polen/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: polen:940a007bb02399aa8324d3bb36eee3d62dd41afe
Branches Tags
polen:main
...
compare: polen:454dbfeab2c7c9d198af6851d26321eae6cb6548
Branches Tags
polen:main

10 commits
940a007bb0 ... 454dbfeab2

Author SHA1 Message Date
charles@rumandcode.io
454dbfeab2 darwin stuff 2026-05-27 10:06:40 -04:00
Polen
27c930d6bb forgejo! 2026-05-27 10:05:10 -04:00
Polen
7ebf4239b9 vimix update 2026-05-04 09:04:52 -04:00
Polen
18808567fd no brigitte/ prixdugaz 2026-04-30 19:30:42 -04:00
Polen
42ef3b62a0 brigitte + power xps13 2026-03-27 10:30:51 -04:00
Polen
4b13eb5832 bye bye openclaw 2026-03-09 08:44:44 -04:00
Polen
36c73a41ff theclaw 2026-02-18 11:07:01 -05:00
Polen
143cd6c603 the soul 2026-02-08 22:46:59 -05:00
Polen
d1746fea40 ollama 2026-02-08 14:58:56 -05:00
Polen
3bd7873d46 pi fidling 2026-02-05 12:16:26 -05:00
19 changed files with 615 additions and 464 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.sops.yaml
View file

@ -1,9 +1,11 @@
keys:
- &xps13 age1x8qsd7kxxjvan4psvnvua3r0emljsnq07agxnu6jqw56ky8z6faqyjq0e3
- &pi age1y2s7ah49jmhd8n05q7tw0gjcnv3390s0uxp3ewjqueekq7a7rvdqzytgd2
- &server age107mmu7nkjfpm7ygp25zpj69m06ftckc9gh7a37umkjq0y7ac34msd6uj3u
creation_rules:
- path_regex: secrets/secrets.yaml$
key_groups:
- age:
- *xps13
- *pi
- *server

2
Makefile
View file

@ -6,4 +6,4 @@ rebuild-pi:
NIX_SSHOPTS="-o IdentitiesOnly=yes -i ~/.ssh/id_rsa" nixos-rebuild switch --flake .#pi --target-host pi --build-host server --use-remote-sudo
deploy-server:
nixos-rebuild switch --flake .#server --target-host server --build-host server --use-remote-sudo --ask-sudo-password
nixos-rebuild switch --flake .#server --target-host server --build-host server --sudo --ask-sudo-password

15
devices/asus/configuration.nix
View file

@ -1,12 +1,7 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{
config,
lib,
pkgs,
...
}: {
{ config, lib, pkgs, ... }: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
@ -38,13 +33,7 @@
users.users.polen = {
isNormalUser = true;
extraGroups = [ "wheel" ]; # Enable sudo for the user.
packages = with pkgs; [
neovim
tree
htop
git
ranger
];
packages = with pkgs; [ neovim tree htop git ranger ];
};
# List packages installed in system profile.

25
devices/asus/hardware-configuration.nix
View file

@ -4,34 +4,32 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.availableKernelModules =
[ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/50ea20bc-d9bb-40c7-8e4a-34e31da665b5";
fileSystems."/" = {
device = "/dev/disk/by-uuid/50ea20bc-d9bb-40c7-8e4a-34e31da665b5";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/9267-2ED4";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/9267-2ED4";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
fileSystems."/data" =
{ device = "/dev/disk/by-uuid/465aa01d-2cc4-4955-bebb-b44c21528e4f";
fileSystems."/data" = {
device = "/dev/disk/by-uuid/465aa01d-2cc4-4955-bebb-b44c21528e4f";
fsType = "ext4";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/90dd6c81-79a7-45e2-b063-e263cabf1c28"; }
];
[{ device = "/dev/disk/by-uuid/90dd6c81-79a7-45e2-b063-e263cabf1c28"; }];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
@ -42,5 +40,6 @@
# networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
}

14
devices/latoure/configuration.nix
View file

@ -1,11 +1,7 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running 'nixos-help').
{
config,
pkgs,
...
}: {
{ config, pkgs, ... }: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
@ -109,13 +105,7 @@
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
htop-vim
ranger
neovim
wget
git
];
environment.systemPackages = with pkgs; [ htop-vim ranger neovim wget git ];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.

43
devices/latoure/hardware-configuration.nix
View file

@ -4,44 +4,52 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "xhci_pci" "pata_marvell" "firewire_ohci" "usb_storage" "usbhid" "sd_mod" "sr_mod" ];
boot.initrd.availableKernelModules = [
"uhci_hcd"
"ehci_pci"
"ahci"
"xhci_pci"
"pata_marvell"
"firewire_ohci"
"usb_storage"
"usbhid"
"sd_mod"
"sr_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/62a34abf-561a-410d-b913-eb2ad7ede6f5";
fileSystems."/" = {
device = "/dev/disk/by-uuid/62a34abf-561a-410d-b913-eb2ad7ede6f5";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/9B7B-A012";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/9B7B-A012";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
fileSystems."/data" =
{ device = "/dev/disk/by-uuid/b7de7b88-6239-4340-9e7a-6486814bbd83";
fileSystems."/data" = {
device = "/dev/disk/by-uuid/b7de7b88-6239-4340-9e7a-6486814bbd83";
fsType = "ext4";
};
fileSystems."/data1" =
{ device = "/dev/disk/by-uuid/86a239f2-50a5-4c26-9534-0636fb718fc8";
fileSystems."/data1" = {
device = "/dev/disk/by-uuid/86a239f2-50a5-4c26-9534-0636fb718fc8";
fsType = "ext4";
};
fileSystems."/home" =
{ device = "/dev/disk/by-uuid/5181dbcf-7e00-46d9-ac04-c22d4c4e9827";
fileSystems."/home" = {
device = "/dev/disk/by-uuid/5181dbcf-7e00-46d9-ac04-c22d4c4e9827";
fsType = "ext4";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/29ac34a7-fa51-489b-b9da-8c5d02bdd2c4"; }
];
[{ device = "/dev/disk/by-uuid/29ac34a7-fa51-489b-b9da-8c5d02bdd2c4"; }];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
@ -52,5 +60,6 @@
# networking.interfaces.enp7s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
}

