something something cumulative updates

This commit is contained in:
Rouven Seifert 2025-03-26 20:29:32 +01:00
parent 1d50fdc0e2
commit 3d382ef13c
14 changed files with 73 additions and 62 deletions

58
flake.lock generated
View file

@ -37,11 +37,11 @@
"systems": "systems_2"
},
"locked": {
"lastModified": 1737810234,
"narHash": "sha256-zTS99/ZE8khNnIWFEsF21E6seR9IizGYkY19t6iK7z4=",
"lastModified": 1742246110,
"narHash": "sha256-bjJDxW3Z3clNIkgwEktWhFSpU9UyftisDfK3XYzdRps=",
"owner": "nix-community",
"repo": "authentik-nix",
"rev": "1fa3cbed36fb03d2f6ceab981d083af98b5c7d0f",
"rev": "04f5e14643b8b37304966767074fbe0efcadab9f",
"type": "github"
},
"original": {
@ -53,16 +53,16 @@
"authentik-src": {
"flake": false,
"locked": {
"lastModified": 1736440980,
"narHash": "sha256-Z3rFFrXrOKaF9NpY/fInsEbzdOWnWqLfEYl7YX9hFEU=",
"lastModified": 1742236492,
"narHash": "sha256-Uz7qldS44pxduLcYKf+cCq4WvjoslDR4PwRqivY/4uI=",
"owner": "goauthentik",
"repo": "authentik",
"rev": "9d81f0598c7735e2b4616ee865ab896056a67408",
"rev": "3adf79c4939276e108c25c719843b6174e9e22fd",
"type": "github"
},
"original": {
"owner": "goauthentik",
"ref": "version/2024.12.2",
"ref": "version/2025.2.2",
"repo": "authentik",
"type": "github"
}
@ -178,11 +178,11 @@
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1736143030,
"narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=",
"lastModified": 1738453229,
"narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de",
"rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd",
"type": "github"
},
"original": {
@ -277,11 +277,11 @@
]
},
"locked": {
"lastModified": 1737968762,
"narHash": "sha256-xiPARGKwocaMtv+U/rgi+h2g56CZZEmrcl7ldRaslq8=",
"lastModified": 1742825959,
"narHash": "sha256-wgnQZMrLLQJlZ+htTXzoQtoz9EzL15Z2crH3+OnRmMk=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "e1ae908bcc30af792b0bb0a52e53b03d2577255e",
"rev": "908e055e157a0b35466faf4125d7e7410ff56160",
"type": "github"
},
"original": {
@ -425,11 +425,11 @@
]
},
"locked": {
"lastModified": 1737861961,
"narHash": "sha256-LIRtMvAwLGb8pBoamzgEF67oKlNPz4LuXiRPVZf+TpE=",
"lastModified": 1742701275,
"narHash": "sha256-AulwPVrS9859t+eJ61v24wH/nfBEIDSXYxlRo3fL/SA=",
"owner": "nix-community",
"repo": "nix-index-database",
"rev": "79b7b8eae3243fc5aa9aad34ba6b9bbb2266f523",
"rev": "36dc43cb50d5d20f90a28d53abb33a32b0a2aae6",
"type": "github"
},
"original": {
@ -440,11 +440,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1737632463,
"narHash": "sha256-38J9QfeGSej341ouwzqf77WIHAScihAKCt8PQJ+NH28=",
"lastModified": 1740367490,
"narHash": "sha256-WGaHVAjcrv+Cun7zPlI41SerRtfknGQap281+AakSAw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0aa475546ed21629c4f5bbf90e38c846a99ec9e9",
"rev": "0196c0175e9191c474c26ab5548db27ef5d34b05",
"type": "github"
},
"original": {
@ -456,14 +456,14 @@
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1735774519,
"narHash": "sha256-CewEm1o2eVAnoqb6Ml+Qi9Gg/EfNAxbRx1lANGVyoLI=",
"lastModified": 1738452942,
"narHash": "sha256-vJzFZGaCpnmo7I6i416HaBLpC+hvcURh/BQwROcGIp8=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz"
"url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz"
"url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
}
},
"nixpkgs-lib_2": {
@ -499,11 +499,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1737885589,
"narHash": "sha256-Zf0hSrtzaM1DEz8//+Xs51k/wdSajticVrATqDrfQjg=",
"lastModified": 1742669843,
"narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "852ff1d9e153d8875a83602e03fdef8a63f0ecf8",
"rev": "1e5b653dff12029333a6546c11e108ede13052eb",
"type": "github"
},
"original": {
@ -550,11 +550,11 @@
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1736884309,
"narHash": "sha256-eiCqmKl0BIRiYk5/ZhZozwn4/7Km9CWTbc15Cv+VX5k=",
"lastModified": 1739883580,
"narHash": "sha256-3ydikhrNaWy8j0cqHju/94PcD4GZ9T4Ju4rHh34oz3k=",
"owner": "nix-community",
"repo": "poetry2nix",
"rev": "75d0515332b7ca269f6d7abfd2c44c47a7cbca7b",
"rev": "d90f9db68a4bda31c346be16dfd8d3263be4547e",
"type": "github"
},
"original": {

View file

@ -43,6 +43,9 @@ let
nuc = {
A = [ "141.30.227.6" ];
};
avm = {
A = [ "141.30.30.20" ];
};
falkenstein = {
A = [ "23.88.121.184" ];
AAAA = [ "2a01:4f8:c012:49de::1" ];

View file

@ -7,6 +7,9 @@ in
993
4190
];
environment.systemPackages = [
pkgs.dovecot_pigeonhole
];
services = {
dovecot2 = {
enable = true;
@ -50,9 +53,6 @@ in
specialUse = "Archive";
};
};
modules = [
pkgs.dovecot_pigeonhole
];
sieve = {
# just pot something in here to prevent empty strings
extensions = [ "notify" ];

View file

@ -6,9 +6,9 @@ in
age.secrets.authentik-core = {
file = ../../../../secrets/nuc/authentik/core.age;
};
age.secrets.authentik-ldap = {
file = ../../../../secrets/nuc/authentik/ldap.age;
};
# age.secrets.authentik-ldap = {
# file = ../../../../secrets/nuc/authentik/ldap.age;
# };
services.authentik = {
enable = true;
environmentFile = config.age.secrets.authentik-core.path;
@ -21,10 +21,10 @@ in
"${domain}.key:/var/lib/caddy/certificates/acme-v02.api.letsencrypt.org-directory/${domain}/${domain}.key"
];
services.authentik-ldap = {
enable = true;
environmentFile = config.age.secrets.authentik-ldap.path;
};
# services.authentik-ldap = {
# enable = true;
# environmentFile = config.age.secrets.authentik-ldap.path;
# };
services.caddy.virtualHosts."${domain}".extraConfig = ''
reverse_proxy localhost:9000
'';

View file

@ -63,12 +63,12 @@ in
# If we don't explicitly set {a,h}s_token, mautrix-telegram will try to read them from the registrationFile
# and write them to the settingsFile in /nix/store, which obviously fails.
systemd.services.mautrix-telegram.serviceConfig.ExecStart =
lib.mkForce (pkgs.writeShellScript "start" ''
export MAUTRIX_TELEGRAM_APPSERVICE_AS_TOKEN=$(grep as_token ${registrationFileMautrix} | cut -d' ' -f2-)
export MAUTRIX_TELEGRAM_APPSERVICE_HS_TOKEN=$(grep hs_token ${registrationFileMautrix} | cut -d' ' -f2-)
# systemd.services.mautrix-telegram.serviceConfig.ExecStart =
# lib.mkForce (pkgs.writeShellScript "start" ''
# export MAUTRIX_TELEGRAM_APPSERVICE_AS_TOKEN=$(grep as_token ${registrationFileMautrix} | cut -d' ' -f2-)
# export MAUTRIX_TELEGRAM_APPSERVICE_HS_TOKEN=$(grep hs_token ${registrationFileMautrix} | cut -d' ' -f2-)
${pkgs.mautrix-telegram}/bin/mautrix-telegram --config='${settingsFile}'
'');
# ${pkgs.mautrix-telegram}/bin/mautrix-telegram --config='${settingsFile}'
# '');
}

