Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Blunkall-Technologies:f07d4a40603c01c1510953b958b6a1ba533abb7f
Branches Tags
Blunkall-Technologies:master
...
compare: Blunkall-Technologies:cc834fd85d14d89d54109c53cd0725758d60a0af
Branches Tags
Blunkall-Technologies:master

9 Commits
f07d4a4060 ... cc834fd85d

Author SHA1 Message Date
Nathan
cc834fd85d help 2026-01-04 16:33:14 -06:00
Nathan
e4e6db94aa help 2025-12-31 18:45:10 -06:00
Nathan
c3883abef9 no inputs toplevel 2025-12-31 18:37:46 -06:00
Nathan
7097253186 insert inputs 2025-12-31 16:36:19 -06:00
Nathan
a08a4ac461 Reapply "https" 
This reverts commit 2a5613bdee.
 2025-12-31 16:32:23 -06:00
Nathan
ceb211ae51 Revert "no sandbox" 
This reverts commit 112782fa91.
 2025-12-31 16:31:24 -06:00
Nathan
2a5613bdee Revert "https" 
This reverts commit f34031285b.
 2025-12-31 16:30:40 -06:00
Nathan
112782fa91 no sandbox 2025-12-31 16:18:29 -06:00
Nathan
f34031285b https 2025-12-31 15:23:53 -06:00
22 changed files with 44 additions and 101 deletions
Expand all files Collapse all files

2
.sops.yaml
View File

@@ -25,7 +25,7 @@ creation_rules:
- *laptop
- *homebox
- *android
- path_regex: system-config/secrets.yaml$
- path_regex: system/secrets.yaml$
key_groups:
- age:
- *laptop

4
flake.lock generated
View File

@@ -721,11 +721,11 @@
"rev": "bcc5185ef433a77b18f5aa585ee79d97f9a8e69c",
"revCount": 36,
"type": "git",
"url": "ssh://gitea@gitea.esotericbytes.com/Blunkall-Technologies/Moirai"
"url": "https://gitea.esotericbytes.com/Blunkall-Technologies/Moirai"
},
"original": {
"type": "git",
"url": "ssh://gitea@gitea.esotericbytes.com/Blunkall-Technologies/Moirai"
"url": "https://gitea.esotericbytes.com/Blunkall-Technologies/Moirai"
}
},
"nixvim_2": {

12
flake.nix
View File

@@ -34,7 +34,7 @@
hyprland.url = "git+https://github.com/hyprwm/Hyprland?submodules=1";
#nixvim.url = "git+https://gitea.esotericbytes.com/Blunkall-Technologies/Moirai";
nixvim.url = "git+ssh://gitea@gitea.esotericbytes.com/Blunkall-Technologies/Moirai";
nixvim.url = "git+https://gitea.esotericbytes.com/Blunkall-Technologies/Moirai";
};
outputs = { self, nixpkgs, home-manager, ... } @ inputs: {
@@ -47,10 +47,10 @@
(name: ({
inherit name;
value = { ... }: {
value = { ... } @ exputs: {
imports = [
./system
./system/profiles/${name}
(import ./system (inputs // exputs))
(import ./system/profiles/${name} (inputs // exputs))
];
};
})) filtered)
@@ -64,9 +64,9 @@
(name: ({
inherit name;
value = { ... }: {
value = { ... } @ exputs: {
imports = [
./system/users/${name}/home-manager
(./system/users/${name}/home-manager (inputs // exputs))
];
};
})) filtered)

2
homes/nathan/flake.nix
View File

@@ -12,7 +12,7 @@
};
olympus = {
url = "git+ssh://gitea@esotericbytes.com/Blunkall-Technologies/Olympus";
url = "git+https://gitea.esotericbytes.com/Blunkall-Technologies/Olympus";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};

2
machines/android/flake.nix
View File

@@ -18,7 +18,7 @@
};
olympus = {
url = "git+ssh://gitea@esotericbytes.com/Blunkall-Technologies/Olympus";
url = "git+https://gitea.esotericbytes.com/Blunkall-Technologies/Olympus";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};

