From 1f776ec51dd47133cbcf488c7dc0f9f87f335e54 Mon Sep 17 00:00:00 2001 From: jasmine Date: Fri, 22 Nov 2024 07:15:34 +0800 Subject: [PATCH 1/4] migrate internal domain to home.arpa --- home-manager/sajenim/features/cli/default.nix | 4 +-- .../viridian/multimedia/jellyfin/default.nix | 2 +- nixos/viridian/multimedia/lidarr/default.nix | 2 +- .../viridian/multimedia/prowlarr/default.nix | 2 +- .../multimedia/qbittorrent/default.nix | 2 +- nixos/viridian/multimedia/radarr/default.nix | 2 +- nixos/viridian/multimedia/sonarr/default.nix | 2 +- nixos/viridian/services/minecraft/default.nix | 2 +- nixos/viridian/services/mpd/default.nix | 2 +- .../services/paperless-ngx/default.nix | 2 +- nixos/viridian/services/traefik/default.nix | 7 ------ nixos/viridian/services/traefik/routers.nix | 25 ------------------- nixos/viridian/services/traefik/services.nix | 7 ------ 13 files changed, 11 insertions(+), 50 deletions(-) delete mode 100644 nixos/viridian/services/traefik/routers.nix delete mode 100644 nixos/viridian/services/traefik/services.nix diff --git a/home-manager/sajenim/features/cli/default.nix b/home-manager/sajenim/features/cli/default.nix index 555d138..9b2a39f 100644 --- a/home-manager/sajenim/features/cli/default.nix +++ b/home-manager/sajenim/features/cli/default.nix @@ -8,13 +8,13 @@ programs.ssh = { enable = true; matchBlocks."viridian" = { - hostname = "viridian.kanto.dev"; + hostname = "viridian.home.arpa"; identityFile = "/home/sajenim/.ssh/sajenim_sk"; port = 22; }; matchBlocks."lavender" = { - hostname = "lavender.kanto.dev"; + hostname = "lavender.home.arpa"; identityFile = "/home/sajenim/.ssh/sajenim_sk"; port = 22; }; diff --git a/nixos/viridian/multimedia/jellyfin/default.nix b/nixos/viridian/multimedia/jellyfin/default.nix index 480e68c..b1d2e77 100644 --- a/nixos/viridian/multimedia/jellyfin/default.nix +++ b/nixos/viridian/multimedia/jellyfin/default.nix @@ -33,7 +33,7 @@ in { services.traefik.dynamicConfigOptions.http.routers = { jellyfin = { - rule = "Host(`jellyfin.kanto.dev`)"; + rule = "Host(`jellyfin.home.arpa`)"; entryPoints = [ "websecure" ]; diff --git a/nixos/viridian/multimedia/lidarr/default.nix b/nixos/viridian/multimedia/lidarr/default.nix index e2f9820..12b955e 100644 --- a/nixos/viridian/multimedia/lidarr/default.nix +++ b/nixos/viridian/multimedia/lidarr/default.nix @@ -27,7 +27,7 @@ in { services.traefik.dynamicConfigOptions.http.routers = { lidarr = { - rule = "Host(`lidarr.kanto.dev`)"; + rule = "Host(`lidarr.home.arpa`)"; entryPoints = [ "websecure" ]; diff --git a/nixos/viridian/multimedia/prowlarr/default.nix b/nixos/viridian/multimedia/prowlarr/default.nix index 011713f..3714cd2 100644 --- a/nixos/viridian/multimedia/prowlarr/default.nix +++ b/nixos/viridian/multimedia/prowlarr/default.nix @@ -24,7 +24,7 @@ in { }; services.traefik.dynamicConfigOptions.http.routers = { prowlarr = { - rule = "Host(`prowlarr.kanto.dev`)"; + rule = "Host(`prowlarr.home.arpa`)"; entryPoints = [ "websecure" ]; diff --git a/nixos/viridian/multimedia/qbittorrent/default.nix b/nixos/viridian/multimedia/qbittorrent/default.nix index 5ad3fee..162d6c2 100644 --- a/nixos/viridian/multimedia/qbittorrent/default.nix +++ b/nixos/viridian/multimedia/qbittorrent/default.nix @@ -27,7 +27,7 @@ in { services.traefik.dynamicConfigOptions.http.routers = { qbittorrent = { - rule = "Host(`qbittorrent.kanto.dev`)"; + rule = "Host(`qbittorrent.home.arpa`)"; entryPoints = [ "websecure" ]; diff --git a/nixos/viridian/multimedia/radarr/default.nix b/nixos/viridian/multimedia/radarr/default.nix index 95ac698..7f66254 100644 --- a/nixos/viridian/multimedia/radarr/default.nix +++ b/nixos/viridian/multimedia/radarr/default.nix @@ -26,7 +26,7 @@ in { }; services.traefik.dynamicConfigOptions.http.routers = { radarr = { - rule = "Host(`radarr.kanto.dev`)"; + rule = "Host(`radarr.home.arpa`)"; entryPoints = [ "websecure" ]; diff --git a/nixos/viridian/multimedia/sonarr/default.nix b/nixos/viridian/multimedia/sonarr/default.nix index be12dcd..69b0cdb 100644 --- a/nixos/viridian/multimedia/sonarr/default.nix +++ b/nixos/viridian/multimedia/sonarr/default.nix @@ -27,7 +27,7 @@ in { services.traefik.dynamicConfigOptions.http.routers = { sonarr = { - rule = "Host(`sonarr.kanto.dev`)"; + rule = "Host(`sonarr.home.arpa`)"; entryPoints = [ "websecure" ]; diff --git a/nixos/viridian/services/minecraft/default.nix b/nixos/viridian/services/minecraft/default.nix index 1203bbb..d5d1070 100644 --- a/nixos/viridian/services/minecraft/default.nix +++ b/nixos/viridian/services/minecraft/default.nix @@ -81,7 +81,7 @@ in { services.traefik.dynamicConfigOptions.http.routers = { minecraft = { - rule = "Host(`minecraft.kanto.dev`)"; + rule = "Host(`minecraft.home.arpa`)"; entryPoints = [ "websecure" ]; diff --git a/nixos/viridian/services/mpd/default.nix b/nixos/viridian/services/mpd/default.nix index 2370e7d..41cec3c 100644 --- a/nixos/viridian/services/mpd/default.nix +++ b/nixos/viridian/services/mpd/default.nix @@ -21,7 +21,7 @@ statdPort = 4000; extraNfsdConfig = ''''; exports = '' - /srv/multimedia/library/music fuchsia.kanto.dev(rw,nohide,insecure,no_subtree_check) + /srv/multimedia/library/music fuchsia.home.arpa(rw,nohide,insecure,no_subtree_check) ''; }; networking.firewall = { diff --git a/nixos/viridian/services/paperless-ngx/default.nix b/nixos/viridian/services/paperless-ngx/default.nix index e04d79a..64f9faf 100644 --- a/nixos/viridian/services/paperless-ngx/default.nix +++ b/nixos/viridian/services/paperless-ngx/default.nix @@ -18,7 +18,7 @@ in { services.traefik.dynamicConfigOptions.http.routers = { paperless-ngx = { - rule = "Host(`docs.kanto.dev`)"; + rule = "Host(`docs.home.arpa`)"; entryPoints = [ "websecure" ]; diff --git a/nixos/viridian/services/traefik/default.nix b/nixos/viridian/services/traefik/default.nix index 3bba7fc..8e7f782 100644 --- a/nixos/viridian/services/traefik/default.nix +++ b/nixos/viridian/services/traefik/default.nix @@ -8,9 +8,7 @@ imports = [ "${inputs.nixpkgs-unstable}/nixos/modules/services/web-servers/traefik.nix" - ./routers.nix ./middlewares.nix - ./services.nix ]; age.secrets.traefik = { @@ -88,11 +86,6 @@ certResolver = "lets-encrypt"; # List of domains in our network domains = [ - # Internal services - { - main = "kanto.dev"; - sans = ["*.kanto.dev"]; - } # Public services { main = "sajenim.dev"; diff --git a/nixos/viridian/services/traefik/routers.nix b/nixos/viridian/services/traefik/routers.nix deleted file mode 100644 index 82e5cca..0000000 --- a/nixos/viridian/services/traefik/routers.nix +++ /dev/null @@ -1,25 +0,0 @@ -{...