sora/nixconfig
1
0
Fork 1
Code Issues 2 Pull Requests Actions Releases Activity

Compare commits

base: sora:0f38465422f42936de3d5880939209ab577e01d2
Branches Tags
sora:main sora:dev
...
compare: sora:main
Branches Tags
sora:dev sora:main

15 Commits
0f38465422 ... main

Author SHA1 Message Date
bot
56b9f7b8d9 Merge pull request 'Lock file maintenance' (#283) from renovate/lock-file-maintenance into main 2026-06-07 04:09:10 +02:00
Renovate Bot
5f659e19bb Lock file maintenance 2026-06-07 02:09:06 +00:00
bot
8ed749e5f7 Merge pull request 'Lock file maintenance' (#282) from renovate/lock-file-maintenance into main 2026-06-06 04:04:47 +02:00
Renovate Bot
ff4217466d Lock file maintenance 2026-06-06 02:04:45 +00:00
soraefir
0e45834e45 change podman building 2026-06-05 02:04:21 +02:00
bot
85d5009104 Merge pull request 'Lock file maintenance' (#281) from renovate/lock-file-maintenance into main 2026-05-31 04:05:50 +02:00
Renovate Bot
88e7196148 Lock file maintenance 2026-05-31 02:05:44 +00:00
bot
8b4d3e1a13 Merge pull request 'Lock file maintenance' (#280) from renovate/lock-file-maintenance into main 2026-05-30 04:04:57 +02:00
Renovate Bot
fb0ddd9548 Lock file maintenance 2026-05-30 02:04:54 +00:00
bot
ab0a249eca Merge pull request 'Update DeterminateSystems/magic-nix-cache-action action to v14' (#279) from renovate/determinatesystems-magic-nix-cache-action-14.x into main 2026-05-29 04:02:55 +02:00
Renovate Bot
2000b37940 Update DeterminateSystems/magic-nix-cache-action action to v14 2026-05-29 02:02:51 +00:00
bot
fc0e449a99 Merge pull request 'Lock file maintenance' (#278) from renovate/lock-file-maintenance into main 2026-05-24 04:07:46 +02:00
Renovate Bot
123d04f12d Lock file maintenance 2026-05-24 02:07:43 +00:00
bot
489a9f2d5c Merge pull request 'Lock file maintenance' (#277) from renovate/lock-file-maintenance into main 2026-05-23 04:04:16 +02:00
Renovate Bot
f8446664dc Lock file maintenance 2026-05-23 02:04:14 +00:00
4 changed files with 59 additions and 46 deletions
Expand all files Collapse all files

2
.gitea/workflows/build.yml
View File

@@ -18,7 +18,7 @@ jobs:
uses: cachix/install-nix-action@v31 uses: cachix/install-nix-action@v31
# - uses: DeterminateSystems/nix-installer-action@v4 # - uses: DeterminateSystems/nix-installer-action@v4
- uses: DeterminateSystems/magic-nix-cache-action@v13 - uses: DeterminateSystems/magic-nix-cache-action@v14
- uses: DeterminateSystems/flake-checker-action@v12 - uses: DeterminateSystems/flake-checker-action@v12
- name: "Install Cachix ❄️" - name: "Install Cachix ❄️"