55
devices/macbook/configuration.nix
View file

@ -1,11 +1,5 @@
{
pkgs,
inputs,
system,
config,
...
}: let
my-emacs = pkgs.emacsNativeComp;
{ pkgs, inputs, system, config, ... }:
let my-emacs = pkgs.emacsNativeComp;
in {
nixpkgs.config.allowUnfree = true;
@ -56,23 +50,28 @@ in {
"brave-browser"
"qutebrowser"
"stremio"
"firefox"
# work
"slack"
"tunnelblick"
"dbeaver-community"
"claude"
"adobe-acrobat-reader"
# doom emacs
"font-symbols-only-nerd-font"
# media
"inkscape"
"obs"
];
};
nix = {
# Necessary for using flakes on this system.
settings.experimental-features = "nix-command flakes";
extraOptions = ''
extra-platforms = x86_64-darwin aarm64-darwin
extra-platforms = x86_64-darwin aarch64-darwin aarch64-linux
'';
gc = {
automatic = true;
@ -83,6 +82,31 @@ in {
};
options = "--delete-older-than 15d";
};
linux-builder = {
enable = true;
};
distributedBuilds = true;
buildMachines = [
{
hostName = "server.local";
sshUser = "polen";
sshKey = "/Users/charles/.ssh/id_ed25519";
systems = [ "x86_64-linux" "aarch64-linux" ];
# optional but recommended:
maxJobs = 4; # how many concurrent builds to send
speedFactor = 1; # relative priority vs other builders
supportedFeatures = [ "nixos-test" "big-parallel" "kvm" ];
}
];
settings.builders-use-substitutes = true;
settings = {
extra-substituters = [ "s3://rc-nix-binary-cache?region=ca-central-1" ];
extra-trusted-public-keys = [ "rc-nix-cache:3nJzc2e0wK0zpTmiphHLYJWOMuKJ0Fj/TOF5ulUxr/Q=" ];
secret-key-files = [ "/Users/charles/.config/nix/rc-nix-cache-priv-key.pem" ];
};
};
# Create /etc/zshrc that loads the nix-darwin environment.
@ -90,9 +114,7 @@ in {
programs.direnv.enable = true;
programs.gnupg.agent.enable = true;
services.yabai = {
enable = true;
};
services.yabai = { enable = true; };
services.skhd.enable = true;
services.emacs = {
@ -113,9 +135,7 @@ in {
tilesize = 32;
};
system.defaults.menuExtraClock = {
Show24Hour = true;
};
system.defaults.menuExtraClock = { Show24Hour = true; };
launchd.user.agents.remap-keys = {
serviceConfig = {
@ -123,7 +143,8 @@ in {
"/usr/bin/hidutil"
"property"
"--set"
'' {
''
{
"UserKeyMapping":[
{"HIDKeyboardModifierMappingSrc":0x700000039,"HIDKeyboardModifierMappingDst":0x7000000E7}
]

36
devices/pi/configuration.nix
View file

@ -1,10 +1,5 @@
{
inputs,
config,
pkgs,
lib,
...
}: let
{ inputs, config, pkgs, lib, ... }:
let
user = "polen";
hostname = "pi";
in {
@ -25,12 +20,10 @@ in {
};
};
swapDevices = [
{
swapDevices = [{
device = "/var/lib/swapfile";
size = 10 * 1024;
}
];
}];
#sops.defaultSopsFile = ../../secrets/secrets.yaml;
#sops.defaultSopsFormat = "yaml";
@ -41,12 +34,6 @@ in {
networkmanager.enable = true;
wireless.enable = false;
hostName = hostname;
firewall.allowedTCPPorts = [80 443];
};
services.pihole-ftl = {
enable = true;
openFirewallDHCP = true;
};
services.prometheus.exporters = {
@ -56,22 +43,19 @@ in {
nix.settings.trusted-users = [ user ];
environment.systemPackages = with pkgs; [
htop-vim
neovim
curl
wget
ranger
];
environment.systemPackages = with pkgs; [ htop-vim neovim curl wget ranger ];
services.openssh.enable = true;
users = {
mutableUsers = false;
users."${user}" = {
users = {
"${user}" = {
isNormalUser = true;
#hashedPasswordFile = config.sops.secrets.pi_user_pass.path;
extraGroups = ["wheel" "pihole"];
extraGroups = [ "wheel" ];
};
lauria = { isNormalUser = true; };
};
};

