mirror of
https://git.sr.ht/~rouven/nixos-config
synced 2025-01-18 09:01:39 +01:00
updates
This commit is contained in:
parent
60586106be
commit
3d572d7a38
7 changed files with 62 additions and 41 deletions
50
flake.lock
50
flake.lock
|
|
@ -37,11 +37,11 @@
|
|||
"systems": "systems_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1733851514,
|
||||
"narHash": "sha256-fQt/HzF+OBC8xLRYeHiYLSEzjrgOLNWhyd102aY2oLU=",
|
||||
"lastModified": 1736445563,
|
||||
"narHash": "sha256-+f1MWPtja+LRlTHJP/i/3yxmnzo2LGtZmxtJJTdAp8o=",
|
||||
"owner": "nix-community",
|
||||
"repo": "authentik-nix",
|
||||
"rev": "b059e1d6e7a94bbeabb4e87d47b5f5097fd61823",
|
||||
"rev": "bf5a5bf42189ff5f468f0ff26c9296233a97eb6c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -53,16 +53,16 @@
|
|||
"authentik-src": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1733849292,
|
||||
"narHash": "sha256-gJYgrRxytoGHkjeEsiKY/tl06D8XOnZZ9SDpK1WSyUw=",
|
||||
"lastModified": 1736440980,
|
||||
"narHash": "sha256-Z3rFFrXrOKaF9NpY/fInsEbzdOWnWqLfEYl7YX9hFEU=",
|
||||
"owner": "goauthentik",
|
||||
"repo": "authentik",
|
||||
"rev": "0edd7531a152910e6bdd4f7d3d0cde3ed5fdd956",
|
||||
"rev": "9d81f0598c7735e2b4616ee865ab896056a67408",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "goauthentik",
|
||||
"ref": "version/2024.10.5",
|
||||
"ref": "version/2024.12.2",
|
||||
"repo": "authentik",
|
||||
"type": "github"
|
||||
}
|
||||
|
|
@ -301,11 +301,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1735381016,
|
||||
"narHash": "sha256-CyCZFhMUkuYbSD6bxB/r43EdmDE7hYeZZPTCv0GudO4=",
|
||||
"lastModified": 1736508663,
|
||||
"narHash": "sha256-ZOaGwa+WnB7Zn3YXimqjmIugAnHePdXCmNu+AHkq808=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "10e99c43cdf4a0713b4e81d90691d22c6a58bdf2",
|
||||
"rev": "2532b500c3ed2b8940e831039dcec5a5ea093afc",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -336,11 +336,11 @@
|
|||
},
|
||||
"impermanence": {
|
||||
"locked": {
|
||||
"lastModified": 1734945620,
|
||||
"narHash": "sha256-olIfsfJK4/GFmPH8mXMmBDAkzVQ1TWJmeGT3wBGfQPY=",
|
||||
"lastModified": 1736688610,
|
||||
"narHash": "sha256-1Zl9xahw399UiZSJ9Vxs1W4WRFjO1SsNdVZQD4nghz0=",
|
||||
"owner": "nix-community",
|
||||
"repo": "impermanence",
|
||||
"rev": "d000479f4f41390ff7cf9204979660ad5dd16176",
|
||||
"rev": "c64bed13b562fc3bb454b48773d4155023ac31b7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -450,11 +450,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1735443188,
|
||||
"narHash": "sha256-AydPpRBh8+NOkrLylG7vTsHrGO2b5L7XkMEL5HlzcA8=",
|
||||
"lastModified": 1736652904,
|
||||
"narHash": "sha256-8uolHABgroXqzs03QdulHp8H9e5kWQZnnhcda1MKbBM=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nix-index-database",
|
||||
"rev": "55ab1e1df5daf2476e6b826b69a82862dcbd7544",
|
||||
"rev": "271e5bd7c57e1f001693799518b10a02d1123b12",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -465,11 +465,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1730200266,
|
||||
"narHash": "sha256-l253w0XMT8nWHGXuXqyiIC/bMvh1VRszGXgdpQlfhvU=",
|
||||
"lastModified": 1735834308,
|
||||
"narHash": "sha256-dklw3AXr3OGO4/XT1Tu3Xz9n/we8GctZZ75ZWVqAVhk=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "807e9154dcb16384b1b765ebe9cd2bba2ac287fd",
|
||||
"rev": "6df24922a1400241dae323af55f30e4318a6ca65",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -524,11 +524,11 @@
|
|||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1735471104,
|
||||
"narHash": "sha256-0q9NGQySwDQc7RhAV2ukfnu7Gxa5/ybJ2ANT8DQrQrs=",
|
||||
"lastModified": 1736701207,
|
||||
"narHash": "sha256-jG/+MvjVY7SlTakzZ2fJ5dC3V1PrKKrUEOEE30jrOKA=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "88195a94f390381c6afcdaa933c2f6ff93959cb4",
|
||||
"rev": "ed4a395ea001367c1f13d34b1e01aa10290f67d6",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -575,11 +575,11 @@
|
|||
"treefmt-nix": "treefmt-nix"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1730284601,
