12 Commits

Author SHA1 Message Date
05bb954985 mob next [ci-skip] [ci skip] [skip ci]
lastFile:flake.nix
2025-10-08 15:56:28 +07:00
c4bfb85d48 mob next [ci-skip] [ci skip] [skip ci]
lastFile:modules/nixos/inventree/default.nix
2025-10-08 15:50:00 +07:00
f416de46fd mob next [ci-skip] [ci skip] [skip ci]
lastFile:overlays/default.nix
2025-10-08 14:41:31 +07:00
2c12eb30e3 mob next [ci-skip] [ci skip] [skip ci]
lastFile:pkgs/overlay.nix
2025-10-08 12:12:45 +07:00
bfd0725ea6 mob next [ci-skip] [ci skip] [skip ci]
lastFile:machines/default.nix
2025-10-07 17:53:28 +07:00
8818d9bc9b mob next [ci-skip] [ci skip] [skip ci]
lastFile:machines/default.nix
2025-10-07 17:12:42 +07:00
ed4e045ffc rm unused args 2025-09-28 13:30:10 +07:00
fd6edd83c2 machines are accessed by zerotier ip 2025-09-28 13:21:46 +07:00
65faa70fa3 no nextcloud on vega 2025-09-28 12:45:29 +07:00
377b63437c no write permission on GLOM samba 2025-09-26 20:26:02 +07:00
43e8252459 samba for vega 2025-09-26 16:46:00 +07:00
800500f57e vega on new device 2025-09-26 12:04:02 +07:00
37 changed files with 1334 additions and 381 deletions

View File

@@ -37,6 +37,8 @@
./fmt.nix ./fmt.nix
./shell.nix ./shell.nix
./overlays
./modules/nixos
./machines ./machines
./inventories ./inventories
./modules/clan/flake-module.nix ./modules/clan/flake-module.nix

View File

@@ -1,19 +1,7 @@
{
inputs,
self,
lib,
pkgs,
...
}:
{ {
clan = { clan = {
inventory = { inventory = {
machines = {
rigel.deploy.targetHost = "root@rigel.local";
vega.deploy.targetHost = "root@vega.local";
};
tags = { tags = {
glom = [ "vega" ]; glom = [ "vega" ];
b4l = [ "rigel" ]; b4l = [ "rigel" ];
@@ -73,7 +61,6 @@
input = "self"; input = "self";
}; };
roles.default.machines.b4l = { }; roles.default.machines.b4l = { };
roles.default.machines.vega = { };
}; };
stirling-pdf = { stirling-pdf = {
module = { module = {

View File

@@ -1,4 +1,8 @@
{ inputs, self, ... }: {
inputs,
self,
...
}:
{ {
imports = [ imports = [
inputs.clan-core.flakeModules.default inputs.clan-core.flakeModules.default

View File

@@ -1,3 +1,4 @@
{ config, ... }:
{ {
imports = [ imports = [
(import ../../lib/auto-accept-zerotier-members.nix { (import ../../lib/auto-accept-zerotier-members.nix {
@@ -10,4 +11,5 @@
system.stateVersion = "25.11"; system.stateVersion = "25.11";
clan.core.sops.defaultGroups = [ "admins" ]; clan.core.sops.defaultGroups = [ "admins" ];
clan.core.networking.targetHost = "root@[${config.clan.core.vars.generators.zerotier.files.zerotier-ip.value}]";
} }

View File

@@ -16,6 +16,7 @@
]; ];
clan.core.sops.defaultGroups = [ "admins" ]; clan.core.sops.defaultGroups = [ "admins" ];
clan.core.networking.targetHost = "root@[${config.clan.core.vars.generators.zerotier.files.zerotier-ip.value}]";
nixpkgs.hostPlatform = { nixpkgs.hostPlatform = {
system = "x86_64-linux"; system = "x86_64-linux";

View File

@@ -1,7 +1,7 @@
{ lib, ... }: { lib, ... }:
let let
hashDisk = disk: "os-${builtins.substring 0 5 (builtins.hashString "sha256" disk)}"; hashDisk = disk: "os-${builtins.substring 0 5 (builtins.hashString "sha256" disk)}";
os = "/dev/disk/by-id/mmc-CUTB42_0x9d59499c"; os = "/dev/disk/by-id/mmc-CUTB42_0x95d14f9e";
vdev = [ vdev = [
"/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5RYRG" "/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5RYRG"
"/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5S02X" "/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5S02X"

