diff --git a/flake.lock b/flake.lock index f382057..ed028d6 100644 --- a/flake.lock +++ b/flake.lock @@ -96,27 +96,6 @@ "type": "github" } }, - "dns": { - "inputs": { - "flake-utils": "flake-utils", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1635273082, - "narHash": "sha256-EHiDP2jEa7Ai5ZwIf5uld9RVFcV77+2SUxjQXwJsJa0=", - "owner": "nix-community", - "repo": "dns.nix", - "rev": "c7b9645da9c0ddce4f9de4ef27ec01bb8108039a", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "dns.nix", - "type": "github" - } - }, "flake-compat": { "flake": false, "locked": { @@ -155,21 +134,6 @@ } }, "flake-utils": { - "locked": { - "lastModified": 1614513358, - "narHash": "sha256-LakhOx3S1dRjnh0b5Dg3mbZyH0ToC9I8Y2wKSkBaTzU=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "5466c5bbece17adaab2d82fae80b46e807611bf3", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_2": { "inputs": { "systems": "systems_2" }, @@ -216,11 +180,11 @@ ] }, "locked": { - "lastModified": 1713294767, - "narHash": "sha256-LmaabaQZdx52MPGKPRt9Opoc9Gd9RbwvCdysUUYQoXI=", + "lastModified": 1712759992, + "narHash": "sha256-2APpO3ZW4idlgtlb8hB04u/rmIcKA8O7pYqxF66xbNY=", "owner": "nix-community", "repo": "home-manager", - "rev": "fa8c16e2452bf092ac76f09ee1fb1e9f7d0796e7", + "rev": "31357486b0ef6f4e161e002b6893eeb4fafc3ca9", "type": "github" }, "original": { @@ -269,7 +233,7 @@ "crane": "crane", "flake-compat": "flake-compat", "flake-parts": "flake-parts", - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils", "nixpkgs": [ "nixpkgs" ], @@ -317,11 +281,11 @@ ] }, "locked": { - "lastModified": 1713067146, - "narHash": "sha256-9D20xjblGKEVRVCnM3qWhiizEa9i6OpK6xQJajwcwOQ=", + "lastModified": 1712459390, + "narHash": "sha256-e12bNDottaGoBgd0AdH/bQvk854xunlWAdZwr/oHO1c=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "93aed67288be60c9ef6133ba2f8de128f4ef265c", + "rev": "4676d72d872459e1e3a248d049609f110c570e9a", "type": "github" }, "original": { @@ -332,11 +296,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1713248628, - "narHash": "sha256-NLznXB5AOnniUtZsyy/aPWOk8ussTuePp2acb9U+ISA=", + "lastModified": 1712791164, + "narHash": "sha256-3sbWO1mbpWsLepZGbWaMovSO7ndZeFqDSdX0hZ9nVyw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5672bc9dbf9d88246ddab5ac454e82318d094bb8", + "rev": "1042fd8b148a9105f3c0aca3a6177fd1d9360ba5", "type": "github" }, "original": { @@ -450,25 +414,24 @@ "river": { "flake": false, "locked": { - "lastModified": 1713357595, - "narHash": "sha256-LGqP2HBrMKGGTnqFDjmZRKXN88SQMgfLm2plVAzan8c=", + "lastModified": 1712665127, + "narHash": "sha256-uACc9Cb1tSw3I0fMlEMX74NfU+Tg3It74tb+nc51AZ4=", "ref": "refs/heads/master", - "rev": "6b86af4f85f66697a0ffc504c4fcc1db05bfbb80", - "revCount": 1246, + "rev": "14e941bae16b1ca478c32198c131c4297157f888", + "revCount": 1238, "submodules": true, "type": "git", - "url": "https://codeberg.org/river/river" + "url": "https://github.com/riverwm/river" }, "original": { "submodules": true, "type": "git", - "url": "https://codeberg.org/river/river" + "url": "https://github.com/riverwm/river" } }, "root": { "inputs": { "agenix": "agenix", - "dns": "dns", "home-manager": "home-manager", "impermanence": "impermanence", "lanzaboote": "lanzaboote", diff --git a/flake.nix b/flake.nix index ffb8b80..710abc2 100644 --- a/flake.nix +++ b/flake.nix @@ -18,12 +18,9 @@ impermanence.url = "github:nix-community/impermanence"; home-manager = { - inputs.nixpkgs.follows = "nixpkgs"; - }; - - dns = { - url = "github:nix-community/dns.nix"; - inputs.nixpkgs.follows = "nixpkgs"; + inputs = { + nixpkgs.follows = "nixpkgs"; + }; }; nix-colors.url = "github:Misterio77/nix-colors"; @@ -47,7 +44,7 @@ }; river = { - url = "https://codeberg.org/river/river"; + url = "https://github.com/riverwm/river"; flake = false; type = "git"; submodules = true; @@ -59,7 +56,6 @@ { self , nixpkgs , home-manager - , dns , nix-index-database , agenix , impermanence diff --git a/hosts/falkenstein/modules/dns/default.nix b/hosts/falkenstein/modules/dns/default.nix index 8fd068a..b6ac08f 100644 --- a/hosts/falkenstein/modules/dns/default.nix +++ b/hosts/falkenstein/modules/dns/default.nix @@ -1,52 +1,53 @@ -{ pkgs, lib, config, dns, ... }: +{ pkgs, config, ... }: let secondary = "185.181.104.96"; - zonefile = with dns.lib.combinators; pkgs.writeText "rfive.de.zone.txt" (dns.lib.toString "rfive.de" { - TTL = 3600; - SOA = { - nameServer = "ns.rfive.de."; - adminEmail = "hostmaster@rfive.de"; - serial = 2024041709; - refresh = 10800; - retry = 3600; - expire = 604800; - minimum = 3600; - }; - NS = [ - "ns.inwx.de." - "ns2.inwx.de." - "ns3.inxw.eu." - ]; - A = [ "23.88.121.184" ]; - AAAA = [ "2a01:4f8:c012:49de::1" ]; + zonefile = pkgs.writeText "rfive.de.zone.txt" '' + $TTL 3600 + $ORIGIN rfive.de. - CAA = letsEncrypt "ca@rfive.de"; + rfive.de. 86400 IN SOA ns.rfive.de. hostmaster.rfive.de. ( + 2024040800 ; serial + 10800 ; refresh + 3600 ; retry + 604800 ; expire + 3600 ) ; negatives caching, ehem. minimum + + @ NS ns.inwx.de. + @ NS ns2.inwx.de. + @ NS ns3.inwx.eu. - MX = [{ preference = 1; exchange = "mail.rfive.de."; }]; + @ A 23.88.121.184 + @ AAAA 2a01:4f8:c012:49de::1 - TXT = [ - (spf.soft [ "mx" ]) - ]; + @ CAA 0 iodef "mailto:ca@rfive.de" + @ CAA 0 issue "letsencrypt.org" + @ CAA 0 issuewild ";" - subdomains = lib.attrsets.mergeAttrsList [ - rec { - nuc = { - A = [ "141.30.227.6" ]; - }; - falkenstein = { - A = [ "23.88.121.184" ]; - AAAA = [ "2a01:4f8:c012:49de::1" ]; - }; - ns = falkenstein; - mail = falkenstein; - _dmarc.TXT = [ "v=DMARC1; p=none; adkim=s; fo=1; rua=mailto:dmarc@rfive.de; ruf=mailto:dmarc@rfive.de" ]; - _domainkey.subdomains.rspamd.TXT = [ "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoirUMubro4nlmY6a8JMwK9QB2agAXiJzexDU/7ba6KCggONfoSTfUHlrM/XeM1GG/9oKpngApxDPP97adJuxc8/EELyo4HjTyYD8GBFZhg0AN7V8IPaJ1o5k6dGDk8ZLh41ZCnlAVWkhVSKs5pYtzkrlJIfUSzyuoe8nuFsVe3QIDAQAB" ]; + ns A 23.88.121.184 + ns AAAA 2a01:4f8:c012:49de::1 - } - (lib.attrsets.genAttrs [ "cache" "chat" "matrix" "seafile" "vault" ] (label: { CNAME = [ "nuc.rfive.de." ]; })) - (lib.attrsets.genAttrs [ "purge" "rspamd" "trucks" ] (label: { CNAME = [ "falkenstein.rfive.de." ]; })) - ]; - }); + nuc A 141.30.227.6 + falkenstein A 23.88.121.184 + falkenstein AAAA 2a01:4f8:c012:49de::1 + + @ MX 1 mail.rfive.de. + mail A 23.88.121.184 + mail AAAA 2a01:4f8:c012:49de::1 + + @ TXT "v=spf1 mx ~all" + rspamd._domainkey TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoirUMubro4nlmY6a8JMwK9QB2agAXiJzexDU/7ba6KCggONfoSTfUHlrM/XeM1GG/9oKpngApxDPP97adJuxc8/EELyo4HjTyYD8GBFZhg0AN7V8IPaJ1o5k6dGDk8ZLh41ZCnlAVWkhVSKs5pYtzkrlJIfUSzyuoe8nuFsVe3QIDAQAB" + _dmarc TXT "v=DMARC1; p=none; adkim=s; fo=1; rua=mailto:dmarc@rfive.de; ruf=mailto:dmarc@rfive.de" + + cache CNAME nuc.rfive.de. + chat CNAME nuc.rfive.de. + matrix CNAME nuc.rfive.de. + seafile CNAME nuc.rfive.de. + vault CNAME nuc.rfive.de. + + purge CNAME falkenstein.rfive.de. + rspamd CNAME falkenstein.rfive.de. + trucks CNAME falkenstein.rfive.de. + ''; in { services.bind = rec { diff --git a/shared/nix.nix b/shared/nix.nix index ba3d866..b5411a4 100644 --- a/shared/nix.nix +++ b/shared/nix.nix @@ -11,6 +11,7 @@ experimental-features = [ "nix-command" "flakes" "repl-flake" ]; substituters = [ "https://cache.rfive.de" + # temp disabled until logging error is resolved "https://cache.ifsr.de" ]; trusted-public-keys = [ diff --git a/shared/zsh.nix b/shared/zsh.nix index 61b2d18..0588bd8 100644 --- a/shared/zsh.nix +++ b/shared/zsh.nix @@ -11,9 +11,7 @@ iperf ]; users.defaultUserShell = pkgs.zsh; - programs.fzf = { - keybindings = true; - }; + programs.fzf.enable = true; programs.zsh = { enable = true; shellAliases = { diff --git a/users/rouven/modules/packages.nix b/users/rouven/modules/packages.nix index ae98767..19307c7 100644 --- a/users/rouven/modules/packages.nix +++ b/users/rouven/modules/packages.nix @@ -17,6 +17,7 @@ (zathura.override { plugins = [ zathuraPkgs.zathura_pdf_mupdf ]; }) gimp ffmpeg + imv # bluetooth blueman @@ -38,10 +39,12 @@ bitwarden-cli # misc + neofetch # obligatory xournalpp libreoffice mosh typst + typst-preview hut # programming languages @@ -70,6 +73,8 @@ ]; + + programs.obs-studio.enable = true; programs.firefox.enable = true; programs = { thunderbird = { @@ -93,7 +98,7 @@ enable = true; defaultApplications = let - image-viewers = [ "google-chrome.desktop" "gimp.desktop" "swappy.desktop" "org.qutebrowser.qutebrowser.desktop" ]; + image-viewers = [ "imv.desktop" "gimp.desktop" "swappy.desktop" "org.qutebrowser.qutebrowser.desktop" "google-chrome.desktop" ]; browsers = [ "google-chrome.desktop" "firefox.desktop" "org.qutebrowser.qutebrowser.desktop" ]; in { diff --git a/users/rouven/modules/ssh/default.nix b/users/rouven/modules/ssh/default.nix index 7c5e6e3..94c8371 100644 --- a/users/rouven/modules/ssh/default.nix +++ b/users/rouven/modules/ssh/default.nix @@ -16,7 +16,7 @@ in VisualHostKey = yes ''; matchBlocks = { - # Personal + # personal use "git@github.com" = { match = "Host github.com User git"; identityFile = git; @@ -25,16 +25,6 @@ in match = "Host git.sr.ht User git"; identityFile = git; }; - "*.vpn.rfive.de" = { - user = "root"; - }; - - # TU Dresden - "tud" = { - hostname = "login.zih.tu-dresden.de"; - user = "rose159e"; - }; - # iFSR "fsr" = { hostname = "ifsr.de"; @@ -43,14 +33,27 @@ in "quitte" = { hostname = "quitte.ifsr.de"; user = "root"; + extraOptions = { + RequestTTY = "yes"; + RemoteCommand = "zsh -i"; + }; + }; + "quitte-notty" = { + hostname = "quitte.ifsr.de"; + user = "root"; }; "tomate" = { hostname = "tomate.ifsr.de"; user = "root"; extraOptions = { - ProxyJump = "tud"; + RequestTTY = "yes"; + RemoteCommand = "zsh -i"; }; }; + "tomate-notty" = { + hostname = "tomate.ifsr.de"; + user = "root"; + }; "git@ifsr.de" = { match = "Host ifsr.de User git"; identityFile = git; @@ -71,6 +74,9 @@ in VerifyHostKeyDNS = "yes"; }; }; + "*.vpn.rfive.de" = { + user = "root"; + }; "git@git.agdsn.de" = { match = "Host git.agdsn.de User git"; identityFile = git;