| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
The option `dhcp-script` can be used to run a script every time a new
lease is added or deleted. We configure this option to run the script
that generates a static HTML file with the leases.
|
|
|
|
|
|
|
| |
Parse the file that contains all the leases assigned by dnsmasq, and
create a static HTML page from it. This can be served by nginx to make
it easy to see what IP is assigned to a machine, and which machines are
currently on the network.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
This is managed in the tailscale module.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
I'm not using it as a desktop, and the current router is getting old and
will likely fail in the near future. It's also a debian machine
configured manually, so let's reconfigure carmel as our new router.
There are three NICs in the host: 2 are 10Gb and one is 1Gb. The 1Gb
will be used as the upstream interface, and one of the 10Gb will be for
the LAN.
There are 2 VLANs to configure: one for IoT devices and one for guest.
|
| |
|
| |
|
|
|
|
|
| |
I only need to run sway and the ssh-agent on a workstation (desktop or
laptop). Start these two processes when the window manager starts.
|
|
|
|
|
|
|
|
|
|
| |
To prevent the unit to be triggered multiple times if the host has
already rebooted, we create a gate file when we're done running, and
before running, we check if the file exists.
Enable the service on tahoe.
Don't restart the unit when its definition has changed.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
fractal requires the gnome key chain but I got rid of it.
|
|
|
|
|
|
| |
- source code pro for monospace
- dejavu sans for sans serif
- dejavu serif for serif
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
- add a comment for each ssh-key that is not stored on a yubikey
- simplify the git commit template
- remove some extra config that I don't need
|
|
|
|
|
|
| |
I completely replaced the usage of `pass' with `passage'. There's no
need to keep a mapping file at this point, since my interaction with the
git server is through ssh.
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
This is a useful tool to know when I'm supposed to touch my
yubikey (sometimes I forget that some actions require that).
Also configure a systemd unit to run it, and configure it to send a
notification to the desktop (at the moment this is consumed by mako).
|
|
|
|
| |
Turns out I don't need this one!
|
|
|
|
| |
The code has moved to https://git.fcuny.net/dns-updater/
|
|
|
|
|
| |
I do not need an agent anymore, since I don't need to decrypt anything
in GPG at this point!
|
| |
|
|
|
|
| |
We need to start the ssh agent (if needed) before we start sway.
|
|
|
|
|
| |
Reports the number of systemd units (user and systems) that are in
failed state.
|
|
|
|
|
|
|
|
| |
I keep running into issues when using fish: I'm not familiar with the
syntax and I don't use it enough that it sticks. I also need to google
stuff regularly to figure out how things are supposed to work. This is
annoying enough that the supposed benefits of fish are not worth it for
me.
|
|
|
|
| |
This secret is not needed system wide, I only need it to run some tools.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of using agenix for all the secrets, I can use homeage for
secrets that are related to my user sessions.
Secrets by default will be store under `~/.secrets'. They are encrypted
using `age' and to decrypt them, a key is expected to be located under
`~/.age/key.txt'.
The last place where I was using `pass' (and so GPG too) was for the
secrets for `mbsync': this change adds a secret for fastmail to the
repository and update `mbsync' configuration to use it.
|
|
|
|
|
|
| |
I used the keyring only to start the GPG agent and unlock the ssh keys.
But since I'm storing the ssh keys on yubikeys and I don't use GPG, I
can remove it.
|
|
|
|
|
|
|
|
|
| |
I need to be explicit about the path to the identity file.
Since I'm switching from pass to passage, I also want to disable the
automatic synchronization of the repository, and I don't need to have a
wrapper for git to push the secrets (I push through ssh now instead of
HTTPS).
|
|
|
|
|
|
|
|
| |
Delete gnome's keyring documentation, I will not be using it anymore, so
no need to keep this around.
Add documentation about how to manage secrets, and clean up wireguard's
documentation.
|
| |
|
|
|
|
|
|
|
| |
This is using the public keys from:
- my user on my laptop
- the root user on tahoe
- the backup key stored on the USB drive
|
|
|
|
|
|
|
| |
This is now using the public keys from various age keys:
- one for my user on the laptop
- one for the root user on the laptop
- one backup key stored on the USB drive
|
|
|
|
|
|
| |
I'll re-key all my secrets with age keys instead of using ssh keys. This
change is to specify the path for the identities when agenix decrypts
the secrets.
