chris/sneeuwvlok
chris/sneeuwvlok
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: chris:d9dff63ceaa5c93ecf4e6e27d2618aaa4e81c02a
Branches Tags
chris:main
chris:feature/convex
chris:feature/nix-anywhere
...
compare: chris:98425c9dcc393aec60b5775bde56c71d4db98209
Branches Tags
chris:main
chris:feature/convex
chris:feature/nix-anywhere

23 commits
d9dff63cea ... 98425c9dcc

Author SHA1 Message Date
Chris Kruining
98425c9dcc kaas 2025-12-06 16:42:06 +00:00
Chris Kruining
a787c8c646
chore: update deps 2025-12-06 17:42:02 +01:00
chris
f079fa7487 chore(secrets): set secret "qbittorrent/password" for machine "ulmo" 2025-12-06 16:41:51 +00:00
chris
37600b7116 chore(secrets): set secret "qbittorrent/password_hash" for machine "ulmo" 2025-12-06 16:41:51 +00:00
Chris Kruining
2130c44388 . 2025-12-06 16:41:50 +00:00
Chris Kruining
70fd7c3d7a . 2025-12-06 16:41:49 +00:00
Chris Kruining
7a7e8bb088 fix: zitadel script 2025-12-06 16:41:48 +00:00
Chris Kruining
5396c9bab6 chore: revert bash option 2025-12-06 16:41:47 +00:00
chris
0e57c4f425 chore(secrets): set secret "mydia/oidc_secret" for machine "ulmo" 2025-12-06 16:41:47 +00:00
chris
ac4cc09ab5 chore(secrets): set secret "mydia/oidc_id" for machine "ulmo" 2025-12-06 16:41:46 +00:00
Chris Kruining
b64cfa9e73 fix: forEach implementation in zitadel module 2025-12-06 16:41:46 +00:00
Chris Kruining
afbf168c35 kaas 2025-12-06 16:41:45 +00:00
chris
e6829d99ce chore(secrets): set secret "mydia/guardian_secret" for machine "ulmo" 2025-12-06 16:41:44 +00:00
chris
11dc6e33d6 chore(secrets): set secret "mydia/secret_key_base" for machine "ulmo" 2025-12-06 16:41:43 +00:00
chris
413af80f9c chore(secrets): set secret "mydia/secret_key_base" for machine "ulmo" 2025-12-06 16:41:42 +00:00
chris
1ee19c8865 chore(secrets): set secret "mydia/oidc_secret" for machine "ulmo" 2025-12-06 16:41:42 +00:00
chris
f04b540efb chore(secrets): set secret "mydia/oidc_id" for machine "ulmo" 2025-12-06 16:41:41 +00:00
Chris Kruining
f6a504667e feat: fix most issues with mydia 2025-12-06 16:41:41 +00:00
Chris Kruining
95520c14d1 chore: refactor code 2025-12-06 16:41:40 +00:00
Chris Kruining
93ad4f17f3 still complaining about missing ffmpeg.... 2025-12-06 16:41:39 +00:00
Chris Kruining
78ed7d2a0a
feat: remove bun2nix 
this is not the route I ended up going for, so I removed the dependency again
 2025-12-06 17:41:36 +01:00
Chris Kruining
cb1401fe47
feat: start implementation of package for mydia 2025-12-06 17:40:46 +01:00
chris
c3a2d6ef7f chore: update dependencies
Some checks failed
Test action / kaas (push) Failing after 1s
Details
2025-12-01 19:59:16 +00:00
28 changed files with 1003 additions and 620 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitattributes vendored Normal file
View file

@ -0,0 +1 @@
* text=auto

8
.just/machine.just
View file

@ -2,10 +2,10 @@
[doc('List machines')] [doc('List machines')]
@list: @list:
ls -1 ../systems/x86_64-linux/ ls -1 ../systems/x86_64-linux/
[no-exit-message]
[doc('Update the target machine')] [doc('Update the target machine')]
[no-exit-message]
@update machine: @update machine:
just assert '-d "../systems/x86_64-linux/{{ machine }}"' "Machine {{ machine }} does not exist, must be one of: $(ls ../systems/x86_64-linux/ | tr '\n' ' ')" just assert '-d "../systems/x86_64-linux/{{ machine }}"' "Machine {{ machine }} does not exist, must be one of: $(ls ../systems/x86_64-linux/ | sed ':a;N;$!ba;s/\n/, /g')"
nixos-rebuild switch --use-remote-sudo --target-host {{ machine }} --flake ..#{{ machine }} nixos-rebuild switch -L --use-remote-sudo --target-host {{ machine }} --flake ..#{{ machine }}

28
.just/vars.just
View file

@ -1,36 +1,38 @@
set unstable set unstable := true
base_path := invocation_directory() / "systems/x86_64-linux" base_path := invocation_directory() / "systems/x86_64-linux"
# sops := "nix shell nixpkgs#sops --command sops" # sops := "nix shell nixpkgs#sops --command sops"
# yq := "nix shell nixpkgs#yq --command yq" # yq := "nix shell nixpkgs#yq --command yq"
sops := "sops" sops := "sops"
yq := "yq" yq := "yq"
@_default: @_default:
just --list just --list
[doc('list all vars of the target machine')] [doc('list all vars of the target machine')]
list machine: list machine:
sops decrypt {{ base_path }}/{{ machine }}/secrets.yml sops decrypt {{ base_path }}/{{ machine }}/secrets.yml
@edit machine: @edit machine:
sops edit {{ base_path }}/{{ machine }}/secrets.yml sops edit {{ base_path }}/{{ machine }}/secrets.yml
@set machine key value: @set machine key value:
sops set {{ base_path }}/{{ machine }}/secrets.yml "$(printf '%s\n' '["{{ key }}"]' | sed -E 's#/#"]["#g; s/\["([0-9]+)"\]/[\1]/g')" "\"$(echo '{{ value }}' | sed 's/\"/\\\"/g')\"" sops set {{ base_path }}/{{ machine }}/secrets.yml "$(printf '%s\n' '["{{ key }}"]' | sed -E 's#/#"]["#g; s/\["([0-9]+)"\]/[\1]/g')" "\"$(echo '{{ value }}' | sed 's/\"/\\\"/g')\""
git add {{ base_path }}/{{ machine }}/secrets.yml git add {{ base_path }}/{{ machine }}/secrets.yml
git commit -m 'chore(secrets): set secret "{{ key }}" for machine "{{ machine}}"' -- {{ base_path }}/{{ machine }}/secrets.yml > /dev/null git commit -m 'chore(secrets): set secret "{{ key }}" for machine "{{ machine }}"' -- {{ base_path }}/{{ machine }}/secrets.yml > /dev/null
echo "Done" echo "Done"
@get machine key: @get machine key:
sops decrypt {{ base_path }}/{{ machine }}/secrets.yml | yq ".$(echo "{{ key }}" | sed -E 's/\//./g')" sops decrypt {{ base_path }}/{{ machine }}/secrets.yml | yq ".$(echo "{{ key }}" | sed -E 's/\//./g')"
@remove machine key: @remove machine key:
sops unset {{ base_path }}/{{ machine }}/secrets.yml "$(printf '%s\n' '["{{ key }}"]' | sed -E 's#/#"]["#g; s/\["([0-9]+)"\]/[\1]/g')" sops unset {{ base_path }}/{{ machine }}/secrets.yml "$(printf '%s\n' '["{{ key }}"]' | sed -E 's#/#"]["#g; s/\["([0-9]+)"\]/[\1]/g')"
git add {{ base_path }}/{{ machine }}/secrets.yml git add {{ base_path }}/{{ machine }}/secrets.yml
git commit -m 'chore(secrets): removed secret "{{ key }}" from machine "{{ machine}}"' -- {{ base_path }}/{{ machine }}/secrets.yml > /dev/null git commit -m 'chore(secrets): removed secret "{{ key }}" from machine "{{ machine }}"' -- {{ base_path }}/{{ machine }}/secrets.yml > /dev/null
echo "Done" echo "Done"

2
.justfile
View file

@ -19,7 +19,7 @@ mod machine '.just/machine.just'
[doc('Introspection on flake output')] [doc('Introspection on flake output')]
@select key: @select key:
nix eval --json .#{{ key }} | jq . nix eval --show-trace --json .#{{ key }} | jq .

