From c423af5498029afb64d6bce5a345d90680d4825e Mon Sep 17 00:00:00 2001 From: Dominik Polakovics Date: Tue, 4 Feb 2025 11:51:20 +0100 Subject: [PATCH 1/8] add host to wireguard --- .chatgpt_config.yaml | 106 +++++++++++++++++++++++++++++++-- .gitignore | 1 + fleet.nix | 4 ++ hosts/fw/modules/wireguard.nix | 4 ++ 4 files changed, 110 insertions(+), 5 deletions(-) diff --git a/.chatgpt_config.yaml b/.chatgpt_config.yaml index 6aeec39..e8ec26e 100644 --- a/.chatgpt_config.yaml +++ b/.chatgpt_config.yaml @@ -3,8 +3,104 @@ default_prompt_blocks: - "basic-prompt" - "secure-coding" initial_prompt: | - You are a NixOS expert. - You are tasked with maintaining the configuration for the infrastructure of a company. - Keep best practices in mind and make sure the configuration is secure. -directories: - - "hosts/nb" + You are helping me build or refine a NixOS configuration (potentially with Nix Flakes). Please keep the following points in mind when generating or explaining code: + + 1. **Project & Directory Structure** + - For single-host configurations, you may have a simple structure like: + ``` + /etc/nixos/ + ├── configuration.nix + ├── hardware-configuration.nix + └── other-module.nix + ``` + - For multi-host setups or more complex deployments, consider **modules** in a dedicated folder: + ``` + my-nix-config/ + ├── flake.nix # (if using Flakes) + ├── hosts/ + │ ├── hostname1/ + │ │ └── configuration.nix + │ └── hostname2/ + │ └── configuration.nix + ├── modules/ + │ ├── networking.nix + │ ├── services.nix + │ ├── users.nix + │ └── ... + └── hardware/ + └── hardware-configuration-.nix + ``` + - Split large configurations into multiple `.nix` files or modules for clarity. Import them in a top-level `configuration.nix` or `flake.nix`. + + 2. **Nix Flakes (Optional)** + - If using Flakes, include a top-level `flake.nix` defining your outputs: + - `outputs.nixosConfigurations. = { ... }` + - Reference your system with something like `nixos-rebuild switch --flake .#`. + - Keep pinned inputs (e.g., `nixpkgs` at a particular commit) in your `flake.lock` to ensure reproducibility. + + 3. **System Configuration & Modules** + - Place typical NixOS settings (e.g., `networking.hostName`, `time.timeZone`, `environment.systemPackages`, etc.) in `configuration.nix` or a modular file structure. + - Use [NixOS modules](https://nixos.org/manual/nixos/stable/index.html#sec-writing-modules) to separate concerns. For example: + - `networking.nix` for network settings, + - `users.nix` for user/group management, + - `services.nix` for enabling/configuring system services. + - If you have custom logic or package overlays, keep them in separate files (e.g., `overlays.nix`). + + 4. **Home Manager Integration (Optional)** + - For user-level configuration (e.g., dotfiles, user-specific packages), consider integrating [Home Manager](https://nix-community.github.io/home-manager/) either as a standalone or via Flakes. + - Keep Home Manager configs in a separate `home.nix` file, referencing it in your main configuration or flake outputs. + + 5. **Security & Secrets Management** + - Avoid committing plain-text secrets (passwords, tokens) to version control. + - Consider using [sops-nix](https://github.com/Mic92/sops-nix) or other secret management solutions to encrypt sensitive files. + - Enable recommended security settings, such as: + - `security.sudo.wheelNeedsPassword = true` + - `security.rtkit.enable = true` + - `users.users..extraGroups` to limit privileges. + - Regularly update your `nixpkgs` channel or flake inputs for the latest security patches. + + 6. **System Services & Daemons** + - Use built-in NixOS modules for services (e.g., `services.nginx`, `services.postgresql`, etc.) instead of manual configuration whenever possible. + - For each service, ensure you: + - Set `enable = true;` if it’s needed, + - Provide configuration in the same module file or a dedicated file if it’s complex. + - Keep service-specific