This commit is contained in:
Patrick 2024-10-10 19:11:21 +02:00
parent aef7c50ec7
commit 339a6c15cd
Signed by: patrick
GPG key ID: 451F95EFB8BECD0F
7 changed files with 270 additions and 319 deletions

View file

@ -1,12 +1,9 @@
{
pkgs,
config,
lib,
...
}:
{
boot.supportedFilesystems = [ "zfs" ];
boot.kernelPackages = lib.mkDefault config.boot.zfs.package.latestCompatibleLinuxPackages;
# The root pool should never be imported forcefully.
# Failure to import is important to notice!

View file

@ -3,6 +3,7 @@
services.invidious = {
enable = true;
domain = "yt.${config.secrets.secrets.global.domains.web}";
sig-helper.enable = true;
settings = {
external_port = 443;
https_only = true;

View file

@ -1,4 +1,7 @@
{ config, lib, ... }:
let
shares = lib.removeAttrs config.services.samba.settings [ "global" ];
in
{
services.samba-wsdd = {
enable = true; # make shares visible for windows 10 clients
@ -70,46 +73,7 @@
openFirewall = true;
enableWinbindd = false;
enableNmbd = false;
extraConfig = lib.concatLines [
''
logging = systemd
log level = 0 auth:2 passdb:2
passdb backend = tdbsam:${config.age.secrets.smbpassdb.path}
server role = standalone
''
# Show the server host name in the printer comment box in print manager
# and next to the IPC connection in net view.
"server string = patricks-tolles-nas"
# Set the NetBIOS name by which the Samba server is known.
"netbios name = patricks-tolles-nas"
# Disable netbios support. We don't need to support browsing since all
# clients hardcode the host and share names.
"disable netbios = yes"
# Allow access to local network
"hosts allow = 192.168.178. 10. localhost"
"guest account = nobody"
"map to guest = bad user"
# Clients should only connect using the latest SMB3 protocol (e.g., on
# clients running Windows 8 and later).
"server min protocol = SMB3_11"
# Require native SMB transport encryption by default.
"server smb encrypt = required"
# Do not map the executable bit to anything
"map archive = no"
"map system = no"
"map hidden = no"
# Disable printer sharing. By default Samba shares printers configured
# using CUPS.
"load printers = no"
"printing = bsd"
"printcap name = /dev/null"
"disable spoolss = yes"
"show add printer wizard = no"
];
shares =
settings =
let
mkShare =
{
@ -162,6 +126,45 @@
};
in
lib.mkMerge [
{
global = {
logging = "systemd";
"log level" = "0 auth:2 passdb:2";
"passdb backend" = "tdbsam:${config.age.secrets.smbpassdb.path}";
"server role" = "standalone";
# Show the server host name in the printer comment box in print manager
# and next to the IPC connection in net view.
"server string" = "patricks-tolles-nas";
# Set the NetBIOS name by which the Samba server is known.
"netbios name" = "patricks-tolles-nas";
# Disable netbios support. We don't need to support browsing since all
# clients hardcode the host and share names.
"disable netbios" = "yes";
# Allow access to local network
"hosts allow" = "192.168.178. 10. localhost";
"guest account" = "nobody";
"map to guest" = "bad user";
# Clients should only connect using the latest SMB3 protocol (e.g., on
# clients running Windows 8 and later).
"server min protocol" = "SMB3_11";
# Require native SMB transport encryption by default.
"server smb encrypt" = "required";
# Do not map the executable bit to anything
"map archive" = "no";
"map system" = "no";
"map hidden" = "no";
