Headscale is an open server for tailscale. Clicks, another group I work on nix stuff with, has a module which makes it extremely easy to set up a headscale server. I've spent a while over the past week making it safe to import, and it's finally ready for Auxolotl to have! We want to use headscale for internal communication between servers, so it's OK to avoid setting up OIDC ... similarly, the only people who are on the headscale should be relatively-well trusted. The expectation is that to start with, this will be people who want to run buildbot workers
This commit is contained in:
parent
e290667c89
commit
1666065809
483
flake.lock
483
flake.lock
|
@ -44,6 +44,97 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"agenix-rekey_2": {
|
||||||
|
"inputs": {
|
||||||
|
"devshell": "devshell_2",
|
||||||
|
"flake-utils": "flake-utils_3",
|
||||||
|
"nixpkgs": [
|
||||||
|
"clicks",
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"pre-commit-hooks": "pre-commit-hooks_2"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1722597419,
|
||||||
|
"narHash": "sha256-YbMzll0Dh2ln/TryDP+S3IGm8nRHkzcSQIubI4ZEOAw=",
|
||||||
|
"owner": "oddlama",
|
||||||
|
"repo": "agenix-rekey",
|
||||||
|
"rev": "126b4a5133eb361cbf5bf90e44c71b6f830845ec",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "oddlama",
|
||||||
|
"repo": "agenix-rekey",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"agenix_2": {
|
||||||
|
"inputs": {
|
||||||
|
"darwin": "darwin_2",
|
||||||
|
"home-manager": "home-manager_2",
|
||||||
|
"nixpkgs": "nixpkgs_3",
|
||||||
|
"systems": "systems_5"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1722339003,
|
||||||
|
"narHash": "sha256-ZeS51uJI30ehNkcZ4uKqT4ZDARPyqrHADSKAwv5vVCU=",
|
||||||
|
"owner": "ryantm",
|
||||||
|
"repo": "agenix",
|
||||||
|
"rev": "3f1dae074a12feb7327b4bf43cbac0d124488bb7",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "ryantm",
|
||||||
|
"repo": "agenix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"aux--docs-site": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-utils": "flake-utils_4",
|
||||||
|
"nixpkgs": [
|
||||||
|
"clicks",
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"snowfall-lib": [
|
||||||
|
"clicks",
|
||||||
|
"snowfall-lib"
|
||||||
|
],
|
||||||
|
"wiki": [
|
||||||
|
"clicks",
|
||||||
|
"aux--wiki"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1716650000,
|
||||||
|
"narHash": "sha256-JmR6GR0gzSvtz4BdcfickEqU2m9jBIzzP0XDWA1llZA=",
|
||||||
|
"ref": "refs/heads/main",
|
||||||
|
"rev": "c403a8151b87654a0cb24ad28fb23edc3f78906e",
|
||||||
|
"revCount": 14,
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://git.auxolotl.org/auxolotl/docs-site"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://git.auxolotl.org/auxolotl/docs-site"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"aux--wiki": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1722641105,
|
||||||
|
"narHash": "sha256-jdDGNg/qcsFmacZQX2RoEILoRLeMRWtA7OEre1ZRDxc=",
|
||||||
|
"ref": "refs/heads/main",
|
||||||
|
"rev": "9269687c6d49976d904516120dcf84bbe659900c",
|
||||||
|
"revCount": 210,
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://git.auxolotl.org/auxolotl/wiki"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://git.auxolotl.org/auxolotl/wiki"
|
||||||
|
}
|
||||||
|
},
|
||||||
"auxolotl-website": {
|
"auxolotl-website": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
@ -85,6 +176,42 @@
|
||||||
"url": "https://git.auxolotl.org/auxolotl/buildbot-nix.git"
|
"url": "https://git.auxolotl.org/auxolotl/buildbot-nix.git"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"clicks": {
|
||||||
|
"inputs": {
|
||||||
|
"agenix": "agenix_2",
|
||||||
|
"agenix-rekey": "agenix-rekey_2",
|
||||||
|
"aux--docs-site": "aux--docs-site",
|
||||||
|
"aux--wiki": "aux--wiki",
|
||||||
|
"deploy-rs": [
|
||||||
|
"deploy-rs"
|
||||||
|
],
|
||||||
|
"flake-utils": "flake-utils_5",
|
||||||
|
"home-manager": "home-manager_3",
|
||||||
|
"impermanence": "impermanence",
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"snowfall-lib": [
|
