Compare commits

..

No commits in common. "dadc9845b0a3c4a76384f72685ee7d46c24e1dfc" and "c114f31d2e0bb978ffb3237b2a685b4702272b0e" have entirely different histories.

6 changed files with 615 additions and 157 deletions

View file

@ -0,0 +1,324 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.services.bitwarden-directory-connector-cli;
in {
disabledModules = ["services/security/bitwarden-directory-connector-cli.nix"];
options.services.bitwarden-directory-connector-cli = {
enable = mkEnableOption "Bitwarden Directory Connector";
package = mkPackageOption pkgs "bitwarden-directory-connector-cli" {};
domain = mkOption {
type = types.str;
description = lib.mdDoc "The domain the Bitwarden/Vaultwarden is accessible on.";
example = "https://vaultwarden.example.com";
};
user = mkOption {
type = types.str;
description = lib.mdDoc "User to run the program.";
default = "bwdc";
};
interval = mkOption {
type = types.str;
default = "*:0,15,30,45";
description = lib.mdDoc "The interval when to run the connector. This uses systemd's OnCalendar syntax.";
};
ldap = mkOption {
description = lib.mdDoc ''
Options to configure the LDAP connection.
If you used the desktop application to test the configuration you can find the settings by searching for `ldap` in `~/.config/Bitwarden\ Directory\ Connector/data.json`.
'';
default = {};
type = types.submodule ({
config,
options,
...
}: {
freeformType = types.attrsOf (pkgs.formats.json {}).type;
config.finalJSON = builtins.toJSON (removeAttrs config (filter (x: x == "finalJSON" || ! options.${x}.isDefined or false) (attrNames options)));
options = {
finalJSON = mkOption {
type = (pkgs.formats.json {}).type;
internal = true;
readOnly = true;
visible = false;
};
ssl = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc "Whether to use TLS.";
};
startTls = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc "Whether to use STARTTLS.";
};
hostname = mkOption {
type = types.str;
description = lib.mdDoc "The host the LDAP is accessible on.";
example = "ldap.example.com";
};
port = mkOption {
type = types.port;
default = 389;
description = lib.mdDoc "Port LDAP is accessible on.";
};
ad = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc "Whether the LDAP Server is an Active Directory.";
};
pagedSearch = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc "Whether the LDAP server paginates search results.";
};
rootPath = mkOption {
type = types.str;
description = lib.mdDoc "Root path for LDAP.";
example = "dc=example,dc=com";
};
username = mkOption {
type = types.str;
description = lib.mdDoc "The user to authenticate as.";
example = "cn=admin,dc=example,dc=com";
};
};
});
};
sync = mkOption {
description = lib.mdDoc ''
Options to configure what gets synced.
If you used the desktop application to test the configuration you can find the settings by searching for `sync` in `~/.config/Bitwarden\ Directory\ Connector/data.json`.
'';
default = {};
type = types.submodule ({
config,
options,
...
}: {
freeformType = types.attrsOf (pkgs.formats.json {}).type;
config.finalJSON = builtins.toJSON (removeAttrs config (filter (x: x == "finalJSON" || ! options.${x}.isDefined or false) (attrNames options)));
options = {
finalJSON = mkOption {
type = (pkgs.formats.json {}).type;
internal = true;
readOnly = true;
visible = false;
};
removeDisabled = mkOption {
type = types.bool;
default = true;
description = lib.mdDoc "Remove users from bitwarden groups if no longer in the ldap group.";
};
overwriteExisting = mkOption {
type = types.bool;
default = false;
description =
lib.mdDoc "Remove and re-add users/groups, See https://bitwarden.com/help/user-group-filters/#overwriting-syncs for more details.";
};
largeImport = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc "Enable if you are syncing more than 2000 users/groups.";
};
memberAttribute = mkOption {
type = types.str;
description = lib.mdDoc "Attribute that lists members in a LDAP group.";
example = "uniqueMember";
};
creationDateAttribute = mkOption {
type = types.str;
description = lib.mdDoc "Attribute that lists a user's creation date.";
example = "whenCreated";
};
