AtaraxiaDev/nixos-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

upgrade system

Browse Source
This commit is contained in:
Dmitriy Kholkin 2024-09-11 18:01:30 +03:00
parent 4f6550e9bc
commit 238f7d800e
Signed by: AtaraxiaDev
GPG Key ID: FD266B810DF48DF2
12 changed files with 270 additions and 593 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

419
flake.lock generated
View File

@ -8,11 +8,11 @@
]
},
"locked": {
"lastModified": 1722680456,
"narHash": "sha256-q3ZxjLD/6WnAGwihLlRLoEzIEaVE1AqnH5h1TePYP/I=",
"lastModified": 1725712445,
"narHash": "sha256-m0sOGHvkKCzO+EzHOjpQ/Lvkp126Rt6vwioCTwV95Yg=",
"owner": "ezKEa",
"repo": "aagl-gtk-on-nix",
"rev": "54264a57d0c58afd12888eb1c576f96ca811530c",
"rev": "49e1dd54d3ac9b858d3be597a2fbc48ab67fa6e8",
"type": "github"
},
"original": {
@ -26,11 +26,11 @@
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1723018841,
"narHash": "sha256-EFm+tOPiWfuwgn/4i7TQVm9NEokxnMyFrVPw9QDZT00=",
"lastModified": 1723710142,
"narHash": "sha256-2dIz02Upb7k6c6jx41JtLwvGoKFZanu7vS/ZwMW6m+I=",
"owner": "AtaraxiaSjel",
"repo": "nur",
"rev": "97044ef6eba22708d705383dc0c3c6760e266cde",
"rev": "433c9d20d40ee728f5a57bc18dd70b714a7d2ff3",
"type": "github"
},
"original": {
@ -43,16 +43,17 @@
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat_2",
"flake-parts": "flake-parts",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_2",
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1722472866,
"narHash": "sha256-GJIz4M5HDB948Ex/8cPvbkrNzl/eKUE7/c21JBu4lb8=",
"lastModified": 1725300620,
"narHash": "sha256-IdM+pZ6BnmD3o1fTJZ2BD43k7dwi1BbVfLDLpM1nE5s=",
"owner": "zhaofengli",
"repo": "attic",
"rev": "e127acbf9a71ebc0c26bc8e28346822e0a6e16ba",
"rev": "bea72d75b6165dfb529ba0c39cc6c7e9c7f0d234",
"type": "github"
},
"original": {
@ -148,11 +149,11 @@
},
"catppuccin": {
"locked": {
"lastModified": 1722997334,
"narHash": "sha256-vE5FcKVQ3E0txJKt5w3vOlfcN1XoTAlxK9PnQ/CJavA=",
"lastModified": 1725509983,
"narHash": "sha256-NHCgHVqumPraFJnLrkanoLDuhOoUHUvRhvp/RIHJR+A=",
"owner": "catppuccin",
"repo": "nix",
"rev": "66f4ea170093b62f319f41cebd2337a51b225c5a",
"rev": "45745fe5960acaefef2b60f3455bcac6a0ca6bc9",
"type": "github"
},
"original": {
@ -166,11 +167,11 @@
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1722939363,
"narHash": "sha256-qNHJzxdVf8uoV686fmK7DaTztALCyTh7erP/lYb60hg=",
"lastModified": 1724583234,
"narHash": "sha256-bnCFpZVjSZLoPKodT4mUR1DGhdyerfugG+3YKqS74Qw=",
"owner": "catppuccin",
"repo": "vscode",
"rev": "2d7388ffe7321f588b2f54e2ffaab9fb7c9dde14",
"rev": "67ce281b989c57bc09c91b6c812e1a73a2a40e34",
"type": "github"
},
"original": {
@ -182,19 +183,20 @@
"chaotic": {
"inputs": {
"compare-to": "compare-to",
"fenix": "fenix",
"flake-schemas": "flake-schemas",
"home-manager": "home-manager",
"jovian": "jovian",
"nixpkgs": "nixpkgs_5",
"systems": "systems",
"systems": "systems_2",
"yafas": "yafas"
},
"locked": {
"lastModified": 1722963859,
"narHash": "sha256-TQ5sQ+PX0OeMZx+nYBA0CL3R9Yv6MupLzFU0iQrGGrc=",
"lastModified": 1725710428,
"narHash": "sha256-hs5ODrueWiOVodL1vPRThb923c7xrgp7AFNSzcF1ntw=",
"owner": "chaotic-cx",
"repo": "nyx",
"rev": "f41d02a7ca6433c98fac378569617f2652628624",
"rev": "66319c46247edfa0e00d6804c3c3385c32c4cce1",
"type": "github"
},
"original": {
@ -226,11 +228,11 @@
]
},
"locked": {
"lastModified": 1717025063,
"narHash": "sha256-dIubLa56W9sNNz0e8jGxrX3CAkPXsq7snuFA/Ie6dn8=",
"lastModified": 1722960479,
"narHash": "sha256-NhCkJJQhD5GUib8zN9JrmYGMwt4lCRp6ZVNzIiYCl0Y=",
"owner": "ipetkov",
"repo": "crane",
"rev": "480dff0be03dac0e51a8dfc26e882b0d123a450e",
"rev": "4c6c77920b8d44cd6660c1621dea6b3fc4b4c4f4",
"type": "github"
},
"original": {
@ -268,11 +270,11 @@
"pre-commit-hooks": "pre-commit-hooks"
},
"locked": {
"lastModified": 1722937792,
"narHash": "sha256-gyudaKQ8oBk13wIRGNWEkoiw6F+RMsZxHXxCsyHtIic=",
"lastModified": 1725637114,
"narHash": "sha256-+hsiHWbqkS098soB1o4URP3frnjhoRvyVfWs6byv4Zk=",
"owner": "cachix",
"repo": "devenv",
"rev": "bc9926e2cbef29c927b0a959bed5eeba2b55d648",
"rev": "c31e347a96dbb7718a0279afa993752a7dfc6a39",
"type": "github"
},
"original": {
@ -319,11 +321,11 @@
]
},
"locked": {
"lastModified": 1722821805,
"narHash": "sha256-FGrUPUD+LMDwJsYyNSxNIzFMldtCm8wXiQuyL2PHSrM=",
"lastModified": 1725377834,
"narHash": "sha256-tqoAO8oT6zEUDXte98cvA1saU9+1dLJQe3pMKLXv8ps=",
"owner": "nix-community",
"repo": "disko",
"rev": "0257e44f4ad472b54f19a6dd1615aee7fa48ed49",
"rev": "e55f9a8678adc02024a4877c2a403e3f6daf24fe",
"type": "github"
},
"original": {
@ -332,6 +334,28 @@
"type": "github"
}
},
"fenix": {
"inputs": {
"nixpkgs": [
"chaotic",
"nixpkgs"
],
"rust-analyzer-src": "rust-analyzer-src"
},
"locked": {
"lastModified": 1725517947,
"narHash": "sha256-sB8B3M6CS0Y0rnncsCPz0htg6LoC1RbI2Mq9K88tSOk=",
"owner": "nix-community",
"repo": "fenix",
"rev": "96072c2af73da16c7db013dbb8c8869000157235",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "fenix",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
