diff --git a/devices/server/configuration.nix b/devices/server/configuration.nix index abec228..5f56747 100644 --- a/devices/server/configuration.nix +++ b/devices/server/configuration.nix @@ -44,10 +44,6 @@ in { reverse_proxy http://127.0.0.1:3000 ''; - virtualHosts."brigitte.polensky.me".extraConfig = '' - reverse_proxy http://127.0.0.1:4000 - ''; - virtualHosts."pb.polensky.me".extraConfig = '' request_body { max_size 10MB @@ -64,6 +60,10 @@ in { file_server try_files {path} /index.html ''; + + virtualHosts."prixdugaz.ca".extraConfig = '' + reverse_proxy http://127.0.0.1:8080 + ''; }; services = { @@ -73,16 +73,13 @@ in { host = "0.0.0.0"; syncModels = true; loadModels = - [ "qwen3-embedding:8b" "mistral:7b" ]; + [ "qwen3-embedding:0.6b" ]; }; }; - services.brigitte = { + services.prixdugaz = { enable = true; - host = "brigitte.polensky.me"; - environmentFile = "/var/lib/brigitte/brigitte.env"; - database.enable = true; - garage.enable = true; + openFirewall = true; # 8080 }; # observability @@ -90,6 +87,7 @@ in { grafana = { enable = true; settings = { + security.secret_key = "SW2YcwTIb9zpOOhoPsMm"; server = { http_addr = "0.0.0.0"; http_port = 3000; diff --git a/flake.lock b/flake.lock index 264285f..f91c628 100644 --- a/flake.lock +++ b/flake.lock @@ -6,11 +6,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1774550555, - "narHash": "sha256-ZgRQ2xzBolehSBnpl3y3GOJfr2eYxGtN93kdiuyNn0I=", + "lastModified": 1776217893, + "narHash": "sha256-5v5mDH4Bir2op7RvqrolwfP6wNkNisCFZ0umagUEiQI=", "ref": "refs/heads/main", - "rev": "c81f1ff80ec0dd19906fd34ec92a881a36ab4bb3", - "revCount": 53, + "rev": "27783dfa1893d1f6e7f3053483b888a39e0dfa04", + "revCount": 57, "type": "git", "url": "ssh://git@github.com/Polensky/brigitte" }, @@ -26,11 +26,11 @@ ] }, "locked": { - "lastModified": 1769524058, - "narHash": "sha256-zygdD6X1PcVNR2PsyK4ptzrVEiAdbMqLos7utrMDEWE=", + "lastModified": 1773889306, + "narHash": "sha256-PAqwnsBSI9SVC2QugvQ3xeYCB0otOwCacB1ueQj2tgw=", "owner": "nix-community", "repo": "disko", - "rev": "71a3fc97d80881e91710fe721f1158d3b96ae14d", + "rev": "5ad85c82cc52264f4beddc934ba57f3789f28347", "type": "github" }, "original": { @@ -95,6 +95,24 @@ "type": "github" } }, + "flake-utils": { + "inputs": { + "systems": "systems_3" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -102,11 +120,11 @@ ] }, "locked": { - "lastModified": 1770586272, - "narHash": "sha256-Ucci8mu8QfxwzyfER2DQDbvW9t1BnTUJhBmY7ybralo=", + "lastModified": 1776184304, + "narHash": "sha256-No6QGBmIv5ChiwKCcbkxjdEQ/RO2ZS1gD7SFy6EZ7rc=", "owner": "nix-community", "repo": "home-manager", - "rev": "b1f916ba052341edc1f80d4b2399f1092a4873ca", + "rev": "3c7524c68348ef79ce48308e0978611a050089b2", "type": "github" }, "original": { @@ -158,11 +176,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1770184146, - "narHash": "sha256-DsqnN6LvXmohTRaal7tVZO/AKBuZ02kPBiZKSU4qa/k=", + "lastModified": 1775037210, + "narHash": "sha256-KM2WYj6EA7M/FVZVCl3rqWY+TFV5QzSyyGE2gQxeODU=", "owner": "LnL7", "repo": "nix-darwin", - "rev": "0d7874ef7e3ba02d58bebb871e6e29da36fa1b37", + "rev": "06648f4902343228ce2de79f291dd5a58ee12146", "type": "github" }, "original": { @@ -173,11 +191,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1774567711, - "narHash": "sha256-uVlOHBvt6Vc/iYNJXLPa4c3cLXwMllOCVfAaLAcphIo=", + "lastModified": 1775490113, + "narHash": "sha256-2ZBhDNZZwYkRmefK5XLOusCJHnoeKkoN95hoSGgMxWM=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "3f6f874dfc34d386d10e434c48ad966c4832243e", + "rev": "c775c2772ba56e906cbeb4e0b2db19079ef11ff7", "type": "github" }, "original": { @@ -236,11 +254,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1770562336, - "narHash": "sha256-ub1gpAONMFsT/GU2hV6ZWJjur8rJ6kKxdm9IlCT0j84=", + "lastModified": 1775710090, + "narHash": "sha256-ar3rofg+awPB8QXDaFJhJ2jJhu+KqN/PRCXeyuXR76E=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d6c71932130818840fc8fe9509cf50be8c64634f", + "rev": "4c1018dae018162ec878d42fec712642d214fdfa", "type": "github" }, "original": { @@ -252,11 +270,27 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1770380644, - "narHash": "sha256-P7dWMHRUWG5m4G+06jDyThXO7kwSk46C1kgjEWcybkE=", + "lastModified": 1775036866, + "narHash": "sha256-ZojAnPuCdy657PbTq5V0Y+AHKhZAIwSIT2cb8UgAz/U=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ae67888ff7ef9dff69b3cf0cc0fbfbcd3a722abe", + "rev": "6201e203d09599479a3b3450ed24fa81537ebc4e", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1775888245, + "narHash": "sha256-nwASzrRDD1JBEu/o8ekKYEXm/oJW6EMCzCRdrwcLe90=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "13043924aaa7375ce482ebe2494338e058282925", "type": "github" }, "original": { @@ -266,7 +300,7 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_6": { "locked": { "lastModified": 1768564909, "narHash": "sha256-Kell/SpJYVkHWMvnhqJz/8DqQg2b6PguxVWOuadbHCc=", @@ -282,7 +316,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_7": { "locked": { "lastModified": 1768395095, "narHash": "sha256-ZhuYJbwbZT32QA95tSkXd9zXHcdZj90EzHpEXBMabaw=", @@ -302,14 +336,15 @@ "inputs": { "nixpkgs": [ "nixpkgs" - ] + ], + "noctalia-qs": "noctalia-qs" }, "locked": { - "lastModified": 1770607512, - "narHash": "sha256-+h2O7BfXDMZqYdB8nQoeJcxLgEib5FDaC223hOEqphE=", + "lastModified": 1776240823, + "narHash": "sha256-QAdipw26rtLJWKY7EWX7k+pyvCQwF4+PObggxWbiT74=", "owner": "noctalia-dev", "repo": "noctalia-shell", - "rev": "c39e200d54c6e8ebf43a6a91e1ef984135fd8318", + "rev": "76b03be48965cb01faabe167f80a8995fb76a92e", "type": "github" }, "original": { @@ -318,14 +353,37 @@ "type": "github" } }, + "noctalia-qs": { + "inputs": { + "nixpkgs": [ + "noctalia", + "nixpkgs" + ], + "systems": "systems_2", + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1775957204, + "narHash": "sha256-d4CVRtAty2GzDYXx4xYQmR+nlOjjKovyprQfZhgLckU=", + "owner": "noctalia-dev", + "repo": "noctalia-qs", + "rev": "68e82fe34c68ee839a9c37e3466820e266af0c86", + "type": "github" + }, + "original": { + "owner": "noctalia-dev", + "repo": "noctalia-qs", + "type": "github" + } + }, "nvf": { "inputs": { "flake-compat": "flake-compat", "flake-parts": "flake-parts_2", "mnw": "mnw", "ndg": "ndg", - "nixpkgs": "nixpkgs_6", - "systems": "systems_2" + "nixpkgs": "nixpkgs_7", + "systems": "systems_4" }, "locked": { "lastModified": 1768464392, @@ -341,6 +399,25 @@ "type": "github" } }, + "prixdugaz": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs_4" + }, + "locked": { + "lastModified": 1777505579, + "narHash": "sha256-e1oq8b4hFTH/C2zyGdRB4X4BdFg+wrf3yw7JjHav++w=", + "ref": "refs/heads/main", + "rev": "ed8b91db4647564f21b376fea6390c1167dcc027", + "revCount": 35, + "type": "git", + "url": "ssh://git@github.com/Polensky/prixdugaz" + }, + "original": { + "type": "git", + "url": "ssh://git@github.com/Polensky/prixdugaz" + } + }, "root": { "inputs": { "brigitte": "brigitte", @@ -350,20 +427,21 @@ "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_3", "noctalia": "noctalia", + "prixdugaz": "prixdugaz", "sops-nix": "sops-nix", "vimix": "vimix" } }, "sops-nix": { "inputs": { - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_5" }, "locked": { - "lastModified": 1770526836, - "narHash": "sha256-xbvX5Ik+0inJcLJtJ/AajAt7xCk6FOCrm5ogpwwvVDg=", + "lastModified": 