mirror of
https://git.sr.ht/~rouven/nixos-config
synced 2025-04-02 04:49:25 +02:00
something something cumulative updates
This commit is contained in:
parent
1d50fdc0e2
commit
3d382ef13c
14 changed files with 73 additions and 62 deletions
58
flake.lock
generated
58
flake.lock
generated
|
@ -37,11 +37,11 @@
|
|||
"systems": "systems_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1737810234,
|
||||
"narHash": "sha256-zTS99/ZE8khNnIWFEsF21E6seR9IizGYkY19t6iK7z4=",
|
||||
"lastModified": 1742246110,
|
||||
"narHash": "sha256-bjJDxW3Z3clNIkgwEktWhFSpU9UyftisDfK3XYzdRps=",
|
||||
"owner": "nix-community",
|
||||
"repo": "authentik-nix",
|
||||
"rev": "1fa3cbed36fb03d2f6ceab981d083af98b5c7d0f",
|
||||
"rev": "04f5e14643b8b37304966767074fbe0efcadab9f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -53,16 +53,16 @@
|
|||
"authentik-src": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1736440980,
|
||||
"narHash": "sha256-Z3rFFrXrOKaF9NpY/fInsEbzdOWnWqLfEYl7YX9hFEU=",
|
||||
"lastModified": 1742236492,
|
||||
"narHash": "sha256-Uz7qldS44pxduLcYKf+cCq4WvjoslDR4PwRqivY/4uI=",
|
||||
"owner": "goauthentik",
|
||||
"repo": "authentik",
|
||||
"rev": "9d81f0598c7735e2b4616ee865ab896056a67408",
|
||||
"rev": "3adf79c4939276e108c25c719843b6174e9e22fd",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "goauthentik",
|
||||
"ref": "version/2024.12.2",
|
||||
"ref": "version/2025.2.2",
|
||||
"repo": "authentik",
|
||||
"type": "github"
|
||||
}
|
||||
|
@ -178,11 +178,11 @@
|
|||
"nixpkgs-lib": "nixpkgs-lib"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1736143030,
|
||||
"narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=",
|
||||
"lastModified": 1738453229,
|
||||
"narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de",
|
||||
"rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -277,11 +277,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1737968762,
|
||||
"narHash": "sha256-xiPARGKwocaMtv+U/rgi+h2g56CZZEmrcl7ldRaslq8=",
|
||||
"lastModified": 1742825959,
|
||||
"narHash": "sha256-wgnQZMrLLQJlZ+htTXzoQtoz9EzL15Z2crH3+OnRmMk=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "e1ae908bcc30af792b0bb0a52e53b03d2577255e",
|
||||
"rev": "908e055e157a0b35466faf4125d7e7410ff56160",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -425,11 +425,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1737861961,
|
||||
"narHash": "sha256-LIRtMvAwLGb8pBoamzgEF67oKlNPz4LuXiRPVZf+TpE=",
|
||||
"lastModified": 1742701275,
|
||||
"narHash": "sha256-AulwPVrS9859t+eJ61v24wH/nfBEIDSXYxlRo3fL/SA=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nix-index-database",
|
||||
"rev": "79b7b8eae3243fc5aa9aad34ba6b9bbb2266f523",
|
||||
"rev": "36dc43cb50d5d20f90a28d53abb33a32b0a2aae6",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -440,11 +440,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1737632463,
|
||||
"narHash": "sha256-38J9QfeGSej341ouwzqf77WIHAScihAKCt8PQJ+NH28=",
|
||||
"lastModified": 1740367490,
|
||||
"narHash": "sha256-WGaHVAjcrv+Cun7zPlI41SerRtfknGQap281+AakSAw=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "0aa475546ed21629c4f5bbf90e38c846a99ec9e9",
|
||||
"rev": "0196c0175e9191c474c26ab5548db27ef5d34b05",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -456,14 +456,14 @@
