24.11

did not test samba and headscale yet https://github.com/juanfont/headscale/issues/2210#issuecomment-2480130747
2024-11-16 01:51:50 +02:00 · 2024-11-16 01:51:50 +02:00 · e1b782a3c6
commit e1b782a3c6
parent 112e51dc25
12 changed files with 53 additions and 64 deletions
--- a/flake.lock
+++ b/flake.lock
@ -111,16 +111,16 @@
        ]
      },
      "locked": {
-        "lastModified": 1726989464,
-        "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=",
+        "lastModified": 1731880681,
+        "narHash": "sha256-FmYTkIyPBUxSWgA7DPIVTsCCMvSSbs56yOtHpLNSnKg=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176",
+        "rev": "aecd341dfead1c3ef7a3c15468ecd71e8343b7c6",
        "type": "github"
      },
      "original": {
        "owner": "nix-community",
-        "ref": "release-24.05",
+        "ref": "release-24.11",
        "repo": "home-manager",
        "type": "github"
      }
@ -186,16 +186,16 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1731797254,
-        "narHash": "sha256-df3dJApLPhd11AlueuoN0Q4fHo/hagP75LlM5K1sz9g=",
+        "lastModified": 1731755305,
+        "narHash": "sha256-v5P3dk5JdiT+4x69ZaB18B8+Rcu3TIOrcdG4uEX7WZ8=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "e8c38b73aeb218e27163376a2d617e61a2ad9b59",
+        "rev": "057f63b6dc1a2c67301286152eb5af20747a9cb4",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
-        "ref": "nixos-24.05",
+        "ref": "nixos-24.11",
        "repo": "nixpkgs",
        "type": "github"
      }
@ -218,11 +218,11 @@
    },
    "nur": {
      "locked": {
-        "lastModified": 1731998533,
-        "narHash": "sha256-N1wSCSUEGyih79czO2cBw25WqgsgJztGQmYqSPQmynA=",
+        "lastModified": 1732045661,
+        "narHash": "sha256-SJW1HVIbav/8NlEFMqfiqrhaKcpbMqMFCTZ0cOikXgA=",
        "owner": "nix-community",
        "repo": "NUR",
-        "rev": "35d1aaf81870bf5ed50644978c7a1e2c08c9027c",
+        "rev": "8ee137273e4a24ac661b43a195848beac5b3bd04",
        "type": "github"
      },
      "original": {
@ -247,11 +247,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1731363552,
-        "narHash": "sha256-vFta1uHnD29VUY4HJOO/D6p6rxyObnf+InnSMT4jlMU=",
+        "lastModified": 1732021966,
+        "narHash": "sha256-mnTbjpdqF0luOkou8ZFi2asa1N3AA2CchR/RqCNmsGE=",
        "owner": "cachix",
        "repo": "pre-commit-hooks.nix",
-        "rev": "cd1af27aa85026ac759d5d3fccf650abe7e1bbf0",
+        "rev": "3308484d1a443fc5bc92012435d79e80458fe43c",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -2,14 +2,14 @@
  description = "motiejus/config";

  inputs = {
-    nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
    nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
    flake-utils.url = "github:numtide/flake-utils";
    flake-compat.url = "github:nix-community/flake-compat";
    nixos-hardware.url = "github:NixOS/nixos-hardware/master";
    nur.url = "github:nix-community/NUR";

-    home-manager.url = "github:nix-community/home-manager/release-24.05";
+    home-manager.url = "github:nix-community/home-manager/release-24.11";
    home-manager.inputs.nixpkgs.follows = "nixpkgs";

    agenix = {
--- a/hosts/fwminex/configuration.nix
+++ b/hosts/fwminex/configuration.nix
@ -250,7 +250,7 @@ in
        '';
        "irc.jakstys.lt".extraConfig =
          let
-            gamja = pkgs.pkgs-unstable.compressDrvWeb (pkgs.gamja.override {
+            gamja = pkgs.compressDrvWeb (pkgs.gamja.override {
              gamjaConfig = {
                server = {
                  url = "irc.jakstys.lt:6698";
--- a/hosts/mtworx/configuration.nix
+++ b/hosts/mtworx/configuration.nix
@ -34,9 +34,6 @@ in
    kernelModules = [ "kvm-intel" ];
    loader.systemd-boot.enable = true;

-    # 6.10+ to fix audio. Thanks https://github.com/ilian/cfg/blob/4588b90e674827304cd8e0b9d1aecd75416d1cde/hosts/carbon/configuration.nix#L19
-    kernelPackages = pkgs.linuxPackages_6_11;
-
    initrd = {
      availableKernelModules = [
        "xhci_pci"
@ -45,10 +42,7 @@ in
        "usbhid"
        "tpm_tis"
      ];
-      systemd = {
-        enableTpm2 = true;
-        emergencyAccess = true;
-      };
+      systemd.emergencyAccess = true;
      luks.devices = {
        luksroot = {
          device = "${nvme}-part3";
--- a/hosts/vm/configuration.nix
+++ b/hosts/vm/configuration.nix
@ -1,6 +1,5 @@
 {
  self,
-  pkgs,
  modulesPath,
  ...
 }:
@ -24,7 +23,6 @@

