From 2a2275a87ad874317114dc0dfbee139944b228ca Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 28 Feb 2024 17:48:56 +0100 Subject: [PATCH 001/309] flake: update everything --- flake.lock | 126 ++++++++++++++++++++++++++++++++++++++--------------- flake.nix | 15 +++++-- 2 files changed, 103 insertions(+), 38 deletions(-) diff --git a/flake.lock b/flake.lock index 92525ad..82707a5 100644 --- a/flake.lock +++ b/flake.lock @@ -3,14 +3,16 @@ "agenix": { "inputs": { "darwin": "darwin", - "nixpkgs": "nixpkgs" + "home-manager": "home-manager", + "nixpkgs": "nixpkgs", + "systems": "systems" }, "locked": { - "lastModified": 1677969766, - "narHash": "sha256-AIp/ZYZMNLDZR/H7iiAlaGpu4lcXsVt9JQpBlf43HRY=", + "lastModified": 1707830867, + "narHash": "sha256-PAdwm5QqdlwIqGrfzzvzZubM+FXtilekQ/FA0cI49/o=", "owner": "ryantm", "repo": "agenix", - "rev": "03b51fe8e459a946c4b88dcfb6446e45efb2c24e", + "rev": "8cb01a0e717311680e0cbca06a76cbceba6f3ed6", "type": "github" }, "original": { @@ -27,11 +29,11 @@ ] }, "locked": { - "lastModified": 1673295039, - "narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=", + "lastModified": 1700795494, + "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "87b9d090ad39b25b2400029c64825fc2a8868943", + "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", "type": "github" }, "original": { @@ -46,11 +48,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1702479765, - "narHash": "sha256-wjNYsFhciYoJkZ/FBKvFj55k+vkLbu6C2qYQ7K+s8pI=", + "lastModified": 1708910350, + "narHash": "sha256-cTuJVlOm05aQFIgGuYikgkrI61P2vTO2OfXwIRWEzUg=", "owner": "nix-community", "repo": "disko", - "rev": "bd8fbc3f274288ac905bcea66bc2a5428abde458", + "rev": "a13f36255cf4ce99cc4236a34251c2e7106e101d", "type": "github" }, "original": { @@ -61,17 +63,20 @@ } }, "flake-utils": { + "inputs": { + "systems": "systems_2" + }, "locked": { - "lastModified": 1653893745, - "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=", + "lastModified": 1709126324, + "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=", "owner": "numtide", "repo": "flake-utils", - "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1", + "rev": "d465f4819400de7c8d874d50b982301f28a84605", "type": "github" }, "original": { "owner": "numtide", - "ref": "master", + "ref": "main", "repo": "flake-utils", "type": "github" } @@ -79,31 +84,52 @@ "home-manager": { "inputs": { "nixpkgs": [ + "agenix", "nixpkgs" ] }, "locked": { - "lastModified": 1706981411, - "narHash": "sha256-cLbLPTL1CDmETVh4p0nQtvoF+FSEjsnJTFpTxhXywhQ=", + "lastModified": 1703113217, + "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", "owner": "nix-community", "repo": "home-manager", - "rev": "652fda4ca6dafeb090943422c34ae9145787af37", + "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-23.11", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1708988456, + "narHash": "sha256-RCz7Xe64tN2zgWk+MVHkzg224znwqknJ1RnB7rVqUWw=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "1d085ea4444d26aa52297758b333b449b2aa6fca", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "master", "repo": "home-manager", "type": "github" } }, "nixos-hardware": { "locked": { - "lastModified": 1695887975, - "narHash": "sha256-u3+5FR12dI305jCMb0fJNQx2qwoQ54lv1tPoEWp0hmg=", + "lastModified": 1709110790, + "narHash": "sha256-qUk0G9vWX90beOKB1EtLFdeImXAujNi5SP5zTyIEATc=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "adcfd6aa860d1d129055039696bc457af7d50d0e", + "rev": "01467901ec51dd92774040f2b3dff4f21f4e1c45", "type": "github" }, "original": { @@ -115,11 +141,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1677676435, - "narHash": "sha256-6FxdcmQr5JeZqsQvfinIMr0XcTyTuR7EXX0H3ANShpQ=", + "lastModified": 1703013332, + "narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a08d6979dd7c82c4cef0dcc6ac45ab16051c1169", + "rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6", "type": "github" }, "original": { @@ -131,11 +157,11 @@ }, "nixpkgs-unstable-small": { "locked": { - "lastModified": 1678510587, - "narHash": "sha256-Jb6/OsFlvUotDhs9Xtk/G5SLXCHsnVnVdn5trgSiNQA=", + "lastModified": 1709109332, + "narHash": "sha256-v2rVOs9d+A+t3ZFgWCq/31gontLcJc9K0raI7fDuu34=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1e21dd61028bca1ed1d70a76bc8bd988ae366275", + "rev": "c1fe227b486d4bfffb319fd225a95ea574d398bf", "type": "github" }, "original": { @@ -147,11 +173,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1697915759, - "narHash": "sha256-WyMj5jGcecD+KC8gEs+wFth1J1wjisZf8kVZH13f1Zo=", + "lastModified": 1708815994, + "narHash": "sha256-hL7N/ut2Xu0NaDxDMsw2HagAjgDskToGiyZOWriiLYM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "51d906d2341c9e866e48c2efcaac0f2d70bfd43e", + "rev": "9a9dae8f6319600fa9aebde37f340975cab4b8c0", "type": "github" }, "original": { @@ -163,16 +189,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1707650010, - "narHash": "sha256-dOhphIA4MGrH4ElNCy/OlwmN24MsnEqFjRR6+RY7jZw=", + "lastModified": 1708984720, + "narHash": "sha256-gJctErLbXx4QZBBbGp78PxtOOzsDaQ+yw1ylNQBuSUY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "809cca784b9f72a5ad4b991e0e7bcf8890f9c3a6", + "rev": "13aff9b34cc32e59d35c62ac9356e4a41198a538", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-23.11", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -182,11 +208,41 @@ "agenix": "agenix", "disko": "disko", "flake-utils": "flake-utils", - "home-manager": "home-manager", + "home-manager": "home-manager_2", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_3", "nixpkgs-unstable-small": "nixpkgs-unstable-small" } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 54c4d61..9a3c3fb 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,7 @@ type = "github"; owner = "NixOS"; repo = "nixpkgs"; - ref = "nixos-23.11"; + ref = "nixos-unstable"; }; nixpkgs-unstable-small = { @@ -25,7 +25,7 @@ type = "github"; owner = "nix-community"; repo = "home-manager"; - ref = "release-23.11"; + ref = "master"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -33,7 +33,7 @@ type = "github"; owner = "numtide"; repo = "flake-utils"; - ref = "master"; + ref = "main"; }; nixos-hardware = { @@ -155,6 +155,15 @@ ++ sharedModules; }; + talos = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ + inputs.nixos-hardware.nixosModules.framework-13-inch-7040-amd + disko.nixosModules.default + ./talos.nix + ]; + }; + thanatos = nixpkgs.lib.nixosSystem { inherit system; modules = From 3e3f4331d20f9309f3bd0f6c5e45632126a566d5 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 28 Feb 2024 23:30:28 +0100 Subject: [PATCH 002/309] talos: initial setup --- flake.nix | 4 +- hosts/talos/default.nix | 106 ++++++++++++++++++ hosts/talos/disko-config.nix | 63 +++++++++++ hosts/talos/hardware-configuration.nix | 25 +++++ hosts/talos/home.nix | 46 ++++++++ hosts/talos/secrets.nix | 23 ++++ modules/secrets/secrets.nix | 3 +- .../secrets/users/alarsyo-hashed-password.age | Bin 863 -> 836 bytes .../secrets/users/root-hashed-password.age | 28 ++--- talos.nix | 23 ++++ 10 files changed, 304 insertions(+), 17 deletions(-) create mode 100644 hosts/talos/default.nix create mode 100644 hosts/talos/disko-config.nix create mode 100644 hosts/talos/hardware-configuration.nix create mode 100644 hosts/talos/home.nix create mode 100644 hosts/talos/secrets.nix create mode 100644 talos.nix diff --git a/flake.nix b/flake.nix index 9a3c3fb..b068188 100644 --- a/flake.nix +++ b/flake.nix @@ -158,10 +158,10 @@ talos = nixpkgs.lib.nixosSystem { inherit system; modules = [ - inputs.nixos-hardware.nixosModules.framework-13-inch-7040-amd + inputs.nixos-hardware.nixosModules.framework-13-7040-amd disko.nixosModules.default ./talos.nix - ]; + ] ++ sharedModules; }; thanatos = nixpkgs.lib.nixosSystem { diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix new file mode 100644 index 0000000..cfc361c --- /dev/null +++ b/hosts/talos/default.nix @@ -0,0 +1,106 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page, on +# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). + +{ config, lib, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ./disko-config.nix + + ./home.nix + ./secrets.nix + ]; + + hardware.amdgpu.opencl = false; + + boot.kernelPackages = pkgs.linuxPackages_6_6; + + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + boot.tmp.useTmpfs = true; + + services.btrfs = { + autoScrub = { + enable = true; + fileSystems = ["/"]; + }; + }; + + networking.hostName = "talos"; # Define your hostname. + networking.domain = "alarsyo.net"; + # Pick only one of the below networking options. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + + # Set your time zone. + time.timeZone = "Europe/Paris"; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + programs = { + dconf.enable = true; + light.enable = true; + }; + services = { + fwupd.enable = true; + openssh.enable = true; + }; + virtualisation = { + docker.enable = true; + libvirtd.enable = true; + }; + + my.services = { + tailscale = { + enable = true; + useRoutingFeatures = "client"; + }; + + pipewire.enable = true; + }; + + my.gui.enable = true; + my.displayManager.sddm.enable = lib.mkForce false; + + hardware.bluetooth = { + enable = true; + powerOnBoot = false; + settings.General.Experimental = true; + }; + + # Configure console keymap + console.keyMap = "us"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + i18n.extraLocaleSettings = { + LC_ADDRESS = "fr_FR.UTF-8"; + LC_IDENTIFICATION = "fr_FR.UTF-8"; + LC_MEASUREMENT = "fr_FR.UTF-8"; + LC_MONETARY = "fr_FR.UTF-8"; + LC_NAME = "fr_FR.UTF-8"; + LC_PAPER = "fr_FR.UTF-8"; + LC_TELEPHONE = "fr_FR.UTF-8"; + }; + + # Enable the X11 windowing system. + services.xserver.enable = true; + + # Enable the KDE Plasma Desktop Environment. + services.xserver.displayManager.sddm.enable = true; + services.xserver.desktopManager.plasma5.enable = true; + services.power-profiles-daemon.enable = true; + + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; +} + diff --git a/hosts/talos/disko-config.nix b/hosts/talos/disko-config.nix new file mode 100644 index 0000000..89ddfd8 --- /dev/null +++ b/hosts/talos/disko-config.nix @@ -0,0 +1,63 @@ +{ + disko.devices = { + disk = { + nvme0n1 = { + type = "disk"; + device = "/dev/nvme0n1"; + content = { + type = "gpt"; + partitions = { + ESP = { + size = "512M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ + "defaults" + ]; + }; + }; + luks = { + size = "100%"; + content = { + type = "luks"; + name = "crypted"; + # disable settings.keyFile if you want to use interactive password entry + passwordFile = "/tmp/secret.key"; # Interactive + settings = { + allowDiscards = true; + #keyFile = "/tmp/secret.key"; + }; + #additionalKeyFiles = [ "/tmp/additionalSecret.key" ]; + content = { + type = "btrfs"; + extraArgs = [ "-f" ]; + subvolumes = { + "/root" = { + mountpoint = "/"; + mountOptions = [ "compress=zstd" "noatime" ]; + }; + "/home" = { + mountpoint = "/home"; + mountOptions = [ "compress=zstd" "noatime" ]; + }; + "/nix" = { + mountpoint = "/nix"; + mountOptions = [ "compress=zstd" "noatime" ]; + }; + "/swap" = { + mountpoint = "/.swapvol"; + swap.swapfile.size = "8G"; + }; + }; + }; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/hosts/talos/hardware-configuration.nix b/hosts/talos/hardware-configuration.nix new file mode 100644 index 0000000..7bb481b --- /dev/null +++ b/hosts/talos/hardware-configuration.nix @@ -0,0 +1,25 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix new file mode 100644 index 0000000..06cb3dd --- /dev/null +++ b/hosts/talos/home.nix @@ -0,0 +1,46 @@ +{ + config, + pkgs, + ... +}: { + home-manager.users.alarsyo = { + my.home.laptop.enable = true; + + # Keyboard settings & i3 settings + my.home.x.enable = true; + my.home.x.i3bar.temperature.chip = "k10temp-pci-*"; + my.home.x.i3bar.temperature.inputs = ["Tctl"]; + my.home.x.i3bar.networking.throughput_interfaces = ["wlp1s0"]; + my.home.emacs.enable = true; + + my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight; + + # TODO: place in global home conf + services.dunst.enable = true; + + home.packages = builtins.attrValues { + inherit + (pkgs) + # some websites only work there :( + + chromium + darktable + # dev + + rustup + gdb + valgrind + arandr + zotero + ; + + #inherit + # (pkgs.packages) + # ansel + # spot + # ; + + inherit (pkgs.wineWowPackages) stable; + }; + }; +} diff --git a/hosts/talos/secrets.nix b/hosts/talos/secrets.nix new file mode 100644 index 0000000..387f511 --- /dev/null +++ b/hosts/talos/secrets.nix @@ -0,0 +1,23 @@ +{ + config, + lib, + options, + ... +}: { + config.age = { + secrets = let + toSecret = name: {...} @ attrs: + { + file = ./../../modules/secrets + "/${name}.age"; + } + // attrs; + in + lib.mapAttrs toSecret { + #"restic-backup/hephaestus-credentials" = {}; + #"restic-backup/hephaestus-password" = {}; + + "users/alarsyo-hashed-password" = {}; + "users/root-hashed-password" = {}; + }; + }; +} diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index 9c042d0..2496adb 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -5,9 +5,10 @@ let boreal = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAagal1aqZh52wEmgsw7fkCzO41o4Cx+nV4wJGZuX1RP root@boreal"; hades = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMxw8CtKUPAiPdKDEnuS7UyRrZN5BkUwsy5UPVF8V+lt root@hades"; hephaestus = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA7Cp+n5+huof68QlAoJV8bVf5h5p9kEZFAVpltWopdL root@hephaestus"; + talos = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMBYcmL9HZJ9SqB9OJwQ0Nt6ZbvHZTS+fzM8A6D5MPZs root@talos"; thanatos = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID8JEAWk/8iSl8fN6/f76JkmVFwtyixTpLol4zSVsnVw root@thanatos"; - machines = [boreal hades hephaestus thanatos]; + machines = [boreal hades hephaestus talos thanatos]; all = users ++ machines; in { diff --git a/modules/secrets/users/alarsyo-hashed-password.age b/modules/secrets/users/alarsyo-hashed-password.age index 38b12accb020c04422710553bdf46bb52f37ee10..dfbbc689bf07585002b19933c6eb4a0bdd1e63c7 100644 GIT binary patch delta 746 zcmcc5c7$z$PJOUncA>swRalaXM{a&_lxMDaPPTJ-WSL)LmWfAjZhDb{e^73gcX60O zGM9h8bB?xKlxc8=L4I~dxPP8om1U`RNp_jHQ*o|uRF#u1k?mhDAoWet}^`v9Ei!esM}+scC?liBn}xx z#E;_j?&Z#Ae%c-$#bHhs;o6mXp+QLj86^Q}`AH@z&biuoULh9QmTq1pC6&osh8`v* zRbFn{B^e>X={aWkoQEC!d5$T=n z>g7{WRhd*(?&@alUL5RSn1P#FTA7=^f2o;&d8J=* zc9BJ}er`!Qm#(g^f=fx5WtP5^fon*ZPiAm(rMp*{TT-#7Z*qB9YO+U^MS757v16`t zs6~}`I@i9*ZMyQUA9`+Y+uHwo-@yZNma66x{Z7oE!~4C$LyO}fllw>3I>jo6PfOZ- zqxhGtaak9*z_80#VzTV_hO3s2_n-YZe7-B$WB$jeEiZmQJGE8sV}0}Q$!~fmS8+Y+ T)ZEXj(f`xvxZdjTi#7lN3+@b5 delta 793 zcmX@YcAss6PJN!EnQ4TFn`uRHVz{YSfO}eaq>oF9bD@DtU|@ltnVVBmQl5*qkCCxc zB$roZl}}oQWne^5m`PSdV0c+^gs-c=d8DOpVwzc)V_;OML13n9rK3SnF_*5LLUD11 zZfc5=si~o*LP3N@rBS+qfn#ZTkcmr~SyE|Ea(=nCkDGsrSwyj$eyFxjrA1nxi)X1v za&~cMmUFfVS4c!;kw`o4~n&oYYF8zrTMr>FS3 zW@!ib=lG;%rB~$`yGQvM`Wjc1mKraR5h!8IS zAaWHXDr6QV|{<~ zjO;2?-y~nh;?n#~E*Fc8Y`?6Oh&l7Nb@W+qvBArqKLAnQVWxS?6Pd%!YET;Lu1RdF#Vt$ugsL7NauXZoItLB z5f_uJV=}x%f68%QQNDI!-*P+SfU3VU0#Cd+f314I*E|K@OA&Wd**3j44pjUszjTM` zQI$Wt8)|%yxmbJu+8iY{C0I{RZnuEYj@J<{`q_f**B)3f=fZZwEX~zxJfcr$WFK3- LcIA?7HR-kh+z1oG diff --git a/modules/secrets/users/root-hashed-password.age b/modules/secrets/users/root-hashed-password.age index 0988a49..6a15e89 100644 --- a/modules/secrets/users/root-hashed-password.age +++ b/modules/secrets/users/root-hashed-password.age @@ -1,15 +1,15 @@ age-encryption.org/v1 --> ssh-ed25519 YWMQkg i+/8YGSMh0M3Z0qvZebnAmZzr78cnp0TDMUr/FvSyj8 -YQm2rXUoM2l1zh4AD6LHBvgDgsRYdiZWgycu1OabiaA --> ssh-ed25519 pX8y2g Vrn1mB2TH0EGY6uB9hfRu3LaLNp5hjwgLCV4xHQ3UDc -2zZBeLqqs6PAAywIs7v3aLb4tFydwrV6iqGJcZkDbY8 --> ssh-ed25519 SYm+hA PbPD9hhKTAqOFwY0RNtq0tNZnmwC7B0BWCcEp4MBEQ0 -qoXYrSuGtWQX6FlNIgVCkwRy5He/SVi3VHrbPHQvpf0 --> ssh-ed25519 6UUuZw 4pyEkmESRYwA3cURKdWtJ9w5K72y6qNqNXRb+oexoGA -UBa59ClPat1rl4r/BBWHhea1YBLBiyaoHvoYrgnkZhk --> ssh-ed25519 k2gHjw Ef7VgulblvO2b6gUlSa7MqAJMm/0E4z9kOLGuuy+MyY -ede5dtwJpTaDdtFGtNdrv+dfF/V/qmCR+vjC0vhv7WQ --> 2}s-grease -H1mgdyEhmM8weQ+JKPeLvHRb4XsD+zglY5RI428sqRhUSoOX3P8 ---- F/H59tq65rdlR0xSltrmJ8FJZaLVIQPAiruY0R8xpYM -b$(cmQ-:+'TKakyxy._5~Y6@Kʒj8لI'#9W<'֨i׈ZOz \ No newline at end of file +-> ssh-ed25519 YWMQkg mb17MHdKPO5SDXOslq38CjHLKy063L1KyN2wT85fGlE +3JnWLwx2cNmBC1vpS9KAwZQIy7B/vqLZ9QwQYNY4wMQ +-> ssh-ed25519 pX8y2g mvykS4XrUSwe68MteVV52u95oySHdzRlMGVFjhQQrx8 +ztoGz8OrTMRH/0NPfnQXrVBA0Uyuuc2b0dlOXToq85U +-> ssh-ed25519 SYm+hA TiL9r8l1nIvOMUpFaYmZ/5d6DRxcMHMICjrTfmbC7Wc +GfivQi5vzTUfYDVjwSxNA8t/tKtRu0QAGE+kPr4u1+I +-> ssh-ed25519 nh0dAQ 9agb3Zl/7+mAIH7bcIXbY2KrHDZAjugAfKbQ0OAhIQQ +kPzKALS6Wrr5zUJngqjwGV6w5prKMWlj/WY2qi2ck4M +-> ssh-ed25519 6UUuZw 36Uu//D8HuiRHFN0GOAyLxI0J3yBrTSBXuBG9pTVZA8 +KTMmUW8MvVtUm4Xjyz0JGDdz4H7Y5KxLPDeYPc0dfl4 +-> ssh-ed25519 k2gHjw D3OD07mu/YnR3xVhhbX4UoChpAWSG4CYIkmQZclsjQc +kgqZizkSgB5p+1ZRd0tP/bBxZ92jt6fvAcNZe3MmgoE +--- ZuL2dvQ6+hac47fRdRWl4VHl2sRIvnF80d37EZKq94I +J)Fr@+4rF OL5|㞵ˮq[ Pm;aH Date: Thu, 29 Feb 2024 02:44:24 +0100 Subject: [PATCH 003/309] base: update xkb option names --- base/gui-programs.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/base/gui-programs.nix b/base/gui-programs.nix index 31ee485..ee2712f 100644 --- a/base/gui-programs.nix +++ b/base/gui-programs.nix @@ -35,8 +35,10 @@ in { then ["nvidia"] else options.services.xserver.videoDrivers.default; windowManager.i3.enable = true; - layout = "fr"; - xkbVariant = "us"; + xkb = { + layout = "fr"; + variant = "us"; + }; libinput = { enable = true; touchpad = { From 2d420362acc75d27336ee9fcd705e4c48ef14dda Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 29 Feb 2024 02:45:20 +0100 Subject: [PATCH 004/309] base: remove driver config NVIDIA specific settings should just go to boreal --- base/gui-programs.nix | 5 ----- 1 file changed, 5 deletions(-) diff --git a/base/gui-programs.nix b/base/gui-programs.nix index ee2712f..885597b 100644 --- a/base/gui-programs.nix +++ b/base/gui-programs.nix @@ -29,11 +29,6 @@ in { services = { xserver = { enable = true; - # NOTE: could use `mkOptionDefault` but this feels more explicit - videoDrivers = - if config.my.gui.isNvidia - then ["nvidia"] - else options.services.xserver.videoDrivers.default; windowManager.i3.enable = true; xkb = { layout = "fr"; From 401ee0005ac2e7068cd963acff35226e9261a718 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 29 Feb 2024 03:48:41 +0100 Subject: [PATCH 005/309] run formatter --- flake.nix | 12 +++++++----- hosts/talos/default.nix | 25 +++++++++++++------------ hosts/talos/disko-config.nix | 8 ++++---- hosts/talos/hardware-configuration.nix | 22 +++++++++++++--------- hosts/talos/home.nix | 4 ++-- 5 files changed, 39 insertions(+), 32 deletions(-) diff --git a/flake.nix b/flake.nix index b068188..c0f7351 100644 --- a/flake.nix +++ b/flake.nix @@ -157,11 +157,13 @@ talos = nixpkgs.lib.nixosSystem { inherit system; - modules = [ - inputs.nixos-hardware.nixosModules.framework-13-7040-amd - disko.nixosModules.default - ./talos.nix - ] ++ sharedModules; + modules = + [ + inputs.nixos-hardware.nixosModules.framework-13-7040-amd + disko.nixosModules.default + ./talos.nix + ] + ++ sharedModules; }; thanatos = nixpkgs.lib.nixosSystem { diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index cfc361c..dd16c73 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -1,18 +1,20 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page, on # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). - -{ config, lib, pkgs, ... }: - { - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration.nix - ./disko-config.nix + config, + lib, + pkgs, + ... +}: { + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + ./disko-config.nix - ./home.nix - ./secrets.nix - ]; + ./home.nix + ./secrets.nix + ]; hardware.amdgpu.opencl = false; @@ -35,7 +37,7 @@ networking.domain = "alarsyo.net"; # Pick only one of the below networking options. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. - networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. # Set your time zone. time.timeZone = "Europe/Paris"; @@ -103,4 +105,3 @@ # accidentally delete configuration.nix. # system.copySystemConfiguration = true; } - diff --git a/hosts/talos/disko-config.nix b/hosts/talos/disko-config.nix index 89ddfd8..b59cd1a 100644 --- a/hosts/talos/disko-config.nix +++ b/hosts/talos/disko-config.nix @@ -33,19 +33,19 @@ #additionalKeyFiles = [ "/tmp/additionalSecret.key" ]; content = { type = "btrfs"; - extraArgs = [ "-f" ]; + extraArgs = ["-f"]; subvolumes = { "/root" = { mountpoint = "/"; - mountOptions = [ "compress=zstd" "noatime" ]; + mountOptions = ["compress=zstd" "noatime"]; }; "/home" = { mountpoint = "/home"; - mountOptions = [ "compress=zstd" "noatime" ]; + mountOptions = ["compress=zstd" "noatime"]; }; "/nix" = { mountpoint = "/nix"; - mountOptions = [ "compress=zstd" "noatime" ]; + mountOptions = ["compress=zstd" "noatime"]; }; "/swap" = { mountpoint = "/.swapvol"; diff --git a/hosts/talos/hardware-configuration.nix b/hosts/talos/hardware-configuration.nix index 7bb481b..1d0808e 100644 --- a/hosts/talos/hardware-configuration.nix +++ b/hosts/talos/hardware-configuration.nix @@ -1,17 +1,21 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-amd"]; + boot.extraModulePackages = []; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 06cb3dd..53d7fec 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -22,11 +22,11 @@ inherit (pkgs) # some websites only work there :( - + chromium darktable # dev - + rustup gdb valgrind From b28266d6eaa5e0824b3b7c61f2aaeab0eedb8d93 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 29 Feb 2024 10:58:36 +0100 Subject: [PATCH 006/309] talos: update systemd-boot settings --- hosts/talos/default.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index dd16c73..d5a0891 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -21,7 +21,11 @@ boot.kernelPackages = pkgs.linuxPackages_6_6; # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; + boot.loader.systemd-boot = { + enable = true; + editor = false; + consoleMode = "auto"; + }; boot.loader.efi.canTouchEfiVariables = true; boot.tmp.useTmpfs = true; From b18652a73dfca5f1ba19b6b5f5c61387c04e8fd9 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 29 Feb 2024 16:34:22 +0100 Subject: [PATCH 007/309] home: tridactyl: disable redirection to old reddit --- home/tridactylrc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/tridactylrc b/home/tridactylrc index e3611ef..7601c0e 100644 --- a/home/tridactylrc +++ b/home/tridactylrc @@ -19,7 +19,7 @@ bind , nohlsearch set findcase smart " New reddit is bad -autocmd DocStart ^http(s?)://www.reddit.com js tri.excmds.urlmodify("-t", "www", "old") +" autocmd DocStart ^http(s?)://www.reddit.com js tri.excmds.urlmodify("-t", "www", "old") " Orange site / Reddit / Lobste.rs specific hints to toggle comments bind ;c hint -Jc [class*="expand"],[class="togg"],[class="comment_folder"] From b05eec42c5cfc3526b154f19acea80d6010646a6 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 29 Feb 2024 16:35:17 +0100 Subject: [PATCH 008/309] talos: enable some wayland window managers --- hosts/talos/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index d5a0891..9ef88c1 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -104,6 +104,11 @@ services.xserver.desktopManager.plasma5.enable = true; services.power-profiles-daemon.enable = true; + programs.hyprland.enable = true; + programs.sway = { + enable = true; + wrapperFeatures.gtk = true; + }; # Copy the NixOS configuration file and link it from the resulting system # (/run/current-system/configuration.nix). This is useful in case you # accidentally delete configuration.nix. From ae2c988bdbb2b056c4210881f41f78b621307e2e Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 1 Mar 2024 10:35:36 +0100 Subject: [PATCH 009/309] talos: switch sddm to wayland --- hosts/talos/default.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 9ef88c1..a7994c8 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -100,7 +100,10 @@ services.xserver.enable = true; # Enable the KDE Plasma Desktop Environment. - services.xserver.displayManager.sddm.enable = true; + services.xserver.displayManager.sddm = { + enable = true; + wayland.enable = true; + }; services.xserver.desktopManager.plasma5.enable = true; services.power-profiles-daemon.enable = true; From 93764167e9c2ac35173f4b236ec3bc3a02d9b4e5 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 1 Mar 2024 11:43:13 +0100 Subject: [PATCH 010/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'disko': 'github:nix-community/disko/a13f36255cf4ce99cc4236a34251c2e7106e101d' (2024-02-26) → 'github:nix-community/disko/bde7dd352c07d43bd5b8245e6c39074a391fdd46' (2024-03-01) • Updated input 'home-manager': 'github:nix-community/home-manager/1d085ea4444d26aa52297758b333b449b2aa6fca' (2024-02-26) → 'github:nix-community/home-manager/2f3367769a93b226c467551315e9e270c3f78b15' (2024-02-29) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/01467901ec51dd92774040f2b3dff4f21f4e1c45' (2024-02-28) → 'github:NixOS/nixos-hardware/33a97b5814d36ddd65ad678ad07ce43b1a67f159' (2024-02-28) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/13aff9b34cc32e59d35c62ac9356e4a41198a538' (2024-02-26) → 'github:NixOS/nixpkgs/9099616b93301d5cf84274b184a3a5ec69e94e08' (2024-02-28) • Updated input 'nixpkgs-unstable-small': 'github:NixOS/nixpkgs/c1fe227b486d4bfffb319fd225a95ea574d398bf' (2024-02-28) → 'github:NixOS/nixpkgs/09c1497ce5d4ed4a0edfdd44450d3048074cb300' (2024-03-01) --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 82707a5..bf02982 100644 --- a/flake.lock +++ b/flake.lock @@ -48,11 +48,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1708910350, - "narHash": "sha256-cTuJVlOm05aQFIgGuYikgkrI61P2vTO2OfXwIRWEzUg=", + "lastModified": 1709286488, + "narHash": "sha256-RDpTZ72zLu05djvXRzK76Ysqp9zSdh84ax/edEaJucs=", "owner": "nix-community", "repo": "disko", - "rev": "a13f36255cf4ce99cc4236a34251c2e7106e101d", + "rev": "bde7dd352c07d43bd5b8245e6c39074a391fdd46", "type": "github" }, "original": { @@ -109,11 +109,11 @@ ] }, "locked": { - "lastModified": 1708988456, - "narHash": "sha256-RCz7Xe64tN2zgWk+MVHkzg224znwqknJ1RnB7rVqUWw=", + "lastModified": 1709204054, + "narHash": "sha256-U1idK0JHs1XOfSI1APYuXi4AEADf+B+ZU4Wifc0pBHk=", "owner": "nix-community", "repo": "home-manager", - "rev": "1d085ea4444d26aa52297758b333b449b2aa6fca", + "rev": "2f3367769a93b226c467551315e9e270c3f78b15", "type": "github" }, "original": { @@ -125,11 +125,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1709110790, - "narHash": "sha256-qUk0G9vWX90beOKB1EtLFdeImXAujNi5SP5zTyIEATc=", + "lastModified": 1709147990, + "narHash": "sha256-vpXMWoaCtMYJ7lisJedCRhQG9BSsInEyZnnG5GfY9tQ=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "01467901ec51dd92774040f2b3dff4f21f4e1c45", + "rev": "33a97b5814d36ddd65ad678ad07ce43b1a67f159", "type": "github" }, "original": { @@ -157,11 +157,11 @@ }, "nixpkgs-unstable-small": { "locked": { - "lastModified": 1709109332, - "narHash": "sha256-v2rVOs9d+A+t3ZFgWCq/31gontLcJc9K0raI7fDuu34=", + "lastModified": 1709271102, + "narHash": "sha256-Z2sBL/HRRTNABsU8E5XsP+FXBEyBoi6oMwm5bV7lSFw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c1fe227b486d4bfffb319fd225a95ea574d398bf", + "rev": "09c1497ce5d4ed4a0edfdd44450d3048074cb300", "type": "github" }, "original": { @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1708984720, - "narHash": "sha256-gJctErLbXx4QZBBbGp78PxtOOzsDaQ+yw1ylNQBuSUY=", + "lastModified": 1709150264, + "narHash": "sha256-HofykKuisObPUfj0E9CJVfaMhawXkYx3G8UIFR/XQ38=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "13aff9b34cc32e59d35c62ac9356e4a41198a538", + "rev": "9099616b93301d5cf84274b184a3a5ec69e94e08", "type": "github" }, "original": { From beb366f9a544078a62359dac1d8e3840bd8e1251 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 1 Mar 2024 13:34:33 +0100 Subject: [PATCH 011/309] home: individualise stateVersion --- home/default.nix | 2 -- hosts/boreal/home.nix | 3 +++ hosts/hades/home.nix | 3 +++ hosts/hephaestus/home.nix | 3 +++ hosts/talos/home.nix | 2 ++ hosts/thanatos/home.nix | 3 +++ 6 files changed, 14 insertions(+), 2 deletions(-) diff --git a/home/default.nix b/home/default.nix index 97d2b3c..2c74b55 100644 --- a/home/default.nix +++ b/home/default.nix @@ -21,8 +21,6 @@ ./x ]; - home.stateVersion = "21.05"; - home.username = "alarsyo"; home.sessionVariables = let diff --git a/hosts/boreal/home.nix b/hosts/boreal/home.nix index f522fb3..10516ae 100644 --- a/hosts/boreal/home.nix +++ b/hosts/boreal/home.nix @@ -4,6 +4,9 @@ ... }: { home-manager.users.alarsyo = { + # TODO: can probably upgrade me + home.stateVersion = "21.05"; + # Keyboard settings & i3 settings my.home.x.enable = true; my.home.x.i3bar.temperature.chip = "k10temp-pci-*"; diff --git a/hosts/hades/home.nix b/hosts/hades/home.nix index 3bb7dab..3f83cc4 100644 --- a/hosts/hades/home.nix +++ b/hosts/hades/home.nix @@ -1,5 +1,8 @@ {config, ...}: { home-manager.users.alarsyo = { + # TODO: can probably upgrade me + home.stateVersion = "21.05"; + my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight; }; } diff --git a/hosts/hephaestus/home.nix b/hosts/hephaestus/home.nix index 3e0f454..3f17233 100644 --- a/hosts/hephaestus/home.nix +++ b/hosts/hephaestus/home.nix @@ -4,6 +4,9 @@ ... }: { home-manager.users.alarsyo = { + # TODO: can probably upgrade me + home.stateVersion = "21.05"; + my.home.laptop.enable = true; # Keyboard settings & i3 settings diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 53d7fec..2dce6f6 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -4,6 +4,8 @@ ... }: { home-manager.users.alarsyo = { + home.stateVersion = "24.05"; + my.home.laptop.enable = true; # Keyboard settings & i3 settings diff --git a/hosts/thanatos/home.nix b/hosts/thanatos/home.nix index 3bb7dab..3f83cc4 100644 --- a/hosts/thanatos/home.nix +++ b/hosts/thanatos/home.nix @@ -1,5 +1,8 @@ {config, ...}: { home-manager.users.alarsyo = { + # TODO: can probably upgrade me + home.stateVersion = "21.05"; + my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight; }; } From 09ed731496875c4bc547d290b2a2073a1dcc5936 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 3 Mar 2024 01:56:35 +0100 Subject: [PATCH 012/309] hosts: add talos --- flake.nix | 11 ++ hosts/talos/default.nix | 120 ++++++++++++++++++ hosts/talos/disko-config.nix | 67 ++++++++++ hosts/talos/hardware-configuration.nix | 29 +++++ hosts/talos/home.nix | 57 +++++++++ hosts/talos/secrets.nix | 23 ++++ modules/secrets/secrets.nix | 3 +- .../secrets/users/alarsyo-hashed-password.age | Bin 863 -> 836 bytes .../secrets/users/root-hashed-password.age | 28 ++-- talos.nix | 23 ++++ 10 files changed, 346 insertions(+), 15 deletions(-) create mode 100644 hosts/talos/default.nix create mode 100644 hosts/talos/disko-config.nix create mode 100644 hosts/talos/hardware-configuration.nix create mode 100644 hosts/talos/home.nix create mode 100644 hosts/talos/secrets.nix create mode 100644 talos.nix diff --git a/flake.nix b/flake.nix index 54c4d61..db27a66 100644 --- a/flake.nix +++ b/flake.nix @@ -155,6 +155,17 @@ ++ sharedModules; }; + talos = nixpkgs.lib.nixosSystem { + inherit system; + modules = + [ + inputs.nixos-hardware.nixosModules.framework-13-7040-amd + disko.nixosModules.default + ./talos.nix + ] + ++ sharedModules; + }; + thanatos = nixpkgs.lib.nixosSystem { inherit system; modules = diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix new file mode 100644 index 0000000..418c652 --- /dev/null +++ b/hosts/talos/default.nix @@ -0,0 +1,120 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page, on +# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). +{ + config, + lib, + pkgs, + ... +}: { + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + ./disko-config.nix + + ./home.nix + ./secrets.nix + ]; + + hardware.amdgpu.opencl = false; + + boot.kernelPackages = pkgs.linuxPackages_6_6; + + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot = { + enable = true; + editor = false; + consoleMode = "auto"; + }; + boot.loader.efi.canTouchEfiVariables = true; + + boot.tmp.useTmpfs = true; + + services.btrfs = { + autoScrub = { + enable = true; + fileSystems = ["/"]; + }; + }; + + networking.hostName = "talos"; # Define your hostname. + networking.domain = "alarsyo.net"; + # Pick only one of the below networking options. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + + # Set your time zone. + time.timeZone = "Europe/Paris"; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + programs = { + dconf.enable = true; + light.enable = true; + }; + services = { + fwupd.enable = true; + openssh.enable = true; + }; + virtualisation = { + docker.enable = true; + libvirtd.enable = true; + }; + + my.services = { + tailscale = { + enable = true; + useRoutingFeatures = "client"; + }; + + pipewire.enable = true; + }; + + my.gui.enable = true; + my.displayManager.sddm.enable = lib.mkForce false; + + hardware.bluetooth = { + enable = true; + powerOnBoot = false; + settings.General.Experimental = true; + }; + + # Configure console keymap + console.keyMap = "us"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + i18n.extraLocaleSettings = { + LC_ADDRESS = "fr_FR.UTF-8"; + LC_IDENTIFICATION = "fr_FR.UTF-8"; + LC_MEASUREMENT = "fr_FR.UTF-8"; + LC_MONETARY = "fr_FR.UTF-8"; + LC_NAME = "fr_FR.UTF-8"; + LC_PAPER = "fr_FR.UTF-8"; + LC_TELEPHONE = "fr_FR.UTF-8"; + }; + + # Enable the X11 windowing system. + services.xserver.enable = true; + + # Enable the KDE Plasma Desktop Environment. + services.xserver.displayManager.sddm = { + enable = true; + wayland.enable = true; + }; + services.xserver.desktopManager.plasma5.enable = true; + services.power-profiles-daemon.enable = true; + + #programs.hyprland.enable = true; + #programs.sway = { + # enable = true; + # wrapperFeatures.gtk = true; + #}; + + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; +} diff --git a/hosts/talos/disko-config.nix b/hosts/talos/disko-config.nix new file mode 100644 index 0000000..9f9ae7b --- /dev/null +++ b/hosts/talos/disko-config.nix @@ -0,0 +1,67 @@ +{ + disko.devices = { + disk = { + nvme0n1 = { + type = "disk"; + device = "/dev/nvme0n1"; + content = { + type = "gpt"; + partitions = { + ESP = { + size = "512M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ + "defaults" + ]; + }; + }; + luks = { + size = "100%"; + content = { + type = "luks"; + name = "crypted"; + # disable settings.keyFile if you want to use interactive password entry + passwordFile = "/tmp/secret.key"; # Interactive + settings = { + allowDiscards = true; + #keyFile = "/tmp/secret.key"; + }; + #additionalKeyFiles = [ "/tmp/additionalSecret.key" ]; + content = { + type = "btrfs"; + extraArgs = ["-f"]; + subvolumes = { + "@" = { + mountpoint = "/"; + mountOptions = ["compress=zstd" "noatime"]; + }; + "@home" = { + mountpoint = "/home"; + mountOptions = ["compress=zstd" "noatime"]; + }; + "@nix" = { + mountpoint = "/nix"; + mountOptions = ["compress=zstd" "noatime"]; + }; + "@persist" = { + mountpoint = "/persist"; + mountOptions = ["compress=zstd" "noatime"]; + }; + "@swap" = { + mountpoint = "/.swapvol"; + swap.swapfile.size = "8G"; + }; + }; + }; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/hosts/talos/hardware-configuration.nix b/hosts/talos/hardware-configuration.nix new file mode 100644 index 0000000..1d0808e --- /dev/null +++ b/hosts/talos/hardware-configuration.nix @@ -0,0 +1,29 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-amd"]; + boot.extraModulePackages = []; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix new file mode 100644 index 0000000..5b266e6 --- /dev/null +++ b/hosts/talos/home.nix @@ -0,0 +1,57 @@ +{ + config, + lib, + pkgs, + ... +}: { + home-manager.users.alarsyo = { + home.stateVersion = lib.mkForce "23.11"; + + my.home.laptop.enable = true; + + # Keyboard settings & i3 settings + my.home.x.enable = true; + my.home.x.i3bar.temperature.chip = "k10temp-pci-*"; + my.home.x.i3bar.temperature.inputs = ["Tctl"]; + my.home.x.i3bar.networking.throughput_interfaces = ["wlp1s0"]; + my.home.emacs.enable = true; + + my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight; + + # TODO: place in global home conf + services.dunst.enable = true; + + home.packages = builtins.attrValues { + inherit + (pkgs) + # some websites only work there :( + + #chromium + + #darktable + + ## dev + + # + + #rustup + + #gdb + + #valgrind + + arandr + #zotero + + ; + + #inherit + # (pkgs.packages) + # ansel + # spot + # ; + + #inherit (pkgs.wineWowPackages) stable; + }; + }; +} diff --git a/hosts/talos/secrets.nix b/hosts/talos/secrets.nix new file mode 100644 index 0000000..387f511 --- /dev/null +++ b/hosts/talos/secrets.nix @@ -0,0 +1,23 @@ +{ + config, + lib, + options, + ... +}: { + config.age = { + secrets = let + toSecret = name: {...} @ attrs: + { + file = ./../../modules/secrets + "/${name}.age"; + } + // attrs; + in + lib.mapAttrs toSecret { + #"restic-backup/hephaestus-credentials" = {}; + #"restic-backup/hephaestus-password" = {}; + + "users/alarsyo-hashed-password" = {}; + "users/root-hashed-password" = {}; + }; + }; +} diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index 9c042d0..2496adb 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -5,9 +5,10 @@ let boreal = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAagal1aqZh52wEmgsw7fkCzO41o4Cx+nV4wJGZuX1RP root@boreal"; hades = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMxw8CtKUPAiPdKDEnuS7UyRrZN5BkUwsy5UPVF8V+lt root@hades"; hephaestus = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA7Cp+n5+huof68QlAoJV8bVf5h5p9kEZFAVpltWopdL root@hephaestus"; + talos = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMBYcmL9HZJ9SqB9OJwQ0Nt6ZbvHZTS+fzM8A6D5MPZs root@talos"; thanatos = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID8JEAWk/8iSl8fN6/f76JkmVFwtyixTpLol4zSVsnVw root@thanatos"; - machines = [boreal hades hephaestus thanatos]; + machines = [boreal hades hephaestus talos thanatos]; all = users ++ machines; in { diff --git a/modules/secrets/users/alarsyo-hashed-password.age b/modules/secrets/users/alarsyo-hashed-password.age index 38b12accb020c04422710553bdf46bb52f37ee10..dfbbc689bf07585002b19933c6eb4a0bdd1e63c7 100644 GIT binary patch delta 746 zcmcc5c7$z$PJOUncA>swRalaXM{a&_lxMDaPPTJ-WSL)LmWfAjZhDb{e^73gcX60O zGM9h8bB?xKlxc8=L4I~dxPP8om1U`RNp_jHQ*o|uRF#u1k?mhDAoWet}^`v9Ei!esM}+scC?liBn}xx z#E;_j?&Z#Ae%c-$#bHhs;o6mXp+QLj86^Q}`AH@z&biuoULh9QmTq1pC6&osh8`v* zRbFn{B^e>X={aWkoQEC!d5$T=n z>g7{WRhd*(?&@alUL5RSn1P#FTA7=^f2o;&d8J=* zc9BJ}er`!Qm#(g^f=fx5WtP5^fon*ZPiAm(rMp*{TT-#7Z*qB9YO+U^MS757v16`t zs6~}`I@i9*ZMyQUA9`+Y+uHwo-@yZNma66x{Z7oE!~4C$LyO}fllw>3I>jo6PfOZ- zqxhGtaak9*z_80#VzTV_hO3s2_n-YZe7-B$WB$jeEiZmQJGE8sV}0}Q$!~fmS8+Y+ T)ZEXj(f`xvxZdjTi#7lN3+@b5 delta 793 zcmX@YcAss6PJN!EnQ4TFn`uRHVz{YSfO}eaq>oF9bD@DtU|@ltnVVBmQl5*qkCCxc zB$roZl}}oQWne^5m`PSdV0c+^gs-c=d8DOpVwzc)V_;OML13n9rK3SnF_*5LLUD11 zZfc5=si~o*LP3N@rBS+qfn#ZTkcmr~SyE|Ea(=nCkDGsrSwyj$eyFxjrA1nxi)X1v za&~cMmUFfVS4c!;kw`o4~n&oYYF8zrTMr>FS3 zW@!ib=lG;%rB~$`yGQvM`Wjc1mKraR5h!8IS zAaWHXDr6QV|{<~ zjO;2?-y~nh;?n#~E*Fc8Y`?6Oh&l7Nb@W+qvBArqKLAnQVWxS?6Pd%!YET;Lu1RdF#Vt$ugsL7NauXZoItLB z5f_uJV=}x%f68%QQNDI!-*P+SfU3VU0#Cd+f314I*E|K@OA&Wd**3j44pjUszjTM` zQI$Wt8)|%yxmbJu+8iY{C0I{RZnuEYj@J<{`q_f**B)3f=fZZwEX~zxJfcr$WFK3- LcIA?7HR-kh+z1oG diff --git a/modules/secrets/users/root-hashed-password.age b/modules/secrets/users/root-hashed-password.age index 0988a49..6a15e89 100644 --- a/modules/secrets/users/root-hashed-password.age +++ b/modules/secrets/users/root-hashed-password.age @@ -1,15 +1,15 @@ age-encryption.org/v1 --> ssh-ed25519 YWMQkg i+/8YGSMh0M3Z0qvZebnAmZzr78cnp0TDMUr/FvSyj8 -YQm2rXUoM2l1zh4AD6LHBvgDgsRYdiZWgycu1OabiaA --> ssh-ed25519 pX8y2g Vrn1mB2TH0EGY6uB9hfRu3LaLNp5hjwgLCV4xHQ3UDc -2zZBeLqqs6PAAywIs7v3aLb4tFydwrV6iqGJcZkDbY8 --> ssh-ed25519 SYm+hA PbPD9hhKTAqOFwY0RNtq0tNZnmwC7B0BWCcEp4MBEQ0 -qoXYrSuGtWQX6FlNIgVCkwRy5He/SVi3VHrbPHQvpf0 --> ssh-ed25519 6UUuZw 4pyEkmESRYwA3cURKdWtJ9w5K72y6qNqNXRb+oexoGA -UBa59ClPat1rl4r/BBWHhea1YBLBiyaoHvoYrgnkZhk --> ssh-ed25519 k2gHjw Ef7VgulblvO2b6gUlSa7MqAJMm/0E4z9kOLGuuy+MyY -ede5dtwJpTaDdtFGtNdrv+dfF/V/qmCR+vjC0vhv7WQ --> 2}s-grease -H1mgdyEhmM8weQ+JKPeLvHRb4XsD+zglY5RI428sqRhUSoOX3P8 ---- F/H59tq65rdlR0xSltrmJ8FJZaLVIQPAiruY0R8xpYM -b$(cmQ-:+'TKakyxy._5~Y6@Kʒj8لI'#9W<'֨i׈ZOz \ No newline at end of file +-> ssh-ed25519 YWMQkg mb17MHdKPO5SDXOslq38CjHLKy063L1KyN2wT85fGlE +3JnWLwx2cNmBC1vpS9KAwZQIy7B/vqLZ9QwQYNY4wMQ +-> ssh-ed25519 pX8y2g mvykS4XrUSwe68MteVV52u95oySHdzRlMGVFjhQQrx8 +ztoGz8OrTMRH/0NPfnQXrVBA0Uyuuc2b0dlOXToq85U +-> ssh-ed25519 SYm+hA TiL9r8l1nIvOMUpFaYmZ/5d6DRxcMHMICjrTfmbC7Wc +GfivQi5vzTUfYDVjwSxNA8t/tKtRu0QAGE+kPr4u1+I +-> ssh-ed25519 nh0dAQ 9agb3Zl/7+mAIH7bcIXbY2KrHDZAjugAfKbQ0OAhIQQ +kPzKALS6Wrr5zUJngqjwGV6w5prKMWlj/WY2qi2ck4M +-> ssh-ed25519 6UUuZw 36Uu//D8HuiRHFN0GOAyLxI0J3yBrTSBXuBG9pTVZA8 +KTMmUW8MvVtUm4Xjyz0JGDdz4H7Y5KxLPDeYPc0dfl4 +-> ssh-ed25519 k2gHjw D3OD07mu/YnR3xVhhbX4UoChpAWSG4CYIkmQZclsjQc +kgqZizkSgB5p+1ZRd0tP/bBxZ92jt6fvAcNZe3MmgoE +--- ZuL2dvQ6+hac47fRdRWl4VHl2sRIvnF80d37EZKq94I +J)Fr@+4rF OL5|㞵ˮq[ Pm;aH Date: Sun, 3 Mar 2024 01:57:24 +0100 Subject: [PATCH 013/309] ci: add talos to hosts --- .github/workflows/cachix.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/cachix.yaml b/.github/workflows/cachix.yaml index c88bece..c3ebe42 100644 --- a/.github/workflows/cachix.yaml +++ b/.github/workflows/cachix.yaml @@ -79,6 +79,7 @@ jobs: - boreal - hades - hephaestus + - talos - thanatos steps: From 92d370a10a4963f51933bc371c738c7ce46ddfab Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 3 Mar 2024 02:01:42 +0100 Subject: [PATCH 014/309] flake: bump all inputs --- flake.lock | 116 +++++++++++++++++++++++++++++++++++++++-------------- flake.nix | 2 +- 2 files changed, 87 insertions(+), 31 deletions(-) diff --git a/flake.lock b/flake.lock index 92525ad..d57ce97 100644 --- a/flake.lock +++ b/flake.lock @@ -3,14 +3,16 @@ "agenix": { "inputs": { "darwin": "darwin", - "nixpkgs": "nixpkgs" + "home-manager": "home-manager", + "nixpkgs": "nixpkgs", + "systems": "systems" }, "locked": { - "lastModified": 1677969766, - "narHash": "sha256-AIp/ZYZMNLDZR/H7iiAlaGpu4lcXsVt9JQpBlf43HRY=", + "lastModified": 1707830867, + "narHash": "sha256-PAdwm5QqdlwIqGrfzzvzZubM+FXtilekQ/FA0cI49/o=", "owner": "ryantm", "repo": "agenix", - "rev": "03b51fe8e459a946c4b88dcfb6446e45efb2c24e", + "rev": "8cb01a0e717311680e0cbca06a76cbceba6f3ed6", "type": "github" }, "original": { @@ -27,11 +29,11 @@ ] }, "locked": { - "lastModified": 1673295039, - "narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=", + "lastModified": 1700795494, + "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "87b9d090ad39b25b2400029c64825fc2a8868943", + "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", "type": "github" }, "original": { @@ -46,11 +48,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1702479765, - "narHash": "sha256-wjNYsFhciYoJkZ/FBKvFj55k+vkLbu6C2qYQ7K+s8pI=", + "lastModified": 1709286488, + "narHash": "sha256-RDpTZ72zLu05djvXRzK76Ysqp9zSdh84ax/edEaJucs=", "owner": "nix-community", "repo": "disko", - "rev": "bd8fbc3f274288ac905bcea66bc2a5428abde458", + "rev": "bde7dd352c07d43bd5b8245e6c39074a391fdd46", "type": "github" }, "original": { @@ -61,22 +63,46 @@ } }, "flake-utils": { + "inputs": { + "systems": "systems_2" + }, "locked": { - "lastModified": 1653893745, - "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=", + "lastModified": 1709126324, + "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=", "owner": "numtide", "repo": "flake-utils", - "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1", + "rev": "d465f4819400de7c8d874d50b982301f28a84605", "type": "github" }, "original": { "owner": "numtide", - "ref": "master", + "ref": "main", "repo": "flake-utils", "type": "github" } }, "home-manager": { + "inputs": { + "nixpkgs": [ + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703113217, + "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { "inputs": { "nixpkgs": [ "nixpkgs" @@ -99,11 +125,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1695887975, - "narHash": "sha256-u3+5FR12dI305jCMb0fJNQx2qwoQ54lv1tPoEWp0hmg=", + "lastModified": 1709410583, + "narHash": "sha256-esOSUoQ7mblwcsSea0K17McZuwAIjoS6dq/4b83+lvw=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "adcfd6aa860d1d129055039696bc457af7d50d0e", + "rev": "59e37017b9ed31dee303dbbd4531c594df95cfbc", "type": "github" }, "original": { @@ -115,11 +141,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1677676435, - "narHash": "sha256-6FxdcmQr5JeZqsQvfinIMr0XcTyTuR7EXX0H3ANShpQ=", + "lastModified": 1703013332, + "narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a08d6979dd7c82c4cef0dcc6ac45ab16051c1169", + "rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6", "type": "github" }, "original": { @@ -131,11 +157,11 @@ }, "nixpkgs-unstable-small": { "locked": { - "lastModified": 1678510587, - "narHash": "sha256-Jb6/OsFlvUotDhs9Xtk/G5SLXCHsnVnVdn5trgSiNQA=", + "lastModified": 1709357594, + "narHash": "sha256-C6BNtZewmFbBuPgqAUa/o3pZ4nYZJkQfFB1nhQbBFEc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1e21dd61028bca1ed1d70a76bc8bd988ae366275", + "rev": "b8698cd8d62c42cf3e2b3a95224c57173b73e494", "type": "github" }, "original": { @@ -147,11 +173,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1697915759, - "narHash": "sha256-WyMj5jGcecD+KC8gEs+wFth1J1wjisZf8kVZH13f1Zo=", + "lastModified": 1708815994, + "narHash": "sha256-hL7N/ut2Xu0NaDxDMsw2HagAjgDskToGiyZOWriiLYM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "51d906d2341c9e866e48c2efcaac0f2d70bfd43e", + "rev": "9a9dae8f6319600fa9aebde37f340975cab4b8c0", "type": "github" }, "original": { @@ -163,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1707650010, - "narHash": "sha256-dOhphIA4MGrH4ElNCy/OlwmN24MsnEqFjRR6+RY7jZw=", + "lastModified": 1709309926, + "narHash": "sha256-VZFBtXGVD9LWTecGi6eXrE0hJ/mVB3zGUlHImUs2Qak=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "809cca784b9f72a5ad4b991e0e7bcf8890f9c3a6", + "rev": "79baff8812a0d68e24a836df0a364c678089e2c7", "type": "github" }, "original": { @@ -182,11 +208,41 @@ "agenix": "agenix", "disko": "disko", "flake-utils": "flake-utils", - "home-manager": "home-manager", + "home-manager": "home-manager_2", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_3", "nixpkgs-unstable-small": "nixpkgs-unstable-small" } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index db27a66..08bf4ef 100644 --- a/flake.nix +++ b/flake.nix @@ -33,7 +33,7 @@ type = "github"; owner = "numtide"; repo = "flake-utils"; - ref = "master"; + ref = "main"; }; nixos-hardware = { From 33aca9d297c2b2024edabfda72abfa7d7df28a9d Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 3 Mar 2024 02:42:30 +0100 Subject: [PATCH 015/309] home: don't hardcode stateversion --- home/default.nix | 2 -- hosts/boreal/home.nix | 2 ++ hosts/hades/home.nix | 1 + hosts/hephaestus/home.nix | 1 + hosts/talos/home.nix | 3 +-- hosts/thanatos/home.nix | 2 ++ 6 files changed, 7 insertions(+), 4 deletions(-) diff --git a/home/default.nix b/home/default.nix index 97d2b3c..2c74b55 100644 --- a/home/default.nix +++ b/home/default.nix @@ -21,8 +21,6 @@ ./x ]; - home.stateVersion = "21.05"; - home.username = "alarsyo"; home.sessionVariables = let diff --git a/hosts/boreal/home.nix b/hosts/boreal/home.nix index f522fb3..1f18d17 100644 --- a/hosts/boreal/home.nix +++ b/hosts/boreal/home.nix @@ -4,6 +4,8 @@ ... }: { home-manager.users.alarsyo = { + home.stateVersion = "20.09"; + # Keyboard settings & i3 settings my.home.x.enable = true; my.home.x.i3bar.temperature.chip = "k10temp-pci-*"; diff --git a/hosts/hades/home.nix b/hosts/hades/home.nix index 3bb7dab..a3737e5 100644 --- a/hosts/hades/home.nix +++ b/hosts/hades/home.nix @@ -1,5 +1,6 @@ {config, ...}: { home-manager.users.alarsyo = { + home.stateVersion = "22.05"; my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight; }; } diff --git a/hosts/hephaestus/home.nix b/hosts/hephaestus/home.nix index 3e0f454..defb789 100644 --- a/hosts/hephaestus/home.nix +++ b/hosts/hephaestus/home.nix @@ -4,6 +4,7 @@ ... }: { home-manager.users.alarsyo = { + home.stateVersion = "23.05"; my.home.laptop.enable = true; # Keyboard settings & i3 settings diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 5b266e6..c678ca8 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -1,11 +1,10 @@ { config, - lib, pkgs, ... }: { home-manager.users.alarsyo = { - home.stateVersion = lib.mkForce "23.11"; + home.stateVersion = "23.11"; my.home.laptop.enable = true; diff --git a/hosts/thanatos/home.nix b/hosts/thanatos/home.nix index 3bb7dab..bacc60b 100644 --- a/hosts/thanatos/home.nix +++ b/hosts/thanatos/home.nix @@ -1,5 +1,7 @@ {config, ...}: { home-manager.users.alarsyo = { + home.stateVersion = "23.11"; + my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight; }; } From fad2af4451d3f80eb8d4cdc93397adbbe865ab30 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 3 Mar 2024 02:44:38 +0100 Subject: [PATCH 016/309] talos: install various home software --- hosts/talos/home.nix | 34 +++++++++++++--------------------- 1 file changed, 13 insertions(+), 21 deletions(-) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index c678ca8..345e117 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -25,32 +25,24 @@ (pkgs) # some websites only work there :( - #chromium - - #darktable - - ## dev - - # - - #rustup - - #gdb - - #valgrind + chromium + darktable + # dev + rustup + gdb + valgrind arandr - #zotero - + zotero ; - #inherit - # (pkgs.packages) - # ansel - # spot - # ; + inherit + (pkgs.packages) + ansel + spot + ; - #inherit (pkgs.wineWowPackages) stable; + inherit (pkgs.wineWowPackages) stable; }; }; } From cafcdc89d7670960a213240edb4736821d0aac87 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 3 Mar 2024 02:58:06 +0100 Subject: [PATCH 017/309] base: remove unneeded discord override --- base/gui-programs.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/base/gui-programs.nix b/base/gui-programs.nix index 31ee485..9a24bbd 100644 --- a/base/gui-programs.nix +++ b/base/gui-programs.nix @@ -53,6 +53,7 @@ in { (pkgs) chrysalis evince + discord feh firefox ffmpeg @@ -72,8 +73,6 @@ in { inherit (pkgs.gnome) nautilus; inherit (pkgs.libsForQt5) okular; - - discord = pkgs.discord.override {nss = pkgs.nss_latest;}; }; networking.networkmanager = { From 524e5759755f6a508f821552546768cfd6c1977d Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 3 Mar 2024 02:58:38 +0100 Subject: [PATCH 018/309] base: remove a few programs from list --- base/gui-programs.nix | 4 ---- 1 file changed, 4 deletions(-) diff --git a/base/gui-programs.nix b/base/gui-programs.nix index 9a24bbd..9ca0aa5 100644 --- a/base/gui-programs.nix +++ b/base/gui-programs.nix @@ -51,8 +51,6 @@ in { environment.systemPackages = builtins.attrValues { inherit (pkgs) - chrysalis - evince discord feh firefox @@ -70,8 +68,6 @@ in { zathura ; - inherit (pkgs.gnome) nautilus; - inherit (pkgs.libsForQt5) okular; }; From 69674b104ef81b063254fe915efee478e24e445f Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 3 Mar 2024 03:02:09 +0100 Subject: [PATCH 019/309] base: remove firefox it's installed from home-manager anyway --- base/gui-programs.