View File

@@ -23,8 +23,8 @@
}, },
"bluetooth": [ "bluetooth": [
{ {
"index": 33, "index": 31,
"attached_to": 34, "attached_to": 33,
"class_list": ["usb", "bluetooth"], "class_list": ["usb", "bluetooth"],
"bus_type": { "bus_type": {
"hex": "0086", "hex": "0086",
@@ -99,7 +99,7 @@
}, },
{ {
"index": 36, "index": 36,
"attached_to": 34, "attached_to": 33,
"class_list": ["usb", "bluetooth"], "class_list": ["usb", "bluetooth"],
"bus_type": { "bus_type": {
"hex": "0086", "hex": "0086",
@@ -597,7 +597,7 @@
"fpu_exception": true, "fpu_exception": true,
"cpuid_level": 32, "cpuid_level": 32,
"write_protect": false, "write_protect": false,
"tlb_size": 32767, "tlb_size": 32764,
"clflush_size": 64, "clflush_size": 64,
"cache_alignment": 64, "cache_alignment": 64,
"address_sizes": { "address_sizes": {
@@ -636,7 +636,7 @@
}, },
"device": { "device": {
"hex": "0561", "hex": "0561",
"name": "0", "name": "1",
"value": 1377 "value": 1377
}, },
"revision": { "revision": {
@@ -645,10 +645,10 @@
"value": 0 "value": 0
}, },
"serial": "000000004EBF", "serial": "000000004EBF",
"model": "0", "model": "1",
"sysfs_id": "/class/block/sdb", "sysfs_id": "/class/block/sdb",
"sysfs_bus_id": "1:0:0:0", "sysfs_bus_id": "1:0:0:1",
"sysfs_device_link": "/devices/pci0000:00/0000:00:14.0/usb4/4-3/4-3:1.0/host1/target1:0:0/1:0:0:0", "sysfs_device_link": "/devices/pci0000:00/0000:00:14.0/usb4/4-3/4-3:1.0/host1/target1:0:0/1:0:0:1",
"unix_device_name": "/dev/sdb", "unix_device_name": "/dev/sdb",
"unix_device_number": { "unix_device_number": {
"type": 98, "type": 98,
@@ -657,10 +657,10 @@
"range": 16 "range": 16
}, },
"unix_device_names": [ "unix_device_names": [
"/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5RYRG", "/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5S02X",
"/dev/disk/by-id/usb-USB_3.0_Device_0_000000004EBF-0:0", "/dev/disk/by-id/usb-USB_3.0_Device_1_000000004EBF-0:1",
"/dev/disk/by-path/pci-0000:00:14.0-usb-0:3:1.0-scsi-0:0:0:0", "/dev/disk/by-path/pci-0000:00:14.0-usb-0:3:1.0-scsi-0:0:0:1",
"/dev/disk/by-path/pci-0000:00:14.0-usbv3-0:3:1.0-scsi-0:0:0:0", "/dev/disk/by-path/pci-0000:00:14.0-usbv3-0:3:1.0-scsi-0:0:0:1",
"/dev/sdb" "/dev/sdb"
], ],
"unix_device_name2": "/dev/sg1", "unix_device_name2": "/dev/sg1",
@@ -706,7 +706,7 @@
"name": "Disk", "name": "Disk",
"value": 0 "value": 0
}, },
"serial": "0x9d59499c", "serial": "0x95d14f9e",
"model": "Disk", "model": "Disk",
"sysfs_id": "/class/block/mmcblk0", "sysfs_id": "/class/block/mmcblk0",
"sysfs_bus_id": "mmc0:0001", "sysfs_bus_id": "mmc0:0001",
@@ -719,7 +719,7 @@
"range": 32 "range": 32
}, },
"unix_device_names": [ "unix_device_names": [
"/dev/disk/by-id/mmc-CUTB42_0x9d59499c", "/dev/disk/by-id/mmc-CUTB42_0x95d14f9e",
"/dev/mmcblk0" "/dev/mmcblk0"
], ],
"resources": [ "resources": [
@@ -745,180 +745,6 @@
}, },
{ {
"index": 29, "index": 29,
"attached_to": 25,
"class_list": ["disk", "block_device"],
"base_class": {
"hex": "0106",
"name": "Mass Storage Device",
"value": 262
},
"sub_class": {
"hex": "0000",
"name": "Disk",
"value": 0
},
"model": "Disk",
"sysfs_id": "/class/block/mmcblk0boot0",
"sysfs_bus_id": "mmcblk0",
"sysfs_device_link": "/devices/pci0000:00/0000:00:1a.0/mmc_host/mmc0/mmc0:0001/block/mmcblk0",
"unix_device_name": "/dev/mmcblk0boot0",
"unix_device_number": {
"type": 98,
"major": 179,
"minor": 32,
"range": 32
},
"unix_device_names": ["/dev/mmcblk0boot0"],
"resources": [
{
"type": "disk_geo",
"cylinders": 128,
"heads": 4,
"sectors": 16,
"size": "0x0",
"geo_type": "logical"
},
{
"type": "size",
"unit": "sectors",
"value_1": 8192,
"value_2": 512
}
],
"driver": "mmcblk",
"drivers": ["mmcblk"]
},
{
"index": 30,
"attached_to": 22,
"class_list": ["disk", "usb", "scsi", "block_device"],
"bus_type": {
"hex": "0084",
"name": "SCSI",
"value": 132
},
"slot": {
"bus": 1,
"number": 0
},
"base_class": {
"hex": "0106",
"name": "Mass Storage Device",
"value": 262
},
"sub_class": {
"hex": "0000",
"name": "Disk",
"value": 0
},
"vendor": {
"hex": "152d",
"value": 5421
},
"device": {
"hex": "0561",
"name": "1",
"value": 1377
},
"revision": {
"hex": "0000",
"name": "~",
"value": 0
},
"serial": "000000004EBF",
"model": "1",
"sysfs_id": "/class/block/sdc",
"sysfs_bus_id": "1:0:0:1",
"sysfs_device_link": "/devices/pci0000:00/0000:00:14.0/usb4/4-3/4-3:1.0/host1/target1:0:0/1:0:0:1",
"unix_device_name": "/dev/sdc",
"unix_device_number": {
"type": 98,
"major": 8,
"minor": 32,
"range": 16
},
"unix_device_names": [
"/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5S02X",
"/dev/disk/by-id/usb-USB_3.0_Device_1_000000004EBF-0:1",
"/dev/disk/by-path/pci-0000:00:14.0-usb-0:3:1.0-scsi-0:0:0:1",
"/dev/disk/by-path/pci-0000:00:14.0-usbv3-0:3:1.0-scsi-0:0:0:1",
"/dev/sdc"
],
"unix_device_name2": "/dev/sg2",
"unix_device_number2": {
"type": 99,
"major": 21,
"minor": 2,
"range": 1
},
"resources": [
{
"type": "disk_geo",
"cylinders": 19074048,
"heads": 64,
"sectors": 32,
"size": "0x0",
"geo_type": "logical"
},
{
"type": "size",
"unit": "sectors",
"value_1": 39063650304,
"value_2": 512
}
],
"driver": "uas",
"driver_module": "uas",
"drivers": ["sd", "uas"],
"driver_modules": ["sd_mod", "uas"]
},
{
"index": 31,
"attached_to": 25,
"class_list": ["disk", "block_device"],
"base_class": {
"hex": "0106",
"name": "Mass Storage Device",
"value": 262
},
"sub_class": {
"hex": "0000",
"name": "Disk",
"value": 0
},
"model": "Disk",
"sysfs_id": "/class/block/mmcblk0boot1",
"sysfs_bus_id": "mmcblk0",
"sysfs_device_link": "/devices/pci0000:00/0000:00:1a.0/mmc_host/mmc0/mmc0:0001/block/mmcblk0",
"unix_device_name": "/dev/mmcblk0boot1",
"unix_device_number": {
"type": 98,
"major": 179,
"minor": 64,
"range": 32
},
"unix_device_names": ["/dev/mmcblk0boot1"],
"resources": [
{
"type": "disk_geo",
"cylinders": 128,
"heads": 4,
"sectors": 16,
"size": "0x0",
"geo_type": "logical"
},
{
"type": "size",
"unit": "sectors",
"value_1": 8192,
"value_2": 512
}
],
"driver": "mmcblk",
"drivers": ["mmcblk"]
},
{
"index": 32,
"attached_to": 22, "attached_to": 22,
"class_list": ["disk", "usb", "scsi", "block_device"], "class_list": ["disk", "usb", "scsi", "block_device"],
"bus_type": { "bus_type": {
@@ -957,27 +783,27 @@
}, },
"serial": "000000001532", "serial": "000000001532",
"model": "Generic STORAGE DEVICE", "model": "Generic STORAGE DEVICE",
"sysfs_id": "/class/block/sda", "sysfs_id": "/class/block/sdc",
"sysfs_bus_id": "0:0:0:0", "sysfs_bus_id": "0:0:0:0",
"sysfs_device_link": "/devices/pci0000:00/0000:00:14.0/usb3/3-2/3-2:1.0/host0/target0:0:0/0:0:0:0", "sysfs_device_link": "/devices/pci0000:00/0000:00:14.0/usb3/3-1/3-1:1.0/host0/target0:0:0/0:0:0:0",
"unix_device_name": "/dev/sda", "unix_device_name": "/dev/sdc",
"unix_device_number": { "unix_device_number": {
"type": 98, "type": 98,
"major": 8, "major": 8,
"minor": 0, "minor": 32,
"range": 16 "range": 16
}, },
"unix_device_names": [ "unix_device_names": [
"/dev/disk/by-id/usb-Generic_STORAGE_DEVICE_000000001532-0:0", "/dev/disk/by-id/usb-Generic_STORAGE_DEVICE_000000001532-0:0",
"/dev/disk/by-path/pci-0000:00:14.0-usb-0:2:1.0-scsi-0:0:0:0", "/dev/disk/by-path/pci-0000:00:14.0-usb-0:1:1.0-scsi-0:0:0:0",
