From 6f8dc8ecbeae8690a6e92a0a44916e6e17ba950f Mon Sep 17 00:00:00 2001 From: Preston Pan Date: Tue, 18 Feb 2025 22:38:45 -0800 Subject: octodns-cloudflare works with config --- agenda.org | 7 +- config/nix.org | 511 ++++++++++++++++++++---------------- journal/20250214.org | 12 + journal/20250218.org | 18 ++ nix/dns/default.nix | 3 + nix/flake.lock | 77 +++++- nix/flake.nix | 48 +++- nix/modules/conduit.nix | 2 +- nix/modules/home/default.nix | 3 +- nix/modules/home/zsh.nix | 4 +- nix/modules/nginx.nix | 8 +- nix/modules/secrets.nix | 4 + nix/modules/vars.nix | 2 +- nix/poetry.lock | 363 +++++++++++++++++++++++++ nix/pyproject.toml | 17 ++ nix/secrets/secrets.yaml | 7 +- nix/systems/continuity/home.nix | 1 + nix/systems/spontaneity/default.nix | 39 ++- 18 files changed, 875 insertions(+), 251 deletions(-) create mode 100644 journal/20250214.org create mode 100644 journal/20250218.org create mode 100644 nix/dns/default.nix create mode 100644 nix/poetry.lock create mode 100644 nix/pyproject.toml diff --git a/agenda.org b/agenda.org index e45fe76..ab71071 100644 --- a/agenda.org +++ b/agenda.org @@ -19,8 +19,6 @@ project, it can be referenced here. * Tasks These are general life tasks that I need to do, which don't depend on a specific time or date. -** TODO [#B] NixOS VPS Migration -Migrate all my services to NixOS. ** TODO [#B] Nullring Update the nullring to be in org mode, and also include a couple more sites. ** TODO [#B] Umami @@ -62,10 +60,11 @@ SCHEDULED: <2025-02-12 Wed .+1d> - State "DONE" from "TODO" [2025-01-11 Sat 02:26] I want to stretch every day so that I can become more flexible. ** TODO Journal -SCHEDULED: <2025-02-12 Wed .+1d> +SCHEDULED: <2025-02-19 Wed .+1d> :PROPERTIES: -:LAST_REPEAT: [2025-02-11 Tue 04:01] +:LAST_REPEAT: [2025-02-18 Tue 01:44] :END: +- State "DONE" from "TODO" [2025-02-18 Tue 01:44] - State "DONE" from "TODO" [2025-02-11 Tue 04:01] - State "DONE" from "TODO" [2025-02-03 Mon 13:57] - State "DONE" from "TODO" [2025-02-03 Mon 03:01] diff --git a/config/nix.org b/config/nix.org index d19cebe..89e06ba 100644 --- a/config/nix.org +++ b/config/nix.org @@ -44,15 +44,25 @@ so that adding new configurations that add modifications is made simple. url = "github:nix-community/lanzaboote/v0.4.1"; inputs.nixpkgs.follows = "nixpkgs"; }; + nixos-dns = { + url = "github:Janik-Haag/nixos-dns"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; - outputs = { self, nixpkgs, home-manager, nur, disko, lanzaboote, sops-nix, nix-topology, ... }@attrs: + outputs = { self, nixpkgs, home-manager, nur, disko, lanzaboote, sops-nix, nix-topology, nixos-dns, ... }@attrs: let system = "x86_64-linux"; + pkgs = import nixpkgs { inherit system; }; + generate = nixos-dns.utils.generate nixpkgs.legacyPackages."${system}"; + dnsConfig = { + inherit (self) nixosConfigurations; + extraConfig = import ./dns/default.nix; + }; mkConfigs = map (hostname: { name = "${hostname}"; value = nixpkgs.lib.nixosSystem { - system = system; + inherit system; specialArgs = attrs; modules = if (hostname == "installer") then [ (./. + "/systems/${hostname}/default.nix") @@ -64,6 +74,7 @@ so that adding new configurations that add modifications is made simple. disko.nixosModules.disko home-manager.nixosModules.home-manager sops-nix.nixosModules.sops + nixos-dns.nixosModules.dns { nixpkgs.overlays = [ nur.overlays.default ]; home-manager.extraSpecialArgs = attrs; @@ -91,6 +102,39 @@ so that adding new configurations that add modifications is made simple. { nixosConfigurations = self.nixosConfigurations; } ]; }; + + devShell."${system}" = with pkgs; mkShell { + buildInputs = [ + fira-code + python3 + poetry + ]; + shellHook = '' + poetry shell + ''; + }; + + packages."${system}" = { + zoneFiles = generate.zoneFiles dnsConfig; + octodns = generate.octodnsConfig { + inherit dnsConfig; + + config = { + providers = { + cloudflare = { + class = "octodns_cloudflare.CloudflareProvider"; + token = "env/CLOUDFLARE_TOKEN"; + }; + config = { + check_origin = false; + }; + }; + }; + zones = { + "ret2pop.net." = nixos-dns.utils.octodns.generateZoneAttrs [ "cloudflare" ]; + }; + }; + }; }; } #+end_src @@ -110,6 +154,12 @@ creation_rules: #+end_src also note that you will have to write your own secrets.yaml file, with an entry called ~mail~, which is used for the imaps and smtps password. +* Nix DNS +#+begin_src nix :tangle ../nix/dns/default.nix + { + defaultTTL = 120; + } +#+end_src * Nix Topology Nix Topology generates a nice graph of all my hosts. You can view this graph by running ~nix build .#topology.x86_64-linux.config.output~. @@ -201,7 +251,7 @@ largely self-documenting. remoteHost = lib.mkOption { type = lib.types.str; - default = "nullring.xyz"; + default = "ret2pop.net"; example = "example.com"; description = "Address to push to and pull from for website and git repos"; }; @@ -486,11 +536,11 @@ Use postfix as an smtps server. gitweb = { enable = true; - virtualHost = "ret2pop.net"; + virtualHost = "${config.monorepo.vars.remoteHost}"; }; virtualHosts = { - "matrix.ret2pop.net" = { + "matrix.${config.monorepo.vars.remoteHost}" = { enableACME = true; forceSSL = true; listen = [ @@ -527,8 +577,8 @@ Use postfix as an smtps server. merge_slashes off; ''; }; - "ret2pop.net" = { - serverName = "ret2pop.net"; + "${config.monorepo.vars.remoteHost}" = { + serverName = "${config.monorepo.vars.remoteHost}"; root = "/var/www/ret2pop-website/"; addSSL = true; enableACME = true; @@ -555,7 +605,7 @@ Use postfix as an smtps server. enable = lib.mkDefault config.monorepo.profiles.server.enable; # random comment settings.global = { - server_name = "matrix.ret2pop.net"; + server_name = "matrix.