thinkpad: remove declarative agdsn vpn

nixos updates
ianny: unstable -> 2.0.0
2025-06-07 18:18:45 +02:00 · 2025-04-24 10:02:59 +02:00 · 2025-04-24 10:01:00 +02:00 · 2025-04-24 10:00:18 +02:00 · 2025-04-24 09:59:57 +02:00
9 changed files with 96 additions and 110 deletions
--- a/flake.lock
+++ b/flake.lock
@ -37,11 +37,11 @@
        "systems": "systems_2"
      },
      "locked": {
-        "lastModified": 1742246110,
-        "narHash": "sha256-bjJDxW3Z3clNIkgwEktWhFSpU9UyftisDfK3XYzdRps=",
+        "lastModified": 1744375272,
+        "narHash": "sha256-xvWbdTctLu5YWgcp+lNTh51GAY3vB2XEXUFKRMJUiCM=",
        "owner": "nix-community",
        "repo": "authentik-nix",
-        "rev": "04f5e14643b8b37304966767074fbe0efcadab9f",
+        "rev": "105b3b6c004ce00d1d3c7a88669bea4aadfd4580",
        "type": "github"
      },
      "original": {
@ -53,16 +53,16 @@
    "authentik-src": {
      "flake": false,
      "locked": {
-        "lastModified": 1742236492,
-        "narHash": "sha256-Uz7qldS44pxduLcYKf+cCq4WvjoslDR4PwRqivY/4uI=",
+        "lastModified": 1744135136,
+        "narHash": "sha256-7wvoCRhLipX4qzrb/ctsozG565yckx+moxiF6vRo84I=",
        "owner": "goauthentik",
        "repo": "authentik",
-        "rev": "3adf79c4939276e108c25c719843b6174e9e22fd",
+        "rev": "74eab55c615b156e4191ee98dc789e2d58c016f9",
        "type": "github"
      },
      "original": {
        "owner": "goauthentik",
-        "ref": "version/2025.2.2",
+        "ref": "version/2025.2.4",
        "repo": "authentik",
        "type": "github"
      }
@ -178,11 +178,11 @@
        "nixpkgs-lib": "nixpkgs-lib"
      },
      "locked": {
-        "lastModified": 1738453229,
-        "narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=",
+        "lastModified": 1743550720,
+        "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=",
        "owner": "hercules-ci",
        "repo": "flake-parts",
-        "rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd",
+        "rev": "c621e8422220273271f52058f618c94e405bb0f5",
        "type": "github"
      },
      "original": {
@ -277,11 +277,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1742825959,
-        "narHash": "sha256-wgnQZMrLLQJlZ+htTXzoQtoz9EzL15Z2crH3+OnRmMk=",
+        "lastModified": 1745439012,
+        "narHash": "sha256-TwbdiH28QK7Da2JQTqFHdb+UCJq6QbF2mtf+RxHVzEA=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "908e055e157a0b35466faf4125d7e7410ff56160",
+        "rev": "d31710fb2cd536b1966fee2af74e99a0816a61a8",
        "type": "github"
      },
      "original": {
@ -297,11 +297,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1728819790,
-        "narHash": "sha256-9Uj9uoP/hFs2fkkINKkFZaa9eBFQL4/eTAQpTJouyzA=",
+        "lastModified": 1744201608,
+        "narHash": "sha256-s/3mjCx3hNSDFDHuf1yNLLcmQlD7c6obSiMGEKTlfLA=",
        "owner": "~rouven",
        "repo": "trucksimulator-images",
-        "rev": "04b915f006ac8823480b313d099035b14fc0f40a",
+        "rev": "2035846fd7d41188e9ad465dcd03ba129ed37528",
        "type": "sourcehut"
      },
      "original": {
@ -425,11 +425,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1742701275,
-        "narHash": "sha256-AulwPVrS9859t+eJ61v24wH/nfBEIDSXYxlRo3fL/SA=",
+        "lastModified": 1745120797,
+        "narHash": "sha256-owQ0VQ+7cSanTVPxaZMWEzI22Q4bGnuvhVjLAJBNQ3E=",
        "owner": "nix-community",