415
flake.lock generated
View file

@ -38,11 +38,11 @@
"base16-helix": { "base16-helix": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1752979451, "lastModified": 1760703920,
"narHash": "sha256-0CQM+FkYy0fOO/sMGhOoNL80ftsAzYCg9VhIrodqusM=", "narHash": "sha256-m82fGUYns4uHd+ZTdoLX2vlHikzwzdu2s2rYM2bNwzw=",
"owner": "tinted-theming", "owner": "tinted-theming",
"repo": "base16-helix", "repo": "base16-helix",
"rev": "27cf1e66e50abc622fb76a3019012dc07c678fac", "rev": "d646af9b7d14bff08824538164af99d0c521b185",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -84,11 +84,11 @@
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1763547157, "lastModified": 1764601856,
"narHash": "sha256-lJcMap2uT+x1R8WUUKKQ6ndynysJ/JOkrMThMGz6DP0=", "narHash": "sha256-AWohz0cJ5J1keDnUkuWeX2QbWDa62yGSSeMNfdstx10=",
"rev": "2cb2134a6ee32d427097077c4fb4c416b52ae988", "rev": "a61aac8bf2c97cf142b70d344a7174811c62b1a4",
"type": "tarball", "type": "tarball",
"url": "https://git.clan.lol/api/v1/repos/clan/clan-core/archive/2cb2134a6ee32d427097077c4fb4c416b52ae988.tar.gz" "url": "https://git.clan.lol/api/v1/repos/clan/clan-core/archive/a61aac8bf2c97cf142b70d344a7174811c62b1a4.tar.gz"
}, },
"original": { "original": {
"type": "tarball", "type": "tarball",
@ -130,11 +130,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1762276996, "lastModified": 1764350888,
"narHash": "sha256-TtcPgPmp2f0FAnc+DMEw4ardEgv1SGNR3/WFGH0N19M=", "narHash": "sha256-6Rp18zavTlnlZzcoLoBTJMBahL2FycVkw2rAEs3cQvo=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "af087d076d3860760b3323f6b583f4d828c1ac17", "rev": "2055a08fd0e2fd41318279a5355eb8a161accf26",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -149,11 +149,11 @@
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs"
}, },
"locked": { "locked": {
"lastModified": 1762360792, "lastModified": 1764542190,
"narHash": "sha256-YR7vqk+XEvFUQ/miuBAD3+p+97QUN86ya9Aw0K5feJE=", "narHash": "sha256-einnpQaGZ4OoinhfKWm8mfatrBeYNnc3K4TYoKmVOSw=",
"owner": "emmanuelrosa", "owner": "emmanuelrosa",
"repo": "erosanix", "repo": "erosanix",
"rev": "9075dff5685d3e7269284e53ca496da0beb24596", "rev": "eef0ab9b05d3d27f320226daaffb18d9dcc41c06",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -170,11 +170,11 @@
"rust-analyzer-src": "rust-analyzer-src" "rust-analyzer-src": "rust-analyzer-src"
}, },
"locked": { "locked": {
"lastModified": 1763534658, "lastModified": 1764571808,
"narHash": "sha256-i/51/Zi/1pM9hZxxSuA3nVPpyqlGoWwJwajyA/loOpo=", "narHash": "sha256-+oo9W5rz03TjfpNqDSLEQwgKiuBbjrHdORyTHli2RuM=",
"owner": "nix-community", "owner": "nix-community",
"repo": "fenix", "repo": "fenix",
"rev": "69e40ddf45698d0115a62a7a15d8412f35dd4c09", "rev": "df3c2e78ec13418f85c1f26e77a50f865ec57d38",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -190,11 +190,11 @@
"nixpkgs": "nixpkgs_2" "nixpkgs": "nixpkgs_2"
}, },
"locked": { "locked": {
"lastModified": 1763504432, "lastModified": 1764592856,
"narHash": "sha256-kpmPI67TdoTxiK7LsmgmkKW3iHoyvZJwZeiJhpwPfmw=", "narHash": "sha256-ODwJzh/AiFyhFtmJoAGP5Gbp38ARsUiesBVMXXd1x/s=",
"owner": "nix-community", "owner": "nix-community",
"repo": "flake-firefox-nightly", "repo": "flake-firefox-nightly",
"rev": "49d5d8d42a7650e5353f8467c813839290cb7c9f", "rev": "5aadac137f2c49991cea2bc367dddbb905ffe645",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -206,11 +206,11 @@
"firefox-gnome-theme": { "firefox-gnome-theme": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1758112371, "lastModified": 1764724327,
"narHash": "sha256-lizRM2pj6PHrR25yimjyFn04OS4wcdbc38DCdBVa2rk=", "narHash": "sha256-OkFLrD3pFR952TrjQi1+Vdj604KLcMnkpa7lkW7XskI=",
"owner": "rafaelmardojai", "owner": "rafaelmardojai",
"repo": "firefox-gnome-theme", "repo": "firefox-gnome-theme",
"rev": "0909cfe4a2af8d358ad13b20246a350e14c2473d", "rev": "66b7c635763d8e6eb86bd766de5a1e1fbfcc1047",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -306,11 +306,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1762980239, "lastModified": 1763759067,
"narHash": "sha256-8oNVE8TrD19ulHinjaqONf9QWCKK+w4url56cdStMpM=", "narHash": "sha256-LlLt2Jo/gMNYAwOgdRQBrsRoOz7BPRkzvNaI/fzXi2Q=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "52a2caecc898d0b46b2b905f058ccc5081f842da", "rev": "2cccadc7357c0ba201788ae99c4dfa90728ef5e0",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -320,6 +320,27 @@
} }
}, },
"flake-parts_2": { "flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"mydia",
"nixpkgs"
]
},
"locked": {
"lastModified": 1763759067,
"narHash": "sha256-LlLt2Jo/gMNYAwOgdRQBrsRoOz7BPRkzvNaI/fzXi2Q=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "2cccadc7357c0ba201788ae99c4dfa90728ef5e0",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_3": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"nvf", "nvf",
@ -340,7 +361,7 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts_3": { "flake-parts_4": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"stylix", "stylix",
@ -348,11 +369,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1756770412, "lastModified": 1763759067,
"narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=", "narHash": "sha256-LlLt2Jo/gMNYAwOgdRQBrsRoOz7BPRkzvNaI/fzXi2Q=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "4524271976b625a4a605beefd893f270620fd751", "rev": "2cccadc7357c0ba201788ae99c4dfa90728ef5e0",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -361,7 +382,7 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts_4": { "flake-parts_5": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"terranix", "terranix",
@ -511,11 +532,11 @@
"flake": false, "flake": false,
"locked": { "locked": {
"host": "gitlab.gnome.org", "host": "gitlab.gnome.org",
"lastModified": 1762869044, "lastModified": 1764524476,
"narHash": "sha256-nwm/GJ2Syigf7VccLAZ66mFC8mZJFqpJmIxSGKl7+Ds=", "narHash": "sha256-bTmNn3Q4tMQ0J/P0O5BfTQwqEnCiQIzOGef9/aqAZvk=",
"owner": "GNOME", "owner": "GNOME",
"repo": "gnome-shell", "repo": "gnome-shell",
"rev": "680e3d195a92203f28d4bf8c6e8bb537cc3ed4ad", "rev": "c0e1ad9f0f703fd0519033b8f46c3267aab51a22",
"type": "gitlab" "type": "gitlab"
}, },
"original": { "original": {
@ -553,11 +574,19 @@
"rust-overlay": "rust-overlay" "rust-overlay": "rust-overlay"
}, },
"locked": { "locked": {
"lastModified": 1763486183, <<<<<<< HEAD
"narHash": "sha256-10EvBTF9ELezWg+KoKZJ3bxrPzT1Xz95ifurC6HixLY=", "lastModified": 1764617621,
"narHash": "sha256-Eq0TvWs6xhKZs5HXH1hlrNasrHD7AOEdeLkTis//X7w=",
"owner": "himmelblau-idm", "owner": "himmelblau-idm",
"repo": "himmelblau", "repo": "himmelblau",
"rev": "fb27f4bee812e4b4df9df9f78bd5280f0aa2193c", "rev": "c19494250d8c15e7c75e9301bdc271579a6dc77a",
=======
"lastModified": 1764787446,
"narHash": "sha256-RUfGGM8kiXSQA3ct1BZXN5Sm8hxr3XF0P/eR/WGLaGU=",
"owner": "himmelblau-idm",
"repo": "himmelblau",
"rev": "8ab33affe6db4cf5e9c17c2abcd7f3b2cedcfbd8",
>>>>>>> ba1d4e1 (chore: update deps)
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -573,11 +602,19 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1763416652, <<<<<<< HEAD
"narHash": "sha256-8EBEEvtzQ11LCxpQHMNEBQAGtQiCu/pqP9zSovDSbNM=", "lastModified": 1764603455,
"narHash": "sha256-Q70rxlbrxPcTtqWIb9+71rkJESxIOou5isZBvyOieXw=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "ea164b7c9ccdc2321379c2ff78fd4317b4c41312", "rev": "effe4c007d6243d9e69ce2242d76a2471c1b8d5c",
=======
"lastModified": 1764839789,
"narHash": "sha256-QCgaXEj8036JlfyVM2e5fgKIxoF7IgGRcAi8LkehKvo=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "d441981b200305ebb8e2e2921395f51d207fded6",
>>>>>>> ba1d4e1 (chore: update deps)
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -615,11 +652,19 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1763453666, <<<<<<< HEAD
"narHash": "sha256-Hu8lDUlbMFvcYX30LBXX7Gq5FbU35bERH0pSX5qHf/Q=", "lastModified": 1764612577,
"narHash": "sha256-sHI+7m/ryVYf7agWkutYbvzUS07aAd8g2NVWgUqhxLg=",
"owner": "Jovian-Experiments", "owner": "Jovian-Experiments",
"repo": "Jovian-NixOS", "repo": "Jovian-NixOS",
"rev": "b843b551415c7aecc97c8b3ab3fff26fd0cd8bbf", "rev": "bcb22e208cf8883004fcec3a33f2500e7dc319a5",
=======
"lastModified": 1764746434,
"narHash": "sha256-6ymFuw+Z1C90ezf8H0BP3c2JFZhJYwMq31px2StwWHU=",
"owner": "Jovian-Experiments",
"repo": "Jovian-NixOS",
"rev": "b4c0b604148adacf119b89824ed26df8926ce42c",
>>>>>>> ba1d4e1 (chore: update deps)
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -634,11 +679,11 @@
"nixpkgs-lib": "nixpkgs-lib" "nixpkgs-lib": "nixpkgs-lib"
}, },
"locked": { "locked": {
"lastModified": 1754828166, "lastModified": 1764506612,
"narHash": "sha256-i7c+fpXVsnvj2+63Gl3YfU1hVyxbLeqeFj55ZBZACWI=", "narHash": "sha256-47a2OvGsq1AfffWQqKAGlB9GjmoVa1yXVyfZP3f3kog=",
"owner": "nix-community", "owner": "nix-community",
"repo": "lib-aggregate", "repo": "lib-aggregate",
"rev": "f01c8d121a3100230612be96e4ac668e15eafb77", "rev": "f7208cc4a3200a2573fc566066ef4d3c041bc924",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -662,6 +707,25 @@
"type": "github" "type": "github"
} }
}, },
"mydia": {
"inputs": {
"flake-parts": "flake-parts_2",
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1764866402,
"narHash": "sha256-0NOWsPks+/vV5ZM9ti71hUPMLy3FzbEIlFI6vxARvuY=",
"owner": "chris-kruining",
"repo": "mydia",
"rev": "458fc9a21c6987d994bc7932efb6c49df25ba806",
"type": "github"
},
"original": {
"owner": "chris-kruining",
"repo": "mydia",
"type": "github"
}
},
"nix-darwin": { "nix-darwin": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -670,11 +734,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1763136804, "lastModified": 1764161084,
"narHash": "sha256-6p2ljK42s0S8zS0UU59EsEqupz0GVCaBYRylpUadeBM=", "narHash": "sha256-HN84sByg9FhJnojkGGDSrcjcbeioFWoNXfuyYfJ1kBE=",
"owner": "nix-darwin", "owner": "nix-darwin",
"repo": "nix-darwin", "repo": "nix-darwin",
"rev": "973db96394513fd90270ea5a1211a82a4a0ba47f", "rev": "e95de00a471d07435e0527ff4db092c84998698e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -709,14 +773,22 @@
"inputs": { "inputs": {
"flake-compat": "flake-compat_3", "flake-compat": "flake-compat_3",
"flake-utils": "flake-utils_3", "flake-utils": "flake-utils_3",
"nixpkgs": "nixpkgs_5" "nixpkgs": "nixpkgs_6"
}, },
"locked": { "locked": {
"lastModified": 1763171892, <<<<<<< HEAD
"narHash": "sha256-6cg9zSiqKA89yJzVtYhBaBptqq6bX4pr4g7WLAHOD4Y=", "lastModified": 1764556167,
"narHash": "sha256-/b+oEls56HDRzsSp60tsRfPFRjFebBPHq6k1I+hfPqw=",
"owner": "Infinidoge", "owner": "Infinidoge",
"repo": "nix-minecraft", "repo": "nix-minecraft",
"rev": "316858c27d278b20e776cd4dd8f787812f587ba2", "rev": "849d1b2b1adddfc7bddbd3be6bffd218a3f5a6fe",
=======
"lastModified": 1764813963,
"narHash": "sha256-Vs7Mamto+T8r1evk9myHepgHGNJkS2Kr0BF64NIei94=",
"owner": "Infinidoge",
"repo": "nix-minecraft",
"rev": "491200d6848402bbab1421cccbc15a46f08c7f78",
>>>>>>> ba1d4e1 (chore: update deps)
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -770,11 +842,11 @@
}, },
"nixos-facter-modules": { "nixos-facter-modules": {
"locked": { "locked": {
"lastModified": 1762264948, "lastModified": 1764252389,
"narHash": "sha256-iaRf6n0KPl9hndnIft3blm1YTAyxSREV1oX0MFZ6Tk4=", "narHash": "sha256-3bbuneTKZBkYXlm0bE36kUjiDsasoIC1GWBw/UEJ9T4=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixos-facter-modules", "repo": "nixos-facter-modules",
"rev": "fa695bff9ec37fd5bbd7ee3181dbeb5f97f53c96", "rev": "5ea68886d95218646d11d3551a476d458df00778",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -791,11 +863,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1751903740, "lastModified": 1764234087,
"narHash": "sha256-PeSkNMvkpEvts+9DjFiop1iT2JuBpyknmBUs0Un0a4I=", "narHash": "sha256-NHF7QWa0ZPT8hsJrvijREW3+nifmF2rTXgS2v0tpcEA=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixos-generators", "repo": "nixos-generators",
"rev": "032decf9db65efed428afd2fa39d80f7089085eb", "rev": "032a1878682fafe829edfcf5fdfad635a2efe748",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -812,11 +884,19 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1763537456, <<<<<<< HEAD
"narHash": "sha256-/WRqcqeE9C+mxxWgI7jy5blMrvg2lHFSlTFjC8pRWos=", "lastModified": 1764591717,
"narHash": "sha256-T/HMA0Bb/O6UnlGQ0Xt+wGe1j8m7eyyQ5+vVcCJslsM=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixos-wsl", "repo": "nixos-wsl",
"rev": "cd9eb5225fc91eb67629966844d2ff371824abb1", "rev": "84d1dab290feb4865d0cfcffc7aa0cf9bc65c3b7",
=======
"lastModified": 1764730608,
"narHash": "sha256-FxKIa3OCSRVC23qrk7VT68vExUcmSruJ8OobVlSWOxc=",
"owner": "nix-community",
"repo": "nixos-wsl",
"rev": "10124c58674360765adcb38c9a8b081fb72904e4",
>>>>>>> ba1d4e1 (chore: update deps)
