diff --git a/.forgejo/workflows/build.yaml b/.forgejo/workflows/build.yaml index ee456fc..213dd15 100644 --- a/.forgejo/workflows/build.yaml +++ b/.forgejo/workflows/build.yaml @@ -8,7 +8,7 @@ jobs: - uses: actions/checkout@v4 name: Checkout repository - name: Attic login - run: attic login nixfleet http://sisko.wg.aciceri.dev:8081 ${{secrets.ATTIC_NIXFLEET_TOKEN}} + run: attic login nixfleet http://10.100.0.1:8081 ${{secrets.ATTIC_NIXFLEET_TOKEN}} - name: Build with nix run: nix-fast-build --no-nom --systems "x86_64-linux aarch64-linux" --attic-cache "nixfleet" --skip-cached --result-file result.json || true - name: Report checks diff --git a/flake.lock b/flake.lock index fe760a5..d261e83 100644 --- a/flake.lock +++ b/flake.lock @@ -26,11 +26,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1742098205, - "narHash": "sha256-gCkVTohFTyq/Pi3dlUhv1uA5Kqbalf45nLmUDRluULE=", + "lastModified": 1741914590, + "narHash": "sha256-R8Bxh/AMD6nvmQrC43DkUkuwDmTWlyvNAzJ0Riq5w5U=", "owner": "catppuccin", "repo": "nix", - "rev": "d84df59c7aa29cebaff9f190d19c24e7ddacd773", + "rev": "1e3fe44bc13809f62c2ef0aa864a304a6c8ebea4", "type": "github" }, "original": { @@ -122,11 +122,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1742113225, - "narHash": "sha256-tUor57FbLwwy+duUbjq8Ff0TyayK1i50rUbXBfdgfuM=", + "lastModified": 1741945480, + "narHash": "sha256-D80QGijmeVxm/4fJVd53dP8MHCLcn+JjtgniaGKIXvg=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "7e13aa507d714371e6ff70a91d76dcb339311773", + "rev": "5d6c484290f0754ce745ea6f7e2b7d037bdc7b76", "type": "github" }, "original": { @@ -282,11 +282,11 @@ ] }, "locked": { - "lastModified": 1742058297, - "narHash": "sha256-b4SZc6TkKw8WQQssbN5O2DaCEzmFfvSTPYHlx/SFW9Y=", + "lastModified": 1741379162, + "narHash": "sha256-srpAbmJapkaqGRE3ytf3bj4XshspVR5964OX5LfjDWc=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "59f17850021620cd348ad2e9c0c64f4e6325ce2a", + "rev": "b5a62751225b2f62ff3147d0a334055ebadcd5cc", "type": "github" }, "original": { @@ -464,11 +464,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1742087036, - "narHash": "sha256-oiVgpmK9bZe7lvf7JRc7jAW4fotEuW9d/3e9LJMk8mU=", + "lastModified": 1741957871, + "narHash": "sha256-BSim3favVai9y7eMaFWNNDbIJ0mdRp5TMcJvHWdjC1s=", "ref": "refs/heads/main", - "rev": "29732f19a2a9e0d9e7a5bad953c4fad6f719c50e", - "revCount": 17654, + "rev": "af15a446ea88a2244e3c5a50eab776c33ab3bd80", + "revCount": 17649, "type": "git", "url": "https://git@git.lix.systems/lix-project/lix" }, @@ -663,11 +663,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1741851582, - "narHash": "sha256-cPfs8qMccim2RBgtKGF+x9IBCduRvd/N5F4nYpU0TVE=", + "lastModified": 1741246872, + "narHash": "sha256-Q6pMP4a9ed636qilcYX8XUguvKl/0/LGXhHcRI91p0U=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6607cf789e541e7873d40d3a8f7815ea92204f32", + "rev": "10069ef4cf863633f57238f179a0297de84bd8d3", "type": "github" }, "original": { diff --git a/hmModules/niri/default.nix b/hmModules/niri/default.nix index 528f7e1..8e0baf1 100644 --- a/hmModules/niri/default.nix +++ b/hmModules/niri/default.nix @@ -14,8 +14,8 @@ let cols = "150"; }; floating-btop = { - rows = "60"; - cols = "210"; + rows = "210"; + cols = "60"; }; }; kirk = { @@ -38,7 +38,7 @@ let run-floating-btop = with niriVars.floating-btop; pkgs.writeScriptBin "run-floating-btop" '' - foot --title='bTop' -W ${cols}x${rows} btop + foot --title='bTop' -W ${rows}x${cols} btop ''; in { diff --git a/hmModules/shell/default.nix b/hmModules/shell/default.nix index 17ac2bb..1d68741 100644 --- a/hmModules/shell/default.nix +++ b/hmModules/shell/default.nix @@ -64,7 +64,7 @@ }; auto_sync = true; sync_frequency = "5m"; - sync_address = "http://sisko.wg.aciceri.dev:8889"; + sync_address = "http://sisko.fleet:8889"; search_mode = "fuzzy"; style = "compact"; }; diff --git a/hosts/sisko/default.nix