From 57230a32c3da535192aaf563b0f4640b6a907c7f Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Thu, 2 Jan 2025 21:43:20 +0100 Subject: [PATCH 1/7] nextcloud (deactivated) --- configuration.nix | 1 + sops-secrets.yaml | 3 +++ system-modules/nx2site/nextcloud.nix | 26 ++++++++++++++++++++++++++ system-modules/nx2site/proxy.nix | 3 +++ system-modules/postgres.nix | 5 +++++ system-modules/users.nix | 1 + 6 files changed, 39 insertions(+) create mode 100644 system-modules/nx2site/nextcloud.nix diff --git a/configuration.nix b/configuration.nix index eacaa22..a2aab43 100644 --- a/configuration.nix +++ b/configuration.nix @@ -43,6 +43,7 @@ ./system-modules/postgres.nix ./system-modules/nx2site/proxy.nix ./system-modules/nx2site/gitea.nix + # ./system-modules/nx2site/nextcloud.nix ./system-modules/nx2site/vaultwarden.nix ./system-modules/nx2site/paperless.nix ] else []); diff --git a/sops-secrets.yaml b/sops-secrets.yaml index ed56508..5c1119d 100644 --- a/sops-secrets.yaml +++ b/sops-secrets.yaml @@ -29,6 +29,9 @@ nx2site: vaultwarden.env: ENC[AES256_GCM,data:9LcB2B/IJ2xQCTNKtRr9bBbtFqZMGSi/9jPozmGUtMvgeVqlljpbtVgCzH62oeUQMLeKQ0SxHsQ7GDgU25X6wVZ8qMT4hzVzNYJnXljs1/ePPN+NfCsPtnBjo+jQLvhVPb8gIGpmT/ZqNMXBLNpLWu2U3RQVzwlJS2wQsP4kbR+z2nuEL/bs52qI9cNmsRTA/C8gIQHCHJby+PTh6BbXp0Wvy0xI+KHKx2qSYiVXsjowid+0h56/Ma1cqUcZlxUiDSUYmTvmgYPzigFD9jOkg1mhHRIi8iste6EDVWB0jHcKMMihd7dMZ64/UUY2y5/ardIP9jUA,iv:/EQv/PYTIHANDjbjMe/BmY6dwjok9YsYj5iKLWyu0eI=,tag:IMcJ3nle9wJANuogrJBUuQ==,type:str] radicale-htpasswd: ENC[AES256_GCM,data:P7flxa84q/SVhkV1A1aV/R6B2EqwFX0WTpHctK/Jz1yhPxRotWSH1qvJpWjAmVdtX/icWdxHSKdhbscDDEMf5EQ=,iv:Dc/bMYU9gTzHTDEpwkLx9tzeG2AEJJsj2XNxPVSd0Sc=,tag:7U91MLVKq0Ya6FuOgV44rA==,type:str] paperless.pw: ENC[AES256_GCM,data:zuKVsJdnCSltaX9KpB5iTFAh70s4dkQo,iv:w6hyl8ueZY5MAw25IejdMdUhs90i7aPo2U+bWBwQuKY=,tag:jJPQ/vL0gtgrv3w64Y+Eqw==,type:str] + nextcloud: + admin-pass: ENC[AES256_GCM,data:u6k70HwxBKAom8kvUihNjwbYsOikOt4sG1U=,iv:K0XPh1NfaGhFJ0ZVOWqnihZee6uuWxr0Vu8aR0ykr30=,tag:YyxgoVUxk4YxFnDmXkBXpw==,type:str] + db-pass: ENC[AES256_GCM,data:HHY1XolLvLngYQHkfFEYTEmcIR7BSpwQ,iv:hFeuULgGVq+QxzIO0dcBaSlTFP1E7B6tv7BM0EUcTQA=,tag:ZsZyKMSeRLCEB3mZUiBa6w==,type:str] USERTrust: ECC: ENC[AES256_GCM,data:yVSxTKRhXXPwfY7STz4YOWjgBSINYG4zjISQ/9Q9Zn1gZl/wbDQjSk7prN5fSn9aVH46TbT2mPlRDt7jcfbEZ5JmUnIfDZ7JqrAukOxy7wLAF+m4R7/KdLmdM3xJ6cnH6Tm3KQjRPL26zN4BD3T1oqNw/NPxlfqWeMrjMYZSktmoNAwAjntIqrnoXIuEPKvAsqIbg+SLvrSo05DhDy48c16jSi5zzfQ9M4fEgsugw8y7BWF/eAooLsvnpinc3Ek0XpSy2QJoD9plaW0z1lUT/UFmVVZsLDejb5hbzOnklhjSgE8S7wO4Zmvnu3It5M1YATSR5PsaG7QqaP1w6dd2DdvSnfeVeS28AdgVnOUM2MwJsgTWlvtol6ErIxaUf3n3+PAXTubhH37auOoMDeFeu1lAAe2lKiQcCtpE9gy1dkZ3vSZO6eHq7REo1qauao2LrrgBfPS0p0nhMBjOiORDI06JkNwDFBktjBI9JFHBNfd/CMrgXhfsxujbVxFSD6VD7DxBb3TDgOAm5GS6YJVC5bxQx038GnHorBsUBeR6BzpxG/lrNcBdNaHKqjngBbQmYR/skbLlrJblDyXdI4Xyh55Eogz28rwT5HhjoWOGjAk9P2qk9QAqKcWuRXsS77jRIeD59cqq9EKDRzixEJntCvxxsS1LLYBG4vmzXk4qgb1vGUgNKUaVXPNjXX2ueaLtkEMkx9sMmKcyKLzLoD3/yPYEiUTwCoXaNf3o4OUrvli7mW7qzGrqXTQtQfOd7fMGupgjtR68dEQxP2M/J1725phvSUQNx8SuERMOwzHwd7Yt/Z5TKJ+B/m7uxYyVeo9QYlkHrjVAVLmHc6qnKGVZrSGSkdVVr4dksOc7gyB28MP7JZRADCnHq7+1jhRMCiOT51I/ZyrqWtTqDNBFATCeDDWF7qZcrzWq4GrWm2dmWwQlUm5lW7+MsVgrFowjnbbjwcWy2ROIPiiC3cQ7ztxqXMZZjHUVDa4OC19d4vsDETphTuFQtNHTWGnps/phrV5X5QfIC5nmrHqeyJR2YRNb1M/IZMD1nWFvDJG0B46ES03YaIrQYt46HK3Pd25arssGS+Gzx8p65NTriRBp+KAkGf8dN9+/bECHI8coWKXpi31Uu1GoN4tf0f3OoQtpq2mCF9wz9B/cl/j7jBVKN1/OPqmd/IWr737eYQLeJ/XOKs3W5+5bdnl5I0ewaipPYelUY/ZNWCMN91U8PInGrThnASRdCkNMPOzU56MIBj3gFWn/DIq/kaFpf5CFq3Zvniy5HIf/+ZyLhMH4v7O4GSgMCcomEXLlQJZ9K4ZPHo1IYfHJqi0OEfmZageDkRrD9434ByYibg1wJRVvZfUbh4HJjgIrf1yZhTAe4DVBpYnf7wuJIw0HkNRu4piiNw8LIh2ga+f36iDs5Nl0qaZtMR3gLUBiMxrLS3Yakuof+xcglzfVMo8YBD90qBFKke7OUi7CQCZw6orE/EJ8pxDTWL4sedcv/OowKo4xqh5PtUBAOljs7i1z/zHtr4Cr64SH6DW/2vp7gYA62+BPrbhSRJbW6wkWR2hWn4pYJLirKwUBasO1Iewpj6ps3if5IKVrv6kfFoFYfLF8cEpIDjek61OU15tjXRMZENR0vSQRAm9D92VGCXcD3gnW34jF+i6HnArPF8hJ8vDIAb7LYf0xuCZ0JU8QNIUqSdHIcH/GAZGNHAP2EBV+Xbffw9rIycPM4JUIPvbUNVnXsR4+Hc1URd1FkTDlvQEE3lWlPVtcbChbg/221OdKVewi4YwXFWQV45fbwsZX05FGunVBr+/G0SEGeJ25kud9YbP/C2K1i/GQeGw5ItOmThpkXr2X/OyonnFSXnYQjy6fwEBnAX2KPVTqY7T8OxgAj7UT63Niv+w68uoay/pgyuAUBKOQ3t4HmfXPaKm0bYNQNt0r8CTLIxqFxJZxJ1syTqnMXLOdowWpDpDszFHQChiFAOuBwK61dYjUC/OHFlxDkLKkKe38EuWdBCyGqHPfj7m23+h/E09u1WzwksUk9jm6DfyTAoz/MZGsbm9pSQl22qzC3og2SwUi+smgCSrcojp4q0W92onAAxe3siPAPIPpt1Gj8GRvkImHQ/rNQkgiJ4jJfN3epiJgBJ+YCGIByivV0XFLB/9UVu7Vw554/nG9BlfKJ9h0G7VPQgd5MJGvkLqJzCrPh6QyK9uOjbJLO4dWkmaL3oZr4IVbwGk3NXZ7oef7A4RFOHDDevJintMLz1ZOkaaJKWe6YoijmAC2tQNGMIoRw6YcLjcmVPJz12W+6MEPH3YOdUl3b/NnfScuTVYBSP0cFXlDwg/rphUD7oykohsLtPOWhYW/GWvAdV4iwZpzQ0yFHasYGiERPytDKmRffoILDoTOn4HGVVCQaGnm/o7pl5BU4hFQOzvUC4C4LYRwpsz7EaRp0Y3Qqt4S2Xc/k0E0W3XU+sVNSvoBgweNhDlKaefjjSSjDNza6l9fTS3XPTprrEhMU7CvDjpsC8vfd5QTiNDxC7XGJEa0FTiCr2Xyz3YM5c8jWOk1hNOcSvJ1GvZhUWw0pX/HaihI49WQqA4/4GtLfG9f5TkCsLanj0wzVLM7XntN5ol0H5R69nJ5mPLIGXsErG9A/Xai9ol9joVUIJVRwLx8iJEyGx8m1pyOENjOkudgnKFryoWsNGbQo6G+0JEvEAjUuApkYNJvqKNRKrw+GSjxRZtewo8V9rC5a6nsUOPK/U5WaF5UMxu/L4fk8jQltcBRhQpuPZboEo6KNmUzMsK3aweMrQdHnLDlOIoJiDqj9ySPv2C3aeVoKWiscQ==,iv:GS5GMpbxeweqwjUvOzqg59xBOzNZqrL5t7RjsFjpucM=,tag:j0MaMw71fnRHxeydlqAaww==,type:str] RSA: ENC[AES256_GCM,data:pgCzxri1wLZbl5e/KeVvtHRRe0XkdB8GLp2UbQOlJ9hRvRerJ6r8VhSSDh5vfySL6ow4urXzTG5oZwOcXeZgb+DgT3ZFS+npPvbzcc8T/hU8C5tVXYdqdLJHLXAmVG2nbkuIE6z7Bu8SngBZx1jXNBBl2W4vO6GcL0naNj2IyT+1nGhwuNdn4iMMTIjZhlF81PwYRY/TzcljyST4FZc4u/55oSUNrb8Z7KmhkrmaHNPFACTXiXli/zrPKfisztRvZZLfRZ57067/fiOTdwxXyiSxsh+oKRG8JlvdLQvjZ9tMGagzAafEyWVYyrVJIRBme9Uy4HtG/uOZ39gXVE+D8sh1GWftrmvjXPO2OdD/tIa6kskfZNWWFoEOtiRcKH+fuBTe7/ezjzqJA0qZvfwduXqkfVbNcS3YRNRM3jpLwGHDEv2hnVqn4bjB5We/1KBMCtbrHtAc26M3AepeAUy+ka1xW5WO9LsZ5ck1gnFrV5bkFWDr+evBRUuiId5QuAifkDsKlqLsWAeWFpgc7DdjUrpRG0yry8PFEOZP7w7D2/AEeoGc1dMDgX95mvs+0EmA4lutmt2fF14QZJwzhH39/TLGrRmjrohqJ0kD+h8XykBt1JbOPg91dnxmEJuESPNAxhotrj8xuuklvyLKAcfWWRJ1NIvbG6rmlL+m1x+2hUVw9gVGzyGaaSLOqG/6kHwIV2v+ZvCm+n3JBle+ooSi9mxgefVvJc28hSdC5SvNN0KyDvAY32NgOqYFPrvwx4QHxdm6D5jHXOoFEAkN4duSmDwmVGUq9fL5ds4v815a2Fgn2IZB1l82mLFgy4xaBPlbjrqRnuhgpRRbKu+eSNh13lTEwbrEKJfL89cX1Q9N4Y9aK/I7nq9lfybZ+XYXfoLU+7yXZ6gmm2hw6EkwvmAg1zPnoec5hCOZxotPYByvROOK4TyBCWoF2w+5vmSatZdodLwyoNWSsqtpowWHImCH/UZZ5NkBs0pWOnLBSuP32nFN5GN+0y1EKq+4AxL3pwutpo2iMAFlXI5lu5S4fP6nreZUsYqpp9QpwQtmSbU3iMC4bMSHA4LrhLSCfa3AClVirB4xabCnDWDa8tD5j40Zy0gqk289/qbcmmNC9RpTzrI3aag/hZx4eKjb92Ma5s4E2FZL0BQVrdQ8vD0yuhIaU0qp0ahU1D0/H+HS6Gsi1mfWsfNhsSBBDW0IVC/+8zFxvWYysbVPJJj7m7JY0IwW1yKzPvPnMdkWVS8OcJoODa97V15TaXt7yAstmCVYGZS9qc6VurF5MqQM6c4PluJXPyMlZAwQojrnaCuGuljXpmot5M62MvNMdh4psfa0Y1YiCWjer8XtmYhVvzQPepD/YhsouMrCRGD5pxaXozhoS1bUVD9ReBQb9Gg2sQr8MEQ8oNB/a6fLmNwqY7IWmk9pAhBmk5ng120LS5q+3vjj/hw9+Dz6Ojp6BAVNGs1us5YW86GSSlqVmLew4p+HBiYQyhFCmi9p1WIjrNyT/oHUDYGreL2A6NEo6aePPYeVtbNEYi0UahEscGUrqu953MV+PpbanJI7WHKpHek3Nsdgwyel4V9wjgxSpLWvfwj7QqXL8Xngoyd/4FL+G9MvLc3cDYhIFAryBvqRgXrwRk3CkAijzpk/2hui0qlhmDza8KRpfo/4bwz0i4d/wRyWe3+24WY1CjPkDzclc3VZVQDiSg6KsUQvGnc6Wv1+awjE2kA18j3NR4RYBXgxEflj5Ft2BLG6rq+RakLguXDCAMQA4hcx1L+ThDCdn09c58H9Uc/GRLE5uuFRgLB5UtsQimGXuXzxsA3YIN3CijT6NJTKH9WCvQ4tZnk0Jq73rq4oynTCbZBVPgQi5SrfD1Zr0eXgmirLQZFCEV4EqNrtheZ+vqTkWf7rrvG04C6QqLIHWttdsL3ejfB6ddfwM/sou1JmmgTzEo52CCYf1otKNQwD+shx7Xcrm17vu+v57q6bOQrbeBNb/MDPm8qH4/J89NgSKHO8kzvfAm2qWxmr+90Of0cxVT5l7IdnOBCuYSHgTLIALgTmLmKvPm9l/pOjfIQZmvJ7Alo/eqKfcPw6uwoSDn/5+Pj1c9p2ub1CwRZKZlnULQLI0uyw5eQGceOsuivjO6iQjsk4iGecvlGYwZtlqidz359zCysMSuKrXS+XNGT1xy7fmnyct72HJvSeyq8bSNSAEc/iW+ia9n1GJDj4vW84v/zwi0dm1s/qKnq5M2m/pUvZembcOK/1vY0tsD2McTqIjgKPDS0UO3lgEr8vHFok5kJrU3rVV8iJeLHv3oCzKvjgR9jjqdlceRjSJarVFz1lSxenzoVq0JcH2cde2yQ3vdPusEd2LZC2tVYgqPprp/zOSbWsJPq57eiUl/UX2vOuNAV28HXVIuDqs27q2BOlUvBLCirIurjlONXpdRybN3dtevk/lIel0aRU5L5g9Mr1zhtHsoo6WI0In+RzFsD63AsBNDoufVmXgHr0G/bZLwPCdk1xCeEKv1Bq4fpappx8iEQv5GtwZBkPh8N8D0+ngbccx5N0pMcL2BM/HqeRDXR1Tw72EVEG8Bx4Twue5NBi6rtlfDnDvAj524fylSMSPgab8zq3tY9DnIci3ajnRYpIO3uDgH5cbMxqEb6gnpQNkzVUk0yJXR8nvS8qT6TbryX94howqnrID/8HQZ13ja2d8pW4Sro4+xI9WFFSx8bFSeBjhj4nzyvsyam9nJGDJnuYtNEod/CBMjkRPbBq1doske2twYLudoEObY3FXdZJ5VfiD/zGKXPHjL+pd9L8V2QFicazwE4CcIDoSaOr44VADVwh/Iu6Wr1fVZvmSRPmorlRS4DnUDXEC4dl+C2Z9JhxuL9CEoin+k6yILXsBcRrp2LrRs0U6IW2rVrrtD9MzBosjOGflVABVGhCA4q0LOWF+/5NonHaeB3E0mntFyTvuGTEN2fhnrpW86UERIXOySKTm6nN6BcgmvozgGKQ49jdzuzqVjfWGI9isL9UBNmkamrqbYmdqpoIiWycS7Aeyfh6XWMR+zEjeImqvdF8RQs7Ro9MJWj5Bm5bXs+gaLV4vzNj9/ZzzHZs/UmkBWEPtYs/5KO89Xj9lHBSVfE1c/sM6iDaGLOeO1v2MAIecOoMvIjBJ/YilYJmyywuILjxGN25jlyPVEy5DWnUOSIln6G9eyDjs3VLNsITXFH1co+M2KhDr9sQqJ5lKBitpZUsl/4KI2uiAXm7+kuQOn/27NDBZ0PdW8cwyVg2tirGJDvkmDH1umCas5/OhDEfu7+N9oW6wMpZCeR2lJwS0nTSEkk2Gis7WisgB7j9yY0evOeSecaKaq9RFxg2T3qJ9QR+ZssCXacezSZm/PTa2BByHeHJJ/P6p/f+rg+hziMkESOqx6C4BgGeEZKTAdwTyRfNmsp4bdg9XcqZAgnhtSHb24qAf7Upd/ttwS496H8HdS5bTrmSr8/JvwIKy+rs+id7CzcKYc2HEq0FSUt473Vb3s7kS2YDiqnGW7BRLIPDMApLuCDYeFfHExZhdtbX7O415herG52VffHfAoVfr+DQfipqkDUqno7+coZxthnBY1e8V4bJTcul36CO/sB2vP2/4yfzv/HSuviVVRLY58cGBVk9lSiTBQao3+N/f8a23k1wqEFy60uL4jW4X9swgFed8Q48kAUq9SSfxnKHeQrKrvo9rPHGcetrCC2GQP1u0gHD1TV4F1JGloN8MhMlBGtwBGhOIFcQvUomiTqNrDCobqOqcLUJuVL7jZ+Saw6CiH1QJrSQZ5QuCW9XHoOOgvZzdPqEGuSb6nky2OQ1EjLMQtp7SsrwYp32lkWJ9RY3OUk3LLvTM8Exxg56nDqiOopg0GaWAhf4H4MTrAlssM69epH+5SaJyUEhweg5BZP3mY9FnnkdhG7W9JeDQXu1JOhSm7Td0ForDAoznBcID3SacOCbeSAqtGRBZGxnXFN01MTmUnA7Sy+Sm1WoN+o9u28ttG372sVavQlDZvM+9qXr15hcXt/IYscnbpgw0L7DrcZ4RWb8ATtOov8zhtlwB7QvDQ1LX2g2+5Ag2QcuQJmAYH731XnctUsrCmPKfCVh3CzdNS7DH90bli3cC4t+fpAuAXVNh5wPrCEb9Xco/WUKYe6XNS0Z/xi7PbGBH0s6ThYNzCFbwH4e4CDwD8uP7UA6iL+Uuts5Cz5Fcm7WMqPDFYFAdcA38fOWpXqVRYo6Dan8x/RNAPVNko6MnwXeq061jz7XTk6zEpNymxgjNPJRgcvhItfDHtrGpUqSIJxkQv0g3wppXnWlNX6zGIelUJmLkWuJUJfbznXTdkCr+oF5vwuauwO8iCx/h+7AZBD61w47BmRQLLdDP5I2ptdbrIN4ygouDUVE6bwiw2nhBZuR9ufzcO+WyWNHt5h/N5IuErH/5QcfJOBVRcJYuyFgEWrFax7fiwMCzgKhxN0x1WHa7F8gxGNTIGG9QVNf/6tpYVCAao4pQGErxKVqfVQ1374zbsFSy5PF0oyW5ueEQOVJ82RBjwYtLjX2gXY56nfdLy+D22S3XEHeHLLLg16Vtkf4Twmvzkxjc/YfN2vxu8d5tFbHnyanicj3SBgiiZLvg5iDwjtfONFQ6oX0vfoJ7B5xBsnxiLptx+HPN2onwsF/e7pCl0cTRTLO8Jt7Z8Ob0FYcmd31R2d8paemcIRzfgsqS2JWtJBckAqeQit+Gn+U82aKGew+1FVjlGUrwTO6Q6ztXh75B71V3urA65MaLRX5/7t3nGE8FKip+KfG+yTCHu0F411obb8TME+YwBfz8M4kDUBVtmFUrXEEF9aYD/atxxF02yB/ABPybB6Zcyo5r/U6P0G6jVUGXn3hgQkl1OzkQt06aH/J/LwMN271gc8whsV3pfZC3YfQ3212BAviAshfPyNtHPkShpu6fx5iVDoaL5LHS/A1K7kQ5yya4ECCndpTpF1rYamNVw9a5m64Tma3AGFORy6ZQfaHcV2w0RUs3P3ZXGPcuE2VKeTLLGG43W/FbqGAvxjax2j3qGtZ99Ox85ZAVu5O6PvZSvGSpUW6ebGTCsAgSz5h8V8TfWpaQtR0RrjuzGWoWiW5R2VqfmmIQcn34+t2GgfkZB5QH/o7S5z86UL05dLzdyXXyxIn5sWi0Q1B3yAjFCOVstaAr92fGfx+JHOrMFFKu+bLBpez8lE6f+h4HHzTDVnIB1Zb7d3wNwLVk7PmFy6NeByj0kmjY3Ts5pWctWAAQkI+nOtuM4o101AwCMdMfj3M/mr1J7OWy3Rxgaj58IknfPJpeoMhgkvu66WrkgS3XZE6e/n55sPkGHSDMcHTm2364+oJOSMzDUAJgGjDt9Jvalo1wruDA5pPF4F6y/F/8njO8qkoXnuWRG5BpzO66LwDTDOcUCCFzym6eRBnLo9sGbGZxlvRRSHwIRMa80tcqZqbAuVeW+2/PiSMN7zhzLTNdzhaC4cIOuilcdat1+//+qI3OWC5y9sti3qGuHO1U8rhSOw8Laac7JgOGCo3FkekHe8PaFF8jSDliQnodO8rGCY36xHTQkUsQjb+5ginp/dBIAUIR3QxXsMaxP/yBLpRbvFhD3DeOJRQXWdLijTcxAxLhTIPav2WC1mwyve+Jd0djTajSBgSzPzHW5ajUBaol+dVJeCD9HqiOrUMEmcMQFZZcA+RCJdIOvkKlt/sAnhQ4RuwPmzck2RMXCQfiYn0pqpJDXmF7xWgvGDBtQKP7xLE1Hj5No2q85KjLsWu8xK99Y+j2ixfBsgdc53CR4rNplnPsFzBHOucqd+Ve0/gqZgF81RbGFV1T9Wn1XFrE0e7+EkNejKj7deRmy31PnVLcBp2NwtIkhrJ06J8hmGquwUm,iv:NJkjWL5kMHET68oR5Xp22kvkThXIp7WxRVajmTfsB5M=,tag:NSXeRItMKlOQYP4QtzMKIg==,type:str] diff --git a/system-modules/nx2site/nextcloud.nix b/system-modules/nx2site/nextcloud.nix new file mode 100644 index 0000000..4f5ef82 --- /dev/null +++ b/system-modules/nx2site/nextcloud.nix @@ -0,0 +1,26 @@ +{ config, domain, ... }: +{ + sops.secrets = { + "nx2site/nextcloud/admin-pass" = { owner = "nextcloud"; }; + "nx2site/nextcloud/db-pass" = { owner = "nextcloud"; }; + # "nx2site/nextcloud/users-pass/nx2" = { owner = "nextcloud"; }; + }; + + services = { + nextcloud = { + enable = true; + hostName = "nc.${domain}"; + https = true; + configureRedis = true; + config = { + adminpassFile = config.sops.secrets."nx2site/nextcloud/admin-pass".path; + adminuser = "nx2"; + + dbtype = "pgsql"; + # dbhost = config.services.postgresql.settings.port; # using usix socket + dbname = "nextcloud"; + dbpassFile = config.sops.secrets."nx2site/nextcloud/db-pass".path; + }; + }; + }; +} diff --git a/system-modules/nx2site/proxy.nix b/system-modules/nx2site/proxy.nix index 348d6cc..4294dac 100644 --- a/system-modules/nx2site/proxy.nix +++ b/system-modules/nx2site/proxy.nix @@ -136,6 +136,9 @@ listen = dl; locations = { "/" = { proxyPass = "http://127.0.0.1:8441"; }; }; }; + "nc.${domain}" = vh // { + # directly to nc + }; "~^(.*).${domain}$" = { listen = dl; root = "/var/nginx/webroot"; diff --git a/system-modules/postgres.nix b/system-modules/postgres.nix index 2440b23..6ab4f63 100644 --- a/system-modules/postgres.nix +++ b/system-modules/postgres.nix @@ -26,6 +26,7 @@ ensureDatabases = [ "gitea" "vaultwarden" + "nextcloud" ]; settings = { port = 5432; # default @@ -44,6 +45,10 @@ name = "vaultwarden"; ensureDBOwnership = true; } + { + name = "nextcloud"; + ensureDBOwnership = true; + } ]; }; postgresqlBackup = { diff --git a/system-modules/users.nix b/system-modules/users.nix index 7920c80..aae4f8a 100755 --- a/system-modules/users.nix +++ b/system-modules/users.nix @@ -20,6 +20,7 @@ "nginx" "adbusers" "postgres" + "nextcloud" ]; useDefaultShell = true; openssh.authorizedKeys.keys = [ From 34eba60193d77ff18cab65faf79815709a90d654 Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Thu, 2 Jan 2025 21:44:15 +0100 Subject: [PATCH 2/7] radicale --- configuration.nix | 3 ++- system-modules/nx2site/proxy.nix | 4 ++++ system-modules/nx2site/radicale.nix | 26 ++++++++++++++++++-------- system-modules/users.nix | 1 + 4 files changed, 25 insertions(+), 9 deletions(-) diff --git