From 73c0eda7cf36d5b1a4d2311993e595ec8916e100 Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Sun, 22 Sep 2024 21:27:01 +0200 Subject: [PATCH 01/15] malcolm/kinealbrigtsen: Remove CSP to fix awful WP plugins --- hosts/malcolm/services/www-kinealbrigtsen-no.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/hosts/malcolm/services/www-kinealbrigtsen-no.nix b/hosts/malcolm/services/www-kinealbrigtsen-no.nix index 43d73a6..f970fd4 100644 --- a/hosts/malcolm/services/www-kinealbrigtsen-no.nix +++ b/hosts/malcolm/services/www-kinealbrigtsen-no.nix @@ -83,7 +83,6 @@ set_real_ip_from 192.168.11.0/24; real_ip_header X-Forwarded-For; - add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always; add_header 'Referrer-Policy' 'origin-when-cross-origin'; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; -- 2.49.0 From 7c10e960357a354fe4976062d4575a332ffb4f4c Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Tue, 31 Dec 2024 13:02:17 +0100 Subject: [PATCH 02/15] malcolm: WIP CTF tools --- hosts/malcolm/configuration.nix | 1 + hosts/malcolm/services/www-ctf-feal-no.nix | 14 ++++++++++++++ 2 files changed, 15 insertions(+) create mode 100644 hosts/malcolm/services/www-ctf-feal-no.nix diff --git a/hosts/malcolm/configuration.nix b/hosts/malcolm/configuration.nix index 0d625c3..8f29b6f 100644 --- a/hosts/malcolm/configuration.nix +++ b/hosts/malcolm/configuration.nix @@ -10,6 +10,7 @@ ./services/mysql.nix ./services/nginx.nix + ./services/www-ctf-feal-no.nix ./services/www-kinealbrigtsen-no.nix ]; diff --git a/hosts/malcolm/services/www-ctf-feal-no.nix b/hosts/malcolm/services/www-ctf-feal-no.nix new file mode 100644 index 0000000..cbf8d4c --- /dev/null +++ b/hosts/malcolm/services/www-ctf-feal-no.nix @@ -0,0 +1,14 @@ +{ config, pkgs, lib, ... }: + +{ + services.nginx.virtualHosts."ctf.feal.no" = { + locations = { + "/".return = "302 https://www.feal.no/"; + "/cc/" = { + alias = "${pkgs.cyberchef}/share/cyberchef/"; + index = "index.html"; + }; + "= /cc".return = "302 /cc/"; + }; + }; +} -- 2.49.0 From 4f99ff9c1e8691031a1134c43808f930d5ca4ef6 Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Tue, 3 Jun 2025 11:15:20 +0200 Subject: [PATCH 03/15] Configure fa-t14 --- hosts/fa-t14-2025/desktop.nix | 8 +---- hosts/fa-t14-2025/hardware-configuration.nix | 37 ++++++++++++++++++++ hosts/fa-t14-2025/home.nix | 1 + 3 files changed, 39 insertions(+), 7 deletions(-) create mode 100644 hosts/fa-t14-2025/hardware-configuration.nix diff --git a/hosts/fa-t14-2025/desktop.nix b/hosts/fa-t14-2025/desktop.nix index 753d525..3770c34 100644 --- a/hosts/fa-t14-2025/desktop.nix +++ b/hosts/fa-t14-2025/desktop.nix @@ -23,8 +23,6 @@ pulse.enable = true; jack.enable = true; }; - hardware.pulseaudio.enable = false; - # Fonts fonts = { @@ -36,11 +34,7 @@ font-awesome fira-code hack-font - (nerdfonts.override { - fonts = [ - "Hack" - ]; - }) + nerd-fonts.hack ]; }; diff --git a/hosts/fa-t14-2025/hardware-configuration.nix b/hosts/fa-t14-2025/hardware-configuration.nix new file mode 100644 index 0000000..e9cd0fc --- /dev/null +++ b/hosts/fa-t14-2025/hardware-configuration.nix @@ -0,0 +1,37 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/75dd0e39-9411-48c9-822d-bf3c897d0f61"; + fsType = "ext4"; + }; + + boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/3ecaedab-415c-4cce-a3a9-9f3782acb682"; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/0800-59D9"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + swapDevices = [ ]; + + networking.useDHCP = lib.mkDefault false; + # networking.interfaces.enp1s0f0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/fa-t14-2025/home.nix b/hosts/fa-t14-2025/home.nix index cfb669b..214ed2a 100644 --- a/hosts/fa-t14-2025/home.nix +++ b/hosts/fa-t14-2025/home.nix @@ -27,6 +27,7 @@ in { # Window Manager Extras bibata-cursors + brightnessctl cliphist hyprcursor hypridle -- 2.49.0 From de319def43ea7de0e0ceb453985a287a5a4ae012 Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Tue, 3 Jun 2025 12:19:05 +0200 Subject: [PATCH 04/15] flake: Start switching to NixOS 25.05 --- common/auto-upgrade.nix | 2 +- flake.lock | 16 ++++++++-------- flake.nix | 8 ++++---- home/zsh.nix | 2 +- 4 files changed, 14 insertions(+), 14 deletions(-) diff --git a/common/auto-upgrade.nix b/common/auto-upgrade.nix index c492e7e..65ddbb9 100644 --- a/common/auto-upgrade.nix +++ b/common/auto-upgrade.nix @@ -7,7 +7,7 @@ flags = [ # Override nixpkgs (only). Notably does not include home-manager, sops or other utility/application flake inputs. "--refresh" - "--override-input" "nixpkgs" "github:NixOS/nixpkgs/nixos-24.11" + "--override-input" "nixpkgs" "github:NixOS/nixpkgs/nixos-25.05" "--override-input" "nixpkgs-unstable" "github:nixos/nixpkgs/nixos-unstable" "--no-write-lock-file" ]; diff --git a/flake.lock b/flake.lock index c86ebae..7c8db1a 100644 --- a/flake.lock +++ b/flake.lock @@ -74,16 +74,16 @@ ] }, "locked": { - "lastModified": 1747688870, - "narHash": "sha256-ypL9WAZfmJr5V70jEVzqGjjQzF0uCkz+AFQF7n9NmNc=", + "lastModified": 1748665073, + "narHash": "sha256-RMhjnPKWtCoIIHiuR9QKD7xfsKb3agxzMfJY8V9MOew=", "owner": "nix-community", "repo": "home-manager", - "rev": "d5f1f641b289553927b3801580598d200a501863", + "rev": "282e1e029cb6ab4811114fc85110613d72771dea", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-24.11", + "ref": "release-25.05", "repo": "home-manager", "type": "github" } @@ -243,16 +243,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1747676747, - "narHash": "sha256-LXkWBVqilgx7Pohwqu/ABxDVw+Cmi5/Mj2S2mpUH0Fw=", + "lastModified": 1748889542, + "narHash": "sha256-Hb4iMhIbjX45GcrgOp3b8xnyli+ysRPqAgZ/LZgyT5k=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "72841a4a8761d1aed92ef6169a636872c986c76d", + "rev": "10d7f8d34e5eb9c0f9a0485186c1ca691d2c5922", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-24.11", + "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index a5e8ec6..b0aacd3 100644 --- a/flake.nix +++ b/flake.nix @@ -2,14 +2,14 @@ description = "Felixalb System flake"; inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; # Remember to update ./common/auto-upgrade.nix + nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; # Remember to update ./common/auto-upgrade.nix nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs-2211.url = "https://github.com/NixOS/nixpkgs/archive/34bfa9403e42eece93d1a3740e9d8a02fceafbca.tar.gz"; # old nixpgks for e.g. remmina - nix-darwin.url = "github:lnl7/nix-darwin/nix-darwin-24.11"; + nix-darwin.url = "github:lnl7/nix-darwin/nix-darwin-25.05"; nix-darwin.inputs.nixpkgs.follows = "nixpkgs"; - home-manager.url = "github:nix-community/home-manager/release-24.11"; + home-manager.url = "github:nix-community/home-manager/release-25.05"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; matrix-synapse-next.url = "github:dali99/nixos-matrix-modules/v0.6.0"; @@ -104,7 +104,7 @@ felixalbpc = normalSys "felixalbpc" { }; # Work laptop - felixalbpc = normalSys "fa-t14-2025" { }; + fa-t14-2025 = normalSys "fa-t14-2025" { }; # Web host malcolm = normalSys "malcolm" { }; diff --git a/home/zsh.nix b/home/zsh.nix index 3acde23..e1b4dd6 100644 --- a/home/zsh.nix +++ b/home/zsh.nix @@ -34,7 +34,7 @@ ]; }; - initExtra = '' + initContent = '' # Autocomplete ../ zstyle ':completion:*' special-dirs true export PATH="$HOME/.config/emacs/bin:$HOME/.cargo/bin:$PATH" -- 2.49.0 From e545add3976fb5937b0225b49759847e1780264a Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Tue, 3 Jun 2025 22:15:16 +0200 Subject: [PATCH 05/15] worf: Update to nixos 25.05 --- flake.lock | 8 ++++---- hosts/worf/configuration.nix | 19 ++++++++----------- 2 files changed, 12 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 7c8db1a..42944c6 100644 --- a/flake.lock +++ b/flake.lock @@ -136,16 +136,16 @@ ] }, "locked": { - "lastModified": 1739553546, - "narHash": "sha256-L4ou3xfOr17EAe836djRoQ7auVkYOREMtiQa82wVGqU=", + "lastModified": 1748373722, + "narHash": "sha256-qi6aDGP2W6GyAUNEhg+slQWEpUiJ8LNIrQkmxHpzadI=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "353846417f985e74fdc060555f17939e4472ea2c", + "rev": "75b99daa12b1fffd646d6c3cf13b06f1fa5cef63", "type": "github" }, "original": { "owner": "lnl7", - "ref": "nix-darwin-24.11", + "ref": "nix-darwin-25.05", "repo": "nix-darwin", "type": "github" } diff --git a/hosts/worf/configuration.nix b/hosts/worf/configuration.nix index 1d35eeb..ee86ec8 100644 --- a/hosts/worf/configuration.nix +++ b/hosts/worf/configuration.nix @@ -8,6 +8,8 @@ nixpkgs.config.allowUnfree = true; nix = { + enable = true; + # gc = { # automatic = true; # options = "--delete-older-than 2d"; @@ -74,6 +76,8 @@ }; }; + ids.gids.nixbld = 30000; + system.primaryUser = "felixalb"; users.users.felixalb = { home = "/Users/felixalb"; shell = pkgs.zsh; @@ -84,16 +88,11 @@ fonts.packages = with pkgs; [ - noto-fonts - font-awesome fira-code + font-awesome hack-font - - (nerdfonts.override { - fonts = [ - "Hack" - ]; - }) + nerd-fonts.hack + noto-fonts ]; system.defaults = { @@ -139,9 +138,7 @@ remapCapsLockToControl = true; }; - # Auto upgrade nix package and the daemon service. - services.nix-daemon.enable = true; - nix.package = pkgs.nix; + # nix.package = pkgs.nix; system.stateVersion = 5; } -- 2.49.0 From 9d9644dff79ffbf513c3d22220ff48610024743f Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Wed, 4 Jun 2025 13:00:49 +0200 Subject: [PATCH 06/15] fa-t14-2025: Add fake-stable microsoft edge --- hosts/fa-t14-2025/home.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/hosts/fa-t14-2025/home.nix b/hosts/fa-t14-2025/home.nix index 214ed2a..d2dcc10 100644 --- a/hosts/fa-t14-2025/home.nix +++ b/hosts/fa-t14-2025/home.nix @@ -25,6 +25,12 @@ in { virt-manager w3m + (unstable.microsoft-edge.overrideAttrs ({ installPhase ? "", ... }: { + installPhase = installPhase + '' + ln -s $out/bin/microsoft-edge $out/bin/microsoft-edge-stable + ''; + })) + # Window Manager Extras bibata-cursors brightnessctl -- 2.49.0 From 7f892fa2846c570d428896a5bcc8b7dd35a6cdb8 Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Mon, 21 Apr 2025 21:49:30 +0200 Subject: [PATCH 07/15] sisko: add cantata --- hosts/sisko/home.