From 339a6c15cd98bea8730c4aeca3fa706570efac6b Mon Sep 17 00:00:00 2001 From: Patrick Date: Thu, 10 Oct 2024 19:11:21 +0200 Subject: [PATCH] update --- config/optional/zfs.nix | 3 - config/services/invidious.nix | 1 + config/services/samba.nix | 129 ++++++------ flake.lock | 381 +++++++++++++++------------------- flake.nix | 57 +++-- hosts/desktopnix/default.nix | 15 +- nix/devshell.nix | 3 +- 7 files changed, 270 insertions(+), 319 deletions(-) diff --git a/config/optional/zfs.nix b/config/optional/zfs.nix index 7dc568c..6a96aee 100644 --- a/config/optional/zfs.nix +++ b/config/optional/zfs.nix @@ -1,12 +1,9 @@ { pkgs, - config, - lib, ... }: { boot.supportedFilesystems = [ "zfs" ]; - boot.kernelPackages = lib.mkDefault config.boot.zfs.package.latestCompatibleLinuxPackages; # The root pool should never be imported forcefully. # Failure to import is important to notice! diff --git a/config/services/invidious.nix b/config/services/invidious.nix index 918f28d..6d94ae5 100644 --- a/config/services/invidious.nix +++ b/config/services/invidious.nix @@ -3,6 +3,7 @@ services.invidious = { enable = true; domain = "yt.${config.secrets.secrets.global.domains.web}"; + sig-helper.enable = true; settings = { external_port = 443; https_only = true; diff --git a/config/services/samba.nix b/config/services/samba.nix index d30387d..3f7b58c 100644 --- a/config/services/samba.nix +++ b/config/services/samba.nix @@ -1,4 +1,7 @@ { config, lib, ... }: +let + shares = lib.removeAttrs config.services.samba.settings [ "global" ]; +in { services.samba-wsdd = { enable = true; # make shares visible for windows 10 clients @@ -70,46 +73,7 @@ openFirewall = true; enableWinbindd = false; enableNmbd = false; - extraConfig = lib.concatLines [ - '' - logging = systemd - log level = 0 auth:2 passdb:2 - passdb backend = tdbsam:${config.age.secrets.smbpassdb.path} - server role = standalone - '' - # Show the server host name in the printer comment box in print manager - # and next to the IPC connection in net view. - "server string = patricks-tolles-nas" - # Set the NetBIOS name by which the Samba server is known. - "netbios name = patricks-tolles-nas" - # Disable netbios support. We don't need to support browsing since all - # clients hardcode the host and share names. - "disable netbios = yes" - # Allow access to local network - "hosts allow = 192.168.178. 10. localhost" - - "guest account = nobody" - "map to guest = bad user" - - # Clients should only connect using the latest SMB3 protocol (e.g., on - # clients running Windows 8 and later). - "server min protocol = SMB3_11" - # Require native SMB transport encryption by default. - "server smb encrypt = required" - # Do not map the executable bit to anything - "map archive = no" - "map system = no" - "map hidden = no" - - # Disable printer sharing. By default Samba shares printers configured - # using CUPS. - "load printers = no" - "printing = bsd" - "printcap name = /dev/null" - "disable spoolss = yes" - "show add printer wizard = no" - ]; - shares = + settings = let mkShare = { @@ -162,6 +126,45 @@ }; in lib.mkMerge [ + { + global = { + logging = "systemd"; + "log level" = "0 auth:2 passdb:2"; + "passdb backend" = "tdbsam:${config.age.secrets.smbpassdb.path}"; + "server role" = "standalone"; + # Show the server host name in the printer comment box in print manager + # and next to the IPC connection in net view. + "server string" = "patricks-tolles-nas"; + # Set the NetBIOS name by which the Samba server is known. + "netbios name" = "patricks-tolles-nas"; + # Disable netbios support. We don't need to support browsing since all + # clients hardcode the host and share names. + "disable netbios" = "yes"; + # Allow access to local network + "hosts allow" = "192.168.178. 