82
flake.lock generated
View File

@@ -45,11 +45,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1777780666, "lastModified": 1780795403,
"narHash": "sha256-8wURyQMdDkGUarSTKOGdCuFfYiwa3HbzwscUfn3STDE=", "narHash": "sha256-AkWx4Zt9pQbD/f82Z8N57+d0HGLN/rV3gdMKJTpBPKs=",
"owner": "lnl7", "owner": "lnl7",
"repo": "nix-darwin", "repo": "nix-darwin",
"rev": "8c62fba0854ba15c8917aed18894dbccb48a3777", "rev": "6a771120d607dcccb279a27d227650e324815c35",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -102,12 +102,15 @@
} }
}, },
"hardware": { "hardware": {
"inputs": {
"nixpkgs": "nixpkgs"
},
"locked": { "locked": {
"lastModified": 1778945272, "lastModified": 1780310866,
"narHash": "sha256-Aipz0UiBhE2a1FYJrNc2y+5vKWo5QVkhmaIJk3/ls+g=", "narHash": "sha256-fPBRVf6A5xlACYcOI59shGrjURuvwu0lRsDoSCEXt/I=",
"owner": "nixos", "owner": "nixos",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "379c1f274f0fa354d012f0600806de54e79f29b5", "rev": "4ed851c979641e28597a05086332d75cdc9e395f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -139,11 +142,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1778905220, "lastModified": 1779506708,
"narHash": "sha256-ox/5IHc8uwy6UTw6N7Shp6uCHIgu/S2PsWeuXsOHSo8=", "narHash": "sha256-QOD/CNm196nCJRheux/URi4/HE66fthdOMqCJoPP1Y0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "d1686dc7d36cbd1234cb226ad6ef97e882716acb", "rev": "3ee51fbdac8c8bdfe1e7e1fcaba6520a563f394f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -174,11 +177,11 @@
}, },
"nixUnstable": { "nixUnstable": {
"locked": { "locked": {
"lastModified": 1778869304, "lastModified": 1780747962,
"narHash": "sha256-30sZNZoA1cqF5JNO9fVX+wgiQYjB7HJqqJ4ztCDeBZE=", "narHash": "sha256-IX7G1dlKrOqPOImfbo7ADDfV5yU1+j+MRChI3TL4tAA=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "d233902339c02a9c334e7e593de68855ad26c4cb", "rev": "cbb5cf358f50aa6acc9efd6113b7bcfbc352cd73",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -190,18 +193,15 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1778737229, "lastModified": 1767892417,
"narHash": "sha256-6xWoytx8jFW4PF1GjRm/i/53trbpKGfz6zjzQGBr4cI=", "narHash": "sha256-8bW3q88CEg2u4hSP66Vf4lpbLonHz7hqDNBMcCY7E9U=",
"owner": "nixos", "rev": "3497aa5c9457a9d88d71fa93a4a8368816fbeeba",
"repo": "nixpkgs", "type": "tarball",
"rev": "d7a713c0b7e47c908258e71cba7a2d77cc8d71d5", "url": "https://releases.nixos.org/nixos/unstable/nixos-26.05pre924538.3497aa5c9457/nixexprs.tar.xz"
"type": "github"
}, },
"original": { "original": {
"owner": "nixos", "type": "tarball",
"ref": "nixos-25.11", "url": "https://channels.nixos.org/nixos-unstable/nixexprs.tar.xz"
"repo": "nixpkgs",
"type": "github"
} }
}, },
"nixpkgs-lib": { "nixpkgs-lib": {
@@ -221,11 +221,27 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1778869304, "lastModified": 1780511130,
"narHash": "sha256-30sZNZoA1cqF5JNO9fVX+wgiQYjB7HJqqJ4ztCDeBZE=", "narHash": "sha256-2v9lT4ya59Lh1FqPeLnz1MoX9y/wz2huqfe9RtQZITk=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "d233902339c02a9c334e7e593de68855ad26c4cb", "rev": "535f3e6942cb1cead3929c604320d3db54b542b9",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-25.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1780243769,
"narHash": "sha256-x5UQuRsH3MqI0U9afaXSNqzTPSeZlRLvFAav2Ux1pNw=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "331800de5053fcebacf6813adb5db9c9dca22a0c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -238,14 +254,14 @@
"nur": { "nur": {
"inputs": { "inputs": {
"flake-parts": "flake-parts_2", "flake-parts": "flake-parts_2",
"nixpkgs": "nixpkgs_2" "nixpkgs": "nixpkgs_3"
}, },
"locked": { "locked": {
"lastModified": 1778979652, "lastModified": 1780795956,
"narHash": "sha256-VKptLSz5jqsa5A7DQV/Jd8WBWsW2MZxZHyUhOE3F7q4=", "narHash": "sha256-gFRV5zPnWiscNzRW5iWMCIMoVoMvUoX6k3ihaeSWVzo=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nur", "repo": "nur",
"rev": "06a9f4853ad0d96558cf6966da0b228e6d808174", "rev": "807b5e8f5839e3f4362a705667e6df21ea27786e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -262,7 +278,7 @@
"home-manager": "home-manager", "home-manager": "home-manager",
"nix-colors": "nix-colors", "nix-colors": "nix-colors",
"nixUnstable": "nixUnstable", "nixUnstable": "nixUnstable",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs_2",
"nur": "nur", "nur": "nur",
"sops-nix": "sops-nix" "sops-nix": "sops-nix"
} }
@@ -274,11 +290,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1777944972, "lastModified": 1780547341,
"narHash": "sha256-VfGRo1qTBKOe3s2gOv8LSoA6Fk19PvBlwQ1ECN0Evn8=", "narHash": "sha256-Gq8KNx5A7hBB3uGJaj6eQfLDIz5YdLu92gqBcvHvoUo=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "c591bf665727040c6cc5cb409079acb22dcce33c", "rev": "9ed65852b6257fbeae4355bc24ecfea307ca759a",
"type": "github" "type": "github"
}, },
"original": { "original": {