  boot = {
    loader.systemd-boot.enable = true;
-    kernelPackages = pkgs.zfs.latestCompatibleLinuxPackages;
    supportedFilesystems = [
      "zfs"
      "btrfs"
--- a/hosts/vno1-gdrx/configuration.nix
+++ b/hosts/vno1-gdrx/configuration.nix
@ -34,7 +34,6 @@ in
  };

  boot = {
-    kernelPackages = pkgs.linuxPackages_latest;
    kernelModules = [ "kvm-intel" ];
    loader.systemd-boot.enable = true;
    initrd = {
--- a/hosts/vno3-rp3b/configuration.nix
+++ b/hosts/vno3-rp3b/configuration.nix
@ -126,7 +126,7 @@
  # shared printing
  services.avahi = {
    enable = true;
-    nssmdns = true;
+    nssmdns4 = true;
    openFirewall = true;
    publish = {
      enable = true;
--- a/modules/profiles/desktop/default.nix
+++ b/modules/profiles/desktop/default.nix
@ -145,6 +145,7 @@ in
          ffmpeg
          tinycc
          scrcpy
+          cheese
          arandr
          pandoc
          evince
@ -163,6 +164,7 @@ in
          libheif
          mplayer
          tcpflow
+          nautilus
          smplayer
          inkscape
          chromium
@ -209,10 +211,12 @@ in
          graphicsmagick
          magic-wormhole
          signal-desktop
+          gnome-calendar
          element-desktop
          netsurf-browser
          man-pages-posix
          git-filter-repo
+          gnome-calculator
          age-plugin-yubikey
          hunspellDicts.en_US
          python3Packages.ipython
@ -225,11 +229,6 @@ in
          gcc_latest
          clang-tools

-          gnome.cheese
-          gnome.nautilus
-          gnome.gnome-calculator
-          gnome.gnome-calendar
-
          xorg.xev
          xorg.xeyes
          xorg.lndir
--- a/modules/services/gitea/default.nix
+++ b/modules/services/gitea/default.nix
@ -81,7 +81,7 @@
          route /static/assets/* {
            uri strip_prefix /static
            file_server * {
-              root ${pkgs.pkgs-unstable.compressDrvWeb pkgs.gitea.data { }}/public
+              root ${pkgs.compressDrvWeb pkgs.gitea.data { }}/public
              precompressed zstd br gzip
            }
          }
--- a/modules/services/headscale/default.nix
+++ b/modules/services/headscale/default.nix
@ -28,8 +28,8 @@
          server_url = "https://vpn.jakstys.lt";
          ip_prefixes = [ config.mj.services.headscale.subnetCIDR ];
          log.level = "warn";
-          dns_config = {
-            nameservers = [
+          dns = {
+            nameservers.global = [
              "1.1.1.1"
              "8.8.4.4"
            ];
--- a/modules/services/immich/default.nix
+++ b/modules/services/immich/default.nix
@ -3,12 +3,10 @@
  lib,
  pkgs,
  myData,
-  nixpkgs-unstable,
  ...
 }:
 let
  cfg = config.mj.services.immich;
-  immich-package = pkgs.pkgs-unstable.immich;
  immich-user = config.services.immich.user;
  immich-group = config.services.immich.group;
  startScript = pkgs.writeShellApplication {
@ -28,7 +26,7 @@ let
      exec setpriv \
        --ruid ${immich-user} \
        --inh-caps -all \
-        ${lib.getExe immich-package}
+        ${lib.getExe pkgs.immich}
    '';
  };
 in
@ -38,12 +36,9 @@ in
    bindPaths = lib.mkOption { type = attrsOf str; };
  };

-  imports = [ "${nixpkgs-unstable}/nixos/modules/services/web-apps/immich.nix" ];
-
  config = lib.mkIf cfg.enable {

    services.immich = {
-      package = immich-package;
      enable = true;
      port = myData.ports.immich-server;

--- a/modules/services/jakstpub/default.nix
+++ b/modules/services/jakstpub/default.nix
@ -31,28 +31,32 @@ in
        '';
      };

-      samba = {
-        # https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server
-        enable = true;
-        securityType = "user";
-        enableNmbd = false;
-        enableWinbindd = false;
-        extraConfig = ''
-          map to guest = Bad User
-          guest account = jakstpub
-          server role = standalone server
-        '';
-        shares =
-          let
-            defaults = {
-              "public" = "yes";
-              "mangled names" = "no";
-              "guest ok" = "yes";
-              "force user" = "jakstpub";
-              "force group" = "jakstpub";
+      samba =
+        let
+          defaults = {
+            "public" = "yes";
+            "mangled names" = "no";
+            "guest ok" = "yes";
+            "force user" = "jakstpub";
+            "force group" = "jakstpub";
+          };
+        in
+        {
+          # https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server
+          enable = true;
+
+          nmbd.enable = false;
+          winbindd.enable = false;
+
+          settings = {
+            global = {
+              security = "user";
+
+              "map to guest" = "Bad User";
+              "guest account" = "jakstpub";
+              "server role" = "standalone server";
            };
-          in
-          {
+
            public = defaults // {
              "path" = cfg.dataDir;
              "writeable" = "yes";
@ -66,7 +70,7 @@ in
              "read only" = "yes";
            };
          };
-      };
+        };

      samba-wsdd = {
        enable = true;