mirror of
https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git
synced 2026-01-11 18:08:25 +01:00
Compare commits
1 Commits
2c9d636a21
...
ozai-prod
| Author | SHA1 | Date | |
|---|---|---|---|
|
46159eec9a |
23
flake.lock
generated
23
flake.lock
generated
@@ -107,16 +107,15 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1717234745,
|
||||
"narHash": "sha256-MFyKRdw4WQD6V3vRGbP6MYbtJhZp712zwzjW6YiOBYM=",
|
||||
"lastModified": 1710311999,
|
||||
"narHash": "sha256-s0pT1NyrMgeolUojXXcnXQDymN7m80GTF7itCv0ZH20=",
|
||||
"owner": "dali99",
|
||||
"repo": "nixos-matrix-modules",
|
||||
"rev": "d7dc42c9bbb155c5e4aa2f0985d0df75ce978456",
|
||||
"rev": "6c9b67974b839740e2a738958512c7a704481157",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "dali99",
|
||||
"ref": "v0.6.0",
|
||||
"repo": "nixos-matrix-modules",
|
||||
"type": "github"
|
||||
}
|
||||
@@ -143,16 +142,16 @@
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1719520878,
|
||||
"narHash": "sha256-5BXzNOl2RVHcfS/oxaZDKOi7gVuTyWPibQG0DHd5sSc=",
|
||||
"lastModified": 1715410392,
|
||||
"narHash": "sha256-ltp1jQps9tym0uWNl/lTniHSQngCtNIyzlymu+ZSyts=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "a44bedbb48c367f0476e6a3a27bf28f6330faf23",
|
||||
"rev": "9f8bf7503bd85d5208575f4bd81c8b1fc999a468",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "nixpkgs",
|
||||
"ref": "nixos-24.05-small",
|
||||
"ref": "nixos-23.11-small",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
@@ -214,11 +213,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1718404592,
|
||||
"narHash": "sha256-Ud8pD0mxmbfvwBXKy2q3Yp8r1EofaTcodZtI3fbnfDY=",
|
||||
"lastModified": 1716150352,
|
||||
"narHash": "sha256-c13lzYbLmbrcbEdPTYZYtlX2Qsz1W+2sLsIMGShPgwo=",
|
||||
"ref": "refs/heads/master",
|
||||
"rev": "6e4a79ed3ddae8dfc80eb8af1789985d07bcf297",
|
||||
"revCount": 463,
|
||||
"rev": "2cab4df4b119e08a1f90ea1c944652cd78b4d478",
|
||||
"revCount": 459,
|
||||
"type": "git",
|
||||
"url": "https://git.pvv.ntnu.no/Projects/nettsiden.git"
|
||||
},
|
||||
|
||||
19
flake.nix
19
flake.nix
@@ -2,7 +2,7 @@
|
||||
description = "PVV System flake";
|
||||
|
||||
inputs = {
|
||||
nixpkgs.url = "nixpkgs/nixos-24.05-small";
|
||||
nixpkgs.url = "nixpkgs/nixos-23.11-small";
|
||||
nixpkgs-unstable.url = "nixpkgs/nixos-unstable-small";
|
||||
|
||||
sops-nix.url = "github:Mic92/sops-nix";
|
||||
@@ -17,7 +17,7 @@
|
||||
pvv-calendar-bot.url = "git+https://git.pvv.ntnu.no/Projects/calendar-bot.git";
|
||||
pvv-calendar-bot.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
matrix-next.url = "github:dali99/nixos-matrix-modules/v0.6.0";
|
||||
matrix-next.url = "github:dali99/nixos-matrix-modules";
|
||||
matrix-next.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
nix-gitea-themes.url = "git+https://git.pvv.ntnu.no/oysteikt/nix-gitea-themes.git";
|
||||
@@ -27,9 +27,15 @@
|
||||
grzegorz.inputs.nixpkgs.follows = "nixpkgs-unstable";
|
||||
grzegorz-clients.url = "github:Programvareverkstedet/grzegorz-clients";
|
||||
grzegorz-clients.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
ozai.url = "git+https://git.pvv.ntnu.no/Projects/ozai.git";
|
||||
ozai.inputs.nixpkgs.follows = "nixpkgs";
|
||||
ozai-webui.url = "git+https://git.pvv.ntnu.no/adriangl/ozai-webui.git";
|
||||
ozai-webui.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
};
|
||||
|
||||
outputs = { self, nixpkgs, nixpkgs-unstable, pvv-nettsiden, sops-nix, disko, ... }@inputs:
|
||||
outputs = { self, nixpkgs, nixpkgs-unstable, pvv-nettsiden, sops-nix, disko, ozai, ozai-webui, ... }@inputs:
|
||||
let
|
||||
nixlib = nixpkgs.lib;
|
||||
systems = [
|
||||
@@ -121,7 +127,12 @@
|
||||
inputs.grzegorz-clients.nixosModules.grzegorz-webui
|
||||
];
|
||||
};
|
||||
buskerud = stableNixosConfig "buskerud" { };
|
||||