@ -351,11 +375,11 @@
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
@ -477,7 +501,10 @@
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
"nixpkgs-lib": [
"attic",
"nixpkgs"
]
},
"locked": {
"lastModified": 1722555600,
@ -495,17 +522,14 @@
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"nix-direnv",
"nixpkgs"
]
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1719994518,
"narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=",
"lastModified": 1725234343,
"narHash": "sha256-+ebgonl3NbiKD2UD0x4BszCZQ6sTfL4xioaM49o5B3Y=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7",
"rev": "567b938d64d4b4112ee253b9274472dc3a346eb6",
"type": "github"
},
"original": {
@ -516,14 +540,17 @@
},
"flake-parts_3": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_2"
"nixpkgs-lib": [
"nix-direnv",
"nixpkgs"
]
},
"locked": {
"lastModified": 1714641030,
"narHash": "sha256-yzcRNDoyVP7+SCNX0wmuDju1NUCt8Dz9+lyUXEI0dbI=",
"lastModified": 1725234343,
"narHash": "sha256-+ebgonl3NbiKD2UD0x4BszCZQ6sTfL4xioaM49o5B3Y=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "e5d10a24b66c3ea8f150e47dfdb0416ab7c3390e",
"rev": "567b938d64d4b4112ee253b9274472dc3a346eb6",
"type": "github"
},
"original": {
@ -534,17 +561,14 @@
},
"flake-parts_4": {
"inputs": {
"nixpkgs-lib": [
"prismlauncher",
"nixpkgs"
]
"nixpkgs-lib": "nixpkgs-lib_2"
},
"locked": {
"lastModified": 1719994518,
"narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=",
"lastModified": 1714641030,
"narHash": "sha256-yzcRNDoyVP7+SCNX0wmuDju1NUCt8Dz9+lyUXEI0dbI=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7",
"rev": "e5d10a24b66c3ea8f150e47dfdb0416ab7c3390e",
"type": "github"
},
"original": {
@ -584,12 +608,15 @@
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github"
},
"original": {
@ -633,7 +660,7 @@
},
"flake-utils_3": {
"inputs": {
"systems": "systems_3"
"systems": "systems_4"
},
"locked": {
"lastModified": 1689068808,
@ -651,7 +678,7 @@
},
"flake-utils_4": {
"inputs": {
"systems": "systems_4"
"systems": "systems_5"
},
"locked": {
"lastModified": 1710146030,
@ -684,7 +711,7 @@
},
"flake-utils_6": {
"inputs": {
"systems": "systems_5"
"systems": "systems_6"
},
"locked": {
"lastModified": 1710146030,
@ -702,7 +729,7 @@
},
"flake-utils_7": {
"inputs": {
"systems": "systems_6"
"systems": "systems_7"
},
"locked": {
"lastModified": 1710146030,
@ -740,28 +767,6 @@
"type": "github"
}
},
"gitignore_2": {
"inputs": {
"nixpkgs": [
"prismlauncher",
"pre-commit-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@ -770,11 +775,11 @@
]
},
"locked": {
"lastModified": 1722630065,
"narHash": "sha256-QfM/9BMRkCmgWzrPDK+KbgJOUlSJnfX4OvsUupEUZvA=",
"lastModified": 1725180166,
"narHash": "sha256-fzssXuGR/mCeGbzM1ExaTqDz7QDGta3WA4jJsZyRruo=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "afc892db74d65042031a093adb6010c4c3378422",
"rev": "471e3eb0a114265bcd62d11d58ba8d3421ee68eb",
"type": "github"
},
"original": {
@ -790,11 +795,11 @@
]
},
"locked": {
"lastModified": 1723015306,
"narHash": "sha256-jQnFEtH20/OsDPpx71ntZzGdRlpXhUENSQCGTjn//NA=",
"lastModified": 1725694918,
"narHash": "sha256-+HsjshXpqNiJHLaJaK0JnIicJ/a1NquKcfn4YZ3ILgg=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "b3d5ea65d88d67d4ec578ed11d4d2d51e3de525e",
"rev": "aaebdea769a5c10f1c6e50ebdf5924c1a13f0cda",
"type": "github"
},
"original": {
@ -805,11 +810,11 @@
},
"impermanence": {
"locked": {
"lastModified": 1719091691,
"narHash": "sha256-AxaLX5cBEcGtE02PeGsfscSb/fWMnyS7zMWBXQWDKbE=",
"lastModified": 1725690722,
"narHash": "sha256-4qWg9sNh5g1qPGO6d/GV2ktY+eDikkBTbWSg5/iD2nY=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "23c1f06316b67cb5dabdfe2973da3785cfe9c34a",
"rev": "63f4d0443e32b0dd7189001ee1894066765d18a5",
"type": "github"
},
"original": {
@ -827,11 +832,11 @@
]
},
"locked": {
"lastModified": 1722666143,
"narHash": "sha256-uTr3LiytFHFUYmIrhs5NoGlm5DCJxQlfyaZEKCU/DS8=",
"lastModified": 1725153537,
"narHash": "sha256-8+BJdXM1WBAttY+C63pEMUmUtSEWXHEhXOkLK4k1s2E=",
"owner": "Jovian-Experiments",
"repo": "Jovian-NixOS",
"rev": "bcfe9dc708c92590fec676692b3ed79443eda819",
"rev": "b13488a1f8ab01db6a3d18629f7b22a430f03984",
"type": "github"
},
"original": {
@ -930,11 +935,11 @@
]
},
"locked": {
"lastModified": 1722576181,
"narHash": "sha256-0YYH6dTJK+mzqH7KvXep5Zv/qjHCGv+hM1eLMd0aBM4=",
"lastModified": 1725216861,
"narHash": "sha256-GaCobLXfPYBuhxy2TdlEDAfS3PD4mrUj6NQIPOzQq48=",
"owner": "thiagokokada",
"repo": "nix-alien",
"rev": "5d41c9c1aac104c15d06808f0c35c23e26809875",
"rev": "f92c20327b240ce2098d227c3674d7c02beea51b",
"type": "github"
},
"original": {
@ -945,16 +950,16 @@
},
"nix-direnv": {
"inputs": {
"flake-parts": "flake-parts_2",
"flake-parts": "flake-parts_3",
"nixpkgs": "nixpkgs_11",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1720977067,
"narHash": "sha256-Sp3hvtEGFZvJvMEyBuj9x3dDi0L0jpCV1gGVck+CjOQ=",