secrets (e.g., database passwords) out of the main config by referencing environment variables or a secret management solution. + + 7. **Package Management & Overlays** + - Place packages you need system-wide into `environment.systemPackages`. + - For overriding or extending packages from `nixpkgs`, use the [overlays](https://nixos.wiki/wiki/Overlays) mechanism: + ```nix + self: super: { + myPackage = super.callPackage ./pkgs/my-package { }; + } + ``` + - Maintain a dedicated `overlays/` folder if you have multiple custom overlays. + + 8. **Customization & Extensions** + - Use `environment.etc` or NixOS options to create or manage custom config files in `/etc/`. + - For advanced use cases, you can define your own modules to unify logic for related settings or services. + - Document each module with comments about what it configures and why. + + 9. **Testing & Deployment** + - Use the `nixos-rebuild test` command to evaluate changes without fully switching. + - If using Flakes, run `nixos-rebuild test --flake .#`. + - Test critical services after switching (e.g., `systemctl status service-name`). + - Consider building virtual machines via `nixos-rebuild build-vm` or [NixOS tests](https://nixos.org/manual/nixos/stable/index.html#sec-nixos-tests) to validate complex changes. + + 10. **Output Format** + - Present any generated Nix configuration as well-structured `.nix` files, referencing them in a central place (`configuration.nix` or `flake.nix`). + - When explaining your reasoning, describe which modules or options you chose and why (e.g., “I separated `networking.nix` to isolate network settings from system services.”). + - If you modify existing files, specify precisely which lines or sections have changed, and why you made those changes. + + Please follow these guidelines to ensure the generated or explained NixOS configuration adheres to best practices for maintainability, modularity, and security. + +debug: false +improved_debug: false + +preview_changes: false +interactive_file_selection: false +partial_acceptance: false + +enable_debug_commands: false +prompt_char_limit: 300000 +enable_step_by_step: true diff --git a/.gitignore b/.gitignore index a829438..002aa00 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ raspberry/.env raspberry/result esphome/trash +esphome/.esphome diff --git a/fleet.nix b/fleet.nix index 1b50d9c..2d4c0a0 100644 --- a/fleet.nix +++ b/fleet.nix @@ -39,6 +39,10 @@ username = "fw-new"; key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILnb9todh2b+c3iCmEz72smRwL37aZf3Xs3voT7+PLTP"; } + { + username = "gpd-win4"; + key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILjfS2DtS8PQgkf86dU+EVu5t+r/QlCWmY7+RPYprQrO"; + } ]; in { imports = builtins.map create_users users; diff --git a/hosts/fw/modules/wireguard.nix b/hosts/fw/modules/wireguard.nix index 6b4680c..333bf97 100644 --- a/hosts/fw/modules/wireguard.nix +++ b/hosts/fw/modules/wireguard.nix @@ -21,6 +21,10 @@ publicKey = "nkm10abmwt2G8gJXnpqel6QW5T8aSaxiqqGjE8va/A0="; allowedIPs = [ "${config.networkPrefix}.98.202/32" ]; } + { # GPD Win 4 + publicKey = "HE4eX4IMKG8eRDzcriy6XdIPV71uBY5VTqjKzfHPsFI="; + allowedIPs = [ "${config.networkPrefix}.98.203/32" ]; + } ]; }; wg_epicenter = { From bd4503c035061cecc718011056afaff3d6aba36b Mon Sep 17 00:00:00 2001 From: Dominik Polakovics Date: Tue, 4 Feb 2025 11:51:38 +0100 Subject: [PATCH 2/8] fix ldap logging and add sleep to certificate renewal postRun --- hosts/mail/modules/dovecot.nix | 2 +- hosts/mail/modules/openldap.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/hosts/mail/modules/dovecot.nix b/hosts/mail/modules/dovecot.nix index 66bf5cc..1bbc9c3 100644 --- a/hosts/mail/modules/dovecot.nix +++ b/hosts/mail/modules/dovecot.nix @@ -255,7 +255,7 @@ in "imap-test.${domain}" "imap-02.