|
| |
|
|
|
|
| |
See https://github.com/nix-community/home-manager/pull/3265
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Flake lock file updates:
• Updated input 'agenix':
'github:ryantm/agenix/5f66c8aa774d8d488cba1cdc4f0c954d2a14e3a1' (2023-02-20)
→ 'github:ryantm/agenix/1abf0ade92bdf9dbcaa5155bb39e3ae19cb98aaa' (2023-03-04)
• Updated input 'emacs-overlay':
'github:nix-community/emacs-overlay/d7eeebd439b52b77958eb3d8043f3262701ddee2' (2023-02-20)
→ 'github:nix-community/emacs-overlay/2efd7c8d60ce0750097bbd327ec083e3ce545b31' (2023-03-04)
• Removed input 'gh-ssh-keys'
• Removed input 'gh-ssh-keys/crane'
• Removed input 'gh-ssh-keys/crane/flake-compat'
• Removed input 'gh-ssh-keys/crane/flake-utils'
• Removed input 'gh-ssh-keys/crane/nixpkgs'
• Removed input 'gh-ssh-keys/crane/rust-overlay'
• Removed input 'gh-ssh-keys/crane/rust-overlay/flake-utils'
• Removed input 'gh-ssh-keys/crane/rust-overlay/nixpkgs'
• Removed input 'gh-ssh-keys/flake-utils'
• Removed input 'gh-ssh-keys/nixpkgs'
• Removed input 'gh-ssh-keys/pre-commit-hooks'
• Removed input 'gh-ssh-keys/pre-commit-hooks/flake-utils'
• Removed input 'gh-ssh-keys/pre-commit-hooks/nixpkgs'
• Removed input 'gh-ssh-keys/rust-overlay'
• Removed input 'gh-ssh-keys/rust-overlay/flake-utils'
• Removed input 'gh-ssh-keys/rust-overlay/nixpkgs'
• Updated input 'home-manager':
'github:nix-community/home-manager/72ce74d3eae78a6b31538ea7ebe0c1fcf4a10f7a' (2023-02-20)
→ 'github:nix-community/home-manager/b9e3a29864798d55ec1d6579ab97876bb1ee9664' (2023-03-02)
• Removed input 'masked-emails'
• Removed input 'masked-emails/crane'
• Removed input 'masked-emails/crane/flake-compat'
• Removed input 'masked-emails/crane/flake-utils'
• Removed input 'masked-emails/crane/nixpkgs'
• Removed input 'masked-emails/crane/rust-overlay'
• Removed input 'masked-emails/crane/rust-overlay/flake-utils'
• Removed input 'masked-emails/crane/rust-overlay/nixpkgs'
• Removed input 'masked-emails/flake-utils'
• Removed input 'masked-emails/nixpkgs'
• Removed input 'masked-emails/pre-commit-hooks'
• Removed input 'masked-emails/pre-commit-hooks/flake-compat'
• Removed input 'masked-emails/pre-commit-hooks/flake-utils'
• Removed input 'masked-emails/pre-commit-hooks/gitignore'
• Removed input 'masked-emails/pre-commit-hooks/gitignore/nixpkgs'
• Removed input 'masked-emails/pre-commit-hooks/nixpkgs'
• Removed input 'masked-emails/pre-commit-hooks/nixpkgs-stable'
• Removed input 'masked-emails/rust-overlay'
• Removed input 'masked-emails/rust-overlay/flake-utils'
• Removed input 'masked-emails/rust-overlay/nixpkgs'
• Updated input 'naersk/nixpkgs':
'github:NixOS/nixpkgs/a1291d0d020a200c7ce3c48e96090bfa4890a475' (2023-02-19)
→ 'github:NixOS/nixpkgs/f5ffd5787786dde3a8bf648c7a1b5f78c4e01abb' (2023-03-03)
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/0cf4274b5d06325bd16dbf879a30981bc283e58a' (2023-02-19)
→ 'github:NixOS/nixpkgs/96e18717904dfedcd884541e5a92bf9ff632cf39' (2023-03-02)
• Updated input 'nur':
'github:nix-community/NUR/3c39aebcd09c9d6c257140e07f3d2beac4a83043' (2023-02-20)
→ 'github:nix-community/NUR/2860ab344d033a877e6a03f1c33cb4b7b5e05ddf' (2023-03-04)
• Updated input 'pre-commit-hooks':
'github:cachix/pre-commit-hooks.nix/c9495f017f67a11e9c9909b032dc7762dfc853cf' (2023-02-20)
→ 'github:cachix/pre-commit-hooks.nix/382bee738397ca005206eefa36922cc10df8a21c' (2023-03-03)
• Updated input 'rust':
'github:oxalica/rust-overlay/98f11700e398cf2ae6da905df56badc17e265021' (2023-02-20)
→ 'github:oxalica/rust-overlay/c25d3e1951863ac0061d47a3fabf9aa7c91db5e5' (2023-03-04)
• Removed input 'sendsms'
• Removed input 'sendsms/crane'
• Removed input 'sendsms/crane/flake-compat'
• Removed input 'sendsms/crane/flake-utils'
• Removed input 'sendsms/crane/nixpkgs'
• Removed input 'sendsms/crane/rust-overlay'
• Removed input 'sendsms/crane/rust-overlay/flake-utils'
• Removed input 'sendsms/crane/rust-overlay/nixpkgs'
• Removed input 'sendsms/flake-utils'
• Removed input 'sendsms/nixpkgs'
• Removed input 'sendsms/pre-commit-hooks'
• Removed input 'sendsms/pre-commit-hooks/flake-utils'
• Removed input 'sendsms/pre-commit-hooks/nixpkgs'
• Removed input 'sendsms/rust-overlay'
• Removed input 'sendsms/rust-overlay/flake-utils'
• Removed input 'sendsms/rust-overlay/nixpkgs'
• Removed input 'x509-tools'
• Removed input 'x509-tools/crane'
• Removed input 'x509-tools/crane/flake-compat'
• Removed input 'x509-tools/crane/flake-utils'
• Removed input 'x509-tools/crane/nixpkgs'
• Removed input 'x509-tools/crane/rust-overlay'
• Removed input 'x509-tools/crane/rust-overlay/flake-utils'
• Removed input 'x509-tools/crane/rust-overlay/nixpkgs'
• Removed input 'x509-tools/flake-utils'
• Removed input 'x509-tools/nixpkgs'
• Removed input 'x509-tools/pre-commit-hooks'
• Removed input 'x509-tools/pre-commit-hooks/flake-utils'
• Removed input 'x509-tools/pre-commit-hooks/nixpkgs'
• Removed input 'x509-tools/rust-overlay'
• Removed input 'x509-tools/rust-overlay/flake-utils'
• Removed input 'x509-tools/rust-overlay/nixpkgs'
|
|
|
|
| |
I'm rewriting them in go and they are not ready to be used yet.
|
| |
|
| |
|
|
|
|
|
| |
It's not working as I want, let's fix it first then we can enable it
again later.
|
|
|
|
| |
It's not running anymore.
|
|
|
|
| |
drone is not running anymore
|
|
|
|
|
|
|
|
| |
Replace gitea with gitolite + cgit. I don't need a whole git forge for
myself, especially since I don't use most of the features.