1776119890, + "narHash": "sha256-Zm6bxLNnEOYuS/SzrAGsYuXSwk3cbkRQZY0fJnk8a5M=", "owner": "Mic92", "repo": "sops-nix", - "rev": "d6e0e666048a5395d6ea4283143b7c9ac704720d", + "rev": "d4971dd58c6627bfee52a1ad4237637c0a2fb0cd", "type": "github" }, "original": { @@ -388,6 +466,21 @@ } }, "systems_2": { + "locked": { + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", + "owner": "nix-systems", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default-linux", + "type": "github" + } + }, + "systems_3": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", @@ -402,6 +495,43 @@ "type": "github" } }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "noctalia", + "noctalia-qs", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1775636079, + "narHash": "sha256-pc20NRoMdiar8oPQceQT47UUZMBTiMdUuWrYu2obUP0=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "790751ff7fd3801feeaf96d7dc416a8d581265ba", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, "utils": { "inputs": { "systems": "systems" @@ -423,7 +553,7 @@ "vimix": { "inputs": { "flake-parts": "flake-parts", - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_6", "nvf": "nvf" }, "locked": { diff --git a/flake.nix b/flake.nix index 727a3d6..82a4fab 100644 --- a/flake.nix +++ b/flake.nix @@ -18,7 +18,7 @@ url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; - brigitte.url = "git+ssh://git@github.com/Polensky/brigitte"; + prixdugaz.url = "git+ssh://git@github.com/Polensky/prixdugaz"; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; }; @@ -52,7 +52,7 @@ sops-nix.nixosModules.sops ./devices/server/configuration.nix ./modules - inputs.brigitte.nixosModules.default + inputs.prixdugaz.nixosModules.default ]; }; pi = nixpkgs.lib.nixosSystem { diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index c4e3dd8..2aeb5f0 100644 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -1,6 +1,7 @@ pi_user_pass: ENC[AES256_GCM,data:X5u07UvEov5eYWks,iv:SPDFU01/5WThCSZjj1pExNZENhmIG2W6LvHfpPH5TS0=,tag:z5bhJ2TrX6Bevd40O1nPxg==,type:str] luna_telegram_token: ENC[AES256_GCM,data:LWzEamz5SFK4HC+zR+6seTrVsTR0kQGETD6DSHMW3fMeFbUQm6/K+d8mc6Wg7w==,iv:LqvyTIkniNiqEAK76+Uqq4cYHnddmjMId+HQBjHk68o=,tag:knP6aqkLwGeEIAYMyET3Xg==,type:str] luna_gateway_token: ENC[AES256_GCM,data:NV13qS8Vj0/HcvPM34Z90kFBoezpKeyhYKIWfU8zkHbOK7pHkl8yNACmUBszgjhbP4baqmO61isd94TxN4AjoA==,iv:j+9SfQoRMWeZbCjAm6/D5hwDBLl/0IOyu34DYphWz2o=,tag:od78mpifFMajv9eQfmnp1w==,type:str] +ollama_api_key: ENC[AES256_GCM,data:ZaTeAcipRZBsZ0krHhc/UNZ0+P4AaA2aT3WHGKkg4PaikYB+TWXPGYV+BjTbn2KOXynabwwNwIyT,iv:Po25iPPd7VlYfaYqtDrLEbjZBdJ7af8mgEW8tYgs3iM=,tag:CMl2ECJxRTIB+AFND+9tKQ==,type:str] sops: age: - recipient: age1x8qsd7kxxjvan4psvnvua3r0emljsnq07agxnu6jqw56ky8z6faqyjq0e3 @@ -30,7 +31,7 @@ sops: TzlCMWpMQ1hRMTRObWNyN2Q0YWtsZmcKFHVmvu6U0Qw+EUsBEmdST2cyQ3rZyh6w 62vmALGxE2NWDYQmwtHJmYqeO14HHEDclUErQiCmUt+hLgOLF2MxwA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-02-09T03:39:35Z" - mac: ENC[AES256_GCM,data:lVU+w4EOpNACzz1CjtBGwGcoB/huatCa97sJ4irzX/dNP8LYwMiRvm6axsyqNiBns76WyKHAS9r+drByQzNAFAIh+2EwJCk7Mm7Njy3+kL0GNd0RanMhI51WSHTbjHIqrGC81jgS4ydcsGDMDmZBOZHL5t/uTcrdn/SRjgDvHTA=,iv:F4kbFHvTFmG4mhvMIAUtNq6WCwXyILOlbYvIaFno6BI=,tag:JSYzsKF86cuJtApPeTVDTA==,type:str] + lastmodified: "2026-04-09T02:00:03Z" + mac: ENC[AES256_GCM,data:2/JIsd2iOg2yTMzxwnVuk1pKxNJy80g09SgcCLLP0rwziKNORELQw5z8ipgVxRee2irqPSNFsAPfvjQFnq3nGOKuf1zbSATOzt4yySWigS7Q7il1OEtf6rdNXPruTQU+R8R3ZpqE0IhYZ1iPyCU+vIlBdHzgLEThdnQeWE3XvAc=,iv:Xc7uCgvHysg3w/fAC1aPLozU1tROcywRlWQLS/kUCYQ=,tag:c5NF6cjqaCJ8r6tfPVuUxw==,type:str] unencrypted_suffix: _unencrypted version: 3.11.0