Compare commits
No commits in common. "11d5c3dcc03d93fd785269956dd1ad305a2ccf65" and "a06b102eaf3d48f9ac5d48e982ae86beea57f072" have entirely different histories.
11d5c3dcc0
...
a06b102eaf
307
flake.lock
307
flake.lock
|
@ -144,46 +144,6 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"disko": {
|
|
||||||
"inputs": {
|
|
||||||
"nixpkgs": "nixpkgs"
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1700927249,
|
|
||||||
"narHash": "sha256-iqmIWiEng890/ru7ZBf4nUezFPyRm2fjRTvuwwxqk2o=",
|
|
||||||
"owner": "nix-community",
|
|
||||||
"repo": "disko",
|
|
||||||
"rev": "3cb78c93e6a02f494aaf6aeb37481c27a2e2ee22",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "nix-community",
|
|
||||||
"repo": "disko",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"disko_2": {
|
|
||||||
"inputs": {
|
|
||||||
"nixpkgs": [
|
|
||||||
"nixos-anywhere",
|
|
||||||
"nixpkgs"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1698422527,
|
|
||||||
"narHash": "sha256-SDu3Xg263t3oXIyTaH0buOvFnKIDeZsvKDBtOz+jRbs=",
|
|
||||||
"owner": "nix-community",
|
|
||||||
"repo": "disko",
|
|
||||||
"rev": "944d338d24a9d043a3f7461c30ee6cfe4f9cca30",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "nix-community",
|
|
||||||
"ref": "master",
|
|
||||||
"repo": "disko",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"flake-compat": {
|
"flake-compat": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
|
@ -238,27 +198,6 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-parts_2": {
|
"flake-parts_2": {
|
||||||
"inputs": {
|
|
||||||
"nixpkgs-lib": [
|
|
||||||
"nixos-anywhere",
|
|
||||||
"nixpkgs"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1698882062,
|
|
||||||
"narHash": "sha256-HkhafUayIqxXyHH1X8d9RDl1M2CkFgZLjKD3MzabiEo=",
|
|
||||||
"owner": "hercules-ci",
|
|
||||||
"repo": "flake-parts",
|
|
||||||
"rev": "8c9fa2545007b49a5db5f650ae91f227672c3877",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "hercules-ci",
|
|
||||||
"repo": "flake-parts",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"flake-parts_3": {
|
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs-lib": "nixpkgs-lib"
|
"nixpkgs-lib": "nixpkgs-lib"
|
||||||
},
|
},
|
||||||
|
@ -329,24 +268,6 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-utils_4": {
|
|
||||||
"inputs": {
|
|
||||||
"systems": "systems_5"
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1694529238,
|
|
||||||
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"gitignore": {
|
"gitignore": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
@ -392,7 +313,7 @@
|
||||||
"hyprland": {
|
"hyprland": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"hyprland-protocols": "hyprland-protocols",
|
"hyprland-protocols": "hyprland-protocols",
|
||||||
"nixpkgs": "nixpkgs_2",
|
"nixpkgs": "nixpkgs",
|
||||||
"systems": "systems_2",
|
"systems": "systems_2",
|
||||||
"wlroots": "wlroots",
|
"wlroots": "wlroots",
|
||||||
"xdph": "xdph"
|
"xdph": "xdph"
|
||||||
|
@ -442,7 +363,7 @@
|
||||||
"flake-compat": "flake-compat_2",
|
"flake-compat": "flake-compat_2",
|
||||||
"flake-parts": "flake-parts",
|
"flake-parts": "flake-parts",
|
||||||
"flake-utils": "flake-utils_2",
|
"flake-utils": "flake-utils_2",
|
||||||
"nixpkgs": "nixpkgs_3",
|
"nixpkgs": "nixpkgs_2",
|
||||||
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
|
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
|
||||||
"rust-overlay": "rust-overlay_2"
|
"rust-overlay": "rust-overlay_2"
|
||||||
},
|
},
|
||||||
|
@ -460,45 +381,6 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixos-2305": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1698911509,
|
|
||||||
"narHash": "sha256-FFwqTbF+1laraWTL/t7LI+gN+DYfoj+iFYLof5wCea8=",
|
|
||||||
"owner": "NixOS",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "ecd985f22e007e6ac3152d68590c06cbbaea8c0e",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "NixOS",
|
|
||||||
"ref": "release-23.05",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"nixos-anywhere": {
|
|
||||||
"inputs": {
|
|
||||||
"disko": "disko_2",
|
|
||||||
"flake-parts": "flake-parts_2",
|
|
||||||
"nixos-2305": "nixos-2305",
|
|
||||||
"nixos-images": "nixos-images",