a/configuration.nix b/configuration.nix index a2aab43..eacb613 100644 --- a/configuration.nix +++ b/configuration.nix @@ -1,4 +1,4 @@ -{ pkgs, inputs, lib, host, ... }: +{ pkgs, inputs, host, ... }: { imports = ([ inputs.sops-nix.nixosModules.sops @@ -43,6 +43,7 @@ ./system-modules/postgres.nix ./system-modules/nx2site/proxy.nix ./system-modules/nx2site/gitea.nix + ./system-modules/nx2site/radicale.nix # ./system-modules/nx2site/nextcloud.nix ./system-modules/nx2site/vaultwarden.nix ./system-modules/nx2site/paperless.nix diff --git a/system-modules/nx2site/proxy.nix b/system-modules/nx2site/proxy.nix index 4294dac..d961d1e 100644 --- a/system-modules/nx2site/proxy.nix +++ b/system-modules/nx2site/proxy.nix @@ -136,6 +136,10 @@ listen = dl; locations = { "/" = { proxyPass = "http://127.0.0.1:8441"; }; }; }; + "dav.${domain}" = lib.mkIf config.services.radicale.enable (vh // { + listen = dl; + locations = { "/" = { proxyPass = "http://127.0.0.1:5232"; }; }; + }); "nc.${domain}" = vh // { # directly to nc }; diff --git a/system-modules/nx2site/radicale.nix b/system-modules/nx2site/radicale.nix index 811708d..65619f5 100644 --- a/system-modules/nx2site/radicale.nix +++ b/system-modules/nx2site/radicale.nix @@ -1,18 +1,28 @@ { config, domain, ... }: { sops.secrets = { - "nx2site/radicale-htpasswd" = {}; + "nx2site/radicale-htpasswd" = { + owner = "radicale"; + }; }; services = { radicale = { - server.hosts = let - port = builtins.toString 5232; - in [ "192.168.178.32:${port}" ]; - auth = { - type = "htpasswd"; - htpasswd_filename = config.sops.secrets."nx2site/radicale-htpasswd".path; - htpasswd_encryption = "bcrypt"; + # is run by user radicale + enable = true; + settings = { + server.hosts = let + port = builtins.toString 5232; + in [ + "0.0.0.0:${port}" + "${domain}:${port}" + # "192.168.178.32:${port}" + ]; + auth = { + type = "htpasswd"; + htpasswd_filename = config.sops.secrets."nx2site/radicale-htpasswd".path; + htpasswd_encryption = "bcrypt"; + }; }; }; }; diff --git a/system-modules/users.nix b/system-modules/users.nix index aae4f8a..608c20d 100755 --- a/system-modules/users.nix +++ b/system-modules/users.nix @@ -20,6 +20,7 @@ "nginx" "adbusers" "postgres" + "radicale" "nextcloud" ]; useDefaultShell = true; From d40175d4a50b3825cceca3d6c81c00e7fd30c19c Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Thu, 2 Jan 2025 21:44:27 +0100 Subject: [PATCH 3/7] 6 11 --- system-modules/boot.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/system-modules/boot.nix b/system-modules/boot.nix index 2358ed9..ec5919d 100755 --- a/system-modules/boot.nix +++ b/system-modules/boot.nix @@ -118,6 +118,7 @@ in efiSupport = true; }; }; + kernelPackages = pkgs-unstable.linuxPackages_6_11; }; }; } From 6f5f70f439040a97a8d7b5d4fc98dacfa42a5f43 Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Thu, 2 Jan 2025 21:44:37 +0100 Subject: [PATCH 4/7] new ppl pw --- sops-secrets.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/sops-secrets.yaml b/sops-secrets.yaml index 5c1119d..6c974cf 100644 --- a/sops-secrets.yaml +++ b/sops-secrets.yaml @@ -28,7 +28,7 @@ nx2site: dhparams.pem: ENC[AES256_GCM,data:wGIUlT8QHruxHvrlaUdEDU3aKkB5hvQLZXic1ryKr1hIFw9uOv1hOCOPY+QUDBzfm+DXv62hTFAeq4siAoZ0wWvQ0uBuSZZBGrfuY1ZTsTJmpgTphdHi+S4/kl/Vt7nuBlvdW8VbwU+mzmSK4UuIjuvAl0RI+q9C/BAu0tsXvKfaCkrbYwSi6pdPjToEoATPWfuCdkZUulENBIdBkTLZ6F97fgNgsXub2xOEIRxqFAzg3G2nO3Mn7rSRRJraZNIsHgBTYpSNcijDBwZpgYKjcKsochYUNzVrCuLOu5xJPUU87pmd+Rup2hpMfWyK0xtUjncvHyfctEZANqfo+RdEBg81n1WHkFb1WnWUsRh8RmcVZuA9skI5S7Xhp4L2B5IKn0XGnKLG3og9iYb9tDVQys4o5/68+jjxdm51fmRYo3FvghnyFCYkQ/tm+ClCcRSPocYDrfSf0Rvg2v9nPmMj0IrEHlzVnafiJgp3VjI9cYLNW2wKiwf0Z8dWkrtnS8G7p072+w0fklmvLrdvlLZduAwrY6gS2nMbPUz1AwjAoMmQi7sFmbkP6M/PmkVV+hNP7T9ntmC4BQr2k5/3gKZPOEPO/xeMLlla68QpDVxU06NhC0Z3d5t3YY0wIVISNZXi4fgQO0G5nvFpPyyWCvvg39gulyAwUJfFQ3erNNFTjJe7X9RjqoJvjTgFm4IaYcL64Cr49KDu6Za01g492rBCEL842o3lVmZSqOYCG3UEEsSwOxn2iROZKgorZ5dyd1n1WevM+pKTUAaucy52iLJGLISRAVv82ZkmbS5L4zMHkYxVjUnqrYIZsk6+7sRHIQ31E0YtUFdMjRYUcOwfR1u+Ox+zV1NawpKjsuhKl+DRN+Q1TXUdEumUU1pDHT/RXtNHsyYOgeCBbTs93kdhFcHgO0dh5Ou/2N8EcTzWwAYd/qyE3wMZZTggTb44xwu6h0XhaLtnAk2lZ4vXwSaozf+Vq/uxAvYLxrhx6ujKVyX/O053YsKqOPKerYoN17uO8PrKoA==,iv:e0RPF9ZtzSRBRzMtWTWY3AVGsMXxvldA2HjiW9hf97Q=,tag:eb9ACnuGR+8eqncWoKQ/pw==,type:str] vaultwarden.env: ENC[AES256_GCM,data:9LcB2B/IJ2xQCTNKtRr9bBbtFqZMGSi/9jPozmGUtMvgeVqlljpbtVgCzH62oeUQMLeKQ0SxHsQ7GDgU25X6wVZ8qMT4hzVzNYJnXljs1/ePPN+NfCsPtnBjo+jQLvhVPb8gIGpmT/ZqNMXBLNpLWu2U3RQVzwlJS2wQsP4kbR+z2nuEL/bs52qI9cNmsRTA/C8gIQHCHJby+PTh6BbXp0Wvy0xI+KHKx2qSYiVXsjowid+0h56/Ma1cqUcZlxUiDSUYmTvmgYPzigFD9jOkg1mhHRIi8iste6EDVWB0jHcKMMihd7dMZ64/UUY2y5/ardIP9jUA,iv:/EQv/PYTIHANDjbjMe/BmY6dwjok9YsYj5iKLWyu0eI=,tag:IMcJ3nle9wJANuogrJBUuQ==,type:str] radicale-htpasswd: ENC[AES256_GCM,data:P7flxa84q/SVhkV1A1aV/R6B2EqwFX0WTpHctK/Jz1yhPxRotWSH1qvJpWjAmVdtX/icWdxHSKdhbscDDEMf5EQ=,iv:Dc/bMYU9gTzHTDEpwkLx9tzeG2AEJJsj2XNxPVSd0Sc=,tag:7U91MLVKq0Ya6FuOgV44rA==,type:str] - paperless.pw: ENC[AES256_GCM,data:zuKVsJdnCSltaX9KpB5iTFAh70s4dkQo,iv:w6hyl8ueZY5MAw25IejdMdUhs90i7aPo2U+bWBwQuKY=,tag:jJPQ/vL0gtgrv3w64Y+Eqw==,type:str] + paperless.pw: ENC[AES256_GCM,data:IW63GmHCVCIebWg917VNyLjQMQ6LIg8rwg==,iv:7/kSSlWFUV0vaaMfagBM/0IxeMhZ16mYN2ZlKmKFU3Y=,tag:S0cmsYkZP6v6NbhFRiv3Sg==,type:str] nextcloud: admin-pass: ENC[AES256_GCM,data:u6k70HwxBKAom8kvUihNjwbYsOikOt4sG1U=,iv:K0XPh1NfaGhFJ0ZVOWqnihZee6uuWxr0Vu8aR0ykr30=,tag:YyxgoVUxk4YxFnDmXkBXpw==,type:str] db-pass: ENC[AES256_GCM,data:HHY1XolLvLngYQHkfFEYTEmcIR7BSpwQ,iv:hFeuULgGVq+QxzIO0dcBaSlTFP1E7B6tv7BM0EUcTQA=,tag:ZsZyKMSeRLCEB3mZUiBa6w==,type:str] @@ -85,8 +85,8 @@ sops: SHJLR3lvdlFiRmJuU25RUHFFTmpjamMKbzycdDvQBAuOiRROTZEQSnaXoPapz73L yVS9EUP25FSx/sGqRqaCefbeaybuM1aso6LDnlomv4Bib7zjugWKSw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-12-27T11:51:43Z" - mac: ENC[AES256_GCM,data:36lrv5pLVgN6Gt0n08u8/1egoBQSfR8/oBLhHmWTHUc8zD8lUrvKfoF345DVZH5KkONsbJRaa7Sf9VJwGEx/rF1Ycf539nP/iKojtuvBq5xwPvWFmU4I4JAsN32bTSsSpDffpfJjFriP9IHIRhhLQP+t0N/c9VgzYLpvu9VT28Q=,iv:pMxGD0q3h9MuNhK6WimAPklmw104DQLnDtDkOTFbZfw=,tag:W2OH4WSwprA314772r8ihA==,type:str] + lastmodified: "2024-12-28T15:07:30Z" + mac: ENC[AES256_GCM,data:/0aTAChZQYaV+JcKpzShdkN3KDLTtTgvQar+bGePHyAXjby2FTn8+Nw6N0nSSEkqP6F6CIcEsGx1Q1RqTY5op/6MgkFwxA8bl11kX0rQtz1n1nrHglxI6rh20euIpxGVVEj+3vpIgeLyrmPICQpqbuPm+ujImoMv9hxl/+HXYAE=,iv:1wqiuYMpDg3+T0NUL0CQ2CNqW2+fQHlDve+DkUwqpjs=,tag:d2za03gqiQunKMOF2V1ARA==,type:str] pgp: - created_at: "2024-06-09T19:44:41Z" enc: |- From e4d0326a7465bdf492f9f30ef12c8c90df1ef5e5 Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Sat, 4 Jan 2025 13:54:13 +0100 Subject: [PATCH 5/7] flake bump --- flake.lock | 106 ++++++++++++++++++++++++++--------------------------- 1 file changed, 53 insertions(+), 53 deletions(-) diff --git a/flake.lock b/flake.lock index 1b334d5..ee23fea 100644 --- a/flake.lock +++ b/flake.lock @@ -140,11 +140,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1733312601, - "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", + "lastModified": 1735774679, + "narHash": "sha256-soePLBazJk0qQdDVhdbM98vYdssfs3WFedcq+raipRI=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", + "rev": "f2f7418ce0ab4a5309a4596161d154cfc877af66", "type": "github" }, "original": { @@ -279,11 +279,11 @@ "zig": "zig" }, "locked": { - "lastModified": 1735271978, - "narHash": "sha256-y6Ony5eq4F4E76Y2ZhALSEzBZ4GbGRVQIEScPieCDGI=", + "lastModified": 1735943291, + "narHash": "sha256-igXLrO0AtN7+k7VaR5zaHaPhDcS3go5NZr4liVqW9g4=", "owner": "ghostty-org", "repo": "ghostty", - "rev": "a8e5eef11cc67f87f445626f9ca2993373774bf8", + "rev": "1baf8928a0bd6ccc2f49e1e9478baab71d49a018", "type": "github" }, "original": { @@ -365,11 +365,11 @@ ] }, "locked": { - "lastModified": 1734366194, - "narHash": "sha256-vykpJ1xsdkv0j8WOVXrRFHUAdp9NXHpxdnn1F4pYgSw=", + "lastModified": 1735344290, + "narHash": "sha256-oJDtWPH1oJT34RJK1FSWjwX4qcGOBRkcNQPD0EbSfNM=", "owner": "nix-community", "repo": "home-manager", - "rev": "80b0fdf483c5d1cb75aaad909bd390d48673857f", + "rev": "613691f285dad87694c2ba1c9e6298d04736292d", "type": "github" }, "original": { @@ -453,11 +453,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1735209119, - "narHash": "sha256-4KfccQtaeiu1A4Ck9XFKc+vzLWCs8HneLwE2YQT5ybc=", + "lastModified": 1735946701, + "narHash": "sha256-MpFsLND0kN2KQTulDXQCYZC1j2h6wWMJdq6SQ5riJ5M=", "ref": "refs/heads/main", - "rev": "e75e2cdac79417ffdbbbe903f72668953483a4e7", - "revCount": 5589, + "rev": "60f069d54015fec66e63f1ff7e6ff26ddb349976", + "revCount": 5625, "submodules": true, "type": "git", "url": "https://github.com/hyprwm/Hyprland" @@ -485,11 +485,11 @@ ] }, "locked": { - "lastModified": 1735295819, - "narHash": "sha256-iHDDF1kj+wX7fHGTgKaM6rli6+O8mVFNmpypo+SgnNs=", + "lastModified": 1735838245, + "narHash": "sha256-dA2s+KFo6+TmYtQoXWfxQ8XukN6JQ0I0VoraG9zD7/I=", "owner": "hyprwm", "repo": "hyprland-plugins", - "rev": "a41bcdccac7d3fe220b3a8519633f0a812da3439", + "rev": "920af33577a889772e96a067130252df5674ca8a", "type": "github" }, "original": { @@ -510,11 +510,11 @@ ] }, "locked": { - "lastModified": 1728345020, - "narHash": "sha256-xGbkc7U/Roe0/Cv3iKlzijIaFBNguasI31ynL2IlEoM=", + "lastModified": 1735734474, + "narHash": "sha256-9OV4lOqrEJVLdOrpNN/9msNwAhI6FQTu4N7fufilG08=", "owner": "hyprwm", "repo": "hyprland-protocols", - "rev": "a7c183800e74f337753de186522b9017a07a8cee", + "rev": "271df559dd30e4bc5ec6af02d017ac0aaabd63a7", "type": "github" }, "original": { @@ -587,11 +587,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1732716575, - "narHash": "sha256-OvFJCj52HuXxRrcCXrieIoiOzbeYFvDXNO8SndFiyAE=", + "lastModified": 1735862179, + "narHash": "sha256-s0Sr9t2Mu7tV1+nWm/I0BarfAwgMdtSelMXE0UHhfZw=", "owner": "h3rmt", "repo": "hyprswitch", - "rev": "2b77dbcb422123dfce9bb82d698649e9757f35e0", + "rev": "0afa2f8e8295952942ae7259c8bc5830befe9dc6", "type": "github" }, "original": { @@ -613,11 +613,11 @@ ] }, "locked": { - "lastModified": 1734796073, - "narHash": "sha256-TnuKsa8OHrSJEmHm3TLGOWbPNA1gRjmZLsRzKrCqOsg=", + "lastModified": 1735316583, + "narHash": "sha256-AiiUwHWHfEdpFzXy7l1x3zInCUa1xcRMrbZ1XRSkzwU=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "c3331116ebd0b71df5ae8c6efe9a7f94148b03bf", + "rev": "8f15d45b120b33712f6db477fe5ffb18034d0ea8", "type": "github" }, "original": { @@ -678,11 +678,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1734649271, - "narHash": "sha256-4EVBRhOjMDuGtMaofAIqzJbg4Ql7Ai0PSeuVZTHjyKQ=", + "lastModified": 1735291276, + "narHash": "sha256-NYVcA06+blsLG6wpAbSPTCyLvxD/92Hy4vlY9WxFI1M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d70bd19e0a38ad4790d3913bf08fcbfc9eeca507", + "rev": "634fd46801442d760e09493a794c4f15db2d0cbb", "type": "github" }, "original": { @@ -694,11 +694,11 @@ }, "nixpkgs-latest": { "locked": { - "lastModified": 1735297674, - "narHash": "sha256-yhczVSNtAqhqXt98OEqhMESBUI5nxhXGv5OvEehIuGE=", + "lastModified": 1735994357, + "narHash": "sha256-I41lP5N2rrROxlJ5hlv8LR8TpcvZ9P7LfzBGNZSKGpc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8d86075fcb37f3bac822923a5adc63e3f6bdfb70", + "rev": "a8f36e39dcd9ac6f76c9ca5a9856401fd322d464", "type": "github" }, "original": { @@ -710,14 +710,14 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1733096140, - "narHash": "sha256-1qRH7uAUsyQI7R1Uwl4T+XvdNv778H0Nb5njNrqvylY=", + "lastModified": 1735774519, + "narHash": "sha256-CewEm1o2eVAnoqb6Ml+Qi9Gg/EfNAxbRx1lANGVyoLI=", "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/5487e69da40cbd611ab2cadee0b4637225f7cfae.tar.gz" + "url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz" }, "original": { "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/5487e69da40cbd611ab2cadee0b4637225f7cfae.tar.gz" + "url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz" } }, "nixpkgs-stable": { @@ -786,11 +786,11 @@ }, "nixpkgs-unstable_2": { "locked": { - "lastModified": 1734649271, - "narHash": "sha256-4EVBRhOjMDuGtMaofAIqzJbg4Ql7Ai0PSeuVZTHjyKQ=", + "lastModified": 1735834308, + "narHash": "sha256-dklw3AXr3OGO4/XT1Tu3Xz9n/we8GctZZ75ZWVqAVhk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d70bd19e0a38ad4790d3913bf08fcbfc9eeca507", + "rev": "6df24922a1400241dae323af55f30e4318a6ca65", "type": "github" }, "original": { @@ -801,11 +801,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1711588226, - "narHash": "sha256-nd7goEu+nH/WZ/uCxvbWzSYqzZZn25kWTeKfANOhCjU=", + "lastModified": 1735831304, + "narHash": "sha256-92A/Zr8UzZzlFYmkgO3HAgX/Cr53eodgNyvJA+Ibkz0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7232f19f7fb710e3554cafaa9d8e93cff8273b59", + "rev": "0725951bfc4bbc2efff3a537837ca13159b4aec9", "type": "github" }, "original": { @@ -832,11 +832,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1735141468, - "narHash": "sha256-VIAjBr1qGcEbmhLwQJD6TABppPMggzOvqFsqkDoMsAY=", + "lastModified": 1735922141, + "narHash": "sha256-vk0xwGZSlvZ/596yxOtsk4gxsIx2VemzdjiU8zhjgWw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4005c3ff7505313cbc21081776ad0ce5dfd7a3ce", + "rev": "d29ab98cd4a70a387b8ceea3e930b3340d41ac5a", "type": "github" }, "original": { @@ -1003,11 +1003,11 @@ ] }, "locked": { - "lastModified": 1734546875, - "narHash": "sha256-6OvJbqQ6qPpNw3CA+W8Myo5aaLhIJY/nNFDk3zMXLfM=", + "lastModified": 1735844895, + "narHash": "sha256-CIRlqX9tBK2awJkmVu2cKuap/0QziDXStQZ/u/+e8Z4=", "owner": "Mic92", "repo": "sops-nix", - "rev": "ed091321f4dd88afc28b5b4456e0a15bd8374b4d", + "rev": "24d89184adf76d7ccc99e659dc5f3838efb5ee32", "type": "github" }, "original": { @@ -1154,11 +1154,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1735141702, - "narHash": "sha256-iJ/my2mra0Ze4SegMoD+vJuKv1ikZiKTygA32/Qof9I=", + "lastModified": 1735863514, + "narHash": "sha256-9aoPsRhJ6Db2khf/wf+AlR+J1dlWLg5sFNMv3k5NPmg=", "owner": "sxyazi", "repo": "yazi", - "rev": "d754ac5dac10e7ad38243552711828ab1e9f25f4", + "rev": "7d993c1517cfeffa6938e8056431e235f2dee186", "type": "github" }, "original": { @@ -1178,11 +1178,11 @@ "systems": "systems_6" }, "locked": { - "lastModified": 1734294375, - "narHash": "sha256-Q9EyfyeNCVKObybaevMydHzoR3v1gARqVkwFKHKTH84=", + "lastModified": 1735511552, + "narHash": "sha256-SCa+e+Iw923KmC7UJR/v61GMfTILucgCpjxbsbjGBNg=", "owner": "lordkekz", "repo": "nix-yazi-plugins", - "rev": "5c42e2a33030c29801681102e89c8dc813e810aa", + "rev": "505536399cab575b3baa6cfb7bba39edfd38bf5d", "type": "github" }, "original": { From 89fa46aa6de88db66b89dd22de31962d112468d1 Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Sun, 19 Jan 2025 11:43:15 +0100 Subject: [PATCH 6/7] calendar ++ --- home-modules/calendar.nix | 113 +++++++++++++++++++++--------------- system-modules/calendar.nix | 5 ++ 2 files changed, 70 insertions(+), 48 deletions(-) create mode 100644 system-modules/calendar.nix diff --git a/home-modules/calendar.nix b/home-modules/calendar.nix index aa168c1..27069f5 100644 --- a/home-modules/calendar.nix +++ b/home-modules/calendar.nix @@ -1,81 +1,98 @@ -{ config, lib, user, secrets, domain, ... }: let +{ pkgs, lib, user, secrets, domain, ... }: let calendars = [ { name = "Preservation"; primary = true; - url = "https://dav.${domain}/nx2/preservation/"; + url = "https://dav.${domain}/${user}/preservation/"; color = "#dddddd"; } { name = "Effort"; - primary = false; - url = "https://dav.${domain}/nx2/effort/"; + url = "https://dav.${domain}/${user}/effort/"; color = "#dd2222"; } { name = "Experience"; - primary = false; - url = "https://dav.${domain}/nx2/experience/"; + url = "https://dav.${domain}/${user}/experience/"; color = "#2222dd"; } { name = "Exposure"; - primary = false; - url = "https://dav.${domain}/nx2/exposure/"; + url = "https://dav.${domain}/${user}/exposure/"; color = "#22aa22"; } { name = "Engagement"; - primary = false; - url = "https://dav.${domain}/nx2/engagement/"; + url = "https://dav.${domain}/${user}/engagement/"; color = "#8800CC"; } + { + name = "Sleep as Android"; + url = secrets.calendar.sleep-as-android-url; + color = "#111111"; + read-only = true; + type = "ics"; + } + { + name = "LEC"; + url = "https://zlypher.github.io/lol-events/cal/league-of-legends-lec.ical"; + color = "#A87000"; + read-only = true; + type = "ics"; + } + { + name = "Handball Männer"; + url = "http://i.cal.to/ical/108/dhb/handball-nationalmannschaft/c687e97f.bc7c3eb6-11a0e356.ics"; + color = "#880023"; + read-only = true; + type = "ics"; + } ]; + default_set = { + # name = + # url = + color = "#777777"; + read-only = false; + primary = false; + type = "caldav"; + }; in { + + home.packages = with pkgs; [ + gnome-calendar + thunderbird + ]; + accounts.calendar.accounts = let - makeCalendar = url: primary: color: { + transform_caledar_set = calendar_set: with calendar_set; { # transform set for accounts.calendar.accounts endpoint inherit primary; remote = { - type = "caldav"; - userName = user; - inherit url; + inherit url name; + userName = user; # my globally set username }; }; - m = cc: lib.attrsets.mergeAttrsList ( map (c: { "${c.name}" = makeCalendar c.url c.primary c.color;}) cc ); - in m calendars; - - - # TODO: Replace this once https://github.com/nix-community/home-manager/pull/5484 is merged. - # Make sure it works, though, including the order of calendars. - programs.thunderbird.settings = let - - makeThunderbirdCalendar = cal: let - calendarAccountSafeName = (builtins.replaceStrings ["."] ["-"]) cal.name; - in { - "calendar.registry.${calendarAccountSafeName}.cache.enabled" = true; - "calendar.registry.${calendarAccountSafeName}.calendar-main-default" = cal.primary; - "calendar.registry.${calendarAccountSafeName}.calendar-main-in-composite" = true; - "calendar.registry.${calendarAccountSafeName}.color" = cal.color; - "calendar.registry.${calendarAccountSafeName}.name" = cal.name; - "calendar.registry.${calendarAccountSafeName}.type" = "caldav"; - "calendar.registry.${calendarAccountSafeName}.uri" = config.accounts.calendar.accounts.${cal.name}.remote.url; - "calendar.registry.${calendarAccountSafeName}.username" = config.accounts.calendar.accounts.