"/dev/disk/by-path/pci-0000:00:14.0-usbv2-0:2:1.0-scsi-0:0:0:0", "/dev/disk/by-path/pci-0000:00:14.0-usbv2-0:1:1.0-scsi-0:0:0:0",
"/dev/sda" "/dev/sdc"
], ],
"unix_device_name2": "/dev/sg0", "unix_device_name2": "/dev/sg2",
"unix_device_number2": { "unix_device_number2": {
"type": 99, "type": 99,
"major": 21, "major": 21,
"minor": 0, "minor": 2,
"range": 1 "range": 1
}, },
"resources": [ "resources": [
@@ -1009,6 +835,90 @@
"drivers": ["sd", "usb-storage"], "drivers": ["sd", "usb-storage"],
"driver_modules": ["sd_mod", "usb_storage"], "driver_modules": ["sd_mod", "usb_storage"],
"module_alias": "usb:v05E3p0749d1532dc00dsc00dp00ic08isc06ip50in00" "module_alias": "usb:v05E3p0749d1532dc00dsc00dp00ic08isc06ip50in00"
},
{
"index": 30,
"attached_to": 22,
"class_list": ["disk", "usb", "scsi", "block_device"],
"bus_type": {
"hex": "0084",
"name": "SCSI",
"value": 132
},
"slot": {
"bus": 1,
"number": 0
},
"base_class": {
"hex": "0106",
"name": "Mass Storage Device",
"value": 262
},
"sub_class": {
"hex": "0000",
"name": "Disk",
"value": 0
},
"vendor": {
"hex": "152d",
"value": 5421
},
"device": {
"hex": "0561",
"name": "0",
"value": 1377
},
"revision": {
"hex": "0000",
"name": "~",
"value": 0
},
"serial": "000000004EBF",
"model": "0",
"sysfs_id": "/class/block/sda",
"sysfs_bus_id": "1:0:0:0",
"sysfs_device_link": "/devices/pci0000:00/0000:00:14.0/usb4/4-3/4-3:1.0/host1/target1:0:0/1:0:0:0",
"unix_device_name": "/dev/sda",
"unix_device_number": {
"type": 98,
"major": 8,
"minor": 0,
"range": 16
},
"unix_device_names": [
"/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5RYRG",
"/dev/disk/by-id/usb-USB_3.0_Device_0_000000004EBF-0:0",
"/dev/disk/by-path/pci-0000:00:14.0-usb-0:3:1.0-scsi-0:0:0:0",
"/dev/disk/by-path/pci-0000:00:14.0-usbv3-0:3:1.0-scsi-0:0:0:0",
"/dev/sda"
],
"unix_device_name2": "/dev/sg0",
"unix_device_number2": {
"type": 99,
"major": 21,
"minor": 0,
"range": 1
},
"resources": [
{
"type": "disk_geo",
"cylinders": 19074048,
"heads": 64,
"sectors": 32,
"size": "0x0",
"geo_type": "logical"
},
{
"type": "size",
"unit": "sectors",
"value_1": 39063650304,
"value_2": 512
}
],
"driver": "uas",
"driver_module": "uas",
"drivers": ["sd", "uas"],
"driver_modules": ["sd_mod", "uas"]
} }
], ],
"graphics_card": [ "graphics_card": [
@@ -1118,7 +1028,7 @@
], ],
"hub": [ "hub": [
{ {
"index": 34, "index": 33,
"attached_to": 22, "attached_to": 22,
"class_list": ["usb", "hub"], "class_list": ["usb", "hub"],
"bus_type": { "bus_type": {
@@ -1268,7 +1178,7 @@
"module_alias": "usb:v1D6Bp0003d0615dc09dsc00dp03ic09isc00ip00in00" "module_alias": "usb:v1D6Bp0003d0615dc09dsc00dp03ic09isc00ip00in00"
}, },
{ {
"index": 39, "index": 38,
"attached_to": 9, "attached_to": 9,
"class_list": ["usb", "hub"], "class_list": ["usb", "hub"],
"bus_type": { "bus_type": {
@@ -1348,7 +1258,7 @@
"module_alias": "usb:v1D6Bp0002d0615dc09dsc00dp01ic09isc00ip00in00" "module_alias": "usb:v1D6Bp0002d0615dc09dsc00dp01ic09isc00ip00in00"
}, },
{ {
"index": 41, "index": 40,
"attached_to": 9, "attached_to": 9,
"class_list": ["usb", "hub"], "class_list": ["usb", "hub"],
"bus_type": { "bus_type": {
@@ -1420,8 +1330,8 @@
], ],
"keyboard": [ "keyboard": [
{ {
"index": 38, "index": 39,
"attached_to": 34, "attached_to": 33,
"class_list": ["keyboard", "usb"], "class_list": ["keyboard", "usb"],
"bus_type": { "bus_type": {
"hex": "0086", "hex": "0086",
@@ -1458,8 +1368,8 @@
"value": 0 "value": 0
}, },
"model": "Logitech USB Receiver", "model": "Logitech USB Receiver",
"sysfs_id": "/devices/pci0000:00/0000:00:14.0/usb3/3-5/3-5:1.0", "sysfs_id": "/devices/pci0000:00/0000:00:14.0/usb3/3-2/3-2:1.0",
"sysfs_bus_id": "3-5:1.0", "sysfs_bus_id": "3-2:1.0",
"resources": [ "resources": [
{ {
"type": "baud", "type": "baud",
@@ -1529,7 +1439,7 @@
{ {
"type": "mem", "type": "mem",
"base": 0, "base": 0,
"range": 8096096256, "range": 8097124352,
"enabled": true, "enabled": true,
"access": "read_write", "access": "read_write",
"prefetch": "unknown" "prefetch": "unknown"
@@ -1718,8 +1628,8 @@
], ],
"mouse": [ "mouse": [
{ {
"index": 42, "index": 32,
"attached_to": 34, "attached_to": 33,
"class_list": ["mouse", "usb"], "class_list": ["mouse", "usb"],
"bus_type": { "bus_type": {
"hex": "0086", "hex": "0086",
@@ -1758,8 +1668,8 @@
"compat_vendor": "Unknown", "compat_vendor": "Unknown",
"compat_device": "Generic USB Mouse", "compat_device": "Generic USB Mouse",
"model": "Logitech USB Receiver", "model": "Logitech USB Receiver",
"sysfs_id": "/devices/pci0000:00/0000:00:14.0/usb3/3-5/3-5:1.1", "sysfs_id": "/devices/pci0000:00/0000:00:14.0/usb3/3-2/3-2:1.1",
"sysfs_bus_id": "3-5:1.1", "sysfs_bus_id": "3-2:1.1",
"resources": [ "resources": [
{ {
"type": "baud", "type": "baud",
@@ -1964,7 +1874,7 @@
"resources": [ "resources": [
{ {
"type": "hwaddr", "type": "hwaddr",
"address": 48 "address": 54
}, },
{ {
"type": "io", "type": "io",
@@ -1989,7 +1899,7 @@
}, },
{ {
"type": "phwaddr", "type": "phwaddr",
"address": 54 "address": 53
}, },
{ {
"type": "wlan", "type": "wlan",
@@ -2082,8 +1992,8 @@
], ],
"network_interface": [ "network_interface": [
{ {
"index": 43, "index": 41,
"attached_to": 13, "attached_to": 0,
"class_list": ["network_interface"], "class_list": ["network_interface"],
"base_class": { "base_class": {
"hex": "0107", "hex": "0107",
@@ -2091,32 +2001,17 @@
"value": 263 "value": 263
}, },
"sub_class": { "sub_class": {
"hex": "000a", "hex": "0000",
"name": "WLAN", "name": "Loopback",
"value": 10 "value": 0
}, },
"model": "WLAN network interface", "model": "Loopback network interface",
"sysfs_id": "/class/net/wlan0", "sysfs_id": "/class/net/lo",
"sysfs_device_link": "/devices/pci0000:00/0000:00:1c.0/0000:01:00.0", "unix_device_name": "lo",
"unix_device_name": "wlan0", "unix_device_names": ["lo"]
"unix_device_names": ["wlan0"],
"resources": [
{
"type": "hwaddr",
"address": 48
},
{
"type": "phwaddr",
"address": 54
}
],
"driver": "rtw89_8852be",
"driver_module": "rtw89_8852be",
"drivers": ["rtw89_8852be"],
"driver_modules": ["rtw89_8852be"]
}, },
{ {
"index": 44, "index": 42,
"attached_to": 11, "attached_to": 11,
"class_list": ["network_interface"], "class_list": ["network_interface"],
"base_class": { "base_class": {
@@ -2150,8 +2045,8 @@
"driver_modules": ["igc"] "driver_modules": ["igc"]
}, },
{ {
"index": 45, "index": 43,
"attached_to": 0, "attached_to": 13,
"class_list": ["network_interface"], "class_list": ["network_interface"],
"base_class": { "base_class": {
"hex": "0107", "hex": "0107",
@@ -2159,14 +2054,29 @@
"value": 263 "value": 263
}, },
"sub_class": { "sub_class": {
"hex": "0000", "hex": "000a",
"name": "Loopback", "name": "WLAN",
"value": 0 "value": 10
}, },
"model": "Loopback network interface", "model": "WLAN network interface",
"sysfs_id": "/class/net/lo", "sysfs_id": "/class/net/wlan0",
"unix_device_name": "lo", "sysfs_device_link": "/devices/pci0000:00/0000:00:1c.0/0000:01:00.0",
"unix_device_names": ["lo"] "unix_device_name": "wlan0",
"unix_device_names": ["wlan0"],
"resources": [
{
"type": "hwaddr",
"address": 54
},
{
"type": "phwaddr",
"address": 53
}
],
"driver": "rtw89_8852be",
"driver_module": "rtw89_8852be",
"drivers": ["rtw89_8852be"],
"driver_modules": ["rtw89_8852be"]
} }
], ],
"pci": [ "pci": [