|
|
||||||
"nixpkgs": "nixpkgs_4",
|
|
||||||
"treefmt-nix": "treefmt-nix"
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1700914752,
|
|
||||||
"narHash": "sha256-d81ed+ZO7i93KTTOOW1cSbh7OsFvGoKHF1JpHEdLw3E=",
|
|
||||||
"owner": "nix-community",
|
|
||||||
"repo": "nixos-anywhere",
|
|
||||||
"rev": "7351eb2f45efc30f2cedd5f62b2e526681a21875",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "nix-community",
|
|
||||||
"repo": "nixos-anywhere",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"nixos-hardware": {
|
"nixos-hardware": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1701020860,
|
"lastModified": 1701020860,
|
||||||
|
@ -514,43 +396,18 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixos-images": {
|
|
||||||
"inputs": {
|
|
||||||
"nixos-2305": [
|
|
||||||
"nixos-anywhere",
|
|
||||||
"nixos-2305"
|
|
||||||
],
|
|
||||||
"nixos-unstable": [
|
|
||||||
"nixos-anywhere",
|
|
||||||
"nixpkgs"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1697515196,
|
|
||||||
"narHash": "sha256-EZivLoJHCqJdi23Mn/p+lPNHBBctGSWzEnAhYfC0VD0=",
|
|
||||||
"owner": "nix-community",
|
|
||||||
"repo": "nixos-images",
|
|
||||||
"rev": "87bccdbdfbeb07e0c4fb4c2ec3d71986e8fa24d9",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "nix-community",
|
|
||||||
"repo": "nixos-images",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1697915759,
|
"lastModified": 1700612854,
|
||||||
"narHash": "sha256-WyMj5jGcecD+KC8gEs+wFth1J1wjisZf8kVZH13f1Zo=",
|
"narHash": "sha256-yrQ8osMD+vDLGFX7pcwsY/Qr5PUd6OmDMYJZzZi0+zc=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "51d906d2341c9e866e48c2efcaac0f2d70bfd43e",
|
"rev": "19cbff58383a4ae384dea4d1d0c823d72b49d614",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"ref": "nixpkgs-unstable",
|
"ref": "nixos-unstable",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
|
@ -590,22 +447,6 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
"locked": {
|
|
||||||
"lastModified": 1700612854,
|
|
||||||
"narHash": "sha256-yrQ8osMD+vDLGFX7pcwsY/Qr5PUd6OmDMYJZzZi0+zc=",
|
|
||||||
"owner": "NixOS",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "19cbff58383a4ae384dea4d1d0c823d72b49d614",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "NixOS",
|
|
||||||
"ref": "nixos-unstable",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"nixpkgs_3": {
|
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699354722,
|
"lastModified": 1699354722,
|
||||||
"narHash": "sha256-abmqUReg4PsyQSwv4d0zjcWpMHrd3IFJiTb2tZpfF04=",
|
"narHash": "sha256-abmqUReg4PsyQSwv4d0zjcWpMHrd3IFJiTb2tZpfF04=",
|
||||||
|
@ -621,55 +462,23 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"nixpkgs_3": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1700794826,
|
||||||
|
"narHash": "sha256-RyJTnTNKhO0yqRpDISk03I/4A67/dp96YRxc86YOPgU=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "5a09cb4b393d58f9ed0d9ca1555016a8543c2ac8",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "nixos-unstable",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"nixpkgs_4": {
|
"nixpkgs_4": {
|
||||||
"locked": {
|
|
||||||
"lastModified": 1700218750,
|
|
||||||
"narHash": "sha256-ft54Un/pZ/KoI6hx9HLeb/SLg0SB8NvV+z7vzrpWs8c=",
|
|
||||||
"owner": "nixos",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "2542afeb0d81db4d1e5bc8df8354cbdcc29c2f53",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "nixos",
|
|
||||||
"ref": "nixos-unstable-small",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"nixpkgs_5": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1700794826,
|
|
||||||
"narHash": "sha256-RyJTnTNKhO0yqRpDISk03I/4A67/dp96YRxc86YOPgU=",
|
|
||||||
"owner": "NixOS",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "5a09cb4b393d58f9ed0d9ca1555016a8543c2ac8",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "NixOS",
|
|
||||||
"ref": "nixos-unstable",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"nixpkgs_6": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1700794826,
|
|
||||||
"narHash": "sha256-RyJTnTNKhO0yqRpDISk03I/4A67/dp96YRxc86YOPgU=",
|
|
||||||
"owner": "NixOS",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "5a09cb4b393d58f9ed0d9ca1555016a8543c2ac8",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "NixOS",
