From 16cddf11dd25d553d009db38f966d3fb3adec19d Mon Sep 17 00:00:00 2001 From: Grigory Shipunov Date: Thu, 6 Feb 2025 23:08:31 +0000 Subject: [PATCH 001/111] increase timeouts --- hosts/cloud/proxy/conduwuit.nix | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/hosts/cloud/proxy/conduwuit.nix b/hosts/cloud/proxy/conduwuit.nix index 323590d..d9c9938 100644 --- a/hosts/cloud/proxy/conduwuit.nix +++ b/hosts/cloud/proxy/conduwuit.nix @@ -14,9 +14,11 @@ let proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; + keepalive_timeout 65; + send_timeout 600s; + proxy_read_timeout 600s; proxy_send_timeout 600s; - send_timeout 600s; ''; in @@ -24,11 +26,15 @@ in services.nginx.upstreams.conduwuit = { servers = { "10.89.88.16:6167" = { }; - "[fd31:185d:722f::16]:6167" = { }; + #"[fd31:185d:722f::16]:6167" = { }; }; }; services.nginx.virtualHosts."oxapentane.com" = { + extraConfig = '' + client_header_timeout 600; + client_body_timeout 600; + ''; locations."/_matrix/" = { proxyPass = "http://conduwuit$request_uri"; extraConfig = proxy-conf; From 97ce3fd7d184616af4ecebdd0fee07ea69aa21fe Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Thu, 6 Feb 2025 23:27:09 +0000 Subject: [PATCH 002/111] update conduwuit to latest --- flake.lock | 634 +++++++++++++++++++++++++++++++++- flake.nix | 6 + hosts/conduwuit/conduwuit.nix | 7 +- 3 files changed, 635 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 2b17ca2..3efe37d 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,29 @@ { "nodes": { + "attic": { + "inputs": { + "crane": "crane", + "flake-compat": "flake-compat_2", + "flake-parts": "flake-parts_2", + "nix-github-actions": "nix-github-actions_2", + "nixpkgs": "nixpkgs", + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1731270564, + "narHash": "sha256-6KMC/NH/VWP5Eb+hA56hz0urel3jP6Y6cF2PX6xaTkk=", + "owner": "zhaofengli", + "repo": "attic", + "rev": "47752427561f1c34debb16728a210d378f0ece36", + "type": "github" + }, + "original": { + "owner": "zhaofengli", + "ref": "main", + "repo": "attic", + "type": "github" + } + }, "authentik-nix": { "inputs": { "authentik-src": "authentik-src", @@ -44,7 +68,150 @@ "type": "github" } }, + "cachix": { + "inputs": { + "devenv": "devenv", + "flake-compat": "flake-compat_3", + "git-hooks": "git-hooks", + "nixpkgs": "nixpkgs_4" + }, + "locked": { + "lastModified": 1737621947, + "narHash": "sha256-8HFvG7fvIFbgtaYAY2628Tb89fA55nPm2jSiNs0/Cws=", + "owner": "cachix", + "repo": "cachix", + "rev": "f65a3cd5e339c223471e64c051434616e18cc4f5", + "type": "github" + }, + "original": { + "owner": "cachix", + "ref": "master", + "repo": "cachix", + "type": "github" + } + }, + "cachix_2": { + "inputs": { + "devenv": [ + "conduwuit", + "cachix", + "devenv" + ], + "flake-compat": [ + "conduwuit", + "cachix", + "devenv" + ], + "git-hooks": [ + "conduwuit", + "cachix", + "devenv" + ], + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1728672398, + "narHash": "sha256-KxuGSoVUFnQLB2ZcYODW7AVPAh9JqRlD5BrfsC/Q4qs=", + "owner": "cachix", + "repo": "cachix", + "rev": "aac51f698309fd0f381149214b7eee213c66ef0a", + "type": "github" + }, + "original": { + "owner": "cachix", + "ref": "latest", + "repo": "cachix", + "type": "github" + } + }, + "complement": { + "flake": false, + "locked": { + "lastModified": 1734303596, + "narHash": "sha256-HjDRyLR4MBqQ3IjfMM6eE+8ayztXlbz3gXdyDmFla68=", + "owner": "girlbossceo", + "repo": "complement", + "rev": "14cc5be797b774f1a2b9f826f38181066d4952b8", + "type": "github" + }, + "original": { + "owner": "girlbossceo", + "ref": "main", + "repo": "complement", + "type": "github" + } + }, + "conduwuit": { + "inputs": { + "attic": "attic", + "cachix": "cachix", + "complement": "complement", + "crane": "crane_2", + "fenix": "fenix", + "flake-compat": "flake-compat_4", + "flake-utils": [ + "flake-utils" + ], + "liburing": "liburing", + "nix-filter": "nix-filter", + "nixpkgs": [ + "nixpkgs" + ], + "rocksdb": "rocksdb" + }, + "locked": { + "lastModified": 1738740720, + "narHash": "sha256-rE0+UOEfFEGzjjIFdfs1Q4MR/UjVh8Dy6T137Z+ySgo=", + "owner": "girlbossceo", + "repo": "conduwuit", + "rev": "fda8b3680986dc8e038d51b93f7d36bf5c991ef6", + "type": "github" + }, + "original": { + "owner": "girlbossceo", + "repo": "conduwuit", + "type": "github" + } + }, "crane": { + "inputs": { + "nixpkgs": [ + "conduwuit", + "attic", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1722960479, + "narHash": "sha256-NhCkJJQhD5GUib8zN9JrmYGMwt4lCRp6ZVNzIiYCl0Y=", + "owner": "ipetkov", + "repo": "crane", + "rev": "4c6c77920b8d44cd6660c1621dea6b3fc4b4c4f4", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "crane_2": { + "locked": { + "lastModified": 1737689766, + "narHash": "sha256-ivVXYaYlShxYoKfSo5+y5930qMKKJ8CLcAoIBPQfJ6s=", + "owner": "ipetkov", + "repo": "crane", + "rev": "6fe74265bbb6d016d663b1091f015e2976c4a527", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "ref": "master", + "repo": "crane", + "type": "github" + } + }, + "crane_3": { "inputs": { "nixpkgs": [ "lanzaboote", @@ -65,6 +232,63 @@ "type": "github" } }, + "devenv": { + "inputs": { + "cachix": "cachix_2", + "flake-compat": [ + "conduwuit", + "cachix", + "flake-compat" + ], + "git-hooks": [ + "conduwuit", + "cachix", + "git-hooks" + ], + "nix": "nix", + "nixpkgs": [ + "conduwuit", + "cachix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1733323168, + "narHash": "sha256-d5DwB4MZvlaQpN6OQ4SLYxb5jA4UH5EtV5t5WOtjLPU=", + "owner": "cachix", + "repo": "devenv", + "rev": "efa9010b8b1cfd5dd3c7ed1e172a470c3b84a064", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "devenv", + "type": "github" + } + }, + "fenix": { + "inputs": { + "nixpkgs": [ + "conduwuit", + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src" + }, + "locked": { + "lastModified": 1737786656, + "narHash": "sha256-ubCW9Jy7ZUOF354bWxTgLDpVnTvIpNr6qR4H/j7I0oo=", + "owner": "nix-community", + "repo": "fenix", + "rev": "2f721f527886f801403f389a9cabafda8f1e3b7f", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "main", + "repo": "fenix", + "type": "github" + } + }, "flake-compat": { "flake": false, "locked": { @@ -97,6 +321,55 @@ "type": "github" } }, + "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1733328505, + "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_4": { + "flake": false, + "locked": { + "lastModified": 1733328505, + "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", + "type": "github" + }, + "original": { + "owner": "edolstra", + "ref": "master", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_5": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": "nixpkgs-lib" @@ -116,6 +389,52 @@ } }, "flake-parts_2": { + "inputs": { + "nixpkgs-lib": [ + "conduwuit", + "attic", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1722555600, + "narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "8471fe90ad337a8074e957b69ca4d0089218391d", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_3": { + "inputs": { + "nixpkgs-lib": [ + "conduwuit", + "cachix", + "devenv", + "nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1712014858, + "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_4": { "inputs": { "nixpkgs-lib": [ "lanzaboote", @@ -226,7 +545,59 @@ "type": "github" } }, + "git-hooks": { + "inputs": { + "flake-compat": [ + "conduwuit", + "cachix", + "flake-compat" + ], + "gitignore": "gitignore", + "nixpkgs": [ + "conduwuit", + "cachix", + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable_2" + }, + "locked": { + "lastModified": 1733318908, + "narHash": "sha256-SVQVsbafSM1dJ4fpgyBqLZ+Lft+jcQuMtEL3lQWx2Sk=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "6f4e2a2112050951a314d2733a994fbab94864c6", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, "gitignore": { + "inputs": { + "nixpkgs": [ + "conduwuit", + "cachix", + "git-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "gitignore_2": { "inputs": { "nixpkgs": [ "lanzaboote", @@ -250,9 +621,9 @@ }, "lanzaboote": { "inputs": { - "crane": "crane", - "flake-compat": "flake-compat_2", - "flake-parts": "flake-parts_2", + "crane": "crane_3", + "flake-compat": "flake-compat_5", + "flake-parts": "flake-parts_4", "flake-utils": "flake-utils_3", "nixpkgs": [ "nixpkgs" @@ -275,6 +646,39 @@ "type": "github" } }, + "libgit2": { + "flake": false, + "locked": { + "lastModified": 1697646580, + "narHash": "sha256-oX4Z3S9WtJlwvj0uH9HlYcWv+x1hqp8mhXl7HsLu2f0=", + "owner": "libgit2", + "repo": "libgit2", + "rev": "45fd9ed7ae1a9b74b957ef4f337bc3c8b3df01b5", + "type": "github" + }, + "original": { + "owner": "libgit2", + "repo": "libgit2", + "type": "github" + } + }, + "liburing": { + "flake": false, + "locked": { + "lastModified": 1737600516, + "narHash": "sha256-EKyLQ3pbcjoU5jH5atge59F4fzuhTsb6yalUj6Ve2t8=", + "owner": "axboe", + "repo": "liburing", + "rev": "6c509e2b0c881a13b83b259a221bf15fc9b3f681", + "type": "github" + }, + "original": { + "owner": "axboe", + "ref": "master", + "repo": "liburing", + "type": "github" + } + }, "lix": { "flake": false, "locked": { @@ -361,6 +765,63 @@ "type": "github" } }, + "nix": { + "inputs": { + "flake-compat": [ + "conduwuit", + "cachix", + "devenv" + ], + "flake-parts": "flake-parts_3", + "libgit2": "libgit2", + "nixpkgs": "nixpkgs_3", + "nixpkgs-23-11": [ + "conduwuit", + "cachix", + "devenv" + ], + "nixpkgs-regression": [ + "conduwuit", + "cachix", + "devenv" + ], + "pre-commit-hooks": [ + "conduwuit", + "cachix", + "devenv" + ] + }, + "locked": { + "lastModified": 1727438425, + "narHash": "sha256-X8ES7I1cfNhR9oKp06F6ir4Np70WGZU5sfCOuNBEwMg=", + "owner": "domenkozar", + "repo": "nix", + "rev": "f6c5ae4c1b2e411e6b1e6a8181cc84363d6a7546", + "type": "github" + }, + "original": { + "owner": "domenkozar", + "ref": "devenv-2.24", + "repo": "nix", + "type": "github" + } + }, + "nix-filter": { + "locked": { + "lastModified": 1731533336, + "narHash": "sha256-oRam5PS1vcrr5UPgALW0eo1m/5/pls27Z/pabHNy2Ms=", + "owner": "numtide", + "repo": "nix-filter", + "rev": "f7653272fd234696ae94229839a99b73c9ab7de0", + "type": "github" + }, + "original": { + "owner": "numtide", + "ref": "main", + "repo": "nix-filter", + "type": "github" + } + }, "nix-github-actions": { "inputs": { "nixpkgs": [ @@ -383,6 +844,28 @@ "type": "github" } }, + "nix-github-actions_2": { + "inputs": { + "nixpkgs": [ + "conduwuit", + "attic", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1729742964, + "narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=", + "owner": "nix-community", + "repo": "nix-github-actions", + "rev": "e04df33f62cdcf93d73e9a04142464753a16db67", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-github-actions", + "type": "github" + } + }, "nixos-hardware": { "locked": { "lastModified": 1738638143, @@ -401,16 +884,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1738702386, - "narHash": "sha256-nJj8f78AYAxl/zqLiFGXn5Im1qjFKU8yBPKoWEeZN5M=", + "lastModified": 1726042813, + "narHash": "sha256-LnNKCCxnwgF+575y0pxUdlGZBO/ru1CtGHIqQVfvjlA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "030ba1976b7c0e1a67d9716b17308ccdab5b381e", + "rev": "159be5db480d1df880a0135ca0bfed84c2f88353", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-24.11", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } @@ -428,6 +911,38 @@ } }, "nixpkgs-stable": { + "locked": { + "lastModified": 1724316499, + "narHash": "sha256-Qb9MhKBUTCfWg/wqqaxt89Xfi6qTD3XpTzQ9eXi3JmE=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "797f7dc49e0bc7fab4b57c021cdf68f595e47841", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_2": { + "locked": { + "lastModified": 1730741070, + "narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "d063c1dd113c91ab27959ba540c0d9753409edf3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_3": { "locked": { "lastModified": 1710695816, "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=", @@ -459,6 +974,70 @@ "type": "github" } }, + "nixpkgs_2": { + "locked": { + "lastModified": 1730531603, + "narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1717432640, + "narHash": "sha256-+f9c4/ZX5MWDOuB1rKoWj+lBNm0z0rs4CK47HBLxy1o=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "88269ab3044128b7c2f4c7d68448b2fb50456870", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "release-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1733212471, + "narHash": "sha256-M1+uCoV5igihRfcUKrr1riygbe73/dzNnzPsmaLCmpo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "55d15ad12a74eb7d4646254e13638ad0c4128776", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1738702386, + "narHash": "sha256-nJj8f78AYAxl/zqLiFGXn5Im1qjFKU8yBPKoWEeZN5M=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "030ba1976b7c0e1a67d9716b17308ccdab5b381e", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, "poetry2nix": { "inputs": { "flake-utils": [ @@ -496,12 +1075,12 @@ "lanzaboote", "flake-compat" ], - "gitignore": "gitignore", + "gitignore": "gitignore_2", "nixpkgs": [ "lanzaboote", "nixpkgs" ], - "nixpkgs-stable": "nixpkgs-stable" + "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { "lastModified": 1717664902, @@ -517,21 +1096,56 @@ "type": "github" } }, + "rocksdb": { + "flake": false, + "locked": { + "lastModified": 1737828695, + "narHash": "sha256-8Ev6zzhNPU798JNvU27a7gj5X+6SDG3jBweUkQ59DbA=", + "owner": "girlbossceo", + "repo": "rocksdb", + "rev": "a4d9230dcc9d03be428b9a728133f8f646c0065c", + "type": "github" + }, + "original": { + "owner": "girlbossceo", + "ref": "v9.9.3", + "repo": "rocksdb", + "type": "github" + } + }, "root": { "inputs": { "authentik-nix": "authentik-nix", + "conduwuit": "conduwuit", "flake-utils": "flake-utils_2", "lanzaboote": "lanzaboote", "lix-module": "lix-module", "microvm": "microvm", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs", + "nixpkgs": "nixpkgs_5", "nixpkgs-unstable": "nixpkgs-unstable", "sops-nix": "sops-nix", "tmux-yank": "tmux-yank", "website": "website" } }, + "rust-analyzer-src": { + "flake": false, + "locked": { + "lastModified": 1737728869, + "narHash": "sha256-U4pl3Hi0lT6GP4ecN3q9wdD2sdaKMbmD/5NJ1NdJ9AM=", + "owner": "rust-lang", + "repo": "rust-analyzer", + "rev": "6e4c29f7ce18cea7d3d31237a4661ab932eab636", + "type": "github" + }, + "original": { + "owner": "rust-lang", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, "rust-overlay": { "inputs": { "flake-utils": [ diff --git a/flake.nix b/flake.nix index 52c4b5f..15c7611 100644 --- a/flake.nix +++ b/flake.nix @@ -41,6 +41,12 @@ inputs.flake-utils.follows = "flake-utils"; }; + conduwuit = { + url = "github:girlbossceo/conduwuit"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.flake-utils.follows = "flake-utils"; + }; + tmux-yank = { url = "github:tmux-plugins/tmux-yank"; flake = false; diff --git a/hosts/conduwuit/conduwuit.nix b/hosts/conduwuit/conduwuit.nix index 6baafa6..1f8d86c 100644 --- a/hosts/conduwuit/conduwuit.nix +++ b/hosts/conduwuit/conduwuit.nix @@ -1,8 +1,11 @@ -{ pkgs, ... }: +{ pkgs, inputs, ... }: +let + conduwuit-latest = inputs.conduwuit.packages.${pkgs.system}.all-features; +in { services.matrix-conduit = { enable = true; - package = pkgs.conduwuit; + package = conduwuit-latest; settings = { global = { database_backend = "rocksdb"; From f4a7e1ee38a204faf75f77e213a54f57c2522d7c Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Mon, 10 Feb 2025 11:51:25 +0100 Subject: [PATCH 003/111] fish improvements --- modules/basic-tools/fish.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/modules/basic-tools/fish.nix b/modules/basic-tools/fish.nix index 0d0adb9..5e06de3 100644 --- a/modules/basic-tools/fish.nix +++ b/modules/basic-tools/fish.nix @@ -3,11 +3,9 @@ environment.systemPackages = with pkgs; [ lsd fzf - grc fishPlugins.done fishPlugins.fzf-fish fishPlugins.tide - fishPlugins.grc ]; programs.fish = { @@ -15,6 +13,7 @@ interactiveShellInit = '' set fish_greeting function fish_command_not_found + echo "Command not found" end ''; shellAliases = { From c95ccef48865c4eb59270ef19c52cb6f820f26ed Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Mon, 10 Feb 2025 12:07:38 +0100 Subject: [PATCH 004/111] update lix to beta --- flake.lock | 25 ++++++++++++++----------- flake.nix | 8 +++++++- 2 files changed, 21 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 2b17ca2..b12559d 100644 --- a/flake.lock +++ b/flake.lock @@ -278,36 +278,38 @@ "lix": { "flake": false, "locked": { - "lastModified": 1737234286, - "narHash": "sha256-CCKIAE84dzkrnlxJCKFyffAxP3yfsOAbdvydUGqq24g=", - "rev": "2837da71ec1588c1187d2e554719b15904a46c8b", + "lastModified": 1739137265, + "narHash": "sha256-WejZuOso5ElVYLA/17uVw7Noqi72ZbydPwMrbqNzC0c=", + "rev": "7d4912bcf9028db491fe1061d3efcf2392c4bd76", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/2837da71ec1588c1187d2e554719b15904a46c8b.tar.gz?rev=2837da71ec1588c1187d2e554719b15904a46c8b" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/7d4912bcf9028db491fe1061d3efcf2392c4bd76.tar.gz?rev=7d4912bcf9028db491fe1061d3efcf2392c4bd76" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/lix/archive/2.92.0.tar.gz" + "url": "https://git.lix.systems/lix-project/lix/archive/main.tar.gz" } }, "lix-module": { "inputs": { "flake-utils": "flake-utils_4", "flakey-profile": "flakey-profile", - "lix": "lix", + "lix": [ + "lix" + ], "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1737237494, - "narHash": "sha256-YMLrcBpf0TR5r/eaqm8lxzFPap2TxCor0ZGcK3a7+b8=", - "rev": "b90bf629bbd835e61f1317b99e12f8c831017006", + "lastModified": 1738176840, + "narHash": "sha256-NG3IRvRs3u3btVCN861FqHvgOwqcNT/Oy6PBG86F5/E=", + "rev": "621aae0f3cceaffa6d73a4fb0f89c08d338d729e", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/b90bf629bbd835e61f1317b99e12f8c831017006.tar.gz?rev=b90bf629bbd835e61f1317b99e12f8c831017006" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/621aae0f3cceaffa6d73a4fb0f89c08d338d729e.tar.gz?rev=621aae0f3cceaffa6d73a4fb0f89c08d338d729e" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0.tar.gz" + "url": "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz" } }, "microvm": { @@ -522,6 +524,7 @@ "authentik-nix": "authentik-nix", "flake-utils": "flake-utils_2", "lanzaboote": "lanzaboote", + "lix": "lix", "lix-module": "lix-module", "microvm": "microvm", "nixos-hardware": "nixos-hardware", diff --git a/flake.nix b/flake.nix index 52c4b5f..142608e 100644 --- a/flake.nix +++ b/flake.nix @@ -30,9 +30,15 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + lix = { + url = "https://git.lix.systems/lix-project/lix/archive/main.tar.gz"; + flake = false; + }; + lix-module = { - url = "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0.tar.gz"; + url = "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; + inputs.lix.follows = "lix"; }; website = { From f8db0c1b863d923ca3716e91a3093dbfcc68e6e3 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Mon, 10 Feb 2025 12:08:08 +0100 Subject: [PATCH 005/111] update website --- flake.lock | 12 ++++++------ flake.nix | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index b12559d..d25e396 100644 --- a/flake.lock +++ b/flake.lock @@ -704,18 +704,18 @@ ] }, "locked": { - "lastModified": 1738536830, - "narHash": "sha256-3QbNcI9qJ0tKv00w0r2Amqf9pylHVolcTyEi30WZxY8=", + "lastModified": 1739185568, + "narHash": "sha256-8wxwZP6WOWZCmpQzZlo5FG0Y8+hDr8O0U1cY6RB9OZQ=", "ref": "main", - "rev": "6fd169aab3ce461fef6a1a4dcbb2ef643e12d9e6", - "revCount": 5, + "rev": "a1ab95888f08020483584d028c68617bafd27b5f", + "revCount": 7, "type": "git", - "url": "https://codeberg.org/0xa/website.git" + "url": "https://git.oxapentane.com/0xa/website.git" }, "original": { "ref": "main", "type": "git", - "url": "https://codeberg.org/0xa/website.git" + "url": "https://git.oxapentane.com/0xa/website.git" } } }, diff --git a/flake.nix b/flake.nix index 142608e..0038003 100644 --- a/flake.nix +++ b/flake.nix @@ -42,7 +42,7 @@ }; website = { - url = "git+https://codeberg.org/0xa/website.git?ref=main"; + url = "git+https://git.oxapentane.com/0xa/website.git?ref=main"; inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-utils.follows = "flake-utils"; }; From 4658f48f07e57a2d30db28693e8a315bdc577b2d Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Mon, 10 Feb 2025 15:22:28 +0100 Subject: [PATCH 006/111] bump lock --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index d25e396..0502ed9 100644 --- a/flake.lock +++ b/flake.lock @@ -387,11 +387,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1738638143, - "narHash": "sha256-ZYMe4c4OCtIUBn5hx15PEGr0+B1cNEpl2dsaLxwY2W0=", + "lastModified": 1738816619, + "narHash": "sha256-5yRlg48XmpcX5b5HesdGMOte+YuCy9rzQkJz+imcu6I=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "9bdd53f5908453e4d03f395eb1615c3e9a351f70", + "rev": "2eccff41bab80839b1d25b303b53d339fbb07087", "type": "github" }, "original": { @@ -403,11 +403,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1738702386, - "narHash": "sha256-nJj8f78AYAxl/zqLiFGXn5Im1qjFKU8yBPKoWEeZN5M=", + "lastModified": 1739055578, + "narHash": "sha256-2MhC2Bgd06uI1A0vkdNUyDYsMD0SLNGKtD8600mZ69A=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "030ba1976b7c0e1a67d9716b17308ccdab5b381e", + "rev": "a45fa362d887f4d4a7157d95c28ca9ce2899b70e", "type": "github" }, "original": { @@ -447,11 +447,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1738680400, - "narHash": "sha256-ooLh+XW8jfa+91F1nhf9OF7qhuA/y1ChLx6lXDNeY5U=", + "lastModified": 1739020877, + "narHash": "sha256-mIvECo/NNdJJ/bXjNqIh8yeoSjVLAuDuTUzAo7dzs8Y=", "owner": "nixos", "repo": "nixpkgs", - "rev": "799ba5bffed04ced7067a91798353d360788b30d", + "rev": "a79cfe0ebd24952b580b1cf08cd906354996d547", "type": "github" }, "original": { From 2e5127bef8a1499ed6ca996e42be980a72b3aba1 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 11 Feb 2025 12:33:44 +0100 Subject: [PATCH 007/111] forgejo: more resources --- hosts/forgejo/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hosts/forgejo/default.nix b/hosts/forgejo/default.nix index 02211e5..5e02678 100644 --- a/hosts/forgejo/default.nix +++ b/hosts/forgejo/default.nix @@ -18,7 +18,8 @@ in microvm = { hypervisor = "qemu"; mem = 3 * 1024; - vcpu = 2; + balloonMem = 4 * 1024; + vcpu = 4; interfaces = [ { type = "tap"; From 127f4d4c0e668a0175a79663afa90d6873f0e275 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 11 Feb 2025 16:07:21 +0100 Subject: [PATCH 008/111] enable git lfs --- modules/basic-tools/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/basic-tools/default.nix b/modules/basic-tools/default.nix index 699de18..3ea8833 100644 --- a/modules/basic-tools/default.nix +++ b/modules/basic-tools/default.nix @@ -51,7 +51,7 @@ whois mtr ] - ++ (if config.networking.hostName == "toaster" then [ gitFull ] else [ git ]); + ++ (if config.networking.hostName == "toaster" then [ gitFull git-lfs ] else [ git ]); environment.variables = let From 715eeabaa4e832783ffa15f70b2e37ba02e3af5a Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 11 Feb 2025 16:07:40 +0100 Subject: [PATCH 009/111] bump lock --- flake.lock | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index 0502ed9..cae4707 100644 --- a/flake.lock +++ b/flake.lock @@ -278,11 +278,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1739137265, - "narHash": "sha256-WejZuOso5ElVYLA/17uVw7Noqi72ZbydPwMrbqNzC0c=", - "rev": "7d4912bcf9028db491fe1061d3efcf2392c4bd76", + "lastModified": 1739192059, + "narHash": "sha256-r40TUIL6zij0kWBpqKyI7O2brT3Myaa3aAGamkZEvfc=", + "rev": "3bca42eb0049772d9079f29f25186575f8e5a4ae", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/7d4912bcf9028db491fe1061d3efcf2392c4bd76.tar.gz?rev=7d4912bcf9028db491fe1061d3efcf2392c4bd76" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/3bca42eb0049772d9079f29f25186575f8e5a4ae.tar.gz?rev=3bca42eb0049772d9079f29f25186575f8e5a4ae" }, "original": { "type": "tarball", @@ -567,11 +567,11 @@ ] }, "locked": { - "lastModified": 1738291974, - "narHash": "sha256-wkwYJc8cKmmQWUloyS9KwttBnja2ONRuJQDEsmef320=", + "lastModified": 1739262228, + "narHash": "sha256-7JAGezJ0Dn5qIyA2+T4Dt/xQgAbhCglh6lzCekTVMeU=", "owner": "Mic92", "repo": "sops-nix", - "rev": "4c1251904d8a08c86ac6bc0d72cc09975e89aef7", + "rev": "07af005bb7d60c7f118d9d9f5530485da5d1e975", "type": "github" }, "original": { From fdf386137b0bf011a7c0ee9d144bb53ef31c520a Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 12 Feb 2025 01:48:53 +0100 Subject: [PATCH 010/111] tide too buggy --- modules/basic-tools/fish.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/basic-tools/fish.nix b/modules/basic-tools/fish.nix index 5e06de3..5099bbd 100644 --- a/modules/basic-tools/fish.nix +++ b/modules/basic-tools/fish.nix @@ -5,7 +5,7 @@ fzf fishPlugins.done fishPlugins.fzf-fish - fishPlugins.tide + fishPlugins.hydro ]; programs.fish = { From 52d09e2f0699a8b23957b7903bc1774add1fe0cf Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Thu, 13 Feb 2025 19:35:14 +0100 Subject: [PATCH 011/111] remove conflicting kicad defintitions --- modules/desktop-software.