2025-04-19 13:16:19 +02:00
12 changed files with 22 additions and 65 deletions
--- a/flake.lock
+++ b/flake.lock
@ -12,11 +12,11 @@
        "systems": "systems"
      },
      "locked": {
-        "lastModified": 1715290355,
-        "narHash": "sha256-2T7CHTqBXJJ3ZC6R/4TXTcKoXWHcvubKNj9SfomURnw=",
+        "lastModified": 1714136352,
+        "narHash": "sha256-BtWQ2Th/jamO1SlD+2ASSW5Jaf7JhA/JLpQHk0Goqpg=",
        "owner": "ryantm",
        "repo": "agenix",
-        "rev": "8d37c5bdeade12b6479c85acd133063ab53187a0",
+        "rev": "24a7ea390564ccd5b39b7884f597cfc8d7f6f44e",
        "type": "github"
      },
      "original": {
@ -216,11 +216,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1715486357,
-        "narHash": "sha256-4pRuzsHZOW5W4CsXI9uhKtiJeQSUoe1d2M9mWU98HC4=",
+        "lastModified": 1714679908,
+        "narHash": "sha256-KzcXzDvDJjX34en8f3Zimm396x6idbt+cu4tWDVS2FI=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "44677a1c96810a8e8c4ffaeaad10c842402647c1",
+        "rev": "9036fe9ef8e15a819fa76f47a8b1f287903fb848",
        "type": "github"
      },
      "original": {
@ -317,11 +317,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1715483403,
-        "narHash": "sha256-WMDuQj7J5jbpXI/X/E6FZRKgBFGcaSTvYyVxPnKE6KU=",
+        "lastModified": 1714273701,
+        "narHash": "sha256-bmoeZ5zMSSO/e8P51yjrzaxA9uzA3SZAEFvih6S3LFo=",
        "owner": "nix-community",
        "repo": "nix-index-database",
-        "rev": "f9027322f48b427da23746aa359a6510dfcd0228",
+        "rev": "941c4973c824509e0356be455d89613611f76c8a",
        "type": "github"
      },
      "original": {
@ -332,11 +332,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1715447595,
-        "narHash": "sha256-VsVAUQOj/cS1LCOmMjAGeRksXIAdPnFIjCQ0XLkCsT0=",
+        "lastModified": 1714635257,
+        "narHash": "sha256-4cPymbty65RvF1DWQfc+Bc8B233A1BWxJnNULJKQ1EY=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "062ca2a9370a27a35c524dc82d540e6e9824b652",
+        "rev": "63c3a29ca82437c87573e4c6919b09a24ea61b0f",
        "type": "github"
      },
      "original": {
@ -376,22 +376,6 @@
        "type": "github"
      }
    },
-    "nixpkgs-systemd-256": {
-      "locked": {
-        "lastModified": 1714430104,
-        "narHash": "sha256-TGCTDeE8lEm/HC92Ev5ql2vx6Z4iUOwF2vsmLn/UjkM=",
-        "owner": "nikstur",
-        "repo": "nixpkgs",
-        "rev": "12215c110b0f3a652953d215e827fd4b56e0f536",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nikstur",
-        "ref": "systemd-256",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
    "pfersel": {
      "inputs": {
        "nixpkgs": [
@ -473,7 +457,6 @@
        "nix-colors": "nix-colors",
        "nix-index-database": "nix-index-database",
        "nixpkgs": "nixpkgs",
-        "nixpkgs-systemd-256": "nixpkgs-systemd-256",
        "pfersel": "pfersel",
        "purge": "purge",
        "trucksimulatorbot": "trucksimulatorbot"
--- a/flake.nix
+++ b/flake.nix
@ -3,7 +3,6 @@
  inputs = {

    nixpkgs.url = "nixpkgs/nixos-unstable";
-    nixpkgs-systemd-256.url = "github:nikstur/nixpkgs/systemd-256";

