JakeHillion/nixos
1
0
Fork 0
Code Issues 7 Pull Requests 5 Actions Packages Projects Releases Wiki Activity

flake: update to nixpkgs 2311
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Jake Hillion 2024-02-04 11:29:07 +01:00
parent fc599096b4
commit d7398e38df
8 changed files with 44 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
flake.lock
View File

@ -91,27 +91,27 @@
]
},
"locked": {
"lastModified": 1702195668,
"narHash": "sha256-Lxmjez0nfNBptdqV5GsXKm7Bb7swjGsrxiLxWJu0tL8=",
"lastModified": 1706981411,
"narHash": "sha256-cLbLPTL1CDmETVh4p0nQtvoF+FSEjsnJTFpTxhXywhQ=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "33110fb3c7fe6a94b98b641866a5eddb64b7c23f",
"rev": "652fda4ca6dafeb090943422c34ae9145787af37",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-23.05",
"ref": "release-23.11",
"repo": "home-manager",
"type": "github"
}
},
"impermanence": {
"locked": {
"lastModified": 1703656108,
"narHash": "sha256-hCSUqdFJKHHbER8Cenf5JRzjMlBjIdwdftGQsO0xoJs=",
"lastModified": 1706639736,
"narHash": "sha256-CaG4j9+UwBDfinxxvJMo6yOonSmSo0ZgnbD7aj2Put0=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "033643a45a4a920660ef91caa391fbffb14da466",
"rev": "cd13c2917eaa68e4c49fea0ff9cada45440d7045",
"type": "github"
},
"original": {
@ -123,27 +123,27 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1704290814,
"narHash": "sha256-LWvKHp7kGxk/GEtlrGYV68qIvPHkU9iToomNFGagixU=",
"lastModified": 1707347730,
"narHash": "sha256-0etC/exQIaqC9vliKhc3eZE2Mm2wgLa0tj93ZF/egvM=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421",
"rev": "6832d0d99649db3d65a0e15fa51471537b2c56a6",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-23.05",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1705316053,
"narHash": "sha256-J2Ey5mPFT8gdfL2XC0JTZvKaBw/b2pnyudEXFvl+dQM=",
"lastModified": 1707268954,
"narHash": "sha256-2en1kvde3cJVc3ZnTy8QeD2oKcseLFjYPLKhIGDanQ0=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "c3e128f3c0ecc1fb04aef9f72b3dcc2f6cecf370",
"rev": "f8e2ebd66d097614d51a56a755450d4ae1632df1",
"type": "github"
},
"original": {

4
flake.nix
View File

@ -1,6 +1,6 @@
{
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05";
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
flake-utils.url = "github:numtide/flake-utils";
@ -8,7 +8,7 @@
agenix.url = "github:ryantm/agenix";
agenix.inputs.nixpkgs.follows = "nixpkgs";
home-manager.url = "github:nix-community/home-manager/release-23.05";
home-manager.url = "github:nix-community/home-manager/release-23.11";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
impermanence.url = "github:nix-community/impermanence/master";

17
hosts/router.home.ts.hillion.co.uk/default.nix
View File

@ -254,7 +254,6 @@
## Netdata
services.netdata = {
enable = true;
group = "caddy";
config = {
web = {
"bind to" = "unix:/run/netdata/netdata.sock";
@ -268,11 +267,17 @@
extraConfig = "reverse_proxy unix///run/netdata/netdata.sock";
};
};
### HACK: caddy needs tailscale to be up so allow it to restart on failure
systemd.services.caddy.serviceConfig = {
Restart = lib.mkForce "on-failure";
RestartSec = 15;
users.users.caddy.extraGroups = [ "netdata" ];
### HACK: Allow Caddy to restart if it fails. This happens because Tailscale
### is too late at starting. Upstream nixos caddy does restart on failure
### but it's prevented on exit code 1. Set the exit code to 0 (non-failure)
### to override this.
systemd.services.caddy = {
requires = [ "tailscaled.service" ];
after = [ "tailscaled.service" ];
serviceConfig = {
RestartPreventExitStatus = lib.mkForce 0;
};
};
};
}

12
hosts/tywin.storage.ts.hillion.co.uk/default.nix
View File

@ -134,7 +134,17 @@
reverse_proxy http://localhost:8000
'';
};
systemd.services.caddy.requires = [ "tailscaled.service" ];
### HACK: Allow Caddy to restart if it fails. This happens because Tailscale
### is too late at starting. Upstream nixos caddy does restart on failure
### but it's prevented on exit code 1. Set the exit code to 0 (non-failure)
### to override this.
systemd.services.caddy = {
requires = [ "tailscaled.service" ];
after = [ "tailscaled.service" ];
serviceConfig = {
RestartPreventExitStatus = lib.mkForce 0;
};
};
services.restic.backups."prune-128G" = {
repository = "/data/backups/restic/128G";

2
modules/common/hostinfo.nix
View File

@ -17,7 +17,7 @@ in
script = "${pkgs.writers.writePerl "hostinfo" {
libraries = with pkgs; [
perl536Packages.HTTPDaemon
perlPackages.HTTPDaemon
];
} ''
use v5.10;

2
modules/impermanence.nix
View File

@ -59,6 +59,8 @@ in
name = x;
value = {
home.persistence."/data/users/${x}" = {
allowOther = false;
files = [
".zsh_history"
] ++ cfg.userExtraFiles.${x} or [ ];

2
modules/services/mastodon/default.nix
View File

@ -54,6 +54,8 @@ in
extraConfig = {
EMAIL_DOMAIN_WHITELIST = "hillion.co.uk";
};
streamingProcesses = 9;
};
caddy = {

2
modules/users.nix
View File

@ -16,6 +16,6 @@ in
config = lib.mkIf cfg.jake.password {
age.secrets."passwords/jake".file = ../secrets/passwords/jake.age;
users.users.jake.passwordFile = config.age.secrets."passwords/jake".path;
users.users.jake.hashedPasswordFile = config.age.secrets."passwords/jake".path;
};
}