fi/nix-infra
1
1
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Compare commits

base: fi:34725c3aebc4da3820d070e9c096cfad75bcca7f
Branches Tags
fi:main
fi:ikiwiki
fi:mas
...
compare: fi:74c12e9658bd456aa0a411653e07c01ee8ffc798
Branches Tags
fi:main
fi:ikiwiki
fi:mas

4 commits
34725c3aeb ... 74c12e9658

Author SHA1 Message Date
fi 74c12e9658 Update module options to be compatible with nixpkgs 24.11 2024-12-01 17:46:15 +01:00
fi c973f90cb7 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/a8efa95d1333890ed4ae98f5d111bb06a6d65f75?narHash=sha256-gdO2r0%2BfFU%2B/1lMvMXrtzbpQQVn72KLu5L9trMze/OY%3D' (2024-11-30)
  → 'github:NixOS/nixpkgs/809802e9ab4b56e7a3db576832e95e3f7b74781a?narHash=sha256-RvyWCxT6O9ugSqSXHAMaFTIZtKS7SBHdUHKLoPW1/xg%3D' (2024-11-30)
• Updated input 'nixpkgs-master':
    'github:NixOS/nixpkgs/5054b0739dea9b00d382b4ba38314df10bb398d4?narHash=sha256-AXsoqwHW7O8RXDednxutMFLgQhYgjrBWU1rRM/Y3Ywc%3D' (2024-11-30)
  → 'github:NixOS/nixpkgs/33b9d57c656e65a9c88c5f34e4eb00b83e2b0ca9?narHash=sha256-9Vvu3a1ep1LB6F/kVE2hHH2HQzhSFtUyJYiJRkUkC4Q%3D' (2024-11-30)
 2024-11-30 21:15:53 +01:00
fi c750f33102 Set nixpkgs to 24.11 2024-11-30 21:14:49 +01:00
fi 73fbb13159 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/3280fdde8c8f0276c9f5286ad5c0f433dfa5d56c?narHash=sha256-5IgpueM8SGLOadzUJK6Gk37zEBXGd56BkNOtoWmnZos%3D' (2024-11-21)
  → 'github:nix-community/nixos-generators/098e8b6ff72c86944a8d54b64ddd7b7e6635830a?narHash=sha256-/MNhZLR0eh9z/d3l%2Bammq%2BF5XxHln0RHgO4Bhtjr0IM%3D' (2024-11-25)
• Updated input 'nixos-generators/nixlib':
    'github:nix-community/nixpkgs.lib/b9f04e3cf71c23bea21d2768051e6b3068d44734?narHash=sha256-yhEMW4MBi%2BIAyEJyiKbnFvY1uARyMKJpLUhkczI49wk%3D' (2024-11-17)
  → 'github:nix-community/nixpkgs.lib/87b6978992e2eb605732fba842cad0a7e14b2047?narHash=sha256-/hxIKRTBsdrnudJWDGaBN8wIjHovqVAVxXdi8ByVtck%3D' (2024-11-24)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/df94f897ffe1af1bcd60cb68697c5d8e6431346e?narHash=sha256-aspop5sCDNpDMS23BplGFtQDadwkSb/sOxpuC3lafvo%3D' (2024-11-22)
  → 'github:NixOS/nixpkgs/a8efa95d1333890ed4ae98f5d111bb06a6d65f75?narHash=sha256-gdO2r0%2BfFU%2B/1lMvMXrtzbpQQVn72KLu5L9trMze/OY%3D' (2024-11-30)
• Updated input 'nixpkgs-master':
    'github:NixOS/nixpkgs/4a58b6f6b83d29354def3125c45530d7e1bda0fd?narHash=sha256-1wRCB9ZbD%2B9fQ/JL2nllb4vH6J3ojSHew6FazRPjqqc%3D' (2024-11-24)
  → 'github:NixOS/nixpkgs/5054b0739dea9b00d382b4ba38314df10bb398d4?narHash=sha256-AXsoqwHW7O8RXDednxutMFLgQhYgjrBWU1rRM/Y3Ywc%3D' (2024-11-30)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/2570b87e71ea16daadf0a93f1eae2d3ad4478a94?narHash=sha256-yXqgr%2BGiC/RBr8n/6Bn9eRagitXbKXNcoSaZUCovuwI%3D' (2024-11-24)
  → 'github:NixOS/nixpkgs/57feb2a16f705eeffb075888d92a986e66473012?narHash=sha256-ndq0dD5E6FkqwmNYFS1wUAHa/5HixS3jLjulogM%2B7/E%3D' (2024-11-30)
 2024-11-30 20:43:41 +01:00
10 changed files with 64 additions and 72 deletions
Show stats Expand all files Collapse all files

2
config/hosts/forgejo/forgejo.nix
View file

@ -3,7 +3,6 @@
services.forgejo = { services.forgejo = {
enable = true; enable = true;
database.type = "postgres"; database.type = "postgres";
mailerPasswordFile = "/secrets/forgejo-mailer-password.secret";
settings = { settings = {
DEFAULT = { DEFAULT = {
@ -60,5 +59,6 @@
HOST = "redis+socket:///run/redis-forgejo/redis.sock"; HOST = "redis+socket:///run/redis-forgejo/redis.sock";
}; };
}; };
secrets.mailer.PASSWD = "/secrets/forgejo-mailer-password.secret";
}; };
} }