||||||
|
"snowfall-lib"
|
||||||
|
],
|
||||||
|
"unstable": [
|
||||||
|
"unstable"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1723155917,
|
||||||
|
"narHash": "sha256-wCGcBVZs6VuE/8K0tniJk+heyeZpdpNUxBDGFk1sPvo=",
|
||||||
|
"ref": "refs/heads/main",
|
||||||
|
"rev": "4123759130ad663a3409048bbc93f3c47ae7af35",
|
||||||
|
"revCount": 51,
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://git.clicks.codes/Infra/NixFiles.git"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://git.clicks.codes/Infra/NixFiles.git"
|
||||||
|
}
|
||||||
|
},
|
||||||
"darwin": {
|
"darwin": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
@ -107,9 +234,32 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"darwin_2": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"clicks",
|
||||||
|
"agenix",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1700795494,
|
||||||
|
"narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
|
||||||
|
"owner": "lnl7",
|
||||||
|
"repo": "nix-darwin",
|
||||||
|
"rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "lnl7",
|
||||||
|
"ref": "master",
|
||||||
|
"repo": "nix-darwin",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"deploy-rs": {
|
"deploy-rs": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-compat": "flake-compat_3",
|
"flake-compat": "flake-compat_4",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
],
|
],
|
||||||
|
@ -151,6 +301,29 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"devshell_2": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"clicks",
|
||||||
|
"agenix-rekey",
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"systems": "systems_6"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1695195896,
|
||||||
|
"narHash": "sha256-pq9q7YsGXnQzJFkR5284TmxrLNFc0wo4NQ/a5E93CQU=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "devshell",
|
||||||
|
"rev": "05d40d17bf3459606316e3e9ec683b784ff28f16",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "devshell",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"flake-compat": {
|
"flake-compat": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
|
@ -184,6 +357,22 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-compat_3": {
|
"flake-compat_3": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1673956053,
|
||||||
|
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-compat_4": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1696426674,
|
"lastModified": 1696426674,
|
||||||
|
@ -199,7 +388,7 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-compat_4": {
|
"flake-compat_5": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1650374568,
|
"lastModified": 1650374568,
|
||||||
|
@ -274,7 +463,7 @@
|
||||||
},
|
},
|
||||||
"flake-utils-plus_2": {
|
"flake-utils-plus_2": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": "flake-utils_3"
|
"flake-utils": "flake-utils_6"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1715533576,
|
"lastModified": 1715533576,
|
||||||
|
@ -311,7 +500,61 @@
|
||||||
},
|
},
|
||||||
"flake-utils_3": {
|
"flake-utils_3": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"systems": "systems_6"
|
"systems": "systems_7"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1694529238,
|
||||||
|
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-utils_4": {
|
||||||
|
"inputs": {
|
||||||
|
"systems": "systems_8"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1710146030,
|
||||||
|
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-utils_5": {
|
||||||
|
"inputs": {
|
||||||
|
"systems": "systems_9"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1710146030,
|
||||||
|
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-utils_6": {
|
||||||
|
"inputs": {
|
||||||
|
"systems": "systems_11"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1694529238,
|
"lastModified": 1694529238,
|
||||||
|
@ -349,6 +592,29 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"gitignore_2": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"clicks",
|
||||||
|
"agenix-rekey",
|
||||||
|
