diff --git a/flake.lock b/flake.lock index 6e9a266..dbe2b3c 100644 --- a/flake.lock +++ b/flake.lock @@ -235,11 +235,11 @@ ] }, "locked": { - "lastModified": 1755506074, - "narHash": "sha256-SztuKbAPppW5grMJLSGO5rBCXEWCOfhb39cPDONEUfo=", + "lastModified": 1757531256, + "narHash": "sha256-aOqrRvKmHoPKVhEYgV/RbsMXYXy6W9Tt1uhGK3dWMlE=", "ref": "refs/heads/main", - "rev": "ac85b6f608ed88d424621ec30f3848d621383487", - "revCount": 6, + "rev": "be7b39f41a1137a68944fc73db5a24544e015eb6", + "revCount": 7, "type": "git", "url": "https://git.karaolidis.com/karaolidis/nix-lib.git" }, @@ -495,11 +495,11 @@ ] }, "locked": { - "lastModified": 1755532656, - "narHash": "sha256-xYb5dJej3emyr4oWWAhkMP8rPc3kdVOXGZcIbAx1Y/I=", + "lastModified": 1757531894, + "narHash": "sha256-GwV3ES7n/2mwPeu8FGfViI6QfzbTrvNob3OZOsPQId0=", "ref": "refs/heads/main", - "rev": "b01f3f8456903cb1bde9637cc23b456b47354138", - "revCount": 11, + "rev": "3d069983345ea83549c641dd3f8875e54aaf1c2b", + "revCount": 12, "type": "git", "url": "ssh://git@karaolidis.com/karaolidis/nix-sas.git" }, @@ -511,11 +511,11 @@ "secrets": { "flake": false, "locked": { - "lastModified": 1756900832, - "narHash": "sha256-sMne4dvYzcdbDVcMPY6NLVHiZbgjtDrxttKG0Vig8WQ=", + "lastModified": 1757519344, + "narHash": "sha256-wLwVbKDPkFCPh9UYLDqCPb62hp6mHBAgjn3Dech54YU=", "ref": "refs/heads/main", - "rev": "adac63f6daffb4e14ce0fb94e93eb987e2460064", - "revCount": 38, + "rev": "8ae051ad0936cb8fbf10b3ab2130f09a07ca1ce6", + "revCount": 39, "type": "git", "url": "ssh://git@karaolidis.com/karaolidis/nix-secrets.git" }, diff --git a/flake.nix b/flake.nix index 5f0f4fa..2d2539e 100644 --- a/flake.nix +++ b/flake.nix @@ -189,7 +189,28 @@ devShells.${system} = import ./hosts/common/shells { inherit pkgs; }; packages.${system} = import ./packages { inherit pkgs; }; formatter.${system} = treefmt.config.build.wrapper; - checks.${system}.formatting = treefmt.config.build.check inputs.self; + + checks.${system} = + let + nixosConfigurations = + pkgs.lib.mapAttrs' + ( + name: config: + pkgs.lib.nameValuePair "nixosConfiguration-${name}" config.config.system.build.toplevel + ) + ((pkgs.lib.filterAttrs (_: config: config.pkgs.system == system)) inputs.self.nixosConfigurations); + + packages = pkgs.lib.mapAttrs' (n: pkgs.lib.nameValuePair "package-${n}") inputs.self.packages; + + overlayPackages = pkgs.lib.mapAttrs' (n: pkgs.lib.nameValuePair "overlayPackage-${n}") ( + import ./overlays/packages.nix { inherit pkgs; } + ); + + devShells = pkgs.lib.mapAttrs' (n: pkgs.lib.nameValuePair "devShell-${n}") inputs.self.devShells; + + formatter.formatting = treefmt.config.build.check inputs.self; + in + nixosConfigurations // packages // overlayPackages // devShells // formatter; } ); } diff --git a/hosts/common/configs/system/nix/default.nix b/hosts/common/configs/system/nix/default.nix index cfb912a..06a0160 100644 --- a/hosts/common/configs/system/nix/default.nix +++ b/hosts/common/configs/system/nix/default.nix @@ -43,7 +43,6 @@ ]; download-buffer-size = 