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -827,11 +907,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1761828793, "lastModified": 1764255304,
"narHash": "sha256-xjdPwMD4wVuDD85U+3KST62VzFkJueI6oBwIzpzUHLY=", "narHash": "sha256-oQPux8afXmkbb88ceRtz1lgSGqL9auOgdYnBSqpVgSA=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "843859a08e114403f44aaf5b996b44c38094aa46", "rev": "6e86c955fc372d12face4a9c0d932a6e0f7bff4d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -843,11 +923,11 @@
}, },
"nixpkgs-lib": { "nixpkgs-lib": {
"locked": { "locked": {
"lastModified": 1754788789, "lastModified": 1764465291,
"narHash": "sha256-x2rJ+Ovzq0sCMpgfgGaaqgBSwY+LST+WbZ6TytnT9Rk=", "narHash": "sha256-jJ/E4B9Hp7U2ZmT3E0tD1LtAfATw/xjVf8sueNyeYmc=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixpkgs.lib", "repo": "nixpkgs.lib",
"rev": "a73b9c743612e4244d865a2fdee11865283c04e6", "rev": "e9537535ae8f4a2f78dbef0aaa0cbb6af4abd047",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -856,13 +936,37 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_10": {
"locked": {
"lastModified": 1764517877,
"narHash": "sha256-pp3uT4hHijIC8JUK5MEqeAWmParJrgBVzHLNfJDZxg4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "2d293cbfa5a793b4c50d17c05ef9e385b90edf6c",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1763469780, <<<<<<< HEAD
"narHash": "sha256-IW67Db/wBNQwJ5e0fF9Yk4SmdivMcecrUVDs7QJoC/s=", "lastModified": 1764547213,
"narHash": "sha256-pGXM6frMKLRJmeMcQ228O1QQBuNEUjzmWx9uBd+CbXM=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "a70b03ca5dc9d46294740f165abdef9f9bea5632", "rev": "64de27c1c985895c1a9f92aaeaab4e6a4c0960f5",
=======
"lastModified": 1764811743,
"narHash": "sha256-Ypfd8oBuG3HWtzcY7VtYiI6Pawznag7YHWy8RoOfiBs=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "4a6ebaabd716d6479b39fa234a8f895f0ec1cb88",
>>>>>>> ba1d4e1 (chore: update deps)
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -890,11 +994,19 @@
}, },
"nixpkgs_4": { "nixpkgs_4": {
"locked": { "locked": {
"lastModified": 1763547551, <<<<<<< HEAD
"narHash": "sha256-YOdXVAqEGmrPUgs71r8ziuu9qqpn3jJEiIxsIls+VQA=", "lastModified": 1764618760,
"narHash": "sha256-QTUgygkdUq4sq7mXoO2Q2IPpvkKOZtTAJkbTaTjMi0A=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "06aa4d5f488875b6af46e10b45b8000ed0906860", "rev": "29a7d6eec7e1177020f62f7599e5021317219c37",
=======
"lastModified": 1764856222,
"narHash": "sha256-yEJmtoFu4cJre1NuU4fb8q57Oux+NTbocnALtJ64aEI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ece6e266caf1effab32eceef0403b797b4330373",
>>>>>>> ba1d4e1 (chore: update deps)
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -905,6 +1017,22 @@
} }
}, },
"nixpkgs_5": { "nixpkgs_5": {
"locked": {
"lastModified": 1764242076,
"narHash": "sha256-sKoIWfnijJ0+9e4wRvIgm/HgE27bzwQxcEmo2J/gNpI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "2fad6eac6077f03fe109c4d4eb171cf96791faa4",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": { "locked": {
"lastModified": 1748929857, "lastModified": 1748929857,
"narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=", "narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=",
@ -920,13 +1048,21 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_6": { "nixpkgs_7": {
"locked": { "locked": {
"lastModified": 1763421233, <<<<<<< HEAD
"narHash": "sha256-Stk9ZYRkGrnnpyJ4eqt9eQtdFWRRIvMxpNRf4sIegnw=", "lastModified": 1764517877,
"narHash": "sha256-pp3uT4hHijIC8JUK5MEqeAWmParJrgBVzHLNfJDZxg4=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "89c2b2330e733d6cdb5eae7b899326930c2c0648", "rev": "2d293cbfa5a793b4c50d17c05ef9e385b90edf6c",
=======
"lastModified": 1764667669,
"narHash": "sha256-7WUCZfmqLAssbDqwg9cUDAXrSoXN79eEEq17qhTNM/Y=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "418468ac9527e799809c900eda37cbff999199b6",
>>>>>>> ba1d4e1 (chore: update deps)
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -936,7 +1072,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_7": { "nixpkgs_8": {
"locked": { "locked": {
"lastModified": 1761880412, "lastModified": 1761880412,
"narHash": "sha256-QoJjGd4NstnyOG4mm4KXF+weBzA2AH/7gn1Pmpfcb0A=", "narHash": "sha256-QoJjGd4NstnyOG4mm4KXF+weBzA2AH/7gn1Pmpfcb0A=",
@ -952,13 +1088,13 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_8": { "nixpkgs_9": {
"locked": { "locked": {
"lastModified": 1763191728, "lastModified": 1764445028,
"narHash": "sha256-esRhOS0APE6k40Hs/jjReXg+rx+J5LkWw7cuWFKlwYA=", "narHash": "sha256-ik6H/0Zl+qHYDKTXFPpzuVHSZE+uvVz2XQuQd1IVXzo=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "1d4c88323ac36805d09657d13a5273aea1b34f0c", "rev": "a09378c0108815dbf3961a0e085936f4146ec415",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -968,22 +1104,6 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_9": {
"locked": {
"lastModified": 1762977756,
"narHash": "sha256-4PqRErxfe+2toFJFgcRKZ0UI9NSIOJa+7RXVtBhy4KE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c5ae371f1a6a7fd27823bc500d9390b38c05fa55",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nur": { "nur": {
"inputs": { "inputs": {
"flake-parts": [ "flake-parts": [
@ -996,11 +1116,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1758998580, "lastModified": 1764773531,
"narHash": "sha256-VLx0z396gDCGSiowLMFz5XRO/XuNV+4EnDYjdJhHvUk=", "narHash": "sha256-mCBl7MD1WZ7yCG6bR9MmpPO2VydpNkWFgnslJRIT1YU=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "ba8d9c98f5f4630bcb0e815ab456afd90c930728", "rev": "1d9616689e98beded059ad0384b9951e967a17fa",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1012,9 +1132,9 @@
"nvf": { "nvf": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_4", "flake-compat": "flake-compat_4",
"flake-parts": "flake-parts_2", "flake-parts": "flake-parts_3",
"mnw": "mnw", "mnw": "mnw",
"nixpkgs": "nixpkgs_7", "nixpkgs": "nixpkgs_8",
"systems": "systems_5" "systems": "systems_5"
}, },
"locked": { "locked": {
@ -1041,11 +1161,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1762784320, "lastModified": 1763909441,
"narHash": "sha256-odsk96Erywk5hs0dhArF38zb7Oe0q6LZ70gXbxAPKno=", "narHash": "sha256-56LwV51TX/FhgX+5LCG6akQ5KrOWuKgcJa+eUsRMxsc=",
"owner": "nix-community", "owner": "nix-community",
"repo": "plasma-manager", "repo": "plasma-manager",
"rev": "7911a0f8a44c7e8b29d031be3149ee8943144321", "rev": "b24ed4b272256dfc1cc2291f89a9821d5f9e14b4",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1065,11 +1185,12 @@
"himmelblau": "himmelblau", "himmelblau": "himmelblau",
"home-manager": "home-manager", "home-manager": "home-manager",
"jovian": "jovian", "jovian": "jovian",
"mydia": "mydia",
"nix-minecraft": "nix-minecraft", "nix-minecraft": "nix-minecraft",
"nixos-boot": "nixos-boot", "nixos-boot": "nixos-boot",
"nixos-generators": "nixos-generators", "nixos-generators": "nixos-generators",
"nixos-wsl": "nixos-wsl", "nixos-wsl": "nixos-wsl",
"nixpkgs": "nixpkgs_6", "nixpkgs": "nixpkgs_7",
"nvf": "nvf", "nvf": "nvf",
"plasma-manager": "plasma-manager", "plasma-manager": "plasma-manager",
"snowfall-lib": "snowfall-lib", "snowfall-lib": "snowfall-lib",
@ -1082,11 +1203,19 @@
"rust-analyzer-src": { "rust-analyzer-src": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1762860488, <<<<<<< HEAD
"narHash": "sha256-rMfWMCOo/pPefM2We0iMBLi2kLBAnYoB9thi4qS7uk4=", "lastModified": 1764525349,
"narHash": "sha256-vR3vU9AwzMsBvjNeeG2inA5W/2MwseFk5NIIrLFEMHk=",
"owner": "rust-lang", "owner": "rust-lang",
"repo": "rust-analyzer", "repo": "rust-analyzer",
"rev": "2efc80078029894eec0699f62ec8d5c1a56af763", "rev": "d646b23f000d099d845f999c2c1e05b15d9cdc78",
=======
"lastModified": 1764778537,
"narHash": "sha256-SNL+Fj1ZWiBqCrHJT1S9vMZujrWxCOmf3zkT66XSnhE=",
"owner": "rust-lang",
"repo": "rust-analyzer",
"rev": "633cff25206d5108043d87617a43c9d04aa42c88",
>>>>>>> ba1d4e1 (chore: update deps)
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1147,11 +1276,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1763264763, "lastModified": 1764483358,
"narHash": "sha256-N0BEoJIlJ+M6sWZJ8nnfAjGY9VLvM6MXMitRenmhBkY=", "narHash": "sha256-EyyvCzXoHrbL467YSsQBTWWg4sR96MH1sPpKoSOelB4=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "882e56c8293e44d57d882b800a82f8b2ee7a858f", "rev": "5aca6ff67264321d47856a2ed183729271107c9c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1162,14 +1291,14 @@
}, },
"sops-nix_2": { "sops-nix_2": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs_8" "nixpkgs": "nixpkgs_9"
}, },
"locked": { "locked": {
"lastModified": 1763509310, "lastModified": 1764483358,
"narHash": "sha256-s2WzTAD3vJtPACBCZXezNUMTG/wC6SFsU9DxazB9wDI=", "narHash": "sha256-EyyvCzXoHrbL467YSsQBTWWg4sR96MH1sPpKoSOelB4=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "3ee33c0ed7c5aa61b4e10484d2ebdbdc98afb03e", "rev": "5aca6ff67264321d47856a2ed183729271107c9c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1185,9 +1314,9 @@
"base16-helix": "base16-helix", "base16-helix": "base16-helix",
"base16-vim": "base16-vim", "base16-vim": "base16-vim",
"firefox-gnome-theme": "firefox-gnome-theme", "firefox-gnome-theme": "firefox-gnome-theme",
"flake-parts": "flake-parts_3", "flake-parts": "flake-parts_4",
"gnome-shell": "gnome-shell", "gnome-shell": "gnome-shell",
"nixpkgs": "nixpkgs_9", "nixpkgs": "nixpkgs_10",
"nur": "nur", "nur": "nur",
"systems": "systems_7", "systems": "systems_7",
"tinted-foot": "tinted-foot", "tinted-foot": "tinted-foot",
@ -1197,11 +1326,19 @@
"tinted-zed": "tinted-zed" "tinted-zed": "tinted-zed"
}, },
"locked": { "locked": {
"lastModified": 1763497248, <<<<<<< HEAD
"narHash": "sha256-OGP6MYc+lVkLVQOTS6ORszDcCnZm7kDOGpFBdDoLd0k=", "lastModified": 1764550443,
"narHash": "sha256-ArO2V1YEHmEILilTj4KPtqF4gqc1q2HBrrrmygQ/UyU=",
"owner": "nix-community", "owner": "nix-community",
"repo": "stylix", "repo": "stylix",
"rev": "f19ac46f6aa26188b2020ed40066a5b832be9c53", "rev": "794b6e1fa75177ebfeb32967f135858a1ab1ba15",
=======
"lastModified": 1764798099,
"narHash": "sha256-IIwR5ZWo7tjxjRpkz0tViF9KFbQ1YXs9Wkan46WQbfk=",
"owner": "nix-community",
"repo": "stylix",
"rev": "4b9e0e7ba3cccb86fe2bf0f4a2dd18256bef1cc6",
>>>>>>> ba1d4e1 (chore: update deps)
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1332,7 +1469,7 @@
}, },
"terranix": { "terranix": {
"inputs": { "inputs": {
"flake-parts": "flake-parts_4", "flake-parts": "flake-parts_5",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
@ -1388,11 +1525,11 @@
"tinted-schemes": { "tinted-schemes": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1757716333, "lastModified": 1763914658,
"narHash": "sha256-d4km8W7w2zCUEmPAPUoLk1NlYrGODuVa3P7St+UrqkM=", "narHash": "sha256-Hju0WtMf3iForxtOwXqGp3Ynipo0EYx1AqMKLPp9BJw=",
"owner": "tinted-theming", "owner": "tinted-theming",
"repo": "schemes", "repo": "schemes",
"rev": "317a5e10c35825a6c905d912e480dfe8e71c7559", "rev": "0f6be815d258e435c9b137befe5ef4ff24bea32c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1404,11 +1541,11 @@
"tinted-tmux": { "tinted-tmux": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1757811970, "lastModified": 1764465359,
"narHash": "sha256-n5ZJgmzGZXOD9pZdAl1OnBu3PIqD+X3vEBUGbTi4JiI=", "narHash": "sha256-lbSVPqLEk2SqMrnpvWuKYGCaAlfWFMA6MVmcOFJjdjE=",
"owner": "tinted-theming", "owner": "tinted-theming",
"repo": "tinted-tmux", "repo": "tinted-tmux",
"rev": "d217ba31c846006e9e0ae70775b0ee0f00aa6b1e", "rev": "edf89a780e239263cc691a987721f786ddc4f6aa",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1420,11 +1557,11 @@
"tinted-zed": { "tinted-zed": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1757811247, "lastModified": 1764464512,
"narHash": "sha256-4EFOUyLj85NRL3OacHoLGEo0wjiRJzfsXtR4CZWAn6w=", "narHash": "sha256-rCD/pAhkMdCx6blsFwxIyvBJbPZZ1oL2sVFrH07lmqg=",
"owner": "tinted-theming", "owner": "tinted-theming",
"repo": "base16-zed", "repo": "base16-zed",
"rev": "824fe0aacf82b3c26690d14e8d2cedd56e18404e", "rev": "907dbba5fb8cf69ebfd90b00813418a412d0a29a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1462,11 +1599,19 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1763521945, <<<<<<< HEAD
"narHash": "sha256-Zcrafbe4niRJMbzaVOwg7+iedJhwBFttre2DpyCC6qA=", "lastModified": 1764598958,
"narHash": "sha256-sJQHRL8trBoG/ArR+mUlyp5cyKU0pgQY+qDQzZGnVgM=",
"owner": "0xc000022070", "owner": "0xc000022070",
"repo": "zen-browser-flake", "repo": "zen-browser-flake",
"rev": "24d7381b9231c23daceec5d372cc28e877f7785d", "rev": "8cded25e10b13e2999241f1c73a7d4e5e5d6f69e",
=======
"lastModified": 1764825646,
"narHash": "sha256-QkKEkj3GXpkPxJz9S1RgaMlxstkyaj5IKVWvxIbtC8w=",
"owner": "0xc000022070",
"repo": "zen-browser-flake",
"rev": "8c9284cc227a5c7cd8f1e1fa7a6882b0907187c8",
>>>>>>> ba1d4e1 (chore: update deps)
"type": "github" "type": "github"
}, },
"original": { "original": {