useEmailPrefixSuffix = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc "If a user has no email address, combine a username prefix with a suffix value to form an email.";
};
emailPrefixAttribute = mkOption {
type = types.str;
description = lib.mdDoc "The attribute that contains the users username.";
example = "accountName";
};
emailSuffix = mkOption {
type = types.str;
description = lib.mdDoc "Suffix for the email, normally @example.com.";
example = "@example.com";
};
users = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc "Sync users.";
};
userPath = mkOption {
type = types.str;
description = lib.mdDoc "User directory, relative to root.";
default = "ou=users";
};
userObjectClass = mkOption {
type = types.str;
description = lib.mdDoc "Class that users must have.";
default = "inetOrgPerson";
};
userEmailAttribute = mkOption {
type = types.str;
description = lib.mdDoc "Attribute for a users email.";
default = "mail";
};
userFilter = mkOption {
type = types.str;
description = lib.mdDoc "LDAP filter for users.";
example = "(memberOf=cn=sales,ou=groups,dc=example,dc=com)";
default = "";
};
groups = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc "Whether to sync ldap groups into BitWarden.";
};
groupPath = mkOption {
type = types.str;
description = lib.mdDoc "Group directory, relative to root.";
default = "ou=groups";
};
groupObjectClass = mkOption {
type = types.str;
description = lib.mdDoc "A class that groups will have.";
default = "groupOfNames";
};
groupNameAttribute = mkOption {
type = types.str;
description = lib.mdDoc "Attribute for a name of group.";
default = "cn";
};
groupFilter = mkOption {
type = types.str;
description = lib.mdDoc "LDAP filter for groups.";
example = "(cn=sales)";
default = "";
};
};
});
};
secrets = {
ldap = mkOption {
type = types.str;
description = "Path to file that contains LDAP password for user in {option}`ldap.username";
};
bitwarden = {
client_path_id = mkOption {
type = types.str;
description = "Path to file that contains Client ID.";
};
client_path_secret = mkOption {
type = types.str;
description = "Path to file that contains Client Secret.";
};
};
};
};
config = mkIf cfg.enable {
users.groups."${cfg.user}" = {};
users.users."${cfg.user}" = {
isSystemUser = true;
group = cfg.user;
};
systemd = {
timers.bitwarden-directory-connector-cli = {
description = "Sync timer for Bitwarden Directory Connector";
wantedBy = ["timers.target"];
after = ["network-online.target"];
timerConfig = {
OnCalendar = cfg.interval;
Unit = "bitwarden-directory-connector-cli.service";
Persistent = true;
};
};
services.bitwarden-directory-connector-cli = {
description = "Main process for Bitwarden Directory Connector";
environment = {
BITWARDENCLI_CONNECTOR_APPDATA_DIR = "/tmp";
BITWARDENCLI_CONNECTOR_PLAINTEXT_SECRETS = "true";
};
serviceConfig = {
Type = "oneshot";
User = "${cfg.user}";
PrivateTmp = true;
ExecStartPre = pkgs.writeShellScript "bitwarden_directory_connector-config" ''
set -eo pipefail
# create the config file
${lib.getExe cfg.package} data-file
touch /tmp/data.json.tmp
chmod 600 /tmp/data.json{,.tmp}
${lib.getExe cfg.package} config server ${cfg.domain}
# now login to set credentials
export BW_CLIENTID="$(< ${escapeShellArg cfg.secrets.bitwarden.client_path_id})"
export BW_CLIENTSECRET="$(< ${escapeShellArg cfg.secrets.bitwarden.client_path_secret})"
${lib.getExe cfg.package} login
${lib.getExe pkgs.jq} '.authenticatedAccounts[0] as $account
| .[$account].directoryConfigurations.ldap |= $ldap_data
| .[$account].directorySettings.organizationId |= $orgID
| .[$account].directorySettings.sync |= $sync_data' \
--argjson ldap_data ${escapeShellArg cfg.ldap.finalJSON} \
--arg orgID "''${BW_CLIENTID//organization.}" \
--argjson sync_data ${escapeShellArg cfg.sync.finalJSON} \
/tmp/data.json \
> /tmp/data.json.tmp
mv -f /tmp/data.json.tmp /tmp/data.json
# final config
${lib.getExe cfg.package} config directory 0
${lib.getExe cfg.package} config ldap.password --secretfile ${cfg.secrets.ldap}
'';
ExecStart = "${lib.getExe cfg.package} sync";
};
};
};
};
meta.maintainers = with maintainers; [Silver-Golden];
}

