Compare commits
6 commits
bb62f17eb7
...
3fa179bf42
Author | SHA1 | Date | |
---|---|---|---|
3fa179bf42 | |||
41e790c18d | |||
|
0c94af6a6a | ||
e4fd19a3b2 | |||
76455d5085 | |||
6b6dab4bbc |
27 changed files with 121 additions and 154 deletions
|
@ -134,10 +134,13 @@ nixos-install --no-root-passwd --flake .#omega
|
||||||
`hosts/*/hardware.nix`, while initially generated by `nixos-generate-config
|
`hosts/*/hardware.nix`, while initially generated by `nixos-generate-config
|
||||||
--show-hardware-config`, _is_ manually modified.
|
--show-hardware-config`, _is_ manually modified.
|
||||||
|
|
||||||
### State Version
|
### Upgrading
|
||||||
Nixpkgs uses `stateVersion` so sparingly that auditing the entire nixpkgs repo
|
Nixpkgs uses `stateVersion` so sparingly that auditing the entire nixpkgs repo
|
||||||
is [easy
|
is [easy
|
||||||
enough](https://sourcegraph.com/search?q=context%3Aglobal+repo%3A%5Egithub%5C.com%3FNixOS%2Fnixpkgs%24++lang%3ANix+stateVersion+AND+23.11).
|
enough](https://sourcegraph.com/search?q=context:global+repo:%5Egithub%5C.com/NixOS/nixpkgs%24+lang:Nix+stateVersion+AND+24.05&patternType=keyword&sm=0).
|
||||||
|
Important changes to home-manager is available at
|
||||||
|
<https://nix-community.github.io/home-manager/release-notes.xhtml> and
|
||||||
|
<https://github.com/nix-community/home-manager/blob/master/modules/misc/news.nix>.
|
||||||
|
|
||||||
|
|
||||||
## Useful Commands
|
## Useful Commands
|
||||||
|
|
120
flake.lock
120
flake.lock
|
@ -44,11 +44,11 @@
|
||||||
"flake-compat": {
|
"flake-compat": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1668681692,
|
"lastModified": 1696426674,
|
||||||
"narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
|
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||||
"owner": "edolstra",
|
"owner": "edolstra",
|
||||||
"repo": "flake-compat",
|
"repo": "flake-compat",
|
||||||
"rev": "009399224d5e398d03b22badca40a37ac85412a1",
|
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -64,16 +64,16 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1716729592,
|
"lastModified": 1716736833,
|
||||||
"narHash": "sha256-Y3bOjoh2cFBqZN0Jw1zUdyr7tjygyxl2bD/QY73GZP0=",
|
"narHash": "sha256-rNObca6dm7Qs524O4st8VJH6pZ/Xe1gxl+Rx6mcWYo0=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "2c78a57c544dd19b07442350727ced097e1aa6e6",
|
"rev": "a631666f5ec18271e86a5cde998cba68c33d9ac6",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"ref": "release-23.11",
|
"ref": "release-24.05",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
|
@ -85,11 +85,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1717097707,
|
"lastModified": 1717316182,
|
||||||
"narHash": "sha256-HC5vJ3oYsjwsCaSbkIPv80e4ebJpNvFKQTBOGlHvjLs=",
|
"narHash": "sha256-Xi0EpZcu39N0eW7apLjFfUOR9y80toyjYizez7J1wMI=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "0eb314b4f0ba337e88123e0b1e57ef58346aafd9",
|
"rev": "9b53a10f4c91892f5af87cf55d08fba59ca086af",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -121,11 +121,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1716772633,
|
"lastModified": 1717297675,
|
||||||
"narHash": "sha256-Idcye44UW+EgjbjCoklf2IDF+XrehV6CVYvxR1omst4=",
|
"narHash": "sha256-43UmlS1Ifx17y93/Vc258U7bOlAAIZbu8dsGDHOIIr0=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nix-index-database",
|
"repo": "nix-index-database",
|
||||||
"rev": "ff80cb4a11bb87f3ce8459be6f16a25ac86eb2ac",
|
"rev": "972a52bee3991ae1f1899e6452e0d7c01ee566d9",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -136,11 +136,11 @@
|
||||||
},
|
},
|
||||||
"nixos-hardware": {
|
"nixos-hardware": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1716987116,
|
"lastModified": 1717248095,
|
||||||
"narHash": "sha256-uuEkErFVsFdg2K0cKbNQ9JlFSAm/xYqPr4rbPLI91Y8=",
|
"narHash": "sha256-e8X2eWjAHJQT82AAN+mCI0B68cIDBJpqJ156+VRrFO0=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixos-hardware",
|
"repo": "nixos-hardware",
|
||||||
"rev": "8251761f93d6f5b91cee45ac09edb6e382641009",
|
"rev": "7b49d3967613d9aacac5b340ef158d493906ba79",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -152,57 +152,27 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1716991068,
|
"lastModified": 1717144377,
|
||||||
"narHash": "sha256-Av0UWCCiIGJxsZ6TFc+OiKCJNqwoxMNVYDBChmhjNpo=",
