ahtlon/infrastructure
1
0
Fork 0
forked from malobeo/infrastructure
Code Pull Requests 18 Actions Activity

Compare commits

base: ahtlon:nixpkgs_bump_20260514
Branches Tags
ahtlon:master ahtlon:nixpkgs_bump_20260625 ahtlon:nixpkgs_bump_20260618 ahtlon:nixpkgs_bump_20260611 ahtlon:nixpkgs_bump_20260604 ahtlon:nixpkgs_bump_20260528 ahtlon:nixpkgs_bump_20260521 ahtlon:nixpkgs_bump_20260514 ahtlon:nixpkgs_bump_20260507 ahtlon:nixpkgs_bump_20260430 ahtlon:nixpkgs_bump_20260423 ahtlon:nixpkgs_bump_20260416 ahtlon:nixpkgs_bump_20260409 ahtlon:nixpkgs_bump_20260402 ahtlon:nixpkgs_bump_20260326 ahtlon:test2 ahtlon:nixpkgs_bump_20260325 ahtlon:diff_gen ahtlon:testbranch ahtlon:hydra_integration2 malobeo:nixpkgs_bump_20260629 malobeo:26_05_upgrade malobeo:master malobeo:nixpkgs_bump_20260615 malobeo:nixpkgs_bump_20260604 malobeo:nixpkgs_bump_20260409 malobeo:debug_mode malobeo:dns malobeo:vaultwarden malobeo:nextcloud_deck_derivation malobeo:staging malobeo:script malobeo:zineshop malobeo:nextcloud_upgrade_31 malobeo:printer-module malobeo:microvm-dirs malobeo:sanoid malobeo:issue77 malobeo:reproducible-deployments malobeo:reproducible-deployments-filestructure malobeo:issue31 malobeo:microvm-module malobeo:issue47 malobeo:hostbuilder malobeo:better-workflows malobeo:issue51 malobeo:local-testing-v2 malobeo:gitea malobeo:fileserver
..
compare: malobeo:nixpkgs_bump_20260629
Branches Tags
malobeo:nixpkgs_bump_20260629 malobeo:26_05_upgrade malobeo:master malobeo:nixpkgs_bump_20260615 malobeo:nixpkgs_bump_20260604 malobeo:nixpkgs_bump_20260409 malobeo:debug_mode malobeo:dns malobeo:vaultwarden malobeo:nextcloud_deck_derivation malobeo:staging malobeo:script malobeo:zineshop malobeo:nextcloud_upgrade_31 malobeo:printer-module malobeo:microvm-dirs malobeo:sanoid malobeo:issue77 malobeo:reproducible-deployments malobeo:reproducible-deployments-filestructure malobeo:issue31 malobeo:microvm-module malobeo:issue47 malobeo:hostbuilder malobeo:better-workflows malobeo:issue51 malobeo:local-testing-v2 malobeo:gitea malobeo:fileserver ahtlon:master ahtlon:nixpkgs_bump_20260625 ahtlon:nixpkgs_bump_20260618 ahtlon:nixpkgs_bump_20260611 ahtlon:nixpkgs_bump_20260604 ahtlon:nixpkgs_bump_20260528 ahtlon:nixpkgs_bump_20260521 ahtlon:nixpkgs_bump_20260514 ahtlon:nixpkgs_bump_20260507 ahtlon:nixpkgs_bump_20260430 ahtlon:nixpkgs_bump_20260423 ahtlon:nixpkgs_bump_20260416 ahtlon:nixpkgs_bump_20260409 ahtlon:nixpkgs_bump_20260402 ahtlon:nixpkgs_bump_20260326 ahtlon:test2 ahtlon:nixpkgs_bump_20260325 ahtlon:diff_gen ahtlon:testbranch ahtlon:hydra_integration2

