diff options
| author | Preston Pan <ret2pop@gmail.com> | 2025-02-18 22:38:45 -0800 |
|---|---|---|
| committer | Preston Pan <ret2pop@gmail.com> | 2025-02-18 22:38:45 -0800 |
| commit | 6f8dc8ecbeae8690a6e92a0a44916e6e17ba950f (patch) | |
| tree | d874bc15e52cb201aaac3a82e948061fe93625a0 | |
| parent | f36be340c309f413f095f3ba704b3188c92ffdd9 (diff) | |
| -rw-r--r-- | agenda.org | 7 | ||||
| -rw-r--r-- | config/nix.org | 511 | ||||
| -rw-r--r-- | journal/20250214.org | 12 | ||||
| -rw-r--r-- | journal/20250218.org | 18 | ||||
| -rw-r--r-- | nix/dns/default.nix | 3 | ||||
| -rw-r--r-- | nix/flake.lock | 77 | ||||
| -rw-r--r-- | nix/flake.nix | 48 | ||||
| -rw-r--r-- | nix/modules/conduit.nix | 2 | ||||
| -rw-r--r-- | nix/modules/home/default.nix | 3 | ||||
| -rw-r--r-- | nix/modules/home/zsh.nix | 4 | ||||
| -rw-r--r-- | nix/modules/nginx.nix | 8 | ||||
| -rw-r--r-- | nix/modules/secrets.nix | 4 | ||||
| -rw-r--r-- | nix/modules/vars.nix | 2 | ||||
| -rw-r--r-- | nix/poetry.lock | 363 | ||||
| -rw-r--r-- | nix/pyproject.toml | 17 | ||||
| -rw-r--r-- | nix/secrets/secrets.yaml | 7 | ||||
| -rw-r--r-- | nix/systems/continuity/home.nix | 1 | ||||
| -rw-r--r-- | nix/systems/spontaneity/default.nix | 39 |
18 files changed, 875 insertions, 251 deletions
@@ -19,8 +19,6 @@ project, it can be referenced here. * Tasks These are general life tasks that I need to do, which don't depend on a specific time or date. -** TODO [#B] NixOS VPS Migration -Migrate all my services to NixOS. ** TODO [#B] Nullring Update the nullring to be in org mode, and also include a couple more sites. ** TODO [#B] Umami @@ -62,10 +60,11 @@ SCHEDULED: <2025-02-12 Wed .+1d> - State "DONE" from "TODO" [2025-01-11 Sat 02:26] I want to stretch every day so that I can become more flexible. ** TODO Journal -SCHEDULED: <2025-02-12 Wed .+1d> +SCHEDULED: <2025-02-19 Wed .+1d> :PROPERTIES: -:LAST_REPEAT: [2025-02-11 Tue 04:01] +:LAST_REPEAT: [2025-02-18 Tue 01:44] :END: +- State "DONE" from "TODO" [2025-02-18 Tue 01:44] - State "DONE" from "TODO" [2025-02-11 Tue 04:01] - State "DONE" from "TODO" [2025-02-03 Mon 13:57] - State "DONE" from "TODO" [2025-02-03 Mon 03:01] diff --git a/config/nix.org b/config/nix.org index d19cebe..89e06ba 100644 --- a/config/nix.org +++ b/config/nix.org @@ -44,15 +44,25 @@ so that adding new configurations that add modifications is made simple. url = "github:nix-community/lanzaboote/v0.4.1"; inputs.nixpkgs.follows = "nixpkgs"; }; + nixos-dns = { + url = "github:Janik-Haag/nixos-dns"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; - outputs = { self, nixpkgs, home-manager, nur, disko, lanzaboote, sops-nix, nix-topology, ... }@attrs: + outputs = { self, nixpkgs, home-manager, nur, disko, lanzaboote, sops-nix, nix-topology, nixos-dns, ... }@attrs: let system = "x86_64-linux"; + pkgs = import nixpkgs { inherit system; }; + generate = nixos-dns.utils.generate nixpkgs.legacyPackages."${system}"; + dnsConfig = { + inherit (self) nixosConfigurations; + extraConfig = import ./dns/default.nix; + }; mkConfigs = map (hostname: { name = "${hostname}"; value = nixpkgs.lib.nixosSystem { - system = system; + inherit system; specialArgs = attrs; modules = if (hostname == "installer") then [ (./. + "/systems/${hostname}/default.nix") @@ -64,6 +74,7 @@ so that adding new configurations that add modifications is made simple. disko.nixosModules.disko home-manager.nixosModules.home-manager sops-nix.nixosModules.sops + nixos-dns.nixosModules.dns { nixpkgs.overlays = [ nur.overlays.default ]; home-manager.extraSpecialArgs = attrs; @@ -91,6 +102,39 @@ so that adding new configurations that add modifications is made simple. { nixosConfigurations = self.nixosConfigurations; } ]; }; + + devShell."