}: { - services.traefik.dynamicConfigOptions.http.routers = { - traefik-dashboard = { - rule = "Host(`traefik.kanto.dev`)"; - entryPoints = [ - "websecure" - ]; - middlewares = [ - "internal" - ]; - service = "api@internal"; - }; - - ender1 = { - rule = "Host(`e1.kanto.dev`)"; - entryPoints = [ - "websecure" - ]; - middlewares = [ - "internal" - ]; - service = "ender1"; - }; - }; -} diff --git a/nixos/viridian/services/traefik/services.nix b/nixos/viridian/services/traefik/services.nix deleted file mode 100644 index 7a9f665..0000000 --- a/nixos/viridian/services/traefik/services.nix +++ /dev/null @@ -1,7 +0,0 @@ -{...}: { - services.traefik.dynamicConfigOptions.http.services = { - ender1.loadBalancer.servers = [ - {url = "http://192.168.50.202:80";} - ]; - }; -} From ea1ad13c53bfdda49e4de02a0333f4cd2dac8f74 Mon Sep 17 00:00:00 2001 From: jasmine Date: Fri, 22 Nov 2024 07:16:18 +0800 Subject: [PATCH 2/4] remove immich --- nixos/viridian/configuration.nix | 1 - nixos/viridian/services/immich/default.nix | 70 ---------------------- nixos/viridian/services/immich/secrets.age | 9 --- 3 files changed, 80 deletions(-) delete mode 100644 nixos/viridian/services/immich/default.nix delete mode 100644 nixos/viridian/services/immich/secrets.age diff --git a/nixos/viridian/configuration.nix b/nixos/viridian/configuration.nix index 8d52e07..95c1097 100644 --- a/nixos/viridian/configuration.nix +++ b/nixos/viridian/configuration.nix @@ -10,7 +10,6 @@ ./services/borgbackup ./services/crowdsec ./services/forgejo - ./services/immich ./services/lighttpd ./services/minecraft ./services/mpd diff --git a/nixos/viridian/services/immich/default.nix b/nixos/viridian/services/immich/default.nix deleted file mode 100644 index 58f1884..0000000 --- a/nixos/viridian/services/immich/default.nix +++ /dev/null @@ -1,70 +0,0 @@ -{ - inputs, - pkgs, - config, - ... -}: { - imports = [ - "${inputs.nixpkgs-unstable}/nixos/modules/services/web-apps/immich.nix" - ]; - - age.secrets.immich = { - rekeyFile = ./secrets.age; - owner = "immich"; - group = "immich"; - }; - - services.immich = { - enable = true; - package = pkgs.unstable.immich; - port = 5489; - host = "0.0.0.0"; - openFirewall = true; - mediaLocation = "/var/lib/immich"; - secretsFile = config.age.secrets.immich.path; - database = { - enable = true; - user = "immich"; - name = "immich"; - }; - environment = { - TZ = "Australia/Perth"; - DB_USERNAME = "immich"; - DB_DATABASE_NAME = "immich"; - }; - }; - - services.traefik.dynamicConfigOptions.http.routers = { - immich = { - rule = "Host(`photos.kanto.dev`)"; - entryPoints = [ - "websecure" - ]; - middlewares = [ - "internal" - ]; - service = "immich"; - }; - }; - - services.traefik.dynamicConfigOptions.http.services = { - immich.loadBalancer.servers = [ - {url = "http://127.0.0.1:${toString config.services.immich.port}";} - ]; - }; - - environment.persistence."