${config.monorepo.vars.remoteHost}"; address = "0.0.0.0"; port = 6167; }; @@ -1081,189 +1131,190 @@ For my virtual machines. As you can see, I have my installed home packages installed based on the profiles enabled. Also, I have many imports that we'll go through next. #+begin_src nix :tangle ../nix/modules/home/default.nix - { lib, config, pkgs, ... }: - { - imports = [ - ../vars.nix - ./fcitx.nix - ./secrets.nix - ./emacs.nix - ./firefox.nix - ./git.nix - ./hyprland.nix - ./mpv.nix - ./yt-dlp.nix - ./wofi.nix - ./kitty.nix - ./waybar.nix - ./zsh.nix - ./mbsync.nix - ./msmtp.nix - ./gammastep.nix - ./mpd.nix - ./mako.nix - ./user.nix - ./pantalaimon.nix - ]; + { lib, config, pkgs, ... }: + { + imports = [ + ../vars.nix + ./fcitx.nix + ./secrets.nix + ./emacs.nix + ./firefox.nix + ./git.nix + ./hyprland.nix + ./mpv.nix + ./yt-dlp.nix + ./wofi.nix + ./kitty.nix + ./waybar.nix + ./zsh.nix + ./mbsync.nix + ./msmtp.nix + ./gammastep.nix + ./mpd.nix + ./mako.nix + ./user.nix + ./pantalaimon.nix + ]; - options = { - monorepo.profiles = { - enable = lib.mkEnableOption "Enables home manager desktop configuration"; - # Programs - graphics.enable = lib.mkEnableOption "Enables graphical programs for user"; - lang-c.enable = lib.mkEnableOption "Enables C language support"; - lang-sh.enable = lib.mkEnableOption "Enables sh language support"; - lang-rust.enable = lib.mkEnableOption "Enables Rust language support"; - lang-python.enable = lib.mkEnableOption "Enables python language support"; - lang-sol.enable = lib.mkEnableOption "Enables solidity language support"; - lang-openscad.enable = lib.mkEnableOption "Enables openscad language support"; - lang-js.enable = lib.mkEnableOption "Enables javascript language support"; - lang-nix.enable = lib.mkEnableOption "Enables nix language support"; - lang-coq.enable = lib.mkEnableOption "Enables coq language support"; - - crypto.enable = lib.mkEnableOption "Enables various cryptocurrency wallets"; - art.enable = lib.mkEnableOption "Enables various art programs"; - music.enable = lib.mkEnableOption "Enables mpd"; - workstation.enable = lib.mkEnableOption "Enables workstation packages (music production and others)"; - cuda.enable = lib.mkEnableOption "Enables CUDA user package builds"; - hyprland.enable = lib.mkEnableOption "Enables hyprland"; - - email = { - email = lib.mkOption { - type = lib.types.str; - default = "ret2pop@gmail.com"; - example = "john@example.com"; - description = "Email address and imaps/smtps account"; - }; - imapsServer = lib.mkOption { - type = lib.types.str; - default = "imap.gmail.com"; - example = "imap.example.com"; - description = "imaps server address"; - }; - smtpsServer = lib.mkOption { - type = lib.types.str; - default = "smtp.gmail.com"; - example = "smtp.example.com"; - description = "smtp server address"; - }; - enable = lib.mkEnableOption "Enables email"; - }; - }; + options = { + monorepo.profiles = { + enable = lib.mkEnableOption "Enables home manager desktop configuration"; + # Programs + graphics.enable = lib.mkEnableOption "Enables graphical programs for user"; + lang-c.enable = lib.mkEnableOption "Enables C language support"; + lang-sh.enable = lib.mkEnableOption "Enables sh language support"; + lang-rust.enable = lib.mkEnableOption "Enables Rust language support"; + lang-python.enable = lib.mkEnableOption "Enables python language support"; + lang-sol.enable = lib.mkEnableOption "Enables solidity language support"; + lang-openscad.enable = lib.mkEnableOption "Enables openscad language support"; + lang-js.enable = lib.mkEnableOption "Enables javascript language support"; + lang-nix.enable = lib.mkEnableOption "Enables nix language support"; + lang-coq.enable = lib.mkEnableOption "Enables coq language support"; + + crypto.enable = lib.mkEnableOption "Enables various cryptocurrency wallets"; + art.enable = lib.mkEnableOption "Enables various art programs"; + music.enable = lib.mkEnableOption "Enables mpd"; + workstation.enable = lib.mkEnableOption "Enables workstation packages (music production and others)"; + cuda.enable = lib.mkEnableOption "Enables CUDA user package builds"; + hyprland.enable = lib.mkEnableOption "Enables hyprland"; + + email = { + email = lib.mkOption { + type = lib.types.str; + default = "ret2pop@gmail.com"; + example = "john@example.com"; + description = "Email address and imaps/smtps account"; + }; + imapsServer = lib.mkOption { + type = lib.types.str; + default = "imap.gmail.com"; + example = "imap.example.com"; + description = "imaps server address"; + }; + smtpsServer = lib.mkOption { + type = lib.types.str; + default = "smtp.gmail.com"; + example = "smtp.example.com"; + description = "smtp server address"; + }; + enable = lib.mkEnableOption "Enables email"; + }; }; + }; - config = { - home.packages = (if config.monorepo.profiles.email.enable then [ pkgs.mu ] else []) - ++ - (if config.monorepo.profiles.lang-c.enable then (with pkgs; [ - autobuild - clang - gdb - gnumake - bear - clang-tools - ]) else []) - ++ - (if config.monorepo.profiles.lang-js.enable then (with pkgs; [ - nodejs - bun - yarn - typescript - vscode-langservers-extracted - ]) else []) - ++ - (if config.monorepo.profiles.lang-rust.enable then (with pkgs; [ - cargo - rust-analyzer - rustfmt - ]) else []) - ++ - (if config.monorepo.profiles.lang-python.enable then (with pkgs; [ - poetry - python3 - python312Packages.jedi - ]) else []) - ++ - (if config.monorepo.profiles.lang-sol.enable then (with pkgs; [ - solc - ]) else []) - ++ - (if config.monorepo.profiles.lang-openscad.enable then (with pkgs; [ - openscad - openscad-lsp - ]) else []) - ++ - (if config.monorepo.profiles.lang-sh.enable then (with pkgs; [ - bash-language-server - ]) else []) - ++ - (if config.monorepo.profiles.lang-coq.enable then (with pkgs; [ - coq - ]) else []) - ++ - (if config.monorepo.profiles.lang-nix.enable then (with pkgs; [ - nil - nixd - nixfmt-rfc-style - ]) else []) - ++ - (if config.monorepo.profiles.crypto.enable then (with pkgs; [ - bitcoin - electrum - monero-cli - monero-gui - ]) else []) - ++ - (if config.monorepo.profiles.art.enable then (with pkgs; [ - inkscape - krita - ]) else []) - ++ - (if config.monorepo.profiles.music.enable then (with pkgs; [ - mpc-cli - sox - ]) else []) - ++ - (if config.monorepo.profiles.workstation.enable then (with pkgs; [ - alsa-utils - alsa-scarlett-gui - ardour - audacity - blender - fluidsynth - qjackctl - qsynth - qpwgraph - imagemagick - inkscape - kdenlive - kicad - ]) else []); - - monorepo.profiles = { - enable = lib.mkDefault true; - music.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - hyprland.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - email.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - - # Programming - graphics.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - lang-c.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - lang-rust.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - lang-python.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - lang-sol.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - lang-sh.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - lang-openscad.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - lang-js.