b/hosts/sisko/default.nix index 9b9df03..3d5293b 100644 --- a/hosts/sisko/default.nix +++ b/hosts/sisko/default.nix @@ -32,7 +32,6 @@ "matrix" "radarr" "zerotier" - "mosh" ] ++ [ ./disko.nix diff --git a/modules/cloudflare-dyndns/default.nix b/modules/cloudflare-dyndns/default.nix index c0f7bff..5538150 100644 --- a/modules/cloudflare-dyndns/default.nix +++ b/modules/cloudflare-dyndns/default.nix @@ -11,7 +11,6 @@ "photos.aciceri.dev" "jelly.aciceri.dev" "matrix.aciceri.dev" - "vpn.aciceri.dev" ]; apiTokenFile = config.age.secrets.cloudflare-dyndns-api-token.path; }; diff --git a/modules/home-assistant/default.nix b/modules/home-assistant/default.nix index 086e8e7..9da252d 100644 --- a/modules/home-assistant/default.nix +++ b/modules/home-assistant/default.nix @@ -80,6 +80,7 @@ in time_zone = "Europe/Rome"; temperature_unit = "C"; external_url = "https://home.aciceri.dev"; + internal_url = "http://rock5b.fleet:8123"; }; logger.default = "WARNING"; wake_on_lan = { }; @@ -88,7 +89,7 @@ in name = "Picard"; platform = "wake_on_lan"; mac = "74:56:3c:37:17:bd"; # this shouldn't be public - host = "picard.wg.aciceri.dev"; + host = "picard.fleet"; turn_off.service = "shell_command.turn_off_picard"; } ]; diff --git a/modules/mount-sisko/default.nix b/modules/mount-sisko/default.nix index 5233772..cd9d1d0 100644 --- a/modules/mount-sisko/default.nix +++ b/modules/mount-sisko/default.nix @@ -16,7 +16,7 @@ }; fileSystems."/mnt/nas" = { - device = "sisko.wg.aciceri.dev:/hd"; + device = "sisko.fleet:/hd"; fsType = "nfs"; options = [ "x-systemd.automount" diff --git a/modules/nginx-base/default.nix b/modules/nginx-base/default.nix index 5068162..f201630 100644 --- a/modules/nginx-base/default.nix +++ b/modules/nginx-base/default.nix @@ -12,6 +12,7 @@ "*.sisko.wg.aciceri.dev" ]; dnsProvider = "cloudflare"; + # dnsResolver = "1.1.1.1:53"; dnsPropagationCheck = true; group = config.services.nginx.group; environmentFile = config.age.secrets.cloudflare-dyndns-api-token.path; diff --git a/modules/nix/default.nix b/modules/nix/default.nix index 1b2258d..c6edb78 100644 --- a/modules/nix/default.nix +++ b/modules/nix/default.nix @@ -81,7 +81,7 @@ distributedBuilds = true; buildMachines = lib.lists.optional (config.networking.hostName == "picard") { - hostName = "sisko.wg.aciceri.dev"; + hostName = "sisko.fleet"; system = "aarch64-linux"; maxJobs = 7; supportedFeatures = [ diff --git a/modules/prometheus/default.nix b/modules/prometheus/default.nix index 5636fe6..382d4e8 100644 --- a/modules/prometheus/default.nix +++ b/modules/prometheus/default.nix @@ -8,11 +8,11 @@ in pushgateway = { enable = true; web = { - listen-address = "sisko.wg.aciceri.dev:9094"; + listen-address = "sisko.fleet:9094"; }; }; checkConfig = false; # Otherwise it will fail because it cannot access bearer_token_file - webExternalUrl = "https://status.wg.aciceri.dev"; + webExternalUrl = "https://status.aciceri.dev"; globalConfig.scrape_interval = "10s"; scrapeConfigs = [ { @@ -22,7 +22,7 @@ in static_configs = [ { targets = [ - "sisko.wg.aciceri.dev:${builtins.toString config.services.home-assistant.config.http.server_port}" + "sisko.fleet:${builtins.toString config.services.home-assistant.config.http.server_port}" ]; } ]; @@ -39,7 +39,7 @@ in job_name = "node"; static_configs = [ { - targets = builtins.map (host: "${host}.wg.aciceri.dev:9100") [ + targets = builtins.map (host: "${host}.fleet:9100") [ "sisko" "picard" "kirk" @@ -51,7 +51,7 @@ in job_name = "wireguard"; static_configs = [ { - targets = builtins.map (host: "${host}.wg.aciceri.dev:9586") [ + targets = builtins.map (host: "${host}.fleet:9586") [ "picard" "kirk" ]; @@ -62,7 +62,7 @@ in job_name = "zfs"; static_configs = [ { - targets = builtins.map (host: "${host}.wg.aciceri.dev:9134") [ + targets = builtins.map (host: "${host}.fleet:9134") [ "picard" "kirk" ]; @@ -73,7 +73,7 @@ in job_name = "restic"; static_configs = [ { - targets = builtins.map (host: "${host}.wg.aciceri.dev:9753") [ "sisko" ]; + targets = builtins.map (host: "${host}.fleet:9753") [ "sisko" ]; } ]; } @@ -81,7 +81,7 @@ in job_name = "postgres"; static_configs = [ { - targets = builtins.map (host: "${host}.wg.aciceri.dev:9187") [ "sisko" ]; + targets = builtins.map (host: "${host}.fleet:9187") [ "sisko" ]; } ]; } @@ -89,7 +89,7 @@ in job_name = "nginx"; static_configs = [ { - targets = builtins.map (host: "${host}.wg.aciceri.dev:9117") [ "sisko" ]; + targets = builtins.map (host: "${host}.fleet:9117") [ "sisko" ]; } ]; } @@ -97,7 +97,7 @@ in job_name = "smartctl"; static_configs = [ { - targets = builtins.map (host: "${host}.wg.aciceri.dev:9633") [ + targets = builtins.map (host: "${host}.fleet:9633") [ "sisko" "kirk" "picard" diff --git a/modules/promtail/default.nix b/modules/promtail/default.nix index e86afeb..f2ab2ef 100644 --- a/modules/promtail/default.nix +++ b/modules/promtail/default.nix @@ -12,7 +12,7 @@ let }; clients = [ { - url = "http://sisko.wg.aciceri.dev:${ + url = "http://sisko.fleet:${ builtins.toString config.services.loki.configuration.server.http_listen_port or 3100 }/loki/api/v1/push"; } diff --git a/modules/syncthing/default.nix b/modules/syncthing/default.nix index 4dacf98..2b2d607 100644 --- a/modules/syncthing/default.nix +++ b/modules/syncthing/default.nix @@ -3,7 +3,7 @@ services = { syncthing = { enable = true; - guiAddress = "${config.networking.hostName}.wg.aciceri.dev:8434"; + guiAddress = "${config.networking.hostName}.fleet:8434"; # TODO Use the home-manager module instead of the following conditions user = if config.networking.hostName == "sisko" then "syncthing" else "ccr"; dataDir = if config.networking.hostName == "sisko" then "/mnt/hd/syncthing" else "/home/ccr"; @@ -16,25 +16,25 @@ picard = { id = "XKSCJ46-EM6GIZ7-6ABQTZZ-ZRVWVFM-MJ3QNVG-F5EWHY5-ZUNYVSL-DA77YAG"; addresses = [ - "tcp://picard.wg.aciceri.dev" + "tcp://picard.fleet" ]; }; sisko = { id = "QE6V7PR-VHMAHHS-GHD4ZI3-IBB7FEM-M6EQZBX-YFCWDAK-YCYL6VO-NNRMXQK"; addresses = [ - "tcp://sisko.wg.aciceri.dev" + "tcp://sisko.fleet" ]; }; kirk = { id = "OVPXSCE-XFKCBJ2-A4SKJRI-DYBZ6CV-U2OFNA2-ALHOPW5-PPMHOIQ-5TG2HAJ"; addresses = [ - "tcp://kirk.wg.aciceri.dev" + "tcp://kirk.fleet" ]; }; oneplus8t = { id = "KMB2YRF-DGTWU24-SLITU23-5TN7BMQ-6PFAQQZ-CZ7J2QL-PIGVBTU-VRFRMQV"; addresses = [ - "tcp://oneplus8t.wg.aciceri.dev" + "tcp://oneplus8t.fleet" ]; }; }; diff --git a/modules/wireguard-common/default.nix b/modules/wireguard-common/default.nix index e67cf81..ad50ad8 100644 --- a/modules/wireguard-common/default.nix +++ b/modules/wireguard-common/default.nix @@ -24,4 +24,9 @@ privateKeyFile = config.age.secrets."${config.networking.hostName}-wireguard-private-key".path; listenPort = 51820; }; + + networking.hosts = lib.mapAttrs' (hostname: vpnConfig: { + name = vpnConfig.ip; + value = [ "${hostname}.fleet" ]; + }) vpn; } diff --git a/modules/zerotier/default.nix b/modules/zerotier/default.nix index 0b5a552..febcee3 100644 --- a/modules/zerotier/default.nix +++ b/modules/zerotier/default.nix @@ -1,16 +1,6 @@ -{ config, lib, ... }: { services.zerotierone = { enable = true; joinNetworks = [ "632ea29085af0cb4" ]; }; - environment = - if (config.networking.hostName == "sisko") then - { - persistence."/persist".directories = [ - "/var/lib/zerotier-one" - ]; - } - else - { }; } diff --git a/packages/deploy/deploy.sh b/packages/deploy/deploy.sh index 8823453..9e9715b 100644 --- a/packages/deploy/deploy.sh +++ b/packages/deploy/deploy.sh @@ -2,8 +2,8 @@ host=${1-picard} nixos-rebuild switch \ --flake ".#${host}" \ - --target-host "root@${host}.wg.aciceri.dev" \ - --build-host "root@${host}.wg.aciceri.dev" \ + --target-host "root@${host}.fleet" \ + --build-host "root@${host}.fleet" \ --option warn-dirty false \ --fast \ "${@:2}"