April 2025 update
This commit is contained in:
parent
06b5916f58
commit
da6ae88151
SSH Key Fingerprint:
SHA256:PDf6DSaU0lWsQ57NzQGdm8HUKftULYFYzxPJolepY58
120
flake.lock
120
flake.lock
|
|
@ -9,16 +9,15 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1736812363,
|
||||
"narHash": "sha256-vs6tf4F4LVMDw4nsXkVFMSNC8RAbS7mRxbBscfE/mts=",
|
||||
"ref": "jemalloc",
|
||||
"rev": "015aee89b8519ce94a603d5cd58f1c54ec3ac718",
|
||||
"revCount": 67,
|
||||
"lastModified": 1740787854,
|
||||
"narHash": "sha256-psuFa7Ilar3iJaogz6UD8fRPMIk1NFAushM74Ln/SC4=",
|
||||
"ref": "refs/heads/main",
|
||||
"rev": "9752430f815f27d236a26451d479fdc3a1738060",
|
||||
"revCount": 69,
|
||||
"type": "git",
|
||||
"url": "https://git.min.rip/min/breeze.git"
|
||||
},
|
||||
"original": {
|
||||
"ref": "jemalloc",
|
||||
"type": "git",
|
||||
"url": "https://git.min.rip/min/breeze.git"
|
||||
}
|
||||
|
|
@ -38,6 +37,21 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"crane_2": {
|
||||
"locked": {
|
||||
"lastModified": 1734808813,
|
||||
"narHash": "sha256-3aH/0Y6ajIlfy7j52FGZ+s4icVX0oHhqBzRdlOeztqg=",
|
||||
"owner": "ipetkov",
|
||||
"repo": "crane",
|
||||
"rev": "72e2d02dbac80c8c86bf6bf3e785536acf8ee926",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "ipetkov",
|
||||
"repo": "crane",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"deploy-rs": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat",
|
||||
|
|
@ -67,11 +81,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1736199437,
|
||||
"narHash": "sha256-TdU0a/x8048rbbJmkKWzSY1CtsbbGKNkIJcMdr8Zf4Q=",
|
||||
"lastModified": 1740485968,
|
||||
"narHash": "sha256-WK+PZHbfDjLyveXAxpnrfagiFgZWaTJglewBWniTn2Y=",
|
||||
"owner": "nix-community",
|
||||
"repo": "disko",
|
||||
"rev": "49f8aa791f81ff2402039b3efe0c35b9386c4bcf",
|
||||
"rev": "19c1140419c4f1cdf88ad4c1cfb6605597628940",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -101,11 +115,11 @@
|
|||
"nixpkgs-lib": "nixpkgs-lib"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1736143030,
|
||||
"narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=",
|
||||
"lastModified": 1738453229,
|
||||
"narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de",
|
||||
"rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -132,13 +146,31 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_2": {
|
||||
"inputs": {
|
||||
"systems": "systems_3"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1731533236,
|
||||
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"impermanence": {
|
||||
"locked": {
|
||||
"lastModified": 1734945620,
|
||||
"narHash": "sha256-olIfsfJK4/GFmPH8mXMmBDAkzVQ1TWJmeGT3wBGfQPY=",
|
||||
"lastModified": 1737831083,
|
||||
"narHash": "sha256-LJggUHbpyeDvNagTUrdhe/pRVp4pnS6wVKALS782gRI=",
|
||||
"owner": "nix-community",
|
||||
"repo": "impermanence",
|
||||
"rev": "d000479f4f41390ff7cf9204979660ad5dd16176",
|
||||
"rev": "4b3e914cdf97a5b536a889e939fb2fd2b043a170",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -149,11 +181,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1736200483,