|
"narHash": "sha256-F/TKWETwB5RaR8owkPPi+SPJh83AQsm6KrQAlJ8v/uA=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "25cf937a30bf0801447f6bf544fc7486c6309234",
|
"rev": "805a384895c696f802a9bf5bf4720f37385df547",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"ref": "nixos-23.11",
|
"ref": "nixos-24.05",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs-23_05": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1704290814,
|
|
||||||
"narHash": "sha256-LWvKHp7kGxk/GEtlrGYV68qIvPHkU9iToomNFGagixU=",
|
|
||||||
"owner": "NixOS",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"id": "nixpkgs",
|
|
||||||
"ref": "nixos-23.05",
|
|
||||||
"type": "indirect"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"nixpkgs-23_11": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1706098335,
|
|
||||||
"narHash": "sha256-r3dWjT8P9/Ah5m5ul4WqIWD8muj5F+/gbCdjiNVBKmU=",
|
|
||||||
"owner": "NixOS",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "a77ab169a83a4175169d78684ddd2e54486ac651",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"id": "nixpkgs",
|
|
||||||
"ref": "nixos-23.11",
|
|
||||||
"type": "indirect"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"nixpkgs-unstable": {
|
"nixpkgs-unstable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1716948383,
|
"lastModified": 1717196966,
|
||||||
"narHash": "sha256-SzDKxseEcHR5KzPXLwsemyTR/kaM9whxeiJohbL04rs=",
|
"narHash": "sha256-yZKhxVIKd2lsbOqYd5iDoUIwsRZFqE87smE2Vzf6Ck0=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "ad57eef4ef0659193044870c731987a6df5cf56b",
|
"rev": "57610d2f8f0937f39dbd72251e9614b1561942d8",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -228,11 +198,11 @@
|
||||||
},
|
},
|
||||||
"secrets": {
|
"secrets": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1717157873,
|
"lastModified": 1717366287,
|
||||||
"narHash": "sha256-83FNu9/bO88ubXOUakzRfBvJJYLbIlN+fVtAtVy/as8=",
|
"narHash": "sha256-WEeB72ELO+frVaTQHOyMymoAB0vAAaVM9qSQ/6K5HkU=",
|
||||||
"ref": "refs/heads/master",
|
"ref": "refs/heads/master",
|
||||||
"rev": "3369fe960dfa17dc4b3a3f84f10fd30e49fee75f",
|
"rev": "8a19e91e0a30f444d77da33dd1f44979f7774e92",
|
||||||
"revCount": 41,
|
"revCount": 42,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "ssh://git@git.caspervk.net/caspervk/nixos-secrets.git"
|
"url": "ssh://git@git.caspervk.net/caspervk/nixos-secrets.git"
|
||||||
},
|
},
|
||||||
|
@ -248,22 +218,20 @@
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
],
|
],
|
||||||
"nixpkgs-23_05": "nixpkgs-23_05",
|
|
||||||
"nixpkgs-23_11": "nixpkgs-23_11",
|
|
||||||
"utils": "utils"
|
"utils": "utils"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1706219574,
|
"lastModified": 1714720456,
|
||||||
"narHash": "sha256-qO+8UErk+bXCq2ybHU4GzXG4Ejk4Tk0rnnTPNyypW4g=",
|
"narHash": "sha256-e0WFe1BHqX23ADpGBc4ZRu38Mg+GICCZCqyS6EWCbHc=",
|
||||||
"owner": "simple-nixos-mailserver",
|
"owner": "simple-nixos-mailserver",
|
||||||
"repo": "nixos-mailserver",
|
"repo": "nixos-mailserver",
|
||||||
"rev": "e47f3719f1db3e0961a4358d4cb234a0acaa7baf",
|
"rev": "41059fc548088e49e3ddb3a2b4faeb5de018e60f",
|
||||||
"type": "gitlab"
|
"type": "gitlab"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "simple-nixos-mailserver",
|
"owner": "simple-nixos-mailserver",
|
||||||
"ref": "nixos-23.11",
|
|
||||||
"repo": "nixos-mailserver",
|
"repo": "nixos-mailserver",
|
||||||
|
"rev": "41059fc548088e49e3ddb3a2b4faeb5de018e60f",
|
||||||
"type": "gitlab"
|
"type": "gitlab"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
@ -282,13 +250,31 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"utils": {
|
"systems_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1605370193,
|
"lastModified": 1681028828,
|
||||||
"narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=",
|
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"utils": {
|
||||||
|
"inputs": {
|
||||||
|
"systems": "systems_2"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1709126324,
|
||||||
|
"narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-utils",
|
||||||
"rev": "5021eac20303a61fafe17224c087f5519baed54d",
|
"rev": "d465f4819400de7c8d874d50b982301f28a84605",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
@ -6,7 +6,7 @@
|
||||||