76
flake.nix
View file

@ -88,49 +88,55 @@
url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
mydia = {
url = "github:chris-kruining/mydia";
# url = "github:getmydia/mydia";
};
}; };
outputs = inputs: inputs.snowfall-lib.mkFlake { outputs = inputs:
inherit inputs; inputs.snowfall-lib.mkFlake {
src = ./.; inherit inputs;
src = ./.;
snowfall = { snowfall = {
namespace = "sneeuwvlok"; namespace = "sneeuwvlok";
meta = { meta = {
name = "sneeuwvlok"; name = "sneeuwvlok";
title = "Sneeuwvlok"; title = "Sneeuwvlok";
};
}; };
};
channels-config = { channels-config = {
allowUnfree = true; allowUnfree = true;
permittedInsecurePackages = [ permittedInsecurePackages = [
# Due to *arr stack # Due to *arr stack
"dotnet-sdk-6.0.428" "dotnet-sdk-6.0.428"
"aspnetcore-runtime-6.0.36" "aspnetcore-runtime-6.0.36"
# I think this is because of zen # I think this is because of zen
"qtwebengine-5.15.19" "qtwebengine-5.15.19"
# For Nheko, the matrix client # For Nheko, the matrix client
"olm-3.2.16" "olm-3.2.16"
];
};
overlays = with inputs; [
fenix.overlays.default
nix-minecraft.overlay
flux.overlays.default
];
systems.modules = with inputs; [
clan-core.nixosModules.default
];
homes.modules = with inputs; [
stylix.homeModules.stylix
plasma-manager.homeModules.plasma-manager
]; ];
}; };
overlays = with inputs; [
fenix.overlays.default
nix-minecraft.overlay
flux.overlays.default
];
systems.modules = with inputs; [
clan-core.nixosModules.default
];
homes.modules = with inputs; [
stylix.homeModules.stylix
plasma-manager.homeModules.plasma-manager
];
};
} }

9
homes/x86_64-linux/chris@mandos/default.nix
View file

@ -1,10 +1,11 @@
{ osConfig, ... }: {osConfig, ...}: {
{
home.stateVersion = osConfig.system.stateVersion; home.stateVersion = osConfig.system.stateVersion;
programs.git = { programs.git = {
userName = "Chris Kruining"; settings.user = {
userEmail = "chris@kruining.eu"; name = "Chris Kruining";
email = "chris@kruining.eu";
};
}; };
sneeuwvlok = { sneeuwvlok = {

9
homes/x86_64-linux/chris@manwe/default.nix
View file

@ -1,10 +1,11 @@
{ osConfig, ... }: {osConfig, ...}: {
{
home.stateVersion = osConfig.system.stateVersion; home.stateVersion = osConfig.system.stateVersion;
programs.git = { programs.git = {
userName = "Chris Kruining"; settings.user = {
userEmail = "chris@kruining.eu"; name = "Chris Kruining";
email = "chris@kruining.eu";
};
}; };
sneeuwvlok = { sneeuwvlok = {

9
homes/x86_64-linux/chris@orome/default.nix
View file

@ -1,10 +1,11 @@
{ osConfig, ... }: {osConfig, ...}: {
{
home.stateVersion = osConfig.system.stateVersion; home.stateVersion = osConfig.system.stateVersion;
programs.git = { programs.git = {
userName = "Chris Kruining"; settings.user = {
userEmail = "chris@kruining.eu"; name = "Chris Kruining";
email = "chris@kruining.eu";
};
}; };
sneeuwvlok = { sneeuwvlok = {

9
homes/x86_64-linux/chris@tulkas/default.nix
View file

@ -1,10 +1,11 @@
{ osConfig, ... }: {osConfig, ...}: {
{
home.stateVersion = osConfig.system.stateVersion; home.stateVersion = osConfig.system.stateVersion;
programs.git = { programs.git = {
userName = "Chris Kruining"; settings.user = {
userEmail = "chris@kruining.eu"; name = "Chris Kruining";
email = "chris@kruining.eu";
};
}; };
sneeuwvlok = { sneeuwvlok = {

16
modules/home/application/onlyoffice/default.nix
View file

@ -1,16 +1,20 @@
{ inputs, config, lib, pkgs, namespace, ... }: {
let inputs,
config,
lib,
pkgs,
namespace,
...
}: let
inherit (lib) mkIf mkEnableOption; inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.application.onlyoffice; cfg = config.${namespace}.application.onlyoffice;
in in {
{
options.${namespace}.application.onlyoffice = { options.${namespace}.application.onlyoffice = {
enable = mkEnableOption "enable onlyoffice"; enable = mkEnableOption "enable onlyoffice";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
home.packages = with pkgs; [ onlyoffice-bin ]; home.packages = with pkgs; [onlyoffice-desktopeditors];
# fonts.packages = with pkgs; [ corefonts ];
}; };
} }

2
modules/home/application/steam/default.nix
View file

@ -10,7 +10,7 @@ in
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
home.packages = with pkgs; [ protonup ]; home.packages = with pkgs; [ protonup-ng ];
home.sessionVariables = { home.sessionVariables = {
STEAM_EXTRA_COMPAT_TOOLS_PATHS = "\${HOME}/.steam/root/compatibilitytools.d"; STEAM_EXTRA_COMPAT_TOOLS_PATHS = "\${HOME}/.steam/root/compatibilitytools.d";

2
modules/home/application/teamspeak/default.nix
View file

@ -10,6 +10,6 @@ in
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
home.packages = with pkgs; [ teamspeak_client ]; home.packages = with pkgs; [ teamspeak3 teamspeak6-client ];
}; };
} }