View file

@ -6,7 +6,9 @@
}: let
user = "bwdc";
in {
imports = [];
imports = [
./bitwarden-directory-connector-cli.nix
];
options = {};

View file

@ -9,6 +9,8 @@
recommendedGzipSettings = true;
recommendedProxySettings = true;
statusPage = true;
# give Nginx access to our certs
group = "acme";
};

View file

@ -15,6 +15,7 @@ https://docs.attic.rs/introduction.html
lib,
config,
pkgs,
inputs,
...
}:
with lib; let
@ -22,6 +23,7 @@ with lib; let
cfg = config.services.skynet."${name}";
in {
imports = [
inputs.attic.nixosModules.atticd
];
options.services.skynet."${name}" = {
@ -51,7 +53,7 @@ in {
enable = true;
# Replace with absolute path to your credentials file
environmentFile = "/etc/atticd.env";
credentialsFile = "/etc/atticd.env";
settings = {
listen = "127.0.0.1:8080";

View file

@ -47,7 +47,7 @@
"inputs": {
"fenix": "fenix_2",
"flakeCompat": "flakeCompat_2",
"nixpkgs": "nixpkgs_18"
"nixpkgs": "nixpkgs_19"
},
"locked": {
"lastModified": 1719514321,
@ -71,11 +71,11 @@
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1729444465,
"narHash": "sha256-+lCi3cQlFNGAGKaVeUNhTeR40zvMy9JX4hp1JA0dLwE=",
"lastModified": 1722825873,
"narHash": "sha256-bFNXkD+s9NuidZePiJAjjFUnsMOwXb7hEZ4JEDdSALw=",
"owner": "hercules-ci",
"repo": "arion",
"rev": "94d092fffd5cfd4f09b8988aca1b857a9d37c4d6",
"rev": "90bc85532767c785245f5c1e29ebfecb941cf8c9",
"type": "github"
},
"original": {
@ -84,10 +84,32 @@
"type": "github"
}
},
"attic": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_3",
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1724086414,
"narHash": "sha256-jcY81r8PdMQ9dCGhT0YLZzxPj3kQJXyWCmvQLXbR1EI=",
"owner": "zhaofengli",
"repo": "attic",
"rev": "acf3c351f8de47c6857f31948ab253f9c7ce2a6f",
"type": "github"
},
"original": {
"owner": "zhaofengli",
"repo": "attic",
"type": "github"
}
},
"bfom": {
"inputs": {
"naersk": "naersk",
"nixpkgs": "nixpkgs_5",
"nixpkgs": "nixpkgs_6",
"utils": "utils"
},
"locked": {
@ -122,17 +144,17 @@
},
"colmena": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_3",
"flake-compat": "flake-compat_2",
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_4",
"stable": "stable"
},
"locked": {
"lastModified": 1728263678,
"narHash": "sha256-gyUVsPAWY9AgVKjrNPoowrIr5BvK4gI0UkDXvv8iSxA=",
"lastModified": 1711386353,
"narHash": "sha256-gWEpb8Hybnoqb4O4tmpohGZk6+aerAbJpywKcFIiMlg=",
"owner": "zhaofengli",
"repo": "colmena",
"rev": "b0a62f234fae02a006123e661ff70e62af16106b",
"rev": "cd65ef7a25cdc75052fbd04b120aeb066c3881db",
"type": "github"
},
"original": {
@ -144,7 +166,7 @@
"compsoc_public": {
"inputs": {
"bfom": "bfom",
"nixpkgs": "nixpkgs_6",
"nixpkgs": "nixpkgs_7",
"utils": "utils_2"
},
"locked": {
@ -161,6 +183,27 @@
"url": "https://forgejo.skynet.ie/Computer_Society/presentations_compsoc"
}
},
"crane": {
"inputs": {
"nixpkgs": [
"attic",
"nixpkgs"
]
},
"locked": {
"lastModified": 1722960479,
"narHash": "sha256-NhCkJJQhD5GUib8zN9JrmYGMwt4lCRp6ZVNzIiYCl0Y=",
"owner": "ipetkov",
"repo": "crane",
"rev": "4c6c77920b8d44cd6660c1621dea6b3fc4b4c4f4",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