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/desktop-software.nix b/modules/desktop-software.nix index 054ae37..0ee2847 100644 --- a/modules/desktop-software.nix +++ b/modules/desktop-software.nix @@ -9,7 +9,6 @@ vivaldi-ffmpeg-codecs gimp inkscape - kicad signal-desktop tdesktop tor-browser From ee5fe2ae95a237039879e7acaf29965200a1f91e Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Thu, 13 Feb 2025 19:48:43 +0100 Subject: [PATCH 012/111] bump lock --- flake.lock | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/flake.lock b/flake.lock index cae4707..64d2b46 100644 --- a/flake.lock +++ b/flake.lock @@ -278,11 +278,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1739192059, - "narHash": "sha256-r40TUIL6zij0kWBpqKyI7O2brT3Myaa3aAGamkZEvfc=", - "rev": "3bca42eb0049772d9079f29f25186575f8e5a4ae", + "lastModified": 1739445948, + "narHash": "sha256-mmfFqhYjKP7nke1cs3x+bjP6GOG8A82Zxvrc9IfYwEA=", + "rev": "406f4fed35fe495457a0f6487a7be3b025cab1c4", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/3bca42eb0049772d9079f29f25186575f8e5a4ae.tar.gz?rev=3bca42eb0049772d9079f29f25186575f8e5a4ae" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/406f4fed35fe495457a0f6487a7be3b025cab1c4.tar.gz?rev=406f4fed35fe495457a0f6487a7be3b025cab1c4" }, "original": { "type": "tarball", @@ -403,11 +403,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1739055578, - "narHash": "sha256-2MhC2Bgd06uI1A0vkdNUyDYsMD0SLNGKtD8600mZ69A=", + "lastModified": 1739357830, + "narHash": "sha256-9xim3nJJUFbVbJCz48UP4fGRStVW5nv4VdbimbKxJ3I=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a45fa362d887f4d4a7157d95c28ca9ce2899b70e", + "rev": "0ff09db9d034a04acd4e8908820ba0b410d7a33a", "type": "github" }, "original": { @@ -447,11 +447,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1739020877, - "narHash": "sha256-mIvECo/NNdJJ/bXjNqIh8yeoSjVLAuDuTUzAo7dzs8Y=", + "lastModified": 1739214665, + "narHash": "sha256-26L8VAu3/1YRxS8MHgBOyOM8xALdo6N0I04PgorE7UM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a79cfe0ebd24952b580b1cf08cd906354996d547", + "rev": "64e75cd44acf21c7933d61d7721e812eac1b5a0a", "type": "github" }, "original": { From f40d25ed63eaca9ee53908e09b143b7812a92ce1 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sat, 15 Feb 2025 15:01:01 +0100 Subject: [PATCH 013/111] bump lock --- flake.lock | 46 +++++++++++++++++++++++----------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/flake.lock b/flake.lock index 64d2b46..ad32233 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1738503522, - "narHash": "sha256-1yrVbGLBMBPl34EibVARkUB9Gak1GjLRLZXJk9jbHxU=", + "lastModified": 1739612324, + "narHash": "sha256-3RQgKLNSKlcLtdfAo7Zx3+Q+3Bwgy8rx3gZ6ejTeh1w=", "owner": "nix-community", "repo": "authentik-nix", - "rev": "bc62d5509989f5dca633c65b58aa0ac79a48db3e", + "rev": "efd801f6faecf6caf489fa03dbd6e32e416bec6d", "type": "github" }, "original": { @@ -102,11 +102,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1736143030, - "narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=", + "lastModified": 1738453229, + "narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de", + "rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd", "type": "github" }, "original": { @@ -278,11 +278,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1739445948, - "narHash": "sha256-mmfFqhYjKP7nke1cs3x+bjP6GOG8A82Zxvrc9IfYwEA=", - "rev": "406f4fed35fe495457a0f6487a7be3b025cab1c4", + "lastModified": 1739546930, + "narHash": "sha256-m9s8XjIFd9ByX45/mnsryQa0G5ncMjOBJE4kAOHPoUI=", + "rev": "1077bc626e8dfc153524da40eddad46ef893d66e", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/406f4fed35fe495457a0f6487a7be3b025cab1c4.tar.gz?rev=406f4fed35fe495457a0f6487a7be3b025cab1c4" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/1077bc626e8dfc153524da40eddad46ef893d66e.tar.gz?rev=1077bc626e8dfc153524da40eddad46ef893d66e" }, "original": { "type": "tarball", @@ -403,11 +403,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1739357830, - "narHash": "sha256-9xim3nJJUFbVbJCz48UP4fGRStVW5nv4VdbimbKxJ3I=", + "lastModified": 1739484910, + "narHash": "sha256-wjWLzdM7PIq4ZAe7k3vyjtgVJn6b0UeodtRFlM/6W5U=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0ff09db9d034a04acd4e8908820ba0b410d7a33a", + "rev": "0b73e36b1962620a8ac551a37229dd8662dac5c8", "type": "github" }, "original": { @@ -419,14 +419,14 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1735774519, - "narHash": "sha256-CewEm1o2eVAnoqb6Ml+Qi9Gg/EfNAxbRx1lANGVyoLI=", + "lastModified": 1738452942, + "narHash": "sha256-vJzFZGaCpnmo7I6i416HaBLpC+hvcURh/BQwROcGIp8=", "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz" + "url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz" }, "original": { "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz" + "url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz" } }, "nixpkgs-stable": { @@ -447,11 +447,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1739214665, - "narHash": "sha256-26L8VAu3/1YRxS8MHgBOyOM8xALdo6N0I04PgorE7UM=", + "lastModified": 1739446958, + "narHash": "sha256-+/bYK3DbPxMIvSL4zArkMX0LQvS7rzBKXnDXLfKyRVc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "64e75cd44acf21c7933d61d7721e812eac1b5a0a", + "rev": "2ff53fe64443980e139eaa286017f53f88336dd0", "type": "github" }, "original": { @@ -479,11 +479,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1736884309, - "narHash": "sha256-eiCqmKl0BIRiYk5/ZhZozwn4/7Km9CWTbc15Cv+VX5k=", + "lastModified": 1738741221, + "narHash": "sha256-UiTOA89yQV5YNlO1ZAp4IqJUGWOnTyBC83netvt8rQE=", "owner": "nix-community", "repo": "poetry2nix", - "rev": "75d0515332b7ca269f6d7abfd2c44c47a7cbca7b", + "rev": "be1fe795035d3d36359ca9135b26dcc5321b31fb", "type": "github" }, "original": { From cbb93b004159a190e483d289c49200c91d597043 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sat, 15 Feb 2025 17:03:56 +0100 Subject: [PATCH 014/111] update website --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index ad32233..d608a5c 100644 --- a/flake.lock +++ b/flake.lock @@ -704,11 +704,11 @@ ] }, "locked": { - "lastModified": 1739185568, - "narHash": "sha256-8wxwZP6WOWZCmpQzZlo5FG0Y8+hDr8O0U1cY6RB9OZQ=", + "lastModified": 1739635190, + "narHash": "sha256-UOFXRKepDpnPTGRyyfOt8uVkYaDL4gMbE2VlZR0lCNA=", "ref": "main", - "rev": "a1ab95888f08020483584d028c68617bafd27b5f", - "revCount": 7, + "rev": "28953f4e57a2c4ca2ada3547a45c8d2a839d4dfc", + "revCount": 9, "type": "git", "url": "https://git.oxapentane.com/0xa/website.git" }, From 73df58ccb08aeb44ff7f2b5324762533d5be9ec0 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Fri, 24 Jan 2025 22:42:28 +0100 Subject: [PATCH 015/111] sway config --- flake.nix | 2 +- hosts/toaster/network/default.nix | 55 +++++++++++++++++++++---------- 2 files changed, 39 insertions(+), 18 deletions(-) diff --git a/flake.nix b/flake.nix index 0038003..342df6a 100644 --- a/flake.nix +++ b/flake.nix @@ -111,7 +111,7 @@ ./modules/basic-tools ./modules/binary-caches.nix ./modules/devtools.nix - ./modules/gnome.nix + ./modules/sway.nix ./modules/gnupg.nix ./modules/radio.nix ./modules/science.nix diff --git a/hosts/toaster/network/default.nix b/hosts/toaster/network/default.nix index 6d96c3c..0bf35e9 100644 --- a/hosts/toaster/network/default.nix +++ b/hosts/toaster/network/default.nix @@ -1,36 +1,27 @@ -{ lib, config, ... }: -{ +{ lib, config, pkgs, ... }: { imports = [ ./mullvad.nix ./dumpdvb.nix ./zw.nix ]; - # Networkmanager shouldn't interfere with systemd managed interfaces - networking.networkmanager.unmanaged = - let - systemd_netdevs = lib.attrsets.attrValues ( - lib.attrsets.mapAttrs (_name: value: value.netdevConfig.Name) config.systemd.network.netdevs - ); - in - systemd_netdevs; + environment.systemPackages = with pkgs; [ iwgtk impala ]; - systemd.network = { - enable = true; - wait-online.enable = false; # uplink is managed by networkmanager - }; - - users.users."0xa".extraGroups = [ "networkmanager" ]; + # kick out networkmanager + networking.networkmanager.enable = lib.mkForce false; + networking.useNetworkd = true; + systemd.network.enable = true; networking = { hostName = "toaster"; firewall.enable = true; wireguard.enable = true; + wireless.iwd.enable = true; }; services.resolved = { enable = true; - dnssec = "false"; + dnssec = "allow-downgrade"; fallbackDns = [ "9.9.9.9" "2620:fe::fe" @@ -39,4 +30,34 @@ ]; }; + # we might have no interwebs at all + systemd.network.wait-online.enable = false; + + # uplinks + systemd.network.networks = { + "10-ether-uplink" = { + matchConfig.Name = "enp1s0f0"; + networkConfig = { + DHCP = "yes"; + IPv6AcceptRA = true; + }; + }; + "10-dock-uplink" = { + matchConfig.Name = "enp5s0f4u1u1"; + networkConfig = { + DHCP = "yes"; + IPv6AcceptRA = true; + }; + dhcpV4Config = { RouteMetric = 666; }; + dhcpV6Config = { RouteMetric = 666; }; + }; + "wlan-uplink" = { + matchConfig.Name = "wlan0"; + networkConfig = { + DHCP = "yes"; + IPv6AcceptRA = true; + }; + }; + }; + } From f72c2e676cd4d498a92a7d4897f1b9fe72e327cb Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sat, 15 Feb 2025 16:38:10 +0100 Subject: [PATCH 016/111] dnssec is annoying --- hosts/toaster/network/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hosts/toaster/network/default.nix b/hosts/toaster/network/default.nix index 0bf35e9..48a6f8a 100644 --- a/hosts/toaster/network/default.nix +++ b/hosts/toaster/network/default.nix @@ -1,4 +1,4 @@ -{ lib, config, pkgs, ... }: { +{ lib, pkgs, ... }: { imports = [ ./mullvad.nix ./dumpdvb.nix @@ -21,7 +21,7 @@ services.resolved = { enable = true; - dnssec = "allow-downgrade"; + dnssec = "false"; fallbackDns = [ "9.9.9.9" "2620:fe::fe" From a35426bdac0606c3d4dfc5ddea5815f6fb835c68 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sat, 15 Feb 2025 16:43:48 +0100 Subject: [PATCH 017/111] add ibm3270 and cozette to fonts --- modules/fonts.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/fonts.nix b/modules/fonts.nix index 7ee909b..5fe08ab 100644 --- a/modules/fonts.nix +++ b/modules/fonts.nix @@ -26,7 +26,8 @@ twemoji-color-font twitter-color-emoji iosevka-bin - (nerdfonts.override { fonts = [ "Hack" ]; }) + cozette + (nerdfonts.override { fonts = [ "Hack" "3270" ]; }) ]; fonts.enableDefaultPackages = true; From e51332065381d99091413c899b8a5f2610af14b6 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 18 Feb 2025 09:54:25 +0100 Subject: [PATCH 018/111] software changes --- modules/desktop-software.nix | 3 --- modules/sway.nix | 14 ++++++++------ 2 files changed, 8 insertions(+), 9 deletions(-) diff --git a/modules/desktop-software.nix b/modules/desktop-software.nix index 0ee2847..67b98f1 100644 --- a/modules/desktop-software.nix +++ b/modules/desktop-software.nix @@ -5,8 +5,6 @@ dino ffmpeg-full firefox-wayland - vivaldi - vivaldi-ffmpeg-codecs gimp inkscape signal-desktop @@ -16,7 +14,6 @@ yt-dlp element-desktop discord - spotify mpv ]; programs.steam.enable = true; diff --git a/modules/sway.nix b/modules/sway.nix index 1ce6f63..f4e3c43 100644 --- a/modules/sway.nix +++ b/modules/sway.nix @@ -1,5 +1,8 @@ # General Desktop-related config -{ pkgs, ... }: +{ pkgs, inputs, ... }: +let + unstablepkgs = inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}; +in { imports = [ ./desktop-software.nix @@ -19,11 +22,10 @@ termusic gsettings-desktop-schemas xdg-utils - foot qt5.qtwayland bashmount - nautilus audacity + spotify-player ]; # Enable sound. @@ -61,16 +63,15 @@ ''; extraPackages = with pkgs; [ adwaita-icon-theme - alacritty bluetui foot gammastep graphicsmagick grim - i3status-rust + unstablepkgs.i3status-rust impala kanshi - mako + swaynotificationcenter pamixer rofi-wayland slurp @@ -78,6 +79,7 @@ swaylock wl-clipboard wl-mirror + xfce.thunar ]; }; environment.sessionVariables = { From b6731802a8f735d5073d04b74c54fbe5a53ecb74 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 18 Feb 2025 09:54:31 +0100 Subject: [PATCH 019/111] format --- hosts/toaster/network/default.nix | 16 ++++++++++++---- modules/basic-tools/default.nix | 10 +++++++++- modules/fonts.nix | 7 ++++++- 3 files changed, 27 insertions(+), 6 deletions(-) diff --git a/hosts/toaster/network/default.nix b/hosts/toaster/network/default.nix index 48a6f8a..ee0bdbe 100644 --- a/hosts/toaster/network/default.nix +++ b/hosts/toaster/network/default.nix @@ -1,11 +1,15 @@ -{ lib, pkgs, ... }: { +{ lib, pkgs, ... }: +{ imports = [ ./mullvad.nix ./dumpdvb.nix ./zw.nix ]; - environment.systemPackages = with pkgs; [ iwgtk impala ]; + environment.systemPackages = with pkgs; [ + iwgtk + impala + ]; # kick out networkmanager networking.networkmanager.enable = lib.mkForce false; @@ -48,8 +52,12 @@ DHCP = "yes"; IPv6AcceptRA = true; }; - dhcpV4Config = { RouteMetric = 666; }; - dhcpV6Config = { RouteMetric = 666; }; + dhcpV4Config = { + RouteMetric = 666; + }; + dhcpV6Config = { + RouteMetric = 666; + }; }; "wlan-uplink" = { matchConfig.Name = "wlan0"; diff --git a/modules/basic-tools/default.nix b/modules/basic-tools/default.nix index 3ea8833..d5e81d3 100644 --- a/modules/basic-tools/default.nix +++ b/modules/basic-tools/default.nix @@ -51,7 +51,15 @@ whois mtr ] - ++ (if config.networking.hostName == "toaster" then [ gitFull git-lfs ] else [ git ]); + ++ ( + if config.networking.hostName == "toaster" then + [ + gitFull + git-lfs + ] + else + [ git ] + ); environment.variables = let diff --git a/modules/fonts.nix b/modules/fonts.nix index 5fe08ab..a3516e9 100644 --- a/modules/fonts.nix +++ b/modules/fonts.nix @@ -27,7 +27,12 @@ twitter-color-emoji iosevka-bin cozette - (nerdfonts.override { fonts = [ "Hack" "3270" ]; }) + (nerdfonts.override { + fonts = [ + "Hack" + "3270" + ]; + }) ]; fonts.enableDefaultPackages = true; From b0bc8919c23318ac8f3ba02887bd9a64060ce935 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Thu, 20 Feb 2025 23:22:10 +0100 Subject: [PATCH 020/111] add zathura --- modules/sway.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/sway.nix b/modules/sway.nix index f4e3c43..44ee647 100644 --- a/modules/sway.nix +++ b/modules/sway.nix @@ -26,6 +26,7 @@ in bashmount audacity spotify-player + zathura ]; # Enable sound. From 1e3e2d083ce8f586a47c6afe40cbb5b33c0b27c6 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Thu, 20 Feb 2025 23:31:24 +0100 Subject: [PATCH 021/111] new name for telegram --- modules/desktop-software.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/desktop-software.nix b/modules/desktop-software.nix index 67b98f1..b112de6 100644 --- a/modules/desktop-software.nix +++ b/modules/desktop-software.nix @@ -8,7 +8,7 @@ gimp inkscape signal-desktop - tdesktop + telegram-desktop tor-browser wl-clipboard yt-dlp From 8f7f58b9d1ce0a075390b7216eb142efbb36202b Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Fri, 21 Feb 2025 00:52:57 +0100 Subject: [PATCH 022/111] write tmp to disk --- hosts/toaster/hardware-configuration.nix | 6 ++++++ hosts/toaster/zfs.nix | 3 ++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/hosts/toaster/hardware-configuration.nix b/hosts/toaster/hardware-configuration.nix index 1b0fbb0..318ff03 100644 --- a/hosts/toaster/hardware-configuration.nix +++ b/hosts/toaster/hardware-configuration.nix @@ -49,6 +49,12 @@ options = [ "zfsutil" ]; }; + fileSystems."/tmp" = { + device = "zpool/nocomp/tmp"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; + fileSystems."/boot" = { device = "/dev/disk/by-uuid/A170-F83D"; fsType = "vfat"; diff --git a/hosts/toaster/zfs.nix b/hosts/toaster/zfs.nix index 70cc5c9..1970bbf 100644 --- a/hosts/toaster/zfs.nix +++ b/hosts/toaster/zfs.nix @@ -19,6 +19,7 @@ supportedFilesystems = [ "zfs" ]; kernelParams = [ "nohibernate" ]; plymouth.enable = false; - tmp.useTmpfs = true; + tmp.useTmpfs = false; + tmp.cleanOnBoot = true; }; } From 2669f23735f6913675e3ed04de7af3d04249f05c Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Fri, 21 Feb 2025 00:53:12 +0100 Subject: [PATCH 023/111] bump lock --- flake.lock | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/flake.lock b/flake.lock index d608a5c..ccb1bf2 100644 --- a/flake.lock +++ b/flake.lock @@ -278,11 +278,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1739546930, - "narHash": "sha256-m9s8XjIFd9ByX45/mnsryQa0G5ncMjOBJE4kAOHPoUI=", - "rev": "1077bc626e8dfc153524da40eddad46ef893d66e", + "lastModified": 1740025708, + "narHash": "sha256-TQ8EQoulNFD2nP94Aw3W17cjlV3F+fMpDsV6LOrrkbY=", + "rev": "e335a26d5cd8371ea836d1166b627eaf17427299", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/1077bc626e8dfc153524da40eddad46ef893d66e.tar.gz?rev=1077bc626e8dfc153524da40eddad46ef893d66e" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/e335a26d5cd8371ea836d1166b627eaf17427299.tar.gz?rev=e335a26d5cd8371ea836d1166b627eaf17427299" }, "original": { "type": "tarball", @@ -387,11 +387,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1738816619, - "narHash": "sha256-5yRlg48XmpcX5b5HesdGMOte+YuCy9rzQkJz+imcu6I=", + "lastModified": 1740089251, + "narHash": "sha256-Y78mDBWoO8CLLTjQfPfII+KXFb6lAmF9GrLbyVBsIMM=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "2eccff41bab80839b1d25b303b53d339fbb07087", + "rev": "18e9f9753e9ae261bcc7d3abe15745686991fd30", "type": "github" }, "original": { @@ -403,11 +403,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1739484910, - "narHash": "sha256-wjWLzdM7PIq4ZAe7k3vyjtgVJn6b0UeodtRFlM/6W5U=", + "lastModified": 1739923778, + "narHash": "sha256-BqUY8tz0AQ4to2Z4+uaKczh81zsGZSYxjgvtw+fvIfM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0b73e36b1962620a8ac551a37229dd8662dac5c8", + "rev": "36864ed72f234b9540da4cf7a0c49e351d30d3f1", "type": "github" }, "original": { @@ -447,11 +447,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1739446958, - "narHash": "sha256-+/bYK3DbPxMIvSL4zArkMX0LQvS7rzBKXnDXLfKyRVc=", + "lastModified": 1739866667, + "narHash": "sha256-EO1ygNKZlsAC9avfcwHkKGMsmipUk1Uc0TbrEZpkn64=", "owner": "nixos", "repo": "nixpkgs", - "rev": "2ff53fe64443980e139eaa286017f53f88336dd0", + "rev": "73cf49b8ad837ade2de76f87eb53fc85ed5d4680", "type": "github" }, "original": { From e9625f41c4c0d5b4f99bee89a4e5d398bbb1cf24 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sun, 23 Feb 2025 02:34:20 +0100 Subject: [PATCH 024/111] software changes --- modules/basic-tools/default.nix | 2 +- modules/sway.nix | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/basic-tools/default.nix b/modules/basic-tools/default.nix index d5e81d3..a917168 100644 --- a/modules/basic-tools/default.nix +++ b/modules/basic-tools/default.nix @@ -39,7 +39,6 @@ exfatprogs nmap bind - nnn lf man-pages unzip @@ -50,6 +49,7 @@ sshfs whois mtr + joshuto ] ++ ( if config.networking.hostName == "toaster" then diff --git a/modules/sway.nix b/modules/sway.nix index 44ee647..47f5698 100644 --- a/modules/sway.nix +++ b/modules/sway.nix @@ -27,6 +27,7 @@ in audacity spotify-player zathura + ncdu ]; # Enable sound. From db8daf4f061e13961eef5142dcdc9816a094c9a1 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sun, 23 Feb 2025 02:34:27 +0100 Subject: [PATCH 025/111] bump lock --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index ccb1bf2..e088cc7 100644 --- a/flake.lock +++ b/flake.lock @@ -278,11 +278,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1740025708, - "narHash": "sha256-TQ8EQoulNFD2nP94Aw3W17cjlV3F+fMpDsV6LOrrkbY=", - "rev": "e335a26d5cd8371ea836d1166b627eaf17427299", + "lastModified": 1740253065, + "narHash": "sha256-ucwXcftJ7DHjk1UA2LmfHXkDPoCgfB4uadwFUCBvc8w=", + "rev": "82c7e76c9c2d829dc11c22b32173a40056cc44ef", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/e335a26d5cd8371ea836d1166b627eaf17427299.tar.gz?rev=e335a26d5cd8371ea836d1166b627eaf17427299" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/82c7e76c9c2d829dc11c22b32173a40056cc44ef.tar.gz?rev=82c7e76c9c2d829dc11c22b32173a40056cc44ef" }, "original": { "type": "tarball", From 019a309ddaf9f43357c5de1c01873bb7edaac2f4 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 19 Feb 2025 01:57:32 +0100 Subject: [PATCH 026/111] Revert "sway config" This reverts commit 73df58ccb08aeb44ff7f2b5324762533d5be9ec0. --- flake.nix | 2 +- hosts/toaster/network/default.nix | 59 ++++++++----------------------- 2 files changed, 16 insertions(+), 45 deletions(-) diff --git a/flake.nix b/flake.nix index 342df6a..0038003 100644 --- a/flake.nix +++ b/flake.nix @@ -111,7 +111,7 @@ ./modules/basic-tools ./modules/binary-caches.nix ./modules/devtools.nix - ./modules/sway.nix + ./modules/gnome.nix ./modules/gnupg.nix ./modules/radio.nix ./modules/science.nix diff --git a/hosts/toaster/network/default.nix b/hosts/toaster/network/default.nix index ee0bdbe..6d96c3c 100644 --- a/hosts/toaster/network/default.nix +++ b/hosts/toaster/network/default.nix @@ -1,4 +1,4 @@ -{ lib, pkgs, ... }: +{ lib, config, ... }: { imports = [ ./mullvad.nix @@ -6,21 +6,26 @@ ./zw.nix ]; - environment.systemPackages = with pkgs; [ - iwgtk - impala - ]; + # Networkmanager shouldn't interfere with systemd managed interfaces + networking.networkmanager.unmanaged = + let + systemd_netdevs = lib.attrsets.attrValues ( + lib.attrsets.mapAttrs (_name: value: value.netdevConfig.Name) config.systemd.network.netdevs + ); + in + systemd_netdevs; - # kick out networkmanager - networking.networkmanager.enable = lib.mkForce false; - networking.useNetworkd = true; - systemd.network.enable = true; + systemd.network = { + enable = true; + wait-online.enable = false; # uplink is managed by networkmanager + }; + + users.users."0xa".extraGroups = [ "networkmanager" ]; networking = { hostName = "toaster"; firewall.enable = true; wireguard.enable = true; - wireless.iwd.enable = true; }; services.resolved = { @@ -34,38 +39,4 @@ ]; }; - # we might have no interwebs at all - systemd.network.wait-online.enable = false; - - # uplinks - systemd.network.networks = { - "10-ether-uplink" = { - matchConfig.Name = "enp1s0f0"; - networkConfig = { - DHCP = "yes"; - IPv6AcceptRA = true; - }; - }; - "10-dock-uplink" = { - matchConfig.Name = "enp5s0f4u1u1"; - networkConfig = { - DHCP = "yes"; - IPv6AcceptRA = true; - }; - dhcpV4Config = { - RouteMetric = 666; - }; - dhcpV6Config = { - RouteMetric = 666; - }; - }; - "wlan-uplink" = { - matchConfig.Name = "wlan0"; - networkConfig = { - DHCP = "yes"; - IPv6AcceptRA = true; - }; - }; - }; - } From 38c5c53a28c62f00af5c523fa5ed8c1edff4336f Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sun, 23 Feb 2025 13:57:38 +0100 Subject: [PATCH 027/111] bump lock --- flake.lock | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index e088cc7..2e39d99 100644 --- a/flake.lock +++ b/flake.lock @@ -278,11 +278,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1740253065, - "narHash": "sha256-ucwXcftJ7DHjk1UA2LmfHXkDPoCgfB4uadwFUCBvc8w=", - "rev": "82c7e76c9c2d829dc11c22b32173a40056cc44ef", + "lastModified": 1740304046, + "narHash": "sha256-BaI27pORky5j8slRzGJTzaWR5tuKvY1z9I+n7n16YgM=", + "rev": "c64a9db6bb03d2755757188394d15fa1a0e12406", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/82c7e76c9c2d829dc11c22b32173a40056cc44ef.tar.gz?rev=82c7e76c9c2d829dc11c22b32173a40056cc44ef" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/c64a9db6bb03d2755757188394d15fa1a0e12406.tar.gz?rev=c64a9db6bb03d2755757188394d15fa1a0e12406" }, "original": { "type": "tarball", @@ -403,11 +403,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1739923778, - "narHash": "sha256-BqUY8tz0AQ4to2Z4+uaKczh81zsGZSYxjgvtw+fvIfM=", + "lastModified": 1740162160, + "narHash": "sha256-SSYxFhqCOb3aiPb6MmN68yEzBIltfom8IgRz7phHscM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "36864ed72f234b9540da4cf7a0c49e351d30d3f1", + "rev": "11415c7ae8539d6292f2928317ee7a8410b28bb9", "type": "github" }, "original": { From 2a9d765c94100cbf12b863714a5fc30e64b1c4a3 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 25 Feb 2025 17:36:42 +0100 Subject: [PATCH 028/111] bump lock --- flake.lock | 46 +++++++++++++++++++++++----------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/flake.lock b/flake.lock index 2e39d99..bb99006 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1739612324, - "narHash": "sha256-3RQgKLNSKlcLtdfAo7Zx3+Q+3Bwgy8rx3gZ6ejTeh1w=", + "lastModified": 1740420811, + "narHash": "sha256-ZfSnVdW2S9G4dYFxnW7sB/XgBe2SR17WHTb0eDNkkOk=", "owner": "nix-community", "repo": "authentik-nix", - "rev": "efd801f6faecf6caf489fa03dbd6e32e416bec6d", + "rev": "c79e9b78104e9d8c406445d575623c2770d7d99a", "type": "github" }, "original": { @@ -30,16 +30,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1738183650, - "narHash": "sha256-4XdYlqfd23TVPaJ0R5tEBIpDXLV4mFHdXhIWp5dIvIE=", + "lastModified": 1740398117, + "narHash": "sha256-eafk3lCFG3l1OKt8xoKZjbDFcOUFQgpivMMT4GjaNWU=", "owner": "goauthentik", "repo": "authentik", - "rev": "f1b7a9f934e6b58a1884ba753575eac6267f4b6e", + "rev": "5c5cc1c7daa4248c5a2c29ac47f3639d4eaa8ff5", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2024.12.3", + "ref": "version/2025.2.0", "repo": "authentik", "type": "github" } @@ -278,11 +278,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1740304046, - "narHash": "sha256-BaI27pORky5j8slRzGJTzaWR5tuKvY1z9I+n7n16YgM=", - "rev": "c64a9db6bb03d2755757188394d15fa1a0e12406", + "lastModified": 1740449362, + "narHash": "sha256-UJaNM71Lai/GdExpjqzhWRcLLJf5TfISSHZgA/KMU6M=", + "rev": "42a8fb96567ef4ffae9494056da0c8ca5a7634df", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/c64a9db6bb03d2755757188394d15fa1a0e12406.tar.gz?rev=c64a9db6bb03d2755757188394d15fa1a0e12406" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/42a8fb96567ef4ffae9494056da0c8ca5a7634df.tar.gz?rev=42a8fb96567ef4ffae9494056da0c8ca5a7634df" }, "original": { "type": "tarball", @@ -387,11 +387,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1740089251, - "narHash": "sha256-Y78mDBWoO8CLLTjQfPfII+KXFb6lAmF9GrLbyVBsIMM=", + "lastModified": 1740387674, + "narHash": "sha256-pGk/aA0EBvI6o4DeuZsr05Ig/r4uMlSaf5EWUZEWM10=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "18e9f9753e9ae261bcc7d3abe15745686991fd30", + "rev": "d58f642ddb23320965b27beb0beba7236e9117b5", "type": "github" }, "original": { @@ -403,11 +403,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1740162160, - "narHash": "sha256-SSYxFhqCOb3aiPb6MmN68yEzBIltfom8IgRz7phHscM=", + "lastModified": 1740339700, + "narHash": "sha256-cbrw7EgQhcdFnu6iS3vane53bEagZQy/xyIkDWpCgVE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "11415c7ae8539d6292f2928317ee7a8410b28bb9", + "rev": "04ef94c4c1582fd485bbfdb8c4a8ba250e359195", "type": "github" }, "original": { @@ -447,11 +447,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1739866667, - "narHash": "sha256-EO1ygNKZlsAC9avfcwHkKGMsmipUk1Uc0TbrEZpkn64=", + "lastModified": 1740367490, + "narHash": "sha256-WGaHVAjcrv+Cun7zPlI41SerRtfknGQap281+AakSAw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "73cf49b8ad837ade2de76f87eb53fc85ed5d4680", + "rev": "0196c0175e9191c474c26ab5548db27ef5d34b05", "type": "github" }, "original": { @@ -479,11 +479,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1738741221, - "narHash": "sha256-UiTOA89yQV5YNlO1ZAp4IqJUGWOnTyBC83netvt8rQE=", + "lastModified": 1739883580, + "narHash": "sha256-3ydikhrNaWy8j0cqHju/94PcD4GZ9T4Ju4rHh34oz3k=", "owner": "nix-community", "repo": "poetry2nix", - "rev": "be1fe795035d3d36359ca9135b26dcc5321b31fb", + "rev": "d90f9db68a4bda31c346be16dfd8d3263be4547e", "type": "github" }, "original": { From a1bb8d867ae7d222d1824fe860a18d2a2319f9f5 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 25 Feb 2025 17:37:15 +0100 Subject: [PATCH 029/111] software changes --- modules/desktop-software.nix | 1 + modules/gnome.nix | 1 + 2 files changed, 2 insertions(+) diff --git a/modules/desktop-software.nix b/modules/desktop-software.nix index b112de6..a2fe435 100644 --- a/modules/desktop-software.nix +++ b/modules/desktop-software.nix @@ -15,6 +15,7 @@ element-desktop discord mpv + dwarf-fortress-packages.dwarf-fortress-full ]; programs.steam.enable = true; } diff --git a/modules/gnome.nix b/modules/gnome.nix index 897c4d3..506fbcf 100644 --- a/modules/gnome.nix +++ b/modules/gnome.nix @@ -14,6 +14,7 @@ gnome-tweaks qbittorrent gnomeExtensions.caffeine + spotify ]; environment.gnome.excludePackages = with pkgs; [ From d84bc75c427616d124d4310623f548242ac57700 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Thu, 27 Feb 2025 19:00:56 +0100 Subject: [PATCH 030/111] bump lock --- flake.lock | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/flake.lock b/flake.lock index bb99006..15fa325 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1740420811, - "narHash": "sha256-ZfSnVdW2S9G4dYFxnW7sB/XgBe2SR17WHTb0eDNkkOk=", + "lastModified": 1740601740, + "narHash": "sha256-YQ8lMeT/KkMDavXrqPvoO6pKQdfSSAZBcNp/Cer4vWc=", "owner": "nix-community", "repo": "authentik-nix", - "rev": "c79e9b78104e9d8c406445d575623c2770d7d99a", + "rev": "bfcad34becd76d148e1ad537b5dcbd58d858a5bb", "type": "github" }, "original": { @@ -30,16 +30,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1740398117, - "narHash": "sha256-eafk3lCFG3l1OKt8xoKZjbDFcOUFQgpivMMT4GjaNWU=", + "lastModified": 1740599692, + "narHash": "sha256-KZalpsM9rvki9GD+urf8idHOEnvBJtkSvE1b2b4KL/4=", "owner": "goauthentik", "repo": "authentik", - "rev": "5c5cc1c7daa4248c5a2c29ac47f3639d4eaa8ff5", + "rev": "31fe0e59234e487a42012510d1a4e4819b9aba26", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2025.2.0", + "ref": "version/2025.2.1", "repo": "authentik", "type": "github" } @@ -278,11 +278,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1740449362, - "narHash": "sha256-UJaNM71Lai/GdExpjqzhWRcLLJf5TfISSHZgA/KMU6M=", - "rev": "42a8fb96567ef4ffae9494056da0c8ca5a7634df", + "lastModified": 1740647693, + "narHash": "sha256-pYxhtDAOmlbP4XqgjIvbpi7CFtX8USH6DlRybS2Jxu4=", + "rev": "03ade5e6d75cb7705900cf696505b836fc831be0", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/42a8fb96567ef4ffae9494056da0c8ca5a7634df.tar.gz?rev=42a8fb96567ef4ffae9494056da0c8ca5a7634df" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/03ade5e6d75cb7705900cf696505b836fc831be0.tar.gz?rev=03ade5e6d75cb7705900cf696505b836fc831be0" }, "original": { "type": "tarball", @@ -387,11 +387,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1740387674, - "narHash": "sha256-pGk/aA0EBvI6o4DeuZsr05Ig/r4uMlSaf5EWUZEWM10=", + "lastModified": 1740646007, + "narHash": "sha256-dMReDQobS3kqoiUCQIYI9c0imPXRZnBubX20yX/G5LE=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "d58f642ddb23320965b27beb0beba7236e9117b5", + "rev": "009b764ac98a3602d41fc68072eeec5d24fc0e49", "type": "github" }, "original": { @@ -403,11 +403,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1740339700, - "narHash": "sha256-cbrw7EgQhcdFnu6iS3vane53bEagZQy/xyIkDWpCgVE=", + "lastModified": 1740463929, + "narHash": "sha256-4Xhu/3aUdCKeLfdteEHMegx5ooKQvwPHNkOgNCXQrvc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "04ef94c4c1582fd485bbfdb8c4a8ba250e359195", + "rev": "5d7db4668d7a0c6cc5fc8cf6ef33b008b2b1ed8b", "type": "github" }, "original": { @@ -447,11 +447,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1740367490, - "narHash": "sha256-WGaHVAjcrv+Cun7zPlI41SerRtfknGQap281+AakSAw=", + "lastModified": 1740560979, + "narHash": "sha256-Vr3Qi346M+8CjedtbyUevIGDZW8LcA1fTG0ugPY/Hic=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0196c0175e9191c474c26ab5548db27ef5d34b05", + "rev": "5135c59491985879812717f4c9fea69604e7f26f", "type": "github" }, "original": { From 6d0f775d73b10a9c60c1ae1d6ec87e0bb8f63103 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Fri, 28 Feb 2025 12:15:51 +0100 Subject: [PATCH 031/111] fuck mozilla --- flake.nix | 1 - modules/chromium.nix | 11 +++++------ modules/desktop-software.nix | 4 +++- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/flake.nix b/flake.nix index 0038003..9a59f52 100644 --- a/flake.nix +++ b/flake.nix @@ -118,7 +118,6 @@ ./modules/tlp.nix ./modules/virtualization.nix ./hosts/toaster/secure-boot.nix - ./modules/chromium.nix ./modules/mail ./modules/wg ]; diff --git a/modules/chromium.nix b/modules/chromium.nix index 30d6faf..8b4a574 100644 --- a/modules/chromium.nix +++ b/modules/chromium.nix @@ -5,17 +5,16 @@ chromium ]; - nixpkgs.config.chromium.commandLineArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland --force-dark-mode --ignore-gpu-blocklist --enable-gpu-rasterization --enable-zero-copy --enable-features=VaapiVideoDecoder,VaapiVideoEncoder,CanvasOopRasterization,WebUIDarkMode"; + nixpkgs.config.chromium.commandLineArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland --ignore-gpu-blocklist --enable-gpu-rasterization --enable-zero-copy --enable-features=VaapiVideoDecoder,VaapiVideoEncoder,CanvasOopRasterization,WebUIDarkMode"; programs.chromium = { enable = true; extensions = [ - # "pkehgijcmpdhfbdbbnkijodmdjhbjlgp" # privacy badger "ekhagklcjbdpajgpjgmbionohlpdbjgc" # zotero connector "nngceckbapebfimnlniiiahkandclblb" # bitwarden - # "cjpalhdlnbpafiamejdnhcphjbkeiagm" # ublock origin - # "ddkjiahejlhfcafbddmgiahcphecmpfh" # ublock lite + "ddkjiahejlhfcafbddmgiahcphecmpfh" # ublock lite "mnjggcdmjocbbbhaepdhchncahnbgone" # sponsorblock + "khncfooichmfjbepaaaebmommgaepoid" # unhook ]; extraOpts = { "BrowserSignin" = 0; @@ -27,9 +26,9 @@ "AutoplayAllowed" = false; "DefaultNotificationSetting" = 2; "BackgroundModeEnabled" = false; - # "DefaultSearchProviderEnabled" = true; + "DefaultSearchProviderEnabled" = true; # "DefaultSearchProviderSearchURL" = "https://google.com/search?q={searchTerms}"; - # "DefaultSearchProviderSearchURL" = "https://duckduckgo.com/?q={searchTerms}"; + "DefaultSearchProviderSearchURL" = "https://duckduckgo.com/?q={searchTerms}"; "SearchSuggestEnable" = false; }; }; diff --git a/modules/desktop-software.nix b/modules/desktop-software.nix index a2fe435..960adc4 100644 --- a/modules/desktop-software.nix +++ b/modules/desktop-software.nix @@ -1,10 +1,12 @@ { pkgs, ... }: { + imports = [ + ./chromium.nix + ]; environment.systemPackages = with pkgs; [ blender dino ffmpeg-full - firefox-wayland gimp inkscape signal-desktop From 205086969b18e240ade93dccc08fa0153d5c1f9b Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Fri, 28 Feb 2025 12:16:07 +0100 Subject: [PATCH 032/111] back to tide --- modules/basic-tools/fish.