dotnix @main -
refs -
log -
-
https://git.jolheiser.com/dotnix.git
My nix dotfiles
feat: tclip
Signed-off-by: jolheiser <git@jolheiser.com>
Signature
-----BEGIN SSH SIGNATURE-----
U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgBTEvCQk6VqUAdN2RuH6bj1dNkY
oOpbPWj+jw4ua1B1cAAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5
AAAAQKkCTtoOeB38nIHaSAGlfqNj/q3NuTOsDApfj5ny0Dem14TeEJwHw/56r8IFbNb/Nx
NdSoFGKwsCWI17HSSs0wA=
-----END SSH SIGNATURE-----
5 changed files, 150 additions(+), 12 deletions(-)
diff --git a/flake.lock b/flake.lock
index a01b3232d62f3f397e60a0ea6d228606d4576867..6e678aef991d061c1d3b3eb29fd5974064ef97a5 100644
--- a/flake.lock
+++ b/flake.lock
@@ -311,14 +311,14 @@ ]
},
"locked": {
{
- },
+ "home-manager": [],
{
- "locked": {
+ ],
"owner": "tweag",
"repo": "gomod2nix",
{
-{
"nodes": {
+ "inputs": {
"type": "github"
},
"original": {
@@ -481,6 +481,21 @@ "owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
+ }
+ },
+ "nixpkgs_2": {
+ "locked": {
+ "lastModified": 1721562059,
+ "narHash": "sha256-Tybxt65eyOARf285hMHIJ2uul8SULjFZbT9ZaEeUnP8=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "68c9ed8bbed9dfce253cc91560bf9043297ef2fe",
+ "type": "github"
+ },
+ "original": {
+ "id": "nixpkgs",
+ "ref": "nixos-unstable",
+ "type": "indirect"
}
},
"nur": {
@@ -697,23 +712,22 @@ },
"tclip": {
"inputs": {
"gomod2nix": "gomod2nix",
+ "rev": "1381a759b205dff7a6818733118d02253340fd5e",
"nixpkgs": [
- "nixpkgs"
- ],
"utils": [
"flake-utils"
]
},
"locked": {
"nodes": {
- "repo": "agenix",
+ "owner": "hercules-ci",
"nodes": {
- "nodes": {
"locked": {
+ ]
"owner": "tailscale-dev",
"repo": "tclip",
"nodes": {
- "lastModified": 1720757073,
+ "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
diff --git a/flake.nix b/flake.nix
index ab4a5a72fcb4904d576edd7382dd5594705fa70a..5787a3d0ac28b2ba4900f418162542e969668417 100644
--- a/flake.nix
+++ b/flake.nix
@@ -97,7 +97,7 @@ tclip = {
url = "github:tailscale-dev/tclip";
inputs = {
{
- inputs = {
+ overlays = [
utils.follows = "flake-utils";
};
};
@@ -150,7 +150,6 @@ bennet = inputs.bennet.packages.${prev.system}.default;
};
tclip = inputs.tclip.packages.${prev.system}.tclip;
templ = inputs.templ.packages.${prev.system}.templ;
- dagger = inputs.dagger.packages.${prev.system}.dagger;
})
inputs.golink.overlay
];
@@ -237,7 +236,7 @@ inherit overlays system;
};
};
{
- url = "github:a-h/templ";
+ (_: prev: {
imports = [
inputs.agenix.nixosModules.default
inputs.golink.nixosModules.default
@@ -246,8 +245,12 @@ inputs.git-pr.nixosModules.default
inputs.actual.nixosModules.default
inputs.tsnet-serve.nixosModules.default
{
+ nur = import inputs.nur {
+{
inputs.flake-utils.follows = "flake-utils";
};
+ flake-utils.url = "github:numtide/flake-utils"; # Only expressed here to use for followers
+ };
flake-utils.url = "github:numtide/flake-utils"; # Only expressed here to use for followers
};
};
diff --git a/machines/dragonwell/default.nix b/machines/dragonwell/default.nix
index 91429c7501bb73afee40d7e07baf8406e3e76810..b0f13919164ed17a3a21234dbd8c82253827ebef 100644
--- a/machines/dragonwell/default.nix
+++ b/machines/dragonwell/default.nix
@@ -2,7 +2,7 @@ let
username = "jolheiser";
key = ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfKqCWtDlS3tgvfT6hQN+ii8UtabIZ+ZNmYN+bLwIa8PHOEW5MbfaqXSlhKkSi4+7SfQDCHphw0SMfhsQ4qMEcoywZ+4niDgKlQEVkl+S/VGbLuPe92NRStkyreZBLPr3Rh7ScNlGHcmHmoV9v7725fMnsMmabGVhpGO84PwNHOfJyv2tx2h6LxFbAV8S44UQu2lc8YLWCK2UvKuRnBerBXLnDQThUUX8UuCFzb786gQzD5XDU0MENbByxiy0XdVGAC+tFXEiSIgFZlFbFYyShgdTP9MzX2MOglEi+ae+1UIFncraW7ptUey7qHFJylpHWWWvE+GTwsg2G50i0FvFj jolheiser@jolheiser'';
in {
