory}"

1
hosts/picard/default.nix
View file

@ -90,6 +90,7 @@
"libreoffice"
"emacs"
"vial"
"chirp"
];
extraGroups = [ ];
backupPaths = [ ];

1
lib/default.nix
View file

@ -1,7 +1,6 @@
{
keys = {
users = {
ccr-gpg = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5cEUx25pnZiH3eBrE2xNbJ92gJiKSznDUNRzcEL4ti6FlJm+75p4q0hgdqHwStR8+uCWBL6viVFCGutOVMFE5MX1Oc3A8fJdR6H9Rrwvk/1UQzqzc9tWxw1qPLKz+fnPDomjOvNofghCWQRwX3Xf1HnIqvRwELpNbR9i+/cHkDGzLJxkstbt4gol8ywMPkw02QdKk8s5MEd1vawxc+7Chs0JPW57RDqDYFErYys52JLeAViCBB9bofF+KT42LuRXKSjWlvCV9kR5TL49vUeBgzMQWMh++WQdN4m9lpqFqYyc75I49/E0HGf8LChDSS+hvRnb5MbtnVGjEA4WDHyldmJCvUNob5CUo4FjoSPRi+S/J3Ads8D4JVwaJOJEVqmMKEhiQ0Hzk4hwe3eV/VumlZj4U/QjaCrqqi4TW/iP0gNRfzcfiM+G/z5R7w1NMUpTX7oilyKjMQmGnXB857D3SSptS7dwh5OiKhVmrQMRCduooUsj236abqLU28K//RnxhOgh8kDGgoUHApnTiMZNKhgLiR42lKrubNcW1tAAqoNyFLMwwXeMLjh0iP1b5y8ntfNPNIcGb7vcwpS24z/aIjW7rQ4J7x5EBphHGhys6ne+irdhOM8c7kFr+c8+Q2oU0YAtFuMYztAFOHm1e20X00Zvys2nuee+hT9F1NungAQ== andrea.ciceri@autistici.org";
ccr-ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCzCmDCtlGscpesHuoiruVWD2IjYEFtaIl9Y2JZGiOAyf3V17KPx0MikcknfmxSHi399SxppiaXQHxo/1wjGxXkXNTTv6h1fBuqwhJE6C8+ZSV+gal81vEnXX+/9w2FQqtVgnG2/mO7oJ0e3FY+6kFpOsGEhYexoGt/UxIpAZoqIN+CWNhJIASUkneaZWtgwiL8Afb59kJQ2E7WbBu+PjYZ/s5lhPobhlkz6s8rkhItvYdiSHT0DPDKvp1oEbxsxd4E4cjJFbahyS8b089NJd9gF5gs0b74H/2lUUymnl63cV37Mp4iXB4rtE69MbjqsGEBKTPumLualmc8pOGBHqWIdhAqGdZQeBajcb6VK0E3hcU0wBB+GJgm7KUzlAHGdC3azY0KlHMrLaZN0pBrgCVR6zBNWtZz2B2qMBZ8Cw+K4vut8GuspdXZscID10U578GxQvJAB9CdxNUtrzSmKX2UtZPB1udWjjIAlejzba4MG73uXgQEdv0NcuHNwaLuCWxTUT5QQF18IwlJ23Mg8aPK8ojUW5A+kGHAu9wtgZVcX1nS5cmYKSgLzcP1LA1l9fTJ1vqBSuy38GTdUzfzz7AbnkRfGPj2ALDgyx17Rc5ommjc1k0gFoeIqiLaxEs5FzDcRyo7YvZXPsGeIqNCYwQWw3+U+yUEJby8bxGb2d/6YQ== andrea.ciceri@autistici.org";
oneplus8t = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO8da1Mf11vXFF0kVDgxocVoGwpHHMEs9emS9T+v8hLb oneplus8t";
hercules-ci-agent = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGPupm00BiveTIYF6CNwuMijF5VvEaPDMjvt+vMlAy+N hercules-ci-agent";

4
modules/adguard-home/default.nix
View file

@ -2,6 +2,7 @@
services.adguardhome = {
enable = true;
port = 3000;
mutableSettings = true;
settings = {
openFirewall = true;
};
@ -11,4 +12,7 @@
53
];
networking.firewall.allowedUDPPorts = [ 53 ];
environment.persistence."/persist".directories = [
"/var/lib/AdGuardHome"
];
}

