JakeHillion/nixos
1
0
Fork 0
Code Issues 7 Pull Requests 5 Actions Packages Projects Releases Wiki Activity

flake: update to nixpkgs 2311
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Jake Hillion 2024-02-04 11:29:07 +01:00
parent fc599096b4
commit d7398e38df
8 changed files with 44 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
flake.lock
View File

@ -91,27 +91,27 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1702195668, "lastModified": 1706981411,
"narHash": "sha256-Lxmjez0nfNBptdqV5GsXKm7Bb7swjGsrxiLxWJu0tL8=", "narHash": "sha256-cLbLPTL1CDmETVh4p0nQtvoF+FSEjsnJTFpTxhXywhQ=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "33110fb3c7fe6a94b98b641866a5eddb64b7c23f", "rev": "652fda4ca6dafeb090943422c34ae9145787af37",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "release-23.05", "ref": "release-23.11",
"repo": "home-manager", "repo": "home-manager",
"type": "github" "type": "github"
} }
}, },
"impermanence": { "impermanence": {
"locked": { "locked": {
"lastModified": 1703656108, "lastModified": 1706639736,
"narHash": "sha256-hCSUqdFJKHHbER8Cenf5JRzjMlBjIdwdftGQsO0xoJs=", "narHash": "sha256-CaG4j9+UwBDfinxxvJMo6yOonSmSo0ZgnbD7aj2Put0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "impermanence", "repo": "impermanence",
"rev": "033643a45a4a920660ef91caa391fbffb14da466", "rev": "cd13c2917eaa68e4c49fea0ff9cada45440d7045",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -123,27 +123,27 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1704290814, "lastModified": 1707347730,
"narHash": "sha256-LWvKHp7kGxk/GEtlrGYV68qIvPHkU9iToomNFGagixU=", "narHash": "sha256-0etC/exQIaqC9vliKhc3eZE2Mm2wgLa0tj93ZF/egvM=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421", "rev": "6832d0d99649db3d65a0e15fa51471537b2c56a6",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "nixos",
"ref": "nixos-23.05", "ref": "nixos-23.11",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1705316053, "lastModified": 1707268954,
"narHash": "sha256-J2Ey5mPFT8gdfL2XC0JTZvKaBw/b2pnyudEXFvl+dQM=", "narHash": "sha256-2en1kvde3cJVc3ZnTy8QeD2oKcseLFjYPLKhIGDanQ0=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "c3e128f3c0ecc1fb04aef9f72b3dcc2f6cecf370", "rev": "f8e2ebd66d097614d51a56a755450d4ae1632df1",
"type": "github" "type": "github"
}, },
"original": { "original": {

4
flake.nix
View File

@ -1,6 +1,6 @@
{ {
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05"; nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
flake-utils.url = "github:numtide/flake-utils"; flake-utils.url = "github:numtide/flake-utils";
@ -8,7 +8,7 @@
agenix.url = "github:ryantm/agenix"; agenix.url = "github:ryantm/agenix";
agenix.inputs.nixpkgs.follows = "nixpkgs"; agenix.inputs.nixpkgs.follows = "nixpkgs";
home-manager.url = "github:nix-community/home-manager/release-23.05"; home-manager.url = "github:nix-community/home-manager/release-23.11";
home-manager.inputs.nixpkgs.follows = "nixpkgs"; home-manager.inputs.nixpkgs.follows = "nixpkgs";
impermanence.url = "github:nix-community/impermanence/master"; impermanence.url = "github:nix-community/impermanence/master";

17
hosts/router.home.ts.hillion.co.uk/default.nix
View File

@ -254,7 +254,6 @@
## Netdata ## Netdata
services.netdata = { services.netdata = {
enable = true; enable = true;
group = "caddy";
config = { config = {
web = { web = {
"bind to" = "unix:/run/netdata/netdata.sock"; "bind to" = "unix:/run/netdata/netdata.sock";
@ -268,11 +267,17 @@
extraConfig = "reverse_proxy unix///run/netdata/netdata.sock"; extraConfig = "reverse_proxy unix///run/netdata/netdata.sock";
}; };
}; };
users.users.caddy.extraGroups = [ "netdata" ];
### HACK: caddy needs tailscale to be up so allow it to restart on failure ### HACK: Allow Caddy to restart if it fails. This happens because Tailscale
systemd.services.caddy.serviceConfig = { ### is too late at starting. Upstream nixos caddy does restart on failure
Restart = lib.mkForce "on-failure"; ### but it's prevented on exit code 1. Set the exit code to 0 (non-failure)
RestartSec = 15; ### to override this.
systemd.services.caddy = {
requires = [ "tailscaled.service" ];
after = [ "tailscaled.service" ];
serviceConfig = {
RestartPreventExitStatus = lib.mkForce 0;
};
}; };
}; };
} }

12
hosts/tywin.storage.ts.hillion.co.uk/default.nix
View File

@ -134,7 +134,17 @@
reverse_proxy http://localhost:8000 reverse_proxy http://localhost:8000
''; '';
}; };
systemd.services.caddy.requires = [ "tailscaled.service" ]; ### HACK: Allow Caddy to restart if it fails. This happens because Tailscale
### is too late at starting. Upstream nixos caddy does restart on failure
### but it's prevented on exit code 1. Set the exit code to 0 (non-failure)
### to override this.
systemd.services.caddy = {
requires = [ "tailscaled.service" ];
after = [ "tailscaled.service" ];
serviceConfig = {
RestartPreventExitStatus = lib.mkForce 0;
};
};
services.restic.backups."prune-128G" = { services.restic.backups."prune-128G" = {
repository = "/data/backups/restic/128G"; repository = "/data/backups/restic/128G";

2
modules/common/hostinfo.nix
View File

@ -17,7 +17,7 @@ in
script = "${pkgs.writers.writePerl "hostinfo" { script = "${pkgs.writers.writePerl "hostinfo" {
libraries = with pkgs; [ libraries = with pkgs; [
perl536Packages.HTTPDaemon perlPackages.HTTPDaemon
]; ];
} '' } ''
use v5.10; use v5.10;

2
modules/impermanence.nix
View File

@ -59,6 +59,8 @@ in
name = x; name = x;
value = { value = {
home.persistence."/data/users/${x}" = { home.persistence."/data/users/${x}" = {
allowOther = false;
files = [ files = [
".zsh_history" ".zsh_history"
] ++ cfg.userExtraFiles.${x} or [ ]; ] ++ cfg.userExtraFiles.${x} or [ ];

2
modules/services/mastodon/default.nix
View File

@ -54,6 +54,8 @@ in
extraConfig = { extraConfig = {
EMAIL_DOMAIN_WHITELIST = "hillion.co.uk"; EMAIL_DOMAIN_WHITELIST = "hillion.co.uk";
}; };
streamingProcesses = 9;
}; };
caddy = { caddy = {

2
modules/users.nix
View File

@ -16,6 +16,6 @@ in
config = lib.mkIf cfg.jake.password { config = lib.mkIf cfg.jake.password {
age.secrets."passwords/jake".file = ../secrets/passwords/jake.age; age.secrets."passwords/jake".file = ../secrets/passwords/jake.age;
users.users.jake.passwordFile = config.age.secrets."passwords/jake".path; users.users.jake.hashedPasswordFile = config.age.secrets."passwords/jake".path;
}; };
} }