28
machines/laptop/.sops.yaml
View File

@@ -1,33 +1,7 @@
keys:
- &homebox age1640eg0pnmkruc89m5xguz0m8fek44fl4tzez6qwuzlz6kmapqewsp8esxd
- &laptop age1yqgyp2uxz4lzrc9f9ka0mfjl5fr6ahf8nf24nlmran2wulg6fpvq9hyp9q
- &android age12pnf36uqesjmy3e0lythfnpwam3zg5mv8m936fc4jphy4ces2fdqwn0s74
creation_rules:
- path_regex: homebox/secrets.yaml$
key_groups:
- age:
- *homebox
- path_regex: laptop/secrets.yaml$
- path_regex: ^secrets.yaml$
key_groups:
- age:
- *laptop
- path_regex: pi4/secrets.yaml$
key_groups:
- age:
- *laptop
- path_regex: live/secrets.yaml$
key_groups:
- age:
- *laptop
- path_regex: nathan/secrets.yaml$
key_groups:
- age:
- *laptop
- *homebox
- *android
- path_regex: system-config/secrets.yaml$
key_groups:
- age:
- *laptop
- *homebox
- *android

2
machines/laptop/flake.nix
View File

@@ -12,7 +12,7 @@
};
olympus = {
url = "git+ssh://gitea@esotericbytes.com/Blunkall-Technologies/Olympus";
url = "git+https://gitea.esotericbytes.com/Blunkall-Technologies/Olympus";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};

37
system/default.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, pkgs, inputs, modulesPath, ... }: {
{ config, lib, nixpkgs, ... }: {
imports = [
./services
@@ -28,41 +28,10 @@
config = {
sops.secrets = (if config.sysconfig.remoteBuildHost then (
builtins.listToAttrs
(builtins.map
(y: {
name = "remoteBuildClientKeys/${y}";
value = {
format = "yaml";
sopsFile = ./secrets.yaml;
};
})
(builtins.partition
(z: let
cfg = if
((builtins.readDir ./configuration).${z} == "directory")
then (import ./configuration/${z} {
config = {};
inherit lib pkgs inputs modulesPath;
}).config
else null;
test = if cfg == null then false
else if !(cfg ? sysconfig) then false
else if !(cfg.sysconfig ? remoteBuildClient) then false
else cfg.sysconfig.remoteBuildClient;
in test)
(builtins.attrNames (builtins.readDir ./configuration))
).right
)
) else {}) // {
"remoteBuildKey" = lib.mkIf config.sysconfig.remoteBuildClient {};
};
networking.hostName = lib.mkDefault config.sysconfig.host;
nix = {
nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
nixPath = [ "nixpkgs=${nixpkgs}" ];
channel.enable = false;
settings = {
experimental-features = [ "nix-command" "flakes" ];
@@ -73,7 +42,7 @@
distributedBuilds = config.sysconfig.remoteBuildClient;
buildMachines = lib.mkIf config.sysconfig.remoteBuildClient [
{
hostName = "blunkall.us";
hostName = "esotericbytes.com";
sshUser = "remote-builder";
sshKey = config.sops.secrets."remoteBuildKey".path;
supportedFeatures = [

6
system/profiles/laptop/default.nix
View File

@@ -1,11 +1,11 @@
{ config, pkgs, lib, inputs, ... }:
{ config, pkgs, lib, home-manager, sops-nix, ... }:
{
imports = [
inputs.home-manager.nixosModules.default
home-manager.nixosModules.default
inputs.sops-nix.nixosModules.sops
sops-nix.nixosModules.sops
];
config = {

4
system/services/containers/authentik/default.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, inputs, ... }: {
{ config, lib, sops-nix, ... }: {
options.sysconfig.virtualization.authentik.enable = lib.options.mkOption {
type = lib.types.bool;
@@ -6,7 +6,7 @@
};
imports = [
inputs.sops-nix.nixosModules.sops
sops-nix.nixosModules.sops
];
config = lib.mkIf config.sysconfig.virtualization.authentik.enable {

2
system/services/containers/gitea/default.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, pkgs, ... }: {
{ config, lib, ... }: {
options.sysconfig.virtualization.gitea.enable = lib.options.mkOption {
type = lib.types.bool;

2
system/services/containers/gitlab/default.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, pkgs, ... }: {
{ config, lib, ... }: {
options.sysconfig.virtualization.gitlab.enable = lib.options.mkOption {
type = lib.types.bool;

4
system/services/containers/keycloak/default.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, inputs, ... }: {
{ config, lib, sops-nix, ... }: {
options.sysconfig.virtualization.keycloak.enable = lib.options.mkOption {
type = lib.types.bool;
@@ -6,7 +6,7 @@
};
imports = [
inputs.sops-nix.nixosModules.sops
sops-nix.nixosModules.sops
];
config = lib.mkIf config.sysconfig.virtualization.keycloak.enable {