View File

@@ -1,34 +0,0 @@
{ config, pkgs, ... }:
let
# ncDomain = "${config.clan.core.vars.generators.vega-nextcloud.files.subdomain.value}.${config.networking.fqdn}";
ncDomain = "${config.networking.fqdn}";
in
{
clan.core.vars.generators.vega-nextcloud = {
files.subdomain.secret = false;
prompts = {
subdomain = {
persist = true;
type = "line";
description = "Sub-domain for Nextcloud app. Default:(cloud)";
};
};
script = ''cat $prompts/subdomain || echo -n "cloud" > $out/subdomain'';
};
networking.firewall.allowedTCPPorts = [
80
443
];
services.nextcloud = {
hostName = ncDomain;
package = pkgs.nextcloud31;
};
# services.nginx.virtualHosts."${ncDomain}" = {
# # useACMEHost = "${config.networking.fqdn}";
# # forceSSL = true;
# };
}

View File

@@ -0,0 +1,93 @@
{
config,
lib,
...
}:
let
sambaUser = lib.filterAttrs (
name: user: user.isNormalUser && builtins.elem "samba" user.extraGroups
) config.users.users;
sharedFolders = {
GLOM.users = [
"w"
"kurogeek"
"berwn"
];
};
in
{
services.samba = {
enable = true;
openFirewall = true;
settings = {
global = {
security = "user";
workgroup = "WORKGROUP";
"server string" = "Glom Vega";
interfaces = "eth* en*";
"max log size" = "50";
"dns proxy" = false;
"syslog only" = true;
"map to guest" = "Bad User";
"guest account" = "nobody";
};
}
// lib.mapAttrs (share: opts: {
path = "/mnt/hdd/samba/${share}";
comment = share;
"force user" = share;
"force group" = share;
public = "yes";
"guest ok" = "yes";
"create mask" = "0640";
"directory mask" = "0750";
writable = "no";
browseable = "yes";
printable = "no";
# TODO
# "valid users" = toString opts.users;
}) sharedFolders;
};
users.users = lib.mapAttrs (share: opts: {
isSystemUser = true;
group = share;
}) sharedFolders;
users.groups = lib.mapAttrs (share: opts: { }) sharedFolders;
systemd.services.samba-smbd.postStart =
lib.concatMapStrings (
user:
let
password = config.clan.core.vars.generators."${user}-smb-password".files.password.path;
in
''
mkdir -p /mnt/hdd/samba/${user}
chown ${user}:users /mnt/hdd/samba/${user}
# if a password is unchanged, this will error
(echo $(<${password}); echo $(<${password})) | ${config.services.samba.package}/bin/smbpasswd -s -a ${user}
''
) (lib.attrNames sambaUser)
+ lib.concatMapStrings (share: ''
mkdir -p /mnt/hdd/samba/${share}
chown ${share}:${share} /mnt/hdd/samba/${share}
'') (lib.attrNames sharedFolders);
services.samba-wsdd = {
enable = true;
openFirewall = true;
};
services.avahi = {
publish.enable = true;
publish.userServices = true;
# ^^ Needed to allow samba to automatically register mDNS records (without the need for an `extraServiceFile`
nssmdns4 = true;
# ^^ Not one hundred percent sure if this is needed- if it aint broke, don't fix it
enable = true;
openFirewall = true;
};
}

View File

@@ -1,33 +0,0 @@
{ config, ... }:
{
clan.core.vars.generators.ups = {
dependencies = [ "root-password" ];
files.password = {
secret = true;
owner = "nutmon";
group = "nutmon";
};
script = ''
cat $in/root-password/password > $out/password
'';
};
power.ups = {
enable = true;
mode = "standalone";
ups."apc" = {
driver = "usbhid-ups";
port = "auto";
};
upsmon.monitor."test-monitor" = {
powerValue = 1;
user = "root";
type = "primary";
passwordFile = config.clan.core.vars.generators.ups.files.password.path;
};
upsmon.settings = {
RUN_AS_USER = "root";
};
};
}

View File

@@ -0,0 +1,5 @@
{
flake.nixosModules = {
inventree = import ../nixos/inventree;
};
}

View File

@@ -0,0 +1,308 @@
{
lib,
config,
pkgs,
...
}:
let
inherit (lib)
mkEnableOption
mkOption
types
mkIf
;
configFormat = pkgs.formats.json { };
configFile = "/run/inventree/config.json";
cfg = config.services.inventree;
pkg = cfg.package;
inventree-invoke = pkgs.writeShellApplication {
name = "inventree-invoke";
text = ''
export INVENTREE_CONFIG_FILE=${configFile}
export INVENTREE_SECRET_KEY_FILE=${cfg.secretKeyFile}
export PYTHONPATH=${pkg.pythonPath}
exec -a "$0" ${pkgs.python3Packages.invoke}/bin/invoke -r ${cfg.package}/opt/inventree "$@"
'';
};
in
{
options.services.inventree = {
enable = mkEnableOption "InvenTree parts manager";
package = lib.mkOption {
type = types.package;
default = pkgs.inventree;
description = ''
InvenTree package to use
'';
};
hostName = mkOption {
type = types.str;
description = "FQDN for the InvenTree instance.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/inventree";
example = "/var/lib/inventree";
description = ''
The default path for all inventree data.
'';
};
secretKeyFile = mkOption {
type = types.path;
default = "${cfg.dataDir}/secret_key.txt";
description = ''
Path to a file containing the secret key
'';
};
config = mkOption {
type = types.submodule ({
freeformType = configFormat.type;
options = {
site_url = mkOption {
type = types.str;
default = "https://${cfg.hostName}";
};
static_root = mkOption {
type = types.path;
default = "${cfg.dataDir}/static";
description = ''
Static file storage
'';
};
media_root = mkOption {
type = types.path;
default = "${cfg.dataDir}/media_root";
description = "Media root directory";
};
backup_dir = mkOption {
type = types.path;
default = "${cfg.dataDir}/backups";
description = "Backup directory";
};
oidc_private_key_file = mkOption {
type = types.path;
default = "${cfg.dataDir}/oidc.key";
};
};
});
default = { };
description = ''
Config options, see https://docs.inventree.org/en/stable/start/config/
for details
'';
};
serverStartTimeout = mkOption {
type = types.str;
default = "10min";
description = ''
TimeoutStartSec for the server systemd service.
See https://www.freedesktop.org/software/systemd/man/latest/systemd.service.html#TimeoutStartSec=
for more details
'';
};
serverStopTimeout = mkOption {
type = types.str;
default = "5min";
description = ''
TimeoutStopSec for the server systemd service.
See https://www.freedesktop.org/software/systemd/man/latest/systemd.service.html#TimeoutStopSec=
for more details
'';
};
};
config = mkIf cfg.enable {
environment.systemPackages = [ inventree-invoke ];
services.inventree.config = {
plugins_enabled = false;
plugin_file = "${cfg.dataDir}/plugins.txt";
plugin_dir = "${cfg.dataDir}/plugins";
database = {
ENGINE = "postgresql";
NAME = "inventree";
HOST = "/run/postgresql";
};
};
services.postgresql = {
enable = true;
ensureDatabases = [ "inventree" ];
ensureUsers = [
{
name = "inventree";
ensureDBOwnership = true;
}
];
};
users.users.inventree = {
group = "inventree";
isSystemUser = true;
description = "InvenTree daemon user";
};
users.groups.inventree = { };
services.nginx.virtualHosts.${cfg.hostName} = {
locations =
let
unixPath = config.systemd.sockets.inventree-gunicorn.socketConfig.ListenStream;
in
{
"/" = {
extraConfig = ''
client_max_body_size 100M;
'';
proxyPass = "http://unix:${unixPath}";
};
"/static/" = {
alias = "${cfg.config.static_root}/";
extraConfig = ''
expires 30d;
'';
};
"/media/" = {
alias = "${cfg.config.media_root}/";
extraConfig = ''
auth_request /auth;
'';
};
"/auth" = {
extraConfig = ''
internal;
'';
proxyPass = "http://unix:${unixPath}:/auth/";
};
};
};
systemd.targets.inventree = {
description = "Target for all InvenTree services";
wantedBy = [ "multi-user.target" ];
wants = [ "network-online.target" ];
after = [ "network-online.target" ];
};
systemd.services.inventree-config = {
description = "Inventree config generation";
wantedBy = [ "inventree.target" ];
partOf = [ "inventree.target" ];
before = [
"inventree-static.service"
"inventree-gunicorn.service"
"inventree-qcluster.service"
];
serviceConfig = {
User = "root";
Group = "root";
Type = "oneshot";
RemainAfterExit = true;
PrivateTmp = true;
};
script = ''
set -euo pipefail
umask u=rwx,g=,o=
chown inventree:inventree ${configFile}
'';
};
systemd.services.inventree-static = {
description = "InvenTree static migration";
wantedBy = [ "inventree.target" ];
partOf = [ "inventree.target" ];
before = [ "inventree-gunicorn.service" ];
environment = {
INVENTREE_CONFIG_FILE = configFile;
INVENTREE_SECRET_KEY_FILE = cfg.secretKeyFile;
INVENTREE_AUTO_UPDATE = "1";
INVENTREE_PLUGINS_ENABLED = "1";
INVENTREE_PLUGIN_NOINSTALL = "1";
PYTHONPATH = pkg.pythonPath;
};
serviceConfig = {
User = "inventree";
Group = "inventree";
StateDirectory = "inventree";
#RuntimeDirectory = "inventree";
PrivateTmp = true;
ExecStart = ''
${pkg}/opt/inventree/src/backend/InvenTree/manage.py collectstatic --no-input
'';
};
};
systemd.services.inventree-gunicorn = {
description = "InvenTree Gunicorn server";
requiredBy = [ "inventree.target" ];
partOf = [ "inventree.target" ];
#wantedBy = [ "inventree.target" ];
environment = {
INVENTREE_CONFIG_FILE = configFile;
INVENTREE_SECRET_KEY_FILE = cfg.secretKeyFile;
INVENTREE_AUTO_UPDATE = "1";
INVENTREE_PLUGINS_ENABLED = "1";
INVENTREE_PLUGIN_NOINSTALL = "1";
PYTHONPATH = pkg.pythonPath;
};
serviceConfig = {
User = "inventree";
Group = "inventree";
StateDirectory = "inventree";
#RuntimeDirectory = "inventree";
PrivateTmp = true;
ExecStart = ''
${pkg.gunicorn}/bin/gunicorn InvenTree.wsgi \
--pythonpath ${pkg}/opt/inventree/src/backend/InvenTree
'';
};
};
systemd.sockets.inventree-gunicorn = {
wantedBy = [ "sockets.target" ];
partOf = [ "inventree.target" ];
socketConfig.ListenStream = "/run/inventree/gunicorn.socket";
};
systemd.services.inventree-qcluster = {
description = "InvenTree qcluster server";
requiredBy = [ "inventree.target" ];
wantedBy = [ "inventree.target" ];
partOf = [ "inventree.target" ];
environment = {
INVENTREE_CONFIG_FILE = configFile;
INVENTREE_SECRET_KEY_FILE = cfg.secretKeyFile;
INVENTREE_AUTO_UPDATE = "1";
INVENTREE_PLUGINS_ENABLED = "0";
INVENTREE_PLUGIN_NOINSTALL = "1";
PYTHONPATH = pkg.pythonPath;
};
serviceConfig = {
User = "inventree";
Group = "inventree";
StateDirectory = "inventree";
#RuntimeDirectory = "inventree";
PrivateTmp = true;
ExecStart = ''
${pkg}/opt/inventree/src/backend/InvenTree/manage.py qcluster
'';
};
};
};
}