# Disable printer sharing. By default Samba shares printers configured
# using CUPS.
"load printers" = "no";
"printing" = "bsd";
"printcap name" = "/dev/null";
"disable spoolss" = "yes";
"show add printer wizard" = "no";
};
}
(mkShare {
name = "ggr-data";
user = "ggr";
@ -219,9 +222,9 @@
};
users =
let
users = lib.unique (lib.mapAttrsToList (_: val: val."force user") config.services.samba.shares);
users = lib.unique (lib.flatten (lib.mapAttrsToList (_: val: val."force user") shares));
groups = lib.unique (
users ++ (lib.mapAttrsToList (_: val: val."force group") config.services.samba.shares)
users ++ (lib.flatten (lib.mapAttrsToList (_: val: val."force group") shares))
);
in
{
@ -262,44 +265,44 @@
};
fileSystems = lib.mkMerge (
lib.flip lib.mapAttrsToList config.services.samba.shares (
lib.flip lib.mapAttrsToList shares (
_: v:
lib.optionalAttrs ((v ? "#paperless") && v."#paperless") {
"${v.path}/consume" = {
lib.optionalAttrs ((v ? "#paperless") && lib.head v."#paperless") {
"${lib.head v.path}/consume" = {
fsType = "none";
options = [ "bind" ];
device = "/paperless/consume/${v."#user"}";
device = "/paperless/consume/${lib.head v."#user"}";
};
"${v.path}/media/archive" = {
"${lib.head v.path}/media/archive" = {
fsType = "none ";
options = [
"bind"
"ro"
];
device = "/paperless/media/documents/archive/${v."#user"}";
device = "/paperless/media/documents/archive/${lib.head v."#user"}";
};
"${v.path}/media/originals" = {
"${lib.head v.path}/media/originals" = {
fsType = "none ";
options = [
"bind"
"ro"
];
device = "/paperless/media/documents/originals/${v."#user"}";
device = "/paperless/media/documents/originals/${lib.head v."#user"}";
};
}
)
);
systemd.tmpfiles.settings = lib.mkMerge (
lib.flip lib.mapAttrsToList config.services.samba.shares (
lib.flip lib.mapAttrsToList shares (
_: v:
lib.optionalAttrs ((v ? "#paperless") && v."#paperless") {
lib.optionalAttrs ((v ? "#paperless") && lib.head v."#paperless") {
"10-smb-paperless"."/paperless/consume/".d = {
user = "paperless";
group = "paperless";
mode = "0770";
};
"10-smb-paperless"."/paperless/consume/${v."#user"}".d = {
"10-smb-paperless"."/paperless/consume/${lib.head v."#user"}".d = {
user = "paperless";
group = "paperless";
mode = "0770";
@ -320,12 +323,12 @@
group = "paperless";
mode = "0770";
};
"10-smb-paperless"."/paperless/media/documents/archive/${v."#user"}".d = {
"10-smb-paperless"."/paperless/media/documents/archive/${lib.head v."#user"}".d = {
user = "paperless";
group = "paperless";
mode = "0770";
};
"10-smb-paperless"."/paperless/media/documents/archive/${v."#user"}/.keep".f = {
"10-smb-paperless"."/paperless/media/documents/archive/${lib.head v."#user"}/.keep".f = {
user = "paperless";
group = "paperless";
mode = "0660";
@ -335,12 +338,12 @@
group = "paperless";
mode = "0770";
};
"10-smb-paperless"."/paperless/media/documents/originals/${v."#user"}".d = {
"10-smb-paperless"."/paperless/media/documents/originals/${lib.head v."#user"}".d = {
user = "paperless";
group = "paperless";
mode = "0770";
};
"10-smb-paperless"."/paperless/media/documents/originals/${v."#user"}/.keep".f = {
"10-smb-paperless"."/paperless/media/documents/originals/${lib.head v."#user"}/.keep".f = {
user = "paperless";
group = "paperless";
mode = "0660";
@ -350,14 +353,14 @@
);
environment.persistence = lib.mkMerge (
lib.flatten [
(lib.flip lib.mapAttrsToList config.services.samba.shares (
(lib.flip lib.mapAttrsToList shares (
_: v:
lib.optionalAttrs ((v ? "#persistRoot") && (v."#persistRoot" != "")) {
${v."#persistRoot"}.directories = [
lib.optionalAttrs ((v ? "#persistRoot") && (lib.head v."#persistRoot" != "")) {
${lib.head v."#persistRoot"}.directories = [
