dachxy/nix-conf
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: add self-hosted cache server

Browse source
This commit is contained in:
danny 2025-09-25 19:58:19 +08:00
parent 05bc6a185f
commit 69705431bf
16 changed files with 313 additions and 95 deletions
Download patch file Download diff file Expand all files Collapse all files

235
flake.lock generated
View file

@ -75,6 +75,31 @@
"type": "github" "type": "github"
} }
}, },
"attic": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"nix-github-actions": "nix-github-actions",
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1757683818,
"narHash": "sha256-q7q0pWT+wu5AUU1Qlbwq8Mqb+AzHKhaMCVUq/HNZfo8=",
"owner": "zhaofengli",
"repo": "attic",
"rev": "7c5d79ad62cda340cb8c80c99b921b7b7ffacf69",
"type": "github"
},
"original": {
"owner": "zhaofengli",
"repo": "attic",
"type": "github"
}
},
"base16": { "base16": {
"inputs": { "inputs": {
"fromYaml": "fromYaml" "fromYaml": "fromYaml"
@ -212,6 +237,21 @@
} }
}, },
"crane": { "crane": {
"locked": {
"lastModified": 1751562746,
"narHash": "sha256-smpugNIkmDeicNz301Ll1bD7nFOty97T79m4GUMUczA=",
"owner": "ipetkov",
"repo": "crane",
"rev": "aed2020fd3dc26e1e857d4107a5a67a33ab6c1fd",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"crane_2": {
"locked": { "locked": {
"lastModified": 1731098351, "lastModified": 1731098351,
"narHash": "sha256-HQkYvKvaLQqNa10KEFGgWHfMAbWBfFp+4cAgkut+NNE=", "narHash": "sha256-HQkYvKvaLQqNa10KEFGgWHfMAbWBfFp+4cAgkut+NNE=",
@ -248,7 +288,7 @@
}, },
"firefox": { "firefox": {
"inputs": { "inputs": {
"flake-compat": "flake-compat", "flake-compat": "flake-compat_2",
"lib-aggregate": "lib-aggregate", "lib-aggregate": "lib-aggregate",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
@ -285,21 +325,6 @@
} }
}, },
"flake-compat": { "flake-compat": {
"locked": {
"lastModified": 1746162366,
"narHash": "sha256-5SSSZ/oQkwfcAz/o/6TlejlVGqeK08wyREBQ5qFFPhM=",
"owner": "nix-community",
"repo": "flake-compat",
"rev": "0f158086a2ecdbb138cd0429410e44994f1b7e4b",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1747046372, "lastModified": 1747046372,
@ -315,6 +340,37 @@
"type": "github" "type": "github"
} }
}, },
"flake-compat_10": {
"flake": false,
"locked": {
"lastModified": 1747046372,
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"locked": {
"lastModified": 1746162366,
"narHash": "sha256-5SSSZ/oQkwfcAz/o/6TlejlVGqeK08wyREBQ5qFFPhM=",
"owner": "nix-community",
"repo": "flake-compat",
"rev": "0f158086a2ecdbb138cd0429410e44994f1b7e4b",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_3": { "flake-compat_3": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -334,11 +390,11 @@
"flake-compat_4": { "flake-compat_4": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1696426674, "lastModified": 1747046372,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
"owner": "edolstra", "owner": "edolstra",
"repo": "flake-compat", "repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -350,11 +406,11 @@
"flake-compat_5": { "flake-compat_5": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1747046372, "lastModified": 1696426674,
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra", "owner": "edolstra",
"repo": "flake-compat", "repo": "flake-compat",
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -396,22 +452,6 @@
} }
}, },
"flake-compat_8": { "flake-compat_8": {
"flake": false,
"locked": {
"lastModified": 1751685974,
"narHash": "sha256-NKw96t+BgHIYzHUjkTK95FqYRVKB8DHpVhefWSz/kTw=",
"ref": "refs/heads/main",
"rev": "549f2762aebeff29a2e5ece7a7dc0f955281a1d1",
"revCount": 92,
"type": "git",
"url": "https://git.lix.systems/lix-project/flake-compat.git"
},
"original": {
"type": "git",
"url": "https://git.lix.systems/lix-project/flake-compat.git"
}
},
"flake-compat_9": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1747046372, "lastModified": 1747046372,
@ -427,7 +467,44 @@
"type": "github" "type": "github"
} }
}, },
"flake-compat_9": {
"flake": false,
"locked": {
"lastModified": 1751685974,
"narHash": "sha256-NKw96t+BgHIYzHUjkTK95FqYRVKB8DHpVhefWSz/kTw=",
"ref": "refs/heads/main",
"rev": "549f2762aebeff29a2e5ece7a7dc0f955281a1d1",
"revCount": 92,
"type": "git",
"url": "https://git.lix.systems/lix-project/flake-compat.git"
},
"original": {
"type": "git",
"url": "https://git.lix.systems/lix-project/flake-compat.git"
}
},
"flake-parts": { "flake-parts": {
"inputs": {
"nixpkgs-lib": [
"attic",
"nixpkgs"
]
},
"locked": {
"lastModified": 1751413152,
"narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "77826244401ea9de6e3bac47c2db46005e1f30b5",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"lanzaboote", "lanzaboote",
@ -448,7 +525,7 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts_2": { "flake-parts_3": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"neovim-nightly-overlay", "neovim-nightly-overlay",
@ -469,7 +546,7 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts_3": { "flake-parts_4": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"neovim-nightly-overlay", "neovim-nightly-overlay",
@ -490,7 +567,7 @@
"type": "indirect" "type": "indirect"
} }
}, },
"flake-parts_4": { "flake-parts_5": {
"inputs": { "inputs": {
"nixpkgs-lib": "nixpkgs-lib_2" "nixpkgs-lib": "nixpkgs-lib_2"
}, },
@ -508,7 +585,7 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts_5": { "flake-parts_6": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"nvf", "nvf",