16
overlays/default.nix Normal file
View File

@@ -0,0 +1,16 @@
{ inputs, ... }:
{
flake.overlays = {
default = final: prev: import (../pkgs/overlay.nix) inputs final prev;
};
perSystem =
{ system, ... }:
{
_module.args.pkgs = import inputs.nixpkgs {
inherit system;
overlays = [ inputs.self.overlays.default ];
config = { };
};
};
}

145
pkgs/inventree/package.nix Normal file
View File

@@ -0,0 +1,145 @@
{
stdenvNoCC,
python3,
fetchFromGitHub,
fetchYarnDeps,
yarnConfigHook,
nodejs,
}:
let
version = "unstable-2025-05-09";
src = fetchFromGitHub {
owner = "inventree";
repo = "InvenTree";
rev = "e0acfaa762da0dd7b2822b567202210ca8b7dbd3";
hash = "sha256-K+cqErDUmgPO7625P3jp7+7BOYEfyJ1nElae6RlJvvI=";
};
frontend = stdenvNoCC.mkDerivation {
name = "inventree-frontend";
inherit version src;
yarnOfflineCache = fetchYarnDeps {
yarnLock = "${src}/src/frontend/yarn.lock";
hash = "sha256-KpWuYCrkGN+4UnwV1STEbTL0FWcLZ7Wq8a8ST55OpGM=";
};
nativeBuildInputs = [
yarnConfigHook
nodejs
];
patchPhase = ''
runHook prePatch
cd src/frontend
runHook postPatch
'';
buildPhase = ''
echo "Running lingui"
./node_modules/.bin/lingui compile --typescript
echo building lib
./node_modules/.bin/tsc --p ./tsconfig.lib.json
./node_modules/.bin/vite --config vite.lib.config.ts build
echo "Running tsc"
./node_modules/.bin/tsc
echo "Running vite"
./node_modules/.bin/vite build --emptyOutDir --outDir $out
'';
};
in
python3.pkgs.buildPythonApplication rec {
pname = "InvenTree";
inherit version src;
format = "other";
dependencies = with python3.pkgs; [
coreapi
cryptography
distutils
dj-rest-auth
django_4
django-allauth
django-allauth.optional-dependencies.openid
django-allauth.optional-dependencies.mfa
django-allauth.optional-dependencies.socialaccount
django-cleanup
django-cors-headers
django-dbbackup
django-error-report-2
django-filter
django-flags
django-formtools
django-ical
django-js-asset
django-maintenance-mode
django-markdownify
django-money
django-mptt
django-redis
django-oauth-toolkit
django-otp
django-q-sentry
django-q2
django-redis
django-sesame
django-sql-utils
django-structlog
django-stdimage
django-taggit
django-user-sessions
django-weasyprint
djangorestframework
djangorestframework-simplejwt
djangorestframework-simplejwt.optional-dependencies.crypto
django-xforwardedfor-middleware
drf-spectacular
dulwich
feedparser
gunicorn
pdf2image
pillow
pint
pip-licenses
pypdf
python-barcode
python-barcode.optional-dependencies.images
python-dotenv
pyyaml
qrcode
qrcode.optional-dependencies.pil
rapidfuzz
sentry-sdk
tablib
tablib.optional-dependencies.xls
tablib.optional-dependencies.xlsx
tablib.optional-dependencies.yaml
weasyprint
whitenoise
psycopg2
fido2
];
nativeCheckInputs = with python3.pkgs; [ django-slowtests ];
installPhase = ''
mkdir -p $out/opt/inventree
cp -r . $out/opt/inventree
echo "Installing frontend"
mkdir -p $out/opt/inventree/src/backend/InvenTree/web/static/web
cp -r ${frontend}/* $out/opt/inventree/src/backend/InvenTree/web/static/web/
cp -r ${frontend}/.* $out/opt/inventree/src/backend/InvenTree/web/static/web/
'';
passthru = {
pythonPath = python3.pkgs.makePythonPath dependencies;
gunicorn = python3.pkgs.gunicorn;
inherit frontend;
};
}

27
pkgs/overlay.nix Normal file
View File

@@ -0,0 +1,27 @@
inputs: final: prev: {
pythonPackagesExtensions = prev.pythonPackagesExtensions ++ [
(py-final: py-prev: {
django-dbbackup = py-final.callPackage ./python/django-dbbackup { };
django-error-report-2 = py-final.callPackage ./python/django-error-report-2 { };
django-flags = py-final.callPackage ./python/django-flags { };
django-ical = py-final.callPackage ./python/django-ical { };
django-markdownify = py-final.callPackage ./python/django-markdownify { };
django-money = py-final.callPackage ./python/django-money { };
django-q-sentry = py-final.callPackage ./python/django-q-sentry { };
django-recurrence = py-final.callPackage ./python/django-recurrence { };
django-slowtests = py-final.callPackage ./python/django-slowtests { };
django-structlog = py-final.callPackage ./python/django-structlog { };
django-stdimage = py-final.callPackage ./python/django-stdimage { };
django-user-sessions = py-final.callPackage ./python/django-user-sessions { };
django-weasyprint = py-final.callPackage ./python/django-weasyprint { };
django-xforwardedfor-middleware = py-final.callPackage ./python/django-xforwardedfor-middleware { };
pip-licenses = py-final.callPackage ./python/pip-licenses { };
py-moneyed = py-final.callPackage ./python/py-moneyed { };
pytest-pycodestyle = py-final.callPackage ./python/pytest-codestyle { };
sentry-sdk = py-final.callPackage ./python/sentry-sdk { };
})
];
inventree = final.callPackage ./inventree { python3 = final.python312; };
}