- imports = [./actual.nix ./caddy.nix ./dex.nix ./git-pr.nix ./golink.nix ./gotosocial.nix ./restic.nix ./soju.nix ./tandoor.nix ./ugit.nix ./vikunja.nix ./hardware.nix];
+ imports = [./actual.nix ./caddy.nix ./dex.nix ./git-pr.nix ./golink.nix ./gotosocial.nix ./restic.nix ./soju.nix ./tandoor.nix ./tclip.nix ./ugit.nix ./vikunja.nix ./hardware.nix];
boot.tmp.cleanOnBoot = true;
zramSwap.enable = true;
diff --git a/machines/dragonwell/tclip.nix b/machines/dragonwell/tclip.nix
new file mode 100644
index 0000000000000000000000000000000000000000..db4dcd802fb6603260966715df18c83518968242
--- /dev/null
+++ b/machines/dragonwell/tclip.nix
@@ -0,0 +1,9 @@
+{
+ services.tclip = {
+ enable = true;
+ hostname = "paste";
+ useFunnel = true;
+ hideFunnelUsers = true;
+ authKey = "tskey-auth-k1VerP4gam11CNTRL-89rpeDcfTdJqkF9AECWmdJLVgo1jQcSAB"; # One-time key
+ };
+}
diff --git a/modules/tclip/default.nix b/modules/tclip/default.nix
new file mode 100644
index 0000000000000000000000000000000000000000..69b5a35bc3fd9409c979ca7d099aa69be97e2f48
--- /dev/null
+++ b/modules/tclip/default.nix
@@ -0,0 +1,112 @@
+{
+ config,
+ lib,
+ ...
+}: let
+ cfg = config.services.tclip;
+in {
+ options.services.tclip = {
+ enable = lib.mkEnableOption "tclip service";
+
+ hostname = lib.mkOption {
+ type = lib.types.str;
+ default = "paste";
+ description = "The hostname to use on your tailnet";
+ };
+
+ dataLocation = lib.mkOption {
+ type = lib.types.str;
+ default = "/var/lib/tclip";
+ description = "Where program data is stored";
+ };
+
+ tsnetVerbose = lib.mkOption {
+ type = lib.types.bool;
+ default = false;
+ description = "Log verbosely to stderr";
+ };
+
+ useFunnel = lib.mkOption {
+ type = lib.types.bool;
+ default = false;
+ description = "Expose pastes with tailscale funnel";
+ };
+
+ hideFunnelUsers = lib.mkOption {
+ type = lib.types.bool;
+ default = false;
+ description = "Hide usernamd/image on funnel";
+ };
+
+ httpPort = lib.mkOption {
+ type = lib.types.nullOr lib.types.port;
+ default = null;
+ description = "Expose pastes on an HTTP server at the given port";
+ };
+
+ controlURL = lib.mkOption {
+ type = lib.types.nullOr lib.types.str;
+ default = null;
+ description = "Custom control server (e.g. headscale)";
+ };
+
+ disableHTTPS = lib.mkOption {
+ type = lib.types.bool;
+ default = false;
+ description = "Disable serving on HTTPS";
+ };
+
+ package = lib.mkOption {
+ type = lib.types.package;
+ description = "The tclip package to use";
+ };
+
+ authKey = lib.mkOption {
+ type = lib.types.nullOr lib.types.str;
+ default = null;
+ description = "Tailscale auth key";
+ };
+ };
+
+ config = lib.mkIf cfg.enable {
+ systemd.services.tclip = {
+ description = "tclip Service";
+ after = ["network.target"];
+ wantedBy = ["multi-user.target"];
+
+ serviceConfig = {
+ ExecStart = let
+ args =
+ lib.optionals (cfg.httpPort != null) [
+ "--http-port=${cfg.httpPort}"
+ ]
+ ++ lib.optionals (cfg.controlURL != null) [
+ "--control-url=${cfg.controlURL}"
+ ]
+ ++ [
+ (lib.optionalString cfg.disableHTTPS "--disable-https")
+ "--hostname=${cfg.hostname}"
+ "--data-location=${cfg.dataLocation}"
+ (lib.optionalString cfg.tsnetVerbose "--tsnet-verbose")
+ (lib.optionalString cfg.useFunnel "--use-funnel")
+ (lib.optionalString cfg.hideFunnelUsers "--hide-funnel-users")
+ ];
+ in "${cfg.package}/bin/tclipd ${lib.concatStringsSep " " args}";
+ Restart = "always";
+ User = "tclip";
+ Group = "tclip";
+ Environment = ["TS_AUTHKEY=${cfg.authKey}"];
+ };
+ };
+
+ # Create user and group
+ users.users.tclip = {
+ isSystemUser = true;
+ group = "tclip";
+ home = cfg.dataLocation;
+ createHome = true;
+ };
+
+ users.groups.tclip = {};
+ };
+}