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/base/gui-programs.nix b/base/gui-programs.nix index 9ca0aa5..6c4c656 100644 --- a/base/gui-programs.nix +++ b/base/gui-programs.nix @@ -53,7 +53,6 @@ in { (pkgs) discord feh - firefox ffmpeg gimp-with-plugins imagemagick From 2b77681552f07ce405c5845001198e7801158c09 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 3 Mar 2024 03:03:03 +0100 Subject: [PATCH 020/309] home: don't enable i3 by default --- base/gui-programs.nix | 1 - home/x/i3.nix | 7 ++++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/base/gui-programs.nix b/base/gui-programs.nix index 6c4c656..76e90f6 100644 --- a/base/gui-programs.nix +++ b/base/gui-programs.nix @@ -34,7 +34,6 @@ in { if config.my.gui.isNvidia then ["nvidia"] else options.services.xserver.videoDrivers.default; - windowManager.i3.enable = true; layout = "fr"; xkbVariant = "us"; libinput = { diff --git a/home/x/i3.nix b/home/x/i3.nix index 665a237..0fefa09 100644 --- a/home/x/i3.nix +++ b/home/x/i3.nix @@ -6,11 +6,12 @@ }: let inherit (lib) + mkEnableOption mkIf mkOptionDefault ; - isEnabled = config.my.home.x.enable; + isEnabled = config.my.home.x.i3.enable; myTerminal = # FIXME: fix when terminal is setup in home @@ -26,6 +27,10 @@ i3Theme = config.my.theme.i3Theme; in { + options.my.home.x.i3 = { + enable = mkEnableOption "i3wm configuration"; + }; + config = mkIf isEnabled { my.home = { flameshot.enable = true; From bb0ea0a5c8ce1fcf1cf0aed1e308f01e9fd8980e Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 3 Mar 2024 03:29:01 +0100 Subject: [PATCH 021/309] talos: dconf already enabled globally --- hosts/talos/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 418c652..0376135 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -51,7 +51,6 @@ # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; programs = { - dconf.enable = true; light.enable = true; }; services = { From 8b7ae654942b5e70cd637247bed02cfad8dd5743 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 3 Mar 2024 03:29:14 +0100 Subject: [PATCH 022/309] base: remove dodgy networkmanager script --- base/gui-programs.nix | 46 +------------------------------------------ 1 file changed, 1 insertion(+), 45 deletions(-) diff --git a/base/gui-programs.nix b/base/gui-programs.nix index 76e90f6..b485354 100644 --- a/base/gui-programs.nix +++ b/base/gui-programs.nix @@ -69,51 +69,7 @@ in { inherit (pkgs.libsForQt5) okular; }; - networking.networkmanager = { - enable = true; - - dispatcherScripts = [ - { - source = let - grep = "${pkgs.gnugrep}/bin/grep"; - nmcli = "${pkgs.networkmanager}/bin/nmcli"; - in - pkgs.writeShellScript "disable_wifi_on_ethernet" '' - export LC_ALL=C - date >> /tmp/disable_wifi_on_ethernet.log - echo START "$@" >> /tmp/disable_wifi_on_ethernet.log - - beginswith() { case $2 in "$1"*) true;; *) false;; esac; } - - is_ethernet_interface () - { - local type="$(${nmcli} dev show "$1" | grep 'GENERAL\.TYPE:' | awk '{ print $2 }')" - test "$type" = "ethernet" || beginswith enp "$1" - } - - hotspot_enabled () - { - ${nmcli} dev | ${grep} -q "hotspot" - } - - if is_ethernet_interface "$1" && ! hotspot_enabled; then - echo "change in ethernet and not in hotspot mode" >> /tmp/disable_wifi_on_ethernet.log - if [ "$2" = "up" ]; then - echo "turning wifi off" >> /tmp/disable_wifi_on_ethernet.log - nmcli radio wifi off - fi - - if [ "$2" = "down" ]; then - echo "turning wifi on" >> /tmp/disable_wifi_on_ethernet.log - nmcli radio wifi on - fi - fi - echo END "$@" >> /tmp/disable_wifi_on_ethernet.log - ''; - type = "basic"; - } - ]; - }; + networking.networkmanager.enable = true; programs.nm-applet.enable = true; programs.steam.enable = true; From 47e47488bc84f4ac39febd8891c32af836e4e4be Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 3 Mar 2024 04:02:31 +0100 Subject: [PATCH 023/309] talos: remove darktable --- hosts/talos/home.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 345e117..f42b383 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -26,7 +26,6 @@ # some websites only work there :( chromium - darktable # dev rustup From c47c084a55e790de019b28ae6ba6c4aacaf82e9b Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 3 Mar 2024 04:11:59 +0100 Subject: [PATCH 024/309] base: remove unused programs --- base/programs.nix | 9 --------- 1 file changed, 9 deletions(-) diff --git a/base/programs.nix b/base/programs.nix index 0f82f19..cc111fb 100644 --- a/base/programs.nix +++ b/base/programs.nix @@ -26,31 +26,22 @@ fd file ripgrep - sd - tokei tree wget - jq pciutils usbutils # development - agenix - alejandra git git-crypt git-lfs gnumake gnupg - pinentry-qt python3 vim # terminal utilities - dogdns - du-dust htop - ldns # drill unzip zip ; From 6e8253fd8956846b4a5c288623960aec240bd84a Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 4 Mar 2024 14:23:27 +0100 Subject: [PATCH 025/309] talos: switch to kernel 6.7 --- hosts/talos/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 0376135..59f84dd 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -18,7 +18,7 @@ hardware.amdgpu.opencl = false; - boot.kernelPackages = pkgs.linuxPackages_6_6; + boot.kernelPackages = pkgs.linuxPackages_6_7; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot = { From 2ec0602006736d9f7f9480bd0a1a08c9e08bf816 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 4 Mar 2024 16:04:50 +0100 Subject: [PATCH 026/309] talos: set Wi-Fi regulatory domain --- hosts/talos/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 59f84dd..7377884 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -19,6 +19,9 @@ hardware.amdgpu.opencl = false; boot.kernelPackages = pkgs.linuxPackages_6_7; + # Set Wi-Fi regulatory domain. Currently always set to '00' (world), and could + # lead to bad Wi-Fi performance + boot.kernelParams = ["cfg80211.ieee80211_regdom=FR"]; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot = { From 3d10eef3ac05e9c975286ad84d5c393dbce74ce9 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 4 Mar 2024 16:05:01 +0100 Subject: [PATCH 027/309] flake: override power-profiles-daemon 0.20 from unstable brings a lot of improvements over 0.13 from 23.11 for newer AMD laptops --- flake.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/flake.nix b/flake.nix index 08bf4ef..476d7cc 100644 --- a/flake.nix +++ b/flake.nix @@ -93,6 +93,8 @@ inherit system; config.allowUnfree = true; }; + + power-profiles-daemon = self.unstable.power-profiles-daemon; }) agenix.overlays.default From 3e23486ecbb7a1a7207e2155ef18d82b913640aa Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 4 Mar 2024 16:24:00 +0100 Subject: [PATCH 028/309] talos: explicitely enable wifi powersave this way I know what to toggle if I want to switch it off in the future --- hosts/talos/default.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 7377884..ccce527 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -44,7 +44,10 @@ networking.domain = "alarsyo.net"; # Pick only one of the below networking options. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. - networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + networking.networkmanager = { + enable = true; + wifi.powersave = true; + }; # Set your time zone. time.timeZone = "Europe/Paris"; From 847b50a841de298552e47626ac8d48f1d516a70b Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 4 Mar 2024 16:31:32 +0100 Subject: [PATCH 029/309] flake: add alejandra to devShell --- flake.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 476d7cc..281824b 100644 --- a/flake.nix +++ b/flake.nix @@ -179,11 +179,18 @@ }; }; } - // inputs.flake-utils.lib.eachDefaultSystem (system: { + // inputs.flake-utils.lib.eachDefaultSystem (system: let + pkgs = import nixpkgs {inherit system;}; + in { packages = inputs.flake-utils.lib.flattenTree (import ./pkgs { pkgs = import nixpkgs {inherit system;}; }); + devShells.default = pkgs.mkShellNoCC { + buildInputs = [ + pkgs.alejandra + ]; + }; }); } From a8e243365e39ebbfd8a2295c7edfd6ac2d15fa27 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 4 Mar 2024 18:53:00 +0100 Subject: [PATCH 030/309] base: place arandr in gui programs --- base/gui-programs.nix | 1 + hosts/hephaestus/home.nix | 1 - hosts/talos/home.nix | 1 - 3 files changed, 1 insertion(+), 2 deletions(-) diff --git a/base/gui-programs.nix b/base/gui-programs.nix index b485354..9c7fc1d 100644 --- a/base/gui-programs.nix +++ b/base/gui-programs.nix @@ -50,6 +50,7 @@ in { environment.systemPackages = builtins.attrValues { inherit (pkgs) + arandr discord feh ffmpeg diff --git a/hosts/hephaestus/home.nix b/hosts/hephaestus/home.nix index defb789..1178b1c 100644 --- a/hosts/hephaestus/home.nix +++ b/hosts/hephaestus/home.nix @@ -31,7 +31,6 @@ rustup gdb valgrind - arandr zotero ; diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index f42b383..366faf6 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -31,7 +31,6 @@ rustup gdb valgrind - arandr zotero ; From f18238cd5c0252101547565864b7a44e40504ddb Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 4 Mar 2024 18:53:50 +0100 Subject: [PATCH 031/309] talos: remove unneeded stuff from home packages --- hosts/talos/home.nix | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 366faf6..0f547f1 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -23,14 +23,7 @@ home.packages = builtins.attrValues { inherit (pkgs) - # some websites only work there :( - - chromium - # dev - - rustup - gdb - valgrind + chromium # some websites only work there :( zotero ; @@ -39,8 +32,6 @@ ansel spot ; - - inherit (pkgs.wineWowPackages) stable; }; }; } From 226e72655151e507984495e1e2f6c1a07d6134d6 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 4 Mar 2024 19:21:23 +0100 Subject: [PATCH 032/309] home: move lorri file to direnv --- home/default.nix | 2 +- home/{lorri.nix => direnv.nix} | 8 +++----- 2 files changed, 4 insertions(+), 6 deletions(-) rename home/{lorri.nix => direnv.nix} (55%) diff --git a/home/default.nix b/home/default.nix index 2c74b55..6cdce61 100644 --- a/home/default.nix +++ b/home/default.nix @@ -2,6 +2,7 @@ imports = [ ./alacritty.nix ./bat.nix + ./direnv.nix ./emacs.nix ./env.nix ./firefox.nix @@ -10,7 +11,6 @@ ./git.nix ./gtk.nix ./laptop.nix - ./lorri.nix ./mail.nix ./rbw.nix ./rofi.nix diff --git a/home/lorri.nix b/home/direnv.nix similarity index 55% rename from home/lorri.nix rename to home/direnv.nix index 0d7e2e3..9c1b086 100644 --- a/home/lorri.nix +++ b/home/direnv.nix @@ -9,17 +9,15 @@ mkIf ; - cfg = config.my.home.lorri; + cfg = config.my.home.direnv; in { - options.my.home.lorri = { - enable = (mkEnableOption "lorri daemon setup") // {default = true;}; + options.my.home.direnv = { + enable = (mkEnableOption "setup direnv usage") // {default = true;}; }; config = mkIf cfg.enable { - services.lorri.enable = true; programs.direnv = { enable = true; - # FIXME: proper file, not lorri.nix nix-direnv = { enable = true; }; From 4985d670bb7bb686501351efed56f29181f2d1d6 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 4 Mar 2024 19:33:08 +0100 Subject: [PATCH 033/309] flake: avoid one evaluation of nixpkgs --- flake.nix | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/flake.nix b/flake.nix index 281824b..4e0a282 100644 --- a/flake.nix +++ b/flake.nix @@ -180,13 +180,11 @@ }; } // inputs.flake-utils.lib.eachDefaultSystem (system: let - pkgs = import nixpkgs {inherit system;}; + pkgs = nixpkgs.legacyPackages.${system}; in { packages = inputs.flake-utils.lib.flattenTree - (import ./pkgs { - pkgs = import nixpkgs {inherit system;}; - }); + (import ./pkgs {inherit pkgs;}); devShells.default = pkgs.mkShellNoCC { buildInputs = [ pkgs.alejandra From 95c116c2e850376b83394c87ea0141b47dbfc4ad Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 4 Mar 2024 19:56:08 +0100 Subject: [PATCH 034/309] flake: disable power-profiles-daemon override It seems to conflict with some KDE settings UI, let's revisit when I got rid of Plasma --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 4e0a282..f77d912 100644 --- a/flake.nix +++ b/flake.nix @@ -94,7 +94,7 @@ config.allowUnfree = true; }; - power-profiles-daemon = self.unstable.power-profiles-daemon; + # power-profiles-daemon = self.unstable.power-profiles-daemon; }) agenix.overlays.default From 7be4514da365645bcfc805ca780ac29ae521e2d7 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 4 Mar 2024 22:43:28 +0100 Subject: [PATCH 035/309] emacs: use Pure GTK build --- home/emacs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/emacs.nix b/home/emacs.nix index 47d3776..091846e 100644 --- a/home/emacs.nix +++ b/home/emacs.nix @@ -43,7 +43,7 @@ in { programs.emacs = { enable = true; - package = pkgs.emacs29; + package = pkgs.emacs29-pgtk; extraPackages = epkgs: [epkgs.vterm epkgs.pdf-tools pkgs.lilypond epkgs.mu4e]; }; }; From cd715f1a03174a08ef66aabc8c099837fa8747c7 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 5 Mar 2024 05:07:46 +0100 Subject: [PATCH 036/309] talos: setup restic backups --- hosts/talos/default.nix | 43 ++++++++++++++++++ hosts/talos/secrets.nix | 4 +- .../restic-backup/talos-credentials.age | 7 +++ .../secrets/restic-backup/talos-password.age | Bin 0 -> 387 bytes modules/secrets/secrets.nix | 2 + 5 files changed, 54 insertions(+), 2 deletions(-) create mode 100644 modules/secrets/restic-backup/talos-credentials.age create mode 100644 modules/secrets/restic-backup/talos-password.age diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index ccce527..4fee350 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -75,6 +75,49 @@ }; pipewire.enable = true; + + restic-backup = { + enable = true; + repo = "b2:talos-backup"; + passwordFile = config.age.secrets."restic-backup/talos-password".path; + environmentFile = config.age.secrets."restic-backup/talos-credentials".path; + + timerConfig = { + OnCalendar = "*-*-* 13:00:00"; # laptop only gets used during the day + }; + + paths = [ + "/home/alarsyo" + ]; + exclude = [ + "/home/alarsyo/Downloads" + + # Rust builds using half my storage capacity + "/home/alarsyo/**/target" + "/home/alarsyo/work/rust/build" + + # don't backup nixpkgs + "/home/alarsyo/work/nixpkgs" + + "/home/alarsyo/go" + + # C build crap + "*.a" + "*.o" + "*.so" + + ".direnv" + + # test vms + "*.qcow2" + + # secrets stay offline + "/home/alarsyo/**/secrets" + + # ignore all dotfiles as .config and .cache can become quite big + "/home/alarsyo/.*" + ]; + }; }; my.gui.enable = true; diff --git a/hosts/talos/secrets.nix b/hosts/talos/secrets.nix index 387f511..e5fae61 100644 --- a/hosts/talos/secrets.nix +++ b/hosts/talos/secrets.nix @@ -13,8 +13,8 @@ // attrs; in lib.mapAttrs toSecret { - #"restic-backup/hephaestus-credentials" = {}; - #"restic-backup/hephaestus-password" = {}; + "restic-backup/talos-credentials" = {}; + "restic-backup/talos-password" = {}; "users/alarsyo-hashed-password" = {}; "users/root-hashed-password" = {}; diff --git a/modules/secrets/restic-backup/talos-credentials.age b/modules/secrets/restic-backup/talos-credentials.age new file mode 100644 index 0000000..967a671 --- /dev/null +++ b/modules/secrets/restic-backup/talos-credentials.age @@ -0,0 +1,7 @@ +age-encryption.org/v1 +-> ssh-ed25519 k2gHjw WWJQxqfxQzLmBFPpTzuKBMhAl+ZxnQdvnaDvfpwxR00 +tEsf6xSw/MP/qJnr/SyLlkEEf/LaI7IxjVzaxRwh5FI +-> ssh-ed25519 nh0dAQ yRu0VZqx+DuB3SSQaVtg+txuRu9OyJDfLDNCKg9XYk0 +xTpucapaejG2EMrZLIDt46JD3QYM4XXT1Y2F77HPQO8 +--- uZjO0dDIFesU2B/GkjpqrOJas1+K6hGbQAdFV/t1GOk +BV͵\ 8 ۑ[%l^>9\E5j(6g;(I7CS4v6iSXC`OT\;Iݜ6_ky-qKlKӠh?t \ No newline at end of file diff --git a/modules/secrets/restic-backup/talos-password.age b/modules/secrets/restic-backup/talos-password.age new file mode 100644 index 0000000000000000000000000000000000000000..244ab8dc30fcae543ab25652ad3581ff651d49f3 GIT binary patch literal 387 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCU7HcI!%Dp&9_cP=O_ zEH^I>({|RkC{A^C3P{qf3dz!rG;`7qOApI-DK-o9Nj5IXP3H2?kF*HRFe=WiD2&K6 z)i=uY^h)wKuXN9LF)Ft3cg&9pGRiK<4azXoPe->cFT)_kF;Jl>H^MPB*Cf;>D%~)o zI4>kSprkCU(9S79Zk&rurpqcI|Qd+3ppq^sX*itSSA% zHd;H>i|>}v8qv2>yonFO|9BLu3VQBYSKTx*@?lV4!m2!rz#KuH>xY*;-}$;|QLmiz VgbQ+~<%_lzEKm=$4{2nu0szn!iy8m` literal 0 HcmV?d00001 diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index 2496adb..f9c389c 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -35,6 +35,8 @@ in { "restic-backup/hades-credentials.age".publicKeys = [alarsyo hades]; "restic-backup/hephaestus-password.age".publicKeys = [alarsyo hephaestus]; "restic-backup/hephaestus-credentials.age".publicKeys = [alarsyo hephaestus]; + "restic-backup/talos-password.age".publicKeys = [alarsyo talos]; + "restic-backup/talos-credentials.age".publicKeys = [alarsyo talos]; "users/root-hashed-password.age".publicKeys = machines ++ [alarsyo]; "users/alarsyo-hashed-password.age".publicKeys = machines ++ [alarsyo]; From 6c32b3f262319203869ef4cb8c25ea6a355298c2 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 5 Mar 2024 05:08:09 +0100 Subject: [PATCH 037/309] base: enable cups for GUI hosts --- base/gui-programs.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/base/gui-programs.nix b/base/gui-programs.nix index 9c7fc1d..b141890 100644 --- a/base/gui-programs.nix +++ b/base/gui-programs.nix @@ -45,6 +45,11 @@ in { }; logind.lidSwitch = "ignore"; + + printing = { + enable = true; + cups-pdf.enable = true; + }; }; environment.systemPackages = builtins.attrValues { From 9e98e96c31564939ee516ba93f9554e90a05cc20 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 5 Mar 2024 05:19:57 +0100 Subject: [PATCH 038/309] services: restic: tone down the verbosity --- services/restic-backup.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/restic-backup.nix b/services/restic-backup.nix index cad1127..d3d3e63 100644 --- a/services/restic-backup.nix +++ b/services/restic-backup.nix @@ -98,7 +98,7 @@ in { environmentFile = cfg.environmentFile; extraBackupArgs = - ["--verbose=2"] + ["--verbose=1"] ++ optional (builtins.length cfg.exclude != 0) excludeArg; timerConfig = cfg.timerConfig; From e84c66e8127f3cf447debe51445eae4ebadec816 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 7 Mar 2024 00:13:30 +0100 Subject: [PATCH 039/309] flake: add unstable nixpkgs to registry --- flake.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/flake.nix b/flake.nix index f77d912..4f3c492 100644 --- a/flake.nix +++ b/flake.nix @@ -74,6 +74,7 @@ ]; registry = { nixpkgs.flake = inputs.nixpkgs; + unstable.flake = inputs.nixpkgs-unstable-small; }; }; }; From d660110cecb8b0c4e49c41687a812f5fb543d5f6 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 8 Mar 2024 21:40:08 +0100 Subject: [PATCH 040/309] hephaestus: re-enable i3wm --- hosts/hephaestus/home.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/hephaestus/home.nix b/hosts/hephaestus/home.nix index 1178b1c..2c9bd36 100644 --- a/hosts/hephaestus/home.nix +++ b/hosts/hephaestus/home.nix @@ -9,6 +9,7 @@ # Keyboard settings & i3 settings my.home.x.enable = true; + my.home.x.i3.enable = true; my.home.x.i3bar.temperature.chip = "k10temp-pci-*"; my.home.x.i3bar.temperature.inputs = ["Tctl"]; my.home.x.i3bar.networking.throughput_interfaces = ["wlp3s0" "enp6s0f3u1u1"]; From 4a8f736cdb9ea78e7358251004e9211ffd3aeb30 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 8 Mar 2024 21:40:32 +0100 Subject: [PATCH 041/309] hephaestus: switch to latest kernel LTS --- hosts/hephaestus/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/hephaestus/default.nix b/hosts/hephaestus/default.nix index 8eb7d45..4efc538 100644 --- a/hosts/hephaestus/default.nix +++ b/hosts/hephaestus/default.nix @@ -16,7 +16,7 @@ hardware.amdgpu.opencl = false; - boot.kernelPackages = pkgs.linuxPackages; + boot.kernelPackages = pkgs.linuxPackages_6_6; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; From 9d50cbd67b71d8a38c86685752bea053f78cb9dc Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 11 Mar 2024 16:00:12 +0100 Subject: [PATCH 042/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/79baff8812a0d68e24a836df0a364c678089e2c7' (2024-03-01) → 'github:NixOS/nixpkgs/b94a96839afcc56de3551aa7472b8d9a3e77e05d' (2024-03-09) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d57ce97..2154f33 100644 --- a/flake.lock +++ b/flake.lock @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1709309926, - "narHash": "sha256-VZFBtXGVD9LWTecGi6eXrE0hJ/mVB3zGUlHImUs2Qak=", + "lastModified": 1710021367, + "narHash": "sha256-FuMVdWqXMT38u1lcySYyv93A7B8wU0EGzUr4t4jQu8g=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "79baff8812a0d68e24a836df0a364c678089e2c7", + "rev": "b94a96839afcc56de3551aa7472b8d9a3e77e05d", "type": "github" }, "original": { From db4ed090c0815f068028c5ba28496bc411787347 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 11 Mar 2024 17:22:45 +0100 Subject: [PATCH 043/309] todo: add todo file for long term planning --- todo.org | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 todo.org diff --git a/todo.org b/todo.org new file mode 100644 index 0000000..814009b --- /dev/null +++ b/todo.org @@ -0,0 +1,5 @@ +* TODO Take a look at goldwarden when 24.05 releases + +https://github.com/quexten/goldwarden + +* TODO Setup sway correctly From 9f7ed34392bb1e2a395693df0df31bd3de27ccd8 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 11 Mar 2024 19:45:30 +0100 Subject: [PATCH 044/309] talos: add framework-tool to packages --- hosts/talos/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 4fee350..33726d7 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -155,6 +155,10 @@ services.xserver.desktopManager.plasma5.enable = true; services.power-profiles-daemon.enable = true; + environment.systemPackages = [ + pkgs.framework-tool + ]; + #programs.hyprland.enable = true; #programs.sway = { # enable = true; From 752362fc8bf8d0b12ec2e10fbd8082d8cfa11097 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 13 Mar 2024 14:37:40 +0100 Subject: [PATCH 045/309] talos: make room in partition table --- hosts/talos/disko-config.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hosts/talos/disko-config.nix b/hosts/talos/disko-config.nix index 9f9ae7b..71d7c81 100644 --- a/hosts/talos/disko-config.nix +++ b/hosts/talos/disko-config.nix @@ -20,7 +20,7 @@ }; }; luks = { - size = "100%"; + size = "60%"; content = { type = "luks"; name = "crypted"; @@ -51,6 +51,7 @@ mountpoint = "/persist"; mountOptions = ["compress=zstd" "noatime"]; }; + "@snapshots" = {}; "@swap" = { mountpoint = "/.swapvol"; swap.swapfile.size = "8G"; From 9243f630de065a780e595c2c80a85c26c4100a06 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 14 Mar 2024 02:34:36 +0100 Subject: [PATCH 046/309] talos: fix disko-config --- hosts/talos/disko-config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/talos/disko-config.nix b/hosts/talos/disko-config.nix index 71d7c81..5146330 100644 --- a/hosts/talos/disko-config.nix +++ b/hosts/talos/disko-config.nix @@ -20,7 +20,7 @@ }; }; luks = { - size = "60%"; + size = "600G"; content = { type = "luks"; name = "crypted"; From 8c86cafd967c28bdc6f9000b776173486f093f79 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 14 Mar 2024 11:39:36 +0100 Subject: [PATCH 047/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/b94a96839afcc56de3551aa7472b8d9a3e77e05d' (2024-03-09) → 'github:NixOS/nixpkgs/51063ed4f2343a59fdeebb279bb81d87d453942b' (2024-03-12) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 2154f33..493ea0e 100644 --- a/flake.lock +++ b/flake.lock @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1710021367, - "narHash": "sha256-FuMVdWqXMT38u1lcySYyv93A7B8wU0EGzUr4t4jQu8g=", + "lastModified": 1710283656, + "narHash": "sha256-nI+AOy4uK6jLGBi9nsbHjL1EdSIzoo8oa+9oeVhbyFc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b94a96839afcc56de3551aa7472b8d9a3e77e05d", + "rev": "51063ed4f2343a59fdeebb279bb81d87d453942b", "type": "github" }, "original": { From b6d7aae9713d45aa0c4a0f646ec1f41d56a00761 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 14 Mar 2024 11:49:27 +0100 Subject: [PATCH 048/309] talos: don't need virtualisation right now --- hosts/talos/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 33726d7..4def4d9 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -65,7 +65,7 @@ }; virtualisation = { docker.enable = true; - libvirtd.enable = true; + libvirtd.enable = false; }; my.services = { From 24f78a96c375234eff5c08a9dda43aac875909bc Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 19 Mar 2024 18:05:55 +0100 Subject: [PATCH 049/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/51063ed4f2343a59fdeebb279bb81d87d453942b' (2024-03-12) → 'github:NixOS/nixpkgs/614b4613980a522ba49f0d194531beddbb7220d3' (2024-03-17) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 493ea0e..69cdd51 100644 --- a/flake.lock +++ b/flake.lock @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1710283656, - "narHash": "sha256-nI+AOy4uK6jLGBi9nsbHjL1EdSIzoo8oa+9oeVhbyFc=", + "lastModified": 1710695816, + "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "51063ed4f2343a59fdeebb279bb81d87d453942b", + "rev": "614b4613980a522ba49f0d194531beddbb7220d3", "type": "github" }, "original": { From 0dd641b580fb22e3e835583ff52410a828c94225 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 27 Mar 2024 18:07:20 +0100 Subject: [PATCH 050/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/652fda4ca6dafeb090943422c34ae9145787af37' (2024-02-03) → 'github:nix-community/home-manager/f33900124c23c4eca5831b9b5eb32ea5894375ce' (2024-03-19) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/614b4613980a522ba49f0d194531beddbb7220d3' (2024-03-17) → 'github:NixOS/nixpkgs/44733514b72e732bd49f5511bd0203dea9b9a434' (2024-03-26) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 69cdd51..90f07e7 100644 --- a/flake.lock +++ b/flake.lock @@ -109,11 +109,11 @@ ] }, "locked": { - "lastModified": 1706981411, - "narHash": "sha256-cLbLPTL1CDmETVh4p0nQtvoF+FSEjsnJTFpTxhXywhQ=", + "lastModified": 1710888565, + "narHash": "sha256-s9Hi4RHhc6yut4EcYD50sZWRDKsugBJHSbON8KFwoTw=", "owner": "nix-community", "repo": "home-manager", - "rev": "652fda4ca6dafeb090943422c34ae9145787af37", + "rev": "f33900124c23c4eca5831b9b5eb32ea5894375ce", "type": "github" }, "original": { @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1710695816, - "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=", + "lastModified": 1711460390, + "narHash": "sha256-akSgjDZL6pVHEfSE6sz1DNSXuYX6hq+P/1Z5IoYWs7E=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "614b4613980a522ba49f0d194531beddbb7220d3", + "rev": "44733514b72e732bd49f5511bd0203dea9b9a434", "type": "github" }, "original": { From 9967ba273cc55e507ea430325c45c7c9edd30626 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 1 Apr 2024 22:30:54 +0200 Subject: [PATCH 051/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'disko': 'github:nix-community/disko/bde7dd352c07d43bd5b8245e6c39074a391fdd46' (2024-03-01) → 'github:nix-community/disko/611c9ea53250f7bb22286b3d26872280a0e608f9' (2024-04-01) • Updated input 'disko/nixpkgs': 'github:NixOS/nixpkgs/9a9dae8f6319600fa9aebde37f340975cab4b8c0' (2024-02-24) → 'github:NixOS/nixpkgs/807c549feabce7eddbf259dbdcec9e0600a0660d' (2024-03-29) • Updated input 'flake-utils': 'github:numtide/flake-utils/d465f4819400de7c8d874d50b982301f28a84605' (2024-02-28) → 'github:numtide/flake-utils/b1d9ab70662946ef0850d488da1c9019f3a9752a' (2024-03-11) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/59e37017b9ed31dee303dbbd4531c594df95cfbc' (2024-03-02) → 'github:NixOS/nixos-hardware/9a763a7acc4cfbb8603bb0231fec3eda864f81c0' (2024-03-25) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/44733514b72e732bd49f5511bd0203dea9b9a434' (2024-03-26) → 'github:NixOS/nixpkgs/219951b495fc2eac67b1456824cc1ec1fd2ee659' (2024-03-28) • Updated input 'nixpkgs-unstable-small': 'github:NixOS/nixpkgs/b8698cd8d62c42cf3e2b3a95224c57173b73e494' (2024-03-02) → 'github:NixOS/nixpkgs/8bea75f6bdceecb9a349e7425ae2ca5c91c01b9c' (2024-04-01) --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index 90f07e7..6729a6d 100644 --- a/flake.lock +++ b/flake.lock @@ -48,11 +48,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1709286488, - "narHash": "sha256-RDpTZ72zLu05djvXRzK76Ysqp9zSdh84ax/edEaJucs=", + "lastModified": 1711934712, + "narHash": "sha256-sBDe+QmX/QohlnKeSEzrftcXyZL5FY09OMjZ59Rpyy4=", "owner": "nix-community", "repo": "disko", - "rev": "bde7dd352c07d43bd5b8245e6c39074a391fdd46", + "rev": "611c9ea53250f7bb22286b3d26872280a0e608f9", "type": "github" }, "original": { @@ -67,11 +67,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1709126324, - "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=", + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "d465f4819400de7c8d874d50b982301f28a84605", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", "type": "github" }, "original": { @@ -125,11 +125,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1709410583, - "narHash": "sha256-esOSUoQ7mblwcsSea0K17McZuwAIjoS6dq/4b83+lvw=", + "lastModified": 1711352745, + "narHash": "sha256-luvqik+i3HTvCbXQZgB6uggvEcxI9uae0nmrgtXJ17U=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "59e37017b9ed31dee303dbbd4531c594df95cfbc", + "rev": "9a763a7acc4cfbb8603bb0231fec3eda864f81c0", "type": "github" }, "original": { @@ -157,11 +157,11 @@ }, "nixpkgs-unstable-small": { "locked": { - "lastModified": 1709357594, - "narHash": "sha256-C6BNtZewmFbBuPgqAUa/o3pZ4nYZJkQfFB1nhQbBFEc=", + "lastModified": 1711983799, + "narHash": "sha256-Wo9rOsVxGIMcLmFilSai2Fi7kN50doxsuksoTIXPytI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b8698cd8d62c42cf3e2b3a95224c57173b73e494", + "rev": "8bea75f6bdceecb9a349e7425ae2ca5c91c01b9c", "type": "github" }, "original": { @@ -173,11 +173,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1708815994, - "narHash": "sha256-hL7N/ut2Xu0NaDxDMsw2HagAjgDskToGiyZOWriiLYM=", + "lastModified": 1711715736, + "narHash": "sha256-9slQ609YqT9bT/MNX9+5k5jltL9zgpn36DpFB7TkttM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9a9dae8f6319600fa9aebde37f340975cab4b8c0", + "rev": "807c549feabce7eddbf259dbdcec9e0600a0660d", "type": "github" }, "original": { @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1711460390, - "narHash": "sha256-akSgjDZL6pVHEfSE6sz1DNSXuYX6hq+P/1Z5IoYWs7E=", + "lastModified": 1711668574, + "narHash": "sha256-u1dfs0ASQIEr1icTVrsKwg2xToIpn7ZXxW3RHfHxshg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "44733514b72e732bd49f5511bd0203dea9b9a434", + "rev": "219951b495fc2eac67b1456824cc1ec1fd2ee659", "type": "github" }, "original": { From 2e93dc6f7786f6095dae4957c2f74bbaddad064c Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 3 Apr 2024 17:38:13 +0200 Subject: [PATCH 052/309] hades: disable photoprism --- hosts/hades/default.nix | 5 ----- 1 file changed, 5 deletions(-) diff --git a/hosts/hades/default.nix b/hosts/hades/default.nix index 4f4c02e..a7b6544 100644 --- a/hosts/hades/default.nix +++ b/hosts/hades/default.nix @@ -112,11 +112,6 @@ in { secretKeyFile = config.age.secrets."paperless/secret-key".path; }; - photoprism = { - enable = true; - port = 8084; - }; - pleroma = { enable = true; port = 8086; From 3b942d062501187669daf1825229f940e28704ab Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 8 Apr 2024 10:25:21 +0200 Subject: [PATCH 053/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/f33900124c23c4eca5831b9b5eb32ea5894375ce' (2024-03-19) → 'github:nix-community/home-manager/d6bb9f934f2870e5cbc5b94c79e9db22246141ff' (2024-04-06) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/219951b495fc2eac67b1456824cc1ec1fd2ee659' (2024-03-28) → 'github:NixOS/nixpkgs/e38d7cb66ea4f7a0eb6681920615dfcc30fc2920' (2024-04-06) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 6729a6d..1992332 100644 --- a/flake.lock +++ b/flake.lock @@ -109,11 +109,11 @@ ] }, "locked": { - "lastModified": 1710888565, - "narHash": "sha256-s9Hi4RHhc6yut4EcYD50sZWRDKsugBJHSbON8KFwoTw=", + "lastModified": 1712386041, + "narHash": "sha256-dA82pOMQNnCJMAsPG7AXG35VmCSMZsJHTFlTHizpKWQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "f33900124c23c4eca5831b9b5eb32ea5894375ce", + "rev": "d6bb9f934f2870e5cbc5b94c79e9db22246141ff", "type": "github" }, "original": { @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1711668574, - "narHash": "sha256-u1dfs0ASQIEr1icTVrsKwg2xToIpn7ZXxW3RHfHxshg=", + "lastModified": 1712437997, + "narHash": "sha256-g0whLLwRvgO2FsyhY8fNk+TWenS3jg5UdlWL4uqgFeo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "219951b495fc2eac67b1456824cc1ec1fd2ee659", + "rev": "e38d7cb66ea4f7a0eb6681920615dfcc30fc2920", "type": "github" }, "original": { From 4307b6d9a85e8ebcf37ce725bfb3cabc01ec4a16 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 12 Apr 2024 10:47:50 +0200 Subject: [PATCH 054/309] talos: switch to Linux 6.8 --- hosts/talos/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 4def4d9..51704b4 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -18,7 +18,7 @@ hardware.amdgpu.opencl = false; - boot.kernelPackages = pkgs.linuxPackages_6_7; + boot.kernelPackages = pkgs.linuxPackages_6_8; # Set Wi-Fi regulatory domain. Currently always set to '00' (world), and could # lead to bad Wi-Fi performance boot.kernelParams = ["cfg80211.ieee80211_regdom=FR"]; From f794c86483c81c21b675ccdc3eb990580cb9f8c1 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 16 Apr 2024 17:25:48 +0200 Subject: [PATCH 055/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/e38d7cb66ea4f7a0eb6681920615dfcc30fc2920' (2024-04-06) → 'github:NixOS/nixpkgs/53a2c32bc66f5ae41a28d7a9a49d321172af621e' (2024-04-15) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 1992332..f96262e 100644 --- a/flake.lock +++ b/flake.lock @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1712437997, - "narHash": "sha256-g0whLLwRvgO2FsyhY8fNk+TWenS3jg5UdlWL4uqgFeo=", + "lastModified": 1713145326, + "narHash": "sha256-m7+IWM6mkWOg22EC5kRUFCycXsXLSU7hWmHdmBfmC3s=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e38d7cb66ea4f7a0eb6681920615dfcc30fc2920", + "rev": "53a2c32bc66f5ae41a28d7a9a49d321172af621e", "type": "github" }, "original": { From 279fecb93b1c31de3e2b2577f320ec02baf1d390 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 16 Apr 2024 19:38:44 +0200 Subject: [PATCH 056/309] talos: set default sddm session --- hosts/talos/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 51704b4..9da872c 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -152,6 +152,7 @@ enable = true; wayland.enable = true; }; + services.xserver.displayManager.defaultSession = "plasmawayland"; services.xserver.desktopManager.plasma5.enable = true; services.power-profiles-daemon.enable = true; From 0bb8be31a12de54ebe9f270efd18e09a1f37dace Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 22 Apr 2024 17:05:44 +0200 Subject: [PATCH 057/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/53a2c32bc66f5ae41a28d7a9a49d321172af621e' (2024-04-15) → 'github:NixOS/nixpkgs/a5e4bbcb4780c63c79c87d29ea409abf097de3f7' (2024-04-21) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index f96262e..433fc78 100644 --- a/flake.lock +++ b/flake.lock @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1713145326, - "narHash": "sha256-m7+IWM6mkWOg22EC5kRUFCycXsXLSU7hWmHdmBfmC3s=", + "lastModified": 1713725259, + "narHash": "sha256-9ZR/Rbx5/Z/JZf5ehVNMoz/s5xjpP0a22tL6qNvLt5E=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "53a2c32bc66f5ae41a28d7a9a49d321172af621e", + "rev": "a5e4bbcb4780c63c79c87d29ea409abf097de3f7", "type": "github" }, "original": { From b12753161ba9b51b1d89ade11431d66bd591a84b Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 2 May 2024 14:20:53 +0200 Subject: [PATCH 058/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/d6bb9f934f2870e5cbc5b94c79e9db22246141ff' (2024-04-06) → 'github:nix-community/home-manager/86853e31dc1b62c6eeed11c667e8cdd0285d4411' (2024-04-25) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/a5e4bbcb4780c63c79c87d29ea409abf097de3f7' (2024-04-21) → 'github:NixOS/nixpkgs/0638fe2715d998fa81d173aad264eb671ce2ebc1' (2024-05-01) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 433fc78..93e2f37 100644 --- a/flake.lock +++ b/flake.lock @@ -109,11 +109,11 @@ ] }, "locked": { - "lastModified": 1712386041, - "narHash": "sha256-dA82pOMQNnCJMAsPG7AXG35VmCSMZsJHTFlTHizpKWQ=", + "lastModified": 1714043624, + "narHash": "sha256-Xn2r0Jv95TswvPlvamCC46wwNo8ALjRCMBJbGykdhcM=", "owner": "nix-community", "repo": "home-manager", - "rev": "d6bb9f934f2870e5cbc5b94c79e9db22246141ff", + "rev": "86853e31dc1b62c6eeed11c667e8cdd0285d4411", "type": "github" }, "original": { @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1713725259, - "narHash": "sha256-9ZR/Rbx5/Z/JZf5ehVNMoz/s5xjpP0a22tL6qNvLt5E=", + "lastModified": 1714531828, + "narHash": "sha256-ILsf3bdY/hNNI/Hu5bSt2/KbmHaAVhBbNUOdGztTHEg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a5e4bbcb4780c63c79c87d29ea409abf097de3f7", + "rev": "0638fe2715d998fa81d173aad264eb671ce2ebc1", "type": "github" }, "original": { From 0274ad73e0600d2befe7d49fcbcb4ba919ad2964 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 13 May 2024 01:03:32 +0200 Subject: [PATCH 059/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/86853e31dc1b62c6eeed11c667e8cdd0285d4411' (2024-04-25) → 'github:nix-community/home-manager/ab5542e9dbd13d0100f8baae2bc2d68af901f4b4' (2024-05-10) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/0638fe2715d998fa81d173aad264eb671ce2ebc1' (2024-05-01) → 'github:NixOS/nixpkgs/71bae31b7dbc335528ca7e96f479ec93462323ff' (2024-05-11) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 93e2f37..7c9105a 100644 --- a/flake.lock +++ b/flake.lock @@ -109,11 +109,11 @@ ] }, "locked": { - "lastModified": 1714043624, - "narHash": "sha256-Xn2r0Jv95TswvPlvamCC46wwNo8ALjRCMBJbGykdhcM=", + "lastModified": 1715381426, + "narHash": "sha256-wPuqrAQGdv3ISs74nJfGb+Yprm23U/rFpcHFFNWgM94=", "owner": "nix-community", "repo": "home-manager", - "rev": "86853e31dc1b62c6eeed11c667e8cdd0285d4411", + "rev": "ab5542e9dbd13d0100f8baae2bc2d68af901f4b4", "type": "github" }, "original": { @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1714531828, - "narHash": "sha256-ILsf3bdY/hNNI/Hu5bSt2/KbmHaAVhBbNUOdGztTHEg=", + "lastModified": 1715395895, + "narHash": "sha256-DreMqi6+qa21ffLQqhMQL2XRUkAGt3N7iVB5FhJKie4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0638fe2715d998fa81d173aad264eb671ce2ebc1", + "rev": "71bae31b7dbc335528ca7e96f479ec93462323ff", "type": "github" }, "original": { From e7f29e5f1783e5827609ceba571ee8dec85c17cc Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 24 May 2024 16:24:48 +0200 Subject: [PATCH 060/309] pkgs: spot: bump to 2.12 --- pkgs/spot/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/spot/default.nix b/pkgs/spot/default.nix index 5aba50e..d454097 100644 --- a/pkgs/spot/default.nix +++ b/pkgs/spot/default.nix @@ -3,7 +3,7 @@ fetchurl, python3, }: let - version = "2.11.6"; + version = "2.12"; in stdenv.mkDerivation { inherit version; @@ -15,6 +15,6 @@ in src = fetchurl { url = "https://www.lrde.epita.fr/dload/spot/spot-${version}.tar.gz"; - sha256 = "sha256-ppJ5T4nA2zlWulkZvdUxPjcuDeNAAKkCLynhxukcU4o="; + sha256 = "sha256-JroHatV+xz0vrlSC1T4W2pXEeCJwdkfnhNjHzsDRBFU="; }; } From 298dd249f55fd7bcf709241cfe2e793656ab041c Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 24 May 2024 16:25:06 +0200 Subject: [PATCH 061/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/71bae31b7dbc335528ca7e96f479ec93462323ff' (2024-05-11) → 'github:NixOS/nixpkgs/46397778ef1f73414b03ed553a3368f0e7e33c2f' (2024-05-22) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 7c9105a..b8ea09f 100644 --- a/flake.lock +++ b/flake.lock @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1715395895, - "narHash": "sha256-DreMqi6+qa21ffLQqhMQL2XRUkAGt3N7iVB5FhJKie4=", + "lastModified": 1716361217, + "narHash": "sha256-mzZDr00WUiUXVm1ujBVv6A0qRd8okaITyUp4ezYRgc4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "71bae31b7dbc335528ca7e96f479ec93462323ff", + "rev": "46397778ef1f73414b03ed553a3368f0e7e33c2f", "type": "github" }, "original": { From 443b76f23537be73231ab898a76cd0492be6a310 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 26 May 2024 21:38:21 +0200 Subject: [PATCH 062/309] services: forgejo: init --- services/default.nix | 1 + services/forgejo/default.nix | 126 +++++++++++++++++++++++++++ services/forgejo/templates/home.tmpl | 17 ++++ 3 files changed, 144 insertions(+) create mode 100644 services/forgejo/default.nix create mode 100644 services/forgejo/templates/home.tmpl diff --git a/services/default.nix b/services/default.nix index 86d2fe6..1498830 100644 --- a/services/default.nix +++ b/services/default.nix @@ -3,6 +3,7 @@ ./vaultwarden.nix ./fail2ban.nix ./fava.nix + ./forgejo ./gitea ./immich.nix ./jellyfin.nix diff --git a/services/forgejo/default.nix b/services/forgejo/default.nix new file mode 100644 index 0000000..a6aa174 --- /dev/null +++ b/services/forgejo/default.nix @@ -0,0 +1,126 @@ +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) + mkEnableOption + mkIf + mkOption + ; + + cfg = config.my.services.forgejo; + my = config.my; + + domain = config.networking.domain; + hostname = config.networking.hostName; + fqdn = "${hostname}.${domain}"; + + forgejoUser = "git"; +in { + options.my.services.forgejo = let + inherit (lib) types; + in { + enable = mkEnableOption "Personal Git hosting with Forgejo"; + + privatePort = mkOption { + type = types.port; + default = 8082; + example = 8082; + description = "Port to serve the app"; + }; + }; + + config = mkIf cfg.enable { + # use git as user to have `git clone git@git.domain` + users.users.${forgejoUser} = { + description = "Forgejo Service"; + home = config.services.forgejo.stateDir; + useDefaultShell = true; + group = forgejoUser; + + # the systemd service for the forgejo module seems to hardcode the group as + # forgejo, so, uh, just in case? + extraGroups = ["forgejo"]; + + isSystemUser = true; + }; + users.groups.${forgejoUser} = {}; + + services.forgejo = { + enable = true; + user = forgejoUser; + appName = "Personal Forge"; + lfs.enable = true; + + settings = { + server = { + ROOT_URL = "https://git.${domain}/"; + DOMAIN = "git.${domain}"; + HTTP_ADDR = "127.0.0.1"; + HTTP_PORT = cfg.privatePort; + }; + log.LEVEL = "Warn"; # [ "Trace" "Debug" "Info" "Warn" "Error" "Critical" ] + other.SHOW_FOOTER_VERSION = false; + repository = { + ENABLE_PUSH_CREATE_USER = true; + DEFAULT_BRANCH = "main"; + }; + + # NOTE: temporarily remove this for initial setup + service.DISABLE_REGISTRATION = true; + + # only send cookies via HTTPS + session.COOKIE_SECURE = true; + }; + + # NixOS module uses `forgejo dump` to backup repositories and the database, + # but it produces a single .zip file that's not very restic friendly. + # I configure my backup system manually below. + dump.enable = false; + + database = { + type = "postgres"; + # user needs to be the same as forgejo user + user = forgejoUser; + name = forgejoUser; + }; + }; + + # FIXME: Borg *could* be backing up files while they're being edited by + # forgejo, so it may produce corrupt files in the snapshot if I push stuff + # around midnight. I'm not sure how `forgejo dump` handles this either, + # though. + my.services.restic-backup = { + paths = [ + config.services.forgejo.lfs.contentDir + config.services.forgejo.repositoryRoot + ]; + }; + + # NOTE: no need to use postgresql.ensureDatabases because the forgejo module + # takes care of this automatically + services.postgresqlBackup = { + databases = [config.services.forgejo.database.name]; + }; + + services.nginx = { + virtualHosts = { + "git.${domain}" = { + forceSSL = true; + useACMEHost = fqdn; + + locations."/" = { + proxyPass = "http://127.0.0.1:${toString cfg.privatePort}"; + }; + }; + }; + }; + + security.acme.certs.${fqdn}.extraDomainNames = ["git.${domain}"]; + + systemd.services.forgejo.preStart = "${pkgs.coreutils}/bin/ln -sfT ${./templates} ${config.services.forgejo.stateDir}/custom/templates"; + }; +} diff --git a/services/forgejo/templates/home.tmpl b/services/forgejo/templates/home.tmpl new file mode 100644 index 0000000..c2d3ee2 --- /dev/null +++ b/services/forgejo/templates/home.tmpl @@ -0,0 +1,17 @@ +{{template "base/head" .}} +
+
+
+
+ +
+
+

+ {{AppName}} +

+

alarsyo's personal projects are hosted here

+
+
+
+
+{{template "base/footer" .}} From a4a025b9396bec789e44a0e9bd0f295e984911f2 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 26 May 2024 22:19:06 +0200 Subject: [PATCH 063/309] forgejo: use user name for stateDir --- services/forgejo/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/services/forgejo/default.nix b/services/forgejo/default.nix index a6aa174..13c2bfb 100644 --- a/services/forgejo/default.nix +++ b/services/forgejo/default.nix @@ -53,6 +53,9 @@ in { enable = true; user = forgejoUser; appName = "Personal Forge"; + group = config.users.users.${forgejoUser}.group; + stateDir = "/var/lib/${forgejoUser}"; + lfs.enable = true; settings = { From 1059d52334a5eaa0a66263f3b4efc0247cf5c93a Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 26 May 2024 22:47:55 +0200 Subject: [PATCH 064/309] services: forgejo: use new appName setting --- services/forgejo/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/services/forgejo/default.nix b/services/forgejo/default.nix index 13c2bfb..516dfbe 100644 --- a/services/forgejo/default.nix +++ b/services/forgejo/default.nix @@ -52,7 +52,6 @@ in { services.forgejo = { enable = true; user = forgejoUser; - appName = "Personal Forge"; group = config.users.users.${forgejoUser}.group; stateDir = "/var/lib/${forgejoUser}"; @@ -77,6 +76,8 @@ in { # only send cookies via HTTPS session.COOKIE_SECURE = true; + + DEFAULT.APP_NAME = "Personal Forge"; }; # NixOS module uses `forgejo dump` to backup repositories and the database, From d75eb9d028b67520f2bf8898268c1c5b5d2fcaf5 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 26 May 2024 22:48:08 +0200 Subject: [PATCH 065/309] services: forgejo: show version in footer --- services/forgejo/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/services/forgejo/default.nix b/services/forgejo/default.nix index 516dfbe..9d40402 100644 --- a/services/forgejo/default.nix +++ b/services/forgejo/default.nix @@ -65,7 +65,6 @@ in { HTTP_PORT = cfg.privatePort; }; log.LEVEL = "Warn"; # [ "Trace" "Debug" "Info" "Warn" "Error" "Critical" ] - other.SHOW_FOOTER_VERSION = false; repository = { ENABLE_PUSH_CREATE_USER = true; DEFAULT_BRANCH = "main"; From d98e2611c5e2c5c0b77a5f38426d273a403f3f89 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 26 May 2024 22:51:48 +0200 Subject: [PATCH 066/309] hades: switch from gitea to forgejo --- hosts/hades/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/hades/default.nix b/hosts/hades/default.nix index a7b6544..2729712 100644 --- a/hosts/hades/default.nix +++ b/hosts/hades/default.nix @@ -57,7 +57,7 @@ in { my.services = { fail2ban.enable = true; - gitea = { + forgejo = { enable = true; privatePort = 8082; }; From 4bc82f655d4e38d0bca7ea7e9c607b5ec4807f4f Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 26 May 2024 23:44:27 +0200 Subject: [PATCH 067/309] services: nextcloud: bump to 28 --- services/nextcloud.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/nextcloud.nix b/services/nextcloud.nix index 39e39c7..a0a05bb 100644 --- a/services/nextcloud.nix +++ b/services/nextcloud.nix @@ -62,7 +62,7 @@ in { hostName = "cloud.${domain}"; https = true; - package = pkgs.nextcloud27; + package = pkgs.nextcloud28; maxUploadSize = "1G"; From b89709199e0340a945a7f697b20b195cfd16a334 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 26 May 2024 23:56:00 +0200 Subject: [PATCH 068/309] services: nextcloud: bump to 29 --- services/nextcloud.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/nextcloud.nix b/services/nextcloud.nix index a0a05bb..8c9ee12 100644 --- a/services/nextcloud.nix +++ b/services/nextcloud.nix @@ -62,7 +62,7 @@ in { hostName = "cloud.