Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

remove not needed stuff

Browse Source
This commit is contained in:
Dominik Polakovics Polakovics
2024-02-18 22:38:47 +01:00
parent 5ebcd0818b
commit e6baa25011
6 changed files with 0 additions and 247 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
hosts/fw.cloonar.com/configuration.nix
View File

@@ -26,10 +26,7 @@
# git # git
./modules/gitea.nix ./modules/gitea.nix
# ./modules/drone/server.nix
# ./modules/drone/runner.nix
# ./modules/fwmetrics.nix # ./modules/fwmetrics.nix
# ./modules/podman.nix
# home assistant # home assistant
./modules/home-assistant ./modules/home-assistant
@@ -37,7 +34,6 @@
# ./modules/mopidy.nix # ./modules/mopidy.nix
# ./modules/mosquitto.nix # ./modules/mosquitto.nix
./modules/snapserver.nix ./modules/snapserver.nix
# ./modules/deconz
# gaming # gaming
./modules/palworld.nix ./modules/palworld.nix

60
hosts/fw.cloonar.com/modules/deconz/default.nix
View File

@@ -1,60 +0,0 @@
{ config, lib, pkgs, stdenv, ... }:
let
deconz-full = pkgs.callPackage ./pkg/default.nix { };
deconz = deconz-full.deCONZ;
in
{
environment.systemPackages = with pkgs; [
deconz
];
users.users."deconz" = {
createHome = true;
isSystemUser = true;
group = "dialout";
home = "/home/deconz";
};
systemd.services.deconz = {
enable = true;
description = "deconz";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
stopIfChanged = false;
serviceConfig = {
ExecStart = "${deconz}/bin/deCONZ -platform minimal --http-port=8080 --ws-port=8081 --http-listen=127.0.0.1 --dev=/dev/ttyACM0";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
Restart = "always";
RestartSec = "10s";
# StartLimitInterval = "1min";
# StateDirectory = "/var/lib/deconz";
User = "deconz";
# DeviceAllow = "char-ttyUSB rwm";
# DeviceAllow = "char-usb_device rwm";
# AmbientCapabilities="CAP_NET_BIND_SERVICE CAP_KILL CAP_SYS_BOOT CAP_SYS_TIME";
};
};
services.nginx.virtualHosts."deconz.cloonar.com" = {
forceSSL = true;
enableACME = true;
acmeRoot = null;
extraConfig = ''
proxy_buffering off;
'';
locations."/".extraConfig = ''
set $p 8080;
if ($http_upgrade = "websocket") {
set $p 8081;
}
proxy_pass http://127.0.0.1:$p;
proxy_set_header Host $host;
proxy_redirect http:// https://;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
'';
};
}

50
hosts/fw.cloonar.com/modules/deconz/pkg/default.nix
View File

@@ -1,50 +0,0 @@
{ config, pkgs, stdenv, buildFHSUserEnv, fetchurl, dpkg, qt5, sqlite, hicolor-icon-theme, libcap, libpng, libxcrypt-legacy, ... }:
#ith import <nixpkgs> {};
let
version = "2.21.02";
name = "deconz-${version}";
in
rec {
deCONZ-deb = stdenv.mkDerivation {
#builder = ./builder.sh;
inherit name;
dpkg = dpkg;
src = fetchurl {
url = "https://deconz.dresden-elektronik.de/ubuntu/stable/${name}-qt5.deb";
sha256 = "2d5ab8af471ffa82fb0fd0c8a2f0bb09e7c0bd9a03ef887abe49c616c63042f0";
};
dontConfigure = true;
dontBuild = true;
dontStrip = true;
buildInputs = [ dpkg sqlite hicolor-icon-theme libcap libpng qt5.qtbase qt5.qtserialport qt5.qtwebsockets qt5.wrapQtAppsHook libxcrypt-legacy ]; # qt5.qtserialport qt5.qtwebsockets ];
unpackPhase = "dpkg-deb -x $src .";
installPhase = ''
cp -r usr/* .
cp -r ${libxcrypt-legacy}/lib/* share/deCONZ/plugins/
cp -r share/deCONZ/plugins/* lib/
cp -r . $out
'';
};
deCONZ = buildFHSUserEnv {
name = "deCONZ";
targetPkgs = pkgs: [
deCONZ-deb
];
multiPkgs = pkgs: [
dpkg
qt5.qtbase
qt5.qtserialport
qt5.qtwebsockets
qt5.wrapQtAppsHook
sqlite
hicolor-icon-theme
libcap
libpng
];
runScript = "deCONZ";
};
}

44
hosts/fw.cloonar.com/modules/drone/runner.nix
View File

@@ -1,44 +0,0 @@
{ config, pkgs, ... }:
{
users.users.drone-runner = {
isSystemUser = true;
group = "drone-runner";
home = "/var/lib/drone-runner";
createHome = true;
};
users.groups.drone-runner = { };
users.groups.docker.members = [ "drone-runner" ];
systemd.services.drone-runner = {
description = "Drone Runner (CI CD Service)";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
path = [ pkgs.podman ];
serviceConfig = {
Name = "drone-runner";
User = "drone-runner";
Group = "drone-runner";
Restart = "always";
ExecStartPre= ''
-${pkgs.podman}/bin/podman stop %n \
${pkgs.podman}/bin/podman rm %n
'';
ExecStart= ''
${pkgs.podman}/bin/podman run --rm --name %n \
--volume=/var/run/podman.sock:/var/run/podman.sock \
--env-file=/run/secrets/drone-runner \
--env=DRONE_RPC_PROTO=https \
--env=DRONE_RPC_HOST=drone.cloonar.com \
--env=DRONE_RUNNER_CAPACITY=2 \
drone/drone-runner-docker:1.8.3
'';
};
};
sops.secrets.drone-runner = {
owner = config.systemd.services.drone-runner.serviceConfig.User;
key = "drone";
};
}

