From e930c05695e499fb5aa5e869940a7078b229b321 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Thu, 24 Apr 2025 09:59:57 +0200 Subject: [PATCH 1/4] fix user packages --- users/rouven/modules/helix/default.nix | 15 ------- users/rouven/modules/packages.nix | 59 ++++++++++++++++++------- users/rouven/modules/ssh/default.nix | 4 ++ users/rouven/modules/wayland/waybar.nix | 4 +- 4 files changed, 48 insertions(+), 34 deletions(-) diff --git a/users/rouven/modules/helix/default.nix b/users/rouven/modules/helix/default.nix index bc774be..5d49273 100644 --- a/users/rouven/modules/helix/default.nix +++ b/users/rouven/modules/helix/default.nix @@ -7,21 +7,6 @@ nil nixpkgs-fmt tinymist - (python3.withPackages (ps: with ps; [ - pyls-isort - pylsp-mypy - # python-lsp-black - python-lsp-server - - # pylsp optional dependencies - types-requests - flake8 - mccabe - pycodestyle - pydocstyle - pyflakes - pylint - ])) clang-tools nodePackages.typescript-language-server ]; diff --git a/users/rouven/modules/packages.nix b/users/rouven/modules/packages.nix index 5fc6ae8..d35bb76 100644 --- a/users/rouven/modules/packages.nix +++ b/users/rouven/modules/packages.nix @@ -13,6 +13,8 @@ xdg-utils # used for xdg-open appimage-run glab + tio + tcpdump # graphics (zathura.override { plugins = [ zathuraPkgs.zathura_pdf_mupdf ]; }) @@ -28,6 +30,7 @@ google-chrome liferea openvpn + thunderbird # messaging tdesktop @@ -50,8 +53,29 @@ typst hut wine - ansible + # ansible ansible-lint + (python3.withPackages (ps: [ + # ps.ansible + ps.ansible-core + ps.pip + ps.requests + + ps.pyls-isort + ps.pylsp-mypy + # python-lsp-black + ps.python-lsp-server + + # pylsp optional dependencies + ps.types-requests + ps.flake8 + ps.mccabe + ps.pycodestyle + ps.pydocstyle + ps.pyflakes + ps.pylint + ])) + # programming languages cargo @@ -80,22 +104,23 @@ ]; programs.firefox.enable = true; - programs = { - thunderbird = { - enable = true; - profiles = { - default = { - withExternalGnupg = true; - isDefault = true; - settings = { - "intl.date_time.pattern_override.connector_short" = "{1} {0}"; - "intl.date_time.pattern_override.date_short" = "yyyy-MM-dd"; - "intl.date_time.pattern_override.time_short" = "HH:mm"; - }; - }; - }; - }; - }; + # ugly and Broken + # programs = { + # thunderbird = { + # enable = true; + # profiles = { + # default = { + # withExternalGnupg = true; + # isDefault = true; + # settings = { + # "intl.date_time.pattern_override.connector_short" = "{1} {0}"; + # "intl.date_time.pattern_override.date_short" = "yyyy-MM-dd"; + # "intl.date_time.pattern_override.time_short" = "HH:mm"; + # }; + # }; + # }; + # }; + # }; services.gnome-keyring.enable = true; xdg.mimeApps = { diff --git a/users/rouven/modules/ssh/default.nix b/users/rouven/modules/ssh/default.nix index d9fd003..f6548e8 100644 --- a/users/rouven/modules/ssh/default.nix +++ b/users/rouven/modules/ssh/default.nix @@ -96,3 +96,7 @@ in }; }; } + + + + diff --git a/users/rouven/modules/wayland/waybar.nix b/users/rouven/modules/wayland/waybar.nix index 579dd31..17e9f3e 100644 --- a/users/rouven/modules/wayland/waybar.nix +++ b/users/rouven/modules/wayland/waybar.nix @@ -1,6 +1,6 @@ -{ config, pkgs, ... }: +{ config, pkgs, lib, ... }: { - systemd.user.services.waybar.Service.Environment = "PATH=${pkgs.swaynotificationcenter}/bin"; + systemd.user.services.waybar.Service.Environment = lib.mkForce "PATH=${pkgs.swaynotificationcenter}/bin"; programs.waybar = { enable = true; systemd.enable = true; From 9019f85ae4d01e2746ae8f64936eee64642ffbf5 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Thu, 24 Apr 2025 10:00:18 +0200 Subject: [PATCH 2/4] ianny: unstable -> 2.0.0 --- pkgs/ianny/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/ianny/default.nix b/pkgs/ianny/default.nix index 6258fd7..3628f19 100644 --- a/pkgs/ianny/default.nix +++ b/pkgs/ianny/default.nix @@ -1,14 +1,14 @@ { rustPlatform, fetchFromGitHub, lib, ninja, dbus, pkg-config }: rustPlatform.buildRustPackage rec { pname = "ianny"; - version = "unstable-2023-12-16"; + version = "2.0.0"; src = fetchFromGitHub { owner = "zefr0x"; repo = pname; rev = "v2.0.0"; hash = "sha256-F8Uc2BsQ5f7yaUXXDhLvyyYKUDAuvP9cCR2h3vblr0g="; }; - cargoHash = "sha256-6rcibPoO5EQcT8HGgHge/4wrXyBA9JCk4+aiCFz+kXM="; + cargoHash = "sha256-QqdcOftbVt/yNzmvvy6AI66oTZvTgWHfY3Q/ikWGaLM="; buildInputs = [ dbus ninja From 8178023c149a8a1444853be8ef3194796ee6dcc9 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Thu, 24 Apr 2025 10:01:00 +0200 Subject: [PATCH 3/4] nixos updates --- flake.lock | 89 ++++++++++++++++++++++++++++-------------------------- 1 file changed, 46 insertions(+), 43 deletions(-) diff --git a/flake.lock b/flake.lock index dabfcbc..1f27677 100644 --- a/flake.lock +++ b/flake.lock @@ -37,11 +37,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1742246110, - "narHash": "sha256-bjJDxW3Z3clNIkgwEktWhFSpU9UyftisDfK3XYzdRps=", + "lastModified": 1744375272, + "narHash": "sha256-xvWbdTctLu5YWgcp+lNTh51GAY3vB2XEXUFKRMJUiCM=", "owner": "nix-community", "repo": "authentik-nix", - "rev": "04f5e14643b8b37304966767074fbe0efcadab9f", + "rev": "105b3b6c004ce00d1d3c7a88669bea4aadfd4580", "type": "github" }, "original": { @@ -53,16 +53,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1742236492, - "narHash": "sha256-Uz7qldS44pxduLcYKf+cCq4WvjoslDR4PwRqivY/4uI=", + "lastModified": 1744135136, + "narHash": "sha256-7wvoCRhLipX4qzrb/ctsozG565yckx+moxiF6vRo84I=", "owner": "goauthentik", "repo": "authentik", - "rev": "3adf79c4939276e108c25c719843b6174e9e22fd", + "rev": "74eab55c615b156e4191ee98dc789e2d58c016f9", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2025.2.2", + "ref": "version/2025.2.4", "repo": "authentik", "type": "github" } @@ -178,11 +178,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1738453229, - "narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=", + "lastModified": 1743550720, + "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd", + "rev": "c621e8422220273271f52058f618c94e405bb0f5", "type": "github" }, "original": { @@ -277,11 +277,11 @@ ] }, "locked": { - "lastModified": 1742825959, - "narHash": "sha256-wgnQZMrLLQJlZ+htTXzoQtoz9EzL15Z2crH3+OnRmMk=", + "lastModified": 1745439012, + "narHash": "sha256-TwbdiH28QK7Da2JQTqFHdb+UCJq6QbF2mtf+RxHVzEA=", "owner": "nix-community", "repo": "home-manager", - "rev": "908e055e157a0b35466faf4125d7e7410ff56160", + "rev": "d31710fb2cd536b1966fee2af74e99a0816a61a8", "type": "github" }, "original": { @@ -297,11 +297,11 @@ ] }, "locked": { - "lastModified": 