From e1b782a3c6983611d88f582d23a390c626cc00b0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Motiejus=20Jak=C5=A1tys?= Date: Sat, 16 Nov 2024 01:51:50 +0200 Subject: [PATCH] 24.11 did not test samba and headscale yet https://github.com/juanfont/headscale/issues/2210#issuecomment-2480130747 --- flake.lock | 28 +++++++-------- flake.nix | 4 +-- hosts/fwminex/configuration.nix | 2 +- hosts/mtworx/configuration.nix | 8 +---- hosts/vm/configuration.nix | 2 -- hosts/vno1-gdrx/configuration.nix | 1 - hosts/vno3-rp3b/configuration.nix | 2 +- modules/profiles/desktop/default.nix | 9 +++-- modules/services/gitea/default.nix | 2 +- modules/services/headscale/default.nix | 4 +-- modules/services/immich/default.nix | 7 +--- modules/services/jakstpub/default.nix | 48 ++++++++++++++------------ 12 files changed, 53 insertions(+), 64 deletions(-) diff --git a/flake.lock b/flake.lock index 398340c..d6350c4 100644 --- a/flake.lock +++ b/flake.lock @@ -111,16 +111,16 @@ ] }, "locked": { - "lastModified": 1726989464, - "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=", + "lastModified": 1731880681, + "narHash": "sha256-FmYTkIyPBUxSWgA7DPIVTsCCMvSSbs56yOtHpLNSnKg=", "owner": "nix-community", "repo": "home-manager", - "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176", + "rev": "aecd341dfead1c3ef7a3c15468ecd71e8343b7c6", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-24.05", + "ref": "release-24.11", "repo": "home-manager", "type": "github" } @@ -186,16 +186,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1731797254, - "narHash": "sha256-df3dJApLPhd11AlueuoN0Q4fHo/hagP75LlM5K1sz9g=", + "lastModified": 1731755305, + "narHash": "sha256-v5P3dk5JdiT+4x69ZaB18B8+Rcu3TIOrcdG4uEX7WZ8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e8c38b73aeb218e27163376a2d617e61a2ad9b59", + "rev": "057f63b6dc1a2c67301286152eb5af20747a9cb4", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-24.05", + "ref": "nixos-24.11", "repo": "nixpkgs", "type": "github" } @@ -218,11 +218,11 @@ }, "nur": { "locked": { - "lastModified": 1731998533, - "narHash": "sha256-N1wSCSUEGyih79czO2cBw25WqgsgJztGQmYqSPQmynA=", + "lastModified": 1732045661, + "narHash": "sha256-SJW1HVIbav/8NlEFMqfiqrhaKcpbMqMFCTZ0cOikXgA=", "owner": "nix-community", "repo": "NUR", - "rev": "35d1aaf81870bf5ed50644978c7a1e2c08c9027c", + "rev": "8ee137273e4a24ac661b43a195848beac5b3bd04", "type": "github" }, "original": { @@ -247,11 +247,11 @@ ] }, "locked": { - "lastModified": 1731363552, - "narHash": "sha256-vFta1uHnD29VUY4HJOO/D6p6rxyObnf+InnSMT4jlMU=", + "lastModified": 1732021966, + "narHash": "sha256-mnTbjpdqF0luOkou8ZFi2asa1N3AA2CchR/RqCNmsGE=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "cd1af27aa85026ac759d5d3fccf650abe7e1bbf0", + "rev": "3308484d1a443fc5bc92012435d79e80458fe43c", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 6f8d4b1..43e8428 100644 --- a/flake.nix +++ b/flake.nix @@ -2,14 +2,14 @@ description = "motiejus/config"; inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; flake-utils.url = "github:numtide/flake-utils"; flake-compat.url = "github:nix-community/flake-compat"; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; nur.url = "github:nix-community/NUR"; - home-manager.url = "github:nix-community/home-manager/release-24.05"; + home-manager.url = "github:nix-community/home-manager/release-24.11"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; agenix = { diff --git a/hosts/fwminex/configuration.nix b/hosts/fwminex/configuration.nix index 5a6b193..2e721aa 100644 --- a/hosts/fwminex/configuration.nix +++ b/hosts/fwminex/configuration.nix @@ -250,7 +250,7 @@ in ''; "irc.jakstys.lt".extraConfig = let - gamja = pkgs.pkgs-unstable.compressDrvWeb (pkgs.gamja.override { + gamja = pkgs.compressDrvWeb (pkgs.gamja.override { gamjaConfig = { server = { url = "irc.jakstys.lt:6698"; diff --git a/hosts/mtworx/configuration.nix b/hosts/mtworx/configuration.nix index c46226f..95c63ae 100644 --- a/hosts/mtworx/configuration.nix +++ b/hosts/mtworx/configuration.nix @@ -34,9 +34,6 @@ in kernelModules = [ "kvm-intel" ]; loader.systemd-boot.enable = true; - # 6.10+ to fix audio. Thanks https://github.com/ilian/cfg/blob/4588b90e674827304cd8e0b9d1aecd75416d1cde/hosts/carbon/configuration.nix#L19 - kernelPackages = pkgs.linuxPackages_6_11; - initrd = { availableKernelModules = [ "xhci_pci" @@ -45,10 +42,7 @@ in "usbhid" "tpm_tis" ]; - systemd = { - enableTpm2 = true; - emergencyAccess = true; - }; + systemd.emergencyAccess = true; luks.devices = { luksroot = { device = "${nvme}-part3"; diff --git a/hosts/vm/configuration.nix b/hosts/vm/configuration.nix index 2da40e5..9bef17e 100644 --- a/hosts/vm/configuration.nix +++ b/hosts/vm/configuration.nix @@ -1,6 +1,5 @@ { self, - pkgs, modulesPath, ... }: @@ -24,7 +23,6 @@ boot = { loader.systemd-boot.enable = true; - kernelPackages = pkgs.zfs.latestCompatibleLinuxPackages; supportedFilesystems = [ "zfs" "btrfs" diff --git a/hosts/vno1-gdrx/configuration.nix b/hosts/vno1-gdrx/configuration.nix index 6a58440..91054ed 100644 --- a/hosts/vno1-gdrx/configuration.nix +++ b/hosts/vno1-gdrx/configuration.nix @@ -34,7 +34,6 @@ in }; boot = { - kernelPackages = pkgs.linuxPackages_latest; kernelModules = [ "kvm-intel" ]; loader.systemd-boot.enable = true; initrd = { diff --git a/hosts/vno3-rp3b/configuration.nix b/hosts/vno3-rp3b/configuration.nix index 79a8a51..5a749f3 100644 --- a/hosts/vno3-rp3b/configuration.nix +++ b/hosts/vno3-rp3b/configuration.nix @@ -126,7 +126,7 @@ # shared printing services.avahi = { enable = true; - nssmdns = true; + nssmdns4 = true; openFirewall = true; publish = { enable = true; diff --git a/modules/profiles/desktop/default.nix b/modules/profiles/desktop/default.nix index f6d7dbf..e177589 100644 --- a/modules/profiles/desktop/default.nix +++ b/modules/profiles/desktop/default.nix @@ -145,6 +145,7 @@ in ffmpeg tinycc scrcpy + cheese arandr pandoc evince @@ -163,6 +164,7 @@ in libheif mplayer tcpflow + nautilus smplayer inkscape chromium @@ -209,10 +211,12 @@ in graphicsmagick magic-wormhole signal-desktop + gnome-calendar element-desktop netsurf-browser man-pages-posix git-filter-repo + gnome-calculator age-plugin-yubikey hunspellDicts.en_US python3Packages.ipython @@ -225,11 +229,6 @@ in gcc_latest clang-tools - gnome.cheese - gnome.nautilus - gnome.gnome-calculator - gnome.gnome-calendar - xorg.xev xorg.xeyes xorg.lndir diff --git a/modules/services/gitea/default.nix b/modules/services/gitea/default.nix index 447721c..96bb373 100644 --- a/modules/services/gitea/default.nix +++ b/modules/services/gitea/default.nix @@ -81,7 +81,7 @@ route /static/assets/* { uri strip_prefix /static file_server * { - root ${pkgs.pkgs-unstable.compressDrvWeb pkgs.gitea.data { }}/public + root ${pkgs.compressDrvWeb pkgs.gitea.data { }}/public precompressed zstd br gzip } } diff --git a/modules/services/headscale/default.nix b/modules/services/headscale/default.nix index 75c7638..a525068 100644 --- a/modules/services/headscale/default.nix +++ b/modules/services/headscale/default.nix @@ -28,8 +28,8 @@ server_url = "https://vpn.jakstys.lt"; ip_prefixes = [ config.mj.services.headscale.subnetCIDR ]; log.level = "warn"; - dns_config = { - nameservers = [ + dns = { + nameservers.global = [ "1.1.1.1" "8.8.4.4" ]; diff --git a/modules/services/immich/default.nix b/modules/services/immich/default.nix index 17c4773..92ce29a 100644 --- a/modules/services/immich/default.nix +++ b/modules/services/immich/default.nix @@ -3,12 +3,10 @@ lib, pkgs, myData, - nixpkgs-unstable, ... }: let cfg = config.mj.services.immich; - immich-package = pkgs.pkgs-unstable.immich; immich-user = config.services.immich.user; immich-group = config.services.immich.group; startScript = pkgs.writeShellApplication { @@ -28,7 +26,7 @@ let exec setpriv \ --ruid ${immich-user} \ --inh-caps -all \ - ${lib.getExe immich-package} + ${lib.getExe pkgs.immich} ''; }; in @@ -38,12 +36,9 @@ in bindPaths = lib.mkOption { type = attrsOf str; }; }; - imports = [ "${nixpkgs-unstable}/nixos/modules/services/web-apps/immich.nix" ]; - config = lib.mkIf cfg.enable { services.immich = { - package = immich-package; enable = true; port = myData.ports.immich-server; diff --git a/modules/services/jakstpub/default.nix b/modules/services/jakstpub/default.nix index b7eb57e..1f1d385 100644 --- a/modules/services/jakstpub/default.nix +++ b/modules/services/jakstpub/default.nix @@ -31,28 +31,32 @@ in ''; }; - samba = { - # https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server - enable = true; - securityType = "user"; - enableNmbd = false; - enableWinbindd = false; - extraConfig = '' - map to guest = Bad User - guest account = jakstpub - server role = standalone server - ''; - shares = - let - defaults = { - "public" = "yes"; - "mangled names" = "no"; - "guest ok" = "yes"; - "force user" = "jakstpub"; - "force group" = "jakstpub"; + samba = + let + defaults = { + "public" = "yes"; + "mangled names" = "no"; + "guest ok" = "yes"; + "force user" = "jakstpub"; + "force group" = "jakstpub"; + }; + in + { + # https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server + enable = true; + + nmbd.enable = false; + winbindd.enable = false; + + settings = { + global = { + security = "user"; + + "map to guest" = "Bad User"; + "guest account" = "jakstpub"; + "server role" = "standalone server"; }; - in - { + public = defaults // { "path" = cfg.dataDir; "writeable" = "yes"; @@ -66,7 +70,7 @@ in "read only" = "yes"; }; }; - }; + }; samba-wsdd = { enable = true;