${cal.name}.remote.userName; - }; in lib.attrsets.mergeAttrsList ( - map (cal: makeThunderbirdCalendar cal) calendars + map (calendar: { + "${calendar.name}" = transform_caledar_set ( default_set // calendar ); + }) calendars + ); + + programs.thunderbird.settings = let + to_safe_name = name: (builtins.replaceStrings ["."] ["-"]) name; + in (lib.attrsets.mergeAttrsList ( + map (calendar: with ( default_set // calendar ); { + "calendar.registry.${to_safe_name calendar.name}.cache.enabled" = true; + "calendar.registry.${to_safe_name calendar.name}.calendar-main-default" = primary; + "calendar.registry.${to_safe_name calendar.name}.calendar-main-in-composite" = true; + "calendar.registry.${to_safe_name calendar.name}.color" = color; + "calendar.registry.${to_safe_name calendar.name}.name" = name; + "calendar.registry.${to_safe_name calendar.name}.type" = type; + "calendar.registry.${to_safe_name calendar.name}.uri" = url; + "calendar.registry.${to_safe_name calendar.name}.username" = user; + "calendar.registry.${to_safe_name calendar.name}.readOnly" = read-only; + }) calendars ) // { - - "calendar.registry.sleep-as-android.cache.enabled" = true; - "calendar.registry.sleep-as-android.calendar-main-in-composite" = true; - "calendar.registry.sleep-as-android.color" = "#222233"; - "calendar.registry.sleep-as-android.name" = "Sleep As Android"; - "calendar.registry.sleep-as-android.type" = "ics"; - "calendar.registry.sleep-as-android.readOnly" = true; - "calendar.registry.sleep-as-android.uri" = secrets.calendar.sleep-as-android-url; - - "calendar.list.sortOrder" = lib.fold (cal: acc: cal.name + " " + acc) "" calendars; - - # Keep these after removing the above. + "calendar.list.sortOrder" = lib.fold (calendar: acc: calendar.name + " " + acc) "" calendars; "calendar.week.start" = 1; - }; + }); } diff --git a/system-modules/calendar.nix b/system-modules/calendar.nix new file mode 100644 index 0000000..00b81e3 --- /dev/null +++ b/system-modules/calendar.nix @@ -0,0 +1,5 @@ +{ ... }: +{ + programs.dconf.enable = true; + services.gnome.evolution-data-server.enable = true; +} From 94559de7ae3ae05be45454935bb3c5b2cd31e18e Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Sun, 19 Jan 2025 11:43:24 +0100 Subject: [PATCH 7/7] better thunderbird css --- home-modules/email.nix | 55 ++++++++++++++++++++++++++++++++++-------- 1 file changed, 45 insertions(+), 10 deletions(-) diff --git a/home-modules/email.nix b/home-modules/email.nix index 36e9a98..374837d 100755 --- a/home-modules/email.nix +++ b/home-modules/email.nix @@ -5,7 +5,6 @@ lib.mkIf (host != "NxACE") thunderbird ]; - programs.thunderbird = let inherit (lib.generators) toJSON; extensions = toJSON {} { @@ -41,20 +40,56 @@ lib.mkIf (host != "NxACE") "mailnews.headers.showUserAgent" = true; "toolkit.legacyUserProfileCustomizations.stylesheets" = true; }; - # userChrome = with rice.color; /* css */ '' - # * { - # color: ${foreground} !important; - # background-color: rgba(${rice.lib.hex-to-rgb-comma-string background},${builtins.toString 0.1}) !important; - # border: none !important; - # -moz-appearance: none !important; - # } - # ''; + userChrome = with rice.color; /* css */ '' + body, + #navigation-toolbox, + #calendarContent, + #calSidebar, + #tabpanelcontainer, + #spacesToolbar, + #tabs-toolbar, + #calMinimonth, + #primaryButtonSidePanel *, + .minimonth-week, + .multiday-header-corner, .day-column-heading, calendar-header-container, calendar-event-column, .multiday-hour-box, + #view-box, + #tabs-toolbar, + #status-bar, + .calview-toggle, + #calview-toggle-item, + #folderPaneHeaderBar, + #folderPane, + #threadPaneHeaderBar, + #threadTree, + #tabs-toolbar { + color: ${foreground} !important; + font-family: ${rice.font.base.name} !important; + background-color: transparent !important; + background-image: none !important; + border: none !important; + -moz-appearance: none !important; + } + .minimonth-nav-section { + background-color: rgba(${rice.lib.hex-to-rgb-comma-string background},${builtins.toString rice.transparency}) !important; + border: ${builtins.toString rice.border-width}px solid ${border}; + } + .button, + .button-primary, + .tab-content[selected] { + background-color: ${accent.base}; + color: ${background}; + background-image: none; + } + html { + background-color: rgba(${rice.lib.hex-to-rgb-comma-string background},${builtins.toString rice.transparency}) !important; + } + ''; }; }; }; - accounts.email.accounts = let + accounts.email.accounts = let OAuth2Settings = id: { "mail.smtpserver.smtp_${id}.authMethod" = 10; "mail.server.server_${id}.authMethod" = 10;