80
devices/server/configuration.nix
View file

@ -1,13 +1,7 @@
{
config,
pkgs,
...
}: let
user = "polen";
{ config, pkgs, ... }:
let user = "polen";
in {
imports = [
./hardware-configuration.nix
];
imports = [ ./hardware-configuration.nix ];
boot.loader = {
grub = {
@ -46,6 +40,14 @@ in {
reverse_proxy http://127.0.0.1:8096
'';
virtualHosts."grafana.polensky.me".extraConfig = ''
reverse_proxy http://127.0.0.1:3000
'';
virtualHosts."git.polensky.me".extraConfig = ''
reverse_proxy http://127.0.0.1:3001
'';
virtualHosts."pb.polensky.me".extraConfig = ''
request_body {
max_size 10MB
@ -62,6 +64,33 @@ in {
file_server
try_files {path} /index.html
'';
virtualHosts."prixdugaz.ca".extraConfig = ''
reverse_proxy http://127.0.0.1:8080
'';
};
services.prixdugaz = {
enable = true;
openFirewall = true; # 8080
};
services.forgejo = {
enable = true;
lfs.enable = true;
settings = {
server = {
DOMAIN = "git.polensky.me";
ROOT_URL = "https://git.polensky.me/";
HTTP_PORT = 3001;
};
service = {
DISABLE_REGISTRATION = true;
};
actions = {
ENABLED = true;
};
};
};
# observability
@ -69,6 +98,7 @@ in {
grafana = {
enable = true;
settings = {
security.secret_key = "SW2YcwTIb9zpOOhoPsMm";
server = {
http_addr = "0.0.0.0";
http_port = 3000;
@ -79,27 +109,29 @@ in {
enable = true;
exporters = {
node.enable = true;
systemd.enable = true;
};
scrapeConfigs = [
{
job_name = "node-exporters-lan";
static_configs = [
{
static_configs = [{
targets = [ "127.0.0.1:9100" ];
labels = {
instance = "server";
};
labels = { instance = "server"; };
}];
}
];
{
job_name = "systemd-exporters-lan";
static_configs = [{
targets = [ "127.0.0.1:9558" ];
labels = { instance = "server"; };
}];
}
];
};
};
systemd.services.jellyfin = {
environment = {
DOTNET_SYSTEM_IO_DISABLEFILELOCKING = "1";
};
environment = { DOTNET_SYSTEM_IO_DISABLEFILELOCKING = "1"; };
};
# media
@ -167,6 +199,7 @@ in {
9000 # mealie
8989 # sonarr
10222 # taskchampion-sync-server
51966 # for ssh
];
firewall.allowedUDPPorts = [
5353 # mDNS
@ -176,12 +209,23 @@ in {
time.timeZone = "America/Toronto";
users.users."${user}" = {
isNormalUser = true;
group = "polen";
extraGroups = [ "wheel" "transmission" "jellyfin" "polensky" "docker" ];
shell = pkgs.zsh;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC6O2MJqR+P/FwRyVSz1HWYhMtIwh16ozBU71Y2vf0oNDQ6DZ5T8Bvp5/4uSJgS8lOl3qYyNy0e0zJMIyfFVJnu89ycKBEdixA4HqWOUQGiyvn1C4s740jHolOzN1xNB24PDXFz0vHcVb+G5nU/xeKeaq0vrszrkK2zctqXshw94/x3ah0m3fr5CwM4S2RY/VODOdt11fllFEvN8HGE2mQTPn5sJzwtGW20npQ5iJ7ShugPbC4D1G2JU1R7MqkvWEpq9OFVb1prTpJM+i/lcqCn3lBv8XxpKKnD3q+48eeO1geosAsG/kgUWPDildbzcSfytgj7/TCTujx2ow4ZUfS4kWUrNaXM3M99SG61rFN7zLMAv14SOSsgegmX3q0ZAwOieUhCifqIqdfFr5QjEUP11ALofYRC6567X1YrEVXZFFnZSXMKGkBKpTxx0jaTTGnFSd6F49kDlI30cKJnVUgAK5nESissdEFn3UGRSFfxmjZkYvhY5l3LqtbO3kEutJU= polen@polen-xps"
];
};
users.groups.polen = { };
# SOPS secrets
sops = {
defaultSopsFile = ../../secrets/secrets.yaml;
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
secrets = { };
};
environment.systemPackages = with pkgs; [
neovim
htop-vim

23
devices/server/hardware-configuration.nix
View file

@ -1,18 +1,11 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
{ config, lib, pkgs, modulesPath, ... }: {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = ["uhci_hcd" "ehci_pci" "hpsa" "usb_storage" "usbhid" "sd_mod"];
boot.initrd.availableKernelModules =
[ "uhci_hcd" "ehci_pci" "hpsa" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
@ -22,9 +15,8 @@
fsType = "ext4";
};
swapDevices = [
{device = "/dev/disk/by-uuid/6fc86a5b-ac4b-41ed-a7c9-56f734f5e711";}
];
swapDevices =
[{ device = "/dev/disk/by-uuid/6fc86a5b-ac4b-41ed-a7c9-56f734f5e711"; }];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
@ -37,5 +29,6 @@
# networking.interfaces.enp4s0f1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
}

BIN
devices/xps13/assets/avatar.jpg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 408 KiB