${domain}"; https = true; - package = pkgs.nextcloud28; + package = pkgs.nextcloud29; maxUploadSize = "1G"; From da83517ab0bf8bb919e355133bfe335cab2f3c15 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 30 May 2024 01:32:49 +0200 Subject: [PATCH 069/309] home: hide ignore mode in tridactyl --- home/tridactylrc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/home/tridactylrc b/home/tridactylrc index 7601c0e..9b74c6c 100644 --- a/home/tridactylrc +++ b/home/tridactylrc @@ -18,6 +18,8 @@ bind , nohlsearch " case insensitive if lowercase, case sensitive if using some uppercase letters set findcase smart +set modeindicatormodes {"ignore": "false"} + " New reddit is bad " autocmd DocStart ^http(s?)://www.reddit.com js tri.excmds.urlmodify("-t", "www", "old") From db03c81eeb76cd58168cfa2ff26628deaa66a0cd Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 30 May 2024 01:54:19 +0200 Subject: [PATCH 070/309] flake: bump NixOS to 24.05 --- flake.lock | 16 ++++++++-------- flake.nix | 4 ++-- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/flake.lock b/flake.lock index b8ea09f..ed2a454 100644 --- a/flake.lock +++ b/flake.lock @@ -109,16 +109,16 @@ ] }, "locked": { - "lastModified": 1715381426, - "narHash": "sha256-wPuqrAQGdv3ISs74nJfGb+Yprm23U/rFpcHFFNWgM94=", + "lastModified": 1716736833, + "narHash": "sha256-rNObca6dm7Qs524O4st8VJH6pZ/Xe1gxl+Rx6mcWYo0=", "owner": "nix-community", "repo": "home-manager", - "rev": "ab5542e9dbd13d0100f8baae2bc2d68af901f4b4", + "rev": "a631666f5ec18271e86a5cde998cba68c33d9ac6", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-23.11", + "ref": "release-24.05", "repo": "home-manager", "type": "github" } @@ -189,16 +189,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1716361217, - "narHash": "sha256-mzZDr00WUiUXVm1ujBVv6A0qRd8okaITyUp4ezYRgc4=", + "lastModified": 1716966868, + "narHash": "sha256-I5dlFm936SkuUu9haYabEBCUPeX6EuXLT1uFkEM/lbY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "46397778ef1f73414b03ed553a3368f0e7e33c2f", + "rev": "fafeae3d248c41c6c8a2ab5e09f9e2d3de706ef8", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-23.11", + "ref": "nixos-24.05", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 4f3c492..34faf67 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,7 @@ type = "github"; owner = "NixOS"; repo = "nixpkgs"; - ref = "nixos-23.11"; + ref = "nixos-24.05"; }; nixpkgs-unstable-small = { @@ -25,7 +25,7 @@ type = "github"; owner = "nix-community"; repo = "home-manager"; - ref = "release-23.11"; + ref = "release-24.05"; inputs.nixpkgs.follows = "nixpkgs"; }; From 8bfdb62a528edec8ac9c34434edf62f189375925 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 26 May 2024 23:40:55 +0200 Subject: [PATCH 071/309] base: update pinentry option --- base/gui-programs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/base/gui-programs.nix b/base/gui-programs.nix index b141890..e592fbf 100644 --- a/base/gui-programs.nix +++ b/base/gui-programs.nix @@ -23,7 +23,7 @@ in { programs.gnupg.agent = { enable = true; enableSSHSupport = true; - pinentryFlavor = "qt"; + pinentryPackage = pkgs.pinentry-qt; }; services = { From 0438a91039f6ae6218a2719a24273c0f1b1b2a06 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 30 May 2024 01:45:26 +0200 Subject: [PATCH 072/309] adapt displayManager options --- hosts/talos/default.nix | 4 ++-- modules/sddm.nix | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 9da872c..16d0d00 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -148,11 +148,11 @@ services.xserver.enable = true; # Enable the KDE Plasma Desktop Environment. - services.xserver.displayManager.sddm = { + services.displayManager.sddm = { enable = true; wayland.enable = true; }; - services.xserver.displayManager.defaultSession = "plasmawayland"; + services.displayManager.defaultSession = "plasmawayland"; services.xserver.desktopManager.plasma5.enable = true; services.power-profiles-daemon.enable = true; diff --git a/modules/sddm.nix b/modules/sddm.nix index ee50f5e..41941ba 100644 --- a/modules/sddm.nix +++ b/modules/sddm.nix @@ -15,7 +15,7 @@ in { options.my.displayManager.sddm.enable = mkEnableOption "SDDM setup"; config = mkIf cfg.enable { - services.xserver.displayManager.sddm = { + services.displayManager.sddm = { enable = true; theme = "sugar-candy"; }; From 3225652d575492a2019aeac7e36e49bfef3a8dc1 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 30 May 2024 01:45:57 +0200 Subject: [PATCH 073/309] adapt xserver options --- base/gui-programs.nix | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/base/gui-programs.nix b/base/gui-programs.nix index e592fbf..7431a12 100644 --- a/base/gui-programs.nix +++ b/base/gui-programs.nix @@ -34,13 +34,16 @@ in { if config.my.gui.isNvidia then ["nvidia"] else options.services.xserver.videoDrivers.default; - layout = "fr"; - xkbVariant = "us"; - libinput = { - enable = true; - touchpad = { - naturalScrolling = true; - }; + xkb = { + layout = "fr"; + variant = "us"; + }; + }; + + libinput = { + enable = true; + touchpad = { + naturalScrolling = true; }; }; From b7dc2ce532b6cfb5638a32fcfcafa29bd272b656 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 30 May 2024 13:08:30 +0200 Subject: [PATCH 074/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'agenix': 'github:ryantm/agenix/8cb01a0e717311680e0cbca06a76cbceba6f3ed6' (2024-02-13) → 'github:ryantm/agenix/c2fc0762bbe8feb06a2e59a364fa81b3a57671c9' (2024-05-24) • Updated input 'disko': 'github:nix-community/disko/611c9ea53250f7bb22286b3d26872280a0e608f9' (2024-04-01) → 'github:nix-community/disko/8ea5bcccc03111bdedaeaae9380dfab61e9deb33' (2024-05-30) • Updated input 'disko/nixpkgs': 'github:NixOS/nixpkgs/807c549feabce7eddbf259dbdcec9e0600a0660d' (2024-03-29) → 'github:NixOS/nixpkgs/4a3fc4cf736b7d2d288d7a8bf775ac8d4c0920b4' (2024-05-28) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/9a763a7acc4cfbb8603bb0231fec3eda864f81c0' (2024-03-25) → 'github:NixOS/nixos-hardware/8251761f93d6f5b91cee45ac09edb6e382641009' (2024-05-29) • Updated input 'nixpkgs-unstable-small': 'github:NixOS/nixpkgs/8bea75f6bdceecb9a349e7425ae2ca5c91c01b9c' (2024-04-01) → 'github:NixOS/nixpkgs/1f1bda965c8e6e19d7656caf4821632b7e77d317' (2024-05-29) --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index ed2a454..edb0d7a 100644 --- a/flake.lock +++ b/flake.lock @@ -8,11 +8,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1707830867, - "narHash": "sha256-PAdwm5QqdlwIqGrfzzvzZubM+FXtilekQ/FA0cI49/o=", + "lastModified": 1716561646, + "narHash": "sha256-UIGtLO89RxKt7RF2iEgPikSdU53r6v/6WYB0RW3k89I=", "owner": "ryantm", "repo": "agenix", - "rev": "8cb01a0e717311680e0cbca06a76cbceba6f3ed6", + "rev": "c2fc0762bbe8feb06a2e59a364fa81b3a57671c9", "type": "github" }, "original": { @@ -48,11 +48,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1711934712, - "narHash": "sha256-sBDe+QmX/QohlnKeSEzrftcXyZL5FY09OMjZ59Rpyy4=", + "lastModified": 1717032306, + "narHash": "sha256-s3Sis+M1qTSVIehHrEKBzHBpqprIFJli5V6WojkJnYE=", "owner": "nix-community", "repo": "disko", - "rev": "611c9ea53250f7bb22286b3d26872280a0e608f9", + "rev": "8ea5bcccc03111bdedaeaae9380dfab61e9deb33", "type": "github" }, "original": { @@ -125,11 +125,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1711352745, - "narHash": "sha256-luvqik+i3HTvCbXQZgB6uggvEcxI9uae0nmrgtXJ17U=", + "lastModified": 1716987116, + "narHash": "sha256-uuEkErFVsFdg2K0cKbNQ9JlFSAm/xYqPr4rbPLI91Y8=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "9a763a7acc4cfbb8603bb0231fec3eda864f81c0", + "rev": "8251761f93d6f5b91cee45ac09edb6e382641009", "type": "github" }, "original": { @@ -157,11 +157,11 @@ }, "nixpkgs-unstable-small": { "locked": { - "lastModified": 1711983799, - "narHash": "sha256-Wo9rOsVxGIMcLmFilSai2Fi7kN50doxsuksoTIXPytI=", + "lastModified": 1717011309, + "narHash": "sha256-VKnhQoXMNqX6uOUSKTsmRVBWz+TbTaz1nejq4oTN0z4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8bea75f6bdceecb9a349e7425ae2ca5c91c01b9c", + "rev": "1f1bda965c8e6e19d7656caf4821632b7e77d317", "type": "github" }, "original": { @@ -173,11 +173,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1711715736, - "narHash": "sha256-9slQ609YqT9bT/MNX9+5k5jltL9zgpn36DpFB7TkttM=", + "lastModified": 1716914467, + "narHash": "sha256-KkT6YM/yNQqirtYj/frn6RRakliB8RDvGqVGGaNhdcU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "807c549feabce7eddbf259dbdcec9e0600a0660d", + "rev": "4a3fc4cf736b7d2d288d7a8bf775ac8d4c0920b4", "type": "github" }, "original": { From 29a0fa6a253e38c6c1458ae69ab4a8ceee9c645e Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 31 May 2024 16:16:21 +0200 Subject: [PATCH 075/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/fafeae3d248c41c6c8a2ab5e09f9e2d3de706ef8' (2024-05-29) → 'github:NixOS/nixpkgs/d24e7fdcfaecdca496ddd426cae98c9e2d12dfe8' (2024-05-30) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index edb0d7a..0497e98 100644 --- a/flake.lock +++ b/flake.lock @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1716966868, - "narHash": "sha256-I5dlFm936SkuUu9haYabEBCUPeX6EuXLT1uFkEM/lbY=", + "lastModified": 1717090882, + "narHash": "sha256-Up5tvtY9YlVEyVn9hfZcxFQi5qVhQ5hdVNGPQOUchNw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "fafeae3d248c41c6c8a2ab5e09f9e2d3de706ef8", + "rev": "d24e7fdcfaecdca496ddd426cae98c9e2d12dfe8", "type": "github" }, "original": { From 19dcc7ea01e037530b42cbdbe32b21fb760b3429 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 4 Jun 2024 15:00:28 +0200 Subject: [PATCH 076/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/d24e7fdcfaecdca496ddd426cae98c9e2d12dfe8' (2024-05-30) → 'github:NixOS/nixpkgs/b3b2b28c1daa04fe2ae47c21bb76fd226eac4ca1' (2024-06-01) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 0497e98..e0f24e3 100644 --- a/flake.lock +++ b/flake.lock @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1717090882, - "narHash": "sha256-Up5tvtY9YlVEyVn9hfZcxFQi5qVhQ5hdVNGPQOUchNw=", + "lastModified": 1717281328, + "narHash": "sha256-evZPzpf59oNcDUXxh2GHcxHkTEG4fjae2ytWP85jXRo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d24e7fdcfaecdca496ddd426cae98c9e2d12dfe8", + "rev": "b3b2b28c1daa04fe2ae47c21bb76fd226eac4ca1", "type": "github" }, "original": { From 6b7f821e7db7836972d12ae461bd78a7b7f57268 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 4 Jun 2024 16:53:37 +0200 Subject: [PATCH 077/309] talos: switch to Plasma 6 --- hosts/talos/default.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 16d0d00..f2def3e 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -152,8 +152,7 @@ enable = true; wayland.enable = true; }; - services.displayManager.defaultSession = "plasmawayland"; - services.xserver.desktopManager.plasma5.enable = true; + services.desktopManager.plasma6.enable = true; services.power-profiles-daemon.enable = true; environment.systemPackages = [ From f80fcd4a55ad59c31dc9a624b2caaf045fed08eb Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 7 Jun 2024 09:49:57 +0200 Subject: [PATCH 078/309] talos: try out zed --- hosts/talos/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index f2def3e..5c28e33 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -157,6 +157,8 @@ environment.systemPackages = [ pkgs.framework-tool + + pkgs.zed-editor ]; #programs.hyprland.enable = true; From 6a4b7790fd7a8318c4d0bdd9833f4c86ce2101c6 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 7 Jun 2024 15:32:24 +0200 Subject: [PATCH 079/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs-unstable-small': 'github:NixOS/nixpkgs/1f1bda965c8e6e19d7656caf4821632b7e77d317' (2024-05-29) → 'github:NixOS/nixpkgs/bf3faad723ca984fc4ea95c1cee1d975a8ca2a28' (2024-06-07) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index e0f24e3..4420824 100644 --- a/flake.lock +++ b/flake.lock @@ -157,11 +157,11 @@ }, "nixpkgs-unstable-small": { "locked": { - "lastModified": 1717011309, - "narHash": "sha256-VKnhQoXMNqX6uOUSKTsmRVBWz+TbTaz1nejq4oTN0z4=", + "lastModified": 1717737457, + "narHash": "sha256-hqHp0W7ibfdu5DFc6EG3S3c+GSAbti7VUldFXSf/WiI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1f1bda965c8e6e19d7656caf4821632b7e77d317", + "rev": "bf3faad723ca984fc4ea95c1cee1d975a8ca2a28", "type": "github" }, "original": { From b8bb582c148e63b132b037421f9b14ce58a55cdb Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 7 Jun 2024 15:34:58 +0200 Subject: [PATCH 080/309] talos: use unstable for zed --- hosts/talos/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 5c28e33..4b4e7e9 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -158,7 +158,7 @@ environment.systemPackages = [ pkgs.framework-tool - pkgs.zed-editor + pkgs.unstable.zed-editor ]; #programs.hyprland.enable = true; From a3926692d44986a8665f9691a636bd11be632031 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 7 Jun 2024 15:35:17 +0200 Subject: [PATCH 081/309] talos: framework-tool is added by nixos-hardware --- hosts/talos/default.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 4b4e7e9..ede0970 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -156,8 +156,6 @@ services.power-profiles-daemon.enable = true; environment.systemPackages = [ - pkgs.framework-tool - pkgs.unstable.zed-editor ]; From 87435ca138b31b8a12920e87f7fa5134d4cbd8d5 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 7 Jun 2024 15:45:48 +0200 Subject: [PATCH 082/309] flake: remove nix-path module, obsolete in 24.05 --- flake.nix | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/flake.nix b/flake.nix index 34faf67..c14627c 100644 --- a/flake.nix +++ b/flake.nix @@ -67,17 +67,6 @@ home-manager.users.alarsyo = import ./home; home-manager.verbose = true; }; - nix-path = { - nix = { - nixPath = [ - "nixpkgs=${inputs.nixpkgs}" - ]; - registry = { - nixpkgs.flake = inputs.nixpkgs; - unstable.flake = inputs.nixpkgs-unstable-small; - }; - }; - }; }; overlays = import ./overlays; From 36ff0da78910700abfe41dfb0ea32143d667877d Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 7 Jun 2024 15:51:01 +0200 Subject: [PATCH 083/309] hephaestus: phase out host --- .github/workflows/cachix.yaml | 1 - flake.nix | 14 - hephaestus.nix | 23 -- hosts/hephaestus/default.nix | 246 ------------------ hosts/hephaestus/hardware-configuration.nix | 45 ---- hosts/hephaestus/home.nix | 47 ---- hosts/hephaestus/secrets.nix | 23 -- .../restic-backup/hephaestus-credentials.age | 9 - .../restic-backup/hephaestus-password.age | 9 - modules/secrets/secrets.nix | 5 +- 10 files changed, 1 insertion(+), 421 deletions(-) delete mode 100644 hephaestus.nix delete mode 100644 hosts/hephaestus/default.nix delete mode 100644 hosts/hephaestus/hardware-configuration.nix delete mode 100644 hosts/hephaestus/home.nix delete mode 100644 hosts/hephaestus/secrets.nix delete mode 100644 modules/secrets/restic-backup/hephaestus-credentials.age delete mode 100644 modules/secrets/restic-backup/hephaestus-password.age diff --git a/.github/workflows/cachix.yaml b/.github/workflows/cachix.yaml index c3ebe42..ee0f60a 100644 --- a/.github/workflows/cachix.yaml +++ b/.github/workflows/cachix.yaml @@ -78,7 +78,6 @@ jobs: name: - boreal - hades - - hephaestus - talos - thanatos diff --git a/flake.nix b/flake.nix index c14627c..4493122 100644 --- a/flake.nix +++ b/flake.nix @@ -133,20 +133,6 @@ ++ sharedModules; }; - hephaestus = nixpkgs.lib.nixosSystem rec { - inherit system; - modules = - [ - ./hephaestus.nix - - inputs.nixos-hardware.nixosModules.common-cpu-amd - inputs.nixos-hardware.nixosModules.common-gpu-amd - inputs.nixos-hardware.nixosModules.common-pc-laptop - inputs.nixos-hardware.nixosModules.common-pc-ssd - ] - ++ sharedModules; - }; - talos = nixpkgs.lib.nixosSystem { inherit system; modules = diff --git a/hephaestus.nix b/hephaestus.nix deleted file mode 100644 index 1bb452a..0000000 --- a/hephaestus.nix +++ /dev/null @@ -1,23 +0,0 @@ -{...}: { - imports = [ - # Default configuration - ./base - - # Module definitions - ./modules - - # Service definitions - ./services - - # Host-specific config - ./hosts/hephaestus - ]; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "23.05"; # Did you read the comment? -} diff --git a/hosts/hephaestus/default.nix b/hosts/hephaestus/default.nix deleted file mode 100644 index 4efc538..0000000 --- a/hosts/hephaestus/default.nix +++ /dev/null @@ -1,246 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). -{ - config, - lib, - pkgs, - ... -}: { - imports = [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - ./home.nix - ./secrets.nix - ]; - - hardware.amdgpu.opencl = false; - - boot.kernelPackages = pkgs.linuxPackages_6_6; - - # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - # boot.initrd.systemd.enable = true; - # boot.plymouth.enable = true; - # boot.kernelParams = ["quiet"]; - - boot.initrd.secrets = { - "/crypto_keyfile.bin" = null; - }; - - boot.tmp.useTmpfs = true; - - services.btrfs = { - autoScrub = { - enable = true; - fileSystems = ["/"]; - }; - }; - - networking.hostName = "hephaestus"; # Define your hostname. - networking.domain = "alarsyo.net"; - - networking.networkmanager.enable = true; - - # Set your time zone. - time.timeZone = "Europe/Paris"; - - # List services that you want to enable: - my.services = { - tailscale = { - enable = true; - useRoutingFeatures = "client"; - }; - - pipewire.enable = true; - - restic-backup = { - enable = true; - repo = "b2:hephaestus-backup"; - passwordFile = config.age.secrets."restic-backup/hephaestus-password".path; - environmentFile = config.age.secrets."restic-backup/hephaestus-credentials".path; - - timerConfig = { - OnCalendar = "*-*-* 13:00:00"; # laptop only gets used during the day - }; - - paths = [ - "/home/alarsyo" - ]; - exclude = [ - "/home/alarsyo/Downloads" - - # Rust builds using half my storage capacity - "/home/alarsyo/**/target" - "/home/alarsyo/work/rust/build" - - # don't backup nixpkgs - "/home/alarsyo/work/nixpkgs" - - "/home/alarsyo/go" - - # C build crap - "*.a" - "*.o" - "*.so" - - ".direnv" - - # test vms - "*.qcow2" - - # secrets stay offline - "/home/alarsyo/**/secrets" - - # ignore all dotfiles as .config and .cache can become quite big - "/home/alarsyo/.*" - ]; - }; - }; - - virtualisation.docker.enable = true; - virtualisation.libvirtd.enable = true; - programs.dconf.enable = true; - - services = { - tlp = { - enable = true; - settings = { - START_CHARGE_THRESH_BAT0 = 70; - STOP_CHARGE_THRESH_BAT0 = 80; - }; - }; - fwupd.enable = true; - openssh.enable = true; - }; - - my.gui.enable = true; - my.displayManager.sddm.enable = lib.mkForce false; - - hardware.bluetooth = { - enable = true; - powerOnBoot = false; - settings.General.Experimental = true; - }; - - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; - - i18n.extraLocaleSettings = { - LC_ADDRESS = "fr_FR.UTF-8"; - LC_IDENTIFICATION = "fr_FR.UTF-8"; - LC_MEASUREMENT = "fr_FR.UTF-8"; - LC_MONETARY = "fr_FR.UTF-8"; - LC_NAME = "fr_FR.UTF-8"; - LC_PAPER = "fr_FR.UTF-8"; - LC_TELEPHONE = "fr_FR.UTF-8"; - }; - - # Enable the X11 windowing system. - services.xserver.enable = true; - - # Enable the KDE Plasma Desktop Environment. - services.xserver.displayManager.sddm.enable = true; - services.xserver.desktopManager.plasma5.enable = true; - services.power-profiles-daemon.enable = false; - - services.autorandr = { - enable = true; - profiles = { - default = { - fingerprint = { - "eDP-1" = "00ffffffffffff0030e42c0600000000001c0104a51f117802aa95955e598e271b5054000000010101010101010101010101010101012e3680a070381f403020350035ae1000001ab62c80f4703816403020350035ae1000001a000000fe004c4720446973706c61790a2020000000fe004c503134305746412d535044340018"; - }; - config = { - "eDP-1" = { - enable = true; - crtc = 0; - primary = true; - position = "0x0"; - mode = "1920x1080"; - }; - }; - }; - dock = { - fingerprint = { - "eDP-1" = "00ffffffffffff0030e42c0600000000001c0104a51f117802aa95955e598e271b5054000000010101010101010101010101010101012e3680a070381f403020350035ae1000001ab62c80f4703816403020350035ae1000001a000000fe004c4720446973706c61790a2020000000fe004c503134305746412d535044340018"; - "DP-4" = "00ffffffffffff0026cd4161fb060000021e0104a5351e783aee35a656529d280b5054b74f00714f818081c081009500b300d1c0d1cf023a801871382d40582c45000f282100001e000000fd00374c1e5512000a202020202020000000ff0031313634383030323031373837000000fc00504c32343933480a202020202001c9020318f14b9002030411121305141f012309070183010000023a801871382d40582c45000f282100001e8c0ad08a20e02d10103e96000f2821000018011d007251d01e206e2855000f282100001e8c0ad090204031200c4055000f28210000182a4480a070382740302035000f282100001a00000000000000000000000000a1"; - "DP-5" = "00ffffffffffff0026cd4561990000001f1c0104a5351e783ace65a657519f270f5054b30c00714f818081c081009500b300d1c00101023a801871382d40582c45000f282100001e000000fd00374c1e5311000a202020202020000000ff0031313634384238383030313533000000fc00504c32343933480a202020202001d3020318f14b9002030411121305141f012309070183010000023a801871382d40582c45000f282100001e8c0ad08a20e02d10103e96000f2821000018011d007251d01e206e2855000f282100001e8c0ad090204031200c4055000f28210000180000000000000000000000000000000000000000000000000000000000000035"; - }; - config = { - "eDP-1" = { - enable = true; - primary = false; - position = "3000x840"; - mode = "1920x1080"; - }; - "DP-4" = { - enable = true; - primary = true; - position = "0x420"; - mode = "1920x1080"; - }; - "DP-5" = { - enable = true; - primary = false; - position = "1920x0"; - mode = "1920x1080"; - rotate = "left"; - }; - }; - }; - dock-lid-closed = { - fingerprint = { - "DP-4" = "00ffffffffffff0026cd4161fb060000021e0104a5351e783aee35a656529d280b5054b74f00714f818081c081009500b300d1c0d1cf023a801871382d40582c45000f282100001e000000fd00374c1e5512000a202020202020000000ff0031313634383030323031373837000000fc00504c32343933480a202020202001c9020318f14b9002030411121305141f012309070183010000023a801871382d40582c45000f282100001e8c0ad08a20e02d10103e96000f2821000018011d007251d01e206e2855000f282100001e8c0ad090204031200c4055000f28210000182a4480a070382740302035000f282100001a00000000000000000000000000a1"; - "DP-5" = "00ffffffffffff0026cd4561990000001f1c0104a5351e783ace65a657519f270f5054b30c00714f818081c081009500b300d1c00101023a801871382d40582c45000f282100001e000000fd00374c1e5311000a202020202020000000ff0031313634384238383030313533000000fc00504c32343933480a202020202001d3020318f14b9002030411121305141f012309070183010000023a801871382d40582c45000f282100001e8c0ad08a20e02d10103e96000f2821000018011d007251d01e206e2855000f282100001e8c0ad090204031200c4055000f28210000180000000000000000000000000000000000000000000000000000000000000035"; - }; - config = { - "DP-4" = { - enable = true; - primary = true; - position = "0x420"; - mode = "1920x1080"; - }; - "DP-5" = { - enable = true; - primary = false; - position = "1920x0"; - mode = "1920x1080"; - rotate = "left"; - }; - }; - }; - }; - }; - - systemd.services.autorandr-lid-listener = { - wantedBy = ["multi-user.target"]; - description = "Listening for lid events to invoke autorandr"; - - serviceConfig = { - Type = "simple"; - ExecStart = let - stdbufExe = lib.getExe' pkgs.coreutils "stdbuf"; - libinputExe = lib.getExe' pkgs.libinput "libinput"; - grepExe = lib.getExe pkgs.gnugrep; - autorandrExe = lib.getExe pkgs.autorandr; - in - pkgs.writeShellScript "lid-listener.sh" '' - ${stdbufExe} -oL ${libinputExe} debug-events | - ${grepExe} -E --line-buffered '^[[:space:]-]+event[0-9]+[[:space:]]+SWITCH_TOGGLE[[:space:]]' | - while read line; do - ${pkgs.systemd}/bin/systemctl start --no-block autorandr.service - done - ''; - Restart = "always"; - RestartSec = "30"; - }; - }; - - # Configure console keymap - console.keyMap = "us"; - - programs.light.enable = true; -} diff --git a/hosts/hephaestus/hardware-configuration.nix b/hosts/hephaestus/hardware-configuration.nix deleted file mode 100644 index 7a033a7..0000000 --- a/hosts/hephaestus/hardware-configuration.nix +++ /dev/null @@ -1,45 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = ["nvme" "ehci_pci" "xhci_pci" "usb_storage" "sd_mod" "sdhci_pci"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-amd"]; - boot.extraModulePackages = []; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/54ded736-367c-4081-9978-9e2d8f61cb1b"; - fsType = "btrfs"; - options = ["subvol=@"]; - }; - - boot.initrd.luks.devices."luks-df96458d-45a1-4a30-8633-58feeff603f8".device = "/dev/disk/by-uuid/df96458d-45a1-4a30-8633-58feeff603f8"; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/826A-23F7"; - fsType = "vfat"; - }; - - swapDevices = []; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp2s0f0.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/hosts/hephaestus/home.nix b/hosts/hephaestus/home.nix deleted file mode 100644 index 2c9bd36..0000000 --- a/hosts/hephaestus/home.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ - config, - pkgs, - ... -}: { - home-manager.users.alarsyo = { - home.stateVersion = "23.05"; - my.home.laptop.enable = true; - - # Keyboard settings & i3 settings - my.home.x.enable = true; - my.home.x.i3.enable = true; - my.home.x.i3bar.temperature.chip = "k10temp-pci-*"; - my.home.x.i3bar.temperature.inputs = ["Tctl"]; - my.home.x.i3bar.networking.throughput_interfaces = ["wlp3s0" "enp6s0f3u1u1"]; - my.home.emacs.enable = true; - - my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight; - - # TODO: place in global home conf - services.dunst.enable = true; - - home.packages = builtins.attrValues { - inherit - (pkgs) - # some websites only work there :( - - chromium - darktable - # dev - - rustup - gdb - valgrind - zotero - ; - - inherit - (pkgs.packages) - ansel - spot - ; - - inherit (pkgs.wineWowPackages) stable; - }; - }; -} diff --git a/hosts/hephaestus/secrets.nix b/hosts/hephaestus/secrets.nix deleted file mode 100644 index dc35e6d..0000000 --- a/hosts/hephaestus/secrets.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ - config, - lib, - options, - ... -}: { - config.age = { - secrets = let - toSecret = name: {...} @ attrs: - { - file = ./../../modules/secrets + "/${name}.age"; - } - // attrs; - in - lib.mapAttrs toSecret { - "restic-backup/hephaestus-credentials" = {}; - "restic-backup/hephaestus-password" = {}; - - "users/alarsyo-hashed-password" = {}; - "users/root-hashed-password" = {}; - }; - }; -} diff --git a/modules/secrets/restic-backup/hephaestus-credentials.age b/modules/secrets/restic-backup/hephaestus-credentials.age deleted file mode 100644 index 77a80ed..0000000 --- a/modules/secrets/restic-backup/hephaestus-credentials.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 k2gHjw tTdHZJpSocTHlznYH9eRzeZkrYBbsdT4F8jV1FKw/yk -xKIkYhL/A8wTy6LqDkTuUvm4rhDI6+DXwjzl43PcR8E --> ssh-ed25519 SYm+hA vzQCZWYdgG0yxUEyGJ4Q8EAh1Kzw5CutDa6q6XSaels -Y7VqpvLfrUvWZcXqGeulRld9kff03kgzz22UBW77AOw --> j-c8-grease -WeQ ---- KHLA1KlfWM432GDbPIiKInzZeqVRJZ2YCKtF3qClfgs -85|Qx_5': A?ڡ ؊oAx)rd!(Ѩ5~\Ld"^ZZ^V/5˕ݦa诲ḷo]O/Eue \ No newline at end of file diff --git a/modules/secrets/restic-backup/hephaestus-password.age b/modules/secrets/restic-backup/hephaestus-password.age deleted file mode 100644 index 3ed4290..0000000 --- a/modules/secrets/restic-backup/hephaestus-password.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 k2gHjw 2/spllcr7Fo+1sQ4VJW/MywBVUcpKEbicv4vZQyre0c -Vc2Wugxc5M4i73UKMFXWA2PeHgUOm/+HekoeYt9ycro --> ssh-ed25519 SYm+hA KFjo2JVxpdOey8A7GAKeZci+ezE0RYBRKR8vNtloU3M -SAzpTjF/RGOgjawT2Sk5H7TNnk/SdbksuAcZZqakJOs --> !!6BS-grease GsH7hĩے2cH^X_zv'!Zkš_0}Yoje<.^[q4pP \ No newline at end of file diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index f9c389c..34dc294 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -4,11 +4,10 @@ let boreal = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAagal1aqZh52wEmgsw7fkCzO41o4Cx+nV4wJGZuX1RP root@boreal"; hades = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMxw8CtKUPAiPdKDEnuS7UyRrZN5BkUwsy5UPVF8V+lt root@hades"; - hephaestus = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA7Cp+n5+huof68QlAoJV8bVf5h5p9kEZFAVpltWopdL root@hephaestus"; talos = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMBYcmL9HZJ9SqB9OJwQ0Nt6ZbvHZTS+fzM8A6D5MPZs root@talos"; thanatos = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID8JEAWk/8iSl8fN6/f76JkmVFwtyixTpLol4zSVsnVw root@thanatos"; - machines = [boreal hades hephaestus talos thanatos]; + machines = [boreal hades talos thanatos]; all = users ++ machines; in { @@ -33,8 +32,6 @@ in { "restic-backup/boreal-credentials.age".publicKeys = [alarsyo boreal]; "restic-backup/hades-password.age".publicKeys = [alarsyo hades]; "restic-backup/hades-credentials.age".publicKeys = [alarsyo hades]; - "restic-backup/hephaestus-password.age".publicKeys = [alarsyo hephaestus]; - "restic-backup/hephaestus-credentials.age".publicKeys = [alarsyo hephaestus]; "restic-backup/talos-password.age".publicKeys = [alarsyo talos]; "restic-backup/talos-credentials.age".publicKeys = [alarsyo talos]; From b6b246f6f484b15a69038878dcd9cfa72618bae6 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 7 Jun 2024 15:54:35 +0200 Subject: [PATCH 084/309] boreal: use new option syntax for supported FS --- hosts/boreal/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/hosts/boreal/default.nix b/hosts/boreal/default.nix index f820f69..ed2cbd8 100644 --- a/hosts/boreal/default.nix +++ b/hosts/boreal/default.nix @@ -24,10 +24,10 @@ boot.tmp.useTmpfs = true; - boot.supportedFilesystems = [ - "btrfs" - "ntfs" - ]; + boot.supportedFilesystems = { + btrfs = true; + ntfs = true; + }; services.btrfs = { autoScrub = { From 6a0f69e5c16bfe4d6af0e0b302e14b65f9af8006 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 7 Jun 2024 16:18:42 +0200 Subject: [PATCH 085/309] services: nextcloud: switch to new settings --- services/nextcloud.nix | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/services/nextcloud.nix b/services/nextcloud.nix index 8c9ee12..55c4e33 100644 --- a/services/nextcloud.nix +++ b/services/nextcloud.nix @@ -67,10 +67,6 @@ in { maxUploadSize = "1G"; config = { - overwriteProtocol = "https"; - - defaultPhoneRegion = "FR"; - dbtype = "pgsql"; dbuser = "nextcloud"; dbname = dbName; @@ -79,6 +75,11 @@ in { adminuser = "admin"; adminpassFile = cfg.adminpassFile; }; + + settings = { + default_phone_region = "FR"; + overwriteprotocol = "https"; + }; }; users.groups.media.members = ["nextcloud"]; From 6c2c9f186997a9de0a28f767b441e99428134162 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 7 Jun 2024 16:19:20 +0200 Subject: [PATCH 086/309] services: paperless: switch to new settings --- services/paperless.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/paperless.nix b/services/paperless.nix index 92bd8e4..20180d2 100644 --- a/services/paperless.nix +++ b/services/paperless.nix @@ -50,7 +50,7 @@ in { enable = true; port = cfg.port; passwordFile = cfg.passwordFile; - extraConfig = { + settings = { # Postgres settings PAPERLESS_DBHOST = "/run/postgresql"; PAPERLESS_DBUSER = "paperless"; From 9dedcc4ced98ea443aecb1e6c0f71661ec51d30f Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 7 Jun 2024 16:34:29 +0200 Subject: [PATCH 087/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/a631666f5ec18271e86a5cde998cba68c33d9ac6' (2024-05-26) → 'github:nix-community/home-manager/845a5c4c073f74105022533907703441e0464bc3' (2024-06-04) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/b3b2b28c1daa04fe2ae47c21bb76fd226eac4ca1' (2024-06-01) → 'github:NixOS/nixpkgs/0b8e7a1ae5a94da2e1ee3f3030a32020f6254105' (2024-06-05) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 4420824..7081278 100644 --- a/flake.lock +++ b/flake.lock @@ -109,11 +109,11 @@ ] }, "locked": { - "lastModified": 1716736833, - "narHash": "sha256-rNObca6dm7Qs524O4st8VJH6pZ/Xe1gxl+Rx6mcWYo0=", + "lastModified": 1717527182, + "narHash": "sha256-vWSkg6AMok1UUQiSYVdGMOXKD2cDFnajITiSi0Zjd1A=", "owner": "nix-community", "repo": "home-manager", - "rev": "a631666f5ec18271e86a5cde998cba68c33d9ac6", + "rev": "845a5c4c073f74105022533907703441e0464bc3", "type": "github" }, "original": { @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1717281328, - "narHash": "sha256-evZPzpf59oNcDUXxh2GHcxHkTEG4fjae2ytWP85jXRo=", + "lastModified": 1717555607, + "narHash": "sha256-WZ1s48OODmRJ3DHC+I/DtM3tDRuRJlNqMvxvAPTD7ec=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b3b2b28c1daa04fe2ae47c21bb76fd226eac4ca1", + "rev": "0b8e7a1ae5a94da2e1ee3f3030a32020f6254105", "type": "github" }, "original": { From f278b7a5c56b00d5ed3c2d479165bb31a37cd4db Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 7 Jun 2024 16:37:32 +0200 Subject: [PATCH 088/309] talos: bump linux kernel --- hosts/talos/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index ede0970..f1b662b 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -18,7 +18,7 @@ hardware.amdgpu.opencl = false; - boot.kernelPackages = pkgs.linuxPackages_6_8; + boot.kernelPackages = pkgs.linuxPackages_6_9; # Set Wi-Fi regulatory domain. Currently always set to '00' (world), and could # lead to bad Wi-Fi performance boot.kernelParams = ["cfg80211.ieee80211_regdom=FR"]; From acad12b95a7044c719f554bffc319f813a157bd5 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 7 Jun 2024 16:40:37 +0200 Subject: [PATCH 089/309] flake: add backup extension to home-manager --- flake.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/flake.nix b/flake.nix index 4493122..95a9c9b 100644 --- a/flake.nix +++ b/flake.nix @@ -62,6 +62,7 @@ { nixosModules = { home = { + home-manager.backupFileExtension = "hm-backup"; home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.users.alarsyo = import ./home; From ffb3f7c1282876f399c9b5a911764444a9d69863 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 14 Jun 2024 12:12:29 +0200 Subject: [PATCH 090/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/0b8e7a1ae5a94da2e1ee3f3030a32020f6254105' (2024-06-05) → 'github:NixOS/nixpkgs/cc54fb41d13736e92229c21627ea4f22199fee6b' (2024-06-12) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 7081278..bb59af1 100644 --- a/flake.lock +++ b/flake.lock @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1717555607, - "narHash": "sha256-WZ1s48OODmRJ3DHC+I/DtM3tDRuRJlNqMvxvAPTD7ec=", + "lastModified": 1718208800, + "narHash": "sha256-US1tAChvPxT52RV8GksWZS415tTS7PV42KTc2PNDBmc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0b8e7a1ae5a94da2e1ee3f3030a32020f6254105", + "rev": "cc54fb41d13736e92229c21627ea4f22199fee6b", "type": "github" }, "original": { From 77e3d8a0f8f3a7c4c645db9200eab29df8a3f233 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 20 Jun 2024 18:39:23 +0200 Subject: [PATCH 091/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/845a5c4c073f74105022533907703441e0464bc3' (2024-06-04) → 'github:nix-community/home-manager/a1fddf0967c33754271761d91a3d921772b30d0e' (2024-06-16) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/cc54fb41d13736e92229c21627ea4f22199fee6b' (2024-06-12) → 'github:NixOS/nixpkgs/938aa157bbd6e3c6fd7dcb77998b1f92c2ad1631' (2024-06-18) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index bb59af1..78a9fa2 100644 --- a/flake.lock +++ b/flake.lock @@ -109,11 +109,11 @@ ] }, "locked": { - "lastModified": 1717527182, - "narHash": "sha256-vWSkg6AMok1UUQiSYVdGMOXKD2cDFnajITiSi0Zjd1A=", + "lastModified": 1718530513, + "narHash": "sha256-BmO8d0r+BVlwWtMLQEYnwmngqdXIuyFzMwvmTcLMee8=", "owner": "nix-community", "repo": "home-manager", - "rev": "845a5c4c073f74105022533907703441e0464bc3", + "rev": "a1fddf0967c33754271761d91a3d921772b30d0e", "type": "github" }, "original": { @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1718208800, - "narHash": "sha256-US1tAChvPxT52RV8GksWZS415tTS7PV42KTc2PNDBmc=", + "lastModified": 1718717462, + "narHash": "sha256-qddfQLMaWR2gxfEzUM/zFZVK6H1kTv9WBQSBQxbP3MU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cc54fb41d13736e92229c21627ea4f22199fee6b", + "rev": "938aa157bbd6e3c6fd7dcb77998b1f92c2ad1631", "type": "github" }, "original": { From 505e16bc0c1591208ac1d3794503c2d933a4a815 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 20 Jun 2024 18:44:02 +0200 Subject: [PATCH 092/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/8251761f93d6f5b91cee45ac09edb6e382641009' (2024-05-29) → 'github:NixOS/nixos-hardware/083823b7904e43a4fc1c7229781417e875359a42' (2024-06-20) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 78a9fa2..d6808aa 100644 --- a/flake.lock +++ b/flake.lock @@ -125,11 +125,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1716987116, - "narHash": "sha256-uuEkErFVsFdg2K0cKbNQ9JlFSAm/xYqPr4rbPLI91Y8=", + "lastModified": 1718894893, + "narHash": "sha256-hxQBUtDbFOCCW1CsFZTS9Q5Ov1ZKdJgbBZHSez1M6iA=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "8251761f93d6f5b91cee45ac09edb6e382641009", + "rev": "083823b7904e43a4fc1c7229781417e875359a42", "type": "github" }, "original": { From 9941433a8dc1154cebf1c6399eec28eaccd11e53 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 20 Jun 2024 18:48:06 +0200 Subject: [PATCH 093/309] talos: disable amdgpu --- hosts/talos/default.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index f1b662b..5aa8e27 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -16,8 +16,6 @@ ./secrets.nix ]; - hardware.amdgpu.opencl = false; - boot.kernelPackages = pkgs.linuxPackages_6_9; # Set Wi-Fi regulatory domain. Currently always set to '00' (world), and could # lead to bad Wi-Fi performance From f3356d17da585f282d366a9420ca96e146026ba9 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 24 Jun 2024 15:09:23 +0200 Subject: [PATCH 094/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/083823b7904e43a4fc1c7229781417e875359a42' (2024-06-20) → 'github:NixOS/nixos-hardware/c3e48cbd88414f583ff08804eb57b0da4c194f9e' (2024-06-23) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/938aa157bbd6e3c6fd7dcb77998b1f92c2ad1631' (2024-06-18) → 'github:NixOS/nixpkgs/e4509b3a560c87a8d4cb6f9992b8915abf9e36d8' (2024-06-23) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index d6808aa..f2184e8 100644 --- a/flake.lock +++ b/flake.lock @@ -125,11 +125,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1718894893, - "narHash": "sha256-hxQBUtDbFOCCW1CsFZTS9Q5Ov1ZKdJgbBZHSez1M6iA=", + "lastModified": 1719145664, + "narHash": "sha256-+0bBlerLxsHUJcKPDWZM1wL3V9bzCFjz+VyRTG8fnUA=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "083823b7904e43a4fc1c7229781417e875359a42", + "rev": "c3e48cbd88414f583ff08804eb57b0da4c194f9e", "type": "github" }, "original": { @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1718717462, - "narHash": "sha256-qddfQLMaWR2gxfEzUM/zFZVK6H1kTv9WBQSBQxbP3MU=", + "lastModified": 1719145550, + "narHash": "sha256-K0i/coxxTEl30tgt4oALaylQfxqbotTSNb1/+g+mKMQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "938aa157bbd6e3c6fd7dcb77998b1f92c2ad1631", + "rev": "e4509b3a560c87a8d4cb6f9992b8915abf9e36d8", "type": "github" }, "original": { From b83f110fa75bae14ad5dd8761c45c9bdb261ba64 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 28 Jun 2024 22:26:34 +0200 Subject: [PATCH 095/309] talos: virtualbox things --- hosts/talos/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 5aa8e27..79f6635 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -64,6 +64,9 @@ virtualisation = { docker.enable = true; libvirtd.enable = false; + virtualbox.host = { + enable = false; + }; }; my.services = { @@ -108,6 +111,8 @@ # test vms "*.qcow2" + "*.vbox" + "*.vdi" # secrets stay offline "/home/alarsyo/**/secrets" From 59f24701a3c76208813e2e9faf572ab6276004f8 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 1 Jul 2024 15:59:07 +0200 Subject: [PATCH 096/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/a1fddf0967c33754271761d91a3d921772b30d0e' (2024-06-16) → 'github:nix-community/home-manager/391ca6e950c2525b4f853cbe29922452c14eda82' (2024-07-01) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/c3e48cbd88414f583ff08804eb57b0da4c194f9e' (2024-06-23) → 'github:NixOS/nixos-hardware/a59f00f5ac65b19382617ba00f360f8bc07ed3ac' (2024-06-29) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/e4509b3a560c87a8d4cb6f9992b8915abf9e36d8' (2024-06-23) → 'github:NixOS/nixpkgs/7dca15289a1c2990efbe4680f0923ce14139b042' (2024-06-30) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index f2184e8..b8eea6c 100644 --- a/flake.lock +++ b/flake.lock @@ -109,11 +109,11 @@ ] }, "locked": { - "lastModified": 1718530513, - "narHash": "sha256-BmO8d0r+BVlwWtMLQEYnwmngqdXIuyFzMwvmTcLMee8=", + "lastModified": 1719827385, + "narHash": "sha256-qs+nU20Sm8czHg3bhGCqiH+8e13BJyRrKONW34g3i50=", "owner": "nix-community", "repo": "home-manager", - "rev": "a1fddf0967c33754271761d91a3d921772b30d0e", + "rev": "391ca6e950c2525b4f853cbe29922452c14eda82", "type": "github" }, "original": { @@ -125,11 +125,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1719145664, - "narHash": "sha256-+0bBlerLxsHUJcKPDWZM1wL3V9bzCFjz+VyRTG8fnUA=", + "lastModified": 1719681865, + "narHash": "sha256-Lp+l1IsREVbz8WM35OJYZz8sAH0XOjrZWUXVB5bJ2qg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "c3e48cbd88414f583ff08804eb57b0da4c194f9e", + "rev": "a59f00f5ac65b19382617ba00f360f8bc07ed3ac", "type": "github" }, "original": { @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1719145550, - "narHash": "sha256-K0i/coxxTEl30tgt4oALaylQfxqbotTSNb1/+g+mKMQ=", + "lastModified": 1719707984, + "narHash": "sha256-RoxIr/fbndtuKqulGvNCcuzC6KdAib85Q8gXnjzA1dw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e4509b3a560c87a8d4cb6f9992b8915abf9e36d8", + "rev": "7dca15289a1c2990efbe4680f0923ce14139b042", "type": "github" }, "original": { From dedbbed14b2643facdd0ca9ed10475d8982c5d08 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 3 Jul 2024 20:27:35 +0200 Subject: [PATCH 097/309] services: add mealie --- services/default.nix | 1 + services/mealie.nix | 55 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+) create mode 100644 services/mealie.nix diff --git a/services/default.nix b/services/default.nix index 1498830..51e37bf 100644 --- a/services/default.nix +++ b/services/default.nix @@ -9,6 +9,7 @@ ./jellyfin.nix ./lohr.nix ./matrix.nix + ./mealie.nix ./media.nix ./microbin.nix ./miniflux.nix diff --git a/services/mealie.nix b/services/mealie.nix new file mode 100644 index 0000000..26f3c6e --- /dev/null +++ b/services/mealie.nix @@ -0,0 +1,55 @@ +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) + mkEnableOption + mkIf + mkOption + ; + + cfg = config.my.services.mealie; + my = config.my; + + domain = config.networking.domain; + hostname = config.networking.hostName; + fqdn = "${hostname}.${domain}"; +in { + options.my.services.mealie = let + inherit (lib) types; + in { + enable = mkEnableOption "Mealie"; + port = mkOption { + type = types.port; + example = 8080; + description = "Internal port for Mealie webapp"; + }; + }; + + config = mkIf cfg.enable { + services.mealie = { + enable = true; + listenAddress = "127.0.0.1"; + port = cfg.port; + }; + + services.nginx.virtualHosts."mealie.${domain}" = { + forceSSL = true; + useACMEHost = fqdn; + + locations."/" = { + proxyPass = "http://127.0.0.1:${toString cfg.port}/"; + proxyWebsockets = true; + }; + }; + + security.acme.certs.${fqdn}.extraDomainNames = ["mealie.${domain}"]; + + my.services.restic-backup = { + paths = ["/var/lib/mealie"]; + }; + }; +} From 78907fe1309dcb26229026f38790a5f0112cf21f Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 3 Jul 2024 20:39:24 +0200 Subject: [PATCH 098/309] hades: enable mealie --- hosts/hades/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hosts/hades/default.nix b/hosts/hades/default.nix index 2729712..e181392 100644 --- a/hosts/hades/default.nix +++ b/hosts/hades/default.nix @@ -81,6 +81,11 @@ in { secretConfigFile = config.age.secrets."matrix-synapse/secret-config".path; }; + mealie = { + enable = true; + port = 8090; + }; + microbin = { enable = true; privatePort = 8088; From 43570753948c192952cde112e110475851473ea2 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 3 Jul 2024 20:51:17 +0200 Subject: [PATCH 099/309] services: bump max body size for photo services --- services/immich.nix | 2 +- services/photoprism.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/services/immich.nix b/services/immich.nix index 89e4721..b1415df 100644 --- a/services/immich.nix +++ b/services/immich.nix @@ -74,7 +74,7 @@ in { proxy_connect_timeout 600; proxy_read_timeout 600; proxy_send_timeout 600; - client_max_body_size 100m; + client_max_body_size 500m; access_log syslog:server=unix:/dev/log,tag=immich; ''; }; diff --git a/services/photoprism.nix b/services/photoprism.nix index f7f6628..3c2d2df 100644 --- a/services/photoprism.nix +++ b/services/photoprism.nix @@ -61,7 +61,7 @@ in { proxy_connect_timeout 600; proxy_read_timeout 600; proxy_send_timeout 600; - client_max_body_size 100m; + client_max_body_size 500m; access_log syslog:server=unix:/dev/log,tag=photoprism; ''; }; From 4f3e6550727a555ee4d28bda46cdc89ce8386c27 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 3 Jul 2024 21:08:56 +0200 Subject: [PATCH 100/309] acme: switch to OVH API --- hosts/hades/secrets.nix | 4 ++-- modules/secrets/ovh/credentials.age | 7 +++++++ modules/secrets/secrets.nix | 2 ++ services/nginx.nix | 4 ++-- 4 files changed, 13 insertions(+), 4 deletions(-) create mode 100644 modules/secrets/ovh/credentials.age diff --git a/hosts/hades/secrets.nix b/hosts/hades/secrets.nix index 23b2cdb..55ec422 100644 --- a/hosts/hades/secrets.nix +++ b/hosts/hades/secrets.nix @@ -13,8 +13,6 @@ // attrs; in lib.mapAttrs toSecret { - "gandi/api-key" = {}; - "lohr/shared-secret" = {}; "matrix-synapse/secret-config" = { @@ -29,6 +27,8 @@ owner = "nextcloud"; }; + "ovh/credentials" = {}; + "paperless/admin-password" = {}; "paperless/secret-key" = {}; diff --git a/modules/secrets/ovh/credentials.age b/modules/secrets/ovh/credentials.age new file mode 100644 index 0000000..ab487ae --- /dev/null +++ b/modules/secrets/ovh/credentials.age @@ -0,0 +1,7 @@ +age-encryption.org/v1 +-> ssh-ed25519 k2gHjw XED7gkKAp1ioBegA7ryqULRF1BORpW74esfIGp9zPE8 +ANxnQN+tox9KYdZvNZFZvQxOymckldPQMhFnz6fSIBo +-> ssh-ed25519 pX8y2g 9wgPqL6GoOxad5AAUmDAYj0h/57AEM8VsQKq1pGTtjM +SxD++XJioZLpt6C8Xse5Nmz4wtL0Fb5NKWo5ijKpyv8 +--- 3qOJnkY3Uc4fIex9mgz2+w+su5dS7K7Tmtk1hiqkn9M +XeaLQ H2*ZT P;(jC̀k viħk`]mB ,,?!{%e(Su-SD=H#q=U;=O G+_oP]RL$ֳ\0N!"&%N<,v1ʑj1 \ No newline at end of file diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index 34dc294..40ca77c 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -23,6 +23,8 @@ in { "nextcloud/admin-pass.age".publicKeys = [alarsyo hades]; + "ovh/credentials.age".publicKeys = [alarsyo hades]; + "paperless/admin-password.age".publicKeys = [alarsyo hades]; "paperless/secret-key.age".publicKeys = [alarsyo hades]; diff --git a/services/nginx.nix b/services/nginx.nix index 6781549..e17c29b 100644 --- a/services/nginx.nix +++ b/services/nginx.nix @@ -66,8 +66,8 @@ in { gandiKey = config.my.secrets.gandiKey; in { "${fqdn}" = { - dnsProvider = "gandiv5"; - credentialsFile = config.age.secrets."gandi/api-key".path; + dnsProvider = "ovh"; + credentialsFile = config.age.secrets."ovh/credentials".path; group = "nginx"; }; }; From 93b6c20e41793abd73538805082d926a3b300456 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 3 Jul 2024 21:16:59 +0200 Subject: [PATCH 101/309] services: mealie: don't allow signups --- services/mealie.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/services/mealie.nix b/services/mealie.nix index 26f3c6e..3f46e29 100644 --- a/services/mealie.nix +++ b/services/mealie.nix @@ -34,6 +34,10 @@ in { enable = true; listenAddress = "127.0.0.1"; port = cfg.port; + + settings = { + ALLOW_SIGNUP = "false"; + }; }; services.nginx.virtualHosts."mealie.${domain}" = { From 0ed148eb6629b0885ffc528629fa0c296c715974 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 3 Jul 2024 21:29:29 +0200 Subject: [PATCH 102/309] services: mealie: use postgres --- services/mealie.nix | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/services/mealie.nix b/services/mealie.nix index 3f46e29..7ceebe0 100644 --- a/services/mealie.nix +++ b/services/mealie.nix @@ -37,9 +37,48 @@ in { settings = { ALLOW_SIGNUP = "false"; + BASE_URL = "https://mealie.${domain}"; + TZ = config.time.timeZone; + + # Use PostgreSQL + DB_ENGINE = "postgres"; + + # Settings for Mealie 1.2 + POSTGRES_USER = "mealie"; + POSTGRES_PASSWORD = ""; + POSTGRES_SERVER = "/run/postgresql"; + # Pydantic and/or mealie doesn't handle the URI correctly, hijack it + # with query parameters... + POSTGRES_DB = "mealie?host=/run/postgresql&dbname=mealie"; + + # Settings for Mealie 1.7+, when that gets into NixOS stable + # POSTGRES_URL_OVERRIDE = "postgresql://mealie:@/mealie?host=/run/postgresql"; }; }; + systemd.services = { + mealie = { + after = [ "postgresql.service" ]; + requires = [ "postgresql.service" ]; + }; + }; + + # Set-up database + services.postgresql = { + enable = true; + ensureDatabases = [ "mealie" ]; + ensureUsers = [ + { + name = "mealie"; + ensureDBOwnership = true; + } + ]; + }; + + services.postgresqlBackup = { + databases = ["mealie"]; + }; + services.nginx.virtualHosts."mealie.