10. localhost"; + + "guest account" = "nobody"; + "map to guest" = "bad user"; + + # Clients should only connect using the latest SMB3 protocol (e.g., on + # clients running Windows 8 and later). + "server min protocol" = "SMB3_11"; + # Require native SMB transport encryption by default. + "server smb encrypt" = "required"; + # Do not map the executable bit to anything + "map archive" = "no"; + "map system" = "no"; + "map hidden" = "no"; + + # Disable printer sharing. By default Samba shares printers configured + # using CUPS. + "load printers" = "no"; + "printing" = "bsd"; + "printcap name" = "/dev/null"; + "disable spoolss" = "yes"; + "show add printer wizard" = "no"; + }; + } (mkShare { name = "ggr-data"; user = "ggr"; @@ -219,9 +222,9 @@ }; users = let - users = lib.unique (lib.mapAttrsToList (_: val: val."force user") config.services.samba.shares); + users = lib.unique (lib.flatten (lib.mapAttrsToList (_: val: val."force user") shares)); groups = lib.unique ( - users ++ (lib.mapAttrsToList (_: val: val."force group") config.services.samba.shares) + users ++ (lib.flatten (lib.mapAttrsToList (_: val: val."force group") shares)) ); in { @@ -262,44 +265,44 @@ }; fileSystems = lib.mkMerge ( - lib.flip lib.mapAttrsToList config.services.samba.shares ( + lib.flip lib.mapAttrsToList shares ( _: v: - lib.optionalAttrs ((v ? "#paperless") && v."#paperless") { - "${v.path}/consume" = { + lib.optionalAttrs ((v ? "#paperless") && lib.head v."#paperless") { + "${lib.head v.path}/consume" = { fsType = "none"; options = [ "bind" ]; - device = "/paperless/consume/${v."#user"}"; + device = "/paperless/consume/${lib.head v."#user"}"; }; - "${v.path}/media/archive" = { + "${lib.head v.path}/media/archive" = { fsType = "none "; options = [ "bind" "ro" ]; - device = "/paperless/media/documents/archive/${v."#user"}"; + device = "/paperless/media/documents/archive/${lib.head v."#user"}"; }; - "${v.path}/media/originals" = { + "${lib.head v.path}/media/originals" = { fsType = "none "; options = [ "bind" "ro" ]; - device = "/paperless/media/documents/originals/${v."#user"}"; + device = "/paperless/media/documents/originals/${lib.head v."#user"}"; }; } ) ); systemd.tmpfiles.settings = lib.mkMerge ( - lib.flip lib.mapAttrsToList config.services.samba.shares ( + lib.flip lib.mapAttrsToList shares ( _: v: - lib.optionalAttrs ((v ? "#paperless") && v."#paperless") { + lib.optionalAttrs ((v ? "#paperless") && lib.head v."#paperless") { "10-smb-paperless"."/paperless/consume/".d = { user = "paperless"; group = "paperless"; mode = "0770"; }; - "10-smb-paperless"."/paperless/consume/${v."#user"}".d = { + "10-smb-paperless"."/paperless/consume/${lib.head v."#user"}".d = { user = "paperless"; group = "paperless"; mode = "0770"; @@ -320,12 +323,12 @@ group = "paperless"; mode = "0770"; }; - "10-smb-paperless"."/paperless/media/documents/archive/${v."#user"}".d = { + "10-smb-paperless"."/paperless/media/documents/archive/${lib.head v."#user"}".d = { user = "paperless"; group = "paperless"; mode = "0770"; }; - "10-smb-paperless"."/paperless/media/documents/archive/${v."#user"}/.keep".f = { + "10-smb-paperless"."/paperless/media/documents/archive/${lib.head v."#user"}/.keep".f = { user = "paperless"; group = "paperless"; mode = "0660"; @@ -335,12 +338,12 @@ group = "paperless"; mode = "0770"; }; - "10-smb-paperless"."/paperless/media/documents/originals/${v."#user"}".d = { + "10-smb-paperless"."/paperless/media/documents/originals/${lib.head v."#user"}".d = { user = "paperless"; group = "paperless"; mode = "0770"; }; - "10-smb-paperless"."/paperless/media/documents/originals/${v."#user"}/.keep".f = { + "10-smb-paperless"."/paperless/media/documents/originals/${lib.head v."#user"}/.keep".f = { user = "paperless"; group = "paperless"; mode = "0660"; @@ -350,14 +353,14 @@ ); environment.persistence = lib.mkMerge ( lib.flatten [ - (lib.flip lib.mapAttrsToList config.services.samba.shares ( + (lib.flip lib.mapAttrsToList shares ( _: v: - lib.optionalAttrs ((v ? "#persistRoot") && (v."#persistRoot" != "")) { - ${v."#persistRoot"}.directories = [ + lib.optionalAttrs ((v ? "#persistRoot") && (lib.head v."#persistRoot" != "")) { + ${lib.head v."