url = "git+ssh://git@git.caspervk.net/caspervk/nixos-secrets.git";
|
url = "git+ssh://git@git.caspervk.net/caspervk/nixos-secrets.git";
|
||||||
};
|
};
|
||||||
nixpkgs = {
|
nixpkgs = {
|
||||||
url = "github:NixOS/nixpkgs/nixos-23.11";
|
url = "github:NixOS/nixpkgs/nixos-24.05";
|
||||||
};
|
};
|
||||||
nixpkgs-unstable = {
|
nixpkgs-unstable = {
|
||||||
url = "github:NixOS/nixpkgs/nixos-unstable";
|
url = "github:NixOS/nixpkgs/nixos-unstable";
|
||||||
|
@ -32,7 +32,7 @@
|
||||||
inputs.nixpkgs.follows = "nixpkgs"; # use the same nixpkgs as the system
|
inputs.nixpkgs.follows = "nixpkgs"; # use the same nixpkgs as the system
|
||||||
};
|
};
|
||||||
home-manager = {
|
home-manager = {
|
||||||
url = "github:nix-community/home-manager/release-23.11";
|
url = "github:nix-community/home-manager/release-24.05";
|
||||||
inputs.nixpkgs.follows = "nixpkgs"; # use the same nixpkgs as the system
|
inputs.nixpkgs.follows = "nixpkgs"; # use the same nixpkgs as the system
|
||||||
};
|
};
|
||||||
home-manager-unstable = {
|
home-manager-unstable = {
|
||||||
|
@ -40,7 +40,9 @@
|
||||||
inputs.nixpkgs.follows = "nixpkgs"; # use the same nixpkgs as the system
|
inputs.nixpkgs.follows = "nixpkgs"; # use the same nixpkgs as the system
|
||||||
};
|
};
|
||||||
simple-nixos-mailserver = {
|
simple-nixos-mailserver = {
|
||||||
url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-23.11";
|
# TODO
|
||||||
|
# url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-24.05";
|
||||||
|
url = "gitlab:simple-nixos-mailserver/nixos-mailserver/41059fc548088e49e3ddb3a2b4faeb5de018e60f";
|
||||||
inputs.nixpkgs.follows = "nixpkgs"; # use the same nixpkgs as the system
|
inputs.nixpkgs.follows = "nixpkgs"; # use the same nixpkgs as the system
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -27,7 +27,7 @@
|
||||||
# this value at the release version of the first install of this system.
|
# this value at the release version of the first install of this system.
|
||||||
# Before changing this value read the documentation for this option
|
# Before changing this value read the documentation for this option
|
||||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||||
system.stateVersion = "23.11"; # Did you read the comment?
|
system.stateVersion = "24.05"; # Did you read the comment?
|
||||||
|
|
||||||
# This value determines the Home Manager release that your
|
# This value determines the Home Manager release that your
|
||||||
# configuration is compatible with. This helps avoid breakage
|
# configuration is compatible with. This helps avoid breakage
|
||||||
|
@ -36,5 +36,5 @@
|
||||||
# You can update Home Manager without changing this value. See
|
# You can update Home Manager without changing this value. See
|
||||||
# the Home Manager release notes for a list of state version
|
# the Home Manager release notes for a list of state version
|
||||||
# changes in each release.
|
# changes in each release.
|
||||||
home-manager.users.caspervk.home.stateVersion = "23.11"; # Did you read the comment?
|
home-manager.users.caspervk.home.stateVersion = "24.05"; # Did you read the comment?
|
||||||
}
|
}
|
||||||
|
|
|
@ -22,6 +22,10 @@
|
||||||
}
|
}
|
||||||
{routeConfig = {Gateway = "fe80::1";};}
|
{routeConfig = {Gateway = "fe80::1";};}
|
||||||
];
|
];
|
||||||
|
# Enable proxy ARP to answer ARP requests for the floating IP addresses,
|
||||||
|
# intended for the wireguard peers, from Hetzner's router. Without this,
|
||||||
|
# the router will not send traffic to us.
|
||||||
|
networkConfig.IPv4ProxyARP = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
# The following routes traffic destined for 49.13.33.75 (floating IP) to
|
# The following routes traffic destined for 49.13.33.75 (floating IP) to
|
||||||
|
|
|
@ -25,7 +25,7 @@
|
||||||
# this value at the release version of the first install of this system.
|
# this value at the release version of the first install of this system.
|
||||||
# Before changing this value read the documentation for this option
|
# Before changing this value read the documentation for this option
|
||||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||||
system.stateVersion = "23.11"; # Did you read the comment?
|
system.stateVersion = "24.05"; # Did you read the comment?