${domain}" = { forceSSL = true; useACMEHost = fqdn; From 639303c2bfbad916108c2dce652e644d18868d05 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 5 Jul 2024 18:06:58 +0200 Subject: [PATCH 103/309] services: mealie: switch to unstable --- services/mealie.nix | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/services/mealie.nix b/services/mealie.nix index 7ceebe0..c7ac736 100644 --- a/services/mealie.nix +++ b/services/mealie.nix @@ -32,6 +32,7 @@ in { config = mkIf cfg.enable { services.mealie = { enable = true; + package = pkgs.unstable.mealie; listenAddress = "127.0.0.1"; port = cfg.port; @@ -44,15 +45,15 @@ in { DB_ENGINE = "postgres"; # Settings for Mealie 1.2 - POSTGRES_USER = "mealie"; - POSTGRES_PASSWORD = ""; - POSTGRES_SERVER = "/run/postgresql"; - # Pydantic and/or mealie doesn't handle the URI correctly, hijack it - # with query parameters... - POSTGRES_DB = "mealie?host=/run/postgresql&dbname=mealie"; + #POSTGRES_USER = "mealie"; + #POSTGRES_PASSWORD = ""; + #POSTGRES_SERVER = "/run/postgresql"; + ## Pydantic and/or mealie doesn't handle the URI correctly, hijack it + ## with query parameters... + #POSTGRES_DB = "mealie?host=/run/postgresql&dbname=mealie"; # Settings for Mealie 1.7+, when that gets into NixOS stable - # POSTGRES_URL_OVERRIDE = "postgresql://mealie:@/mealie?host=/run/postgresql"; + POSTGRES_URL_OVERRIDE = "postgresql://mealie:@/mealie?host=/run/postgresql"; }; }; From 3d5ad2420c0979e6c346439fd8665f4c598082bc Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 12 Jul 2024 13:24:19 +0200 Subject: [PATCH 104/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/391ca6e950c2525b4f853cbe29922452c14eda82' (2024-07-01) → 'github:nix-community/home-manager/e1391fb22e18a36f57e6999c7a9f966dc80ac073' (2024-07-03) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/a59f00f5ac65b19382617ba00f360f8bc07ed3ac' (2024-06-29) → 'github:NixOS/nixos-hardware/c5013aa7ce2c7ec90acee5d965d950c8348db751' (2024-07-11) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/7dca15289a1c2990efbe4680f0923ce14139b042' (2024-06-30) → 'github:NixOS/nixpkgs/a046c1202e11b62cbede5385ba64908feb7bfac4' (2024-07-11) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index b8eea6c..a0adce8 100644 --- a/flake.lock +++ b/flake.lock @@ -109,11 +109,11 @@ ] }, "locked": { - "lastModified": 1719827385, - "narHash": "sha256-qs+nU20Sm8czHg3bhGCqiH+8e13BJyRrKONW34g3i50=", + "lastModified": 1720042825, + "narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=", "owner": "nix-community", "repo": "home-manager", - "rev": "391ca6e950c2525b4f853cbe29922452c14eda82", + "rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073", "type": "github" }, "original": { @@ -125,11 +125,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1719681865, - "narHash": "sha256-Lp+l1IsREVbz8WM35OJYZz8sAH0XOjrZWUXVB5bJ2qg=", + "lastModified": 1720737798, + "narHash": "sha256-G/OtEAts7ZUvW5lrGMXSb8HqRp2Jr9I7reBuvCOL54w=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "a59f00f5ac65b19382617ba00f360f8bc07ed3ac", + "rev": "c5013aa7ce2c7ec90acee5d965d950c8348db751", "type": "github" }, "original": { @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1719707984, - "narHash": "sha256-RoxIr/fbndtuKqulGvNCcuzC6KdAib85Q8gXnjzA1dw=", + "lastModified": 1720691131, + "narHash": "sha256-CWT+KN8aTPyMIx8P303gsVxUnkinIz0a/Cmasz1jyIM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7dca15289a1c2990efbe4680f0923ce14139b042", + "rev": "a046c1202e11b62cbede5385ba64908feb7bfac4", "type": "github" }, "original": { From d4c13347314354f5b993ea93e75a756eb445b065 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 22 Jul 2024 20:03:54 +0200 Subject: [PATCH 105/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/c5013aa7ce2c7ec90acee5d965d950c8348db751' (2024-07-11) → 'github:NixOS/nixos-hardware/ab165a8a6cd12781d76fe9cbccb9e975d0fb634f' (2024-07-19) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/a046c1202e11b62cbede5385ba64908feb7bfac4' (2024-07-11) → 'github:NixOS/nixpkgs/63d37ccd2d178d54e7fb691d7ec76000740ea24a' (2024-07-21) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index a0adce8..41262bf 100644 --- a/flake.lock +++ b/flake.lock @@ -125,11 +125,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1720737798, - "narHash": "sha256-G/OtEAts7ZUvW5lrGMXSb8HqRp2Jr9I7reBuvCOL54w=", + "lastModified": 1721413321, + "narHash": "sha256-0GdiQScDceUrVGbxYpV819LHesK3szHOhJ09e6sgES4=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "c5013aa7ce2c7ec90acee5d965d950c8348db751", + "rev": "ab165a8a6cd12781d76fe9cbccb9e975d0fb634f", "type": "github" }, "original": { @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1720691131, - "narHash": "sha256-CWT+KN8aTPyMIx8P303gsVxUnkinIz0a/Cmasz1jyIM=", + "lastModified": 1721548954, + "narHash": "sha256-7cCC8+Tdq1+3OPyc3+gVo9dzUNkNIQfwSDJ2HSi2u3o=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a046c1202e11b62cbede5385ba64908feb7bfac4", + "rev": "63d37ccd2d178d54e7fb691d7ec76000740ea24a", "type": "github" }, "original": { From 2a26eb16e27a9d7490c463971722119631dd705c Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 30 Jul 2024 15:53:47 +0200 Subject: [PATCH 106/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/ab165a8a6cd12781d76fe9cbccb9e975d0fb634f' (2024-07-19) → 'github:NixOS/nixos-hardware/14c333162ba53c02853add87a0000cbd7aa230c2' (2024-07-30) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/63d37ccd2d178d54e7fb691d7ec76000740ea24a' (2024-07-21) → 'github:NixOS/nixpkgs/8c50662509100d53229d4be607f1a3a31157fa12' (2024-07-27) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 41262bf..c58692b 100644 --- a/flake.lock +++ b/flake.lock @@ -125,11 +125,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1721413321, - "narHash": "sha256-0GdiQScDceUrVGbxYpV819LHesK3szHOhJ09e6sgES4=", + "lastModified": 1722332872, + "narHash": "sha256-2xLM4sc5QBfi0U/AANJAW21Bj4ZX479MHPMPkB+eKBU=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "ab165a8a6cd12781d76fe9cbccb9e975d0fb634f", + "rev": "14c333162ba53c02853add87a0000cbd7aa230c2", "type": "github" }, "original": { @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1721548954, - "narHash": "sha256-7cCC8+Tdq1+3OPyc3+gVo9dzUNkNIQfwSDJ2HSi2u3o=", + "lastModified": 1722087241, + "narHash": "sha256-2ShmEaFi0kJVOEEu5gmlykN5dwjWYWYUJmlRTvZQRpU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "63d37ccd2d178d54e7fb691d7ec76000740ea24a", + "rev": "8c50662509100d53229d4be607f1a3a31157fa12", "type": "github" }, "original": { From aba4f6a7f959c8fa062680327f1d921c179043e9 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 30 Jul 2024 16:35:04 +0200 Subject: [PATCH 107/309] talos: switch to 6.10 kernel --- hosts/talos/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 79f6635..9ed3dd0 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -16,7 +16,7 @@ ./secrets.nix ]; - boot.kernelPackages = pkgs.linuxPackages_6_9; + boot.kernelPackages = pkgs.linuxPackages_6_10; # Set Wi-Fi regulatory domain. Currently always set to '00' (world), and could # lead to bad Wi-Fi performance boot.kernelParams = ["cfg80211.ieee80211_regdom=FR"]; From 596b0220182f3da1b58aa1331d4111b8d7d9adac Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 5 Aug 2024 21:49:11 +0200 Subject: [PATCH 108/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/8c50662509100d53229d4be607f1a3a31157fa12' (2024-07-27) → 'github:NixOS/nixpkgs/8b5b6723aca5a51edf075936439d9cd3947b7b2c' (2024-08-04) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c58692b..fd14f39 100644 --- a/flake.lock +++ b/flake.lock @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1722087241, - "narHash": "sha256-2ShmEaFi0kJVOEEu5gmlykN5dwjWYWYUJmlRTvZQRpU=", + "lastModified": 1722791413, + "narHash": "sha256-rCTrlCWvHzMCNcKxPE3Z/mMK2gDZ+BvvpEVyRM4tKmU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8c50662509100d53229d4be607f1a3a31157fa12", + "rev": "8b5b6723aca5a51edf075936439d9cd3947b7b2c", "type": "github" }, "original": { From fbe837f1913be69c36dc2a080055c74c9f0a21d6 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 13 Aug 2024 16:14:17 +0200 Subject: [PATCH 109/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/14c333162ba53c02853add87a0000cbd7aa230c2' (2024-07-30) → 'github:NixOS/nixos-hardware/c54cf53e022b0b3c1d3b8207aa0f9b194c24f0cf' (2024-08-10) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/8b5b6723aca5a51edf075936439d9cd3947b7b2c' (2024-08-04) → 'github:NixOS/nixpkgs/a731b45590a5169542990c36ffcde6cebd9a3356' (2024-08-11) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index fd14f39..6f16111 100644 --- a/flake.lock +++ b/flake.lock @@ -125,11 +125,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1722332872, - "narHash": "sha256-2xLM4sc5QBfi0U/AANJAW21Bj4ZX479MHPMPkB+eKBU=", + "lastModified": 1723310128, + "narHash": "sha256-IiH8jG6PpR4h9TxSGMYh+2/gQiJW9MwehFvheSb5rPc=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "14c333162ba53c02853add87a0000cbd7aa230c2", + "rev": "c54cf53e022b0b3c1d3b8207aa0f9b194c24f0cf", "type": "github" }, "original": { @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1722791413, - "narHash": "sha256-rCTrlCWvHzMCNcKxPE3Z/mMK2gDZ+BvvpEVyRM4tKmU=", + "lastModified": 1723400035, + "narHash": "sha256-WoKZDlBEdMhP+hjquBAh0BhUJbcH2+U8g2mHOr1mv8I=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8b5b6723aca5a51edf075936439d9cd3947b7b2c", + "rev": "a731b45590a5169542990c36ffcde6cebd9a3356", "type": "github" }, "original": { From 0b5f4c1dbe3e123ad8b94a51a37ec254bdb0d4dd Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 2 Sep 2024 18:52:25 +0200 Subject: [PATCH 110/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/c54cf53e022b0b3c1d3b8207aa0f9b194c24f0cf' (2024-08-10) → 'github:NixOS/nixos-hardware/95c3dfe6ef2e96ddc1ccdd7194e3cda02ca9a8ef' (2024-08-28) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/a731b45590a5169542990c36ffcde6cebd9a3356' (2024-08-11) → 'github:NixOS/nixpkgs/6e99f2a27d600612004fbd2c3282d614bfee6421' (2024-08-30) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 6f16111..6c45879 100644 --- a/flake.lock +++ b/flake.lock @@ -125,11 +125,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1723310128, - "narHash": "sha256-IiH8jG6PpR4h9TxSGMYh+2/gQiJW9MwehFvheSb5rPc=", + "lastModified": 1724878143, + "narHash": "sha256-UjpKo92iZ25M05kgSOw/Ti6VZwpgdlOa73zHj8OcaDk=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "c54cf53e022b0b3c1d3b8207aa0f9b194c24f0cf", + "rev": "95c3dfe6ef2e96ddc1ccdd7194e3cda02ca9a8ef", "type": "github" }, "original": { @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1723400035, - "narHash": "sha256-WoKZDlBEdMhP+hjquBAh0BhUJbcH2+U8g2mHOr1mv8I=", + "lastModified": 1725001927, + "narHash": "sha256-eV+63gK0Mp7ygCR0Oy4yIYSNcum2VQwnZamHxYTNi+M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a731b45590a5169542990c36ffcde6cebd9a3356", + "rev": "6e99f2a27d600612004fbd2c3282d614bfee6421", "type": "github" }, "original": { From 6224155e9cc747974ac626e9ca95b6cff1a7bae6 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 2 Sep 2024 19:04:59 +0200 Subject: [PATCH 111/309] pkgs: remove ansel It's in NixOS 24.05! --- .github/workflows/cachix.yaml | 1 - hosts/talos/home.nix | 2 +- pkgs/ansel/default.nix | 155 ---------------------------------- pkgs/default.nix | 1 - 4 files changed, 1 insertion(+), 158 deletions(-) delete mode 100644 pkgs/ansel/default.nix diff --git a/.github/workflows/cachix.yaml b/.github/workflows/cachix.yaml index ee0f60a..c14e1ea 100644 --- a/.github/workflows/cachix.yaml +++ b/.github/workflows/cachix.yaml @@ -46,7 +46,6 @@ jobs: fail-fast: false matrix: name: - - ansel - grafanaDashboards/nginx - grafanaDashboards/node-exporter - kaleidoscope-udev-rules diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 0f547f1..f445684 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -23,13 +23,13 @@ home.packages = builtins.attrValues { inherit (pkgs) + ansel chromium # some websites only work there :( zotero ; inherit (pkgs.packages) - ansel spot ; }; diff --git a/pkgs/ansel/default.nix b/pkgs/ansel/default.nix deleted file mode 100644 index 43f5998..0000000 --- a/pkgs/ansel/default.nix +++ /dev/null @@ -1,155 +0,0 @@ -{ - cmake, - colord, - colord-gtk, - curl, - dav1d, - desktop-file-utils, - exiftool, - exiv2, - fetchFromGitHub, - glib, - gmic, - graphicsmagick, - gtk3, - icu, - intltool, - isocodes, - jasper, - json-glib, - lcms, - lensfun, - lib, - libXdmcp, - libXtst, - libaom, - libavif, - libdatrie, - libde265, - libepoxy, - libffi, - libgcrypt, - libgpg-error, - libheif, - libjpeg, - libpsl, - librsvg, - libsecret, - libselinux, - libsepol, - libsoup, - libsysprof-capture, - libthai, - libwebp, - libxkbcommon, - libxml2, - libxslt, - llvmPackages, - openexr_3, - openjpeg, - osm-gps-map, - pcre, - pcre2, - perlPackages, - pkg-config, - pugixml, - python3Packages, - rav1e, - sqlite, - stdenv, - util-linux, - wrapGAppsHook, - x265, -}: -stdenv.mkDerivation { - pname = "ansel"; - version = "unstable-2024-01-05"; - - src = fetchFromGitHub { - owner = "aurelienpierreeng"; - repo = "ansel"; - rev = "e2c4a0a60cd80f741dd3d3c6ab72be9ac11234fb"; - hash = "sha256-Kg020MHy9fn1drCk+66f25twqczvD/5evutDODqOjYM="; - fetchSubmodules = true; - }; - - nativeBuildInputs = [ - cmake - desktop-file-utils - exiftool - intltool - libxml2 - llvmPackages.clang - llvmPackages.llvm - pkg-config - perlPackages.perl - python3Packages.jsonschema - wrapGAppsHook - ]; - - buildInputs = [ - colord - colord-gtk - curl - dav1d - exiv2 - json-glib - glib - gmic - graphicsmagick - gtk3 - icu - isocodes - jasper - lcms - lensfun - libaom - libavif - libdatrie - libde265 - libepoxy - libffi - libgcrypt - libgpg-error - libheif - libjpeg - libpsl - librsvg - libsecret - libselinux - libsepol - libsoup - libsysprof-capture - libthai - libwebp - libXdmcp - libxkbcommon - libxslt - libXtst - openexr_3 - openjpeg - osm-gps-map - pcre - pcre2 - perlPackages.Po4a - pugixml - rav1e - sqlite - util-linux - x265 - ]; - - preFixup = '' - gappsWrapperArgs+=( - --prefix LD_LIBRARY_PATH ":" "$out/lib/ansel" - ) - ''; - - meta = { - description = "A darktable fork minus the bloat plus some design vision"; - homepage = "https://ansel.photos/"; - license = lib.licenses.gpl3Plus; - mainProgram = "ansel"; - platforms = lib.platforms.linux; - }; -} diff --git a/pkgs/default.nix b/pkgs/default.nix index fc7fdd0..19307a1 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,5 +1,4 @@ {pkgs}: { - ansel = pkgs.callPackage ./ansel {}; sddm-sugar-candy = pkgs.callPackage ./sddm-sugar-candy {}; kaleidoscope-udev-rules = pkgs.callPackage ./kaleidoscope-udev-rules {}; grafanaDashboards = pkgs.recurseIntoAttrs (pkgs.callPackage ./grafana-dashboards {}); From 8f0fd2893471aaeb4ccd61f3917dd0768d75fcc8 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 10 Sep 2024 14:21:02 +0200 Subject: [PATCH 112/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/e1391fb22e18a36f57e6999c7a9f966dc80ac073' (2024-07-03) → 'github:nix-community/home-manager/208df2e558b73b6a1f0faec98493cb59a25f62ba' (2024-09-07) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/95c3dfe6ef2e96ddc1ccdd7194e3cda02ca9a8ef' (2024-08-28) → 'github:NixOS/nixos-hardware/166dee4f88a7e3ba1b7a243edb1aca822f00680e' (2024-09-09) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/6e99f2a27d600612004fbd2c3282d614bfee6421' (2024-08-30) → 'github:NixOS/nixpkgs/f4c846aee8e1e29062aa8514d5e0ab270f4ec2f9' (2024-09-08) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 6c45879..85dc88a 100644 --- a/flake.lock +++ b/flake.lock @@ -109,11 +109,11 @@ ] }, "locked": { - "lastModified": 1720042825, - "narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=", + "lastModified": 1725703823, + "narHash": "sha256-tDgM4d8mLK0Hd6YMB2w1BqMto1XBXADOzPEaLl10VI4=", "owner": "nix-community", "repo": "home-manager", - "rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073", + "rev": "208df2e558b73b6a1f0faec98493cb59a25f62ba", "type": "github" }, "original": { @@ -125,11 +125,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1724878143, - "narHash": "sha256-UjpKo92iZ25M05kgSOw/Ti6VZwpgdlOa73zHj8OcaDk=", + "lastModified": 1725885300, + "narHash": "sha256-5RLEnou1/GJQl+Wd+Bxaj7QY7FFQ9wjnFq1VNEaxTmc=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "95c3dfe6ef2e96ddc1ccdd7194e3cda02ca9a8ef", + "rev": "166dee4f88a7e3ba1b7a243edb1aca822f00680e", "type": "github" }, "original": { @@ -189,11 +189,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1725001927, - "narHash": "sha256-eV+63gK0Mp7ygCR0Oy4yIYSNcum2VQwnZamHxYTNi+M=", + "lastModified": 1725826545, + "narHash": "sha256-L64N1rpLlXdc94H+F6scnrbuEu+utC03cDDVvvJGOME=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6e99f2a27d600612004fbd2c3282d614bfee6421", + "rev": "f4c846aee8e1e29062aa8514d5e0ab270f4ec2f9", "type": "github" }, "original": { From 714938ef60716c36f60f79819554a8d08bd9df5f Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 16 Sep 2024 11:45:49 +0200 Subject: [PATCH 113/309] flake: add lix to configuration --- flake.lock | 84 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ flake.nix | 7 +++++ 2 files changed, 91 insertions(+) diff --git a/flake.lock b/flake.lock index 85dc88a..3d32eae 100644 --- a/flake.lock +++ b/flake.lock @@ -81,6 +81,39 @@ "type": "github" } }, + "flake-utils_2": { + "inputs": { + "systems": "systems_3" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flakey-profile": { + "locked": { + "lastModified": 1712898590, + "narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=", + "owner": "lf-", + "repo": "flakey-profile", + "rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d", + "type": "github" + }, + "original": { + "owner": "lf-", + "repo": "flakey-profile", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -123,6 +156,41 @@ "type": "github" } }, + "lix": { + "flake": false, + "locked": { + "lastModified": 1723503926, + "narHash": "sha256-Rosl9iA9MybF5Bud4BTAQ9adbY81aGmPfV8dDBGl34s=", + "rev": "bcaeb6388b8916ac6d1736e3aa2b13313e6a6bd2", + "type": "tarball", + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/bcaeb6388b8916ac6d1736e3aa2b13313e6a6bd2.tar.gz?rev=bcaeb6388b8916ac6d1736e3aa2b13313e6a6bd2" + }, + "original": { + "type": "tarball", + "url": "https://git.lix.systems/lix-project/lix/archive/2.91.0.tar.gz" + } + }, + "lix-module": { + "inputs": { + "flake-utils": "flake-utils_2", + "flakey-profile": "flakey-profile", + "lix": "lix", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1723510904, + "narHash": "sha256-zNW/rqNJwhq2lYmQf19wJerRuNimjhxHKmzrWWFJYts=", + "rev": "622a2253a071a1fb97a4d3c8103a91114acc1140", + "type": "tarball", + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/622a2253a071a1fb97a4d3c8103a91114acc1140.tar.gz?rev=622a2253a071a1fb97a4d3c8103a91114acc1140" + }, + "original": { + "type": "tarball", + "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.0.tar.gz" + } + }, "nixos-hardware": { "locked": { "lastModified": 1725885300, @@ -209,6 +277,7 @@ "disko": "disko", "flake-utils": "flake-utils", "home-manager": "home-manager_2", + "lix-module": "lix-module", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_3", "nixpkgs-unstable-small": "nixpkgs-unstable-small" @@ -243,6 +312,21 @@ "repo": "default", "type": "github" } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 95a9c9b..2689e2e 100644 --- a/flake.nix +++ b/flake.nix @@ -49,6 +49,11 @@ repo = "disko"; ref = "master"; }; + + lix-module = { + url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.0.tar.gz"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; outputs = { @@ -57,6 +62,7 @@ home-manager, agenix, disko, + lix-module, ... } @ inputs: { @@ -95,6 +101,7 @@ [ agenix.nixosModules.default home-manager.nixosModules.default + lix-module.nixosModules.default { nixpkgs = { overlays = shared_overlays; From d6b7ff54190a3b9747b8354d5bbafc14102b6da8 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 16 Sep 2024 11:47:29 +0200 Subject: [PATCH 114/309] home: fish: update nfl alias --- home/fish/functions/nfl.fish | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/home/fish/functions/nfl.fish b/home/fish/functions/nfl.fish index bac1d05..48674c4 100644 --- a/home/fish/functions/nfl.fish +++ b/home/fish/functions/nfl.fish @@ -1,7 +1,4 @@ function nfl set -l flags "--commit-lock-file" - for flake in $argv - set -a flags "--update-input" "$flake" - end - nix flake lock $flags + nix flake update $flags $argv end From fdc9ea7c0333b82cbe4b364bbc10f5e6327fda24 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 16 Sep 2024 11:48:35 +0200 Subject: [PATCH 115/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/166dee4f88a7e3ba1b7a243edb1aca822f00680e' (2024-09-09) → 'github:NixOS/nixos-hardware/b9ab7e57c5d1d456cdeef252d345f3bca9c55851' (2024-09-16) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/f4c846aee8e1e29062aa8514d5e0ab270f4ec2f9' (2024-09-08) → 'github:NixOS/nixpkgs/8f7492cce28977fbf8bd12c72af08b1f6c7c3e49' (2024-09-14) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 3d32eae..709c6fe 100644 --- a/flake.lock +++ b/flake.lock @@ -193,11 +193,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1725885300, - "narHash": "sha256-5RLEnou1/GJQl+Wd+Bxaj7QY7FFQ9wjnFq1VNEaxTmc=", + "lastModified": 1726454253, + "narHash": "sha256-ikQs0QZGmCfk5cJ2N5nTT6oULMvWgxN6ebk4WsOq9io=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "166dee4f88a7e3ba1b7a243edb1aca822f00680e", + "rev": "b9ab7e57c5d1d456cdeef252d345f3bca9c55851", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1725826545, - "narHash": "sha256-L64N1rpLlXdc94H+F6scnrbuEu+utC03cDDVvvJGOME=", + "lastModified": 1726320982, + "narHash": "sha256-RuVXUwcYwaUeks6h3OLrEmg14z9aFXdWppTWPMTwdQw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f4c846aee8e1e29062aa8514d5e0ab270f4ec2f9", + "rev": "8f7492cce28977fbf8bd12c72af08b1f6c7c3e49", "type": "github" }, "original": { From c39768bfbc61425086fe086e5981f944f3c38e7c Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 30 Sep 2024 14:26:10 +0200 Subject: [PATCH 116/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/208df2e558b73b6a1f0faec98493cb59a25f62ba' (2024-09-07) → 'github:nix-community/home-manager/2f23fa308a7c067e52dfcc30a0758f47043ec176' (2024-09-22) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/b9ab7e57c5d1d456cdeef252d345f3bca9c55851' (2024-09-16) → 'github:NixOS/nixos-hardware/11c43c830e533dad1be527ecce379fcf994fbbb5' (2024-09-30) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/8f7492cce28977fbf8bd12c72af08b1f6c7c3e49' (2024-09-14) → 'github:NixOS/nixpkgs/fbca5e745367ae7632731639de5c21f29c8744ed' (2024-09-28) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 709c6fe..9eead5c 100644 --- a/flake.lock +++ b/flake.lock @@ -142,11 +142,11 @@ ] }, "locked": { - "lastModified": 1725703823, - "narHash": "sha256-tDgM4d8mLK0Hd6YMB2w1BqMto1XBXADOzPEaLl10VI4=", + "lastModified": 1726989464, + "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=", "owner": "nix-community", "repo": "home-manager", - "rev": "208df2e558b73b6a1f0faec98493cb59a25f62ba", + "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176", "type": "github" }, "original": { @@ -193,11 +193,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1726454253, - "narHash": "sha256-ikQs0QZGmCfk5cJ2N5nTT6oULMvWgxN6ebk4WsOq9io=", + "lastModified": 1727665282, + "narHash": "sha256-oKtfbQB1MBypqIyzkC8QCQcVGOa1soaXaGgcBIoh14o=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "b9ab7e57c5d1d456cdeef252d345f3bca9c55851", + "rev": "11c43c830e533dad1be527ecce379fcf994fbbb5", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1726320982, - "narHash": "sha256-RuVXUwcYwaUeks6h3OLrEmg14z9aFXdWppTWPMTwdQw=", + "lastModified": 1727540905, + "narHash": "sha256-40J9tW7Y794J7Uw4GwcAKlMxlX2xISBl6IBigo83ih8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8f7492cce28977fbf8bd12c72af08b1f6c7c3e49", + "rev": "fbca5e745367ae7632731639de5c21f29c8744ed", "type": "github" }, "original": { From 7ebd52c5787a52f7e94eaf0a216d1551b93c198c Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 9 Oct 2024 14:48:37 +0200 Subject: [PATCH 117/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/11c43c830e533dad1be527ecce379fcf994fbbb5' (2024-09-30) → 'github:NixOS/nixos-hardware/ecfcd787f373f43307d764762e139a7cdeb9c22b' (2024-10-07) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/fbca5e745367ae7632731639de5c21f29c8744ed' (2024-09-28) → 'github:NixOS/nixpkgs/1bfbbbe5bbf888d675397c66bfdb275d0b99361c' (2024-10-07) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 9eead5c..736f7fd 100644 --- a/flake.lock +++ b/flake.lock @@ -193,11 +193,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1727665282, - "narHash": "sha256-oKtfbQB1MBypqIyzkC8QCQcVGOa1soaXaGgcBIoh14o=", + "lastModified": 1728269138, + "narHash": "sha256-oKxDImsOvgUZMY4NwXVyUc/c1HiU2qInX+b5BU0yXls=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "11c43c830e533dad1be527ecce379fcf994fbbb5", + "rev": "ecfcd787f373f43307d764762e139a7cdeb9c22b", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1727540905, - "narHash": "sha256-40J9tW7Y794J7Uw4GwcAKlMxlX2xISBl6IBigo83ih8=", + "lastModified": 1728328465, + "narHash": "sha256-a0a0M1TmXMK34y3M0cugsmpJ4FJPT/xsblhpiiX1CXo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "fbca5e745367ae7632731639de5c21f29c8744ed", + "rev": "1bfbbbe5bbf888d675397c66bfdb275d0b99361c", "type": "github" }, "original": { From 7dd83a25019b28e41f1e97918ab2f4fd072b17d6 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 21 Oct 2024 13:38:02 +0200 Subject: [PATCH 118/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/ecfcd787f373f43307d764762e139a7cdeb9c22b' (2024-10-07) → 'github:NixOS/nixos-hardware/cc2d3c0e060f981905d52337340ee6ec8b8eb037' (2024-10-21) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/1bfbbbe5bbf888d675397c66bfdb275d0b99361c' (2024-10-07) → 'github:NixOS/nixpkgs/a9b86fc2290b69375c5542b622088eb6eca2a7c3' (2024-10-19) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 736f7fd..4059625 100644 --- a/flake.lock +++ b/flake.lock @@ -193,11 +193,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1728269138, - "narHash": "sha256-oKxDImsOvgUZMY4NwXVyUc/c1HiU2qInX+b5BU0yXls=", + "lastModified": 1729509737, + "narHash": "sha256-8OHgqz+tFo21h3hg4/GHizFPws+MMzpEru/+62Z0E8c=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "ecfcd787f373f43307d764762e139a7cdeb9c22b", + "rev": "cc2d3c0e060f981905d52337340ee6ec8b8eb037", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1728328465, - "narHash": "sha256-a0a0M1TmXMK34y3M0cugsmpJ4FJPT/xsblhpiiX1CXo=", + "lastModified": 1729307008, + "narHash": "sha256-QUvb6epgKi9pCu9CttRQW4y5NqJ+snKr1FZpG/x3Wtc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1bfbbbe5bbf888d675397c66bfdb275d0b99361c", + "rev": "a9b86fc2290b69375c5542b622088eb6eca2a7c3", "type": "github" }, "original": { From eef9ae1ba5935b3723f4a89839cabb8ec2aed479 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 21 Oct 2024 14:07:40 +0200 Subject: [PATCH 119/309] services: mealie: format --- services/mealie.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/services/mealie.nix b/services/mealie.nix index c7ac736..b16694a 100644 --- a/services/mealie.nix +++ b/services/mealie.nix @@ -59,15 +59,15 @@ in { systemd.services = { mealie = { - after = [ "postgresql.service" ]; - requires = [ "postgresql.service" ]; + after = ["postgresql.service"]; + requires = ["postgresql.service"]; }; }; # Set-up database services.postgresql = { enable = true; - ensureDatabases = [ "mealie" ]; + ensureDatabases = ["mealie"]; ensureUsers = [ { name = "mealie"; From 5835387f06bf6f36dacfecde7cd536d1d31810ca Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 21 Oct 2024 14:12:45 +0200 Subject: [PATCH 120/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs-unstable-small': 'github:NixOS/nixpkgs/bf3faad723ca984fc4ea95c1cee1d975a8ca2a28' (2024-06-07) → 'github:NixOS/nixpkgs/a5e6a9e979367ee14f65d9c38119c30272f8455f' (2024-10-21) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 4059625..ab9fa7a 100644 --- a/flake.lock +++ b/flake.lock @@ -225,11 +225,11 @@ }, "nixpkgs-unstable-small": { "locked": { - "lastModified": 1717737457, - "narHash": "sha256-hqHp0W7ibfdu5DFc6EG3S3c+GSAbti7VUldFXSf/WiI=", + "lastModified": 1729493358, + "narHash": "sha256-Ti+Y9nWt5Fcs3JlarxLPgIOVlbqQo7jobz/qOwOaziM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "bf3faad723ca984fc4ea95c1cee1d975a8ca2a28", + "rev": "a5e6a9e979367ee14f65d9c38119c30272f8455f", "type": "github" }, "original": { From 6fa6efc8bb0729ab7ab762f772b7dd784b558bdf Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 21 Oct 2024 16:56:09 +0200 Subject: [PATCH 121/309] services: mealie: use unstable module --- services/mealie.nix | 79 +++++++++++++++++++++++++++++---------------- 1 file changed, 51 insertions(+), 28 deletions(-) diff --git a/services/mealie.nix b/services/mealie.nix index b16694a..8333c4c 100644 --- a/services/mealie.nix +++ b/services/mealie.nix @@ -17,6 +17,8 @@ domain = config.networking.domain; hostname = config.networking.hostName; fqdn = "${hostname}.${domain}"; + pkg = pkgs.unstable.mealie; + listenAddress = "127.0.0.1"; in { options.my.services.mealie = let inherit (lib) types; @@ -27,40 +29,61 @@ in { example = 8080; description = "Internal port for Mealie webapp"; }; + credentialsFile = lib.mkOption { + type = types.nullOr types.path; + default = null; + example = "/run/secrets/mealie-credentials.env"; + description = '' + File containing credentials used in mealie such as {env}`POSTGRES_PASSWORD` + or sensitive LDAP options. + + Expects the format of an `EnvironmentFile=`, as described by {manpage}`systemd.exec(5)`. + ''; + }; }; - config = mkIf cfg.enable { - services.mealie = { - enable = true; - package = pkgs.unstable.mealie; - listenAddress = "127.0.0.1"; - port = cfg.port; + # FIXME(NixOS 24.11) Copy pasted from nixpkgs master module, because some needed changes weren't in stable yet. + config = mkIf cfg.enable (let + settings = { + ALLOW_SIGNUP = "false"; + BASE_URL = "https://mealie.${domain}"; + TZ = config.time.timeZone; - settings = { - ALLOW_SIGNUP = "false"; - BASE_URL = "https://mealie.${domain}"; - TZ = config.time.timeZone; + # Use PostgreSQL + DB_ENGINE = "postgres"; - # Use PostgreSQL - DB_ENGINE = "postgres"; - - # Settings for Mealie 1.2 - #POSTGRES_USER = "mealie"; - #POSTGRES_PASSWORD = ""; - #POSTGRES_SERVER = "/run/postgresql"; - ## Pydantic and/or mealie doesn't handle the URI correctly, hijack it - ## with query parameters... - #POSTGRES_DB = "mealie?host=/run/postgresql&dbname=mealie"; - - # Settings for Mealie 1.7+, when that gets into NixOS stable - POSTGRES_URL_OVERRIDE = "postgresql://mealie:@/mealie?host=/run/postgresql"; - }; + # Settings for Mealie 1.7+ + POSTGRES_URL_OVERRIDE = "postgresql://mealie:@/mealie?host=/run/postgresql"; }; - + in { systemd.services = { mealie = { - after = ["postgresql.service"]; + after = ["network-online.target" "postgresql.service"]; requires = ["postgresql.service"]; + wants = ["network-online.target"]; + wantedBy = ["multi-user.target"]; + + description = "Mealie, a self hosted recipe manager and meal planner"; + + environment = + { + PRODUCTION = "true"; + API_PORT = toString cfg.port; + BASE_URL = "http://localhost:${toString cfg.port}"; + DATA_DIR = "/var/lib/mealie"; + CRF_MODEL_PATH = "/var/lib/mealie/model.crfmodel"; + } + // (builtins.mapAttrs (_: val: toString val) settings); + + serviceConfig = { + DynamicUser = true; + User = "mealie"; + ExecStartPre = "${pkg}/libexec/init_db"; + ExecStart = "${lib.getExe pkg} -b ${listenAddress}:${builtins.toString cfg.port}"; + EnvironmentFile = lib.mkIf (cfg.credentialsFile != null) cfg.credentialsFile; + StateDirectory = "mealie"; + StandardOutput = "journal"; + }; }; }; @@ -85,7 +108,7 @@ in { useACMEHost = fqdn; locations."/" = { - proxyPass = "http://127.0.0.1:${toString cfg.port}/"; + proxyPass = "http://${listenAddress}:${toString cfg.port}/"; proxyWebsockets = true; }; }; @@ -95,5 +118,5 @@ in { my.services.restic-backup = { paths = ["/var/lib/mealie"]; }; - }; + }); } From 096dadc821e5a1404bb9cec9fb53c1db87a748f7 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 25 Oct 2024 14:31:51 +0200 Subject: [PATCH 122/309] services: immich: increase upload max size --- services/immich.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/immich.nix b/services/immich.nix index b1415df..511e9e0 100644 --- a/services/immich.nix +++ b/services/immich.nix @@ -74,7 +74,7 @@ in { proxy_connect_timeout 600; proxy_read_timeout 600; proxy_send_timeout 600; - client_max_body_size 500m; + client_max_body_size 1000m; access_log syslog:server=unix:/dev/log,tag=immich; ''; }; From 5c72051f7106c48a92d5b0a589762f893dcbaf3e Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 25 Oct 2024 14:39:37 +0200 Subject: [PATCH 123/309] flake: upgrade lix to 2.91.1 --- flake.lock | 20 ++++++++++---------- flake.nix | 2 +- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/flake.lock b/flake.lock index ab9fa7a..450f929 100644 --- a/flake.lock +++ b/flake.lock @@ -159,15 +159,15 @@ "lix": { "flake": false, "locked": { - "lastModified": 1723503926, - "narHash": "sha256-Rosl9iA9MybF5Bud4BTAQ9adbY81aGmPfV8dDBGl34s=", - "rev": "bcaeb6388b8916ac6d1736e3aa2b13313e6a6bd2", + "lastModified": 1729298361, + "narHash": "sha256-hiGtfzxFkDc9TSYsb96Whg0vnqBVV7CUxyscZNhed0U=", + "rev": "ad9d06f7838a25beec425ff406fe68721fef73be", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/bcaeb6388b8916ac6d1736e3aa2b13313e6a6bd2.tar.gz?rev=bcaeb6388b8916ac6d1736e3aa2b13313e6a6bd2" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/ad9d06f7838a25beec425ff406fe68721fef73be.tar.gz?rev=ad9d06f7838a25beec425ff406fe68721fef73be" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/lix/archive/2.91.0.tar.gz" + "url": "https://git.lix.systems/lix-project/lix/archive/2.91.1.tar.gz" } }, "lix-module": { @@ -180,15 +180,15 @@ ] }, "locked": { - "lastModified": 1723510904, - "narHash": "sha256-zNW/rqNJwhq2lYmQf19wJerRuNimjhxHKmzrWWFJYts=", - "rev": "622a2253a071a1fb97a4d3c8103a91114acc1140", + "lastModified": 1729360442, + "narHash": "sha256-6U0CyPycIBc04hbYy2hBINnVso58n/ZyywY2BD3hu+s=", + "rev": "9098ac95768f7006d7e070b88bae76939f6034e6", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/622a2253a071a1fb97a4d3c8103a91114acc1140.tar.gz?rev=622a2253a071a1fb97a4d3c8103a91114acc1140" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/9098ac95768f7006d7e070b88bae76939f6034e6.tar.gz?rev=9098ac95768f7006d7e070b88bae76939f6034e6" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.0.tar.gz" + "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz" } }, "nixos-hardware": { diff --git a/flake.nix b/flake.nix index 2689e2e..909e821 100644 --- a/flake.nix +++ b/flake.nix @@ -51,7 +51,7 @@ }; lix-module = { - url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.0.tar.gz"; + url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; }; }; From 2776dce09c314e9d7c61b8b43240004d0911f3a4 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 27 Oct 2024 17:35:38 +0100 Subject: [PATCH 124/309] talos: bump kernel to 6.11 --- hosts/talos/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 9ed3dd0..5ee9cd2 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -16,7 +16,7 @@ ./secrets.nix ]; - boot.kernelPackages = pkgs.linuxPackages_6_10; + boot.kernelPackages = pkgs.linuxPackages_6_11; # Set Wi-Fi regulatory domain. Currently always set to '00' (world), and could # lead to bad Wi-Fi performance boot.kernelParams = ["cfg80211.ieee80211_regdom=FR"]; From e12f7feefcedfb2775d0351e24a27085fd795ba6 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 27 Oct 2024 17:37:31 +0100 Subject: [PATCH 125/309] talos: enable v4l2 virtual camera module --- hosts/talos/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 5ee9cd2..02dff05 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -20,6 +20,12 @@ # Set Wi-Fi regulatory domain. Currently always set to '00' (world), and could # lead to bad Wi-Fi performance boot.kernelParams = ["cfg80211.ieee80211_regdom=FR"]; + boot.extraModulePackages = with config.boot.kernelPackages; [ + v4l2loopback + ]; + boot.extraModprobeConfig = '' + options v4l2loopback devices=1 video_nr=1 card_label="OBS Cam" exclusive_caps=1 + ''; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot = { From 8dae794e1198cab79bbdcce963fc7744d16907a5 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 27 Oct 2024 17:45:09 +0100 Subject: [PATCH 126/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/cc2d3c0e060f981905d52337340ee6ec8b8eb037' (2024-10-21) → 'github:NixOS/nixos-hardware/e8a2f6d5513fe7b7d15701b2d05404ffdc3b6dda' (2024-10-24) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/a9b86fc2290b69375c5542b622088eb6eca2a7c3' (2024-10-19) → 'github:NixOS/nixpkgs/cd3e8833d70618c4eea8df06f95b364b016d4950' (2024-10-26) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 450f929..8877e1c 100644 --- a/flake.lock +++ b/flake.lock @@ -193,11 +193,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1729509737, - "narHash": "sha256-8OHgqz+tFo21h3hg4/GHizFPws+MMzpEru/+62Z0E8c=", + "lastModified": 1729742320, + "narHash": "sha256-u3Of8xRkN//me8PU+RucKA59/6RNy4B2jcGAF36P4jI=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "cc2d3c0e060f981905d52337340ee6ec8b8eb037", + "rev": "e8a2f6d5513fe7b7d15701b2d05404ffdc3b6dda", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1729307008, - "narHash": "sha256-QUvb6epgKi9pCu9CttRQW4y5NqJ+snKr1FZpG/x3Wtc=", + "lastModified": 1729973466, + "narHash": "sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a9b86fc2290b69375c5542b622088eb6eca2a7c3", + "rev": "cd3e8833d70618c4eea8df06f95b364b016d4950", "type": "github" }, "original": { From 0088a8f7e0149db57e91256c46961288c19b0b53 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 30 Oct 2024 14:55:58 +0100 Subject: [PATCH 127/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/e8a2f6d5513fe7b7d15701b2d05404ffdc3b6dda' (2024-10-24) → 'github:NixOS/nixos-hardware/07d15e8990d5d86a631641b4c429bc0a7400cfb8' (2024-10-29) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/cd3e8833d70618c4eea8df06f95b364b016d4950' (2024-10-26) → 'github:NixOS/nixpkgs/64b80bfb316b57cdb8919a9110ef63393d74382a' (2024-10-28) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 8877e1c..a4c371e 100644 --- a/flake.lock +++ b/flake.lock @@ -193,11 +193,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1729742320, - "narHash": "sha256-u3Of8xRkN//me8PU+RucKA59/6RNy4B2jcGAF36P4jI=", + "lastModified": 1730161780, + "narHash": "sha256-z5ILcmwMtiCoHTXS1KsQWqigO7HJO8sbyK7f7wn9F/E=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "e8a2f6d5513fe7b7d15701b2d05404ffdc3b6dda", + "rev": "07d15e8990d5d86a631641b4c429bc0a7400cfb8", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1729973466, - "narHash": "sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk=", + "lastModified": 1730137625, + "narHash": "sha256-9z8oOgFZiaguj+bbi3k4QhAD6JabWrnv7fscC/mt0KE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cd3e8833d70618c4eea8df06f95b364b016d4950", + "rev": "64b80bfb316b57cdb8919a9110ef63393d74382a", "type": "github" }, "original": { From 632f7a19bb283dbd589612f6f62199ed21d8864b Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 6 Nov 2024 12:57:29 +0100 Subject: [PATCH 128/309] boreal: fix i3 disappearing from login manager hadn't updated the desktop in a while --- hosts/boreal/default.nix | 2 ++ hosts/boreal/home.nix | 1 + 2 files changed, 3 insertions(+) diff --git a/hosts/boreal/default.nix b/hosts/boreal/default.nix index ed2cbd8..ba197e9 100644 --- a/hosts/boreal/default.nix +++ b/hosts/boreal/default.nix @@ -29,6 +29,8 @@ ntfs = true; }; + services.xserver.windowManager.i3.enable = true; + services.btrfs = { autoScrub = { enable = true; diff --git a/hosts/boreal/home.nix b/hosts/boreal/home.nix index 1f18d17..1ee6fbe 100644 --- a/hosts/boreal/home.nix +++ b/hosts/boreal/home.nix @@ -8,6 +8,7 @@ # Keyboard settings & i3 settings my.home.x.enable = true; + my.home.x.i3.enable = true; my.home.x.i3bar.temperature.chip = "k10temp-pci-*"; my.home.x.i3bar.temperature.inputs = ["Tccd1"]; my.home.x.i3bar.networking.throughput_interfaces = ["enp8s0" "wlp4s0"]; From 8e6ecd3b622c9a03e347e87f61186665c097943a Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 7 Nov 2024 15:19:13 +0100 Subject: [PATCH 129/309] boreal: disable unused wakeonlan it sometimes errors out if interface isn't up anyway --- hosts/boreal/default.nix | 8 -------- 1 file changed, 8 deletions(-) diff --git a/hosts/boreal/default.nix b/hosts/boreal/default.nix index ba197e9..a28b179 100644 --- a/hosts/boreal/default.nix +++ b/hosts/boreal/default.nix @@ -94,14 +94,6 @@ isNvidia = true; }; - my.wakeonwlan.interfaces.phy0.methods = [ - "magic-packet" - "disconnect" - "gtk-rekey-failure" - "eap-identity-request" - "rfkill-release" - ]; - services.udev.packages = [pkgs.chrysalis]; hardware.bluetooth = { From 4ebe512e2717f35d89879aca06453ed857e8a785 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 7 Nov 2024 15:20:15 +0100 Subject: [PATCH 130/309] boreal: nvidia driver changes Use the open source driver, and enable modesetting (a requirement for wayland) --- hosts/boreal/default.nix | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/hosts/boreal/default.nix b/hosts/boreal/default.nix index a28b179..5c2e2e6 100644 --- a/hosts/boreal/default.nix +++ b/hosts/boreal/default.nix @@ -96,8 +96,14 @@ services.udev.packages = [pkgs.chrysalis]; - hardware.bluetooth = { - enable = true; - powerOnBoot = false; + hardware = { + bluetooth = { + enable = true; + powerOnBoot = false; + }; + nvidia = { + open = true; + modesetting.enable = true; + }; }; } From 954fd0f8dc19a91f87c40b0c8b37c49a44ba5276 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 8 Nov 2024 17:01:34 +0100 Subject: [PATCH 131/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/07d15e8990d5d86a631641b4c429bc0a7400cfb8' (2024-10-29) → 'github:NixOS/nixos-hardware/e1cc1f6483393634aee94514186d21a4871e78d7' (2024-11-06) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/64b80bfb316b57cdb8919a9110ef63393d74382a' (2024-10-28) → 'github:NixOS/nixpkgs/dba414932936fde69f0606b4f1d87c5bc0003ede' (2024-11-06) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index a4c371e..1d51867 100644 --- a/flake.lock +++ b/flake.lock @@ -193,11 +193,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1730161780, - "narHash": "sha256-z5ILcmwMtiCoHTXS1KsQWqigO7HJO8sbyK7f7wn9F/E=", + "lastModified": 1730919458, + "narHash": "sha256-yMO0T0QJlmT/x4HEyvrCyigGrdYfIXX3e5gWqB64wLg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "07d15e8990d5d86a631641b4c429bc0a7400cfb8", + "rev": "e1cc1f6483393634aee94514186d21a4871e78d7", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1730137625, - "narHash": "sha256-9z8oOgFZiaguj+bbi3k4QhAD6JabWrnv7fscC/mt0KE=", + "lastModified": 1730883749, + "narHash": "sha256-mwrFF0vElHJP8X3pFCByJR365Q2463ATp2qGIrDUdlE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "64b80bfb316b57cdb8919a9110ef63393d74382a", + "rev": "dba414932936fde69f0606b4f1d87c5bc0003ede", "type": "github" }, "original": { From 1daa246ecd57b81b98b84df6b33f736c90464648 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 8 Nov 2024 17:23:02 +0100 Subject: [PATCH 132/309] modules: sddm: enable wayland by default --- modules/sddm.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/sddm.nix b/modules/sddm.nix index 41941ba..d35ec12 100644 --- a/modules/sddm.nix +++ b/modules/sddm.nix @@ -18,6 +18,7 @@ in { services.displayManager.sddm = { enable = true; theme = "sugar-candy"; + wayland.enable = true; }; environment.systemPackages = builtins.attrValues { From 36f51a94c2005e85174d24f31edcb22ce5138ed0 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 8 Nov 2024 17:23:32 +0100 Subject: [PATCH 133/309] modules: sddm: switch to catppuccin theme --- modules/sddm.nix | 21 +++++++-------------- 1 file changed, 7 insertions(+), 14 deletions(-) diff --git a/modules/sddm.nix b/modules/sddm.nix index d35ec12..de57ae5 100644 --- a/modules/sddm.nix +++ b/modules/sddm.nix @@ -17,22 +17,15 @@ in { config = mkIf cfg.enable { services.displayManager.sddm = { enable = true; - theme = "sugar-candy"; + theme = "catppuccin-latte"; wayland.enable = true; }; - environment.systemPackages = builtins.attrValues { - inherit - (pkgs.packages) - sddm-sugar-candy - ; - - inherit - (pkgs.libsForQt5.qt5) - qtgraphicaleffects - qtquickcontrols2 - qtsvg - ; - }; + environment.systemPackages = [ + (pkgs.catppuccin-sddm.override + { + flavor = "latte"; + }) + ]; }; } From 4e91ecee7bbdc216416427784888f4e5663b6348 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 8 Nov 2024 17:48:30 +0100 Subject: [PATCH 134/309] talos: switch back to default sddm setup --- hosts/talos/default.nix | 5 ----- 1 file changed, 5 deletions(-) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 02dff05..5264e2b 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -130,7 +130,6 @@ }; my.gui.enable = true; - my.displayManager.sddm.enable = lib.mkForce false; hardware.bluetooth = { enable = true; @@ -157,10 +156,6 @@ services.xserver.enable = true; # Enable the KDE Plasma Desktop Environment. - services.displayManager.sddm = { - enable = true; - wayland.enable = true; - }; services.desktopManager.plasma6.enable = true; services.power-profiles-daemon.enable = true; From 9d05ec3f405a8db2b70bbec58d276563e555aa04 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 15 Nov 2024 13:40:24 +0100 Subject: [PATCH 135/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/e1cc1f6483393634aee94514186d21a4871e78d7' (2024-11-06) → 'github:NixOS/nixos-hardware/f6581f1c3b137086e42a08a906bdada63045f991' (2024-11-12) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/dba414932936fde69f0606b4f1d87c5bc0003ede' (2024-11-06) → 'github:NixOS/nixpkgs/689fed12a013f56d4c4d3f612489634267d86529' (2024-11-12) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 1d51867..663a3bd 100644 --- a/flake.lock +++ b/flake.lock @@ -193,11 +193,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1730919458, - "narHash": "sha256-yMO0T0QJlmT/x4HEyvrCyigGrdYfIXX3e5gWqB64wLg=", + "lastModified": 1731403644, + "narHash": "sha256-T9V7CTucjRZ4Qc6pUEV/kpgNGzQbHWfGcfK6JJLfUeI=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "e1cc1f6483393634aee94514186d21a4871e78d7", + "rev": "f6581f1c3b137086e42a08a906bdada63045f991", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1730883749, - "narHash": "sha256-mwrFF0vElHJP8X3pFCByJR365Q2463ATp2qGIrDUdlE=", + "lastModified": 1731386116, + "narHash": "sha256-lKA770aUmjPHdTaJWnP3yQ9OI1TigenUqVC3wweqZuI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "dba414932936fde69f0606b4f1d87c5bc0003ede", + "rev": "689fed12a013f56d4c4d3f612489634267d86529", "type": "github" }, "original": { From 18dcb10313219386241b788d3d3531657d68fa5f Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 15 Nov 2024 14:28:39 +0100 Subject: [PATCH 136/309] flake: remove old commented out line --- flake.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/flake.nix b/flake.nix index 909e821..5c1ae08 100644 --- a/flake.nix +++ b/flake.nix @@ -90,8 +90,6 @@ inherit system; config.allowUnfree = true; }; - - # power-profiles-daemon = self.unstable.power-profiles-daemon; }) agenix.overlays.default From cd6295ff6b4f5acfe59f3d456c48a71c29e95b6e Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 15 Nov 2024 15:45:56 +0100 Subject: [PATCH 137/309] ci: use flake devshell to check formatting This should fix the alejandra version mismatch failures --- .github/workflows/cachix.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cachix.yaml b/.github/workflows/cachix.yaml index c14e1ea..87aad8c 100644 --- a/.github/workflows/cachix.yaml +++ b/.github/workflows/cachix.yaml @@ -15,10 +15,10 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: cachix/install-nix-action@v25 + - uses: cachix/install-nix-action@v27 - name: Run alejandra - run: nix run nixpkgs#alejandra -- --check . + run: nix develop --command alejandra --check . flake-check: name: Flake check From a7204f7cf4dbd61abcfb7faaa45cb35e2ac66160 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 18 Nov 2024 11:52:57 +0100 Subject: [PATCH 138/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/f6581f1c3b137086e42a08a906bdada63045f991' (2024-11-12) → 'github:NixOS/nixos-hardware/672ac2ac86f7dff2f6f3406405bddecf960e0db6' (2024-11-16) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/689fed12a013f56d4c4d3f612489634267d86529' (2024-11-12) → 'github:NixOS/nixpkgs/e8c38b73aeb218e27163376a2d617e61a2ad9b59' (2024-11-16) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 663a3bd..c5c8ec8 100644 --- a/flake.lock +++ b/flake.lock @@ -193,11 +193,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1731403644, - "narHash": "sha256-T9V7CTucjRZ4Qc6pUEV/kpgNGzQbHWfGcfK6JJLfUeI=", + "lastModified": 1731797098, + "narHash": "sha256-UhWmEZhwJZmVZ1jfHZFzCg+ZLO9Tb/v3Y6LC0UNyeTo=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "f6581f1c3b137086e42a08a906bdada63045f991", + "rev": "672ac2ac86f7dff2f6f3406405bddecf960e0db6", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1731386116, - "narHash": "sha256-lKA770aUmjPHdTaJWnP3yQ9OI1TigenUqVC3wweqZuI=", + "lastModified": 1731797254, + "narHash": "sha256-df3dJApLPhd11AlueuoN0Q4fHo/hagP75LlM5K1sz9g=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "689fed12a013f56d4c4d3f612489634267d86529", + "rev": "e8c38b73aeb218e27163376a2d617e61a2ad9b59", "type": "github" }, "original": { From 259c93009835c8ae8fce1e7b5328ae24d65db1f9 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 18 Nov 2024 12:12:06 +0100 Subject: [PATCH 139/309] talos: restart sway setup --- hosts/talos/default.nix | 12 +++--- hosts/talos/home.nix | 94 ++++++++++++++++++++++++++++++++++++++++- 2 files changed, 98 insertions(+), 8 deletions(-) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 5264e2b..9a042c0 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -152,22 +152,20 @@ LC_TELEPHONE = "fr_FR.UTF-8"; }; - # Enable the X11 windowing system. - services.xserver.enable = true; - # Enable the KDE Plasma Desktop Environment. services.desktopManager.plasma6.enable = true; services.power-profiles-daemon.enable = true; environment.systemPackages = [ pkgs.unstable.zed-editor + pkgs.foot ]; #programs.hyprland.enable = true; - #programs.sway = { - # enable = true; - # wrapperFeatures.gtk = true; - #}; + programs.sway = { + enable = true; + wrapperFeatures.gtk = true; + }; # Copy the NixOS configuration file and link it from the resulting system # (/run/current-system/configuration.nix). This is useful in case you diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index f445684..476df1c 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -1,8 +1,14 @@ { config, + lib, pkgs, ... -}: { +}: let + inherit + (lib) + mkOptionDefault + ; +in { home-manager.users.alarsyo = { home.stateVersion = "23.11"; @@ -33,5 +39,91 @@ spot ; }; + + wayland.windowManager.sway = { + enable = true; + swaynag.enable = true; + wrapperFeatures.gtk = true; + config = { + modifier = "Mod4"; + input = { + "type:keyboard" = { + xkb_layout = "fr"; + xkb_variant = "us"; + }; + "type:touchpad" = { + dwt = "enabled"; + tap = "enabled"; + middle_emulation = "enabled"; + natural_scroll = "enabled"; + }; + }; + output = { + "eDP-1" = { + scale = "1.5"; + }; + }; + fonts = { + names = ["Iosevka Fixed" "FontAwesome6Free"]; + size = 9.0; + }; + bars = [ + { + mode = "dock"; + hiddenState = "hide"; + position = "top"; + workspaceButtons = true; + workspaceNumbers = true; + statusCommand = "${pkgs.i3status}/bin/i3status"; + fonts = { + names = ["Iosevka Fixed" "FontAwesome6Free"]; + size = 9.0; + }; + trayOutput = "primary"; + colors = { + background = "#000000"; + statusline = "#ffffff"; + separator = "#666666"; + focusedWorkspace = { + border = "#4c7899"; + background = "#285577"; + text = "#ffffff"; + }; + activeWorkspace = { + border = "#333333"; + background = "#5f676a"; + text = "#ffffff"; + }; + inactiveWorkspace = { + border = "#333333"; + background = "#222222"; + text = "#888888"; + }; + urgentWorkspace = { + border = "#2f343a"; + background = "#900000"; + text = "#ffffff"; + }; + bindingMode = { + border = "#2f343a"; + background = "#900000"; + text = "#ffffff"; + }; + }; + } + ]; + + keybindings = mkOptionDefault { + "Mod4+i" = "exec emacsclient --create-frame"; + }; + }; + }; + programs = { + fuzzel.enable = true; + swaylock.enable = true; + waybar = { + enable = true; + }; + }; }; } From e7c8757962bd9af31308a1e14b82afe2b5af09be Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 18 Nov 2024 12:13:46 +0100 Subject: [PATCH 140/309] ci: bump cachix actions --- .github/workflows/cachix.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/cachix.yaml b/.github/workflows/cachix.yaml index 87aad8c..658289b 100644 --- a/.github/workflows/cachix.yaml +++ b/.github/workflows/cachix.yaml @@ -26,9 +26,9 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: cachix/install-nix-action@v25 + - uses: cachix/install-nix-action@v27 - - uses: cachix/cachix-action@v14 + - uses: cachix/cachix-action@v15 with: name: alarsyo authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' @@ -55,9 +55,9 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: cachix/install-nix-action@v25 + - uses: cachix/install-nix-action@v27 - - uses: cachix/cachix-action@v14 + - uses: cachix/cachix-action@v15 with: name: alarsyo authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' @@ -83,9 +83,9 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: cachix/install-nix-action@v25 + - uses: cachix/install-nix-action@v27 - - uses: cachix/cachix-action@v14 + - uses: cachix/cachix-action@v15 with: name: alarsyo authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' From 8f88dc7a38b229d7ff31ca509cc2da2f2e74b3cb Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 18 Nov 2024 12:16:35 +0100 Subject: [PATCH 141/309] pkgs: spot: bump to 2.12.1 --- pkgs/spot/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/spot/default.nix b/pkgs/spot/default.nix index d454097..f9367f2 100644 --- a/pkgs/spot/default.nix +++ b/pkgs/spot/default.nix @@ -3,7 +3,7 @@ fetchurl, python3, }: let - version = "2.12"; + version = "2.12.1"; in stdenv.mkDerivation { inherit version; @@ -15,6 +15,6 @@ in src = fetchurl { url = "https://www.lrde.epita.fr/dload/spot/spot-${version}.tar.gz"; - sha256 = "sha256-JroHatV+xz0vrlSC1T4W2pXEeCJwdkfnhNjHzsDRBFU="; + sha256 = "sha256-VHfAjU4dBi8WTC5IaoNVaSXQfXDyGA3nBq96qUnG/1w="; }; } From 4a318041de8a1085048128f34630b781ffda0c56 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 18 Nov 2024 12:54:27 +0100 Subject: [PATCH 142/309] ci: try to improve disk space --- .github/workflows/cachix.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/cachix.yaml b/.github/workflows/cachix.yaml index 658289b..5af64f6 100644 --- a/.github/workflows/cachix.yaml +++ b/.github/workflows/cachix.yaml @@ -81,6 +81,9 @@ jobs: - thanatos steps: + - name: Delete huge unnecessary tools folder + run: rm -rf /opt/hostedtoolcache + - uses: actions/checkout@v4 - uses: cachix/install-nix-action@v27 From cf336faa2d3626c78890fa77dba4e3545e3f1a0b Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 7 Nov 2024 15:21:15 +0100 Subject: [PATCH 143/309] base: gui: add chrysalis globally --- base/gui-programs.nix | 3 +++ hosts/boreal/default.nix | 2 -- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/base/gui-programs.nix b/base/gui-programs.nix index 7431a12..3586d81 100644 --- a/base/gui-programs.nix +++ b/base/gui-programs.nix @@ -53,12 +53,15 @@ in { enable = true; cups-pdf.enable = true; }; + + udev.packages = [pkgs.chrysalis]; }; environment.systemPackages = builtins.attrValues { inherit (pkgs) arandr + chrysalis discord feh ffmpeg diff --git a/hosts/boreal/default.nix b/hosts/boreal/default.nix index 5c2e2e6..67f9a3c 100644 --- a/hosts/boreal/default.nix +++ b/hosts/boreal/default.nix @@ -94,8 +94,6 @@ isNvidia = true; }; - services.udev.packages = [pkgs.chrysalis]; - hardware = { bluetooth = { enable = true; From 3b309371cd302ef3d9c49d8a3bf6cb93f9fe5ae3 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 7 Nov 2024 15:38:39 +0100 Subject: [PATCH 144/309] boreal: disable X11 SSH forwarding --- hosts/boreal/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/hosts/boreal/default.nix b/hosts/boreal/default.nix index 67f9a3c..56a7222 100644 --- a/hosts/boreal/default.nix +++ b/hosts/boreal/default.nix @@ -86,7 +86,6 @@ services = { openssh = { enable = true; - forwardX11 = true; }; }; my.gui = { From 92174a888fc706b777895075913921423102dd42 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 19 Nov 2024 14:42:38 +0100 Subject: [PATCH 145/309] home: tridactyl: add ignore for teams --- home/tridactylrc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/home/tridactylrc b/home/tridactylrc index 9b74c6c..bad4eaa 100644 --- a/home/tridactylrc +++ b/home/tridactylrc @@ -38,3 +38,6 @@ blacklistadd localhost blacklistadd netflix.com blacklistadd primevideo.com blacklistadd youtube.com + +" prevent teams from crashing +seturl teams.microsoft.com superignore true From c88a7c247544040a88344b45aea273de23cddffc Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 20 Nov 2024 11:01:35 +0100 Subject: [PATCH 146/309] thanatos: setup gitlab-runner --- hosts/thanatos/default.nix | 10 ++++++++++ hosts/thanatos/secrets.nix | 1 + modules/secrets/gitlab-runner/thanatos-runner-env.age | 7 +++++++ modules/secrets/secrets.nix | 2 ++ 4 files changed, 20 insertions(+) create mode 100644 modules/secrets/gitlab-runner/thanatos-runner-env.age diff --git a/hosts/thanatos/default.nix b/hosts/thanatos/default.nix index 15cf5ce..50e22ea 100644 --- a/hosts/thanatos/default.nix +++ b/hosts/thanatos/default.nix @@ -35,6 +35,16 @@ in { }; services = { + gitlab-runner = { + enable = true; + settings = { + concurrent = 4; + }; + services.default = { + authenticationTokenConfigFile = config.age.secrets."gitlab-runner/thanatos-runner-env".path; + dockerImage = "debian:stable"; + }; + }; openssh.enable = true; }; diff --git a/hosts/thanatos/secrets.nix b/hosts/thanatos/secrets.nix index 3fbc379..c44e1f8 100644 --- a/hosts/thanatos/secrets.nix +++ b/hosts/thanatos/secrets.nix @@ -15,6 +15,7 @@ lib.mapAttrs toSecret { "users/alarsyo-hashed-password" = {}; "users/root-hashed-password" = {}; + "gitlab-runner/thanatos-runner-env" = {}; }; }; } diff --git a/modules/secrets/gitlab-runner/thanatos-runner-env.age b/modules/secrets/gitlab-runner/thanatos-runner-env.age new file mode 100644 index 0000000..436d4f8 --- /dev/null +++ b/modules/secrets/gitlab-runner/thanatos-runner-env.age @@ -0,0 +1,7 @@ +age-encryption.org/v1 +-> ssh-ed25519 k2gHjw naNq55qkAm47KXPJpYFDjVQuxPz2Ffpima5z1WEqRSA +ETC3Hh4gglwYpiJCu/EGOUzjN3BJYk8yJshMeMkgYug +-> ssh-ed25519 6UUuZw Azk9jDbUL/nO20lvzs0s36q/4ZcWSpkUbt1J/PE7A2M +kPKHGLoWHDpFhsRr+CBteWKYsDw0dn/+IKbrh/5qMoE +--- g1akMn28voSQByQR9/ArJ4CsQehcwJ7MfCco+k2fPWo + YMZ:{R^n~wPah8T'hcme(Xx=7ˢ[4@b=&Y;[߿kk>540G̟Qw \ No newline at end of file diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index 40ca77c..1796e74 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -13,6 +13,8 @@ let in { "gandi/api-key.age".publicKeys = [alarsyo hades]; + "gitlab-runner/thanatos-runner-env.age".publicKeys = [alarsyo thanatos]; + "lohr/shared-secret.age".publicKeys = [alarsyo hades]; "matrix-synapse/secret-config.age".publicKeys = [alarsyo hades]; From e13a9125d801200baedce4c6447bcd671928816d Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 20 Nov 2024 13:31:46 +0100 Subject: [PATCH 147/309] thanatos: add Nix runner --- hosts/thanatos/default.nix | 46 ++++++++++++++++-- hosts/thanatos/secrets.nix | 1 + .../gitlab-runner/thanatos-nix-runner-env.age | Bin 0 -> 406 bytes modules/secrets/secrets.nix | 1 + 4 files changed, 45 insertions(+), 3 deletions(-) create mode 100644 modules/secrets/gitlab-runner/thanatos-nix-runner-env.age diff --git a/hosts/thanatos/default.nix b/hosts/thanatos/default.nix index 50e22ea..ab960eb 100644 --- a/hosts/thanatos/default.nix +++ b/hosts/thanatos/default.nix @@ -40,9 +40,49 @@ in { settings = { concurrent = 4; }; - services.default = { - authenticationTokenConfigFile = config.age.secrets."gitlab-runner/thanatos-runner-env".path; - dockerImage = "debian:stable"; + services = { + nix = { + authenticationTokenConfigFile = config.age.secrets."gitlab-runner/thanatos-nix-runner-env".path; + dockerImage = "alpine"; + dockerVolumes = [ + "/nix/store:/nix/store:ro" + "/nix/var/nix/db:/nix/var/nix/db:ro" + "/nix/var/nix/daemon-socket:/nix/var/nix/daemon-socket:ro" + ]; + dockerDisableCache = true; + preBuildScript = pkgs.writeScript "setup-container" '' + mkdir -p -m 0755 /nix/var/log/nix/drvs + mkdir -p -m 0755 /nix/var/nix/gcroots + mkdir -p -m 0755 /nix/var/nix/profiles + mkdir -p -m 0755 /nix/var/nix/temproots + mkdir -p -m 0755 /nix/var/nix/userpool + mkdir -p -m 1777 /nix/var/nix/gcroots/per-user + mkdir -p -m 1777 /nix/var/nix/profiles/per-user + mkdir -p -m 0755 /nix/var/nix/profiles/per-user/root + mkdir -p -m 0700 "$HOME/.nix-defexpr" + + . ${pkgs.nix}/etc/profile.d/nix.sh + + ${pkgs.nix}/bin/nix-env -i ${lib.concatStringsSep " " (with pkgs; [nix cacert git openssh])} + + ${pkgs.nix}/bin/nix-channel --add https://nixos.org/channels/nixpkgs-unstable + ${pkgs.nix}/bin/nix-channel --update nixpkgs + + mkdir -p ~/.config/nix + echo "experimental-features = nix-command flakes" > ~/.config/nix/nix.conf + ''; + environmentVariables = { + ENV = "/etc/profile"; + USER = "root"; + NIX_REMOTE = "daemon"; + PATH = "/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/default/sbin:/bin:/sbin:/usr/bin:/usr/sbin"; + NIX_SSL_CERT_FILE = "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"; + }; + }; + default = { + authenticationTokenConfigFile = config.age.secrets."gitlab-runner/thanatos-runner-env".path; + dockerImage = "debian:stable"; + }; }; }; openssh.enable = true; diff --git a/hosts/thanatos/secrets.nix b/hosts/thanatos/secrets.nix index c44e1f8..bd58902 100644 --- a/hosts/thanatos/secrets.nix +++ b/hosts/thanatos/secrets.nix @@ -16,6 +16,7 @@ "users/alarsyo-hashed-password" = {}; "users/root-hashed-password" = {}; "gitlab-runner/thanatos-runner-env" = {}; + "gitlab-runner/thanatos-nix-runner-env" = {}; }; }; } diff --git a/modules/secrets/gitlab-runner/thanatos-nix-runner-env.age b/modules/secrets/gitlab-runner/thanatos-nix-runner-env.age new file mode 100644 index 0000000000000000000000000000000000000000..391995782a3855fe47c30efe2524a59ccb5480b0 GIT binary patch literal 406 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCU7HcI!