#persistRoot"}.directories = [ { - directory = "${v.path}"; - user = "${v."force user"}"; - group = "${v."force group"}"; + directory = "${lib.head v.path}"; + user = "${lib.head v."force user"}"; + group = "${lib.head v."force group"}"; mode = "0770"; } ]; diff --git a/flake.lock b/flake.lock index 43d4407..2bdf7c5 100644 --- a/flake.lock +++ b/flake.lock @@ -37,11 +37,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1722597419, - "narHash": "sha256-YbMzll0Dh2ln/TryDP+S3IGm8nRHkzcSQIubI4ZEOAw=", + "lastModified": 1727102360, + "narHash": "sha256-ZDqf33OAsr46TlP7TXbxmEf48xenYA3iSLs9441fYbQ=", "owner": "oddlama", "repo": "agenix-rekey", - "rev": "126b4a5133eb361cbf5bf90e44c71b6f830845ec", + "rev": "62da71e7eadf6b9b52e831d2e516937c30a5f712", "type": "github" }, "original": { @@ -84,30 +84,14 @@ "type": "github" } }, - "base16-foot": { - "flake": false, - "locked": { - "lastModified": 1696725948, - "narHash": "sha256-65bz2bUL/yzZ1c8/GQASnoiGwaF8DczlxJtzik1c0AU=", - "owner": "tinted-theming", - "repo": "base16-foot", - "rev": "eedbcfa30de0a4baa03e99f5e3ceb5535c2755ce", - "type": "github" - }, - "original": { - "owner": "tinted-theming", - "repo": "base16-foot", - "type": "github" - } - }, "base16-helix": { "flake": false, "locked": { - "lastModified": 1720809814, - "narHash": "sha256-numb3xigRGnr/deF7wdjBwVg7fpbTH7reFDkJ75AJkY=", + "lastModified": 1725860795, + "narHash": "sha256-Z2o8VBPW3I+KKTSfe25kskz0EUj7MpUh8u355Z1nVsU=", "owner": "tinted-theming", "repo": "base16-helix", - "rev": "34f41987bec14c0f3f6b2155c19787b1f6489625", + "rev": "7f795bf75d38e0eea9fed287264067ca187b88a9", "type": "github" }, "original": { @@ -116,38 +100,6 @@ "type": "github" } }, - "base16-kitty": { - "flake": false, - "locked": { - "lastModified": 1665001328, - "narHash": "sha256-aRaizTYPpuWEcvoYE9U+YRX+Wsc8+iG0guQJbvxEdJY=", - "owner": "kdrag0n", - "repo": "base16-kitty", - "rev": "06bb401fa9a0ffb84365905ffbb959ae5bf40805", - "type": "github" - }, - "original": { - "owner": "kdrag0n", - "repo": "base16-kitty", - "type": "github" - } - }, - "base16-tmux": { - "flake": false, - "locked": { - "lastModified": 1696725902, - "narHash": "sha256-wDPg5elZPcQpu7Df0lI5O8Jv4A3T6jUQIVg63KDU+3Q=", - "owner": "tinted-theming", - "repo": "base16-tmux", - "rev": "c02050bebb60dbb20cb433cd4d8ce668ecc11ba7", - "type": "github" - }, - "original": { - "owner": "tinted-theming", - "repo": "base16-tmux", - "type": "github" - } - }, "base16-vim": { "flake": false, "locked": { @@ -269,11 +221,11 @@ ] }, "locked": { - "lastModified": 1722113426, - "narHash": "sha256-Yo/3loq572A8Su6aY5GP56knpuKYRvM2a1meP9oJZCw=", + "lastModified": 1728330715, + "narHash": "sha256-xRJ2nPOXb//u1jaBnDP56M7v5ldavjbtR6lfGqSvcKg=", "owner": "numtide", "repo": "devshell", - "rev": "67cce7359e4cd3c45296fb4aaf6a19e2a9c757ae", + "rev": "dd6b80932022cea34a019e2bb32f6fa9e494dfef", "type": "github" }, "original": { @@ -334,11 +286,11 @@ ] }, "locked": { - "lastModified": 1722113426, - "narHash": "sha256-Yo/3loq572A8Su6aY5GP56knpuKYRvM2a1meP9oJZCw=", + "lastModified": 1728330715, + "narHash": "sha256-xRJ2nPOXb//u1jaBnDP56M7v5ldavjbtR6lfGqSvcKg=", "owner": "numtide", "repo": "devshell", - "rev": "67cce7359e4cd3c45296fb4aaf6a19e2a9c757ae", + "rev": "dd6b80932022cea34a019e2bb32f6fa9e494dfef", "type": "github" }, "original": { @@ -354,11 +306,11 @@ ] }, "locked": { - "lastModified": 1724895876, - "narHash": "sha256-GSqAwa00+vRuHbq9O/yRv7Ov7W/pcMLis3HmeHv8a+Q=", + "lastModified": 1728334376, + "narHash": "sha256-CTKEKPzD/j8FK6H4DO3EjyixZd3HHvgAgfnCwpGFP5c=", "owner": "nix-community", "repo": "disko", - "rev": "511388d837178979de66d14ca4a2ebd5f7991cd3", + "rev": "d39ee334984fcdae6244f5a8e6ab857479cbaefe", "type": "github" }, "original": { @@ -367,28 +319,6 @@ "type": "github" } }, - "fenix": { - "inputs": { - "nixpkgs": [ - "microvm", - "nixpkgs" - ], - "rust-analyzer-src": "rust-analyzer-src" - }, - "locked": { - "lastModified": 