{
directory = "${v.path}";
user = "${v."force user"}";
group = "${v."force group"}";
directory = "${lib.head v.path}";
user = "${lib.head v."force user"}";
group = "${lib.head v."force group"}";
mode = "0770";
}
];

View file

@ -37,11 +37,11 @@
"pre-commit-hooks": "pre-commit-hooks"
},
"locked": {
"lastModified": 1722597419,
"narHash": "sha256-YbMzll0Dh2ln/TryDP+S3IGm8nRHkzcSQIubI4ZEOAw=",
"lastModified": 1727102360,
"narHash": "sha256-ZDqf33OAsr46TlP7TXbxmEf48xenYA3iSLs9441fYbQ=",
"owner": "oddlama",
"repo": "agenix-rekey",
"rev": "126b4a5133eb361cbf5bf90e44c71b6f830845ec",
"rev": "62da71e7eadf6b9b52e831d2e516937c30a5f712",
"type": "github"
},
"original": {
@ -84,30 +84,14 @@
"type": "github"
}
},
"base16-foot": {
"flake": false,
"locked": {
"lastModified": 1696725948,
"narHash": "sha256-65bz2bUL/yzZ1c8/GQASnoiGwaF8DczlxJtzik1c0AU=",
"owner": "tinted-theming",
"repo": "base16-foot",
"rev": "eedbcfa30de0a4baa03e99f5e3ceb5535c2755ce",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "base16-foot",
"type": "github"
}
},
"base16-helix": {
"flake": false,
"locked": {
"lastModified": 1720809814,
"narHash": "sha256-numb3xigRGnr/deF7wdjBwVg7fpbTH7reFDkJ75AJkY=",
"lastModified": 1725860795,
"narHash": "sha256-Z2o8VBPW3I+KKTSfe25kskz0EUj7MpUh8u355Z1nVsU=",
"owner": "tinted-theming",
"repo": "base16-helix",
"rev": "34f41987bec14c0f3f6b2155c19787b1f6489625",
"rev": "7f795bf75d38e0eea9fed287264067ca187b88a9",
"type": "github"
},
"original": {
@ -116,38 +100,6 @@
"type": "github"
}
},
"base16-kitty": {
"flake": false,
"locked": {
"lastModified": 1665001328,
"narHash": "sha256-aRaizTYPpuWEcvoYE9U+YRX+Wsc8+iG0guQJbvxEdJY=",
"owner": "kdrag0n",
"repo": "base16-kitty",
"rev": "06bb401fa9a0ffb84365905ffbb959ae5bf40805",
"type": "github"
},
"original": {
"owner": "kdrag0n",
"repo": "base16-kitty",
"type": "github"
}
},
"base16-tmux": {
"flake": false,
"locked": {
"lastModified": 1696725902,
"narHash": "sha256-wDPg5elZPcQpu7Df0lI5O8Jv4A3T6jUQIVg63KDU+3Q=",
"owner": "tinted-theming",
"repo": "base16-tmux",
"rev": "c02050bebb60dbb20cb433cd4d8ce668ecc11ba7",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "base16-tmux",
"type": "github"
}
},
"base16-vim": {
"flake": false,
"locked": {
@ -269,11 +221,11 @@
]
},
"locked": {
"lastModified": 1722113426,
"narHash": "sha256-Yo/3loq572A8Su6aY5GP56knpuKYRvM2a1meP9oJZCw=",
"lastModified": 1728330715,
"narHash": "sha256-xRJ2nPOXb//u1jaBnDP56M7v5ldavjbtR6lfGqSvcKg=",
"owner": "numtide",
"repo": "devshell",
"rev": "67cce7359e4cd3c45296fb4aaf6a19e2a9c757ae",
"rev": "dd6b80932022cea34a019e2bb32f6fa9e494dfef",
"type": "github"
},
"original": {
@ -334,11 +286,11 @@
]
},
"locked": {
"lastModified": 1722113426,
"narHash": "sha256-Yo/3loq572A8Su6aY5GP56knpuKYRvM2a1meP9oJZCw=",
"lastModified": 1728330715,
"narHash": "sha256-xRJ2nPOXb//u1jaBnDP56M7v5ldavjbtR6lfGqSvcKg=",
"owner": "numtide",
"repo": "devshell",
"rev": "67cce7359e4cd3c45296fb4aaf6a19e2a9c757ae",
"rev": "dd6b80932022cea34a019e2bb32f6fa9e494dfef",
"type": "github"
},
"original": {
@ -354,11 +306,11 @@
]
},
"locked": {
"lastModified": 1724895876,
"narHash": "sha256-GSqAwa00+vRuHbq9O/yRv7Ov7W/pcMLis3HmeHv8a+Q=",
"lastModified": 1728334376,
"narHash": "sha256-CTKEKPzD/j8FK6H4DO3EjyixZd3HHvgAgfnCwpGFP5c=",
"owner": "nix-community",
"repo": "disko",
"rev": "511388d837178979de66d14ca4a2ebd5f7991cd3",
"rev": "d39ee334984fcdae6244f5a8e6ab857479cbaefe",
"type": "github"
},
"original": {
@ -367,28 +319,6 @@
"type": "github"
}
},
"fenix": {
"inputs": {
"nixpkgs": [
"microvm",
"nixpkgs"
],
"rust-analyzer-src": "rust-analyzer-src"
},
"locked": {
"lastModified": 1722580276,
"narHash": "sha256-VaNcSh7n8OaFW/DJsR6Fm23V+EGpSei0DyF71RKB+90=",