15 Commits
nixpkgs_bu ... nixpkgs_bu

Author SHA1 Message Date
malobot
70f7511213 Update flake.lock 2026-06-29 04:03:32 +00:00
Ahtlon
e01718263d add atlans laptop ssh key 2026-06-23 17:14:59 +02:00
ahtlon
017e2ca556 [Update] update and allow EOL electron 2026-06-10 17:35:47 +02:00
ahtlon
c31a576fbd I might be stupid... 2026-06-06 00:15:42 +02:00
ahtlon
34db721709 [workflow] fix autoupdate not running -.- 2026-06-04 15:24:52 +02:00
ahtlon
9c55854987 Update every 14 days; close previous prs 2026-05-05 11:38:48 +02:00
ahtlon
8e7c9141c2 Automatic Nixpkgs update (#156) 
Date: Thu Apr 30 00:03:28 UTC 2026
Evaluation warnings:
evaluation warning: cloud-hypervisor supports systemd-notify via vsock, but `microvm.vsock.cid` must be set to enable this.
evaluation warning: 'system' has been renamed to/replaced by 'stdenv.hostPlatform.system'

Co-authored-by: malobot <malobot@systemli.org>
Reviewed-on: malobeo/infrastructure#156
Co-authored-by: ahtlon <git@ahtlon.de>
Co-committed-by: ahtlon <git@ahtlon.de>
 2026-05-05 11:11:20 +02:00
ahtlon
ea2ba8637b [pretalx] pin package to unstable to fix security problem 2026-04-29 20:53:30 +02:00
kalipso
c40d84ba4d [nextcloud] overwriteprotocol https 2026-04-14 13:14:34 +02:00
malobot
bd859dd40d Update flake.lock 2026-03-26 10:59:37 +01:00
ahtlon
3ccd73788c [gitea] add timeout and run on master 2026-03-26 10:31:09 +01:00
ahtlon
b2fc2d126f Add hydra callback 2026-03-25 10:41:53 +01:00
ahtlon
bf3f4db1b2 [hydra] forgot to change repo 2026-03-16 20:58:45 +01:00
kalipso
f4614f2887 [modules] do not reference self within modules 
if it gets included in other flakes 'self' references to that flake,
instead of malobeo
 2026-03-16 20:52:14 +01:00
kalipso
07d7f3b882 [modules] add gitea translator 2026-03-16 20:42:26 +01:00
10 changed files with 97 additions and 31 deletions
Expand all files Collapse all files

14
.gitea/workflows/autoupdate.yml
View File

@@ -2,7 +2,7 @@ name: Weekly Flake Update
on:
schedule:
- cron: "0 0 * * 4"
- cron: "0 4 1/14 * *"
workflow_dispatch:
permissions:
@@ -89,6 +89,18 @@ jobs:
grep -q ${{ github.ref_name }} &&
exit 1 ||
exit 0
- name: close other bump requests
run: |
for i in $(tea pr -o simple | grep "Automatic Nixpkgs update" | awk '{print $1}')
do
if [ "$i" = "" ]
then
echo "No bumps to close"
exit 0
else
tea pr close $i
fi
done
- name: Force push branch
run: git push --force -u origin nixpkgs_bump_$(date +%Y%m%d)
- name: Create pull request

