Bruno BELANYI
825e09f59e
flake: refactor handling of shared modules
2021-05-08 17:14:13 +02:00
Bruno BELANYI
817ca1e9df
machine: aramis: add installer script
...
This is the first time that I am setting up LVM-on-LUKS with NixOS, so a
VM came in handy to test it out.
2021-05-08 17:14:13 +02:00
Bruno BELANYI
5041fc7472
project: add bootstrap script
2021-05-08 17:14:13 +02:00
Bruno BELANYI
08c16bd27f
pkgs: diff-flake: add 'host' and 'shell' options
2021-05-08 17:14:13 +02:00
Bruno BELANYI
25823f4ee6
flake: bump inputs
2021-05-08 17:14:13 +02:00
Bruno BELANYI
2a1dda12d4
pkgs: diff-flake: use 'makeWrapper'
...
This makes it easier to test the script, as I just run it normally
without building it.
2021-05-08 17:14:13 +02:00
Bruno BELANYI
12475ff3a8
pkgs: diff-flake: do not default to verbose build
2021-05-08 17:14:13 +02:00
Bruno BELANYI
2fac46b606
pkgs: diff-flake: fix '--flake-output' handling
...
I'm surprised that `shellcheck` did not pick up this error, `INPUTS` was
leftover from the previous name of the variable before a refactor...
2021-05-08 17:14:13 +02:00
Bruno BELANYI
0ec56784e9
flake: use explicit input format
...
And reorder the inputs to be in alphabetical order, because that is
always neater :-).
2021-05-08 17:14:13 +02:00
Bruno BELANYI
f64454811e
pkgs: diff-flake: resolve given revs to commit ids
2021-05-08 17:14:13 +02:00
Bruno BELANYI
f817b278fe
pkgs: diff-flake: substitute 'mktemp'
2021-05-08 17:14:13 +02:00
Bruno BELANYI
37a134ebd2
flake: add 'diff-flake' to 'apps' and 'defaultApp'
...
That way I can just run `nix flake update`, commit, and `nix run` to get
a list of updates.
2021-05-08 17:14:13 +02:00
Bruno BELANYI
7d91351c8e
pkgs: add diff-flake
...
This is a nice helper to know what has changed after bumping a flake's
inputs.
2021-05-08 17:14:13 +02:00
Bruno BELANYI
9612258118
flake: do not throw on dirty tree
...
This is mostly inconvenient, I have enough discipline not to need it
anymore.
2021-04-25 12:39:17 +00:00
Bruno BELANYI
49232423ca
lib: ip: verify ip is valid in 'check'
2021-04-25 12:39:17 +00:00
Bruno BELANYI
0112dd87ac
lib: ip: add 'isValidIp4'
2021-04-25 12:39:17 +00:00
Bruno BELANYI
5a06ab74bb
lib: ip: add 'nth' utility to 'parseSubnet4'
2021-04-25 12:39:17 +00:00
Bruno BELANYI
1968285d0a
lib: ip: add 'nthInRange4'
...
And use it to refactor 'rangeIp4'
2021-04-25 12:39:17 +00:00
Bruno BELANYI
509332270e
services: wireguard: refactor DNS configuration
2021-04-25 12:39:17 +00:00
Bruno BELANYI
05c9a46cde
services: wireguard: add internal-only option
2021-04-25 12:39:17 +00:00
Bruno BELANYI
196f9a3e34
services: wireguard: fix server routing
...
I had made a mistake, hard-coding the server as being `1` for its client
number, instead of using the one configured from its peer configuration.
2021-04-25 12:39:17 +00:00
Bruno BELANYI
26eac86de0
services: wireguard: clean up logic
...
This module has a complicated logic, and I found the code quite ugly.
making use of `mkMerge` makes it easier to read and think through.
2021-04-25 12:39:17 +00:00
Bruno BELANYI
84b61b25b3
services: wireguard: allow disabling service
...
Only the server *needs* to have wireguard up at all times. However a
laptop or desktop probably doesn't need it up at all times.
2021-04-25 12:39:17 +00:00
Bruno BELANYI
f79fcd020b
services: wireguard: set up DNS server on clients
...
This makes use of my newly written adblocking DNS service, it does
assume that the server would have both wireguard and DNS enabled.
I would also like to move to using my ip-related library functions,
however it does not support IPv6 and is unlikely to be easily added...
But I am not sure that I *need* IPv6 support for my use-case.
Finally, I find this module a bit too heavy, it could be improved by
having specific 'server' and 'client' roles, instead of implicit roles
depending on whether an external IP exists.