524288000; substituters = lib.mkBefore [ "https://nix.karaolidis.com/main" ]; - trusted-substituters = config.nix.settings.substituters; trusted-public-keys = lib.mkBefore [ "main:nJVRBnv73MDkwuV5sgm52m4E2ImOhWHvY12qzjPegAk=" ]; netrc-file = config.sops.templates.nix-netrc.path; }; diff --git a/hosts/common/configs/user/console/home-manager/default.nix b/hosts/common/configs/user/console/home-manager/default.nix index 87383ca..1383ce0 100644 --- a/hosts/common/configs/user/console/home-manager/default.nix +++ b/hosts/common/configs/user/console/home-manager/default.nix @@ -26,7 +26,6 @@ experimental-features download-buffer-size substituters - trusted-substituters trusted-public-keys netrc-file ; diff --git a/hosts/common/configs/user/console/nix/default.nix b/hosts/common/configs/user/console/nix/default.nix index 83a4fae..f97e4e4 100644 --- a/hosts/common/configs/user/console/nix/default.nix +++ b/hosts/common/configs/user/console/nix/default.nix @@ -4,7 +4,10 @@ environment.persistence."/persist/cache"."${home}/.cache/nix" = { }; home-manager.users.${user} = { - home.packages = with pkgs; [ nurl ]; + home.packages = with pkgs; [ + nix-fast-build + nurl + ]; programs.zsh.shellAliases = { nrs = "sudo nixos-rebuild switch --flake .#$(hostname) --show-trace"; diff --git a/hosts/jupiter/users/storm/configs/console/podman/attic/default.nix b/hosts/jupiter/users/storm/configs/console/podman/attic/default.nix index b6d0da0..846176f 100644 --- a/hosts/jupiter/users/storm/configs/console/podman/attic/default.nix +++ b/hosts/jupiter/users/storm/configs/console/podman/attic/default.nix @@ -83,10 +83,19 @@ in networks.attic.ref networks.traefik.ref ]; - volumes = [ - "/mnt/storage/private/storm/containers/storage/volumes/attic/_data:/var/lib/attic" - "${hmConfig.sops.templates.attic-server.path}:/etc/attic/server.toml" - ]; + volumes = + let + postStart = pkgs.writeTextFile { + name = "post-start.sh"; + executable = true; + text = builtins.readFile ./post-start.sh; + }; + in + [ + "/mnt/storage/private/storm/containers/storage/volumes/attic/_data:/var/lib/attic" + "${hmConfig.sops.templates.attic-server.path}:/etc/attic/server.toml:ro" + "${postStart}:/etc/attic/post-start.sh:ro" + ]; environmentFiles = [ hmConfig.sops.templates.attic-env.path ]; exec = [ "--config" diff --git a/hosts/jupiter/users/storm/configs/console/podman/attic/post-start.sh b/hosts/jupiter/users/storm/configs/console/podman/attic/post-start.sh index a43b248..169cdaa 100644 --- a/hosts/jupiter/users/storm/configs/console/podman/attic/post-start.sh +++ b/hosts/jupiter/users/storm/configs/console/podman/attic/post-start.sh @@ -5,8 +5,10 @@ attic login main https://nix.karaolidis.com/ "$ATTIC_TOKEN" CACHE_NAME="main" while true; do + set +o errexit out=$(attic cache info "$CACHE_NAME" 2>&1) status=$? + set -o errexit if [ $status -eq 0 ]; then break diff --git a/hosts/jupiter/users/storm/configs/console/podman/media/jellyseerr/default.nix b/hosts/jupiter/users/storm/configs/console/podman/media/jellyseerr/default.nix