44
.gitea/workflows/hydra-callback.yml
View File

@@ -1,15 +1,26 @@
name: Weekly Flake Update
name: Hydra callback
on:
pull_request:
types:
- opened
types:
- opened
- synchronize
paths:
- '**.nix'
- flake.lock
push:
branches:
- master
paths:
- '**.nix'
- flake.lock
permissions:
contents: write
jobs:
hydra_callback:
on_pr:
if: github.event.pull_request
runs-on: ubuntu-latest
env:
NIXPKGS_ALLOW_UNFREE: 1
@@ -24,8 +35,29 @@ jobs:
github_access_token: ${{ secrets.AHTLONS_GITHUB_TOKEN }}
- name: Find pr number
run: |
echo 'PR=$(echo "${{ github.ref }}" | cut -d / -f 3)' >> "$GITHUB_ENV"
echo PR=$(echo "${{ github.ref }}" | cut -d / -f 3) >> "$GITHUB_ENV"
- name: run hydra wait
timeout-minutes: 200
run: |
echo "Running now @ pr no $PR"
nix run nixpkgs#hydra-cli -- -H https://hydra.dynamicdiscord.de jobset-wait malobeo2 "$PR"
nix run nixpkgs#hydra-cli -- -H https://hydra.dynamicdiscord.de jobset-wait malobeo2 "$PR"
on_push:
if: github.event.push
runs-on: ubuntu-latest
env:
NIXPKGS_ALLOW_UNFREE: 1
steps:
- name: Install sudo
run: |
apt-get update
apt-get install -y sudo
- name: Set up Nix
uses: https://github.com/cachix/install-nix-action@v31
with:
github_access_token: ${{ secrets.AHTLONS_GITHUB_TOKEN }}
- name: run hydra wait
timeout-minutes: 200
run: |
echo "Running now @ master"
nix run nixpkgs#hydra-cli -- -H https://hydra.dynamicdiscord.de jobset-wait malobeo2 master

2
.hydra/spec.json
View File

@@ -12,7 +12,7 @@
"type": 0,
"inputs": {
"nixexpr": {
"value": "https://git.dynamicdiscord.de/ahtlon/infrastructure master",
"value": "https://git.dynamicdiscord.de/malobeo/infrastructure master",
"type": "git",
"emailresponsible": false
},

56
flake.lock generated
View File

@@ -126,11 +126,11 @@
"spectrum": "spectrum"
},
"locked": {
"lastModified": 1778669912,
"narHash": "sha256-WT2iimtOBZM/6AcZeBoJU2EgUSaywtlItsEgNkZBda0=",
"lastModified": 1782324740,
"narHash": "sha256-EpaYlgijQUv8nvbhMStQEFoO7aDWxJmVTOlsoHWqHpg=",
"owner": "astro",
"repo": "microvm.nix",
"rev": "a7a7009064cec75d9da652c6723412ce27b9bc44",
"rev": "49a3e9fe33d33f189d24dafca36096766faa60ad",
"type": "github"
},
"original": {
@@ -176,12 +176,15 @@
}
},
"nixos-hardware": {
"inputs": {
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1778593042,
"narHash": "sha256-xYGrSg6354UK2K4WSQd4+TfyvfqmvFbSY+ZtGQUXK0c=",
"lastModified": 1782562157,
"narHash": "sha256-a7+T6QSeowynwZ1ZJJbP8T8ntAytvrui8kFGJmIZt2c=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "9bd7c80d43e258aaa607d83b43661df11444d808",
"rev": "a9cf7546a938c737b079e738de73934a13de9784",
"type": "github"
},
"original": {
@@ -209,11 +212,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1778443072,
"narHash": "sha256-zi7/fsqM/kFdNuED//4WOCUtezGtKKqRNORjMvfwjnA=",
"lastModified": 1782467914,
"narHash": "sha256-pGvFkM8N0xEkIIXDe5YYfbEAvHrk4IxBrjB/x8OomhE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "da5ad661ba4e5ef59ba743f0d112cbc30e474f32",
"rev": "e73de5be04e0eff4190a1432b946d469c794e7b4",
"type": "github"
},
"original": {
@@ -225,11 +228,24 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1778430510,
"narHash": "sha256-Ti+ZBvW6yrWWAg2szExVTwCd4qOJ3KlVr1tFHfyfi8Q=",
"lastModified": 1767892417,
"narHash": "sha256-8bW3q88CEg2u4hSP66Vf4lpbLonHz7hqDNBMcCY7E9U=",
"rev": "3497aa5c9457a9d88d71fa93a4a8368816fbeeba",
"type": "tarball",
"url": "https://releases.nixos.org/nixos/unstable/nixos-26.05pre924538.3497aa5c9457/nixexprs.tar.xz"
},
"original": {
"type": "tarball",
"url": "https://channels.nixos.org/nixos-unstable/nixexprs.tar.xz"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1782498288,
"narHash": "sha256-8/X3yyTXiE82b38n32ItbOqfWOVBl+gKa8fILyZfR4Q=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8fd9daa3db09ced9700431c5b7ad0e8ba199b575",
"rev": "3cac626ec5e3703e835f227687e88aa9e2f25701",
"type": "github"
},
"original": {
@@ -249,7 +265,7 @@
"microvm": "microvm",
"nixos-generators": "nixos-generators",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_2",
"nixpkgs": "nixpkgs_3",
"nixpkgs-unstable": "nixpkgs-unstable",
"sops-nix": "sops-nix",
"tasklist": "tasklist",
@@ -264,11 +280,11 @@
]
},
"locked": {
"lastModified": 1777944972,
"narHash": "sha256-VfGRo1qTBKOe3s2gOv8LSoA6Fk19PvBlwQ1ECN0Evn8=",
"lastModified": 1782165805,
"narHash": "sha256-478kKQBvK6SYTOdN2h9jhKJv94nbXRbFMfuL1WshErg=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "c591bf665727040c6cc5cb409079acb22dcce33c",
"rev": "56b24064fdcaedca53553b1a6d607fd23b613a24",
"type": "github"
},
"original": {
@@ -280,11 +296,11 @@
"spectrum": {
"flake": false,
"locked": {
"lastModified": 1772189877,
"narHash": "sha256-i1p90Rgssb//aNiTDFq46ZG/fk3LmyRLChtp/9lddyA=",
"lastModified": 1778940603,
"narHash": "sha256-voSM8dZNlaOWN3kbYFky+FNY6fFQOEw0xF+ZMpZKkCQ=",
"ref": "refs/heads/main",
"rev": "fe39e122d898f66e89ffa17d4f4209989ccb5358",
"revCount": 1255,
"rev": "367dd227f539267eae2b62770b4c17b88ac8c1f1",
"revCount": 1265,
"type": "git",
"url": "https://spectrum-os.org/git/spectrum"
},