View file

@ -8,12 +8,17 @@
./modules/graphics
./modules/greetd
./modules/networks
./modules/printing
# ./modules/printing
./modules/security
./modules/sound
./modules/virtualisation
];
# services.influxdb2 = {
# enable = true;
# };
nix.settings.system-features = [ "gccarch-tigerlake" ];
systemd.additionalUpstreamSystemUnits = [
"soft-reboot.target"
@ -147,10 +152,6 @@
fwupd.enable = true; # firmware updates
avahi.enable = true;
btrfs.autoScrub.enable = true;
mullvad-vpn = {
enable = true;
enableExcludeWrapper = false;
};
};
hardware.bluetooth = {
enable = true;
@ -184,4 +185,5 @@
};
environment.systemPackages = [ pkgs.man-pages ];
system.stateVersion = "22.11";
# programs.java.enable = true;
}

View file

@ -97,6 +97,10 @@
authProtocols = [ "WPA-PSK" ];
extraConfig = "disabled=1";
};
"RoboLab Playground" = {
psk = "ext:ROBOLAB_PSK";
authProtocols = [ "WPA-PSK" ];
};
};
};
systemd.services = {

View file

@ -2,6 +2,7 @@ _final: prev:
let
inherit (prev) callPackage;
inherit (prev) fetchFromGitHub;
inherit (prev) fetchpatch;
in
{
@ -15,10 +16,6 @@ in
ianny = callPackage ../pkgs/ianny { };
tpm2-pkcs11 = prev.tpm2-pkcs11.override { fapiSupport = false; };
# imv = prev.imv.override {
# # freeimage is broken
# withBackends = [ "libtiff" "libjpeg" "libpng" "librsvg" "libheif" ];
# };
zsh-fzf-tab = prev.zsh-fzf-tab.overrideAttrs (_: rec {
version = "1.1.1";
src = fetchFromGitHub {
@ -46,5 +43,4 @@ in
});
};
};
# matrix-synapse-unwrapped = prev.matrix-synapse-unwrapped.overridePythonAttrs { doCheck = false; }; # todo skip right tests
}

View file

@ -5,10 +5,10 @@ rustPlatform.buildRustPackage rec {
src = fetchFromGitHub {
owner = "zefr0x";
repo = pname;
rev = "370bea372c35610e65426f5a1c45db99584dfb9a";
hash = "sha256-oWwRCQSP0g6IJh3cEgD32AIBF/pfN9QGJ9LANjCthMw=";
rev = "v2.0.0";
hash = "sha256-F8Uc2BsQ5f7yaUXXDhLvyyYKUDAuvP9cCR2h3vblr0g=";
};
cargoHash = "sha256-5/Sb2ds+xfcYFqTF3RObPScDzK4FdBNk8T1Z5YcQgCM=";
cargoHash = "sha256-6rcibPoO5EQcT8HGgHge/4wrXyBA9JCk4+aiCFz+kXM=";
buildInputs = [
dbus
ninja

Binary file not shown.

View file

@ -2,7 +2,7 @@
{
home.packages = with pkgs; [
gdb
lldb
# lldb
rust-analyzer
nil
nixpkgs-fmt

View file

@ -27,6 +27,7 @@
# internet
google-chrome
liferea
openvpn
# messaging
tdesktop
@ -40,8 +41,7 @@
# cryptography
yubikey-manager
# python311Packages.pyhanko # broken, TODO fix
bitwarden-cli
# bitwarden-cli
# misc
xournalpp
@ -118,6 +118,7 @@
"x-scheme-handler/http" = browsers;
"x-scheme-handler/https" = browsers;
"x-scheme-handler/tg" = [ "org.telegram.desktop.desktop" ];
"x-scheme-handler/tonsite" = [ "org.telegram.desktop.desktop" ];
};
};
}

View file

@ -8,7 +8,7 @@ in
package = pkgs.openssh_gssapi;
compression = true;
controlMaster = "auto";
controlPersist = "10m";
controlPersist = "90m";
extraConfig = ''
CanonicalizeHostname yes
CanonicalDomains agdsn.network vpn.rfive.de net.tu-dresden.de

View file

@ -5,6 +5,11 @@
# theme hardcoded to dracula, too lazy to make all this base16
systemd.user.sessionVariables.GTK_THEME = "Dracula";
dconf.settings = {
"org/gnome/desktop/interface" = {
color-scheme = "prefer-dark";
};
};
qt = {
enable = true;
platformTheme.name = "gtk";