30
devices/xps13/configuration.nix
View file

@ -1,12 +1,7 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running 'nixos-help').
{
config,
pkgs,
inputs,
...
}: {
{ config, pkgs, inputs, ... }: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
@ -16,13 +11,13 @@
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
powerOnBoot = false;
};
services.blueman.enable = true;
services.openssh.enable = true;
services.power-profiles-daemon.enable = true;
services.power-profiles-daemon.enable = false;
services.upower.enable = true;
# Bootloader.
@ -31,6 +26,10 @@
boot.kernelModules = [ "msr" ];
boot.extraModprobeConfig = ''
options snd_hda_intel power_save=1
'';
networking.hostName = "xps13"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
@ -69,6 +68,7 @@
services.displayManager.sddm = {
enable = true;
theme = "${import ./sddm-theme.nix { inherit pkgs; }}";
package = pkgs.kdePackages.sddm;
};
# Define a user account. Don't forget to set a password with 'passwd'.
@ -97,7 +97,7 @@
# Desktop
waybar
mako
swww
awww
wdisplays
libnotify
bemenu
@ -105,12 +105,10 @@
pamixer
networkmanagerapplet
wl-clipboard
libsForQt5.qt5.qtquickcontrols2
libsForQt5.qt5.qtgraphicaleffects
ntfs3g
# Nix related
nixfmt-classic
kdePackages.qtdeclarative
kdePackages.qtsvg
];
programs.zsh.enable = true;
@ -121,6 +119,12 @@
withUWSM = true;
};
programs.weylus = {
enable = true;
users = [ "polen" ];
openFirewall = true;
};
services.gvfs.enable = true;
# to make pass work

22
devices/xps13/hardware-configuration.nix
View file

@ -4,27 +4,26 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.availableKernelModules =
[ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/6faa62c9-8566-4ed7-b372-355e04ac4ca6";
fileSystems."/" = {
device = "/dev/disk/by-uuid/6faa62c9-8566-4ed7-b372-355e04ac4ca6";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/A769-2F96";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/A769-2F96";
fsType = "vfat";
};
fileSystems."/home" =
{ device = "/dev/disk/by-uuid/8b28694c-3401-4545-9974-521674baa450";
fileSystems."/home" = {
device = "/dev/disk/by-uuid/8b28694c-3401-4545-9974-521674baa450";
fsType = "ext4";
};
@ -38,5 +37,6 @@
# networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
}

22
devices/xps13/sddm-theme.nix
View file

@ -1,19 +1,21 @@
{pkgs}: let
{ pkgs }:
let
image = ./assets/a_forest_of_trees_with_fog.jpg;
in
pkgs.stdenv.mkDerivation {
avatar = ./assets/avatar.jpg;
in pkgs.stdenv.mkDerivation {
name = "sddm-theme";
src = pkgs.fetchFromGitHub {
owner = "MarianArlt";
repo = "sddm-sugar-dark";
rev = "ceb2c455663429be03ba62d9f898c571650ef7fe";
sha256 = "flOspjpYezPvGZ6b4R/Mr18N7N3JdytCSwwu6mf4owQ=";
owner = "xCaptaiN09";
repo = "pixie-sddm";
rev = "12a5f459ebd6d699be42c188c10976c8bb7076d7";
sha256 = "sha256-lmE/49ySuAZDh5xLochWqfSw9qWrIV+fYaK5T2Ckck8=";
};
installPhase = ''
mkdir -p $out
cp -R ./* $out/
cd $out/
rm Background.jpg
cp -r ${image} $out/Background.jpg
rm $out/assets/background.jpg
rm $out/assets/avatar.jpg
cp ${image} $out/assets/background.jpg
cp ${avatar} $out/assets/avatar.jpg
'';
}

