joeri/nixos-public
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: joeri:e74d732703e1e30f90bd8623fd8260ae7a144176
Branches Tags
joeri:master
...
compare: joeri:7dbb5b33f022588b06bd42998e2229335a8b3ad9
Branches Tags
joeri:master

2 commits
e74d732703 ... 7dbb5b33f0

Author SHA1 Message Date
Joeri Exelmans
7dbb5b33f0 merge 2025-09-23 15:14:34 +02:00
Joeri Exelmans
85ebf3c113 add icomidal service to deemz.org 2025-09-23 15:10:58 +02:00
3 changed files with 43 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

13
deemz.org/configuration.nix
View file

@ -2,7 +2,7 @@
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help). # and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }: { config, pkgs, icomidal, ... }:
let secrets = import ../secrets.nix; in let secrets = import ../secrets.nix; in
{ {
imports = imports =
@ -20,6 +20,7 @@ let secrets = import ../secrets.nix; in
]; ];
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# Use the systemd-boot EFI boot loader. # Use the systemd-boot EFI boot loader.
#boot.loader.grub.device = "/dev/sda"; #boot.loader.grub.device = "/dev/sda";
@ -62,7 +63,7 @@ let secrets = import ../secrets.nix; in
services.xserver.xkb.options = "eurosign:e"; services.xserver.xkb.options = "eurosign:e";
security.rtkit.enable = true; security.rtkit.enable = true;
services.pulseaudio.enable = false; #services.pulseaudio.enable = false;
services.pipewire = { services.pipewire = {
enable = true; enable = true;
alsa.enable = true; alsa.enable = true;
@ -187,8 +188,12 @@ let secrets = import ../secrets.nix; in
systemCronJobs = [ systemCronJobs = [
# Update DuckDNS - use 'journalctl -e' to see logged output (should log 'OK' every 5 minutes) # Update DuckDNS - use 'journalctl -e' to see logged output (should log 'OK' every 5 minutes)
"*/5 * * * * duckdns curl 'https://www.duckdns.org/update?domains=mstro&token=${secrets.duckdns_token}&ip=' | systemd-cat -t 'duckdns'" "*/5 * * * * duckdns curl 'https://www.duckdns.org/update?domains=mstro&token=${secrets.duckdns_token}&ip=' | systemd-cat -t 'duckdns'"
# Update CloudFlare DNS # Update CloudFlare DNS
"*/1 * * * * cloudflare-dns curl --request PUT --url https://api.cloudflare.com/client/v4/zones/${secrets.cloudflare_zone_id}/dns_records/${secrets.cloudflare_dns_record_id} --header 'Content-Type: application/json' --header 'Authorization: Bearer ${secrets.cloudflare_api_token}' --data '{ \"comment\": \"Domain verification record\", \"name\": \"@\", \"proxied\": false, \"settings\": {}, \"tags\": [], \"ttl\": 60, \"content\": \"'$(curl https://ipinfo.io/ip)'\", \"type\": \"A\" }' | jq -r '.success' | systemd-cat -t 'cloudflare-dns'" "*/1 * * * * cloudflare-dns curl --request PUT --url https://api.cloudflare.com/client/v4/zones/${secrets.cloudflare_zone_id}/dns_records/${secrets.cloudflare_dns_record_id} --header 'Content-Type: application/json' --header 'Authorization: Bearer ${secrets.cloudflare_api_token}' --data '{ \"comment\": \"Domain verification record\", \"name\": \"@\", \"proxied\": false, \"settings\": {}, \"tags\": [], \"ttl\": 60, \"content\": \"'$(curl https://ipinfo.io/ip)'\", \"type\": \"A\" }' | jq -r '.success' | systemd-cat -t 'cloudflare-dns'"
# Update iComidal - every morning at 5:30
"30 5 * * * duckdns ${icomidal}/bin/icomidal >> /schijf/public/komida.ics"
]; ];
}; };
@ -226,7 +231,7 @@ let secrets = import ../secrets.nix; in
basicAuth = userlist; basicAuth = userlist;
extraConfig = '' extraConfig = ''
autoindex on; autoindex on;
add_header Cache-Control max-age=172800 add_header Cache-Control max-age=172800;
''; '';
proxyWebsockets = true; proxyWebsockets = true;
}; };
@ -274,7 +279,7 @@ let secrets = import ../secrets.nix; in
extraConfig = '' extraConfig = ''
charset UTF-8; charset UTF-8;
disable_symlinks off; disable_symlinks off;
more_set_headers 'Server: nginx on NixOS'; more_set_headers 'Server: NIXOS';
''; '';
}; };
in { in {