"owner": "nix-community",
"repo": "fenix",
"rev": "286f371b3cfeaa5c856c8e6dfb893018e86cc947",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "fenix",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
@ -535,11 +465,11 @@
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1722555600,
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
"lastModified": 1727826117,
"narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
"rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1",
"type": "github"
},
"original": {
@ -599,11 +529,11 @@
]
},
"locked": {
"lastModified": 1722555600,
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
"lastModified": 1727826117,
"narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
"rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1",
"type": "github"
},
"original": {
@ -619,11 +549,11 @@
]
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"type": "github"
},
"original": {
@ -709,11 +639,11 @@
"systems": "systems_8"
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"type": "github"
},
"original": {
@ -727,11 +657,11 @@
"systems": "systems_9"
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"type": "github"
},
"original": {
@ -794,11 +724,11 @@
]
},
"locked": {
"lastModified": 1724857454,
"narHash": "sha256-Qyl9Q4QMTLZnnBb/8OuQ9LSkzWjBU1T5l5zIzTxkkhk=",
"lastModified": 1728092656,
"narHash": "sha256-eMeCTJZ5xBeQ0f9Os7K8DThNVSo9gy4umZLDfF5q6OM=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "4509ca64f1084e73bc7a721b20c669a8d4c5ebe6",
"rev": "1211305a5b237771e13fcca0c51e60ad47326a9a",
"type": "github"
},
"original": {
@ -962,11 +892,11 @@
]
},
"locked": {
"lastModified": 1724435763,
"narHash": "sha256-UNky3lJNGQtUEXT2OY8gMxejakSWPTfWKvpFkpFlAfM=",
"lastModified": 1728337164,
"narHash": "sha256-VdRTjJFyq4Q9U7Z/UoC2Q5jK8vSo6E86lHc2OanXtvc=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "c2cd2a52e02f1dfa1c88f95abeb89298d46023be",
"rev": "038630363e7de57c36c417fd2f5d7c14773403e4",
"type": "github"
},
"original": {
@ -983,11 +913,11 @@
]
},
"locked": {
"lastModified": 1724435763,
"narHash": "sha256-UNky3lJNGQtUEXT2OY8gMxejakSWPTfWKvpFkpFlAfM=",
"lastModified": 1728337164,
"narHash": "sha256-VdRTjJFyq4Q9U7Z/UoC2Q5jK8vSo6E86lHc2OanXtvc=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "c2cd2a52e02f1dfa1c88f95abeb89298d46023be",
"rev": "038630363e7de57c36c417fd2f5d7c14773403e4",
"type": "github"
},
"original": {
@ -1019,11 +949,11 @@
},
"impermanence": {
"locked": {
"lastModified": 1724489415,
"narHash": "sha256-ey8vhwY/6XCKoh7fyTn3aIQs7WeYSYtLbYEG87VCzX4=",
"lastModified": 1727649413,
"narHash": "sha256-FA53of86DjFdeQzRDVtvgWF9o52rWK70VHGx0Y8fElQ=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "c7f5b394397398c023000cf843986ee2571a1fd7",
"rev": "d0b38e550039a72aff896ee65b0918e975e6d48e",
"type": "github"
},
"original": {
@ -1065,11 +995,11 @@
"nixpkgs-lib": "nixpkgs-lib_2"
},
"locked": {
"lastModified": 1724587851,
"narHash": "sha256-+tnTRvR9TzXQDl5OynS+tKBZyPB6viT99zs4fXI0lfk=",
"lastModified": 1728216729,
"narHash": "sha256-HsisE2yMld0LckvQ3v/00bXFg11E5Q2XI8taPUewDPA=",
"owner": "nix-community",
"repo": "lib-aggregate",
"rev": "eda1cdaddc64064f53e65ae614e061010e5fb92f",
"rev": "6c4cf448d33ce86bcc06c6d50bcecc33666105ee",
"type": "github"
},
"original": {
@ -1093,7 +1023,6 @@
},
"microvm": {
"inputs": {
"fenix": "fenix",
"flake-utils": [
"flake-utils"
],
@ -1103,11 +1032,11 @@
"spectrum": "spectrum"
},
"locked": {
"lastModified": 1723470968,
"narHash": "sha256-W76xLG4thxkENM3MOoXWYqKPrgk1WgUWzTixUyuw/co=",
"lastModified": 1728349983,
"narHash": "sha256-VRQm46/W29z87IeITfvxIrS6LUEItgDtEDzqVX59q0E=",
