diff --git a/flake.lock b/flake.lock index 2011164..e504647 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,34 @@ { "nodes": { + "container-flake": { + "inputs": { + "nixpkgs": "nixpkgs", + "o4dev-admin": "o4dev-admin", + "o4dev-backend": "o4dev-backend", + "o4dev-workflows": "o4dev-workflows", + "production-admin": "production-admin", + "production-backend": "production-backend", + "production-workflows": "production-workflows", + "sops-nix": "sops-nix", + "staging-admin": "staging-admin", + "staging-backend": "staging-backend", + "staging-workflows": "staging-workflows" + }, + "locked": { + "lastModified": 1779000055, + "narHash": "sha256-PT18IzD28QzoE47wWikwHQu1G50PPRmOWeztY60t7zA=", + "ref": "refs/heads/feat/o4dev", + "rev": "29a82980be268ee9815acafdce32f908c8be701e", + "revCount": 15, + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/container-flake" + }, + "original": { + "ref": "refs/heads/feat/o4dev", + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/container-flake" + } + }, "darwin": { "inputs": { "nixpkgs": [ @@ -21,6 +50,168 @@ "type": "github" } }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { + "inputs": { + "systems": "systems_3" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { + "inputs": { + "systems": "systems_4" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_5": { + "inputs": { + "systems": "systems_5" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_6": { + "inputs": { + "systems": "systems_6" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_7": { + "inputs": { + "systems": "systems_7" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_8": { + "inputs": { + "systems": "systems_8" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_9": { + "inputs": { + "systems": "systems_9" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -65,16 +256,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1775888245, - "narHash": "sha256-nwASzrRDD1JBEu/o8ekKYEXm/oJW6EMCzCRdrwcLe90=", + "lastModified": 1778443072, + "narHash": "sha256-zi7/fsqM/kFdNuED//4WOCUtezGtKKqRNORjMvfwjnA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "13043924aaa7375ce482ebe2494338e058282925", + "rev": "da5ad661ba4e5ef59ba743f0d112cbc30e474f32", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixpkgs-unstable", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -111,19 +302,177 @@ "type": "github" } }, + "nixpkgs_2": { + "locked": { + "lastModified": 1775888245, + "narHash": "sha256-nwASzrRDD1JBEu/o8ekKYEXm/oJW6EMCzCRdrwcLe90=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "13043924aaa7375ce482ebe2494338e058282925", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "o4dev-admin": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": [ + "container-flake", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1778910752, + "narHash": "sha256-iLQ9YKLWviHhZvGf/qCATaPyB+9vjGoZvS66l87F/TU=", + "ref": "refs/heads/main", + "rev": "6d7de8f9e93470c8b5dd5918b651c9d24bfacd16", + "revCount": 8, + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/admin" + }, + "original": { + "ref": "refs/heads/main", + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/admin" + } + }, + "o4dev-backend": { + "inputs": { + "flake-utils": "flake-utils_2", + "nixpkgs": [ + "container-flake", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1778914345, + "narHash": "sha256-o8rpo3AOn+Fuepq6I64Oj0JjKs0CwCElxuoyzqj/Fw0=", + "ref": "refs/heads/main", + "rev": "3230d8f34cffb91bef3f8a3d4cb4170de23dd0f6", + "revCount": 217, + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/backend" + }, + "original": { + "ref": "refs/heads/main", + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/backend" + } + }, + "o4dev-workflows": { + "inputs": { + "flake-utils": "flake-utils_3", + "nixpkgs": [ + "container-flake", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1778945408, + "narHash": "sha256-9yx4Ya7X/MOeHSIeUKHe1p08RmGuekHN/m9SQIjHS8c=", + "ref": "refs/heads/main", + "rev": "7458a1db6621fe4cc1df57e8841975dff2aad866", + "revCount": 114, + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/workflows" + }, + "original": { + "ref": "refs/heads/main", + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/workflows" + } + }, + "production-admin": { + "inputs": { + "flake-utils": "flake-utils_4", + "nixpkgs": [ + "container-flake", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1778910752, + "narHash": "sha256-iLQ9YKLWviHhZvGf/qCATaPyB+9vjGoZvS66l87F/TU=", + "ref": "refs/heads/main", + "rev": "6d7de8f9e93470c8b5dd5918b651c9d24bfacd16", + "revCount": 8, + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/admin" + }, + "original": { + "ref": "refs/heads/main", + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/admin" + } + }, + "production-backend": { + "inputs": { + "flake-utils": "flake-utils_5", + "nixpkgs": [ + "container-flake", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1778909471, + "narHash": "sha256-9gf42HL8gdecNC7D1JYVXUjtpB3DLz1FPuhMoQBju8U=", + "ref": "refs/heads/main", + "rev": "d674ffd55fa103b5aed8ba4108b4fe46ead770c4", + "revCount": 204, + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/backend" + }, + "original": { + "ref": "refs/heads/main", + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/backend" + } + }, + "production-workflows": { + "inputs": { + "flake-utils": "flake-utils_6", + "nixpkgs": [ + "container-flake", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1778910586, + "narHash": "sha256-cDDiwSOqRsiQsjez6q3cOEOU3MDrqncruMQNY+yIr6E=", + "ref": "refs/heads/main", + "rev": "98c42d0d5fc1f171fcc29eedbb1615c858141f8b", + "revCount": 113, + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/workflows" + }, + "original": { + "ref": "refs/heads/main", + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/workflows" + } + }, "root": { "inputs": { + "container-flake": "container-flake", "darwin": "darwin", "home-manager": "home-manager", "home-manager-darwin": "home-manager-darwin", "nixpkgs-darwin": "nixpkgs-darwin", "nixpkgs-linux": "nixpkgs-linux", - "sops-nix": "sops-nix" + "sops-nix": "sops-nix_2" } }, "sops-nix": { "inputs": { - "nixpkgs": "nixpkgs" + "nixpkgs": [ + "container-flake", + "nixpkgs" + ] }, "locked": { "lastModified": 1777944972, @@ -138,6 +487,228 @@ "repo": "sops-nix", "type": "github" } + }, + "sops-nix_2": { + "inputs": { + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1777944972, + "narHash": "sha256-VfGRo1qTBKOe3s2gOv8LSoA6Fk19PvBlwQ1ECN0Evn8=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "c591bf665727040c6cc5cb409079acb22dcce33c", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, + "staging-admin": { + "inputs": { + "flake-utils": "flake-utils_7", + "nixpkgs": [ + "container-flake", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1778910752, + "narHash": "sha256-iLQ9YKLWviHhZvGf/qCATaPyB+9vjGoZvS66l87F/TU=", + "ref": "refs/heads/main", + "rev": "6d7de8f9e93470c8b5dd5918b651c9d24bfacd16", + "revCount": 8, + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/admin" + }, + "original": { + "ref": "refs/heads/main", + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/admin" + } + }, + "staging-backend": { + "inputs": { + "flake-utils": "flake-utils_8", + "nixpkgs": [ + "container-flake", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1778909471, + "narHash": "sha256-9gf42HL8gdecNC7D1JYVXUjtpB3DLz1FPuhMoQBju8U=", + "ref": "refs/heads/main", + "rev": "d674ffd55fa103b5aed8ba4108b4fe46ead770c4", + "revCount": 204, + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/backend" + }, + "original": { + "ref": "refs/heads/main", + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/backend" + } + }, + "staging-workflows": { + "inputs": { + "flake-utils": "flake-utils_9", + "nixpkgs": [ + "container-flake", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1778910586, + "narHash": "sha256-cDDiwSOqRsiQsjez6q3cOEOU3MDrqncruMQNY+yIr6E=", + "ref": "refs/heads/main", + "rev": "98c42d0d5fc1f171fcc29eedbb1615c858141f8b", + "revCount": 113, + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/workflows" + }, + "original": { + "ref": "refs/heads/main", + "type": "git", + "url": "ssh://gitea@git.inclyc.cn:20122/oparic/workflows" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_5": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_6": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_7": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_8": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_9": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 926fec0..2674a0f 100644 --- a/flake.nix +++ b/flake.nix @@ -17,6 +17,9 @@ inputs.nixpkgs.follows = "nixpkgs-darwin"; }; sops-nix.url = "github:Mic92/sops-nix"; + container-flake = { + url = "git+ssh://gitea@git.inclyc.cn:20122/oparic/container-flake?ref=refs/heads/feat/o4dev"; + }; }; outputs = { nixpkgs-linux, nixpkgs-darwin, home-manager, home-manager-darwin, ... }@inputs: { diff --git a/hosts/oparic-local-dev/configuration.nix b/hosts/oparic-local-dev/configuration.nix index 495b53b..2b959ea 100644 --- a/hosts/oparic-local-dev/configuration.nix +++ b/hosts/oparic-local-dev/configuration.nix @@ -119,5 +119,23 @@ }; networking.firewall.allowedTCPPorts = [ 80 443 ]; + # NixOS container: o4dev + containers.o4dev = { + autoStart = true; + privateNetwork = true; + hostAddress = "10.233.1.1"; + localAddress = "10.233.1.2"; + bindMounts."/data" = { + hostPath = "/home/origami/data"; + isReadOnly = false; + }; + forwardPorts = [{ + containerPort = 80; + hostPort = 40000; + protocol = "tcp"; + }]; + path = inputs.container-flake.nixosConfigurations.o4dev.config.system.build.toplevel; + }; + system.stateVersion = "23.11"; }