        "repo": "nix-index-database",
-        "rev": "36dc43cb50d5d20f90a28d53abb33a32b0a2aae6",
+        "rev": "69716041f881a2af935021c1182ed5b0cc04d40e",
        "type": "github"
      },
      "original": {
@ -440,11 +440,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1740367490,
-        "narHash": "sha256-WGaHVAjcrv+Cun7zPlI41SerRtfknGQap281+AakSAw=",
+        "lastModified": 1744098102,
+        "narHash": "sha256-tzCdyIJj9AjysC3OuKA+tMD/kDEDAF9mICPDU7ix0JA=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "0196c0175e9191c474c26ab5548db27ef5d34b05",
+        "rev": "c8cd81426f45942bb2906d5ed2fe21d2f19d95b7",
        "type": "github"
      },
      "original": {
@ -456,14 +456,17 @@
    },
    "nixpkgs-lib": {
      "locked": {
-        "lastModified": 1738452942,
-        "narHash": "sha256-vJzFZGaCpnmo7I6i416HaBLpC+hvcURh/BQwROcGIp8=",
-        "type": "tarball",
-        "url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
+        "lastModified": 1743296961,
+        "narHash": "sha256-b1EdN3cULCqtorQ4QeWgLMrd5ZGOjLSLemfa00heasc=",
+        "owner": "nix-community",
+        "repo": "nixpkgs.lib",
+        "rev": "e4822aea2a6d1cdd36653c134cacfd64c97ff4fa",
+        "type": "github"
      },
      "original": {
-        "type": "tarball",
-        "url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
+        "owner": "nix-community",
+        "repo": "nixpkgs.lib",
+        "type": "github"
      }
    },
    "nixpkgs-lib_2": {
@ -499,11 +502,11 @@
    },
    "nixpkgs_2": {
      "locked": {
-        "lastModified": 1742669843,
-        "narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=",
+        "lastModified": 1745391562,
+        "narHash": "sha256-sPwcCYuiEopaafePqlG826tBhctuJsLx/mhKKM5Fmjo=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "1e5b653dff12029333a6546c11e108ede13052eb",
+        "rev": "8a2f738d9d1f1d986b5a4cd2fd2061a7127237d7",
        "type": "github"
      },
      "original": {
@ -519,11 +522,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1728819821,
-        "narHash": "sha256-njSQ60pihHrt4s0zr9u2r/xxLM8xzXtM3zzup7Rawls=",
+        "lastModified": 1744201542,
+        "narHash": "sha256-zWmcUJ44uunlcnI3OcV25AV5ngYWKypoYnPjPJeh7so=",
        "owner": "~rouven",
        "repo": "pfersel",
-        "rev": "f2d51cde9212fd7f47a9f5377bd92822106fdbff",
+        "rev": "b821b4869578e0f9dfb39c0c6e046abafeb4d616",
        "type": "sourcehut"
      },
      "original": {
@ -550,11 +553,11 @@
        "treefmt-nix": "treefmt-nix"
      },
      "locked": {
-        "lastModified": 1739883580,
-        "narHash": "sha256-3ydikhrNaWy8j0cqHju/94PcD4GZ9T4Ju4rHh34oz3k=",
+        "lastModified": 1743690424,
+        "narHash": "sha256-cX98bUuKuihOaRp8dNV1Mq7u6/CQZWTPth2IJPATBXc=",
        "owner": "nix-community",
        "repo": "poetry2nix",
-        "rev": "d90f9db68a4bda31c346be16dfd8d3263be4547e",
+        "rev": "ce2369db77f45688172384bbeb962bc6c2ea6f94",
        "type": "github"
      },
      "original": {
@ -597,11 +600,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1728819770,
-        "narHash": "sha256-9K2kNhN1AzISaF2A1NA51pR7sZZiPG22ytcOOASwfEA=",
+        "lastModified": 1744201397,
+        "narHash": "sha256-QRl2JUlPwlm1NqDb2xTjpfZatlNDWznZELmEthLMM7w=",
        "owner": "~rouven",
        "repo": "purge",
-        "rev": "65a01a0bdd3f7359bc4d2fb25ff99e598ad17167",
