updates

2024-06-01 18:00:41 +02:00 · 2024-06-01 18:00:41 +02:00 · 598a5a5e65
parent 4fe990f884
commit 598a5a5e65
8 changed files with 308 additions and 378 deletions
--- a/flake.lock
+++ b/flake.lock
--- a/flake.nix
+++ b/flake.nix
@ -72,7 +72,7 @@
      pkgs = import nixpkgs {
        inherit system;
        config.allowUnfree = true;
-        overlays = [ (import ./nixos/pkgs) vault-secrets.overlay nur.overlay ];
+        overlays = [ (import ./nixos/pkgs) vault-secrets.overlays.default nur.overlay ];
      };

      pkgs_stable = import nixpkgs_stable {
@ -148,9 +148,7 @@
          cachix
          deadnix
          statix
-          nixfmt
          nixpkgs-fmt
-          nixUnstable
          nil
          vault
          yamllint
--- a/nixos/common/default.nix
+++ b/nixos/common/default.nix
@ -43,7 +43,7 @@
  nix = {
    registry.nixpkgs.flake = inputs.nixpkgs;
    nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
-    package = pkgs.nixUnstable;
+    # package = pkgs.nixUnstable;
    settings = {
      auto-optimise-store = true;
      trusted-users = [ "root" "vivian" ];
--- a/nixos/common/modules/dns.nix
+++ b/nixos/common/modules/dns.nix
@ -37,7 +37,7 @@ in {
    };

    mode = mkOption {
-      type = enum [ "server" "laptop" ];
+      type = types.enum [ "server" "laptop" ];
      default = "laptop";
      description = ''
        Whether to configure the DNS in server mode (listen on all interfaces) or laptop mode (just on localhost)
--- a/nixos/hosts/hades/lucy/configuration.nix
+++ b/nixos/hosts/hades/lucy/configuration.nix
@ -3,28 +3,6 @@
 # and in the NixOS manual (accessible by running `nixos-help`).

 { pkgs, ... }:
-# let
-# Redefining the package instead of overriding as overriding GoModules seems broken
-# see: https://github.com/NixOS/nixpkgs/issues/86349
-# _nuclei-latest = pkgs.buildGoModule rec {
-#   pname = "nuclei";
-#   version = "2.9.2";
-#
-#   src = pkgs.fetchFromGitHub {
-#     owner = "projectdiscovery";
-#     repo = pname;
-#     rev = "1f9a065713924b28b203e2108fc76d7a1ec49068";
-#     hash = "sha256-QiegMoBy0gZMyQl2MRAwR14zXeh8wvVonyETdAzHbj0=";
-#   };
-#
-#   vendorHash = "sha256-0JNwoBqLKH1F/0Tr8o35gCSNT/2plIjIQvZRuzAZ5P8=";
-#
-#   modRoot = "./v2";
-#   subPackages = [ "cmd/nuclei/" ];
-#
-#   doCheck = false;
-# };
-# in {
 {
  imports = [ ./hardware-configuration.nix ];

@ -37,9 +15,13 @@
  system.stateVersion = "23.05"; # Did you read the comment?

  # Additional packages
-  environment.systemPackages = with pkgs; [ jq wget jre8 ];
-  boot.loader = {
+  environment.systemPackages = with pkgs; [
+    jq
+    wget
+    jdk17
+  ];

+  boot.loader = {
    systemd-boot.enable = true;
    efi.canTouchEfiVariables = true;
    efi.efiSysMountPoint = "/boot";
@ -49,28 +31,25 @@
    enable = true;
    allowedTCPPorts = [ 25565 ];
  };
+
  users = {
+    groups.mc = { };
+    groups.users = { };
    extraUsers = {
-
      laura.extraGroups = [ "wheel" ];
-      vivian.extraGroups = [ "wheel" ];
-
-      julia = {
+      vivian.extraGroups = [
+        "wheel"
+        "mc"
+      ];
+      julius = {
        isNormalUser = true;
-        shell = pkgs.zsh;
-
+        group = "users";
+        extraGroups = [ "wheel" ];
        openssh.authorizedKeys.keys = [
-          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKTvqk+CJG4VwN8wg3H1ZdbUVj1JuX7RYKH1ewRKfCPv julia@juliadijkstraarch"
-          # Below is Evelyn's keys
-          "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDnZSVdqSybDwVooSZ+SGFM0YNu15sO/jgVqCBGDm33wj0fML5T4oviUrY6yABh+eAgy/NAztgM7+6L8Hlze5DBeMwNAvj9gr9QSzUetW0iqCscZJ8dDbW30O9449gw2JY/XZzcFMZAP5QEQGEgG/6QQ3yRwA3DMCsGhQQ37l/aS+RsKYq3ZSN4f1nFJCrm397QB8r+bhaexufXqwumxe8rlefoUNNVnmu54FA8Pc3jSdsWT4s/3mqF6NiRa53w13SBWyS+zopCy1tTSnRszgAkldpE7Vft/QnmpFavAWHzpfArv/uFXQ3fx5Cj5t70zB6VJEtaBxhdKXeQUFBCn7fmwfjV0Un9b8jLW94uDhDD3059trhMvJvqKebuqyZe74MTZH0IC3IobpSb9fHHvxuRwUQOMkkJmjv1p2y2R6v7s2tA1sZlIEBmRDvZcKo4hPBe6q13OePV3O8KAFzCmPBIfE6kQ/nLc+3k9OjFWFTshdDXUYpSVGjNrv/IanCXbEs="
-          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA0KA0uOoLXUN4LhU7LgtSk0atWyPlEz5LA8dIXs9xTl"
-
-          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIfooZjMWXvXZu1ReOEACDZ0TMb2WJRBSOLlWE8y6fUh victor@aoife"
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAJBY9eQlR/JRnjVC2wKWQ+o02wDlGUlSgN/4e3i6ans"
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBt9ie9/XBVPnKo6wENKjEd32hhPqjiQFnn+okXZ0LRT"
        ];
-
-        extraGroups = [ "mc" "wheel" ];
      };
    };
-    groups.mc = { };
  };
 }
--- a/nixos/hosts/hades/storage/fs.nix
+++ b/nixos/hosts/hades/storage/fs.nix
@ -9,36 +9,43 @@
    "/mnt/disk1" = {
      fsType = "ext4";
      device = "/dev/disk/by-partuuid/abbfc440-fb3d-4b33-92cb-948b2deeac53";
+      options = [ "nofail" ];
    };