|
||||||
|
|
||||||
# This value determines the Home Manager release that your
|
# This value determines the Home Manager release that your
|
||||||
# configuration is compatible with. This helps avoid breakage
|
# configuration is compatible with. This helps avoid breakage
|
||||||
|
@ -34,5 +34,5 @@
|
||||||
# You can update Home Manager without changing this value. See
|
# You can update Home Manager without changing this value. See
|
||||||
# the Home Manager release notes for a list of state version
|
# the Home Manager release notes for a list of state version
|
||||||
# changes in each release.
|
# changes in each release.
|
||||||
home-manager.users.caspervk.home.stateVersion = "23.11"; # Did you read the comment?
|
home-manager.users.caspervk.home.stateVersion = "24.05"; # Did you read the comment?
|
||||||
}
|
}
|
||||||
|
|
|
@ -28,7 +28,7 @@
|
||||||
# this value at the release version of the first install of this system.
|
# this value at the release version of the first install of this system.
|
||||||
# Before changing this value read the documentation for this option
|
# Before changing this value read the documentation for this option
|
||||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||||
system.stateVersion = "23.11"; # Did you read the comment?
|
system.stateVersion = "24.05"; # Did you read the comment?
|
||||||
|
|
||||||
# This value determines the Home Manager release that your
|
# This value determines the Home Manager release that your
|
||||||
# configuration is compatible with. This helps avoid breakage
|
# configuration is compatible with. This helps avoid breakage
|
||||||
|
@ -37,5 +37,5 @@
|
||||||
# You can update Home Manager without changing this value. See
|
# You can update Home Manager without changing this value. See
|
||||||
# the Home Manager release notes for a list of state version
|
# the Home Manager release notes for a list of state version
|
||||||
# changes in each release.
|
# changes in each release.
|
||||||
home-manager.users.caspervk.home.stateVersion = "23.11"; # Did you read the comment?
|
home-manager.users.caspervk.home.stateVersion = "24.05"; # Did you read the comment?
|
||||||
}
|
}
|
||||||
|
|
|
@ -26,7 +26,7 @@
|
||||||
# this value at the release version of the first install of this system.
|
# this value at the release version of the first install of this system.
|
||||||
# Before changing this value read the documentation for this option
|
# Before changing this value read the documentation for this option
|
||||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||||
system.stateVersion = "23.11"; # Did you read the comment?
|
system.stateVersion = "24.05"; # Did you read the comment?
|
||||||
|
|
||||||
# This value determines the Home Manager release that your
|
# This value determines the Home Manager release that your
|
||||||
# configuration is compatible with. This helps avoid breakage
|
# configuration is compatible with. This helps avoid breakage
|
||||||
|
@ -35,5 +35,5 @@
|
||||||
# You can update Home Manager without changing this value. See
|
# You can update Home Manager without changing this value. See
|
||||||
# the Home Manager release notes for a list of state version
|
# the Home Manager release notes for a list of state version
|
||||||
# changes in each release.
|
# changes in each release.
|
||||||
home-manager.users.caspervk.home.stateVersion = "23.11"; # Did you read the comment?
|
home-manager.users.caspervk.home.stateVersion = "24.05"; # Did you read the comment?
|
||||||
}
|
}
|
||||||
|
|
|
@ -19,7 +19,7 @@
|
||||||
boot.initrd.kernelModules = ["dm-snapshot"];
|
boot.initrd.kernelModules = ["dm-snapshot"];
|
||||||
boot.kernelModules = ["kvm-amd"];
|
boot.kernelModules = ["kvm-amd"];
|
||||||
boot.extraModulePackages = [];
|
boot.extraModulePackages = [];
|
||||||
boot.supportedFilesystems = ["ntfs"];
|
boot.supportedFilesystems = {ntfs = true;};
|
||||||
|
|
||||||
# https://elis.nu/blog/2020/05/nixos-tmpfs-as-root/
|
# https://elis.nu/blog/2020/05/nixos-tmpfs-as-root/
|
||||||
fileSystems."/" = {
|
fileSystems."/" = {
|
||||||
|
|
|
@ -37,7 +37,7 @@
|
||||||
# this value at the release version of the first install of this system.
|
# this value at the release version of the first install of this system.
|
||||||
# Before changing this value read the documentation for this option
|
# Before changing this value read the documentation for this option
|
||||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||||
system.stateVersion = "23.11"; # Did you read the comment?
|
system.stateVersion = "24.05"; # Did you read the comment?
|
||||||
|
|
||||||
# This value determines the Home Manager release that your
|
# This value determines the Home Manager release that your
|
||||||
# configuration is compatible with. This helps avoid breakage
|
# configuration is compatible with. This helps avoid breakage
|
||||||
|
@ -46,5 +46,5 @@
|
||||||
# You can update Home Manager without changing this value. See
|
# You can update Home Manager without changing this value. See
|
||||||
# the Home Manager release notes for a list of state version
|
# the Home Manager release notes for a list of state version
|
||||||
# changes in each release.
|
# changes in each release.
|
||||||
home-manager.users.caspervk.home.stateVersion = "23.11"; # Did you read the comment?
|
home-manager.users.caspervk.home.stateVersion = "24.05"; # Did you read the comment?