1722580276, - "narHash": "sha256-VaNcSh7n8OaFW/DJsR6Fm23V+EGpSei0DyF71RKB+90=", - "owner": "nix-community", - "repo": "fenix", - "rev": "286f371b3cfeaa5c856c8e6dfb893018e86cc947", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "fenix", - "type": "github" - } - }, "flake-compat": { "flake": false, "locked": { @@ -535,11 +465,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1722555600, - "narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=", + "lastModified": 1727826117, + "narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "8471fe90ad337a8074e957b69ca4d0089218391d", + "rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1", "type": "github" }, "original": { @@ -599,11 +529,11 @@ ] }, "locked": { - "lastModified": 1722555600, - "narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=", + "lastModified": 1727826117, + "narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "8471fe90ad337a8074e957b69ca4d0089218391d", + "rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1", "type": "github" }, "original": { @@ -619,11 +549,11 @@ ] }, "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "lastModified": 1726560853, + "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", "type": "github" }, "original": { @@ -709,11 +639,11 @@ "systems": "systems_8" }, "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "lastModified": 1726560853, + "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", "type": "github" }, "original": { @@ -727,11 +657,11 @@ "systems": "systems_9" }, "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "lastModified": 1726560853, + "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", "type": "github" }, "original": { @@ -794,11 +724,11 @@ ] }, "locked": { - "lastModified": 1724857454, - "narHash": "sha256-Qyl9Q4QMTLZnnBb/8OuQ9LSkzWjBU1T5l5zIzTxkkhk=", + "lastModified": 1728092656, + "narHash": "sha256-eMeCTJZ5xBeQ0f9Os7K8DThNVSo9gy4umZLDfF5q6OM=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "4509ca64f1084e73bc7a721b20c669a8d4c5ebe6", + "rev": "1211305a5b237771e13fcca0c51e60ad47326a9a", "type": "github" }, "original": { @@ -962,11 +892,11 @@ ] }, "locked": { - "lastModified": 1724435763, - "narHash": "sha256-UNky3lJNGQtUEXT2OY8gMxejakSWPTfWKvpFkpFlAfM=", + "lastModified": 1728337164, + "narHash": "sha256-VdRTjJFyq4Q9U7Z/UoC2Q5jK8vSo6E86lHc2OanXtvc=", "owner": "nix-community", "repo": "home-manager", - "rev": "c2cd2a52e02f1dfa1c88f95abeb89298d46023be", + "rev": "038630363e7de57c36c417fd2f5d7c14773403e4", "type": "github" }, "original": { @@ -983,11 +913,11 @@ ] }, "locked": { - "lastModified": 1724435763, - "narHash": "sha256-UNky3lJNGQtUEXT2OY8gMxejakSWPTfWKvpFkpFlAfM=", + "lastModified": 1728337164, + "narHash": "sha256-VdRTjJFyq4Q9U7Z/UoC2Q5jK8vSo6E86lHc2OanXtvc=", "owner": "nix-community", "repo": "home-manager", - "rev": "c2cd2a52e02f1dfa1c88f95abeb89298d46023be", + "rev": "038630363e7de57c36c417fd2f5d7c14773403e4", "type": "github" }, "original": { @@ -1019,11 +949,11 @@ }, "impermanence": { "locked": { - "lastModified": 1724489415, - "narHash": "sha256-ey8vhwY/6XCKoh7fyTn3aIQs7WeYSYtLbYEG87VCzX4=", + "lastModified": 1727649413, + "narHash": "sha256-FA53of86DjFdeQzRDVtvgWF9o52rWK70VHGx0Y8fElQ=", "owner": "nix-community", "repo": "impermanence", - "rev": "c7f5b394397398c023000cf843986ee2571a1fd7", + "rev": "d0b38e550039a72aff896ee65b0918e975e6d48e", "type": "github" }, "original": { @@ -1065,11 +995,11 @@ "nixpkgs-lib": "nixpkgs-lib_2" }, "locked": { - "lastModified": 1724587851, - "narHash": "sha256-+tnTRvR9TzXQDl5OynS+tKBZyPB6viT99zs4fXI0lfk=", + "lastModified": 1728216729, + "narHash": "sha256-HsisE2yMld0LckvQ3v/00bXFg11E5Q2XI8taPUewDPA=", "owner": "nix-community", "repo": "lib-aggregate", - "rev": "eda1cdaddc64064f53e65ae614e061010e5fb92f", + "rev": "6c4cf448d33ce86bcc06c6d50bcecc33666105ee", "type": "github" }, "original": { @@ -1093,7 +1023,6 @@ }, "microvm": { "inputs": { - "fenix": "fenix", "flake-utils": [ "flake-utils" ], @@ -1103,11 +1032,11 @@ "spectrum": "spectrum" }, "locked": { - "lastModified": 