The main thing I'm losing with this change is CI (via drone), but this
is not really a big loss for now.
|
|
|
|
|
| |
The current version of age shipped by nixos does not support the keys
generated by `age-plugin-yubikey'.
|
| |
|
| |
|
|
|
|
|
|
| |
A function to create a go project: it creates the git repository, setup
the project using a flake template, create an initial commit, push it
and ensure we can run drone on it.
|
| |
|
|
|
|
|
|
|
| |
It's easier to edit / debug / test the code that way.
This also add a new function (`find-ssh-agent') to find or start a new
ssh agent when a shell is started.
|
|
|
|
| |
Port of `pass' to use `age' instead of `gpg'.
|
| |
|
|
|
|
|
|
| |
The configuration can be simplified by using the `signing' directive.
For some reason it was also set in the configuration for `pass' which,
while it was correct, was in the wrong location.
|
|
|
|
|
| |
Each key is associated to a variable, which let me be more specific
about which key to use depending on the context.
|
|
|
|
| |
This is to use the yubikeys correctly
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
• Updated input 'agenix':
'github:ryantm/agenix/42d371d861a227149dc9a7e03350c9ab8b8ddd68' (2023-01-09)
→ 'github:ryantm/agenix/5f66c8aa774d8d488cba1cdc4f0c954d2a14e3a1' (2023-02-20)
• Added input 'agenix/darwin':
'github:lnl7/nix-darwin/87b9d090ad39b25b2400029c64825fc2a8868943' (2023-01-09)
• Added input 'agenix/darwin/nixpkgs':
follows 'agenix/nixpkgs'
• Updated input 'emacs-overlay':
'github:nix-community/emacs-overlay/b537e3cba7307729bf80cdc8ef2b176727cbb645' (2023-01-10)
→ 'github:nix-community/emacs-overlay/d7eeebd439b52b77958eb3d8043f3262701ddee2' (2023-02-20)
• Updated input 'emacs-overlay/nixpkgs':
'github:NixOS/nixpkgs/35f1f865c03671a4f75a6996000f03ac3dc3e472' (2023-01-09)
→ 'github:NixOS/nixpkgs/0f213d0fee84280d8c3a97f7469b988d6fe5fcdf' (2023-01-12)
• Updated input 'futils':
'github:numtide/flake-utils/5aed5285a952e0b949eb3ba02c12fa4fcfef535f' (2022-11-02)
→ 'github:numtide/flake-utils/3db36a8b464d0c4532ba1c7dda728f4576d6d073' (2023-02-13)
• Updated input 'home-manager':
'github:nix-community/home-manager/176e455371a8371586e8a3ff0d56ee9f3ca2324e' (2023-01-10)
→ 'github:nix-community/home-manager/72ce74d3eae78a6b31538ea7ebe0c1fcf4a10f7a' (2023-02-20)
• Updated input 'naersk/nixpkgs':
'github:NixOS/nixpkgs/35f1f865c03671a4f75a6996000f03ac3dc3e472' (2023-01-09)
→ 'github:NixOS/nixpkgs/a1291d0d020a200c7ce3c48e96090bfa4890a475' (2023-02-19)
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/54644f409ab471e87014bb305eac8c50190bcf48' (2023-01-10)
→ 'github:NixOS/nixpkgs/0cf4274b5d06325bd16dbf879a30981bc283e58a' (2023-02-19)
• Updated input 'nur':
'github:nix-community/NUR/2c47b2a0053cdb36cc08353f79eebf7a055fa18f' (2023-01-10)
→ 'github:nix-community/NUR/3c39aebcd09c9d6c257140e07f3d2beac4a83043' (2023-02-20)
• Updated input 'pre-commit-hooks':
'github:cachix/pre-commit-hooks.nix/f8992fb404c7e79638192a10905b7ea985818050' (2023-01-09)
→ 'github:cachix/pre-commit-hooks.nix/c9495f017f67a11e9c9909b032dc7762dfc853cf' (2023-02-20)
• Updated input 'pre-commit-hooks/flake-compat':
'github:edolstra/flake-compat/009399224d5e398d03b22badca40a37ac85412a1' (2022-11-17)
→ 'github:edolstra/flake-compat/35bb57c0c8d8b62bbfd284272c928ceb64ddbde9' (2023-01-17)
• Updated input 'rust':
'github:oxalica/rust-overlay/9724998ea2caf23214674bf0c2cdf6ec0b1719af' (2023-01-10)
→ 'github:oxalica/rust-overlay/98f11700e398cf2ae6da905df56badc17e265021' (2023-02-20)
|
|
|
|
|
|
| |
Installing the yubikey manager (ykman) to help managing the keys.
Add more configurations for GPG related to keys.
|
| |
|
|
|
|
|
|
| |
This is not working as I thought it would: I was expecting this to only
work with the first login, but any time I log out of my account it logs
in right away again.
|
| |
|
| |
|
|
|
|
|
| |
I don't need to backup videos, and the cache of my home directory. I
also don't need to keep that many snapshots around.
|
|
|
|
|
|
|
|
|
|
|
| |
fractal(-next) is a client for matrix. It's GTK4 native and uses rust.
While not much nicer looking than element, it's not an electron app,
which I prefer (electron is slow, and element would freeze/crash from
time to time).
