diff --git a/flake.lock b/flake.lock index 2f3c905..aa33e96 100644 --- a/flake.lock +++ b/flake.lock @@ -7,22 +7,24 @@ "flake-parts": "flake-parts", "flake-utils": "flake-utils", "napalm": "napalm", - "nixpkgs": "nixpkgs", + "nixpkgs": [ + "nixpkgs" + ], "pyproject-build-systems": "pyproject-build-systems", "pyproject-nix": "pyproject-nix", "systems": "systems", "uv2nix": "uv2nix" }, "locked": { - "lastModified": 1763643080, - "narHash": "sha256-jlYmjrTw3g5iOYDZBGb5Plw6IyRa+WY60e3GzU19bkk=", - "owner": "nix-community", + "lastModified": 1768160794, + "narHash": "sha256-J7kRUDkNPtmL2Se4voIMXbCkCVPZAnLTgtCaHs2E2Zc=", + "owner": "Pentusha", "repo": "authentik-nix", - "rev": "4a670757083d94a9dceb4929eb88eb9995bc1363", + "rev": "1981227096e155ce36897c920641dd4ae8aaf683", "type": "github" }, "original": { - "owner": "nix-community", + "owner": "Pentusha", "repo": "authentik-nix", "type": "github" } @@ -30,16 +32,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1763564826, - "narHash": "sha256-xBnAfoAOUslOrxNzY5kV0h67qWMXKZnPC/wgRGXZleQ=", + "lastModified": 1768172416, + "narHash": "sha256-qVlhrxHqcVFKrOwEl/DxdgSltMLiWp+ztBrjCW+Uu6k=", "owner": "goauthentik", "repo": "authentik", - "rev": "2fedc3d0a0ba91c16bb71bd4b2432108ca02e890", + "rev": "e44cf378d7e17d517cb07a69fb725b8d926795b9", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2025.10.2", + "ref": "version-2025.10", "repo": "authentik", "type": "github" } @@ -51,11 +53,11 @@ ] }, "locked": { - "lastModified": 1765794845, - "narHash": "sha256-YD5QWlGnusNbZCqR3pxG8tRxx9yUXayLZfAJRWspq2s=", + "lastModified": 1766150702, + "narHash": "sha256-P0kM+5o+DKnB6raXgFEk3azw8Wqg5FL6wyl9jD+G5a4=", "owner": "nix-community", "repo": "disko", - "rev": "7194cfe5b7a3660726b0fe7296070eaef601cae9", + "rev": "916506443ecd0d0b4a0f4cf9d40a3c22ce39b378", "type": "github" }, "original": { @@ -67,7 +69,7 @@ "fieldseeker-sync": { "inputs": { "flake-utils": "flake-utils_2", - "nixpkgs": "nixpkgs_2" + "nixpkgs": "nixpkgs" }, "locked": { "lastModified": 1761839629, @@ -87,11 +89,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1761588595, - "narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=", + "lastModified": 1765121682, + "narHash": "sha256-4VBOP18BFeiPkyhy9o4ssBNQEvfvv1kXkasAYd0+rrA=", "owner": "edolstra", "repo": "flake-compat", - "rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5", + "rev": "65f23138d8d09a92e30f1e5c87611b23ef451bf3", "type": "github" }, "original": { @@ -105,11 +107,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1762980239, - "narHash": "sha256-8oNVE8TrD19ulHinjaqONf9QWCKK+w4url56cdStMpM=", + "lastModified": 1765835352, + "narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "52a2caecc898d0b46b2b905f058ccc5081f842da", + "rev": "a34fae9c08a15ad73f295041fec82323541400a9", "type": "github" }, "original": { @@ -221,11 +223,11 @@ ] }, "locked": { - "lastModified": 1767619900, - "narHash": "sha256-KpoCBPvwHz3gAQtIUkohE2InRBFK3r0/FM6z5SPWfvM=", + "lastModified": 1767910483, + "narHash": "sha256-MOU5YdVu4DVwuT5ztXgQpPuRRBjSjUGIdUzOQr9iQOY=", "owner": "nix-community", "repo": "home-manager", - "rev": "6bd04da47cfb48dfd15eabf08364b78ad894f5b2", + "rev": "82fb7dedaad83e5e279127a38ef410bcfac6d77c", "type": "github" }, "original": { @@ -292,7 +294,7 @@ "nidus-sync": { "inputs": { "flake-utils": "flake-utils_3", - "nixpkgs": "nixpkgs_3" + "nixpkgs": "nixpkgs_2" }, "locked": { "lastModified": 1767992550, @@ -325,37 +327,6 @@ } }, "nixpkgs": { - "locked": { - "lastModified": 1763421233, - "narHash": "sha256-Stk9ZYRkGrnnpyJ4eqt9eQtdFWRRIvMxpNRf4sIegnw=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "89c2b2330e733d6cdb5eae7b899326930c2c0648", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-lib": { - "locked": { - "lastModified": 