|
|
||||||
"ref": "nixos-unstable",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"nixpkgs_7": {
|
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1700612854,
|
"lastModified": 1700612854,
|
||||||
"narHash": "sha256-yrQ8osMD+vDLGFX7pcwsY/Qr5PUd6OmDMYJZzZi0+zc=",
|
"narHash": "sha256-yrQ8osMD+vDLGFX7pcwsY/Qr5PUd6OmDMYJZzZi0+zc=",
|
||||||
|
@ -685,7 +494,7 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs_8": {
|
"nixpkgs_5": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1698318101,
|
"lastModified": 1698318101,
|
||||||
"narHash": "sha256-gUihHt3yPD7bVqg+k/UVHgngyaJ3DMEBchbymBMvK1E=",
|
"narHash": "sha256-gUihHt3yPD7bVqg+k/UVHgngyaJ3DMEBchbymBMvK1E=",
|
||||||
|
@ -732,29 +541,10 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"projet-intelligence-artificielle-multimedia": {
|
|
||||||
"inputs": {
|
|
||||||
"flake-utils": "flake-utils_3",
|
|
||||||
"nixpkgs": "nixpkgs_6"
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1701038653,
|
|
||||||
"narHash": "sha256-mif1mtvfKUcLeLcHBjDeE8nDvSXqCgU2FlXwb123K7M=",
|
|
||||||
"ref": "refs/heads/master",
|
|
||||||
"rev": "52c1f4c76d9da18c5d674b4db3b413af9193d285",
|
|
||||||
"revCount": 20,
|
|
||||||
"type": "git",
|
|
||||||
"url": "https://git.fainsin.bzh/ENSEEIHT/projet-intelligence-artificielle-multimedia"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"type": "git",
|
|
||||||
"url": "https://git.fainsin.bzh/ENSEEIHT/projet-intelligence-artificielle-multimedia"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"resume": {
|
"resume": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": "flake-utils_4",
|
"flake-utils": "flake-utils_3",
|
||||||
"nixpkgs": "nixpkgs_7",
|
"nixpkgs": "nixpkgs_4",
|
||||||
"typst": "typst"
|
"typst": "typst"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
|
@ -774,15 +564,12 @@
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"agenix": "agenix",
|
"agenix": "agenix",
|
||||||
"disko": "disko",
|
|
||||||
"flake-utils": "flake-utils",
|
"flake-utils": "flake-utils",
|
||||||
"home-manager": "home-manager",
|
"home-manager": "home-manager",
|
||||||
"hyprland": "hyprland",
|
"hyprland": "hyprland",
|
||||||
"lanzaboote": "lanzaboote",
|
"lanzaboote": "lanzaboote",
|
||||||
"nixos-anywhere": "nixos-anywhere",
|
|
||||||
"nixos-hardware": "nixos-hardware",
|
"nixos-hardware": "nixos-hardware",
|
||||||
"nixpkgs": "nixpkgs_5",
|
"nixpkgs": "nixpkgs_3",
|
||||||
"projet-intelligence-artificielle-multimedia": "projet-intelligence-artificielle-multimedia",
|
|
||||||
"resume": "resume"
|
"resume": "resume"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
@ -911,48 +698,12 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"systems_6": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1681028828,
|
|
||||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
|
||||||
"owner": "nix-systems",
|
|
||||||
"repo": "default",
|
|
||||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "nix-systems",
|
|
||||||
"repo": "default",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"treefmt-nix": {
|
|
||||||
"inputs": {
|
|
||||||
"nixpkgs": [
|
|
||||||
"nixos-anywhere",
|
|
||||||
"nixpkgs"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1698438538,
|
|
||||||
"narHash": "sha256-AWxaKTDL3MtxaVTVU5lYBvSnlspOS0Fjt8GxBgnU0Do=",
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "treefmt-nix",
|
|
||||||
"rev": "5deb8dc125a9f83b65ca86cf0c8167c46593e0b1",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "treefmt-nix",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"typst": {
|
"typst": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"crane": "crane_3",
|
"crane": "crane_3",
|
||||||
"flake-parts": "flake-parts_3",
|
"flake-parts": "flake-parts_2",
|
||||||
"nixpkgs": "nixpkgs_8",
|
"nixpkgs": "nixpkgs_5",
|
||||||
"systems": "systems_6"
|
"systems": "systems_5"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1700840283,
|
"lastModified": 1700840283,
|
||||||
|
|
32
flake.nix
32
flake.nix
|
@ -1,21 +1,17 @@
|
||||||
{
|
{
|
||||||
description = "Laureηt's infrastructure";
|
description = "Laureηt's infrastructure";
