diff --git a/flake.lock b/flake.lock index 32cf6ae..cba9b0b 100644 --- a/flake.lock +++ b/flake.lock @@ -4,7 +4,9 @@ "inputs": { "darwin": "darwin", "home-manager": "home-manager", - "nixpkgs": "nixpkgs", + "nixpkgs": [ + "nixpkgs" + ], "systems": "systems" }, "locked": { @@ -29,7 +31,7 @@ "flake-parts": "flake-parts", "flake-utils": "flake-utils", "napalm": "napalm", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs", "pyproject-build-systems": "pyproject-build-systems", "pyproject-nix": "pyproject-nix", "systems": "systems_2", @@ -252,11 +254,11 @@ ] }, "locked": { - "lastModified": 1772893680, - "narHash": "sha256-JDqZMgxUTCq85ObSaFw0HhE+lvdOre1lx9iI6vYyOEs=", + "lastModified": 1774104215, + "narHash": "sha256-EAtviqz0sEAxdHS4crqu7JGR5oI3BwaqG0mw7CmXkO8=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "8baab586afc9c9b57645a734c820e4ac0a604af9", + "rev": "f799ae951fde0627157f40aec28dec27b22076d0", "type": "github" }, "original": { @@ -315,11 +317,11 @@ ] }, "locked": { - "lastModified": 1773681845, - "narHash": "sha256-o8hrZrigP0JYcwnglCp8Zi8jQafWsxbDtRRPzuVwFxY=", + "lastModified": 1774274588, + "narHash": "sha256-dnHvv5EMUgTzGZmA+3diYjQU2O6BEpGLEOgJ1Qe9LaY=", "owner": "nix-community", "repo": "home-manager", - "rev": "0759e0e137305bc9d0c52c204c6d8dffe6f601a6", + "rev": "cf9686ba26f5ef788226843bc31fda4cf72e373b", "type": "github" }, "original": { @@ -336,11 +338,11 @@ ] }, "locked": { - "lastModified": 1773681856, - "narHash": "sha256-+bRqxoFCJFO9ZTFhcCkzNXbDT3b8AEk88fyjB7Is6eo=", + "lastModified": 1774293042, + "narHash": "sha256-OEBV+Y5I4Ldu98k0KvGXRfJYh+jjE8ocCSL/dxTGs1s=", "owner": "nix-community", "repo": "home-manager", - "rev": "57d5560ee92a424fb71fde800acd6ed2c725dfce", + "rev": "bc357c75e3142a31b849ba49c5299fb52c61cf59", "type": "github" }, "original": { @@ -391,7 +393,7 @@ "flake-compat": "flake-compat_2", "flake-utils": "flake-utils_2", "nix": "nix", - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_3" }, "locked": { "lastModified": 1669478601, @@ -436,7 +438,7 @@ "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_2", "nixpkgs-regression": "nixpkgs-regression" }, "locked": { @@ -494,11 +496,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1773533765, - "narHash": "sha256-qonGfS2lzCgCl59Zl63jF6dIRRpvW3AJooBGMaXjHiY=", + "lastModified": 1774018263, + "narHash": "sha256-HHYEwK1A22aSaxv2ibhMMkKvrDGKGlA/qObG4smrSqc=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "f8e82243fd601afb9f59ad230958bd073795cbfe", + "rev": "2d4b4717b2534fad5c715968c1cece04a172b365", "type": "github" }, "original": { @@ -510,16 +512,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1754028485, - "narHash": "sha256-IiiXB3BDTi6UqzAZcf2S797hWEPCRZOwyNThJIYhUfk=", + "lastModified": 1771848320, + "narHash": "sha256-0MAd+0mun3K/Ns8JATeHT1sX28faLII5hVLq0L3BdZU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "59e69648d345d6e8fef86158c555730fa12af9de", + "rev": "2fc6539b481e1d2569f25f8799236694180c0993", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-25.05", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -557,11 +559,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1773705440, - "narHash": "sha256-xB30bbAp0e7ogSEYyc126mAJMt4FRFh8wtm6ADE1xuM=", + "lastModified": 1774244481, + "narHash": "sha256-4XfMXU0DjN83o6HWZoKG9PegCvKvIhNUnRUI19vzTcQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "48652e9d5aea46e555b3df87354280d4f29cd3a3", + "rev": "4590696c8693fea477850fe379a01544293ca4e2", "type": "github" }, "original": { @@ -572,22 +574,6 @@ } }, "nixpkgs_2": { - "locked": { - "lastModified": 1771848320, - "narHash": "sha256-0MAd+0mun3K/Ns8JATeHT1sX28faLII5hVLq0L3BdZU=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "2fc6539b481e1d2569f25f8799236694180c0993", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { "locked": { "lastModified": 