diff --git a/.envrc b/.envrc index b1b3807..4340949 100644 --- a/.envrc +++ b/.envrc @@ -1,3 +1,4 @@ +#!/usr/bin/env bash export DIRENV_WARN_TIMEOUT=5m use flake diff --git a/flake.lock b/flake.lock index ecc3d60..6f2c5fb 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1747274630, - "narHash": "sha256-87RJwXbfOHyzTB9LYagAQ6vOZhszCvd8Gvudu+gf3qo=", + "lastModified": 1747742835, + "narHash": "sha256-kYL4GCwwznsypvsnA20oyvW8zB/Dvn6K5G/tgMjVMT4=", "owner": "nix-community", "repo": "disko", - "rev": "ec7c109a4f794fce09aad87239eab7f66540b888", + "rev": "df522e787fdffc4f32ed3e1fca9ed0968a384d62", "type": "github" }, "original": { @@ -212,11 +212,11 @@ ] }, "locked": { - "lastModified": 1742568034, - "narHash": "sha256-QaMEhcnscfF2MqB7flZr+sLJMMYZPnvqO4NYf9B4G38=", + "lastModified": 1747663185, + "narHash": "sha256-Obh50J+O9jhUM/FgXtI3he/QRNiV9+J53+l+RlKSaAk=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "42ee229088490e3777ed7d1162cb9e9d8c3dbb11", + "rev": "ee07ba0d36c38e9915c55d2ac5a8fb0f05f2afcc", "type": "github" }, "original": { @@ -227,11 +227,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1747129300, - "narHash": "sha256-L3clA5YGeYCF47ghsI7Tcex+DnaaN/BbQ4dR2wzoiKg=", + "lastModified": 1747900541, + "narHash": "sha256-dn64Pg9xLETjblwZs9Euu/SsjW80pd6lr5qSiyLY1pg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "e81fd167b33121269149c57806599045fd33eeed", + "rev": "11f2d9ea49c3e964315215d6baa73a8d42672f06", "type": "github" }, "original": { @@ -242,16 +242,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1747485343, - "narHash": "sha256-YbsZyuRE1tobO9sv0PUwg81QryYo3L1F3R3rF9bcG38=", + "lastModified": 1747953325, + "narHash": "sha256-y2ZtlIlNTuVJUZCqzZAhIw5rrKP4DOSklev6c8PyCkQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9b5ac7ad45298d58640540d0323ca217f32a6762", + "rev": "55d1f923c480dadce40f5231feb472e81b0bab48", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-24.11", + "ref": "nixos-25.05", "type": "indirect" } }, @@ -296,11 +296,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1747542820, - "narHash": "sha256-GaOZntlJ6gPPbbkTLjbd8BMWaDYafhuuYRNrxCGnPJw=", + "lastModified": 1747744144, + "narHash": "sha256-W7lqHp0qZiENCDwUZ5EX/lNhxjMdNapFnbErcbnP11Q=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "292fa7d4f6519c074f0a50394dbbe69859bb6043", + "rev": "2795c506fe8fb7b03c36ccb51f75b6df0ab2553f", "type": "github" }, "original": { @@ -353,11 +353,11 @@ ] }, "locked": { - "lastModified": 1746485181, - "narHash": "sha256-PxrrSFLaC7YuItShxmYbMgSuFFuwxBB+qsl9BZUnRvg=", + "lastModified": 1747603214, + "narHash": "sha256-lAblXm0VwifYCJ/ILPXJwlz0qNY07DDYdLD+9H+Wc8o=", "owner": "Mic92", "repo": "sops-nix", - "rev": "e93ee1d900ad264d65e9701a5c6f895683433386", + "rev": "8d215e1c981be3aa37e47aeabd4e61bb069548fd", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 6f11097..92eb58b 100644 --- a/flake.nix +++ b/flake.nix @@ -2,7 +2,7 @@ description = "NixOS configuration"; inputs = { # nix.url = "github:NixOS/nix"; - nixpkgs.url = "nixpkgs/nixos-24.11"; + nixpkgs.url = "nixpkgs/nixos-25.05"; nixpkgs-unstable.url = "nixpkgs/nixos-unstable"; flake-parts.url = "github:hercules-ci/flake-parts"; diff --git a/images/base-config.nix b/images/base-config.nix index 15d6aa5..0de2c90 100644 --- a/images/base-config.nix +++ b/images/base-config.nix @@ -6,8 +6,6 @@ ... }: { - system.stateVersion = config.system.nixos.version; - networking = { firewall.enable = false; diff --git a/modules/services/freshrss/default.nix b/modules/services/freshrss/default.nix index 380fd2e..4a0ce59 100644 --- a/modules/services/freshrss/default.nix +++ b/modules/services/freshrss/default.nix @@ -45,29 +45,10 @@ in enable = true; baseUrl = "https://news.