baduhai/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: baduhai:a3b4781bd09a168171d8fec121c46a8e93c39d2e
Branches Tags
baduhai:master
baduhai:dendritic-light
baduhai:dendritic
baduhai:terranix
baduhai:refactor
baduhai:dms
baduhai:vim
baduhai:ansible
baduhai:niri
baduhai:hyprland
..
compare: baduhai:91f37f90230a9a958d31781652944ce2d7e9414d
Branches Tags
baduhai:master
baduhai:dendritic-light
baduhai:dendritic
baduhai:terranix
baduhai:refactor
baduhai:dms
baduhai:vim
baduhai:ansible
baduhai:niri
baduhai:hyprland

No commits in common. "a3b4781bd09a168171d8fec121c46a8e93c39d2e" and "91f37f90230a9a958d31781652944ce2d7e9414d" have entirely different histories.
a3b4781bd0 ... 91f37f9023

6 changed files with 9 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

7
aspects/hosts/_alexandria/nextcloud.nix
View file

@ -1,7 +1,8 @@
{
lib,
config,
inputs,
pkgs,
inputs,
...
}:
@ -82,12 +83,12 @@ in
age.secrets = {
"nextcloud-secrets.json" = {
file = "${inputs.self}/secrets/nextcloud-secrets.json.age";
file = ../../../secrets/nextcloud-secrets.json.age;
owner = "nextcloud";
group = "nextcloud";
};
nextcloud-adminpass = {
file = "${inputs.self}/secrets/nextcloud-adminpass.age";
file = ../../../secrets/nextcloud-adminpass.age;
owner = "nextcloud";
group = "nextcloud";
};

2
aspects/hosts/_alexandria/nginx.nix
View file

@ -51,7 +51,7 @@ in
];
age.secrets.cloudflare = {
file = "${inputs.self}/secrets/cloudflare.age";
file = ../../../secrets/cloudflare.age;
owner = "nginx";
group = "nginx";
};

5
aspects/hosts/_trantor/forgejo.nix
View file

@ -67,8 +67,5 @@ in
};
# Disable PrivateMounts to allow LoadCredential to work with bind-mounted directories
systemd.services.forgejo.serviceConfig = {
PrivateMounts = lib.mkForce false;
ProtectSystem = lib.mkForce false;
};
systemd.services.forgejo.serviceConfig.PrivateMounts = lib.mkForce false;
}

4
aspects/hosts/_trantor/nginx.nix
View file

@ -8,8 +8,10 @@
let
services = inputs.self.services;
# Get all unique domains from shared services on trantor (host = "trantor")
localDomains = lib.unique (map (s: s.domain) (lib.filter (s: s.host == "trantor") services));
# Generate ACME cert configs for all local domains
acmeCerts = lib.genAttrs localDomains (domain: {
group = "nginx";
});
@ -49,7 +51,7 @@ in
];
age.secrets.cloudflare = {
file = "${inputs.self}/secrets/cloudflare.age";
file = ../../../secrets/cloudflare.age;
owner = "nginx";
group = "nginx";
};

1
aspects/hosts/alexandria.nix
View file

@ -27,7 +27,6 @@
# other aspects
fwupd
podman
]);
};
}

17
aspects/lxc.nix
View file

@ -1,17 +0,0 @@
{ ... }:
{
flake.modules.nixos.lxc =
{
config,
lib,
pkgs,
...
}:
{
virtualisation.lxc = {
enable = true;
unprivilegedContainers = true;
};
};
}