"pre-commit-hooks",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1660459072,
|
||||||
|
"narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=",
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "gitignore.nix",
|
||||||
|
"rev": "a20de23b925fd8264fd7fad6454652e142fd7f73",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "gitignore.nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"home-manager": {
|
"home-manager": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
@ -370,6 +636,64 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"home-manager_2": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"clicks",
|
||||||
|
"agenix",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1703113217,
|
||||||
|
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "home-manager",
|
||||||
|
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "home-manager",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"home-manager_3": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"clicks",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1722630065,
|
||||||
|
"narHash": "sha256-QfM/9BMRkCmgWzrPDK+KbgJOUlSJnfX4OvsUupEUZvA=",
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "home-manager",
|
||||||
|
"rev": "afc892db74d65042031a093adb6010c4c3378422",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "home-manager",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"impermanence": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1719091691,
|
||||||
|
"narHash": "sha256-AxaLX5cBEcGtE02PeGsfscSb/fWMnyS7zMWBXQWDKbE=",
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "impermanence",
|
||||||
|
"rev": "23c1f06316b67cb5dabdfe2973da3785cfe9c34a",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "impermanence",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1703013332,
|
"lastModified": 1703013332,
|
||||||
|
@ -402,6 +726,22 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"nixpkgs-stable_2": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1685801374,
|
||||||
|
"narHash": "sha256-otaSUoFEMM+LjBI1XL/xGB5ao6IwnZOXc47qhIgJe8U=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "c37ca420157f4abc31e26f436c1145f8951ff373",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "nixos-23.05",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1721838734,
|
"lastModified": 1721838734,
|
||||||
|
@ -419,6 +759,22 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs_3": {
|
"nixpkgs_3": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1703013332,
|
||||||
|
"narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "nixos-unstable",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs_4": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1721743106,
|
"lastModified": 1721743106,
|
||||||
"narHash": "sha256-adRZhFpBTnHiK3XIELA3IBaApz70HwCYfv7xNrHjebA=",
|
"narHash": "sha256-adRZhFpBTnHiK3XIELA3IBaApz70HwCYfv7xNrHjebA=",
|
||||||
|
@ -462,14 +818,45 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"pre-commit-hooks_2": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-compat": "flake-compat_3",
|
||||||
|
"flake-utils": [
|
||||||
|
"clicks",
|
||||||
|
"agenix-rekey",
|
||||||
|
"flake-utils"
|
||||||
|
],
|
||||||
|
"gitignore": "gitignore_2",
|
||||||
|
"nixpkgs": [
|
||||||
|
"clicks",
|
||||||
|
"agenix-rekey",
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"nixpkgs-stable": "nixpkgs-stable_2"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1694364351,
|
||||||
|
"narHash": "sha256-oadhSCqopYXxURwIA6/Anpe5IAG11q2LhvTJNP5zE6o=",
|
||||||
|
"owner": "cachix",
|
||||||
|
"repo": "pre-commit-hooks.nix",
|
||||||
|
"rev": "4f883a76282bc28eb952570afc3d8a1bf6f481d7",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "cachix",
|
||||||
|
"repo": "pre-commit-hooks.nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"agenix": "agenix",
|
"agenix": "agenix",
|
||||||
"agenix-rekey": "agenix-rekey",
|
"agenix-rekey": "agenix-rekey",
|
||||||
"auxolotl-website": "auxolotl-website",
|
"auxolotl-website": "auxolotl-website",
|
||||||
"buildbot-nix": "buildbot-nix",
|
"buildbot-nix": "buildbot-nix",
|