View File

@@ -0,0 +1,30 @@
{ lib, buildPythonPackage, fetchFromGitHub, setuptools, wheel, django_4, pytz,
}:
buildPythonPackage rec {
pname = "django-dbbackup";
version = "4.2.1";
pyproject = true;
src = fetchFromGitHub {
owner = "jazzband";
repo = "django-dbbackup";
rev = version;
hash = "sha256-GD+f9mbImGPQ6MOUK3ftHqiGv7TT39jNQsFvd0dnnWU=";
};
build-system = [ setuptools wheel ];
dependencies = [ django_4 pytz ];
pythonImportsCheck = [ "dbbackup" ];
meta = {
description =
"Management commands to help backup and restore your project database and media files";
homepage = "https://github.com/jazzband/django-dbbackup";
license = lib.licenses.bsd3;
maintainers = with lib.maintainers; [ ];
mainProgram = "django-dbbackup";
};
}

View File

@@ -0,0 +1,27 @@
{ lib, buildPythonPackage, fetchFromGitHub, setuptools, wheel, django, }:
buildPythonPackage rec {
pname = "django-error-report-2";
version = "0.4.2";
pyproject = true;
src = fetchFromGitHub {
owner = "matmair";
repo = "django-error-report-2";
rev = version;
hash = "sha256-ZCaslqgruJxM8345/jSlZGruM+27H9hvwL0wtPkUzc0=";
};
build-system = [ setuptools wheel ];
dependencies = [ django ];
pythonImportsCheck = [ "error_report" ];
meta = {
description = "Log/View Django server errors";
homepage = "https://github.com/matmair/django-error-report-2";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}

View File

@@ -0,0 +1,27 @@
{ lib, buildPythonPackage, fetchFromGitHub, setuptools, wheel, django, }:
buildPythonPackage rec {
pname = "django-flags";
version = "5.0.13";
pyproject = true;
src = fetchFromGitHub {
owner = "cfpb";
repo = "django-flags";
rev = version;
hash = "sha256-WPMfFYoP6WaVzZmVtqAz4LlY761aCRyPhd5npc8bOOI=";
};
build-system = [ setuptools wheel ];
dependencies = [ django ];
pythonImportsCheck = [ "flags" ];
meta = {
description = "Feature flags for Django projects";
homepage = "https://github.com/cfpb/django-flags";
license = lib.licenses.cc0;
maintainers = with lib.maintainers; [ ];
};
}

View File

@@ -0,0 +1,31 @@
{ lib, buildPythonPackage, fetchFromGitHub, setuptools, setuptools-scm, wheel
, django, django-recurrence, icalendar, }:
buildPythonPackage rec {
pname = "django-ical";
version = "1.9.2";
pyproject = true;
src = fetchFromGitHub {
owner = "jazzband";
repo = "django-ical";
rev = version;
hash = "sha256-DUe0loayGcUS7MTyLn+g0KBxbIY7VsaoQNHGSMbMI3U=";
};
build-system = [ setuptools setuptools-scm wheel ];
dependencies = [ django django-recurrence icalendar ];
pythonImportsCheck = [ "django_ical" ];
meta = {
description =
"ICal feeds for Django based on Django's syndication feed framework";
homepage = "https://github.com/jazzband/django-ical";
changelog =
"https://github.com/jazzband/django-ical/blob/${src.rev}/CHANGES.rst";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}

View File

@@ -0,0 +1,28 @@
{ lib, buildPythonPackage, fetchFromGitHub, setuptools, bleach, django, markdown
, }:
buildPythonPackage rec {
pname = "django-markdownify";
version = "0.9.5";
pyproject = true;
src = fetchFromGitHub {
owner = "erwinmatijsen";
repo = "django-markdownify";
rev = version;
hash = "sha256-KYU8p8NRD4EIS/KhOk9nvmXCf0RWEc+IFZ57YtsDSWE=";
};
build-system = [ setuptools ];
dependencies = [ bleach django markdown ];
pythonImportsCheck = [ "markdownify" ];
meta = {
description = "Markdown template filter for Django";
homepage = "https://github.com/erwinmatijsen/django-markdownify";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}

View File

@@ -0,0 +1,28 @@
{ lib, buildPythonPackage, fetchFromGitHub, setuptools, wheel, django
, py-moneyed, }:
buildPythonPackage rec {
pname = "django-money";
version = "3.2";
pyproject = true;
src = fetchFromGitHub {
owner = "django-money";
repo = "django-money";
rev = version;
hash = "sha256-eL26NsreUqtMJ26TmvmB53EJI4Sjs7qjFDnnt4N0vdI=";
};
build-system = [ setuptools wheel ];
dependencies = [ django py-moneyed ];
pythonImportsCheck = [ "djmoney" ];
meta = {
description = "Money fields for Django forms and models";
homepage = "https://github.com/django-money/django-money";
license = lib.licenses.bsd3;
maintainers = with lib.maintainers; [ ];
};
}

View File

@@ -0,0 +1,28 @@
{ lib, buildPythonPackage, fetchFromGitHub, poetry-core, setuptools, sentry-sdk,
}:
buildPythonPackage rec {
pname = "django-q-sentry";
version = "0.1.6";
pyproject = true;
src = fetchFromGitHub {
owner = "danielwelch";
repo = "django-q-sentry";
rev = "d3a43a90c82734244d5ebf3295652223053f1354";
hash = "sha256-3C7A+X18c7p19HWD/uPRtAMf29VjmrfXXh2z5PPOREY=";
};
build-system = [ poetry-core setuptools ];
dependencies = [ sentry-sdk ];
pythonImportsCheck = [ "django_q_sentry" ];
meta = {
description = "Bringing Sentry error tracking to Django Q";
homepage = "https://github.com/danielwelch/django-q-sentry";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}

View File

@@ -0,0 +1,44 @@
{ lib, buildPythonPackage, fetchFromGitHub, pdm-backend, django, flake8, pytest
, pytest-cov, pytest-django, pytest-sugar, python-dateutil, sphinx
, sphinx-rtd-theme, tox, }:
buildPythonPackage rec {
pname = "django-recurrence";
version = "1.12.1";
pyproject = true;
src = fetchFromGitHub {
owner = "jazzband";
repo = "django-recurrence";
rev = version;
hash = "sha256-Q33zyMa1wI13RNLxynGAJHlagahpnFHCmZbHp0aPC/w=";
};
build-system = [ pdm-backend ];
dependencies = [
django
flake8
pytest
pytest-cov
pytest-django
pytest-sugar
python-dateutil
sphinx
sphinx-rtd-theme
tox
];
pythonRelaxDeps = true;
pythonImportsCheck = [ "recurrence" ];
meta = {
description = "Utility for working with recurring dates in Django";
homepage = "https://github.com/django-recurrence/django-recurrence";
changelog =
"https://github.com/django-recurrence/django-recurrence/blob/${src.rev}/CHANGES.rst";
license = lib.licenses.bsd3;
maintainers = with lib.maintainers; [ ];
};
}

View File

@@ -0,0 +1,29 @@
{ lib, buildPythonPackage, fetchFromGitHub, setuptools, wheel, django_4, }:
buildPythonPackage rec {
pname = "django-slowtests";
version = "1.1.1";
pyproject = true;
src = fetchFromGitHub {
owner = "realpython";
repo = "django-slow-tests";
rev = version;
hash = "sha256-gW9AZiMpXJp1m2X1cbm6GdZ9cH+TFqjNLQJFmsvGjB0=";
};
build-system = [ setuptools wheel ];
dependencies = [ django_4 ];
pythonImportsCheck = [ "django_slowtests" ];
meta = {
description = "Locate your slowest tests";
homepage = "https://github.com/realpython/django-slow-tests";
changelog =
"https://github.com/realpython/django-slow-tests/blob/${src.rev}/CHANGELOG.rst";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}