11
modules/server/containers/default.nix
View File

@@ -3,10 +3,13 @@ let
cfg = config.syscfg.server.containers; cfg = config.syscfg.server.containers;
enabledConfigs = lib.filterAttrs (name: c: c.enable) cfg; enabledConfigs = lib.filterAttrs (name: c: c.enable) cfg;
containerSetsList = lib.mapAttrsToList (name: containerCfg: containerSetsList = lib.mapAttrsToList (name: containerCfg:
import (./defs + "/${name}.nix") { let defs = import (./defs + "/${name}.nix") {inherit config pkgs lib containerCfg;};
inherit config pkgs lib containerCfg; in{
} containers = lib.mapAttrs' (cName: cValue:
) enabledConfigs; lib.nameValuePair "${name}-${cName}" cValue
) defs.containers;
}
) enabledConfigs;
mergedContainers = lib.attrsets.mergeAttrsList (lib.map(e: e.containers) containerSetsList); mergedContainers = lib.attrsets.mergeAttrsList (lib.map(e: e.containers) containerSetsList);
allPathConfigs = lib.flatten (lib.map (e: e.paths or []) containerSetsList); allPathConfigs = lib.flatten (lib.map (e: e.paths or []) containerSetsList);
in in

10
modules/server/containers/defs/authentik.nix
View File

@@ -14,9 +14,8 @@ in {
containers = { containers = {
auth_server = { server = {
image = "ghcr.io/goauthentik/server:latest"; image = "ghcr.io/goauthentik/server:latest";
hostname = "auth_server";
volumes = [ volumes = [
"${serverCfg.dataPath}/authentik/media:/media" "${serverCfg.dataPath}/authentik/media:/media"
"${serverCfg.dataPath}/authentik/templates:/templates" "${serverCfg.dataPath}/authentik/templates:/templates"
@@ -47,8 +46,6 @@ in {
cmd = [ "server" ]; cmd = [ "server" ];
extraOptions = [ extraOptions = [
"--add-host=host.containers.internal:host-gateway" "--add-host=host.containers.internal:host-gateway"
"--replace"
"--rm"
"--ip=${containerCfg.ip}" "--ip=${containerCfg.ip}"
]; ];
ports = [ ports = [
@@ -56,9 +53,8 @@ in {
]; ];
}; };
auth_worker = { worker = {
image = "ghcr.io/goauthentik/server:latest"; image = "ghcr.io/goauthentik/server:latest";
hostname = "auth_worker";
volumes = [ volumes = [
"${serverCfg.dataPath}/authentik/media:/media" "${serverCfg.dataPath}/authentik/media:/media"
"${serverCfg.dataPath}/authentik/templates:/templates" "${serverCfg.dataPath}/authentik/templates:/templates"
@@ -75,8 +71,6 @@ in {
}; };
extraOptions = [ extraOptions = [
"--add-host=host.containers.internal:host-gateway" "--add-host=host.containers.internal:host-gateway"
"--replace"
"--rm"
]; ];
cmd = [ "worker" ]; cmd = [ "worker" ];
}; };