|
|||
},
|
||||
"nixpkgs-lib": {
|
||||
"locked": {
|
||||
"lastModified": 1735774519,
|
||||
"narHash": "sha256-CewEm1o2eVAnoqb6Ml+Qi9Gg/EfNAxbRx1lANGVyoLI=",
|
||||
"lastModified": 1738452942,
|
||||
"narHash": "sha256-vJzFZGaCpnmo7I6i416HaBLpC+hvcURh/BQwROcGIp8=",
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz"
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
|
||||
},
|
||||
"original": {
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz"
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
|
||||
}
|
||||
},
|
||||
"nixpkgs-lib_2": {
|
||||
|
@ -499,11 +499,11 @@
|
|||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1737885589,
|
||||
"narHash": "sha256-Zf0hSrtzaM1DEz8//+Xs51k/wdSajticVrATqDrfQjg=",
|
||||
"lastModified": 1742669843,
|
||||
"narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "852ff1d9e153d8875a83602e03fdef8a63f0ecf8",
|
||||
"rev": "1e5b653dff12029333a6546c11e108ede13052eb",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -550,11 +550,11 @@
|
|||
"treefmt-nix": "treefmt-nix"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1736884309,
|
||||
"narHash": "sha256-eiCqmKl0BIRiYk5/ZhZozwn4/7Km9CWTbc15Cv+VX5k=",
|
||||
"lastModified": 1739883580,
|
||||
"narHash": "sha256-3ydikhrNaWy8j0cqHju/94PcD4GZ9T4Ju4rHh34oz3k=",
|
||||
"owner": "nix-community",
|
||||
"repo": "poetry2nix",
|
||||
"rev": "75d0515332b7ca269f6d7abfd2c44c47a7cbca7b",
|
||||
"rev": "d90f9db68a4bda31c346be16dfd8d3263be4547e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
@ -43,6 +43,9 @@ let
|
|||
nuc = {
|
||||
A = [ "141.30.227.6" ];
|
||||
};
|
||||
avm = {
|
||||
A = [ "141.30.30.20" ];
|
||||
};
|
||||
falkenstein = {
|
||||
A = [ "23.88.121.184" ];
|
||||
AAAA = [ "2a01:4f8:c012:49de::1" ];
|
||||
|
|
|
@ -7,6 +7,9 @@ in
|
|||
993
|
||||
4190
|
||||
];
|
||||
environment.systemPackages = [
|
||||
pkgs.dovecot_pigeonhole
|
||||
];
|
||||
services = {
|
||||
dovecot2 = {
|
||||
enable = true;
|
||||
|
@ -50,9 +53,6 @@ in
|
|||
specialUse = "Archive";
|
||||
};
|
||||
};
|
||||
modules = [
|
||||
pkgs.dovecot_pigeonhole
|
||||
];
|
||||
sieve = {
|
||||
# just pot something in here to prevent empty strings
|
||||
extensions = [ "notify" ];
|
||||
|
|
|
@ -6,9 +6,9 @@ in
|
|||
age.secrets.authentik-core = {
|
||||
file = ../../../../secrets/nuc/authentik/core.age;
|
||||
};
|
||||
age.secrets.authentik-ldap = {
|
||||
file = ../../../../secrets/nuc/authentik/ldap.age;
|
||||
};
|
||||
# age.secrets.authentik-ldap = {
|
||||
# file = ../../../../secrets/nuc/authentik/ldap.age;
|
||||
# };
|
||||
services.authentik = {
|
||||
enable = true;
|
||||
environmentFile = config.age.secrets.authentik-core.path;
|
||||
|
@ -21,10 +21,10 @@ in
|
|||
"${domain}.key:/var/lib/caddy/certificates/acme-v02.api.letsencrypt.org-directory/${domain}/${domain}.key"
|
||||
];
|
||||
|
||||
services.authentik-ldap = {
|
||||
enable = true;
|
||||
environmentFile = config.age.secrets.authentik-ldap.path;
|
||||
};
|
||||
# services.authentik-ldap = {
|
||||
# enable = true;
|
||||
# environmentFile = config.age.secrets.authentik-ldap.path;
|
||||
# };
|
||||
services.caddy.virtualHosts."${domain}".extraConfig = ''
|
||||
reverse_proxy localhost:9000
|
||||
'';