1657693803, "narHash": "sha256-G++2CJ9u0E7NNTAi9n5G8TdDmGJXcIjkJ3NF8cetQB8=", @@ -603,7 +589,7 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_3": { "locked": { "lastModified": 1669378442, "narHash": "sha256-nm+4PN0A4SnV0SzEchxrMyKPvI3Ld/aoom4PnHeHucs=", @@ -619,13 +605,13 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_4": { "locked": { - "lastModified": 1773646010, - "narHash": "sha256-iYrs97hS7p5u4lQzuNWzuALGIOdkPXvjz7bviiBjUu8=", + "lastModified": 1774106199, + "narHash": "sha256-US5Tda2sKmjrg2lNHQL3jRQ6p96cgfWh3J1QBliQ8Ws=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5b2c2d84341b2afb5647081c1386a80d7a8d8605", + "rev": "6c9a78c09ff4d6c21d0319114873508a6ec01655", "type": "github" }, "original": { @@ -635,13 +621,13 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_5": { "locked": { - "lastModified": 1773046814, - "narHash": "sha256-3CEw64UyzEk5QjfbcXNIl4TfmIpa2oY+duuo6aiawcU=", + "lastModified": 1774192288, + "narHash": "sha256-vHqcv1WQvmR4hRz0/dUqlA8LjIHtZvWtWrzIX3YTxzQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0c6c0dd2469abaa216599bb19bbf77a328af6564", + "rev": "2cb1420c66c8e634314ce0abf70680208177f5b4", "type": "github" }, "original": { @@ -651,7 +637,7 @@ "type": "github" } }, - "nixpkgs_7": { + "nixpkgs_6": { "locked": { "lastModified": 1773389992, "narHash": "sha256-wvfdLLWJ2I9oEpDd9PfMA8osfIZicoQ5MT1jIwNs9Tk=", @@ -727,7 +713,7 @@ "nix-darwin": "nix-darwin", "nix-homebrew": "nix-homebrew", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_4", "nixpkgs-stable": "nixpkgs-stable", "simple-nixos-mailserver": "simple-nixos-mailserver", "zen-browser": "zen-browser" @@ -738,14 +724,14 @@ "blobs": "blobs", "flake-compat": "flake-compat_3", "git-hooks": "git-hooks", - "nixpkgs": "nixpkgs_6" + "nixpkgs": "nixpkgs_5" }, "locked": { - "lastModified": 1773599089, - "narHash": "sha256-3R+2SlbvKyYprAwWafUk7ATVKcJRBKlNhbm6Bn6t0HU=", + "lastModified": 1774268581, + "narHash": "sha256-azZqiV4L+Ef3Mu4M0NAObAfNIn8rDlsTcfti2W5/oZ4=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "7dfcb21d35a4e8de09b38d822a0e0b7d64d61192", + "rev": "86d256870b3a18ac751e12936419bf697d3544e8", "type": "gitlab" }, "original": { @@ -813,14 +799,14 @@ "zen-browser": { "inputs": { "home-manager": "home-manager_3", - "nixpkgs": "nixpkgs_7" + "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1773737882, - "narHash": "sha256-P6k0BtT1/idYveVRdcwAZk8By9UjZW8XOMhSoS6wTBY=", + "lastModified": 1774242250, + "narHash": "sha256-pchbnY7KVnH26g4O3LZO8vpshInqNj937gAqlPob1Mk=", "owner": "0xc000022070", "repo": "zen-browser-flake", - "rev": "a7f1db35d74faf04e5189b3a32f890186ace5c28", + "rev": "f19c3e6683c2d2f3fcfcb88fb691931a104bc47c", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 6e4fb44..f2a7291 100644 --- a/flake.nix +++ b/flake.nix @@ -9,7 +9,10 @@ nix-homebrew.url = "github:zhaofengli/nix-homebrew"; zen-browser.url = "github:0xc000022070/zen-browser-flake"; mms.url = "github:mkaito/nixos-modded-minecraft-servers"; - agenix.url = "github:ryantm/agenix"; + agenix = { + url = "github:ryantm/agenix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/master"; authentik.url = "github:nix-community/authentik-nix"; diff --git a/hosts/goingmerry/configuration.nix b/hosts/goingmerry/configuration.nix index f192c64..d8dac12 100644 --- a/hosts/goingmerry/configuration.nix +++ b/hosts/goingmerry/configuration.nix @@ -121,6 +121,10 @@ anki banana-cursor bat + bitwarden-desktop + bitwarden-menu + rbw + rofi-rbw blueman brave brightnessctl @@ -198,7 +202,7 @@ sqlc teams-for-linux teamspeak6-client - texliveFull + #texliveFull thunderbird tldr tmuxinator @@ -364,5 +368,5 @@ # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "25.11"; # Did you read the comment? + system.stateVersion = "26.05"; # Did you read the comment? } diff --git a/hosts/goingmerry/home.nix b/hosts/goingmerry/home.nix index 