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
{
|
{
|
||||||
config,
|
config,
|
||||||
nixpkgs-unstable,
|
|
||||||
pkgs,
|
pkgs,
|
||||||
secrets,
|
secrets,
|
||||||
...
|
...
|
||||||
|
@ -10,8 +9,6 @@
|
||||||
# https://wiki.nixos.org/wiki/Forgejo
|
# https://wiki.nixos.org/wiki/Forgejo
|
||||||
services.forgejo = {
|
services.forgejo = {
|
||||||
enable = true;
|
enable = true;
|
||||||
# TODO: remove package override in NixOS 24.04
|
|
||||||
package = nixpkgs-unstable.legacyPackages.x86_64-linux.forgejo;
|
|
||||||
# Run Forgejo under git:git for better ssh clone urls.
|
# Run Forgejo under git:git for better ssh clone urls.
|
||||||
user = "git";
|
user = "git";
|
||||||
group = "git";
|
group = "git";
|
||||||
|
@ -80,13 +77,13 @@
|
||||||
# https://wiki.nixos.org/wiki/Forgejo
|
# https://wiki.nixos.org/wiki/Forgejo
|
||||||
# https://forgejo.org/docs/latest/admin/actions/
|
# https://forgejo.org/docs/latest/admin/actions/
|
||||||
services.gitea-actions-runner = {
|
services.gitea-actions-runner = {
|
||||||
package = pkgs.forgejo-actions-runner;
|
package = pkgs.forgejo-runner;
|
||||||
instances."default" = {
|
instances."default" = {
|
||||||
enable = true;
|
enable = true;
|
||||||
name = "default";
|
name = "default";
|
||||||
url = "https://git.caspervk.net";
|
url = "https://git.caspervk.net";
|
||||||
# From https://git.caspervk.net/admin/actions/runners/
|
# From https://git.caspervk.net/admin/actions/runners/
|
||||||
tokenFile = config.age.secrets.forgejo-actions-runner-token-file.path;
|
tokenFile = config.age.secrets.forgejo-runner-token-file.path;
|
||||||
# The Forgejo runner relies on application containers (Docker, Podman,
|
# The Forgejo runner relies on application containers (Docker, Podman,
|
||||||
# etc) to execute a workflow in an isolated environment. Labels are used
|
# etc) to execute a workflow in an isolated environment. Labels are used
|
||||||
# to map jobs' `runs-on` to their runtime environment. Many common
|
# to map jobs' `runs-on` to their runtime environment. Many common
|
||||||
|
@ -127,8 +124,8 @@
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
age.secrets.forgejo-actions-runner-token-file = {
|
age.secrets.forgejo-runner-token-file = {
|
||||||
file = "${secrets}/secrets/forgejo-actions-runner-token-file.age";
|
file = "${secrets}/secrets/forgejo-runner-token-file.age";
|
||||||
mode = "400";
|
mode = "400";
|
||||||
owner = "root";
|
owner = "root";
|
||||||
group = "root";
|
group = "root";
|
||||||
|
|
|
@ -18,7 +18,7 @@
|
||||||
boot.initrd.kernelModules = ["dm-snapshot"];
|
boot.initrd.kernelModules = ["dm-snapshot"];
|
||||||
boot.kernelModules = ["kvm-amd"];
|
boot.kernelModules = ["kvm-amd"];
|
||||||
boot.extraModulePackages = [];
|
boot.extraModulePackages = [];
|
||||||
boot.supportedFilesystems = [];
|
boot.supportedFilesystems = {};