|
||||
"narHash": "sha256-JO+lFN2HsCwSLMUWXHeOad6QUxOuwe9UOAF/iSl1J4I=",
|
||||
"lastModified": 1740603184,
|
||||
"narHash": "sha256-t+VaahjQAWyA+Ctn2idyo1yxRIYpaDxMgHkgCNiMJa4=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "3f0a8ac25fb674611b98089ca3a5dd6480175751",
|
||||
"rev": "f44bd8ca21e026135061a0a57dcf3d0775b67a49",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -165,14 +197,14 @@
|
|||
},
|
||||
"nixpkgs-lib": {
|
||||
"locked": {
|
||||
"lastModified": 1735774519,
|
||||
"narHash": "sha256-CewEm1o2eVAnoqb6Ml+Qi9Gg/EfNAxbRx1lANGVyoLI=",
|
||||
"lastModified": 1738452942,
|
||||
"narHash": "sha256-vJzFZGaCpnmo7I6i416HaBLpC+hvcURh/BQwROcGIp8=",
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz"
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
|
||||
},
|
||||
"original": {
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz"
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
|
|
@ -183,9 +215,32 @@
|
|||
"flake-parts": "flake-parts",
|
||||
"impermanence": "impermanence",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"sim-breeze": "sim-breeze",
|
||||
"sops-nix": "sops-nix"
|
||||
}
|
||||
},
|
||||
"sim-breeze": {
|
||||
"inputs": {
|
||||
"crane": "crane_2",
|
||||
"flake-utils": "flake-utils_2",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1740803896,
|
||||
"narHash": "sha256-l7r91rD5iM5Vuagoqs0aIgYW68lIEHTf3oPIRoVm5Og=",
|
||||
"ref": "refs/heads/main",
|
||||
"rev": "ab744ebb5024dc391a03774571a2cb09bc225a11",
|
||||
"revCount": 74,
|
||||
"type": "git",
|
||||
"url": "ssh://git@git.min.rip/min/sim-breeze.git"
|
||||
},
|
||||
"original": {
|
||||
"type": "git",
|
||||
"url": "ssh://git@git.min.rip/min/sim-breeze.git"
|
||||
}
|
||||
},
|
||||
"sops-nix": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
|
|
@ -193,11 +248,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1736203741,
|
||||
"narHash": "sha256-eSjkBwBdQk+TZWFlLbclF2rAh4JxbGg8az4w/Lfe7f4=",
|
||||
"lastModified": 1739262228,
|
||||
"narHash": "sha256-7JAGezJ0Dn5qIyA2+T4Dt/xQgAbhCglh6lzCekTVMeU=",
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"rev": "c9c88f08e3ee495e888b8d7c8624a0b2519cb773",
|
||||
"rev": "07af005bb7d60c7f118d9d9f5530485da5d1e975",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -236,6 +291,21 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems_3": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"utils": {
|
||||
"inputs": {
|
||||
"systems": "systems_2"
|
||||
|
|
|
|||
|
|
@ -17,8 +17,11 @@
|
|||
|
||||
impermanence.url = "github:nix-community/impermanence";
|
||||
|
||||
breeze.url = "git+https://git.min.rip/min/breeze.git?ref=jemalloc";
|
||||
breeze.url = "git+https://git.min.rip/min/breeze.git";
|
||||
breeze.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
sim-breeze.url = "git+ssh://git@git.min.rip/min/sim-breeze.git";
|
||||
sim-breeze.inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
outputs = inputs @ {self, ...}:
