+12 -12

flake.lock

Reviewed

··· 149 149 ] 150 150 }, 151 151 "locked": { 152 152 - "lastModified": 1778535464, 153 153 - "narHash": "sha256-kkUQYSv70wynJ/DfnGals6r98I6bK3CVNVTN1zbAd7Y=", 152 152 + "lastModified": 1778681890, 153 153 + "narHash": "sha256-RK4sTgei29wBzLu+e4ljeixKutWhbMygFsdxdFKpZOU=", 154 154 "owner": "nix-community", 155 155 "repo": "home-manager", 156 156 - "rev": "b659c7ffd40fc9e3bb60d420c79c67e769b9f4ab", 156 156 + "rev": "7654d90b94bab7eba3a52fd6f73b3f5a4c544fa2", 157 157 "type": "github" 158 158 }, 159 159 "original": { ··· 347 347 }, 348 348 "nixpkgs-unstable": { 349 349 "locked": { 350 350 - "lastModified": 1777954456, 351 351 - "narHash": "sha256-hGdgeU2Nk87RAuZyYjyDjFL6LK7dAZN5RE9+hrDTkDU=", 350 350 + "lastModified": 1778443072, 351 351 + "narHash": "sha256-zi7/fsqM/kFdNuED//4WOCUtezGtKKqRNORjMvfwjnA=", 352 352 "owner": "NixOS", 353 353 "repo": "nixpkgs", 354 354 - "rev": "549bd84d6279f9852cae6225e372cc67fb91a4c1", 354 354 + "rev": "da5ad661ba4e5ef59ba743f0d112cbc30e474f32", 355 355 "type": "github" 356 356 }, 357 357 "original": { ··· 379 379 }, 380 380 "nixpkgs_3": { 381 381 "locked": { 382 382 - "lastModified": 1778491576, 383 383 - "narHash": "sha256-9YOHDS9ANGbRmf3DSQ9UCvas3CyYNIBwBkKGQZTLXGY=", 382 382 + "lastModified": 1778672786, 383 383 + "narHash": "sha256-Blg88K1jwG+P0Mr27+rKMFCufdrWkV3wWh9AdYtz0FQ=", 384 384 "owner": "NixOS", 385 385 "repo": "nixpkgs", 386 386 - "rev": "1174f92bf37f1a5914be77e1b44482d6fbc75ecc", 386 386 + "rev": "eef00dfd8a712b34af845f9350bac681b1228bd1", 387 387 "type": "github" 388 388 }, 389 389 "original": { ··· 449 449 "rust-overlay": "rust-overlay" 450 450 }, 451 451 "locked": { 452 452 - "lastModified": 1778516532, 453 453 - "narHash": "sha256-dQbo3Mi96T4NP7PLRa879CAP+YB6lyQgRG/7Vkd3IYo=", 452 452 + "lastModified": 1778678204, 453 453 + "narHash": "sha256-WEaIll70Op4SFnWThSj2AFYGDgsUOYEeb7xaatZ9qUU=", 454 454 "owner": "roc-lang", 455 455 "repo": "roc", 456 456 - "rev": "ae055dbfb05c17d433ae9b3e59db81358deccced", 456 456 + "rev": "f417b5b66cf83a25d7203d162a99ba59c9b4554c", 457 457 "type": "github" 458 458 }, 459 459 "original": {

+2 -2

lily/config.nix

Reviewed

··· 52 52 ../modules/services/tangled.nix 53 53 ]; 54 54 55 55 - garden = { 55 55 + cafe = { 56 56 caddy.package = { 57 57 plugins = [ 58 58 "github.com/mholt/caddy-events-exec@v0.1.0" 59 59 "github.com/mholt/caddy-l4@v0.1.0" 60 60 ]; 61 61 - hash = "sha256-ojF6LM0mYn4B41qtQP3KQ/5j07DAb8OEec5I8F65H88="; 61 61 + hash = "sha256-Ydl13h8YlY5lP8+LYn8RQ6q/Cx1LgH/ZJIAlWIJRoVw="; 62 62 }; 63 63 info.host.server = true; 64 64 };

+1 -1

lily/services/fail2ban.nix

Reviewed

··· 1 1 { config, ... }: 2 2 { 3 3 # Since this server is on my local network, I'm also ignoring my local ip 4 4 - services.fail2ban.ignoreIP = [ config.garden.info.network.lutea.ipv4-local ]; 4 4 + services.fail2ban.ignoreIP = [ config.cafe.info.network.lutea.ipv4-local ]; 5 5 }