I renamed the module from element to matrix-client, in case I switch to
something else in the future (or if there are additional
configurations).
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use the default version of python for the nixos version I'm using.
Remove an unused environment variable (PYTHON_HISTFILE) since it's not
used (I don't remember where I got this one from, but it's not used to
set the history for the python interpreter, see [1]).
Add an environment variable for ipython.
[1] https://github.com/python/cpython/blob/main/Lib/site.py#L468
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
When the laptop boots, I already have to enter a passphrase to unlock
the disks, I can trust that it's me and can automatically log into the
system.
Enable systemd integration for sway so that the correct session is
started and environment variables are imported properly.
|
|
|
|
|
| |
I don't care if I lose this data, and it's creating a lot of churn in
the backups and consuming a lot of space.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
• Updated input 'emacs-overlay':
'github:nix-community/emacs-overlay/dca61513fcd032f348aa2e3fe4606d52e848e7ce' (2023-01-09)
→ 'github:nix-community/emacs-overlay/b537e3cba7307729bf80cdc8ef2b176727cbb645' (2023-01-10)
• Updated input 'emacs-overlay/nixpkgs':
'github:NixOS/nixpkgs/0c9aadc8eff6daaa5149d2df9e6c49baaf44161c' (2023-01-08)
→ 'github:NixOS/nixpkgs/35f1f865c03671a4f75a6996000f03ac3dc3e472' (2023-01-09)
• Updated input 'home-manager':
'github:nix-community/home-manager/b0a3689878d4c2e8a1b02cecf8319ba8c53da519' (2023-01-09)
→ 'github:nix-community/home-manager/176e455371a8371586e8a3ff0d56ee9f3ca2324e' (2023-01-10)
• Updated input 'naersk/nixpkgs':
'github:NixOS/nixpkgs/0c9aadc8eff6daaa5149d2df9e6c49baaf44161c' (2023-01-08)
→ 'github:NixOS/nixpkgs/35f1f865c03671a4f75a6996000f03ac3dc3e472' (2023-01-09)
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/8c54d842d9544361aac5f5b212ba04e4089e8efe' (2023-01-08)
→ 'github:NixOS/nixpkgs/54644f409ab471e87014bb305eac8c50190bcf48' (2023-01-10)
• Updated input 'nur':
'github:nix-community/NUR/7d6f34170b42fe49740fb9b7e4b4a7fdf530b581' (2023-01-09)
→ 'github:nix-community/NUR/2c47b2a0053cdb36cc08353f79eebf7a055fa18f' (2023-01-10)
• Updated input 'rust':
'github:oxalica/rust-overlay/3488cec01351c2f1086b02a3a61808be7a25103e' (2023-01-09)
→ 'github:oxalica/rust-overlay/9724998ea2caf23214674bf0c2cdf6ec0b1719af' (2023-01-10)
|
| |
|
|
|
|
| |
Inspired by https://jackson.dev/post/nix-reasonable-defaults/
|
|
|
|
| |
The machine is connected to a rotated screen.
|
|
|
|
|
| |
This does not exist in 22.11, only 23.05. Will figure out the proper way
to monitor it later.
|
| |
|
|
|
|
|
|
|
| |
Due to md device uuid availability issue in initrd.
Refs:
- https://github.com/NixOS/nixpkgs/issues/196800
- https://github.com/NixOS/nixpkgs/issues/199551
|
|
|
|
| |
Similar to 6c0211b.
|
|
|
|
|
| |
This is a broken unit and I don't need it (see
https://github.com/nixos/nixpkgs/issues/72394).
|
|
|
|
|
| |
There's no need to be on unstable, I prefer break things only twice a
year instead of every time I run an update ...
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
They've recently removed from nixpkgs the version of mongodb that was
used by unifi. I updated to the latest version (7) and did the migration
of the DB manually (see https://github.com/NixOS/nixpkgs/pull/207382):
```
nix-shell -p mongodb-3_4 mongodb-tools
mongod --dbpath /var/lib/unifi/data/db --logpath /var/log/unifi/repair.log --repair
mongod --dbpath /var/lib/unifi/data/db --logpath /var/log/unifi/repair.log --journal --fork
mongodump --out=/root/mongodump
pkill mongod
exit
nix-shell -p mongodb-4_2 mongodb-tools
mv /var/lib/unifi/data/db /var/lib/unifi/data/db_bak
mkdir /var/lib/unifi/data/db
mongod --dbpath /var/lib/unifi/data/db --logpath /var/log/unifi/repair.log --journal --fork
mongorestore /root/mongodump
pkill mongod
```
Once this was done, the exporter was also broken, has it has been
renamed. There are two different services for it in nixpkgs:
`services.unpoller` and `services.prometheus.exporters.unpoller`. Only
the last one works.
From what I can tell, everything is working now.
|
|
|
|
| |
Don't pin, just use latest.
|
| |
|
|
|
|
|
|
| |
It's expecting the configuration in a different place. I think some
environment variable are not propagated correctly, might look into this
later.
|
|
|
|
|
| |
Use what ever is the latest version set by nix, and don't install
poetry (it seems to be broken at the moment).
|
| |
|
| |
|
|
|
|
|
|
| |
I need to figure a way to make it run as a dynamic user, while still
having access to the credentials for twilio, while not changing the
permissions to the file.
|
|
|
|
|
|
|
|
| |
The poller refuses to start, as the name of the binary has been updated,
and the upstream module is not reflecting that change. The service has
also been renamed from `unifi-poller` to `unpoller`, but this is not
working for now. Let's get rid of it as a temporary fix while looking at
the correct solution.