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - lang-nix.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - lang-coq.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - - crypto.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - art.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - workstation.enable = lib.mkDefault (true && config.monorepo.profiles.enable); - }; + config = { + home.packages = (if config.monorepo.profiles.email.enable then [ pkgs.mu ] else []) + ++ + (if config.monorepo.profiles.lang-c.enable then (with pkgs; [ + autobuild + clang + gdb + gnumake + bear + clang-tools + ]) else []) + ++ + (if config.monorepo.profiles.lang-js.enable then (with pkgs; [ + nodejs + bun + yarn + typescript + vscode-langservers-extracted + ]) else []) + ++ + (if config.monorepo.profiles.lang-rust.enable then (with pkgs; [ + cargo + rust-analyzer + rustfmt + ]) else []) + ++ + (if config.monorepo.profiles.lang-python.enable then (with pkgs; [ + poetry + python3 + python312Packages.jedi + ]) else []) + ++ + (if config.monorepo.profiles.lang-sol.enable then (with pkgs; [ + solc + ]) else []) + ++ + (if config.monorepo.profiles.lang-openscad.enable then (with pkgs; [ + openscad + openscad-lsp + ]) else []) + ++ + (if config.monorepo.profiles.lang-sh.enable then (with pkgs; [ + bash-language-server + ]) else []) + ++ + (if config.monorepo.profiles.lang-coq.enable then (with pkgs; [ + coq + ]) else []) + ++ + (if config.monorepo.profiles.lang-nix.enable then (with pkgs; [ + nil + nixd + nixfmt-rfc-style + nix-prefetch-scripts + ]) else []) + ++ + (if config.monorepo.profiles.crypto.enable then (with pkgs; [ + bitcoin + electrum + monero-cli + monero-gui + ]) else []) + ++ + (if config.monorepo.profiles.art.enable then (with pkgs; [ + inkscape + krita + ]) else []) + ++ + (if config.monorepo.profiles.music.enable then (with pkgs; [ + mpc-cli + sox + ]) else []) + ++ + (if config.monorepo.profiles.workstation.enable then (with pkgs; [ + alsa-utils + alsa-scarlett-gui + ardour + audacity + blender + fluidsynth + qjackctl + qsynth + qpwgraph + imagemagick + inkscape + kdenlive + kicad + ]) else []); + + monorepo.profiles = { + enable = lib.mkDefault true; + music.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + hyprland.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + email.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + + # Programming + graphics.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + lang-c.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + lang-rust.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + lang-python.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + lang-sol.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + lang-sh.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + lang-openscad.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + lang-js.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + lang-nix.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + lang-coq.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + + crypto.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + art.enable = lib.mkDefault (true && config.monorepo.profiles.enable); + workstation.enable = lib.mkDefault (true && config.monorepo.profiles.enable); }; - } + }; + } #+end_src *** Firefox I conditionally enable metamask based on the cryptocurrency option. Everything else here should @@ -2053,26 +2104,30 @@ here: This uses sops in order to declaratively create the secrets on my system by unencrypting the yaml file specified. Yes, this is safe to include in the repo. #+begin_src nix :tangle ../nix/modules/secrets.nix -{ config, ... }: -{ - sops = { - defaultSopsFile = ../../secrets/secrets.yaml; - age = { - keyFile = "/home/${config.monorepo.vars.userName}/.ssh/keys.txt"; - }; - secrets.mail = { - format = "yaml"; - path = "${config.sops.defaultSymlinkPath}/mail"; - }; - secrets.digikey = { - format = "yaml"; - path = "${config.sops.defaultSymlinkPath}/digikey"; - }; + { config, ... }: + { + sops = { + defaultSopsFile = ../../secrets/secrets.yaml; + age = { + keyFile = "/home/${config.monorepo.vars.userName}/.ssh/keys.txt"; + }; + secrets.mail = { + format = "yaml"; + path = "${config.sops.defaultSymlinkPath}/mail"; + }; + secrets.cloudflare-dns = { + format = "yaml"; + path = "${config.sops.defaultSymlinkPath}/cloudflare-dns"; + }; + secrets.digikey = { + format = "yaml"; + path = "${config.sops.defaultSymlinkPath}/digikey"; + }; - defaultSymlinkPath = "/run/user/1000/secrets"; - defaultSecretsMountPoint = "/run/user/1000/secrets.d"; - }; -} + defaultSymlinkPath = "/run/user/1000/secrets"; + defaultSecretsMountPoint = "/run/user/1000/secrets.d"; + }; + } #+end_src *** Waybar This is the bar I use for my hyprland configuration. You will need to adjust the monitors field @@ -2595,9 +2650,9 @@ standard. rb = "sudo nixos-rebuild switch --flake .#continuity"; rba = "sudo nixos-rebuild switch --flake .#affinity"; nfu = "cd ~/monorepo/nix && git add . && git commit -m \"new flake lock\" && nix flake update"; - usync = "rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@nullring.xyz:/usr/share/nginx/ret2pop/"; + usync = "rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@${config.monorepo.vars.remoteHost}:/var/www/ret2pop-website/"; usite - = "cd ~/src/publish-org-roam-ui && bash local.sh && rm -rf ~/website_html/graph_view; cp -r ~/src/publish-org-roam-ui/out ~/website_html/graph_view && rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@${config.monorepo.vars.remoteHost}:/usr/share/nginx/ret2pop/"; + = "cd ~/src/publish-org-roam-ui && bash local.sh && rm -rf ~/website_html/graph_view; cp -r ~/src/publish-org-roam-ui/out ~/website_html/graph_view && rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@${config.monorepo.vars.remoteHost}:/var/www/ret2pop-website/"; sai = "eval \"$(ssh-agent -s)\" && ssh-add ~/.ssh/id_ed25519 && ssh-add -l"; i3 = "exec ${pkgs.i3-gaps}/bin/i3"; }; @@ -2783,6 +2838,7 @@ monorepo home options. imports = [ ../../modules/home/default.nix ]; + config.monorepo.profiles.workstation.enable = false; } #+end_src ** Affinity @@ -2827,24 +2883,39 @@ Spontaneity is my VPS instance. imports = [ # nixos-anywhere generates this file ./hardware-configuration.nix - ../../disko/vda-simple.nix - ../../modules/default.nix ../home.nix ]; - - config.monorepo = { - profiles = { - server.enable = true; - ttyonly.enable = true; - grub.enable = true; + config = { + monorepo = { + profiles = { + server.enable = true; + ttyonly.enable = true; + grub.enable = true; + }; + }; + networking = { + firewall.allowedTCPPorts = [ + 80 + 443 + ]; + domains = { + enable = true; + baseDomains = { + "${config.monorepo.vars.remoteHost}" = { + a.data = "66.42.84.130"; + aaaa.data = "2001:19f0:5401:10d0:5400:5ff:fe4a:7794"; + }; + }; + subDomains = { + "${config.monorepo.vars.remoteHost}" = {}; + "matrix.