challenger: update flake, various small fixes

challenger/nextcloud: fix and document memories/recognize
2024-07-05 23:06:44 +02:00 · 2024-07-05 23:06:44 +02:00
5 changed files with 56 additions and 53 deletions
--- a/flake.lock
+++ b/flake.lock
@ -1,5 +1,20 @@
 {
  "nodes": {
    "extra-config": {
      "locked": {
        "lastModified": 1720193877,
        "narHash": "sha256-f+ZtFQTbbmieTYLANn0AOz439/sIH+HumOAhItdYYig=",
        "ref": "refs/heads/main",
        "rev": "f9817deef3d4e56a31a89ee93419a9acd278e922",
        "revCount": 9,
        "type": "git",
        "url": "file:///home/felixalb/nix-extra-config"
      },
      "original": {
        "type": "git",
        "url": "file:///home/felixalb/nix-extra-config"
      }
    },
    "flake-compat": {
      "flake": false,
      "locked": {
@ -164,11 +179,11 @@
    },
    "nixpkgs_3": {
      "locked": {
-        "lastModified": 1718086528,
+        "lastModified": 1719956923,
-        "narHash": "sha256-hoB7B7oPgypePz16cKWawPfhVvMSXj4G/qLsfFuhFjw=",
+        "narHash": "sha256-nNJHJ9kfPdzYsCOlHOnbiiyKjZUW5sWbwx3cakg3/C4=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "47b604b07d1e8146d5398b42d3306fdebd343986",
+        "rev": "706eef542dec88cc0ed25b9075d3037564b2d164",
        "type": "github"
      },
      "original": {
@ -180,14 +195,14 @@
    },
    "root": {
      "inputs": {
        "extra-config": "extra-config",
        "home-manager": "home-manager",
        "matrix-synapse-next": "matrix-synapse-next",
        "nix-darwin": "nix-darwin",
        "nix-minecraft": "nix-minecraft",
        "nixpkgs": "nixpkgs_3",
        "sops-nix": "sops-nix",
-        "unstable": "unstable",
+        "unstable": "unstable"
        "voyager-addons": "voyager-addons"
      }
    },
    "sops-nix": {
@ -228,11 +243,11 @@
    },
    "unstable": {
      "locked": {
-        "lastModified": 1716948383,
+        "lastModified": 1720031269,
-        "narHash": "sha256-SzDKxseEcHR5KzPXLwsemyTR/kaM9whxeiJohbL04rs=",
+        "narHash": "sha256-rwz8NJZV+387rnWpTYcXaRNvzUSnnF9aHONoJIYmiUQ=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "ad57eef4ef0659193044870c731987a6df5cf56b",
+        "rev": "9f4128e00b0ae8ec65918efeba59db998750ead6",
        "type": "github"
      },
      "original": {
@ -241,21 +256,6 @@
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "voyager-addons": {
      "locked": {
        "lastModified": 1717176924,
        "narHash": "sha256-pYq/v0RNwHshSZf2OeH3P6Aa4/zHGDAJq7Z2Ah9i700=",
        "ref": "refs/heads/main",
        "rev": "15f32cc6b828c56cb6a954de0096b81f291100d9",
        "revCount": 8,
        "type": "git",
        "url": "file:///home/felixalb/voyager-addons"
      },
      "original": {
        "type": "git",
        "url": "file:///home/felixalb/voyager-addons"
      }
    }
  },
  "root": "root",
--- a/flake.nix
+++ b/flake.nix
@ -14,8 +14,7 @@
    matrix-synapse-next.url = "github:dali99/nixos-matrix-modules/v0.6.0";
    nix-minecraft.url = "github:Infinidoge/nix-minecraft";
-    # voyager-addons.url = "git+ssh://git@git.feal.no:2222/felixalb/voyager-addons.git";
+    extra-config.url = "git+file:///home/felixalb/nix-extra-config";
    voyager-addons.url = "git+file:///home/felixalb/voyager-addons";
    sops-nix.url = "github:Mic92/sops-nix";
    sops-nix.inputs.nixpkgs.follows = "nixpkgs";
@ -30,7 +29,7 @@
    , nixpkgs
    , sops-nix
    , unstable
-    , voyager-addons
+    , extra-config
  , ... }@inputs:
    let
      pkgs-overlay = final: prev: {
@ -48,25 +47,6 @@
    in
    {
      nixosConfigurations = {
        voyager = nixpkgs.lib.nixosSystem {
          system = "x86_64-linux";
          specialArgs = {
            inherit inputs;
          };
          modules = [
            # Overlays-module makes "pkgs.unstable" available in configuration.nix
            ({ config, pkgs, ... }: { nixpkgs.overlays = [ pkgs-overlay ]; })
            ./hosts/voyager/configuration.nix
            voyager-addons.nixosModules.default
