24.11
did not test samba and headscale yet https://github.com/juanfont/headscale/issues/2210#issuecomment-2480130747
This commit is contained in:
parent
112e51dc25
commit
e1b782a3c6
28
flake.lock
generated
28
flake.lock
generated
@ -111,16 +111,16 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1726989464,
|
||||
"narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=",
|
||||
"lastModified": 1731880681,
|
||||
"narHash": "sha256-FmYTkIyPBUxSWgA7DPIVTsCCMvSSbs56yOtHpLNSnKg=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176",
|
||||
"rev": "aecd341dfead1c3ef7a3c15468ecd71e8343b7c6",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"ref": "release-24.05",
|
||||
"ref": "release-24.11",
|
||||
"repo": "home-manager",
|
||||
"type": "github"
|
||||
}
|
||||
@ -186,16 +186,16 @@
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1731797254,
|
||||
"narHash": "sha256-df3dJApLPhd11AlueuoN0Q4fHo/hagP75LlM5K1sz9g=",
|
||||
"lastModified": 1731755305,
|
||||
"narHash": "sha256-v5P3dk5JdiT+4x69ZaB18B8+Rcu3TIOrcdG4uEX7WZ8=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "e8c38b73aeb218e27163376a2d617e61a2ad9b59",
|
||||
"rev": "057f63b6dc1a2c67301286152eb5af20747a9cb4",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-24.05",
|
||||
"ref": "nixos-24.11",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
@ -218,11 +218,11 @@
|
||||
},
|
||||
"nur": {
|
||||
"locked": {
|
||||
"lastModified": 1731998533,
|
||||
"narHash": "sha256-N1wSCSUEGyih79czO2cBw25WqgsgJztGQmYqSPQmynA=",
|
||||
"lastModified": 1732045661,
|
||||
"narHash": "sha256-SJW1HVIbav/8NlEFMqfiqrhaKcpbMqMFCTZ0cOikXgA=",
|
||||
"owner": "nix-community",
|
||||
"repo": "NUR",
|
||||
"rev": "35d1aaf81870bf5ed50644978c7a1e2c08c9027c",
|
||||
"rev": "8ee137273e4a24ac661b43a195848beac5b3bd04",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -247,11 +247,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1731363552,
|
||||
"narHash": "sha256-vFta1uHnD29VUY4HJOO/D6p6rxyObnf+InnSMT4jlMU=",
|
||||
"lastModified": 1732021966,
|
||||
"narHash": "sha256-mnTbjpdqF0luOkou8ZFi2asa1N3AA2CchR/RqCNmsGE=",
|
||||
"owner": "cachix",
|
||||
"repo": "pre-commit-hooks.nix",
|
||||
"rev": "cd1af27aa85026ac759d5d3fccf650abe7e1bbf0",
|
||||
"rev": "3308484d1a443fc5bc92012435d79e80458fe43c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -2,14 +2,14 @@
|
||||
description = "motiejus/config";
|
||||
|
||||
inputs = {
|
||||
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
|
||||
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
|
||||
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
|
||||
flake-utils.url = "github:numtide/flake-utils";
|
||||
flake-compat.url = "github:nix-community/flake-compat";
|
||||
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
|
||||
nur.url = "github:nix-community/NUR";
|
||||
|
||||
home-manager.url = "github:nix-community/home-manager/release-24.05";
|
||||
home-manager.url = "github:nix-community/home-manager/release-24.11";
|
||||
home-manager.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
agenix = {
|
||||
|
@ -250,7 +250,7 @@ in
|
||||
'';
|
||||
"irc.jakstys.lt".extraConfig =
|
||||
let
|
||||
gamja = pkgs.pkgs-unstable.compressDrvWeb (pkgs.gamja.override {
|
||||
gamja = pkgs.compressDrvWeb (pkgs.gamja.override {
|
||||
gamjaConfig = {
|
||||
server = {
|
||||
url = "irc.jakstys.lt:6698";
|
||||
|
@ -34,9 +34,6 @@ in
|
||||
kernelModules = [ "kvm-intel" ];
|
||||
loader.systemd-boot.enable = true;
|
||||
|
||||
# 6.10+ to fix audio. Thanks https://github.com/ilian/cfg/blob/4588b90e674827304cd8e0b9d1aecd75416d1cde/hosts/carbon/configuration.nix#L19
|
||||
kernelPackages = pkgs.linuxPackages_6_11;
|
||||
|
||||
initrd = {
|
||||
availableKernelModules = [
|
||||
"xhci_pci"
|
||||
@ -45,10 +42,7 @@ in
|
||||
"usbhid"
|
||||
"tpm_tis"
|
||||
];
|
||||
systemd = {
|
||||
enableTpm2 = true;
|
||||
emergencyAccess = true;
|
||||
};
|
||||
systemd.emergencyAccess = true;
|
||||
luks.devices = {
|
||||
luksroot = {
|
||||
device = "${nvme}-part3";
|
||||
|
@ -1,6 +1,5 @@
|
||||
{
|
||||
self,
|
||||
pkgs,
|
||||
modulesPath,
|
||||
...