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/sisko/home.nix b/hosts/sisko/home.nix index 280a544..e176a74 100644 --- a/hosts/sisko/home.nix +++ b/hosts/sisko/home.nix @@ -8,6 +8,7 @@ home.packages = with pkgs; [ # GUI Applications + cantata chromium discord easyeffects -- 2.49.0 From cf6a836f800c9aa62b84642b75acd3e43ea6506c Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Sun, 8 Jun 2025 16:45:47 +0200 Subject: [PATCH 08/15] sisko: Change to NetworkManager. Add misc. packages --- hosts/sisko/configuration.nix | 24 ++++++++++++++---------- hosts/sisko/home.nix | 11 ++++++++--- 2 files changed, 22 insertions(+), 13 deletions(-) diff --git a/hosts/sisko/configuration.nix b/hosts/sisko/configuration.nix index cb8b604..dad0875 100644 --- a/hosts/sisko/configuration.nix +++ b/hosts/sisko/configuration.nix @@ -11,15 +11,16 @@ networking = { hostName = "sisko"; - defaultGateway = "192.168.10.1"; - interfaces.enp14s0 = { - ipv4 = { - addresses = [ - { address = "192.168.10.172"; prefixLength = 24; } - ]; - }; - wakeOnLan.enable = true; - }; + networkmanager.enable = true; + # defaultGateway = "192.168.10.1"; + # interfaces.enp14s0 = { + # ipv4 = { + # addresses = [ + # { address = "192.168.10.172"; prefixLength = 24; } + # ]; + # }; + # wakeOnLan.enable = true; + # }; hostId = "b716d781"; }; @@ -27,7 +28,7 @@ sops.defaultSopsFile = ../../secrets/sisko/sisko.yaml; environment.variables = { EDITOR = "vim"; }; - users.users.felixalb.extraGroups = [ "dialout" ]; + users.users.felixalb.extraGroups = [ "dialout" "networkmanager" ]; programs = { gamemode.enable = true; @@ -57,6 +58,9 @@ "steam-unwrapped" "tlclient" ]; + permittedInsecurePackages = [ + "openssl-1.1.1w" + ]; }; diff --git a/hosts/sisko/home.nix b/hosts/sisko/home.nix index e176a74..92da5d2 100644 --- a/hosts/sisko/home.nix +++ b/hosts/sisko/home.nix @@ -14,18 +14,22 @@ easyeffects element-desktop emacs-gtk - papers + feishin jellyfin-media-player kitty libreoffice mpv mumble + papers pavucontrol picard prismlauncher - swayimg + runelite spotify + swayimg thunderbird + tor-browser + unstable.bolt-launcher exiftool ghidra @@ -34,6 +38,7 @@ # Window Manager Extras bibata-cursors + cliphist hyprcursor hypridle hyprlock @@ -46,9 +51,9 @@ swaynotificationcenter waybar wl-clipboard - cliphist # Misc tools + abcde bc catimg dante -- 2.49.0 From d380110543f56ce5e3a46d2e6e2789ea538117b1 Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Sun, 8 Jun 2025 17:38:32 +0200 Subject: [PATCH 09/15] sisko: Update to nixos 25.05 --- hosts/sisko/desktop.nix | 14 +++++--------- hosts/sisko/home.nix | 2 +- 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/hosts/sisko/desktop.nix b/hosts/sisko/desktop.nix index ace17d7..0048627 100644 --- a/hosts/sisko/desktop.nix +++ b/hosts/sisko/desktop.nix @@ -29,17 +29,13 @@ fonts = { fontDir.enable = true; packages = with pkgs; [ - noto-fonts - noto-fonts-emoji - noto-fonts-cjk-sans - font-awesome fira-code + font-awesome hack-font - (nerdfonts.override { - fonts = [ - "Hack" - ]; - }) + nerd-fonts.hack + noto-fonts + noto-fonts-cjk-sans + noto-fonts-emoji ]; }; diff --git a/hosts/sisko/home.nix b/hosts/sisko/home.nix index 92da5d2..c40a2a8 100644 --- a/hosts/sisko/home.nix +++ b/hosts/sisko/home.nix @@ -33,7 +33,7 @@ exiftool ghidra - pwndbg-gdb-alias + # pwndbg-gdb-alias # Broken