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
```
trace: emacsPgtkNativeComp has been renamed to emacsPgtk, please update your expression.
```
|
|
|
|
| |
It's been deprecated.
|
|
|
|
|
| |
I'm not using GitHub for my repositories, and I don't need to maintain
this configuration either.
|
|
|
|
|
| |
Delete repositories that are marked as private in GitHub and already
exists in my gitea instance.
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
A new module `sendsms` is added to send SMS when the host reboots. It's
triggered by systemd when the host boots and once the network is
available.
|
|
|
|
| |
https://git.fcuny.net/fcuny/sendsms
|
|
|
|
| |
I find Source Code Pro to be more readable than iosevka.
|
| |
|
|
|
|
|
|
|
| |
Drone's CI configuration is in YAML and can contain multiple
configurations (documents). By default the check does not allow this, so
let's update the configuration by adding the flag
`--allow-multiple-documents`.
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Replace the use of Source Code Pro with Iosevka in a few
applications (sway, waybar, alacritty).
|
| |
|
|
|
|
| |
A tool to explore layers in docker images.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
Configure the policy for the crawlers.
|
| |
|
| |
|
| |
|
|\
| |
| |
| | |
Reviewed-on: https://git.fcuny.net/fcuny/world/pulls/1
|
| |
| |
| |
| |
| | |
The URL for drone changed to https://ci.fcuny.net. The secrets also
changed (and we remove the unencrypted file with secrets).
|
|/
|
|
| |
This reverts commit 614fc2fcce0e9ae0bcfdc6e08d3c4bac846d02a8.
|
| |
|
|
|
|
|
| |
I'm going to move (again) from GH to my own instance of gitea. This
script does the migration for me.
|
| |
|
|
|
|
|
|
| |
This reverts commit f4f83c7e83272234571d9580f5a897676de3d0dc.
I'm planning to switch back to gitea to host my projects.
|
| |
|
|
|
|
|
| |
It's usually needed for developing some rust projects, but this should
be setup by the flake of that project.
|
| |
|
|\ |
|
|/
|
|
|
|
|
|
| |
Update the workflow to use `nix develop` commands instead of multiple
steps (see https://determinate.systems/posts/nix-github-actions).
Add a configuration for `cargo deny` to manage the dependencies I take
on.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
I'm not using gerrit anymore.
|
|
|
|
|
|
|
| |
For the python tools, we need the python runtime to be available. For
this we need to specify the dependencies in `propagatedBuildInputs`.
The same is true for flamegraph and perf.
|
|
|
|
|
| |
Since I'm moving everything back to GitHub I don't need to run these
services anymore.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Flake lock file updates:
• Updated input 'emacs-overlay':
'github:nix-community/emacs-overlay/f8d2c22b0714629bb7f8e90071b12fa56cd620be' (2022-10-17)
→ 'github:nix-community/emacs-overlay/feea89fbc310afc87dff52ae0a1bc4afabfcbd43' (2022-10-29)
• Updated input 'emacs-overlay/nixpkgs':
'github:NixOS/nixpkgs/d0f9857448e77df50d1e0b518ba0e835b797532a' (2022-10-17)
→ 'github:NixOS/nixpkgs/f44ba1be526c8da9e79a5759feca2365204003f6' (2022-10-28)
• Updated input 'gh-ssh-keys':
'git+ssh://git@github.com/fcuny/gh-ssh-keys?ref=main&rev=b1b7df6d529835d97734c3cb214d2be5ea593900' (2022-10-16)
→ 'git+ssh://git@github.com/fcuny/gh-ssh-keys?ref=main&rev=a7f3234679c81a46324a1979c1bc5e7752473c2e' (2022-10-22)
• Updated input 'naersk/nixpkgs':
'github:NixOS/nixpkgs/d0f9857448e77df50d1e0b518ba0e835b797532a' (2022-10-17)
→ 'github:NixOS/nixpkgs/f44ba1be526c8da9e79a5759feca2365204003f6' (2022-10-28)
• Updated input 'nixpkgs':
'github:nixos/nixpkgs/1935dd8fdab8e022a9d958419663162fd840014c' (2022-10-17)
→ 'github:nixos/nixpkgs/b62e0c1523295ac3316a9bc514f013173e5ad7ba' (2022-10-29)
• Updated input 'nur':
'github:nix-community/NUR/5b866cfe1ffcb2dc004c862d7da2ff5c6dc66e51' (2022-10-17)
→ 'github:nix-community/NUR/248c0ebe4a3c450fa1aa90b3c4a7a847a61fe574' (2022-10-29)
• Updated input 'pre-commit-hooks':
'github:cachix/pre-commit-hooks.nix/94b0f300dd9a23d4e851aa2a947a1511d3410e2d' (2022-10-12)
→ 'github:cachix/pre-commit-hooks.nix/1b436f36e2812c589e6d830e3223059ea9661100' (2022-10-24)
• Updated input 'rust':
'github:oxalica/rust-overlay/ae87512a3e8ee5bfffd42dadce041e7bdcd05a38' (2022-10-17)
→ 'github:oxalica/rust-overlay/34d76c0a001d81a0fac342698ce7926da37b8ea5' (2022-10-29)
• Updated input 'x509-tools':
'github:fcuny/x509-info/406eaab3073651acff3c09deeb22e864fc9d5b23' (2022-10-22)
→ 'github:fcuny/x509-info/80e1db79a95a245542d4a9ddc6eac13d717c4ac8' (2022-10-25)
|
| |
|
|
|
|
|
| |
The content has been merged with fcuny.net - I can keep everything in
one site.
|
|
|
|
|
|
|
|
| |
I don't want to inline shell scripts inside nix configuration, as it
prevents me to use `shellcheck` to validate them for example.
