RGBCube/ncc
1
Fork 0
mirror of https://github.com/RGBCube/ncc synced 2025-07-27 18:17:44 +00:00
Code Issues Activity

Add some parts of the nine host

Browse source
This commit is contained in:
RGBCube 2025-01-24 23:50:51 +03:00
parent 6c108c7caa
commit fa80a17f59
12 changed files with 124 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

8
modules/linux/endlessh-go.nix
View file

@ -2,17 +2,17 @@
inherit (lib) enabled merge mkEnableOption mkIf mkOption types;
fakeSSHPort = 22;
in merge <| mkIf config.isServer {
config.services.prometheus.exporters.endlessh-go = enabled {
in {
config.services.prometheus.exporters.endlessh-go = mkIf config.isServer <| enabled {
listenAddress = "[::]";
};
# `services.endlessh-go.openFirewall` exposes both the Prometheus
# exporters port and the SSH port, and we don't want the metrics
# to leak, so we manually expose this like so.
config.networking.firewall.allowedTCPPorts = [ fakeSSHPort ];
config.networking.firewall.allowedTCPPorts = mkIf config.isServer <| [ fakeSSHPort ];
config.services.endlessh-go = enabled {
config.services.endlessh-go = mkIf config.isServer <| enabled {
listenAddress = "[::]";
port = fakeSSHPort;

2
modules/linux/hyprland/fuzzel.nix
View file

@ -1,7 +1,7 @@
{ config, lib, ... }: let
inherit (lib) enabled mapAttrs merge mkIf replaceStrings;
in merge <| mkIf config.isDesktop {
home-manager.sharedNodules = [{
home-manager.sharedModules = [{
wayland.windowManager.hyprland.settings = {
bindl = [(replaceStrings [ "\n;" "\n" ] [ ";" "" ] ''
, XF86PowerOff, exec,

6
modules/linux/restic/default.nix
View file

@ -1,11 +1,11 @@
{ config, lib, ... }: let
inherit (lib) genAttrs merge mkConst mkIf remove;
in merge <| mkIf config.isServer {
in{
options.resticHosts = mkConst <| remove config.networking.hostName [ "cube" "disk" "nine" ];
config.secrets.resticPassword.file = ./password.age;
config.secrets.resticPassword.file = mkIf config.isServer ./password.age;
config.services.restic.backups = genAttrs config.resticHosts (host: {
config.services.restic.backups = mkIf config.isServer <| genAttrs config.resticHosts (host: {
repository = "sftp:backup@${host}:${config.networking.hostName}-backup";
passwordFile = config.secrets.resticPassword.path;
initialize = true;

20
modules/linux/restic/password.age
View file

@ -1,11 +1,11 @@
age-encryption.org/v1
-> ssh-ed25519 +rZ0Tw 06oZk46oR6ELo5J27k6yawjranT3zRItKK+rl0P9bgk
Zl9FaZ0zz7X+NNa8YZ7mF+I3NM6uIQ4OyOxHCC7tG0s
-> ssh-ed25519 spFFQA lNlbKPxx4NolZih3OdSW+Om6LfLzQGPcOateTm7PmjE
faPPdpWeJytmEGMCfNiup4hE/wjwAp9hdFBRR9PJ7JE
-> ssh-ed25519 dASlBQ 0hpF2NYQrE8k0yQWjecxaEmxPswUfqjr/isjwcuRbio
zy5tvK0/6WaxzOOzmhRdMIdWeMyE0YYvRI+UAx4sW1c
-> ssh-ed25519 CzqbPQ VuaclNfcFIo7wIFauMBcy4amv4QDMUwmWevaCaMICxg
JpO3lbn95Hfhqi7x2SRUSzVHQ7tS/Ay9Gn+mFhQpKbE
--- iuP1ypvDk453T8/jiyTnWRnVpKZ89yLdWbrMJubNwq8
nßÞâæ ìQš)pÕº1 Cbn)Tœ™<C593>íÿa±öO^VLš­ßç}„4@QÓ
-> ssh-ed25519 +rZ0Tw xhx8zm8GiLF+Y+2w9jxYr0k5EV09CwlYxaXlH9ZvRF8
m6WXa1m9kRJxXHDamHhTuXbWkBqPmvzei6ZU/CgTTgE
-> ssh-ed25519 spFFQA jzcaT4YrjACZ8UdNBHCPr6oHTRtdGXBj8dR2TGEo9A0
Q9t68ssLWmfSINP2l5ifRQ4q9ITpT6fx9lKnB1sdl2g
-> ssh-ed25519 dASlBQ FVfNa8ql4GBQc8lFGyLZ76yq3hY0/XJPT5IenlxuIRg
4SmF95S6VDt43LuLZLPpUSB+4HHYl5LRVWV6MkW0q5M
-> ssh-ed25519 CzqbPQ 3BBzb1KkXAIzBsdQpHVQ53LjueHhJ8bcfZbH1ZV1D0I
OoHk1f28Qr5HHaOVuVm/Pr8MqEuGtuHev2pzlYmc93c
--- TcuCWM/kQHR+DtXdZlZCXHDoDxsFkzQbfM/Ebbcb5BI
<EFBFBD>|ìç38|H„%ËtˆÈ<CB86>38ΊrŠz¶‰ð?4ÜH¤“ÕŽ²ª×ø<C397>Có+„Ò