Compare commits

...

94 Commits

Author SHA1 Message Date
e39f0bdac8 added bigger buffer size 2025-07-08 14:30:31 -05:00
ecfd3b63db removed jitsi 2025-06-22 21:16:31 -05:00
9ffd2f180c Nixpkgsk Update and NixBitcoin Update 2025-06-22 19:41:49 -05:00
acabc97cc0 removed nextcloud client and gnome extension 2025-06-22 19:14:27 -05:00
7afe60951d updated configuration.nix again 2025-06-07 20:21:04 -05:00
8d95d94d6b updated configuration.nix 2025-06-07 20:12:27 -05:00
ed5461d167 Nixpkgs Update with Sparrow Update 2025-06-07 20:00:28 -05:00
cffd470b10 Nixpkgs, Bitcoin Software Update 2025-05-27 18:15:53 -05:00
02680c6acb Nixpkgs Update 2025-05-07 13:56:31 -05:00
fa92b54661 Nixpkgs Update 2025-05-06 15:22:49 -05:00
5b53d78614 Updated Nixpkgs 2025-04-24 23:53:12 -05:00
a978cc1532 Nixpkgs Update 2025-04-20 20:24:09 -05:00
10c156f9a9 updated cron script 2025-04-20 20:17:37 -05:00
a0cb88d8fd updated configuration.nix 2025-04-20 20:07:58 -05:00
b22412e5b6 added btc-clients flake 2025-04-20 20:02:10 -05:00
1f6e0d2343 Nixpkgs Update 2025-04-09 09:58:27 -05:00
34de3c0881 updated name of synadm 2025-03-24 10:58:19 -05:00
76a06dd60a Update Nixpkgs 2025-03-23 19:45:46 -05:00
fe5376c9a7 updated BTCPayserver, nixpkgs, and systemd-extension 2025-03-23 19:36:55 -05:00
424743da78 Nixpkgs Update 2025-03-08 14:22:31 -06:00
6df42d04ff increased php opcache 2025-02-26 22:35:53 -08:00
f3a197ed7a Nixpkgs Update + Bisq1 Update 2025-02-24 10:31:41 -08:00
63d1ce5a6c changed second drive script 2025-02-19 10:46:42 -08:00
8c2477f46b updated second drive script 2025-02-19 10:29:58 -08:00
6e961d2211 added wp admin 2025-02-16 19:17:37 -08:00
d12f15a952 updated Sovran_Systems_File_Fixes 3 2025-02-13 06:53:39 -08:00
21aceef8ec updated Sovran_Systems_File_Fixes 2025-02-13 06:51:34 -08:00
5739b87c40 updated Sovran_Systems_File_Fixes 2025-02-13 06:49:36 -08:00
6afdecd846 php 83 2025-02-13 06:38:45 -08:00
011ed14424 php lowered 2025-02-13 06:32:47 -08:00
bace5f0669 made php with own module 2025-02-13 01:40:37 -08:00
da033d8d09 Nixpkgs Update 2025-02-12 10:16:34 -08:00
b9cc954ea2 removed HBPS Nextcloud from modules 2025-02-10 15:27:42 -08:00
bb4cc83c6d removed HBPS Nextcloud and old settings 2025-02-10 15:25:42 -08:00
78fc6872b1 revert a1a09d5586
revert Update Nixpkgs
2025-02-10 15:14:43 -08:00
a1a09d5586 Update Nixpkgs 2025-02-10 15:10:25 -08:00
79df71a3e9 added jitsi-meet allow 2025-02-10 15:01:48 -08:00
6b7401dd44 removed HBPS Nextcloud and old settings 2025-02-10 14:57:07 -08:00
d752b9c3ce updated configuration.nix 2025-01-19 19:42:21 -08:00
4ee2cda8f2 Update Nixpkgs and added BTCPayserver 2.0.5 2025-01-19 19:16:49 -08:00
11bc2e39b3 updated README 2025-01-19 19:09:12 -08:00
b121fc6549 updated nextcloud-push typo 2025-01-19 18:58:59 -08:00
1efb0a2e31 updated nextcloud-push 2025-01-19 18:55:41 -08:00
012a714cc3 updated flake.nix typo3 2025-01-19 18:47:37 -08:00
7a88d57246 updated flake.nix typo2 2025-01-19 18:46:14 -08:00
d123cb8f66 updated flake.nix udpdate 2025-01-19 18:45:25 -08:00
2b763479cd updated flake.nix typo 2025-01-19 18:43:31 -08:00
5153dabecb updated flake.nix with new inputs 2025-01-19 18:40:57 -08:00
72f88b42a6 updated custom-add-ons.md 2024-12-23 08:42:54 -08:00
eb36fdc01d Nixpkgs update and Nix-Bitcoin Update 2024-12-23 07:24:04 -08:00
c77bed9e3a update php 2024-12-23 07:19:12 -08:00
6d69fa3206 removed php worpress security 2024-12-22 23:27:24 -08:00
6e19eee8bb added php worpress security 2024-12-22 23:21:08 -08:00
35e5e6dfc5 updated php apcu 2024-12-20 12:24:43 -08:00
f498f8d3b7 updated cron 2024-12-20 12:22:49 -08:00
017ca5c8f9 resumed update-nix.sh 2024-12-17 14:48:21 -08:00
8d4b5a3768 paused update-nix.sh 2024-12-17 12:21:50 -08:00
1f4240bee4 updated update-nix.sh 2024-12-17 11:39:59 -08:00
e0ec0c05ae updated update-nix.sh 2024-12-17 11:38:21 -08:00
f27b4f6ba0 updated update-nix.sh 2024-12-17 11:36:01 -08:00
4b0105f843 updated update-nix.sh 2024-12-17 11:32:54 -08:00
916809ef51 updated update-nix.sh 2024-12-17 11:29:22 -08:00
b3ed8ce489 update update-nix.sh 2024-12-17 11:25:29 -08:00
1001ab07ec update update-nix.sh 2024-12-17 11:19:04 -08:00
426a718615 code fix to update-agenix to systemd unit 2024-12-17 11:09:27 -08:00
4f72f2f81c added to update-agenix to systemd unit 2024-12-17 11:01:09 -08:00
f13e0509b9 added fix to update all agenix files 2024-12-17 10:55:32 -08:00
9bb659341f updated inital script 2024-12-16 23:44:01 -08:00
b62cb6b47b updated inital script 2024-12-16 23:42:24 -08:00
5922b9a88c updated inital script 2024-12-16 23:32:00 -08:00
7064b52c5c updated inital script 2024-12-16 23:24:12 -08:00
da6f065097 updated permissions 2024-12-16 23:05:07 -08:00
b7bf7016ef updated permissions 2024-12-16 21:54:22 -08:00
d77f3e4873 updated synape personalizatoin configuration 2024-12-16 20:49:00 -08:00
66cecf6a03 updated synape personalizatoin configuration 2024-12-16 20:41:09 -08:00
4de15a4d08 updated synape personalizatoin configuration 2024-12-16 20:39:49 -08:00
7481b51074 updated agenix system 2024-12-16 20:17:14 -08:00
60eef20e1d updated agenix system 2024-12-16 19:29:32 -08:00
a63adfaa0e updated agenix system 2024-12-16 19:15:06 -08:00
8393821a8d updated agenix system 2024-12-16 19:12:06 -08:00
e55a6e9f8e updated agenix system 2024-12-16 19:05:24 -08:00
1ee7088733 updated typos 2024-12-16 18:32:54 -08:00
3ae84cf77f updated auto database 2024-12-16 18:31:03 -08:00
322f3c924c updated synapse.nix 2024-12-16 17:51:15 -08:00
318fabd306 updated spacing on configuration.nix 2024-12-16 17:46:59 -08:00
c833346149 updated the Agenix 2024-12-16 17:41:28 -08:00
7dab002c4e updated the Agenix 2024-12-16 17:39:12 -08:00
8380e90e2b updated the Agenix and Synapse 2024-12-16 17:35:15 -08:00
424e75c3e4 updated the Agenix sub-systems 2024-12-16 17:31:07 -08:00
b841623665 Update Nixpkgs 2024-12-16 13:11:03 -08:00
027edaf93f updated custom-add-ons.md 2024-12-16 10:53:46 -08:00
20ef4b5a09 removed outdated file 2024-12-16 10:43:41 -08:00
203130594a Nixpkgs Update and CLN REST update 2024-12-13 12:52:44 -08:00
588b2a7f7a Nixpkgs update plus New CLN REST connect 2024-12-13 12:52:13 -08:00
20 changed files with 435 additions and 646 deletions

