hydra: fix build

gcc: tune arch
bring back hydra
2024-11-15 05:13:10 +01:00 · 2024-01-04 00:30:41 +01:00 · 2024-01-04 00:17:40 +01:00 · 2024-01-04 00:13:46 +01:00 · 2024-01-04 00:13:32 +01:00 · 2024-01-04 00:11:01 +01:00
16 changed files with 95 additions and 54 deletions
--- a/flake.lock
+++ b/flake.lock
@ -180,11 +180,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1703787578,
+        "lastModified": 1704311514,
-        "narHash": "sha256-YanYMRry0uvExeCZYbM7yEp3H0gct9SocfFWvsYtyfs=",
+        "narHash": "sha256-j6JsfCv31bW7LzV06q2L/27QZ4k1Zq7lEq2AR9R150A=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "f8a4a5c18f4fee53ac3016a52a97df2aaeede65b",
+        "rev": "fcbc70a7ee064f2b65dc1fac1717ca2a9813bbe6",
        "type": "github"
      },
      "original": {
@ -200,11 +200,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1702553482,
+        "lastModified": 1703800710,
-        "narHash": "sha256-kWU543mm3ai7fZhYNqlLfozsrcAZsmDsp7iCzO1Utng=",
+        "narHash": "sha256-BlTnkNW50xEMojxDd+M4W1WUX4t33vkxJhsW/eeSCco=",
        "owner": "therealr5",
        "repo": "TruckSimulatorBot-images",
-        "rev": "0bbd6647c6479312305623f1bc5699cf6874b323",
+        "rev": "ead83b4ce653e293b9459b0495f0a3f1baac0aa3",
        "type": "github"
      },
      "original": {
@ -281,11 +281,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1703387252,
+        "lastModified": 1703992163,
-        "narHash": "sha256-XKJqGj0BaEn/zyctEnkgVIh6Ba1rgTRc+UBi9EU8Y54=",
+        "narHash": "sha256-709CGmwU34dxv8DjSpRBZ+HibVJIVaFcA4JH+GFnhyM=",
        "owner": "nix-community",
        "repo": "nix-index-database",
-        "rev": "f4340c1a42c38d79293ba69bfd839fbd6268a538",
+        "rev": "d6510ce144f5da7dd9bac667ba3d5a4946c00d11",
        "type": "github"
      },
      "original": {
@ -296,11 +296,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1703438236,
+        "lastModified": 1703961334,
-        "narHash": "sha256-aqVBq1u09yFhL7bj1/xyUeJjzr92fXVvQSSEx6AdB1M=",
+        "narHash": "sha256-M1mV/Cq+pgjk0rt6VxoyyD+O8cOUiai8t9Q6Yyq4noY=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "5f64a12a728902226210bf01d25ec6cbb9d9265b",
+        "rev": "b0d36bd0a420ecee3bc916c91886caca87c894e9",
        "type": "github"
      },
      "original": {
@ -398,11 +398,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1702553371,
+        "lastModified": 1704138480,
-        "narHash": "sha256-6jdDRktu7NaWifzhV+/IgRg8aBqELv4L51Ijurqt2a8=",
+        "narHash": "sha256-KSWmE3C/nnU6gJ2KIYaTPB4Yk58BhqFdOhaIuhCCFfg=",
        "owner": "therealr5",
        "repo": "purge",
-        "rev": "0f12b011b86571435e37e69e91a464513ecdd24e",
+        "rev": "3ae163c8fa9a64ecf1d06f390c6072948a57905f",
        "type": "github"
      },
      "original": {
@ -488,11 +488,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1702553577,
+        "lastModified": 1704138497,
-        "narHash": "sha256-RTNBEoapC+HYU2jev6jc9XiffL1Zf6w51GZ96zoA3zE=",
+        "narHash": "sha256-+bDxq8eeLpPO/4fZm4ikAbW064T4+n8CIY4kv+sd41U=",
        "owner": "therealr5",
        "repo": "TruckSimulatorBot",
-        "rev": "bb08a872dbcb4e386835c581c0ecfccf936b4012",
+        "rev": "1053bcb5419c18fb7f700e7b2a0cde9c0467f79c",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -61,6 +61,7 @@
    }@attrs: {
      packages.x86_64-linux = {
        iso = self.nixosConfigurations.iso.config.system.build.isoImage;
        thinkpad = self.nixosConfigurations.thinkpad.config.system.build.toplevel;
        jmri = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/jmri { };
        adguardian-term = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/adguardian-term { };
        pww = nixpkgs.legacyPackages.x86_64-linux.callPackage ./pkgs/pww { };
--- a/hosts/falkenstein/default.nix
+++ b/hosts/falkenstein/default.nix
@ -35,13 +35,10 @@
  environment.systemPackages = with pkgs; [
    vim
    wget
    htop-vim
    helix
    lsof
    python3
    php
    phpPackages.composer
  ];
  programs.git = {
    enable = true;
@ -60,10 +57,6 @@
  };
  services.journald.enableHttpGateway = true;
  programs.mosh.enable = true;
  security = {
    audit.enable = true;
    auditd.enable = true;
  };
  users.users.root.openssh.authorizedKeys.keyFiles = [
    ../../keys/ssh/rouven-thinkpad
    ../../keys/ssh/rouven-pixel
--- a/hosts/nuc/default.nix
+++ b/hosts/nuc/default.nix
@ -6,7 +6,9 @@
      ./hardware-configuration.nix
      ./modules/networks
      ./modules/backup
      ./modules/cache
      ./modules/grafana
      ./modules/hydra
      ./modules/prometheus
      ./modules/matrix
      ./modules/seafile
@ -15,6 +17,7 @@
      ./modules/nginx
    ];
  nix.settings.system-features = [ "gccarch-tigerlake" ];
  boot = {
    loader.systemd-boot.enable = true;
    loader.efi.canTouchEfiVariables = true;
@ -46,7 +49,6 @@
  environment.systemPackages = with pkgs; [
    vim
    wget
    htop-vim
    helix
    lsof
@ -64,10 +66,6 @@
  services.openssh.enable = true;
  services.journald.enableHttpGateway = true;
  programs.mosh.enable = true;
  security = {
    audit.enable = true;
    auditd.enable = true;
  };
  # firmware updates
--- a/hosts/nuc/modules/cache/default.nix
+++ b/hosts/nuc/modules/cache/default.nix
@ -0,0 +1,20 @@
 { config, ... }:
 let
  domain = "cache.rfive.de";
 in
 {
  age.secrets.cache = {
    file = ../../../../secrets/nuc/cache.age;
  };
  services.nix-serve = {
    enable = true;
    secretKeyFile = config.age.secrets.cache.path;
  };
  services.nginx.virtualHosts."${domain}" = {
    enableACME = true;
    forceSSL = true;
    locations."/" = {
      proxyPass = "http://127.0.0.1:${toString config.services.nix-serve.port}";
    };
  };
 }
--- a/hosts/nuc/modules/matrix/default.nix
+++ b/hosts/nuc/modules/matrix/default.nix
@ -43,14 +43,14 @@ in
          }];
        }];
      };
-      sliding-sync = {
+    };
    matrix-sliding-sync = {
      enable = true;
      settings = {
        SYNCV3_SERVER = "https://${domain}";
      };
      environmentFile = config.age.secrets."matrix/sync".path;
    };
    };
    nginx = {
--- a/hosts/thinkpad/default.nix
+++ b/hosts/thinkpad/default.nix
@ -14,6 +14,14 @@
      ./modules/virtualisation
    ];
  nixpkgs.hostPlatform = {
    gcc.arch = "tigerlake";
    gcc.tune = "tigerlake";
    system = "x86_64-linux";
  };
  nix.settings.system-features = [ "gccarch-tigerlake" ];
  # Use the systemd-boot EFI boot loader.
  boot = {
    kernelModules = [ "v4l2loopback" ];
--- a/hosts/thinkpad/modules/networks/default.nix
+++ b/hosts/thinkpad/modules/networks/default.nix
@ -21,8 +21,8 @@
    whois
    inetutils
    openssl
    wget
    dnsutils
    nmap
  ];
  services.resolved = {
    fallbackDns = [
@ -40,9 +40,6 @@
    hostName = "thinkpad";
    hostId = "d8d34032";
    enableIPv6 = true;
    firewall = {
      logRefusedConnections = false;
    };
    wireless = {
      enable = true;
      userControlled.enable = true;
@ -163,7 +160,7 @@
      linkConfig.RequiredForOnline = "carrier";
      networkConfig = {
        Address = "192.168.43.3/32";
-        DNS = "192.168.42.1";
+        DNS = "192.168.43.1";