@ -529,7 +606,7 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts_6": { "flake-parts_7": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"stylix", "stylix",
@ -705,7 +782,7 @@
}, },
"ghostty": { "ghostty": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_2", "flake-compat": "flake-compat_3",
"flake-utils": "flake-utils_3", "flake-utils": "flake-utils_3",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
@ -729,7 +806,7 @@
}, },
"git-hooks": { "git-hooks": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_6", "flake-compat": "flake-compat_7",
"gitignore": "gitignore_3", "gitignore": "gitignore_3",
"nixpkgs": [ "nixpkgs": [
"neovim-nightly-overlay", "neovim-nightly-overlay",
@ -835,7 +912,7 @@
}, },
"hercules-ci-effects": { "hercules-ci-effects": {
"inputs": { "inputs": {
"flake-parts": "flake-parts_3", "flake-parts": "flake-parts_4",
"nixpkgs": [ "nixpkgs": [
"neovim-nightly-overlay", "neovim-nightly-overlay",
"nixpkgs" "nixpkgs"
@ -1373,7 +1450,7 @@
}, },
"jovian": { "jovian": {
"inputs": { "inputs": {
"nix-github-actions": "nix-github-actions", "nix-github-actions": "nix-github-actions_2",
"nixpkgs": [ "nixpkgs": [
"chaotic", "chaotic",
"nixpkgs" "nixpkgs"
@ -1395,9 +1472,9 @@
}, },
"lanzaboote": { "lanzaboote": {
"inputs": { "inputs": {
"crane": "crane", "crane": "crane_2",
"flake-compat": "flake-compat_4", "flake-compat": "flake-compat_5",
"flake-parts": "flake-parts", "flake-parts": "flake-parts_2",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
@ -1493,8 +1570,8 @@
}, },
"neovim-nightly-overlay": { "neovim-nightly-overlay": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_5", "flake-compat": "flake-compat_6",
"flake-parts": "flake-parts_2", "flake-parts": "flake-parts_3",
"git-hooks": "git-hooks", "git-hooks": "git-hooks",
"hercules-ci-effects": "hercules-ci-effects", "hercules-ci-effects": "hercules-ci-effects",
"neovim-src": "neovim-src", "neovim-src": "neovim-src",
@ -1532,6 +1609,27 @@
} }
}, },
"nix-github-actions": { "nix-github-actions": {
"inputs": {
"nixpkgs": [
"attic",
"nixpkgs"
]
},
"locked": {
"lastModified": 1737420293,
"narHash": "sha256-F1G5ifvqTpJq7fdkT34e/Jy9VCyzd5XfJ9TO8fHhJWE=",
"owner": "nix-community",
"repo": "nix-github-actions",
"rev": "f4158fa080ef4503c8f4c820967d946c2af31ec9",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-github-actions",
"type": "github"
}
},
"nix-github-actions_2": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"chaotic", "chaotic",
@ -1576,7 +1674,7 @@
}, },
"nix-minecraft": { "nix-minecraft": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_7", "flake-compat": "flake-compat_8",
"flake-utils": "flake-utils_5", "flake-utils": "flake-utils_5",
"nixpkgs": "nixpkgs_5" "nixpkgs": "nixpkgs_5"
}, },
@ -1614,7 +1712,7 @@
}, },
"nixd": { "nixd": {
"inputs": { "inputs": {
"flake-parts": "flake-parts_4", "flake-parts": "flake-parts_5",
"flake-root": "flake-root", "flake-root": "flake-root",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
@ -1679,6 +1777,22 @@
} }
}, },
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": {
"lastModified": 1751741127,
"narHash": "sha256-t75Shs76NgxjZSgvvZZ9qOmz5zuBE8buUaYD28BMTxg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "29e290002bfff26af1db6f64d070698019460302",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable_2": {
"locked": { "locked": {
"lastModified": 1730741070, "lastModified": 1730741070,
"narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=", "narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=",
@ -1878,8 +1992,8 @@
}, },
"nvf": { "nvf": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_8", "flake-compat": "flake-compat_9",
"flake-parts": "flake-parts_5", "flake-parts": "flake-parts_6",
"mnw": "mnw", "mnw": "mnw",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
@ -1902,7 +2016,7 @@
}, },
"pre-commit-hooks": { "pre-commit-hooks": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_3", "flake-compat": "flake-compat_4",
"gitignore": "gitignore", "gitignore": "gitignore",
"nixpkgs": [ "nixpkgs": [
"hyprland", "hyprland",
@ -1934,7 +2048,7 @@
"lanzaboote", "lanzaboote",
"nixpkgs" "nixpkgs"
], ],
"nixpkgs-stable": "nixpkgs-stable" "nixpkgs-stable": "nixpkgs-stable_2"
}, },
"locked": { "locked": {
"lastModified": 1731363552, "lastModified": 1731363552,
@ -1975,6 +2089,7 @@
"inputs": { "inputs": {
"Hyprspace": "Hyprspace", "Hyprspace": "Hyprspace",
"actual-budget-api": "actual-budget-api", "actual-budget-api": "actual-budget-api",
"attic": "attic",
"caelestia-shell": "caelestia-shell", "caelestia-shell": "caelestia-shell",
"chaotic": "chaotic", "chaotic": "chaotic",
"disko": "disko", "disko": "disko",
@ -2128,7 +2243,7 @@
"base16-helix": "base16-helix", "base16-helix": "base16-helix",
"base16-vim": "base16-vim", "base16-vim": "base16-vim",
"firefox-gnome-theme": "firefox-gnome-theme", "firefox-gnome-theme": "firefox-gnome-theme",
"flake-parts": "flake-parts_6", "flake-parts": "flake-parts_7",
"gnome-shell": "gnome-shell", "gnome-shell": "gnome-shell",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
@ -2157,7 +2272,7 @@
}, },
"swww": { "swww": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_9", "flake-compat": "flake-compat_10",
"nixpkgs": "nixpkgs_9", "nixpkgs": "nixpkgs_9",
"rust-overlay": "rust-overlay_3" "rust-overlay": "rust-overlay_3"
}, },

