0xa/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Compare commits

..

No commits in common. "main" and "NTWRKMNGR" have entirely different histories.
main ... NTWRKMNGR

20 changed files with 335 additions and 461 deletions

394
flake.lock generated
View file

@ -7,18 +7,18 @@
"flake-parts": "flake-parts", "flake-parts": "flake-parts",
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
"napalm": "napalm", "napalm": "napalm",
"nixpkgs": "nixpkgs", "nixpkgs": [
"pyproject-build-systems": "pyproject-build-systems", "nixpkgs"
"pyproject-nix": "pyproject-nix", ],
"systems": "systems", "poetry2nix": "poetry2nix",
"uv2nix": "uv2nix" "systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1746874492, "lastModified": 1739612324,
"narHash": "sha256-Gm2Eb5KBxAL6y9WJj7phRMXNAZzVkKlm9Dky9WDZHtQ=", "narHash": "sha256-3RQgKLNSKlcLtdfAo7Zx3+Q+3Bwgy8rx3gZ6ejTeh1w=",
"owner": "nix-community", "owner": "nix-community",
"repo": "authentik-nix", "repo": "authentik-nix",
"rev": "2ef24fac993808a1a57f367ef58ac0f5254c3489", "rev": "efd801f6faecf6caf489fa03dbd6e32e416bec6d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -30,27 +30,33 @@
"authentik-src": { "authentik-src": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1745954192, "lastModified": 1738183650,
"narHash": "sha256-QuIgeu3CN6S44/zSiaj+iIkDz2494mb1MWvD3eYYkVE=", "narHash": "sha256-4XdYlqfd23TVPaJ0R5tEBIpDXLV4mFHdXhIWp5dIvIE=",
"owner": "goauthentik", "owner": "goauthentik",
"repo": "authentik", "repo": "authentik",
"rev": "22412729e2379d645da2ac0c0270a0ac6147945e", "rev": "f1b7a9f934e6b58a1884ba753575eac6267f4b6e",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "goauthentik", "owner": "goauthentik",
"ref": "version/2025.4.0", "ref": "version/2024.12.3",
"repo": "authentik", "repo": "authentik",
"type": "github" "type": "github"
} }
}, },
"crane": { "crane": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"nixpkgs"
]
},
"locked": { "locked": {
"lastModified": 1731098351, "lastModified": 1717535930,
"narHash": "sha256-HQkYvKvaLQqNa10KEFGgWHfMAbWBfFp+4cAgkut+NNE=", "narHash": "sha256-1hZ/txnbd/RmiBPNUs7i8UQw2N89uAK3UzrGAWdnFfU=",
"owner": "ipetkov", "owner": "ipetkov",
"repo": "crane", "repo": "crane",
"rev": "ef80ead953c1b28316cc3f8613904edc2eb90c28", "rev": "55e7754ec31dac78980c8be45f8a28e80e370946",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -96,11 +102,11 @@
"nixpkgs-lib": "nixpkgs-lib" "nixpkgs-lib": "nixpkgs-lib"
}, },
"locked": { "locked": {
"lastModified": 1743550720, "lastModified": 1738453229,
"narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=", "narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "c621e8422220273271f52058f618c94e405bb0f5", "rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -117,11 +123,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1730504689, "lastModified": 1717285511,
"narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", "narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "506278e768c2a08bec68eb62932193e341f55c90", "rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -173,6 +179,24 @@
"inputs": { "inputs": {
"systems": "systems_3" "systems": "systems_3"
}, },
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_4": {
"inputs": {
"systems": "systems_4"
},
"locked": { "locked": {
"lastModified": 1731533236, "lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
@ -229,23 +253,24 @@
"crane": "crane", "crane": "crane",
"flake-compat": "flake-compat_2", "flake-compat": "flake-compat_2",
"flake-parts": "flake-parts_2", "flake-parts": "flake-parts_2",
"flake-utils": "flake-utils_3",
"nixpkgs": [ "nixpkgs": [
"nixpkgs-unstable" "nixpkgs"
], ],
"pre-commit-hooks-nix": "pre-commit-hooks-nix", "pre-commit-hooks-nix": "pre-commit-hooks-nix",
"rust-overlay": "rust-overlay" "rust-overlay": "rust-overlay"
}, },
"locked": { "locked": {
"lastModified": 1737639419, "lastModified": 1718178907,
"narHash": "sha256-AEEDktApTEZ5PZXNDkry2YV2k6t0dTgLPEmAZbnigXU=", "narHash": "sha256-eSZyrQ9uoPB9iPQ8Y5H7gAmAgAvCw3InStmU3oEjqsE=",
"owner": "nix-community", "owner": "nix-community",
"repo": "lanzaboote", "repo": "lanzaboote",
"rev": "a65905a09e2c43ff63be8c0e86a93712361f871e", "rev": "b627ccd97d0159214cee5c7db1412b75e4be6086",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "v0.4.2", "ref": "v0.4.1",
"repo": "lanzaboote", "repo": "lanzaboote",
"type": "github" "type": "github"
} }
@ -253,11 +278,11 @@
"lix": { "lix": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1747347117, "lastModified": 1739546930,
"narHash": "sha256-wsPOuwczt+kJ4vuf3mm6uMv4wnfWP/RNV5Cp/P5nqQw=", "narHash": "sha256-m9s8XjIFd9ByX45/mnsryQa0G5ncMjOBJE4kAOHPoUI=",
"rev": "3f355b8fd1ffbe670d756bcf976a38cbe80bb77b", "rev": "1077bc626e8dfc153524da40eddad46ef893d66e",
"type": "tarball", "type": "tarball",
"url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/3f355b8fd1ffbe670d756bcf976a38cbe80bb77b.tar.gz?rev=3f355b8fd1ffbe670d756bcf976a38cbe80bb77b" "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/1077bc626e8dfc153524da40eddad46ef893d66e.tar.gz?rev=1077bc626e8dfc153524da40eddad46ef893d66e"