2
machines/louise/configuration.nix
View File

@@ -46,6 +46,8 @@
];
};
nixpkgs.config.permittedInsecurePackages = [ "electron-39.8.10" ];
services.tor = {
enable = true;
client.enable = true;

4
machines/modules/malobeo/gitea_translator.nix
View File

@@ -55,7 +55,7 @@ in
serviceConfig = {
ExecStart = ''
${pkgs.python3}/bin/python3 ${inputs.self + /scripts/gitea_hydra_server.py} \
${pkgs.python3}/bin/python3 ${../../../scripts/gitea_hydra_server.py} \
--baseurl ${cfg.baseurl} \
--owner ${cfg.owner} \
--repo ${cfg.repo} \
@@ -75,4 +75,4 @@ in
};
};
};
}
}

1
machines/nextcloud/configuration.nix
View File

@@ -63,6 +63,7 @@ in
settings = {
trusted_domains = [ "cloud.malobeo.org" "cloud.hq.malobeo.org" ];
trusted_proxies = [ hosts.malobeo.hosts.fanny.network.address ];
overwriteprotocol = "https";
"maintenance_window_start" = "1";
"default_phone_region" = "DE";
};

3
machines/pretalx/configuration.nix
View File

@@ -1,4 +1,4 @@
{ config, self, lib, pkgs, ... }:
{ config, self, lib, pkgs, inputs, ... }:
with lib;
@@ -58,6 +58,7 @@ in
services.pretalx = {
enable = true;
package = inputs.nixpkgs-unstable.legacyPackages."x86_64-linux".pretalx;
celery.extraArgs = [
"--concurrency=${toString config.microvm.vcpu}"
];

