From 66f7a1be307417bcffb47753c77eab9cfcac273b Mon Sep 17 00:00:00 2001 From: Timo Boomers Date: Sat, 17 May 2025 15:09:05 +0200 Subject: [PATCH] changed rpi config --- .sops.yaml | 2 ++ flake.nix | 14 ++++++++------ hosts/p-th-rpi-01/home.nix | 31 +++++++++++++++--------------- modules/home/containers/static.nix | 2 +- modules/home/default.nix | 1 + 5 files changed, 28 insertions(+), 22 deletions(-) diff --git a/.sops.yaml b/.sops.yaml index f108aec..2d83fa9 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -1,7 +1,9 @@ keys: - &v-th-ctr-01 age1cs2p7tgk9356tjmet6526k3ghwq9we82nz6z7qggqns656paku6sx30tkg + - &p-th-rpi-01 age1dd7xpgnak6z6zmwa9889pjd6hmj42zaxq7ea8s47dlk3v6u5f37sldkt97 creation_rules: - path_regex: secrets/deploy.yaml$ key_groups: - age: - *v-th-ctr-01 + - *p-th-rpi-01 diff --git a/flake.nix b/flake.nix index 1f25a1e..2302edc 100644 --- a/flake.nix +++ b/flake.nix @@ -32,12 +32,19 @@ outputs = inputs@{ self, nixpkgs, nixpkgs-unstable, home-manager, nix-colors, stylix, nixos-cosmic, sops-nix, disko, ... }: let system = "x86_64-linux"; + system-arm = "aarch64-linux"; overlay-unstable = final: prev: { unstable = import nixpkgs-unstable { config.allowUnfree = true; localSystem = { inherit system; }; }; }; + overlay-unstable-arm = final: prev: { + unstable = import nixpkgs-unstable { + config.allowUnfree = true; + localSystem = { inherit system-arm; }; + }; + }; in { nixosConfigurations = { @@ -163,12 +170,7 @@ pkgs = nixpkgs.legacyPackages.aarch64-linux; extraSpecialArgs = { inherit inputs nix-colors; }; modules = [ - ({ config, pkgs, ... }: { nixpkgs.overlays = [ final: prev: { - unstable = import nixpkgs-unstable { - config.allowUnfree = true; - localSystem = { inherit "aarch64-linux"; }; - }; - } ]; }) + ({ config, pkgs, ... }: { nixpkgs.overlays = [ overlay-unstable ]; }) ./hosts/p-th-rpi-01/home.nix ]; diff --git a/hosts/p-th-rpi-01/home.nix b/hosts/p-th-rpi-01/home.nix index f6e82f8..d806163 100644 --- a/hosts/p-th-rpi-01/home.nix +++ b/hosts/p-th-rpi-01/home.nix @@ -40,22 +40,23 @@ containers = { network.enable = true; - nginx.enable = true; + nginx.enable = false; caddy.enable = true; - kanidm.enable = true; - forgejo.enable = true; - immich.enable = true; - homepage.enable = true; - uptime-kuma.enable = true; - pingvin-share.enable = true; - vaultwarden.enable = true; - paperless-ngx.enable = true; - beszel.enable = true; - storage.enable = true; - homeassistant.enable = true; - karakeep.enable = true; - vikunja.enable = true; - stalwart.enable = true; + kanidm.enable = false; + forgejo.enable = false; + immich.enable = false; + homepage.enable = false; + uptime-kuma.enable = false; + pingvin-share.enable = false; + vaultwarden.enable = false; + paperless-ngx.enable = false; + beszel.enable = false; + storage.enable = false; + homeassistant.enable = false; + karakeep.enable = false; + vikunja.enable = false; + stalwart.enable = false; + static.enable = true; }; }; diff --git a/modules/home/containers/static.nix b/modules/home/containers/static.nix index 2580480..b02f5a0 100644 --- a/modules/home/containers/static.nix +++ b/modules/home/containers/static.nix @@ -47,7 +47,7 @@ in { NUXT_PRIVATE_KEY_ID: "${config.sops.placeholder."containers/wrbapp/private-key-id"}" NUXT_PRIVATE_KEY: "${config.sops.placeholder."containers/wrbapp/private-key"}" NUXT_CLIENT_ID: "${config.sops.placeholder."containers/wrbapp/client-id"}" - '' + ''; }; }; diff --git a/modules/home/default.nix b/modules/home/default.nix index c35ec61..ae73463 100644 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -44,5 +44,6 @@ ./containers/karakeep.nix ./containers/vikunja.nix ./containers/stalwart.nix + ./containers/static.nix ]; }