1723470968, - "narHash": "sha256-W76xLG4thxkENM3MOoXWYqKPrgk1WgUWzTixUyuw/co=", + "lastModified": 1728349983, + "narHash": "sha256-VRQm46/W29z87IeITfvxIrS6LUEItgDtEDzqVX59q0E=", "owner": "astro", "repo": "microvm.nix", - "rev": "69e8ac63a7a4d40bb65e73af41ba60df2eba0419", + "rev": "470537e671d743f40812b9c071a4130eabdb3deb", "type": "github" }, "original": { @@ -1124,11 +1053,11 @@ ] }, "locked": { - "lastModified": 1724561770, - "narHash": "sha256-zv8C9RNa86CIpyHwPIVO/k+5TfM8ZbjGwOOpTe1grls=", + "lastModified": 1728385805, + "narHash": "sha256-mUd38b0vhB7yzgAjNOaFz7VY9xIVzlbn3P2wjGBcVV0=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "ac5694a0b855a981e81b4d9f14052e3ff46ca39e", + "rev": "48b50b3b137be5cfb9f4d006835ce7c3fe558ccc", "type": "github" }, "original": { @@ -1145,11 +1074,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1723372011, - "narHash": "sha256-zqenoufFiPfobw74idorZMG8AXG3DnFzbHplt/Nkvrg=", + "lastModified": 1727953523, + "narHash": "sha256-cT8fN56OHCqTajmj2JwDL5uhTIEFvVSnBRvypXfZ9f4=", "owner": "nix-community", "repo": "nix-eval-jobs", - "rev": "8802412b8747633e9d80639897e4d58fa6290909", + "rev": "7ae693d28c5922533ce86f348ddb6709a2beffbf", "type": "github" }, "original": { @@ -1187,11 +1116,11 @@ ] }, "locked": { - "lastModified": 1724576102, - "narHash": "sha256-uM7n5nNL6fmA0bwMJBNll11f4cMWOFa2Ni6F5KeIldM=", + "lastModified": 1728263287, + "narHash": "sha256-GJDtsxz2/zw6g/Nrp4XVWBS5IaZ7ZUkuvxPOBEDe7pg=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "e333d62b70b179da1dd78d94315e8a390f2d12e5", + "rev": "5fce10c871bab6d7d5ac9e5e7efbb3a2783f5259", "type": "github" }, "original": { @@ -1208,11 +1137,11 @@ "pre-commit-hooks": "pre-commit-hooks_2" }, "locked": { - "lastModified": 1724368485, - "narHash": "sha256-/MzkcvJN8zN+y5vevpT6OQJXTb+sSpxQA0iywn9CD+A=", + "lastModified": 1725483443, + "narHash": "sha256-WzOlGMKV/51Fccn/OMHcm5yrqgbOJZrJIy1ya4pW0u8=", "owner": "oddlama", "repo": "nix-topology", - "rev": "1826fe50f19dd076f13ede0254e170247e0afb06", + "rev": "8738d94670265beb166954c4e3a26e432f79f68c", "type": "github" }, "original": { @@ -1223,11 +1152,11 @@ }, "nixlib": { "locked": { - "lastModified": 1724547350, - "narHash": "sha256-WKkGeNpenNMKD1gOF0Xuqi3VsKX/QCAiwz9qe5PDvzA=", + "lastModified": 1728176478, + "narHash": "sha256-px3Q0W//c+mZ4kPMXq4poztsjtXM1Ja1rN+825YMDUQ=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "b741d900fecd2f0c32d90f853b24be9f5f098b7d", + "rev": "b61309c3c1b6013d36299bc8285612865b3b9e4c", "type": "github" }, "original": { @@ -1247,11 +1176,11 @@ "pre-commit-hooks": "pre-commit-hooks_3" }, "locked": { - "lastModified": 1723133809, - "narHash": "sha256-CUx2HOkP6Gsd7Hi+jPgm57P9Kgq0dxRG8UrxLhjDmr8=", + "lastModified": 1728505352, + "narHash": "sha256-rhiGjMfjMzayx9YJwWl53QXGWGrI9VgurB1eo7mGFm8=", "owner": "oddlama", "repo": "nixos-extra-modules", - "rev": "2dfcc1f7de2cb36566c5f1b48986dd4555a173dc", + "rev": "4bcc7dd2a113a7bf71bcc4707f384ac2c34891d4", "type": "github" }, "original": { @@ -1268,11 +1197,11 @@ ] }, "locked": { - "lastModified": 1724893087, - "narHash": "sha256-M3+Z8SSpzKPQ+/vw9a99G9HfqKWbVGzhFz4p3KAX0NI=", + "lastModified": 1728308313, + "narHash": "sha256-GThSJ4OcPOOtf8j8ge7ik4141BHVbBALu0N7Ju+Nw18=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "0dd0205bc3f6d602ddb62aaece5f62a8715a9e85", + "rev": "71f9c8bcc87f15dba12515e94e40de243b5db103", "type": "github" }, "original": { @@ -1283,11 +1212,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1724878143, - "narHash": "sha256-UjpKo92iZ25M05kgSOw/Ti6VZwpgdlOa73zHj8OcaDk=", + "lastModified": 1728269138, + "narHash": "sha256-oKxDImsOvgUZMY4NwXVyUc/c1HiU2qInX+b5BU0yXls=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "95c3dfe6ef2e96ddc1ccdd7194e3cda02ca9a8ef", + "rev": "ecfcd787f373f43307d764762e139a7cdeb9c22b", "type": "github" }, "original": { @@ -1335,23 +1264,23 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1722555339, - "narHash": "sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q=", + "lastModified": 