View File

@@ -0,0 +1,35 @@
{ lib, buildPythonPackage, fetchFromGitHub, setuptools, setuptools-scm, wheel
, django, pillow, gettext, }:
buildPythonPackage rec {
pname = "django-stdimage";
version = "6.0.2";
pyproject = true;
src = fetchFromGitHub {
owner = "codingjoe";
repo = "django-stdimage";
rev = version;
hash = "sha256-uwVU3Huc5fitAweShJjcMW//GBeIpJcxqKKLGo/EdIs=";
};
build-system = [ setuptools setuptools-scm wheel ];
dependencies = [ django pillow ];
nativeBuildInputs = [ gettext ];
preBuild = ''
echo "bla bla"
echo $PATH
'';
pythonImportsCheck = [ "stdimage" ];
meta = {
description = "";
homepage = "https://github.com/codingjoe/django-stdimage";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}

View File

@@ -0,0 +1,33 @@
{ lib, buildPythonPackage, fetchFromGitHub, setuptools, asgiref, django
, django-ipware, structlog, celery, django-extensions, }:
buildPythonPackage rec {
pname = "django-structlog";
version = "9.1.1";
pyproject = true;
src = fetchFromGitHub {
owner = "jrobichaud";
repo = "django-structlog";
rev = version;
hash = "sha256-SEigOdlXZtfLAgRgGkv/eDNDAiiHd7YthRJ/H6e1v5U=";
};
build-system = [ setuptools ];
dependencies = [ asgiref django django-ipware structlog ];
optional-dependencies = {
celery = [ celery ];
commands = [ django-extensions ];
};
pythonImportsCheck = [ "django_structlog" ];
meta = {
description = "";
homepage = "https://github.com/jrobichaud/django-structlog";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}

View File

@@ -0,0 +1,29 @@
{ lib, buildPythonPackage, fetchFromGitHub, setuptools, setuptools-scm, wheel
, django, }:
buildPythonPackage rec {
pname = "django-user-sessions";
version = "2.0.0";
pyproject = true;
src = fetchFromGitHub {
owner = "jazzband";
repo = "django-user-sessions";
rev = version;
hash = "sha256-Wexy6G2pZ8LTnqtJkBZIePV7qhQW8gu/mKiQfZtgf/o=";
};
build-system = [ setuptools setuptools-scm wheel ];
dependencies = [ django ];
pythonImportsCheck = [ "user_sessions" ];
meta = {
description =
"Extend Django sessions with a foreign key back to the user, allowing enumerating all user's sessions";
homepage = "http://github.com/jazzband/django-user-sessions";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}

View File

@@ -0,0 +1,30 @@
{ lib, buildPythonPackage, fetchFromGitHub, setuptools, django, weasyprint, }:
buildPythonPackage rec {
pname = "django-weasyprint";
version = "2.4.0";
pyproject = true;
src = fetchFromGitHub {
owner = "fdemmer";
repo = "django-weasyprint";
rev = "v${version}";
hash = "sha256-eSh1p+5MyYb6GIEgSdlFxPzVCenlkwSCTkTzgKjezIg=";
};
build-system = [ setuptools ];
dependencies = [ django weasyprint ];
pythonImportsCheck = [ "django_weasyprint" ];
meta = {
description =
"A Django class-based view generating PDF resposes using WeasyPrint";
homepage = "https://github.com/fdemmer/django-weasyprint";
changelog =
"https://github.com/fdemmer/django-weasyprint/blob/${src.rev}/CHANGELOG.md";
license = lib.licenses.asl20;
maintainers = with lib.maintainers; [ ];
};
}

View File

@@ -0,0 +1,28 @@
{ lib, buildPythonPackage, fetchFromGitHub, setuptools, wheel, django, }:
buildPythonPackage rec {
pname = "django-xforwardedfor-middleware";
version = "2.0";
pyproject = true;
src = fetchFromGitHub {
owner = "allo-";
repo = "django-xforwardedfor-middleware";
rev = "v${version}";
hash = "sha256-dDXSb17kXOSeIgY6wid1QFHhUjrapasWgCEb/El51eA=";
};
build-system = [ setuptools wheel ];
dependencies = [ django ];
pythonImportsCheck = [ "x_forwarded_for" ];
meta = {
description =
"Use the X-Forwarded-For header to get the real ip of a request";
homepage = "https://github.com/allo-/django-xforwardedfor-middleware";
license = lib.licenses.publicDomain;
maintainers = with lib.maintainers; [ ];
};
}

View File

@@ -0,0 +1,49 @@
{ lib, buildPythonPackage, fetchFromGitHub, setuptools, setuptools-scm, wheel
, prettytable, tomli, autopep8, black, docutils, isort, mypy, pip-tools
, pypandoc, pytest-cov, pytest-pycodestyle, pytest-runner, tomli-w, twine, }:
buildPythonPackage rec {
pname = "pip-licenses";
version = "5.0.0";
pyproject = true;
src = fetchFromGitHub {
owner = "raimon49";
repo = "pip-licenses";
rev = "v-${version}";
hash = "sha256-6xw6BCuXSzNcwkpHaEFC5UPpubPUwhx/pg6vZq2er7A=";
};
build-system = [ setuptools setuptools-scm wheel ];
dependencies = [ prettytable tomli ];
optional-dependencies = {
dev = [
autopep8
black
docutils
isort
mypy
pip-tools
pypandoc
pytest-cov
pytest-pycodestyle
pytest-runner
tomli-w
twine
wheel
];
};
pythonImportsCheck = [ "piplicenses" ];
meta = {
description = "Dump the license list of packages installed with pip";
homepage = "https://github.com/raimon49/pip-licenses";
changelog =
"https://github.com/raimon49/pip-licenses/blob/${src.rev}/CHANGELOG.md";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}

View File

@@ -0,0 +1,31 @@
{ lib, buildPythonPackage, fetchFromGitHub, setuptools, wheel, babel
, typing-extensions, }:
buildPythonPackage rec {
pname = "py-moneyed";
version = "3.0";
pyproject = true;
src = fetchFromGitHub {
owner = "py-moneyed";
repo = "py-moneyed";
rev = "v${version}";
hash = "sha256-k0ZbLwog6TYxKDLZV7eH1Br8buMPfpOkgp+pMN/qdB8=";
};
build-system = [ setuptools wheel ];
dependencies = [ babel typing-extensions ];
pythonImportsCheck = [ "moneyed" ];
meta = {
description =
"Provides Currency and Money classes for use in your Python code";
homepage = "http://github.com/py-moneyed/py-moneyed";
changelog =
"https://github.com/py-moneyed/py-moneyed/blob/${src.rev}/CHANGES.rst";
license = lib.licenses.bsd3;
maintainers = with lib.maintainers; [ ];
};
}

View File

@@ -0,0 +1,36 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
setuptools,
wheel,
}:
buildPythonPackage rec {
pname = "pytest-pycodestyle";
version = "2.4.1";
pyproject = true;
src = fetchFromGitHub {
owner = "henry0312";
repo = "pytest-pycodestyle";
rev = "v${version}";
hash = "sha256-kvjkpDPNhaXjMLQbrJFusRINgsyeBwkxcWm9rxkuj/Q=";
};
build-system = [
setuptools
wheel
];
pythonImportsCheck = [
"pytest_pycodestyle"
];
meta = {
description = "Pytest plugin to run pycodestyle";
homepage = "https://github.com/henry0312/pytest-pycodestyle";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}

View File

@@ -0,0 +1,31 @@
{ lib, buildPythonPackage, fetchFromGitHub, setuptools, wheel, certifi, urllib3,
}:
buildPythonPackage rec {
pname = "sentry-sdk";
version = "2.26.1";
pyproject = true;
src = fetchFromGitHub {
owner = "getsentry";
repo = "sentry-python";
rev = version;
hash = "sha256-Wl8yq2X9GuPcqaS93hkKXs2cDzz282Xceaai4NjbVZY=";
fetchSubmodules = true;
};
build-system = [ setuptools wheel ];
dependencies = [ certifi urllib3 ];
pythonImportsCheck = [ "sentry_sdk" ];
meta = {
description = "The official Python SDK for Sentry.io";
homepage = "https://github.com/getsentry/sentry-python";
changelog =
"https://github.com/getsentry/sentry-python/blob/${src.rev}/CHANGELOG.md";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ ];
};
}