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/basic-tools/fish.nix b/modules/basic-tools/fish.nix index 5099bbd..5e06de3 100644 --- a/modules/basic-tools/fish.nix +++ b/modules/basic-tools/fish.nix @@ -5,7 +5,7 @@ fzf fishPlugins.done fishPlugins.fzf-fish - fishPlugins.hydro + fishPlugins.tide ]; programs.fish = { From f7b3b0c0036cc3455ebdc7772a2df946569a0966 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Fri, 28 Feb 2025 13:44:28 +0100 Subject: [PATCH 033/111] bump lock --- flake.lock | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index 15fa325..5fb3a84 100644 --- a/flake.lock +++ b/flake.lock @@ -278,11 +278,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1740647693, - "narHash": "sha256-pYxhtDAOmlbP4XqgjIvbpi7CFtX8USH6DlRybS2Jxu4=", - "rev": "03ade5e6d75cb7705900cf696505b836fc831be0", + "lastModified": 1740700266, + "narHash": "sha256-4ucbGdPUYmwE4ezj9fAw6Bm3/KEgOI3PTMKWv89KuIw=", + "rev": "5778998cfa2ba0e4cd49873c0b0892f9c81de247", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/03ade5e6d75cb7705900cf696505b836fc831be0.tar.gz?rev=03ade5e6d75cb7705900cf696505b836fc831be0" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/5778998cfa2ba0e4cd49873c0b0892f9c81de247.tar.gz?rev=5778998cfa2ba0e4cd49873c0b0892f9c81de247" }, "original": { "type": "tarball", @@ -403,11 +403,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1740463929, - "narHash": "sha256-4Xhu/3aUdCKeLfdteEHMegx5ooKQvwPHNkOgNCXQrvc=", + "lastModified": 1740603184, + "narHash": "sha256-t+VaahjQAWyA+Ctn2idyo1yxRIYpaDxMgHkgCNiMJa4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5d7db4668d7a0c6cc5fc8cf6ef33b008b2b1ed8b", + "rev": "f44bd8ca21e026135061a0a57dcf3d0775b67a49", "type": "github" }, "original": { From c48f8889af9828311ac61eefaa8e225a8943c71f Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Fri, 28 Feb 2025 20:48:18 +0100 Subject: [PATCH 034/111] chromium: enable widevine --- modules/chromium.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/chromium.nix b/modules/chromium.nix index 8b4a574..6c7da2f 100644 --- a/modules/chromium.nix +++ b/modules/chromium.nix @@ -2,7 +2,7 @@ { environment.systemPackages = with pkgs; [ - chromium + (chromium.override { enableWideVine = true; }) ]; nixpkgs.config.chromium.commandLineArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland --ignore-gpu-blocklist --enable-gpu-rasterization --enable-zero-copy --enable-features=VaapiVideoDecoder,VaapiVideoEncoder,CanvasOopRasterization,WebUIDarkMode"; From 33a259f4804e468f6abac7fee4f558c5dc34264e Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Mon, 3 Mar 2025 13:32:39 +0100 Subject: [PATCH 035/111] bump lock --- flake.lock | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/flake.lock b/flake.lock index 5fb3a84..de97eae 100644 --- a/flake.lock +++ b/flake.lock @@ -278,11 +278,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1740700266, - "narHash": "sha256-4ucbGdPUYmwE4ezj9fAw6Bm3/KEgOI3PTMKWv89KuIw=", - "rev": "5778998cfa2ba0e4cd49873c0b0892f9c81de247", + "lastModified": 1741212440, + "narHash": "sha256-UrNM90hCGa4Ee8R7v6oyBL9Mqi5XbyNdUAireOzgzGs=", + "rev": "f61bcc6ca9a90f29d82e51b3e545fdf2bcfe0a08", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/5778998cfa2ba0e4cd49873c0b0892f9c81de247.tar.gz?rev=5778998cfa2ba0e4cd49873c0b0892f9c81de247" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/f61bcc6ca9a90f29d82e51b3e545fdf2bcfe0a08.tar.gz?rev=f61bcc6ca9a90f29d82e51b3e545fdf2bcfe0a08" }, "original": { "type": "tarball", @@ -387,11 +387,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1740646007, - "narHash": "sha256-dMReDQobS3kqoiUCQIYI9c0imPXRZnBubX20yX/G5LE=", + "lastModified": 1741325094, + "narHash": "sha256-RUAdT8dZ6k/486vnu3tiNRrNW6+Q8uSD2Mq7gTX4jlo=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "009b764ac98a3602d41fc68072eeec5d24fc0e49", + "rev": "b48cc4dab0f9711af296fc367b6108cf7b8ccb16", "type": "github" }, "original": { @@ -403,11 +403,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1740603184, - "narHash": "sha256-t+VaahjQAWyA+Ctn2idyo1yxRIYpaDxMgHkgCNiMJa4=", + "lastModified": 1741196730, + "narHash": "sha256-0Sj6ZKjCpQMfWnN0NURqRCQn2ob7YtXTAOTwCuz7fkA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f44bd8ca21e026135061a0a57dcf3d0775b67a49", + "rev": "48913d8f9127ea6530a2a2f1bd4daa1b8685d8a3", "type": "github" }, "original": { @@ -447,11 +447,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1740560979, - "narHash": "sha256-Vr3Qi346M+8CjedtbyUevIGDZW8LcA1fTG0ugPY/Hic=", + "lastModified": 1741246872, + "narHash": "sha256-Q6pMP4a9ed636qilcYX8XUguvKl/0/LGXhHcRI91p0U=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5135c59491985879812717f4c9fea69604e7f26f", + "rev": "10069ef4cf863633f57238f179a0297de84bd8d3", "type": "github" }, "original": { @@ -567,11 +567,11 @@ ] }, "locked": { - "lastModified": 1739262228, - "narHash": "sha256-7JAGezJ0Dn5qIyA2+T4Dt/xQgAbhCglh6lzCekTVMeU=", + "lastModified": 1741043164, + "narHash": "sha256-9lfmSZLz6eq9Ygr6cCmvQiiBEaPb54pUBcjvbEMPORc=", "owner": "Mic92", "repo": "sops-nix", - "rev": "07af005bb7d60c7f118d9d9f5530485da5d1e975", + "rev": "3f2412536eeece783f0d0ad3861417f347219f4d", "type": "github" }, "original": { From ccb39b1190201df0c91f07e9f9950e4685a9fb07 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sat, 8 Mar 2025 18:07:30 +0100 Subject: [PATCH 036/111] add ghosttty --- modules/gnome.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/gnome.nix b/modules/gnome.nix index 506fbcf..738fd33 100644 --- a/modules/gnome.nix +++ b/modules/gnome.nix @@ -15,6 +15,7 @@ qbittorrent gnomeExtensions.caffeine spotify + ghostty ]; environment.gnome.excludePackages = with pkgs; [ From d6a77c851a5174a917976ff62f5919b478dad116 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sat, 8 Mar 2025 18:07:44 +0100 Subject: [PATCH 037/111] disable ad stuff automatically --- modules/chromium.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/modules/chromium.nix b/modules/chromium.nix index 6c7da2f..5c971c6 100644 --- a/modules/chromium.nix +++ b/modules/chromium.nix @@ -18,7 +18,7 @@ ]; extraOpts = { "BrowserSignin" = 0; - # "SyncDisabled" = true; + "SyncDisabled" = true; "PasswordManagerEnabled" = false; "TranslateEnabled" = false; "AutofillAddressEnabled" = false; @@ -30,6 +30,11 @@ # "DefaultSearchProviderSearchURL" = "https://google.com/search?q={searchTerms}"; "DefaultSearchProviderSearchURL" = "https://duckduckgo.com/?q={searchTerms}"; "SearchSuggestEnable" = false; + "BlockThirdPartyCookies" = true; + "PrivacySandboxAdMeasurementEnabled" = false; + "PrivacySandboxAdTopicsEnabled" = false; + "PrivacySandboxPromptEnabled" = false; + "PrivacySandboxSiteEnabledAdsEnabled" = false; }; }; } From e5bd758c7bbfe404f9cb11355145bcfb0614a2f7 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sat, 8 Mar 2025 18:08:22 +0100 Subject: [PATCH 038/111] bump lock --- flake.lock | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index de97eae..9c246cc 100644 --- a/flake.lock +++ b/flake.lock @@ -278,11 +278,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1741212440, - "narHash": "sha256-UrNM90hCGa4Ee8R7v6oyBL9Mqi5XbyNdUAireOzgzGs=", - "rev": "f61bcc6ca9a90f29d82e51b3e545fdf2bcfe0a08", + "lastModified": 1741358751, + "narHash": "sha256-cDPg74UirjlGcVjB9qI/8ImkdEJ9p2y8Y2FQBfU8KzY=", + "rev": "93c3ca4e92b8cd1a129498f4c3f4c48558032d46", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/f61bcc6ca9a90f29d82e51b3e545fdf2bcfe0a08.tar.gz?rev=f61bcc6ca9a90f29d82e51b3e545fdf2bcfe0a08" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/93c3ca4e92b8cd1a129498f4c3f4c48558032d46.tar.gz?rev=93c3ca4e92b8cd1a129498f4c3f4c48558032d46" }, "original": { "type": "tarball", @@ -403,11 +403,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1741196730, - "narHash": "sha256-0Sj6ZKjCpQMfWnN0NURqRCQn2ob7YtXTAOTwCuz7fkA=", + "lastModified": 1741332913, + "narHash": "sha256-ri1e8ZliWS3Jnp9yqpKApHaOo7KBN33W8ECAKA4teAQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "48913d8f9127ea6530a2a2f1bd4daa1b8685d8a3", + "rev": "20755fa05115c84be00b04690630cb38f0a203ad", "type": "github" }, "original": { From ffd3541e9379c95ca6a0d7327bbd34fa94019dff Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sun, 9 Mar 2025 17:15:51 +0100 Subject: [PATCH 039/111] add obs --- modules/desktop-software.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/desktop-software.nix b/modules/desktop-software.nix index 960adc4..54dcab0 100644 --- a/modules/desktop-software.nix +++ b/modules/desktop-software.nix @@ -18,6 +18,7 @@ discord mpv dwarf-fortress-packages.dwarf-fortress-full + obs-studio ]; programs.steam.enable = true; } From dbe681dda9e090a58a225aa095d4026d06811d3c Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Mon, 10 Mar 2025 19:43:39 +0100 Subject: [PATCH 040/111] add fractal --- modules/gnome.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/gnome.nix b/modules/gnome.nix index 738fd33..33aeb50 100644 --- a/modules/gnome.nix +++ b/modules/gnome.nix @@ -16,6 +16,7 @@ gnomeExtensions.caffeine spotify ghostty + fractal ]; environment.gnome.excludePackages = with pkgs; [ From 0f41a19f3af3e9add8fcbc0c12bef1fd75ff208a Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Mon, 10 Mar 2025 19:43:59 +0100 Subject: [PATCH 041/111] bump lock --- flake.lock | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/flake.lock b/flake.lock index 9c246cc..198cc6d 100644 --- a/flake.lock +++ b/flake.lock @@ -278,11 +278,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1741358751, - "narHash": "sha256-cDPg74UirjlGcVjB9qI/8ImkdEJ9p2y8Y2FQBfU8KzY=", - "rev": "93c3ca4e92b8cd1a129498f4c3f4c48558032d46", + "lastModified": 1741556509, + "narHash": "sha256-Av7lhGzOjduWaq+0Wp1xR8jlTtkyhBmSZJy1G36hNtk=", + "rev": "423a34393759d75683ed84b470239a8d8f9a84ed", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/93c3ca4e92b8cd1a129498f4c3f4c48558032d46.tar.gz?rev=93c3ca4e92b8cd1a129498f4c3f4c48558032d46" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/423a34393759d75683ed84b470239a8d8f9a84ed.tar.gz?rev=423a34393759d75683ed84b470239a8d8f9a84ed" }, "original": { "type": "tarball", @@ -403,11 +403,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1741332913, - "narHash": "sha256-ri1e8ZliWS3Jnp9yqpKApHaOo7KBN33W8ECAKA4teAQ=", + "lastModified": 1741445498, + "narHash": "sha256-F5Em0iv/CxkN5mZ9hRn3vPknpoWdcdCyR0e4WklHwiE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "20755fa05115c84be00b04690630cb38f0a203ad", + "rev": "52e3095f6d812b91b22fb7ad0bfc1ab416453634", "type": "github" }, "original": { @@ -447,11 +447,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1741246872, - "narHash": "sha256-Q6pMP4a9ed636qilcYX8XUguvKl/0/LGXhHcRI91p0U=", + "lastModified": 1741379970, + "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "10069ef4cf863633f57238f179a0297de84bd8d3", + "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f", "type": "github" }, "original": { From 94f292505473b5cf414440d654960ca15265b3bf Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 12 Mar 2025 18:53:22 +0100 Subject: [PATCH 042/111] bump lock --- flake.lock | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/flake.lock b/flake.lock index 198cc6d..36aaad2 100644 --- a/flake.lock +++ b/flake.lock @@ -278,11 +278,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1741556509, - "narHash": "sha256-Av7lhGzOjduWaq+0Wp1xR8jlTtkyhBmSZJy1G36hNtk=", - "rev": "423a34393759d75683ed84b470239a8d8f9a84ed", + "lastModified": 1741730072, + "narHash": "sha256-bHsQBdUz2l+DKXcNrCgul1fdMo8MO2YaJo+Lp84GL00=", + "rev": "85a140accb5592c9b5a73f5ea2156f5b0c853d1c", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/423a34393759d75683ed84b470239a8d8f9a84ed.tar.gz?rev=423a34393759d75683ed84b470239a8d8f9a84ed" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/85a140accb5592c9b5a73f5ea2156f5b0c853d1c.tar.gz?rev=85a140accb5592c9b5a73f5ea2156f5b0c853d1c" }, "original": { "type": "tarball", @@ -387,11 +387,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1741325094, - "narHash": "sha256-RUAdT8dZ6k/486vnu3tiNRrNW6+Q8uSD2Mq7gTX4jlo=", + "lastModified": 1741792691, + "narHash": "sha256-f0BVt1/cvA0DQ/q3rB+HY4g4tKksd03ZkzI4xehC2Ew=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "b48cc4dab0f9711af296fc367b6108cf7b8ccb16", + "rev": "e1f12151258b12c567f456d8248e4694e9390613", "type": "github" }, "original": { @@ -403,11 +403,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1741445498, - "narHash": "sha256-F5Em0iv/CxkN5mZ9hRn3vPknpoWdcdCyR0e4WklHwiE=", + "lastModified": 1741600792, + "narHash": "sha256-yfDy6chHcM7pXpMF4wycuuV+ILSTG486Z/vLx/Bdi6Y=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "52e3095f6d812b91b22fb7ad0bfc1ab416453634", + "rev": "ebe2788eafd539477f83775ef93c3c7e244421d3", "type": "github" }, "original": { @@ -447,11 +447,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1741379970, - "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", + "lastModified": 1741513245, + "narHash": "sha256-7rTAMNTY1xoBwz0h7ZMtEcd8LELk9R5TzBPoHuhNSCk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f", + "rev": "e3e32b642a31e6714ec1b712de8c91a3352ce7e1", "type": "github" }, "original": { @@ -567,11 +567,11 @@ ] }, "locked": { - "lastModified": 1741043164, - "narHash": "sha256-9lfmSZLz6eq9Ygr6cCmvQiiBEaPb54pUBcjvbEMPORc=", + "lastModified": 1741644481, + "narHash": "sha256-E0RrMykMtEv15V3QhpsFutgoSKhL1JBhidn+iZajOyg=", "owner": "Mic92", "repo": "sops-nix", - "rev": "3f2412536eeece783f0d0ad3861417f347219f4d", + "rev": "e653d71e82575a43fe9d228def8eddb73887b866", "type": "github" }, "original": { From 5464226af78c9c461506ab75d0db3acfa22541fa Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Mon, 17 Mar 2025 11:28:51 +0100 Subject: [PATCH 043/111] bump lock --- flake.lock | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/flake.lock b/flake.lock index 36aaad2..628cb16 100644 --- a/flake.lock +++ b/flake.lock @@ -278,11 +278,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1741730072, - "narHash": "sha256-bHsQBdUz2l+DKXcNrCgul1fdMo8MO2YaJo+Lp84GL00=", - "rev": "85a140accb5592c9b5a73f5ea2156f5b0c853d1c", + "lastModified": 1742165831, + "narHash": "sha256-/ssmsf50UERQNlOcUuyfvigcnCNckAhAPZMo0+Y3mdY=", + "rev": "2a336813ad2a4d64d027830507276da32927d215", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/85a140accb5592c9b5a73f5ea2156f5b0c853d1c.tar.gz?rev=85a140accb5592c9b5a73f5ea2156f5b0c853d1c" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/2a336813ad2a4d64d027830507276da32927d215.tar.gz?rev=2a336813ad2a4d64d027830507276da32927d215" }, "original": { "type": "tarball", @@ -301,11 +301,11 @@ ] }, "locked": { - "lastModified": 1738176840, - "narHash": "sha256-NG3IRvRs3u3btVCN861FqHvgOwqcNT/Oy6PBG86F5/E=", - "rev": "621aae0f3cceaffa6d73a4fb0f89c08d338d729e", + "lastModified": 1741894565, + "narHash": "sha256-2FD0NDJbEjUHloVrtEIms5miJsj1tvQCc/0YK5ambyc=", + "rev": "a6da43f8193d9e329bba1795c42590c27966082e", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/621aae0f3cceaffa6d73a4fb0f89c08d338d729e.tar.gz?rev=621aae0f3cceaffa6d73a4fb0f89c08d338d729e" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/a6da43f8193d9e329bba1795c42590c27966082e.tar.gz?rev=a6da43f8193d9e329bba1795c42590c27966082e" }, "original": { "type": "tarball", @@ -387,11 +387,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1741792691, - "narHash": "sha256-f0BVt1/cvA0DQ/q3rB+HY4g4tKksd03ZkzI4xehC2Ew=", + "lastModified": 1742180333, + "narHash": "sha256-SrvP0G0fxz35lvQxBhAeJOl6+BueIsxJ4azMX+l/kAU=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "e1f12151258b12c567f456d8248e4694e9390613", + "rev": "113cd3916682def185290145924fa30b30bda972", "type": "github" }, "original": { @@ -403,11 +403,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1741600792, - "narHash": "sha256-yfDy6chHcM7pXpMF4wycuuV+ILSTG486Z/vLx/Bdi6Y=", + "lastModified": 1742136038, + "narHash": "sha256-DDe16FJk18sadknQKKG/9FbwEro7A57tg9vB5kxZ8kY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ebe2788eafd539477f83775ef93c3c7e244421d3", + "rev": "a1185f4064c18a5db37c5c84e5638c78b46e3341", "type": "github" }, "original": { @@ -447,11 +447,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1741513245, - "narHash": "sha256-7rTAMNTY1xoBwz0h7ZMtEcd8LELk9R5TzBPoHuhNSCk=", + "lastModified": 1742069588, + "narHash": "sha256-C7jVfohcGzdZRF6DO+ybyG/sqpo1h6bZi9T56sxLy+k=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e3e32b642a31e6714ec1b712de8c91a3352ce7e1", + "rev": "c80f6a7e10b39afcc1894e02ef785b1ad0b0d7e5", "type": "github" }, "original": { @@ -567,11 +567,11 @@ ] }, "locked": { - "lastModified": 1741644481, - "narHash": "sha256-E0RrMykMtEv15V3QhpsFutgoSKhL1JBhidn+iZajOyg=", + "lastModified": 1742206174, + "narHash": "sha256-Fwo/KZl8+OLvm/XcA/6cSvoG2XxHrKNITR08S78pGus=", "owner": "Mic92", "repo": "sops-nix", - "rev": "e653d71e82575a43fe9d228def8eddb73887b866", + "rev": "c00da36830ae93f200b4a10eae0a56b733616774", "type": "github" }, "original": { From 0d5bc74f8840864c28d1670c5a1c4cced81f1f2e Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 25 Feb 2025 22:21:34 +0100 Subject: [PATCH 044/111] some initial work on niri --- flake.lock | 131 ++++++++++++++++++++++++++++++ flake.nix | 21 ++++- hosts/toaster/0xa-home.nix | 21 +++++ hosts/toaster/network/default.nix | 59 ++++++++++---- modules/{sway.nix => niri.nix} | 60 ++++++-------- 5 files changed, 243 insertions(+), 49 deletions(-) create mode 100644 hosts/toaster/0xa-home.nix rename modules/{sway.nix => niri.nix} (71%) diff --git a/flake.lock b/flake.lock index 628cb16..06b446c 100644 --- a/flake.lock +++ b/flake.lock @@ -248,6 +248,27 @@ "type": "github" } }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1739757849, + "narHash": "sha256-Gs076ot1YuAAsYVcyidLKUMIc4ooOaRGO0PqTY7sBzA=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "9d3d080aec2a35e05a15cedd281c2384767c2cfe", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-24.11", + "repo": "home-manager", + "type": "github" + } + }, "lanzaboote": { "inputs": { "crane": "crane", @@ -363,6 +384,65 @@ "type": "github" } }, + "niri": { + "inputs": { + "niri-stable": "niri-stable", + "niri-unstable": "niri-unstable", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable_2", + "xwayland-satellite-stable": "xwayland-satellite-stable", + "xwayland-satellite-unstable": "xwayland-satellite-unstable" + }, + "locked": { + "lastModified": 1742108116, + "narHash": "sha256-NrV9ysEfSbeRUPo0jdCBeesuNLTVrpHGXg40snH1YGE=", + "owner": "sodiboo", + "repo": "niri-flake", + "rev": "824f10012de455a1d0ef795a605f28948ee10467", + "type": "github" + }, + "original": { + "owner": "sodiboo", + "ref": "main", + "repo": "niri-flake", + "type": "github" + } + }, + "niri-stable": { + "flake": false, + "locked": { + "lastModified": 1740117926, + "narHash": "sha256-mTTHA0RAaQcdYe+9A3Jx77cmmyLFHmRoZdd8RpWa+m8=", + "owner": "YaLTeR", + "repo": "niri", + "rev": "b94a5db8790339cf9134873d8b490be69e02ac71", + "type": "github" + }, + "original": { + "owner": "YaLTeR", + "ref": "v25.02", + "repo": "niri", + "type": "github" + } + }, + "niri-unstable": { + "flake": false, + "locked": { + "lastModified": 1742103165, + "narHash": "sha256-zAzMwvozlS2gmqdhrgeMz0PNp3kRDkwxIEfqWT3Hj6g=", + "owner": "YaLTeR", + "repo": "niri", + "rev": "287480b541e85b13ff6419d372f82fa8e42c603c", + "type": "github" + }, + "original": { + "owner": "YaLTeR", + "repo": "niri", + "type": "github" + } + }, "nix-github-actions": { "inputs": { "nixpkgs": [ @@ -445,6 +525,22 @@ "type": "github" } }, + "nixpkgs-stable_2": { + "locked": { + "lastModified": 1741862977, + "narHash": "sha256-prZ0M8vE/ghRGGZcflvxCu40ObKaB+ikn74/xQoNrGQ=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "cdd2ef009676ac92b715ff26630164bb88fec4e0", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs-unstable": { "locked": { "lastModified": 1742069588, @@ -523,10 +619,12 @@ "inputs": { "authentik-nix": "authentik-nix", "flake-utils": "flake-utils_2", + "home-manager": "home-manager", "lanzaboote": "lanzaboote", "lix": "lix", "lix-module": "lix-module", "microvm": "microvm", + "niri": "niri", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs", "nixpkgs-unstable": "nixpkgs-unstable", @@ -717,6 +815,39 @@ "type": "git", "url": "https://git.oxapentane.com/0xa/website.git" } + }, + "xwayland-satellite-stable": { + "flake": false, + "locked": { + "lastModified": 1739246919, + "narHash": "sha256-/hBM43/Gd0/tW+egrhlWgOIISeJxEs2uAOIYVpfDKeU=", + "owner": "Supreeeme", + "repo": "xwayland-satellite", + "rev": "44590a416d4a3e8220e19e29e0b6efe64a80315d", + "type": "github" + }, + "original": { + "owner": "Supreeeme", + "ref": "v0.5.1", + "repo": "xwayland-satellite", + "type": "github" + } + }, + "xwayland-satellite-unstable": { + "flake": false, + "locked": { + "lastModified": 1742083780, + "narHash": "sha256-cVLagXvI4jFbCe76tpvAWA2N2WF94Pl0PpgsGp2P6rM=", + "owner": "Supreeeme", + "repo": "xwayland-satellite", + "rev": "f9ec97b007547ad80147404335ed22e880dbd69d", + "type": "github" + }, + "original": { + "owner": "Supreeeme", + "repo": "xwayland-satellite", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 9a59f52..1dca929 100644 --- a/flake.nix +++ b/flake.nix @@ -47,6 +47,16 @@ inputs.flake-utils.follows = "flake-utils"; }; + home-manager = { + url = "github:nix-community/home-manager/release-24.11"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + niri = { + url = "github:sodiboo/niri-flake/main"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + tmux-yank = { url = "github:tmux-plugins/tmux-yank"; flake = false; @@ -56,9 +66,11 @@ outputs = inputs@{ authentik-nix, + home-manager, lanzaboote, lix-module, microvm, + niri, nixos-hardware, nixpkgs, sops-nix, @@ -105,13 +117,20 @@ lanzaboote.nixosModules.lanzaboote nixos-hardware.nixosModules.lenovo-thinkpad-t14-amd-gen3 lix-module.nixosModules.default + home-manager.nixosModules.home-manager + niri.nixosModules.niri + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users."0xa" = import ./hosts/toaster/0xa-home.nix; + } ./hosts/toaster ./modules/basic-tools ./modules/binary-caches.nix ./modules/devtools.nix - ./modules/gnome.nix + ./modules/niri.nix ./modules/gnupg.nix ./modules/radio.nix ./modules/science.nix diff --git a/hosts/toaster/0xa-home.nix b/hosts/toaster/0xa-home.nix new file mode 100644 index 0000000..b3ff5eb --- /dev/null +++ b/hosts/toaster/0xa-home.nix @@ -0,0 +1,21 @@ +{ pkgs, ... }: +{ + home.stateVersion = "24.11"; + + home.pointerCursor = { + name = "Banana"; + size = 32; + package = pkgs.banana-cursor; + x11.enable = true; + gtk.enable = true; + }; + + gtk = { + enable = true; + cursorTheme = { + name = "Banana"; + size = 32; + package = pkgs.banana-cursor; + }; + }; +} diff --git a/hosts/toaster/network/default.nix b/hosts/toaster/network/default.nix index 6d96c3c..ee0bdbe 100644 --- a/hosts/toaster/network/default.nix +++ b/hosts/toaster/network/default.nix @@ -1,4 +1,4 @@ -{ lib, config, ... }: +{ lib, pkgs, ... }: { imports = [ ./mullvad.nix @@ -6,26 +6,21 @@ ./zw.nix ]; - # Networkmanager shouldn't interfere with systemd managed interfaces - networking.networkmanager.unmanaged = - let - systemd_netdevs = lib.attrsets.attrValues ( - lib.attrsets.mapAttrs (_name: value: value.netdevConfig.Name) config.systemd.network.netdevs - ); - in - systemd_netdevs; + environment.systemPackages = with pkgs; [ + iwgtk + impala + ]; - systemd.network = { - enable = true; - wait-online.enable = false; # uplink is managed by networkmanager - }; - - users.users."0xa".extraGroups = [ "networkmanager" ]; + # kick out networkmanager + networking.networkmanager.enable = lib.mkForce false; + networking.useNetworkd = true; + systemd.network.enable = true; networking = { hostName = "toaster"; firewall.enable = true; wireguard.enable = true; + wireless.iwd.enable = true; }; services.resolved = { @@ -39,4 +34,38 @@ ]; }; + # we might have no interwebs at all + systemd.network.wait-online.enable = false; + + # uplinks + systemd.network.networks = { + "10-ether-uplink" = { + matchConfig.Name = "enp1s0f0"; + networkConfig = { + DHCP = "yes"; + IPv6AcceptRA = true; + }; + }; + "10-dock-uplink" = { + matchConfig.Name = "enp5s0f4u1u1"; + networkConfig = { + DHCP = "yes"; + IPv6AcceptRA = true; + }; + dhcpV4Config = { + RouteMetric = 666; + }; + dhcpV6Config = { + RouteMetric = 666; + }; + }; + "wlan-uplink" = { + matchConfig.Name = "wlan0"; + networkConfig = { + DHCP = "yes"; + IPv6AcceptRA = true; + }; + }; + }; + } diff --git a/modules/sway.nix b/modules/niri.nix similarity index 71% rename from modules/sway.nix rename to modules/niri.nix index 47f5698..79c4ec9 100644 --- a/modules/sway.nix +++ b/modules/niri.nix @@ -4,6 +4,10 @@ let unstablepkgs = inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}; in { + nixpkgs.overlays = [ inputs.niri.overlays.niri ]; + + programs.niri.enable = true; + imports = [ ./desktop-software.nix ./fonts.nix @@ -28,6 +32,25 @@ in spotify-player zathura ncdu + adwaita-icon-theme + bluetui + foot + gammastep + graphicsmagick + grim + unstablepkgs.i3status-rust + impala + kanshi + pamixer + wofi + slurp + swayidle + swaylock + wl-clipboard + wl-mirror + xfce.thunar + banana-cursor + fuzzel ]; # Enable sound. @@ -52,38 +75,9 @@ in programs.light.enable = true; programs.xwayland.enable = true; - programs.sway = { - enable = true; - wrapperFeatures.gtk = true; - extraSessionCommands = '' - export SDL_VIDEODRIVER=wayland - export QT_QPA_PLATFORM=wayland-egl - export QT_WAYLAND_DISABLE_WINDOWDECORATION="1" - export QT_QPA_PLATFORMTHEME="gnome" - export QT_STYLE_OVERRIDE="adwaita-dark" - # export WLR_DRM_NO_ATOMIC=1 - ''; - extraPackages = with pkgs; [ - adwaita-icon-theme - bluetui - foot - gammastep - graphicsmagick - grim - unstablepkgs.i3status-rust - impala - kanshi - swaynotificationcenter - pamixer - rofi-wayland - slurp - swayidle - swaylock - wl-clipboard - wl-mirror - xfce.thunar - ]; - }; + + programs.hyprland.enable = true; + environment.sessionVariables = { GTK_THEME = "Adwaita:dark"; }; @@ -118,7 +112,7 @@ in enable = true; settings = { default_session = { - command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --greeting \"$(${pkgs.fortune}/bin/fortune -s)\" --cmd ${pkgs.sway}/bin/sway"; + command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --greeting \"$(${pkgs.fortune}/bin/fortune -s)\" --cmd ${pkgs.niri-stable}/bin/niri"; }; }; }; From 32e4cd5324f1968ff880e03484f731688688da55 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 18 Mar 2025 18:25:54 +0100 Subject: [PATCH 045/111] finish niri config --- modules/niri.nix | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/modules/niri.nix b/modules/niri.nix index 79c4ec9..1a8b59d 100644 --- a/modules/niri.nix +++ b/modules/niri.nix @@ -17,7 +17,6 @@ in qbittorrent gajim imv - swayimg mpv evince brightnessctl @@ -34,23 +33,23 @@ in ncdu adwaita-icon-theme bluetui - foot gammastep graphicsmagick - grim unstablepkgs.i3status-rust impala kanshi pamixer - wofi - slurp swayidle swaylock wl-clipboard - wl-mirror xfce.thunar banana-cursor fuzzel + alacritty + unstablepkgs.i3bar-river + mako + swww + oculante ]; # Enable sound. @@ -84,7 +83,7 @@ in xdg.portal = { enable = true; wlr.enable = true; - extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; + extraPortals = [ pkgs.xdg-desktop-portal-gnome ]; }; services.udisks2.enable = true; @@ -112,7 +111,7 @@ in enable = true; settings = { default_session = { - command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --greeting \"$(${pkgs.fortune}/bin/fortune -s)\" --cmd ${pkgs.niri-stable}/bin/niri"; + command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --greeting \"$(${pkgs.fortune}/bin/fortune -s)\" --cmd ${pkgs.niri-stable}/bin/niri-session"; }; }; }; From b729d2f7d950207b8566dcd1c134936acdd1137f Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 18 Mar 2025 18:26:00 +0100 Subject: [PATCH 046/111] bump lock --- flake.lock | 70 +++++++++++++++++++++++++++--------------------------- 1 file changed, 35 insertions(+), 35 deletions(-) diff --git a/flake.lock b/flake.lock index 06b446c..68e1cc5 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1740601740, - "narHash": "sha256-YQ8lMeT/KkMDavXrqPvoO6pKQdfSSAZBcNp/Cer4vWc=", + "lastModified": 1742246110, + "narHash": "sha256-bjJDxW3Z3clNIkgwEktWhFSpU9UyftisDfK3XYzdRps=", "owner": "nix-community", "repo": "authentik-nix", - "rev": "bfcad34becd76d148e1ad537b5dcbd58d858a5bb", + "rev": "04f5e14643b8b37304966767074fbe0efcadab9f", "type": "github" }, "original": { @@ -30,16 +30,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1740599692, - "narHash": "sha256-KZalpsM9rvki9GD+urf8idHOEnvBJtkSvE1b2b4KL/4=", + "lastModified": 1742236492, + "narHash": "sha256-Uz7qldS44pxduLcYKf+cCq4WvjoslDR4PwRqivY/4uI=", "owner": "goauthentik", "repo": "authentik", - "rev": "31fe0e59234e487a42012510d1a4e4819b9aba26", + "rev": "3adf79c4939276e108c25c719843b6174e9e22fd", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2025.2.1", + "ref": "version/2025.2.2", "repo": "authentik", "type": "github" } @@ -255,11 +255,11 @@ ] }, "locked": { - "lastModified": 1739757849, - "narHash": "sha256-Gs076ot1YuAAsYVcyidLKUMIc4ooOaRGO0PqTY7sBzA=", + "lastModified": 1742234739, + "narHash": "sha256-zFL6zsf/5OztR1NSNQF33dvS1fL/BzVUjabZq4qrtY4=", "owner": "nix-community", "repo": "home-manager", - "rev": "9d3d080aec2a35e05a15cedd281c2384767c2cfe", + "rev": "f6af7280a3390e65c2ad8fd059cdc303426cbd59", "type": "github" }, "original": { @@ -299,11 +299,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1742165831, - "narHash": "sha256-/ssmsf50UERQNlOcUuyfvigcnCNckAhAPZMo0+Y3mdY=", - "rev": "2a336813ad2a4d64d027830507276da32927d215", + "lastModified": 1742313775, + "narHash": "sha256-qE8XqkuoWuH2np+NNGGNG8qWN2zPa0ldAM0olaySf+s=", + "rev": "6e6ff5827276ed2c4cf549b9fa898eb1e9566e57", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/2a336813ad2a4d64d027830507276da32927d215.tar.gz?rev=2a336813ad2a4d64d027830507276da32927d215" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/6e6ff5827276ed2c4cf549b9fa898eb1e9566e57.tar.gz?rev=6e6ff5827276ed2c4cf549b9fa898eb1e9566e57" }, "original": { "type": "tarball", @@ -396,11 +396,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1742108116, - "narHash": "sha256-NrV9ysEfSbeRUPo0jdCBeesuNLTVrpHGXg40snH1YGE=", + "lastModified": 1742305115, + "narHash": "sha256-EJu/9UNo8ndiZ7AUVTazWQOA4lHUaTkorvgVExo2LLs=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "824f10012de455a1d0ef795a605f28948ee10467", + "rev": "bc4f3a4d3d0fb9be399faf525caffd5b664c5d31", "type": "github" }, "original": { @@ -430,11 +430,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1742103165, - "narHash": "sha256-zAzMwvozlS2gmqdhrgeMz0PNp3kRDkwxIEfqWT3Hj6g=", + "lastModified": 1742276600, + "narHash": "sha256-muceB5DW++WPqrGKpX3Hkii/DNSMmFs2oQrYRYHmPiU=", "owner": "YaLTeR", "repo": "niri", - "rev": "287480b541e85b13ff6419d372f82fa8e42c603c", + "rev": "e251ca7340bc71870c3a81a7ffc3d9bde58e685a", "type": "github" }, "original": { @@ -467,11 +467,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1742180333, - "narHash": "sha256-SrvP0G0fxz35lvQxBhAeJOl6+BueIsxJ4azMX+l/kAU=", + "lastModified": 1742217307, + "narHash": "sha256-3fwpN7KN226ghLlpO9TR0/WpgQOmOj1e8bieUxpIYSk=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "113cd3916682def185290145924fa30b30bda972", + "rev": "4f4d97d7b7be387286cc9c988760a7ebaa5be1f1", "type": "github" }, "original": { @@ -483,11 +483,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1742136038, - "narHash": "sha256-DDe16FJk18sadknQKKG/9FbwEro7A57tg9vB5kxZ8kY=", + "lastModified": 1742268799, + "narHash": "sha256-IhnK4LhkBlf14/F8THvUy3xi/TxSQkp9hikfDZRD4Ic=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a1185f4064c18a5db37c5c84e5638c78b46e3341", + "rev": "da044451c6a70518db5b730fe277b70f494188f1", "type": "github" }, "original": { @@ -527,11 +527,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1741862977, - "narHash": "sha256-prZ0M8vE/ghRGGZcflvxCu40ObKaB+ikn74/xQoNrGQ=", + "lastModified": 1742268799, + "narHash": "sha256-IhnK4LhkBlf14/F8THvUy3xi/TxSQkp9hikfDZRD4Ic=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cdd2ef009676ac92b715ff26630164bb88fec4e0", + "rev": "da044451c6a70518db5b730fe277b70f494188f1", "type": "github" }, "original": { @@ -665,11 +665,11 @@ ] }, "locked": { - "lastModified": 1742206174, - "narHash": "sha256-Fwo/KZl8+OLvm/XcA/6cSvoG2XxHrKNITR08S78pGus=", + "lastModified": 1742239755, + "narHash": "sha256-ptn8dR4Uat3UUadGYNnB7CIH9SQm8mK69D2A/twBUXQ=", "owner": "Mic92", "repo": "sops-nix", - "rev": "c00da36830ae93f200b4a10eae0a56b733616774", + "rev": "787afce414bcce803b605c510b60bf43c11f4b55", "type": "github" }, "original": { @@ -836,11 +836,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1742083780, - "narHash": "sha256-cVLagXvI4jFbCe76tpvAWA2N2WF94Pl0PpgsGp2P6rM=", + "lastModified": 1742249030, + "narHash": "sha256-YZ+axsuNsgIKWfnRkt6Qa9UoKfUOIWf42vNUonXxmxM=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "f9ec97b007547ad80147404335ed22e880dbd69d", + "rev": "cca74a5f6b23742d77dc5db4312dfc40fd4a0fcc", "type": "github" }, "original": { From 0c8d583aca537be01ac0765c0b7e5c09a431b203 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 18 Mar 2025 21:34:07 +0100 Subject: [PATCH 047/111] update toaster to unstable --- flake.lock | 109 ++++++++++------------------------- flake.nix | 15 ++--- modules/basic-tools/nix.nix | 14 ++--- modules/desktop-software.nix | 3 +- modules/devtools.nix | 12 +--- modules/fonts.nix | 7 +-- modules/niri.nix | 7 +-- 7 files changed, 51 insertions(+), 116 deletions(-) diff --git a/flake.lock b/flake.lock index 68e1cc5..25fbc96 100644 --- a/flake.lock +++ b/flake.lock @@ -45,18 +45,12 @@ } }, "crane": { - "inputs": { - "nixpkgs": [ - "lanzaboote", - "nixpkgs" - ] - }, "locked": { - "lastModified": 1717535930, - "narHash": "sha256-1hZ/txnbd/RmiBPNUs7i8UQw2N89uAK3UzrGAWdnFfU=", + "lastModified": 1731098351, + "narHash": "sha256-HQkYvKvaLQqNa10KEFGgWHfMAbWBfFp+4cAgkut+NNE=", "owner": "ipetkov", "repo": "crane", - "rev": "55e7754ec31dac78980c8be45f8a28e80e370946", + "rev": "ef80ead953c1b28316cc3f8613904edc2eb90c28", "type": "github" }, "original": { @@ -123,11 +117,11 @@ ] }, "locked": { - "lastModified": 1717285511, - "narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=", + "lastModified": 1730504689, + "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8", + "rev": "506278e768c2a08bec68eb62932193e341f55c90", "type": "github" }, "original": { @@ -179,24 +173,6 @@ "inputs": { "systems": "systems_3" }, - "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_4": { - "inputs": { - "systems": "systems_4" - }, "locked": { "lastModified": 1731533236, "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", @@ -251,20 +227,19 @@ "home-manager": { "inputs": { "nixpkgs": [ - "nixpkgs" + "nixpkgs-unstable" ] }, "locked": { - "lastModified": 1742234739, - "narHash": "sha256-zFL6zsf/5OztR1NSNQF33dvS1fL/BzVUjabZq4qrtY4=", + "lastModified": 1742326330, + "narHash": "sha256-Tumt3tcMXJniSh7tw2gW+WAnVLeB3WWm+E+yYFnLBXo=", "owner": "nix-community", "repo": "home-manager", - "rev": "f6af7280a3390e65c2ad8fd059cdc303426cbd59", + "rev": "22a36aa709de7dd42b562a433b9cefecf104a6ee", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-24.11", "repo": "home-manager", "type": "github" } @@ -274,24 +249,23 @@ "crane": "crane", "flake-compat": "flake-compat_2", "flake-parts": "flake-parts_2", - "flake-utils": "flake-utils_3", "nixpkgs": [ - "nixpkgs" + "nixpkgs-unstable" ], "pre-commit-hooks-nix": "pre-commit-hooks-nix", "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1718178907, - "narHash": "sha256-eSZyrQ9uoPB9iPQ8Y5H7gAmAgAvCw3InStmU3oEjqsE=", + "lastModified": 1737639419, + "narHash": "sha256-AEEDktApTEZ5PZXNDkry2YV2k6t0dTgLPEmAZbnigXU=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "b627ccd97d0159214cee5c7db1412b75e4be6086", + "rev": "a65905a09e2c43ff63be8c0e86a93712361f871e", "type": "github" }, "original": { "owner": "nix-community", - "ref": "v0.4.1", + "ref": "v0.4.2", "repo": "lanzaboote", "type": "github" } @@ -299,11 +273,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1742313775, - "narHash": "sha256-qE8XqkuoWuH2np+NNGGNG8qWN2zPa0ldAM0olaySf+s=", - "rev": "6e6ff5827276ed2c4cf549b9fa898eb1e9566e57", + "lastModified": 1742328220, + "narHash": "sha256-oRRKctwO4s4auyXPQkf8OM94Kuvh678ZL+HGFKnDKuQ=", + "rev": "3fcf823a86ab9e5bf4ccc9a3cca960c1f9137e6a", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/6e6ff5827276ed2c4cf549b9fa898eb1e9566e57.tar.gz?rev=6e6ff5827276ed2c4cf549b9fa898eb1e9566e57" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/3fcf823a86ab9e5bf4ccc9a3cca960c1f9137e6a.tar.gz?rev=3fcf823a86ab9e5bf4ccc9a3cca960c1f9137e6a" }, "original": { "type": "tarball", @@ -312,13 +286,13 @@ }, "lix-module": { "inputs": { - "flake-utils": "flake-utils_4", + "flake-utils": "flake-utils_3", "flakey-profile": "flakey-profile", "lix": [ "lix" ], "nixpkgs": [ - "nixpkgs" + "nixpkgs-unstable" ] }, "locked": { @@ -389,7 +363,7 @@ "niri-stable": "niri-stable", "niri-unstable": "niri-unstable", "nixpkgs": [ - "nixpkgs" + "nixpkgs-unstable" ], "nixpkgs-stable": "nixpkgs-stable_2", "xwayland-satellite-stable": "xwayland-satellite-stable", @@ -511,16 +485,16 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1710695816, - "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=", + "lastModified": 1730741070, + "narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "614b4613980a522ba49f0d194531beddbb7220d3", + "rev": "d063c1dd113c91ab27959ba540c0d9753409edf3", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-23.11", + "ref": "nixos-24.05", "repo": "nixpkgs", "type": "github" } @@ -602,11 +576,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1717664902, - "narHash": "sha256-7XfBuLULizXjXfBYy/VV+SpYMHreNRHk9nKMsm1bgb4=", + "lastModified": 1731363552, + "narHash": "sha256-vFta1uHnD29VUY4HJOO/D6p6rxyObnf+InnSMT4jlMU=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "cc4d466cb1254af050ff7bdf47f6d404a7c646d1", + "rev": "cd1af27aa85026ac759d5d3fccf650abe7e1bbf0", "type": "github" }, "original": { @@ -635,21 +609,17 @@ }, "rust-overlay": { "inputs": { - "flake-utils": [ - "lanzaboote", - "flake-utils" - ], "nixpkgs": [ "lanzaboote", "nixpkgs" ] }, "locked": { - "lastModified": 1717813066, - "narHash": "sha256-wqbRwq3i7g5EHIui0bIi84mdqZ/It1AXBSLJ5tafD28=", + "lastModified": 1731897198, + "narHash": "sha256-Ou7vLETSKwmE/HRQz4cImXXJBr/k9gp4J4z/PF8LzTE=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "6dc3e45fe4aee36efeed24d64fc68b1f989d5465", + "rev": "0be641045af6d8666c11c2c40e45ffc9667839b5", "type": "github" }, "original": { @@ -739,21 +709,6 @@ "type": "github" } }, - "systems_4": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "tmux-yank": { "flake": false, "locked": { diff --git a/flake.nix b/flake.nix index 1dca929..d355e32 100644 --- a/flake.nix +++ b/flake.nix @@ -21,8 +21,8 @@ }; lanzaboote = { - url = "github:nix-community/lanzaboote/v0.4.1"; - inputs.nixpkgs.follows = "nixpkgs"; + url = "github:nix-community/lanzaboote/v0.4.2"; + inputs.nixpkgs.follows = "nixpkgs-unstable"; }; authentik-nix = { @@ -37,7 +37,7 @@ lix-module = { url = "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz"; - inputs.nixpkgs.follows = "nixpkgs"; + inputs.nixpkgs.follows = "nixpkgs-unstable"; inputs.lix.follows = "lix"; }; @@ -48,13 +48,13 @@ }; home-manager = { - url = "github:nix-community/home-manager/release-24.11"; - inputs.nixpkgs.follows = "nixpkgs"; + url = "github:nix-community/home-manager"; + inputs.nixpkgs.follows = "nixpkgs-unstable"; }; niri = { url = "github:sodiboo/niri-flake/main"; - inputs.nixpkgs.follows = "nixpkgs"; + inputs.nixpkgs.follows = "nixpkgs-unstable"; }; tmux-yank = { @@ -73,6 +73,7 @@ niri, nixos-hardware, nixpkgs, + nixpkgs-unstable, sops-nix, ... }: @@ -109,7 +110,7 @@ in microvms // { - toaster = nixpkgs.lib.nixosSystem { + toaster = nixpkgs-unstable.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit inputs; }; modules = [ diff --git a/modules/basic-tools/nix.nix b/modules/basic-tools/nix.nix index 980ab76..a67c6a8 100644 --- a/modules/basic-tools/nix.nix +++ b/modules/basic-tools/nix.nix @@ -1,7 +1,5 @@ { - lib, pkgs, - inputs, ... }: { @@ -16,14 +14,10 @@ # nix output-monitor environment.systemPackages = [ pkgs.nix-output-monitor ]; - # override default nix shell nixpkgs# behaviour to use current flake lock - nix.registry = - let - flakes = lib.filterAttrs (_name: value: value ? outputs) inputs.self.inputs; - in - builtins.mapAttrs (_name: v: { flake = v; }) flakes; - - nix.nixPath = lib.mapAttrsToList (name: value: "${name}=${value.outPath}") inputs.self.inputs; + nixpkgs.flake = { + setFlakeRegistry = true; + setNixPath = true; + }; nixpkgs.config.allowUnfree = true; } diff --git a/modules/desktop-software.nix b/modules/desktop-software.nix index 54dcab0..56ee450 100644 --- a/modules/desktop-software.nix +++ b/modules/desktop-software.nix @@ -17,8 +17,9 @@ element-desktop discord mpv - dwarf-fortress-packages.dwarf-fortress-full + # dwarf-fortress-packages.dwarf-fortress-full obs-studio + firefox-wayland ]; programs.steam.enable = true; } diff --git a/modules/devtools.nix b/modules/devtools.nix index 8288862..a003e6e 100644 --- a/modules/devtools.nix +++ b/modules/devtools.nix @@ -1,8 +1,5 @@ { pkgs, - inputs, - config, - lib, ... }: { @@ -16,11 +13,6 @@ kikit-library ]; }; - - # binwalk v3 on 24.11 - sys_ver = config.system.nixos.release; - unstablepkgs = inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}; - binwalkv3 = if lib.versionOlder "25.05" sys_ver then binwalk else unstablepkgs.binwalk; in [ # general @@ -29,7 +21,7 @@ gef gdb binutils - binwalkv3 + binwalk clang clang-tools direnv @@ -41,7 +33,7 @@ kikit freecad-wayland imhex - python313Full + python3Full nixfmt-rfc-style treefmt android-tools diff --git a/modules/fonts.nix b/modules/fonts.nix index a3516e9..feaee83 100644 --- a/modules/fonts.nix +++ b/modules/fonts.nix @@ -27,12 +27,7 @@ twitter-color-emoji iosevka-bin cozette - (nerdfonts.override { - fonts = [ - "Hack" - "3270" - ]; - }) + nerd-fonts.hack ]; fonts.enableDefaultPackages = true; diff --git a/modules/niri.nix b/modules/niri.nix index 1a8b59d..0a0afa8 100644 --- a/modules/niri.nix +++ b/modules/niri.nix @@ -1,8 +1,5 @@ # General Desktop-related config { pkgs, inputs, ... }: -let - unstablepkgs = inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}; -in { nixpkgs.overlays = [ inputs.niri.overlays.niri ]; @@ -35,7 +32,7 @@ in bluetui gammastep graphicsmagick - unstablepkgs.i3status-rust + i3status-rust impala kanshi pamixer @@ -46,7 +43,7 @@ in banana-cursor fuzzel alacritty - unstablepkgs.i3bar-river + i3bar-river mako swww oculante From a61336ad852c3795e373ca221426c1bef10bf6f6 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 18 Mar 2025 21:56:41 +0100 Subject: [PATCH 048/111] add xwayland server --- modules/niri.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/niri.nix b/modules/niri.nix index 0a0afa8..95b0079 100644 --- a/modules/niri.nix +++ b/modules/niri.nix @@ -47,6 +47,7 @@ mako swww oculante + xwayland-satellite ]; # Enable sound. From 7772299bdd8b3df2c8690aa74d777d5455f87964 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 19 Mar 2025 13:19:18 +0100 Subject: [PATCH 049/111] cleanup --- modules/desktop-software.nix | 2 +- modules/niri.nix | 2 -- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/modules/desktop-software.nix b/modules/desktop-software.nix index 56ee450..70287ff 100644 --- a/modules/desktop-software.nix +++ b/modules/desktop-software.nix @@ -19,7 +19,7 @@ mpv # dwarf-fortress-packages.dwarf-fortress-full obs-studio - firefox-wayland + firefox ]; programs.steam.enable = true; } diff --git a/modules/niri.nix b/modules/niri.nix index 95b0079..ea0870a 100644 --- a/modules/niri.nix +++ b/modules/niri.nix @@ -73,8 +73,6 @@ programs.xwayland.enable = true; - programs.hyprland.enable = true; - environment.sessionVariables = { GTK_THEME = "Adwaita:dark"; }; From 7555207d7beefd1c360bfa3d1aad9962447222bb Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 19 Mar 2025 13:19:25 +0100 Subject: [PATCH 050/111] bump lock --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 25fbc96..ca5cb12 100644 --- a/flake.lock +++ b/flake.lock @@ -370,11 +370,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1742305115, - "narHash": "sha256-EJu/9UNo8ndiZ7AUVTazWQOA4lHUaTkorvgVExo2LLs=", + "lastModified": 1742355568, + "narHash": "sha256-cHW060+beSciKdCK4SZ9vYPOFy/otAq+t9MiO54zKYY=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "bc4f3a4d3d0fb9be399faf525caffd5b664c5d31", + "rev": "10b56ff2ecc915ec26505526125b4f3a3006d5b3", "type": "github" }, "original": { @@ -441,11 +441,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1742217307, - "narHash": "sha256-3fwpN7KN226ghLlpO9TR0/WpgQOmOj1e8bieUxpIYSk=", + "lastModified": 1742376361, + "narHash": "sha256-VFMgJkp/COvkt5dnkZB4D2szVdmF6DGm5ZdVvTUy61c=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "4f4d97d7b7be387286cc9c988760a7ebaa5be1f1", + "rev": "daaae13dff0ecc692509a1332ff9003d9952d7a9", "type": "github" }, "original": { @@ -517,11 +517,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1742069588, - "narHash": "sha256-C7jVfohcGzdZRF6DO+ybyG/sqpo1h6bZi9T56sxLy+k=", + "lastModified": 1742288794, + "narHash": "sha256-Txwa5uO+qpQXrNG4eumPSD+hHzzYi/CdaM80M9XRLCo=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c80f6a7e10b39afcc1894e02ef785b1ad0b0d7e5", + "rev": "b6eaf97c6960d97350c584de1b6dcff03c9daf42", "type": "github" }, "original": { From 671d7197883c99591f9cec6231af5ddb937acc87 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 19 Mar 2025 14:00:07 +0100 Subject: [PATCH 051/111] fix xwayland --- modules/niri.nix | 100 ++++++++++++++++++++++++++++------------------- 1 file changed, 60 insertions(+), 40 deletions(-) diff --git a/modules/niri.nix b/modules/niri.nix index ea0870a..c3438fc 100644 --- a/modules/niri.nix +++ b/modules/niri.nix @@ -9,46 +9,66 @@ ./desktop-software.nix ./fonts.nix ]; - environment.systemPackages = with pkgs; [ - screen-message - qbittorrent - gajim - imv - mpv - evince - brightnessctl - pulsemixer - cmus - termusic - gsettings-desktop-schemas - xdg-utils - qt5.qtwayland - bashmount - audacity - spotify-player - zathura - ncdu - adwaita-icon-theme - bluetui - gammastep - graphicsmagick - i3status-rust - impala - kanshi - pamixer - swayidle - swaylock - wl-clipboard - xfce.thunar - banana-cursor - fuzzel - alacritty - i3bar-river - mako - swww - oculante - xwayland-satellite - ]; + environment.systemPackages = + let + xwayland-satellite-git = pkgs.xwayland-satellite.overrideAttrs ( + final: prev: { + version = "git"; + cargoHash = "sha256-MaF2FyR3HvQAKkZKa8OO/5jbO64/Ncv7+JqHda4jN50="; + src = pkgs.fetchFromGitHub { + owner = "Supreeeme"; + repo = "xwayland-satellite"; + rev = "cca74a5f6b23742d77dc5db4312dfc40fd4a0fcc"; + sha256 = "sha256-YZ+axsuNsgIKWfnRkt6Qa9UoKfUOIWf42vNUonXxmxM="; + }; + cargoDeps = pkgs.rustPlatform.fetchCargoTarball { + inherit (final) pname src version; + hash = final.cargoHash; + }; + } + ); + in + with pkgs; + [ + screen-message + qbittorrent + gajim + imv + mpv + evince + brightnessctl + pulsemixer + cmus + termusic + gsettings-desktop-schemas + xdg-utils + qt5.qtwayland + bashmount + audacity + spotify-player + zathura + ncdu + adwaita-icon-theme + bluetui + gammastep + graphicsmagick + i3status-rust + impala + kanshi + pamixer + swayidle + swaylock + wl-clipboard + xfce.thunar + banana-cursor + fuzzel + alacritty + i3bar-river + mako + swww + oculante + xwayland-satellite-git + ]; # Enable sound. security.rtkit.enable = true; From 853e0809cc10c4fc6f01f10c0fb935b165e8c78a Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sat, 22 Mar 2025 15:46:55 +0100 Subject: [PATCH 052/111] bump lock --- flake.lock | 62 +++++++++++++++++++++++++++--------------------------- 1 file changed, 31 insertions(+), 31 deletions(-) diff --git a/flake.lock b/flake.lock index ca5cb12..0573d5d 100644 --- a/flake.lock +++ b/flake.lock @@ -231,11 +231,11 @@ ] }, "locked": { - "lastModified": 1742326330, - "narHash": "sha256-Tumt3tcMXJniSh7tw2gW+WAnVLeB3WWm+E+yYFnLBXo=", + "lastModified": 1742588233, + "narHash": "sha256-Fi5g8H5FXMSRqy+mU6gPG0v+C9pzjYbkkiePtz8+PpA=", "owner": "nix-community", "repo": "home-manager", - "rev": "22a36aa709de7dd42b562a433b9cefecf104a6ee", + "rev": "296ddc64627f4a6a4eb447852d7346b9dd16197d", "type": "github" }, "original": { @@ -273,11 +273,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1742328220, - "narHash": "sha256-oRRKctwO4s4auyXPQkf8OM94Kuvh678ZL+HGFKnDKuQ=", - "rev": "3fcf823a86ab9e5bf4ccc9a3cca960c1f9137e6a", + "lastModified": 1742622332, + "narHash": "sha256-z652gNdFc/95Fheq4DzVObERYRo+j9RdCF6tzkR8r80=", + "rev": "6059cbb031e49e05dd5d16208e2e50d3ab2611db", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/3fcf823a86ab9e5bf4ccc9a3cca960c1f9137e6a.tar.gz?rev=3fcf823a86ab9e5bf4ccc9a3cca960c1f9137e6a" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/6059cbb031e49e05dd5d16208e2e50d3ab2611db.tar.gz?rev=6059cbb031e49e05dd5d16208e2e50d3ab2611db" }, "original": { "type": "tarball", @@ -370,11 +370,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1742355568, - "narHash": "sha256-cHW060+beSciKdCK4SZ9vYPOFy/otAq+t9MiO54zKYY=", + "lastModified": 1742643921, + "narHash": "sha256-tt6FIFIfOHcgKxi6fBD4RxIk3JoYF2WNpVE9jLWT7eI=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "10b56ff2ecc915ec26505526125b4f3a3006d5b3", + "rev": "ecd613c125c16295b52bb52f3687c5538b7d95ff", "type": "github" }, "original": { @@ -404,11 +404,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1742276600, - "narHash": "sha256-muceB5DW++WPqrGKpX3Hkii/DNSMmFs2oQrYRYHmPiU=", + "lastModified": 1742641057, + "narHash": "sha256-+OhtlQPNOKmwK6YtAaXPu42jXe3ufi7hny78N8dqDKA=", "owner": "YaLTeR", "repo": "niri", - "rev": "e251ca7340bc71870c3a81a7ffc3d9bde58e685a", + "rev": "ed20822ce947198e4106698d7afffd0a832a7b3c", "type": "github" }, "original": { @@ -441,11 +441,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1742376361, - "narHash": "sha256-VFMgJkp/COvkt5dnkZB4D2szVdmF6DGm5ZdVvTUy61c=", + "lastModified": 1742631601, + "narHash": "sha256-yJ3OOAmsGAxSl0bTmKUp3+cEYtSS+V6hUPK2rYhIPr8=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "daaae13dff0ecc692509a1332ff9003d9952d7a9", + "rev": "380ed15bcd6440606c6856db44a99140d422b46f", "type": "github" }, "original": { @@ -457,11 +457,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1742268799, - "narHash": "sha256-IhnK4LhkBlf14/F8THvUy3xi/TxSQkp9hikfDZRD4Ic=", + "lastModified": 1742512142, + "narHash": "sha256-8XfURTDxOm6+33swQJu/hx6xw1Tznl8vJJN5HwVqckg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "da044451c6a70518db5b730fe277b70f494188f1", + "rev": "7105ae3957700a9646cc4b766f5815b23ed0c682", "type": "github" }, "original": { @@ -501,11 +501,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1742268799, - "narHash": "sha256-IhnK4LhkBlf14/F8THvUy3xi/TxSQkp9hikfDZRD4Ic=", + "lastModified": 1742512142, + "narHash": "sha256-8XfURTDxOm6+33swQJu/hx6xw1Tznl8vJJN5HwVqckg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "da044451c6a70518db5b730fe277b70f494188f1", + "rev": "7105ae3957700a9646cc4b766f5815b23ed0c682", "type": "github" }, "original": { @@ -517,11 +517,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1742288794, - "narHash": "sha256-Txwa5uO+qpQXrNG4eumPSD+hHzzYi/CdaM80M9XRLCo=", + "lastModified": 1742422364, + "narHash": "sha256-mNqIplmEohk5jRkqYqG19GA8MbQ/D4gQSK0Mu4LvfRQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b6eaf97c6960d97350c584de1b6dcff03c9daf42", + "rev": "a84ebe20c6bc2ecbcfb000a50776219f48d134cc", "type": "github" }, "original": { @@ -635,11 +635,11 @@ ] }, "locked": { - "lastModified": 1742239755, - "narHash": "sha256-ptn8dR4Uat3UUadGYNnB7CIH9SQm8mK69D2A/twBUXQ=", + "lastModified": 1742595978, + "narHash": "sha256-05onsoMrLyXE4XleDCeLC3bXnC4nyUbKWInGwM7v6hU=", "owner": "Mic92", "repo": "sops-nix", - "rev": "787afce414bcce803b605c510b60bf43c11f4b55", + "rev": "b7756921b002de60fb66782effad3ce8bdb5b25d", "type": "github" }, "original": { @@ -791,11 +791,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1742249030, - "narHash": "sha256-YZ+axsuNsgIKWfnRkt6Qa9UoKfUOIWf42vNUonXxmxM=", + "lastModified": 1742475924, + "narHash": "sha256-xe3tfHp1aisnUVrCbn1axwpeJzcrSOvQNn1bZt6k5DM=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "cca74a5f6b23742d77dc5db4312dfc40fd4a0fcc", + "rev": "1d98ee089c8bad414a346028a7a0f539ad7cfb9d", "type": "github" }, "original": { From 0598c3f08df38d29d0941135118df8e4da55b9fc Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Thu, 20 Mar 2025 18:20:20 +0100 Subject: [PATCH 053/111] gnome --- flake.lock | 130 ------------------------ flake.nix | 21 +--- hosts/toaster/network/default.nix | 59 +++-------- hosts/toaster/network/full-networkd.nix | 71 +++++++++++++ 4 files changed, 87 insertions(+), 194 deletions(-) create mode 100644 hosts/toaster/network/full-networkd.nix diff --git a/flake.lock b/flake.lock index 0573d5d..7889ed4 100644 --- a/flake.lock +++ b/flake.lock @@ -224,26 +224,6 @@ "type": "github" } }, - "home-manager": { - "inputs": { - "nixpkgs": [ - "nixpkgs-unstable" - ] - }, - "locked": { - "lastModified": 1742588233, - "narHash": "sha256-Fi5g8H5FXMSRqy+mU6gPG0v+C9pzjYbkkiePtz8+PpA=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "296ddc64627f4a6a4eb447852d7346b9dd16197d", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, "lanzaboote": { "inputs": { "crane": "crane", @@ -358,65 +338,6 @@ "type": "github" } }, - "niri": { - "inputs": { - "niri-stable": "niri-stable", - "niri-unstable": "niri-unstable", - "nixpkgs": [ - "nixpkgs-unstable" - ], - "nixpkgs-stable": "nixpkgs-stable_2", - "xwayland-satellite-stable": "xwayland-satellite-stable", - "xwayland-satellite-unstable": "xwayland-satellite-unstable" - }, - "locked": { - "lastModified": 1742643921, - "narHash": "sha256-tt6FIFIfOHcgKxi6fBD4RxIk3JoYF2WNpVE9jLWT7eI=", - "owner": "sodiboo", - "repo": "niri-flake", - "rev": "ecd613c125c16295b52bb52f3687c5538b7d95ff", - "type": "github" - }, - "original": { - "owner": "sodiboo", - "ref": "main", - "repo": "niri-flake", - "type": "github" - } - }, - "niri-stable": { - "flake": false, - "locked": { - "lastModified": 1740117926, - "narHash": "sha256-mTTHA0RAaQcdYe+9A3Jx77cmmyLFHmRoZdd8RpWa+m8=", - "owner": "YaLTeR", - "repo": "niri", - "rev": "b94a5db8790339cf9134873d8b490be69e02ac71", - "type": "github" - }, - "original": { - "owner": "YaLTeR", - "ref": "v25.02", - "repo": "niri", - "type": "github" - } - }, - "niri-unstable": { - "flake": false, - "locked": { - "lastModified": 1742641057, - "narHash": "sha256-+OhtlQPNOKmwK6YtAaXPu42jXe3ufi7hny78N8dqDKA=", - "owner": "YaLTeR", - "repo": "niri", - "rev": "ed20822ce947198e4106698d7afffd0a832a7b3c", - "type": "github" - }, - "original": { - "owner": "YaLTeR", - "repo": "niri", - "type": "github" - } - }, "nix-github-actions": { "inputs": { "nixpkgs": [ @@ -499,22 +420,6 @@ "type": "github" } }, - "nixpkgs-stable_2": { - "locked": { - "lastModified": 1742512142, - "narHash": "sha256-8XfURTDxOm6+33swQJu/hx6xw1Tznl8vJJN5HwVqckg=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "7105ae3957700a9646cc4b766f5815b23ed0c682", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-24.11", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs-unstable": { "locked": { "lastModified": 1742422364, @@ -593,12 +498,10 @@ "inputs": { "authentik-nix": "authentik-nix", "flake-utils": "flake-utils_2", - "home-manager": "home-manager", "lanzaboote": "lanzaboote", "lix": "lix", "lix-module": "lix-module", "microvm": "microvm", - "niri": "niri", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs", "nixpkgs-unstable": "nixpkgs-unstable", @@ -770,39 +673,6 @@ "type": "git", "url": "https://git.oxapentane.com/0xa/website.git" } - }, - "xwayland-satellite-stable": { - "flake": false, - "locked": { - "lastModified": 1739246919, - "narHash": "sha256-/hBM43/Gd0/tW+egrhlWgOIISeJxEs2uAOIYVpfDKeU=", - "owner": "Supreeeme", - "repo": "xwayland-satellite", - "rev": "44590a416d4a3e8220e19e29e0b6efe64a80315d", - "type": "github" - }, - "original": { - "owner": "Supreeeme", - "ref": "v0.5.1", - "repo": "xwayland-satellite", - "type": "github" - } - }, - "xwayland-satellite-unstable": { - "flake": false, - "locked": { - "lastModified": 1742475924, - "narHash": "sha256-xe3tfHp1aisnUVrCbn1axwpeJzcrSOvQNn1bZt6k5DM=", - "owner": "Supreeeme", - "repo": "xwayland-satellite", - "rev": "1d98ee089c8bad414a346028a7a0f539ad7cfb9d", - "type": "github" - }, - "original": { - "owner": "Supreeeme", - "repo": "xwayland-satellite", - "type": "github" - } } }, "root": "root", diff --git a/flake.nix b/flake.nix index d355e32..47d5d29 100644 --- a/flake.nix +++ b/flake.nix @@ -47,16 +47,6 @@ inputs.flake-utils.follows = "flake-utils"; }; - home-manager = { - url = "github:nix-community/home-manager"; - inputs.nixpkgs.follows = "nixpkgs-unstable"; - }; - - niri = { - url = "github:sodiboo/niri-flake/main"; - inputs.nixpkgs.follows = "nixpkgs-unstable"; - }; - tmux-yank = { url = "github:tmux-plugins/tmux-yank"; flake = false; @@ -66,11 +56,9 @@ outputs = inputs@{ authentik-nix, - home-manager, lanzaboote, lix-module, microvm, - niri, nixos-hardware, nixpkgs, nixpkgs-unstable, @@ -118,20 +106,13 @@ lanzaboote.nixosModules.lanzaboote nixos-hardware.nixosModules.lenovo-thinkpad-t14-amd-gen3 lix-module.nixosModules.default - home-manager.nixosModules.home-manager - niri.nixosModules.niri - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users."0xa" = import ./hosts/toaster/0xa-home.nix; - } ./hosts/toaster ./modules/basic-tools ./modules/binary-caches.nix ./modules/devtools.nix - ./modules/niri.nix + ./modules/gnome.nix ./modules/gnupg.nix ./modules/radio.nix ./modules/science.nix diff --git a/hosts/toaster/network/default.nix b/hosts/toaster/network/default.nix index ee0bdbe..6d96c3c 100644 --- a/hosts/toaster/network/default.nix +++ b/hosts/toaster/network/default.nix @@ -1,4 +1,4 @@ -{ lib, pkgs, ... }: +{ lib, config, ... }: { imports = [ ./mullvad.nix @@ -6,21 +6,26 @@ ./zw.nix ]; - environment.systemPackages = with pkgs; [ - iwgtk - impala - ]; + # Networkmanager shouldn't interfere with systemd managed interfaces + networking.networkmanager.unmanaged = + let + systemd_netdevs = lib.attrsets.attrValues ( + lib.attrsets.mapAttrs (_name: value: value.netdevConfig.Name) config.systemd.network.netdevs + ); + in + systemd_netdevs; - # kick out networkmanager - networking.networkmanager.enable = lib.mkForce false; - networking.useNetworkd = true; - systemd.network.enable = true; + systemd.network = { + enable = true; + wait-online.enable = false; # uplink is managed by networkmanager + }; + + users.users."0xa".extraGroups = [ "networkmanager" ]; networking = { hostName = "toaster"; firewall.enable = true; wireguard.enable = true; - wireless.iwd.enable = true; }; services.resolved = { @@ -34,38 +39,4 @@ ]; }; - # we might have no interwebs at all - systemd.network.wait-online.enable = false; - - # uplinks - systemd.network.networks = { - "10-ether-uplink" = { - matchConfig.Name = "enp1s0f0"; - networkConfig = { - DHCP = "yes"; - IPv6AcceptRA = true; - }; - }; - "10-dock-uplink" = { - matchConfig.Name = "enp5s0f4u1u1"; - networkConfig = { - DHCP = "yes"; - IPv6AcceptRA = true; - }; - dhcpV4Config = { - RouteMetric = 666; - }; - dhcpV6Config = { - RouteMetric = 666; - }; - }; - "wlan-uplink" = { - matchConfig.Name = "wlan0"; - networkConfig = { - DHCP = "yes"; - IPv6AcceptRA = true; - }; - }; - }; - } diff --git a/hosts/toaster/network/full-networkd.nix b/hosts/toaster/network/full-networkd.nix new file mode 100644 index 0000000..ee0bdbe --- /dev/null +++ b/hosts/toaster/network/full-networkd.nix @@ -0,0 +1,71 @@ +{ lib, pkgs, ... }: +{ + imports = [ + ./mullvad.nix + ./dumpdvb.nix + ./zw.nix + ]; + + environment.systemPackages = with pkgs; [ + iwgtk + impala + ]; + + # kick out networkmanager + networking.networkmanager.enable = lib.mkForce false; + networking.useNetworkd = true; + systemd.network.enable = true; + + networking = { + hostName = "toaster"; + firewall.enable = true; + wireguard.enable = true; + wireless.iwd.enable = true; + }; + + services.resolved = { + enable = true; + dnssec = "false"; + fallbackDns = [ + "9.9.9.9" + "2620:fe::fe" + "149.112.112.112" + "2620:fe::9" + ]; + }; + + # we might have no interwebs at all + systemd.network.wait-online.enable = false; + + # uplinks + systemd.network.networks = { + "10-ether-uplink" = { + matchConfig.Name = "enp1s0f0"; + networkConfig = { + DHCP = "yes"; + IPv6AcceptRA = true; + }; + }; + "10-dock-uplink" = { + matchConfig.Name = "enp5s0f4u1u1"; + networkConfig = { + DHCP = "yes"; + IPv6AcceptRA = true; + }; + dhcpV4Config = { + RouteMetric = 666; + }; + dhcpV6Config = { + RouteMetric = 666; + }; + }; + "wlan-uplink" = { + matchConfig.Name = "wlan0"; + networkConfig = { + DHCP = "yes"; + IPv6AcceptRA = true; + }; + }; + }; + +} From c6a62034232c64110fb7eacdf304714b7da860f7 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sun, 23 Mar 2025 15:17:53 +0100 Subject: [PATCH 054/111] software changes --- modules/desktop-software.nix | 1 + modules/fonts.nix | 1 + 2 files changed, 2 insertions(+) diff --git a/modules/desktop-software.nix b/modules/desktop-software.nix index 70287ff..cbb902e 100644 --- a/modules/desktop-software.nix +++ b/modules/desktop-software.nix @@ -4,6 +4,7 @@ ./chromium.nix ]; environment.systemPackages = with pkgs; [ + audacity blender dino ffmpeg-full diff --git a/modules/fonts.nix b/modules/fonts.nix index feaee83..32ae853 100644 --- a/modules/fonts.nix +++ b/modules/fonts.nix @@ -1,6 +1,7 @@ { pkgs, ... }: { fonts.packages = with pkgs; [ + adwaita-fonts monoid font-awesome dejavu_fonts From 747ec4beedd70fb6b6418d6e0e6165665fba701a Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sun, 23 Mar 2025 15:18:01 +0100 Subject: [PATCH 055/111] bump lock --- flake.lock | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index 7889ed4..828c41e 100644 --- a/flake.lock +++ b/flake.lock @@ -276,11 +276,11 @@ ] }, "locked": { - "lastModified": 1741894565, - "narHash": "sha256-2FD0NDJbEjUHloVrtEIms5miJsj1tvQCc/0YK5ambyc=", - "rev": "a6da43f8193d9e329bba1795c42590c27966082e", + "lastModified": 1742709496, + "narHash": "sha256-6rWA8QlVe3HTCVHyI/gJ5IULyvHkT9d8fMpYC0Kyeh8=", + "rev": "d8e4fee796342636f345e358f33583c8b2fa496e", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/a6da43f8193d9e329bba1795c42590c27966082e.tar.gz?rev=a6da43f8193d9e329bba1795c42590c27966082e" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/d8e4fee796342636f345e358f33583c8b2fa496e.tar.gz?rev=d8e4fee796342636f345e358f33583c8b2fa496e" }, "original": { "type": "tarball", @@ -538,11 +538,11 @@ ] }, "locked": { - "lastModified": 1742595978, - "narHash": "sha256-05onsoMrLyXE4XleDCeLC3bXnC4nyUbKWInGwM7v6hU=", + "lastModified": 1742700801, + "narHash": "sha256-ZGlpUDsuBdeZeTNgoMv+aw0ByXT2J3wkYw9kJwkAS4M=", "owner": "Mic92", "repo": "sops-nix", - "rev": "b7756921b002de60fb66782effad3ce8bdb5b25d", + "rev": "67566fe68a8bed2a7b1175fdfb0697ed22ae8852", "type": "github" }, "original": { From 8ac8d5de44ace61ceccbe2daf92e572924fc6eef Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Mon, 24 Mar 2025 18:02:16 +0100 Subject: [PATCH 056/111] bump lock --- flake.lock | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/flake.lock b/flake.lock index 828c41e..6f5bb51 100644 --- a/flake.lock +++ b/flake.lock @@ -253,11 +253,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1742622332, - "narHash": "sha256-z652gNdFc/95Fheq4DzVObERYRo+j9RdCF6tzkR8r80=", - "rev": "6059cbb031e49e05dd5d16208e2e50d3ab2611db", + "lastModified": 1742834248, + "narHash": "sha256-Vy2AT/R33tX7GihmKsEWoK05HWO/rRKg+EV2WTKcobM=", + "rev": "4181796ed24e4c9c1c9c0d38986880d8c6407e5d", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/6059cbb031e49e05dd5d16208e2e50d3ab2611db.tar.gz?rev=6059cbb031e49e05dd5d16208e2e50d3ab2611db" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/4181796ed24e4c9c1c9c0d38986880d8c6407e5d.tar.gz?rev=4181796ed24e4c9c1c9c0d38986880d8c6407e5d" }, "original": { "type": "tarball", @@ -362,11 +362,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1742631601, - "narHash": "sha256-yJ3OOAmsGAxSl0bTmKUp3+cEYtSS+V6hUPK2rYhIPr8=", + "lastModified": 1742806253, + "narHash": "sha256-zvQ4GsCJT6MTOzPKLmlFyM+lxo0JGQ0cSFaZSACmWfY=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "380ed15bcd6440606c6856db44a99140d422b46f", + "rev": "ecaa2d911e77c265c2a5bac8b583c40b0f151726", "type": "github" }, "original": { @@ -378,11 +378,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1742512142, - "narHash": "sha256-8XfURTDxOm6+33swQJu/hx6xw1Tznl8vJJN5HwVqckg=", + "lastModified": 1742751704, + "narHash": "sha256-rBfc+H1dDBUQ2mgVITMGBPI1PGuCznf9rcWX/XIULyE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7105ae3957700a9646cc4b766f5815b23ed0c682", + "rev": "f0946fa5f1fb876a9dc2e1850d9d3a4e3f914092", "type": "github" }, "original": { @@ -422,11 +422,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1742422364, - "narHash": "sha256-mNqIplmEohk5jRkqYqG19GA8MbQ/D4gQSK0Mu4LvfRQ=", + "lastModified": 1742669843, + "narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a84ebe20c6bc2ecbcfb000a50776219f48d134cc", + "rev": "1e5b653dff12029333a6546c11e108ede13052eb", "type": "github" }, "original": { From 1e706281657fd4e6ec7a0fcd0d5128e5fda7710d Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sun, 30 Mar 2025 00:10:32 +0100 Subject: [PATCH 057/111] toaster back to zsh --- hosts/toaster/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/toaster/default.nix b/hosts/toaster/default.nix index 17f8f09..b075f6f 100644 --- a/hosts/toaster/default.nix +++ b/hosts/toaster/default.nix @@ -60,7 +60,7 @@ home = "/home/0xa"; isNormalUser = true; uid = 1000; - shell = pkgs.fish; + shell = pkgs.zsh; }; services.emacs.defaultEditor = false; From 28d19492a4f5a49ae26a8d8d281df1064b371a77 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Mon, 31 Mar 2025 09:36:34 +0200 Subject: [PATCH 058/111] bump lock --- flake.lock | 54 +++++++++++++++++++++++++++--------------------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/flake.lock b/flake.lock index 6f5bb51..688e051 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1742246110, - "narHash": "sha256-bjJDxW3Z3clNIkgwEktWhFSpU9UyftisDfK3XYzdRps=", + "lastModified": 1743172544, + "narHash": "sha256-I6//hyls5T6Y93IgwbWn5izeT29o+yza4yRgBcmNars=", "owner": "nix-community", "repo": "authentik-nix", - "rev": "04f5e14643b8b37304966767074fbe0efcadab9f", + "rev": "b4916a86d4e650401e67dc03556eadb4a3cb248a", "type": "github" }, "original": { @@ -30,16 +30,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1742236492, - "narHash": "sha256-Uz7qldS44pxduLcYKf+cCq4WvjoslDR4PwRqivY/4uI=", + "lastModified": 1743169792, + "narHash": "sha256-aaSAlFIc5Gn5PJPVuObi24Y86/3N3yFJVQTx1tV2i2A=", "owner": "goauthentik", "repo": "authentik", - "rev": "3adf79c4939276e108c25c719843b6174e9e22fd", + "rev": "748a8e560f2eb93f7ec15d6762d4e5931fc1fa2a", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2025.2.2", + "ref": "version/2025.2.3", "repo": "authentik", "type": "github" } @@ -253,11 +253,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1742834248, - "narHash": "sha256-Vy2AT/R33tX7GihmKsEWoK05HWO/rRKg+EV2WTKcobM=", - "rev": "4181796ed24e4c9c1c9c0d38986880d8c6407e5d", + "lastModified": 1743274305, + "narHash": "sha256-gsPA3AAGi3pucRpzJbhWWyyOBv2/2OjAjU/SlcSE8Vc=", + "rev": "d169c092fc28838a253be136d17fe7de1292c728", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/4181796ed24e4c9c1c9c0d38986880d8c6407e5d.tar.gz?rev=4181796ed24e4c9c1c9c0d38986880d8c6407e5d" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/d169c092fc28838a253be136d17fe7de1292c728.tar.gz?rev=d169c092fc28838a253be136d17fe7de1292c728" }, "original": { "type": "tarball", @@ -276,11 +276,11 @@ ] }, "locked": { - "lastModified": 1742709496, - "narHash": "sha256-6rWA8QlVe3HTCVHyI/gJ5IULyvHkT9d8fMpYC0Kyeh8=", - "rev": "d8e4fee796342636f345e358f33583c8b2fa496e", + "lastModified": 1742945498, + "narHash": "sha256-MB/b/xcDKqaVBxJIIxwb81r8ZiGLeKEcqokATRRroo8=", + "rev": "fa69ae26cc32dda178117b46487c2165c0e08316", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/d8e4fee796342636f345e358f33583c8b2fa496e.tar.gz?rev=d8e4fee796342636f345e358f33583c8b2fa496e" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/fa69ae26cc32dda178117b46487c2165c0e08316.tar.gz?rev=fa69ae26cc32dda178117b46487c2165c0e08316" }, "original": { "type": "tarball", @@ -362,11 +362,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1742806253, - "narHash": "sha256-zvQ4GsCJT6MTOzPKLmlFyM+lxo0JGQ0cSFaZSACmWfY=", + "lastModified": 1743167577, + "narHash": "sha256-I09SrXIO0UdyBFfh0fxDq5WnCDg8XKmZ1HQbaXzMA1k=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "ecaa2d911e77c265c2a5bac8b583c40b0f151726", + "rev": "0ed819e708af17bfc4bbc63ee080ef308a24aa42", "type": "github" }, "original": { @@ -378,11 +378,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1742751704, - "narHash": "sha256-rBfc+H1dDBUQ2mgVITMGBPI1PGuCznf9rcWX/XIULyE=", + "lastModified": 1743231893, + "narHash": "sha256-tpJsHMUPEhEnzySoQxx7+kA+KUtgWqvlcUBqROYNNt0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f0946fa5f1fb876a9dc2e1850d9d3a4e3f914092", + "rev": "c570c1f5304493cafe133b8d843c7c1c4a10d3a6", "type": "github" }, "original": { @@ -422,11 +422,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1742669843, - "narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=", + "lastModified": 1743315132, + "narHash": "sha256-6hl6L/tRnwubHcA4pfUUtk542wn2Om+D4UnDhlDW9BE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "1e5b653dff12029333a6546c11e108ede13052eb", + "rev": "52faf482a3889b7619003c0daec593a1912fddc1", "type": "github" }, "original": { @@ -538,11 +538,11 @@ ] }, "locked": { - "lastModified": 1742700801, - "narHash": "sha256-ZGlpUDsuBdeZeTNgoMv+aw0ByXT2J3wkYw9kJwkAS4M=", + "lastModified": 1743305778, + "narHash": "sha256-Ux/UohNtnM5mn9SFjaHp6IZe2aAnUCzklMluNtV6zFo=", "owner": "Mic92", "repo": "sops-nix", - "rev": "67566fe68a8bed2a7b1175fdfb0697ed22ae8852", + "rev": "8e873886bbfc32163fe027b8676c75637b7da114", "type": "github" }, "original": { From 10c4152f5436a92020869aa272dcf4d5339aac99 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Mon, 31 Mar 2025 09:51:55 +0200 Subject: [PATCH 059/111] cleanup --- flake.nix | 1 - hosts/toaster/default.nix | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index 47d5d29..53287e4 100644 --- a/flake.nix +++ b/flake.nix @@ -118,7 +118,6 @@ ./modules/science.nix ./modules/tlp.nix ./modules/virtualization.nix - ./hosts/toaster/secure-boot.nix ./modules/mail ./modules/wg ]; diff --git a/hosts/toaster/default.nix b/hosts/toaster/default.nix index b075f6f..17f8f09 100644 --- a/hosts/toaster/default.nix +++ b/hosts/toaster/default.nix @@ -60,7 +60,7 @@ home = "/home/0xa"; isNormalUser = true; uid = 1000; - shell = pkgs.zsh; + shell = pkgs.fish; }; services.emacs.defaultEditor = false; From 1e29764aeef99802536d5b1d7a0d58fa1486b221 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 1 Apr 2025 00:54:23 +0200 Subject: [PATCH 060/111] emacs --- flake.lock | 12 ++++++------ flake.nix | 1 + hosts/toaster/default.nix | 2 -- modules/emacs.nix | 29 +++++++++++++++++++++++++++++ modules/gnome.nix | 2 ++ 5 files changed, 38 insertions(+), 8 deletions(-) create mode 100644 modules/emacs.nix diff --git a/flake.lock b/flake.lock index 688e051..429e69f 100644 --- a/flake.lock +++ b/flake.lock @@ -362,11 +362,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1743167577, - "narHash": "sha256-I09SrXIO0UdyBFfh0fxDq5WnCDg8XKmZ1HQbaXzMA1k=", + "lastModified": 1743420942, + "narHash": "sha256-b/exDDQSLmENZZgbAEI3qi9yHkuXAXCPbormD8CSJXo=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "0ed819e708af17bfc4bbc63ee080ef308a24aa42", + "rev": "de6fc5551121c59c01e2a3d45b277a6d05077bc4", "type": "github" }, "original": { @@ -378,11 +378,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1743231893, - "narHash": "sha256-tpJsHMUPEhEnzySoQxx7+kA+KUtgWqvlcUBqROYNNt0=", + "lastModified": 1743367904, + "narHash": "sha256-sOos1jZGKmT6xxPvxGQyPTApOunXvScV4lNjBCXd/CI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c570c1f5304493cafe133b8d843c7c1c4a10d3a6", + "rev": "7ffe0edc685f14b8c635e3d6591b0bbb97365e6c", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 53287e4..0d1fba0 100644 --- a/flake.nix +++ b/flake.nix @@ -118,6 +118,7 @@ ./modules/science.nix ./modules/tlp.nix ./modules/virtualization.nix + ./modules/emacs.nix ./modules/mail ./modules/wg ]; diff --git a/hosts/toaster/default.nix b/hosts/toaster/default.nix index 17f8f09..1a3216a 100644 --- a/hosts/toaster/default.nix +++ b/hosts/toaster/default.nix @@ -63,8 +63,6 @@ shell = pkgs.fish; }; - services.emacs.defaultEditor = false; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/modules/emacs.nix b/modules/emacs.nix new file mode 100644 index 0000000..705bebd --- /dev/null +++ b/modules/emacs.nix @@ -0,0 +1,29 @@ +{ pkgs, inputs, lib, ... }: + +{ + environment.systemPackages = with pkgs; [ + direnv + ]; + + # nixpkgs.overlays = [ + # inputs.emacs-overlay.overlay + # ]; + + services.emacs = { + install = true; + enable = false; + package = with pkgs; ((emacsPackagesFor (emacs-pgtk.overrideAttrs (old: { + passthru = old.passthru // { + treeSitter = true; + }; + }))).emacsWithPackages (epkgs: with epkgs; [ + # treesitter bits + treesit-grammars.with-all-grammars + + vterm + pdf-tools + ])); + defaultEditor = lib.mkDefault true; + }; + +} diff --git a/modules/gnome.nix b/modules/gnome.nix index 33aeb50..251d8d3 100644 --- a/modules/gnome.nix +++ b/modules/gnome.nix @@ -8,12 +8,14 @@ environment.systemPackages = with pkgs; [ amberol celluloid + ddcutil gnome-console gnome-obfuscate gnome-boxes gnome-tweaks qbittorrent gnomeExtensions.caffeine + gnomeExtensions.brightness-control-using-ddcutil spotify ghostty fractal From eb4c98a5c848fd1759a0b36a7891ff6f229ab40d Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 1 Apr 2025 11:56:56 +0200 Subject: [PATCH 061/111] cleanup and reformat --- modules/emacs.nix | 40 +++++++++++++++++++++++----------------- 1 file changed, 23 insertions(+), 17 deletions(-) diff --git a/modules/emacs.nix b/modules/emacs.nix index 705bebd..240bd20 100644 --- a/modules/emacs.nix +++ b/modules/emacs.nix @@ -1,29 +1,35 @@ -{ pkgs, inputs, lib, ... }: +{ + pkgs, + lib, + ... +}: { environment.systemPackages = with pkgs; [ direnv ]; - # nixpkgs.overlays = [ - # inputs.emacs-overlay.overlay - # ]; - services.emacs = { install = true; enable = false; - package = with pkgs; ((emacsPackagesFor (emacs-pgtk.overrideAttrs (old: { - passthru = old.passthru // { - treeSitter = true; - }; - }))).emacsWithPackages (epkgs: with epkgs; [ - # treesitter bits - treesit-grammars.with-all-grammars - - vterm - pdf-tools - ])); + package = + with pkgs; + ( + (emacsPackagesFor ( + emacs-pgtk.overrideAttrs (old: { + passthru = old.passthru // { + treeSitter = true; + }; + }) + )).emacsWithPackages + ( + epkgs: with epkgs; [ + treesit-grammars.with-all-grammars + vterm + pdf-tools + ] + ) + ); defaultEditor = lib.mkDefault true; }; - } From 8d483bdd1d0ad22766dfdc328a4044d155d3b5b2 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 1 Apr 2025 18:16:36 +0200 Subject: [PATCH 062/111] enable ddcutil brigtness control --- hosts/toaster/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/hosts/toaster/default.nix b/hosts/toaster/default.nix index 1a3216a..7e78114 100644 --- a/hosts/toaster/default.nix +++ b/hosts/toaster/default.nix @@ -46,6 +46,11 @@ supportedLocales = [ "all" ]; }; + # support ddc brigtness control + hardware.i2c.enable = true; + boot.kernelModules = [ "i2c-dev" ]; + environment.systemPackages = [ pkgs.ddcutil ]; + users.users."0xa" = { extraGroups = [ "wheel" @@ -55,6 +60,7 @@ "bluetooth" "libvirtd" "qemu-libvirtd" + "i2c" ]; group = "users"; home = "/home/0xa"; From 9cf9811bc23c10c5b5c23525724c0cd7277f1cbf Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 9 Apr 2025 10:49:11 +0200 Subject: [PATCH 063/111] cleanup --- modules/gnome.nix | 6 ------ 1 file changed, 6 deletions(-) diff --git a/modules/gnome.nix b/modules/gnome.nix index 251d8d3..f70c270 100644 --- a/modules/gnome.nix +++ b/modules/gnome.nix @@ -42,12 +42,6 @@ }; }; - qt = { - enable = true; - platformTheme = "gnome"; - style = "adwaita-dark"; - }; - services.xserver = { enable = true; desktopManager.gnome.enable = true; From 08a9b8e4883f931c97fdc5d01d9c4adf1d55fcaf Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 9 Apr 2025 10:49:19 +0200 Subject: [PATCH 064/111] add mu4e --- modules/emacs.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/emacs.nix b/modules/emacs.nix index 240bd20..8841e44 100644 --- a/modules/emacs.nix +++ b/modules/emacs.nix @@ -7,6 +7,7 @@ { environment.systemPackages = with pkgs; [ direnv + mu ]; services.emacs = { @@ -27,6 +28,7 @@ treesit-grammars.with-all-grammars vterm pdf-tools + mu4e ] ) ); From 5af00566a044d7a7c296fbf1722daf6a16954456 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 9 Apr 2025 10:49:26 +0200 Subject: [PATCH 065/111] bump lock --- flake.lock | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/flake.lock b/flake.lock index 429e69f..391962b 100644 --- a/flake.lock +++ b/flake.lock @@ -253,11 +253,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1743274305, - "narHash": "sha256-gsPA3AAGi3pucRpzJbhWWyyOBv2/2OjAjU/SlcSE8Vc=", - "rev": "d169c092fc28838a253be136d17fe7de1292c728", + "lastModified": 1744100513, + "narHash": "sha256-eDym7mHXW0AVuqhp5BZ7uBk5b5NcM4slnSXFuoAUadc=", + "rev": "fb0ef6ca6bfea368e594e9ae2714858030f66bc6", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/d169c092fc28838a253be136d17fe7de1292c728.tar.gz?rev=d169c092fc28838a253be136d17fe7de1292c728" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/fb0ef6ca6bfea368e594e9ae2714858030f66bc6.tar.gz?rev=fb0ef6ca6bfea368e594e9ae2714858030f66bc6" }, "original": { "type": "tarball", @@ -378,11 +378,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1743367904, - "narHash": "sha256-sOos1jZGKmT6xxPvxGQyPTApOunXvScV4lNjBCXd/CI=", + "lastModified": 1743975612, + "narHash": "sha256-o4FjFOUmjSRMK7dn0TFdAT0RRWUWD+WsspPHa+qEQT8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7ffe0edc685f14b8c635e3d6591b0bbb97365e6c", + "rev": "a880f49904d68b5e53338d1e8c7bf80f59903928", "type": "github" }, "original": { @@ -422,11 +422,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1743315132, - "narHash": "sha256-6hl6L/tRnwubHcA4pfUUtk542wn2Om+D4UnDhlDW9BE=", + "lastModified": 1744098102, + "narHash": "sha256-tzCdyIJj9AjysC3OuKA+tMD/kDEDAF9mICPDU7ix0JA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "52faf482a3889b7619003c0daec593a1912fddc1", + "rev": "c8cd81426f45942bb2906d5ed2fe21d2f19d95b7", "type": "github" }, "original": { @@ -538,11 +538,11 @@ ] }, "locked": { - "lastModified": 1743305778, - "narHash": "sha256-Ux/UohNtnM5mn9SFjaHp6IZe2aAnUCzklMluNtV6zFo=", + "lastModified": 1744103455, + "narHash": "sha256-SR6+qjkPjGQG+8eM4dCcVtss8r9bre/LAxFMPJpaZeU=", "owner": "Mic92", "repo": "sops-nix", - "rev": "8e873886bbfc32163fe027b8676c75637b7da114", + "rev": "69d5a5a4635c27dae5a742f36108beccc506c1ba", "type": "github" }, "original": { From 8842853c433ed10ebcd95bacb53e4bd1f8326707 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sat, 19 Apr 2025 21:12:51 +0200 Subject: [PATCH 066/111] bump lock --- flake.lock | 73 ++++++++++++++++++++++++++++-------------------------- 1 file changed, 38 insertions(+), 35 deletions(-) diff --git a/flake.lock b/flake.lock index 391962b..a6eb837 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1743172544, - "narHash": "sha256-I6//hyls5T6Y93IgwbWn5izeT29o+yza4yRgBcmNars=", + "lastModified": 1744375272, + "narHash": "sha256-xvWbdTctLu5YWgcp+lNTh51GAY3vB2XEXUFKRMJUiCM=", "owner": "nix-community", "repo": "authentik-nix", - "rev": "b4916a86d4e650401e67dc03556eadb4a3cb248a", + "rev": "105b3b6c004ce00d1d3c7a88669bea4aadfd4580", "type": "github" }, "original": { @@ -30,16 +30,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1743169792, - "narHash": "sha256-aaSAlFIc5Gn5PJPVuObi24Y86/3N3yFJVQTx1tV2i2A=", + "lastModified": 1744135136, + "narHash": "sha256-7wvoCRhLipX4qzrb/ctsozG565yckx+moxiF6vRo84I=", "owner": "goauthentik", "repo": "authentik", - "rev": "748a8e560f2eb93f7ec15d6762d4e5931fc1fa2a", + "rev": "74eab55c615b156e4191ee98dc789e2d58c016f9", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2025.2.3", + "ref": "version/2025.2.4", "repo": "authentik", "type": "github" } @@ -96,11 +96,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1738453229, - "narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=", + "lastModified": 1743550720, + "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd", + "rev": "c621e8422220273271f52058f618c94e405bb0f5", "type": "github" }, "original": { @@ -253,11 +253,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1744100513, - "narHash": "sha256-eDym7mHXW0AVuqhp5BZ7uBk5b5NcM4slnSXFuoAUadc=", - "rev": "fb0ef6ca6bfea368e594e9ae2714858030f66bc6", + "lastModified": 1744302352, + "narHash": "sha256-QJQecf/Z1rLZBpVoQaI+EunLX5U7c7uYGER5iw00YrI=", + "rev": "81d476984901d1f00fdcac36a0a8f06cb54048f6", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/fb0ef6ca6bfea368e594e9ae2714858030f66bc6.tar.gz?rev=fb0ef6ca6bfea368e594e9ae2714858030f66bc6" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/81d476984901d1f00fdcac36a0a8f06cb54048f6.tar.gz?rev=81d476984901d1f00fdcac36a0a8f06cb54048f6" }, "original": { "type": "tarball", @@ -362,11 +362,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1743420942, - "narHash": "sha256-b/exDDQSLmENZZgbAEI3qi9yHkuXAXCPbormD8CSJXo=", + "lastModified": 1744633460, + "narHash": "sha256-fbWE4Xpw6eH0Q6in+ymNuDwTkqmFmtxcQEmtRuKDTTk=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "de6fc5551121c59c01e2a3d45b277a6d05077bc4", + "rev": "9a049b4a421076d27fee3eec664a18b2066824cb", "type": "github" }, "original": { @@ -378,11 +378,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1743975612, - "narHash": "sha256-o4FjFOUmjSRMK7dn0TFdAT0RRWUWD+WsspPHa+qEQT8=", + "lastModified": 1744440957, + "narHash": "sha256-FHlSkNqFmPxPJvy+6fNLaNeWnF1lZSgqVCl/eWaJRc4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a880f49904d68b5e53338d1e8c7bf80f59903928", + "rev": "26d499fc9f1d567283d5d56fcf367edd815dba1d", "type": "github" }, "original": { @@ -394,14 +394,17 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1738452942, - "narHash": "sha256-vJzFZGaCpnmo7I6i416HaBLpC+hvcURh/BQwROcGIp8=", - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz" + "lastModified": 1743296961, + "narHash": "sha256-b1EdN3cULCqtorQ4QeWgLMrd5ZGOjLSLemfa00heasc=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "e4822aea2a6d1cdd36653c134cacfd64c97ff4fa", + "type": "github" }, "original": { - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz" + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" } }, "nixpkgs-stable": { @@ -422,11 +425,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1744098102, - "narHash": "sha256-tzCdyIJj9AjysC3OuKA+tMD/kDEDAF9mICPDU7ix0JA=", + "lastModified": 1744932701, + "narHash": "sha256-fusHbZCyv126cyArUwwKrLdCkgVAIaa/fQJYFlCEqiU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c8cd81426f45942bb2906d5ed2fe21d2f19d95b7", + "rev": "b024ced1aac25639f8ca8fdfc2f8c4fbd66c48ef", "type": "github" }, "original": { @@ -454,11 +457,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1739883580, - "narHash": "sha256-3ydikhrNaWy8j0cqHju/94PcD4GZ9T4Ju4rHh34oz3k=", + "lastModified": 1743690424, + "narHash": "sha256-cX98bUuKuihOaRp8dNV1Mq7u6/CQZWTPth2IJPATBXc=", "owner": "nix-community", "repo": "poetry2nix", - "rev": "d90f9db68a4bda31c346be16dfd8d3263be4547e", + "rev": "ce2369db77f45688172384bbeb962bc6c2ea6f94", "type": "github" }, "original": { @@ -538,11 +541,11 @@ ] }, "locked": { - "lastModified": 1744103455, - "narHash": "sha256-SR6+qjkPjGQG+8eM4dCcVtss8r9bre/LAxFMPJpaZeU=", + "lastModified": 1744669848, + "narHash": "sha256-pXyanHLUzLNd3MX9vsWG+6Z2hTU8niyphWstYEP3/GU=", "owner": "Mic92", "repo": "sops-nix", - "rev": "69d5a5a4635c27dae5a742f36108beccc506c1ba", + "rev": "61154300d945f0b147b30d24ddcafa159148026a", "type": "github" }, "original": { From 30a19da945702c166d1da5327b765043d82b91d1 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Fri, 2 May 2025 14:03:56 +0200 Subject: [PATCH 067/111] bump lock --- flake.lock | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/flake.lock b/flake.lock index a6eb837..97eb2bf 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1744375272, - "narHash": "sha256-xvWbdTctLu5YWgcp+lNTh51GAY3vB2XEXUFKRMJUiCM=", + "lastModified": 1745851830, + "narHash": "sha256-DHVRLCKoJYrysppygOZrmg6UngrlTN+M4t8HaOiQQfU=", "owner": "nix-community", "repo": "authentik-nix", - "rev": "105b3b6c004ce00d1d3c7a88669bea4aadfd4580", + "rev": "618330bee6b5e284499b5f85b74cbdfe6f873d6e", "type": "github" }, "original": { @@ -253,11 +253,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1744302352, - "narHash": "sha256-QJQecf/Z1rLZBpVoQaI+EunLX5U7c7uYGER5iw00YrI=", - "rev": "81d476984901d1f00fdcac36a0a8f06cb54048f6", + "lastModified": 1746186329, + "narHash": "sha256-MLz0MjeVCaqvIvf5szUwNwYEiXC/lKWL0I2VS+6V/e0=", + "rev": "4e84fd9a0061a04627ec6962c0ed08c2ad0b8a7f", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/81d476984901d1f00fdcac36a0a8f06cb54048f6.tar.gz?rev=81d476984901d1f00fdcac36a0a8f06cb54048f6" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/4e84fd9a0061a04627ec6962c0ed08c2ad0b8a7f.tar.gz?rev=4e84fd9a0061a04627ec6962c0ed08c2ad0b8a7f" }, "original": { "type": "tarball", @@ -362,11 +362,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1744633460, - "narHash": "sha256-fbWE4Xpw6eH0Q6in+ymNuDwTkqmFmtxcQEmtRuKDTTk=", + "lastModified": 1745955289, + "narHash": "sha256-mmV2oPhQN+YF2wmnJzXX8tqgYmUYXUj3uUUBSTmYN5o=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "9a049b4a421076d27fee3eec664a18b2066824cb", + "rev": "72081c9fbbef63765ae82bff9727ea79cc86bd5b", "type": "github" }, "original": { @@ -378,11 +378,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1744440957, - "narHash": "sha256-FHlSkNqFmPxPJvy+6fNLaNeWnF1lZSgqVCl/eWaJRc4=", + "lastModified": 1746055187, + "narHash": "sha256-3dqArYSMP9hM7Qpy5YWhnSjiqniSaT2uc5h2Po7tmg0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "26d499fc9f1d567283d5d56fcf367edd815dba1d", + "rev": "3e362ce63e16b9572d8c2297c04f7c19ab6725a5", "type": "github" }, "original": { @@ -425,11 +425,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1744932701, - "narHash": "sha256-fusHbZCyv126cyArUwwKrLdCkgVAIaa/fQJYFlCEqiU=", + "lastModified": 1746141548, + "narHash": "sha256-IgBWhX7A2oJmZFIrpRuMnw5RAufVnfvOgHWgIdds+hc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b024ced1aac25639f8ca8fdfc2f8c4fbd66c48ef", + "rev": "f02fddb8acef29a8b32f10a335d44828d7825b78", "type": "github" }, "original": { @@ -541,11 +541,11 @@ ] }, "locked": { - "lastModified": 1744669848, - "narHash": "sha256-pXyanHLUzLNd3MX9vsWG+6Z2hTU8niyphWstYEP3/GU=", + "lastModified": 1745310711, + "narHash": "sha256-ePyTpKEJTgX0gvgNQWd7tQYQ3glIkbqcW778RpHlqgA=", "owner": "Mic92", "repo": "sops-nix", - "rev": "61154300d945f0b147b30d24ddcafa159148026a", + "rev": "5e3e92b16d6fdf9923425a8d4df7496b2434f39c", "type": "github" }, "original": { From e96943305796328748de754dcdbf32d191f464ef Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Fri, 2 May 2025 14:16:29 +0200 Subject: [PATCH 068/111] authentik: use vendored nixpkgs --- flake.lock | 30 ++++++++++++++++++++++-------- flake.nix | 1 - 2 files changed, 22 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 97eb2bf..4f9bb83 100644 --- a/flake.lock +++ b/flake.lock @@ -7,9 +7,7 @@ "flake-parts": "flake-parts", "flake-utils": "flake-utils", "napalm": "napalm", - "nixpkgs": [ - "nixpkgs" - ], + "nixpkgs": "nixpkgs", "poetry2nix": "poetry2nix", "systems": "systems" }, @@ -378,16 +376,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1746055187, - "narHash": "sha256-3dqArYSMP9hM7Qpy5YWhnSjiqniSaT2uc5h2Po7tmg0=", + "lastModified": 1745391562, + "narHash": "sha256-sPwcCYuiEopaafePqlG826tBhctuJsLx/mhKKM5Fmjo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3e362ce63e16b9572d8c2297c04f7c19ab6725a5", + "rev": "8a2f738d9d1f1d986b5a4cd2fd2061a7127237d7", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-24.11", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -439,6 +437,22 @@ "type": "github" } }, + "nixpkgs_2": { + "locked": { + "lastModified": 1746055187, + "narHash": "sha256-3dqArYSMP9hM7Qpy5YWhnSjiqniSaT2uc5h2Po7tmg0=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3e362ce63e16b9572d8c2297c04f7c19ab6725a5", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, "poetry2nix": { "inputs": { "flake-utils": [ @@ -506,7 +520,7 @@ "lix-module": "lix-module", "microvm": "microvm", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs", + "nixpkgs": "nixpkgs_2", "nixpkgs-unstable": "nixpkgs-unstable", "sops-nix": "sops-nix", "tmux-yank": "tmux-yank", diff --git a/flake.nix b/flake.nix index 0d1fba0..031e368 100644 --- a/flake.nix +++ b/flake.nix @@ -27,7 +27,6 @@ authentik-nix = { url = "github:nix-community/authentik-nix"; - inputs.nixpkgs.follows = "nixpkgs"; }; lix = { From 6b954bb4c3365426f1ee73d419b4266367e51242 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Fri, 2 May 2025 14:22:35 +0200 Subject: [PATCH 069/111] sdrangel is broken --- modules/radio.