}, },
"original": { "original": {
"type": "tarball", "type": "tarball",
@ -266,21 +291,21 @@
}, },
"lix-module": { "lix-module": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_3", "flake-utils": "flake-utils_4",
"flakey-profile": "flakey-profile", "flakey-profile": "flakey-profile",
"lix": [ "lix": [
"lix" "lix"
], ],
"nixpkgs": [ "nixpkgs": [
"nixpkgs-unstable" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"lastModified": 1746839253, "lastModified": 1738176840,
"narHash": "sha256-pRwi8Wn8Yofj459gq+3oIRy8F3SXeEJ6mzfIAUgM9nA=", "narHash": "sha256-NG3IRvRs3u3btVCN861FqHvgOwqcNT/Oy6PBG86F5/E=",
"rev": "58baedd53f9da81fd728a4f3b08c378e5ba9ae58", "rev": "621aae0f3cceaffa6d73a4fb0f89c08d338d729e",
"type": "tarball", "type": "tarball",
"url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/58baedd53f9da81fd728a4f3b08c378e5ba9ae58.tar.gz?rev=58baedd53f9da81fd728a4f3b08c378e5ba9ae58" "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/621aae0f3cceaffa6d73a4fb0f89c08d338d729e.tar.gz?rev=621aae0f3cceaffa6d73a4fb0f89c08d338d729e"
}, },
"original": { "original": {
"type": "tarball", "type": "tarball",
@ -298,15 +323,16 @@
"spectrum": "spectrum" "spectrum": "spectrum"
}, },
"locked": { "locked": {
"lastModified": 1747016581, "lastModified": 1712366957,
"narHash": "sha256-iQrEuBs23Cd+bSfcY85GLykHP0vmGrkVfMwUlzvqMQQ=", "narHash": "sha256-7W3D1Gk6mGlwtV07n6YB/7s3tThcBYknlvDPcoJJSe4=",
"owner": "astro", "owner": "astro",
"repo": "microvm.nix", "repo": "microvm.nix",
"rev": "5aff25e6e861e7d96ce10452ca976c16d073cf16", "rev": "1e746a8987eb893adc8dd317b84e73d72803b650",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "astro", "owner": "astro",
"ref": "v0.5.0",
"repo": "microvm.nix", "repo": "microvm.nix",
"type": "github" "type": "github"
} }
@ -337,13 +363,35 @@
"type": "github" "type": "github"
} }
}, },
"nix-github-actions": {
"inputs": {
"nixpkgs": [
"authentik-nix",
"poetry2nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1729742964,
"narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=",
"owner": "nix-community",
"repo": "nix-github-actions",
"rev": "e04df33f62cdcf93d73e9a04142464753a16db67",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-github-actions",
"type": "github"
}
},
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1747129300, "lastModified": 1738816619,
"narHash": "sha256-L3clA5YGeYCF47ghsI7Tcex+DnaaN/BbQ4dR2wzoiKg=", "narHash": "sha256-5yRlg48XmpcX5b5HesdGMOte+YuCy9rzQkJz+imcu6I=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "e81fd167b33121269149c57806599045fd33eeed", "rev": "2eccff41bab80839b1d25b303b53d339fbb07087",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -355,74 +403,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1746141548, "lastModified": 1739484910,
"narHash": "sha256-IgBWhX7A2oJmZFIrpRuMnw5RAufVnfvOgHWgIdds+hc=", "narHash": "sha256-wjWLzdM7PIq4ZAe7k3vyjtgVJn6b0UeodtRFlM/6W5U=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "f02fddb8acef29a8b32f10a335d44828d7825b78", "rev": "0b73e36b1962620a8ac551a37229dd8662dac5c8",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1743296961,
"narHash": "sha256-b1EdN3cULCqtorQ4QeWgLMrd5ZGOjLSLemfa00heasc=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "e4822aea2a6d1cdd36653c134cacfd64c97ff4fa",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1730741070,
"narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d063c1dd113c91ab27959ba540c0d9753409edf3",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1747179050,
"narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1747209494,
"narHash": "sha256-fLise+ys+bpyjuUUkbwqo5W/UyIELvRz9lPBPoB0fbM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5d736263df906c5da72ab0f372427814de2f52f8",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -432,6 +417,81 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-lib": {
"locked": {
"lastModified": 1738452942,
"narHash": "sha256-vJzFZGaCpnmo7I6i416HaBLpC+hvcURh/BQwROcGIp8=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1710695816,
"narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "614b4613980a522ba49f0d194531beddbb7220d3",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1739446958,
"narHash": "sha256-+/bYK3DbPxMIvSL4zArkMX0LQvS7rzBKXnDXLfKyRVc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "2ff53fe64443980e139eaa286017f53f88336dd0",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"poetry2nix": {
"inputs": {
"flake-utils": [
"authentik-nix",
"flake-utils"
],
"nix-github-actions": "nix-github-actions",
"nixpkgs": [
"authentik-nix",
"nixpkgs"
],
"systems": [
"authentik-nix",
"systems"
],
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1738741221,
"narHash": "sha256-UiTOA89yQV5YNlO1ZAp4IqJUGWOnTyBC83netvt8rQE=",
"owner": "nix-community",
"repo": "poetry2nix",