in 25.05 snicat # Window Manager Extras -- 2.49.0 From c73d9761bc5aae96843aed61457166023c0cf6a4 Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Tue, 3 Jun 2025 22:50:52 +0200 Subject: [PATCH 10/15] defiant: temporarily move/disable backups when moving house --- hosts/defiant/configuration.nix | 2 +- hosts/defiant/filesystems.nix | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/hosts/defiant/configuration.nix b/hosts/defiant/configuration.nix index 4ef4068..26fc578 100644 --- a/hosts/defiant/configuration.nix +++ b/hosts/defiant/configuration.nix @@ -9,7 +9,7 @@ ./hardware-configuration.nix # Infrastructure - ./backup.nix + # ./backup.nix ./libvirt.nix ./services/dyndns.nix ./services/nginx.nix diff --git a/hosts/defiant/filesystems.nix b/hosts/defiant/filesystems.nix index b031f8d..e355fe1 100644 --- a/hosts/defiant/filesystems.nix +++ b/hosts/defiant/filesystems.nix @@ -15,13 +15,15 @@ fileSystems = { "/mnt/feal-syn1/backup" = { - device = "feal-syn1.home.feal.no:/volume2/backup"; + device = "192.168.10.162:/volume2/backup"; fsType = "nfs"; options = [ "defaults" "noatime" "rw" "nfsvers=3" + "x-systemd.automount" + "noauto" ]; }; }; -- 2.49.0 From d40e8b6898f1e3691e8cdd3110ede56e852a35f4 Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Sun, 8 Jun 2025 18:19:29 +0200 Subject: [PATCH 11/15] defiant: disable some unused services --- hosts/defiant/configuration.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/hosts/defiant/configuration.nix b/hosts/defiant/configuration.nix index 26fc578..f6f8aba 100644 --- a/hosts/defiant/configuration.nix +++ b/hosts/defiant/configuration.nix @@ -18,17 +18,17 @@ ./services/wireguard.nix # Services - ./services/flame.nix + # ./services/flame.nix ./services/gitea.nix ./services/hedgedoc.nix ./services/home-assistant.nix ./services/keycloak.nix - ./services/koillection.nix + # ./services/koillection.nix ./services/matrix ./services/microbin.nix ./services/minecraft/home.nix ./services/monitoring - ./services/rtl-tcp.nix + # ./services/rtl-tcp.nix ./services/searx.nix ./services/vaultwarden.nix ]; -- 2.49.0 From 75212dc4bf724624f4efcdee7aa0d5b3ea936af7 Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Sun, 8 Jun 2025 18:19:41 +0200 Subject: [PATCH 12/15] defiant: update homeassistant --- hosts/defiant/services/home-assistant.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/defiant/services/home-assistant.nix b/hosts/defiant/services/home-assistant.nix index 8fe68ea..10dcf9c 100644 --- a/hosts/defiant/services/home-assistant.nix +++ b/hosts/defiant/services/home-assistant.nix @@ -8,7 +8,7 @@ in { virtualisation.oci-containers.containers = { homeassistant = { - image = "ghcr.io/home-assistant/home-assistant:2024.1"; + image = "ghcr.io/home-assistant/home-assistant:2025.5.3"; extraOptions = [ "--network=host" "--device=/dev/ttyUSB0" # Sonoff Zigbee 3.0 USB -- 2.49.0 From 3f814a9d5009755ba75da48565c9497c6a7c6fae Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Sun, 8 Jun 2025 18:26:55 +0200 Subject: [PATCH 13/15] challenger/jellyfin: fix GPU access, remove DeviceAllow --- hosts/challenger/services/jellyfin.nix | 4 ---- 1 file changed, 4 deletions(-) diff --git a/hosts/challenger/services/jellyfin.nix b/hosts/challenger/services/jellyfin.nix index 749cdd1..257f65e 100644 --- a/hosts/challenger/services/jellyfin.nix +++ b/hosts/challenger/services/jellyfin.nix @@ -6,10 +6,6 @@ users.users.