34
modules/home/shell/toolset/git/default.nix
View file

@ -1,10 +1,14 @@
{ config, lib, pkgs, namespace, ... }: {
let config,
lib,
pkgs,
namespace,
...
}: let
inherit (lib) mkEnableOption mkIf; inherit (lib) mkEnableOption mkIf;
cfg = config.${namespace}.shell.toolset.git; cfg = config.${namespace}.shell.toolset.git;
in in {
{
options.${namespace}.shell.toolset.git = { options.${namespace}.shell.toolset.git = {
enable = mkEnableOption "version-control system"; enable = mkEnableOption "version-control system";
}; };
@ -12,7 +16,7 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
home.sessionVariables.GITHUB_TOKEN = "$(cat /run/agenix/tokenGH)"; home.sessionVariables.GITHUB_TOKEN = "$(cat /run/agenix/tokenGH)";
home.packages = with pkgs; [ lazygit lazyjj jujutsu ]; home.packages = with pkgs; [lazygit lazyjj jujutsu];
programs = { programs = {
zsh.initContent = '' zsh.initContent = ''
@ -29,14 +33,6 @@ in
git = { git = {
enable = true; enable = true;
package = pkgs.gitFull; package = pkgs.gitFull;
difftastic = {
enable = true;
options = {
background = "dark";
color = "always";
display = "inline";
};
};
ignores = [ ignores = [
# General: # General:
@ -69,7 +65,7 @@ in
"*.elc" "*.elc"
]; ];
extraConfig = { settings = {
init.defaultBranch = "main"; init.defaultBranch = "main";
core = { core = {
editor = "nvim"; editor = "nvim";
@ -106,6 +102,16 @@ in
}; };
}; };
}; };
difftastic = {
enable = true;
git.enable = true;
options = {
background = "dark";
color = "always";
display = "inline";
};
};
}; };
}; };
} }

15
modules/nixos/application/steam/default.nix
View file

@ -1,10 +1,15 @@
{ inputs, config, lib, pkgs, namespace, ... }: {
let inputs,
config,
lib,
pkgs,
namespace,
...
}: let
inherit (lib) mkIf mkEnableOption; inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.application.steam; cfg = config.${namespace}.application.steam;
in in {
{
options.${namespace}.application.steam = { options.${namespace}.application.steam = {
enable = mkEnableOption "enable steam"; enable = mkEnableOption "enable steam";
}; };
@ -13,7 +18,7 @@ in
programs = { programs = {
steam = { steam = {
enable = true; enable = true;
package = pkgs.steam-small.override { package = pkgs.steam.override {
extraEnv = { extraEnv = {
DXVK_HUD = "compiler"; DXVK_HUD = "compiler";
MANGOHUD = true; MANGOHUD = true;

15
modules/nixos/services/authentication/himmelblau/default.nix
View file

@ -1,10 +1,15 @@
{ inputs, lib, config, namespace, ... }: let {
inputs,
lib,
config,
namespace,
...
}: let
inherit (lib) mkEnableOption mkIf; inherit (lib) mkEnableOption mkIf;
cfg = config.${namespace}.services.authentication.himmelblau; cfg = config.${namespace}.services.authentication.himmelblau;
in in {
{ imports = [inputs.himmelblau.nixosModules.himmelblau];
imports = [ inputs.himmelblau.nixosModules.himmelblau ];
options.${namespace}.services.authentication.himmelblau = { options.${namespace}.services.authentication.himmelblau = {
enable = mkEnableOption "enable azure entra ID authentication"; enable = mkEnableOption "enable azure entra ID authentication";
@ -14,7 +19,7 @@ in
services.himmelblau = { services.himmelblau = {
enable = true; enable = true;
settings = { settings = {
domains = []; domain = "";
pam_allow_groups = []; pam_allow_groups = [];
local_groups = []; local_groups = [];
}; };

40
modules/nixos/services/authentication/zitadel/default.nix
View file

@ -23,7 +23,7 @@ in
default = false; default = false;
example = "true"; example = "true";
description = '' description = ''
True sets the org as default org for the instance. Only one org can be default org. True sets the '${org}' org as default org for the instance. Only one org can be default org.
Nothing happens if you set it to false until you set another org as default org. Nothing happens if you set it to false until you set another org as default org.
''; '';
}; };
@ -335,14 +335,6 @@ in
; ;
append = attrList: set: set // (listToAttrs attrList); append = attrList: set: set // (listToAttrs attrList);
forEach = src: key: set:
let
_key = concatMapStringsSep "_" (k: "\${item.${k}}") key;
in
{
forEach = "{ for item in ${src} : \"${_key}\" => item }";
}
// set;
config' = config; config' = config;
@ -352,7 +344,21 @@ in
modules = [ modules = [
({ config, lib, ... }: { ({ config, lib, ... }: {
config = { config =
let
forEach = src: key: set:
let
_key = concatMapStringsSep "_" (k: "\${item.${k}}") key;
in
{
forEach = lib.tfRef ''{
for item in ${src} :
"''${item.org}_''${item.name}" => item
}'';
}
// set;
in
{
terraform.required_providers.zitadel = { terraform.required_providers.zitadel = {
source = "zitadel/zitadel"; source = "zitadel/zitadel";
version = "2.2.0"; version = "2.2.0";
@ -549,9 +555,11 @@ in
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
wants = [ "zitadel.service" ]; wants = [ "zitadel.service" ];
script = '' script =
#!/usr/bin/env bash let
tofu = lib.getExe pkgs.opentofu;
in
''
if [ "$(systemctl is-active zitadel)" != "active" ]; then if [ "$(systemctl is-active zitadel)" != "active" ]; then
echo "Zitadel is not running" echo "Zitadel is not running"
exit 1 exit 1
@ -564,11 +572,11 @@ in
cp -f ${terraformConfiguration} config.tf.json cp -f ${terraformConfiguration} config.tf.json
# Initialize OpenTofu # Initialize OpenTofu
${lib.getExe pkgs.opentofu} init ${tofu} init
# Run the infrastructure code # Run the infrastructure code
# ${lib.getExe pkgs.opentofu} plan ${tofu} plan -refresh=false -out=tfplan
${lib.getExe pkgs.opentofu} apply -auto-approve ${tofu} apply -auto-approve tfplan
''; '';
serviceConfig = { serviceConfig = {

24
modules/nixos/services/communication/matrix/default.nix
View file

@ -1,5 +1,10 @@
{ config, lib, pkgs, namespace, ... }: {
let config,
lib,
pkgs,
namespace,
...
}: let
inherit (builtins) toString toJSON; inherit (builtins) toString toJSON;
inherit (lib) mkIf mkEnableOption; inherit (lib) mkIf mkEnableOption;
@ -10,8 +15,7 @@ let
port = 4001; port = 4001;
database = "synapse"; database = "synapse";
in in {
{
options.${namespace}.services.communication.matrix = { options.${namespace}.services.communication.matrix = {
enable = mkEnableOption "Matrix server (Synapse)"; enable = mkEnableOption "Matrix server (Synapse)";
}; };
@ -22,13 +26,13 @@ in
# virtualisation.podman.enable = true; # virtualisation.podman.enable = true;
}; };
networking.firewall.allowedTCPPorts = [ 4001 ]; networking.firewall.allowedTCPPorts = [4001];
services = { services = {
matrix-synapse = { matrix-synapse = {
enable = true; enable = true;
extras = [ "oidc" ]; extras = ["oidc"];
extraConfigFiles = [ extraConfigFiles = [
config.sops.templates."synapse-oidc.yaml".path config.sops.templates."synapse-oidc.yaml".path
@ -52,7 +56,7 @@ in
backchannel_logout_enabled = true; backchannel_logout_enabled = true;
sso = { sso = {
client_whitelist = [ "http://[::1]:9092" ]; client_whitelist = ["http://[::1]:9092"];
update_profile_information = true; update_profile_information = true;
}; };
@ -75,7 +79,7 @@ in
resources = [ resources = [
{ {
names = [ "client" "federation" "openid" "metrics" "media" "health" ]; names = ["client" "federation" "openid" "metrics" "media" "health"];
compress = true; compress = true;
} }
]; ];
@ -132,7 +136,7 @@ in
postgresql = { postgresql = {
enable = true; enable = true;
ensureDatabases = [ database ]; ensureDatabases = [database];
ensureUsers = [ ensureUsers = [
{ {
name = database; name = database;
@ -192,7 +196,7 @@ in
localpart_template: "{{ user.preferred_username }}" localpart_template: "{{ user.preferred_username }}"
display_name_template: "{{ user.name }}" display_name_template: "{{ user.name }}"
''; '';
restartUnits = [ "matrix-synapse.service" ]; restartUnits = ["matrix-synapse.service"];
}; };
}; };
}; };

28
modules/nixos/services/development/forgejo/default.nix
View file

@ -1,12 +1,16 @@
{ config, lib, pkgs, namespace, ... }: {
let config,
lib,
pkgs,
namespace,
...
}: let
inherit (builtins) toString; inherit (builtins) toString;
inherit (lib) mkIf mkEnableOption mkOption; inherit (lib) mkIf mkEnableOption mkOption;
cfg = config.${namespace}.services.development.forgejo; cfg = config.${namespace}.services.development.forgejo;
domain = "git.amarth.cloud"; domain = "git.amarth.cloud";
in in {
{
options.${namespace}.services.development.forgejo = { options.${namespace}.services.development.forgejo = {
enable = mkEnableOption "Forgejo"; enable = mkEnableOption "Forgejo";
@ -26,7 +30,7 @@ in
virtualisation.podman.enable = true; virtualisation.podman.enable = true;
}; };
environment.systemPackages = with pkgs; [ forgejo ]; environment.systemPackages = with pkgs; [forgejo];
services = { services = {
forgejo = { forgejo = {
@ -141,7 +145,7 @@ in
}; };
}; };
openssh.settings.AllowUsers = [ "forgejo" ]; openssh.settings.AllowUsers = ["forgejo"];
gitea-actions-runner = { gitea-actions-runner = {
package = pkgs.forgejo-runner; package = pkgs.forgejo-runner;
@ -180,18 +184,26 @@ in
}; };
}; };
users = {
users."gitea-runner" = {
isSystemUser = true;
group = "gitea-runner";
};
groups."gitea-runner" = {};
};
sops.secrets = { sops.secrets = {
"forgejo/action_runner_token" = { "forgejo/action_runner_token" = {
owner = "gitea-runner"; owner = "gitea-runner";
group = "gitea-runner"; group = "gitea-runner";
restartUnits = [ "gitea-runner-default.service" ]; restartUnits = ["gitea-runner-default.service"];
}; };
"forgejo/email" = { "forgejo/email" = {
owner = "forgejo"; owner = "forgejo";
group = "forgejo"; group = "forgejo";
key = "email/chris_kruining_eu"; key = "email/chris_kruining_eu";
restartUnits = [ "forgejo.service" ]; restartUnits = ["forgejo.service"];
}; };
}; };
}; };