@ -192,11 +235,11 @@
"rust-analyzer-src": "rust-analyzer-src"
},
"locked": {
"lastModified": 1668234453,
"narHash": "sha256-FmuZThToBvRsqCauYJ3l8HJoGLAY5cMULeYEKIaGrRw=",
"lastModified": 1657607339,
"narHash": "sha256-HaqoAwlbVVZH2n4P3jN2FFPMpVuhxDy1poNOR7kzODc=",
"owner": "nix-community",
"repo": "fenix",
"rev": "8f219f6b36e8d0d56afa7f67e6e3df63ef013cdb",
"rev": "b814c83d9e6aa5a28d0cf356ecfdafb2505ad37d",
"type": "github"
},
"original": {
@ -229,6 +272,22 @@
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1650374568,
@ -244,7 +303,7 @@
"type": "github"
}
},
"flake-compat_2": {
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1696426674,
@ -303,6 +362,24 @@
}
},
"flake-utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
@ -317,16 +394,16 @@
"type": "github"
}
},
"flake-utils_2": {
"flake-utils_3": {
"inputs": {
"systems": "systems_4"
"systems": "systems_5"
},
"locked": {
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github"
},
"original": {
@ -335,16 +412,16 @@
"type": "github"
}
},
"flake-utils_3": {
"flake-utils_4": {
"inputs": {
"systems": "systems_5"
"systems": "systems_6"
},
"locked": {
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github"
},
"original": {
@ -462,11 +539,11 @@
"lix": {
"flake": false,
"locked": {
"lastModified": 1730433081,
"narHash": "sha256-1oqkMcFQyAqCvqkjG9K3NaRLyB1qkXXiZoxe4rwM6ag=",
"rev": "834450e237b82230934b5d25ed212b5a55938cc5",
"lastModified": 1724624492,
"narHash": "sha256-J3COggDipocT+ozSxz96GuwSyMrT5+Xa2fGfxaIShqw=",
"rev": "b6884388a1281d70bb4e5bb12e1cadd34bb832f0",
"type": "tarball",
"url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/834450e237b82230934b5d25ed212b5a55938cc5.tar.gz?rev=834450e237b82230934b5d25ed212b5a55938cc5"
"url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/b6884388a1281d70bb4e5bb12e1cadd34bb832f0.tar.gz?rev=b6884388a1281d70bb4e5bb12e1cadd34bb832f0"
},
"original": {
"type": "tarball",
@ -475,7 +552,7 @@
},
"lix-module": {
"inputs": {
"flake-utils": "flake-utils_3",
"flake-utils": "flake-utils_4",
"flakey-profile": "flakey-profile",
"lix": [
"lix"
@ -485,11 +562,11 @@
]
},
"locked": {
"lastModified": 1727752861,
"narHash": "sha256-jowmo2aEzrEpPSM96IWtajuogdJm7DjAWxFTEb7Ct0s=",
"rev": "fd186f535a4ac7ae35d98c1dd5d79f0a81b7976d",
"lastModified": 1723511483,
"narHash": "sha256-rT/OkVXKkns2YvyF1nFvl+8Gc3sld1c1sXPtGkbqaDY=",
"rev": "cecf70b77539c1a593f60ec9d0305b5e537ab6a9",
"type": "tarball",
"url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/fd186f535a4ac7ae35d98c1dd5d79f0a81b7976d.tar.gz?rev=fd186f535a4ac7ae35d98c1dd5d79f0a81b7976d"
"url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/cecf70b77539c1a593f60ec9d0305b5e537ab6a9.tar.gz?rev=cecf70b77539c1a593f60ec9d0305b5e537ab6a9"
},
"original": {
"type": "tarball",
@ -498,7 +575,7 @@
},
"naersk": {
"inputs": {
"nixpkgs": "nixpkgs_4"
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1713520724,
@ -516,7 +593,7 @@
},
"naersk_2": {
"inputs": {
"nixpkgs": "nixpkgs_8"
"nixpkgs": "nixpkgs_9"
},
"locked": {
"lastModified": 1721727458,
@ -534,7 +611,7 @@
},
"naersk_3": {