"rev": "be1fe795035d3d36359ca9135b26dcc5321b31fb",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "poetry2nix",
"type": "github"
}
},
"pre-commit-hooks-nix": { "pre-commit-hooks-nix": {
"inputs": { "inputs": {
"flake-compat": [ "flake-compat": [
@ -446,11 +506,11 @@
"nixpkgs-stable": "nixpkgs-stable" "nixpkgs-stable": "nixpkgs-stable"
}, },
"locked": { "locked": {
"lastModified": 1731363552, "lastModified": 1717664902,
"narHash": "sha256-vFta1uHnD29VUY4HJOO/D6p6rxyObnf+InnSMT4jlMU=", "narHash": "sha256-7XfBuLULizXjXfBYy/VV+SpYMHreNRHk9nKMsm1bgb4=",
"owner": "cachix", "owner": "cachix",
"repo": "pre-commit-hooks.nix", "repo": "pre-commit-hooks.nix",
"rev": "cd1af27aa85026ac759d5d3fccf650abe7e1bbf0", "rev": "cc4d466cb1254af050ff7bdf47f6d404a7c646d1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -459,56 +519,6 @@
"type": "github" "type": "github"
} }
}, },
"pyproject-build-systems": {
"inputs": {
"nixpkgs": [
"authentik-nix",
"nixpkgs"
],
"pyproject-nix": [
"authentik-nix",
"pyproject-nix"
],
"uv2nix": [
"authentik-nix",
"uv2nix"
]
},
"locked": {
"lastModified": 1744599653,
"narHash": "sha256-nysSwVVjG4hKoOjhjvE6U5lIKA8sEr1d1QzEfZsannU=",
"owner": "pyproject-nix",
"repo": "build-system-pkgs",
"rev": "7dba6dbc73120e15b558754c26024f6c93015dd7",
"type": "github"
},
"original": {
"owner": "pyproject-nix",
"repo": "build-system-pkgs",
"type": "github"
}
},
"pyproject-nix": {
"inputs": {
"nixpkgs": [
"authentik-nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1746146146,
"narHash": "sha256-60+mzI2lbgn+G8F5mz+cmkDvHFn4s5oqcOna1SzYy74=",
"owner": "pyproject-nix",
"repo": "pyproject.nix",
"rev": "3e9623bdd86a3c545e82b7f97cfdba5f07232d9a",
"type": "github"
},
"original": {
"owner": "pyproject-nix",
"repo": "pyproject.nix",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"authentik-nix": "authentik-nix", "authentik-nix": "authentik-nix",
@ -518,7 +528,7 @@
"lix-module": "lix-module", "lix-module": "lix-module",
"microvm": "microvm", "microvm": "microvm",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs",
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable",
"sops-nix": "sops-nix", "sops-nix": "sops-nix",
"tmux-yank": "tmux-yank", "tmux-yank": "tmux-yank",
@ -527,17 +537,21 @@
}, },
"rust-overlay": { "rust-overlay": {
"inputs": { "inputs": {
"flake-utils": [
"lanzaboote",
"flake-utils"
],
"nixpkgs": [ "nixpkgs": [
"lanzaboote", "lanzaboote",
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"lastModified": 1731897198, "lastModified": 1717813066,
"narHash": "sha256-Ou7vLETSKwmE/HRQz4cImXXJBr/k9gp4J4z/PF8LzTE=", "narHash": "sha256-wqbRwq3i7g5EHIui0bIi84mdqZ/It1AXBSLJ5tafD28=",
"owner": "oxalica", "owner": "oxalica",
"repo": "rust-overlay", "repo": "rust-overlay",
"rev": "0be641045af6d8666c11c2c40e45ffc9667839b5", "rev": "6dc3e45fe4aee36efeed24d64fc68b1f989d5465",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -553,11 +567,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1746485181, "lastModified": 1739262228,
"narHash": "sha256-PxrrSFLaC7YuItShxmYbMgSuFFuwxBB+qsl9BZUnRvg=", "narHash": "sha256-7JAGezJ0Dn5qIyA2+T4Dt/xQgAbhCglh6lzCekTVMeU=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "e93ee1d900ad264d65e9701a5c6f895683433386", "rev": "07af005bb7d60c7f118d9d9f5530485da5d1e975",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -569,11 +583,11 @@
"spectrum": { "spectrum": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1746869549, "lastModified": 1708358594,
"narHash": "sha256-BKZ/yZO/qeLKh9YqVkKB6wJiDQJAZNN5rk5NsMImsWs=", "narHash": "sha256-e71YOotu2FYA67HoC/voJDTFsiPpZNRwmiQb4f94OxQ=",
"ref": "refs/heads/main", "ref": "refs/heads/main",
"rev": "d927e78530892ec8ed389e8fae5f38abee00ad87", "rev": "6d0e73864d28794cdbd26ab7b37259ab0e1e044c",
"revCount": 862, "revCount": 614,
"type": "git", "type": "git",
"url": "https://spectrum-os.org/git/spectrum" "url": "https://spectrum-os.org/git/spectrum"
}, },
@ -627,6 +641,21 @@
"type": "github" "type": "github"
} }
}, },
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"tmux-yank": { "tmux-yank": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -643,28 +672,25 @@
"type": "github" "type": "github"
} }
}, },
"uv2nix": { "treefmt-nix": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"authentik-nix", "authentik-nix",
"poetry2nix",
"nixpkgs" "nixpkgs"
],
"pyproject-nix": [
"authentik-nix",
"pyproject-nix"
] ]
}, },
"locked": { "locked": {
"lastModified": 1746048139, "lastModified": 1730120726,
"narHash": "sha256-LdCLyiihLg6P2/mjzP0+W7RtraDSIaJJPTy6SCtW5Ag=", "narHash": "sha256-LqHYIxMrl/1p3/kvm2ir925tZ8DkI0KA10djk8wecSk=",
"owner": "pyproject-nix", "owner": "numtide",
"repo": "uv2nix", "repo": "treefmt-nix",
"rev": "680e2f8e637bc79b84268949d2f2b2f5e5f1d81c", "rev": "9ef337e492a5555d8e17a51c911ff1f02635be15",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "pyproject-nix", "owner": "numtide",
"repo": "uv2nix", "repo": "treefmt-nix",
"type": "github" "type": "github"
} }
}, },

