alexoundos
/
selfprivacy-nixos-top-level
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

initial

master
Alexander Tomokhov 2023-11-06 12:57:26 +04:00
commit c0f1ed2d7e
8 changed files with 433 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
/result

66
flake.lock Normal file
View File

@ -0,0 +1,66 @@
{
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1686476475,
"narHash": "sha256-W9yUePvCSDghn+YUXewuodyPxt+kJl/a7zdY4Q6r4MU=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "eef86b8a942913a828b9ef13722835f359deef29",
"type": "github"
},
"original": {
"owner": "nixos",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"selfprivacy-nixos-config": "selfprivacy-nixos-config"
}
},
"selfprivacy-graphql-api": {
"inputs": {
"nixpkgs": [
"selfprivacy-nixos-config",
"nixpkgs"
]
},
"locked": {
"lastModified": 1699259966,
"narHash": "sha256-NMZ1NZ/3I4d9AvegG95sSaV2Hv4A6WEfJ5UCpsFr+Zk=",
"ref": "flake",
"rev": "b6e84f2596b78da497f63179d72c903bb9b92d4e",
"revCount": 942,
"type": "git",
"url": "https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git"
},
"original": {
"type": "git",
"url": "https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git"
}
},
"selfprivacy-nixos-config": {
"inputs": {
"nixpkgs": "nixpkgs",
"selfprivacy-graphql-api": "selfprivacy-graphql-api"
},
"locked": {
"lastModified": 1699261443,
"narHash": "sha256-mK1L4vrQshtICda1Ub+DyiHp9P/Zxtbx3H/BmKVe6y0=",
"ref": "flakes",
"rev": "b4b37f42f2e3dcea50382fdff70228e33af90db7",
"revCount": 123,
"type": "git",
"url": "https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config.git"
},
"original": {
"type": "git",
"url": "https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config.git"
}
}
},
"root": "root",
"version": 7
}

18
flake.nix Normal file
View File

@ -0,0 +1,18 @@
{
description = "SelfPrivacy NixOS configuration local flake";
inputs.selfprivacy-nixos-config.url = "git+https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config.git";
outputs = { self, selfprivacy-nixos-config }:
let
userdata = builtins.fromJSON (builtins.readFile ./userdata/userdata.json);
hardware-configuration = ./hardware-configuration.nix;
in
{
# TODO embed self revision, maybe pass self as an argument
nixosConfigurations =
selfprivacy-nixos-config.outputs.nixosConfigurations-fun {
inherit hardware-configuration userdata;
};
};
}

8
hardware-configuration.nix Normal file
View File

@ -0,0 +1,8 @@
{ modulesPath, lib, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
boot.loader.grub.device = "/dev/sda";
boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

190
userdata/schema.json Normal file
View File

@ -0,0 +1,190 @@
{
"$schema": "http://json-schema.org/schema#",
"$id": "https://git.selfprivacy.org/inex/selfprivacy-nixos-config/raw/branch/master/userdata/schema.json",
"type": "object",
"properties": {
"autoUpgrade": {
"type": "object",
"properties": {
"enable": {
"type": "boolean"
},
"allowReboot": {
"type": "boolean"
}
}
},
"hostname": {
"type": "string"
},
"domain": {
"type": "string"
},
"username": {
"type": "string"
},
"hashedMasterPassword": {
"type": "string"
},
"sshKeys": {
"type": "array",
"items": {
"type": "string"
}
},
"timezone": {
"type": "string"
},
"api": {
"type": "object",
"properties": {
"token": {
"type": "string"
},
"enableSwagger": {
"type": "boolean"
},
"skippedMigrations": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
"backblaze": {
"type": "object",
"properties": {
"bucket": {
"type": "string"
},
"accountId": {
"type": "string"
},
"accountKey": {
"type": "string"
}
},
"required": ["bucket", "accountId", "accountKey"]
},
"cloudflare": {
"type": "object",
"properties": {
"apiKey": {
"type": "string"
}
},
"required": ["apiKey"]
},
"databasePassword": {
"type": "string"
},
"bitwarden": {
"type": "object",
"properties": {
"enable": {
"type": "boolean"
}
}
},
"gitea": {
"type": "object",
"properties": {
"enable": {
"type": "boolean"
}
}
},
"nextcloud": {
"type": "object",
"properties": {
"enable": {
"type": "boolean"
},
"databasePassword": {
"type": "string"
},
"adminPassword": {
"type": "string"
}
},
"required": ["databasePassword", "adminPassword"]
},
"pleroma": {
"type": "object",
"properties": {
"enable": {
"type": "boolean"
}
}
},
"jitsi": {
"type": "object",
"properties": {
"enable": {
"type": "boolean"
}
}
},
"ocserv": {
"type": "object",
"properties": {
"enable": {
"type": "boolean"
}
}
},
"resticPassword": {
"type": "string"
},
"ssh": {
"type": "object",
"properties": {
"enable": {
"type": "boolean"
},
"rootKeys": {
"type": "array",
"items": {
"type": "string"
}
},
"passwordAuthentication": {
"type": "boolean"
}
}
},
"users": {
"type": "array",
"items": {
"type": "object",
"properties": {
"username": {
"type": "string"
},
"hashedPassword": {
"type": "string"
},
"sshKeys": {
"type": "array",
"items": {
"type": "string"
}
}
},
"required": ["username", "hashedPassword"]
}
}
},
"required": [
"hostname",
"domain",
"username",
"hashedMasterPassword",
"backblaze",
"cloudflare",
"databasePassword",
"nextcloud",
"resticPassword"
]
}

