updates

2025-01-18 09:01:39 +01:00 · 2025-01-13 15:42:20 +01:00 · 2025-01-13 15:42:20 +01:00 · 3d572d7a38
commit 3d572d7a38
parent 60586106be
7 changed files with 62 additions and 41 deletions
--- a/flake.lock
+++ b/flake.lock
@ -37,11 +37,11 @@
        "systems": "systems_2"
      },
      "locked": {
-        "lastModified": 1733851514,
+        "lastModified": 1736445563,
-        "narHash": "sha256-fQt/HzF+OBC8xLRYeHiYLSEzjrgOLNWhyd102aY2oLU=",
+        "narHash": "sha256-+f1MWPtja+LRlTHJP/i/3yxmnzo2LGtZmxtJJTdAp8o=",
        "owner": "nix-community",
        "repo": "authentik-nix",
-        "rev": "b059e1d6e7a94bbeabb4e87d47b5f5097fd61823",
+        "rev": "bf5a5bf42189ff5f468f0ff26c9296233a97eb6c",
        "type": "github"
      },
      "original": {
@ -53,16 +53,16 @@
    "authentik-src": {
      "flake": false,
      "locked": {
-        "lastModified": 1733849292,
+        "lastModified": 1736440980,
-        "narHash": "sha256-gJYgrRxytoGHkjeEsiKY/tl06D8XOnZZ9SDpK1WSyUw=",
+        "narHash": "sha256-Z3rFFrXrOKaF9NpY/fInsEbzdOWnWqLfEYl7YX9hFEU=",
        "owner": "goauthentik",
        "repo": "authentik",
-        "rev": "0edd7531a152910e6bdd4f7d3d0cde3ed5fdd956",
+        "rev": "9d81f0598c7735e2b4616ee865ab896056a67408",
        "type": "github"
      },
      "original": {
        "owner": "goauthentik",
-        "ref": "version/2024.10.5",
+        "ref": "version/2024.12.2",
        "repo": "authentik",
        "type": "github"
      }
@ -301,11 +301,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1735381016,
+        "lastModified": 1736508663,
-        "narHash": "sha256-CyCZFhMUkuYbSD6bxB/r43EdmDE7hYeZZPTCv0GudO4=",
+        "narHash": "sha256-ZOaGwa+WnB7Zn3YXimqjmIugAnHePdXCmNu+AHkq808=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "10e99c43cdf4a0713b4e81d90691d22c6a58bdf2",
+        "rev": "2532b500c3ed2b8940e831039dcec5a5ea093afc",
        "type": "github"
      },
      "original": {
@ -336,11 +336,11 @@
    },
    "impermanence": {
      "locked": {
-        "lastModified": 1734945620,
+        "lastModified": 1736688610,
-        "narHash": "sha256-olIfsfJK4/GFmPH8mXMmBDAkzVQ1TWJmeGT3wBGfQPY=",
+        "narHash": "sha256-1Zl9xahw399UiZSJ9Vxs1W4WRFjO1SsNdVZQD4nghz0=",
        "owner": "nix-community",
        "repo": "impermanence",
-        "rev": "d000479f4f41390ff7cf9204979660ad5dd16176",
+        "rev": "c64bed13b562fc3bb454b48773d4155023ac31b7",
        "type": "github"
      },
      "original": {
@ -450,11 +450,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1735443188,
+        "lastModified": 1736652904,
-        "narHash": "sha256-AydPpRBh8+NOkrLylG7vTsHrGO2b5L7XkMEL5HlzcA8=",
+        "narHash": "sha256-8uolHABgroXqzs03QdulHp8H9e5kWQZnnhcda1MKbBM=",
        "owner": "nix-community",
        "repo": "nix-index-database",
-        "rev": "55ab1e1df5daf2476e6b826b69a82862dcbd7544",
+        "rev": "271e5bd7c57e1f001693799518b10a02d1123b12",
        "type": "github"
      },
      "original": {
@ -465,11 +465,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1730200266,
+        "lastModified": 1735834308,
-        "narHash": "sha256-l253w0XMT8nWHGXuXqyiIC/bMvh1VRszGXgdpQlfhvU=",
+        "narHash": "sha256-dklw3AXr3OGO4/XT1Tu3Xz9n/we8GctZZ75ZWVqAVhk=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "807e9154dcb16384b1b765ebe9cd2bba2ac287fd",
+        "rev": "6df24922a1400241dae323af55f30e4318a6ca65",
        "type": "github"
      },
      "original": {
@ -524,11 +524,11 @@
    },
    "nixpkgs_2": {
      "locked": {
-        "lastModified": 1735471104,
+        "lastModified": 1736701207,
-        "narHash": "sha256-0q9NGQySwDQc7RhAV2ukfnu7Gxa5/ybJ2ANT8DQrQrs=",
+        "narHash": "sha256-jG/+MvjVY7SlTakzZ2fJ5dC3V1PrKKrUEOEE30jrOKA=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "88195a94f390381c6afcdaa933c2f6ff93959cb4",
+        "rev": "ed4a395ea001367c1f13d34b1e01aa10290f67d6",