${domain}"; inherit (cfg) language passwordFile defaultUser; - virtualHost = null; - # TODO 25.05: Add support for custom virtualHost - # webserver = "caddy"; + virtualHost = "news.${domain}"; + webserver = "caddy"; }; - services.phpfpm.pools.freshrss.settings = { - "listen.owner" = lib.mkForce config.services.caddy.user; - "listen.group" = lib.mkForce config.services.caddy.group; - }; - - my.services.webserver.virtualHosts = [ - { - subdomain = "news"; - extraConfig = '' - root * ${config.services.freshrss.package}/p - php_fastcgi unix/${config.services.phpfpm.pools.freshrss.socket} { - env FRESHRSS_DATA_PATH ${config.services.freshrss.dataDir} - } - file_server - ''; - } - ]; - webapps.apps.freshrss = { dashboard = { name = "News"; diff --git a/modules/services/nextcloud/default.nix b/modules/services/nextcloud/default.nix index 8b50c82..bd37689 100644 --- a/modules/services/nextcloud/default.nix +++ b/modules/services/nextcloud/default.nix @@ -53,7 +53,7 @@ in services = { nextcloud = { enable = true; - package = pkgs.nextcloud30; + package = pkgs.nextcloud31; hostName = "cloud.${domain}"; maxUploadSize = cfg.maxSize; autoUpdateApps.enable = true; @@ -65,6 +65,7 @@ in adminuser = cfg.admin; adminpassFile = cfg.passwordFile; + dbtype = "sqlite"; #dbtype = "pgsql"; #dbhost = "/run/postgresql"; }; diff --git a/modules/services/prometheus/default.nix b/modules/services/prometheus/default.nix index e2b10c8..c33d6c9 100644 --- a/modules/services/prometheus/default.nix +++ b/modules/services/prometheus/default.nix @@ -27,7 +27,7 @@ in description = "retention time"; }; - # a good collections for allerts can be found here: https://samber.github.io/awesome-prometheus-alerts/rules#blackbox + # a good collections for alerts can be found here: https://samber.github.io/awesome-prometheus-alerts/rules#blackbox rules = mkOption { type = types.attrsOf ( types.submodule { diff --git a/profiles/gaming/default.nix b/profiles/gaming/default.nix index b1df81a..fe67c70 100644 --- a/profiles/gaming/default.nix +++ b/profiles/gaming/default.nix @@ -33,7 +33,7 @@ in hardware = { graphics.enable32Bit = true; graphics.extraPackages32 = with pkgs.pkgsi686Linux; [ libva ]; - pulseaudio.support32Bit = true; }; + services.pulseaudio.support32Bit = true; }; } diff --git a/profiles/media/default.nix b/profiles/media/default.nix index 9727ac4..927dd43 100644 --- a/profiles/media/default.nix +++ b/profiles/media/default.nix @@ -31,7 +31,7 @@ in pdfgrep # grep in pdfs pdfsam-basic # pdf editing picard # music tagging - projectm # visualization of music + projectm-sdl-cpp # visualization of music puddletag # audio tagging shotwell # photo management sonixd # cloud-music-player diff --git a/profiles/usb-iso/default.nix b/profiles/usb-iso/default.nix index 7c0adae..bc66209 100644 --- a/profiles/usb-iso/default.nix +++ b/profiles/usb-iso/default.nix @@ -13,6 +13,10 @@ in }; config = lib.mkIf cfg.enable { + # binary blobs are needed for ventoy + nixpkgs.config.permittedInsecurePackages = [ + "ventoy-1.1.05" + ]; environment.systemPackages = with pkgs; [ ventoy-bin-full # general woeusb-ng # windows