1761765539, - "narHash": "sha256-b0yj6kfvO8ApcSE+QmA6mUfu8IYG6/uU28OFn4PaC8M=", - "owner": "nix-community", - "repo": "nixpkgs.lib", - "rev": "719359f4562934ae99f5443f20aa06c2ffff91fc", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nixpkgs.lib", - "type": "github" - } - }, - "nixpkgs_2": { "locked": { "lastModified": 1759735786, "narHash": "sha256-a0+h02lyP2KwSNrZz4wLJTu9ikujNsTWIC874Bv7IJ0=", @@ -371,7 +342,22 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs-lib": { + "locked": { + "lastModified": 1765674936, + "narHash": "sha256-k00uTP4JNfmejrCLJOwdObYC9jHRrr/5M/a/8L2EIdo=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "2075416fcb47225d9b68ac469a5c4801a9c4dd85", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, + "nixpkgs_2": { "locked": { "lastModified": 1767480499, "narHash": "sha256-8IQQUorUGiSmFaPnLSo2+T+rjHtiNWc+OAzeHck7N48=", @@ -387,13 +373,13 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_3": { "locked": { - "lastModified": 1767634882, - "narHash": "sha256-2GffSfQxe3sedHzK+sTKlYo/NTIAGzbFCIsNMUPAAnk=", + "lastModified": 1768028080, + "narHash": "sha256-50aDK+8eLvsLK39TzQhKNq50/HcXyP4hyxOYoPoVxjo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3c9db02515ef1d9b6b709fc60ba9a540957f661c", + "rev": "d03088749a110d52a4739348f39a63f84bb0be14", "type": "github" }, "original": { @@ -403,13 +389,13 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_4": { "locked": { - "lastModified": 1765457389, - "narHash": "sha256-ddhDtNYvleZeYF7g7TRFSmuQuZh7HCgqstg5YBGwo5s=", + "lastModified": 1768032153, + "narHash": "sha256-6kD1MdY9fsE6FgSwdnx29hdH2UcBKs3/+JJleMShuJg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f997fa0f94fb1ce55bccb97f60d41412ae8fde4c", + "rev": "3146c6aa9995e7351a398e17470e15305e6e18ff", "type": "github" }, "original": { @@ -419,7 +405,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_5": { "locked": { "lastModified": 1758763312, "narHash": "sha256-puBMviZhYlqOdUUgEmMVJpXqC/ToEqSvkyZ30qQ09xM=", @@ -496,11 +482,11 @@ ] }, "locked": { - "lastModified": 1761781027, - "narHash": "sha256-YDvxPAm2WnxrznRqWwHLjryBGG5Ey1ATEJXrON+TWt8=", + "lastModified": 1763662255, + "narHash": "sha256-4bocaOyLa3AfiS8KrWjZQYu+IAta05u3gYZzZ6zXbT0=", "owner": "pyproject-nix", "repo": "build-system-pkgs", - "rev": "795a980d25301e5133eca37adae37283ec3c8e66", + "rev": "042904167604c681a090c07eb6967b4dd4dae88c", "type": "github" }, "original": { @@ -517,11 +503,11 @@ ] }, "locked": { - "lastModified": 1763435975, - "narHash": "sha256-SKdpcVuJKMNEXloIpLXY+jDI42+6Ew21vdkl894DxHo=", + "lastModified": 1764134915, + "narHash": "sha256-xaKvtPx6YAnA3HQVp5LwyYG1MaN4LLehpQI8xEdBvBY=", "owner": "pyproject-nix", "repo": "pyproject.nix", - "rev": "7d3d8848358ccbd415afe2139f12b9e1508d3ace", + "rev": "2c8df1383b32e5443c921f61224b198a2282a657", "type": "github" }, "original": { @@ -559,7 +545,7 @@ "home-manager": "home-manager", "nidus-sync": "nidus-sync", "nixos-facter-modules": "nixos-facter-modules", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_3", "nixvim": "nixvim", "sops-nix": "sops-nix", "timecard-bot": "timecard-bot" @@ -567,14 +553,14 @@ }, "sops-nix": { "inputs": { - "nixpkgs": "nixpkgs_5" + "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1765836173, - "narHash": "sha256-hWRYfdH2ONI7HXbqZqW8Q1y9IRbnXWvtvt/ONZovSNY=", + "lastModified": 1768104471, + "narHash": "sha256-HdnXWQsA1EI27IJlaENUEEug58trUrh6+MT0cFiDHmY=", "owner": "Mic92", "repo": "sops-nix", - "rev": "443a7f2e7e118c4fc63b7fae05ab3080dd0e5c63", + "rev": "94f9cbd20f680ebb2ad6cdf39da97cbcfaedf004", "type": "github" }, "original": { @@ -660,7 +646,7 @@ }, "timecard-bot": { "inputs": { - "nixpkgs": "nixpkgs_6", + "nixpkgs": "nixpkgs_5", "pyproject-nix": "pyproject-nix_2" }, "locked": { @@ -690,11 +676,11 @@ ] }, "locked": { - "lastModified": 1763421857, - "narHash": "sha256-8JurcmEzAkrpm+eUDm8W/+KkU/w/viAeyJhJlIX2qOQ=", + "lastModified": 1765631794, + "narHash": "sha256-90d//IZ4GXipNsngO4sb2SAPbIC/a2P+IAdAWOwpcOM=", "owner": "pyproject-nix", "repo": "uv2nix", - "rev": "c9752c6c5915eece99505612d8f7805185cff990", + "rev": "4cca323a547a1aaa9b94929c4901bed5343eafe8", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 