9
flake.nix
View file

@ -129,6 +129,11 @@
flake = false; flake = false;
}; };
# ======================== # # ======================== #
attic = {
url = "github:zhaofengli/attic";
inputs.nixpkgs.follows = "nixpkgs";
};
}; };
outputs = outputs =
@ -161,6 +166,7 @@
inputs.chaotic.nixosModules.default inputs.chaotic.nixosModules.default
inputs.actual-budget-api.nixosModules.default inputs.actual-budget-api.nixosModules.default
inputs.stylix.nixosModules.stylix inputs.stylix.nixosModules.stylix
inputs.attic.nixosModules.atticd
]; ];
args = { args = {
inherit inherit
@ -294,6 +300,9 @@
nixpkgs.lib.nixosSystem { nixpkgs.lib.nixosSystem {
modules = [ modules = [
{ {
environment.systemPackages = [
inputs.attic.packages.${system}.attic
];
system.stateVersion = nix-version; system.stateVersion = nix-version;
home-manager = { home-manager = {
backupFileExtension = "backup-hm"; backupFileExtension = "backup-hm";

10
home/scripts/remoteRebuild.nix Normal file
View file

@ -0,0 +1,10 @@
{ pkgs, ... }:
pkgs.writeShellScriptBin "rRebuild" ''
TARGET=$1
BUILD=$2
shift
shift
nixos-rebuild switch --target-host "$TARGET" --build-host "$BUILD" --sudo --ask-sudo-password $@
''

2
home/user/shell.nix
View file

@ -1,11 +1,13 @@
{ osConfig, pkgs, ... }: { osConfig, pkgs, ... }:
let let
shellAlias = import ./shellAlias.nix { hostname = osConfig.networking.hostName; }; shellAlias = import ./shellAlias.nix { hostname = osConfig.networking.hostName; };
remoteRebuld = pkgs.callPackage ../scripts/remoteRebuild.nix { };
in in
{ {
home.packages = with pkgs; [ home.packages = with pkgs; [
# Shell # Shell
grc grc
remoteRebuld
]; ];
programs = { programs = {

1
system/dev/dn-lap/default.nix
View file

@ -13,6 +13,7 @@ in
./hardware-configuration.nix ./hardware-configuration.nix
./boot.nix ./boot.nix
./sops-conf.nix ./sops-conf.nix
../../modules/printer.nix
../../modules/presets/basic.nix ../../modules/presets/basic.nix
../../modules/gaming.nix ../../modules/gaming.nix
../../modules/virtualization.nix ../../modules/virtualization.nix