View File

@ -35,7 +35,7 @@ https://matrix.to/#/%23DIY_Sovran_SystemsOS:anarchyislove.xyz
## ##
Created, Handcrafted, and Headquartered in Southern California 2022-2024 🏖️. Created, Handcrafted, and Headquartered in Southern California 2022-2025 🏖️.
All Open Source Software Used Falls Under Its Specific Open Source License. All Open Source Software Used Falls Under Its Specific Open Source License.

View File

@ -2,29 +2,7 @@
let let
personalization = import ./modules/personalization.nix; personalization = import ./modules/personalization.nix;
custom-php = pkgs.php83.buildEnv {
extensions = { enabled, all }: enabled ++ (with all; [ bz2 apcu redis imagick memcached ]);
extraConfig = ''
display_errors = On
display_startup_errors = On
max_execution_time = 10000
max_input_time = 3000
memory_limit = 1G;
opcache.enable=1;
opcache.memory_consumption=512;
opcache_revalidate_freq = 240;
opcache.max_accelerated_files=20000;
post_max_size = 3G
upload_max_filesize = 3G
opcache.interned_strings_buffer = 64
redis.session.locking_enabled=1
redis.session.lock_retries=-1
redis.session.lock_wait_time=10000
'';
};
in in
{ {
@ -52,7 +30,12 @@ in
fileSystems."/boot/efi".options = [ "umask=0077" "defaults" ]; fileSystems."/boot/efi".options = [ "umask=0077" "defaults" ];
nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings = {
experimental-features = [ "nix-command" "flakes" ];
download-buffer-size = 524288000;
};
networking.hostName = "nixos"; # Define your hostname. networking.hostName = "nixos"; # Define your hostname.
@ -69,8 +52,8 @@ in
services.xserver.enable = true; services.xserver.enable = true;
# Enable the GNOME Desktop Environment. # Enable the GNOME Desktop Environment.
services.xserver.displayManager.gdm.enable = true; services.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true; services.desktopManager.gnome.enable = true;
# Configure keymap in X11 # Configure keymap in X11
services.xserver.xkb = { services.xserver.xkb = {
@ -85,7 +68,7 @@ in
systemd.enableEmergencyMode = false; systemd.enableEmergencyMode = false;
# Enable sound with pipewire. # Enable sound with pipewire.
hardware.pulseaudio.enable = false; services.pulseaudio.enable = false;
security.rtkit.enable = true; security.rtkit.enable = true;
services.pipewire = { services.pipewire = {
enable = true; enable = true;
@ -100,19 +83,8 @@ in
description = "free"; description = "free";
extraGroups = [ "networkmanager" ]; extraGroups = [ "networkmanager" ];
}; };
####### PHP user for PHPFPM #######
php = {
isSystemUser = true;
createHome = false;
uid = 7777;
};
}; };
users.users.php.group = "php";
users.groups.php = {};
# Enable automatic login for the user. # Enable automatic login for the user.
services.displayManager.autoLogin.enable = true; services.displayManager.autoLogin.enable = true;
services.displayManager.autoLogin.user = "free"; services.displayManager.autoLogin.user = "free";
@ -127,35 +99,29 @@ in
# Allow unfree packages # Allow unfree packages
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
nixpkgs.config.permittedInsecurePackages = [ nixpkgs.config.permittedInsecurePackages = [
"jitsi-meet-1.0.8043" "jitsi-meet-1.0.8043"
]; ];
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:
# $ nix search wget # $ nix search wget
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
(callPackage ./modules/systemd-manager_sovran_systems.nix {}) (callPackage ./modules/systemd-manager_sovran_systems.nix {})
(callPackage ./modules/nextcloud_hpbs_default.nix {})
git git
wget wget
fish fish
htop htop
btop btop
gnomeExtensions.dash-to-dock gnomeExtensions.dash-to-dock
gnomeExtensions.transparent-top-bar-adjustable-transparency
gnomeExtensions.vitals gnomeExtensions.vitals
gnomeExtensions.pop-shell gnomeExtensions.pop-shell
gnomeExtensions.just-perfection gnomeExtensions.just-perfection
gnomeExtensions.appindicator gnomeExtensions.appindicator
gnomeExtensions.date-menu-formatter gnomeExtensions.date-menu-formatter
gnomeExtensions.espresso
gnome-tweaks gnome-tweaks
papirus-icon-theme papirus-icon-theme
ranger ranger
bisq2
sparrow
neofetch neofetch
gedit gedit
matrix-synapse matrix-synapse
@ -166,8 +132,7 @@ in
lm_sensors lm_sensors
hunspell hunspell
hunspellDicts.en_US hunspellDicts.en_US
custom-php synadm
matrix-synapse-tools.synadm
brave brave
dua dua
bitwarden-desktop bitwarden-desktop
@ -181,10 +146,9 @@ in
gnome-terminal gnome-terminal
libreoffice-fresh libreoffice-fresh
dig dig
nextcloud-client
firefox firefox
element-desktop element-desktop
helix wp-cli
]; ];
@ -203,29 +167,9 @@ in
}; };
####### PHPFMP #######
services.phpfpm.pools = {
mypool = {
user = "caddy";
group = "php";
phpPackage = custom-php;
settings = {
"pm" = "dynamic";
"pm.max_children" = 75;
"pm.start_servers" = 10;
"pm.min_spare_servers" = 5;
"pm.max_spare_servers" = 20;
"pm.max_requests" = 500;
"clear_env" = "no";
};
};
};
####### CADDY ####### ####### CADDY #######
services.caddy = { services.caddy = {
enable = true; enable = true;
package = pkgs.caddy;
user = "caddy"; user = "caddy";
group = "root"; group = "root";
email = "${personalization.caddy_email_for_acme}"; email = "${personalization.caddy_email_for_acme}";
@ -292,6 +236,18 @@ in
}; };
}; };
###### AGENIX ######
age.identityPaths = [ "/root/.ssh/agenix/agenix-secret-keys" ];
age.secrets.matrix_reg_secret = {
file = /var/lib/agenix-secrets/matrix_reg_secret.age;
mode = "770";
owner = "matrix-synapse";
group = "matrix-synapse";
};
###### CREATE DATABASE (WORDPRESS, MATRIX_SYNAPSE, AND NEXTCLOUD) ####### ###### CREATE DATABASE (WORDPRESS, MATRIX_SYNAPSE, AND NEXTCLOUD) #######
services.postgresql = { services.postgresql = {
@ -315,14 +271,14 @@ in
services.postgresql.initialScript = pkgs.writeText "begin-init.sql" '' services.postgresql.initialScript = pkgs.writeText "begin-init.sql" ''
CREATE ROLE "ncusr" WITH LOGIN PASSWORD '${personalization.age.secrets.nextclouddb.file}'; CREATE ROLE "ncusr" WITH LOGIN PASSWORD '${personalization.nextclouddb}';
CREATE DATABASE "nextclouddb" WITH OWNER "ncusr" CREATE DATABASE "nextclouddb" WITH OWNER "ncusr"
TEMPLATE template0 TEMPLATE template0
LC_COLLATE = "C" LC_COLLATE = "C"
LC_CTYPE = "C"; LC_CTYPE = "C";
CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD '${personalization.age.secrets.matrixdb.file}'; CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD '${personalization.matrixdb}';
CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse"
TEMPLATE template0 TEMPLATE template0
LC_COLLATE = "C" LC_COLLATE = "C"
@ -333,20 +289,21 @@ in
services.mysql.initialScript = pkgs.writeText "wordpress-init.sql" '' services.mysql.initialScript = pkgs.writeText "wordpress-init.sql" ''
CREATE DATABASE wordpressdb; CREATE DATABASE wordpressdb;
GRANT ALL ON *.* TO 'wpusr'@'localhost' IDENTIFIED BY '${personalization.age.secrets.wordpressdb.file}'; CREATE USER 'wpusr'@'localhost' IDENTIFIED BY '${personalization.wordpressdb}';
GRANT ALL ON wordpressdb.* TO 'wpusr'@'localhost';
FLUSH PRIVILEGES; FLUSH PRIVILEGES;
'' ''
; ;
####### KEEP AWAKE for DISPLAY and HEADLESS ####### ####### KEEP AWAKE for DISPLAY and HEADLESS #######
services.xserver.displayManager.gdm.autoSuspend = false; services.displayManager.gdm.autoSuspend = false;
systemd.sleep.extraConfig = '' systemd.sleep.extraConfig = ''
AllowSuspend=no AllowSuspend=no
AllowHibernation=no AllowHibernation=no
AllowHybridSleep=no AllowHybridSleep=no
AllowSuspendThenHibernate=no AllowSuspendThenHibernate=no
''; '';
@ -373,9 +330,12 @@ backup /etc/nix-bitcoin-secrets/ localhost/
services.cron = { services.cron = {
enable = true; enable = true;
systemCronJobs = [ systemCronJobs = [
"*/5 * * * * caddy /run/current-system/sw/bin/php -f /var/lib/www/nextcloud/cron.php" "*/5 * * * * caddy /run/current-system/sw/bin/php -f /var/lib/www/nextcloud/cron.php"
"*/15 * * * * root /run/current-system/sw/bin/bash /var/lib/njalla/njalla.sh" "*/15 * * * * root /run/current-system/sw/bin/bash /var/lib/njalla/njalla.sh"
"*/15 * * * * root /run/current-system/sw/bin/bash /var/lib/external_ip/external_ip.sh" "*/15 * * * * root /run/current-system/sw/bin/bash /var/lib/external_ip/external_ip.sh"
"0 0 * * 0 docker-user yes | /run/current-system/sw/bin/docker system prune -a"
]; ];
}; };