35
flake.nix
View file

@ -13,7 +13,7 @@
nixos-hardware.url = "github:NixOS/nixos-hardware/master"; nixos-hardware.url = "github:NixOS/nixos-hardware/master";
microvm = { microvm = {
url = "github:astro/microvm.nix"; url = "github:astro/microvm.nix/v0.5.0";
inputs = { inputs = {
nixpkgs.follows = "nixpkgs"; nixpkgs.follows = "nixpkgs";
flake-utils.follows = "flake-utils"; flake-utils.follows = "flake-utils";
@ -21,12 +21,13 @@
}; };
lanzaboote = { lanzaboote = {
url = "github:nix-community/lanzaboote/v0.4.2"; url = "github:nix-community/lanzaboote/v0.4.1";
inputs.nixpkgs.follows = "nixpkgs-unstable"; inputs.nixpkgs.follows = "nixpkgs";
}; };
authentik-nix = { authentik-nix = {
url = "github:nix-community/authentik-nix"; url = "github:nix-community/authentik-nix";
inputs.nixpkgs.follows = "nixpkgs";
}; };
lix = { lix = {
@ -36,7 +37,7 @@
lix-module = { lix-module = {
url = "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz"; url = "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz";
inputs.nixpkgs.follows = "nixpkgs-unstable"; inputs.nixpkgs.follows = "nixpkgs";
inputs.lix.follows = "lix"; inputs.lix.follows = "lix";
}; };
@ -60,7 +61,6 @@
microvm, microvm,
nixos-hardware, nixos-hardware,
nixpkgs, nixpkgs,
nixpkgs-unstable,
sops-nix, sops-nix,
... ...
}: }:
@ -68,21 +68,19 @@
{ {
nixosConfigurations = nixosConfigurations =
let let
microvm-stable-list = [ microvm-list = [
"auth"
"conduwuit" "conduwuit"
"forgejo" "forgejo"
"immich"
"miniflux" "miniflux"
"radicale" "radicale"
]; ];
microvm-unstable-list = [
"auth"
"immich"
];
microvm-builder = (nixpkgs-ver: vm-list: builtins.listToAttrs ( microvms = builtins.listToAttrs (
map (vm: { map (vm: {
name = vm; name = vm;
value = nixpkgs-ver.lib.nixosSystem { value = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { inherit inputs; }; specialArgs = { inherit inputs; };
modules = [ modules = [
@ -94,14 +92,12 @@
./modules/wg ./modules/wg
]; ];
}; };
}) vm-list }) microvm-list
)); );
microvms = (microvm-builder nixpkgs microvm-stable-list)
// (microvm-builder nixpkgs-unstable microvm-unstable-list);
in in
microvms microvms
// { // {
toaster = nixpkgs-unstable.lib.nixosSystem { toaster = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { inherit inputs; }; specialArgs = { inherit inputs; };
modules = [ modules = [
@ -121,7 +117,8 @@
./modules/science.nix ./modules/science.nix
./modules/tlp.nix ./modules/tlp.nix
./modules/virtualization.nix ./modules/virtualization.nix
./modules/emacs.nix ./hosts/toaster/secure-boot.nix
./modules/chromium.nix
./modules/mail ./modules/mail
./modules/wg ./modules/wg
]; ];
@ -156,7 +153,7 @@
./modules/wg ./modules/wg
{ {
config.microvm.autostart = microvm-stable-list ++ microvm-unstable-list; config.microvm.autostart = microvm-list;
} }
]; ];
}; };

