motiejus/config
1
Fork 0
Code Packages Releases Activity

Merge branch '25.11'

Browse Source
This commit is contained in:
Motiejus Jakštys
2025-12-02 00:30:28 +02:00
parent de76f4a7d9 007c8bc9c1
commit aefab613a7
16 changed files with 82 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
flake.lock generated
View File

@@ -133,16 +133,16 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1763992789, "lastModified": 1764536451,
"narHash": "sha256-WHkdBlw6oyxXIra/vQPYLtqY+3G8dUVZM8bEXk0t8x4=", "narHash": "sha256-BgtcUkBfItu9/yU14IgUaj4rYOanTOUZjUfBP20/ZB4=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "44831a7eaba4360fb81f2acc5ea6de5fde90aaa3", "rev": "3fdd076e08049a9c7a83149b270440d9787d2df5",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "release-25.05", "ref": "release-25.11",
"repo": "home-manager", "repo": "home-manager",
"type": "github" "type": "github"
} }
@@ -206,16 +206,16 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1764316264, "lastModified": 1764494334,
"narHash": "sha256-82L+EJU+40+FIdeG4gmUlOF1jeSwlf2AwMarrpdHF6o=", "narHash": "sha256-x2xCEXUlU4Ap56+t5HaoReOQ/bV/bIQ5rzTn/m+V3HQ=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "9a7b80b6f82a71ea04270d7ba11b48855681c4b0", "rev": "d542db745310b6929708d9abea513f3ff19b1341",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-25.05", "ref": "nixos-25.11",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }

7
flake.nix
View File

@@ -2,14 +2,14 @@
description = "motiejus/config"; description = "motiejus/config";
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
flake-utils.url = "github:numtide/flake-utils"; flake-utils.url = "github:numtide/flake-utils";
flake-compat.url = "github:nix-community/flake-compat"; flake-compat.url = "github:nix-community/flake-compat";
nixos-hardware.url = "github:NixOS/nixos-hardware/master"; nixos-hardware.url = "github:NixOS/nixos-hardware/master";
nur.url = "github:nix-community/NUR"; nur.url = "github:nix-community/NUR";
home-manager.url = "github:nix-community/home-manager/release-25.05"; home-manager.url = "github:nix-community/home-manager/release-25.11";
home-manager.inputs.nixpkgs.follows = "nixpkgs"; home-manager.inputs.nixpkgs.follows = "nixpkgs";
agenix = { agenix = {
@@ -77,7 +77,6 @@
home-manager, home-manager,
nixos-hardware, nixos-hardware,
nix-index-database, nix-index-database,
pre-commit-hooks,
nur, nur,
zig, zig,
kolide-launcher, kolide-launcher,
@@ -111,7 +110,7 @@
go-raceless = super.callPackage ./pkgs/go-raceless { inherit (nicer) ; }; go-raceless = super.callPackage ./pkgs/go-raceless { inherit (nicer) ; };
pkgs-unstable = import nixpkgs-unstable { pkgs-unstable = import nixpkgs-unstable {
inherit (super) system; inherit (super.stdenv.hostPlatform) system;
config.allowUnfree = true; config.allowUnfree = true;
overlays = [ overlays = [
(_self: super: { (_self: super: {

8
hosts/fwminex/configuration.nix
View File

@@ -230,10 +230,10 @@ in
}; };
services = { services = {
logind = { logind.settings.Login = {
lidSwitch = "ignore"; HandleLidSwitch = "ignore";
powerKey = "suspend"; HandlePowerKey = "suspend";
powerKeyLongPress = "poweroff"; HandlePowerKeyLongPress = "poweroff";
}; };
plikd = { plikd = {

2
hosts/sqq1-desk2/configuration.nix
View File

@@ -155,7 +155,7 @@ in
extremetuxracer extremetuxracer
superTux superTux
superTuxKart superTuxKart
frozen-bubble # frozen-bubble # broken in 25.11 (perl SDL tests segfault)
neverball neverball
pingus pingus
supermariowar supermariowar