index dc326bf..5514c77 100644 --- a/hosts/jupiter/users/storm/configs/console/podman/media/jellyseerr/default.nix +++ b/hosts/jupiter/users/storm/configs/console/podman/media/jellyseerr/default.nix @@ -118,12 +118,6 @@ in client_secret = hmConfig.sops.placeholder."jellyseerr/authelia/digest"; redirect_uris = [ "https://request.karaolidis.com/login?provider=authelia&callback=true" ]; authorization_policy = "jellyseerr"; - scopes = [ - "openid" - "email" - "profile" - "groups" - ]; token_endpoint_auth_method = "client_secret_post"; } ]; diff --git a/hosts/jupiter/users/storm/configs/console/podman/traefik/default.nix b/hosts/jupiter/users/storm/configs/console/podman/traefik/default.nix index 22ceac5..4d8ccb3 100644 --- a/hosts/jupiter/users/storm/configs/console/podman/traefik/default.nix +++ b/hosts/jupiter/users/storm/configs/console/podman/traefik/default.nix @@ -81,6 +81,7 @@ in "--entrypoints.https.http.tls.domains[1].sans=*.krlds.com" "--entryPoints.https.http3" "--entrypoints.https.http.middlewares=compress@docker,security-headers@docker" + "--entrypoints.https.transport.respondingTimeouts.readTimeout=0s" "--certificatesresolvers.letsencrypt.acme.dnschallenge=true" "--certificatesresolvers.letsencrypt.acme.dnschallenge.provider=cloudflare" diff --git a/overlays/packages.nix b/overlays/packages.nix new file mode 100644 index 0000000..7cac113 --- /dev/null +++ b/overlays/packages.nix @@ -0,0 +1,13 @@ +{ pkgs, ... }: +{ + inherit (pkgs) + android-tools + attic-client + darktable + hyprland + mpv + spicetify-cli + tea + telepresence + ; +} diff --git a/packages/docker/jellyseerr/default.nix b/packages/docker/jellyseerr/default.nix index 17cdfe8..492972e 100644 --- a/packages/docker/jellyseerr/default.nix +++ b/packages/docker/jellyseerr/default.nix @@ -15,7 +15,7 @@ let owner = "Fallenbagel"; repo = "jellyseerr"; tag = "preview-OIDC"; - hash = "sha256-iBnO0WjNqvXfuJMoS6z/NmYgtW5FQ9Ptp9uV5rODIf8="; + hash = "sha256-EJz1W7ewEczizNRs/X3esjQUwJiTHruo7nkAzyKZbjc="; }; in { @@ -24,7 +24,7 @@ let inherit src; inherit (oldAttrs) pname version; fetcherVersion = 2; - hash = "sha256-Ek2z1KIel3egwZ9dGU7rJQEyhukmXw5chsfvI2w8v28="; + hash = "sha256-0CwHkxG3SOSd+xozONnAi7Mr0y+lXdxwJk8mRZf8Bhs="; }; } ); diff --git a/submodules/lib b/submodules/lib index ac85b6f..be7b39f 160000 --- a/submodules/lib +++ b/submodules/lib @@ -1 +1 @@ -Subproject commit ac85b6f608ed88d424621ec30f3848d621383487 +Subproject commit be7b39f41a1137a68944fc73db5a24544e015eb6 diff --git a/submodules/sas b/submodules/sas index b01f3f8..3d06998 160000 --- a/submodules/sas +++ b/submodules/sas @@ -1 +1 @@ -Subproject commit b01f3f8456903cb1bde9637cc23b456b47354138 +Subproject commit 3d069983345ea83549c641dd3f8875e54aaf1c2b diff --git a/submodules/secrets b/submodules/secrets index adac63f..8ae051a 160000 --- a/submodules/secrets +++ b/submodules/secrets @@ -1 +1 @@ -Subproject commit adac63f6daffb4e14ce0fb94e93eb987e2460064 +Subproject commit 8ae051ad0936cb8fbf10b3ab2130f09a07ca1ce6