"lastModified": 1725391975,
"narHash": "sha256-NNBXRLt+ihPOfx+HRAMt0T+0BGSt+zaw3IP1lFy+hLM=",
"owner": "nix-community",
"repo": "nix-direnv",
"rev": "104a5075a182b5fb15a4e33e21e6c5b869a5151f",
"rev": "9048810b54e67b13aa090d01984d0b3e45a19fce",
"type": "github"
},
"original": {
@ -965,7 +970,7 @@
},
"nix-fast-build": {
"inputs": {
"flake-parts": "flake-parts_3",
"flake-parts": "flake-parts_4",
"nixpkgs": [
"nixpkgs"
],
@ -1000,6 +1005,21 @@
"type": "github"
}
},
"nix-filter_2": {
"locked": {
"lastModified": 1710156097,
"narHash": "sha256-1Wvk8UP7PXdf8bCCaEoMnOT1qe5/Duqgj+rL8sRQsSM=",
"owner": "numtide",
"repo": "nix-filter",
"rev": "3342559a24e85fc164b295c3444e8a139924675b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "nix-filter",
"type": "github"
}
},
"nix-github-actions": {
"inputs": {
"nixpkgs": [
@ -1055,11 +1075,11 @@
]
},
"locked": {
"lastModified": 1720926593,
"narHash": "sha256-fW6e27L6qY6s+TxInwrS2EXZZfhMAlaNqT0sWS49qMA=",
"lastModified": 1723352546,
"narHash": "sha256-WTIrvp0yV8ODd6lxAq4F7EbrPQv0gscBnyfn559c3k8=",
"owner": "nix-community",
"repo": "nix-index-database",
"rev": "5fe5b0cdf1268112dc96319388819b46dc051ef4",
"rev": "ec78079a904d7d55e81a0468d764d0fffb50ac06",
"type": "github"
},
"original": {
@ -1077,11 +1097,11 @@
]
},
"locked": {
"lastModified": 1722994187,
"narHash": "sha256-K5V2N5HkGaLpf5StNbtKBM6O9K+CYF/8F8hlGUVgiKk=",
"lastModified": 1725672853,
"narHash": "sha256-z1O6dzCJ27OZpF680tZL0mQphQETdg4DTryvhFOpZyA=",
"owner": "nix-community",
"repo": "nix-vscode-extensions",
"rev": "6fc50b0716bc415cfd1bc81bb9e198d78cd03b3d",
"rev": "efd33fc8e5a149dd48d86ca6003b51ab3ce4ae21",
"type": "github"
},
"original": {
@ -1139,11 +1159,11 @@
},
"nixlib": {
"locked": {
"lastModified": 1722732880,
"narHash": "sha256-do2Mfm3T6SR7a5A804RhjQ+JTsF5hk4JTPGjCTRM/m8=",
"lastModified": 1725152544,
"narHash": "sha256-Tm344cnFM9f2YZsgWtJduvhIrvLr3Bi8J4Xc+UZDKYE=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "8bebd4c74f368aacb047f0141db09ec6b339733c",
"rev": "7f0b9e4fbd91826cb9ce6babbc11c87903191051",
"type": "github"
},
"original": {
@ -1160,11 +1180,11 @@
]
},
"locked": {
"lastModified": 1722819251,
"narHash": "sha256-f99it92NQSZsrZ8AYbiwAUfrtb/ZpZRqUsl4q6rMA5s=",
"lastModified": 1725497951,
"narHash": "sha256-fayKyVs/9FQdYH+3SCOkQM1GCsEPPVE+lSiVGlYQ7i0=",
"owner": "nix-community",
"repo": "nixos-generators",
"rev": "c8c3a20b8191819219dba1af79388aa6d555f634",
"rev": "15a07ebf4a041bf232026263f1f96f2af390f3bc",
"type": "github"
},
"original": {
@ -1191,14 +1211,14 @@
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1722555339,
"narHash": "sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q=",
"lastModified": 1725233747,
"narHash": "sha256-Ss8QWLXdr2JCBPcYChJhz4xJm+h/xjl4G0c0XlP6a74=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
"url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
"url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
}
},
"nixpkgs-lib_2": {
@ -1215,11 +1235,11 @@
},
"nixpkgs-master": {
"locked": {
"lastModified": 1723031421,
"narHash": "sha256-Q4iMzihS+4mzCadp+ADr782Jrd1Mgvr7lLZbkWx33Hw=",
"lastModified": 1725720169,
"narHash": "sha256-EvXzs22ev6UxTnLIKbtZOEJhGkQQVHr6OcFlH96UDkA=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "1602c0d3c0247d23eb7ca501c3e592aa1762e37b",
"rev": "d1f2bc29317e05baea8db6379766a3b334f373ed",
"type": "github"
},
"original": {
@ -1279,16 +1299,16 @@
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1711460390,
"narHash": "sha256-akSgjDZL6pVHEfSE6sz1DNSXuYX6hq+P/1Z5IoYWs7E=",
"lastModified": 1724316499,
"narHash": "sha256-Qb9MhKBUTCfWg/wqqaxt89Xfi6qTD3XpTzQ9eXi3JmE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "44733514b72e732bd49f5511bd0203dea9b9a434",
"rev": "797f7dc49e0bc7fab4b57c021cdf68f595e47841",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
@ -1311,11 +1331,11 @@
},
"nixpkgs-stable_3": {
"locked": {
"lastModified": 1722869614,
"narHash": "sha256-7ojM1KSk3mzutD7SkrdSflHXEujPvW1u7QuqWoTLXQU=",
"lastModified": 1725407940,
"narHash": "sha256-tiN5Rlg/jiY0tyky+soJZoRzLKbPyIdlQ77xVgREDNM=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "883180e6550c1723395a3a342f830bfc5c371f6b",
"rev": "6f6c45b5134a8ee2e465164811e451dcb5ad86e3",
"type": "github"
},
"original": {
@ -1359,11 +1379,11 @@
},
"nixpkgs_11": {
"locked": {
"lastModified": 1720368505,
"narHash": "sha256-5r0pInVo5d6Enti0YwUSQK4TebITypB42bWy5su3MrQ=",
"lastModified": 1725194671,
"narHash": "sha256-tLGCFEFTB5TaOKkpfw3iYT9dnk4awTP/q4w+ROpMfuw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ab82a9612aa45284d4adf69ee81871a389669a9e",
"rev": "b833ff01a0d694b910daca6e2ff4a3f26dee478c",
"type": "github"
},
"original": {
@ -1375,11 +1395,11 @@
},
"nixpkgs_12": {
"locked": {
"lastModified": 1722813957,
"narHash": "sha256-IAoYyYnED7P8zrBFMnmp7ydaJfwTnwcnqxUElC1I26Y=",
"lastModified": 1725634671,
"narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "cb9a96f23c491c081b38eab96d22fa958043c9fa",
"rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c",
"type": "github"
},
"original": {
@ -1391,11 +1411,11 @@
},
"nixpkgs_13": {
"locked": {
"lastModified": 1720768451,
"narHash": "sha256-EYekUHJE2gxeo2pM/zM9Wlqw1Uw2XTJXOSAO79ksc4Y=",
"lastModified": 1724224976,
"narHash": "sha256-Z/ELQhrSd7bMzTO8r7NZgi9g5emh+aRKoCdaAv5fiO0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "7e7c39ea35c5cdd002cd4588b03a3fb9ece6fad9",
"rev": "c374d94f1536013ca8e92341b540eba4c22f9c62",
"type": "github"
},
"original": {
@ -1407,11 +1427,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1711401922,
"narHash": "sha256-QoQqXoj8ClGo0sqD/qWKFWezgEwUL0SUh37/vY2jNhc=",
"lastModified": 1724999960,
"narHash": "sha256-LB3jqSGW5u1ZcUcX6vO/qBOq5oXHlmOCxsTXGMEitp4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "07262b18b97000d16a4bdb003418bd2fb067a932",
"rev": "b96f849e725333eb2b1c7f1cb84ff102062468ba",
"type": "github"
},
"original": {
@ -1455,11 +1475,11 @@
},
"nixpkgs_5": {
"locked": {
"lastModified": 1722813957,
"narHash": "sha256-IAoYyYnED7P8zrBFMnmp7ydaJfwTnwcnqxUElC1I26Y=",
"lastModified": 1725432240,
"narHash": "sha256-+yj+xgsfZaErbfYM3T+QvEE2hU7UuE+Jf0fJCJ8uPS0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "cb9a96f23c491c081b38eab96d22fa958043c9fa",
"rev": "ad416d066ca1222956472ab7d0555a6946746a80",
"type": "github"
},
"original": {
@ -1586,50 +1606,19 @@
"type": "github"
}
},
"pre-commit-hooks_2": {
"inputs": {
"flake-compat": [
"prismlauncher",
"flake-compat"
],
"gitignore": "gitignore_2",
"nixpkgs": [
"prismlauncher",
"nixpkgs"
],
"nixpkgs-stable": [
"prismlauncher",
"nixpkgs"
]
},
"locked": {
"lastModified": 1720524665,
"narHash": "sha256-ni/87oHPZm6Gv0ECYxr1f6uxB0UKBWJ6HvS7lwLU6oY=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "8d6a17d0cdf411c55f12602624df6368ad86fac1",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"prismlauncher": {
"inputs": {
"flake-compat": "flake-compat_9",
"flake-parts": "flake-parts_4",
"libnbtplusplus": "libnbtplusplus",
"nixpkgs": "nixpkgs_13",
"pre-commit-hooks": "pre-commit-hooks_2"
"nix-filter": "nix-filter_2",
"nixpkgs": "nixpkgs_13"
},
"locked": {
"lastModified": 1722050029,
"narHash": "sha256-FoFsw+BhdJAtiT+tVmyOT6GFw7pCFy2Ox1JXBt5ZwME=",
"lastModified": 1725073933,
"narHash": "sha256-Df1081xMlVpFDV5YOqjk/VX8ImXRGLZP8JLhEvemrb4=",
"owner": "AtaraxiaSjel",
"repo": "PrismLauncher",
"rev": "67aede29f4e4271e566189e7a85a943401aa543e",
"rev": "9be4b9a39df3ee40f761f10b9efb5c07b0e474bc",
"type": "github"
},
"original": {
@ -1653,7 +1642,7 @@
"deploy-rs": "deploy-rs",
"devenv": "devenv",
"disko": "disko",
"flake-parts": "flake-parts",
"flake-parts": "flake-parts_2",
"flake-registry": "flake-registry",
"home-manager": "home-manager_2",
"impermanence": "impermanence",
@ -1670,6 +1659,23 @@
"sops-nix": "sops-nix"
}
},
"rust-analyzer-src": {
"flake": false,
"locked": {
"lastModified": 1725444219,
"narHash": "sha256-VjItfg2kZJ2to3bnNlkWAClKQLssIi86QcE1/vcRvv0=",
"owner": "rust-lang",
"repo": "rust-analyzer",
"rev": "50882fbfa204027c84753e6d51a1a12884dc1b19",
"type": "github"
},
"original": {
"owner": "rust-lang",
"ref": "nightly",
"repo": "rust-analyzer",
"type": "github"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": [
@ -1678,11 +1684,11 @@
"nixpkgs-stable": "nixpkgs-stable_4"
},
"locked": {
"lastModified": 1722897572,
"narHash": "sha256-3m/iyyjCdRBF8xyehf59QlckIcmShyTesymSb+N4Ap4=",
"lastModified": 1725540166,
"narHash": "sha256-htc9rsTMSAY5ek+DB3tpntdD/es0eam2hJgO92bWSys=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "8ae477955dfd9cbf5fa4eb82a8db8ddbb94e79d9",
"rev": "d9d781523a1463965cd1e1333a306e70d9feff07",
"type": "github"
},
"original": {
@ -1692,21 +1698,6 @@
}
},
"systems": {
"locked": {
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"owner": "nix-systems",
"repo": "default-linux",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default-linux",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
@ -1721,6 +1712,21 @@
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"owner": "nix-systems",
"repo": "default-linux",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default-linux",
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
@ -1781,6 +1787,21 @@
"type": "github"
}
},
"systems_7": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
@ -1789,11 +1810,11 @@
]
},
"locked": {
"lastModified": 1720374026,
"narHash": "sha256-ludjqxhR/5lXwJ1H6zHmZqp+4e8dFPHE9FIZ2eBh2G4=",
"lastModified": 1724833132,
"narHash": "sha256-F4djBvyNRAXGusJiNYInqR6zIMI3rvlp6WiKwsRISos=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "e1d7bd5ec6fc389eb3a90e232c4150338bf6a508",
"rev": "3ffd842a5f50f435d3e603312eefa4790db46af5",
"type": "github"
},
"original": {
@ -1825,7 +1846,7 @@
},
"utils": {
"inputs": {
"systems": "systems_2"
"systems": "systems_3"
},
"locked": {
"lastModified": 1701680307,