    "/mnt/disk2" = {
      fsType = "ext4";
      device = "/dev/disk/by-partuuid/3a57ffa8-8a0f-4839-81df-7f34d99e9dbc";
+      options = [ "nofail" ];
    };

    "/mnt/disk3" = {
      fsType = "ext4";
      device = "/dev/disk/by-partuuid/0f72c5f8-b7db-4151-83f0-47e5f703aeb1";
+      options = [ "nofail" ];
    };

    "/mnt/disk4" = {
      fsType = "ext4";
      device = "/dev/disk/by-partuuid/b9c72b41-1538-436e-a595-49d1faa5ed01";
+      options = [ "nofail" ];
    };

    "/mnt/disk5" = {
      fsType = "ext4";
      device = "/dev/disk/by-partuuid/928d0200-eca1-4a69-b2d6-fbd23a5ee8cd";
+      options = [ "nofail" ];
    };

    "/mnt/disk6" = {
      fsType = "ext4";
      device = "/dev/disk/by-uuid/63381321-fe00-4838-8668-4d1decc94296";
+      options = [ "nofail" ];
    };

    "/mnt/disk7" = {
      fsType = "ext4";
      device = "/dev/disk/by-uuid/6c568887-9d2e-45ce-ab85-4c48cca2226a";
+      options = [ "nofail" ];
    };

    # "/mnt/disk8" = {
@ -49,11 +56,13 @@
    "/mnt/parity1" = {
      fsType = "ext4";
      device = "/dev/disk/by-partuuid/7c9b88ed-b8f8-40c9-bbc3-b75d30e04e01";
+      options = [ "nofail" ];
    };

    "/mnt/parity2" = {
      fsType = "ext4";
      device = "/dev/disk/by-partuuid/5d2d7e3e-3730-4d9b-8759-dc14396f3357";
+      options = [ "nofail" ];
    };

    "/mnt/storage" = {
--- a/nixos/hosts/olympus/ci/configuration.nix
+++ b/nixos/hosts/olympus/ci/configuration.nix
@ -61,7 +61,7 @@ in {
        gitMinimal
        gnused
        jq
-        nixUnstable
+        nix
        nodejs
        statix
        vault
--- a/nixos/hosts/olympus/gitea/configuration.nix
+++ b/nixos/hosts/olympus/gitea/configuration.nix
@ -59,7 +59,7 @@ in
          "REPO_INDEXER_EXCLUDE" = "node_modules/**";
        };
        ui = {
-          "THEMES" = "forgejo-auto,forgejo-light,forgejo-dark,auto,gitea,arc-green,agatheme";
+          "THEMES" = "forgejo-auto,forgejo-light,forgejo-dark,auto,gitea,arc-green";
          "DEFAULT_THEME" = "forgejo-auto";
          "USE_SERVICE_WORKER" = true;
        };
@ -96,10 +96,10 @@ in
    group = "gitea";
  };

-  system.activationScripts.gitea-theme =
-    let target_dir = "${config.services.gitea.stateDir}/custom/public/css/";
-    in lib.stringAfter [ "var" ] ''
-      mkdir -p ${target_dir}
-      ln -sf ${pkgs.v.gitea-agatheme} "${target_dir}/theme-agatheme.css"
-    '';
+  # system.activationScripts.gitea-theme =
+  #   let target_dir = "${config.services.gitea.stateDir}/custom/public/css/";
+  #   in lib.stringAfter [ "var" ] ''
+  #     mkdir -p ${target_dir}
+  #     ln -sf ${pkgs.v.gitea-agatheme} "${target_dir}/theme-agatheme.css"
+  #   '';
 }