23
system/dev/dn-pre7780/default.nix
View file

@ -2,6 +2,8 @@
pkgs, pkgs,
username, username,
config, config,
system,
inputs,
lib, lib,
... ...
}: }:
@ -12,9 +14,6 @@ let
"desc:ASUSTek COMPUTER INC ASUS VG32VQ1B 0x00002271" "desc:ASUSTek COMPUTER INC ASUS VG32VQ1B 0x00002271"
"desc:Acer Technologies XV272U V3 1322131231233" "desc:Acer Technologies XV272U V3 1322131231233"
]; ];
memeSelector = pkgs.callPackage ../../../home/scripts/memeSelector.nix {
url = "https://nextcloud.net.dn/public.php/dav/files/pygHoPB5LxDZbeY/";
};
in in
{ {
networking.firewall.allowedTCPPortRanges = [ networking.firewall.allowedTCPPortRanges = [
@ -90,7 +89,6 @@ in
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
memeSelector
rustdesk rustdesk
((blender.override { cudaSupport = true; }).overrideAttrs (prev: { ((blender.override { cudaSupport = true; }).overrideAttrs (prev: {
postInstall = '' postInstall = ''
@ -177,22 +175,7 @@ in
# Hyprland # Hyprland
(import ../../../home/user/hyprland.nix { inherit monitors; }) (import ../../../home/user/hyprland.nix { inherit monitors; })
{ ./hyprland.nix
wayland.windowManager.hyprland = {
settings = {
monitor = [
''desc:ASUSTek COMPUTER INC ASUS VG32VQ1B 0x00002271, 2560x1440@165, 0x0, 1''
''desc:Acer Technologies XV272U V3 1322131231233, 2560x1440@180, -1440x-600, 1, transform, 1''
];
misc = {
vrr = 0;
};
bind = [
"$mainMod ctrl, M, exec, ${memeSelector}/bin/memeSelector"
];
};
};
}
# Git # Git
(import ../../../home/user/git.nix { (import ../../../home/user/git.nix {

26
system/dev/dn-pre7780/hyprland.nix Normal file
View file

@ -0,0 +1,26 @@
{ pkgs, ... }:
let
memeSelector = pkgs.callPackage ../../../home/scripts/memeSelector.nix {
url = "https://nextcloud.net.dn/public.php/dav/files/pygHoPB5LxDZbeY/";
};
in
{
home.packages = [
memeSelector
];
wayland.windowManager.hyprland = {
settings = {
monitor = [
''desc:ASUSTek COMPUTER INC ASUS VG32VQ1B 0x00002271, 2560x1440@165, 0x0, 1''
''desc:Acer Technologies XV272U V3 1322131231233, 2560x1440@180, -1440x-600, 1, transform, 1''
];
misc = {
vrr = 0;
};
bind = [
"$mainMod ctrl, M, exec, ${memeSelector}/bin/memeSelector"
];
};
};
}