|
||||||
|
|
||||||
# TODO: setup flake-parts à la place de flake-utils
|
|
||||||
# TODO: setup le formatter comme sioodmy
|
|
||||||
# TODO: rekey les secrets + changer la key de hydrogen
|
|
||||||
# TODO: luks encrypt hydrogen (dropbear ?)
|
|
||||||
# TODO: dégager btfrs de neodymium, ext4 ftw
|
|
||||||
# TODO: setup disko sur neodymium
|
|
||||||
|
|
||||||
inputs = {
|
inputs = {
|
||||||
nixpkgs = {
|
nixpkgs = {
|
||||||
url = "github:NixOS/nixpkgs/nixos-unstable";
|
url = "github:NixOS/nixpkgs/nixos-unstable";
|
||||||
# url = "git+file:///home/laurent/Documents/nixpkgs?shallow=1";
|
# url = "git+file:///home/laurent/Documents/nixpkgs?shallow=1";
|
||||||
};
|
};
|
||||||
home-manager = {
|
|
||||||
url = "github:nix-community/home-manager";
|
flake-utils.url = "github:numtide/flake-utils";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
|
||||||
|
lanzaboote = {
|
||||||
|
url = "github:nix-community/lanzaboote";
|
||||||
|
# inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
|
|
||||||
agenix = {
|
agenix = {
|
||||||
|
@ -23,16 +19,17 @@
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
inputs.flake-utils.follows = "flake-utils";
|
inputs.flake-utils.follows = "flake-utils";
|
||||||
};
|
};
|
||||||
flake-utils.url = "github:numtide/flake-utils";
|
|
||||||
lanzaboote.url = "github:nix-community/lanzaboote";
|
home-manager = {
|
||||||
|
url = "github:nix-community/home-manager";
|
||||||
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
};
|
||||||
|
|
||||||
hyprland.url = "github:hyprwm/Hyprland";
|
hyprland.url = "github:hyprwm/Hyprland";
|
||||||
|
|
||||||
nixos-hardware.url = "github:nixos/nixos-hardware";
|
nixos-hardware.url = "github:nixos/nixos-hardware";
|
||||||
disko.url = "github:nix-community/disko";
|
|
||||||
nixos-anywhere.url = "github:nix-community/nixos-anywhere";
|
|
||||||
|
|
||||||
resume.url = "git+https://git.fainsin.bzh/Laurent/resume";
|
resume.url = "git+https://git.fainsin.bzh/Laurent/resume";
|
||||||
projet-intelligence-artificielle-multimedia.url =
|
|
||||||
"git+https://git.fainsin.bzh/ENSEEIHT/projet-intelligence-artificielle-multimedia";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
nixConfig = {
|
nixConfig = {
|
||||||
|
@ -45,7 +42,7 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = { nixpkgs, flake-utils, lanzaboote, agenix, home-manager
|
outputs = { nixpkgs, flake-utils, lanzaboote, agenix, home-manager
|
||||||
, nixos-hardware, disko, ... }@inputs:
|
, nixos-hardware, ... }@inputs:
|
||||||
|
|
||||||
(flake-utils.lib.eachDefaultSystem (system:
|
(flake-utils.lib.eachDefaultSystem (system:
|
||||||
let pkgs = nixpkgs.legacyPackages.${system};
|
let pkgs = nixpkgs.legacyPackages.${system};
|
||||||
|
@ -87,7 +84,6 @@
|
||||||
modules = [
|
modules = [
|
||||||
./hosts/hydrogen
|
./hosts/hydrogen
|
||||||
home-manager.nixosModules.home-manager
|
home-manager.nixosModules.home-manager
|
||||||
disko.nixosModules.default
|
|
||||||
agenix.nixosModules.default
|
agenix.nixosModules.default
|
||||||
lanzaboote.nixosModules.lanzaboote
|
lanzaboote.nixosModules.lanzaboote
|
||||||
];
|
];
|
||||||
|
|
|
@ -1 +1,9 @@
|
||||||
{ ... }: { imports = [ ./services ./system ]; }
|
{ modulesPath, lib, ... }: {
|
||||||
|
imports =
|
||||||
|
lib.optional (builtins.pathExists ./do-userdata.nix) ./do-userdata.nix ++ [
|
||||||
|
(modulesPath + "/virtualisation/digital-ocean-config.nix")
|
||||||
|
|
||||||
|
./services
|
||||||
|
./system
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
103
hosts/hydrogen/services/blocky/default.nix
Normal file
103
hosts/hydrogen/services/blocky/default.nix
Normal file
|
@ -0,0 +1,103 @@
|
||||||
|
{ ... }: {
|
||||||
|
networking = {
|
||||||
|
firewall = {
|
||||||
|
# allow dns queries trough wireguard
|
||||||
|
interfaces."wg0".allowedUDPPorts = [
|
||||||
|
53 # dns default port
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.blocky = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
upstream.default = [ "208.67.222.222" "208.67.220.220" ];
|
||||||
|
|
||||||
|
clientLookup.clients = {
|
||||||
|
hydrogen = [ "10.0.0.1" "127.0.0.1" ];
|
||||||
|
pixel5 = [ "10.0.0.2" ];
|
||||||
|
neodymium = [ "10.0.0.3" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
blocking = {
|
||||||
|
refreshPeriod = "24h";
|
||||||
|
clientGroupsBlock.default =