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/radio.nix b/modules/radio.nix index 391e98b..aea167c 100644 --- a/modules/radio.nix +++ b/modules/radio.nix @@ -5,7 +5,7 @@ gnuradio gqrx cubicsdr - sdrangel + # sdrangel # broken package multimon-ng sox From 101a1be65fcf6af201e0f4e4a1f8d1c6f9ebb97a Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 13 May 2025 11:19:02 +0200 Subject: [PATCH 070/111] bump lock --- flake.lock | 190 +++++++++++++++++++++++++++-------------------------- 1 file changed, 96 insertions(+), 94 deletions(-) diff --git a/flake.lock b/flake.lock index 4f9bb83..dbbb05c 100644 --- a/flake.lock +++ b/flake.lock @@ -8,15 +8,17 @@ "flake-utils": "flake-utils", "napalm": "napalm", "nixpkgs": "nixpkgs", - "poetry2nix": "poetry2nix", - "systems": "systems" + "pyproject-build-systems": "pyproject-build-systems", + "pyproject-nix": "pyproject-nix", + "systems": "systems", + "uv2nix": "uv2nix" }, "locked": { - "lastModified": 1745851830, - "narHash": "sha256-DHVRLCKoJYrysppygOZrmg6UngrlTN+M4t8HaOiQQfU=", + "lastModified": 1746874492, + "narHash": "sha256-Gm2Eb5KBxAL6y9WJj7phRMXNAZzVkKlm9Dky9WDZHtQ=", "owner": "nix-community", "repo": "authentik-nix", - "rev": "618330bee6b5e284499b5f85b74cbdfe6f873d6e", + "rev": "2ef24fac993808a1a57f367ef58ac0f5254c3489", "type": "github" }, "original": { @@ -28,16 +30,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1744135136, - "narHash": "sha256-7wvoCRhLipX4qzrb/ctsozG565yckx+moxiF6vRo84I=", + "lastModified": 1745954192, + "narHash": "sha256-QuIgeu3CN6S44/zSiaj+iIkDz2494mb1MWvD3eYYkVE=", "owner": "goauthentik", "repo": "authentik", - "rev": "74eab55c615b156e4191ee98dc789e2d58c016f9", + "rev": "22412729e2379d645da2ac0c0270a0ac6147945e", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2025.2.4", + "ref": "version/2025.4.0", "repo": "authentik", "type": "github" } @@ -251,11 +253,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1746186329, - "narHash": "sha256-MLz0MjeVCaqvIvf5szUwNwYEiXC/lKWL0I2VS+6V/e0=", - "rev": "4e84fd9a0061a04627ec6962c0ed08c2ad0b8a7f", + "lastModified": 1747090068, + "narHash": "sha256-4SfKg7DUMKf+iKuqwMhq+a9hXck5eB5uapIVM50hpts=", + "rev": "901940df00665457005af20281f090de77420fe2", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/4e84fd9a0061a04627ec6962c0ed08c2ad0b8a7f.tar.gz?rev=4e84fd9a0061a04627ec6962c0ed08c2ad0b8a7f" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/901940df00665457005af20281f090de77420fe2.tar.gz?rev=901940df00665457005af20281f090de77420fe2" }, "original": { "type": "tarball", @@ -274,11 +276,11 @@ ] }, "locked": { - "lastModified": 1742945498, - "narHash": "sha256-MB/b/xcDKqaVBxJIIxwb81r8ZiGLeKEcqokATRRroo8=", - "rev": "fa69ae26cc32dda178117b46487c2165c0e08316", + "lastModified": 1746839253, + "narHash": "sha256-pRwi8Wn8Yofj459gq+3oIRy8F3SXeEJ6mzfIAUgM9nA=", + "rev": "58baedd53f9da81fd728a4f3b08c378e5ba9ae58", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/fa69ae26cc32dda178117b46487c2165c0e08316.tar.gz?rev=fa69ae26cc32dda178117b46487c2165c0e08316" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/58baedd53f9da81fd728a4f3b08c378e5ba9ae58.tar.gz?rev=58baedd53f9da81fd728a4f3b08c378e5ba9ae58" }, "original": { "type": "tarball", @@ -336,35 +338,13 @@ "type": "github" } }, - "nix-github-actions": { - "inputs": { - "nixpkgs": [ - "authentik-nix", - "poetry2nix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1729742964, - "narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=", - "owner": "nix-community", - "repo": "nix-github-actions", - "rev": "e04df33f62cdcf93d73e9a04142464753a16db67", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nix-github-actions", - "type": "github" - } - }, "nixos-hardware": { "locked": { - "lastModified": 1745955289, - "narHash": "sha256-mmV2oPhQN+YF2wmnJzXX8tqgYmUYXUj3uUUBSTmYN5o=", + "lastModified": 1747083103, + "narHash": "sha256-dMx20S2molwqJxbmMB4pGjNfgp5H1IOHNa1Eby6xL+0=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "72081c9fbbef63765ae82bff9727ea79cc86bd5b", + "rev": "d1d68fe8b00248caaa5b3bbe4984c12b47e0867d", "type": "github" }, "original": { @@ -376,11 +356,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1745391562, - "narHash": "sha256-sPwcCYuiEopaafePqlG826tBhctuJsLx/mhKKM5Fmjo=", + "lastModified": 1746141548, + "narHash": "sha256-IgBWhX7A2oJmZFIrpRuMnw5RAufVnfvOgHWgIdds+hc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8a2f738d9d1f1d986b5a4cd2fd2061a7127237d7", + "rev": "f02fddb8acef29a8b32f10a335d44828d7825b78", "type": "github" }, "original": { @@ -423,11 +403,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1746141548, - "narHash": "sha256-IgBWhX7A2oJmZFIrpRuMnw5RAufVnfvOgHWgIdds+hc=", + "lastModified": 1746904237, + "narHash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f02fddb8acef29a8b32f10a335d44828d7825b78", + "rev": "d89fc19e405cb2d55ce7cc114356846a0ee5e956", "type": "github" }, "original": { @@ -439,11 +419,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1746055187, - "narHash": "sha256-3dqArYSMP9hM7Qpy5YWhnSjiqniSaT2uc5h2Po7tmg0=", + "lastModified": 1746957726, + "narHash": "sha256-k9ut1LSfHCr0AW82ttEQzXVCqmyWVA5+SHJkS5ID/Jo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3e362ce63e16b9572d8c2297c04f7c19ab6725a5", + "rev": "a39ed32a651fdee6842ec930761e31d1f242cb94", "type": "github" }, "original": { @@ -453,37 +433,6 @@ "type": "github" } }, - "poetry2nix": { - "inputs": { - "flake-utils": [ - "authentik-nix", - "flake-utils" - ], - "nix-github-actions": "nix-github-actions", - "nixpkgs": [ - "authentik-nix", - "nixpkgs" - ], - "systems": [ - "authentik-nix", - "systems" - ], - "treefmt-nix": "treefmt-nix" - }, - "locked": { - "lastModified": 1743690424, - "narHash": "sha256-cX98bUuKuihOaRp8dNV1Mq7u6/CQZWTPth2IJPATBXc=", - "owner": "nix-community", - "repo": "poetry2nix", - "rev": "ce2369db77f45688172384bbeb962bc6c2ea6f94", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "poetry2nix", - "type": "github" - } - }, "pre-commit-hooks-nix": { "inputs": { "flake-compat": [ @@ -511,6 +460,56 @@ "type": "github" } }, + "pyproject-build-systems": { + "inputs": { + "nixpkgs": [ + "authentik-nix", + "nixpkgs" + ], + "pyproject-nix": [ + "authentik-nix", + "pyproject-nix" + ], + "uv2nix": [ + "authentik-nix", + "uv2nix" + ] + }, + "locked": { + "lastModified": 1744599653, + "narHash": "sha256-nysSwVVjG4hKoOjhjvE6U5lIKA8sEr1d1QzEfZsannU=", + "owner": "pyproject-nix", + "repo": "build-system-pkgs", + "rev": "7dba6dbc73120e15b558754c26024f6c93015dd7", + "type": "github" + }, + "original": { + "owner": "pyproject-nix", + "repo": "build-system-pkgs", + "type": "github" + } + }, + "pyproject-nix": { + "inputs": { + "nixpkgs": [ + "authentik-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1746146146, + "narHash": "sha256-60+mzI2lbgn+G8F5mz+cmkDvHFn4s5oqcOna1SzYy74=", + "owner": "pyproject-nix", + "repo": "pyproject.nix", + "rev": "3e9623bdd86a3c545e82b7f97cfdba5f07232d9a", + "type": "github" + }, + "original": { + "owner": "pyproject-nix", + "repo": "pyproject.nix", + "type": "github" + } + }, "root": { "inputs": { "authentik-nix": "authentik-nix", @@ -555,11 +554,11 @@ ] }, "locked": { - "lastModified": 1745310711, - "narHash": "sha256-ePyTpKEJTgX0gvgNQWd7tQYQ3glIkbqcW778RpHlqgA=", + "lastModified": 1746485181, + "narHash": "sha256-PxrrSFLaC7YuItShxmYbMgSuFFuwxBB+qsl9BZUnRvg=", "owner": "Mic92", "repo": "sops-nix", - "rev": "5e3e92b16d6fdf9923425a8d4df7496b2434f39c", + "rev": "e93ee1d900ad264d65e9701a5c6f895683433386", "type": "github" }, "original": { @@ -645,25 +644,28 @@ "type": "github" } }, - "treefmt-nix": { + "uv2nix": { "inputs": { "nixpkgs": [ "authentik-nix", - "poetry2nix", "nixpkgs" + ], + "pyproject-nix": [ + "authentik-nix", + "pyproject-nix" ] }, "locked": { - "lastModified": 1730120726, - "narHash": "sha256-LqHYIxMrl/1p3/kvm2ir925tZ8DkI0KA10djk8wecSk=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "9ef337e492a5555d8e17a51c911ff1f02635be15", + "lastModified": 1746048139, + "narHash": "sha256-LdCLyiihLg6P2/mjzP0+W7RtraDSIaJJPTy6SCtW5Ag=", + "owner": "pyproject-nix", + "repo": "uv2nix", + "rev": "680e2f8e637bc79b84268949d2f2b2f5e5f1d81c", "type": "github" }, "original": { - "owner": "numtide", - "repo": "treefmt-nix", + "owner": "pyproject-nix", + "repo": "uv2nix", "type": "github" } }, From 0dace854c13d3a2460643c22970a5cded78a30c9 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 13 May 2025 16:46:02 +0200 Subject: [PATCH 071/111] update microvm --- flake.lock | 15 +++++++-------- flake.nix | 2 +- 2 files changed, 8 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index dbbb05c..68a11c3 100644 --- a/flake.lock +++ b/flake.lock @@ -298,16 +298,15 @@ "spectrum": "spectrum" }, "locked": { - "lastModified": 1712366957, - "narHash": "sha256-7W3D1Gk6mGlwtV07n6YB/7s3tThcBYknlvDPcoJJSe4=", + "lastModified": 1747016581, + "narHash": "sha256-iQrEuBs23Cd+bSfcY85GLykHP0vmGrkVfMwUlzvqMQQ=", "owner": "astro", "repo": "microvm.nix", - "rev": "1e746a8987eb893adc8dd317b84e73d72803b650", + "rev": "5aff25e6e861e7d96ce10452ca976c16d073cf16", "type": "github" }, "original": { "owner": "astro", - "ref": "v0.5.0", "repo": "microvm.nix", "type": "github" } @@ -570,11 +569,11 @@ "spectrum": { "flake": false, "locked": { - "lastModified": 1708358594, - "narHash": "sha256-e71YOotu2FYA67HoC/voJDTFsiPpZNRwmiQb4f94OxQ=", + "lastModified": 1746869549, + "narHash": "sha256-BKZ/yZO/qeLKh9YqVkKB6wJiDQJAZNN5rk5NsMImsWs=", "ref": "refs/heads/main", - "rev": "6d0e73864d28794cdbd26ab7b37259ab0e1e044c", - "revCount": 614, + "rev": "d927e78530892ec8ed389e8fae5f38abee00ad87", + "revCount": 862, "type": "git", "url": "https://spectrum-os.org/git/spectrum" }, diff --git a/flake.nix b/flake.nix index 031e368..072d6ab 100644 --- a/flake.nix +++ b/flake.nix @@ -13,7 +13,7 @@ nixos-hardware.url = "github:NixOS/nixos-hardware/master"; microvm = { - url = "github:astro/microvm.nix/v0.5.0"; + url = "github:astro/microvm.nix"; inputs = { nixpkgs.follows = "nixpkgs"; flake-utils.follows = "flake-utils"; From 37009c4a7ca2b78ffe081dc8683805891d583ef7 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 13 May 2025 17:01:53 +0200 Subject: [PATCH 072/111] update authentik and immich to unstable --- flake.nix | 20 ++++++++++++-------- hosts/immich/immich.nix | 6 ------ 2 files changed, 12 insertions(+), 14 deletions(-) diff --git a/flake.nix b/flake.nix index 072d6ab..8672d2d 100644 --- a/flake.nix +++ b/flake.nix @@ -68,19 +68,21 @@ { nixosConfigurations = let - microvm-list = [ - "auth" + microvm-stable-list = [ "conduwuit" "forgejo" - "immich" "miniflux" "radicale" ]; + microvm-unstable-list = [ + "auth" + "immich" + ]; - microvms = builtins.listToAttrs ( + microvm-builder = (nixpkgs-ver: vm-list: builtins.listToAttrs ( map (vm: { name = vm; - value = nixpkgs.lib.nixosSystem { + value = nixpkgs-ver.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit inputs; }; modules = [ @@ -92,8 +94,10 @@ ./modules/wg ]; }; - }) microvm-list - ); + }) vm-list + )); + microvms = (microvm-builder nixpkgs microvm-stable-list) + // (microvm-builder nixpkgs-unstable microvm-unstable-list); in microvms // { @@ -152,7 +156,7 @@ ./modules/wg { - config.microvm.autostart = microvm-list; + config.microvm.autostart = microvm-stable-list ++ microvm-unstable-list; } ]; }; diff --git a/hosts/immich/immich.nix b/hosts/immich/immich.nix index 40243ae..11a69b6 100644 --- a/hosts/immich/immich.nix +++ b/hosts/immich/immich.nix @@ -1,12 +1,7 @@ { config, - inputs, - pkgs, ... }: -let - immich-latest = inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}.immich; -in { sops.secrets."immich.yaml" = { sopsFile = ./immich.yaml; @@ -16,7 +11,6 @@ in services.immich = { enable = true; - package = immich-latest; host = "10.89.88.13"; redis.enable = true; database.createDB = true; From da105dc615310e457c7d80207e57931ad2ee95f9 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 13 May 2025 17:07:19 +0200 Subject: [PATCH 073/111] update ballooning option --- hosts/forgejo/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/forgejo/default.nix b/hosts/forgejo/default.nix index 5e02678..f6de473 100644 --- a/hosts/forgejo/default.nix +++ b/hosts/forgejo/default.nix @@ -18,7 +18,7 @@ in microvm = { hypervisor = "qemu"; mem = 3 * 1024; - balloonMem = 4 * 1024; + balloon = true; vcpu = 4; interfaces = [ { From 799f4563b0663eaa6522bb07da0ea5b8f826812e Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Fri, 16 May 2025 12:16:38 +0200 Subject: [PATCH 074/111] bump lock --- flake.lock | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/flake.lock b/flake.lock index 68a11c3..447dfa1 100644 --- a/flake.lock +++ b/flake.lock @@ -253,11 +253,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1747090068, - "narHash": "sha256-4SfKg7DUMKf+iKuqwMhq+a9hXck5eB5uapIVM50hpts=", - "rev": "901940df00665457005af20281f090de77420fe2", + "lastModified": 1747347117, + "narHash": "sha256-wsPOuwczt+kJ4vuf3mm6uMv4wnfWP/RNV5Cp/P5nqQw=", + "rev": "3f355b8fd1ffbe670d756bcf976a38cbe80bb77b", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/901940df00665457005af20281f090de77420fe2.tar.gz?rev=901940df00665457005af20281f090de77420fe2" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/3f355b8fd1ffbe670d756bcf976a38cbe80bb77b.tar.gz?rev=3f355b8fd1ffbe670d756bcf976a38cbe80bb77b" }, "original": { "type": "tarball", @@ -339,11 +339,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1747083103, - "narHash": "sha256-dMx20S2molwqJxbmMB4pGjNfgp5H1IOHNa1Eby6xL+0=", + "lastModified": 1747129300, + "narHash": "sha256-L3clA5YGeYCF47ghsI7Tcex+DnaaN/BbQ4dR2wzoiKg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "d1d68fe8b00248caaa5b3bbe4984c12b47e0867d", + "rev": "e81fd167b33121269149c57806599045fd33eeed", "type": "github" }, "original": { @@ -402,11 +402,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1746904237, - "narHash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=", + "lastModified": 1747179050, + "narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d89fc19e405cb2d55ce7cc114356846a0ee5e956", + "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e", "type": "github" }, "original": { @@ -418,11 +418,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1746957726, - "narHash": "sha256-k9ut1LSfHCr0AW82ttEQzXVCqmyWVA5+SHJkS5ID/Jo=", + "lastModified": 1747209494, + "narHash": "sha256-fLise+ys+bpyjuUUkbwqo5W/UyIELvRz9lPBPoB0fbM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a39ed32a651fdee6842ec930761e31d1f242cb94", + "rev": "5d736263df906c5da72ab0f372427814de2f52f8", "type": "github" }, "original": { From 9588accd9731af829a137ba331c0e78e4fafa56d Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 20 May 2025 15:48:05 +0200 Subject: [PATCH 075/111] change server --- hosts/toaster/network/mullvad.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hosts/toaster/network/mullvad.nix b/hosts/toaster/network/mullvad.nix index 7c20818..112026d 100644 --- a/hosts/toaster/network/mullvad.nix +++ b/hosts/toaster/network/mullvad.nix @@ -2,8 +2,8 @@ { systemd.network = let - pubkey = "BChJDLOwZu9Q1oH0UcrxcHP6xxHhyRbjrBUsE0e07Vk="; - endpoint = "169.150.196.15"; + pubkey = "uUYbYGKoA6UBh1hfkAz5tAWFv4SmteYC9kWh7/K6Ah0="; + endpoint = "92.60.40.209"; port = "51820"; addr = [ "10.74.16.48/32" From 63244c041082b3cdaa1b8bbd84075623fd3c07c0 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 20 May 2025 15:47:46 +0200 Subject: [PATCH 076/111] bump lock --- flake.lock | 84 +++++++++++++++++++++++++++--------------------------- 1 file changed, 42 insertions(+), 42 deletions(-) diff --git a/flake.lock b/flake.lock index 447dfa1..ff735c0 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ "uv2nix": "uv2nix" }, "locked": { - "lastModified": 1746874492, - "narHash": "sha256-Gm2Eb5KBxAL6y9WJj7phRMXNAZzVkKlm9Dky9WDZHtQ=", + "lastModified": 1747386678, + "narHash": "sha256-+4pIDo56iXWUklX1U+biw/cfC8TiSXTMh2N6V/+JMUg=", "owner": "nix-community", "repo": "authentik-nix", - "rev": "2ef24fac993808a1a57f367ef58ac0f5254c3489", + "rev": "f20474660332903be6b47f3c1fdfc531f6f75f1d", "type": "github" }, "original": { @@ -30,16 +30,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1745954192, - "narHash": "sha256-QuIgeu3CN6S44/zSiaj+iIkDz2494mb1MWvD3eYYkVE=", + "lastModified": 1747329052, + "narHash": "sha256-idShMSYIrf3ViG9VFNGNu6TSjBz3Q+GJMMeCzcJwfG4=", "owner": "goauthentik", "repo": "authentik", - "rev": "22412729e2379d645da2ac0c0270a0ac6147945e", + "rev": "ae47624761f05040149d856d5e55a90cd7492740", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2025.4.0", + "ref": "version/2025.4.1", "repo": "authentik", "type": "github" } @@ -62,11 +62,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1733328505, - "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", "owner": "edolstra", "repo": "flake-compat", - "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", "type": "github" }, "original": { @@ -253,11 +253,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1747347117, - "narHash": "sha256-wsPOuwczt+kJ4vuf3mm6uMv4wnfWP/RNV5Cp/P5nqQw=", - "rev": "3f355b8fd1ffbe670d756bcf976a38cbe80bb77b", + "lastModified": 1747664470, + "narHash": "sha256-YIqMFKj55NdN5lKgQfKUfBQiwH2qDVAW+Qn1c7wRDak=", + "rev": "0fbbb1e49b7d34010b4609a17062185a108ebdc1", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/3f355b8fd1ffbe670d756bcf976a38cbe80bb77b.tar.gz?rev=3f355b8fd1ffbe670d756bcf976a38cbe80bb77b" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/0fbbb1e49b7d34010b4609a17062185a108ebdc1.tar.gz?rev=0fbbb1e49b7d34010b4609a17062185a108ebdc1" }, "original": { "type": "tarball", @@ -276,11 +276,11 @@ ] }, "locked": { - "lastModified": 1746839253, - "narHash": "sha256-pRwi8Wn8Yofj459gq+3oIRy8F3SXeEJ6mzfIAUgM9nA=", - "rev": "58baedd53f9da81fd728a4f3b08c378e5ba9ae58", + "lastModified": 1747667424, + "narHash": "sha256-7EICjbmG6lApWKhFtwvZovdcdORY1CEe6/K7JwtpYfs=", + "rev": "3c23c6ae2aecc1f76ae7993efe1a78b5316f0700", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/58baedd53f9da81fd728a4f3b08c378e5ba9ae58.tar.gz?rev=58baedd53f9da81fd728a4f3b08c378e5ba9ae58" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/3c23c6ae2aecc1f76ae7993efe1a78b5316f0700.tar.gz?rev=3c23c6ae2aecc1f76ae7993efe1a78b5316f0700" }, "original": { "type": "tarball", @@ -298,11 +298,11 @@ "spectrum": "spectrum" }, "locked": { - "lastModified": 1747016581, - "narHash": "sha256-iQrEuBs23Cd+bSfcY85GLykHP0vmGrkVfMwUlzvqMQQ=", + "lastModified": 1747417232, + "narHash": "sha256-7Ii0POxd3S/q9iOoZdYJORINP6yQYu/GO0d7emNvr+I=", "owner": "astro", "repo": "microvm.nix", - "rev": "5aff25e6e861e7d96ce10452ca976c16d073cf16", + "rev": "5beafebf8bcee75aebf23ca6ec46d13d471b0146", "type": "github" }, "original": { @@ -339,11 +339,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1747129300, - "narHash": "sha256-L3clA5YGeYCF47ghsI7Tcex+DnaaN/BbQ4dR2wzoiKg=", + "lastModified": 1747723695, + "narHash": "sha256-lSXzv33yv1O9r9Ai1MtYFDX3OKhWsZMn/5FFb4Rni/k=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "e81fd167b33121269149c57806599045fd33eeed", + "rev": "6ac6ec6fcb410e15a60ef5ec94b8a2b35b5dd282", "type": "github" }, "original": { @@ -355,11 +355,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1746141548, - "narHash": "sha256-IgBWhX7A2oJmZFIrpRuMnw5RAufVnfvOgHWgIdds+hc=", + "lastModified": 1747179050, + "narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f02fddb8acef29a8b32f10a335d44828d7825b78", + "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e", "type": "github" }, "original": { @@ -402,11 +402,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1747179050, - "narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=", + "lastModified": 1747542820, + "narHash": "sha256-GaOZntlJ6gPPbbkTLjbd8BMWaDYafhuuYRNrxCGnPJw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e", + "rev": "292fa7d4f6519c074f0a50394dbbe69859bb6043", "type": "github" }, "original": { @@ -418,11 +418,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1747209494, - "narHash": "sha256-fLise+ys+bpyjuUUkbwqo5W/UyIELvRz9lPBPoB0fbM=", + "lastModified": 1747485343, + "narHash": "sha256-YbsZyuRE1tobO9sv0PUwg81QryYo3L1F3R3rF9bcG38=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5d736263df906c5da72ab0f372427814de2f52f8", + "rev": "9b5ac7ad45298d58640540d0323ca217f32a6762", "type": "github" }, "original": { @@ -496,11 +496,11 @@ ] }, "locked": { - "lastModified": 1746146146, - "narHash": "sha256-60+mzI2lbgn+G8F5mz+cmkDvHFn4s5oqcOna1SzYy74=", + "lastModified": 1746540146, + "narHash": "sha256-QxdHGNpbicIrw5t6U3x+ZxeY/7IEJ6lYbvsjXmcxFIM=", "owner": "pyproject-nix", "repo": "pyproject.nix", - "rev": "3e9623bdd86a3c545e82b7f97cfdba5f07232d9a", + "rev": "e09c10c24ebb955125fda449939bfba664c467fd", "type": "github" }, "original": { @@ -553,11 +553,11 @@ ] }, "locked": { - "lastModified": 1746485181, - "narHash": "sha256-PxrrSFLaC7YuItShxmYbMgSuFFuwxBB+qsl9BZUnRvg=", + "lastModified": 1747603214, + "narHash": "sha256-lAblXm0VwifYCJ/ILPXJwlz0qNY07DDYdLD+9H+Wc8o=", "owner": "Mic92", "repo": "sops-nix", - "rev": "e93ee1d900ad264d65e9701a5c6f895683433386", + "rev": "8d215e1c981be3aa37e47aeabd4e61bb069548fd", "type": "github" }, "original": { @@ -655,11 +655,11 @@ ] }, "locked": { - "lastModified": 1746048139, - "narHash": "sha256-LdCLyiihLg6P2/mjzP0+W7RtraDSIaJJPTy6SCtW5Ag=", + "lastModified": 1746649034, + "narHash": "sha256-gmv+ZiY3pQnwgI0Gm3Z1tNSux1CnOJ0De+xeDOol1+0=", "owner": "pyproject-nix", "repo": "uv2nix", - "rev": "680e2f8e637bc79b84268949d2f2b2f5e5f1d81c", + "rev": "fe540e91c26f378c62bf6da365a97e848434d0cd", "type": "github" }, "original": { From 231a30880907cddb56eaae6dedcdad068cd6855a Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Mon, 26 May 2025 16:05:08 +0200 Subject: [PATCH 077/111] 25.05 update: flake check passed --- flake.lock | 34 +++++++++++++++++----------------- flake.nix | 2 +- hosts/conduwuit/conduwuit.nix | 2 +- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/flake.lock b/flake.lock index ff735c0..5cc45ab 100644 --- a/flake.lock +++ b/flake.lock @@ -253,11 +253,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1747664470, - "narHash": "sha256-YIqMFKj55NdN5lKgQfKUfBQiwH2qDVAW+Qn1c7wRDak=", - "rev": "0fbbb1e49b7d34010b4609a17062185a108ebdc1", + "lastModified": 1748182888, + "narHash": "sha256-tm3yi3KL+KjMnLZFXKR1ioI/Rk8DIa2n1NNE6I99BpU=", + "rev": "dbff52bfbc48ead789888bf24422d0ef6f7ba9a8", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/0fbbb1e49b7d34010b4609a17062185a108ebdc1.tar.gz?rev=0fbbb1e49b7d34010b4609a17062185a108ebdc1" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/dbff52bfbc48ead789888bf24422d0ef6f7ba9a8.tar.gz?rev=dbff52bfbc48ead789888bf24422d0ef6f7ba9a8" }, "original": { "type": "tarball", @@ -298,11 +298,11 @@ "spectrum": "spectrum" }, "locked": { - "lastModified": 1747417232, - "narHash": "sha256-7Ii0POxd3S/q9iOoZdYJORINP6yQYu/GO0d7emNvr+I=", + "lastModified": 1748260747, + "narHash": "sha256-V3ONd70wm55JxcUa1rE0JU3zD+Cz7KK/iSVhRD7lq68=", "owner": "astro", "repo": "microvm.nix", - "rev": "5beafebf8bcee75aebf23ca6ec46d13d471b0146", + "rev": "b6c5dfc2a1c7614c94fd2c5d2e8578fd52396f3b", "type": "github" }, "original": { @@ -339,11 +339,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1747723695, - "narHash": "sha256-lSXzv33yv1O9r9Ai1MtYFDX3OKhWsZMn/5FFb4Rni/k=", + "lastModified": 1747900541, + "narHash": "sha256-dn64Pg9xLETjblwZs9Euu/SsjW80pd6lr5qSiyLY1pg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "6ac6ec6fcb410e15a60ef5ec94b8a2b35b5dd282", + "rev": "11f2d9ea49c3e964315215d6baa73a8d42672f06", "type": "github" }, "original": { @@ -402,11 +402,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1747542820, - "narHash": "sha256-GaOZntlJ6gPPbbkTLjbd8BMWaDYafhuuYRNrxCGnPJw=", + "lastModified": 1748026106, + "narHash": "sha256-6m1Y3/4pVw1RWTsrkAK2VMYSzG4MMIj7sqUy7o8th1o=", "owner": "nixos", "repo": "nixpkgs", - "rev": "292fa7d4f6519c074f0a50394dbbe69859bb6043", + "rev": "063f43f2dbdef86376cc29ad646c45c46e93234c", "type": "github" }, "original": { @@ -418,16 +418,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1747485343, - "narHash": "sha256-YbsZyuRE1tobO9sv0PUwg81QryYo3L1F3R3rF9bcG38=", + "lastModified": 1748162331, + "narHash": "sha256-rqc2RKYTxP3tbjA+PB3VMRQNnjesrT0pEofXQTrMsS8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9b5ac7ad45298d58640540d0323ca217f32a6762", + "rev": "7c43f080a7f28b2774f3b3f43234ca11661bf334", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-24.11", + "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 8672d2d..4acd3b9 100644 --- a/flake.nix +++ b/flake.nix @@ -1,7 +1,7 @@ { inputs = { nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; - nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; flake-utils.url = "github:numtide/flake-utils"; diff --git a/hosts/conduwuit/conduwuit.nix b/hosts/conduwuit/conduwuit.nix index 6baafa6..9483246 100644 --- a/hosts/conduwuit/conduwuit.nix +++ b/hosts/conduwuit/conduwuit.nix @@ -2,7 +2,7 @@ { services.matrix-conduit = { enable = true; - package = pkgs.conduwuit; + package = pkgs.matrix-conduit; settings = { global = { database_backend = "rocksdb"; From ee5fa3718925cfc7844f8590d737c50ab2c526a5 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Mon, 26 May 2025 21:50:38 +0200 Subject: [PATCH 078/111] finish conduwuit->conduit migration --- hosts/conduwuit/conduwuit.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/conduwuit/conduwuit.nix b/hosts/conduwuit/conduwuit.nix index 9483246..8e344e5 100644 --- a/hosts/conduwuit/conduwuit.nix +++ b/hosts/conduwuit/conduwuit.nix @@ -6,7 +6,7 @@ settings = { global = { database_backend = "rocksdb"; - new_user_displayname_suffix = ""; + enable_lightning_bolt = false; port = 6167; server_name = "oxapentane.com"; address = "0.0.0.0"; From 6ffe2d49ee9bc6e7d81bf9f8ea034d24755d05ed Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Mon, 26 May 2025 21:53:21 +0200 Subject: [PATCH 079/111] set editor properly --- modules/basic-tools/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/modules/basic-tools/default.nix b/modules/basic-tools/default.nix index a917168..b7b193b 100644 --- a/modules/basic-tools/default.nix +++ b/modules/basic-tools/default.nix @@ -65,7 +65,9 @@ let editorconf = if config.services.emacs.defaultEditor then - { } + { + EDITOR = "emacsclient"; + } else { EDITOR = "nvim"; From 7223ca43a7f68dc8b044b37596685f5431de26e7 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 27 May 2025 10:17:27 +0200 Subject: [PATCH 080/111] cleanup, deadnix, format --- flake.nix | 41 ++++++++++++++++++--------------- hosts/cloud/proxy/conduwuit.nix | 2 +- modules/basic-tools/default.nix | 4 +--- modules/basic-tools/fzf.nix | 17 ++++---------- modules/niri.nix | 2 +- 5 files changed, 29 insertions(+), 37 deletions(-) diff --git a/flake.nix b/flake.nix index 4acd3b9..1174373 100644 --- a/flake.nix +++ b/flake.nix @@ -54,7 +54,6 @@ outputs = inputs@{ - authentik-nix, lanzaboote, lix-module, microvm, @@ -79,25 +78,29 @@ "immich" ]; - microvm-builder = (nixpkgs-ver: vm-list: builtins.listToAttrs ( - map (vm: { - name = vm; - value = nixpkgs-ver.