%Dpx2iEq3-Z z(JxQQ)(@;ojnFPGsB$xQ&G#<$C^E>+&Ik@qNpnrr_K7M9wBXA0G4Kzoa`Uk?b`7em zbT_UHGfzuO&G$+z*Y-@$Ev^dm^QkDw@GL8up*tx{Tq$DWc*vTu($+ODSEs{%DS63m=(4!zMP1~q6$}(8HG`lEF+p)~Y(A2{+ z(b&z$&BDapEib3gEHJ;YGMQ^4?>^@|1#wT2pYMGZY+|aNbWHZ}tDAv8Ubh`%yup3h z!Sd?9Lz~$XC(Su4JMlD++_J?9`O&TqUcL{nSa6~_mnUTHx|y#2e||MjDt8Q4jlH?& qu+l=83Fp@wh`&*^wMU@7cl9wfmTmj1x1MK>eIrsO7CwvNN;m)k=$8%v literal 0 HcmV?d00001 diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index 1796e74..a31f59c 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -14,6 +14,7 @@ in { "gandi/api-key.age".publicKeys = [alarsyo hades]; "gitlab-runner/thanatos-runner-env.age".publicKeys = [alarsyo thanatos]; + "gitlab-runner/thanatos-nix-runner-env.age".publicKeys = [alarsyo thanatos]; "lohr/shared-secret.age".publicKeys = [alarsyo hades]; From f6d04359f6438801c3607ef8d58c44189d000e1f Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 25 Nov 2024 14:59:19 +0100 Subject: [PATCH 148/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/672ac2ac86f7dff2f6f3406405bddecf960e0db6' (2024-11-16) → 'github:NixOS/nixos-hardware/45348ad6fb8ac0e8415f6e5e96efe47dd7f39405' (2024-11-24) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c5c8ec8..fc56d16 100644 --- a/flake.lock +++ b/flake.lock @@ -193,11 +193,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1731797098, - "narHash": "sha256-UhWmEZhwJZmVZ1jfHZFzCg+ZLO9Tb/v3Y6LC0UNyeTo=", + "lastModified": 1732483221, + "narHash": "sha256-kF6rDeCshoCgmQz+7uiuPdREVFuzhIorGOoPXMalL2U=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "672ac2ac86f7dff2f6f3406405bddecf960e0db6", + "rev": "45348ad6fb8ac0e8415f6e5e96efe47dd7f39405", "type": "github" }, "original": { From 51e44c05d5383f18be7310e901ca2f0cd5bc6742 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 1 Dec 2024 17:23:43 +0100 Subject: [PATCH 149/309] flake: upgrade to NixOS 24.11 --- flake.lock | 16 ++++++++-------- flake.nix | 4 ++-- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/flake.lock b/flake.lock index fc56d16..1d5f993 100644 --- a/flake.lock +++ b/flake.lock @@ -142,16 +142,16 @@ ] }, "locked": { - "lastModified": 1726989464, - "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=", + "lastModified": 1732466619, + "narHash": "sha256-T1e5oceypZu3Q8vzICjv1X/sGs9XfJRMW5OuXHgpB3c=", "owner": "nix-community", "repo": "home-manager", - "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176", + "rev": "f3111f62a23451114433888902a55cf0692b408d", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-24.05", + "ref": "release-24.11", "repo": "home-manager", "type": "github" } @@ -257,16 +257,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1731797254, - "narHash": "sha256-df3dJApLPhd11AlueuoN0Q4fHo/hagP75LlM5K1sz9g=", + "lastModified": 1732981179, + "narHash": "sha256-F7thesZPvAMSwjRu0K8uFshTk3ZZSNAsXTIFvXBT+34=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e8c38b73aeb218e27163376a2d617e61a2ad9b59", + "rev": "62c435d93bf046a5396f3016472e8f7c8e2aed65", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-24.05", + "ref": "nixos-24.11", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 5c1ae08..a022c53 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,7 @@ type = "github"; owner = "NixOS"; repo = "nixpkgs"; - ref = "nixos-24.05"; + ref = "nixos-24.11"; }; nixpkgs-unstable-small = { @@ -25,7 +25,7 @@ type = "github"; owner = "nix-community"; repo = "home-manager"; - ref = "release-24.05"; + ref = "release-24.11"; inputs.nixpkgs.follows = "nixpkgs"; }; From 3678a6f5419b5eaf63070e35ec7d95c7175be151 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 1 Dec 2024 17:39:56 +0100 Subject: [PATCH 150/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'agenix': 'github:ryantm/agenix/c2fc0762bbe8feb06a2e59a364fa81b3a57671c9' (2024-05-24) → 'github:ryantm/agenix/f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41' (2024-08-10) • Updated input 'disko': 'github:nix-community/disko/8ea5bcccc03111bdedaeaae9380dfab61e9deb33' (2024-05-30) → 'github:nix-community/disko/2814a5224a47ca19e858e027f7e8bff74a8ea9f1' (2024-11-30) • Updated input 'disko/nixpkgs': 'github:NixOS/nixpkgs/4a3fc4cf736b7d2d288d7a8bf775ac8d4c0920b4' (2024-05-28) → 'github:NixOS/nixpkgs/8edf06bea5bcbee082df1b7369ff973b91618b8d' (2024-11-22) • Updated input 'flake-utils': 'github:numtide/flake-utils/b1d9ab70662946ef0850d488da1c9019f3a9752a' (2024-03-11) → 'github:numtide/flake-utils/11707dc2f618dd54ca8739b309ec4fc024de578b' (2024-11-13) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/45348ad6fb8ac0e8415f6e5e96efe47dd7f39405' (2024-11-24) → 'github:NixOS/nixos-hardware/fe01780d356d70fd119a19277bff71d3e78dad00' (2024-12-01) • Updated input 'nixpkgs-unstable-small': 'github:NixOS/nixpkgs/a5e6a9e979367ee14f65d9c38119c30272f8455f' (2024-10-21) → 'github:NixOS/nixpkgs/767b0e3398fb899d0c88a9f7aecf30dd1cad3166' (2024-12-01) --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index 1d5f993..04da1bd 100644 --- a/flake.lock +++ b/flake.lock @@ -8,11 +8,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1716561646, - "narHash": "sha256-UIGtLO89RxKt7RF2iEgPikSdU53r6v/6WYB0RW3k89I=", + "lastModified": 1723293904, + "narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=", "owner": "ryantm", "repo": "agenix", - "rev": "c2fc0762bbe8feb06a2e59a364fa81b3a57671c9", + "rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41", "type": "github" }, "original": { @@ -48,11 +48,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1717032306, - "narHash": "sha256-s3Sis+M1qTSVIehHrEKBzHBpqprIFJli5V6WojkJnYE=", + "lastModified": 1732988076, + "narHash": "sha256-2uMaVAZn7fiyTUGhKgleuLYe5+EAAYB/diKxrM7g3as=", "owner": "nix-community", "repo": "disko", - "rev": "8ea5bcccc03111bdedaeaae9380dfab61e9deb33", + "rev": "2814a5224a47ca19e858e027f7e8bff74a8ea9f1", "type": "github" }, "original": { @@ -67,11 +67,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "owner": "numtide", "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", "type": "github" }, "original": { @@ -193,11 +193,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1732483221, - "narHash": "sha256-kF6rDeCshoCgmQz+7uiuPdREVFuzhIorGOoPXMalL2U=", + "lastModified": 1733066523, + "narHash": "sha256-aQorWITXZu7b095UwnpUvcGt9dNJie/GO9r4hZfe2sU=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "45348ad6fb8ac0e8415f6e5e96efe47dd7f39405", + "rev": "fe01780d356d70fd119a19277bff71d3e78dad00", "type": "github" }, "original": { @@ -225,11 +225,11 @@ }, "nixpkgs-unstable-small": { "locked": { - "lastModified": 1729493358, - "narHash": "sha256-Ti+Y9nWt5Fcs3JlarxLPgIOVlbqQo7jobz/qOwOaziM=", + "lastModified": 1733038015, + "narHash": "sha256-kIKqS3093Xz5vuvSLk0x1hqo2pFaGwMjnwr3qrTBkzk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a5e6a9e979367ee14f65d9c38119c30272f8455f", + "rev": "767b0e3398fb899d0c88a9f7aecf30dd1cad3166", "type": "github" }, "original": { @@ -241,11 +241,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1716914467, - "narHash": "sha256-KkT6YM/yNQqirtYj/frn6RRakliB8RDvGqVGGaNhdcU=", + "lastModified": 1732238832, + "narHash": "sha256-sQxuJm8rHY20xq6Ah+GwIUkF95tWjGRd1X8xF+Pkk38=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4a3fc4cf736b7d2d288d7a8bf775ac8d4c0920b4", + "rev": "8edf06bea5bcbee082df1b7369ff973b91618b8d", "type": "github" }, "original": { From e18bac41e2662c1faf23ae7eebfcc50ff6914bcb Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 1 Dec 2024 17:41:27 +0100 Subject: [PATCH 151/309] flake: upgrade lix flake to 2.91.1-2 --- flake.lock | 10 +++++----- flake.nix | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 04da1bd..c456fad 100644 --- a/flake.lock +++ b/flake.lock @@ -180,15 +180,15 @@ ] }, "locked": { - "lastModified": 1729360442, - "narHash": "sha256-6U0CyPycIBc04hbYy2hBINnVso58n/ZyywY2BD3hu+s=", - "rev": "9098ac95768f7006d7e070b88bae76939f6034e6", + "lastModified": 1732605668, + "narHash": "sha256-DN5/166jhiiAW0Uw6nueXaGTueVxhfZISAkoxasmz/g=", + "rev": "f19bd752910bbe3a861c9cad269bd078689d50fe", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/9098ac95768f7006d7e070b88bae76939f6034e6.tar.gz?rev=9098ac95768f7006d7e070b88bae76939f6034e6" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/f19bd752910bbe3a861c9cad269bd078689d50fe.tar.gz?rev=f19bd752910bbe3a861c9cad269bd078689d50fe" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz" + "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-2.tar.gz" } }, "nixos-hardware": { diff --git a/flake.nix b/flake.nix index a022c53..09c2017 100644 --- a/flake.nix +++ b/flake.nix @@ -51,7 +51,7 @@ }; lix-module = { - url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz"; + url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-2.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; }; }; From e7c8e9ac5ae07bd666ac6abb415b7edeef7bc83f Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 1 Dec 2024 17:58:53 +0100 Subject: [PATCH 152/309] run alejandra new version --- base/programs.nix | 3 --- home/emacs.nix | 3 +-- home/x/i3bar.nix | 1 - hosts/boreal/home.nix | 2 -- 4 files changed, 1 insertion(+), 8 deletions(-) diff --git a/base/programs.nix b/base/programs.nix index cc111fb..3655de8 100644 --- a/base/programs.nix +++ b/base/programs.nix @@ -21,7 +21,6 @@ inherit (pkgs) # shell usage - bat fd file @@ -31,7 +30,6 @@ pciutils usbutils # development - git git-crypt git-lfs @@ -40,7 +38,6 @@ python3 vim # terminal utilities - htop unzip zip diff --git a/home/emacs.nix b/home/emacs.nix index 091846e..5935972 100644 --- a/home/emacs.nix +++ b/home/emacs.nix @@ -24,9 +24,8 @@ in { inherit (pkgs) sqlite # needed by org-roam - + # fonts used by my config - emacs-all-the-icons-fonts iosevka-bin ; diff --git a/home/x/i3bar.nix b/home/x/i3bar.nix index 580b65e..3ac8b63 100644 --- a/home/x/i3bar.nix +++ b/home/x/i3bar.nix @@ -41,7 +41,6 @@ in { inherit (pkgs) # FIXME: is this useful? - font-awesome ; }; diff --git a/hosts/boreal/home.nix b/hosts/boreal/home.nix index 1ee6fbe..f7425b6 100644 --- a/hosts/boreal/home.nix +++ b/hosts/boreal/home.nix @@ -20,13 +20,11 @@ inherit (pkgs) # some websites only work there :( - chromium darktable hugin enblend-enfuse # dev - rustup ; From df3908daeb9cbb389e3de92840a9b24a7b2cfa8e Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 1 Dec 2024 18:05:15 +0100 Subject: [PATCH 153/309] services: pipewire: sound option no longer exists --- services/pipewire.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/services/pipewire.nix b/services/pipewire.nix index 04d8135..913cc28 100644 --- a/services/pipewire.nix +++ b/services/pipewire.nix @@ -22,8 +22,6 @@ in { # HACK: services.pipewire.alsa doesn't exist on 20.09, avoid evaluating this # config (my 20.09 machine is a server anyway) config = optionalAttrs (options ? services.pipewire.alsa) (mkIf cfg.enable { - # from NixOS wiki, causes conflicts with pipewire - sound.enable = false; # recommended for pipewire as well security.rtkit.enable = true; services.pipewire = { From 2451cde1e11f3c178b606c0b710002c5e73ae666 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 1 Dec 2024 18:05:35 +0100 Subject: [PATCH 154/309] home: gtk: theme package was renamed --- home/gtk.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/home/gtk.nix b/home/gtk.nix index 762c413..a0738f4 100644 --- a/home/gtk.nix +++ b/home/gtk.nix @@ -24,12 +24,12 @@ in { }; iconTheme = { - package = pkgs.gnome.gnome-themes-extra; + package = pkgs.gnome-themes-extra; name = "Adwaita"; }; theme = { - package = pkgs.gnome.gnome-themes-extra; + package = pkgs.gnome-themes-extra; name = "Adwaita"; }; }; From 0d539acdad78ab2bd5c0d661e3a06e0391bc2015 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 1 Dec 2024 19:32:44 +0100 Subject: [PATCH 155/309] services: nextcloud: upgrade to 30 --- services/nextcloud.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/nextcloud.nix b/services/nextcloud.nix index 55c4e33..6a90eb0 100644 --- a/services/nextcloud.nix +++ b/services/nextcloud.nix @@ -62,7 +62,7 @@ in { hostName = "cloud.${domain}"; https = true; - package = pkgs.nextcloud29; + package = pkgs.nextcloud30; maxUploadSize = "1G"; From ddc48936207e402df9bd01ebe162f5afbe6ff242 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 1 Dec 2024 20:45:57 +0100 Subject: [PATCH 156/309] talos: switch to linux 6.12 --- hosts/talos/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 9a042c0..1cd71f6 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -16,7 +16,7 @@ ./secrets.nix ]; - boot.kernelPackages = pkgs.linuxPackages_6_11; + boot.kernelPackages = pkgs.linuxPackages_6_12; # Set Wi-Fi regulatory domain. Currently always set to '00' (world), and could # lead to bad Wi-Fi performance boot.kernelParams = ["cfg80211.ieee80211_regdom=FR"]; From 7509be1b322ef06ad10e61e8ea344f6505472173 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 2 Dec 2024 12:04:07 +0100 Subject: [PATCH 157/309] services: postgres: add upgrade script --- services/postgresql.nix | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/services/postgresql.nix b/services/postgresql.nix index 1d39111..ec4b82a 100644 --- a/services/postgresql.nix +++ b/services/postgresql.nix @@ -1,10 +1,40 @@ { config, pkgs, + lib, ... }: { # set postgresql version so we don't get any bad surprise config.services.postgresql = { package = pkgs.postgresql_15; }; + + config.environment.systemPackages = [ + (let + # XXX specify the postgresql package you'd like to upgrade to. + # Do not forget to list the extensions you need. + newPostgres = pkgs.postgresql_16; + cfg = config.services.postgresql; + in pkgs.writeScriptBin "upgrade-pg-cluster" '' + set -eux + # XXX it's perhaps advisable to stop all services that depend on postgresql + systemctl stop postgresql + + export NEWDATA="/var/lib/postgresql/${newPostgres.psqlSchema}" + + export NEWBIN="${newPostgres}/bin" + + export OLDDATA="${cfg.dataDir}" + export OLDBIN="${cfg.package}/bin" + + install -d -m 0700 -o postgres -g postgres "$NEWDATA" + cd "$NEWDATA" + sudo -u postgres $NEWBIN/initdb -D "$NEWDATA" ${lib.escapeShellArgs cfg.initdbArgs} + + sudo -u postgres $NEWBIN/pg_upgrade \ + --old-datadir "$OLDDATA" --new-datadir "$NEWDATA" \ + --old-bindir $OLDBIN --new-bindir $NEWBIN \ + "$@" + '') + ]; } From 188890b1e937751e54feae83741d393d34c97cd3 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 2 Dec 2024 12:23:34 +0100 Subject: [PATCH 158/309] services: postgres: upgrade to 16 --- services/postgresql.nix | 31 +------------------------------ 1 file changed, 1 insertion(+), 30 deletions(-) diff --git a/services/postgresql.nix b/services/postgresql.nix index ec4b82a..4446cc8 100644 --- a/services/postgresql.nix +++ b/services/postgresql.nix @@ -6,35 +6,6 @@ }: { # set postgresql version so we don't get any bad surprise config.services.postgresql = { - package = pkgs.postgresql_15; + package = pkgs.postgresql_16; }; - - config.environment.systemPackages = [ - (let - # XXX specify the postgresql package you'd like to upgrade to. - # Do not forget to list the extensions you need. - newPostgres = pkgs.postgresql_16; - cfg = config.services.postgresql; - in pkgs.writeScriptBin "upgrade-pg-cluster" '' - set -eux - # XXX it's perhaps advisable to stop all services that depend on postgresql - systemctl stop postgresql - - export NEWDATA="/var/lib/postgresql/${newPostgres.psqlSchema}" - - export NEWBIN="${newPostgres}/bin" - - export OLDDATA="${cfg.dataDir}" - export OLDBIN="${cfg.package}/bin" - - install -d -m 0700 -o postgres -g postgres "$NEWDATA" - cd "$NEWDATA" - sudo -u postgres $NEWBIN/initdb -D "$NEWDATA" ${lib.escapeShellArgs cfg.initdbArgs} - - sudo -u postgres $NEWBIN/pg_upgrade \ - --old-datadir "$OLDDATA" --new-datadir "$NEWDATA" \ - --old-bindir $OLDBIN --new-bindir $NEWBIN \ - "$@" - '') - ]; } From 3c8381103283a2103bdf88f63024b02a70cedc08 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 4 Dec 2024 16:07:18 +0100 Subject: [PATCH 159/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/f3111f62a23451114433888902a55cf0692b408d' (2024-11-24) → 'github:nix-community/home-manager/62d536255879be574ebfe9b87c4ac194febf47c5' (2024-12-01) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/fe01780d356d70fd119a19277bff71d3e78dad00' (2024-12-01) → 'github:NixOS/nixos-hardware/cceee0a31d2f01bcc98b2fbd591327c06a4ea4f9' (2024-12-03) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/62c435d93bf046a5396f3016472e8f7c8e2aed65' (2024-11-30) → 'github:NixOS/nixpkgs/b681065d0919f7eb5309a93cea2cfa84dec9aa88' (2024-12-03) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index c456fad..ceda98a 100644 --- a/flake.lock +++ b/flake.lock @@ -142,11 +142,11 @@ ] }, "locked": { - "lastModified": 1732466619, - "narHash": "sha256-T1e5oceypZu3Q8vzICjv1X/sGs9XfJRMW5OuXHgpB3c=", + "lastModified": 1733050161, + "narHash": "sha256-lYnT+EYE47f5yY3KS/Kd4pJ6CO9fhCqumkYYkQ3TK20=", "owner": "nix-community", "repo": "home-manager", - "rev": "f3111f62a23451114433888902a55cf0692b408d", + "rev": "62d536255879be574ebfe9b87c4ac194febf47c5", "type": "github" }, "original": { @@ -193,11 +193,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1733066523, - "narHash": "sha256-aQorWITXZu7b095UwnpUvcGt9dNJie/GO9r4hZfe2sU=", + "lastModified": 1733217105, + "narHash": "sha256-fc6jTzIwCIVWTX50FtW6AZpuukuQWSEbPiyg6ZRGWFY=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "fe01780d356d70fd119a19277bff71d3e78dad00", + "rev": "cceee0a31d2f01bcc98b2fbd591327c06a4ea4f9", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1732981179, - "narHash": "sha256-F7thesZPvAMSwjRu0K8uFshTk3ZZSNAsXTIFvXBT+34=", + "lastModified": 1733261153, + "narHash": "sha256-eq51hyiaIwtWo19fPEeE0Zr2s83DYMKJoukNLgGGpek=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "62c435d93bf046a5396f3016472e8f7c8e2aed65", + "rev": "b681065d0919f7eb5309a93cea2cfa84dec9aa88", "type": "github" }, "original": { From 46dbb8cffe033b5fa3beed146c86428c4192c2ed Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 16 Dec 2024 09:55:52 +0100 Subject: [PATCH 160/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/62d536255879be574ebfe9b87c4ac194febf47c5' (2024-12-01) → 'github:nix-community/home-manager/1318c3f3b068cdcea922fa7c1a0a1f0c96c22f5f' (2024-12-11) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/cceee0a31d2f01bcc98b2fbd591327c06a4ea4f9' (2024-12-03) → 'github:NixOS/nixos-hardware/cf737e2eba82b603f54f71b10cb8fd09d22ce3f5' (2024-12-10) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/b681065d0919f7eb5309a93cea2cfa84dec9aa88' (2024-12-03) → 'github:NixOS/nixpkgs/314e12ba369ccdb9b352a4db26ff419f7c49fa84' (2024-12-13) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index ceda98a..8b94d64 100644 --- a/flake.lock +++ b/flake.lock @@ -142,11 +142,11 @@ ] }, "locked": { - "lastModified": 1733050161, - "narHash": "sha256-lYnT+EYE47f5yY3KS/Kd4pJ6CO9fhCqumkYYkQ3TK20=", + "lastModified": 1733951536, + "narHash": "sha256-Zb5ZCa7Xj+0gy5XVXINTSr71fCfAv+IKtmIXNrykT54=", "owner": "nix-community", "repo": "home-manager", - "rev": "62d536255879be574ebfe9b87c4ac194febf47c5", + "rev": "1318c3f3b068cdcea922fa7c1a0a1f0c96c22f5f", "type": "github" }, "original": { @@ -193,11 +193,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1733217105, - "narHash": "sha256-fc6jTzIwCIVWTX50FtW6AZpuukuQWSEbPiyg6ZRGWFY=", + "lastModified": 1733861262, + "narHash": "sha256-+jjPup/ByS0LEVIrBbt7FnGugJgLeG9oc+ivFASYn2U=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "cceee0a31d2f01bcc98b2fbd591327c06a4ea4f9", + "rev": "cf737e2eba82b603f54f71b10cb8fd09d22ce3f5", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1733261153, - "narHash": "sha256-eq51hyiaIwtWo19fPEeE0Zr2s83DYMKJoukNLgGGpek=", + "lastModified": 1734083684, + "narHash": "sha256-5fNndbndxSx5d+C/D0p/VF32xDiJCJzyOqorOYW4JEo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b681065d0919f7eb5309a93cea2cfa84dec9aa88", + "rev": "314e12ba369ccdb9b352a4db26ff419f7c49fa84", "type": "github" }, "original": { From 4c1f1f732fef0a51f9be0cb66c652aca22ec8719 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 19 Dec 2024 00:47:13 +0100 Subject: [PATCH 161/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/1318c3f3b068cdcea922fa7c1a0a1f0c96c22f5f' (2024-12-11) → 'github:nix-community/home-manager/80b0fdf483c5d1cb75aaad909bd390d48673857f' (2024-12-16) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/cf737e2eba82b603f54f71b10cb8fd09d22ce3f5' (2024-12-10) → 'github:NixOS/nixos-hardware/b12e314726a4226298fe82776b4baeaa7bcf3dcd' (2024-12-16) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/314e12ba369ccdb9b352a4db26ff419f7c49fa84' (2024-12-13) → 'github:NixOS/nixpkgs/394571358ce82dff7411395829aa6a3aad45b907' (2024-12-16) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 8b94d64..861896b 100644 --- a/flake.lock +++ b/flake.lock @@ -142,11 +142,11 @@ ] }, "locked": { - "lastModified": 1733951536, - "narHash": "sha256-Zb5ZCa7Xj+0gy5XVXINTSr71fCfAv+IKtmIXNrykT54=", + "lastModified": 1734366194, + "narHash": "sha256-vykpJ1xsdkv0j8WOVXrRFHUAdp9NXHpxdnn1F4pYgSw=", "owner": "nix-community", "repo": "home-manager", - "rev": "1318c3f3b068cdcea922fa7c1a0a1f0c96c22f5f", + "rev": "80b0fdf483c5d1cb75aaad909bd390d48673857f", "type": "github" }, "original": { @@ -193,11 +193,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1733861262, - "narHash": "sha256-+jjPup/ByS0LEVIrBbt7FnGugJgLeG9oc+ivFASYn2U=", + "lastModified": 1734352517, + "narHash": "sha256-mfv+J/vO4nqmIOlq8Y1rRW8hVsGH3M+I2ESMjhuebDs=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "cf737e2eba82b603f54f71b10cb8fd09d22ce3f5", + "rev": "b12e314726a4226298fe82776b4baeaa7bcf3dcd", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1734083684, - "narHash": "sha256-5fNndbndxSx5d+C/D0p/VF32xDiJCJzyOqorOYW4JEo=", + "lastModified": 1734323986, + "narHash": "sha256-m/lh6hYMIWDYHCAsn81CDAiXoT3gmxXI9J987W5tZrE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "314e12ba369ccdb9b352a4db26ff419f7c49fa84", + "rev": "394571358ce82dff7411395829aa6a3aad45b907", "type": "github" }, "original": { From 85b0f9be7e63459b3ee7c18b5a2bc533aec977dc Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 24 Dec 2024 06:12:21 +0100 Subject: [PATCH 162/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/b12e314726a4226298fe82776b4baeaa7bcf3dcd' (2024-12-16) → 'github:NixOS/nixos-hardware/def1d472c832d77885f174089b0d34854b007198' (2024-12-23) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/394571358ce82dff7411395829aa6a3aad45b907' (2024-12-16) → 'github:NixOS/nixpkgs/1807c2b91223227ad5599d7067a61665c52d1295' (2024-12-22) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 861896b..96310ea 100644 --- a/flake.lock +++ b/flake.lock @@ -193,11 +193,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1734352517, - "narHash": "sha256-mfv+J/vO4nqmIOlq8Y1rRW8hVsGH3M+I2ESMjhuebDs=", + "lastModified": 1734954597, + "narHash": "sha256-QIhd8/0x30gEv8XEE1iAnrdMlKuQ0EzthfDR7Hwl+fk=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "b12e314726a4226298fe82776b4baeaa7bcf3dcd", + "rev": "def1d472c832d77885f174089b0d34854b007198", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1734323986, - "narHash": "sha256-m/lh6hYMIWDYHCAsn81CDAiXoT3gmxXI9J987W5tZrE=", + "lastModified": 1734875076, + "narHash": "sha256-Pzyb+YNG5u3zP79zoi8HXYMs15Q5dfjDgwCdUI5B0nY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "394571358ce82dff7411395829aa6a3aad45b907", + "rev": "1807c2b91223227ad5599d7067a61665c52d1295", "type": "github" }, "original": { From b8232253020649a38191eef42a71585808dd2677 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 1 Jan 2025 17:24:32 +0100 Subject: [PATCH 163/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/80b0fdf483c5d1cb75aaad909bd390d48673857f' (2024-12-16) → 'github:nix-community/home-manager/613691f285dad87694c2ba1c9e6298d04736292d' (2024-12-28) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/def1d472c832d77885f174089b0d34854b007198' (2024-12-23) → 'github:NixOS/nixos-hardware/7c674c6734f61157e321db595dbfcd8523e04e19' (2024-12-28) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/1807c2b91223227ad5599d7067a61665c52d1295' (2024-12-22) → 'github:NixOS/nixpkgs/3ffbbdbac0566a0977da3d2657b89cbcfe9a173b' (2024-12-30) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 96310ea..b5ec003 100644 --- a/flake.lock +++ b/flake.lock @@ -142,11 +142,11 @@ ] }, "locked": { - "lastModified": 1734366194, - "narHash": "sha256-vykpJ1xsdkv0j8WOVXrRFHUAdp9NXHpxdnn1F4pYgSw=", + "lastModified": 1735344290, + "narHash": "sha256-oJDtWPH1oJT34RJK1FSWjwX4qcGOBRkcNQPD0EbSfNM=", "owner": "nix-community", "repo": "home-manager", - "rev": "80b0fdf483c5d1cb75aaad909bd390d48673857f", + "rev": "613691f285dad87694c2ba1c9e6298d04736292d", "type": "github" }, "original": { @@ -193,11 +193,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1734954597, - "narHash": "sha256-QIhd8/0x30gEv8XEE1iAnrdMlKuQ0EzthfDR7Hwl+fk=", + "lastModified": 1735388221, + "narHash": "sha256-e5IOgjQf0SZcFCEV/gMGrsI0gCJyqOKShBQU0iiM3Kg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "def1d472c832d77885f174089b0d34854b007198", + "rev": "7c674c6734f61157e321db595dbfcd8523e04e19", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1734875076, - "narHash": "sha256-Pzyb+YNG5u3zP79zoi8HXYMs15Q5dfjDgwCdUI5B0nY=", + "lastModified": 1735531152, + "narHash": "sha256-As8I+ebItDKtboWgDXYZSIjGlKeqiLBvjxsQHUmAf1Q=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1807c2b91223227ad5599d7067a61665c52d1295", + "rev": "3ffbbdbac0566a0977da3d2657b89cbcfe9a173b", "type": "github" }, "original": { From 0d390a3189ae5f921e8eee29e9d991be808cb181 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 6 Jan 2025 10:37:26 +0100 Subject: [PATCH 164/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/3ffbbdbac0566a0977da3d2657b89cbcfe9a173b' (2024-12-30) → 'github:NixOS/nixpkgs/cbd8ec4de4469333c82ff40d057350c30e9f7d36' (2025-01-05) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b5ec003..fe56bb1 100644 --- a/flake.lock +++ b/flake.lock @@ -257,11 +257,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1735531152, - "narHash": "sha256-As8I+ebItDKtboWgDXYZSIjGlKeqiLBvjxsQHUmAf1Q=", + "lastModified": 1736061677, + "narHash": "sha256-DjkQPnkAfd7eB522PwnkGhOMuT9QVCZspDpJJYyOj60=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3ffbbdbac0566a0977da3d2657b89cbcfe9a173b", + "rev": "cbd8ec4de4469333c82ff40d057350c30e9f7d36", "type": "github" }, "original": { From fe8b1db0fdb6494adbebc523049b9b711f503ea4 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 6 Jan 2025 15:14:50 +0100 Subject: [PATCH 165/309] thanatos: avoid GC --- hosts/thanatos/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hosts/thanatos/default.nix b/hosts/thanatos/default.nix index ab960eb..afa74c0 100644 --- a/hosts/thanatos/default.nix +++ b/hosts/thanatos/default.nix @@ -93,4 +93,6 @@ in { environment.systemPackages = with pkgs; [ docker-compose ]; + + nix.gc.automatic = lib.mkForce false; } From 79587eff3e7fa1c86a303f90bbfece048f9f4775 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 7 Jan 2025 19:53:26 +0100 Subject: [PATCH 166/309] boreal: try out hyprland --- hosts/boreal/default.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/hosts/boreal/default.nix b/hosts/boreal/default.nix index 56a7222..12b56fa 100644 --- a/hosts/boreal/default.nix +++ b/hosts/boreal/default.nix @@ -103,4 +103,13 @@ modesetting.enable = true; }; }; + + environment.systemPackages = with pkgs; [foot waybar wofi]; + + programs.hyprland.enable = true; + programs.hyprlock.enable = true; + programs.waybar.enable = true; + programs.foot.enable = true; + services.displayManager.sddm.wayland.enable = true; + services.power-profiles-daemon.enable = true; } From 990717029558fee44a4dbe88674333e4ad1999d0 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 14 Jan 2025 10:39:33 +0100 Subject: [PATCH 167/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/613691f285dad87694c2ba1c9e6298d04736292d' (2024-12-28) → 'github:nix-community/home-manager/bd65bc3cde04c16755955630b344bc9e35272c56' (2025-01-08) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/7c674c6734f61157e321db595dbfcd8523e04e19' (2024-12-28) → 'github:NixOS/nixos-hardware/8870dcaff63dfc6647fb10648b827e9d40b0a337' (2025-01-09) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/cbd8ec4de4469333c82ff40d057350c30e9f7d36' (2025-01-05) → 'github:NixOS/nixpkgs/635e887b48521e912a516625eee7df6cf0eba9c1' (2025-01-12) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index fe56bb1..a0a2eb4 100644 --- a/flake.lock +++ b/flake.lock @@ -142,11 +142,11 @@ ] }, "locked": { - "lastModified": 1735344290, - "narHash": "sha256-oJDtWPH1oJT34RJK1FSWjwX4qcGOBRkcNQPD0EbSfNM=", + "lastModified": 1736373539, + "narHash": "sha256-dinzAqCjenWDxuy+MqUQq0I4zUSfaCvN9rzuCmgMZJY=", "owner": "nix-community", "repo": "home-manager", - "rev": "613691f285dad87694c2ba1c9e6298d04736292d", + "rev": "bd65bc3cde04c16755955630b344bc9e35272c56", "type": "github" }, "original": { @@ -193,11 +193,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1735388221, - "narHash": "sha256-e5IOgjQf0SZcFCEV/gMGrsI0gCJyqOKShBQU0iiM3Kg=", + "lastModified": 1736441705, + "narHash": "sha256-OL7leZ6KBhcDF3nEKe4aZVfIm6xQpb1Kb+mxySIP93o=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "7c674c6734f61157e321db595dbfcd8523e04e19", + "rev": "8870dcaff63dfc6647fb10648b827e9d40b0a337", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1736061677, - "narHash": "sha256-DjkQPnkAfd7eB522PwnkGhOMuT9QVCZspDpJJYyOj60=", + "lastModified": 1736684107, + "narHash": "sha256-vH5mXxEvZeoGNkqKoCluhTGfoeXCZ1seYhC2pbMN0sg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cbd8ec4de4469333c82ff40d057350c30e9f7d36", + "rev": "635e887b48521e912a516625eee7df6cf0eba9c1", "type": "github" }, "original": { From c4af1c08588ec9207fa77c7aeca86db785b156e4 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 16 Jan 2025 18:34:21 +0100 Subject: [PATCH 168/309] hades: add gitlab runners --- hosts/hades/default.nix | 51 +++++++++++++++++++ hosts/hades/secrets.nix | 3 ++ .../gitlab-runner/hades-nix-runner-env.age | 8 +++ .../gitlab-runner/hades-runner-env.age | 7 +++ modules/secrets/secrets.nix | 2 + 5 files changed, 71 insertions(+) create mode 100644 modules/secrets/gitlab-runner/hades-nix-runner-env.age create mode 100644 modules/secrets/gitlab-runner/hades-runner-env.age diff --git a/hosts/hades/default.nix b/hosts/hades/default.nix index e181392..f2a4158 100644 --- a/hosts/hades/default.nix +++ b/hosts/hades/default.nix @@ -156,6 +156,57 @@ in { services = { openssh.enable = true; vnstat.enable = true; + + gitlab-runner = { + enable = true; + settings = { + concurrent = 4; + }; + services = { + nix = { + authenticationTokenConfigFile = config.age.secrets."gitlab-runner/hades-nix-runner-env".path; + dockerImage = "alpine"; + dockerVolumes = [ + "/nix/store:/nix/store:ro" + "/nix/var/nix/db:/nix/var/nix/db:ro" + "/nix/var/nix/daemon-socket:/nix/var/nix/daemon-socket:ro" + ]; + dockerDisableCache = true; + preBuildScript = pkgs.writeScript "setup-container" '' + mkdir -p -m 0755 /nix/var/log/nix/drvs + mkdir -p -m 0755 /nix/var/nix/gcroots + mkdir -p -m 0755 /nix/var/nix/profiles + mkdir -p -m 0755 /nix/var/nix/temproots + mkdir -p -m 0755 /nix/var/nix/userpool + mkdir -p -m 1777 /nix/var/nix/gcroots/per-user + mkdir -p -m 1777 /nix/var/nix/profiles/per-user + mkdir -p -m 0755 /nix/var/nix/profiles/per-user/root + mkdir -p -m 0700 "$HOME/.nix-defexpr" + + . ${pkgs.nix}/etc/profile.d/nix.sh + + ${pkgs.nix}/bin/nix-env -i ${lib.concatStringsSep " " (with pkgs; [nix cacert git openssh])} + + ${pkgs.nix}/bin/nix-channel --add https://nixos.org/channels/nixpkgs-unstable + ${pkgs.nix}/bin/nix-channel --update nixpkgs + + mkdir -p ~/.config/nix + echo "experimental-features = nix-command flakes" > ~/.config/nix/nix.conf + ''; + environmentVariables = { + ENV = "/etc/profile"; + USER = "root"; + NIX_REMOTE = "daemon"; + PATH = "/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/default/sbin:/bin:/sbin:/usr/bin:/usr/sbin"; + NIX_SSL_CERT_FILE = "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"; + }; + }; + default = { + authenticationTokenConfigFile = config.age.secrets."gitlab-runner/hades-runner-env".path; + dockerImage = "debian:stable"; + }; + }; + }; }; virtualisation.docker.enable = true; diff --git a/hosts/hades/secrets.nix b/hosts/hades/secrets.nix index 55ec422..a5df603 100644 --- a/hosts/hades/secrets.nix +++ b/hosts/hades/secrets.nix @@ -13,6 +13,9 @@ // attrs; in lib.mapAttrs toSecret { + "gitlab-runner/hades-nix-runner-env" = {}; + "gitlab-runner/hades-runner-env" = {}; + "lohr/shared-secret" = {}; "matrix-synapse/secret-config" = { diff --git a/modules/secrets/gitlab-runner/hades-nix-runner-env.age b/modules/secrets/gitlab-runner/hades-nix-runner-env.age new file mode 100644 index 0000000..ce66f97 --- /dev/null +++ b/modules/secrets/gitlab-runner/hades-nix-runner-env.age @@ -0,0 +1,8 @@ +age-encryption.org/v1 +-> ssh-ed25519 k2gHjw 0Qkzquxwa8PSNg6yq+CsfC4JfPLfxEIBKq1krrynlxg +QOHmNCQsV10zSnYvEeSpK95oXXlS+J4pw6EIR1KzxoU +-> ssh-ed25519 pX8y2g YbFzF2/mWizY4SOnNKzkcBEEsHYc1mTCpzWZ5vf6Zy0 +p2E9Uh0rWa8qbf2SvB5e4lxS+MEx5KGumKd28UHW0/0 +--- naIsBkYqZMgekqmxTgESGMuFIKoagS68mfXbid7k9e0 +U<"{24>e^*Cg f{vI_Foe3.6,cFK +$9]@{~L \ No newline at end of file diff --git a/modules/secrets/gitlab-runner/hades-runner-env.age b/modules/secrets/gitlab-runner/hades-runner-env.age new file mode 100644 index 0000000..b72657d --- /dev/null +++ b/modules/secrets/gitlab-runner/hades-runner-env.age @@ -0,0 +1,7 @@ +age-encryption.org/v1 +-> ssh-ed25519 k2gHjw EQkuI0FlwczzVWR3wvx+lXUNd0NnUjpBhOhmmIJ8Xhk +SXMz4M9n7kcuacBkJUg//iLYLJ5qP2BlQnD2zALskuw +-> ssh-ed25519 pX8y2g fmzHtkHXHjHiva7dGs7Khof1VzMMj6CLC4oghYf7lEk +Yx6G693eo5EqviIj/8t5JWjziYCSSJlwDNG92FPc7ro +--- /vsxhnYSHZFsDJtDbl8TKTgDS/XwqkTOXB2isT6K+LY +bǙ) Date: Fri, 17 Jan 2025 12:13:12 +0100 Subject: [PATCH 169/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs-unstable-small': 'github:NixOS/nixpkgs/767b0e3398fb899d0c88a9f7aecf30dd1cad3166' (2024-12-01) → 'github:NixOS/nixpkgs/62e9d4ae7c343fdae23f7cf347d98204488c1401' (2025-01-16) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index a0a2eb4..f687621 100644 --- a/flake.lock +++ b/flake.lock @@ -225,11 +225,11 @@ }, "nixpkgs-unstable-small": { "locked": { - "lastModified": 1733038015, - "narHash": "sha256-kIKqS3093Xz5vuvSLk0x1hqo2pFaGwMjnwr3qrTBkzk=", + "lastModified": 1737007772, + "narHash": "sha256-YmN6LpUQwOaY7gYdcXtX5CtpT4W37taAjbAF6WOmY4Y=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "767b0e3398fb899d0c88a9f7aecf30dd1cad3166", + "rev": "62e9d4ae7c343fdae23f7cf347d98204488c1401", "type": "github" }, "original": { From 6aca4f9f62d6d68d7968a4e8c438e403d06e9182 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 17 Jan 2025 16:58:14 +0100 Subject: [PATCH 170/309] services: mealie: get rid of copy-pasted module --- services/mealie.nix | 70 ++++++++++++--------------------------------- 1 file changed, 18 insertions(+), 52 deletions(-) diff --git a/services/mealie.nix b/services/mealie.nix index 8333c4c..61baefe 100644 --- a/services/mealie.nix +++ b/services/mealie.nix @@ -29,64 +29,30 @@ in { example = 8080; description = "Internal port for Mealie webapp"; }; - credentialsFile = lib.mkOption { - type = types.nullOr types.path; - default = null; - example = "/run/secrets/mealie-credentials.env"; - description = '' - File containing credentials used in mealie such as {env}`POSTGRES_PASSWORD` - or sensitive LDAP options. - - Expects the format of an `EnvironmentFile=`, as described by {manpage}`systemd.exec(5)`. - ''; - }; }; - # FIXME(NixOS 24.11) Copy pasted from nixpkgs master module, because some needed changes weren't in stable yet. - config = mkIf cfg.enable (let - settings = { - ALLOW_SIGNUP = "false"; - BASE_URL = "https://mealie.${domain}"; - TZ = config.time.timeZone; + config = mkIf cfg.enable { + services.mealie = { + inherit listenAddress; - # Use PostgreSQL - DB_ENGINE = "postgres"; + enable = true; + package = pkgs.unstable.mealie; + port = cfg.port; - # Settings for Mealie 1.7+ - POSTGRES_URL_OVERRIDE = "postgresql://mealie:@/mealie?host=/run/postgresql"; - }; - in { - systemd.services = { - mealie = { - after = ["network-online.target" "postgresql.service"]; - requires = ["postgresql.service"]; - wants = ["network-online.target"]; - wantedBy = ["multi-user.target"]; - - description = "Mealie, a self hosted recipe manager and meal planner"; - - environment = - { - PRODUCTION = "true"; - API_PORT = toString cfg.port; - BASE_URL = "http://localhost:${toString cfg.port}"; - DATA_DIR = "/var/lib/mealie"; - CRF_MODEL_PATH = "/var/lib/mealie/model.crfmodel"; - } - // (builtins.mapAttrs (_: val: toString val) settings); - - serviceConfig = { - DynamicUser = true; - User = "mealie"; - ExecStartPre = "${pkg}/libexec/init_db"; - ExecStart = "${lib.getExe pkg} -b ${listenAddress}:${builtins.toString cfg.port}"; - EnvironmentFile = lib.mkIf (cfg.credentialsFile != null) cfg.credentialsFile; - StateDirectory = "mealie"; - StandardOutput = "journal"; - }; + settings = { + ALLOW_SIGNUP = "false"; + BASE_URL = "https://mealie.${domain}"; + TZ = config.time.timeZone; + DB_ENGINE = "postgres"; + POSTGRES_URL_OVERRIDE = "postgresql://mealie:@/mealie?host=/run/postgresql"; }; }; + systemd.services.mealie = { + after = ["postgresql.service"]; + requires = ["postgresql.service"]; + }; + # Set-up database services.postgresql = { enable = true; @@ -118,5 +84,5 @@ in { my.services.restic-backup = { paths = ["/var/lib/mealie"]; }; - }); + }; } From 78b96dd311683f91e2c11cfcdac579e222a0e060 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 17 Jan 2025 17:09:53 +0100 Subject: [PATCH 171/309] hades: secret config for mealie --- hosts/hades/default.nix | 1 + hosts/hades/secrets.nix | 2 ++ modules/secrets/mealie/secret-config.age | Bin 0 -> 483 bytes modules/secrets/secrets.nix | 2 ++ services/mealie.nix | 12 ++++++++++++ 5 files changed, 17 insertions(+) create mode 100644 modules/secrets/mealie/secret-config.age diff --git a/hosts/hades/default.nix b/hosts/hades/default.nix index f2a4158..2b84d21 100644 --- a/hosts/hades/default.nix +++ b/hosts/hades/default.nix @@ -84,6 +84,7 @@ in { mealie = { enable = true; port = 8090; + credentialsFile = config.age.secrets."mealie/secret-config".path; }; microbin = { diff --git a/hosts/hades/secrets.nix b/hosts/hades/secrets.nix index a5df603..2623fe8 100644 --- a/hosts/hades/secrets.nix +++ b/hosts/hades/secrets.nix @@ -22,6 +22,8 @@ owner = "matrix-synapse"; }; + "mealie/secret-config" = {}; + "microbin/secret-config" = {}; "miniflux/admin-credentials" = {}; diff --git a/modules/secrets/mealie/secret-config.age b/modules/secrets/mealie/secret-config.age new file mode 100644 index 0000000000000000000000000000000000000000..cd0288476ea7b2346e498f3aa01498a4079f9c23 GIT binary patch literal 483 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCU7HcI!%DpxQyb+jxu z@isQgcQi^fitsBk4hb^w$Tl|%aL-Ti39Hmj&51Ox)GqSQGT|~Zu?+SocT5cnGto{j zD+%#8%#Ct0@pLNpC3C|#i{!ztCjz$D4Qs~|Vi z#l@ny$jLRzvN*iZJJH#>Fv-Hv(8E2-qbfN!Bbh71HzQL!G1V_A#KXn6T;I9OIM*>E zBQdck&#)@2$S=$*E8kP!EVslX#DGgzS687jC@mnM(yiP`-`p#uFrwJ4B+0ip&BQFk z-NiC5BFi{2H$2cOG$S&#!j#jC!4ibRlhy{!J3XqMXNe@OS~{I_E1osy#4WBT@~MJ z+tV7SH2jG1)z*1dxQyveu`2(Kj@z7EH(eM)=l}FNwTD5Wt4SuxYw@JJvzFev@8{_A z@%}?0&pt)R7wiA<9z7qR9yCq1TjhSnly%DvOEElaPkg<*DD>ytU7w^p_?8QubJ*Ow T^=IhhE4yd$MjUu$G}##dEzG?f literal 0 HcmV?d00001 diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index 452effa..c918355 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -22,6 +22,8 @@ in { "matrix-synapse/secret-config.age".publicKeys = [alarsyo hades]; + "mealie/secret-config.age".publicKeys = [alarsyo hades]; + "microbin/secret-config.age".publicKeys = [alarsyo hades]; "miniflux/admin-credentials.age".publicKeys = [alarsyo hades]; diff --git a/services/mealie.nix b/services/mealie.nix index 61baefe..0be80e3 100644 --- a/services/mealie.nix +++ b/services/mealie.nix @@ -29,11 +29,23 @@ in { example = 8080; description = "Internal port for Mealie webapp"; }; + credentialsFile = lib.mkOption { + type = types.nullOr types.path; + default = null; + example = "/run/secrets/mealie-credentials.env"; + description = '' + File containing credentials used in mealie such as {env}`POSTGRES_PASSWORD` + or sensitive LDAP options. + + Expects the format of an `EnvironmentFile=`, as described by {manpage}`systemd.exec(5)`. + ''; + }; }; config = mkIf cfg.enable { services.mealie = { inherit listenAddress; + inherit (cfg) credentialsFile; enable = true; package = pkgs.unstable.mealie; From 771ba29fb212d2fcb69d23c07483b0d7af74af19 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 20 Jan 2025 14:07:21 +0100 Subject: [PATCH 172/309] hades: remove gitlab runners --- hosts/hades/default.nix | 51 ------------------- hosts/hades/secrets.nix | 3 -- .../gitlab-runner/hades-nix-runner-env.age | 8 --- .../gitlab-runner/hades-runner-env.age | 7 --- modules/secrets/secrets.nix | 2 - 5 files changed, 71 deletions(-) delete mode 100644 modules/secrets/gitlab-runner/hades-nix-runner-env.age delete mode 100644 modules/secrets/gitlab-runner/hades-runner-env.age diff --git a/hosts/hades/default.nix b/hosts/hades/default.nix index 2b84d21..0117199 100644 --- a/hosts/hades/default.nix +++ b/hosts/hades/default.nix @@ -157,57 +157,6 @@ in { services = { openssh.enable = true; vnstat.enable = true; - - gitlab-runner = { - enable = true; - settings = { - concurrent = 4; - }; - services = { - nix = { - authenticationTokenConfigFile = config.age.secrets."gitlab-runner/hades-nix-runner-env".path; - dockerImage = "alpine"; - dockerVolumes = [ - "/nix/store:/nix/store:ro" - "/nix/var/nix/db:/nix/var/nix/db:ro" - "/nix/var/nix/daemon-socket:/nix/var/nix/daemon-socket:ro" - ]; - dockerDisableCache = true; - preBuildScript = pkgs.writeScript "setup-container" '' - mkdir -p -m 0755 /nix/var/log/nix/drvs - mkdir -p -m 0755 /nix/var/nix/gcroots - mkdir -p -m 0755 /nix/var/nix/profiles - mkdir -p -m 0755 /nix/var/nix/temproots - mkdir -p -m 0755 /nix/var/nix/userpool - mkdir -p -m 1777 /nix/var/nix/gcroots/per-user - mkdir -p -m 1777 /nix/var/nix/profiles/per-user - mkdir -p -m 0755 /nix/var/nix/profiles/per-user/root - mkdir -p -m 0700 "$HOME/.nix-defexpr" - - . ${pkgs.nix}/etc/profile.d/nix.sh - - ${pkgs.nix}/bin/nix-env -i ${lib.concatStringsSep " " (with pkgs; [nix cacert git openssh])} - - ${pkgs.nix}/bin/nix-channel --add https://nixos.org/channels/nixpkgs-unstable - ${pkgs.nix}/bin/nix-channel --update nixpkgs - - mkdir -p ~/.config/nix - echo "experimental-features = nix-command flakes" > ~/.config/nix/nix.conf - ''; - environmentVariables = { - ENV = "/etc/profile"; - USER = "root"; - NIX_REMOTE = "daemon"; - PATH = "/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/default/sbin:/bin:/sbin:/usr/bin:/usr/sbin"; - NIX_SSL_CERT_FILE = "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"; - }; - }; - default = { - authenticationTokenConfigFile = config.age.secrets."gitlab-runner/hades-runner-env".path; - dockerImage = "debian:stable"; - }; - }; - }; }; virtualisation.docker.enable = true; diff --git a/hosts/hades/secrets.nix b/hosts/hades/secrets.nix index 2623fe8..390cc7e 100644 --- a/hosts/hades/secrets.nix +++ b/hosts/hades/secrets.nix @@ -13,9 +13,6 @@ // attrs; in lib.mapAttrs toSecret { - "gitlab-runner/hades-nix-runner-env" = {}; - "gitlab-runner/hades-runner-env" = {}; - "lohr/shared-secret" = {}; "matrix-synapse/secret-config" = { diff --git a/modules/secrets/gitlab-runner/hades-nix-runner-env.age b/modules/secrets/gitlab-runner/hades-nix-runner-env.age deleted file mode 100644 index ce66f97..0000000 --- a/modules/secrets/gitlab-runner/hades-nix-runner-env.age +++ /dev/null @@ -1,8 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 k2gHjw 0Qkzquxwa8PSNg6yq+CsfC4JfPLfxEIBKq1krrynlxg -QOHmNCQsV10zSnYvEeSpK95oXXlS+J4pw6EIR1KzxoU --> ssh-ed25519 pX8y2g YbFzF2/mWizY4SOnNKzkcBEEsHYc1mTCpzWZ5vf6Zy0 -p2E9Uh0rWa8qbf2SvB5e4lxS+MEx5KGumKd28UHW0/0 ---- naIsBkYqZMgekqmxTgESGMuFIKoagS68mfXbid7k9e0 -U<"{24>e^*Cg f{vI_Foe3.6,cFK -$9]@{~L \ No newline at end of file diff --git a/modules/secrets/gitlab-runner/hades-runner-env.age b/modules/secrets/gitlab-runner/hades-runner-env.age deleted file mode 100644 index b72657d..0000000 --- a/modules/secrets/gitlab-runner/hades-runner-env.age +++ /dev/null @@ -1,7 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 k2gHjw EQkuI0FlwczzVWR3wvx+lXUNd0NnUjpBhOhmmIJ8Xhk -SXMz4M9n7kcuacBkJUg//iLYLJ5qP2BlQnD2zALskuw --> ssh-ed25519 pX8y2g fmzHtkHXHjHiva7dGs7Khof1VzMMj6CLC4oghYf7lEk -Yx6G693eo5EqviIj/8t5JWjziYCSSJlwDNG92FPc7ro ---- /vsxhnYSHZFsDJtDbl8TKTgDS/XwqkTOXB2isT6K+LY -bǙ) Date: Mon, 20 Jan 2025 14:15:19 +0100 Subject: [PATCH 173/309] pkgs: spot: update to 2.12.2 --- pkgs/spot/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/spot/default.nix b/pkgs/spot/default.nix index f9367f2..d333627 100644 --- a/pkgs/spot/default.nix +++ b/pkgs/spot/default.nix @@ -3,7 +3,7 @@ fetchurl, python3, }: let - version = "2.12.1"; + version = "2.12.2"; in stdenv.mkDerivation { inherit version; @@ -15,6 +15,6 @@ in src = fetchurl { url = "https://www.lrde.epita.fr/dload/spot/spot-${version}.tar.gz"; - sha256 = "sha256-VHfAjU4dBi8WTC5IaoNVaSXQfXDyGA3nBq96qUnG/1w="; + sha256 = "sha256-NhMOU23GqH+twsRLSrL2tBfVpP8879GZy+TqUbogdyQ"; }; } From 8157575ad5525184006fa8533a14281e06f0f984 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 22 Jan 2025 12:59:05 +0100 Subject: [PATCH 174/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/8870dcaff63dfc6647fb10648b827e9d40b0a337' (2025-01-09) → 'github:NixOS/nixos-hardware/61c79181e77ef774ab0468b28a24bc2647d498d6' (2025-01-20) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/635e887b48521e912a516625eee7df6cf0eba9c1' (2025-01-12) → 'github:NixOS/nixpkgs/ae584d90cbd0396a422289ee3efb1f1c9d141dc3' (2025-01-20) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index f687621..05875f6 100644 --- a/flake.lock +++ b/flake.lock @@ -193,11 +193,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1736441705, - "narHash": "sha256-OL7leZ6KBhcDF3nEKe4aZVfIm6xQpb1Kb+mxySIP93o=", + "lastModified": 1737359802, + "narHash": "sha256-utplyRM6pqnN940gfaLFBb9oUCSzkan86IvmkhsVlN8=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "8870dcaff63dfc6647fb10648b827e9d40b0a337", + "rev": "61c79181e77ef774ab0468b28a24bc2647d498d6", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1736684107, - "narHash": "sha256-vH5mXxEvZeoGNkqKoCluhTGfoeXCZ1seYhC2pbMN0sg=", + "lastModified": 1737404927, + "narHash": "sha256-e1WgPJpIYbOuokjgylcsuoEUCB4Jl2rQXa2LUD6XAG8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "635e887b48521e912a516625eee7df6cf0eba9c1", + "rev": "ae584d90cbd0396a422289ee3efb1f1c9d141dc3", "type": "github" }, "original": { From 69b304545d6b1a140a99ee1f72d8dcb1b61e40c9 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 27 Jan 2025 17:22:34 +0100 Subject: [PATCH 175/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs-unstable-small': 'github:NixOS/nixpkgs/62e9d4ae7c343fdae23f7cf347d98204488c1401' (2025-01-16) → 'github:NixOS/nixpkgs/970c26517231e07b71f3eaaa9aa2ebe539c354d3' (2025-01-27) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 05875f6..68b0e32 100644 --- a/flake.lock +++ b/flake.lock @@ -225,11 +225,11 @@ }, "nixpkgs-unstable-small": { "locked": { - "lastModified": 1737007772, - "narHash": "sha256-YmN6LpUQwOaY7gYdcXtX5CtpT4W37taAjbAF6WOmY4Y=", + "lastModified": 1737959576, + "narHash": "sha256-eEOiMxfxYSLa/8jcDZEK46TjqLO+8cJ5C9ufHXz1oIw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "62e9d4ae7c343fdae23f7cf347d98204488c1401", + "rev": "970c26517231e07b71f3eaaa9aa2ebe539c354d3", "type": "github" }, "original": { From 233468f6846e62eabda84e47592b6cd9880748c8 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 27 Jan 2025 17:24:58 +0100 Subject: [PATCH 176/309] talos: remove zed Not using it enough --- hosts/talos/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 1cd71f6..1b475c4 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -157,7 +157,6 @@ services.power-profiles-daemon.enable = true; environment.systemPackages = [ - pkgs.unstable.zed-editor pkgs.foot ]; From de058169d5539fc2e5b2a7a7800194ab047874a9 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 27 Jan 2025 17:25:10 +0100 Subject: [PATCH 177/309] flake: pin flakes to registry --- flake.