The script is now moved into the tool directory, and is a tiny bit more
flexible, so that I can run it as my own user.
|
|
|
|
|
| |
All the repositories should be on GitHub now, and archived if they are
not relevant anymore.
|
| |
|
|
|
|
|
|
|
|
|
| |
We first need to create a repository before we can create the default
branch. For the default branch to be set, we also need the repository to
contain a commit, which is achieved with the `auto_init' attribute.
We can always push with `--force' to overwrite that initial commit when
doing the migration.
|
| |
|
|
|
|
|
|
|
| |
It's been moved to its own repository at
https://github.com/fcuny/mpd-stats
Update the list of repositories managed by terraform.
|
| |
|
|
|
|
|
| |
While not great, this is the default workflow on GitHub. It's also what
allows my `git-broom` CLI to work with branches on GitHub.
|
|
|
|
|
|
| |
This tool helps to keep only the branches that are relevant: the ones
that have not been merged yet into the main branch on the principal
remote repository.
|
| |
|
|
|
|
| |
I was not using it.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
To use it, run:
```
nix flake init -t github:fcuny/world#rust
```
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Flake lock file updates:
• Updated input 'agenix':
'github:ryantm/agenix/6acb1fe5f8597d5ce63fc82bc7fcac7774b1cdf0' (2022-09-25)
→ 'github:ryantm/agenix/a630400067c6d03c9b3e0455347dc8559db14288' (2022-10-15)
• Updated input 'emacs-overlay':
'github:nix-community/emacs-overlay/8e54a8980aa438c4f35807ad676acbf7578acce3' (2022-09-20)
→ 'github:nix-community/emacs-overlay/f8d2c22b0714629bb7f8e90071b12fa56cd620be' (2022-10-17)
• Updated input 'emacs-overlay/nixpkgs':
'github:NixOS/nixpkgs/8e0f159ff2d17faabbce0d60b14f50710e882eab' (2022-10-02)
→ 'github:NixOS/nixpkgs/d0f9857448e77df50d1e0b518ba0e835b797532a' (2022-10-17)
• Updated input 'gh-ssh-keys':
'git+ssh://git@github.com/fcuny/gh-ssh-keys?ref=main&rev=de753cd61c1b75879010c4d2452598ada629e489' (2022-10-03)
→ 'git+ssh://git@github.com/fcuny/gh-ssh-keys?ref=main&rev=b1b7df6d529835d97734c3cb214d2be5ea593900' (2022-10-16)
• Updated input 'home-manager':
'github:nix-community/home-manager/4a3d01fb53f52ac83194081272795aa4612c2381' (2022-06-25)
→ 'github:nix-community/home-manager/b81e128fc053ab3159d7b464d9b7dedc9d6a6891' (2022-10-17)
• Updated input 'naersk/nixpkgs':
'github:NixOS/nixpkgs/8e0f159ff2d17faabbce0d60b14f50710e882eab' (2022-10-02)
→ 'github:NixOS/nixpkgs/d0f9857448e77df50d1e0b518ba0e835b797532a' (2022-10-17)
• Updated input 'nixpkgs':
'github:nixos/nixpkgs/2a57890da5727cafa0607a27a5e2f4201645dfba' (2022-10-02)
→ 'github:nixos/nixpkgs/1935dd8fdab8e022a9d958419663162fd840014c' (2022-10-17)
• Updated input 'nixpkgs-unstable':
'github:nixos/nixpkgs/8e0f159ff2d17faabbce0d60b14f50710e882eab' (2022-10-02)
→ 'github:nixos/nixpkgs/d0f9857448e77df50d1e0b518ba0e835b797532a' (2022-10-17)
• Updated input 'nur':
'github:nix-community/NUR/392b26288ad1cdebd03eac17adb70491f9f392d3' (2022-10-02)
→ 'github:nix-community/NUR/5b866cfe1ffcb2dc004c862d7da2ff5c6dc66e51' (2022-10-17)
• Updated input 'pre-commit-hooks':
'github:cachix/pre-commit-hooks.nix/2e4a708918e14fdbd534cc94aaa9470cd19b2464' (2022-10-02)
→ 'github:cachix/pre-commit-hooks.nix/94b0f300dd9a23d4e851aa2a947a1511d3410e2d' (2022-10-12)
• Updated input 'rust':
'github:oxalica/rust-overlay/5db6b63124ccedd61e896ec98def85fb4e6668f4' (2022-10-02)
→ 'github:oxalica/rust-overlay/ae87512a3e8ee5bfffd42dadce041e7bdcd05a38' (2022-10-17)
• Updated input 'rust/flake-utils':
'github:numtide/flake-utils/7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249' (2022-07-04)
→ 'github:numtide/flake-utils/c0e246b9b83f637f4681389ecabcb2681b4f3af0' (2022-08-07)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 17 to 18.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v17...v18)
---
updated-dependencies:
- dependency-name: cachix/install-nix-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
|
|
|
|
| |
The tool can calculate some stats about authors in a git repository. It
computes the number of lines that are authored by authors at a given
revision (HEAD by default), and the number of commits.
|
| |
|
|
|
|
|
|
| |
This is a simple script, there's no benefit in having this in go. Having
it Python makes it easier to extend with panda or other libraries in the
future if I need more statistics too.
|
|
|
|
|
|
|
|
|
| |
This is going to fail anyway since it will try to update a flake from a
private repository and it won't work. But once I make the repository
public it will start working.
