mirror of
https://github.com/gensokyo-zone/infrastructure.git
synced 2026-02-09 04:19:19 -08:00
chore: nf-fmt-nix
This commit is contained in:
arcnmx
parent
0947ca0532
commit
fef4f25ca4
8 changed files with 123 additions and 104 deletions
|
|
@ -278,7 +278,7 @@ in {
|
|||
androidtvremote2
|
||||
])
|
||||
(mkIf cfg.grocy.enable [
|
||||
(python3Packages.callPackage ../../packages/grocy/pygrocy.nix { })
|
||||
(python3Packages.callPackage ../../packages/grocy/pygrocy.nix {})
|
||||
])
|
||||
];
|
||||
extraComponents = mkMerge [
|
||||
|
|
@ -306,7 +306,8 @@ in {
|
|||
(map ({platform, ...}: platform) cfg.config.tts or [])
|
||||
];
|
||||
customComponents = [
|
||||
(mkIf (cfg.reverseProxy.enable && cfg.reverseProxy.auth.enable)
|
||||
(
|
||||
mkIf (cfg.reverseProxy.enable && cfg.reverseProxy.auth.enable)
|
||||
pkgs.home-assistant-custom-components.auth-header
|
||||
)
|
||||
];
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@
|
|||
in {
|
||||
options.services.vouch-proxy = with types; {
|
||||
enable = mkEnableOption "vouch";
|
||||
package = mkPackageOption pkgs "vouch-proxy" { };
|
||||
package = mkPackageOption pkgs "vouch-proxy" {};
|
||||
user = mkOption {
|
||||
type = str;
|
||||
default = "vouch-proxy";
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ in {
|
|||
};
|
||||
};
|
||||
virtualHosts = let
|
||||
vouchHost = { config, ... }: {
|
||||
vouchHost = {config, ...}: {
|
||||
vouch = {
|
||||
requireAuth = mkDefault false;
|
||||
auth.lua = {
|
||||
|
|
@ -60,7 +60,11 @@ in {
|
|||
};
|
||||
};
|
||||
# TODO: restrict to "/auth/authorize" and "/auth/login_flow" only..?
|
||||
"/auth/" = { virtualHost, config, ... }: {
|
||||
"/auth/" = {
|
||||
virtualHost,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
proxy = {
|
||||
inherit headers;
|
||||
enable = true;
|
||||
|
|
@ -78,13 +82,13 @@ in {
|
|||
};
|
||||
};
|
||||
in {
|
||||
home-assistant = { ... }: {
|
||||
imports = [ vouchHost ];
|
||||
home-assistant = {...}: {
|
||||
imports = [vouchHost];
|
||||
inherit name locations;
|
||||
proxy.upstream = mkDefault upstreamName;
|
||||
};
|
||||
home-assistant'local = { ... }: {
|
||||
imports = [ vouchHost ];
|
||||
home-assistant'local = {...}: {
|
||||
imports = [vouchHost];
|
||||
vouch.enable = mkDefault nginx.virtualHosts.home-assistant.vouch.enable;
|
||||
inherit name listen' locations;
|
||||
ssl.cert = {
|
||||
|
|
|
|||
|
|
@ -65,28 +65,31 @@ in {
|
|||
address4
|
||||
#address6
|
||||
];
|
||||
guest = logistics ++ [
|
||||
# bedroom tv
|
||||
"10.1.1.67"
|
||||
];
|
||||
guest =
|
||||
logistics
|
||||
++ [
|
||||
# bedroom tv
|
||||
"10.1.1.67"
|
||||
];
|
||||
kat = koishi;
|
||||
arc = shanghai ++ nue;
|
||||
enableTrustedAuth = false;
|
||||
in mkIf enableTrustedAuth [
|
||||
{
|
||||
type = "trusted_networks";
|
||||
#allow_bypass_login = true;
|
||||
trusted_networks = guest;
|
||||
trusted_users =
|
||||
genAttrs guest (_: "4051fcce77564010a836fd6b108bbb4b")
|
||||
#genAttrs arc (_: "0c9c9382890746c2b246b76557f22953")
|
||||
#genAttrs kat (_: "a6e96c523d334aabaea71743839ef584")
|
||||
;
|
||||
}
|
||||
{
|
||||
type = "homeassistant";
|
||||
}
|
||||
];
|
||||
in
|
||||
mkIf enableTrustedAuth [
|
||||
{
|
||||
type = "trusted_networks";
|
||||
#allow_bypass_login = true;
|
||||
trusted_networks = guest;
|
||||
trusted_users =
|
||||
genAttrs guest (_: "4051fcce77564010a836fd6b108bbb4b")
|
||||
#genAttrs arc (_: "0c9c9382890746c2b246b76557f22953")
|
||||
#genAttrs kat (_: "a6e96c523d334aabaea71743839ef584")
|
||||
;
|
||||
}
|
||||
{
|
||||
type = "homeassistant";
|
||||
}
|
||||
];
|
||||
};
|
||||
frontend = {
|
||||
themes = "!include_dir_merge_named themes";
|
||||
|
|
|
|||
|
|
@ -13,10 +13,12 @@ in {
|
|||
services.vouch-proxy = {
|
||||
enable = mkDefault true;
|
||||
package = mkIf hassVouch (pkgs.vouch-proxy.overrideAttrs (old: {
|
||||
postPatch = ''
|
||||
sed -i handlers/login.go \
|
||||
-e 's/badStrings *=.*$/badStrings = []string{}/'
|
||||
'' + old.postPatch or "";
|
||||
postPatch =
|
||||
''
|
||||
sed -i handlers/login.go \
|
||||
-e 's/badStrings *=.*$/badStrings = []string{}/'
|
||||
''
|
||||
+ old.postPatch or "";
|
||||
doCheck = false;
|
||||
}));
|
||||
domain = mkDefault "login.${config.networking.domain}";