2382b4e..2b10a65 100644 --- a/flake.nix +++ b/flake.nix @@ -3,7 +3,11 @@ inputs = { authentik-nix = { - url = "github:nix-community/authentik-nix"; + inputs.nixpkgs.follows = "nixpkgs"; + #url = "github:nix-community/authentik-nix"; + # Temporary workaround for build failure + # See https://github.com/nix-community/authentik-nix/issues/83 + url = "github:Pentusha/authentik-nix"; }; disko = { inputs.nixpkgs.follows = "nixpkgs"; diff --git a/host/nocix/amd-legacy-octacore/configuration.nix b/host/nocix/amd-legacy-octacore/configuration.nix index 137fcb1..b8b19cc 100644 --- a/host/nocix/amd-legacy-octacore/configuration.nix +++ b/host/nocix/amd-legacy-octacore/configuration.nix @@ -1,24 +1,34 @@ -{ lib, modulesPath, pkgs, ... } @ args: { +{ + lib, + modulesPath, + pkgs, + ... +} @ args: { imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + (modulesPath + "/profiles/qemu-guest.nix") + ./disk-config.nix ./network.nix ]; - + boot.loader.grub = { + # no need to set devices, disko will add all devices that have a EF02 partition to the list already + # devices = [ ]; + efiSupport = true; + efiInstallAsRemovable = true; + }; environment.systemPackages = with pkgs; [ - age - fish - git - htop - neovim - podman - postgresql - redis - slirp4netns - tmux - wget + pkgs.curl + pkgs.dig + pkgs.gitMinimal ]; services.openssh.enable = true; services.postgresql.enable = true; - zramSwap.enable = true; + users.users.root.openssh.authorizedKeys.keys = + [ + # change this to your ssh key + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBvhtF6nRWlA6PVs71Eek7p0p2PxTd3P6ZEGFV2t75MB eliribble@nixos" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHL1SpT3KR8XeXtH19muncYVrKxWzWdWtJYNTwoJGTm3 eliribble@Elis-Mac-mini.local" + ] ++ (args.extraPublicKeys or []); # this is used for unit-testing this module and can be removed if not needed - system.stateVersion = "25.05"; + system.stateVersion = "25.11"; } diff --git a/host/nocix/amd-legacy-octacore/disk-config.nix b/host/nocix/amd-legacy-octacore/disk-config.nix index ded0765..2b8adc8 100644 --- a/host/nocix/amd-legacy-octacore/disk-config.nix +++ b/host/nocix/amd-legacy-octacore/disk-config.nix @@ -61,22 +61,11 @@ type = "lvm_vg"; lvs = { root = { - size = "50G"; - content = { - type = "filesystem"; - format = "ext4"; - mountpoint = "/"; - mountOptions = [ - "defaults" - ]; - }; - }; - var = { size = "100%FREE"; content = { type = "filesystem"; format = "ext4"; - mountpoint = "/var"; + mountpoint = "/"; mountOptions = [ "defaults" ]; diff --git a/host/nocix/amd-legacy-octacore/hardware-configuration.nix b/host/nocix/amd-legacy-octacore/hardware-configuration.nix index e6506b9..ecfd531 100644 --- a/host/nocix/amd-legacy-octacore/hardware-configuration.nix +++ b/host/nocix/amd-legacy-octacore/hardware-configuration.nix @@ -5,11 +5,6 @@ (modulesPath + "/profiles/qemu-guest.nix") ./disk-config.nix ]; - - boot.loader.grub = { - efiSupport = true; - efiInstallAsRemovable = true; - }; boot.initrd.availableKernelModules = [ "ahci" "ohci_pci" "ehci_pci" "xhci_pci" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" ]; diff --git a/host/nocix/amd-legacy-octacore/network.nix b/host/nocix/amd-legacy-octacore/network.nix index 0046a1a..137a3d2 100644 --- a/host/nocix/amd-legacy-octacore/network.nix +++ b/host/nocix/amd-legacy-octacore/network.nix @@ -23,6 +23,8 @@ }]; }; nameservers = ["192.187.107.16"]; + nftables.enable = true; search = ["nocix.net"]; + useNetworkd = true; }; } diff --git a/users/eliribble.nix b/users/eliribble.nix index 10c5288..f76a727 100644 --- a/users/eliribble.nix +++ b/users/eliribble.nix @@ -16,7 +16,7 @@ with lib; EDITOR = "nvim"; TESTVALUE = "eli"; }; - home.stateVersion = "25.05"; + home.stateVersion = "25.11"; }; users.users.eliribble = {