${config.monorepo.vars.remoteHost}" = {}; + "www.${config.monorepo.vars.remoteHost}" = {}; + }; + }; }; }; - config.networking.firewall.allowedTCPPorts = [ - 80 - 443 - ]; } #+end_src *** Home diff --git a/journal/20250214.org b/journal/20250214.org new file mode 100644 index 0000000..269cd16 --- /dev/null +++ b/journal/20250214.org @@ -0,0 +1,12 @@ +#+TITLE: Daily Journal +#+STARTUP: showeverything +#+DESCRIPTION: My daily journal entry +#+AUTHOR: Preston Pan +#+HTML_HEAD: +#+html_head: +#+html_head: +#+options: broken-links:t +* Friday, 14 February 2025 +** 20:12 +Right now I am in Ainslie's dorm and I am also journaling as a side +effect of being in a chaotic room. diff --git a/journal/20250218.org b/journal/20250218.org new file mode 100644 index 0000000..738607e --- /dev/null +++ b/journal/20250218.org @@ -0,0 +1,18 @@ +#+TITLE: Daily Journal +#+STARTUP: showeverything +#+DESCRIPTION: My daily journal entry +#+AUTHOR: Preston Pan +#+HTML_HEAD: +#+html_head: +#+html_head: +#+options: broken-links:t +* Tuesday, 18 February 2025 +** 01:21 +Right now, I am in Victoria in Howard's room with Marissa. It is +pretty fun, and I highly recommend this experience. I think I would +rate it a 7 out of 10. + +That being said, I am cognitively tired and I just realized that I +don't have to work on NixOS forever. I made a PR to NixOS for some +packages, and I'll probably fix some of the flake system to allow for +using an ipfs gateway for a fallback mirror. diff --git a/nix/dns/default.nix b/nix/dns/default.nix new file mode 100644 index 0000000..52ca8b6 --- /dev/null +++ b/nix/dns/default.nix @@ -0,0 +1,3 @@ +{ + defaultTTL = 120; +} diff --git a/nix/flake.lock b/nix/flake.lock index 6afd52c..49c4659 100644 --- a/nix/flake.lock +++ b/nix/flake.lock @@ -94,6 +94,22 @@ "type": "github" } }, + "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": [ @@ -287,6 +303,29 @@ "type": "github" } }, + "nixos-dns": { + "inputs": { + "flake-compat": "flake-compat_3", + "nixpkgs": [ + "nixpkgs" + ], + "systems": "systems_3", + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1725163709, + "narHash": "sha256-VqUwWZBBdDE0Jk1tRW6Bsg978R6rTILrvsqjfjHz2HY=", + "owner": "Janik-Haag", + "repo": "nixos-dns", + "rev": "ac41b8690c8db01af1eb77ea2fd330a1c43d814f", + "type": "github" + }, + "original": { + "owner": "Janik-Haag", + "repo": "nixos-dns", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1738277201, @@ -355,7 +394,7 @@ "inputs": { "flake-parts": "flake-parts_2", "nixpkgs": "nixpkgs_2", - "treefmt-nix": "treefmt-nix" + "treefmt-nix": "treefmt-nix_2" }, "locked": { "lastModified": 1738362438, @@ -431,6 +470,7 @@ "home-manager": "home-manager", "lanzaboote": "lanzaboote", "nix-topology": "nix-topology", + "nixos-dns": "nixos-dns", "nixpkgs": "nixpkgs", "nur": "nur", "scripts": "scripts", @@ -542,7 +582,42 @@ "type": "github" } }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "id": "systems", + "type": "indirect" + } + }, "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "nixos-dns", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1714058656, + "narHash": "sha256-Qv4RBm4LKuO4fNOfx9wl40W2rBbv5u5m+whxRYUMiaA=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "c6aaf729f34a36c445618580a9f95a48f5e4e03f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, + "treefmt-nix_2": { "inputs": { "nixpkgs": [ "nur", diff --git a/nix/flake.nix b/nix/flake.nix index 3c56a49..b34b77e 100644 --- a/nix/flake.nix +++ b/nix/flake.nix @@ -24,15 +24,25 @@ url = "github:nix-community/lanzaboote/v0.4.1"; inputs.nixpkgs.follows = "nixpkgs"; }; + nixos-dns = { + url = "github:Janik-Haag/nixos-dns"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; - outputs = { self, nixpkgs, home-manager, nur, disko, lanzaboote, sops-nix, nix-topology, ... }@attrs: + outputs = { self, nixpkgs, home-manager, nur, disko, lanzaboote, sops-nix, nix-topology, nixos-dns, ... }@attrs: let system = "x86_64-linux"; + pkgs = import nixpkgs { inherit system; }; + generate = nixos-dns.utils.generate nixpkgs.legacyPackages."${system}"; + dnsConfig = { + inherit (self) nixosConfigurations; + extraConfig = import ./dns/default.nix; + }; mkConfigs = map (hostname: { name = "${hostname}"; value = nixpkgs.lib.nixosSystem { - system = system; + inherit system; specialArgs = attrs; modules = if (hostname == "installer") then [ (./. + "/systems/${hostname}/default.nix") @@ -44,6 +54,7 @@ disko.nixosModules.disko home-manager.nixosModules.home-manager sops-nix.nixosModules.sops + nixos-dns.nixosModules.dns { nixpkgs.overlays = [ nur.overlays.default ]; home-manager.extraSpecialArgs = attrs; @@ -71,5 +82,38 @@ { nixosConfigurations = self.nixosConfigurations; } ]; }; + + devShell."${system}" = with pkgs; mkShell { + buildInputs = [ + fira-code + python3 + poetry + ]; + shellHook = '' +poetry shell + ''; + }; + + packages."${system}" = { + zoneFiles = generate.zoneFiles dnsConfig; + octodns = generate.octodnsConfig { + inherit dnsConfig; + + config = { + providers = { + cloudflare = { + class = "octodns_cloudflare.CloudflareProvider"; + token = "env/CLOUDFLARE_TOKEN"; + }; + config = { + check_origin = false; + }; + }; + }; + zones = { + "ret2pop.net." = nixos-dns.utils.octodns.generateZoneAttrs [ "cloudflare" ]; + }; + }; + }; }; } diff --git a/nix/modules/conduit.nix b/nix/modules/conduit.nix index 954e5fc..623cb7f 100644 --- a/nix/modules/conduit.nix +++ b/nix/modules/conduit.nix @@ -4,7 +4,7 @@ enable = lib.mkDefault config.monorepo.profiles.server.enable; # random comment settings.global = { - server_name = "matrix.ret2pop.net"; + server_name = "matrix.