6
flake.nix
View File

@ -161,14 +161,10 @@
unstable-patches = shared-patches ++ patchesPath [
"netbird-24.11.patch"
"onlyoffice.patch"
"vaultwarden.patch"
# "zen-kernels.patch"
"fix-args-override.patch"
"zfs-2.2.5.patch"
"pahole-fix.patch"
];
stable-patches = shared-patches ++ patchesPath [
"netbird-24.05.patch" "vaultwarden-24.05.patch"
"netbird-24.05.patch"
];
in {
customModules = builtins.listToAttrs (findModules ./modules);

4
machines/AMD-Workstation/default.nix
View File

@ -2,12 +2,12 @@
imports = with inputs.self; [
./boot.nix
./hardware-configuration.nix
./kernel
# ./kernel
customRoles.workstation
customProfiles.a2ln-server
customProfiles.act
customProfiles.attic
# customProfiles.attic
customProfiles.bluetooth
customProfiles.cassowary
customProfiles.emulators

108
patches/fix-args-override.patch
View File

@ -1,108 +0,0 @@
diff --git a/pkgs/os-specific/linux/kernel/update-zen.py b/pkgs/os-specific/linux/kernel/update-zen.py
index 3c51f806d..a8a363761 100755
--- a/pkgs/os-specific/linux/kernel/update-zen.py
+++ b/pkgs/os-specific/linux/kernel/update-zen.py
@@ -64,16 +64,16 @@ def update_file(relpath, variant, version, suffix, sha256):
for line in f:
result = line
result = re.sub(
- fr'^ version = ".+"; #{variant}',
- f' version = "{version}"; #{variant}',
+ fr'^ version = ".+"; #{variant}',
+ f' version = "{version}"; #{variant}',
result)
result = re.sub(
- fr'^ suffix = ".+"; #{variant}',
- f' suffix = "{suffix}"; #{variant}',
+ fr'^ suffix = ".+"; #{variant}',
+ f' suffix = "{suffix}"; #{variant}',
result)
result = re.sub(
- fr'^ sha256 = ".+"; #{variant}',
- f' sha256 = "{sha256}"; #{variant}',
+ fr'^ sha256 = ".+"; #{variant}',
+ f' sha256 = "{sha256}"; #{variant}',
result)
print(result, end='')
diff --git a/pkgs/os-specific/linux/kernel/zen-kernels.nix b/pkgs/os-specific/linux/kernel/zen-kernels.nix
index 3acf40121..9e2c968ac 100644
--- a/pkgs/os-specific/linux/kernel/zen-kernels.nix
+++ b/pkgs/os-specific/linux/kernel/zen-kernels.nix
@@ -1,20 +1,22 @@
-{ lib, stdenv, fetchFromGitHub, buildLinux, ... } @ args:
+{ lib, stdenv, fetchFromGitHub, buildLinux, variant, ... } @ args:
let
# comments with variant added for update script
- # ./update-zen.py zen
- zenVariant = {
- version = "6.10.1"; #zen
- suffix = "zen1"; #zen
- sha256 = "0lr9qjz4hlvx3yc0lj65fnmbciyh6symycbi9ass761l1niswbk5"; #zen
- isLqx = false;
- };
- # ./update-zen.py lqx
- lqxVariant = {
- version = "6.9.11"; #lqx
- suffix = "lqx1"; #lqx
- sha256 = "0i6i0ak10gswlk60pnkn5dlz74g4nd7n1xbnvf24nnwwp69kkd44"; #lqx
- isLqx = true;
+ variants = {
+ # ./update-zen.py zen
+ zen = {
+ version = "6.10.1"; #zen
+ suffix = "zen1"; #zen
+ sha256 = "0lr9qjz4hlvx3yc0lj65fnmbciyh6symycbi9ass761l1niswbk5"; #zen
+ isLqx = false;
+ };
+ # ./update-zen.py lqx
+ lqx = {
+ version = "6.9.11"; #lqx
+ suffix = "lqx1"; #lqx
+ sha256 = "0i6i0ak10gswlk60pnkn5dlz74g4nd7n1xbnvf24nnwwp69kkd44"; #lqx
+ isLqx = true;
+ };
};
zenKernelsFor = { version, suffix, sha256, isLqx }: buildLinux (args // {
inherit version;
@@ -123,7 +125,4 @@ let
} // (args.argsOverride or { }));
in
-{
- zen = zenKernelsFor zenVariant;
- lqx = zenKernelsFor lqxVariant;
-}
+zenKernelsFor variants.${variant}
\ No newline at end of file
diff --git a/pkgs/top-level/linux-kernels.nix b/pkgs/top-level/linux-kernels.nix
index bc80ec658..edc94fc34 100644
--- a/pkgs/top-level/linux-kernels.nix
+++ b/pkgs/top-level/linux-kernels.nix
@@ -227,19 +227,21 @@ in {
# https://github.com/NixOS/nixpkgs/pull/161773#discussion_r820134708
zenKernels = callPackage ../os-specific/linux/kernel/zen-kernels.nix;
- linux_zen = (zenKernels {
+ linux_zen = zenKernels {
+ variant = "zen";
kernelPatches = [
kernelPatches.bridge_stp_helper
kernelPatches.request_key_helper
];
- }).zen;
+ };
- linux_lqx = (zenKernels {
+ linux_lqx = zenKernels {
+ variant = "lqx";
kernelPatches = [
kernelPatches.bridge_stp_helper
kernelPatches.request_key_helper
];
- }).lqx;
+ };
# This contains the variants of the XanMod kernel
xanmodKernels = callPackage ../os-specific/linux/kernel/xanmod-kernels.nix {