${system}" = with pkgs; mkShell { + buildInputs = [ + fira-code + python3 + poetry + ]; + shellHook = '' + poetry shell + ''; + }; + + packages."${system}" = { + zoneFiles = generate.zoneFiles dnsConfig; + octodns = generate.octodnsConfig { + inherit dnsConfig; + + config = { + providers = { + cloudflare = { + class = "octodns_cloudflare.CloudflareProvider"; + token = "env/CLOUDFLARE_TOKEN"; + }; + config = { + check_origin = false; + }; + }; + }; + zones = { + "ret2pop.net." = nixos-dns.utils.octodns.generateZoneAttrs [ "cloudflare" ]; + }; + }; + }; }; } #+end_src @@ -110,6 +154,12 @@ creation_rules: #+end_src also note that you will have to write your own secrets.yaml file, with an entry called ~mail~, which is used for the imaps and smtps password. +* Nix DNS +#+begin_src nix :tangle ../nix/dns/default.nix + { + defaultTTL = 120; + } +#+end_src * Nix Topology Nix Topology generates a nice graph of all my hosts. You can view this graph by running ~nix build .#topology.x86_64-linux.config.output~. @@ -201,7 +251,7 @@ largely self-documenting. remoteHost = lib.mkOption { type = lib.types.str; - default = "nullring.xyz"; + default = "ret2pop.net"; example = "example.com"; description = "Address to push to and pull from for website and git repos"; }; @@ -486,11 +536,11 @@ Use postfix as an smtps server. gitweb = { enable = true; - virtualHost = "ret2pop.net"; + virtualHost = "${config.monorepo.vars.remoteHost}"; }; virtualHosts = { - "matrix.ret2pop.net" = { + "matrix.${config.monorepo.vars.remoteHost}" = { enableACME = true; forceSSL = true; listen = [ @@ -527,8 +577,8 @@ Use postfix as an smtps server. merge_slashes off; ''; }; - "ret2pop.net" = { - serverName = "ret2pop.net"; + "${config.monorepo.vars.remoteHost}" = { + serverName = "${config.monorepo.vars.remoteHost}"; root = "/var/www/ret2pop-website/"; addSSL = true; enableACME = true; @@ -555,7 +605,7 @@ Use postfix as an smtps server. enable = lib.mkDefault config.monorepo.profiles.server.enable; # random comment settings.global = { - server_name = "matrix.ret2pop.net"; + server_name = "matrix.${config.monorepo.vars.remoteHost}"; address = "0.0.0.0"; port = 6167; }; @@ -1081,189 +1131,190 @@ For my virtual machines. As you can see, I have my installed home packages installed based on the profiles enabled. Also, I have many imports that we'll go through next. #+begin_src nix :tangle ../nix/modules/home/default.nix - { lib, config, pkgs, ... }: - { - imports = [ - ../vars.nix - ./fcitx.nix - ./secrets.nix - ./emacs.nix - ./firefox.nix - ./git.nix - ./hyprland.nix - ./mpv.nix - ./yt-dlp.nix - ./wofi.nix - ./kitty.nix - ./waybar.nix - ./zsh.nix - ./mbsync.nix - ./msmtp.nix - ./gammastep.nix - ./mpd.nix - ./mako.nix - ./user.nix - ./pantalaimon.nix - ]; + { lib, config, pkgs, ... }: + { + imports = [ + ../vars.nix + ./fcitx.nix + ./secrets.nix + ./emacs.nix + ./firefox.nix + ./git.nix + ./hyprland.nix + ./mpv.nix + ./yt-dlp.nix + ./wofi.nix + ./kitty.nix + ./waybar.nix + ./zsh.nix + ./mbsync.nix + ./msmtp.nix + ./gammastep.nix + ./mpd.nix + ./mako.nix + ./user.nix + ./pantalaimon.nix + ]; - options = { - monorepo.profiles = { - enable = lib.mkEnableOption "Enables home manager desktop configuration"; - # Programs - graphics.enable = lib.mkEnableOption "Enables graphical programs for user"; - lang-c.enable = lib.mkEnableOption "Enables C language support"; - lang-sh.enable = lib.mkEnableOption "Enables sh language support"; - lang-rust.enable = lib.mkEnableOption "Enables Rust language support"; - lang-python.enable = lib.mkEnableOption "Enables python language support"; - lang-sol.enable = lib.mkEnableOption "Enables