            sops-nix.nixosModules.sops
            home-manager.nixosModules.home-manager {
              home-manager.useGlobalPkgs = true;
              home-manager.useUserPackages = true;
              home-manager.users."felixalb" = import ./hosts/voyager/home.nix;
            }
          ];
        };
        challenger = nixpkgs.lib.nixosSystem {
          system = "x86_64-linux";
          specialArgs = {
@ -77,6 +57,7 @@
            ({ config, pkgs, ... }: { nixpkgs.overlays = [ pkgs-overlay ]; })
            ./hosts/challenger/configuration.nix
            extra-config.nixosModules.default
            sops-nix.nixosModules.sops
            home-manager.nixosModules.home-manager {
              home-manager.useGlobalPkgs = true;
--- a/home/neovim.nix
+++ b/home/neovim.nix
@ -21,7 +21,7 @@ in {
      telescope-nvim
      nvim-lspconfig
-      copilot-vim
+      # copilot-vim
      nvim-treesitter
      coc-css
--- a/hosts/challenger/services/jellyfin.nix
+++ b/hosts/challenger/services/jellyfin.nix
@ -36,9 +36,4 @@
      add_header Permissions-Policy "accelerometer=(), ambient-light-sensor=(), battery=(), bluetooth=(), camera=(), clipboard-read=(), display-capture=(), document-domain=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), serial=(), sync-xhr=(), usb=(), xr-spatial-tracking=()" always;
    '';
  };
  fileSystems."/tank/media/jellyfin/Music" = {
    device = "tank/media/music";
    fsType = "zfs";
  };
 }
--- a/hosts/challenger/services/nextcloud.nix
+++ b/hosts/challenger/services/nextcloud.nix
@ -45,6 +45,17 @@ in {
      };
      oidc_login_filter_allowed_values = [ "nextcloud-user" ];
      oidc_login_disable_registration = false;
      memories = {
        # exiftool = "${lib.getExe pkgs.exiftool}"; # TODO - not working, use perl
        # exiftool_no_local = false;
        vod = {
          disable = false;
          ffmpeg = "${lib.getExe pkgs.ffmpeg-headless}";
          ffprobe = "${pkgs.ffmpeg-headless}/bin/ffprobe";
        };
      };
      preview_ffmpeg_path = "${pkgs.ffmpeg-headless}/bin/ffmpeg";
    };
    secretFile = config.sops.secrets."nextcloud/secretsjson".path;
@ -64,7 +75,10 @@ in {
    };
  };
-  environment.systemPackages = [ cfg.occ ];
+  environment.systemPackages = [
    cfg.occ # "occ CMD" in the docs -> "sudo -u nextcloud nextcloud-occ CMD"
    pkgs.nodejs_20 # For Recognize; Put /run/current-system/sw/bin/node in the "node_binary" field in the web UI -> Memories
  ];
  sops.secrets."nextcloud/adminpass" = {
    mode = "0440";
@ -87,6 +101,10 @@ in {
    } ];
  };
  systemd.services.nextcloud-cron = {
    path = [ pkgs.perl ]; # exiftool doesn't work, so make perl available instead
  };
  systemd.services."nextcloud-setup" = {
    requires = [ "postgresql.service" ];
    after = [ "postgresql.service" ];
@ -94,10 +112,12 @@ in {
  systemd.services."phpfpm-nextcloud" = {
    requires = [ "tank-nextcloud.mount" ];
    path = [ pkgs.perl ];
    serviceConfig = {
      PrivateDevices = lib.mkForce false;
      WorkingDirectory = "/tank/nextcloud";
      NoNewPrivileges = true;
      PrivateDevices = true;
      PrivateMounts = true;
      PrivateTmp = true;
      ProtectClock = true;
@ -118,4 +138,11 @@ in {
      CapabilityBoundingSet = "~CAP_FSETID ~CAP_SETFCAP ~CAP_SETUID ~CAP_SETGID ~CAP_SETPCAP ~CAP_NET_ADMIN ~CAP_SYS_ADMIN ~CAP_SYS_PTRACE ";
    };
  };
  # Notes:
  # - Install Memories and Recognize from the app store
  #  - They might need to be forced on with "nextcloud-occ app:enable memories", etc.
  # - Run "nextcloud-occ maintenance:repair" to fix broken paths
  # - Download ai models and maps with the commands given in the ui
  # - libtensorflow doesn't work properly through node, but recognize still works(?)
 }
Author	SHA1	Message	Date
Felix Albrigtsen	ea7501f606	challenger: update flake, various small fixes	2024-07-05 23:06:44 +02:00
Felix Albrigtsen	a19ab9a661	challenger/nextcloud: fix and document memories/recognize	2024-07-05 23:06:44 +02:00