|
||||||
|
|
||||||
# https://elis.nu/blog/2020/05/nixos-tmpfs-as-root/
|
# https://elis.nu/blog/2020/05/nixos-tmpfs-as-root/
|
||||||
fileSystems."/" = {
|
fileSystems."/" = {
|
||||||
|
|
|
@ -49,7 +49,7 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
# https://github.com/matrix-org/sliding-sync
|
# https://github.com/matrix-org/sliding-sync
|
||||||
services.matrix-synapse.sliding-sync = {
|
services.matrix-sliding-sync = {
|
||||||
# Unlike matrix-synapse, sliding-sync has createDatabase=true by default,
|
# Unlike matrix-synapse, sliding-sync has createDatabase=true by default,
|
||||||
# which means we don't have to configure the database in the postgres
|
# which means we don't have to configure the database in the postgres
|
||||||
# service manually.
|
# service manually.
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{nixpkgs-unstable, ...}: {
|
{...}: {
|
||||||
# Sonarr is an internet PVR for Usenet and Torrents.
|
# Sonarr is an internet PVR for Usenet and Torrents.
|
||||||
# https://sonarr.tv/
|
# https://sonarr.tv/
|
||||||
#
|
#
|
||||||
|
@ -14,8 +14,6 @@
|
||||||
# * UI: Fix retarded date formats.
|
# * UI: Fix retarded date formats.
|
||||||
services.sonarr = {
|
services.sonarr = {
|
||||||
enable = true;
|
enable = true;
|
||||||
# Unstable for sonarr v4. TODO: remove in NixOS 24.04
|
|
||||||
package = nixpkgs-unstable.legacyPackages.x86_64-linux.sonarr;
|
|
||||||
# Use the 'torrent' group to share files amongst downloaders, indexers etc.
|
# Use the 'torrent' group to share files amongst downloaders, indexers etc.
|
||||||
group = "torrent";
|
group = "torrent";
|
||||||
};
|
};
|
||||||
|
|
|
@ -26,7 +26,7 @@
|
||||||
# this value at the release version of the first install of this system.
|
# this value at the release version of the first install of this system.
|
||||||
# Before changing this value read the documentation for this option
|
# Before changing this value read the documentation for this option
|
||||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||||
system.stateVersion = "23.11"; # Did you read the comment?
|
system.stateVersion = "24.05"; # Did you read the comment?
|
||||||
|
|
||||||
# This value determines the Home Manager release that your
|
# This value determines the Home Manager release that your
|
||||||
# configuration is compatible with. This helps avoid breakage
|
# configuration is compatible with. This helps avoid breakage
|
||||||
|
@ -35,5 +35,5 @@
|
||||||
# You can update Home Manager without changing this value. See
|
# You can update Home Manager without changing this value. See
|
||||||
# the Home Manager release notes for a list of state version
|
# the Home Manager release notes for a list of state version
|
||||||
# changes in each release.
|
# changes in each release.
|
||||||
home-manager.users.caspervk.home.stateVersion = "23.11"; # Did you read the comment?
|
home-manager.users.caspervk.home.stateVersion = "24.05"; # Did you read the comment?
|
||||||
}
|
}
|
||||||
|
|
|
@ -25,7 +25,7 @@
|
||||||
# this value at the release version of the first install of this system.
|
# this value at the release version of the first install of this system.
|
||||||
# Before changing this value read the documentation for this option
|
# Before changing this value read the documentation for this option
|
||||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||||
system.stateVersion = "23.11"; # Did you read the comment?
|
system.stateVersion = "24.05"; # Did you read the comment?
|
||||||
|
|
||||||
# This value determines the Home Manager release that your
|
# This value determines the Home Manager release that your
|
||||||
# configuration is compatible with. This helps avoid breakage
|
# configuration is compatible with. This helps avoid breakage
|
||||||
|
@ -34,5 +34,5 @@
|
||||||
# You can update Home Manager without changing this value. See
|
# You can update Home Manager without changing this value. See
|
||||||
# the Home Manager release notes for a list of state version
|
# the Home Manager release notes for a list of state version
|
||||||
# changes in each release.
|
# changes in each release.
|
||||||
home-manager.users.caspervk.home.stateVersion = "23.11"; # Did you read the comment?
|
home-manager.users.caspervk.home.stateVersion = "24.05"; # Did you read the comment?
|
||||||
}
|
}
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
# TODO: these systemd networkd settings will be the default once
|
# TODO: these systemd networkd settings will be the default once
|
||||||
# https://github.com/NixOS/nixpkgs/pull/202488 is merged.
|
# https://github.com/NixOS/nixpkgs/pull/264967 is merged.
|
||||||
networking.useNetworkd = true;
|
networking.useNetworkd = true;
|
||||||
systemd.network.enable = true;
|
systemd.network.enable = true;
|
||||||
|
|
||||||
|
@ -50,7 +50,7 @@
|
||||||
# Resolved falls back to DNS servers operated by American internet
|
# Resolved falls back to DNS servers operated by American internet
|
||||||
# surveillance and adtech companies by default. No thanks, I'd rather have
|
# surveillance and adtech companies by default. No thanks, I'd rather have
|
||||||
# no DNS at all.
|
# no DNS at all.
|
||||||
fallbackDns = config.networking.nameservers;
|
fallbackDns = [];
|
||||||
};
|
};