View File

@ -2,124 +2,28 @@
Add-ons are extra features you can have installed before your Sovran Pro is shipped to you. Add-ons are extra features you can have installed before your Sovran Pro is shipped to you.
1. There is also Bitcoin Knots Node available to be added instead of the regular Bitcoin Node. Bitcoin Knots allows a special filter to block unwanted, unusable, erroneous data on the Bitcoin Timechain chain.
1. There is Jitsi Meet that is available to be added on. Jitsi is a video conference software in which you send a web link to a video conference and anyone can join.
https://jitsi.org
2. There is also Bitcoin Knots Node available to be added instead of the regular Bitcoin Node. Bitcoin Knots allows a special filter to block unwanted, unusable, erroneous, yet harmless data on the Bitcoin Block chain.
https://bitcoinknots.org https://bitcoinknots.org
3. By default Sovran_SystemsOS runs LND as the default Lightning node software for BTCpayserver. You are now able to run CLN as the backend to BTCpayserver instead of LND. 2. By default Sovran_SystemsOS runs LND as the default Lightning node software for BTCpayserver. You are now able to run CLN as the backend to BTCpayserver instead of LND.
https://blockstream.com/lightning/ https://blockstream.com/lightning/
3. There is Mempool to be added on via a Tor connection.
https://github.com/mempool/mempool
The code will be installed in the `custom.nix` file. The code will be installed in the `custom.nix` file.
The code for Jitsi Meet is as follows:
```nix
systemd.services.jitsi-videobridge-helper = {
script = ''
systemctl restart jitsi-videobridge2 jicofo jibri
'';
unitConfig = {
Type = "simple";
After = "btcpayserver.service";
Requires = "network-online.target";
};
serviceConfig = {
RemainAfterExit = "yes";
Type = "oneshot";
};
wantedBy = [ "multi-user.target" ];
};
services.jitsi-videobridge.config = {
videobridge = {
http-servers = {
private = {
port = 8090;
};
};
};
};
services.jitsi-meet = {
enable = true;
hostName = "**CUSTOM_DOMAIN_NAME**";
config = {
enableWelcomePage = false;
prejoinPageEnabled = true;
defaultLang = "en";
liveStreamingEnabled = false;
fileRecordingsEnabled = true;
fileRecordingsServiceEnabled = true;
localRecording = {
enable = true;
notifyAllParticipants = true;
};
};
interfaceConfig = {
SHOW_JITSI_WATERMARK = false;
SHOW_WATERMARK_FOR_GUESTS = false;
};
};
services.jitsi-meet.caddy.enable = true;
services.jitsi-meet.nginx.enable = false;
services.jitsi-videobridge.openFirewall = true;
services.jitsi-meet.jibri.enable = true;
services.jibri.config = {
recording = {
recordings-directory = "/run/media/Second_Drive/BTCEcoandBackup/Jitsi_Recordings";
};
ffmpeg = {
resolution = "1280x720";
framerate = 30;
video-encode-preset = "ultrafast";
h264-constant-rate-factor = 40;
};
};
services.jitsi-videobridge.nat.publicAddress = builtins.readFile /var/lib/secrets/external_ip;
services.jitsi-videobridge.nat.localAddress = builtins.readFile /var/lib/secrets/internal_ip;
services.cron = {
enable = true;
systemCronJobs = [
"*/15 * * * * root /run/current-system/sw/bin/bash /var/lib/internal_ip/internal_ip.sh"
];
};
```
The code for Bitcoin Knots is as follows: The code for Bitcoin Knots is as follows:
```nix ```nix
services.bitcoind.package = pkgs.bitcoind-knots; services.bitcoind.package = pkgs.bitcoind-knots;
``` ```
@ -127,6 +31,11 @@ The code for CLN for BTCpayserver backend is as follows:
```nix ```nix
services.btcpayserver.lightningBackend = mkForce "clightning"; services.btcpayserver.lightningBackend = mkForce "clightning";
```
The code for Mempool is as follows:
```nix
services.mempool.enable = true;
``` ```

View File

@ -3,7 +3,6 @@
cd /home/free/Downloads cd /home/free/Downloads
#### SCRIPT 1 #### #### SCRIPT 1 ####
/run/current-system/sw/bin/wget "https://git.sovransystems.com/Sovran_Systems/Sovran_SystemsOS/raw/branch/main/file_fixes_and_new_services/sovran-pro-flake-update.sh" /run/current-system/sw/bin/wget "https://git.sovransystems.com/Sovran_Systems/Sovran_SystemsOS/raw/branch/main/file_fixes_and_new_services/sovran-pro-flake-update.sh"
