challenger+defiant: Set bind-mount fsType=none

challenger/nextcloud: Update to version 33
challenger/nvidia: Upgrade to 26.05, lock to Nvidia 580
2026-06-01 10:38:27 +02:00 · 2026-06-01 10:38:15 +02:00 · 2026-06-01 10:37:45 +02:00 · 2026-05-31 22:40:01 +02:00
7 changed files with 20 additions and 7 deletions
@@ -49,13 +49,23 @@
  security.polkit.enable = true; # Required for nextcloud
  nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
-       "nvidia-x11"
+    "nvidia-kernel-modules"
-       "nvidia-settings"
+    "nvidia-settings"
    "nvidia-x11"
  ];
  hardware.nvidia = {
    modesetting.enable = true;
    open = false;
    # https://github.com/sircam-html/nixos-conf/blob/main/guides/nvidia-nixos-guide.md
    package = config.boot.kernelPackages.nvidiaPackages.mkDriver {
      version            = "580.142";
      sha256_64bit       = "sha256-IJFfzz/+icNVDPk7YKBKKFRTFQ2S4kaOGRGkNiBEdWM=";
      sha256_aarch64     = "sha256-0000000000000000000000000000000000000000000=";
      openSha256         = "sha256-0000000000000000000000000000000000000000000=";
      settingsSha256     = "sha256-BnrIlj5AvXTfqg/qcBt2OS9bTDDZd3uhf5jqOtTMTQM=";
      persistencedSha256 = "sha256-0000000000000000000000000000000000000000000=";
    };
  };
  hardware.graphics.enable = true;
@@ -4,6 +4,7 @@
    "/export/riker-backup" = {
      device = "/tank/backup/riker";
      options = [ "bind" ];
      fsType = "none";
    };
  };
@@ -9,6 +9,7 @@
    zfs = {
      extraPools = [ "tank" ];
      requestEncryptionCredentials = false;
      forceImportRoot = false;
    };
    supportedFilesystems = [ "zfs" ];
  };
@@ -5,6 +5,7 @@
      device = "/tank/nvr/frigate";
      depends = [ "/tank/nvr/frigate" ];
      options = [ "bind" ];
      fsType = "none";
    };
  };
@@ -5,7 +5,7 @@ let
 in {
  services.nextcloud = {
    enable = true;
-    package = pkgs.nextcloud32;
+    package = pkgs.nextcloud33;
    inherit hostName;
    home = "/tank/nextcloud";
    https = true;
@@ -75,7 +75,7 @@ in {
  environment.systemPackages = [
    cfg.occ # "occ CMD" in the docs -> "sudo -u nextcloud nextcloud-occ CMD"
-    pkgs.nodejs_20 # For Recognize; Put /run/current-system/sw/bin/node in the "node_binary" field in the web UI -> Memories
+    pkgs.nodejs # For Recognize; Put /run/current-system/sw/bin/node in the "node_binary" field in the web UI -> Memories
  ];
  sops.secrets."nextcloud/adminpass" = {
@@ -11,7 +11,7 @@
  fileSystems."/var/lib/libvirt/images" = {
    device = "/tank/iso";
    options = [ "bind" ];
-    fsType = "auto";
+    fsType = "none";
  };
  # On a gui-enabled machine, connect with:
@@ -16,10 +16,10 @@ in {
      privateKeyFile = "/etc/wireguard/defiant.private";
      postSetup = ''
-        ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -d 192.168.10.0/24 -o eth0 -j MASQUERADE
+        ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -d 192.168.10.0/24 -o enp3s0 -j MASQUERADE
      '';
      postShutdown = ''
-        ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -d 192.168.10.0/24 -o eth0 -j MASQUERADE
+        ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -d 192.168.10.0/24 -o enp3s0 -j MASQUERADE
      '';
      peers = (import ../../../common/wireguard-peers.nix);
Author	SHA1	Message	Date
felixalb	f26fa172b8	challenger+defiant: Set bind-mount fsType=none	2026-06-01 10:38:27 +02:00
felixalb	23626db89f	challenger/nextcloud: Update to version 33	2026-06-01 10:38:15 +02:00
felixalb	fb847fc9c6	challenger/nvidia: Upgrade to 26.05, lock to Nvidia 580	2026-06-01 10:37:45 +02:00
felixalb	f474909415	defiant: update to nixos 26.05	2026-05-31 22:40:01 +02:00