6
system/dev/dn-pre7780/secret.yaml
View file

@ -9,7 +9,7 @@ openldap:
lam: lam:
env: ENC[AES256_GCM,data:f1LlC/VvilH8o2Ra7MrSHsMEGlGw3LOV2O9JJf9f,iv:u7cXM8n3jJeLBfxXtA0QMyijBqTcC+yJeW/OO9JuZMI=,tag:QL5FkcCPI5Gxudi0NmCZWg==,type:str] env: ENC[AES256_GCM,data:f1LlC/VvilH8o2Ra7MrSHsMEGlGw3LOV2O9JJf9f,iv:u7cXM8n3jJeLBfxXtA0QMyijBqTcC+yJeW/OO9JuZMI=,tag:QL5FkcCPI5Gxudi0NmCZWg==,type:str]
stalwart: stalwart:
adminPassword: ENC[AES256_GCM,data:6tUL7b2s3gLtF4Ors9CgYQ==,iv:9UQowgXKr9HR/poELP6SZijp3c2HVTHzEfwf1tZI/3w=,tag:KIOiYEwLsZLH31E2Xb478A==,type:str] adminPassword: ENC[AES256_GCM,data:hHQlmztndbB8Ct5Zig8BChz1,iv:kDgSVglIKxEghV/lkcKKxKCzgwVJqcH4l8aXYt7k+W8=,tag:vD14vP2iJEOG4WR6djab1A==,type:str]
tsig: ENC[AES256_GCM,data:wxsM/dbkW2fNf86b6TsLRNAce19h7mBEuSzFT84aIlaVZA/S29g1U4/CAwD4b+h/XfBgpZQCJf/9yT3yo6dbGAIAk5UgjV2cNY9pO1/uF1T6xoKDgfRZxA==,iv:9BvP8vQkTTEaNgYUPfQcfEMcWqDyD045EPBr7NyHmO4=,tag:coBBAe62kpe/L0S6V8NhXg==,type:str] tsig: ENC[AES256_GCM,data:wxsM/dbkW2fNf86b6TsLRNAce19h7mBEuSzFT84aIlaVZA/S29g1U4/CAwD4b+h/XfBgpZQCJf/9yT3yo6dbGAIAk5UgjV2cNY9pO1/uF1T6xoKDgfRZxA==,iv:9BvP8vQkTTEaNgYUPfQcfEMcWqDyD045EPBr7NyHmO4=,tag:coBBAe62kpe/L0S6V8NhXg==,type:str]
db: ENC[AES256_GCM,data:ZRZ2ZzUotYMe2GfkMS7o7dz0aGg=,iv:ys6ogueueESp0y6A+hUG9zTnqmCVobuIzyqA4WVtewo=,tag:p74G+8XhMcpgDnIfh1aXTg==,type:str] db: ENC[AES256_GCM,data:ZRZ2ZzUotYMe2GfkMS7o7dz0aGg=,iv:ys6ogueueESp0y6A+hUG9zTnqmCVobuIzyqA4WVtewo=,tag:p74G+8XhMcpgDnIfh1aXTg==,type:str]
dkimKey: ENC[AES256_GCM,data:oi+XvZ9hMMsgMtFnGPMbVBGagkwQzcPQDi1b0Zd54615V5yuOLHZxpLT5Z3LYlCOQmOcrCaIwn8lQKIZbAuAq6HDUVlNabjgnHeoq3XRIvcswO/B9pljL/22JCZleSrWSBh+WE+RwQIcqUIr0eNerXCUaAQLTE8lYn6mJMa/OoHJJ3R498OGyM/8rbuIMfKj5eqJnctsd9lRWeNmiq7hpQKJ8syLXMsRM9y79NJTPGJrIAJ/5F8SfUJ256/S2N25Cq61pkaXWxTcZzXFgAGU/sa3zsY86BRwEnFEVRMnygJWrVZW/ABYgRjL99r6OBQM8WTFpE8cK9GZTpylTm+QCS9lHsAA2rnUfLTs/09z41klbGSAu5jfokM5jhyFIjmDm9h3hEk4l0F4KTWgQ7avWqGVx4yVPktrVS6eh6W7+I0V6BOUhzH0Pp9xXWwhbFrMPYAYK5MQSLAS5nd3RCQWrxZwWh//ATiWdngUeWPyObxXSTmoV254k230sT39jQmqmTK5zIkOBvokPps9q3nPq1i3UIkSAXo0ZWI+GHiL1rnzJkMMGViugJdGEwUf8nWlYMcYkHmDRUZam6DIxzkf5svtd+kbDTxRa4GzeJrOYizgwDGpD5vRA9u8i7MYBS1Rhw3UVqZ9gkjtv8mqoOkDqVnHVnS2UPtsircecvjHmhu4Tq4hn8phX3F+2I8lhXUIalzPng5zjPGNUcDT+SoCbNeHuSWDDmMYQtzM3/xwae9quP9FXhr9IGGygmFUPGsl3cuxSJ3+Cq9/Hhd7bnTYnxYfv781qTmZsFclMUWNxUJQWLJ+5BQz6u1zW64wh+5SHUGrw7CHFsdgNAKv7YN+GJMNTHOjZr9RTL9R8opDm8Iho5IyQjMP401+DY30mOCq03WKJiC8qehgoaH16ssNV6ZuoHldu2N6JKmiwywgTRq8zQEo8jPnro772CQ9Tg0/5PnkhdlLdphDEIp60IbM+XWqMNwHY57fm6U+81PcgtsoRmI5OklrrhQjv+1aRgz0vRM80FOHMv7kxgEdNkb1x15B4g0ocBXEdLuxJEVaW4uWlP9EIivXOWwaPZf1QjT8ISuUQlFMXvtNj/V3SraW3K1bErJL5JnI16z803kdoAqYijf3IrRK49SKoCq6B2V8yo8iCRod2GFt1P3ADKb/uvJ6iCBSlFRFwiJYr8qu7TPXFCpsoySEmr1edBQdAkzXxFZLDMczHq2BzUo2RPfwtDubG1GMWxzrbZ1T6N3j1+GXiyTX7XuKdpSpFlXtPuJcCIrX4D4xnjv1SqqXEcKJO9oUcdMK6+Eem7wtVDBDDYpWellT+bLmtouvdEgjYE8VG5UGJJ5NpYoJAce9c7RE5/ozuvUH+uMfqfb8igZQlBMl6hbqO7j8m11i+ijS9T6Wu2DCSVIqqBHu8bouz1vyfq8l/whJCl1BkaZtiE5+NLkHoYSOuXGtVvEuXwMhvCWdnkxJtHZxxXQuCcBcVkD9Edg0YTslGv+XUvaYRlfZUqypqYZ9zJ21en9XPK3zafZ5gRLdY0xhXN4OKbGrXXL4cm5jfroTeez9iIL4fJGcA80PRHUGoLfK7ht2z0Lq3U91F4jz5KEhbaDtWDcMryr1Bwb6UXgLrezNM290g8J3GpXLBAdvqDXK79jSdPNqptGYt++VDeCdtA+P3z9K6aMWZzPURkLXxZ1bWy5YXP03MIkUpZWsc5lQmccUiyFe/Y+d9RSAZClmVxsQAY5y90d42EhkrOag06geziV9aaxgr57LdoPJQabD48bIbFFvimhV2DS3Gf/7gFtCXlm9oZiIqSHG+1TMKRp8XVwn6f70d76/Ba5Uiu0EX8V2x0Dsnin6GGynMBFCPKPXssHRe71SfRVxPJrzlLjtfTdPuzW5Q2k/U//z9SWd6Ao3+mzsbTC8MAYGeIzeE4GdsTs4ViEQWg5sSMSfjeKOFfgpTQi20LGomjF4gtTfnchEUBcUAarV6+hT/inYG2SlglyWwr2+LE3Ua5FWRXsZu4tBHcfE0axIb6Ju5KeogPVPo6cNoJCR2XLPNQakB9ONniCxPTW6zOx8h/A2UeIWMgbAn/jNYdd4kFu1IWBAQaZg5kSg1KmSAtnKgFmhb8A0Ope8h5fKfdX5tf0ulW0bjBz+rqNf2FQwcB/ScuEc65LSX+b0bzvIILuZfSRytFQpaQ4svjjA6mP4VIRoPRkkRl+gTEO+Ue4No4VZGE9+YdRFZ7OmtH6S1e5vu1rBiLuTVayHjuSWRu0OmxDiErP6uXPy8Q==,iv:Q5g9kxJKEKLHge2mcgk/UnTNMDFjzeLFLNjlY8KWe60=,tag:yL03NWRK2whOxNjcR3cPyA==,type:str] dkimKey: ENC[AES256_GCM,data:oi+XvZ9hMMsgMtFnGPMbVBGagkwQzcPQDi1b0Zd54615V5yuOLHZxpLT5Z3LYlCOQmOcrCaIwn8lQKIZbAuAq6HDUVlNabjgnHeoq3XRIvcswO/B9pljL/22JCZleSrWSBh+WE+RwQIcqUIr0eNerXCUaAQLTE8lYn6mJMa/OoHJJ3R498OGyM/8rbuIMfKj5eqJnctsd9lRWeNmiq7hpQKJ8syLXMsRM9y79NJTPGJrIAJ/5F8SfUJ256/S2N25Cq61pkaXWxTcZzXFgAGU/sa3zsY86BRwEnFEVRMnygJWrVZW/ABYgRjL99r6OBQM8WTFpE8cK9GZTpylTm+QCS9lHsAA2rnUfLTs/09z41klbGSAu5jfokM5jhyFIjmDm9h3hEk4l0F4KTWgQ7avWqGVx4yVPktrVS6eh6W7+I0V6BOUhzH0Pp9xXWwhbFrMPYAYK5MQSLAS5nd3RCQWrxZwWh//ATiWdngUeWPyObxXSTmoV254k230sT39jQmqmTK5zIkOBvokPps9q3nPq1i3UIkSAXo0ZWI+GHiL1rnzJkMMGViugJdGEwUf8nWlYMcYkHmDRUZam6DIxzkf5svtd+kbDTxRa4GzeJrOYizgwDGpD5vRA9u8i7MYBS1Rhw3UVqZ9gkjtv8mqoOkDqVnHVnS2UPtsircecvjHmhu4Tq4hn8phX3F+2I8lhXUIalzPng5zjPGNUcDT+SoCbNeHuSWDDmMYQtzM3/xwae9quP9FXhr9IGGygmFUPGsl3cuxSJ3+Cq9/Hhd7bnTYnxYfv781qTmZsFclMUWNxUJQWLJ+5BQz6u1zW64wh+5SHUGrw7CHFsdgNAKv7YN+GJMNTHOjZr9RTL9R8opDm8Iho5IyQjMP401+DY30mOCq03WKJiC8qehgoaH16ssNV6ZuoHldu2N6JKmiwywgTRq8zQEo8jPnro772CQ9Tg0/5PnkhdlLdphDEIp60IbM+XWqMNwHY57fm6U+81PcgtsoRmI5OklrrhQjv+1aRgz0vRM80FOHMv7kxgEdNkb1x15B4g0ocBXEdLuxJEVaW4uWlP9EIivXOWwaPZf1QjT8ISuUQlFMXvtNj/V3SraW3K1bErJL5JnI16z803kdoAqYijf3IrRK49SKoCq6B2V8yo8iCRod2GFt1P3ADKb/uvJ6iCBSlFRFwiJYr8qu7TPXFCpsoySEmr1edBQdAkzXxFZLDMczHq2BzUo2RPfwtDubG1GMWxzrbZ1T6N3j1+GXiyTX7XuKdpSpFlXtPuJcCIrX4D4xnjv1SqqXEcKJO9oUcdMK6+Eem7wtVDBDDYpWellT+bLmtouvdEgjYE8VG5UGJJ5NpYoJAce9c7RE5/ozuvUH+uMfqfb8igZQlBMl6hbqO7j8m11i+ijS9T6Wu2DCSVIqqBHu8bouz1vyfq8l/whJCl1BkaZtiE5+NLkHoYSOuXGtVvEuXwMhvCWdnkxJtHZxxXQuCcBcVkD9Edg0YTslGv+XUvaYRlfZUqypqYZ9zJ21en9XPK3zafZ5gRLdY0xhXN4OKbGrXXL4cm5jfroTeez9iIL4fJGcA80PRHUGoLfK7ht2z0Lq3U91F4jz5KEhbaDtWDcMryr1Bwb6UXgLrezNM290g8J3GpXLBAdvqDXK79jSdPNqptGYt++VDeCdtA+P3z9K6aMWZzPURkLXxZ1bWy5YXP03MIkUpZWsc5lQmccUiyFe/Y+d9RSAZClmVxsQAY5y90d42EhkrOag06geziV9aaxgr57LdoPJQabD48bIbFFvimhV2DS3Gf/7gFtCXlm9oZiIqSHG+1TMKRp8XVwn6f70d76/Ba5Uiu0EX8V2x0Dsnin6GGynMBFCPKPXssHRe71SfRVxPJrzlLjtfTdPuzW5Q2k/U//z9SWd6Ao3+mzsbTC8MAYGeIzeE4GdsTs4ViEQWg5sSMSfjeKOFfgpTQi20LGomjF4gtTfnchEUBcUAarV6+hT/inYG2SlglyWwr2+LE3Ua5FWRXsZu4tBHcfE0axIb6Ju5KeogPVPo6cNoJCR2XLPNQakB9ONniCxPTW6zOx8h/A2UeIWMgbAn/jNYdd4kFu1IWBAQaZg5kSg1KmSAtnKgFmhb8A0Ope8h5fKfdX5tf0ulW0bjBz+rqNf2FQwcB/ScuEc65LSX+b0bzvIILuZfSRytFQpaQ4svjjA6mP4VIRoPRkkRl+gTEO+Ue4No4VZGE9+YdRFZ7OmtH6S1e5vu1rBiLuTVayHjuSWRu0OmxDiErP6uXPy8Q==,iv:Q5g9kxJKEKLHge2mcgk/UnTNMDFjzeLFLNjlY8KWe60=,tag:yL03NWRK2whOxNjcR3cPyA==,type:str]
@ -29,7 +29,7 @@ sops:
MEdmWkFwNXZoR1ZVRnQ0aWlkYzZwSmsK0EFecUIdqlDKX08oRCoDQQ3QCX1wzb8w MEdmWkFwNXZoR1ZVRnQ0aWlkYzZwSmsK0EFecUIdqlDKX08oRCoDQQ3QCX1wzb8w
lghDJhWlfuKr+X24GoE4UK04aJVLqVMRRI4BJW+LQXeHS+dWKu3mQA== lghDJhWlfuKr+X24GoE4UK04aJVLqVMRRI4BJW+LQXeHS+dWKu3mQA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-09-20T11:44:16Z" lastmodified: "2025-09-22T14:30:13Z"
mac: ENC[AES256_GCM,data:ZNSn4h4r1d+9YBBpjJfI+AsYGOcC8r+A61KmmRf9JfyQiI0U8Le9C+ut45YQCMW3Q57a5q8NUN1GA72iCaXUk00UuESl4ybuqotrs0SVQ/QUbQCCANkItFck7XiNJ3AJY2zbWT09tI4FlnoW/ZHXMlSiPvo+hzCAEtAaM83JpIs=,iv:QKDsRjrJ7AVOY8TZm9O/g1vc81WD8xLYFBS9A/pfxZE=,tag:IMhI59NUHKH52Rs06TTZYg==,type:str] mac: ENC[AES256_GCM,data:Ak9QKKRWDFQk9GNkk2yiN+42DB/Gj7dXmiNOna0BKRwI7gkVl+ie4Iis6jhZ2aEe1vO8rgBurcSQd9xVyFOIJa16p7L1GD1doZWn0Gq3yerIwzjtaQMoS84e/cTTiWnj9shAe+Sm7vhk3ZJzJzbpYtBTspVE+iyZ+LafIE3XSCc=,iv:j53phA/h5cqWEiEviIjgbLxcPPOGWUq+UHFG1tCWkrw=,tag:Z5fnbnE2hfeHQ74Li3EVVw==,type:str]
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.10.2 version: 3.10.2