"owner": "astro",
"repo": "microvm.nix",
"rev": "69e8ac63a7a4d40bb65e73af41ba60df2eba0419",
"rev": "470537e671d743f40812b9c071a4130eabdb3deb",
"type": "github"
},
"original": {
@ -1124,11 +1053,11 @@
]
},
"locked": {
"lastModified": 1724561770,
"narHash": "sha256-zv8C9RNa86CIpyHwPIVO/k+5TfM8ZbjGwOOpTe1grls=",
"lastModified": 1728385805,
"narHash": "sha256-mUd38b0vhB7yzgAjNOaFz7VY9xIVzlbn3P2wjGBcVV0=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "ac5694a0b855a981e81b4d9f14052e3ff46ca39e",
"rev": "48b50b3b137be5cfb9f4d006835ce7c3fe558ccc",
"type": "github"
},
"original": {
@ -1145,11 +1074,11 @@
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1723372011,
"narHash": "sha256-zqenoufFiPfobw74idorZMG8AXG3DnFzbHplt/Nkvrg=",
"lastModified": 1727953523,
"narHash": "sha256-cT8fN56OHCqTajmj2JwDL5uhTIEFvVSnBRvypXfZ9f4=",
"owner": "nix-community",
"repo": "nix-eval-jobs",
"rev": "8802412b8747633e9d80639897e4d58fa6290909",
"rev": "7ae693d28c5922533ce86f348ddb6709a2beffbf",
"type": "github"
},
"original": {
@ -1187,11 +1116,11 @@
]
},
"locked": {
"lastModified": 1724576102,
"narHash": "sha256-uM7n5nNL6fmA0bwMJBNll11f4cMWOFa2Ni6F5KeIldM=",
"lastModified": 1728263287,
"narHash": "sha256-GJDtsxz2/zw6g/Nrp4XVWBS5IaZ7ZUkuvxPOBEDe7pg=",
"owner": "nix-community",
"repo": "nix-index-database",
"rev": "e333d62b70b179da1dd78d94315e8a390f2d12e5",
"rev": "5fce10c871bab6d7d5ac9e5e7efbb3a2783f5259",
"type": "github"
},
"original": {
@ -1208,11 +1137,11 @@
"pre-commit-hooks": "pre-commit-hooks_2"
},
"locked": {
"lastModified": 1724368485,
"narHash": "sha256-/MzkcvJN8zN+y5vevpT6OQJXTb+sSpxQA0iywn9CD+A=",
"lastModified": 1725483443,
"narHash": "sha256-WzOlGMKV/51Fccn/OMHcm5yrqgbOJZrJIy1ya4pW0u8=",
"owner": "oddlama",
"repo": "nix-topology",
"rev": "1826fe50f19dd076f13ede0254e170247e0afb06",
"rev": "8738d94670265beb166954c4e3a26e432f79f68c",
"type": "github"
},
"original": {
@ -1223,11 +1152,11 @@
},
"nixlib": {
"locked": {
"lastModified": 1724547350,
"narHash": "sha256-WKkGeNpenNMKD1gOF0Xuqi3VsKX/QCAiwz9qe5PDvzA=",
"lastModified": 1728176478,
"narHash": "sha256-px3Q0W//c+mZ4kPMXq4poztsjtXM1Ja1rN+825YMDUQ=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "b741d900fecd2f0c32d90f853b24be9f5f098b7d",
"rev": "b61309c3c1b6013d36299bc8285612865b3b9e4c",
"type": "github"
},
"original": {
@ -1247,11 +1176,11 @@
"pre-commit-hooks": "pre-commit-hooks_3"
},
"locked": {
"lastModified": 1723133809,
"narHash": "sha256-CUx2HOkP6Gsd7Hi+jPgm57P9Kgq0dxRG8UrxLhjDmr8=",
"lastModified": 1728505352,
"narHash": "sha256-rhiGjMfjMzayx9YJwWl53QXGWGrI9VgurB1eo7mGFm8=",
"owner": "oddlama",
"repo": "nixos-extra-modules",
"rev": "2dfcc1f7de2cb36566c5f1b48986dd4555a173dc",
"rev": "4bcc7dd2a113a7bf71bcc4707f384ac2c34891d4",
"type": "github"
},
"original": {
@ -1268,11 +1197,11 @@
]
},
"locked": {
"lastModified": 1724893087,
"narHash": "sha256-M3+Z8SSpzKPQ+/vw9a99G9HfqKWbVGzhFz4p3KAX0NI=",
"lastModified": 1728308313,
"narHash": "sha256-GThSJ4OcPOOtf8j8ge7ik4141BHVbBALu0N7Ju+Nw18=",
"owner": "nix-community",
"repo": "nixos-generators",
"rev": "0dd0205bc3f6d602ddb62aaece5f62a8715a9e85",
"rev": "71f9c8bcc87f15dba12515e94e40de243b5db103",
"type": "github"
},
"original": {
@ -1283,11 +1212,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1724878143,
"narHash": "sha256-UjpKo92iZ25M05kgSOw/Ti6VZwpgdlOa73zHj8OcaDk=",
"lastModified": 1728269138,
"narHash": "sha256-oKxDImsOvgUZMY4NwXVyUc/c1HiU2qInX+b5BU0yXls=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "95c3dfe6ef2e96ddc1ccdd7194e3cda02ca9a8ef",
"rev": "ecfcd787f373f43307d764762e139a7cdeb9c22b",
"type": "github"
},
"original": {
@ -1335,23 +1264,23 @@
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1722555339,