/persist" = { - directories = [ - { - directory = "/var/lib/immich"; - user = "immich"; - group = "immich"; - } - { - directory = "/var/lib/redis-immich"; - user = "immich"; - group = "immich"; - } - ]; - }; -} diff --git a/nixos/viridian/services/immich/secrets.age b/nixos/viridian/services/immich/secrets.age deleted file mode 100644 index dd2fe5a..0000000 --- a/nixos/viridian/services/immich/secrets.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> piv-p256 hdSnGw Ave/yX17ylsK6RI5ei/oxD58h8nzXisgLiNvs8p7PKd4 -eUz/WZTS3nQ8IyeBZd2/zzW4hjRexuYUuGAiLRFamb4 --> C[:7-grease -tVpdl3Ch ---- wTWoOAjmo0FL1kNZ/6QIMSwA4IV6XQkZLbWobJjnlPY -HÚ’#º-Øth­„î ("ÎI -t-FmšÔƒK•cÿ×F ´SPdBÃ5– -H%LOˆÅØ=½P‚Ì ÿ \ No newline at end of file From 1ecf47b00688cf4ea029f3439c79bf8fb05741eb Mon Sep 17 00:00:00 2001 From: jasmine Date: Fri, 22 Nov 2024 07:17:23 +0800 Subject: [PATCH 3/4] migrate to 24.11 --- flake.lock | 42 +++++++++++------------ flake.nix | 4 +-- nixos/fuchsia/hardware-configuration.nix | 12 ++----- nixos/viridian/hardware-configuration.nix | 2 +- 4 files changed, 26 insertions(+), 34 deletions(-) diff --git a/flake.lock b/flake.lock index 7f3706c..a99b377 100644 --- a/flake.lock +++ b/flake.lock @@ -52,11 +52,11 @@ ] }, "locked": { - "lastModified": 1730074366, - "narHash": "sha256-u8aVS/u/CSOt4M+VEdFNiVRZt1YsM00i7sF8OVDGi6Q=", + "lastModified": 1730927643, + "narHash": "sha256-3wb8lbQUzXZ0n8FWUxsISubTLi0bRV97GFIxd9Ne1B4=", "ref": "refs/heads/main", - "rev": "54ec36a05d01e506b789fd4b5b825a3012bf7a22", - "revCount": 24, + "rev": "b35276acd405b1c305cafeb04416d4f61ee78251", + "revCount": 25, "type": "git", "url": "https://codeberg.org/kampka/nix-flake-crowdsec.git" }, @@ -394,16 +394,16 @@ ] }, "locked": { - "lastModified": 1726989464, - "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=", + "lastModified": 1731880681, + "narHash": "sha256-FmYTkIyPBUxSWgA7DPIVTsCCMvSSbs56yOtHpLNSnKg=", "owner": "nix-community", "repo": "home-manager", - "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176", + "rev": "aecd341dfead1c3ef7a3c15468ecd71e8343b7c6", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-24.05", + "ref": "release-24.11", "repo": "home-manager", "type": "github" } @@ -432,11 +432,11 @@ }, "impermanence": { "locked": { - "lastModified": 1730403150, - "narHash": "sha256-W1FH5aJ/GpRCOA7DXT/sJHFpa5r8sq2qAUncWwRZ3Gg=", + "lastModified": 1731242966, + "narHash": "sha256-B3C3JLbGw0FtLSWCjBxU961gLNv+BOOBC6WvstKLYMw=", "owner": "nix-community", "repo": "impermanence", - "rev": "0d09341beeaa2367bac5d718df1404bf2ce45e6f", + "rev": "3ed3f0eaae9fcc0a8331e77e9319c8a4abd8a71a", "type": "github" }, "original": { @@ -474,11 +474,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1731030299, - "narHash": "sha256-PwtzMWPJhz9Rn/0rzQfMb6icSA6DtJZKCuK88IwFSos=", + "lastModified": 1731981116, + "narHash": "sha256-SgnDCrAuX9JxRk7NqGJCXYmt+EUkDF2rfL7QjtNImuk=", "owner": "Infinidoge", "repo": "nix-minecraft", - "rev": "11ca743d2e4602d5b8bfc8d65303f969d58ec338", + "rev": "3b71545aa21e6fe9eb7690be7ee2ee3d633b1990", "type": "github" }, "original": { @@ -533,11 +533,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1730785428, - "narHash": "sha256-Zwl8YgTVJTEum+L+0zVAWvXAGbWAuXHax3KzuejaDyo=", + "lastModified": 