|
||||||
|
[ "firebog-tick" "firebog-nocross" "regex" ];
|
||||||
|
blackLists = {
|
||||||
|
firebog-tick = [
|
||||||
|
# https://v.firebog.net/hosts/lists.php?type=tick
|
||||||
|
"https://adaway.org/hosts.txt"
|
||||||
|
"https://bitbucket.org/ethanr/dns-blacklists/raw/8575c9f96e5b4a1308f2f12394abd86d0927a4a0/bad_lists/Mandiant_APT1_Report_Appendix_D.txt"
|
||||||
|
"https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-malware.txt"
|
||||||
|
"https://hostfiles.frogeye.fr/firstparty-trackers-hosts.txt"
|
||||||
|
"https://osint.digitalside.it/Threat-Intel/lists/latestdomains.txt"
|
||||||
|
"https://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&showintro=0&mimetype=plaintext"
|
||||||
|
"https://phishing.army/download/phishing_army_blocklist_extended.txt"
|
||||||
|
"https://raw.githubusercontent.com/anudeepND/blacklist/master/adservers.txt"
|
||||||
|
"https://raw.githubusercontent.com/AssoEchap/stalkerware-indicators/master/generated/hosts"
|
||||||
|
"https://raw.githubusercontent.com/bigdargon/hostsVN/master/hosts"
|
||||||
|
"https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt"
|
||||||
|
"https://raw.githubusercontent.com/DandelionSprout/adfilt/master/Alternate%20versions%20Anti-Malware%20List/AntiMalwareHosts.txt"
|
||||||
|
"https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.2o7Net/hosts"
|
||||||
|
"https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.Risk/hosts"
|
||||||
|
"https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.Spam/hosts"
|
||||||
|
"https://raw.githubusercontent.com/FadeMind/hosts.extras/master/UncheckyAds/hosts"
|
||||||
|
"https://raw.githubusercontent.com/PolishFiltersTeam/KADhosts/master/KADhosts.txt"
|
||||||
|
"https://raw.githubusercontent.com/Spam404/lists/master/main-blacklist.txt"
|
||||||
|
"https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt"
|
||||||
|
"https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt"
|
||||||
|
"https://urlhaus.abuse.ch/downloads/hostfile/"
|
||||||
|
"https://v.firebog.net/hosts/AdguardDNS.txt"
|
||||||
|
"https://v.firebog.net/hosts/Admiral.txt"
|
||||||
|
"https://v.firebog.net/hosts/Easylist.txt"
|
||||||
|
"https://v.firebog.net/hosts/Easyprivacy.txt"
|
||||||
|
"https://v.firebog.net/hosts/Prigent-Ads.txt"
|
||||||
|
"https://v.firebog.net/hosts/Prigent-Crypto.txt"
|
||||||
|
"https://v.firebog.net/hosts/RPiList-Malware.txt"
|
||||||
|
"https://v.firebog.net/hosts/RPiList-Phishing.txt"
|
||||||
|
"https://v.firebog.net/hosts/static/w3kbl.txt"
|
||||||
|
"https://zerodot1.gitlab.io/CoinBlockerLists/hosts_browser"
|
||||||
|
];
|
||||||
|
firebog-nocross = [
|
||||||
|
# https://v.firebog.net/hosts/lists.php?type=nocross
|
||||||
|
"https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-blocklist.txt"
|
||||||
|
"https://malware-filter.gitlab.io/malware-filter/phishing-filter-hosts.txt"
|
||||||
|
"https://paulgb.github.io/BarbBlock/blacklists/hosts-file.txt"
|
||||||
|
"https://raw.githubusercontent.com/jdlingyu/ad-wars/master/hosts"
|
||||||
|
"https://raw.githubusercontent.com/matomo-org/referrer-spam-blacklist/master/spammers.txt"
|
||||||
|
"https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/AmazonFireTV.txt"
|
||||||
|
"https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/android-tracking.txt"
|
||||||
|
"https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/SmartTV.txt"
|
||||||
|
"https://raw.githubusercontent.com/RooneyMcNibNug/pihole-stuff/master/SNAFU.txt"
|
||||||
|
"https://raw.githubusercontent.com/VeleSila/yhosts/master/hosts"
|
||||||
|
"https://someonewhocares.org/hosts/zero/hosts"
|
||||||
|
"https://v.firebog.net/hosts/neohostsbasic.txt"
|
||||||
|
"https://v.firebog.net/hosts/Prigent-Malware.txt"
|
||||||
|
"https://winhelp2002.mvps.org/hosts.txt"
|
||||||
|
"https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt"
|
||||||
|
];
|
||||||
|
regex = [
|
||||||
|
# https://github.com/mmotti/pihole-regex/blob/master/regex.list
|
||||||
|
''
|
||||||
|
/^ad([sxv]?[0-9]*|system)[_.-]([^.[:space:]]+\\.){1,}|[_.-]ad([sxv]?[0-9]*|system)[_.-]/
|
||||||
|
/^(.+[_.-])?adse?rv(er?|ice)?s?[0-9]*[_.-]/
|
||||||
|
/^(.+[_.-])?telemetry[_.-]/
|
||||||
|
/^adim(age|g)s?[0-9]*[_.-]/
|
||||||
|
/^adtrack(er|ing)?[0-9]*[_.-]/
|
||||||
|
/^advert(s|is(ing|ements?))?[0-9]*[_.-]/
|
||||||
|
/^aff(iliat(es?|ion))?[_.-]/