${domain}" ]; - postRun = "systemctl restart dovecot2.service"; + postRun = "sleep 2 && systemctl restart dovecot2.service"; }; networking.firewall.allowedTCPPorts = [ diff --git a/hosts/mail/modules/openldap.nix b/hosts/mail/modules/openldap.nix index 540c267..70fbd89 100644 --- a/hosts/mail/modules/openldap.nix +++ b/hosts/mail/modules/openldap.nix @@ -12,7 +12,7 @@ in { urlList = [ "ldap:///" "ldaps:///" ]; settings.attrs = { - olcLogLevel = "-1"; + olcLogLevel = "256"; olcTLSCACertificateFile = "/var/lib/acme/ldap.${domain}/full.pem"; olcTLSCertificateFile = "/var/lib/acme/ldap.${domain}/cert.pem"; From 35ad68fbbe2c4e8649df4b23d24251fcb8f5e985 Mon Sep 17 00:00:00 2001 From: Dominik Polakovics Date: Tue, 4 Feb 2025 11:51:54 +0100 Subject: [PATCH 3/8] add go to lsp and update chatgpt.vim --- hosts/nb/modules/nvim/chatgpt.nix | 4 ++-- hosts/nb/modules/nvim/config/lspconfig.lua | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/hosts/nb/modules/nvim/chatgpt.nix b/hosts/nb/modules/nvim/chatgpt.nix index fd01d7f..d81fab1 100644 --- a/hosts/nb/modules/nvim/chatgpt.nix +++ b/hosts/nb/modules/nvim/chatgpt.nix @@ -5,8 +5,8 @@ self: super: { version = "1.0.0"; src = super.fetchgit { url = "https://git.cloonar.com/Cloonar/chatgpt.vim.git"; - rev = "59540981edeebd7faf9894e2ba40cbe4fb02f31c"; - sha256 = "sha256-uBfdR8ezwrcPJeCs+hAnz0w7nE9N8rfqST/SuGlcoTs="; + rev = "aa12bca3abc868b4ebacbd22b6fde83deb656869"; + sha256 = "sha256-eK7GQNHR03fQ7j2ExX9QSA+AIW5c1b8fsat3kbS6f9k="; }; }; }; diff --git a/hosts/nb/modules/nvim/config/lspconfig.lua b/hosts/nb/modules/nvim/config/lspconfig.lua index 8c499b2..4886a8e 100644 --- a/hosts/nb/modules/nvim/config/lspconfig.lua +++ b/hosts/nb/modules/nvim/config/lspconfig.lua @@ -25,7 +25,7 @@ local capabilities = vim.lsp.protocol.make_client_capabilities() capabilities.textDocument.completion.completionItem.snippetSupport = true capabilities = require('cmp_nvim_lsp').default_capabilities(capabilities) -local servers = { 'ts_ls', 'lua', 'cssls', 'yamlls', 'intelephense' } +local servers = { 'ts_ls', 'lua', 'cssls', 'yamlls', 'intelephense', 'gopls' } for _, lsp in pairs(servers) do require('lspconfig')[lsp].setup { -- on_attach = on_attach, From ff2fdd3c0861ac5bf6460e3fce045637daee1d00 Mon Sep 17 00:00:00 2001 From: Dominik Polakovics Date: Tue, 4 Feb 2025 11:52:02 +0100 Subject: [PATCH 4/8] add new projects --- hosts/nb/users/configs/project_history | 7 +++++++ hosts/nb/users/dominik.nix | 15 +++++++++++---- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/hosts/nb/users/configs/project_history b/hosts/nb/users/configs/project_history index 0d32c43..64a6b67 100644 --- a/hosts/nb/users/configs/project_history +++ b/hosts/nb/users/configs/project_history @@ -1,8 +1,14 @@ /home/dominik/projects/cloonar/chatgpt.vim +/home/dominik/projects/cloonar/ai.nvim /home/dominik/projects/cloonar/gitea.nvim /home/dominik/projects/cloonar/glazewm /home/dominik/projects/cloonar/phishguard /home/dominik/projects/cloonar/phishguard-frontend +/home/dominik/projects/cloonar/gitapi +/home/dominik/projects/cloonar/flow +/home/dominik/projects/cloonar/flow-docs +/home/dominik/projects/cloonar/flow-api +/home/dominik/projects/cloonar/flow-frontend /home/dominik/projects/cloonar/typo3-basic /home/dominik/projects/cloonar/renovate-config /home/dominik/projects/cloonar/bento @@ -11,6 +17,7 @@ /home/dominik/projects/cloonar/cloonar-nixos /home/dominik/projects/cloonar/cloonar-website /home/dominik/projects/cloonar/wohnservice-wien +/home/dominik/projects/cloonar/wohnservice-gdpr /home/dominik/projects/cloonar/gbv-aktuell /home/dominik/projects/cloonar/paraclub/paraclub-api /home/dominik/projects/cloonar/paraclub/paraclub-frontend diff --git a/hosts/nb/users/dominik.nix b/hosts/nb/users/dominik.nix index 8a6d2e8..8ed425e 100644 --- a/hosts/nb/users/dominik.nix +++ b/hosts/nb/users/dominik.nix @@ -256,7 +256,7 @@ in (createChromiumExtension { # ublock origin id = "cjpalhdlnbpafiamejdnhcphjbkeiagm"; - sha256 = "sha256:1i0668xhq5iflb4fn0ghwp79iz6mwspgxdqwp6incbvsyzr596kg"; + sha256 = "sha256:0ycnkna72n969crgxfy2lc1qbndjqrj46b9gr5l9b7pgfxi5q0ll"; version = "1.61.0"; }) (createChromiumExtension { @@ -268,13 +268,13 @@ in (createChromiumExtension { # privacy badger id = "pkehgijcmpdhfbdbbnkijodmdjhbjlgp"; - sha256 = "sha256:0jsqa7v2zdjwwp4gfl98yda6vsii374fl1bwqjynnilj7ah8610z"; + sha256 = "sha256:1nnr5l7lpci76vixdfgkhagbycypvww7rg5pm6vjjdn45iw082w9"; version = "2024.7.17"; }) (createChromiumExtension { # Bitwarden id = "nngceckbapebfimnlniiiahkandclblb"; - sha256 = "sha256:1j3x0p9gmbgh8iala0sq2g3h41rc19r8g47652x688lh6as0cikv"; + sha256 = "sha256:1fsgv42nw2rwwh69ipkkq4fs52l6sz5pq3qlv5psa8r1fiidm8zd"; version = "2024.10.1"; }) (createChromiumExtension { @@ -292,7 +292,7 @@ in (createChromiumExtension { # BrainTool id = "fialfmcgpibjgdoeodaondepigiiddio"; - sha256 = "sha256:0b59dv6hd8dmi6qmkijc4v61m03wgkx102dm178z5g0wwrvhk2jm"; + sha256 = "sha256:1ny8kxb0cag121wavcjzc6vid1lqgblwvb50rfwb7rdh6gbxfni5"; version = "1.0.3"; }) ]; @@ -551,6 +551,12 @@ in git clone git@github.com:dpolakovics/glazewm.git ${persistHome}/cloonar/glazewm 2>/dev/null git clone gitea@git.cloonar.com:Cloonar/phishguard.git ${persistHome}/projects/cloonar/phishguard 2>/dev/null git clone gitea@git.cloonar.com:Cloonar/phishguard-frontend.git ${persistHome}/projects/cloonar/phishguard-frontend 2>/dev/null + git clone gitea@git.cloonar.com:Cloonar/gitapi.git ${persistHome}/projects/cloonar/gitapi 2>/dev/null + git clone gitea@git.cloonar.com:Cloonar/ai.nvim.git ${persistHome}/cloonar/ai.nvim 2>/dev/null + git clone gitea@git.cloonar.com:Cloonar/flow.git ${persistHome}/projects/cloonar/flow 2>/dev/null + git clone gitea@git.cloonar.com:Cloonar/flow-docs.git ${persistHome}/projects/cloonar/flow-docs 2>/dev/null + git clone gitea@git.cloonar.com:Cloonar/flow-api.git ${persistHome}/projects/cloonar/flow-api 2>/dev/null + git clone gitea@git.cloonar.com:Cloonar/flow-frontend.git ${persistHome}/projects/cloonar/flow-frontend 2>/dev/null git clone gitea@git.cloonar.com:dominik.polakovics/typo3-basic.git ${persistHome}/cloonar/typo3-basic 2>/dev/null git clone gitea@git.cloonar.com:renovate/renovate-config.git ${persistHome}/cloonar/renovate-config 2>/dev/null @@ -560,6 +566,7 @@ in git clone gitea@git.cloonar.com:Cloonar/nixos.git ${persistHome}/projects/cloonar/cloonar-nixos 2>/dev/null git clone gitea@git.cloonar.com:Cloonar/website.git ${persistHome}/projects/cloonar/cloonar-website 2>/dev/null git clone gitea@git.cloonar.com:Cloonar/wohnservice-wien-typo3.git ${persistHome}/projects/cloonar/wohnservice-wien 2>/dev/null + git clone gitea@git.cloonar.com:Cloonar/wohnservice-gdpr.git ${persistHome}/projects/cloonar/wohnservice-gdpr 2>/dev/null git clone gitea@git.cloonar.com:Cloonar/gbv-aktuell.git ${persistHome}/projects/cloonar/gbv-aktuell 2>/dev/null git clone gitea@git.cloonar.com:Paraclub/api.git ${persistHome}/projects/cloonar/paraclub/paraclub-api 2>/dev/null git clone gitea@git.cloonar.com:Paraclub/frontend.git ${persistHome}/projects/cloonar/paraclub/paraclub-frontend 2>/dev/null From 1651b8a5506d6d00e55833b7715deb48bae8cb1d Mon Sep 17 00:00:00 2001 From: Dominik Polakovics Date: Tue, 4 Feb 2025 11:52:12 +0100 Subject: [PATCH 5/8] add cyberghost vpn for chatgpt --- hosts/nb/modules/cyberghost.nix | 58 +++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 hosts/nb/modules/cyberghost.nix diff --git a/hosts/nb/modules/cyberghost.nix b/hosts/nb/modules/cyberghost.nix new file mode 100644 index 0000000..6a9a491 --- /dev/null +++ b/hosts/nb/modules/cyberghost.nix @@ -0,0 +1,58 @@ +{ config, pkgs, ... }: { + + sops.secrets.cyberghost_user_pass = {}; + sops.secrets.cyberghost_ca = {}; + sops.secrets.cyberghost_cert = {}; + sops.secrets.cyberghost_key = {}; + + environment.systemPackages = with pkgs; [ + openvpn + networkmanager + networkmanager-openvpn + ]; + + environment.etc = + let + conn = (pkgs.formats.ini { }).generate "cyberghost.nmconnection" { + connection = { + id = "cyberghost vpn"; + autoconnect = false; + type = "vpn"; + uuid = "f47ac10b-58cc-4372-a567-0e02b2c3d479"; + }; + + vpn = { + service-type = "org.freedesktop.NetworkManager.openvpn"; + password-flags = 0; + auth-user-pass = config.sops.secrets.cyberghost_user_pass.path; + ca = config.sops.secrets.cyberghost_ca.path; + cert = config.sops.secrets.cyberghost_cert.path; + key = config.sops.secrets.cyberghost_key.path; + comp-lzo = "yes"; + }; + + ethernet.auto-negotiate = true; + + ipv4 = { + may-fail = false; + method = "auto"; + never-default = false; + route1 = "10.42.0.0/16,0.0.0.0,100"; + route-data = "10.42.0.0/16,0.0.0.0,100"; + ignore-auto-routes = true; + ignore-auto-dns = true; + }; + + ipv6 = { + method = "ignore"; + }; + }; + + in + { + "NetworkManager/system-connections/${conn.name}" = { + source = conn; + mode = "0600"; + }; + }; +} From 406c0f539e711cd10a6fef7c505fdb7c3bd36693 Mon Sep 17 00:00:00 2001 From: Dominik Polakovics Date: Tue, 4 Feb 2025 11:52:23 +0100 Subject: [PATCH 6/8] add secrets for cyberghost vp --- hosts/nb/secrets.yaml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/hosts/nb/secrets.yaml b/hosts/nb/secrets.yaml index de606c7..7f41cab 100644 --- a/hosts/nb/secrets.yaml +++ b/hosts/nb/secrets.yaml @@ -4,6 +4,10 @@ epicenter_vpn_key: ENC[AES256_GCM,data:Kt33OLiauTrkzSwib2px/rZoQO6tlCzsy2exxIrZb wg_private_key: ENC[AES256_GCM,data:A80vGf9aMxowC2xME4FIVTmKpSRLNB2tWiUQeP1v8vCRk6Gt8BKYOuXYt04=,iv:vr7qvfr78syrI5pIytjLouPwZcw4xvBTvEUzzv7ibnQ=,tag:qjALlFkd8JocLJqMKFERaw==,type:str] wg_preshared_key: ENC[AES256_GCM,data:bhXoD95ahDRawoHd5Z35FY0G6Xv0PHwWJf300fHQ5jNsGN1TQKHsIswx8YI=,iv:fBsIWkVZUt8pahuO9daaRBIEEIWsSnFW5Velj9uP2ZY=,tag:RvbCYhnRv0OrjTxjsNFW6g==,type:str] wg-cloonar-key: ENC[AES256_GCM,data:ZMEeIZApOD0ij3nPMZeQRwJ4MwVx0sHu08F+m/u6IMHBGid5YwMgxZ7qbLk=,iv:OfIZ9TqBLjToIQi7zRUBATrynBtu0bzXeGVI/EAUPhQ=,tag:mJICT/ak5U76JE/IxJsCKw==,type:str] +wireguard_user_pass: ENC[AES256_GCM,data:pGs/Kx/j8bgVQ2MtnpnvPI+dBrUFew==,iv:oLYuxjbe88RqygmVTAVnwLUmpRyQLdWrLX/kMIK0MHE=,tag:CBOK/rpuJplurt6VKux0Kg==,type:str] +cyberghost_ca: ENC[AES256_GCM,data:9PHq2qHLsCvAmJR3S4J2ccNk6ec/LDauR6KoIpvvHX2v7w87m9aoADw9nSbQtuBwJWjSGi/hqUAz4fa/pT6y1TjLiJxUDBmr7axjsc7b9IQMmQCO6zmCK4XR7TkVFWorwdQxJ0HVdXBFAkbzet1EZ4zv9QtwXuXK8MkH50dzI0HVLgX7EtHljnrANJ/EtJ6TsxBvMr7HMhNITUy7iHbiUQvFKanZ3FmwLgCO/K443szXa3+qKQmr4YxKOUqF41QnmpikjksgMw5rfJOhuxe2YTdswt3urWTOtVfRACUjkcivqjWZIz7PCULvJHTwqDDLR+mc1bxxgkyIfElx7Tv7+tjbZxCsWarekPmjg/lETRFxTkg30yyBsgXqFjYbxwBFTjZkkozpnBJbxZDq7VkgEIi3hl1ts1gUsj5Y9v4CDffKwAST18iDgq/Rb831878kujdiMH1qeMOgHVpFtrfjleK2MPjDYcTkXY0sOdOCzkFgFE92/dp2q50er3FTaIq69c8dYR3DkSt/KPVb5Og7j1hKRtGaBpgfEYVqKzB1aMm45ORfmUR9ZPzTZvGzk8jecFL5wxFK69QmP5/cMr29SASdm8repcE002hUJYKp6RALcRpo/e+Cvc5yetvwdFUwnghLgvmyW6CTzn87OsJQJPgl2X/b/iDJrlzaa56QCrH4rmulDf54RS4tQZol2tRAgnSrxhvKOlqSeuVRwczxqOeGNi2Mfel/HIHoc26GONUtHtF0dqCm1ZJvKPr5JOKRguEXcLo4ZSqcMCNg9PcfPBVV7C69K6kmA7+vqRr0I8Qv9Ls8ZDoywZ3L5CsaXYMFaOcTeDaKdmZiQnLPr+NjPuFmHn04EgjgWuk2VHCENB7w7m8nh35xDQaPaZbU0RdNahGJrVdUHKBs43dgCor+SNhnnV0UjjLLpD5off5xdgpxNNXEeNfxq3Y//XoNM4TQzk91em+KScuPW108Rylk0IYavOxIgNettmr7tTEb59UTK92ogEnQKNZOv0S1lEGwzQnD8R6tNUoESWIpyMc2FDlEd7UAuPNXGIebQnleMTNdp0FkJHSKXjhcKXf0WOD36RGw6D6KiX6A/tkO4EvBt0hn3pJ1nfqcZdhrRUivx9quyEWYbiosLduT1jj1q5jy/1nq+sA7bkNrx2af2Hp0h1+8nteWV/4kWCwpX7aEfv7oraoFQM52luF707caKX5hRr3sRK/Kw8ad589EZxDn+R9L9tx+T5ItPBNItNS+1T/dFxDeEEhiIPB5qeubVrwSTo6e+lJ7QErMOfsyIbG8vuIhj3J0nc6Iy6lvdPkCQi3J4/w0WRqLU9X2h0RiQhiwDdogE1bE1oPFUje07uk5FEwyzmfKQxx/4s1hBvFklKtV5LHcXAo+QkirwZYOpyIrNalmIK1CeQ/GGW57AcBNaCLd5W0MXzpai8h2wWtltezqzCz1izGV1SZpgXBqGhi+s7aVgIW4aNiBVhnf2JoIvIuLyZvbAo+45wk2Hh0WXgAxHaZ/mReRyT8BWbjWtIqQKCw4UTbl0kS+xsl2mblRD0nhv7K6d7xuuq+5BnBPhn07aOowwW8qcqzsvcJPMesErpzQy0umg4ODX3J7GEfjjMIoUosRP8gAE+4ReT9y9ApoB3krb5W9WTAfKt1nnMJxiycM0QU2DVaad57N+RNF4MhjyPXDvOM57xDbfzFmoRun+TqGNzmBsblnPkRXqvunRrTW7U+fn8fRBxZAVgrD5LQoUbp9hA1aY0xsM+D8l8xpFH7PRTDqItTkIP7J1IXbVSlc9hkLHVnz9MbdiE+ihjTVXjzkMCVwbMgFza+fSZw0bnnOLNsX5zXl8H5Z6jbkDmoFcaABEQdABY5kgTtE3Hizzzz8rUt9mxku3/Way3mDF5t96qi3rR+CByOz9JIRiAAEXJci2JG9tIgnFM31OA/zmshFVlBO0IYeRvSIF+QYd9