|
||||
|
|
|
@ -63,12 +63,12 @@ in
|
|||
|
||||
# If we don't explicitly set {a,h}s_token, mautrix-telegram will try to read them from the registrationFile
|
||||
# and write them to the settingsFile in /nix/store, which obviously fails.
|
||||
systemd.services.mautrix-telegram.serviceConfig.ExecStart =
|
||||
lib.mkForce (pkgs.writeShellScript "start" ''
|
||||
export MAUTRIX_TELEGRAM_APPSERVICE_AS_TOKEN=$(grep as_token ${registrationFileMautrix} | cut -d' ' -f2-)
|
||||
export MAUTRIX_TELEGRAM_APPSERVICE_HS_TOKEN=$(grep hs_token ${registrationFileMautrix} | cut -d' ' -f2-)
|
||||
# systemd.services.mautrix-telegram.serviceConfig.ExecStart =
|
||||
# lib.mkForce (pkgs.writeShellScript "start" ''
|
||||
# export MAUTRIX_TELEGRAM_APPSERVICE_AS_TOKEN=$(grep as_token ${registrationFileMautrix} | cut -d' ' -f2-)
|
||||
# export MAUTRIX_TELEGRAM_APPSERVICE_HS_TOKEN=$(grep hs_token ${registrationFileMautrix} | cut -d' ' -f2-)
|
||||
|
||||
${pkgs.mautrix-telegram}/bin/mautrix-telegram --config='${settingsFile}'
|
||||
'');
|
||||
# ${pkgs.mautrix-telegram}/bin/mautrix-telegram --config='${settingsFile}'
|
||||
# '');
|
||||
}
|
||||
|
||||
|
|
|
@ -8,12 +8,17 @@
|
|||
./modules/graphics
|
||||
./modules/greetd
|
||||
./modules/networks
|
||||
./modules/printing
|
||||
# ./modules/printing
|
||||
./modules/security
|
||||
./modules/sound
|
||||
./modules/virtualisation
|
||||
];
|
||||
|
||||
|
||||
# services.influxdb2 = {
|
||||
# enable = true;
|
||||
# };
|
||||
|
||||
nix.settings.system-features = [ "gccarch-tigerlake" ];
|
||||
systemd.additionalUpstreamSystemUnits = [
|
||||
"soft-reboot.target"
|
||||
|
@ -147,10 +152,6 @@
|
|||
fwupd.enable = true; # firmware updates
|
||||
avahi.enable = true;
|
||||
btrfs.autoScrub.enable = true;
|
||||
mullvad-vpn = {
|
||||
enable = true;
|
||||
enableExcludeWrapper = false;
|
||||
};
|
||||
};
|
||||
hardware.bluetooth = {
|
||||
enable = true;
|
||||
|
@ -184,4 +185,5 @@
|
|||
};
|
||||
environment.systemPackages = [ pkgs.man-pages ];
|
||||
system.stateVersion = "22.11";
|
||||
# programs.java.enable = true;
|
||||
}
|
||||
|
|
|
@ -97,6 +97,10 @@
|
|||
authProtocols = [ "WPA-PSK" ];
|
||||
extraConfig = "disabled=1";
|
||||
};
|
||||
"RoboLab Playground" = {
|
||||
psk = "ext:ROBOLAB_PSK";
|
||||
authProtocols = [ "WPA-PSK" ];
|
||||
};
|
||||
};
|
||||
};
|
||||
systemd.services = {
|
||||
|
|
|
@ -2,6 +2,7 @@ _final: prev:
|
|||
let
|
||||
inherit (prev) callPackage;
|
||||
inherit (prev) fetchFromGitHub;
|
||||
inherit (prev) fetchpatch;
|
||||
in
|
||||
{
|
||||
|
||||
|
@ -15,10 +16,6 @@ in
|
|||
ianny = callPackage ../pkgs/ianny { };
|
||||
|
||||