|
||||
|
|
@ -40,6 +43,7 @@
|
|||
packages = with pkgs; [
|
||||
sops
|
||||
ssh-to-age
|
||||
openssl
|
||||
# not included: age, gpg, pcscd, scdaemon, etc.
|
||||
|
||||
deploy-rs
|
||||
|
|
|
|||
|
|
@ -1,32 +1,34 @@
|
|||
{inputs, ...}: let
|
||||
systems = ["silver"];
|
||||
systems = makeSystems ["silver"];
|
||||
|
||||
inherit (inputs.nixpkgs) lib;
|
||||
|
||||
makeNixosConfigurations = systems:
|
||||
lib.listToAttrs (lib.map
|
||||
(name: let
|
||||
system = import ./${name} {inherit inputs;};
|
||||
in {
|
||||
makeSystems = systems:
|
||||
lib.listToAttrs (lib.map (name: {
|
||||
inherit name;
|
||||
value = lib.nixosSystem {
|
||||
inherit (system) system;
|
||||
|
||||
modules =
|
||||
system.modules
|
||||
++ [
|
||||
{
|
||||
_module.args = {
|
||||
inherit inputs;
|
||||
};
|
||||
}
|
||||
|
||||
../modules
|
||||
];
|
||||
};
|
||||
value = import ./${name} {inherit inputs;};
|
||||
})
|
||||
systems);
|
||||
|
||||
makeNixosConfigurations = systems:
|
||||
lib.mapAttrs (name: system:
|
||||
lib.nixosSystem {
|
||||
inherit (system) system;
|
||||
|
||||
modules =
|
||||
system.modules
|
||||
++ [
|
||||
{
|
||||
_module.args = {
|
||||
inherit inputs;
|
||||
};
|
||||
}
|
||||
|
||||
../modules
|
||||
];
|
||||
})
|
||||
systems;
|
||||
|
||||
makeDeployRsNodes = systems:
|
||||
lib.mapAttrs
|
||||
(name: system: {
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{...}: {
|
||||
_: {
|
||||
environment.persistence."/persist" = {
|
||||
hideMounts = true;
|
||||
directories = [
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{...}: let
|
||||
_: let
|
||||
ipInternal = "10.13.1.1"; # TODO: hardcoding
|
||||
in {
|
||||
services.prometheus.exporters = {
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{...}: {
|
||||
_: {
|
||||
sops = {
|
||||
defaultSopsFile = ../../../secrets/eidola.yaml;
|
||||
age.sshKeyPaths = ["/persist/etc/ssh/ssh_host_ed25519_key"];
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{...}: {
|
||||
_: {
|
||||
users = {
|
||||
users = let
|
||||
shareUser = {
|
||||
|
|
|
|||
|
|
@ -5,10 +5,10 @@
|
|||
}: let
|
||||
net = {
|
||||
# TODO: hardcoding (this module *may* be a good place to store values like this, though)
|
||||
address = "107.152.41.67";
|
||||
address = "66.23.198.122";
|
||||
prefixLength = 24;
|
||||
subnet = "255.255.255.0";
|
||||
gateway = "107.152.41.1";
|
||||
gateway = "66.23.198.1";
|
||||
interface = "eth0";
|
||||
};
|
||||
in {
|
||||
|
|
|
|||
|
|
@ -18,6 +18,7 @@
|
|||
inputs.disko.nixosModules.disko
|
||||
inputs.impermanence.nixosModules.impermanence
|
