Grimmauld/grimm-nixos-laptop
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix cache issues

Browse source
This commit is contained in:
Grimmauld 2024-05-12 09:46:41 +02:00
parent fad8e51f94
commit 8c97d5daf5
4 changed files with 27 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
fake_flake.nix
View file

@ -43,7 +43,7 @@ in
"${nivSources.agenix}/modules/age.nix" "${nivSources.agenix}/modules/age.nix"
"${nivSources.nixos-mailserver}/default.nix" "${nivSources.nixos-mailserver}/default.nix"
"${nivSources.nixos-matrix-modules}/module.nix" "${nivSources.nixos-matrix-modules}/module.nix"
"${nivSources.authentik-nix}/module.nix" (import nivSources.authentik-nix).nixosModules.default
# fixme: ideally we'd not rely on the flake syntax to load the module # fixme: ideally we'd not rely on the flake syntax to load the module
(builtins.getFlake (asGithubRef nivSources.chaotic)).nixosModules.default (builtins.getFlake (asGithubRef nivSources.chaotic)).nixosModules.default
@ -134,13 +134,11 @@ in
nix.settings.extra-substituters = [ nix.settings.extra-substituters = [
"https://cache.lix.systems" "https://cache.lix.systems"
"https://nyx.chaotic.cx/" "https://nyx.chaotic.cx/"
"https://nixcache.grimmauld.de"
]; ];
nix.settings.trusted-public-keys = [ nix.settings.trusted-public-keys = [
"cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
"nyx.chaotic.cx-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8=" "nyx.chaotic.cx-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8="
"chaotic-nyx.cachix.org-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8=" "chaotic-nyx.cachix.org-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8="
"nixcache.grimmauld.de:LFBlakr8RYIuVb9I1S0+L9JGyB2THcfbPa0W6srghqo="
]; ];
} }

30
modules/auth.nix
View file

@ -1,25 +1,27 @@
{ config, ... }: <<<<<<< HEAD
{ config, pkgs ... }:
let let
inherit (config.serverConfig) vhosts; inherit (config.serverConfig) vhosts;
inherit (config.networking) domain; inherit (config.networking) domain;
in in
{ in {
age.secrets.authentik_env = {
services.authentik = {
enable = true;
# The environmentFile needs to be on the target host!
# Best use something like sops-nix or agenix to manage it
environmentFile = "/run/secrets/authentik/authentik-env";
# authentik_env.age
age.secrets.authentik_env = {
file = ../secrets/authentik_env.age; file = ../secrets/authentik_env.age;
owner = "authentik"; # owner = "authentik";
group = "authentik"; # group = "authentik";
mode = "0600"; mode = "0600";
}; };
services.authentik = {
# enable = true;
# The environmentFile needs to be on the target host!
# Best use something like sops-nix or agenix to manage it
environmentFile = config.age.secrets.authentik_env.path;
# authentikComponents = {
# staticWorkdirDeps = pkgs.authentikComponents.staticWorkdirDeps;
# };
settings = { settings = {
email = rec { email = rec {
host = vhosts.mail_host.host; host = vhosts.mail_host.host;

2
modules/default.nix
View file

@ -17,6 +17,7 @@ in
./discord-matrix-bridge.nix ./discord-matrix-bridge.nix
./mastodon.nix ./mastodon.nix
./nix_cache.nix ./nix_cache.nix
./auth.nix
]; ];
options.serverConfig = options.serverConfig =
@ -182,6 +183,7 @@ in
nix_cache_host = { nix_cache_host = {
host = "nixcache.${domain}"; host = "nixcache.${domain}";
port = 5000; port = 5000;
accessType = "proxy";
}; };
auth_host = { auth_host = {
host = "auth.${domain}"; host = "auth.${domain}";

8
specific/grimm-nixos-laptop/configuration.nix
View file

@ -52,4 +52,12 @@
networking.hostName = "grimmauld-nixos"; networking.hostName = "grimmauld-nixos";
system.stateVersion = "23.05"; system.stateVersion = "23.05";
nix.settings.extra-substituters = [
"https://nixcache.grimmauld.de"
];
nix.settings.trusted-public-keys = [
"nixcache.grimmauld.de:LFBlakr8RYIuVb9I1S0+L9JGyB2THcfbPa0W6srghqo="
];
} }