8
config/hosts/keycloak/keycloak.nix
View file

@ -3,10 +3,10 @@
services.keycloak = { services.keycloak = {
enable = true; enable = true;
settings = { settings = {
hostname = "id.nekover.se"; hostname = "https://id.nekover.se";
hostname-admin = "keycloak-admin.nekover.se"; hostname-admin = "https://keycloak-admin.nekover.se";
hostname-strict-backchannel = true; proxy-headers = "forwarded";
proxy = "edge"; http-enabled = true;
http-host = "127.0.0.1"; http-host = "127.0.0.1";
http-port = 8080; http-port = 8080;
}; };

10
config/hosts/mail-1/configuration.nix
View file

@ -15,28 +15,20 @@
]; ];
routes = [ routes = [
{ {
routeConfig = {
Gateway = "10.202.41.1"; Gateway = "10.202.41.1";
Destination = "10.201.0.0/16"; Destination = "10.201.0.0/16";
};
} }
{ {
routeConfig = {
Gateway = "10.202.41.1"; Gateway = "10.202.41.1";
Destination = "10.202.0.0/16"; Destination = "10.202.0.0/16";
};
} }
{ {
routeConfig = {
Gateway = "10.202.41.1"; Gateway = "10.202.41.1";
Destination = "172.21.87.0/24"; Destination = "172.21.87.0/24";
};
} }
{ {
routeConfig = {
Gateway = "10.202.41.1"; Gateway = "10.202.41.1";
Destination = "212.53.203.19/32"; Destination = "212.53.203.19/32";
};
} }
]; ];
linkConfig.RequiredForOnline = "routable"; linkConfig.RequiredForOnline = "routable";
@ -62,13 +54,11 @@
PrivateKeyFile = "/secrets/wireguard-mail-1-wg0-privatekey.secret"; PrivateKeyFile = "/secrets/wireguard-mail-1-wg0-privatekey.secret";
}; };
wireguardPeers = [{ wireguardPeers = [{
wireguardPeerConfig = {
PublicKey = "ik480irMZtGBs1AFpf1KGzDBekjdziD3ck7XK8r1WXQ="; PublicKey = "ik480irMZtGBs1AFpf1KGzDBekjdziD3ck7XK8r1WXQ=";
PresharedKeyFile = "/secrets/wireguard-valkyrie-mail-1-mail-1-psk.secret"; PresharedKeyFile = "/secrets/wireguard-valkyrie-mail-1-mail-1-psk.secret";
Endpoint = "212.53.203.19:51822"; Endpoint = "212.53.203.19:51822";
AllowedIPs = [ "0.0.0.0/0" ]; AllowedIPs = [ "0.0.0.0/0" ];
PersistentKeepalive = 25; PersistentKeepalive = 25;
};
}]; }];
}; };
}; };

10
config/hosts/mail-2/configuration.nix
View file

@ -15,28 +15,20 @@
]; ];
routes = [ routes = [
{ {
routeConfig = {
Gateway = "10.201.41.1"; Gateway = "10.201.41.1";
Destination = "10.201.0.0/16"; Destination = "10.201.0.0/16";
};
} }
{ {
routeConfig = {
Gateway = "10.201.41.1"; Gateway = "10.201.41.1";
Destination = "10.202.0.0/16"; Destination = "10.202.0.0/16";
};
} }
{ {
routeConfig = {
Gateway = "10.201.41.1"; Gateway = "10.201.41.1";
Destination = "172.21.87.0/24"; Destination = "172.21.87.0/24";
};
} }
{ {
routeConfig = {
Gateway = "10.201.41.1"; Gateway = "10.201.41.1";
Destination = "217.160.117.160/32"; Destination = "217.160.117.160/32";
};
} }
]; ];
linkConfig.RequiredForOnline = "routable"; linkConfig.RequiredForOnline = "routable";
@ -62,13 +54,11 @@
PrivateKeyFile = "/secrets/wireguard-mail-2-wg0-privatekey.secret"; PrivateKeyFile = "/secrets/wireguard-mail-2-wg0-privatekey.secret";
}; };
wireguardPeers = [{ wireguardPeers = [{
wireguardPeerConfig = {
PublicKey = "Nnf7x+Yd+l8ZkK2BTq1lK3iiTYgdrgL9PQ/je8smug4="; PublicKey = "Nnf7x+Yd+l8ZkK2BTq1lK3iiTYgdrgL9PQ/je8smug4=";
PresharedKeyFile = "/secrets/wireguard-lifeline-mail-2-mail-2-psk.secret"; PresharedKeyFile = "/secrets/wireguard-lifeline-mail-2-mail-2-psk.secret";
Endpoint = "217.160.117.160:51820"; Endpoint = "217.160.117.160:51820";
AllowedIPs = [ "0.0.0.0/0" ]; AllowedIPs = [ "0.0.0.0/0" ];
PersistentKeepalive = 25; PersistentKeepalive = 25;
};
}]; }];
}; };
}; };

