diff --git a/flake.lock b/flake.lock index a9c3792..35a4a2b 100644 --- a/flake.lock +++ b/flake.lock @@ -12,11 +12,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1715290355, - "narHash": "sha256-2T7CHTqBXJJ3ZC6R/4TXTcKoXWHcvubKNj9SfomURnw=", + "lastModified": 1714136352, + "narHash": "sha256-BtWQ2Th/jamO1SlD+2ASSW5Jaf7JhA/JLpQHk0Goqpg=", "owner": "ryantm", "repo": "agenix", - "rev": "8d37c5bdeade12b6479c85acd133063ab53187a0", + "rev": "24a7ea390564ccd5b39b7884f597cfc8d7f6f44e", "type": "github" }, "original": { @@ -216,11 +216,11 @@ ] }, "locked": { - "lastModified": 1715486357, - "narHash": "sha256-4pRuzsHZOW5W4CsXI9uhKtiJeQSUoe1d2M9mWU98HC4=", + "lastModified": 1714679908, + "narHash": "sha256-KzcXzDvDJjX34en8f3Zimm396x6idbt+cu4tWDVS2FI=", "owner": "nix-community", "repo": "home-manager", - "rev": "44677a1c96810a8e8c4ffaeaad10c842402647c1", + "rev": "9036fe9ef8e15a819fa76f47a8b1f287903fb848", "type": "github" }, "original": { @@ -317,11 +317,11 @@ ] }, "locked": { - "lastModified": 1715483403, - "narHash": "sha256-WMDuQj7J5jbpXI/X/E6FZRKgBFGcaSTvYyVxPnKE6KU=", + "lastModified": 1714273701, + "narHash": "sha256-bmoeZ5zMSSO/e8P51yjrzaxA9uzA3SZAEFvih6S3LFo=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "f9027322f48b427da23746aa359a6510dfcd0228", + "rev": "941c4973c824509e0356be455d89613611f76c8a", "type": "github" }, "original": { @@ -332,11 +332,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1715447595, - "narHash": "sha256-VsVAUQOj/cS1LCOmMjAGeRksXIAdPnFIjCQ0XLkCsT0=", + "lastModified": 1714635257, + "narHash": "sha256-4cPymbty65RvF1DWQfc+Bc8B233A1BWxJnNULJKQ1EY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "062ca2a9370a27a35c524dc82d540e6e9824b652", + "rev": "63c3a29ca82437c87573e4c6919b09a24ea61b0f", "type": "github" }, "original": { @@ -376,22 +376,6 @@ "type": "github" } }, - "nixpkgs-systemd-256": { - "locked": { - "lastModified": 1714430104, - "narHash": "sha256-TGCTDeE8lEm/HC92Ev5ql2vx6Z4iUOwF2vsmLn/UjkM=", - "owner": "nikstur", - "repo": "nixpkgs", - "rev": "12215c110b0f3a652953d215e827fd4b56e0f536", - "type": "github" - }, - "original": { - "owner": "nikstur", - "ref": "systemd-256", - "repo": "nixpkgs", - "type": "github" - } - }, "pfersel": { "inputs": { "nixpkgs": [ @@ -473,7 +457,6 @@ "nix-colors": "nix-colors", "nix-index-database": "nix-index-database", "nixpkgs": "nixpkgs", - "nixpkgs-systemd-256": "nixpkgs-systemd-256", "pfersel": "pfersel", "purge": "purge", "trucksimulatorbot": "trucksimulatorbot" diff --git a/flake.nix b/flake.nix index 1a30099..b25b850 100644 --- a/flake.nix +++ b/flake.nix @@ -3,7 +3,6 @@ inputs = { nixpkgs.url = "nixpkgs/nixos-unstable"; - nixpkgs-systemd-256.url = "github:nikstur/nixpkgs/systemd-256"; nix-index-database = { url = "github:nix-community/nix-index-database"; @@ -51,7 +50,6 @@ outputs = { self , nixpkgs - , nixpkgs-systemd-256 , home-manager , dns , nix-index-database @@ -140,7 +138,8 @@ specialArgs = attrs; modules = [ ./hosts/vm - ./shared/systemd.nix + ./shared + nix-index-database.nixosModules.nix-index ]; }; iso = nixpkgs.lib.nixosSystem { diff --git a/hosts/nuc/default.nix b/hosts/nuc/default.nix index 4fcbd32..768080d 100644 --- a/hosts/nuc/default.nix +++ b/hosts/nuc/default.nix @@ -54,8 +54,6 @@ helix lsof btdu - tcpdump - mtr ]; programs.git = { enable = true; diff --git a/hosts/nuc/modules/backup/default.nix b/hosts/nuc/modules/backup/default.nix index bc50c25..c7771b9 100644 --- a/hosts/nuc/modules/backup/default.nix +++ b/hosts/nuc/modules/backup/default.nix @@ -19,11 +19,6 @@ "/var/log" "/nix/persist" ]; - # don't backup these for now - exclude_patterns = [ - "/var/lib/movies" - "/var/lib/shows" - ]; repositories = [ { label = "nuc"; diff --git a/hosts/nuc/modules/networks/default.nix