360
flake.lock generated
View file

@ -2,19 +2,38 @@
"nodes": {
"disko": {
"inputs": {
"nixpkgs": "nixpkgs"
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1760701190,
"narHash": "sha256-y7UhnWlER8r776JsySqsbTUh2Txf7K30smfHlqdaIQw=",
"lastModified": 1773889306,
"narHash": "sha256-PAqwnsBSI9SVC2QugvQ3xeYCB0otOwCacB1ueQj2tgw=",
"owner": "nix-community",
"repo": "disko",
"rev": "3a9450b26e69dcb6f8de6e2b07b3fc1c288d85f5",
"rev": "5ad85c82cc52264f4beddc934ba57f3789f28347",
"type": "github"
},
"original": {
"id": "disko",
"type": "indirect"
"owner": "nix-community",
"repo": "disko",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1751685974,
"narHash": "sha256-NKw96t+BgHIYzHUjkTK95FqYRVKB8DHpVhefWSz/kTw=",
"ref": "refs/heads/main",
"rev": "549f2762aebeff29a2e5ece7a7dc0f955281a1d1",
"revCount": 92,
"type": "git",
"url": "https://git.lix.systems/lix-project/flake-compat.git"
},
"original": {
"type": "git",
"url": "https://git.lix.systems/lix-project/flake-compat.git"
}
},
"flake-parts": {
@ -22,11 +41,11 @@
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1730504689,
"narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=",
"lastModified": 1777898446,
"narHash": "sha256-tTEOTTjMHd8Vffn4hehLTPgOXXxJ27xfkf4DoyZgD7s=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "506278e768c2a08bec68eb62932193e341f55c90",
"rev": "5d82aa3d6b5da25dbfec1a995750a70a03b8c659",
"type": "github"
},
"original": {
@ -37,14 +56,18 @@
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_2"
"nixpkgs-lib": [
"vimix",
"nvf",
"nixpkgs"
]
},
"locked": {
"lastModified": 1741352980,
"narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=",
"lastModified": 1769996383,
"narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9",
"rev": "57928607ea566b5db3ad13af0e57e921e6b12381",
"type": "github"
},
"original": {
@ -55,7 +78,7 @@
},
"flake-utils": {
"inputs": {
"systems": "systems"
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
@ -71,13 +94,33 @@
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1776184304,
"narHash": "sha256-No6QGBmIv5ChiwKCcbkxjdEQ/RO2ZS1gD7SFy6EZ7rc=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "3c7524c68348ef79ce48308e0978611a050089b2",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"mnw": {
"locked": {
"lastModified": 1742255973,
"narHash": "sha256-XfEGVKatTgEMMOVb4SNp1LYLQOSzzrFTDMVDTZFyMVE=",
"lastModified": 1777828893,
"narHash": "sha256-gVWVnmyNr74BVKfhMMZDWkhx2699dhmZ2g0W8TTHtkk=",
"owner": "Gerg-L",
"repo": "mnw",
"rev": "b982dbd5e6d55d4438832b3567c09bc2a129649d",
"rev": "c1c0b544bfabe6669b5a6a0383ccb475fe60258b",
"type": "github"
},
"original": {
@ -86,44 +129,39 @@
"type": "github"
}
},
"nil": {
"ndg": {
"inputs": {
"flake-utils": [
"vimix",
"nvf",
"flake-utils"
],
"nixpkgs": [
"vimix",
"nvf",
"nixpkgs"
],
"rust-overlay": "rust-overlay"
]
},
"locked": {
"lastModified": 1741118843,
"narHash": "sha256-ggXU3RHv6NgWw+vc+HO4/9n0GPufhTIUjVuLci8Za8c=",
"owner": "oxalica",
"repo": "nil",
"rev": "577d160da311cc7f5042038456a0713e9863d09e",
"lastModified": 1776882296,
"narHash": "sha256-DWZozXwMsgvUqfVlL1mQ8dOxW7GJ/8CdyaDN+1niZRg=",
"owner": "feel-co",
"repo": "ndg",
"rev": "ab7d78d4884b3a34968cf9fa3d16c0c1246d5c6e",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "nil",
"owner": "feel-co",
"ref": "refs/tags/v2.6.0",
"repo": "ndg",
"type": "github"
}
},
"nix-darwin": {
"inputs": {
"nixpkgs": "nixpkgs_2"
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1761339987,
"narHash": "sha256-IUaawVwItZKi64IA6kF6wQCLCzpXbk2R46dHn8sHkig=",
"lastModified": 1775037210,
"narHash": "sha256-KM2WYj6EA7M/FVZVCl3rqWY+TFV5QzSyyGE2gQxeODU=",
"owner": "LnL7",
"repo": "nix-darwin",
"rev": "7cd9aac79ee2924a85c211d21fafd394b06a38de",
"rev": "06648f4902343228ce2de79f291dd5a58ee12146",
"type": "github"
},
"original": {
@ -132,13 +170,29 @@
"type": "github"
}
},
"nixos-hardware": {
"locked": {
"lastModified": 1775490113,
"narHash": "sha256-2ZBhDNZZwYkRmefK5XLOusCJHnoeKkoN95hoSGgMxWM=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "c775c2772ba56e906cbeb4e0b2db19079ef11ff7",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "master",
"repo": "nixos-hardware",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1752596105,
"narHash": "sha256-lFNVsu/mHLq3q11MuGkMhUUoSXEdQjCHvpReaGP1S2k=",
"lastModified": 1765934234,
"narHash": "sha256-pJjWUzNnjbIAMIc5gRFUuKCDQ9S1cuh3b2hKgA7Mc4A=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "dab3a6e781554f965bde3def0aa2fda4eb8f1708",
"rev": "af84f9d270d404c17699522fab95bbf928a2d92f",
"type": "github"
},
"original": {
@ -150,23 +204,11 @@
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1730504152,
"narHash": "sha256-lXvH/vOfb4aGYyvFmZK/HlsNsr/0CVWlwYvo2rxJk3s=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/cc2f28000298e1269cea6612cd06ec9979dd5d7f.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/cc2f28000298e1269cea6612cd06ec9979dd5d7f.tar.gz"
}
},
"nixpkgs-lib_2": {
"locked": {
"lastModified": 1740877520,
"narHash": "sha256-oiwv/ZK/2FhGxrCkQkB83i7GnWXPPLzoqFHpDD3uYpk=",
"lastModified": 1777168982,
"narHash": "sha256-GOkGPcboWE9BmGCRMLX3worL4EMnsnG8MyKmXNeYuhQ=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "147dee35aab2193b174e4c0868bd80ead5ce755c",
"rev": "f5901329dade4a6ea039af1433fb087bd9c1fe14",
"type": "github"
},
"original": {
@ -177,27 +219,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1747728033,
"narHash": "sha256-NnXFQu7g4LnvPIPfJmBuZF7LFy/fey2g2+LCzjQhTUk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "2f9173bde1d3fbf1ad26ff6d52f952f9e9da52ea",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1761114652,
"narHash": "sha256-f/QCJM/YhrV/lavyCVz8iU3rlZun6d+dAiC3H+CDle4=",
"lastModified": 1775710090,