2
config/hosts/nextcloud/nextcloud.nix
View file

@ -2,7 +2,7 @@
{ {
services.nextcloud = { services.nextcloud = {
enable = true; enable = true;
package = pkgs.nextcloud29; package = pkgs.nextcloud30;
hostName = "cloud.nekover.se"; hostName = "cloud.nekover.se";
https = true; https = true;
config = { config = {

2
config/hosts/torrent/configuration.nix
View file

@ -25,5 +25,5 @@
}; };
}; };
system.stateVersion = "23.11"; system.stateVersion = "24.11";
} }

15
config/hosts/torrent/sonarr.nix
View file

@ -1,8 +1,19 @@
{ nixpkgs-unstable, ... }: { ... }:
{ {
# The sonarr package is dependend on .NET 6 which is marked as insecure.
# It doesn't seem to build with the later .NET versions.
# In the meantime allow the installation of these insecure packages since sonarr is only reachable locally.
nixpkgs.config = {
permittedInsecurePackages = [
"aspnetcore-runtime-wrapped-6.0.36"
"aspnetcore-runtime-6.0.36"
"dotnet-sdk-wrapped-6.0.428"
"dotnet-sdk-6.0.428"
];
};
services.sonarr = { services.sonarr = {
enable = true; enable = true;
package = nixpkgs-unstable.legacyPackages."x86_64-linux".sonarr;
user = "torrent"; user = "torrent";
group = "torrent"; group = "torrent";
}; };

32
flake.lock
View file

@ -34,11 +34,11 @@
}, },
"nixlib": { "nixlib": {
"locked": { "locked": {
"lastModified": 1731805462, "lastModified": 1732410305,
"narHash": "sha256-yhEMW4MBi+IAyEJyiKbnFvY1uARyMKJpLUhkczI49wk=", "narHash": "sha256-/hxIKRTBsdrnudJWDGaBN8wIjHovqVAVxXdi8ByVtck=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixpkgs.lib", "repo": "nixpkgs.lib",
"rev": "b9f04e3cf71c23bea21d2768051e6b3068d44734", "rev": "87b6978992e2eb605732fba842cad0a7e14b2047",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -55,11 +55,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1732151224, "lastModified": 1732496924,
"narHash": "sha256-5IgpueM8SGLOadzUJK6Gk37zEBXGd56BkNOtoWmnZos=", "narHash": "sha256-/MNhZLR0eh9z/d3l+ammq+F5XxHln0RHgO4Bhtjr0IM=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixos-generators", "repo": "nixos-generators",
"rev": "3280fdde8c8f0276c9f5286ad5c0f433dfa5d56c", "rev": "098e8b6ff72c86944a8d54b64ddd7b7e6635830a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -70,16 +70,16 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1732244845, "lastModified": 1732954812,
"narHash": "sha256-aspop5sCDNpDMS23BplGFtQDadwkSb/sOxpuC3lafvo=", "narHash": "sha256-RvyWCxT6O9ugSqSXHAMaFTIZtKS7SBHdUHKLoPW1/xg=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "df94f897ffe1af1bcd60cb68697c5d8e6431346e", "rev": "809802e9ab4b56e7a3db576832e95e3f7b74781a",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-24.05-small", "ref": "nixos-24.11-small",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
@ -101,11 +101,11 @@
}, },
"nixpkgs-master": { "nixpkgs-master": {
"locked": { "locked": {
"lastModified": 1732479666, "lastModified": 1732997066,
"narHash": "sha256-1wRCB9ZbD+9fQ/JL2nllb4vH6J3ojSHew6FazRPjqqc=", "narHash": "sha256-9Vvu3a1ep1LB6F/kVE2hHH2HQzhSFtUyJYiJRkUkC4Q=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "4a58b6f6b83d29354def3125c45530d7e1bda0fd", "rev": "33b9d57c656e65a9c88c5f34e4eb00b83e2b0ca9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -117,11 +117,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1732446744, "lastModified": 1732951447,
"narHash": "sha256-yXqgr+GiC/RBr8n/6Bn9eRagitXbKXNcoSaZUCovuwI=", "narHash": "sha256-ndq0dD5E6FkqwmNYFS1wUAHa/5HixS3jLjulogM+7/E=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "2570b87e71ea16daadf0a93f1eae2d3ad4478a94", "rev": "57feb2a16f705eeffb075888d92a986e66473012",
"type": "github" "type": "github"
}, },
"original": { "original": {

2
flake.nix
View file

@ -1,6 +1,6 @@
{ {
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05-small"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11-small";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small";
nixpkgs-master.url = "github:NixOS/nixpkgs/master"; nixpkgs-master.url = "github:NixOS/nixpkgs/master";
nixos-generators = { nixos-generators = {

1
hosts.nix
View file

@ -92,6 +92,7 @@ in
environment = "proxmox"; environment = "proxmox";
}; };
torrent = { torrent = {
hostNixpkgs = nixpkgs-unstable;
site = "vs"; site = "vs";
environment = "proxmox"; environment = "proxmox";
}; };