40
system/dev/dn-server/atticd.nix Normal file
View file

@ -0,0 +1,40 @@
{
config,
inputs,
system,
...
}:
let
listenPort = 30098;
in
{
services.atticd = {
enable = true;
environmentFile = config.sops.secrets."atticd/secret".path;
settings = {
listen = "127.0.0.1:${toString listenPort}";
jwt = { };
chunking = {
nar-size-threshold = 64 * 1024;
min-size = 16 * 1024;
avg-size = 64 * 1024;
max-size = 256 * 1024;
};
};
};
services.nginx.virtualHosts."cache.${config.networking.domain}" = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://127.0.0.1:${toString listenPort}";
extraConfig = ''
client_max_body_size 10240M;
'';
};
environment.systemPackages = with inputs.attic.packages.${system}; [
attic-server
attic
];
}

3
system/dev/dn-server/default.nix
View file

@ -25,6 +25,7 @@ in
./services.nix ./services.nix
./nginx.nix ./nginx.nix
./step-ca.nix ./step-ca.nix
./atticd.nix
../../modules/presets/minimal.nix ../../modules/presets/minimal.nix
../../modules/bluetooth.nix ../../modules/bluetooth.nix
../../modules/gc.nix ../../modules/gc.nix
@ -96,7 +97,7 @@ in
mail-server = { mail-server = {
enable = true; enable = true;
configuraACME = true; configureACME = true;
mailDir = "~/Maildir"; mailDir = "~/Maildir";
caFile = "" + ../../extra/ca.crt; caFile = "" + ../../extra/ca.crt;
virtualMailDir = "/var/mail/vhosts"; virtualMailDir = "/var/mail/vhosts";