|
||||||
|
|
||||||
# TCP BBR has significantly increased throughput and reduced latency. Note
|
# TCP BBR has significantly increased throughput and reduced latency. Note
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{
|
{
|
||||||
|
config,
|
||||||
nix-index-database,
|
nix-index-database,
|
||||||
nixpkgs-unstable,
|
nixpkgs-unstable,
|
||||||
nixpkgs,
|
nixpkgs,
|
||||||
|
@ -35,20 +36,19 @@
|
||||||
|
|
||||||
# The nix registry is used to refer to flakes using symbolic identifiers
|
# The nix registry is used to refer to flakes using symbolic identifiers
|
||||||
# when running commands such as `nix run nixpkgs#hello`. By default,
|
# when running commands such as `nix run nixpkgs#hello`. By default,
|
||||||
# the global registry from [1] is used, which aliases `nixpkgs` to the
|
# `nixpkgs` is an alias of the system's nixpkgs, but no such alias is made
|
||||||
# nixpkgs-unstable branch. We overwrite the default global `nixpkgs`
|
# for unstable.
|
||||||
# registry with one which refers to the same nixpkgs as the rest of
|
|
||||||
# the system, aligning it with flake.lock.
|
|
||||||
# [1] https://github.com/NixOS/flake-registry/blob/master/flake-registry.json
|
|
||||||
registry = {
|
registry = {
|
||||||
nixpkgs.flake = nixpkgs;
|
|
||||||
nixpkgs-unstable.flake = nixpkgs-unstable;
|
nixpkgs-unstable.flake = nixpkgs-unstable;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# The system-wide garbage collection service configured above does not know
|
# The system-wide garbage collection service configured above does not know
|
||||||
# about our user profile. TODO: 24.04
|
# about our user profile.
|
||||||
# home-manager.users.caspervk.nix.gc = config.nix.gc;
|
home-manager.users.caspervk.nix.gc = {
|
||||||
|
inherit (config.nix.gc) automatic options;
|
||||||
|
frequency = config.nix.gc.dates;
|
||||||
|
};
|
||||||
|
|
||||||
# Run unpatched dynamic binaries on NixOS.
|
# Run unpatched dynamic binaries on NixOS.
|
||||||
# https://github.com/Mic92/nix-ld
|
# https://github.com/Mic92/nix-ld
|
||||||
|
|
|
@ -16,7 +16,11 @@
|
||||||
inetutils
|
inetutils
|
||||||
jq
|
jq
|
||||||
magic-wormhole
|
magic-wormhole
|
||||||
|
mtr
|
||||||
|
ncdu
|
||||||
ntp
|
ntp
|
||||||
|
openssl
|
||||||
|
pciutils
|
||||||
progress
|
progress
|
||||||
pwgen
|
pwgen
|
||||||
python310
|
python310
|
||||||
|
@ -24,10 +28,12 @@
|
||||||
python312
|
python312
|
||||||
rsync
|
rsync
|
||||||
sqlite
|
sqlite
|
||||||
|
tcpdump
|
||||||
tmux
|
tmux
|
||||||
traceroute
|
traceroute
|
||||||
tree
|
tree
|
||||||
unzip
|
unzip
|
||||||
|
usbutils
|
||||||
wget
|
wget
|
||||||
wireguard-tools
|
wireguard-tools
|
||||||
xkcdpass
|
xkcdpass
|
||||||
|
|
|
@ -1,15 +1,9 @@
|
||||||
{
|
{home-manager, ...}: {
|
||||||
home-manager,
|
|
||||||
nixpkgs-unstable,
|
|
||||||
...
|
|
||||||
}: {
|
|
||||||
# Terminal emulator
|
# Terminal emulator
|
||||||
# https://codeberg.org/dnkl/foot
|
# https://codeberg.org/dnkl/foot
|
||||||
home-manager.users.caspervk = {
|
home-manager.users.caspervk = {
|
||||||
programs.foot = {
|
programs.foot = {
|
||||||
enable = true;
|
enable = true;
|
||||||
# TODO: remove version override in NixOS v24.04
|
|
||||||
package = nixpkgs-unstable.legacyPackages.x86_64-linux.foot;