solidity language support"; - lang-openscad.enable = lib.mkEnableOption "Enables openscad language support"; - lang-js.enable = lib.mkEnableOption "Enables javascript language support"; - lang-nix.enable = lib.mkEnableOption "Enables nix language support"; - lang-coq.enable = lib.mkEnableOption "Enables coq language support"; - - crypto.enable = lib.mkEnableOption "Enables various cryptocurrency wallets"; - art.enable = lib.mkEnableOption "Enables various art programs"; - music.enable = lib.mkEnableOption "Enables mpd"; - workstation.enable = lib.mkEnableOption "Enables workstation packages (music production and others)"; - cuda.enable = lib.mkEnableOption "Enables CUDA user package builds"; - hyprland.enable = lib.mkEnableOption "Enables hyprland"; - - email = { - email = lib.mkOption { - type = lib.types.str; - default = "ret2pop@gmail.com"; - example = "john@example.com"; - description = "Email address and imaps/smtps account"; - }; - imapsServer = lib.mkOption { - type = lib.types.str; - default = "imap.gmail.com"; - example = "imap.example.com"; - description = "imaps server address"; - }; - smtpsServer = lib.mkOption { - type = lib.types.str; - default = "smtp.gmail.com"; - example = "smtp.example.com"; - description = "smtp server address"; - }; - enable = lib.mkEnableOption "Enables email"; - }; - }; + options = { + monorepo.profiles = { + enable = lib.mkEnableOption "Enables home manager desktop configuration"; + # Programs + graphics.enable = lib.mkEnableOption "Enables graphical programs for user"; + lang-c.enable = lib.mkEnableOption "Enables C language support"; + lang-sh.enable = lib.mkEnableOption "Enables sh language support"; + lang-rust.enable = lib.mkEnableOption "Enables Rust language support"; + lang-python.enable = lib.mkEnableOption "Enables python language support"; + lang-sol.enable = lib.mkEnableOption "Enables solidity language support"; + lang-openscad.enable = lib.mkEnableOption "Enables openscad language support"; + lang-js.enable = lib.mkEnableOption "Enables javascript language support"; + lang-nix.enable = lib.mkEnableOption "Enables nix language support"; + lang-coq.enable = lib.mkEnableOption "Enables coq language support"; + + crypto.enable = lib.mkEnableOption "Enables various cryptocurrency wallets"; + art.enable = lib.mkEnableOption "Enables various art programs"; + music.enable = lib.mkEnableOption "Enables mpd"; + workstation.enable = lib.mkEnableOption "Enables workstation packages (music production and others)"; + cuda.enable = lib.mkEnableOption "Enables CUDA user package builds"; + hyprland.enable = lib.mkEnableOption "Enables hyprland"; + + email = { + email = lib.mkOption { + type = lib.types.str; + default = "ret2pop@gmail.com"; + example = "john@example.com"; + description = "Email address and imaps/smtps account"; + }; + imapsServer = lib.mkOption { + type = lib.types.str; + default = "imap.gmail.com"; + example = "imap.example.com"; + description = "imaps server address"; + }; + smtpsServer = lib.mkOption { + type = lib.types.str; + default = "smtp.gmail.com"; + example = "smtp.example.com"; + description = "smtp server address"; + }; + enable = lib.mkEnableOption "Enables email"; + }; }; + }; - config = { - home.packages = (if config.monorepo.profiles.email.enable then [ pkgs.mu ] else []) - ++ - (if config.monorepo.profiles.lang-c.enable then (with pkgs; [ - autobuild - clang - gdb - gnumake - bear - clang-tools - ]) else []) - ++ - (if config.monorepo.profiles.lang-js.enable then (with pkgs; [ - nodejs - bun - yarn - typescript - vscode-langservers-extracted - ]) else []) - ++ - (if config.monorepo.profiles.lang-rust.enable then (with pkgs; [ - cargo - rust-analyzer - rustfmt - ]) else []) - ++ - (if config.monorepo.profiles.lang-python.enable then (with pkgs; [ - poetry - python3 - python312Packages.jedi - ]) else []) - ++ - (if config.monorepo.profiles.lang-sol.enable then (with pkgs; [ - solc - ]) else []) - ++ - (if config.monorepo.profiles.lang-openscad.enable then (with pkgs; [ - openscad - openscad-lsp - ]) else []) - ++ - (if config.monorepo.profiles.lang-sh.enable then (with pkgs; [ - bash-language-server - ]) else []) - ++ - (if config.monorepo.profiles.lang-coq.enable then (with pkgs; [ - coq - ]) else []) - ++ - (if config.monorepo.profiles.lang-nix.enable then (with pkgs; [ - nil - nixd - nixfmt-rfc-style - ]) else []) - ++ - (if config.monorepo.profiles.crypto.enable then (with pkgs; [ - bitcoin - electrum - monero-cli - monero-gui - ]) else []) - ++ - (if config.monorepo.profiles.art.enable then (with pkgs; [ - inkscape - krita - ]) else []) - ++ - (if config.monorepo.profiles.music.enable then (with pkgs; [ - mpc-cli - sox - ]) else []) - ++ - (if config.monorepo.profiles.workstation.enable then (with pkgs; [ - alsa-utils - alsa-scarlett-gui - ardour - audacity - blender - fluidsynth - qjackctl - qsynth - qpwgraph - imagemagick - inkscape - kdenlive - kicad - ]) else []); - - monorepo.profiles = { - enable = lib.mkDefault true; - music.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - hyprland.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - email.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - - # Programming - graphics.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - lang-c.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - lang-rust.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - lang-python.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - lang-sol.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - lang-sh.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - lang-openscad.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - lang-js.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - lang-nix.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - lang-coq.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - - crypto.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - art.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - workstation.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - }; + config = { + home.packages = (if config.monorepo.profiles.email.enable then [ pkgs.mu ] else []) + ++ + (if config.monorepo.profiles.lang-c.enable then (with pkgs; [ + autobuild + clang + gdb + gnumake + bear + clang-tools + ]) else []) + ++ + (if config.monorepo.profiles.lang-js.enable then (with pkgs; [ + nodejs + bun + yarn + typescript + vscode-langservers-extracted + ]) else []) + ++ + (if config.monorepo.profiles.lang-rust.enable then (with pkgs; [ + cargo + rust-analyzer + rustfmt + ]) else []) + ++ + (if config.monorepo.profiles.lang-python.enable then (with pkgs; [ + poetry + python3 + python312Packages.jedi + ]) else []) + ++ + (if config.monorepo.profiles.lang-sol.enable then (with pkgs; [ + solc + ]) else []) + ++ + (if config.monorepo.profiles.lang-openscad.enable then (with pkgs; [ + openscad + openscad-lsp + ]) else []) + ++ + (if config.monorepo.profiles.lang-sh.enable then (with pkgs; [ + bash-language-server + ]) else []) + ++ + (if config.monorepo.profiles.lang-coq.enable then (with pkgs; [ + coq + ]) else []) + ++ + (if config.monorepo.profiles.lang-nix.enable then (with pkgs; [ + nil + nixd + nixfmt-rfc-style + nix-prefetch-scripts + ]) else []) + ++ + (if config.monorepo.profiles.crypto.enable then (with pkgs; [ + bitcoin + electrum + monero-cli + monero-gui + ]) else []) + ++ + (if config.monorepo.profiles.art.enable then (with pkgs; [ + inkscape + krita + ]) else []) + ++ + (if config.monorepo.profiles.music.enable then (with pkgs; [ + mpc-cli + sox + ]) else []) + ++ + (if config.monorepo.profiles.workstation.enable then (with pkgs; [ + alsa-utils + alsa-scarlett-gui + ardour + audacity + blender + fluidsynth + qjackctl + qsynth + qpwgraph + imagemagick + inkscape + kdenlive + kicad + ]) else []); + + monorepo.profiles = { + enable = lib.mkDefault true; + music.