||||||
|
"clicks": "clicks",
|
||||||
"deploy-rs": "deploy-rs",
|
"deploy-rs": "deploy-rs",
|
||||||
"nixpkgs": "nixpkgs_3",
|
"nixpkgs": "nixpkgs_4",
|
||||||
"snowfall-lib": "snowfall-lib_2",
|
"snowfall-lib": "snowfall-lib_2",
|
||||||
"unstable": "unstable"
|
"unstable": "unstable"
|
||||||
}
|
}
|
||||||
|
@ -499,23 +886,22 @@
|
||||||
},
|
},
|
||||||
"snowfall-lib_2": {
|
"snowfall-lib_2": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-compat": "flake-compat_4",
|
"flake-compat": "flake-compat_5",
|
||||||
"flake-utils-plus": "flake-utils-plus_2",
|
"flake-utils-plus": "flake-utils-plus_2",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1717625599,
|
"lastModified": 1719005984,
|
||||||
"narHash": "sha256-qX9VJizFEoiRWDEiVs5+2w4FclQNQVVPvGPESsZ1F8k=",
|
"narHash": "sha256-mpFl3Jv4fKnn+5znYXG6SsBjfXHJdRG5FEqNSPx0GLA=",
|
||||||
"owner": "snowfallorg",
|
"owner": "snowfallorg",
|
||||||
"repo": "lib",
|
"repo": "lib",
|
||||||
"rev": "5a10d2e37b6c6223763fa7c00b974875e49f93cc",
|
"rev": "c6238c83de101729c5de3a29586ba166a9a65622",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "snowfallorg",
|
"owner": "snowfallorg",
|
||||||
"ref": "dev",
|
|
||||||
"repo": "lib",
|
"repo": "lib",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
|
@ -535,6 +921,36 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"systems_10": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1681028828,
|
||||||
|
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"systems_11": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1681028828,
|
||||||
|
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"systems_2": {
|
"systems_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1681028828,
|
"lastModified": 1681028828,
|
||||||
|
@ -610,6 +1026,51 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"systems_7": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1681028828,
|
||||||
|
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"systems_8": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1681028828,
|
||||||
|
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"systems_9": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1681028828,
|
||||||
|
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"treefmt-nix": {
|
"treefmt-nix": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
@ -649,7 +1110,7 @@
|
||||||
},
|
},
|
||||||
"utils": {
|
"utils": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"systems": "systems_5"
|
"systems": "systems_10"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1701680307,
|
"lastModified": 1701680307,
|
||||||
|
|
19
flake.nix
19
flake.nix
|
@ -9,7 +9,7 @@
|
||||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||||
unstable.url = "github:nixos/nixpkgs/nixos-unstable";
|
unstable.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||||
snowfall-lib = {
|
snowfall-lib = {
|
||||||
url = "github:snowfallorg/lib/dev";
|
url = "github:snowfallorg/lib";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -28,6 +28,16 @@
|
||||||
buildbot-nix.url = "git+https://git.auxolotl.org/auxolotl/buildbot-nix.git";
|
buildbot-nix.url = "git+https://git.auxolotl.org/auxolotl/buildbot-nix.git";
|
||||||
# Do not override nixpkgs in buildbot-nix (see https://github.com/nix-community/buildbot-nix)
|
# Do not override nixpkgs in buildbot-nix (see https://github.com/nix-community/buildbot-nix)
|
||||||
|
|
||||||
|
clicks = {
|
||||||
|
url = "git+https://git.clicks.codes/Infra/NixFiles.git";
|
||||||
|
inputs = {
|
||||||
|
deploy-rs.follows = "deploy-rs";
|
||||||
|
nixpkgs.follows = "nixpkgs";
|
||||||
|
snowfall-lib.follows = "snowfall-lib";
|
||||||
|
unstable.follows = "unstable";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
deploy-rs = {
|
deploy-rs = {
|
||||||
url = "github:serokell/deploy-rs";
|
url = "github:serokell/deploy-rs";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
@ -56,7 +66,7 @@
|
||||||
inputs.agenix-rekey.nixosModules.default
|
inputs.agenix-rekey.nixosModules.default
|
||||||
inputs.buildbot-nix.nixosModules.buildbot-master
|