1728819790, - "narHash": "sha256-9Uj9uoP/hFs2fkkINKkFZaa9eBFQL4/eTAQpTJouyzA=", + "lastModified": 1744201608, + "narHash": "sha256-s/3mjCx3hNSDFDHuf1yNLLcmQlD7c6obSiMGEKTlfLA=", "owner": "~rouven", "repo": "trucksimulator-images", - "rev": "04b915f006ac8823480b313d099035b14fc0f40a", + "rev": "2035846fd7d41188e9ad465dcd03ba129ed37528", "type": "sourcehut" }, "original": { @@ -425,11 +425,11 @@ ] }, "locked": { - "lastModified": 1742701275, - "narHash": "sha256-AulwPVrS9859t+eJ61v24wH/nfBEIDSXYxlRo3fL/SA=", + "lastModified": 1745120797, + "narHash": "sha256-owQ0VQ+7cSanTVPxaZMWEzI22Q4bGnuvhVjLAJBNQ3E=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "36dc43cb50d5d20f90a28d53abb33a32b0a2aae6", + "rev": "69716041f881a2af935021c1182ed5b0cc04d40e", "type": "github" }, "original": { @@ -440,11 +440,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1740367490, - "narHash": "sha256-WGaHVAjcrv+Cun7zPlI41SerRtfknGQap281+AakSAw=", + "lastModified": 1744098102, + "narHash": "sha256-tzCdyIJj9AjysC3OuKA+tMD/kDEDAF9mICPDU7ix0JA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0196c0175e9191c474c26ab5548db27ef5d34b05", + "rev": "c8cd81426f45942bb2906d5ed2fe21d2f19d95b7", "type": "github" }, "original": { @@ -456,14 +456,17 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1738452942, - "narHash": "sha256-vJzFZGaCpnmo7I6i416HaBLpC+hvcURh/BQwROcGIp8=", - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz" + "lastModified": 1743296961, + "narHash": "sha256-b1EdN3cULCqtorQ4QeWgLMrd5ZGOjLSLemfa00heasc=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "e4822aea2a6d1cdd36653c134cacfd64c97ff4fa", + "type": "github" }, "original": { - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz" + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" } }, "nixpkgs-lib_2": { @@ -499,11 +502,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1742669843, - "narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=", + "lastModified": 1745391562, + "narHash": "sha256-sPwcCYuiEopaafePqlG826tBhctuJsLx/mhKKM5Fmjo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1e5b653dff12029333a6546c11e108ede13052eb", + "rev": "8a2f738d9d1f1d986b5a4cd2fd2061a7127237d7", "type": "github" }, "original": { @@ -519,11 +522,11 @@ ] }, "locked": { - "lastModified": 1728819821, - "narHash": "sha256-njSQ60pihHrt4s0zr9u2r/xxLM8xzXtM3zzup7Rawls=", + "lastModified": 1744201542, + "narHash": "sha256-zWmcUJ44uunlcnI3OcV25AV5ngYWKypoYnPjPJeh7so=", "owner": "~rouven", "repo": "pfersel", - "rev": "f2d51cde9212fd7f47a9f5377bd92822106fdbff", + "rev": "b821b4869578e0f9dfb39c0c6e046abafeb4d616", "type": "sourcehut" }, "original": { @@ -550,11 +553,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1739883580, - "narHash": "sha256-3ydikhrNaWy8j0cqHju/94PcD4GZ9T4Ju4rHh34oz3k=", + "lastModified": 1743690424, + "narHash": "sha256-cX98bUuKuihOaRp8dNV1Mq7u6/CQZWTPth2IJPATBXc=", "owner": "nix-community", "repo": "poetry2nix", - "rev": "d90f9db68a4bda31c346be16dfd8d3263be4547e", + "rev": "ce2369db77f45688172384bbeb962bc6c2ea6f94", "type": "github" }, "original": { @@ -597,11 +600,11 @@ ] }, "locked": { - "lastModified": 1728819770, - "narHash": "sha256-9K2kNhN1AzISaF2A1NA51pR7sZZiPG22ytcOOASwfEA=", + "lastModified": 