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { inherit inputs; }; - modules = [ - sops-nix.nixosModules.sops - microvm.nixosModules.microvm + microvm-builder = ( + nixpkgs-ver: vm-list: + builtins.listToAttrs ( + map (vm: { + name = vm; + value = nixpkgs-ver.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = [ + sops-nix.nixosModules.sops + microvm.nixosModules.microvm - ./hosts/${vm} - ./modules/server - ./modules/wg - ]; - }; - }) vm-list - )); - microvms = (microvm-builder nixpkgs microvm-stable-list) - // (microvm-builder nixpkgs-unstable microvm-unstable-list); + ./hosts/${vm} + ./modules/server + ./modules/wg + ]; + }; + }) vm-list + ) + ); + microvms = + (microvm-builder nixpkgs microvm-stable-list) + // (microvm-builder nixpkgs-unstable microvm-unstable-list); in microvms // { diff --git a/hosts/cloud/proxy/conduwuit.nix b/hosts/cloud/proxy/conduwuit.nix index 323590d..c731066 100644 --- a/hosts/cloud/proxy/conduwuit.nix +++ b/hosts/cloud/proxy/conduwuit.nix @@ -1,4 +1,4 @@ -{ self, ... }: +{ ... }: let proxy-conf = '' client_max_body_size 50M; diff --git a/modules/basic-tools/default.nix b/modules/basic-tools/default.nix index b7b193b..a917168 100644 --- a/modules/basic-tools/default.nix +++ b/modules/basic-tools/default.nix @@ -65,9 +65,7 @@ let editorconf = if config.services.emacs.defaultEditor then - { - EDITOR = "emacsclient"; - } + { } else { EDITOR = "nvim"; diff --git a/modules/basic-tools/fzf.nix b/modules/basic-tools/fzf.nix index 8ad1b92..96ab39c 100644 --- a/modules/basic-tools/fzf.nix +++ b/modules/basic-tools/fzf.nix @@ -1,6 +1,4 @@ { - lib, - config, pkgs, ... }: @@ -14,15 +12,8 @@ }; }; # integrate fzf into shell, >23.05 only - programs = - with lib; - if (toInt (elemAt (splitVersion config.system.nixos.release) 0) >= 23) then - { - fzf = { - keybindings = true; - fuzzyCompletion = true; - }; - } - else - { }; + programs.fzf = { + keybindings = true; + fuzzyCompletion = true; + }; } diff --git a/modules/niri.nix b/modules/niri.nix index c3438fc..e769189 100644 --- a/modules/niri.nix +++ b/modules/niri.nix @@ -12,7 +12,7 @@ environment.systemPackages = let xwayland-satellite-git = pkgs.xwayland-satellite.overrideAttrs ( - final: prev: { + final: _prev: { version = "git"; cargoHash = "sha256-MaF2FyR3HvQAKkZKa8OO/5jbO64/Ncv7+JqHda4jN50="; src = pkgs.fetchFromGitHub { From 7ae2b5a326d729ebc3b2846d4e25c34e5505f6e2 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 27 May 2025 11:54:59 +0200 Subject: [PATCH 081/111] add opera --- modules/desktop-software.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/desktop-software.nix b/modules/desktop-software.nix index cbb902e..bb11e8c 100644 --- a/modules/desktop-software.nix +++ b/modules/desktop-software.nix @@ -21,6 +21,7 @@ # dwarf-fortress-packages.dwarf-fortress-full obs-studio firefox + opera ]; programs.steam.enable = true; } From e2d82c939af06c8605de94191bd06e3be0750f36 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 27 May 2025 11:55:38 +0200 Subject: [PATCH 082/111] bump lock --- flake.lock | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index 5cc45ab..b754bb5 100644 --- a/flake.lock +++ b/flake.lock @@ -253,11 +253,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1748182888, - "narHash": "sha256-tm3yi3KL+KjMnLZFXKR1ioI/Rk8DIa2n1NNE6I99BpU=", - "rev": "dbff52bfbc48ead789888bf24422d0ef6f7ba9a8", + "lastModified": 1748295264, + "narHash": "sha256-l+f6icWfH0VprAeLqpIHzw3Cmm2C8wp6az827E7K3dc=", + "rev": "e27c86ad12d18318f266ce142c3f2051b05b07dd", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/dbff52bfbc48ead789888bf24422d0ef6f7ba9a8.tar.gz?rev=dbff52bfbc48ead789888bf24422d0ef6f7ba9a8" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/e27c86ad12d18318f266ce142c3f2051b05b07dd.tar.gz?rev=e27c86ad12d18318f266ce142c3f2051b05b07dd" }, "original": { "type": "tarball", @@ -402,11 +402,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1748026106, - "narHash": "sha256-6m1Y3/4pVw1RWTsrkAK2VMYSzG4MMIj7sqUy7o8th1o=", + "lastModified": 1748190013, + "narHash": "sha256-R5HJFflOfsP5FBtk+zE8FpL8uqE7n62jqOsADvVshhE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "063f43f2dbdef86376cc29ad646c45c46e93234c", + "rev": "62b852f6c6742134ade1abdd2a21685fd617a291", "type": "github" }, "original": { From b4fa571ffb3b83c2491645c9b632010726cb585e Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 28 May 2025 12:44:53 +0200 Subject: [PATCH 083/111] small fixes --- modules/desktop-software.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/desktop-software.nix b/modules/desktop-software.nix index bb11e8c..9a88279 100644 --- a/modules/desktop-software.nix +++ b/modules/desktop-software.nix @@ -18,10 +18,10 @@ element-desktop discord mpv - # dwarf-fortress-packages.dwarf-fortress-full + dwarf-fortress-packages.dwarf-fortress-full obs-studio firefox - opera + (opera.override { proprietaryCodecs = true; }) ]; programs.steam.enable = true; } From e61c4d2e1a08cf05862e9994bc028364bf237bed Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 28 May 2025 12:45:10 +0200 Subject: [PATCH 084/111] add explicit headers --- hosts/cloud/proxy/conduwuit.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hosts/cloud/proxy/conduwuit.nix b/hosts/cloud/proxy/conduwuit.nix index c731066..97ba4a3 100644 --- a/hosts/cloud/proxy/conduwuit.nix +++ b/hosts/cloud/proxy/conduwuit.nix @@ -9,6 +9,8 @@ let proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Access-Control-Allow-Origin *; + proxy_set_header Access-Control-Allow-Methods 'GET, POST, PUT, DELETE, OPTIONS'; + proxy_set_header Access-Control-Allow-Headers 'X-Requested-With, Content-Type, Authorization'; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; From efb53eb04fd752d8772bb6360a0c5f757b6b07b9 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 28 May 2025 13:10:02 +0200 Subject: [PATCH 085/111] conduit is not backported --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 1174373..e34868b 100644 --- a/flake.nix +++ b/flake.nix @@ -68,7 +68,6 @@ nixosConfigurations = let microvm-stable-list = [ - "conduwuit" "forgejo" "miniflux" "radicale" @@ -76,6 +75,7 @@ microvm-unstable-list = [ "auth" "immich" + "conduwuit" ]; microvm-builder = ( From fa503f9176b396e16e4104173a621142ce441882 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sat, 31 May 2025 20:20:35 +0200 Subject: [PATCH 086/111] bump lock --- flake.lock | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/flake.lock b/flake.lock index b754bb5..a5a33d8 100644 --- a/flake.lock +++ b/flake.lock @@ -253,11 +253,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1748295264, - "narHash": "sha256-l+f6icWfH0VprAeLqpIHzw3Cmm2C8wp6az827E7K3dc=", - "rev": "e27c86ad12d18318f266ce142c3f2051b05b07dd", + "lastModified": 1748588861, + "narHash": "sha256-bP9MHHCx/6Pi1TlO7Iq8X6AUoQHzyExQJNnSHSOqUUk=", + "rev": "3815dd5e64fc374fa4dcc5064470cd7a7d77aaf3", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/e27c86ad12d18318f266ce142c3f2051b05b07dd.tar.gz?rev=e27c86ad12d18318f266ce142c3f2051b05b07dd" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/3815dd5e64fc374fa4dcc5064470cd7a7d77aaf3.tar.gz?rev=3815dd5e64fc374fa4dcc5064470cd7a7d77aaf3" }, "original": { "type": "tarball", @@ -298,11 +298,11 @@ "spectrum": "spectrum" }, "locked": { - "lastModified": 1748260747, - "narHash": "sha256-V3ONd70wm55JxcUa1rE0JU3zD+Cz7KK/iSVhRD7lq68=", + "lastModified": 1748464257, + "narHash": "sha256-PdnQSE2vPfql9WEjunj2qQnDpuuvk7HH+4djgXJSwFs=", "owner": "astro", "repo": "microvm.nix", - "rev": "b6c5dfc2a1c7614c94fd2c5d2e8578fd52396f3b", + "rev": "e238645b6f0447a2eb1d538d300d5049d4006f9f", "type": "github" }, "original": { @@ -339,11 +339,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1747900541, - "narHash": "sha256-dn64Pg9xLETjblwZs9Euu/SsjW80pd6lr5qSiyLY1pg=", + "lastModified": 1748634340, + "narHash": "sha256-pZH4bqbOd8S+si6UcfjHovWDiWKiIGRNRMpmRWaDIms=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "11f2d9ea49c3e964315215d6baa73a8d42672f06", + "rev": "daa628a725ab4948e0e2b795e8fb6f4c3e289a7a", "type": "github" }, "original": { @@ -402,11 +402,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1748190013, - "narHash": "sha256-R5HJFflOfsP5FBtk+zE8FpL8uqE7n62jqOsADvVshhE=", + "lastModified": 1748460289, + "narHash": "sha256-7doLyJBzCllvqX4gszYtmZUToxKvMUrg45EUWaUYmBg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "62b852f6c6742134ade1abdd2a21685fd617a291", + "rev": "96ec055edbe5ee227f28cdbc3f1ddf1df5965102", "type": "github" }, "original": { @@ -418,11 +418,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1748162331, - "narHash": "sha256-rqc2RKYTxP3tbjA+PB3VMRQNnjesrT0pEofXQTrMsS8=", + "lastModified": 1748437600, + "narHash": "sha256-hYKMs3ilp09anGO7xzfGs3JqEgUqFMnZ8GMAqI6/k04=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7c43f080a7f28b2774f3b3f43234ca11661bf334", + "rev": "7282cb574e0607e65224d33be8241eae7cfe0979", "type": "github" }, "original": { From a63a2e56195fb1c995dfc084b6b18d55d7107606 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sat, 31 May 2025 21:10:35 +0200 Subject: [PATCH 087/111] cleanup for 25.11 --- modules/desktop-software.nix | 2 -- modules/gnome.nix | 3 +-- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/modules/desktop-software.nix b/modules/desktop-software.nix index 9a88279..5178c70 100644 --- a/modules/desktop-software.nix +++ b/modules/desktop-software.nix @@ -18,10 +18,8 @@ element-desktop discord mpv - dwarf-fortress-packages.dwarf-fortress-full obs-studio firefox - (opera.override { proprietaryCodecs = true; }) ]; programs.steam.enable = true; } diff --git a/modules/gnome.nix b/modules/gnome.nix index f70c270..b1dae16 100644 --- a/modules/gnome.nix +++ b/modules/gnome.nix @@ -42,8 +42,7 @@ }; }; - services.xserver = { - enable = true; + services = { desktopManager.gnome.enable = true; displayManager.gdm = { enable = true; From c8fa6dd65e9fa9e13a5edd190ba83a91eee1a242 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Mon, 2 Jun 2025 20:13:39 +0200 Subject: [PATCH 088/111] bump lock --- flake.lock | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/flake.lock b/flake.lock index a5a33d8..91b10f0 100644 --- a/flake.lock +++ b/flake.lock @@ -253,11 +253,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1748588861, - "narHash": "sha256-bP9MHHCx/6Pi1TlO7Iq8X6AUoQHzyExQJNnSHSOqUUk=", - "rev": "3815dd5e64fc374fa4dcc5064470cd7a7d77aaf3", + "lastModified": 1748874826, + "narHash": "sha256-PPRYL4vp/09ZPqbgo1b0h+mt28tddxE/nhA04bGvAU0=", + "rev": "530b40ac8ebf49ab93887e5035d7f1fdc3111325", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/3815dd5e64fc374fa4dcc5064470cd7a7d77aaf3.tar.gz?rev=3815dd5e64fc374fa4dcc5064470cd7a7d77aaf3" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/530b40ac8ebf49ab93887e5035d7f1fdc3111325.tar.gz?rev=530b40ac8ebf49ab93887e5035d7f1fdc3111325" }, "original": { "type": "tarball", @@ -402,11 +402,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1748460289, - "narHash": "sha256-7doLyJBzCllvqX4gszYtmZUToxKvMUrg45EUWaUYmBg=", + "lastModified": 1748693115, + "narHash": "sha256-StSrWhklmDuXT93yc3GrTlb0cKSS0agTAxMGjLKAsY8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "96ec055edbe5ee227f28cdbc3f1ddf1df5965102", + "rev": "910796cabe436259a29a72e8d3f5e180fc6dfacc", "type": "github" }, "original": { @@ -418,11 +418,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1748437600, - "narHash": "sha256-hYKMs3ilp09anGO7xzfGs3JqEgUqFMnZ8GMAqI6/k04=", + "lastModified": 1748708770, + "narHash": "sha256-q8jG2HJWgooWa9H0iatZqBPF3bp0504e05MevFmnFLY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7282cb574e0607e65224d33be8241eae7cfe0979", + "rev": "a59eb7800787c926045d51b70982ae285faa2346", "type": "github" }, "original": { From a28536661156cb4c7c5ced2e78fcf4b808bfacb0 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Mon, 2 Jun 2025 21:07:30 +0200 Subject: [PATCH 089/111] add sdrangel back --- modules/radio.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/radio.nix b/modules/radio.nix index aea167c..391e98b 100644 --- a/modules/radio.nix +++ b/modules/radio.nix @@ -5,7 +5,7 @@ gnuradio gqrx cubicsdr - # sdrangel # broken package + sdrangel multimon-ng sox From 6253edd88aee09faceea671731e8aaf6fe61c6f4 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 4 Jun 2025 13:11:14 +0200 Subject: [PATCH 090/111] keep emacs installed, but not as default --- flake.nix | 4 ++-- modules/emacs.nix | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.nix b/flake.nix index e34868b..61b4411 100644 --- a/flake.nix +++ b/flake.nix @@ -118,14 +118,14 @@ ./modules/basic-tools ./modules/binary-caches.nix ./modules/devtools.nix + ./modules/emacs.nix ./modules/gnome.nix ./modules/gnupg.nix + ./modules/mail ./modules/radio.nix ./modules/science.nix ./modules/tlp.nix ./modules/virtualization.nix - ./modules/emacs.nix - ./modules/mail ./modules/wg ]; }; diff --git a/modules/emacs.nix b/modules/emacs.nix index 8841e44..b48a977 100644 --- a/modules/emacs.nix +++ b/modules/emacs.nix @@ -32,6 +32,6 @@ ] ) ); - defaultEditor = lib.mkDefault true; + defaultEditor = lib.mkForce false; }; } From bf454e2018f9a7835374d24ced99b81b5749dd14 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 4 Jun 2025 22:23:55 +0200 Subject: [PATCH 091/111] bump lock --- flake.lock | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/flake.lock b/flake.lock index 91b10f0..ba5c370 100644 --- a/flake.lock +++ b/flake.lock @@ -253,11 +253,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1748874826, - "narHash": "sha256-PPRYL4vp/09ZPqbgo1b0h+mt28tddxE/nhA04bGvAU0=", - "rev": "530b40ac8ebf49ab93887e5035d7f1fdc3111325", + "lastModified": 1748893954, + "narHash": "sha256-Vj1GHarIzlJI3We5KnYcAQlSjn++fx7/lKRaiIVz3tg=", + "rev": "019b17f4e93c098f99a9bc691be1f1c4df026c7d", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/530b40ac8ebf49ab93887e5035d7f1fdc3111325.tar.gz?rev=530b40ac8ebf49ab93887e5035d7f1fdc3111325" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/019b17f4e93c098f99a9bc691be1f1c4df026c7d.tar.gz?rev=019b17f4e93c098f99a9bc691be1f1c4df026c7d" }, "original": { "type": "tarball", @@ -339,11 +339,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1748634340, - "narHash": "sha256-pZH4bqbOd8S+si6UcfjHovWDiWKiIGRNRMpmRWaDIms=", + "lastModified": 1749056381, + "narHash": "sha256-QITcurR19KZlrCngBoCjsFF2BdYsiCG4UqmlrVcLb8Q=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "daa628a725ab4948e0e2b795e8fb6f4c3e289a7a", + "rev": "029bd66faa180e11262dd1bc2732254c33415f52", "type": "github" }, "original": { @@ -402,11 +402,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1748693115, - "narHash": "sha256-StSrWhklmDuXT93yc3GrTlb0cKSS0agTAxMGjLKAsY8=", + "lastModified": 1748929857, + "narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=", "owner": "nixos", "repo": "nixpkgs", - "rev": "910796cabe436259a29a72e8d3f5e180fc6dfacc", + "rev": "c2a03962b8e24e669fb37b7df10e7c79531ff1a4", "type": "github" }, "original": { @@ -418,11 +418,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1748708770, - "narHash": "sha256-q8jG2HJWgooWa9H0iatZqBPF3bp0504e05MevFmnFLY=", + "lastModified": 1749024892, + "narHash": "sha256-OGcDEz60TXQC+gVz5sdtgGJdKVYr6rwdzQKuZAJQpCA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a59eb7800787c926045d51b70982ae285faa2346", + "rev": "8f1b52b04f2cb6e5ead50bd28d76528a2f0380ef", "type": "github" }, "original": { From d928378ae74a61c58fffd4acd991132fec212ac5 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Thu, 5 Jun 2025 16:23:56 +0200 Subject: [PATCH 092/111] add lapce --- modules/desktop-software.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/desktop-software.nix b/modules/desktop-software.nix index 5178c70..1a651f7 100644 --- a/modules/desktop-software.nix +++ b/modules/desktop-software.nix @@ -20,6 +20,7 @@ mpv obs-studio firefox + lapce ]; programs.steam.enable = true; } From 21796723fbca12cb3ac99c0cceedfbe2b95cde79 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Fri, 6 Jun 2025 15:16:25 +0200 Subject: [PATCH 093/111] bump lock --- flake.lock | 64 +++++++++++++++++++++++++++--------------------------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/flake.lock b/flake.lock index ba5c370..dbd1074 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ "uv2nix": "uv2nix" }, "locked": { - "lastModified": 1747386678, - "narHash": "sha256-+4pIDo56iXWUklX1U+biw/cfC8TiSXTMh2N6V/+JMUg=", + "lastModified": 1749129962, + "narHash": "sha256-gc1l5z5dWw9a9DWsrp0ZiD+SSMsNpEwMEiRi8K5sh5c=", "owner": "nix-community", "repo": "authentik-nix", - "rev": "f20474660332903be6b47f3c1fdfc531f6f75f1d", + "rev": "271a38f7c4e2551f0674b894e2adf7cd1ddb8168", "type": "github" }, "original": { @@ -30,16 +30,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1747329052, - "narHash": "sha256-idShMSYIrf3ViG9VFNGNu6TSjBz3Q+GJMMeCzcJwfG4=", + "lastModified": 1749043670, + "narHash": "sha256-gwHngqb23U8By7jhxFWQZOXy+vPQApJSkvr4gHI5ifQ=", "owner": "goauthentik", "repo": "authentik", - "rev": "ae47624761f05040149d856d5e55a90cd7492740", + "rev": "bda30c5ad5838fea36dc0a06f8580cca437f0fc0", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2025.4.1", + "ref": "version/2025.4.2", "repo": "authentik", "type": "github" } @@ -96,11 +96,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1743550720, - "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=", + "lastModified": 1748821116, + "narHash": "sha256-F82+gS044J1APL0n4hH50GYdPRv/5JWm34oCJYmVKdE=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "c621e8422220273271f52058f618c94e405bb0f5", + "rev": "49f0870db23e8c1ca0b5259734a02cd9e1e371a1", "type": "github" }, "original": { @@ -253,11 +253,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1748893954, - "narHash": "sha256-Vj1GHarIzlJI3We5KnYcAQlSjn++fx7/lKRaiIVz3tg=", - "rev": "019b17f4e93c098f99a9bc691be1f1c4df026c7d", + "lastModified": 1748904204, + "narHash": "sha256-kbY82p5J5HP/y132Pn6JVO1/PKV/TqF336FsDArWkLo=", + "rev": "fca0a30470b7040489feeb2a86bad05bf9b1aa95", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/019b17f4e93c098f99a9bc691be1f1c4df026c7d.tar.gz?rev=019b17f4e93c098f99a9bc691be1f1c4df026c7d" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/fca0a30470b7040489feeb2a86bad05bf9b1aa95.tar.gz?rev=fca0a30470b7040489feeb2a86bad05bf9b1aa95" }, "original": { "type": "tarball", @@ -339,11 +339,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1749056381, - "narHash": "sha256-QITcurR19KZlrCngBoCjsFF2BdYsiCG4UqmlrVcLb8Q=", + "lastModified": 1749195551, + "narHash": "sha256-W5GKQHgunda/OP9sbKENBZhMBDNu2QahoIPwnsF6CeM=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "029bd66faa180e11262dd1bc2732254c33415f52", + "rev": "4602f7e1d3f197b3cb540d5accf5669121629628", "type": "github" }, "original": { @@ -355,11 +355,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1747179050, - "narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=", + "lastModified": 1748929857, + "narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e", + "rev": "c2a03962b8e24e669fb37b7df10e7c79531ff1a4", "type": "github" }, "original": { @@ -371,11 +371,11 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1743296961, - "narHash": "sha256-b1EdN3cULCqtorQ4QeWgLMrd5ZGOjLSLemfa00heasc=", + "lastModified": 1748740939, + "narHash": "sha256-rQaysilft1aVMwF14xIdGS3sj1yHlI6oKQNBRTF40cc=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "e4822aea2a6d1cdd36653c134cacfd64c97ff4fa", + "rev": "656a64127e9d791a334452c6b6606d17539476e2", "type": "github" }, "original": { @@ -418,11 +418,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1749024892, - "narHash": "sha256-OGcDEz60TXQC+gVz5sdtgGJdKVYr6rwdzQKuZAJQpCA=", + "lastModified": 1749086602, + "narHash": "sha256-DJcgJMekoxVesl9kKjfLPix2Nbr42i7cpEHJiTnBUwU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8f1b52b04f2cb6e5ead50bd28d76528a2f0380ef", + "rev": "4792576cb003c994bd7cc1edada3129def20b27d", "type": "github" }, "original": { @@ -475,11 +475,11 @@ ] }, "locked": { - "lastModified": 1744599653, - "narHash": "sha256-nysSwVVjG4hKoOjhjvE6U5lIKA8sEr1d1QzEfZsannU=", + "lastModified": 1748562898, + "narHash": "sha256-STk4QklrGpM3gliPKNJdBLSQvIrqRuwHI/rnYb/5rh8=", "owner": "pyproject-nix", "repo": "build-system-pkgs", - "rev": "7dba6dbc73120e15b558754c26024f6c93015dd7", + "rev": "33bd58351957bb52dd1700ea7eeefe34de06a892", "type": "github" }, "original": { @@ -655,11 +655,11 @@ ] }, "locked": { - "lastModified": 1746649034, - "narHash": "sha256-gmv+ZiY3pQnwgI0Gm3Z1tNSux1CnOJ0De+xeDOol1+0=", + "lastModified": 1748916602, + "narHash": "sha256-GiwjjmPIISDFD0uQ1DqQ+/38hZ+2z1lTKVj/TkKaWwQ=", "owner": "pyproject-nix", "repo": "uv2nix", - "rev": "fe540e91c26f378c62bf6da365a97e848434d0cd", + "rev": "a4dd471de62b27928191908f57bfcd702ec2bfc9", "type": "github" }, "original": { From 9f8721d40e4c2580e54685f72ff02f48605dc8fb Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 10 Jun 2025 18:34:27 +0200 Subject: [PATCH 094/111] small fixes --- modules/desktop-software.nix | 2 ++ modules/emacs.nix | 2 +- modules/gnome.nix | 2 -- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/desktop-software.nix b/modules/desktop-software.nix index 1a651f7..24359a9 100644 --- a/modules/desktop-software.nix +++ b/modules/desktop-software.nix @@ -21,6 +21,8 @@ obs-studio firefox lapce + spotify + ghostty ]; programs.steam.enable = true; } diff --git a/modules/emacs.nix b/modules/emacs.nix index b48a977..d4b0f26 100644 --- a/modules/emacs.nix +++ b/modules/emacs.nix @@ -32,6 +32,6 @@ ] ) ); - defaultEditor = lib.mkForce false; + defaultEditor = lib.mkForce true; }; } diff --git a/modules/gnome.nix b/modules/gnome.nix index b1dae16..08c3b84 100644 --- a/modules/gnome.nix +++ b/modules/gnome.nix @@ -16,8 +16,6 @@ qbittorrent gnomeExtensions.caffeine gnomeExtensions.brightness-control-using-ddcutil - spotify - ghostty fractal ]; From 9cbb86603e861b067b6620a401f178098a9a2255 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 10 Jun 2025 18:34:37 +0200 Subject: [PATCH 095/111] bump lock --- flake.lock | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/flake.lock b/flake.lock index dbd1074..cc515b0 100644 --- a/flake.lock +++ b/flake.lock @@ -253,11 +253,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1748904204, - "narHash": "sha256-kbY82p5J5HP/y132Pn6JVO1/PKV/TqF336FsDArWkLo=", - "rev": "fca0a30470b7040489feeb2a86bad05bf9b1aa95", + "lastModified": 1749471044, + "narHash": "sha256-a1KdOuDF2NJj+tM/2fufIyW5dDX0cHdmXWjli+0GRh4=", + "rev": "d8b1bb58622ee7af6cfa260d32d84859b3dc2ea2", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/fca0a30470b7040489feeb2a86bad05bf9b1aa95.tar.gz?rev=fca0a30470b7040489feeb2a86bad05bf9b1aa95" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/d8b1bb58622ee7af6cfa260d32d84859b3dc2ea2.tar.gz?rev=d8b1bb58622ee7af6cfa260d32d84859b3dc2ea2" }, "original": { "type": "tarball", @@ -402,11 +402,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1748929857, - "narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=", + "lastModified": 1749285348, + "narHash": "sha256-frdhQvPbmDYaScPFiCnfdh3B/Vh81Uuoo0w5TkWmmjU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c2a03962b8e24e669fb37b7df10e7c79531ff1a4", + "rev": "3e3afe5174c561dee0df6f2c2b2236990146329f", "type": "github" }, "original": { @@ -418,11 +418,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1749086602, - "narHash": "sha256-DJcgJMekoxVesl9kKjfLPix2Nbr42i7cpEHJiTnBUwU=", + "lastModified": 1749494155, + "narHash": "sha256-FG4DEYBpROupu758beabUk9lhrblSf5hnv84v1TLqMc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4792576cb003c994bd7cc1edada3129def20b27d", + "rev": "88331c17ba434359491e8d5889cce872464052c2", "type": "github" }, "original": { From f68df0d787dff516da912bd53278ec453d2bf0f9 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 10 Jun 2025 19:40:17 +0200 Subject: [PATCH 096/111] try out kde --- flake.nix | 2 +- hosts/toaster/network/default.nix | 7 ++++-- modules/fonts.nix | 2 ++ modules/plasma.nix | 39 +++++++++++++++++++++++++++++++ 4 files changed, 47 insertions(+), 3 deletions(-) create mode 100644 modules/plasma.nix diff --git a/flake.nix b/flake.nix index 61b4411..ddde63b 100644 --- a/flake.nix +++ b/flake.nix @@ -119,9 +119,9 @@ ./modules/binary-caches.nix ./modules/devtools.nix ./modules/emacs.nix - ./modules/gnome.nix ./modules/gnupg.nix ./modules/mail + ./modules/plasma.nix ./modules/radio.nix ./modules/science.nix ./modules/tlp.nix diff --git a/hosts/toaster/network/default.nix b/hosts/toaster/network/default.nix index 6d96c3c..bd42a43 100644 --- a/hosts/toaster/network/default.nix +++ b/hosts/toaster/network/default.nix @@ -7,13 +7,16 @@ ]; # Networkmanager shouldn't interfere with systemd managed interfaces - networking.networkmanager.unmanaged = + networking.networkmanager = { + enable = true; + unmanaged = let systemd_netdevs = lib.attrsets.attrValues ( lib.attrsets.mapAttrs (_name: value: value.netdevConfig.Name) config.systemd.network.netdevs ); in - systemd_netdevs; + systemd_netdevs; + }; systemd.network = { enable = true; diff --git a/modules/fonts.nix b/modules/fonts.nix index 32ae853..e8c54bc 100644 --- a/modules/fonts.nix +++ b/modules/fonts.nix @@ -19,6 +19,8 @@ liberation_ttf noto-fonts noto-fonts-cjk-sans + noto-fonts-color-emoji + noto-fonts-monochrome-emoji noto-fonts-emoji noto-fonts-extra proggyfonts diff --git a/modules/plasma.nix b/modules/plasma.nix new file mode 100644 index 0000000..c3d2731 --- /dev/null +++ b/modules/plasma.nix @@ -0,0 +1,39 @@ +{ pkgs, ... }: +{ + imports = [ + ./desktop-software.nix + ./fonts.nix + ]; + + environment.systemPackages = with pkgs.kdePackages; [ + kmail + okular + ]; + + programs.kde-pim = { + enable = true; + kmail = true; + kontact = true; + merkuro = true; + }; + + # Enable sound. + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + pulse.enable = true; + }; + + programs.zsh.vteIntegration = true; + programs.bash.vteIntegration = true; + + hardware.bluetooth.enable = true; + + services.displayManager.sddm = { + enable = true; + wayland.enable = true; + }; + + services.desktopManager.plasma6.enable = true; +} From fa39e47fef4576cbf2e9a8a023e2e86f7f365e79 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Tue, 10 Jun 2025 20:53:59 +0200 Subject: [PATCH 097/111] format and small fixes --- hosts/toaster/network/default.nix | 10 +++++----- modules/desktop-software.nix | 17 +++++++++-------- modules/gnome.nix | 1 - modules/plasma.nix | 6 +++--- 4 files changed, 17 insertions(+), 17 deletions(-) diff --git a/hosts/toaster/network/default.nix b/hosts/toaster/network/default.nix index bd42a43..6504dbb 100644 --- a/hosts/toaster/network/default.nix +++ b/hosts/toaster/network/default.nix @@ -10,11 +10,11 @@ networking.networkmanager = { enable = true; unmanaged = - let - systemd_netdevs = lib.attrsets.attrValues ( - lib.attrsets.mapAttrs (_name: value: value.netdevConfig.Name) config.systemd.network.netdevs - ); - in + let + systemd_netdevs = lib.attrsets.attrValues ( + lib.attrsets.mapAttrs (_name: value: value.netdevConfig.Name) config.systemd.network.netdevs + ); + in systemd_netdevs; }; diff --git a/modules/desktop-software.nix b/modules/desktop-software.nix index 24359a9..a09d31f 100644 --- a/modules/desktop-software.nix +++ b/modules/desktop-software.nix @@ -7,22 +7,23 @@ audacity blender dino + discord + element-desktop ffmpeg-full + firefox + ghostty gimp inkscape + lapce + mpv + obs-studio + qbittorrent signal-desktop + spotify telegram-desktop tor-browser wl-clipboard yt-dlp - element-desktop - discord - mpv - obs-studio - firefox - lapce - spotify - ghostty ]; programs.steam.enable = true; } diff --git a/modules/gnome.nix b/modules/gnome.nix index 08c3b84..5743283 100644 --- a/modules/gnome.nix +++ b/modules/gnome.nix @@ -13,7 +13,6 @@ gnome-obfuscate gnome-boxes gnome-tweaks - qbittorrent gnomeExtensions.caffeine gnomeExtensions.brightness-control-using-ddcutil fractal diff --git a/modules/plasma.nix b/modules/plasma.nix index c3d2731..cfbdd96 100644 --- a/modules/plasma.nix +++ b/modules/plasma.nix @@ -5,9 +5,9 @@ ./fonts.nix ]; - environment.systemPackages = with pkgs.kdePackages; [ - kmail - okular + environment.systemPackages = with pkgs; [ + kdePackages.okular + vlc ]; programs.kde-pim = { From 64269a89828c0a39426cd964ba6609e13d0f9950 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 11 Jun 2025 11:05:04 +0200 Subject: [PATCH 098/111] plasma: integrate firefox --- modules/desktop-software.nix | 2 +- modules/plasma.nix | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/modules/desktop-software.nix b/modules/desktop-software.nix index a09d31f..cbfba71 100644 --- a/modules/desktop-software.nix +++ b/modules/desktop-software.nix @@ -10,7 +10,6 @@ discord element-desktop ffmpeg-full - firefox ghostty gimp inkscape @@ -26,4 +25,5 @@ yt-dlp ]; programs.steam.enable = true; + programs.firefox.enable = true; } diff --git a/modules/plasma.nix b/modules/plasma.nix index cfbdd96..d71b475 100644 --- a/modules/plasma.nix +++ b/modules/plasma.nix @@ -36,4 +36,7 @@ }; services.desktopManager.plasma6.enable = true; + programs.firefox.nativeMessagingHosts.packages = with pkgs.kdePackages; [ + plasma-browser-integration + ]; } From d289649c49464fe3c0807aacc451a78505d94301 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 11 Jun 2025 11:05:22 +0200 Subject: [PATCH 099/111] enable ssh agent --- modules/plasma.