2
hosts/forgejo/default.nix
View file

@ -18,7 +18,7 @@ in
microvm = { microvm = {
hypervisor = "qemu"; hypervisor = "qemu";
mem = 3 * 1024; mem = 3 * 1024;
balloon = true; balloonMem = 4 * 1024;
vcpu = 4; vcpu = 4;
interfaces = [ interfaces = [
{ {

6
hosts/immich/immich.nix
View file

@ -1,7 +1,12 @@
{ {
config, config,
inputs,
pkgs,
... ...
}: }:
let
immich-latest = inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}.immich;
in
{ {
sops.secrets."immich.yaml" = { sops.secrets."immich.yaml" = {
sopsFile = ./immich.yaml; sopsFile = ./immich.yaml;
@ -11,6 +16,7 @@
services.immich = { services.immich = {
enable = true; enable = true;
package = immich-latest;
host = "10.89.88.13"; host = "10.89.88.13";
redis.enable = true; redis.enable = true;
database.createDB = true; database.createDB = true;

21
hosts/toaster/0xa-home.nix
View file

@ -1,21 +0,0 @@
{ pkgs, ... }:
{
home.stateVersion = "24.11";
home.pointerCursor = {
name = "Banana";
size = 32;
package = pkgs.banana-cursor;
x11.enable = true;
gtk.enable = true;
};
gtk = {
enable = true;
cursorTheme = {
name = "Banana";
size = 32;
package = pkgs.banana-cursor;
};
};
}

8
hosts/toaster/default.nix
View file

@ -46,11 +46,6 @@
supportedLocales = [ "all" ]; supportedLocales = [ "all" ];
}; };
# support ddc brigtness control
hardware.i2c.enable = true;
boot.kernelModules = [ "i2c-dev" ];
environment.systemPackages = [ pkgs.ddcutil ];
users.users."0xa" = { users.users."0xa" = {
extraGroups = [ extraGroups = [
"wheel" "wheel"
@ -60,7 +55,6 @@
"bluetooth" "bluetooth"
"libvirtd" "libvirtd"
"qemu-libvirtd" "qemu-libvirtd"
"i2c"
]; ];
group = "users"; group = "users";
home = "/home/0xa"; home = "/home/0xa";
@ -69,6 +63,8 @@
shell = pkgs.fish; shell = pkgs.fish;
}; };
services.emacs.defaultEditor = false;
# This value determines the NixOS release from which the default # This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions # settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave # on your system were taken. Its perfectly fine and recommended to leave

6
hosts/toaster/hardware-configuration.nix
View file

@ -49,12 +49,6 @@
options = [ "zfsutil" ]; options = [ "zfsutil" ];
}; };
fileSystems."/tmp" = {
device = "zpool/nocomp/tmp";
fsType = "zfs";
options = [ "zfsutil" ];
};
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/A170-F83D"; device = "/dev/disk/by-uuid/A170-F83D";
fsType = "vfat"; fsType = "vfat";