2
modules/forgejo-runners/default.nix
View file

@ -3,6 +3,7 @@
config,
pkgs,
lib,
fleetFlake,
...
}:
let
@ -24,6 +25,7 @@ let
curl
tea
attic-client
fleetFlake.packages.${pkgs.system}.forgejo-report-checks
]
}; do
for bin in "$dir"/bin/*; do

39
modules/forgejo/default.nix
View file

@ -1,11 +1,35 @@
{
config,
pkgs,
lib,
...
}:
let
theme = pkgs.fetchzip {
url = "https://github.com/catppuccin/gitea/releases/download/v1.0.1/catppuccin-gitea.tar.gz";
hash = "sha256-et5luA3SI7iOcEIQ3CVIu0+eiLs8C/8mOitYlWQa/uI=";
stripRoot = false;
};
in
{
systemd.services = {
forgejo = {
preStart =
let
inherit (config.services.forgejo) stateDir;
in
lib.mkAfter ''
rm -rf ${stateDir}/custom/public/assets
mkdir -p ${stateDir}/custom/public/assets
ln -sf ${theme} ${stateDir}/custom/public/assets/css
'';
};
};
services.forgejo = {
# TODO migrate to Postgres
enable = true;
package = pkgs.forgejo;
settings = {
DEFAULT = {
RUN_MODE = "prod"; # set to prod for better logs (worse performance)
@ -18,6 +42,7 @@
HTTP_PORT = 3002;
ROOT_URL = "https://git.aciceri.dev";
};
federation.ENABLED = true;
mailer = {
ENABLED = true;
PROTOCOL = "smtp+starttls";
@ -29,6 +54,20 @@
other = {
SHOW_FOOTER_VERSION = false;
};
ui = {
DEFAULT_THEME = "catppuccin-mocha-blue";
THEMES = builtins.concatStringsSep "," (
[ "auto,forgejo-auto,forgejo-dark,forgejo-light,arc-gree,gitea" ]
++ (map (name: lib.removePrefix "theme-" (lib.removeSuffix ".css" name)) (
builtins.attrNames (builtins.readDir theme)
))
);
};
"ui.meta" = {
AUTHOR = "Andrea Ciceri";
DESCRIPTION = "My personal git forge";
KEYWORDS = "git,self-hosted,forgejo,open-source,nix,nixos";
};
};
secrets.mailer.PASSWD = config.age.secrets.autistici-password.path;
dump.enable = true;

8
modules/home-assistant/default.nix
View file

@ -13,8 +13,8 @@ let
garmin_connect = pkgs.fetchFromGitHub {
owner = "cyberjunky";
repo = "home-assistant-garmin_connect";
rev = "d42edcabc67ba6a7f960e849c8aaec1aabef87c0";
hash = "sha256-KqbP6TpH9B0/AjtsW5TcWSNgUhND+w8rO6X8fHqtsDI=";
rev = "e2deaed42b66c982b150ca9a9e543031ad51228c";
hash = "sha256-TtrcgLGnhNRBF1SqKMkPlEi/XEBUtDAnaWfzkh50+D8=";
};
in
{
@ -51,6 +51,10 @@ in
"wake_on_lan"
"prometheus"
];
customComponents = with pkgs.home-assistant-custom-components; [
tuya_local
localtuya
];
extraPackages =
python3Packages: with python3Packages; [
# used by pun_sensor

1
modules/ssh-initrd/default.nix
View file

@ -15,7 +15,6 @@
HostKey /ssh_initrd_host_ed25519_key
'';
authorizedKeys = with (import ../../lib).keys; [
users.ccr-gpg
users.ccr-ssh
hosts.sisko
];

3
packages/emacs/packages.nix
View file

@ -117,6 +117,7 @@ let
agenix
solidity-mode
telega
aggressive-indent
# org-re-reveal # FIXME very not nice hash mismatch when building
]
)
@ -126,6 +127,8 @@ let
ef-themes
indent-bars
ement
vundo
pulsar
])
++ (with nongnuPackages; [
eat