b/hosts/nuc/modules/networks/default.nix index eebf8f8..c547460 100644 --- a/hosts/nuc/modules/networks/default.nix +++ b/hosts/nuc/modules/networks/default.nix @@ -34,10 +34,7 @@ routeConfig.Gateway = "192.168.42.1"; }]; networkConfig = { - DNS = [ - "9.9.9.9" - "149.112.112.112" - ]; + DNS = "192.168.42.1"; LLDP = true; EmitLLDP = "nearest-bridge"; DNSSEC = false; diff --git a/hosts/nuc/modules/torrent/default.nix b/hosts/nuc/modules/torrent/default.nix index 2bff346..9c8d83b 100644 --- a/hosts/nuc/modules/torrent/default.nix +++ b/hosts/nuc/modules/torrent/default.nix @@ -78,7 +78,7 @@ in Group = cfg.user; Restart = "always"; - # PrivateNetwork = true; + PrivateNetwork = true; NetworkNamespacePath = "/var/run/netns/torrent"; ExecStart = "${pkgs.qbittorrent-nox}/bin/qbittorrent-nox --profile=${cfg.stateDir} --webui-port=${toString cfg.port}"; @@ -88,9 +88,9 @@ in # Avoid using nscd (leaks dns) InaccessiblePaths = [ "/run/nscd" ]; - BindReadOnlyPaths = [ - "/etc/netns/torrent/resolv.conf:/etc/resolv.conf" - ]; + # BindReadOnlyPaths = [ + # "/etc/netns/mullvad/resolv.conf:/etc/resolv.conf" + # ]; # systemd-analyze --no-pager security qbittorrent.service CapabilityBoundingSet = null; diff --git a/hosts/thinkpad/default.nix b/hosts/thinkpad/default.nix index 7d7080d..d817b51 100755 --- a/hosts/thinkpad/default.nix +++ b/hosts/thinkpad/default.nix @@ -60,10 +60,6 @@ upower.enable = true; fwupd.enable = true; # firmware updates btrfs.autoScrub.enable = true; - mullvad-vpn = { - enable = true; - enableExcludeWrapper = false; - }; }; hardware.bluetooth = { enable = true; diff --git a/hosts/thinkpad/modules/networks/uni.nix b/hosts/thinkpad/modules/networks/uni.nix index eedc098..0b4855e 100644 --- a/hosts/thinkpad/modules/networks/uni.nix +++ b/hosts/thinkpad/modules/networks/uni.nix @@ -23,7 +23,6 @@ identity="rose159e@tu-dresden.de" password="@EDUROAM_AUTH@" phase2="auth=PAP" - bssid_ignore=7c:5a:1c:02:3d:ef ''; extraConfig = '' scan_ssid=1 diff --git a/hosts/vm/default.nix b/hosts/vm/default.nix index c7546cb..fd17428 100644 --- a/hosts/vm/default.nix +++ b/hosts/vm/default.nix @@ -13,7 +13,6 @@ loader.efi.canTouchEfiVariables = true; kernelPackages = pkgs.linuxPackages_latest; tmp.useTmpfs = true; - initrd.systemd.enable = true; }; networking.hostName = "vm"; # environment.persistence."/nix/persistent/system" = { @@ -43,7 +42,7 @@ }; # Enable the OpenSSH daemon. - # services.openssh.enable = true; + services.openssh.enable = true; users.mutableUsers = false; users.users.root = { diff --git a/shared/systemd.nix b/shared/systemd.nix index cb53f89..45193d8 100644 --- a/shared/systemd.nix +++ b/shared/systemd.nix @@ -1,9 +1,9 @@ -{ pkgs, lib, nixpkgs-systemd-256, ... }: +{ pkgs, lib, ... }: { systemd = { - package = lib.mkDefault (nixpkgs-systemd-256.legacyPackages.x86_64-linux.systemd.override { withHomed = false; }); + package = lib.mkDefault (pkgs.systemd.override { withHomed = false; }); sleep.extraConfig = '' HibernateDelaySec=2h ''; diff --git a/users/rouven/modules/packages.nix b/users/rouven/modules/packages.nix index fe33497..28b340f 100644 --- a/users/rouven/modules/packages.nix +++ b/users/rouven/modules/packages.nix @@ -17,7 +17,6 @@ (zathura.override { plugins = [ zathuraPkgs.zathura_pdf_mupdf ]; }) gimp ffmpeg - jellyfin-media-player # bluetooth blueman diff --git a/users/rouven/modules/ssh/default.nix b/users/rouven/modules/ssh/default.nix index 190dd8c..62ddb55 100644 --- a/users/rouven/modules/ssh/default.nix +++ b/users/rouven/modules/ssh/default.nix @@ -35,14 +35,6 @@ in hostname = "login.zih.tu-dresden.de"; user = "rose159e"; }; - "mininet" = { - hostname = "internet.netd.cs.tu-dresden.de"; - user = "root"; - port = 2133; - extraOptions = { - ProxyJump = "tud"; - }; - }; # iFSR "quitte" = {