diff --git a/flake.lock b/flake.lock index 7696580..8916bfc 100644 --- a/flake.lock +++ b/flake.lock @@ -10,11 +10,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1738524606, - "narHash": "sha256-hPYEJ4juK3ph7kbjbvv7PlU1D9pAkkhl+pwx8fZY53U=", + "lastModified": 1731270564, + "narHash": "sha256-6KMC/NH/VWP5Eb+hA56hz0urel3jP6Y6cF2PX6xaTkk=", "owner": "zhaofengli", "repo": "attic", - "rev": "ff8a897d1f4408ebbf4d45fa9049c06b3e1e3f4e", + "rev": "47752427561f1c34debb16728a210d378f0ece36", "type": "github" }, "original": { @@ -83,11 +83,11 @@ "complement": { "flake": false, "locked": { - "lastModified": 1741378155, - "narHash": "sha256-rJSfqf3q4oWxcAwENtAowLZeCi8lktwKVH9XQvvZR64=", + "lastModified": 1734303596, + "narHash": "sha256-HjDRyLR4MBqQ3IjfMM6eE+8ayztXlbz3gXdyDmFla68=", "owner": "girlbossceo", "repo": "complement", - "rev": "1502a00d8551d0f6e8954a23e43868877c3e57d9", + "rev": "14cc5be797b774f1a2b9f826f38181066d4952b8", "type": "github" }, "original": { @@ -120,11 +120,11 @@ "rocksdb": "rocksdb" }, "locked": { - "lastModified": 1741642109, - "narHash": "sha256-vO66C3rCb4lz3NU012fZj8+5BaFGuOCq/BJqiOXpqSA=", + "lastModified": 1739202916, + "narHash": "sha256-QdPUbONWFUdUSagT0pwad5yzOP0+Vxmmb6pM6QjhyFI=", "owner": "girlbossceo", "repo": "conduwuit", - "rev": "c4b05e77f3dd66636e26b64f8f4852703816c399", + "rev": "e3b81f7b6488b5c483e8b13e3959fe591bf4cb92", "type": "github" }, "original": { @@ -157,11 +157,11 @@ }, "crane_2": { "locked": { - "lastModified": 1741481578, - "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", + "lastModified": 1741396358, + "narHash": "sha256-js4c6tqxluo4Fysn8gloLnlZ6ZjQkuWMgGjHN8+WssE=", "owner": "ipetkov", "repo": "crane", - "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", + "rev": "aaebfb7ce7e13c691aea178aff7621906f466662", "type": "github" }, "original": { @@ -213,11 +213,11 @@ "rust-analyzer-src": "rust-analyzer-src" }, "locked": { - "lastModified": 1740724364, - "narHash": "sha256-D1jLIueJx1dPrP09ZZwTrPf4cubV+TsFMYbpYYTVj6A=", + "lastModified": 1737786656, + "narHash": "sha256-ubCW9Jy7ZUOF354bWxTgLDpVnTvIpNr6qR4H/j7I0oo=", "owner": "nix-community", "repo": "fenix", - "rev": "edf7d9e431cda8782e729253835f178a356d3aab", + "rev": "2f721f527886f801403f389a9cabafda8f1e3b7f", "type": "github" }, "original": { @@ -472,11 +472,11 @@ ] }, "locked": { - "lastModified": 1741701235, - "narHash": "sha256-gBlb8R9gnjUAT5XabJeel3C2iEUiBHx3+91651y3Sqo=", + "lastModified": 1741461731, + "narHash": "sha256-BBQfGvO3GWOV+5tmqH14gNcZrRaQ7Q3tQx31Frzoip8=", "owner": "nix-community", "repo": "home-manager", - "rev": "c630dfa8abcc65984cc1e47fb25d4552c81dd37e", + "rev": "7f4c60a3d6e548dbc13666565c22cb3f8dcdad44", "type": "github" }, "original": { @@ -566,11 +566,11 @@ "liburing": { "flake": false, "locked": { - "lastModified": 1740613216, - "narHash": "sha256-NpPOBqNND3Qe9IwqYs0mJLGTmIx7e6FgUEBAnJ+1ZLA=", + "lastModified": 1737600516, + "narHash": "sha256-EKyLQ3pbcjoU5jH5atge59F4fzuhTsb6yalUj6Ve2t8=", "owner": "axboe", "repo": "liburing", - "rev": "e1003e496e66f9b0ae06674869795edf772d5500", + "rev": "6c509e2b0c881a13b83b259a221bf15fc9b3f681", "type": "github" }, "original": { @@ -593,11 +593,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1741700536, - "narHash": "sha256-0OJER7bI6UsCFnKfKdLtgjpOTNccbN3N1dDriP4XRwA=", + "lastModified": 1741358751, + "narHash": "sha256-cDPg74UirjlGcVjB9qI/8ImkdEJ9p2y8Y2FQBfU8KzY=", "ref": "refs/heads/main", - "rev": "be1491fa6aef638e0147b81ff172131d6db668d9", - "revCount": 