"narHash": "sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q=",
"lastModified": 1727825735,
"narHash": "sha256-0xHYkMkeLVQAMa7gvkddbPqpxph+hDzdu1XdGPJR+Os=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
"url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
"url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz"
}
},
"nixpkgs-lib_2": {
"locked": {
"lastModified": 1724547350,
"narHash": "sha256-WKkGeNpenNMKD1gOF0Xuqi3VsKX/QCAiwz9qe5PDvzA=",
"lastModified": 1728176478,
"narHash": "sha256-px3Q0W//c+mZ4kPMXq4poztsjtXM1Ja1rN+825YMDUQ=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "b741d900fecd2f0c32d90f853b24be9f5f098b7d",
"rev": "b61309c3c1b6013d36299bc8285612865b3b9e4c",
"type": "github"
},
"original": {
@ -1362,11 +1291,11 @@
},
"nixpkgs-octoprint": {
"locked": {
"lastModified": 1724233768,
"narHash": "sha256-ntANlITwEbXD6iSu60in/+nduIrIMezpvWMy+ld3Qj8=",
"lastModified": 1728380856,
"narHash": "sha256-VKQkINJHIBT7BPA81OM1m6E0KA4FuYzMFGPD6MyaFu4=",
"owner": "patrickdag",
"repo": "nixpkgs",
"rev": "cef644d466ef29b29a6b1b6939a2ecdf5e1ca4b7",
"rev": "6b95da6ae432c1c3a2025a73dc6ea875fd34dac4",
"type": "github"
},
"original": {
@ -1456,22 +1385,6 @@
"type": "github"
}
},
"nixpkgs-streamcontroller": {
"locked": {
"lastModified": 1724837309,
"narHash": "sha256-PcceZo4TSanYtWPLfBjT5s2PnPhuBHWLllC15KRMZ/U=",
"owner": "sifmelcara",
"repo": "nixpkgs",
"rev": "fc8e88205b7a0ac3e2f409ccf35ca61a0e5ac9d6",
"type": "github"
},
"original": {
"owner": "sifmelcara",
"ref": "streamcontroller",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-wayland": {
"inputs": {
"flake-compat": "flake-compat_5",
@ -1482,11 +1395,11 @@
]
},
"locked": {
"lastModified": 1724927668,
"narHash": "sha256-hOkuflGoYCO5fykoJzCkzI3/7wti8Db62KADHu+ySPo=",
"lastModified": 1728373025,
"narHash": "sha256-5iEV1QH5A74HbTvSR+yrPttqwf6gzlL76JQiXB+P/Q4=",
"owner": "nix-community",
"repo": "nixpkgs-wayland",
"rev": "9ec93a8a2911b6fafafb8dfd600440124d098528",
"rev": "0a5e8f7bd281e879e9a5fe614d27162261c544d9",
"type": "github"
},
"original": {
@ -1497,11 +1410,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1724819573,
"narHash": "sha256-GnR7/ibgIH1vhoy8cYdmXE6iyZqKqFxQSVkFgosBh6w=",
"lastModified": 1728241625,
"narHash": "sha256-yumd4fBc/hi8a9QgA9IT8vlQuLZ2oqhkJXHPKxH/tRw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "71e91c409d1e654808b2621f28a327acfdad8dc2",
"rev": "c31898adf5a8ed202ce5bea9f347b1c6871f32d1",
"type": "github"
},
"original": {
@ -1529,11 +1442,11 @@
},
"nixpkgs_4": {
"locked": {
"lastModified": 1723415338,
"narHash": "sha256-K/BVeDLkpswRSBh3APxc2gBNVFEMXGpnkuQz666FiTM=",
"lastModified": 1725194671,
"narHash": "sha256-tLGCFEFTB5TaOKkpfw3iYT9dnk4awTP/q4w+ROpMfuw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "6e8760f7f7121128e2037db44915a4a5450b6e67",
"rev": "b833ff01a0d694b910daca6e2ff4a3f26dee478c",
"type": "github"
},
"original": {
@ -1558,11 +1471,11 @@
"treefmt-nix": "treefmt-nix_2"
},
"locked": {
"lastModified": 1724936278,
"narHash": "sha256-Uog/PtUbrxE8S2LgT5ip/yYAWrMNu2n5zUaChKPiAJ4=",
"lastModified": 1728485062,
"narHash": "sha256-+2e9hAM2GVDF3gywdQI/OA7s4f0Z9rvFuiVxePI41QM=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "4acf12c49d5514d58f78b7ebda8838f5e988fd2a",
"rev": "61ec39764fbe1e4f21cf801ea7b9209d527c8135",
"type": "github"
},
"original": {
@ -1580,11 +1493,11 @@
]
},
"locked": {
"lastModified": 1724584782,
"narHash": "sha256-7FfHv7b1jwMPSu9SPY9hdxStk8E6EeSwzqdvV69U4BM=",
"lastModified": 1728423244,
"narHash": "sha256-+YwNsyIFj3dXyLVQd1ry4pCNmtOpbceKUrkNS8wp9Ho=",
"owner": "NuschtOS",
"repo": "search",
"rev": "5a08d691de30b6fc28d58ce71a5e420f2694e087",