"inputs": {
"nixpkgs": "nixpkgs_10"
"nixpkgs": "nixpkgs_11"
},
"locked": {
"lastModified": 1686572087,
@ -581,7 +658,38 @@
"type": "indirect"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1720535198,
"narHash": "sha256-zwVvxrdIzralnSbcpghA92tWu2DV2lwv89xZc8MTrbg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "205fd4226592cc83fd4c0885a3e4c9c400efabb5",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_10": {
"locked": {
"lastModified": 1722995383,
"narHash": "sha256-UzuXo7ZM8ZK0SkWFhHocKkLSGQPHS4JxaE1jvVR4fUo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "957d95fc8b9bf1eb60d43f8d2eba352b71bbf2be",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-unstable",
"type": "indirect"
}
},
"nixpkgs_11": {
"locked": {
"lastModified": 1687011986,
"narHash": "sha256-ZNSi/wBw12d7LO8YcZ4aehIlPp4lgSkKbrHaoF80IKI=",
@ -595,7 +703,7 @@
"type": "indirect"
}
},
"nixpkgs_11": {
"nixpkgs_12": {
"locked": {
"lastModified": 1686921029,
"narHash": "sha256-J1bX9plPCFhTSh6E3TWn9XSxggBh/zDD4xigyaIQBy8=",
@ -610,7 +718,7 @@
"type": "indirect"
}
},
"nixpkgs_12": {
"nixpkgs_13": {
"locked": {
"lastModified": 1687274257,
"narHash": "sha256-TutzPriQcZ8FghDhEolnHcYU2oHIG5XWF+/SUBNnAOE=",
@ -624,7 +732,7 @@
"type": "indirect"
}
},
"nixpkgs_13": {
"nixpkgs_14": {
"locked": {
"lastModified": 1724114134,
"narHash": "sha256-V/w5MIQy4jTG/L7/V/AL2BF5gSEWCfxHVDQdzLBCV18=",
@ -638,7 +746,7 @@
"type": "indirect"
}
},
"nixpkgs_14": {
"nixpkgs_15": {
"locked": {
"lastModified": 1690026219,
"narHash": "sha256-oOduRk/kzQxOBknZXTLSEYd7tk+GoKvr8wV6Ab+t4AU=",
@ -652,20 +760,6 @@
"type": "indirect"
}
},
"nixpkgs_15": {
"locked": {
"lastModified": 1689935543,
"narHash": "sha256-6GQ9ib4dA/r1leC5VUpsBo0BmDvNxLjKrX1iyL+h8mc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e43e2448161c0a2c4928abec4e16eae1516571bc",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"nixpkgs_16": {
"locked": {
"lastModified": 1689935543,
@ -681,6 +775,20 @@
}
},
"nixpkgs_17": {
"locked": {
"lastModified": 1689935543,
"narHash": "sha256-6GQ9ib4dA/r1leC5VUpsBo0BmDvNxLjKrX1iyL+h8mc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e43e2448161c0a2c4928abec4e16eae1516571bc",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"nixpkgs_18": {
"locked": {
"lastModified": 1695978539,
"narHash": "sha256-lta5HToBZMWZ2hl5CautNSUgIZViR41QxN7JKbMAjgQ=",
@ -694,7 +802,7 @@
"type": "indirect"
}
},
"nixpkgs_18": {
"nixpkgs_19": {
"locked": {
"lastModified": 1668226844,
"narHash": "sha256-G/S4FBWDAqHeBS/hfXwUCJbnaKnrQFoeeKwzvZEOgxM=",
@ -710,20 +818,6 @@
"type": "github"
}
},
"nixpkgs_19": {
"locked": {
"lastModified": 1724395761,
"narHash": "sha256-zRkDV/nbrnp3Y8oCADf5ETl1sDrdmAW6/bBVJ8EbIdQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ae815cee91b417be55d43781eb4b73ae1ecc396c",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1722630782,
@ -740,13 +834,43 @@
"type": "github"
}
},
"nixpkgs_3": {
"nixpkgs_20": {
"locked": {
"lastModified": 1725103162,
"narHash": "sha256-Ym04C5+qovuQDYL/rKWSR+WESseQBbNAe5DsXNx5trY=",
"lastModified": 1724395761,