17635, + "rev": "93c3ca4e92b8cd1a129498f4c3f4c48558032d46", + "revCount": 17620, "type": "git", "url": "https://git.lix.systems/lix-project/lix" }, @@ -745,11 +745,11 @@ ] }, "locked": { - "lastModified": 1741619381, - "narHash": "sha256-koZtlJRqi0/MD/AKd0KrXLA2NuBOVzlIyAJprjzpxZE=", + "lastModified": 1741446546, + "narHash": "sha256-0z0GiUsUhjhZWa24bcAxqmlI3Ch8QvEeh42wghc6oVw=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "66537fb185462ba9b07f4e6f2d54894a1b2d04ab", + "rev": "eeaf10849c3a0435323216885c0df7569dc95cb9", "type": "github" }, "original": { @@ -765,11 +765,11 @@ ] }, "locked": { - "lastModified": 1741597901, - "narHash": "sha256-nLUTgXXcFFz+3pd3Khz1H4jUECqX5+OapNPGioPJRQs=", + "lastModified": 1740995332, + "narHash": "sha256-SELnZZg9LOhw+kz60yEAr3l1plu70rBLInMRszLHtuc=", "owner": "nix-community", "repo": "nix-ld", - "rev": "8e0308dd7dd9cd3656866fb2387bc29052fd6d3a", + "rev": "090c2003e3faa739e5a94e0a3cd782a1ccc40964", "type": "github" }, "original": { @@ -860,11 +860,11 @@ }, "nixpkgs-stable_3": { "locked": { - "lastModified": 1741600792, - "narHash": "sha256-yfDy6chHcM7pXpMF4wycuuV+ILSTG486Z/vLx/Bdi6Y=", + "lastModified": 1741332913, + "narHash": "sha256-ri1e8ZliWS3Jnp9yqpKApHaOo7KBN33W8ECAKA4teAQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "ebe2788eafd539477f83775ef93c3c7e244421d3", + "rev": "20755fa05115c84be00b04690630cb38f0a203ad", "type": "github" }, "original": { @@ -924,11 +924,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1741692589, - "narHash": "sha256-t1BrOTAUIkRY4YlSspERzz5iaFbzJTIE6mhLmnWrDaA=", + "lastModified": 1741455743, + "narHash": "sha256-raXtjhD9mmNrVdCoJkYoUo0X2lhEyIZYQ6M7uUp/Uuc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a7010334ad6d8082bb8aa5dd2e37bf3b98b1a713", + "rev": "c1ee2620296430ac1e3ee72583ad0191463a9d60", "type": "github" }, "original": { @@ -949,11 +949,11 @@ "nuschtosSearch": "nuschtosSearch" }, "locked": { - "lastModified": 1741637833, - "narHash": "sha256-1uBkdOwxNmkdXXjoycnEBZUoHZ/22GitQRVXjZlsVK0=", + "lastModified": 1741098523, + "narHash": "sha256-gXDSXDr6tAb+JgxGMvcEjKC9YO8tVOd8hMMZHJLyQ6Q=", "owner": "nix-community", "repo": "nixvim", - "rev": "bc34099731a7e3799c0d52ccdf4599409a2ef9b9", + "rev": "03065fd4708bfdf47dd541d655392a60daa25ded", "type": "github" }, "original": { @@ -1062,16 +1062,16 @@ "rocksdb": { "flake": false, "locked": { - "lastModified": 1741308171, - "narHash": "sha256-YdBvdQ75UJg5ffwNjxizpviCVwVDJnBkM8ZtGIduMgY=", + "lastModified": 1737828695, + "narHash": "sha256-8Ev6zzhNPU798JNvU27a7gj5X+6SDG3jBweUkQ59DbA=", "owner": "girlbossceo", "repo": "rocksdb", - "rev": "3ce04794bcfbbb0d2e6f81ae35fc4acf688b6986", + "rev": "a4d9230dcc9d03be428b9a728133f8f646c0065c", "type": "github" }, "original": { "owner": "girlbossceo", - "ref": "v9.11.1", + "ref": "v9.9.3", "repo": "rocksdb", "type": "github" } @@ -1104,11 +1104,11 @@ "rust-analyzer-src": { "flake": false, "locked": { - "lastModified": 1740691488, - "narHash": "sha256-Fs6vBrByuiOf2WO77qeMDMTXcTGzrIMqLBv+lNeywwM=", + "lastModified": 1737728869, + "narHash": "sha256-U4pl3Hi0lT6GP4ecN3q9wdD2sdaKMbmD/5NJ1NdJ9AM=", "owner": "rust-lang", "repo": "rust-analyzer", - "rev": "fe3eda77d3a7ce212388bda7b6cec8bffcc077e5", + "rev": "6e4c29f7ce18cea7d3d31237a4661ab932eab636", "type": "github" }, "original": { @@ -1125,11 +1125,11 @@ ] }, "locked": { - "lastModified": 1741660300, - "narHash": "sha256-0jldJ58sC5RjqwpwE+ER+RPMeX4Moz5im/evQ3SU/dU=", + "lastModified": 1741400194, + "narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "ac2f556db0eb5cbba3c4f5f5989c46330f439b0b", + "rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f", "type": "github" }, "original": { @@ -1145,11 +1145,11 @@ ] }, "locked": { - "lastModified": 1741644481, - "narHash": "sha256-E0RrMykMtEv15V3QhpsFutgoSKhL1JBhidn+iZajOyg=", + "lastModified": 1741043164, + "narHash": "sha256-9lfmSZLz6eq9Ygr6cCmvQiiBEaPb54pUBcjvbEMPORc=", "owner": "Mic92", "repo": "sops-nix", - "rev": "e653d71e82575a43fe9d228def8eddb73887b866", + "rev": "3f2412536eeece783f0d0ad3861417f347219f4d", "type": "github" }, "original": { @@ -1210,6 +1210,9 @@ }, "vscode-extensions": { "inputs": { + "flake-compat": [ + "flake-compat" + ], "flake-utils": [ "flake-utils" ], @@ -1218,16 +1221,17 @@ ] }, "locked": { - "lastModified": 1741704640, - "narHash": "sha256-FSvtxhfB0PQtFOj8PMfcgUG1QVaQzjTZvAxLiqDysKI=", + "lastModified": 1740924345, + "narHash": "sha256-TO8Ttb+7PeKBkUe8vUrBt6Vxg3RMeQp4ARmlWQfcWrs=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "27f37976beb94100b18ab8407ff056654db68506", + "rev": "1fc267a10f46200e32f0850caa396bd1ba4ba08e", "type": "github" }, "original": { "owner": "nix-community", "repo": "nix-vscode-extensions", + "rev": "1fc267a10f46200e32f0850caa396bd1ba4ba08e", "type": "github" } } diff --git a/flake.nix b/flake.nix index 29fc0ab..cdb829e 100644 --- a/flake.nix +++ b/flake.nix @@ -68,9 +68,11 @@ inputs.flake-utils.follows = "flake-utils"; }; vscode-extensions = { - url = "github:nix-community/nix-vscode-extensions/"; + # https://github.com/nix-community/nix-vscode-extensions/issues/102 + url = "github:nix-community/nix-vscode-extensions/1fc267a10f46200e32f0850caa396bd1ba4ba08e"; inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-utils.follows = "flake-utils"; + inputs.flake-compat.follows = "flake-compat"; }; nix-index-database = { url = "github:nix-community/nix-index-database"; diff --git a/home/yt/ytnix.nix b/home/yt/ytnix.nix index 9b20a66..c0182e7 100644 --- a/home/yt/ytnix.nix +++ b/home/yt/ytnix.nix @@ -101,9 +101,27 @@ wl-clipboard-rs pixelflasher element-desktop - freetube ]; + programs.feh.enable = true; + + xdg.configFile = { + mpv.source = ../mpv; + }; + + programs.direnv = { + enable = true; + nix-direnv.enable = true; + }; + + programs.git.extraConfig = { + user = { + signingKey = "~/.ssh/id_ed25519"; + }; + gpg.format = "ssh"; + commit.gpgsign = true; + }; + home.sessionVariables = { # to make ghidra work on xwayland _JAVA_AWT_WM_NONREPARENTING = 1; @@ -126,29 +144,5 @@ SSH_AUTH_SOCK = "$HOME/.bitwarden-ssh-agent.sock"; }; - home.sessionPath = [ - "$HOME/.cargo/bin" - "$HOME/go/bin" - ]; - - programs.feh.enable = true; - - xdg.configFile = { - mpv.source = ../mpv; - }; - - programs.direnv = { - enable = true; - nix-direnv.enable = true; - }; - - programs.git.extraConfig = { - user = { - signingKey = "~/.ssh/id_ed25519"; - }; - gpg.format = "ssh"; - commit.gpgsign = true; - }; - programs.nix-index-database.comma.enable = true; } diff --git a/hosts/chunk/default.nix b/hosts/chunk/default.nix index 465e0b9..48d7d84 100644 --- a/hosts/chunk/default.nix +++ b/hosts/chunk/default.nix @@ -79,7 +79,6 @@ networkmanager.enable = true; firewall = { enable = true; - trustedInterfaces = [ "tailscale0" ]; allowedTCPPorts = [ 22 80 @@ -87,6 +86,8 @@ ]; allowedUDPPorts = [ 443 + 53 + 853 ]; extraCommands = let diff --git a/hosts/chunk/immich.nix b/hosts/chunk/immich.nix index 6541770..9661e8c 100644 --- a/hosts/chunk/immich.nix +++ b/hosts/chunk/immich.nix @@ -1,7 +1,6 @@ { pkgs, config, - lib, ... }: let @@ -68,9 +67,21 @@ in ]; networks = [ "immich-net" ]; }; + + # immich-ml = { + # image = "ghcr.io/immich-app/immich-machine-learning:release"; + # autoStart = true; + # pull = "newer"; + # environment = { + # REDIS_HOSTNAME = "immich-redis"; + # DB_HOSTNAME = "immich-db"; + # }; + # volumes = [ "${modelCache}:/cache" ]; + # networks = [ "immich-net" ]; + # }; }; - systemd.services.create-immich-net = rec { + systemd.services.create-immich-net = { serviceConfig.Type = "oneshot"; requiredBy = with config.virtualisation.oci-containers; [ "${backend}-immich.service" @@ -78,10 +89,10 @@ in "${backend}-immich-redis.service" # "${backend}-immich-ml.service" ]; - before = requiredBy; + before = config.systemd.services.create-immich-net.requiredBy; script = '' - ${lib.getExe pkgs.podman} network exists immich-net || \ - ${lib.getExe pkgs.podman} network create immich-net + ${pkgs.podman}/bin/podman network exists immich-net || \ + ${pkgs.podman}/bin/podman network create immich-net ''; }; diff --git a/hosts/ytnix/containers.nix b/hosts/ytnix/containers.nix deleted file mode 100644 index a2aa405..0000000 --- a/hosts/ytnix/containers.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: -{ - virtualisation.oci-containers.containers = { - immich-ml = let - modelCache = "/opt/immich-ml"; - in { - image = "ghcr.io/immich-app/immich-machine-learning:release"; - autoStart = true; - pull = "newer"; - ports = [ "3003:3003" ]; - environment = { - REDIS_HOSTNAME = "immich-redis"; - DB_HOSTNAME = "immich-db"; - }; - volumes = [ "${modelCache}:/cache" ]; - networks = [ "immich-net" ]; - }; - }; - - systemd.services.create-immich-net = rec { - serviceConfig.Type = "oneshot"; - requiredBy = with config.virtualisation.oci-containers; [ - "${backend}-immich-ml.service" - ]; - before = requiredBy; - script = '' - ${lib.getExe pkgs.podman} network exists immich-net || \ - ${lib.getExe pkgs.podman} network create immich-net - ''; - }; -} \ No newline at end of file diff --git a/hosts/ytnix/default.nix b/hosts/ytnix/default.nix index c185991..c097165 100644 --- a/hosts/ytnix/default.nix +++ b/hosts/ytnix/default.nix @@ -10,7 +10,6 @@ ../common.nix ../zsh.nix ./tailscale.nix - ./containers.nix ]; sops.age.keyFile = "/root/.config/sops/age/keys.txt"; @@ -87,12 +86,10 @@ resolvconf.enable = true; firewall = { enable = true; - trustedInterfaces = [ "tailscale0" ]; - # allowedTCPPorts = [ - # 8080 # mitmproxy - # 22000 # syncthing - # 3003 # immich-ml - # ]; + allowedTCPPorts = [ + 8080 # mitmproxy + 22000 # syncthing + ]; }; }; programs.nm-applet.enable = true; @@ -255,11 +252,11 @@ xdg.mime.defaultApplications = { "application/pdf" = "okular.desktop"; "image/*" = "gwenview.desktop"; + "*/html" = "chromium-browser.desktop"; }; - virtualisation.libvirtd = { - enable = true; - qemu.vhostUserPackages = with pkgs; [ virtiofsd ]; + virtualisation = { + libvirtd.enable = true; }; programs.virt-manager.enable = true; my.containerization.enable = true; @@ -383,5 +380,4 @@ programs.ccache.enable = true; nix.settings.extra-sandbox-paths = [ config.programs.ccache.cacheDir ]; - programs.fuse.userAllowOther = true; }