|
||||
"narHash": "sha256-eHYcKVLIRRv3J1vjmxurS6HVdGphB53qxUeAkylYrZY=",
|
||||
"lastModified": 1735164664,
|
||||
"narHash": "sha256-DaWy+vo3c4TQ93tfLjUgcpPaSoDw4qV4t76Y3Mhu84I=",
|
||||
"owner": "nix-community",
|
||||
"repo": "poetry2nix",
|
||||
"rev": "43a898b4d76f7f3f70df77a2cc2d40096bc9d75e",
|
||||
"rev": "1fb01e90771f762655be7e0e805516cd7fa4d58e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
|||
|
|
@ -96,11 +96,17 @@ in
|
|||
};
|
||||
};
|
||||
};
|
||||
systemd.services.bind.preStart = ''
|
||||
# copy the file manually to its destination since signing requires a writable directory
|
||||
${pkgs.coreutils}/bin/cp ${zonefile} ${config.services.bind.directory}/rfive.de.zone.txt
|
||||
${pkgs.coreutils}/bin/chown named:named ${config.services.bind.directory}/rfive.de.zone.txt
|
||||
'';
|
||||
systemd.services.bind-zonefile = {
|
||||
script = ''
|
||||
# copy the file manually to its destination since signing requires a writable directory
|
||||
${pkgs.coreutils}/bin/cp ${zonefile} ${config.services.bind.directory}/rfive.de.zone.txt
|
||||
${pkgs.coreutils}/bin/chown named:named ${config.services.bind.directory}/rfive.de.zone.txt
|
||||
'';
|
||||
};
|
||||
systemd.services.bind = {
|
||||
after = [ "bind-zonefile.service" ];
|
||||
requires = [ "bind-zonefile.service" ];
|
||||
};
|
||||
networking.firewall.extraInputRules = ''
|
||||
ip saddr ${secondary}/32 tcp dport 53 accept comment "Allow DNS AXFR access from INWX Servers"
|
||||
ip saddr ${secondary}/32 udp dport 53 accept comment "Allow DNS access from INWX Servers"
|
||||
|
|
|
|||
|
|
@ -31,7 +31,6 @@
|
|||
# '';
|
||||
tmp.useTmpfs = true;
|
||||
};
|
||||
services.lldpd.enable = true;
|
||||
|
||||
environment.persistence."/nix/persist/system" = {
|
||||
directories = [
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@
|
|||
nmap
|
||||
curlFull
|
||||
wireguard-tools
|
||||
# etherape
|
||||
etherape
|
||||
];
|
||||
services.timesyncd.servers = lib.mkForce [ ];
|
||||
services.resolved = {
|
||||
|
|
@ -187,12 +187,12 @@
|
|||
package = pkgs.wireshark-qt;
|
||||
};
|
||||
programs.wavemon.enable = true;
|
||||
# # users.groups.etherape = { };
|
||||
# security.wrappers.etherape = {
|
||||
# source = "${pkgs.etherape}/bin/etherape";
|
||||
# capabilities = "cap_net_raw,cap_net_admin+eip";
|
||||
# owner = "root";
|
||||
# group = "etherape";
|
||||
# permissions = "u+rx,g+x";
|
||||
# };
|
||||
users.groups.etherape = { };
|
||||
security.wrappers.etherape = {
|
||||
source = "${pkgs.etherape}/bin/etherape";
|
||||
capabilities = "cap_net_raw,cap_net_admin+eip";
|
||||
owner = "root";
|
||||
group = "etherape";
|
||||
permissions = "u+rx,g+x";
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -33,4 +33,18 @@ in
|
|||
gnome-break-timer = callPackage ../pkgs/gnome-break-timer { };
|
||||
jmri = callPackage ../pkgs/jmri { };
|
||||
adguardian-term = callPackage ../pkgs/adguardian-term { };
|
||||
python312 = prev.python312.override {
|
||||
packageOverrides = final: prev: {
|
||||
pysaml2 = prev.pysaml2.overridePythonAttrs (orig: {
|
||||
disabledTests =
|
||||
orig.disabledTests
|
||||
++ [
|
||||
"test_encrypted_response_6"
|
||||
"test_validate_cert_chains"
|
||||
"test_validate_with_root_cert"
|
||||
];
|
||||
});
|
||||
};
|
||||
};
|
||||
matrix-synapse-unwrapped = prev.matrix-synapse-unwrapped.overridePythonAttrs { doCheck = false; }; # todo skip right tests
|
||||
}
|
||||
|
|
|
|||
|
|
@ -49,6 +49,8 @@
|
|||
line-number = "relative";
|
||||
cursor-shape.insert = "bar";
|
||||
completion-trigger-len = 0;
|
||||
end-of-line-diagnostics = "hint";
|
||||
inline-diagnostics.cursor-line = "error";
|
||||
lsp = {
|
||||
display-messages = true;
|
||||
display-inlay-hints = true;
|
||||
|
|
|
|||
|
|
@ -52,7 +52,7 @@
|
|||
hut
|
||||
wine
|
||||
ansible
|
||||
# ansible-lint
|
||||
ansible-lint
|
||||
|
||||
# programming languages
|
||||
cargo
|
||||
|
|
|
|||
Loading…
Reference in a new issue