tpm2-pkcs11 = prev.tpm2-pkcs11.override { fapiSupport = false; };
|
||||
# imv = prev.imv.override {
|
||||
# # freeimage is broken
|
||||
# withBackends = [ "libtiff" "libjpeg" "libpng" "librsvg" "libheif" ];
|
||||
# };
|
||||
zsh-fzf-tab = prev.zsh-fzf-tab.overrideAttrs (_: rec {
|
||||
version = "1.1.1";
|
||||
src = fetchFromGitHub {
|
||||
|
@ -46,5 +43,4 @@ in
|
|||
});
|
||||
};
|
||||
};
|
||||
# matrix-synapse-unwrapped = prev.matrix-synapse-unwrapped.overridePythonAttrs { doCheck = false; }; # todo skip right tests
|
||||
}
|
||||
|
|
|
@ -5,10 +5,10 @@ rustPlatform.buildRustPackage rec {
|
|||
src = fetchFromGitHub {
|
||||
owner = "zefr0x";
|
||||
repo = pname;
|
||||
rev = "370bea372c35610e65426f5a1c45db99584dfb9a";
|
||||
hash = "sha256-oWwRCQSP0g6IJh3cEgD32AIBF/pfN9QGJ9LANjCthMw=";
|
||||
rev = "v2.0.0";
|
||||
hash = "sha256-F8Uc2BsQ5f7yaUXXDhLvyyYKUDAuvP9cCR2h3vblr0g=";
|
||||
};
|
||||
cargoHash = "sha256-5/Sb2ds+xfcYFqTF3RObPScDzK4FdBNk8T1Z5YcQgCM=";
|
||||
cargoHash = "sha256-6rcibPoO5EQcT8HGgHge/4wrXyBA9JCk4+aiCFz+kXM=";
|
||||
buildInputs = [
|
||||
dbus
|
||||
ninja
|
||||
|
|
Binary file not shown.
|
@ -2,7 +2,7 @@
|
|||
{
|
||||
home.packages = with pkgs; [
|
||||
gdb
|
||||
lldb
|
||||
# lldb
|
||||
rust-analyzer
|
||||
nil
|
||||
nixpkgs-fmt
|
||||
|
|
|
@ -27,6 +27,7 @@
|
|||
# internet
|
||||
google-chrome
|
||||
liferea
|
||||
openvpn
|
||||
|
||||
# messaging
|
||||
tdesktop
|
||||
|
@ -40,8 +41,7 @@
|
|||
|
||||
# cryptography
|
||||
yubikey-manager
|
||||
# python311Packages.pyhanko # broken, TODO fix
|
||||
bitwarden-cli
|
||||
# bitwarden-cli
|
||||
|
||||
# misc
|
||||
xournalpp
|
||||
|
@ -118,6 +118,7 @@
|
|||
"x-scheme-handler/http" = browsers;
|
||||
"x-scheme-handler/https" = browsers;
|
||||
"x-scheme-handler/tg" = [ "org.telegram.desktop.desktop" ];
|
||||
"x-scheme-handler/tonsite" = [ "org.telegram.desktop.desktop" ];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -8,7 +8,7 @@ in
|
|||
package = pkgs.openssh_gssapi;
|
||||
compression = true;
|
||||
controlMaster = "auto";
|
||||
controlPersist = "10m";
|
||||
controlPersist = "90m";
|
||||
extraConfig = ''
|
||||
CanonicalizeHostname yes
|
||||
CanonicalDomains agdsn.network vpn.rfive.de net.tu-dresden.de
|
||||
|
|
|
@ -5,6 +5,11 @@
|
|||
|
||||
# theme hardcoded to dracula, too lazy to make all this base16
|
||||
systemd.user.sessionVariables.GTK_THEME = "Dracula";
|
||||
dconf.settings = {
|
||||
"org/gnome/desktop/interface" = {
|
||||
color-scheme = "prefer-dark";
|
||||
};
|
||||
};
|
||||
qt = {
|
||||
enable = true;
|
||||
platformTheme.name = "gtk";
|
||||
|
|
Loading…
Add table
Reference in a new issue