${config.monorepo.vars.remoteHost}"; address = "0.0.0.0"; port = 6167; }; diff --git a/nix/modules/home/default.nix b/nix/modules/home/default.nix index 06c43dc..d2277da 100644 --- a/nix/modules/home/default.nix +++ b/nix/modules/home/default.nix @@ -96,7 +96,7 @@ ]) else []) ++ (if config.monorepo.profiles.lang-python.enable then (with pkgs; [ - poetry + poetry python3 python312Packages.jedi ]) else []) @@ -122,6 +122,7 @@ nil nixd nixfmt-rfc-style + nix-prefetch-scripts ]) else []) ++ (if config.monorepo.profiles.crypto.enable then (with pkgs; [ diff --git a/nix/modules/home/zsh.nix b/nix/modules/home/zsh.nix index 0c5bced..263cc58 100644 --- a/nix/modules/home/zsh.nix +++ b/nix/modules/home/zsh.nix @@ -27,9 +27,9 @@ rb = "sudo nixos-rebuild switch --flake .#continuity"; rba = "sudo nixos-rebuild switch --flake .#affinity"; nfu = "cd ~/monorepo/nix && git add . && git commit -m \"new flake lock\" && nix flake update"; - usync = "rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@nullring.xyz:/usr/share/nginx/ret2pop/"; + usync = "rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@${config.monorepo.vars.remoteHost}:/var/www/ret2pop-website/"; usite - = "cd ~/src/publish-org-roam-ui && bash local.sh && rm -rf ~/website_html/graph_view; cp -r ~/src/publish-org-roam-ui/out ~/website_html/graph_view && rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@${config.monorepo.vars.remoteHost}:/usr/share/nginx/ret2pop/"; + = "cd ~/src/publish-org-roam-ui && bash local.sh && rm -rf ~/website_html/graph_view; cp -r ~/src/publish-org-roam-ui/out ~/website_html/graph_view && rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@${config.monorepo.vars.remoteHost}:/var/www/ret2pop-website/"; sai = "eval \"$(ssh-agent -s)\" && ssh-add ~/.ssh/id_ed25519 && ssh-add -l"; i3 = "exec ${pkgs.i3-gaps}/bin/i3"; }; diff --git a/nix/modules/nginx.nix b/nix/modules/nginx.nix index af2d42f..a3906e2 100644 --- a/nix/modules/nginx.nix +++ b/nix/modules/nginx.nix @@ -16,11 +16,11 @@ gitweb = { enable = true; - virtualHost = "ret2pop.net"; + virtualHost = "${config.monorepo.vars.remoteHost}"; }; virtualHosts = { - "matrix.ret2pop.net" = { + "matrix.${config.monorepo.vars.remoteHost}" = { enableACME = true; forceSSL = true; listen = [ @@ -57,8 +57,8 @@ merge_slashes off; ''; }; - "ret2pop.net" = { - serverName = "ret2pop.net"; + "${config.monorepo.vars.remoteHost}" = { + serverName = "${config.monorepo.vars.remoteHost}"; root = "/var/www/ret2pop-website/"; addSSL = true; enableACME = true; diff --git a/nix/modules/secrets.nix b/nix/modules/secrets.nix index 29e8c4c..d7a229f 100644 --- a/nix/modules/secrets.nix +++ b/nix/modules/secrets.nix @@ -9,6 +9,10 @@ format = "yaml"; path = "${config.sops.defaultSymlinkPath}/mail"; }; + secrets.cloudflare-dns = { + format = "yaml"; + path = "${config.sops.defaultSymlinkPath}/cloudflare-dns"; + }; secrets.digikey = { format = "yaml"; path = "${config.sops.defaultSymlinkPath}/digikey"; diff --git a/nix/modules/vars.nix b/nix/modules/vars.nix index 5d22584..6ee1cc0 100644 --- a/nix/modules/vars.nix +++ b/nix/modules/vars.nix @@ -24,7 +24,7 @@ remoteHost = lib.mkOption { type = lib.types.str; - default = "nullring.xyz"; + default = "ret2pop.net"; example = "example.com"; description = "Address to push to and pull from for website and git repos"; }; diff --git a/nix/poetry.lock b/nix/poetry.lock new file mode 100644 index 0000000..c99deac --- /dev/null +++ b/nix/poetry.lock @@ -0,0 +1,363 @@ +# This file is automatically @generated by Poetry 1.8.4 and should not be changed by hand. + +[[package]] +name = "certifi" +version = "2025.1.31" +description = "Python package for providing Mozilla's CA Bundle." +optional = false +python-versions = ">=3.6" +files = [ + {file = "certifi-2025.1.31-py3-none-any.whl", hash = "sha256:ca78db4565a652026a4db2bcdf68f2fb589ea80d0be70e03929ed730746b84fe"}, + {file = "certifi-2025.1.31.tar.gz", hash = "sha256:3d5da6925056f6f18f119200434a4780a94263f10d1c21d032a6f6b2baa20651"}, +] + +[[package]] +name = "charset-normalizer" +version = "3.4.1" +description = "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet." +optional = false +python-versions = ">=3.7" +files = [ + {file = "charset_normalizer-3.4.1-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:91b36a978b5ae0ee86c394f5a54d6ef44db1de0815eb43de826d41d21e4af3de"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:7461baadb4dc00fd9e0acbe254e3d7d2112e7f92ced2adc96e54ef6501c5f176"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:e218488cd232553829be0664c2292d3af2eeeb94b32bea483cf79ac6a694e037"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:80ed5e856eb7f30115aaf94e4a08114ccc8813e6ed1b5efa74f9f82e8509858f"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:b010a7a4fd316c3c484d482922d13044979e78d1861f0e0650423144c616a46a"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:4532bff1b8421fd0a320463030c7520f56a79c9024a4e88f01c537316019005a"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:d973f03c0cb71c5ed99037b870f2be986c3c05e63622c017ea9816881d2dd247"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:3a3bd0dcd373514dcec91c411ddb9632c0d7d92aed7093b8c3bbb6d69ca74408"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_ppc64le.whl", hash = "sha256:d9c3cdf5390dcd29aa8056d13e8e99526cda0305acc038b96b30352aff5ff2bb"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_s390x.whl", hash = "sha256:2bdfe3ac2e1bbe5b59a1a63721eb3b95fc9b6817ae4a46debbb4e11f6232428d"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:eab677309cdb30d047996b36d34caeda1dc91149e4fdca0b1a039b3f79d9a807"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-win32.whl", hash = "sha256:c0429126cf75e16c4f0ad00ee0eae4242dc652290f940152ca8c75c3a4b6ee8f"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-win_amd64.whl", hash = "sha256:9f0b8b1c6d84c8034a44893aba5e767bf9c7a211e313a9605d9c617d7083829f"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:8bfa33f4f2672964266e940dd22a195989ba31669bd84629f05fab3ef4e2d125"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:28bf57629c75e810b6ae989f03c0828d64d6b26a5e205535585f96093e405ed1"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:f08ff5e948271dc7e18a35641d2f11a4cd8dfd5634f55228b691e62b37125eb3"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:234ac59ea147c59ee4da87a0c0f098e9c8d169f4dc2a159ef720f1a61bbe27cd"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:fd4ec41f914fa74ad1b8304bbc634b3de73d2a0889bd32076342a573e0779e00"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:eea6ee1db730b3483adf394ea72f808b6e18cf3cb6454b4d86e04fa8c4327a12"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:c96836c97b1238e9c9e3fe90844c947d5afbf4f4c92762679acfe19927d81d77"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:4d86f7aff21ee58f26dcf5ae81a9addbd914115cdebcbb2217e4f0ed8982e146"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_ppc64le.whl", hash = "sha256:09b5e6733cbd160dcc09589227187e242a30a49ca5cefa5a7edd3f9d19ed53fd"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_s390x.whl", hash = "sha256:5777ee0881f9499ed0f71cc82cf873d9a0ca8af166dfa0af8ec4e675b7df48e6"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:237bdbe6159cff53b4f24f397d43c6336c6b0b42affbe857970cefbb620911c8"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-win32.whl", hash = "sha256:8417cb1f36cc0bc7eaba8ccb0e04d55f0ee52df06df3ad55259b9a323555fc8b"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-win_amd64.whl", hash = "sha256:d7f50a1f8c450f3925cb367d011448c39239bb3eb4117c36a6d354794de4ce76"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-macosx_10_13_universal2.whl", hash = "sha256:73d94b58ec7fecbc7366247d3b0b10a21681004153238750bb67bd9012414545"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:dad3e487649f498dd991eeb901125411559b22e8d7ab25d3aeb1af367df5efd7"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:c30197aa96e8eed02200a83fba2657b4c3acd0f0aa4bdc9f6c1af8e8962e0757"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:2369eea1ee4a7610a860d88f268eb39b95cb588acd7235e02fd5a5601773d4fa"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:bc2722592d8998c870fa4e290c2eec2c1569b87fe58618e67d38b4665dfa680d"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:ffc9202a29ab3920fa812879e95a9e78b2465fd10be7fcbd042899695d75e616"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:804a4d582ba6e5b747c625bf1255e6b1507465494a40a2130978bda7b932c90b"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:0f55e69f030f7163dffe9fd0752b32f070566451afe180f99dbeeb81f511ad8d"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_ppc64le.whl", hash = "sha256:c4c3e6da02df6fa1410a7680bd3f63d4f710232d3139089536310d027950696a"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_s390x.whl", hash = "sha256:5df196eb874dae23dcfb968c83d4f8fdccb333330fe1fc278ac5ceeb101003a9"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:e358e64305fe12299a08e08978f51fc21fac060dcfcddd95453eabe5b93ed0e1"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-win32.whl", hash = "sha256:9b23ca7ef998bc739bf6ffc077c2116917eabcc901f88da1b9856b210ef63f35"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-win_amd64.whl", hash = "sha256:6ff8a4a60c227ad87030d76e99cd1698345d4491638dfa6673027c48b3cd395f"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-macosx_10_13_universal2.whl", hash = "sha256:aabfa34badd18f1da5ec1bc2715cadc8dca465868a4e73a0173466b688f29dda"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:22e14b5d70560b8dd51ec22863f370d1e595ac3d024cb8ad7d308b4cd95f8313"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:8436c508b408b82d87dc5f62496973a1805cd46727c34440b0d29d8a2f50a6c9"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:2d074908e1aecee37a7635990b2c6d504cd4766c7bc9fc86d63f9c09af3fa11b"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:955f8851919303c92343d2f66165294848d57e9bba6cf6e3625485a70a038d11"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:44ecbf16649486d4aebafeaa7ec4c9fed8b88101f4dd612dcaf65d5e815f837f"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:0924e81d3d5e70f8126529951dac65c1010cdf117bb75eb02dd12339b57749dd"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:2967f74ad52c3b98de4c3b32e1a44e32975e008a9cd2a8cc8966d6a5218c5cb2"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_ppc64le.whl", hash = "sha256:c75cb2a3e389853835e84a2d8fb2b81a10645b503eca9bcb98df6b5a43eb8886"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_s390x.whl", hash = "sha256:09b26ae6b1abf0d27570633b2b078a2a20419c99d66fb2823173d73f188ce601"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:fa88b843d6e211393a37219e6a1c1df99d35e8fd90446f1118f4216e307e48cd"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-win32.whl", hash = "sha256:eb8178fe3dba6450a3e024e95ac49ed3400e506fd4e9e5c32d30adda88cbd407"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-win_amd64.whl", hash = "sha256:b1ac5992a838106edb89654e0aebfc24f5848ae2547d22c2c3f66454daa11971"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f30bf9fd9be89ecb2360c7d94a711f00c09b976258846efe40db3d05828e8089"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:97f68b8d6831127e4787ad15e6757232e14e12060bec17091b85eb1486b91d8d"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7974a0b5ecd505609e3b19742b60cee7aa2aa2fb3151bc917e6e2646d7667dcf"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:fc54db6c8593ef7d4b2a331b58653356cf04f67c960f584edb7c3d8c97e8f39e"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:311f30128d7d333eebd7896965bfcfbd0065f1716ec92bd5638d7748eb6f936a"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_aarch64.whl", hash = "sha256:7d053096f67cd1241601111b698f5cad775f97ab25d81567d3f59219b5f1adbd"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_i686.whl", hash = "sha256:807f52c1f798eef6cf26beb819eeb8819b1622ddfeef9d0977a8502d4db6d534"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_ppc64le.whl", hash = "sha256:dccbe65bd2f7f7ec22c4ff99ed56faa1e9f785482b9bbd7c717e26fd723a1d1e"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_s390x.whl", hash = "sha256:2fb9bd477fdea8684f78791a6de97a953c51831ee2981f8e4f583ff3b9d9687e"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_x86_64.whl", hash = "sha256:01732659ba9b5b873fc117534143e4feefecf3b2078b0a6a2e925271bb6f4cfa"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-win32.whl", hash = "sha256:7a4f97a081603d2050bfaffdefa5b02a9ec823f8348a572e39032caa8404a487"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-win_amd64.whl", hash = "sha256:7b1bef6280950ee6c177b326508f86cad7ad4dff12454483b51d8b7d673a2c5d"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:ecddf25bee22fe4fe3737a399d0d177d72bc22be6913acfab364b40bce1ba83c"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8c60ca7339acd497a55b0ea5d506b2a2612afb2826560416f6894e8b5770d4a9"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:b7b2d86dd06bfc2ade3312a83a5c364c7ec2e3498f8734282c6c3d4b07b346b8"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:dd78cfcda14a1ef52584dbb008f7ac81c1328c0f58184bf9a84c49c605002da6"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6e27f48bcd0957c6d4cb9d6fa6b61d192d0b13d5ef563e5f2ae35feafc0d179c"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:01ad647cdd609225c5350561d084b42ddf732f4eeefe6e678765636791e78b9a"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_aarch64.whl", hash = "sha256:619a609aa74ae43d90ed2e89bdd784765de0a25ca761b93e196d938b8fd1dbbd"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_i686.whl", hash = "sha256:89149166622f4db9b4b6a449256291dc87a99ee53151c74cbd82a53c8c2f6ccd"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_ppc64le.whl", hash = "sha256:7709f51f5f7c853f0fb938bcd3bc59cdfdc5203635ffd18bf354f6967ea0f824"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_s390x.whl", hash = "sha256:345b0426edd4e18138d6528aed636de7a9ed169b4aaf9d61a8c19e39d26838ca"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_x86_64.whl", hash = "sha256:0907f11d019260cdc3f94fbdb23ff9125f6b5d1039b76003b5b0ac9d6a6c9d5b"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-win32.whl", hash = "sha256:ea0d8d539afa5eb2728aa1932a988a9a7af94f18582ffae4bc10b3fbdad0626e"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-win_amd64.whl", hash = "sha256:329ce159e82018d646c7ac45b01a430369d526569ec08516081727a20e9e4af4"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:b97e690a2118911e39b4042088092771b4ae3fc3aa86518f84b8cf6888dbdb41"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:78baa6d91634dfb69ec52a463534bc0df05dbd546209b79a3880a34487f4b84f"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:1a2bc9f351a75ef49d664206d51f8e5ede9da246602dc2d2726837620ea034b2"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:75832c08354f595c760a804588b9357d34ec00ba1c940c15e31e96d902093770"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:0af291f4fe114be0280cdd29d533696a77b5b49cfde5467176ecab32353395c4"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:0167ddc8ab6508fe81860a57dd472b2ef4060e8d378f0cc555707126830f2537"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:2a75d49014d118e4198bcee5ee0a6f25856b29b12dbf7cd012791f8a6cc5c496"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_i686.whl", hash = "sha256:363e2f92b0f0174b2f8238240a1a30142e3db7b957a5dd5689b0e75fb717cc78"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_ppc64le.whl", hash = "sha256:ab36c8eb7e454e34e60eb55ca5d241a5d18b2c6244f6827a30e451c42410b5f7"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_s390x.whl", hash = "sha256:4c0907b1928a36d5a998d72d64d8eaa7244989f7aaaf947500d3a800c83a3fd6"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:04432ad9479fa40ec0f387795ddad4437a2b50417c69fa275e212933519ff294"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-win32.whl", hash = "sha256:3bed14e9c89dcb10e8f3a29f9ccac4955aebe93c71ae803af79265c9ca5644c5"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-win_amd64.whl", hash = "sha256:49402233c892a461407c512a19435d1ce275543138294f7ef013f0b63d5d3765"}, + {file = "charset_normalizer-3.4.1-py3-none-any.whl", hash = "sha256:d98b1668f06378c6dbefec3b92299716b931cd4e6061f3c875a71ced1780ab85"}, + {file = "charset_normalizer-3.4.1.tar.gz", hash = "sha256:44251f18cd68a75b56585dd00dae26183e102cd5e0f9f1466e6df5da2ed64ea3"}, +] + +[[package]] +name = "dnspython" +version = "2.7.0" +description = "DNS toolkit" +optional = false +python-versions = ">=3.9" +files = [ + {file = "dnspython-2.7.0-py3-none-any.whl", hash = "sha256:b4c34b7d10b51bcc3a5071e7b8dee77939f1e878477eeecc965e9835f63c6c86"}, + {file = "dnspython-2.7.0.tar.gz", hash = "sha256:ce9c432eda0dc91cf618a5cedf1a4e142651196bbcd2c80e89ed5a907e5cfaf1"}, +] + +[package.extras] +dev = ["black (>=23.1.0)", "coverage (>=7.0)", "flake8 (>=7)", "hypercorn (>=0.16.0)", "mypy (>=1.8)", "pylint (>=3)", "pytest (>=7.4)", "pytest-cov (>=4.1.0)", "quart-trio (>=0.11.0)", "sphinx (>=7.2.0)", "sphinx-rtd-theme (>=2.0.0)", "twine (>=4.0.0)", "wheel (>=0.42.0)"] +dnssec = ["cryptography (>=43)"] +doh = ["h2 (>=4.1.0)", "httpcore (>=1.0.0)", "httpx (>=0.26.0)"] +doq = ["aioquic (>=1.0.0)"] +idna = ["idna (>=3.7)"] +trio = ["trio (>=0.23)"] +wmi = ["wmi (>=1.5.1)"] + +[[package]] +name = "fqdn" +version = "1.5.1" +description = "Validates fully-qualified domain names against RFC 1123, so that they are acceptable to modern bowsers" +optional = false +python-versions = ">=2.7, !=3.0, !=3.1, !=3.2, !=3.3, !=3.4, <4" +files = [ + {file = "fqdn-1.5.1-py3-none-any.whl", hash = "sha256:3a179af3761e4df6eb2e026ff9e1a3033d3587bf980a0b1b2e1e5d08d7358014"}, + {file = "fqdn-1.5.1.tar.gz", hash = "sha256:105ed3677e767fb5ca086a0c1f4bb66ebc3c100be518f0e0d755d9eae164d89f"}, +] + +[[package]] +name = "idna" +version = "3.10" +description = "Internationalized Domain Names in Applications (IDNA)" +optional = false +python-versions = ">=3.6" +files = [ + {file = "idna-3.10-py3-none-any.whl", hash = "sha256:946d195a0d259cbba61165e88e65941f16e9b36ea6ddb97f00452bae8b1287d3"}, + {file = "idna-3.10.tar.gz", hash = "sha256:12f65c9b470abda6dc35cf8e63cc574b1c52b11df2c86030af0ac09b01b13ea9"}, +] + +[package.extras] +all = ["flake8 (>=7.1.1)", "mypy (>=1.11.2)", "pytest (>=8.3.2)", "ruff (>=0.6.2)"] + +[[package]] +name = "natsort" +version = "8.4.0" +description = "Simple yet flexible natural sorting in Python." +optional = false +python-versions = ">=3.7" +files = [ + {file = "natsort-8.4.0-py3-none-any.whl", hash = "sha256:4732914fb471f56b5cce04d7bae6f164a592c7712e1c85f9ef585e197299521c"}, + {file = "natsort-8.4.0.tar.gz", hash = "sha256:45312c4a0e5507593da193dedd04abb1469253b601ecaf63445ad80f0a1ea581"}, +] + +[package.extras] +fast = ["fastnumbers (>=2.0.0)"] +icu = ["PyICU (>=1.0.0)"] + +[[package]] +name = "octodns" +version = "1.11.0" +description = "OctoDNS: DNS as code - Tools for managing DNS across multiple providers" +optional = false +python-versions = ">=3.9" +files = [ + {file = "octodns-1.11.0-py3-none-any.whl", hash = "sha256:620e5399f44e2f1cfd072446fc8f3a6e1b37a7c8c8fe01356fab2a21a3308c75"}, + {file = "octodns-1.11.0.tar.gz", hash = "sha256:fef5ee42fdf6e3097c7a77061f762c6923881be4ee91280ef216e66ea429fc83"}, +] + +[package.dependencies] +dnspython = ">=2.2.1" +fqdn = ">=1.5.0" +idna = ">=3.3" +natsort = ">=5.5.0" +python-dateutil = ">=2.8.1" +PyYaml = ">=4.2b1" + +[package.extras] +dev = ["black (>=24.3.0,<25.0.0)", "build (>=0.7.0)", "isort (>=5.11.5)", "pycountry (>=19.8.18)", "pycountry-convert (>=0.7.2)", "pyflakes (>=2.2.0)", "pytest (>=6.2.5)", "pytest-cov (>=3.0.0)", "pytest-network (>=0.0.1)", "readme_renderer[md] (>=26.0)", "twine (>=3.4.2)"] + +[[package]] +name = "octodns-bind" +version = "0.0.7" +description = "RFC compliant (Bind9) provider for octoDNS" +optional = false +python-versions = ">=3.9" +files = [ + {file = "octodns_bind-0.0.7-py3-none-any.whl", hash = "sha256:bdb5b4c1f1931b1bb798581b6375862533bf2cf7b0125d465f369c6a4637f522"}, + {file = "octodns_bind-0.0.7.tar.gz", hash = "sha256:b83acb090e416c6dc7421e63b52c6196d75e788593b40552015fe5096405cfb9"}, +] + +[package.dependencies] +dnspython = ">=2.2.1" +octodns = ">=0.9.20" + +[package.extras] +dev = ["black (>=24.3.0,<25.0.0)", "build (>=0.7.0)", "isort (>=5.11.5)", "pyflakes (>=2.2.0)", "pytest", "pytest-cov", "pytest-network", "readme_renderer[md] (>=26.0)", "twine (>=3.4.2)"] +test = ["pytest", "pytest-cov", "pytest-network"] + +[[package]] +name = "octodns-cloudflare" +version = "0.0.9" +description = "Cloudflare provider for octoDNS" +optional = false +python-versions = ">=3.9" +files = [ + {file = "octodns_cloudflare-0.0.9-py3-none-any.whl", hash = "sha256:6027012a10c456443727e7d1319ae4abb21726f1f68286f87d99a86a94756aee"}, + {file = "octodns_cloudflare-0.0.9.tar.gz", hash = "sha256:a0872d5443d4d1deb3ce02dec3f2422e40781c5ec47fdd5c3fd6b15802188c67"}, +] + +[package.dependencies] +octodns = ">=0.9.20" +requests = ">=2.27.0" + +[package.extras] +dev = ["black (>=24.3.0,<25.0.0)", "build (>=0.7.0)", "isort (>=5.11.5)", "pyflakes (>=2.2.0)", "pytest", "pytest-cov", "pytest-network", "readme_renderer[md] (>=26.0)", "requests_mock", "twine (>=3.4.2)"] +test = ["pytest", "pytest-cov", "pytest-network", "requests_mock"] + +[[package]] +name = "python-dateutil" +version = "2.9.0.post0" +description = "Extensions to the standard Python datetime module" +optional = false +python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,>=2.7" +files = [ + {file = "python-dateutil-2.9.0.post0.tar.gz", hash = "sha256:37dd54208da7e1cd875388217d5e00ebd4179249f90fb72437e91a35459a0ad3"}, + {file = "python_dateutil-2.9.0.post0-py2.py3-none-any.whl", hash = "sha256:a8b2bc7bffae282281c8140a97d3aa9c14da0b136dfe83f850eea9a5f7470427"}, +] + +[package.dependencies] +six = ">=1.5" + +[[package]] +name = "pyyaml" +version = "6.0.2" +description = "YAML parser and emitter for Python" +optional = false +python-versions = ">=3.8" +files = [ + {file = "PyYAML-6.0.2-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:0a9a2848a5b7feac301353437eb7d5957887edbf81d56e903999a75a3d743086"}, + {file = "PyYAML-6.0.2-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:29717114e51c84ddfba879543fb232a6ed60086602313ca38cce623c1d62cfbf"}, + {file = "PyYAML-6.0.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8824b5a04a04a047e72eea5cec3bc266db09e35de6bdfe34c9436ac5ee27d237"}, + {file = "PyYAML-6.0.2-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7c36280e6fb8385e520936c3cb3b8042851904eba0e58d277dca80a5cfed590b"}, + {file = "PyYAML-6.0.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:ec031d5d2feb36d1d1a24380e4db6d43695f3748343d99434e6f5f9156aaa2ed"}, + {file = "PyYAML-6.0.2-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:936d68689298c36b53b29f23c6dbb74de12b4ac12ca6cfe0e047bedceea56180"}, + {file = "PyYAML-6.0.2-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:23502f431948090f597378482b4812b0caae32c22213aecf3b55325e049a6c68"}, + {file = "PyYAML-6.0.2-cp310-cp310-win32.whl", hash = "sha256:2e99c6826ffa974fe6e27cdb5ed0021786b03fc98e5ee3c5bfe1fd5015f42b99"}, + {file = "PyYAML-6.0.2-cp310-cp310-win_amd64.whl", hash = "sha256:a4d3091415f010369ae4ed1fc6b79def9416358877534caf6a0fdd2146c87a3e"}, + {file = "PyYAML-6.0.2-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:cc1c1159b3d456576af7a3e4d1ba7e6924cb39de8f67111c735f6fc832082774"}, + {file = "PyYAML-6.0.2-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:1e2120ef853f59c7419231f3bf4e7021f1b936f6ebd222406c3b60212205d2ee"}, + {file = "PyYAML-6.0.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5d225db5a45f21e78dd9358e58a98702a0302f2659a3c6cd320564b75b86f47c"}, + {file = "PyYAML-6.0.2-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:5ac9328ec4831237bec75defaf839f7d4564be1e6b25ac710bd1a96321cc8317"}, + {file = "PyYAML-6.0.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3ad2a3decf9aaba3d29c8f537ac4b243e36bef957511b4766cb0057d32b0be85"}, + {file = "PyYAML-6.0.2-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:ff3824dc5261f50c9b0dfb3be22b4567a6f938ccce4587b38952d85fd9e9afe4"}, + {file = "PyYAML-6.0.2-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:797b4f722ffa07cc8d62053e4cff1486fa6dc094105d13fea7b1de7d8bf71c9e"}, + {file = "PyYAML-6.0.2-cp311-cp311-win32.whl", hash = "sha256:11d8f3dd2b9c1207dcaf2ee0bbbfd5991f571186ec9cc78427ba5bd32afae4b5"}, + {file = "PyYAML-6.0.2-cp311-cp311-win_amd64.whl", hash = "sha256:e10ce637b18caea04431ce14fabcf5c64a1c61ec9c56b071a4b7ca131ca52d44"}, + {file = "PyYAML-6.0.2-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:c70c95198c015b85feafc136515252a261a84561b7b1d51e3384e0655ddf25ab"}, + {file = "PyYAML-6.0.2-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:ce826d6ef20b1bc864f0a68340c8b3287705cae2f8b4b1d932177dcc76721725"}, + {file = "PyYAML-6.0.2-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1f71ea527786de97d1a0cc0eacd1defc0985dcf6b3f17bb77dcfc8c34bec4dc5"}, + {file = "PyYAML-6.0.2-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:9b22676e8097e9e22e36d6b7bda33190d0d400f345f23d4065d48f4ca7ae0425"}, + {file = "PyYAML-6.0.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:80bab7bfc629882493af4aa31a4cfa43a4c57c83813253626916b8c7ada83476"}, + {file = "PyYAML-6.0.2-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:0833f8694549e586547b576dcfaba4a6b55b9e96098b36cdc7ebefe667dfed48"}, + {file = "PyYAML-6.0.2-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:8b9c7197f7cb2738065c481a0461e50ad02f18c78cd75775628afb4d7137fb3b"}, + {file = "PyYAML-6.0.2-cp312-cp312-win32.whl", hash = "sha256:ef6107725bd54b262d6dedcc2af448a266975032bc85ef0172c5f059da6325b4"}, + {file = "PyYAML-6.0.2-cp312-cp312-win_amd64.whl", hash = "sha256:7e7401d0de89a9a855c839bc697c079a4af81cf878373abd7dc625847d25cbd8"}, + {file = "PyYAML-6.0.2-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:efdca5630322a10774e8e98e1af481aad470dd62c3170801852d752aa7a783ba"}, + {file = "PyYAML-6.0.2-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:50187695423ffe49e2deacb8cd10510bc361faac997de9efef88badc3bb9e2d1"}, + {file = "PyYAML-6.0.2-cp313-cp313-manylinux_2_17_aarch64.manylinux2014