sam
/
nixos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added github access token to nix.conf

This commit is contained in:
Sam 2024-06-17 20:20:33 +01:00
parent fd20921d1e
commit f6304cf25f
4 changed files with 184 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

206
flake.lock
View File

@ -45,11 +45,11 @@
]
},
"locked": {
"lastModified": 1718242063,
"narHash": "sha256-n3AWItJ4a94GT0cray/eUV7tt3mulQ52L+lWJN9d1E8=",
"lastModified": 1718588625,
"narHash": "sha256-8ZbrJq1jcmyzJ4SDkvd8JOZD4/fNUHpL4cpqVe4w3CU=",
"owner": "nix-community",
"repo": "disko",
"rev": "832a9f2c81ff3485404bd63952eadc17bf7ccef2",
"rev": "8262659fc990cecdf6a8de74c3de7b6ec58c2276",
"type": "github"
},
"original": {
@ -147,7 +147,25 @@
},
"flake-utils_3": {
"inputs": {
"systems": "systems_3"
"systems": "systems_4"
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_4": {
"inputs": {
"systems": "systems_5"
},
"locked": {
"lastModified": 1710146030,
@ -219,11 +237,11 @@
]
},
"locked": {
"lastModified": 1718243258,
"narHash": "sha256-abBpj2VU8p6qlRzTU8o22q68MmOaZ4v8zZ4UlYl5YRU=",
"lastModified": 1718526747,
"narHash": "sha256-sKrD/utGvmtQALvuDj4j0CT3AJXP1idOAq2p+27TpeE=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "8d5e27b4807d25308dfe369d5a923d87e7dbfda3",
"rev": "0a7ffb28e5df5844d0e8039c9833d7075cdee792",
"type": "github"
},
"original": {
@ -309,6 +327,27 @@
}
},
"nix-github-actions": {
"inputs": {
"nixpkgs": [
"poetry2nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1703863825,
"narHash": "sha256-rXwqjtwiGKJheXB43ybM8NwWB8rO2dSRrEqes0S7F5Y=",
"owner": "nix-community",
"repo": "nix-github-actions",
"rev": "5163432afc817cf8bd1f031418d1869e4c9d5547",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-github-actions",
"type": "github"
}
},
"nix-github-actions_2": {
"inputs": {
"nixpkgs": [
"sqlfmt",
@ -333,11 +372,11 @@
"nix-secrets": {
"flake": false,
"locked": {
"lastModified": 1717864759,
"narHash": "sha256-DUtmDvpNyOZG+UDONTBfRiAdCaI7E1ngVhmUOAjj3wg=",
"lastModified": 1718651801,
"narHash": "sha256-YoYeg48dhvHzwcwb+TJMv4vlB4tcics9u6N/kXxfUYA=",
"ref": "refs/heads/master",
"rev": "81aff439158dc6bb21251dc3be672db671e4a519",
"revCount": 89,
"rev": "e02bf3cecdb9a49e9cc9e777b8406f5ab28a2566",
"revCount": 94,
"type": "git",
"url": "ssh://git@git.bitlab21.com/sam/nix-secrets.git"
},
@ -375,11 +414,11 @@
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1717880976,
"narHash": "sha256-BRvSCsKtDUr83NEtbGfHLUOdDK0Cgbezj2PtcHnz+sQ=",
"lastModified": 1718478900,
"narHash": "sha256-v43N1gZLcGkhg3PdcrKUNIZ1L0FBzB2JqhIYEyKAHEs=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4913a7c3d8b8d00cb9476a6bd730ff57777f740c",
"rev": "c884223af91820615a6146af1ae1fea25c107005",
"type": "github"
},
"original": {
@ -407,11 +446,27 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1718376599,
"narHash": "sha256-cTFGqLYTrIxORc673fUUCecQVXiXHDj6Z8vFQ5K4SDg=",
"lastModified": 1718541509,
"narHash": "sha256-TmC5TxW5WPAfmovDzi1hLe1i4qqND79s9SH9UOKcSvo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3bac01780f87646b70326db70920902bc4d49fab",
"rev": "ba06293cdba1c94af9710024abf3b94cf8d76349",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable-small",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1718632497,
"narHash": "sha256-YtlyfqOdYMuu7gumZtK0Kg7jr4OKfHUhJkZfNUryw68=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c58b4a9118498c1055c5908a5bbe666e56abe949",
"type": "github"
},
"original": {
@ -435,11 +490,11 @@
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1718376125,
"narHash": "sha256-NIJZxmY2CWsqJK/9BQCRSHfcCY9K6thjq/1XtJobxmU=",
"lastModified": 1718614971,
"narHash": "sha256-ID/Fvvd9Bz01gpm36mIfjoqXIknb2WkacSukW75cRNw=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "7a2a25af02be25987aa43cd681312f4b5ba12317",
"rev": "b822078ec1b2bbf666af767061e29575edc5ec05",
"type": "github"
},
"original": {
@ -450,11 +505,11 @@
},
"nur": {
"locked": {
"lastModified": 1718398470,
"narHash": "sha256-47JT0Za+js92ci0GhStCY21UiEB3MU4cBYoCVmpfudA=",
"lastModified": 1718649005,
"narHash": "sha256-1Aw+JgGQK6e9MZdV4cbO1d3GRvYRKbwOvmet5gSFwvE=",
"owner": "nix-community",
"repo": "NUR",
"rev": "c6325c8dee7dd1f58e1b4884672c670d6b541845",
"rev": "d4bfad4cd8a5c44bb469f95f20e6eb4799145046",
"type": "github"
},
"original": {
@ -465,21 +520,43 @@
},
"poetry2nix": {
"inputs": {
"flake-utils": "flake-utils_3",
"flake-utils": "flake-utils_2",
"nix-github-actions": "nix-github-actions",
"nixpkgs": "nixpkgs_2",
"systems": "systems_3",
"treefmt-nix": "treefmt-nix_2"
},
"locked": {
"lastModified": 1718647444,
"narHash": "sha256-RzTDK86nI7yzSrOCYy+jPW+7LZigJm1WnFULNdOXblU=",
"owner": "nix-community",
"repo": "poetry2nix",
"rev": "d3e889d71b028f61ff6a587cfe437bde16cf8ac1",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "poetry2nix",
"type": "github"
}
},
"poetry2nix_2": {
"inputs": {
"flake-utils": "flake-utils_4",
"nix-github-actions": "nix-github-actions_2",
"nixpkgs": [
"sqlfmt",
"nixpkgs"
],
"systems": "systems_4",
"treefmt-nix": "treefmt-nix_2"
"systems": "systems_6",
"treefmt-nix": "treefmt-nix_3"
},
"locked": {
"lastModified": 1718285706,
"narHash": "sha256-DScsBM+kZvxOva7QegfdtleebMXh30XPxDQr/1IGKYo=",
"lastModified": 1718647444,
"narHash": "sha256-RzTDK86nI7yzSrOCYy+jPW+7LZigJm1WnFULNdOXblU=",
"owner": "nix-community",
"repo": "poetry2nix",
"rev": "a5be1bbbe0af0266147a88e0ec43b18c722f2bb9",
"rev": "d3e889d71b028f61ff6a587cfe437bde16cf8ac1",
"type": "github"
},
"original": {
@ -499,6 +576,7 @@
"nixpkgs-unstable": "nixpkgs-unstable",
"nixvim": "nixvim",
"nur": "nur",
"poetry2nix": "poetry2nix",
"sops-nix": "sops-nix",
"sqlfmt": "sqlfmt"
}
@ -511,11 +589,11 @@
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1718137936,
"narHash": "sha256-psA+1Q5fPaK6yI3vzlLINNtb6EeXj111zQWnZYyJS9c=",
"lastModified": 1718506969,
"narHash": "sha256-Pm9I/BMQHbsucdWf6y9G3xBZh3TMlThGo4KBbeoeczg=",
"owner": "mic92",
"repo": "sops-nix",
"rev": "c279dec105dd53df13a5e57525da97905cc0f0d6",
"rev": "797ce4c1f45a85df6dd3d9abdc53f2691bea9251",
"type": "github"
},
"original": {
@ -526,9 +604,9 @@
},
"sqlfmt": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_2",
"poetry2nix": "poetry2nix"
"flake-utils": "flake-utils_3",
"nixpkgs": "nixpkgs_3",
"poetry2nix": "poetry2nix_2"
},
"locked": {
"dir": "sqlfmt",
@ -577,6 +655,20 @@
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"id": "systems",
"type": "indirect"
}
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
@ -591,7 +683,22 @@
"type": "github"
}
},
"systems_4": {
"systems_5": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_6": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
@ -627,6 +734,27 @@
}
},
"treefmt-nix_2": {
"inputs": {
"nixpkgs": [
"poetry2nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1718522839,
"narHash": "sha256-ULzoKzEaBOiLRtjeY3YoGFJMwWSKRYOic6VNw2UyTls=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "68eb1dc333ce82d0ab0c0357363ea17c31ea1f81",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"treefmt-nix_3": {
"inputs": {
"nixpkgs": [
"sqlfmt",
@ -635,11 +763,11 @@
]
},
"locked": {
"lastModified": 1717850719,
"narHash": "sha256-npYqVg+Wk4oxnWrnVG7416fpfrlRhp/lQ6wQ4DHI8YE=",
"lastModified": 1718522839,
"narHash": "sha256-ULzoKzEaBOiLRtjeY3YoGFJMwWSKRYOic6VNw2UyTls=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "4fc1c45a5f50169f9f29f6a98a438fb910b834ed",
"rev": "68eb1dc333ce82d0ab0c0357363ea17c31ea1f81",
"type": "github"
},
"original": {