"narHash": "sha256-zRkDV/nbrnp3Y8oCADf5ETl1sDrdmAW6/bBVJ8EbIdQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "12228ff1752d7b7624a54e9c1af4b222b3c1073b",
"rev": "ae815cee91b417be55d43781eb4b73ae1ecc396c",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1723827930,
"narHash": "sha256-EU+W5F6y2CVNxGrGIMpY7nSVYq72WRChYxF4zpjx0y4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d4a7a4d0e066278bfb0d77bd2a7adde1c0ec9e3d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1696019113,
"narHash": "sha256-X3+DKYWJm93DRSdC5M6K5hLqzSya9BjibtBsuARoPco=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f5892ddac112a1e9b3612c39af1b72987ee5783a",
"type": "github"
},
"original": {
@ -756,20 +880,6 @@
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1714091391,
"narHash": "sha256-68n3GBvlm1MIeJXadPzQ3v8Y9sIW3zmv8gI5w5sliC8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4c86138ce486d601d956a165e2f7a0fc029a03c1",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1714091391,
@ -785,6 +895,20 @@
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1714091391,
"narHash": "sha256-68n3GBvlm1MIeJXadPzQ3v8Y9sIW3zmv8gI5w5sliC8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4c86138ce486d601d956a165e2f7a0fc029a03c1",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"nixpkgs_7": {
"locked": {
"lastModified": 1715413075,
"narHash": "sha256-FCi3R1MeS5bVp0M0xTheveP6hhcCYfW/aghSTPebYL4=",
@ -798,13 +922,13 @@
"type": "indirect"
}
},
"nixpkgs_7": {
"nixpkgs_8": {
"locked": {
"lastModified": 1730200266,
"narHash": "sha256-l253w0XMT8nWHGXuXqyiIC/bMvh1VRszGXgdpQlfhvU=",
"lastModified": 1723991338,
"narHash": "sha256-Grh5PF0+gootJfOJFenTTxDTYPidA3V28dqJ/WV7iis=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "807e9154dcb16384b1b765ebe9cd2bba2ac287fd",
"rev": "8a3354191c0d7144db9756a74755672387b702ba",
"type": "github"
},
"original": {
@ -813,7 +937,7 @@
"type": "indirect"
}
},
"nixpkgs_8": {
"nixpkgs_9": {
"locked": {
"lastModified": 1723151389,
"narHash": "sha256-9AVY0ReCmSGXHrlx78+1RrqcDgVSRhHUKDVV1LLBy28=",
@ -827,32 +951,18 @@
"type": "indirect"
}
},
"nixpkgs_9": {
"locked": {
"lastModified": 1722995383,
"narHash": "sha256-UzuXo7ZM8ZK0SkWFhHocKkLSGQPHS4JxaE1jvVR4fUo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "957d95fc8b9bf1eb60d43f8d2eba352b71bbf2be",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-unstable",
"type": "indirect"
}
},
"root": {
"inputs": {
"agenix": "agenix",
"alejandra": "alejandra",
"arion": "arion",
"attic": "attic",
"colmena": "colmena",
"compsoc_public": "compsoc_public",
"flake-utils": "flake-utils_2",
"flake-utils": "flake-utils_3",
"lix": "lix",
"lix-module": "lix-module",
"nixpkgs": "nixpkgs_7",
"nixpkgs": "nixpkgs_8",
"simple-nixos-mailserver": "simple-nixos-mailserver",
"skynet_discord_bot": "skynet_discord_bot",
"skynet_ldap_backend": "skynet_ldap_backend",
@ -868,11 +978,11 @@
"rust-analyzer-src": {
"flake": false,
"locked": {
"lastModified": 1668182250,
"narHash": "sha256-PYGaOCiFvnJdVz+ZCaKF8geGdffXjJUNcMwaBHv0FT4=",
"lastModified": 1657557289,
"narHash": "sha256-PRW+nUwuqNTRAEa83SfX+7g+g8nQ+2MMbasQ9nt6+UM=",