6
system/dev/dn-server/secret.yaml
View file

File diff suppressed because one or more lines are too long

1
system/dev/dn-server/sops-conf.nix
View file

@ -63,6 +63,7 @@ in
"paperless/adminPassword" = mkIf config.services.paperless.enable { "paperless/adminPassword" = mkIf config.services.paperless.enable {
owner = config.services.paperless.user; owner = config.services.paperless.user;
}; };
"atticd/secret" = mkIf config.services.atticd.enable { };
}; };
}; };
} }

6
system/dev/skydrive-lap/default.nix
View file

@ -9,8 +9,9 @@ let
inherit (lib) optionalString; inherit (lib) optionalString;
geVersion = "10-15"; geVersion = "10-15";
faceIcon = pkgs.fetchurl { faceIcon = pkgs.fetchurl {
url = "https://instagram.ftpe7-1.fna.fbcdn.net/v/t51.2885-19/424428026_677208484625994_7040235245478168411_n.jpg?efg=eyJ2ZW5jb2RlX3RhZyI6InByb2ZpbGVfcGljLmRqYW5nby4xMDA4LmMyIn0&_nc_ht=instagram.ftpe7-1.fna.fbcdn.net&_nc_cat=106&_nc_oc=Q6cZ2QE3VBo0agfb2uRkv76VZxrXrKy3ZqOgrbVuuGMU_OUraKQBrsxhJCQdBRCwxri_CkI&_nc_ohc=p8gNQ2JIMw8Q7kNvwHo_GSn&_nc_gid=gdlrYsCRM-aXXlo0UnZp9Q&edm=ALGbJPMBAAAA&ccb=7-5&oh=00_AfYdDCxoYilhrom6hx55-j-HgfN-XbizFuIjg52Ci14P8Q&oe=68D0471D&_nc_sid=7d3ac5"; url = "https://files.net.dn/skydrive.jpg";
hash = "sha256-qea72vVrZJ3DPH0h4i8TORXZjQZMyQnOlM7xi/0Enw0="; hash = "sha256-aMjl6VL1Zy+r3ElfFyhFOlJKWn42JOnAFfBXF+GPB/Q=";
curlOpts = "-k";
}; };
memeSelector = pkgs.callPackage ../../../home/scripts/memeSelector.nix { memeSelector = pkgs.callPackage ../../../home/scripts/memeSelector.nix {
@ -37,6 +38,7 @@ in
./boot.nix # Extra Boot Options ./boot.nix # Extra Boot Options
./disk.nix ./disk.nix
./sops-conf.nix ./sops-conf.nix
../../modules/printer.nix
../../modules/gaming.nix ../../modules/gaming.nix
../../modules/wine.nix ../../modules/wine.nix
../../modules/localsend.nix ../../modules/localsend.nix

9
system/modules/nixsettings.nix
View file

@ -3,7 +3,16 @@
documentation.nixos.enable = false; documentation.nixos.enable = false;
nix = { nix = {
settings = { settings = {
substituters = [
"https://cache.net.dn/dn-main"
];
trusted-public-keys = [
"dn-main:ZjQmZEOWpe0TjZgHGwkgtPdOUXpN82RL9wy30EW1V7k="
];
warn-dirty = false; warn-dirty = false;
trusted-users = [
"@wheel"
];
experimental-features = [ experimental-features = [
"nix-command" "nix-command"
"flakes" "flakes"

23
system/modules/printer.nix Normal file
View file

@ -0,0 +1,23 @@
{ pkgs, ... }:
{
services.printing = {
enable = true;
drivers = with pkgs; [
gutenprint
gutenprintBin
brlaser
brgenml1lpr
brgenml1cupswrapper
splix
hplip
epson-escpr2
epson-escpr
];
};
services.avahi = {
enable = true;
nssmdns4 = true;
openFirewall = true;
};
}

8
system/modules/stalwart.nix
View file

@ -103,7 +103,7 @@ in
acme."letsencrypt" = mkIf (acmeConf != null) acmeConf; acme."letsencrypt" = mkIf (acmeConf != null) acmeConf;
session.auth = { session.auth = {
mechanisms = "[PLAIN LOGIN OAUTHBEARER]"; mechanisms = "[plain login oauthbearer]";
directory = mkCondition "listener != 'smtp'" "'ldap'" false; directory = mkCondition "listener != 'smtp'" "'ldap'" false;
require = mkCondition "listener != 'smtp'" true false; require = mkCondition "listener != 'smtp'" true false;
}; };
@ -117,12 +117,6 @@ in
"in-memory" = { "in-memory" = {
type = "memory"; type = "memory";
principals = [ principals = [
{
name = "danny";
class = "individual";
secret = "%{file:${adminPassFile}}%";
email = [ "danny@${domain}" ];
}
{ {
name = "postmaster"; name = "postmaster";
class = "individual"; class = "individual";