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/flake.nix b/flake.nix index 09c2017..622da02 100644 --- a/flake.nix +++ b/flake.nix @@ -74,6 +74,10 @@ home-manager.users.alarsyo = import ./home; home-manager.verbose = true; }; + nix-registry = { + nix.registry.nixpkgs.flake = nixpkgs; + nix.registry.unstable.flake = inputs.nixpkgs-unstable-small; + }; }; overlays = import ./overlays; From ef67f8f25d17fdb574ea6a4cbe1356c77b3b82fb Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 28 Jan 2025 16:26:46 +0100 Subject: [PATCH 178/309] flake: add jujutsu to base programs --- base/programs.nix | 1 + flake.lock | 96 ++++++++++++++++++++++++++++++++++++++++++++++- flake.nix | 8 ++++ 3 files changed, 103 insertions(+), 2 deletions(-) diff --git a/base/programs.nix b/base/programs.nix index 3655de8..08a62ad 100644 --- a/base/programs.nix +++ b/base/programs.nix @@ -30,6 +30,7 @@ pciutils usbutils # development + jujutsu git git-crypt git-lfs diff --git a/flake.lock b/flake.lock index 68b0e32..371c4b4 100644 --- a/flake.lock +++ b/flake.lock @@ -85,6 +85,24 @@ "inputs": { "systems": "systems_3" }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { + "inputs": { + "systems": "systems_4" + }, "locked": { "lastModified": 1710146030, "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", @@ -156,6 +174,27 @@ "type": "github" } }, + "jujutsu": { + "inputs": { + "flake-utils": "flake-utils_2", + "nixpkgs": "nixpkgs_3", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1735790175, + "narHash": "sha256-5J1ZfPNyniUK5D3Pt1aKuJ+/8vad3JPxCztBRY591N8=", + "owner": "jj-vcs", + "repo": "jj", + "rev": "041c4fecb77434dd6720e7d7f1ce48d9575ac5f7", + "type": "github" + }, + "original": { + "owner": "jj-vcs", + "ref": "v0.25.0", + "repo": "jj", + "type": "github" + } + }, "lix": { "flake": false, "locked": { @@ -172,7 +211,7 @@ }, "lix-module": { "inputs": { - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils_3", "flakey-profile": "flakey-profile", "lix": "lix", "nixpkgs": [ @@ -256,6 +295,22 @@ } }, "nixpkgs_3": { + "locked": { + "lastModified": 1731890469, + "narHash": "sha256-D1FNZ70NmQEwNxpSSdTXCSklBH1z2isPR84J6DQrJGs=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "5083ec887760adfe12af64830a66807423a859a7", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { "locked": { "lastModified": 1737404927, "narHash": "sha256-e1WgPJpIYbOuokjgylcsuoEUCB4Jl2rQXa2LUD6XAG8=", @@ -277,12 +332,34 @@ "disko": "disko", "flake-utils": "flake-utils", "home-manager": "home-manager_2", + "jujutsu": "jujutsu", "lix-module": "lix-module", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "nixpkgs-unstable-small": "nixpkgs-unstable-small" } }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "jujutsu", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1732242723, + "narHash": "sha256-NWI8csIK0ujFlFuEXKnoc+7hWoCiEtINK9r48LUUMeU=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "a229311fcb45b88a95fdfa5cecd8349c809a272a", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, "systems": { "locked": { "lastModified": 1681028828, @@ -327,6 +404,21 @@ "repo": "default", "type": "github" } + }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 622da02..b729103 100644 --- a/flake.nix +++ b/flake.nix @@ -54,6 +54,13 @@ url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-2.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; }; + + jujutsu = { + type = "github"; + owner = "jj-vcs"; + repo = "jj"; + ref = "v0.25.0"; + }; }; outputs = { @@ -97,6 +104,7 @@ }) agenix.overlays.default + inputs.jujutsu.overlays.default ] ++ builtins.attrValues self.overlays; sharedModules = From c080a01e5a1a2371919ef17aa3d85762ba44b927 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 6 Feb 2025 10:26:48 +0100 Subject: [PATCH 179/309] flake: bump jj to v0.26.0 --- flake.lock | 8 ++++---- flake.nix | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index 371c4b4..dfc2f30 100644 --- a/flake.lock +++ b/flake.lock @@ -181,16 +181,16 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1735790175, - "narHash": "sha256-5J1ZfPNyniUK5D3Pt1aKuJ+/8vad3JPxCztBRY591N8=", + "lastModified": 1738805560, + "narHash": "sha256-jGy+0VDxQrgNhj+eX06FRhPP31V8QZVAM4j4yBosAGE=", "owner": "jj-vcs", "repo": "jj", - "rev": "041c4fecb77434dd6720e7d7f1ce48d9575ac5f7", + "rev": "613742dfbbd89324b25672a75ef8ce9e671ae0d3", "type": "github" }, "original": { "owner": "jj-vcs", - "ref": "v0.25.0", + "ref": "v0.26.0", "repo": "jj", "type": "github" } diff --git a/flake.nix b/flake.nix index b729103..2ee5d0e 100644 --- a/flake.nix +++ b/flake.nix @@ -59,7 +59,7 @@ type = "github"; owner = "jj-vcs"; repo = "jj"; - ref = "v0.25.0"; + ref = "v0.26.0"; }; }; From 27f283b288ffb26dd86c5a8c51ab6d6c33919b33 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 6 Feb 2025 10:40:22 +0100 Subject: [PATCH 180/309] flake: bump lix to v2.92.0 --- flake.lock | 20 ++++++++++---------- flake.nix | 2 +- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/flake.lock b/flake.lock index dfc2f30..3cb3cdd 100644 --- a/flake.lock +++ b/flake.lock @@ -198,15 +198,15 @@ "lix": { "flake": false, "locked": { - "lastModified": 1729298361, - "narHash": "sha256-hiGtfzxFkDc9TSYsb96Whg0vnqBVV7CUxyscZNhed0U=", - "rev": "ad9d06f7838a25beec425ff406fe68721fef73be", + "lastModified": 1737234286, + "narHash": "sha256-CCKIAE84dzkrnlxJCKFyffAxP3yfsOAbdvydUGqq24g=", + "rev": "2837da71ec1588c1187d2e554719b15904a46c8b", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/ad9d06f7838a25beec425ff406fe68721fef73be.tar.gz?rev=ad9d06f7838a25beec425ff406fe68721fef73be" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/2837da71ec1588c1187d2e554719b15904a46c8b.tar.gz?rev=2837da71ec1588c1187d2e554719b15904a46c8b" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/lix/archive/2.91.1.tar.gz" + "url": "https://git.lix.systems/lix-project/lix/archive/2.92.0.tar.gz" } }, "lix-module": { @@ -219,15 +219,15 @@ ] }, "locked": { - "lastModified": 1732605668, - "narHash": "sha256-DN5/166jhiiAW0Uw6nueXaGTueVxhfZISAkoxasmz/g=", - "rev": "f19bd752910bbe3a861c9cad269bd078689d50fe", + "lastModified": 1737237494, + "narHash": "sha256-YMLrcBpf0TR5r/eaqm8lxzFPap2TxCor0ZGcK3a7+b8=", + "rev": "b90bf629bbd835e61f1317b99e12f8c831017006", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/f19bd752910bbe3a861c9cad269bd078689d50fe.tar.gz?rev=f19bd752910bbe3a861c9cad269bd078689d50fe" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/b90bf629bbd835e61f1317b99e12f8c831017006.tar.gz?rev=b90bf629bbd835e61f1317b99e12f8c831017006" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-2.tar.gz" + "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0.tar.gz" } }, "nixos-hardware": { diff --git a/flake.nix b/flake.nix index 2ee5d0e..01005c3 100644 --- a/flake.nix +++ b/flake.nix @@ -51,7 +51,7 @@ }; lix-module = { - url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-2.tar.gz"; + url = "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; }; From fbb53b22f7ebc1dfeefc83473bff5e02a5dd019d Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 6 Feb 2025 11:57:21 +0100 Subject: [PATCH 181/309] home: mail: add another alias --- home/mail.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/mail.nix b/home/mail.nix index d03fbf9..8931940 100644 --- a/home/mail.nix +++ b/home/mail.nix @@ -81,6 +81,7 @@ in { aliases = [ "alarsyo@alarsyo.net" "antoine@amartin.email" + "mail@antoinemartin.fr" ]; flavor = "plain"; # default setting passwordCommand = "${pkgs.rbw}/bin/rbw get webmail.migadu.com ${email_perso}"; From fcd2651dc27d68009d434dc726f9f3f3e7ae62f8 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 15 Feb 2025 00:09:06 +0100 Subject: [PATCH 182/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/bd65bc3cde04c16755955630b344bc9e35272c56' (2025-01-08) → 'github:nix-community/home-manager/254d47082e23dbf72fdeca1da6fe1da420f478d8' (2025-02-14) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/61c79181e77ef774ab0468b28a24bc2647d498d6' (2025-01-20) → 'github:NixOS/nixos-hardware/2eccff41bab80839b1d25b303b53d339fbb07087' (2025-02-06) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/ae584d90cbd0396a422289ee3efb1f1c9d141dc3' (2025-01-20) → 'github:NixOS/nixpkgs/0ff09db9d034a04acd4e8908820ba0b410d7a33a' (2025-02-12) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 3cb3cdd..f288495 100644 --- a/flake.lock +++ b/flake.lock @@ -160,11 +160,11 @@ ] }, "locked": { - "lastModified": 1736373539, - "narHash": "sha256-dinzAqCjenWDxuy+MqUQq0I4zUSfaCvN9rzuCmgMZJY=", + "lastModified": 1739570999, + "narHash": "sha256-eCc0/Q4bPpe4/AS+uzIrHLJcR6BxPQ69q2kD0/Qe6rU=", "owner": "nix-community", "repo": "home-manager", - "rev": "bd65bc3cde04c16755955630b344bc9e35272c56", + "rev": "254d47082e23dbf72fdeca1da6fe1da420f478d8", "type": "github" }, "original": { @@ -232,11 +232,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1737359802, - "narHash": "sha256-utplyRM6pqnN940gfaLFBb9oUCSzkan86IvmkhsVlN8=", + "lastModified": 1738816619, + "narHash": "sha256-5yRlg48XmpcX5b5HesdGMOte+YuCy9rzQkJz+imcu6I=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "61c79181e77ef774ab0468b28a24bc2647d498d6", + "rev": "2eccff41bab80839b1d25b303b53d339fbb07087", "type": "github" }, "original": { @@ -312,11 +312,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1737404927, - "narHash": "sha256-e1WgPJpIYbOuokjgylcsuoEUCB4Jl2rQXa2LUD6XAG8=", + "lastModified": 1739357830, + "narHash": "sha256-9xim3nJJUFbVbJCz48UP4fGRStVW5nv4VdbimbKxJ3I=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ae584d90cbd0396a422289ee3efb1f1c9d141dc3", + "rev": "0ff09db9d034a04acd4e8908820ba0b410d7a33a", "type": "github" }, "original": { From d9cc63353ae3aa8c5ef15745dd541b51cc83f407 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 16 Feb 2025 18:03:37 +0100 Subject: [PATCH 183/309] talos: home: use waybar --- hosts/talos/home.nix | 49 ++++---------------------------------------- 1 file changed, 4 insertions(+), 45 deletions(-) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 476df1c..212cd1f 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -67,55 +67,14 @@ in { names = ["Iosevka Fixed" "FontAwesome6Free"]; size = 9.0; }; - bars = [ - { - mode = "dock"; - hiddenState = "hide"; - position = "top"; - workspaceButtons = true; - workspaceNumbers = true; - statusCommand = "${pkgs.i3status}/bin/i3status"; - fonts = { - names = ["Iosevka Fixed" "FontAwesome6Free"]; - size = 9.0; - }; - trayOutput = "primary"; - colors = { - background = "#000000"; - statusline = "#ffffff"; - separator = "#666666"; - focusedWorkspace = { - border = "#4c7899"; - background = "#285577"; - text = "#ffffff"; - }; - activeWorkspace = { - border = "#333333"; - background = "#5f676a"; - text = "#ffffff"; - }; - inactiveWorkspace = { - border = "#333333"; - background = "#222222"; - text = "#888888"; - }; - urgentWorkspace = { - border = "#2f343a"; - background = "#900000"; - text = "#ffffff"; - }; - bindingMode = { - border = "#2f343a"; - background = "#900000"; - text = "#ffffff"; - }; - }; - } - ]; + bars = []; keybindings = mkOptionDefault { "Mod4+i" = "exec emacsclient --create-frame"; }; + startup = [ + {command = "waybar";} + ]; }; }; programs = { From 47ab3ef2845662e273c4526143bba1e2aa405b28 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 16 Feb 2025 18:03:51 +0100 Subject: [PATCH 184/309] talos: home: smaller sway font size --- hosts/talos/home.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 212cd1f..c1bec26 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -65,7 +65,7 @@ in { }; fonts = { names = ["Iosevka Fixed" "FontAwesome6Free"]; - size = 9.0; + size = 8.0; }; bars = []; From ea914e9821404e28f8e5251dc61e7091503e899e Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 16 Feb 2025 18:04:36 +0100 Subject: [PATCH 185/309] talos: home: logout mode in sway --- hosts/talos/home.nix | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index c1bec26..abfd952 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -40,7 +40,9 @@ in { ; }; - wayland.windowManager.sway = { + wayland.windowManager.sway = let + logoutMode = "[L]ogout, [S]uspend, [P]oweroff, [R]eboot"; + in { enable = true; swaynag.enable = true; wrapperFeatures.gtk = true; @@ -70,8 +72,20 @@ in { bars = []; keybindings = mkOptionDefault { + "Mod4+Shift+e" = ''mode "${logoutMode}"''; "Mod4+i" = "exec emacsclient --create-frame"; }; + + modes = mkOptionDefault { + "${logoutMode}" = { + "l" = "exec --no-startup-id swaymsg exit, mode default"; + #"s" = "exec --no-startup-id betterlockscreen --suspend, mode default"; + "p" = "exec --no-startup-id systemctl poweroff, mode default"; + "r" = "exec --no-startup-id systemctl reboot, mode default"; + "Escape" = "mode default"; + "Return" = "mode default"; + }; + }; startup = [ {command = "waybar";} ]; From e02738479991ad82589f8919b641c8a58fbd90ee Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 16 Feb 2025 18:05:00 +0100 Subject: [PATCH 186/309] talos: home: setup shikane for display autoswitch --- hosts/talos/home.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index abfd952..e23c301 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -31,6 +31,7 @@ in { (pkgs) ansel chromium # some websites only work there :( + shikane # output autoconfig zotero ; @@ -87,6 +88,7 @@ in { }; }; startup = [ + {command = "shikane";} {command = "waybar";} ]; }; From d52af230e2f99cfc6e122a3f5530ec9f9f155ae5 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 16 Feb 2025 18:05:57 +0100 Subject: [PATCH 187/309] talos: home: set hyprlock shortcut --- hosts/talos/home.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index e23c301..06a0ed9 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -31,6 +31,7 @@ in { (pkgs) ansel chromium # some websites only work there :( + hyprlock shikane # output autoconfig zotero ; @@ -75,6 +76,7 @@ in { keybindings = mkOptionDefault { "Mod4+Shift+e" = ''mode "${logoutMode}"''; "Mod4+i" = "exec emacsclient --create-frame"; + "Mod4+Control+l" = "exec hyprlock"; }; modes = mkOptionDefault { From f6306eab82db605a34fddc74fe089be005cb9b1f Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 16 Feb 2025 18:06:14 +0100 Subject: [PATCH 188/309] talos: home: try fuzzel for menu --- hosts/talos/home.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 06a0ed9..61bc614 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -89,6 +89,9 @@ in { "Return" = "mode default"; }; }; + + menu = "fuzzel --list-executables-in-path"; + startup = [ {command = "shikane";} {command = "waybar";} From e34b0f85b26058e15609ce312a9d03bb5849b28e Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 16 Feb 2025 18:06:31 +0100 Subject: [PATCH 189/309] talos: home: add nwg-displays to home packages --- hosts/talos/home.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 61bc614..834214a 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -32,6 +32,7 @@ in { ansel chromium # some websites only work there :( hyprlock + nwg-displays shikane # output autoconfig zotero ; From e08af2559b0363c81c749635f4d37139aa92a399 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 16 Feb 2025 18:06:46 +0100 Subject: [PATCH 190/309] talos: home: setup sound shortcuts --- hosts/talos/home.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 834214a..4d7c2b0 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -78,6 +78,9 @@ in { "Mod4+Shift+e" = ''mode "${logoutMode}"''; "Mod4+i" = "exec emacsclient --create-frame"; "Mod4+Control+l" = "exec hyprlock"; + "XF86AudioMute" = "exec wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; + "XF86AudioLowerVolume" = "exec wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%- -l 1.2"; + "XF86AudioRaiseVolume" = "exec wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+ -l 1.2"; }; modes = mkOptionDefault { From 87773282fc6fc86aff4f8209a9a4a4ba58d9ea58 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 17 Feb 2025 12:14:17 +0100 Subject: [PATCH 191/309] talos: home: brightness bindings --- hosts/talos/home.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 4d7c2b0..d2dae09 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -81,6 +81,8 @@ in { "XF86AudioMute" = "exec wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; "XF86AudioLowerVolume" = "exec wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%- -l 1.2"; "XF86AudioRaiseVolume" = "exec wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+ -l 1.2"; + "XF86MonBrightnessUp" = "exec light -A 5"; + "XF86MonBrightnessDown" = "exec light -U 5"; }; modes = mkOptionDefault { From 35aad1c28e17ceb62e00da4159a4451a43641786 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 17 Feb 2025 14:14:49 +0100 Subject: [PATCH 192/309] talos: home: include hyprlock the right way --- hosts/talos/home.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index d2dae09..97c1e64 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -31,7 +31,6 @@ in { (pkgs) ansel chromium # some websites only work there :( - hyprlock nwg-displays shikane # output autoconfig zotero @@ -45,6 +44,7 @@ in { wayland.windowManager.sway = let logoutMode = "[L]ogout, [S]uspend, [P]oweroff, [R]eboot"; + lock = "hyprlock --immediate"; in { enable = true; swaynag.enable = true; @@ -77,7 +77,7 @@ in { keybindings = mkOptionDefault { "Mod4+Shift+e" = ''mode "${logoutMode}"''; "Mod4+i" = "exec emacsclient --create-frame"; - "Mod4+Control+l" = "exec hyprlock"; + "Mod4+Control+l" = "exec ${lock}"; "XF86AudioMute" = "exec wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; "XF86AudioLowerVolume" = "exec wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%- -l 1.2"; "XF86AudioRaiseVolume" = "exec wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+ -l 1.2"; @@ -106,7 +106,7 @@ in { }; programs = { fuzzel.enable = true; - swaylock.enable = true; + hyprlock.enable = true; waybar = { enable = true; }; From d8de5ac7d3580bf4b41b6c3b755154592fccecd7 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 17 Feb 2025 14:15:27 +0100 Subject: [PATCH 193/309] talos: home: setup idling --- base/gui-programs.nix | 2 +- hosts/talos/home.nix | 14 ++++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/base/gui-programs.nix b/base/gui-programs.nix index 3586d81..0a0e47c 100644 --- a/base/gui-programs.nix +++ b/base/gui-programs.nix @@ -47,7 +47,7 @@ in { }; }; - logind.lidSwitch = "ignore"; + logind.lidSwitch = "suspend"; printing = { enable = true; diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 97c1e64..1d8c207 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -101,6 +101,7 @@ in { startup = [ {command = "shikane";} {command = "waybar";} + {command = "swayidle -w idlehint 1 before-sleep \"${lock}\"";} ]; }; }; @@ -112,4 +113,17 @@ in { }; }; }; + + # FIXME: belongs elsewhere + services = { + logind = { + lidSwitch = "suspend"; + lidSwitchExternalPower = "ignore"; + extraConfig = '' + IdleAction=suspend + IdleActionSec=10min + ''; + }; + upower.enable = true; + }; } From 659aed60d79fd4721568f7430699bdad8df725c4 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 17 Feb 2025 14:15:43 +0100 Subject: [PATCH 194/309] talos: home: setup swaybg --- hosts/talos/home.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 1d8c207..148c46e 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -33,6 +33,7 @@ in { chromium # some websites only work there :( nwg-displays shikane # output autoconfig + swaybg zotero ; @@ -101,6 +102,10 @@ in { startup = [ {command = "shikane";} {command = "waybar";} + { + command = "swaybg --image ~/.wallpaper --mode fill"; + always = true; + } {command = "swayidle -w idlehint 1 before-sleep \"${lock}\"";} ]; }; From a812afaf4adb6d9088e19b15d38bb6c468118bf4 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 17 Feb 2025 14:15:53 +0100 Subject: [PATCH 195/309] talos: home: handle lid switch in sway --- hosts/talos/home.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 148c46e..af80bbc 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -109,6 +109,11 @@ in { {command = "swayidle -w idlehint 1 before-sleep \"${lock}\"";} ]; }; + + extraConfig = '' + bindswitch --reload --locked lid:off output eDP-1 enable; + bindswitch --reload --locked lid:on output eDP-1 disable; + ''; }; programs = { fuzzel.enable = true; From 6c04235b488e68bd69ef6acbc9b57f6dcc482ea4 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 17 Feb 2025 14:16:43 +0100 Subject: [PATCH 196/309] talos: home: provide shortcut to reload displays --- hosts/talos/home.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index af80bbc..8ea4938 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -76,6 +76,7 @@ in { bars = []; keybindings = mkOptionDefault { + "Mod4+Shift+a" = "exec shikanectl reload"; "Mod4+Shift+e" = ''mode "${logoutMode}"''; "Mod4+i" = "exec emacsclient --create-frame"; "Mod4+Control+l" = "exec ${lock}"; From a22e79693def0741635cdf36732ccfe84cd5eb5e Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 17 Feb 2025 15:00:09 +0100 Subject: [PATCH 197/309] talos: home: swaylock works better --- hosts/talos/home.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 8ea4938..32c1509 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -45,7 +45,7 @@ in { wayland.windowManager.sway = let logoutMode = "[L]ogout, [S]uspend, [P]oweroff, [R]eboot"; - lock = "hyprlock --immediate"; + lock = "swaylock --daemonize --image ~/.wallpaper --scaling fill"; in { enable = true; swaynag.enable = true; @@ -118,7 +118,7 @@ in { }; programs = { fuzzel.enable = true; - hyprlock.enable = true; + swaylock.enable = true; waybar = { enable = true; }; From 62558b3dc08c5bc490f90a754546403a448619f9 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 17 Feb 2025 15:00:22 +0100 Subject: [PATCH 198/309] talos: home: bring back suspend shortcut --- hosts/talos/home.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 32c1509..39aeb5b 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -90,7 +90,7 @@ in { modes = mkOptionDefault { "${logoutMode}" = { "l" = "exec --no-startup-id swaymsg exit, mode default"; - #"s" = "exec --no-startup-id betterlockscreen --suspend, mode default"; + "s" = "exec --no-startup-id systemctl suspend, mode default"; "p" = "exec --no-startup-id systemctl poweroff, mode default"; "r" = "exec --no-startup-id systemctl reboot, mode default"; "Escape" = "mode default"; From 61b72a89e773c77cdf30542fc1ec7dac581812a1 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 17 Feb 2025 21:21:07 +0100 Subject: [PATCH 199/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs-unstable-small': 'github:NixOS/nixpkgs/970c26517231e07b71f3eaaa9aa2ebe539c354d3' (2025-01-27) → 'github:NixOS/nixpkgs/1ead14e49dfa47e91e68df64ef3dbf036809c742' (2025-02-17) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index f288495..f567b65 100644 --- a/flake.lock +++ b/flake.lock @@ -264,11 +264,11 @@ }, "nixpkgs-unstable-small": { "locked": { - "lastModified": 1737959576, - "narHash": "sha256-eEOiMxfxYSLa/8jcDZEK46TjqLO+8cJ5C9ufHXz1oIw=", + "lastModified": 1739776882, + "narHash": "sha256-PAiogZP1rLOwSkoL8eNgnbcobe5AqIq+Zc8A9NNFv+A=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "970c26517231e07b71f3eaaa9aa2ebe539c354d3", + "rev": "1ead14e49dfa47e91e68df64ef3dbf036809c742", "type": "github" }, "original": { From 3e01412e7fbb925919aef82c03a5bee8433552b1 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 17 Feb 2025 22:59:22 +0100 Subject: [PATCH 200/309] talos: home: unblur electron apps This is an obscure NixOS environment variable only mentioned in a changelog, but it does the right thing --- hosts/talos/home.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 39aeb5b..2be85f8 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -116,6 +116,7 @@ in { bindswitch --reload --locked lid:on output eDP-1 disable; ''; }; + programs = { fuzzel.enable = true; swaylock.enable = true; @@ -123,6 +124,10 @@ in { enable = true; }; }; + + home.sessionVariables = { + NIXOS_OZONE_WL = "1"; + }; }; # FIXME: belongs elsewhere From c8648b18b4a6b82aaad5df23628d519bacd38ffe Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 17 Feb 2025 23:00:11 +0100 Subject: [PATCH 201/309] talos: home: use catppuccin theme for sway --- hosts/talos/home.nix | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 2be85f8..68a8336 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -114,6 +114,41 @@ in { extraConfig = '' bindswitch --reload --locked lid:off output eDP-1 enable; bindswitch --reload --locked lid:on output eDP-1 disable; + + set $rosewater #dc8a78 + set $flamingo #dd7878 + set $pink #ea76cb + set $mauve #8839ef + set $red #d20f39 + set $maroon #e64553 + set $peach #fe640b + set $yellow #df8e1d + set $green #40a02b + set $teal #179299 + set $sky #04a5e5 + set $sapphire #209fb5 + set $blue #1e66f5 + set $lavender #7287fd + set $text #4c4f69 + set $subtext1 #5c5f77 + set $subtext0 #6c6f85 + set $overlay2 #7c7f93 + set $overlay1 #8c8fa1 + set $overlay0 #9ca0b0 + set $surface2 #acb0be + set $surface1 #bcc0cc + set $surface0 #ccd0da + set $base #eff1f5 + set $mantle #e6e9ef + set $crust #dce0e8 + + # target title bg text indicator border + client.focused $lavender $base $text $rosewater $lavender + client.focused_inactive $overlay0 $base $text $rosewater $overlay0 + client.unfocused $overlay0 $base $text $rosewater $overlay0 + client.urgent $peach $base $peach $overlay0 $peach + client.placeholder $overlay0 $base $text $overlay0 $overlay0 + client.background $base ''; }; From 2c710520304b395070ea6e1a248550b126f16431 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 18 Feb 2025 22:33:46 +0100 Subject: [PATCH 202/309] home: x: cursors: switch to bibata Let's try some changes --- home/x/cursor.nix | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/home/x/cursor.nix b/home/x/cursor.nix index 04378b0..aa3ebbb 100644 --- a/home/x/cursor.nix +++ b/home/x/cursor.nix @@ -16,12 +16,16 @@ in { config = mkIf cfg.enable { home.pointerCursor = { - package = pkgs.capitaine-cursors; - name = "capitaine-cursors"; - # available sizes for capitaine-cursors are: - # 24, 30, 36, 48, 60, 72 - size = 30; + #package = pkgs.capitaine-cursors; + #name = "capitaine-cursors"; + #package = pkgs.catppuccin-cursors.frappeDark; + #name = "catppuccin-frappe-dark-cursors"; + package = pkgs.bibata-cursors; + name = "Bibata-Modern-Classic"; + # https://unix.stackexchange.com/a/743543 + size = 24; x11.enable = true; + gtk.enable = true; }; }; } From 2e53d24159a968e576813512c83b1e13fba3ae65 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 18 Feb 2025 22:34:13 +0100 Subject: [PATCH 203/309] home: emacs: switch to nerdfont patched font --- home/emacs.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/home/emacs.nix b/home/emacs.nix index 5935972..8139f5e 100644 --- a/home/emacs.nix +++ b/home/emacs.nix @@ -27,7 +27,11 @@ in { # fonts used by my config emacs-all-the-icons-fonts - iosevka-bin + ; + + inherit + (pkgs.unstable.nerd-fonts) + iosevka ; }; # make sure above fonts are discoverable From b4d0d5f0a0964ea1f9354fa2191d5b7c405ae767 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 21 Feb 2025 22:00:30 +0100 Subject: [PATCH 204/309] home: tmux: disable escape time How am I only finding out about this now? --- home/tmux.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/tmux.nix b/home/tmux.nix index 3f72959..47f5cc3 100644 --- a/home/tmux.nix +++ b/home/tmux.nix @@ -19,6 +19,7 @@ in { config = mkIf cfg.enable { programs.tmux = { enable = true; + escapeTime = 0; baseIndex = 1; terminal = "screen-256color"; clock24 = true; From e14c5f31223514fc9c078d1ce19753d99bd17f13 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 21 Feb 2025 22:00:56 +0100 Subject: [PATCH 205/309] talos: home: put some gaps in sway --- hosts/talos/home.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 68a8336..e4c87c8 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -149,6 +149,11 @@ in { client.urgent $peach $base $peach $overlay0 $peach client.placeholder $overlay0 $base $text $overlay0 $overlay0 client.background $base + + smart_borders on + default_border pixel 3 + gaps inner 5 + gaps outer 3 ''; }; From bce3b20232a613b788762e80496245a494437fc2 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 22 Feb 2025 16:12:44 +0100 Subject: [PATCH 206/309] Back out "hades: remove gitlab runners" This backs out commit 771ba29fb212d2fcb69d23c07483b0d7af74af19. --- hosts/hades/default.nix | 51 +++++++++++++++++++ hosts/hades/secrets.nix | 3 ++ .../gitlab-runner/hades-nix-runner-env.age | 8 +++ .../gitlab-runner/hades-runner-env.age | 7 +++ modules/secrets/secrets.nix | 2 + 5 files changed, 71 insertions(+) create mode 100644 modules/secrets/gitlab-runner/hades-nix-runner-env.age create mode 100644 modules/secrets/gitlab-runner/hades-runner-env.age diff --git a/hosts/hades/default.nix b/hosts/hades/default.nix index 0117199..2b84d21 100644 --- a/hosts/hades/default.nix +++ b/hosts/hades/default.nix @@ -157,6 +157,57 @@ in { services = { openssh.enable = true; vnstat.enable = true; + + gitlab-runner = { + enable = true; + settings = { + concurrent = 4; + }; + services = { + nix = { + authenticationTokenConfigFile = config.age.secrets."gitlab-runner/hades-nix-runner-env".path; + dockerImage = "alpine"; + dockerVolumes = [ + "/nix/store:/nix/store:ro" + "/nix/var/nix/db:/nix/var/nix/db:ro" + "/nix/var/nix/daemon-socket:/nix/var/nix/daemon-socket:ro" + ]; + dockerDisableCache = true; + preBuildScript = pkgs.writeScript "setup-container" '' + mkdir -p -m 0755 /nix/var/log/nix/drvs + mkdir -p -m 0755 /nix/var/nix/gcroots + mkdir -p -m 0755 /nix/var/nix/profiles + mkdir -p -m 0755 /nix/var/nix/temproots + mkdir -p -m 0755 /nix/var/nix/userpool + mkdir -p -m 1777 /nix/var/nix/gcroots/per-user + mkdir -p -m 1777 /nix/var/nix/profiles/per-user + mkdir -p -m 0755 /nix/var/nix/profiles/per-user/root + mkdir -p -m 0700 "$HOME/.nix-defexpr" + + . ${pkgs.nix}/etc/profile.d/nix.sh + + ${pkgs.nix}/bin/nix-env -i ${lib.concatStringsSep " " (with pkgs; [nix cacert git openssh])} + + ${pkgs.nix}/bin/nix-channel --add https://nixos.org/channels/nixpkgs-unstable + ${pkgs.nix}/bin/nix-channel --update nixpkgs + + mkdir -p ~/.config/nix + echo "experimental-features = nix-command flakes" > ~/.config/nix/nix.conf + ''; + environmentVariables = { + ENV = "/etc/profile"; + USER = "root"; + NIX_REMOTE = "daemon"; + PATH = "/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/default/sbin:/bin:/sbin:/usr/bin:/usr/sbin"; + NIX_SSL_CERT_FILE = "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"; + }; + }; + default = { + authenticationTokenConfigFile = config.age.secrets."gitlab-runner/hades-runner-env".path; + dockerImage = "debian:stable"; + }; + }; + }; }; virtualisation.docker.enable = true; diff --git a/hosts/hades/secrets.nix b/hosts/hades/secrets.nix index 390cc7e..2623fe8 100644 --- a/hosts/hades/secrets.nix +++ b/hosts/hades/secrets.nix @@ -13,6 +13,9 @@ // attrs; in lib.mapAttrs toSecret { + "gitlab-runner/hades-nix-runner-env" = {}; + "gitlab-runner/hades-runner-env" = {}; + "lohr/shared-secret" = {}; "matrix-synapse/secret-config" = { diff --git a/modules/secrets/gitlab-runner/hades-nix-runner-env.age b/modules/secrets/gitlab-runner/hades-nix-runner-env.age new file mode 100644 index 0000000..ce66f97 --- /dev/null +++ b/modules/secrets/gitlab-runner/hades-nix-runner-env.age @@ -0,0 +1,8 @@ +age-encryption.org/v1 +-> ssh-ed25519 k2gHjw 0Qkzquxwa8PSNg6yq+CsfC4JfPLfxEIBKq1krrynlxg +QOHmNCQsV10zSnYvEeSpK95oXXlS+J4pw6EIR1KzxoU +-> ssh-ed25519 pX8y2g YbFzF2/mWizY4SOnNKzkcBEEsHYc1mTCpzWZ5vf6Zy0 +p2E9Uh0rWa8qbf2SvB5e4lxS+MEx5KGumKd28UHW0/0 +--- naIsBkYqZMgekqmxTgESGMuFIKoagS68mfXbid7k9e0 +U<"{24>e^*Cg f{vI_Foe3.6,cFK +$9]@{~L \ No newline at end of file diff --git a/modules/secrets/gitlab-runner/hades-runner-env.age b/modules/secrets/gitlab-runner/hades-runner-env.age new file mode 100644 index 0000000..b72657d --- /dev/null +++ b/modules/secrets/gitlab-runner/hades-runner-env.age @@ -0,0 +1,7 @@ +age-encryption.org/v1 +-> ssh-ed25519 k2gHjw EQkuI0FlwczzVWR3wvx+lXUNd0NnUjpBhOhmmIJ8Xhk +SXMz4M9n7kcuacBkJUg//iLYLJ5qP2BlQnD2zALskuw +-> ssh-ed25519 pX8y2g fmzHtkHXHjHiva7dGs7Khof1VzMMj6CLC4oghYf7lEk +Yx6G693eo5EqviIj/8t5JWjziYCSSJlwDNG92FPc7ro +--- /vsxhnYSHZFsDJtDbl8TKTgDS/XwqkTOXB2isT6K+LY +bǙ) Date: Sat, 22 Feb 2025 16:14:29 +0100 Subject: [PATCH 207/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/254d47082e23dbf72fdeca1da6fe1da420f478d8' (2025-02-14) → 'github:nix-community/home-manager/9d3d080aec2a35e05a15cedd281c2384767c2cfe' (2025-02-17) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/2eccff41bab80839b1d25b303b53d339fbb07087' (2025-02-06) → 'github:NixOS/nixos-hardware/18e9f9753e9ae261bcc7d3abe15745686991fd30' (2025-02-20) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/0ff09db9d034a04acd4e8908820ba0b410d7a33a' (2025-02-12) → 'github:NixOS/nixpkgs/36864ed72f234b9540da4cf7a0c49e351d30d3f1' (2025-02-19) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index f567b65..dfac477 100644 --- a/flake.lock +++ b/flake.lock @@ -160,11 +160,11 @@ ] }, "locked": { - "lastModified": 1739570999, - "narHash": "sha256-eCc0/Q4bPpe4/AS+uzIrHLJcR6BxPQ69q2kD0/Qe6rU=", + "lastModified": 1739757849, + "narHash": "sha256-Gs076ot1YuAAsYVcyidLKUMIc4ooOaRGO0PqTY7sBzA=", "owner": "nix-community", "repo": "home-manager", - "rev": "254d47082e23dbf72fdeca1da6fe1da420f478d8", + "rev": "9d3d080aec2a35e05a15cedd281c2384767c2cfe", "type": "github" }, "original": { @@ -232,11 +232,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1738816619, - "narHash": "sha256-5yRlg48XmpcX5b5HesdGMOte+YuCy9rzQkJz+imcu6I=", + "lastModified": 1740089251, + "narHash": "sha256-Y78mDBWoO8CLLTjQfPfII+KXFb6lAmF9GrLbyVBsIMM=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "2eccff41bab80839b1d25b303b53d339fbb07087", + "rev": "18e9f9753e9ae261bcc7d3abe15745686991fd30", "type": "github" }, "original": { @@ -312,11 +312,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1739357830, - "narHash": "sha256-9xim3nJJUFbVbJCz48UP4fGRStVW5nv4VdbimbKxJ3I=", + "lastModified": 1739923778, + "narHash": "sha256-BqUY8tz0AQ4to2Z4+uaKczh81zsGZSYxjgvtw+fvIfM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0ff09db9d034a04acd4e8908820ba0b410d7a33a", + "rev": "36864ed72f234b9540da4cf7a0c49e351d30d3f1", "type": "github" }, "original": { From 53b9483da1decc2e0020bf1eaac2fa0e8cabf465 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 23 Feb 2025 20:04:55 +0100 Subject: [PATCH 208/309] Back out "flake.lock: Update" This backs out commit 61b72a89e773c77cdf30542fc1ec7dac581812a1. --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index dfac477..c42a97a 100644 --- a/flake.lock +++ b/flake.lock @@ -264,11 +264,11 @@ }, "nixpkgs-unstable-small": { "locked": { - "lastModified": 1739776882, - "narHash": "sha256-PAiogZP1rLOwSkoL8eNgnbcobe5AqIq+Zc8A9NNFv+A=", + "lastModified": 1737959576, + "narHash": "sha256-eEOiMxfxYSLa/8jcDZEK46TjqLO+8cJ5C9ufHXz1oIw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1ead14e49dfa47e91e68df64ef3dbf036809c742", + "rev": "970c26517231e07b71f3eaaa9aa2ebe539c354d3", "type": "github" }, "original": { From 9479b886fec75205fc8f04045b01f6d1b3ad1b6a Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 22 Feb 2025 16:14:32 +0100 Subject: [PATCH 209/309] hades: remove default runner --- hosts/hades/default.nix | 4 ---- hosts/hades/secrets.nix | 1 - modules/secrets/gitlab-runner/hades-runner-env.age | 7 ------- modules/secrets/secrets.nix | 1 - 4 files changed, 13 deletions(-) delete mode 100644 modules/secrets/gitlab-runner/hades-runner-env.age diff --git a/hosts/hades/default.nix b/hosts/hades/default.nix index 2b84d21..dbbff5c 100644 --- a/hosts/hades/default.nix +++ b/hosts/hades/default.nix @@ -202,10 +202,6 @@ in { NIX_SSL_CERT_FILE = "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"; }; }; - default = { - authenticationTokenConfigFile = config.age.secrets."gitlab-runner/hades-runner-env".path; - dockerImage = "debian:stable"; - }; }; }; }; diff --git a/hosts/hades/secrets.nix b/hosts/hades/secrets.nix index 2623fe8..eb0fa3b 100644 --- a/hosts/hades/secrets.nix +++ b/hosts/hades/secrets.nix @@ -14,7 +14,6 @@ in lib.mapAttrs toSecret { "gitlab-runner/hades-nix-runner-env" = {}; - "gitlab-runner/hades-runner-env" = {}; "lohr/shared-secret" = {}; diff --git a/modules/secrets/gitlab-runner/hades-runner-env.age b/modules/secrets/gitlab-runner/hades-runner-env.age deleted file mode 100644 index b72657d..0000000 --- a/modules/secrets/gitlab-runner/hades-runner-env.age +++ /dev/null @@ -1,7 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 k2gHjw EQkuI0FlwczzVWR3wvx+lXUNd0NnUjpBhOhmmIJ8Xhk -SXMz4M9n7kcuacBkJUg//iLYLJ5qP2BlQnD2zALskuw --> ssh-ed25519 pX8y2g fmzHtkHXHjHiva7dGs7Khof1VzMMj6CLC4oghYf7lEk -Yx6G693eo5EqviIj/8t5JWjziYCSSJlwDNG92FPc7ro ---- /vsxhnYSHZFsDJtDbl8TKTgDS/XwqkTOXB2isT6K+LY -bǙ) Date: Sat, 22 Feb 2025 16:14:32 +0100 Subject: [PATCH 210/309] services: lohr: bump commit --- services/lohr.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/lohr.nix b/services/lohr.nix index a86a0b3..cc491a8 100644 --- a/services/lohr.nix +++ b/services/lohr.nix @@ -20,7 +20,7 @@ secrets = config.my.secrets; lohrPkg = let - flake = builtins.getFlake "github:alarsyo/lohr?rev=58503cc8b95c8b627f6ae7e56740609e91f323cd"; + flake = builtins.getFlake "github:alarsyo/lohr?rev=cdb5808c0ced349c027aa203fda52afe95782b26"; in flake.defaultPackage."x86_64-linux"; # FIXME: use correct system in { From 732f513eb58fcfc981d2b99c7f5f6f62d05c54bf Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 22 Feb 2025 16:14:32 +0100 Subject: [PATCH 211/309] talos: home: tweak font size --- hosts/talos/home.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index e4c87c8..339485b 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -71,7 +71,7 @@ in { }; fonts = { names = ["Iosevka Fixed" "FontAwesome6Free"]; - size = 8.0; + size = 9.0; }; bars = []; From 49de758a72ac0970ee51adfec7ba6707ef58cffc Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 22 Feb 2025 16:14:32 +0100 Subject: [PATCH 212/309] talos: home: enable touchpad swipe --- hosts/talos/home.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 339485b..8da7d9a 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -115,6 +115,9 @@ in { bindswitch --reload --locked lid:off output eDP-1 enable; bindswitch --reload --locked lid:on output eDP-1 disable; + bindgesture swipe:right workspace prev + bindgesture swipe:left workspace next + set $rosewater #dc8a78 set $flamingo #dd7878 set $pink #ea76cb From 1068a3a04126700836d5391f41bb621ced3ed4c4 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 22 Feb 2025 16:14:32 +0100 Subject: [PATCH 213/309] talos: home: tweak colors for focused windows --- hosts/talos/home.nix | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 8da7d9a..ebce731 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -145,12 +145,12 @@ in { set $mantle #e6e9ef set $crust #dce0e8 - # target title bg text indicator border - client.focused $lavender $base $text $rosewater $lavender - client.focused_inactive $overlay0 $base $text $rosewater $overlay0 - client.unfocused $overlay0 $base $text $rosewater $overlay0 - client.urgent $peach $base $peach $overlay0 $peach - client.placeholder $overlay0 $base $text $overlay0 $overlay0 + # target title bg text indicator border + client.focused $lavender $lavender $base $rosewater $lavender + client.focused_inactive $overlay0 $base $text $rosewater $overlay0 + client.unfocused $overlay0 $base $text $rosewater $overlay0 + client.urgent $peach $base $peach $overlay0 $peach + client.placeholder $overlay0 $base $text $overlay0 $overlay0 client.background $base smart_borders on From 428fb20ecf16e73ba8191710ad86c6b16e7e2fd4 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 22 Feb 2025 16:14:32 +0100 Subject: [PATCH 214/309] home: tmux: switch to catppuccin for tmux theme --- home/tmux.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/home/tmux.nix b/home/tmux.nix index 47f5cc3..45401c3 100644 --- a/home/tmux.nix +++ b/home/tmux.nix @@ -34,9 +34,10 @@ in { ''; } { - plugin = tmuxPlugins.tmux-colors-solarized; + plugin = pkgs.tmuxPlugins.catppuccin; extraConfig = '' - set -g @colors-solarized 'light' + set -g @catppuccin_flavor 'latte' + set -g @catppuccin_window_status_style "rounded" ''; } ]; From ced4f2be27f7382a4d5d5a9b55dec9d267dae65e Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 22 Feb 2025 16:14:32 +0100 Subject: [PATCH 215/309] talos: home: setup wlsunset --- hosts/talos/home.nix | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index ebce731..519822a 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -23,8 +23,19 @@ in { my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight; - # TODO: place in global home conf - services.dunst.enable = true; + services = { + # TODO: place in global home conf + dunst.enable = true; + wlsunset = { + enable = true; + latitude = 48.9; + longitude = 2.3; + temperature = { + day = 6500; + night = 3500; + }; + }; + }; home.packages = builtins.attrValues { inherit From 9045c7dcd4c8c8bc7d8de09fa42435eda0c04f7d Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 22 Feb 2025 16:14:32 +0100 Subject: [PATCH 216/309] talos: home: setup darkman --- hosts/talos/default.nix | 9 +++++++++ hosts/talos/home.nix | 7 +++++++ 2 files changed, 16 insertions(+) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 1b475c4..422cc56 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -158,6 +158,8 @@ environment.systemPackages = [ pkgs.foot + # FIXME: is this needed? + pkgs.darkman ]; #programs.hyprland.enable = true; @@ -166,6 +168,13 @@ wrapperFeatures.gtk = true; }; + # TODO: These are overriden by files from + # ~/.config/xdg-desktop-portal/sway-portals.conf so they should be moved to + # home + xdg.portal.config.sway = { + "org.freedesktop.impl.portal.Settings" = "darkman"; + }; + # Copy the NixOS configuration file and link it from the resulting system # (/run/current-system/configuration.nix). This is useful in case you # accidentally delete configuration.nix. diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 519822a..6c666ad 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -35,6 +35,13 @@ in { night = 3500; }; }; + darkman = { + enable = true; + settings = { + lat = 48.9; + lng = 2.3; + }; + }; }; home.packages = builtins.attrValues { From 119954200eadd58ffb8a707928fb8e1d2a28e010 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 22 Feb 2025 16:14:32 +0100 Subject: [PATCH 217/309] talos: fix Firefox inhibit behavior See https://github.com/flatpak/xdg-desktop-portal-gtk/issues/465 for details about the issue. TL;DR: x-d-p-gtk doesn't report a failure to handle the idle inhibit to Firefox, so Firefox doesn't fallback to the Wayland protocol. --- hosts/talos/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index 422cc56..a8e3cd9 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -173,6 +173,7 @@ # home xdg.portal.config.sway = { "org.freedesktop.impl.portal.Settings" = "darkman"; + "org.freedesktop.impl.portal.Inhibit" = "none"; }; # Copy the NixOS configuration file and link it from the resulting system From e758c5f21590108d3f13efde9e3a5f0216c06434 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 28 Feb 2025 12:36:08 +0100 Subject: [PATCH 218/309] home: add jj config and add jj to home path --- base/programs.nix | 1 - home/default.nix | 1 + home/jj.nix | 8 +++++ home/jj/config.toml | 71 +++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 80 insertions(+), 1 deletion(-) create mode 100644 home/jj.nix create mode 100644 home/jj/config.toml diff --git a/base/programs.nix b/base/programs.nix index 08a62ad..3655de8 100644 --- a/base/programs.nix +++ b/base/programs.nix @@ -30,7 +30,6 @@ pciutils usbutils # development - jujutsu git git-crypt git-lfs diff --git a/home/default.nix b/home/default.nix index 6cdce61..570fbd4 100644 --- a/home/default.nix +++ b/home/default.nix @@ -10,6 +10,7 @@ ./flameshot.nix ./git.nix ./gtk.nix + ./jj.nix ./laptop.nix ./mail.nix ./rbw.nix diff --git a/home/jj.nix b/home/jj.nix new file mode 100644 index 0000000..5f266f8 --- /dev/null +++ b/home/jj.nix @@ -0,0 +1,8 @@ +{pkgs, ...}: { + home.packages = [ + pkgs.jujutsu + ]; + xdg.configFile = { + "jj/config.toml".source = ./jj/config.toml; + }; +} diff --git a/home/jj/config.toml b/home/jj/config.toml new file mode 100644 index 0000000..9d71fae --- /dev/null +++ b/home/jj/config.toml @@ -0,0 +1,71 @@ +[user] +name = "Antoine Martin" +email = "antoine@alarsyo.net" + +[ui] +diff-editor = ":builtin" +paginate = "auto" +editor = "vim" +pager = "less -FRX" +default-command = "log" + +[ui.movement] +edit = false + +[git] +subprocess = true + +[snapshot] +auto-track = "none()" + +[aliases] +pdiff = ["diff", "-r", "@-"] +tug = ["bookmark", "move", "--from", "closest_bookmark(@-)", "--to", "@-"] +ll = ["log", "-T", "builtin_log_detailed"] +l = ["log", "-T", "builtin_log_compact"] + +[revset-aliases] +'closest_bookmark(to)' = 'heads(::to & bookmarks())' + +[templates] +log = "builtin_log_comfortable" + +log_node = ''' +coalesce( + if(!self, label("elided", "~")), + label( + separate(" ", + if(current_working_copy, "working_copy"), + if(immutable, "immutable"), + if(conflict, "conflict"), + if(description.starts_with("wip:"), "wip"), + if(description.starts_with("private:"), "private"), + ), + coalesce( + if(current_working_copy, "@"), + if(immutable, "◆"), + if(conflict, "×"), + if(description.starts_with("wip:"), "🔒"), + if(description.starts_with("private:"), "🔒"), + "○", + ) + ) +) +''' + +[template-aliases] + +[[--scope]] +--when.repositories = ["~/work/lrde/"] +[--scope.user] +email = "amartin@lrde.epita.fr" + +[[--scope]] +--when.repositories = ["~/work/prologin/"] +[--scope.user] +email = "antoine.martin@prologin.org" + +[[--scope]] +--when.repositories = ["~/work/epita/"] +[--scope.user] +email = "antoine4.martin@epita.fr" From 75e6492a415c7ce8ea17286ca5118cb980fb6e99 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 28 Feb 2025 14:36:27 +0100 Subject: [PATCH 219/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/18e9f9753e9ae261bcc7d3abe15745686991fd30' (2025-02-20) → 'github:NixOS/nixos-hardware/009b764ac98a3602d41fc68072eeec5d24fc0e49' (2025-02-27) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/36864ed72f234b9540da4cf7a0c49e351d30d3f1' (2025-02-19) → 'github:NixOS/nixpkgs/f44bd8ca21e026135061a0a57dcf3d0775b67a49' (2025-02-26) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index c42a97a..f8bf6e7 100644 --- a/flake.lock +++ b/flake.lock @@ -232,11 +232,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1740089251, - "narHash": "sha256-Y78mDBWoO8CLLTjQfPfII+KXFb6lAmF9GrLbyVBsIMM=", + "lastModified": 1740646007, + "narHash": "sha256-dMReDQobS3kqoiUCQIYI9c0imPXRZnBubX20yX/G5LE=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "18e9f9753e9ae261bcc7d3abe15745686991fd30", + "rev": "009b764ac98a3602d41fc68072eeec5d24fc0e49", "type": "github" }, "original": { @@ -312,11 +312,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1739923778, - "narHash": "sha256-BqUY8tz0AQ4to2Z4+uaKczh81zsGZSYxjgvtw+fvIfM=", + "lastModified": 1740603184, + "narHash": "sha256-t+VaahjQAWyA+Ctn2idyo1yxRIYpaDxMgHkgCNiMJa4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "36864ed72f234b9540da4cf7a0c49e351d30d3f1", + "rev": "f44bd8ca21e026135061a0a57dcf3d0775b67a49", "type": "github" }, "original": { From 6dab695fed9cf10dd3e83daa5d5c7e1562618a37 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 28 Feb 2025 15:10:20 +0100 Subject: [PATCH 220/309] flake: use nixpkgs for jujutsu input --- flake.lock | 22 ++++------------------ flake.nix | 1 + 2 files changed, 5 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index f8bf6e7..448fcb5 100644 --- a/flake.lock +++ b/flake.lock @@ -177,7 +177,9 @@ "jujutsu": { "inputs": { "flake-utils": "flake-utils_2", - "nixpkgs": "nixpkgs_3", + "nixpkgs": [ + "nixpkgs" + ], "rust-overlay": "rust-overlay" }, "locked": { @@ -295,22 +297,6 @@ } }, "nixpkgs_3": { - "locked": { - "lastModified": 1731890469, - "narHash": "sha256-D1FNZ70NmQEwNxpSSdTXCSklBH1z2isPR84J6DQrJGs=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "5083ec887760adfe12af64830a66807423a859a7", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { "locked": { "lastModified": 1740603184, "narHash": "sha256-t+VaahjQAWyA+Ctn2idyo1yxRIYpaDxMgHkgCNiMJa4=", @@ -335,7 +321,7 @@ "jujutsu": "jujutsu", "lix-module": "lix-module", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_3", "nixpkgs-unstable-small": "nixpkgs-unstable-small" } }, diff --git a/flake.nix b/flake.nix index 01005c3..6d36b6b 100644 --- a/flake.nix +++ b/flake.nix @@ -60,6 +60,7 @@ owner = "jj-vcs"; repo = "jj"; ref = "v0.26.0"; + inputs.nixpkgs.follows = "nixpkgs"; }; }; From ba4d2ef80ccdfe4aac82c3e87d0ef8ace7de42a3 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 28 Feb 2025 15:10:20 +0100 Subject: [PATCH 221/309] home: jj: log and status as default command --- home/jj/config.toml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/home/jj/config.toml b/home/jj/config.toml index 9d71fae..730916e 100644 --- a/home/jj/config.toml +++ b/home/jj/config.toml @@ -7,7 +7,7 @@ diff-editor = ":builtin" paginate = "auto" editor = "vim" pager = "less -FRX" -default-command = "log" +default-command = "logstatus" [ui.movement] edit = false @@ -23,6 +23,7 @@ pdiff = ["diff", "-r", "@-"] tug = ["bookmark", "move", "--from", "closest_bookmark(@-)", "--to", "@-"] ll = ["log", "-T", "builtin_log_detailed"] l = ["log", "-T", "builtin_log_compact"] +logstatus = ["util", "exec", "--", "sh", "-c", "jj status && jj log"] [revset-aliases] 'closest_bookmark(to)' = 'heads(::to & bookmarks())' From 249683949d372e9cdc86575502b04b8c1ced0711 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 1 Mar 2025 21:11:06 +0100 Subject: [PATCH 222/309] home: emacs: bump to emacs 30 --- home/emacs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/emacs.nix b/home/emacs.nix index 8139f5e..8b46881 100644 --- a/home/emacs.nix +++ b/home/emacs.nix @@ -46,7 +46,7 @@ in { programs.emacs = { enable = true; - package = pkgs.emacs29-pgtk; + package = pkgs.emacs30-pgtk; extraPackages = epkgs: [epkgs.vterm epkgs.pdf-tools pkgs.lilypond epkgs.mu4e]; }; }; From dfcae02467cc44fdb3948673e77219d8f6c7448e Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 6 Mar 2025 16:33:38 +0100 Subject: [PATCH 223/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/f44bd8ca21e026135061a0a57dcf3d0775b67a49' (2025-02-26) → 'github:NixOS/nixpkgs/6af28b834daca767a7ef99f8a7defa957d0ade6f' (2025-03-04) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 448fcb5..d5cd130 100644 --- a/flake.lock +++ b/flake.lock @@ -298,11 +298,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1740603184, - "narHash": "sha256-t+VaahjQAWyA+Ctn2idyo1yxRIYpaDxMgHkgCNiMJa4=", + "lastModified": 1741048562, + "narHash": "sha256-W4YZ3fvWZiFYYyd900kh8P8wU6DHSiwaH0j4+fai1Sk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f44bd8ca21e026135061a0a57dcf3d0775b67a49", + "rev": "6af28b834daca767a7ef99f8a7defa957d0ade6f", "type": "github" }, "original": { From 3d405d43f161051ef4caab2189d42d37a9443e7d Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 6 Mar 2025 16:33:45 +0100 Subject: [PATCH 224/309] flake: bump jj to v0.27.0 --- flake.lock | 8 ++++---- flake.nix | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index d5cd130..5d4fe9d 100644 --- a/flake.lock +++ b/flake.lock @@ -183,16 +183,16 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1738805560, - "narHash": "sha256-jGy+0VDxQrgNhj+eX06FRhPP31V8QZVAM4j4yBosAGE=", + "lastModified": 1741218530, + "narHash": "sha256-fBgJrSglH46+NHu3spk5mC51ASDHWnOoW6veKZ0R2YA=", "owner": "jj-vcs", "repo": "jj", - "rev": "613742dfbbd89324b25672a75ef8ce9e671ae0d3", + "rev": "6ce7a77da5a18343f4f3effef49b77428e43bc74", "type": "github" }, "original": { "owner": "jj-vcs", - "ref": "v0.26.0", + "ref": "v0.27.0", "repo": "jj", "type": "github" } diff --git a/flake.nix b/flake.nix index 6d36b6b..7756c0d 100644 --- a/flake.nix +++ b/flake.nix @@ -59,7 +59,7 @@ type = "github"; owner = "jj-vcs"; repo = "jj"; - ref = "v0.26.0"; + ref = "v0.27.0"; inputs.nixpkgs.follows = "nixpkgs"; }; }; From 13b76ea50bf48bb82cbe05a65d1e73abb0165744 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 6 Mar 2025 16:33:45 +0100 Subject: [PATCH 225/309] home: i3bar: only enable when i3 is used notmuch is broken in nixpkgs right now and i3status-rust depended on it. This broke my config's build, but I don't actually use i3status-rust anymore since I switched to Sway on Wayland. --- home/x/i3bar.