1744201397, + "narHash": "sha256-QRl2JUlPwlm1NqDb2xTjpfZatlNDWznZELmEthLMM7w=", "owner": "~rouven", "repo": "purge", - "rev": "65a01a0bdd3f7359bc4d2fb25ff99e598ad17167", + "rev": "57b2c885be3538053a24397b91f41b99a907e35a", "type": "sourcehut" }, "original": { @@ -707,11 +710,11 @@ ] }, "locked": { - "lastModified": 1728819805, - "narHash": "sha256-TCCC3rsbTn2zvbOVG9KfTutcnVvbUlZTsXL0mV1aBk0=", + "lastModified": 1744569867, + "narHash": "sha256-TNINQ6b8OW2xlb/uGqk0lf3yaIKYsY5T4S+LS3EXuv4=", "owner": "~rouven", "repo": "trucksimulator", - "rev": "8f4499db6f8688307e9548666684c92eee86ecb9", + "rev": "0845391ad65600e45b6fe09fccd35f8183403e8d", "type": "sourcehut" }, "original": { From 7e2ec684baeb898163855844e8b3d7725272aa2c Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Thu, 24 Apr 2025 10:02:59 +0200 Subject: [PATCH 4/4] thinkpad: remove declarative agdsn vpn --- hosts/thinkpad/modules/networks/uni.nix | 23 ----------------------- secrets.nix | 1 - secrets/thinkpad/agdsn.age | 7 ------- 3 files changed, 31 deletions(-) delete mode 100644 secrets/thinkpad/agdsn.age diff --git a/hosts/thinkpad/modules/networks/uni.nix b/hosts/thinkpad/modules/networks/uni.nix index 6a44542..f8cd5c5 100644 --- a/hosts/thinkpad/modules/networks/uni.nix +++ b/hosts/thinkpad/modules/networks/uni.nix @@ -1,7 +1,6 @@ { config, pkgs, lib, ... }: { age.secrets = { - agdsn.file = ../../../../secrets/thinkpad/agdsn.age; dyport-auth = { file = ../../../../secrets/thinkpad/dyport-auth.age; }; @@ -104,28 +103,6 @@ }; }; systemd.services = { - openfortivpn-agdsn = { - description = "AG DSN Fortinet VPN"; - script = "${pkgs.openfortivpn}/bin/openfortivpn vpn.agdsn.de:443 --realm admin-vpn -u r5 -p $(cat $CREDENTIALS_DIRECTORY/password) --trusted-cert 82ed105286f02f4308f3c525a4034caed6cb738c3336f0f1da52421d419c87a9"; - requires = [ "network-online.target" ]; - after = [ "network.target" "network-online.target" ]; - serviceConfig = { - Type = "simple"; - LoadCredential = [ - "password:${config.age.secrets.agdsn.path}" - ]; - ProtectSystem = true; - ProtectKernelLogs = true; - ProtectKernelTunables = true; - ProtectKernelModules = true; - - ProtectHome = true; - ProtectClock = true; - PrivateTmp = true; - - LockPersonality = true; - }; - }; # fix systemd dependencies for supplicant services "supplicant-lan@" = { wantedBy = lib.mkForce [ ]; diff --git a/secrets.nix b/secrets.nix index 156962a..fa598a6 100644 --- a/secrets.nix +++ b/secrets.nix @@ -7,7 +7,6 @@ in { # thinkpad "secrets/thinkpad/wireless.age".publicKeys = [ rouven thinkpad ]; - "secrets/thinkpad/agdsn.age".publicKeys = [ rouven thinkpad ]; "secrets/thinkpad/dyport-auth.age".publicKeys = [ rouven thinkpad ]; "secrets/thinkpad/wireguard/dorm/private.age".publicKeys = [ rouven thinkpad ]; "secrets/thinkpad/wireguard/dorm/preshared.age".publicKeys = [ rouven thinkpad ]; diff --git a/secrets/thinkpad/agdsn.age b/secrets/thinkpad/agdsn.age deleted file mode 100644 index 41a2fe0..0000000 --- a/secrets/thinkpad/agdsn.age +++ /dev/null @@ -1,7 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 uWbAHQ X/P87D8iMo5RKTEU8pZt+xG9Ebx64cDHAX/n4ks8egA -9zcpVqoCnDDs27SjbjNW+mJF+o/svGy0v0JNJxDTegU --> ssh-ed25519 EVzt9Q v6gZYjKb/gisiCyeKKHRA0xlcAO2oFEomu2oRPuf6S8 -uw0LguP73eWbx+NX6DHJK6kzoxj7jIc1OBYPAOBLY0o ---- Zus0cOOXQVwuzHkYRm7IpKVqG1KxgflB9sLOrFP56Ks -Ң#e\>J$惊{Y翕,;?X%>ڞA`N`z \ No newline at end of file