317
modules/nixos/services/media/default.nix
View file

@ -1,13 +1,19 @@
{ pkgs, lib, namespace, config, inputs, system, ... }: {
let pkgs,
lib,
namespace,
config,
inputs,
system,
...
}: let
inherit (lib) mkIf mkEnableOption mkOption; inherit (lib) mkIf mkEnableOption mkOption;
inherit (lib.types) str; inherit (lib.types) str;
cfg = config.${namespace}.services.media; cfg = config.${namespace}.services.media;
arr = ["radarr" ]; arr = ["radarr"];
in in {
{
options.${namespace}.services.media = { options.${namespace}.services.media = {
enable = mkEnableOption "Enable media services"; enable = mkEnableOption "Enable media services";
@ -73,113 +79,128 @@ in
arr arr
|> lib.imap (i: service: { |> lib.imap (i: service: {
name = service; name = service;
value = { value =
enable = true; {
openFirewall = true; enable = true;
openFirewall = true;
environmentFiles = [ environmentFiles = [
config.sops.templates."${service}/config.env".path config.sops.templates."${service}/config.env".path
]; ];
settings = { settings = {
auth.authenticationMethod = "External"; auth.authenticationMethod = "External";
server = { server = {
bindaddress = "0.0.0.0"; bindaddress = "0.0.0.0";
port = 2000 + i; port = 2000 + i;
};
postgres = {
host = "localhost";
port = "5432";
user = service;
maindb = service;
logdb = service;
};
}; };
}
postgres = { // (
host = "localhost"; if service != "prowlarr"
port = "5432"; then {
user = service; user = cfg.user;
maindb = service; group = cfg.group;
logdb = service; }
}; else {}
}; );
}
// (if service != "prowlarr" then { user = cfg.user; group = cfg.group; } else {});
}) })
|> lib.listToAttrs |> lib.listToAttrs;
;
in in
arr-services // { arr-services
bazarr = { // {
enable = true; bazarr = {
openFirewall = true; enable = true;
user = cfg.user; openFirewall = true;
group = cfg.group; user = cfg.user;
listenPort = 2005; group = cfg.group;
}; listenPort = 2005;
# port is harcoded in nixpkgs module
jellyfin = {
enable = true;
openFirewall = true;
user = cfg.user;
group = cfg.group;
};
flaresolverr = {
enable = true;
openFirewall = true;
port = 2007;
};
qbittorrent = {
enable = true;
openFirewall = true;
webuiPort = 2008;
serverConfig = {
LegalNotice.Accepted = true;
}; };
user = cfg.user; # port is harcoded in nixpkgs module
group = cfg.group; jellyfin = {
}; enable = true;
openFirewall = true;
user = cfg.user;
group = cfg.group;
};
# port is harcoded in nixpkgs module flaresolverr = {
sabnzbd = { enable = true;
enable = true; openFirewall = true;
openFirewall = true; port = 2007;
configFile = "${cfg.path}/sabnzbd/config.ini"; };
user = cfg.user; qbittorrent = {
group = cfg.group; enable = true;
}; openFirewall = true;
webuiPort = 2008;
postgresql = serverConfig = {
let LegalNotice.Accepted = true;
databases = arr |> lib.concatMap (s: [ s "${s}-log" ]);
in
{
enable = true;
ensureDatabases = arr;
ensureUsers = arr |> lib.map (service: {
name = service;
ensureDBOwnership = true;
});
};
caddy = { Prefecences.WebUI = {
enable = true; Username = "admin";
virtualHosts = { };
"jellyfin.kruining.eu".extraConfig = '' };
reverse_proxy http://[::1]:8096
''; user = cfg.user;
group = cfg.group;
};
# port is harcoded in nixpkgs module
sabnzbd = {
enable = true;
openFirewall = true;
configFile = "${cfg.path}/sabnzbd/config.ini";
user = cfg.user;
group = cfg.group;
};
postgresql = let
databases = arr |> lib.concatMap (s: [s "${s}-log"]);
in {
enable = true;
ensureDatabases = arr;
ensureUsers =
arr
|> lib.map (service: {
name = service;
ensureDBOwnership = true;
});
};
caddy = {
enable = true;
virtualHosts = {
"jellyfin.kruining.eu".extraConfig = ''
reverse_proxy http://[::1]:8096
'';
};
}; };
}; };
};
systemd.services.radarrApplyTerraform = systemd.services.radarrApplyTerraform = let
let
# this is a nix package, the generated json file to be exact # this is a nix package, the generated json file to be exact
terraformConfiguration = inputs.terranix.lib.terranixConfiguration { terraformConfiguration = inputs.terranix.lib.terranixConfiguration {
inherit system; inherit system;
modules = [ modules = [
({ config, lib, ... }: { ({
config,
lib,
...
}: {
config = { config = {
variable = { variable = {
api_key = { api_key = {
@ -207,12 +228,11 @@ in
}) })
]; ];
}; };
in in {
{
description = "Radarr terraform apply"; description = "Radarr terraform apply";
wantedBy = [ "multi-user.target" ]; wantedBy = ["multi-user.target"];
wants = [ "radarr.service" ]; wants = ["radarr.service"];
script = '' script = ''
#!/usr/bin/env bash #!/usr/bin/env bash
@ -255,53 +275,70 @@ in
systemd.services.jellyfin.serviceConfig.killSignal = lib.mkForce "SIGKILL"; systemd.services.jellyfin.serviceConfig.killSignal = lib.mkForce "SIGKILL";
sops = { sops = {
secrets = secrets = let
arr arrSecrets =
|> lib.map (service: { arr
name = "${service}/apikey"; |> lib.map (service: {
value = { name = "${service}/apikey";
value = {
owner = cfg.user;
group = cfg.group;
restartUnits = ["${service}.service"];
};
})
|> lib.listToAttrs;
in
arrSecrets
// {
# "qbittorrent/password" = {};
"qbittorrent/password_hash" = {};
};
templates = let
apikeys =
arr
|> lib.map (service: {
name = "${service}/config.env";
value = {
owner = cfg.user;
group = cfg.group;
restartUnits = ["${service}.service"];
content = ''
${lib.toUpper service}__AUTH__APIKEY="${config.sops.placeholder."${service}/apikey"}"
'';
};
})
|> lib.listToAttrs;
tfvars =
arr
|> lib.map (service: {
name = "${service}/config.tfvars";
value = {
owner = cfg.user;
group = cfg.group;
restartUnits = ["${service}ApplyTerraform.service"];
content = ''
api_key = "${config.sops.placeholder."${service}/apikey"}"
'';
};
})
|> lib.listToAttrs;
qbittorrent = {
"qbittorrent/password.conf" = {
owner = cfg.user; owner = cfg.user;
group = cfg.group; group = cfg.group;
restartUnits = [ "${service}.service" ]; restartUnits = ["qbittorrent.service"];
path = "${config.services.qbittorrent.profileDir}/qBittorrent/config/password.conf";
content = ''
[Preferences]
WebUI\Password_PBKDF2="${config.sops.placeholder."qbittorrent/password_hash"}"
'';
}; };
}) };
|> lib.listToAttrs in
; apikeys // tfvars // qbittorrent;
templates =
let
apikeys =
arr
|> lib.map (service: {
name = "${service}/config.env";
value = {
owner = cfg.user;
group = cfg.group;
restartUnits = [ "${service}.service" ];
content = ''
${lib.toUpper service}__AUTH__APIKEY="${config.sops.placeholder."${service}/apikey"}"
'';
};
})
|> lib.listToAttrs;
tfvars =
arr
|> lib.map(service: {
name = "${service}/config.tfvars";
value = {
owner = cfg.user;
group = cfg.group;
restartUnits = [ "${service}ApplyTerraform.service" ];
content = ''
api_key = "${config.sops.placeholder."${service}/apikey"}"
'';
};
})
|> lib.listToAttrs;
in
apikeys // tfvars
;
}; };
}; };
} }

86
modules/nixos/services/media/mydia/default.nix Normal file
View file

@ -0,0 +1,86 @@
{
config,
lib,
namespace,
inputs,
system,
...
}: let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.services.media.mydia;
in {
imports = [
inputs.mydia.nixosModules.default
];
options.${namespace}.services.media.mydia = {
enable = mkEnableOption "Enable Mydia";
};
config = mkIf cfg.enable {
services.mydia = {
enable = true;
port = 2010;
listenAddress = "0.0.0.0";
openFirewall = true;
mediaLibraries = [
"/var/mydia/movies"
"/var/mydia/series"
];
database = {
# type = "sqlite";
# uri = "file:///var/lib/mydia/mydia.db";
type = "postgres";
uri = "postgres://mydia@localhost:5432/mydia?sslmode=disable";
passwordFile = config.sops.secrets."mydia/qbittorrent_password".path;
};
secretKeyBaseFile = config.sops.secrets."mydia/secret_key_base".path;
guardianSecretKeyFile = config.sops.secrets."mydia/guardian_secret".path;
oidc = {
enable = true;
issuer = "https://auth.kruining.eu";
clientIdFile = config.sops.secrets."mydia/oidc_id".path;
clientSecretFile = config.sops.secrets."mydia/oidc_secret".path;
scopes = ["openid" "profile" "email"];
};
downloadClients = {
qbittorrent = {
type = "qbittorrent";
host = "localhost";
port = 2008;
username = "admin";
passwordFile = config.sops.secrets."mydia/qbittorrent_password".path;
useSsl = false;
};
};
};
sops.secrets = let
base =
["secret_key_base" "guardian_secret" "oidc_id" "oidc_secret"]
|> lib.map (name:
lib.nameValuePair "mydia/${name}" {
owner = config.services.mydia.user;
group = config.services.mydia.group;
restartUnits = ["mydia.service"];
})
|> lib.listToAttrs;
in
base
// {
"mydia/qbittorrent_password" = {
owner = config.services.mydia.user;
group = config.services.mydia.group;
restartUnits = ["mydia.service"];
key = "qbittorrent/password";
};
};
};
}