"narHash": "sha256-ar3rofg+awPB8QXDaFJhJ2jJhu+KqN/PRCXeyuXR76E=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "01f116e4df6a15f4ccdffb1bcd41096869fb385c",
"rev": "4c1018dae018162ec878d42fec712642d214fdfa",
"type": "github"
},
"original": {
@ -207,13 +233,29 @@
"type": "github"
}
},
"nixpkgs_4": {
"nixpkgs_3": {
"locked": {
"lastModified": 1760596604,
"narHash": "sha256-J/i5K6AAz/y5dBePHQOuzC7MbhyTOKsd/GLezSbEFiM=",
"lastModified": 1775036866,
"narHash": "sha256-ZojAnPuCdy657PbTq5V0Y+AHKhZAIwSIT2cb8UgAz/U=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3cbe716e2346710d6e1f7c559363d14e11c32a43",
"rev": "6201e203d09599479a3b3450ed24fa81537ebc4e",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1775888245,
"narHash": "sha256-nwASzrRDD1JBEu/o8ekKYEXm/oJW6EMCzCRdrwcLe90=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "13043924aaa7375ce482ebe2494338e058282925",
"type": "github"
},
"original": {
@ -225,11 +267,11 @@
},
"nixpkgs_5": {
"locked": {
"lastModified": 1744098102,
"narHash": "sha256-tzCdyIJj9AjysC3OuKA+tMD/kDEDAF9mICPDU7ix0JA=",
"lastModified": 1777578337,
"narHash": "sha256-Ad49moKWeXtKBJNy2ebiTQUEgdLyvGmTeykAQ9xM+Z4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c8cd81426f45942bb2906d5ed2fe21d2f19d95b7",
"rev": "15f4ee454b1dce334612fa6843b3e05cf546efab",
"type": "github"
},
"original": {
@ -241,16 +283,16 @@
},
"nixpkgs_6": {
"locked": {
"lastModified": 1743076231,
"narHash": "sha256-yQugdVfi316qUfqzN8JMaA2vixl+45GxNm4oUfXlbgw=",
"lastModified": 1774386573,
"narHash": "sha256-4hAV26quOxdC6iyG7kYaZcM3VOskcPUrdCQd/nx8obc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "6c5963357f3c1c840201eda129a99d455074db04",
"rev": "46db2e09e1d3f113a13c0d7b81e2f221c63b8ce9",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
@ -259,14 +301,15 @@
"inputs": {
"nixpkgs": [
"nixpkgs"
]
],
"noctalia-qs": "noctalia-qs"
},
"locked": {
"lastModified": 1769187095,
"narHash": "sha256-1EpJcnYSIpkHnMChluK6LoDtOkjkPOl/zqhZyqGefqs=",
"lastModified": 1776240823,
"narHash": "sha256-QAdipw26rtLJWKY7EWX7k+pyvCQwF4+PObggxWbiT74=",
"owner": "noctalia-dev",
"repo": "noctalia-shell",
"rev": "ee2e9cdb0c7618e00d4c78b359d461733416a673",
"rev": "76b03be48965cb01faabe167f80a8995fb76a92e",
"type": "github"
},
"original": {
@ -275,21 +318,44 @@
"type": "github"
}
},
"noctalia-qs": {
"inputs": {
"nixpkgs": [
"noctalia",
"nixpkgs"
],
"systems": "systems",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1775957204,
"narHash": "sha256-d4CVRtAty2GzDYXx4xYQmR+nlOjjKovyprQfZhgLckU=",
"owner": "noctalia-dev",
"repo": "noctalia-qs",
"rev": "68e82fe34c68ee839a9c37e3466820e266af0c86",
"type": "github"
},
"original": {
"owner": "noctalia-dev",
"repo": "noctalia-qs",
"type": "github"
}
},
"nvf": {
"inputs": {
"flake-compat": "flake-compat",
"flake-parts": "flake-parts_2",
"flake-utils": "flake-utils",
"mnw": "mnw",
"nil": "nil",
"ndg": "ndg",
"nixpkgs": "nixpkgs_6",
"systems": "systems_2"
"systems": "systems_3"
},
"locked": {
"lastModified": 1744192993,
"narHash": "sha256-dvMcjQ2yKD21qnP6ylgo5Gj6d0FYKvATe6S6Zf8X0J4=",
"lastModified": 1777837065,
"narHash": "sha256-uRD6a4uNno3SsAw0E0E6xqbiK7pX63Ad1F37q5fyz9g=",
"owner": "notashelf",
"repo": "nvf",
"rev": "67d9aa7cb585b315473b9558c307db5ccdc9f9bb",
"rev": "7ec206a5d9a7d5d27900d81a6bb382823902276d",
"type": "github"
},
"original": {
@ -298,49 +364,48 @@
"type": "github"
}
},
"prixdugaz": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1777505579,
"narHash": "sha256-e1oq8b4hFTH/C2zyGdRB4X4BdFg+wrf3yw7JjHav++w=",
"ref": "refs/heads/main",
"rev": "ed8b91db4647564f21b376fea6390c1167dcc027",
"revCount": 35,
"type": "git",
"url": "ssh://git@github.com/Polensky/prixdugaz"
},
"original": {
"type": "git",
"url": "ssh://git@github.com/Polensky/prixdugaz"
}
},
"root": {
"inputs": {
"disko": "disko",
"home-manager": "home-manager",
"nix-darwin": "nix-darwin",
"nixpkgs": "nixpkgs_3",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_2",
"noctalia": "noctalia",
"prixdugaz": "prixdugaz",
"sops-nix": "sops-nix",
"vimix": "vimix"
}
},
"rust-overlay": {
"inputs": {
"nixpkgs": [
"vimix",
"nvf",
"nil",
"nixpkgs"
]
},
"locked": {
"lastModified": 1741055476,
"narHash": "sha256-52vwEV0oS2lCnx3c/alOFGglujZTLmObit7K8VblnS8=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "aefb7017d710f150970299685e8d8b549d653649",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1760998189,
"narHash": "sha256-ee2e1/AeGL5X8oy/HXsZQvZnae6XfEVdstGopKucYLY=",
"lastModified": 1776119890,
"narHash": "sha256-Zm6bxLNnEOYuS/SzrAGsYuXSwk3cbkRQZY0fJnk8a5M=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "5a7d18b5c55642df5c432aadb757140edfeb70b3",
"rev": "d4971dd58c6627bfee52a1ad4237637c0a2fb0cd",
"type": "github"
},
"original": {
@ -351,16 +416,16 @@
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"repo": "default-linux",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"repo": "default-linux",
"type": "github"
}
},
@ -379,6 +444,43 @@
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"noctalia",
"noctalia-qs",
"nixpkgs"
]
},
"locked": {
"lastModified": 1775636079,
"narHash": "sha256-pc20NRoMdiar8oPQceQT47UUZMBTiMdUuWrYu2obUP0=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "790751ff7fd3801feeaf96d7dc416a8d581265ba",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"vimix": {
"inputs": {
"flake-parts": "flake-parts",
@ -386,11 +488,11 @@
"nvf": "nvf"
},
"locked": {
"lastModified": 1752113669,
"narHash": "sha256-Szf9YJ9u51zK7tGdX39e/7mGjgFX8oa5S/ro6+AoJlY=",
"lastModified": 1777899228,
"narHash": "sha256-BtBQzhkhBEIpPfx6gEOo84tIPQmJecqSE3WyDvCfE3Y=",
"owner": "Polensky",
"repo": "vimix",
"rev": "7dc2e5e1050ca567809a228eacc8da381778cc05",
"rev": "1bc9e35738fb9dc50ef0935bc9c03f734dd8426b",
"type": "github"
},
"original": {