||||
inputs.breeze.nixosModules.${system}.breeze
|
||||
inputs.sim-breeze.nixosModules.${system}.sim-breeze
|
||||
./configuration.nix
|
||||
];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
disk = {
|
||||
main = {
|
||||
type = "disk";
|
||||
device = "/dev/vda";
|
||||
device = "/dev/sda";
|
||||
content = {
|
||||
type = "gpt";
|
||||
|
||||
|
|
@ -75,6 +75,12 @@
|
|||
];
|
||||
};
|
||||
};
|
||||
swap = {
|
||||
size = "6G";
|
||||
content = {
|
||||
type = "swap";
|
||||
};
|
||||
};
|
||||
persist = {
|
||||
size = "100%FREE";
|
||||
content = {
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{...}: {
|
||||
_: {
|
||||
environment.persistence."/persist" = {
|
||||
hideMounts = true;
|
||||
directories = [
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{...}: let
|
||||
_: let
|
||||
ipInternal = "10.13.0.1"; # TODO: hardcoding
|
||||
in {
|
||||
services.prometheus.exporters = {
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{...}: {
|
||||
_: {
|
||||
sops = {
|
||||
defaultSopsFile = ../../../secrets/silver.yaml;
|
||||
age.sshKeyPaths = ["/persist/etc/ssh/ssh_host_ed25519_key"];
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@
|
|||
./breeze.nix
|
||||
./min-rip.nix
|
||||
./gitea.nix
|
||||
./sim-breeze.nix
|
||||
./synapse.nix
|
||||
./nebula.nix
|
||||
./prometheus.nix
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
{config, ...}: let
|
||||
sshExposeIp = "107.152.41.67"; # TODO: hardcoding
|
||||
sshExposeIp = "66.23.198.122"; # TODO: hardcoding
|
||||
sshIntPort = 14022;
|
||||
httpIntPort = 14020;
|
||||
dom = "git.min.rip"; # TODO: hardcoding
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{...}: let
|
||||
_: let
|
||||
dom = "graf.min.rip";
|
||||
httpIntPort = 14050;
|
||||
in {
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{...}: let
|
||||
_: let
|
||||
dom = "min.rip"; # TODO: hardcoding
|
||||
in {
|
||||
services.nginx.virtualHosts.${dom} = {
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{...}: let
|
||||
_: let
|
||||
ipSilver = "10.13.0.1"; # TODO: hardcoding
|
||||
ipEidola = "10.13.1.1"; # TODO: hardcoding
|
||||
in {
|
||||
|
|
|
|||
|
|
@ -0,0 +1,56 @@
|
|||
{config, ...}: let
|
||||
httpIntPort = 14012;
|
||||
dom = "simul.lol";
|
||||
in {
|
||||
sops.secrets."svc-sim-breeze-upload_key" = {
|
||||
owner = "sim-breeze";
|
||||
group = "sim-breeze";
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts.${dom} = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
|
||||
quic = true;
|
||||
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:${toString httpIntPort}";