103
modules/nixos/services/media/servarr/default.nix
View file

@ -1,14 +1,20 @@
{ pkgs, config, lib, namespace, inputs, system, ... }: {
let pkgs,
config,
lib,
namespace,
inputs,
system,
...
}: let
inherit (builtins) toString; inherit (builtins) toString;
inherit (lib) mkIf mkEnableOption mkOption types; inherit (lib) mkIf mkEnableOption mkOption types;
cfg = config.${namespace}.services.media.servarr; cfg = config.${namespace}.services.media.servarr;
in in {
{
options.${namespace}.services.media = { options.${namespace}.services.media = {
servarr = mkOption { servarr = mkOption {
type = types.attrsOf (types.submodule ({ name, ... }: { type = types.attrsOf (types.submodule ({name, ...}: {
options = { options = {
enable = mkEnableOption "Enable ${name}"; enable = mkEnableOption "Enable ${name}";
debug = mkEnableOption "Use tofu plan instead of tofu apply for ${name} "; debug = mkEnableOption "Use tofu plan instead of tofu apply for ${name} ";
@ -30,7 +36,11 @@ in
config = { config = {
services = services =
cfg cfg
|> lib.mapAttrsToList (service: { enable, port, ... }: (mkIf enable { |> lib.mapAttrsToList (service: {
enable,
port,
...
}: (mkIf enable {
"${service}" = { "${service}" = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
@ -58,31 +68,44 @@ in
}; };
})) }))
|> lib.mergeAttrsList |> lib.mergeAttrsList
|> (set: set // { |> (set:
postgres = { set
ensureDatabases = cfg |> lib.attrNames; // {
ensureUsers = cfg |> lib.attrNames |> lib.map (service: { postgresql = {
name = service; ensureDatabases = cfg |> lib.attrNames;
ensureDBOwnership = true; ensureUsers =
}); cfg
}; |> lib.attrNames
}) |> lib.map (service: {
; name = service;
ensureDBOwnership = true;
});
};
});
systemd = systemd =
cfg cfg
|> lib.mapAttrsToList (service: { enable, debug, port, rootFolders, ... }: (mkIf enable { |> lib.mapAttrsToList (service: {
enable,
debug,
port,
rootFolders,
...
}: (mkIf enable {
tmpfiles.rules = [ tmpfiles.rules = [
"d /var/lib/${service}ApplyTerraform 0755 ${service} ${service} -" "d /var/lib/${service}ApplyTerraform 0755 ${service} ${service} -"
]; ];
services."${service}ApplyTerraform" = services."${service}ApplyTerraform" = let
let
terraformConfiguration = inputs.terranix.lib.terranixConfiguration { terraformConfiguration = inputs.terranix.lib.terranixConfiguration {
inherit system; inherit system;
modules = [ modules = [
({ config, lib, ... }: { ({
config,
lib,
...
}: {
config = { config = {
variable = { variable = {
api_key = { api_key = {
@ -104,20 +127,18 @@ in
resource = { resource = {
"${service}_root_folder" = "${service}_root_folder" =
rootFolders rootFolders
|> lib.imap (i: f: lib.nameValuePair "local${toString i}" { path = f; }) |> lib.imap (i: f: lib.nameValuePair "local${toString i}" {path = f;})
|> lib.listToAttrs |> lib.listToAttrs;
;
}; };
}; };
}) })
]; ];
}; };
in in {
{
description = "${service} terraform apply"; description = "${service} terraform apply";
wantedBy = [ "multi-user.target" ]; wantedBy = ["multi-user.target"];
wants = [ "${service}.service" ]; wants = ["${service}.service"];
script = '' script = ''
#!/usr/bin/env bash #!/usr/bin/env bash
@ -141,7 +162,11 @@ in
# Run the infrastructure code # Run the infrastructure code
${lib.getExe pkgs.opentofu} \ ${lib.getExe pkgs.opentofu} \
${if debug then "plan" else "apply -auto-approve"} \ ${
if debug
then "plan"
else "apply -auto-approve"
} \
-var-file='${config.sops.templates."${service}/config.tfvars".path}' -var-file='${config.sops.templates."${service}/config.tfvars".path}'
''; '';
@ -158,31 +183,29 @@ in
}; };
}; };
})) }))
|> lib.mergeAttrsList |> lib.mergeAttrsList;
;
users.users = users.users =
cfg cfg
|> lib.mapAttrsToList (service: { enable, ... }: (mkIf enable { |> lib.mapAttrsToList (service: {enable, ...}: (mkIf enable {
"${service}".extraGroups = [ "media" ]; "${service}".extraGroups = ["media"];
})) }))
|> lib.mergeAttrsList |> lib.mergeAttrsList;
;
sops = sops =
cfg cfg
|> lib.mapAttrsToList (service: { enable, ... }: (mkIf enable { |> lib.mapAttrsToList (service: {enable, ...}: (mkIf enable {
secrets."${service}/apikey" = { secrets."${service}/apikey" = {
owner = service; owner = service;
group = service; group = service;
restartUnits = [ "${service}.service" ]; restartUnits = ["${service}.service"];
}; };
templates = { templates = {
"${service}/config.env" = { "${service}/config.env" = {
owner = service; owner = service;
group = service; group = service;
restartUnits = [ "${service}.service" ]; restartUnits = ["${service}.service"];
content = '' content = ''
${lib.toUpper service}__AUTH__APIKEY="${config.sops.placeholder."${service}/apikey"}" ${lib.toUpper service}__AUTH__APIKEY="${config.sops.placeholder."${service}/apikey"}"
''; '';
@ -191,18 +214,16 @@ in
"${service}/config.tfvars" = { "${service}/config.tfvars" = {
owner = service; owner = service;
group = service; group = service;
restartUnits = [ "${service}.service" ]; restartUnits = ["${service}.service"];
content = '' content = ''
api_key = "${config.sops.placeholder."${service}/apikey"}" api_key = "${config.sops.placeholder."${service}/apikey"}"
''; '';
}; };
}; };
})) }))
|> lib.mergeAttrsList |> lib.mergeAttrsList;
;
}; };
# cfg # cfg
# |> lib.mapAttrsToList (service: { enable, debug, port, rootFolders, ... }: (mkIf enable { # |> lib.mapAttrsToList (service: { enable, debug, port, rootFolders, ... }: (mkIf enable {

129
modules/nixos/services/security/vaultwarden/default.nix
View file

@ -1,25 +1,31 @@
{ pkgs, config, lib, namespace, ... }: {
let pkgs,
config,
lib,
namespace,
...
}: let
inherit (builtins) toString; inherit (builtins) toString;
inherit (lib) mkIf mkEnableOption mkOption types getAttrs toUpper concatMapAttrsStringSep; inherit (lib) mkIf mkEnableOption mkOption types getAttrs toUpper concatMapAttrsStringSep;
cfg = config.${namespace}.services.security.vaultwarden; cfg = config.${namespace}.services.security.vaultwarden;
databaseProviderSqlite = types.submodule ({ ... }: { databaseProviderSqlite = types.submodule ({...}: {
options = { options = {
type = mkOption { type = mkOption {
type = types.enum [ "sqlite" ]; type = types.enum ["sqlite"];
}; };
file = mkOption { file = mkOption {
type = types.str; type = types.path;
description = ''''; description = ''
Path to sqlite database file.
'';
}; };
}; };
}); });
databaseProviderPostgresql = types.submodule ({ ... }: databaseProviderPostgresql = types.submodule ({...}: let
let
urlOptions = lib.${namespace}.options.mkUrlOptions { urlOptions = lib.${namespace}.options.mkUrlOptions {
host = { host = {
description = '' description = ''
@ -40,36 +46,36 @@ let
example = "postgres"; example = "postgres";
}; };
}; };
in in {
{ options =
options = { {
type = mkOption { type = mkOption {
type = types.enum [ "postgresql" ]; type = types.enum ["postgresql"];
}; };
sslMode = mkOption { sslMode = mkOption {
type = types.enum [ "verify-ca" "verify-full" "require" "prefer" "allow" "disabled" ]; type = types.enum ["verify-ca" "verify-full" "require" "prefer" "allow" "disabled"];
default = "verify-full"; default = "verify-full";
example = "verify-ca"; example = "verify-ca";
description = '' description = ''
How to verify the server's ssl How to verify the server's ssl
| mode | eavesdropping protection | MITM protection | Statement | | mode | eavesdropping protection | MITM protection | Statement |
|-------------|--------------------------|----------------------|---------------------------------------------------------------------------------------------------------------------------------------------| |-------------|--------------------------|----------------------|---------------------------------------------------------------------------------------------------------------------------------------------|
| disable | No | No | I don't care about security, and I don't want to pay the overhead of encryption. | | disable | No | No | I don't care about security, and I don't want to pay the overhead of encryption. |
| allow | Maybe | No | I don't care about security, but I will pay the overhead of encryption if the server insists on it. | | allow | Maybe | No | I don't care about security, but I will pay the overhead of encryption if the server insists on it. |
| prefer | Maybe | No | I don't care about encryption, but I wish to pay the overhead of encryption if the server supports it. | | prefer | Maybe | No | I don't care about encryption, but I wish to pay the overhead of encryption if the server supports it. |
| require | Yes | No | I want my data to be encrypted, and I accept the overhead. I trust that the network will make sure I always connect to the server I want. | | require | Yes | No | I want my data to be encrypted, and I accept the overhead. I trust that the network will make sure I always connect to the server I want. |
| verify-ca | Yes | Depends on CA policy | I want my data encrypted, and I accept the overhead. I want to be sure that I connect to a server that I trust. | | verify-ca | Yes | Depends on CA policy | I want my data encrypted, and I accept the overhead. I want to be sure that I connect to a server that I trust. |
| verify-full | Yes | Yes | I want my data encrypted, and I accept the overhead. I want to be sure that I connect to a server I trust, and that it's the one I specify. | | verify-full | Yes | Yes | I want my data encrypted, and I accept the overhead. I want to be sure that I connect to a server I trust, and that it's the one I specify. |
[Source](https://www.postgresql.org/docs/current/libpq-ssl.html#LIBPQ-SSL-SSLMODE-STATEMENTS) [Source](https://www.postgresql.org/docs/current/libpq-ssl.html#LIBPQ-SSL-SSLMODE-STATEMENTS)
''; '';
}; };
} // (urlOptions |> getAttrs [ "protocol" "host" "port" ]); }
// (urlOptions |> getAttrs ["protocol" "host" "port"]);
}); });
in in {
{
options.${namespace}.services.security.vaultwarden = { options.${namespace}.services.security.vaultwarden = {
enable = mkEnableOption "enable vaultwarden"; enable = mkEnableOption "enable vaultwarden";
@ -136,7 +142,7 @@ in
postgresql = { postgresql = {
enable = true; enable = true;
ensureDatabases = [ "vaultwarden" ]; ensureDatabases = ["vaultwarden"];
ensureUsers = [ ensureUsers = [
{ {
name = "vaultwarden"; name = "vaultwarden";
@ -171,7 +177,7 @@ in
owner = config.users.users.vaultwarden.name; owner = config.users.users.vaultwarden.name;
group = config.users.users.vaultwarden.name; group = config.users.users.vaultwarden.name;
key = "email/chris_kruining_eu"; key = "email/chris_kruining_eu";
restartUnits = [ "vaultwarden.service" ]; restartUnits = ["vaultwarden.service"];
}; };
}; };
@ -183,34 +189,31 @@ in
owner = config.users.users.vaultwarden.name; owner = config.users.users.vaultwarden.name;
group = config.users.groups.vaultwarden.name; group = config.users.groups.vaultwarden.name;
}; };
temp-db-output.content = temp-db-output.content = let
let config =
config = cfg.database
cfg.database |> (
|> ({ type, ... }@db: {type, ...} @ db:
if type == "sqlite" then if type == "sqlite"
{ inherit (db) type file; } then {inherit (db) type file;}
else if type == "postgresql" then else if type == "postgresql"
{ then {
inherit (db) type; inherit (db) type;
url = lib.${namespace}.strings.toUrl { url = lib.${namespace}.strings.toUrl {
inherit (db) protocol host port; inherit (db) protocol host port;
path = "vaultwarden"; path = "vaultwarden";
query = { query = {
sslmode = db.sslMode; sslmode = db.sslMode;
};
}; };
} };
else }
{} else {}
) )
|> concatMapAttrsStringSep "\n" (n: v: "${toUpper n}=${v}") |> concatMapAttrsStringSep "\n" (n: v: "${toUpper n}=${v}");
; in ''
in # GENERATED VALUES
'' ${config}
# GENERATED VALUES '';
${config}
'';
}; };
}; };
}; };

4
modules/nixos/shells/default.nix
View file

@ -1,2 +1,2 @@
{ ... }: {...}: {
{} }

15
shells/default/default.nix
View file

@ -1,5 +1,10 @@
{ mkShell, inputs, pkgs, ... }: {
mkShell,
inputs,
pkgs,
stdenv,
...
}:
mkShell { mkShell {
packages = with pkgs; [ packages = with pkgs; [
bash bash
@ -7,6 +12,10 @@ mkShell {
just just
yq yq
pwgen pwgen
inputs.clan-core.packages.x86_64-linux.clan-cli alejandra
nil
nixd
openssl
inputs.clan-core.packages.${stdenv.hostPlatform.system}.clan-cli
]; ];
} }