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + hyprland.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + email.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + + # Programming + graphics.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + lang-c.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + lang-rust.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + lang-python.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + lang-sol.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + lang-sh.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + lang-openscad.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + lang-js.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + lang-nix.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + lang-coq.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + + crypto.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + art.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + workstation.enable = lib.mkDefault (true && config.monorepo.profiles.enable); }; - } + }; + } #+end_src *** Firefox I conditionally enable metamask based on the cryptocurrency option. Everything else here should @@ -2053,26 +2104,30 @@ here: This uses sops in order to declaratively create the secrets on my system by unencrypting the yaml file specified. Yes, this is safe to include in the repo. #+begin_src nix :tangle ../nix/modules/secrets.nix -{ config, ... }: -{ - sops = { - defaultSopsFile = ../../secrets/secrets.yaml; - age = { - keyFile = "/home/${config.monorepo.vars.userName}/.ssh/keys.txt"; - }; - secrets.mail = { - format = "yaml"; - path = "${config.sops.defaultSymlinkPath}/mail"; - }; - secrets.digikey = { - format = "yaml"; - path = "${config.sops.defaultSymlinkPath}/digikey"; - }; + { config, ... }: + { + sops = { + defaultSopsFile = ../../secrets/secrets.yaml; + age = { + keyFile = "/home/${config.monorepo.vars.userName}/.ssh/keys.txt"; + }; + secrets.mail = { + format = "yaml"; + path = "${config.sops.defaultSymlinkPath}/mail"; + }; + secrets.cloudflare-dns = { + format = "yaml"; + path = "${config.sops.defaultSymlinkPath}/cloudflare-dns"; + }; + secrets.digikey = { + format = "yaml"; + path = "${config.sops.defaultSymlinkPath}/digikey"; + }; - defaultSymlinkPath = "/run/user/1000/secrets"; - defaultSecretsMountPoint = "/run/user/1000/secrets.d"; - }; -} + defaultSymlinkPath = "/run/user/1000/secrets"; + defaultSecretsMountPoint = "/run/user/1000/secrets.d"; + }; + } #+end_src *** Waybar This is the bar I use for my hyprland configuration. You will need to adjust the monitors field @@ -2595,9 +2650,9 @@ standard. rb = "sudo nixos-rebuild switch --flake .#continuity"; rba = "sudo nixos-rebuild switch --flake .