76
patches/netbird-24.11.patch
View File

@ -1,43 +1,8 @@
From dc09dca1f66c940060825868dbeeeaa865c79744 Mon Sep 17 00:00:00 2001
From: Krzysztof Nazarewski <gpg@kdn.im>
Date: Tue, 2 Apr 2024 12:04:11 +0200
Subject: [PATCH 1/2] netbird-ui: fix incorrect meta.mainProgram
---
pkgs/tools/networking/netbird/default.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pkgs/tools/networking/netbird/default.nix b/pkgs/tools/networking/netbird/default.nix
index b10663216e035b..905247c2d4bdc1 100644
--- a/pkgs/tools/networking/netbird/default.nix
+++ b/pkgs/tools/networking/netbird/default.nix
@@ -111,6 +111,6 @@ buildGoModule rec {
description = "Connect your devices into a single secure private WireGuard®-based mesh network with SSO/MFA and simple access controls";
license = licenses.bsd3;
maintainers = with maintainers; [ misuzu ];
- mainProgram = "netbird";
+ mainProgram = if ui then "netbird-ui" else "netbird";
};
}
From 835617072b8bc1ffe1be551696d9e8d2ce193a60 Mon Sep 17 00:00:00 2001
From: Krzysztof Nazarewski <gpg@kdn.im>
Date: Tue, 2 Apr 2024 12:01:25 +0200
Subject: [PATCH 2/2] nixos/netbird: harden and extend options
---
.../manual/release-notes/rl-2405.section.md | 2 +-
.../manual/release-notes/rl-2411.section.md | 3 +
nixos/modules/services/networking/netbird.md | 72 ++-
nixos/modules/services/networking/netbird.nix | 507 +++++++++++++++---
nixos/tests/netbird.nix | 26 +-
5 files changed, 503 insertions(+), 107 deletions(-)
diff --git a/nixos/doc/manual/release-notes/rl-2405.section.md b/nixos/doc/manual/release-notes/rl-2405.section.md
index b1b18b35e9c281..096bd6a2f2cc15 100644
index 3bb993ec33c6..91a91beb34d6 100644
--- a/nixos/doc/manual/release-notes/rl-2405.section.md
+++ b/nixos/doc/manual/release-notes/rl-2405.section.md
@@ -698,7 +698,7 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi
@@ -709,7 +709,7 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi
and `services.kavita.settings.IpAddresses`. The file at `services.kavita.tokenKeyFile` now needs to contain a secret with
512+ bits instead of 128+ bits.
@ -47,21 +12,21 @@ index b1b18b35e9c281..096bd6a2f2cc15 100644
- `services.nginx.virtualHosts` using `forceSSL` or
`globalRedirect` can now have redirect codes other than 301 through `redirectCode`.
diff --git a/nixos/doc/manual/release-notes/rl-2411.section.md b/nixos/doc/manual/release-notes/rl-2411.section.md
index 2de4cf4d08af2d..a5d3566fe9bd87 100644
index dd2db8de5a33..daef530c8993 100644
--- a/nixos/doc/manual/release-notes/rl-2411.section.md
+++ b/nixos/doc/manual/release-notes/rl-2411.section.md
@@ -98,6 +98,9 @@
support, which is the intended default behavior by Tracy maintainers.
X11 users have to switch to the new package `tracy-x11`.
@@ -248,6 +248,9 @@
- `tests.overriding` has its `passthru.tests` restructured as an attribute set instead of a list, making individual tests accessible by their names.
+- `services.netbird.tunnels` was renamed to [`services.netbird.clients`](#opt-services.netbird.clients),
+ hardened (using dedicated less-privileged users) and significantly extended.
+
## Other Notable Changes {#sec-release-24.11-notable-changes}
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
- `vaultwarden` lost the capability to bind to privileged ports. If you rely on
this behavior, override the systemd unit to allow `CAP_NET_BIND_SERVICE` in
your local configuration.
diff --git a/nixos/modules/services/networking/netbird.md b/nixos/modules/services/networking/netbird.md
index e1f6753cbd30cc..876c27cb0d22e7 100644
index e1f6753cbd30..876c27cb0d22 100644
--- a/nixos/modules/services/networking/netbird.md
+++ b/nixos/modules/services/networking/netbird.md
@@ -2,7 +2,7 @@
@ -174,7 +139,7 @@ index e1f6753cbd30cc..876c27cb0d22e7 100644
+through environment variables, but special care needs to be taken for overriding config location and
+daemon address due [hardened](#opt-services.netbird.clients._name_.hardened) option.
diff --git a/nixos/modules/services/networking/netbird.nix b/nixos/modules/services/networking/netbird.nix
index e68c39946fe3b5..0160a8964aecad 100644
index e68c39946fe3..dae0936deb4f 100644
--- a/nixos/modules/services/networking/netbird.nix
+++ b/nixos/modules/services/networking/netbird.nix
@@ -1,72 +1,155 @@
@ -350,7 +315,7 @@ index e68c39946fe3b5..0160a8964aecad 100644
}
'';
description = ''
@@ -74,97 +157,361 @@ in
@@ -74,97 +157,364 @@ in
'';
};
@ -726,10 +691,13 @@ index e68c39946fe3b5..0160a8964aecad 100644
+ }));
+
+ # see https://github.com/systemd/systemd/blob/17f3e91e8107b2b29fe25755651b230bbc81a514/src/resolve/org.freedesktop.resolve1.policy#L43-L43
+ # see all actions used at https://github.com/netbirdio/netbird/blob/13e7198046a0d73a9cd91bf8e063fafb3d41885c/client/internal/dns/systemd_linux.go#L29-L32
+ security.polkit.extraConfig = mkIf config.services.resolved.enable ''
+ // systemd-resolved access for Netbird clients
+ polkit.addRule(function(action, subject) {
+ var actions = [
+ "org.freedesktop.resolve1.revert",
+ "org.freedesktop.resolve1.set-default-route",
+ "org.freedesktop.resolve1.set-dns-servers",
+ "org.freedesktop.resolve1.set-domains",
+ ];
@ -776,7 +744,7 @@ index e68c39946fe3b5..0160a8964aecad 100644
];
}
diff --git a/nixos/tests/netbird.nix b/nixos/tests/netbird.nix
index 7342e8d04a39c3..063fff6d42f031 100644
index 7342e8d04a39..063fff6d42f0 100644
--- a/nixos/tests/netbird.nix
+++ b/nixos/tests/netbird.nix
@@ -12,10 +12,32 @@ import ./make-test-python.nix ({ pkgs, lib, ... }:
@ -814,3 +782,15 @@ index 7342e8d04a39c3..063fff6d42f031 100644
+ Peers count: 0/0 Connected
+ */
})
diff --git a/pkgs/tools/networking/netbird/default.nix b/pkgs/tools/networking/netbird/default.nix
index c4bce67ff89d..7a27c2bbef10 100644
--- a/pkgs/tools/networking/netbird/default.nix
+++ b/pkgs/tools/networking/netbird/default.nix
@@ -111,6 +111,6 @@ buildGoModule rec {
description = "Connect your devices into a single secure private WireGuard®-based mesh network with SSO/MFA and simple access controls";
license = licenses.bsd3;
maintainers = with maintainers; [ misuzu vrifox ];
- mainProgram = "netbird";
+ mainProgram = if ui then "netbird-ui" else "netbird";
};
}

28
patches/pahole-fix.patch
View File

@ -1,28 +0,0 @@
From b0b178fc293ad71c35d3ac84e8ac856bd0d3492b Mon Sep 17 00:00:00 2001
From: Dominique Martinet <asmadeus@codewreck.org>
Date: Fri, 2 Aug 2024 04:34:00 +0900
Subject: [PATCH] pahole: fix clang kernel build
This should fix clang builds for real this time
Reported-by: PedroHLC <root@pedrohlc.com>
---
pkgs/by-name/pa/pahole/package.nix | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/pkgs/by-name/pa/pahole/package.nix b/pkgs/by-name/pa/pahole/package.nix
index 14a31958c0e2c14..d82c76eb769c9ef 100644
--- a/pkgs/by-name/pa/pahole/package.nix
+++ b/pkgs/by-name/pa/pahole/package.nix
@@ -36,6 +36,11 @@ stdenv.mkDerivation rec {
url = "https://github.com/acmel/dwarves/commit/6a2b27c0f512619b0e7a769a18a0fb05bb3789a5.patch";
hash = "sha256-Le1BAew/a/QKkYNLgSQxEvZ9mEEglUw8URwz1kiheeE=";
})
+ (fetchpatch {
+ name = "fix-clang-btf-generation-bug-2.patch";
+ url = "https://github.com/acmel/dwarves/commit/94a01bde592c555b3eb526aeb4c2ad695c5660d8.patch";
+ hash = "sha256-SMIxLEBjBkprAqVNX1h7nXxAsgbwvCD/Bz7c1ekwg5w=";
+ })
];
# Put libraries in "lib" subdirectory, not top level of $out