+1 -1

modules/browsers.nix

Reviewed

··· 1 1 { pkgs, ... }: 2 2 { 3 3 - garden.unfree = [ 3 3 + cafe.unfree = [ 4 4 "firefox-bin" 5 5 "firefox-bin-unwrapped" 6 6 "google-chrome"

+5 -5

modules/caddy.nix

Reviewed

··· 5 5 ... 6 6 }: 7 7 { 8 8 - options.garden.caddy = { 8 8 + options.cafe.caddy = { 9 9 package = { 10 10 plugins = lib.mkOption { 11 11 type = lib.types.listOf lib.types.str; ··· 28 28 config = { 29 29 services.caddy = { 30 30 package = pkgs.caddy.withPlugins { 31 31 - plugins = config.garden.caddy.package.plugins; 32 32 - hash = config.garden.caddy.package.hash; 31 31 + plugins = config.cafe.caddy.package.plugins; 32 32 + hash = config.cafe.caddy.package.hash; 33 33 }; 34 34 - globalConfig = lib.mkIf (config.garden.caddy.layer4 != "") '' 34 34 + globalConfig = lib.mkIf (config.cafe.caddy.layer4 != "") '' 35 35 layer4 { 36 36 - ${config.garden.caddy.layer4} 36 36 + ${config.cafe.caddy.layer4} 37 37 } 38 38 ''; 39 39 };

+1 -1

modules/containers.nix

Reviewed

··· 1 1 { lib, ... }: 2 2 { 3 3 - options.garden.container = lib.mkOption { 3 3 + options.cafe.container = lib.mkOption { 4 4 description = "Container configuration"; 5 5 type = 6 6 with lib.types;

+2 -2

modules/fail2ban.nix

Reviewed

··· 12 12 rndtime = "1h"; 13 13 }; 14 14 ignoreIP = [ 15 15 - (lib.mkIf (config.networking.hostName != "lily") config.garden.info.network.lily.netbird-ip) 16 16 - (lib.mkIf (config.networking.hostName != "lutea") config.garden.info.network.lutea.netbird-ip) 15 15 + (lib.mkIf (config.networking.hostName != "lily") config.cafe.info.network.lily.netbird-ip) 16 16 + (lib.mkIf (config.networking.hostName != "lutea") config.cafe.info.network.lutea.netbird-ip) 17 17 ]; 18 18 maxretry = 1; 19 19 };

+1 -1

modules/games.nix

Reviewed

··· 2 2 { 3 3 imports = [ ./unfree.nix ]; 4 4 5 5 - garden.unfree = [ 5 5 + cafe.unfree = [ 6 6 "modrinth-app" 7 7 "modrinth-app-unwrapped" 8 8 "steam"

+2 -1

modules/gui.nix

Reviewed

··· 1 1 { pkgs, ... }: 2 2 { 3 3 imports = [ ./machine-info.nix ]; 4 4 - garden = { 4 4 + 5 5 + cafe = { 5 6 info.host.gui = true; 6 7 unfree = [ "aspell-dict-en-science" ]; 7 8 };

+1 -1

modules/machine-info.nix

Reviewed

··· 1 1 { lib, ... }: 2 2 { 3 3 - options.garden.info.host = { 3 3 + options.cafe.info.host = { 4 4 gui = lib.mkOption { 5 5 type = with lib.types; bool; 6 6 default = false;

+2 -2

modules/network-info.nix

Reviewed

··· 1 1 { lib, ... }: 2 2 { 3 3 - options.garden.info.network = lib.mkOption { 3 3 + options.cafe.info.network = lib.mkOption { 4 4 description = "Information about every host in the network."; 5 5 type = 6 6 with lib.types; ··· 41 41 ); 42 42 }; 43 43 44 44 - config.garden.info.network = builtins.fromJSON (builtins.readFile ../hidden/network.json); 44 44 + config.cafe.info.network = builtins.fromJSON (builtins.readFile ../hidden/network.json); 45 45 }

+2 -2

modules/qbittorrent.nix

Reviewed

··· 48 48 ]; 49 49 }; 50 50 51 51 - garden.container.vpn.config = [ 51 51 + cafe.container.vpn.config = [ 52 52 { 53 53 networking.firewall.allowedTCPPorts = [ 8082 ]; 54 54 ··· 115 115 AuthSubnetWhitelistEnabled = true; 116 116 AuthSubnetWhitelist = lib.strings.join ", " [ 117 117 "192.168.2.1/32" 118 118 - (lib.optionalString (config.networking.hostName == "lily") "${config.garden.info.network.lutea.netbird-ip}/32") 118 118 + (lib.optionalString (config.networking.hostName == "lily") "${config.cafe.info.network.lutea.netbird-ip}/32") 119 119 ]; 120 120 }; 121 121 };