71
hosts/toaster/network/full-networkd.nix
View file

@ -1,71 +0,0 @@
{ lib, pkgs, ... }:
{
imports = [
./mullvad.nix
./dumpdvb.nix
./zw.nix
];
environment.systemPackages = with pkgs; [
iwgtk
impala
];
# kick out networkmanager
networking.networkmanager.enable = lib.mkForce false;
networking.useNetworkd = true;
systemd.network.enable = true;
networking = {
hostName = "toaster";
firewall.enable = true;
wireguard.enable = true;
wireless.iwd.enable = true;
};
services.resolved = {
enable = true;
dnssec = "false";
fallbackDns = [
"9.9.9.9"
"2620:fe::fe"
"149.112.112.112"
"2620:fe::9"
];
};
# we might have no interwebs at all
systemd.network.wait-online.enable = false;
# uplinks
systemd.network.networks = {
"10-ether-uplink" = {
matchConfig.Name = "enp1s0f0";
networkConfig = {
DHCP = "yes";
IPv6AcceptRA = true;
};
};
"10-dock-uplink" = {
matchConfig.Name = "enp5s0f4u1u1";
networkConfig = {
DHCP = "yes";
IPv6AcceptRA = true;
};
dhcpV4Config = {
RouteMetric = 666;
};
dhcpV6Config = {
RouteMetric = 666;
};
};
"wlan-uplink" = {
matchConfig.Name = "wlan0";
networkConfig = {
DHCP = "yes";
IPv6AcceptRA = true;
};
};
};
}

3
hosts/toaster/zfs.nix
View file

@ -19,7 +19,6 @@
supportedFilesystems = [ "zfs" ]; supportedFilesystems = [ "zfs" ];
kernelParams = [ "nohibernate" ]; kernelParams = [ "nohibernate" ];
plymouth.enable = false; plymouth.enable = false;
tmp.useTmpfs = false; tmp.useTmpfs = true;
tmp.cleanOnBoot = true;
}; };
} }

12
modules/basic-tools/default.nix
View file

@ -39,6 +39,7 @@
exfatprogs exfatprogs
nmap nmap
bind bind
nnn
lf lf
man-pages man-pages
unzip unzip
@ -49,17 +50,8 @@
sshfs sshfs
whois whois
mtr mtr
joshuto
] ]
++ ( ++ (if config.networking.hostName == "toaster" then [ gitFull git-lfs ] else [ git ]);
if config.networking.hostName == "toaster" then
[
gitFull
git-lfs
]
else
[ git ]
);
environment.variables = environment.variables =
let let

2
modules/basic-tools/fish.nix
View file

@ -5,7 +5,7 @@
fzf fzf
fishPlugins.done fishPlugins.done
fishPlugins.fzf-fish fishPlugins.fzf-fish
fishPlugins.tide fishPlugins.hydro
]; ];
programs.fish = { programs.fish = {

14
modules/basic-tools/nix.nix
View file

@ -1,5 +1,7 @@
{ {
lib,
pkgs, pkgs,
inputs,
... ...
}: }:
{ {
@ -14,10 +16,14 @@
# nix output-monitor # nix output-monitor
environment.systemPackages = [ pkgs.nix-output-monitor ]; environment.systemPackages = [ pkgs.nix-output-monitor ];
nixpkgs.flake = { # override default nix shell nixpkgs# behaviour to use current flake lock
setFlakeRegistry = true; nix.registry =
setNixPath = true; let
}; flakes = lib.filterAttrs (_name: value: value ? outputs) inputs.self.inputs;
in
builtins.mapAttrs (_name: v: { flake = v; }) flakes;
nix.nixPath = lib.mapAttrsToList (name: value: "${name}=${value.outPath}") inputs.self.inputs;
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
} }