24
hosts/vm/configuration.nix
View File

@@ -28,23 +28,25 @@
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelPackages = pkgs.linuxPackages_latest;
isoImage = image =
let let
vsn = "${config.system.nixos.release}${lib.trivial.versionSuffix}"; vsn = "${config.system.nixos.release}${lib.trivial.versionSuffix}";
in in
{ {
isoName = "toolshed-${vsn}.iso"; fileName = "toolshed-${vsn}.iso";
# as of writing zstd -19 reduces toolshed from 9.1G to 8.6G, but takes
# ~30min on fwminex, as opposed to ~10m with default settings. xz also
# yields 8.6G.
#squashfsCompression = "zstd -Xcompression-level 19";
squashfsCompression = "zstd";
appendToMenuLabel = " Toolshed ${vsn}";
makeEfiBootable = true; # EFI booting
makeUsbBootable = true; # USB booting
}; };
isoImage = {
# as of writing zstd -19 reduces toolshed from 9.1G to 8.6G, but takes
# ~30min on fwminex, as opposed to ~10m with default settings. xz also
# yields 8.6G.
#squashfsCompression = "zstd -Xcompression-level 19";
squashfsCompression = "zstd";
appendToMenuLabel = " Toolshed ${config.system.nixos.release}${lib.trivial.versionSuffix}";
makeEfiBootable = true; # EFI booting
makeUsbBootable = true; # USB booting
};
swapDevices = [ ]; swapDevices = [ ];
services = { services = {

4
modules/base/default.nix
View File

@@ -173,13 +173,13 @@ in
tcpdump tcpdump
testssl testssl
dnsutils dnsutils
curlHTTP3 curl
bandwhich bandwhich
bridge-utils bridge-utils
speedtest-cli speedtest-cli
nix-output-monitor nix-output-monitor
config.boot.kernelPackages.perf perf
config.boot.kernelPackages.vm-tools config.boot.kernelPackages.vm-tools
] ]
]; ];

1
modules/base/sshd/default.nix
View File

@@ -1,6 +1,5 @@
{ {
lib, lib,
config,
myData, myData,
... ...
}: }:

16
modules/profiles/desktop/default.nix
View File

@@ -71,10 +71,10 @@ in
package = pkgs.pulseaudioFull; package = pkgs.pulseaudioFull;
}; };
logind = { logind.settings.Login = {
powerKey = "suspend"; HandlePowerKey = "suspend";
powerKeyLongPress = "poweroff"; HandlePowerKeyLongPress = "poweroff";
lidSwitchExternalPower = "ignore"; HandleLidSwitchExternalPower = "ignore";
}; };
avahi = { avahi = {
@@ -224,7 +224,7 @@ in
qalculate-qt # qalculate qalculate-qt # qalculate
google-chrome google-chrome
wirelesstools wirelesstools
poppler_utils poppler-utils
squashfsTools squashfsTools
joplin-desktop joplin-desktop
aspellDicts.en aspellDicts.en
@@ -238,7 +238,7 @@ in
netsurf-browser netsurf-browser
man-pages-posix man-pages-posix
gnome-calculator gnome-calculator
libsForQt5.okular kdePackages.okular
nvtopPackages.amd nvtopPackages.amd
age-plugin-yubikey age-plugin-yubikey
nvtopPackages.intel nvtopPackages.intel
@@ -330,11 +330,11 @@ in
gtk = { gtk = {
enable = true; enable = true;
theme = { theme = {
package = pkgs.plasma5Packages.breeze-gtk; package = pkgs.kdePackages.breeze-gtk;
name = "Breeze"; name = "Breeze";
}; };
cursorTheme = { cursorTheme = {
package = pkgs.plasma5Packages.breeze-icons; package = pkgs.kdePackages.breeze-icons;
name = "Breeze_Snow"; name = "Breeze_Snow";
}; };
iconTheme = { iconTheme = {

2
modules/profiles/desktop/plasma.nix
View File

@@ -67,7 +67,7 @@ let
attrs: attrs:
let let
args = configToArgs attrs; args = configToArgs attrs;
argToCommand = arg: "${pkgs.plasma5Packages.kconfig}/bin/kwriteconfig5 ${arg}"; argToCommand = arg: "${pkgs.kdePackages.kconfig}/bin/kwriteconfig6 ${arg}";
commands = builtins.map argToCommand args; commands = builtins.map argToCommand args;
in in
lib.strings.concatStringsSep "\n" commands; lib.strings.concatStringsSep "\n" commands;