1
machines/ssh_keys.nix
View File

@@ -4,6 +4,7 @@
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCxgcjNOYbza3+RfANFDXy7HXNRFlkpDOAcGyB7MKshiVlbPByWRSjfZa0BeRNjpeCd8QkIodKUzqYOCOrc8ad3kiNbdLRcDz57A5xSLD3ynakoWJo0AmJjT3Ta1JJj8inNwwykR0ig5//SrtsZb9HkWJDAF017MokM2r8AWPE1QzcQdh93kojXcgTHrJHzEqgKbEGDEk37f1RvZG4umEFeqdK2FvS5isPa7P9X7hyyoDC8bvEy7xfaDrToJAoXon6r79taxH8UWIvy//xsU0NBLYK2eE4RQe2AjF6Ri+CybI6y1SsHOvyh4nNKWlfUOEL6UnIulRn/LXFOKCJi7xuoTeJXS0+w1DNEuiGosVNXPSKbUm/eDBVnb8Iyep9wmygSZayN82xL5lRlG3Mn45ttecqfm2SJkmduBA5qXcTdDPe/lXTZaVO9tbiIcJfUgd3ttEu2+6YjLn74D965PlovzvR6EhbVUZ8IkOAt4VmuTkXIdm8SCS7jzhsiKeUXoZ4rfa375zi79SIPuIkoMasj6d16wcYOeFIUIMFFccfQ9jQjr9NTSXC2dd7sfbI9I9mF7eRQSsUdSwpP8WH1b+M1MxTbdhEUdPwpOLviTTIuk8E8K8DQDZIcOOh38mCDpyoh02nwfRxlyoYVsKAHIQH02dHTvYEa3/pMsRwGc9W1Ow== kalipso@desktop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINQg6a2EGmq+i9lfwU+SRMQ8MGN3is3VS6janzl9qOHo quaseb67@hzdr.de"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICKaEcGaSKU0xC5qCwzj2oCLLG4PYjWHZ7/CXHw4urVk atlan@nixos"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDi8yxrMZoXEy7e8/MZeyihOARU2tN0TpJTUX55UO31B atlan@argon"
];
backup = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDIGryhnXdmbGObONG88K+c9zeduMrwtoLHwzMDZg3UXB+Cnq2FXWOrlLZxA+95VUgHpyGZiykJmzeWrKhldDlDeGGd8QCCLeuliiOgXADTYjWaVfhd+6arPZrK2VtqqsguvH40gW1xfoGAOmAT4WFnxWxIaEip0V2u6NOoKTiH9I3bz2Qe4lfJvPXig+XwCXcukXd6XUkDFYDpiw8XNV3X7pqTus5d2RYR97bAhIYZZQ6h50ZpTY8N0lFh4RY5yfx8BhxJW3tfoi9uZvVuPx7dGPsZsSniENFPMNz3UwHGitTJMr4088cJrAGgd5lyFuLouiHiM2JMGA0wx9wWTbWJEwTLaTVQK9gSJf857ndV2zCh9vKlfko4w9bQgqxKg4U/mY8dXX1E7D51nD2ci8Ed+ZG+NEneFLyZhLsD82GkBY+YovA+4xm/pcx+hBhlyqGNxI8v+Jh+JhEyD/ZLgJfq3ZMbGIGsTiDwZ2flLLxImHHEoDoT6PHU6hDhPDJu560="

1
outputs.nix
View File

@@ -118,6 +118,7 @@ in (utils.lib.eachSystem (builtins.filter filter_system utils.lib.defaultSystems
users.imports = [ ./machines/modules/malobeo/users.nix ];
backup.imports = [ ./machines/modules/malobeo/backup.nix ];
printing.imports = [ ./machines/modules/malobeo/printing.nix ];
gitea-translator.imports = [ ./machines/modules/malobeo/gitea_translator.nix ];
};
hydraJobs = nixpkgs.lib.mapAttrs (_: nixpkgs.lib.hydraJob) (