diff --git a/.forgejo/workflows/build_nixos_configs.yml b/.forgejo/workflows/build_nixos_configs.yml deleted file mode 100644 index 650718e..0000000 --- a/.forgejo/workflows/build_nixos_configs.yml +++ /dev/null @@ -1,30 +0,0 @@ -name: Buill NixOS Configurations -on: [push] - -jobs: - build: - runs-on: ubuntu-latest - container: - image: node:25 - volumes: - - "/nix:/nix" - strategy: - matrix: - system: - - "carbon" - - "git" - - "gospel" - - "node" - steps: - - name: Check out repository code - uses: actions/checkout@v4 - - run: | - echo 'Building configuration for ${{ matrix.system }}' - nix --extra-experimental-features nix-command --extra-experimental-features flakes \ - build .#nixosConfigurations.${{ matrix.system }}.config.system.build.toplevel - - name: Push build to attic - run: | - nix --extra-experimental-features nix-command --extra-experimental-features flakes run nixpkgs#attic-client \ - -- login gospel https://attic.kilonull.com ${{ secrets.ATTIC_PUSH_SECRET }} - nix --extra-experimental-features nix-command --extra-experimental-features flakes run nixpkgs#attic-client \ - -- push gospel:nixosConfigs ./result diff --git a/.forgejo/workflows/demo.yaml b/.forgejo/workflows/demo.yaml new file mode 100644 index 0000000..d051ee8 --- /dev/null +++ b/.forgejo/workflows/demo.yaml @@ -0,0 +1,19 @@ +name: Forgejo Actions Demo +run-name: ${{ forgejo.actor }} is testing out Forgejo Actions 🚀 +on: [push] + +jobs: + Explore-Forgejo-Actions: + runs-on: ubuntu-latest + steps: + - run: echo "🎉 The job was automatically triggered by a ${{ forgejo.event_name }} event." + - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by Forgejo!" + - run: echo "🔎 The name of your branch is ${{ forgejo.ref }} and your repository is ${{ forgejo.repository }}." + - name: Check out repository code + uses: actions/checkout@v4 + - run: echo "💡 The ${{ forgejo.repository }} repository has been cloned to the runner." + - run: echo "🖥️ The workflow is now ready to test your code on the runner." + - name: List files in the repository + run: | + ls ${{ forgejo.workspace }} + - run: echo "🍏 This job's status is ${{ job.status }}." diff --git a/homes/x86_64-linux/alejandro@git/default.nix b/homes/x86_64-linux/alejandro@git/default.nix index 0cf5664..4bb54e0 100644 --- a/homes/x86_64-linux/alejandro@git/default.nix +++ b/homes/x86_64-linux/alejandro@git/default.nix @@ -12,5 +12,6 @@ nix.gc = { automatic = true; options = "-d"; + frequency = "03:15"; }; } diff --git a/modules/home/programs/opencode/default.nix b/modules/home/programs/opencode/default.nix index b52b59b..e043ac2 100644 --- a/modules/home/programs/opencode/default.nix +++ b/modules/home/programs/opencode/default.nix @@ -26,10 +26,6 @@ in enable = true; settings = { theme = "catppuccin"; - keybinds = { - app_exit = "ctrl+d,q"; - session_interrupt = "ctrl+c"; - }; mcp = { context7 = { type = "local"; diff --git a/modules/home/windowManagers/hyprland/default.nix b/modules/home/windowManagers/hyprland/default.nix index aba89ff..96254fa 100644 --- a/modules/home/windowManagers/hyprland/default.nix +++ b/modules/home/windowManagers/hyprland/default.nix @@ -24,14 +24,6 @@ let emoji_picker = "${pkgs.bemoji}/bin/bemoji -t"; terminal = "${pkgs.kitty}/bin/kitty"; - layout_toggle_script = pkgs.writeShellScriptBin "layout-toggle" '' - current_layout="$(${pkgs.hyprland}/bin/hyprctl getoption general:layout -j | ${pkgs.jq}/bin/jq -r .str)" - case "$current_layout" in - master) ${pkgs.hyprland}/bin/hyprctl -q keyword general:layout dwindle ;; - dwindle) ${pkgs.hyprland}/bin/hyprctl -q keyword general:layout master ;; - esac - ''; - generate_grim_command = target: '' exec mkdir -p ~/screenshots \ && ${pkgs.grim}/bin/grim -g "$(${pkgs.slurp}/bin/slurp)" \ @@ -155,11 +147,6 @@ in preserve_split = true; }; - # Master layout - master = { - orientation = "center"; - }; - # Window rules windowrule = [ "suppress_event maximize, match:class .*" @@ -221,7 +208,6 @@ in "$mod SHIFT, o, movetoworkspace, 9" # Layout - "$mod, g, exec, ${layout_toggle_script}/bin/layout-toggle" "$mod, v, togglesplit" "$mod, f, fullscreen" "$mod SHIFT, f, togglefloating" diff --git a/modules/nixos/nix/default.nix b/modules/nixos/nix/default.nix index 8e1c3e7..608bb89 100644 --- a/modules/nixos/nix/default.nix +++ b/modules/nixos/nix/default.nix @@ -13,6 +13,7 @@ let ; cfg = config.aa.nix; + selfHostedCacheHost = "https://cache.kilonull.com/"; in { options.aa.nix = { @@ -71,12 +72,13 @@ in if cfg.useSelfhostedCache then [ # TESTING - "https://attic.kilonull.com/nixosConfigs" + "https://minio.kilonull.com/nix-store" + selfHostedCacheHost ] else [ ]; trusted-public-keys = mkIf cfg.useSelfhostedCache [ - "nixosConfigs:mjWq+JcnAqwT20OZSsrh9od6LTNn8U3cYdaXhqhDqP0=" + "gospelCache:9cbn8Wm54BbwpPS0TXw+15wrYZBpfOJt4Fzfbfcq/pc=" ]; }; diff --git a/modules/nixos/services/atticd/default.nix b/modules/nixos/services/atticd/default.nix deleted file mode 100644 index 8843c6d..0000000 --- a/modules/nixos/services/atticd/default.nix +++ /dev/null @@ -1,81 +0,0 @@ -{ - config, - namespace, - lib, - ... -}: -let - attic_cfg = config.services.atticd; - cfg = config.${namespace}.services.atticd; -in -{ - options.