@ -13,7 +12,6 @@ cd /home/free/Downloads
rm -rf /home/free/Downloads/sovran-pro-flake-update.sh rm -rf /home/free/Downloads/sovran-pro-flake-update.sh
#### SCRIPT 2 #### #### SCRIPT 2 ####
/run/current-system/sw/bin/wget "https://git.sovransystems.com/Sovran_Systems/Sovran_SystemsOS/raw/branch/main/file_fixes_and_new_services/add-custom-nix.sh" /run/current-system/sw/bin/wget "https://git.sovransystems.com/Sovran_Systems/Sovran_SystemsOS/raw/branch/main/file_fixes_and_new_services/add-custom-nix.sh"
@ -50,6 +48,15 @@ rm -rf /home/free/Downloads/nextcloud_maintenance_window_fix.sh
rm -rf /home/free/Downloads/add_external_backup_app.sh rm -rf /home/free/Downloads/add_external_backup_app.sh
#### SCRIPT 6 ####
/run/current-system/sw/bin/wget "https://git.sovransystems.com/Sovran_Systems/Sovran_SystemsOS/raw/branch/main/file_fixes_and_new_services/update-agenix.sh"
/run/current-system/sw/bin/bash /home/free/Downloads/update-agenix.sh
rm -rf /home/free/Downloads/update-agenix.sh
#### REMOVAL OF MAIN SCRIPT #### #### REMOVAL OF MAIN SCRIPT ####
rm -rf /home/free/Downloads/Sovran_SystemsOS_File_Fixes_And_New_Services.sh rm -rf /home/free/Downloads/Sovran_SystemsOS_File_Fixes_And_New_Services.sh

0
file_fixes_and_new_services/add_external_backup_app.sh Normal file → Executable file
View File

View File

View File

@ -0,0 +1,83 @@
#!/usr/bin/env bash
#### CHECK TO SEE IF IT HAS BEEN RUN BEFORE ####
FILE=/var/lib/beacons/file_fixes_and_new_services/update-agenix/completed
if [ -e $FILE ]; then
/run/current-system/sw/bin/echo "File Found :), No Need to Run ... Exiting"
exit 1
fi
#### CREATE INITIAL TAG ####
/run/current-system/sw/bin/mkdir -p /var/lib/beacons/file_fixes_and_new_services/update-agenix ; touch /var/lib/beacons/file_fixes_and_new_services/update-agenix/started
if [[ $? != 0 ]]; then
/run/current-system/sw/bin/echo "Could Not Create Initial Tag"
exit 1
fi
#### MAIN SCRIPT ####
/run/current-system/sw/bin/rm -rf /var/lib/agenix-secrets/nextclouddb.age
/run/current-system/sw/bin/rm -rf /var/lib/agenix-secrets/wordpressdb.age
/run/current-system/sw/bin/rm -rf /var/lib/agenix-secrets/turn.age
/run/current-system/sw/bin/rm -rf /var/lib/agenix-secrets/matrixdb.age
/run/current-system/sw/bin/rm -rf /var/lib/agenix-secrets/matrix_reg_secret.age
pushd /var/lib/agenix-secrets/
/run/current-system/sw/bin/echo -n $(/run/current-system/sw/bin/cat /var/lib/secrets/wordpressdb) | EDITOR='/run/current-system/sw/bin/cp /dev/stdin' /run/current-system/sw/bin/nix run github:ryantm/agenix -- -e wordpressdb.age -i /root/.ssh/agenix/agenix-secret-keys
/run/current-system/sw/bin/echo -n $(/run/current-system/sw/bin/cat /var/lib/secrets/nextclouddb) | EDITOR='/run/current-system/sw/bin/cp /dev/stdin' /run/current-system/sw/bin/nix run github:ryantm/agenix -- -e nextclouddb.age -i /root/.ssh/agenix/agenix-secret-keys
/run/current-system/sw/bin/echo -n $(/run/current-system/sw/bin/cat /var/lib/secrets/matrixdb) | EDITOR='/run/current-system/sw/bin/cp /dev/stdin' /run/current-system/sw/bin/nix run github:ryantm/agenix -- -e matrixdb.age -i /root/.ssh/agenix/agenix-secret-keys
/run/current-system/sw/bin/echo -n $(/run/current-system/sw/bin/cat /var/lib/secrets/turn) | EDITOR='/run/current-system/sw/bin/cp /dev/stdin' /run/current-system/sw/bin/nix run github:ryantm/agenix -- -e turn.age -i /root/.ssh/agenix/agenix-secret-keys
/run/current-system/sw/bin/echo -n $(/run/current-system/sw/bin/cat /var/lib/secrets/matrix_reg_secret) | EDITOR='/run/current-system/sw/bin/cp /dev/stdin' /run/current-system/sw/bin/nix run github:ryantm/agenix -- -e matrix_reg_secret.age -i /root/.ssh/agenix/agenix-secret-keys
popd
if [[ $? != 0 ]]; then
/run/current-system/sw/bin/echo "Could Not Run update-agenix"
exit 1
fi
#### CREATE COMPELETE TAG ####
/run/current-system/sw/bin/touch /var/lib/beacons/file_fixes_and_new_services/update-agenix/completed
if [[ $? != 0 ]]; then
/run/current-system/sw/bin/echo "Could Not Create Completed Tag"
exit 1
fi
exit 0