    nix-index-database = {
      url = "github:nix-community/nix-index-database";
@ -51,7 +50,6 @@
  outputs =
    { self
    , nixpkgs
-    , nixpkgs-systemd-256
    , home-manager
    , dns
    , nix-index-database
@ -140,7 +138,8 @@
          specialArgs = attrs;
          modules = [
            ./hosts/vm
-            ./shared/systemd.nix
+            ./shared
+            nix-index-database.nixosModules.nix-index
          ];
        };
        iso = nixpkgs.lib.nixosSystem {
--- a/hosts/nuc/default.nix
+++ b/hosts/nuc/default.nix
@ -54,8 +54,6 @@
    helix
    lsof
    btdu
-    tcpdump
-    mtr
  ];
  programs.git = {
    enable = true;
--- a/hosts/nuc/modules/backup/default.nix
+++ b/hosts/nuc/modules/backup/default.nix
@ -19,11 +19,6 @@
        "/var/log"
        "/nix/persist"
      ];
-      # don't backup these for now
-      exclude_patterns = [
-        "/var/lib/movies"
-        "/var/lib/shows"
-      ];
      repositories = [
        {
          label = "nuc";
--- a/hosts/nuc/modules/networks/default.nix
+++ b/hosts/nuc/modules/networks/default.nix
@ -34,10 +34,7 @@
        routeConfig.Gateway = "192.168.42.1";
      }];
      networkConfig = {
-        DNS = [
-          "9.9.9.9"
-          "149.112.112.112"
-        ];
+        DNS = "192.168.42.1";
        LLDP = true;
        EmitLLDP = "nearest-bridge";
        DNSSEC = false;
--- a/hosts/nuc/modules/torrent/default.nix
+++ b/hosts/nuc/modules/torrent/default.nix
@ -78,7 +78,7 @@ in
      Group = cfg.user;
      Restart = "always";

-      # PrivateNetwork = true;
+      PrivateNetwork = true;
      NetworkNamespacePath = "/var/run/netns/torrent";

      ExecStart = "${pkgs.qbittorrent-nox}/bin/qbittorrent-nox --profile=${cfg.stateDir} --webui-port=${toString cfg.port}";
@ -88,9 +88,9 @@ in

      # Avoid using nscd (leaks dns)
      InaccessiblePaths = [ "/run/nscd" ];
-      BindReadOnlyPaths = [
-        "/etc/netns/torrent/resolv.conf:/etc/resolv.conf"
-      ];
+      # BindReadOnlyPaths = [
+      #   "/etc/netns/mullvad/resolv.conf:/etc/resolv.conf"
+      # ];

      # systemd-analyze --no-pager security qbittorrent.service
      CapabilityBoundingSet = null;
--- a/hosts/thinkpad/default.nix
+++ b/hosts/thinkpad/default.nix
@ -60,10 +60,6 @@
    upower.enable = true;
    fwupd.enable = true; # firmware updates
    btrfs.autoScrub.enable = true;
-    mullvad-vpn = {
-      enable = true;
-      enableExcludeWrapper = false;
-    };
  };
  hardware.bluetooth = {
    enable = true;
--- a/hosts/thinkpad/modules/networks/uni.nix
+++ b/hosts/thinkpad/modules/networks/uni.nix
@ -23,7 +23,6 @@
          identity="rose159e@tu-dresden.de"
          password="@EDUROAM_AUTH@"
          phase2="auth=PAP"
-          bssid_ignore=7c:5a:1c:02:3d:ef
        '';
        extraConfig = ''
          scan_ssid=1
--- a/hosts/vm/default.nix
+++ b/hosts/vm/default.nix
@ -13,7 +13,6 @@
    loader.efi.canTouchEfiVariables = true;
    kernelPackages = pkgs.linuxPackages_latest;
    tmp.useTmpfs = true;
-    initrd.systemd.enable = true;
  };
  networking.hostName = "vm";
  # environment.persistence."/nix/persistent/system" = {
@ -43,7 +42,7 @@
  };

  # Enable the OpenSSH daemon.
-  # services.openssh.enable = true;
+  services.openssh.enable = true;

  users.mutableUsers = false;
  users.users.root = {
--- a/shared/systemd.nix
+++ b/shared/systemd.nix
@ -1,9 +1,9 @@
-{ pkgs, lib, nixpkgs-systemd-256, ... }:
+{ pkgs, lib, ... }:

 {
  systemd = {

-    package = lib.mkDefault (nixpkgs-systemd-256.legacyPackages.x86_64-linux.systemd.override { withHomed = false; });
+    package = lib.mkDefault (pkgs.systemd.override { withHomed = false; });
    sleep.extraConfig = ''
      HibernateDelaySec=2h
    '';
--- a/users/rouven/modules/packages.nix
+++ b/users/rouven/modules/packages.nix
@ -17,7 +17,6 @@
    (zathura.override { plugins = [ zathuraPkgs.zathura_pdf_mupdf ]; })
    gimp
    ffmpeg
-    jellyfin-media-player

    # bluetooth
    blueman
--- a/users/rouven/modules/ssh/default.nix
+++ b/users/rouven/modules/ssh/default.nix
@ -35,14 +35,6 @@ in
        hostname = "login.zih.tu-dresden.de";
        user = "rose159e";
      };
-      "mininet" = {
-        hostname = "internet.netd.cs.tu-dresden.de";
-        user = "root";
-        port = 2133;
-        extraOptions = {
-          ProxyJump = "tud";
-        };
-      };

      # iFSR
      "quitte" = {