|
||||
|
|
|
|||
|
|
@ -1,63 +1,69 @@
|
|||
{ lib
|
||||
, buildPythonPackage
|
||||
, fetchFromGitHub
|
||||
, backports-zoneinfo
|
||||
, deprecation
|
||||
, pydantic
|
||||
, requests
|
||||
, responses
|
||||
, pre-commit
|
||||
, isort
|
||||
, vcrpy
|
||||
, pytest
|
||||
, pytest-recording
|
||||
, pytest-mock
|
||||
, pythonOlder
|
||||
# requires an instance of grocy api running...
|
||||
, doCheckGrocy ? false
|
||||
{
|
||||
lib,
|
||||
buildPythonPackage,
|
||||
fetchFromGitHub,
|
||||
backports-zoneinfo,
|
||||
deprecation,
|
||||
pydantic,
|
||||
requests,
|
||||
responses,
|
||||
pre-commit,
|
||||
isort,
|
||||
vcrpy,
|
||||
pytest,
|
||||
pytest-recording,
|
||||
pytest-mock,
|
||||
pythonOlder,
|
||||
# requires an instance of grocy api running...
|
||||
doCheckGrocy ? false,
|
||||
}: let
|
||||
inherit (lib.lists) optional optionals;
|
||||
inherit (lib.strings) optionalString;
|
||||
in buildPythonPackage rec {
|
||||
pname = "pygrocy";
|
||||
version = "2.1.0";
|
||||
format = "setuptools";
|
||||
in
|
||||
buildPythonPackage rec {
|
||||
pname = "pygrocy";
|
||||
version = "2.1.0";
|
||||
format = "setuptools";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "SebRut";
|
||||
repo = "pygrocy";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-ijwcdWMeBnYPhrNYt/IxucPvzc+0InudLxJSMVwulNw=";
|
||||
};
|
||||
src = fetchFromGitHub {
|
||||
owner = "SebRut";
|
||||
repo = "pygrocy";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-ijwcdWMeBnYPhrNYt/IxucPvzc+0InudLxJSMVwulNw=";
|
||||
};
|
||||
|
||||
postPatch = optionalString (!doCheckGrocy) ''
|
||||
rm test/test_grocy.py
|
||||
'';
|
||||
postPatch = optionalString (!doCheckGrocy) ''
|
||||
rm test/test_grocy.py
|
||||
'';
|
||||
|
||||
propagatedBuildInputs = [
|
||||
requests
|
||||
deprecation
|
||||
pydantic
|
||||
] ++ optional (pythonOlder "3.9") backports-zoneinfo;
|
||||
propagatedBuildInputs =
|
||||
[
|
||||
requests
|
||||
deprecation
|
||||
pydantic
|
||||
]
|
||||
++ optional (pythonOlder "3.9") backports-zoneinfo;
|
||||
|
||||
pythonImportsCheck = [
|
||||
"pygrocy"
|
||||
];
|
||||
pythonImportsCheck = [
|
||||
"pygrocy"
|
||||
];
|
||||
|
||||
checkInputs = [
|
||||
pytest
|
||||
pytest-recording
|
||||
pytest-mock
|
||||
] ++ optionals doCheckGrocy [
|