1727825735, + "narHash": "sha256-0xHYkMkeLVQAMa7gvkddbPqpxph+hDzdu1XdGPJR+Os=", "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz" + "url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz" }, "original": { "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz" + "url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz" } }, "nixpkgs-lib_2": { "locked": { - "lastModified": 1724547350, - "narHash": "sha256-WKkGeNpenNMKD1gOF0Xuqi3VsKX/QCAiwz9qe5PDvzA=", + "lastModified": 1728176478, + "narHash": "sha256-px3Q0W//c+mZ4kPMXq4poztsjtXM1Ja1rN+825YMDUQ=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "b741d900fecd2f0c32d90f853b24be9f5f098b7d", + "rev": "b61309c3c1b6013d36299bc8285612865b3b9e4c", "type": "github" }, "original": { @@ -1362,11 +1291,11 @@ }, "nixpkgs-octoprint": { "locked": { - "lastModified": 1724233768, - "narHash": "sha256-ntANlITwEbXD6iSu60in/+nduIrIMezpvWMy+ld3Qj8=", + "lastModified": 1728380856, + "narHash": "sha256-VKQkINJHIBT7BPA81OM1m6E0KA4FuYzMFGPD6MyaFu4=", "owner": "patrickdag", "repo": "nixpkgs", - "rev": "cef644d466ef29b29a6b1b6939a2ecdf5e1ca4b7", + "rev": "6b95da6ae432c1c3a2025a73dc6ea875fd34dac4", "type": "github" }, "original": { @@ -1456,22 +1385,6 @@ "type": "github" } }, - "nixpkgs-streamcontroller": { - "locked": { - "lastModified": 1724837309, - "narHash": "sha256-PcceZo4TSanYtWPLfBjT5s2PnPhuBHWLllC15KRMZ/U=", - "owner": "sifmelcara", - "repo": "nixpkgs", - "rev": "fc8e88205b7a0ac3e2f409ccf35ca61a0e5ac9d6", - "type": "github" - }, - "original": { - "owner": "sifmelcara", - "ref": "streamcontroller", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs-wayland": { "inputs": { "flake-compat": "flake-compat_5", @@ -1482,11 +1395,11 @@ ] }, "locked": { - "lastModified": 1724927668, - "narHash": "sha256-hOkuflGoYCO5fykoJzCkzI3/7wti8Db62KADHu+ySPo=", + "lastModified": 1728373025, + "narHash": "sha256-5iEV1QH5A74HbTvSR+yrPttqwf6gzlL76JQiXB+P/Q4=", "owner": "nix-community", "repo": "nixpkgs-wayland", - "rev": "9ec93a8a2911b6fafafb8dfd600440124d098528", + "rev": "0a5e8f7bd281e879e9a5fe614d27162261c544d9", "type": "github" }, "original": { @@ -1497,11 +1410,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1724819573, - "narHash": "sha256-GnR7/ibgIH1vhoy8cYdmXE6iyZqKqFxQSVkFgosBh6w=", + "lastModified": 1728241625, + "narHash": "sha256-yumd4fBc/hi8a9QgA9IT8vlQuLZ2oqhkJXHPKxH/tRw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "71e91c409d1e654808b2621f28a327acfdad8dc2", + "rev": "c31898adf5a8ed202ce5bea9f347b1c6871f32d1", "type": "github" }, "original": { @@ -1529,11 +1442,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1723415338, - "narHash": "sha256-K/BVeDLkpswRSBh3APxc2gBNVFEMXGpnkuQz666FiTM=", + "lastModified": 1725194671, + "narHash": "sha256-tLGCFEFTB5TaOKkpfw3iYT9dnk4awTP/q4w+ROpMfuw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6e8760f7f7121128e2037db44915a4a5450b6e67", + "rev": "b833ff01a0d694b910daca6e2ff4a3f26dee478c", "type": "github" }, "original": { @@ -1558,11 +1471,11 @@ "treefmt-nix": "treefmt-nix_2" }, "locked": { - "lastModified": 1724936278, - "narHash": "sha256-Uog/PtUbrxE8S2LgT5ip/yYAWrMNu2n5zUaChKPiAJ4=", + "lastModified": 1728485062, + "narHash": "sha256-+2e9hAM2GVDF3gywdQI/OA7s4f0Z9rvFuiVxePI41QM=", "owner": "nix-community", "repo": "nixvim", - "rev": "4acf12c49d5514d58f78b7ebda8838f5e988fd2a", + "rev": "61ec39764fbe1e4f21cf801ea7b9209d527c8135", "type": "github" }, "original": { @@ -1580,11 +1493,11 @@ ] }, "locked": { - "lastModified": 1724584782, - "narHash": "sha256-7FfHv7b1jwMPSu9SPY9hdxStk8E6EeSwzqdvV69U4BM=", + "lastModified": 1728423244, + "narHash": "sha256-+YwNsyIFj3dXyLVQd1ry4pCNmtOpbceKUrkNS8wp9Ho=", "owner": "NuschtOS", "repo": "search", - "rev": "5a08d691de30b6fc28d58ce71a5e420f2694e087", + "rev": "f276cc3b391493ba3a8b30170776860f9520b7fa", "type": "github" }, "original": { @@ -1718,11 +1631,11 @@ "nixpkgs-stable": "nixpkgs-stable_5" }, "locked": { - "lastModified": 