+4 -4

modules/remote-build-machines.nix

Reviewed

··· 35 35 programs.ssh = { 36 36 knownHosts = { 37 37 nixremote-lily = { 38 38 - hostNames = [ config.garden.info.network.lily.netbird-ip ]; 38 38 + hostNames = [ config.cafe.info.network.lily.netbird-ip ]; 39 39 publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINaReNM+eSIzbZvqahaAlanf0z89rJQIYWx/rlaS4f1Y"; 40 40 }; 41 41 nixremote-lutea = { 42 42 - hostNames = [ config.garden.info.network.lutea.netbird-ip ]; 42 42 + hostNames = [ config.cafe.info.network.lutea.netbird-ip ]; 43 43 publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICNMTxa2zRmHIXt3ARlCplboWRdCsAmDlN8gDLik4vNs"; 44 44 }; 45 45 }; ··· 58 58 ''; 59 59 in 60 60 '' 61 61 - ${mkSshConfig "lily" config.garden.info.network.lily.netbird-ip} 62 62 - ${mkSshConfig "lutea" config.garden.info.network.lutea.netbird-ip} 61 61 + ${mkSshConfig "lily" config.cafe.info.network.lily.netbird-ip} 62 62 + ${mkSshConfig "lutea" config.cafe.info.network.lutea.netbird-ip} 63 63 ''; 64 64 }; 65 65 }

+1 -1

modules/remote-builder.nix

Reviewed

··· 25 25 nix.settings.trusted-users = [ "nixremote" ]; 26 26 27 27 services.openssh.settings.AllowUsers = [ 28 28 - (lib.mkIf (config.networking.hostName != "lily") "nixremote@${config.garden.info.network.lily.netbird-ip}") 28 28 + (lib.mkIf (config.networking.hostName != "lily") "nixremote@${config.cafe.info.network.lily.netbird-ip}") 29 29 ]; 30 30 }

+1 -1

modules/services/caddy/soju.nix

Reviewed

··· 7 7 reverse_proxy [::1]:8081 8 8 ''; 9 9 10 10 - garden.caddy.layer4 = '' 10 10 + cafe.caddy.layer4 = '' 11 11 [::]:6697 { 12 12 route { 13 13 tls {

+1 -1

modules/services/minecraft/default.nix

Reviewed

··· 3 3 imports = [ nix-minecraft.nixosModules.minecraft-servers ]; 4 4 nixpkgs.overlays = [ nix-minecraft.overlay ]; 5 5 6 6 - garden.unfree = [ "minecraft-server" ]; 6 6 + cafe.unfree = [ "minecraft-server" ]; 7 7 8 8 environment.persistence."/data/persistent".directories = [ 9 9 {

+3 -3

modules/services/openssh.nix

Reviewed

··· 7 7 ]; 8 8 9 9 services.openssh.settings.AllowUsers = [ 10 10 - "mou@${config.garden.info.network.lutea.netbird-ip}" 11 11 - (lib.mkIf (config.networking.hostName == "lily") "mou@${config.garden.info.network.lutea.ipv6}") 12 12 - (lib.mkIf (config.networking.hostName == "lily") "mou@${config.garden.info.network.lutea.ipv4-local}") 10 10 + "mou@${config.cafe.info.network.lutea.netbird-ip}" 11 11 + (lib.mkIf (config.networking.hostName == "lily") "mou@${config.cafe.info.network.lutea.ipv6}") 12 12 + (lib.mkIf (config.networking.hostName == "lily") "mou@${config.cafe.info.network.lutea.ipv4-local}") 13 13 ]; 14 14 }

+2 -2

modules/unfree.nix

Reviewed

··· 1 1 { config, lib, ... }: 2 2 { 3 3 - options.garden.unfree = lib.mkOption { 3 3 + options.cafe.unfree = lib.mkOption { 4 4 type = with lib.types; listOf str; 5 5 default = [ ]; 6 6 description = "A list of unfree packages that are allowed to be installed"; 7 7 }; 8 8 9 9 - config.nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) config.garden.unfree; 9 9 + config.nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) config.cafe.unfree; 10 10 }

+2 -2

modules/vpn-container.nix

Reviewed

··· 51 51 isReadOnly = true; 52 52 }; 53 53 }; 54 54 - config = { ... }: lib.mkMerge config.garden.container.vpn.config; 54 54 + config = { ... }: lib.mkMerge config.cafe.container.vpn.config; 55 55 }; 56 56 57 57 - garden.container.vpn.config = [ 57 57 + cafe.container.vpn.config = [ 58 58 { 59 59 networking = { 60 60 useHostResolvConf = false;