79
patches/vaultwarden-24.05.patch
View File

@ -1,79 +0,0 @@
diff --git a/nixos/modules/services/security/vaultwarden/default.nix b/nixos/modules/services/security/vaultwarden/default.nix
index b2920931f..443b8421b 100644
--- a/nixos/modules/services/security/vaultwarden/default.nix
+++ b/nixos/modules/services/security/vaultwarden/default.nix
@@ -23,7 +23,7 @@ let
configEnv = lib.concatMapAttrs (name: value: lib.optionalAttrs (value != null) {
${nameToEnvVar name} = if lib.isBool value then lib.boolToString value else toString value;
}) cfg.config;
- in { DATA_FOLDER = "/var/lib/bitwarden_rs"; } // lib.optionalAttrs (!(configEnv ? WEB_VAULT_ENABLED) || configEnv.WEB_VAULT_ENABLED == "true") {
+ in { DATA_FOLDER = cfg.dataDir; } // lib.optionalAttrs (!(configEnv ? WEB_VAULT_ENABLED) || configEnv.WEB_VAULT_ENABLED == "true") {
WEB_VAULT_FOLDER = "${cfg.webVaultPackage}/share/vaultwarden/vault";
} // configEnv;
@@ -163,6 +163,16 @@ in {
defaultText = lib.literalExpression "pkgs.vaultwarden.webvault";
description = "Web vault package to use.";
};
+
+ dataDir = lib.mkOption {
+ type = lib.types.str;
+ default = "/var/lib/bitwarden_rs";
+ description = ''
+ The directury in which vaultwarden will keep its state. If left as the default value
+ this directory will automatically be created before the vaultwarden server starts, otherwise
+ the sysadmin is responsible for ensuring the directory exists with appropriate ownership and permissions.
+ '';
+ };
};
config = lib.mkIf cfg.enable {
@@ -180,28 +190,32 @@ in {
systemd.services.vaultwarden = {
after = [ "network.target" ];
path = with pkgs; [ openssl ];
- serviceConfig = {
- User = user;
- Group = group;
- EnvironmentFile = [ configFile ] ++ lib.optional (cfg.environmentFile != null) cfg.environmentFile;
- ExecStart = "${vaultwarden}/bin/vaultwarden";
- LimitNOFILE = "1048576";
- PrivateTmp = "true";
- PrivateDevices = "true";
- ProtectHome = "true";
- ProtectSystem = "strict";
- AmbientCapabilities = "CAP_NET_BIND_SERVICE";
- StateDirectory = "bitwarden_rs";
- StateDirectoryMode = "0700";
- Restart = "always";
- };
+ serviceConfig = lib.mkMerge [
+ (lib.mkIf (cfg.dataDir == "/var/lib/bitwarden_rs") {
+ StateDirectory = "bitwarden_rs";
+ StateDirectoryMode = "0700";
+ })
+ {
+ User = user;
+ Group = group;
+ EnvironmentFile = [ configFile ] ++ lib.optional (cfg.environmentFile != null) cfg.environmentFile;
+ ExecStart = "${vaultwarden}/bin/vaultwarden";
+ LimitNOFILE = "1048576";
+ PrivateTmp = "true";
+ PrivateDevices = "true";
+ ProtectHome = "true";
+ ProtectSystem = "strict";
+ AmbientCapabilities = "CAP_NET_BIND_SERVICE";
+ Restart = "always";
+ }
+ ];
wantedBy = [ "multi-user.target" ];
};
systemd.services.backup-vaultwarden = lib.mkIf (cfg.backupDir != null) {
description = "Backup vaultwarden";
environment = {
- DATA_FOLDER = "/var/lib/bitwarden_rs";
+ DATA_FOLDER = cfg.dataDir;
BACKUP_FOLDER = cfg.backupDir;
};
path = with pkgs; [ sqlite ];

39
patches/vaultwarden.patch
View File

@ -1,39 +0,0 @@
diff --git a/nixos/modules/services/security/vaultwarden/default.nix b/nixos/modules/services/security/vaultwarden/default.nix
index 41f7de5d8..31c183ed5 100644
--- a/nixos/modules/services/security/vaultwarden/default.nix
+++ b/nixos/modules/services/security/vaultwarden/default.nix
@@ -25,7 +25,7 @@ let
configEnv = lib.concatMapAttrs (name: value: lib.optionalAttrs (value != null) {
${nameToEnvVar name} = if lib.isBool value then lib.boolToString value else toString value;
}) cfg.config;
- in { DATA_FOLDER = "/var/lib/${StateDirectory}"; } // lib.optionalAttrs (!(configEnv ? WEB_VAULT_ENABLED) || configEnv.WEB_VAULT_ENABLED == "true") {
+ in { DATA_FOLDER = cfg.dataDir; } // lib.optionalAttrs (!(configEnv ? WEB_VAULT_ENABLED) || configEnv.WEB_VAULT_ENABLED == "true") {
WEB_VAULT_FOLDER = "${cfg.webVaultPackage}/share/vaultwarden/vault";
} // configEnv;
@@ -157,6 +157,16 @@ in {
defaultText = lib.literalExpression "pkgs.vaultwarden.webvault";
description = "Web vault package to use.";
};
+
+ dataDir = lib.mkOption {
+ type = lib.types.str;
+ default = "/var/lib/${StateDirectory}";
+ description = ''
+ The directury in which vaultwarden will keep its state. If left as the default value
+ this directory will automatically be created before the vaultwarden server starts, otherwise
+ the sysadmin is responsible for ensuring the directory exists with appropriate ownership and permissions.
+ '';
+ };
};
config = lib.mkIf cfg.enable {
@@ -224,7 +234,7 @@ in {
systemd.services.backup-vaultwarden = lib.mkIf (cfg.backupDir != null) {
description = "Backup vaultwarden";
environment = {
- DATA_FOLDER = "/var/lib/${StateDirectory}";
+ DATA_FOLDER = cfg.dataDir;
BACKUP_FOLDER = cfg.backupDir;
};
path = with pkgs; [ sqlite ];