|
||||||
|
/^analytics?[_.-]/
|
||||||
|
/^banners?[_.-]/
|
||||||
|
/^beacons?[0-9]*[_.-]/
|
||||||
|
/^count(ers?)?[0-9]*[_.-]/
|
||||||
|
/^mads\\./
|
||||||
|
/^pixels?[-.]/
|
||||||
|
/^stat(s|istics)?[0-9]*[_.-]/
|
||||||
|
/.*\\.g[0-9]+\\..*/
|
||||||
|
''
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -1 +1 @@
|
||||||
{ ... }: { services.changedetection-io.enable = true; }
|
{ ... }: { services.changedetection-io = { enable = true; }; }
|
||||||
|
|
|
@ -1 +1,12 @@
|
||||||
{ ... }: { imports = [ ./acme ./atuin ./changedetection ./gitea ./nginx ]; }
|
{ ... }: {
|
||||||
|
imports = [
|
||||||
|
./acme
|
||||||
|
./atuin
|
||||||
|
./blocky
|
||||||
|
./changedetection
|
||||||
|
./fail2ban
|
||||||
|
./gitea
|
||||||
|
./nginx
|
||||||
|
./wireguard
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
7
hosts/hydrogen/services/fail2ban/default.nix
Normal file
7
hosts/hydrogen/services/fail2ban/default.nix
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
{ ... }: {
|
||||||
|
services.fail2ban = {
|
||||||
|
enable = true;
|
||||||
|
maxretry = 3;
|
||||||
|
bantime = "1h";
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,4 +1,4 @@
|
||||||
{ inputs, system, pkgs, ... }: {
|
{ pkgs, ... }: {
|
||||||
services.nginx.virtualHosts = {
|
services.nginx.virtualHosts = {
|
||||||
"n7.laurent.fainsin.bzh" = {
|
"n7.laurent.fainsin.bzh" = {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
|
@ -17,9 +17,7 @@
|
||||||
import ./projet-systemes-algorithmes-repartis.nix pkgs;
|
import ./projet-systemes-algorithmes-repartis.nix pkgs;
|
||||||
|
|
||||||
"/projet-intelligence-artificielle-multimedia/" = # #
|
"/projet-intelligence-artificielle-multimedia/" = # #
|
||||||
import ./projet-intelligence-artificielle-multimedia.nix {
|
import ./projet-intelligence-artificielle-multimedia.nix pkgs;
|
||||||
inherit inputs system;
|
|
||||||
};
|
|
||||||
|
|
||||||
"/projet-probleme-inverse-3D/" = # #
|
"/projet-probleme-inverse-3D/" = # #
|
||||||
import ./projet-probleme-inverse-3D.nix pkgs;
|
import ./projet-probleme-inverse-3D.nix pkgs;
|
||||||
|
|
|
@ -1,5 +1,12 @@
|
||||||
{ inputs, system, ... }: {
|
{ pkgs, ... }:
|
||||||
alias =
|
let
|
||||||
inputs.projet-intelligence-artificielle-multimedia.packages.${system}.slides
|
pages = pkgs.fetchgit {
|
||||||
+ "/";
|
url =
|
||||||
|
"https://git.fainsin.bzh/ENSEEIHT/projet-intelligence-artificielle-multimedia";
|
||||||
|
rev = "8d7708db070170f6f3b276c5ea6f2f1b38e57ee5"; # pages
|
||||||
|
sha256 = "07cmnxmhb4l2chb8h9y45jnm10fqlmlq9d7zwllgk6l3gc0m3rdp";
|
||||||
|
};
|
||||||
|
in {
|
||||||
|
alias = "${pages}/";
|
||||||
|
index = "slides.html";
|
||||||
}
|
}
|
||||||
|
|
34
hosts/hydrogen/services/wireguard/default.nix
Normal file
34
hosts/hydrogen/services/wireguard/default.nix
Normal file
|
@ -0,0 +1,34 @@
|
||||||
|
{ ... }: {
|
||||||
|
networking = {
|
||||||
|
firewall = {
|
||||||
|
allowedUDPPorts = [
|
||||||
|
5553 # wireguard
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
nat = {
|
||||||
|
enable = true;
|
||||||
|
enableIPv6 = true;
|
||||||
|
externalInterface = "ens3";
|
||||||
|
internalInterfaces = [ "wg0" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
wireguard.interfaces = {
|
||||||
|
wg0 = {
|
||||||
|
ips = [ "10.0.0.1/24" "fd02:002:002::1/64" ];
|
||||||
|
listenPort = 5553;
|
||||||
|
privateKeyFile = "/root/wg-private";
|
||||||
|
peers = [
|
||||||
|
{ # pixel
|
||||||
|
publicKey = "HS2q+PpPPwxqT1jCD7D4puqr4ZyaXV5TostavlYWBx0=";
|
||||||
|
allowedIPs = [ "10.0.0.2/32" "fd02:002:002::2/64" ];
|
||||||
|
}
|
||||||
|
{ # neodymium
|
||||||
|
publicKey = "IFeRvelEilNRLkhWgFKL9HrJ9XYsm+r4yvv23CigETk=";
|
||||||
|
allowedIPs = [ "10.0.0.3/32" "fd02:002:002::3/64" ];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,4 +1,4 @@
|
||||||
{ modulesPath, ... }: {
|
{ ... }: {
|
||||||
# This value determines the NixOS release from which the default
|
# This value determines the NixOS release from which the default
|
||||||
# settings for stateful data, like file locations and database versions
|
# settings for stateful data, like file locations and database versions
|
||||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||||
|
@ -7,13 +7,5 @@
|
||||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||||
system.stateVersion = "23.05"; # Did you read the comment?