"owner": "rust-lang",
"repo": "rust-analyzer",
"rev": "45ec315e01dc8dd1146dfeb65f0ef6e5c2efed78",
"rev": "caf23f29144b371035b864a1017dbc32573ad56d",
"type": "github"
},
"original": {
@ -902,7 +1012,7 @@
"simple-nixos-mailserver": {
"inputs": {
"blobs": "blobs",
"flake-compat": "flake-compat_2",
"flake-compat": "flake-compat_3",
"nixpkgs": [
"nixpkgs"
],
@ -925,7 +1035,7 @@
"skynet_discord_bot": {
"inputs": {
"naersk": "naersk_2",
"nixpkgs": "nixpkgs_9",
"nixpkgs": "nixpkgs_10",
"utils": "utils_3"
},
"locked": {
@ -945,15 +1055,15 @@
"skynet_ldap_backend": {
"inputs": {
"naersk": "naersk_3",
"nixpkgs": "nixpkgs_11",
"nixpkgs": "nixpkgs_12",
"utils": "utils_4"
},
"locked": {
"lastModified": 1727122069,
"narHash": "sha256-Dr8CxlBbw5vKL2sH0QiJPWIxKX7KFxg+pdPWSKqJ9FY=",
"lastModified": 1723234129,
"narHash": "sha256-tfsT9VYV3YgFRUKbjFyV4o1kVJHcUY87kh2vcu6jAkU=",
"ref": "refs/heads/main",
"rev": "aa0cfc017d3b70457c9fc34cbb296351aa5373f9",
"revCount": 233,
"rev": "5f6a086e808b811095e36875fb656864cf11c5f5",
"revCount": 232,
"type": "git",
"url": "https://forgejo.skynet.ie/Skynet/ldap_backend"
},
@ -964,15 +1074,15 @@
},
"skynet_ldap_frontend": {
"inputs": {
"nixpkgs": "nixpkgs_12",
"nixpkgs": "nixpkgs_13",
"utils": "utils_5"
},
"locked": {
"lastModified": 1727122070,
"narHash": "sha256-X6g3kBASjv8NZxea2cdkBQ9YAIZdPWdAButM+LjeYm0=",
"lastModified": 1723234619,
"narHash": "sha256-6a0sJkhabJOxCEdGz3moKeQjYfqV9Bqa8Q0byPipPQo=",
"ref": "refs/heads/main",
"rev": "e09818ca6b27bf98cf63c3427a7253309c39a816",
"revCount": 229,
"rev": "71f5928c66a43e788a9a00b90a1326c1bb82ffd2",
"revCount": 228,
"type": "git",
"url": "https://forgejo.skynet.ie/Skynet/ldap_frontend"
},
@ -983,15 +1093,15 @@
},
"skynet_website": {
"inputs": {
"nixpkgs": "nixpkgs_13",
"nixpkgs": "nixpkgs_14",
"utils": "utils_6"
},
"locked": {
"lastModified": 1727122068,
"narHash": "sha256-C+PD6NveB9tascXQ84rekqlDkSNwe1mFhzZXqVlNvuQ=",
"lastModified": 1724210543,
"narHash": "sha256-JLt77gajtOPwM20m86Kh2JkWuOq1+kmHr+98UMzbjAY=",
"ref": "refs/heads/main",
"rev": "d6b13f9c6e0a09346e0e210aa1733a7258e13763",
"revCount": 28,
"rev": "0af67c9ece40fb683238093d857d96aae2414522",
"revCount": 27,
"type": "git",
"url": "https://forgejo.skynet.ie/Skynet/website_2017"
},
@ -1002,15 +1112,15 @@
},
"skynet_website_2009": {
"inputs": {
"nixpkgs": "nixpkgs_14",
"nixpkgs": "nixpkgs_15",
"utils": "utils_7"
},
"locked": {
"lastModified": 1727122067,
"narHash": "sha256-AAj5tmfT8IuAvgcMjlIjf5CD1LNC/gDCvFRt1NAedPw=",
"lastModified": 1724198445,
"narHash": "sha256-7cN70t/qqmUsShNhIbOSSMToiCRGhEhwZayN2n93KrA=",
"ref": "refs/heads/main",
"rev": "a9f125fb750f33747d28271bef3b3425563096a0",
"revCount": 15,
"rev": "3aa4568ae82846a9d365fc464dfc523be07e7ac3",
"revCount": 14,
"type": "git",
"url": "https://forgejo.skynet.ie/Skynet/website_2009"
},
@ -1021,12 +1131,13 @@
},
"skynet_website_2017": {
"inputs": {
"nixpkgs": "nixpkgs_15",
"nixpkgs": "nixpkgs_16",
"utils": "utils_8"
},
"locked": {
"lastModified": 1689960297,
"narHash": "sha256-+43nNv4RSQMXMRGdN8xVKYs2B13w5FJtefuykYcpywM=",
"ref": "refs/heads/main",