9
userdata/tokens.json Normal file
View File

@ -0,0 +1,9 @@
{
"tokens": [
{
"token": "UKyDoDP3ynlZ9pYBydckZi7RFFk0SV768ZpQ2ZpQ5eMOb1zBYTKjrhfB6nvY70Ca",
"name": "primary_token",
"date": "2023-06-06 16:51:19.527893"
}
]
}

72
userdata/tokens_schema.json Normal file
View File

@ -0,0 +1,72 @@
{
"$schema": "http://json-schema.org/schema#",
"$id": "https://git.selfprivacy.org/inex/selfprivacy-nixos-config/raw/branch/master/userdata/tokens_schema.json",
"type": "object",
"properties": {
"tokens": {
"type": "array",
"items": {
"type": "object",
"properties": {
"token": {
"type": "string"
},
"name": {
"type": "string"
},
"date": {
"type": "string"
}
},
"required": [
"token",
"name",
"date"
]
}
},
"recovery_token": {
"type": "object",
"properties": {
"token": {
"type": "string"
},
"date": {
"type": "string"
},
"expiration": {
"type": "string"
},
"uses_left": {
"type": "integer"
}
},
"required": [
"token",
"date"
]
},
"new_device": {
"type": "object",
"properties": {
"token": {
"type": "string"
},
"date": {
"type": "string"
},
"expiration": {
"type": "string"
}
},
"required": [
"token",
"date",
"expiration"
]
}
},
"required": [
"tokens"
]
}

69
userdata/userdata.json Normal file
View File

@ -0,0 +1,69 @@
{
"api": {
"token": "UKyDoDP3ynlZ9pYBydckZi7RFFk0SV768ZpQ2ZpQ5eMOb1zBYTKjrhfB6nvY70Ca",
"skippedMigrations": [
"migrate_to_selfprivacy_channel",
"mount_volume"
]
},
"backup": {
"provider": "BACKBLAZE",
"accountId": "",
"accountKey": "",
"bucket": ""
},
"bitwarden": {
"enable": true,
"location": "sdb"
},
"dns": {
"provider": "CLOUDFLARE",
"apiKey": "xJD80-k8QyWw7_yWBQXjSGLWeLhedan0mHqJNzMB",
"useStagingACME": false
},
"server": {
"provider": "HETZNER"
},
"databasePassword": "e5LTh9xt2UtaY0BXGzNpqFbnTfs1PS0W6eDnLgnE",
"domain": "meow-corp.xyz",
"hashedMasterPassword": "$6$WrO.K8riC8c/uuJ$9l/5aP4HY4q3g0.QBAWAnL37f7JUsA0nhBHQpyem1fLnnOijDoQbgKmC0W5Nzajdtw5IVuQT5FnLJyQPZAfrw/",
"hostname": "meow-corp",
"nextcloud": {
"enable": true,
"adminPassword": "tMzoy1yEaBPcgVheoXUj11S5dVlC5I4TSFxr0pCHoeMvOV2YICYqFqFJne2SgbOFr6QxZTw6QGdYmCLW",
"databasePassword": "tMzoy1yEaBPcgVheoXUj11S5dVlC5I4TSFxr0pCHoeMvOV2YICYqFqFJne2SgbOFr6QxZTw6QGdYmCLW",
"location": "sdb"
},
"gitea": {
"enable": true,
"location": "sdb"
},
"jitsi": {
"enable": true
},
"ocserv": {
"enable": false
},
"pleroma": {
"enable": false,
"location": "sdb"
},
"timezone": "Europe/Uzhgorod",
"resticPassword": "tMzoy1yEaBPcgVheoXUj11S5dVlC5I4TSFxr0pCHoeMvOV2YICYqFqFJne2SgbOFr6QxZTw6QGdYmCLW",
"username": "admin",
"volumes": [
{
"device": "/dev/sdb",
"mountPoint": "/volumes/sdb",
"fsType": "ext4"
}
],
"useBinds": true,
"ssh": {
"rootKeys": [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMBb3yVhYF4slhf1iQCiGLOVcbGKP/MmkQiEMl2un+4K alex@240g7"
]
},
"sshKeys": [],
"users": []
}