|
system.stateVersion = "23.05"; # Did you read the comment?
|
||||||
|
|
||||||
imports = [
|
imports = [ ./networking ./packages ./ssh ./users ];
|
||||||
(modulesPath + "/installer/scan/not-detected.nix")
|
|
||||||
(modulesPath + "/profiles/qemu-guest.nix")
|
|
||||||
./disko
|
|
||||||
./networking
|
|
||||||
./packages
|
|
||||||
./ssh
|
|
||||||
./users
|
|
||||||
];
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,40 +0,0 @@
|
||||||
{ ... }: {
|
|
||||||
boot.loader.grub = {
|
|
||||||
efiSupport = true;
|
|
||||||
efiInstallAsRemovable = true;
|
|
||||||
};
|
|
||||||
disko.devices = {
|
|
||||||
disk.disk1 = {
|
|
||||||
device = "/dev/sda";
|
|
||||||
type = "disk";
|
|
||||||
content = {
|
|
||||||
type = "gpt";
|
|
||||||
partitions = {
|
|
||||||
boot = {
|
|
||||||
name = "boot";
|
|
||||||
size = "1M";
|
|
||||||
type = "EF02";
|
|
||||||
};
|
|
||||||
esp = {
|
|
||||||
end = "500M";
|
|
||||||
type = "EF00";
|
|
||||||
content = {
|
|
||||||
type = "filesystem";
|
|
||||||
format = "vfat";
|
|
||||||
mountpoint = "/boot";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
root = {
|
|
||||||
name = "root";
|
|
||||||
size = "100%";
|
|
||||||
content = {
|
|
||||||
type = "filesystem";
|
|
||||||
format = "ext4";
|
|
||||||
mountpoint = "/";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,18 +1,10 @@
|
||||||
{ ... }: {
|
{ ... }: {
|
||||||
networking = {
|
networking = {
|
||||||
# the name of the machine
|
|
||||||
hostName = "hydrogen";
|
hostName = "hydrogen";
|
||||||
|
|
||||||
# the domain used for the machine
|
|
||||||
domain = "fainsin.bzh";
|
domain = "fainsin.bzh";
|
||||||
|
|
||||||
# domain name servers, use clouflare family
|
|
||||||
networking.nameservers = [ "1.1.1.2" "1.0.0.2" ];
|
|
||||||
|
|
||||||
# TODO: bouger ça à côté des applications
|
|
||||||
firewall = {
|
firewall = {
|
||||||
allowedTCPPorts = [
|
allowedTCPPorts = [
|
||||||
624 # ssh
|
22 # ssh
|
||||||
80 # http
|
80 # http
|
||||||
443 # https
|
443 # https
|
||||||
];
|
];
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ lib, pkgs, nixpkgs, ... }: {
|
{ ... }: {
|
||||||
# optimizations
|
# optimizations
|
||||||
nix.settings.auto-optimise-store = true;
|
nix.settings.auto-optimise-store = true;
|
||||||
|
|
||||||
|
@ -8,16 +8,4 @@
|
||||||
dates = "weekly";
|
dates = "weekly";
|
||||||
options = "--delete-older-than 30d";
|
options = "--delete-older-than 30d";
|
||||||
};
|
};
|
||||||
|
|
||||||
# experimental features
|
|
||||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
|
||||||
|
|
||||||
# pin nixpkgs registry
|
|
||||||
nix.registry.nixpkgs.flake = nixpkgs;
|
|
||||||
|
|
||||||
# print diff between two generations
|
|
||||||
system.activationScripts.nvd-report-changes = ''
|
|
||||||
PATH=$PATH:${lib.makeBinPath [ pkgs.nvd pkgs.nix ]}
|
|
||||||
nvd diff $(ls -dv /nix/var/nix/profiles/system-*-link | tail -2)
|
|
||||||
'';
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,3 +1 @@
|
||||||
{ pkgs, ... }: {
|
{ pkgs, ... }: { environment.systemPackages = with pkgs; [ btop borgbackup ]; }
|
||||||
environment.systemPackages = with pkgs; [ btop borgbackup gitMinimal sysz ];
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,6 +1 @@
|
||||||
{ ... }: {
|
{ ... }: { services.openssh.ports = [ 624 ]; }