|
|
||||||
# https://man.archlinux.org/man/foot.ini.5.en
|
# https://man.archlinux.org/man/foot.ini.5.en
|
||||||
settings = {
|
settings = {
|
||||||
main = {
|
main = {
|
||||||
|
|
|
@ -28,6 +28,6 @@
|
||||||
# a different service is responsible for managing the system's internet
|
# a different service is responsible for managing the system's internet
|
||||||
# connection (for example, NetworkManager), this service is unnecessary and
|
# connection (for example, NetworkManager), this service is unnecessary and
|
||||||
# can be disabled.
|
# can be disabled.
|
||||||
# https://search.nixos.org/options?channel=23.11&show=systemd.network.wait-online.enable
|
# https://search.nixos.org/options?channel=24.05&show=systemd.network.wait-online.enable
|
||||||
systemd.network.wait-online.enable = false;
|
systemd.network.wait-online.enable = false;
|
||||||
}
|
}
|
||||||
|
|
|
@ -13,6 +13,7 @@
|
||||||
aspellDicts.en
|
aspellDicts.en
|
||||||
aspellDicts.en-computers
|
aspellDicts.en-computers
|
||||||
aspellDicts.en-science
|
aspellDicts.en-science
|
||||||
|
element-desktop
|
||||||
firefox-wayland
|
firefox-wayland
|
||||||
gimp
|
gimp
|
||||||
hunspell
|
hunspell
|
||||||
|
@ -56,6 +57,8 @@
|
||||||
MOZ_ENABLE_WAYLAND = 1;
|
MOZ_ENABLE_WAYLAND = 1;
|
||||||
# https://wiki.archlinux.org/title/Sway#Java_applications
|
# https://wiki.archlinux.org/title/Sway#Java_applications
|
||||||
_JAVA_AWT_WM_NONREPARENTING = 1;
|
_JAVA_AWT_WM_NONREPARENTING = 1;
|
||||||
|
# https://wiki.nixos.org/wiki/Wayland
|
||||||
|
NIXOS_OZONE_WL = 1;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -15,12 +15,13 @@
|
||||||
package = pkgs.rofi-wayland;
|
package = pkgs.rofi-wayland;
|
||||||
theme = "android_notification";
|
theme = "android_notification";
|
||||||
extraConfig = {
|
extraConfig = {
|
||||||
modes = "drun,emoji";
|
modes = "drun"; # TODO: drun,emoji
|
||||||
show-icons = true;
|
show-icons = true;
|
||||||
};
|
};
|
||||||
plugins = with pkgs; [
|
# TODO
|
||||||
rofi-emoji
|
# plugins = with pkgs; [
|
||||||
];
|
# rofi-emoji
|
||||||
|
# ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -13,13 +13,9 @@
|
||||||
# to the mess that is IPv6. Force keepalive packets to avoid sessions
|
# to the mess that is IPv6. Force keepalive packets to avoid sessions
|
||||||
# dying. See https://news.ycombinator.com/item?id=25737611.
|
# dying. See https://news.ycombinator.com/item?id=25737611.
|
||||||
serverAliveInterval = 25;
|
serverAliveInterval = 25;
|
||||||
# TODO: use addKeysToAgent attribute in Home Manager 24.04 instead of
|
# Add ssh keys to the agent the first time we unlock them so we don't
|
||||||
# extraConfig.
|
# have to type the password all the time.
|
||||||
extraConfig = ''
|
addKeysToAgent = "yes";
|
||||||
# Add ssh keys to the agent the first time we unlock them so we don't
|
|
||||||
# have to type the password all the time.
|
|
||||||
AddKeysToAgent yes
|
|
||||||
'';
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -45,6 +45,7 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
modifier = "Mod4"; # super
|
modifier = "Mod4"; # super
|
||||||
|
defaultWorkspace = "workspace number 1";
|
||||||
keybindings = lib.mkOptionDefault {
|
keybindings = lib.mkOptionDefault {
|
||||||
# Menu
|
# Menu
|
||||||
"Mod4+backspace" = "exec rofi -show drun";
|
"Mod4+backspace" = "exec rofi -show drun";
|
||||||
|
@ -139,7 +140,7 @@
|
||||||
src = "${pkgs.waybar}/etc/xdg/waybar";
|
src = "${pkgs.waybar}/etc/xdg/waybar";
|
||||||
installPhase = ''
|
installPhase = ''
|
||||||
# JSON isn't valid if it contains comments
|
# JSON isn't valid if it contains comments
|
||||||
sed 's#//.*##' config | ${pkgs.jq}/bin/jq > $out
|
sed 's#//.*##' config.jsonc | ${pkgs.jq}/bin/jq > $out
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
defaultConfig = builtins.fromJSON (lib.readFile "${mkDefaultConfig}");
|
defaultConfig = builtins.fromJSON (lib.readFile "${mkDefaultConfig}");
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
{...}: {
|
{...}: {
|
||||||
imports = [./forgejo-actions-runner.nix];
|
imports = [];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,24 +0,0 @@
|
||||||
{...}: {
|
|
||||||
# Running containers without /bin/sleep (such as nixos) requires newer
|
|
||||||
# forgejo act runner. See https://codeberg.org/forgejo/forgejo/issues/2611.
|
|
||||||
nixpkgs.overlays = [
|
|
||||||
(final: prev: {
|
|
||||||
forgejo-actions-runner = prev.callPackage "${prev.path}/pkgs/development/tools/continuous-integration/forgejo-actions-runner" {
|
|
||||||
buildGoModule = args:
|
|
||||||
prev.buildGoModule (args
|
|
||||||
// rec {
|
|
||||||
version = "3.4.1";
|
|
||||||
|
|
||||||
src = prev.fetchFromGitea {
|
|
||||||
domain = "codeberg.org";
|
|
||||||
owner = "forgejo";
|
|
||||||
repo = "runner";
|
|
||||||
rev = "v${version}";
|
|
||||||
hash = "sha256-c8heIHt+EJ6LnZT4/6TTWd7v85VRHjH72bdje12un4M=";
|
|
||||||
};
|
|
||||||
vendorHash = "sha256-FCCQZdAYRtJR3DGQIEvUzv+1kqvxVTGkwJwZSohq28s=";
|
|
||||||
});
|
|
||||||
};
|
|
||||||
})
|
|
||||||
];
|
|
||||||
}
|
|
Loading…
Reference in a new issue