36a5777..85a4eab 100644 --- a/hosts/goingmerry/home.nix +++ b/hosts/goingmerry/home.nix @@ -10,7 +10,7 @@ ../../modules/home-manager/dunst.nix ../../modules/home-manager/fastfetch.nix ../../modules/home-manager/git.nix - ../../modules/home-manager/helix.nix + # ../../modules/home-manager/helix.nix ../../modules/home-manager/hyprland.nix ../../modules/home-manager/nextcloud.nix ../../modules/home-manager/pass.nix @@ -31,7 +31,7 @@ # You should not change this value, even if you update Home Manager. If you do # want to update the value, then make sure to first check the Home Manager # release notes. - home.stateVersion = "24.05"; # Please read the comment before changing. + home.stateVersion = "26.05"; # Please read the comment before changing. nixpkgs.config.allowUnfree = true; home.packages = with pkgs; [ zsh-autosuggestions diff --git a/hosts/hitsugibune/forgejo.nix b/hosts/hitsugibune/forgejo.nix new file mode 100644 index 0000000..1e891ba --- /dev/null +++ b/hosts/hitsugibune/forgejo.nix @@ -0,0 +1,58 @@ +{ lib, pkgs, config, ... }: +let + cfg = config.services.forgejo; + srv = cfg.settings.server; + mail = "tague.at"; +in +{ + services.nginx = { + virtualHosts.${cfg.settings.server.DOMAIN} = { + forceSSL = true; + enableACME = true; + extraConfig = '' + client_max_body_size 512M; + ''; + locations."/".proxyPass = "http://localhost:${toString srv.HTTP_PORT}"; + }; + }; + + services.forgejo = { + enable = true; + database.type = "postgres"; + # Enable support for Git Large File Storage + lfs.enable = true; + settings = { + server = { + DOMAIN = "git.sprechtl.me"; + # You need to specify this to remove the port from URLs in the web UI. + ROOT_URL = "https://${srv.DOMAIN}/"; + HTTP_PORT = 3000; + }; + # You can temporarily allow registration to create an admin user. + service.DISABLE_REGISTRATION = true; + # Add support for actions, based on act: https://github.com/nektos/act + actions = { + ENABLED = true; + DEFAULT_ACTIONS_URL = "github"; + }; + # Sending emails is completely optional + # You can send a test email from the web UI at: + # Profile Picture > Site Administration > Configuration > Mailer Configuration + mailer = { + ENABLED = true; + SMTP_ADDR = mail; + FROM = "forgejo@${mail}"; + USER = "stefan@${mail}"; + }; + }; + secrets = { + mailer.PASSWD = config.age.secrets.forgejo-mailer-password.path; + }; + }; + + age.secrets.forgejo-mailer-password = { + file = ../secrets/forgejo-mailer-password.age; + mode = "400"; + owner = "forgejo"; + }; +} diff --git a/secrets/forgejo-mailer-password.age b/secrets/forgejo-mailer-password.age new file mode 100644 index 0000000..eee85d1 --- /dev/null +++ b/secrets/forgejo-mailer-password.age @@ -0,0 +1,15 @@ +age-encryption.org/v1 +-> ssh-ed25519 7PLkJg NdA2acz8vQpZn5sr+bHQ24fX77JF5MqNjnXlHg3cKgA +E43xqaXYjmjHhTUc3jqBC386t03BkPErjTJU0E+dYEc +-> ssh-rsa LgF3EQ +pMJcRD5FfNll39KxYNpwWeMmT05zxCOpaRts698a/jAuYeOCj4Ab0REmptl3IS6z +hyPNwVM+2G07RS3LEDOdAjoshrrKoEcDbznxHQnHtHk0isUUqTXW0E9udjkCN6Wp +fCegQAbefx3bJEQbWJnKCq3zwKjunXSsn4nz3o6tS3d1vbqtNNp5ZSX8sKH9fYH5 +VVnYjvqj3EU3ct/j+rCchrpgPJICqNrARFUVa9y5711xkI1u/3PE8lnRqUseFgQD +Ho8WbM8nLIyqS0aldPAl6es4zahS7t9I1/ak5EOVvwAswJIMNR/gVvu9Bg8BRQ5/ +QTRG0xeBJGWu3e6B9ROHHwMPevHfc9noyXzomNlV73HWaiHki7lmswq046kOp6bn +B8HKeFQLdTP5NcIEgrmxkQ76fWqgd/9la5zpEQ2iLhrtt6TOxYqKxLaj/CrMzYJB +T/xP6ifELAYzsTPY2OAs49Y/rOH99LM21oDS6zcv6XCpNX8hkuZ1gz5cHhCxCEgS + +--- i0bZIIlzw58OdRk75CtffqDrUTtZwx2iI0eGvqR6jOw +¥1žîLÊn¥Où7"MqIq¾|ØD| T3ÛŒ…ßÝÜimZß&$°Éöÿ¡l \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index db4a207..6815f44 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -19,4 +19,5 @@ in { "mail-admin.age".publicKeys = [hitsugibune key]; "authentik.age".publicKeys = [hitsugibune key]; "vaultwarden.age".publicKeys = [hitsugibune key]; + "forgejo-mailer-password.age".publicKeys = [hitsugibune key]; }