+        "rev": "57b2c885be3538053a24397b91f41b99a907e35a",
        "type": "sourcehut"
      },
      "original": {
@ -707,11 +710,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1728819805,
-        "narHash": "sha256-TCCC3rsbTn2zvbOVG9KfTutcnVvbUlZTsXL0mV1aBk0=",
+        "lastModified": 1744569867,
+        "narHash": "sha256-TNINQ6b8OW2xlb/uGqk0lf3yaIKYsY5T4S+LS3EXuv4=",
        "owner": "~rouven",
        "repo": "trucksimulator",
-        "rev": "8f4499db6f8688307e9548666684c92eee86ecb9",
+        "rev": "0845391ad65600e45b6fe09fccd35f8183403e8d",
        "type": "sourcehut"
      },
      "original": {
--- a/hosts/thinkpad/modules/networks/uni.nix
+++ b/hosts/thinkpad/modules/networks/uni.nix
@ -1,7 +1,6 @@
 { config, pkgs, lib, ... }:
 {
  age.secrets = {
-    agdsn.file = ../../../../secrets/thinkpad/agdsn.age;
    dyport-auth = {
      file = ../../../../secrets/thinkpad/dyport-auth.age;
    };
@ -104,28 +103,6 @@
    };
  };
  systemd.services = {
-    openfortivpn-agdsn = {
-      description = "AG DSN Fortinet VPN";
-      script = "${pkgs.openfortivpn}/bin/openfortivpn vpn.agdsn.de:443 --realm admin-vpn -u r5 -p $(cat $CREDENTIALS_DIRECTORY/password) --trusted-cert 82ed105286f02f4308f3c525a4034caed6cb738c3336f0f1da52421d419c87a9";
-      requires = [ "network-online.target" ];
-      after = [ "network.target" "network-online.target" ];
-      serviceConfig = {
-        Type = "simple";
-        LoadCredential = [
-          "password:${config.age.secrets.agdsn.path}"
-        ];
-        ProtectSystem = true;
-        ProtectKernelLogs = true;
-        ProtectKernelTunables = true;
-        ProtectKernelModules = true;
-
-        ProtectHome = true;
-        ProtectClock = true;
-        PrivateTmp = true;
-
-        LockPersonality = true;
-      };
-    };
    # fix systemd dependencies for supplicant services
    "supplicant-lan@" = {
      wantedBy = lib.mkForce [ ];
--- a/pkgs/ianny/default.nix
+++ b/pkgs/ianny/default.nix
@ -1,14 +1,14 @@
 { rustPlatform, fetchFromGitHub, lib, ninja, dbus, pkg-config }:
 rustPlatform.buildRustPackage rec {
  pname = "ianny";
-  version = "unstable-2023-12-16";
+  version = "2.0.0";
  src = fetchFromGitHub {
    owner = "zefr0x";
    repo = pname;
    rev = "v2.0.0";
    hash = "sha256-F8Uc2BsQ5f7yaUXXDhLvyyYKUDAuvP9cCR2h3vblr0g=";
  };
-  cargoHash = "sha256-6rcibPoO5EQcT8HGgHge/4wrXyBA9JCk4+aiCFz+kXM=";
+  cargoHash = "sha256-QqdcOftbVt/yNzmvvy6AI66oTZvTgWHfY3Q/ikWGaLM=";
  buildInputs = [
    dbus
    ninja
--- a/secrets.nix
+++ b/secrets.nix
@ -7,7 +7,6 @@ in
 {
  # thinkpad
  "secrets/thinkpad/wireless.age".publicKeys = [ rouven thinkpad ];
-  "secrets/thinkpad/agdsn.age".publicKeys = [ rouven thinkpad ];
  "secrets/thinkpad/dyport-auth.age".publicKeys = [ rouven thinkpad ];
  "secrets/thinkpad/wireguard/dorm/private.age".publicKeys = [ rouven thinkpad ];
  "secrets/thinkpad/wireguard/dorm/preshared.age".publicKeys = [ rouven thinkpad ];
--- a/secrets/thinkpad/agdsn.age
+++ b/secrets/thinkpad/agdsn.age
@ -1,7 +0,0 @@
-age-encryption.org/v1
-> ssh-ed25519 uWbAHQ X/P87D8iMo5RKTEU8pZt+xG9Ebx64cDHAX/n4ks8egA
-9zcpVqoCnDDs27SjbjNW+mJF+o/svGy0v0JNJxDTegU
-> ssh-ed25519 EVzt9Q v6gZYjKb/gisiCyeKKHRA0xlcAO2oFEomu2oRPuf6S8
-uw0LguP73eWbx+NX6DHJK6kzoxj7jIc1OBYPAOBLY0o
--- Zus0cOOXQVwuzHkYRm7IpKVqG1KxgflB9sLOrFP56Ks
-‚Ò¢#œîe\>ÝJ$æƒŠ{Yç¿•µ±‹,;?‘<18><><EFBFBD>XìÁ<C3AC>%½‹·>Úž<C39A>Aï`Nó`ØýzûÍ