32
flake.nix
View file

@ -10,20 +10,26 @@
url = "github:noctalia-dev/noctalia-shell";
inputs.nixpkgs.follows = "nixpkgs";
};
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
prixdugaz.url = "git+ssh://git@github.com/Polensky/prixdugaz";
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
};
outputs = {
nixpkgs,
nix-darwin,
sops-nix,
disko,
...
} @ inputs: {
outputs = { nixpkgs, nix-darwin, sops-nix, disko, home-manager
, nixos-hardware, ... }@inputs: {
nixosConfigurations = {
default = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs; };
system = "x86_64-linux";
modules = [
nixos-hardware.nixosModules.dell-xps-13-9370
./devices/xps13/configuration.nix
./modules
];
@ -31,26 +37,22 @@
latoure = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs; };
system = "x86_64-linux";
modules = [
./devices/latoure/configuration.nix
./modules
];
modules = [ ./devices/latoure/configuration.nix ./modules ];
};
asus = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs; };
system = "x86_64-linux";
modules = [
./devices/asus/configuration.nix
./modules
];
modules = [ ./devices/asus/configuration.nix ./modules ];
};
server = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs; };
system = "x86_64-linux";
modules = [
disko.nixosModules.disko
sops-nix.nixosModules.sops
./devices/server/configuration.nix
./modules
inputs.prixdugaz.nixosModules.default
];
};
pi = nixpkgs.lib.nixosSystem {

6
modules/default.nix
View file

@ -1,5 +1 @@
{...}: {
imports = [
./pocketbase.nix
];
}
{ ... }: { imports = [ ./pocketbase.nix ]; }

28
modules/pocketbase.nix
View file

@ -1,10 +1,5 @@
{
config,
pkgs,
lib,
...
}: let
cfg = config.services.pocketbase;
{ config, pkgs, lib, ... }:
let cfg = config.services.pocketbase;
in {
options.services.pocketbase = {
enable = lib.mkEnableOption "PocketBase backend";
@ -12,7 +7,8 @@ in {
dataDir = lib.mkOption {
type = lib.types.path;
default = "/var/lib/pocketbase";
description = "Working directory containing the PocketBase binary and data.";
description =
"Working directory containing the PocketBase binary and data.";
};
openFirewall = lib.mkOption {
@ -52,9 +48,8 @@ in {
config = lib.mkIf cfg.enable {
# Optional: ensure the directory exists with proper ownership
systemd.tmpfiles.rules = [
"d ${cfg.dataDir} 0700 ${cfg.user} ${cfg.group} -"
];
systemd.tmpfiles.rules =
[ "d ${cfg.dataDir} 0700 ${cfg.user} ${cfg.group} -" ];
systemd.services.pocketbase = {
description = "PocketBase";
@ -71,7 +66,11 @@ in {
WorkingDirectory = cfg.dataDir;
ExecStart = ''
${lib.getExe cfg.package} serve --dir ${cfg.dataDir}/pb_data --http=0.0.0.0:${toString cfg.port}
${
lib.getExe cfg.package
} serve --dir ${cfg.dataDir}/pb_data --http=0.0.0.0:${
toString cfg.port
}
'';
# Switch to systemd stdout/stderr logging by default
@ -80,8 +79,7 @@ in {
StandardError = "append:${cfg.logFile}";
};
};
networking.firewall = lib.mkIf cfg.openFirewall {
allowedTCPPorts = [cfg.port];
};
networking.firewall =
lib.mkIf cfg.openFirewall { allowedTCPPorts = [ cfg.port ]; };
};
}

