mirror of
https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git
synced 2024-12-04 19:40:07 +01:00
Merge pull request 'Run statix' (!54) from statix into main
Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/54 Reviewed-by: Daniel Lovbrotte Olsen <danio@pvv.ntnu.no>
This commit is contained in:
commit
261c8e0811
@ -37,7 +37,7 @@
|
|||||||
"aarch64-linux"
|
"aarch64-linux"
|
||||||
"aarch64-darwin"
|
"aarch64-darwin"
|
||||||
];
|
];
|
||||||
forAllSystems = f: nixlib.genAttrs systems (system: f system);
|
forAllSystems = f: nixlib.genAttrs systems f;
|
||||||
allMachines = nixlib.mapAttrsToList (name: _: name) self.nixosConfigurations;
|
allMachines = nixlib.mapAttrsToList (name: _: name) self.nixosConfigurations;
|
||||||
importantMachines = [
|
importantMachines = [
|
||||||
"bekkalokk"
|
"bekkalokk"
|
||||||
|
@ -879,7 +879,7 @@ let
|
|||||||
|
|
||||||
inherit (pkgs) pam_krb5 pam_ccreds;
|
inherit (pkgs) pam_krb5 pam_ccreds;
|
||||||
|
|
||||||
use_ldap = (config.users.ldap.enable && config.users.ldap.loginPam);
|
use_ldap = config.users.ldap.enable && config.users.ldap.loginPam;
|
||||||
pam_ldap = if config.users.ldap.daemon.enable then pkgs.nss_pam_ldapd else pkgs.pam_ldap;
|
pam_ldap = if config.users.ldap.daemon.enable then pkgs.nss_pam_ldapd else pkgs.pam_ldap;
|
||||||
|
|
||||||
# Create a limits.conf(5) file.
|
# Create a limits.conf(5) file.
|
||||||
@ -1510,7 +1510,7 @@ in
|
|||||||
it complains "Cannot create session: Already running in a
|
it complains "Cannot create session: Already running in a
|
||||||
session". */
|
session". */
|
||||||
runuser-l = { rootOK = true; unixAuth = false; };
|
runuser-l = { rootOK = true; unixAuth = false; };
|
||||||
} // optionalAttrs (config.security.pam.enableFscrypt) {
|
} // optionalAttrs config.security.pam.enableFscrypt {
|
||||||
# Allow fscrypt to verify login passphrase
|
# Allow fscrypt to verify login passphrase
|
||||||
fscrypt = {};
|
fscrypt = {};
|
||||||
};
|
};
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
services.mjolnir = {
|
services.mjolnir = {
|
||||||
enable = true;
|
enable = true;
|
||||||
pantalaimon.enable = false;
|
pantalaimon.enable = false;
|
||||||
homeserverUrl = http://127.0.0.1:8008;
|
homeserverUrl = "http://127.0.0.1:8008";
|
||||||
accessTokenFile = config.sops.secrets."matrix/mjolnir/access_token".path;
|
accessTokenFile = config.sops.secrets."matrix/mjolnir/access_token".path;
|
||||||
managementRoom = "!gsdeCoWjvYRBrzuiRq:pvv.ntnu.no";
|
managementRoom = "!gsdeCoWjvYRBrzuiRq:pvv.ntnu.no";
|
||||||
protectedRooms = map (a: "https://matrix.to/#/${a}") [
|
protectedRooms = map (a: "https://matrix.to/#/${a}") [
|
||||||
|
@ -143,10 +143,10 @@ in {
|
|||||||
services.redis.servers."".enable = true;
|
services.redis.servers."".enable = true;
|
||||||
|
|
||||||
services.nginx.virtualHosts."matrix.pvv.ntnu.no" = lib.mkMerge [
|
services.nginx.virtualHosts."matrix.pvv.ntnu.no" = lib.mkMerge [
|
||||||
({
|
{
|
||||||
kTLS = true;
|
kTLS = true;
|
||||||
})
|
}
|
||||||
({
|
{
|
||||||
locations."/.well-known/matrix/server" = {
|
locations."/.well-known/matrix/server" = {
|
||||||
return = ''
|
return = ''
|
||||||
200 '{"m.server": "matrix.pvv.ntnu.no:443"}'
|
200 '{"m.server": "matrix.pvv.ntnu.no:443"}'
|
||||||
@ -156,16 +156,16 @@ in {
|
|||||||
add_header Access-Control-Allow-Origin *;
|
add_header Access-Control-Allow-Origin *;
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
})
|
}
|
||||||
({
|
{
|
||||||
locations = let
|
locations = let
|
||||||
connectionInfo = w: matrix-lib.workerConnectionResource "metrics" w;
|
connectionInfo = w: matrix-lib.workerConnectionResource "metrics" w;
|
||||||