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/x/i3bar.nix b/home/x/i3bar.nix index 3ac8b63..a00e483 100644 --- a/home/x/i3bar.nix +++ b/home/x/i3bar.nix @@ -13,7 +13,7 @@ types ; - isEnabled = config.my.home.x.enable; + isEnabled = config.my.home.x.i3.enable; i3BarTheme = config.my.theme.i3BarTheme; cfg = config.my.home.x.i3bar; in { From b17195c0cf0b520f87e24df10031843eda64e43d Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 6 Mar 2025 16:33:45 +0100 Subject: [PATCH 226/309] talos: home: include font-awesome Since this was removed when disabling the i3bar module in the previous commit, enable locally. --- hosts/talos/home.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 6c666ad..f9e9f06 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -49,6 +49,7 @@ in { (pkgs) ansel chromium # some websites only work there :( + font-awesome # for pretty icons nwg-displays shikane # output autoconfig swaybg From f083325b4a048e54b6f19c966f577aac113dbc59 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 6 Mar 2025 16:33:45 +0100 Subject: [PATCH 227/309] home: jj: drop fancy icon from log This messes with the graph formatting when history is not linear because the fancy icon's width is non-standard --- home/jj/config.toml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/home/jj/config.toml b/home/jj/config.toml index 730916e..c407a1e 100644 --- a/home/jj/config.toml +++ b/home/jj/config.toml @@ -46,8 +46,8 @@ coalesce( if(current_working_copy, "@"), if(immutable, "◆"), if(conflict, "×"), - if(description.starts_with("wip:"), "🔒"), - if(description.starts_with("private:"), "🔒"), + if(description.starts_with("wip:"), "!"), + if(description.starts_with("private:"), "!"), "○", ) ) From 95c5fe1b49d5d336d491b47071b18cdf602ec89d Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 6 Mar 2025 16:33:45 +0100 Subject: [PATCH 228/309] home: jj: add better commit draft templates --- home/jj/config.toml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/home/jj/config.toml b/home/jj/config.toml index c407a1e..71d50e7 100644 --- a/home/jj/config.toml +++ b/home/jj/config.toml @@ -54,7 +54,23 @@ coalesce( ) ''' +draft_commit_description = "commit_description_verbose(self)" + [template-aliases] +"commit_description_verbose(commit)" = ''' +concat( + commit_description(commit), + "JJ: ignore-rest\n", + diff.git(), +) +''' +"commit_description(commit)" = ''' +concat( + commit.description(), "\n", + "JJ: This commit contains the following changes:\n", + indent("JJ: ", diff.stat(72)), +) +''' [[--scope]] --when.repositories = ["~/work/lrde/"] From c42ed3a2d1fd633d72eb982e8faba49f3a777916 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 6 Mar 2025 16:33:45 +0100 Subject: [PATCH 229/309] base: gui: use Qt6 Okular --- base/gui-programs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/base/gui-programs.nix b/base/gui-programs.nix index 0a0e47c..7057c85 100644 --- a/base/gui-programs.nix +++ b/base/gui-programs.nix @@ -78,7 +78,7 @@ in { zathura ; - inherit (pkgs.libsForQt5) okular; + inherit (pkgs.kdePackages) okular; }; networking.networkmanager.enable = true; From 5fd40cdc6c538e9303b5ddca69c73abc09c2a713 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 15 Mar 2025 15:59:35 +0100 Subject: [PATCH 230/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/009b764ac98a3602d41fc68072eeec5d24fc0e49' (2025-02-27) → 'github:NixOS/nixos-hardware/e1f12151258b12c567f456d8248e4694e9390613' (2025-03-12) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/6af28b834daca767a7ef99f8a7defa957d0ade6f' (2025-03-04) → 'github:NixOS/nixpkgs/cdd2ef009676ac92b715ff26630164bb88fec4e0' (2025-03-13) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 5d4fe9d..aa9e3f6 100644 --- a/flake.lock +++ b/flake.lock @@ -234,11 +234,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1740646007, - "narHash": "sha256-dMReDQobS3kqoiUCQIYI9c0imPXRZnBubX20yX/G5LE=", + "lastModified": 1741792691, + "narHash": "sha256-f0BVt1/cvA0DQ/q3rB+HY4g4tKksd03ZkzI4xehC2Ew=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "009b764ac98a3602d41fc68072eeec5d24fc0e49", + "rev": "e1f12151258b12c567f456d8248e4694e9390613", "type": "github" }, "original": { @@ -298,11 +298,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1741048562, - "narHash": "sha256-W4YZ3fvWZiFYYyd900kh8P8wU6DHSiwaH0j4+fai1Sk=", + "lastModified": 1741862977, + "narHash": "sha256-prZ0M8vE/ghRGGZcflvxCu40ObKaB+ikn74/xQoNrGQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6af28b834daca767a7ef99f8a7defa957d0ade6f", + "rev": "cdd2ef009676ac92b715ff26630164bb88fec4e0", "type": "github" }, "original": { From 93e1e226ee1dfdd532d91972182291f6bd8c46a2 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 15 Mar 2025 16:14:40 +0100 Subject: [PATCH 231/309] base: add shellcheck to base programs --- base/programs.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/base/programs.nix b/base/programs.nix index 3655de8..064c3e1 100644 --- a/base/programs.nix +++ b/base/programs.nix @@ -36,6 +36,7 @@ gnumake gnupg python3 + shellcheck vim # terminal utilities htop From c5c41c89f74643337e83b97d307cb552945f08f4 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 15 Mar 2025 16:14:40 +0100 Subject: [PATCH 232/309] home: tridactyl: add typing websites to blackist --- home/tridactylrc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/home/tridactylrc b/home/tridactylrc index bad4eaa..9e0442c 100644 --- a/home/tridactylrc +++ b/home/tridactylrc @@ -33,6 +33,8 @@ set editorcmd emacsclient -c set yankto both blacklistadd calendar.google.com +blacklistadd keybr.com +blacklistadd ergol.org blacklistadd jellyfin.alarsyo.net blacklistadd localhost blacklistadd netflix.com From 90a09cc82b1d55f302e84603bba6252f86c203a4 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 15 Mar 2025 16:14:40 +0100 Subject: [PATCH 233/309] home: leave gtkrc 2.0 in its default location --- home/gtk.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/home/gtk.nix b/home/gtk.nix index a0738f4..7be7d77 100644 --- a/home/gtk.nix +++ b/home/gtk.nix @@ -20,7 +20,11 @@ in { gtk2 = { # No garbage polluting my $HOME - configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc"; + # + # I had this enabled but some program somehow couldn't find my + # configuration there. I think it was nm-applet. + # + #configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc"; }; iconTheme = { From cd29dc0aa8ea3f7d841adc18ce782d04b631c711 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 15 Mar 2025 16:14:40 +0100 Subject: [PATCH 234/309] talos: add gnome-solanum to home packages This is a Pomodoro timer. --- hosts/talos/home.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index f9e9f06..9513e08 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -50,6 +50,7 @@ in { ansel chromium # some websites only work there :( font-awesome # for pretty icons + gnome-solanum nwg-displays shikane # output autoconfig swaybg From bac6d9c7fbc1f498a003be7512894906a4fb1746 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 15 Mar 2025 16:14:40 +0100 Subject: [PATCH 235/309] todo: add current wishlist --- todo.org | 3 +++ 1 file changed, 3 insertions(+) diff --git a/todo.org b/todo.org index 814009b..d1a045d 100644 --- a/todo.org +++ b/todo.org @@ -3,3 +3,6 @@ https://github.com/quexten/goldwarden * TODO Setup sway correctly +** TODO This includes moving it to a proper module + +* TODO Create an adwaita package with symlinks for nm-applet icons From e437af78b4d39144b831e64829dc0a07d9bedb19 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 15 Mar 2025 16:14:40 +0100 Subject: [PATCH 236/309] ci: bump actions --- .github/workflows/cachix.yaml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/cachix.yaml b/.github/workflows/cachix.yaml index 5af64f6..4b2eebe 100644 --- a/.github/workflows/cachix.yaml +++ b/.github/workflows/cachix.yaml @@ -15,7 +15,7 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: cachix/install-nix-action@v27 + - uses: cachix/install-nix-action@v31 - name: Run alejandra run: nix develop --command alejandra --check . @@ -26,9 +26,9 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: cachix/install-nix-action@v27 + - uses: cachix/install-nix-action@v31 - - uses: cachix/cachix-action@v15 + - uses: cachix/cachix-action@v16 with: name: alarsyo authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' @@ -55,9 +55,9 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: cachix/install-nix-action@v27 + - uses: cachix/install-nix-action@v31 - - uses: cachix/cachix-action@v15 + - uses: cachix/cachix-action@v16 with: name: alarsyo authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' @@ -86,9 +86,9 @@ jobs: - uses: actions/checkout@v4 - - uses: cachix/install-nix-action@v27 + - uses: cachix/install-nix-action@v31 - - uses: cachix/cachix-action@v15 + - uses: cachix/cachix-action@v16 with: name: alarsyo authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' From 4da4aecd99b73fef90f556c621b61923e99870a7 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 15 Mar 2025 16:14:40 +0100 Subject: [PATCH 237/309] flake: bump Lix input --- flake.lock | 20 ++++++++++---------- flake.nix | 2 +- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/flake.lock b/flake.lock index aa9e3f6..4714810 100644 --- a/flake.lock +++ b/flake.lock @@ -200,15 +200,15 @@ "lix": { "flake": false, "locked": { - "lastModified": 1737234286, - "narHash": "sha256-CCKIAE84dzkrnlxJCKFyffAxP3yfsOAbdvydUGqq24g=", - "rev": "2837da71ec1588c1187d2e554719b15904a46c8b", + "lastModified": 1741509550, + "narHash": "sha256-O7+c7MYOvKnGhE5qwRqV+q0NePEtiz6spM1Mfu/Heck=", + "rev": "0d1f794178d42bfa1ef40ecb80be514139779184", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/2837da71ec1588c1187d2e554719b15904a46c8b.tar.gz?rev=2837da71ec1588c1187d2e554719b15904a46c8b" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/0d1f794178d42bfa1ef40ecb80be514139779184.tar.gz?rev=0d1f794178d42bfa1ef40ecb80be514139779184" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/lix/archive/2.92.0.tar.gz" + "url": "https://git.lix.systems/lix-project/lix/archive/release-2.92.tar.gz" } }, "lix-module": { @@ -221,15 +221,15 @@ ] }, "locked": { - "lastModified": 1737237494, - "narHash": "sha256-YMLrcBpf0TR5r/eaqm8lxzFPap2TxCor0ZGcK3a7+b8=", - "rev": "b90bf629bbd835e61f1317b99e12f8c831017006", + "lastModified": 1741892773, + "narHash": "sha256-8oUT6D7VlsuLkms3zBsUaPBUoxucmFq62QdtyVpjq0Y=", + "rev": "ed7a2fa83145868ecb830d6b3c73ebfd81a9e911", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/b90bf629bbd835e61f1317b99e12f8c831017006.tar.gz?rev=b90bf629bbd835e61f1317b99e12f8c831017006" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/ed7a2fa83145868ecb830d6b3c73ebfd81a9e911.tar.gz?rev=ed7a2fa83145868ecb830d6b3c73ebfd81a9e911" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0.tar.gz" + "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0-1.tar.gz" } }, "nixos-hardware": { diff --git a/flake.nix b/flake.nix index 7756c0d..b68cf00 100644 --- a/flake.nix +++ b/flake.nix @@ -51,7 +51,7 @@ }; lix-module = { - url = "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0.tar.gz"; + url = "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0-1.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; }; From 863df49b7cbadd9d6a11e82e48691c415b66698c Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 15 Mar 2025 16:14:40 +0100 Subject: [PATCH 238/309] home: tridactyl: use ergo-l for hints --- home/tridactylrc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/home/tridactylrc b/home/tridactylrc index 9e0442c..6b2313d 100644 --- a/home/tridactylrc +++ b/home/tridactylrc @@ -5,6 +5,11 @@ " as an enforced single point of truth for Tridactyl's configuration. sanitize tridactyllocal tridactylsync +" Ergo-L chars, alternating between right and left hand. I also omitted +" punctuation like `-` and `,`. Tridactyl supports it but the visual hints won't +" look as good. +set hintchars rnteisualfhvdockzgxyq + " Ctrl-F should use the browser's native 'find' functionality. unbind From 7cc542e27f5e864134c4196b60157ed73254c812 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 15 Mar 2025 16:14:40 +0100 Subject: [PATCH 239/309] home: jj: add changelog commit description For this commit, this would generate something like ``` * home/jj/config.toml: ``` automatically. --- home/jj/config.toml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/home/jj/config.toml b/home/jj/config.toml index 71d50e7..61df550 100644 --- a/home/jj/config.toml +++ b/home/jj/config.toml @@ -64,6 +64,24 @@ concat( diff.git(), ) ''' +"commit_description_verbose_changelog(commit)" = ''' +concat( + commit_description_changelog(commit), + "JJ: ignore-rest\n", + diff.git(), +) +''' +"commit_description_changelog(commit)" = ''' +concat( + commit.description(), "\n", + surround("", "\n", diff.files().map(|f| if(!commit.description().contains(f.path()), + "* " ++ f.path() ++ ":\n" + ) + ).join("")), + "JJ: This commit contains the following changes:\n", + indent("JJ: ", diff.stat(72)), +) +''' "commit_description(commit)" = ''' concat( commit.description(), "\n", From 20647c820fc808690fbf86b738899b61f66b0ae6 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 15 Mar 2025 16:14:40 +0100 Subject: [PATCH 240/309] home: jj: dryer changelog template --- home/jj/config.toml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/home/jj/config.toml b/home/jj/config.toml index 61df550..653bb25 100644 --- a/home/jj/config.toml +++ b/home/jj/config.toml @@ -64,20 +64,20 @@ concat( diff.git(), ) ''' -"commit_description_verbose_changelog(commit)" = ''' +"changelog_entry(file)" = ''' concat( - commit_description_changelog(commit), - "JJ: ignore-rest\n", - diff.git(), + "* ", + f.path(), + ":\n", ) ''' "commit_description_changelog(commit)" = ''' concat( commit.description(), "\n", - surround("", "\n", diff.files().map(|f| if(!commit.description().contains(f.path()), - "* " ++ f.path() ++ ":\n" - ) - ).join("")), + surround("", "\n", diff.files().map(|f| if(!commit.description().contains(changelog_entry(f)), + changelog_entry(f) + ) + ).join("")), "JJ: This commit contains the following changes:\n", indent("JJ: ", diff.stat(72)), ) From 7639a0deddef8f375cfa19128a9165b6ac367276 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 15 Mar 2025 16:14:40 +0100 Subject: [PATCH 241/309] home: jj: check for filepath only In case I manually edit some changelog entries to look like * path1.txt, path2.txt: changes described here. --- home/jj/config.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/jj/config.toml b/home/jj/config.toml index 653bb25..fd339cd 100644 --- a/home/jj/config.toml +++ b/home/jj/config.toml @@ -74,7 +74,7 @@ concat( "commit_description_changelog(commit)" = ''' concat( commit.description(), "\n", - surround("", "\n", diff.files().map(|f| if(!commit.description().contains(changelog_entry(f)), + surround("", "\n", diff.files().map(|f| if(!commit.description().contains(f.path()), changelog_entry(f) ) ).join("")), From 75d1bc84a99c307284d7bcc75e99a40f638eabde Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 21 Mar 2025 13:06:42 +0100 Subject: [PATCH 242/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs-unstable-small': 'github:NixOS/nixpkgs/970c26517231e07b71f3eaaa9aa2ebe539c354d3' (2025-01-27) → 'github:NixOS/nixpkgs/fa6ab1d7fdf29a4ff0ac65f01ffdaea84f105280' (2025-03-21) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 4714810..697d246 100644 --- a/flake.lock +++ b/flake.lock @@ -266,11 +266,11 @@ }, "nixpkgs-unstable-small": { "locked": { - "lastModified": 1737959576, - "narHash": "sha256-eEOiMxfxYSLa/8jcDZEK46TjqLO+8cJ5C9ufHXz1oIw=", + "lastModified": 1742541432, + "narHash": "sha256-hPzDbmo3T64R1rt8i8WonR/4VrSbE8ZxY6wFIguC4sc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "970c26517231e07b71f3eaaa9aa2ebe539c354d3", + "rev": "fa6ab1d7fdf29a4ff0ac65f01ffdaea84f105280", "type": "github" }, "original": { From a1b2fdabe4e7227bc17c06291d0b68eb298a576f Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 19 Mar 2025 23:31:32 +0100 Subject: [PATCH 243/309] home: add monkeytype to tridactyl blacklist --- home/tridactylrc | 1 + 1 file changed, 1 insertion(+) diff --git a/home/tridactylrc b/home/tridactylrc index 6b2313d..b0b07d2 100644 --- a/home/tridactylrc +++ b/home/tridactylrc @@ -40,6 +40,7 @@ set yankto both blacklistadd calendar.google.com blacklistadd keybr.com blacklistadd ergol.org +blacklistadd monkeytype.com blacklistadd jellyfin.alarsyo.net blacklistadd localhost blacklistadd netflix.com From cad74df9fa03db0163a4c3eb2c8d396c4838f210 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 24 Mar 2025 09:10:27 +0100 Subject: [PATCH 244/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/9d3d080aec2a35e05a15cedd281c2384767c2cfe?narHash=sha256-Gs076ot1YuAAsYVcyidLKUMIc4ooOaRGO0PqTY7sBzA%3D' (2025-02-17) → 'github:nix-community/home-manager/0948aeedc296f964140d9429223c7e4a0702a1ff?narHash=sha256-jbqlw4sPArFtNtA1s3kLg7/A4fzP4GLk9bGbtUJg0JQ%3D' (2025-03-22) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/e1f12151258b12c567f456d8248e4694e9390613?narHash=sha256-f0BVt1/cvA0DQ/q3rB%2BHY4g4tKksd03ZkzI4xehC2Ew%3D' (2025-03-12) → 'github:NixOS/nixos-hardware/380ed15bcd6440606c6856db44a99140d422b46f?narHash=sha256-yJ3OOAmsGAxSl0bTmKUp3%2BcEYtSS%2BV6hUPK2rYhIPr8%3D' (2025-03-22) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/cdd2ef009676ac92b715ff26630164bb88fec4e0?narHash=sha256-prZ0M8vE/ghRGGZcflvxCu40ObKaB%2Bikn74/xQoNrGQ%3D' (2025-03-13) → 'github:NixOS/nixpkgs/f0946fa5f1fb876a9dc2e1850d9d3a4e3f914092?narHash=sha256-rBfc%2BH1dDBUQ2mgVITMGBPI1PGuCznf9rcWX/XIULyE%3D' (2025-03-23) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 697d246..274cf09 100644 --- a/flake.lock +++ b/flake.lock @@ -160,11 +160,11 @@ ] }, "locked": { - "lastModified": 1739757849, - "narHash": "sha256-Gs076ot1YuAAsYVcyidLKUMIc4ooOaRGO0PqTY7sBzA=", + "lastModified": 1742655702, + "narHash": "sha256-jbqlw4sPArFtNtA1s3kLg7/A4fzP4GLk9bGbtUJg0JQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "9d3d080aec2a35e05a15cedd281c2384767c2cfe", + "rev": "0948aeedc296f964140d9429223c7e4a0702a1ff", "type": "github" }, "original": { @@ -234,11 +234,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1741792691, - "narHash": "sha256-f0BVt1/cvA0DQ/q3rB+HY4g4tKksd03ZkzI4xehC2Ew=", + "lastModified": 1742631601, + "narHash": "sha256-yJ3OOAmsGAxSl0bTmKUp3+cEYtSS+V6hUPK2rYhIPr8=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "e1f12151258b12c567f456d8248e4694e9390613", + "rev": "380ed15bcd6440606c6856db44a99140d422b46f", "type": "github" }, "original": { @@ -298,11 +298,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1741862977, - "narHash": "sha256-prZ0M8vE/ghRGGZcflvxCu40ObKaB+ikn74/xQoNrGQ=", + "lastModified": 1742751704, + "narHash": "sha256-rBfc+H1dDBUQ2mgVITMGBPI1PGuCznf9rcWX/XIULyE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cdd2ef009676ac92b715ff26630164bb88fec4e0", + "rev": "f0946fa5f1fb876a9dc2e1850d9d3a4e3f914092", "type": "github" }, "original": { From 03346040e01c988ff03bf0c34519529051023a2c Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 24 Mar 2025 10:12:14 +0100 Subject: [PATCH 245/309] flake: disable Lix module Since https://github.com/NixOS/nixpkgs/pull/391983 was merged in nixos-24.11, the Lix module needs a bump as well to avoid applying that patch twice, which breaks the build. Let's wait for an update. --- flake.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index b68cf00..d0f7076 100644 --- a/flake.nix +++ b/flake.nix @@ -112,7 +112,8 @@ [ agenix.nixosModules.default home-manager.nixosModules.default - lix-module.nixosModules.default + # FIXME: this is temporarily broken, will need a bump of the Lix module + # lix-module.nixosModules.default { nixpkgs = { overlays = shared_overlays; From 6e7706cb25ff6faaaa7bb1389cad646eec4c3c15 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 24 Mar 2025 10:12:14 +0100 Subject: [PATCH 246/309] flake: re-enable lix module --- flake.lock | 10 +++++----- flake.nix | 5 ++--- 2 files changed, 7 insertions(+), 8 deletions(-) diff --git a/flake.lock b/flake.lock index 274cf09..ed74799 100644 --- a/flake.lock +++ b/flake.lock @@ -221,15 +221,15 @@ ] }, "locked": { - "lastModified": 1741892773, - "narHash": "sha256-8oUT6D7VlsuLkms3zBsUaPBUoxucmFq62QdtyVpjq0Y=", - "rev": "ed7a2fa83145868ecb830d6b3c73ebfd81a9e911", + "lastModified": 1742943028, + "narHash": "sha256-fprwZKE1uMzO9tiWWOrmLWBW3GPkMayQfb0xOvVFIno=", + "rev": "868d97695bab9d21f6070b03957bcace249fbe3c", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/ed7a2fa83145868ecb830d6b3c73ebfd81a9e911.tar.gz?rev=ed7a2fa83145868ecb830d6b3c73ebfd81a9e911" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/868d97695bab9d21f6070b03957bcace249fbe3c.tar.gz" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0-1.tar.gz" + "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0-3.tar.gz" } }, "nixos-hardware": { diff --git a/flake.nix b/flake.nix index d0f7076..512c55c 100644 --- a/flake.nix +++ b/flake.nix @@ -51,7 +51,7 @@ }; lix-module = { - url = "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0-1.tar.gz"; + url = "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0-3.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -112,8 +112,7 @@ [ agenix.nixosModules.default home-manager.nixosModules.default - # FIXME: this is temporarily broken, will need a bump of the Lix module - # lix-module.nixosModules.default + lix-module.nixosModules.default { nixpkgs = { overlays = shared_overlays; From b87266d7abdeb0a1b07926eda8b58019eeac7678 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 24 Mar 2025 10:12:14 +0100 Subject: [PATCH 247/309] lohr: add codeberg --- .lohr | 1 + 1 file changed, 1 insertion(+) diff --git a/.lohr b/.lohr index c20d109..5450957 100644 --- a/.lohr +++ b/.lohr @@ -1,3 +1,4 @@ git@github.com:alarsyo/nixos-config git@gitlab.com:alarsyo/nixos-config git@git.sr.ht:~alarsyo/nixos-config +git@codeberg.org:alarsyo/nixos-config From cc648521e2e667bd2cad650ba73cfd674840757f Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 24 Mar 2025 10:12:14 +0100 Subject: [PATCH 248/309] talos: enable qmk udev rules --- hosts/talos/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index a8e3cd9..f129e62 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -137,6 +137,7 @@ settings.General.Experimental = true; }; + hardware.keyboard.qmk.enable = true; # Configure console keymap console.keyMap = "us"; From 7c94090793f3c66205c0d594aaca23003d201191 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 31 Mar 2025 14:38:13 +0200 Subject: [PATCH 249/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/0948aeedc296f964140d9429223c7e4a0702a1ff?narHash=sha256-jbqlw4sPArFtNtA1s3kLg7/A4fzP4GLk9bGbtUJg0JQ%3D' (2025-03-22) → 'github:nix-community/home-manager/15c5f9d04fabd176f30286c8f52bbdb2c853a146?narHash=sha256-24N3NAuZZbYqZ39NgToZgHUw6M7xHrtrAm18kv0%2B2Wo%3D' (2025-03-31) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/380ed15bcd6440606c6856db44a99140d422b46f?narHash=sha256-yJ3OOAmsGAxSl0bTmKUp3%2BcEYtSS%2BV6hUPK2rYhIPr8%3D' (2025-03-22) → 'github:NixOS/nixos-hardware/de6fc5551121c59c01e2a3d45b277a6d05077bc4?narHash=sha256-b/exDDQSLmENZZgbAEI3qi9yHkuXAXCPbormD8CSJXo%3D' (2025-03-31) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/f0946fa5f1fb876a9dc2e1850d9d3a4e3f914092?narHash=sha256-rBfc%2BH1dDBUQ2mgVITMGBPI1PGuCznf9rcWX/XIULyE%3D' (2025-03-23) → 'github:NixOS/nixpkgs/7ffe0edc685f14b8c635e3d6591b0bbb97365e6c?narHash=sha256-sOos1jZGKmT6xxPvxGQyPTApOunXvScV4lNjBCXd/CI%3D' (2025-03-30) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index ed74799..6cb6110 100644 --- a/flake.lock +++ b/flake.lock @@ -160,11 +160,11 @@ ] }, "locked": { - "lastModified": 1742655702, - "narHash": "sha256-jbqlw4sPArFtNtA1s3kLg7/A4fzP4GLk9bGbtUJg0JQ=", + "lastModified": 1743387206, + "narHash": "sha256-24N3NAuZZbYqZ39NgToZgHUw6M7xHrtrAm18kv0+2Wo=", "owner": "nix-community", "repo": "home-manager", - "rev": "0948aeedc296f964140d9429223c7e4a0702a1ff", + "rev": "15c5f9d04fabd176f30286c8f52bbdb2c853a146", "type": "github" }, "original": { @@ -234,11 +234,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1742631601, - "narHash": "sha256-yJ3OOAmsGAxSl0bTmKUp3+cEYtSS+V6hUPK2rYhIPr8=", + "lastModified": 1743420942, + "narHash": "sha256-b/exDDQSLmENZZgbAEI3qi9yHkuXAXCPbormD8CSJXo=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "380ed15bcd6440606c6856db44a99140d422b46f", + "rev": "de6fc5551121c59c01e2a3d45b277a6d05077bc4", "type": "github" }, "original": { @@ -298,11 +298,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1742751704, - "narHash": "sha256-rBfc+H1dDBUQ2mgVITMGBPI1PGuCznf9rcWX/XIULyE=", + "lastModified": 1743367904, + "narHash": "sha256-sOos1jZGKmT6xxPvxGQyPTApOunXvScV4lNjBCXd/CI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f0946fa5f1fb876a9dc2e1850d9d3a4e3f914092", + "rev": "7ffe0edc685f14b8c635e3d6591b0bbb97365e6c", "type": "github" }, "original": { From 059e43b3c5760dfbf1e482026ccba9d2a500a150 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 7 Apr 2025 11:14:44 +0200 Subject: [PATCH 250/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'lix-module/flake-utils': 'github:numtide/flake-utils/b1d9ab70662946ef0850d488da1c9019f3a9752a?narHash=sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ%3D' (2024-03-11) → 'github:numtide/flake-utils/11707dc2f618dd54ca8739b309ec4fc024de578b?narHash=sha256-l0KFg5HjrsfsO/JpG%2Br7fRrqm12kzFHyUHqHCVpMMbI%3D' (2024-11-13) • Updated input 'lix-module/lix': 'https://git.lix.systems/api/v1/repos/lix-project/lix/archive/0d1f794178d42bfa1ef40ecb80be514139779184.tar.gz?narHash=sha256-O7%2Bc7MYOvKnGhE5qwRqV%2Bq0NePEtiz6spM1Mfu/Heck%3D&rev=0d1f794178d42bfa1ef40ecb80be514139779184' (2025-03-09) → 'https://git.lix.systems/api/v1/repos/lix-project/lix/archive/079528098f5998ba13c88821a2eca1005c1695de.tar.gz?narHash=sha256-pgDJZjj4jpzkFxsqBTI/9Yb0n3gW%2BDvDtuv9SwQZZcs%3D&rev=079528098f5998ba13c88821a2eca1005c1695de' (2025-01-18) --- flake.lock | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index 6cb6110..36e3e3e 100644 --- a/flake.lock +++ b/flake.lock @@ -104,11 +104,11 @@ "systems": "systems_4" }, "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "owner": "numtide", "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", "type": "github" }, "original": { @@ -200,11 +200,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1741509550, - "narHash": "sha256-O7+c7MYOvKnGhE5qwRqV+q0NePEtiz6spM1Mfu/Heck=", - "rev": "0d1f794178d42bfa1ef40ecb80be514139779184", + "lastModified": 1737234286, + "narHash": "sha256-pgDJZjj4jpzkFxsqBTI/9Yb0n3gW+DvDtuv9SwQZZcs=", + "rev": "079528098f5998ba13c88821a2eca1005c1695de", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/0d1f794178d42bfa1ef40ecb80be514139779184.tar.gz?rev=0d1f794178d42bfa1ef40ecb80be514139779184" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/079528098f5998ba13c88821a2eca1005c1695de.tar.gz?rev=079528098f5998ba13c88821a2eca1005c1695de" }, "original": { "type": "tarball", From 8c7a58f2a44e898ff8bcddd4585fe832833b3db8 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 7 Apr 2025 11:15:06 +0200 Subject: [PATCH 251/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/15c5f9d04fabd176f30286c8f52bbdb2c853a146?narHash=sha256-24N3NAuZZbYqZ39NgToZgHUw6M7xHrtrAm18kv0%2B2Wo%3D' (2025-03-31) → 'github:nix-community/home-manager/a9f8b3db211b4609ddd83683f9db89796c7f6ac6?narHash=sha256-2lDQBOmlz9ggPxcS7/GvcVdzXMIiT%2BPpMao6FbLJSr0%3D' (2025-04-04) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/7ffe0edc685f14b8c635e3d6591b0bbb97365e6c?narHash=sha256-sOos1jZGKmT6xxPvxGQyPTApOunXvScV4lNjBCXd/CI%3D' (2025-03-30) → 'github:NixOS/nixpkgs/7819a0d29d1dd2bc331bec4b327f0776359b1fa6?narHash=sha256-BgkBz4NpV6Kg8XF7cmHDHRVGZYnKbvG0Y4p%2BjElwxaM%3D' (2025-04-05) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 36e3e3e..89f89fb 100644 --- a/flake.lock +++ b/flake.lock @@ -160,11 +160,11 @@ ] }, "locked": { - "lastModified": 1743387206, - "narHash": "sha256-24N3NAuZZbYqZ39NgToZgHUw6M7xHrtrAm18kv0+2Wo=", + "lastModified": 1743808813, + "narHash": "sha256-2lDQBOmlz9ggPxcS7/GvcVdzXMIiT+PpMao6FbLJSr0=", "owner": "nix-community", "repo": "home-manager", - "rev": "15c5f9d04fabd176f30286c8f52bbdb2c853a146", + "rev": "a9f8b3db211b4609ddd83683f9db89796c7f6ac6", "type": "github" }, "original": { @@ -298,11 +298,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1743367904, - "narHash": "sha256-sOos1jZGKmT6xxPvxGQyPTApOunXvScV4lNjBCXd/CI=", + "lastModified": 1743813633, + "narHash": "sha256-BgkBz4NpV6Kg8XF7cmHDHRVGZYnKbvG0Y4p+jElwxaM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7ffe0edc685f14b8c635e3d6591b0bbb97365e6c", + "rev": "7819a0d29d1dd2bc331bec4b327f0776359b1fa6", "type": "github" }, "original": { From 1e2d97c1f5354305282b8e486420ebae89f9e031 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 7 Apr 2025 15:40:40 +0200 Subject: [PATCH 252/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'agenix': 'github:ryantm/agenix/f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41?narHash=sha256-b%2Buqzj%2BWa6xgMS9aNbX4I%2BsXeb5biPDi39VgvSFqFvU%3D' (2024-08-10) → 'github:ryantm/agenix/e600439ec4c273cf11e06fe4d9d906fb98fa097c?narHash=sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA%3D' (2025-01-15) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 89f89fb..7f0aff2 100644 --- a/flake.lock +++ b/flake.lock @@ -8,11 +8,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1723293904, - "narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=", + "lastModified": 1736955230, + "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", "owner": "ryantm", "repo": "agenix", - "rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41", + "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", "type": "github" }, "original": { From 0c30a33d1c699f123b87fd7e7781a569b0e2a83c Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 7 Apr 2025 15:43:45 +0200 Subject: [PATCH 253/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'disko': 'github:nix-community/disko/2814a5224a47ca19e858e027f7e8bff74a8ea9f1?narHash=sha256-2uMaVAZn7fiyTUGhKgleuLYe5%2BEAAYB/diKxrM7g3as%3D' (2024-11-30) → 'github:nix-community/disko/329d3d7e8bc63dd30c39e14e6076db590a6eabe6?narHash=sha256-ViE7NoFWytYO2uJONTAX35eGsvTYXNHjWALeHAg8OQY%3D' (2025-04-02) • Updated input 'disko/nixpkgs': 'github:NixOS/nixpkgs/8edf06bea5bcbee082df1b7369ff973b91618b8d?narHash=sha256-sQxuJm8rHY20xq6Ah%2BGwIUkF95tWjGRd1X8xF%2BPkk38%3D' (2024-11-22) → 'github:NixOS/nixpkgs/eb0e0f21f15c559d2ac7633dc81d079d1caf5f5f?narHash=sha256-ArWLUgRm1tKHiqlhnymyVqi5kLNCK5ghvm06mfCl4QY%3D' (2025-03-29) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 7f0aff2..924c6db 100644 --- a/flake.lock +++ b/flake.lock @@ -48,11 +48,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1732988076, - "narHash": "sha256-2uMaVAZn7fiyTUGhKgleuLYe5+EAAYB/diKxrM7g3as=", + "lastModified": 1743598667, + "narHash": "sha256-ViE7NoFWytYO2uJONTAX35eGsvTYXNHjWALeHAg8OQY=", "owner": "nix-community", "repo": "disko", - "rev": "2814a5224a47ca19e858e027f7e8bff74a8ea9f1", + "rev": "329d3d7e8bc63dd30c39e14e6076db590a6eabe6", "type": "github" }, "original": { @@ -282,11 +282,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1732238832, - "narHash": "sha256-sQxuJm8rHY20xq6Ah+GwIUkF95tWjGRd1X8xF+Pkk38=", + "lastModified": 1743259260, + "narHash": "sha256-ArWLUgRm1tKHiqlhnymyVqi5kLNCK5ghvm06mfCl4QY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8edf06bea5bcbee082df1b7369ff973b91618b8d", + "rev": "eb0e0f21f15c559d2ac7633dc81d079d1caf5f5f", "type": "github" }, "original": { From 9136f94169dce502159bcdf737d1080d81504442 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 7 Apr 2025 15:44:57 +0200 Subject: [PATCH 254/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'jujutsu/rust-overlay': 'github:oxalica/rust-overlay/a229311fcb45b88a95fdfa5cecd8349c809a272a?narHash=sha256-NWI8csIK0ujFlFuEXKnoc%2B7hWoCiEtINK9r48LUUMeU%3D' (2024-11-22) → 'github:oxalica/rust-overlay/60766d63c227d576510ecfb5edd3a687d56f6bc7?narHash=sha256-IwdSl51NL6V0f%2BmYXZR0UTKaGleOsk9zV3l6kt5SUWw%3D' (2025-03-24) --- flake.lock | 14 +++++++------- flake.nix | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/flake.lock b/flake.lock index 924c6db..1b278da 100644 --- a/flake.lock +++ b/flake.lock @@ -183,16 +183,16 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1741218530, - "narHash": "sha256-fBgJrSglH46+NHu3spk5mC51ASDHWnOoW6veKZ0R2YA=", + "lastModified": 1743824718, + "narHash": "sha256-LDMHMFg9fjEMi8I2Fc3TEyWMctqJurAbckubCgkkZiM=", "owner": "jj-vcs", "repo": "jj", - "rev": "6ce7a77da5a18343f4f3effef49b77428e43bc74", + "rev": "3aac8d21e6327c343af0c91e9b7451ee8a40aa58", "type": "github" }, "original": { "owner": "jj-vcs", - "ref": "v0.27.0", + "ref": "v0.28.1", "repo": "jj", "type": "github" } @@ -333,11 +333,11 @@ ] }, "locked": { - "lastModified": 1732242723, - "narHash": "sha256-NWI8csIK0ujFlFuEXKnoc+7hWoCiEtINK9r48LUUMeU=", + "lastModified": 1742783666, + "narHash": "sha256-IwdSl51NL6V0f+mYXZR0UTKaGleOsk9zV3l6kt5SUWw=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "a229311fcb45b88a95fdfa5cecd8349c809a272a", + "rev": "60766d63c227d576510ecfb5edd3a687d56f6bc7", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 512c55c..26db0ea 100644 --- a/flake.nix +++ b/flake.nix @@ -59,7 +59,7 @@ type = "github"; owner = "jj-vcs"; repo = "jj"; - ref = "v0.27.0"; + ref = "v0.28.1"; inputs.nixpkgs.follows = "nixpkgs"; }; }; From 3eb5c0c48d7049e2a61dcadab428bcb587fe2502 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 7 Apr 2025 15:45:18 +0200 Subject: [PATCH 255/309] flake: bump jj to 0.28.2 --- flake.lock | 8 ++++---- flake.nix | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index 1b278da..da4f537 100644 --- a/flake.lock +++ b/flake.lock @@ -183,16 +183,16 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1743824718, - "narHash": "sha256-LDMHMFg9fjEMi8I2Fc3TEyWMctqJurAbckubCgkkZiM=", + "lastModified": 1744040552, + "narHash": "sha256-EAD40ZZr6VK4w9OuYzx2YcVgOODopF7IWN7GVjTlblE=", "owner": "jj-vcs", "repo": "jj", - "rev": "3aac8d21e6327c343af0c91e9b7451ee8a40aa58", + "rev": "b9ebe2f03c976515d2a155a411a368ae773c5493", "type": "github" }, "original": { "owner": "jj-vcs", - "ref": "v0.28.1", + "ref": "v0.28.2", "repo": "jj", "type": "github" } diff --git a/flake.nix b/flake.nix index 26db0ea..7b6a918 100644 --- a/flake.nix +++ b/flake.nix @@ -59,7 +59,7 @@ type = "github"; owner = "jj-vcs"; repo = "jj"; - ref = "v0.28.1"; + ref = "v0.28.2"; inputs.nixpkgs.follows = "nixpkgs"; }; }; From ec87af7dc3b8090066e29a3cf534bf72e096fb49 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 14 Apr 2025 12:34:49 +0200 Subject: [PATCH 256/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/a9f8b3db211b4609ddd83683f9db89796c7f6ac6?narHash=sha256-2lDQBOmlz9ggPxcS7/GvcVdzXMIiT%2BPpMao6FbLJSr0%3D' (2025-04-04) → 'github:nix-community/home-manager/b4e98224ad1336751a2ac7493967a4c9f6d9cb3f?narHash=sha256-t7dFCDl4vIOOUMhEZnJF15aAzkpaup9x4ZRGToDFYWI%3D' (2025-04-08) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/de6fc5551121c59c01e2a3d45b277a6d05077bc4?narHash=sha256-b/exDDQSLmENZZgbAEI3qi9yHkuXAXCPbormD8CSJXo%3D' (2025-03-31) → 'github:NixOS/nixos-hardware/1fe3cc2bc5d2dc9c81cb4e63d2f67c1543340df1?narHash=sha256-OuLhysErPHl53BBifhesrRumJNhrlSgQDfYOTXfgIMg%3D' (2025-04-11) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/7819a0d29d1dd2bc331bec4b327f0776359b1fa6?narHash=sha256-BgkBz4NpV6Kg8XF7cmHDHRVGZYnKbvG0Y4p%2BjElwxaM%3D' (2025-04-05) → 'github:NixOS/nixpkgs/26d499fc9f1d567283d5d56fcf367edd815dba1d?narHash=sha256-FHlSkNqFmPxPJvy%2B6fNLaNeWnF1lZSgqVCl/eWaJRc4%3D' (2025-04-12) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index da4f537..262ec1d 100644 --- a/flake.lock +++ b/flake.lock @@ -160,11 +160,11 @@ ] }, "locked": { - "lastModified": 1743808813, - "narHash": "sha256-2lDQBOmlz9ggPxcS7/GvcVdzXMIiT+PpMao6FbLJSr0=", + "lastModified": 1744117652, + "narHash": "sha256-t7dFCDl4vIOOUMhEZnJF15aAzkpaup9x4ZRGToDFYWI=", "owner": "nix-community", "repo": "home-manager", - "rev": "a9f8b3db211b4609ddd83683f9db89796c7f6ac6", + "rev": "b4e98224ad1336751a2ac7493967a4c9f6d9cb3f", "type": "github" }, "original": { @@ -234,11 +234,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1743420942, - "narHash": "sha256-b/exDDQSLmENZZgbAEI3qi9yHkuXAXCPbormD8CSJXo=", + "lastModified": 1744366945, + "narHash": "sha256-OuLhysErPHl53BBifhesrRumJNhrlSgQDfYOTXfgIMg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "de6fc5551121c59c01e2a3d45b277a6d05077bc4", + "rev": "1fe3cc2bc5d2dc9c81cb4e63d2f67c1543340df1", "type": "github" }, "original": { @@ -298,11 +298,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1743813633, - "narHash": "sha256-BgkBz4NpV6Kg8XF7cmHDHRVGZYnKbvG0Y4p+jElwxaM=", + "lastModified": 1744440957, + "narHash": "sha256-FHlSkNqFmPxPJvy+6fNLaNeWnF1lZSgqVCl/eWaJRc4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7819a0d29d1dd2bc331bec4b327f0776359b1fa6", + "rev": "26d499fc9f1d567283d5d56fcf367edd815dba1d", "type": "github" }, "original": { From f582455977c5c11983cad373d439546b09379d8b Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 14 Apr 2025 12:56:19 +0200 Subject: [PATCH 257/309] secrets: update token for thanatos nix runner --- .../gitlab-runner/thanatos-nix-runner-env.age | Bin 406 -> 409 bytes .../gitlab-runner/thanatos-runner-env.age | Bin 406 -> 409 bytes 2 files changed, 0 insertions(+), 0 deletions(-) diff --git a/modules/secrets/gitlab-runner/thanatos-nix-runner-env.age b/modules/secrets/gitlab-runner/thanatos-nix-runner-env.age index 391995782a3855fe47c30efe2524a59ccb5480b0..b89ec6f9321e3010b276bc6f548727a30702e269 100644 GIT binary patch delta 374 zcmbQnJd=5XPJOytUQl?sccn>juA#q)epPB%L~>}haioc~&2X;isFvZG^hSwKWkYGtx%v2lJ;UVXV~c|dTfmvKsPd2&T)qPuoT zg;$UVLZr>yyyLp4J1$@3d~rxDxy_ zT|t4KR`3F@954Id>kEE>(_x&BQNT X^3kqhxl;Su7u@Ml4f(HQX6FI`tj37f delta 371 zcmbQqJdJsRPJL-DMsRpanro`IPgF^u z1y`nzfqz()n~$ZjYfxpSyK!Zhd0J9xzE^6wwr6^7aaEw7Pen~&2X;isFkY{#*iD$B-flH)EVRo@sS-p8^PP(_Vflsl&cT`k}yMCCf zW1wqrQKoYwS9-9exu<@lv5`e$c#(Edgolw&s6{|wnSZf!iHk`|P`VL0Fo$QE8NAuy$#7QJA)4nUA5Vhh?I%n~$4?iMv}~PN7*~eqm)Y*F@fZ z&Up&ro;e~v-}@}s#8f-!nC#(KHv@mXZac>x1;6!sSPsrMJGhO}v{A!+5?ij2ZdvniWrG+jN&aXKTf1_w?k3fCz>SJmw V+xAy)J~&2X;is_tGRiEcfOaGMXF&%l$oEgaebhdg;}IyuyJ;dfpcGCiv_OD;|+4%U{BcE4J_rC4j zsQ;9Ill#_l1~+{t${e-+*kmB%66*4@evA95vMa}qZ=dj{Z9S9SrDG;M-QSqh YySK{gaCnm4mp?z7w?1BM_}S<$05o`wo&W#< delta 371 zcmbQqJdJsRPJLdYU!kdKVYXwgiMe+~fLB4Jn@d($U};4_m62OoL1u2EX_aBPYhh5Z zBbRH4v$02pNqTxtd1OJRmvgDUtGj<_RhFNzlUHQ6MWt79hHt8Gc6wxKI+w1ULUD11 zZfc5=si~o*f>~&2X;is_V^y|gmP=BokA9xNkwH#bReiBRv9Vd9zDZPacyK{>Xi|xx zmwte&xucOUS9XB6hr3UHxQ9!DTSjqEk+!o_Nou%vWU))RK}w#!wx@SeQHH*0p>Mt` zm#(g^Lb_pMwr`%1MOl7upi^aFkfpw3k(Y^cabRjja=DkeZ<=#*zIL`zT0nR{*KCDI z->A!P-{r7b{i+UH8^@Se_j&Ke$BRyt2e2ouTAs1kqA^50BUvtYRjS6^iFYF^Y|W>1 zx1V0b9{uFBi9=Go?PRr8>z+j(6}O()a3{KD701pS2RrWX&;F8a*I_!zq{-l(`=g%k VAI{8QyD_l$)a&gW8|RlV1OVMOjs*Y! From beaae98ec4984a52c94fbb1af865948cfe93d92b Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 14 Apr 2025 12:56:19 +0200 Subject: [PATCH 258/309] secrets: update hades runner token --- .../secrets/gitlab-runner/hades-nix-runner-env.age | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/modules/secrets/gitlab-runner/hades-nix-runner-env.age b/modules/secrets/gitlab-runner/hades-nix-runner-env.age index ce66f97..88cf224 100644 --- a/modules/secrets/gitlab-runner/hades-nix-runner-env.age +++ b/modules/secrets/gitlab-runner/hades-nix-runner-env.age @@ -1,8 +1,7 @@ age-encryption.org/v1 --> ssh-ed25519 k2gHjw 0Qkzquxwa8PSNg6yq+CsfC4JfPLfxEIBKq1krrynlxg -QOHmNCQsV10zSnYvEeSpK95oXXlS+J4pw6EIR1KzxoU --> ssh-ed25519 pX8y2g YbFzF2/mWizY4SOnNKzkcBEEsHYc1mTCpzWZ5vf6Zy0 -p2E9Uh0rWa8qbf2SvB5e4lxS+MEx5KGumKd28UHW0/0 ---- naIsBkYqZMgekqmxTgESGMuFIKoagS68mfXbid7k9e0 -U<"{24>e^*Cg f{vI_Foe3.6,cFK -$9]@{~L \ No newline at end of file +-> ssh-ed25519 k2gHjw S9umvubn93fPFsh/ogqAohdlvDOLYxm3hHrliw5vqAQ +EG8RYYX7i2GazNTb/bnzCPs2zrIYN/kOulJc4e5pTW4 +-> ssh-ed25519 pX8y2g ux6qHpLuHTleRYpAIvO3iDztVsxPGlcu1+jzs1+MHF0 +R5wtxwQyqB1Hc6KI0U9tUOYxzHBtvkzQkgy6Z8AoOYc +--- w1Wpu3guHKTT0FDAR6KaFYLHaXYsEdCWX/7IuM2wb7Q +=nbg\\!IizA,pg pPa\p/_ut8nCL5,a Date: Mon, 5 May 2025 14:48:04 +0200 Subject: [PATCH 259/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/b4e98224ad1336751a2ac7493967a4c9f6d9cb3f?narHash=sha256-t7dFCDl4vIOOUMhEZnJF15aAzkpaup9x4ZRGToDFYWI%3D' (2025-04-08) → 'github:nix-community/home-manager/50eee705bbdbac942074a8c120e8194185633675?narHash=sha256-EyXUNSa%2BH%2BYvGVuQJP1nZskXAowxKYp79RNUsNdQTj4%3D' (2025-05-02) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/1fe3cc2bc5d2dc9c81cb4e63d2f67c1543340df1?narHash=sha256-OuLhysErPHl53BBifhesrRumJNhrlSgQDfYOTXfgIMg%3D' (2025-04-11) → 'github:NixOS/nixos-hardware/a4bb30a9000cf0444ecc8fdca8096d072f77f9e8?narHash=sha256-KvZ6G5sdBdcrglsqcOx8BT6NpHVMVHc8wssMRhv/%2B1g%3D' (2025-05-05) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/26d499fc9f1d567283d5d56fcf367edd815dba1d?narHash=sha256-FHlSkNqFmPxPJvy%2B6fNLaNeWnF1lZSgqVCl/eWaJRc4%3D' (2025-04-12) → 'github:NixOS/nixpkgs/5b35d248e9206c1f3baf8de6a7683fee126364aa?narHash=sha256-NTtKOTLQv6dPfRe00OGSywg37A1FYqldS6xiNmqBUYc%3D' (2025-05-05) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 262ec1d..40f5a4e 100644 --- a/flake.lock +++ b/flake.lock @@ -160,11 +160,11 @@ ] }, "locked": { - "lastModified": 1744117652, - "narHash": "sha256-t7dFCDl4vIOOUMhEZnJF15aAzkpaup9x4ZRGToDFYWI=", + "lastModified": 1746171682, + "narHash": "sha256-EyXUNSa+H+YvGVuQJP1nZskXAowxKYp79RNUsNdQTj4=", "owner": "nix-community", "repo": "home-manager", - "rev": "b4e98224ad1336751a2ac7493967a4c9f6d9cb3f", + "rev": "50eee705bbdbac942074a8c120e8194185633675", "type": "github" }, "original": { @@ -234,11 +234,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1744366945, - "narHash": "sha256-OuLhysErPHl53BBifhesrRumJNhrlSgQDfYOTXfgIMg=", + "lastModified": 1746427242, + "narHash": "sha256-KvZ6G5sdBdcrglsqcOx8BT6NpHVMVHc8wssMRhv/+1g=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "1fe3cc2bc5d2dc9c81cb4e63d2f67c1543340df1", + "rev": "a4bb30a9000cf0444ecc8fdca8096d072f77f9e8", "type": "github" }, "original": { @@ -298,11 +298,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1744440957, - "narHash": "sha256-FHlSkNqFmPxPJvy+6fNLaNeWnF1lZSgqVCl/eWaJRc4=", + "lastModified": 1746422338, + "narHash": "sha256-NTtKOTLQv6dPfRe00OGSywg37A1FYqldS6xiNmqBUYc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "26d499fc9f1d567283d5d56fcf367edd815dba1d", + "rev": "5b35d248e9206c1f3baf8de6a7683fee126364aa", "type": "github" }, "original": { From 1c81e9ba5f8c2f5f599beffa089e7c34cdf2ef60 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 5 May 2025 17:36:24 +0200 Subject: [PATCH 260/309] pkgs: spot: bump to 2.13 --- pkgs/spot/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/spot/default.nix b/pkgs/spot/default.nix index d333627..2670c85 100644 --- a/pkgs/spot/default.nix +++ b/pkgs/spot/default.nix @@ -3,7 +3,7 @@ fetchurl, python3, }: let - version = "2.12.2"; + version = "2.13"; in stdenv.mkDerivation { inherit version; @@ -15,6 +15,6 @@ in src = fetchurl { url = "https://www.lrde.epita.fr/dload/spot/spot-${version}.tar.gz"; - sha256 = "sha256-NhMOU23GqH+twsRLSrL2tBfVpP8879GZy+TqUbogdyQ"; + sha256 = "sha256-DQ/mc88byJM3J7yOC+e6NpAURSEeKUWsc/sJg1yB9Os="; }; } From 874882392b5cb1781d0e7c2e78cd98f8529da5e5 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 16 May 2025 13:17:49 +0200 Subject: [PATCH 261/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/50eee705bbdbac942074a8c120e8194185633675?narHash=sha256-EyXUNSa%2BH%2BYvGVuQJP1nZskXAowxKYp79RNUsNdQTj4%3D' (2025-05-02) → 'github:nix-community/home-manager/1eec32f0efe3b830927989767a9e6ece0d82d608?narHash=sha256-3MmiUN/jOHBHQUnjqzg6qKArc17j2OS6jisEppDY4g8%3D' (2025-05-15) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/a4bb30a9000cf0444ecc8fdca8096d072f77f9e8?narHash=sha256-KvZ6G5sdBdcrglsqcOx8BT6NpHVMVHc8wssMRhv/%2B1g%3D' (2025-05-05) → 'github:NixOS/nixos-hardware/e81fd167b33121269149c57806599045fd33eeed?narHash=sha256-L3clA5YGeYCF47ghsI7Tcex%2BDnaaN/BbQ4dR2wzoiKg%3D' (2025-05-13) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/5b35d248e9206c1f3baf8de6a7683fee126364aa?narHash=sha256-NTtKOTLQv6dPfRe00OGSywg37A1FYqldS6xiNmqBUYc%3D' (2025-05-05) → 'github:NixOS/nixpkgs/5d736263df906c5da72ab0f372427814de2f52f8?narHash=sha256-fLise%2Bys%2BbpyjuUUkbwqo5W/UyIELvRz9lPBPoB0fbM%3D' (2025-05-14) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 40f5a4e..4132cc0 100644 --- a/flake.lock +++ b/flake.lock @@ -160,11 +160,11 @@ ] }, "locked": { - "lastModified": 1746171682, - "narHash": "sha256-EyXUNSa+H+YvGVuQJP1nZskXAowxKYp79RNUsNdQTj4=", + "lastModified": 1747331121, + "narHash": "sha256-3MmiUN/jOHBHQUnjqzg6qKArc17j2OS6jisEppDY4g8=", "owner": "nix-community", "repo": "home-manager", - "rev": "50eee705bbdbac942074a8c120e8194185633675", + "rev": "1eec32f0efe3b830927989767a9e6ece0d82d608", "type": "github" }, "original": { @@ -234,11 +234,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1746427242, - "narHash": "sha256-KvZ6G5sdBdcrglsqcOx8BT6NpHVMVHc8wssMRhv/+1g=", + "lastModified": 1747129300, + "narHash": "sha256-L3clA5YGeYCF47ghsI7Tcex+DnaaN/BbQ4dR2wzoiKg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "a4bb30a9000cf0444ecc8fdca8096d072f77f9e8", + "rev": "e81fd167b33121269149c57806599045fd33eeed", "type": "github" }, "original": { @@ -298,11 +298,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1746422338, - "narHash": "sha256-NTtKOTLQv6dPfRe00OGSywg37A1FYqldS6xiNmqBUYc=", + "lastModified": 1747209494, + "narHash": "sha256-fLise+ys+bpyjuUUkbwqo5W/UyIELvRz9lPBPoB0fbM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5b35d248e9206c1f3baf8de6a7683fee126364aa", + "rev": "5d736263df906c5da72ab0f372427814de2f52f8", "type": "github" }, "original": { From f9370488c8d069d819f33ccaa3a285ff2aea4d02 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 3 Jun 2025 13:42:26 +0200 Subject: [PATCH 262/309] flake: upgrade to NixOS 25.05 --- flake.lock | 16 ++++++++-------- flake.nix | 4 ++-- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/flake.lock b/flake.lock index 4132cc0..e2d35f1 100644 --- a/flake.lock +++ b/flake.lock @@ -160,16 +160,16 @@ ] }, "locked": { - "lastModified": 1747331121, - "narHash": "sha256-3MmiUN/jOHBHQUnjqzg6qKArc17j2OS6jisEppDY4g8=", + "lastModified": 1748665073, + "narHash": "sha256-RMhjnPKWtCoIIHiuR9QKD7xfsKb3agxzMfJY8V9MOew=", "owner": "nix-community", "repo": "home-manager", - "rev": "1eec32f0efe3b830927989767a9e6ece0d82d608", + "rev": "282e1e029cb6ab4811114fc85110613d72771dea", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-24.11", + "ref": "release-25.05", "repo": "home-manager", "type": "github" } @@ -298,16 +298,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1747209494, - "narHash": "sha256-fLise+ys+bpyjuUUkbwqo5W/UyIELvRz9lPBPoB0fbM=", + "lastModified": 1749024892, + "narHash": "sha256-OGcDEz60TXQC+gVz5sdtgGJdKVYr6rwdzQKuZAJQpCA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5d736263df906c5da72ab0f372427814de2f52f8", + "rev": "8f1b52b04f2cb6e5ead50bd28d76528a2f0380ef", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-24.11", + "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 7b6a918..1aa2d10 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,7 @@ type = "github"; owner = "NixOS"; repo = "nixpkgs"; - ref = "nixos-24.11"; + ref = "nixos-25.05"; }; nixpkgs-unstable-small = { @@ -25,7 +25,7 @@ type = "github"; owner = "nix-community"; repo = "home-manager"; - ref = "release-24.11"; + ref = "release-25.05"; inputs.nixpkgs.follows = "nixpkgs"; }; From c4007b5364cce605e65f9735c424a95890c2af5c Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 3 Jun 2025 13:42:26 +0200 Subject: [PATCH 263/309] flake: bump lix to 2.93 --- flake.lock | 20 ++++++++++---------- flake.nix | 2 +- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/flake.lock b/flake.lock index e2d35f1..57c45c8 100644 --- a/flake.lock +++ b/flake.lock @@ -200,15 +200,15 @@ "lix": { "flake": false, "locked": { - "lastModified": 1737234286, - "narHash": "sha256-pgDJZjj4jpzkFxsqBTI/9Yb0n3gW+DvDtuv9SwQZZcs=", - "rev": "079528098f5998ba13c88821a2eca1005c1695de", + "lastModified": 1746827285, + "narHash": "sha256-hsFe4Tsqqg4l+FfQWphDtjC79WzNCZbEFhHI8j2KJzw=", + "rev": "47aad376c87e2e65967f17099277428e4b3f8e5a", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/079528098f5998ba13c88821a2eca1005c1695de.tar.gz?rev=079528098f5998ba13c88821a2eca1005c1695de" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/47aad376c87e2e65967f17099277428e4b3f8e5a.tar.gz" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/lix/archive/release-2.92.tar.gz" + "url": "https://git.lix.systems/lix-project/lix/archive/2.93.0.tar.gz" } }, "lix-module": { @@ -221,15 +221,15 @@ ] }, "locked": { - "lastModified": 1742943028, - "narHash": "sha256-fprwZKE1uMzO9tiWWOrmLWBW3GPkMayQfb0xOvVFIno=", - "rev": "868d97695bab9d21f6070b03957bcace249fbe3c", + "lastModified": 1746838955, + "narHash": "sha256-11R4K3iAx4tLXjUs+hQ5K90JwDABD/XHhsM9nkeS5N8=", + "rev": "cd2a9c028df820a83ca2807dc6c6e7abc3dfa7fc", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/868d97695bab9d21f6070b03957bcace249fbe3c.tar.gz" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/cd2a9c028df820a83ca2807dc6c6e7abc3dfa7fc.tar.gz" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0-3.tar.gz" + "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.93.0.tar.gz" } }, "nixos-hardware": { diff --git a/flake.nix b/flake.nix index 1aa2d10..886a55e 100644 --- a/flake.nix +++ b/flake.nix @@ -51,7 +51,7 @@ }; lix-module = { - url = "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0-3.tar.gz"; + url = "https://git.lix.systems/lix-project/nixos-module/archive/2.93.0.