diff --git a/flake.lock b/flake.lock index 31de05d..4b6492d 100644 --- a/flake.lock +++ b/flake.lock @@ -3,16 +3,17 @@ "agenix": { "inputs": { "darwin": "darwin", + "home-manager": "home-manager", "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1682101079, - "narHash": "sha256-MdAhtjrLKnk2uiqun1FWABbKpLH090oeqCSiWemtuck=", + "lastModified": 1684153753, + "narHash": "sha256-PVbWt3qrjYAK+T5KplFcO+h7aZWfEj1UtyoKlvcDxh0=", "owner": "ryantm", "repo": "agenix", - "rev": "2994d002dcff5353ca1ac48ec584c7f6589fe447", + "rev": "db5637d10f797bb251b94ef9040b237f4702cde3", "type": "github" }, "original": { @@ -64,14 +65,15 @@ "flake-utils": "flake-utils", "nixpkgs": [ "nixpkgs" - ] + ], + "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1682187467, - "narHash": "sha256-Mh2ETdqfFLflMK1hKgxVVE3/A/4xhG10FXst+piVla4=", + "lastModified": 1685870127, + "narHash": "sha256-7RxP74sT0h3qN4EQefG/hBF96Zhb954tsYKniPBWwmI=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "2afeb0596418d37aa3feb7203cc37a11c10c83fe", + "rev": "70db17480e76d556cc5363c1ba22cd591c83fa76", "type": "github" }, "original": { @@ -133,12 +135,15 @@ } }, "flake-utils": { + "inputs": { + "systems": "systems" + }, "locked": { - "lastModified": 1667395993, - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "lastModified": 1685518550, + "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", "owner": "numtide", "repo": "flake-utils", - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef", "type": "github" }, "original": { @@ -149,14 +154,14 @@ }, "flake-utils_2": { "inputs": { - "systems": "systems" + "systems": "systems_2" }, "locked": { - "lastModified": 1681202837, - "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "lastModified": 1685518550, + "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", "owner": "numtide", "repo": "flake-utils", - "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef", "type": "github" }, "original": { @@ -166,14 +171,14 @@ }, "flake-utils_3": { "inputs": { - "systems": "systems_2" + "systems": "systems_3" }, "locked": { - "lastModified": 1681202837, - "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "lastModified": 1685518550, + "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", "owner": "numtide", "repo": "flake-utils", - "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef", "type": "github" }, "original": { @@ -185,15 +190,36 @@ "home-manager": { "inputs": { "nixpkgs": [ + "agenix", "nixpkgs" ] }, "locked": { - "lastModified": 1682176386, - "narHash": "sha256-xwYjQ8PjfdHlggi8Dq0PXWby/1oXegSUuNuBvoTcnpA=", + "lastModified": 1682203081, + "narHash": "sha256-kRL4ejWDhi0zph/FpebFYhzqlOBrk0Pl3dzGEKSAlEw=", "owner": "nix-community", "repo": "home-manager", - "rev": "6169690ae38175295605d521bd778d999fbd85cd", + "rev": "32d3e39c491e2f91152c84f8ad8b003420eab0a1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1685885003, + "narHash": "sha256-+OB0EvZBfGvnlTGg6mtyUCqkMnUp9DkmRUU4d7BZBVE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "607d8fad96436b134424b9935166a7cd0884003e", "type": "github" }, "original": { @@ -207,11 +233,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1681214977, - "narHash": "sha256-pBaG4iKzF/YJQA06f87IZokB15Z13DYd6zsT/wlbWfI=", + "lastModified": 1685621386, + "narHash": "sha256-QxSbJ/deTW8r9DCveOr5N/TpiUqBAmGXsKdqmnVNW8s=", "owner": "nix-community", "repo": "lib-aggregate", - "rev": "19d70ca7a81956bd01a768297b84798f301e150f", + "rev": "5b7f85fd4ee671b013f2c1935abf4cb5499ad3b5", "type": "github" }, "original": { @@ -226,11 +252,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1681421147, - "narHash": "sha256-VSxwnvZFR8Kro784wG75D+FnhhqS1ObhQacFKIp42W4=", + "lastModified": 1685435187, + "narHash": "sha256-2tSrjl16iHdG6FYMNKS+MdsIDrCWXuKQ0XRWcdbMdFg=", "owner": "nix-community", "repo": "nix-eval-jobs", - "rev": "a5bb26e9ea62b160df617577ff97ab778d5221aa", + "rev": "a0e0808280535bc22ffde7d34ecad11014edd6a9", "type": "github" }, "original": { @@ -246,11 +272,11 @@ ] }, "locked": { - "lastModified": 1681591833, - "narHash": "sha256-lW+xOELafAs29yw56FG4MzNOFkh8VHC/X/tRs1wsGn8=", + "lastModified": 1685764721, + "narHash": "sha256-CIy1iwQTEKfZRrid4gBLA+r/LPGA9IUFo0lKJVyECGI=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "68ec961c51f48768f72d2bbdb396ce65a316677e", + "rev": "669ca1f2e2bc401abab6b837ae9c51503edc9b49", "type": "github" }, "original": { @@ -302,11 +328,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1680876084, - "narHash": "sha256-eP9yxP0wc7XuVaODugh+ajgbFGaile2O1ihxiLxOuvU=", + "lastModified": 1684899633, + "narHash": "sha256-NtwerXX8UFsoNy6k+DukJMriWtEjQtMU/Urbff2O2Dg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "3006d2860a6ed5e01b0c3e7ffb730e9b293116e2", + "rev": "4cc688ee711159b9bcb5a367be44007934e1a49d", "type": "github" }, "original": { @@ -322,34 +348,36 @@ "nixpkgs" ], "nixpkgs-22_11": "nixpkgs-22_11", + "nixpkgs-23_05": "nixpkgs-23_05", "utils": "utils" }, "locked": { - "lastModified": 1671738303, - "narHash": "sha256-PRgqtaWf2kMSYqVmcnmhTh+UsC0RmvXRTr+EOw5VZUA=", + "lastModified": 1685482651, + "narHash": "sha256-x3W/EZftpdDzJw5dus6i3efIBBbGWFqWXEVfA3kcyyU=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "6d0d9fb966cc565a3df74d3b686f924c7615118c", + "rev": "acc7791ee9f47f62529a874d8b46f09b5bce2ce0", "type": "gitlab" }, "original": { "owner": "simple-nixos-mailserver", + "ref": "nixos-23.05", "repo": "nixos-mailserver", "type": "gitlab" } }, "nixpkgs": { "locked": { - "lastModified": 1681920287, - "narHash": "sha256-+/d6XQQfhhXVfqfLROJoqj3TuG38CAeoT6jO1g9r1k0=", + "lastModified": 1685801374, + "narHash": "sha256-otaSUoFEMM+LjBI1XL/xGB5ao6IwnZOXc47qhIgJe8U=", "owner": "nixos", "repo": "nixpkgs", - "rev": "645bc49f34fa8eff95479f0345ff57e55b53437e", + "rev": "c37ca420157f4abc31e26f436c1145f8951ff373", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable", + "ref": "nixos-23.05", "repo": "nixpkgs", "type": "github" } @@ -369,13 +397,28 @@ "type": "indirect" } }, + "nixpkgs-23_05": { + "locked": { + "lastModified": 1684782344, + "narHash": "sha256-SHN8hPYYSX0thDrMLMWPWYulK3YFgASOrCsIL3AJ78g=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "8966c43feba2c701ed624302b6a935f97bcbdf88", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-23.05", + "type": "indirect" + } + }, "nixpkgs-lib": { "locked": { - "lastModified": 1681001314, - "narHash": "sha256-5sDnCLdrKZqxLPK4KA8+f4A3YKO/u6ElpMILvX0g72c=", + "lastModified": 1685561605, + "narHash": "sha256-LqEu1IWP8UWKxwwrpPtp1/p+JRCaUI0hl8e4hht5YdI=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "367c0e1086a4eb4502b24d872cea2c7acdd557f4", + "rev": "75aeea15ee4971c52c56bbbee84066e74d53d858", "type": "github" }, "original": { @@ -386,11 +429,11 @@ }, "nixpkgs-mozilla": { "locked": { - "lastModified": 1677493379, - "narHash": "sha256-A1gO8zlWLv3+tZ3cGVB1WYvvoN9pbFyv0xIJHcTsckw=", + "lastModified": 