2
modules/profiles/workstation/default.nix
View File

@@ -66,7 +66,7 @@ in
wasmtime wasmtime
bpftrace bpftrace
hyperfine hyperfine
sloccount loccount
tesseract tesseract
postgresql postgresql
gcc_latest gcc_latest

1
modules/profiles/xfce4/default.nix
View File

@@ -1,6 +1,5 @@
{ {
lib, lib,
config,
... ...
}: }:
{ {

12
modules/services/frigate/default.nix
View File

@@ -126,11 +126,15 @@ in
days = 2; days = 2;
mode = "all"; mode = "all";
}; };
events = { alerts = {
pre_capture = 5;
post_capture = 5;
retain = { retain = {
default = 5; days = 5;
mode = "motion";
};
};
detections = {
retain = {
days = 5;
mode = "motion"; mode = "motion";
}; };
}; };

7
modules/services/immich/default.nix
View File

@@ -42,6 +42,13 @@ in
enable = true; enable = true;
port = myData.ports.immich-server; port = myData.ports.immich-server;
# Database configuration for NixOS 25.11
database = {
enable = true;
enableVectorChord = true; # New vector search backend (recommended)
enableVectors = false; # Disable deprecated pgvecto-rs
};
# N.B. as of 24.11 default redis socket has permissions incompatible # N.B. as of 24.11 default redis socket has permissions incompatible
# with how immich is configured. # with how immich is configured.
# If immich can't find/connect to redis, it will fail on boot, so it's # If immich can't find/connect to redis, it will fail on boot, so it's

32
modules/services/postfix/default.nix
View File

@@ -17,22 +17,22 @@
services.postfix = { services.postfix = {
enable = true; enable = true;
enableSmtp = true; enableSmtp = true;
networks = [ settings.main = {
"127.0.0.1/8" mynetworks = [
"[::ffff:127.0.0.0]/104" "127.0.0.1/8"
"[::1]/128" "[::ffff:127.0.0.0]/104"
myData.subnets.tailscale.cidr "[::1]/128"
]; myData.subnets.tailscale.cidr
hostname = "relay.jakstys.lt"; ];
extraConfig = '' myhostname = "relay.jakstys.lt";
mydestination = mydestination = "";
smtpd_relay_restrictions = permit_mynetworks, reject smtpd_relay_restrictions = "permit_mynetworks, reject";
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination smtpd_recipient_restrictions = "permit_mynetworks, reject_unauth_destination";
smtp_tls_security_level = may smtp_tls_security_level = "may";
smtpd_helo_required = yes smtpd_helo_required = "yes";
disable_vrfy_command = yes disable_vrfy_command = "yes";
header_size_limit = 4096000 header_size_limit = "4096000";
''; };
}; };
}; };
} }

17
shared/home/default.nix
View File

@@ -141,13 +141,15 @@ in
git = { git = {
enable = true; enable = true;
userEmail = email; settings = {
userName = "Motiejus Jakštys"; user = lib.mkMerge [
aliases = { { name = "Motiejus Jakštys"; }
yolo = "commit --amend --no-edit -a"; (lib.mkIf (email != null) { inherit email; })
pushf = "push --force-with-lease"; ];
}; alias = {
extraConfig = { yolo = "commit --amend --no-edit -a";
pushf = "push --force-with-lease";
};
log.date = "iso-strict-local"; log.date = "iso-strict-local";
pull.ff = "only"; pull.ff = "only";
core.abbrev = 12; core.abbrev = 12;
@@ -165,7 +167,6 @@ in
confirm = "always"; confirm = "always";
suppresscc = "self"; suppresscc = "self";
}; };
}; };
}; };

2
shared/work/default.nix
View File

@@ -74,7 +74,7 @@
ANTHROPIC_VERTEX_PROJECT_ID = "chronosphere-rc-b"; ANTHROPIC_VERTEX_PROJECT_ID = "chronosphere-rc-b";
}; };
programs = { programs = {
git.extraConfig = { git.settings = {
url."git@github.com:".insteadOf = "https://github.com"; url."git@github.com:".insteadOf = "https://github.com";
user.useConfigOnly = true; user.useConfigOnly = true;
}; };