|
||||
}:
|
||||
@ -24,7 +23,6 @@
|
||||
|
||||
boot = {
|
||||
loader.systemd-boot.enable = true;
|
||||
kernelPackages = pkgs.zfs.latestCompatibleLinuxPackages;
|
||||
supportedFilesystems = [
|
||||
"zfs"
|
||||
"btrfs"
|
||||
|
@ -34,7 +34,6 @@ in
|
||||
};
|
||||
|
||||
boot = {
|
||||
kernelPackages = pkgs.linuxPackages_latest;
|
||||
kernelModules = [ "kvm-intel" ];
|
||||
loader.systemd-boot.enable = true;
|
||||
initrd = {
|
||||
|
@ -126,7 +126,7 @@
|
||||
# shared printing
|
||||
services.avahi = {
|
||||
enable = true;
|
||||
nssmdns = true;
|
||||
nssmdns4 = true;
|
||||
openFirewall = true;
|
||||
publish = {
|
||||
enable = true;
|
||||
|
@ -145,6 +145,7 @@ in
|
||||
ffmpeg
|
||||
tinycc
|
||||
scrcpy
|
||||
cheese
|
||||
arandr
|
||||
pandoc
|
||||
evince
|
||||
@ -163,6 +164,7 @@ in
|
||||
libheif
|
||||
mplayer
|
||||
tcpflow
|
||||
nautilus
|
||||
smplayer
|
||||
inkscape
|
||||
chromium
|
||||
@ -209,10 +211,12 @@ in
|
||||
graphicsmagick
|
||||
magic-wormhole
|
||||
signal-desktop
|
||||
gnome-calendar
|
||||
element-desktop
|
||||
netsurf-browser
|
||||
man-pages-posix
|
||||
git-filter-repo
|
||||
gnome-calculator
|
||||
age-plugin-yubikey
|
||||
hunspellDicts.en_US
|
||||
python3Packages.ipython
|
||||
@ -225,11 +229,6 @@ in
|
||||
gcc_latest
|
||||
clang-tools
|
||||
|
||||
gnome.cheese
|
||||
gnome.nautilus
|
||||
gnome.gnome-calculator
|
||||
gnome.gnome-calendar
|
||||
|
||||
xorg.xev
|
||||
xorg.xeyes
|
||||
xorg.lndir
|
||||
|
@ -81,7 +81,7 @@
|
||||
route /static/assets/* {
|
||||
uri strip_prefix /static
|
||||
file_server * {
|
||||
root ${pkgs.pkgs-unstable.compressDrvWeb pkgs.gitea.data { }}/public
|
||||
root ${pkgs.compressDrvWeb pkgs.gitea.data { }}/public
|
||||
precompressed zstd br gzip
|
||||
}
|
||||
}
|
||||
|
@ -28,8 +28,8 @@
|
||||
server_url = "https://vpn.jakstys.lt";
|
||||
ip_prefixes = [ config.mj.services.headscale.subnetCIDR ];
|
||||
log.level = "warn";
|
||||
dns_config = {
|
||||
nameservers = [
|
||||
dns = {
|
||||
nameservers.global = [
|
||||
"1.1.1.1"
|
||||
"8.8.4.4"
|
||||
];
|
||||
|
@ -3,12 +3,10 @@
|
||||
lib,
|
||||
pkgs,
|
||||
myData,
|
||||
nixpkgs-unstable,
|
||||
...
|
||||
}:
|
||||
let
|
||||
cfg = config.mj.services.immich;
|
||||
immich-package = pkgs.pkgs-unstable.immich;
|
||||
immich-user = config.services.immich.user;
|
||||
immich-group = config.services.immich.group;
|
||||
startScript = pkgs.writeShellApplication {
|
||||
@ -28,7 +26,7 @@ let
|
||||
exec setpriv \
|
||||
--ruid ${immich-user} \
|
||||
--inh-caps -all \
|
||||
${lib.getExe immich-package}
|
||||
${lib.getExe pkgs.immich}
|
||||
'';
|
||||
};
|
||||
in
|
||||
@ -38,12 +36,9 @@ in
|
||||
bindPaths = lib.mkOption { type = attrsOf str; };
|
||||
};
|
||||
|
||||
imports = [ "${nixpkgs-unstable}/nixos/modules/services/web-apps/immich.nix" ];
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
services.immich = {
|
||||
package = immich-package;
|
||||
enable = true;
|
||||
port = myData.ports.immich-server;
|
||||
|
||||
|
@ -31,18 +31,7 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
samba = {
|
||||
# https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server
|
||||
enable = true;
|
||||
securityType = "user";
|
||||
enableNmbd = false;
|
||||
enableWinbindd = false;
|
||||
extraConfig = ''
|
||||
map to guest = Bad User
|
||||
guest account = jakstpub
|
||||
server role = standalone server
|
||||
'';
|
||||
shares =
|
||||
samba =
|
||||
let
|
||||
defaults = {
|
||||
"public" = "yes";
|
||||
@ -53,6 +42,21 @@ in
|
||||
};
|
||||
in
|
||||
{
|
||||
# https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server
|
||||
enable = true;
|
||||
|
||||
nmbd.enable = false;
|
||||
winbindd.enable = false;
|
||||
|
||||
settings = {
|
||||
global = {
|
||||
security = "user";
|
||||
|
||||
"map to guest" = "Bad User";
|
||||
"guest account" = "jakstpub";
|
||||
"server role" = "standalone server";
|
||||
};
|
||||
|
||||
public = defaults // {
|
||||
"path" = cfg.dataDir;
|
||||
"writeable" = "yes";
|
||||
|
Loading…
Reference in New Issue
Block a user