1684487559, + "narHash": "sha256-SZcJEM+NnLr8ctzeQf1BGAqBHzJ3jn+tdSeO7lszIJc=", "owner": "mozilla", "repo": "nixpkgs-mozilla", - "rev": "78e723925daf5c9e8d0a1837ec27059e61649cb6", + "rev": "e6ca26fe8b9df914d4567604e426fbc185d9ef3e", "type": "github" }, "original": { @@ -400,6 +443,22 @@ } }, "nixpkgs-stable": { + "locked": { + "lastModified": 1685758009, + "narHash": "sha256-IT4Z5WGhafrq+xbDTyuKrRPRQ1f+kVOtE+4JU1CHFeo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "eaf03591711b46d21abc7082a8ebee4681f9dbeb", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_2": { "locked": { "lastModified": 1659914493, "narHash": "sha256-lkA5X3VNMKirvA+SUzvEhfA7XquWLci+CGi505YFAIs=", @@ -425,11 +484,11 @@ ] }, "locked": { - "lastModified": 1682158400, - "narHash": "sha256-lvtdyZnnkggmKLrVH/WUu+PKJmlN/TNHKfXF2tuK+dY=", + "lastModified": 1685650687, + "narHash": "sha256-RhZ2Ih8t0Q0RFfBp3+/a65ncGwaeYsDVEFWbjdv5jOU=", "owner": "nix-community", "repo": "nixpkgs-wayland", - "rev": "9aa2c3286d094b1783e279b5ae52ddcc0e338889", + "rev": "217783e46fd199a033af8d488551c77b7019c752", "type": "github" }, "original": { @@ -459,14 +518,14 @@ "agenix": "agenix", "emacs-overlay": "emacs-overlay", "flake-utils": "flake-utils_2", - "home-manager": "home-manager", + "home-manager": "home-manager_2", "nix-index-database": "nix-index-database", "nix-npm-buildpackage": "nix-npm-buildpackage", "nixos-hardware": "nixos-hardware", "nixos-mailserver": "nixos-mailserver", "nixpkgs": "nixpkgs", "nixpkgs-mozilla": "nixpkgs-mozilla", - "nixpkgs-stable": "nixpkgs-stable", + "nixpkgs-stable": "nixpkgs-stable_2", "nixpkgs-wayland": "nixpkgs-wayland", "timesync": "timesync" } @@ -501,6 +560,21 @@ "type": "github" } }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "timesync": { "inputs": { "nix-npm-buildpackage": "nix-npm-buildpackage_2", diff --git a/flake.nix b/flake.nix index d70cfbd..96fe83f 100644 --- a/flake.nix +++ b/flake.nix @@ -1,14 +1,14 @@ { description = "Yoricks dotfiles"; inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; nixpkgs-mozilla.url = "github:mozilla/nixpkgs-mozilla"; emacs-overlay.inputs.nixpkgs.follows = "nixpkgs"; nixpkgs-wayland.url = "github:nix-community/nixpkgs-wayland"; nixpkgs-wayland.inputs.nixpkgs.follows = "nixpkgs"; nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-21.05"; - nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver"; + nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-23.05"; nixos-mailserver.inputs.nixpkgs.follows = "nixpkgs"; agenix.url = "github:ryantm/agenix"; agenix.inputs.nixpkgs.follows = "nixpkgs"; @@ -31,6 +31,10 @@ in { legacyPackages = import nixpkgs { config = { + # todo remove, copilot.vim depends on it + permittedInsecurePackages = [ + "nodejs-slim-16.20.0" + ]; allowUnfree = true; # chromium.vaapiSupport = true; android_sdk.accept_license = true; diff --git a/home-manager/desktop.nix b/home-manager/desktop.nix index dc23093..0ee7990 100644 --- a/home-manager/desktop.nix +++ b/home-manager/desktop.nix @@ -29,7 +29,7 @@ in { style = ./waybar.css; systemd.enable = true; }; - programs.mako = { + services.mako = { enable = true; defaultTimeout = 60 * 1000; # ms extraConfig = '' diff --git a/home-manager/email.nix b/home-manager/email.nix index c13766c..45bb406 100644 --- a/home-manager/email.nix +++ b/home-manager/email.nix @@ -18,9 +18,9 @@ implicit_autoview = "no"; }; binds = [ - { map = "index"; key = "G"; action = "imap-fetch-mail"; } - { map = "pager"; key = ""; action = "previous-line"; } - { map = "pager"; key = ""; action = "next-line"; } + { map = [ "index" ]; key = "G"; action = "imap-fetch-mail"; } + { map = [ "pager" ]; key = ""; action = "previous-line"; } + { map = [ "pager" ]; key = ""; action = "next-line"; } ]; extraConfig = "source ${./mutt-colors}"; diff --git a/nixos/machines/frumar/fractal.nix b/nixos/machines/frumar/fractal.nix index c30cbf0..c2880b1 100644 --- a/nixos/machines/frumar/fractal.nix +++ b/nixos/machines/frumar/fractal.nix @@ -9,7 +9,6 @@ # Use the GRUB 2 boot loader. boot.loader.grub = { enable = true; - version = 2; # Define on which hard drive you want to install Grub. device = "/dev/disk/by-id/ata-Samsung_SSD_850_EVO_250GB_S21PNXAG441016B"; }; @@ -32,5 +31,5 @@ }; nix.settings.max-jobs = 4; - services.avahi.interfaces = [ "enp2s0" ]; + services.avahi.allowInterfaces = [ "enp2s0" ]; } diff --git a/nixos/machines/pennyworth/hetznercloud.nix b/nixos/machines/pennyworth/hetznercloud.nix index af776ca..4394e97 100644 --- a/nixos/machines/pennyworth/hetznercloud.nix +++ b/nixos/machines/pennyworth/hetznercloud.nix @@ -9,7 +9,6 @@ boot.extraModulePackages = [ ]; boot.loader.grub = { enable = true; - version = 2; device = "/dev/sda"; }; diff --git a/nixos/roles/default.nix b/nixos/roles/default.nix index fab6e8b..ece1c3d 100644 --- a/nixos/roles/default.nix +++ b/nixos/roles/default.nix @@ -56,8 +56,8 @@ in { services.openssh = { enable = true; - passwordAuthentication = false; - kbdInteractiveAuthentication = false; + settings.PasswordAuthentication = false; + settings.KbdInteractiveAuthentication = false; }; environment.systemPackages = with pkgs; [ diff --git a/nixos/services/email.nix b/nixos/services/email.nix index e41a1dd..d7f4dc2 100644 --- a/nixos/services/email.nix +++ b/nixos/services/email.nix @@ -14,7 +14,7 @@ aliases = [ "@yori.cc" "@yorickvanpelt.nl" ]; }; }; - certificateScheme = 3; + certificateScheme = "acme-nginx"; enableImapSsl = true; }; diff --git a/nixos/services/git.nix b/nixos/services/git.nix index 11e4927..6aa6f51 100644 --- a/nixos/services/git.nix +++ b/nixos/services/git.nix @@ -24,21 +24,25 @@ in { database.name = "gogs"; database.createDatabase = false; #dump.enable = true; TODO: backups - domain = cfg.vhost; - rootUrl = "https://${cfg.vhost}/"; - httpAddress = "localhost"; - settings.log.LEVEL = "Warn"; - settings.service = { - DISABLE_REGISTRATION = true; - REGISTER_EMAIL_CONFIRM = false; - COOKIE_SECURE = true; - ENABLE_NOTIFY_MAIL = false; - REQUIRE_SIGNIN_VIEW = false; - }; - settings.picture.DISABLE_GRAVATAR = false; - settings.mailer = { - ENABLED = false; - AVATAR_UPLOAD_PATH = "${config.services.gitea.stateDir}/data/avatars"; + settings = { + server = { + ROOT_URL = "https://${cfg.vhost}/"; + HTTP_ADDR = "localhost"; + DOMAIN = cfg.vhost; + }; + log.LEVEL = "Warn"; + service = { + DISABLE_REGISTRATION = true; + REGISTER_EMAIL_CONFIRM = false; + COOKIE_SECURE = true; + ENABLE_NOTIFY_MAIL = false; + REQUIRE_SIGNIN_VIEW = false; + }; + picture.DISABLE_GRAVATAR = false; + mailer = { + ENABLED = false; + AVATAR_UPLOAD_PATH = "${config.services.gitea.stateDir}/data/avatars"; + }; }; }; services.nginx.virtualHosts.${vhost} = { @@ -46,7 +50,7 @@ in { enableACME = true; locations."/" = { proxyPass = - "http://127.0.0.1:${toString config.services.gitea.httpPort}"; + "http://127.0.0.1:${toString config.services.gitea.settings.server.HTTP_PORT}"; extraConfig = '' proxy_buffering off; '';