33
flake.lock generated
View file

@ -1,12 +1,32 @@
{ {
"nodes": { "nodes": {
"icomidal": {
"inputs": {
"nixpkgs": [
"nixpkgs-stable"
]
},
"locked": {
"lastModified": 1758628924,
"narHash": "sha256-95sfywK2SW7gyFOmdTaUElnH/ad/Vf1ahRPkcyr3bPQ=",
"ref": "refs/heads/master",
"rev": "1aa2e6087099858c1234fe91f3a4893d98162308",
"revCount": 5,
"type": "git",
"url": "https://deemz.org/git/joeri/icomidal"
},
"original": {
"type": "git",
"url": "https://deemz.org/git/joeri/icomidal"
}
},
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1749086602, "lastModified": 1758346548,
"narHash": "sha256-DJcgJMekoxVesl9kKjfLPix2Nbr42i7cpEHJiTnBUwU=", "narHash": "sha256-afXE7AJ7MY6wY1pg/Y6UPHNYPy5GtUKeBkrZZ/gC71E=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "4792576cb003c994bd7cc1edada3129def20b27d", "rev": "b2a3852bd078e68dd2b3dfa8c00c67af1f0a7d20",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -18,11 +38,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1745930157, "lastModified": 1758427187,
"narHash": "sha256-y3h3NLnzRSiUkYpnfvnS669zWZLoqqI6NprtLQ+5dck=", "narHash": "sha256-pHpxZ/IyCwoTQPtFIAG2QaxuSm8jWzrzBGjwQZIttJc=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "46e634be05ce9dc6d4db8e664515ba10b78151ae", "rev": "554be6495561ff07b6c724047bdd7e0716aa7b46",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -34,6 +54,7 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"icomidal": "icomidal",
"nixpkgs-stable": "nixpkgs-stable", "nixpkgs-stable": "nixpkgs-stable",
"nixpkgs-unstable": "nixpkgs-unstable" "nixpkgs-unstable": "nixpkgs-unstable"
} }

10
flake.nix
View file

@ -4,9 +4,13 @@
inputs = { inputs = {
nixpkgs-stable.url = "github:nixos/nixpkgs?ref=nixos-25.05"; nixpkgs-stable.url = "github:nixos/nixpkgs?ref=nixos-25.05";
nixpkgs-unstable.url = "github:nixos/nixpkgs?ref=nixos-unstable"; nixpkgs-unstable.url = "github:nixos/nixpkgs?ref=nixos-unstable";
icomidal = {
url = "git+https://deemz.org/git/joeri/icomidal";
inputs.nixpkgs.follows = "nixpkgs-stable";
};
}; };
outputs = { self, nixpkgs-stable, nixpkgs-unstable }: outputs = { self, nixpkgs-stable, nixpkgs-unstable, icomidal }:
let let
system = "x86_64-linux"; system = "x86_64-linux";
in { in {
@ -17,8 +21,8 @@
./t14/configuration.nix ./t14/configuration.nix
]; ];
}; };
deemz = nixpkgs-unstable.lib.nixosSystem { deemz = nixpkgs-stable.lib.nixosSystem {
specialArgs = { inherit system; }; specialArgs = { inherit system; icomidal=icomidal; };
modules = [ modules = [
./deemz.org/configuration.nix ./deemz.org/configuration.nix
]; ];