2021-04-25 12:39:17 +00:00
Bruno BELANYI
3696471201
services: adblock: restrict to wireguard interface
2021-04-25 12:39:17 +00:00
Bruno BELANYI
a551ace6a6
machines: porthos: services: enable adblock
2021-04-25 12:39:17 +00:00
Bruno BELANYI
5b0d12ad40
services: add adblock
...
This is a self-hosted DNS server with hosts-based adblocking.
I should probably have it update the hosts file more often than I will
probably end up doing myself with a package... We'll see if it ends up
being necessary.
2021-04-25 12:39:17 +00:00
Bruno BELANYI
d10f0ed103
pkgs: add unbound-zones-adblock
...
Unbound wants a configuration file that is not actually formatted like
StevenBlack's hosts files. This derivation fixes that.
2021-04-25 12:39:17 +00:00
Bruno BELANYI
20c20cef46
pkgs: add unified-hosts-lists
2021-04-25 12:39:17 +00:00
Bruno BELANYI
63d28c4ae2
lib: ip: add 'rangeIp4'
...
The `range` attribute is not very useful by itself. However this
generator can convert it into a list of all addresses in the given
range.
2021-04-25 12:39:17 +00:00
Bruno BELANYI
ad006bf2b8
lib: add ip
2021-04-25 12:39:17 +00:00
Bruno BELANYI
e438b7b5f5
pkgs: add havm
...
This is a dependency for Tiger Compiler [1].
[1]: https://assignments.lrde.epita.fr/
2021-04-25 12:39:17 +00:00
Bruno BELANYI
9a9ec81204
pkgs: add nolimips
...
This is a dependency for Tiger Compiler [1].
[1]: https://assignments.lrde.epita.fr/
2021-04-25 12:39:17 +00:00
Bruno BELANYI
89ea720bff
flake: expose custom packages as output
2021-04-25 12:39:17 +00:00
Bruno BELANYI
67faf8fa43
services: lohr: update log environment variable
2021-04-25 12:39:17 +00:00
Bruno BELANYI
e6d46b3c59
pkgs: extract lohr from 'services/lohr'
2021-04-25 12:39:17 +00:00
Bruno BELANYI
b06f265291
pkgs: extract podgrab from 'services/podgrab'
2021-04-25 12:39:17 +00:00
Bruno BELANYI
edb9c46106
flake: introduce 'pkgs' overlay
...
Also make it the prime overlay instead of the extended 'lib'.
The reason for `pkgs` not being structured as an overlay, but simply
taking `pkgs` as an argument is to allow it to be used as a NUR package
set, if I wanted to.
2021-04-25 12:39:17 +00:00
Bruno BELANYI
15f0f95538
services: lohr: update to 'v0.4.0'
2021-04-25 12:39:17 +00:00
Bruno BELANYI
e51ab70d5b
modules: add documentation
2021-04-25 12:39:17 +00:00
Bruno BELANYI
6bf6d21392
flake: inject extended 'lib' into NixOS config
...
Somehow it works just fine in my `home-manager` configuration, I assume it is
using the system `nixpkgs` and its `lib` attribute that I extended. Whereas the
NixOS system must be injected with the extended one intentionally.
2021-04-17 11:41:19 +00:00
Bruno BELANYI
ee1b31954a
services: calibre-web: use upstream service
continuous-integration/drone/push Build encountered an error
2021-04-15 16:24:41 +00:00
Bruno BELANYI
0d31aebb87
flake: bump inputs
2021-04-15 16:24:41 +00:00
Bruno BELANYI
471fe4e21f
machines: porthos: services: enable podgrab
2021-04-15 16:24:41 +00:00
Bruno BELANYI
558c09cfdf
services: add podgrab
2021-04-15 16:24:41 +00:00
Bruno BELANYI
8d3a87d1b6
project: readme: add lohr to manual steps
continuous-integration/drone/push Build is passing
2021-04-01 22:48:38 +00:00
Bruno BELANYI
ff975b8c7d
machines: porthos: services: enable lohr
2021-04-01 22:48:38 +00:00
Bruno BELANYI
3402146298
services: add lohr
2021-04-01 22:48:38 +00:00
Bruno BELANYI
cf76586585
services: drone: fix docker socket dependency
continuous-integration/drone/push Build is passing
2021-03-31 17:56:36 +00:00
Bruno BELANYI
3a4098a6c4
modules: users: sort groups
2021-03-31 17:56:36 +00:00