#affinity"; nfu = "cd ~/monorepo/nix && git add . && git commit -m \"new flake lock\" && nix flake update"; - usync = "rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@nullring.xyz:/usr/share/nginx/ret2pop/"; + usync = "rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@${config.monorepo.vars.remoteHost}:/var/www/ret2pop-website/"; usite - = "cd ~/src/publish-org-roam-ui && bash local.sh && rm -rf ~/website_html/graph_view; cp -r ~/src/publish-org-roam-ui/out ~/website_html/graph_view && rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@${config.monorepo.vars.remoteHost}:/usr/share/nginx/ret2pop/"; + = "cd ~/src/publish-org-roam-ui && bash local.sh && rm -rf ~/website_html/graph_view; cp -r ~/src/publish-org-roam-ui/out ~/website_html/graph_view && rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@${config.monorepo.vars.remoteHost}:/var/www/ret2pop-website/"; sai = "eval \"$(ssh-agent -s)\" && ssh-add ~/.ssh/id_ed25519 && ssh-add -l"; i3 = "exec ${pkgs.i3-gaps}/bin/i3"; }; @@ -2783,6 +2838,7 @@ monorepo home options. imports = [ ../../modules/home/default.nix ]; + config.monorepo.profiles.workstation.enable = false; } #+end_src ** Affinity @@ -2827,24 +2883,39 @@ Spontaneity is my VPS instance. imports = [ # nixos-anywhere generates this file ./hardware-configuration.nix - ../../disko/vda-simple.nix - ../../modules/default.nix ../home.nix ]; - - config.monorepo = { - profiles = { - server.enable = true; - ttyonly.enable = true; - grub.enable = true; + config = { + monorepo = { + profiles = { + server.enable = true; + ttyonly.enable = true; + grub.enable = true; + }; + }; + networking = { + firewall.allowedTCPPorts = [ + 80 + 443 + ]; + domains = { + enable = true; + baseDomains = { + "${config.monorepo.vars.remoteHost}" = { + a.data = "66.42.84.130"; + aaaa.data = "2001:19f0:5401:10d0:5400:5ff:fe4a:7794"; + }; + }; + subDomains = { + "${config.monorepo.vars.remoteHost}" = {}; + "matrix.${config.monorepo.vars.remoteHost}" = {}; + "www.${config.monorepo.vars.remoteHost}" = {}; + }; + }; }; }; - config.networking.firewall.allowedTCPPorts = [ - 80 - 443 - ]; } #+end_src *** Home diff --git a/journal/20250214.org b/journal/20250214.org new file mode 100644 index 0000000..269cd16 --- /dev/null +++ b/journal/20250214.org @@ -0,0 +1,12 @@ +#+TITLE: Daily Journal +#+STARTUP: showeverything +#+DESCRIPTION: My daily journal entry +#+AUTHOR: Preston Pan +#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="../style.css" /> +#+html_head: <script src="https://polyfill.io/v3/polyfill.min.js?features=es6"></script> +#+html_head: <script id="MathJax-script" async src="https://cdn.jsdelivr.net/npm/mathjax@3/es5/tex-mml-chtml.js"></script> +#+options: broken-links:t +* Friday, 14 February 2025 +** 20:12 +Right now I am in Ainslie's dorm and I am also journaling as a side +effect of being in a chaotic room. diff --git a/journal/20250218.org b/journal/20250218.org new file mode 100644 index 0000000..738607e --- /dev/null +++ b/journal/20250218.org @@ -0,0 +1,18 @@ +#+TITLE: Daily Journal +#+STARTUP: showeverything +#+DESCRIPTION: My daily journal entry +#+AUTHOR: Preston Pan +#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="../style.css" /> +#+html_head: <script src="https://polyfill.io/v3/polyfill.min.js?features=es6"></script> +#+html_head: <script id="MathJax-script" async src="https://cdn.jsdelivr.net/npm/mathjax@3/es5/tex-mml-chtml.js"></script> +#+options: broken-links:t +* Tuesday, 18 February 2025 +** 01:21 +Right now, I am in Victoria in Howard's room with Marissa. It is +pretty fun, and I highly recommend this experience. I think I would +rate it a 7 out of 10. + +That being said, I am cognitively tired and I just realized that I +don't have to work on NixOS forever. I made a PR to NixOS for some +packages, and I'll probably fix some of the flake system to allow for +using an ipfs gateway for a fallback mirror. diff --git a/nix/dns/default.nix b/nix/dns/default.nix new file mode 100644 index 0000000..52ca8b6 --- /dev/null +++ b/nix/dns/default.nix @@ -0,0 +1,3 @@ +{ + defaultTTL = 120; +} diff --git a/nix/flake.lock b/nix/flake.lock index 6afd52c..49c4659 