        "type": "github"
      },
      "original": {
@ -575,11 +575,11 @@
        "treefmt-nix": "treefmt-nix"
      },
      "locked": {
-        "lastModified": 1730284601,
+        "lastModified": 1735164664,
-        "narHash": "sha256-eHYcKVLIRRv3J1vjmxurS6HVdGphB53qxUeAkylYrZY=",
+        "narHash": "sha256-DaWy+vo3c4TQ93tfLjUgcpPaSoDw4qV4t76Y3Mhu84I=",
        "owner": "nix-community",
        "repo": "poetry2nix",
-        "rev": "43a898b4d76f7f3f70df77a2cc2d40096bc9d75e",
+        "rev": "1fb01e90771f762655be7e0e805516cd7fa4d58e",
        "type": "github"
      },
      "original": {
--- a/hosts/falkenstein/modules/dns/default.nix
+++ b/hosts/falkenstein/modules/dns/default.nix
@ -96,11 +96,17 @@ in
      };
    };
  };
-  systemd.services.bind.preStart = ''
+  systemd.services.bind-zonefile = {
    script = ''      
      # copy the file manually to its destination since signing requires a writable directory
      ${pkgs.coreutils}/bin/cp ${zonefile} ${config.services.bind.directory}/rfive.de.zone.txt
      ${pkgs.coreutils}/bin/chown named:named ${config.services.bind.directory}/rfive.de.zone.txt
    '';
  };
  systemd.services.bind = {
    after = [ "bind-zonefile.service" ];
    requires = [ "bind-zonefile.service" ];
  };
  networking.firewall.extraInputRules = ''
    ip saddr ${secondary}/32 tcp dport 53 accept comment "Allow DNS AXFR access from INWX Servers"
    ip saddr ${secondary}/32 udp dport 53 accept comment "Allow DNS access from INWX Servers"
--- a/hosts/thinkpad/default.nix
+++ b/hosts/thinkpad/default.nix
@ -31,7 +31,6 @@
    # '';
    tmp.useTmpfs = true;
  };
  services.lldpd.enable = true;
  environment.persistence."/nix/persist/system" = {
    directories = [
--- a/hosts/thinkpad/modules/networks/default.nix
+++ b/hosts/thinkpad/modules/networks/default.nix
@ -25,7 +25,7 @@
    nmap
    curlFull
    wireguard-tools
-    # etherape
+    etherape
  ];
  services.timesyncd.servers = lib.mkForce [ ];
  services.resolved = {
@ -187,12 +187,12 @@
    package = pkgs.wireshark-qt;
  };
  programs.wavemon.enable = true;
-  # # users.groups.etherape = { };
+  users.groups.etherape = { };
-  # security.wrappers.etherape = {
+  security.wrappers.etherape = {
-  #   source = "${pkgs.etherape}/bin/etherape";
+    source = "${pkgs.etherape}/bin/etherape";
-  #   capabilities = "cap_net_raw,cap_net_admin+eip";
+    capabilities = "cap_net_raw,cap_net_admin+eip";
-  #   owner = "root";
+    owner = "root";
-  #   group = "etherape";
+    group = "etherape";
-  #   permissions = "u+rx,g+x";
+    permissions = "u+rx,g+x";
-  # };
+  };
 }
--- a/overlays/default.nix
+++ b/overlays/default.nix
@ -33,4 +33,18 @@ in
  gnome-break-timer = callPackage ../pkgs/gnome-break-timer { };
  jmri = callPackage ../pkgs/jmri { };
  adguardian-term = callPackage ../pkgs/adguardian-term { };
  python312 = prev.python312.override {
    packageOverrides = final: prev: {
      pysaml2 = prev.pysaml2.overridePythonAttrs (orig: {
        disabledTests =
          orig.disabledTests
          ++ [
            "test_encrypted_response_6"
            "test_validate_cert_chains"
            "test_validate_with_root_cert"
          ];
      });
    };
  };
  matrix-synapse-unwrapped = prev.matrix-synapse-unwrapped.overridePythonAttrs { doCheck = false; }; # todo skip right tests
 }
--- a/users/rouven/modules/helix/default.nix
+++ b/users/rouven/modules/helix/default.nix
@ -49,6 +49,8 @@
        line-number = "relative";
        cursor-shape.insert = "bar";
        completion-trigger-len = 0;
        end-of-line-diagnostics = "hint";
        inline-diagnostics.cursor-line = "error";
        lsp = {
          display-messages = true;
          display-inlay-hints = true;
--- a/users/rouven/modules/packages.nix
+++ b/users/rouven/modules/packages.nix
@ -52,7 +52,7 @@
    hut
    wine
    ansible
-    # ansible-lint
+    ansible-lint
    # programming languages
    cargo