20
modules/chromium.nix
View file

@ -2,23 +2,24 @@
{ {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
(chromium.override { enableWideVine = true; }) chromium
]; ];
nixpkgs.config.chromium.commandLineArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland --ignore-gpu-blocklist --enable-gpu-rasterization --enable-zero-copy --enable-features=VaapiVideoDecoder,VaapiVideoEncoder,CanvasOopRasterization,WebUIDarkMode"; nixpkgs.config.chromium.commandLineArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland --force-dark-mode --ignore-gpu-blocklist --enable-gpu-rasterization --enable-zero-copy --enable-features=VaapiVideoDecoder,VaapiVideoEncoder,CanvasOopRasterization,WebUIDarkMode";
programs.chromium = { programs.chromium = {
enable = true; enable = true;
extensions = [ extensions = [
# "pkehgijcmpdhfbdbbnkijodmdjhbjlgp" # privacy badger
"ekhagklcjbdpajgpjgmbionohlpdbjgc" # zotero connector "ekhagklcjbdpajgpjgmbionohlpdbjgc" # zotero connector
"nngceckbapebfimnlniiiahkandclblb" # bitwarden "nngceckbapebfimnlniiiahkandclblb" # bitwarden
"ddkjiahejlhfcafbddmgiahcphecmpfh" # ublock lite # "cjpalhdlnbpafiamejdnhcphjbkeiagm" # ublock origin
# "ddkjiahejlhfcafbddmgiahcphecmpfh" # ublock lite
"mnjggcdmjocbbbhaepdhchncahnbgone" # sponsorblock "mnjggcdmjocbbbhaepdhchncahnbgone" # sponsorblock
"khncfooichmfjbepaaaebmommgaepoid" # unhook
]; ];
extraOpts = { extraOpts = {
"BrowserSignin" = 0; "BrowserSignin" = 0;
"SyncDisabled" = true; # "SyncDisabled" = true;
"PasswordManagerEnabled" = false; "PasswordManagerEnabled" = false;
"TranslateEnabled" = false; "TranslateEnabled" = false;
"AutofillAddressEnabled" = false; "AutofillAddressEnabled" = false;
@ -26,15 +27,10 @@
"AutoplayAllowed" = false; "AutoplayAllowed" = false;
"DefaultNotificationSetting" = 2; "DefaultNotificationSetting" = 2;
"BackgroundModeEnabled" = false; "BackgroundModeEnabled" = false;
"DefaultSearchProviderEnabled" = true; # "DefaultSearchProviderEnabled" = true;
# "DefaultSearchProviderSearchURL" = "https://google.com/search?q={searchTerms}"; # "DefaultSearchProviderSearchURL" = "https://google.com/search?q={searchTerms}";
"DefaultSearchProviderSearchURL" = "https://duckduckgo.com/?q={searchTerms}"; # "DefaultSearchProviderSearchURL" = "https://duckduckgo.com/?q={searchTerms}";
"SearchSuggestEnable" = false; "SearchSuggestEnable" = false;
"BlockThirdPartyCookies" = true;
"PrivacySandboxAdMeasurementEnabled" = false;
"PrivacySandboxAdTopicsEnabled" = false;
"PrivacySandboxPromptEnabled" = false;
"PrivacySandboxSiteEnabledAdsEnabled" = false;
}; };
}; };
} }

13
modules/desktop-software.nix
View file

@ -1,26 +1,23 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
imports = [
./chromium.nix
];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
audacity
blender blender
dino dino
ffmpeg-full ffmpeg-full
firefox-wayland
vivaldi
vivaldi-ffmpeg-codecs
gimp gimp
inkscape inkscape
signal-desktop signal-desktop
telegram-desktop tdesktop
tor-browser tor-browser
wl-clipboard wl-clipboard
yt-dlp yt-dlp
element-desktop element-desktop
discord discord
spotify
mpv mpv
# dwarf-fortress-packages.dwarf-fortress-full
obs-studio
firefox
]; ];
programs.steam.enable = true; programs.steam.enable = true;
} }

12
modules/devtools.nix
View file

@ -1,5 +1,8 @@
{ {
pkgs, pkgs,
inputs,
config,
lib,
... ...
}: }:
{ {
@ -13,6 +16,11 @@
kikit-library kikit-library
]; ];
}; };
# binwalk v3 on 24.11
sys_ver = config.system.nixos.release;
unstablepkgs = inputs.nixpkgs-unstable.legacyPackages.${pkgs.system};
binwalkv3 = if lib.versionOlder "25.05" sys_ver then binwalk else unstablepkgs.binwalk;
in in
[ [
# general # general
@ -21,7 +29,7 @@
gef gef
gdb gdb
binutils binutils
binwalk binwalkv3
clang clang
clang-tools clang-tools
direnv direnv
@ -33,7 +41,7 @@
kikit kikit
freecad-wayland freecad-wayland
imhex imhex
python3Full python313Full
nixfmt-rfc-style nixfmt-rfc-style
treefmt treefmt
android-tools android-tools

37
modules/emacs.nix
View file

@ -1,37 +0,0 @@
{
pkgs,
lib,
...
}:
{
environment.systemPackages = with pkgs; [
direnv
mu
];
services.emacs = {
install = true;
enable = false;
package =
with pkgs;
(
(emacsPackagesFor (
emacs-pgtk.overrideAttrs (old: {
passthru = old.passthru // {
treeSitter = true;
};
})
)).emacsWithPackages
(
epkgs: with epkgs; [
treesit-grammars.with-all-grammars
vterm
pdf-tools
mu4e
]
)
);
defaultEditor = lib.mkDefault true;
};
}

4
modules/fonts.nix
View file

@ -1,7 +1,6 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
fonts.packages = with pkgs; [ fonts.packages = with pkgs; [
adwaita-fonts
monoid monoid
font-awesome font-awesome
dejavu_fonts dejavu_fonts
@ -27,8 +26,7 @@
twemoji-color-font twemoji-color-font
twitter-color-emoji twitter-color-emoji
iosevka-bin iosevka-bin
cozette (nerdfonts.override { fonts = [ "Hack" ]; })
nerd-fonts.hack
]; ];
fonts.enableDefaultPackages = true; fonts.enableDefaultPackages = true;