1725513492, - "narHash": "sha256-tyMUA6NgJSvvQuzB7A1Sf8+0XCHyfSPRx/b00o6K0uo=", + "lastModified": 1728092656, + "narHash": "sha256-eMeCTJZ5xBeQ0f9Os7K8DThNVSo9gy4umZLDfF5q6OM=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "7570de7b9b504cfe92025dd1be797bf546f66528", + "rev": "1211305a5b237771e13fcca0c51e60ad47326a9a", "type": "github" }, "original": { @@ -1751,7 +1664,6 @@ "nixos-nftables-firewall": "nixos-nftables-firewall", "nixpkgs": "nixpkgs_2", "nixpkgs-octoprint": "nixpkgs-octoprint", - "nixpkgs-streamcontroller": "nixpkgs-streamcontroller", "nixpkgs-wayland": "nixpkgs-wayland", "nixvim": "nixvim", "pre-commit-hooks": "pre-commit-hooks_4", @@ -1761,23 +1673,6 @@ "templates": "templates" } }, - "rust-analyzer-src": { - "flake": false, - "locked": { - "lastModified": 1722521768, - "narHash": "sha256-FvJ4FaMy1kJbZ3Iw1RyvuiUAsbHJXoU2HwylzaFzj1o=", - "owner": "rust-lang", - "repo": "rust-analyzer", - "rev": "f149dc5029d8406fae8b2c541603bcac06e30deb", - "type": "github" - }, - "original": { - "owner": "rust-lang", - "ref": "nightly", - "repo": "rust-analyzer", - "type": "github" - } - }, "rust-overlay": { "inputs": { "flake-utils": [ @@ -1827,11 +1722,11 @@ ] }, "locked": { - "lastModified": 1724904972, - "narHash": "sha256-UuMf0oHOZqiU81WNSnk30XJ5sKYvvSiChvotptI1Zm0=", + "lastModified": 1728447442, + "narHash": "sha256-4KRBf3doA1OKSQcXc5eQu1NHFdno0SSZI/Xmj4zy1iU=", "owner": "Gerg-l", "repo": "spicetify-nix", - "rev": "6c7bd8132eb69880b7ec8935b6f55dbca1e69424", + "rev": "85ca2b370f962f81973443adb31f2e3559eda1dd", "type": "github" }, "original": { @@ -1844,29 +1739,30 @@ "inputs": { "base16": "base16", "base16-fish": "base16-fish", - "base16-foot": "base16-foot", "base16-helix": "base16-helix", - "base16-kitty": "base16-kitty", - "base16-tmux": "base16-tmux", "base16-vim": "base16-vim", "flake-compat": "flake-compat_9", "flake-utils": "flake-utils_8", "gnome-shell": "gnome-shell", "home-manager": "home-manager_3", "nixpkgs": "nixpkgs_4", - "systems": "systems_10" + "systems": "systems_10", + "tinted-foot": "tinted-foot", + "tinted-kitty": "tinted-kitty", + "tinted-tmux": "tinted-tmux" }, "locked": { - "lastModified": 1724702977, - "narHash": "sha256-bP1/BHbEigLjTTmqyy1t8w5EVWHuLuABtOd/BBXVLtA=", + "lastModified": 1728508267, + "narHash": "sha256-JH2+RXJNooFtZIN6ZhaGZWn2KChMrso4H7Fkp1Ujrdo=", "owner": "danth", "repo": "stylix", - "rev": "6c895c6b42ca205017abe72a7263baf36a197972", + "rev": "ed91a20c84a80a525780dcb5ea3387dddf6cd2de", "type": "github" }, "original": { "owner": "danth", "repo": "stylix", + "rev": "ed91a20c84a80a525780dcb5ea3387dddf6cd2de", "type": "github" } }, @@ -2050,6 +1946,55 @@ "url": "https://forge.lel.lol/patrick/nix-templates.git" } }, + "tinted-foot": { + "flake": false, + "locked": { + "lastModified": 1696725948, + "narHash": "sha256-65bz2bUL/yzZ1c8/GQASnoiGwaF8DczlxJtzik1c0AU=", + "owner": "tinted-theming", + "repo": "tinted-foot", + "rev": "eedbcfa30de0a4baa03e99f5e3ceb5535c2755ce", + "type": "github" + }, + "original": { + "owner": "tinted-theming", + "repo": "tinted-foot", + "type": "github" + } + }, + "tinted-kitty": { + "flake": false, + "locked": { + "lastModified": 1716423189, + "narHash": "sha256-2xF3sH7UIwegn+2gKzMpFi3pk5DlIlM18+vj17Uf82U=", + "owner": "tinted-theming", + "repo": "tinted-kitty", + "rev": "eb39e141db14baef052893285df9f266df041ff8", + "type": "github" + }, + "original": { + "owner": "tinted-theming", + "repo": "tinted-kitty", + "rev": "eb39e141db14baef052893285df9f266df041ff8", + "type": "github" + } + }, + "tinted-tmux": { + "flake": false, + "locked": { + "lastModified": 1696725902, + "narHash": "sha256-wDPg5elZPcQpu7Df0lI5O8Jv4A3T6jUQIVg63KDU+3Q=", + "owner": "tinted-theming", + "repo": "tinted-tmux", + "rev": "c02050bebb60dbb20cb433cd4d8ce668ecc11ba7", + "type": "github" + }, + "original": { + "owner": "tinted-theming", + "repo": "tinted-tmux", + "type": "github" + } + }, "treefmt-nix": { "inputs": { "nixpkgs": [ @@ -2080,11 +2025,11 @@ ] }, "locked": { - "lastModified": 1724833132, - "narHash": "sha256-F4djBvyNRAXGusJiNYInqR6zIMI3rvlp6WiKwsRISos=", + "lastModified": 1727984844, + "narHash": "sha256-xpRqITAoD8rHlXQafYZOLvUXCF6cnZkPfoq67ThN0Hc=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "3ffd842a5f50f435d3e603312eefa4790db46af5", + "rev": "4446c7a6fc0775df028c5a3f6727945ba8400e64", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index b1880fc..3415ccc 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,6 @@ nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs-octoprint.url = "github:patrickdag/nixpkgs/octoprint-update"; - nixpkgs-streamcontroller.url = "github:sifmelcara/nixpkgs/streamcontroller"; nixpkgs-wayland = { url = "github:nix-community/nixpkgs-wayland"; @@ -94,7 +93,9 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - stylix.url = "github:danth/stylix"; + #stylix.url = "github:danth/stylix"; + # https://github.com/danth/stylix/pull/589 + stylix.url = "github:danth/stylix/ed91a20c84a80a525780dcb5ea3387dddf6cd2de"; spicetify-nix = { url = "github:Gerg-l/spicetify-nix"; @@ -108,7 +109,13 @@ }; outputs = - { self, nixos-generators, nixos-extra-modules, nix-topology, ... }@inputs: + { + self, + nixos-generators, + nixos-extra-modules, + nix-topology, + ... + }@inputs: inputs.flake-parts.lib.mkFlake { inherit inputs; } { imports = [ ./nix/agenix-rekey.nix @@ -118,26 +125,36 @@ nix-topology.flakeModule ]; - systems = [ "x86_64-linux" "aarch64-linux" ]; + systems = [ + "x86_64-linux" + "aarch64-linux" + ]; - perSystem = { pkgs, system, ... }: { - topology.modules = [ ./nix/topology.nix ]; - apps.setupHetznerStorageBoxes = import - (nixos-extra-modules + "/apps/setup-hetzner-storage-boxes.nix") { + perSystem = + { pkgs, system, ... }: + { + topology.modules = [ ./nix/topology.nix ]; + apps.setupHetznerStorageBoxes = + import (nixos-extra-modules + "/apps/setup-hetzner-storage-boxes.nix") + { + inherit pkgs; + nixosConfigurations = inputs.self.nodes; + decryptIdentity = builtins.head self.secretsConfig.masterIdentities; + }; + packages.live-iso = nixos-generators.nixosGenerate { inherit pkgs; - nixosConfigurations = inputs.self.nodes; - decryptIdentity = builtins.head self.secretsConfig.masterIdentities; + modules = [ + ./nix/installer-configuration.nix + ./config/basic/ssh.nix + ]; + format = + { + x86_64-linux = "install-iso"; + aarch64-linux = "sd-aarch64-installer"; + } + .${system}; }; - packages.live-iso = nixos-generators.nixosGenerate { - inherit pkgs; - modules = - [ ./nix/installer-configuration.nix ./config/basic/ssh.nix ]; - format = { - x86_64-linux = "install-iso"; - aarch64-linux = "sd-aarch64-installer"; - }.${system}; - }; - }; + }; }; } diff --git a/hosts/desktopnix/default.nix b/hosts/desktopnix/default.nix index 05741c0..a52597d 100644 --- a/hosts/desktopnix/default.nix +++ b/hosts/desktopnix/default.nix @@ -4,17 +4,6 @@ pkgs, ... }: -let - nixp = import inputs.nixpkgs-streamcontroller { system = "x86_64-linux"; }; - streamcontroller = nixp.streamcontroller.overrideAttrs (_prev: { - src = pkgs.fetchFromGitHub { - owner = "patrickdag"; - repo = "streamcontroller"; - rev = "392d1696b2157c35de0c8e177c9f158371df9ec2"; - hash = "sha256-e6MbqS2Iq/Pe7U8qvxFPENBJX55fHcdgfSw5QgoUt54="; - }; - }); -in { imports = [ inputs.nixos-hardware.nixosModules.common-gpu-nvidia-nonprime @@ -90,6 +79,6 @@ in #nixpkgs.config.cudaSupport = true; - environment.systemPackages = [ streamcontroller ]; - services.udev.packages = [ streamcontroller ]; + environment.systemPackages = [ pkgs.streamcontroller ]; + services.udev.packages = [ pkgs.streamcontroller ]; } diff --git a/nix/devshell.nix b/nix/devshell.nix index 8aa7510..9a16333 100644 --- a/nix/devshell.nix +++ b/nix/devshell.nix @@ -9,9 +9,8 @@ { config, pkgs, ... }: { pre-commit.settings.hooks = { - nixfmt = { + nixfmt-rfc-style = { enable = true; - package = pkgs.nixfmt-rfc-style; }; deadnix.enable = true; statix.enable = true;