|
||||
};
|
||||
|
||||
extraConfig = let
|
||||
cloudflarePem = ../../../keys/cloudflare.pem;
|
||||
in ''
|
||||
ssl_client_certificate ${cloudflarePem};
|
||||
ssl_verify_client on;
|
||||
'';
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /srv/uploads-sim 0750 sim-breeze sim-breeze - -"
|
||||
];
|
||||
|
||||
services.sim-breeze = {
|
||||
enable = true;
|
||||
uploadKeyFile = config.sops.secrets."svc-sim-breeze-upload_key".path;
|
||||
|
||||
settings = {
|
||||
engine = {
|
||||
base_url = "https://${dom}";
|
||||
max_upload_len = 2147483648;
|
||||
max_temp_lifetime = 43200;
|
||||
max_strip_len = 16777216;
|
||||
|
||||
disk.save_path = "/srv/uploads-sim";
|
||||
cache = {
|
||||
max_length = 268435456;
|
||||
upload_lifetime = 1800;
|
||||
scan_freq = 60;
|
||||
mem_capacity = 4294967296;
|
||||
};
|
||||
};
|
||||
|
||||
http.listen_on = "127.0.0.1:${toString httpIntPort}";
|
||||
logger.level = "info";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -42,7 +42,7 @@ in {
|
|||
];
|
||||
|
||||
virtualisation.oci-containers.containers.synapse-db = {
|
||||
image = "docker.io/postgres:12-alpine";
|
||||
image = "docker.io/postgres:17-alpine";
|
||||
environment = {
|
||||
POSTGRES_USER = "synapse";
|
||||
POSTGRES_PASSWORD = "synapse";
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{...}: let
|
||||
_: let
|
||||
httpIntAddr = "127.0.0.1";
|
||||
httpIntPort = 14210;
|
||||
dom = "pw.min.rip";
|
||||
|
|
|
|||
|
|
@ -0,0 +1,35 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIGCjCCA/KgAwIBAgIIV5G6lVbCLmEwDQYJKoZIhvcNAQENBQAwgZAxCzAJBgNV
|
||||
BAYTAlVTMRkwFwYDVQQKExBDbG91ZEZsYXJlLCBJbmMuMRQwEgYDVQQLEwtPcmln
|
||||
aW4gUHVsbDEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzETMBEGA1UECBMKQ2FsaWZv
|
||||
cm5pYTEjMCEGA1UEAxMab3JpZ2luLXB1bGwuY2xvdWRmbGFyZS5uZXQwHhcNMTkx
|
||||
MDEwMTg0NTAwWhcNMjkxMTAxMTcwMDAwWjCBkDELMAkGA1UEBhMCVVMxGTAXBgNV
|
||||
BAoTEENsb3VkRmxhcmUsIEluYy4xFDASBgNVBAsTC09yaWdpbiBQdWxsMRYwFAYD
|
||||
VQQHEw1TYW4gRnJhbmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlhMSMwIQYDVQQD
|
||||
ExpvcmlnaW4tcHVsbC5jbG91ZGZsYXJlLm5ldDCCAiIwDQYJKoZIhvcNAQEBBQAD
|
||||
ggIPADCCAgoCggIBAN2y2zojYfl0bKfhp0AJBFeV+jQqbCw3sHmvEPwLmqDLqynI
|
||||
42tZXR5y914ZB9ZrwbL/K5O46exd/LujJnV2b3dzcx5rtiQzso0xzljqbnbQT20e
|
||||
ihx/WrF4OkZKydZzsdaJsWAPuplDH5P7J82q3re88jQdgE5hqjqFZ3clCG7lxoBw
|
||||
hLaazm3NJJlUfzdk97ouRvnFGAuXd5cQVx8jYOOeU60sWqmMe4QHdOvpqB91bJoY
|
||||
QSKVFjUgHeTpN8tNpKJfb9LIn3pun3bC9NKNHtRKMNX3Kl/sAPq7q/AlndvA2Kw3
|
||||
Dkum2mHQUGdzVHqcOgea9BGjLK2h7SuX93zTWL02u799dr6Xkrad/WShHchfjjRn
|
||||