|
||||||
services.openssh = {
|
|
||||||
enable = true;
|
|
||||||
ports = [ 642 ];
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,6 +0,0 @@
|
||||||
{ pkgs, ... }: {
|
|
||||||
programs.chromium = {
|
|
||||||
enable = true;
|
|
||||||
package = pkgs.ungoogled-chromium;
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -6,7 +6,6 @@
|
||||||
./packages.nix
|
./packages.nix
|
||||||
|
|
||||||
./alacritty
|
./alacritty
|
||||||
./chromium
|
|
||||||
./firefox
|
./firefox
|
||||||
./gtk
|
./gtk
|
||||||
./shell
|
./shell
|
||||||
|
|
|
@ -1,10 +1,7 @@
|
||||||
{ lib, ... }: {
|
{ lib, ... }: {
|
||||||
# the name of the machine
|
# set hostname
|
||||||
networking.hostName = "neodymium";
|
networking.hostName = "neodymium";
|
||||||
|
|
||||||
# domain name servers, use clouflare family
|
|
||||||
networking.nameservers = [ "1.1.1.2" "1.0.0.2" ];
|
|
||||||
|
|
||||||
# use networkManager, see nmcli
|
# use networkManager, see nmcli
|
||||||
networking.networkmanager.enable = true;
|
networking.networkmanager.enable = true;
|
||||||
|
|
||||||
|
@ -23,4 +20,6 @@
|
||||||
networking.useDHCP = lib.mkDefault true;
|
networking.useDHCP = lib.mkDefault true;
|
||||||
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
|
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
|
||||||
# networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
|
# networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
|
||||||
|
|
||||||
|
imports = [ ./wireguard.nix ];
|
||||||
}
|
}
|
||||||
|
|
31
hosts/neodymium/system/networking/wireguard.nix
Normal file
31
hosts/neodymium/system/networking/wireguard.nix
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
{ lib, ... }: {
|
||||||
|
networking.wg-quick.interfaces = {
|
||||||
|
wg0 = {
|
||||||
|
# client
|
||||||
|
privateKeyFile = "/root/wireguard-keys/private";
|
||||||
|
address = [ "10.0.0.3/24" "fd02:002:002::3/64" ];
|
||||||
|
dns = [ "10.0.0.1" ];
|
||||||
|
|
||||||
|
# server
|
||||||
|
peers = [{
|
||||||
|
publicKey = "y36/EpLUerwM6NSGsVDCkb37Wj/Z3CI0mPFGatVa0Ws=";
|
||||||
|
allowedIPs = [ "0.0.0.0/0" "::0/0" ];
|
||||||
|
endpoint = "fainsin.bzh:5553";
|
||||||
|
persistentKeepalive = 30;
|
||||||
|
}];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
# modify the systemd service to restart on failure every 10 seconds
|
||||||
|
systemd.services.wg-quick-wg0 = {
|
||||||
|
serviceConfig = {
|
||||||
|
Type = lib.mkForce "simple";
|
||||||
|
Restart = "on-failure";
|
||||||
|
RestartSec = "10s";
|
||||||
|
};
|
||||||
|
unitConfig = {
|
||||||
|
# ensures Restart= is always honoured
|
||||||
|
StartLimitIntervalSec = 0;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -41,7 +41,6 @@
|
||||||
"vscode-extension-ms-vsliveshare-vsliveshare"
|
"vscode-extension-ms-vsliveshare-vsliveshare"
|
||||||
];
|
];
|
||||||
|
|
||||||
# print diff between two generations
|
|
||||||
system.activationScripts.nvd-report-changes = ''
|
system.activationScripts.nvd-report-changes = ''
|
||||||
PATH=$PATH:${lib.makeBinPath [ pkgs.nvd pkgs.nix ]}
|
PATH=$PATH:${lib.makeBinPath [ pkgs.nvd pkgs.nix ]}
|
||||||
nvd diff $(ls -dv /nix/var/nix/profiles/system-*-link | tail -2)
|
nvd diff $(ls -dv /nix/var/nix/profiles/system-*-link | tail -2)
|
||||||
|
|
Loading…
Reference in a new issue