Also remove the token, want the PR to be open as the github-actions
bot.
|
|
|
|
|
| |
From now on we should always be using 'main'. If a project requires
'master', it will need to be set explicitly.
|
|
|
|
|
|
| |
Move all the repositories in a YAML file, instead of declaring each
repository. This will simplify the management as I'll be introducing
more resources to manage my repositories.
|
| |
|
|
|
|
| |
It's back at https://github.com/fcuny/govanity
|
| |
|
| |
|
|
|
|
| |
The code is in https://github.com/fcuny/containerd-to-vm
|
|
|
|
| |
The notes are at https://github.com/fcuny/notes.fcuny.net
|
|
|
|
| |
The blog moved back to https://github.com/fcuny/fcuny.net
|
| |
|
| |
|
|
|
|
|
|
|
| |
No need to do this with Go, a python script is fine.
We also don't need to set shell aliases for this: when we install the
tool, we can create symbolic links to `ip2int` and `int2ip`.
|
|
|
|
|
| |
Don't do all of these actions together, instead provide helpers for both
init, plan, and apply.
|
|
|
|
| |
See https://github.com/fcuny/gh-ssh-keys
|
|
|
|
| |
Add a new input to the flake configuration to install `gh-ssh-keys`.
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
Import current GitHub repositories into terraform. This should be the
main way (going forward) to interact with GitHub to create / manage the
repositories and ensuring I'm consistent in the ways I want to use it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
naersk makes it simple to build rust project in nix.
For this to work, `mkSystem` and `mkHomeManagerConfiguration` needs to
pass naersk to my overlays.
I dropped the support to run the tools with `nix run .#tools...`: I
don't use this in practice and it's not making things simpler.
I dropped `nix-linter` from the check, it's reporting many errors
without helping me to fix them.
|
| |
|
| |
|
| |
|
|
|
|
|
| |
The configuration for home-manager is set using `home-manager' directly,
instead of applying updates all at once (OS and home-manager).
|
|
|
|
|
| |
I don't know why I need to do this, but otherwise I can't build rust
packages with `cargo build' if it's not set ...
|
|
|
|
|
| |
I don't think I should have to do this, it's also not solving the
problem I have, but it should not hurt either ...
|
| |
|
|
|
|
|
|
|
| |
The configuration for the modules has changed as of 22.05 (see [1]).
This change is to remove the `modules` section from the settings.
[1] https://github.com/nix-community/home-manager/commit/7c320a53254609d9814280a34e312b7f00fd160b
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When rebuilding the host (through `nixos-rebuild switch --flake`) I
don't want to rebuild also my home-manager configuration. I want these
to be two different steps.
I rebuild the home-manager configuration more frequently and it's a
waste of time and CPU to rebuild the world every time.
This is a pretty large refactoring:
- move checks back into the flake: if I modify a check, the
configuration for `pre-commits` is not regenerated, as the file with the
checks is not monitored with `direnv` (I could probably configure it for
it, but not now)
- remove `home.nix` from the host level configuration
- introduce a `mkHomeManagerConfiguration` function to manage the
different user@host
- fix a warning with the rust overlay
|
|
|
|
|
| |
This improve the readability of the flake configuration, the check can
be in their own module.
|
|
|
|
|
| |
I'll go and refactor correctly and properly the support for rust
packages, this is not working and I'm doing something stupid.
|
|
|
|
|
| |
There has to be a nicer way, and I might just completely drop golang
support anyway in this repo.
|
|
|
|
|
| |
Having requests installed by default is useful to write quickly a
script, and the black formatter is to enforce consistency.
|
|
|
|
|
|
|
|
|
|
|
|
| |
GitHub supports signing commits with a ssh key now (git has supported
this feature for a while but it was not yet available on GitHub).
More details at [1].
I used the steps documented in [2] for nix.
[1] https://github.blog/changelog/2022-08-23-ssh-commit-verification-now-supported/
[2] https://jeppesen.io/git-commit-sign-nix-home-manager-ssh/
|
|
|
|
|
|
|
| |
I can now run `nix build .#tools.sendsms` to build the tool, or get it
deployed on a machine.
Change-Id: I82c733be466adb229d98414fd1229e05f355dd7d
|
|
|
|
|
|
| |
The flake naersk is used to build rust crates with nix.
Change-Id: Ia1c95de34fe802ae6a6b623dc169ca502fa72f12
|
|
|
|
|
|
|
|
|
|
|
| |
This is a new tool to send SMS via Twilio's API. For now it supports a
single subcommand: reboot. Using that subcommand, a SMS will be send
with the name of the host and the IP address for the defined network
interface. This is useful to be notified when one of my machine reboot,
and what's the IP for the main interface (this is useful since my ISP
does not provide a static IP).
Change-Id: I5886a2c77ebd344ab3befa51a6bdd3d65bcc85d4
|
|
|
|
| |
Change-Id: I0235d851df781430abe87d503c652bd97b6e1f1a
|
|
|
|
|
|
| |
Configure the latest beta for rust and pull some tools with it.
Change-Id: Icd7e3a7efd2a5485ab7380a9d077613c03617905
|
|
|
|
| |
Change-Id: Iaa041a70b386d25c581a3a3c2afe860b86740618
|
|
|
|
| |
Change-Id: If0b49ce46875f9f5bd35b792596796bcdb85b3e9
|
|
|
|
| |
Change-Id: I436d66239d25e69e90c43c036afde5dd3bf18915
|
|
|
|
|
|
|
|
| |
Installing the rust overlay to get the various tools installed. This is
done by a new module for home-manager, and is installed only on my
laptop at the moment.