42
secrets/secrets.yaml
View file

@ -1,21 +1,37 @@
pi_user_pass: ENC[AES256_GCM,data:X5u07UvEov5eYWks,iv:SPDFU01/5WThCSZjj1pExNZENhmIG2W6LvHfpPH5TS0=,tag:z5bhJ2TrX6Bevd40O1nPxg==,type:str]
luna_telegram_token: ENC[AES256_GCM,data:LWzEamz5SFK4HC+zR+6seTrVsTR0kQGETD6DSHMW3fMeFbUQm6/K+d8mc6Wg7w==,iv:LqvyTIkniNiqEAK76+Uqq4cYHnddmjMId+HQBjHk68o=,tag:knP6aqkLwGeEIAYMyET3Xg==,type:str]
luna_gateway_token: ENC[AES256_GCM,data:NV13qS8Vj0/HcvPM34Z90kFBoezpKeyhYKIWfU8zkHbOK7pHkl8yNACmUBszgjhbP4baqmO61isd94TxN4AjoA==,iv:j+9SfQoRMWeZbCjAm6/D5hwDBLl/0IOyu34DYphWz2o=,tag:od78mpifFMajv9eQfmnp1w==,type:str]
ollama_api_key: ENC[AES256_GCM,data:ZaTeAcipRZBsZ0krHhc/UNZ0+P4AaA2aT3WHGKkg4PaikYB+TWXPGYV+BjTbn2KOXynabwwNwIyT,iv:Po25iPPd7VlYfaYqtDrLEbjZBdJ7af8mgEW8tYgs3iM=,tag:CMl2ECJxRTIB+AFND+9tKQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1x8qsd7kxxjvan4psvnvua3r0emljsnq07agxnu6jqw56ky8z6faqyjq0e3
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxN2ZzTUpSeWRWejVxVm4y
dzF3MU9DOTBTZUF0Y3I2SUVURGZCZDBqTVV3ClNwL29hejN2OFdVaHk2TEppNWFj
V3NYcEM4RHNyWUszWFlLa2pXa2FyVmsKLS0tIExOL254cGh4RkJDandqZzJ2RjRi
b3AxOTd2VmdHdXd5c3NNTkJoYW12bUUKbX199Z7jI6nornm0erzm7dSQ+XuxAnXb
glw60TnUSnLUWIHTTx/jVSRR4uO5I6FzxUUfVJ2BMOn/eUNa5BJ70A==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzRy9DblE4WnhEc1kvcjcw
ZVBEeVVoRUMxNUZ6Q09QZXdYcEZaSGp0UHpFCnc3UnZOZThLdDYwN05GUjJqYnhK
Z0tZMXo2N0J4R2ZPLzRLcS83QVRBZncKLS0tICs3dDVIV0s2ZTRBQk5wMVE3WjVP
NENYZHlvR3U3Um5XWm90RW01eEM3eHMKewyXEa9TInEFz65LoDo8BHBdjibdYF4r
DGQtPlYF5yuVd8PVMATxMBhs/6hXJLfK2Y54NEeJo2gydyq11Lpm2Q==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-11-07T04:04:03Z"
mac: ENC[AES256_GCM,data:7UGKhfZg3SNg1f74nQiax4F7CB8NC12uIpTlQDtb8d1iiu5AdPZHwzlkpXbzkIp26g61pI8qXcvdjmToWjaWzsbUZ2Mo8/HEzOtV8HzxAeQFAyYBhIFAS0q0WzN/yijI7fQeHKnhZ/YCUuHQAZ94bBBSnkVTVOKf6mR7Pu1klr4=,iv:DzOwKxrcJse6yyOw+l7+wgEGBI36HWnebLE7js4VRiE=,tag:BIR67kZzZJZo+Kfie4wIvw==,type:str]
pgp: []
- recipient: age1y2s7ah49jmhd8n05q7tw0gjcnv3390s0uxp3ewjqueekq7a7rvdqzytgd2
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGMlBaWURCSTd6cjRYTTB1
VWQvTHBFaDgrMFRpb0crRld6ZjVOUXkrb0cwCnFpcE1nSERwUlowRW54SnEwTk9u
S2N1Rm9kUCtWM3pEWmh1aE1HU3oxT1UKLS0tIE5HSXdFT29XazloR0VjVDVqQWVq
RURoYXdtZFh2djVaem15Qjk4UFhBOEEKEjAuKJ8vpVKoBO8ioyH4EcXVmEkfwrQh
JtDzik9QwZgUNdamWu5BhDlNA1Jmu87VYchhR4CXIS5OG4ticUqr7g==
-----END AGE ENCRYPTED FILE-----
- recipient: age107mmu7nkjfpm7ygp25zpj69m06ftckc9gh7a37umkjq0y7ac34msd6uj3u
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBodExKajhTZzRZdWlXWG9n
V09sRDZrK0gvaDI4TmtzUmR0cUF0OFl1OGxJCmNUMk5aWkV3LzYzeTJJMDFlR0p4
Qlp0STk4dFN3WGswb05BRHlOQit2VGMKLS0tIGJTVkp0Y1Yrd2pqMm1yUlJaYkMy
TzlCMWpMQ1hRMTRObWNyN2Q0YWtsZmcKFHVmvu6U0Qw+EUsBEmdST2cyQ3rZyh6w
62vmALGxE2NWDYQmwtHJmYqeO14HHEDclUErQiCmUt+hLgOLF2MxwA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2026-04-09T02:00:03Z"
mac: ENC[AES256_GCM,data:2/JIsd2iOg2yTMzxwnVuk1pKxNJy80g09SgcCLLP0rwziKNORELQw5z8ipgVxRee2irqPSNFsAPfvjQFnq3nGOKuf1zbSATOzt4yySWigS7Q7il1OEtf6rdNXPruTQU+R8R3ZpqE0IhYZ1iPyCU+vIlBdHzgLEThdnQeWE3XvAc=,iv:Xc7uCgvHysg3w/fAC1aPLozU1tROcywRlWQLS/kUCYQ=,tag:c5NF6cjqaCJ8r6tfPVuUxw==,type:str]
unencrypted_suffix: _unencrypted
version: 3.8.1
version: 3.11.0