        DNSSEC = true;
        BindCarrier = [ "wlp9s0" "enp0s31f6" ];
      };
--- a/hosts/vm/default.nix
+++ b/hosts/vm/default.nix
@ -31,7 +31,6 @@
  environment.systemPackages = with pkgs; [
    vim
    wget
    htop-vim
  ];
  programs.git = {
--- a/secrets.nix
+++ b/secrets.nix
@ -19,6 +19,7 @@ in
  "secrets/nuc/matrix/shared.age".publicKeys = [ rouven nuc ];
  "secrets/nuc/matrix/sync.age".publicKeys = [ rouven nuc ];
  "secrets/nuc/vaultwarden.age".publicKeys = [ rouven nuc ];
  "secrets/nuc/cache.age".publicKeys = [ rouven nuc ];
  "secrets/nuc/borg/passphrase.age".publicKeys = [ rouven nuc ];
  "secrets/nuc/borg/key.age".publicKeys = [ rouven nuc ];
--- a/secrets/nuc/cache.age
+++ b/secrets/nuc/cache.age
@ -0,0 +1,7 @@
 age-encryption.org/v1
 -> ssh-ed25519 uWbAHQ pLKYxDwT0w0iVvg+Ppu66RaQ+6b9Mw935ol8X5+wWgU
 VL90qNwa1IWO8GdIuI9JGjP62qVF5kJbWmuciq6Kbos
 -> ssh-ed25519 2TRdXg T9oZyBSqwUTBMws7tykM8xqyOChp1/E80aOlYvzz0CE
 lY4VA7dwfkHsRQyrSuAJC5CS9/h6x2vlBEEHFwfeb3s
 --- USkk3hxaZmHIwdd5Y62i9VeIlBzGJQCnCBeGvO/3NzQ
 lÒßû34n vú¢¢õiº©ûîð(rH;0Ôö!Ebø-hè2 òÖAZD¤·EÿÖƒš1ü¾¨ûöÑ…ÞÌíMVBnæhóæú·’Ü{”±DJc§þ³?ißi2b0d ÆÒMHQÉÓÅÇ-=<3D>4»ØÇØÃ±Ð¡4 r4EÑŸú6¤×§.
--- a/shared/nix.nix
+++ b/shared/nix.nix
@ -10,6 +10,12 @@
    settings = {
      auto-optimise-store = true;
      experimental-features = [ "nix-command" "flakes" "repl-flake" ];
      substituters = [
        "https://cache.rfive.de"
      ];
      trusted-public-keys = [
        "cache.rfive.de:of5d+o6mfGXQSR3lk6ApfDBr4ampAUaNHux1O/XY3Tw="
      ];
    };
  };
 }
--- a/shared/systemd.nix
+++ b/shared/systemd.nix
@ -11,7 +11,7 @@
      enable = true;
      enableSystemSlice = true;
      enableRootSlice = true;
-      enableUserServices = true;
+      enableUserSlices = true;
    };
  };
--- a/users/rouven/modules/packages.nix
+++ b/users/rouven/modules/packages.nix
@ -33,6 +33,7 @@
    gajim
    gomuks
    fractal
    tuba # mastodon client
    # games
    prismlauncher
--- a/users/rouven/modules/wayland/breaktimer.nix
+++ b/users/rouven/modules/wayland/breaktimer.nix
@ -1,7 +1,6 @@
 { pkgs, ... }:
 {
-  systemd.user = {
+  systemd.user.services.ianny = {
    services.ianny = {
    Unit = {
      Description = "Ianny break timer";
      After = [ "graphical-session-pre.target" ];
@ -12,5 +11,4 @@
    };
    Install = { WantedBy = [ "graphical-session.target" ]; };
  };
  };
 }
--- a/users/rouven/modules/wayland/default.nix
+++ b/users/rouven/modules/wayland/default.nix
@ -34,6 +34,18 @@
    systemdTarget = "graphical-session.target";
  };
  systemd.user.services.swayidle-inhibit = {
    Unit = {
      Description = "Service preventing swayidle from sleeping while any application is outputting or receiving audio";
      After = [ "graphical-session-pre.target" ];
      PartOf = [ "graphical-session.target" ];
    };
    Service = {
      ExecStart = "${lib.getExe pkgs.sway-audio-idle-inhibit}";
    };
    Install = { WantedBy = [ "graphical-session.target" ]; };
  };
  systemd.user.services.swaync = {
    Install.WantedBy = [ "graphical-session.target" ];
    Service = {
Author	SHA1	Message	Date
Rouven Seifert	c1c800f177	hydra: fix build	2024-01-04 00:30:41 +01:00
Rouven Seifert	ee31ef9c4c	gcc: tune arch	2024-01-04 00:17:40 +01:00
Rouven Seifert	60ed410a43	bring back hydra	2024-01-04 00:13:46 +01:00
Rouven Seifert	031a2004f3	cleanup and update changes	2024-01-04 00:13:32 +01:00
Rouven Seifert	1b76968b00	wayland: add swayidle inhibit	2024-01-04 00:11:01 +01:00
Rouven Seifert	fcdc32c2f0	networking: fix wireguard dns	2024-01-04 00:10:15 +01:00