"rev": "edd922c5b13fa1f520e8e265a3d6e4e189852b99",
"revCount": 6,
"type": "git",
@ -1040,12 +1151,13 @@
},
"skynet_website_2023": {
"inputs": {
"nixpkgs": "nixpkgs_16",
"nixpkgs": "nixpkgs_17",
"utils": "utils_9"
},
"locked": {
"lastModified": 1696876711,
"narHash": "sha256-WdZQBLTX6WK8iT7FwvD6sNEefGwtAWmzxZzCvvmDxGo=",
"ref": "refs/heads/main",
"rev": "c4d61c753292bf73ed41b47b1607cfc92a82a191",
"revCount": 12,
"type": "git",
@ -1059,7 +1171,7 @@
},
"skynet_website_games": {
"inputs": {
"nixpkgs": "nixpkgs_17",
"nixpkgs": "nixpkgs_18",
"utils": "utils_10"
},
"locked": {
@ -1079,7 +1191,7 @@
"skynet_website_wiki": {
"inputs": {
"alejandra": "alejandra_2",
"nixpkgs": "nixpkgs_19",
"nixpkgs": "nixpkgs_20",
"utils": "utils_11"
},
"locked": {
@ -1098,16 +1210,16 @@
},
"stable": {
"locked": {
"lastModified": 1724316499,
"narHash": "sha256-Qb9MhKBUTCfWg/wqqaxt89Xfi6qTD3XpTzQ9eXi3JmE=",
"lastModified": 1696039360,
"narHash": "sha256-g7nIUV4uq1TOVeVIDEZLb005suTWCUjSY0zYOlSBsyE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "797f7dc49e0bc7fab4b57c021cdf68f595e47841",
"rev": "32dcb45f66c0487e92db8303a798ebc548cadedc",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"ref": "nixos-23.05",
"repo": "nixpkgs",
"type": "github"
}
@ -1202,6 +1314,21 @@
"type": "github"
}
},
"systems_15": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
@ -1324,7 +1451,7 @@
},
"utils": {
"inputs": {
"systems": "systems_2"
"systems": "systems_3"
},
"locked": {
"lastModified": 1710146030,
@ -1342,7 +1469,7 @@
},
"utils_10": {
"inputs": {
"systems": "systems_13"
"systems": "systems_14"
},
"locked": {
"lastModified": 1694529238,
@ -1360,7 +1487,7 @@
},
"utils_11": {
"inputs": {
"systems": "systems_14"
"systems": "systems_15"
},
"locked": {
"lastModified": 1710146030,
@ -1378,7 +1505,7 @@
},
"utils_2": {
"inputs": {
"systems": "systems_3"
"systems": "systems_4"
},
"locked": {
"lastModified": 1710146030,
@ -1396,7 +1523,7 @@
},
"utils_3": {
"inputs": {
"systems": "systems_6"
"systems": "systems_7"
},
"locked": {
"lastModified": 1710146030,
@ -1414,7 +1541,7 @@
},
"utils_4": {
"inputs": {
"systems": "systems_7"
"systems": "systems_8"
},
"locked": {
"lastModified": 1685518550,
@ -1432,7 +1559,7 @@
},
"utils_5": {
"inputs": {
"systems": "systems_8"
"systems": "systems_9"
},
"locked": {
"lastModified": 1687171271,
@ -1450,7 +1577,7 @@
},
"utils_6": {
"inputs": {
"systems": "systems_9"
"systems": "systems_10"
},
"locked": {
"lastModified": 1710146030,
@ -1468,7 +1595,7 @@
},
"utils_7": {
"inputs": {
"systems": "systems_10"
"systems": "systems_11"
},
"locked": {
"lastModified": 1689068808,
@ -1486,7 +1613,7 @@
},
"utils_8": {
"inputs": {
"systems": "systems_11"
"systems": "systems_12"
},
"locked": {
"lastModified": 1689068808,
@ -1504,7 +1631,7 @@
},
"utils_9": {
"inputs": {
"systems": "systems_12"
"systems": "systems_13"
},
"locked": {
"lastModified": 1689068808,

View file

@ -27,6 +27,7 @@
inputs.nixpkgs.follows = "nixpkgs";
};
colmena.url = "github:zhaofengli/colmena";
attic.url = "github:zhaofengli/attic";
# we host our own
simple-nixos-mailserver = {