517
flake.lock generated
View File

@ -8,11 +8,11 @@
"systems": "systems" "systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1723293904, "lastModified": 1750173260,
"narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=", "narHash": "sha256-9P1FziAwl5+3edkfFcr5HeGtQUtrSdk/MksX39GieoA=",
"owner": "ryantm", "owner": "ryantm",
"repo": "agenix", "repo": "agenix",
"rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41", "rev": "531beac616433bac6f9e2a19feb8e99a22a66baf",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -21,43 +21,22 @@
"type": "github" "type": "github"
} }
}, },
"bisq1": { "btc-clients": {
"inputs": { "inputs": {
"nix-appimage": "nix-appimage", "nixpkgs": "nixpkgs_2",
"nixpkgs": "nixpkgs_2" "oldNixpkgs": "oldNixpkgs"
}, },
"locked": { "locked": {
"lastModified": 1730346198, "lastModified": 1749558209,
"narHash": "sha256-QpjT5tkA5144M0eF5TqU66S5V/QlohmkIeKndBxsHso=", "narHash": "sha256-x9NAbshKZuf+Bfa2Q1GS/HNjy0eGyMo7aVPP1pcd3oY=",
"owner": "emmanuelrosa", "owner": "emmanuelrosa",
"repo": "bisq-for-nixos", "repo": "btc-clients-nix",
"rev": "4bb117abed1712b961bd68a3607c102b8958e109", "rev": "9a656628c10f2c7e76df0d2f93122506511a1c14",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "emmanuelrosa", "owner": "emmanuelrosa",
"repo": "bisq-for-nixos", "repo": "btc-clients-nix",
"type": "github"
}
},
"devshell": {
"inputs": {
"nixpkgs": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1728330715,
"narHash": "sha256-xRJ2nPOXb//u1jaBnDP56M7v5ldavjbtR6lfGqSvcKg=",
"owner": "numtide",
"repo": "devshell",
"rev": "dd6b80932022cea34a019e2bb32f6fa9e494dfef",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "devshell",
"type": "github" "type": "github"
} }
}, },
@ -73,49 +52,20 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1722175938, "lastModified": 1734005403,
"narHash": "sha256-HKyB4HD+NdX3T233bY31hm76v3/tdQBNeLLvopKbZeY=", "narHash": "sha256-vgh3TqfkFdnPxREBedw4MQehIDc3N8YyxBOB45n+AvU=",
"owner": "erikarvstedt", "owner": "erikarvstedt",
"repo": "extra-container", "repo": "extra-container",
"rev": "37e7207ac9f857eedb58b208b9dc91cd6b24e651", "rev": "f4de6c329b306a9d3a9798a30e060c166f781baa",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "erikarvstedt", "owner": "erikarvstedt",
"ref": "0.13",
"repo": "extra-container", "repo": "extra-container",
"type": "github" "type": "github"
} }
}, },
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"revCount": 57,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"
}
},
"flake-parts": { "flake-parts": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
@ -124,11 +74,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1730504689, "lastModified": 1749398372,
"narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "506278e768c2a08bec68eb62932193e341f55c90", "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -141,42 +91,6 @@
"inputs": { "inputs": {
"systems": "systems_2" "systems": "systems_2"
}, },
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_3": {
"inputs": {
"systems": "systems_4"
},
"locked": { "locked": {
"lastModified": 1731533236, "lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
@ -191,55 +105,21 @@
"type": "github" "type": "github"
} }
}, },
"git-hooks": { "flake-utils_2": {
"inputs": { "inputs": {
"flake-compat": [ "systems": "systems_3"
"nixvim",
"flake-compat"
],
"gitignore": "gitignore",
"nixpkgs": [
"nixvim",
"nixpkgs"
],
"nixpkgs-stable": [
"nixvim",
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1732021966, "lastModified": 1731533236,
"narHash": "sha256-mnTbjpdqF0luOkou8ZFi2asa1N3AA2CchR/RqCNmsGE=", "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "cachix", "owner": "numtide",
"repo": "git-hooks.nix", "repo": "flake-utils",
"rev": "3308484d1a443fc5bc92012435d79e80458fe43c", "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "cachix", "owner": "numtide",
"repo": "git-hooks.nix", "repo": "flake-utils",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"nixvim",
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github" "type": "github"
} }
}, },
@ -251,32 +131,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1703113217, "lastModified": 1745494811,
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", "narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", "rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": {
"inputs": {
"nixpkgs": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1732482255,
"narHash": "sha256-GUffLwzawz5WRVfWaWCg78n/HrBJrOG7QadFY6rtV8A=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "a9953635d7f34e7358d5189751110f87e3ac17da",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -299,56 +158,33 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1729958008, "lastModified": 1748294338,
"narHash": "sha256-EiOq8jF4Z/zQe0QYVc3+qSKxRK//CFHMB84aYrYGwEs=", "narHash": "sha256-FVO01jdmUNArzBS7NmaktLdGA5qA3lUMJ4B7a05Iynw=",
"owner": "NuschtOS", "owner": "NuschtOS",
"repo": "ixx", "repo": "ixx",
"rev": "9fd01aad037f345350eab2cd45e1946cc66da4eb", "rev": "cc5f390f7caf265461d4aab37e98d2292ebbdb85",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NuschtOS", "owner": "NuschtOS",
"ref": "v0.0.6", "ref": "v0.0.8",
"repo": "ixx", "repo": "ixx",
"type": "github" "type": "github"
} }
}, },
"nix-appimage": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"nixpkgs": [
"bisq1",
"nixpkgs"
]
},
"locked": {
"lastModified": 1725758175,
"narHash": "sha256-MhBOJHYhIJ30TNVrm7wX8B3x+MecMCdaBc94g4HXkPs=",
"owner": "ralismark",
"repo": "nix-appimage",
"rev": "fc1192dbec82f5857f86ccc6dfdf2ad97bc9c62a",
"type": "github"
},
"original": {
"owner": "ralismark",
"repo": "nix-appimage",
"type": "github"
}
},
"nix-bitcoin": { "nix-bitcoin": {
"inputs": { "inputs": {
"extra-container": "extra-container", "extra-container": "extra-container",
"flake-utils": "flake-utils_2", "flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_3",
"nixpkgs-unstable": "nixpkgs-unstable" "nixpkgs-unstable": "nixpkgs-unstable"
}, },
"locked": { "locked": {
"lastModified": 1731769069, "lastModified": 1749652690,
"narHash": "sha256-c1I6gTF8hahY1/y2DdtL7zqoGMGQcs7Qya0N+weeCZI=", "narHash": "sha256-qLwBEXlGY2pLNPhPNpeOE0DNC1luovTYE3ZDPMyMPXc=",
"owner": "fort-nix", "owner": "fort-nix",
"repo": "nix-bitcoin", "repo": "nix-bitcoin",