87
patches/zfs-2.2.5.patch
View File

@ -1,89 +1,16 @@
From 8d0db928289e0d3fd8fbefad0a15b3e6c734fb2e Mon Sep 17 00:00:00 2001
From: Andrew Marshall <andrew@johnandrewmarshall.com>
Date: Tue, 6 Aug 2024 18:37:12 -0400
Subject: [PATCH 1/2] zfs_2_2: 2.2.4 -> 2.2.5
Diff: https://github.com/openzfs/zfs/compare/zfs-2.2.4...zfs-2.2.5
Changelog: https://github.com/openzfs/zfs/releases/tag/zfs-2.2.5
---
pkgs/os-specific/linux/zfs/2_2.nix | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/pkgs/os-specific/linux/zfs/2_2.nix b/pkgs/os-specific/linux/zfs/2_2.nix
index cc4a3490a197f7..b6d99bbcc0065e 100644
index 9e3fde0780f0..9165ab4d5d1b 100644
--- a/pkgs/os-specific/linux/zfs/2_2.nix
+++ b/pkgs/os-specific/linux/zfs/2_2.nix
@@ -15,12 +15,12 @@ callPackage ./generic.nix args {
@@ -15,9 +15,9 @@ callPackage ./generic.nix args {
# this attribute is the correct one for this package.
kernelModuleAttribute = "zfs_2_2";
# check the release notes for compatible kernels
- kernelCompatible = kernel.kernelOlder "6.9";
- kernelCompatible = kernel.kernelOlder "6.10";
+ kernelCompatible = kernel.kernelOlder "6.11";
- latestCompatibleLinuxPackages = linuxKernel.packages.linux_6_8;
- latestCompatibleLinuxPackages = linuxKernel.packages.linux_6_6;
+ latestCompatibleLinuxPackages = linuxKernel.packages.linux_6_10;
# this package should point to the latest release.
- version = "2.2.4";
+ version = "2.2.5";
tests = [
nixosTests.zfs.installer
@@ -29,5 +29,5 @@ callPackage ./generic.nix args {
maintainers = with lib.maintainers; [ adamcstephens amarshall ];
- hash = "sha256-SSp/1Tu1iGx5UDcG4j0k2fnYxK05cdE8gzfSn8DU5Z4=";
+ hash = "sha256-BkwcNPk+jX8CXp5xEVrg4THof7o/5j8RY2SY6+IPNTg=";
}
From fde7c3afb37e7a9d4be39e112b4b8f0bd6f75352 Mon Sep 17 00:00:00 2001
From: Andrew Marshall <andrew@johnandrewmarshall.com>
Date: Tue, 6 Aug 2024 18:37:47 -0400
Subject: [PATCH 2/2] zfs-unstable: 2.2.4-unstable-2024-07-15 -> 2.2.5
Patches all appear to be merged into this release.
---
pkgs/os-specific/linux/zfs/unstable.nix | 24 +++---------------------
1 file changed, 3 insertions(+), 21 deletions(-)
diff --git a/pkgs/os-specific/linux/zfs/unstable.nix b/pkgs/os-specific/linux/zfs/unstable.nix
index faf3514dba3e88..d989e2394ce4ed 100644
--- a/pkgs/os-specific/linux/zfs/unstable.nix
+++ b/pkgs/os-specific/linux/zfs/unstable.nix
@@ -23,31 +23,13 @@ callPackage ./generic.nix args {
# IMPORTANT: Always use a tagged release candidate or commits from the
# zfs-<version>-staging branch, because this is tested by the OpenZFS
# maintainers.
- version = "2.2.4-unstable-2024-07-15";
- rev = "/54ef0fdf60a8e7633c38cb46e1f5bcfcec792f4e";
+ version = "2.2.5";
+ # rev = "";
isUnstable = true;
tests = [
nixosTests.zfs.unstable
];
- # 6.10 patches approved+merged to the default branch, not in staging yet
- # https://github.com/openzfs/zfs/pull/16250
- extraPatches = [
- (fetchpatch {
- url = "https://github.com/openzfs/zfs/commit/7ca7bb7fd723a91366ce767aea53c4f5c2d65afb.patch";
- hash = "sha256-vUX4lgywh5ox6DjtIfeC90KjbLoW3Ol0rK/L65jOENo=";
- })
- (fetchpatch {
- url = "https://github.com/openzfs/zfs/commit/e951dba48a6330aca9c161c50189f6974e6877f0.patch";
- hash = "sha256-A1h0ZLY+nlReBMTlEm3O9kwBqto1cgsZdnJsHpR6hw0=";
- })
- (fetchpatch {
- url = "https://github.com/openzfs/zfs/commit/b409892ae5028965a6fe98dde1346594807e6e45.patch";
- hash = "sha256-pW1b8ktglFhwVRapTB5th9UCyjyrPmCVPg53nMENax8=";
- })
-
- ];
-
- hash = "sha256-7vZeIzA2yDW/gSCcS2AM3+C9qbRIbA9XbCRUxikW2+M=";
+ hash = "sha256-BkwcNPk+jX8CXp5xEVrg4THof7o/5j8RY2SY6+IPNTg=";
}
version = "2.2.5";

7
profiles/applications/home-apps.nix
View File

@ -5,7 +5,12 @@
bat = {
enable = true;
# config = {};
extraPackages = with pkgs.bat-extras; [ batdiff batgrep batman batwatch ];
extraPackages = with pkgs.bat-extras; [
# batdiff
batgrep
batman
batwatch
];
# syntaxes = {};
# themes = {};
};

8
profiles/servers/vaultwarden.nix
View File

@ -28,7 +28,6 @@
websocketEnabled = true;
websocketPort = 3012;
webVaultEnabled = true;
dataDir = "/var/lib/bitwarden_rs";
};
environmentFile = config.sops.secrets.vaultwarden.path;
};
@ -39,8 +38,11 @@
Group = "root";
};
persist.state.directories = [
config.services.vaultwarden.dataDir
persist.state.directories = let
stateDirectory = if lib.versionOlder config.system.stateVersion "24.11" then "bitwarden_rs" else "vaultwarden";
dataDir = "/var/lib/${stateDirectory}";
in [
dataDir
] ++ lib.optionals (config.deviceSpecific.devInfo.fileSystem != "zfs") [
config.services.vaultwarden.backupDir
];

2
profiles/workspace/hyprland/default.nix
View File

@ -133,7 +133,7 @@ in with config.deviceSpecific; with lib; {
bind=${modifier},q,killactive,
bind=${modifier},f,fullscreen,0
bind=${modifier}SHIFT,F,togglefloating,
bind=${modifier}CTRL,F,toggleopaque,
bind=${modifier}CTRL,F,exec,hyprctl setprop active opaque toggle
bind=${modifier},left,movefocus,l
bind=${modifier},right,movefocus,r
bind=${modifier},up,movefocus,u