"rev": "f276cc3b391493ba3a8b30170776860f9520b7fa",
"type": "github"
},
"original": {
@ -1718,11 +1631,11 @@
"nixpkgs-stable": "nixpkgs-stable_5"
},
"locked": {
"lastModified": 1725513492,
"narHash": "sha256-tyMUA6NgJSvvQuzB7A1Sf8+0XCHyfSPRx/b00o6K0uo=",
"lastModified": 1728092656,
"narHash": "sha256-eMeCTJZ5xBeQ0f9Os7K8DThNVSo9gy4umZLDfF5q6OM=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "7570de7b9b504cfe92025dd1be797bf546f66528",
"rev": "1211305a5b237771e13fcca0c51e60ad47326a9a",
"type": "github"
},
"original": {
@ -1751,7 +1664,6 @@
"nixos-nftables-firewall": "nixos-nftables-firewall",
"nixpkgs": "nixpkgs_2",
"nixpkgs-octoprint": "nixpkgs-octoprint",
"nixpkgs-streamcontroller": "nixpkgs-streamcontroller",
"nixpkgs-wayland": "nixpkgs-wayland",
"nixvim": "nixvim",
"pre-commit-hooks": "pre-commit-hooks_4",
@ -1761,23 +1673,6 @@
"templates": "templates"
}
},
"rust-analyzer-src": {
"flake": false,
"locked": {
"lastModified": 1722521768,
"narHash": "sha256-FvJ4FaMy1kJbZ3Iw1RyvuiUAsbHJXoU2HwylzaFzj1o=",
"owner": "rust-lang",
"repo": "rust-analyzer",
"rev": "f149dc5029d8406fae8b2c541603bcac06e30deb",
"type": "github"
},
"original": {
"owner": "rust-lang",
"ref": "nightly",
"repo": "rust-analyzer",
"type": "github"
}
},
"rust-overlay": {
"inputs": {
"flake-utils": [
@ -1827,11 +1722,11 @@
]
},
"locked": {
"lastModified": 1724904972,
"narHash": "sha256-UuMf0oHOZqiU81WNSnk30XJ5sKYvvSiChvotptI1Zm0=",
"lastModified": 1728447442,
"narHash": "sha256-4KRBf3doA1OKSQcXc5eQu1NHFdno0SSZI/Xmj4zy1iU=",
"owner": "Gerg-l",
"repo": "spicetify-nix",
"rev": "6c7bd8132eb69880b7ec8935b6f55dbca1e69424",
"rev": "85ca2b370f962f81973443adb31f2e3559eda1dd",
"type": "github"
},
"original": {
@ -1844,29 +1739,30 @@
"inputs": {
"base16": "base16",
"base16-fish": "base16-fish",
"base16-foot": "base16-foot",
"base16-helix": "base16-helix",
"base16-kitty": "base16-kitty",
"base16-tmux": "base16-tmux",
"base16-vim": "base16-vim",
"flake-compat": "flake-compat_9",
"flake-utils": "flake-utils_8",
"gnome-shell": "gnome-shell",
"home-manager": "home-manager_3",
"nixpkgs": "nixpkgs_4",
"systems": "systems_10"
"systems": "systems_10",
"tinted-foot": "tinted-foot",
"tinted-kitty": "tinted-kitty",
"tinted-tmux": "tinted-tmux"
},
"locked": {
"lastModified": 1724702977,
"narHash": "sha256-bP1/BHbEigLjTTmqyy1t8w5EVWHuLuABtOd/BBXVLtA=",
"lastModified": 1728508267,
"narHash": "sha256-JH2+RXJNooFtZIN6ZhaGZWn2KChMrso4H7Fkp1Ujrdo=",
"owner": "danth",
"repo": "stylix",
"rev": "6c895c6b42ca205017abe72a7263baf36a197972",
"rev": "ed91a20c84a80a525780dcb5ea3387dddf6cd2de",
"type": "github"
},
"original": {
"owner": "danth",
"repo": "stylix",
"rev": "ed91a20c84a80a525780dcb5ea3387dddf6cd2de",
"type": "github"
}
},
@ -2050,6 +1946,55 @@
"url": "https://forge.lel.lol/patrick/nix-templates.git"
}
},
"tinted-foot": {
"flake": false,
"locked": {
"lastModified": 1696725948,
"narHash": "sha256-65bz2bUL/yzZ1c8/GQASnoiGwaF8DczlxJtzik1c0AU=",
"owner": "tinted-theming",
"repo": "tinted-foot",
"rev": "eedbcfa30de0a4baa03e99f5e3ceb5535c2755ce",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "tinted-foot",
"type": "github"
}
},
"tinted-kitty": {
"flake": false,
"locked": {
"lastModified": 1716423189,
"narHash": "sha256-2xF3sH7UIwegn+2gKzMpFi3pk5DlIlM18+vj17Uf82U=",
"owner": "tinted-theming",
"repo": "tinted-kitty",
"rev": "eb39e141db14baef052893285df9f266df041ff8",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "tinted-kitty",
"rev": "eb39e141db14baef052893285df9f266df041ff8",
"type": "github"
}
},
"tinted-tmux": {
"flake": false,
"locked": {
"lastModified": 1696725902,
"narHash": "sha256-wDPg5elZPcQpu7Df0lI5O8Jv4A3T6jUQIVg63KDU+3Q=",