||||
responses
|
||||
pre-commit
|
||||
isort
|
||||
vcrpy
|
||||
];
|
||||
checkInputs =
|
||||
[
|
||||
pytest
|
||||
pytest-recording
|
||||
pytest-mock
|
||||
]
|
||||
++ optionals doCheckGrocy [
|
||||
responses
|
||||
pre-commit
|
||||
isort
|
||||
vcrpy
|
||||
];
|
||||
|
||||
meta = {
|
||||
homepage = "https://github.com/SebRut/pygrocy";
|
||||
license = lib.licenses.mit;
|
||||
broken = pythonOlder "3.8";
|
||||
};
|
||||
}
|
||||
meta = {
|
||||
homepage = "https://github.com/SebRut/pygrocy";
|
||||
license = lib.licenses.mit;
|
||||
broken = pythonOlder "3.8";
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -19,7 +19,8 @@ in {
|
|||
(nginx.virtualHosts.zigbee2mqtt.proxied.cloudflared.getIngress {})
|
||||
(nginx.virtualHosts.grocy.proxied.cloudflared.getIngress {})
|
||||
(nginx.virtualHosts.barcodebuddy.proxied.cloudflared.getIngress {})
|
||||
(if home-assistant.reverseProxy.auth.enable
|
||||
(
|
||||
if home-assistant.reverseProxy.auth.enable
|
||||
then (nginx.virtualHosts.home-assistant.proxied.cloudflared.getIngress {})
|
||||
else {
|
||||
${home-assistant.domain} = assert home-assistant.enable && home-assistant.reverseProxy.enable; {
|
||||
|
|
|
|||
|
|
@ -11,23 +11,25 @@
|
|||
in {
|
||||
imports = let
|
||||
inherit (meta) nixos;
|
||||
in [
|
||||
nixos.reisen-ct
|
||||
nixos.sops
|
||||
nixos.tailscale
|
||||
nixos.cloudflared
|
||||
nixos.postgres
|
||||
nixos.nginx
|
||||
nixos.access.zigbee2mqtt
|
||||
nixos.access.grocy
|
||||
nixos.access.barcodebuddy
|
||||
nixos.home-assistant
|
||||
nixos.zigbee2mqtt
|
||||
nixos.syncplay
|
||||
nixos.grocy
|
||||
nixos.barcodebuddy
|
||||
./cloudflared.nix
|
||||
] ++ optional hassVouchAuth nixos.access.home-assistant;
|
||||
in
|
||||
[
|
||||
nixos.reisen-ct
|
||||
nixos.sops
|
||||
nixos.tailscale
|
||||
nixos.cloudflared
|
||||
nixos.postgres
|
||||
nixos.nginx
|
||||
nixos.access.zigbee2mqtt
|
||||
nixos.access.grocy
|
||||
nixos.access.barcodebuddy
|
||||
nixos.home-assistant
|
||||
nixos.zigbee2mqtt
|
||||
nixos.syncplay
|
||||
nixos.grocy
|
||||
nixos.barcodebuddy
|
||||
./cloudflared.nix
|
||||
]
|
||||
++ optional hassVouchAuth nixos.access.home-assistant;
|
||||
|
||||
services.nginx = {
|
||||
proxied.enable = true;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue