diff --git a/hosts/elisabeth/secrets/samba/netbird-env.age b/hosts/elisabeth/secrets/samba/netbird-env.age deleted file mode 100644 index 0a96152..0000000 --- a/hosts/elisabeth/secrets/samba/netbird-env.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> X25519 8KelKlNhyqDN8pddQTPpmaoXCsR7uft/cB2C1T79WwU -d5/gmNM0BA7WVS4Ln+6e1IBysWjTwZXDMS9t+TQMdBA --> piv-p256 XTQkUA AwfejTufQTCGTbBRgZASantr/GBbw4Mnp1IvAECk8YxH -noyk11Kk6dkvN/6wB6I+yREBeesc/KH6OJWvvvXZvvY --> piv-p256 ZFgiIw AhntWFLj+OSpO8uJLeEmiWWPH4KzeZcJv29++AA9gPC6 -TvfAw/aL0Urtrl0QTwbHm+U92igPgjizw5JVu9Xr27M --> piv-p256 5vmPtQ AgBlp4aFbmUE9fVASSuXWIL60Ryz7Vt4vDmR2lNu5ob5 -NYfzjIwTshjDJgV/Ijkzw7qEUC9kx9SyDcr9M3wCzLM --> piv-p256 ZFgiIw AtXr3k6gmYxEupwpS7pSOdnF2720SCJj7V0Ci5lijrJS -z2klub/HC+YWunOR/NzMh9KPrdVD/UUm17VX/mXP31U --> hen,g-grease Qg6] a X\b M[r_v^iK -neSxR7VWYbpUF4T0xYBS8T3PcnJWEK++hBJTrdv2u6h52c1v3MF0GTQvy9aoKKca -SLQDw7QpxA ---- 2dt1yCMXFxH1V1xXFG6NXW1NzlhcLX+8Ft1tFz5/k5Y -ǃ“ ÿßøG¼Ÿ팮v›~uÊ!<"c< ùŽz¥/QPºƒ‰èSŠ®šóuñ½•3~÷›lý)Ay‡ÚÙ'¹ÛHëÒ-¦¢êfŠןOîýºŽa \ No newline at end of file diff --git a/modules/netbird-client.nix b/modules/netbird-client.nix index e64090f..3e6c60a 100644 --- a/modules/netbird-client.nix +++ b/modules/netbird-client.nix @@ -29,6 +29,7 @@ str submodule bool + nullOr path ; @@ -64,11 +65,6 @@ in { ''; }; - autoStart = mkEnableOption '' - automatically starting this tunnel on startup. - Needs a setup key to work. - ''; - userAccess = mkOption { type = bool; description = "Allow unprivileged users access to the control socket"; @@ -76,7 +72,8 @@ in { }; environmentFile = mkOption { - type = path; + type = nullOr path; + default = null; description = "An additional environment file for this service."; }; environment = mkOption { @@ -171,7 +168,6 @@ in { environment, stateDir, environmentFile, - autoStart, ... }: nameValuePair "netbird-${name}" { @@ -187,9 +183,8 @@ in { inherit environment; serviceConfig = { - EnvironmentFile = environmentFile; + EnvironmentFile = mkIf (environmentFile != null) environmentFile; ExecStart = "${getExe cfg.package} service run"; - ExecStartPost = mkIf autoStart "${getExe cfg.package} up"; Restart = "always"; RuntimeDirectory = stateDir; StateDirectory = stateDir; diff --git a/modules/services/samba.nix b/modules/services/samba.nix index 2a81340..d35987d 100644 --- a/modules/services/samba.nix +++ b/modules/services/samba.nix @@ -3,11 +3,6 @@ lib, ... }: { - age.secrets.netbird = { - rekeyFile = config.node.secretsDir + "/netbird-env.age"; - mode = "440"; - }; - services.samba-wsdd = { enable = true; # make shares visible for windows 10 clients openFirewall = true; @@ -18,10 +13,11 @@ imports = [../netbird-client.nix]; services.netbird.tunnels = { netbird-samba = { - environment.NB_MANAGEMENT_URL = "https://netbird.${config.secrets.secrets.global.domains.web}"; - autoStart = true; + environment = { + NB_MANAGEMENT_URL = "https://netbird.${config.secrets.secrets.global.domains.web}"; + NB_HOSTNAME = "samba"; + }; port = 56789; - environmentFile = config.age.secrets.netbird.path; }; }; diff --git a/pkgs/actual.nix b/pkgs/actual.nix new file mode 100644 index 0000000..1b5e73c --- /dev/null +++ b/pkgs/actual.nix @@ -0,0 +1,77 @@ +{ + lib, + stdenv, + fetchFromGitHub, + makeWrapper, + cacert, + gitMinimal, + nodejs, + yarn, +}: +stdenv.mkDerivation rec { + pname = "actual-server"; + version = "24.3.0"; + + src = fetchFromGitHub { + owner = "actualbudget"; + repo = "actual-server"; + rev = "v${version}"; + hash = "sha256-y51Dhdn84AWR/gM4LnAzvBIBpvKwUiclnPnwzkRoJ0I="; + }; + # we cannot use fetchYarnDeps because that doesn't support yarn 2/berry lockfiles + offlineCache = stdenv.mkDerivation { + name = "actual-server-${version}-offline-cache"; + inherit src; + + nativeBuildInputs = [ + cacert # needed for git + gitMinimal # needed to download git dependencies + yarn + ]; + + buildPhase = '' + export HOME=$(mktemp -d) + yarn config set enableTelemetry 0 + yarn config set cacheFolder $out + yarn config set --json supportedArchitectures.os '[ "linux" ]' + yarn config set --json supportedArchitectures.cpu '[ "x64" ]' + yarn + ''; + + installPhase = '' + mkdir -p $out + cp -r ./node_modules $out/node_modules + ''; + dontFixup = true; + + outputHashMode = "recursive"; + outputHash = "sha256-ViIIk7l+m0k0K7AaZ6cnCFc7SVNPzW6hPRdEfceO5mc="; + }; + + nativeBuildInputs = [ + makeWrapper + yarn + ]; + + installPhase = '' + runHook preInstall + mkdir -p $out + cp -r ${offlineCache}/node_modules/ $out/ + cp -r ./ $out + + mkdir -p $out/bin + makeWrapper ${lib.getExe nodejs} "$out/bin/actual-server" \ + --add-flags "$out/app.js" --set NODE_PATH "$out/node_modules" \ + + runHook postInstall + ''; + + meta = with lib; { + description = "Single-column Fediverse client for desktop"; + homepage = "https://whalebird.social"; + sourceProvenance = with sourceTypes; [fromSource]; + license = licenses.gpl3Only; + maintainers = with maintainers; [wolfangaukang colinsane weathercold]; + platforms = ["x86_64-linux" "aarch64-linux"]; + }; +} diff --git a/pkgs/default.nix b/pkgs/default.nix index 76d46ee..f18f499 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -4,6 +4,7 @@ zsh-histdb-skim = super.callPackage ./zsh-histdb-skim.nix {}; zsh-histdb = super.callPackage ./zsh-histdb.nix {}; your_spotify = super.callPackage ./your_spotify.nix {}; + actual = super.callPackage ./actual.nix {}; deploy = super.callPackage ./deploy.nix {}; netbird-dashboard = super.callPackage ./netbird-dashboard {}; minify = super.callPackage ./minify {};