polsevev/homelab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

WOrked some more

Browse source
This commit is contained in:
Rolf Martin Glomsrud 2025-04-06 20:39:50 +02:00
parent a38f4d30a2
commit 340b58c5bb
3 changed files with 250 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
nixos/hephaestus/configuration.nix
View file

@ -52,11 +52,12 @@
}; };
users.users.ansible = { users.users.ansible = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" "sudo" ]; extraGroups = [ "wheel" "networkmanager" "sudo" "docker"];
packages = with pkgs; [ ]; packages = with pkgs; [ ];
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAGKOGZKJO31YZem1OTZtIg3fKaatbFmqmRNRD+K9GpX rgl002@student.uib.no"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHlpPX7ogQo0dG0Ze4VSsAAJO+Z7w/wxGFZ+vuTHwDT9 forgejo-runner" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHlpPX7ogQo0dG0Ze4VSsAAJO+Z7w/wxGFZ+vuTHwDT9 forgejo-runner"
"sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBDpeouwzFZoYA7AYARaJ/qdQHORJB2h1V73PXQYEAI7sDrc3kYwgZPbrZ3pGkGKaHBl45kiV6SYsC7191OCwIl8AAAAEc3NoOg== A"
"sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBHlAtX4mBifZZ8u6sJckCgA6skwN7aamVK+lQuXLQ6kQWJy7GlEXEmoR9RW/0UIrQYLC+wd8Q5MROkYpn+cHLSoAAAAEc3NoOg== B"
]; ];
}; };
security.sudo.wheelNeedsPassword = false; security.sudo.wheelNeedsPassword = false;
@ -69,6 +70,7 @@
vim vim
tailscale tailscale
python3 python3
git
]; ];
nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
@ -81,7 +83,7 @@
# }; # };
# List services that you want to enable: # List services that you want to enable:
virtualisation.docker.enable = true;
services.tailscale.enable = true; services.tailscale.enable = true;
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
services.openssh.enable = true; services.openssh.enable = true;

244
nixos/hephaestus/flake.lock
View file

@ -1,6 +1,179 @@
{ {
"nodes": { "nodes": {
"authentik-nix": {
"inputs": {
"authentik-src": "authentik-src",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"flake-utils": "flake-utils",
"napalm": "napalm",
"nixpkgs": "nixpkgs",
"poetry2nix": "poetry2nix",
"systems": "systems"
},
"locked": {
"lastModified": 1743172544,
"narHash": "sha256-I6//hyls5T6Y93IgwbWn5izeT29o+yza4yRgBcmNars=",
"owner": "nix-community",
"repo": "authentik-nix",
"rev": "b4916a86d4e650401e67dc03556eadb4a3cb248a",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "authentik-nix",
"type": "github"
}
},
"authentik-src": {
"flake": false,
"locked": {
"lastModified": 1743169792,
"narHash": "sha256-aaSAlFIc5Gn5PJPVuObi24Y86/3N3yFJVQTx1tV2i2A=",
"owner": "goauthentik",
"repo": "authentik",
"rev": "748a8e560f2eb93f7ec15d6762d4e5931fc1fa2a",
"type": "github"
},
"original": {
"owner": "goauthentik",
"ref": "version/2025.2.3",
"repo": "authentik",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1738453229,
"narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": [
"authentik-nix",
"systems"
]
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"napalm": {
"inputs": {
"flake-utils": [
"authentik-nix",
"flake-utils"
],
"nixpkgs": [
"authentik-nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1725806412,
"narHash": "sha256-lGZjkjds0p924QEhm/r0BhAxbHBJE1xMOldB/HmQH04=",
"owner": "willibutz",
"repo": "napalm",
"rev": "b492440d9e64ae20736d3bec5c7715ffcbde83f5",
"type": "github"
},
"original": {
"owner": "willibutz",
"ref": "avoid-foldl-stack-overflow",
"repo": "napalm",
"type": "github"
}
},
"nix-github-actions": {
"inputs": {
"nixpkgs": [
"authentik-nix",
"poetry2nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1729742964,
"narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=",
"owner": "nix-community",
"repo": "nix-github-actions",
"rev": "e04df33f62cdcf93d73e9a04142464753a16db67",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-github-actions",
"type": "github"
}
},
"nixpkgs": { "nixpkgs": {
"locked": {
"lastModified": 1740367490,
"narHash": "sha256-WGaHVAjcrv+Cun7zPlI41SerRtfknGQap281+AakSAw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0196c0175e9191c474c26ab5548db27ef5d34b05",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1738452942,
"narHash": "sha256-vJzFZGaCpnmo7I6i416HaBLpC+hvcURh/BQwROcGIp8=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
}
},
"nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1739206421, "lastModified": 1739206421,
"narHash": "sha256-PwQASeL2cGVmrtQYlrBur0U20Xy07uSWVnFup2PHnDs=", "narHash": "sha256-PwQASeL2cGVmrtQYlrBur0U20Xy07uSWVnFup2PHnDs=",
@ -16,9 +189,78 @@
"type": "github" "type": "github"
} }
}, },
"poetry2nix": {
"inputs": {
"flake-utils": [
"authentik-nix",
"flake-utils"
],
"nix-github-actions": "nix-github-actions",
"nixpkgs": [
"authentik-nix",
"nixpkgs"
],
"systems": [
"authentik-nix",
"systems"
],
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1739883580,
"narHash": "sha256-3ydikhrNaWy8j0cqHju/94PcD4GZ9T4Ju4rHh34oz3k=",
"owner": "nix-community",
"repo": "poetry2nix",
"rev": "d90f9db68a4bda31c346be16dfd8d3263be4547e",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "poetry2nix",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs" "authentik-nix": "authentik-nix",
"nixpkgs": "nixpkgs_2"
}
},
"systems": {
"locked": {
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"owner": "nix-systems",
"repo": "default-linux",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default-linux",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"authentik-nix",
"poetry2nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1730120726,
"narHash": "sha256-LqHYIxMrl/1p3/kvm2ir925tZ8DkI0KA10djk8wecSk=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "9ef337e492a5555d8e17a51c911ff1f02635be15",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
} }
} }
}, },

2
nixos/hephaestus/flake.nix
View file

@ -22,6 +22,8 @@
# so the old configuration file still takes effect # so the old configuration file still takes effect
./configuration.nix ./configuration.nix
./nginx.nix ./nginx.nix
#./authentik.nix
#sops-nix.nixosModules.sops
]; ];
}; };
}; };