View File

@@ -1 +0,0 @@
../../../../../../sops/groups/admins

View File

@@ -1 +0,0 @@
../../../../../../sops/machines/vega

View File

@@ -1,51 +0,0 @@
{
"data": "ENC[AES256_GCM,data:9KQPJ1ANkdVaJ5tDbjm47S9o4xs5xg0UDsKQ/tMd662Xs2Tz,iv:/1uH1iYKpBHVQUF19KIscCzTeZhCTGZnYNacOA9NRJA=,tag:neYS9VibwpVn86kDIEmELQ==,type:str]",
"sops": {
"age": [
{
"recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXUUxtS0pDdnBLTmpoS0p3\ndE5KVDE5bHhWZU5VQmpiM04rTU8vK0k1UGw0CnB6TjRiaEhjSjJvSE1ZQmwyUkVJ\nNHlheVB5U2FyQU5odXRrZGlNa0lhR0EKLS0tIERpUDJuSFQxVXY3WlhRR2Z5M2lO\nL0JYVEVTWWdRM3pWRDNzVTM3eVJCa00KVOJgJ+syOOaCYqjLfhPwAVGyI7GrluyU\n04C9BwmAwSuvBA4MhnIT6a3JAHGj0LqvGTDAeeUHzxGO6dKfu6BCWg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhQ1QxWUlTdHV1dGFoWVlj\nVkxDWHhIaWM0bGZtYnYwUit6eXB5bWMxcUVvCmFtVlZDYVEvamZrK0xZVFQwZTJU\nWkQ1aXpVWDN1NWRWTVdNZGJneU5qeDAKLS0tIGNQTTZrdXZPaENiVFhnSXNBSFZ3\nc0h1RkxZejNrU2xuczhZbjlaZ28wcDAK50drPDlvgOhW7NLEfuMcJmibsBPY6XdO\n9JJR8S+LmpwiPmDd4PPSg5lXlGXk41MeODz0HaGy8Ty1Ra83oppGiA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDJwQitrbWtW\nbzJ2WkpmWlBKbXkyVnJZR0xNOVlRanBNZFFEaHJBSFJ3ejggQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpVZFpXWXJoTk00TWpTcmhWZlorVjZl\nT1gxekhMZG5VYjVHZlZBS29xTTl3Ci0tLSB2UlpzUDE3bWR6Mm4yZGVTUFRIKzlE\nZWpvVnZVYzZXRmttUGJzeTdRd2F3CjgcUpQOAdEiu8XtZypEmCAmq7MUhKCqOh5x\nYOttmHxe6wcpt8uVhzKJzWh0N3az+Q83GqfqRtbqpYaUVUk0xJ4=\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIHpwTUYrWWR4\neTEwQW5ZZjZhRjlYQ0dFSEJaTFR3STdWaHZSMWszYmZBbXMgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpjTnNQcWhDbnJOZzR2QTYvOGIyRGlC\ncG1SSTlZOW9lUzVuNGl5VnF2aWVzCi0tLSAxZkYybWxBUERGU1VsaXFrcmVzK0Vh\nbFJCQ2tOa2oyOHQ4SGdGT05MME4wCnkCUJJZMZoYnKxRcp4NQC3LG92wdoM+8fGw\nHnZ4HxteJ3aeINgG4PLSudmvWD/tltHH8c556guZKTGmKytHHrw=\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIE1nalBxWXFm\nUnVLSVNsTFRFUlV3ZG1NUDhEL2FESTZhQStQaFdWenlxRm8gQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpxa3N4Nlk2VmQyb2drWEM3UTN3bW9a\nL3g2SERINUg2c2lmN0FxaXdBb2t3Ci0tLSA3L0RTdmp0c3NHT1NYWWdGKzhvLzNO\nRU9VSCs2QUNOdDEweWtCWm9aVWpzCpI+ZP5DwtUteBE9kniwss3SVTxqCBFajP4J\n3QXDxCBYk1j5c1kBlzL+aMpCQTJyKatlYTvQisvbOIZVBiYbT4Q=\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArK3JKcTVOUjZmb08xYmpj\nSkcvSXZhS2t6RGRjelFLeFFCUFJJVHlpaEJNCkxUUVRxaDhNMFNGcUdramt0OVhH\nVFFjSmVzS3lHeUNrM3NDckF3Rlp2VmsKLS0tIFNvNzlmUkNFRk5zYzhyS29QVEZF\nZ3oxYUJYS2lPVkNzbmFRS1U4NUhUNkkKtl//bn218lQeG5mU32GzdfF5pB+bai2h\neI0cGoNtjU+/ppvx4gT9aH6QSYuYethxkoDjBuysSrQFh/KukOqrJA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1pl3nej4ayvuk75cydwyz5ttzelqqdkun8hweu40vypvspzh9j4vqp9rl0j",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoa1luRDhDdDBoV1d6cm94\nZnZRallGUHJSaHhuQ2FKYmIxMWpqUzRSTEU0Ck5wM2ZSMVNPTmxWdm1OK1JTY09H\nWmdrUEpIQlFkbmREK3hySm5vb3ZmUkEKLS0tIFNWVEdITUZZeE55TG1XaFZ5Z3ZU\nZ2E5MmNtNFdhMmdWRktVdHFRNDUxek0Kfcxpxd4HOoz/c+bRJ9VXyoTIX8yutTSp\ng4jsXwAipq8r0kh94U6QBbzffIqdwUMPYyy1sr3oEXiIxabdMtJ8fg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOMEhpekVyRUpQOW9pWkw5\nOUZiSTROdXJrS3gzUUlnYUZ2TU5kMUFMdVdBClJod2loQU91bFRhVGdDMjhvSkdU\nL3dNdHM2anAybWN4eENqUis1M2ZSTTAKLS0tIFhHRGk5VzJjTSt3UGxpOTU4OXB1\nWWViTzAvaWlKVWZPR3J3eno3cGwzRWMKiHIJ7jBtf6uTRLyhh7IoLHvIWtHhHGOt\nLMqDloJN18hCveOdW4f4sksi2GEMlpfxRnx4DATWthiD0M403tDZkw==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3U3dCcWEzd3o5dFBFbnZS\ncDNwQmIzUDNoSTFiMTZGeW1LUlJSbUFaOUdBCjZEL2dOVXBoU3BLa0tOaVlCSzNt\nNDhsTms2QmhmRS80WmhWaFM0NlkzRkEKLS0tIFZNRk5vVnhqN2diMS9kRjZ3Nkw5\nbVlyOGFqY3VHZ0pQRGpUUUQ4OWdXT1EKRIHVf9M32BG13P2x7eWof0Cz56NKJI/h\nFESmEFBxbF0BpnRxOM70GWTzsoS3+PzsM2I4GG9ArbkFRfZfkkR9AA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxL3VoMzVPM3FKQU55clYz\nRjB1aTFQRmhtT0h4KzN2T0xKRmJyQ3NLejJnCmdTU1VVODEyb2E5ak40ZmxKcjlS\nbG5oc3Z4ZUVVNzRiaEEvNW91T1RGY0UKLS0tIGx4MkVJblRKendyNlROYlJwaFBX\nZ1lmWDJyVE83SWdqV3o0K2pmYUNuMXMKwZa+GFWR5HvE4W2s3ovNbCZgXFtaus7p\n5wvIqsfQ30jFzIkWRMBq/uHDYKJggHZ3wwI3oU31wP5QlxvNlvPnFg==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-09-25T10:18:52Z",
"mac": "ENC[AES256_GCM,data:9/cdNmwYO7byDJGgiC1FdvHlkFW28zQ4ax0jgKuJBIOh41vY2h6WseedmsS4AAjl+3qBEAd2whYNzB2FdCba6d2IGqEx9z9jew4rS8TpigH3lPEz4SrkEn7KgxsjYB8xVhM2OkjFuc0T2b3F9UAyg2Bh8Ushuexnlk39e9OiTRc=,iv:dHbmzHniZZ/aKOJvj4RSP4lEmeG0uPo5oB7qKS6EaiI=,tag:sRJ+OILqs6L2gXwwepNH/Q==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

View File

@@ -1 +0,0 @@
../../../../../../sops/users/kurogeek