jet/extremist-software
jet/extremist-software
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: jet:9b5a32e04b743864e05f5ee674ea7ec9fb619fd6
Branches Tags
jet:main
...
compare: jet:02811f2d4df99d7b5ec3e9958fbf3fa35fe2f7d2
Branches Tags
jet:main

3 commits
9b5a32e04b ... 02811f2d4d

Author SHA1 Message Date
Jet
02811f2d4d
update: noisebell update 2026-03-24 14:22:19 -07:00
Jet
f569039eec
update: noisebell relay configuration 2026-03-24 14:22:09 -07:00
Jet
b41c85b161
feat: add jet as a trusted user 2026-03-23 22:19:47 -07:00
4 changed files with 22 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

13
configuration.nix
View file

@ -67,6 +67,14 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE40ISu3ydCqfdpb26JYD5cIN0Fu0id/FDS+xjB5zpqu" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE40ISu3ydCqfdpb26JYD5cIN0Fu0id/FDS+xjB5zpqu"
]; ];
users.users.jet = {
isNormalUser = true;
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE40ISu3ydCqfdpb26JYD5cIN0Fu0id/FDS+xjB5zpqu"
];
};
# SSH - Secure it # SSH - Secure it
services.openssh = { services.openssh = {
enable = true; enable = true;
@ -120,8 +128,13 @@
"nix-command" "nix-command"
"flakes" "flakes"
]; ];
nix.settings.trusted-users = [
"root"
"jet"
];
nix.settings.max-jobs = "auto"; nix.settings.max-jobs = "auto";
nix.settings.cores = 0; nix.settings.cores = 0;
security.sudo.wheelNeedsPassword = false;
services.postgresql.package = pkgs.postgresql_15; services.postgresql.package = pkgs.postgresql_15;
nixpkgs.config.allowUnfree = true; # Allow unfree packages (Minecraft, etc.) nixpkgs.config.allowUnfree = true; # Allow unfree packages (Minecraft, etc.)

8
flake.lock generated
View file

@ -422,11 +422,11 @@
"rust-overlay": "rust-overlay_2" "rust-overlay": "rust-overlay_2"
}, },
"locked": { "locked": {
"lastModified": 1774306596, "lastModified": 1774387217,
"narHash": "sha256-6K/06QYWQsUmNqHwGPPf7/NjtEGNhnSL1IPXdPM+uOg=", "narHash": "sha256-bhMs1DdFqFoeXwWOLx+1MU0ltGIYPf7OA33cvzFI9C0=",
"ref": "refs/heads/main", "ref": "refs/heads/main",
"rev": "50468db20b3c1606c6fb1d3d027c309a09bc469d", "rev": "adb929227b9640285754b6a04774ab0587e5771b",
"revCount": 52, "revCount": 60,
"type": "git", "type": "git",
"url": "https://git.extremist.software/jet/noisebell" "url": "https://git.extremist.software/jet/noisebell"
}, },

2
flake.nix
View file

@ -51,7 +51,7 @@
let let
pkgs = nixpkgs.legacyPackages.x86_64-linux; pkgs = nixpkgs.legacyPackages.x86_64-linux;
deploy = pkgs.writeShellScriptBin "nhs" '' deploy = pkgs.writeShellScriptBin "nhs" ''
nh os switch --hostname extremist-software --target-host root@extremist-software path:. "$@" nh os switch --hostname extremist-software --target-host jet@extremist-software path:. "$@"
''; '';
check-secrets = pkgs.writeShellScriptBin "check-secrets" '' check-secrets = pkgs.writeShellScriptBin "check-secrets" ''
set -euo pipefail set -euo pipefail

4
modules/noisebell.nix
View file

@ -11,6 +11,10 @@
url = "http://127.0.0.1:3004/webhook"; url = "http://127.0.0.1:3004/webhook";
secretFile = config.age.secrets.noisebell-discord-webhook-secret.path; secretFile = config.age.secrets.noisebell-discord-webhook-secret.path;
} }
{
url = "http://noisebell-pi:8090/webhook";
secretFile = config.age.secrets.noisebell-relay-webhook-secret.path;
}
]; ];
}; };