3
flake.nix
View File

@ -10,6 +10,7 @@
# Import personal packages repo
sqlfmt.url = "git+https://git.bitlab21.com/sam/flake-packages?dir=sqlfmt";
poetry2nix.url = "github:nix-community/poetry2nix";
# Home manager
home-manager = {
@ -55,6 +56,7 @@
{ self
, nixpkgs
, home-manager
, poetry2nix
, ...
} @ inputs:
let
@ -66,6 +68,7 @@
specialArgs = { inherit inputs outputs; };
in
{
poetry2nix = forAllSystems (system: nixpkgs.legacyPackages.${system}.extend poetry2nix.overlays.default);
packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});
formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra);
overlays = import ./overlays { inherit inputs; };

9
hosts/common/users/sam/default.nix
View File

@ -35,6 +35,9 @@ in
mode = "0644";
owner = "${username}";
};
"github-access-token" = {
mode = "0655";
};
"software/postgres/btc_models/password" = { };
"software/postgres/btc_models/ip" = { };
"software/postgres/btc_models/username" = { };
@ -95,6 +98,12 @@ in
'';
};
nix = {
extraOptions = ''
experimental-features = nix-command flakes
!include ${config.sops.secrets.github-access-token.path}
'';
};
# The containing folders are created as root and if this is the first entry when writing files,
# the ownership is busted and home-manager can't target because it can't write to these dirs...
# FIXME: We might not need this depending on how https://github.com/Mic92/sops-nix/issues/381 is fixed