ACH2ZUfeUPdQ/Js7fwLFqa9N0yyWIuj/8X8sSLO8b7kk7/2aotdK9RolMRj5pj0+lrr1Gdxk+EdcviHfL8Uig5snIR/tegZIZJLYT9HOIdrFYkTHds7/dQs92EqJNvKZmsA3H8CJoOIST1JyB5AAPn7Ad/qN9f33T6++RUKJTnMDnV/HfEkpIrkjAwQ4mLT+Mc6R1JBaLVPJ1qaH5rzkaZNyI/DX7g0DaMC2FOyAGPLYb2PieOPWXpoRSTvA18UidYu8msk77u/M/S4S4EqAT1dZgmkg9DvetgQ9GGRGQ4t/F2Evr6lGHdZQKC5aAF9GDPAHXbjv9zLllb+dlZR5TLmzrspgBcCzdKhpjKTCEpxLOyFhPzfzzDzOdHI2iQlKkFRmmPC22fKk+OqNFM58dA6qiPEMDcIcKWZ0kCyH0rV4Fpzx8WlBPLD1SoU2HADmz/1CePRK0jywWCd529wvjdEjFYaiWOmqAywxJQG7bvkx+68P4AosqUVvv6mso7L0maQVVFsSPiuR91b7al4luq/QZulZcOG/I8fLDJ3YvQIXHW11NlljHCCKiTh9Q80bJrx/pJxjKz1Ct6AffZshUq5l3TZrC0XWZNg8erO4QnKjSZ3yYivg/77BGj3WQTS6lkhHFNsQe29+seIwbV1zZQNc7l4WNkuiYBDAgXiN4xAthHZZmETWFU/Wqd2gAosTiOstxvN+GMXSjotRxnAMn+Pew5Jly4uh7EvOnGa1k1oq+CzVcTnh1bV6U1br3I55P1saN0QkyC1ua8ATlcEP8tB89IK+SeXOeXk/koSnjoAAuuTFFwsxdBjq+D2SGQ/YXoUkohG4ULvMyPq8CfCKOWWKAS7xAXiVgGrBDIZZ32I9sC+2vJkglKkCX+fr+j9eh8lokqTsfmUB07kTEsl2GmBEEpLwikeEVhM2ZFWzPcBEZS8+pfSe6dm1n6nfUqo1lOi23/FL6AlrfbbjX3iAqBE6vt77RFMqi58RnH8GmR7Zyg3CXfGSPQwqgCiBdymXZaSdi/ybLKhsQ642bb37XceVjtlu4=,iv:8uQbG4ObsDSS0DeKx24lt1vpfeSms2v7KGRQrKoWwds=,tag:2RoiW5VWLXfMgXA4cbnKBg==,type:str] +cyberghost_cert: ENC[AES256_GCM,data:hXplfGZvyQDf6m0YFWgtdHCLy0178BZNbDFxoAvj6J/R2Dv27YZQ+kn7au6Z11xFNA1A0K3pQCfzuSeuNtLm6OqHU/QAsXcYF3DQnfrotod1i8FTT+UqLvFTXGp5smUQzpKzzJQHxfMOsXXMMyHwLiytCbpWHapyVJuG2EDdai4MScHqtepqaWsHAj0TYaED3QJFfn6vC3VqHlfe3WMY/fpy7brpAyccjbTYEdYiUOzYzzgjk00Jw1zByLNld5CeuXsiYto+Ce66CK/i7aN9OlDF7F/hibosk1AAPwqAvboGGcervEO1qtNVoKkprzvyHAQyf4HRpSNbsaEFPrzog3YW4vvu6dQlXujQuYF1ZRqCejgUGYSihC/NaZW2O8F3eJKkXVnRQkcbr2GzLRpawQZ6E5i0X5PgSHaFQsGJ5UsANbWY2tJJomQdtmQEsjJDbwG1RTBW9VvMLAdTj2daasixA13inqxbUK2o23tp9HRscSbho2de0lOH+JT+j0j+Mi4VOoCQMWc0Ln1YDFvjZMfUNtlR7Qd1Q2MySAUcGRf4w8Wf3waIb6x+BhBYghdJGsAiV1jyq+Pp8bOLuoTXYhdDI1H4gemtCSemsojPuvXgKQky75uZBRvuGSwHTCFu3WA42xU/bMNaRg8mRZSxQLMqWkWHVLBBFyiHAHjCXicTfsKhU9YQMEm9sA2Ecc3osM38guXU3/jqh0AbEGt4QOy6WMhV/xDy+eLU63vtR7YSD/DY0Nij7OnTG3GbQuyMu22j0zFW1UbX26m/pxESkPv9zQ8ilz6lNj2yxfIJz71pIjWLRrC/797Bdah+bRTeyfAQXsT3AoBuogNARNamcrdPkKQHQGEMY5UjNn/4VoFClXzeZGGeABjxLIk2hvWU10n2OiDmnj30YTrPQvRIXJQGtBNrrlPKwR1FPt8QCkeoFXwxbHQTf+rBllbAgAlfic3yUoT/foqy4c+lbXByaC0aJmwmgA1mJ9j8sFkX2znNtnbkKxesNRXWqeorUUhEafIF3lJ/tg+lwaUNtmy0Ig9NAS59iNklbNASyKjXzMzflI6H7SRsKkFeO48LMWtGH6Jo4QMvZ5sWvZSVaqWOlh1QAMZMxVzpz1eXv5TAsTpfc4anv+MgrpeHsXs3vQv2ytkale2YdukuGBuqlIQcZrw8yC8u+TvAPqDFZUAiyh8uOAwETOvQvNuttRF2qbjiIA8ZVp2Utf+ggaIPf+vE1mtWit4/rrqBSCT0XuR75duWSIS109B4iZer3rhINqIk1XTAzqO0fmyCZriw1c8T/87N4y9Z2MqIXNaLLk+UbYFd4NWuvuHUGSbsQZ8EtkWzaUPPHx/wzIVWu3ajmjUv6QFgSY9PS4eY8xKqqHxt2i98ePwfivhM6G1eBedAutLWF1m1Omjw9k72z30coa/UcfzF0fo2kQVcw8z1kJBuH1WYfk13D77soxcWLFWZ2ropRzFI52XfvXwxiyyd/sVByWt7ZyNDuUyyuyDeU7Tpzbf4N0ek2qfwBlllfTLCePqWcGAJ3zn1vYajyXFYm35YzWZh3oj0CEN1p1udyxUQ3YIvtUHHk4FPSYjuHSu3Hn8vft2gR3CYa4RvkvcxHbmH4WiSBlAlt6Lcv6TYkZ98K0/Z2bX2FMhItFE8bQoy7C+hUXek55aAwB/UQ4Fjf+2xTsckrCig+eSvM0ZJDnon4K+eUbOF6hSGbRzcX1VfqPStyHhtCUxOckccVLbWFv6sYyzuDZyvo/Nmljx3M0CjDZ5u16aVBxk3ycnlSM7WcSl5h7bjbZkZv8W0sWke/bXakBuelcvfpnzkcT0NmRT0awusSxQk+WH2iiiAT8NTijbQC3F6OPB43M9tad14WXg9cyroEcPgsm4hDwl6wsrZeWlQZ4dDwtLPF8mB5Q3cWsttUJHLrTmZJ1HyXThD8Vp9JO4jF10pE+MsDbu6vqSNOFa/X2tho24NkXElZqUXG4wZYrU964wr+pgxEvFsRx0hqeZ4OUThosJJdFGEW50RBP6UPEw7mWelpi3Q/kbVL4ulZ3And2U5N1faQIFbvWk2Kx4RP3Don78I/LLzqI9q6WAQ8HES6ulieDNu81DBd0u9128j3ZVhEBmnKpRHdGqCjA704zidAl8/+wrpgt7GdOW9AD42jU1F0aDuQujsPRszpFagmdlR6psFDOOBA4e1vTqovIrmWxbFtTr1d9oi6Bv5vDmg9d/RzS6Cu6DoSped+9uCATwRBlqP+QCO5Lz2cBuzVcqf8jAkdUlHBJxcz21xPzOJJOnR/Mx70E9h+BVfwWC9S+8REi+lFNq9nvWaAcOcDL3Pnj/GpYbO+quIGtE1RuJqW2uFd4wXiwbrk4qcVbxds0gH5DDQjOtsF9zRgV/Vmno07jJ8dZmpNq/it3Ou5eErZ/Y9BHerRCUBpWQn2r1XhgLV7Uslhunde387/ohQQeT9GlNLm6wyLLa9thhqLFxlvzRWRg+7HkutPlA2N9c/xvixs45SCfWWWKC7QTCVZR2OIxQFB0prfcmRC80nCxBi3ZdX1Oselgi1iEi3+FnqP7DNCjkXJWIasFhiRNcOw91IGKs5yaiFvCIe7kprf8Ew1xun+39H1W0AWdjaBWFSQU7kelyql4qsxh+skLuT4nss5wXh5InrYALZbvJBpBGmUAPNHGPkvcCSCaMeayqpiKoUUW7Wy8EPWY9kI1we+rpN3KhueQHqtus8nLEABduXpi1w6AGfDsslm6nRysllADNB76p/v0j2q5i/lQxM/Ks7pIA/hJGp6RKKmUZg3VlZ/GI/TXz89Ha6XHI4IOGzx15UhHPq5xuCDk2THIy0ryeHIBteVuU8uj+uoZVYMCfjqUxSe4Kvzk1QBrxntAWFb4ObVt+Mdw84YR9p33EQXPiX5JfsUULdsc2VlR7ccvL57c45GFPNGFjUJfR968GJLw3DGx65jtQWHQgUElB7Oy/UJVhdTSReZTULoh0qD0Ol473SmVx6EOcXQSVjfmBGjVkaurs8TY+OFwUQaBBCBN2T/jT+V+Y+qWf18uwaE/w+Nwe+E0QqK6uMYXvBP86QM/pSvjNJKHZZNJfnUOCx0EFml4bRUQROvucJzQLolui/DR4PP2MBRKi6rjhwMTYYCGLGjgSDsQ==,iv:vYJer+NYyRo/jcpGb66askFA42T+TmSfWTm3DKOIIt4=,tag:RlvqzLfvtJN0HloJZTJb1Q==,type:str] +cyberghost_key: ENC[AES256_GCM,data:qfPwy1DSooR6eo9O7j6h43wILh4PzxE2X0pdbzh3gw1D98rR8GWEj8sukK/L0TzfGYqYWDPy15OeymaGdm6p1WtevBOlkZtQcXmo7jg3+k0TFUnUctNDm2cOjuKck7CGDFtwbMsOHtCxwhwYouCmes9sQ6KSfolVkutVcvEfI1qhjOvJabsZt4O0P5wB4dQUMQfcPwXYKLuW3xlP2MvIn+Q6XZzfLOqoHnAwQhyxfGsOeMkPV2GXzMsqcCuDhfItU7d1GHzMCOLQsWspwNr1jJd0a56YhY+oPHs+yRSEvzFeL08ZyQjPr7YX/p5w84aJrY7THDlBcAK3d35EQOPvAEghrbmas/aKSxDXPL2W3GKKhok9ztpX6QDywkgwUbetXs+oVUF3sHK+UlyiW4RLPsKoQQPtHYBvgIwtT9ym21PJvgFy4dOJF+XW3CfpZcAOONB2L2mxrhB04CV0is3i+SnQE4tVIqGfQBVrDeuGB/+7Pjy2cW0zkEOAHrwGbdlqG0kgdHFOdbDp2fJl5zTRd9hBhYeXT9mbFtlJ+50KyGOAkJZf9a3O0BwgYRR0sdaEWfOLDMsz5L1DlvzidrChGBwFbHAyuFkjE/hkhddAH+1xiCfRCb+mGqs03rDhIpJbEMZLRZFsLWu+hlXKZ4AXamkuOvkk9KvrYL8KVjkVk1GIIeQqVFE1tiSCtlGeODYblA/5HPTCH1wPrLBNCRS6xkxEwHs/qZx6J0qN6j94lWDWa/Q83g7L3OKL8JTlsyr+D9100veMUVhvo8RiJy85Z7tTqXXEckEWKgnC53dZ1ruILNzupytUYa9rYjNcQ1KXy0dwYbMDQ4kvLCpJtO47pXo1i9V9bDFrYCLipCtyg+s2RUzYOnW4GXpn+de9MDEJ5oOp0pMZ25HG3fpnZDvaIyPyytpyj7apx3VDf62Eq5Rodd49uKuDjlbWDezaaU6MjRqhmpv8dbs7c/7pogZmaztxKTbs+EZ/6l66cek24GS7GjQj0e+N32vY1ACcQUCjg9smCGvhKs0H5kL1YOJkopN9ZWVV9p32p0IsbQHsRebSOHablHT8q6tyYfP6ctHH6BNfoUlfZjHtR52VEiY0OstmnjsJxE2hYPX+l4tpUGNGv18nQ4C2ez3baMWHNXzRTXo+g4zjVkW0Ggi0ecd7I5vR5vUNNA74Hv5Mrd+oAYkf/65XGlTJu5VIM0f7IvlSintmmM0pLB1rmCgnZenlhhbY+0862xS2j1YcZIapox8JT/W2IRUYKnJ7j7B3bc/57JWDzaBM/AukhZvERqdm12fhh9jNrNDjK25HmNwdh4Bsf7IyVqXh/nSsH5MtTCASonn/DG+6pGLwOCxKiQdNmlYD8yiZ2RkSfFs14glr0frUYcgCEOFb18IeF/e6srzKSocRVJqKAoCQhnu4qNMy7YDXpmucnzhWuwcFeKC6gaTKBPj6pxM8OSXM7uqe27So4flZIbNU8yvDp0Ub0LYco/EJGUEL9lwitMydSV0F3gjc8zvEbYMs7qlYg9dD1jxJd5vaPkx59DHCpEMOHn1CjVxazZNvexJLG7j4FBkM6PhF131/C7C4cly8ASLQd5E6nZb54GZdKqDp6MVgipeKJ1Z8A/onBC/Glal1bl6ASeAO2Mkfq7PBJ54CKXaxiQ+TFpCfy7DrOArQzaBJ9s/Gy14EoGfb/o0VuXhj4vwChig16x7vu5MnEFdItPjkfRa638KkILeS4OXm0ae+KKxBUchCwXdRyGK+wn7Kz9E9xOjcKMI/kiDnAB/mTkLC+IA5wRuXgtVyFk3BuvrJaYIHsJVZofP5lYz0JLmXXtPyytI3r/IwSL3B0jupo/KHUZx6MBwjBYG/fKJgTQvvbGDePNFHfk5y/At96P7QZIVO+QlmQg1em0pRpYbO30GVhcDko9LvNG5rLPB7a6SNB/pllOgBjbEKWoNPVwFVe17ILzA2Hl/egkW+wxiJM39bG7Ll1bMN5Q32yNZlUAzWBHDSd4DhM14ock9irRGtLqrhHH0QyMr1WlVoMRXTGT7aMLUBc4IEY7kXnx4Sw/RILqOFZsML6Kz5EEroTR/gzDpr1xYxcIRrRmaBS2YMc6wgfIRstsspMT2kUUT5n3MBJlur2CpyNEpqh5o0oRpACQyqdc9P35BVc5NYdAIg6zYKHtiTpl3I/Py+XDSDT/wC1OrKRJjuw0ES/wgDoygbPxieqdUGCqDkEjuM/UZqmIILAHBBvqniMVB5QLO53NO4lhrTbhmBWDXzw9dpJ77O6In8DmQ6cmuBsOAC1JqlGhFHpp1YMKtlQlOpwsORZSdwc/sfMkai/dXjhoh9Ptpk1fUKH+3AHzd+Ulb6Y7daInVgutnO/XFj832l8WwHzyZPLBTpbRbHeeSQevIHM/x/jLDZlUGVktrN04Dj4CJJstyeETIegzILTrXUhIq/W9cEd9vEdlSRRwTn5Z/E8zfET5fxLWSrMRTTQWOh1jIh7FI+P9d3x0K0fk0CR+vclyvVm506zAgF8KCBPjljDZYgeXyPMJ/icU9QhA72++IGo/XoT81fpB34Zt513PQk4WGmUGhAgiQP1EObnQ/YNaTcdUU8fhvq7YcyUlRA+vfaKMS1S18a8RKfYs0yWxCG4CuCb9pWhRK2ALjNeqYS70dFeeiAHI7UKjV+I5CbtLdIt0/oGDFKokH5xRVl6JkLq8iVPCaCyCOc0FCfBVyPBF3Qaisvh3GyIpCPbx0mp8fDRsiXLJShyqaqC6hpD88PnTDE2mvMyB/bH8Quzh5OrLp2CTDeOvWtg1GxYowiL0CC77ogUQhfM1ut8g+tvjgsmuiXU1uEzpHCsIXnSnUvwJW6tV37S0YUePoVAi6hVJTr60M2s4+0J2IxDnb9h2GVZqmusyQU74cKXJrEOC6r5apkhH2GG2jdVQGn2ETY/b/cbFtI38EtT4IbOa/OQDLf9F0UJPuYi5Ne0mII4asEmWdfco9P5oU4Ssr39WmTfmrBLvEQ0IhPSwKmtZlA1x85FSv5+wKauBYw3GTZa/tsp7E2MHhkyRWG1eMMziceCOrTD7NgRRLQIgN+ejm43i+OdMzi9vjzf1vg+barXOOd34yjY6zqpX9hEAJuxYgT2s8fGj59ljZsqp/qSICBIiImOyjxgKou1nh+AJY0Qs4fIGVTstf7aG540IiOGNTy41sVWdtKBeeahez9FB2lxMZ+A/83IRtmlnMcqXKhIgS7c3ajaRrgjesO/fbHnE557Ocz2A6SdoOn9rqVXD6VGvM2fkbj8no0ooCnvNtQ8JEMu6hyVipSqgRxcZlnW05NGOTtWxV3xRI3RK5tNguYgqqLIQvSARDDgm/HtJoJgom8lqSkLXswGjbxpJ1GP9lWpyov+muy9viwLQZQgEma7w2M0gIB84s3FOuYMIz7pKEDntUO7jRUl5+T8gJoJ9ex32InELTLWgksB8mb4ZuSCOmoISEEaBsPYtSG9wo5bWg5uz0/ToudFf+WRA9JT/MesSzVhehqFx1eMGAKHoRd02oMOtwIzQuc0Xp0DuYBTWOk/aHyRDxfluaFSIyAR/KBkO7fc9jKTu1JJifPCXZWInRXvPogmafCyYicC3gc2ITNumezK+oD8fjbWHW0gDIvk9qQjxhQJz99N0XYiRLTl1SssGMKADMzauPWSMDwn1VQ8t9Yc+NvT9i+9TB5YL7E3XhD3aqqwLbLOlIjvlaEhWeMjoaGlaVaz7u2n6g4zAGcVG5/uocZ2QI7byppVE/8rpjBAs1zQr3A/ajvcgCQ3+3g+sy+3w6C1KmYJj3kyF14FhTDLWekAyX1VlEQCB1BUeB7lc3CuPftTDSRKLU/vOygvIdzLMJdsQu/98qjOawsKwEVSXtSrrLXTcyhHRKvkRhUOOD6z1WRl0UTmSrqnzGraEV737vDQrMzMyq06r3mlV6xnho19F4aH2pHgI0uJcFB7efPz7nxOKtlhoc1BiAb88+sDksRJd7/+4+32hSkFQ/2MfC+wwlryo9NXtgSbUnMBYZqQIW0PfoArFTY6La9mrhPpAZ5HLmj3H6xRGhSyLJGBoW+jDltI6pic6G7oBODfUOmUei+CeQ2JKYGfjMcXmndU1qmR2Wj8ytS7yK/J2SxWRGAgmUiGI0gv5nnoe+aHa20yOL54k9XZLSMin5sghcXzTxtLcNz5sfBUIF3sQzhwYUGR9UfNYx3OkeL0HOXQlcICC6cUFan/zIc+8GXHhxLd6NabTiZiTXdYRuAoJeIt1qNUeK0xvLNm08fHiT3eGXbS7NVjtPTw/nYUx6Ca8LaM9eZBfgNowfn47LvoAuliQP2vLAjuatyjlcC/hFfu9Surfcb9LUM/ZsyMFM=,iv:EgSXZvyWmcBxBkAe6asJ2B12FKaLQPy4tRAtCvkys3M=,tag:B0lyX7IRNHX1CqlvBZaSpg==,type:str] sops: kms: [] gcp_kms: [] @@ -37,8 +41,8 @@ sops: L21ncjlQdGVDUjI2eXFIb3U2dW13bWsKuEwATNEUWtjuLsH7DQAt6J2l4blTId1W A1kQ+0dfUKrZ0dsbvUA5L9+haUiK8f5RvapaKW+L2JEn7gW5wJSJEw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2022-11-30T08:33:24Z" - mac: ENC[AES256_GCM,data:/vJdDVpv+iM66wANeLLl+CPtg2j1OCyKlGHhsQQT/RphUj4IlIsjKj+j59lmM6bRBfebTTRt1scFgz8CCPoyfSH0KrAyPLPs1SPxZT6Le87PkmO2rfH0MpNCrBDUdtpMgKs+kbxSzbqnh6X3+juXnOL3oUB3K0cdF6hAr4cP5xU=,iv:3IxaC/8y8FwKxO3mPP7f/byjYih3O6zZU6HJK2cAPvw=,tag:g8crhgnYs670wLPcC3HIhw==,type:str] + lastmodified: "2025-02-03T12:21:26Z" + mac: ENC[AES256_GCM,data:VvYYibPesUGh5LpR5dXUbJy0mwN9NkBn9CNx+SmWPR+wsaRMGR0Nkhmjmv+WpRGatL+Ka5cGezFFjdOd6urWpcSmL32zcPumVo/CRsZi4JEiuT3qHJkrKM38IPV5WSv1RxQaYwsN4/e5rMdRqeHCLatHbD28LAZxGz1bENCdYbw=,iv:zntGu7xokETUufEK/63ukM+voCEhyuA+hyhVrTNHvrA=,tag:lg2S+e9QL56A/Jaw1Ha0ug==,type:str] pgp: [] unencrypted_suffix: _unencrypted - version: 3.7.3 + version: 3.9.4 From 7de9b583d57392c618077434d0de9f5d01078cc9 Mon Sep 17 00:00:00 2001 From: Dominik Polakovics Date: Tue, 4 Feb 2025 11:52:38 +0100 Subject: [PATCH 7/8] add local mysql and postgresql server --- hosts/nb/configuration.nix | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/hosts/nb/configuration.nix b/hosts/nb/configuration.nix index 07a1812..2328735 100644 --- a/hosts/nb/configuration.nix +++ b/hosts/nb/configuration.nix @@ -25,6 +25,7 @@ in { ./modules/appimage.nix ./modules/sway/sway.nix ./modules/printer.nix + ./modules/cyberghost.nix ./modules/nvim/default.nix ./utils/modules/autoupgrade.nix @@ -57,6 +58,38 @@ in { creality-print ]; + services.mysql = { + enable = true; # Enable the MySQL service + package = pkgs.mariadb; # Use MariaDB as the package + dataDir = "/var/lib/mysql"; # Specify the data directory + }; + services.mysql.ensureUsers = [ + { + name = "dominik"; + ensurePermissions = { + "*.*" = "ALL PRIVILEGES"; + }; + } + ]; + + services.postgresql= { + enable = true; + ensureDatabases = ["dominik" "flowuser"]; + authentication = pkgs.lib.mkOverride 10 '' + local all all trust + host all all 127.0.0.1/32 trust + host all all ::1/128 trust + ''; + enableTCPIP = true; + ensureUsers = [ + { + name = "dominik"; # Replace with your actual Unix username + ensureClauses.superuser = true; + ensureClauses.login = true; + } + ]; + }; + programs.zsh = { enable = true; ohMyZsh = { @@ -123,6 +156,7 @@ in { "/var/lib/docker" "/var/lib/flatpak" "/var/lib/nixos" + "/var/lib/mysql" "/etc/NetworkManager/system-connections" ]; files = [ From e2add63337d6f9b6dbf087f58d65d9f4952d6ac6 Mon Sep 17 00:00:00 2001 From: Dominik Polakovics Date: Tue, 4 Feb 2025 11:52:44 +0100 Subject: [PATCH 8/8] add vscode --- hosts/nb/modules/sway/sway.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/nb/modules/sway/sway.nix b/hosts/nb/modules/sway/sway.nix index 71b3368..5514173 100644 --- a/hosts/nb/modules/sway/sway.nix +++ b/hosts/nb/modules/sway/sway.nix @@ -83,6 +83,7 @@ in { hypnotix code-cursor + vscode-fhs quickemu