${config.services.jellyfin.user}.extraGroups = [ "video" "render" ]; - systemd.services.jellyfin.serviceConfig = { - DeviceAllow = lib.mkForce [ "/dev/dri/card0" "/dev/dri/card1" ]; - }; - services.nginx.virtualHosts."jellyfin.home.feal.no" = { serverAliases = [ "jf.feal.no" ]; locations = { -- 2.49.0 From c4ea7efc9c0935b1b2a78386c9357592870586ae Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Sun, 8 Jun 2025 22:00:06 +0200 Subject: [PATCH 14/15] challenger: update to nixos 25.05. Update to nextcloud 31 --- hosts/challenger/configuration.nix | 2 ++ hosts/challenger/services/komga.nix | 8 +++++--- hosts/challenger/services/nextcloud.nix | 6 ++++-- 3 files changed, 11 insertions(+), 5 deletions(-) diff --git a/hosts/challenger/configuration.nix b/hosts/challenger/configuration.nix index 093505b..79e8bd5 100644 --- a/hosts/challenger/configuration.nix +++ b/hosts/challenger/configuration.nix @@ -45,6 +45,8 @@ virtualisation.docker.enable = true; virtualisation.oci-containers.backend = "docker"; + security.polkit.enable = true; # Required for nextcloud + nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "nvidia-x11" "nvidia-settings" diff --git a/hosts/challenger/services/komga.nix b/hosts/challenger/services/komga.nix index 4426ef9..ec086c4 100644 --- a/hosts/challenger/services/komga.nix +++ b/hosts/challenger/services/komga.nix @@ -1,16 +1,18 @@ { config, lib, pkgs, ... }: let domain = "komga.home.feal.no"; - cfg = config.services.komga; + port = 5001; in { services.komga = { enable = true; stateDir = "/tank/media/komga"; - port = 5001; + settings.server = { + inherit port; + }; }; services.nginx.virtualHosts.${domain} = { - locations."/".proxyPass = "http://127.0.0.1:${toString cfg.port}"; + locations."/".proxyPass = "http://127.0.0.1:${toString port}"; extraConfig = '' client_max_body_size 512M; diff --git a/hosts/challenger/services/nextcloud.nix b/hosts/challenger/services/nextcloud.nix index 7128455..f510638 100644 --- a/hosts/challenger/services/nextcloud.nix +++ b/hosts/challenger/services/nextcloud.nix @@ -5,7 +5,7 @@ let in { services.nextcloud = { enable = true; - package = pkgs.nextcloud30; + package = pkgs.nextcloud31; inherit hostName; home = "/tank/nextcloud"; https = true; @@ -46,7 +46,9 @@ in { oidc_login_filter_allowed_values = [ "nextcloud-user" ]; oidc_login_disable_registration = false; - "memories.exiftool" = "${cfg.home}/store-apps/memories/bin-ext/exiftool-amd64-glibc"; + "memories.exiftool" = pkgs.writeShellScript "exiftool-perl" '' + ${lib.getExe pkgs.perl} ${cfg.home}/store-apps/memories/bin-ext/exiftool/exiftool "$@" + ''; "memories.exiftool_no_local" = false; "memories.vod.disable" = false; "memories.vod.ffmpeg" = "${lib.getExe pkgs.ffmpeg-headless}"; -- 2.49.0 From f72393cc25119f503830ce2d7b6d333b71fab92b Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Sun, 8 Jun 2025 22:07:28 +0200 Subject: [PATCH 15/15] defiant: re-enable backups --- hosts/defiant/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/defiant/configuration.nix b/hosts/defiant/configuration.nix index f6f8aba..c282d69 100644 --- a/hosts/defiant/configuration.nix +++ b/hosts/defiant/configuration.nix @@ -9,7 +9,7 @@ ./hardware-configuration.nix # Infrastructure - # ./backup.nix + ./backup.nix ./libvirt.nix ./services/dyndns.nix ./services/nginx.nix -- 2.49.0