inputs.buildbot-nix.nixosModules.buildbot-master
|
||||||
inputs.buildbot-nix.nixosModules.buildbot-worker
|
inputs.buildbot-nix.nixosModules.buildbot-worker
|
||||||
];
|
] ++ (lib.attrsets.attrValues inputs.clicks.nixosModules);
|
||||||
|
|
||||||
deploy = lib.mkDeploy {
|
deploy = lib.mkDeploy {
|
||||||
inherit (inputs) self;
|
inherit (inputs) self;
|
||||||
|
@ -67,7 +77,10 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
agenix-rekey = inputs.agenix-rekey.configure {
|
agenix-rekey = inputs.agenix-rekey.configure {
|
||||||
userFlake = inputs.self;
|
userFlake = inputs.self // { outPath = lib.pipe "" [
|
||||||
|
lib.snowfall.fs.get-snowfall-file
|
||||||
|
(lib.strings.removeSuffix "/")
|
||||||
|
]; };
|
||||||
nodes = inputs.self.nixosConfigurations;
|
nodes = inputs.self.nixosConfigurations;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -12,7 +12,7 @@
|
||||||
"${inputs.self}/secrets/keys/minion/iyubikey.pub"
|
"${inputs.self}/secrets/keys/minion/iyubikey.pub"
|
||||||
];
|
];
|
||||||
storageMode = "local";
|
storageMode = "local";
|
||||||
generatedSecretsDir = "${inputs.self}/secrets/generated/${config.networking.hostName}";
|
generatedSecretsDir = lib.snowfall.fs.get-snowfall-file "secrets/generated/${config.networking.hostName}";
|
||||||
localStorageDir = "${inputs.self}/secrets/rekeyed/${config.networking.hostName}";
|
localStorageDir = lib.snowfall.fs.get-snowfall-file "secrets/rekeyed/${config.networking.hostName}";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,11 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> piv-p256 xE4ypg AotC1OcKc0ti5K6mtsUMYAqbatTWQDKp/2FrnOlzkjdO
|
||||||
|
0rQChKMRXxIcSYDstypsXuielQrocv4BA5A1sl13OI4
|
||||||
|
-> piv-p256 Hpt/+Q ApUzYGw2STuEvWzD9ApOVYZt6chkddNNUqMdFrHVLfob
|
||||||
|
fuEK2OPd+RZ6NyTGDkT9XDqKoRM3PKIH+7uXT2vloeQ
|
||||||
|
-> piv-p256 zfskmQ A6tQg5bZLRhR6P7Ch1OYGB+8epuYWVgY8NHVt2/duCX4
|
||||||
|
UZ/siP1+Ee5fOucjCuy9OdJdYr2+HA4UElUJKfR/Z+w
|
||||||
|
-> :98mk-F1-grease . NZ)[K^Y dH
|
||||||
|
lNVgE+LU+g
|
||||||
|
--- jnqRYlJ+O2Gyyq3F+Bg6wbeWnr+BrvnyS7yZJSBVdMA
|
||||||
|
¾2<ž½úG<7F>²öw;Á•–¨É2}æAmw˜Y6ºa©5TÖÉd<EÍ„Ñ×0Î9]µÍpŒ}„ÄçÆ7.À¤™¤Ë¨. ‹äé\FN¢)@µ
|
|
@ -0,0 +1,7 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 JMblKQ K3PuGxokm5IVyWvKINebQ78IludSXmPQ6TszMlJ+y2Y
|
||||||
|
gSIZJVDNkGEwKqMoqnVWQnZlCtquX8OiY+zokAE3qCs
|
||||||
|
-> y`qQqQ*-grease K-
|
||||||
|
uoC/
|
||||||
|
--- psxc2ttdWjZPh1yijDIrFPs4Mc7naugmqC58dH2UKD4
|
||||||
|
4¥S0íRî)x´¬Úb’Ú‘ð¤hì˜W±Záö•·?‚U|ì÷é!qéK¶Œ±ÙŽsö³Û Ÿßù·^‰]‡ºå)ïªð1§Á®A‚˜>Ù
|
|
@ -6,13 +6,17 @@
|
||||||
# 137.184.177.239
|
# 137.184.177.239
|
||||||
{
|
{
|
||||||
pkgs,
|
pkgs,
|
||||||
|
lib,
|
||||||
modulesPath,
|
modulesPath,
|
||||||
|
config,
|
||||||
...
|
...
|
||||||
}: {
|
}: {
|
||||||
imports = [
|
imports = [
|
||||||
(modulesPath + "/virtualisation/digital-ocean-config.nix")
|
(modulesPath + "/virtualisation/digital-ocean-config.nix")
|
||||||
];
|
];
|
||||||
|
|
||||||
|
age.rekey.hostPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG+vSEiWVIn53Jyhs0QmVa7d7qkoArCWVbP1yKv46FDX";
|
||||||
|
|
||||||
boot.loader.grub.enable = true;
|
boot.loader.grub.enable = true;
|
||||||
|
|
||||||
virtualisation.digitalOcean.rebuildFromUserData = false;
|
virtualisation.digitalOcean.rebuildFromUserData = false;
|
||||||
|
@ -47,5 +51,18 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
clicks.services.headscale = {
|
||||||
|
enable = true;
|
||||||
|
domain = "vpn.auxolotl.org";
|
||||||
|
database_password_path = config.age.secrets."clicks.services.headscale.database_password_path".path;
|
||||||
|
};
|
||||||
|
|
||||||
|
age.secrets."clicks.services.headscale.database_password_path" = {
|
||||||
|
generator.script = "alnum";
|
||||||
|
group = "headscale";
|
||||||
|
mode = "0440"; # Needed to allow headscale group to read
|
||||||
|
unstableName = true; # Clicks option to base the name on a hash of the contents ... helps with autorestarting services
|
||||||
|
};
|
||||||
|
|
||||||
system.stateVersion = "23.11";
|
system.stateVersion = "23.11";
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue