diff --git a/devshell/patches.nix b/devshell/patches.nix index e6a2050b9..33c994dd7 100644 --- a/devshell/patches.nix +++ b/devshell/patches.nix @@ -4,7 +4,7 @@ let name = "update-patches"; text = '' cd "$PRJ_ROOT/patches" - # TODO broken on newest commits + # currently nothing ''; }; in diff --git a/devshell/prepare/default.nix b/devshell/prepare/default.nix index 3d311155c..86a91e9d3 100644 --- a/devshell/prepare/default.nix +++ b/devshell/prepare/default.nix @@ -12,12 +12,12 @@ let imports = suites.server ++ (with profiles; [ - # TODO + # PLACEHOLDER ]); config = lib.mkMerge [ { - # TODO + # PLACEHOLDER } # stateVersion diff --git a/flake.lock b/flake.lock index 543eed861..c6bd181e3 100644 --- a/flake.lock +++ b/flake.lock @@ -1106,29 +1106,6 @@ "type": "github" } }, - "nixos-riscv": { - "inputs": { - "nixos-hardware": [ - "nixos-hardware" - ], - "nixpkgs": [ - "nixpkgs-riscv" - ] - }, - "locked": { - "lastModified": 1732291832, - "narHash": "sha256-7RXwqMWJ4s48rcqr2qkbbftGm1KVYOrKCTtg4Dz5jqY=", - "owner": "linyinfeng", - "repo": "nixos-riscv", - "rev": "6b074316936e6a074fe9044a1e102cb618cb3130", - "type": "github" - }, - "original": { - "owner": "linyinfeng", - "repo": "nixos-riscv", - "type": "github" - } - }, "nixos-vscode-server": { "inputs": { "flake-utils": [ @@ -1448,7 +1425,6 @@ "nixos-cn": "nixos-cn", "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", - "nixos-riscv": "nixos-riscv", "nixos-vscode-server": "nixos-vscode-server", "nixos-wsl": "nixos-wsl", "nixpkgs": "nixpkgs", @@ -1465,7 +1441,6 @@ "sops-nix": "sops-nix", "systems": "systems", "treefmt-nix": "treefmt-nix", - "typhon": "typhon", "weird-deployer": "weird-deployer" } }, @@ -1561,32 +1536,6 @@ "type": "github" } }, - "typhon": { - "inputs": { - "crane": [ - "crane" - ], - "flake-compat": [ - "flake-compat" - ], - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1730373693, - "narHash": "sha256-pDoaV+a3CBmvhYKD/m8k5soQ4kxwzvv2Kh/y7QHCGyU=", - "owner": "typhon-ci", - "repo": "typhon", - "rev": "e4f11b3d7c47c3a584fe565637bcc6e50f3735da", - "type": "github" - }, - "original": { - "owner": "typhon-ci", - "repo": "typhon", - "type": "github" - } - }, "weird-deployer": { "locked": { "lastModified": 1728549622, diff --git a/flake.nix b/flake.nix index 2a2bb8ba2..f23e62bc0 100644 --- a/flake.nix +++ b/flake.nix @@ -74,17 +74,6 @@ impermanence.url = "github:nix-community/impermanence"; - typhon.url = "github:typhon-ci/typhon"; - typhon.inputs.crane.follows = "crane"; - typhon.inputs.flake-compat.follows = "flake-compat"; - typhon.inputs.nixpkgs.follows = "nixpkgs"; - - # TODO use upstream - # nixos-riscv.url = "github:nickcao/nixos-riscv"; - nixos-riscv.url = "github:linyinfeng/nixos-riscv"; - nixos-riscv.inputs.nixpkgs.follows = "nixpkgs-riscv"; - nixos-riscv.inputs.nixos-hardware.follows = "nixos-hardware"; - # home-manager modules emacs-overlay.url = "github:nix-community/emacs-overlay"; diff --git a/flake/hosts.nix b/flake/hosts.nix index 50f0c65a0..6ce6a32c1 100644 --- a/flake/hosts.nix +++ b/flake/hosts.nix @@ -245,7 +245,6 @@ let inputs.ace-bot.nixosModules.ace-bot inputs.commit-notifier.nixosModules.commit-notifier inputs.angrr.nixosModules.angrr - inputs.typhon.nixosModules.default inputs.lanzaboote.nixosModules.lanzaboote inputs.niri-flake.nixosModules.niri @@ -420,7 +419,7 @@ in ( { ... }: { - # TODO mobile-nixos tests `config.nixpkgs.localSystem` + # mobile-nixos tests `config.nixpkgs.localSystem` nixpkgs.system = "aarch64-linux"; } ) diff --git a/flake/nixpkgs.nix b/flake/nixpkgs.nix index 002f69034..1325ba81c 100644 --- a/flake/nixpkgs.nix +++ b/flake/nixpkgs.nix @@ -70,43 +70,6 @@ let lanzaboote = inputs.lanzaboote.overlays.default final prev; }) (final: prev: { - # TODO broken with auto-allocate-uids - ccacheStdenv = final.stdenv; - # # ccache - # ccacheCacheDir = "/var/cache/ccache"; - # ccacheLogDir = "/var/log/ccache"; - # ccacheWrapper = prev.ccacheWrapper.override { - # extraConfig = '' - # export CCACHE_COMPRESS=1 - # export CCACHE_UMASK=007 - # if [ -d "${final.ccacheCacheDir}" ]; then - # export CCACHE_DIR="${final.ccacheCacheDir}" - # else - # export CCACHE_DIR="/tmp/ccache" - # mkdir -p "$CCACHE_DIR" - # echo "ccacheWrapper: \"${final.ccacheCacheDir}\" is not a directory, cache in \"$CCACHE_DIR\"" >&2 - # fi - # if [ -d "${final.ccacheLogDir}" ]; then - # export CCACHE_LOGFILE="${final.ccacheLogDir}/ccache.log" - # fi - # if [ ! -w "$CCACHE_DIR" ]; then - # echo "ccacheWrapper: '$CCACHE_DIR' is not accessible for user $(whoami)" >&2 - # exit 1 - # fi - # ''; - # }; - # ccacheTest = final.ccacheStdenv.mkDerivation { - # name = "test-ccache"; - # src = builtins.toFile "hello-world.c" '' - # #include - # int main() { printf("hello, world\n"); } - # ''; - # dontUnpack = true; - # env.NIX_DEBUG = 1; - # buildPhase = "cc $src -o hello"; - # installPhase = "install -D hello $out/bin/hello"; - # }; - # adjustment nixVersions = prev.nixVersions // { selected = final.nixVersions.latest; @@ -114,7 +77,6 @@ let nix = final.nixVersions.selected; gnuradio = prev.gnuradio.override { unwrapped = prev.gnuradio.unwrapped.override { - stdenv = final.ccacheStdenv; soapysdr = final.soapysdr-with-plugins; }; }; @@ -128,7 +90,6 @@ let waydroid = prev.waydroid.overrideAttrs (old: { patches = (old.patches or [ ]) ++ [ ../patches/waydroid-mount-nix-and-run-binfmt.patch ]; }); - linuxManualConfig = prev.linuxManualConfig.override { stdenv = final.ccacheStdenv; }; blender = prev.blender.override { cudaSupport = true; }; @@ -170,9 +131,7 @@ in nixpkgs = { config = { allowUnfree = true; - # TODO wait for mautrix-telegram update - # TODO wait for matrix-qq update - # TODO wait for logseq update + # TODO wait for mautrix-telegram, matrix-qq, and logseq update allowInsecurePredicate = p: (p.pname or null) == "olm" @@ -182,7 +141,7 @@ in "27" "28" ] - ); # for dependency of logseq + ); }; overlays = let @@ -199,16 +158,6 @@ in (earlyFixes overlayNixpkgsArgs) ++ packages ++ (lateFixes overlayNixpkgsArgs); }; } - (lib.mkIf (system == "riscv64-linux") { - # cross from x86_64-linux - nixpkgs.path = inputs.nixpkgs-riscv; - nixpkgs.localSystem = { - system = "x86_64-linux"; - }; - nixpkgs.crossSystem = { - inherit system; - }; - }) (lib.mkIf (system == "loongarch64-linux") { # cross from x86_64-linux nixpkgs.localSystem = { diff --git a/home-manager/profiles/emacs/default.nix b/home-manager/profiles/emacs/default.nix index 157fe3845..551bc7613 100644 --- a/home-manager/profiles/emacs/default.nix +++ b/home-manager/profiles/emacs/default.nix @@ -24,15 +24,6 @@ let { # currently nothing # inherit (lEpkgs) ; - # TODO broken on v4.0.4 - emacsql = epkgs.emacsql.overrideAttrs (_old: { - src = pkgs.fetchFromGitHub { - owner = "magit"; - repo = "emacsql"; - rev = "v4.0.3"; - hash = "sha256-MaL3t+2MhWOE6eLmt8m4ImpsKeNeUZ4S8zEoQVu51ZY="; - }; - }); } ); }; diff --git a/nixos/hosts/mtl0/default.nix b/nixos/hosts/mtl0/default.nix index a6b293f6d..0e13de7ae 100644 --- a/nixos/hosts/mtl0/default.nix +++ b/nixos/hosts/mtl0/default.nix @@ -34,8 +34,7 @@ in services.minio services.vaultwarden services.gitweb - # TODO broken https://github.com/NixOS/nixpkgs/issues/262907#issuecomment-2018578833 - # services.seafile + services.seafile services.commit-notifier services.pastebin services.http-test diff --git a/nixos/hosts/nuc/default.nix b/nixos/hosts/nuc/default.nix index ef1c79b72..8c8c3d61d 100644 --- a/nixos/hosts/nuc/default.nix +++ b/nixos/hosts/nuc/default.nix @@ -51,8 +51,6 @@ in services.smartd services.postgresql services.hydra - # TODO broken - # services.typhon programs.service-mail programs.tg-send users.yinfeng diff --git a/nixos/profiles/boot/kernel/intel.nix b/nixos/profiles/boot/kernel/intel.nix index b3848f5a3..6f2345471 100644 --- a/nixos/profiles/boot/kernel/intel.nix +++ b/nixos/profiles/boot/kernel/intel.nix @@ -28,15 +28,12 @@ in linux_intel_fn = { buildLinux, - ccacheStdenv, lib, ... }@args: buildLinux ( args // { - # build with ccacheStdenv - stdenv = ccacheStdenv; inherit version; modDirVersion = lib.versions.pad 3 version; extraMeta.branch = lib.versions.majorMinor version; diff --git a/nixos/profiles/boot/kernel/sdm845-mainline/default.nix b/nixos/profiles/boot/kernel/sdm845-mainline/default.nix index 913e801ce..f2e8d68cf 100644 --- a/nixos/profiles/boot/kernel/sdm845-mainline/default.nix +++ b/nixos/profiles/boot/kernel/sdm845-mainline/default.nix @@ -17,15 +17,12 @@ in linux_sdm845_fn = { buildLinux, - ccacheStdenv, lib, ... }@args: buildLinux ( args // { - # build with ccacheStdenv - stdenv = ccacheStdenv; inherit version; modDirVersion = "${lib.versions.pad 3 version}-sdm845"; extraMeta.branch = lib.versions.majorMinor version; diff --git a/nixos/profiles/programs/ccache/default.nix b/nixos/profiles/programs/ccache/default.nix index a892652aa..ca5693d66 100644 --- a/nixos/profiles/programs/ccache/default.nix +++ b/nixos/profiles/programs/ccache/default.nix @@ -43,4 +43,41 @@ in rotate = 1; }; }; + nixpkgs.overlays = [ + (final: prev: { + ccacheCacheDir = "/var/cache/ccache"; + ccacheLogDir = "/var/log/ccache"; + ccacheWrapper = prev.ccacheWrapper.override { + extraConfig = '' + export CCACHE_COMPRESS=1 + export CCACHE_UMASK=007 + if [ -d "${final.ccacheCacheDir}" ]; then + export CCACHE_DIR="${final.ccacheCacheDir}" + else + export CCACHE_DIR="/tmp/ccache" + mkdir -p "$CCACHE_DIR" + echo "ccacheWrapper: \"${final.ccacheCacheDir}\" is not a directory, cache in \"$CCACHE_DIR\"" >&2 + fi + if [ -d "${final.ccacheLogDir}" ]; then + export CCACHE_LOGFILE="${final.ccacheLogDir}/ccache.log" + fi + if [ ! -w "$CCACHE_DIR" ]; then + echo "ccacheWrapper: '$CCACHE_DIR' is not accessible for user $(whoami)" >&2 + exit 1 + fi + ''; + }; + ccacheTest = final.ccacheStdenv.mkDerivation { + name = "test-ccache"; + src = builtins.toFile "hello-world.c" '' + #include + int main() { printf("hello, world\n"); } + ''; + dontUnpack = true; + env.NIX_DEBUG = 1; + buildPhase = "cc $src -o hello"; + installPhase = "install -D hello $out/bin/hello"; + }; + }) + ]; } diff --git a/nixos/profiles/services/nextcloud/default.nix b/nixos/profiles/services/nextcloud/default.nix index 9afc6dddc..7f756bdcb 100644 --- a/nixos/profiles/services/nextcloud/default.nix +++ b/nixos/profiles/services/nextcloud/default.nix @@ -122,7 +122,7 @@ in onlyoffice memories previewgenerator - # maps # TODO wait for support on nextcloud 30 + maps ; }; notify_push = { diff --git a/nixos/profiles/services/nuc-proxy/default.nix b/nixos/profiles/services/nuc-proxy/default.nix index a508b4fb9..d6f08fd94 100644 --- a/nixos/profiles/services/nuc-proxy/default.nix +++ b/nixos/profiles/services/nuc-proxy/default.nix @@ -11,7 +11,6 @@ inherit (config.security.acme.tfCerts."li7g_com".nginxSettings) sslCertificate sslCertificateKey; serverAliases = [ "hydra-proxy.*" - "typhon-proxy.*" ]; locations."/" = { proxyPass = "https://nuc"; diff --git a/nixos/profiles/services/telegraf-http/default.nix b/nixos/profiles/services/telegraf-http/default.nix index 3a79c002e..867fab71a 100644 --- a/nixos/profiles/services/telegraf-http/default.nix +++ b/nixos/profiles/services/telegraf-http/default.nix @@ -56,12 +56,6 @@ let code = 200; } ]; - # typhon = [ - # { - # url = "https://typhon.ts.li7g.com"; - # code = 200; - # } - # ]; dst = [ ]; smtp = [ ]; teamspeak = [ ]; @@ -69,11 +63,10 @@ let }; overrides = { box = [ - # TODO broken https://github.com/NixOS/nixpkgs/issues/262907#issuecomment-2018578833 - # { - # url = "https://box.li7g.com/accounts/login/?next=/"; - # code = 200; - # } + { + url = "https://box.li7g.com/accounts/login/?next=/"; + code = 200; + } ]; tar = [ { diff --git a/nixos/profiles/services/typhon/default.nix b/nixos/profiles/services/typhon/default.nix deleted file mode 100644 index 10bd11b3b..000000000 --- a/nixos/profiles/services/typhon/default.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ config, ... }: -{ - services.typhon = { - enable = true; - hashedPasswordFile = config.sops.secrets."typhon_hashed_password".path; - }; - - systemd.services.typhon = { - environment = { - LEPTOS_SITE_ADDR = "[::1]:${toString config.ports.typhon}"; - }; - }; - - services.nginx.virtualHosts."typhon.*" = { - forceSSL = true; - inherit (config.security.acme.tfCerts."li7g_com".nginxSettings) sslCertificate sslCertificateKey; - serverAliases = [ "typhon-proxy.*" ]; - locations."/" = { - proxyPass = "http://[::1]:${toString config.ports.typhon}"; - recommendedProxySettings = true; - }; - }; - - sops.secrets."typhon_hashed_password" = { - terraformOutput.enable = true; - owner = config.users.users.typhon.name; - group = config.users.groups.typhon.name; - restartUnits = [ "typhon.service" ]; - }; -} diff --git a/secrets/terraform/hosts/mtl0.yaml b/secrets/terraform/hosts/mtl0.yaml index 54eea2f62..bc14d0267 100644 --- a/secrets/terraform/hosts/mtl0.yaml +++ b/secrets/terraform/hosts/mtl0.yaml @@ -29,6 +29,7 @@ mongodb_monitor_password: ENC[AES256_GCM,data:nzx6NhjK7mLAMDu6Y8h4VVSyLqyCyYx0Ne mongodb_sicp_staging_password: ENC[AES256_GCM,data:3AIHGpGpPqK42eWi+I5gsxMPxUgVtnCvz+LwTKrh8buItjO/eOjFVZc7XQ2pR5/6uipwOPIIHo2D1J+kTi70YA==,iv:cAOUn0wK78PXl9+RWIV7Q6GNUNmVBcKEV9EYWVVqNvY=,tag:fMojF//ywGWdvN5fjAsNqg==,type:str] rabbitmq_sicp_staging_password: ENC[AES256_GCM,data:vDYZ7rVu6OHprYTk7cHcmWi/2F9knEXYPU5bnefIey8=,iv:b6Yn4iToOvuT6xXSgouTJJImyjRKCz0cym3BJcVct/8=,tag:03Awa2oS3V0QqEAFEGkRdg==,type:str] restic_password: ENC[AES256_GCM,data:vaWjEKDxLcRDf++2yshq5WynYCkuSGYX/RxDx4mCc2I=,iv:/a41CRAQzBjq6z31UeJ01Zmqr8FfSmmAHrAZibY4Q8Y=,tag:I1TcOu83wfuRETUY3QksFg==,type:str] +seahub_password: ENC[AES256_GCM,data:nyy77z5UxXzoqwDijlx9NxUD0LL270YLbvo4Aw5BLu0=,iv:bC1XbPRYJ1rmSlqQ29UQojDX0ZXiXwPBbs8TzGCup4E=,tag:1MH2FdMyxtZnBnj0x9mqGQ==,type:str] sicp_staging_admin_password: ENC[AES256_GCM,data:5DeVhCDpYWsk54678PoFbCKR+z7d7t/rYl3yxkvhN70=,iv:89u2palzXXb6TyUXJHE4NOl8sWEg/jkBlufEnapGj9c=,tag:J3a79Q33/8yL1zYAnfOHQg==,type:str] sicp_staging_jwt_secret: ENC[AES256_GCM,data:0fUtwBHKIvKg2dYZSdoPet5Kfz9BSbY3IUxUC4LQxOcMGCh+6VQ1hC3KThiA0tDAop6UfGX+usV7Oh8/oErI3g==,iv:5qIaueMtHeuz4l4ddeTMFNJabyfrIqa74QWNRBA9Xg0=,tag:hzs/b+jnLsc1tj/xxQ7osQ==,type:str] sicp_staging_redis_password: ENC[AES256_GCM,data:wAIAbXV7p9bw5kTNw+aYlAYC8b+qNIpp9ca0UhzNIH4=,iv:25Z1mXr3nphEowOyhx3DsCGNENKfm0zGeXlkI5p9u+A=,tag:lXSIiavNh9E2PU5wMd7Eww==,type:str] @@ -67,8 +68,8 @@ sops: V2hRNEhCdHYzMUhvMGFYMG5vcFVmTDAKJfGXQKrLecTN7vTSpNmTXzyJWLEFs5g8 l8iDsxeSySYsd23aJ0MNwxDOx7xHE90iOuFqnhdGQl2B2wF6HDfm1w== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-11-10T16:58:54Z" - mac: ENC[AES256_GCM,data:bIeKM1ynOe9Mi798uGaz5/Mwjz70wSXbDyUshP5BJ2820+1DcIKrPXTPTySBAhAQVRz9+vgJRFH2weKL0txcETlCqC+7fV9+6rMSD1FPA0piBCheuhFHHtjQV//QdhOn+nygbT0xTMaEu2RyM/YzT2CFuxuetJYcxixPY7OHf90=,iv:YetqfAJwAkB5LaSqRvMSL2uciqbxEUBBMp7TWWwIKKw=,tag:keanWAHbU+m4RtmYk8m7rA==,type:str] + lastmodified: "2024-12-10T07:44:23Z" + mac: ENC[AES256_GCM,data:i237F6nNOAkFfJTK6sgqH0UyuMsj4DX318fjdjlG2ZqnSqoo8ky2KzG25MlqzRJZbIJCx0FME4whChibkPOVRUoExaTA5irLDL6pennTkpC6hz5HtLWOziET8HDeatICahaKIxGGydYqBbICxNojR2SG1xoY8USNZrunbtgtgh8=,iv:6BO0tPpIS7AYYL/tRpbsHOAE5TcB3G5qqqqqriMGxx8=,tag:7vWW7S0GfjN54Yg5XRMnrQ==,type:str] pgp: - created_at: "2023-05-11T12:18:58Z" enc: |- diff --git a/secrets/terraform/hosts/nuc.yaml b/secrets/terraform/hosts/nuc.yaml index 697671d3f..9002a14ce 100644 --- a/secrets/terraform/hosts/nuc.yaml +++ b/secrets/terraform/hosts/nuc.yaml @@ -30,6 +30,7 @@ tailscale_tailnet_key: ENC[AES256_GCM,data:G/lKMARDOxtxFTQ6qxGRx9SQtUQEA+Ov/63iR transmission_hashed_password: ENC[AES256_GCM,data:W9b1d/WyXMs/KkWigx3CV+/VkJ6urH6cTYucHEUpWTfRlAhTnnyByB+M7DT4N8yWNjVR7r0sBDhNtsuASbIoLGegwKkDWqbjgah7LbUJ6ySBFmYn90O2tZKf9taFUKVnQgU=,iv:jJQJ2QSx7T9ILn5gduMg4fWKq+EaqkBZHJTDNPPIL6g=,tag:5Qi1Nl0UL00lNfgjEQFIPA==,type:str] transmission_password: ENC[AES256_GCM,data:ZgB9Eh8UYwe7G+zRP2S4CJBxBj1x0djGc62wpjprZQ4=,iv:90UYHn5NN9idyTs0mbLSCDw9g7658zCK+8Sl3wKj2no=,tag:lZW0ExqFCxtFcm+HHtr1ow==,type:str] transmission_username: ENC[AES256_GCM,data:dUxDfguch1IYwTB6,iv:V5TkE56564FV3cxGebxZikgfU1idgiMGe5VlFCz5SKU=,tag:fZzx/qZfEoLdDo20NaTTNA==,type:str] +typhon_hashed_password: ENC[AES256_GCM,data:MPyTh5YquP7kCbaaDs2UrPVWKnq+ibXc3A/0B0gv/c3IWuh+au7JeQz4jldZ3z6DohAAkwfqEzSr87uJHfSAYx3vKmSmpL37EZjmNcs8EPpYP43Mwpc8edgyKjHVW71w,iv:QMFJkDXYakCn1So//Nj1D8OJhz7pUJ6k08OMH8houLw=,tag:R2+Pqo7dhDN4u5fpAKkABQ==,type:str] wireguard_private_key: ENC[AES256_GCM,data:0nHX7GoUtPUoxY4Lu+B01IhVghh2ED7Ir1WFduvSjQSY9/Kqzq5Ddizi3T0=,iv:50mNtU/bOJBPyq/3QIl9xoHesZbpzcYl2YPGdj7xuQg=,tag:xle6xg1vqG6NPADkpWY8nA==,type:str] zerotier_moon_content_base64: ENC[AES256_GCM,data:MiZOM0xLueCw+Rr8JELks1qRbQLbxh2w8ZIQjFidM0jyzPeq8eD9Vhdl3iQtE75a0o/gqm2HxEnK3VD0iPSPygSlRaeaIzsYOvStM4hQhnDUFzgy+vQxBvHWWD8YnYnSEmVHJBVyJGDlvGg2090/jut/miJrF5WtRFmgJEW6ugUf5fgZAnMMa0saQAsWqs4fPEdFoyWFIJfgcJTP7HNcIa2zu+2tTa4XOe/pJmd5EBcrTJi0p7rklvEk6XJdTMIjXpky87KlmjU+CYTAFqPsoSjC7ngc4A0Sguslngbh++jbFwwuA5OQ5TSBh0wOlAeYqB3mgGAYMUFr3dvYbgoj+nbR413PcO04aWPYIJ2OJXwxVQwrzSPuRjXAynOmhoul/2Q1OVk/stIfHOweRsu97q7c8jIiiigBYoHgmBTtmVA/LMiRtKm5FcpY62KJlgjxzEwFOFlmdCuTFrUUmNgBUJrA8ar5OiZLCAV/XCetkElTyx3AD6xDPLchDldDR8RdvD0twQy2cIAXOuwB8oSLJ56wLW5Y0KR4edwFaCzQejh920bjtxUuvxqtwFmh0mzD7O9IDg0nlC19oExihLc7q6Ob/eegGLeJO+Qgx4qmLSWmRqlHw/KuTV0YzV7ydKWC1cB5MXTxKyAMqGdgJRC+JsFu35ikZy08G+GGVO/8cTXkZC44wONA4Jwmd1DfJPwnY9u0INAGF+WT7eXl0wNTGvtSCdBU6Bdezjl36xzYhCisqRj1Yt2wMNSh//KUv2rBkcsm6f2OlLcW8a+nf3ijqxgTRMnfHWG7AgroUI1u2ZmFH2i4+MkZhlC5LlMA6+9tGzVXO/6p0LivsZ2AwgGE2xTLvLokqFrIf1pIdjo0gYG5/WDnNz3Hi+faTag0C3jEC1qO7IssOcxPZLX8IOQlNgVvt0s93xTvJbs8Io42cMeGyGWpXPGhCb2lMRuZ56V+QJX5WSDpMOyq/S+Tvd+diMuv0XJ6rxZNi1xG6m3IyRO61zWowVAd4w0R8ZHTtV4sUksskrAVXr2ABayK10HAU8MusFN0Q7+aS74DmZBYMWE8akBavLp8R2yNU6+sDq/pLn4szDoT29icLoC5YU/qQBZ08JxgwAEA3tWcBQ==,iv:Mla+TBrr5aSgOANNfQFFifUzIgL+oq5xYM3KGRP5mr0=,tag:UVVltzI2ufYQuB8o4hZ9ig==,type:str] zerotier_moon_filename: ENC[AES256_GCM,data:ywn0gzeUuFoSbegUi6fRO5e8OieM,iv:snBeUht/fbk8RsYWIpFK0vNngaPlPlmJI7Con7YmTH4=,tag:dCRpigJckyyl2w/coU9lRw==,type:str] @@ -60,8 +61,8 @@ sops: Tm9KdEE1US9XamVNL2dxRUw3a00rckkKrWgRV4D9ywBgFmceB+hI/eak5D8t+t6W B/535UqZSagSVdScVPNfgrlkDRnbnw+E97AXg6GQPc3lN0sqhgGtrA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-11-10T16:58:55Z" - mac: ENC[AES256_GCM,data:mpycEBhWxbaxciy73jKWC8ZFocQhGaEaRbugzk3syi4E0HMZmCl7bUngLC7nKGf2WdeJlZ6f6agTEQSa9PB1LhwFP/+GQ0FCHGdAtnxWwodJHOp/yZkesVXbD10sDa03Wmw+zNllqH4d1ZXwH3L0wzSkaEcuPLQSsP1yZ1PraNY=,iv:x2gmL1ZkVtE5SolAZgBh3mL2c4bEVW+c8wEjEdLvgSU=,tag:BsFId1//u2yybBPxZtldZQ==,type:str] + lastmodified: "2024-12-10T07:44:25Z" + mac: ENC[AES256_GCM,data:ag89P5t2GY+SrJWXX84WctOZrCTlKCM6idV7zLMKA5e9S1kUCR1Osr/HZyroy4gyiaJVOkM07eiW9f84j2Qzluq9ieM3EJXXzONEQOiEHNJfCqnsMZLSFFVrP7bv7TVn5O/qK9ISIOqI25qNkRCUje//eFvSHmybsl0xSX394mg=,iv:HN8nKhRvsi52Fs6KSFVjplbp+ESkb9G+752OMu2YSuE=,tag:Fs62KOgslLkvOeqRFaqBFA==,type:str] pgp: - created_at: "2022-08-03T13:12:44Z" enc: |- diff --git a/terraform/cloudflare.tf b/terraform/cloudflare.tf index ba2f6174d..cb13f0b1f 100644 --- a/terraform/cloudflare.tf +++ b/terraform/cloudflare.tf @@ -104,13 +104,12 @@ resource "cloudflare_record" "zip_prebuilt_wildcard" { locals { service_cname_mappings = { - portal = { on = "hkg0", proxy = true } - atuin = { on = "hkg0", proxy = true } - cache-overlay = { on = "hkg0", proxy = true } - nuc-proxy = { on = "hkg0", proxy = true } - hydra-proxy = { on = "hkg0", proxy = true } - sicp-tutorials = { on = "hkg0", proxy = true } - # typhon-proxy = { on = "hkg0", proxy = true } + portal = { on = "hkg0", proxy = true } + atuin = { on = "hkg0", proxy = true } + cache-overlay = { on = "hkg0", proxy = true } + nuc-proxy = { on = "hkg0", proxy = true } + hydra-proxy = { on = "hkg0", proxy = true } + sicp-tutorials = { on = "hkg0", proxy = true } tar = { on = "lax0", proxy = true } pgp-public-key = { on = "lax0", proxy = true } oranc = { on = "lax0", proxy = true } @@ -140,11 +139,10 @@ locals { dn42 = { on = "fsn0", proxy = true } keycloak = { on = "fsn0", proxy = true } hydra = { on = "nuc", proxy = false } - # typhon = { on = "nuc", proxy = false } - transmission = { on = "nuc", proxy = false } - jellyfin = { on = "nuc", proxy = false } - nextcloud = { on = "nuc", proxy = false } - mc = { on = "nuc", proxy = false } + transmission = { on = "nuc", proxy = false } + jellyfin = { on = "nuc", proxy = false } + nextcloud = { on = "nuc", proxy = false } + mc = { on = "nuc", proxy = false } } } output "service_cname_mappings" { diff --git a/terraform/google.tf b/terraform/google.tf index 1207ebe2b..f4012d915 100644 --- a/terraform/google.tf +++ b/terraform/google.tf @@ -12,32 +12,3 @@ resource "google_project" "main" { project_id = "yinfeng-terraform" name = "terraform" } - -# ------------- -# ntfy project -resource "google_project" "ntfy" { - project_id = "yinfeng-ntfy" - name = "ntfy" -} - -resource "google_firebase_project" "ntfy" { - provider = google-beta - project = google_project.ntfy.project_id -} - -resource "google_apikeys_key" "ntfy_android" { - project = google_firebase_project.ntfy.id - name = "ntfy-android" - display_name = "ntfy Android" -} - -# resource "google_firebase_android_app" "ntfy" { -# provider = google-beta -# project = google_firebase_project.ntfy.id -# display_name = "ntfy" -# package_name = "com.li7g.ntfy" -# api_key_id = google_apikeys_key.ntfy_android.uid -# } - -# TODO build customized ntfy apk -# TODO deliver customized apk diff --git a/terraform/passwords.tf b/terraform/passwords.tf index 48e580719..8fd1a9e17 100644 --- a/terraform/passwords.tf +++ b/terraform/passwords.tf @@ -313,28 +313,6 @@ output "atuin_password_yinfeng" { value = random_password.atuin_yinfeng.result sensitive = true } -resource "random_password" "typhon" { - length = 32 - special = false -} -resource "random_password" "typhon_salt" { - length = 16 - special = false -} -module "typhon_argon2" { - source = "./modules/argon2" - password = random_password.typhon.result - salt = random_password.typhon_salt.result -} -output "typhon_password" { - value = random_password.typhon.result - sensitive = true -} -output "typhon_hashed_password" { - value = module.typhon_argon2.hashed_password - sensitive = true -} - resource "random_password" "gnome_remote_desktop" { length = 16 special = false