From b5329ad61f18ec9fd04ef85f018171fe9bceaf76 Mon Sep 17 00:00:00 2001 From: goeranh Date: Sun, 3 May 2026 13:50:47 +0200 Subject: [PATCH] run gradient server and worker all in one --- flake.lock | 29 +++++++++++++++++++++++------ flake.nix | 8 +++++--- hosts/gradient/default.nix | 12 ++++++++++-- 3 files changed, 38 insertions(+), 11 deletions(-) diff --git a/flake.lock b/flake.lock index c764d39..0a573e0 100644 --- a/flake.lock +++ b/flake.lock @@ -258,11 +258,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1777458607, - "narHash": "sha256-KcPvJ3+MFyDBf8GyE4zThu3u/LnXYXTB8X3V9s6R9/0=", + "lastModified": 1777807825, + "narHash": "sha256-LIHC5ayGLbEXY7wBrd71EE12xZDBltYqeE4qdEvWbC0=", "owner": "wavelens", "repo": "gradient", - "rev": "62f3132a90d9bd4fadb4688d20a684a464d6e8dc", + "rev": "0f5779845044d2a39e5f599f781d6cfb9248a219", "type": "github" }, "original": { @@ -323,11 +323,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1775423009, - "narHash": "sha256-vPKLpjhIVWdDrfiUM8atW6YkIggCEKdSAlJPzzhkQlw=", + "lastModified": 1777268161, + "narHash": "sha256-bxrdOn8SCOv8tN4JbTF/TXq7kjo9ag4M+C8yzzIRYbE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "68d8aa3d661f0e6bd5862291b5bb263b2a6595c9", + "rev": "1c3fe55ad329cbcb28471bb30f05c9827f724c76", "type": "github" }, "original": { @@ -352,6 +352,22 @@ "type": "github" } }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1777268161, + "narHash": "sha256-bxrdOn8SCOv8tN4JbTF/TXq7kjo9ag4M+C8yzzIRYbE=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "1c3fe55ad329cbcb28471bb30f05c9827f724c76", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs_2": { "locked": { "lastModified": 1777077449, @@ -425,6 +441,7 @@ "gradient": "gradient", "mailserver": "mailserver", "nixpkgs": "nixpkgs_2", + "nixpkgs-unstable": "nixpkgs-unstable", "sops": "sops" } }, diff --git a/flake.nix b/flake.nix index 3f1e8af..dd25bed 100644 --- a/flake.nix +++ b/flake.nix @@ -4,6 +4,7 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11"; + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; authentik = { url = "github:nix-community/authentik-nix"; inputs.nixpkgs.follows = "nixpkgs"; @@ -29,12 +30,13 @@ { self, nixpkgs, + nixpkgs-unstable, authentik, mailserver, disko, sops, gradient - }: + }@inputs: let sshkeys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINABEf0jBjtDdezDDtvl1v27l0DbHP2XUgMARTZXC+MR goeranh@node5" @@ -181,7 +183,7 @@ result: input: result // { - "${input}" = nixpkgs.lib.nixosSystem { + "${input}" = nixpkgs-unstable.lib.nixosSystem { system = "x86_64-linux"; modules = let @@ -197,7 +199,7 @@ gradient.nixosModules.default sops.nixosModules.sops { - _module.args = { inherit self modulesPath; }; + _module.args = { inherit self inputs modulesPath; }; } ]; }; diff --git a/hosts/gradient/default.nix b/hosts/gradient/default.nix index 3701eba..09cadee 100644 --- a/hosts/gradient/default.nix +++ b/hosts/gradient/default.nix @@ -1,5 +1,6 @@ { config, + inputs, lib, pkgs, modulesPath, @@ -51,7 +52,7 @@ configurePostgres = true; configureNginx = true; # serveCache = true; - reportErrors = true; # optional: will send crash reports to us + reportErrors = true; worker = { enable = true; @@ -63,12 +64,19 @@ eval = true; build = true; }; + packages.nix = inputs.nixpkgs-unstable.legacyPackages.x86_64-linux.nix; settings = { - logLevel.default = "debug"; + logLevel = { + default = "debug"; + }; }; }; }; + nginx.commonHttpConfig = '' + real_ip_header proxy_protocol; + set_real_ip_from 141.56.51.1/32; + ''; nginx.virtualHosts."${config.networking.fqdn}".listen = [ { port = 80;