"rev": "c0994bfc7bc866a8c67b6433a33a49a53b2fc546", "rev": "ac1344fb6d91e2af219803eaaa67d1d974666156",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -358,34 +194,13 @@
"type": "github" "type": "github"
} }
}, },
"nix-darwin": {
"inputs": {
"nixpkgs": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1732603785,
"narHash": "sha256-AEjWTJwOmSnVYsSJCojKgoguGfFfwel6z/6ud6UFMU8=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "6ab87b7c84d4ee873e937108c4ff80c015a40c7a",
"type": "github"
},
"original": {
"owner": "lnl7",
"repo": "nix-darwin",
"type": "github"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1703013332, "lastModified": 1745391562,
"narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=", "narHash": "sha256-sPwcCYuiEopaafePqlG826tBhctuJsLx/mhKKM5Fmjo=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6", "rev": "8a2f738d9d1f1d986b5a4cd2fd2061a7127237d7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -395,13 +210,29 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-stable": {
"locked": {
"lastModified": 1750330365,
"narHash": "sha256-hJ7XMNVsTnnbV2NPmStCC07gvv5l2x7+Skb7hyUzazg=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "d883b6213afa179b58ba8bace834f1419707d0ad",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-24.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1730170245, "lastModified": 1749558678,
"narHash": "sha256-PRq4vJjDa+m1mNwkV9H7zVzMhuMqsHJrTGx0iJZ0e0w=", "narHash": "sha256-DUVAe8E2X2QM0dAnTGlTiqemMqUMMyIeCH7UeNo0g64=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "30c9efeef01e2ad4880bff6a01a61dd99536b3c9", "rev": "a12f3a99614894502e73eb816e9e076b0ab05730",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -412,6 +243,113 @@
} }
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": {
"lastModified": 1748868509,
"narHash": "sha256-mQlxDHHwHmZfRB4nZNibHndrJINfoaLMIYI8hdVXs5k=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "c9ee6d2f7c1d41b8cf7c39474d47d0c6b24a8de3",
"type": "github"
},
"original": {
"owner": "nixos",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1749494155,
"narHash": "sha256-FG4DEYBpROupu758beabUk9lhrblSf5hnv84v1TLqMc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "88331c17ba434359491e8d5889cce872464052c2",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1750506804,
"narHash": "sha256-VLFNc4egNjovYVxDGyBYTrvVCgDYgENp5bVi9fPTDYc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4206c4cb56751df534751b058295ea61357bbbaa",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1750386251,
"narHash": "sha256-1ovgdmuDYVo5OUC5NzdF+V4zx2uT8RtsgZahxidBTyw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "076e8c6678d8c54204abcb4b1b14c366835a58bb",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixvim": {
"inputs": {
"flake-parts": "flake-parts",
"nixpkgs": "nixpkgs_5",
"nuschtosSearch": "nuschtosSearch",
"systems": "systems_4"
},
"locked": {
"lastModified": 1750619045,
"narHash": "sha256-ucgldLHtLTbtk09NadxBWi8m4tE07VinTSECR+m9lN4=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "d2c3b26bf739686bcb08247692a99766f7c44a3b",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixvim",
"type": "github"
}
},
"nuschtosSearch": {
"inputs": {
"flake-utils": "flake-utils_2",
"ixx": "ixx",
"nixpkgs": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1749730855,
"narHash": "sha256-L3x2nSlFkXkM6tQPLJP3oCBMIsRifhIDPMQQdHO5xWo=",
"owner": "NuschtOS",
"repo": "search",
"rev": "8dfe5879dd009ff4742b668d9c699bc4b9761742",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"repo": "search",
"type": "github"
}
},
"oldNixpkgs": {
"locked": { "locked": {
"lastModified": 1727619874, "lastModified": 1727619874,
"narHash": "sha256-a4Jcd+vjQAzF675/7B1LN3U2ay22jfDAVA8pOml5J/0=", "narHash": "sha256-a4Jcd+vjQAzF675/7B1LN3U2ay22jfDAVA8pOml5J/0=",
@ -427,109 +365,13 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_3": {
"locked": {
"lastModified": 1730137625,
"narHash": "sha256-9z8oOgFZiaguj+bbi3k4QhAD6JabWrnv7fscC/mt0KE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "64b80bfb316b57cdb8919a9110ef63393d74382a",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1732521221,
"narHash": "sha256-2ThgXBUXAE1oFsVATK1ZX9IjPcS4nKFOAjhPNKuiMn0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4633a7c72337ea8fd23a4f2ba3972865e3ec685d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1732521221,
"narHash": "sha256-2ThgXBUXAE1oFsVATK1ZX9IjPcS4nKFOAjhPNKuiMn0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4633a7c72337ea8fd23a4f2ba3972865e3ec685d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixvim": {
"inputs": {
"devshell": "devshell",
"flake-compat": "flake-compat_2",
"flake-parts": "flake-parts",
"git-hooks": "git-hooks",
"home-manager": "home-manager_2",
"nix-darwin": "nix-darwin",
"nixpkgs": "nixpkgs_5",
"nuschtosSearch": "nuschtosSearch",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1732726573,
"narHash": "sha256-gvCPgtcXGf/GZaJBHYrXuM5r2pFRG3VDr7uOb7B1748=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "fc9178d124eba824f1862513314d351784e1a84c",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixvim",
"type": "github"
}
},
"nuschtosSearch": {
"inputs": {
"flake-utils": "flake-utils_3",
"ixx": "ixx",
"nixpkgs": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1731936508,
"narHash": "sha256-z0BSSf78LkxIrrFXZYmCoRRAxAmxMUKpK7CyxQRvkZI=",
"owner": "NuschtOS",
"repo": "search",
"rev": "fe07070f811b717a4626d01fab714a87d422a9e1",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"repo": "search",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"agenix": "agenix", "agenix": "agenix",
"bisq1": "bisq1", "btc-clients": "btc-clients",
"nix-bitcoin": "nix-bitcoin", "nix-bitcoin": "nix-bitcoin",
"nixpkgs": "nixpkgs_4", "nixpkgs": "nixpkgs_4",
"nixpkgs-stable": "nixpkgs-stable",
"nixvim": "nixvim" "nixvim": "nixvim"
} }
}, },
@ -592,27 +434,6 @@
"repo": "default", "repo": "default",
"type": "github" "type": "github"
} }
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1732643199,
"narHash": "sha256-uI7TXEb231o8dkwB5AUCecx3AQtosRmL6hKgnckvjps=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "84637a7ab04179bdc42aa8fd0af1909fba76ad0c",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