1731676054, + "narHash": "sha256-OZiZ3m8SCMfh3B6bfGC/Bm4x3qc1m2SVEAlkV6iY7Yg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4aa36568d413aca0ea84a1684d2d46f55dbabad7", + "rev": "5e4fbfb6b3de1aa2872b76d49fafc942626e2add", "type": "github" }, "original": { @@ -565,16 +565,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1730883749, - "narHash": "sha256-mwrFF0vElHJP8X3pFCByJR365Q2463ATp2qGIrDUdlE=", + "lastModified": 1731755305, + "narHash": "sha256-v5P3dk5JdiT+4x69ZaB18B8+Rcu3TIOrcdG4uEX7WZ8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "dba414932936fde69f0606b4f1d87c5bc0003ede", + "rev": "057f63b6dc1a2c67301286152eb5af20747a9cb4", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-24.05", + "ref": "nixos-24.11", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index b2d6698..6f4fa3c 100644 --- a/flake.nix +++ b/flake.nix @@ -3,12 +3,12 @@ inputs = { # Nixpkgs - nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # Home manager home-manager = { - url = "github:nix-community/home-manager/release-24.05"; + url = "github:nix-community/home-manager/release-24.11"; inputs.nixpkgs.follows = "nixpkgs"; }; diff --git a/nixos/fuchsia/hardware-configuration.nix b/nixos/fuchsia/hardware-configuration.nix index 86906a8..99bfb93 100644 --- a/nixos/fuchsia/hardware-configuration.nix +++ b/nixos/fuchsia/hardware-configuration.nix @@ -48,17 +48,9 @@ enable = true; powerOnBoot = true; }; - pulseaudio = { + graphics = { enable = true; - support32Bit = true; - extraConfig = "load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1"; - }; - opengl = { - enable = true; - # Vulkan - driSupport = true; - driSupport32Bit = true; - # OpenCL + enable32Bit = true; extraPackages = with pkgs; [ rocmPackages.clr.icd ]; diff --git a/nixos/viridian/hardware-configuration.nix b/nixos/viridian/hardware-configuration.nix index 7fa9529..7f51f6f 100644 --- a/nixos/viridian/hardware-configuration.nix +++ b/nixos/viridian/hardware-configuration.nix @@ -35,7 +35,7 @@ }; # Hardware configuration - hardware.opengl = { + hardware.graphics = { enable = true; extraPackages = with pkgs; [ intel-media-driver From 7adbb841f7271d82f2e566ce08c914c0400db72d Mon Sep 17 00:00:00 2001 From: jasmine Date: Fri, 22 Nov 2024 07:17:42 +0800 Subject: [PATCH 4/4] install/remove some programs --- home-manager/sajenim/features/desktop/default.nix | 1 - home-manager/sajenim/features/printing/default.nix | 3 +-- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/home-manager/sajenim/features/desktop/default.nix b/home-manager/sajenim/features/desktop/default.nix index 2fd4b10..16cf05c 100644 --- a/home-manager/sajenim/features/desktop/default.nix +++ b/home-manager/sajenim/features/desktop/default.nix @@ -6,7 +6,6 @@ imports = [ ./discord ./dunst - ./cava ./irc ./mpd ./picom diff --git a/home-manager/sajenim/features/printing/default.nix b/home-manager/sajenim/features/printing/default.nix index bffce40..fb1dbb5 100644 --- a/home-manager/sajenim/features/printing/default.nix +++ b/home-manager/sajenim/features/printing/default.nix @@ -3,9 +3,8 @@ packages = with pkgs; [ blender freecad - kicad openscad - prusa-slicer + orca-slicer ]; }; }