4
system/services/containers/minecraft/default.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, pkgs, inputs, ... }: {
{ config, lib, pkgs, nix-minecraft, ... }: {
options.sysconfig.virtualization.minecraft.enable = lib.options.mkOption {
type = lib.types.bool;
@@ -17,7 +17,7 @@
nat.internalInterfaces = [ "ve-minecraft" ];
};
nixpkgs.overlays = [ inputs.nix-minecraft.overlay ];
nixpkgs.overlays = [ nix-minecraft.overlay ];
containers.minecraft = {

4
system/services/containers/netbird/default.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, inputs, ... }: {
{ config, lib, nixpkgs-us, ... }: {
options.sysconfig = {
@@ -16,7 +16,7 @@
};
config = let
pkgs-com = import inputs.nixpkgs-us {
pkgs-com = import nixpkgs-us {
system = "x86_64-linux";
config.allowUnfree = true;
};

4
system/services/containers/ollama/default.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, inputs, ... }: {
{ config, lib, nixpkgs-us, ... }: {
options = {
sysconfig.virtualization.ollama.enable = lib.options.mkOption {
@@ -68,7 +68,7 @@
enable = true;
acceleration = "cuda";
package = let
pkgs-us = import inputs.nixpkgs-us {
pkgs-us = import nixpkgs-us {
system = "x86_64-linux";
config.allowUnfree = true;
};

8
system/services/containers/pihole/default.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, pkgs, inputs, ... }: {
{ config, lib, nixpkgs-us, ... }: {
options.sysconfig.virtualization.pihole.enable = lib.options.mkOption {
type = lib.types.bool;
@@ -34,12 +34,12 @@
timeoutStartSec = "infinity";
config = let
pkgs-us = import inputs.nixpkgs-us { system = "x86_64-linux"; };
pkgs-us = import nixpkgs-us { system = "x86_64-linux"; };
in {
/*imports = [
(import "${inputs.nixpkgs-us}/nixos/modules/services/networking/pihole-ftl.nix" { config = config.containers.pihole.config; inherit lib; pkgs = pkgs-us;})
(import "${inputs.nixpkgs-us}/nixos/modules/services/web-apps/pihole-web.nix" { config = config.containers.pihole.config; inherit lib; pkgs = pkgs-us;})
(import "${nixpkgs-us}/nixos/modules/services/networking/pihole-ftl.nix" { config = config.containers.pihole.config; inherit lib; pkgs = pkgs-us;})
(import "${nixpkgs-us}/nixos/modules/services/web-apps/pihole-web.nix" { config = config.containers.pihole.config; inherit lib; pkgs = pkgs-us;})
];*/
services = {

8
system/services/containers/sandbox/default.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, inputs, ... }: {
{ config, lib, nixpkgs-us, self, ... }: {
options.sysconfig.virtualization.sandbox.enable = lib.mkOption {
type = lib.types.bool;
@@ -10,9 +10,9 @@
];
imports = [
(import "${inputs.nixpkgs-us}/nixos/modules/virtualisation/nixos-containers.nix" {
(import "${nixpkgs-us}/nixos/modules/virtualisation/nixos-containers.nix" {
inherit config lib;
pkgs = (import inputs.nixpkgs-us {
pkgs = (import nixpkgs-us {
system = "x86_64-linux";
});
})
@@ -35,7 +35,7 @@
timeoutStartSec = "3min";
flake = "${inputs.self}";
flake = "${self}";
bindMounts = {
"/dev/nvidia0" = {

4
system/users/nathan/home-manager/programs/git/default.nix
View File

@@ -32,9 +32,9 @@
defaultBranch = "master";
};
url = {
"ssh://gitea@gitea.blunkall.us/" = {
"ssh://gitea@esotericbytes.com/" = {
insteadOf = [
"blunkall:"
"server:"
];
};
};

2
templates/home-manager/flake.nix
View File

@@ -12,7 +12,7 @@
};
olympus = {
url = "git+ssh://gitea@esotericbytes.com/Blunkall-Technologies/Olympus";
url = "git+https://gitea.esotericbytes.com/Blunkall-Technologies/Olympus";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};

2
templates/nix-on-droid/flake.nix
View File

@@ -12,7 +12,7 @@
};
olympus = {
url = "git+ssh://gitea@esotericbytes.com/Blunkall-Technologies/Olympus";
url = "git+https://gitea.esotericbytes.com/Blunkall-Technologies/Olympus";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};

2
templates/nixos/flake.nix
View File

@@ -12,7 +12,7 @@
};
olympus = {
url = "git+ssh://gitea@esotericbytes.com/Blunkall-Technologies/Olympus";
url = "git+https://gitea.esotericbytes.com/Blunkall-Technologies/Olympus";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};