diff --git a/flake.lock b/flake.lock index fcc0c9e..7f77b17 100644 --- a/flake.lock +++ b/flake.lock @@ -50,11 +50,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1685309025, - "narHash": "sha256-pZxMM3AMP/ojwhrFD0A2ML4NOgehlBLGHseInnO5evc=", + "lastModified": 1686620679, + "narHash": "sha256-Ck/r3f+W9mOn3cHn5ii/fogBiJtosFnDaOQveaJ0zVU=", "owner": "zhaofengli", "repo": "attic", - "rev": "b1fb790b5f2afaaa1b2f7f18979b8318abe604bb", + "rev": "4fedffe6a1020edfcfa7bef18d21321d4983b3a7", "type": "github" }, "original": { @@ -175,39 +175,6 @@ } }, "crane_2": { - "inputs": { - "flake-compat": [ - "lanzaboote", - "flake-compat" - ], - "flake-utils": [ - "lanzaboote", - "flake-utils" - ], - "nixpkgs": [ - "lanzaboote", - "nixpkgs" - ], - "rust-overlay": [ - "lanzaboote", - "rust-overlay" - ] - }, - "locked": { - "lastModified": 1683505101, - "narHash": "sha256-VBU64Jfu2V4sUR5+tuQS9erBRAe/QEYUxdVMcJGMZZs=", - "owner": "ipetkov", - "repo": "crane", - "rev": "7b5bd9e5acb2bb0cfba2d65f34d8568a894cdb6c", - "type": "github" - }, - "original": { - "owner": "ipetkov", - "repo": "crane", - "type": "github" - } - }, - "crane_3": { "flake": false, "locked": { "lastModified": 1670284777, @@ -243,7 +210,7 @@ "inputs": { "alejandra": "alejandra", "all-cabal-json": "all-cabal-json", - "crane": "crane_3", + "crane": "crane_2", "devshell": "devshell", "flake-parts": "flake-parts_2", "flake-utils-pre-commit": "flake-utils-pre-commit", @@ -698,11 +665,11 @@ ] }, "locked": { - "lastModified": 1686391840, - "narHash": "sha256-5S0APl6Mfm6a37taHwvuf11UHnAX0+PnoWQbsYbMUnc=", + "lastModified": 1686852570, + "narHash": "sha256-Hzufya/HxjSliCwpuLJCGY0WCQajzcpsnhFGa+TCkCM=", "owner": "nix-community", "repo": "home-manager", - "rev": "0144ac418ef633bfc9dbd89b8c199ad3a617c59f", + "rev": "4e09c83255c5b23d58714d56672d3946faf1bcef", "type": "github" }, "original": { @@ -713,22 +680,20 @@ }, "lanzaboote": { "inputs": { - "crane": "crane_2", "flake-compat": "flake-compat_4", "flake-parts": "flake-parts", "flake-utils": "flake-utils_3", "nixpkgs": [ "nixpkgs" ], - "pre-commit-hooks-nix": "pre-commit-hooks-nix", - "rust-overlay": "rust-overlay_2" + "pre-commit-hooks-nix": "pre-commit-hooks-nix" }, "locked": { - "lastModified": 1686415556, - "narHash": "sha256-88nOOiLYzYGIMEiQ91DxuyUa786mqunRw6k6GipXmxg=", + "lastModified": 1686692834, + "narHash": "sha256-EFjJ/r4iYVKO+XdL15g9bzOKbCExTGeqNEVHSn0H7/E=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "9f97a908e4059221d39c7b7d0906c88b9fcc9c9b", + "rev": "823ad6b70bf09b91c3a9dd9a64678ec80ba3c1ee", "type": "github" }, "original": { @@ -893,11 +858,11 @@ ] }, "locked": { - "lastModified": 1685943944, - "narHash": "sha256-GpaQwOkvwkmSWxvWaZqbMKyyOSaBAwgdEcHCqLW/240=", + "lastModified": 1686644215, + "narHash": "sha256-FYa25w7gt8FqzWLl4UuwLLG7BiKZiAW/PFGbXWW6UAc=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "122dcc32cadf14c5015aa021fae8882c5058263a", + "rev": "f17fb67fc81a9f3b166cee711089466ba6617154", "type": "github" }, "original": { @@ -924,11 +889,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1685012353, - "narHash": "sha256-U3oOge4cHnav8OLGdRVhL45xoRj4Ppd+It6nPC9nNIU=", + "lastModified": 