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/modules/plasma.nix b/modules/plasma.nix index d71b475..f75afaf 100644 --- a/modules/plasma.nix +++ b/modules/plasma.nix @@ -36,6 +36,14 @@ }; services.desktopManager.plasma6.enable = true; + + programs.ssh = { + startAgent = true; + enableAskPassword = false; + extraConfig = '' + AddKeysToAgent yes + ''; + }; programs.firefox.nativeMessagingHosts.packages = with pkgs.kdePackages; [ plasma-browser-integration ]; From 44c31514e6090b4b24d89c49f1fa3912ce194205 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 11 Jun 2025 15:35:33 +0200 Subject: [PATCH 100/111] add new ssh key --- modules/server/ssh.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/server/ssh.nix b/modules/server/ssh.nix index 4c27a00..ea463d5 100644 --- a/modules/server/ssh.nix +++ b/modules/server/ssh.nix @@ -10,5 +10,6 @@ networking.firewall.allowedTCPPorts = [ 22 ]; users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJl9iYG5oHBq/poBn7Jf1/FGWWbAnbx+NKjs7qtT3uAK 0xa@toaster 2024-12-31" + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAINjKbSzsAx8P9POD9pOXO+Fxub68V828sNatPA6+2zmGAAAABHNzaDo= 0xa@keychain-A" ]; } From f9ff89e13e86be30a2d65ad707ac3b7d0697c869 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 11 Jun 2025 15:47:20 +0200 Subject: [PATCH 101/111] add kaidan --- modules/plasma.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/plasma.nix b/modules/plasma.nix index f75afaf..aadd178 100644 --- a/modules/plasma.nix +++ b/modules/plasma.nix @@ -6,6 +6,7 @@ ]; environment.systemPackages = with pkgs; [ + kaidan kdePackages.okular vlc ]; From b2a00d0006bf4aac8bce9f404112e682c0015430 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 11 Jun 2025 19:25:44 +0200 Subject: [PATCH 102/111] nginx->caddy --- hosts/cloud/proxy/auth.nix | 36 ------------- hosts/cloud/proxy/conduwuit.nix | 47 ---------------- hosts/cloud/proxy/dav.nix | 64 ---------------------- hosts/cloud/proxy/default.nix | 95 ++++++++++++++------------------- hosts/cloud/proxy/git.nix | 32 +---------- hosts/cloud/proxy/immich.nix | 33 ------------ hosts/cloud/proxy/news.nix | 17 ------ 7 files changed, 42 insertions(+), 282 deletions(-) delete mode 100644 hosts/cloud/proxy/auth.nix delete mode 100644 hosts/cloud/proxy/conduwuit.nix delete mode 100644 hosts/cloud/proxy/dav.nix delete mode 100644 hosts/cloud/proxy/immich.nix delete mode 100644 hosts/cloud/proxy/news.nix diff --git a/hosts/cloud/proxy/auth.nix b/hosts/cloud/proxy/auth.nix deleted file mode 100644 index c8700f0..0000000 --- a/hosts/cloud/proxy/auth.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ ... }: -{ - services.nginx.upstreams.authentik = { - servers = { - "10.89.88.11:9000" = { }; - "[fd31:185d:722f::11]:9000" = { }; - }; - extraConfig = '' - keepalive 10; - ''; - }; - - services.nginx.virtualHosts."auth.oxapentane.com" = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://authentik"; - extraConfig = '' - # general proxy settings - proxy_connect_timeout 60s; - proxy_send_timeout 60s; - proxy_read_timeout 60s; - proxy_http_version 1.1; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Forwarded-Server $host; - # authentik specifik - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $connection_upgrade_keepalive; - ''; - }; - }; -} diff --git a/hosts/cloud/proxy/conduwuit.nix b/hosts/cloud/proxy/conduwuit.nix deleted file mode 100644 index 97ba4a3..0000000 --- a/hosts/cloud/proxy/conduwuit.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ ... }: -let - proxy-conf = '' - client_max_body_size 50M; - proxy_buffering off; - - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Access-Control-Allow-Origin *; - proxy_set_header Access-Control-Allow-Methods 'GET, POST, PUT, DELETE, OPTIONS'; - proxy_set_header Access-Control-Allow-Headers 'X-Requested-With, Content-Type, Authorization'; - - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - - proxy_read_timeout 600s; - proxy_send_timeout 600s; - send_timeout 600s; - ''; - -in -{ - services.nginx.upstreams.conduwuit = { - servers = { - "10.89.88.16:6167" = { }; - "[fd31:185d:722f::16]:6167" = { }; - }; - }; - - services.nginx.virtualHosts."oxapentane.com" = { - locations."/_matrix/" = { - proxyPass = "http://conduwuit$request_uri"; - extraConfig = proxy-conf; - }; - locations."/_conduwuit/" = { - proxyPass = "http://conduwuit$request_uri"; - extraConfig = proxy-conf; - }; - locations."/.well-known/matrix" = { - proxyPass = "http://conduwuit$request_uri"; - extraConfig = proxy-conf; - }; - }; -} diff --git a/hosts/cloud/proxy/dav.nix b/hosts/cloud/proxy/dav.nix deleted file mode 100644 index 6f00943..0000000 --- a/hosts/cloud/proxy/dav.nix +++ /dev/null @@ -1,64 +0,0 @@ -{ ... }: -{ - services.nginx.upstreams.radicale = { - servers = { - "10.89.88.12:5232" = { }; - "[fd31:185d:722f::12]:5232" = { }; - }; - }; - - services.nginx.virtualHosts."dav.oxapentane.com" = { - forceSSL = true; - enableACME = true; - # Radicale - locations."/" = { - proxyPass = "http://radicale"; - extraConfig = '' - # Radicale stuff - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $connection_upgrade_keepalive; - - # authentik stuff - auth_request /outpost.goauthentik.io/auth/nginx; - error_page 401 = @goauthentik_proxy_signin; - auth_request_set $auth_cookie $upstream_http_set_cookie; - proxy_set_header Set-Cookie $auth_cookie; - - # translate headers from the outposts back to the actual upstream - auth_request_set $authentik_username $upstream_http_x_authentik_username; - auth_request_set $authentik_groups $upstream_http_x_authentik_groups; - auth_request_set $authentik_entitlements $upstream_http_x_authentik_entitlements; - auth_request_set $authentik_email $upstream_http_x_authentik_email; - auth_request_set $authentik_name $upstream_http_x_authentik_name; - auth_request_set $authentik_uid $upstream_http_x_authentik_uid; - - proxy_set_header X-authentik-username $authentik_username; - proxy_set_header X-Remote-User $authentik_username; - proxy_set_header X-authentik-groups $authentik_groups; - proxy_set_header X-authentik-entitlements $authentik_entitlements; - proxy_set_header X-authentik-email $authentik_email; - proxy_set_header X-authentik-name $authentik_name; - proxy_set_header X-authentik-uid $authentik_uid; - ''; - }; - - locations."/outpost.goauthentik.io" = { - proxyPass = "http://authentik/outpost.goauthentik.io"; - extraConfig = '' - proxy_set_header Host $host; - proxy_set_header X-Original-URL $scheme://$http_host$request_uri; - proxy_set_header Set-Cookie $auth_cookie; - auth_request_set $auth_cookie $upstream_http_set_cookie; - proxy_pass_request_body off; - proxy_set_header Content-Length ""; - ''; - }; - locations."@goauthentik_proxy_signin" = { - extraConfig = '' - internal; - proxy_set_header Set-Cookie $auth_cookie; - return 302 /outpost.goauthentik.io/start?rd=$request_uri; - ''; - }; - }; -} diff --git a/hosts/cloud/proxy/default.nix b/hosts/cloud/proxy/default.nix index e233e65..9994da4 100644 --- a/hosts/cloud/proxy/default.nix +++ b/hosts/cloud/proxy/default.nix @@ -4,12 +4,7 @@ let in { imports = [ - ./auth.nix - ./conduwuit.nix - ./dav.nix ./git.nix - ./immich.nix - ./news.nix ]; networking.firewall.allowedTCPPorts = [ @@ -17,63 +12,53 @@ in 443 ]; - services.nginx = { + services.caddy = { enable = true; + virtualHosts."oxapentane.com" = { + serverAliases = [ "www.oxapentane.com" ]; + extraConfig = '' + # conduit + @matrix { + path /.well-known/matrix/* + path /_matrix/* + } - recommendedGzipSettings = true; - recommendedOptimisation = true; - recommendedTlsSettings = true; + route { + header /.well-known/matrix/* Access-Control-Allow-Origin * - sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL"; + reverse_proxy @matrix 10.89.88.16:6167 - appendHttpConfig = '' - # upgrade websockets - map $http_upgrade $connection_upgrade_keepalive { - default upgrade; - ''' '''; - } + # file server + file_server { + root ${website} + index index.html + } + } + ''; + }; - ### TLS - # Add HSTS header with preloading to HTTPS requests. - # Adding this header to HTTP requests is discouraged - map $scheme $hsts_header { - https "max-age=31536000; includeSubdomains; preload"; - } - add_header Strict-Transport-Security $hsts_header; - - # Enable CSP for your services. - # add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always; - - # Minimize information leaked to other domains - add_header 'Referrer-Policy' 'origin-when-cross-origin'; - - # Disable embedding as a frame - # add_header X-Frame-Options DENY; - - # Prevent injection of code in other mime types (XSS Attacks) - add_header X-Content-Type-Options nosniff; + virtualHosts."auth.oxapentane.com".extraConfig = '' + reverse_proxy 10.89.88.11:9000 [fd31:185d:722f::11]:9000 ''; - virtualHosts."oxapentane.com" = { - forceSSL = true; - enableACME = true; - default = true; - locations."/" = { - root = "${website}"; - index = "index.html"; - }; - }; - virtualHosts."www.oxapentane.com" = { - forceSSL = true; - enableACME = true; - locations."/" = { - return = "302 https://oxapentane.com"; - }; - }; - }; + virtualHosts."dav.oxapentane.com".extraConfig = '' + route { + reverse_proxy /outpost.goauthentik.io/* 10.89.88.11:9000 [fd31:185d:722f::11]:9000 - security.acme = { - acceptTerms = true; - defaults.email = "acme@oxapentane.com"; + forward_auth 10.89.88.11:9000 { + uri /outpost.goauthentik.io/auth/caddy + copy_headers X-Authentik-Username X-Authentik-Groups X-Authentik-Entitlements X-Authentik-Email X-Authentik-Name X-Authentik-Uid X-Authentik-Jwt X-Authentik-Meta-Jwks X-Authentik-Meta-Outpost X-Authentik-Meta-Provider X-Authentik-Meta-App X-Authentik-Meta-Version X-Authentik-Username>X-Remote-User + trusted_proxies 10.89.88.11 fd31:185d:722f::11 + } + } + reverse_proxy 10.89.88.12:5232 [fd31:185d:722f::12]:5232 + + ''; + + virtualHosts."immich.oxapentane.com".extraConfig = '' + reverse_proxy 10.89.88.13:2283 + ''; + + virtualHosts."news.oxapentane.com".extraConfig = "reverse_proxy http://10.89.88.14:8080"; }; } diff --git a/hosts/cloud/proxy/git.nix b/hosts/cloud/proxy/git.nix index ac53f4c..6986f80 100644 --- a/hosts/cloud/proxy/git.nix +++ b/hosts/cloud/proxy/git.nix @@ -35,34 +35,6 @@ "fd31:185d:722e::1" ]; - services.nginx.upstreams.forgejo = { - servers = { - "10.89.88.15:3000" = { }; - "[fd31:185d:722f::15]:3000" = { }; - }; - }; - - services.nginx.virtualHosts."git.oxapentane.com" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://forgejo"; - extraConfig = '' - client_max_body_size 50000M; - - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - - proxy_read_timeout 600s; - proxy_send_timeout 600s; - send_timeout 600s; - ''; - }; - }; + services.caddy.virtualHosts."git.oxapentane.com".extraConfig = + "reverse_proxy 10.89.88.15:3000 [fd31:185d:722f::15]:3000"; } diff --git a/hosts/cloud/proxy/immich.nix b/hosts/cloud/proxy/immich.nix deleted file mode 100644 index 93e62d2..0000000 --- a/hosts/cloud/proxy/immich.nix +++ /dev/null @@ -1,33 +0,0 @@ -{ ... }: -{ - services.nginx.upstreams.immich = { - servers = { - "10.89.88.13:2283" = { }; - "[fd31:185d:722f::13]:2283" = { }; - }; - }; - - services.nginx.virtualHosts."immich.oxapentane.com" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://immich"; - extraConfig = '' - client_max_body_size 50000M; - - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - - proxy_read_timeout 600s; - proxy_send_timeout 600s; - send_timeout 600s; - ''; - }; - }; -} diff --git a/hosts/cloud/proxy/news.nix b/hosts/cloud/proxy/news.nix deleted file mode 100644 index 3bbfda2..0000000 --- a/hosts/cloud/proxy/news.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ ... }: -{ - services.nginx.virtualHosts."news.oxapentane.com" = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://10.89.88.14:8080"; - extraConfig = '' - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_redirect off; - ''; - }; - }; -} From d7fe38c9a4a40855faf5973690f00e72c98d2d9e Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 11 Jun 2025 22:13:26 +0200 Subject: [PATCH 103/111] disable default search --- modules/chromium.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/chromium.nix b/modules/chromium.nix index 5c971c6..4cdf16a 100644 --- a/modules/chromium.nix +++ b/modules/chromium.nix @@ -26,9 +26,9 @@ "AutoplayAllowed" = false; "DefaultNotificationSetting" = 2; "BackgroundModeEnabled" = false; - "DefaultSearchProviderEnabled" = true; + # "DefaultSearchProviderEnabled" = true; # "DefaultSearchProviderSearchURL" = "https://google.com/search?q={searchTerms}"; - "DefaultSearchProviderSearchURL" = "https://duckduckgo.com/?q={searchTerms}"; + # "DefaultSearchProviderSearchURL" = "https://duckduckgo.com/?q={searchTerms}"; "SearchSuggestEnable" = false; "BlockThirdPartyCookies" = true; "PrivacySandboxAdMeasurementEnabled" = false; From 92082762a5020326233156a0c9805e3a25d1c44d Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Thu, 12 Jun 2025 10:36:03 +0200 Subject: [PATCH 104/111] add filelight --- modules/plasma.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/plasma.nix b/modules/plasma.nix index aadd178..1a7a170 100644 --- a/modules/plasma.nix +++ b/modules/plasma.nix @@ -7,6 +7,7 @@ environment.systemPackages = with pkgs; [ kaidan + kdePackages.filelight kdePackages.okular vlc ]; From 5dcd5d911f08fcaf5327d136bc8cb1c69e23ecf6 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Thu, 12 Jun 2025 22:58:51 +0200 Subject: [PATCH 105/111] bump lock --- flake.lock | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/flake.lock b/flake.lock index cc515b0..e15b51f 100644 --- a/flake.lock +++ b/flake.lock @@ -253,11 +253,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1749471044, - "narHash": "sha256-a1KdOuDF2NJj+tM/2fufIyW5dDX0cHdmXWjli+0GRh4=", - "rev": "d8b1bb58622ee7af6cfa260d32d84859b3dc2ea2", + "lastModified": 1749682763, + "narHash": "sha256-DDhns3NS6L5OlYR0mSX03I5D7uGLyyd3MZegd1wTCyc=", + "rev": "ee0655240270480d7f6063dcf12ec47f04d2ded6", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/d8b1bb58622ee7af6cfa260d32d84859b3dc2ea2.tar.gz?rev=d8b1bb58622ee7af6cfa260d32d84859b3dc2ea2" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/ee0655240270480d7f6063dcf12ec47f04d2ded6.tar.gz?rev=ee0655240270480d7f6063dcf12ec47f04d2ded6" }, "original": { "type": "tarball", @@ -418,11 +418,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1749494155, - "narHash": "sha256-FG4DEYBpROupu758beabUk9lhrblSf5hnv84v1TLqMc=", + "lastModified": 1749727998, + "narHash": "sha256-mHv/yeUbmL91/TvV95p+mBVahm9mdQMJoqaTVTALaFw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "88331c17ba434359491e8d5889cce872464052c2", + "rev": "fd487183437963a59ba763c0cc4f27e3447dd6dd", "type": "github" }, "original": { @@ -553,11 +553,11 @@ ] }, "locked": { - "lastModified": 1747603214, - "narHash": "sha256-lAblXm0VwifYCJ/ILPXJwlz0qNY07DDYdLD+9H+Wc8o=", + "lastModified": 1749592509, + "narHash": "sha256-VunQzfZFA+Y6x3wYi2UE4DEQ8qKoAZZCnZPUlSoqC+A=", "owner": "Mic92", "repo": "sops-nix", - "rev": "8d215e1c981be3aa37e47aeabd4e61bb069548fd", + "rev": "50754dfaa0e24e313c626900d44ef431f3210138", "type": "github" }, "original": { From 3e6faa5d092ef00255adbf7edd4efe2d15accb3f Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Thu, 12 Jun 2025 23:25:57 +0200 Subject: [PATCH 106/111] change user shell --- hosts/toaster/default.nix | 2 +- modules/basic-tools/zsh.nix | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/hosts/toaster/default.nix b/hosts/toaster/default.nix index 7e78114..2b8577b 100644 --- a/hosts/toaster/default.nix +++ b/hosts/toaster/default.nix @@ -66,7 +66,7 @@ home = "/home/0xa"; isNormalUser = true; uid = 1000; - shell = pkgs.fish; + shell = pkgs.zsh; }; # This value determines the NixOS release from which the default diff --git a/modules/basic-tools/zsh.nix b/modules/basic-tools/zsh.nix index c474267..91c6292 100644 --- a/modules/basic-tools/zsh.nix +++ b/modules/basic-tools/zsh.nix @@ -39,6 +39,7 @@ LP_ENABLE_SVN=0 LP_BATTERY_THRESHOLD=15 LP_SSH_COLORS=1 + LP_DISABLED_VCS_PATHS=("/home/0xa/proj/NixOS/nixpkgs") ''; }; } From 2a44e5c81e2d46766ed095d5e94c5fafbd5d85fa Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Wed, 11 Jun 2025 22:53:22 +0200 Subject: [PATCH 107/111] deploy stream (navidrome) microvm --- .sops.yaml | 7 ++++ flake.nix | 1 + hosts/cloud/proxy/default.nix | 32 +++++++++++++++ hosts/stream/default.nix | 76 +++++++++++++++++++++++++++++++++++ hosts/stream/navidrome.nix | 16 ++++++++ hosts/stream/secrets.yaml | 38 ++++++++++++++++++ modules/wg/proxy.nix | 8 ++++ 7 files changed, 178 insertions(+) create mode 100644 hosts/stream/default.nix create mode 100644 hosts/stream/navidrome.nix create mode 100644 hosts/stream/secrets.yaml diff --git a/.sops.yaml b/.sops.yaml index dd882ca..649c351 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -11,6 +11,7 @@ keys: - &immich age1afyntwvj672lcq2e4dpxmw3syplzurnnd8q8j3265843jeedpveqkp465z - &miniflux age15ja22wd9tt60vn32sk59pp6c7vtjsn8y3rypn8qfnvxthug8sp0q6f72uh - &radicale age1j6z39kmnxkqa7jdcjsydy5cryjce7fttf225fh3pldyvq06ax3fq58mk8c + - &stream age148r2q3cy9sjem37rvgtcc4qjx8usxkdg77pqexa56gmcexn58aaslh3cnj creation_rules: - path_regex: hosts/toaster/[^/]+\.yaml$ key_groups: @@ -66,3 +67,9 @@ creation_rules: - *admin_oxa age: - *conduwuit + - path_regex: hosts/stream/[^/]+\.yaml$ + key_groups: + - pgp: + - *admin_oxa + age: + - *stream diff --git a/flake.nix b/flake.nix index ddde63b..2b085bc 100644 --- a/flake.nix +++ b/flake.nix @@ -71,6 +71,7 @@ "forgejo" "miniflux" "radicale" + "stream" ]; microvm-unstable-list = [ "auth" diff --git a/hosts/cloud/proxy/default.nix b/hosts/cloud/proxy/default.nix index 9994da4..6cf0151 100644 --- a/hosts/cloud/proxy/default.nix +++ b/hosts/cloud/proxy/default.nix @@ -60,5 +60,37 @@ in ''; virtualHosts."news.oxapentane.com".extraConfig = "reverse_proxy http://10.89.88.14:8080"; + + virtualHosts."music.oxapentane.com".extraConfig = '' + route { + reverse_proxy /outpost.goauthentik.io/* 10.89.88.11:9000 [fd31:185d:722f::11]:9000 + + @protected not path /share/* /rest/* + forward_auth @protected 10.89.88.11:9000 { + uri /outpost.goauthentik.io/auth/caddy + copy_headers X-Authentik-Username>Remote-User + trusted_proxies 10.89.88.11 fd31:185d:722f::11 + } + + + @subsonic path /rest/* + forward_auth @subsonic 10.89.88.11:9000 { + uri /outpost.goauthentik.io/auth/caddy + copy_headers X-Authentik-Username>Remote-User + @error status 1xx 3xx 4xx 5xx + handle_response @error { + respond < + + + SUBSONICERR 200 + } + trusted_proxies 10.89.88.11 fd31:185d:722f::11 + } + } + reverse_proxy 10.89.88.17:4533 + + ''; + }; } diff --git a/hosts/stream/default.nix b/hosts/stream/default.nix new file mode 100644 index 0000000..4543466 --- /dev/null +++ b/hosts/stream/default.nix @@ -0,0 +1,76 @@ +{ config, lib, ... }: +let + mac = "02:00:00:00:00:07"; +in +{ + imports = [ + ./navidrome.nix + ]; + + sops.defaultSopsFile = ./secrets.yaml; + sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + + sops.secrets = { + "wg/0xa-proxy" = { + owner = config.users.users.systemd-network.name; + }; + }; + + microvm = { + hypervisor = "qemu"; + mem = 4 * 1024; + vcpu = 3; + interfaces = [ + { + type = "tap"; + id = "uvm-stream"; + mac = mac; + } + ]; + shares = + [ + { + source = "/nix/store"; + mountPoint = "/nix/.ro-store"; + tag = "store"; + proto = "virtiofs"; + } + ] + ++ map + (dir: { + source = dir; + mountPoint = "/${dir}"; + tag = dir; + proto = "virtiofs"; + }) + [ + "etc" + "var" + "home" + ]; + }; + + networking.useNetworkd = true; + networking.firewall.enable = lib.mkForce false; # firewalling done by the host + + systemd.network = { + enable = true; + networks."11-host" = { + matchConfig.MACAddress = mac; + networkConfig = { + Address = "10.99.99.17/24"; + DHCP = "no"; + }; + routes = [ + { + Gateway = "10.99.99.1"; + Destination = "0.0.0.0/0"; + Metric = 1024; + } + ]; + }; + }; + + networking.hostName = "stream"; + system.stateVersion = "25.05"; +} diff --git a/hosts/stream/navidrome.nix b/hosts/stream/navidrome.nix new file mode 100644 index 0000000..0b1cd07 --- /dev/null +++ b/hosts/stream/navidrome.nix @@ -0,0 +1,16 @@ +{ ... }: +{ + services.navidrome = { + enable = true; + settings = { + Address = "10.89.88.17"; + BaseUrl = "/"; + EnableExternalServices = false; + MusicFolder = "/var/lib/navidrome/music"; + Port = 4533; + ScanSchedule = "@every 11m"; + TranscodingCacheSize = "11GiB"; + ReverseProxyWhitelist = "10.89.88.1/24"; + }; + }; +} diff --git a/hosts/stream/secrets.yaml b/hosts/stream/secrets.yaml new file mode 100644 index 0000000..a75b120 --- /dev/null +++ b/hosts/stream/secrets.yaml @@ -0,0 +1,38 @@ +wg: + 0xa-proxy: ENC[AES256_GCM,data:uZfFc4elxCAVZvdIHJ7lgoPs9qKkD9ZvLhcYbexDcqn0alaMzIr++CY52FI=,iv:CREMt6GrLHs4Jwj/55awDFHh9hQlJPEi4ZQ7ZLMPvRA=,tag:iJAGdqzQbyezmDj+tzjdNQ==,type:str] +sops: + age: + - recipient: age148r2q3cy9sjem37rvgtcc4qjx8usxkdg77pqexa56gmcexn58aaslh3cnj + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsSko5L1BCOTR1QmZabGw3 + QS9kbDZyWEJvV09MNkNqbTNncjZrOXl6WFZrCmxQelVzbjdvUUl4aVl3UVFVL0Q5 + S0VDNkdvcDZnZytCdjBrZUZYTFlEZncKLS0tIG1NWnlnRGovcWxDL2JYMTc2bEY5 + K29Dd0t6b3FMZjU2cXFBbEw3RktkQlkKCh+jXv65KfAsSR4/0+UWwU5tCphrEEgE + WDbIdUZ8j5xHHQwJ58cU7uQ+BSy0yZlwwr8vPoaKdXQzMgyrQfq3gg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-06-12T22:54:11Z" + mac: ENC[AES256_GCM,data:15EU9VupWfvR8CrfKrX3nhpD60hYB2LY3vuAPvdqzKLliqSqolNj956fOFicfSHvmW/s+7x+M+5FROnOzSbToTZotFtvALQihHH999veGZMx8Q8oIyljT1PBw/SU9djXPI1KjG/zzYOAwu7y/Ffm0QKhMRziH7CQLn30KR0o2w0=,iv:ghdyTvcpgnBi2L9s4UrzwWwt9TeU0WkGquZ64+w9IN8=,tag:4m4hYFgejlEaQROB/OEi6g==,type:str] + pgp: + - created_at: "2025-06-12T22:51:49Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA7zUOKwzpAE7AQ/8ClHQoCuiC0AH28bDit4qjNh/TnYq3IbAdyITOqUYPRc6 + th8MCDY0CfxvzDTLYxTlHH4MNDOiWWTMg/shC8xV3MrAIpEQV79ivYMay04aWpCH + HqlhjBynCwAnJRanc9Ch5zW1wCjpgMp+kMDX8JhhUL0Rmt2fd2nSp4R2bb+/HRvn + vAaDq3TTLkLr1OHcTNKFFbXafGLKMahxkQGRMgD1DIPCLW+nUxerUnlxHo4yjj3B + WKXBVKeWowgBHvelHqUVf6yeSmWZyFDP/jFxFEi75A+BYmwxlQcRDn0L0NKUlMa/ + uF3jtW3XBMS/sLX7aRscBFeEq9XPce9urJK4KPFNVFI3X1WbD6O/Z87Y+MHa2n0s + DuxIwrffpw8p4qSVBAJLbSW1vR/suGh/0Cr31mzo4FJT92A93wc8JdLdpHUfTXL/ + bEbt6M7OSqvIt5/mor7Ad6/HRkEl+sZJnHqeU/qKfAIKKfz5UVG/ZCZDZlVGTmpp + lV9Dn8QjA1ut4lMvACJBocnrlH4T6150ULL0r3gHuVy5YhnGR+LWFdgaCJ4v3f1J + A59eAyQENNMoSGZU/YZx95kFPc1O/GIkmiMpXZxBISN3F70QP30ieqbP1qnZRfMg + GldVAFhfaHct4lujlgRfOkmwcNG3gTIru4wAqg+wzriI9jm9vEoF0MDJs2cwNYTS + XgE32jq6Li59TMUQH9iB4l0cM42QbQ8BcSn6o/NhmF6HHq9W5yuD6EIs4KNfdHv6 + ikgqQuGGO9v7qDMd0piyqeLRGMANepxrR5uMsbFmMnah9RUq9CjRbMADLa+8DeU= + =fEVm + -----END PGP MESSAGE----- + fp: DD0998E6CDF294537FC604F991FA5E5BF9AA901C + unencrypted_suffix: _unencrypted + version: 3.10.2 diff --git a/modules/wg/proxy.nix b/modules/wg/proxy.nix index 3b92b8d..7427829 100644 --- a/modules/wg/proxy.nix +++ b/modules/wg/proxy.nix @@ -71,6 +71,14 @@ publicKey = "dj5/CnTAFe5ELnZ5oWonYc+5VdzDyooTYGb/bqcxf3Y="; privateKeyFile = config.sops.secrets."wg/0xa-proxy".path; }; + "stream" = { + address = [ + "10.89.88.17/24" + "fd31:185d:722f::17/48" + ]; + publicKey = "RDxbOvd/1FSWqIp5v1++wPBcG1hScAT4mhIlMZdvxU4="; + privateKeyFile = config.sops.secrets."wg/0xa-proxy".path; + }; }; } ]; From 22d7c181e3d15bc66712ed0850f34476df274545 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sat, 14 Jun 2025 21:01:52 +0200 Subject: [PATCH 108/111] software changes --- hosts/toaster/default.nix | 2 +- modules/desktop-software.nix | 1 + modules/devtools.nix | 2 +- modules/gnupg.nix | 2 -- 4 files changed, 3 insertions(+), 4 deletions(-) diff --git a/hosts/toaster/default.nix b/hosts/toaster/default.nix index 2b8577b..7e78114 100644 --- a/hosts/toaster/default.nix +++ b/hosts/toaster/default.nix @@ -66,7 +66,7 @@ home = "/home/0xa"; isNormalUser = true; uid = 1000; - shell = pkgs.zsh; + shell = pkgs.fish; }; # This value determines the NixOS release from which the default diff --git a/modules/desktop-software.nix b/modules/desktop-software.nix index cbfba71..998c953 100644 --- a/modules/desktop-software.nix +++ b/modules/desktop-software.nix @@ -17,6 +17,7 @@ mpv obs-studio qbittorrent + transmission_4-gtk signal-desktop spotify telegram-desktop diff --git a/modules/devtools.nix b/modules/devtools.nix index a003e6e..04dfd87 100644 --- a/modules/devtools.nix +++ b/modules/devtools.nix @@ -31,7 +31,7 @@ nix-index kicad kikit - freecad-wayland + freecad-qt6 imhex python3Full nixfmt-rfc-style diff --git a/modules/gnupg.nix b/modules/gnupg.nix index 07b1eef..4cb173c 100644 --- a/modules/gnupg.nix +++ b/modules/gnupg.nix @@ -4,8 +4,6 @@ environment.systemPackages = with pkgs; [ gnupg opensc - - yubikey-personalization-gui ]; # smartcard support From efd0790d4fcab0d7ffad7e4cca390fc0f110ed5b Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sat, 14 Jun 2025 21:02:03 +0200 Subject: [PATCH 109/111] bump lock --- flake.lock | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/flake.lock b/flake.lock index e15b51f..357df38 100644 --- a/flake.lock +++ b/flake.lock @@ -253,11 +253,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1749682763, - "narHash": "sha256-DDhns3NS6L5OlYR0mSX03I5D7uGLyyd3MZegd1wTCyc=", - "rev": "ee0655240270480d7f6063dcf12ec47f04d2ded6", + "lastModified": 1749838547, + "narHash": "sha256-4qJy0n+6P13/XAHPlcjcWK6MDNYd38PkFdI8iCiJYYo=", + "rev": "1e34c3747779a82d59ef27b351d4ed02fb372a2a", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/ee0655240270480d7f6063dcf12ec47f04d2ded6.tar.gz?rev=ee0655240270480d7f6063dcf12ec47f04d2ded6" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/1e34c3747779a82d59ef27b351d4ed02fb372a2a.tar.gz?rev=1e34c3747779a82d59ef27b351d4ed02fb372a2a" }, "original": { "type": "tarball", @@ -339,11 +339,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1749195551, - "narHash": "sha256-W5GKQHgunda/OP9sbKENBZhMBDNu2QahoIPwnsF6CeM=", + "lastModified": 1749832440, + "narHash": "sha256-lfxhuxAaHlYFGr8yOrAXZqdMt8PrFLzjVqH9v3lQaoY=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "4602f7e1d3f197b3cb540d5accf5669121629628", + "rev": "db030f62a449568345372bd62ed8c5be4824fa49", "type": "github" }, "original": { @@ -402,11 +402,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1749285348, - "narHash": "sha256-frdhQvPbmDYaScPFiCnfdh3B/Vh81Uuoo0w5TkWmmjU=", + "lastModified": 1749794982, + "narHash": "sha256-Kh9K4taXbVuaLC0IL+9HcfvxsSUx8dPB5s5weJcc9pc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "3e3afe5174c561dee0df6f2c2b2236990146329f", + "rev": "ee930f9755f58096ac6e8ca94a1887e0534e2d81", "type": "github" }, "original": { From fee7a194db6b6de6c9f2172973bf33dca60bd8d4 Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sat, 14 Jun 2025 21:02:20 +0200 Subject: [PATCH 110/111] plasma still krashes --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 2b085bc..df8420d 100644 --- a/flake.nix +++ b/flake.nix @@ -122,7 +122,7 @@ ./modules/emacs.nix ./modules/gnupg.nix ./modules/mail - ./modules/plasma.nix + ./modules/gnome.nix ./modules/radio.nix ./modules/science.nix ./modules/tlp.nix From e23db8a0b43fccdcb30abdc610a41a2d4b63afdd Mon Sep 17 00:00:00 2001 From: Grisha Shipunov Date: Sat, 14 Jun 2025 21:02:32 +0200 Subject: [PATCH 111/111] make branch spec uniform in inputs --- flake.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.nix b/flake.nix index df8420d..0c04048 100644 --- a/flake.nix +++ b/flake.nix @@ -1,7 +1,7 @@ { inputs = { - nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; - nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; + nixpkgs-unstable.url = "github:nixos/nixpkgs?ref=nixos-unstable"; + nixpkgs.url = "github:NixOS/nixpkgs?ref=nixos-25.05"; flake-utils.url = "github:numtide/flake-utils"; @@ -10,7 +10,7 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - nixos-hardware.url = "github:NixOS/nixos-hardware/master"; + nixos-hardware.url = "github:NixOS/nixos-hardware?ref=master"; microvm = { url = "github:astro/microvm.nix"; @@ -21,7 +21,7 @@ }; lanzaboote = { - url = "github:nix-community/lanzaboote/v0.4.2"; + url = "github:nix-community/lanzaboote?ref=v0.4.2"; inputs.nixpkgs.follows = "nixpkgs-unstable"; };