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; }; From 904d29e8ef3852be6fb9302316239901ff40552b Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 3 Jun 2025 13:42:26 +0200 Subject: [PATCH 264/309] flake: bump jj to 0.30 --- flake.lock | 8 ++++---- flake.nix | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index 57c45c8..a0cf8ab 100644 --- a/flake.lock +++ b/flake.lock @@ -183,16 +183,16 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1744040552, - "narHash": "sha256-EAD40ZZr6VK4w9OuYzx2YcVgOODopF7IWN7GVjTlblE=", + "lastModified": 1749045673, + "narHash": "sha256-l+E3os5At/PV4zKvUDSv4Aez9Bg0M+BZDvwVOHX+h9s=", "owner": "jj-vcs", "repo": "jj", - "rev": "b9ebe2f03c976515d2a155a411a368ae773c5493", + "rev": "34b0961c940e1ad3be5cd9c5f5e608b0aa0ba859", "type": "github" }, "original": { "owner": "jj-vcs", - "ref": "v0.28.2", + "ref": "v0.30.0", "repo": "jj", "type": "github" } diff --git a/flake.nix b/flake.nix index 886a55e..31b06e9 100644 --- a/flake.nix +++ b/flake.nix @@ -59,7 +59,7 @@ type = "github"; owner = "jj-vcs"; repo = "jj"; - ref = "v0.28.2"; + ref = "v0.30.0"; inputs.nixpkgs.follows = "nixpkgs"; }; }; From bd9e8a79d45e8886dde057f20a0e6b05b7dc3152 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 5 Jun 2025 16:21:49 +0200 Subject: [PATCH 265/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/e81fd167b33121269149c57806599045fd33eeed?narHash=sha256-L3clA5YGeYCF47ghsI7Tcex%2BDnaaN/BbQ4dR2wzoiKg%3D' (2025-05-13) → 'github:NixOS/nixos-hardware/029bd66faa180e11262dd1bc2732254c33415f52?narHash=sha256-QITcurR19KZlrCngBoCjsFF2BdYsiCG4UqmlrVcLb8Q%3D' (2025-06-04) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index a0cf8ab..acdf987 100644 --- a/flake.lock +++ b/flake.lock @@ -234,11 +234,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1747129300, - "narHash": "sha256-L3clA5YGeYCF47ghsI7Tcex+DnaaN/BbQ4dR2wzoiKg=", + "lastModified": 1749056381, + "narHash": "sha256-QITcurR19KZlrCngBoCjsFF2BdYsiCG4UqmlrVcLb8Q=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "e81fd167b33121269149c57806599045fd33eeed", + "rev": "029bd66faa180e11262dd1bc2732254c33415f52", "type": "github" }, "original": { From b47e91e44d37d64ba2192f1602a892cddf437735 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 5 Jun 2025 16:33:20 +0200 Subject: [PATCH 266/309] services: mealie: use stable package --- services/mealie.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/services/mealie.nix b/services/mealie.nix index 0be80e3..bf72c57 100644 --- a/services/mealie.nix +++ b/services/mealie.nix @@ -17,7 +17,6 @@ domain = config.networking.domain; hostname = config.networking.hostName; fqdn = "${hostname}.${domain}"; - pkg = pkgs.unstable.mealie; listenAddress = "127.0.0.1"; in { options.my.services.mealie = let @@ -48,7 +47,7 @@ in { inherit (cfg) credentialsFile; enable = true; - package = pkgs.unstable.mealie; + package = pkgs.mealie; port = cfg.port; settings = { From 9125e8b170a8517112e6c8bf5d368ce2c2bd6deb Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 5 Jun 2025 16:33:20 +0200 Subject: [PATCH 267/309] home: emacs: use stable nerd-fonts --- home/emacs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/emacs.nix b/home/emacs.nix index 8b46881..529439b 100644 --- a/home/emacs.nix +++ b/home/emacs.nix @@ -30,7 +30,7 @@ in { ; inherit - (pkgs.unstable.nerd-fonts) + (pkgs.nerd-fonts) iosevka ; }; From 7e97c3e2c964f479f18652f4d2152ef4475bd256 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 5 Jun 2025 16:33:20 +0200 Subject: [PATCH 268/309] hades: disable transmission Build fails because of some miniupnp error, waiting on the fix to reach nixos-25.05 --- hosts/hades/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/hades/default.nix b/hosts/hades/default.nix index dbbff5c..6888b59 100644 --- a/hosts/hades/default.nix +++ b/hosts/hades/default.nix @@ -143,7 +143,7 @@ in { }; transmission = { - enable = true; + enable = false; username = "alarsyo"; }; From d66531974676860fd79e5adc4a254675844c629d Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 6 Jun 2025 14:47:21 +0200 Subject: [PATCH 269/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/282e1e029cb6ab4811114fc85110613d72771dea' (2025-05-31) → 'github:nix-community/home-manager/7aae0ee71a17b19708b93b3ed448a1a0952bf111' (2025-06-05) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/029bd66faa180e11262dd1bc2732254c33415f52' (2025-06-04) → 'github:NixOS/nixos-hardware/4602f7e1d3f197b3cb540d5accf5669121629628' (2025-06-06) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/8f1b52b04f2cb6e5ead50bd28d76528a2f0380ef' (2025-06-04) → 'github:NixOS/nixpkgs/4792576cb003c994bd7cc1edada3129def20b27d' (2025-06-05) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index acdf987..8e05ce2 100644 --- a/flake.lock +++ b/flake.lock @@ -160,11 +160,11 @@ ] }, "locked": { - "lastModified": 1748665073, - "narHash": "sha256-RMhjnPKWtCoIIHiuR9QKD7xfsKb3agxzMfJY8V9MOew=", + "lastModified": 1749154018, + "narHash": "sha256-gjN3j7joRvT3a8Zgcylnd4NFsnXeDBumqiu4HmY1RIg=", "owner": "nix-community", "repo": "home-manager", - "rev": "282e1e029cb6ab4811114fc85110613d72771dea", + "rev": "7aae0ee71a17b19708b93b3ed448a1a0952bf111", "type": "github" }, "original": { @@ -234,11 +234,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1749056381, - "narHash": "sha256-QITcurR19KZlrCngBoCjsFF2BdYsiCG4UqmlrVcLb8Q=", + "lastModified": 1749195551, + "narHash": "sha256-W5GKQHgunda/OP9sbKENBZhMBDNu2QahoIPwnsF6CeM=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "029bd66faa180e11262dd1bc2732254c33415f52", + "rev": "4602f7e1d3f197b3cb540d5accf5669121629628", "type": "github" }, "original": { @@ -298,11 +298,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1749024892, - "narHash": "sha256-OGcDEz60TXQC+gVz5sdtgGJdKVYr6rwdzQKuZAJQpCA=", + "lastModified": 1749086602, + "narHash": "sha256-DJcgJMekoxVesl9kKjfLPix2Nbr42i7cpEHJiTnBUwU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8f1b52b04f2cb6e5ead50bd28d76528a2f0380ef", + "rev": "4792576cb003c994bd7cc1edada3129def20b27d", "type": "github" }, "original": { From b69121755342d03bbcf5a676496578ad8a09e9f1 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 6 Jun 2025 14:47:27 +0200 Subject: [PATCH 270/309] hades: re-enable transmission --- hosts/hades/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/hades/default.nix b/hosts/hades/default.nix index 6888b59..dbbff5c 100644 --- a/hosts/hades/default.nix +++ b/hosts/hades/default.nix @@ -143,7 +143,7 @@ in { }; transmission = { - enable = false; + enable = true; username = "alarsyo"; }; From eeecadc05b396fa110fb5266c9d8870572c1453c Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 11 Jun 2025 16:09:02 +0200 Subject: [PATCH 271/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/4792576cb003c994bd7cc1edada3129def20b27d' (2025-06-05) → 'github:NixOS/nixpkgs/88331c17ba434359491e8d5889cce872464052c2' (2025-06-09) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 8e05ce2..b52ca70 100644 --- a/flake.lock +++ b/flake.lock @@ -298,11 +298,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1749086602, - "narHash": "sha256-DJcgJMekoxVesl9kKjfLPix2Nbr42i7cpEHJiTnBUwU=", + "lastModified": 1749494155, + "narHash": "sha256-FG4DEYBpROupu758beabUk9lhrblSf5hnv84v1TLqMc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4792576cb003c994bd7cc1edada3129def20b27d", + "rev": "88331c17ba434359491e8d5889cce872464052c2", "type": "github" }, "original": { From dd8744ffe41dcd047f6d6d05d380e3c0cadd2e6b Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 12 Jun 2025 15:06:31 +0200 Subject: [PATCH 272/309] pkgs: spot: bump to 2.13.1 --- pkgs/spot/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/spot/default.nix b/pkgs/spot/default.nix index 2670c85..75f6c43 100644 --- a/pkgs/spot/default.nix +++ b/pkgs/spot/default.nix @@ -3,7 +3,7 @@ fetchurl, python3, }: let - version = "2.13"; + version = "2.13.1"; in stdenv.mkDerivation { inherit version; @@ -15,6 +15,6 @@ in src = fetchurl { url = "https://www.lrde.epita.fr/dload/spot/spot-${version}.tar.gz"; - sha256 = "sha256-DQ/mc88byJM3J7yOC+e6NpAURSEeKUWsc/sJg1yB9Os="; + sha256 = "sha256-udHeSrzQafkj4aMmP1jMr8xUiWqoGLRVkoyisaRGbck"; }; } From 6c4d19b27b6e02cd76eacd948e1618fc9c2b502d Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 12 Jun 2025 15:06:48 +0200 Subject: [PATCH 273/309] talos: home: setup ergol secondary layout in sway --- hosts/talos/home.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 9513e08..3e1785a 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -74,8 +74,9 @@ in { modifier = "Mod4"; input = { "type:keyboard" = { - xkb_layout = "fr"; - xkb_variant = "us"; + xkb_layout = "fr,fr"; + xkb_variant = "us,ergol"; + xkb_options = "grp:shift_caps_toggle"; }; "type:touchpad" = { dwt = "enabled"; @@ -95,6 +96,7 @@ in { }; bars = []; + bindkeysToCode = true; keybindings = mkOptionDefault { "Mod4+Shift+a" = "exec shikanectl reload"; "Mod4+Shift+e" = ''mode "${logoutMode}"''; From 81d0a9b8f82e3a340dbf880947dea2b8996a73f5 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 12 Jun 2025 15:06:48 +0200 Subject: [PATCH 274/309] talos: try out cosmic --- hosts/talos/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/talos/default.nix b/hosts/talos/default.nix index f129e62..bf11f17 100644 --- a/hosts/talos/default.nix +++ b/hosts/talos/default.nix @@ -155,6 +155,7 @@ # Enable the KDE Plasma Desktop Environment. services.desktopManager.plasma6.enable = true; + services.desktopManager.cosmic.enable = true; services.power-profiles-daemon.enable = true; environment.systemPackages = [ From 11d92ee6f2a6e8fb5c428cc24b30e292c5ac4409 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 12 Jun 2025 15:06:48 +0200 Subject: [PATCH 275/309] services: paperless: use PAPERLESS_URL var --- services/paperless.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/services/paperless.nix b/services/paperless.nix index 20180d2..96f785c 100644 --- a/services/paperless.nix +++ b/services/paperless.nix @@ -56,8 +56,7 @@ in { PAPERLESS_DBUSER = "paperless"; PAPERLESS_DBNAME = "paperless"; - PAPERLESS_ALLOWED_HOSTS = paperlessDomain; - PAPERLESS_CORS_ALLOWED_HOSTS = "https://${paperlessDomain}"; + PAPERLESS_URL = "https://${paperlessDomain}"; PAPERLESS_OCR_LANGUAGE = "fra+eng"; PAPERLESS_OCR_MODE = "skip"; From 545e6091e032905c1323afc8063f0e4628e0f841 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 20 Jun 2025 11:21:54 +0200 Subject: [PATCH 276/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/4602f7e1d3f197b3cb540d5accf5669121629628' (2025-06-06) → 'github:NixOS/nixos-hardware/61837d2a33ccc1582c5fabb7bf9130d39fee59ad' (2025-06-16) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/88331c17ba434359491e8d5889cce872464052c2' (2025-06-09) → 'github:NixOS/nixpkgs/9ba04bda9249d5d5e5238303c9755de5a49a79c5' (2025-06-18) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index b52ca70..493a3e3 100644 --- a/flake.lock +++ b/flake.lock @@ -234,11 +234,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1749195551, - "narHash": "sha256-W5GKQHgunda/OP9sbKENBZhMBDNu2QahoIPwnsF6CeM=", + "lastModified": 1750083401, + "narHash": "sha256-ynqbgIYrg7P1fAKYqe8I/PMiLABBcNDYG9YaAP/d/C4=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "4602f7e1d3f197b3cb540d5accf5669121629628", + "rev": "61837d2a33ccc1582c5fabb7bf9130d39fee59ad", "type": "github" }, "original": { @@ -298,11 +298,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1749494155, - "narHash": "sha256-FG4DEYBpROupu758beabUk9lhrblSf5hnv84v1TLqMc=", + "lastModified": 1750259320, + "narHash": "sha256-H8J4H2XCIMEJ5g6fZ179QfQvsc2dUqhqfBjC8RAHNRY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "88331c17ba434359491e8d5889cce872464052c2", + "rev": "9ba04bda9249d5d5e5238303c9755de5a49a79c5", "type": "github" }, "original": { From 872f3eca2cde147959a2944bc0440b494058e186 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 20 Jun 2025 11:44:01 +0200 Subject: [PATCH 277/309] services: nextcloud: bump to 31 --- services/nextcloud.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/nextcloud.nix b/services/nextcloud.nix index 6a90eb0..b46ab7a 100644 --- a/services/nextcloud.nix +++ b/services/nextcloud.nix @@ -62,7 +62,7 @@ in { hostName = "cloud.${domain}"; https = true; - package = pkgs.nextcloud30; + package = pkgs.nextcloud31; maxUploadSize = "1G"; From 78b931aa436c8c5c0b9bf794d1e38214ba734ff6 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 20 Jun 2025 11:44:01 +0200 Subject: [PATCH 278/309] services: postgresql: add upgrade script --- services/postgresql.nix | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/services/postgresql.nix b/services/postgresql.nix index 4446cc8..a5478c8 100644 --- a/services/postgresql.nix +++ b/services/postgresql.nix @@ -8,4 +8,32 @@ config.services.postgresql = { package = pkgs.postgresql_16; }; + + config.environment.systemPackages = [ + (let + # XXX specify the postgresql package you'd like to upgrade to. + # Do not forget to list the extensions you need. + newPostgres = pkgs.postgresql_17; + cfg = config.services.postgresql; + in pkgs.writeScriptBin "upgrade-pg-cluster" '' + set -eux + # XXX it's perhaps advisable to stop all services that depend on postgresql + systemctl stop postgresql + + export NEWDATA="/var/lib/postgresql/${newPostgres.psqlSchema}" + export NEWBIN="${newPostgres}/bin" + + export OLDDATA="${cfg.dataDir}" + export OLDBIN="${cfg.finalPackage}/bin" + + install -d -m 0700 -o postgres -g postgres "$NEWDATA" + cd "$NEWDATA" + sudo -u postgres "$NEWBIN/initdb" -D "$NEWDATA" ${lib.escapeShellArgs cfg.initdbArgs} + + sudo -u postgres "$NEWBIN/pg_upgrade" \ + --old-datadir "$OLDDATA" --new-datadir "$NEWDATA" \ + --old-bindir "$OLDBIN" --new-bindir "$NEWBIN" \ + "$@" + '') + ]; } From 73caf2baba7a188f4f5148520a509f2adb13c20d Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 20 Jun 2025 12:29:15 +0200 Subject: [PATCH 279/309] services: postgresql: switch to postgresql 17 --- services/postgresql.nix | 30 +----------------------------- 1 file changed, 1 insertion(+), 29 deletions(-) diff --git a/services/postgresql.nix b/services/postgresql.nix index a5478c8..cb5d2d1 100644 --- a/services/postgresql.nix +++ b/services/postgresql.nix @@ -6,34 +6,6 @@ }: { # set postgresql version so we don't get any bad surprise config.services.postgresql = { - package = pkgs.postgresql_16; + package = pkgs.postgresql_17; }; - - config.environment.systemPackages = [ - (let - # XXX specify the postgresql package you'd like to upgrade to. - # Do not forget to list the extensions you need. - newPostgres = pkgs.postgresql_17; - cfg = config.services.postgresql; - in pkgs.writeScriptBin "upgrade-pg-cluster" '' - set -eux - # XXX it's perhaps advisable to stop all services that depend on postgresql - systemctl stop postgresql - - export NEWDATA="/var/lib/postgresql/${newPostgres.psqlSchema}" - export NEWBIN="${newPostgres}/bin" - - export OLDDATA="${cfg.dataDir}" - export OLDBIN="${cfg.finalPackage}/bin" - - install -d -m 0700 -o postgres -g postgres "$NEWDATA" - cd "$NEWDATA" - sudo -u postgres "$NEWBIN/initdb" -D "$NEWDATA" ${lib.escapeShellArgs cfg.initdbArgs} - - sudo -u postgres "$NEWBIN/pg_upgrade" \ - --old-datadir "$OLDDATA" --new-datadir "$NEWDATA" \ - --old-bindir "$OLDBIN" --new-bindir "$NEWBIN" \ - "$@" - '') - ]; } From 2562a3467c5a9ed174074681e2eb5aba094ef26d Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 23 Jun 2025 11:48:24 +0200 Subject: [PATCH 280/309] talos: add playerctl shortcuts --- hosts/talos/home.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 3e1785a..86871e6 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -42,6 +42,7 @@ in { lng = 2.3; }; }; + playerctld.enable = true; }; home.packages = builtins.attrValues { @@ -107,6 +108,10 @@ in { "XF86AudioRaiseVolume" = "exec wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+ -l 1.2"; "XF86MonBrightnessUp" = "exec light -A 5"; "XF86MonBrightnessDown" = "exec light -U 5"; + "XF86AudioPlay" = "exec --no-startup-id playerctl play-pause"; + "XF86AudioPause" = "exec --no-startup-id playerctl play-pause"; + "XF86AudioPrev" = "exec --no-startup-id playerctl previous"; + "XF86AudioNext" = "exec --no-startup-id playerctl next"; }; modes = mkOptionDefault { From 1ef20e079208c5acd51b5ff48556163be6df6c94 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 30 Jun 2025 11:48:35 +0200 Subject: [PATCH 281/309] talos: add screenshot utilities to path --- hosts/talos/home.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 86871e6..c45d465 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -56,6 +56,10 @@ in { shikane # output autoconfig swaybg zotero + + grim + wl-clipboard + slurp ; inherit From d4d48d5c2a21192b4925223c4c804c2e4e064e84 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 9 Jul 2025 15:35:52 +0200 Subject: [PATCH 282/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/7aae0ee71a17b19708b93b3ed448a1a0952bf111' (2025-06-05) → 'github:nix-community/home-manager/9b0873b46c9f9e4b7aa01eb634952c206af53068' (2025-07-06) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/61837d2a33ccc1582c5fabb7bf9130d39fee59ad' (2025-06-16) → 'github:NixOS/nixos-hardware/7ced9122cff2163c6a0212b8d1ec8c33a1660806' (2025-07-09) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/9ba04bda9249d5d5e5238303c9755de5a49a79c5' (2025-06-18) → 'github:NixOS/nixpkgs/88983d4b665fb491861005137ce2b11a9f89f203' (2025-07-08) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 493a3e3..8ae337f 100644 --- a/flake.lock +++ b/flake.lock @@ -160,11 +160,11 @@ ] }, "locked": { - "lastModified": 1749154018, - "narHash": "sha256-gjN3j7joRvT3a8Zgcylnd4NFsnXeDBumqiu4HmY1RIg=", + "lastModified": 1751810233, + "narHash": "sha256-kllkNbIqQi3VplgTMeGzuh1t8Gk8TauvkTRt93Km+tQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "7aae0ee71a17b19708b93b3ed448a1a0952bf111", + "rev": "9b0873b46c9f9e4b7aa01eb634952c206af53068", "type": "github" }, "original": { @@ -234,11 +234,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1750083401, - "narHash": "sha256-ynqbgIYrg7P1fAKYqe8I/PMiLABBcNDYG9YaAP/d/C4=", + "lastModified": 1752048960, + "narHash": "sha256-gATnkOe37eeVwKKYCsL+OnS2gU4MmLuZFzzWCtaKLI8=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "61837d2a33ccc1582c5fabb7bf9130d39fee59ad", + "rev": "7ced9122cff2163c6a0212b8d1ec8c33a1660806", "type": "github" }, "original": { @@ -298,11 +298,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1750259320, - "narHash": "sha256-H8J4H2XCIMEJ5g6fZ179QfQvsc2dUqhqfBjC8RAHNRY=", + "lastModified": 1751943650, + "narHash": "sha256-7orTnNqkGGru8Je6Un6mq1T8YVVU/O5kyW4+f9C1mZQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9ba04bda9249d5d5e5238303c9755de5a49a79c5", + "rev": "88983d4b665fb491861005137ce2b11a9f89f203", "type": "github" }, "original": { From 621986e2aa91e063b36ca2cc4f160b44e0ed1524 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sun, 27 Jul 2025 16:03:27 +0200 Subject: [PATCH 283/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/9b0873b46c9f9e4b7aa01eb634952c206af53068' (2025-07-06) → 'github:nix-community/home-manager/fc3add429f21450359369af74c2375cb34a2d204' (2025-07-27) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/7ced9122cff2163c6a0212b8d1ec8c33a1660806' (2025-07-09) → 'github:NixOS/nixos-hardware/cc66fddc6cb04ab479a1bb062f4d4da27c936a22' (2025-07-21) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/88983d4b665fb491861005137ce2b11a9f89f203' (2025-07-08) → 'github:NixOS/nixpkgs/3ff0e34b1383648053bba8ed03f201d3466f90c9' (2025-07-24) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 8ae337f..3463b85 100644 --- a/flake.lock +++ b/flake.lock @@ -160,11 +160,11 @@ ] }, "locked": { - "lastModified": 1751810233, - "narHash": "sha256-kllkNbIqQi3VplgTMeGzuh1t8Gk8TauvkTRt93Km+tQ=", + "lastModified": 1753592768, + "narHash": "sha256-oV695RvbAE4+R9pcsT9shmp6zE/+IZe6evHWX63f2Qg=", "owner": "nix-community", "repo": "home-manager", - "rev": "9b0873b46c9f9e4b7aa01eb634952c206af53068", + "rev": "fc3add429f21450359369af74c2375cb34a2d204", "type": "github" }, "original": { @@ -234,11 +234,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1752048960, - "narHash": "sha256-gATnkOe37eeVwKKYCsL+OnS2gU4MmLuZFzzWCtaKLI8=", + "lastModified": 1753122741, + "narHash": "sha256-nFxE8lk9JvGelxClCmwuJYftbHqwnc01dRN4DVLUroM=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "7ced9122cff2163c6a0212b8d1ec8c33a1660806", + "rev": "cc66fddc6cb04ab479a1bb062f4d4da27c936a22", "type": "github" }, "original": { @@ -298,11 +298,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1751943650, - "narHash": "sha256-7orTnNqkGGru8Je6Un6mq1T8YVVU/O5kyW4+f9C1mZQ=", + "lastModified": 1753345091, + "narHash": "sha256-CdX2Rtvp5I8HGu9swBmYuq+ILwRxpXdJwlpg8jvN4tU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "88983d4b665fb491861005137ce2b11a9f89f203", + "rev": "3ff0e34b1383648053bba8ed03f201d3466f90c9", "type": "github" }, "original": { From 061a89b5ff476536de68289f95ed6a7f73a113dd Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 31 Jul 2025 16:22:05 +0200 Subject: [PATCH 284/309] flake: bump Lix --- flake.lock | 20 ++++++++++---------- flake.nix | 2 +- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/flake.lock b/flake.lock index 3463b85..287c47b 100644 --- a/flake.lock +++ b/flake.lock @@ -200,15 +200,15 @@ "lix": { "flake": false, "locked": { - "lastModified": 1746827285, - "narHash": "sha256-hsFe4Tsqqg4l+FfQWphDtjC79WzNCZbEFhHI8j2KJzw=", - "rev": "47aad376c87e2e65967f17099277428e4b3f8e5a", + "lastModified": 1753306924, + "narHash": "sha256-jLCEW0FvjFhC+c4RHzH+xbkSOxrnpFHnhjOw6sudhx0=", + "rev": "1a4393d0aac31aba21f5737ede1b171e11336d77", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/47aad376c87e2e65967f17099277428e4b3f8e5a.tar.gz" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/1a4393d0aac31aba21f5737ede1b171e11336d77.tar.gz?rev=1a4393d0aac31aba21f5737ede1b171e11336d77" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/lix/archive/2.93.0.tar.gz" + "url": "https://git.lix.systems/lix-project/lix/archive/release-2.93.tar.gz" } }, "lix-module": { @@ -221,15 +221,15 @@ ] }, "locked": { - "lastModified": 1746838955, - "narHash": "sha256-11R4K3iAx4tLXjUs+hQ5K90JwDABD/XHhsM9nkeS5N8=", - "rev": "cd2a9c028df820a83ca2807dc6c6e7abc3dfa7fc", + "lastModified": 1753282722, + "narHash": "sha256-KYMUrTV7H/RR5/HRnjV5R3rRIuBXMemyJzTLi50NFTs=", + "rev": "46a9e8fcfe4be72b4c7c8082ee11d2c42da1e873", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/cd2a9c028df820a83ca2807dc6c6e7abc3dfa7fc.tar.gz" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/46a9e8fcfe4be72b4c7c8082ee11d2c42da1e873.tar.gz?rev=46a9e8fcfe4be72b4c7c8082ee11d2c42da1e873" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.93.0.tar.gz" + "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.93.3-1.tar.gz" } }, "nixos-hardware": { diff --git a/flake.nix b/flake.nix index 31b06e9..58c28c4 100644 --- a/flake.nix +++ b/flake.nix @@ -51,7 +51,7 @@ }; lix-module = { - url = "https://git.lix.systems/lix-project/nixos-module/archive/2.93.0.tar.gz"; + url = "https://git.lix.systems/lix-project/nixos-module/archive/2.93.3-1.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; }; From 0f6f89fb181dc82c289d5e54bd9d9b2d951a8daa Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 31 Jul 2025 16:22:05 +0200 Subject: [PATCH 285/309] talos: home: set workspace auto back and forth --- hosts/talos/home.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index c45d465..824c3c1 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -101,6 +101,7 @@ in { }; bars = []; + workspaceAutoBackAndForth = true; bindkeysToCode = true; keybindings = mkOptionDefault { "Mod4+Shift+a" = "exec shikanectl reload"; From f8d54c9ad51b9e5e1a4349ce4b2825ccd05e63cd Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 4 Aug 2025 10:51:59 +0200 Subject: [PATCH 286/309] home: mail: switch to LRE LDAP for email --- home/mail.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/mail.nix b/home/mail.nix index 8931940..d48b580 100644 --- a/home/mail.nix +++ b/home/mail.nix @@ -117,7 +117,7 @@ in { userName = "amartin"; realName = myName; flavor = "plain"; # default setting - passwordCommand = "${pkgs.rbw}/bin/rbw get lrde.epita.fr amartin"; + passwordCommand = "${pkgs.rbw}/bin/rbw get lre.epita.fr amartin"; mbsync = { enable = true; create = "both"; From 23db5ec5e3161de26b745c431d209c5fec8e042d Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 23 Aug 2025 10:42:51 +0200 Subject: [PATCH 287/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/fc3add429f21450359369af74c2375cb34a2d204' (2025-07-27) → 'github:nix-community/home-manager/4a44fb9f7555da362af9d499817084f4288a957f' (2025-08-23) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/cc66fddc6cb04ab479a1bb062f4d4da27c936a22' (2025-07-21) → 'github:NixOS/nixos-hardware/3dac8a872557e0ca8c083cdcfc2f218d18e113b0' (2025-08-16) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/3ff0e34b1383648053bba8ed03f201d3466f90c9' (2025-07-24) → 'github:NixOS/nixpkgs/9cb344e96d5b6918e94e1bca2d9f3ea1e9615545' (2025-08-20) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 287c47b..682a374 100644 --- a/flake.lock +++ b/flake.lock @@ -160,11 +160,11 @@ ] }, "locked": { - "lastModified": 1753592768, - "narHash": "sha256-oV695RvbAE4+R9pcsT9shmp6zE/+IZe6evHWX63f2Qg=", + "lastModified": 1755928099, + "narHash": "sha256-OILVkfhRCm8u18IZ2DKR8gz8CVZM2ZcJmQBXmjFLIfk=", "owner": "nix-community", "repo": "home-manager", - "rev": "fc3add429f21450359369af74c2375cb34a2d204", + "rev": "4a44fb9f7555da362af9d499817084f4288a957f", "type": "github" }, "original": { @@ -234,11 +234,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1753122741, - "narHash": "sha256-nFxE8lk9JvGelxClCmwuJYftbHqwnc01dRN4DVLUroM=", + "lastModified": 1755330281, + "narHash": "sha256-aJHFJWP9AuI8jUGzI77LYcSlkA9wJnOIg4ZqftwNGXA=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "cc66fddc6cb04ab479a1bb062f4d4da27c936a22", + "rev": "3dac8a872557e0ca8c083cdcfc2f218d18e113b0", "type": "github" }, "original": { @@ -298,11 +298,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1753345091, - "narHash": "sha256-CdX2Rtvp5I8HGu9swBmYuq+ILwRxpXdJwlpg8jvN4tU=", + "lastModified": 1755704039, + "narHash": "sha256-gKlP0LbyJ3qX0KObfIWcp5nbuHSb5EHwIvU6UcNBg2A=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3ff0e34b1383648053bba8ed03f201d3466f90c9", + "rev": "9cb344e96d5b6918e94e1bca2d9f3ea1e9615545", "type": "github" }, "original": { From 4e1d7ddc8646b9eceb31b4c77e27e4293baeb970 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 23 Aug 2025 14:46:23 +0200 Subject: [PATCH 288/309] flake: bump jj --- flake.lock | 8 ++++---- flake.nix | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index 682a374..70dca4e 100644 --- a/flake.lock +++ b/flake.lock @@ -183,16 +183,16 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1749045673, - "narHash": "sha256-l+E3os5At/PV4zKvUDSv4Aez9Bg0M+BZDvwVOHX+h9s=", + "lastModified": 1754498174, + "narHash": "sha256-TFKUz8hUCRM9RPkp9CBvKnd4e+TnR8H5t9/N76cAKzI=", "owner": "jj-vcs", "repo": "jj", - "rev": "34b0961c940e1ad3be5cd9c5f5e608b0aa0ba859", + "rev": "44de571887f261a94f543d977a7ab3a9df918aba", "type": "github" }, "original": { "owner": "jj-vcs", - "ref": "v0.30.0", + "ref": "v0.32.0", "repo": "jj", "type": "github" } diff --git a/flake.nix b/flake.nix index 58c28c4..7155240 100644 --- a/flake.nix +++ b/flake.nix @@ -59,7 +59,7 @@ type = "github"; owner = "jj-vcs"; repo = "jj"; - ref = "v0.30.0"; + ref = "v0.32.0"; inputs.nixpkgs.follows = "nixpkgs"; }; }; From 4af60abdacf68356acc3c962e198d162ee2292b0 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 23 Aug 2025 14:46:23 +0200 Subject: [PATCH 289/309] talos: ansel doesn't build --- hosts/talos/home.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 824c3c1..2a7fa54 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -48,7 +48,7 @@ in { home.packages = builtins.attrValues { inherit (pkgs) - ansel + #ansel chromium # some websites only work there :( font-awesome # for pretty icons gnome-solanum From 2a8ec570befbc55de2fe259dbf88c93ac4fa7f43 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 10 Sep 2025 11:22:38 +0200 Subject: [PATCH 290/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/4a44fb9f7555da362af9d499817084f4288a957f' (2025-08-23) → 'github:nix-community/home-manager/07fc025fe10487dd80f2ec694f1cd790e752d0e8' (2025-08-31) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/3dac8a872557e0ca8c083cdcfc2f218d18e113b0' (2025-08-16) → 'github:NixOS/nixos-hardware/11b2a10c7be726321bb854403fdeec391e798bf0' (2025-09-05) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/9cb344e96d5b6918e94e1bca2d9f3ea1e9615545' (2025-08-20) → 'github:NixOS/nixpkgs/d179d77c139e0a3f5c416477f7747e9d6b7ec315' (2025-09-09) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 70dca4e..31d4cd8 100644 --- a/flake.lock +++ b/flake.lock @@ -160,11 +160,11 @@ ] }, "locked": { - "lastModified": 1755928099, - "narHash": "sha256-OILVkfhRCm8u18IZ2DKR8gz8CVZM2ZcJmQBXmjFLIfk=", + "lastModified": 1756679287, + "narHash": "sha256-Xd1vOeY9ccDf5VtVK12yM0FS6qqvfUop8UQlxEB+gTQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "4a44fb9f7555da362af9d499817084f4288a957f", + "rev": "07fc025fe10487dd80f2ec694f1cd790e752d0e8", "type": "github" }, "original": { @@ -234,11 +234,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1755330281, - "narHash": "sha256-aJHFJWP9AuI8jUGzI77LYcSlkA9wJnOIg4ZqftwNGXA=", + "lastModified": 1757103352, + "narHash": "sha256-PtT7ix43ss8PONJ1VJw3f6t2yAoGH+q462Sn8lrmWmk=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "3dac8a872557e0ca8c083cdcfc2f218d18e113b0", + "rev": "11b2a10c7be726321bb854403fdeec391e798bf0", "type": "github" }, "original": { @@ -298,11 +298,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1755704039, - "narHash": "sha256-gKlP0LbyJ3qX0KObfIWcp5nbuHSb5EHwIvU6UcNBg2A=", + "lastModified": 1757408970, + "narHash": "sha256-aSgK4BLNFFGvDTNKPeB28lVXYqVn8RdyXDNAvgGq+k0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9cb344e96d5b6918e94e1bca2d9f3ea1e9615545", + "rev": "d179d77c139e0a3f5c416477f7747e9d6b7ec315", "type": "github" }, "original": { From f5f69c5baf92e21bf57e4f6ed1375dee783e1426 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 16 Sep 2025 16:28:17 +0200 Subject: [PATCH 291/309] flake: tailscale overlay to bypass failing tests This isn't the right fix but it will do for now. --- flake.nix | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/flake.nix b/flake.nix index 7155240..250e03e 100644 --- a/flake.nix +++ b/flake.nix @@ -102,6 +102,18 @@ inherit system; config.allowUnfree = true; }; + + tailscale = super.tailscale.overrideAttrs (old: { + checkFlags = + builtins.map ( + flag: + if super.lib.hasPrefix "-skip=" flag + then flag + "|^TestGetList$|^TestIgnoreLocallyBoundPorts$|^TestPoller$" + else flag + ) + old.checkFlags; + }); + }) agenix.overlays.default From ad2e202a9f4aefe65fe7b2917d0929ea2eea0077 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 16 Sep 2025 16:28:17 +0200 Subject: [PATCH 292/309] flake: bump jj to v0.33 --- flake.lock | 8 ++++---- flake.nix | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index 31d4cd8..afac4fe 100644 --- a/flake.lock +++ b/flake.lock @@ -183,16 +183,16 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1754498174, - "narHash": "sha256-TFKUz8hUCRM9RPkp9CBvKnd4e+TnR8H5t9/N76cAKzI=", + "lastModified": 1756954389, + "narHash": "sha256-EKYM18UavIbZeI5/F5OKUzyjQip0yb6WPt6BZ2YpYww=", "owner": "jj-vcs", "repo": "jj", - "rev": "44de571887f261a94f543d977a7ab3a9df918aba", + "rev": "24f4e1083e8bcd6e5b8aaee3fa86e08cb7081d13", "type": "github" }, "original": { "owner": "jj-vcs", - "ref": "v0.32.0", + "ref": "v0.33.0", "repo": "jj", "type": "github" } diff --git a/flake.nix b/flake.nix index 250e03e..a7a3d0f 100644 --- a/flake.nix +++ b/flake.nix @@ -59,7 +59,7 @@ type = "github"; owner = "jj-vcs"; repo = "jj"; - ref = "v0.32.0"; + ref = "v0.33.0"; inputs.nixpkgs.follows = "nixpkgs"; }; }; From 7bc6694a5a483bf3c335772bf61edabb0d1ae6e7 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 16 Sep 2025 16:34:38 +0200 Subject: [PATCH 293/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/07fc025fe10487dd80f2ec694f1cd790e752d0e8' (2025-08-31) → 'github:nix-community/home-manager/f21d9167782c086a33ad53e2311854a8f13c281e' (2025-09-14) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/11b2a10c7be726321bb854403fdeec391e798bf0' (2025-09-05) → 'github:NixOS/nixos-hardware/67a709cfe5d0643dafd798b0b613ed579de8be05' (2025-09-15) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/d179d77c139e0a3f5c416477f7747e9d6b7ec315' (2025-09-09) → 'github:NixOS/nixpkgs/9a094440e02a699be5c57453a092a8baf569bdad' (2025-09-14) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index afac4fe..8ceef31 100644 --- a/flake.lock +++ b/flake.lock @@ -160,11 +160,11 @@ ] }, "locked": { - "lastModified": 1756679287, - "narHash": "sha256-Xd1vOeY9ccDf5VtVK12yM0FS6qqvfUop8UQlxEB+gTQ=", + "lastModified": 1757808926, + "narHash": "sha256-K6PEI5PYY94TVMH0mX3MbZNYFme7oNRKml/85BpRRAo=", "owner": "nix-community", "repo": "home-manager", - "rev": "07fc025fe10487dd80f2ec694f1cd790e752d0e8", + "rev": "f21d9167782c086a33ad53e2311854a8f13c281e", "type": "github" }, "original": { @@ -234,11 +234,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1757103352, - "narHash": "sha256-PtT7ix43ss8PONJ1VJw3f6t2yAoGH+q462Sn8lrmWmk=", + "lastModified": 1757943327, + "narHash": "sha256-w6cDExPBqbq7fTLo4dZ1ozDGeq3yV6dSN4n/sAaS6OM=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "11b2a10c7be726321bb854403fdeec391e798bf0", + "rev": "67a709cfe5d0643dafd798b0b613ed579de8be05", "type": "github" }, "original": { @@ -298,11 +298,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1757408970, - "narHash": "sha256-aSgK4BLNFFGvDTNKPeB28lVXYqVn8RdyXDNAvgGq+k0=", + "lastModified": 1757810152, + "narHash": "sha256-Vp9K5ol6h0J90jG7Rm4RWZsCB3x7v5VPx588TQ1dkfs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d179d77c139e0a3f5c416477f7747e9d6b7ec315", + "rev": "9a094440e02a699be5c57453a092a8baf569bdad", "type": "github" }, "original": { From 172c52ba84f2883b4f4962d75dd38088e937a6a1 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 16 Sep 2025 16:38:07 +0200 Subject: [PATCH 294/309] Revert "flake: tailscale overlay to bypass failing tests" This reverts commit f5f69c5baf92e21bf57e4f6ed1375dee783e1426. --- flake.nix | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/flake.nix b/flake.nix index a7a3d0f..ac084e0 100644 --- a/flake.nix +++ b/flake.nix @@ -102,18 +102,6 @@ inherit system; config.allowUnfree = true; }; - - tailscale = super.tailscale.overrideAttrs (old: { - checkFlags = - builtins.map ( - flag: - if super.lib.hasPrefix "-skip=" flag - then flag + "|^TestGetList$|^TestIgnoreLocallyBoundPorts$|^TestPoller$" - else flag - ) - old.checkFlags; - }); - }) agenix.overlays.default From 1a49c6a8880d8b790e05087d75dee188c1707975 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 16 Sep 2025 17:06:11 +0200 Subject: [PATCH 295/309] talos: fix formatting issue --- hosts/talos/home.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/hosts/talos/home.nix b/hosts/talos/home.nix index 2a7fa54..8a189d3 100644 --- a/hosts/talos/home.nix +++ b/hosts/talos/home.nix @@ -56,7 +56,6 @@ in { shikane # output autoconfig swaybg zotero - grim wl-clipboard slurp From b98a3c47b41660584acd2a4c2fd8c1bdaf605696 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 16 Sep 2025 17:27:22 +0200 Subject: [PATCH 296/309] flake: remove weird unneeded url attribute --- flake.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/flake.lock b/flake.lock index 8ceef31..c11b92e 100644 --- a/flake.lock +++ b/flake.lock @@ -204,7 +204,7 @@ "narHash": "sha256-jLCEW0FvjFhC+c4RHzH+xbkSOxrnpFHnhjOw6sudhx0=", "rev": "1a4393d0aac31aba21f5737ede1b171e11336d77", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/1a4393d0aac31aba21f5737ede1b171e11336d77.tar.gz?rev=1a4393d0aac31aba21f5737ede1b171e11336d77" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/1a4393d0aac31aba21f5737ede1b171e11336d77.tar.gz" }, "original": { "type": "tarball", @@ -225,7 +225,7 @@ "narHash": "sha256-KYMUrTV7H/RR5/HRnjV5R3rRIuBXMemyJzTLi50NFTs=", "rev": "46a9e8fcfe4be72b4c7c8082ee11d2c42da1e873", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/46a9e8fcfe4be72b4c7c8082ee11d2c42da1e873.tar.gz?rev=46a9e8fcfe4be72b4c7c8082ee11d2c42da1e873" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/46a9e8fcfe4be72b4c7c8082ee11d2c42da1e873.tar.gz" }, "original": { "type": "tarball", From 128a97da6db97569f41a1bf1e00efd4f332df998 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 16 Sep 2025 17:38:01 +0200 Subject: [PATCH 297/309] pkgs: spot: bump to v2.14.1 --- pkgs/spot/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/spot/default.nix b/pkgs/spot/default.nix index 75f6c43..28e7609 100644 --- a/pkgs/spot/default.nix +++ b/pkgs/spot/default.nix @@ -3,7 +3,7 @@ fetchurl, python3, }: let - version = "2.13.1"; + version = "2.14.1"; in stdenv.mkDerivation { inherit version; @@ -15,6 +15,6 @@ in src = fetchurl { url = "https://www.lrde.epita.fr/dload/spot/spot-${version}.tar.gz"; - sha256 = "sha256-udHeSrzQafkj4aMmP1jMr8xUiWqoGLRVkoyisaRGbck"; + sha256 = "sha256-Jd+KavTkuzrmdRWsmOPTfEMDpoLjOqpm5y10s5RZpTA="; }; } From f60ecdf2501011610dba66c45f1ab642a6d363f9 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 22 Sep 2025 10:10:15 +0200 Subject: [PATCH 298/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/f21d9167782c086a33ad53e2311854a8f13c281e' (2025-09-14) → 'github:nix-community/home-manager/3b955f5f0a942f9f60cdc9cacb7844335d0f21c3' (2025-09-21) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/9a094440e02a699be5c57453a092a8baf569bdad' (2025-09-14) → 'github:NixOS/nixpkgs/b2a3852bd078e68dd2b3dfa8c00c67af1f0a7d20' (2025-09-20) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index c11b92e..4e42b88 100644 --- a/flake.lock +++ b/flake.lock @@ -160,11 +160,11 @@ ] }, "locked": { - "lastModified": 1757808926, - "narHash": "sha256-K6PEI5PYY94TVMH0mX3MbZNYFme7oNRKml/85BpRRAo=", + "lastModified": 1758463745, + "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=", "owner": "nix-community", "repo": "home-manager", - "rev": "f21d9167782c086a33ad53e2311854a8f13c281e", + "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3", "type": "github" }, "original": { @@ -298,11 +298,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1757810152, - "narHash": "sha256-Vp9K5ol6h0J90jG7Rm4RWZsCB3x7v5VPx588TQ1dkfs=", + "lastModified": 1758346548, + "narHash": "sha256-afXE7AJ7MY6wY1pg/Y6UPHNYPy5GtUKeBkrZZ/gC71E=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9a094440e02a699be5c57453a092a8baf569bdad", + "rev": "b2a3852bd078e68dd2b3dfa8c00c67af1f0a7d20", "type": "github" }, "original": { From 14acd16723ee6135bed36c1bb54bd943eb3dedbc Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Mon, 22 Sep 2025 10:52:37 +0200 Subject: [PATCH 299/309] flake: simplify Lix setup --- base/nix.nix | 2 +- flake.lock | 84 ---------------------------------------------------- flake.nix | 7 ----- 3 files changed, 1 insertion(+), 92 deletions(-) diff --git a/base/nix.nix b/base/nix.nix index b5923a7..01ba76e 100644 --- a/base/nix.nix +++ b/base/nix.nix @@ -2,7 +2,7 @@ nixpkgs.config.allowUnfree = true; nix = { - package = pkgs.nixStable; + package = pkgs.lixPackageSets.latest.lix; gc = { automatic = true; diff --git a/flake.lock b/flake.lock index 4e42b88..0311ee7 100644 --- a/flake.lock +++ b/flake.lock @@ -99,39 +99,6 @@ "type": "github" } }, - "flake-utils_3": { - "inputs": { - "systems": "systems_4" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flakey-profile": { - "locked": { - "lastModified": 1712898590, - "narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=", - "owner": "lf-", - "repo": "flakey-profile", - "rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d", - "type": "github" - }, - "original": { - "owner": "lf-", - "repo": "flakey-profile", - "type": "github" - } - }, "home-manager": { "inputs": { "nixpkgs": [ @@ -197,41 +164,6 @@ "type": "github" } }, - "lix": { - "flake": false, - "locked": { - "lastModified": 1753306924, - "narHash": "sha256-jLCEW0FvjFhC+c4RHzH+xbkSOxrnpFHnhjOw6sudhx0=", - "rev": "1a4393d0aac31aba21f5737ede1b171e11336d77", - "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/1a4393d0aac31aba21f5737ede1b171e11336d77.tar.gz" - }, - "original": { - "type": "tarball", - "url": "https://git.lix.systems/lix-project/lix/archive/release-2.93.tar.gz" - } - }, - "lix-module": { - "inputs": { - "flake-utils": "flake-utils_3", - "flakey-profile": "flakey-profile", - "lix": "lix", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1753282722, - "narHash": "sha256-KYMUrTV7H/RR5/HRnjV5R3rRIuBXMemyJzTLi50NFTs=", - "rev": "46a9e8fcfe4be72b4c7c8082ee11d2c42da1e873", - "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/46a9e8fcfe4be72b4c7c8082ee11d2c42da1e873.tar.gz" - }, - "original": { - "type": "tarball", - "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.93.3-1.tar.gz" - } - }, "nixos-hardware": { "locked": { "lastModified": 1757943327, @@ -319,7 +251,6 @@ "flake-utils": "flake-utils", "home-manager": "home-manager_2", "jujutsu": "jujutsu", - "lix-module": "lix-module", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_3", "nixpkgs-unstable-small": "nixpkgs-unstable-small" @@ -390,21 +321,6 @@ "repo": "default", "type": "github" } - }, - "systems_4": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } } }, "root": "root", diff --git a/flake.nix b/flake.nix index ac084e0..5aa98dd 100644 --- a/flake.nix +++ b/flake.nix @@ -50,11 +50,6 @@ ref = "master"; }; - lix-module = { - url = "https://git.lix.systems/lix-project/nixos-module/archive/2.93.3-1.tar.gz"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - jujutsu = { type = "github"; owner = "jj-vcs"; @@ -70,7 +65,6 @@ home-manager, agenix, disko, - lix-module, ... } @ inputs: { @@ -112,7 +106,6 @@ [ agenix.nixosModules.default home-manager.nixosModules.default - lix-module.nixosModules.default { nixpkgs = { overlays = shared_overlays; From cbdd1188b5e1117f24d0578556081b4af165662c Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 1 Oct 2025 18:55:33 +0200 Subject: [PATCH 300/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/67a709cfe5d0643dafd798b0b613ed579de8be05' (2025-09-15) → 'github:NixOS/nixos-hardware/e087756cf4abbe1a34f3544c480fc1034d68742f' (2025-09-30) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/b2a3852bd078e68dd2b3dfa8c00c67af1f0a7d20' (2025-09-20) → 'github:NixOS/nixpkgs/5ed4e25ab58fd4c028b59d5611e14ea64de51d23' (2025-09-29) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 0311ee7..d5481f7 100644 --- a/flake.lock +++ b/flake.lock @@ -166,11 +166,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1757943327, - "narHash": "sha256-w6cDExPBqbq7fTLo4dZ1ozDGeq3yV6dSN4n/sAaS6OM=", + "lastModified": 1759261527, + "narHash": "sha256-wPd5oGvBBpUEzMF0kWnXge0WITNsITx/aGI9qLHgJ4g=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "67a709cfe5d0643dafd798b0b613ed579de8be05", + "rev": "e087756cf4abbe1a34f3544c480fc1034d68742f", "type": "github" }, "original": { @@ -230,11 +230,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1758346548, - "narHash": "sha256-afXE7AJ7MY6wY1pg/Y6UPHNYPy5GtUKeBkrZZ/gC71E=", + "lastModified": 1759143472, + "narHash": "sha256-TvODmeR2W7yX/JmOCmP+lAFNkTT7hAxYcF3Kz8SZV3w=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b2a3852bd078e68dd2b3dfa8c00c67af1f0a7d20", + "rev": "5ed4e25ab58fd4c028b59d5611e14ea64de51d23", "type": "github" }, "original": { From bb47557ba66ef7a9b493a9997b99f563002c26d6 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 10 Oct 2025 16:11:26 +0200 Subject: [PATCH 301/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/e087756cf4abbe1a34f3544c480fc1034d68742f' (2025-09-30) → 'github:NixOS/nixos-hardware/c816590dca8ecd902b5698e159821b899fe61ceb' (2025-10-10) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/5ed4e25ab58fd4c028b59d5611e14ea64de51d23' (2025-09-29) → 'github:NixOS/nixpkgs/20c4598c84a671783f741e02bf05cbfaf4907cff' (2025-10-06) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index d5481f7..3368ec7 100644 --- a/flake.lock +++ b/flake.lock @@ -166,11 +166,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1759261527, - "narHash": "sha256-wPd5oGvBBpUEzMF0kWnXge0WITNsITx/aGI9qLHgJ4g=", + "lastModified": 1760104290, + "narHash": "sha256-ArCBRudSQow35NVJFa6N0VvkhGfR9INcQWuqfv6QLNw=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "e087756cf4abbe1a34f3544c480fc1034d68742f", + "rev": "c816590dca8ecd902b5698e159821b899fe61ceb", "type": "github" }, "original": { @@ -230,11 +230,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1759143472, - "narHash": "sha256-TvODmeR2W7yX/JmOCmP+lAFNkTT7hAxYcF3Kz8SZV3w=", + "lastModified": 1759735786, + "narHash": "sha256-a0+h02lyP2KwSNrZz4wLJTu9ikujNsTWIC874Bv7IJ0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5ed4e25ab58fd4c028b59d5611e14ea64de51d23", + "rev": "20c4598c84a671783f741e02bf05cbfaf4907cff", "type": "github" }, "original": { From fe21cf537f513be57481ac097e23b1e9177cfc00 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 10 Oct 2025 16:20:50 +0200 Subject: [PATCH 302/309] flake: bump jj to v0.34.0 --- flake.lock | 14 +++++++------- flake.nix | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/flake.lock b/flake.lock index 3368ec7..37297fe 100644 --- a/flake.lock +++ b/flake.lock @@ -150,16 +150,16 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1756954389, - "narHash": "sha256-EKYM18UavIbZeI5/F5OKUzyjQip0yb6WPt6BZ2YpYww=", + "lastModified": 1759360197, + "narHash": "sha256-OW8kSDBBSZr0G3U27AAkZ3cH3TJmSARbg9Pc4qZ6tA0=", "owner": "jj-vcs", "repo": "jj", - "rev": "24f4e1083e8bcd6e5b8aaee3fa86e08cb7081d13", + "rev": "22900c9a9ba362efa442fed2dd4e6e1d5c22cc7a", "type": "github" }, "original": { "owner": "jj-vcs", - "ref": "v0.33.0", + "ref": "v0.34.0", "repo": "jj", "type": "github" } @@ -264,11 +264,11 @@ ] }, "locked": { - "lastModified": 1742783666, - "narHash": "sha256-IwdSl51NL6V0f+mYXZR0UTKaGleOsk9zV3l6kt5SUWw=", + "lastModified": 1755139244, + "narHash": "sha256-SN1BFA00m+siVAQiGLtTwjv9LV9TH5n8tQcSziV6Nv4=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "60766d63c227d576510ecfb5edd3a687d56f6bc7", + "rev": "aeae248beb2a419e39d483dd9b7fec924aba8d4d", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 5aa98dd..081b001 100644 --- a/flake.nix +++ b/flake.nix @@ -54,7 +54,7 @@ type = "github"; owner = "jj-vcs"; repo = "jj"; - ref = "v0.33.0"; + ref = "v0.34.0"; inputs.nixpkgs.follows = "nixpkgs"; }; }; From fa41b61e92176b3c8a371b7f3b05a7eca242c518 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Thu, 16 Oct 2025 10:34:37 +0200 Subject: [PATCH 303/309] home: fish: override exit function --- home/fish/functions/exit.fish | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 home/fish/functions/exit.fish diff --git a/home/fish/functions/exit.fish b/home/fish/functions/exit.fish new file mode 100644 index 0000000..2ca78d7 --- /dev/null +++ b/home/fish/functions/exit.fish @@ -0,0 +1,5 @@ +function exit \ + --description "Disown all jobs started from this shell to avoid killing them on exit" \ + --on-event fish_exit + jobs -q; and disown (jobs -p) +end From a40e1f283e53af233fb7fed3932105c34c8b7f6a Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 12 Nov 2025 15:18:53 +0100 Subject: [PATCH 304/309] pkgs: don't use alias for recurseIntoAttrs Thanks to Ambroisie for the report --- pkgs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/default.nix b/pkgs/default.nix index 19307a1..f9beb0d 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,6 +1,6 @@ {pkgs}: { sddm-sugar-candy = pkgs.callPackage ./sddm-sugar-candy {}; kaleidoscope-udev-rules = pkgs.callPackage ./kaleidoscope-udev-rules {}; - grafanaDashboards = pkgs.recurseIntoAttrs (pkgs.callPackage ./grafana-dashboards {}); + grafanaDashboards = pkgs.lib.recurseIntoAttrs (pkgs.callPackage ./grafana-dashboards {}); spot = pkgs.python3Packages.toPythonModule (pkgs.callPackage ./spot {}); } From 17bdf5d0e039ec2243f9efa6af90c39f7ce124c5 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 12 Nov 2025 16:41:06 +0100 Subject: [PATCH 305/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/c816590dca8ecd902b5698e159821b899fe61ceb' (2025-10-10) → 'github:NixOS/nixos-hardware/899dc449bc6428b9ee6b3b8f771ca2b0ef945ab9' (2025-11-11) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/20c4598c84a671783f741e02bf05cbfaf4907cff' (2025-10-06) → 'github:NixOS/nixpkgs/c2448301fb856e351aab33e64c33a3fc8bcf637d' (2025-11-10) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 37297fe..8193d52 100644 --- a/flake.lock +++ b/flake.lock @@ -166,11 +166,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1760104290, - "narHash": "sha256-ArCBRudSQow35NVJFa6N0VvkhGfR9INcQWuqfv6QLNw=", + "lastModified": 1762847253, + "narHash": "sha256-BWWnUUT01lPwCWUvS0p6Px5UOBFeXJ8jR+ZdLX8IbrU=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "c816590dca8ecd902b5698e159821b899fe61ceb", + "rev": "899dc449bc6428b9ee6b3b8f771ca2b0ef945ab9", "type": "github" }, "original": { @@ -230,11 +230,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1759735786, - "narHash": "sha256-a0+h02lyP2KwSNrZz4wLJTu9ikujNsTWIC874Bv7IJ0=", + "lastModified": 1762756533, + "narHash": "sha256-HiRDeUOD1VLklHeOmaKDzf+8Hb7vSWPVFcWwaTrpm+U=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "20c4598c84a671783f741e02bf05cbfaf4907cff", + "rev": "c2448301fb856e351aab33e64c33a3fc8bcf637d", "type": "github" }, "original": { From a680a3641424789573e9759e060a2cce0338560b Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Wed, 12 Nov 2025 16:51:21 +0100 Subject: [PATCH 306/309] flake: bump jj --- flake.lock | 8 ++++---- flake.nix | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index 8193d52..2aa3b53 100644 --- a/flake.lock +++ b/flake.lock @@ -150,16 +150,16 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1759360197, - "narHash": "sha256-OW8kSDBBSZr0G3U27AAkZ3cH3TJmSARbg9Pc4qZ6tA0=", + "lastModified": 1762395739, + "narHash": "sha256-YUrjP2tzABdy4eAV1hPmgYWU8ChcJ5B4IlmQUGm95ro=", "owner": "jj-vcs", "repo": "jj", - "rev": "22900c9a9ba362efa442fed2dd4e6e1d5c22cc7a", + "rev": "aa2b76978c4a23cb01c61629a11b1254af3ad0d9", "type": "github" }, "original": { "owner": "jj-vcs", - "ref": "v0.34.0", + "ref": "v0.35.0", "repo": "jj", "type": "github" } diff --git a/flake.nix b/flake.nix index 081b001..9a1ee4d 100644 --- a/flake.nix +++ b/flake.nix @@ -54,7 +54,7 @@ type = "github"; owner = "jj-vcs"; repo = "jj"; - ref = "v0.34.0"; + ref = "v0.35.0"; inputs.nixpkgs.follows = "nixpkgs"; }; }; From 7bb95c24f86efbca1f646f1b67dc6e8a8d0cca41 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 21 Nov 2025 14:35:00 +0100 Subject: [PATCH 307/309] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/c2448301fb856e351aab33e64c33a3fc8bcf637d' (2025-11-10) → 'github:NixOS/nixpkgs/c58bc7f5459328e4afac201c5c4feb7c818d604b' (2025-11-20) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 2aa3b53..1f387d7 100644 --- a/flake.lock +++ b/flake.lock @@ -230,11 +230,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1762756533, - "narHash": "sha256-HiRDeUOD1VLklHeOmaKDzf+8Hb7vSWPVFcWwaTrpm+U=", + "lastModified": 1763622513, + "narHash": "sha256-1jQnuyu82FpiSxowrF/iFK6Toh9BYprfDqfs4BB+19M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c2448301fb856e351aab33e64c33a3fc8bcf637d", + "rev": "c58bc7f5459328e4afac201c5c4feb7c818d604b", "type": "github" }, "original": { From 2f2ff798e54af5af6c3faee1651369c23bde10cc Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 21 Nov 2025 16:11:10 +0100 Subject: [PATCH 308/309] mealie: add longer start timeout Seems like the PreStart script sometimes takes a while to execute, let's give it some time to do so. --- services/mealie.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/services/mealie.nix b/services/mealie.nix index bf72c57..4483b17 100644 --- a/services/mealie.nix +++ b/services/mealie.nix @@ -62,6 +62,9 @@ in { systemd.services.mealie = { after = ["postgresql.service"]; requires = ["postgresql.service"]; + serviceConfig = { + TimeoutStartSec = 600; + }; }; # Set-up database From 2fe8979cadbd1d6c1cf87d266615eaedad74dad4 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 21 Nov 2025 16:19:53 +0100 Subject: [PATCH 309/309] hades: disable pleroma I'm just not using it, unfortunately. --- hosts/hades/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/hades/default.nix b/hosts/hades/default.nix index dbbff5c..5f5355b 100644 --- a/hosts/hades/default.nix +++ b/hosts/hades/default.nix @@ -119,7 +119,7 @@ in { }; pleroma = { - enable = true; + enable = false; port = 8086; secretConfigFile = config.age.secrets."pleroma/pleroma-config".path; };