aL35niJUDr02YJtPgxWObsrfOU63B8juLUphW/4BOjjJyAG5l9j1//aUGEi/sEe5
|
||||
lqVv0P78QrxoxR+MMXiJwQab5FB8TG/ac6mRHgF9CmkX90uaRh+OC07XjTdfSKGR
|
||||
PpM9hB2ZhLol/nf8qmoLdoD5HvODZuKu2+muKeVHXgw2/A6wM7OwrinxZiyBk5Hh
|
||||
CvaADH7PZpU6z/zv5NU5HSvXiKtCzFuDu4/Zfi34RfHXeCUfHAb4KfNRXJwMsxUa
|
||||
+4ZpSAX2G6RnGU5meuXpU5/V+DQJp/e69XyyY6RXDoMywaEFlIlXBqjRRA2pAgMB
|
||||
AAGjZjBkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgECMB0GA1Ud
|
||||
DgQWBBRDWUsraYuA4REzalfNVzjann3F6zAfBgNVHSMEGDAWgBRDWUsraYuA4REz
|
||||
alfNVzjann3F6zANBgkqhkiG9w0BAQ0FAAOCAgEAkQ+T9nqcSlAuW/90DeYmQOW1
|
||||
QhqOor5psBEGvxbNGV2hdLJY8h6QUq48BCevcMChg/L1CkznBNI40i3/6heDn3IS
|
||||
zVEwXKf34pPFCACWVMZxbQjkNRTiH8iRur9EsaNQ5oXCPJkhwg2+IFyoPAAYURoX
|
||||
VcI9SCDUa45clmYHJ/XYwV1icGVI8/9b2JUqklnOTa5tugwIUi5sTfipNcJXHhgz
|
||||
6BKYDl0/UP0lLKbsUETXeTGDiDpxZYIgbcFrRDDkHC6BSvdWVEiH5b9mH2BON60z
|
||||
0O0j8EEKTwi9jnafVtZQXP/D8yoVowdFDjXcKkOPF/1gIh9qrFR6GdoPVgB3SkLc
|
||||
5ulBqZaCHm563jsvWb/kXJnlFxW+1bsO9BDD6DweBcGdNurgmH625wBXksSdD7y/
|
||||
fakk8DagjbjKShYlPEFOAqEcliwjF45eabL0t27MJV61O/jHzHL3dknXeE4BDa2j
|
||||
bA+JbyJeUMtU7KMsxvx82RmhqBEJJDBCJ3scVptvhDMRrtqDBW5JShxoAOcpFQGm
|
||||
iYWicn46nPDjgTU0bX1ZPpTpryXbvciVL5RkVBuyX2ntcOLDPlZWgxZCBp96x07F
|
||||
AnOzKgZk4RzZPNAxCXERVxajn/FLcOhglVAKo5H0ac+AitlQ0ip55D2/mf8o72tM
|
||||
fVQ6VpyjEXdiIXWUq/o=
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -2,4 +2,5 @@
|
|||
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLM+RmEfAxC6vYelGWhBj5bCkiwWmbrMs1XqyMNALOilSoW+om9tJbulDSYn9l7woc9UOm8lFZ/x08J3AORbQjI="
|
||||
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIPci/gIUGWdoiLXS8Nq8T6Fvh2Wtpxv6pnqyvbSWvzyoAAAABHNzaDo="
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINIysEjWk8jdsnfF2Ki1U1TENkRLu3ig5tGVlVUnBGTj"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG/Fc8P3CyombtPO/1OnYIx7VMh46XmCjV9WNCoLi77q" # migration
|
||||
]
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{...}: {
|
||||
_: {
|
||||
boot.kernel.sysctl."net.core.rmem_max" = 2500000;
|
||||
boot.kernel.sysctl."fs.inotify.max_user_instances" = 1024;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,3 +1,3 @@
|
|||
{...}: {
|
||||
_: {
|
||||
networking.nameservers = ["1.1.1.1" "1.0.0.1"];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ user-pw: ENC[AES256_GCM,data:5qJ/TLLdHyQVTftN882UJZ/FPAbHUGQkw1eXqajCt2Aw2wca5D7
|
|||
svc-nodemusicbot-env: ENC[AES256_GCM,data:XoTn7WuFbfs8P+MvoMLfwpvUJ4IGGRMhdG1HXdmXGiI9s6ZTlipnIL70MYlih5kKn/wSBR2QDd9i6AErbz3hDUAkCh0tBuiZTDuSctUU0X2PCnrBnbg=,iv:ayrHgGO0zCl7apVKjMGI1MbtkN8V3j6dT0Mv07/KoYQ=,tag:TdAussU7bBg+jxpLufR1sw==,type:str]