--- a/users/rouven/modules/helix/default.nix
+++ b/users/rouven/modules/helix/default.nix
@ -7,21 +7,6 @@
    nil
    nixpkgs-fmt
    tinymist
-    (python3.withPackages (ps: with ps; [
-      pyls-isort
-      pylsp-mypy
-      # python-lsp-black
-      python-lsp-server
-
-      # pylsp optional dependencies
-      types-requests
-      flake8
-      mccabe
-      pycodestyle
-      pydocstyle
-      pyflakes
-      pylint
-    ]))
    clang-tools
    nodePackages.typescript-language-server
  ];
--- a/users/rouven/modules/packages.nix
+++ b/users/rouven/modules/packages.nix
@ -13,6 +13,8 @@
    xdg-utils # used for xdg-open
    appimage-run
    glab
+    tio
+    tcpdump

    # graphics
    (zathura.override { plugins = [ zathuraPkgs.zathura_pdf_mupdf ]; })
@ -28,6 +30,7 @@
    google-chrome
    liferea
    openvpn
+    thunderbird

    # messaging
    tdesktop
@ -50,8 +53,29 @@
    typst
    hut
    wine
-    ansible
+    # ansible
    ansible-lint
+    (python3.withPackages (ps: [
+      # ps.ansible
+      ps.ansible-core
+      ps.pip
+      ps.requests
+
+      ps.pyls-isort
+      ps.pylsp-mypy
+      # python-lsp-black
+      ps.python-lsp-server
+
+      # pylsp optional dependencies
+      ps.types-requests
+      ps.flake8
+      ps.mccabe
+      ps.pycodestyle
+      ps.pydocstyle
+      ps.pyflakes
+      ps.pylint
+    ]))
+

    # programming languages
    cargo
@ -80,22 +104,23 @@
  ];

  programs.firefox.enable = true;
-  programs = {
-    thunderbird = {
-      enable = true;
-      profiles = {
-        default = {
-          withExternalGnupg = true;
-          isDefault = true;
-          settings = {
-            "intl.date_time.pattern_override.connector_short" = "{1} {0}";
-            "intl.date_time.pattern_override.date_short" = "yyyy-MM-dd";
-            "intl.date_time.pattern_override.time_short" = "HH:mm";
-          };
-        };
-      };
-    };
-  };
+  # ugly and Broken
+  # programs = {
+  #   thunderbird = {
+  #     enable = true;
+  #     profiles = {
+  #       default = {
+  #         withExternalGnupg = true;
+  #         isDefault = true;
+  #         settings = {
+  #           "intl.date_time.pattern_override.connector_short" = "{1} {0}";
+  #           "intl.date_time.pattern_override.date_short" = "yyyy-MM-dd";
+  #           "intl.date_time.pattern_override.time_short" = "HH:mm";
+  #         };
+  #       };
+  #     };
+  #   };
+  # };
  services.gnome-keyring.enable = true;

  xdg.mimeApps = {
--- a/users/rouven/modules/ssh/default.nix
+++ b/users/rouven/modules/ssh/default.nix
@ -96,3 +96,7 @@ in
    };
  };
 }
+
+
+
+
--- a/users/rouven/modules/wayland/waybar.nix
+++ b/users/rouven/modules/wayland/waybar.nix
@ -1,6 +1,6 @@
-{ config, pkgs, ... }:
+{ config, pkgs, lib, ... }:
 {
-  systemd.user.services.waybar.Service.Environment = "PATH=${pkgs.swaynotificationcenter}/bin";
+  systemd.user.services.waybar.Service.Environment = lib.mkForce "PATH=${pkgs.swaynotificationcenter}/bin";
  programs.waybar = {
    enable = true;
    systemd.enable = true;
Author	SHA1	Message	Date
Rouven Seifert	7e2ec684ba	thinkpad: remove declarative agdsn vpn	2025-04-24 10:02:59 +02:00
Rouven Seifert	8178023c14	nixos updates	2025-04-24 10:01:00 +02:00
Rouven Seifert	9019f85ae4	ianny: unstable -> 2.0.0	2025-04-24 10:00:18 +02:00
Rouven Seifert	e930c05695	fix user packages	2025-04-24 09:59:57 +02:00