${namespace}.services.atticd = { - enable = lib.mkEnableOption "atticd"; - acmeCertName = lib.mkOption { - type = lib.types.str; - default = ""; - description = '' - If set to a non-empty string, forces SSL with the supplied acme - certificate. - ''; - }; - }; - - config = lib.mkIf cfg.enable { - age.secrets.atticd.file = ../../../../secrets/atticd.age; - - services.atticd = { - enable = true; - # ATTIC_SERVER_TOKEN_RS256_SECRET_BASE64: The base64-encoded RSA PEM PKCS1 of the RS256 JWT secret. Generate it with openssl genrsa -traditional 4096 | base64 -w0. - # This file should have the following content: - # - # ATTIC_SERVER_TOKEN_RS256_SECRET_BASE64=secret - # - # The secret is a base64-encoded RSA PEM PKCS1 of the RS256 JWT secret. It - # can be generated with this command: - # - # openssl genrsa -traditional 4096 | base64 -w0 - environmentFile = config.age.secrets.atticd.path; - settings = { - allowed-hosts = [ "attic.kilonull.com" ]; - api-endpoint = "https://attic.kilonull.com/"; - listen = "[::]:8080"; - garbage-collection.retention-period = "30d"; - database.url = "postgresql://atticd/?host=/run/postgresql"; - }; - }; - - services.postgresql = { - enable = true; - ensureDatabases = [ "atticd" ]; - ensureUsers = [ - { - name = attic_cfg.user; - ensureDBOwnership = true; - } - ]; - identMap = '' - attic attic attic - ''; - authentication = '' - local all attic peer map=attic - ''; - }; - - services.nginx = { - enable = true; - virtualHosts."attic.kilonull.com" = { - extraConfig = '' - client_max_body_size 0; - ''; - locations."/" = { - proxyPass = "http://localhost:8080"; - }; - } - // lib.optionalAttrs (cfg.acmeCertName != "") { - forceSSL = true; - useACMEHost = cfg.acmeCertName; - }; - }; - }; -} diff --git a/secrets/atticd.age b/secrets/atticd.age deleted file mode 100644 index f1564fd..0000000 --- a/secrets/atticd.age +++ /dev/null @@ -1,104 +0,0 @@ ------BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IHpCTERaZyBUdktL -MDQvOGtBaUIrOFhxdG5iN202aW5PakcyYjZDQXliblhiWUVWTUJZCnR3bjlkcVQr -cEVONURSRkJrZXNLSHhEdDBWeXIwUitwVGJMdVBoS0I5ZXcKLT4gc3NoLWVkMjU1 -MTkgUFpLZk9RIHZBem93VTE5aXBYNTRxaVJUREw3cXo5MzVGOHdIVmhrSDR5OHVo -U2dSbk0KRURNSEZ5TXlzU09TNDNLRTJWMXFDSkpTeVMzbTJsdWxGVDc0TTBGOVBi -awotPiBwaXYtcDI1NiBVSUVHemcgQXFOOVg0NkxiZjdmdkR4UmNwUDhnZTRZbTFs -V0IyWXRNQ1Q5QTJRa0NweFIKR3ZUdDdsUHlHcjBhMlBZam4wMTVFZUxzdVRZVVpx -ejR1OHhLMEVIUUlXQQotPiB2SChHM2xELWdyZWFzZSB9WiB2SDldIEo+YUkvNiBb -PFYKZlIyWGpwQVNOT3lucmRCTTdjWUgrcVYvOGZJCi0tLSBwUEJ6M25wOVVoSENF -a2oycWNZTlJQangvckI4THJ6eDNEYjhpSVQzVzlvCn/cvSXYNYJT+NkjOLx8mPnh -FpPT8TwBTcHS5IRvzRlQsVTBHUCjjeWCwTh+GtesiAsFjvIMa5B0Krx0JDKlnRty -UDCDtkX5PVb59Azg08qln06tn6TtvqnG/BHm4qRLDtSJouJYiLJeYgwi97Ms9BqX -+LoPIKfJjnJ2+dymWWLMAD9iZQSzg7W+m1mWMN7ARjwAPeUfWhwuMmkmYE4RB+Wu -wpahkSIyx9+UCDCynUIw3PiTLahY6ltUPUf0ByIPqUjeid6JaND2nwBzWuhZq3Oq -vwNVY8HcRHHD4HLnDIYccV92Xm7BnYJfBxK4MQV36X8RJ90I6t15+hsm+nHJX3WI -0mYn2po6n2wYs2MXyFBWk0xkovkJJk0O7uGcGJcwe94roy8FD7hQT8h3hTUNYh3y -PRoO3ih42Ffsw2fL2+UNaKqFEqVxrTy313PK8SbONhquuVmSzBFOzSo2bA7cyA02 -ssJl+xV53xKBg34JxYMCjeaKGfV27eAe/+OzIBP8Ze4nK+y0hXDDvnpUNmn0qZDx -iDkCM/+Bw9AlvWOsIVRoSSzngWUaBkiJndVgB2G2TidgUu6NmsdSYTzZLm31rdgB -uosw/HLp6fmCeOi9DLdphuu2rPSBQcmhuuDgPXta+5STRkMN/oXrNWOm7Os7Imay -iitbqCRjSGE6JnzWl2aS3ZiuymEe3+lc+xCs/EYnq/2zA2G+FJFq8s2L686RBD4L -wSTB2u+G5phPP31PPRogr1fLDatDgcBSyn2qs8aquW53IZlFvtzusKmVU2B23aCa -iX+DnAukcYrR7N/3eQYbPcf7MNgogi6UYuSpTeQW3/lu3OKW+qgkhEQNom9M0vy2 -SRi7E0je0RlrbpOFqOplla2VOe8VSP2SYydO023vt3SuDRLwAHKQNlBIsb0KTGLg -qhYHYMBlEu6bppWPeUNrmHUrqZcMySJvpQW1i+OyWe7tDEIESetiGe6C6Cq9vR7h -t7G6JPbWGZmG/gO5BTK/mgwLfn/AAEGpeGVU26tscdmTBRiFYf/7cc3394vTbpes -Eol6cP7pukp1d1kp5gNlZrEZ6DL4BdSs1kaVJhTLYPNyJz+JUK1SEc9y33VhkeTO -6smXk3OnBaKqBuF0d6Bt34IuxMuaZDeL6229rtRjY9wKyK/U+R6cWzL51prsv3gk -afS/HVbul02DvwixBlOFVfOY97DiIK62lp41ImxIyy1ToGYs/446MlQAaw9Tm6lD -6RloTCMS4qeLmAvO+hQzdX82pJWvTQajhtkMxi4KHlyxREbzIGniFqFmyQFaJnCC -UAYyliMPkgsN5y+5gGdI46lN3/pp8jIbr59VnVPQVM1hpCbRwglDP+Bu4G95jlmI -Iv0Izjk88tKJ8qmKFgvvWZRp7L0X4/CJTCwub/+gSQ0IxmRD4d8wDfMbtad8vbl6 -t8h2C7CyZXR/ZpKuV5vVDtK++w/mJvi4MTgYY6B11AM0C25qVNV4AIYKnSKqn5mK -zkGEiSvnjAvxmLCMAm/diNG+l4R7HS0LA4oGemEWq2ts6EuDi+Tbyy2oMNFHtkTj -aIRi64S36Q8TRDUsGAzfXeySIdWl1gglmuJJKbFglo60bjX22jTSUJhDgncUX7ae -DyUqb1cXYnvWyiwQH8EsIZo59SaZYhAfyVN44uvqGxuN+NV6gVmb/MzVVycqWPFU -VDXwfzgQBJaVO0SNFumNANnGYY4Nf7yK5w/TmsrwDMWeUbrHqIXAHtYGX+1UEFKe -4zx1dTeO8hbexf/uEhAgbFos4QEMJ2WhwtAvzT1VITbdVNus6zM/RC6OV4TTigMA -RpZfXiw3L3FMxB7PObOeLJ7UVZSMzOMMRt6apzYOScrwV1WqBvryzE/rxZCHkpDw -yxRgghD/UnpvwhdY4GQ2BhPUCqD/YYqShLNoFGbAzylaR1BMWUPsawb3KPlaN2/x -y3+9RcztzwjgDvxk4XVLQhLunBD6HnKwpFyCGDW97DkG85knmv48J7Mw+uY2pfte -hCc3/oLwNxFFyjW7S3F+w4cBlLRxwtvIq1TfZ14q/dgUcgFqIDSUCEOy3NoBzxDc -k9eoYTPYXStDFRkNsEwCYqBtqDeUFO8GefMOeE/xC9O2SHjw746BaYz2crDZHqo6 -UewVQrNKk2ofrNliv7qPB410XxdKJ9lwn54sAIzbfplTVjd+vnixRs93ISZYrglP -+8iQB8v1JVuBXNQV8/F3RXBQFZrZ4frtLO6usT/mOxUyhOltJLrH/rcyshKIuxGY -ATf2SmT5g4ejXhI0fauTHc6yJ4h7XhKgpDysPDxTxOORPzv0H14IDcLitpgsCLh8 -EtGNfMNc/iNrjDj0ydZ3pgURpXHYPFlliTesMK+pA26LQahG+x4UwF0IIxNUUdL2 -xWgrGuif1nqknd4/p1STtaASHNt8I95eDR49aHlozK3D+Yh179+RNHoMJsy58LaU -Nq7Cx6iimp3LJRsVMqH8khNH3DsVPhHbJFBUeEt0HYzCh4KAe0qJLrLa8Oc975N6 -CzyworGfParm+/edX3JtEenLdzSjdy4xMnySoKVKJpjfjYDo6GGQ1qGnucCWrd3m -zvqm60kbnWRnSFGVA6oLBvUcKmTOaK+FjCICCuodD9UwvQZuDoxDsRBa8AzBPu4m -vka4If1uYZUAtefUG2oQASBV9atFpEbQ+sbvI65bBTALMmZzBcF6MW6P6TxZSQkw -bd1ELgwN1hYQhTFpPwQKMwPfGhYitW2gIeE+cXp0Wi4fKk8Wg2pF3pHftOhUSAg5 -2qbeF8ovlv3APZbTPdlZVuqg993zRgetutoDxvdSCBBp1mvuURUp/Vr2ZijRDZFs -NnbwcTUCLEPZ/gSgw17XE+ZyYo5L9OJrX6zmRxL88Kxz7dqyN3Yq4WMIdHDDRxFZ -BEYjGXuekehf3cRtkHytkbEM2m6ACdvHBAsvCpl8Lj2mmMcYy4A88oLUatAgNIzd -4hb1chaCNePuKRwP7rW7PDJ/8ieiUfG8OiL/blUfVJnDBuHX5PWvYeAiZN4rLm/2 -s1fenVnjzPewVO8flDu8q5/J8msbF+FnSoxqwRE+Uu6Zny5XWSp0ltbKIr1/4Qcw -mqUu076h5n9abj8P6RYAqn1sZabvXWrkNSA2OqYgnhFT7NYAXZtw1AMxWohOJ8Wq -q+pjqj9Ci8FBBlwzMLxLuBefmD0Nn4CLWLDTIW7Ee0aDxY50ruM4eF3173jik1LB -/6wIalfA+M7W4BTGYZk+RkmXHH7CS4mWOepkCmLxdJnltyJBKAPEbjd49OVIwV7R -Pwp+HkwaKoZxZMhV9sqfLfXBXG1zIDdngp+JgPzdkK38rqiGz2niijqcg3NObOFV -hPduSyoGbY/hARSwrQwa1QX1YYpv28kjnSzVmsACs5h03xCBQgJIgfPnV1Kv8I5S -vTLYwNa57hw4f6Td2WljZuwuoAy6ee3her9ArXDr68m02KBjo0GB/gRtPH/ekqbJ -bpRHNblAXCyfSzIHNZE4Md4iHtZk5/TAqj1AjVnXVrSAwkgMRLLeC+NAcg6N+Vfd -oLLWeHOBs/kS0bQd+Uo3hkrS6gkFyqbKoC9B1Hh0TA809Ut/gyyAg01mjstWHsfN -sALvcA9eETOzSw/WoFPxOmpfwuDXBybg/8yXpw3mgNCNDlTZG7M1ZfwStOlZRU58 -gwMeHKh+/oc8VjZWh93F2Xy7paTva7pXpHn84n7nN81jFbPsIhC+GWq0O3hHQaha -+9OgxsThOPcor9mE+HLIk3eL+v89DmS33Cubim1YPxVxFmX8w4VxXaHrU4TC3/iy -uVhNfoysjX92w503UhUp0pZaOQHuqihpePbEnQMpHr7UEtYq5WXTq+8wQj6xuakY -FOShK8yvK9RQUTYA5mIoWGRc8z10YTJHagOrQIzp7/WDQHkNIdlMaOnJ7NIq2w19 -vily7S+EcGdf3rPr+H6rE8sq++9ziNQsdnuz4BCcopybdyRdQ08qd1Ok1j1/Hdqj -aDOLk54Ue1FzQPQh3rcFxWCEk5uRSePHdJI0WNGm+5ji4ME3hv8lWYR0B+PrSD8f -AmnYRWVzPwzXSDGr9YtiNVezPN9PCSedKBgfhOP0qkxk5lSeFQMpHM+Glmi6SXFw -i720L3QpLGjQSqD66P1EKErWCVnIBV4nr7dRxKzPMRMdEKZ5MV/c0VGqewrH3q1P -rs41OFplzz4pMOUngFglayItcmD9FqQab4bGImK7/4ft3W0nZIUmYEPQyoGfNvh+ -qKSO3dBM2wsw8LFMeLzHAoBT+2YfSv6FBRCeFdBQH3ABRqXFcGOgj/oaQp6Qb84r -v2kCi9BodXD0SWpkMadtW0XWYRkhI90xTsgDTuFdta6QpxjQMt+9Hrcm0Lu+tUG8 -slCQND3+Inq8bfRiEEdKTgTbagzD/SiUOxWeTh2qolIXjaJa1OKf7HSXdFYUH32n -hSwhPcFnYSdE3q8MaYZD915SjqhlirvVhSSsfz66ME62EotDPNLePplCaVs1wjpI -6hTUoWJqEvuPN6oz80RurQAeKT+LC1iGRkfIK43RmZ+wk5VhsRUiu/fP2nhqAZmf -GhmnzOCDt9x1g9STyTXDDLH/wDQqKSFTGbZpbatIo4oA1XkxH3F6BcYSf1ynQ/5J -Fe+jPD9B/3Q+tdEspXw88MReVEu9kC72gop6psE7i4pQgCIpWnQetEhMSKYY1bOW -WDR6H0oMYXiNmWRZ193je0S+xM00I+IBO6c6hg5dqyOxl+D0hztKpAOqxM8lohmV -IH8RmJpAEr6Q4T4s6W0zxFEokL319wlKsTDCvAsEC2RiZREecZhKdOdX0M9yvtq+ -RABjcB4kdx3XF02cEcdrO9auRCXXMNFe7bgBgO0bKU1dwRXZ3EtiVx7/gxhzZ9lH -NXstrAvZeDGPFk41uj5gaprJqtoQ92fonycFBpbdV7/uUN6cysyjQRN+FLboNjPa -CvtbK5KTWTMQM1nZlHUa7kkke38GtLjKeZaPPuvPw2eSFBTg3gFvK0wd22uoBSHE -mUy6mrHJiJ9UVvP+5EWcuFTURes/xv6WZYjPwbAVwGh+aj1t5qMtCZaA0j7yvi8C -dwUQDUtqRWuwdmGouZG5ooAs8F82FsX8Sl69SFdwIrwoi/zOSj2XgHLKbu/T9Iiv -Hr387XDxWYL3k2iaopRIEGSgurOAEalcvee173I6/Nw5NuA2ICB6wpBdKKgbxUhz -dyueYz9DIGGr53iHPbBJlOcxGAFRQLQ07tA7BqtZwHpnGNoF32b114einU7ncgSr -efTa9CEHRk5Uc02xJa1ZZK4XmFC+b6QKu1DBloPeXE1ohSry8JxO92wwBrAelGbj -6wp1Thva/ql+HVnZUOwPS6GrDYltUXNt5DqJP3mEOsuf4b6Lji/1fsmFApX/pRvA -tB/F22KMkTPVkH1WDSd15C+WAX/CkB+Gn27s5YLY99LFeRHoc4ICDUwnslZilFsz -mP34qb6l5oB6QoHoNmO6Ypkr10FQUS4b+p4BHKSXMDJR0n055p5qqiyprq/nDy8w -T7IApT76h6xkpLIJjklUHliWGlku5SjTLQaQRNAoZjFfCNDH0P7zrngcs2R9QY46 -oQC1uI3bdEftMGsZ3Djx8M56Z2RUbAgOuYgBdFYUv1BwJZs22/6ePs1JgdikENNt -vCmlSl9URoUbFcghNKC5J8Niksd8Zn9ozf2xXgpcOsRuElvUO23opv+Hvur+ft5/ -FV4WYj26jOeAagF1Cj6se59MX3VqerTywEC+bKzQeol7wBGiZGRM+errNF0eMf6W -4x8szh1liYv95p/4dTqSt70bctr+yZi2RjFnBYR+NdIaBgmkSHPBzWpyffUcXAnB -6Dx29T5rSMwR8GXX3w== ------END AGE ENCRYPTED FILE----- diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 0a3bb74..8a0b8a7 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -13,11 +13,6 @@ let }; in { - "atticd.age".publicKeys = [ - users.me - machines.gospel - tmp - ]; "cf_dns_kilonull.age".publicKeys = [ users.me machines.node diff --git a/systems/x86_64-linux/carbon/default.nix b/systems/x86_64-linux/carbon/default.nix index 41e05a9..e31b943 100644 --- a/systems/x86_64-linux/carbon/default.nix +++ b/systems/x86_64-linux/carbon/default.nix @@ -9,7 +9,7 @@ aa = { nix = { enable = true; - useSelfhostedCache = true; + useSelfhostedCache = false; remoteBuilder.client.enable = false; }; diff --git a/systems/x86_64-linux/gospel/default.nix b/systems/x86_64-linux/gospel/default.nix index 40a1475..65d48ef 100644 --- a/systems/x86_64-linux/gospel/default.nix +++ b/systems/x86_64-linux/gospel/default.nix @@ -33,10 +33,6 @@ dnsCredentialsFile = config.age.secrets.cf_dns_kilonull.path; }; - services.atticd = { - enable = true; - acmeCertName = "kilonull.com"; - }; services.openssh.enable = true; services.printing.enable = true; services.tailscale = { @@ -91,21 +87,7 @@ name = config.networking.hostName; url = "https://git.alejandr0angul0.dev"; tokenFile = config.age.secrets.gitea-runner-gospel.path; - hostPackages = with pkgs; [ - nix - attic-client - bash - coreutils - curl - gawk - gitMinimal - gnused - nodejs - wget - ]; labels = [ - "nix-builder:host" - "ubuntu-latest:docker://node:16-bullseye" "ubuntu-22.04:docker://node:16-bullseye" "ubuntu-20.04:docker://node:16-bullseye" @@ -114,15 +96,6 @@ }; }; }; - # Allow the Forgejo Actions runner user to talk to nix-daemon when - # running jobs directly on the host. - nix.settings.trusted-users = [ - config.systemd.services."gitea-runner-gospel".serviceConfig.User - ]; - nix.settings.allowed-users = [ - config.systemd.services."gitea-runner-gospel".serviceConfig.User - ]; - virtualisation = { libvirtd.enable = true; @@ -159,10 +132,6 @@ prefixLength = 24; } ]; - firewall.allowedTCPPorts = [ - 80 - 443 - ]; }; programs.winbox = { enable = true;