socketAddress = w: let c = connectionInfo w; in "${c.host}:${toString (c.port)}";
|
socketAddress = w: let c = connectionInfo w; in "${c.host}:${toString c.port}";
|
||||||
|
|
||||||
metricsPath = w: "/metrics/${w.type}/${toString w.index}";
|
metricsPath = w: "/metrics/${w.type}/${toString w.index}";
|
||||||
proxyPath = w: "http://${socketAddress w}/_synapse/metrics";
|
proxyPath = w: "http://${socketAddress w}/_synapse/metrics";
|
||||||
in lib.mapAttrs' (n: v: lib.nameValuePair
|
in lib.mapAttrs' (n: v: lib.nameValuePair
|
||||||
(metricsPath v) ({
|
(metricsPath v) {
|
||||||
proxyPass = proxyPath v;
|
proxyPass = proxyPath v;
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
allow ${values.hosts.ildkule.ipv4};
|
allow ${values.hosts.ildkule.ipv4};
|
||||||
@ -174,10 +174,10 @@ in {
|
|||||||
allow ${values.hosts.ildkule.ipv6_global};
|
allow ${values.hosts.ildkule.ipv6_global};
|
||||||
deny all;
|
deny all;
|
||||||
'';
|
'';
|
||||||
}))
|
})
|
||||||
cfg.workers.instances;
|
cfg.workers.instances;
|
||||||
})
|
}
|
||||||
({
|
{
|
||||||
locations."/metrics/master/1" = {
|
locations."/metrics/master/1" = {
|
||||||
proxyPass = "http://127.0.0.1:9000/_synapse/metrics";
|
proxyPass = "http://127.0.0.1:9000/_synapse/metrics";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
@ -202,5 +202,5 @@ in {
|
|||||||
labels = { };
|
labels = { };
|
||||||
}]) + "/";
|
}]) + "/";
|
||||||
};
|
};
|
||||||
})];
|
}];
|
||||||
}
|
}
|
||||||
|
@ -34,13 +34,13 @@ in {
|
|||||||
{
|
{
|
||||||
name = "Ildkule Prometheus";
|
name = "Ildkule Prometheus";
|
||||||
type = "prometheus";
|
type = "prometheus";
|
||||||
url = ("http://${config.services.prometheus.listenAddress}:${toString config.services.prometheus.port}");
|
url = "http://${config.services.prometheus.listenAddress}:${toString config.services.prometheus.port}";
|
||||||
isDefault = true;
|
isDefault = true;
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
name = "Ildkule loki";
|
name = "Ildkule loki";
|
||||||
type = "loki";
|
type = "loki";
|
||||||
url = ("http://${config.services.loki.configuration.server.http_listen_address}:${toString config.services.loki.configuration.server.http_listen_port}");
|
url = "http://${config.services.loki.configuration.server.http_listen_address}:${toString config.services.loki.configuration.server.http_listen_port}";
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
dashboards.settings.providers = [
|
dashboards.settings.providers = [
|
||||||
|
@ -3,6 +3,7 @@ pkgs.mkShellNoCC {
|
|||||||
packages = with pkgs; [
|
packages = with pkgs; [
|
||||||
sops
|
sops
|
||||||
gnupg
|
gnupg
|
||||||
|
statix
|
||||||
openstackclient
|
openstackclient
|
||||||
];
|
];
|
||||||
|
|
||||||
|
24
statix.toml
Normal file
24
statix.toml
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
ignore = [".direnv"]
|
||||||
|
nix_version = '2.18' # '2.4'
|
||||||
|
disabled = [
|
||||||
|
# "bool_comparison", # W01
|
||||||
|
# "empty_let_in", # W02
|
||||||
|
"manual_inherit", # W03
|
||||||
|
"manual_inherit_from", # W04
|
||||||
|
# "legacy_let_syntax", # W05
|
||||||
|
"collapsible_let_in", # W06
|
||||||
|
# "eta_reduction", # W07
|
||||||
|
# "useless_parens", # W08
|
||||||
|
"empty_pattern", # W10
|
||||||
|
# "redundant_pattern_bind", # W11
|
||||||
|
# "unquoted_uri", # W12
|
||||||
|
# "deprecated_is_null", # W13
|
||||||
|
# "empty_inherit", # W14
|
||||||
|
# "faster_groupby", # W15
|
||||||
|
# "faster_zipattrswith", # W16
|
||||||
|
# "deprecated_to_path", # W17
|
||||||
|
# "bool_simplification", # W18
|
||||||
|
# "useless_has_attr", # W19
|
||||||
|
"repeated_keys", # W20
|
||||||
|
"empty_list_concat", # W23
|
||||||
|
]
|
Loading…
Reference in New Issue
Block a user