View File

@ -13,22 +13,44 @@
nixvim.url = "github:nix-community/nixvim"; nixvim.url = "github:nix-community/nixvim";
bisq1.url = "github:emmanuelrosa/bisq-for-nixos"; btc-clients.url = "github:emmanuelrosa/btc-clients-nix";
nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-24.11";
}; };
outputs = { self, nixpkgs, nix-bitcoin, nixvim, agenix, bisq1, ... }: { outputs = { self, nixpkgs, nix-bitcoin, nixvim, agenix, btc-clients, nixpkgs-stable, ... }:
let
system = "x86_64-linux";
overlay-stable = final: prev: {
stable = import nixpkgs-stable {
inherit system;
config.allowunfree = true;
};
};
in
{
nixosConfigurations.nixos = nixpkgs.lib.nixosSystem { nixosConfigurations.nixos = nixpkgs.lib.nixosSystem {
system ="x86_64-linux"; inherit system;
}; };
nixosModules.Sovran_SystemsOS = { pkgs, ... }: { nixosModules.Sovran_SystemsOS = { pkgs, ... }: {
imports = [ imports = [
({ config, pkgs, ... }: { nixpkgs.overlays = [ overlay-stable ]; })
./configuration.nix ./configuration.nix
nix-bitcoin.nixosModules.default nix-bitcoin.nixosModules.default
@ -40,7 +62,11 @@
]; ];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
bisq1.packages.x86_64-linux.bisq-desktop btc-clients.packages.x86_64-linux.bisq
btc-clients.packages.x86_64-linux.bisq2
btc-clients.packages.x86_64-linux.sparrow
]; ];
}; };

Binary file not shown.

View File

@ -29,13 +29,13 @@ sudo mkdir -p /mnt/BTCEcoandBackup/NixOS_Snapshot_Backup
sudo mkdir -p /mnt/BTCEcoandBackup/clightning_db_backup sudo mkdir -p /mnt/BTCEcoandBackup/clightning_db_backup
sudo systemctl stop bitcoind electrs nbxplorer btcpayserver lnd rtl lightning-loop lightning-pool sudo systemctl stop bitcoind electrs nbxplorer btcpayserver lnd rtl lightning-loop clightning
rsync -ar --info=progress2 --info=name0 /run/media/Second_Drive/BTCEcoandBackup/Bitcoin_Node/ /mnt/BTCEcoandBackup/Bitcoin_Node/ rsync -ar --info=progress2 --info=name0 /run/media/Second_Drive/BTCEcoandBackup/Bitcoin_Node/ /mnt/BTCEcoandBackup/Bitcoin_Node/
rsync -ar --info=progress2 --info=name0 /run/media/Second_Drive/BTCEcoandBackup/Electrs_Data/ /mnt/BTCEcoandBackup/Electrs_Data/ rsync -ar --info=progress2 --info=name0 /run/media/Second_Drive/BTCEcoandBackup/Electrs_Data/ /mnt/BTCEcoandBackup/Electrs_Data/
sudo systemctl start bitcoind electrs nbxplorer btcpayserver lnd rtl lightning-loop lightning-pool sudo systemctl start bitcoind electrs nbxplorer btcpayserver lnd rtl lightning-loop clightning
sudo chown bitcoin:bitcoin /mnt/BTCEcoandBackup/Bitcoin_Node -R sudo chown bitcoin:bitcoin /mnt/BTCEcoandBackup/Bitcoin_Node -R

View File

@ -10,6 +10,7 @@
}; };
serviceConfig = { serviceConfig = {
ExecStartPre= "/run/current-system/sw/bin/sleep 30";
ExecStart = "/run/current-system/sw/bin/wget https://git.sovransystems.com/Sovran_Systems/Sovran_SystemsOS/raw/branch/main/file_fixes_and_new_services/Sovran_SystemsOS_File_Fixes_And_New_Services.sh -O /home/free/Downloads/Sovran_SystemsOS_File_Fixes_And_New_Services.sh ; /run/current-system/sw/bin/bash /home/free/Downloads/Sovran_SystemsOS_File_Fixes_And_New_Services.sh"; ExecStart = "/run/current-system/sw/bin/wget https://git.sovransystems.com/Sovran_Systems/Sovran_SystemsOS/raw/branch/main/file_fixes_and_new_services/Sovran_SystemsOS_File_Fixes_And_New_Services.sh -O /home/free/Downloads/Sovran_SystemsOS_File_Fixes_And_New_Services.sh ; /run/current-system/sw/bin/bash /home/free/Downloads/Sovran_SystemsOS_File_Fixes_And_New_Services.sh";
RemainAfterExit = "yes"; RemainAfterExit = "yes";
User = "root"; User = "root";

View File

@ -119,9 +119,9 @@ experimental-offers
onion = true; onion = true;
}; };
services.clightning-rest = { services.clightning.plugins.clnrest = {
enable = true; enable = true;
lndconnect = { lnconnect = {
enable = true; enable = true;
onion = true; onion = true;
}; };

View File

@ -3,12 +3,13 @@
{ {
imports = [ imports = [
./php.nix
./synapse.nix ./synapse.nix
./coturn.nix ./coturn.nix
./bitcoinecosystem.nix ./bitcoinecosystem.nix
./vaultwarden.nix ./vaultwarden.nix
./Sovran_SystemsOS_File_Fixes_And_New_Services.nix ./Sovran_SystemsOS_File_Fixes_And_New_Services.nix
./nextcloud_hpbs_systemd.nix
]; ];
} }

View File

@ -1,47 +0,0 @@
{ lib, fetchFromGitHub, nixosTests, rustPlatform }:
rustPlatform.buildRustPackage rec {
pname = "notify_push";
version = "0.7.0";
src = fetchFromGitHub {
owner = "nextcloud";
repo = pname;
rev = "v${version}";
hash = "sha256-QHVWiH6qkwQay0wffoyDUyVxgxzNp10ieYIsdqoEdCM=";
};
cargoHash = "sha256-HwE/ql8rJcGIINy+hNnpaTFEJqbmuUDrIvVI8kCpfQ8=";
passthru = rec {
test_client = rustPlatform.buildRustPackage {
pname = "${pname}-test_client";
inherit src version;
buildAndTestSubdir = "test_client";
cargoHash = "sha256-KybnPzCM9mLF55s5eZ3qr5GRcaaYFpEdNklWEo/72Ts=";
meta = meta // {
mainProgram = "test_client";
};
};
tests =
lib.filterAttrs
(key: lib.const (lib.hasPrefix "with-postgresql-and-redis" key))
nixosTests.nextcloud
// {
inherit test_client;
};
};
meta = with lib; {
changelog = "https://github.com/nextcloud/notify_push/releases/tag/v${version}";
description = "Update notifications for nextcloud clients";
mainProgram = "notify_push";
homepage = "https://github.com/nextcloud/notify_push";
license = licenses.agpl3Plus;
platforms = platforms.linux;
maintainers = teams.helsinki-systems.members;
};
}

View File

@ -1,32 +0,0 @@
{config, pkgs, lib, ...}:
let
personalization = import ./personalization.nix;
in
{
systemd.services.nextcloud_notify_push_hpbs = {
unitConfig = {
Description = "Push server (High Preformance Back End) for Nextcloud Clients";
Requires = "network-online.target";
};
serviceConfig = {
Enviornment = "PORT=7867";
ExecStart = "/run/current-system/sw/bin/notify_push /var/lib/www/nextcloud/config/config.php";
RemainAfterExit = "yes";
Type = "notify";
User = "caddy";
Group = "php";
};
wantedBy = [ "multi-user.target" ];
};
}

View File

@ -9,18 +9,14 @@ vaultwarden_url = builtins.readFile /var/lib/domains/vaultwarden;
## ##
age.identityPaths = [ "/root/.ssh/agenix/agenix-secret-keys" ];
##
age.secrets.matrix_reg_secret.file = /var/lib/agenix-secrets/matrix_reg_secret.age;
age.secrets.matrixdb.file = /var/lib/agenix-secrets/matrixdb.age;
age.secrets.nextclouddb.file = /var/lib/agenix-secrets/nextclouddb.age;
age.secrets.wordpressdb.file = /var/lib/agenix-secrets/wordpressdb.age;
##
external_ip_secret = builtins.readFile /var/lib/secrets/external_ip; external_ip_secret = builtins.readFile /var/lib/secrets/external_ip;
coturn_static_auth_secret = builtins.readFile /var/lib/secrets/turn; coturn_static_auth_secret = builtins.readFile /var/lib/secrets/turn;
##
matrixdb = builtins.readFile /var/lib/secrets/matrixdb;
nextclouddb = builtins.readFile /var/lib/secrets/nextclouddb;
wordpressdb = builtins.readFile /var/lib/secrets/wordpressdb;
} }

66
modules/php.nix Normal file
View File

@ -0,0 +1,66 @@
{ config, pkgs, lib, ... }:
let
custom-php = pkgs.php83.buildEnv {
extensions = { enabled, all }: enabled ++ (with all; [ bz2 apcu redis imagick memcached ]);
extraConfig = ''
display_errors = On
display_startup_errors = On
max_execution_time = 10000
max_input_time = 3000
memory_limit = 1G;
opcache.enable=1;
opcache.memory_consumption=512;
opcache_revalidate_freq = 240;
opcache.max_accelerated_files=20000;
post_max_size = 3G
upload_max_filesize = 3G
apc.enable_cli=1
opcache.interned_strings_buffer = 192
redis.session.locking_enabled=1
redis.session.lock_retries=-1
redis.session.lock_wait_time=10000
'';
};
in
{
users.users = {
php = {
isSystemUser = true;
createHome = false;
uid = 7777;
};
};
users.users.php.group = "php";
users.groups.php = {};
environment.systemPackages = with pkgs; [
custom-php
];
services.phpfpm.pools = {
mypool = {
user = "caddy";
group = "php";
phpPackage = custom-php;
settings = {
"pm" = "dynamic";
"pm.max_children" = 75;
"pm.start_servers" = 10;
"pm.min_spare_servers" = 5;
"pm.max_spare_servers" = 20;
"pm.max_requests" = 500;
"clear_env" = "no";
};
};
};
}

View File

@ -44,15 +44,13 @@ in
]; ];
url_preview_ip_ranger_whitelist = [ "127.0.0.1" ]; url_preview_ip_ranger_whitelist = [ "127.0.0.1" ];
turn_shared_secret = "${personalization.coturn_static_auth_secret}"; turn_shared_secret = "${personalization.coturn_static_auth_secret}";
turn_uris = [ turn_uris = [
"turn:${personalization.matrix_url}:5349?transport=udp" "turn:${personalization.matrix_url}:5349?transport=udp"
"turn:${personalization.matrix_url}:5349?transport=tcp" "turn:${personalization.matrix_url}:5349?transport=tcp"
"turns:${personalization.matrix_url}:5349?transport=udp" ];
"turns:${personalization.matrix_url}:5349?transport=tcp"
];
presence.enabled = true; presence.enabled = true;
enable_registration = false; enable_registration = false;
registration_shared_secret = "${personalization.age.secrets.matrix_reg_secret.file}"; registration_shared_secret = config.age.secrets.matrix_reg_secret.path;
listeners = [ listeners = [
{ {
port = 8008; port = 8008;

View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "systemd-manager"; pname = "systemd-manager";
version = "17"; version = "18";
src = fetchzip { src = fetchzip {
url = "https://github.com/hardpixel/systemd-manager/releases/download/v${version}/systemd-manager-v${version}.zip"; url = "https://github.com/hardpixel/systemd-manager/releases/download/v${version}/systemd-manager-v${version}.zip";
hash = "sha256-NaOqhiVTACiGiUn8ISTtBMIDkeGkv1M2kCDnAxl5cwk="; hash = "sha256-Kd8ZxZ1f6aR1vThrWStsjk8cHrjo2KCYQgpg1em/n2k=";
stripRoot = false; stripRoot = false;
}; };
@ -38,4 +38,4 @@ stdenv.mkDerivation rec {
maintainers = with maintainers; [ ]; maintainers = with maintainers; [ ];
homepage = "https://github.com/hardpixel/systemd-manager"; homepage = "https://github.com/hardpixel/systemd-manager";
}; };
} }