Change-Id: I80c1633ca04da82f4321a0687a05d1df7c523702
|
|
|
|
|
|
|
| |
Change-Id: I9aa813d57c80f431468d97dfc945d9a0439723f1
Reviewed-on: https://cl.fcuny.net/c/world/+/719
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
|
|
|
|
|
|
| |
There's no need to make a backup for sourcegraph, all the things I might
care about (at this stage at least) can be easily regenerated.
Change-Id: I4b592c9007ce57b56b04a94b43ad2ab8759ce891
Reviewed-on: https://cl.fcuny.net/c/world/+/718
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a mechanism to run checks for go (fmt/mod tidy) and one for
terraform.
Fix the configuration for shellcheck (it was not checking the files).
Change-Id: I1d250b96bd22838eddf624fda6b4d78d5da3e39f
Reviewed-on: https://cl.fcuny.net/c/world/+/715
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
|
|
|
| |
Change-Id: I9d1ff1b7de5cb89ffcf40bc91e794f7ff420c1e8
Reviewed-on: https://cl.fcuny.net/c/world/+/717
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
|
|
|
| |
Change-Id: Id11ad998c30d6e863ab3b43552b9fe248a0d6c7f
Reviewed-on: https://cl.fcuny.net/c/world/+/716
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This terraform configuration is to create the buckets that I'm using for
various buckets. Doing this through the UI is difficult, as there are
too many options, it's easy to have different buckets with different
settings when I need them to be identical, no way to review what the
change is going to look like, etc.
Change-Id: I8ee15939559e7632e2df9d17cfaec75d756930b6
Reviewed-on: https://cl.fcuny.net/c/world/+/713
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
| |
Change-Id: I8e08d5ee8649f31e52bfdedda8083a2b78dba54d
|
|
|
|
|
|
|
| |
Change-Id: Ifb970bc6835fbc0de1943349739524331b6dba76
Reviewed-on: https://cl.fcuny.net/c/world/+/712
Reviewed-by: Franck Cuny <franck@fcuny.net>
Tested-by: CI
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since I'm using terraform for a few things, I want to store the state in
a GCP bucket. This script takes care of creating the bucket, creating
the service account for terraform, setting the roles, and enabling
impersonation.
The script is (or at least is intended) to be idempotent. If a new
project is created, running will update only what is needed.
Change-Id: Ie92703be6d17749dc76dabcf9e73e7b274e8d2ac
Reviewed-on: https://cl.fcuny.net/c/world/+/711
Reviewed-by: Franck Cuny <franck@fcuny.net>
Tested-by: CI
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of using a key for the terraform service account, use
delegation. This simplifies a bit the setup:
- no need to have a local key
- principle of least privilege
- no need to setup some environment variables
Update the documentation in case something goes wrong in the future.
Change-Id: I430bdf6816419da35ae8a36cec55ce56491b985c
Reviewed-on: https://cl.fcuny.net/c/world/+/710
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The configuration needs to be updated, we set the value for
`bucket_policy_only` to true now that we've set the bucket to use
uniform bucket level
access (https://cloud.google.com/storage/docs/uniform-bucket-level-access).
Change-Id: I7e9516709af4be35a3964937c1dbd728bcfe1f01
Reviewed-on: https://cl.fcuny.net/c/world/+/709
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
|
|
|
| |
Change-Id: Ie87672629ff23eeb93f5308898014cc737490b7c
Reviewed-on: https://cl.fcuny.net/c/world/+/708
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
|
|
|
| |
Change-Id: I63fc8fd81679457f7dbeafc2bd10c0eded0de991
Reviewed-on: https://cl.fcuny.net/c/world/+/707
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
|
|
|
|
|
|
|
| |
This is the pipeline that is executed when a new build starts. It wait
for all the steps to be completed, and if one of them fail, the build is
marked as failed.
Change-Id: I1eb22b27749944de78d44e49586a1db1fe07b460
Reviewed-on: https://cl.fcuny.net/c/world/+/706
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
|
|
|
| |
Change-Id: I17ea0baab0d74888ed1b21342c583495d3f52643
Reviewed-on: https://cl.fcuny.net/c/world/+/705
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
|
|
|
| |
Change-Id: I2b495c55191f3192b871cfb9d06445817c16e0de
Reviewed-on: https://cl.fcuny.net/c/world/+/704
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
|
|
|
|
|
|
| |
Configure the way we import these packages the same way, that way it's
consistent and easy to use.
Change-Id: I0e218f8fe9dd4cd2045bfee11c80de84ff769fe1
Reviewed-on: https://cl.fcuny.net/c/world/+/703
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
|
|
|
| |
Change-Id: I9bf0524ec12c4d554fc4c7ded458aab8a9cf5ef6
Reviewed-on: https://cl.fcuny.net/c/world/+/702
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
|
|
|
|
|
|
| |
The function `groupExists` returns a boolean, what we want is
`groupIfExists` which returns the actual name of the group.
Change-Id: I7db50066e13932dd617ffccb9dae40ecb1d383a5
Reviewed-on: https://cl.fcuny.net/c/world/+/701
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
|
|
|
|
|
|
|
| |
In the `mkSystem` function, instead of defining each tools, let's import
all of them at once. This works both with installing a tool from a
module or running them from the CLI.
Change-Id: Ia44ff9a45b54a1ecea6f6b02b4cad2956799f627
Reviewed-on: https://cl.fcuny.net/c/world/+/682
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
|
|
|
|
|
|
|
|
|
| |
Since I have configured the pre-commit hooks, I can use them instead of
my custom scripts: less things to maintain and easier to read output.
Change-Id: Ic833ec88ed9fbcbe52b1b1680f978da3a5a08b31
Reviewed-on: https://cl.fcuny.net/c/world/+/681
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
|