11
modules/gnome.nix
View file

@ -8,17 +8,12 @@
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
amberol amberol
celluloid celluloid
ddcutil
gnome-console gnome-console
gnome-obfuscate gnome-obfuscate
gnome-boxes gnome-boxes
gnome-tweaks gnome-tweaks
qbittorrent qbittorrent
gnomeExtensions.caffeine gnomeExtensions.caffeine
gnomeExtensions.brightness-control-using-ddcutil
spotify
ghostty
fractal
]; ];
environment.gnome.excludePackages = with pkgs; [ environment.gnome.excludePackages = with pkgs; [
@ -42,6 +37,12 @@
}; };
}; };
qt = {
enable = true;
platformTheme = "gnome";
style = "adwaita-dark";
};
services.xserver = { services.xserver = {
enable = true; enable = true;
desktopManager.gnome.enable = true; desktopManager.gnome.enable = true;

2
modules/radio.nix
View file

@ -5,7 +5,7 @@
gnuradio gnuradio
gqrx gqrx
cubicsdr cubicsdr
# sdrangel # broken package sdrangel
multimon-ng multimon-ng
sox sox

123
modules/niri.nix → modules/sway.nix
View file

@ -1,74 +1,30 @@
# General Desktop-related config # General Desktop-related config
{ pkgs, inputs, ... }: { pkgs, ... }:
{ {
nixpkgs.overlays = [ inputs.niri.overlays.niri ];
programs.niri.enable = true;
imports = [ imports = [
./desktop-software.nix ./desktop-software.nix
./fonts.nix ./fonts.nix
]; ];
environment.systemPackages = environment.systemPackages = with pkgs; [
let screen-message
xwayland-satellite-git = pkgs.xwayland-satellite.overrideAttrs ( qbittorrent
final: prev: { gajim
version = "git"; imv
cargoHash = "sha256-MaF2FyR3HvQAKkZKa8OO/5jbO64/Ncv7+JqHda4jN50="; swayimg
src = pkgs.fetchFromGitHub { mpv
owner = "Supreeeme"; evince
repo = "xwayland-satellite"; brightnessctl
rev = "cca74a5f6b23742d77dc5db4312dfc40fd4a0fcc"; pulsemixer
sha256 = "sha256-YZ+axsuNsgIKWfnRkt6Qa9UoKfUOIWf42vNUonXxmxM="; cmus
}; termusic
cargoDeps = pkgs.rustPlatform.fetchCargoTarball { gsettings-desktop-schemas
inherit (final) pname src version; xdg-utils
hash = final.cargoHash; foot
}; qt5.qtwayland
} bashmount
); nautilus
in audacity
with pkgs; ];
[
screen-message
qbittorrent
gajim
imv
mpv
evince
brightnessctl
pulsemixer
cmus
termusic
gsettings-desktop-schemas
xdg-utils
qt5.qtwayland
bashmount
audacity
spotify-player
zathura
ncdu
adwaita-icon-theme
bluetui
gammastep
graphicsmagick
i3status-rust
impala
kanshi
pamixer
swayidle
swaylock
wl-clipboard
xfce.thunar
banana-cursor
fuzzel
alacritty
i3bar-river
mako
swww
oculante
xwayland-satellite-git
];
# Enable sound. # Enable sound.
security.rtkit.enable = true; security.rtkit.enable = true;
@ -92,14 +48,45 @@
programs.light.enable = true; programs.light.enable = true;
programs.xwayland.enable = true; programs.xwayland.enable = true;
programs.sway = {
enable = true;
wrapperFeatures.gtk = true;
extraSessionCommands = ''
export SDL_VIDEODRIVER=wayland
export QT_QPA_PLATFORM=wayland-egl
export QT_WAYLAND_DISABLE_WINDOWDECORATION="1"
export QT_QPA_PLATFORMTHEME="gnome"
export QT_STYLE_OVERRIDE="adwaita-dark"
# export WLR_DRM_NO_ATOMIC=1
'';
extraPackages = with pkgs; [
adwaita-icon-theme
alacritty
bluetui
foot
gammastep
graphicsmagick
grim
i3status-rust
impala
kanshi
mako
pamixer
rofi-wayland
slurp
swayidle
swaylock
wl-clipboard
wl-mirror
];
};
environment.sessionVariables = { environment.sessionVariables = {
GTK_THEME = "Adwaita:dark"; GTK_THEME = "Adwaita:dark";
}; };
xdg.portal = { xdg.portal = {
enable = true; enable = true;
wlr.enable = true; wlr.enable = true;
extraPortals = [ pkgs.xdg-desktop-portal-gnome ]; extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
}; };
services.udisks2.enable = true; services.udisks2.enable = true;
@ -127,7 +114,7 @@
enable = true; enable = true;
settings = { settings = {
default_session = { default_session = {
command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --greeting \"$(${pkgs.fortune}/bin/fortune -s)\" --cmd ${pkgs.niri-stable}/bin/niri-session"; command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --greeting \"$(${pkgs.fortune}/bin/fortune -s)\" --cmd ${pkgs.sway}/bin/sway";
}; };
}; };
}; };