30
hosts/fw.cloonar.com/modules/drone/secrets.yaml
View File

@@ -1,30 +0,0 @@
drone: ENC[AES256_GCM,data:Z1Rjso+5XYfvp2xJDXCQkI88GXl83v2oEkMLmOV/rb0DwRmhxCYzYX6fcdidk271Drf1YaPstVvm2LQB38jlBnJtg98aAGegj2fWfT44IbPIi8qDe93M2gFxFDgosoA2eOS2MjEwyBDp9GEUnKyi2gHR8khnTCvegVIntsusWOW/1tbzymKXavZAJUlX+82d/+6NWUEcnbislxhyph8P1Lgw546q,iv:SllCBHlq8ZCBqOHwMaCUcX6D/VDWsbN7uICZKb/R35w=,tag:mEb4E02VUaYGVjyI30FcXA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age16veg3fmvpfm7a89a9fc8dvvsxmsthlm70nfxqspr6t8vnf9wkcwsvdq38d
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0OW1JN0hjYjh4cDlmLyt6
dHRlSjN6Y1JWUFdzNWlZZ3c0Z2F4bXBCa1NFCjM3b3pPZVhtbDdob3lsR2xlMmJI
bjRRMHFjQ2kwWWJKT1p5VW5NVGJuZ3MKLS0tICtRcTFoSmxyeUhaaVlxQUxRWkJl
SXR2M293UFBxNFovRnlTQ1o4SzloaEEK+onGdd/7aEF71ibLoLXE5/SbJQWsKigh
h8BhfT1z9P5UYNoGHVv8Ry6LndyrBLEv+PUBuT0XJpEVPjKLm99KbQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age106n5n3rrrss45eqqzz8pq90la3kqdtnw63uw0sfa2mahk5xpe30sxs5x58
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyL3dDczRNMjNQUWVjelR5
TG93QUFjVGtMNFplaTErOTJjT2dHbWtWUVNzCjNTV0tUY2hpcnp1SDZ4UTB2aFNI
M2JwSkdNS0RFQVlPRUNzRG41aW5aS3cKLS0tIEJtaTRXdTI3NGJxZENJTk9jT1hi
N3RLRjdkMmZkSmZWZGlYbXRRUTJOZFEK2bJo7iyE3A5ds7tW5bAHgyfGqgH4cRjY
hLzYp083QYbXKAqP1w8a3JFXofv1RWd7tUb61I6R4Rd6hXZUv1a5Qw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-02-10T12:35:53Z"
mac: ENC[AES256_GCM,data:44J9abLbHkvjAtIUqXVZlcEAnizgg5yxKwyaZhnqIzzebWEpzqcKP6b72blaD7/jSdAiUo7bk/m4BxKVGHf9XKGxyLastbgYoFtz40rsKg9LOKpEfO2kl3JV5dj7C1f8IgsHWZ8L3Vb6KFKcrK2bzjZ5K5p22hCze4lQbK7CZTE=,iv:TE+6juCOTjTrx5nQhi8W5gaZkMFYrEDtoPrGdSTJSNE=,tag:AVsCIkzPjtfk3uSlsv6Dlg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

59
hosts/fw.cloonar.com/modules/drone/server.nix
View File

@@ -1,59 +0,0 @@
{ config, pkgs, ... }:
{
users.users.drone-server = {
isSystemUser = true;
group = "drone-server";
home = "/var/lib/drone-server";
createHome = true;
};
users.groups.drone-server = { };
users.groups.docker.members = [ "drone-server" ];
systemd.services.drone-server = {
description = "Drone Server (CI CD Service)";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
path = [ pkgs.podman ];
serviceConfig = {
Name = "drone-server";
User = "drone-server";
Group = "drone-server";
Restart = "always";
ExecStartPre= ''
-${pkgs.podman}/bin/podman stop %n \
${pkgs.podman}/bin/podman rm %n
'';
ExecStart= ''
${pkgs.podman}/bin/podman run --rm --name %n \
--env-file=/run/secrets/drone-server \
--env=DRONE_AGENTS_ENABLED=true \
--env=DRONE_GITEA_SERVER=https://git.cloonar.com \
--env=DRONE_GITEA_CLIENT_ID=6a7b8c57-bd71-49c8-b67d-c2de68fda649 \
--env=DRONE_GIT_ALWAYS_AUTH=true \
--env=DRONE_SERVER_HOST=drone.cloonar.com \
--env=DRONE_SERVER_PROTO=https \
--env=DRONE_USER_CREATE=username:dominik.polakovics,admin:true \
-v /var/lib/drone:/data \
--publish=8080:80 \
drone/drone:2.20.0
'';
};
};
services.nginx.enable = true;
services.nginx.virtualHosts."drone.cloonar.com" = {
forceSSL = true;
enableACME = true;
acmeRoot = null;
locations."/" = {
proxyPass = "http://localhost:8080";
};
};
sops.secrets.drone-server = {
owner = config.systemd.services.drone-server.serviceConfig.User;
key = "drone";
};
}