"owner": "tinted-theming",
"repo": "tinted-tmux",
"rev": "c02050bebb60dbb20cb433cd4d8ce668ecc11ba7",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "tinted-tmux",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
@ -2080,11 +2025,11 @@
]
},
"locked": {
"lastModified": 1724833132,
"narHash": "sha256-F4djBvyNRAXGusJiNYInqR6zIMI3rvlp6WiKwsRISos=",
"lastModified": 1727984844,
"narHash": "sha256-xpRqITAoD8rHlXQafYZOLvUXCF6cnZkPfoq67ThN0Hc=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "3ffd842a5f50f435d3e603312eefa4790db46af5",
"rev": "4446c7a6fc0775df028c5a3f6727945ba8400e64",
"type": "github"
},
"original": {

View file

@ -5,7 +5,6 @@
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs-octoprint.url = "github:patrickdag/nixpkgs/octoprint-update";
nixpkgs-streamcontroller.url = "github:sifmelcara/nixpkgs/streamcontroller";
nixpkgs-wayland = {
url = "github:nix-community/nixpkgs-wayland";
@ -94,7 +93,9 @@
inputs.nixpkgs.follows = "nixpkgs";
};
stylix.url = "github:danth/stylix";
#stylix.url = "github:danth/stylix";
# https://github.com/danth/stylix/pull/589
stylix.url = "github:danth/stylix/ed91a20c84a80a525780dcb5ea3387dddf6cd2de";
spicetify-nix = {
url = "github:Gerg-l/spicetify-nix";
@ -108,7 +109,13 @@
};
outputs =
{ self, nixos-generators, nixos-extra-modules, nix-topology, ... }@inputs:
{
self,
nixos-generators,
nixos-extra-modules,
nix-topology,
...
}@inputs:
inputs.flake-parts.lib.mkFlake { inherit inputs; } {
imports = [
./nix/agenix-rekey.nix
@ -118,26 +125,36 @@
nix-topology.flakeModule
];
systems = [ "x86_64-linux" "aarch64-linux" ];
systems = [
"x86_64-linux"
"aarch64-linux"
];
perSystem = { pkgs, system, ... }: {
topology.modules = [ ./nix/topology.nix ];
apps.setupHetznerStorageBoxes = import
(nixos-extra-modules + "/apps/setup-hetzner-storage-boxes.nix") {
perSystem =
{ pkgs, system, ... }:
{
topology.modules = [ ./nix/topology.nix ];
apps.setupHetznerStorageBoxes =
import (nixos-extra-modules + "/apps/setup-hetzner-storage-boxes.nix")
{
inherit pkgs;
nixosConfigurations = inputs.self.nodes;
decryptIdentity = builtins.head self.secretsConfig.masterIdentities;
};
packages.live-iso = nixos-generators.nixosGenerate {
inherit pkgs;
nixosConfigurations = inputs.self.nodes;
decryptIdentity = builtins.head self.secretsConfig.masterIdentities;
modules = [
./nix/installer-configuration.nix
./config/basic/ssh.nix
];
format =
{
x86_64-linux = "install-iso";
aarch64-linux = "sd-aarch64-installer";
}
.${system};
};
packages.live-iso = nixos-generators.nixosGenerate {
inherit pkgs;
modules =
[ ./nix/installer-configuration.nix ./config/basic/ssh.nix ];
format = {
x86_64-linux = "install-iso";
aarch64-linux = "sd-aarch64-installer";
}.${system};
};
};
};
};
}

View file

@ -4,17 +4,6 @@
pkgs,
...
}:
let
nixp = import inputs.nixpkgs-streamcontroller { system = "x86_64-linux"; };
streamcontroller = nixp.streamcontroller.overrideAttrs (_prev: {
src = pkgs.fetchFromGitHub {
owner = "patrickdag";
repo = "streamcontroller";
rev = "392d1696b2157c35de0c8e177c9f158371df9ec2";
hash = "sha256-e6MbqS2Iq/Pe7U8qvxFPENBJX55fHcdgfSw5QgoUt54=";
};
});
in
{
imports = [
inputs.nixos-hardware.nixosModules.common-gpu-nvidia-nonprime
@ -90,6 +79,6 @@ in
#nixpkgs.config.cudaSupport = true;
environment.systemPackages = [ streamcontroller ];
services.udev.packages = [ streamcontroller ];
environment.systemPackages = [ pkgs.streamcontroller ];
services.udev.packages = [ pkgs.streamcontroller ];
}

View file

@ -9,9 +9,8 @@
{ config, pkgs, ... }:
{
pre-commit.settings.hooks = {
nixfmt = {
nixfmt-rfc-style = {
enable = true;
package = pkgs.nixfmt-rfc-style;
};
deadnix.enable = true;
statix.enable = true;