|
||||
svc-vcnotifier-env: ENC[AES256_GCM,data:8DwT17Aosvu7/Q2ecbir/t9HOtanPlFeBgLOzxtcv2BpCIGTEHqbVk9pegKQKc7lGhj5OrVg4HvNnQNEdEu5fLqB2XpMV8ltS7PL1wEz,iv:CfnXvb2wSRwQAURSLUrV4jofGnFOE6PQan7KPPhERjI=,tag:ve1Dh+63N4B6W7ZtvbDCFA==,type:str]
|
||||
svc-breeze-upload_key: ENC[AES256_GCM,data:qNNH4/Q0rk2lsMImzpVe54+DbSAOiGjo,iv:rX9zvcPt6qSbPs6sKYO0T8EVaHU/u9QDoT/ISHdQSV4=,tag:kivJyeJGtuBP0l54qJ0t9w==,type:str]
|
||||
svc-sim-breeze-upload_key: ENC[AES256_GCM,data:qm93iBzGhqp7IuZ01uZ6PyL5bL45+W0oOeDyQRGEzZw=,iv:5F7BV5Sg6GUxIGQychaEZSeG7xDFF+JdRL83PJULWJA=,tag:W/Q8vGaPoLNnj1Wyvc9Cnw==,type:str]
|
||||
svc-synapse-synapse-config: ENC[AES256_GCM,data:r8ZYi67CfftGheassCFiLOVcFUho+sNNe0XCkyQETHT6Q/w2jqO9eAVA2EDJyK4Vk3S4MP6ppcGxwocMmTYzkAjmtwf6a7GzUyh14+Lj5VTybvIKOze0wuLlsEUUYgU=,iv:HTnPaS5/ZvdJIMKiTfPffZmemp5IGTo/mIWrpafk/Fk=,tag:2HusbhzmxqsTMz5/78WCRA==,type:str]
|
||||
svc-gitea-runner-env: ENC[AES256_GCM,data:M2hV8YM03dcBcgpJqbpiW6RGlhDvkfF/ExF+J1GF+39GnOsBWwPKteM5EAUB2Wrl/zRFifgfNLLdYgSEWhJsT1cBLhI3vwE5,iv:9/nvC3sS6XcLxgeKrEg/AaFhptXCm3uvGgSUMAz4p5Y=,tag:A1MnoJP6aekXuWHhlONnkw==,type:str]
|
||||
svc-nebula-key: ENC[AES256_GCM,data:kqVqnsEgEsMGz2Ud0CS4DnVDd7claVoFyB3grV8TWK/mGdtJwysIYsQRmpbwXcOTTfgdX6vLKxJvleLLHFQGTjf/7QwBrmhfUKryd7CEukaZUsmkJAx3fH5y0mMd84nJucyQk5NqXZhyXQNwg9zmyH20XdaLqrdr0dtkQzIf,iv:OHoIHRKJt4kqbQye6SHLD9wVbLl7wTvs5CheIeOObeg=,tag:4AG0sSlOdTrqtXj3UqzaHQ==,type:str]
|
||||
|
|
@ -21,8 +22,8 @@ sops:
|
|||
SFhuV0prbkJUSC9uZjJsV1VCTHVPSjAKfH148Hh3CDFCE1BOgMlA5ROVVoiO4x6+
|
||||
fpkAQO4rfvcdpi+1NJjAOp0tkxOV4gApo/B/Vd3xPCtR6rVky5/0XQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-10-15T20:33:06Z"
|
||||
mac: ENC[AES256_GCM,data:0WuZQxRXih9XRWGwT01eiEppEIPfGOjSpKEthmY3v+kumM6ydpueCroxqIuQoLXke8eKzZ6Xg34C2AvHgCdkHTgYbC9wGf9h8cV7L2xD4F9sLQ2scGThCynG0AGcLRXm152wzSdR5dGr1h4p49WO9XGbLEXD/JzfyPIcENDTPAs=,iv:LIPHnjWJYPlvs+VBvrRpczYD6ncwqTs1Jyz+VdWFaxY=,tag:Cdu7pKIzqi5H4Qo1eW66HQ==,type:str]
|
||||
lastmodified: "2025-03-01T04:01:15Z"
|
||||
mac: ENC[AES256_GCM,data:1eMZuUzXH1fPIWh32J6RUntb/ki7OTovX/dtQ5uaf6J6r+B6nLR+TvpAdw4P+XLnxtTeVGIZEHb0sXSA9WXcEE90MHIYOPxG/rb/zf0IOGtg/iwfgLFTacaDJsqX4+WwQJgACJ98SbtznyXr0NnP2d4SudIOjkj05subfrOcPYo=,iv:Fzp1iLEtfxhvy14SG1l06mSDplD2KQoOV+t4rUMX9Qw=,tag:6JRywlTUw6V7yajm6lar8g==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-11-04T02:36:46Z"
|
||||
enc: |-
|
||||
|
|
@ -45,4 +46,4 @@ sops:
|
|||
-----END PGP MESSAGE-----
|
||||
fp: 78795D9EBD425CBB3E850BC45DF91852CB14CEFF
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
version: 3.9.4
|
||||
|
|
|
|||
Loading…
Reference in New Issue