59
systems/x86_64-linux/ulmo/default.nix
View file

@ -1,5 +1,4 @@
{ ... }: {...}: {
{
imports = [ imports = [
./disks.nix ./disks.nix
./hardware.nix ./hardware.nix
@ -8,7 +7,10 @@
networking = { networking = {
interfaces.enp2s0 = { interfaces.enp2s0 = {
ipv6.addresses = [ ipv6.addresses = [
{ address = "2a0d:6e00:1dc9:0::dead:beef"; prefixLength = 64; } {
address = "2a0d:6e00:1dc9:0::dead:beef";
prefixLength = 64;
}
]; ];
useDHCP = true; useDHCP = true;
@ -51,8 +53,8 @@
firstName = "Chris"; firstName = "Chris";
lastName = "Kruining"; lastName = "Kruining";
roles = [ "ORG_OWNER" ]; roles = ["ORG_OWNER"];
instanceRoles = [ "IAM_OWNER" ]; instanceRoles = ["IAM_OWNER"];
}; };
kaas = { kaas = {
@ -78,27 +80,27 @@
}; };
assign = { assign = {
chris = [ "jellyfin" "jellyfin_admin" ]; chris = ["jellyfin" "jellyfin_admin"];
kaas = [ "jellyfin" ]; kaas = ["jellyfin"];
}; };
application = { application = {
jellyfin = { jellyfin = {
redirectUris = [ "https://jellyfin.kruining.eu/sso/OID/redirect/zitadel" ]; redirectUris = ["https://jellyfin.kruining.eu/sso/OID/redirect/zitadel"];
grantTypes = [ "authorizationCode" ]; grantTypes = ["authorizationCode"];
responseTypes = [ "code" ]; responseTypes = ["code"];
}; };
forgejo = { forgejo = {
redirectUris = [ "https://git.amarth.cloud/user/oauth2/zitadel/callback" ]; redirectUris = ["https://git.amarth.cloud/user/oauth2/zitadel/callback"];
grantTypes = [ "authorizationCode" ]; grantTypes = ["authorizationCode"];
responseTypes = [ "code" ]; responseTypes = ["code"];
}; };
vaultwarden = { vaultwarden = {
redirectUris = [ "https://vault.kruining.eu/identity/connect/oidc-signin" ]; redirectUris = ["https://vault.kruining.eu/identity/connect/oidc-signin"];
grantTypes = [ "authorizationCode" ]; grantTypes = ["authorizationCode"];
responseTypes = [ "code" ]; responseTypes = ["code"];
exportMap = { exportMap = {
client_id = "SSO_CLIENT_ID"; client_id = "SSO_CLIENT_ID";
client_secret = "SSO_CLIENT_SECRET"; client_secret = "SSO_CLIENT_SECRET";
@ -106,9 +108,15 @@
}; };
matrix = { matrix = {
redirectUris = [ "https://matrix.kruining.eu/_synapse/client/oidc/callback" ]; redirectUris = ["https://matrix.kruining.eu/_synapse/client/oidc/callback"];
grantTypes = [ "authorizationCode" ]; grantTypes = ["authorizationCode"];
responseTypes = [ "code" ]; responseTypes = ["code"];
};
mydia = {
redirectUris = ["http://localhost:2010/auth/oidc/callback"];
grantTypes = ["authorizationCode"];
responseTypes = ["code"];
}; };
}; };
}; };
@ -131,8 +139,16 @@
}; };
triggers = [ triggers = [
{ flowType = "customiseToken"; triggerType = "preUserinfoCreation"; actions = [ "flattenRoles" ]; } {
{ flowType = "customiseToken"; triggerType = "preAccessTokenCreation"; actions = [ "flattenRoles" ]; } flowType = "customiseToken";
triggerType = "preUserinfoCreation";
actions = ["flattenRoles"];
}
{
flowType = "customiseToken";
triggerType = "preAccessTokenCreation";
actions = ["flattenRoles"];
}
]; ];
}; };
}; };
@ -146,6 +162,7 @@
media.enable = true; media.enable = true;
media.homer.enable = true; media.homer.enable = true;
media.mydia.enable = true;
media.nfs.enable = true; media.nfs.enable = true;
media.servarr = { media.servarr = {
# radarr = { # radarr = {

12
systems/x86_64-linux/ulmo/secrets.yml
View file

@ -19,6 +19,14 @@ lidarr:
apikey: ENC[AES256_GCM,data:I2eKaxidmxem7C7ukmyIfwASNqrkS4vEOiCcU5kSNY6DR0pXsYg0PBdgu8vzK6llbXODLdG5t55BordIWvVRJGAauo0FMvtp59NSNpza7cK68tdKGvNefD6bqhUIR06BY11niQ==,iv:48AD7cd17TlWY5yAagepLOIVwgxhD/d13Pnup6GsWDA=,tag:teOVtW8opE99hqAXQwvlrA==,type:str] apikey: ENC[AES256_GCM,data:I2eKaxidmxem7C7ukmyIfwASNqrkS4vEOiCcU5kSNY6DR0pXsYg0PBdgu8vzK6llbXODLdG5t55BordIWvVRJGAauo0FMvtp59NSNpza7cK68tdKGvNefD6bqhUIR06BY11niQ==,iv:48AD7cd17TlWY5yAagepLOIVwgxhD/d13Pnup6GsWDA=,tag:teOVtW8opE99hqAXQwvlrA==,type:str]
prowlarr: prowlarr:
apikey: ENC[AES256_GCM,data:pyZ2WGEs/PlIdhDsQq2TPGJbplkd5fLF0ZkBjITqIJlnAzYHb+rl+KOM4rHqQcI6yAJM8X1Y3ymGrD7vG7GiRxB7yoEG13SKhZIWOddTnxIhbkz81RfrL2fUJIydOaP6sS//9Q==,iv:Tr6MWoC6nC7rdVTOjT1T2itT+lVL4GnUiAr5/+IHAs0=,tag:keIJNuGeVht8+xSN3FnBGA==,type:str] apikey: ENC[AES256_GCM,data:pyZ2WGEs/PlIdhDsQq2TPGJbplkd5fLF0ZkBjITqIJlnAzYHb+rl+KOM4rHqQcI6yAJM8X1Y3ymGrD7vG7GiRxB7yoEG13SKhZIWOddTnxIhbkz81RfrL2fUJIydOaP6sS//9Q==,iv:Tr6MWoC6nC7rdVTOjT1T2itT+lVL4GnUiAr5/+IHAs0=,tag:keIJNuGeVht8+xSN3FnBGA==,type:str]
mydia:
oidc_id: ENC[AES256_GCM,data:LfYWh9EC0aio3w1Xsj/jtU6z,iv:+dX9KkNtfQMYSX4yr83KyXalWMD/aWby7fC8aL4ZT3I=,tag:CvdbMoMTuC9FohTMIE5pmg==,type:str]
oidc_secret: ENC[AES256_GCM,data:PgI4hmP/3wt9uj+1QvCYcT8Wav0hgCRADouzWM3V695SSfXfbwDgez8tA/tm1/1jymAU2F2sZH8G2hZ1cdHyHQ==,iv:h3o3jsTmnoNE3+mGX12J3ZU0/6PlQNjdndEvaj/czj0=,tag:p3+p4E8fBtR7a8UpM8cUsg==,type:str]
secret_key_base: ENC[AES256_GCM,data:yG7HJ5r74Qtxbeyf8F6dA0uHv2pQ8YAJKlKiKjS+m24JRvJWQaTThJ+c5HbuUa6R3e9XtVHchhlVPkF0Is/b+g==,iv:v65xdRr4JdKZmBtjZ08/J3LLqnphSGt9QfVPNQ2x/xg=,tag:n7tD2dhr4IJn1LWM9WW8UA==,type:str]
guardian_secret: ENC[AES256_GCM,data:OjnNFSHlecL+qXwlhTm++itRM6ga5E5KrSJxbgIUpbMEkIWgu3xhRtnPdipXbedgall0XdO/s+jnWCagZX94BA==,iv:DukdKvm9vey8BWUiml20tgA/Vji1XVX4+sUPge9nTk0=,tag:q3HdvgUYqR0APiaFz0ul5Q==,type:str]
qbittorrent:
password_hash: ENC[AES256_GCM,data:QWuQYmfBn9eLDYztH7TmQvw74MvmzCQ98OlBtyjm1Icr2c63epRuHWzQbm+Q+1jrCSiQreOB3ZyjLzkeV6SlLonryUSD71uBWVwctgPXO0XDrxE1Vi6dkiwC3TF65JTMDhyjDLEj1YkiMP25Fz5NidJTP/r9GlXTfM7gjWo=,iv:bpgL5IoAv+1PUtgNIjLcbzN8C9z55ndypz4LEELAhLc=,tag:VB+XTCwLeIEYKnOr/0f7zA==,type:str]
password: ENC[AES256_GCM,data:UepYY6UjJV/jo2aXTOEnKRtsjSqOSYPQlKlrAa7rf9rdnt2UXGjCkvN+A72pICuIBCAmhXZBAUMvmWTV9trk6NREHe0cY1xTC7pNv3x9TM/ZQmH498pbT/95pYAKwouHp9heJQ==,iv:FzjF+xPoaOp+gplxpz940V2dkWSTWe8dWUxexCoxxHc=,tag:TDZsboq9fEmmBrwJN/HTpQ==,type:str]
sops: sops:
age: age:
- recipient: age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq - recipient: age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq
@ -39,7 +47,7 @@ sops:
TTRWaHhpNWlkVDFmMFN4ZTNHMUxyNVkKV693pzTKRkZboQCMPr9IyMGSgxfuHXcb TTRWaHhpNWlkVDFmMFN4ZTNHMUxyNVkKV693pzTKRkZboQCMPr9IyMGSgxfuHXcb
Y6BNcp6Qg6PWtX5QI7wRkPNINAK1TEbRBba+b8h6gMmVU4DliQyFiQ== Y6BNcp6Qg6PWtX5QI7wRkPNINAK1TEbRBba+b8h6gMmVU4DliQyFiQ==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-11-19T09:51:26Z" lastmodified: "2025-12-04T11:24:52Z"
mac: ENC[AES256_GCM,data:pMMkxHPochpI8si/oHhU7MHqC1JjNhMP7HCRNQQEkwBQI489xiC02t+qUwpmG4oIheqi8lEcZPpL4t9HzRN9sZImaI2LrJn3cHFojHzXzo7FPfvfUilZe1+JXLfm+wn+bflAEutIcfDiZc/MjiKOxRHwZy5Pr41Mj6uPIUr62zk=,iv:GwvMVgJ6m1DQcRZMVzshbuMK/Kx8vE8Ym83KbxuvYRg=,tag:wVSol9LDRzoFjQppB8J9gA==,type:str] mac: ENC[AES256_GCM,data:jIgkl1lcVDSlKqJs9fjaHUAZsGL+22T86/qqKyDziHl0+VU763Ezwm8P+la+55jIIT2zLhFcUjhn2BabBi90OeEPztAC4rGpZj6+ZZ0GDCj/JhjPAAo3LgAKOCG0Xgf8MZWr/rXd6bLhW7Qj36PMJnap26rjEiUZeSvpWS2dz8g=,iv:CDx8fBI9Dl1uwrbMD1fa7/h3C7haK3xZxJI59mtL1LA=,tag:2UDRFJoevGEBKZA/9eUiOw==,type:str]
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.11.0 version: 3.11.0