vps-arm-2024-11-28-10-14-18

2024-11-28 10:14:18 +01:00
parent a98735ef05
commit 8761abf51c
5 changed files with 51 additions and 29 deletions
--- a/README.md
+++ b/README.md
@ -1,13 +1,7 @@
 # Most stuff
-## Borg Backup
+###
 it's important to add the ssh host key to known hosts
 ```
 [u278697.your-storagebox.de]:23 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIICf9svRenC/PLKIL9nk6K/pxQgoiFC41wTNvoIncOxs
 [u278697.your-storagebox.de]:23 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA5EB5p/5Hp3hGW1oHok+PIOH9Pbn7cnUiGmUEBrCVjnAw+HrKyN8bYVV0dIGllswYXwkG/+bgiBlE6IVIBAq+JwVWu1Sss3KarHY3OvFJUXZoZyRRg/Gc/+LRCE7lyKpwWQ70dbelGRyyJFH36eNv6ySXoUYtGkwlU5IVaHPApOxe4LHPZa/qhSRbPo2hwoh0orCtgejRebNtW5nlx00DNFgsvn8Svz2cIYLxsPVzKgUxs8Zxsxgn+Q/UvR7uq4AbAhyBMLxv7DjJ1pc7PJocuTno2Rw9uMZi1gkjbnmiOh6TTXIEWbnroyIhwc8555uto9melEUmWNQ+C+PwAK+MPw==
 [u278697.your-storagebox.de]:23 ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAGK0po6usux4Qv2d8zKZN1dDvbWjxKkGsx7XwFdSUCnF19Q8psHEUWR7C/LtSQ5crU/g+tQVRBtSgoUcE8T+FWp5wBxKvWG2X9gD+s9/4zRmDeSJR77W6gSA/+hpOZoSE+4KgNdnbYSNtbZH/dN74EG7GLb/gcIpbUUzPNXpfKl7mQitw==
 ```
 ### Commands
--- a/flake.lock
+++ b/flake.lock
@ -8,11 +8,11 @@
        "nixpkgs": "nixpkgs"
      },
      "locked": {
-        "lastModified": 1732400024,
+        "lastModified": 1732715105,
-        "narHash": "sha256-uf1QzIl0Jj5dr7+erWjHWiCUEvywLaR7ir1jcqGgjeQ=",
+        "narHash": "sha256-WGf8bzwNEgbWjM9aTFv9ZCGrBQEfg0fYd4FSoVa2gDs=",
        "owner": "chaotic-cx",
        "repo": "nyx",
-        "rev": "376a2e022a5d8fa21cecb5bb0fef0cb54db5cdfc",
+        "rev": "8f153d013632e6036e8bec6377cc5ed7d2ad14df",
        "type": "github"
      },
      "original": {
@ -82,11 +82,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1732303962,
+        "lastModified": 1732482255,
-        "narHash": "sha256-5Umjb5AdtxV5jSJd5jxoCckh5mlg+FBQDsyAilu637g=",
+        "narHash": "sha256-GUffLwzawz5WRVfWaWCg78n/HrBJrOG7QadFY6rtV8A=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "8cf9cb2ee78aa129e5b8220135a511a2be254c0c",
+        "rev": "a9953635d7f34e7358d5189751110f87e3ac17da",
        "type": "github"
      },
      "original": {
@ -140,11 +140,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1732032028,
+        "lastModified": 1732648910,
-        "narHash": "sha256-NjyfJQQxs/a2a/KwTmXM44K7XjeJwGsf4YFtebueQzo=",
+        "narHash": "sha256-1F83DUfEHnCZpGY4UOlWaamWoDx8eZ9tHaUF51p2hng=",
        "owner": "Jovian-Experiments",
        "repo": "Jovian-NixOS",
-        "rev": "65dc04371cf914c9af4f073638821e4787303005",
+        "rev": "e86d2ad72094354326887bd6fe156f327d63d491",
        "type": "github"
      },
      "original": {
@ -215,11 +215,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1732014248,
+        "lastModified": 1732521221,
-        "narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=",
+        "narHash": "sha256-2ThgXBUXAE1oFsVATK1ZX9IjPcS4nKFOAjhPNKuiMn0=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "23e89b7da85c3640bbc2173fe04f4bd114342367",
+        "rev": "4633a7c72337ea8fd23a4f2ba3972865e3ec685d",
        "type": "github"
      },
      "original": {
@ -231,11 +231,11 @@
    },
    "nixpkgs-unstable": {
      "locked": {
-        "lastModified": 1732014248,
+        "lastModified": 1732521221,
-        "narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=",
+        "narHash": "sha256-2ThgXBUXAE1oFsVATK1ZX9IjPcS4nKFOAjhPNKuiMn0=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "23e89b7da85c3640bbc2173fe04f4bd114342367",
+        "rev": "4633a7c72337ea8fd23a4f2ba3972865e3ec685d",
        "type": "github"
      },
      "original": {
--- a/machine/vps-arm/configuration.nix
+++ b/machine/vps-arm/configuration.nix
@ -73,6 +73,28 @@ in {
          ];
          hostKeys = ["/persist/pre_boot_ssh_key"];
        };
        postCommands = let
          torRc = pkgs.writeText "tor.rc" ''
            DataDirectory /etc/tor
            SOCKSPort 127.0.0.1:9050 IsolateDestAddr
            SOCKSPort 127.0.0.1:9063
            HiddenServiceDir /etc/tor/onion/bootup
            HiddenServicePort 22 127.0.0.1:22
          '';
        in ''
          echo "tor: preparing onion folder"
          # have to do this otherwise tor does not want to start
          chmod -R 700 /etc/tor
          echo "make sure localhost is up"
          ip a a 127.0.0.1/8 dev lo
          ip link set lo up
          echo "tor: starting tor"
          tor -f ${torRc} --verify-config
          tor -f ${torRc} &
        '';
      };
      luks.devices = {
        root = {
@ -80,6 +102,14 @@ in {
          preLVM = true;
        };
      };
      secrets = {
        "/etc/tor/onion/bootup" = /home/alex/tor/onion; # maybe find a better spot to store this.
      };
      extraUtilsCommands = ''
        copy_bin_and_libs ${pkgs.tor}/bin/tor
      '';
    };
  };
--- a/services/frigate.nix
+++ b/services/frigate.nix
@ -27,7 +27,7 @@ in {
    frigate = {
      enable = true;
-      package = pkgs.unstable.frigate;
+      package = pkgs.frigate;
      hostname = "frigate.szczepan.ski";
      settings = {
--- a/services/headscale.nix
+++ b/services/headscale.nix
@ -6,14 +6,12 @@
 }: {
  environment = {
    systemPackages = with pkgs; [headscale];
    environment = {
    persistence."/persist" = {
      directories = [
        "/var/lib/headscale"
      ];
    };
  };
  };
  services = {
    nginx = {