100644 --- a/nix/flake.lock +++ b/nix/flake.lock @@ -94,6 +94,22 @@ "type": "github" } }, + "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": [ @@ -287,6 +303,29 @@ "type": "github" } }, + "nixos-dns": { + "inputs": { + "flake-compat": "flake-compat_3", + "nixpkgs": [ + "nixpkgs" + ], + "systems": "systems_3", + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1725163709, + "narHash": "sha256-VqUwWZBBdDE0Jk1tRW6Bsg978R6rTILrvsqjfjHz2HY=", + "owner": "Janik-Haag", + "repo": "nixos-dns", + "rev": "ac41b8690c8db01af1eb77ea2fd330a1c43d814f", + "type": "github" + }, + "original": { + "owner": "Janik-Haag", + "repo": "nixos-dns", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1738277201, @@ -355,7 +394,7 @@ "inputs": { "flake-parts": "flake-parts_2", "nixpkgs": "nixpkgs_2", - "treefmt-nix": "treefmt-nix" + "treefmt-nix": "treefmt-nix_2" }, "locked": { "lastModified": 1738362438, @@ -431,6 +470,7 @@ "home-manager": "home-manager", "lanzaboote": "lanzaboote", "nix-topology": "nix-topology", + "nixos-dns": "nixos-dns", "nixpkgs": "nixpkgs", "nur": "nur", "scripts": "scripts", @@ -542,9 +582,44 @@ "type": "github" } }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "id": "systems", + "type": "indirect" + } + }, "treefmt-nix": { "inputs": { "nixpkgs": [ + "nixos-dns", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1714058656, + "narHash": "sha256-Qv4RBm4LKuO4fNOfx9wl40W2rBbv5u5m+whxRYUMiaA=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "c6aaf729f34a36c445618580a9f95a48f5e4e03f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, + "treefmt-nix_2": { + "inputs": { + "nixpkgs": [ "nur", "nixpkgs" ] diff --git a/nix/flake.nix b/nix/flake.nix index 3c56a49..b34b77e 100644 --- a/nix/flake.nix +++ b/nix/flake.nix @@ -24,15 +24,25 @@ url = "github:nix-community/lanzaboote/v0.4.1"; inputs.nixpkgs.follows = "nixpkgs"; }; + nixos-dns = { + url = "github:Janik-Haag/nixos-dns"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; - outputs = { self, nixpkgs, home-manager, nur, disko, lanzaboote, sops-nix, nix-topology, ... }@attrs: + outputs = { self, nixpkgs, home-manager, nur, disko, lanzaboote, sops-nix, nix-topology, nixos-dns, ... }@attrs: let system = "x86_64-linux"; + pkgs = import nixpkgs { inherit system; }; + generate = nixos-dns.utils.generate nixpkgs.legacyPackages."${system}"; + dnsConfig = { + inherit (self) nixosConfigurations; + extraConfig = import ./dns/default.nix; + }; mkConfigs = map (hostname: { name = "${hostname}"; value = nixpkgs.lib.nixosSystem { - system = system; + inherit system; specialArgs = attrs; modules = if (hostname == "installer") then [ (./. + "/systems/${hostname}/default.nix") @@ -44,6 +54,7 @@ disko.nixosModules.disko home-manager.nixosModules.home-manager sops-nix.nixosModules.sops + nixos-dns.nixosModules.dns { nixpkgs.overlays = [ nur.overlays.default ]; home-manager.extraSpecialArgs = attrs; @@ -71,5 +82,38 @@ { nixosConfigurations = self.nixosConfigurations; } ]; }; + + devShell."${system}" = with pkgs; mkShell { + buildInputs = [ + fira-code + python3 + poetry + ]; + shellHook = '' +poetry shell + ''; + }; + + packages."${system}" = { + zoneFiles = generate.zoneFiles dnsConfig; + octodns = generate.octodnsConfig { + inherit dnsConfig; + + config = { + providers = { + cloudflare = { + class = "octodns_cloudflare.CloudflareProvider"; + token = "env/CLOUDFLARE_TOKEN"; + }; + config = { + check_origin = false; + }; + }; + }; + zones = { + "ret2pop.net." = nixos-dns.utils.octodns.generateZoneAttrs [ "cloudflare" ]; + }; + }; + }; }; } diff --git a/nix/modules/conduit.nix b/nix/modules/conduit.nix index 954e5fc..623cb7f 100644 --- a/nix/modules/conduit.nix +++ b/ |