1686519857, + "narHash": "sha256-VkBhuq67aXXiCoEmicziuDLUPPjeOTLQoj6OeVai5zM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "aeb75dba965e790de427b73315d5addf91a54955", + "rev": "6b1b72c0f887a478a5aac355674ff6df0fc44f44", "type": "github" }, "original": { @@ -1067,22 +1032,6 @@ "type": "github" } }, - "nixpkgs_22-11": { - "locked": { - "lastModified": 1686392259, - "narHash": "sha256-hqSS9hKhWldIZr1bBp9xKhIznnGPICGKzuehd2LH0UA=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "ef24b2fa0c5f290a35064b847bc211f25cb85c88", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-22.11", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs_3": { "locked": { "lastModified": 1680668850, @@ -1101,18 +1050,17 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1686406799, - "narHash": "sha256-/MHAr6x5/DDEAWFQLgIlyFT9jCXl5O6OWCoNGmfnL3g=", - "owner": "nixos", + "lastModified": 1686718773, + "narHash": "sha256-x+4xs6+jWhFaYwt6REH7e91rm5vt2GCPEfmRdNcHyi4=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "9166729004aef4db3390d7199a45f6c7331275a2", + "rev": "ba1a6ec548000d4a50719d14e6f73f63016674d5", "type": "github" }, "original": { - "owner": "nixos", + "id": "nixpkgs", "ref": "nixos-unstable-small", - "repo": "nixpkgs", - "type": "github" + "type": "indirect" } }, "nixpkgs_5": { @@ -1193,6 +1141,21 @@ "type": "github" } }, + "nixpkgs_stable": { + "locked": { + "lastModified": 1686736559, + "narHash": "sha256-YyUSVoOKIDAscTx7IZhF9x3qgZ9dPNF19fKk+4c5irc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "ddf4688dc7aeb14e8a3c549cb6aa6337f187a884", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-23.05", + "type": "indirect" + } + }, "nixvim": { "inputs": { "beautysh": "beautysh", @@ -1201,11 +1164,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1686407073, - "narHash": "sha256-FFDLQgHsuGQJlqYs8CwDIHhRszDyX0Xb1wjbCwGQVdI=", + "lastModified": 1686822953, + "narHash": "sha256-O7famU9SxDRJqa4fob1Ja2Aclr9XqKu3k4uhpvPnZ+c=", "owner": "pta2002", "repo": "nixvim", - "rev": "a2ef858ea5599dc547011c19c40a962bc72a80e7", + "rev": "9fd431366acf7a6cb8e38c9b19a70b6376b16014", "type": "github" }, "original": { @@ -1216,11 +1179,11 @@ }, "nur": { "locked": { - "lastModified": 1686462208, - "narHash": "sha256-L58OUbCXtIzlBJ5QQBETWgPFgmekOwW99LhiyUp9Cto=", + "lastModified": 1686894171, + "narHash": "sha256-QyEdSgyOdSGM3kS6N/r+0i47VbeZI41OZik37ipkQBs=", "owner": "nix-community", "repo": "NUR", - "rev": "416eb10d0850d5041169b70e57df91206f7a613d", + "rev": "1c14e580cdf9e778d76a15ff13d6d302da628a30", "type": "github" }, "original": { @@ -1316,11 +1279,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1682596858, - "narHash": "sha256-Hf9XVpqaGqe/4oDGr30W8HlsWvJXtMsEPHDqHZA6dDg=", + "lastModified": 1684842236, + "narHash": "sha256-rYWsIXHvNhVQ15RQlBUv67W3YnM+Pd+DuXGMvCBq2IE=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "fb58866e20af98779017134319b5663b8215d912", + "rev": "61e567d6497bc9556f391faebe5e410e6623217f", "type": "github" }, "original": { @@ -1387,7 +1350,7 @@ "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_4", - "nixpkgs_22-11": "nixpkgs_22-11", + "nixpkgs_stable": "nixpkgs_stable", "nixvim": "nixvim", "nur": "nur", "riff": "riff", @@ -1457,31 +1420,6 @@ "type": "github" } }, - "rust-overlay_2": { - "inputs": { - "flake-utils": [ - "lanzaboote", - "flake-utils" - ], - "nixpkgs": [ - "lanzaboote", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1684030847, - "narHash": "sha256-z4tOxaN9Cl8C80u6wyZBpPt9A9MbL21fZ3zdB/vG+AU=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "aa1480f16bec7dda3c62b8cdb184c7e823331ba2", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, "stable": { "locked": { "lastModified": 1669735802, @@ -1611,11 +1549,11 @@ "nixpkgs": "nixpkgs_8" }, "locked": { - "lastModified": 1683797625, - "narHash": "sha256-Fgu9rxFziIJ47NiSdEUGO0PSwN9KTwW9lN0iT3uBpYI=", + "lastModified": 1686833044, + "narHash": "sha256-pl5qH72KNOgS9ivj06Nh272HTPd5cYPSL768RsYiLDg=", "owner": "serokell", "repo": "vault-secrets", - "rev": "9b23805fd05bf3b291d6f80ddfeb9a97318b6547", + "rev": "30c5b1c532d10e40c8a196995acee675d7d731f2", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 0b658d3..885e1e6 100644 --- a/flake.nix +++ b/flake.nix @@ -5,9 +5,9 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; + nixpkgs.url = "nixpkgs/nixos-unstable-small"; - nixpkgs_22-11.url = "github:nixos/nixpkgs/nixos-22.11"; + nixpkgs_stable.url = "nixpkgs/nixos-23.05"; nur.url = "github:nix-community/NUR"; @@ -46,7 +46,7 @@ attic.url = "github:zhaofengli/attic"; }; - outputs = { self, nixpkgs, nixpkgs_22-11, vault-secrets, colmena + outputs = { self, nixpkgs, nixpkgs_stable, vault-secrets, colmena , nixos-generators, nur, attic, ... }@inputs: let inherit (nixpkgs) lib; @@ -62,13 +62,13 @@ overlays = [ (import ./nixos/pkgs) vault-secrets.overlay nur.overlay ]; }; - pkgs_22-11 = import nixpkgs_22-11 { + pkgs_stable = import nixpkgs_stable { inherit system; config.allowUnfree = true; }; # Define args each module gets access to (access to hosts is useful for DNS/DHCP) - specialArgs = { inherit hosts flat_hosts inputs pkgs_22-11; }; + specialArgs = { inherit hosts flat_hosts inputs pkgs_stable; }; # Script to apply local colmena deployments apply-local = pkgs.writeShellScriptBin "apply-local" '' diff --git a/flux/olympus/apps/services/renovate/cronjob.yaml b/flux/olympus/apps/services/renovate/cronjob.yaml index f87c353..50ff8c3 100644 --- a/flux/olympus/apps/services/renovate/cronjob.yaml +++ b/flux/olympus/apps/services/renovate/cronjob.yaml @@ -19,7 +19,7 @@ spec: emptyDir: {} containers: - name: renovate - image: renovate/renovate:35.115.2 + image: renovate/renovate:35.117.3 volumeMounts: - name: config-volume mountPath: /opt/renovate/ diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 2467925..ba83fad 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -66,10 +66,6 @@ ip = "192.168.0.111"; mac = "7a:5f:9b:62:49:91"; }; - "minio" = { - ip = "192.168.0.112"; - mac = "ae:c6:94:bb:c5:d9"; - }; "cshub2" = { ip = "192.168.0.113"; mac = "26:8c:f6:f4:21:76"; diff --git a/nixos/hosts/hades/lucy/configuration.nix b/nixos/hosts/hades/lucy/configuration.nix index f776fe7..e5f1f0a 100644 --- a/nixos/hosts/hades/lucy/configuration.nix +++ b/nixos/hosts/hades/lucy/configuration.nix @@ -36,9 +36,14 @@ in { system.stateVersion = "23.05"; # Did you read the comment? # Additional packages - environment.systemPackages = with pkgs; [ gcc go jq rustup trivy nuclei-latest ]; - - networking.firewall.allowedTCPPorts = [ ]; + environment.systemPackages = with pkgs; [ + gcc + go + jq + rustup + trivy + nuclei-latest + ]; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -46,6 +51,20 @@ in { virtualisation.docker.enable = true; + services.mosquitto = { + enable = true; + listeners = [{ + acl = [ "pattern readwrite #" ]; + omitPasswordAuth = true; + settings.allow_anonymous = true; + }]; + }; + + networking.firewall = { + enable = true; + allowedTCPPorts = [ 1883 ]; + }; + users.extraUsers.laura.extraGroups = [ "wheel" "docker" ]; users.extraUsers.victor.extraGroups = [ "docker" ]; } diff --git a/nixos/hosts/hades/mastodon/configuration.nix b/nixos/hosts/hades/mastodon/configuration.nix index 4309034..34ab313 100644 --- a/nixos/hosts/hades/mastodon/configuration.nix +++ b/nixos/hosts/hades/mastodon/configuration.nix @@ -65,7 +65,7 @@ in { smtp = { createLocally = false; fromAddress = "mastodon@xirion.net"; - host = "mail.xirion.net"; + host = "mail.0x76.dev"; user = "mastodon@xirion.net"; authenticate = true; port = 587; diff --git a/nixos/hosts/hades/overseerr/overseerr.nix b/nixos/hosts/hades/overseerr/overseerr.nix index c078799..f987831 100644 --- a/nixos/hosts/hades/overseerr/overseerr.nix +++ b/nixos/hosts/hades/overseerr/overseerr.nix @@ -2,7 +2,7 @@ _: { networking.firewall.allowedTCPPorts = [ 5055 ]; # TODO: Write NixOS package https://github.com/NixOS/nixpkgs/issues/135885 virtualisation.oci-containers.containers.overseerr = { - image = "ghcr.io/sct/overseerr:1.32.5"; + image = "ghcr.io/sct/overseerr:1.33.0"; environment = { TZ = "Europe/Amsterdam"; }; ports = [ "5055:5055" ]; volumes = [ "/var/lib/overseerr/config:/app/config" ]; diff --git a/nixos/hosts/hades/unifi/configuration.nix b/nixos/hosts/hades/unifi/configuration.nix index f4c3e5f..7659d41 100644 --- a/nixos/hosts/hades/unifi/configuration.nix +++ b/nixos/hosts/hades/unifi/configuration.nix @@ -1,13 +1,13 @@ -{ pkgs, lib, ... }: { +{ pkgs, lib, pkgs_stable,... }: { system.stateVersion = "21.05"; networking.interfaces.eth0.useDHCP = true; - environment.systemPackages = [ pkgs.mongodb-4_2 ]; + environment.systemPackages = [ pkgs_stable.mongodb-4_2 ]; services.unifi = { enable = true; unifiPackage = pkgs.unifi; - mongodbPackage = pkgs.mongodb-4_2; + mongodbPackage = pkgs_stable.mongodb-4_2; openFirewall = true; }; diff --git a/nixos/hosts/olympus/mailserver/configuration.nix b/nixos/hosts/olympus/mailserver/configuration.nix index 6440344..fd6ca36 100644 --- a/nixos/hosts/olympus/mailserver/configuration.nix +++ b/nixos/hosts/olympus/mailserver/configuration.nix @@ -79,6 +79,10 @@ in { hashedPasswordFile = "${vs.mailserver}/snapraid@0x76.dev"; sendOnly = true; }; + "mastodon@xirion.net" = { + hashedPasswordFile = "${vs.mailserver}/mastodon@xirion.net"; + sendOnly = true; + }; }; indexDir = "/var/lib/dovecot/indices"; @@ -99,11 +103,12 @@ in { services.roundcube = { enable = true; - package = - pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]); + package = pkgs.roundcube.withPlugins + (plugins: [ plugins.persistent_login pkgs.v.roundcube-swipe ]); plugins = [ "archive" "managesieve" + "swipe" # "enigma" # "markasjunk" "persistent_login" @@ -117,6 +122,19 @@ in { $config['smtp_host'] = "tls://${config.mailserver.fqdn}"; $config['smtp_user'] = "%u"; $config['smtp_pass'] = "%p"; + + $config['swipe_actions'] = [ + 'messagelist' => [ + 'left' => 'archive', + 'right' => 'archive', + 'down' => 'none' + ], + 'contactlist' => [ + 'left' => 'none', + 'right' => 'none', + 'down' => 'none' + ] + ]; ''; }; diff --git a/nixos/hosts/olympus/unifi/configuration.nix b/nixos/hosts/olympus/unifi/configuration.nix index 4b1c60a..d67b079 100644 --- a/nixos/hosts/olympus/unifi/configuration.nix +++ b/nixos/hosts/olympus/unifi/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ pkgs, lib, ... }: +{ pkgs, pkgs_stable, lib, ... }: { imports = [ ]; @@ -22,7 +22,7 @@ services.unifi = { enable = true; unifiPackage = pkgs.unifi; - mongodbPackage = pkgs.mongodb-4_2; + mongodbPackage = pkgs_stable.mongodb-4_2; openFirewall = true; }; } diff --git a/nixos/pkgs/default.nix b/nixos/pkgs/default.nix index 537224d..52134ad 100644 --- a/nixos/pkgs/default.nix +++ b/nixos/pkgs/default.nix @@ -14,6 +14,8 @@ _final: prev: { dnd-5e-latex-template = prev.callPackage ./dnd-5e-latex-template { }; + roundcube-swipe = prev.callPackage ./roundcube-swipe { }; + gitea-agatheme = prev.callPackage ./gitea-agatheme { }; # nix-shell -p "(vscode-with-extensions.override {vscodeExtensions = with vscode-extensions; [ jnoortheen.nix-ide ]; })" -I nixpkgs=. diff --git a/nixos/pkgs/plex-pass/sources.json b/nixos/pkgs/plex-pass/sources.json index a0c5706..fe1232f 100644 --- a/nixos/pkgs/plex-pass/sources.json +++ b/nixos/pkgs/plex-pass/sources.json @@ -1,14 +1,14 @@ [ { - "version": "1.32.4.7164", + "version": "1.32.4.7195", "platform": "aarch64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.4.7164-1dc22f47b/debian/plexmediaserver_1.32.4.7164-1dc22f47b_arm64.deb", - "hash": "1k61rrdjlwhf14q8qdj976a53wf9f9ask0fwynldyqbvjfjgy0ws" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.4.7195-7c8f9d3b6/debian/plexmediaserver_1.32.4.7195-7c8f9d3b6_arm64.deb", + "hash": "0fqmwijyp3nkii47s9w0a23r291cbifxgip2flp49wxlr7hbrgj1" }, { - "version": "1.32.4.7164", + "version": "1.32.4.7195", "platform": "x86_64-linux", - "url": "https://downloads.plex.tv/plex-media-server-new/1.32.4.7164-1dc22f47b/debian/plexmediaserver_1.32.4.7164-1dc22f47b_amd64.deb", - "hash": "0sa537yx7gjbabmisb26yrrlg7ql124qhwlc20r5m1hbq8i1i23w" + "url": "https://downloads.plex.tv/plex-media-server-new/1.32.4.7195-7c8f9d3b6/debian/plexmediaserver_1.32.4.7195-7c8f9d3b6_amd64.deb", + "hash": "18c0wxfqrhisbrsp51hb3r95bxgi47p3ykaj146k3x2n627j2ycn" } ] diff --git a/nixos/pkgs/roundcube-swipe/default.nix b/nixos/pkgs/roundcube-swipe/default.nix new file mode 100644 index 0000000..d89003d --- /dev/null +++ b/nixos/pkgs/roundcube-swipe/default.nix @@ -0,0 +1,19 @@ +{ runCommand, fetchFromGitHub }: +let + roundcubePlugin = { pname, version, src }: + + runCommand "roundcube-plugin-swipe-${version}" { } '' + mkdir -p $out/plugins/ + cp -r ${src} $out/plugins/swipe + ''; +in roundcubePlugin rec { + pname = "roundcube-swipe"; + version = "0.5"; + + src = fetchFromGitHub { + owner = "johndoh"; + repo = pname; + rev = "de96f82183bc593d879c335e6614fa983d51abfc"; + sha256 = "sha256-vrMSvGwUzufSFDsUvUSL9JLR/+GtWdebVqgKiXMOOq4="; + }; +}