buskerud = stableNixosConfig "buskerud" {
|
||||
modules = [
|
||||
ozai.nixosModules.ozai
|
||||
ozai-webui.nixosModules.ozai-webui
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
devShells = forAllSystems (system: {
|
||||
|
||||
@@ -28,7 +28,7 @@ in {
|
||||
database = {
|
||||
type = "postgres";
|
||||
host = "postgres.pvv.ntnu.no";
|
||||
port = config.services.postgresql.settings.port;
|
||||
port = config.services.postgresql.port;
|
||||
passwordFile = config.sops.secrets."gitea/database".path;
|
||||
createDatabase = false;
|
||||
};
|
||||
|
||||
@@ -1,5 +1,18 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
#######################
|
||||
# TODO: remove these once nixos 24.05 gets released
|
||||
#######################
|
||||
imports = [
|
||||
./krb5.nix
|
||||
./pam.nix
|
||||
];
|
||||
disabledModules = [
|
||||
"config/krb5/default.nix"
|
||||
"security/pam.nix"
|
||||
];
|
||||
#######################
|
||||
|
||||
security.krb5 = {
|
||||
enable = true;
|
||||
settings = {
|
||||
|
||||
@@ -4,8 +4,8 @@
|
||||
./hardware-configuration.nix
|
||||
../../base.nix
|
||||
../../misc/metrics-exporters.nix
|
||||
|
||||
./services/libvirt.nix
|
||||
|
||||
./services/ozai.nix
|
||||
];
|
||||
|
||||
# buskerud does not support efi?
|
||||
|
||||
@@ -1,10 +0,0 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
virtualisation.libvirtd.enable = true;
|
||||
programs.dconf.enable = true;
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
|
||||
# On a gui-enabled machine, connect with:
|
||||
# $ virt-manager --connect "qemu+ssh://buskerud/system?socket=/var/run/libvirt/libvirt-sock"
|
||||
}
|
||||
|
||||
33
hosts/buskerud/services/ozai.nix
Normal file
33
hosts/buskerud/services/ozai.nix
Normal file
@@ -0,0 +1,33 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
let
|
||||
domain = "buskerud.pvv.ntnu.no";
|
||||
in
|
||||
{
|
||||
|
||||
services.ozai = {
|
||||
enable = true;
|
||||
host = "0.0.0.0";
|
||||
port = 8000;
|
||||
};
|
||||
|
||||
services.ozai-webui = {
|
||||
enable = true;
|
||||
port = 8080;
|
||||
host = "0.0.0.0";
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."${domain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/azul/" = {
|
||||
proxyWebsockets = true;
|
||||
proxyPass = "http://${config.services.ozai-webui.host}:${config.services.ozai-webui.port}";
|
||||
};
|
||||
locations."/ozai/" = {
|
||||
proxyWebsockets = true;
|
||||
proxyPass = "http://${config.services.ozai.host}:${config.services.ozai.port}";
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
}
|
||||
@@ -50,6 +50,7 @@ in {
|
||||
boltdb_shipper = {
|
||||
active_index_directory = "/var/lib/loki/boltdb-shipper-index";
|
||||
cache_location = "/var/lib/loki/boltdb-shipper-cache";
|
||||
shared_store = "filesystem";
|
||||
cache_ttl = "24h";
|
||||
};
|
||||
filesystem = {
|
||||
@@ -58,13 +59,14 @@ in {
|
||||
};
|
||||
|
||||
limits_config = {
|
||||
allow_structured_metadata = false;
|
||||
enforce_metric_name = false;
|
||||
reject_old_samples = true;
|
||||
reject_old_samples_max_age = "72h";
|
||||
};
|
||||
|
||||
compactor = {
|
||||
working_directory = "/var/lib/loki/compactor";
|
||||
shared_store = "filesystem";
|
||||
};
|
||||
|
||||
# ruler = {
|
||||
|
||||
@@ -1,12 +1,8 @@
|
||||
{ pkgs, lib, config, ... }:
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
users.users.felixalb = {
|
||||
isNormalUser = true;
|
||||
extraGroups = [
|
||||
"wheel"
|
||||
] ++ lib.optionals ( config.users.groups ? "libvirtd" ) [
|
||||
"libvirtd"
|
||||
];
|
||||
extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
|
||||
shell = pkgs.zsh;
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDKzPICGew7uN0cmvRmbwkwTCodTBUgEhkoftQnZuO4Q felixalbrigtsen@gmail.com"
|
||||
|
||||
Reference in New Issue
Block a user