mirror of
https://github.com/dump-dvb/nix-config.git
synced 2024-06-14 20:06:57 +02:00
Merge branch 'master' of github.com:dump-dvb/traffic-stop-box
This commit is contained in:
commit
d5be85351e
13
.github/workflows/deadnix.yml
vendored
Normal file
13
.github/workflows/deadnix.yml
vendored
Normal file
|
@ -0,0 +1,13 @@
|
|||
name: "deadnix"
|
||||
|
||||
on: [ push, pull_request ]
|
||||
|
||||
jobs:
|
||||
deadnix:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: cachix/install-nix-action@v17
|
||||
- uses: astro/deadnix-action@main
|
||||
with:
|
||||
flags: "-l"
|
|
@ -68,7 +68,7 @@
|
|||
};
|
||||
};
|
||||
|
||||
outputs = { self, nixpkgs, naersk, microvm, radio-conf, data-accumulator, decode-server, dvb-api, funnel, stops, windshield, docs, wartrammer, clicky-bunty-server, sops-nix, ... }@inputs:
|
||||
outputs = { self, nixpkgs, microvm, radio-conf, data-accumulator, decode-server, dvb-api, funnel, stops, windshield, docs, wartrammer, clicky-bunty-server, sops-nix, ... }@inputs:
|
||||
let
|
||||
pkgs = nixpkgs.legacyPackages."x86_64-linux";
|
||||
lib = pkgs.lib;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, pkgs, inputs, ... }:
|
||||
{ ... }:
|
||||
|
||||
{
|
||||
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
{ lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, pkgs, inputs, ... }:
|
||||
{ pkgs, ... }:
|
||||
|
||||
{
|
||||
# Use the GRUB 2 boot loader.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
{ config, lib, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, pkgs, inputs, ... }:
|
||||
{ ... }:
|
||||
|
||||
{
|
||||
boot.tmpOnTmpfs = true;
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
{ config, lib, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, pkgs, inputs, ... }:
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
microvm = {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, pkgs, inputs, ... }:
|
||||
{ config, ... }:
|
||||
|
||||
{
|
||||
boot.tmpOnTmpfs = true;
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
{ config, lib, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, pkgs, inputs, ... }:
|
||||
{ ... }:
|
||||
|
||||
{
|
||||
boot.tmpOnTmpfs = true;
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
{ modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, pkgs, inputs, ... }:
|
||||
{ ... }:
|
||||
|
||||
{
|
||||
boot.tmpOnTmpfs = true;
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
{ modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, config, ... }:
|
||||
{ pkgs, ... }:
|
||||
|
||||
{
|
||||
nix = {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, config, lib, ... }: {
|
||||
{ pkgs, config, ... }: {
|
||||
systemd = {
|
||||
services = {
|
||||
"dvb-api" = {
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
This file contains the configuration for the gnuradio sdr decoding pipeline
|
||||
*/
|
||||
|
||||
{ pkgs, config, lib, ... }:
|
||||
{ pkgs, config, ... }:
|
||||
let
|
||||
port = 8070;
|
||||
in
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, lib, config, ... }: {
|
||||
{ pkgs, config, ... }: {
|
||||
services = {
|
||||
nginx = {
|
||||
enable = true;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, lib, config, ... }: {
|
||||
{ pkgs, config, ... }: {
|
||||
services = {
|
||||
nginx = {
|
||||
enable = true;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, config, lib, ... }: {
|
||||
{ config, lib, ... }: {
|
||||
|
||||
services = {
|
||||
# metrics collector
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, config, lib, ... }: {
|
||||
{ pkgs, config, ... }: {
|
||||
services = {
|
||||
nginx = {
|
||||
enable = true;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, config, lib, ... }: {
|
||||
{ ... }: {
|
||||
security.acme.acceptTerms = true;
|
||||
security.acme.defaults.email = "dump-dvb@protonmail.com";
|
||||
services.nginx = {
|
||||
|
|
|
@ -1,60 +1,60 @@
|
|||
{ pkgs, config, lib, ... }: {
|
||||
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
port = 5432;
|
||||
package = pkgs.postgresql_14;
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "dvbdump";
|
||||
ensurePermissions = {
|
||||
"DATABASE dvbdump" = "ALL PRIVILEGES";
|
||||
};
|
||||
}
|
||||
{
|
||||
name = "telegrams";
|
||||
ensurePermissions = {
|
||||
"DATABASE telegrams" = "ALL PRIVILEGES";
|
||||
};
|
||||
}
|
||||
|
||||
];
|
||||
ensureDatabases = [
|
||||
"dvbdump"
|
||||
"telegrams"
|
||||
];
|
||||
};
|
||||
systemd.services."pg-dvbdump-setup" = {
|
||||
description = "prepare dvbdump postgres database";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "networking.target" "postgresql.service" ];
|
||||
serviceConfig.Type = "oneshot";
|
||||
|
||||
path = [ pkgs.sudo config.services.postgresql.package ];
|
||||
script = ''
|
||||
sudo -u ${config.services.postgresql.superUser} psql -c "ALTER ROLE dvbdump WITH PASSWORD '$(cat ${config.sops.secrets.postgres_password_dvbdump.path})'"
|
||||
sudo -u ${config.services.postgresql.superUser} psql -c "ALTER ROLE telegrams WITH PASSWORD '$(cat ${config.sops.secrets.postgres_password_telegrams.path})'"
|
||||
|
||||
sudo -u ${config.services.postgresql.superUser} psql --dbname telegrams -c "create table r09_telegrams (
|
||||
id serial8 primary key not null,
|
||||
time timestamp not null,
|
||||
station UUID not null,
|
||||
region int8 not null,
|
||||
type int8 not null,
|
||||
delay int,
|
||||
reporting_point int not null,
|
||||
junction int not null,
|
||||
direction int2 not null,
|
||||
request_status int2 not null,
|
||||
priority int2,
|
||||
direction_request int2,
|
||||
line int,
|
||||
run_number int,
|
||||
destination_number int,
|
||||
train_length int2,
|
||||
vehicle_number int,
|
||||
operator int2
|
||||
);"
|
||||
'';
|
||||
};
|
||||
}
|
||||
{ pkgs, config, ... }: {
|
||||
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
port = 5432;
|
||||
package = pkgs.postgresql_14;
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "dvbdump";
|
||||
ensurePermissions = {
|
||||
"DATABASE dvbdump" = "ALL PRIVILEGES";
|
||||
};
|
||||
}
|
||||
{
|
||||
name = "telegrams";
|
||||
ensurePermissions = {
|
||||
"DATABASE telegrams" = "ALL PRIVILEGES";
|
||||
};
|
||||
}
|
||||
|
||||
];
|
||||
ensureDatabases = [
|
||||
"dvbdump"
|
||||
"telegrams"
|
||||
];
|
||||
};
|
||||
systemd.services."pg-dvbdump-setup" = {
|
||||
description = "prepare dvbdump postgres database";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "networking.target" "postgresql.service" ];
|
||||
serviceConfig.Type = "oneshot";
|
||||
|
||||
path = [ pkgs.sudo config.services.postgresql.package ];
|
||||
script = ''
|
||||
sudo -u ${config.services.postgresql.superUser} psql -c "ALTER ROLE dvbdump WITH PASSWORD '$(cat ${config.sops.secrets.postgres_password_dvbdump.path})'"
|
||||
sudo -u ${config.services.postgresql.superUser} psql -c "ALTER ROLE telegrams WITH PASSWORD '$(cat ${config.sops.secrets.postgres_password_telegrams.path})'"
|
||||
|
||||
sudo -u ${config.services.postgresql.superUser} psql --dbname telegrams -c "create table r09_telegrams (
|
||||
id serial8 primary key not null,
|
||||
time timestamp not null,
|
||||
station UUID not null,
|
||||
region int8 not null,
|
||||
type int8 not null,
|
||||
delay int,
|
||||
reporting_point int not null,
|
||||
junction int not null,
|
||||
direction int2 not null,
|
||||
request_status int2 not null,
|
||||
priority int2,
|
||||
direction_request int2,
|
||||
line int,
|
||||
run_number int,
|
||||
destination_number int,
|
||||
train_length int2,
|
||||
vehicle_number int,
|
||||
operator int2
|
||||
);"
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, pkgs, ... }:
|
||||
{ config, ... }:
|
||||
{
|
||||
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, config, lib, ... }: {
|
||||
{ pkgs, config, ... }: {
|
||||
systemd = {
|
||||
services = {
|
||||
"funnel" = {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, lib, config, ... }: {
|
||||
{ config, ... }: {
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts = {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, lib, ... }:
|
||||
{ lib, ... }:
|
||||
with lib; {
|
||||
options.dump-dvb.systemNumber = mkOption {
|
||||
type = types.int;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, config, ... }:
|
||||
{ ... }:
|
||||
|
||||
{
|
||||
binaryCaches = [
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, config, lib, ... }:
|
||||
{ pkgs, ... }:
|
||||
let
|
||||
file = ../../configs/mobile_box.json;
|
||||
in
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, pkgs, ... }:
|
||||
{ config, ... }:
|
||||
{
|
||||
sops.defaultSopsFile = ../../secrets/traffic-stop-box-${toString config.dump-dvb.systemNumber}/secrets.yaml;
|
||||
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, lib, ... }:
|
||||
{ ... }:
|
||||
{
|
||||
users.mutableUsers = true;
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user