11
packages/forgejo-report-checks/forgejo-report-checks.py
View file

@ -6,16 +6,17 @@ from os import environ
client = AuthenticatedClient(base_url=environ["GITHUB_API_URL"], token=environ["GITHUB_TOKEN"])
print("hello")
with open('result.json', 'r') as file:
data = json.load(file)
print("Reporting statuses acording to the following result.json")
print(json.dumps(data, indent=2))
for result in data['results']:
attr = result['attr']
success = result['success']
type = result['type']
print(attr)
print(f"Report status success={success} for {type} {attr}")
response = repo_create_status.sync_detailed(
owner="aciceri",
repo="nixfleet",
@ -24,7 +25,9 @@ for result in data['results']:
body=CreateStatusOption(
context=type,
description=attr,
target_url="https://google.com",
target_url="https://git.aciceri.dev", # FIXME
state="success" if success else "failure" # ma be pending,success,failure,error_message
)
)
print("Done reporting statuses")

58
secrets/secrets.nix
View file

@ -6,7 +6,6 @@ with keys.users;
{
"cachix-personal-token.age".publicKeys = [
ccr-ssh
ccr-gpg
mothership
kirk
sisko
@ -15,90 +14,85 @@ with keys.users;
];
"magit-forge-github-token.age".publicKeys = [
ccr-ssh
ccr-gpg
mothership
kirk
];
"git-workspace-tokens.age".publicKeys = [
ccr-ssh
ccr-gpg
mothership
kirk
picard
];
"hydra-admin-password.age".publicKeys = [
ccr-ssh
ccr-gpg
mothership
];
"hydra-github-token.age".publicKeys = [
ccr-ssh
ccr-gpg
mothership
];
"cache-private-key.age".publicKeys = [
ccr-ssh
ccr-gpg
mothership
];
"autistici-password.age".publicKeys = [
ccr-ssh
ccr-gpg
kirk
picard
sisko
];
"hercules-ci-join-token.age".publicKeys = [
ccr-ssh
ccr-gpg
mothership
sisko
picard
];
"hercules-ci-binary-caches.age".publicKeys = [
ccr-ssh
ccr-gpg
mothership
sisko
picard
];
"hercules-ci-secrets-json.age".publicKeys = [
ccr-ssh
ccr-gpg
mothership
sisko
picard
];
"minio-credentials.age".publicKeys = [
ccr-ssh
ccr-gpg
picard
sisko
];
"aws-credentials.age".publicKeys = [
ccr-ssh
ccr-gpg
picard
sisko
];
"nextcloud-admin-pass.age".publicKeys = [
ccr-ssh
ccr-gpg
sisko
];
"home-planimetry.age".publicKeys = [
ccr-ssh
ccr-gpg
sisko
];
"home-assistant-token.age".publicKeys = [
ccr-ssh
ccr-gpg
sisko
];
"chatgpt-token.age".publicKeys = [
ccr-ssh
ccr-gpg
kirk
mothership
picard
@ -106,86 +100,86 @@ with keys.users;
];
"cloudflare-dyndns-api-token.age".publicKeys = [
ccr-ssh
ccr-gpg
sisko
];
"restic-hetzner-password.age".publicKeys = [
ccr-ssh
ccr-gpg
picard
sisko
kirk
];
"hass-ssh-key.age".publicKeys = [
ccr-ssh
ccr-gpg
sisko
];
"grafana-password.age".publicKeys = [
ccr-ssh
ccr-gpg
sisko
];
"matrix-registration-shared-secret.age".publicKeys = [
ccr-ssh
ccr-gpg
sisko
];
"matrix-sliding-sync-secret.age".publicKeys = [
ccr-ssh
ccr-gpg
sisko
];
"forgejo-runners-token.age".publicKeys = [
ccr-ssh
ccr-gpg
picard
];
"forgejo-nix-access-tokens.age".publicKeys = [
ccr-ssh
ccr-gpg
picard
];
"garmin-collector-environment.age".publicKeys = [
ccr-ssh
ccr-gpg
sisko
];
"hetzner-storage-box-sisko-ssh-password.age".publicKeys = [
ccr-ssh
ccr-gpg
sisko
];
"sisko-restic-password.age".publicKeys = [
ccr-ssh
ccr-gpg
sisko
];
"sisko-attic-environment-file.age".publicKeys = [
ccr-ssh
ccr-gpg
sisko
];
# WireGuard
"picard-wireguard-private-key.age".publicKeys = [
ccr-ssh
ccr-gpg
picard
];
"sisko-wireguard-private-key.age".publicKeys = [
ccr-ssh
ccr-gpg
sisko
];
"kirk-wireguard-private-key.age".publicKeys = [
ccr-ssh
ccr-gpg
kirk
];
"deltaflyer-wireguard-private-key.age".publicKeys = [
ccr-ssh
ccr-gpg
deltaflyer
];
}